import systemd-250-6.el9_0

This commit is contained in:
CentOS Sources 2022-05-17 06:28:40 -04:00 committed by Stepan Oksanichenko
commit 61a255dfc9
79 changed files with 8469 additions and 0 deletions

1
.gitignore vendored Normal file
View File

@ -0,0 +1 @@
SOURCES/systemd-250.tar.gz

1
.systemd.metadata Normal file
View File

@ -0,0 +1 @@
3b9db821b29a577d004c8823f4ff7a054c81a39c SOURCES/systemd-250.tar.gz

View File

@ -0,0 +1,52 @@
From 5a66d993a5be88524d9952193b053eac607a5c17 Mon Sep 17 00:00:00 2001
From: rpm-build <rpm-build>
Date: Wed, 1 Aug 2018 10:58:28 +0200
Subject: [PATCH] logind: set RemoveIPC to false by default
RHEL-only
Resolves: #1959836
---
man/logind.conf.xml | 2 +-
src/login/logind-core.c | 2 +-
src/login/logind.conf.in | 2 +-
3 files changed, 3 insertions(+), 3 deletions(-)
diff --git a/man/logind.conf.xml b/man/logind.conf.xml
index 3045c1b9ba..96fa076239 100644
--- a/man/logind.conf.xml
+++ b/man/logind.conf.xml
@@ -354,7 +354,7 @@
user fully logs out. Takes a boolean argument. If enabled, the user may not consume IPC resources after the
last of the user's sessions terminated. This covers System V semaphores, shared memory and message queues, as
well as POSIX shared memory and message queues. Note that IPC objects of the root user and other system users
- are excluded from the effect of this setting. Defaults to <literal>yes</literal>.</para></listitem>
+ are excluded from the effect of this setting. Defaults to <literal>no</literal>.</para></listitem>
</varlistentry>
</variablelist>
diff --git a/src/login/logind-core.c b/src/login/logind-core.c
index 254a1a69fb..616c08132a 100644
--- a/src/login/logind-core.c
+++ b/src/login/logind-core.c
@@ -34,7 +34,7 @@ void manager_reset_config(Manager *m) {
m->n_autovts = 6;
m->reserve_vt = 6;
- m->remove_ipc = true;
+ m->remove_ipc = false;
m->inhibit_delay_max = 5 * USEC_PER_SEC;
m->user_stop_delay = 10 * USEC_PER_SEC;
diff --git a/src/login/logind.conf.in b/src/login/logind.conf.in
index 2d084e134d..79d685b3de 100644
--- a/src/login/logind.conf.in
+++ b/src/login/logind.conf.in
@@ -40,6 +40,6 @@
#IdleActionSec=30min
#RuntimeDirectorySize=10%
#RuntimeDirectoryInodes=400k
-#RemoveIPC=yes
+#RemoveIPC=no
#InhibitorsMax=8192
#SessionsMax=8192

View File

@ -0,0 +1,43 @@
From 92b6ae2097ae90355775217529d2fd55f7b84e31 Mon Sep 17 00:00:00 2001
From: Michal Sekletar <msekleta@redhat.com>
Date: Thu, 5 Aug 2021 17:11:47 +0200
Subject: [PATCH] tmpfiles: don't create resolv.conf -> stub-resolv.conf
symlink
RHEL-only
Resolves: #1989472
---
tmpfiles.d/meson.build | 1 -
tmpfiles.d/systemd-resolve.conf | 10 ----------
2 files changed, 11 deletions(-)
delete mode 100644 tmpfiles.d/systemd-resolve.conf
diff --git a/tmpfiles.d/meson.build b/tmpfiles.d/meson.build
index b8d3919025..6ae9e3e0b8 100644
--- a/tmpfiles.d/meson.build
+++ b/tmpfiles.d/meson.build
@@ -7,7 +7,6 @@ files = [['README', ''],
['journal-nocow.conf', ''],
['systemd-nologin.conf', 'HAVE_PAM'],
['systemd-nspawn.conf', 'ENABLE_MACHINED'],
- ['systemd-resolve.conf', 'ENABLE_RESOLVE'],
['systemd-tmp.conf', ''],
['portables.conf', 'ENABLE_PORTABLED'],
['systemd-pstore.conf', 'ENABLE_PSTORE'],
diff --git a/tmpfiles.d/systemd-resolve.conf b/tmpfiles.d/systemd-resolve.conf
deleted file mode 100644
index cb1c56d6a6..0000000000
--- a/tmpfiles.d/systemd-resolve.conf
+++ /dev/null
@@ -1,10 +0,0 @@
-# This file is part of systemd.
-#
-# systemd is free software; you can redistribute it and/or modify it
-# under the terms of the GNU Lesser General Public License as published by
-# the Free Software Foundation; either version 2.1 of the License, or
-# (at your option) any later version.
-
-# See tmpfiles.d(5) for details
-
-L! /etc/resolv.conf - - - - ../run/systemd/resolve/stub-resolv.conf

View File

@ -0,0 +1,78 @@
From 24f033a2a5c03848ae518278c8025e13130146af Mon Sep 17 00:00:00 2001
From: David Tardon <dtardon@redhat.com>
Date: Fri, 2 Jul 2021 13:25:51 +0200
Subject: [PATCH] Copy 40-redhat.rules from RHEL-8
RHEL-only
Resolves: #1978639
---
rules.d/40-redhat.rules | 46 +++++++++++++++++++++++++++++++++++++++++
rules.d/meson.build | 1 +
2 files changed, 47 insertions(+)
create mode 100644 rules.d/40-redhat.rules
diff --git a/rules.d/40-redhat.rules b/rules.d/40-redhat.rules
new file mode 100644
index 0000000000..3c95cd2df0
--- /dev/null
+++ b/rules.d/40-redhat.rules
@@ -0,0 +1,46 @@
+# do not edit this file, it will be overwritten on update
+
+# CPU hotadd request
+SUBSYSTEM=="cpu", ACTION=="add", TEST=="online", ATTR{online}=="0", ATTR{online}="1"
+
+# Memory hotadd request
+SUBSYSTEM!="memory", GOTO="memory_hotplug_end"
+ACTION!="add", GOTO="memory_hotplug_end"
+CONST{arch}=="s390*", GOTO="memory_hotplug_end"
+CONST{arch}=="ppc64*", GOTO="memory_hotplug_end"
+
+ENV{.state}="online"
+CONST{virt}=="none", ENV{.state}="online_movable"
+ATTR{state}=="offline", ATTR{state}="$env{.state}"
+
+LABEL="memory_hotplug_end"
+
+# reload sysctl.conf / sysctl.conf.d settings when the bridge module is loaded
+ACTION=="add", SUBSYSTEM=="module", KERNEL=="bridge", RUN+="/usr/lib/systemd/systemd-sysctl --prefix=/proc/sys/net/bridge"
+
+# load SCSI generic (sg) driver
+SUBSYSTEM=="scsi", ENV{DEVTYPE}=="scsi_device", TEST!="[module/sg]", RUN+="/sbin/modprobe -bv sg"
+SUBSYSTEM=="scsi", ENV{DEVTYPE}=="scsi_target", TEST!="[module/sg]", RUN+="/sbin/modprobe -bv sg"
+
+# Rule for prandom character device node permissions
+KERNEL=="prandom", MODE="0644"
+
+# Rules for creating the ID_PATH for SCSI devices based on the CCW bus
+# using the form: ccw-<BUS_ID>-zfcp-<WWPN>:<LUN>
+#
+ACTION=="remove", GOTO="zfcp_scsi_device_end"
+
+#
+# Set environment variable "ID_ZFCP_BUS" to "1" if the devices
+# (both disk and partition) are SCSI devices based on FCP devices
+#
+KERNEL=="sd*", SUBSYSTEMS=="ccw", DRIVERS=="zfcp", ENV{.ID_ZFCP_BUS}="1"
+
+# For SCSI disks
+KERNEL=="sd*[!0-9]", SUBSYSTEMS=="scsi", ENV{.ID_ZFCP_BUS}=="1", ENV{DEVTYPE}=="disk", SYMLINK+="disk/by-path/ccw-$attr{hba_id}-zfcp-$attr{wwpn}:$attr{fcp_lun}"
+
+
+# For partitions on a SCSI disk
+KERNEL=="sd*[0-9]", SUBSYSTEMS=="scsi", ENV{.ID_ZFCP_BUS}=="1", ENV{DEVTYPE}=="partition", SYMLINK+="disk/by-path/ccw-$attr{hba_id}-zfcp-$attr{wwpn}:$attr{fcp_lun}-part%n"
+
+LABEL="zfcp_scsi_device_end"
diff --git a/rules.d/meson.build b/rules.d/meson.build
index 5cecddb34f..c5c3590b29 100644
--- a/rules.d/meson.build
+++ b/rules.d/meson.build
@@ -5,6 +5,7 @@ install_data(
install_dir : udevrulesdir)
rules = files('''
+ 40-redhat.rules
60-autosuspend.rules
60-block.rules
60-cdrom_id.rules

View File

@ -0,0 +1,45 @@
From c9ca30a1debbdf24ab6fcbe1aa1ec7ac5f222cb4 Mon Sep 17 00:00:00 2001
From: Jan Synacek <jsynacek@redhat.com>
Date: Tue, 15 May 2018 09:24:20 +0200
Subject: [PATCH] Avoid /tmp being mounted as tmpfs without the user's will
Ensure PrivateTmp doesn't require tmpfs through tmp.mount, but rather
adds an After relationship.
RHEL-only
Resolves: #1959826
---
src/core/unit.c | 7 +------
units/basic.target | 3 ++-
2 files changed, 3 insertions(+), 7 deletions(-)
diff --git a/src/core/unit.c b/src/core/unit.c
index b1f1f5c82c..3a8251e2b8 100644
--- a/src/core/unit.c
+++ b/src/core/unit.c
@@ -1280,12 +1280,7 @@ int unit_add_exec_dependencies(Unit *u, ExecContext *c) {
}
if (c->private_tmp) {
-
- /* FIXME: for now we make a special case for /tmp and add a weak dependency on
- * tmp.mount so /tmp being masked is supported. However there's no reason to treat
- * /tmp specifically and masking other mount units should be handled more
- * gracefully too, see PR#16894. */
- r = unit_add_two_dependencies_by_name(u, UNIT_AFTER, UNIT_WANTS, "tmp.mount", true, UNIT_DEPENDENCY_FILE);
+ r = unit_add_dependency_by_name(u, UNIT_AFTER, "tmp.mount", true, UNIT_DEPENDENCY_FILE);
if (r < 0)
return r;
diff --git a/units/basic.target b/units/basic.target
index d8cdd5ac14..9eae0782a2 100644
--- a/units/basic.target
+++ b/units/basic.target
@@ -19,4 +19,5 @@ After=sysinit.target sockets.target paths.target slices.target tmp.mount
# require /var and /var/tmp, but only add a Wants= type dependency on /tmp, as
# we support that unit being masked, and this should not be considered an error.
RequiresMountsFor=/var /var/tmp
-Wants=tmp.mount
+# RHEL-only: Disable /tmp on tmpfs.
+#Wants=tmp.mount

View File

@ -0,0 +1,38 @@
From ba6b7f1b4409b337b5b4ffc47259ad5c43c436c4 Mon Sep 17 00:00:00 2001
From: Lukas Nykryn <lnykryn@redhat.com>
Date: Mon, 5 Sep 2016 12:47:09 +0200
Subject: [PATCH] unit: don't add Requires for tmp.mount
rhel-only
Resolves: #1619292
---
src/core/mount.c | 2 +-
src/core/unit.c | 2 +-
2 files changed, 2 insertions(+), 2 deletions(-)
diff --git a/src/core/mount.c b/src/core/mount.c
index 0170406351..4d407ca4e5 100644
--- a/src/core/mount.c
+++ b/src/core/mount.c
@@ -335,7 +335,7 @@ static int mount_add_mount_dependencies(Mount *m) {
if (r < 0)
return r;
- if (UNIT(m)->fragment_path) {
+ if (UNIT(m)->fragment_path && !streq(UNIT(m)->id, "tmp.mount")) {
/* If we have fragment configuration, then make this dependency required */
r = unit_add_dependency(other, UNIT_REQUIRES, UNIT(m), true, UNIT_DEPENDENCY_PATH);
if (r < 0)
diff --git a/src/core/unit.c b/src/core/unit.c
index 3a8251e2b8..d2adb447b6 100644
--- a/src/core/unit.c
+++ b/src/core/unit.c
@@ -1520,7 +1520,7 @@ static int unit_add_mount_dependencies(Unit *u) {
if (r < 0)
return r;
- if (m->fragment_path) {
+ if (m->fragment_path && !streq(m->id, "tmp.mount")) {
r = unit_add_dependency(u, UNIT_REQUIRES, m, true, di.origin_mask);
if (r < 0)
return r;

View File

@ -0,0 +1,24 @@
From 0e4d18011e394d83c5e6ce045c05b03619fe7145 Mon Sep 17 00:00:00 2001
From: Jan Synacek <jsynacek@redhat.com>
Date: Tue, 22 Jan 2019 10:28:42 +0100
Subject: [PATCH] units: add [Install] section to tmp.mount
RHEL-only
Related: #1959826
---
units/tmp.mount | 4 ++++
1 file changed, 4 insertions(+)
diff --git a/units/tmp.mount b/units/tmp.mount
index 4e1bb8de24..4874e8daff 100644
--- a/units/tmp.mount
+++ b/units/tmp.mount
@@ -23,3 +23,7 @@ What=tmpfs
Where=/tmp
Type=tmpfs
Options=mode=1777,strictatime,nosuid,nodev,size=50%,nr_inodes=1m
+
+# Make 'systemctl enable tmp.mount' work:
+[Install]
+WantedBy=local-fs.target

View File

@ -0,0 +1,29 @@
From 6dc2d5628fded20609561ca3c63517b3dc381042 Mon Sep 17 00:00:00 2001
From: David Tardon <dtardon@redhat.com>
Date: Thu, 11 Mar 2021 15:48:23 +0100
Subject: [PATCH] rc-local: order after network-online.target
I think this was the intent of commit 91b684c7300879a8d2006038f7d9185d92c3c3bf,
just network-online.target didn't exist back then.
RHEL-only
Resolves: #1954429
---
units/rc-local.service.in | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/units/rc-local.service.in b/units/rc-local.service.in
index 55e83dfe00..0eee722154 100644
--- a/units/rc-local.service.in
+++ b/units/rc-local.service.in
@@ -13,7 +13,8 @@
Description={{RC_LOCAL_PATH}} Compatibility
Documentation=man:systemd-rc-local-generator(8)
ConditionFileIsExecutable={{RC_LOCAL_PATH}}
-After=network.target
+After=network-online.target
+Wants=network-online.target
[Service]
Type=forking

View File

@ -0,0 +1,298 @@
From b9c7cd794733257a17b2eb9eadc716007e509ca9 Mon Sep 17 00:00:00 2001
From: Frantisek Sumsal <frantisek@sumsal.cz>
Date: Sun, 18 Apr 2021 20:46:06 +0200
Subject: [PATCH] ci: drop CIs irrelevant for downstream
* CIFuzz would need a separate project in oss-fuzz
* Coverity would also need a separate project
* the Labeler action is superfluous, since we already have a bot for
that
* mkosi testing on other distros is irrelevant for downstream RHEL
repo
Resolves: #1960703
rhel-only
---
.github/labeler.yml | 40 -----------------
.github/workflows/cifuzz.yml | 55 -----------------------
.github/workflows/coverity.yml | 43 ------------------
.github/workflows/labeler.yml | 23 ----------
.github/workflows/mkosi.yml | 80 ----------------------------------
5 files changed, 241 deletions(-)
delete mode 100644 .github/labeler.yml
delete mode 100644 .github/workflows/cifuzz.yml
delete mode 100644 .github/workflows/coverity.yml
delete mode 100644 .github/workflows/labeler.yml
delete mode 100644 .github/workflows/mkosi.yml
diff --git a/.github/labeler.yml b/.github/labeler.yml
deleted file mode 100644
index 7d128f42d6..0000000000
--- a/.github/labeler.yml
+++ /dev/null
@@ -1,40 +0,0 @@
-# SPDX-License-Identifier: LGPL-2.1-or-later
-
-hwdb:
- - hwdb.d/**/*
-units:
- - units/**/*
-documentation:
- - NEWS
- - docs/*
-network:
- - src/libsystemd-network/**/*
- - src/network/**/*
-udev:
- - src/udev/**/*
- - src/libudev/*
-selinux:
- - '**/*selinux*'
-apparmor:
- - '**/*apparmor*'
-meson:
- - meson_option.txt
-mkosi:
- - .mkosi/*
- - mkosi.build
-busctl:
- - src/busctl/*
-systemctl:
- - src/systemctl/*
-journal:
- - src/journal/*
-journal-remote:
- - src/journal-remote/*
-portable:
- - src/portable/**/*
-resolve:
- - src/resolve/*
-timedate:
- - src/timedate/*
-timesync:
- - src/timesync/*
diff --git a/.github/workflows/cifuzz.yml b/.github/workflows/cifuzz.yml
deleted file mode 100644
index 11ea788a47..0000000000
--- a/.github/workflows/cifuzz.yml
+++ /dev/null
@@ -1,55 +0,0 @@
----
-# vi: ts=2 sw=2 et:
-# SPDX-License-Identifier: LGPL-2.1-or-later
-# See: https://google.github.io/oss-fuzz/getting-started/continuous-integration/
-
-name: CIFuzz
-
-permissions:
- contents: read
-
-on:
- pull_request:
- paths:
- - '**/meson.build'
- - '.github/workflows/**'
- - 'meson_options.txt'
- - 'src/**'
- - 'test/fuzz/**'
- - 'tools/oss-fuzz.sh'
- push:
- branches:
- - main
-jobs:
- Fuzzing:
- runs-on: ubuntu-latest
- if: github.repository == 'systemd/systemd'
- concurrency:
- group: ${{ github.workflow }}-${{ matrix.sanitizer }}-${{ github.ref }}
- cancel-in-progress: true
- strategy:
- fail-fast: false
- matrix:
- sanitizer: [address, undefined, memory]
- steps:
- - name: Build Fuzzers (${{ matrix.sanitizer }})
- id: build
- uses: google/oss-fuzz/infra/cifuzz/actions/build_fuzzers@master
- with:
- oss-fuzz-project-name: 'systemd'
- dry-run: false
- allowed-broken-targets-percentage: 0
- sanitizer: ${{ matrix.sanitizer }}
- - name: Run Fuzzers (${{ matrix.sanitizer }})
- uses: google/oss-fuzz/infra/cifuzz/actions/run_fuzzers@master
- with:
- oss-fuzz-project-name: 'systemd'
- fuzz-seconds: 600
- dry-run: false
- sanitizer: ${{ matrix.sanitizer }}
- - name: Upload Crash
- uses: actions/upload-artifact@82c141cc518b40d92cc801eee768e7aafc9c2fa2
- if: failure() && steps.build.outcome == 'success'
- with:
- name: ${{ matrix.sanitizer }}-artifacts
- path: ./out/artifacts
diff --git a/.github/workflows/coverity.yml b/.github/workflows/coverity.yml
deleted file mode 100644
index a164d16fbf..0000000000
--- a/.github/workflows/coverity.yml
+++ /dev/null
@@ -1,43 +0,0 @@
----
-# vi: ts=2 sw=2 et:
-# SPDX-License-Identifier: LGPL-2.1-or-later
-#
-name: Coverity
-
-on:
- schedule:
- # Run Coverity daily at midnight
- - cron: '0 0 * * *'
-
-permissions:
- contents: read
-
-jobs:
- build:
- runs-on: ubuntu-20.04
- if: github.repository == 'systemd/systemd'
- env:
- COVERITY_SCAN_BRANCH_PATTERN: "${{ github.ref}}"
- COVERITY_SCAN_NOTIFICATION_EMAIL: ""
- COVERITY_SCAN_PROJECT_NAME: "${{ github.repository }}"
- # Set in repo settings -> secrets -> repository secrets
- COVERITY_SCAN_TOKEN: "${{ secrets.COVERITY_SCAN_TOKEN }}"
- CURRENT_REF: "${{ github.ref }}"
- steps:
- - name: Repository checkout
- uses: actions/checkout@ec3a7ce113134d7a93b817d10a8272cb61118579
- # https://docs.github.com/en/free-pro-team@latest/actions/reference/workflow-commands-for-github-actions#setting-an-environment-variable
- - name: Set the $COVERITY_SCAN_NOTIFICATION_EMAIL env variable
- run: echo "COVERITY_SCAN_NOTIFICATION_EMAIL=$(git log -1 ${{ github.sha }} --pretty=\"%aE\")" >> $GITHUB_ENV
- - name: Install Coverity tools
- run: tools/get-coverity.sh
- # Reuse the setup phase of the unit test script to avoid code duplication
- - name: Install build dependencies
- run: sudo -E .github/workflows/unit_tests.sh SETUP
- # Preconfigure with meson to prevent Coverity from capturing meson metadata
- - name: Preconfigure the build directory
- run: meson cov-build -Dman=false
- - name: Build
- run: tools/coverity.sh build
- - name: Upload the results
- run: tools/coverity.sh upload
diff --git a/.github/workflows/labeler.yml b/.github/workflows/labeler.yml
deleted file mode 100644
index 34d9d63d42..0000000000
--- a/.github/workflows/labeler.yml
+++ /dev/null
@@ -1,23 +0,0 @@
----
-# vi: ts=2 sw=2 et:
-# SPDX-License-Identifier: LGPL-2.1-or-later
-#
-name: "Pull Request Labeler"
-
-on:
-- pull_request_target
-
-permissions:
- contents: read
-
-jobs:
- triage:
- runs-on: ubuntu-latest
- permissions:
- pull-requests: write
- steps:
- - uses: actions/labeler@69da01b8e0929f147b8943611bee75ee4175a49e
- with:
- repo-token: "${{ secrets.GITHUB_TOKEN }}"
- configuration-path: .github/labeler.yml
- sync-labels: "" # This is a workaround for issue 18671
diff --git a/.github/workflows/mkosi.yml b/.github/workflows/mkosi.yml
deleted file mode 100644
index 8fd6c72e26..0000000000
--- a/.github/workflows/mkosi.yml
+++ /dev/null
@@ -1,80 +0,0 @@
----
-# vi: ts=2 sw=2 et:
-# SPDX-License-Identifier: LGPL-2.1-or-later
-# Simple boot tests that build and boot the mkosi images generated by the mkosi config files in mkosi.default.d/.
-name: mkosi
-
-on:
- push:
- branches:
- - main
- - v[0-9]+-stable
- pull_request:
- branches:
- - main
- - v[0-9]+-stable
-
-permissions:
- contents: read
-
-env:
- # Enable debug logging in systemd, but keep udev's log level to info,
- # since it's _very_ verbose in the QEMU task
- KERNEL_CMDLINE: "systemd.unit=mkosi-check-and-shutdown.service !quiet systemd.log_level=debug systemd.log_target=console udev.log_level=info systemd.default_standard_output=journal+console"
-
-jobs:
- ci:
- runs-on: ubuntu-20.04
- concurrency:
- group: ${{ github.workflow }}-${{ matrix.distro }}-${{ github.ref }}
- cancel-in-progress: true
- strategy:
- fail-fast: false
- matrix:
- distro:
- - arch
- - debian
- - ubuntu
- - fedora
- - opensuse
-
- steps:
- - uses: actions/checkout@ec3a7ce113134d7a93b817d10a8272cb61118579
- - uses: systemd/mkosi@4d64fc8134f93d87ac584183e7762ac1d0efa0e5
-
- - name: Install
- run: sudo apt-get update && sudo apt-get install --no-install-recommends python3-pexpect python3-jinja2
-
- - name: Configure
- run: echo -e "[Distribution]\nDistribution=${{ matrix.distro }}\n" >mkosi.default
-
- # Ubuntu's systemd-nspawn doesn't support faccessat2() syscall, which is
- # required, since current Arch's glibc implements faccessat() via faccessat2().
- - name: Update systemd-nspawn
- if: ${{ matrix.distro == 'arch' }}
- run: |
- echo "deb-src http://archive.ubuntu.com/ubuntu/ $(lsb_release -cs) main restricted universe multiverse" | sudo tee -a /etc/apt/sources.list
- sudo apt update
- sudo apt build-dep systemd
- meson build
- ninja -C build
- sudo ln -svf $PWD/build/systemd-nspawn `which systemd-nspawn`
- systemd-nspawn --version
-
- - name: Build ${{ matrix.distro }}
- run: ./.github/workflows/run_mkosi.sh --build-environment=CI_BUILD=1 --kernel-command-line "${{ env.KERNEL_CMDLINE }}" build
-
- - name: Show ${{ matrix.distro }} image summary
- run: ./.github/workflows/run_mkosi.sh summary
-
- - name: Boot ${{ matrix.distro }} systemd-nspawn
- run: ./.github/workflows/run_mkosi.sh boot ${{ env.KERNEL_CMDLINE }}
-
- - name: Check ${{ matrix.distro }} systemd-nspawn
- run: ./.github/workflows/run_mkosi.sh shell bash -c "[[ -e /testok ]] || { cat /failed-services; exit 1; }"
-
- - name: Boot ${{ matrix.distro }} QEMU
- run: ./.github/workflows/run_mkosi.sh qemu
-
- - name: Check ${{ matrix.distro }} QEMU
- run: ./.github/workflows/run_mkosi.sh shell bash -c "[[ -e /testok ]] || { cat /failed-services; exit 1; }"

View File

@ -0,0 +1,61 @@
From d931821a263e34805f825cf12a0a0fcde9beda99 Mon Sep 17 00:00:00 2001
From: Frantisek Sumsal <frantisek@sumsal.cz>
Date: Wed, 9 Jun 2021 15:23:59 +0200
Subject: [PATCH] ci: reconfigure Packit for RHEL 9
Resolves: #1960703
rhel-only
---
.packit.yml | 28 ++++++++++++++++++----------
1 file changed, 18 insertions(+), 10 deletions(-)
diff --git a/.packit.yml b/.packit.yml
index 962c77913e..3461bccbc5 100644
--- a/.packit.yml
+++ b/.packit.yml
@@ -16,14 +16,12 @@ upstream_tag_template: "v{version}"
actions:
post-upstream-clone:
- # Use the Fedora Rawhide specfile
- - "git clone https://src.fedoraproject.org/rpms/systemd .packit_rpm --depth=1"
+ # Use the CentOS Stream specfile
+ - "git clone https://gitlab.com/redhat/centos-stream/rpms/systemd.git .packit_rpm --depth=1"
# Drop the "sources" file so rebase-helper doesn't think we're a dist-git
- "rm -fv .packit_rpm/sources"
- # Drop backported patches from the specfile, but keep the downstream-only ones
- # - Patch0000-0499: backported patches from upstream
- # - Patch0500-9999: downstream-only patches
- - "sed -ri '/^Patch0[0-4]?[0-9]{0,2}\\:.+\\.patch/d' .packit_rpm/systemd.spec"
+ # Drop all patches, since they're already included in the tarball
+ - "sed -ri '/^Patch[0-9]+:/d' .packit_rpm/systemd.spec"
# Build the RPM with --werror. Even though --werror doesn't work in all
# cases (see [0]), we can't use -Dc_args=/-Dcpp_args= here because of the
# RPM hardening macros, that use $CFLAGS/$CPPFLAGS (see [1]).
@@ -32,12 +30,22 @@ actions:
# [1] https://github.com/systemd/systemd/pull/18908#issuecomment-792250110
- 'sed -i "/^CONFIGURE_OPTS=(/a--werror" .packit_rpm/systemd.spec'
+# Available targets can be listed via `copr-cli list-chroots`
jobs:
+# Build test
- job: copr_build
trigger: pull_request
metadata:
targets:
- - fedora-rawhide-aarch64
- - fedora-rawhide-i386
- - fedora-rawhide-ppc64le
- - fedora-rawhide-x86_64
+ # FIXME: change to CentOS 9 once it's available
+ - fedora-34-x86_64
+ - fedora-34-aarch64
+
+# TODO: can't use TFT yet due to https://pagure.io/fedora-ci/general/issue/184
+# Run tests (via testing farm)
+#- job: tests
+# trigger: pull_request
+# metadata:
+# targets:
+# # FIXME: change to CentOS 9 once it's available
+# - fedora-34-x86_64

View File

@ -0,0 +1,28 @@
From 785b53d7b16c6c56638029e8b4f59c436f1394b8 Mon Sep 17 00:00:00 2001
From: Frantisek Sumsal <frantisek@sumsal.cz>
Date: Thu, 15 Jul 2021 12:23:27 +0200
Subject: [PATCH] ci: run unit tests on z-stream branches as well
Resolves: #1960703
rhel-only
---
.github/workflows/unit_tests.yml | 6 +-----
1 file changed, 1 insertion(+), 5 deletions(-)
diff --git a/.github/workflows/unit_tests.yml b/.github/workflows/unit_tests.yml
index d4a4f3c723..2afde5d59d 100644
--- a/.github/workflows/unit_tests.yml
+++ b/.github/workflows/unit_tests.yml
@@ -3,11 +3,7 @@
# SPDX-License-Identifier: LGPL-2.1-or-later
#
name: Unit tests
-on:
- pull_request:
- branches:
- - main
- - v[0-9]+-stable
+on: [pull_request]
permissions:
contents: read

View File

@ -0,0 +1,25 @@
From c1555a7d38235cca32492c4606e30028dc008b35 Mon Sep 17 00:00:00 2001
From: David Tardon <dtardon@redhat.com>
Date: Thu, 15 Jul 2021 11:15:17 +0200
Subject: [PATCH] random-util: increase random seed size to 1024
RHEL-only
Resolves: #1982603
---
src/basic/random-util.h | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/basic/random-util.h b/src/basic/random-util.h
index e6528ddc7f..fda78552f6 100644
--- a/src/basic/random-util.h
+++ b/src/basic/random-util.h
@@ -34,7 +34,7 @@ static inline uint32_t random_u32(void) {
int rdrand(unsigned long *ret);
/* Some limits on the pool sizes when we deal with the kernel random pool */
-#define RANDOM_POOL_SIZE_MIN 512U
+#define RANDOM_POOL_SIZE_MIN 1024U
#define RANDOM_POOL_SIZE_MAX (10U*1024U*1024U)
size_t random_pool_size(void);

View File

@ -0,0 +1,41 @@
From f1d66259bcff8333d7dd495bbeef274206f7300d Mon Sep 17 00:00:00 2001
From: Jan Synacek <jsynacek@redhat.com>
Date: Thu, 2 May 2019 14:11:54 +0200
Subject: [PATCH] journal: don't enable systemd-journald-audit.socket by
default
RHEL-only
Resolves: #1973856
---
units/meson.build | 3 +--
units/systemd-journald.service.in | 2 +-
2 files changed, 2 insertions(+), 3 deletions(-)
diff --git a/units/meson.build b/units/meson.build
index a9bf28f6d9..69d53f4259 100644
--- a/units/meson.build
+++ b/units/meson.build
@@ -124,8 +124,7 @@ units = [
'sysinit.target.wants/'],
['systemd-journal-gatewayd.socket', 'ENABLE_REMOTE HAVE_MICROHTTPD'],
['systemd-journal-remote.socket', 'ENABLE_REMOTE HAVE_MICROHTTPD'],
- ['systemd-journald-audit.socket', '',
- 'sockets.target.wants/'],
+ ['systemd-journald-audit.socket', ''],
['systemd-journald-dev-log.socket', '',
'sockets.target.wants/'],
['systemd-journald.socket', '',
diff --git a/units/systemd-journald.service.in b/units/systemd-journald.service.in
index cd17b6b4e7..d981273b07 100644
--- a/units/systemd-journald.service.in
+++ b/units/systemd-journald.service.in
@@ -12,7 +12,7 @@ Description=Journal Service
Documentation=man:systemd-journald.service(8) man:journald.conf(5)
DefaultDependencies=no
Requires=systemd-journald.socket
-After=systemd-journald.socket systemd-journald-dev-log.socket systemd-journald-audit.socket syslog.socket
+After=systemd-journald.socket systemd-journald-dev-log.socket syslog.socket
Before=sysinit.target
[Service]

View File

@ -0,0 +1,22 @@
From 56d9b62ce456e8c0e520bda3447db38864983173 Mon Sep 17 00:00:00 2001
From: David Tardon <dtardon@redhat.com>
Date: Thu, 5 Aug 2021 15:26:13 +0200
Subject: [PATCH] journald.conf: don't touch current audit settings
RHEL-only
Related: #1973856
---
src/journal/journald.conf | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/journal/journald.conf b/src/journal/journald.conf
index 5a60a9d39c..3544da2112 100644
--- a/src/journal/journald.conf
+++ b/src/journal/journald.conf
@@ -44,4 +44,4 @@
#MaxLevelWall=emerg
#LineMax=48K
#ReadKMsg=yes
-#Audit=yes
+Audit=

View File

@ -0,0 +1,137 @@
From 2843766767452a69dade1ef8ab2d1d3e5e68a1d3 Mon Sep 17 00:00:00 2001
From: David Tardon <dtardon@redhat.com>
Date: Tue, 10 Aug 2021 14:46:16 +0200
Subject: [PATCH] Revert "udev: remove WAIT_FOR key"
This reverts commit f2b8052fb648b788936dd3e85be6a9aca90fbb2f.
RHEL-only
Resolves: #1982666
---
man/udev.xml | 9 +++++++
src/udev/udev-rules.c | 56 +++++++++++++++++++++++++++++++++++++++
test/rule-syntax-check.py | 2 +-
3 files changed, 66 insertions(+), 1 deletion(-)
diff --git a/man/udev.xml b/man/udev.xml
index f6ea2abc12..ce96e201e4 100644
--- a/man/udev.xml
+++ b/man/udev.xml
@@ -592,6 +592,15 @@
</listitem>
</varlistentry>
+ <varlistentry>
+ <term><varname>WAIT_FOR</varname></term>
+ <listitem>
+ <para>Wait for a file to become available or until a timeout of
+ 10 seconds expires. The path is relative to the sysfs device;
+ if no path is specified, this waits for an attribute to appear.</para>
+ </listitem>
+ </varlistentry>
+
<varlistentry>
<term><varname>OPTIONS</varname></term>
<listitem>
diff --git a/src/udev/udev-rules.c b/src/udev/udev-rules.c
index 1a384d6b38..243a792662 100644
--- a/src/udev/udev-rules.c
+++ b/src/udev/udev-rules.c
@@ -79,6 +79,7 @@ typedef enum {
TK_M_TAG, /* strv, sd_device_get_tag_first(), sd_device_get_tag_next() */
TK_M_SUBSYSTEM, /* string, sd_device_get_subsystem() */
TK_M_DRIVER, /* string, sd_device_get_driver() */
+ TK_M_WAITFOR,
TK_M_ATTR, /* string, takes filename through attribute, sd_device_get_sysattr_value(), udev_resolve_subsys_kernel(), etc. */
TK_M_SYSCTL, /* string, takes kernel parameter through attribute */
@@ -416,6 +417,47 @@ static void rule_line_append_token(UdevRuleLine *rule_line, UdevRuleToken *token
rule_line->current_token = token;
}
+#define WAIT_LOOP_PER_SECOND 50
+static int wait_for_file(sd_device *dev, const char *file, int timeout) {
+ char filepath[UDEV_PATH_SIZE];
+ char devicepath[UDEV_PATH_SIZE];
+ struct stat stats;
+ int loop = timeout * WAIT_LOOP_PER_SECOND;
+
+ /* a relative path is a device attribute */
+ devicepath[0] = '\0';
+ if (file[0] != '/') {
+ const char *val;
+ int r;
+
+ r = sd_device_get_syspath(dev, &val);
+ if (r < 0)
+ return r;
+ strscpyl(devicepath, sizeof(devicepath), val, NULL);
+ strscpyl(filepath, sizeof(filepath), devicepath, "/", file, NULL);
+ file = filepath;
+ }
+
+ while (--loop) {
+ const struct timespec duration = { 0, 1000 * 1000 * 1000 / WAIT_LOOP_PER_SECOND };
+
+ /* lookup file */
+ if (stat(file, &stats) == 0) {
+ log_debug("file '%s' appeared after %i loops", file, (timeout * WAIT_LOOP_PER_SECOND) - loop-1);
+ return 0;
+ }
+ /* make sure, the device did not disappear in the meantime */
+ if (devicepath[0] != '\0' && stat(devicepath, &stats) != 0) {
+ log_debug("device disappeared while waiting for '%s'", file);
+ return -2;
+ }
+ log_debug("wait for '%s' for %i mseconds", file, 1000 / WAIT_LOOP_PER_SECOND);
+ nanosleep(&duration, NULL);
+ }
+ log_debug("waiting for '%s' failed", file);
+ return -1;
+}
+
static int rule_line_add_token(UdevRuleLine *rule_line, UdevRuleTokenType type, UdevRuleOperatorType op, char *value, void *data) {
UdevRuleToken *token;
UdevRuleMatchType match_type = _MATCH_TYPE_INVALID;
@@ -958,6 +1000,12 @@ static int parse_token(UdevRules *rules, const char *key, char *attr, UdevRuleOp
r = rule_line_add_token(rule_line, TK_A_RUN_BUILTIN, op, value, UDEV_BUILTIN_CMD_TO_PTR(cmd));
} else
return log_token_invalid_attr(rules, key);
+ } else if (streq(key, "WAIT_FOR") || streq(key, "WAIT_FOR_SYSFS")) {
+ if (op == OP_REMOVE)
+ return log_token_invalid_op(rules, key);
+
+ rule_line_add_token(rule_line, TK_M_WAITFOR, 0, value, NULL);
+ return 1;
} else if (streq(key, "GOTO")) {
if (attr)
return log_token_invalid_attr(rules, key);
@@ -1643,6 +1691,14 @@ static int udev_rule_apply_token_to_event(
return token_match_string(token, val);
}
+ case TK_M_WAITFOR: {
+ char filename[UDEV_PATH_SIZE];
+ int found;
+
+ udev_event_apply_format(event, token->value, filename, sizeof(filename), false);
+ found = (wait_for_file(event->dev, filename, 10) == 0);
+ return found || (token->op == OP_NOMATCH);
+ }
case TK_M_ATTR:
case TK_M_PARENTS_ATTR:
return token_match_attr(token, dev, event);
diff --git a/test/rule-syntax-check.py b/test/rule-syntax-check.py
index 9a9e4d1658..0649bcf58e 100755
--- a/test/rule-syntax-check.py
+++ b/test/rule-syntax-check.py
@@ -20,7 +20,7 @@ no_args_tests = re.compile(r'(ACTION|DEVPATH|KERNELS?|NAME|SYMLINK|SUBSYSTEMS?|D
# PROGRAM can also be specified as an assignment.
program_assign = re.compile(r'PROGRAM\s*=\s*' + quoted_string_re + '$')
args_tests = re.compile(r'(ATTRS?|ENV|CONST|TEST){([a-zA-Z0-9/_.*%-]+)}\s*(?:=|!)=\s*' + quoted_string_re + '$')
-no_args_assign = re.compile(r'(NAME|SYMLINK|OWNER|GROUP|MODE|TAG|RUN|LABEL|GOTO|OPTIONS|IMPORT)\s*(?:\+=|:=|=)\s*' + quoted_string_re + '$')
+no_args_assign = re.compile(r'(NAME|SYMLINK|OWNER|GROUP|MODE|TAG|RUN|LABEL|GOTO|WAIT_FOR|OPTIONS|IMPORT)\s*(?:\+=|:=|=)\s*' + quoted_string_re + '$')
args_assign = re.compile(r'(ATTR|ENV|IMPORT|RUN){([a-zA-Z0-9/_.*%-]+)}\s*(=|\+=)\s*' + quoted_string_re + '$')
# Find comma-separated groups, but allow commas that are inside quoted strings.
# Using quoted_string_re + '?' so that strings missing the last double quote

View File

@ -0,0 +1,25 @@
From 9a0acc0b292d283b4507c6b749396c019af7e4ab Mon Sep 17 00:00:00 2001
From: David Tardon <dtardon@redhat.com>
Date: Wed, 25 Aug 2021 16:03:04 +0200
Subject: [PATCH] Really don't enable systemd-journald-audit.socket
RHEL-only
Resolves: #1973856
---
units/systemd-journald.service.in | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/units/systemd-journald.service.in b/units/systemd-journald.service.in
index d981273b07..f190dff5fb 100644
--- a/units/systemd-journald.service.in
+++ b/units/systemd-journald.service.in
@@ -33,7 +33,7 @@ RestrictRealtime=yes
RestrictSUIDSGID=yes
RuntimeDirectory=systemd/journal
RuntimeDirectoryPreserve=yes
-Sockets=systemd-journald.socket systemd-journald-dev-log.socket systemd-journald-audit.socket
+Sockets=systemd-journald.socket systemd-journald-dev-log.socket
StandardOutput=null
SystemCallArchitectures=native
SystemCallErrorNumber=EPERM

View File

@ -0,0 +1,56 @@
From 1e423276a24d7c895d196f9f10bf8c0b9155c633 Mon Sep 17 00:00:00 2001
From: Lukas Nykryn <lnykryn@redhat.com>
Date: Tue, 12 Feb 2019 16:58:16 +0100
Subject: [PATCH] rules: add elevator= kernel command line parameter
Kernel removed the elevator= option, so let's reintroduce
it for rhel8 via udev rule.
RHEL-only
Resolves: #2003002
---
rules.d/40-elevator.rules | 20 ++++++++++++++++++++
rules.d/meson.build | 1 +
2 files changed, 21 insertions(+)
create mode 100644 rules.d/40-elevator.rules
diff --git a/rules.d/40-elevator.rules b/rules.d/40-elevator.rules
new file mode 100644
index 0000000000..dbe8fc81a4
--- /dev/null
+++ b/rules.d/40-elevator.rules
@@ -0,0 +1,20 @@
+# We aren't adding devices skip the elevator check
+ACTION!="add", GOTO="sched_out"
+
+SUBSYSTEM!="block", GOTO="sched_out"
+ENV{DEVTYPE}!="disk", GOTO="sched_out"
+
+# Technically, dm-multipath can be configured to use an I/O scheduler.
+# However, there are races between the 'add' uevent and the linking in
+# of the queue/scheduler sysfs file. For now, just skip dm- devices.
+KERNEL=="dm-*|md*", GOTO="sched_out"
+
+# Skip bio-based devices, which don't support an I/O scheduler.
+ATTR{queue/scheduler}=="none", GOTO="sched_out"
+
+# If elevator= is specified on the kernel command line, change the
+# scheduler to the one specified.
+IMPORT{cmdline}="elevator"
+ENV{elevator}!="", ATTR{queue/scheduler}="$env{elevator}"
+
+LABEL="sched_out"
\ No newline at end of file
diff --git a/rules.d/meson.build b/rules.d/meson.build
index c5c3590b29..7e0bd89200 100644
--- a/rules.d/meson.build
+++ b/rules.d/meson.build
@@ -5,6 +5,7 @@ install_data(
install_dir : udevrulesdir)
rules = files('''
+ 40-elevator.rules
40-redhat.rules
60-autosuspend.rules
60-block.rules

View File

@ -0,0 +1,26 @@
From 41ccc595538752f04f88c80fe7a9e283d4ef12c4 Mon Sep 17 00:00:00 2001
From: Michal Sekletar <msekleta@redhat.com>
Date: Wed, 22 Sep 2021 14:38:00 +0200
Subject: [PATCH] units: don't enable tmp.mount statically in local-fs.target
RHEL-only
Related: #2000927
---
units/meson.build | 3 +--
1 file changed, 1 insertion(+), 2 deletions(-)
diff --git a/units/meson.build b/units/meson.build
index 69d53f4259..9eb535858a 100644
--- a/units/meson.build
+++ b/units/meson.build
@@ -159,8 +159,7 @@ units = [
['time-set.target', ''],
['time-sync.target', ''],
['timers.target', ''],
- ['tmp.mount', '',
- 'local-fs.target.wants/'],
+ ['tmp.mount', ''],
['umount.target', ''],
['usb-gadget.target', ''],
['user.slice', ''],

View File

@ -0,0 +1,59 @@
From 4ec48c87803916e90a8f30afae6c8bdee5bb9ba5 Mon Sep 17 00:00:00 2001
From: rpm-build <rpm-build>
Date: Wed, 1 Aug 2018 13:19:39 +0200
Subject: [PATCH] pid1: bump DefaultTasksMax to 80% of the kernel pid.max value
This should be hopefully high enough even for the very big deployments.
RHEL-only
Resolves: #2003031
---
man/systemd-system.conf.xml | 4 ++--
src/core/main.c | 2 +-
src/core/system.conf.in | 2 +-
3 files changed, 4 insertions(+), 4 deletions(-)
diff --git a/man/systemd-system.conf.xml b/man/systemd-system.conf.xml
index 3805a010e2..b8e2b65625 100644
--- a/man/systemd-system.conf.xml
+++ b/man/systemd-system.conf.xml
@@ -404,10 +404,10 @@
<listitem><para>Configure the default value for the per-unit <varname>TasksMax=</varname> setting. See
<citerefentry><refentrytitle>systemd.resource-control</refentrytitle><manvolnum>5</manvolnum></citerefentry>
for details. This setting applies to all unit types that support resource control settings, with the exception
- of slice units. Defaults to 15% of the minimum of <varname>kernel.pid_max=</varname>, <varname>kernel.threads-max=</varname>
+ of slice units. Defaults to 80% of the minimum of <varname>kernel.pid_max=</varname>, <varname>kernel.threads-max=</varname>
and root cgroup <varname>pids.max</varname>.
Kernel has a default value for <varname>kernel.pid_max=</varname> and an algorithm of counting in case of more than 32 cores.
- For example with the default <varname>kernel.pid_max=</varname>, <varname>DefaultTasksMax=</varname> defaults to 4915,
+ For example with the default <varname>kernel.pid_max=</varname>, <varname>DefaultTasksMax=</varname> defaults to 26214,
but might be greater in other systems or smaller in OS containers.</para></listitem>
</varlistentry>
diff --git a/src/core/main.c b/src/core/main.c
index 57aedb9b93..7ea848ebeb 100644
--- a/src/core/main.c
+++ b/src/core/main.c
@@ -98,7 +98,7 @@
#include <sanitizer/lsan_interface.h>
#endif
-#define DEFAULT_TASKS_MAX ((TasksMax) { 15U, 100U }) /* 15% */
+#define DEFAULT_TASKS_MAX ((TasksMax) { 80U, 100U }) /* 80% */
static enum {
ACTION_RUN,
diff --git a/src/core/system.conf.in b/src/core/system.conf.in
index 96fb64d2c1..c0dc6a7e17 100644
--- a/src/core/system.conf.in
+++ b/src/core/system.conf.in
@@ -54,7 +54,7 @@
#DefaultBlockIOAccounting=no
#DefaultMemoryAccounting={{ 'yes' if MEMORY_ACCOUNTING_DEFAULT else 'no' }}
#DefaultTasksAccounting=yes
-#DefaultTasksMax=15%
+#DefaultTasksMax=80%
#DefaultLimitCPU=
#DefaultLimitFSIZE=
#DefaultLimitDATA=

View File

@ -0,0 +1,25 @@
From 7344cdfb2792f67e50848f87eced21cded226d4a Mon Sep 17 00:00:00 2001
From: David Tardon <dtardon@redhat.com>
Date: Mon, 25 Jan 2021 16:19:56 +0100
Subject: [PATCH] set core ulimit to 0 like on RHEL-7
RHEL-only
Resolves: #1998509
---
src/core/system.conf.in | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/core/system.conf.in b/src/core/system.conf.in
index c0dc6a7e17..5913b5b0e4 100644
--- a/src/core/system.conf.in
+++ b/src/core/system.conf.in
@@ -59,7 +59,7 @@
#DefaultLimitFSIZE=
#DefaultLimitDATA=
#DefaultLimitSTACK=
-#DefaultLimitCORE=
+DefaultLimitCORE=0:infinity
#DefaultLimitRSS=
#DefaultLimitNOFILE=1024:{{HIGH_RLIMIT_NOFILE}}
#DefaultLimitAS=

View File

@ -0,0 +1,27 @@
From 402595e7b0668b8fe44b5b00b1dd45ba9cc42b82 Mon Sep 17 00:00:00 2001
From: Frantisek Sumsal <frantisek@sumsal.cz>
Date: Thu, 4 Nov 2021 12:31:32 +0100
Subject: [PATCH] ci: use C9S chroots in Packit
rhel-only
Related: #2017035
---
.packit.yml | 5 ++---
1 file changed, 2 insertions(+), 3 deletions(-)
diff --git a/.packit.yml b/.packit.yml
index 3461bccbc5..ce8782aae2 100644
--- a/.packit.yml
+++ b/.packit.yml
@@ -37,9 +37,8 @@ jobs:
trigger: pull_request
metadata:
targets:
- # FIXME: change to CentOS 9 once it's available
- - fedora-34-x86_64
- - fedora-34-aarch64
+ - centos-stream-9-x86_64
+ - centos-stream-9-aarch64
# TODO: can't use TFT yet due to https://pagure.io/fedora-ci/general/issue/184
# Run tests (via testing farm)

View File

@ -0,0 +1,136 @@
From 68199fe69a2c46e498bc7e9528d54922deecc553 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= <zbyszek@in.waw.pl>
Date: Mon, 14 Sep 2020 17:58:03 +0200
Subject: [PATCH] test-mountpointutil-util: do not assert in test_mnt_id()
https://bugzilla.redhat.com/show_bug.cgi?id=1803070
I *think* this a kernel bug: the mnt_id as listed in /proc/self/mountinfo is different
than the one we get from /proc/self/fdinfo/. This only matters when both statx and
name_to_handle_at are unavailable and we hit the fallback path that goes through fdinfo:
(gdb) !uname -r
5.6.19-200.fc31.ppc64le
(gdb) !cat /proc/self/mountinfo
697 664 253:0 /var/lib/mock/fedora-31-ppc64le/root / rw,relatime shared:298 master:1 - xfs /dev/mapper/fedora_rh--power--vm14-root rw,seclabel,attr2,inode64,logbufs=8,logbsize=32k,noquota
698 697 253:0 /var/cache/mock/fedora-31-ppc64le/yum_cache /var/cache/yum rw,relatime shared:299 master:1 - xfs /dev/mapper/fedora_rh--power--vm14-root rw,seclabel,attr2,inode64,logbufs=8,logbsize=32k,noquota
699 697 253:0 /var/cache/mock/fedora-31-ppc64le/dnf_cache /var/cache/dnf rw,relatime shared:300 master:1 - xfs /dev/mapper/fedora_rh--power--vm14-root rw,seclabel,attr2,inode64,logbufs=8,logbsize=32k,noquota
700 697 0:32 /mock-selinux-plugin.7me9bfpi /proc/filesystems rw,nosuid,nodev shared:301 master:18 - tmpfs tmpfs rw,seclabel <==========================================================
701 697 0:41 / /sys ro,nosuid,nodev,noexec,relatime shared:302 - sysfs sysfs ro,seclabel
702 701 0:21 / /sys/fs/selinux ro,nosuid,nodev,noexec,relatime shared:306 master:8 - selinuxfs selinuxfs rw
703 697 0:42 / /dev rw,nosuid shared:303 - tmpfs tmpfs rw,seclabel,mode=755
704 703 0:43 / /dev/shm rw,nosuid,nodev shared:304 - tmpfs tmpfs rw,seclabel
705 703 0:45 / /dev/pts rw,nosuid,noexec,relatime shared:307 - devpts devpts rw,seclabel,gid=5,mode=620,ptmxmode=666
706 703 0:6 /btrfs-control /dev/btrfs-control rw,nosuid shared:308 master:9 - devtmpfs devtmpfs rw,seclabel,size=4107840k,nr_inodes=64185,mode=755
707 703 0:6 /loop-control /dev/loop-control rw,nosuid shared:309 master:9 - devtmpfs devtmpfs rw,seclabel,size=4107840k,nr_inodes=64185,mode=755
708 703 0:6 /loop0 /dev/loop0 rw,nosuid shared:310 master:9 - devtmpfs devtmpfs rw,seclabel,size=4107840k,nr_inodes=64185,mode=755
709 703 0:6 /loop1 /dev/loop1 rw,nosuid shared:311 master:9 - devtmpfs devtmpfs rw,seclabel,size=4107840k,nr_inodes=64185,mode=755
710 703 0:6 /loop10 /dev/loop10 rw,nosuid shared:312 master:9 - devtmpfs devtmpfs rw,seclabel,size=4107840k,nr_inodes=64185,mode=755
711 703 0:6 /loop11 /dev/loop11 rw,nosuid shared:313 master:9 - devtmpfs devtmpfs rw,seclabel,size=4107840k,nr_inodes=64185,mode=755
712 703 0:6 /loop2 /dev/loop2 rw,nosuid shared:314 master:9 - devtmpfs devtmpfs rw,seclabel,size=4107840k,nr_inodes=64185,mode=755
713 703 0:6 /loop3 /dev/loop3 rw,nosuid shared:315 master:9 - devtmpfs devtmpfs rw,seclabel,size=4107840k,nr_inodes=64185,mode=755
714 703 0:6 /loop4 /dev/loop4 rw,nosuid shared:316 master:9 - devtmpfs devtmpfs rw,seclabel,size=4107840k,nr_inodes=64185,mode=755
715 703 0:6 /loop5 /dev/loop5 rw,nosuid shared:317 master:9 - devtmpfs devtmpfs rw,seclabel,size=4107840k,nr_inodes=64185,mode=755
716 703 0:6 /loop6 /dev/loop6 rw,nosuid shared:318 master:9 - devtmpfs devtmpfs rw,seclabel,size=4107840k,nr_inodes=64185,mode=755
717 703 0:6 /loop7 /dev/loop7 rw,nosuid shared:319 master:9 - devtmpfs devtmpfs rw,seclabel,size=4107840k,nr_inodes=64185,mode=755
718 703 0:6 /loop8 /dev/loop8 rw,nosuid shared:320 master:9 - devtmpfs devtmpfs rw,seclabel,size=4107840k,nr_inodes=64185,mode=755
719 703 0:6 /loop9 /dev/loop9 rw,nosuid shared:321 master:9 - devtmpfs devtmpfs rw,seclabel,size=4107840k,nr_inodes=64185,mode=755
720 697 0:44 / /run rw,nosuid,nodev shared:305 - tmpfs tmpfs rw,seclabel,mode=755
721 720 0:25 /systemd/nspawn/propagate/9cc8a155d0244558b273f773d2b92142 /run/systemd/nspawn/incoming ro master:12 - tmpfs tmpfs rw,seclabel,mode=755
722 697 0:32 /mock-resolv.dvml91hp /etc/resolv.conf rw,nosuid,nodev shared:322 master:18 - tmpfs tmpfs rw,seclabel
725 697 0:47 / /proc rw,nosuid,nodev,noexec,relatime shared:323 - proc proc rw
603 725 0:47 /sys /proc/sys ro,nosuid,nodev,noexec,relatime shared:323 - proc proc rw
604 725 0:44 /systemd/inaccessible/reg /proc/kallsyms ro,nosuid,nodev,noexec shared:305 - tmpfs tmpfs rw,seclabel,mode=755
605 725 0:44 /systemd/inaccessible/reg /proc/kcore ro,nosuid,nodev,noexec shared:305 - tmpfs tmpfs rw,seclabel,mode=755
606 725 0:44 /systemd/inaccessible/reg /proc/keys ro,nosuid,nodev,noexec shared:305 - tmpfs tmpfs rw,seclabel,mode=755
607 725 0:44 /systemd/inaccessible/reg /proc/sysrq-trigger ro,nosuid,nodev,noexec shared:305 - tmpfs tmpfs rw,seclabel,mode=755
608 725 0:44 /systemd/inaccessible/reg /proc/timer_list ro,nosuid,nodev,noexec shared:305 - tmpfs tmpfs rw,seclabel,mode=755
609 725 0:47 /bus /proc/bus ro,nosuid,nodev,noexec,relatime shared:323 - proc proc rw
610 725 0:47 /fs /proc/fs ro,nosuid,nodev,noexec,relatime shared:323 - proc proc rw
611 725 0:47 /irq /proc/irq ro,nosuid,nodev,noexec,relatime shared:323 - proc proc rw
612 725 0:47 /scsi /proc/scsi ro,nosuid,nodev,noexec,relatime shared:323 - proc proc rw
613 703 0:46 / /dev/mqueue rw,nosuid,nodev,noexec,relatime shared:324 - mqueue mqueue rw,seclabel
614 701 0:26 / /sys/fs/cgroup rw,nosuid,nodev,noexec,relatime shared:325 - cgroup2 cgroup rw,seclabel,nsdelegate
615 603 0:44 /.#proc-sys-kernel-random-boot-id4fbdce67af46d1c2//deleted /proc/sys/kernel/random/boot_id ro,nosuid,nodev,noexec shared:305 - tmpfs tmpfs rw,seclabel,mode=755
616 725 0:44 /.#proc-sys-kernel-random-boot-id4fbdce67af46d1c2//deleted /proc/sys/kernel/random/boot_id rw,nosuid,nodev shared:305 - tmpfs tmpfs rw,seclabel,mode=755
617 725 0:44 /.#proc-kmsg5b7a8bcfe6717139//deleted /proc/kmsg rw,nosuid,nodev shared:305 - tmpfs tmpfs rw,seclabel,mode=755
The test process does
name_to_handle_at("/proc/filesystems") which returns -EOPNOTSUPP, and then
openat(AT_FDCWD, "/proc/filesystems") which returns 4, and then
read(open("/proc/self/fdinfo/4", ...)) which gives
"pos:\t0\nflags:\t012100000\nmnt_id:\t725\n"
and the "725" is clearly inconsistent with "700" in /proc/self/mountinfo.
We could either drop the fallback path (and fail name_to_handle_at() is not
avaliable) or ignore the error in the test. Not sure what is better. I think
this issue only occurs sometimes and with older kernels, so probably continuing
with the current flaky implementation is better than ripping out the fallback.
Another strace:
writev(2</dev/pts/0>, [{iov_base="mnt ids of /proc/sys is 603", iov_len=27}, {iov_base="\n", iov_len=1}], 2mnt ids of /proc/sys is 603
) = 28
name_to_handle_at(AT_FDCWD, "/", {handle_bytes=128 => 12, handle_type=129, f_handle=0x52748401000000008b93e20d}, [697], 0) = 0
writev(2</dev/pts/0>, [{iov_base="mnt ids of / is 697", iov_len=19}, {iov_base="\n", iov_len=1}], 2mnt ids of / is 697
) = 20
name_to_handle_at(AT_FDCWD, "/proc/kcore", {handle_bytes=128 => 12, handle_type=1, f_handle=0x92ddcfcd2e802d0100000000}, [605], 0) = 0
writev(2</dev/pts/0>, [{iov_base="mnt ids of /proc/kcore is 605", iov_len=29}, {iov_base="\n", iov_len=1}], 2mnt ids of /proc/kcore is 605
) = 30
name_to_handle_at(AT_FDCWD, "/dev", {handle_bytes=128 => 12, handle_type=1, f_handle=0x8ae269160c802d0100000000}, [703], 0) = 0
writev(2</dev/pts/0>, [{iov_base="mnt ids of /dev is 703", iov_len=22}, {iov_base="\n", iov_len=1}], 2mnt ids of /dev is 703
) = 23
name_to_handle_at(AT_FDCWD, "/proc/filesystems", {handle_bytes=128}, 0x7fffe36ddb84, 0) = -1 EOPNOTSUPP (Operation not supported)
openat(AT_FDCWD, "/proc/filesystems", O_RDONLY|O_NOFOLLOW|O_CLOEXEC|O_PATH) = 4</proc/filesystems>
openat(AT_FDCWD, "/proc/self/fdinfo/4", O_RDONLY|O_CLOEXEC) = 5</proc/20/fdinfo/4>
fstat(5</proc/20/fdinfo/4>, {st_mode=S_IFREG|0400, st_size=0, ...}) = 0
fstat(5</proc/20/fdinfo/4>, {st_mode=S_IFREG|0400, st_size=0, ...}) = 0
read(5</proc/20/fdinfo/4>, "pos:\t0\nflags:\t012100000\nmnt_id:\t725\n", 2048) = 36
read(5</proc/20/fdinfo/4>, "", 1024) = 0
close(5</proc/20/fdinfo/4>) = 0
close(4</proc/filesystems>) = 0
writev(2</dev/pts/0>, [{iov_base="mnt ids of /proc/filesystems are 700, 725", iov_len=41}, {iov_base="\n", iov_len=1}], 2mnt ids of /proc/filesystems are 700, 725
) = 42
writev(2</dev/pts/0>, [{iov_base="the other path for mnt id 725 is /proc", iov_len=38}, {iov_base="\n", iov_len=1}], 2the other path for mnt id 725 is /proc
) = 39
writev(2</dev/pts/0>, [{iov_base="Assertion 'path_equal(p, t)' failed at src/test/test-mountpoint-util.c:94, function test_mnt_id(). Aborting.", iov_len=108}, {iov_base="\n", iov_len=1}], 2Assertion 'path_equal(p, t)' failed at src/test/test-mountpoint-util.c:94, function test_mnt_id(). Aborting.
) = 109
rt_sigprocmask(SIG_UNBLOCK, [ABRT], NULL, 8) = 0
rt_sigprocmask(SIG_BLOCK, ~[RTMIN RT_1], [], 8) = 0
getpid() = 20
gettid() = 20
tgkill(20, 20, SIGABRT) = 0
rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
RHEL notes: af918c4 should mitigate this issue, but in some build
systems (Copr, brew, etc.) we don't have enough privileges to create a
new mount namespace
Cherry-picked manually from https://github.com/systemd/systemd/pull/17050.
rhel-only
Related: #2017035
---
src/test/test-mountpoint-util.c | 8 ++++++--
1 file changed, 6 insertions(+), 2 deletions(-)
diff --git a/src/test/test-mountpoint-util.c b/src/test/test-mountpoint-util.c
index d11edf502a..9515d8cf7b 100644
--- a/src/test/test-mountpoint-util.c
+++ b/src/test/test-mountpoint-util.c
@@ -101,8 +101,12 @@ TEST(mnt_id) {
/* The ids don't match? If so, then there are two mounts on the same path, let's check if
* that's really the case */
char *t = hashmap_get(h, INT_TO_PTR(mnt_id2));
- log_debug("the other path for mnt id %i is %s\n", mnt_id2, t);
- assert_se(path_equal(p, t));
+ log_debug("Path for mnt id %i from /proc/self/mountinfo is %s\n", mnt_id2, t);
+
+ if (!path_equal(p, t))
+ /* Apparent kernel bug in /proc/self/fdinfo */
+ log_warning("Bad mount id given for %s: %d, should be %d",
+ p, mnt_id2, mnt_id);
}
}

View File

@ -0,0 +1,30 @@
From 3c54c67a7fc65dc5b49b2452739c19b94eeb98a9 Mon Sep 17 00:00:00 2001
From: David Tardon <dtardon@redhat.com>
Date: Tue, 21 Dec 2021 10:46:17 +0100
Subject: [PATCH] Treat EPERM as "not available" too
We need to do this because idmapped mounts habe been disabled in RHEL-9
kernel: https://bugzilla.redhat.com/show_bug.cgi?id=2018141 .
RHEL-only
Fixes #55
Related: #2017035
---
src/nspawn/nspawn.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/nspawn/nspawn.c b/src/nspawn/nspawn.c
index 8f17ab8810..9225c8f162 100644
--- a/src/nspawn/nspawn.c
+++ b/src/nspawn/nspawn.c
@@ -3780,7 +3780,7 @@ static int outer_child(
arg_uid_shift != 0) {
r = remount_idmap(directory, arg_uid_shift, arg_uid_range);
- if (r == -EINVAL || ERRNO_IS_NOT_SUPPORTED(r)) {
+ if (IN_SET(r, -EINVAL, -EPERM) || ERRNO_IS_NOT_SUPPORTED(r)) {
/* This might fail because the kernel or file system doesn't support idmapping. We
* can't really distinguish this nicely, nor do we have any guarantees about the
* error codes we see, could be EOPNOTSUPP or EINVAL. */

View File

@ -0,0 +1,39 @@
From 324d99159e1e64d78a580073626f5b645f1c3639 Mon Sep 17 00:00:00 2001
From: Frantisek Sumsal <frantisek@sumsal.cz>
Date: Mon, 31 Jan 2022 14:19:09 +0100
Subject: [PATCH] test: copy portable profiles into the image if they don't
exist there
If we're built with `-Dportable=false`, the portable profiles won't get
installed into the image. Since we need only the profile files and
nothing else, let's copy them into the image explicitly in such case.
(cherry picked from commit 6f73ef8b30803ac1be1b2607aec1a89d778caa9a)
Related: #2017035
---
test/test-functions | 11 +++++++++++
1 file changed, 11 insertions(+)
diff --git a/test/test-functions b/test/test-functions
index 218d0e6888..35d8f074a9 100644
--- a/test/test-functions
+++ b/test/test-functions
@@ -1151,6 +1151,17 @@ install_systemd() {
mkdir -p "$initdir/etc/systemd/system/service.d/"
echo -e "[Service]\nProtectSystem=no\nProtectHome=no\n" >"$initdir/etc/systemd/system/service.d/gcov-override.conf"
fi
+
+ # If we're built with -Dportabled=false, tests with systemd-analyze
+ # --profile will fail. Since we need just the profile (text) files, let's
+ # copy them into the image if they don't exist there.
+ local portable_dir="${initdir:?}${ROOTLIBDIR:?}/portable"
+ if [[ ! -d "$portable_dir/profile/strict" ]]; then
+ dinfo "Couldn't find portable profiles in the test image"
+ dinfo "Copying them directly from the source tree"
+ mkdir -p "$portable_dir"
+ cp -frv "${SOURCE_DIR:?}/src/portable/profile" "$portable_dir"
+ fi
}
get_ldpath() {

View File

@ -0,0 +1,43 @@
From 16908e1ec833d857cb418712c382c6f604426b36 Mon Sep 17 00:00:00 2001
From: Frantisek Sumsal <frantisek@sumsal.cz>
Date: Tue, 1 Feb 2022 20:18:29 +0100
Subject: [PATCH] test: introduce `get_cgroup_hierarchy() helper
which returns the host's cgroup hierarchy (unified, hybrid, or legacy).
(cherry picked from commit f723740871bd3eb89d16a526a1ff77c04bb3787a)
Related: #2047768
---
test/test-functions | 18 ++++++++++++++++++
1 file changed, 18 insertions(+)
diff --git a/test/test-functions b/test/test-functions
index 35d8f074a9..4827b6bedf 100644
--- a/test/test-functions
+++ b/test/test-functions
@@ -1996,6 +1996,24 @@ import_initdir() {
export initdir
}
+get_cgroup_hierarchy() {
+ case "$(stat -c '%T' -f /sys/fs/cgroup)" in
+ cgroup2fs)
+ echo "unified"
+ ;;
+ tmpfs)
+ if [[ -d /sys/fs/cgroup/unified && "$(stat -c '%T' -f /sys/fs/cgroup/unified)" == cgroup2fs ]]; then
+ echo "hybrid"
+ else
+ echo "legacy"
+ fi
+ ;;
+ *)
+ dfatal "Failed to determine host's cgroup hierarchy"
+ exit 1
+ esac
+}
+
## @brief Converts numeric logging level to the first letter of level name.
#
# @param lvl Numeric logging level in range from 1 to 6.

View File

@ -0,0 +1,30 @@
From 523e72e97d7c945114b54b726eaab0d379fb35fb Mon Sep 17 00:00:00 2001
From: Frantisek Sumsal <frantisek@sumsal.cz>
Date: Tue, 1 Feb 2022 20:25:00 +0100
Subject: [PATCH] test: require unified cgroup hierarchy for TEST-56
since cgroup empty notifications are unreliable in legacy cgroups.
See: systemd/systemd#22320
Complements: systemd/systemd#22344
(cherry picked from commit e2620820188428de7086f5e8ac41305177f70954)
Related: #2047768
---
test/TEST-56-EXIT-TYPE/test.sh | 5 +++++
1 file changed, 5 insertions(+)
diff --git a/test/TEST-56-EXIT-TYPE/test.sh b/test/TEST-56-EXIT-TYPE/test.sh
index 0f84dca1ba..37475e817e 100755
--- a/test/TEST-56-EXIT-TYPE/test.sh
+++ b/test/TEST-56-EXIT-TYPE/test.sh
@@ -6,4 +6,9 @@ TEST_DESCRIPTION="test ExitType=cgroup"
# shellcheck source=test/test-functions
. "${TEST_BASE_DIR:?}/test-functions"
+if [[ "$(get_cgroup_hierarchy)" != unified ]]; then
+ echo "This test requires unified cgroup hierarchy, skipping..."
+ exit 0
+fi
+
do_test "$@"

View File

@ -0,0 +1,671 @@
From 845417e653b42b8f3928c68955bd6416f2fa4509 Mon Sep 17 00:00:00 2001
From: Lennart Poettering <lennart@poettering.net>
Date: Tue, 1 Feb 2022 12:06:59 +0100
Subject: [PATCH] tests: rework test macros to not take code as parameters
C macros are nasty. We use them, but we try to be conservative with
them. In particular passing literal, complex code blocks as argument is
icky, because of "," handling of C, and also because it's quite a
challange for most code highlighters and similar. Hence, let's avoid
that. Using macros for genreating functions is OK but if so, the
parameters should be simple words, not full code blocks.
hence, rework DEFINE_CUSTOM_TEST_MAIN() to take a function name instead
of code block as argument.
As side-effect this also fixes a bunch of cases where we might end up
returning a negative value from main().
Some uses of DEFINE_CUSTOM_TEST_MAIN() inserted local variables into the
main() functions, these are replaced by static variables, and their
destructors by the static destructor logic.
This doesn't fix any bugs or so, it's just supposed to make the code
easier to work with and improve it easthetically.
Or in other words: let's use macros where it really makes sense, but
let's not go overboard with it.
(And yes, FOREACH_DIRENT() is another one of those macros that take
code, and I dislike that too and regret I ever added that.)
(cherry picked from commit 99839c7ebd4b83a5b0d5982d669cfe10d1252e1f)
Related: #2017035
---
src/shared/tests.h | 25 +++++++++++++-----
src/test/test-barrier.c | 46 +++++++++++++++++----------------
src/test/test-cgroup-setup.c | 15 ++++++-----
src/test/test-chown-rec.c | 15 ++++++-----
src/test/test-format-table.c | 14 +++++-----
src/test/test-fs-util.c | 7 ++++-
src/test/test-hashmap.c | 16 +++++++++---
src/test/test-install-root.c | 14 +++++++---
src/test/test-load-fragment.c | 21 ++++++++-------
src/test/test-mountpoint-util.c | 30 +++++++++++----------
src/test/test-namespace.c | 15 ++++++-----
src/test/test-proc-cmdline.c | 15 ++++++-----
src/test/test-process-util.c | 7 ++++-
src/test/test-sd-hwdb.c | 21 ++++++++-------
src/test/test-serialize.c | 16 ++++++------
src/test/test-sleep.c | 15 ++++++-----
src/test/test-stat-util.c | 7 ++++-
src/test/test-time-util.c | 6 +++--
src/test/test-unit-file.c | 7 ++++-
src/test/test-unit-name.c | 21 ++++++++-------
src/test/test-unit-serialize.c | 21 ++++++++-------
src/test/test-utf8.c | 7 ++++-
22 files changed, 215 insertions(+), 146 deletions(-)
diff --git a/src/shared/tests.h b/src/shared/tests.h
index 3b93aab498..59448f38f6 100644
--- a/src/shared/tests.h
+++ b/src/shared/tests.h
@@ -6,6 +6,7 @@
#include "sd-daemon.h"
#include "macro.h"
+#include "static-destruct.h"
#include "util.h"
static inline bool manager_errno_skip_test(int r) {
@@ -109,15 +110,27 @@ static inline int run_test_table(void) {
return r;
}
+static inline int test_nop(void) {
+ return EXIT_SUCCESS;
+}
+
#define DEFINE_CUSTOM_TEST_MAIN(log_level, intro, outro) \
int main(int argc, char *argv[]) { \
- int _r = EXIT_SUCCESS; \
+ int _r, _q; \
test_setup_logging(log_level); \
save_argc_argv(argc, argv); \
- intro; \
- _r = run_test_table(); \
- outro; \
- return _r; \
+ _r = intro(); \
+ if (_r == EXIT_SUCCESS) \
+ _r = run_test_table(); \
+ _q = outro(); \
+ static_destruct(); \
+ if (_r < 0) \
+ return EXIT_FAILURE; \
+ if (_r != EXIT_SUCCESS) \
+ return _r; \
+ if (_q < 0) \
+ return EXIT_FAILURE; \
+ return _q; \
}
-#define DEFINE_TEST_MAIN(log_level) DEFINE_CUSTOM_TEST_MAIN(log_level, , )
+#define DEFINE_TEST_MAIN(log_level) DEFINE_CUSTOM_TEST_MAIN(log_level, test_nop, test_nop)
diff --git a/src/test/test-barrier.c b/src/test/test-barrier.c
index 8998282afb..b87538806a 100644
--- a/src/test/test-barrier.c
+++ b/src/test/test-barrier.c
@@ -421,25 +421,27 @@ TEST_BARRIER(barrier_pending_exit,
}),
TEST_BARRIER_WAIT_SUCCESS(pid2));
-DEFINE_CUSTOM_TEST_MAIN(
- LOG_INFO,
- ({
- if (!slow_tests_enabled())
- return log_tests_skipped("slow tests are disabled");
-
- /*
- * This test uses real-time alarms and sleeps to test for CPU races
- * explicitly. This is highly fragile if your system is under load. We
- * already increased the BASE_TIME value to make the tests more robust,
- * but that just makes the test take significantly longer. Given the recent
- * issues when running the test in a virtualized environments, limit it
- * to bare metal machines only, to minimize false-positives in CIs.
- */
- int v = detect_virtualization();
- if (IN_SET(v, -EPERM, -EACCES))
- return log_tests_skipped("Cannot detect virtualization");
-
- if (v != VIRTUALIZATION_NONE)
- return log_tests_skipped("This test requires a baremetal machine");
- }),
- /* no outro */);
+
+static int intro(void) {
+ if (!slow_tests_enabled())
+ return log_tests_skipped("slow tests are disabled");
+
+ /*
+ * This test uses real-time alarms and sleeps to test for CPU races explicitly. This is highly
+ * fragile if your system is under load. We already increased the BASE_TIME value to make the tests
+ * more robust, but that just makes the test take significantly longer. Given the recent issues when
+ * running the test in a virtualized environments, limit it to bare metal machines only, to minimize
+ * false-positives in CIs.
+ */
+
+ int v = detect_virtualization();
+ if (IN_SET(v, -EPERM, -EACCES))
+ return log_tests_skipped("Cannot detect virtualization");
+
+ if (v != VIRTUALIZATION_NONE)
+ return log_tests_skipped("This test requires a baremetal machine");
+
+ return EXIT_SUCCESS;
+ }
+
+DEFINE_CUSTOM_TEST_MAIN(LOG_INFO, intro, test_nop);
diff --git a/src/test/test-cgroup-setup.c b/src/test/test-cgroup-setup.c
index 018992f96d..6f93647685 100644
--- a/src/test/test-cgroup-setup.c
+++ b/src/test/test-cgroup-setup.c
@@ -64,10 +64,11 @@ TEST(is_wanted) {
test_is_wanted_print_one(false);
}
-DEFINE_CUSTOM_TEST_MAIN(
- LOG_DEBUG,
- ({
- if (access("/proc/cmdline", R_OK) < 0 && ERRNO_IS_PRIVILEGE(errno))
- return log_tests_skipped("can't read /proc/cmdline");
- }),
- /* no outro */);
+static int intro(void) {
+ if (access("/proc/cmdline", R_OK) < 0 && ERRNO_IS_PRIVILEGE(errno))
+ return log_tests_skipped("can't read /proc/cmdline");
+
+ return EXIT_SUCCESS;
+}
+
+DEFINE_CUSTOM_TEST_MAIN(LOG_DEBUG, intro, test_nop);
diff --git a/src/test/test-chown-rec.c b/src/test/test-chown-rec.c
index 53d44566d5..691cfe767f 100644
--- a/src/test/test-chown-rec.c
+++ b/src/test/test-chown-rec.c
@@ -149,10 +149,11 @@ TEST(chown_recursive) {
assert_se(!has_xattr(p));
}
-DEFINE_CUSTOM_TEST_MAIN(
- LOG_DEBUG,
- ({
- if (geteuid() != 0)
- return log_tests_skipped("not running as root");
- }),
- /* no outro */);
+static int intro(void) {
+ if (geteuid() != 0)
+ return log_tests_skipped("not running as root");
+
+ return EXIT_SUCCESS;
+}
+
+DEFINE_CUSTOM_TEST_MAIN(LOG_DEBUG, intro, test_nop);
diff --git a/src/test/test-format-table.c b/src/test/test-format-table.c
index a3b29ca337..7515a74c12 100644
--- a/src/test/test-format-table.c
+++ b/src/test/test-format-table.c
@@ -529,10 +529,10 @@ TEST(table) {
"5min 5min \n"));
}
-DEFINE_CUSTOM_TEST_MAIN(
- LOG_INFO,
- ({
- assert_se(setenv("SYSTEMD_COLORS", "0", 1) >= 0);
- assert_se(setenv("COLUMNS", "40", 1) >= 0);
- }),
- /* no outro */);
+static int intro(void) {
+ assert_se(setenv("SYSTEMD_COLORS", "0", 1) >= 0);
+ assert_se(setenv("COLUMNS", "40", 1) >= 0);
+ return EXIT_SUCCESS;
+}
+
+DEFINE_CUSTOM_TEST_MAIN(LOG_INFO, intro, test_nop);
diff --git a/src/test/test-fs-util.c b/src/test/test-fs-util.c
index 0e0d91d04e..da5a16b4bc 100644
--- a/src/test/test-fs-util.c
+++ b/src/test/test-fs-util.c
@@ -968,4 +968,9 @@ TEST(open_mkdir_at) {
assert_se(subsubdir_fd >= 0);
}
-DEFINE_CUSTOM_TEST_MAIN(LOG_INFO, arg_test_dir = argv[1], /* no outro */);
+static int intro(void) {
+ arg_test_dir = saved_argv[1];
+ return EXIT_SUCCESS;
+}
+
+DEFINE_CUSTOM_TEST_MAIN(LOG_INFO, intro, test_nop);
diff --git a/src/test/test-hashmap.c b/src/test/test-hashmap.c
index cba0c33a8a..4dc155d818 100644
--- a/src/test/test-hashmap.c
+++ b/src/test/test-hashmap.c
@@ -158,7 +158,15 @@ TEST(hashmap_put_strdup_null) {
/* This variable allows us to assert that the tests from different compilation units were actually run. */
int n_extern_tests_run = 0;
-DEFINE_CUSTOM_TEST_MAIN(
- LOG_INFO,
- assert_se(n_extern_tests_run == 0),
- assert_se(n_extern_tests_run == 2)); /* Ensure hashmap and ordered_hashmap were tested. */
+static int intro(void) {
+ assert_se(n_extern_tests_run == 0);
+ return EXIT_SUCCESS;
+}
+
+static int outro(void) {
+ /* Ensure hashmap and ordered_hashmap were tested. */
+ assert_se(n_extern_tests_run == 2);
+ return EXIT_SUCCESS;
+}
+
+DEFINE_CUSTOM_TEST_MAIN(LOG_INFO, intro, outro);
diff --git a/src/test/test-install-root.c b/src/test/test-install-root.c
index ba715e6d7e..f540a832bd 100644
--- a/src/test/test-install-root.c
+++ b/src/test/test-install-root.c
@@ -11,8 +11,11 @@
#include "special.h"
#include "string-util.h"
#include "tests.h"
+#include "tmpfile-util.h"
-static char root[] = "/tmp/rootXXXXXX";
+static char *root = NULL;
+
+STATIC_DESTRUCTOR_REGISTER(root, rm_rf_physical_and_freep);
TEST(basic_mask_and_enable) {
const char *p;
@@ -1239,10 +1242,10 @@ TEST(verify_alias) {
verify_one(&di_inst_template, "goo.target.conf/plain.service", -EXDEV, NULL);
}
-static void setup_root(void) {
+static int intro(void) {
const char *p;
- assert_se(mkdtemp(root));
+ assert_se(mkdtemp_malloc("/tmp/rootXXXXXX", &root) >= 0);
p = strjoina(root, "/usr/lib/systemd/system/");
assert_se(mkdir_p(p, 0755) >= 0);
@@ -1264,6 +1267,9 @@ static void setup_root(void) {
p = strjoina(root, "/usr/lib/systemd/system/graphical.target");
assert_se(write_string_file(p, "# pretty much empty", WRITE_STRING_FILE_CREATE) >= 0);
+
+ return EXIT_SUCCESS;
}
-DEFINE_CUSTOM_TEST_MAIN(LOG_INFO, setup_root(), assert_se(rm_rf(root, REMOVE_ROOT|REMOVE_PHYSICAL) >= 0));
+
+DEFINE_CUSTOM_TEST_MAIN(LOG_INFO, intro, test_nop);
diff --git a/src/test/test-load-fragment.c b/src/test/test-load-fragment.c
index e878979a89..2e105df56a 100644
--- a/src/test/test-load-fragment.c
+++ b/src/test/test-load-fragment.c
@@ -30,6 +30,10 @@
/* Nontrivial value serves as a placeholder to check that parsing function (didn't) change it */
#define CGROUP_LIMIT_DUMMY 3
+static char *runtime_dir = NULL;
+
+STATIC_DESTRUCTOR_REGISTER(runtime_dir, rm_rf_physical_and_freep);
+
TEST_RET(unit_file_get_set) {
int r;
Hashmap *h;
@@ -894,15 +898,12 @@ TEST(unit_is_recursive_template_dependency) {
assert_se(unit_is_likely_recursive_template_dependency(u, "foobar@foobar@123.mount", "foobar@%n.mount") == 0);
}
-DEFINE_CUSTOM_TEST_MAIN(
- LOG_INFO,
+static int intro(void) {
+ if (enter_cgroup_subroot(NULL) == -ENOMEDIUM)
+ return log_tests_skipped("cgroupfs not available");
- _cleanup_(rm_rf_physical_and_freep) char *runtime_dir = NULL;
- ({
- if (enter_cgroup_subroot(NULL) == -ENOMEDIUM)
- return log_tests_skipped("cgroupfs not available");
-
- assert_se(runtime_dir = setup_fake_runtime_dir());
- }),
+ assert_se(runtime_dir = setup_fake_runtime_dir());
+ return EXIT_SUCCESS;
+}
- /* no outro */);
+DEFINE_CUSTOM_TEST_MAIN(LOG_INFO, intro, test_nop);
diff --git a/src/test/test-mountpoint-util.c b/src/test/test-mountpoint-util.c
index 9515d8cf7b..102d2850bf 100644
--- a/src/test/test-mountpoint-util.c
+++ b/src/test/test-mountpoint-util.c
@@ -298,17 +298,19 @@ TEST(fd_is_mount_point) {
assert_se(IN_SET(fd_is_mount_point(fd, "root/", 0), -ENOENT, 0));
}
-DEFINE_CUSTOM_TEST_MAIN(
- LOG_DEBUG,
- ({
- /* let's move into our own mount namespace with all propagation from the host turned off, so
- * that /proc/self/mountinfo is static and constant for the whole time our test runs. */
- if (unshare(CLONE_NEWNS) < 0) {
- if (!ERRNO_IS_PRIVILEGE(errno))
- return log_error_errno(errno, "Failed to detach mount namespace: %m");
-
- log_notice("Lacking privilege to create separate mount namespace, proceeding in originating mount namespace.");
- } else
- assert_se(mount(NULL, "/", NULL, MS_PRIVATE | MS_REC, NULL) >= 0);
- }),
- /* no outro */);
+static int intro(void) {
+ /* let's move into our own mount namespace with all propagation from the host turned off, so
+ * that /proc/self/mountinfo is static and constant for the whole time our test runs. */
+
+ if (unshare(CLONE_NEWNS) < 0) {
+ if (!ERRNO_IS_PRIVILEGE(errno))
+ return log_error_errno(errno, "Failed to detach mount namespace: %m");
+
+ log_notice("Lacking privilege to create separate mount namespace, proceeding in originating mount namespace.");
+ } else
+ assert_se(mount(NULL, "/", NULL, MS_PRIVATE | MS_REC, NULL) >= 0);
+
+ return EXIT_SUCCESS;
+}
+
+DEFINE_CUSTOM_TEST_MAIN(LOG_DEBUG, intro, test_nop);
diff --git a/src/test/test-namespace.c b/src/test/test-namespace.c
index 8df5533d6e..f9e34f3bfa 100644
--- a/src/test/test-namespace.c
+++ b/src/test/test-namespace.c
@@ -220,10 +220,11 @@ TEST(protect_kernel_logs) {
assert_se(wait_for_terminate_and_check("ns-kernellogs", pid, WAIT_LOG) == EXIT_SUCCESS);
}
-DEFINE_CUSTOM_TEST_MAIN(
- LOG_INFO,
- ({
- if (!have_namespaces())
- return log_tests_skipped("Don't have namespace support");
- }),
- /* no outro */);
+static int intro(void) {
+ if (!have_namespaces())
+ return log_tests_skipped("Don't have namespace support");
+
+ return EXIT_SUCCESS;
+}
+
+DEFINE_CUSTOM_TEST_MAIN(LOG_INFO, intro, test_nop);
diff --git a/src/test/test-proc-cmdline.c b/src/test/test-proc-cmdline.c
index 1c8c9b80b7..064b4d838f 100644
--- a/src/test/test-proc-cmdline.c
+++ b/src/test/test-proc-cmdline.c
@@ -247,10 +247,11 @@ TEST(proc_cmdline_key_startswith) {
assert_se(!proc_cmdline_key_startswith("foo-bar", "foo_xx"));
}
-DEFINE_CUSTOM_TEST_MAIN(
- LOG_INFO,
- ({
- if (access("/proc/cmdline", R_OK) < 0 && ERRNO_IS_PRIVILEGE(errno))
- return log_tests_skipped("can't read /proc/cmdline");
- }),
- /* no outro */);
+static int intro(void) {
+ if (access("/proc/cmdline", R_OK) < 0 && ERRNO_IS_PRIVILEGE(errno))
+ return log_tests_skipped("can't read /proc/cmdline");
+
+ return EXIT_SUCCESS;
+}
+
+DEFINE_CUSTOM_TEST_MAIN(LOG_INFO, intro, test_nop);
diff --git a/src/test/test-process-util.c b/src/test/test-process-util.c
index 06a640b1cc..8661934929 100644
--- a/src/test/test-process-util.c
+++ b/src/test/test-process-util.c
@@ -895,4 +895,9 @@ TEST(set_oom_score_adjust) {
assert_se(b == a);
}
-DEFINE_CUSTOM_TEST_MAIN(LOG_INFO, log_show_color(true), /* no outro */);
+static int intro(void) {
+ log_show_color(true);
+ return EXIT_SUCCESS;
+}
+
+DEFINE_CUSTOM_TEST_MAIN(LOG_INFO, intro, test_nop);
diff --git a/src/test/test-sd-hwdb.c b/src/test/test-sd-hwdb.c
index 7961c17c4a..88992a6c2b 100644
--- a/src/test/test-sd-hwdb.c
+++ b/src/test/test-sd-hwdb.c
@@ -52,12 +52,15 @@ TEST(basic_enumerate) {
assert_se(len1 == len2);
}
-DEFINE_CUSTOM_TEST_MAIN(
- LOG_DEBUG,
- ({
- _cleanup_(sd_hwdb_unrefp) sd_hwdb *hwdb = NULL;
- int r = sd_hwdb_new(&hwdb);
- if (r == -ENOENT || ERRNO_IS_PRIVILEGE(r))
- return log_tests_skipped_errno(r, "cannot open hwdb");
- }),
- /* no outro */);
+static int intro(void) {
+ _cleanup_(sd_hwdb_unrefp) sd_hwdb *hwdb = NULL;
+ int r;
+
+ r = sd_hwdb_new(&hwdb);
+ if (r == -ENOENT || ERRNO_IS_PRIVILEGE(r))
+ return log_tests_skipped_errno(r, "cannot open hwdb");
+
+ return EXIT_SUCCESS;
+}
+
+DEFINE_CUSTOM_TEST_MAIN(LOG_DEBUG, intro, test_nop);
diff --git a/src/test/test-serialize.c b/src/test/test-serialize.c
index fb04b3e7fa..9aeb6c5920 100644
--- a/src/test/test-serialize.c
+++ b/src/test/test-serialize.c
@@ -10,7 +10,7 @@
#include "tests.h"
#include "tmpfile-util.h"
-char long_string[LONG_LINE_MAX+1];
+static char long_string[LONG_LINE_MAX+1];
TEST(serialize_item) {
_cleanup_(unlink_tempfilep) char fn[] = "/tmp/test-serialize.XXXXXX";
@@ -189,10 +189,10 @@ TEST(serialize_environment) {
assert_se(strv_equal(env, env2));
}
-DEFINE_CUSTOM_TEST_MAIN(
- LOG_INFO,
- ({
- memset(long_string, 'x', sizeof(long_string)-1);
- char_array_0(long_string);
- }),
- /* no outro */);
+static int intro(void) {
+ memset(long_string, 'x', sizeof(long_string)-1);
+ char_array_0(long_string);
+ return EXIT_SUCCESS;
+}
+
+DEFINE_CUSTOM_TEST_MAIN(LOG_INFO, intro, test_nop);
diff --git a/src/test/test-sleep.c b/src/test/test-sleep.c
index 183ad4f7b7..f56e7e0167 100644
--- a/src/test/test-sleep.c
+++ b/src/test/test-sleep.c
@@ -118,10 +118,11 @@ TEST(sleep) {
log_info("Suspend-then-Hibernate configured and possible: %s", r >= 0 ? yes_no(r) : strerror_safe(r));
}
-DEFINE_CUSTOM_TEST_MAIN(
- LOG_DEBUG,
- ({
- if (getuid() != 0)
- log_warning("This program is unlikely to work for unprivileged users");
- }),
- /* no outro */);
+static int intro(void) {
+ if (getuid() != 0)
+ log_warning("This program is unlikely to work for unprivileged users");
+
+ return EXIT_SUCCESS;
+}
+
+DEFINE_CUSTOM_TEST_MAIN(LOG_DEBUG, intro, test_nop);
diff --git a/src/test/test-stat-util.c b/src/test/test-stat-util.c
index 0f7b3ca3ce..2965ee679f 100644
--- a/src/test/test-stat-util.c
+++ b/src/test/test-stat-util.c
@@ -236,4 +236,9 @@ TEST(dir_is_empty) {
assert_se(dir_is_empty_at(AT_FDCWD, empty_dir) > 0);
}
-DEFINE_CUSTOM_TEST_MAIN(LOG_INFO, log_show_color(true), /* no outro */);
+static int intro(void) {
+ log_show_color(true);
+ return EXIT_SUCCESS;
+}
+
+DEFINE_CUSTOM_TEST_MAIN(LOG_INFO, intro, test_nop);
diff --git a/src/test/test-time-util.c b/src/test/test-time-util.c
index 4d0131827e..f21d8b7794 100644
--- a/src/test/test-time-util.c
+++ b/src/test/test-time-util.c
@@ -588,7 +588,7 @@ TEST(map_clock_usec) {
}
}
-static void setup_test(void) {
+static int intro(void) {
log_info("realtime=" USEC_FMT "\n"
"monotonic=" USEC_FMT "\n"
"boottime=" USEC_FMT "\n",
@@ -603,6 +603,8 @@ static void setup_test(void) {
uintmax_t x = TIME_T_MAX;
x++;
assert_se((time_t) x < 0);
+
+ return EXIT_SUCCESS;
}
-DEFINE_CUSTOM_TEST_MAIN(LOG_INFO, setup_test(), /* no outro */);
+DEFINE_CUSTOM_TEST_MAIN(LOG_INFO, intro, test_nop);
diff --git a/src/test/test-unit-file.c b/src/test/test-unit-file.c
index 0f8c25c218..6c9f245c7e 100644
--- a/src/test/test-unit-file.c
+++ b/src/test/test-unit-file.c
@@ -102,4 +102,9 @@ TEST(runlevel_to_target) {
assert_se(streq_ptr(runlevel_to_target("rd.rescue"), SPECIAL_RESCUE_TARGET));
}
-DEFINE_CUSTOM_TEST_MAIN(LOG_DEBUG, log_show_color(true), /* no outro */);
+static int intro(void) {
+ log_show_color(true);
+ return EXIT_SUCCESS;
+}
+
+DEFINE_CUSTOM_TEST_MAIN(LOG_DEBUG, intro, test_nop);
diff --git a/src/test/test-unit-name.c b/src/test/test-unit-name.c
index 6bde9e090d..1f65407e5f 100644
--- a/src/test/test-unit-name.c
+++ b/src/test/test-unit-name.c
@@ -23,6 +23,10 @@
#include "user-util.h"
#include "util.h"
+static char *runtime_dir = NULL;
+
+STATIC_DESTRUCTOR_REGISTER(runtime_dir, rm_rf_physical_and_freep);
+
static void test_unit_name_is_valid_one(const char *name, UnitNameFlags flags, bool expected) {
log_info("%s ( %s%s%s ): %s",
name,
@@ -844,15 +848,12 @@ TEST(unit_name_prefix_equal) {
assert_se(!unit_name_prefix_equal("a", "a"));
}
-DEFINE_CUSTOM_TEST_MAIN(
- LOG_INFO,
+static int intro(void) {
+ if (enter_cgroup_subroot(NULL) == -ENOMEDIUM)
+ return log_tests_skipped("cgroupfs not available");
- _cleanup_(rm_rf_physical_and_freep) char *runtime_dir = NULL;
- ({
- if (enter_cgroup_subroot(NULL) == -ENOMEDIUM)
- return log_tests_skipped("cgroupfs not available");
-
- assert_se(runtime_dir = setup_fake_runtime_dir());
- }),
+ assert_se(runtime_dir = setup_fake_runtime_dir());
+ return EXIT_SUCCESS;
+}
- /* no outro */);
+DEFINE_CUSTOM_TEST_MAIN(LOG_INFO, intro, test_nop);
diff --git a/src/test/test-unit-serialize.c b/src/test/test-unit-serialize.c
index 899fdc000c..5d39176db2 100644
--- a/src/test/test-unit-serialize.c
+++ b/src/test/test-unit-serialize.c
@@ -4,6 +4,10 @@
#include "service.h"
#include "tests.h"
+static char *runtime_dir = NULL;
+
+STATIC_DESTRUCTOR_REGISTER(runtime_dir, rm_rf_physical_and_freep);
+
#define EXEC_START_ABSOLUTE \
"ExecStart 0 /bin/sh \"sh\" \"-e\" \"-x\" \"-c\" \"systemctl --state=failed --no-legend --no-pager >/failed ; systemctl daemon-reload ; echo OK >/testok\""
#define EXEC_START_RELATIVE \
@@ -48,15 +52,12 @@ TEST(deserialize_exec_command) {
test_deserialize_exec_command_one(m, "control-command", "ExecWhat 11 /a/b c d e", -EINVAL);
}
-DEFINE_CUSTOM_TEST_MAIN(
- LOG_DEBUG,
+static int intro(void) {
+ if (enter_cgroup_subroot(NULL) == -ENOMEDIUM)
+ return log_tests_skipped("cgroupfs not available");
- _cleanup_(rm_rf_physical_and_freep) char *runtime_dir = NULL;
- ({
- if (enter_cgroup_subroot(NULL) == -ENOMEDIUM)
- return log_tests_skipped("cgroupfs not available");
-
- assert_se(runtime_dir = setup_fake_runtime_dir());
- }),
+ assert_se(runtime_dir = setup_fake_runtime_dir());
+ return EXIT_SUCCESS;
+}
- /* no outro */);
+DEFINE_CUSTOM_TEST_MAIN(LOG_DEBUG, intro, test_nop);
diff --git a/src/test/test-utf8.c b/src/test/test-utf8.c
index a21fcd6fd2..1b31d1f852 100644
--- a/src/test/test-utf8.c
+++ b/src/test/test-utf8.c
@@ -231,4 +231,9 @@ TEST(utf8_to_utf16) {
}
}
-DEFINE_CUSTOM_TEST_MAIN(LOG_INFO, log_show_color(true), /* no outro */);
+static int intro(void) {
+ log_show_color(true);
+ return EXIT_SUCCESS;
+}
+
+DEFINE_CUSTOM_TEST_MAIN(LOG_INFO, intro, test_nop);

View File

@ -0,0 +1,300 @@
From 0be677fb6663ab6bfd02eae6ad32e7f031cfde0f Mon Sep 17 00:00:00 2001
From: Yu Watanabe <watanabe.yu+github@gmail.com>
Date: Wed, 2 Feb 2022 11:06:41 +0900
Subject: [PATCH] test: allow to set NULL to intro or outro
Addresses https://github.com/systemd/systemd/pull/22338#discussion_r796741033.
(cherry picked from commit e85fdacc8ad7d91f140a135aaa3fd5372d3fa47c)
Related: #2017035
---
src/shared/tests.h | 45 +++++++++++++++++----------------
src/test/test-barrier.c | 2 +-
src/test/test-cgroup-setup.c | 2 +-
src/test/test-chown-rec.c | 2 +-
src/test/test-format-table.c | 2 +-
src/test/test-fs-util.c | 2 +-
src/test/test-hashmap.c | 2 +-
src/test/test-install-root.c | 2 +-
src/test/test-load-fragment.c | 2 +-
src/test/test-mountpoint-util.c | 2 +-
src/test/test-namespace.c | 2 +-
src/test/test-proc-cmdline.c | 2 +-
src/test/test-process-util.c | 2 +-
src/test/test-sd-hwdb.c | 2 +-
src/test/test-serialize.c | 2 +-
src/test/test-sleep.c | 2 +-
src/test/test-stat-util.c | 2 +-
src/test/test-time-util.c | 2 +-
src/test/test-unit-file.c | 2 +-
src/test/test-unit-name.c | 2 +-
src/test/test-unit-serialize.c | 2 +-
src/test/test-utf8.c | 2 +-
22 files changed, 44 insertions(+), 43 deletions(-)
diff --git a/src/shared/tests.h b/src/shared/tests.h
index 59448f38f6..ef6acd368e 100644
--- a/src/shared/tests.h
+++ b/src/shared/tests.h
@@ -110,27 +110,28 @@ static inline int run_test_table(void) {
return r;
}
-static inline int test_nop(void) {
- return EXIT_SUCCESS;
-}
-
-#define DEFINE_CUSTOM_TEST_MAIN(log_level, intro, outro) \
- int main(int argc, char *argv[]) { \
- int _r, _q; \
- test_setup_logging(log_level); \
- save_argc_argv(argc, argv); \
- _r = intro(); \
- if (_r == EXIT_SUCCESS) \
- _r = run_test_table(); \
- _q = outro(); \
- static_destruct(); \
- if (_r < 0) \
- return EXIT_FAILURE; \
- if (_r != EXIT_SUCCESS) \
- return _r; \
- if (_q < 0) \
- return EXIT_FAILURE; \
- return _q; \
+#define DEFINE_TEST_MAIN_FULL(log_level, intro, outro) \
+ int main(int argc, char *argv[]) { \
+ int (*_intro)(void) = intro; \
+ int (*_outro)(void) = outro; \
+ int _r, _q; \
+ test_setup_logging(log_level); \
+ save_argc_argv(argc, argv); \
+ _r = _intro ? _intro() : EXIT_SUCCESS; \
+ if (_r == EXIT_SUCCESS) \
+ _r = run_test_table(); \
+ _q = _outro ? _outro() : EXIT_SUCCESS; \
+ static_destruct(); \
+ if (_r < 0) \
+ return EXIT_FAILURE; \
+ if (_r != EXIT_SUCCESS) \
+ return _r; \
+ if (_q < 0) \
+ return EXIT_FAILURE; \
+ return _q; \
}
-#define DEFINE_TEST_MAIN(log_level) DEFINE_CUSTOM_TEST_MAIN(log_level, test_nop, test_nop)
+#define DEFINE_TEST_MAIN_WITH_INTRO(log_level, intro) \
+ DEFINE_TEST_MAIN_FULL(log_level, intro, NULL)
+#define DEFINE_TEST_MAIN(log_level) \
+ DEFINE_TEST_MAIN_FULL(log_level, NULL, NULL)
diff --git a/src/test/test-barrier.c b/src/test/test-barrier.c
index b87538806a..bbd7e2bddb 100644
--- a/src/test/test-barrier.c
+++ b/src/test/test-barrier.c
@@ -444,4 +444,4 @@ static int intro(void) {
return EXIT_SUCCESS;
}
-DEFINE_CUSTOM_TEST_MAIN(LOG_INFO, intro, test_nop);
+DEFINE_TEST_MAIN_WITH_INTRO(LOG_INFO, intro);
diff --git a/src/test/test-cgroup-setup.c b/src/test/test-cgroup-setup.c
index 6f93647685..c377ff0a00 100644
--- a/src/test/test-cgroup-setup.c
+++ b/src/test/test-cgroup-setup.c
@@ -71,4 +71,4 @@ static int intro(void) {
return EXIT_SUCCESS;
}
-DEFINE_CUSTOM_TEST_MAIN(LOG_DEBUG, intro, test_nop);
+DEFINE_TEST_MAIN_WITH_INTRO(LOG_DEBUG, intro);
diff --git a/src/test/test-chown-rec.c b/src/test/test-chown-rec.c
index 691cfe767f..97711f58b0 100644
--- a/src/test/test-chown-rec.c
+++ b/src/test/test-chown-rec.c
@@ -156,4 +156,4 @@ static int intro(void) {
return EXIT_SUCCESS;
}
-DEFINE_CUSTOM_TEST_MAIN(LOG_DEBUG, intro, test_nop);
+DEFINE_TEST_MAIN_WITH_INTRO(LOG_DEBUG, intro);
diff --git a/src/test/test-format-table.c b/src/test/test-format-table.c
index 7515a74c12..1b4963d928 100644
--- a/src/test/test-format-table.c
+++ b/src/test/test-format-table.c
@@ -535,4 +535,4 @@ static int intro(void) {
return EXIT_SUCCESS;
}
-DEFINE_CUSTOM_TEST_MAIN(LOG_INFO, intro, test_nop);
+DEFINE_TEST_MAIN_WITH_INTRO(LOG_INFO, intro);
diff --git a/src/test/test-fs-util.c b/src/test/test-fs-util.c
index da5a16b4bc..602ce75f98 100644
--- a/src/test/test-fs-util.c
+++ b/src/test/test-fs-util.c
@@ -973,4 +973,4 @@ static int intro(void) {
return EXIT_SUCCESS;
}
-DEFINE_CUSTOM_TEST_MAIN(LOG_INFO, intro, test_nop);
+DEFINE_TEST_MAIN_WITH_INTRO(LOG_INFO, intro);
diff --git a/src/test/test-hashmap.c b/src/test/test-hashmap.c
index 4dc155d818..dbf762cc0b 100644
--- a/src/test/test-hashmap.c
+++ b/src/test/test-hashmap.c
@@ -169,4 +169,4 @@ static int outro(void) {
return EXIT_SUCCESS;
}
-DEFINE_CUSTOM_TEST_MAIN(LOG_INFO, intro, outro);
+DEFINE_TEST_MAIN_FULL(LOG_INFO, intro, outro);
diff --git a/src/test/test-install-root.c b/src/test/test-install-root.c
index f540a832bd..f718689c3a 100644
--- a/src/test/test-install-root.c
+++ b/src/test/test-install-root.c
@@ -1272,4 +1272,4 @@ static int intro(void) {
}
-DEFINE_CUSTOM_TEST_MAIN(LOG_INFO, intro, test_nop);
+DEFINE_TEST_MAIN_WITH_INTRO(LOG_INFO, intro);
diff --git a/src/test/test-load-fragment.c b/src/test/test-load-fragment.c
index 2e105df56a..1bd68c7e0a 100644
--- a/src/test/test-load-fragment.c
+++ b/src/test/test-load-fragment.c
@@ -906,4 +906,4 @@ static int intro(void) {
return EXIT_SUCCESS;
}
-DEFINE_CUSTOM_TEST_MAIN(LOG_INFO, intro, test_nop);
+DEFINE_TEST_MAIN_WITH_INTRO(LOG_INFO, intro);
diff --git a/src/test/test-mountpoint-util.c b/src/test/test-mountpoint-util.c
index 102d2850bf..4d140c42b6 100644
--- a/src/test/test-mountpoint-util.c
+++ b/src/test/test-mountpoint-util.c
@@ -313,4 +313,4 @@ static int intro(void) {
return EXIT_SUCCESS;
}
-DEFINE_CUSTOM_TEST_MAIN(LOG_DEBUG, intro, test_nop);
+DEFINE_TEST_MAIN_WITH_INTRO(LOG_DEBUG, intro);
diff --git a/src/test/test-namespace.c b/src/test/test-namespace.c
index f9e34f3bfa..7a634adca9 100644
--- a/src/test/test-namespace.c
+++ b/src/test/test-namespace.c
@@ -227,4 +227,4 @@ static int intro(void) {
return EXIT_SUCCESS;
}
-DEFINE_CUSTOM_TEST_MAIN(LOG_INFO, intro, test_nop);
+DEFINE_TEST_MAIN_WITH_INTRO(LOG_INFO, intro);
diff --git a/src/test/test-proc-cmdline.c b/src/test/test-proc-cmdline.c
index 064b4d838f..1f43bb3eb0 100644
--- a/src/test/test-proc-cmdline.c
+++ b/src/test/test-proc-cmdline.c
@@ -254,4 +254,4 @@ static int intro(void) {
return EXIT_SUCCESS;
}
-DEFINE_CUSTOM_TEST_MAIN(LOG_INFO, intro, test_nop);
+DEFINE_TEST_MAIN_WITH_INTRO(LOG_INFO, intro);
diff --git a/src/test/test-process-util.c b/src/test/test-process-util.c
index 8661934929..7a8adad50c 100644
--- a/src/test/test-process-util.c
+++ b/src/test/test-process-util.c
@@ -900,4 +900,4 @@ static int intro(void) {
return EXIT_SUCCESS;
}
-DEFINE_CUSTOM_TEST_MAIN(LOG_INFO, intro, test_nop);
+DEFINE_TEST_MAIN_WITH_INTRO(LOG_INFO, intro);
diff --git a/src/test/test-sd-hwdb.c b/src/test/test-sd-hwdb.c
index 88992a6c2b..4251e2a809 100644
--- a/src/test/test-sd-hwdb.c
+++ b/src/test/test-sd-hwdb.c
@@ -63,4 +63,4 @@ static int intro(void) {
return EXIT_SUCCESS;
}
-DEFINE_CUSTOM_TEST_MAIN(LOG_DEBUG, intro, test_nop);
+DEFINE_TEST_MAIN_WITH_INTRO(LOG_DEBUG, intro);
diff --git a/src/test/test-serialize.c b/src/test/test-serialize.c
index 9aeb6c5920..bcf2e843b0 100644
--- a/src/test/test-serialize.c
+++ b/src/test/test-serialize.c
@@ -195,4 +195,4 @@ static int intro(void) {
return EXIT_SUCCESS;
}
-DEFINE_CUSTOM_TEST_MAIN(LOG_INFO, intro, test_nop);
+DEFINE_TEST_MAIN_WITH_INTRO(LOG_INFO, intro);
diff --git a/src/test/test-sleep.c b/src/test/test-sleep.c
index f56e7e0167..5aebcdd935 100644
--- a/src/test/test-sleep.c
+++ b/src/test/test-sleep.c
@@ -125,4 +125,4 @@ static int intro(void) {
return EXIT_SUCCESS;
}
-DEFINE_CUSTOM_TEST_MAIN(LOG_DEBUG, intro, test_nop);
+DEFINE_TEST_MAIN_WITH_INTRO(LOG_DEBUG, intro);
diff --git a/src/test/test-stat-util.c b/src/test/test-stat-util.c
index 2965ee679f..7f633ab259 100644
--- a/src/test/test-stat-util.c
+++ b/src/test/test-stat-util.c
@@ -241,4 +241,4 @@ static int intro(void) {
return EXIT_SUCCESS;
}
-DEFINE_CUSTOM_TEST_MAIN(LOG_INFO, intro, test_nop);
+DEFINE_TEST_MAIN_WITH_INTRO(LOG_INFO, intro);
diff --git a/src/test/test-time-util.c b/src/test/test-time-util.c
index f21d8b7794..554693834b 100644
--- a/src/test/test-time-util.c
+++ b/src/test/test-time-util.c
@@ -607,4 +607,4 @@ static int intro(void) {
return EXIT_SUCCESS;
}
-DEFINE_CUSTOM_TEST_MAIN(LOG_INFO, intro, test_nop);
+DEFINE_TEST_MAIN_WITH_INTRO(LOG_INFO, intro);
diff --git a/src/test/test-unit-file.c b/src/test/test-unit-file.c
index 6c9f245c7e..cc08a4ae4b 100644
--- a/src/test/test-unit-file.c
+++ b/src/test/test-unit-file.c
@@ -107,4 +107,4 @@ static int intro(void) {
return EXIT_SUCCESS;
}
-DEFINE_CUSTOM_TEST_MAIN(LOG_DEBUG, intro, test_nop);
+DEFINE_TEST_MAIN_WITH_INTRO(LOG_DEBUG, intro);
diff --git a/src/test/test-unit-name.c b/src/test/test-unit-name.c
index 1f65407e5f..8cd0e0b4a1 100644
--- a/src/test/test-unit-name.c
+++ b/src/test/test-unit-name.c
@@ -856,4 +856,4 @@ static int intro(void) {
return EXIT_SUCCESS;
}
-DEFINE_CUSTOM_TEST_MAIN(LOG_INFO, intro, test_nop);
+DEFINE_TEST_MAIN_WITH_INTRO(LOG_INFO, intro);
diff --git a/src/test/test-unit-serialize.c b/src/test/test-unit-serialize.c
index 5d39176db2..3ef15f3b1e 100644
--- a/src/test/test-unit-serialize.c
+++ b/src/test/test-unit-serialize.c
@@ -60,4 +60,4 @@ static int intro(void) {
return EXIT_SUCCESS;
}
-DEFINE_CUSTOM_TEST_MAIN(LOG_DEBUG, intro, test_nop);
+DEFINE_TEST_MAIN_WITH_INTRO(LOG_DEBUG, intro);
diff --git a/src/test/test-utf8.c b/src/test/test-utf8.c
index 1b31d1f852..7337b81227 100644
--- a/src/test/test-utf8.c
+++ b/src/test/test-utf8.c
@@ -236,4 +236,4 @@ static int intro(void) {
return EXIT_SUCCESS;
}
-DEFINE_CUSTOM_TEST_MAIN(LOG_INFO, intro, test_nop);
+DEFINE_TEST_MAIN_WITH_INTRO(LOG_INFO, intro);

View File

@ -0,0 +1,53 @@
From f00cbfd1cf67f28a92863c74ef64a1aedfacabc6 Mon Sep 17 00:00:00 2001
From: Michal Sekletar <msekleta@redhat.com>
Date: Tue, 21 Sep 2021 15:01:19 +0200
Subject: [PATCH] udev/net-setup-link: change the default MACAddressPolicy to
"none"
While stable MAC address for interface types that don't have the
address provided by HW could be useful it also breaks LACP based bonds.
Let's err on the side of caution and don't change the MAC address from
udev.
RHEL-only
Resolves: #2009237
---
man/systemd.link.xml | 2 +-
network/99-default.link | 2 +-
test/fuzz/fuzz-link-parser/99-default.link | 2 +-
3 files changed, 3 insertions(+), 3 deletions(-)
diff --git a/man/systemd.link.xml b/man/systemd.link.xml
index 45cabbccf7..0033e4c28f 100644
--- a/man/systemd.link.xml
+++ b/man/systemd.link.xml
@@ -961,7 +961,7 @@
<programlisting>[Link]
NamePolicy=kernel database onboard slot path
-MACAddressPolicy=persistent</programlisting>
+MACAddressPolicy=none</programlisting>
</example>
<example>
diff --git a/network/99-default.link b/network/99-default.link
index bca660ac28..31aee37e75 100644
--- a/network/99-default.link
+++ b/network/99-default.link
@@ -13,4 +13,4 @@ OriginalName=*
[Link]
NamePolicy=keep kernel database onboard slot path
AlternativeNamesPolicy=database onboard slot path
-MACAddressPolicy=persistent
+MACAddressPolicy=none
diff --git a/test/fuzz/fuzz-link-parser/99-default.link b/test/fuzz/fuzz-link-parser/99-default.link
index feb5b1fbb0..3d755898b4 100644
--- a/test/fuzz/fuzz-link-parser/99-default.link
+++ b/test/fuzz/fuzz-link-parser/99-default.link
@@ -9,4 +9,4 @@
[Link]
NamePolicy=keep kernel database onboard slot path
-MACAddressPolicy=persistent
+MACAddressPolicy=none

View File

@ -0,0 +1,35 @@
From 17a3bad51a7efefd6dc63249c49ddaabda6cbd19 Mon Sep 17 00:00:00 2001
From: Lukas Nykryn <lnykryn@redhat.com>
Date: Thu, 28 Aug 2014 15:12:10 +0200
Subject: [PATCH] man: mention System Administrator's Guide in systemctl
manpage
RHEL-only
Resolves: #1982596
---
man/systemctl.xml | 11 +++++++++++
1 file changed, 11 insertions(+)
diff --git a/man/systemctl.xml b/man/systemctl.xml
index 1c14909523..3b3d709ab3 100644
--- a/man/systemctl.xml
+++ b/man/systemctl.xml
@@ -2455,6 +2455,17 @@ Jan 12 10:46:45 example.com bluetoothd[8900]: gatt-time-server: Input/output err
<xi:include href="common-variables.xml" xpointer="urlify"/>
</refsect1>
+ <refsect1>
+ <title>Examples</title>
+ <para>
+ For examples how to use systemctl in comparsion
+ with old service and chkconfig command please see:
+ <ulink url="https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/9/html/configuring_basic_system_settings/managing-system-services-with-systemctl_configuring-basic-system-settings">
+ Managing System Services
+ </ulink>
+ </para>
+ </refsect1>
+
<refsect1>
<title>See Also</title>
<para>

View File

@ -0,0 +1,56 @@
From 464a8fc4e0b218793105431cc71bf98b0dc97fb5 Mon Sep 17 00:00:00 2001
From: Jacek Migacz <jmigacz@redhat.com>
Date: Thu, 3 Feb 2022 23:46:09 +0100
Subject: [PATCH] Net naming scheme for RHEL-9.0
RHEL-only
Resolves: #2052106
---
man/systemd.net-naming-scheme.xml | 7 +++++++
src/shared/netif-naming-scheme.c | 1 +
src/shared/netif-naming-scheme.h | 1 +
3 files changed, 9 insertions(+)
diff --git a/man/systemd.net-naming-scheme.xml b/man/systemd.net-naming-scheme.xml
index 41408411fc..942ef572ff 100644
--- a/man/systemd.net-naming-scheme.xml
+++ b/man/systemd.net-naming-scheme.xml
@@ -403,6 +403,13 @@
</listitem>
</varlistentry>
+ <varlistentry>
+ <term><constant>rhel-9.0</constant></term>
+
+ <listitem><para>Same as naming scheme <constant>v250</constant>.</para>
+ </listitem>
+ </varlistentry>
+
</variablelist>
<para>Note that <constant>latest</constant> may be used to denote the latest scheme known (to this
diff --git a/src/shared/netif-naming-scheme.c b/src/shared/netif-naming-scheme.c
index 245466c4cb..44d011a9b7 100644
--- a/src/shared/netif-naming-scheme.c
+++ b/src/shared/netif-naming-scheme.c
@@ -23,6 +23,7 @@ static const NamingScheme naming_schemes[] = {
{ "v247", NAMING_V247 },
{ "v249", NAMING_V249 },
{ "v250", NAMING_V250 },
+ { "rhel-9.0", NAMING_RHEL_9_0 },
/* … add more schemes here, as the logic to name devices is updated … */
EXTRA_NET_NAMING_MAP
diff --git a/src/shared/netif-naming-scheme.h b/src/shared/netif-naming-scheme.h
index 16b304ce10..f765db6ef2 100644
--- a/src/shared/netif-naming-scheme.h
+++ b/src/shared/netif-naming-scheme.h
@@ -47,6 +47,7 @@ typedef enum NamingSchemeFlags {
NAMING_V247 = NAMING_V245 | NAMING_BRIDGE_NO_SLOT,
NAMING_V249 = NAMING_V247 | NAMING_SLOT_FUNCTION_ID | NAMING_16BIT_INDEX | NAMING_REPLACE_STRICTLY,
NAMING_V250 = NAMING_V249 | NAMING_XEN_VIF,
+ NAMING_RHEL_9_0 = NAMING_V250,
EXTRA_NET_NAMING_SCHEMES

View File

@ -0,0 +1,40 @@
From 16c4a3c3a826d03f60db83c8d6d809d59e6f38ad Mon Sep 17 00:00:00 2001
From: Michal Sekletar <msekleta@redhat.com>
Date: Tue, 22 Feb 2022 13:24:11 +0100
Subject: [PATCH] core: decrease log level of messages about use of
KillMode=none
RHEL-only
Resolves: #2013213
---
src/core/load-fragment.c | 2 +-
src/core/unit.c | 2 +-
2 files changed, 2 insertions(+), 2 deletions(-)
diff --git a/src/core/load-fragment.c b/src/core/load-fragment.c
index 92a52819e2..ad5a0912fc 100644
--- a/src/core/load-fragment.c
+++ b/src/core/load-fragment.c
@@ -816,7 +816,7 @@ int config_parse_kill_mode(
}
if (m == KILL_NONE)
- log_syntax(unit, LOG_WARNING, filename, line, 0,
+ log_syntax(unit, LOG_DEBUG, filename, line, 0,
"Unit configured to use KillMode=none. "
"This is unsafe, as it disables systemd's process lifecycle management for the service. "
"Please update your service to use a safer KillMode=, such as 'mixed' or 'control-group'. "
diff --git a/src/core/unit.c b/src/core/unit.c
index d2adb447b6..9cbed08987 100644
--- a/src/core/unit.c
+++ b/src/core/unit.c
@@ -5458,7 +5458,7 @@ int unit_log_leftover_process_start(pid_t pid, int sig, void *userdata) {
/* During start we print a warning */
- log_unit_warning(userdata,
+ log_unit_debug(userdata,
"Found left-over process " PID_FMT " (%s) in control group while starting unit. Ignoring.\n"
"This usually indicates unclean termination of a previous run, or service implementation deficiencies.",
pid, strna(comm));

View File

@ -0,0 +1,34 @@
From be021c2328550a9d5b987cb206eda5df90b45acd Mon Sep 17 00:00:00 2001
From: Evgeny Vereshchagin <evvers@ya.ru>
Date: Sun, 26 Dec 2021 01:11:00 +0000
Subject: [PATCH] ci: replace apt-key with signed-by
to limit the scope of the key to apt.llvm.org only.
This is mostly inspired by https://blog.cloudflare.com/dont-use-apt-key/
(cherry picked from commit bfa6bd1be098adc4710e1819b9cd34d65b3855da)
Related: #2013213
---
.github/workflows/build_test.sh | 7 ++++---
1 file changed, 4 insertions(+), 3 deletions(-)
diff --git a/.github/workflows/build_test.sh b/.github/workflows/build_test.sh
index 5b18784461..549e59b2c9 100755
--- a/.github/workflows/build_test.sh
+++ b/.github/workflows/build_test.sh
@@ -80,9 +80,10 @@ if [[ "$COMPILER" == clang ]]; then
# llvm package if available in such cases to avoid that.
if ! apt show --quiet "llvm-$COMPILER_VERSION" &>/dev/null; then
# Latest LLVM stack deb packages provided by https://apt.llvm.org/
- # Following snippet was borrowed from https://apt.llvm.org/llvm.sh
- wget -O - https://apt.llvm.org/llvm-snapshot.gpg.key | apt-key add -
- add-apt-repository -y "deb http://apt.llvm.org/$RELEASE/ llvm-toolchain-$RELEASE-$COMPILER_VERSION main"
+ # Following snippet was partly borrowed from https://apt.llvm.org/llvm.sh
+ wget -O - https://apt.llvm.org/llvm-snapshot.gpg.key | gpg --yes --dearmor --output /usr/share/keyrings/apt-llvm-org.gpg
+ printf "deb [signed-by=/usr/share/keyrings/apt-llvm-org.gpg] http://apt.llvm.org/%s/ llvm-toolchain-%s-%s main\n" \
+ "$RELEASE" "$RELEASE" "$COMPILER_VERSION" >/etc/apt/sources.list.d/llvm-toolchain.list
PACKAGES+=("clang-$COMPILER_VERSION" "lldb-$COMPILER_VERSION" "lld-$COMPILER_VERSION" "clangd-$COMPILER_VERSION")
fi
elif [[ "$COMPILER" == gcc ]]; then

View File

@ -0,0 +1,54 @@
From b9b1f92cdc74beb8487c87aa2b5c2806e100d1aa Mon Sep 17 00:00:00 2001
From: Frantisek Sumsal <frantisek@sumsal.cz>
Date: Tue, 22 Feb 2022 14:43:40 +0100
Subject: [PATCH] ci: fix clang-13 installation
For some reason Ubuntu Focal repositories now have `llvm-13` virtual
package which can't be installed, but successfully fools our check,
resulting in no clang/llvm being installed...
```
$ apt show llvm-13
Package: llvm-13
State: not a real package (virtual)
N: Can't select candidate version from package llvm-13 as it has no candidate
N: Can't select versions from package 'llvm-13' as it is purely virtual
N: No packages found
$ apt install --dry-run llvm-13
Reading package lists... Done
Building dependency tree
Reading state information... Done
Package llvm-13 is not available, but is referred to by another package.
This may mean that the package is missing, has been obsoleted, or
is only available from another source
E: Package 'llvm-13' has no installation candidate
```
(cherry picked from commit b491d74064f9d5e17a71b38b014434237169a077)
Related: #2013213
---
.github/workflows/build_test.sh | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/.github/workflows/build_test.sh b/.github/workflows/build_test.sh
index 549e59b2c9..5a173a18d5 100755
--- a/.github/workflows/build_test.sh
+++ b/.github/workflows/build_test.sh
@@ -78,12 +78,12 @@ if [[ "$COMPILER" == clang ]]; then
# ATTOW llvm-11 got into focal-updates, which conflicts with llvm-11
# provided by the apt.llvm.org repositories. Let's use the system
# llvm package if available in such cases to avoid that.
- if ! apt show --quiet "llvm-$COMPILER_VERSION" &>/dev/null; then
+ if ! apt install --dry-run "llvm-$COMPILER_VERSION" >/dev/null; then
# Latest LLVM stack deb packages provided by https://apt.llvm.org/
# Following snippet was partly borrowed from https://apt.llvm.org/llvm.sh
wget -O - https://apt.llvm.org/llvm-snapshot.gpg.key | gpg --yes --dearmor --output /usr/share/keyrings/apt-llvm-org.gpg
printf "deb [signed-by=/usr/share/keyrings/apt-llvm-org.gpg] http://apt.llvm.org/%s/ llvm-toolchain-%s-%s main\n" \
- "$RELEASE" "$RELEASE" "$COMPILER_VERSION" >/etc/apt/sources.list.d/llvm-toolchain.list
+ "$RELEASE" "$RELEASE" "$COMPILER_VERSION" >/etc/apt/sources.list.d/llvm-toolchain.list
PACKAGES+=("clang-$COMPILER_VERSION" "lldb-$COMPILER_VERSION" "lld-$COMPILER_VERSION" "clangd-$COMPILER_VERSION")
fi
elif [[ "$COMPILER" == gcc ]]; then

View File

@ -0,0 +1,29 @@
From c8e786f039efec9e509b839ab8b82237d9344398 Mon Sep 17 00:00:00 2001
From: Michal Sekletar <msekleta@redhat.com>
Date: Thu, 17 Mar 2022 12:35:35 +0100
Subject: [PATCH] Revert "kernel-install: also remove
modules.builtin.alias.bin"
This reverts commit fdcb1bf67371615f12c4b11283f2bd6a25bda019.
Related: #2065061
[msekleta: this revert is done in order to make backporting easier,
patch will be reapplied later.]
---
src/kernel-install/50-depmod.install | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/kernel-install/50-depmod.install b/src/kernel-install/50-depmod.install
index fd00c43632..2fd959865f 100644
--- a/src/kernel-install/50-depmod.install
+++ b/src/kernel-install/50-depmod.install
@@ -36,7 +36,7 @@ case "$COMMAND" in
remove)
[ "$KERNEL_INSTALL_VERBOSE" -gt 0 ] && \
echo "Removing /lib/modules/${KERNEL_VERSION}/modules.dep and associated files"
- exec rm -f /lib/modules/"${KERNEL_VERSION}"/modules.{alias{,.bin},builtin{,.alias}.bin,dep{,.bin},devname,softdep,symbols{,.bin}}
+ exec rm -f /lib/modules/"${KERNEL_VERSION}"/modules.{alias{,.bin},builtin.bin,dep{,.bin},devname,softdep,symbols{,.bin}}
;;
*)
exit 0

View File

@ -0,0 +1,29 @@
From 5c9bf430dfa9ad75fedf342a4a2be88fa31cd309 Mon Sep 17 00:00:00 2001
From: Michal Sekletar <msekleta@redhat.com>
Date: Thu, 17 Mar 2022 12:37:57 +0100
Subject: [PATCH] Revert "kernel-install: prefer /boot over /boot/efi for
$BOOT_ROOT"
This reverts commit d0e98b7a1211412dccfcf4dcd2cc0772ac70b304.
Related: #2065061
[msekleta: this revert is done in order to make backporting easier,
patch will be reapplied later.]
---
src/kernel-install/kernel-install | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/kernel-install/kernel-install b/src/kernel-install/kernel-install
index d85852532b..b358b03b2f 100755
--- a/src/kernel-install/kernel-install
+++ b/src/kernel-install/kernel-install
@@ -108,7 +108,7 @@ fi
[ -z "$MACHINE_ID" ] && MACHINE_ID="Default"
[ -z "$BOOT_ROOT" ] && for suff in "$MACHINE_ID" "loader/entries"; do
- for pref in "/efi" "/boot" "/boot/efi" ; do
+ for pref in "/efi" "/boot/efi" "/boot"; do
if [ -d "$pref/$suff" ]; then
BOOT_ROOT="$pref"
break 2

View File

@ -0,0 +1,60 @@
From 323059e195652d602142dd9930983b438cd1c4d1 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=D0=BD=D0=B0=D0=B1?= <nabijaczleweli@nabijaczleweli.xyz>
Date: Thu, 16 Dec 2021 14:35:17 +0100
Subject: [PATCH] kernel-install: 50-depmod: port to /bin/sh
(cherry picked from commit b3ceb3d9fff69b33b8665a0137f5177f72c45cc0)
Related: #2065061
---
src/kernel-install/50-depmod.install | 28 +++++++++++++++-------------
1 file changed, 15 insertions(+), 13 deletions(-)
diff --git a/src/kernel-install/50-depmod.install b/src/kernel-install/50-depmod.install
index 2fd959865f..aa1f6b8e0e 100644
--- a/src/kernel-install/50-depmod.install
+++ b/src/kernel-install/50-depmod.install
@@ -1,4 +1,4 @@
-#!/usr/bin/env bash
+#!/bin/sh
# -*- mode: shell-script; indent-tabs-mode: nil; sh-basic-offset: 4; -*-
# ex: ts=8 sw=4 sts=4 et filetype=sh
# SPDX-License-Identifier: LGPL-2.1-or-later
@@ -20,23 +20,25 @@
COMMAND="$1"
KERNEL_VERSION="$2"
-ENTRY_DIR_ABS="$3"
-KERNEL_IMAGE="$4"
-INITRD_OPTIONS_START="5"
-
-[[ $KERNEL_VERSION ]] || exit 1
case "$COMMAND" in
add)
- [[ -d "/lib/modules/${KERNEL_VERSION}/kernel" ]] || exit 0
- [ "$KERNEL_INSTALL_VERBOSE" -gt 0 ] && \
- echo "Running depmod -a ${KERNEL_VERSION}"
- exec depmod -a "${KERNEL_VERSION}"
+ [ -d "/lib/modules/$KERNEL_VERSION/kernel" ] || exit 0
+ [ "$KERNEL_INSTALL_VERBOSE" -gt 0 ] && echo "+depmod -a $KERNEL_VERSION"
+ exec depmod -a "$KERNEL_VERSION"
;;
remove)
- [ "$KERNEL_INSTALL_VERBOSE" -gt 0 ] && \
- echo "Removing /lib/modules/${KERNEL_VERSION}/modules.dep and associated files"
- exec rm -f /lib/modules/"${KERNEL_VERSION}"/modules.{alias{,.bin},builtin.bin,dep{,.bin},devname,softdep,symbols{,.bin}}
+ [ "$KERNEL_INSTALL_VERBOSE" -gt 0 ] && echo "Removing /lib/modules/$KERNEL_VERSION/modules.dep and associated files"
+ exec rm -f \
+ "/lib/modules/$KERNEL_VERSION/modules.alias" \
+ "/lib/modules/$KERNEL_VERSION/modules.alias.bin" \
+ "/lib/modules/$KERNEL_VERSION/modules.builtin.bin" \
+ "/lib/modules/$KERNEL_VERSION/modules.dep" \
+ "/lib/modules/$KERNEL_VERSION/modules.dep.bin" \
+ "/lib/modules/$KERNEL_VERSION/modules.devname" \
+ "/lib/modules/$KERNEL_VERSION/modules.softdep" \
+ "/lib/modules/$KERNEL_VERSION/modules.symbols" \
+ "/lib/modules/$KERNEL_VERSION/modules.symbols.bin"
;;
*)
exit 0

View File

@ -0,0 +1,181 @@
From 96310f2157e896a82de6df260926ac1ec66f65ea Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=D0=BD=D0=B0=D0=B1?= <nabijaczleweli@nabijaczleweli.xyz>
Date: Thu, 16 Dec 2021 14:35:33 +0100
Subject: [PATCH] kernel-install: 90-loaderentry: port to /bin/sh
Also, forward the rm -f exit code on removal instead of swallowing it
(cherry picked from commit 662f45e3ea9f6e933234b81bec532d584bda6ead)
Related: #2065061
---
src/kernel-install/90-loaderentry.install | 110 +++++++++-------------
1 file changed, 45 insertions(+), 65 deletions(-)
diff --git a/src/kernel-install/90-loaderentry.install b/src/kernel-install/90-loaderentry.install
index 044eced3f0..35324e69a9 100644
--- a/src/kernel-install/90-loaderentry.install
+++ b/src/kernel-install/90-loaderentry.install
@@ -1,4 +1,4 @@
-#!/usr/bin/env bash
+#!/bin/sh
# -*- mode: shell-script; indent-tabs-mode: nil; sh-basic-offset: 4; -*-
# ex: ts=8 sw=4 sts=4 et filetype=sh
# SPDX-License-Identifier: LGPL-2.1-or-later
@@ -22,68 +22,53 @@ COMMAND="$1"
KERNEL_VERSION="$2"
ENTRY_DIR_ABS="$3"
KERNEL_IMAGE="$4"
-INITRD_OPTIONS_START="5"
+INITRD_OPTIONS_SHIFT=4
-if ! [[ $KERNEL_INSTALL_MACHINE_ID ]]; then
- exit 0
-fi
-
-if [ "$KERNEL_INSTALL_LAYOUT" != "bls" ]; then
- exit 0
-fi
+[ "$KERNEL_INSTALL_LAYOUT" = "bls" ] || exit 0
MACHINE_ID="$KERNEL_INSTALL_MACHINE_ID"
BOOT_ROOT="$KERNEL_INSTALL_BOOT_ROOT"
BOOT_MNT="$(stat -c %m "$BOOT_ROOT")"
-if [[ "$BOOT_MNT" == '/' ]]; then
+if [ "$BOOT_MNT" = '/' ]; then
ENTRY_DIR="$ENTRY_DIR_ABS"
else
ENTRY_DIR="${ENTRY_DIR_ABS#$BOOT_MNT}"
fi
-if [[ $COMMAND == remove ]]; then
- rm -f "$BOOT_ROOT/loader/entries/$MACHINE_ID-$KERNEL_VERSION.conf"
- rm -f "$BOOT_ROOT/loader/entries/$MACHINE_ID-$KERNEL_VERSION+"*".conf"
- exit 0
-fi
-
-if ! [[ $COMMAND == add ]]; then
- exit 1
-fi
-
-if ! [[ $KERNEL_IMAGE ]]; then
- exit 1
-fi
+case "$COMMAND" in
+ remove)
+ exec rm -f \
+ "$BOOT_ROOT/loader/entries/$MACHINE_ID-$KERNEL_VERSION.conf" \
+ "$BOOT_ROOT/loader/entries/$MACHINE_ID-$KERNEL_VERSION+"*".conf"
+ ;;
+ add)
+ ;;
+ *)
+ exit 1
+ ;;
+esac
-if [[ -f /etc/os-release ]]; then
+if [ -r /etc/os-release ]; then
. /etc/os-release
-elif [[ -f /usr/lib/os-release ]]; then
+elif [ -r /usr/lib/os-release ]; then
. /usr/lib/os-release
fi
-if ! [[ $PRETTY_NAME ]]; then
- PRETTY_NAME="Linux $KERNEL_VERSION"
-fi
+[ -n "$PRETTY_NAME" ] || PRETTY_NAME="Linux $KERNEL_VERSION"
-if [[ -f /etc/kernel/cmdline ]]; then
- read -r -d '' -a BOOT_OPTIONS < /etc/kernel/cmdline
-elif [[ -f /usr/lib/kernel/cmdline ]]; then
- read -r -d '' -a BOOT_OPTIONS < /usr/lib/kernel/cmdline
+if [ -r /etc/kernel/cmdline ]; then
+ BOOT_OPTIONS="$(tr -s "$IFS" ' ' </etc/kernel/cmdline)"
+elif [ -r /usr/lib/kernel/cmdline ]; then
+ BOOT_OPTIONS="$(tr -s "$IFS" ' ' </usr/lib/kernel/cmdline)"
else
- declare -a BOOT_OPTIONS
-
- read -r -d '' -a line < /proc/cmdline
- for i in "${line[@]}"; do
- [[ "${i#initrd=*}" != "$i" ]] && continue
- [[ "${i#BOOT_IMAGE=*}" != "$i" ]] && continue
- BOOT_OPTIONS+=("$i")
- done
+ BOOT_OPTIONS="$(tr -s "$IFS" '\n' </proc/cmdline | grep -ve '^BOOT_IMAGE=' -e '^initrd=' | tr '\n' ' ')"
fi
+BOOT_OPTIONS="${BOOT_OPTIONS% }"
-if [[ -f /etc/kernel/tries ]]; then
+if [ -r /etc/kernel/tries ]; then
read -r TRIES </etc/kernel/tries
- if ! [[ "$TRIES" =~ ^[0-9]+$ ]] ; then
+ if ! echo "$TRIES" | grep -q '^[0-9][0-9]*$'; then
echo "/etc/kernel/tries does not contain an integer." >&2
exit 1
fi
@@ -106,43 +91,38 @@ install -g root -o root -m 0644 "$KERNEL_IMAGE" "$ENTRY_DIR_ABS/linux" || {
exit 1
}
-INITRD_OPTIONS=( "${@:${INITRD_OPTIONS_START}}" )
-
-for initrd in "${INITRD_OPTIONS[@]}"; do
- if [[ -f "${initrd}" ]]; then
- initrd_basename="$(basename ${initrd})"
- [ "$KERNEL_INSTALL_VERBOSE" -gt 0 ] && \
- echo "Installing $ENTRY_DIR_ABS/${initrd_basename}"
- install -g root -o root -m 0644 "${initrd}" "$ENTRY_DIR_ABS/${initrd_basename}" || {
- echo "Could not copy '${initrd}' to '$ENTRY_DIR_ABS/${initrd_basename}'." >&2
- exit 1
- }
- fi
-done
+shift "$INITRD_OPTIONS_SHIFT"
+for initrd; do
+ [ -f "$initrd" ] || continue
-# If no initrd option is supplied, fall back to "initrd" which is
-# the name used by dracut when generating it in its kernel-install hook
-[[ ${#INITRD_OPTIONS[@]} == 0 ]] && INITRD_OPTIONS=( initrd )
+ initrd_basename="${initrd##*/}"
+ [ "$KERNEL_INSTALL_VERBOSE" -gt 0 ] && echo "Installing $ENTRY_DIR_ABS/$initrd_basename"
+ install -g root -o root -m 0644 "$initrd" "$ENTRY_DIR_ABS/$initrd_basename" || {
+ echo "Could not copy '$initrd' to '$ENTRY_DIR_ABS/$initrd_basename'." >&2
+ exit 1
+ }
+done
mkdir -p "${LOADER_ENTRY%/*}" || {
echo "Could not create loader entry directory '${LOADER_ENTRY%/*}'." >&2
exit 1
}
-[ "$KERNEL_INSTALL_VERBOSE" -gt 0 ] && \
- echo "Creating $LOADER_ENTRY"
+# Try "initrd", generated by dracut in its kernel-install hook, if no initrds were supplied
+[ $# -eq 0 ] && set -- "initrd"
+
+[ "$KERNEL_INSTALL_VERBOSE" -gt 0 ] && echo "Creating $LOADER_ENTRY"
{
echo "title $PRETTY_NAME"
echo "version $KERNEL_VERSION"
echo "machine-id $MACHINE_ID"
- echo "options ${BOOT_OPTIONS[*]}"
+ echo "options $BOOT_OPTIONS"
echo "linux $ENTRY_DIR/linux"
- for initrd in "${INITRD_OPTIONS[@]}"; do
- [[ -f $ENTRY_DIR_ABS/$(basename ${initrd}) ]] && \
- echo "initrd $ENTRY_DIR/$(basename ${initrd})"
+ for initrd; do
+ [ -f "$ENTRY_DIR_ABS/${initrd##*/}" ] && echo "initrd $ENTRY_DIR/${initrd##*/}"
done
:
-} > "$LOADER_ENTRY" || {
+} >"$LOADER_ENTRY" || {
echo "Could not create loader entry '$LOADER_ENTRY'." >&2
exit 1
}

View File

@ -0,0 +1,82 @@
From d778dd4a03f7bd45108fdebcc75dff5e886c30b2 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=D0=BD=D0=B0=D0=B1?= <nabijaczleweli@nabijaczleweli.xyz>
Date: Thu, 16 Dec 2021 14:37:53 +0100
Subject: [PATCH] kernel-install: fix shellcheck
(cherry picked from commit 0bb1cb1fce5ebf307501dec1679e37f0c0157be9)
Related: #2065061
---
src/kernel-install/kernel-install | 22 +++++++++++-----------
1 file changed, 11 insertions(+), 11 deletions(-)
diff --git a/src/kernel-install/kernel-install b/src/kernel-install/kernel-install
index b358b03b2f..f6da0cf7a8 100755
--- a/src/kernel-install/kernel-install
+++ b/src/kernel-install/kernel-install
@@ -26,8 +26,8 @@ usage()
echo " $0 [OPTIONS...] add KERNEL-VERSION KERNEL-IMAGE [INITRD-FILE ...]"
echo " $0 [OPTIONS...] remove KERNEL-VERSION"
echo "Options:"
- echo " -h,--help Print this help"
- echo " -v,--verbose Increase verbosity"
+ echo " -h, --help Print this help"
+ echo " -v, --verbose Increase verbosity"
}
dropindirs_sort()
@@ -58,15 +58,15 @@ dropindirs_sort()
export LC_COLLATE=C
-for i in "$@"; do
- if [ "$i" == "--help" -o "$i" == "-h" ]; then
+for i; do
+ if [ "$i" = "--help" ] || [ "$i" = "-h" ]; then
usage
exit 0
fi
done
KERNEL_INSTALL_VERBOSE=0
-if [ "$1" == "--verbose" -o "$1" == "-v" ]; then
+if [ "$1" = "--verbose" ] || [ "$1" = "-v" ]; then
shift
KERNEL_INSTALL_VERBOSE=1
fi
@@ -185,13 +185,13 @@ case $COMMAND in
for f in "${PLUGINS[@]}"; do
if [[ -x $f ]]; then
[ "$KERNEL_INSTALL_VERBOSE" -gt 0 ] && \
- echo "+$f add $KERNEL_VERSION $ENTRY_DIR_ABS $KERNEL_IMAGE ${INITRD_OPTIONS[@]}"
+ echo "+$f add $KERNEL_VERSION $ENTRY_DIR_ABS $KERNEL_IMAGE ${INITRD_OPTIONS[*]}"
"$f" add "$KERNEL_VERSION" "$ENTRY_DIR_ABS" "$KERNEL_IMAGE" "${INITRD_OPTIONS[@]}"
x=$?
- if [[ $x == $SKIP_REMAINING ]]; then
+ if [ $x -eq "$SKIP_REMAINING" ]; then
break
fi
- ((ret+=$x))
+ ((ret+=x))
fi
done
;;
@@ -203,10 +203,10 @@ case $COMMAND in
echo "+$f remove $KERNEL_VERSION $ENTRY_DIR_ABS"
"$f" remove "$KERNEL_VERSION" "$ENTRY_DIR_ABS"
x=$?
- if [[ $x == $SKIP_REMAINING ]]; then
+ if [ $x -eq "$SKIP_REMAINING" ]; then
break
fi
- ((ret+=$x))
+ ((ret+=x))
fi
done
@@ -222,4 +222,4 @@ case $COMMAND in
;;
esac
-exit $ret
+exit "$ret"

View File

@ -0,0 +1,205 @@
From b60234140cbceaa579b889d03b863953ca53b3e1 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=D0=BD=D0=B0=D0=B1?= <nabijaczleweli@nabijaczleweli.xyz>
Date: Thu, 16 Dec 2021 15:06:06 +0100
Subject: [PATCH] kernel-install: port to /bin/sh
(cherry picked from commit 76b1274a5cb54acaa4a0f0c2e570d751f9067c06)
Related: #2065061
---
src/kernel-install/kernel-install | 109 ++++++++++++------------------
1 file changed, 43 insertions(+), 66 deletions(-)
diff --git a/src/kernel-install/kernel-install b/src/kernel-install/kernel-install
index f6da0cf7a8..2e8f382d5f 100755
--- a/src/kernel-install/kernel-install
+++ b/src/kernel-install/kernel-install
@@ -1,4 +1,4 @@
-#!/usr/bin/env bash
+#!/bin/sh
# -*- mode: shell-script; indent-tabs-mode: nil; sh-basic-offset: 4; -*-
# ex: ts=8 sw=4 sts=4 et filetype=sh
# SPDX-License-Identifier: LGPL-2.1-or-later
@@ -18,7 +18,7 @@
# You should have received a copy of the GNU Lesser General Public License
# along with systemd; If not, see <http://www.gnu.org/licenses/>.
-SKIP_REMAINING=77
+skip_remaining=77
usage()
{
@@ -32,24 +32,17 @@ usage()
dropindirs_sort()
{
- local suffix=$1; shift
- local -a files
- local f d i
-
- readarray -t files <<<"$(
- for d in "$@"; do
- for i in "$d/"*"$suffix"; do
- if [[ -e "$i" ]]; then
- echo "${i##*/}"
- fi
- done
- done | sort -Vu
- )"
-
- for f in "${files[@]}"; do
- for d in "$@"; do
- if [[ -e "$d/$f" ]]; then
- echo "$d/$f"
+ suffix="$1"
+ shift
+
+ for d; do
+ for i in "$d/"*"$suffix"; do
+ [ -e "$i" ] && echo "${i##*/}"
+ done
+ done | sort -Vu | while read -r f; do
+ for d; do
+ if [ -e "$d/$f" ]; then
+ [ -x "$d/$f" ] && echo "$d/$f"
continue 2
fi
done
@@ -65,27 +58,25 @@ for i; do
fi
done
-KERNEL_INSTALL_VERBOSE=0
+export KERNEL_INSTALL_VERBOSE=0
if [ "$1" = "--verbose" ] || [ "$1" = "-v" ]; then
shift
KERNEL_INSTALL_VERBOSE=1
fi
-export KERNEL_INSTALL_VERBOSE
-if [[ "${0##*/}" == 'installkernel' ]]; then
- COMMAND='add'
- # make install doesn't pass any parameter wrt initrd handling
- INITRD_OPTIONS=()
+if [ "${0##*/}" = "installkernel" ]; then
+ COMMAND=add
+ # make install doesn't pass any initrds
else
COMMAND="$1"
- shift
- INITRD_OPTIONS=( "${@:3}" )
+ [ $# -ge 1 ] && shift
fi
KERNEL_VERSION="$1"
KERNEL_IMAGE="$2"
+[ $# -ge 2 ] && shift 2
-if [[ ! $COMMAND ]] || [[ ! $KERNEL_VERSION ]]; then
+if [ -z "$COMMAND" ] || [ -z "$KERNEL_VERSION" ]; then
echo "Not enough arguments" >&2
exit 1
fi
@@ -99,12 +90,11 @@ fi
# Prefer to use an existing machine ID from /etc/machine-info or /etc/machine-id. If we're using the machine
# ID /etc/machine-id, try to persist it in /etc/machine-info. If no machine ID is found, try to generate
# a new machine ID in /etc/machine-info. If that fails, use "Default".
-
-[ -z "$MACHINE_ID" ] && [ -f /etc/machine-info ] && source /etc/machine-info && MACHINE_ID="$KERNEL_INSTALL_MACHINE_ID"
-[ -z "$MACHINE_ID" ] && [ -f /etc/machine-id ] && read -r MACHINE_ID </etc/machine-id
-[ -n "$MACHINE_ID" ] && [ -z "$KERNEL_INSTALL_MACHINE_ID" ] && echo "KERNEL_INSTALL_MACHINE_ID=$MACHINE_ID" >>/etc/machine-info
+[ -z "$MACHINE_ID" ] && [ -r /etc/machine-info ] && . /etc/machine-info && MACHINE_ID="$KERNEL_INSTALL_MACHINE_ID"
+[ -z "$MACHINE_ID" ] && [ -r /etc/machine-id ] && read -r MACHINE_ID </etc/machine-id
+[ -n "$MACHINE_ID" ] && [ -z "$KERNEL_INSTALL_MACHINE_ID" ] && echo "KERNEL_INSTALL_MACHINE_ID=$MACHINE_ID" >>/etc/machine-info
[ -z "$MACHINE_ID" ] && NEW_MACHINE_ID="$(systemd-id128 new)" && echo "KERNEL_INSTALL_MACHINE_ID=$NEW_MACHINE_ID" >>/etc/machine-info
-[ -z "$MACHINE_ID" ] && [ -f /etc/machine-info ] && source /etc/machine-info && MACHINE_ID="$KERNEL_INSTALL_MACHINE_ID"
+[ -z "$MACHINE_ID" ] && [ -r /etc/machine-info ] && . /etc/machine-info && MACHINE_ID="$KERNEL_INSTALL_MACHINE_ID"
[ -z "$MACHINE_ID" ] && MACHINE_ID="Default"
[ -z "$BOOT_ROOT" ] && for suff in "$MACHINE_ID" "loader/entries"; do
@@ -125,11 +115,6 @@ done
[ -z "$BOOT_ROOT" ] && BOOT_ROOT="/boot"
-ENTRY_DIR_ABS="$BOOT_ROOT/$MACHINE_ID/$KERNEL_VERSION"
-
-export KERNEL_INSTALL_MACHINE_ID="$MACHINE_ID"
-export KERNEL_INSTALL_BOOT_ROOT="$BOOT_ROOT"
-
if [ -z "$layout" ]; then
# Administrative decision: if not present, some scripts generate into /boot.
if [ -d "$BOOT_ROOT/$MACHINE_ID" ]; then
@@ -152,21 +137,23 @@ MAKE_ENTRY_DIR_ABS=$?
ret=0
-readarray -t PLUGINS <<<"$(
+PLUGINS="$(
dropindirs_sort ".install" \
"/etc/kernel/install.d" \
"/usr/lib/kernel/install.d"
)"
+IFS="
+"
-case $COMMAND in
+case "$COMMAND" in
add)
- if [[ ! "$KERNEL_IMAGE" ]]; then
+ if [ -z "$KERNEL_IMAGE" ]; then
echo "Command 'add' requires an argument" >&2
exit 1
fi
- if [[ ! -f "$KERNEL_IMAGE" ]]; then
- echo "Kernel image argument ${KERNEL_IMAGE} not a file" >&2
+ if ! [ -f "$KERNEL_IMAGE" ]; then
+ echo "Kernel image argument $KERNEL_IMAGE not a file" >&2
exit 1
fi
@@ -182,32 +169,22 @@ case $COMMAND in
fi
fi
- for f in "${PLUGINS[@]}"; do
- if [[ -x $f ]]; then
- [ "$KERNEL_INSTALL_VERBOSE" -gt 0 ] && \
- echo "+$f add $KERNEL_VERSION $ENTRY_DIR_ABS $KERNEL_IMAGE ${INITRD_OPTIONS[*]}"
- "$f" add "$KERNEL_VERSION" "$ENTRY_DIR_ABS" "$KERNEL_IMAGE" "${INITRD_OPTIONS[@]}"
- x=$?
- if [ $x -eq "$SKIP_REMAINING" ]; then
- break
- fi
- ((ret+=x))
- fi
+ for f in $PLUGINS; do
+ [ "$KERNEL_INSTALL_VERBOSE" -gt 0 ] && echo "+$f add $KERNEL_VERSION $ENTRY_DIR_ABS $KERNEL_IMAGE $*"
+ "$f" add "$KERNEL_VERSION" "$ENTRY_DIR_ABS" "$KERNEL_IMAGE" "$@"
+ err=$?
+ [ $err -eq $skip_remaining ] && break
+ ret=$(( ret + err ))
done
;;
remove)
- for f in "${PLUGINS[@]}"; do
- if [[ -x $f ]]; then
- [ "$KERNEL_INSTALL_VERBOSE" -gt 0 ] && \
- echo "+$f remove $KERNEL_VERSION $ENTRY_DIR_ABS"
- "$f" remove "$KERNEL_VERSION" "$ENTRY_DIR_ABS"
- x=$?
- if [ $x -eq "$SKIP_REMAINING" ]; then
- break
- fi
- ((ret+=x))
- fi
+ for f in $PLUGINS; do
+ [ "$KERNEL_INSTALL_VERBOSE" -gt 0 ] && echo "+$f remove $KERNEL_VERSION $ENTRY_DIR_ABS"
+ "$f" remove "$KERNEL_VERSION" "$ENTRY_DIR_ABS"
+ err=$?
+ [ $err -eq $skip_remaining ] && break
+ ret=$(( ret + err ))
done
if [ "$MAKE_ENTRY_DIR_ABS" -eq 0 ]; then

View File

@ -0,0 +1,51 @@
From 6b47726b54a3bf71e0f7ba35bbfe915c7a64a7d1 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=D0=BD=D0=B0=D0=B1?= <nabijaczleweli@nabijaczleweli.xyz>
Date: Fri, 17 Dec 2021 19:51:12 +0100
Subject: [PATCH] kernel-install: 90-loaderentry: error out on nonexistent
initrds instead of swallowing them quietly
(cherry picked from commit 742561efbe938c45936f2e4f5d81b3ff6b352882)
Related: #2065061
---
src/kernel-install/90-loaderentry.install | 12 +++++++-----
1 file changed, 7 insertions(+), 5 deletions(-)
diff --git a/src/kernel-install/90-loaderentry.install b/src/kernel-install/90-loaderentry.install
index 35324e69a9..e588e72bf9 100644
--- a/src/kernel-install/90-loaderentry.install
+++ b/src/kernel-install/90-loaderentry.install
@@ -93,7 +93,10 @@ install -g root -o root -m 0644 "$KERNEL_IMAGE" "$ENTRY_DIR_ABS/linux" || {
shift "$INITRD_OPTIONS_SHIFT"
for initrd; do
- [ -f "$initrd" ] || continue
+ [ -f "$initrd" ] || {
+ echo "Initrd '$initrd' not a file." >&2
+ exit 1
+ }
initrd_basename="${initrd##*/}"
[ "$KERNEL_INSTALL_VERBOSE" -gt 0 ] && echo "Installing $ENTRY_DIR_ABS/$initrd_basename"
@@ -108,9 +111,6 @@ mkdir -p "${LOADER_ENTRY%/*}" || {
exit 1
}
-# Try "initrd", generated by dracut in its kernel-install hook, if no initrds were supplied
-[ $# -eq 0 ] && set -- "initrd"
-
[ "$KERNEL_INSTALL_VERBOSE" -gt 0 ] && echo "Creating $LOADER_ENTRY"
{
echo "title $PRETTY_NAME"
@@ -119,8 +119,10 @@ mkdir -p "${LOADER_ENTRY%/*}" || {
echo "options $BOOT_OPTIONS"
echo "linux $ENTRY_DIR/linux"
for initrd; do
- [ -f "$ENTRY_DIR_ABS/${initrd##*/}" ] && echo "initrd $ENTRY_DIR/${initrd##*/}"
+ echo "initrd $ENTRY_DIR/${initrd##*/}"
done
+ # Try "initrd", generated by dracut in its kernel-install hook, if no initrds were supplied
+ [ $# -eq 0 ] && [ -f "$ENTRY_DIR_ABS/initrd" ] && echo "initrd $ENTRY_DIR/initrd"
:
} >"$LOADER_ENTRY" || {
echo "Could not create loader entry '$LOADER_ENTRY'." >&2

View File

@ -0,0 +1,68 @@
From 92a81ce8d96ea924310262663d86d4ed9c727490 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=D0=BD=D0=B0=D0=B1?= <nabijaczleweli@nabijaczleweli.xyz>
Date: Mon, 20 Dec 2021 14:57:39 +0100
Subject: [PATCH] kernel-install: don't pull out KERNEL_IMAGE
It's part of the pack directly passed to scripts on add and ignored on
remove
(cherry picked from commit af319a4b14bd05cd4c8460487f2c6d7a31b35640)
Related: #2065061
---
src/kernel-install/kernel-install | 21 ++++++++++-----------
1 file changed, 10 insertions(+), 11 deletions(-)
diff --git a/src/kernel-install/kernel-install b/src/kernel-install/kernel-install
index 2e8f382d5f..097d6557f2 100755
--- a/src/kernel-install/kernel-install
+++ b/src/kernel-install/kernel-install
@@ -72,15 +72,14 @@ else
[ $# -ge 1 ] && shift
fi
-KERNEL_VERSION="$1"
-KERNEL_IMAGE="$2"
-[ $# -ge 2 ] && shift 2
-
-if [ -z "$COMMAND" ] || [ -z "$KERNEL_VERSION" ]; then
+if [ $# -lt 1 ]; then
echo "Not enough arguments" >&2
exit 1
fi
+KERNEL_VERSION="$1"
+shift
+
if [ -r "/etc/kernel/install.conf" ]; then
. /etc/kernel/install.conf
elif [ -r "/usr/lib/kernel/install.conf" ]; then
@@ -147,13 +146,13 @@ IFS="
case "$COMMAND" in
add)
- if [ -z "$KERNEL_IMAGE" ]; then
- echo "Command 'add' requires an argument" >&2
+ if [ $# -lt 1 ]; then
+ echo "Command 'add' requires a kernel image" >&2
exit 1
fi
- if ! [ -f "$KERNEL_IMAGE" ]; then
- echo "Kernel image argument $KERNEL_IMAGE not a file" >&2
+ if ! [ -f "$1" ]; then
+ echo "Kernel image argument $1 not a file" >&2
exit 1
fi
@@ -170,8 +169,8 @@ case "$COMMAND" in
fi
for f in $PLUGINS; do
- [ "$KERNEL_INSTALL_VERBOSE" -gt 0 ] && echo "+$f add $KERNEL_VERSION $ENTRY_DIR_ABS $KERNEL_IMAGE $*"
- "$f" add "$KERNEL_VERSION" "$ENTRY_DIR_ABS" "$KERNEL_IMAGE" "$@"
+ [ "$KERNEL_INSTALL_VERBOSE" -gt 0 ] && echo "+$f add $KERNEL_VERSION $ENTRY_DIR_ABS $*"
+ "$f" add "$KERNEL_VERSION" "$ENTRY_DIR_ABS" "$@"
err=$?
[ $err -eq $skip_remaining ] && break
ret=$(( ret + err ))

View File

@ -0,0 +1,32 @@
From 9e3e7a50f92ee2f315a22f412f33f60d1f100e5a Mon Sep 17 00:00:00 2001
From: Adam Williamson <awilliam@redhat.com>
Date: Wed, 5 Jan 2022 14:07:14 -0800
Subject: [PATCH] kernel-install: prefer /boot over /boot/efi for $BOOT_ROOT
This restores the preference order from before 9e82a74. The code
previous to that change 'preferred' /boot over /boot/efi; that
commit changed it to check /boot/efi before checking /boot.
Changing this precedence could (and did, for me) have unexpected
effects - it seems safer to leave it how it was.
Signed-off-by: Adam Williamson <awilliam@redhat.com>
(cherry picked from commit a5307e173bf86d695fe85b8e15e91126e8618a14)
Related: #2065061
---
src/kernel-install/kernel-install | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/kernel-install/kernel-install b/src/kernel-install/kernel-install
index 097d6557f2..e56483ef96 100755
--- a/src/kernel-install/kernel-install
+++ b/src/kernel-install/kernel-install
@@ -97,7 +97,7 @@ fi
[ -z "$MACHINE_ID" ] && MACHINE_ID="Default"
[ -z "$BOOT_ROOT" ] && for suff in "$MACHINE_ID" "loader/entries"; do
- for pref in "/efi" "/boot/efi" "/boot"; do
+ for pref in "/efi" "/boot" "/boot/efi" ; do
if [ -d "$pref/$suff" ]; then
BOOT_ROOT="$pref"
break 2

View File

@ -0,0 +1,26 @@
From e84e60f9fac9d6bae3dd91698c556faf4dec2ca9 Mon Sep 17 00:00:00 2001
From: Yu Watanabe <watanabe.yu+github@gmail.com>
Date: Sat, 15 Jan 2022 03:37:40 +0900
Subject: [PATCH] kernel-install: also remove modules.builtin.alias.bin
Fixes RHBZ#2016630.
(cherry picked from commit 06006691b5c56b6123044179d934b3ed81c237ca)
Related: #2065061
---
src/kernel-install/50-depmod.install | 1 +
1 file changed, 1 insertion(+)
diff --git a/src/kernel-install/50-depmod.install b/src/kernel-install/50-depmod.install
index aa1f6b8e0e..be414f39d1 100644
--- a/src/kernel-install/50-depmod.install
+++ b/src/kernel-install/50-depmod.install
@@ -33,6 +33,7 @@ case "$COMMAND" in
"/lib/modules/$KERNEL_VERSION/modules.alias" \
"/lib/modules/$KERNEL_VERSION/modules.alias.bin" \
"/lib/modules/$KERNEL_VERSION/modules.builtin.bin" \
+ "/lib/modules/$KERNEL_VERSION/modules.builtin.alias.bin" \
"/lib/modules/$KERNEL_VERSION/modules.dep" \
"/lib/modules/$KERNEL_VERSION/modules.dep.bin" \
"/lib/modules/$KERNEL_VERSION/modules.devname" \

View File

@ -0,0 +1,77 @@
From 57ff5d23530c509773d183dfbfe06e2cad2acb42 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= <zbyszek@in.waw.pl>
Date: Tue, 18 Jan 2022 17:40:13 +0100
Subject: [PATCH] kernel-install: add new variable
$KERNEL_INSTALL_INITRD_GENERATOR
The idea is that when not set, we do whatever we did in the past. But
with a new setting of initrd_generator=mkosi-initrd, mkosi-initrd will
generate an initrd.
(cherry picked from commit 5c1b257faf87cb4f93aee8866f45a8cb98230af9)
Related: #2065061
---
man/kernel-install.xml | 6 +++++-
src/kernel-install/install.conf | 1 +
src/kernel-install/kernel-install | 5 ++++-
3 files changed, 10 insertions(+), 2 deletions(-)
diff --git a/man/kernel-install.xml b/man/kernel-install.xml
index 83255bb932..bb76074d2e 100644
--- a/man/kernel-install.xml
+++ b/man/kernel-install.xml
@@ -171,11 +171,15 @@
<para><varname>KERNEL_INSTALL_BOOT_ROOT=</varname> is set for the plugins to the root directory (mount point, usually) of the hierarchy
where boot-loader entries, kernel images, and associated resources should be placed. Can be overridden by setting <varname>BOOT_ROOT=</varname>.</para>
- <para><varname>KERNEL_INSTALL_LAYOUT=bls|other|...</varname> specifies the installation layout.
+ <para><varname>KERNEL_INSTALL_LAYOUT=bls|other|...</varname> is set for the plugins to specify the installation layout.
Defaults to <option>bls</option> if <filename>$BOOT/<replaceable>MACHINE-ID</replaceable></filename> exists, or <option>other</option> otherwise.
Additional layout names may be defined by convention. If a plugin uses a special layout,
it's encouraged to declare its own layout name and configure <varname>layout=</varname> in <filename>install.conf</filename> upon initial installation.</para>
+ <para><varname>KERNEL_INSTALL_INITRD_GENERATOR=...</varname> is set for plugins to select the initrd generator.
+ This should be configured as <varname>initrd_generator=</varname> in <filename>install.conf</filename>.
+ </para>
+
<variablelist>
<varlistentry>
<term>bls</term>
diff --git a/src/kernel-install/install.conf b/src/kernel-install/install.conf
index e4802e6fae..43b6e7d792 100644
--- a/src/kernel-install/install.conf
+++ b/src/kernel-install/install.conf
@@ -8,3 +8,4 @@
# See kernel-install(8) for details.
#layout=bls|other|...
+#initrd_generator=dracut|...
diff --git a/src/kernel-install/kernel-install b/src/kernel-install/kernel-install
index e56483ef96..fe457c1070 100755
--- a/src/kernel-install/kernel-install
+++ b/src/kernel-install/kernel-install
@@ -80,6 +80,9 @@ fi
KERNEL_VERSION="$1"
shift
+layout=
+initrd_generator=
+
if [ -r "/etc/kernel/install.conf" ]; then
. /etc/kernel/install.conf
elif [ -r "/usr/lib/kernel/install.conf" ]; then
@@ -123,12 +126,12 @@ if [ -z "$layout" ]; then
fi
fi
-
ENTRY_DIR_ABS="$BOOT_ROOT/$MACHINE_ID/$KERNEL_VERSION"
export KERNEL_INSTALL_MACHINE_ID="$MACHINE_ID"
export KERNEL_INSTALL_BOOT_ROOT="$BOOT_ROOT"
export KERNEL_INSTALL_LAYOUT="$layout"
+export KERNEL_INSTALL_INITRD_GENERATOR="$initrd_generator"
[ "$layout" = "bls" ]
MAKE_ENTRY_DIR_ABS=$?

View File

@ -0,0 +1,32 @@
From a9dadfb00f799b15af9e1f994b22d0b8165f78a5 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= <zbyszek@in.waw.pl>
Date: Wed, 19 Jan 2022 12:10:37 +0100
Subject: [PATCH] kernel-install: k-i already creates $ENTRY_DIR_ABS, no need
to do it again
(cherry picked from commit a520d5dddb991cd713392d4de0e342e312547a2e)
Related: #2065061
---
src/kernel-install/90-loaderentry.install | 8 ++------
1 file changed, 2 insertions(+), 6 deletions(-)
diff --git a/src/kernel-install/90-loaderentry.install b/src/kernel-install/90-loaderentry.install
index e588e72bf9..7b768457c1 100644
--- a/src/kernel-install/90-loaderentry.install
+++ b/src/kernel-install/90-loaderentry.install
@@ -78,12 +78,8 @@ else
fi
if ! [ -d "$ENTRY_DIR_ABS" ]; then
- if [ "$KERNEL_INSTALL_VERBOSE" -gt 0 ]; then
- echo "+mkdir -v -p $ENTRY_DIR_ABS"
- mkdir -v -p "$ENTRY_DIR_ABS"
- else
- mkdir -p "$ENTRY_DIR_ABS"
- fi
+ echo "Error: entry directory '$ENTRY_DIR_ABS' does not exist" >&2
+ exit 1
fi
install -g root -o root -m 0644 "$KERNEL_IMAGE" "$ENTRY_DIR_ABS/linux" || {

View File

@ -0,0 +1,118 @@
From 007b832500a0a7438999a5dade3e3c49ba07099c Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= <zbyszek@in.waw.pl>
Date: Wed, 19 Jan 2022 12:15:16 +0100
Subject: [PATCH] kernel-install: prefix errors with "Error:", exit immediately
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
kernel-install would continue after errors… We don't want this, as it
makes the results totally unpredicatable. If we didn't install the kernel
or didn't do some important part of the setup, let's just return an error
and let the user deal with it.
When looking at output, the error was often hard to distinguish, esp.
with -v. Add "Error:" everywhere to make the output easier to parse.
(cherry picked from commit 680cec6b4ddb356d7dd087b197718712cb5c1662)
Related: #2065061
---
src/kernel-install/90-loaderentry.install | 10 +++++-----
src/kernel-install/kernel-install | 12 ++++++------
2 files changed, 11 insertions(+), 11 deletions(-)
diff --git a/src/kernel-install/90-loaderentry.install b/src/kernel-install/90-loaderentry.install
index 7b768457c1..6a396910cb 100644
--- a/src/kernel-install/90-loaderentry.install
+++ b/src/kernel-install/90-loaderentry.install
@@ -83,27 +83,27 @@ if ! [ -d "$ENTRY_DIR_ABS" ]; then
fi
install -g root -o root -m 0644 "$KERNEL_IMAGE" "$ENTRY_DIR_ABS/linux" || {
- echo "Could not copy '$KERNEL_IMAGE' to '$ENTRY_DIR_ABS/linux'." >&2
+ echo "Error: could not copy '$KERNEL_IMAGE' to '$ENTRY_DIR_ABS/linux'." >&2
exit 1
}
shift "$INITRD_OPTIONS_SHIFT"
for initrd; do
[ -f "$initrd" ] || {
- echo "Initrd '$initrd' not a file." >&2
+ echo "Error: initrd '$initrd' not a file." >&2
exit 1
}
initrd_basename="${initrd##*/}"
[ "$KERNEL_INSTALL_VERBOSE" -gt 0 ] && echo "Installing $ENTRY_DIR_ABS/$initrd_basename"
install -g root -o root -m 0644 "$initrd" "$ENTRY_DIR_ABS/$initrd_basename" || {
- echo "Could not copy '$initrd' to '$ENTRY_DIR_ABS/$initrd_basename'." >&2
+ echo "Error: could not copy '$initrd' to '$ENTRY_DIR_ABS/$initrd_basename'." >&2
exit 1
}
done
mkdir -p "${LOADER_ENTRY%/*}" || {
- echo "Could not create loader entry directory '${LOADER_ENTRY%/*}'." >&2
+ echo "Error: could not create loader entry directory '${LOADER_ENTRY%/*}'." >&2
exit 1
}
@@ -121,7 +121,7 @@ mkdir -p "${LOADER_ENTRY%/*}" || {
[ $# -eq 0 ] && [ -f "$ENTRY_DIR_ABS/initrd" ] && echo "initrd $ENTRY_DIR/initrd"
:
} >"$LOADER_ENTRY" || {
- echo "Could not create loader entry '$LOADER_ENTRY'." >&2
+ echo "Error: could not create loader entry '$LOADER_ENTRY'." >&2
exit 1
}
exit 0
diff --git a/src/kernel-install/kernel-install b/src/kernel-install/kernel-install
index fe457c1070..a73a205d79 100755
--- a/src/kernel-install/kernel-install
+++ b/src/kernel-install/kernel-install
@@ -73,7 +73,7 @@ else
fi
if [ $# -lt 1 ]; then
- echo "Not enough arguments" >&2
+ echo "Error: not enough arguments" >&2
exit 1
fi
@@ -150,12 +150,12 @@ IFS="
case "$COMMAND" in
add)
if [ $# -lt 1 ]; then
- echo "Command 'add' requires a kernel image" >&2
+ echo "Error: command 'add' requires a kernel image" >&2
exit 1
fi
if ! [ -f "$1" ]; then
- echo "Kernel image argument $1 not a file" >&2
+ echo "Error: kernel image argument $1 not a file" >&2
exit 1
fi
@@ -165,9 +165,9 @@ case "$COMMAND" in
# to serve as the indication to use or to not use the BLS
if [ "$KERNEL_INSTALL_VERBOSE" -gt 0 ]; then
echo "+mkdir -v -p $ENTRY_DIR_ABS"
- mkdir -v -p "$ENTRY_DIR_ABS"
+ mkdir -v -p "$ENTRY_DIR_ABS" || exit 1
else
- mkdir -p "$ENTRY_DIR_ABS"
+ mkdir -p "$ENTRY_DIR_ABS" || exit 1
fi
fi
@@ -196,7 +196,7 @@ case "$COMMAND" in
;;
*)
- echo "Unknown command '$COMMAND'" >&2
+ echo "Error: unknown command '$COMMAND'" >&2
exit 1
;;
esac

View File

@ -0,0 +1,108 @@
From f91f3437fcf193f2c13657a20f93e91a2f9663cd Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= <zbyszek@in.waw.pl>
Date: Wed, 19 Jan 2022 12:20:22 +0100
Subject: [PATCH] kernel-install: add "$KERNEL_INSTALL_STAGING_AREA" directory
The general approach of kernel-install was that each plugin would drop in some
files into the entry directory. But this doesn't scale well, because if we have
multiple initrd generators, or multiple initrds, each generator would need to
recreate the logic to put the generated files in the right place.
Also, effective cleanup is impossible if anything goes wrong on the way, so we
could end up with unused files in $BOOT.
So let's invert the process: plugins drop files into $KERNEL_INSTALL_STAGING_AREA,
and at the end 90-loaderentry.install DTRT with those files.
This allow new plugins like 50-mkosi-initrd.install to be significantly simpler.
(cherry picked from commit 367165a4069ac0c04882a05a8a80f6afb1e42760)
Related: #2065061
---
man/kernel-install.xml | 4 ++++
src/kernel-install/90-loaderentry.install | 13 ++++++++++---
src/kernel-install/kernel-install | 10 ++++++++++
3 files changed, 24 insertions(+), 3 deletions(-)
diff --git a/man/kernel-install.xml b/man/kernel-install.xml
index bb76074d2e..685617863e 100644
--- a/man/kernel-install.xml
+++ b/man/kernel-install.xml
@@ -180,6 +180,10 @@
This should be configured as <varname>initrd_generator=</varname> in <filename>install.conf</filename>.
</para>
+ <para><varname>KERNEL_INSTALL_STAGING_AREA=...</varname> is set for plugins to a path to a directory.
+ Plugins may drop files in that directory, and they will be installed as part of the loader entry, based
+ on the file name and extension.</para>
+
<variablelist>
<varlistentry>
<term>bls</term>
diff --git a/src/kernel-install/90-loaderentry.install b/src/kernel-install/90-loaderentry.install
index 6a396910cb..0888c260e2 100644
--- a/src/kernel-install/90-loaderentry.install
+++ b/src/kernel-install/90-loaderentry.install
@@ -18,6 +18,8 @@
# You should have received a copy of the GNU Lesser General Public License
# along with systemd; If not, see <http://www.gnu.org/licenses/>.
+shopt -s nullglob
+
COMMAND="$1"
KERNEL_VERSION="$2"
ENTRY_DIR_ABS="$3"
@@ -88,7 +90,8 @@ install -g root -o root -m 0644 "$KERNEL_IMAGE" "$ENTRY_DIR_ABS/linux" || {
}
shift "$INITRD_OPTIONS_SHIFT"
-for initrd; do
+# All files listed as arguments, and staged files called "initrd*" are installed as initrds.
+for initrd in "$@" "${KERNEL_INSTALL_STAGING_AREA}"/initrd*; do
[ -f "$initrd" ] || {
echo "Error: initrd '$initrd' not a file." >&2
exit 1
@@ -114,11 +117,15 @@ mkdir -p "${LOADER_ENTRY%/*}" || {
echo "machine-id $MACHINE_ID"
echo "options $BOOT_OPTIONS"
echo "linux $ENTRY_DIR/linux"
- for initrd; do
+
+ have_initrd=
+ for initrd in "${@}" "${KERNEL_INSTALL_STAGING_AREA}"/initrd*; do
echo "initrd $ENTRY_DIR/${initrd##*/}"
+ have_initrd=yes
done
+
# Try "initrd", generated by dracut in its kernel-install hook, if no initrds were supplied
- [ $# -eq 0 ] && [ -f "$ENTRY_DIR_ABS/initrd" ] && echo "initrd $ENTRY_DIR/initrd"
+ [ -z "$have_initrd" ] && [ -f "$ENTRY_DIR_ABS/initrd" ] && echo "initrd $ENTRY_DIR/initrd"
:
} >"$LOADER_ENTRY" || {
echo "Error: could not create loader entry '$LOADER_ENTRY'." >&2
diff --git a/src/kernel-install/kernel-install b/src/kernel-install/kernel-install
index a73a205d79..8cfef3208d 100755
--- a/src/kernel-install/kernel-install
+++ b/src/kernel-install/kernel-install
@@ -128,10 +128,20 @@ fi
ENTRY_DIR_ABS="$BOOT_ROOT/$MACHINE_ID/$KERNEL_VERSION"
+# Provide a directory where to store generated initrds
+cleanup() {
+ [ -n "$KERNEL_INSTALL_STAGING_AREA" ] && rm -rf "$KERNEL_INSTALL_STAGING_AREA"
+}
+
+trap cleanup EXIT
+
+KERNEL_INSTALL_STAGING_AREA="$(mktemp -d -t -p /tmp kernel-install.staging.XXXXXXX)"
+
export KERNEL_INSTALL_MACHINE_ID="$MACHINE_ID"
export KERNEL_INSTALL_BOOT_ROOT="$BOOT_ROOT"
export KERNEL_INSTALL_LAYOUT="$layout"
export KERNEL_INSTALL_INITRD_GENERATOR="$initrd_generator"
+export KERNEL_INSTALL_STAGING_AREA
[ "$layout" = "bls" ]
MAKE_ENTRY_DIR_ABS=$?

View File

@ -0,0 +1,25 @@
From 356f770adca34191fd5d49b89c526b7375314a2c Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= <zbyszek@in.waw.pl>
Date: Wed, 19 Jan 2022 14:03:24 +0100
Subject: [PATCH] kernel-install: add missing log line
(cherry picked from commit 29f604131b2c0b82dca7d6ffaa5e6bc6a253620d)
Related: #2065061
---
src/kernel-install/90-loaderentry.install | 2 ++
1 file changed, 2 insertions(+)
diff --git a/src/kernel-install/90-loaderentry.install b/src/kernel-install/90-loaderentry.install
index 0888c260e2..3edefdefb4 100644
--- a/src/kernel-install/90-loaderentry.install
+++ b/src/kernel-install/90-loaderentry.install
@@ -40,6 +40,8 @@ fi
case "$COMMAND" in
remove)
+ [ "$KERNEL_INSTALL_VERBOSE" -gt 0 ] && \
+ echo "Removing $BOOT_ROOT/loader/entries/$MACHINE_ID-$KERNEL_VERSION*.conf"
exec rm -f \
"$BOOT_ROOT/loader/entries/$MACHINE_ID-$KERNEL_VERSION.conf" \
"$BOOT_ROOT/loader/entries/$MACHINE_ID-$KERNEL_VERSION+"*".conf"

View File

@ -0,0 +1,83 @@
From c5ec0be7b693e3ac05ea8438ca4ca2e9591db171 Mon Sep 17 00:00:00 2001
From: Lennart Poettering <lennart@poettering.net>
Date: Wed, 9 Feb 2022 13:59:36 +0100
Subject: [PATCH] kernel-install: don't try to persist used machine ID locally
This reworks the how machine ID used by the boot loader spec snippet
generation logic. Instead of persisting it automatically to /etc/ we'll
append it via systemd.machined_id= to the kernel command line, and thus
persist it in the generated boot loader spec snippets instead. This has
nice benefits:
1. We do not collide with read-only root
2. The machine ID remains stable across factory reset, so that we can
safely recognize the path in $BOOT we drop our kernel images in
again, i.e. kernel updates will work correctly and safely across
kernel factory resets.
3. Previously regular systems had different machine IDs while in
initrd and after booting into the host system. With this change
they will now have the same.
This then drops implicit persisting of KERNEL_INSTALL_MACHINE_ID, as its
unnecessary then. The field is still honoured though, for compat
reasons.
This also drops the "Default" fallback previously used, as it actually
is without effect, the randomized ID generation already took precedence
in all cases. This means $MACHNE_ID/KERNEL_INSTALL_MACHINE_ID are now
guaranteed to look like a proper machine ID, which is useful for us,
given you need it that way to be able to pass it to the
systemd.machine_id= kernel command line option.
(cherry picked from commit 11ce3ea2f2219ab9c0700bcf7f8ed4312d80e937)
Related: #2065061
---
src/kernel-install/90-loaderentry.install | 6 +++++-
src/kernel-install/kernel-install | 16 +++++++---------
2 files changed, 12 insertions(+), 10 deletions(-)
diff --git a/src/kernel-install/90-loaderentry.install b/src/kernel-install/90-loaderentry.install
index 3edefdefb4..046771169c 100644
--- a/src/kernel-install/90-loaderentry.install
+++ b/src/kernel-install/90-loaderentry.install
@@ -68,7 +68,11 @@ elif [ -r /usr/lib/kernel/cmdline ]; then
else
BOOT_OPTIONS="$(tr -s "$IFS" '\n' </proc/cmdline | grep -ve '^BOOT_IMAGE=' -e '^initrd=' | tr '\n' ' ')"
fi
-BOOT_OPTIONS="${BOOT_OPTIONS% }"
+
+# Suffix with the machine ID we use, so that the machine ID remains stable,
+# even during factory reset, in the initrd (where the system's machine ID is
+# not directly accessible yet), and if the root file system is volatile.
+BOOT_OPTIONS="${BOOT_OPTIONS% } systemd.machine_id=$MACHINE_ID"
if [ -r /etc/kernel/tries ]; then
read -r TRIES </etc/kernel/tries
diff --git a/src/kernel-install/kernel-install b/src/kernel-install/kernel-install
index 8cfef3208d..e94aa79bc6 100755
--- a/src/kernel-install/kernel-install
+++ b/src/kernel-install/kernel-install
@@ -89,15 +89,13 @@ elif [ -r "/usr/lib/kernel/install.conf" ]; then
. /usr/lib/kernel/install.conf
fi
-# Prefer to use an existing machine ID from /etc/machine-info or /etc/machine-id. If we're using the machine
-# ID /etc/machine-id, try to persist it in /etc/machine-info. If no machine ID is found, try to generate
-# a new machine ID in /etc/machine-info. If that fails, use "Default".
-[ -z "$MACHINE_ID" ] && [ -r /etc/machine-info ] && . /etc/machine-info && MACHINE_ID="$KERNEL_INSTALL_MACHINE_ID"
-[ -z "$MACHINE_ID" ] && [ -r /etc/machine-id ] && read -r MACHINE_ID </etc/machine-id
-[ -n "$MACHINE_ID" ] && [ -z "$KERNEL_INSTALL_MACHINE_ID" ] && echo "KERNEL_INSTALL_MACHINE_ID=$MACHINE_ID" >>/etc/machine-info
-[ -z "$MACHINE_ID" ] && NEW_MACHINE_ID="$(systemd-id128 new)" && echo "KERNEL_INSTALL_MACHINE_ID=$NEW_MACHINE_ID" >>/etc/machine-info
-[ -z "$MACHINE_ID" ] && [ -r /etc/machine-info ] && . /etc/machine-info && MACHINE_ID="$KERNEL_INSTALL_MACHINE_ID"
-[ -z "$MACHINE_ID" ] && MACHINE_ID="Default"
+# If /etc/machine-id is initialized we'll use it, otherwise we'll use a freshly
+# generated one. If the user configured an explicit machine ID to use in
+# /etc/machine-info to use for our purpose, we'll use that instead (for
+# compatibility).
+[ -z "$MACHINE_ID" ] && [ -r /etc/machine-info ] && . /etc/machine-info && MACHINE_ID="$KERNEL_INSTALL_MACHINE_ID"
+[ -z "$MACHINE_ID" ] && [ -r /etc/machine-id ] && read -r MACHINE_ID </etc/machine-id
+[ -z "$MACHINE_ID" ] && MACHINE_ID="$(systemd-id128 new)"
[ -z "$BOOT_ROOT" ] && for suff in "$MACHINE_ID" "loader/entries"; do
for pref in "/efi" "/boot" "/boot/efi" ; do

View File

@ -0,0 +1,136 @@
From c68126eeb93cac03b3a674ab47604e8381a4e5e2 Mon Sep 17 00:00:00 2001
From: Lennart Poettering <lennart@poettering.net>
Date: Wed, 9 Feb 2022 14:29:19 +0100
Subject: [PATCH] kernel-install: add a new $ENTRY_TOKEN variable for naming
boot entries
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
This cleans up naming of boot loader spec boot entries a bit (i.e. the
naming of the .conf snippet files, and the directory in $BOOT where the
kernel images and initrds are placed), and isolates it from the actual machine
ID concept.
Previously there was a sinlge concept for both things, because typically
the entries are just named after the machine ID. However one could also
use a different identifier, i.e. not a 128bit ID in which cases issues
pop up everywhere. For example, the "machine-id" field in the generated
snippets would not be a machine ID anymore, and the newly added
systemd.machine_id= kernel parameter would possibly get passed invalid
data.
Hence clean this up:
$MACHINE_ID → always a valid 128bit ID.
$ENTRY_TOKEN → usually the $MACHINE_ID but can be any other string too.
This is used to name the directory to put kernels/initrds in. It's also
used for naming the *.conf snippets that implement the Boot Loader Type
1 spec.
(cherry picked from commit 3907044ffa568aedf076d0f9807489ec78f87502)
Related: #2065061
---
src/kernel-install/90-loaderentry.install | 11 ++++++-----
src/kernel-install/kernel-install | 21 +++++++++++++++++----
2 files changed, 23 insertions(+), 9 deletions(-)
diff --git a/src/kernel-install/90-loaderentry.install b/src/kernel-install/90-loaderentry.install
index 046771169c..46261a2c11 100644
--- a/src/kernel-install/90-loaderentry.install
+++ b/src/kernel-install/90-loaderentry.install
@@ -29,6 +29,7 @@ INITRD_OPTIONS_SHIFT=4
[ "$KERNEL_INSTALL_LAYOUT" = "bls" ] || exit 0
MACHINE_ID="$KERNEL_INSTALL_MACHINE_ID"
+ENTRY_TOKEN="$KERNEL_INSTALL_ENTRY_TOKEN"
BOOT_ROOT="$KERNEL_INSTALL_BOOT_ROOT"
BOOT_MNT="$(stat -c %m "$BOOT_ROOT")"
@@ -41,10 +42,10 @@ fi
case "$COMMAND" in
remove)
[ "$KERNEL_INSTALL_VERBOSE" -gt 0 ] && \
- echo "Removing $BOOT_ROOT/loader/entries/$MACHINE_ID-$KERNEL_VERSION*.conf"
+ echo "Removing $BOOT_ROOT/loader/entries/$ENTRY_TOKEN-$KERNEL_VERSION*.conf"
exec rm -f \
- "$BOOT_ROOT/loader/entries/$MACHINE_ID-$KERNEL_VERSION.conf" \
- "$BOOT_ROOT/loader/entries/$MACHINE_ID-$KERNEL_VERSION+"*".conf"
+ "$BOOT_ROOT/loader/entries/$ENTRY_TOKEN-$KERNEL_VERSION.conf" \
+ "$BOOT_ROOT/loader/entries/$ENTRY_TOKEN-$KERNEL_VERSION+"*".conf"
;;
add)
;;
@@ -80,9 +81,9 @@ if [ -r /etc/kernel/tries ]; then
echo "/etc/kernel/tries does not contain an integer." >&2
exit 1
fi
- LOADER_ENTRY="$BOOT_ROOT/loader/entries/$MACHINE_ID-$KERNEL_VERSION+$TRIES.conf"
+ LOADER_ENTRY="$BOOT_ROOT/loader/entries/$ENTRY_TOKEN-$KERNEL_VERSION+$TRIES.conf"
else
- LOADER_ENTRY="$BOOT_ROOT/loader/entries/$MACHINE_ID-$KERNEL_VERSION.conf"
+ LOADER_ENTRY="$BOOT_ROOT/loader/entries/$ENTRY_TOKEN-$KERNEL_VERSION.conf"
fi
if ! [ -d "$ENTRY_DIR_ABS" ]; then
diff --git a/src/kernel-install/kernel-install b/src/kernel-install/kernel-install
index e94aa79bc6..75a31c62d4 100755
--- a/src/kernel-install/kernel-install
+++ b/src/kernel-install/kernel-install
@@ -97,7 +97,19 @@ fi
[ -z "$MACHINE_ID" ] && [ -r /etc/machine-id ] && read -r MACHINE_ID </etc/machine-id
[ -z "$MACHINE_ID" ] && MACHINE_ID="$(systemd-id128 new)"
-[ -z "$BOOT_ROOT" ] && for suff in "$MACHINE_ID" "loader/entries"; do
+# Now that we determined the machine ID to use, let's determine the "token" for
+# the boot loader entry to generate. We use that for naming the directory below
+# $BOOT where we want to place the kernel/initrd and related resources, as well
+# for naming the .conf boot loader spec entry. Typically this is just the
+# machine ID, but it can be anything else, too, if we are told so.
+[ -z "$ENTRY_TOKEN" ] && [ -r /etc/kernel/entry-token ] && read -r ENTRY_TOKEN </etc/kernel/entry-token
+[ -z "$ENTRY_TOKEN" ] && ENTRY_TOKEN="$MACHINE_ID"
+
+# NB: The $MACHINE_ID is guaranteed to be a valid machine ID, but
+# $ENTRY_TOKEN can be any string that fits into a VFAT filename, though
+# typically is just the machine ID.
+
+[ -z "$BOOT_ROOT" ] && for suff in "$ENTRY_TOKEN" "loader/entries"; do
for pref in "/efi" "/boot" "/boot/efi" ; do
if [ -d "$pref/$suff" ]; then
BOOT_ROOT="$pref"
@@ -117,14 +129,14 @@ done
if [ -z "$layout" ]; then
# Administrative decision: if not present, some scripts generate into /boot.
- if [ -d "$BOOT_ROOT/$MACHINE_ID" ]; then
+ if [ -d "$BOOT_ROOT/$ENTRY_TOKEN" ]; then
layout="bls"
else
layout="other"
fi
fi
-ENTRY_DIR_ABS="$BOOT_ROOT/$MACHINE_ID/$KERNEL_VERSION"
+ENTRY_DIR_ABS="$BOOT_ROOT/$ENTRY_TOKEN/$KERNEL_VERSION"
# Provide a directory where to store generated initrds
cleanup() {
@@ -136,6 +148,7 @@ trap cleanup EXIT
KERNEL_INSTALL_STAGING_AREA="$(mktemp -d -t -p /tmp kernel-install.staging.XXXXXXX)"
export KERNEL_INSTALL_MACHINE_ID="$MACHINE_ID"
+export KERNEL_INSTALL_ENTRY_TOKEN="$ENTRY_TOKEN"
export KERNEL_INSTALL_BOOT_ROOT="$BOOT_ROOT"
export KERNEL_INSTALL_LAYOUT="$layout"
export KERNEL_INSTALL_INITRD_GENERATOR="$initrd_generator"
@@ -168,7 +181,7 @@ case "$COMMAND" in
fi
if [ "$MAKE_ENTRY_DIR_ABS" -eq 0 ]; then
- # Compatibility with earlier versions that used the presence of $BOOT_ROOT/$MACHINE_ID
+ # Compatibility with earlier versions that used the presence of $BOOT_ROOT/$ENTRY_TOKEN
# to signal to 00-entry-directory to create $ENTRY_DIR_ABS
# to serve as the indication to use or to not use the BLS
if [ "$KERNEL_INSTALL_VERBOSE" -gt 0 ]; then

View File

@ -0,0 +1,59 @@
From 9ef3458dd6356d19a58b3a909a5976295a62a4d0 Mon Sep 17 00:00:00 2001
From: Lennart Poettering <lennart@poettering.net>
Date: Wed, 9 Feb 2022 14:44:48 +0100
Subject: [PATCH] kernel-install: only generate systemd.boot_id= in kernel
command line if used for naming the boot loader spec files/dirs
Now that we can distinguish the naming of the boot loader spec
dirs/files and the machine ID let's tweak the logic for suffixing the
kernel cmdline with systemd.boot_id=: let's only do that when we
actually need the boot ID for naming these dirs/files. If we don't,
let's not bother.
This should be beneficial for "golden" images that shall not carry any
machine IDs at all, i.e acquire their identity only once the final
userspace is actually reached.
(cherry picked from commit 953b61004c37948dcd897265b56c1613bc73b9f9)
Related: #2065061
---
src/kernel-install/90-loaderentry.install | 18 +++++++++++++-----
1 file changed, 13 insertions(+), 5 deletions(-)
diff --git a/src/kernel-install/90-loaderentry.install b/src/kernel-install/90-loaderentry.install
index 46261a2c11..c1d69aa824 100644
--- a/src/kernel-install/90-loaderentry.install
+++ b/src/kernel-install/90-loaderentry.install
@@ -70,10 +70,15 @@ else
BOOT_OPTIONS="$(tr -s "$IFS" '\n' </proc/cmdline | grep -ve '^BOOT_IMAGE=' -e '^initrd=' | tr '\n' ' ')"
fi
-# Suffix with the machine ID we use, so that the machine ID remains stable,
-# even during factory reset, in the initrd (where the system's machine ID is
-# not directly accessible yet), and if the root file system is volatile.
-BOOT_OPTIONS="${BOOT_OPTIONS% } systemd.machine_id=$MACHINE_ID"
+BOOT_OPTIONS="${BOOT_OPTIONS% }"
+
+# If the boot entries are named after the machine ID, then suffix the kernel
+# command line with the machine ID we use, so that the machine ID remains
+# stable, even during factory reset, in the initrd (where the system's machine
+# ID is not directly accessible yet), and if the root file system is volatile.
+if [ "$ENTRY_TOKEN" = "$MACHINE_ID" ]; then
+ BOOT_OPTIONS="$BOOT_OPTIONS systemd.machine_id=$MACHINE_ID"
+fi
if [ -r /etc/kernel/tries ]; then
read -r TRIES </etc/kernel/tries
@@ -121,7 +126,10 @@ mkdir -p "${LOADER_ENTRY%/*}" || {
{
echo "title $PRETTY_NAME"
echo "version $KERNEL_VERSION"
- echo "machine-id $MACHINE_ID"
+ if [ "$ENTRY_TOKEN" = "$MACHINE_ID" ]; then
+ # See similar logic above for the systemd.machine_id= kernel command line option
+ echo "machine-id $MACHINE_ID"
+ fi
echo "options $BOOT_OPTIONS"
echo "linux $ENTRY_DIR/linux"

View File

@ -0,0 +1,75 @@
From d044a59e1098c3497e76c3ebdef88036378e6c26 Mon Sep 17 00:00:00 2001
From: Lennart Poettering <lennart@poettering.net>
Date: Thu, 10 Feb 2022 14:27:22 +0100
Subject: [PATCH] kernel-install: search harder for kernel image/initrd drop-in
dir
If not explicitly configured, let's search a bit harder for the
ENTRY_TOKEN, and let's try the machine ID, the IMAGE_ID and ID fields of
/etc/os-release and finally "Default", all below potential $XBOOTLDR.
(cherry picked from commit 6637cf9db67237857279262d93ee0e39023c5b85)
Related: #2065061
---
src/kernel-install/kernel-install | 27 ++++++++++++++++++++++++---
1 file changed, 24 insertions(+), 3 deletions(-)
diff --git a/src/kernel-install/kernel-install b/src/kernel-install/kernel-install
index 75a31c62d4..c42c40592a 100755
--- a/src/kernel-install/kernel-install
+++ b/src/kernel-install/kernel-install
@@ -103,29 +103,50 @@ fi
# for naming the .conf boot loader spec entry. Typically this is just the
# machine ID, but it can be anything else, too, if we are told so.
[ -z "$ENTRY_TOKEN" ] && [ -r /etc/kernel/entry-token ] && read -r ENTRY_TOKEN </etc/kernel/entry-token
-[ -z "$ENTRY_TOKEN" ] && ENTRY_TOKEN="$MACHINE_ID"
+if [ -z "$ENTRY_TOKEN" ]; then
+ # If not configured explicitly, then use a few candidates: the machine ID,
+ # the IMAGE_ID= and ID= fields from /etc/os-release and finally the fixed
+ # string "Default"
+ ENTRY_TOKEN_SEARCH="$MACHINE_ID"
+ [ -r /etc/os-release ] && . /etc/os-release
+ [ -n "$IMAGE_ID" ] && ENTRY_TOKEN_SEARCH="$ENTRY_TOKEN_SEARCH $IMAGE_ID"
+ [ -n "$ID" ] && ENTRY_TOKEN_SEARCH="$ENTRY_TOKEN_SEARCH $ID"
+ ENTRY_TOKEN_SEARCH="$ENTRY_TOKEN_SEARCH Default"
+else
+ ENTRY_TOKEN_SEARCH="$ENTRY_TOKEN"
+fi
# NB: The $MACHINE_ID is guaranteed to be a valid machine ID, but
# $ENTRY_TOKEN can be any string that fits into a VFAT filename, though
# typically is just the machine ID.
-[ -z "$BOOT_ROOT" ] && for suff in "$ENTRY_TOKEN" "loader/entries"; do
- for pref in "/efi" "/boot" "/boot/efi" ; do
+[ -z "$BOOT_ROOT" ] && for suff in $ENTRY_TOKEN_SEARCH; do
+ for pref in "/efi" "/boot" "/boot/efi"; do
if [ -d "$pref/$suff" ]; then
BOOT_ROOT="$pref"
+ ENTRY_TOKEN="$suff"
break 2
fi
done
done
+[ -z "$BOOT_ROOT" ] && for pref in "/efi" "/boot" "/boot/efi"; do
+ if [ -d "$pref/loader/entries" ]; then
+ BOOT_ROOT="$pref"
+ break
+ fi
+done
+
[ -z "$BOOT_ROOT" ] && for pref in "/efi" "/boot/efi"; do
if mountpoint -q "$pref"; then
BOOT_ROOT="$pref"
break
fi
done
+
[ -z "$BOOT_ROOT" ] && BOOT_ROOT="/boot"
+[ -z "$ENTRY_TOKEN" ] && ENTRY_TOKEN="$MACHINE_ID"
if [ -z "$layout" ]; then
# Administrative decision: if not present, some scripts generate into /boot.

View File

@ -0,0 +1,68 @@
From ac730b1b14b29b4c9cfa4fb904da7ef508170327 Mon Sep 17 00:00:00 2001
From: Lennart Poettering <lennart@poettering.net>
Date: Thu, 10 Feb 2022 14:37:37 +0100
Subject: [PATCH] kernel-install: add new "inspect" verb, showing paths and
parameters we discovered
(cherry picked from commit c73cf4184441d3cc37a5e2195938f07420ec38b7)
Related: #2065061
---
src/kernel-install/kernel-install | 29 +++++++++++++++++++++++------
1 file changed, 23 insertions(+), 6 deletions(-)
diff --git a/src/kernel-install/kernel-install b/src/kernel-install/kernel-install
index c42c40592a..b8099bd12c 100755
--- a/src/kernel-install/kernel-install
+++ b/src/kernel-install/kernel-install
@@ -25,6 +25,7 @@ usage()
echo "Usage:"
echo " $0 [OPTIONS...] add KERNEL-VERSION KERNEL-IMAGE [INITRD-FILE ...]"
echo " $0 [OPTIONS...] remove KERNEL-VERSION"
+ echo " $0 [OPTIONS...] inspect"
echo "Options:"
echo " -h, --help Print this help"
echo " -v, --verbose Increase verbosity"
@@ -72,13 +73,17 @@ else
[ $# -ge 1 ] && shift
fi
-if [ $# -lt 1 ]; then
- echo "Error: not enough arguments" >&2
- exit 1
-fi
+if [ "$COMMAND" = "inspect" ]; then
+ KERNEL_VERSION=""
+else
+ if [ $# -lt 1 ]; then
+ echo "Error: not enough arguments" >&2
+ exit 1
+ fi
-KERNEL_VERSION="$1"
-shift
+ KERNEL_VERSION="$1"
+ shift
+fi
layout=
initrd_generator=
@@ -237,6 +242,18 @@ case "$COMMAND" in
fi
;;
+ inspect)
+ echo "KERNEL_INSTALL_MACHINE_ID: $KERNEL_INSTALL_MACHINE_ID"
+ echo "KERNEL_INSTALL_ENTRY_TOKEN: $KERNEL_INSTALL_ENTRY_TOKEN"
+ echo "KERNEL_INSTALL_BOOT_ROOT: $KERNEL_INSTALL_BOOT_ROOT"
+ echo "KERNEL_INSTALL_LAYOUT: $KERNEL_INSTALL_LAYOUT"
+ echo "KERNEL_INSTALL_INITRD_GENERATOR: $KERNEL_INSTALL_INITRD_GENERATOR"
+ echo "ENTRY_DIR_ABS: $KERNEL_INSTALL_BOOT_ROOT/$ENTRY_TOKEN/\$KERNEL_VERSION"
+
+ # Assert that ENTRY_DIR_ABS actually matches what we are printing here
+ [ "${ENTRY_DIR_ABS%/*}" = "$KERNEL_INSTALL_BOOT_ROOT/$ENTRY_TOKEN" ] || { echo "Assertion didn't pass." >&2; exit 1; }
+
+ ;;
*)
echo "Error: unknown command '$COMMAND'" >&2
exit 1

View File

@ -0,0 +1,276 @@
From a62fe26e02c9852a59d84d3834fdbb39d7568f28 Mon Sep 17 00:00:00 2001
From: Jan Janssen <medhefgo@web.de>
Date: Wed, 19 Jan 2022 10:15:36 +0100
Subject: [PATCH] bus: Use OrderedSet for introspection
Otherwise, the generated xml files are not reproducible.
(cherry picked from commit acac88340ace3cd631126eebb6d0390cd54e8231)
Resolves: #2066325
---
src/libsystemd/sd-bus/bus-introspect.c | 4 +--
src/libsystemd/sd-bus/bus-introspect.h | 4 +--
src/libsystemd/sd-bus/bus-objects.c | 45 +++++++++++++-------------
src/shared/bus-object.c | 4 +--
4 files changed, 28 insertions(+), 29 deletions(-)
diff --git a/src/libsystemd/sd-bus/bus-introspect.c b/src/libsystemd/sd-bus/bus-introspect.c
index b9ef6af631..eed0dae82f 100644
--- a/src/libsystemd/sd-bus/bus-introspect.c
+++ b/src/libsystemd/sd-bus/bus-introspect.c
@@ -110,7 +110,7 @@ static int set_interface_name(struct introspect *intro, const char *interface_na
return free_and_strdup(&intro->interface_name, interface_name);
}
-int introspect_write_child_nodes(struct introspect *i, Set *s, const char *prefix) {
+int introspect_write_child_nodes(struct introspect *i, OrderedSet *s, const char *prefix) {
char *node;
assert(i);
@@ -118,7 +118,7 @@ int introspect_write_child_nodes(struct introspect *i, Set *s, const char *prefi
assert_se(set_interface_name(i, NULL) >= 0);
- while ((node = set_steal_first(s))) {
+ while ((node = ordered_set_steal_first(s))) {
const char *e;
e = object_path_startswith(node, prefix);
diff --git a/src/libsystemd/sd-bus/bus-introspect.h b/src/libsystemd/sd-bus/bus-introspect.h
index 34f32a4cf9..19e3ef09e2 100644
--- a/src/libsystemd/sd-bus/bus-introspect.h
+++ b/src/libsystemd/sd-bus/bus-introspect.h
@@ -5,7 +5,7 @@
#include "sd-bus.h"
-#include "set.h"
+#include "ordered-set.h"
struct introspect {
FILE *f;
@@ -17,7 +17,7 @@ struct introspect {
int introspect_begin(struct introspect *i, bool trusted);
int introspect_write_default_interfaces(struct introspect *i, bool object_manager);
-int introspect_write_child_nodes(struct introspect *i, Set *s, const char *prefix);
+int introspect_write_child_nodes(struct introspect *i, OrderedSet *s, const char *prefix);
int introspect_write_interface(
struct introspect *i,
const char *interface_name,
diff --git a/src/libsystemd/sd-bus/bus-objects.c b/src/libsystemd/sd-bus/bus-objects.c
index bf69539062..40158a7326 100644
--- a/src/libsystemd/sd-bus/bus-objects.c
+++ b/src/libsystemd/sd-bus/bus-objects.c
@@ -9,7 +9,6 @@
#include "bus-slot.h"
#include "bus-type.h"
#include "missing_capability.h"
-#include "set.h"
#include "string-util.h"
#include "strv.h"
@@ -99,7 +98,7 @@ static int add_enumerated_to_set(
sd_bus *bus,
const char *prefix,
struct node_enumerator *first,
- Set *s,
+ OrderedSet *s,
sd_bus_error *error) {
struct node_enumerator *c;
@@ -146,7 +145,7 @@ static int add_enumerated_to_set(
continue;
}
- r = set_consume(s, *k);
+ r = ordered_set_consume(s, *k);
if (r == -EEXIST)
r = 0;
}
@@ -171,7 +170,7 @@ static int add_subtree_to_set(
const char *prefix,
struct node *n,
unsigned flags,
- Set *s,
+ OrderedSet *s,
sd_bus_error *error) {
struct node *i;
@@ -198,7 +197,7 @@ static int add_subtree_to_set(
if (!t)
return -ENOMEM;
- r = set_consume(s, t);
+ r = ordered_set_consume(s, t);
if (r < 0 && r != -EEXIST)
return r;
@@ -220,10 +219,10 @@ static int get_child_nodes(
const char *prefix,
struct node *n,
unsigned flags,
- Set **_s,
+ OrderedSet **_s,
sd_bus_error *error) {
- Set *s = NULL;
+ OrderedSet *s = NULL;
int r;
assert(bus);
@@ -231,13 +230,13 @@ static int get_child_nodes(
assert(n);
assert(_s);
- s = set_new(&string_hash_ops);
+ s = ordered_set_new(&string_hash_ops);
if (!s)
return -ENOMEM;
r = add_subtree_to_set(bus, prefix, n, flags, s, error);
if (r < 0) {
- set_free_free(s);
+ ordered_set_free_free(s);
return r;
}
@@ -937,7 +936,7 @@ int introspect_path(
char **ret,
sd_bus_error *error) {
- _cleanup_set_free_free_ Set *s = NULL;
+ _cleanup_ordered_set_free_ OrderedSet *s = NULL;
_cleanup_(introspect_free) struct introspect intro = {};
struct node_vtable *c;
bool empty;
@@ -963,7 +962,7 @@ int introspect_path(
if (r < 0)
return r;
- empty = set_isempty(s);
+ empty = ordered_set_isempty(s);
LIST_FOREACH(vtables, c, n->vtables) {
if (require_fallback && !c->is_fallback)
@@ -1233,7 +1232,7 @@ static int process_get_managed_objects(
_cleanup_(sd_bus_error_free) sd_bus_error error = SD_BUS_ERROR_NULL;
_cleanup_(sd_bus_message_unrefp) sd_bus_message *reply = NULL;
- _cleanup_set_free_free_ Set *s = NULL;
+ _cleanup_ordered_set_free_free_ OrderedSet *s = NULL;
char *path;
int r;
@@ -1263,7 +1262,7 @@ static int process_get_managed_objects(
if (r < 0)
return r;
- SET_FOREACH(path, s) {
+ ORDERED_SET_FOREACH(path, s) {
r = object_manager_serialize_path_and_fallbacks(bus, reply, path, &error);
if (r < 0)
return bus_maybe_reply_error(m, r, &error);
@@ -2352,7 +2351,7 @@ _public_ int sd_bus_emit_properties_changed(
static int object_added_append_all_prefix(
sd_bus *bus,
sd_bus_message *m,
- Set *s,
+ OrderedSet *s,
const char *prefix,
const char *path,
bool require_fallback) {
@@ -2392,10 +2391,10 @@ static int object_added_append_all_prefix(
* skip it on any of its parents. The child vtables
* always fully override any conflicting vtables of
* any parent node. */
- if (set_get(s, c->interface))
+ if (ordered_set_get(s, c->interface))
continue;
- r = set_put(s, c->interface);
+ r = ordered_set_put(s, c->interface);
if (r < 0)
return r;
@@ -2441,7 +2440,7 @@ static int object_added_append_all_prefix(
}
static int object_added_append_all(sd_bus *bus, sd_bus_message *m, const char *path) {
- _cleanup_set_free_ Set *s = NULL;
+ _cleanup_ordered_set_free_ OrderedSet *s = NULL;
_cleanup_free_ char *prefix = NULL;
size_t pl;
int r;
@@ -2465,7 +2464,7 @@ static int object_added_append_all(sd_bus *bus, sd_bus_message *m, const char *p
* a parent that were overwritten by a child.
*/
- s = set_new(&string_hash_ops);
+ s = ordered_set_new(&string_hash_ops);
if (!s)
return -ENOMEM;
@@ -2572,7 +2571,7 @@ _public_ int sd_bus_emit_object_added(sd_bus *bus, const char *path) {
static int object_removed_append_all_prefix(
sd_bus *bus,
sd_bus_message *m,
- Set *s,
+ OrderedSet *s,
const char *prefix,
const char *path,
bool require_fallback) {
@@ -2605,7 +2604,7 @@ static int object_removed_append_all_prefix(
* skip it on any of its parents. The child vtables
* always fully override any conflicting vtables of
* any parent node. */
- if (set_get(s, c->interface))
+ if (ordered_set_get(s, c->interface))
continue;
r = node_vtable_get_userdata(bus, path, c, &u, &error);
@@ -2616,7 +2615,7 @@ static int object_removed_append_all_prefix(
if (r == 0)
continue;
- r = set_put(s, c->interface);
+ r = ordered_set_put(s, c->interface);
if (r < 0)
return r;
@@ -2631,7 +2630,7 @@ static int object_removed_append_all_prefix(
}
static int object_removed_append_all(sd_bus *bus, sd_bus_message *m, const char *path) {
- _cleanup_set_free_ Set *s = NULL;
+ _cleanup_ordered_set_free_ OrderedSet *s = NULL;
_cleanup_free_ char *prefix = NULL;
size_t pl;
int r;
@@ -2642,7 +2641,7 @@ static int object_removed_append_all(sd_bus *bus, sd_bus_message *m, const char
/* see sd_bus_emit_object_added() for details */
- s = set_new(&string_hash_ops);
+ s = ordered_set_new(&string_hash_ops);
if (!s)
return -ENOMEM;
diff --git a/src/shared/bus-object.c b/src/shared/bus-object.c
index f2e53913fb..4ed5215e3d 100644
--- a/src/shared/bus-object.c
+++ b/src/shared/bus-object.c
@@ -156,10 +156,10 @@ int bus_introspect_implementations(
if (impl != main_impl)
bus_introspect_implementation(&intro, impl);
- _cleanup_set_free_ Set *nodes = NULL;
+ _cleanup_ordered_set_free_ OrderedSet *nodes = NULL;
for (size_t i = 0; impl->children && impl->children[i]; i++) {
- r = set_put_strdup(&nodes, impl->children[i]->path);
+ r = ordered_set_put_strdup(&nodes, impl->children[i]->path);
if (r < 0)
return log_oom();
}

View File

@ -0,0 +1,109 @@
From aacd9b79ecd97007bad3706234ccc1b2ae84ca11 Mon Sep 17 00:00:00 2001
From: Michal Sekletar <msekleta@redhat.com>
Date: Wed, 23 Mar 2022 17:34:12 +0100
Subject: [PATCH] udev/net_id: avoid slot based names only for single function
devices
If we have two or more devices that share the same slot but they are
also multifunction then it is OK to use the slot information even if it
is the same for all of them. Name conflict will be avoided because we
will append function number and form names like, ens1f1, ens1f2...
(cherry picked from commit 66425daf2c68793adf24a48a26d58add8662e83f)
Resolves: #2070097
---
man/systemd.net-naming-scheme.xml | 7 ++++++-
src/shared/netif-naming-scheme.h | 31 ++++++++++++++++---------------
src/udev/udev-builtin-net_id.c | 11 +++++++++--
3 files changed, 31 insertions(+), 18 deletions(-)
diff --git a/man/systemd.net-naming-scheme.xml b/man/systemd.net-naming-scheme.xml
index 942ef572ff..73d08b681d 100644
--- a/man/systemd.net-naming-scheme.xml
+++ b/man/systemd.net-naming-scheme.xml
@@ -406,7 +406,12 @@
<varlistentry>
<term><constant>rhel-9.0</constant></term>
- <listitem><para>Same as naming scheme <constant>v250</constant>.</para>
+ <listitem><para>Since version <constant>v247</constant> we no longer set
+ <varname>ID_NET_NAME_SLOT</varname> if we detect that a PCI device associated with a slot is a PCI
+ bridge as that would create naming conflict when there are more child devices on that bridge. Now,
+ this is relaxed and we will use slot information to generate the name based on it but only if
+ the PCI device has multiple functions. This is safe because distinct function number is a part of
+ the device name for multifunction devices.</para>
</listitem>
</varlistentry>
diff --git a/src/shared/netif-naming-scheme.h b/src/shared/netif-naming-scheme.h
index f765db6ef2..5c86cb4545 100644
--- a/src/shared/netif-naming-scheme.h
+++ b/src/shared/netif-naming-scheme.h
@@ -22,20 +22,21 @@
* OS versions, but not fully stabilize them. */
typedef enum NamingSchemeFlags {
/* First, the individual features */
- NAMING_SR_IOV_V = 1 << 0, /* Use "v" suffix for SR-IOV, see 609948c7043a */
- NAMING_NPAR_ARI = 1 << 1, /* Use NPAR "ARI", see 6bc04997b6ea */
- NAMING_INFINIBAND = 1 << 2, /* Use "ib" prefix for infiniband, see 938d30aa98df */
- NAMING_ZERO_ACPI_INDEX = 1 << 3, /* Use zero acpi_index field, see d81186ef4f6a */
- NAMING_ALLOW_RERENAMES = 1 << 4, /* Allow re-renaming of devices, see #9006 */
- NAMING_STABLE_VIRTUAL_MACS = 1 << 5, /* Use device name to generate MAC, see 6d3646406560 */
- NAMING_NETDEVSIM = 1 << 6, /* Generate names for netdevsim devices, see eaa9d507d855 */
- NAMING_LABEL_NOPREFIX = 1 << 7, /* Don't prepend ID_NET_LABEL_ONBOARD with interface type prefix */
- NAMING_NSPAWN_LONG_HASH = 1 << 8, /* Shorten nspawn interfaces by including 24bit hash, instead of simple truncation */
- NAMING_BRIDGE_NO_SLOT = 1 << 9, /* Don't use PCI hotplug slot information if the corresponding device is a PCI bridge */
- NAMING_SLOT_FUNCTION_ID = 1 << 10, /* Use function_id if present to identify PCI hotplug slots */
- NAMING_16BIT_INDEX = 1 << 11, /* Allow full 16-bit for the onboard index */
- NAMING_REPLACE_STRICTLY = 1 << 12, /* Use udev_replace_ifname() for NAME= rule */
- NAMING_XEN_VIF = 1 << 13, /* GEnerate names for Xen netfront devices */
+ NAMING_SR_IOV_V = 1 << 0, /* Use "v" suffix for SR-IOV, see 609948c7043a */
+ NAMING_NPAR_ARI = 1 << 1, /* Use NPAR "ARI", see 6bc04997b6ea */
+ NAMING_INFINIBAND = 1 << 2, /* Use "ib" prefix for infiniband, see 938d30aa98df */
+ NAMING_ZERO_ACPI_INDEX = 1 << 3, /* Use zero acpi_index field, see d81186ef4f6a */
+ NAMING_ALLOW_RERENAMES = 1 << 4, /* Allow re-renaming of devices, see #9006 */
+ NAMING_STABLE_VIRTUAL_MACS = 1 << 5, /* Use device name to generate MAC, see 6d3646406560 */
+ NAMING_NETDEVSIM = 1 << 6, /* Generate names for netdevsim devices, see eaa9d507d855 */
+ NAMING_LABEL_NOPREFIX = 1 << 7, /* Don't prepend ID_NET_LABEL_ONBOARD with interface type prefix */
+ NAMING_NSPAWN_LONG_HASH = 1 << 8, /* Shorten nspawn interfaces by including 24bit hash, instead of simple truncation */
+ NAMING_BRIDGE_NO_SLOT = 1 << 9, /* Don't use PCI hotplug slot information if the corresponding device is a PCI bridge */
+ NAMING_SLOT_FUNCTION_ID = 1 << 10, /* Use function_id if present to identify PCI hotplug slots */
+ NAMING_16BIT_INDEX = 1 << 11, /* Allow full 16-bit for the onboard index */
+ NAMING_REPLACE_STRICTLY = 1 << 12, /* Use udev_replace_ifname() for NAME= rule */
+ NAMING_XEN_VIF = 1 << 13, /* Generate names for Xen netfront devices */
+ NAMING_BRIDGE_MULTIFUNCTION_SLOT = 1 << 14, /* Use PCI hotplug slot information associated with bridge, but only if PCI device is multifunction */
/* And now the masks that combine the features above */
NAMING_V238 = 0,
@@ -47,7 +48,7 @@ typedef enum NamingSchemeFlags {
NAMING_V247 = NAMING_V245 | NAMING_BRIDGE_NO_SLOT,
NAMING_V249 = NAMING_V247 | NAMING_SLOT_FUNCTION_ID | NAMING_16BIT_INDEX | NAMING_REPLACE_STRICTLY,
NAMING_V250 = NAMING_V249 | NAMING_XEN_VIF,
- NAMING_RHEL_9_0 = NAMING_V250,
+ NAMING_RHEL_9_0 = NAMING_V250 | NAMING_BRIDGE_MULTIFUNCTION_SLOT,
EXTRA_NET_NAMING_SCHEMES
diff --git a/src/udev/udev-builtin-net_id.c b/src/udev/udev-builtin-net_id.c
index 65e003eb15..673ed7a7ca 100644
--- a/src/udev/udev-builtin-net_id.c
+++ b/src/udev/udev-builtin-net_id.c
@@ -451,8 +451,15 @@ static int dev_pci_slot(sd_device *dev, const LinkInfo *info, NetNames *names) {
* devices that will try to claim the same index and that would create name
* collision. */
if (naming_scheme_has(NAMING_BRIDGE_NO_SLOT) && is_pci_bridge(hotplug_slot_dev)) {
- log_device_debug(dev, "Not using slot information because the PCI device is a bridge.");
- return 0;
+ if (naming_scheme_has(NAMING_BRIDGE_MULTIFUNCTION_SLOT) && !is_pci_multifunction(names->pcidev)) {
+ log_device_debug(dev, "Not using slot information because the PCI device associated with the hotplug slot is a bridge and the PCI device has single function.");
+ return 0;
+ }
+
+ if (!naming_scheme_has(NAMING_BRIDGE_MULTIFUNCTION_SLOT)) {
+ log_device_debug(dev, "Not using slot information because the PCI device is a bridge.");
+ return 0;
+ }
}
break;

View File

@ -0,0 +1,2 @@
[OOM]
DefaultMemoryPressureDurationSec=20s

View File

@ -0,0 +1,2 @@
[Slice]
ManagedOOMSwap=kill

View File

@ -0,0 +1,3 @@
[Service]
ManagedOOMMemoryPressure=kill
ManagedOOMMemoryPressureLimit=50%

51
SOURCES/20-grubby.install Executable file
View File

@ -0,0 +1,51 @@
#!/bin/bash
if [[ ! -x /sbin/new-kernel-pkg ]]; then
exit 0
fi
COMMAND="$1"
KERNEL_VERSION="$2"
BOOT_DIR_ABS="$3"
KERNEL_IMAGE="$4"
KERNEL_DIR="${KERNEL_IMAGE%/*}"
[[ "$KERNEL_VERSION" == *\+* ]] && flavor=-"${KERNEL_VERSION##*+}"
case "$COMMAND" in
add)
if [[ "${KERNEL_DIR}" != "/boot" ]]; then
for i in \
"$KERNEL_IMAGE" \
"$KERNEL_DIR"/System.map \
"$KERNEL_DIR"/config \
"$KERNEL_DIR"/zImage.stub \
"$KERNEL_DIR"/dtb \
; do
[[ -e "$i" ]] || continue
cp -aT "$i" "/boot/${i##*/}-${KERNEL_VERSION}"
command -v restorecon &>/dev/null && \
restorecon -R "/boot/${i##*/}-${KERNEL_VERSION}"
done
# hmac is .vmlinuz-<version>.hmac so needs a special treatment
i="$KERNEL_DIR/.${KERNEL_IMAGE##*/}.hmac"
if [[ -e "$i" ]]; then
cp -a "$i" "/boot/.${KERNEL_IMAGE##*/}-${KERNEL_VERSION}.hmac"
command -v restorecon &>/dev/null && \
restorecon "/boot/.${KERNEL_IMAGE##*/}-${KERNEL_VERSION}.hmac"
fi
fi
/sbin/new-kernel-pkg --package "kernel${flavor}" --install "$KERNEL_VERSION" || exit $?
/sbin/new-kernel-pkg --package "kernel${flavor}" --mkinitrd --dracut --depmod --update "$KERNEL_VERSION" || exit $?
/sbin/new-kernel-pkg --package "kernel${flavor}" --rpmposttrans "$KERNEL_VERSION" || exit $?
;;
remove)
/sbin/new-kernel-pkg --package "kernel${flavor+-$flavor}" --rminitrd --rmmoddep --remove "$KERNEL_VERSION" || exit $?
;;
*)
;;
esac
# skip other installation plugins, if we can't find a boot loader spec conforming setup
if ! [[ -d /boot/loader/entries || -L /boot/loader/entries ]]; then
exit 77
fi

View File

@ -0,0 +1,42 @@
# The ptrace system call is used for interprocess services,
# communication and introspection (like synchronisation, signaling,
# debugging, tracing and profiling) of processes.
#
# Usage of ptrace is restricted by normal user permissions. Normal
# unprivileged processes cannot use ptrace on processes that they
# cannot send signals to or processes that are running set-uid or
# set-gid. Nevertheless, processes running under the same uid will
# usually be able to ptrace one another.
#
# Fedora enables the Yama security mechanism which restricts ptrace
# even further. Sysctl setting kernel.yama.ptrace_scope can have one
# of the following values:
#
# 0 - Normal ptrace security permissions.
# 1 - Restricted ptrace. Only child processes plus normal permissions.
# 2 - Admin-only attach. Only executables with CAP_SYS_PTRACE.
# 3 - No attach. No process may call ptrace at all. Irrevocable.
#
# For more information see Documentation/security/Yama.txt in the
# kernel sources.
#
# The default is 1., which allows tracing of child processes, but
# forbids tracing of arbitrary processes. This allows programs like
# gdb or strace to work when the most common way of having the
# debugger start the debuggee is used:
# gdb /path/to/program ...
# Attaching to already running programs is NOT allowed:
# gdb -p ...
# This default setting is suitable for the common case, because it
# reduces the risk that one hacked process can be used to attack other
# processes. (For example, a hacked firefox process in a user session
# will not be able to ptrace the keyring process and extract passwords
# stored only in memory.)
#
# Developers and administrators might want to disable those protections
# to be able to attach debuggers to existing processes. Use
# sysctl kernel.yama.ptrace_scope=0
# for change the setting temporarily, or copy this file to
# /etc/sysctl.d/20-yama-ptrace.conf to set it for future boots.
kernel.yama.ptrace_scope = 0

16
SOURCES/inittab Normal file
View File

@ -0,0 +1,16 @@
# inittab is no longer used.
#
# ADDING CONFIGURATION HERE WILL HAVE NO EFFECT ON YOUR SYSTEM.
#
# Ctrl-Alt-Delete is handled by /usr/lib/systemd/system/ctrl-alt-del.target
#
# systemd uses 'targets' instead of runlevels. By default, there are two main targets:
#
# multi-user.target: analogous to runlevel 3
# graphical.target: analogous to runlevel 5
#
# To view current default target, run:
# systemctl get-default
#
# To set a default target, run:
# systemctl set-default TARGET.target

View File

@ -0,0 +1,3 @@
[suppress_file]
# This shared object is private to systemd
file_name_regexp=libsystemd-shared-.*.so

10
SOURCES/macros.sysusers Normal file
View File

@ -0,0 +1,10 @@
# RPM macros for packages creating system accounts
#
# Turn a sysusers.d file into macros specified by
# https://docs.fedoraproject.org/en-US/packaging-guidelines/UsersAndGroups/#_dynamic_allocation
%sysusers_requires_compat Requires(pre): shadow-utils
%sysusers_create_compat() \
%(%{_rpmconfigdir}/sysusers.generate-pre.sh %{?*}) \
%{nil}

101
SOURCES/purge-nobody-user Executable file
View File

@ -0,0 +1,101 @@
#!/bin/bash -eu
if [ $UID -ne 0 ]; then
echo "WARNING: This script needs to run as root to be effective"
exit 1
fi
export SYSTEMD_NSS_BYPASS_SYNTHETIC=1
if [ "${1:-}" = "--ignore-journal" ]; then
shift
ignore_journal=1
else
ignore_journal=0
fi
echo "Checking processes..."
if ps h -u 99 | grep .; then
echo "ERROR: ps reports processes with UID 99!"
exit 2
fi
echo "... not found"
echo "Checking UTMP..."
if w -h 199 | grep . ; then
echo "ERROR: w reports UID 99 as active!"
exit 2
fi
if w -h nobody | grep . ; then
echo "ERROR: w reports user nobody as active!"
exit 2
fi
echo "... not found"
echo "Checking the journal..."
if [ "$ignore_journal" = 0 ] && journalctl -q -b -n10 _UID=99 | grep . ; then
echo "ERROR: journalctl reports messages from UID 99 in current boot!"
exit 2
fi
echo "... not found"
echo "Looking for files in /etc, /run, /tmp, and /var..."
if find /etc /run /tmp /var -uid 99 -print | grep -m 10 . ; then
echo "ERROR: found files belonging to UID 99"
exit 2
fi
echo "... not found"
echo "Checking if nobody is defined correctly..."
if getent passwd nobody |
grep '^nobody:[x*]:65534:65534:.*:/:/sbin/nologin';
then
echo "OK, nothing to do."
exit 0
else
echo "NOTICE: User nobody is not defined correctly"
fi
echo "Checking if nfsnobody or something else is using the uid..."
if getent passwd 65534 | grep . ; then
echo "NOTICE: will have to remove this user"
else
echo "... not found"
fi
if [ "${1:-}" = "-x" ]; then
if getent passwd nobody >/dev/null; then
# this will remove both the user and the group.
( set -x
userdel nobody
)
fi
if getent passwd 65534 >/dev/null; then
# Make sure the uid is unused. This should free gid too.
name="$(getent passwd 65534 | cut -d: -f1)"
( set -x
userdel "$name"
)
fi
if grep -qE '^(passwd|group):.*\bsss\b' /etc/nsswitch.conf; then
echo "Sleeping, so sss can catch up"
sleep 3
fi
if getent group 65534; then
# Make sure the gid is unused, even if uid wasn't.
name="$(getent group 65534 | cut -d: -f1)"
( set -x
groupdel "$name"
)
fi
# systemd-sysusers uses the same gid and uid
( set -x
systemd-sysusers --inline 'u nobody 65534 "Kernel Overflow User" / /sbin/nologin'
)
else
echo "Pass '-x' to perform changes"
fi

14
SOURCES/rc.local Normal file
View File

@ -0,0 +1,14 @@
#!/bin/bash
# THIS FILE IS ADDED FOR COMPATIBILITY PURPOSES
#
# It is highly advisable to create own systemd services or udev rules
# to run scripts during boot instead of using this file.
#
# In contrast to previous versions due to parallel execution during boot
# this script will NOT be run after all other services.
#
# Please note that you must run 'chmod +x /etc/rc.d/rc.local' to ensure
# that this script will be executed during boot.
touch /var/lock/subsys/local

163
SOURCES/split-files.py Normal file
View File

@ -0,0 +1,163 @@
import re, sys, os, collections
buildroot = sys.argv[1]
known_files = sys.stdin.read().splitlines()
known_files = {line.split()[-1]:line for line in known_files}
def files(root):
os.chdir(root)
todo = collections.deque(['.'])
while todo:
n = todo.pop()
files = os.scandir(n)
for file in files:
yield file
if file.is_dir() and not file.is_symlink():
todo.append(file)
o_libs = open('.file-list-libs', 'w')
o_udev = open('.file-list-udev', 'w')
o_pam = open('.file-list-pam', 'w')
o_rpm_macros = open('.file-list-rpm-macros', 'w')
o_devel = open('.file-list-devel', 'w')
o_container = open('.file-list-container', 'w')
o_networkd = open('.file-list-networkd', 'w')
o_resolved = open('.file-list-resolved', 'w')
o_oomd = open('.file-list-oomd', 'w')
o_remote = open('.file-list-remote', 'w')
o_tests = open('.file-list-tests', 'w')
o_standalone_tmpfiles = open('.file-list-standalone-tmpfiles', 'w')
o_standalone_sysusers = open('.file-list-standalone-sysusers', 'w')
o_rest = open('.file-list-rest', 'w')
for file in files(buildroot):
n = file.path[1:]
if re.match(r'''/usr/(share|include)$|
/usr/share/man(/man.|)$|
/usr/share/zsh(/site-functions|)$|
/usr/share/dbus-1$|
/usr/share/dbus-1/system.d$|
/usr/share/dbus-1/(system-|)services$|
/usr/share/polkit-1(/actions|/rules.d|)$|
/usr/share/pkgconfig$|
/usr/share/bash-completion(/completions|)$|
/usr(/lib|/lib64|/bin|/sbin|)$|
/usr/lib.*/(security|pkgconfig)$|
/usr/lib/rpm(/macros.d|)$|
/usr/lib/firewalld(/services|)$|
/usr/share/(locale|licenses|doc)| # no $
/etc(/pam\.d|/xdg|/X11|/X11/xinit|/X11.*\.d|)$|
/etc/(dnf|dnf/protected.d)$|
/usr/(src|lib/debug)| # no $
/run$|
/var(/cache|/log|/lib|/run|)$
''', n, re.X):
continue
if '/security/pam_' in n or '/man8/pam_' in n:
o = o_pam
elif '/rpm/' in n:
o = o_rpm_macros
elif '/usr/lib/systemd/tests' in n:
o = o_tests
elif re.search(r'/lib.*\.pc|/man3/|/usr/include|(?<!/libsystemd-shared-...).so$', n):
o = o_devel
elif re.search(r'''journal-(remote|gateway|upload)|
systemd-remote\.conf|
/usr/share/systemd/gatewayd|
/var/log/journal/remote
''', n, re.X):
o = o_remote
elif re.search(r'''mymachines|
machinectl|
systemd-nspawn|
import-pubring.gpg|
systemd-(machined|import|pull)|
/machine.slice|
/machines.target|
var-lib-machines.mount|
org.freedesktop.(import|machine)1
''', n, re.X):
o = o_container
elif re.search(r'''/usr/lib/systemd/network/80-|
networkd|
networkctl|
org.freedesktop.network1
''', n, re.X):
o = o_networkd
elif re.search(r'''resolved|
resolvectl|
resolvconf|
org.freedesktop.resolve1|
systemd-resolve|
nss-resolve
''', n, re.X):
o = o_resolved
elif '.so.' in n:
o = o_libs
elif re.search(r'''udev(?!\.pc)|
hwdb|
bootctl|
sd-boot|systemd-boot\.|loader.conf|
bless-boot|
boot-system-token|
kernel-install|
vconsole|
backlight|
rfkill|
random-seed|
modules-load|
timesync|
cryptenroll|
cryptsetup|
kmod|
quota|
pstore|
sleep|suspend|hibernate|
systemd-tmpfiles-setup-dev|
network/99-default.link|
growfs|makefs|makeswap|mkswap|
fsck|
repart|
gpt-auto|
volatile-root|
verity-setup|
remount-fs|
/boot$|
/boot/efi|
/kernel/|
/kernel$|
/modprobe.d
''', n, re.X):
o = o_udev
elif re.search(r'''10-oomd-.*defaults\.conf|
oomd\.conf|
oomctl|
org.freedesktop.oom1|
systemd-oomd
''', n, re.X):
o = o_oomd
elif n.endswith('.standalone'):
if 'tmpfiles' in n:
o = o_standalone_tmpfiles
elif 'sysusers' in n:
o = o_standalone_sysusers
else:
assert False, 'Found .standalone not belonging to known packages'
else:
o = o_rest
if n in known_files:
prefix = ' '.join(known_files[n].split()[:-1])
if prefix:
prefix += ' '
elif file.is_dir() and not file.is_symlink():
prefix = '%dir '
elif 'README' in n:
prefix = '%doc '
elif n.startswith('/etc'):
prefix = '%config(noreplace) '
else:
prefix = ''
suffix = '*' if '/man/' in n else ''
print(f'{prefix}{n}{suffix}', file=o)

View File

@ -0,0 +1,10 @@
# sysctl settings are defined through files in
# /usr/lib/sysctl.d/, /run/sysctl.d/, and /etc/sysctl.d/.
#
# Vendors settings live in /usr/lib/sysctl.d/.
# To override a whole file, create a new file with the same in
# /etc/sysctl.d/ and put new settings there. To override
# only specific settings, add a file with a lexically later
# name in /etc/sysctl.d/ and put new settings there.
#
# For more information, see sysctl.conf(5) and sysctl.d(5).

View File

@ -0,0 +1,6 @@
<?xml version="1.0" encoding="utf-8"?>
<service>
<short>systemd-journal-gatewayd</short>
<description>Journal Gateway Service</description>
<port protocol="tcp" port="19531"/>
</service>

View File

@ -0,0 +1,6 @@
<?xml version="1.0" encoding="utf-8"?>
<service>
<short>systemd-journal-remote</short>
<description>Journal Remote Sink</description>
<port protocol="tcp" port="19532"/>
</service>

View File

@ -0,0 +1,3 @@
[Unit]
# https://bugzilla.redhat.com/show_bug.cgi?id=1378974#c17
RefuseManualStop=true

10
SOURCES/systemd-user Normal file
View File

@ -0,0 +1,10 @@
# This file is part of systemd.
#
# Used by systemd --user instances.
account include system-auth
session required pam_selinux.so close
session required pam_selinux.so nottys open
session required pam_loginuid.so
session include system-auth

2
SOURCES/sysusers.attr Normal file
View File

@ -0,0 +1,2 @@
%__sysusers_provides %{_rpmconfigdir}/sysusers.prov
%__sysusers_path ^%{_sysusersdir}/.*\\.conf$

View File

@ -0,0 +1,79 @@
#!/bin/bash
# This script turns sysuser.d files into scriptlets mandated by Fedora
# packaging guidelines. The general idea is to define users using the
# declarative syntax but to turn this into traditional scriptlets.
user() {
user="$1"
uid="$2"
desc="$3"
group="$4"
home="$5"
shell="$6"
[ "$desc" = '-' ] && desc=
[ "$home" = '-' -o "$home" = '' ] && home=/
[ "$shell" = '-' -o "$shell" = '' ] && shell=/sbin/nologin
if [ "$uid" = '-' -o "$uid" = '' ]; then
cat <<EOF
getent passwd '$user' >/dev/null || \\
useradd -r -g '$group' -d '$home' -s '$shell' -c '$desc' '$user'
EOF
else
cat <<EOF
if ! getent passwd '$user' >/dev/null ; then
if ! getent passwd '$uid' >/dev/null ; then
useradd -r -u '$uid' -g '$group' -d '$home' -s /sbin/nologin -c '$desc' '$user'
else
useradd -r -g '$group' -d '$home' -s /sbin/nologin -c '$desc' '$user'
fi
fi
EOF
fi
}
group() {
group="$1"
gid="$2"
if [ "$gid" = '-' ]; then
cat <<EOF
getent group '$group' >/dev/null || groupadd -r '$group'
EOF
else
cat <<EOF
getent group '$group' >/dev/null || groupadd -f -g '$gid' -r '$group'
EOF
fi
}
parse() {
while read line || [ "$line" ]; do
[ "${line:0:1}" = '#' -o "${line:0:1}" = ';' ] && continue
line="${line## *}"
[ -z "$line" ] && continue
eval arr=( $line )
case "${arr[0]}" in
('u')
group "${arr[1]}" "${arr[2]}"
user "${arr[1]}" "${arr[2]}" "${arr[3]}" "${arr[1]}" "${arr[4]}" "${arr[5]}"
# TODO: user:group support
;;
('g')
group "${arr[1]}" "${arr[2]}"
;;
('m')
group "${arr[2]}" "-"
user "${arr[1]}" "-" "" "${arr[2]}"
;;
esac
done
}
for fn in "$@"; do
[ -e "$fn" ] || continue
echo "# generated from $(basename $fn)"
parse < "$fn"
done

28
SOURCES/sysusers.prov Executable file
View File

@ -0,0 +1,28 @@
#!/bin/bash
parse() {
while read line; do
[ "${line:0:1}" = '#' -o "${line:0:1}" = ';' ] && continue
line="${line## *}"
[ -z "$line" ] && continue
set -- $line
case "$1" in
('u')
echo "user($2)"
echo "group($2)"
# TODO: user:group support
;;
('g')
echo "group($2)"
;;
('m')
echo "user($2)"
echo "group($3)"
;;
esac
done
}
while read fn; do
parse < "$fn"
done

89
SOURCES/triggers.systemd Normal file
View File

@ -0,0 +1,89 @@
# -*- Mode: rpm-spec; indent-tabs-mode: nil -*- */
# SPDX-License-Identifier: LGPL-2.1-or-later
#
# This file is part of systemd.
#
# Copyright 2018 Neal Gompa
# The contents of this are an example to be copied into systemd.spec.
#
# Minimum rpm version supported: 4.14.0
%transfiletriggerin -P 900900 -- /usr/lib/systemd/system /etc/systemd/system
# This script will run after any package is initially installed or
# upgraded. We care about the case where a package is initially
# installed, because other cases are covered by the *un scriptlets,
# so sometimes we will reload needlessly.
if test -d "/run/systemd/system"; then
%{_bindir}/systemctl daemon-reload || :
%{_bindir}/systemctl reload-or-restart --marked || :
fi
%transfiletriggerpostun -P 1000100 -- /usr/lib/systemd/system /etc/systemd/system
# On removal, we need to run daemon-reload after any units have been
# removed.
# On upgrade, we need to run daemon-reload after any new unit files
# have been installed, but before %postun scripts in packages get
# executed.
if test -d "/run/systemd/system"; then
%{_bindir}/systemctl daemon-reload || :
fi
%transfiletriggerpostun -P 10000 -- /usr/lib/systemd/system /etc/systemd/system
# We restart remaining services that should be restarted here.
if test -d "/run/systemd/system"; then
%{_bindir}/systemctl reload-or-restart --marked || :
fi
%transfiletriggerin -P 1000700 -- /usr/lib/sysusers.d
# This script will process files installed in /usr/lib/sysusers.d to create
# specified users automatically. The priority is set such that it
# will run before the tmpfiles file trigger.
if test -d "/run/systemd/system"; then
%{_bindir}/systemd-sysusers || :
fi
%transfiletriggerin -P 1000700 udev -- /usr/lib/udev/hwdb.d
# This script will automatically invoke hwdb update if files have been
# installed or updated in /usr/lib/udev/hwdb.d.
if test -d "/run/systemd/system"; then
%{_bindir}/systemd-hwdb update || :
fi
%transfiletriggerin -P 1000700 -- /usr/lib/systemd/catalog
# This script will automatically invoke journal catalog update if files
# have been installed or updated in /usr/lib/systemd/catalog.
if test -d "/run/systemd/system"; then
%{_bindir}/journalctl --update-catalog || :
fi
%transfiletriggerin -P 1000700 -- /usr/lib/binfmt.d
# This script will automatically apply binfmt rules if files have been
# installed or updated in /usr/lib/binfmt.d.
if test -d "/run/systemd/system"; then
# systemd-binfmt might fail if binfmt_misc kernel module is not loaded
# during install
/usr/lib/systemd/systemd-binfmt || :
fi
%transfiletriggerin -P 1000600 -- /usr/lib/tmpfiles.d
# This script will process files installed in /usr/lib/tmpfiles.d to create
# tmpfiles automatically. The priority is set such that it will run
# after the sysusers file trigger, but before any other triggers.
if test -d "/run/systemd/system"; then
%{_bindir}/systemd-tmpfiles --create || :
fi
%transfiletriggerin -P 1000600 udev -- /usr/lib/udev/rules.d
# This script will automatically update udev with new rules if files
# have been installed or updated in /usr/lib/udev/rules.d.
if test -e /run/udev/control; then
%{_bindir}/udevadm control --reload || :
fi
%transfiletriggerin -P 1000500 -- /usr/lib/sysctl.d
# This script will automatically apply sysctl rules if files have been
# installed or updated in /usr/lib/sysctl.d.
if test -d "/run/systemd/system"; then
/usr/lib/systemd/systemd-sysctl || :
fi

View File

@ -0,0 +1,2 @@
systemd
systemd-udev

3236
SPECS/systemd.spec Normal file

File diff suppressed because it is too large Load Diff