Use Gentoo.EMERGE_UPDATE_OPTS for invoke_emerge call to install pkgs_boot
Using Gentoo.EMERGE_UPDATE_OPTS allows for greater maintainability than directly
specifying `--update` and `--deep`.
The configured `opts` for `invoke_emerge` enable the package manager to replace
blocking packages. This is required to successfully replace
`sys-kernel/installkernel-gentoo` (which is already installed in the gentoo
stage3 tar ball) with the requested `sys-kernel/installkernel-systemd-boot`.
Add `--update` and `--deep` to invoke_emerge call for pkgs_boot
When generating bootable images for gentoo, the emerge call to install
pkgs_boot fails for `sys-kernel/installkernel-systemd-boot`:
```
[…]
‣ Invoking emerge(1) inside stage3
!!! /etc/portage/binrepos.conf is missing (or PORTAGE_BINHOST is unset), but use is requested.
* IMPORTANT: 9 news items need reading for repository 'gentoo'.
* Use eselect news read to view new items.
!!! /etc/portage/binrepos.conf is missing (or PORTAGE_BINHOST is unset), but use is requested.
[binary N ] app-arch/cpio-2.12-r1-1
[binary N ] sys-firmware/edk2-ovmf-202105-r2-1
[binary N ] dev-libs/elfutils-0.186-1
[binary N ] sys-kernel/installkernel-systemd-boot-1-1
[binary N ] sys-kernel/dracut-055-r4-2
[binary N ] virtual/libelf-3-1
[binary N ] sys-kernel/gentoo-kernel-bin-5.15.19-1
[binary N ] virtual/dist-kernel-5.15.19-1
[blocks B ] sys-kernel/installkernel-gentoo ("sys-kernel/installkernel-gentoo" is soft blocking sys-kernel/installkernel-systemd-boot-1)
[blocks B ] sys-kernel/installkernel-systemd-boot ("sys-kernel/installkernel-systemd-boot" is soft blocking sys-kernel/installkernel-gentoo-3)
* Error: The above package list contains packages which cannot be
* installed at the same time on the same system.
(sys-kernel/installkernel-gentoo-3-1:0/0::gentoo, installed) pulled in by
sys-kernel/installkernel-gentoo required by (sys-kernel/gentoo-kernel-bin-5.15.19-1:5.15.19/5.15.19::gentoo, binary scheduled for merge) USE="initramfs -test"
(sys-kernel/installkernel-systemd-boot-1-1:0/0::gentoo, binary scheduled for merge) pulled inby
sys-kernel/installkernel-systemd-boot
gsegatti [Mon, 24 Jan 2022 12:25:00 +0000 (04:25 -0800)]
Removal of Gentoo check
The parse_args() method has a check for whether Gentoo's modules are currently installed.
While this allows the system to fail early, it makes unit testing dependable on installing such packages.
By removing this if() we're able to test argument parsing without on any distro with no package dependance.
Additionally, system's correctness ir preserved since this same check is done later on gentoo.py
Luca Boccassi [Tue, 18 Jan 2022 00:08:54 +0000 (00:08 +0000)]
build: check for BUILD_ID/VERSION_ID before adding systemd-boot workaround
Instead of hard-coding the debian release, which breaks booting on
testing/bookworm, check os-release to see if BUILD_ID or VERSION_ID
are actually there.
Daan De Meyer [Mon, 3 Jan 2022 16:29:12 +0000 (08:29 -0800)]
Support older versions of sfdisk without "grain" support
If "grain" is not available, let's fall back to the default grain
size of 1 MiB. To check if "grain" is available, let's run sfdisk
against /dev/full and try to configure the "grain" which will fail
if "grain" is not supported.
Daan De Meyer [Mon, 3 Jan 2022 10:09:09 +0000 (11:09 +0100)]
action: Fix libsolv in combination with rpm 4.17.0
This applies the patch from https://github.com/systemd/mkosi/issues/861#issuecomment-1003624115
until the issue is fixed upstream and the fix is released.
Daan De Meyer [Thu, 23 Dec 2021 14:32:43 +0000 (15:32 +0100)]
docs: Move supported output formats section down a little
The verbs and execution flow are likely more important info to new
users than all the supported output formats so let's reorder the
sections accordingly.
Daan De Meyer [Thu, 23 Dec 2021 14:29:45 +0000 (15:29 +0100)]
docs: Remove Other Features section
This just lists some very specific features that are already
documented in their respective config options. Let's remove it
so we get rid of one more section that should be updated when we
add new features.
Daan De Meyer [Wed, 8 Dec 2021 11:23:12 +0000 (12:23 +0100)]
typing: Fix typing error when calling add_signer()
The add_signer() method of PKCS7SignatureBuilder only supports a
subset of the key types returned by load_pem_private_key() so let's
make sure the loaded key is of one of the supported types to fix
the error.
Paymon MARANDI [Wed, 24 Nov 2021 17:36:59 +0000 (12:36 -0500)]
gentoo: unmerge baselayout early on.
fixes ``Couldn't find '=sys-apps/baselayout-2.7' to unmerge``
intro:
there are 2 problems that require messing with baselayout package.
both are being worked on upstream [bug1][bug2].
1. `/etc/os-release` missing `VERSION_ID` which causes KUI generated by
dracut/installkernel et al not being accepted by the firmware/bootloader.
2. `/usr` is not merged in stage3. but `baselayout` with `"USE=build
-split-usr"` has a usrmerge layout.
[bug1] is fixed but that fix hasn't made it into the release.
[bug2] has 6 blocking bugs as of this writing.
we merge baselayout before copying stage3 tree over into `root` so the
usrmerge layout is in place.
source of the problem:
hard-coded baselayout version, "-2.7", was the source of the problem
which was inevitable to cause problem once upstream bumped the version
of baselayout they ship with stage3.
in the old logic we removed baselayout by hand during fetch_fix_stage3()
by removing members of baselaouy_qlist array from stage3 before copying
stage3 tree into `root`. this would cause the root to have two "slots"
of baselayout installed which the call to `emerge(1)` in `update_stage3`
would try to fix by removing the *bad* slot (=sys-apps/baselayout-2.7).
the new logic simply unmerges stage3's baselayout during
fetch_fix_stage3() using emerge(1).
Daan De Meyer [Wed, 27 Oct 2021 21:49:32 +0000 (22:49 +0100)]
Set new TTYRows and TTYColumns properties when overriding getty units
Sometimes, it's not sufficient to set the LINES and COLUMNS environment
variables to configure the serial terminal size. To properly configure
the serial terminal size when the env variables are not sufficient, we
need to configure the tty size in the kernel as well. To accomplish this,
two new properties TTYRows and TTYCols were added to systemd. Let's set
these properties when we override the getty units so systemd properly
configures the kernel tty size for us when systemd's version is recent
enough.
Additionally, this commit updates the getty unit resources to include
the recent systemd change to how the TTY is passed to agetty. Without
this change, the tty size configured with TTYRows and TTYCols is reset
when systemd invokes agetty. See https://github.com/systemd/systemd/pull/21171
for more information.
Luca Boccassi [Mon, 1 Nov 2021 23:38:37 +0000 (23:38 +0000)]
ssh: optionally connect to ssh-agent
If a path to the ssh-agent socket (typically /run/user/1000/gnupg/S.gpg-agent.ssh) is passed,
connect to it to fetch the public key(s) with ssh-add -L and avoid passing
the key(s) manually to ssh.
Daan De Meyer [Sun, 31 Oct 2021 21:01:28 +0000 (21:01 +0000)]
Call flush() in a few more places
Since we never explicitly close these files, sometimes the stuff
we write to them doesn't seem to get flushed which causes the
files to be empty in the output directory. Add calls to flush()
to make sure the files aren't empty when mkosi finishes.
Paymon MARANDI [Thu, 21 Oct 2021 09:51:13 +0000 (05:51 -0400)]
gentoo: support gentoo (#717)
Flow is the following:
we fetch stage3, untar it into the image's root and run emerge(1) from
within that root tree.
we _append_ our configurations to /etc/portage/env/mkosi.conf users
should not use that file since it, to some extend, documents what was
done during the image creation. users could instead drop-in their conf
file under mkosi.skeleton/etc/portage/env/ (say user.conf) and a pointer
under package.env/ (say user) with:
*/* user.conf
profile:
for now we only support 17.1/no-multilib; arm64 support is on the
roadmap.
bin/mkosi: support running from the source checkout
It is super useful for development if we can use the helper and not
worry about setting PYTHONPATH manually. We can also run mkosi directly after
cloing the repo, without doing any other setup.
jrun [Thu, 21 Oct 2021 09:51:13 +0000 (05:51 -0400)]
gentoo: support gentoo (#717)
Flow is the following:
we fetch stage3, untar it into the image's root and run emerge(1) from
within that root tree.
we _append_ our configurations to /etc/portage/env/mkosi.conf users
should not use that file since it, to some extend, documents what was
done during the image creation. users could instead drop-in their conf
file under mkosi.skeleton/etc/portage/env/ (say user.conf) and a pointer
under package.env/ (say user) with:
*/* user.conf
profile:
for now we only support 17.1/no-multilib; arm64 support is on the
roadmap.
Luca Boccassi [Sat, 16 Oct 2021 23:27:41 +0000 (00:27 +0100)]
sysext: support building deb extensions
debootstrap will fail if the root is already populated, so skip it when building
an extension.
While there, skip also other tasks that apply only to the base image (kernel, etc).
Inspired by https://sethmlarson.dev/blog/2021-10-18/tests-arent-enough-case-study-after-adding-types-to-urllib3:
> Don’t expose Generators unless you want Generator functionality
>
> Generators have additional behaviors over iterables so if the API isn’t meant
> to be used like a generator then it’s best to keep this fact a secret and
> annotate with Iterable[X] instead of Generator[X, None, None].
This is useful to reduce the size of the final image by dropping
packages which are required during the installation, but are not needed
in the final image. So in particular, this includes packages pulled
in as Requires(pre) on rpm-based systems.
man: describe the syntax that Packages= accepts a bit more
What exactly is supported is different between the different distros.
But let's at least list the various options, so that people are aware
of the possibilities. Many people might not even think about the more
esoteric ones.
We create a custom repo file from scratch, with a bunch of repos.
We would then pass --disablerepo=* --enablerepo=… --enablerepo=…
to dnf to enable the repos we configured. This is pointlessly complicated:
let's instead just enable the repos in the config file we write.
(The config file is only used by the dnf commands we invoke.)
This changes the behaviour of UseHostRepositories=true a bit:
we now use the repos that are enabled on the host, instead of enabling
select repos. I think this actually makes more sense: the list of
repos on the host and their names is something that we have no control
over. So we don't really know which ones to enable. And the user can
still use Repositories= to select some repos. So UseHostRepositories=true
alone means "use host repositories as configured", and
UseHostRepositories=true + Repositories=… means "use the specified
host repositories".
Each function to install packages is split in two:
an invoke_[t]dnf() function that accepts a verb and a list of packages,
and an install_packages_[t]dnf() function that calls the first
one with 'install' as the verb.
The idea is to allow other verbs to be called in the future.
I also merged invoke_dnf, invoke_yum, invoke_yum_or_dnf into a single
function. Nowadays, yum is just an aliast to dnf, so they both accept
the same options and provide the same functionality. They actually were
called with different options, but I think this was by mistake: people
added new functionality and forgot to update the callpath for yum.
And if the ancient yum in EPEL doesn't support some option, we can easily
conditionalize on the command name internally.
(Effectively, this changes how yum is called, more options are passed to
it now.)
Vishal Verma [Wed, 6 Oct 2021 07:36:19 +0000 (01:36 -0600)]
mkosi: Fix autologin configs for different PAM versions
Some PAM versions require full /dev/<tty> paths for the autologin setup
done by mkosi, where as others only need the <tty> portion.
If full paths are required, the <tty> only setup breaks, and vice versa.
However having both variants in the config isn't adverse in any way.
As distros upgrade their PAM versions, the distro based checks would
have to constantly play whack-a-mole to switch to the 'prefix-required'
vs. not variations.
Add both variants unconditionally - this way we solve the problem for
all distros, regardless of when they update.
Daan De Meyer [Wed, 13 Oct 2021 10:18:41 +0000 (11:18 +0100)]
nspawn: Copy RLIMIT_CORE and RLIMIT_NOFILE in non-booted nspawn containers
Avoid surprises by copying open files and coredump limits from the user
running mkosi. Most noteably, this makes sure core dumps in non-booted
mkosi containers actually end up on the host as previously the coredump
size limit was zero in non-booted mkosi nspawn containers which led to
no coredumps being generated at all on the host of processes that dumped
core in the build containers (e.g. tests that raise SIGABRT).
Since F34, glibc changed from 'Suggests: glibc-all-langpacks' to
'Suggests: glibc-minimal-langpack', so we don't need to do this ourselves.
The advantage is that we avoid one line of output from dnf (about
glibc-minimal-langpack being already installed, which is confusing when
the user didn't request glibc-minimal-langpack explicitly).
projects / thirdparty / mkosi.git / log
