pyrox.dev / nixpkgs
lol
fork atom

mkosi: 25.3 -> 25.3-unstable-2025-04-01

Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com>

Moritz Sanft ef4cdcad e869e162

+39 -31
unified split
+28 -20
pkgs/tools/virtualization/mkosi/0001-Use-wrapped-binaries-instead-of-Python-interpreter.patch
··· 7 8 Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> 9 --- 10 - mkosi/__init__.py | 10 +++++----- 11 mkosi/bootloader.py | 5 +---- 12 mkosi/run.py | 8 ++++---- 13 - 3 files changed, 10 insertions(+), 13 deletions(-) 14 15 diff --git a/mkosi/__init__.py b/mkosi/__init__.py 16 - index c5f785d4f18564378021352fde76be62078324ed..580a5c6464397be5a1977b794d7c044724d43490 100644 17 --- a/mkosi/__init__.py 18 +++ b/mkosi/__init__.py 19 - @@ -658,7 +658,7 @@ def script_maybe_chroot_sandbox( 20 21 helpers = { 22 "mkosi-chroot": [ ··· 25 "--bind", "/buildroot", "/", 26 "--bind", "/var/tmp", "/var/tmp", 27 *apivfs_options(root=Path("/")), 28 - @@ -1534,7 +1534,7 @@ def run_ukify( 29 - options: Sequence[PathString] = (), 30 sign: bool = True, 31 - ) -> None: 32 - ukify = context.config.find_binary("ukify", "/usr/lib/systemd/ukify") 33 + ukify = context.config.find_binary("ukify", "@UKIFY@") 34 if not ukify: 35 die("Could not find ukify") 36 37 - @@ -1629,7 +1629,7 @@ def build_uki( 38 profiles: Sequence[Path], 39 output: Path, 40 - ) -> None: 41 - if not (ukify := context.config.find_binary("ukify", "/usr/lib/systemd/ukify")): 42 + if not (ukify := context.config.find_binary("ukify", "@UKIFY@")): 43 die("Could not find ukify") 44 45 - arguments: list[PathString] = [ 46 - @@ -1764,7 +1764,7 @@ def want_uki(context: Context) -> bool: 47 or ( 48 context.config.unified_kernel_images == ConfigFeature.auto 49 and systemd_stub_binary(context).exists() ··· 52 ) 53 ) 54 55 - @@ -2641,7 +2641,7 @@ def check_ukify( 56 reason: str, 57 hint: Optional[str] = None, 58 ) -> None: ··· 62 v = systemd_tool_version(python_binary(config), ukify, sandbox=config.sandbox) 63 if v < version: 64 diff --git a/mkosi/bootloader.py b/mkosi/bootloader.py 65 - index 87a56cc03cc42df41babfe15195e84ab956a3a21..060d3816a5cc287ea61df55fd0696e49b621908f 100644 66 --- a/mkosi/bootloader.py 67 +++ b/mkosi/bootloader.py 68 - @@ -264,10 +264,7 @@ def find_signed_grub_image(context: Context) -> Optional[Path]: 69 70 71 def python_binary(config: Config) -> PathString: ··· 78 79 def extract_pe_section(context: Context, binary: Path, section: str, output: Path) -> Path: 80 diff --git a/mkosi/run.py b/mkosi/run.py 81 - index a0e2b9cf00b5e9e9d14b570b052f1b2807b46407..fe1a1cdee6f9a586a85a6894d7a97fa5688b29f7 100644 82 --- a/mkosi/run.py 83 +++ b/mkosi/run.py 84 - @@ -378,7 +378,7 @@ def finalize_path( 85 # Make sure that /usr/bin and /usr/sbin are always in $PATH. 86 path += [s for s in ("/usr/bin", "/usr/sbin") if s not in path] 87 else: ··· 90 91 if prefix_usr: 92 path = [os.fspath(root / s.lstrip("/")) if s in ("/usr/bin", "/usr/sbin") else s for s in path] 93 - @@ -564,7 +564,7 @@ def sandbox_cmd( 94 cmdline: list[PathString] = [ 95 *setup, 96 *(["strace", "--detach-on=execve"] if ARG_DEBUG_SANDBOX.get() else []), ··· 99 "--proc", "/proc", 100 # We mounted a subdirectory of TMPDIR to /var/tmp so we unset TMPDIR so that /tmp or /var/tmp are 101 # used instead. 102 - @@ -730,7 +730,7 @@ def chroot_options() -> list[PathString]: 103 "--unshare-ipc", 104 "--setenv", "container", "mkosi", 105 "--setenv", "HOME", "/", ··· 108 "--setenv", "BUILDROOT", "/", 109 ] # fmt: skip 110 111 - @@ -744,7 +744,7 @@ def chroot_cmd( 112 ) -> Iterator[list[PathString]]: 113 with vartmpdir() as dir, resource_path(sys.modules[__package__ or __name__]) as module: 114 cmdline: list[PathString] = [ 115 - sys.executable, "-SI", module / "sandbox.py", 116 + @MKOSI_SANDBOX@, 117 - "--bind", root, "/", 118 # We mounted a subdirectory of TMPDIR to /var/tmp so we unset TMPDIR so that /tmp or /var/tmp are 119 # used instead.
··· 7 8 Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> 9 --- 10 + mkosi/__init__.py | 11 +++++------ 11 mkosi/bootloader.py | 5 +---- 12 mkosi/run.py | 8 ++++---- 13 + 3 files changed, 10 insertions(+), 14 deletions(-) 14 15 diff --git a/mkosi/__init__.py b/mkosi/__init__.py 16 + index 65cac772bf1fc9feabec5740ed89a958ba406125..12b29061c819d50559132aa6c3b6f24a12945bb9 100644 17 --- a/mkosi/__init__.py 18 +++ b/mkosi/__init__.py 19 + @@ -702,7 +702,7 @@ def script_maybe_chroot_sandbox( 20 21 helpers = { 22 "mkosi-chroot": [ ··· 25 "--bind", "/buildroot", "/", 26 "--bind", "/var/tmp", "/var/tmp", 27 *apivfs_options(root=Path("/")), 28 + @@ -1593,7 +1593,7 @@ def run_ukify( 29 sign: bool = True, 30 + json_out: bool = False, 31 + ) -> dict[str, Any]: 32 - ukify = context.config.find_binary("ukify", "/usr/lib/systemd/ukify") 33 + ukify = context.config.find_binary("ukify", "@UKIFY@") 34 if not ukify: 35 die("Could not find ukify") 36 37 + @@ -1605,7 +1605,6 @@ def run_ukify( 38 + (context.workspace / "cmdline").write_text(f"{' '.join(cmdline)}\x00") 39 + 40 + cmd = [ 41 + - python_binary(context.config), 42 + ukify, 43 + "build", 44 + *arguments, 45 + @@ -1700,7 +1699,7 @@ def build_uki( 46 profiles: Sequence[Path], 47 output: Path, 48 + ) -> dict[str, Any]: 49 - if not (ukify := context.config.find_binary("ukify", "/usr/lib/systemd/ukify")): 50 + if not (ukify := context.config.find_binary("ukify", "@UKIFY@")): 51 die("Could not find ukify") 52 53 + json_out = False 54 + @@ -1887,7 +1886,7 @@ def want_uki(context: Context) -> bool: 55 or ( 56 context.config.unified_kernel_images == ConfigFeature.auto 57 and systemd_stub_binary(context).exists() ··· 60 ) 61 ) 62 63 + @@ -2769,7 +2768,7 @@ def check_ukify( 64 reason: str, 65 hint: Optional[str] = None, 66 ) -> None: ··· 70 v = systemd_tool_version(python_binary(config), ukify, sandbox=config.sandbox) 71 if v < version: 72 diff --git a/mkosi/bootloader.py b/mkosi/bootloader.py 73 + index 6f112b854f72a8863dc5e7348f0154851d3dda96..8fdf2c5df7950c032bfcd36d89f7824e86ec9173 100644 74 --- a/mkosi/bootloader.py 75 +++ b/mkosi/bootloader.py 76 + @@ -268,10 +268,7 @@ def find_signed_grub_image(context: Context) -> Optional[Path]: 77 78 79 def python_binary(config: Config) -> PathString: ··· 86 87 def extract_pe_section(context: Context, binary: Path, section: str, output: Path) -> Path: 88 diff --git a/mkosi/run.py b/mkosi/run.py 89 + index 422006d889802182d7e2f1734b2c342318583e7b..b9a1490bcd7780fea75d834e3ea4fb9a7033cc51 100644 90 --- a/mkosi/run.py 91 +++ b/mkosi/run.py 92 + @@ -277,7 +277,7 @@ def finalize_path( 93 # Make sure that /usr/bin and /usr/sbin are always in $PATH. 94 path += [s for s in ("/usr/bin", "/usr/sbin") if s not in path] 95 else: ··· 98 99 if prefix_usr: 100 path = [os.fspath(root / s.lstrip("/")) if s in ("/usr/bin", "/usr/sbin") else s for s in path] 101 + @@ -463,7 +463,7 @@ def sandbox_cmd( 102 cmdline: list[PathString] = [ 103 *setup, 104 *(["strace", "--detach-on=execve"] if ARG_DEBUG_SANDBOX.get() else []), ··· 107 "--proc", "/proc", 108 # We mounted a subdirectory of TMPDIR to /var/tmp so we unset TMPDIR so that /tmp or /var/tmp are 109 # used instead. 110 + @@ -633,7 +633,7 @@ def chroot_options() -> list[PathString]: 111 "--unshare-ipc", 112 "--setenv", "container", "mkosi", 113 "--setenv", "HOME", "/", ··· 116 "--setenv", "BUILDROOT", "/", 117 ] # fmt: skip 118 119 + @@ -647,7 +647,7 @@ def chroot_cmd( 120 ) -> Iterator[list[PathString]]: 121 with vartmpdir() as dir, resource_path(sys.modules[__package__ or __name__]) as module: 122 cmdline: list[PathString] = [ 123 - sys.executable, "-SI", module / "sandbox.py", 124 + @MKOSI_SANDBOX@, 125 + *root("/"), 126 # We mounted a subdirectory of TMPDIR to /var/tmp so we unset TMPDIR so that /tmp or /var/tmp are 127 # used instead.
+6 -6
pkgs/tools/virtualization/mkosi/0002-Fix-library-resolving.patch
··· 11 1 file changed, 2 insertions(+), 2 deletions(-) 12 13 diff --git a/mkosi/sandbox.py b/mkosi/sandbox.py 14 - index bfcdb8bc62090235ebbe797982493194b575a5c0..4efee355a5f1ae036ccc5ba39595129a32705ee7 100755 15 --- a/mkosi/sandbox.py 16 +++ b/mkosi/sandbox.py 17 - @@ -86,7 +86,7 @@ class cap_user_data_t(ctypes.Structure): 18 ] 19 20 ··· 23 24 libc.syscall.restype = ctypes.c_long 25 libc.unshare.argtypes = (ctypes.c_int,) 26 - @@ -198,7 +198,7 @@ def seccomp_suppress_chown() -> None: 27 - owned by their own uid. To still allow non-root users to build images, if requested we install 28 - a seccomp filter that makes calls to chown() and friends a noop. 29 - """ 30 - libseccomp = ctypes.CDLL("libseccomp.so.2") 31 + libseccomp = ctypes.CDLL("@LIBSECCOMP@") 32 if libseccomp is None:
··· 11 1 file changed, 2 insertions(+), 2 deletions(-) 12 13 diff --git a/mkosi/sandbox.py b/mkosi/sandbox.py 14 + index c79b48739f3d7127375274bc0b1ef3463cae9032..1d7ad421f4534e25c6456c3a169ea9189668aefd 100755 15 --- a/mkosi/sandbox.py 16 +++ b/mkosi/sandbox.py 17 + @@ -92,7 +92,7 @@ class cap_user_data_t(ctypes.Structure): 18 ] 19 20 ··· 23 24 libc.syscall.restype = ctypes.c_long 25 libc.unshare.argtypes = (ctypes.c_int,) 26 + @@ -221,7 +221,7 @@ def seccomp_suppress(*, chown: bool = False, sync: bool = False) -> None: 27 + if not chown and not sync: 28 + return 29 + 30 - libseccomp = ctypes.CDLL("libseccomp.so.2") 31 + libseccomp = ctypes.CDLL("@LIBSECCOMP@") 32 if libseccomp is None:
+2 -2
pkgs/tools/virtualization/mkosi/0003-Fix-QEMU-firmware-path.patch
··· 9 1 file changed, 1 insertion(+), 1 deletion(-) 10 11 diff --git a/mkosi/qemu.py b/mkosi/qemu.py 12 - index 7be900f4e99d0db94fec6dfb2534ed23a6edcf80..e2c741d720bca5bf878ca229119471cacb72d3e1 100644 13 --- a/mkosi/qemu.py 14 +++ b/mkosi/qemu.py 15 - @@ -199,7 +199,7 @@ def find_ovmf_firmware(config: Config, firmware: Firmware) -> Optional[OvmfConfi 16 if not firmware.is_uefi(): 17 return None 18
··· 9 1 file changed, 1 insertion(+), 1 deletion(-) 10 11 diff --git a/mkosi/qemu.py b/mkosi/qemu.py 12 + index 0c406d818a9fa9dcce3be97d0c89e9df0d2a96fa..c134ab4a8bfba1e3564c831a5069be52d90ee15a 100644 13 --- a/mkosi/qemu.py 14 +++ b/mkosi/qemu.py 15 + @@ -211,7 +211,7 @@ def find_ovmf_firmware(config: Config, firmware: Firmware) -> Optional[OvmfConfi 16 if not firmware.is_uefi(): 17 return None 18
+3 -3
pkgs/tools/virtualization/mkosi/default.nix
··· 66 in 67 buildPythonApplication rec { 68 pname = "mkosi"; 69 - version = "25.3"; 70 format = "pyproject"; 71 72 outputs = [ ··· 77 src = fetchFromGitHub { 78 owner = "systemd"; 79 repo = "mkosi"; 80 - tag = "v${version}"; 81 - hash = "sha256-CTOVFZORLrVqehhPCgOoEaU3fhwu8fO8jGDNLxoELgE="; 82 }; 83 84 patches =
··· 66 in 67 buildPythonApplication rec { 68 pname = "mkosi"; 69 + version = "25.3-unstable-2025-04-01"; 70 format = "pyproject"; 71 72 outputs = [ ··· 77 src = fetchFromGitHub { 78 owner = "systemd"; 79 repo = "mkosi"; 80 + rev = "21850673a7f75125d516268ce379dae776dd816a"; 81 + hash = "sha256-3dhr9lFJpI8aN8HILaMvGuuTbmTVUqdaLAGxSpqciTs="; 82 }; 83 84 patches =