`KernelModulesInitrdIncludeHost=` to only include modules loaded on
the host system in the image/initrd respectively.
- Implemented `RemovePackages=` for Arch Linux.
-- Added `useradd` script to configure `useradd` to operate on the image
- during builds instead on the host.
+- Added `useradd` and `groupadd` scripts to configure these binaries to
+ operate on the image during builds instead on the host.
- Added microcode support. If installed into the image, an early
microcode initrd will automatically be built and prepended to the
initrd.
scripts: dict[str, Sequence[PathString]] = {}
if find_binary("git"):
scripts["git"] = ("git", "-c", "safe.directory=*")
- if find_binary("useradd"):
- scripts["useradd"] = ("useradd", "--root", context.root)
+ for binary in ("useradd", "groupadd"):
+ if find_binary(binary):
+ scripts[binary] = (binary, "--root", context.root)
return finalize_scripts(scripts | helpers | package_manager_scripts(context))
* `git` is automatically invoked with `safe.directory=*` to avoid
permissions errors when running as the root user in a user namespace.
-* `useradd` is automatically invoked with `--root=$BUILDROOT` when
- executed outside of the image.
+* `useradd` and `groupadd` are automatically invoked with
+ `--root=$BUILDROOT` when executed outside of the image.
When scripts are executed, any directories that are still writable are
also made read-only (`/home`, `/var`, `/root`, ...) and only the minimal
projects / thirdparty / mkosi.git / commitdiff
