From 35f6e5c3278bda935b67249a9ee61e9f6252bb6f Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= Date: Tue, 4 Jun 2024 15:10:15 +0200 Subject: [PATCH 1/4] tools/update-distro-hash: add a helper script to sync submodule --- tools/update-distro-hash.py | 89 +++++++++++++++++++++++++++++++++++++ 1 file changed, 89 insertions(+) create mode 100755 tools/update-distro-hash.py diff --git a/tools/update-distro-hash.py b/tools/update-distro-hash.py new file mode 100755 index 0000000000..16ed2e707a --- /dev/null +++ b/tools/update-distro-hash.py @@ -0,0 +1,89 @@ +#!/usr/bin/env python3 +# SPDX-License-Identifier: LGPL-2.1-or-later + +""" +Fetch commits for pkg/{distribution} and, if changed, commit the latest hash. +""" + +import argparse +import json +import shlex +import subprocess +from pathlib import Path + +def parse_args(): + p = argparse.ArgumentParser( + description=__doc__, + ) + p.add_argument( + 'distribution', + nargs='+', + ) + p.add_argument( + '--no-fetch', + dest='fetch', + action='store_false', + default=True, + ) + return p.parse_args() + +def read_config(distro: str): + cmd = ['mkosi', '--json', '-d', distro, 'summary'] + print(f"+ {shlex.join(cmd)}") + text = subprocess.check_output(cmd, text=True) + + data = json.loads(text) + return data['Images'][-1] + +def commit_file(distro: str, file: Path, commit: str, changes: str): + message = '\n'.join(( + f'mkosi: update {distro} commit reference', + '', + changes)) + + cmd = ['git', 'commit', '-m', message, str(file)] + print(f"+ {shlex.join(cmd)}") + subprocess.check_call(cmd) + +def update_distro(args, distro: str): + cmd = ['git', '-C', f'pkg/{distro}', 'fetch'] + print(f"+ {shlex.join(cmd)}") + subprocess.check_call(cmd) + + config = read_config(distro) + + branch = config['Environment']['GIT_BRANCH'] + old_commit = config['Environment']['GIT_COMMIT'] + + cmd = ['git', '-C', f'pkg/{distro}', 'rev-parse', f'refs/remotes/origin/{branch}'] + print(f"+ {shlex.join(cmd)}") + new_commit = subprocess.check_output(cmd, text=True).strip() + + if old_commit == new_commit: + print(f'{distro}: commit {new_commit!s} is still fresh') + return + + cmd = ['git', '-C', f'pkg/{distro}', 'log', '--graph', + '--pretty=oneline', '--no-decorate', '--abbrev-commit', '--abbrev=10', + f'{old_commit}..{new_commit}'] + print(f"+ {shlex.join(cmd)}") + changes = subprocess.check_output(cmd, text=True).strip() + + conf_dir = Path('mkosi.images/system/mkosi.conf.d') + files = conf_dir.glob('*/*.conf') + for file in files: + s = file.read_text() + if old_commit in s: + print(f'{distro}: {file}: found old hash, updating…') + new = s.replace(old_commit, new_commit) + assert new != s + file.write_text(new) + commit_file(distro, file, new_commit, changes) + break + else: + raise ValueError(f'{distro}: hash {new_commit} not found under {conf_dir}') + +if __name__ == '__main__': + args = parse_args() + for distro in args.distribution: + update_distro(args, distro) From 2f3ae702a1ac0bd1b3136fa73ac3f431efe815a7 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= Date: Tue, 4 Jun 2024 15:25:03 +0200 Subject: [PATCH 2/4] mkosi: set -o nounset for scripts Those scripts are written with the expectation that all input variables are set and will not behave correctly if something is ommitted. In particular, the non-chrooted scripts (mkosi.clean, mkosi.sync) might wreak havoc if called without the full environment. --- mkosi.images/system/mkosi.clean | 1 + mkosi.images/system/mkosi.postinst.chroot | 1 + mkosi.images/system/mkosi.sanitizers.chroot | 5 +++-- mkosi.images/system/mkosi.sync | 3 ++- 4 files changed, 7 insertions(+), 3 deletions(-) diff --git a/mkosi.images/system/mkosi.clean b/mkosi.images/system/mkosi.clean index cb716c41f7..64810b7957 100755 --- a/mkosi.images/system/mkosi.clean +++ b/mkosi.images/system/mkosi.clean @@ -1,4 +1,5 @@ #!/bin/bash set -e +set -o nounset rm -f "$OUTPUTDIR"/*.{rpm,deb,pkg.tar} diff --git a/mkosi.images/system/mkosi.postinst.chroot b/mkosi.images/system/mkosi.postinst.chroot index 397884b720..acb4e631e9 100755 --- a/mkosi.images/system/mkosi.postinst.chroot +++ b/mkosi.images/system/mkosi.postinst.chroot @@ -1,6 +1,7 @@ #!/bin/bash # SPDX-License-Identifier: LGPL-2.1-or-later set -e +set -o nounset if command -v authselect >/dev/null; then # authselect 1.5.0 renamed the minimal profile to the local profile without keeping backwards compat so diff --git a/mkosi.images/system/mkosi.sanitizers.chroot b/mkosi.images/system/mkosi.sanitizers.chroot index 854a419933..524e3dadb1 100755 --- a/mkosi.images/system/mkosi.sanitizers.chroot +++ b/mkosi.images/system/mkosi.sanitizers.chroot @@ -1,8 +1,9 @@ #!/bin/bash # SPDX-License-Identifier: LGPL-2.1-or-later set -e +set -o nounset -if [[ -z "$SANITIZERS" ]]; then +if [[ -z "${SANITIZERS:-}" ]]; then exit 0 fi @@ -18,7 +19,7 @@ EOF # ASAN and syscall filters aren't compatible with each other. find /usr /etc -name '*.service' -type f -exec sed -i 's/^\(MemoryDeny\|SystemCall\)/# \1/' {} + -# `systemd-hwdb update` takes > 50s when built with sanitizers so let's not run it by default. +# 'systemd-hwdb update' takes > 50s when built with sanitizers so let's not run it by default. systemctl mask systemd-hwdb-update.service ASAN_RT_PATH="$(grep libasan.so < <(ldd /usr/lib/systemd/systemd) | cut -d ' ' -f 3)" diff --git a/mkosi.images/system/mkosi.sync b/mkosi.images/system/mkosi.sync index a4f0ab94ec..6856af7c6b 100755 --- a/mkosi.images/system/mkosi.sync +++ b/mkosi.images/system/mkosi.sync @@ -1,8 +1,9 @@ #!/bin/bash # SPDX-License-Identifier: LGPL-2.1-or-later set -e +set -o nounset -if ((NO_SYNC)); then +if ((${NO_SYNC:-0})); then exit 0 fi From 7d3cc45a53b3ff88f7c0157cdd2a86f8795f029b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= Date: Thu, 6 Jun 2024 10:01:43 +0200 Subject: [PATCH 3/4] mkosi: update debian commit reference * 5b9607385d debian/tests/storage: without scsi_debug, skip test * 8a195a6327 debian/extra: use a dropin to configure Nice=-1 on systemd-journald.service * 5436d49288 debian/extra: use a drop-in resolved.conf to configure Cache=no-negative * 596a99d2d3 debian/extra: set ManagedOOMSwap=auto on -.slice * 07ba81b14d LimitCORE: restore default hard limit to infinity * df3a9a91e8 Restart managers on libc-upgrade dpkg trigger --- mkosi.images/system/mkosi.conf.d/10-debian-ubuntu/mkosi.conf | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/mkosi.images/system/mkosi.conf.d/10-debian-ubuntu/mkosi.conf b/mkosi.images/system/mkosi.conf.d/10-debian-ubuntu/mkosi.conf index 386c1923a5..abb55884ee 100644 --- a/mkosi.images/system/mkosi.conf.d/10-debian-ubuntu/mkosi.conf +++ b/mkosi.images/system/mkosi.conf.d/10-debian-ubuntu/mkosi.conf @@ -8,7 +8,7 @@ Distribution=|ubuntu Environment= GIT_URL=https://salsa.debian.org/systemd-team/systemd.git GIT_BRANCH=debian/master - GIT_COMMIT=1ac6c92c9633fe6fd47f34119c04cae36da14d6a + GIT_COMMIT=5b9607385d49c09440e6e3b35c03ceec73162aec VolatilePackages= libnss-myhostname From 531e0f54813233ee619561a95ab1a1ba4951acda Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= Date: Thu, 6 Jun 2024 10:01:46 +0200 Subject: [PATCH 4/4] mkosi: update fedora commit reference * 1f94b56cee Partially backport PR #33016 to fix crashes in KDE 6.3.0 --- mkosi.images/system/mkosi.conf.d/10-fedora/mkosi.conf | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/mkosi.images/system/mkosi.conf.d/10-fedora/mkosi.conf b/mkosi.images/system/mkosi.conf.d/10-fedora/mkosi.conf index 7b122e3c69..689fe7d5c7 100644 --- a/mkosi.images/system/mkosi.conf.d/10-fedora/mkosi.conf +++ b/mkosi.images/system/mkosi.conf.d/10-fedora/mkosi.conf @@ -7,7 +7,7 @@ Distribution=fedora Environment= GIT_URL=https://src.fedoraproject.org/rpms/systemd.git GIT_BRANCH=rawhide - GIT_COMMIT=74810c5bc4fe7d872e54c253447ffd61bbc8839f + GIT_COMMIT=1f94b56cee818068f57debfd78f035edd29f0e61 Packages= btrfs-progs