github systemd/mkosi v15.1
on GitHub

latest releases: v24.3, v24.2, v24.1...
15 months ago

  • Migrated to systemd-repart. Many options are dropped in favor of specifying them directly
    in repart partition definition files:

    • Format=gpt_xxx options are replaced with a single "disk" options. Filesystem to use can now be specified with repart's Format= option
    • Format=plain_squashfs (Can be reproduced by a single repart squashfs
      root partition combined with SplitArtifacts=yes)
    • Verity= (Replaced by repart's Verity= options)
    • Encrypt= (Replaced by repart's Encrypt= option)
    • RootSize=, HomeSize=, VarSize=, TmpSize=, ESPSize=, SwapSize=, SrvSize=
      (Replaced by repart's size options)
    • UsrOnly= (replaced with CopyFiles=/:/usr in a usr partition definition)
    • OutputSplitRoot=, OutputSplitVerity=, (Replaced by repart's SplitName= option)
    • OutputSplitKernel= (UKI is now always written to its own output file)
    • GPTFirstLBA (Removed, no equivalent in repart)
    • ReadOnly= (Replaced by repart's ReadOnly= option per partition)
    • Minimize= (Replaced by repart's Minimize= option per partition)
    • CompressFs= (No equivalent in repart, can be replicated by replacing mkfs.
      in $PATH with a script that adds the necessary command line option)
    • MkSquashfs= (Can be replaced with a script in $PATH that invokes
      the correct binary)

    We also remove the WithoutUnifiedKernelImages= switch as building unified
    kernel images is trivial and fast these days.

  • Support for --qemu-boot was dropped

  • Support for --use-host-repositories was dropped, use --repository-directory instead

  • RepositoryDirectory was removed, use PackageManagerTrees= or SkeletonTrees= instead.

  • --repositories is now only usable on Debian/RPM based distros and can only be used to enable additional
    repositories. Specifically, it cannot be used on Arch Linux anymore to add new repositories.

  • The _epel distributions were removed. Use --repositories=epel instead to enable
    the EPEL repository.

  • Removed -stream from CentOS release specifiers. Instead of specifying 8-stream,
    you know just specify 8.

  • Removed default kernel command line arguments rhgb, selinux=0 and audit=0.

  • Dropped --all and --all-directory as this functionality is better implemented by
    using a build system.

  • mkosi now builds images without needing root privileges.

  • Removed --no-chown, --idmap and --nspawn-keep-unit options as they were made obsolete by moving to
    rootless builds.

  • Removed --source-file-transfer, --source-file-transfer-final, --source-resolve-symlinks and
    --source-resolve-symlinks-final in favor of always mounting the source directory into the build image.
    --source-file-transfer-final might be reimplemented in the future using virtiofsd.

  • Dropped --include-dir option. Usage can be replaced by using --incremental and reading includes from
    the cached build image tree.

  • Removed --machine-id in favor of shipping images without a machine ID at all.

  • Removed --skip-final-phase as we only have a single phase now.

  • The post install script is only called for the final image now and not for the build image anymore. Use the
    prepare script instead.

  • --ssh-key, --ssh-agent, --ssh-port and --ssh-timeout options were dropped as the SSH support was
    reimplemented using VSock. mkosi ssh can only be used with images booted with mkosi qemu. Use
    machinectl to access images booted with mkosi boot. Use --extra-tree or --credential with the
    .ssh.authorized_keys.root credentials as alternatives for provisioning the public key inside the image.

  • Only configuration files matching *.conf are parsed in dropin directories now.

  • Removed --qemu-headless, we now start qemu in the terminal by default and configure the serial console at
    runtime. Use the new --qemu-gui option to start qemu in its graphical interface.

  • Removed --netdev. Can be replaced by manually installing systemd-networkd, putting a network file in the
    image and enabling systemd-networkd.

  • If mkosi.extra/ or mkosi.skeleton/ exist, they are now always used instead of only when no explicit
    extra/skeleton trees are defined.

  • mkosi doesn't install any default packages anymore aside from packages required by the distro or the base
    filesystem layout package if there are no required packages. In practice, this means systemd and other
    basic tools have to be installed explicitly from now on.

  • Removed --base-packages as it's not needed anymore since we don't install any packages by default anymore
    aside from the base filesystem layout package.

  • Removed --qcow2 option in favor of supporting only raw disk images as the disk image output format.

  • Removed --bmap option as it can be trivially added manually by utilizing a finalize script.

  • The never value for --with-network was spun of into its own custom option --cache-only.

  • --bootable now defaults to auto. When set to auto, mkosi will generate a bootable image only if all
    the necessary packages are installed. Documentation was added in docs/bootable.md on how a bootable image
    can be generated on mainstream distros.

  • The RPM db is no longer rebuilt in bdb format on CentOS Stream 8. To be able to install packages on a
    CentOS Stream 8 image with a RPM db in sqlite format, rewrite the db in bdb format using
    rpm --rebuilddb --define _db_backend bdb.

  • Repositories are now only written to /etc/apt/sources.list if apt is installed in the image.

  • Removed the dependency on debootstrap to build Ubuntu or Debian images.

  • Apt now uses the keyring from the host instead of the keyring from the image. This means
    debian-archive-keyring or ubuntu-archive-keyring are now required to be installed to build Debian or
    Ubuntu images respectively.

  • --base-image is split into --base-tree and --overlay.

  • Removed --cache-initrd, instead, use a prebuilt initrd with Initrds= to avoid rebuilding the initrd all
    the time.

  • Disk images are now resized to 8G when booted to give some disk space to play around with in the booted
    image.

  • Removed --install-directory= option. This was originally added for caching the installation results, but
    this doesn't work properly as it might result in leftover files in the install directory from a previous
    installation, so we have to empty the directory before reusing it, invalidating the caching, so the option
    was removed.

  • Build scripts are now executed on the host. See the SCRIPTS section
    in the manual for more information. Existing build scripts will need
    to be updated to make sure they keep working. Specifically, most paths
    in scripts will need to be prefixed with $BUILDROOT to have them
    operate on the image instead of on the host system. To ensure the host
    system cannot be modified when running a script, most host directories
    are mounted read-only when running a script to ensure a script cannot
    modify the host in any way. Alternatively to making the script run on
    the host, the script can also still be executed in the image itself by
    putting the following snippet at the top of the script: 

    if [ "$container" != "mkosi" ]; then
    exec mkosi-chroot "$SCRIPT" "$@"
fi

  • Removed --tar-strip-selinux-context= option. We now label all files
    properly if selinux is enabled and if users don't want the labels,
    they can simply exclude them when extracting the archive.

  • Gentoo is now marked as experimental and unsupported and there's no
    guarantee at all that it will work. Issues related to gentoo will
    generally not receive attention from core maintainers. All gentoo
    specific hacks outside of the gentoo implementation module have been
    removed.

  • A verb documentation has been added. Calling mkosi with this verb will show
    the documentation. This is useful when running mkosi during development to
    always have the documentation in the correct version available. By default it
    will try several ways to output the documentation, but a specific option can
    be chosen with the --doc-format option. Distro packagers are encouraged to
    add a file mkosi.1 into the mkosi/resources directory of the Python
    package, if it is missing, as well es install it in the appropriate search
    path for man pages. The man page can be generated from the markdown file
    mkosi/resources/mkosi.md e.g via pandoc -t man -s -o mkosi.1 mkosi.md.

  • The man page can be generated from the markdown file via
    tools/make-man-page.sh.

  • Fixed issue where not all packages and data files where included in
    the generated python package.

  • mkosi doesn't try to unshare the network namespace anymore when it
    doesn't have CAP_NET_ADMIN.

  • Fixed issue when the workspace was located in /tmp.

  • Don't try to run timedatectl or ssh-add when they're not installed.

Check out latest releases or
releases around systemd/mkosi v15.1

Don't miss a new mkosi release

NewReleases is sending notifications on new releases.

Get notifications