Split off systemd-resolved to the sub-package

I've also deleted some migration related triggers and delete scripts
that reconfigure the system to use resolved. On RHEL-9 we want users to
enable resolved (change resolve.conf and add nss-resolve) explicitely.

Resolves: #1957294

split-files.py

@@ -22,6 +22,7 @@ o_rpm_macros = open('.file-list-rpm-macros', 'w')
 o_devel = open('.file-list-devel', 'w')
 o_container = open('.file-list-container', 'w')
 o_networkd = open('.file-list-networkd', 'w')
+o_resolved = open('.file-list-resolved', 'w')
 o_oomd_defaults = open('.file-list-oomd-defaults', 'w')
 o_remote = open('.file-list-remote', 'w')
 o_tests = open('.file-list-tests', 'w')
@@ -82,6 +83,13 @@ for file in files(buildroot):
                        org.freedesktop.network1
     ''', n, re.X):
         o = o_networkd
+    elif re.search(r'''resolved|
+                       resolvectl|
+                       org.freedesktop.resolve1|
+                       systemd-resolve|
+                       nss-resolve
+    ''', n, re.X):
+        o = o_resolved
     elif '.so.' in n:
         o = o_libs
     elif re.search(r'''udev(?!\.pc)|

systemd.spec

@@ -64,9 +64,6 @@ Source22:       sysusers.attr
 Source23:       sysusers.prov
 Source24:       sysusers.generate-pre.sh
 
-# Disable resolved caching to workaround #1933433
-Source100:      nocache.conf
-
 %if 0
 GIT_DIR=../../src/systemd/.git git format-patch-ab --no-signature -M -N v235..v235-stable
 i=1; for j in 00*patch; do printf "Patch%04d:      %s\n" $i $j; i=$((i+1));done|xclip
@@ -341,6 +338,17 @@ systemd-networkd is a system service that manages networks. It detects
 and configures network devices as they appear, as well as creating virtual
 network devices.
 
+%package resolved
+Summary:        System daemon that provides network name resolution to local applications
+Requires:       %{name}%{?_isa} = %{version}-%{release}
+License:        LGPLv2+
+
+%description resolved
+systemd-resolved is a system service that provides network name
+resolution to local applications. It implements a caching and
+validating DNS/DNSSEC stub resolver, as well as an LLMNR and
+MulticastDNS resolver and responder.
+
 %package oomd-defaults
 Summary:        Configuration files for systemd-oomd
 Requires:       %{name}%{?_isa} = %{version}-%{release}
@@ -539,9 +547,6 @@ touch %{buildroot}%{_localstatedir}/lib/private/systemd/journal-upload/state
 # Install yum protection fragment
 install -Dm0644 %{SOURCE4} %{buildroot}/etc/dnf/protected.d/systemd.conf
 
-# Install resolved cache disable fragment
-install -Dm0644 -t %{buildroot}%{pkgdir}/resolved.conf.d %{SOURCE100}
-
 install -Dm0644 -t %{buildroot}/usr/lib/firewalld/services/ %{SOURCE7} %{SOURCE8}
 
 # Restore systemd-user pam config from before "removal of Fedora-specific bits"
@@ -614,10 +619,6 @@ python3 %{SOURCE2} %buildroot <<EOF
 %ghost %attr(0700,root,root) %dir /var/log/private
 EOF
 
-%check
-%if %{with tests}
-meson test -C %{_vpath_builddir} -t 6 --print-errorlogs
-%endif
 
 #############################################################################################
 
@@ -636,9 +637,6 @@ getent group systemd-journal &>/dev/null || groupadd -r -g 190 systemd-journal 2
 getent group systemd-coredump &>/dev/null || groupadd -r systemd-coredump 2>&1 || :
 getent passwd systemd-coredump &>/dev/null || useradd -r -l -g systemd-coredump -d / -s /sbin/nologin -c "systemd Core Dumper" systemd-coredump &>/dev/null || :
 
-getent group systemd-resolve &>/dev/null || groupadd -r -g 193 systemd-resolve 2>&1 || :
-getent passwd systemd-resolve &>/dev/null || useradd -r -u 193 -l -g systemd-resolve -d / -s /sbin/nologin -c "systemd Resolver" systemd-resolve &>/dev/null || :
-
 getent group systemd-oom &>/dev/null || groupadd -r systemd-oom 2>&1 || :
 getent passwd systemd-oom &>/dev/null || useradd -r -l -g systemd-oom -d / -s /sbin/nologin -c "systemd Userspace OOM Killer" systemd-oom &>/dev/null || :
 
@@ -712,25 +710,6 @@ setfacl -Rnm g:wheel:rx,d:g:wheel:rx,g:adm:rx,d:g:adm:rx /var/log/journal/ &>/de
 systemctl preset-all &>/dev/null || :
 systemctl --global preset-all &>/dev/null || :
 
-# Create /etc/resolv.conf symlink.
-# We would also create it using tmpfiles, but let's do this here
-# too before NetworkManager gets a chance. (systemd-tmpfiles invocation above
-# does not do this, because it's marked with ! and we don't specify --boot.)
-# https://bugzilla.redhat.com/show_bug.cgi?id=1873856
-#
-# If systemd is not running, don't overwrite the symlink because that
-# will immediately break DNS resolution, since systemd-resolved is
-# also not running (https://bugzilla.redhat.com/show_bug.cgi?id=1891847).
-#
-# Also don't creat the symlink to the stub when the stub is disabled (#1891847 again).
-if test -d /run/systemd/system/ &&
-   systemctl -q is-enabled systemd-resolved.service &>/dev/null &&
-   ! mountpoint /etc/resolv.conf &>/dev/null &&
-   ! systemd-analyze cat-config systemd/resolved.conf 2>/dev/null | \
-        grep -qE '^DNSStubListener\s*=\s*([nN][oO]?|[fF]|[fF][aA][lL][sS][eE]|0|[oO][fF][fF])$'; then
-  ln -fsv ../run/systemd/resolve/stub-resolv.conf /etc/resolv.conf
-fi
-
 %postun
 if [ $1 -eq 1 ]; then
    [ -w %{_localstatedir} ] && journalctl --update-catalog || :
@@ -739,25 +718,6 @@ fi
 
 %systemd_postun_with_restart systemd-timedated.service systemd-portabled.service systemd-hostnamed.service systemd-journald.service systemd-localed.service systemd-oomd.service
 
-# FIXME: systemd-logind.service is excluded (https://github.com/systemd/systemd/pull/17558)
-# FIXME: user@*.service needs to be restarted, but using systemctl --user daemon-reexec
-
-%triggerun -- systemd < 246.1-1
-# This is for upgrades from previous versions before systemd-resolved became the default.
-systemctl --no-reload preset systemd-resolved.service &>/dev/null || :
-
-if systemctl -q is-enabled systemd-resolved.service &>/dev/null; then
-  systemctl -q is-enabled NetworkManager.service 2>/dev/null && \
-  ! test -L /etc/resolv.conf 2>/dev/null && \
-  ! mountpoint /etc/resolv.conf &>/dev/null && \
-  grep -q 'Generated by NetworkManager' /etc/resolv.conf 2>/dev/null && \
-  echo -e '/etc/resolv.conf was generated by NetworkManager.\nRemoving it to let systemd-resolved manage this file.' && \
-  mv -v /etc/resolv.conf /etc/resolv.conf.orig-with-nm && \
-  ln -sv ../run/systemd/resolve/stub-resolv.conf /etc/resolv.conf 2>/dev/null || :
-
-  systemctl start systemd-resolved.service &>/dev/null || :
-fi
-
 %triggerpostun -- systemd < 247.3-2
 # This is for upgrades from previous versions before oomd-defaults is available.
 # We use %%triggerpostun here because rpm doesn't allow a second %%triggerun with
@@ -774,18 +734,6 @@ function mod_nss() {
         sed -i.bak -r -e '
                 s/^(passwd|group):(.*)/\1:\2 systemd/
                 ' "$1" &>/dev/null || :
-
-        # Add nss-resolve to hosts
-        if grep -E -q '^hosts:.* resolve' "$1"; then
-            sed -i.bak -r -e '
-                s/^(hosts):(.*) files( .*) myhostname dns/\1:\2 files myhostname\3 dns/
-                ' "$1" &>/dev/null || :
-
-        else
-            sed -i.bak -r -e '
-                s/^(hosts):(.*) files( mdns4_minimal .NOTFOUND=return.)? dns myhostname/\1:\2 files myhostname\3 resolve [!UNAVAIL=return] dns/
-                ' "$1" &>/dev/null || :
-        fi
     fi
 }
 
@@ -891,6 +839,19 @@ fi
 %preun networkd
 %systemd_preun systemd-networkd.service systemd-networkd-wait-online.service
 
+%pre resolved
+getent group systemd-resolve &>/dev/null || groupadd -r -g 193 systemd-resolve 2>&1 || :
+getent passwd systemd-resolve &>/dev/null || useradd -r -u 193 -l -g systemd-resolve -d / -s /sbin/nologin -c "systemd Resolver" systemd-resolve &>/dev/null || :
+
+%preun resolved
+%systemd_preun systemd-resolved.service
+
+%post resolved
+%systemd_post systemd-resolved.service
+
+%postun resolved
+%systemd_postun_with_restart systemd-resolved.service
+
 %global _docdir_fmt %{name}
 
 %files -f %{name}.lang -f .file-list-rest
@@ -931,6 +892,8 @@ fi
 
 %files networkd -f .file-list-networkd
 
+%files resolved -f .file-list-resolved
+
 %files oomd-defaults -f .file-list-oomd-defaults
 
 %files standalone-tmpfiles -f .file-list-standalone-tmpfiles