diff options
Diffstat (limited to 'mkosi.images/system/mkosi.extra/usr')
13 files changed, 73 insertions, 60 deletions
diff --git a/mkosi.images/system/mkosi.extra/usr/lib/repart.d/15-swap.conf b/mkosi.images/system/mkosi.extra/usr/lib/repart.d/15-swap.conf deleted file mode 100644 index 3755278..0000000 --- a/mkosi.images/system/mkosi.extra/usr/lib/repart.d/15-swap.conf +++ /dev/null @@ -1,6 +0,0 @@ -# SPDX-License-Identifier: LGPL-2.1-or-later - -[Partition] -Type=swap -SizeMinBytes=100M -SizeMaxBytes=100M diff --git a/mkosi.images/system/mkosi.extra/usr/lib/repart.d/20-root.conf b/mkosi.images/system/mkosi.extra/usr/lib/repart.d/20-root.conf deleted file mode 100644 index 71eb9e3..0000000 --- a/mkosi.images/system/mkosi.extra/usr/lib/repart.d/20-root.conf +++ /dev/null @@ -1,8 +0,0 @@ -# SPDX-License-Identifier: LGPL-2.1-or-later - -[Partition] -Type=root -Format=btrfs -SizeMinBytes=1G -Subvolumes=/home /var -MakeDirectories=/home /var diff --git a/mkosi.images/system/mkosi.extra/usr/lib/systemd/journald.conf.d/50-persistent.conf b/mkosi.images/system/mkosi.extra/usr/lib/systemd/journald.conf.d/50-persistent.conf deleted file mode 100644 index 2f95329..0000000 --- a/mkosi.images/system/mkosi.extra/usr/lib/systemd/journald.conf.d/50-persistent.conf +++ /dev/null @@ -1,8 +0,0 @@ -# SPDX-License-Identifier: LGPL-2.1-or-later - -# We only ship /usr in the image so /var/log/journal won't exist on boot which means systemd-journald won't -# persist any logs as the default Storage= setting is "auto". We can't create /var/log/journal using tmpfiles -# as systemd-journal-flush.service runs before systemd-tmpfiles-setup.service so instead we explicitly set -# Storage= to persistent to have systemd-journald create /var/log/journal itself. -[Journal] -Storage=persistent diff --git a/mkosi.images/system/mkosi.extra/usr/lib/systemd/journald.conf.d/ratelimit.conf b/mkosi.images/system/mkosi.extra/usr/lib/systemd/journald.conf.d/ratelimit.conf new file mode 100644 index 0000000..3baede4 --- /dev/null +++ b/mkosi.images/system/mkosi.extra/usr/lib/systemd/journald.conf.d/ratelimit.conf @@ -0,0 +1,5 @@ +# SPDX-License-Identifier: LGPL-2.1-or-later + +[Journal] +RateLimitIntervalSec=0 +RateLimitBurst=0 diff --git a/mkosi.images/system/mkosi.extra/usr/lib/systemd/mkosi-check-and-shutdown.sh b/mkosi.images/system/mkosi.extra/usr/lib/systemd/mkosi-check-and-shutdown.sh deleted file mode 100755 index 9bb2462..0000000 --- a/mkosi.images/system/mkosi.extra/usr/lib/systemd/mkosi-check-and-shutdown.sh +++ /dev/null @@ -1,19 +0,0 @@ -#!/bin/bash -eux -# SPDX-License-Identifier: LGPL-2.1-or-later - -# TODO: Figure out why this is failing -systemctl reset-failed systemd-vconsole-setup.service - -systemctl --failed --no-legend | tee /failed-services - -# Check that secure boot keys were properly enrolled. -if ! systemd-detect-virt --container; then - cmp /sys/firmware/efi/efivars/SecureBoot-8be4df61-93ca-11d2-aa0d-00e098032b8c <(printf '\6\0\0\0\1') - cmp /sys/firmware/efi/efivars/SetupMode-8be4df61-93ca-11d2-aa0d-00e098032b8c <(printf '\6\0\0\0\0') - # TODO: Figure out why this is failing - # grep -q this_should_be_here /proc/cmdline - # grep -q this_should_not_be_here /proc/cmdline && exit 1 -fi - -# Exit with non-zero EC if the /failed-services file is not empty (we have -e set) -[[ ! -s /failed-services ]] diff --git a/mkosi.images/system/mkosi.extra/usr/lib/systemd/system-preset/00-mkosi.preset b/mkosi.images/system/mkosi.extra/usr/lib/systemd/system-preset/00-mkosi.preset new file mode 100644 index 0000000..c364058 --- /dev/null +++ b/mkosi.images/system/mkosi.extra/usr/lib/systemd/system-preset/00-mkosi.preset @@ -0,0 +1,41 @@ +# SPDX-License-Identifier: LGPL-2.1-or-later + +# mkosi adds its own ssh units via the --ssh switch so disable the default ones. +disable ssh.service +disable sshd.service + +# These are started manually in integration tests so don't start them by default. +disable dnsmasq.service +disable isc-dhcp-server.service +disable isc-dhcp-server6.service + +# Pulled in via dracut-network by kexec-tools on Fedora. +disable NetworkManager* + +# Make sure dbus-broker is started by default on Debian/Ubuntu. +enable dbus-broker.service + +# systemd-networkd is disabled by default on Fedora so make sure it is enabled. +enable systemd-networkd.service +enable systemd-networkd-wait-online.service + +# systemd-resolved is disable by default on CentOS so make sure it is enabled. +enable systemd-resolved.service + +# We install dnf in some images but it's only going to be used rarely, +# so let's not have dnf create its cache. +disable dnf-makecache.* + +# We have journald to receive audit data so let's make sure we're not running auditd as well +disable auditd.service + +# systemd-timesyncd is not enabled by default in the default systemd preset so enable it here instead. +enable systemd-timesyncd.service + +# Skipped if selinux is not enabled, required for TEST-06-SELINUX. +enable autorelabel.service + +# Enabled by default on OpenSUSE and not conditioned out in containers, so let's disable these here instead. +disable iscsi.service +disable iscsid.socket +disable iscsiuio.socket diff --git a/mkosi.images/system/mkosi.extra/usr/lib/systemd/system-preset/99-mkosi.preset b/mkosi.images/system/mkosi.extra/usr/lib/systemd/system-preset/99-mkosi.preset new file mode 100644 index 0000000..710ee7c --- /dev/null +++ b/mkosi.images/system/mkosi.extra/usr/lib/systemd/system-preset/99-mkosi.preset @@ -0,0 +1,4 @@ +# SPDX-License-Identifier: LGPL-2.1-or-later + +# Make sure that services are disabled by default (primarily for Debian/Ubuntu). +disable * diff --git a/mkosi.images/system/mkosi.extra/usr/lib/systemd/system/iscsi-init.service.d/asan.conf b/mkosi.images/system/mkosi.extra/usr/lib/systemd/system/iscsi-init.service.d/asan.conf new file mode 100644 index 0000000..ebf7899 --- /dev/null +++ b/mkosi.images/system/mkosi.extra/usr/lib/systemd/system/iscsi-init.service.d/asan.conf @@ -0,0 +1,7 @@ +# SPDX-License-Identifier: LGPL-2.1-or-later + +# The iscsi-init.service calls `sh` which might, in certain circumstances, pull in instrumented systemd NSS +# modules causing `sh` to fail. Avoid the issue by setting LD_PRELOAD to load the sanitizer libraries if +# needed. +[Service] +EnvironmentFile=-/usr/lib/systemd/systemd-asan-env diff --git a/mkosi.images/system/mkosi.extra/usr/lib/systemd/system/mkosi-check-and-shutdown.service b/mkosi.images/system/mkosi.extra/usr/lib/systemd/system/mkosi-check-and-shutdown.service deleted file mode 100644 index 7942cbf..0000000 --- a/mkosi.images/system/mkosi.extra/usr/lib/systemd/system/mkosi-check-and-shutdown.service +++ /dev/null @@ -1,15 +0,0 @@ -# SPDX-License-Identifier: LGPL-2.1-or-later -[Unit] -Description=Check if any service failed and then shutdown the machine -After=multi-user.target network-online.target -Requires=multi-user.target -Wants=systemd-resolved.service systemd-networkd.service network-online.target -SuccessAction=exit -FailureAction=exit -# On success, exit with 123 so that we can check that we receive the actual exit code from the script on the -# host. -SuccessActionExitStatus=123 - -[Service] -Type=oneshot -ExecStart=/usr/lib/systemd/mkosi-check-and-shutdown.sh diff --git a/mkosi.images/system/mkosi.extra/usr/lib/tmpfiles.d/99-mkosi.conf b/mkosi.images/system/mkosi.extra/usr/lib/systemd/system/user@.service.d/99-SYSTEMD_UNIT_PATH.conf index dac79ba..d0093b7 100644 --- a/mkosi.images/system/mkosi.extra/usr/lib/tmpfiles.d/99-mkosi.conf +++ b/mkosi.images/system/mkosi.extra/usr/lib/systemd/system/user@.service.d/99-SYSTEMD_UNIT_PATH.conf @@ -1,3 +1,4 @@ # SPDX-License-Identifier: LGPL-2.1-or-later -C+! /etc - - - - /usr/share/factory/mkosi +[Service] +PassEnvironment=SYSTEMD_UNIT_PATH diff --git a/mkosi.images/system/mkosi.extra/usr/lib/tmpfiles.d/locale.conf b/mkosi.images/system/mkosi.extra/usr/lib/tmpfiles.d/locale.conf new file mode 100644 index 0000000..e1a8e81 --- /dev/null +++ b/mkosi.images/system/mkosi.extra/usr/lib/tmpfiles.d/locale.conf @@ -0,0 +1 @@ +L /etc/default/locale - - - - ../locale.conf diff --git a/mkosi.images/system/mkosi.extra/usr/share/dbus-1/system.d/systemd.test.ExecStopPost.conf b/mkosi.images/system/mkosi.extra/usr/share/dbus-1/system.d/systemd.test.ExecStopPost.conf new file mode 100644 index 0000000..ddd36ed --- /dev/null +++ b/mkosi.images/system/mkosi.extra/usr/share/dbus-1/system.d/systemd.test.ExecStopPost.conf @@ -0,0 +1,13 @@ +<?xml version="1.0"?> +<!DOCTYPE busconfig PUBLIC "-//freedesktop//DTD D-BUS Bus Configuration 1.0//EN" + "http://www.freedesktop.org/standards/dbus/1.0/busconfig.dtd"> + +<!-- + SPDX-License-Identifier: LGPL-2.1-or-later +--> + +<busconfig> + <policy user="root"> + <allow own="systemd.test.ExecStopPost"/> + </policy> +</busconfig> diff --git a/mkosi.images/system/mkosi.extra/usr/share/factory/mkosi/gdbinit.d/systemd.gdb b/mkosi.images/system/mkosi.extra/usr/share/factory/mkosi/gdbinit.d/systemd.gdb deleted file mode 100644 index 26f882b..0000000 --- a/mkosi.images/system/mkosi.extra/usr/share/factory/mkosi/gdbinit.d/systemd.gdb +++ /dev/null @@ -1,3 +0,0 @@ -set debuginfod enabled off -set build-id-verbose 0 -set substitute-path ../src /root/src/systemd |