Rebase to current fedora specfile
Related: RHEL-40924
This commit is contained in:
parent
76bcdb2924
commit
c560bc2e3a
217
0001-Revert-machined-add-varlink-interface-for-registerin.patch
Normal file
217
0001-Revert-machined-add-varlink-interface-for-registerin.patch
Normal file
@ -0,0 +1,217 @@
|
||||
From c93a24119977a11791aab0f3df5e5cb9973a34de Mon Sep 17 00:00:00 2001
|
||||
From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= <zbyszek@in.waw.pl>
|
||||
Date: Sat, 11 May 2024 13:27:12 +0200
|
||||
Subject: [PATCH] Revert "machined: add varlink interface for registering
|
||||
machines"
|
||||
|
||||
This reverts commit 5b44c81ff868a4d1b78a74e4770f7a8b2f1d0f91.
|
||||
---
|
||||
man/systemd-machined.service.xml | 6 +--
|
||||
src/machine/machine-varlink.h | 6 ---
|
||||
src/machine/machined-varlink.c | 62 ++-----------------------
|
||||
src/machine/machined.c | 5 +-
|
||||
src/machine/machined.h | 3 +-
|
||||
src/machine/meson.build | 1 -
|
||||
src/shared/meson.build | 1 -
|
||||
src/shared/varlink-io.systemd.Machine.h | 6 ---
|
||||
8 files changed, 8 insertions(+), 82 deletions(-)
|
||||
delete mode 100644 src/machine/machine-varlink.h
|
||||
delete mode 100644 src/shared/varlink-io.systemd.Machine.h
|
||||
|
||||
diff --git a/man/systemd-machined.service.xml b/man/systemd-machined.service.xml
|
||||
index b2899ff0fd..f3d7755973 100644
|
||||
--- a/man/systemd-machined.service.xml
|
||||
+++ b/man/systemd-machined.service.xml
|
||||
@@ -100,12 +100,10 @@
|
||||
|
||||
<para>The daemon provides both a C library interface
|
||||
(which is shared with <citerefentry><refentrytitle>systemd-logind.service</refentrytitle><manvolnum>8</manvolnum></citerefentry>)
|
||||
- as well as a D-Bus interface and a Varlink interface.
|
||||
+ as well as a D-Bus interface.
|
||||
The library interface may be used to introspect and watch the state of virtual machines/containers.
|
||||
The bus interface provides the same but in addition may also be used to register or terminate
|
||||
- machines. The Varlink interface may be used to register machines with optional extensions, e.g. with an
|
||||
- SSH key / address; it can be queried with
|
||||
- <command>varlinkctl introspect /run/systemd/machine/io.systemd.Machine io.systemd.Machine</command>.
|
||||
+ machines.
|
||||
For more information please consult
|
||||
<citerefentry><refentrytitle>sd-login</refentrytitle><manvolnum>3</manvolnum></citerefentry>
|
||||
and
|
||||
diff --git a/src/machine/machine-varlink.h b/src/machine/machine-varlink.h
|
||||
deleted file mode 100644
|
||||
index ce4ec54dc1..0000000000
|
||||
--- a/src/machine/machine-varlink.h
|
||||
+++ /dev/null
|
||||
@@ -1,6 +0,0 @@
|
||||
-/* SPDX-License-Identifier: LGPL-2.1-or-later */
|
||||
-#pragma once
|
||||
-
|
||||
-#include "varlink.h"
|
||||
-
|
||||
-int vl_method_register(Varlink *link, JsonVariant *parameters, VarlinkMethodFlags flags, void *userdata);
|
||||
diff --git a/src/machine/machined-varlink.c b/src/machine/machined-varlink.c
|
||||
index 0d3ae627c1..6ca98e27cf 100644
|
||||
--- a/src/machine/machined-varlink.c
|
||||
+++ b/src/machine/machined-varlink.c
|
||||
@@ -1,12 +1,10 @@
|
||||
/* SPDX-License-Identifier: LGPL-2.1-or-later */
|
||||
|
||||
#include "format-util.h"
|
||||
-#include "machine-varlink.h"
|
||||
#include "machined-varlink.h"
|
||||
#include "mkdir.h"
|
||||
#include "user-util.h"
|
||||
#include "varlink.h"
|
||||
-#include "varlink-io.systemd.Machine.h"
|
||||
#include "varlink-io.systemd.UserDatabase.h"
|
||||
|
||||
typedef struct LookupParameters {
|
||||
@@ -380,13 +378,13 @@ static int vl_method_get_memberships(Varlink *link, JsonVariant *parameters, Var
|
||||
return varlink_error(link, "io.systemd.UserDatabase.NoRecordFound", NULL);
|
||||
}
|
||||
|
||||
-static int manager_varlink_init_userdb(Manager *m) {
|
||||
+int manager_varlink_init(Manager *m) {
|
||||
_cleanup_(varlink_server_unrefp) VarlinkServer *s = NULL;
|
||||
int r;
|
||||
|
||||
assert(m);
|
||||
|
||||
- if (m->varlink_userdb_server)
|
||||
+ if (m->varlink_server)
|
||||
return 0;
|
||||
|
||||
r = varlink_server_new(&s, VARLINK_SERVER_ACCOUNT_UID|VARLINK_SERVER_INHERIT_USERDATA);
|
||||
@@ -417,64 +415,12 @@ static int manager_varlink_init_userdb(Manager *m) {
|
||||
if (r < 0)
|
||||
return log_error_errno(r, "Failed to attach varlink connection to event loop: %m");
|
||||
|
||||
- m->varlink_userdb_server = TAKE_PTR(s);
|
||||
- return 0;
|
||||
-}
|
||||
-
|
||||
-static int manager_varlink_init_machine(Manager *m) {
|
||||
- _cleanup_(varlink_server_unrefp) VarlinkServer *s = NULL;
|
||||
- int r;
|
||||
-
|
||||
- assert(m);
|
||||
-
|
||||
- if (m->varlink_machine_server)
|
||||
- return 0;
|
||||
-
|
||||
- r = varlink_server_new(&s, VARLINK_SERVER_ROOT_ONLY|VARLINK_SERVER_INHERIT_USERDATA);
|
||||
- if (r < 0)
|
||||
- return log_error_errno(r, "Failed to allocate varlink server object: %m");
|
||||
-
|
||||
- varlink_server_set_userdata(s, m);
|
||||
-
|
||||
- r = varlink_server_add_interface(s, &vl_interface_io_systemd_Machine);
|
||||
- if (r < 0)
|
||||
- return log_error_errno(r, "Failed to add UserDatabase interface to varlink server: %m");
|
||||
-
|
||||
- r = varlink_server_bind_method(s, "io.systemd.Machine.Register", vl_method_register);
|
||||
- if (r < 0)
|
||||
- return log_error_errno(r, "Failed to register varlink methods: %m");
|
||||
-
|
||||
- (void) mkdir_p("/run/systemd/machine", 0755);
|
||||
-
|
||||
- r = varlink_server_listen_address(s, "/run/systemd/machine/io.systemd.Machine", 0666);
|
||||
- if (r < 0)
|
||||
- return log_error_errno(r, "Failed to bind to varlink socket: %m");
|
||||
-
|
||||
- r = varlink_server_attach_event(s, m->event, SD_EVENT_PRIORITY_NORMAL);
|
||||
- if (r < 0)
|
||||
- return log_error_errno(r, "Failed to attach varlink connection to event loop: %m");
|
||||
-
|
||||
- m->varlink_machine_server = TAKE_PTR(s);
|
||||
- return 0;
|
||||
-}
|
||||
-
|
||||
-int manager_varlink_init(Manager *m) {
|
||||
- int r;
|
||||
-
|
||||
- r = manager_varlink_init_userdb(m);
|
||||
- if (r < 0)
|
||||
- return r;
|
||||
-
|
||||
- r = manager_varlink_init_machine(m);
|
||||
- if (r < 0)
|
||||
- return r;
|
||||
-
|
||||
+ m->varlink_server = TAKE_PTR(s);
|
||||
return 0;
|
||||
}
|
||||
|
||||
void manager_varlink_done(Manager *m) {
|
||||
assert(m);
|
||||
|
||||
- m->varlink_userdb_server = varlink_server_unref(m->varlink_userdb_server);
|
||||
- m->varlink_machine_server = varlink_server_unref(m->varlink_machine_server);
|
||||
+ m->varlink_server = varlink_server_unref(m->varlink_server);
|
||||
}
|
||||
diff --git a/src/machine/machined.c b/src/machine/machined.c
|
||||
index d7087e4672..2638ed572e 100644
|
||||
--- a/src/machine/machined.c
|
||||
+++ b/src/machine/machined.c
|
||||
@@ -316,10 +316,7 @@ static bool check_idle(void *userdata) {
|
||||
if (m->operations)
|
||||
return false;
|
||||
|
||||
- if (varlink_server_current_connections(m->varlink_userdb_server) > 0)
|
||||
- return false;
|
||||
-
|
||||
- if (varlink_server_current_connections(m->varlink_machine_server) > 0)
|
||||
+ if (varlink_server_current_connections(m->varlink_server) > 0)
|
||||
return false;
|
||||
|
||||
manager_gc(m, true);
|
||||
diff --git a/src/machine/machined.h b/src/machine/machined.h
|
||||
index 67abed0fd6..280c32bab6 100644
|
||||
--- a/src/machine/machined.h
|
||||
+++ b/src/machine/machined.h
|
||||
@@ -40,8 +40,7 @@ struct Manager {
|
||||
sd_event_source *nscd_cache_flush_event;
|
||||
#endif
|
||||
|
||||
- VarlinkServer *varlink_userdb_server;
|
||||
- VarlinkServer *varlink_machine_server;
|
||||
+ VarlinkServer *varlink_server;
|
||||
};
|
||||
|
||||
int manager_add_machine(Manager *m, const char *name, Machine **_machine);
|
||||
diff --git a/src/machine/meson.build b/src/machine/meson.build
|
||||
index 3150b33de5..c82a32589d 100644
|
||||
--- a/src/machine/meson.build
|
||||
+++ b/src/machine/meson.build
|
||||
@@ -3,7 +3,6 @@
|
||||
libmachine_core_sources = files(
|
||||
'image-dbus.c',
|
||||
'machine-dbus.c',
|
||||
- 'machine-varlink.c',
|
||||
'machine.c',
|
||||
'machined-core.c',
|
||||
'machined-dbus.c',
|
||||
diff --git a/src/shared/meson.build b/src/shared/meson.build
|
||||
index d01367a159..17313aefed 100644
|
||||
--- a/src/shared/meson.build
|
||||
+++ b/src/shared/meson.build
|
||||
@@ -180,7 +180,6 @@ shared_sources = files(
|
||||
'varlink-io.systemd.Credentials.c',
|
||||
'varlink-io.systemd.Hostname.c',
|
||||
'varlink-io.systemd.Journal.c',
|
||||
- 'varlink-io.systemd.Machine.c',
|
||||
'varlink-io.systemd.ManagedOOM.c',
|
||||
'varlink-io.systemd.MountFileSystem.c',
|
||||
'varlink-io.systemd.NamespaceResource.c',
|
||||
diff --git a/src/shared/varlink-io.systemd.Machine.h b/src/shared/varlink-io.systemd.Machine.h
|
||||
deleted file mode 100644
|
||||
index c9fc85f150..0000000000
|
||||
--- a/src/shared/varlink-io.systemd.Machine.h
|
||||
+++ /dev/null
|
||||
@@ -1,6 +0,0 @@
|
||||
-/* SPDX-License-Identifier: LGPL-2.1-or-later */
|
||||
-#pragma once
|
||||
-
|
||||
-#include "varlink-idl.h"
|
||||
-
|
||||
-extern const VarlinkInterface vl_interface_io_systemd_Machine;
|
63
0001-tmpfiles-make-purge-hard-to-mis-use.patch
Normal file
63
0001-tmpfiles-make-purge-hard-to-mis-use.patch
Normal file
@ -0,0 +1,63 @@
|
||||
From f62d1f6ea55fc0dcccbe60582804c9b033f8ad0e Mon Sep 17 00:00:00 2001
|
||||
From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= <zbyszek@in.waw.pl>
|
||||
Date: Tue, 18 Jun 2024 20:32:10 +0200
|
||||
Subject: [PATCH] tmpfiles: make --purge hard to (mis-)use
|
||||
|
||||
Follow-up for https://github.com/systemd/systemd/pull/33383.
|
||||
---
|
||||
src/tmpfiles/tmpfiles.c | 17 +++++++++++++++++
|
||||
1 file changed, 17 insertions(+)
|
||||
|
||||
diff --git a/src/tmpfiles/tmpfiles.c b/src/tmpfiles/tmpfiles.c
|
||||
index 5841db293e..9b0f744ba9 100644
|
||||
--- a/src/tmpfiles/tmpfiles.c
|
||||
+++ b/src/tmpfiles/tmpfiles.c
|
||||
@@ -4195,6 +4195,7 @@ static int parse_argv(int argc, char *argv[]) {
|
||||
ARG_IMAGE_POLICY,
|
||||
ARG_REPLACE,
|
||||
ARG_DRY_RUN,
|
||||
+ ARG_DESTROY_DATA,
|
||||
ARG_NO_PAGER,
|
||||
};
|
||||
|
||||
@@ -4218,10 +4219,18 @@ static int parse_argv(int argc, char *argv[]) {
|
||||
{ "replace", required_argument, NULL, ARG_REPLACE },
|
||||
{ "dry-run", no_argument, NULL, ARG_DRY_RUN },
|
||||
{ "no-pager", no_argument, NULL, ARG_NO_PAGER },
|
||||
+
|
||||
+ /* This is not documented on purpose.
|
||||
+ * If you think --purge should be allowed without jumping through hoops,
|
||||
+ * consider opening a bug report with the description of the use case.
|
||||
+ */
|
||||
+ { "destroy-data", no_argument, NULL, ARG_DESTROY_DATA },
|
||||
+
|
||||
{}
|
||||
};
|
||||
|
||||
int c, r;
|
||||
+ bool destroy_data = false;
|
||||
|
||||
assert(argc >= 0);
|
||||
assert(argv);
|
||||
@@ -4328,6 +4337,10 @@ static int parse_argv(int argc, char *argv[]) {
|
||||
arg_dry_run = true;
|
||||
break;
|
||||
|
||||
+ case ARG_DESTROY_DATA:
|
||||
+ destroy_data = true;
|
||||
+ break;
|
||||
+
|
||||
case ARG_NO_PAGER:
|
||||
arg_pager_flags |= PAGER_DISABLE;
|
||||
break;
|
||||
@@ -4347,6 +4360,10 @@ static int parse_argv(int argc, char *argv[]) {
|
||||
return log_error_errno(SYNTHETIC_ERRNO(EINVAL),
|
||||
"Refusing --purge without specification of a configuration file.");
|
||||
|
||||
+ if (FLAGS_SET(arg_operation, OPERATION_PURGE) && !arg_dry_run && !destroy_data)
|
||||
+ return log_error_errno(SYNTHETIC_ERRNO(EINVAL),
|
||||
+ "Refusing --purge without --destroy-data.");
|
||||
+
|
||||
if (arg_replace && arg_cat_flags != CAT_CONFIG_OFF)
|
||||
return log_error_errno(SYNTHETIC_ERRNO(EINVAL),
|
||||
"Option --replace= is not supported with --cat-config/--tldr.");
|
12
30846.patch
12
30846.patch
@ -1,4 +1,4 @@
|
||||
From 07fd822c59e29b4f5e7dab029ea1186c1b862e3e Mon Sep 17 00:00:00 2001
|
||||
From ca1344d04a9c1804234417dcfbd868524abc7ce6 Mon Sep 17 00:00:00 2001
|
||||
From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= <zbyszek@in.waw.pl>
|
||||
Date: Tue, 9 Jan 2024 11:28:04 +0100
|
||||
Subject: [PATCH] journal: again create user journals for users with high uids
|
||||
@ -39,13 +39,13 @@ revert the change to fix user systems.
|
||||
|
||||
Fixes https://bugzilla.redhat.com/show_bug.cgi?id=2251843.
|
||||
---
|
||||
src/basic/uid-alloc-range.c | 2 +-
|
||||
src/basic/uid-classification.c | 2 +-
|
||||
1 file changed, 1 insertion(+), 1 deletion(-)
|
||||
|
||||
diff --git a/src/basic/uid-alloc-range.c b/src/basic/uid-alloc-range.c
|
||||
index 669cb6d56f7be..7b724b7959f60 100644
|
||||
--- a/src/basic/uid-alloc-range.c
|
||||
+++ b/src/basic/uid-alloc-range.c
|
||||
diff --git a/src/basic/uid-classification.c b/src/basic/uid-classification.c
|
||||
index e2d2cebc6d..2c8b06c0d3 100644
|
||||
--- a/src/basic/uid-classification.c
|
||||
+++ b/src/basic/uid-classification.c
|
||||
@@ -127,5 +127,5 @@ bool uid_for_system_journal(uid_t uid) {
|
||||
|
||||
/* Returns true if the specified UID shall get its data stored in the system journal. */
|
||||
|
@ -7,7 +7,7 @@ and his [talk during ASG2019](https://www.youtube.com/watch?v=fVM1kJrymRM).
|
||||
git clone https://github.com/systemd/systemd
|
||||
fedpkg clone systemd fedora-systemd
|
||||
cd systemd
|
||||
rpmbuild -bb --build-in-place --noprep --define "_sourcedir $PWD/../fedora-systemd" --define "_rpmdir $PWD/rpms" --with inplace ../fedora-systemd/systemd.spec
|
||||
rpmbuild -bb --build-in-place --noprep --define "_sourcedir $PWD/../fedora-systemd" --define "_rpmdir $PWD/rpms" --with upstream ../fedora-systemd/systemd.spec
|
||||
sudo dnf upgrade --setopt install_weak_deps=False rpms/*/*.rpm
|
||||
```
|
||||
|
||||
|
2
sources
2
sources
@ -1 +1 @@
|
||||
SHA512 (systemd-255.3.tar.gz) = c2868a53df2176649b0d0c94e5d451c46ba783bcdbc89ce12434ed2d11dba44b4854ffe4c2430f3f64eef2e214cbb51d5f740170afbd9edd66761a8851157453
|
||||
SHA512 (systemd-256.1.tar.gz) = 5441f634f43b726c13fe57d1ba0030f1b91427d7c2d4f4f32e4add8ff93aeb5139e9337422653df3b897c241e0a8760dafcd441dc622d1e2c1230bbe27dd1a1c
|
||||
|
293
systemd.spec
293
systemd.spec
@ -1,4 +1,4 @@
|
||||
#global commit c4b843473a75fb38ed5bf54e9d3cfb1cb3719efa
|
||||
#global commit 1781de18ab8ebc3e42a607851d8effb3b0355c87
|
||||
%{?commit:%global shortcommit %(c=%{commit}; echo ${c:0:7})}
|
||||
|
||||
# We ship a .pc file but don't want to have a dep on pkg-config. We
|
||||
@ -27,19 +27,27 @@
|
||||
%bcond bootstrap 0
|
||||
%bcond tests 1
|
||||
%bcond lto 1
|
||||
%bcond docs 1
|
||||
|
||||
# Support for quick builds with rpmbuild --build-in-place.
|
||||
# See README.build-in-place.
|
||||
%bcond inplace 0
|
||||
# Build from git main
|
||||
%bcond upstream 0
|
||||
|
||||
# When bootstrap, libcryptsetup is disabled
|
||||
# but auto-features causes many options to be turned on
|
||||
# that depend on libcryptsetup (e.g. libcryptsetup-plugins, homed)
|
||||
%if %{with bootstrap}
|
||||
%global __meson_auto_features disabled
|
||||
%endif
|
||||
|
||||
# Override %%autorelease. This is ugly, but rpmautospec doesn't implement
|
||||
# autorelease correctly if the macro is conditionalized in the Release field.
|
||||
%{?release_override:%global autorelease %{release_override}%{?dist}}
|
||||
|
||||
Name: systemd
|
||||
Url: https://systemd.io
|
||||
%if %{without inplace}
|
||||
Version: 255.3
|
||||
%else
|
||||
# determine the build information from local checkout
|
||||
Version: %(tools/meson-vcs-tag.sh . error | sed -r 's/-([0-9])/.^\1/; s/-g/_g/')
|
||||
%endif
|
||||
# Allow users to specify the version and release when building the rpm by
|
||||
# setting the %%version_override and %%release_override macros.
|
||||
Version: %{?version_override}%{!?version_override:256.1}
|
||||
Release: %autorelease
|
||||
|
||||
%global stable %(c="%version"; [ "$c" = "${c#*.*}" ]; echo $?)
|
||||
@ -50,29 +58,26 @@ Summary: System and Service Manager
|
||||
|
||||
# download tarballs with "spectool -g systemd.spec"
|
||||
%if %{defined commit}
|
||||
Source0: https://github.com/systemd/systemd%{?stable:-stable}/archive/%{commit}/%{name}-%{shortcommit}.tar.gz
|
||||
%else
|
||||
%if 0%{?stable}
|
||||
Source0: https://github.com/systemd/systemd-stable/archive/v%{version_no_tilde}/%{name}-%{version_no_tilde}.tar.gz
|
||||
Source0: https://github.com/systemd/systemd/archive/%{commit}/%{name}-%{shortcommit}.tar.gz
|
||||
%else
|
||||
Source0: https://github.com/systemd/systemd/archive/v%{version_no_tilde}/%{name}-%{version_no_tilde}.tar.gz
|
||||
%endif
|
||||
%endif
|
||||
# This file must be available before %%prep.
|
||||
# It is generated during systemd build and can be found in build/src/core/.
|
||||
Source1: triggers.systemd
|
||||
Source2: split-files.py
|
||||
Source3: purge-nobody-user
|
||||
Source4: test_sysusers_defined.py
|
||||
|
||||
# Prevent accidental removal of the systemd package
|
||||
Source4: yum-protect-systemd.conf
|
||||
Source5: yum-protect-systemd.conf
|
||||
|
||||
Source5: inittab
|
||||
Source6: sysctl.conf.README
|
||||
Source7: systemd-journal-remote.xml
|
||||
Source8: systemd-journal-gatewayd.xml
|
||||
Source9: 20-yama-ptrace.conf
|
||||
Source10: systemd-udev-trigger-no-reload.conf
|
||||
Source6: inittab
|
||||
Source7: sysctl.conf.README
|
||||
Source8: systemd-journal-remote.xml
|
||||
Source9: systemd-journal-gatewayd.xml
|
||||
Source10: 20-yama-ptrace.conf
|
||||
Source11: systemd-udev-trigger-no-reload.conf
|
||||
# https://fedoraproject.org/wiki/How_to_filter_libabigail_reports
|
||||
Source13: .abignore
|
||||
|
||||
@ -100,11 +105,19 @@ GIT_DIR=../../src/systemd/.git git diffab -M v233..master@{2017-06-15} -- hwdb/[
|
||||
# than in the next section. Packit CI will drop any patches in this range before
|
||||
# applying upstream pull requests.
|
||||
|
||||
%if %{without upstream}
|
||||
# Drop varlink method call until selinux policy is updated,
|
||||
# see https://bodhi.fedoraproject.org/updates/FEDORA-2024-d5c99f5063,
|
||||
# https://bugzilla.redhat.com/show_bug.cgi?id=2279923.
|
||||
# Reverts https://github.com/systemd/systemd/commit/5b44c81ff868a4d1b78a74e4770f7a8b2f1d0f91.
|
||||
Patch0001: 0001-Revert-machined-add-varlink-interface-for-registerin.patch
|
||||
|
||||
%if 0%{?fedora} < 41
|
||||
# Work-around for dracut issue: run generators directly when we are in initrd
|
||||
# https://bugzilla.redhat.com/show_bug.cgi?id=2164404
|
||||
# Drop when dracut-060 is available.
|
||||
Patch0001: https://github.com/systemd/systemd/pull/26494.patch
|
||||
|
||||
Patch0010: https://github.com/systemd/systemd/pull/26494.patch
|
||||
%endif
|
||||
|
||||
# Those are downstream-only patches, but we don't want them in packit builds:
|
||||
# https://bugzilla.redhat.com/show_bug.cgi?id=1738828
|
||||
@ -112,10 +125,14 @@ Patch0490: use-bfq-scheduler.patch
|
||||
# https://bugzilla.redhat.com/show_bug.cgi?id=2251843
|
||||
Patch0491: https://github.com/systemd/systemd/pull/30846.patch
|
||||
|
||||
# Soft-disable tmpfiles --purge until a good use case comes up.
|
||||
Patch0492: 0001-tmpfiles-make-purge-hard-to-mis-use.patch
|
||||
%endif
|
||||
|
||||
# Adjust upstream config to use our shared stack
|
||||
Patch0499: fedora-use-system-auth-in-pam-systemd-user.patch
|
||||
|
||||
%ifarch %{ix86} x86_64 aarch64
|
||||
%ifarch %{ix86} x86_64 aarch64 riscv64
|
||||
%global want_bootloader 1
|
||||
%endif
|
||||
|
||||
@ -134,9 +151,9 @@ BuildRequires: audit-libs-devel
|
||||
BuildRequires: cryptsetup-devel
|
||||
%endif
|
||||
BuildRequires: dbus-devel
|
||||
BuildRequires: /usr/sbin/sfdisk
|
||||
BuildRequires: util-linux
|
||||
# /usr/bin/getfacl is needed by test-acl-util
|
||||
BuildRequires: /usr/bin/getfacl
|
||||
BuildRequires: acl
|
||||
BuildRequires: libacl-devel
|
||||
BuildRequires: gobject-introspection-devel
|
||||
BuildRequires: libblkid-devel
|
||||
@ -168,14 +185,18 @@ BuildRequires: qrencode-devel
|
||||
BuildRequires: libmicrohttpd-devel
|
||||
BuildRequires: libxkbcommon-devel
|
||||
BuildRequires: iptables-devel
|
||||
BuildRequires: pkgconfig(bash-completion)
|
||||
BuildRequires: pkgconfig(libarchive)
|
||||
BuildRequires: pkgconfig(libfido2)
|
||||
BuildRequires: pkgconfig(tss2-esys)
|
||||
BuildRequires: pkgconfig(tss2-rc)
|
||||
BuildRequires: pkgconfig(tss2-mu)
|
||||
BuildRequires: pkgconfig(libbpf)
|
||||
BuildRequires: systemtap-sdt-devel
|
||||
%if %{with docs}
|
||||
BuildRequires: libxslt
|
||||
BuildRequires: docbook-style-xsl
|
||||
%endif
|
||||
BuildRequires: pkgconfig
|
||||
BuildRequires: gperf
|
||||
BuildRequires: gawk
|
||||
@ -201,10 +222,9 @@ BuildRequires: libseccomp-devel
|
||||
BuildRequires: meson >= 0.43
|
||||
BuildRequires: gettext
|
||||
# We use RUNNING_ON_VALGRIND in tests, so the headers need to be available
|
||||
%ifarch %{valgrind_arches}
|
||||
BuildRequires: valgrind-devel
|
||||
BuildRequires: pkgconfig(bash-completion)
|
||||
BuildRequires: perl
|
||||
BuildRequires: perl(IPC::SysV)
|
||||
%endif
|
||||
|
||||
%ifnarch %ix86
|
||||
# bpftool is not built for i368
|
||||
@ -248,13 +268,24 @@ Conflicts: initscripts < 9.56.1
|
||||
%if 0%{?fedora}
|
||||
Conflicts: fedora-release < 23-0.12
|
||||
%endif
|
||||
# Make sure that dracut supports systemd-executor and the renames done for v255
|
||||
%if 0%{?fedora} >= 41
|
||||
BuildRequires: setup >= 2.15.0-3
|
||||
BuildRequires: python3
|
||||
Conflicts: setup < 2.15.0-3
|
||||
Conflicts: selinux-policy-any < 41.1
|
||||
%endif
|
||||
|
||||
%if 0%{?fedora} >= 41
|
||||
# Make sure that dracut supports systemd-executor and the renames done for v255,
|
||||
# and dlopen libraries and read-only fs in initrd.
|
||||
Conflicts: dracut < 060-2
|
||||
%else
|
||||
# Make sure that dracut supports systemd-executor and the renames done for v255.
|
||||
Conflicts: dracut < 059-16
|
||||
%endif
|
||||
|
||||
Obsoletes: timedatex < 0.6-3
|
||||
Provides: timedatex = 0.6-3
|
||||
Conflicts: %{name}-standalone-repart < %{version}-%{release}^
|
||||
Provides: %{name}-repart = %{version}-%{release}
|
||||
Conflicts: %{name}-standalone-tmpfiles < %{version}-%{release}^
|
||||
Provides: %{name}-tmpfiles = %{version}-%{release}
|
||||
Conflicts: %{name}-standalone-sysusers < %{version}-%{release}^
|
||||
@ -262,6 +293,19 @@ Provides: %{name}-sysusers = %{version}-%{release}
|
||||
Conflicts: %{name}-standalone-shutdown < %{version}-%{release}^
|
||||
Provides: %{name}-shutdown = %{version}-%{release}
|
||||
|
||||
%if "%{_sbindir}" == "%{_bindir}"
|
||||
# Compat symlinks for Requires in other packages.
|
||||
# We rely on filesystem to create the symlinks for us.
|
||||
Requires: filesystem(unmerged-sbin-symlinks)
|
||||
Provides: /usr/sbin/halt
|
||||
Provides: /usr/sbin/init
|
||||
Provides: /usr/sbin/poweroff
|
||||
Provides: /usr/sbin/reboot
|
||||
Provides: /usr/sbin/runlevel
|
||||
Provides: /usr/sbin/shutdown
|
||||
Provides: /usr/sbin/telinit
|
||||
%endif
|
||||
|
||||
# Recommends to replace normal Requires deps for stuff that is dlopen()ed
|
||||
Recommends: libidn2.so.0%{?elf_suffix}
|
||||
Recommends: libidn2.so.0(IDN2_0.0.0)%{?elf_bits}
|
||||
@ -284,6 +328,17 @@ Recommends: libelf.so.1(ELFUTILS_1.7)%{?elf_bits}
|
||||
Recommends: libcryptsetup.so.12%{?elf_suffix}
|
||||
Recommends: libcryptsetup.so.12(CRYPTSETUP_2.4)%{?elf_bits}
|
||||
|
||||
# Libkmod is used to load modules.
|
||||
Recommends: libkmod.so.2%{?elf_suffix}
|
||||
# kmod_list_next, kmod_load_resources, kmod_module_get_initstate,
|
||||
# kmod_module_get_module, kmod_module_get_name, kmod_module_new_from_lookup,
|
||||
# kmod_module_probe_insert_module, kmod_module_unref, kmod_module_unref_list,
|
||||
# kmod_new, kmod_set_log_fn, kmod_unref, kmod_validate_resources
|
||||
# are part of LIBKMOD_5.
|
||||
Recommends: libkmod.so.2(LIBKMOD_5)%{?elf_bits}
|
||||
|
||||
Recommends: libarchive.so.13%{?elf_suffix}
|
||||
|
||||
%description
|
||||
systemd is a system and service manager that runs as PID 1 and starts the rest
|
||||
of the system. It provides aggressive parallelization capabilities, uses socket
|
||||
@ -349,9 +404,9 @@ Summary: Rule-based device node and kernel event manager
|
||||
License: LGPL-2.1-or-later
|
||||
|
||||
Requires: systemd%{_isa} = %{version}-%{release}
|
||||
Requires(post): systemd
|
||||
Requires(preun): systemd
|
||||
Requires(postun): systemd
|
||||
Requires(post): systemd%{_isa} = %{version}-%{release}
|
||||
Requires(preun): systemd%{_isa} = %{version}-%{release}
|
||||
Requires(postun): systemd%{_isa} = %{version}-%{release}
|
||||
Requires(post): grep
|
||||
Requires: kmod >= 18-4
|
||||
# https://bodhi.fedoraproject.org/updates/FEDORA-2020-dd43dd05b1
|
||||
@ -362,6 +417,11 @@ Obsoletes: udev < 183
|
||||
Requires: (grubby > 8.40-72 if grubby)
|
||||
Requires: (sdubby > 1.0-3 if sdubby)
|
||||
|
||||
# Libkmod is used to load modules. Assume that if we need udevd, we certainly
|
||||
# want to load modules, so make this into a hard dependency here.
|
||||
Requires: libkmod.so.2%{?elf_suffix}
|
||||
Requires: libkmod.so.2(LIBKMOD_5)%{?elf_bits}
|
||||
|
||||
# Recommends to replace normal Requires deps for stuff that is dlopen()ed
|
||||
# used by dissect, integritysetup, veritysetyp, growfs, repart, cryptenroll, home
|
||||
Recommends: libcryptsetup.so.12%{?elf_suffix}
|
||||
@ -392,6 +452,16 @@ Obsoletes: u2f-hidraw-policy < 1.0.2-40
|
||||
# self-obsoletes to install both packages after split of systemd-boot
|
||||
Obsoletes: systemd-udev < 252.2^
|
||||
|
||||
Conflicts: %{name}-standalone-repart < %{version}-%{release}^
|
||||
Provides: %{name}-repart = %{version}-%{release}
|
||||
|
||||
%if "%{_sbindir}" == "%{_bindir}"
|
||||
# Compat symlinks for Requires in other packages.
|
||||
# We rely on filesystem to create the symlinks for us.
|
||||
Requires: filesystem(unmerged-sbin-symlinks)
|
||||
Provides: /usr/sbin/udevadm
|
||||
%endif
|
||||
|
||||
%description udev
|
||||
This package contains systemd-udev and the rules and hardware database needed to
|
||||
manage device nodes. This package is necessary on physical machines and in
|
||||
@ -407,11 +477,19 @@ machine, and to create or grow partitions and make file systems automatically.
|
||||
Summary: Tool to build Unified Kernel Images
|
||||
Requires: %{name} = %{version}-%{release}
|
||||
|
||||
Requires: systemd-boot
|
||||
Requires: python3dist(pefile)
|
||||
Requires: python3dist(zstd)
|
||||
Requires: python3dist(cryptography)
|
||||
Recommends: python3dist(pillow)
|
||||
|
||||
# for tests
|
||||
%ifarch riscv64
|
||||
# 2.42 received support for riscv64 + efi targets
|
||||
%global binutils_version_req >= 2.42
|
||||
%endif
|
||||
BuildRequires: binutils %{?binutils_version_req}
|
||||
|
||||
BuildArch: noarch
|
||||
|
||||
%description ukify
|
||||
@ -445,9 +523,9 @@ the version that works with Secure Boot.
|
||||
# Name is the same as in Debian
|
||||
Summary: Tools for containers and VMs
|
||||
Requires: %{name}%{_isa} = %{version}-%{release}
|
||||
Requires(post): systemd
|
||||
Requires(preun): systemd
|
||||
Requires(postun): systemd
|
||||
Requires(post): systemd%{_isa} = %{version}-%{release}
|
||||
Requires(preun): systemd%{_isa} = %{version}-%{release}
|
||||
Requires(postun): systemd%{_isa} = %{version}-%{release}
|
||||
# obsolete parent package so that dnf will install new subpackage on upgrade (#1260394)
|
||||
Obsoletes: %{name} < 229-5
|
||||
# Bias the system towards libcurl-minimal if nothing pulls in full libcurl (#1997040)
|
||||
@ -482,6 +560,7 @@ systemd-journal-upload.
|
||||
%package networkd
|
||||
Summary: System daemon that manages network configurations
|
||||
Requires: %{name}%{_isa} = %{version}-%{release}
|
||||
%{?fedora:Recommends: %{name}-udev = %{version}-%{release}}
|
||||
License: LGPL-2.1-or-later
|
||||
# https://src.fedoraproject.org/rpms/systemd/pull-request/34
|
||||
Obsoletes: systemd < 246.6-2
|
||||
@ -531,6 +610,7 @@ Requires: %{name}%{_isa} = %{version}-%{release}
|
||||
# This dependency is provided transitively. Also add it explicitly to
|
||||
# appease rpminspect, https://github.com/rpminspect/rpminspect/issues/1231:
|
||||
Requires: %{name}-libs%{_isa} = %{version}-%{release}
|
||||
Requires: python3dist(psutil)
|
||||
|
||||
License: LGPL-2.1-or-later
|
||||
|
||||
@ -579,14 +659,14 @@ other libraries from systemd-libs. This package conflicts with the main systemd
|
||||
package and is meant for use in exitrds.
|
||||
|
||||
%prep
|
||||
%autosetup -n %{?commit:%{name}%[%stable?"-stable":""]-%{commit}}%{!?commit:%{name}%[%stable?"-stable":""]-%{version_no_tilde}} -p1
|
||||
%autosetup -n %{?commit:%{name}-%{commit}}%{!?commit:%{name}-%{version_no_tilde}} -p1
|
||||
|
||||
%build
|
||||
%global ntpvendor %(source /etc/os-release; echo ${ID})
|
||||
%{!?ntpvendor: echo 'NTP vendor zone is not set!'; exit 1}
|
||||
|
||||
CONFIGURE_OPTS=(
|
||||
-Dmode=release
|
||||
-Dmode=%[%{with upstream}?"developer":"release"]
|
||||
-Dsysvinit-path=/etc/rc.d/init.d
|
||||
-Drc-local=/etc/rc.d/rc.local
|
||||
-Dntp-servers='0.%{ntpvendor}.pool.ntp.org 1.%{ntpvendor}.pool.ntp.org 2.%{ntpvendor}.pool.ntp.org 3.%{ntpvendor}.pool.ntp.org'
|
||||
@ -620,6 +700,7 @@ CONFIGURE_OPTS=(
|
||||
-Delfutils=enabled
|
||||
-Dlibcryptsetup=%[%{with bootstrap}?"disabled":"enabled"]
|
||||
-Delfutils=enabled
|
||||
-Drepart=enabled
|
||||
-Dpwquality=enabled
|
||||
-Dqrencode=%[%{defined rhel}?"disabled":"enabled"]
|
||||
-Dgnutls=%[%{with gnutls}?"enabled":"disabled"]
|
||||
@ -641,18 +722,15 @@ CONFIGURE_OPTS=(
|
||||
-Ddefault-network=true
|
||||
-Dtests=unsafe
|
||||
-Dinstall-tests=true
|
||||
-Dtty-gid=5
|
||||
-Dusers-gid=100
|
||||
-Dnobody-user=nobody
|
||||
-Dnobody-group=nobody
|
||||
-Dcompat-mutable-uid-boundaries=true
|
||||
-Dsplit-bin=true
|
||||
-Db_lto=%[%{with lto}?"true":"false"]
|
||||
-Db_ndebug=false
|
||||
-Dman=enabled
|
||||
-Dversion-tag=%{version}-%{release}
|
||||
-Dman=%[%{with docs}?"enabled":"disabled"]
|
||||
-Dversion-tag=%{version}%[%{without upstream}?"-%{release}":""]
|
||||
# https://bugzilla.redhat.com/show_bug.cgi?id=1906010
|
||||
-Dshared-lib-tag=%{version_no_tilde}-%{release}
|
||||
-Dshared-lib-tag=%{version_no_tilde}%[%{without upstream}?"-%{release}":""]
|
||||
-Dfallback-hostname="localhost"
|
||||
-Ddefault-dnssec=no
|
||||
-Ddefault-dns-over-tls=no
|
||||
@ -666,23 +744,24 @@ CONFIGURE_OPTS=(
|
||||
-Ddefault-user-timeout-sec=45
|
||||
-Dconfigfiledir=/usr/lib
|
||||
-Doomd=true
|
||||
|
||||
-Dadm-gid=4
|
||||
-Daudio-gid=63
|
||||
-Dtty-gid=5
|
||||
-Ddisk-gid=6
|
||||
-Dlp-gid=7
|
||||
-Dkmem-gid=9
|
||||
-Dwheel-gid=10
|
||||
-Dcdrom-gid=11
|
||||
-Ddialout-gid=18
|
||||
-Ddisk-gid=6
|
||||
-Dinput-gid=104
|
||||
-Dkmem-gid=9
|
||||
-Dutmp-gid=22
|
||||
-Dtape-gid=33
|
||||
-Dkvm-gid=36
|
||||
-Dlp-gid=7
|
||||
-Dvideo-gid=39
|
||||
-Daudio-gid=63
|
||||
-Dusers-gid=100
|
||||
-Dinput-gid=104
|
||||
-Drender-gid=105
|
||||
-Dsgx-gid=106
|
||||
-Dtape-gid=33
|
||||
-Dtty-gid=5
|
||||
-Dusers-gid=100
|
||||
-Dutmp-gid=22
|
||||
-Dvideo-gid=39
|
||||
-Dwheel-gid=10
|
||||
-Dsystemd-journal-gid=190
|
||||
-Dsystemd-network-uid=192
|
||||
-Dsystemd-resolve-uid=193
|
||||
@ -701,15 +780,7 @@ CONFIGURE_OPTS=(
|
||||
%global _lto_cflags %nil
|
||||
%endif
|
||||
|
||||
# Do configuration. If doing an inplace build, try to do
|
||||
# reconfiguration to pick up new options.
|
||||
%if %{with inplace}
|
||||
command -v ccache 2>/dev/null && { CC="${CC:-ccache %__cc}"; CXX="${CXX:-ccache %__cxx}"; }
|
||||
|
||||
[ -e %{_vpath_builddir}/build.ninja ] &&
|
||||
%__meson configure %{_vpath_builddir} "${CONFIGURE_OPTS[@]}" ||
|
||||
%endif
|
||||
{ %meson "${CONFIGURE_OPTS[@]}"; }
|
||||
{ %meson "${CONFIGURE_OPTS[@]}" %{?meson_extra_configure_options} ; }
|
||||
|
||||
%meson_build
|
||||
|
||||
@ -726,8 +797,10 @@ sed -r 's|/system/|/user/|g' %{SOURCE16} >10-timeout-abort.conf.user
|
||||
%meson_install
|
||||
|
||||
# udev links
|
||||
%if "%{_sbindir}" != "%{_bindir}"
|
||||
mkdir -p %{buildroot}/%{_sbindir}
|
||||
ln -sf ../bin/udevadm %{buildroot}%{_sbindir}/udevadm
|
||||
%endif
|
||||
|
||||
# Compatiblity and documentation files
|
||||
touch %{buildroot}/etc/crypttab
|
||||
@ -752,11 +825,13 @@ touch %{buildroot}/etc/systemd/coredump.conf \
|
||||
%{buildroot}/etc/udev/udev.conf \
|
||||
%{buildroot}/etc/udev/iocost.conf
|
||||
|
||||
install -D -t %{buildroot}/usr/lib/systemd/ %{SOURCE3}
|
||||
|
||||
# /etc/initab
|
||||
install -Dm0644 -t %{buildroot}/etc/ %{SOURCE5}
|
||||
install -Dm0644 -t %{buildroot}/etc/ %{SOURCE6}
|
||||
|
||||
# /etc/sysctl.conf compat
|
||||
install -Dm0644 %{SOURCE6} %{buildroot}/etc/sysctl.conf
|
||||
install -Dm0644 %{SOURCE7} %{buildroot}/etc/sysctl.conf
|
||||
ln -s ../sysctl.conf %{buildroot}/etc/sysctl.d/99-sysctl.conf
|
||||
|
||||
# Make sure these directories are properly owned
|
||||
@ -809,21 +884,19 @@ touch %{buildroot}%{_localstatedir}/lib/systemd/timesync/clock
|
||||
touch %{buildroot}%{_localstatedir}/lib/private/systemd/journal-upload/state
|
||||
|
||||
# Install yum protection fragment
|
||||
install -Dm0644 %{SOURCE4} %{buildroot}/etc/dnf/protected.d/systemd.conf
|
||||
install -Dm0644 %{SOURCE5} %{buildroot}/etc/dnf/protected.d/systemd.conf
|
||||
|
||||
install -Dm0644 -t %{buildroot}/usr/lib/firewalld/services/ %{SOURCE7} %{SOURCE8}
|
||||
install -Dm0644 -t %{buildroot}/usr/lib/firewalld/services/ %{SOURCE8} %{SOURCE9}
|
||||
|
||||
# Install additional docs
|
||||
# https://bugzilla.redhat.com/show_bug.cgi?id=1234951
|
||||
install -Dm0644 -t %{buildroot}%{_pkgdocdir}/ %{SOURCE9}
|
||||
install -Dm0644 -t %{buildroot}%{_pkgdocdir}/ %{SOURCE10}
|
||||
|
||||
# https://bugzilla.redhat.com/show_bug.cgi?id=1378974
|
||||
install -Dm0644 -t %{buildroot}%{system_unit_dir}/systemd-udev-trigger.service.d/ %{SOURCE10}
|
||||
install -Dm0644 -t %{buildroot}%{system_unit_dir}/systemd-udev-trigger.service.d/ %{SOURCE11}
|
||||
|
||||
install -Dm0644 -t %{buildroot}%{_prefix}/lib/systemd/ %{SOURCE13}
|
||||
|
||||
install -D -t %{buildroot}/usr/lib/systemd/ %{SOURCE3}
|
||||
|
||||
# systemd-oomd default configuration
|
||||
install -Dm0644 -t %{buildroot}%{_prefix}/lib/systemd/oomd.conf.d/ %{SOURCE14}
|
||||
install -Dm0644 -t %{buildroot}%{system_unit_dir}/system.slice.d/ %{SOURCE15}
|
||||
@ -850,6 +923,20 @@ install -Dm0644 -t %{buildroot}%{_prefix}/lib/systemd/network/ %{SOURCE25}
|
||||
|
||||
ln -s --relative %{buildroot}%{_bindir}/kernel-install %{buildroot}%{_sbindir}/installkernel
|
||||
|
||||
%if "%{_sbindir}" == "%{_bindir}"
|
||||
# Systemd has the split-sbin option which is also used to select the directory
|
||||
# for alias symlinks. We need to keep split-sbin=true for now, to support
|
||||
# unmerged systems. Move the symlinks here instead.
|
||||
mv -v %{buildroot}/usr/sbin/* %{buildroot}%{_bindir}/
|
||||
%endif
|
||||
|
||||
%if 0%{?fedora} >= 41
|
||||
# This requires https://pagure.io/setup/pull-request/50
|
||||
# and https://src.fedoraproject.org/rpms/setup/pull-request/10.
|
||||
%{python3} %{SOURCE4} /usr/lib/sysusers.d/20-setup-{users,groups}.conf %{buildroot}/usr/lib/sysusers.d/basic.conf
|
||||
rm %{buildroot}/usr/lib/sysusers.d/basic.conf
|
||||
%endif
|
||||
|
||||
%find_lang %{name}
|
||||
|
||||
# Split files in build root into rpms
|
||||
@ -867,33 +954,6 @@ meson test -C %{_vpath_builddir} -t 6 --print-errorlogs
|
||||
%post
|
||||
systemd-machine-id-setup &>/dev/null || :
|
||||
|
||||
# FIXME: move to %postun. We want to restart systemd *after* removing
|
||||
# files from the old rpm. Right now we may still have bits the old
|
||||
# setup if the files are not present in the new version. But before
|
||||
# implement restarting of *other* services after the transaction, moving
|
||||
# this would make things worse, increasing the number of warnings we get
|
||||
# about needed daemon-reload.
|
||||
|
||||
systemctl daemon-reexec &>/dev/null || {
|
||||
# systemd v239 had bug #9553 in D-Bus authentication of the private socket,
|
||||
# which was later fixed in v240 by #9625.
|
||||
#
|
||||
# The end result is that a `systemctl daemon-reexec` call as root will fail
|
||||
# when upgrading from systemd v239, which means the system will not start
|
||||
# running the new version of systemd after this post install script runs.
|
||||
#
|
||||
# To work around this issue, let's fall back to using a `kill -TERM 1` to
|
||||
# re-execute the daemon when the `systemctl daemon-reexec` call fails.
|
||||
#
|
||||
# In order to prevent issues when the reason why the daemon-reexec failed is
|
||||
# not the aforementioned bug, let's only use this fallback when:
|
||||
# - we're upgrading this RPM package; and
|
||||
# - we confirm that systemd is running as PID1 on this system.
|
||||
if [ $1 -gt 1 ] && [ -d /run/systemd/system ] ; then
|
||||
kill -TERM 1 &>/dev/null || :
|
||||
fi
|
||||
}
|
||||
|
||||
[ $1 -eq 1 ] || exit 0
|
||||
|
||||
# create /var/log/journal only on initial installation,
|
||||
@ -915,8 +975,11 @@ systemctl preset-all &>/dev/null || :
|
||||
systemctl --global preset-all &>/dev/null || :
|
||||
|
||||
%postun
|
||||
if [ $1 -eq 1 ]; then
|
||||
if [ $1 -ge 1 ]; then
|
||||
[ -w %{_localstatedir} ] && journalctl --update-catalog || :
|
||||
|
||||
systemctl daemon-reexec || :
|
||||
|
||||
systemd-tmpfiles --create &>/dev/null || :
|
||||
fi
|
||||
|
||||
@ -924,32 +987,16 @@ fi
|
||||
|
||||
# FIXME: systemd-logind.service is excluded (https://github.com/systemd/systemd/pull/17558)
|
||||
|
||||
# This is the explanded form of %%systemd_user_daemon_reexec. We
|
||||
# This is the expanded form of %%systemd_user_daemon_reexec. We
|
||||
# can't use the macro because we define it ourselves.
|
||||
if [ $1 -ge 1 ] && [ -x "/usr/lib/systemd/systemd-update-helper" ]; then
|
||||
# Package upgrade, not uninstall
|
||||
/usr/lib/systemd/systemd-update-helper user-reexec || :
|
||||
fi
|
||||
|
||||
%triggerun resolved -- systemd < 246.1-1
|
||||
# This is for upgrades from previous versions before systemd-resolved became the default.
|
||||
systemctl --no-reload preset systemd-resolved.service &>/dev/null || :
|
||||
|
||||
if systemctl -q is-enabled systemd-resolved.service &>/dev/null; then
|
||||
systemctl -q is-enabled NetworkManager.service 2>/dev/null && \
|
||||
! test -L /etc/resolv.conf 2>/dev/null && \
|
||||
! mountpoint /etc/resolv.conf &>/dev/null && \
|
||||
grep -q 'Generated by NetworkManager' /etc/resolv.conf 2>/dev/null && \
|
||||
echo -e '/etc/resolv.conf was generated by NetworkManager.\nRemoving it to let systemd-resolved manage this file.' && \
|
||||
mv -v /etc/resolv.conf /etc/resolv.conf.orig-with-nm && \
|
||||
ln -sv ../run/systemd/resolve/stub-resolv.conf /etc/resolv.conf 2>/dev/null || :
|
||||
|
||||
systemctl start systemd-resolved.service &>/dev/null || :
|
||||
fi
|
||||
|
||||
%triggerun -- systemd < 247.3-2
|
||||
# This is for upgrades from previous versions before oomd-defaults is available.
|
||||
systemctl --no-reload preset systemd-oomd.service &>/dev/null || :
|
||||
%triggerun -- systemd < 256
|
||||
# This is for upgrades from previous versions before systemd restart was moved to %%postun
|
||||
systemctl daemon-reexec || :
|
||||
|
||||
%triggerpostun -- systemd < 253~rc1-2
|
||||
# This is for upgrades from previous versions where systemd-journald-audit.socket
|
||||
|
34
test_sysusers_defined.py
Executable file
34
test_sysusers_defined.py
Executable file
@ -0,0 +1,34 @@
|
||||
#!/usr/bin/python
|
||||
|
||||
import sys
|
||||
|
||||
def parse_sysusers_file(filename):
|
||||
users, groups = set(), set()
|
||||
|
||||
for line in open(filename):
|
||||
line = line.strip()
|
||||
if not line or line.startswith('#'):
|
||||
continue
|
||||
words = line.split()
|
||||
match words[0]:
|
||||
case 'u':
|
||||
users.add(words[1])
|
||||
case 'g':
|
||||
groups.add(words[1])
|
||||
case 'm'|'r':
|
||||
continue
|
||||
case _:
|
||||
assert False
|
||||
return users, groups
|
||||
|
||||
setup_users, setup_groups = parse_sysusers_file(sys.argv[1])
|
||||
setup_users2, setup_groups2 = parse_sysusers_file(sys.argv[2])
|
||||
setup_users |= setup_users2
|
||||
setup_groups |= setup_groups2
|
||||
|
||||
basic_users, basic_groups = parse_sysusers_file(sys.argv[3])
|
||||
|
||||
if d := basic_users - setup_users:
|
||||
exit(f'We have new users: {d}')
|
||||
if d := basic_groups - setup_groups:
|
||||
exit(f'We have new groups: {d}')
|
Loading…
Reference in New Issue
Block a user