Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package mkosi for openSUSE:Factory checked in at 2024-01-22 20:38:22 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/mkosi (Old) and /work/SRC/openSUSE:Factory/.mkosi.new.16006 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "mkosi" Mon Jan 22 20:38:22 2024 rev:11 rq:1140616 version:20.2 Changes: -------- --- /work/SRC/openSUSE:Factory/mkosi/mkosi.changes 2023-11-21 21:32:29.176380598 +0100 +++ /work/SRC/openSUSE:Factory/.mkosi.new.16006/mkosi.changes 2024-01-22 20:38:28.310525635 +0100 @@ -1,0 +2,160 @@ +Mon Jan 22 14:07:58 UTC 2024 - Dirk Müller <[email protected]> + +- update to 20.2: + * Fixed a bug in signing unsigned shim EFI binaries. + * We now build an early microcode initrd in the mkosi kernel- + install plugin. + * Added `PackageDirectories=` to allow providing extra packages + to be made available during the build. + * Fixed issue where `KernelModulesIncludeHost` was including + unnecessary modules + * Fixed `--mirror` specification for CentOS (and variants) and + Fedora. + * Previously a subdirectory within the mirror had to be + specified which prevented using CentOS and EPEL repositories + from the same mirror. Now only the URL has be specified. + * We now mount package manager cache directories when running + scripts on the host so that any packages installed in scripts + are properly cached. + * We don't download filelists on Fedora anymore + * Nested build sources don't cause errors anymore when trying + to install packages. + * We don't try to build the same tools tree more than once + anymore when building multiple images. + * We now create the `/etc/mtab` compatibility symlink in + mkosi's sandbox. + * We now always hash the root password ourselves instead of + leaving it to `systemd-firstboot`. + * `/srv` and `/mnt` are not mounted read-only anymore during + builds. + * Fixed a crash when running mkosi in a directory with fewer + than two parent directories. + * Implemented `RepositoryKeyCheck=` for apt-based + distributions. + +------------------------------------------------------------------- +Mon Jan 22 09:58:59 UTC 2024 - Dirk Müller <[email protected]> + +- update to 20.1: + * `BuildSources=` are now mounted when we install packages so + local packages can be made available in the sandbox. + * Fixed check to see if we're running as root which makes sure + we don't do shared mounts when running as root. + * The extension release file is now actually written when + building system or configuration extensions. + * The nspawn settings are copied to the output directory again. + * Incremental caching is now skipped when `Overlay=` is enabled + as this combination isn't supported. + * The SELinux relabel check is more granular and now checks for + all required files instead of just whether there's a policy + configured. + * `qemu-system-xxx` binaries are now preferred over the generic + `qemu` and `qemu-kvm` binaries. + * Grub tools from the tools tree are now used to install grub + instead of grub tools from the image itself. The grub tools + were added to the default tools trees as well. + * The pacman keyring in tools trees is now only populated from + the Arch Linux keyring (and not the Debian/Ubuntu ones anymore). + * `gpg` is allowed to access `/run/pscsd/pscsd.comm` on the + host if it exists to allow interaction with smartcards. + * The current working directory is not mounted unconditionally + to `/work/src` anymore. Instead, the default value for + `BuildSources=` now mounts the current working directory + to `/work/src`. This means that the current working directory + is no longer implicitly included when `BuildSources=` is + explicitly configured. + * Assigning the empty string to a setting that takes a list of + values now overrides any configured default value as well. + * The github action does not build and install systemd from + source anymore. Instead, `ToolsTree=default` can be used to + make sure a recent version of systemd is used to do the image + build. + * Added `EnvironmentFiles=` to read environment variables from + * environment files. + * We drastically reduced how much of the host system we expose + to scripts. Aside from `/usr`, a few directories in `/etc`, + `/tmp`, `/var/tmp` and various directories configured in mkosi + settings, all host directories are hidden from scripts, + package managers and other tools executed by mkosi. + * Added `RuntimeScratch=` to automatically mount a directory + with extra scratch space into mkosi-spawned containers and + virtual machines. + * Package manager trees can now be used to configure every tool + invoked by mkosi while building an image that reads config + files from `/etc` or `/usr`. + * Added `SELinuxRelabel=` to specify whether to relabel selinux + files or not. + * Many fixes to tools trees were made and tools trees are now + covered by CI. Some combinations aren't possible yet but + we're actively working to make these possible. + * `mkosi qemu` now supports direct kernel boots of `s390x` and + `powerpc` images. + * Added `HostArchitecture=` match to match against the host + * architecture. + * We don't use the user's SSH public/private keypair anymore + for `mkosi ssh` but instead use a separate key pair which + can be generated by `mkosi genkey`. Users using `mkosi ssh` + will have to run `mkosi genkey` once to generate the necessary + files to keep `mkosi ssh` working. + * We don't automatically set `--offline=no` anymore when we + detect the `Subvolumes=` setting is used in a `systemd-repart` + partition definition file. Instead, use the new + `RepartOffline=` option to explicitly disable running + `systemd-repart` in offline mode. + * During the image build we now install UKIs/kernels/initrds to + `/boot` instead of `/efi`. While this will generally not be + noticeable, users with custom systemd-repart ESP partition + definitions will need to add `CopyFiles=/boot:/` along with + the usual `CopyFiles=/efi:/` to their ESP partition + definitions. By installing UKIs/kernels/initrds + to `/boot`, it becomes possible to use `/boot` to populate an + XBOOTLDR partition which wasn't possible before. Note that + this is also safe to do before `v20` so `CopyFiles=/boot:/` + can unconditionally be added to any ESP partition definition + files. + * Added `QemuFirmwareVariables=` to allow specifying a custom + OVMF variables file to use. + * Added `MinimumVersion=` to allow specifying the minimum + required mkosi version to build an image. + * Added support for Arch Linux's debug repositories. + * Merged the mkosi-initrd project into mkosi itself. mkosi- + initrd is now used to build the default initrd. + * Implemented mkosi-initrd for all supported distributions. + * Added `ShimBootloader=` to support installing shim to the + ESP. + * Added sysext, confext and portable output formats. These will + produce signed disk images that can be used as sysexts, + confexts and portable services respectively. + * Added `QemuVsockConnectionId=` to configure how to allocate + the vsock connection ID when `QemUVsock=` is enabled. + * Added documentation on how to build sysexts with mkosi. + * Global systemd user presets are now also configured. + * Implemented `WithDocs=` for `apt`. + * On supported package managers, locale data for other locales + is now stripped if the local is explicitly configured using + `Locale=`. + * All `rpm` plugins are now disabled when building images. + * Added `KernelModulesIncludeHost=` and + `KernelModulesInitrdIncludeHost=` to only include modules + loaded on the host system in the image/initrd respectively. + * Implemented `RemovePackages=` for Arch Linux. + * Added `useradd` and `groupadd` scripts to configure these + binaries to operate on the image during builds instead on + the host. + * Added microcode support. If installed into the image, an + early microcode initrd will automatically be built and + prepended to the initrd. + * A passwordless root account may now be created by specifying + `hashed:`. + * The `Autologin=` feature was extended with support for + `arm64`, `s390x` and `powerpc` architectures. + * Added `SecureBootAutoEnroll=` to control automatic enrollment + of secureboot keys separately from signing `systemd-boot` + and generated UKIs. + * `ImageVersion=` is no longer automatically appended to the + output files, instead this is automatically appended to + `Output=` if not specified and results in the `%o` specifier + being equivalent to `%i` or `%i_%v` depending on whether + `ImageVersion=` is specified. + +------------------------------------------------------------------- Old: ---- mkosi-19.tar.gz New: ---- mkosi-20.2.tar.gz ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ mkosi.spec ++++++ --- /var/tmp/diff_new_pack.mjzGuq/_old 2024-01-22 20:38:28.982550178 +0100 +++ /var/tmp/diff_new_pack.mjzGuq/_new 2024-01-22 20:38:28.986550324 +0100 @@ -1,7 +1,7 @@ # # spec file for package mkosi # -# Copyright (c) 2023 SUSE LLC +# Copyright (c) 2024 SUSE LLC # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -19,7 +19,7 @@ %define pythons python3 Name: mkosi -Version: 19 +Version: 20.2 Release: 0 Summary: Build Legacy-Free OS Images License: LGPL-2.1-or-later ++++++ mkosi-19.tar.gz -> mkosi-20.2.tar.gz ++++++ ++++ 18633 lines of diff (skipped)
