Daan De Meyer
Daan De Meyer
Isn't this fixed by using a finalize script that runs in the host as part of the mkosi run?
With a few chowns (I think we already do most of these) and some uidmapped bind mounts once nspawn supports them, we should be able to avoid any root owned...
I'm slightly hesitant about adding this as is. This seems like it'd be super easy with mkosi-initrd if we allowed providing prebuilt initrds to mkosi, since with mkosi-initrd you could...
Closing due to lack of response, we can reopen if there's still interest in this
This was fixed upstream I think with https://github.com/systemd/systemd/pull/23339 so let's close this
Might be interested in this PR: https://github.com/systemd/systemd/pull/16687
We should be able to fix this with the new /etc/kernel/entry-token support that was added to bootctl and kernel-install. It might just take a while until we have sufficiently new...
I like the idea, but maybe watch out so that you're not abstracting too much. Sure, the big file is a bit unwieldy but I find the general flow quite...
I thought a bit about this but it seemed rather complex, especially in the context of mkosi-initrd if we'd want to use that to build initrds and allow users to...
We can probably patch this in mkosi as well, but https://github.com/systemd/systemd/pull/23979 will fix this in nspawn itself