rpms/systemd
7
0
Fork 0
Code Issues Pull Requests Releases Activity

import systemd-249-9.el9

Browse Source
This commit is contained in:
CentOS Sources 2021-12-07 14:23:34 -05:00 committed by Stepan Oksanichenko
parent dce7cb8d0f
commit becf92d6ae
33 changed files with 737 additions and 121 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

25
SOURCES/0018-Really-don-t-enable-systemd-journald-audit.socket.patch Normal file
View File

@ -0,0 +1,25 @@
From bdea01b16bedae5fdba3e9a12a864087cfb4b040 Mon Sep 17 00:00:00 2001
From: David Tardon <dtardon@redhat.com>
Date: Wed, 25 Aug 2021 16:03:04 +0200
Subject: [PATCH] Really don't enable systemd-journald-audit.socket
RHEL-only
Resolves: #1973856
---
units/systemd-journald.service.in | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/units/systemd-journald.service.in b/units/systemd-journald.service.in
index d981273b07..f190dff5fb 100644
--- a/units/systemd-journald.service.in
+++ b/units/systemd-journald.service.in
@@ -33,7 +33,7 @@ RestrictRealtime=yes
RestrictSUIDSGID=yes
RuntimeDirectory=systemd/journal
RuntimeDirectoryPreserve=yes
-Sockets=systemd-journald.socket systemd-journald-dev-log.socket systemd-journald-audit.socket
+Sockets=systemd-journald.socket systemd-journald-dev-log.socket
StandardOutput=null
SystemCallArchitectures=native
SystemCallErrorNumber=EPERM

4
SOURCES/0019-rules-add-elevator-kernel-command-line-parameter.patch
View File

@ -1,4 +1,4 @@
From 7938e1e61c57441798d81124fd67b2e9bdd5e525 Mon Sep 17 00:00:00 2001
From f583f3db3533bb2b3db1646d6afa74613fca46a6 Mon Sep 17 00:00:00 2001
From: Lukas Nykryn <lnykryn@redhat.com>
Date: Tue, 12 Feb 2019 16:58:16 +0100
Subject: [PATCH] rules: add elevator= kernel command line parameter
@ -8,7 +8,7 @@ it for rhel8 via udev rule.
RHEL-only
Resolves: #1998190
Resolves: #2003002
---
rules.d/40-elevator.rules | 20 ++++++++++++++++++++
rules.d/meson.build | 1 +

4
SOURCES/0018-boot-don-t-build-bootctl-when-Dgnu-efi-false-is-set.patch → SOURCES/0020-boot-don-t-build-bootctl-when-Dgnu-efi-false-is-set.patch
View File

@ -1,11 +1,11 @@
From 7cea77bd5712260277e451d34908f01f14c467c4 Mon Sep 17 00:00:00 2001
From 9c67a1570d89ff462cb51f4b2a6d2ed0af8e2e9c Mon Sep 17 00:00:00 2001
From: Michal Sekletar <msekleta@redhat.com>
Date: Mon, 30 Aug 2021 18:38:09 +0200
Subject: [PATCH] boot: don't build bootctl when -Dgnu-efi=false is set
(cherry picked from commit fbe3a414e1d8f7b05dccf3d24d4fa475eb9c6bc9)
Resolves: #1972223
Resolves: #2003130
---
meson.build | 8 +++++---
shell-completion/bash/meson.build | 2 +-

4
SOURCES/0034-unit-install-the-systemd-bless-boot.service-only-if-.patch → SOURCES/0021-unit-install-the-systemd-bless-boot.service-only-if-.patch
View File

@ -1,4 +1,4 @@
From aef14d77e157fd0748ef664c83e55fd3880ea787 Mon Sep 17 00:00:00 2001
From 8f08b876d44d96b3f255ac5275a1daa3ccf9a801 Mon Sep 17 00:00:00 2001
From: Frantisek Sumsal <frantisek@sumsal.cz>
Date: Tue, 21 Sep 2021 22:47:42 +0200
Subject: [PATCH] unit: install the systemd-bless-boot.service only if we have
@ -8,7 +8,7 @@ Follow-up to #20591.
(cherry picked from commit 220261ef940a126588b20a1765a2501811473839)
Related: #1972223
Related: #2003130
---
units/meson.build | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)

4
SOURCES/0035-units-don-t-enable-tmp.mount-statically-in-local-fs..patch → SOURCES/0022-units-don-t-enable-tmp.mount-statically-in-local-fs..patch
View File

@ -1,11 +1,11 @@
From 532a10738745716620ef6af5813bc9c81c235f07 Mon Sep 17 00:00:00 2001
From ab1ecca56e5a1cc5ad120958b1bb94c7854f3795 Mon Sep 17 00:00:00 2001
From: Michal Sekletar <msekleta@redhat.com>
Date: Wed, 22 Sep 2021 14:38:00 +0200
Subject: [PATCH] units: don't enable tmp.mount statically in local-fs.target
RHEL-only
Related: #1959826
Related: #2000927
---
units/meson.build | 3 +--
1 file changed, 1 insertion(+), 2 deletions(-)

4
SOURCES/0036-pid1-bump-DefaultTasksMax-to-80-of-the-kernel-pid.ma.patch → SOURCES/0023-pid1-bump-DefaultTasksMax-to-80-of-the-kernel-pid.ma.patch
View File

@ -1,4 +1,4 @@
From 9ac22ee1e9d1ae32ff2d824e5a0e763a18b36d7e Mon Sep 17 00:00:00 2001
From 50a744391dbb1130d38b44700ae7e6649fcc9ffb Mon Sep 17 00:00:00 2001
From: rpm-build <rpm-build>
Date: Wed, 1 Aug 2018 13:19:39 +0200
Subject: [PATCH] pid1: bump DefaultTasksMax to 80% of the kernel pid.max value
@ -7,7 +7,7 @@ This should be hopefully high enough even for the very big deployments.
RHEL-only
Resolves: #1997200
Resolves: #2003031
---
man/systemd-system.conf.xml | 4 ++--
src/core/main.c | 2 +-

4
SOURCES/0020-sd-device-introduce-device_has_devlink.patch → SOURCES/0024-sd-device-introduce-device_has_devlink.patch
View File

@ -1,11 +1,11 @@
From 76aebe6fec5894b05114fdf1e8aee54139bef69e Mon Sep 17 00:00:00 2001
From 9c46b3e584fbb7be0a9e93471d30f2885bd194c9 Mon Sep 17 00:00:00 2001
From: Yu Watanabe <watanabe.yu+github@gmail.com>
Date: Wed, 1 Sep 2021 09:22:15 +0900
Subject: [PATCH] sd-device: introduce device_has_devlink()
(cherry picked from commit b881ce16b9ccae4c3089c82e2ea1781cd9773a4f)
Related: #1977994
Related: #2005024
---
src/libsystemd/sd-device/device-private.h | 1 +
src/libsystemd/sd-device/sd-device.c | 7 +++++++

4
SOURCES/0021-udev-node-split-out-permission-handling-from-udev_no.patch → SOURCES/0025-udev-node-split-out-permission-handling-from-udev_no.patch
View File

@ -1,4 +1,4 @@
From acf81f97412be44d60be03a0a2e3ca62f4a5146b Mon Sep 17 00:00:00 2001
From a4fba2d79634d660ed2014e18cb85eea090b6413 Mon Sep 17 00:00:00 2001
From: Yu Watanabe <watanabe.yu+github@gmail.com>
Date: Wed, 1 Sep 2021 09:24:15 +0900
Subject: [PATCH] udev-node: split out permission handling from udev_node_add()
@ -7,7 +7,7 @@ And then merge udev_node_add() and udev_node_update_old_links().
(cherry picked from commit 2f48561e0db3cd63f65e9311b4d69282b4ac605d)
Related: #1977994
Related: #2005024
---
src/udev/udev-event.c | 9 +-
src/udev/udev-node.c | 204 +++++++++++++++++++-----------------------

4
SOURCES/0022-udev-node-stack-directory-must-exist-when-adding-dev.patch → SOURCES/0026-udev-node-stack-directory-must-exist-when-adding-dev.patch
View File

@ -1,4 +1,4 @@
From 18d2fb228bc155fc357262ec2dc5713318bab453 Mon Sep 17 00:00:00 2001
From 506dc32b2428936d67e9cf1a034d6b63dbc1cbb0 Mon Sep 17 00:00:00 2001
From: Yu Watanabe <watanabe.yu+github@gmail.com>
Date: Wed, 1 Sep 2021 04:14:42 +0900
Subject: [PATCH] udev-node: stack directory must exist when adding device node
@ -6,7 +6,7 @@ Subject: [PATCH] udev-node: stack directory must exist when adding device node
(cherry picked from commit 46070dbf26435ba0def099121f46a6253f3f19b6)
Related: #1977994
Related: #2005024
---
src/udev/udev-node.c | 11 ++++++-----
1 file changed, 6 insertions(+), 5 deletions(-)

4
SOURCES/0023-udev-node-save-information-about-device-node-and-pri.patch → SOURCES/0027-udev-node-save-information-about-device-node-and-pri.patch
View File

@ -1,4 +1,4 @@
From 9c68b5675ffd11f2a3f9123446b54c2d0eea4682 Mon Sep 17 00:00:00 2001
From 065209fc7a53d6f296f7fffd261f0a92fddc4485 Mon Sep 17 00:00:00 2001
From: Yu Watanabe <watanabe.yu+github@gmail.com>
Date: Wed, 1 Sep 2021 04:16:21 +0900
Subject: [PATCH] udev-node: save information about device node and priority in
@ -14,7 +14,7 @@ without parsing the files.
(cherry picked from commit 377a83f0d80376456d9be203796f66f543a8b943)
Related: #1977994
Related: #2005024
---
src/udev/udev-node.c | 172 ++++++++++++++++++++++++++++++-------------
1 file changed, 121 insertions(+), 51 deletions(-)

4
SOURCES/0024-udev-node-always-update-timestamp-of-stack-directory.patch → SOURCES/0028-udev-node-always-update-timestamp-of-stack-directory.patch
View File

@ -1,4 +1,4 @@
From 16a6007cc8881ef19cc97de676d3b2b36b2def82 Mon Sep 17 00:00:00 2001
From a13bd62f6cb8332864ed3566fdf51eedfe240043 Mon Sep 17 00:00:00 2001
From: Yu Watanabe <watanabe.yu+github@gmail.com>
Date: Wed, 1 Sep 2021 12:57:40 +0900
Subject: [PATCH] udev-node: always update timestamp of stack directory
@ -7,7 +7,7 @@ Please see the comments in the code.
(cherry picked from commit 6df797f75fa08bb1a9e657001229bd47903e6174)
Related: #1977994
Related: #2005024
---
src/udev/udev-node.c | 90 ++++++++++++++++++++++++++++++++++++++++++--
1 file changed, 87 insertions(+), 3 deletions(-)

4
SOURCES/0025-udev-node-assume-no-new-claim-to-a-symlink-if-run-ud.patch → SOURCES/0029-udev-node-assume-no-new-claim-to-a-symlink-if-run-ud.patch
View File

@ -1,4 +1,4 @@
From 18936c8ee21fabb2036b1849a4bb7f5b64bee897 Mon Sep 17 00:00:00 2001
From cf49a46c165619a0480d361a0afebb89e998f61c Mon Sep 17 00:00:00 2001
From: Yu Watanabe <watanabe.yu+github@gmail.com>
Date: Thu, 2 Sep 2021 06:58:59 +0900
Subject: [PATCH] udev-node: assume no new claim to a symlink if
@ -11,7 +11,7 @@ unconditionally.
(cherry picked from commit 8f27311eb2aec2411d1fb7d62e6c9d75d21ae8df)
Related: #1977994
Related: #2005024
---
src/udev/udev-node.c | 5 -----
1 file changed, 5 deletions(-)

4
SOURCES/0026-udev-node-always-atomically-create-symlink-to-device.patch → SOURCES/0030-udev-node-always-atomically-create-symlink-to-device.patch
View File

@ -1,4 +1,4 @@
From 323f687e53737ccf7687482c31690374da90d8e7 Mon Sep 17 00:00:00 2001
From 1561b9e2c9ea779ab611f52fd8b4eef616896e09 Mon Sep 17 00:00:00 2001
From: Yu Watanabe <watanabe.yu+github@gmail.com>
Date: Wed, 1 Sep 2021 02:20:33 +0900
Subject: [PATCH] udev-node: always atomically create symlink to device node
@ -14,7 +14,7 @@ conflicts between the workers.
(cherry picked from commit 242d39ebc1391f4734f6e63ff13764de92bc5f70)
Related: #1977994
Related: #2005024
---
src/udev/udev-node.c | 42 +++++++++---------------------------------
1 file changed, 9 insertions(+), 33 deletions(-)

4
SOURCES/0027-udev-node-check-stack-directory-change-even-if-devli.patch → SOURCES/0031-udev-node-check-stack-directory-change-even-if-devli.patch
View File

@ -1,4 +1,4 @@
From 6ecd6fdcc27f374debcce47366c2862967f99463 Mon Sep 17 00:00:00 2001
From a3389b23db9b9ab1ad11f181f036be35aade8c31 Mon Sep 17 00:00:00 2001
From: Yu Watanabe <watanabe.yu+github@gmail.com>
Date: Wed, 1 Sep 2021 09:44:26 +0900
Subject: [PATCH] udev-node: check stack directory change even if devlink is
@ -11,7 +11,7 @@ Hopefully fixes #19946.
(cherry picked from commit 1cd4e325693007b3628f1a27297f0ab7114b24b8)
Related: #1977994
Related: #2005024
---
src/udev/udev-node.c | 15 ++++++---------
1 file changed, 6 insertions(+), 9 deletions(-)

4
SOURCES/0028-udev-node-shorten-code-a-bit-and-update-log-message.patch → SOURCES/0032-udev-node-shorten-code-a-bit-and-update-log-message.patch
View File

@ -1,11 +1,11 @@
From a075830244f699703a88a492413d931eaeb23a65 Mon Sep 17 00:00:00 2001
From 52938c3ed27ebaadce97060ad8ebdcb351403d90 Mon Sep 17 00:00:00 2001
From: Yu Watanabe <watanabe.yu+github@gmail.com>
Date: Thu, 2 Sep 2021 08:23:35 +0900
Subject: [PATCH] udev-node: shorten code a bit and update log message
(cherry picked from commit 8424da2de88ceeed7be8544fb69221f0b0ea84ea)
Related: #1977994
Related: #2005024
---
src/udev/udev-node.c | 5 ++---
1 file changed, 2 insertions(+), 3 deletions(-)

4
SOURCES/0029-udev-node-add-random-delay-on-conflict-in-updating-d.patch → SOURCES/0033-udev-node-add-random-delay-on-conflict-in-updating-d.patch
View File

@ -1,4 +1,4 @@
From c484f91a87679fb26342408f20e7bdddf316f5a0 Mon Sep 17 00:00:00 2001
From 75275ae07233e213fe03a1a33870efe10dbb2b39 Mon Sep 17 00:00:00 2001
From: Yu Watanabe <watanabe.yu+github@gmail.com>
Date: Wed, 1 Sep 2021 04:34:48 +0900
Subject: [PATCH] udev-node: add random delay on conflict in updating device
@ -9,7 +9,7 @@ simultaneously.
(cherry picked from commit 0063fa23a1384dd4385d03b568dc629916b7e72a)
Related: #1977994
Related: #2005024
---
src/udev/udev-node.c | 12 ++++++++++++
1 file changed, 12 insertions(+)

4
SOURCES/0030-udev-node-drop-redundant-trial-of-devlink-creation.patch → SOURCES/0034-udev-node-drop-redundant-trial-of-devlink-creation.patch
View File

@ -1,4 +1,4 @@
From 458a6cd748ee5555b6957888b69d475ac3f619c6 Mon Sep 17 00:00:00 2001
From c715be5f677ab61704ffe358716cf700d662b82d Mon Sep 17 00:00:00 2001
From: Yu Watanabe <watanabe.yu+github@gmail.com>
Date: Wed, 1 Sep 2021 09:29:42 +0900
Subject: [PATCH] udev-node: drop redundant trial of devlink creation
@ -12,7 +12,7 @@ directory. So, the double evaluation is not necessary anymore.
(cherry picked from commit 7920d0a135fb6a08aa0bfc31e9d0a3f589fe7a1f)
Related: #1977994
Related: #2005024
---
src/udev/udev-event.c | 5 +----
src/udev/udev-node.c | 12 ++++--------

4
SOURCES/0031-udev-node-simplify-the-example-of-race.patch → SOURCES/0035-udev-node-simplify-the-example-of-race.patch
View File

@ -1,11 +1,11 @@
From a5a14281160881fbb39d80a2572a18ecadbeedd5 Mon Sep 17 00:00:00 2001
From 13293ddc7822025cb9f785262655f928634395f6 Mon Sep 17 00:00:00 2001
From: Yu Watanabe <watanabe.yu+github@gmail.com>
Date: Sun, 12 Sep 2021 16:05:51 +0900
Subject: [PATCH] udev-node: simplify the example of race
(cherry picked from commit 3df566a66723490914ef3bae0ca8046044b70dce)
Related: #1977994
Related: #2005024
---
src/udev/udev-node.c | 10 +++++-----
1 file changed, 5 insertions(+), 5 deletions(-)

4
SOURCES/0032-udev-node-do-not-ignore-unexpected-errors-on-removin.patch → SOURCES/0036-udev-node-do-not-ignore-unexpected-errors-on-removin.patch
View File

@ -1,4 +1,4 @@
From 735971d9bffeccc0c17311a29909bdf5d693f806 Mon Sep 17 00:00:00 2001
From 969b05b3f1dc644e821756205450b06a30c79d7f Mon Sep 17 00:00:00 2001
From: Yu Watanabe <watanabe.yu+github@gmail.com>
Date: Sun, 12 Sep 2021 16:14:27 +0900
Subject: [PATCH] udev-node: do not ignore unexpected errors on removing
@ -8,7 +8,7 @@ Only acceptable error here is -ENOENT.
(cherry picked from commit 0706cdf4ec92d6bd40391da0e81a30d9bf851663)
Related: #1977994
Related: #2005024
---
src/udev/udev-node.c | 23 ++++++++++++++---------
1 file changed, 14 insertions(+), 9 deletions(-)

4
SOURCES/0033-basic-time-util-introduce-FORMAT_TIMESPAN.patch → SOURCES/0037-basic-time-util-introduce-FORMAT_TIMESPAN.patch
View File

@ -1,4 +1,4 @@
From e1f53e60bdc368c81beba8b6173047ec8149f8e9 Mon Sep 17 00:00:00 2001
From 1cbcfc6f69e50d309698b6aa16a48b7f282913f5 Mon Sep 17 00:00:00 2001
From: Michal Sekletar <msekleta@redhat.com>
Date: Tue, 21 Sep 2021 09:28:29 +0200
Subject: [PATCH] basic/time-util: introduce FORMAT_TIMESPAN
@ -6,7 +6,7 @@ Subject: [PATCH] basic/time-util: introduce FORMAT_TIMESPAN
This is cherry-pick of the relevant part from the tree-wide change in
5291f26d4a6.
Related: #1977994
Related: #2005024
---
src/basic/time-util.h | 1 +
1 file changed, 1 insertion(+)

17
SOURCES/0037-udev-net-setup-link-change-the-default-MACAddressPol.patch → SOURCES/0038-udev-net-setup-link-change-the-default-MACAddressPol.patch
View File

@ -1,4 +1,4 @@
From ac965c0ae8c9ffa7d606bce9ffa3052fccbac0ce Mon Sep 17 00:00:00 2001
From 59bad0f7db6d56c359816bc048341b38b824e460 Mon Sep 17 00:00:00 2001
From: Michal Sekletar <msekleta@redhat.com>
Date: Tue, 21 Sep 2021 15:01:19 +0200
Subject: [PATCH] udev/net-setup-link: change the default MACAddressPolicy to
@ -9,11 +9,12 @@ address provided by HW could be useful it also breaks LACP based bonds.
Let's err on the side of caution and don't change the MAC address from
udev.
Resolves: #1921094
Resolves: #2009237
---
man/systemd.link.xml | 2 +-
network/99-default.link | 2 +-
test/fuzz/fuzz-link-parser/99-default.link | 2 +-
2 files changed, 2 insertions(+), 2 deletions(-)
3 files changed, 3 insertions(+), 3 deletions(-)
diff --git a/man/systemd.link.xml b/man/systemd.link.xml
index 1093e2e0b8..095d8b4873 100644
@ -28,6 +29,16 @@ index 1093e2e0b8..095d8b4873 100644
</example>
<example>
diff --git a/network/99-default.link b/network/99-default.link
index bca660ac28..31aee37e75 100644
--- a/network/99-default.link
+++ b/network/99-default.link
@@ -13,4 +13,4 @@ OriginalName=*
[Link]
NamePolicy=keep kernel database onboard slot path
AlternativeNamesPolicy=database onboard slot path
-MACAddressPolicy=persistent
+MACAddressPolicy=none
diff --git a/test/fuzz/fuzz-link-parser/99-default.link b/test/fuzz/fuzz-link-parser/99-default.link
index feb5b1fbb0..3d755898b4 100644
--- a/test/fuzz/fuzz-link-parser/99-default.link

24
SOURCES/0038-udev-net-setup-link-really-change-the-default-MACAdd.patch
View File

@ -1,24 +0,0 @@
From 19ab86202b9c4366ea5bd5ac820301f0ab6d1f95 Mon Sep 17 00:00:00 2001
From: Michal Sekletar <msekleta@redhat.com>
Date: Fri, 1 Oct 2021 11:46:23 +0200
Subject: [PATCH] udev/net-setup-link: *really* change the default
MACAddressPolicy to "none"
Fix the oversight and change the policy in the link file, i.e. the
place where it actually matters.
Related: #1921094
---
network/99-default.link | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/network/99-default.link b/network/99-default.link
index bca660ac28..31aee37e75 100644
--- a/network/99-default.link
+++ b/network/99-default.link
@@ -13,4 +13,4 @@ OriginalName=*
[Link]
NamePolicy=keep kernel database onboard slot path
AlternativeNamesPolicy=database onboard slot path
-MACAddressPolicy=persistent
+MACAddressPolicy=none

25
SOURCES/0039-set-core-ulimit-to-0-like-on-RHEL-7.patch Normal file
View File

@ -0,0 +1,25 @@
From 2edaafdfacc14088d7b6f04eec578bd048057103 Mon Sep 17 00:00:00 2001
From: David Tardon <dtardon@redhat.com>
Date: Mon, 25 Jan 2021 16:19:56 +0100
Subject: [PATCH] set core ulimit to 0 like on RHEL-7
RHEL-only
Resolves: #1998509
---
src/core/system.conf.in | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/core/system.conf.in b/src/core/system.conf.in
index f2c75fcd32..c290b14b8b 100644
--- a/src/core/system.conf.in
+++ b/src/core/system.conf.in
@@ -59,7 +59,7 @@
#DefaultLimitFSIZE=
#DefaultLimitDATA=
#DefaultLimitSTACK=
-#DefaultLimitCORE=
+DefaultLimitCORE=0:infinity
#DefaultLimitRSS=
#DefaultLimitNOFILE=1024:{{HIGH_RLIMIT_NOFILE}}
#DefaultLimitAS=

60
SOURCES/0040-test-don-t-install-test-network-generator-conversion.patch Normal file
View File

@ -0,0 +1,60 @@
From 8efa0b5f989d977eca51617a314ec4fdc32fb3d1 Mon Sep 17 00:00:00 2001
From: Frantisek Sumsal <frantisek@sumsal.cz>
Date: Wed, 20 Oct 2021 19:43:34 +0200
Subject: [PATCH] test: don't install test-network-generator-conversion.sh w/o
networkd
otherwise TEST-02 will fail:
```
=== Failed test log ===
--- test-network-generator-conversion.sh begin ---
+ [[ -n '' ]]
+ [[ -x /usr/lib/systemd/systemd-network-generator ]]
+ [[ -x /lib/systemd/systemd-network-generator ]]
+ exit 1
--- test-network-generator-conversion.sh end ---
```
Before:
```
$ meson build -Dnetworkd=false -Dinstall-tests=true
$ ninja -C build
$ DESTDIR=$PWD/test-install ninja -C build install
$ find test-install/ -name test-network-generator-conversion.sh
test-install/usr/lib/systemd/tests/test-network-generator-conversion.sh
```
After:
```
$ find test-install/ -name test-network-generator-conversion.sh
<no output>
```
(cherry picked from commit 140557021ad1a3946319fff1a87831eb02d6a1a0)
Related: #2017035
---
test/meson.build | 9 ++++++---
1 file changed, 6 insertions(+), 3 deletions(-)
diff --git a/test/meson.build b/test/meson.build
index 47c7f4d49a..27b37a9ae7 100644
--- a/test/meson.build
+++ b/test/meson.build
@@ -98,9 +98,12 @@ if install_tests
install_data('run-unit-tests.py',
install_mode : 'rwxr-xr-x',
install_dir : testsdir)
- install_data('test-network-generator-conversion.sh',
- install_mode : 'rwxr-xr-x',
- install_dir : testsdir)
+
+ if conf.get('ENABLE_NETWORKD') == 1
+ install_data('test-network-generator-conversion.sh',
+ install_mode : 'rwxr-xr-x',
+ install_dir : testsdir)
+ endif
endif
############################################################

32
SOURCES/0041-meson.build-change-operator-combining-bools-from-to-.patch Normal file
View File

@ -0,0 +1,32 @@
From 7d7562db194f6b521d93ef370176922d0ac68331 Mon Sep 17 00:00:00 2001
From: Dan Streetman <ddstreet@canonical.com>
Date: Fri, 3 Sep 2021 12:43:33 -0400
Subject: [PATCH] meson.build: change operator combining bools from + to and
upstream meson stopped allowing combining boolean with the plus
operator, and now requires using the logical and operator
reference:
https://github.com/mesonbuild/meson/commit/43302d3296baff6aeaf8e03f5d701b0402e37a6c
Fixes: #20632
(cherry picked from commit c29537f39e4f413a6cbfe9669fa121bdd6d8b36f)
Related: #2017035
---
meson.build | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/meson.build b/meson.build
index d28f04607a..f21ec5bb94 100644
--- a/meson.build
+++ b/meson.build
@@ -35,7 +35,7 @@ conf.set10('BUILD_MODE_DEVELOPER', get_option('mode') == 'developer',
want_ossfuzz = get_option('oss-fuzz')
want_libfuzzer = get_option('llvm-fuzz')
-if want_ossfuzz + want_libfuzzer > 1
+if want_ossfuzz and want_libfuzzer
error('only one of oss-fuzz or llvm-fuzz can be specified')
endif

37
SOURCES/0042-openssl-util-use-EVP-API-to-get-RSA-bits.patch Normal file
View File

@ -0,0 +1,37 @@
From 387ba3f36092f2072ee6a05abeac27deaca177bd Mon Sep 17 00:00:00 2001
From: Lennart Poettering <lennart@poettering.net>
Date: Wed, 29 Sep 2021 15:03:44 +0200
Subject: [PATCH] openssl-util: use EVP API to get RSA bits
(cherry picked from commit 7f12adc3000c08a370f74bd16c654506c8a99e92)
Resolves: #2016042
---
src/shared/openssl-util.c | 7 +------
1 file changed, 1 insertion(+), 6 deletions(-)
diff --git a/src/shared/openssl-util.c b/src/shared/openssl-util.c
index bb47ae5e87..bd728e6c7c 100644
--- a/src/shared/openssl-util.c
+++ b/src/shared/openssl-util.c
@@ -46,7 +46,6 @@ int rsa_pkey_to_suitable_key_size(
size_t *ret_suitable_key_size) {
size_t suitable_key_size;
- const RSA *rsa;
int bits;
assert_se(pkey);
@@ -58,11 +57,7 @@ int rsa_pkey_to_suitable_key_size(
if (EVP_PKEY_base_id(pkey) != EVP_PKEY_RSA)
return log_debug_errno(SYNTHETIC_ERRNO(EBADMSG), "X.509 certificate does not refer to RSA key.");
- rsa = EVP_PKEY_get0_RSA(pkey);
- if (!rsa)
- return log_debug_errno(SYNTHETIC_ERRNO(EIO), "Failed to acquire RSA public key from X.509 certificate.");
-
- bits = RSA_bits(rsa);
+ bits = EVP_PKEY_bits(pkey);
log_debug("Bits in RSA key: %i", bits);
/* We use PKCS#1 padding for the RSA cleartext, hence let's leave some extra space for it, hence only

315
SOURCES/0043-procfs-util-fix-confusion-wrt.-quantity-limit-and-ma.patch Normal file
View File

@ -0,0 +1,315 @@
From 862ded47343a782d70f7d4421a6a2e4e33684e5e Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= <zbyszek@in.waw.pl>
Date: Tue, 2 Nov 2021 18:18:21 +0100
Subject: [PATCH] procfs-util: fix confusion wrt. quantity limit and maximum
value
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
From packit/rawhide-arm64 logs:
Assertion 'limit >= INT_MAX || get_process_ppid(limit+1, NULL) == -ESRCH' failed at src/test/test-process-util.c:855, function test_get_process_ppid(). Aborting.
――――――――――――――――――――――――――――――――――――――――――――――――――――――――――――――――――――――――――――――
The kernel has a few different limits. In particular kernel.threads-max can be
set to some lower value, and kernel.pid_max can be set to a higher value. This
is nice because it reduces PID reuse, even if the number of threads that is
allowed is limited. But the tests assumed that we cannot have a thread with
PID above MIN(kernel.threads-max, kernel.pid_max-1), which is not valid.
So let's rework the whole thing: let's expose the helpers to read
kernel.threads-max and kernel.pid_max, and print what they return in tests.
procfs_tasks_get_limit() was something that is only used in tests, and wasn't
very well defined, so let's drop it.
Fixes #21193.
(cherry picked from commit c3dead53d50e334f2d072a2248256983d6dc9f8c)
Related: #2017035
---
src/basic/limits-util.c | 50 ++++++++++++++++++++++++----------
src/basic/procfs-util.c | 53 +++++++++---------------------------
src/basic/procfs-util.h | 4 ++-
src/test/test-process-util.c | 10 +++++--
src/test/test-procfs-util.c | 34 ++++++++++++++++-------
5 files changed, 84 insertions(+), 67 deletions(-)
diff --git a/src/basic/limits-util.c b/src/basic/limits-util.c
index 9f8e26d46a..435a2a0efe 100644
--- a/src/basic/limits-util.c
+++ b/src/basic/limits-util.c
@@ -109,35 +109,57 @@ uint64_t physical_memory_scale(uint64_t v, uint64_t max) {
}
uint64_t system_tasks_max(void) {
- uint64_t a = TASKS_MAX, b = TASKS_MAX;
+ uint64_t a = TASKS_MAX, b = TASKS_MAX, c = TASKS_MAX;
_cleanup_free_ char *root = NULL;
int r;
- /* Determine the maximum number of tasks that may run on this system. We check three sources to determine this
- * limit:
+ /* Determine the maximum number of tasks that may run on this system. We check three sources to
+ * determine this limit:
*
- * a) the maximum tasks value the kernel allows on this architecture
- * b) the cgroups pids_max attribute for the system
- * c) the kernel's configured maximum PID value
+ * a) kernel.threads-max sysctl: the maximum number of tasks (threads) the kernel allows.
*
- * And then pick the smallest of the three */
+ * This puts a direct limit on the number of concurrent tasks.
+ *
+ * b) kernel.pid_max sysctl: the maximum PID value.
+ *
+ * This limits the numeric range PIDs can take, and thus indirectly also limits the number of
+ * concurrent threads. It's primarily a compatibility concept: some crappy old code used a signed
+ * 16bit type for PIDs, hence the kernel provides a way to ensure the PIDs never go beyond
+ * INT16_MAX by default.
+ *
+ * Also note the weird definition: PIDs assigned will be kept below this value, which means
+ * the number of tasks that can be created is one lower, as PID 0 is not a valid process ID.
+ *
+ * c) pids.max on the root cgroup: the kernel's configured maximum number of tasks.
+ *
+ * and then pick the smallest of the three.
+ *
+ * By default pid_max is set to much lower values than threads-max, hence the limit people come into
+ * contact with first, as it's the lowest boundary they need to bump when they want higher number of
+ * processes.
+ */
+
+ r = procfs_get_threads_max(&a);
+ if (r < 0)
+ log_debug_errno(r, "Failed to read kernel.threads-max, ignoring: %m");
- r = procfs_tasks_get_limit(&a);
+ r = procfs_get_pid_max(&b);
if (r < 0)
- log_debug_errno(r, "Failed to read maximum number of tasks from /proc, ignoring: %m");
+ log_debug_errno(r, "Failed to read kernel.pid_max, ignoring: %m");
+ else if (b > 0)
+ /* Subtract one from pid_max, since PID 0 is not a valid PID */
+ b--;
r = cg_get_root_path(&root);
if (r < 0)
log_debug_errno(r, "Failed to determine cgroup root path, ignoring: %m");
else {
- r = cg_get_attribute_as_uint64("pids", root, "pids.max", &b);
+ r = cg_get_attribute_as_uint64("pids", root, "pids.max", &c);
if (r < 0)
- log_debug_errno(r, "Failed to read pids.max attribute of cgroup root, ignoring: %m");
+ log_debug_errno(r, "Failed to read pids.max attribute of root cgroup, ignoring: %m");
}
- return MIN3(TASKS_MAX,
- a <= 0 ? TASKS_MAX : a,
- b <= 0 ? TASKS_MAX : b);
+ return MIN3(a, b, c);
}
uint64_t system_tasks_max_scale(uint64_t v, uint64_t max) {
diff --git a/src/basic/procfs-util.c b/src/basic/procfs-util.c
index 9234ccaf85..a29e776a3a 100644
--- a/src/basic/procfs-util.c
+++ b/src/basic/procfs-util.c
@@ -12,54 +12,34 @@
#include "stdio-util.h"
#include "string-util.h"
-int procfs_tasks_get_limit(uint64_t *ret) {
+int procfs_get_pid_max(uint64_t *ret) {
_cleanup_free_ char *value = NULL;
- uint64_t pid_max, threads_max;
int r;
assert(ret);
- /* So there are two sysctl files that control the system limit of processes:
- *
- * 1. kernel.threads-max: this is probably the sysctl that makes more sense, as it directly puts a limit on
- * concurrent tasks.
- *
- * 2. kernel.pid_max: this limits the numeric range PIDs can take, and thus indirectly also limits the number
- * of concurrent threads. AFAICS it's primarily a compatibility concept: some crappy old code used a signed
- * 16bit type for PIDs, hence the kernel provides a way to ensure the PIDs never go beyond INT16_MAX by
- * default.
- *
- * By default #2 is set to much lower values than #1, hence the limit people come into contact with first, as
- * it's the lowest boundary they need to bump when they want higher number of processes.
- *
- * Also note the weird definition of #2: PIDs assigned will be kept below this value, which means the number of
- * tasks that can be created is one lower, as PID 0 is not a valid process ID. */
-
r = read_one_line_file("/proc/sys/kernel/pid_max", &value);
if (r < 0)
return r;
- r = safe_atou64(value, &pid_max);
- if (r < 0)
- return r;
+ return safe_atou64(value, ret);
+}
- value = mfree(value);
- r = read_one_line_file("/proc/sys/kernel/threads-max", &value);
- if (r < 0)
- return r;
+int procfs_get_threads_max(uint64_t *ret) {
+ _cleanup_free_ char *value = NULL;
+ int r;
- r = safe_atou64(value, &threads_max);
+ assert(ret);
+
+ r = read_one_line_file("/proc/sys/kernel/threads-max", &value);
if (r < 0)
return r;
- /* Subtract one from pid_max, since PID 0 is not a valid PID */
- *ret = MIN(pid_max-1, threads_max);
- return 0;
+ return safe_atou64(value, ret);
}
int procfs_tasks_set_limit(uint64_t limit) {
char buffer[DECIMAL_STR_MAX(uint64_t)+1];
- _cleanup_free_ char *value = NULL;
uint64_t pid_max;
int r;
@@ -74,10 +54,7 @@ int procfs_tasks_set_limit(uint64_t limit) {
* set it to the maximum. */
limit = CLAMP(limit, 20U, TASKS_MAX);
- r = read_one_line_file("/proc/sys/kernel/pid_max", &value);
- if (r < 0)
- return r;
- r = safe_atou64(value, &pid_max);
+ r = procfs_get_pid_max(&pid_max);
if (r < 0)
return r;
@@ -98,14 +75,10 @@ int procfs_tasks_set_limit(uint64_t limit) {
/* Hmm, we couldn't write this? If so, maybe it was already set properly? In that case let's not
* generate an error */
- value = mfree(value);
- if (read_one_line_file("/proc/sys/kernel/threads-max", &value) < 0)
- return r; /* return original error */
-
- if (safe_atou64(value, &threads_max) < 0)
+ if (procfs_get_threads_max(&threads_max) < 0)
return r; /* return original error */
- if (MIN(pid_max-1, threads_max) != limit)
+ if (MIN(pid_max - 1, threads_max) != limit)
return r; /* return original error */
/* Yay! Value set already matches what we were trying to set, hence consider this a success. */
diff --git a/src/basic/procfs-util.h b/src/basic/procfs-util.h
index 61fa71d479..eb8c7738b1 100644
--- a/src/basic/procfs-util.h
+++ b/src/basic/procfs-util.h
@@ -5,7 +5,9 @@
#include "time-util.h"
-int procfs_tasks_get_limit(uint64_t *ret);
+int procfs_get_pid_max(uint64_t *ret);
+int procfs_get_threads_max(uint64_t *ret);
+
int procfs_tasks_set_limit(uint64_t limit);
int procfs_tasks_get_current(uint64_t *ret);
diff --git a/src/test/test-process-util.c b/src/test/test-process-util.c
index 8c76392ae9..d89ce6e2db 100644
--- a/src/test/test-process-util.c
+++ b/src/test/test-process-util.c
@@ -850,8 +850,14 @@ static void test_get_process_ppid(void) {
assert_se(get_process_ppid(1, NULL) == -EADDRNOTAVAIL);
/* the process with the PID above the global limit definitely doesn't exist. Verify that */
- assert_se(procfs_tasks_get_limit(&limit) >= 0);
- assert_se(limit >= INT_MAX || get_process_ppid(limit+1, NULL) == -ESRCH);
+ assert_se(procfs_get_pid_max(&limit) >= 0);
+ log_debug("kernel.pid_max = %"PRIu64, limit);
+
+ if (limit < INT_MAX) {
+ r = get_process_ppid(limit + 1, NULL);
+ log_debug_errno(r, "get_process_limit(%"PRIu64") → %d/%m", limit + 1, r);
+ assert(r == -ESRCH);
+ }
for (pid_t pid = 0;;) {
_cleanup_free_ char *c1 = NULL, *c2 = NULL;
diff --git a/src/test/test-procfs-util.c b/src/test/test-procfs-util.c
index b2679e30fb..876ef40dfd 100644
--- a/src/test/test-procfs-util.c
+++ b/src/test/test-procfs-util.c
@@ -6,12 +6,13 @@
#include "format-util.h"
#include "log.h"
#include "procfs-util.h"
+#include "process-util.h"
#include "tests.h"
int main(int argc, char *argv[]) {
char buf[CONST_MAX(FORMAT_TIMESPAN_MAX, FORMAT_BYTES_MAX)];
nsec_t nsec;
- uint64_t v;
+ uint64_t v, w;
int r;
log_parse_environment();
@@ -26,26 +27,39 @@ int main(int argc, char *argv[]) {
assert_se(procfs_tasks_get_current(&v) >= 0);
log_info("Current number of tasks: %" PRIu64, v);
- r = procfs_tasks_get_limit(&v);
- if (r == -ENOENT || ERRNO_IS_PRIVILEGE(r))
- return log_tests_skipped("can't read /proc/sys/kernel/pid_max");
+ v = TASKS_MAX;
+ r = procfs_get_pid_max(&v);
+ assert(r >= 0 || r == -ENOENT || ERRNO_IS_PRIVILEGE(r));
+ log_info("kernel.pid_max: %"PRIu64, v);
+
+ w = TASKS_MAX;
+ r = procfs_get_threads_max(&w);
+ assert(r >= 0 || r == -ENOENT || ERRNO_IS_PRIVILEGE(r));
+ log_info("kernel.threads-max: %"PRIu64, w);
+
+ v = MIN(v - (v > 0), w);
assert_se(r >= 0);
log_info("Limit of tasks: %" PRIu64, v);
assert_se(v > 0);
- assert_se(procfs_tasks_set_limit(v) >= 0);
+ r = procfs_tasks_set_limit(v);
+ if (r == -ENOENT || ERRNO_IS_PRIVILEGE(r))
+ return log_tests_skipped("can't set task limits");
+ assert(r >= 0);
if (v > 100) {
- uint64_t w;
+ log_info("Reducing limit by one to %"PRIu64"…", v-1);
+
r = procfs_tasks_set_limit(v-1);
- assert_se(IN_SET(r, 0, -EPERM, -EACCES, -EROFS));
+ log_info_errno(r, "procfs_tasks_set_limit: %m");
+ assert_se(r >= 0 || ERRNO_IS_PRIVILEGE(r));
- assert_se(procfs_tasks_get_limit(&w) >= 0);
- assert_se((r == 0 && w == v - 1) || (r < 0 && w == v));
+ assert_se(procfs_get_threads_max(&w) >= 0);
+ assert_se(r >= 0 ? w == v - 1 : w == v);
assert_se(procfs_tasks_set_limit(v) >= 0);
- assert_se(procfs_tasks_get_limit(&w) >= 0);
+ assert_se(procfs_get_threads_max(&w) >= 0);
assert_se(v == w);
}

31
SOURCES/0044-test-process-util-also-add-EROFS-to-the-list-of-good.patch Normal file
View File

@ -0,0 +1,31 @@
From e43e8caf2f2699de7da1f072bcc7c25e125313e4 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= <zbyszek@in.waw.pl>
Date: Wed, 3 Nov 2021 09:39:16 +0100
Subject: [PATCH] test-process-util: also add EROFS to the list of "good"
errors
It is only added in the one place where we actually try to set the
setting to a new value. Before we were testing if we can set to it the
existing value, which was a noop. We could still get a permission error,
but this is the first place where we would propagate EROFS.
(cherry picked from commit 6434a83d01d96e9f9a17ed9ce1f04a7d64859950)
Related: #2017035
---
src/test/test-procfs-util.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/test/test-procfs-util.c b/src/test/test-procfs-util.c
index 876ef40dfd..f19a41475d 100644
--- a/src/test/test-procfs-util.c
+++ b/src/test/test-procfs-util.c
@@ -52,7 +52,7 @@ int main(int argc, char *argv[]) {
r = procfs_tasks_set_limit(v-1);
log_info_errno(r, "procfs_tasks_set_limit: %m");
- assert_se(r >= 0 || ERRNO_IS_PRIVILEGE(r));
+ assert_se(r >= 0 || ERRNO_IS_PRIVILEGE(r) || r == -EROFS);
assert_se(procfs_get_threads_max(&w) >= 0);
assert_se(r >= 0 ? w == v - 1 : w == v);

27
SOURCES/0045-ci-use-C9S-chroots-in-Packit.patch Normal file
View File

@ -0,0 +1,27 @@
From 5c8d698f3905c860eff17b84a32bb7acfb98d931 Mon Sep 17 00:00:00 2001
From: Frantisek Sumsal <frantisek@sumsal.cz>
Date: Thu, 4 Nov 2021 12:31:32 +0100
Subject: [PATCH] ci: use C9S chroots in Packit
rhel-only
Related: #2017035
---
.packit.yml | 5 ++---
1 file changed, 2 insertions(+), 3 deletions(-)
diff --git a/.packit.yml b/.packit.yml
index 3461bccbc5..ce8782aae2 100644
--- a/.packit.yml
+++ b/.packit.yml
@@ -37,9 +37,8 @@ jobs:
trigger: pull_request
metadata:
targets:
- # FIXME: change to CentOS 9 once it's available
- - fedora-34-x86_64
- - fedora-34-aarch64
+ - centos-stream-9-x86_64
+ - centos-stream-9-aarch64
# TODO: can't use TFT yet due to https://pagure.io/fedora-ci/general/issue/184
# Run tests (via testing farm)

17
SOURCES/f58b96d3e8d1cb0dd3666bc74fa673918b586612.patch → SOURCES/0046-test-mountpointutil-util-do-not-assert-in-test_mnt_i.patch
View File

@ -1,4 +1,4 @@
From f58b96d3e8d1cb0dd3666bc74fa673918b586612 Mon Sep 17 00:00:00 2001
From 5a86b79c5f79215a17f6617ae925dc76b25396a6 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= <zbyszek@in.waw.pl>
Date: Mon, 14 Sep 2020 17:58:03 +0200
Subject: [PATCH] test-mountpointutil-util: do not assert in test_mnt_id()
@ -102,17 +102,24 @@ getpid() = 20
gettid() = 20
tgkill(20, 20, SIGABRT) = 0
rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
--- SIGABRT {si_signo=SIGABRT, si_code=SI_TKILL, si_pid=20, si_uid=0} ---
+++ killed by SIGABRT (core dumped) +++
RHEL notes: af918c4 should mitigate this issue, but in some build
systems (Copr, brew, etc.) we don't have enough privileges to create a
new mount namespace
Cherry-picked manually from https://github.com/systemd/systemd/pull/17050.
rhel-only
Related: #2017035
---
src/test/test-mountpoint-util.c | 8 ++++++--
1 file changed, 6 insertions(+), 2 deletions(-)
diff --git a/src/test/test-mountpoint-util.c b/src/test/test-mountpoint-util.c
index 30b00ae4d8b..ffe5144b04a 100644
index 983e1842d6..66d476d06d 100644
--- a/src/test/test-mountpoint-util.c
+++ b/src/test/test-mountpoint-util.c
@@ -89,8 +89,12 @@ static void test_mnt_id(void) {
@@ -91,8 +91,12 @@ static void test_mnt_id(void) {
/* The ids don't match? If so, then there are two mounts on the same path, let's check if
* that's really the case */
char *t = hashmap_get(h, INT_TO_PTR(mnt_id2));

30
SOURCES/0047-core-mount-add-implicit-unit-dependencies-even-if-wh.patch Normal file
View File

@ -0,0 +1,30 @@
From ea4ebf86d25fb9c489d1cf1ca42371b7e2e782aa Mon Sep 17 00:00:00 2001
From: Yu Watanabe <watanabe.yu+github@gmail.com>
Date: Sun, 29 Aug 2021 21:20:43 +0900
Subject: [PATCH] core/mount: add implicit unit dependencies even if when mount
unit is generated from /proc/self/mountinfo
Hopefully fixes #20566.
(cherry picked from commit aebff2e7ce209fc2d75b894a3ae8b80f6f36ec11)
Resolves: #2019468
---
src/core/mount.c | 4 ++++
1 file changed, 4 insertions(+)
diff --git a/src/core/mount.c b/src/core/mount.c
index 1fd3102ad3..f2c85e0e5d 100644
--- a/src/core/mount.c
+++ b/src/core/mount.c
@@ -1582,6 +1582,10 @@ static int mount_setup_new_unit(
if (r < 0)
return r;
+ r = mount_add_non_exec_dependencies(MOUNT(u));
+ if (r < 0)
+ return r;
+
/* This unit was generated because /proc/self/mountinfo reported it. Remember this, so that by the time we load
* the unit file for it (and thus add in extra deps right after) we know what source to attributes the deps
* to. */

14
SOURCES/rc.local Normal file
View File

@ -0,0 +1,14 @@
#!/bin/bash
# THIS FILE IS ADDED FOR COMPATIBILITY PURPOSES
#
# It is highly advisable to create own systemd services or udev rules
# to run scripts during boot instead of using this file.
#
# In contrast to previous versions due to parallel execution during boot
# this script will NOT be run after all other services.
#
# Please note that you must run 'chmod +x /etc/rc.d/rc.local' to ensure
# that this script will be executed during boot.
touch /var/lock/subsys/local

128
SPECS/systemd.spec
View File

@ -21,7 +21,7 @@
Name: systemd
Url: https://www.freedesktop.org/wiki/Software/systemd
Version: 249
Release: 7%{?dist}
Release: 9%{?dist}
# For a breakdown of the licensing, see README
License: LGPLv2+ and MIT and GPLv2+
Summary: System and Service Manager
@ -63,6 +63,7 @@ Source21: macros.sysusers
Source22: sysusers.attr
Source23: sysusers.prov
Source24: sysusers.generate-pre.sh
Source25: rc.local
%if 0
GIT_DIR=../../src/systemd/.git git format-patch-ab --no-signature -M -N v235..v235-stable
@ -94,31 +95,38 @@ Patch0014: 0014-random-util-increase-random-seed-size-to-1024.patch
Patch0015: 0015-journal-don-t-enable-systemd-journald-audit.socket-b.patch
Patch0016: 0016-journald.conf-don-t-touch-current-audit-settings.patch
Patch0017: 0017-Revert-udev-remove-WAIT_FOR-key.patch
Patch0018: 0018-boot-don-t-build-bootctl-when-Dgnu-efi-false-is-set.patch
Patch0018: 0018-Really-don-t-enable-systemd-journald-audit.socket.patch
Patch0019: 0019-rules-add-elevator-kernel-command-line-parameter.patch
Patch0020: 0020-sd-device-introduce-device_has_devlink.patch
Patch0021: 0021-udev-node-split-out-permission-handling-from-udev_no.patch
Patch0022: 0022-udev-node-stack-directory-must-exist-when-adding-dev.patch
Patch0023: 0023-udev-node-save-information-about-device-node-and-pri.patch
Patch0024: 0024-udev-node-always-update-timestamp-of-stack-directory.patch
Patch0025: 0025-udev-node-assume-no-new-claim-to-a-symlink-if-run-ud.patch
Patch0026: 0026-udev-node-always-atomically-create-symlink-to-device.patch
Patch0027: 0027-udev-node-check-stack-directory-change-even-if-devli.patch
Patch0028: 0028-udev-node-shorten-code-a-bit-and-update-log-message.patch
Patch0029: 0029-udev-node-add-random-delay-on-conflict-in-updating-d.patch
Patch0030: 0030-udev-node-drop-redundant-trial-of-devlink-creation.patch
Patch0031: 0031-udev-node-simplify-the-example-of-race.patch
Patch0032: 0032-udev-node-do-not-ignore-unexpected-errors-on-removin.patch
Patch0033: 0033-basic-time-util-introduce-FORMAT_TIMESPAN.patch
Patch0034: 0034-unit-install-the-systemd-bless-boot.service-only-if-.patch
Patch0035: 0035-units-don-t-enable-tmp.mount-statically-in-local-fs..patch
Patch0036: 0036-pid1-bump-DefaultTasksMax-to-80-of-the-kernel-pid.ma.patch
Patch0037: 0037-udev-net-setup-link-change-the-default-MACAddressPol.patch
Patch0038: 0038-udev-net-setup-link-really-change-the-default-MACAdd.patch
Patch0020: 0020-boot-don-t-build-bootctl-when-Dgnu-efi-false-is-set.patch
Patch0021: 0021-unit-install-the-systemd-bless-boot.service-only-if-.patch
Patch0022: 0022-units-don-t-enable-tmp.mount-statically-in-local-fs..patch
Patch0023: 0023-pid1-bump-DefaultTasksMax-to-80-of-the-kernel-pid.ma.patch
Patch0024: 0024-sd-device-introduce-device_has_devlink.patch
Patch0025: 0025-udev-node-split-out-permission-handling-from-udev_no.patch
Patch0026: 0026-udev-node-stack-directory-must-exist-when-adding-dev.patch
Patch0027: 0027-udev-node-save-information-about-device-node-and-pri.patch
Patch0028: 0028-udev-node-always-update-timestamp-of-stack-directory.patch
Patch0029: 0029-udev-node-assume-no-new-claim-to-a-symlink-if-run-ud.patch
Patch0030: 0030-udev-node-always-atomically-create-symlink-to-device.patch
Patch0031: 0031-udev-node-check-stack-directory-change-even-if-devli.patch
Patch0032: 0032-udev-node-shorten-code-a-bit-and-update-log-message.patch
Patch0033: 0033-udev-node-add-random-delay-on-conflict-in-updating-d.patch
Patch0034: 0034-udev-node-drop-redundant-trial-of-devlink-creation.patch
Patch0035: 0035-udev-node-simplify-the-example-of-race.patch
Patch0036: 0036-udev-node-do-not-ignore-unexpected-errors-on-removin.patch
Patch0037: 0037-basic-time-util-introduce-FORMAT_TIMESPAN.patch
Patch0038: 0038-udev-net-setup-link-change-the-default-MACAddressPol.patch
Patch0039: 0039-set-core-ulimit-to-0-like-on-RHEL-7.patch
Patch0040: 0040-test-don-t-install-test-network-generator-conversion.patch
Patch0041: 0041-meson.build-change-operator-combining-bools-from-to-.patch
Patch0042: 0042-openssl-util-use-EVP-API-to-get-RSA-bits.patch
Patch0043: 0043-procfs-util-fix-confusion-wrt.-quantity-limit-and-ma.patch
Patch0044: 0044-test-process-util-also-add-EROFS-to-the-list-of-good.patch
Patch0045: 0045-ci-use-C9S-chroots-in-Packit.patch
Patch0046: 0046-test-mountpointutil-util-do-not-assert-in-test_mnt_i.patch
Patch0047: 0047-core-mount-add-implicit-unit-dependencies-even-if-wh.patch
# Downstream-only patches (90009999)
# https://github.com/systemd/systemd/pull/17050
Patch9001: https://github.com/systemd/systemd/pull/17050/commits/f58b96d3e8d1cb0dd3666bc74fa673918b586612.patch
BuildRequires: gcc
BuildRequires: gcc-c++
@ -363,6 +371,7 @@ MulticastDNS resolver and responder.
Summary: A userspace out-of-memory (OOM) killer
Requires: %{name}%{?_isa} = %{version}-%{release}
License: LGPLv2+
Provides: %{name}-oomd-defaults = %{version}-%{release}
%description oomd
systemd-oomd is a system service that uses cgroups-v2 and pressure stall
@ -461,7 +470,7 @@ CONFIGURE_OPTS=(
%endif
-Db_ndebug=false
-Dman=true
-Dversion-tag=%{version}-%{release}
-Dversion-tag=v%{version}-%{release}
%if 0%{?fedora}
-Dfallback-hostname=fedora
%else
@ -558,6 +567,11 @@ touch %{buildroot}%{_sysconfdir}/udev/hwdb.bin
touch %{buildroot}%{_localstatedir}/lib/systemd/random-seed
touch %{buildroot}%{_localstatedir}/lib/private/systemd/journal-upload/state
# Install rc.local
mkdir -p %{buildroot}%{_sysconfdir}/rc.d/
install -m 0644 %{SOURCE25} %{buildroot}%{_sysconfdir}/rc.d/rc.local
ln -s rc.d/rc.local %{buildroot}%{_sysconfdir}/rc.local
# Install yum protection fragment
install -Dm0644 %{SOURCE4} %{buildroot}/etc/dnf/protected.d/systemd.conf
@ -616,6 +630,8 @@ python3 %{SOURCE2} %buildroot <<EOF
%ghost %config(noreplace) /etc/locale.conf
%ghost %config(noreplace) /etc/machine-id
%ghost %config(noreplace) /etc/machine-info
%config(noreplace) %{_sysconfdir}/rc.d/rc.local
%{_sysconfdir}/rc.local
%ghost %attr(0700,root,root) %dir /var/cache/private
%ghost %attr(0700,root,root) %dir /var/lib/private
%ghost %dir /var/lib/private/systemd
@ -633,6 +649,10 @@ python3 %{SOURCE2} %buildroot <<EOF
%ghost %attr(0700,root,root) %dir /var/log/private
EOF
%check
%if %{with tests}
meson test -C %{_vpath_builddir} -t 6 --print-errorlogs
%endif
#############################################################################################
@ -873,34 +893,40 @@ getent passwd systemd-oom &>/dev/null || useradd -r -l -g systemd-oom -d / -s /s
%files standalone-sysusers -f .file-list-standalone-sysusers
%changelog
* Fri Oct 01 2021 systemd maintenance team <systemd-maint@redhat.com> - 249-7
- spec: make sure version string starts with version number (#1921094)
* Thu Nov 18 2021 systemd maintenance team <systemd-maint@redhat.com> - 249-9
- test: don't install test-network-generator-conversion.sh w/o networkd (#2017035)
- meson.build: change operator combining bools from + to and (#2017035)
- openssl-util: use EVP API to get RSA bits (#2016042)
- procfs-util: fix confusion wrt. quantity limit and maximum value (#2017035)
- test-process-util: also add EROFS to the list of "good" errors (#2017035)
- ci: use C9S chroots in Packit (#2017035)
- test-mountpointutil-util: do not assert in test_mnt_id() (#2017035)
- core/mount: add implicit unit dependencies even if when mount unit is generated from /proc/self/mountinfo (#2019468)
- Drop Patch9001 - https://github.com/systemd/systemd/pull/17050 - Replaced by Patch0046
* Fri Oct 01 2021 systemd maintenance team <systemd-maint@redhat.com> - 249-6
- udev/net-setup-link: *really* change the default MACAddressPolicy to "none" (#1921094)
- spec: Use -Dgnu-efi=false instead of -Defi=false (#1972223)
* Thu Sep 30 2021 systemd maintenance team <systemd-maint@redhat.com> - 249-5
- boot: don't build bootctl when -Dgnu-efi=false is set (#1972223)
- rules: add elevator= kernel command line parameter (#1998190)
- sd-device: introduce device_has_devlink() (#1977994)
- udev-node: split out permission handling from udev_node_add() (#1977994)
- udev-node: stack directory must exist when adding device node symlink (#1977994)
- udev-node: save information about device node and priority in symlink (#1977994)
- udev-node: always update timestamp of stack directory (#1977994)
- udev-node: assume no new claim to a symlink if /run/udev/links is not updated (#1977994)
- udev-node: always atomically create symlink to device node (#1977994)
- udev-node: check stack directory change even if devlink is removed (#1977994)
- udev-node: shorten code a bit and update log message (#1977994)
- udev-node: add random delay on conflict in updating device node symlink (#1977994)
- udev-node: drop redundant trial of devlink creation (#1977994)
- udev-node: simplify the example of race (#1977994)
- udev-node: do not ignore unexpected errors on removing symlink in stack directory (#1977994)
- basic/time-util: introduce FORMAT_TIMESPAN (#1977994)
- unit: install the systemd-bless-boot.service only if we have gnu-efi (#1972223)
- units: don't enable tmp.mount statically in local-fs.target (#1959826)
- pid1: bump DefaultTasksMax to 80% of the kernel pid.max value (#1997200)
- udev/net-setup-link: change the default MACAddressPolicy to "none" (#1921094)
* Tue Oct 12 2021 systemd maintenance team <systemd-maint@redhat.com> - 249-8
- Really don't enable systemd-journald-audit.socket (#1973856)
- rules: add elevator= kernel command line parameter (#2003002)
- boot: don't build bootctl when -Dgnu-efi=false is set (#2003130)
- unit: install the systemd-bless-boot.service only if we have gnu-efi (#2003130)
- units: don't enable tmp.mount statically in local-fs.target (#2000927)
- pid1: bump DefaultTasksMax to 80% of the kernel pid.max value (#2003031)
- sd-device: introduce device_has_devlink() (#2005024)
- udev-node: split out permission handling from udev_node_add() (#2005024)
- udev-node: stack directory must exist when adding device node symlink (#2005024)
- udev-node: save information about device node and priority in symlink (#2005024)
- udev-node: always update timestamp of stack directory (#2005024)
- udev-node: assume no new claim to a symlink if /run/udev/links is not updated (#2005024)
- udev-node: always atomically create symlink to device node (#2005024)
- udev-node: check stack directory change even if devlink is removed (#2005024)
- udev-node: shorten code a bit and update log message (#2005024)
- udev-node: add random delay on conflict in updating device node symlink (#2005024)
- udev-node: drop redundant trial of devlink creation (#2005024)
- udev-node: simplify the example of race (#2005024)
- udev-node: do not ignore unexpected errors on removing symlink in stack directory (#2005024)
- basic/time-util: introduce FORMAT_TIMESPAN (#2005024)
- udev/net-setup-link: change the default MACAddressPolicy to "none" (#2009237)
- set core ulimit to 0 like on RHEL-7 (#1998509)
* Fri Aug 20 2021 systemd maintenance team <systemd-maint@redhat.com> - 249-4
- Revert "udev: remove WAIT_FOR key" (#1982666)