diff options
7 files changed, 32 insertions, 2 deletions
diff --git a/src/partition/definitions/confext.repart.d/10-root.conf b/src/partition/definitions/confext.repart.d/10-root.conf index e41dc0578b..f728ab66d5 100644 --- a/src/partition/definitions/confext.repart.d/10-root.conf +++ b/src/partition/definitions/confext.repart.d/10-root.conf @@ -13,3 +13,4 @@ Format=erofs CopyFiles=/etc/ Verity=data VerityMatchKey=root +Minimize=best diff --git a/src/partition/definitions/confext.repart.d/20-root-verity.conf b/src/partition/definitions/confext.repart.d/20-root-verity.conf index 437d88e068..8179351b6c 100644 --- a/src/partition/definitions/confext.repart.d/20-root-verity.conf +++ b/src/partition/definitions/confext.repart.d/20-root-verity.conf @@ -11,3 +11,4 @@ Type=root-verity Verity=hash VerityMatchKey=root +Minimize=best diff --git a/src/partition/definitions/portable.repart.d/10-root.conf b/src/partition/definitions/portable.repart.d/10-root.conf index 78758002f5..6f500d04d8 100644 --- a/src/partition/definitions/portable.repart.d/10-root.conf +++ b/src/partition/definitions/portable.repart.d/10-root.conf @@ -13,3 +13,4 @@ Format=erofs CopyFiles=/ Verity=data VerityMatchKey=root +Minimize=best diff --git a/src/partition/definitions/portable.repart.d/20-root-verity.conf b/src/partition/definitions/portable.repart.d/20-root-verity.conf index 437d88e068..8179351b6c 100644 --- a/src/partition/definitions/portable.repart.d/20-root-verity.conf +++ b/src/partition/definitions/portable.repart.d/20-root-verity.conf @@ -11,3 +11,4 @@ Type=root-verity Verity=hash VerityMatchKey=root +Minimize=best diff --git a/src/partition/definitions/sysext.repart.d/10-root.conf b/src/partition/definitions/sysext.repart.d/10-root.conf index c87e1bc542..b8ef985b92 100644 --- a/src/partition/definitions/sysext.repart.d/10-root.conf +++ b/src/partition/definitions/sysext.repart.d/10-root.conf @@ -14,3 +14,4 @@ CopyFiles=/usr/ CopyFiles=/opt/ Verity=data VerityMatchKey=root +Minimize=best diff --git a/src/partition/definitions/sysext.repart.d/20-root-verity.conf b/src/partition/definitions/sysext.repart.d/20-root-verity.conf index 437d88e068..8179351b6c 100644 --- a/src/partition/definitions/sysext.repart.d/20-root-verity.conf +++ b/src/partition/definitions/sysext.repart.d/20-root-verity.conf @@ -11,3 +11,4 @@ Type=root-verity Verity=hash VerityMatchKey=root +Minimize=best diff --git a/test/units/testsuite-50.sh b/test/units/testsuite-50.sh index 169aa1b864..28218ab6d7 100755 --- a/test/units/testsuite-50.sh +++ b/test/units/testsuite-50.sh @@ -677,11 +677,35 @@ if command -v mksquashfs >/dev/null 2>&1; then read -r X < /etc/waldo test "$X" = foobar50 - rm /run/verity.d/test-50-cert.crt /run/confexts/waldo.confext.raw /tmp/test-50-cert.crt /tmp/test-50-privkey.key + rm /run/confexts/waldo.confext.raw systemd-confext refresh - (! test -f /tmp/test-50-confext/etc/waldo ) + (! test -f /etc/waldo ) + + mkdir -p /tmp/test-50-sysext/usr/lib/extension-release.d/ + + # Make sure the sysext is big enough to not fit in the minimum partition size of repart so we know the + # Minimize= logic is working. + truncate --size=50M /tmp/test-50-sysext/usr/waldo + + ( grep -e '^\(ID\|VERSION_ID\)=' /etc/os-release ; echo IMAGE_ID=waldo ; echo IMAGE_VERSION=7 ) > /tmp/test-50-sysext/usr/lib/extension-release.d/extension-release.waldo + + mkdir -p /run/extensions + + SYSTEMD_REPART_OVERRIDE_FSTYPE=squashfs systemd-repart -S -s /tmp/test-50-sysext --certificate=/tmp/test-50-cert.crt --private-key=/tmp/test-50-privkey.key /run/extensions/waldo.sysext.raw + + systemd-dissect --mtree /run/extensions/waldo.sysext.raw + + systemd-sysext refresh + + test -f /usr/waldo + + rm /run/verity.d/test-50-cert.crt /run/extensions/waldo.sysext.raw /tmp/test-50-cert.crt /tmp/test-50-privkey.key + + systemd-sysext refresh + + (! test -f /usr/waldo) fi # Sneak in a couple of expected-to-fail invocations to cover |