diff --git a/0065-doc-add-downstream-CONTRIBUTING-document.patch b/0065-doc-add-downstream-CONTRIBUTING-document.patch new file mode 100644 index 0000000..c28d26d --- /dev/null +++ b/0065-doc-add-downstream-CONTRIBUTING-document.patch @@ -0,0 +1,108 @@ +From f7c92899a77656a1bb7586f83c27b00cd5ea0707 Mon Sep 17 00:00:00 2001 +From: Jan Macku +Date: Thu, 27 Jun 2024 10:17:06 +0200 +Subject: [PATCH] doc: add downstream CONTRIBUTING document + +rhel-only: doc + +Related: RHEL-40924 +--- + CONTRIBUTING.md | 75 +++++++++++++++++++++++++++++++++++++++++++++++++ + README.md | 2 +- + 2 files changed, 76 insertions(+), 1 deletion(-) + create mode 100644 CONTRIBUTING.md + +diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md +new file mode 100644 +index 0000000000..28466facac +--- /dev/null ++++ b/CONTRIBUTING.md +@@ -0,0 +1,75 @@ ++# Contributing ++ ++Welcome to systemd source-git for CentOS Stream and RHEL. When contributing, please follow the guide below. ++ ++## Workflow ++ ++```mermaid ++flowchart LR ++ A(Issue) --> B{is fixed\nupstream} ++ B -->|YES| C(backport\nupstream patch) ++ B -->|NO| D(upstream\nsubmit issue or PR) ++ D --> E{accepted\nand fixed} ++ E -->|YES| C ++ E -->|NO| F(rhel-only patch) --> G ++ C --> G(submit PR) ++``` ++ ++## Filing issues ++ ++When you find an issue with systemd used in **CentOS Stream** or **RHEL**, please file an issue in Red Hat [Jira ticket system](https://issues.redhat.com/secure/CreateIssueDetails!init.jspa?pid=12332745&issuetype=1&components=12380515). ++ ++GitHub Issues are not supported tracking system. If your issue is reproducible using the latest upstream version of systemd, please consider creating [upstream issue](https://github.com/systemd/systemd/issues/new/choose). ++ ++## Posting Pull Requests ++ ++Every Pull Request has to comply with the following rules: ++ ++- Each commit has to reference [upstream](https://github.com/systemd/systemd) commit. ++- Each commit has to reference the approved issue/tracker. ++- Pull requests have to pass mandatory CI validation and testing ++- Pull requests have to be approved by at least one systemd downstream maintainer ++ ++### Upstream reference ++ ++When doing a back-port of an upstream commit, always use `cherry-pick -x `. Consider proposing a change upstream first when an upstream commit doesn't exist. ++If the change isn't upstream relevant or accepted by upstream, mark the commit with the `rhel-only: ` string, where a `` is: ++ ++- `feature` - for feature-related commits (cross-version) ++- `bugfix` - for bugfix-related commits (cross-version) ++- `doc` - for documentation-related commits (usually version-specific) ++- `workaround` - for workaround-related commits (usually version-specific) ++- `ci` - for CI-related commits (version-specific) ++- `test` - for test-related commits (version-specific) ++- `other` - for commits that do not fit into any of the above categories (version-specific) ++ ++```md ++doc: Fix TYPO ++ ++rhel-only: doc ++ ++Resolves: RHEL-678 ++``` ++ ++### Issue reference ++ ++Each commit has to reference the relevant approved systemd issue (see: [Filling issues section](#filing-issues)). For referencing issues, we use the following keywords: ++ ++- **Resolves** for commits that directly resolve issues described in a referenced tracker ++- **Related** for commits related to the referenced issue, but they don't fix it. Usually, tests and documentation. ++- **Reverts** for commits that reverts previously merged commit ++ ++When referencing issues, use the following structure: `: `. See the example below: ++ ++```md ++doc: Fix TYPO ++ ++(cherry picked from commit c5afbac31bb33e7b1f4d59b253425af991a630a4) ++ ++Resolves: RHEL-678 ++``` ++ ++### Validation and testing ++ ++Each Pull Request has to pass all enabled tests that are automatically run using GitHub Actions, CentOS Stream CI, and others. ++If CI failure is unrelated to the change introduced in Pull Request, the downstream maintainer will set the `ci-waived` label and explain why CI was waived. +diff --git a/README.md b/README.md +index 12f1381f08..421a2e6572 100644 +--- a/README.md ++++ b/README.md +@@ -30,7 +30,7 @@ Please see the [Code Map](docs/ARCHITECTURE.md) for information about this repos + + Please see the [Hacking guide](docs/HACKING.md) for information on how to hack on systemd and test your modifications. + +-Please see our [Contribution Guidelines](docs/CONTRIBUTING.md) for more information about filing GitHub Issues and posting GitHub Pull Requests. ++Please see our [Contribution Guidelines](CONTRIBUTING.md) for more information about filing GitHub Issues and posting GitHub Pull Requests. + + When preparing patches for systemd, please follow our [Coding Style Guidelines](docs/CODING_STYLE.md). + diff --git a/0066-ci-allow-policy-as-rhel-only-keyword.patch b/0066-ci-allow-policy-as-rhel-only-keyword.patch new file mode 100644 index 0000000..76d27f3 --- /dev/null +++ b/0066-ci-allow-policy-as-rhel-only-keyword.patch @@ -0,0 +1,40 @@ +From 5d244e25b994f1db5988cf6de14fff9058a75bc2 Mon Sep 17 00:00:00 2001 +From: Jan Macku +Date: Mon, 15 Jul 2024 14:13:14 +0200 +Subject: [PATCH] ci: allow `policy` as rhel-only keyword + +rhel-only: ci + +Related: RHEL-40924 +--- + .github/advanced-commit-linter.yml | 4 ++-- + CONTRIBUTING.md | 1 + + 2 files changed, 3 insertions(+), 2 deletions(-) + +diff --git a/.github/advanced-commit-linter.yml b/.github/advanced-commit-linter.yml +index 3e3e3fe2bf..4a7e6542b4 100644 +--- a/.github/advanced-commit-linter.yml ++++ b/.github/advanced-commit-linter.yml +@@ -4,8 +4,8 @@ policy: + - github: systemd/systemd + exception: + note: +- - 'rhel-only: (feature|bugfix|doc|workaround|ci|test|other)' +- - 'RHEL-only: (feature|bugfix|doc|workaround|ci|test|other)' ++ - 'rhel-only: (feature|bugfix|policy|doc|workaround|ci|test|other)' ++ - 'RHEL-only: (feature|bugfix|policy|doc|workaround|ci|test|other)' + tracker: + - keyword: + - 'Resolves: ' +diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md +index 28466facac..c2e3a2d4d0 100644 +--- a/CONTRIBUTING.md ++++ b/CONTRIBUTING.md +@@ -37,6 +37,7 @@ If the change isn't upstream relevant or accepted by upstream, mark the commit w + + - `feature` - for feature-related commits (cross-version) + - `bugfix` - for bugfix-related commits (cross-version) ++- `policy` - for policy-related commits (cross-version) + - `doc` - for documentation-related commits (usually version-specific) + - `workaround` - for workaround-related commits (usually version-specific) + - `ci` - for CI-related commits (version-specific) diff --git a/0067-ci-run-mkosi-test-only-for-Fedora-and-CentOS-Stream.patch b/0067-ci-run-mkosi-test-only-for-Fedora-and-CentOS-Stream.patch new file mode 100644 index 0000000..d6d81ff --- /dev/null +++ b/0067-ci-run-mkosi-test-only-for-Fedora-and-CentOS-Stream.patch @@ -0,0 +1,68 @@ +From 1a643a20c5e772fc15a921ed81c7b010fa6bd4a7 Mon Sep 17 00:00:00 2001 +From: Jan Macku +Date: Tue, 16 Jul 2024 10:08:06 +0200 +Subject: [PATCH] ci: run mkosi test only for Fedora and CentOS Stream + +rhel-only: ci + +Related: RHEL-40924 +--- + .github/workflows/mkosi.yml | 24 ++---------------------- + 1 file changed, 2 insertions(+), 22 deletions(-) + +diff --git a/.github/workflows/mkosi.yml b/.github/workflows/mkosi.yml +index 3a8dabd95c..9add22c2ea 100644 +--- a/.github/workflows/mkosi.yml ++++ b/.github/workflows/mkosi.yml +@@ -8,7 +8,7 @@ on: + push: + branches: + - main +- - v[0-9]+-stable ++ - rhel-10.* + paths: + - '**' + - '!README*' +@@ -26,7 +26,7 @@ on: + pull_request: + branches: + - main +- - v[0-9]+-stable ++ - rhel-10.* + paths: + - '**' + - '!README*' +@@ -54,21 +54,6 @@ jobs: + fail-fast: false + matrix: + include: +- - distro: arch +- release: rolling +- sanitizers: "" +- llvm: 0 +- cflags: "-O2 -D_FORTIFY_SOURCE=3" +- - distro: debian +- release: testing +- sanitizers: "" +- llvm: 0 +- cflags: "-Og" +- - distro: ubuntu +- release: noble +- sanitizers: "" +- llvm: 0 +- cflags: "-Og" + - distro: fedora + release: "40" + sanitizers: "" +@@ -79,11 +64,6 @@ jobs: + sanitizers: address,undefined + llvm: 1 + cflags: "-Og" +- - distro: opensuse +- release: tumbleweed +- sanitizers: "" +- llvm: 0 +- cflags: "-Og" + - distro: centos + release: "9" + sanitizers: "" diff --git a/0068-taint-remove-unused-variable-usr_sbin.patch b/0068-taint-remove-unused-variable-usr_sbin.patch new file mode 100644 index 0000000..5f0af4a --- /dev/null +++ b/0068-taint-remove-unused-variable-usr_sbin.patch @@ -0,0 +1,27 @@ +From 423af3467e66fd07a3a739b40af97b265bd4e45e Mon Sep 17 00:00:00 2001 +From: Jan Macku +Date: Tue, 16 Jul 2024 10:09:23 +0200 +Subject: [PATCH] taint: remove unused variable `usr_sbin` + +follow-up to https://github.com/redhat-plumbers/systemd-rhel10/commit/13a07024f674e770844de29cd3d01cb7117f56d9 + +rhel-only: policy + +Related: RHEL-40924 +--- + src/core/taint.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/src/core/taint.c b/src/core/taint.c +index 4c98312f54..370f0297e3 100644 +--- a/src/core/taint.c ++++ b/src/core/taint.c +@@ -39,7 +39,7 @@ char* taint_string(void) { + * runtime should be tagged here. For stuff that is known during compilation, emit a warning in the + * configuration phase. */ + +- _cleanup_free_ char *bin = NULL, *usr_sbin = NULL, *var_run = NULL; ++ _cleanup_free_ char *bin = NULL, *var_run = NULL; + + if (readlink_malloc("/bin", &bin) < 0 || !PATH_IN_SET(bin, "usr/bin", "/usr/bin")) + stage[n++] = "unmerged-usr"; diff --git a/0069-packit-drop-the-libarchive-workaround.patch b/0069-packit-drop-the-libarchive-workaround.patch new file mode 100644 index 0000000..c32dd65 --- /dev/null +++ b/0069-packit-drop-the-libarchive-workaround.patch @@ -0,0 +1,28 @@ +From fb422df08369fd10a4d3543697f09a7bd2f4c288 Mon Sep 17 00:00:00 2001 +From: Frantisek Sumsal +Date: Wed, 17 Jul 2024 12:19:03 +0200 +Subject: [PATCH] packit: drop the libarchive workaround + +As it's not needed anymore. + +rhel-only: ci + +Related: RHEL-40924 +--- + .packit.yml | 3 --- + 1 file changed, 3 deletions(-) + +diff --git a/.packit.yml b/.packit.yml +index 340c6992ec..03b3aae7d5 100644 +--- a/.packit.yml ++++ b/.packit.yml +@@ -39,9 +39,6 @@ actions: + - 'sed -i "/^CONFIGURE_OPTS=(/a--werror" .packit_rpm/systemd.spec' + # Ignore unpackaged standalone binaries + - "sed -i 's/assert False,.*/pass/' .packit_rpm/split-files.py" +- # Temporarily add libarchive-devel build dep and libarchive runtime dep +- # until the change propagates to Rawhide's specfile +- - "sed -ri '0,/^BuildRequires: .+$/s//&\\nBuildRequires: libarchive-devel\\nRequires: libarchive/' .packit_rpm/systemd.spec" + + # Available targets can be listed via `copr-cli list-chroots` + jobs: diff --git a/0070-packit-drop-the-dependency-on-python3-zstd.patch b/0070-packit-drop-the-dependency-on-python3-zstd.patch new file mode 100644 index 0000000..8b52cc0 --- /dev/null +++ b/0070-packit-drop-the-dependency-on-python3-zstd.patch @@ -0,0 +1,28 @@ +From 43bf3e1a42e2c1a6ecd0ca6fd72c9bc6fe904703 Mon Sep 17 00:00:00 2001 +From: Frantisek Sumsal +Date: Wed, 17 Jul 2024 12:22:55 +0200 +Subject: [PATCH] packit: drop the dependency on python3-zstd + +Since it's only in the RHEL buildroot repo. + +rhel-only: ci + +Related: RHEL-40924 +--- + .packit.yml | 3 +++ + 1 file changed, 3 insertions(+) + +diff --git a/.packit.yml b/.packit.yml +index 03b3aae7d5..48ba210947 100644 +--- a/.packit.yml ++++ b/.packit.yml +@@ -39,6 +39,9 @@ actions: + - 'sed -i "/^CONFIGURE_OPTS=(/a--werror" .packit_rpm/systemd.spec' + # Ignore unpackaged standalone binaries + - "sed -i 's/assert False,.*/pass/' .packit_rpm/split-files.py" ++ # Drop the python3dist(zstd) dependency, as it's only in the RHEL buildroot ++ # repo ++ - "sed -i '/python3dist(zstd)/d' .packit_rpm/systemd.spec" + + # Available targets can be listed via `copr-cli list-chroots` + jobs: diff --git a/0071-coredump-by-default-process-and-store-core-files-up-.patch b/0071-coredump-by-default-process-and-store-core-files-up-.patch new file mode 100644 index 0000000..0d1e230 --- /dev/null +++ b/0071-coredump-by-default-process-and-store-core-files-up-.patch @@ -0,0 +1,30 @@ +From 612afd332a5e647faed3c3acba03ca653bace41b Mon Sep 17 00:00:00 2001 +From: Michal Sekletar +Date: Fri, 5 Apr 2024 15:56:58 +0200 +Subject: [PATCH] coredump: by default process and store core files up to 1GiB + +This brings policy inline with RHEL-9. + +rhel-only: policy + +Related: RHEL-46778 +--- + src/coredump/coredump.conf | 5 ++--- + 1 file changed, 2 insertions(+), 3 deletions(-) + +diff --git a/src/coredump/coredump.conf b/src/coredump/coredump.conf +index ae341e40d7..3603edb782 100644 +--- a/src/coredump/coredump.conf ++++ b/src/coredump/coredump.conf +@@ -19,9 +19,8 @@ + [Coredump] + #Storage=external + #Compress=yes +-# On 32-bit, the default is 1G instead of 32G. +-#ProcessSizeMax=32G +-#ExternalSizeMax=32G ++ProcessSizeMax=1G ++ExternalSizeMax=1G + #JournalSizeMax=767M + #MaxUse= + #KeepFree= diff --git a/systemd.spec b/systemd.spec index 2580322..e1ebc90 100644 --- a/systemd.spec +++ b/systemd.spec @@ -48,7 +48,7 @@ Url: https://systemd.io # Allow users to specify the version and release when building the rpm by # setting the %%version_override and %%release_override macros. Version: %{?version_override}%{!?version_override:256} -Release: 5%{?dist} +Release: 6%{?dist} %global stable %(c="%version"; [ "$c" = "${c#*.*}" ]; echo $?) @@ -170,6 +170,13 @@ Patch0061: 0061-meson-build-libsystemd-core-via-an-intermediate-stat.patch Patch0062: 0062-meson-add-option-to-build-systemd-executor-staticall.patch Patch0063: 0063-taint-remove-unmerged-bin.patch Patch0064: 0064-presets-remove-resolved.patch +Patch0065: 0065-doc-add-downstream-CONTRIBUTING-document.patch +Patch0066: 0066-ci-allow-policy-as-rhel-only-keyword.patch +Patch0067: 0067-ci-run-mkosi-test-only-for-Fedora-and-CentOS-Stream.patch +Patch0068: 0068-taint-remove-unused-variable-usr_sbin.patch +Patch0069: 0069-packit-drop-the-libarchive-workaround.patch +Patch0070: 0070-packit-drop-the-dependency-on-python3-zstd.patch +Patch0071: 0071-coredump-by-default-process-and-store-core-files-up-.patch # Downstream-only patches (9000–9999) @@ -731,6 +738,7 @@ CONFIGURE_OPTS=( # https://issues.redhat.com/browse/RHEL-16810 -Dsbat-distro-url=mailto:secalert@redhat.com -Dsshconfdir=no + -Dsshdconfdir=no ) %if %{without lto} @@ -888,12 +896,9 @@ rm %{buildroot}/usr/lib/sysusers.d/basic.conf %endif # We don't want to ship systemd-ssh-generator and it is not possible to disable it via meson_options.txt -rm %{buildroot}%{_sysconfdir}/ssh/sshd_config.d/20-systemd-userdb.conf -rmdir %{buildroot}%{_sysconfdir}/ssh/sshd_config.d/ -rm %{buildroot}%{_prefix}/lib/systemd/sshd_config.d/20-systemd-userdb.conf -rmdir %{buildroot}%{_prefix}/lib/systemd/sshd_config.d/ rm %{buildroot}%{_prefix}/lib/systemd/system-generators/systemd-ssh-generator rm %{buildroot}%{_prefix}/lib/systemd/system/ssh-access.target +rm %{buildroot}%{_prefix}/lib/systemd/systemd-ssh-proxy rm %{buildroot}%{_mandir}/man1/systemd-ssh-proxy.1 rm %{buildroot}%{_mandir}/man8/systemd-ssh-generator.8 @@ -1102,6 +1107,16 @@ rm -f .file-list-* rm -f %{name}.lang %changelog +* Fri Jul 19 2024 systemd maintenance team - 256-6 +- doc: add downstream CONTRIBUTING document (RHEL-40924) +- ci: allow `policy` as rhel-only keyword (RHEL-40924) +- ci: run mkosi test only for Fedora and CentOS Stream (RHEL-40924) +- taint: remove unused variable `usr_sbin` (RHEL-40924) +- packit: drop the libarchive workaround (RHEL-40924) +- packit: drop the dependency on python3-zstd (RHEL-40924) +- coredump: by default process and store core files up to 1GiB (RHEL-46778) +- don't ship systemd-ssh-generator harder (RHEL-40924) + * Wed Jul 17 2024 systemd maintenance team - 256-5 - don't ship systemd-ssh-generator (RHEL-40924)