diff --git a/.gitignore b/.gitignore index bff641a..50cdc17 100644 --- a/.gitignore +++ b/.gitignore @@ -1,3 +1,2 @@ SOURCES/rhel-net-naming-sysattrs-v0.5.tar.gz SOURCES/systemd-252.tar.gz -SOURCES/systemd-container-coredump.pp.bz2 diff --git a/.systemd.metadata b/.systemd.metadata index 2824411..1e483ad 100644 --- a/.systemd.metadata +++ b/.systemd.metadata @@ -1,3 +1,2 @@ 9ce6834429dbb9cb049de1bdf77bc8c84763709c SOURCES/rhel-net-naming-sysattrs-v0.5.tar.gz 7c961dc6e8bb950825b85129f59dc80f4536cabb SOURCES/systemd-252.tar.gz -36eac49c362dc6e142f23b570a9a6b75f7547250 SOURCES/systemd-container-coredump.pp.bz2 diff --git a/SPECS/systemd.spec b/SPECS/systemd.spec index dd11e6b..ffd312e 100644 --- a/SPECS/systemd.spec +++ b/SPECS/systemd.spec @@ -12,10 +12,6 @@ %global system_unit_dir %{pkgdir}/system %global user_unit_dir %{pkgdir}/user -# defining macros needed by SELinux -%global selinuxtype targeted -%global modulename systemd-container-coredump - # Bootstrap may be needed to break intercircular dependencies with # cryptsetup, e.g. when re-building cryptsetup on a json-c SONAME-bump. %bcond_with bootstrap @@ -25,7 +21,7 @@ Name: systemd Url: https://systemd.io Version: 252 -Release: 46%{?dist}.2.alma.1 +Release: 46%{?dist}.3.alma.1 # For a breakdown of the licensing, see README License: LGPLv2+ and MIT and GPLv2+ Summary: System and Service Manager @@ -74,8 +70,6 @@ Source25: rc.local %global rhel_nns_version 0.5 Source26: https://gitlab.com/mschmidt2/rhel-net-naming-sysattrs/-/archive/v%{rhel_nns_version}/rhel-net-naming-sysattrs-v%{rhel_nns_version}.tar.gz -Source27: %{modulename}.pp.bz2 - %if 0 GIT_DIR=../../src/systemd/.git git format-patch-ab --no-signature -M -N v235..v235-stable i=1; for j in 00*patch; do printf "Patch%04d: %s\n" $i $j; i=$((i+1));done|xclip @@ -1132,9 +1126,11 @@ Patch1040: 1040-efi-don-t-pull-kernel-cmdline-from-SMBIOS-in-a-confi.patch Patch1041: 1041-Fix-detection-of-TDX-confidential-VM-on-Azure-platfo.patch Patch1042: 1042-ukify-Skip-test-on-architectures-without-UEFI.patch -# Downstream-only patches (9000–9999) +# AlmaLinux Patch Patch9000: 9000-core-reorder-systemd-arguments-on-reexec.patch +# Downstream-only patches (9000–9999) + %ifarch %{ix86} x86_64 aarch64 %global have_gnu_efi 1 %endif @@ -1200,7 +1196,6 @@ BuildRequires: git-core %if 0%{?have_gnu_efi} BuildRequires: gnu-efi gnu-efi-devel %endif -BuildRequires: selinux-policy-devel BuildRequires: libfido2-devel Requires(post): coreutils @@ -1208,11 +1203,6 @@ Requires(post): sed Requires(post): acl Requires(post): grep -# selinux -Requires(post): libselinux-utils -Requires(post): policycoreutils -Requires(post): selinux-policy - # systemd-machine-id-setup requires libssl Requires(post): openssl-libs Requires(pre): coreutils @@ -1712,9 +1702,6 @@ install -m 0644 -D -t %{buildroot}%{_rpmconfigdir}/fileattrs/ %{SOURCE22} install -m 0755 -D -t %{buildroot}%{_rpmconfigdir}/ %{SOURCE23} install -m 0755 -D -t %{buildroot}%{_rpmconfigdir}/ %{SOURCE24} -# install policy modules -install -m 0644 -D -t %{buildroot}%{_datadir}/selinux/packages/%{selinuxtype}/ %{SOURCE27} - %find_lang %{name} # Split files in build root into rpms. See split-files.py for the @@ -1817,9 +1804,6 @@ chmod g+s /{run,var}/log/journal/{,${machine_id}} &>/dev/null || : # Apply ACL to the journal directory setfacl -Rnm g:wheel:rx,d:g:wheel:rx,g:adm:rx,d:g:adm:rx /var/log/journal/ &>/dev/null || : -# Install our own selinux-policy module that allows systemd-coredump access to containers -%selinux_modules_install -s %{selinuxtype} %{_datadir}/selinux/packages/%{selinuxtype}/%{modulename}.pp.bz2 - [ $1 -eq 1 ] || exit 0 # We reset the enablement of all services upon initial installation @@ -1971,7 +1955,6 @@ systemd-hwdb update &>/dev/null || : %global _docdir_fmt %{name} %files -f %{name}.lang -f .file-list-main -%{_datadir}/selinux/packages/%{selinuxtype}/%{modulename}.pp.* %doc %{_pkgdocdir} %exclude %{_pkgdocdir}/LICENSE.* %license LICENSE.GPL2 LICENSE.LGPL2.1 @@ -1991,7 +1974,6 @@ systemd-hwdb update &>/dev/null || : %ghost %dir %attr(0755,-,-) /etc/systemd/system/system-update.target.wants %ghost %dir %attr(0755,-,-) /etc/systemd/system/timers.target.wants %ghost %dir %attr(0755,-,-) /var/lib/rpm-state/systemd -%ghost %verify(not md5 size mode mtime) %{_sharedstatedir}/selinux/%{selinuxtype}/active/modules/200/%{modulename} %files libs -f .file-list-libs %license LICENSE.LGPL2.1 @@ -2029,8 +2011,12 @@ systemd-hwdb update &>/dev/null || : %{_prefix}/lib/dracut/modules.d/70rhel-net-naming-sysattrs/* %changelog -* Tue Nov 12 2024 Andrew Lukoshko - 252-46.2.alma.1 -- core: reorder systemd arguments on reexec +* Tue Mar 18 2025 Andrew Lukoshko - 252-46.3.alma.1 +- core: reorder systemd arguments on reexe +- Debrand for AlmaLinux + +* Fri Jan 31 2025 systemd maintenance team - 252-46.3 +- get rid of SELinux policy module (RHEL-76033) * Tue Sep 10 2024 systemd maintenance team - 252-46.2 - add %%posttrans scriptlet to make sure our SELinux policy module is actually installed (RHEL-46339) @@ -2395,9 +2381,6 @@ systemd-hwdb update &>/dev/null || : - test: sync with the fake binary before killing it (RHEL-29430) - test: check coredump handling in containers & namespaces (RHEL-29430) -* Mon Mar 18 2024 Andrew Lukoshko - 252-32.alma.1 -- Debrand for AlmaLinux - * Mon Mar 18 2024 Jan Macku - 252-32 - rebase rhel-net-naming-sysattrs to v0.5