From 0bbf1a1a6cf753f3c46358309c3e35b9a9682e63 Mon Sep 17 00:00:00 2001 From: Daan De Meyer Date: Wed, 18 Oct 2023 12:00:53 +0200 Subject: [PATCH] Beef up bundled images Let's beef up the bundled images with all the packages from the tools trees where applicable so that we can run easily run mkosi from these images if needed for testing on different distributions. --- .github/workflows/ci.yml | 10 +++ .gitignore | 1 + mkosi.conf.d/10-common.conf | 27 ++++++-- mkosi.conf.d/15-bootable.conf | 8 +++ mkosi.conf.d/20-arch.conf | 47 +++++++++++-- mkosi.conf.d/20-centos.conf | 50 ++++++++++++-- mkosi.conf.d/20-debian.conf | 58 +++++++++++++--- mkosi.conf.d/20-fedora.conf | 67 +++++++++++++++++-- mkosi.conf.d/20-opensuse.conf | 51 ++++++++++++-- mkosi.conf.d/20-rhel-ubi.conf | 11 ++- mkosi.conf.d/20-ubuntu.conf | 27 ++++---- .../lib/systemd/system-preset/00-mkosi.preset | 33 +++++++++ .../lib/systemd/system-preset/99-mkosi.preset | 4 ++ 13 files changed, 345 insertions(+), 49 deletions(-) create mode 100644 mkosi.conf.d/15-bootable.conf create mode 100644 mkosi.extra/usr/lib/systemd/system-preset/00-mkosi.preset create mode 100644 mkosi.extra/usr/lib/systemd/system-preset/99-mkosi.preset diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index f909a2a40..0c9f6257d 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -124,6 +124,16 @@ jobs: [Output] Format=${{ matrix.format }} + + [Content] + KernelCommandLine=console=ttyS0 + systemd.unit=mkosi-check-and-shutdown.service + systemd.log_target=console + systemd.default_standard_output=journal+console + + [Host] + QemuVsock=yes + QemuMem=4G EOF - name: Build ${{ matrix.distro }}/${{ matrix.format }} diff --git a/.gitignore b/.gitignore index 74ccb6a09..d460c12b7 100644 --- a/.gitignore +++ b/.gitignore @@ -16,6 +16,7 @@ /mkosi.extra !mkosi.extra/usr/lib/systemd/mkosi-check-and-shutdown.sh !mkosi.extra/usr/lib/systemd/system/mkosi-check-and-shutdown.service +!mkosi.extra/usr/lib/systemd/system-preset/*-mkosi.preset /mkosi.nspawn /mkosi.rootpw /mkosi.conf diff --git a/mkosi.conf.d/10-common.conf b/mkosi.conf.d/10-common.conf index 132accf37..2dfd35f1a 100644 --- a/mkosi.conf.d/10-common.conf +++ b/mkosi.conf.d/10-common.conf @@ -1,13 +1,26 @@ +# SPDX-License-Identifier: LGPL-2.1-or-later + [Output] -CacheDirectory=mkosi.cache +# These images are (among other things) used for running mkosi which means we need some disk space available so +# default to directory output where disk space isn't a problem. +@Format=directory +@CacheDirectory=mkosi.cache +@OutputDirectory=mkosi.output [Content] Autologin=yes BiosBootloader=grub -KernelCommandLine=console=ttyS0 - systemd.unit=mkosi-check-and-shutdown.service - systemd.log_target=console - systemd.default_standard_output=journal+console -[Host] -QemuVsock=yes +Packages= + attr + autoconf + automake + ca-certificates + gcc + gettext + git + less + libtool + make + pkg-config + strace diff --git a/mkosi.conf.d/15-bootable.conf b/mkosi.conf.d/15-bootable.conf new file mode 100644 index 000000000..35269a7d9 --- /dev/null +++ b/mkosi.conf.d/15-bootable.conf @@ -0,0 +1,8 @@ +# SPDX-License-Identifier: LGPL-2.1-or-later + +[Match] +Format=|disk +Format=|directory + +[Content] +Bootable=yes diff --git a/mkosi.conf.d/20-arch.conf b/mkosi.conf.d/20-arch.conf index d14919a12..6b100db26 100644 --- a/mkosi.conf.d/20-arch.conf +++ b/mkosi.conf.d/20-arch.conf @@ -1,8 +1,47 @@ +# SPDX-License-Identifier: LGPL-2.1-or-later + [Match] Distribution=arch [Content] -Packages=linux - systemd - base - grub +Packages= + apt + archlinux-keyring + base + bash + btrfs-progs + bubblewrap + ca-certificates + coreutils + cpio + curl + debian-archive-keyring + dnf + dosfstools + e2fsprogs + edk2-ovmf + erofs-utils + grub + linux + mtools + openssh + openssl + pacman + pesign + python-cryptography + qemu-base + sbsigntools + shadow + socat + squashfs-tools + strace + swtpm + systemd + systemd-ukify + tar + ukify + util-linux + virtiofsd + xfsprogs + xz + zstd diff --git a/mkosi.conf.d/20-centos.conf b/mkosi.conf.d/20-centos.conf index dafbd2916..3fa622e00 100644 --- a/mkosi.conf.d/20-centos.conf +++ b/mkosi.conf.d/20-centos.conf @@ -1,11 +1,51 @@ +# SPDX-License-Identifier: LGPL-2.1-or-later + [Match] Distribution=|centos Distribution=|alma Distribution=|rocky +[Distribution] +@Release=9 +Repositories=epel + epel-next + [Content] -Packages=kernel-core - systemd - systemd-boot - udev - grub2-pc +Packages= + apt + bash + bubblewrap + ca-certificates + coreutils + cpio + curl + debian-keyring + distribution-gpg-keys + dnf + dosfstools + e2fsprogs + edk2-ovmf + grub2-pc + kernel-core + mtools + openssh-clients + openssl + pesign + python3-cryptography + qemu-kvm-core + shadow-utils + socat + squashfs-tools + strace + swtpm + systemd + systemd-boot + systemd-container + systemd-udev + tar + udev + util-linux + virtiofsd + xfsprogs + xz + zstd diff --git a/mkosi.conf.d/20-debian.conf b/mkosi.conf.d/20-debian.conf index 3d7f821f0..8514650da 100644 --- a/mkosi.conf.d/20-debian.conf +++ b/mkosi.conf.d/20-debian.conf @@ -1,12 +1,54 @@ +# SPDX-License-Identifier: LGPL-2.1-or-later + [Match] Distribution=debian +[Distribution] +@Release=testing + [Content] -Packages=linux-image-cloud-amd64 - systemd - systemd-boot - systemd-sysv - udev - dbus - tzdata - grub-pc +Packages= + apt + bash + btrfs-progs + bubblewrap + ca-certificates + coreutils + cpio + curl + dbus-broker + debian-archive-keyring + dnf + dosfstools + e2fsprogs + erofs-utils + grub-pc + libtss2-dev + linux-image-cloud-amd64 + mtools + openssh-client + openssl + ovmf + pacman-package-manager + pesign + python3-cryptography + python3-pefile + qemu-system + sbsigntool + socat + squashfs-tools + strace + swtpm + systemd + systemd-boot + systemd-container + systemd-sysv + tar + tzdata + udev + uidmap + util-linux + xfsprogs + xz-utils + zstd + zypper diff --git a/mkosi.conf.d/20-fedora.conf b/mkosi.conf.d/20-fedora.conf index 81c63fcf5..37f4b4fe2 100644 --- a/mkosi.conf.d/20-fedora.conf +++ b/mkosi.conf.d/20-fedora.conf @@ -1,10 +1,65 @@ +# SPDX-License-Identifier: LGPL-2.1-or-later + [Match] Distribution=fedora +[Distribution] +@Release=39 + [Content] -Packages=kernel-core - systemd - systemd-boot - udev - util-linux - grub2-pc +Packages= + apt + archlinux-keyring + bash + btrfs-progs + bubblewrap + ca-certificates + coreutils + cpio + curl-minimal + debian-keyring + distribution-gpg-keys + dnf + dnf5 + dosfstools + e2fsprogs + edk2-ovmf + erofs-utils + grub2-pc + kernel-core + mtools + openssh-clients + openssl + pacman + pesign + policycoreutils + policycoreutils-python-utils + python3-cryptography + qemu-kvm-core + sbsigntools + selinux-policy + selinux-policy-devel + selinux-policy-targeted + setools-console + shadow-utils + socat + squashfs-tools + strace + swtpm + systemd + systemd-boot + systemd-container + systemd-networkd + systemd-resolved + systemd-udev + systemd-ukify + tar + util-linux + virtiofsd + xfsprogs + xz + zstd + zypper + +[Host] +KernelCommandLine=enforcing=0 diff --git a/mkosi.conf.d/20-opensuse.conf b/mkosi.conf.d/20-opensuse.conf index 14279b66b..b923b95ed 100644 --- a/mkosi.conf.d/20-opensuse.conf +++ b/mkosi.conf.d/20-opensuse.conf @@ -1,9 +1,50 @@ +# SPDX-License-Identifier: LGPL-2.1-or-later + [Match] Distribution=opensuse +[Distribution] +@Release=tumbleweed + [Content] -Packages=kernel-kvmsmall - systemd - systemd-boot - udev - grub2-i386-pc +Packages= + bash + btrfs-progs + bubblewrap + ca-certificates + coreutils + cpio + curl + distribution-gpg-keys + # dnf-data is missing a dependency on coreutils which makes it postinstall script fail when using old zypper. + # dnf + dosfstools + e2fsprogs + erofs-utils + grep + grub2-i386-pc + kernel-kvmsmall + mtools + openssh-clients + openssl + ovmf + pesign + qemu-headless + sbsigntools + shadow + socat + squashfs + strace + swtpm + systemd + systemd-boot + systemd-container + systemd-experimental + tar + udev + util-linux + virtiofsd + xfsprogs + xz + zstd + zypper diff --git a/mkosi.conf.d/20-rhel-ubi.conf b/mkosi.conf.d/20-rhel-ubi.conf index 20b1fdcbc..34128ec63 100644 --- a/mkosi.conf.d/20-rhel-ubi.conf +++ b/mkosi.conf.d/20-rhel-ubi.conf @@ -1,6 +1,13 @@ +# SPDX-License-Identifier: LGPL-2.1-or-later + [Match] Distribution=rhel-ubi +[Distribution] +@Release=9 + [Content] -Packages=systemd - systemd-udev +Bootable=no +Packages= + systemd + systemd-udev diff --git a/mkosi.conf.d/20-ubuntu.conf b/mkosi.conf.d/20-ubuntu.conf index 2c8959cc2..1e65a3163 100644 --- a/mkosi.conf.d/20-ubuntu.conf +++ b/mkosi.conf.d/20-ubuntu.conf @@ -1,18 +1,21 @@ +# SPDX-License-Identifier: LGPL-2.1-or-later + [Match] Distribution=ubuntu [Distribution] -Release=lunar - -[Distribution] -Repositories=main,universe +@Release=lunar +Repositories=universe [Content] -Packages=linux-kvm - systemd - systemd-boot - systemd-sysv - udev - dbus - tzdata - grub-pc +Packages= + apt + dbus-broker + grub-pc + linux-kvm + systemd + systemd-boot + systemd-sysv + tzdata + udev + zypper diff --git a/mkosi.extra/usr/lib/systemd/system-preset/00-mkosi.preset b/mkosi.extra/usr/lib/systemd/system-preset/00-mkosi.preset new file mode 100644 index 000000000..5a829b899 --- /dev/null +++ b/mkosi.extra/usr/lib/systemd/system-preset/00-mkosi.preset @@ -0,0 +1,33 @@ +# SPDX-License-Identifier: LGPL-2.1-or-later + +# mkosi adds its own ssh units via the --ssh switch so disable the default ones. +disable ssh.service +disable sshd.service + +# These might get pulled in as dependencies but we don't want them running. +disable dnsmasq.service +disable isc-dhcp-server.service +disable isc-dhcp-server6.service + +# Pulled in via dracut-network by kexec-tools on Fedora. +disable NetworkManager* + +# Make sure dbus-broker is started by default on Debian/Ubuntu. +enable dbus-broker.service + +# systemd-networkd is disabled by default on Fedora so make sure it is enabled. +enable systemd-networkd.service +enable systemd-networkd-wait-online.service + +# We install dnf in some images but it's only going to be used rarely, +# so let's not have dnf create its cache. +disable dnf-makecache.* + +# The rpmdb is already in the right location, don't try to migrate it. +disable rpmdb-migrate.service + +# We have journald to receive audit data so let's make sure we're not running auditd as well +disable auditd.service + +# systemd-timesyncd is not enabled by default in the default systemd preset so enable it here instead. +enable systemd-timesyncd.service diff --git a/mkosi.extra/usr/lib/systemd/system-preset/99-mkosi.preset b/mkosi.extra/usr/lib/systemd/system-preset/99-mkosi.preset new file mode 100644 index 000000000..710ee7c6f --- /dev/null +++ b/mkosi.extra/usr/lib/systemd/system-preset/99-mkosi.preset @@ -0,0 +1,4 @@ +# SPDX-License-Identifier: LGPL-2.1-or-later + +# Make sure that services are disabled by default (primarily for Debian/Ubuntu). +disable * -- 2.47.2