Bug#1133276: mkosi: Building Debian Images fails (kmod not found)
Manuel Traut
manut at mecka.net
Tue Apr 14 16:16:34 BST 2026
Hi Luca,
Am 2026-04-14 13:41, schrieb Luca Boccassi:
> Control: close -1
>
> Please stop playing ping-pong with the BTS. This is an issue on your
> setup, regardless of whatever is the right option or env var to set.
I've just seen, that it was also reported upstream:
https://github.com/systemd/mkosi/issues/1368#issuecomment-4069166111
As mentioned it is fixed in latest upstream git and not reproducible
with the version in trixie.
I also really don't like the ping-pong. But this is definitely a bug in
the 26 release.
Bisecting mkosi points to this:
--8<--
commit 88a91f5053ca6919d39948a7c23c798225900518 (HEAD)
Author: Daan De Meyer <daan.j.demeyer at gmail.com>
Date: Tue Dec 23 17:17:01 2025 +0100
run: Call execvpe() from preexec function
Python does its own executable lookup in $PATH before executing the
preexec function, and
hence before we have set up the sandbox which influences the lookup
results. To get around
that, let's call execvpe() ourselves inside the preexec() function,
and not give Python the
chance to do it itself. This ensures we can do the proper executable
lookup after setting
up the sandbox. If we can't find the executable, do nothing, and let
Python do its own
search logic so it can return a proper error, which we cannot do
from the preexec function.
Note that by doing this we also skip Python closing all open file
descriptors except the
ones specified by the user in pass_fds, but since Python opens all
file descriptors with
O_CLOEXEC anyway, we'll assume we're good and don't need to close
open file descriptors
explicitly.
--8<--
I picked the attached patch in d/patches and the so built package is
fine. If you want I can create a MR in salsa for this.
cheers
Manuel
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 0001-run-Call-execvpe-from-preexec-function.patch
Type: text/x-diff
Size: 3545 bytes
Desc: not available
URL: <http://alioth-lists.debian.net/pipermail/pkg-systemd-maintainers/attachments/20260414/5610c3cf/attachment.patch>
More information about the Pkg-systemd-maintainers
mailing list