Merge pull request #30334 from DaanDeMeyer/repart-fixes

repart: Add Minimize=best to --make-ddi= partition definitions
author: Luca Boccassi <bluca@debian.org> 2023-12-06 21:29:04 +0100
committer: GitHub <noreply@github.com> 2023-12-06 21:29:04 +0100
commit: fa8e6bb3b296bc7a42a87fbe092421b3a8f92d9e (patch)
tree: 35e36a380a1327fba8c2737fb5d183b40d462ad7
parent: README: mention Matrix channel (diff)
parent: test: Add test case for --make-ddi=sysext (diff)
download: systemd-fa8e6bb3b296bc7a42a87fbe092421b3a8f92d9e.tar.xz
systemd-fa8e6bb3b296bc7a42a87fbe092421b3a8f92d9e.zip
7 files changed, 32 insertions, 2 deletions
diff --git a/src/partition/definitions/confext.repart.d/10-root.conf b/src/partition/definitions/confext.repart.d/10-root.conf
index e41dc0578b..f728ab66d5 100644
--- a/src/partition/definitions/confext.repart.d/10-root.conf
+++ b/src/partition/definitions/confext.repart.d/10-root.conf
@@ -13,3 +13,4 @@ Format=erofs
 CopyFiles=/etc/
 Verity=data
 VerityMatchKey=root
+Minimize=best
diff --git a/src/partition/definitions/confext.repart.d/20-root-verity.conf b/src/partition/definitions/confext.repart.d/20-root-verity.conf
index 437d88e068..8179351b6c 100644
--- a/src/partition/definitions/confext.repart.d/20-root-verity.conf
+++ b/src/partition/definitions/confext.repart.d/20-root-verity.conf
@@ -11,3 +11,4 @@
 Type=root-verity
 Verity=hash
 VerityMatchKey=root
+Minimize=best
diff --git a/src/partition/definitions/portable.repart.d/10-root.conf b/src/partition/definitions/portable.repart.d/10-root.conf
index 78758002f5..6f500d04d8 100644
--- a/src/partition/definitions/portable.repart.d/10-root.conf
+++ b/src/partition/definitions/portable.repart.d/10-root.conf
@@ -13,3 +13,4 @@ Format=erofs
 CopyFiles=/
 Verity=data
 VerityMatchKey=root
+Minimize=best
diff --git a/src/partition/definitions/portable.repart.d/20-root-verity.conf b/src/partition/definitions/portable.repart.d/20-root-verity.conf
index 437d88e068..8179351b6c 100644
--- a/src/partition/definitions/portable.repart.d/20-root-verity.conf
+++ b/src/partition/definitions/portable.repart.d/20-root-verity.conf
@@ -11,3 +11,4 @@
 Type=root-verity
 Verity=hash
 VerityMatchKey=root
+Minimize=best
diff --git a/src/partition/definitions/sysext.repart.d/10-root.conf b/src/partition/definitions/sysext.repart.d/10-root.conf
index c87e1bc542..b8ef985b92 100644
--- a/src/partition/definitions/sysext.repart.d/10-root.conf
+++ b/src/partition/definitions/sysext.repart.d/10-root.conf
@@ -14,3 +14,4 @@ CopyFiles=/usr/
 CopyFiles=/opt/
 Verity=data
 VerityMatchKey=root
+Minimize=best
diff --git a/src/partition/definitions/sysext.repart.d/20-root-verity.conf b/src/partition/definitions/sysext.repart.d/20-root-verity.conf
index 437d88e068..8179351b6c 100644
--- a/src/partition/definitions/sysext.repart.d/20-root-verity.conf
+++ b/src/partition/definitions/sysext.repart.d/20-root-verity.conf
@@ -11,3 +11,4 @@
 Type=root-verity
 Verity=hash
 VerityMatchKey=root
+Minimize=best
diff --git a/test/units/testsuite-50.sh b/test/units/testsuite-50.sh
index 169aa1b864..28218ab6d7 100755
--- a/test/units/testsuite-50.sh
+++ b/test/units/testsuite-50.sh
@@ -677,11 +677,35 @@ if command -v mksquashfs >/dev/null 2>&1; then
     read -r X < /etc/waldo
     test "$X" = foobar50
 
-    rm /run/verity.d/test-50-cert.crt /run/confexts/waldo.confext.raw /tmp/test-50-cert.crt /tmp/test-50-privkey.key
+    rm /run/confexts/waldo.confext.raw
 
     systemd-confext refresh
 
-    (! test -f /tmp/test-50-confext/etc/waldo )
+    (! test -f /etc/waldo )
+
+    mkdir -p /tmp/test-50-sysext/usr/lib/extension-release.d/
+
+    # Make sure the sysext is big enough to not fit in the minimum partition size of repart so we know the
+    # Minimize= logic is working.
+    truncate --size=50M /tmp/test-50-sysext/usr/waldo
+
+    ( grep -e '^\(ID\|VERSION_ID\)=' /etc/os-release ; echo IMAGE_ID=waldo ; echo IMAGE_VERSION=7 ) > /tmp/test-50-sysext/usr/lib/extension-release.d/extension-release.waldo
+
+    mkdir -p /run/extensions
+
+    SYSTEMD_REPART_OVERRIDE_FSTYPE=squashfs systemd-repart -S -s /tmp/test-50-sysext --certificate=/tmp/test-50-cert.crt --private-key=/tmp/test-50-privkey.key /run/extensions/waldo.sysext.raw
+
+    systemd-dissect --mtree /run/extensions/waldo.sysext.raw
+
+    systemd-sysext refresh
+
+    test -f /usr/waldo
+
+    rm /run/verity.d/test-50-cert.crt /run/extensions/waldo.sysext.raw /tmp/test-50-cert.crt /tmp/test-50-privkey.key
+
+    systemd-sysext refresh
+
+    (! test -f /usr/waldo)
 fi
 
 # Sneak in a couple of expected-to-fail invocations to cover
author	Luca Boccassi <bluca@debian.org>	2023-12-06 21:29:04 +0100
committer	GitHub <noreply@github.com>	2023-12-06 21:29:04 +0100
commit	fa8e6bb3b296bc7a42a87fbe092421b3a8f92d9e (patch)
tree	35e36a380a1327fba8c2737fb5d183b40d462ad7
parent	README: mention Matrix channel (diff)
parent	test: Add test case for --make-ddi=sysext (diff)
download	systemd-fa8e6bb3b296bc7a42a87fbe092421b3a8f92d9e.tar.xz systemd-fa8e6bb3b296bc7a42a87fbe092421b3a8f92d9e.zip