Daan De Meyer [Tue, 18 Mar 2025 19:35:59 +0000 (20:35 +0100)]
mkosi: Bump to Fedora 42
Beta was just released, let's switch to Fedora 42 which coincidentally
also has a crucial fix for its nsswitch.conf to make the next commits
actually work.
Yu Watanabe [Thu, 13 Mar 2025 03:11:40 +0000 (12:11 +0900)]
TEST-73-LOCALE: do not unnecessarily restart systemd-localed
It is not necessary to clear previous keymap assignment, as
`localectl set-keymap` will anyway overwrite the previous assignment.
This drops the unnecessary restart of systemd-localed in the loop.
The mkosi test image contains about 500~700 keymaps. The test
performance is greatly improved by reducing the number of restarts,
especially when the test is running with sanitizers.
On Fedora 41 with sanitizers,
Before:
1/1 systemd:integration-tests / TEST-73-LOCALE OK 1157.50s
After:
1/1 systemd:integration-tests / TEST-73-LOCALE OK 104.43s
Yu Watanabe [Mon, 10 Mar 2025 16:54:28 +0000 (01:54 +0900)]
ci/mkosi: enable sanitizers on Fedora 41
It seems the recent update of LLVM package in Fedora rawhide breaks
sanitizers, and udevd freezes after false-positive (I guess) issue is
detected:
systemd-udevd[2646]: =================================================================
systemd-udevd[2646]: ==2646==ERROR: AddressSanitizer: stack-buffer-underflow on address 0x7ffc3a642660 at pc 0x555627ac022b bp 0x7ffc3a6422b0 sp 0x7ffc3a6422a8
systemd-udevd[2646]: READ of size 8 at 0x7ffc3a642660 thread T0 ((udev-worker))
llvm-19.1.7-11.fc43 worked fine, but llvm-20.1.0-1.fc43 does not.
To avoid the issue, let's enable sanitizer on Fedora 41, and disable it
on Fedora rawhide.
Daan De Meyer [Thu, 6 Mar 2025 22:20:59 +0000 (23:20 +0100)]
mkosi: Disable BuildSourcesEphemeral=
Let's stop using BuildSourcesEphemeral= and instead make sure we don't
generate any auxiliary files during the mkosi build process.
We achieve this through a combination of trap to remove any new files
we create and bind mounts from /tmp over existing files whenever we need
to modify an existing file.
Daan De Meyer [Fri, 7 Mar 2025 12:38:00 +0000 (13:38 +0100)]
mkosi: update fedora commit reference
* 38b41a729e Clean up debuginfo files as well in %clean
* 7bc5883654 Fix missing question mark
* d22561d59e Also drop auxiliary files related to sysusers compat
* e825459f2d Change python-zstd depenedency to python-zstandard
* 0a3907745e Version 257.4
* 1bdfa29ce2 Neuter sysusers macros
Daan De Meyer [Wed, 5 Mar 2025 20:27:17 +0000 (21:27 +0100)]
mkosi: update fedora commit reference
* 4ab2a9e539 Drop old self-Obsoletes and provides
* ec182495e7 Drop libbpf versioned dependency version to 1.4.7
* 1f8d2b0ebd Make self-obsoletes for the sysusers split conditional
* 0d95af264f Include epoch in versioned libbpf dependency
* 8230f501b6 Make sure we pull in libbpf >= 1.5.0 if libbpf is installed
Yu Watanabe [Fri, 21 Mar 2025 00:54:45 +0000 (09:54 +0900)]
udev: make udevadm and friends not warn about unknown settings
Without this change, when e.g. event_timeout= is specified in udev.conf,
udevadm and friends which loads udev.conf warn about unknown key:
===
$ udevadm info /sys/class/net/lo
/run/udev/udev.conf.d/test-17.conf:1: Unknown key 'event_timeout', ignoring.
/run/udev/udev.conf.d/test-17.conf:2: Unknown key 'timeout_signal', ignoring.
===
We didn't check the number of arguments first, hence ended up outputting
some ugly complaints with `(null)` in a format string. And what's worse
accepted any number of arguments, where we'd ignore all but the first
two though.
So far /run/systemd/ was created as side-effect of initializing the
D-Bus client/server. But in one of the next commits we'll suppress
connecting to D-Bus in test runs, hence let's move the logic our of the
D-Bus code and into manager_startup().
Then, also drop creating it again and again in PID 1 at various places,
and just rely on it to exist.
If a network mount returns EBUSY on umount, the logic introduced in 6dc68a00cfc816678fd713b12ae2a4cf2ae6da85 causes shutdown to hang indefinitely on
`fstatat()` (i.e., within `is_dir(m->path, true)`). Hence, skip this logic for
network mounts (following the same motivation we use to skip read-only mounts in
this kind of file systems).
Mike Yuan [Wed, 5 Mar 2025 17:35:50 +0000 (18:35 +0100)]
core/main: correct retval for reexec/switch-root/soft-reboot
For these objectives we ought to execve() at the end, i.e. if we
ever hit the return path something went wrong in do_reexecute().
Let's properly report that via retval.
The commit described about system potentially becoming undebuggable
after switching into broken root or whatnot. But notably we can never
activate emergency.target after do_reexecute() failure, since the Manager
has been destructed. Plus, for a normal reexecution the fallback shell logic
triggered on non-existent /sbin/init is kinda useful. Let's hence guard
the extra check behind switch-root.
Also, move the check below /run/nextroot/ detection.
Daan De Meyer [Mon, 3 Mar 2025 11:35:11 +0000 (12:35 +0100)]
test: Connect test unit to console when running interactively
When running interactively, let's connect the test unit directly
to the console. This enables adding "bash" anywhere within an
integration test to get a shell within the test environment.
dns-stream: only read DNS packet data if we identified the peer properly
If we use TCP fastopen to connect to a DNS server via TCP, and it
responds really quickly between our connection attempt and our immediate
check back, then we have not identified the peer yet, and will not be
able to use the peer metadata to fill in our packet info.
Let's fix that, and simply not read from the socket until identification
is complete.
Yu Watanabe [Tue, 18 Feb 2025 18:09:38 +0000 (03:09 +0900)]
pe-binary: fix array overrun
This is a kind of paranoia, as memeqzero() does not read anyting if
length is zero. But, strictly speaking C language does not allow such,
and Coverity warn about that.
Michal Koutný [Tue, 25 Feb 2025 10:36:51 +0000 (11:36 +0100)]
TEST-13-NSPAWN.nss-mymachines: Use negative matching switch
The test expects _not_ to find the patterns but the run_and_grep would
still print 'FAIL:' message. Use the dedicated -n option that inverts
the semantics cleaner than shell's !.
Jörg Behrmann [Sun, 2 Mar 2025 14:52:08 +0000 (15:52 +0100)]
tests: remove cache=unsafe from TEST-64-UDEV-STORAGE
mkosi switch to the newer -blockdev qemu option in systemd/mkosi#3557 [1], but
cache=unsafe is an option only -drive supports.
Since the qemu-system_x86-64 man page [2] says this, cache.writeback=on is the
default and mkosi setting the other two options to the values corresponding to
unsafe, it should be fine to drop the cache=unsafe option.
┌─────────────┬─────────────────┬──────────────┬────────────────┐
│ │ cache.writeback │ cache.direct │ cache.no-flush │
├─────────────┼─────────────────┼──────────────┼────────────────┤
│writeback │ on │ off │ off │
├─────────────┼─────────────────┼──────────────┼────────────────┤
│none │ on │ on │ off │
├─────────────┼─────────────────┼──────────────┼────────────────┤
│writethrough │ off │ off │ off │
├─────────────┼─────────────────┼──────────────┼────────────────┤
│directsync │ off │ on │ off │
├─────────────┼─────────────────┼──────────────┼────────────────┤
│unsafe │ on │ off │ on │
└─────────────┴─────────────────┴──────────────┴────────────────┘
sd-id128: gracefully handle systems where kernel keyring access is blocked
In various scenarios we invoke containers with access to the kernel
keyring blocked. Let's make sure we can handle this properly: when the
invocation ID is stored in in the kernel keyring and we try to read it
and get EPERM we should handle it gracefully, like EOPNOTSUPP.
Martin Wilck [Mon, 17 Feb 2025 17:40:35 +0000 (18:40 +0100)]
libfido2-util: accept cached pin in fido2_generate_hmac_hash()
fido2_generate_hmac_hash() sets req->keyring to "fido2-pin" when
calling ask_password_auto(), suggesting that a key by this name
can be read from the kernel keyring. But the keyring is never
opened because the ASK_PASSWORD_ACCEPT_CACHED flag is not set.
Set ASK_PASSWORD_ACCEPT_CACHED to allow automated / scripted
setup of encrypted volumes with FIDO2. If the PIN turns out to
be invalid, clear ASK_PASSWORD_ACCEPT_CACHED to avoid retrying
and possible lockout.
SERVICE_RELOAD_SIGNAL state can only be reached via explicit reload jobs,
and we have a clear distinction between that and plain RELOADING=1
notifications, the latter of which is issued by clients doing reload
outside of our job engine. I.e. upon SERVICE_RELOAD_SIGNAL + RELOADING=1
we don't propagate reload jobs again, since that's done during transaction
construction stage already. The handling of combined RELOADING=1 + READY=1
so far is bogus however, as it tries to propagate duplicate reload jobs.
Amend this by following the logic for standalone RELOADING=1.
Daan De Meyer [Wed, 26 Feb 2025 13:58:53 +0000 (14:58 +0100)]
docs: Use mkosi -R instead of mkosi -t none
mkosi now supports -R to rerun build scripts without rebuilding the
image so let's document that instead of the current hack to prevent
the rebuild by changing the output format.
Andreas Stührk [Tue, 25 Feb 2025 23:05:41 +0000 (00:05 +0100)]
copy: Invoke hardlink context cleanup before restoring timestamps
When hardlink recreation is requested, it creates temporary files that
will be deleted once the context is destroyed. The deletion
(potentially) updates the directory's timestamps, so it's crucial that
the deletion happens before the directory timestamps are restored when
`COPY_RESTORE_DIRECTORY_TIMESTAMPS` is requested.
Daan De Meyer [Mon, 24 Feb 2025 09:56:26 +0000 (10:56 +0100)]
mkosi: Enable History= option
This option makes mkosi "remember" all the CLI options specified on
the command line when building an image. This means they don't need
to be specified again when booting the image afterwards or doing any
other operation on the image with "mkosi xxx".
As an example of how this is useful, currently, when running "mkosi
-d opensuse -f" to build an opensuse image and then running "mkosi
sandbox -- meson test -C build TEST-86-MULTI-UKI-PROFILE", running
the test will try to add virtiofs mounts of the fedora~rawhide build
directory on my machine instead of the opensuse one. With the History=
option enabled, it will use the opensuse tumbleweed directory as expected.
We stop setting --extra-search-path and --output-dir in the integration test
wrapper as these are settings that are "remembered" by enabling the History=
option.
Daan De Meyer [Mon, 24 Feb 2025 16:14:01 +0000 (17:14 +0100)]
TEST-64-UDEV-STORAGE: Stop using mkosi configure scripts
Now that we have mkosi sandbox, meson runs with the mkosi tools tree
mounted (if one is used at all), so we can implement all the qemu feature
checks in meson itself, removing the need for mkosi configure scripts.
Daan De Meyer [Mon, 24 Feb 2025 16:12:22 +0000 (17:12 +0100)]
TEST-53-ISSUE-16347: Implement rtc via custom argument
Let's get rid of the configure script for this use case by just
implementing the necessary logic in integration-test-wrapper.py.
We need to get rid of our usage of configure scripts to allow enabling
the History= setting.
Luca Boccassi [Thu, 21 Nov 2024 09:51:14 +0000 (09:51 +0000)]
test: split VM-only subtests from TEST-74-AUX-UTILS to new VM-only test
TEST-74-AUX-UTILS covers many subtests, as it's a catch-all job, and a few
need a VM to run. The job is thus marked VM-only. But that means in settings
where we can't run VM tests (no KVM available), the entire thing is skipped,
losing tons of coverage that doesn't need skipping.
Move the VM-only subtests to TEST-87-AUX-UTILS-VM that is configured to only
run in VMs under both runners. This way we keep the existing tests as-is, and
we can add new VM-only tests without worrying. This is how the rest of the
tests are organized.
Yu Watanabe [Mon, 17 Feb 2025 17:08:10 +0000 (02:08 +0900)]
network/route: do not remove any foreign routes when KeepConfiguration=yes
Without this change, only foreign routes with RTPROT_KERNEL, RTPROT_STATIC,
RTPROT_DHCP, RTPROT_RA, and RTPROT_REDIRECT are kept, and foreign routes with
other protocol e.g. RTPROT_BOOT are removed even if KeepConfiguration=yes.
Daan De Meyer [Fri, 21 Feb 2025 21:41:26 +0000 (22:41 +0100)]
sbsign: Don't set bit in SpcPeImageData->flags
Neither sbsign nor pesign set this flag in SpcPeImageData->flags,
which is about which resources should be included specifying "Which
portions of the Windows PE file are hashed." according to the
authenticode spec. However, this is followed by "Although flags is
always present, it is ignored when calculating the file hash for both
signing and verification purposes". So as it doesn't seem to do
anything useful and the other tools don't set any of these flags
either, let's follow suite and not set this flag ourselves either.
Philip Withnall [Thu, 20 Feb 2025 18:15:43 +0000 (18:15 +0000)]
docs: Clarify that login1 signals are not emitted for convenience objects
While this is obvious if you spend a few minutes thinking about how
D-Bus signals work (in this case, they are broadcast from a system
service, so cannot apply to a specific user/session/seat), it’s a bit
easy to overlook this while putting code together which uses the login1
D-Bus API, so it’s helpful to point this hazard out specifically in the
docs.
The signals can only be emitted on the canonical objects. The
convenience objects are useful for method calls, as the calling context
can be used to dereference ‘self’ and ‘auto’, but this can’t work for
signals.
Luca Boccassi [Fri, 8 Nov 2024 22:41:09 +0000 (22:41 +0000)]
tools/dbus_exporter: set LD_ORIGIN_PATH if procfs is not available
The script runs the binaries which try to find the internal libs via /proc/self/exe due
to glibc's RPATH resolution and fail:
/var/cache/src/systemd/tools/dbus_exporter.py interfaces
/var/cache/src/systemd/build/systemd
/var/cache/src/systemd/build/systemd-homed
/var/cache/src/systemd/build/systemd-hostnamed
/var/cache/src/systemd/build/systemd-importd
/var/cache/src/systemd/build/systemd-localed
/var/cache/src/systemd/build/systemd-logind
/var/cache/src/systemd/build/systemd-machined
/var/cache/src/systemd/build/systemd-networkd
/var/cache/src/systemd/build/systemd-oomd
/var/cache/src/systemd/build/systemd-portabled
/var/cache/src/systemd/build/systemd-resolved
/var/cache/src/systemd/build/systemd-sysupdated
/var/cache/src/systemd/build/systemd-timedated
execve("/var/cache/src/systemd/build/systemd", ["/var/cache/src/systemd/build/sys"..., "--bus-introspect", "list"], 0x7ffc7ab68600 /* 20 vars */) = 0
brk(NULL) = 0x56265bf70000
mmap(NULL, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f56ced7f000
readlinkat(AT_FDCWD, "/proc/self/exe", 0x7ffedeaa7a90, 4096) = -1 ENOENT (No such file or directory)
access("/etc/ld.so.preload", R_OK) = -1 ENOENT (No such file or directory)
openat(AT_FDCWD, "/etc/ld.so.cache", O_RDONLY|O_CLOEXEC) = 3
fstat(3, {st_mode=S_IFREG|0644, st_size=20293, ...}) = 0
mmap(NULL, 20293, PROT_READ, MAP_PRIVATE, 3, 0) = 0x7f56ced7a000
close(3) = 0
openat(AT_FDCWD, "/lib/x86_64-linux-gnu/glibc-hwcaps/x86-64-v4/libsystemd-core-258.so", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory)
newfstatat(AT_FDCWD, "/lib/x86_64-linux-gnu/glibc-hwcaps/x86-64-v4/", 0x7ffedeaa80b0, 0) = -1 ENOENT (No such file or directory)
openat(AT_FDCWD, "/lib/x86_64-linux-gnu/glibc-hwcaps/x86-64-v3/libsystemd-core-258.so", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory)
newfstatat(AT_FDCWD, "/lib/x86_64-linux-gnu/glibc-hwcaps/x86-64-v3/", 0x7ffedeaa80b0, 0) = -1 ENOENT (No such file or directory)
openat(AT_FDCWD, "/lib/x86_64-linux-gnu/glibc-hwcaps/x86-64-v2/libsystemd-core-258.so", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory)
newfstatat(AT_FDCWD, "/lib/x86_64-linux-gnu/glibc-hwcaps/x86-64-v2/", 0x7ffedeaa80b0, 0) = -1 ENOENT (No such file or directory)
openat(AT_FDCWD, "/lib/x86_64-linux-gnu/libsystemd-core-258.so", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory)
newfstatat(AT_FDCWD, "/lib/x86_64-linux-gnu/", {st_mode=S_IFDIR|0755, st_size=19312, ...}, 0) = 0
openat(AT_FDCWD, "/usr/lib/x86_64-linux-gnu/glibc-hwcaps/x86-64-v4/libsystemd-core-258.so", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory)
newfstatat(AT_FDCWD, "/usr/lib/x86_64-linux-gnu/glibc-hwcaps/x86-64-v4/", 0x7ffedeaa80b0, 0) = -1 ENOENT (No such file or directory)
openat(AT_FDCWD, "/usr/lib/x86_64-linux-gnu/glibc-hwcaps/x86-64-v3/libsystemd-core-258.so", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory)
newfstatat(AT_FDCWD, "/usr/lib/x86_64-linux-gnu/glibc-hwcaps/x86-64-v3/", 0x7ffedeaa80b0, 0) = -1 ENOENT (No such file or directory)
openat(AT_FDCWD, "/usr/lib/x86_64-linux-gnu/glibc-hwcaps/x86-64-v2/libsystemd-core-258.so", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory)
newfstatat(AT_FDCWD, "/usr/lib/x86_64-linux-gnu/glibc-hwcaps/x86-64-v2/", 0x7ffedeaa80b0, 0) = -1 ENOENT (No such file or directory)
openat(AT_FDCWD, "/usr/lib/x86_64-linux-gnu/libsystemd-core-258.so", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory)
newfstatat(AT_FDCWD, "/usr/lib/x86_64-linux-gnu/", {st_mode=S_IFDIR|0755, st_size=19312, ...}, 0) = 0
openat(AT_FDCWD, "/lib/glibc-hwcaps/x86-64-v4/libsystemd-core-258.so", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory)
newfstatat(AT_FDCWD, "/lib/glibc-hwcaps/x86-64-v4/", 0x7ffedeaa80b0, 0) = -1 ENOENT (No such file or directory)
openat(AT_FDCWD, "/lib/glibc-hwcaps/x86-64-v3/libsystemd-core-258.so", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory)
newfstatat(AT_FDCWD, "/lib/glibc-hwcaps/x86-64-v3/", 0x7ffedeaa80b0, 0) = -1 ENOENT (No such file or directory)
openat(AT_FDCWD, "/lib/glibc-hwcaps/x86-64-v2/libsystemd-core-258.so", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory)
newfstatat(AT_FDCWD, "/lib/glibc-hwcaps/x86-64-v2/", 0x7ffedeaa80b0, 0) = -1 ENOENT (No such file or directory)
openat(AT_FDCWD, "/lib/libsystemd-core-258.so", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory)
newfstatat(AT_FDCWD, "/lib/", {st_mode=S_IFDIR|0755, st_size=642, ...}, 0) = 0
openat(AT_FDCWD, "/usr/lib/glibc-hwcaps/x86-64-v4/libsystemd-core-258.so", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory)
newfstatat(AT_FDCWD, "/usr/lib/glibc-hwcaps/x86-64-v4/", 0x7ffedeaa80b0, 0) = -1 ENOENT (No such file or directory)
openat(AT_FDCWD, "/usr/lib/glibc-hwcaps/x86-64-v3/libsystemd-core-258.so", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory)
newfstatat(AT_FDCWD, "/usr/lib/glibc-hwcaps/x86-64-v3/", 0x7ffedeaa80b0, 0) = -1 ENOENT (No such file or directory)
openat(AT_FDCWD, "/usr/lib/glibc-hwcaps/x86-64-v2/libsystemd-core-258.so", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory)
newfstatat(AT_FDCWD, "/usr/lib/glibc-hwcaps/x86-64-v2/", 0x7ffedeaa80b0, 0) = -1 ENOENT (No such file or directory)
openat(AT_FDCWD, "/usr/lib/libsystemd-core-258.so", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory)
newfstatat(AT_FDCWD, "/usr/lib/", {st_mode=S_IFDIR|0755, st_size=642, ...}, 0) = 0
writev(2, [{iov_base="/var/cache/src/systemd/build/sys"..., iov_len=36},
{iov_base=": ", iov_len=2},
{iov_base="error while loading shared libra"..., iov_len=36},
{iov_base=": ", iov_len=2},
{iov_base="libsystemd-core-258.so", iov_len=22},
{iov_base=": ", iov_len=2},
{iov_base="cannot open shared object file", iov_len=30},
{iov_base=": ", iov_len=2},
{iov_base="No such file or directory", iov_len=25},
{iov_base="\n", iov_len=1}],
10/var/cache/src/systemd/build/systemd: error while loading shared libraries: libsystemd-core-258.so: cannot open shared object file: No such file or directory
) = 158
Luca Boccassi [Thu, 13 Feb 2025 19:44:12 +0000 (19:44 +0000)]
ukify: if the specified kernel is not a valid PE file try to decompress it
On some distros on some architectures (e.g.: Ubuntu arm64) the kernel is shipped as
a gzipped file, which the UEFI firmware does not understand.
If pefile fails to parse it, try to decompress it.
Luca Boccassi [Thu, 13 Feb 2025 19:43:00 +0000 (19:43 +0000)]
ukify: fix zboot parsing with zstd
The header starts with 'zstd', not 'zstd22':
$ ukify build --linux vmlinuz-6.13+unreleased-cloud-arm64 --initrd /boot/initrd.img-6.12.12-amd64 --output uki
Kernel version not specified, starting autodetection 😖.
Real-Mode Kernel Header magic not found
+ readelf --notes vmlinuz-6.13+unreleased-cloud-arm64
readelf: Error: Not an ELF file - it has the wrong magic bytes at the start
Traceback (most recent call last):
File "/home/bluca/git/systemd/src/ukify/ukify.py", line 2510, in <module>
main()
~~~~^^
File "/home/bluca/git/systemd/src/ukify/ukify.py", line 2499, in main
make_uki(opts)
~~~~~~~~^^^^^^
File "/home/bluca/git/systemd/src/ukify/ukify.py", line 1328, in make_uki
opts.uname = Uname.scrape(linux, opts=opts)
~~~~~~~~~~~~^^^^^^^^^^^^^^^^^^
File "/home/bluca/git/systemd/src/ukify/ukify.py", line 384, in scrape
version = func(filename, opts=opts)
File "/home/bluca/git/systemd/src/ukify/ukify.py", line 374, in scrape_generic
text = maybe_decompress(filename)
File "/home/bluca/git/systemd/src/ukify/ukify.py", line 221, in maybe_decompress
return get_zboot_kernel(f)
File "/home/bluca/git/systemd/src/ukify/ukify.py", line 201, in get_zboot_kernel
raise NotImplementedError(f'unknown compressed type: {comp_type!r}')
NotImplementedError: unknown compressed type: b'zstd\x00\x00'
Luca Boccassi [Thu, 13 Feb 2025 19:38:45 +0000 (19:38 +0000)]
ukify: switch from zstd to zstandard
The zstd library does not support stream decompression, and it
requires the zstd header to contain extra metadata, that the kernel
build does not append:
$ file -k vmlinuz-6.13+unreleased-cloud-arm64
vmlinuz-6.13+unreleased-cloud-arm64: PE32+ executable (EFI application) Aarch64 (stripped to external PDB), for MS Windows, 2 sections\012- data
$ ukify build --linux vmlinuz-6.13+unreleased-cloud-arm64 --initrd /boot/initrd.img-6.12.12-amd64 --output uki
Kernel version not specified, starting autodetection 😖.
Real-Mode Kernel Header magic not found
+ readelf --notes vmlinuz-6.13+unreleased-cloud-arm64
readelf: Error: Not an ELF file - it has the wrong magic bytes at the start
Traceback (most recent call last):
File "/home/bluca/git/systemd/src/ukify/ukify.py", line 2508, in <module>
main()
~~~~^^
File "/home/bluca/git/systemd/src/ukify/ukify.py", line 2497, in main
make_uki(opts)
~~~~~~~~^^^^^^
File "/home/bluca/git/systemd/src/ukify/ukify.py", line 1326, in make_uki
opts.uname = Uname.scrape(linux, opts=opts)
~~~~~~~~~~~~^^^^^^^^^^^^^^^^^^
File "/home/bluca/git/systemd/src/ukify/ukify.py", line 382, in scrape
version = func(filename, opts=opts)
File "/home/bluca/git/systemd/src/ukify/ukify.py", line 372, in scrape_generic
text = maybe_decompress(filename)
File "/home/bluca/git/systemd/src/ukify/ukify.py", line 219, in maybe_decompress
return get_zboot_kernel(f)
File "/home/bluca/git/systemd/src/ukify/ukify.py", line 199, in get_zboot_kernel
return cast(bytes, zstd.uncompress(f.read(size)))
~~~~~~~~~~~~~~~^^^^^^^^^^^^^^
zstd.Error: Input data invalid or missing content size in frame header.
Daan De Meyer [Thu, 13 Feb 2025 12:03:39 +0000 (13:03 +0100)]
sysupdate: Don't use compression extension for UKIs in manpage
UKIs should generally not be compressed since the kernel image and
initrd in them will already be compressed so let's remove the compression
suffix from the examples in the sysupdate manpage.
Daan De Meyer [Wed, 19 Feb 2025 12:46:47 +0000 (13:46 +0100)]
mkosi: update fedora commit reference
* 6c7c4a510d Do not use dynamic spec generation for non-upstream builds
* 6201755b36 Allow co-installation of systemd-sysusers-standalone and systemd
* eba1721678 Split out -sysusers and -shared
* ac9c438e27 Use dynamic spec generation for triggers
* 3671a5cc79 Move more auxiliary files into subpackages
* 5c40e08728 Remove patch that is already upstream
* 49ec9f3286 Move some files into subpackages
* 2c0b984bf4 Version 257.3
* d66f997915 Add explicit BR: libxcrypt-devel
* 1ffa7bf7c7 Make Georgian mapping patch downstream-only
* de4ae54a34 Backport PR #36194 to add Georgian mapping to kbd-model-map
* cc9bce7893 Drop override of $PATH in the user manager
* d0973df863 Backport patch to emit audit events from systemd-sysusers
* e54ec2f978 Trim changelog entries that are not relevant to users
* c7fecc18eb Skip test_sysusers_defined on upstream builds
* f257050ddd Add a .editorconfig file
* aa5546e9ed Add a few mkosi artifact directories to .gitignore
* 01e5bc1c93 Set SBAT in sd-boot when building on OBS
* a7eec4d33d Run upstream integration test suite with Fedora CI
Daan De Meyer [Mon, 13 Jan 2025 15:18:33 +0000 (16:18 +0100)]
mkosi: update fedora commit reference
* fd36e4c562 Rebuilt for the bin-sbin merge (2nd attempt)
* cddeca136f Rebuilt for the bin-sbin merge (2nd attempt)
* 20cc578e59 Enable signing systemd-boot on OBS builds
* b1bd57ecce Revert use of PrivateTmp=disconnected
* 30f50b1870 Drop patch numbers
* 1814bfe794 remove STI test
* 3a9c32b8a9 Version 257.2
* 4df2711a9f Add bcond for OBS-specific quirks
* e570cd53df spec: drop trailing whitespace
* c7379c9460 Replace 'udevadm hwdb' with systemd-hwdb
* 3386f5d704 Rename source .abignore file
* fd860fd12d Drop a build dependency on a linter package: pytest-flakes
* 133ae30e33 Drop patches based on %upstream macro instead of patch number
* e157552c6c Always build in release mode
* fc47a92e4a Re-enable upstream behaviour of systemd-tmpfiles --purge
* 62abb21906 Version 257.1
* 35e6814ef4 Add patch for test-time-util
* bd8339bf00 sysusers: support new ! line flag for creating fully locked accounts
* c2f5f4a68a Version 257
* 31aaef8e17 Enable slow tests during build
Daan De Meyer [Mon, 13 Jan 2025 15:11:07 +0000 (16:11 +0100)]
mkosi: update arch commit reference
* 8160e63e52 Limit logic required for building locally
* 3a62443e41 OBS build: add support for xz and zst compression formats
* 9667464ad7 Get rid of _tag variable
* 73dc492b5e upgpkg: 257.2-2: rebuild with changes for service restart
* 6b7355b5bb do not restart any templated units
* 332718f955 exclude vmspawn units from restart as well
* 5a749a6716 exclude systemd-nspawn@* services from restart
* 8a10796f8b upgpkg: 257.2-1: new upstream release
* 16294a0b44 Add support for building from git in OBS
* 38b664eed4 upgpkg: 257.1-1: new upstream release
* e26158dda9 upgpkg: 257-1: new upstream release
* c984b75c3f restart services after upgrade...
* 27fae2c192 upgpkg: 256.9-1: new upstream release
* 1afdd08a60 upgpkg: 256.8-2: apply: shutdown: close DM block device before issuing DM_DEV_REMOVE ioctl
projects / thirdparty / systemd.git / log
