Version 250-rc1
The crypto backend is switched to openssl. gcrypt is still used for FSS in libsystemd.so.
This commit is contained in:
parent
e19aaa4604
commit
ce4156b3dd
@ -1,252 +0,0 @@
|
||||
From 7d9ee15d0fc2af87481ee371b278dbe7e68165ef Mon Sep 17 00:00:00 2001
|
||||
From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= <zbyszek@in.waw.pl>
|
||||
Date: Wed, 7 Jul 2021 14:02:36 +0200
|
||||
Subject: [PATCH] rpm: don't specify the full path for systemctl and other
|
||||
commands
|
||||
|
||||
We can make things a bit simpler and more readable by not specifying the path.
|
||||
Since we didn't specify the full path for all commands (including those invoked
|
||||
recursively by anythign we invoke), this didn't really privide any security or
|
||||
robustness benefits. I guess that full paths were used because this style of
|
||||
rpm packagnig was popular in the past, with macros used for everything
|
||||
possible, with special macros for common commands like %{__ln} and %{__mkdir}.
|
||||
---
|
||||
src/rpm/macros.systemd.in | 24 ++++++++++++------------
|
||||
src/rpm/triggers.systemd.in | 18 +++++++++---------
|
||||
src/rpm/triggers.systemd.sh.in | 18 +++++++++---------
|
||||
3 files changed, 30 insertions(+), 30 deletions(-)
|
||||
|
||||
diff --git a/src/rpm/macros.systemd.in b/src/rpm/macros.systemd.in
|
||||
index 3a0169a85f..3129ab2d61 100644
|
||||
--- a/src/rpm/macros.systemd.in
|
||||
+++ b/src/rpm/macros.systemd.in
|
||||
@@ -46,9 +46,9 @@ OrderWithRequires(postun): systemd \
|
||||
|
||||
%systemd_post() \
|
||||
%{expand:%%{?__systemd_someargs_%#:%%__systemd_someargs_%# systemd_post}} \
|
||||
-if [ $1 -eq 1 ] && [ -x %{_bindir}/systemctl ]; then \
|
||||
+if [ $1 -eq 1 ] && command -v systemctl >/dev/null; then \
|
||||
# Initial installation \
|
||||
- %{_bindir}/systemctl --no-reload preset %{?*} || : \
|
||||
+ systemctl --no-reload preset %{?*} || : \
|
||||
fi \
|
||||
%{nil}
|
||||
|
||||
@@ -56,21 +56,21 @@ fi \
|
||||
|
||||
%systemd_preun() \
|
||||
%{expand:%%{?__systemd_someargs_%#:%%__systemd_someargs_%# systemd_preun}} \
|
||||
-if [ $1 -eq 0 ] && [ -x %{_bindir}/systemctl ]; then \
|
||||
+if [ $1 -eq 0 ] && command -v systemctl >/dev/null; then \
|
||||
# Package removal, not upgrade \
|
||||
if [ -d /run/systemd/system ]; then \
|
||||
- %{_bindir}/systemctl --no-reload disable --now %{?*} || : \
|
||||
+ systemctl --no-reload disable --now %{?*} || : \
|
||||
else \
|
||||
- %{_bindir}/systemctl --no-reload disable %{?*} || : \
|
||||
+ systemctl --no-reload disable %{?*} || : \
|
||||
fi \
|
||||
fi \
|
||||
%{nil}
|
||||
|
||||
%systemd_user_preun() \
|
||||
%{expand:%%{?__systemd_someargs_%#:%%__systemd_someargs_%# systemd_user_preun}} \
|
||||
-if [ $1 -eq 0 ] && [ -x %{_bindir}/systemctl ]; then \
|
||||
+if [ $1 -eq 0 ] && command -v systemctl >/dev/null; then \
|
||||
# Package removal, not upgrade \
|
||||
- %{_bindir}/systemctl --global disable %{?*} || : \
|
||||
+ systemctl --global disable %{?*} || : \
|
||||
fi \
|
||||
%{nil}
|
||||
|
||||
@@ -84,10 +84,10 @@ fi \
|
||||
|
||||
%systemd_postun_with_restart() \
|
||||
%{expand:%%{?__systemd_someargs_%#:%%__systemd_someargs_%# systemd_postun_with_restart}} \
|
||||
-if [ $1 -ge 1 ] && [ -x %{_bindir}/systemctl ]; then \
|
||||
+if [ $1 -ge 1 ] && command -v systemctl >/dev/null; then \
|
||||
# Package upgrade, not uninstall \
|
||||
for unit in %{?*}; do \
|
||||
- %{_bindir}/systemctl set-property $unit Markers=+needs-restart || : \
|
||||
+ systemctl set-property $unit Markers=+needs-restart || : \
|
||||
done \
|
||||
fi \
|
||||
%{nil}
|
||||
@@ -105,17 +105,17 @@ fi \
|
||||
# Deprecated. Use %tmpfiles_create_package instead
|
||||
%tmpfiles_create() \
|
||||
%{expand:%%{?__systemd_someargs_%#:%%__systemd_someargs_%# tmpfiles_create}} \
|
||||
-[ -x %{_bindir}/systemd-tmpfiles ] && %{_bindir}/systemd-tmpfiles --create %{?*} || : \
|
||||
+command -v systemd-tmpfiles >/dev/null && systemd-tmpfiles --create %{?*} || : \
|
||||
%{nil}
|
||||
|
||||
# Deprecated. Use %sysusers_create_package instead
|
||||
%sysusers_create() \
|
||||
%{expand:%%{?__systemd_someargs_%#:%%__systemd_someargs_%# sysusers_create}} \
|
||||
-[ -x %{_bindir}/systemd-sysusers ] && %{_bindir}/systemd-sysusers %{?*} || : \
|
||||
+command -v systemd-sysusers >/dev/null && systemd-sysusers %{?*} || : \
|
||||
%{nil}
|
||||
|
||||
%sysusers_create_inline() \
|
||||
-[ -x %{_bindir}/systemd-sysusers ] && %{_bindir}/systemd-sysusers - <<SYSTEMD_INLINE_EOF || : \
|
||||
+command -v systemd-sysusers >/dev/null && systemd-sysusers - <<SYSTEMD_INLINE_EOF || : \
|
||||
%{?*} \
|
||||
SYSTEMD_INLINE_EOF\
|
||||
%{nil}
|
||||
diff --git a/src/rpm/triggers.systemd.in b/src/rpm/triggers.systemd.in
|
||||
index b33d2212e8..247358008a 100644
|
||||
--- a/src/rpm/triggers.systemd.in
|
||||
+++ b/src/rpm/triggers.systemd.in
|
||||
@@ -16,14 +16,14 @@
|
||||
if posix.access("/run/systemd/system") then
|
||||
pid = posix.fork()
|
||||
if pid == 0 then
|
||||
- assert(posix.exec("%{_bindir}/systemctl", "daemon-reload"))
|
||||
+ assert(posix.execp("systemctl", "daemon-reload"))
|
||||
elseif pid > 0 then
|
||||
posix.wait(pid)
|
||||
end
|
||||
|
||||
pid = posix.fork()
|
||||
if pid == 0 then
|
||||
- assert(posix.exec("%{_bindir}/systemctl", "reload-or-restart", "--marked"))
|
||||
+ assert(posix.execp("systemctl", "reload-or-restart", "--marked"))
|
||||
elseif pid > 0 then
|
||||
posix.wait(pid)
|
||||
end
|
||||
@@ -38,7 +38,7 @@ end
|
||||
if posix.access("/run/systemd/system") then
|
||||
pid = posix.fork()
|
||||
if pid == 0 then
|
||||
- assert(posix.exec("%{_bindir}/systemctl", "daemon-reload"))
|
||||
+ assert(posix.execp("systemctl", "daemon-reload"))
|
||||
elseif pid > 0 then
|
||||
posix.wait(pid)
|
||||
end
|
||||
@@ -49,7 +49,7 @@ end
|
||||
if posix.access("/run/systemd/system") then
|
||||
pid = posix.fork()
|
||||
if pid == 0 then
|
||||
- assert(posix.exec("%{_bindir}/systemctl", "reload-or-restart", "--marked"))
|
||||
+ assert(posix.execp("systemctl", "reload-or-restart", "--marked"))
|
||||
elseif pid > 0 then
|
||||
posix.wait(pid)
|
||||
end
|
||||
@@ -62,7 +62,7 @@ end
|
||||
if posix.access("/run/systemd/system") then
|
||||
pid = posix.fork()
|
||||
if pid == 0 then
|
||||
- assert(posix.exec("%{_bindir}/systemd-sysusers"))
|
||||
+ assert(posix.execp("systemd-sysusers"))
|
||||
elseif pid > 0 then
|
||||
posix.wait(pid)
|
||||
end
|
||||
@@ -74,7 +74,7 @@ end
|
||||
if posix.access("/run/systemd/system") then
|
||||
pid = posix.fork()
|
||||
if pid == 0 then
|
||||
- assert(posix.exec("%{_bindir}/systemd-hwdb", "update"))
|
||||
+ assert(posix.execp("systemd-hwdb", "update"))
|
||||
elseif pid > 0 then
|
||||
posix.wait(pid)
|
||||
end
|
||||
@@ -86,7 +86,7 @@ end
|
||||
if posix.access("/run/systemd/system") then
|
||||
pid = posix.fork()
|
||||
if pid == 0 then
|
||||
- assert(posix.exec("%{_bindir}/journalctl", "--update-catalog"))
|
||||
+ assert(posix.execp("journalctl", "--update-catalog"))
|
||||
elseif pid > 0 then
|
||||
posix.wait(pid)
|
||||
end
|
||||
@@ -111,7 +111,7 @@ end
|
||||
if posix.access("/run/systemd/system") then
|
||||
pid = posix.fork()
|
||||
if pid == 0 then
|
||||
- assert(posix.exec("%{_bindir}/systemd-tmpfiles", "--create"))
|
||||
+ assert(posix.execp("systemd-tmpfiles", "--create"))
|
||||
elseif pid > 0 then
|
||||
posix.wait(pid)
|
||||
end
|
||||
@@ -123,7 +123,7 @@ end
|
||||
if posix.access("/run/systemd/system") then
|
||||
pid = posix.fork()
|
||||
if pid == 0 then
|
||||
- assert(posix.exec("%{_bindir}/udevadm", "control", "--reload"))
|
||||
+ assert(posix.execp("udevadm", "control", "--reload"))
|
||||
elseif pid > 0 then
|
||||
posix.wait(pid)
|
||||
end
|
||||
diff --git a/src/rpm/triggers.systemd.sh.in b/src/rpm/triggers.systemd.sh.in
|
||||
index 22abad9812..1631be18c9 100644
|
||||
--- a/src/rpm/triggers.systemd.sh.in
|
||||
+++ b/src/rpm/triggers.systemd.sh.in
|
||||
@@ -15,8 +15,8 @@
|
||||
# installed, because other cases are covered by the *un scriptlets,
|
||||
# so sometimes we will reload needlessly.
|
||||
if test -d "/run/systemd/system"; then
|
||||
- %{_bindir}/systemctl daemon-reload || :
|
||||
- %{_bindir}/systemctl reload-or-restart --marked || :
|
||||
+ systemctl daemon-reload || :
|
||||
+ systemctl reload-or-restart --marked || :
|
||||
fi
|
||||
|
||||
%transfiletriggerpostun -P 1000100 -- {{SYSTEM_DATA_UNIT_DIR}} /etc/systemd/system
|
||||
@@ -26,13 +26,13 @@ fi
|
||||
# have been installed, but before %postun scripts in packages get
|
||||
# executed.
|
||||
if test -d "/run/systemd/system"; then
|
||||
- %{_bindir}/systemctl daemon-reload || :
|
||||
+ systemctl daemon-reload || :
|
||||
fi
|
||||
|
||||
%transfiletriggerpostun -P 10000 -- {{SYSTEM_DATA_UNIT_DIR}} /etc/systemd/system
|
||||
# We restart remaining services that should be restarted here.
|
||||
if test -d "/run/systemd/system"; then
|
||||
- %{_bindir}/systemctl reload-or-restart --marked || :
|
||||
+ systemctl reload-or-restart --marked || :
|
||||
fi
|
||||
|
||||
%transfiletriggerin -P 1000700 -- {{SYSUSERS_DIR}}
|
||||
@@ -40,21 +40,21 @@ fi
|
||||
# specified users automatically. The priority is set such that it
|
||||
# will run before the tmpfiles file trigger.
|
||||
if test -d "/run/systemd/system"; then
|
||||
- %{_bindir}/systemd-sysusers || :
|
||||
+ systemd-sysusers || :
|
||||
fi
|
||||
|
||||
%transfiletriggerin -P 1000700 udev -- {{UDEV_HWDB_DIR}}
|
||||
# This script will automatically invoke hwdb update if files have been
|
||||
# installed or updated in {{UDEV_HWDB_DIR}}.
|
||||
if test -d "/run/systemd/system"; then
|
||||
- %{_bindir}/systemd-hwdb update || :
|
||||
+ systemd-hwdb update || :
|
||||
fi
|
||||
|
||||
%transfiletriggerin -P 1000700 -- {{SYSTEMD_CATALOG_DIR}}
|
||||
# This script will automatically invoke journal catalog update if files
|
||||
# have been installed or updated in {{SYSTEMD_CATALOG_DIR}}.
|
||||
if test -d "/run/systemd/system"; then
|
||||
- %{_bindir}/journalctl --update-catalog || :
|
||||
+ journalctl --update-catalog || :
|
||||
fi
|
||||
|
||||
%transfiletriggerin -P 1000700 -- {{BINFMT_DIR}}
|
||||
@@ -71,14 +71,14 @@ fi
|
||||
# tmpfiles automatically. The priority is set such that it will run
|
||||
# after the sysusers file trigger, but before any other triggers.
|
||||
if test -d "/run/systemd/system"; then
|
||||
- %{_bindir}/systemd-tmpfiles --create || :
|
||||
+ systemd-tmpfiles --create || :
|
||||
fi
|
||||
|
||||
%transfiletriggerin -P 1000600 udev -- {{UDEV_RULES_DIR}}
|
||||
# This script will automatically update udev with new rules if files
|
||||
# have been installed or updated in {{UDEV_RULES_DIR}}.
|
||||
if test -e /run/udev/control; then
|
||||
- %{_bindir}/udevadm control --reload || :
|
||||
+ udevadm control --reload || :
|
||||
fi
|
||||
|
||||
%transfiletriggerin -P 1000500 -- {{SYSCTL_DIR}}
|
@ -1,332 +0,0 @@
|
||||
From 6d825ab2d42d3219e49a192bf99f9c09134a0df4 Mon Sep 17 00:00:00 2001
|
||||
From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= <zbyszek@in.waw.pl>
|
||||
Date: Thu, 22 Jul 2021 11:22:33 +0200
|
||||
Subject: [PATCH] rpm: use a helper script to actually invoke systemctl
|
||||
commands
|
||||
MIME-Version: 1.0
|
||||
Content-Type: text/plain; charset=UTF-8
|
||||
Content-Transfer-Encoding: 8bit
|
||||
|
||||
Instead of embedding the commands to invoke directly in the macros,
|
||||
let's use a helper script as indirection. This has a couple of advantages:
|
||||
|
||||
- the macro language is awkward, we need to suffix most commands by "|| :"
|
||||
and "\", which is easy to get wrong. In the new scheme, the macro becomes
|
||||
a single simple command.
|
||||
- in the script we can use normal syntax highlighting, shellcheck, etc.
|
||||
- it's also easier to test the invoked commands by invoking the helper
|
||||
manually.
|
||||
- most importantly, the logic is contained in the helper, i.e. we can
|
||||
update systemd rpm and everything uses the new helper. Before, we would
|
||||
have to rebuild all packages to update the macro definition.
|
||||
|
||||
This raises the question whether it makes sense to use the lua scriptlets when
|
||||
the real work is done in a bash script. I think it's OK: we still have the
|
||||
efficient lua scripts that do the short scripts, and we use a single shared
|
||||
implementation in bash to do the more complex stuff.
|
||||
|
||||
The meson version is raised to 0.47 because that's needed for install_mode.
|
||||
We were planning to raise the required version anyway…
|
||||
---
|
||||
README | 2 +-
|
||||
meson.build | 3 +-
|
||||
src/rpm/macros.systemd.in | 30 ++++++++--------
|
||||
src/rpm/meson.build | 13 ++++---
|
||||
src/rpm/systemd-update-helper.in | 60 ++++++++++++++++++++++++++++++++
|
||||
src/rpm/triggers.systemd.in | 43 ++++++++---------------
|
||||
src/rpm/triggers.systemd.sh.in | 13 ++-----
|
||||
7 files changed, 105 insertions(+), 59 deletions(-)
|
||||
create mode 100755 src/rpm/systemd-update-helper.in
|
||||
|
||||
diff --git a/README b/README
|
||||
index 0e5c326deb..a8f23a0d5b 100644
|
||||
--- a/README
|
||||
+++ b/README
|
||||
@@ -193,7 +193,7 @@ REQUIREMENTS:
|
||||
python-jinja2
|
||||
python-lxml (optional, required to build the indices)
|
||||
python >= 3.5
|
||||
- meson >= 0.46 (>= 0.49 is required to build position-independent executables)
|
||||
+ meson >= 0.47 (>= 0.49 is required to build position-independent executables)
|
||||
ninja
|
||||
gcc, awk, sed, grep, and similar tools
|
||||
clang >= 10.0, llvm >= 10.0 (optional, required to build BPF programs
|
||||
diff --git a/meson.build b/meson.build
|
||||
index a2ee15bf32..c6b3e72d23 100644
|
||||
--- a/meson.build
|
||||
+++ b/meson.build
|
||||
@@ -10,7 +10,7 @@ project('systemd', 'c',
|
||||
'localstatedir=/var',
|
||||
'warning_level=2',
|
||||
],
|
||||
- meson_version : '>= 0.46',
|
||||
+ meson_version : '>= 0.47',
|
||||
)
|
||||
|
||||
libsystemd_version = '0.32.0'
|
||||
@@ -253,6 +253,7 @@ conf.set_quoted('SYSTEMD_SHUTDOWN_BINARY_PATH', join_paths(rootlib
|
||||
conf.set_quoted('SYSTEMD_STDIO_BRIDGE_BINARY_PATH', join_paths(bindir, 'systemd-stdio-bridge'))
|
||||
conf.set_quoted('SYSTEMD_TEST_DATA', join_paths(testsdir, 'testdata'))
|
||||
conf.set_quoted('SYSTEMD_TTY_ASK_PASSWORD_AGENT_BINARY_PATH', join_paths(rootbindir, 'systemd-tty-ask-password-agent'))
|
||||
+conf.set_quoted('SYSTEMD_UPDATE_HELPER_PATH', join_paths(rootlibexecdir, 'systemd-update-helper'))
|
||||
conf.set_quoted('SYSTEMD_USERWORK_PATH', join_paths(rootlibexecdir, 'systemd-userwork'))
|
||||
conf.set_quoted('SYSTEMD_VERITYSETUP_PATH', join_paths(rootlibexecdir, 'systemd-veritysetup'))
|
||||
conf.set_quoted('SYSTEM_CONFIG_UNIT_DIR', join_paths(pkgsysconfdir, 'system'))
|
||||
diff --git a/src/rpm/macros.systemd.in b/src/rpm/macros.systemd.in
|
||||
index 3129ab2d61..bbdf036da7 100644
|
||||
--- a/src/rpm/macros.systemd.in
|
||||
+++ b/src/rpm/macros.systemd.in
|
||||
@@ -46,31 +46,33 @@ OrderWithRequires(postun): systemd \
|
||||
|
||||
%systemd_post() \
|
||||
%{expand:%%{?__systemd_someargs_%#:%%__systemd_someargs_%# systemd_post}} \
|
||||
-if [ $1 -eq 1 ] && command -v systemctl >/dev/null; then \
|
||||
+if [ $1 -eq 1 ] && [ -x "{{SYSTEMD_UPDATE_HELPER_PATH}}" ]; then \
|
||||
# Initial installation \
|
||||
- systemctl --no-reload preset %{?*} || : \
|
||||
+ {{SYSTEMD_UPDATE_HELPER_PATH}} install-system-units %{?*} || : \
|
||||
fi \
|
||||
%{nil}
|
||||
|
||||
-%systemd_user_post() %{expand:%systemd_post \\--global %%{?*}}
|
||||
+%systemd_user_post() \
|
||||
+%{expand:%%{?__systemd_someargs_%#:%%__systemd_someargs_%# systemd_user_post}} \
|
||||
+if [ $1 -eq 1 ] && [ -x "{{SYSTEMD_UPDATE_HELPER_PATH}}" ]; then \
|
||||
+ # Initial installation \
|
||||
+ {{SYSTEMD_UPDATE_HELPER_PATH}} install-user-units %{?*} || : \
|
||||
+fi \
|
||||
+%{nil}
|
||||
|
||||
%systemd_preun() \
|
||||
%{expand:%%{?__systemd_someargs_%#:%%__systemd_someargs_%# systemd_preun}} \
|
||||
-if [ $1 -eq 0 ] && command -v systemctl >/dev/null; then \
|
||||
+if [ $1 -eq 0 ] && [ -x "{{SYSTEMD_UPDATE_HELPER_PATH}}" ]; then \
|
||||
# Package removal, not upgrade \
|
||||
- if [ -d /run/systemd/system ]; then \
|
||||
- systemctl --no-reload disable --now %{?*} || : \
|
||||
- else \
|
||||
- systemctl --no-reload disable %{?*} || : \
|
||||
- fi \
|
||||
+ {{SYSTEMD_UPDATE_HELPER_PATH}} remove-system-units %{?*} || : \
|
||||
fi \
|
||||
%{nil}
|
||||
|
||||
%systemd_user_preun() \
|
||||
%{expand:%%{?__systemd_someargs_%#:%%__systemd_someargs_%# systemd_user_preun}} \
|
||||
-if [ $1 -eq 0 ] && command -v systemctl >/dev/null; then \
|
||||
+if [ $1 -eq 0 ] && [ -x "{{SYSTEMD_UPDATE_HELPER_PATH}}" ]; then \
|
||||
# Package removal, not upgrade \
|
||||
- systemctl --global disable %{?*} || : \
|
||||
+ {{SYSTEMD_UPDATE_HELPER_PATH}} remove-user-units %{?*} || : \
|
||||
fi \
|
||||
%{nil}
|
||||
|
||||
@@ -84,11 +86,9 @@ fi \
|
||||
|
||||
%systemd_postun_with_restart() \
|
||||
%{expand:%%{?__systemd_someargs_%#:%%__systemd_someargs_%# systemd_postun_with_restart}} \
|
||||
-if [ $1 -ge 1 ] && command -v systemctl >/dev/null; then \
|
||||
+if [ $1 -ge 1 ] && [ -x "{{SYSTEMD_UPDATE_HELPER_PATH}}" ]; then \
|
||||
# Package upgrade, not uninstall \
|
||||
- for unit in %{?*}; do \
|
||||
- systemctl set-property $unit Markers=+needs-restart || : \
|
||||
- done \
|
||||
+ {{SYSTEMD_UPDATE_HELPER_PATH}} mark-restart-system-units %{?*} || : \
|
||||
fi \
|
||||
%{nil}
|
||||
|
||||
diff --git a/src/rpm/meson.build b/src/rpm/meson.build
|
||||
index fc72fee73c..2ad3308cc1 100644
|
||||
--- a/src/rpm/meson.build
|
||||
+++ b/src/rpm/meson.build
|
||||
@@ -1,9 +1,13 @@
|
||||
# SPDX-License-Identifier: LGPL-2.1-or-later
|
||||
|
||||
in_files = [
|
||||
- ['macros.systemd', rpmmacrosdir != 'no'],
|
||||
- ['triggers.systemd', false],
|
||||
- ['triggers.systemd.sh', false]]
|
||||
+ ['macros.systemd', rpmmacrosdir != 'no', rpmmacrosdir],
|
||||
+
|
||||
+ # we conditionalize on rpmmacrosdir, but install into rootlibexecdir
|
||||
+ ['systemd-update-helper', rpmmacrosdir != 'no', rootlibexecdir, 'rwxr-xr-x'],
|
||||
+
|
||||
+ ['triggers.systemd', false],
|
||||
+ ['triggers.systemd.sh', false]]
|
||||
|
||||
# The last two don't get installed anywhere, one of them needs to included in
|
||||
# the rpm spec file definition instead.
|
||||
@@ -17,6 +21,7 @@ foreach tuple : in_files
|
||||
command : [meson_render_jinja2, config_h, '@INPUT@'],
|
||||
capture : true,
|
||||
install : tuple[1],
|
||||
- install_dir : rpmmacrosdir,
|
||||
+ install_dir : tuple.length() > 2 ? tuple[2] : '',
|
||||
+ install_mode : tuple.length() > 3 ? tuple[3] : false,
|
||||
build_by_default : true)
|
||||
endforeach
|
||||
diff --git a/src/rpm/systemd-update-helper.in b/src/rpm/systemd-update-helper.in
|
||||
new file mode 100755
|
||||
index 0000000000..9fa49fa131
|
||||
--- /dev/null
|
||||
+++ b/src/rpm/systemd-update-helper.in
|
||||
@@ -0,0 +1,60 @@
|
||||
+#!/bin/bash
|
||||
+set -eu
|
||||
+set -o pipefail
|
||||
+
|
||||
+command="${1:?}"
|
||||
+shift
|
||||
+
|
||||
+command -v systemctl >/dev/null || exit 0
|
||||
+
|
||||
+case "$command" in
|
||||
+ install-system-units)
|
||||
+ systemctl --no-reload preset "$@"
|
||||
+ ;;
|
||||
+
|
||||
+ install-user-units)
|
||||
+ systemctl --no-reload preset --global "$@"
|
||||
+ ;;
|
||||
+
|
||||
+ remove-system-units)
|
||||
+ if [ -d /run/systemd/system ]; then
|
||||
+ systemctl --no-reload disable --now "$@"
|
||||
+ else
|
||||
+ systemctl --no-reload disable "$@"
|
||||
+ fi
|
||||
+ ;;
|
||||
+
|
||||
+ remove-user-units)
|
||||
+ systemctl --global disable "$@"
|
||||
+ ;;
|
||||
+
|
||||
+ mark-restart-system-units)
|
||||
+ [ -d /run/systemd/system ] || exit 0
|
||||
+
|
||||
+ for unit in "$@"; do
|
||||
+ systemctl set-property "$unit" Markers=+needs-restart || :
|
||||
+ done
|
||||
+ ;;
|
||||
+
|
||||
+ system-reload-restart|system-reload|system-restart)
|
||||
+ if [ -n "$*" ]; then
|
||||
+ echo "Unexpected arguments for '$command': $*"
|
||||
+ exit 2
|
||||
+ fi
|
||||
+
|
||||
+ [ -d /run/systemd/system ] || exit 0
|
||||
+
|
||||
+ if [[ "$command" =~ reload ]]; then
|
||||
+ systemctl daemon-reload
|
||||
+ fi
|
||||
+
|
||||
+ if [[ "$command" =~ restart ]]; then
|
||||
+ systemctl reload-or-restart --marked
|
||||
+ fi
|
||||
+ ;;
|
||||
+
|
||||
+ *)
|
||||
+ echo "Unknown verb '$command'"
|
||||
+ exit 3
|
||||
+ ;;
|
||||
+esac
|
||||
diff --git a/src/rpm/triggers.systemd.in b/src/rpm/triggers.systemd.in
|
||||
index 247358008a..d29cc33dfd 100644
|
||||
--- a/src/rpm/triggers.systemd.in
|
||||
+++ b/src/rpm/triggers.systemd.in
|
||||
@@ -13,20 +13,11 @@
|
||||
-- upgraded. We care about the case where a package is initially
|
||||
-- installed, because other cases are covered by the *un scriptlets,
|
||||
-- so sometimes we will reload needlessly.
|
||||
-if posix.access("/run/systemd/system") then
|
||||
- pid = posix.fork()
|
||||
- if pid == 0 then
|
||||
- assert(posix.execp("systemctl", "daemon-reload"))
|
||||
- elseif pid > 0 then
|
||||
- posix.wait(pid)
|
||||
- end
|
||||
-
|
||||
- pid = posix.fork()
|
||||
- if pid == 0 then
|
||||
- assert(posix.execp("systemctl", "reload-or-restart", "--marked"))
|
||||
- elseif pid > 0 then
|
||||
- posix.wait(pid)
|
||||
- end
|
||||
+pid = posix.fork()
|
||||
+if pid == 0 then
|
||||
+ assert(posix.exec("{{SYSTEMD_UPDATE_HELPER_PATH}}", "system-reload-restart"))
|
||||
+elseif pid > 0 then
|
||||
+ posix.wait(pid)
|
||||
end
|
||||
|
||||
%transfiletriggerpostun -P 1000100 -p <lua> -- {{SYSTEM_DATA_UNIT_DIR}} /etc/systemd/system
|
||||
@@ -35,24 +26,20 @@ end
|
||||
-- On upgrade, we need to run daemon-reload after any new unit files
|
||||
-- have been installed, but before %postun scripts in packages get
|
||||
-- executed.
|
||||
-if posix.access("/run/systemd/system") then
|
||||
- pid = posix.fork()
|
||||
- if pid == 0 then
|
||||
- assert(posix.execp("systemctl", "daemon-reload"))
|
||||
- elseif pid > 0 then
|
||||
- posix.wait(pid)
|
||||
- end
|
||||
+pid = posix.fork()
|
||||
+if pid == 0 then
|
||||
+ assert(posix.exec("{{SYSTEMD_UPDATE_HELPER_PATH}}", "system-reload"))
|
||||
+elseif pid > 0 then
|
||||
+ posix.wait(pid)
|
||||
end
|
||||
|
||||
%transfiletriggerpostun -P 10000 -p <lua> -- {{SYSTEM_DATA_UNIT_DIR}} /etc/systemd/system
|
||||
-- We restart remaining services that should be restarted here.
|
||||
-if posix.access("/run/systemd/system") then
|
||||
- pid = posix.fork()
|
||||
- if pid == 0 then
|
||||
- assert(posix.execp("systemctl", "reload-or-restart", "--marked"))
|
||||
- elseif pid > 0 then
|
||||
- posix.wait(pid)
|
||||
- end
|
||||
+pid = posix.fork()
|
||||
+if pid == 0 then
|
||||
+ assert(posix.exec("{{SYSTEMD_UPDATE_HELPER_PATH}}", "system-restart"))
|
||||
+elseif pid > 0 then
|
||||
+ posix.wait(pid)
|
||||
end
|
||||
|
||||
%transfiletriggerin -P 100700 -p <lua> -- {{SYSUSERS_DIR}}
|
||||
diff --git a/src/rpm/triggers.systemd.sh.in b/src/rpm/triggers.systemd.sh.in
|
||||
index 1631be18c9..83cd7617f8 100644
|
||||
--- a/src/rpm/triggers.systemd.sh.in
|
||||
+++ b/src/rpm/triggers.systemd.sh.in
|
||||
@@ -14,10 +14,7 @@
|
||||
# upgraded. We care about the case where a package is initially
|
||||
# installed, because other cases are covered by the *un scriptlets,
|
||||
# so sometimes we will reload needlessly.
|
||||
-if test -d "/run/systemd/system"; then
|
||||
- systemctl daemon-reload || :
|
||||
- systemctl reload-or-restart --marked || :
|
||||
-fi
|
||||
+{{SYSTEMD_UPDATE_HELPER_PATH}} system-reload-restart || :
|
||||
|
||||
%transfiletriggerpostun -P 1000100 -- {{SYSTEM_DATA_UNIT_DIR}} /etc/systemd/system
|
||||
# On removal, we need to run daemon-reload after any units have been
|
||||
@@ -25,15 +22,11 @@ fi
|
||||
# On upgrade, we need to run daemon-reload after any new unit files
|
||||
# have been installed, but before %postun scripts in packages get
|
||||
# executed.
|
||||
-if test -d "/run/systemd/system"; then
|
||||
- systemctl daemon-reload || :
|
||||
-fi
|
||||
+{{SYSTEMD_UPDATE_HELPER_PATH}} system-reload || :
|
||||
|
||||
%transfiletriggerpostun -P 10000 -- {{SYSTEM_DATA_UNIT_DIR}} /etc/systemd/system
|
||||
# We restart remaining services that should be restarted here.
|
||||
-if test -d "/run/systemd/system"; then
|
||||
- systemctl reload-or-restart --marked || :
|
||||
-fi
|
||||
+{{SYSTEMD_UPDATE_HELPER_PATH}} system-restart || :
|
||||
|
||||
%transfiletriggerin -P 1000700 -- {{SYSUSERS_DIR}}
|
||||
# This script will process files installed in {{SYSUSERS_DIR}} to create
|
@ -1,30 +0,0 @@
|
||||
From 3598aff4d963b2e51ac74d206161da47bfde785c Mon Sep 17 00:00:00 2001
|
||||
From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= <zbyszek@in.waw.pl>
|
||||
Date: Thu, 22 Jul 2021 11:28:36 +0200
|
||||
Subject: [PATCH] rpm: call +needs-restart in parallel
|
||||
MIME-Version: 1.0
|
||||
Content-Type: text/plain; charset=UTF-8
|
||||
Content-Transfer-Encoding: 8bit
|
||||
|
||||
Some rpms install a bunch of units… It seems nicer to invoke them all in
|
||||
parallel. In particular, timeouts in systemctl also run in parallel, so if
|
||||
there's some communication mishap, we will wait less.
|
||||
---
|
||||
src/rpm/systemd-update-helper.in | 3 ++-
|
||||
1 file changed, 2 insertions(+), 1 deletion(-)
|
||||
|
||||
diff --git a/src/rpm/systemd-update-helper.in b/src/rpm/systemd-update-helper.in
|
||||
index 9fa49fa131..f3c75b75fa 100755
|
||||
--- a/src/rpm/systemd-update-helper.in
|
||||
+++ b/src/rpm/systemd-update-helper.in
|
||||
@@ -32,8 +32,9 @@ case "$command" in
|
||||
[ -d /run/systemd/system ] || exit 0
|
||||
|
||||
for unit in "$@"; do
|
||||
- systemctl set-property "$unit" Markers=+needs-restart || :
|
||||
+ systemctl set-property "$unit" Markers=+needs-restart &
|
||||
done
|
||||
+ wait
|
||||
;;
|
||||
|
||||
system-reload-restart|system-reload|system-restart)
|
@ -1,254 +0,0 @@
|
||||
From 36d55958ccc75fa3c91bdd7354d74c910f2f6cc7 Mon Sep 17 00:00:00 2001
|
||||
From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= <zbyszek@in.waw.pl>
|
||||
Date: Wed, 7 Jul 2021 14:37:57 +0200
|
||||
Subject: [PATCH] rpm: restart user services at the end of the transaction
|
||||
|
||||
This closes an important gap: so far we would reexecute the system manager and
|
||||
restart system services that were configured to do so, but we wouldn't do the
|
||||
same for user managers or user services.
|
||||
|
||||
The scheme used for user managers is very similar to the system one, except
|
||||
that there can be multiple user managers running, so we query the system
|
||||
manager to get a list of them, and then tell each one to do the equivalent
|
||||
operations: daemon-reload, disable --now, set-property Markers=+needs-restart,
|
||||
reload-or-restart --marked.
|
||||
|
||||
The total time that can be spend on this is bounded: we execute the commands in
|
||||
parallel over user managers and units, and additionally set SYSTEMD_BUS_TIMEOUT
|
||||
to a lower value (15 s by default). User managers should not have too many
|
||||
units running, and they should be able to do all those operations very
|
||||
quickly (<< 1s). The final restart operation may take longer, but it's done
|
||||
asynchronously, so we only wait for the queuing to happen.
|
||||
|
||||
The advantage of doing this synchronously is that we can wait for each step to
|
||||
happen, and for example daemon-reloads can finish before we execute the service
|
||||
restarts, etc. We can also order various steps wrt. to the phases in the rpm
|
||||
transaction.
|
||||
|
||||
When this was initially proposed, we discussed a more relaxed scheme with bus
|
||||
property notifications. Such an approach would be more complex because a bunch
|
||||
of infrastructure would have to be added to system manager to propagate
|
||||
appropriate notifications to the user managers, and then the user managers
|
||||
would have to wait for them. Instead, now there is no new code in the managers,
|
||||
all new functionality is contained in src/rpm/. The ability to call 'systemctl
|
||||
--user user@' makes this approach very easy. Also, it would be very hard to
|
||||
order the user manager steps and the rpm transaction steps.
|
||||
|
||||
Note: 'systemctl --user disable' is only called for a user managers that are
|
||||
running. I don't see a nice way around this, and it shouldn't matter too much:
|
||||
we'll just leave a dangling symlink in the case where the user enabled the
|
||||
service manually.
|
||||
|
||||
A follow-up for https://bugzilla.redhat.com/show_bug.cgi?id=1792468 and
|
||||
fa97d2fcf64e0558054bee673f734f523373b146.
|
||||
---
|
||||
meson.build | 1 +
|
||||
meson_options.txt | 2 ++
|
||||
src/rpm/macros.systemd.in | 6 +++-
|
||||
src/rpm/systemd-update-helper.in | 47 ++++++++++++++++++++++++++++++++
|
||||
src/rpm/triggers.systemd.in | 28 ++++++++++++++++++-
|
||||
src/rpm/triggers.systemd.sh.in | 13 ++++++++-
|
||||
6 files changed, 94 insertions(+), 3 deletions(-)
|
||||
|
||||
diff --git a/meson.build b/meson.build
|
||||
index c6b3e72d23..cafce977c2 100644
|
||||
--- a/meson.build
|
||||
+++ b/meson.build
|
||||
@@ -270,6 +270,7 @@ conf.set_quoted('TMPFILES_DIR', tmpfilesdir)
|
||||
conf.set_quoted('UDEVLIBEXECDIR', udevlibexecdir)
|
||||
conf.set_quoted('UDEV_HWDB_DIR', udevhwdbdir)
|
||||
conf.set_quoted('UDEV_RULES_DIR', udevrulesdir)
|
||||
+conf.set_quoted('UPDATE_HELPER_USER_TIMEOUT', get_option('update-helper-user-timeout'))
|
||||
conf.set_quoted('USER_CONFIG_UNIT_DIR', join_paths(pkgsysconfdir, 'user'))
|
||||
conf.set_quoted('USER_DATA_UNIT_DIR', userunitdir)
|
||||
conf.set_quoted('USER_ENV_GENERATOR_DIR', userenvgeneratordir)
|
||||
diff --git a/meson_options.txt b/meson_options.txt
|
||||
index b60261ac24..50f2b7b5e9 100644
|
||||
--- a/meson_options.txt
|
||||
+++ b/meson_options.txt
|
||||
@@ -182,6 +182,8 @@ option('xinitrcdir', type : 'string', value : '',
|
||||
description : 'directory for xinitrc files')
|
||||
option('rpmmacrosdir', type : 'string', value : 'lib/rpm/macros.d',
|
||||
description : 'directory for rpm macros ["no" disables]')
|
||||
+option('update-helper-user-timeout', type : 'string', value : '15s',
|
||||
+ description : 'how long to wait for user manager operations')
|
||||
option('pamlibdir', type : 'string',
|
||||
description : 'directory for PAM modules')
|
||||
option('pamconfdir', type : 'string',
|
||||
diff --git a/src/rpm/macros.systemd.in b/src/rpm/macros.systemd.in
|
||||
index bbdf036da7..caa2e45595 100644
|
||||
--- a/src/rpm/macros.systemd.in
|
||||
+++ b/src/rpm/macros.systemd.in
|
||||
@@ -93,7 +93,11 @@ fi \
|
||||
%{nil}
|
||||
|
||||
%systemd_user_postun_with_restart() \
|
||||
-%{expand:%%{?__systemd_someargs_%#:%%__systemd_someargs_%# systemd_postun_with_restart}} \
|
||||
+%{expand:%%{?__systemd_someargs_%#:%%__systemd_someargs_%# systemd_user_postun_with_restart}} \
|
||||
+if [ $1 -ge 1 ] && [ -x "{{SYSTEMD_UPDATE_HELPER_PATH}}" ]; then \
|
||||
+ # Package upgrade, not uninstall \
|
||||
+ {{SYSTEMD_UPDATE_HELPER_PATH}} mark-restart-user-units %{?*} || : \
|
||||
+fi \
|
||||
%{nil}
|
||||
|
||||
%udev_hwdb_update() %{nil}
|
||||
diff --git a/src/rpm/systemd-update-helper.in b/src/rpm/systemd-update-helper.in
|
||||
index f3c75b75fa..f3466ab3c0 100755
|
||||
--- a/src/rpm/systemd-update-helper.in
|
||||
+++ b/src/rpm/systemd-update-helper.in
|
||||
@@ -26,6 +26,15 @@ case "$command" in
|
||||
|
||||
remove-user-units)
|
||||
systemctl --global disable "$@"
|
||||
+
|
||||
+ [ -d /run/systemd/system ] || exit 0
|
||||
+
|
||||
+ users=$(systemctl list-units 'user@*' --legend=no | sed -n -r 's/.*user@([0-9]+).service.*/\1/p')
|
||||
+ for user in $users; do
|
||||
+ SYSTEMD_BUS_TIMEOUT={{UPDATE_HELPER_USER_TIMEOUT}} \
|
||||
+ systemctl --user -M "$user@" disable --now "$@" &
|
||||
+ done
|
||||
+ wait
|
||||
;;
|
||||
|
||||
mark-restart-system-units)
|
||||
@@ -37,6 +46,17 @@ case "$command" in
|
||||
wait
|
||||
;;
|
||||
|
||||
+ mark-restart-user-units)
|
||||
+ [ -d /run/systemd/system ] || exit 0
|
||||
+
|
||||
+ users=$(systemctl list-units 'user@*' --legend=no | sed -n -r 's/.*user@([0-9]+).service.*/\1/p')
|
||||
+ for user in $users; do
|
||||
+ SYSTEMD_BUS_TIMEOUT={{UPDATE_HELPER_USER_TIMEOUT}} \
|
||||
+ systemctl --user -M "$user@" set-property "$unit" Markers=+needs-restart &
|
||||
+ done
|
||||
+ wait
|
||||
+ ;;
|
||||
+
|
||||
system-reload-restart|system-reload|system-restart)
|
||||
if [ -n "$*" ]; then
|
||||
echo "Unexpected arguments for '$command': $*"
|
||||
@@ -54,6 +74,33 @@ case "$command" in
|
||||
fi
|
||||
;;
|
||||
|
||||
+ user-reload-restart|user-reload|user-restart)
|
||||
+ if [ -n "$*" ]; then
|
||||
+ echo "Unexpected arguments for '$command': $*"
|
||||
+ exit 2
|
||||
+ fi
|
||||
+
|
||||
+ [ -d /run/systemd/system ] || exit 0
|
||||
+
|
||||
+ users=$(systemctl list-units 'user@*' --legend=no | sed -n -r 's/.*user@([0-9]+).service.*/\1/p')
|
||||
+
|
||||
+ if [[ "$command" =~ reload ]]; then
|
||||
+ for user in $users; do
|
||||
+ SYSTEMD_BUS_TIMEOUT={{UPDATE_HELPER_USER_TIMEOUT}} \
|
||||
+ systemctl --user -M "$user@" daemon-reload &
|
||||
+ done
|
||||
+ wait
|
||||
+ fi
|
||||
+
|
||||
+ if [[ "$command" =~ restart ]]; then
|
||||
+ for user in $users; do
|
||||
+ SYSTEMD_BUS_TIMEOUT={{UPDATE_HELPER_USER_TIMEOUT}} \
|
||||
+ systemctl --user -M "$user@" reload-or-restart --marked &
|
||||
+ done
|
||||
+ wait
|
||||
+ fi
|
||||
+ ;;
|
||||
+
|
||||
*)
|
||||
echo "Unknown verb '$command'"
|
||||
exit 3
|
||||
diff --git a/src/rpm/triggers.systemd.in b/src/rpm/triggers.systemd.in
|
||||
index d29cc33dfd..8aeb2049c1 100644
|
||||
--- a/src/rpm/triggers.systemd.in
|
||||
+++ b/src/rpm/triggers.systemd.in
|
||||
@@ -20,6 +20,14 @@ elseif pid > 0 then
|
||||
posix.wait(pid)
|
||||
end
|
||||
|
||||
+%transfiletriggerin -P 900899 -p <lua> -- {{USER_DATA_UNIT_DIR}} /etc/systemd/user
|
||||
+pid = posix.fork()
|
||||
+if pid == 0 then
|
||||
+ assert(posix.exec("{{SYSTEMD_UPDATE_HELPER_PATH}}", "user-reload-restart"))
|
||||
+elseif pid > 0 then
|
||||
+ posix.wait(pid)
|
||||
+end
|
||||
+
|
||||
%transfiletriggerpostun -P 1000100 -p <lua> -- {{SYSTEM_DATA_UNIT_DIR}} /etc/systemd/system
|
||||
-- On removal, we need to run daemon-reload after any units have been
|
||||
-- removed.
|
||||
@@ -33,8 +41,17 @@ elseif pid > 0 then
|
||||
posix.wait(pid)
|
||||
end
|
||||
|
||||
+%transfiletriggerpostun -P 1000100 -p <lua> -- {{SYSTEM_DATA_UNIT_DIR}} /etc/systemd/system
|
||||
+-- Execute daemon-reload in user managers.
|
||||
+pid = posix.fork()
|
||||
+if pid == 0 then
|
||||
+ assert(posix.exec("{{SYSTEMD_UPDATE_HELPER_PATH}}", "user-reload"))
|
||||
+elseif pid > 0 then
|
||||
+ posix.wait(pid)
|
||||
+end
|
||||
+
|
||||
%transfiletriggerpostun -P 10000 -p <lua> -- {{SYSTEM_DATA_UNIT_DIR}} /etc/systemd/system
|
||||
--- We restart remaining services that should be restarted here.
|
||||
+-- We restart remaining system services that should be restarted here.
|
||||
pid = posix.fork()
|
||||
if pid == 0 then
|
||||
assert(posix.exec("{{SYSTEMD_UPDATE_HELPER_PATH}}", "system-restart"))
|
||||
@@ -42,6 +59,15 @@ elseif pid > 0 then
|
||||
posix.wait(pid)
|
||||
end
|
||||
|
||||
+%transfiletriggerpostun -P 9999 -p <lua> -- {{USER_DATA_UNIT_DIR}} /etc/systemd/user
|
||||
+-- We restart remaining user services that should be restarted here.
|
||||
+pid = posix.fork()
|
||||
+if pid == 0 then
|
||||
+ assert(posix.exec("{{SYSTEMD_UPDATE_HELPER_PATH}}", "user-restart"))
|
||||
+elseif pid > 0 then
|
||||
+ posix.wait(pid)
|
||||
+end
|
||||
+
|
||||
%transfiletriggerin -P 100700 -p <lua> -- {{SYSUSERS_DIR}}
|
||||
-- This script will process files installed in {{SYSUSERS_DIR}} to create
|
||||
-- specified users automatically. The priority is set such that it
|
||||
diff --git a/src/rpm/triggers.systemd.sh.in b/src/rpm/triggers.systemd.sh.in
|
||||
index 83cd7617f8..694cd94e8d 100644
|
||||
--- a/src/rpm/triggers.systemd.sh.in
|
||||
+++ b/src/rpm/triggers.systemd.sh.in
|
||||
@@ -16,6 +16,9 @@
|
||||
# so sometimes we will reload needlessly.
|
||||
{{SYSTEMD_UPDATE_HELPER_PATH}} system-reload-restart || :
|
||||
|
||||
+%transfiletriggerin -P 900899 -- {{USER_DATA_UNIT_DIR}} /etc/systemd/user
|
||||
+{{SYSTEMD_UPDATE_HELPER_PATH}} user-reload-restart || :
|
||||
+
|
||||
%transfiletriggerpostun -P 1000100 -- {{SYSTEM_DATA_UNIT_DIR}} /etc/systemd/system
|
||||
# On removal, we need to run daemon-reload after any units have been
|
||||
# removed.
|
||||
@@ -24,10 +27,18 @@
|
||||
# executed.
|
||||
{{SYSTEMD_UPDATE_HELPER_PATH}} system-reload || :
|
||||
|
||||
+%transfiletriggerpostun -P 1000099 -- {{USER_DATA_UNIT_DIR}} /etc/systemd/user
|
||||
+# Execute daemon-reload in user managers.
|
||||
+{{SYSTEMD_UPDATE_HELPER_PATH}} user-reload || :
|
||||
+
|
||||
%transfiletriggerpostun -P 10000 -- {{SYSTEM_DATA_UNIT_DIR}} /etc/systemd/system
|
||||
-# We restart remaining services that should be restarted here.
|
||||
+# We restart remaining system services that should be restarted here.
|
||||
{{SYSTEMD_UPDATE_HELPER_PATH}} system-restart || :
|
||||
|
||||
+%transfiletriggerpostun -P 9999 -- {{USER_DATA_UNIT_DIR}} /etc/systemd/user
|
||||
+# We restart remaining user services that should be restarted here.
|
||||
+{{SYSTEMD_UPDATE_HELPER_PATH}} user-restart || :
|
||||
+
|
||||
%transfiletriggerin -P 1000700 -- {{SYSUSERS_DIR}}
|
||||
# This script will process files installed in {{SYSUSERS_DIR}} to create
|
||||
# specified users automatically. The priority is set such that it
|
@ -1,42 +0,0 @@
|
||||
From 1262e824a4d638e347ae0d39c973f1f750962533 Mon Sep 17 00:00:00 2001
|
||||
From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= <zbyszek@in.waw.pl>
|
||||
Date: Fri, 23 Jul 2021 15:35:23 +0200
|
||||
Subject: [PATCH] update-helper: also add "user-reexec" verb
|
||||
|
||||
This is not called from the systemd.triggers or systemd.macros files. Instead,
|
||||
it would be called from the scriptlets in systemd rpm package itself, at the
|
||||
place where we call systemctl daemon-reexec.
|
||||
|
||||
See https://github.com/systemd/systemd/pull/20289#issuecomment-885622200 .
|
||||
---
|
||||
src/rpm/systemd-update-helper.in | 10 +++++++++-
|
||||
1 file changed, 9 insertions(+), 1 deletion(-)
|
||||
|
||||
diff --git a/src/rpm/systemd-update-helper.in b/src/rpm/systemd-update-helper.in
|
||||
index f3466ab3c0..0c6675a9db 100755
|
||||
--- a/src/rpm/systemd-update-helper.in
|
||||
+++ b/src/rpm/systemd-update-helper.in
|
||||
@@ -74,7 +74,7 @@ case "$command" in
|
||||
fi
|
||||
;;
|
||||
|
||||
- user-reload-restart|user-reload|user-restart)
|
||||
+ user-reload-restart|user-reload|user-restart|user-reexec)
|
||||
if [ -n "$*" ]; then
|
||||
echo "Unexpected arguments for '$command': $*"
|
||||
exit 2
|
||||
@@ -84,6 +84,14 @@ case "$command" in
|
||||
|
||||
users=$(systemctl list-units 'user@*' --legend=no | sed -n -r 's/.*user@([0-9]+).service.*/\1/p')
|
||||
|
||||
+ if [[ "$command" =~ reexec ]]; then
|
||||
+ for user in $users; do
|
||||
+ SYSTEMD_BUS_TIMEOUT={{UPDATE_HELPER_USER_TIMEOUT}} \
|
||||
+ systemctl --user -M "$user@" daemon-reexec &
|
||||
+ done
|
||||
+ wait
|
||||
+ fi
|
||||
+
|
||||
if [[ "$command" =~ reload ]]; then
|
||||
for user in $users; do
|
||||
SYSTEMD_BUS_TIMEOUT={{UPDATE_HELPER_USER_TIMEOUT}} \
|
@ -1,30 +0,0 @@
|
||||
From a4eba5d8cfaabbd87687c651fcdd06df9e267931 Mon Sep 17 00:00:00 2001
|
||||
From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= <zbyszek@in.waw.pl>
|
||||
Date: Thu, 4 Nov 2021 09:49:18 +0100
|
||||
Subject: [PATCH] update-helper: add missing loop over user units
|
||||
|
||||
Noticed by Luca.
|
||||
|
||||
shellcheck doens't catch this, and somehow it was missed in review
|
||||
and testing ;(
|
||||
---
|
||||
src/rpm/systemd-update-helper.in | 6 ++++--
|
||||
1 file changed, 4 insertions(+), 2 deletions(-)
|
||||
|
||||
diff --git a/src/rpm/systemd-update-helper.in b/src/rpm/systemd-update-helper.in
|
||||
index fa35e7ba90..7e007d4806 100755
|
||||
--- a/src/rpm/systemd-update-helper.in
|
||||
+++ b/src/rpm/systemd-update-helper.in
|
||||
@@ -52,8 +52,10 @@ case "$command" in
|
||||
|
||||
users=$(systemctl list-units 'user@*' --legend=no | sed -n -r 's/.*user@([0-9]+).service.*/\1/p')
|
||||
for user in $users; do
|
||||
- SYSTEMD_BUS_TIMEOUT={{UPDATE_HELPER_USER_TIMEOUT}} \
|
||||
- systemctl --user -M "$user@" set-property "$unit" Markers=+needs-restart &
|
||||
+ for unit in "$@"; do
|
||||
+ SYSTEMD_BUS_TIMEOUT={{UPDATE_HELPER_USER_TIMEOUT}} \
|
||||
+ systemctl --user -M "$user@" set-property "$unit" Markers=+needs-restart &
|
||||
+ done
|
||||
done
|
||||
wait
|
||||
;;
|
@ -1,67 +0,0 @@
|
||||
From 2da7d0bc92e2423a5c7225c5d24b99d5d52a0bc6 Mon Sep 17 00:00:00 2001
|
||||
From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= <zbyszek@in.waw.pl>
|
||||
Date: Wed, 7 Jul 2021 18:02:50 +0200
|
||||
Subject: [PATCH] sd-bus: allow numerical uids in -M user@.host
|
||||
|
||||
UIDs don't work well over ssh, but locally or with containers they are OK.
|
||||
In particular, user@.service uses UIDs as identifiers, and it's nice to be
|
||||
able to copy&paste that UID for interaction with the user's managers.
|
||||
---
|
||||
src/libsystemd/sd-bus/sd-bus.c | 27 ++++++++++++++++++---------
|
||||
1 file changed, 18 insertions(+), 9 deletions(-)
|
||||
|
||||
diff --git a/src/libsystemd/sd-bus/sd-bus.c b/src/libsystemd/sd-bus/sd-bus.c
|
||||
index a32e2f5e2085..6960161c3658 100644
|
||||
--- a/src/libsystemd/sd-bus/sd-bus.c
|
||||
+++ b/src/libsystemd/sd-bus/sd-bus.c
|
||||
@@ -39,6 +39,7 @@
|
||||
#include "parse-util.h"
|
||||
#include "path-util.h"
|
||||
#include "process-util.h"
|
||||
+#include "stdio-util.h"
|
||||
#include "string-util.h"
|
||||
#include "strv.h"
|
||||
#include "user-util.h"
|
||||
@@ -1617,7 +1618,7 @@ static int user_and_machine_valid(const char *user_and_machine) {
|
||||
if (!user)
|
||||
return -ENOMEM;
|
||||
|
||||
- if (!isempty(user) && !valid_user_group_name(user, VALID_USER_RELAX))
|
||||
+ if (!isempty(user) && !valid_user_group_name(user, VALID_USER_RELAX | VALID_USER_ALLOW_NUMERIC))
|
||||
return false;
|
||||
|
||||
h++;
|
||||
@@ -1648,17 +1649,25 @@ static int user_and_machine_equivalent(const char *user_and_machine) {
|
||||
|
||||
/* Otherwise, if we are root, then we can also allow the ".host" syntax, as that's the user this
|
||||
* would connect to. */
|
||||
- if (geteuid() == 0 && STR_IN_SET(user_and_machine, ".host", "root@.host"))
|
||||
+ uid_t uid = geteuid();
|
||||
+
|
||||
+ if (uid == 0 && STR_IN_SET(user_and_machine, ".host", "root@.host", "0@.host"))
|
||||
return true;
|
||||
|
||||
- /* Otherwise, we have to figure our user name, and compare things with that. */
|
||||
- un = getusername_malloc();
|
||||
- if (!un)
|
||||
- return -ENOMEM;
|
||||
+ /* Otherwise, we have to figure out our user id and name, and compare things with that. */
|
||||
+ char buf[DECIMAL_STR_MAX(uid_t)];
|
||||
+ xsprintf(buf, UID_FMT, uid);
|
||||
+
|
||||
+ f = startswith(user_and_machine, buf);
|
||||
+ if (!f) {
|
||||
+ un = getusername_malloc();
|
||||
+ if (!un)
|
||||
+ return -ENOMEM;
|
||||
|
||||
- f = startswith(user_and_machine, un);
|
||||
- if (!f)
|
||||
- return false;
|
||||
+ f = startswith(user_and_machine, un);
|
||||
+ if (!f)
|
||||
+ return false;
|
||||
+ }
|
||||
|
||||
return STR_IN_SET(f, "@", "@.host");
|
||||
}
|
2
sources
2
sources
@ -1 +1 @@
|
||||
SHA512 (systemd-249.7.tar.gz) = 65848a1141f66f11610ab28f70ef2fa4539e2fc31b9f6c9d9a18d9d68be877ad02b5699d05d98b209eac4e28ba5141f83366c2b70f485f3f406d7bc14eb21365
|
||||
SHA512 (systemd-250-rc1.tar.gz) = efcf22abb5237328707942636c86b5a9080737913359863c3d568dadfffdd78667a27c0c2f9c6375de37964726e1dec0003092174a440213100a08c691fafce6
|
||||
|
15
systemd.spec
15
systemd.spec
@ -1,7 +1,7 @@
|
||||
#global commit c4b843473a75fb38ed5bf54e9d3cfb1cb3719efa
|
||||
%{?commit:%global shortcommit %(c=%{commit}; echo ${c:0:7})}
|
||||
|
||||
%global stable 1
|
||||
#global stable 1
|
||||
|
||||
# We ship a .pc file but don't want to have a dep on pkg-config. We
|
||||
# strip the automatically generated dep here and instead co-own the
|
||||
@ -30,8 +30,8 @@
|
||||
Name: systemd
|
||||
Url: https://www.freedesktop.org/wiki/Software/systemd
|
||||
%if %{without inplace}
|
||||
Version: 249.7
|
||||
Release: 3%{?dist}
|
||||
Version: 250~rc1
|
||||
Release: 1%{?dist}
|
||||
%else
|
||||
# determine the build information from local checkout
|
||||
Version: %(tools/meson-vcs-tag.sh . error | sed -r 's/-([0-9])/.^\1/; s/-g/_g/')
|
||||
@ -91,14 +91,7 @@ GIT_DIR=../../src/systemd/.git git diffab -M v233..master@{2017-06-15} -- hwdb/[
|
||||
# Any patches which are "in preparation" upstream should be listed
|
||||
# here, rather than in the next section. Packit CI will drop any
|
||||
# patches in this range before applying upstream pull requests.
|
||||
Patch0001: 0001-rpm-don-t-specify-the-full-path-for-systemctl-and-ot.patch
|
||||
Patch0002: 0002-rpm-use-a-helper-script-to-actually-invoke-systemctl.patch
|
||||
Patch0003: 0003-rpm-call-needs-restart-in-parallel.patch
|
||||
Patch0004: 0004-rpm-restart-user-services-at-the-end-of-the-transact.patch
|
||||
Patch0005: 0005-update-helper-also-add-user-reexec-verb.patch
|
||||
Patch0006: 0006-update-helper-add-missing-loop-over-user-units.patch
|
||||
|
||||
Patch0007: https://github.com/systemd/systemd/commit/2da7d0bc92.patch
|
||||
|
||||
# Downstream-only patches (5000–9999)
|
||||
# https://bugzilla.redhat.com/show_bug.cgi?id=1738828
|
||||
@ -153,6 +146,7 @@ BuildRequires: pkgconfig(libfido2)
|
||||
BuildRequires: pkgconfig(tss2-esys)
|
||||
BuildRequires: pkgconfig(tss2-rc)
|
||||
BuildRequires: pkgconfig(tss2-mu)
|
||||
BuildRequires: pkgconfig(libbpf)
|
||||
BuildRequires: systemtap-sdt-devel
|
||||
BuildRequires: libxslt
|
||||
BuildRequires: docbook-style-xsl
|
||||
@ -449,6 +443,7 @@ CONFIGURE_OPTS=(
|
||||
-Dacl=true
|
||||
-Dsmack=true
|
||||
-Dopenssl=true
|
||||
-Dcryptolib=openssl
|
||||
-Dp11kit=true
|
||||
-Dgcrypt=true
|
||||
-Daudit=true
|
||||
|
Loading…
Reference in New Issue
Block a user