- update to v14:
* mkosi now creates distro~release subdirectories inside the build, cache
and output directories for each distro~release combination that is
built. This allows building for multiple distros without throwing away
the results of a previous distro build every time.
* The preferred names for mkosi configuration files and directories are
now mkosi.conf and mkosi.conf.d/ respectively. The old names
(mkosi.default and mkosi.default.d) have been removed from the docs but
are still supported for backwards compatibility.
* plain_squashfs type images will now also be named with a .raw suffix.
* tar type images will now respect the --compress option.
* Pacman's SigLevel option was changed to use the same default value as
used on Arch which is SigLevel = Required DatabaseOptional. If this
results in keyring errors, you need to update the keyring by running
* Support for CentOS 7 was dropped. If you still need to support CentOS 7,
we recommend using any mkosi version up to 13.
* Support for BIOS/grub was dropped. because EFI hardware is widely
available and legacy BIOS systems do not support the feature set to
fully verify a boot chain from firmware to userland and it has become
bothersome to maintain for little use.
* To generate BIOS images you can use any version of mkosi up to mkosi 13
or the new --bios-size option. This can be used to add a BIOS boot
partition of the specified size on which grub (or any other bootloader)
can be installed with the help of mkosi's script support (depending on
your needs most likely mkosi.postinst or mkosi.finalize). This method
can also be used for other EFI bootloaders that mkosi intentionally does
not support.
* mkosi now unconditionally copies the kernel, initrd and kernel cmdline
from the image that were previously only copied out for Qemu boot.
* mkosi now runs apt and dpkg on the host. As such, we now require apt and
OBS-URL: https://build.opensuse.org/request/show/1039896
OBS-URL: https://build.opensuse.org/package/show/Virtualization/mkosi?expand=0&rev=14
- The `--network-veth` option has been renamed to `--netdev`. The old name made
sense with virtual ethernet devices, but when booting images with qemu a
TUN/TAP device is used instead.
- The network config file installed by mkosi when the `--netdev` (previously
`--network-veth`) option is used (formerly
`/etc/systemd/network/80-mkosi-network-veth.network` in the image) now only
matches network interfaces using the `virtio_net` driver. Please make sure
you weren't relying on this file to configure any network interfaces other
than the tun/tap virtio-net interface created by mkosi when booting the image
in QEMU with the `--netdev` option. If you were relying on this config file
to configure other interfaces, you'll have to re-create it with the correct
match and a lower initial number in the filename to make sure
`systemd-networkd` will keep configuring your interface, e.g. via the
`mkosi.skeleton` or `mkosi.extra` trees or a `mkosi.postinst` script.
- The `kernel-install` script for building unified kernel images has been
removed. From v13 onwards, on systems using `kernel-install`, `mkosi` won't
automatically build new unified kernel images when a kernel is updated or
installed. To keep the old behavior, you can install the `kernel-install`
script manually via a skeleton tree; a copy can be found
[here](3798eb0c2e/mkosi/resources/dracut_unified_kernel_install.sh).
- New `QemuKvm` option configures whether to use KVM when running `mkosi qemu`.
- `mkosi` will not default to the same OS release as the host system anymore
when the host system uses the same distribution as the image that's being
built. Instead, when no release is specified, mkosi will now always default
to the default version embedded in mkosi itself.
- `mkosi` will now use the `pacman` keyring from the host when building Arch
images. This means that users will, on top of installing `archlinux-keyring`,
also have to run `pacman-key --init` and `pacman-key --populate archlinux` on
the host system to be able to build Arch images. Also, unless the package
OBS-URL: https://build.opensuse.org/package/show/Virtualization/mkosi?expand=0&rev=12
- Support for Rocky Linux, Alma Linux, and Gentoo has been added!
- A new `ManifestFormat=` option can be used to generate "manifest" files that
describe what packages were installed. With `json`, a JSON file that shows
the names and versions of all installed packages will be created. With
`changelog`, a longer human-readable file that shows package descriptions and
changelogs will be generated. This latter format should be considered
experimental and likely to change in later versions.
- A new `RemovePackages=` option can be used to uninstall packages after the
build and finalize scripts have been done. This is useful for the case where
packages are required by the build scripts, or pulled in as dependencies
for scriptlets of other packages, but are not necessary in the final image.
- A new `BaseImage=` option can be used to build "system extensions" a.k.a.
"sysexts" — partial images which are mounted on top of an existing system
to provide additional files under `/usr/`. See the
[systemd-sysext man page](https://www.freedesktop.org/software/systemd/man/systemd-sysext.html)
for more information.
- A new `CleanPackageMetadata=` option can be used to force or disable the
removal of package manager files. When this option is not used, they are
removed when the package manager is not installed in the final image.
- A new `UseHostRepositories=` option instructs mkosi to use repository
configuration from the host system, instead of the internal list.
- A new `SshAgent=` option configures the path to the ssh agent.
- A new `SshPort=` option overrides the port used for ssh.
- The `Verity=` setting supports a new value `signed`. When set, verity data
will be signed and the result inserted as an additional partition in the
image. See https://systemd.io/DISCOVERABLE_PARTITIONS for details about
signed disk images. This information is used by `systemd-nspawn`,
`systemd-dissect`, `systemd-sysext`, `systemd-portabled` and `systemd`'s
`RootImage=` setting (among others) to cryptographically validate the image
OBS-URL: https://build.opensuse.org/package/show/Virtualization/mkosi?expand=0&rev=9
