mkosi.images/build/mkosi.conf.d/centos-fedora/mkosi.build.chroot


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116

#!/bin/bash
# SPDX-License-Identifier: LGPL-2.1-or-later
set -e

. mkosi.functions

if [[ ! -f "pkg/$PKG_SUBDIR/systemd.spec" ]]; then
    echo "spec not found at pkg/$PKG_SUBDIR/systemd.spec, run mkosi once with -ff to make sure the spec is cloned" >&2
    exit 1
fi

if [[ -d .git/ ]] && [[ -z "$(git status --porcelain)" ]]; then
    TS="$(git show --no-patch --format=%ct HEAD)"
else
    TS="${SOURCE_DATE_EPOCH:-$(date +%s)}"
fi

if [[ "$(rpm --eval "%{lua:print(rpm.vercmp('$(rpm --version | cut -d ' ' -f3)', '4.19.91'))}")" == "-1" ]]; then
    # Fix the %install override so debuginfo packages are generated even when --build-in-place is used.
    # See https://github.com/rpm-software-management/rpm/issues/3042.
    tee --append /usr/lib/rpm/redhat/macros <<'EOF'
%install %{?_enable_debug_packages:%{debug_package}}\
%%install\
%{nil}
EOF
fi

VERSION="$(cat meson.version)"
RELEASE="$(date "+%Y%m%d%H%M%S" --date "@$TS")"

COMMON_MACRO_OVERRIDES=(
    --define "toolchain $( ((LLVM)) && echo clang || echo gcc)"
    --define "_fortify_level 0"
    --undefine _lto_cflags
    # TODO: Remove once redhat-rpm-config 292 is available everywhere.
    --define "_hardening_clang_cflags --config=/usr/lib/rpm/redhat/redhat-hardened-clang.cfg"
    --define "_hardening_clang_ldflags --config=/usr/lib/rpm/redhat/redhat-hardened-clang-ld.cfg"
)

# TODO: Drop -U_FORTIFY_SOURCE when we switch to CentOS Stream 10.
MKOSI_CFLAGS="-O0 -Wp,-U_FORTIFY_SOURCE"
if ((WITH_DEBUG)); then
    MKOSI_CFLAGS="$MKOSI_CFLAGS -fdebug-prefix-map=../src=/usr/src/debug/systemd"
fi
if ((LLVM)); then
    # TODO: Remove -fno-sanitize-function when https://github.com/systemd/systemd/issues/29972 is fixed.
    MKOSI_CFLAGS="$MKOSI_CFLAGS -shared-libasan -fno-sanitize=function"
fi

MKOSI_LDFLAGS=""
if ((LLVM)) && [[ -n "$SANITIZERS" ]]; then
    MKOSI_LDFLAGS="$MKOSI_LDFLAGS -Wl,-rpath=$(realpath "$(clang --print-runtime-dir)")"
fi

MKOSI_MESON_OPTIONS="-D mode=developer -D b_sanitize=${SANITIZERS:-none}"
if ((WIPE)) && [[ -d "$BUILDDIR/meson-private" ]]; then
    MKOSI_MESON_OPTIONS="$MKOSI_MESON_OPTIONS --wipe"
fi

IFS=
# TODO: Replace meson_build and meson_install overrides with "--undefine __meson_verbose" once
# https://github.com/mesonbuild/meson/pull/12835 is available.
# shellcheck disable=SC2046
env \
--unset=CFLAGS \
--unset=CXXFLAGS \
--unset=LDFLAGS \
ANNOBIN="no-active-checks" \
CC_LD="$( ((LLVM)) && echo lld)" \
CXX_LD="$( ((LLVM)) && echo lld)" \
    rpmbuild \
    -bb \
    --build-in-place \
    --with upstream \
    $( ((WITH_TESTS)) || echo "--nocheck") \
    $( ((WITH_DOCS))  || echo "--without=docs") \
    --define "_topdir /var/tmp" \
    --define "_sourcedir pkg/$PKG_SUBDIR" \
    --define "_rpmdir $OUTPUTDIR" \
    ${BUILDDIR:+"--define=_vpath_builddir $BUILDDIR"} \
    --define "_build_name_fmt %%{NAME}-%%{VERSION}-%%{RELEASE}.%%{ARCH}.rpm" \
    --define "_binary_payload w.ufdio" \
    $( ((WITH_DEBUG)) || echo "--define=debug_package %{nil}") \
    --define "version_override $VERSION" \
    --define "release_override $RELEASE" \
    "${COMMON_MACRO_OVERRIDES[@]}" \
    --define "build_cflags $(rpm "${COMMON_MACRO_OVERRIDES[@]}" --eval "%{?build_cflags}") $MKOSI_CFLAGS $CFLAGS" \
    --define "build_cxxflags $(rpm "${COMMON_MACRO_OVERRIDES[@]}" --eval "%{?build_cxxflags}") $MKOSI_CFLAGS $CFLAGS" \
    --define "build_ldflags $(rpm "${COMMON_MACRO_OVERRIDES[@]}" --eval "%{?build_ldflags}") $MKOSI_LDFLAGS $LDFLAGS" \
    --define "meson_build %{shrink:%{__meson} compile -C %{_vpath_builddir} -j %{_smp_build_ncpus} $( ((MESON_VERBOSE)) && echo --verbose) %{nil}}" \
    --define "meson_install %{shrink:DESTDIR=%{buildroot} %{__meson} install -C %{_vpath_builddir} --no-rebuild --quiet %{nil}}" \
    --define "meson_extra_configure_options $MKOSI_MESON_OPTIONS $MESON_OPTIONS" \
    $( ((WITH_DEBUG)) || echo "--define=__brp_strip %{nil}") \
    --define "__brp_compress %{nil}" \
    --define "__brp_mangle_shebangs %{nil}" \
    --define "__brp_strip_comment_note %{nil}" \
    --define "__brp_strip_static_archive %{nil}" \
    --define "__brp_check_rpaths %{nil}" \
    --define "__elf_exclude_path ^/usr/lib/systemd/tests/unit-tests/.*$" \
    --define "__script_requires %{nil}" \
    --define "_find_debuginfo_opts --unique-debug-src-base \"%{name}\"" \
    --define "_find_debuginfo_dwz_opts %{nil}" \
    --define "_fixperms true" \
    --undefine _package_note_flags \
    --noclean \
    "pkg/$PKG_SUBDIR/systemd.spec"

(
    shopt -s nullglob
    rm -f "$BUILDDIR"/*.rpm
)

cp "$OUTPUTDIR"/*.rpm "$PACKAGEDIR"
cp "$OUTPUTDIR"/*.rpm "$BUILDDIR"

make_sysext_unsigned /var/tmp/BUILD/*/BUILDROOT