Daan De Meyer [Tue, 9 Aug 2022 18:18:12 +0000 (20:18 +0200)]
Always use a distro~release subdirectory for output, cache, builddir
Let's be consistent and always use a distro~release subdirectory for
these directories, instead of only using these when the correct directory
exists in the directory mkosi is invoked from.
Let's have a single mount() function that's a context manager and
build everything else on top of that. To handle the non-fixed amounts
of context managers, we use ExitStack().
Luca Boccassi [Fri, 5 Aug 2022 22:08:14 +0000 (23:08 +0100)]
Fix manifest creation when running on Bionic
Very old dpkg doesn't have the db-fsys:Last-Modified field
so it errors out. Skip creating manifests for sysext when
building on such old distros. Only affects Bionic right now.
Daan De Meyer [Tue, 2 Aug 2022 12:12:37 +0000 (14:12 +0200)]
Add support for mkosi.conf and mkosi.conf.d configuration files/dirs
"default" is a rather unintuitive file extension for a config file.
Let's prefer the more widespread "conf" file extension instead. We'll
now look for mkosi.conf and mkosi.conf.d in addition to the already
supported mkosi.default and mkosi.default.d.
We also rename the --default option to --config.
All mentions of mkosi.default, mkosi.default.d and --default in the
docs have been replaced with their conf counterpart.
Skip setting kernel root cmdline parameter for UsrOnly with ImageID and without verity
When an image is built as a /usr only image and does not use verity, the kernel
command line should (and already does) contain the parameter `mount.usr`. It
should not contain a root parameter since `systemd-repart` and
`systemd-gpt-auto-generator` will take care of generating and mounting the root
partition.
Without this change the root partition label used on the kernel command line
will be invalid.
When running using a build script and the option `--skip-final-phase` is given,
no image is generated causing an issue linking the image. This change skips any
attempts to link the image or print the resulting output size.
action: Download archlinux-keyring from Michel Salim's kernel-utils PPA
Pending availability in Ubuntu itself, let's download the archlinux-keyring
from the kernel-utils PPA maintained by Michel Salim. This means we can
update the Archlinux keyring without having to commit to mkosi itself
which means that users of the action will pick up the keyring updates
automatically.
This can happen just after inserting a partition, probably because
udev starts operating on a device which makes us unable to remove
the partition, let's ignore EBUSY as a workaround until we get a
proper fix
This ensures that argparse treats all values read from configfiles as
explicit arguments associated with their respective keys, rather than
attempting to parse them as options in their options in their own right.
Repeated arguments are valid in a QEMU command line (for example,
setting multiple `-device` flags to attach several devices to the VM),
and removing these duplicate tokens breaks the QEMU invocation.
Only pass arguments to build script when verb is "build"
When we're building the image because it's required for another verb,
any passed arguments are most likely intended for the target verb,
and not for "build", so don't add them in that case.
Pass kernel args to systemd when booting in nspawn
When booting systemd in systemd-nspawn, additional arguments can
be passed to systemd via nspawn's command line. The arguments get
interpreted by systemd in the container as if they were kernel
command line args.
To take advantage of this, let's pass any configured kernel command
line arguments to systemd running in nspawn as well. For example,
this allows using systemd.setenv to set environment variables as
early as possible for both qemu VMs and nspawn containers.
Move debian/ubuntu kernel-install workaround to a kernel-install script
Instead of manually running dpkg-reconfigure dracut in mkosi. Let's
drop in a kernel install script that runs dpkg-reconfigure dracut. We
can install this script as part of the install function and get rid
of a distribution specific check.
Very niche repo for a very specific use case. Let's not enable it
by default for Alma Linux images. It can always be added back via
--repository-directory if needed.
The configured repos don't end up in the actual image, so we don't
need to bother with a fancy name for the repos, let's just use the
repo ID instead and get rid of a bunch of cruft.
Use distro~release subdirectories under mkosi.output/mkosi.builddir
Currently, when using incremental mode, building for a different
release or distribution means throwing away the cached images for
the previous distribution or release used unless each distro/release
combo is configured with an explicit output directory. Let's try to
be smarter here, by using the same logic as used for the cache path.
We create distro~release subdirectory under mkosi.output/ and use that
as the output directory. This makes sure cached images stay intact
even if we build for a different distribution. The same reasoning
applies to mkosi.builddir/.
This will end up using slightly more disk space when building for many
different distros when using mkosi.output/, but this should be a good
tradeoff to make regardless. If looking to regain disk space, a user
simply has to remove the output or build subdirectory for the distros
they're not interested in keeping.
Booting a systemd-nspawn container with a Photon image produced by
mkosi without --netdev waits for 2 minutes until "wait for network
to come online" times out. After logging in there's 3 failed services
in systemctl status. This is without trying to use any of mkosi's
more advanced features.
Bootable images are not supported at all on Photon. Given this and
the broken container support, it's clear that Photon support isn't
really usable at the moment and probably hasn't been for quite a
while (see #664).
Given that Photon has been broken for multiple releases and that
aside form #664, no one has bothered to report concrete issues or
make an attempt to fix the issues aside from a mirror update, this
gives us a pretty clear indication that no one is using or trying
to use mkosi to build Photon images.
Given that none of the existing maintainers are familiar with Photon
(and are likely not interested in doing the effort needed to support
it), let's drop the Photon support from mkosi.
Force initializing the partition table every time create_image is called
When creating the build and final images `args.partition_table` is not
re-initialized which results in a mismatch between the on disk partition
layout and the records in memory.
action: Install dependencies in action repo checkout
Since we symlink systemd-nspawn from the build directory to /usr/bin,
if the directory that nspawn was built in is cleaned up (e.g. via
git clean), systemd-nspawn is gone as well. To make it harder to
accidentally delete systemd-nspawn, let's clone and build all the
dependencies we compile from source in the repo checkout of the
action instead of in the repo of the project that's using the mkosi
action.
Fixed regression when using UsrOnly during initial install
Several distributions call `run_workspace_command()` during installation and
this now requires the root directory that gets bind mounted in to exist. The
created directory will be removed anyway since it exists under a temporary
workspace.
As an example, the documentation removal when installing a Debian derivative
will fail without this change.
We shouldn't special case updates Arch if we don't do so on other
distros either. We don't guarantee availability of a package
manager in generated images, and the only reason Arch images ship
with pacman is because it's part of the base group. This might
change in the future and as such, there's no guarantee that Arch
images will always have pacman. Hence, let's remove the pacman hooks
we install for Arch to bring it more in line with the other distros.
opensuse: do not attempt to overwrite pam.d/common-auth
Tumbleweed builds started to fail:
File /usr/local/lib/python3.10/dist-packages/mkosi/__init__.py, line 3225, in install_opensuse
shutil.copy2(root / usr/etc/pam.d/common-auth, root / etc/pam.d/common-auth)
File /usr/lib/python3.10/shutil.py, line 434, in copy2
copyfile(src, dst, follow_symlinks=follow_symlinks)
File /usr/lib/python3.10/shutil.py, line 254, in copyfile
with open(src, 'rb') as fsrc:
FileNotFoundError: [Errno 2] No such file or directory: '/var/tmp/mkosi-vb08b_gb/root/usr/etc/pam.d/common-auth'
/etc/pam.d/common-auth is already installed now. Do not attempt to
overwrite it if it already exists.
Due to lack of a maintainer, and deviating from established practices
almost universally (custom bootloader, custom package manager, ...),
it's not productive to keep support for Clear Linux in mkosi. We have
no idea if it works at all, no idea if something we do is going to
break it, and haven't received any feedback from Clear Linux users
for multiple years. Hence let's drop support for Clear Linux from
mkosi to reduce maintenance costs.
Building initrds is slow, let's add an option that allows building
the initrd as part of a cached image so that's it's only built once
and reused in any final images.
Daan De Meyer [Fri, 24 Jun 2022 10:04:35 +0000 (12:04 +0200)]
action: Pin systemd-container version
A faulty metadata update in Github Actions azure mirror for Ubuntu
is causing issues with unmet systemd-container versions. Let's pin
the systemd-container version as a workaround until the issue is
fixed.
Daan De Meyer [Mon, 7 Mar 2022 16:10:41 +0000 (16:10 +0000)]
Add support for qemu's direct Linux boot
We add a "linux" boot protocol that, when enabled, instructs mkosi
to extract the kernel image, initrd and kernel cmdline out of the
image when building it.
On top, we add a --qemu-boot option that takes one of the possible
values from --boot-protocols and instructs qemu to use that boot
protocol. In case of the new "linux" boot protocol, we use qemu's
-kernel, -initrd and -append options to do a direct Linux kernel
boot.
Being able to do direct Linux boots with qemu is a prerequisite for
booting images of architectures that don't support UEFI in qemu. It's
also faster than booting in UEFI mode which is useful when iterating
and not working on the bootloader.
projects / thirdparty / mkosi.git / log
