Skip to content

Comments

Buildstream#4149

Draft
daandemeyer wants to merge 4 commits intosystemd:mainfrom
daandemeyer:buildstream
Draft

Buildstream#4149
daandemeyer wants to merge 4 commits intosystemd:mainfrom
daandemeyer:buildstream

Conversation

@daandemeyer
Copy link
Contributor

This will stay in draft until gnomeos has the necessary elements in place to allow properly integrating with mkosi so I can test this end-to-end.

cc @AdrianVovk

@abderrahim
Copy link

I'm seeing the following error when buildstream tries to call bubblewrap to run a build

    bwrap: Unexpected capabilities but not setuid, old file caps config?

@daandemeyer
Copy link
Contributor Author

@abderrahim Yeah I ran into that and various other errors when I was still using bubblewrap in mkosi as well. I consider it to be a totally broken check in bubblewrap. It should not fail when running unprivileged with capabilities, it's a totally valid use case. But the upstream is pretty much dead unfortunately.

We can avoid the check by pretending we're root (while still setting HOME to the user home directory to reuse the cache). I'll push an update to that effect, please try again then.

daandemeyer and others added 4 commits February 9, 2026 12:44
Since we don't require the version to be in the kernel image
filename anymore, let's not insist on the - anymore.
In weird CI setups or such, there might be stuff in non-canonical
directories in /. This stuff only has a minimal chance to affect the
image build accidentally, so let's mount them in by default in case
the image build actually does need to look up stuff in these directories.
The GnomeOS folks are looking into mkosi to build their images instead
of BuildStream. While BuildStream will still take care of providing the
rootfs tree, mkosi would take over the responsibility of packaging that
directory tree into a disk image.

Let's add support for BuildStream to mkosi to make this possible. Unlike
the other supported distributions, BuildStream is not intended to be consumed
by installing individual packages. Instead, BuildStream elements should be
exposed which provide the full rootfs that should go into the image. That's
why we limit the number of packages that can be specified to a single one, which
should always provide all contents that should go into the image.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Development

Successfully merging this pull request may close these issues.

2 participants