From 5ec2ba5d2fb3bd31f269525b852fe7eac9d0024a Mon Sep 17 00:00:00 2001
From: Daan De Meyer <daan.j.demeyer@gmail.com>
Date: Thu, 10 Apr 2025 15:09:13 +0200
Subject: [PATCH 1/3] mkosi: update debian commit reference to
 11efce9445f987f1e588719c182a93794eba2565

* 11efce9445 Install /usr/share/factory for upstream profile
* 4c3d753649 d/t/upstream: copy mkosi key from mkosi/ subdir if it exists
* 00f2ab1bce Install etc.conf tmpfiles.d in upstream builds
* dcf5869729 Refresh patch for upstream review changes
* f94714d8cc d/copyright: use GPL URL instead of old FSF postal address
* bf005e69f5 Update changelog for 257.5-2 release
* 709e474e5b Backport new patch to workaround /lib64 symlink incompatibility
* fa6c61db40 Update changelog for 257.5-1 release
* 9c9ca29ceb Remove conflicts with dracut:arm64 and build nspawn:arm64 again
* 5899bcc55d Update changelog for 257.5-1 release
* dd5cb92d08 Drop backports, included in 257.5
* c1373fb99e d/t/upstream: run mkosi genkey before summary
* 223d7a412a Install new files for upstream
* b9d337abd9 Use Conflicts instead of Breaks/Replaces for file move
* 9379847813 d/t/upstream: write mkosi.local.conf in subdir if the rest of the configs are in subdir
* 86fc24b565 d/t/upstream: do not fail if 10-root.conf is not present
---
 mkosi/mkosi.conf.d/debian-ubuntu/mkosi.conf.d/pkgenv.conf | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/mkosi/mkosi.conf.d/debian-ubuntu/mkosi.conf.d/pkgenv.conf b/mkosi/mkosi.conf.d/debian-ubuntu/mkosi.conf.d/pkgenv.conf
index 5fb77a871d..4f52046b02 100644
--- a/mkosi/mkosi.conf.d/debian-ubuntu/mkosi.conf.d/pkgenv.conf
+++ b/mkosi/mkosi.conf.d/debian-ubuntu/mkosi.conf.d/pkgenv.conf
@@ -9,5 +9,5 @@ Environment=
         GIT_URL=https://salsa.debian.org/systemd-team/systemd.git
         GIT_SUBDIR=debian
         GIT_BRANCH=debian/master
-        GIT_COMMIT=46432631232015b78071f84e5a3fb944621c83f7
+        GIT_COMMIT=11efce9445f987f1e588719c182a93794eba2565
         PKG_SUBDIR=debian

From 8b1c66f72c25741a05b4418dd2400f2c52bead89 Mon Sep 17 00:00:00 2001
From: Daan De Meyer <daan.j.demeyer@gmail.com>
Date: Wed, 9 Apr 2025 15:27:51 +0200
Subject: [PATCH 2/3] mkosi: Rely on tmpfiles to put nsswitch.conf in place

Let's rely on tmpfiles to put our nsswitch.conf in place instead of
doing it in the post-install script. This moves us one step closer
to being able to build the mkosi image without having the source
tree available when NO_BUILD is used.
---
 mkosi/mkosi.postinst.chroot | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/mkosi/mkosi.postinst.chroot b/mkosi/mkosi.postinst.chroot
index 3a021bffd9..1d4c5f4451 100755
--- a/mkosi/mkosi.postinst.chroot
+++ b/mkosi/mkosi.postinst.chroot
@@ -34,8 +34,9 @@ done
 # systemd-journald.
 rm -rf "$BUILDROOT/var/log/journal"
 
+# Make sure our own nsswitch.conf from the repository is used instead of the distribution's by deleting the
+# distribution's and relying on tmpfiles to put ours in place during boot.
 rm -f /etc/nsswitch.conf
-cp "$SRCDIR/factory/etc/nsswitch.conf" /etc/nsswitch.conf
 
 # Remove to make TEST-73-LOCALE pass on Ubuntu.
 rm -f /etc/default/keyboard

From e2b01571d01dd120584f7be93e2cfdd7f87296d3 Mon Sep 17 00:00:00 2001
From: Daan De Meyer <daan.j.demeyer@gmail.com>
Date: Wed, 9 Apr 2025 15:31:21 +0200
Subject: [PATCH 3/3] mkosi: Move TEST-24-CRYPTSETUP files to mkosi/ directory

If the integration tests have been installed in the systemd-tests
package, the path to these in mkosi.postinst.chroot will be wrong.
Let's fix the issue by moving these files into the mkosi/ directory
as they're only used by mkosi regardless so they make more sense to
be there anyway.
---
 .../keydev.repart/00-root.conf                            | 0
 .../mkosi.credentials}/keyfile                            | 0
 mkosi/mkosi.postinst.chroot                               | 8 ++++----
 .../TEST-24-CRYPTSETUP => mkosi}/template.cfg             | 0
 test/integration-tests/TEST-24-CRYPTSETUP/meson.build     | 1 -
 5 files changed, 4 insertions(+), 5 deletions(-)
 rename {test/integration-tests/TEST-24-CRYPTSETUP => mkosi}/keydev.repart/00-root.conf (100%)
 rename {test/integration-tests/TEST-24-CRYPTSETUP => mkosi/mkosi.credentials}/keyfile (100%)
 rename {test/integration-tests/TEST-24-CRYPTSETUP => mkosi}/template.cfg (100%)

diff --git a/test/integration-tests/TEST-24-CRYPTSETUP/keydev.repart/00-root.conf b/mkosi/keydev.repart/00-root.conf
similarity index 100%
rename from test/integration-tests/TEST-24-CRYPTSETUP/keydev.repart/00-root.conf
rename to mkosi/keydev.repart/00-root.conf
diff --git a/test/integration-tests/TEST-24-CRYPTSETUP/keyfile b/mkosi/mkosi.credentials/keyfile
similarity index 100%
rename from test/integration-tests/TEST-24-CRYPTSETUP/keyfile
rename to mkosi/mkosi.credentials/keyfile
diff --git a/mkosi/mkosi.postinst.chroot b/mkosi/mkosi.postinst.chroot
index 1d4c5f4451..32d2ad00f6 100755
--- a/mkosi/mkosi.postinst.chroot
+++ b/mkosi/mkosi.postinst.chroot
@@ -59,8 +59,8 @@ SYSTEMD_REPART_MKFS_OPTIONS_EXT4="" \
     --dry-run=no \
     --size=auto \
     --offline=true \
-    --root test/integration-tests/TEST-24-CRYPTSETUP \
-    --definitions test/integration-tests/TEST-24-CRYPTSETUP/keydev.repart \
+    --root mkosi/mkosi.credentials \
+    --definitions mkosi/keydev.repart \
     "$OUTPUTDIR/keydev.raw"
 
 can_test_pkcs11() {
@@ -133,7 +133,7 @@ EOF
     certtool --generate-self-signed \
       --load-privkey="pkcs11:token=TestToken;object=RSATestKey;type=private" \
       --load-pubkey="pkcs11:token=TestToken;object=RSATestKey;type=public" \
-      --template "test/integration-tests/TEST-24-CRYPTSETUP/template.cfg" \
+      --template "mkosi/template.cfg" \
       --outder --outfile "/tmp/rsa_test.crt"
 
     pkcs11-tool --module "$SOFTHSM_MODULE" --token-label "TestToken" --pin "env:GNUTLS_PIN" --so-pin "env:GNUTLS_SO_PIN" --write-object "/tmp/rsa_test.crt" --type cert --label "RSATestKey"
@@ -145,7 +145,7 @@ EOF
     certtool --generate-self-signed \
       --load-privkey="pkcs11:token=TestToken;object=ECTestKey;type=private" \
       --load-pubkey="pkcs11:token=TestToken;object=ECTestKey;type=public" \
-      --template "test/integration-tests/TEST-24-CRYPTSETUP/template.cfg" \
+      --template "mkosi/template.cfg" \
       --outder --outfile "/tmp/ec_test.crt"
 
     pkcs11-tool --module "$SOFTHSM_MODULE" --token-label "TestToken" --pin "env:GNUTLS_PIN" --so-pin "env:GNUTLS_SO_PIN" --write-object "/tmp/ec_test.crt" --type cert --label "ECTestKey"
diff --git a/test/integration-tests/TEST-24-CRYPTSETUP/template.cfg b/mkosi/template.cfg
similarity index 100%
rename from test/integration-tests/TEST-24-CRYPTSETUP/template.cfg
rename to mkosi/template.cfg
diff --git a/test/integration-tests/TEST-24-CRYPTSETUP/meson.build b/test/integration-tests/TEST-24-CRYPTSETUP/meson.build
index c9e0271e96..bb2b2a15f5 100644
--- a/test/integration-tests/TEST-24-CRYPTSETUP/meson.build
+++ b/test/integration-tests/TEST-24-CRYPTSETUP/meson.build
@@ -4,7 +4,6 @@ integration_tests += [
         integration_test_template + {
                 'name' : fs.name(meson.current_source_dir()),
                 'credentials' : integration_test_template['credentials'] + [
-                        files('keyfile'),
                         'fstab.extra="/dev/mapper/test24_varcrypt /var ext4 defaults 0 1"',
                 ],
                 'cmdline' : [