mkosi(1) General Commands Manual mkosi(1) mkosi -- mkosi [...] init mkosi [...] summary mkosi [...] cat-config mkosi [...] build [-- ...] mkosi [...] shell [-- ...] mkosi [...] boot [-- nspawn...] mkosi [...] vm [-- vmm...] mkosi [...] ssh [-- ...] mkosi [...] journalctl [-- ...] mkosi [...] coredumpctl [-- ...] mkosi [...] sysupdate [-- sysupdate...] mkosi [...] box [-- ...] mkosi [...] dependencies [-- ...] mkosi [...] clean mkosi [...] serve mkosi [...] burn <> mkosi [...] bump mkosi [...] genkey mkosi [...] documentation [manual] mkosi [...] completion [] mkosi [...] latest-snapshot mkosi [...] help mkosi . dnf apt pacman zypper . : init mkosi. . tmpfiles.d mkosi . summary . . cat-config . mkosi . build . . . mkosi --. shell systemd-nspawn . chroot . shell . nspawn --. boot shell systemd systemd-nspawn. boot . nspawn --. vm boot ( qemu) . . VirtualMachineMonitor= . --. ssh Ssh=always sshd-vsock systemd ( 256+) SSH. mkosi ssh mkosi build SSH. SSH SshKey= . mkosi genkey mkosi. ssh ssh. --. machinectl login machinectl shell. Machine= ssh (: mkosi --machine=mymachine vm mkosi --machine=mymachine ssh). journalctl journalctl . journalctl -- journalctl. coredumpctl coredumpctl (coredumps) . coredumpctl -- coredumpctl. sysupdate systemd-sysupdate --transfer-source= --definitions= SysupdateDirectory=. sysupdate -- systemd-sysupdate. box boot shell vm . /usr /usr . $SHELL bash $SHELL . --. clean . -f . -f . serve ( mkosi.output/ ) HTTP 8081. -f . machinectl pull-raw ... machinectl pull-tar .... burn <> . GPT . bump mkosi.version mkosi.version. : . --auto-bump/-B . mkosi.version . mkosi.bump mkosi . genkey (SecureBoot) SecureBootKey=/--secure-boot-key= SecureBootCertificate=/--secure-boot-certificate=. documentation mkosi. mkosi mkosi mkosi-initrd initrd mkosi-sandbox sandbox mkosi.news news mkosi mkosi-initrd mkosi-sandbox (NEWS) mkosi. --doc-format. mkosi.1 mkosi/resources . markdown mkosi/resources/man/mkosi.1.md pandoc -t man -s -o mkosi.1 mkosi.1.md. completion . bash fish zsh. dependencies mkosi . . dnf : mkosi dependencies | xargs -d '\n' dnf install mkosi . . mkosi dependencies -- --profile runtime runtime . ToolsTreeProfiles= . latest-snapshot . . . (caller) . help --help : . . --force, -f . mkosi . . . ( FILES ) . clean : . --directory=, -C . mkosi . . . . --debug . --debug-shell mkosi . --debug-workspace mkosi. --debug-sandbox mkosi-sandbox strace. --version . --help, -h . --genkey-common-name= genkey mkosi. mkosi of %u %u mkosi. --genkey-valid-days= genkey mkosi. (730 ). --auto-bump=, -B mkosi.version bump. : . mkosi.bump mkosi . --doc-format . markdown man pandoc system auto. markdown Markdown . man . pandoc pandoc . system mkosi mkosi. auto : man pandoc markdown system. --json JSON-SEQ. --wipe-build-dir, -w . --rerun-build-scripts, -R . Incremental= . History= . : o GPT systemd-repart (disk) o (directory) o Tar (tar) o CPIO (cpio) o (UKI) o ... . Format= . none mkosi . ( RPM). GPT repart mkosi.repart/ . mkosi reflinks XFS btrfs . mkosi reflinks (copy-on-write). ( SomeSetting=value) ( --some-setting=value). . . : o . o mkosi.local.conf mkosi.local/ ( ). .gitignore ( ) . o . o mkosi.conf --directory= --directory=. mkosi.conf mkosi.tools.conf mkosi/mkosi.conf mkosi/mkosi.tools.conf mkosi/ . o mkosi.conf.d/ mkosi.conf . .conf mkosi.conf.d/. mkosi.conf.d mkosi.images/ mkosi.tools.conf . o (profiles) mkosi.profiles/. o mkosi.images/ . . . mkosi.local.conf mkosi.local/ . (SomeSetting= --some-setting=) . . . . [Match]. [Match] . (|) (...=|...) (triggering). AND OR . . . [Match] ( ). . [Match] mkosi.conf . . [Match] mkosi.conf.d/ mkosi.local.conf . [Match] . [Match] [Match] . disk directory x86-64 arm64: [Match] Format=|disk Format=|directory [Match] Architecture=|x86-64 Architecture=|arm64 [TriggerMatch] . systemd . debian bookworm ubuntu noble. [TriggerMatch] Distribution=debian Release=bookworm [TriggerMatch] Distribution=ubuntu Release=noble [TriggerMatch] [Match] AND OR . [Match] [TriggerMatch] [Match] [TriggerMatch] . . : ( Match) ^ ( TriggerMatch) [Assert] [TriggerAssert] [Assert] [TriggertAssert] . = . : 1 yes true 0 no false . [Distribution] Distribution= --distribution= -d . : fedora debian kali ubuntu arch opensuse mageia centos rhel rhel-ubi openmandriva rocky alma azure custom. custom . Release= --release= -r . ( Fedora Linux CentOS 29) ( Debian Kali Ubuntu artful). . Architecture= --architecture= . . . : alpha arc arm arm64 ia64 loongarch64 mips64-le mips-le parisc ppc ppc64 ppc64-le riscv32 riscv64 s390 s390x tilegx x86 x86-64. Mirror= --mirror= -m . URL . . ( ): x86-64 aarch64 ------------------------------------------------------------------------------------ debian http://deb.debian.org arch https://fastly.mirror.pkgbuild.com http://mirror.archlinuxarm.org opensuse http://download.opensuse.org kali http://http.kali.org/kali ubuntu http://archive.ubuntu.com http://ports.ubuntu.com centos https://mirrors.centos.org rocky https://mirrors.rockylinux.org alma https://mirrors.almalinux.org fedora https://mirrors.fedoraproject.org rhel-ubi https://cdn-ubi.redhat.com mageia https://www.mageia.org openmandriva http://mirrors.openmandriva.org azure https://packages.microsoft.com/ Snapshot= . ( ) latest-snapshot . Mirror= : x86-64 aarch64 ------------------------------------------------------------------------------------ debian https://snapshot.debian.org arch https://archive.archlinux.org http://mirror.archlinuxarm.org opensuse http://download.opensuse.org ubuntu http://archive.ubuntu.com http://ports.ubuntu.com centos https://composes.stream.centos.org fedora https://kojipkgs.fedoraproject.org . LocalMirror= --local-mirror= . . deb rpm pacman. --mirror= mkosi --mirror= ( ) . RepositoryKeyCheck= --repository-key-check= / . --local-mirror= . RepositoryKeyFetch= --repository-key-fetch= mkosi GPG . Ubuntu Ubuntu Arch Linux RPM. . GPG . dnf pacman zypper . GPG . GPG . : archlinux-keyring debian-keyring kali-archive-keyring ubuntu-keyring distribution-gpg-keys ( RPM). Repositories= --repositories= . EPEL CentOS Debian/Kali/Ubuntu. [Output] Format= --format= -t . : directory ( ) tar ( tar ) cpio ( cpio) disk ( GPT) uki ( PE .initrd) esp ( ESP UKI) oci ( OCI) sysext confext portable addon none ( ). disk systemd-repart. repart RepartDirectories= mkosi.repart/. verity Verity= systemd-repart mkosi roothash verity JSON systemd-repart mkosi. none ( CleanScripts=). ( BuildScripts=) . ManifestFormat= --manifest-format= . json ( JSON ) changelog ( ). . Output= --output= -o . image ImageId= ImageVersion= mkosi.images ImageId. OutputDirectory= . image_7.8.raw.xz. OutputExtension= --output-extension= . . . CompressOutput= --compress-output= . (xz zstd). zstd CentOS 8 xz OCI gzip . . shell boot vm . tar cpio uki esp oci addon. CompressLevel= --compress-level= . . . OutputDirectory= --output-directory= -O . mkosi.output/ . OutputMode= --output-mode= . . . ImageVersion= --image-version= . . mkosi.version ( bump --auto-bump) ( ). image.raw image_0.1.raw 0.1 . $IMAGE_VERSION ( /usr/lib/os-release IMAGE_VERSION= ). ImageId= --image-id= . . ( ). $IMAGE_ID . /usr/lib/os-release. SplitArtifacts= --split-artifacts= . uki kernel initrd os-release prcs partitions roothash kernel-modules-initrd repart-definitions tar. kernel initrd ( UKI) uki UKI. pcrs JSON TPM2 UKI . partitions --split=yes systemd-repart . . A/B /usr Verity . tar (rootfs) tar ( CompressOutput=). roothash dm-verity dm-verity roothash . kernel-modules-initrd initrd mkosi initrd . initrd initrd . repart-definitions repart . RepartDirectories= . uki kernel initrd. RepartDirectories= --repart-directory= systemd-repart mkosi systemd-repart . mkosi.repart/ . mkosi repart --root= CopyFiles= . SectorSize= --sector-size= systemd-repart . Overlay= --overlay= BaseTrees= . overlayfs . . systemd Seed= --seed= UUID random. systemd-repart . UUID . mkosi.seed UUID . UUID . CleanScripts= --clean-script= . SCRIPTS . [Content] Packages= --package= -p ( RPM deb ) . . . BuildPackages= (overlay) build . ( dnf RPM apt deb) / (globs) . PackageDirectories= Packages=. : dnf meson ( ) 32 libfdisk-devel git- RPM systemd /usr/bin/ld Development Tools python mypy. Packages=meson libfdisk-devel.i686 git-* /usr/bin/ld @development-tools python3dist(mypy) BuildPackages= --build-package= Packages= (overlay) build . mkosi.build . . VolatilePackages= --volatile-package= Packages= Incremental= . . PackageDirectories= --package-directory= . mkosi . mkosi.packages/ . VolatilePackageDirectories= --volatile-package-directory= PackageDirectories= Incremental=. $PACKAGEDIR. $PACKAGEDIR VolatilePackages=. WithRecommends= --with-recommends= . . apt dnf zypper. WithDocs= --with-docs= . . . $WITH_DOCS mkosi.build 0 1 . BaseTrees= --base-tree= . . . CleanPackageMetadata=no ( CleanPackageMetadata=). tar . . git . SkeletonTrees= --skeleton-tree= . . . . . . mkosi.skeleton/ ( FILES ). (skeleton) ( Incremental=) ( -ff mkosi -f clean). tar . mkosi.skeleton.tar . SandboxTrees= mkosi SkeletonTrees= mkosi . ExtraTrees= --extra-tree= . . . . . . mkosi.extra/ ( FILES ). tar . mkosi.extra.tar . RemovePackages= --remove-package= Packages=. . CleanPackageMetadata=no. RemoveFiles= --remove-files= (globs). . CleanPackageMetadata= --clean-package-metadata= / . true false auto (). auto . SourceDateEpoch= --source-date-epoch= UNIX . . systemd-repart mkosi. SOURCE_DATE_EPOCH --environment= . . SOURCE_DATE_EPOCH . SyncScripts= --sync-script= . SCRIPTS . PrepareScripts= --prepare-script= . SCRIPTS . BuildScripts= --build-script= . SCRIPTS . PostInstallationScripts=, --postinst-script= . SCRIPTS . FinalizeScripts=, --finalize-script= . SCRIPTS . PostOutputScripts=, --postoutput-script= . SCRIPTS . Bootable=, --bootable= auto. . mkosi EFI ESP . EFI ( Bootloader=) . auto EFI . ESP . esp ESP Bootable= (UKI) ESP . Bootloader=, --bootloader= : none systemd-boot uki grub systemd-boot-signed uki-signed grub-signed. systemd-boot. none EFI . systemd-boot systemd-boot (UKI) EFI/Linux ESP. uki ( ) EFI/BOOT/BOOTX64.EFI ESP. grub EFI/Linux ESP. grub grub/grub.cfg ESP . grub.cfg EFI//grub.cfg ESP grub/grub.cfg ESP grub grub . (signed) EFI . ( ExtraTrees=) /usr/lib/modules/$version vmlinux vmlinuz. $version make kernelversion Kbuild. : systemd-boot systemd-boot-signed mkosi EFI systemd-boot . . systemd-boot-efi. BiosBootloader=, --bios-bootloader= none grub. none. none BIOS. grub grub BIOS Bootable=. repart mkosi grub BIOS EFI . Bootloader=. UEFI BIOS Bootloader= BiosBootloader=. grub BIOS UUID : 21686148-6449-6e6f-744e-656564454649 1 . EFI ESP BIOS initrd grub. ShimBootloader=, --shim-bootloader= : none unsigned signed. none. none shim MokManager ESP. unsigned mkosi EFI shim MokManager . SecureBoot= mkosi . signed mkosi . mkosi . UEFI (Bootable= Bootloader=). mkosi shim . UnifiedKernelImages=, --unified-kernel-images= (UKI) Bootloader= systemd-boot grub. : none unsigned signed auto. auto. unsigned signed . auto 1 (Type 1) (Boot Loader Specification). 1 . Bootloader= UnifiedKernelImages= unsigned . Firmware= custom UEFI db. UnifiedKernelImageFormat=, --unified-kernel-image-format= . ( ) . &e-&k -&h roothash= usrhash= +&c /etc/kernel/tries . : ----------------------------------------------- && & &e &k &h roothash= usrhash= UnifiedKernelImageProfiles=, --uki-profile= UKI . UKI. UKI . mkosi.uki-profiles/ . UKI UKI UKI mkosi. UKIProfile UKI. Initrds=, --initrd= initrd . initrd. initrd. initrd mkosi initrd . mkosi initrd io.mkosi.initrd ( $ARTIFACTDIR ENVIRONMENT VARIABLES). initrd initrd initrd mkosi. InitrdProfiles=, --initrd-profile= initrd . . . lvm LVM. network systemd-networkd. nfs NFS. initrd network . pkcs11 PKCS#11. plymouth ( ). raid RAID. InitrdPackages=, --initrd-package= initrd . . . InitrdVolatilePackages=, --initrd-volatile-package= VolatilePackages= initrd . Devicetrees=, --devicetrees= (devicetree) . (glob). mkosi /usr/lib/modules//dtb/ /usr/lib/firmware//device-tree/ /usr/lib/linux-image-/. UKI .dtbauto. 1 . : Devicetrees=rockchip/*,imx.* Rockchip IMX. Splash=, --splash= (boot splash) mkosi . MicrocodeHost=, --microcode-host= (true) (microcode) . KernelCommandLine=, --kernel-command-line= . (root) /usr verity roothash= usrhash= root= mount.usr=. root=PARTUUID mount.usr=PARTUUID (UUID) /usr . root=PARTUUID root=PARTUUID=58c7d0b2-d224-4834-a16f-e036322e88f7 58c7d0b2-d224-4834-a16f-e036322e88f7 UUID . KernelModules=, --kernel-modules= glob . (-) . ( ) . . .ko . /usr/lib/module/ /usr/lib/module//kernel/foo/bar.ko.xz kernel/foo/bar . "/" . /usr/lib/module//kernel /usr/lib/module//. kernel/. /usr/lib/module//kernel/foo/bar.ko.xz /foo/bar /kernel/foo/bar. glob ( loop) ( block/loop) ( /drivers/block/loop) . / . glob (* ? [...-...]). default mkosi-initrd . host . KernelModulesInitrd=, --kernel-modules-initrd= (true) . mkosi initrd . initrd initrd initrd . initrd (UKI). initrd . initrd . initrd . KernelInitrdModules=, --kernel-modules-initrd-include= KernelModules= initrd. FirmwareFiles=, --firmware-files= glob . KernelModules= /usr/lib/firmware/. . . : FirmwareFiles=cxgb4/bcm8483.bin FirmwareFiles=bcm8483.* /usr/lib/firmware/cxgb4/bcm8483.bin.xz . Locale=, --locale=, LocaleMessages=, --locale-messages=, Keymap=, --keymap=, Timezone=, --timezone=, Hostname=, --hostname=, RootShell=, --root-shell= Locale= --locale= LocaleMessages= --locale-messages= Keymap= --keymap= Timezone= --timezone= Hostname= --hostname= RootShell= --root-shell= systemd-firstboot . systemd-firstboot(1) . systemd /usr/lib/credstore /usr . RootPassword=, --root-password=, . mkosi.rootpw ( SCRIPTS ). hashed: (hashed) . /usr/lib/credstore systemd /usr . hashed: . Autologin=, --autologin=, -a (root) /dev/pts/0 (nspawn) /dev/tty1 /dev/hvc0. MakeInitrd=, --make-initrd= /etc/initrd-release /init initramfs. Ssh=, --ssh= sshd . : always never auto runtime. auto. auto sshd systemd-ssh-generator always mkosi sshd SSH VSock. never mkosi . runtime mkosi mkosi vm SSH . mkosi vm mkosi ssh / SSH. openssh mkosi ssh . mkosi genkey X.509 mkosi SSH mkosi ssh. mkosi boot machinectl. v256 systemd systemd-ssh-generator(8) sshd VSock . systemd . openssh --vsock=auto VSock . : SELinux sshd mkosi VSock . SELinux ( audit2allow). SELinuxRelabel=, --selinux-relabel= SELinux . auto. auto. . SELinux setfiles . setfiles . auto mkosi SELinux setfiles . setfiles. setfiles SELinux . setfiles mkosi (root) SELinux . MachineId=, --machine-id= UUID random. (machine ID) UUID . random UUID /etc/machine-id. mkosi.machine-id UUID uninitialized /etc/machine-id. [] SecureBoot=, --secure-boot= systemd-boot ( ) UEFI SecureBoot ( ). SecureBootAutoEnroll=, --secure-boot-auto-enroll= systemd-boot(7) SecureBoot=. systemd-boot systemd v253. systemd v252 systemd-boot /efi/loader/loader.conf secure-boot-enroll force secure-boot-enroll manual. systemd v252. yes. SecureBootKey=, --secure-boot-key= PEM UEFI SecureBoot= PCR SignExpectedPcr= . SecureBootKeySource= . SecureBootCertificate=, --secure-boot-certificate= X.509 UEFI SecureBoot=. SecureBootSignTool=, --secure-boot-sign-tool= PE . : systemd-sbsign sbsign auto. auto. auto systemd-sbsign sbsign systemd-sbsign. Verity=, --verity= verity . : signed hash defer auto . signed verity verity systemd-repart. verity systemd-repart. hash mkosi systemd-repart hash verity . defer verity . auto verity mkosi systemd-repart verity verity systemd-repart. / hash verity (disk) . VerityKey=, --verity-key= PEM verity verity systemd-repart. VerityKeySource= . VerityCertificate=, --verity-certificate= X.509 verity verity systemd-repart. SignExpectedPcr=, --sign-expected-pcr= (UKI) systemd-measure PCR . auto systemd-measure PATH. SecureBoot= SecureBootKey=. SignExpectedPcrKey=, --sign-expected-pcr-key= PEM PCR . SignExpectedPcrKeySource= . SignExpectedPcrCertificate=, --sign-expected-pcr-certificate= X.509 PCR . SecureBootKeySource=, --secure-boot-key-source=, VerityKeySource=, --verity-key-source=, SignExpectedPcrKeySource=, --sign-expected-key-source= OpenSSL --secure-boot-key-source=engine:pkcs11 --secure-boot-key-source=provider:pkcs11. SecureBootCertificateSource=, --secure-boot-certificate-source=, VerityCertificateSource=, --verity-certificate-source=, SignExpectedPcrCertificateSource=, --sign-expected-certificate-source= OpenSSL --secure-boot-certificate-source=provider:pkcs11. . Passphrase=, --passphrase= LUKS. ( cryptsetup /etc/crypttab ). 0600 . . mkosi.repart/ Encrypt=key-file . Checksum=, --checksum= .SHA256SUMS . Sign=, --sign= SHA256SUMS gpg . OpenPGPTool=, --openpgp-tool= OpenPGP . gpg . Stateless OpenPGP (SOP) SHA256SUMS. sqop rsop https://www.openpgp.org/about/sop/ . Key=, --key= gpg SHA256SUMS. gpg. [] ToolsTree=, --tools-tree= mkosi . . mkosi.tools/ . mkosi clean -f. ExtraSearchPaths= /usr/ . . yes mkosi . mkosi.tools.conf . TOOLS TREE . ToolsTreeDistribution=, --tools-tree-distribution= . (Ubuntu) (Debian) RHEL CentOS Alma Rocky (Fedora) custom . ToolsTreeRelease=, --tools-tree-release= . mkosi . ToolsTreeProfiles=, --tools-tree-profile= . devel misc package-manager runtime. devel. devel (C/C++). misc . . runtime systemd-nspawn . ToolsTreeMirror=, --tools-tree-mirror= . . ToolsTreeRepositories=, --tools-tree-repository= Repositories= . ToolsTreeSandboxTrees=, --tools-tree-sandbox-tree= SandboxTrees= . ToolsTreePackages=, --tools-tree-package= . . . ToolsTreePackageDirectories=, --tools-tree-package-directory= PackageDirectories= . ToolsTreeCertificates=, --tools-tree-certificates= . . /etc/pki/ca-trust /etc/pki/tls /etc/ssl /etc/ca-certificates /var/lib/ca-certificates . . ExtraSearchPaths=, --extra-search-path= $PATH . Incremental=, --incremental=, -i strict . . mkosi.build ( ). mkosi -i . . -i -ff . strict . CacheOnly=, --cache-only= auto metadata always never. auto. always . . metadata . auto ( Incremental=) . never . SandboxTrees=, --sandbox-tree= . (sandbox) mkosi . . . . mkosi.sandbox/ ( FILES ). mkosi . /usr /etc . /etc/dnf/dnf.conf dnf . WorkspaceDirectory=, --workspace-directory= . . $XDG_CACHE_HOME ( ) $CACHE_DIRECTORY ( ) $HOME/.cache ( ) /var/tmp. . mkosi ( / ). CacheDirectory=, --cache-directory= Incremental=. mkosi.cache/ . CacheKey=, --cache-key= . ( Specifiers) . &d~&r~&a~&I. : ------------------------------------------------ && & &d Distribution= &r Release= &a Architecture= &i ImageId= &v ImageVersion= &I mkosi.images/ main . PackageCacheDirectory=, --package-cache-dir= . mkosi.pkgcache/ . BuildDirectory=, --build-directory= ( Meson). ( ...) . $BUILDDIR. mkosi-chroot . mkosi.builddir/ ( FILES ). BuildKey=, --build-key= . ( Specifiers) CacheKey=. &d~&r~&a. - . UseSubvolumes=, --use-subvolumes= auto. btrfs . mkosi btrfs btrfs . btrfs . auto btrfs . RepartOffline=, --repart-offline= (loopback). . systemd-repart . systemd-repart . RepartOffline=no mkosi (root) . RepartOffline=no. Subvolumes= repart . SELinux XFS. mkfs.xfs XFS SELinux XFS . History=, --history= . mkosi .mkosi-private . . mkosi -O my-custom-output-dir -f mkosi vm mkosi . mkosi -O my-custom-output-dir --history=yes -f mkosi vm . BuildSources=, --build-sources= . . . /work/src . /work/src. BuildSourcesEphemeral=, --build-sources-ephemeral= buildcache. . BuildSources= . ( ). buildcache (overlay) BuildDirectory= . . . . Environment=, --environment= // / . . mkosi. . . EnvironmentFiles=, --env-file= . mkosi.env . mkosi.env Environment=. WithTests=, --with-tests=, -T ( ) $WITH_TESTS 0 mkosi.build . . mkosi.build. WithNetwork=, --with-network= mkosi.build. . $WITH_NETWORK mkosi.build . ProxyUrl=, --proxy-url= . mkosi . mkosi . ProxyExclude=, --proxy-exclude= . . ProxyPeerCertificate=, --proxy-peer-certificate= . . dnf dnf5 . ProxyClientCertificate=, --proxy-client-certificate= . dnf dnf5 . ProxyClientKey=, --proxy-client-key= . . dnf dnf5 . [Runtime] ( [Host]) NSpawnSettings=, --settings= .nspawn systemd-nspawn boot shell . systemd-nspawn . mkosi.nspawn . VirtualMachineMonitor=, --vmm= . qemu vmspawn. qemu. qemu qemu. qemu. qemu qemu . vmspawn systemd-vmspawn vmspawn . systemd-vmspawn vmspawn . Console=, --console= . interactive read-only native gui. interactive. interactive . read-only . native TTY qemu ( qemu). gui qemu. CPUs=, --cpus= . 2. 0 mkosi. RAM=, --ram= . 2G. MaxMem=, --maxmem= ( + ). . KVM=, --kvm= KVM . auto. auto. CXL=, --cxl= CXL . cxl. . false. VSock=, --vsock= vsock . auto. auto. VSockCID=, --vsock-cid= vsock . [3, 0xFFFFFFFF) hash auto. auto. hash . auto mkosi . . TPM=, --tpm= (TPM) . auto. auto. Removable=, --removable= . . no. Firmware=, --firmware= . uefi uefi-secure-boot bios linux linux-noinitrd auto. auto. uefi OVMF . uefi-secure-boot OVMF . bios SeaBIOS . linux . Linux= . linux-noinitrd linux initrd. auto uefi-secure-boot linux . FirmwareVariables=, --firmware-variables= . uefi uefi-secure-boot. mkosi . microsoft Microsoft . microsoft-mok Microsoft MokList SecureBootCertificate=. shim EFI . custom SecureBootCertificate= . virt-fw-vars virt-firmware OVMF. Linux=, --linux= qemu. mkosi ( -kernel) ( ). cpio . qemu . ( Specifiers) . : ------------------------------------------- && & &b ( ) Drives=, --drive= . :[:[:[:[:]]]]. id . drive= qemu . size . . K M G . directory . /var/tmp. options -blockdev qemu. file-id . . . . flags persist . persist qemu. //mkosi-drive--. myfs:1G::::persist /var/tmp/mkosi-drive-main-myfs. : [Runtime] Drives=btrfs:10G ext4:20G QemuArgs=-device nvme,serial=btrfs,drive=btrfs -device nvme,serial=ext4,drive=ext4 QemuArgs= qemu. Ephemeral=, --ephemeral= shell boot vm . (reflinks) (btrfs xfs) (ext4). Credentials=, --credential= systemd-nspawn mkosi shell/boot mkosi vm. = . . . . . (=). KernelCommandLineExtra=, --kernel-command-line-extra= . systemd. SMBIOS OEM io.systemd.stub.kernel-cmdline-extra. systemd-boot systemd-stub v254. RuntimeTrees=, --runtime-tree= . ( ) mkosi. . /root/src . /root/src . (uid) (gid) mkosi (root) . mkosi . mkosi vm systemd v254 . RuntimeSize=, --runtime-size= mkosi boot mkosi vm. . K M G . RuntimeNetwork= --runtime-network= user interface none. user. . user . interface . veth mkosi shell mkosi boot tap mkosi vm mkosi vmspawn. interface mkosi . systemd-networkd . RuntimeBuildSources= --runtime-build-sources= BuildSources= ( ) /work mkosi boot mkosi vm. BindUser= --bind-user= . . . UnitProperties= --unit-property= systemd systemd mkosi boot mkosi vm. --property= systemd-nspawn systemd-run . SshKey= --ssh-key= X.509 PEM mkosi vm Ssh= ( systemd-ssh-generator) mkosi ssh. mkosi.key . mkosi genkey mkosi.key. SshCertificate=, --ssh-certificate= X.509 PEM SSH mkosi vm. mkosi.crt . mkosi genkey mkosi.crt. Machine=, --machine= . SSH (: mkosi --image=myimage ssh). Ephemeral= . Register=, --register= auto. / systemd-machined. mkosi / systemd-machined. mkosi /. auto mkosi / systemd-machined . auto. ForwardJournal=, --forward-journal= (journal) . .journal . . v256 systemd . .journal 4G. 4G . StorageTargetMode=, --storage-target-mode= serve systemd-storagetm NVME-TCP. auto. systemd-storagetm mkosi . systemd-storagetm . auto systemd-storagetm systemd-storagetm mkosi serve . SysupdateDirectory= --sysupdate-directory= systemd-sysupdate mkosi sysupdate. mkosi.sysupdate/ . mkosi sysupdate systemd-sysupdate --transfer-source= mkosi. PathRelativeTo=explicit Path= mkosi. PathRelativeTo=explicit Path=/ mkosi. [Match] Profiles= . Distribution= . Release= . . Architecture= . . Architecture=uefi UEFI. Repositories= Repositories=. . PathExists= . . ImageId= (globs). . ImageVersion= . == != >= <= < > UAPI. . . Bootable= Bootable=. auto. Format= Format=. ( Format=). SystemdVersion= systemd ( systemctl --version). == != >= <= < > UAPI. . BuildSources= ( BuildSources=). . mkosi.conf : [Build] BuildSources=../abc/qed:kernel (drop-in) : [Match] BuildSources=kernel . . HostArchitecture= . Architecture= . ToolsTreeDistribution= . ToolsTreeRelease= . Environment= / Environment=. . Image= () . mkosi.images/ ( .conf). main. Image=main. (globs) : (Globs) --------------------------------------------------------------------------------------------------------------------------------- Profiles= Distribution= Release= Architecture= PathExists= ImageId= ImageVersion= Bootable= Format= SystemdVersion= BuildSources= HostArchitecture= ToolsTreeDistribution= ( ToolsTreeDistribution= [Build]) ToolsTreeRelease= Environment= Image= [Include] Include= --include= -I . . Include=. initrd mkosi UKI mkosi-initrd mkosi-tools mkosi-vm mkosi-addon . : mkosi- contrib- mkosi . [Config] Profiles= --profile= . mkosi.profiles/. mkosi.conf.d/*.conf. Dependencies= --dependency= . . "" . BUILDING MULTIPLE IMAGES . MinimumVersion= --minimum-version= mkosi . . git (hash) commit: mkosi git git mkosi . ConfigureScripts= --configure-script= . SCRIPTS . PassEnvironment= --pass-environment= . "". BUILDING MULTIPLE IMAGES . [UKIProfile] UKIProfile UKI UnifiedKernelImageProfiles=. UKIProfile: Profile= .profile UKI. =. ID=. UKI . Cmdline= UKI. . .cmdline .cmdline . SignExpectedPcr= PCR UKI . . . . % %%. : ------------------------------------------- Distribution= %d Release= %r Architecture= %a Format= %t Output= %o OutputDirectory= %O ImageId= %i ImageVersion= %v : ----------------------------------------------- %C %P %D mkosi %I mkosi.images : ---------------------------------------------- %F mkosi . mkosi mkosi.conf . mkosi --directory=. : $D/mkosi.conf $D/mkosi.conf.d/abc/abc.conf $D/mkosi.conf.d/abc/mkosi.conf _ %C $D $D/mkosi.conf.d $D/mkosi.conf.d/abc %P $D $D $D/mkosi.conf.d/abc %D $D $D $D : o o o o o o o o o RHEL o RHEL UBI o OpenMandriva o Rocky Linux o Alma Linux o Azure Linux o postmarketOS o ( (rootfs) ) . apt Debian Kali Ubuntu. dnf RPM. pacman Arch Linux. zypper openSUSE. Buildroot OpenEmbedded Yocto Project custom (skeleton trees) . Fedora Linux Fedora 28. RHEL RHEL ( subscription-manager ). mkosi build. / . --incremental=yes mkosi . 1. 2. 3. (mkosi.configure) 4. (root) subuid /etc/subuid /etc/subgid . 5. 6. : o /usr o /etc o /opt o /srv o /boot o /efi o /media o /mnt : 1. (sandbox) 2. 3. (mkosi.sync) 4. (--base-tree=) 5. 6. 7. (mkosi.skeleton) 8. 9. final (mkosi.prepare) 10. (overlay) 11. build (mkosi.prepare) 12. (--incremental=yes) 13. + (mkosi.build) 14. none 15. 16. (mkosi.extra) 17. (mkosi.postinst) 18. Ssh= Autologin= MakeInitrd= 19. systemd-boot (--secure-boot=yes) 20. systemd-sysusers 21. systemd-tmpfiles 22. systemctl preset-all 23. depmod 24. systemd-firstboot 25. systemd-hwdb 26. (RemovePackages= RemoveFiles=) 27. SELinux SELinux 28. (mkosi.finalize) 29. 30. 31. (mkosi.postoutput) mkosi mkosi . ( mkosi ) . (BuildSources=) . $SRCDIR . : o mkosi.configure (ConfigureScripts=) . . JSON (stdin) JSON (stdout). ( build vm boot shell). . summary. o mkosi.sync (SyncScripts=) . . git pull . BuildSourcesEphemeral= . o mkosi.prepare (PrepareScripts=) final . build . ( pip npm ...) ( ). (pip install npm install -g) $SRCDIR . o mkosi.build (BuildScripts=) . $DESTDIR . make automake meson $DESTDIR . $DESTDIR . o mkosi.postinst (PostInstallationScripts=) () . . o mkosi.finalize (FinalizeScripts=) . o mkosi.postoutput (PostOutputScripts=) . SHA256FILES SBOM. o mkosi.clean (CleanScripts=) . mkosi ( SplitArtifacts=partitions RPM ). . o mkosi.version ImageVersion= . git describe date '+%Y-%m-%d'. (sandboxing). o mkosi.rootpw RootPassword= . (stderr) $MKOSI_CONFIG ( mkosi.postoutput). . .chroot mkosi (chroot) mkosi-chroot ( ) . mkosi.postinst.chroot mkosi . mkosi .d mkosi.build.d . : o mkosi.sync.d o mkosi.prepare.d o mkosi.build.d o mkosi.postinst.d o mkosi.finalize.d o mkosi.postoutput.d o mkosi.clean.d. .chroot mkosi.build.d/01-foo.sh mkosi.build.d/02-bar.sh.chroot . mkosi : o $ARCHITECTURE Architecture=. . Architecture= . o $QEMU_ARCHITECTURE $ARCHITECTURE qemu. qemu (qemu-system-$QEMU_ARCHITECTURE). o $EFI_ARCHITECTURE $ARCHITECTURE UEFI. UEFI. o $DISTRIBUTION Distribution=. o $RELEASE Release=. o $DISTRIBUTION_ARCHITECTURE $ARCHITECTURE . o $PROFILES Profiles= . o $CACHED 1 0. o $CHROOT_SCRIPT . mkosi-chroot. mkosi-chroot . o $SRCDIR mkosi . $CHROOT_SRCDIR $SRCDIR mkosi-chroot. o $BUILDDIR mkosi.builddir . . $CHROOT_BUILDDIR $BUILDDIR mkosi-chroot. o $DESTDIR . . $CHROOT_DESTDIR $DESTDIR mkosi-chroot. o $OUTPUTDIR . $CHROOT_OUTPUTDIR $OUTPUTDIR mkosi-chroot. o $PACKAGEDIR . $PACKAGEDIR. o $ARTIFACTDIR mkosi. PACKAGEDIR initrd mkosi. $ARTIFACTDIR. $OUTPUTDIR. mkosi . mkosi: o io.mkosi.microcode: (microcode) initrd . o io.mkosi.initrd: initrd . $ARTIFACTDIR local.my.namespace. o $BUILDROOT . o $WITH_DOCS 0 1 (WithDocs=yes). $DESTDIR $WITH_DOCS 0. o $WITH_TESTS 0 1 (WithTests=no). $WITH_TESTS 0. o $WITH_NETWORK 0 1 (WithNetwork=no). $WITH_NETWORK 0. o $SOURCE_DATE_EPOCH (SourceDateEpoch=TIMESTAMP Environment=SOURCE_DATE_EPOCH=TIMESTAMP $SOURCE_DATE_EPOCH). . SOURCE_DATE_EPOCH . o $MKOSI_UID $MKOSI_GID mkosi. o $MKOSI_CONFIG json . . o $IMAGE_ID ImageId= --image-id=. o $IMAGE_VERSION ImageVersion= --image-version=. o $MKOSI_DEBUG 0 1 . : build postinst postoutput clean _ \/ \/ \/ \/ \/ \/ \/ \/ ARTIFACTDIR \/ \/ \/ \/ BUILDDIR \/ \/ \/ BUILDROOT \/ \/ \/ \/ \/ CHROOT_BUILDDIR \/ CHROOT_DESTDIR \/ CHROOT_OUTPUTDIR \/ \/ CHROOT_SCRIPT \/ \/ \/ \/ CHROOT_SRCDIR \/ \/ \/ \/ MKOSI_DEBUG \/ \/ \/ \/ \/ \/ \/ \/ DESTDIR \/ \/ \/ \/ \/ \/ \/ \/ \/ _ \/ \/ \/ \/ \/ \/ \/ \/ _EFI \/ \/ \/ \/ \/ \/ \/ \/ _ \/ \/ \/ \/ \/ \/ \/ \/ _ \/ \/ \/ \/ \/ \/ \/ \/ MKOSI_CONFIG \/ \/ \/ \/ \/ \/ \/ MKOSI_GID \/ \/ \/ \/ \/ \/ \/ \/ MKOSI_UID \/ \/ \/ \/ \/ \/ \/ \/ OUTPUTDIR \/ \/ \/ \/ PACKAGEDIR \/ \/ \/ \/ \/ \/ \/ \/ \/ \/ \/ _QEMU \/ \/ \/ \/ \/ \/ \/ \/ \/ SOURCE_DATE_EPOCH \/ \/ \/ \/ \/ SRCDIR \/ \/ \/ \/ \/ \/ \/ \/ _ \/ \/ _ \/ \/ \/ \/ _ \/ \/ $PATH . o mkosi-chroot: (chroot) . (mount) ($SRCDIR $DESTDIR $BUILDDIR $OUTPUTDIR $CHROOT_SCRIPT) . APIVFS (/proc /dev ...) chroot . /etc/resolv.conf chroot (DNS). mkosi-chroot . ls : mkosi-chroot ls ... .chroot (mkosi.build.chroot mkosi.build ). o (dnf rpm apt dpkg pacman zypper) $PATH . dnf install vim vim . mkosi-install mkosi-reinstall mkosi-upgrade mkosi-remove . o git safe.directory=* (root) . o useradd groupadd --root=$BUILDROOT . (/home /var /root ...) . mkosi . . . mkosi . : o mkosi.skeleton/ mkosi.skeleton.tar . . (presets) systemd. : . tar. o mkosi.extra/ mkosi.extra.tar . mkosi.skeleton/ mkosi.skeleton.tar . : . tar. o mkosi.sandbox/ mkosi.sandbox.tar . mkosi.skeleton/ mkosi.skeleton.tar . : . tar. o nspawn mkosi.nspawn . nspawn . o mkosi.cache/ . o mkosi.builddir/ (out-of-tree) mkosi.build . $BUILDDIR . automake ninja. mkosi (-i): . $BUILDDIR . o mkosi.rootpw (root) . hashed: (hashed) . . 0600 . ( ). o mkosi.passphrase LUKS. ( cryptsetup /etc/crypttab ). 0600 . o mkosi.crt mkosi.key X.509 PEM ( UEFI verity ...). o mkosi.output/ . o mkosi.credentials/ Credentials=. mkosi stdout . stderr. Credentials= mkosi.credentials. o mkosi.repart/ systemd-repart systemd-repart . RepartDirectories= mkosi : 00-esp.conf ( ): [Partition] Type=esp Format=vfat CopyFiles=/boot:/ CopyFiles=/efi:/ SizeMinBytes=512M SizeMaxBytes=512M 05-bios.conf ( BIOS): [Partition] # UUID BIOS grub grub GPT # . Type=21686148-6449-6e6f-744e-656564454649 SizeMinBytes=1M SizeMaxBytes=1M 10-root.conf [Partition] Type=root Format= CopyFiles=/ Minimize=guess mkosi.repart/ RepartDirectories= . . mkosi.conf . mkosi . : 1. . --cache-directory= mkosi.cache/. (RPM deb ...) . 2. --incremental=yes (build overlay) ( ) mkosi.build ( ). . : -f. 3. mkosi.builddir/. Meson mkosi.build. . mkosi . . mkosi . mkosi. ToolsTree= mkosi.tools mkosi ToolsTree=yes. . mkosi mkosi : mkosi --include=mkosi-tools --format=directory ToolsTree*= mkosi.tools.conf. . : ---------------------------------------------------------------------------------------------------------------------------------------------------------------------- acl \/ \/ \/ \/ \/ \/ \/ \/ apt \/ \/ \/ \/ \/ \/ archlinux-keyring \/ \/ \/ \/ \/ \/ attr \/ \/ \/ \/ \/ \/ \/ \/ bash \/ \/ \/ \/ \/ \/ \/ \/ btrfs-progs \/ \/ \/ \/ \/ \/ \/ \/ ca-certificates \/ \/ \/ \/ \/ \/ \/ \/ coreutils \/ \/ \/ \/ \/ \/ \/ \/ cpio \/ \/ \/ \/ \/ \/ \/ \/ createrepo_c \/ \/ \/ \/ \/ \/ \/ \/ curl \/ \/ \/ \/ \/ \/ \/ \/ debian-keyring \/ \/ \/ \/ \/ \/ \/ diffutils \/ \/ \/ \/ \/ \/ \/ \/ distribution-gpg-keys \/ \/ \/ \/ \/ \/ \/ dnf \/ \/ \/ \/ \/ \/ \/ \/ dosfstools \/ \/ \/ \/ \/ \/ \/ \/ e2fsprogs \/ \/ \/ \/ \/ \/ \/ \/ edk2-ovmf \/ \/ \/ \/ \/ \/ \/ \/ erofs-utils \/ \/ \/ \/ \/ \/ \/ \/ findutils \/ \/ \/ \/ \/ \/ \/ \/ git \/ \/ \/ \/ \/ \/ \/ \/ grep \/ \/ \/ \/ \/ \/ \/ \/ grub-tools \/ \/ \/ \/ \/ \/ jq \/ \/ \/ \/ \/ \/ \/ \/ kali-archive-keyring \/ kmod \/ \/ \/ \/ \/ \/ \/ \/ less \/ \/ \/ \/ \/ \/ \/ \/ mtools \/ \/ \/ \/ \/ \/ \/ \/ \/ \/ \/ \/ \/ \/ \/ \/ opensc \/ \/ \/ \/ \/ \/ \/ \/ openssh \/ \/ \/ \/ \/ \/ \/ \/ openssl \/ \/ \/ \/ \/ \/ \/ \/ pkcs11-provider \/ \/ \/ \/ \/ \/ \/ \/ perf \/ \/ \/ \/ \/ \/ \/ sed \/ \/ \/ \/ \/ \/ \/ \/ pacman \/ \/ \/ \/ \/ \/ \/ p11-kit \/ \/ \/ \/ \/ \/ \/ \/ policycoreutils \/ \/ \/ \/ \/ \/ \/ qemu \/ \/ \/ \/ \/ \/ \/ \/ sbsigntools \/ \/ \/ \/ \/ \/ \/ \/ socat \/ \/ \/ \/ \/ \/ \/ \/ squashfs-tools \/ \/ \/ \/ \/ \/ \/ \/ strace \/ \/ \/ \/ \/ \/ \/ \/ swtpm \/ \/ \/ \/ \/ \/ \/ \/ systemd \/ \/ \/ \/ \/ \/ \/ \/ ukify \/ \/ \/ \/ \/ \/ \/ \/ tar \/ \/ \/ \/ \/ \/ \/ \/ ubuntu-keyring \/ \/ \/ \/ \/ \/ util-linux \/ \/ \/ \/ \/ \/ \/ \/ virtiofsd \/ \/ \/ \/ \/ \/ \/ \/ virt-firmware \/ \/ \/ \/ \/ \/ \/ \/ xfsprogs \/ \/ \/ \/ \/ \/ \/ \/ xz \/ \/ \/ \/ \/ \/ \/ \/ zstd \/ \/ \/ \/ \/ \/ \/ \/ zypper \/ \/ \/ \/ \/ \/ mkosi.images/ mkosi . mkosi .conf. mkosi.images/ mkosi Dependencies= ( Dependencies= ). Dependencies= . . mkosi ( mkosi.images/) . " " : o RepositoryKeyCheck= o RepositoryKeyFetch= o SourceDateEpoch= o CacheOnly= o WorkspaceDirectory= o PackageCacheDirectory= o BuildSources= o BuildSourcesEphemeral= o ProxyClientCertificate= o ProxyClientKey= o ProxyExclude= o ProxyPeerCertificate= o ProxyUrl= "" . : o Architecture= o BuildDirectory= o CacheDirectory= o Distribution= o ExtraSearchPaths= o Incremental= o LocalMirror= o Mirror= o OutputDirectory= o OutputMode= o PackageDirectories= o Release= o RepartOffline= o Repositories= o SandboxTrees= o ToolsTree= o ToolsTreeCertificates= o UseSubvolumes= o SecureBootCertificate= o SecureBootCertificateSource= o SecureBootKey= o SecureBootKeySource= o VerityCertificate= o VerityCertificateSource= o VerityKey= o VerityKeySource= o VolatilePackageDirectories= o WithNetwork= o WithTests . . : o Profiles= o ImageId= o ImageVersion= o SectorSize= o CacheKey= o BuildKey= o CompressLevel= o SignExpectedPcrKey= o SignExpectedPcrKeySource= o SignExpectedPcrCertificate= o SignExpectedPcrCertificateSource= : o MinimumVersion= o PassEnvironment= o ToolsTreeDistribution= o ToolsTreeRelease= o ToolsTreeProfiles= o ToolsTreeMirror= o ToolsTreeRepositories= o ToolsTreeSandboxTrees= o ToolsTreePackages= o ToolsTreePackageDirectories= o History= o [Runtime] . mkosi : o BaseTrees= o ExtraTrees= o Initrds= . %O . systemd o $MKOSI_LESS less mkosi . o $MKOSI_DNF dnf. dnf dnf5. o $EPEL_MIRROR epel Mirror=. mkosi epel fedora Mirror=. https://mirror.net/centos-stream mkosi epel https://mirror.net/fedora/epel. o SYSEXT_SCOPE CONFEXT_SCOPE extension-release sysext confext. initrd system portable. GPT ext4 image.raw: # mkosi -p systemd -i boot GPT foobar.raw: $ mkosi -d fedora -p kernel-core -p systemd -p systemd-boot -p udev -o foobar.raw # mkosi --output foobar.raw boot $ mkosi --output foobar.raw vm Fedora Linux : # mkosi --distribution fedora --format directory boot image.raw.xz SSH : $ mkosi --distribution fedora --format disk --checksum=yes --compress-output=yes --package=openssh-clients automake mkosi mkosi : $ cat >mkosi.conf <mkosi.build < vm mkosi qemu : $ mkosi -d fedora -p systemd-udev,systemd-boot,kernel-core build $ mkosi -d fedora vm ... fedora login: root ( ) [root@fedora ~]# . systemd getty . qemu Ctrl-a c. qemu . Ctrl-a x. --console=gui: $ mkosi -d fedora --console=gui qemu mkosi vm -kernel ... -initrd ... -append '...'. . -append qemu -append . UKI : $ mkosi vm -- -kernel mkosi.output/fedora~38/image.efi . systemd-boot(7) UEFI : $ mkosi vm -- -kernel /usr/lib/systemd/boot/efi/systemd-bootx64.efi ESP systemd-boot. mkosi : Debian Kali Ubuntu Arch Linux Fedora Linux OpenMandriva Gentoo postmarketOS. . mkosi git . mkosi Linux mount_setattr() 5.12. mkosi systemd 254 . . Fedora Linux : # dnf install btrfs-progs apt dosfstools mtools edk2-ovmf e2fsprogs squashfs-tools gnupg python3 tar xfsprogs xz zypper sbsigntools Debian/Kali/Ubuntu ubuntu-keyring ubuntu-archive-keyring kali-archive-keyring / debian-archive-keyring apt . Python 3.9. mkosi . mkosi. Ubuntu AppArmor https://ubuntu.com/blog/ubuntu-23-10-restricted-unprivileged-user-namespaces. sysctls kernel.unprivileged_userns_clone user.max.user_namespace. Ubuntu mkosi mkosi /etc/apparmor.d/resolved.path.to.mkosi systemctl reload apparmor: abi , include /resolved/path/to/mkosi flags=(default_allow) { userns, } (FAQ) o mkosi vm KVM Debian/Kali/Ubuntu /dev/kvm Debian/Kali/Ubuntu kvm. mkosi kvm mkosi kvm qemu /dev/kvm . 0666 KVM . /usr/lib/tmpfiles.d/static-nodes-permissions.conf /etc/tmpfiles.d/static-nodes-permissions.conf /dev/kvm 0660 0666. o : useradd --create-home --user-group $USER --password "$(openssl passwd -stdin -6 <$USER_PASSWORD_FILE)" v256 systemd systemd-homed-firstboot.service . o chown (root) . . mkosi . chown . MKOSI_CHROOT_SUPPRESS_CHOWN (1 yes true) chown mkosi-chroot .chroot. mkosi . mkosi unshare --map-auto --map-current-user --setuid 0 --setgid 0 UID/GID /etc/subuid /etc/subgid . mkosi unshare mkosi . systemd /var systemd-tmpfiles StateDirectory= CacheDirectory= LogsDirectory= systemd . z Z systemd-tmpfiles chown . o portablectl inspect /systemd-dissect systemd-dissect portablectl inspect PORTABLE_PREFIXES= os-release Use as systemd-dissect n/a Portable Service portablectl. mkosi . PORTABLE_PREFIXES= os-release (postinst). o mkosi git GitHub o mkosi -- Lennart Poettering o mkosi LWN systemd-nspawn(1), systemd-repart(8), dnf(8) 3 . . : . mkosi(1)