]>
git.ipfire.org Git - thirdparty/systemd.git/blob - mkosi.images/base/mkosi.build.chroot
2 # SPDX-License-Identifier: LGPL-2.1-or-later
5 # This is a build script for OS image generation using mkosi (https://github.com/systemd/mkosi).
6 # Simply invoke "mkosi" in the project directory to build an OS image.
8 # We don't want to install our build of systemd in the base image, but use it as an extra tree for the
9 # initrd and system images, so override DESTDIR to store it in the output directory so we can reference it as
10 # an extra tree in the initrd and system image builds.
11 DESTDIR
="$OUTPUTDIR/systemd"
13 # If mkosi.builddir/ exists mkosi will set $BUILDDIR to it, let's then use it
14 # as out-of-tree build dir. Otherwise, let's make up our own builddir.
15 [ -z "$BUILDDIR" ] && BUILDDIR
="$PWD"/build
17 # Let's make sure we're using stuff from the build directory first if available there.
18 PATH
="$BUILDDIR:$PATH"
21 # The bpftool script shipped by Ubuntu tries to find the actual program to run via querying `uname -r` and
22 # using the current kernel version. This obviously doesn't work in containers. As a workaround, we override
23 # the ubuntu script with a symlink to the first bpftool program we can find.
24 for bpftool
in /usr
/lib
/linux-tools
/*/bpftool
; do
25 [ -x "$bpftool" ] ||
continue
26 ln -sf "$bpftool" "$BUILDDIR"/bpftool
30 # CentOS Stream 8 includes bpftool 4.18.0 which is lower than what we need. However, they've backported the
31 # specific feature we need ("gen skeleton") to this version, so we replace bpftool with a script that reports
32 # version 5.6.0 to satisfy meson which makes bpf work on CentOS Stream 8 as well.
34 if [ "$ID" = "centos" ] && [ "$VERSION" = "8" ]; then
35 cat >"$BUILDDIR"/bpftool
<<EOF
37 if [ "\$1" = --version ]; then
40 exec /usr/sbin/bpftool \$@
43 chmod +x
"$BUILDDIR"/bpftool
46 if [ ! -f "$BUILDDIR"/build.ninja
]; then
47 [[ -d /etc
/rc.d
/init.d
]] && sysvinit_path
="/etc/rc.d/init.d" || sysvinit_path
="/etc/init.d"
49 if [ "$ID" = "centos" ] && [ "$VERSION" = "8" ]; then
55 # On Debian 'loadkeys us' fails
56 if [ "$ID" = "debian" ] ||
[ "$ID_LIKE" = "debian" ]; then
63 -D sysvinit-path
="$sysvinit_path"
66 -D version-tag
="${VERSION_TAG}"
68 -D b_sanitize
="${SANITIZERS:-none}"
71 -D slow-tests
="${SLOW_TESTS:-false}"
72 -D create-log-dirs
=false
73 -D pamconfdir
=/usr
/lib
/pam.d
/
99 -D nss-myhostname
=true
100 -D nss-mymachines
=enabled
101 -D nss-resolve
=enabled
113 -D xdg-autostart
=true
123 -D microhttpd
=enabled
124 -D libcryptsetup
=enabled
142 -D bootloader
=enabled
143 -D kernel-install
=true
145 -D bpf-framework
=enabled
152 -D first-boot-full-preset
=true
155 -D default-keymap
="$DEFAULT_KEYMAP"
158 # On debian-like systems the library directory is not /usr/lib64 but /usr/lib/<arch-triplet>/.
159 # It is important to use the right one especially for cryptsetup plugins, otherwise they will be
160 # installed in the wrong directory and not be found by cryptsetup. Assume native build.
161 if grep -q -e "ID=debian" -e "ID_LIKE=debian" /usr
/lib
/os-release
&& command -v dpkg
2>/dev
/null
; then
163 -D libdir
="/usr/lib/$(dpkg-architecture -qDEB_HOST_MULTIARCH)"
164 -D pamlibdir
="/usr/lib/$(dpkg-architecture -qDEB_HOST_MULTIARCH)/security"
168 # Set various uids and gids for which Fedora has "soft static" allocations.
169 # Without this, we would get warning about mismatched sysusers.d entries
170 # between the files that we and Fedora's setup package install.
171 if grep -q '^ID=fedora' /usr
/lib
/os-release
; then
190 -Dsystemd-journal-gid=190
191 -Dsystemd-network-uid=192
192 -Dsystemd-resolve-uid=193
196 if grep -q '^ID="opensuse' /usr
/lib
/os-release
; then
202 ( set -x; meson setup
"$BUILDDIR" "$SRCDIR" "${CONFIGURE_OPTS[@]}" )
205 ( set -x; ninja
-C "$BUILDDIR" "$@" )
206 if [ "$WITH_TESTS" = 1 ]; then
207 if [ -n "$SANITIZERS" ]; then
208 export ASAN_OPTIONS
="$MKOSI_ASAN_OPTIONS"
209 export UBSAN_OPTIONS
="$MKOSI_UBSAN_OPTIONS"
215 ( set -x; meson
test -C "$BUILDDIR" --print-errorlogs --timeout-multiplier=$TIMEOUT_MULTIPLIER )
218 ( set -x; meson
install -C "$BUILDDIR" --quiet --no-rebuild --only-changed )
220 # Ensure that side-loaded PE addons are loaded if signed, and ignored if not
221 if [ -d "${DESTDIR}/boot/loader" ]; then
222 addons_dir
="${DESTDIR}/boot/loader/addons"
223 elif [ -d "${DESTDIR}/efi/loader" ]; then
224 addons_dir
="${DESTDIR}/efi/loader/addons"
226 if [ -n "${addons_dir}" ]; then
227 mkdir
-p "${addons_dir}"
228 ukify
--secureboot-private-key mkosi.secure-boot.key
--secureboot-certificate mkosi.secure-boot.crt
--cmdline this_should_be_here
-o "${addons_dir}/good.addon.efi"
229 ukify
--cmdline this_should_not_be_here
-o "${addons_dir}/bad.addon.efi"