fix: only install virtualization packages on desktop images#1775
Merged
HastD merged 1 commit intosecureblue:stagingfrom Jan 6, 2026
Merged
fix: only install virtualization packages on desktop images#1775HastD merged 1 commit intosecureblue:stagingfrom
HastD merged 1 commit intosecureblue:stagingfrom
Conversation
RoyalOughtness
previously approved these changes
Jan 5, 2026
HastD
changed the title
The libvirt/qemu/kvm packages increase the size of the server images by more than we want. Also adjust the package list to avoid installing emulators for other architectures (qemu-kvm instead of the full qemu metapackage).
HastD
changed the title
RoyalOughtness
approved these changes
Jan 5, 2026
EsseLowNitro
approved these changes
Jan 6, 2026
HastD
added a commit
to HastD/secureblue
that referenced
this pull request
Jan 18, 2026
…ue#1775) The libvirt/qemu/kvm packages increase the size of the server images by more than we want. Also adjust the package list to avoid installing emulators for other architectures (qemu-kvm instead of the full qemu metapackage).
HastD
added a commit
to HastD/secureblue
that referenced
this pull request
Jan 18, 2026
…ue#1775) The libvirt/qemu/kvm packages increase the size of the server images by more than we want. Also adjust the package list to avoid installing emulators for other architectures (qemu-kvm instead of the full qemu metapackage).
HastD
added a commit
to HastD/secureblue
that referenced
this pull request
Jan 19, 2026
…ue#1775) The libvirt/qemu/kvm packages increase the size of the server images by more than we want. Also adjust the package list to avoid installing emulators for other architectures (qemu-kvm instead of the full qemu metapackage).
HastD
added a commit
that referenced
this pull request
Jan 19, 2026
* feat: preinstall libvirt/kvm/qemu (#1766) * Install libvirt, KVM, and QEMU packages into the images at build time. * Also install virt-manager and virt-viewer on desktop images. * Add `ujust set-libvirt-daemons` to enable, disable, or check the status of the various libvirt daemon services and sockets. The interactive mode uses Python's inquirer module to provide an interactive checklist. These units are all preset to be disabled to avoid introducing additional attack surface for users who don't use VMs. The ujust script also disables the monolithic libvirt daemon if it was enabled. * Remove `ujust install-libvirt-packages`. * fix: only install virtualization packages on desktop images (#1775) The libvirt/qemu/kvm packages increase the size of the server images by more than we want. Also adjust the package list to avoid installing emulators for other architectures (qemu-kvm instead of the full qemu metapackage). * chore: update BlueBuild CLI to v0.9.30, pass --remove-base-image (#1791) This will free up additional disk space before rechunking. * fix: missing arguments in ujust set-libvirt-daemons (#1792) Need to have `*args` in the ujust signature to properly pass command-line arguments on to the script. * chore: clarify reason for commented-out capabilities
RoyalOughtness
added a commit
that referenced
this pull request
Feb 1, 2026
* feat: preinstall libvirt/kvm/qemu (#1766) * Install libvirt, KVM, and QEMU packages into the images at build time. * Also install virt-manager and virt-viewer on desktop images. * Add `ujust set-libvirt-daemons` to enable, disable, or check the status of the various libvirt daemon services and sockets. The interactive mode uses Python's inquirer module to provide an interactive checklist. These units are all preset to be disabled to avoid introducing additional attack surface for users who don't use VMs. The ujust script also disables the monolithic libvirt daemon if it was enabled. * Remove `ujust install-libvirt-packages`. * fix: only install virtualization packages on desktop images (#1775) The libvirt/qemu/kvm packages increase the size of the server images by more than we want. Also adjust the package list to avoid installing emulators for other architectures (qemu-kvm instead of the full qemu metapackage). * chore: update BlueBuild CLI to v0.9.30, pass --remove-base-image (#1791) This will free up additional disk space before rechunking. * fix: missing arguments in ujust set-libvirt-daemons (#1792) Need to have `*args` in the ujust signature to properly pass command-line arguments on to the script. * add secureblue/bazaar copr repo * add bazaar to desktop builds * add krunner-bazaar to kinoite builds * remove gnome-software from silverblue builds * remove plasma-discover on kde * check for firmware updates and notify if available * add blocklist * add curated section * remove appstream krunner * start bazaar search provider on login * Update utilities.just * Update removesuid.sh * Update removesuid.sh * Update removesuid.sh * Update removesuid.sh * Update 40-secureblue.preset * Update firmwareoutofdatenotify * Update firmwarecheckoutofdate * Update silverblue-modules.yml * Update curated.yaml * Update blocklist.yaml * Create bazaar.te * Create bazaar.fc * Create bazaar.if * don't remove dependent packages * transition bazaar_t -> flatpak_exec_t -> flatpak_t * mark as userns_privileged_file_type * make firmwarecheckoutofdate more concise * as discussed in #1822 * use flatpak_t for bazaar for now * oepsie doepsie --------- Co-authored-by: Daniel Hast <[email protected]> Co-authored-by: RoyalOughtness <[email protected]>
RoyalOughtness
added a commit
that referenced
this pull request
Feb 3, 2026
* feat: preinstall libvirt/kvm/qemu (#1766) * Install libvirt, KVM, and QEMU packages into the images at build time. * Also install virt-manager and virt-viewer on desktop images. * Add `ujust set-libvirt-daemons` to enable, disable, or check the status of the various libvirt daemon services and sockets. The interactive mode uses Python's inquirer module to provide an interactive checklist. These units are all preset to be disabled to avoid introducing additional attack surface for users who don't use VMs. The ujust script also disables the monolithic libvirt daemon if it was enabled. * Remove `ujust install-libvirt-packages`. * fix: only install virtualization packages on desktop images (#1775) The libvirt/qemu/kvm packages increase the size of the server images by more than we want. Also adjust the package list to avoid installing emulators for other architectures (qemu-kvm instead of the full qemu metapackage). * chore: update BlueBuild CLI to v0.9.30, pass --remove-base-image (#1791) This will free up additional disk space before rechunking. * fix: missing arguments in ujust set-libvirt-daemons (#1792) Need to have `*args` in the ujust signature to properly pass command-line arguments on to the script. * add secureblue/bazaar copr repo * add bazaar to desktop builds * add krunner-bazaar to kinoite builds * remove gnome-software from silverblue builds * remove plasma-discover on kde * check for firmware updates and notify if available * add blocklist * add curated section * remove appstream krunner * start bazaar search provider on login * Update utilities.just * Update removesuid.sh * Update removesuid.sh * Update removesuid.sh * Update removesuid.sh * Update 40-secureblue.preset * Update firmwareoutofdatenotify * Update firmwarecheckoutofdate * Update silverblue-modules.yml * Update curated.yaml * Update blocklist.yaml * Create bazaar.te * Create bazaar.fc * Create bazaar.if * don't remove dependent packages * transition bazaar_t -> flatpak_exec_t -> flatpak_t * mark as userns_privileged_file_type * make firmwarecheckoutofdate more concise * as discussed in #1822 * use flatpak_t for bazaar for now * oepsie doepsie --------- Co-authored-by: Daniel Hast <[email protected]> Co-authored-by: RoyalOughtness <[email protected]>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
3 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
The libvirt/qemu/kvm packages increase the size of the server images by more than we want. Also adjust the package list to avoid installing emulators for other architectures (qemu-kvm instead of the full qemu metapackage).