From e31cc1efd724903b9cfeca5c070978113586ed28 Mon Sep 17 00:00:00 2001 From: Daniel Baumann Date: Mon, 16 Sep 2024 20:08:41 +0200 Subject: Adding upstream version 256.1. Signed-off-by: Daniel Baumann --- .../system/mkosi.conf.d/10-debian-ubuntu/mkosi.conf | 3 --- .../mkosi.conf.d/10-debian-ubuntu/mkosi.conf.d/efi.conf | 16 ++++++++++++++++ mkosi.images/system/mkosi.conf.d/10-ubuntu/mkosi.conf | 3 --- .../mkosi.conf.d/10-ubuntu/mkosi.conf.d/non-x86.conf | 10 ++++++++++ .../system/mkosi.conf.d/10-ubuntu/mkosi.conf.d/x86.conf | 10 ++++++++++ .../mkosi.conf.d/10-ubuntu/noble-backports-ports.sources | 6 ++++++ .../usr/lib/sysctl.d/99-apparmor-unpriv-userns.conf | 4 ++++ 7 files changed, 46 insertions(+), 6 deletions(-) create mode 100644 mkosi.images/system/mkosi.conf.d/10-debian-ubuntu/mkosi.conf.d/efi.conf create mode 100644 mkosi.images/system/mkosi.conf.d/10-ubuntu/mkosi.conf.d/non-x86.conf create mode 100644 mkosi.images/system/mkosi.conf.d/10-ubuntu/mkosi.conf.d/x86.conf create mode 100644 mkosi.images/system/mkosi.conf.d/10-ubuntu/noble-backports-ports.sources create mode 100644 mkosi.images/system/mkosi.extra/usr/lib/sysctl.d/99-apparmor-unpriv-userns.conf (limited to 'mkosi.images/system') diff --git a/mkosi.images/system/mkosi.conf.d/10-debian-ubuntu/mkosi.conf b/mkosi.images/system/mkosi.conf.d/10-debian-ubuntu/mkosi.conf index ae014fa..ecac780 100644 --- a/mkosi.images/system/mkosi.conf.d/10-debian-ubuntu/mkosi.conf +++ b/mkosi.images/system/mkosi.conf.d/10-debian-ubuntu/mkosi.conf @@ -20,8 +20,6 @@ VolatilePackages= libsystemd-dev libudev-dev systemd - systemd-boot - systemd-boot-efi systemd-container systemd-coredump systemd-dev @@ -74,7 +72,6 @@ Packages= python3-pexpect python3-psutil quota - sbsigntool softhsm2 squashfs-tools stress diff --git a/mkosi.images/system/mkosi.conf.d/10-debian-ubuntu/mkosi.conf.d/efi.conf b/mkosi.images/system/mkosi.conf.d/10-debian-ubuntu/mkosi.conf.d/efi.conf new file mode 100644 index 0000000..781670a --- /dev/null +++ b/mkosi.images/system/mkosi.conf.d/10-debian-ubuntu/mkosi.conf.d/efi.conf @@ -0,0 +1,16 @@ +# SPDX-License-Identifier: LGPL-2.1-or-later +# sbsigntool exists only on UEFI architectures + +[Match] +Architecture=|x86 +Architecture=|x86-64 +Architecture=|arm +Architecture=|arm64 +Architecture=|riscv32 +Architecture=|riscv64 + +[Content] +Packages= + sbsigntool + systemd-boot + systemd-boot-efi diff --git a/mkosi.images/system/mkosi.conf.d/10-ubuntu/mkosi.conf b/mkosi.images/system/mkosi.conf.d/10-ubuntu/mkosi.conf index 25957b1..86f9736 100644 --- a/mkosi.images/system/mkosi.conf.d/10-ubuntu/mkosi.conf +++ b/mkosi.images/system/mkosi.conf.d/10-ubuntu/mkosi.conf @@ -3,9 +3,6 @@ [Match] Distribution=ubuntu -[Distribution] -PackageManagerTrees=noble-backports.sources:/etc/apt/sources.list.d/noble-backports.sources - [Content] Packages= linux-image-generic diff --git a/mkosi.images/system/mkosi.conf.d/10-ubuntu/mkosi.conf.d/non-x86.conf b/mkosi.images/system/mkosi.conf.d/10-ubuntu/mkosi.conf.d/non-x86.conf new file mode 100644 index 0000000..582f038 --- /dev/null +++ b/mkosi.images/system/mkosi.conf.d/10-ubuntu/mkosi.conf.d/non-x86.conf @@ -0,0 +1,10 @@ +# SPDX-License-Identifier: LGPL-2.1-or-later +# The ports Ubuntu archive is for non i386/amd64 repositories + +[Match] +Architecture=!x86-64 +Architecture=!x86 +Release=noble + +[Distribution] +PackageManagerTrees=noble-backports-ports.sources:/etc/apt/sources.list.d/noble-backports-ports.sources diff --git a/mkosi.images/system/mkosi.conf.d/10-ubuntu/mkosi.conf.d/x86.conf b/mkosi.images/system/mkosi.conf.d/10-ubuntu/mkosi.conf.d/x86.conf new file mode 100644 index 0000000..7347be9 --- /dev/null +++ b/mkosi.images/system/mkosi.conf.d/10-ubuntu/mkosi.conf.d/x86.conf @@ -0,0 +1,10 @@ +# SPDX-License-Identifier: LGPL-2.1-or-later +# The main Ubuntu archive is only for i386/amd64 repositories + +[Match] +Architecture=|x86-64 +Architecture=|x86 +Release=noble + +[Distribution] +PackageManagerTrees=noble-backports.sources:/etc/apt/sources.list.d/noble-backports.sources diff --git a/mkosi.images/system/mkosi.conf.d/10-ubuntu/noble-backports-ports.sources b/mkosi.images/system/mkosi.conf.d/10-ubuntu/noble-backports-ports.sources new file mode 100644 index 0000000..5b96dc5 --- /dev/null +++ b/mkosi.images/system/mkosi.conf.d/10-ubuntu/noble-backports-ports.sources @@ -0,0 +1,6 @@ +# SPDX-License-Identifier: LGPL-2.1-or-later +Types: deb +URIs: http://ports.ubuntu.com +Suites: noble-backports +Components: main universe +Signed-By: /usr/share/keyrings/ubuntu-archive-keyring.gpg diff --git a/mkosi.images/system/mkosi.extra/usr/lib/sysctl.d/99-apparmor-unpriv-userns.conf b/mkosi.images/system/mkosi.extra/usr/lib/sysctl.d/99-apparmor-unpriv-userns.conf new file mode 100644 index 0000000..657ac72 --- /dev/null +++ b/mkosi.images/system/mkosi.extra/usr/lib/sysctl.d/99-apparmor-unpriv-userns.conf @@ -0,0 +1,4 @@ +# Ubuntu since Noble disables unprivileged user namespaces by default, re-enable them as they are needed +# for integration tests +kernel.apparmor_restrict_unprivileged_unconfined = 0 +kernel.apparmor_restrict_unprivileged_userns = 0 -- cgit v1.2.3