copy_ephemeral,
finalize_credentials,
finalize_kernel_command_line_extra,
+ finalize_register,
join_initrds,
run_qemu,
run_ssh,
for k, v in finalize_credentials(config).items():
cmdline += [f"--set-credential={k}:{v}"]
- cmdline += ["--register", yes_no(config.register)]
+ cmdline += ["--register", yes_no(finalize_register(config))]
with contextlib.ExitStack() as stack:
# Make sure the latest nspawn settings are always used.
ephemeral: bool
credentials: dict[str, str]
kernel_command_line_extra: list[str]
- register: bool
+ register: ConfigFeature
runtime_trees: list[ConfigTree]
runtime_size: Optional[int]
runtime_scratch: ConfigFeature
dest="register",
metavar="BOOL",
section="Runtime",
- parse=config_parse_boolean,
- default=True,
+ parse=config_parse_feature,
+ default=ConfigFeature.auto,
help="Register booted vm/container with systemd-machined",
),
]
SSH Certificate: {none_to_none(config.ssh_certificate)}
Machine: {config.machine_or_name()}
Forward Journal: {none_to_none(config.forward_journal)}
- Register guest with machined: {yes_no(config.register)}
+ Register guest with machined: {config.register}
Virtual Machine Monitor: {config.vmm}
Console: {config.console}
] # fmt: skip
+def machine1_is_available(config: Config) -> bool:
+ if "DBUS_SYSTEM_ADDRESS" not in os.environ and not Path("/run/dbus/system_bus_socket").is_socket():
+ return False
+
+ services = json.loads(
+ run(
+ ["busctl", "list", "--json=pretty"],
+ foreground=False,
+ env=os.environ | config.environment,
+ sandbox=config.sandbox(relaxed=True),
+ stdout=subprocess.PIPE,
+ stderr=sys.stderr,
+ ).stdout.strip()
+ )
+
+ return any(service.name == "org.freedesktop.machine1" for service in services)
+
+
+def finalize_register(config: Config) -> bool:
+ if config.register == ConfigFeature.disabled:
+ return False
+
+ if os.getuid() == 0 and (
+ Path("/run/systemd/machine/io.systemd.Machine").is_socket() or machine1_is_available(config)
+ ):
+ return True
+
+ if config.register == ConfigFeature.enabled:
+ if os.getuid() != 0:
+ die("Container registration requires root privileges")
+ else:
+ die(
+ "Container registration was requested but systemd-machined is not available",
+ hint="Is the systemd-container package installed?",
+ )
+
+ return False
+
+
def register_machine(config: Config, pid: int, fname: Path, cid: Optional[int]) -> None:
- if not config.register or os.getuid() != 0:
+ if not finalize_register(config):
return
if (p := Path("/run/systemd/machine/io.systemd.Machine")).is_socket():
stdout=subprocess.DEVNULL,
stderr=sys.stderr,
)
- elif "DBUS_SYSTEM_ADDRESS" in os.environ or Path("/run/dbus/system_bus_socket").is_socket():
+ else:
run(
[
"busctl",
of the same image.
`Register=`, `--register=`
-: Takes a boolean value. Enabled by default. Specifies whether to register
- the vm/container with systemd-machined.
+: Takes a boolean value or `auto`. Specifies whether to register the
+ vm/container with systemd-machined. If enabled, mkosi will fail if
+ it can't register the vm/container with systemd-machined. If
+ disabled, mkosi will not register the vm/container with
+ systemd-machined. If `auto`, mkosi will register the vm/container
+ with systemd-machined if it is available. Defaults to `auto`.
`ForwardJournal=`, `--forward-journal=`
: Specify the path to which journal logs from containers and virtual
finalize_credentials,
finalize_firmware,
finalize_kernel_command_line_extra,
+ finalize_register,
)
from mkosi.run import run
from mkosi.types import PathString
"--vsock", config.vsock.to_tristate(),
"--tpm", config.tpm.to_tristate(),
"--secure-boot", yes_no(config.secure_boot),
- "--register", yes_no(config.register),
+ "--register", yes_no(finalize_register(config)),
"--console", str(config.console),
] # fmt: skip
"ProxyUrl": "https://my/proxy",
"QemuArgs": [],
"RAM": 123,
- "Register": true,
+ "Register": "enabled",
"Release": "53",
"Removable": false,
"RemoveFiles": [],
proxy_url="https://my/proxy",
qemu_args=[],
ram=123,
- register=True,
+ register=ConfigFeature.enabled,
release="53",
removable=False,
remove_files=[],
projects / thirdparty / mkosi.git / commitdiff
