From: Daan De Meyer Date: Fri, 4 Aug 2023 08:40:30 +0000 (+0200) Subject: mkosi: Make sure our systemd build always overrides the distros X-Git-Tag: v255-rc1~818^2~1 X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=6ac5aa97ec2255fe78715b8cd02c5c17300f4310;p=thirdparty%2Fsystemd.git mkosi: Make sure our systemd build always overrides the distros Currently, we install the systemd install tree in the base image and then build the initrd and final images from the base image. This means if that any systemd package is pulled in during the initrd or final image builds, it will override our version. To fix this, we stop installing our build of systemd in the base image, and store it in the output directory instead. That allows us to refer to it using ExtraTrees= in the final and initrd image builds to install it after all the distro packages have been installed, ensuring our version always takes priority. --- diff --git a/mkosi.presets/00-base/mkosi.build b/mkosi.presets/00-base/mkosi.build index f3de7bc6f52..cbc305fa4b1 100755 --- a/mkosi.presets/00-base/mkosi.build +++ b/mkosi.presets/00-base/mkosi.build @@ -9,6 +9,11 @@ if [ "${container:-}" != "mkosi" ]; then exec mkosi-chroot "$SCRIPT" "$@" fi +# We don't want to install our build of systemd in the base image, but use it as an extra tree for the +# initrd and final images, so override DESTDIR to store it in the output directory so we can reference it as +# an extra tree in the initrd and final image builds. +DESTDIR="$OUTPUTDIR/systemd" + # If mkosi.builddir/ exists mkosi will set $BUILDDIR to it, let's then use it # as out-of-tree build dir. Otherwise, let's make up our own builddir. [ -z "$BUILDDIR" ] && BUILDDIR="$PWD"/build @@ -29,7 +34,8 @@ done # CentOS Stream 8 includes bpftool 4.18.0 which is lower than what we need. However, they've backported the # specific feature we need ("gen skeleton") to this version, so we replace bpftool with a script that reports # version 5.6.0 to satisfy meson which makes bpf work on CentOS Stream 8 as well. -if [ "$(grep '^ID=' /etc/os-release)" = "ID=\"centos\"" ] && [ "$(grep '^VERSION=' /etc/os-release)" = "VERSION=\"8\"" ]; then +. /usr/lib/os-release +if [ "$ID" = "centos" ] && [ "$VERSION" = "8" ]; then cat >"$BUILDDIR"/bpftool </. # It is important to use the right one especially for cryptsetup plugins, otherwise they will be # installed in the wrong directory and not be found by cryptsetup. Assume native build. - if grep -q -e "ID=debian" -e "ID_LIKE=debian" /etc/os-release && command -v dpkg 2>/dev/null; then + if grep -q -e "ID=debian" -e "ID_LIKE=debian" /usr/lib/os-release && command -v dpkg 2>/dev/null; then CONFIGURE_OPTS+=( -D libdir="/usr/lib/$(dpkg-architecture -qDEB_HOST_MULTIARCH)" -D pamlibdir="/usr/lib/$(dpkg-architecture -qDEB_HOST_MULTIARCH)/security" @@ -167,7 +172,7 @@ if [ ! -f "$BUILDDIR"/build.ninja ]; then # Set various uids and gids for which Fedora has "soft static" allocations. # Without this, we would get warning about mismatched sysusers.d entries # between the files that we and Fedora's setup package install. - if grep -q '^ID=fedora' /etc/os-release; then + if grep -q '^ID=fedora' /usr/lib/os-release; then CONFIGURE_OPTS+=( -Dadm-gid=4 -Daudio-gid=63 @@ -192,7 +197,7 @@ if [ ! -f "$BUILDDIR"/build.ninja ]; then ) fi - if grep -q '^ID="opensuse' /etc/os-release; then + if grep -q '^ID="opensuse' /usr/lib/os-release; then CONFIGURE_OPTS+=( -Dbpf-compiler=gcc ) diff --git a/mkosi.presets/00-base/mkosi.conf b/mkosi.presets/00-base/mkosi.conf index 69d1723ca10..eb67bfcf628 100644 --- a/mkosi.presets/00-base/mkosi.conf +++ b/mkosi.presets/00-base/mkosi.conf @@ -9,8 +9,7 @@ CleanPackageMetadata=no Packages= kmod less - systemd - udev + util-linux BuildPackages= acl diff --git a/mkosi.presets/00-base/mkosi.conf.d/10-arch.conf b/mkosi.presets/00-base/mkosi.conf.d/10-arch.conf index c9ecf353508..7ab0c712aec 100644 --- a/mkosi.presets/00-base/mkosi.conf.d/10-arch.conf +++ b/mkosi.presets/00-base/mkosi.conf.d/10-arch.conf @@ -5,16 +5,18 @@ Distribution=arch [Content] Packages= + cryptsetup + dbus gnutls libbpf libfido2 libmicrohttpd libnftnl libpwquality + libseccomp libxkbcommon openssl qrencode - systemd-sysvcompat tpm2-tss BuildPackages= diff --git a/mkosi.presets/00-base/mkosi.conf.d/10-debian-ubuntu.conf b/mkosi.presets/00-base/mkosi.conf.d/10-debian-ubuntu.conf index 63b1daae0a5..5550511cf23 100644 --- a/mkosi.presets/00-base/mkosi.conf.d/10-debian-ubuntu.conf +++ b/mkosi.presets/00-base/mkosi.conf.d/10-debian-ubuntu.conf @@ -21,8 +21,6 @@ Packages= libqrencode4 libssl3 libtss2-dev # Use the -dev package to avoid churn in updating version numbers - systemd - systemd-sysv tzdata BuildPackages= diff --git a/mkosi.presets/00-base/mkosi.conf.d/10-opensuse.conf b/mkosi.presets/00-base/mkosi.conf.d/10-opensuse.conf index 85cb9e601a1..ec91b4901f2 100644 --- a/mkosi.presets/00-base/mkosi.conf.d/10-opensuse.conf +++ b/mkosi.presets/00-base/mkosi.conf.d/10-opensuse.conf @@ -4,9 +4,12 @@ Distribution=opensuse [Content] -# We install gawk, gzip, grep, xz here explicitly so that the busybox versions don't get installed instead. +# We install gawk, gzip, grep, xz, sed, rsync and docbook-xsl-stylesheets here explicitly so that the busybox +# versions don't get installed instead. Packages= device-mapper + distribution-release + docbook-xsl-stylesheets gawk grep gzip @@ -25,16 +28,16 @@ Packages= libp11-kit0 libqrencode4 libseccomp2 - libxkbcommon0 - libzstd1 - pam - shadow libtss2-esys0 libtss2-mu0 libtss2-rc0 libtss2-tcti-device0 - # Workaround for CI issue with our stub getting overwritten - systemd-boot + libxkbcommon0 + libzstd1 + pam + rsync + sed + shadow tpm2-0-tss xz @@ -43,7 +46,6 @@ BuildPackages= bpftool cross-bpf-gcc13 dbus-1-devel - docbook-xsl-stylesheets fdupes gcc-c++ glib2-devel @@ -84,7 +86,6 @@ BuildPackages= python3-pytest-flakes qrencode-devel shadow - systemd-sysvinit timezone tpm2-0-tss-devel xen-devel diff --git a/mkosi.presets/10-initrd/mkosi.conf b/mkosi.presets/10-initrd/mkosi.conf index 77e4896c176..b672d7363b0 100644 --- a/mkosi.presets/10-initrd/mkosi.conf +++ b/mkosi.presets/10-initrd/mkosi.conf @@ -9,7 +9,11 @@ Format=cpio [Content] BaseTrees=../../mkosi.output/base +ExtraTrees=../../mkosi.output/base-systemd MakeInitrd=yes +Packages= + systemd + udev # Arch Linux doesn't split their gcc-libs package so we manually remove unneeded stuff here to make sure it # doesn't end up in the initrd. diff --git a/mkosi.presets/20-final/mkosi.conf b/mkosi.presets/20-final/mkosi.conf index 1277ad40349..e1579ad273a 100644 --- a/mkosi.presets/20-final/mkosi.conf +++ b/mkosi.presets/20-final/mkosi.conf @@ -3,6 +3,7 @@ [Content] Autologin=yes BaseTrees=../../mkosi.output/base +ExtraTrees=../../mkosi.output/base-systemd ExtraTrees=../../src:/root/src Initrds=../../mkosi.output/initrd Packages= @@ -28,8 +29,10 @@ Packages= sed socat strace + systemd tmux tree + udev util-linux valgrind wireguard-tools diff --git a/mkosi.presets/20-final/mkosi.postinst b/mkosi.presets/20-final/mkosi.postinst index 2fd45361376..3f3a78e9063 100755 --- a/mkosi.presets/20-final/mkosi.postinst +++ b/mkosi.presets/20-final/mkosi.postinst @@ -79,7 +79,7 @@ fi # Let tmpfiles.d/systemd-resolve.conf handle the symlink rm -f /etc/resolv.conf -. /etc/os-release +. /usr/lib/os-release if [ "$ID" = "centos" ] && [ "$VERSION" = "8" ]; then alternatives --install /usr/bin/python3 python3 /usr/bin/python3.9 1