Skip to content

Commit

Permalink
Browse files Browse the repository at this point in the history
[systemd] Upgrade systemd to v238. Contributes to JB#45921
* Patches:

New developed patches:
1) systemd-fix-fstab-generator.diff
   Fix systemd-fstab-generator to not add the dependency on
   local-fs.target to home.mount to fix system booting.
2) systemd-pam_selinux-remove.patch
   Disable usage of pam_selinux.so because we don't have it.
3) systemd-disable-power-key-handling.diff
   Disable Power key press action in logind because we handle it elsewhere.
4) systemd-revert-PID-file-hardening-for-booster-silica-qt5.diff
   Revert PID file hardening as a workaround for booster-silica-qt5 start
   failure.

New backported patches:
01) systemd-239-core-don-t-include-libmount.h-in-a-header-file-8580.patch
    Backport of "core: don't include libmount.h in a header file" to fix
    the broken build.
02) systemd-239-meson-avoid-warning-about-comparison-of-bool-and-str.patch
    Backport of "meson: avoid warning about comparison of bool and string"
    to get rid of the build time warning.
03) systemd-240-core-undo-the-dependency-inversion-between-unit.h-an.patch
    Backport of "core: undo the dependency inversion between unit.h and all
    unit types" to fix the broken build.
04) systemd-240-meson-drop-name-argument-in-cc.has_argument-8878.patch
    Backport of "meson: drop 'name' argument in cc.has_argument() (#8878)"
    to get rid of the build time warning.
05) systemd-240-meson-unify-linux-stat.h-check-with-other-checks-and.patch
    Backport of "meson: unify linux/stat.h check with other checks and use
    _GNU_SOURCE" to fix the broken build.
06) systemd-240-meson-use-triple-quote-delimition-in-one-more-place.patch
    Backport of "meson: use triple-quote delimition in one more place"
    to fix the build time warning.
07) systemd-241-coredump-only-install-coredump.conf-when-ENABLED_COR.patch
    Backport of "coredump: only install coredump.conf when
    ENABLED_COREDUMP=true" to fix the install time error.
08) systemd-241-meson-rename-Ddebug-to-Ddebug-extra.patch
    Backport of "meson: rename -Ddebug to -Ddebug-extra" to fix the build
    time warning.
09) systemd-240-core-dont-t-remount-sys-fs-cgroup-for-relabel-if-not.patch
    Backport of "core: dont't remount /sys/fs/cgroup for relabel if not
    needed (#8595)" to fix system boot on SELinux enabled devices.
10) systemd-239-core-do-not-free-heap-allocated-strings-8391.patch
    Backport of "core: do not free heap-allocated strings (#8391)"
    to fix systemd crash on boot.
11) systemd-239-core-when-reloading-delay-any-actions-on-journal-and.patch
    Backport of "core: when reloading, delay any actions on journal and
    dbus connections" to fix the encryption service termination because
    of D-Bus connection closing during the systemd reloading.

Reworked patches:
1) systemd-backport-rework-serialization.patch
   -> systemd-backport-rework-serialization-v3.patch
2) systemd-225_fix_build_with_glibc228.patch
   -> systemd-238_fix_build_with_glibc228.patch
3) systemd-backport-when-deserializing-always-use-read_line.patch

Deleted unneeded patches:
01) systemd-208-install-test-binaries.patch
02) systemd-208-pkgconfigdir.patch
03) systemd-227-sd-event-fix-prepare-priority-queue-comparison-function.patch
04) systemd-227-sd_pid_notify_with_fds-fix-computing-msg_controllen.patch
05) systemd-228-core-simplify-handling-of-u-U-s-and-h-unit-file-spec.patch
06) systemd-228-tmpfiles-set-acls-on-system.journal-explicitly.patch
07) systemd-233-core-downgrade-time-has-been-changed-to-debug.patch
08) systemd-234-sd-login-read-list-of-uids-of-sessions-from-UIDS-not.patch
09) systemd-234-udev-fix-some-incorrect-usages-of-CLOCK_BOOTTIME-619.patch
10) systemd-backport-Remove-extra-BindsTo.patch
11) systemd-backport-Revert-rules-remove-firmware-loading-rules.patch
12) systemd-backport-Revert-udev-remove-userspace-firmware-loading-suppor.patch
13) systemd-backport-Revert-usage-of-ln-relative.patch
14) systemd-backport-build-sys-add-check-for-gperf-lookup-function-signat.patch

All other patches were updated and realigned to fix patch utility warnings.

* Packaging:

01) Remove compat-libs subpackages.

02) Drop unneeded Provides:
    systemd-console-tty01
    systemd-console-ttyAMA0
    systemd-console-ttyMFD2
    systemd-console-ttyO2
    systemd-console-ttyS0
    systemd-console-ttyS1
    libgudev1

03) Add meson, ninja and cmake BuildRequires as the systemd build moved from
    GNU make to meson/ninja.

04) Add acl Requires to the tests subpackage.

05) Remove UDEV "firmware" builtin support.

06) Change build time options:
    Removed support for:
        bootchart          (was enabled)
        kdbus              (was disabled)
        compatibility libs (was enabled)
    Enabled -> Disabled:
        EFI
        SMACK
        sysusers

07) Remove unneeded "/" in the composite paths to avoid "//" in the resulting
    paths.

08) Create new groups:
    kvm    (gid = 36)
    render (auto)

09) Drop "%config" for not supposed to be changed by a user config files:
    /etc/pam.d/systemd-user
    /etc/systemd/journald.conf
    /etc/systemd/logind.conf
    /etc/systemd/system.conf
    /etc/systemd/user.conf
    /etc/udev/udev.conf
    /usr/share/dbus-1/system.d/org.freedesktop.hostname1.conf
    /usr/share/dbus-1/system.d/org.freedesktop.login1.conf
    /usr/share/dbus-1/system.d/org.freedesktop.systemd1.conf

10) Start owning:
    /var/log/btmp
    /var/log/utmp
    /var/run/utmp

11) Stop owning third party directories:
    /usr/share/bash-completion
    /usr/share/bash-completion/completions

12) Simplify packaging by including everything inside /usr/lib/systemd/
    (except of tests/ subdirectory) and /usr/share/factory/.

13) Remove compatibility symbolic links creation because the system installs
    them by itself:
    /usr/sbin/halt
    /usr/sbin/poweroff
    /usr/sbin/reboot
    /usr/sbin/runlevel
    /usr/sbin/shutdown
    /usr/sbin/telinit

14) Drop outdated check for botched translations.

15) Replace %patch with %autosetup.

16) Move licenses from the "doc" subpackage to the main package.

* Files:

01) New executables:
    /usr/bin/systemd-mount
    /usr/bin/systemd-socket-activate
    /usr/bin/systemd-umount (symlink to systemd-mount)
    /usr/lib/systemd/systemd-dissect
    /usr/lib/systemd/systemd-growfs
    /usr/lib/systemd/systemd-makefs
    /usr/lib/systemd/systemd-sulogin-shell
    /usr/lib/systemd/systemd-veritysetup
    /usr/lib/systemd/systemd-volatile-root
    /usr/lib/systemd/system-generators/systemd-veritysetup-generator
    /usr/lib/systemd/user-environment-generators/30-systemd-environment-d-generator
    /usr/sbin/init (symlink to /usr/lib/systemd/systemd)

02) Removed executables:
    /usr/bin/bootctl (because of disabled EFI)
    /usr/bin/systemd-sysusers (because of disabled sysusers)
    /usr/lib/systemd/systemd-activate
    /usr/lib/systemd/systemd-bootchart (moved to a separate package)
    /usr/lib/systemd/systemd-bus-proxyd
    /usr/lib/systemd/systemd-machine-id-commit
    /usr/lib/systemd/system-generators/systemd-dbus1-generator
    /usr/lib/systemd/user-generators/systemd-dbus1-generator (symbolic link)

03) Removed libraries and their corresponding *.pc files (now the parts of
    the single libsystemd.so):
    /usr/lib/libsystemd-daemon.so.*
    /usr/lib/libsystemd-id128.so.*
    /usr/lib/libsystemd-journal.so.*
    /usr/lib/libsystemd-login.so.*

04) New shared libraries:
    /usr/lib/libnss_systemd.so.2
    /lib/systemd/libsystemd-shared-238.so (internal)

05) New configuration files:
    /usr/lib/environment.d/99-environment.conf (symbolic link)
    /usr/lib/modprobe.d/systemd.conf
    /usr/lib/systemd/user-preset/90-systemd.preset

06) Removed configuration files:
    /etc/systemd/bootchart.conf
    /usr/lib/systemd/network/80-container-host0.network
    /usr/lib/systemd/network/80-container-ve.network
    /usr/lib/sysusers.d/basic.conf   (because of disabled sysusers)
    /usr/lib/sysusers.d/systemd.conf (because of disabled sysusers)

07) Changed configuration files options:
    /etc/systemd/journald.conf:
        Added:
            #SystemMaxFiles=100
            #RuntimeMaxFiles=100
            #LineMax=48K
        Renamed:
            #RateLimitInterval=30s -> #RateLimitIntervalSec=30s
    /etc/systemd/logind.conf:
        Added:
            #HandleLidSwitchExternalPower=suspend
            #InhibitorsMax=8192
            #SessionsMax=8192
            #UserTasksMax=33%
        Changed:
            #KillUserProcesses=no -> #KillUserProcesses=yes
    /etc/systemd/system.conf:
        Added:
            #CrashChangeVT=no
            #CrashShell=no
            #CrashReboot=no
            #CtrlAltDelBurstAction=reboot-force
            #DefaultIOAccounting=no
            #DefaultIPAccounting=no
            #DefaultTasksAccounting=yes
            #DefaultTasksMax=15%
            #IPAddressAllow=
            #IPAddressDeny=
        Renamed:
            #DefaultStartLimitInterval=10s
            -> #DefaultStartLimitIntervalSec=10s
        Removed:
            #CrashShell=no
            #CrashChVT=1
        Changed:
            #DefaultMemoryAccounting=no -> #DefaultMemoryAccounting=yes
    /etc/systemd/user.conf:
        Renamed:
            #DefaultStartLimitInterval=10s
            -> #DefaultStartLimitIntervalSec=10s
    /usr/lib/systemd/system-preset/90-systemd.preset:
        Added:
            enable remote-cryptsetup.target
            disable exit.target
            disable systemd-journal-remote.*
            disable systemd-journal-upload.*
        Removed:
            disable console-shell.service
            disable systemd-networkd-wait-online.service
        Changed:
            disable reboot.target -> enable reboot.target

08) New system session unit files:
    /etc/systemd/system/multi-user.target.wants/remote-cryptsetup.target (sym. link)
    /usr/lib/systemd/system/exit.target
    /usr/lib/systemd/system/getty-pre.target
    /usr/lib/systemd/system/remote-cryptsetup.target
    /usr/lib/systemd/system/runlevel0.target (symbolic link)
    /usr/lib/systemd/system/runlevel1.target (symbolic link)
    /usr/lib/systemd/system/runlevel2.target (symbolic link)
    /usr/lib/systemd/system/runlevel3.target (symbolic link)
    /usr/lib/systemd/system/runlevel4.target (symbolic link)
    /usr/lib/systemd/system/runlevel5.target (symbolic link)
    /usr/lib/systemd/system/runlevel6.target (symbolic link)
    /usr/lib/systemd/system/systemd-exit.service
    /usr/lib/systemd/system/systemd-volatile-root.service
    /usr/lib/systemd/system/system-update-cleanup.service

09) New user session unit files (in /usr/lib/systemd/user/):
    graphical-session-pre.target
    graphical-session.target
    systemd-tmpfiles-clean.service
    systemd-tmpfiles-clean.timer
    systemd-tmpfiles-setup.service

10) Removed system session unit files (from /usr/lib/systemd/system/):
    busnames.target
    busnames.target.wants/org.freedesktop.hostname1.busname (symbolic link)
    busnames.target.wants/org.freedesktop.login1.busname    (symbolic link)
    busnames.target.wants/org.freedesktop.systemd1.busname  (symbolic link)
    console-shell.service
    local-fs.target.wants/var-lib-machines.mount            (symbolic link)
    machines.target
    org.freedesktop.hostname1.busname
    org.freedesktop.login1.busname
    org.freedesktop.systemd1.busname
    quotaon.service
    -.slice
    sysinit.target.wants/systemd-sysusers.service           (symbolic link)
    sysinit.target.wants/systemd-vconsole-setup.service     (symbolic link)
    systemd-bootchart.service
    systemd-bus-proxyd.service
    systemd-bus-proxyd.socket
    systemd-sysusers.service
    systemd-update-utmp-runlevel.service
    system.slice
    var-lib-machines.mount

11) Removed user session unit files (from /usr/lib/systemd/user/):
    busnames.target (symbolic link)
    systemd-bus-proxyd.service
    systemd-bus-proxyd.socket

12) Symbolic links replaced with unit files in /usr/lib/systemd/user:
    bluetooth.target
    paths.target
    printer.target
    shutdown.target
    smartcard.target
    sockets.target
    sound.target
    timers.target

13) Changed unit files:
    /usr/lib/systemd/system/basic.target:
        Added:
            After=tmp.mount
            RequiresMountsFor=/tmp
            Wants=tmp.mount
    /usr/lib/systemd/system/console-getty.service:
        Changed:
            ExecStart=-/sbin/agetty --noclear --keep-baud \
                                    console 115200,38400,9600 $TERM
            ->
            ExecStart=-/sbin/agetty -o '-p -- \\u' --noclear --keep-baud \
                                    console 115200,38400,9600 $TERM
        Removed:
            RestartSec=0
    /usr/lib/systemd/system/container-getty@.service:
        Added:
            Conflicts=rescue.service
            Before=rescue.service
        Changed:
            ExecStart=-/sbin/agetty --noclear --keep-baud \
                                    pts/%I 115200,38400,9600 $TERM
            ->
            ExecStart=-/sbin/agetty -o '-p -- \\u' --noclear --keep-baud \
                                    pts/%I 115200,38400,9600 $TERM
    /usr/lib/systemd/system/cryptsetup-pre.target
        Added:
            Before=cryptsetup.target
    /usr/lib/systemd/system/debug-shell.service:
        Changed:
            ExecStart=/sbin/sushell -> ExecStart=/bin/sh
    /usr/lib/systemd/system/dev-hugepages.mount:
        Added:
            ConditionVirtualization=!private-users
    /usr/lib/systemd/system/dev-mqueue.mount
        Added:
            ConditionCapability=CAP_SYS_ADMIN
    /usr/lib/systemd/system/emergency.service:
        Added:
            Before=rescue.service
        Changed:
            WorkingDirectory=/root -> WorkingDirectory=-/root
            ExecStart=-/bin/sh -c "/sbin/sulogin; /usr/bin/systemctl \
                                        --job-mode=fail --no-block default"
            -> ExecStart=-/usr/lib/systemd/systemd-sulogin-shell emergency
        Removed:
            ExecStartPre=-/bin/echo -e 'Welcome to emergency mode!...'
    /usr/lib/systemd/system/getty@.service:
        Added:
            After=getty-pre.target
            Conflicts=rescue.service
            Before=rescue.service
        Changed:
            ExecStart=-/sbin/agetty --noclear %I $TERM
            -> ExecStart=-/sbin/agetty -o '-p -- \\u' --noclear %I $TERM
    /usr/lib/systemd/system/initrd-switch-root.service:
        Removed:
            KillMode=none
        Changed:
            ExecStart=/bin/systemctl --no-block --force switch-root /sysroot
            -> ExecStart=/bin/systemctl --no-block switch-root /sysroot
    /usr/lib/systemd/system/initrd-switch-root.target:
        Added:
            After=initrd-cleanup.service
    /usr/lib/systemd/system/initrd.target:
        Added:
            Wants=initrd-root-device.target
            After=initrd-root-device.target
    /usr/lib/systemd/system/kmod-static-nodes.service:
        Changed:
            ConditionPathExists=/lib/modules/%v/modules.devname
            -> ConditionFileNotEmpty=/lib/modules/%v/modules.devname
    /usr/lib/systemd/system/ldconfig.service:
        Added:
            After=local-fs.target
            ConditionFileNotEmpty=|!/etc/ld.so.cache
        Changed:
            ConditionNeedsUpdate=/etc -> ConditionNeedsUpdate=|/etc
        Removed:
            After=systemd-remount-fs.service
    /usr/lib/systemd/system/rescue.service:
        Changed:
            WorkingDirectory=/root -> WorkingDirectory=-/root
            ExecStartPre=-/bin/plymouth quit
            -> ExecStartPre=-/bin/plymouth --wait quit
            ExecStart=-/bin/sh -c "/sbin/sulogin; /usr/bin/systemctl \
                                         --job-mode=fail --no-block default"
            -> ExecStart=-/usr/lib/systemd/systemd-sulogin-shell rescue
        Removed:
            ExecStartPre=-/bin/echo -e 'Welcome to emergency mode!...'
    /usr/lib/systemd/system/rescue.target
        Removed:
            Alias=kbrequest.target
    /usr/lib/systemd/system/serial-getty@.service:
        Added:
            After=getty-pre.target
            Conflicts=rescue.service
            Before=rescue.service
        Changed:
            ExecStart=-/sbin/agetty --keep-baud 115200,38400,9600 %I $TERM
            ->
            ExecStart=-/sbin/agetty -o '-p -- \\u' --keep-baud \
                                    115200,38400,9600 %I $TERM
    /usr/lib/systemd/system/suspend.target:
        Added:
            Requires=systemd-suspend.service
            StopWhenUnneeded=yes
        Removed:
            BindsTo=systemd-suspend.service
    /usr/lib/systemd/system/sys-fs-fuse-connections.mount:
        Added:
            ConditionCapability=CAP_SYS_ADMIN
            ConditionVirtualization=!private-users
    /usr/lib/systemd/system/syslog.socket
        Added:
            Conflicts=emergency.service
            Before=emergency.service
    /usr/lib/systemd/system/systemd-ask-password-console.path:
        Added:
            Before=cryptsetup.target
    /usr/lib/systemd/system/systemd-ask-password-console.service:
        Added:
            SystemCallArchitectures=native
    /usr/lib/systemd/system/systemd-ask-password-wall.path:
        Added:
            Before=cryptsetup.target
    /usr/lib/systemd/system/systemd-ask-password-wall.service
        Added:
            SystemCallArchitectures=native
    /usr/lib/systemd/system/systemd-fsck@.service:
        Added:
            Before=systemd-quotacheck.service
    /usr/lib/systemd/system/systemd-hostnamed.service
        Added:
            ProtectControlGroups=yes
            ProtectKernelTunables=yes
            ProtectKernelModules=yes
            MemoryDenyWriteExecute=yes
            RestrictRealtime=yes
            RestrictNamespaces=yes
            RestrictAddressFamilies=AF_UNIX
            SystemCallFilter=~@clock @cpu-emulation @debug @keyring @module
                             @mount @obsolete @raw-io @reboot @swap
            SystemCallArchitectures=native
            LockPersonality=yes
            IPAddressDeny=any
            ReadWritePaths=/etc
        Changed:
            WatchdogSec=1min  -> WatchdogSec=3min
            ProtectSystem=yes -> ProtectSystem=strict
    /usr/lib/systemd/system/systemd-initctl.service:
        Added:
            SystemCallArchitectures=native
    /usr/lib/systemd/system/systemd-journal-catalog-update.service:
        Changed:
           ConditionNeedsUpdate=/etc -> ConditionNeedsUpdate=/var

    /usr/lib/systemd/system/systemd-journald.service:
        Added:
            MemoryDenyWriteExecute=yes
            RestrictRealtime=yes
            RestrictNamespaces=yes
            RestrictAddressFamilies=AF_UNIX AF_NETLINK
            SystemCallFilter=~@clock @cpu-emulation @debug @keyring @module
                             @mount @obsolete @raw-io @reboot @swap
            SystemCallArchitectures=native
            LockPersonality=yes
            IPAddressDeny=any
        Changed:
            WatchdogSec=1min            -> WatchdogSec=3min
            FileDescriptorStoreMax=1024 -> FileDescriptorStoreMax=4224
        Removed:
            NotifyAccess=all
    /usr/lib/systemd/system/systemd-logind.service:
        Added:
            MemoryDenyWriteExecute=yes
            RestrictRealtime=yes
            RestrictNamespaces=yes
            RestrictAddressFamilies=AF_UNIX AF_NETLINK AF_INET AF_INET6
            SystemCallFilter=~@clock @cpu-emulation @debug @keyring @module
                             @obsolete @raw-io @reboot @swap
            SystemCallArchitectures=native
            LockPersonality=yes
            IPAddressDeny=any
            FileDescriptorStoreMax=512
        Changed:
            WatchdogSec=1min -> WatchdogSec=3min
    /usr/lib/systemd/system/systemd-machine-id-commit.service:
        Changed:
            ExecStart=/lib/systemd/systemd-machine-id-commit
            -> ExecStart=/bin/systemd-machine-id-setup --commit
    /usr/lib/systemd/system/systemd-nspawn@.service:
        Added:
            After=systemd-resolved.service
            RequiresMountsFor=/var/lib/machines
            WatchdogSec=3min
            TasksMax=16384
            DeviceAllow=/dev/loop-control rw
            DeviceAllow=block-loop rw
            DeviceAllow=block-blkext rw
            DeviceAllow=/dev/mapper/control rw
            DeviceAllow=block-device-mapper rw
        Changed:
            ExecStart=/usr/bin/systemd-nspawn --quiet --keep-unit --boot \
                      --link-journal=try-guest --network-veth --machine=%I
            ->
            ExecStart=/usr/bin/systemd-nspawn --quiet --keep-unit --boot \
                      --link-journal=try-guest --network-veth -U         \
                      --settings=override --machine=%i
            DevicePolicy=strict -> DevicePolicy=closed
        Removed:
            DeviceAllow=/dev/null rwm
            DeviceAllow=/dev/zero rwm
            DeviceAllow=/dev/full rwm
            DeviceAllow=/dev/random rwm
            DeviceAllow=/dev/urandom rwm
            DeviceAllow=/dev/tty rwm
            DeviceAllow=/dev/pts/ptmx rw
    /usr/lib/systemd/system/systemd-random-seed.service:
        Added:
            ConditionVirtualization=!container
    /usr/lib/systemd/system/systemd-sysctl.service:
        Changed:
            ConditionPathIsReadWrite=/proc/sys/
            -> ConditionPathIsReadWrite=/proc/sys/net/
    /usr/lib/systemd/system/systemd-tmpfiles-clean.service:
        Added:
            SuccessExitStatus=65
    /usr/lib/systemd/system/systemd-tmpfiles-setup-dev.service:
        Added:
            SuccessExitStatus=65
    /usr/lib/systemd/system/systemd-tmpfiles-setup.service:
        Added:
            SuccessExitStatus=65
    /usr/lib/systemd/system/systemd-udevd-control.socket:
        Added:
            RemoveOnStop=yes
    /usr/lib/systemd/system/systemd-udevd.service:
        Added:
            After=systemd-hwdb-update.service
            TasksMax=infinity
            MemoryDenyWriteExecute=yes
            RestrictRealtime=yes
            RestrictAddressFamilies=AF_UNIX AF_NETLINK AF_INET AF_INET6
            SystemCallArchitectures=native
            LockPersonality=yes
            IPAddressDeny=any
        Changed:
            WatchdogSec=1min -> WatchdogSec=3min
        Removed:
            Wants=systemd-udevd-control.socket systemd-udevd-kernel.socket
            After=systemd-udevd-control.socket systemd-udevd-kernel.socket
    /usr/lib/systemd/system/systemd-udev-trigger.service:
        Removed:
            After=systemd-hwdb-update.service
    /usr/lib/systemd/system/systemd-user-sessions.service:
        Added:
            After=network.target
    /usr/lib/systemd/system/systemd-vconsole-setup.service:
        Added:
            Before=initrd-switch-root.target
        Removed:
            Conflicts=shutdown.target
            Before=sysinit.target
            RemainAfterExit=yes
    /usr/lib/systemd/system/system-update.target:
        Added:
            Wants=system-update-cleanup.service
        Removed:
            Conflicts=shutdown.target
            Before=shutdown.target
    /usr/lib/systemd/system/systemd-user-sessions.service:
        Added:
            After=network.target
    /usr/lib/systemd/system/tmp.mount:
        Added:
            After=swap.target
        Changed:
            Options=mode=1777,strictatime
            -> Options=mode=1777,strictatime,nosuid,nodev
    /usr/lib/systemd/system/user@.service:
        Added:
            TasksMax=infinity
            TimeoutStopSec=120s
        Changed:
            Delegate=yes -> Delegate=pids memory
    /usr/lib/systemd/user/exit.target:
        Removed:
            Alias=ctrl-alt-del.target

14) Moved systemd D-Bus services configs from /etc/dbus-1/system.d/
    to /usr/share/dbus-1/system.d/:
    org.freedesktop.hostname1.conf
    org.freedesktop.login1.conf
    org.freedesktop.systemd1.conf

15) Added permission rules for the new D-Bus interface methods to:
    /usr/share/dbus-1/system.d/org.freedesktop.login1.conf
    /usr/share/dbus-1/system.d/org.freedesktop.systemd1.conf

16) Added new actions to the Polkit policy file
    /usr/share/polkit-1/actions/org.freedesktop.login1.policy:
    org.freedesktop.login1.halt
    org.freedesktop.login1.halt-ignore-inhibit
    org.freedesktop.login1.halt-multiple-sessions
    org.freedesktop.login1.set-self-linger

17) New UDEV rules in /lib/udev/rules.d/:
    60-input-id.rules
    60-sensor.rules
    70-joystick.rules
    70-touchpad.rules

18) Removed UDEV rules for firmware loading
    (/lib/udev/rules.d/50-firmware.rules) because of
    dropped UDEV's builtin "firmware" command.

19) Changed UDEV rules:
    50-udev-default.rules
    60-block.rules
    60-cdrom_id.rules
    60-drm.rules
    60-evdev.rules
    60-persistent-input.rules
    60-persistent-storage.rules
    60-persistent-storage-tape.rules
    64-btrfs.rules
    70-power-switch.rules
    70-uaccess.rules
    71-seat.rules
    73-seat-late.rules
    78-sound-card.rules
    80-drivers.rules
    90-vconsole.rules
    99-systemd.rules

20) New UDEV HWDB files in /lib/udev/hwdb.d:
    60-sensor.hwdb
    70-touchpad.hwdb
    70-touchpad.hwdb
    Other files are updated.

21) PAM configuration for /etc/pam.d/systemd-user changed from using
    of "system-auth" template to explicit list of modules:
    pam_unix.so
    pam_loginuid.so
    pam_keyinit.so
    pam_systemd.so

22) Updated /usr/lib/tmpfiles.d files:
    home.conf
    systemd.conf
    systemd-nspawn.conf
    tmp.conf
    var.conf
    x11.conf

23) Removed parameters from /usr/lib/sysctl.d/50-default.conf:
    net.ipv4.conf.default.rp_filter
    net.ipv4.conf.default.accept_source_route
    net.ipv4.conf.default.promote_secondaries

24) Updated /usr/lib/rpm/macros.d/macros.systemd:
    Added paths defines:
        %_userpresetdir /usr/lib/systemd/user-preset
        %_systemdgeneratordir /usr/lib/systemd/system-generators
        %_systemdusergeneratordir /usr/lib/systemd/user-generators
        %_systemd_system_env_generator_dir /usr/lib/systemd/system-environment-generators
        %_systemd_user_env_generator_dir /usr/lib/systemd/user-environment-generators
    Added %systemd_ordering macro.
    Added new macro functions:
        %sysusers_create_package()
        %tmpfiles_create_package()
    Macro functions declared as deprecated:
        %sysusers_create (Use %sysusers_create_package instead)
        %tmpfiles_create (Use %tmpfiles_create_package instead)
    Following macro functions do nothing now:
        %journal_catalog_update()
        %systemd_postun()
        %udev_hwdb_update()
        %udev_rules_update()
    Various other changes.

25) Updated kernel related scripts in /usr/lib/kernel/install.d/:
    50-depmod.install
    90-loaderentry.install

26) Moved systemd.pc and udev.pc (not related to linking) from
    /usr/lib/pkgconfig/ to /usr/share/pkgconfig/ which is more correct place.

27) Added new parameters to /usr/share/pkgconfig/systemd.pc:
    containeruidbasemax=1878982656
    containeruidbasemin=524288
    dynamicuidmax=65519
    dynamicuidmin=61184

28) New bash completion for systemd-path.

29) New localized messages for:
    bg
    ca
    cs
    da
    gl
    hr
    id
    ja
    ko
    ro
    sk
    sr
    tr
    zh_CN

30) New message catalogs in /usr/lib/systemd/catalog/:
    systemd.bg.catalog
    systemd.de.catalog
    systemd.zh_CN.catalog

31) Configuration files are marked with "SPDX-License-Identifier: LGPL-2.1+".

* Tests:

1) Stop moving tests to /opt/tests/systemd-tests/bin/. Let's package them
   with the originally supposed destination in /usr/lib/systemd/tests/.

2) Add new tests:
   test-acl-util
   test-alloc-util
   test-bpf
   test-bus-track
   test-bus-vtable
   test-bus-vtable-cc
   test-bus-watch-bind
   test-clock
   test-cpu-set-util
   test-env-util
   test-escape
   test-exec-util (starting as root)
   test-extract-word
   test-fs-util
   test-gcrypt-util
   test-glob-util
   test-hash
   test-hexdecoc
   test-in-addr-util
   test-install-root
   test-io-util
   test-journal-importer
   test-mount-util
   test-ndisc-ra
   test-ndisc-rs
   test-nss
   test-parse-util
   test-proc-cmdline (starting as root)
   test-procfs-util
   test-random-util
   test-rlimit-util
   test-sd-dhcp-lease
   test-selinux
   test-serialize
   test-signal-util
   test-siphash24
   test-sizeof
   test-specifier
   test-stat-util
   test-string-util
   test-time-util
   test-user-util
   test-watch-pid
   test-web-util
   test-xattr-util

3) Comment non-working tests:
   manual/test-btrfs
   test-catalog
   manual/test-install
   manual/test-netlink-manual
   test-ns
   manual/test-udev

4) Removed tests:
   test-boot-timestamp
   test-bus-kernel
   test-bus-kernel-bloom
   test-bus-policy
   test-bus-proxy
   test-bus-zero-copy
   test-env-replace
   test-icmp6-rs
   test-json
   test-machine-tables
   test-network
   test-network-tables
   test-pppoe
   test-pty
   test-ring
   test-time

5) Switched to starting tests as root:
   test-cgroup-mask
   test-cgroup-util
   test-condition
   test-dhcp6-client
   test-dhcp-client
   test-dhcp-server
   test-engine
   test-execute
   test-fd-util
   test-journal-enum
   test-journal-init
   test-journal-match
   test-loopback
   test-namespace
   test-path
   test-process-util
   test-sched-prio
   test-unit-file
   test-unit-name

6) Switched to starting tests as a user:
   unsafe/test-hostname
   test-util

Signed-off-by: Igor Zhbanov <i.zhbanov@omprussia.ru>
  • Loading branch information
izh1979 committed Dec 1, 2020
1 parent ad830ac commit 186b850
Show file tree
Hide file tree
Showing 54 changed files with 6,062 additions and 3,145 deletions.
34 changes: 13 additions & 21 deletions rpm/0001-aarch64-Force-udev-path.-Contributes-to-JB-49681.patch
Expand Up @@ -3,24 +3,16 @@ From: Niels Breet <niels.breet@jolla.com>
Date: Mon, 6 Jul 2020 12:25:23 +0300
Subject: [PATCH] [aarch64] Force udev path. Contributes to JB#49681

---
Makefile.am | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/Makefile.am b/Makefile.am
index c2973c0..2a969fe 100644
--- a/Makefile.am
+++ b/Makefile.am
@@ -100,7 +100,8 @@ systemshutdowndir=$(rootlibexecdir)/system-shutdown
systemsleepdir=$(rootlibexecdir)/system-sleep
systemunitdir=$(rootprefix)/lib/systemd/system
systempresetdir=$(rootprefix)/lib/systemd/system-preset
-udevlibexecdir=$(rootprefix)/lib/udev
+#Force this to udevlibexecdir to /lib/udev for now, to make transition easier
+udevlibexecdir=/lib/udev
udevhomedir=$(udevlibexecdir)
udevrulesdir=$(udevlibexecdir)/rules.d
udevhwdbdir=$(udevlibexecdir)/hwdb.d
--
1.9.1

diff -purN systemd00/meson.build systemd-izh/meson.build
--- systemd00/meson.build 2020-10-13 13:34:00.082952034 +0300
+++ systemd-izh/meson.build 2020-10-13 16:55:27.214675827 +0300
@@ -143,7 +143,8 @@ systemshutdowndir = join_paths(rootlibex
systemsleepdir = join_paths(rootlibexecdir, 'system-sleep')
systemunitdir = join_paths(rootprefixdir, 'lib/systemd/system')
systempresetdir = join_paths(rootprefixdir, 'lib/systemd/system-preset')
-udevlibexecdir = join_paths(rootprefixdir, 'lib/udev')
+# Force this to udevlibexecdir to /lib/udev for now, to make transition easier
+udevlibexecdir = '/lib/udev'
udevhomedir = udevlibexecdir
udevrulesdir = join_paths(udevlibexecdir, 'rules.d')
udevhwdbdir = join_paths(udevlibexecdir, 'hwdb.d')
30 changes: 12 additions & 18 deletions rpm/0002-We-do-not-have-a-clean-environment-where-HAVE_SPIT_U.patch
Expand Up @@ -4,23 +4,17 @@ Date: Mon, 6 Jul 2020 15:11:42 +0300
Subject: [PATCH] We do not have a clean environment where HAVE_SPIT_USR will
actually work, so adding /sbin and /bin to path

---
src/basic/path-util.h | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/basic/path-util.h b/src/basic/path-util.h
index 1eac89c..e58469f 100644
--- a/src/basic/path-util.h
+++ b/src/basic/path-util.h
@@ -26,7 +26,7 @@
#include "macro.h"
#include "time-util.h"
diff -purN systemd41/src/basic/path-util.h systemd42/src/basic/path-util.h
--- systemd/src/basic/path-util.h 2020-10-13 13:34:00.118952190 +0300
+++ systemd-izh/src/basic/path-util.h 2020-10-13 18:09:42.674740348 +0300
@@ -34,8 +34,8 @@
# define PATH_SBIN_BIN(x) x "bin"
#endif

-#define DEFAULT_PATH_NORMAL "/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin"
+#define DEFAULT_PATH_NORMAL "/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
#define DEFAULT_PATH_SPLIT_USR DEFAULT_PATH_NORMAL ":/sbin:/bin"
-#define DEFAULT_PATH_NORMAL PATH_SBIN_BIN("/usr/local/") ":" PATH_SBIN_BIN("/usr/")
-#define DEFAULT_PATH_SPLIT_USR DEFAULT_PATH_NORMAL ":" PATH_SBIN_BIN("/")
+#define DEFAULT_PATH_NORMAL PATH_SBIN_BIN("/usr/local/") ":" PATH_SBIN_BIN("/usr/") ":" PATH_SBIN_BIN("/")
+#define DEFAULT_PATH_SPLIT_USR DEFAULT_PATH_NORMAL

#ifdef HAVE_SPLIT_USR
--
1.9.1

#if HAVE_SPLIT_USR
# define DEFAULT_PATH DEFAULT_PATH_SPLIT_USR
2 changes: 1 addition & 1 deletion rpm/systemd-187-remove-display-manager.service.patch
Expand Up @@ -12,7 +12,7 @@ diff --git a/units/graphical.target b/units/graphical.target
index 65f2521..7c6ebd4 100644
--- a/units/graphical.target
+++ b/units/graphical.target
@@ -9,7 +9,6 @@
@@ -11,7 +11,6 @@
Description=Graphical Interface
Documentation=man:systemd.special(7)
Requires=multi-user.target
Expand Down
37 changes: 10 additions & 27 deletions rpm/systemd-208-count-only-restarts.patch
Expand Up @@ -12,51 +12,34 @@ diff --git a/src/core/service.c b/src/core/service.c
index 35053be..9d5f4c6 100644
--- a/src/core/service.c
+++ b/src/core/service.c
@@ -1728,6 +1728,8 @@ fail:
service_enter_dead(s, SERVICE_FAILURE_RESOURCES, true);
}

+static int service_start_limit_test(Service *s);
+
static void service_enter_restart(Service *s) {
_cleanup_bus_error_free_ sd_bus_error error = SD_BUS_ERROR_NULL;
int r;
@@ -1745,6 +1747,13 @@ static void service_enter_restart(Servic
@@ -2065,6 +2065,13 @@ static void service_enter_restart(Servic
return;
}

+ /* Make sure we don't start services too frequently */
+ r = service_start_limit_test(s);
+ /* Make sure we don't enter a busy loop of some kind. */
+ r = unit_start_limit_test(UNIT(s));
+ if (r < 0) {
+ service_enter_dead(s, SERVICE_FAILURE_START_LIMIT, false);
+ service_enter_dead(s, SERVICE_FAILURE_START_LIMIT_HIT, false);
+ return;
+ }
+
/* Any units that are bound to this service must also be
* restarted. We use JOB_RESTART (instead of the more obvious
* JOB_START) here so that those dependency jobs will be added
@@ -1898,7 +1907,6 @@ static int service_start_limit_test(Serv

static int service_start(Unit *u) {
Service *s = SERVICE(u);
- int r;

assert(s);

@@ -1925,13 +1933,6 @@ static int service_start(Unit *u) {
@@ -2250,13 +2257,6 @@ static int service_start(Unit *u) {

assert(IN_SET(s->state, SERVICE_DEAD, SERVICE_FAILED));

- /* Make sure we don't enter a busy loop of some kind. */
- r = service_start_limit_test(s);
- r = unit_start_limit_test(u);
- if (r < 0) {
- service_enter_dead(s, SERVICE_FAILURE_START_LIMIT, false);
- service_enter_dead(s, SERVICE_FAILURE_START_LIMIT_HIT, false);
- return r;
- }
-
s->result = SERVICE_SUCCESS;
s->reload_result = SERVICE_SUCCESS;
s->main_pid_known = false;
r = unit_acquire_invocation_id(u);
if (r < 0)
return r;

--
1.7.9.5
Expand Down
Expand Up @@ -12,16 +12,17 @@ diff --git a/src/journal/test-journal-send.c b/src/journal/test-journal-send.c
index 3e986ed..7aa913f 100644
--- a/src/journal/test-journal-send.c
+++ b/src/journal/test-journal-send.c
@@ -25,8 +25,9 @@
@@ -26,8 +26,9 @@

#include "log.h"
#include "macro.h"

+static char huge[4096*1024];
+
int main(int argc, char *argv[]) {
- char huge[4096*1024];

log_set_max_level(LOG_DEBUG);
/* utf-8 and non-utf-8, message-less and message-ful iovecs */
struct iovec graph1[] = {

--
1.9.1
Expand Down
27 changes: 0 additions & 27 deletions rpm/systemd-208-install-test-binaries.patch

This file was deleted.

13 changes: 0 additions & 13 deletions rpm/systemd-208-pkgconfigdir.patch

This file was deleted.

10 changes: 5 additions & 5 deletions rpm/systemd-208-video.patch
@@ -1,8 +1,8 @@
diff --git a/rules/50-udev-default.rules b/rules/50-udev-default.rules
diff --git a/rules/50-udev-default.rules.in b/rules/50-udev-default.rules.in
index f764789..7f38a03 100644
--- a/rules/50-udev-default.rules
+++ b/rules/50-udev-default.rules
@@ -18,7 +18,7 @@ ACTION!="add", GOTO="default_end"
--- a/rules/50-udev-default.rules.in
+++ b/rules/50-udev-default.rules.in
@@ -17,7 +17,7 @@ ACTION!="add", GOTO="default_end"

SUBSYSTEM=="tty", KERNEL=="ptmx", GROUP="tty", MODE="0666"
SUBSYSTEM=="tty", KERNEL=="tty", GROUP="tty", MODE="0666"
Expand All @@ -11,7 +11,7 @@ index f764789..7f38a03 100644
SUBSYSTEM=="tty", KERNEL=="sclp_line[0-9]*", GROUP="tty", MODE="0620"
SUBSYSTEM=="tty", KERNEL=="ttysclp[0-9]*", GROUP="tty", MODE="0620"
SUBSYSTEM=="tty", KERNEL=="3270/tty[0-9]*", GROUP="tty", MODE="0620"
@@ -28,7 +28,7 @@ KERNEL=="tty[A-Z]*[0-9]|pppox[0-9]*|irco
@@ -27,7 +27,7 @@ KERNEL=="tty[A-Z]*[0-9]|pppox[0-9]*|irco
SUBSYSTEM=="mem", KERNEL=="mem|kmem|port", GROUP="kmem", MODE="0640"

SUBSYSTEM=="input", GROUP="input"
Expand Down
20 changes: 10 additions & 10 deletions rpm/systemd-225-add-pam-systemd-timeout-argument.patch
Expand Up @@ -26,7 +26,7 @@ diff --git a/src/libsystemd/sd-bus/bus-convenience.c b/src/libsystemd/sd-bus/bus
index af5f7da..90d9034 100644
--- a/src/libsystemd/sd-bus/bus-convenience.c
+++ b/src/libsystemd/sd-bus/bus-convenience.c
@@ -136,6 +136,48 @@ fail:
@@ -138,6 +138,48 @@ fail:
return sd_bus_error_set_errno(error, r);
}

Expand All @@ -41,7 +41,7 @@ index af5f7da..90d9034 100644
+ sd_bus_message **reply,
+ const char *types, ...) {
+
+ _cleanup_bus_message_unref_ sd_bus_message *m = NULL;
+ _cleanup_(sd_bus_message_unrefp) sd_bus_message *m = NULL;
+ int r;
+
+ bus_assert_return(bus, -EINVAL, error);
Expand All @@ -60,7 +60,7 @@ index af5f7da..90d9034 100644
+ va_list ap;
+
+ va_start(ap, types);
+ r = bus_message_append_ap(m, types, ap);
+ r = sd_bus_message_appendv(m, types, ap);
+ va_end(ap);
+ if (r < 0)
+ goto fail;
Expand All @@ -79,7 +79,7 @@ diff --git a/src/login/pam_systemd.c b/src/login/pam_systemd.c
index f83d18b..e85b640 100644
--- a/src/login/pam_systemd.c
+++ b/src/login/pam_systemd.c
@@ -50,7 +50,8 @@ static int parse_argv(
@@ -54,7 +54,8 @@ static int parse_argv(
int argc, const char **argv,
const char **class,
const char **type,
Expand All @@ -89,7 +89,7 @@ index f83d18b..e85b640 100644

unsigned i;

@@ -79,6 +80,9 @@ static int parse_argv(
@@ -83,6 +84,9 @@ static int parse_argv(
else if (debug)
*debug = k;

Expand All @@ -99,15 +99,15 @@ index f83d18b..e85b640 100644
} else
pam_syslog(handle, LOG_WARNING, "Unknown parameter '%s', ignoring", argv[i]);
}
@@ -217,6 +221,7 @@ _public_ PAM_EXTERN int pam_sm_open_session(
_cleanup_bus_flush_close_unref_ sd_bus *bus = NULL;
@@ -229,6 +233,7 @@ _public_ PAM_EXTERN int pam_sm_open_sess
_cleanup_(sd_bus_flush_close_unrefp) sd_bus *bus = NULL;
int session_fd = -1, existing, r;
bool debug = false, remote;
+ unsigned timeout = 0;
struct passwd *pw;
uint32_t vtnr = 0;
uid_t original_uid;
@@ -231,7 +236,8 @@ _public_ PAM_EXTERN int pam_sm_open_session(
@@ -243,7 +248,8 @@ _public_ PAM_EXTERN int pam_sm_open_sess
argc, argv,
&class_pam,
&type_pam,
Expand All @@ -117,7 +117,7 @@ index f83d18b..e85b640 100644
return PAM_SESSION_ERR;

if (debug)
@@ -377,11 +383,15 @@ _public_ PAM_EXTERN int pam_sm_open_session(
@@ -383,11 +389,15 @@ _public_ PAM_EXTERN int pam_sm_open_sess
strempty(seat), vtnr, strempty(tty), strempty(display),
yes_no(remote), strempty(remote_user), strempty(remote_host));

Expand All @@ -138,7 +138,7 @@ diff --git a/src/systemd/sd-bus.h b/src/systemd/sd-bus.h
index 5439a19..a8f3d4f 100644
--- a/src/systemd/sd-bus.h
+++ b/src/systemd/sd-bus.h
@@ -300,6 +300,7 @@ int sd_bus_get_name_machine_id(sd_bus *bus, const char *name, sd_id128_t *machin
@@ -326,6 +326,7 @@ int sd_bus_get_name_machine_id(sd_bus *b
/* Convenience calls */

int sd_bus_call_method(sd_bus *bus, const char *destination, const char *path, const char *interface, const char *member, sd_bus_error *ret_error, sd_bus_message **reply, const char *types, ...);
Expand Down

0 comments on commit 186b850

Please sign in to comment.