David Tardon
4a979feb16
Move systemd-cryptenroll to systemd-udev
2022-03-17 17:35:55 +00:00
Michael Catanzaro
28acb3f912
Disable default DNS over TLS ( #1889901 )
2022-03-14 09:48:35 -05:00
Zbigniew Jędrzejewski-Szmek
d906ff0238
Rebase the bfq patch
2022-03-04 17:33:36 +01:00
Zbigniew Jędrzejewski-Szmek
5e7fc47a08
Avoid trying to create the symlink if there's a dangling symlink already
...
'test -e' says 'no' for dangling symlinks.
Let's also ignore the error if this fails. We shouldn't fail the
transaction.
2022-02-24 20:27:09 +01:00
Zbigniew Jędrzejewski-Szmek
a4d136e22a
Add workaround for audit breakage
2022-02-24 08:56:56 +01:00
Zbigniew Jędrzejewski-Szmek
c971c5b980
Drop some unnecessary requirements
2022-02-24 08:45:02 +01:00
Zbigniew Jędrzejewski-Szmek
8c4c6daba9
Specify owner of utmp/wtmp/btmp/lastlog as root in the rpm listing
...
The analysis in 1ba983e0be
was wrong.
Both systemd-journal and utmp need to be created. For some reason rpm
reports only the first group which is not available. It was
complaining about systemd-journal, and when that was "fixed", it
started complaining about utmp. Let's apply the same logic here.
Non-root users of files owned by utmp group should only matter after a
reboot, and tmpfiles will adjust the ownership.
Running transaction
Running scriptlet: filesystem-3.16-2.fc36.x86_64 1/1
Preparing : 1/1
Installing : libgcc-12.0.1-0.8.fc37.x86_64 1/76
Running scriptlet: libgcc-12.0.1-0.8.fc37.x86_64 1/76
Installing : fedora-release-identity-basic-37-0.2.noarch 2/76
Installing : tzdata-2021e-4.fc36.noarch 3/76
Installing : pcre2-syntax-10.39-1.fc36.1.noarch 4/76
Installing : ncurses-base-6.2-9.20210508.fc36.noarch 5/76
Installing : fedora-gpg-keys-37-0.1.noarch 6/76
Installing : fedora-release-37-0.2.noarch 7/76
Installing : fedora-release-common-37-0.2.noarch 8/76
Installing : fedora-repos-rawhide-37-0.1.noarch 9/76
Installing : fedora-repos-37-0.1.noarch 10/76
Installing : setup-2.13.9.1-3.fc36.noarch 11/76
Running scriptlet: setup-2.13.9.1-3.fc36.noarch 11/76
Installing : filesystem-3.16-2.fc36.x86_64 12/76
Installing : basesystem-11-13.fc36.noarch 13/76
Installing : glibc-minimal-langpack-2.35-2.fc37.x86_64 14/76
Installing : glibc-common-2.35-2.fc37.x86_64 15/76
Running scriptlet: glibc-2.35-2.fc37.x86_64 16/76
Installing : glibc-2.35-2.fc37.x86_64 16/76
Running scriptlet: glibc-2.35-2.fc37.x86_64 16/76
Installing : ncurses-libs-6.2-9.20210508.fc36.x86_64 17/76
Installing : bash-5.1.16-2.fc36.x86_64 18/76
Running scriptlet: bash-5.1.16-2.fc36.x86_64 18/76
Installing : libuuid-2.38-0.2.fc36.x86_64 19/76
Installing : libcap-2.48-4.fc36.x86_64 20/76
Installing : libattr-2.5.1-4.fc36.x86_64 21/76
Installing : libacl-2.3.1-3.fc36.x86_64 22/76
Installing : libzstd-1.5.2-1.fc36.x86_64 23/76
Installing : xz-libs-5.2.5-8.fc36.x86_64 24/76
Installing : zlib-1.2.11-31.fc36.x86_64 25/76
Installing : bzip2-libs-1.0.8-11.fc36.x86_64 26/76
Installing : libcap-ng-0.8.2-9.fc36.x86_64 27/76
Installing : audit-libs-3.0.7-1.fc36.x86_64 28/76
Installing : libsepol-3.3-3.fc36.x86_64 29/76
Installing : libxcrypt-4.4.28-1.fc37.x86_64 30/76
Installing : lz4-libs-1.9.3-4.fc36.x86_64 31/76
Installing : pcre2-10.39-1.fc36.1.x86_64 32/76
Installing : libselinux-3.3-4.fc36.x86_64 33/76
Installing : libsemanage-3.3-3.fc37.x86_64 34/76
Installing : shadow-utils-2:4.11.1-2.fc37.x86_64 35/76
Installing : sed-4.8-10.fc36.x86_64 36/76
Installing : dbus-common-1:1.13.20-3.fc36.noarch 37/76
Running scriptlet: dbus-common-1:1.13.20-3.fc36.noarch 37/76
Installing : alternatives-1.19-2.fc36.x86_64 38/76
Installing : expat-2.4.6-1.fc37.x86_64 39/76
Installing : gmp-1:6.2.1-2.fc36.x86_64 40/76
Installing : json-c-0.15-3.fc36.x86_64 41/76
Installing : libargon2-20171227-8.fc36.x86_64 42/76
Installing : libeconf-0.4.0-3.fc36.x86_64 43/76
Installing : pam-libs-1.5.2-11.fc37.x86_64 44/76
Installing : libffi-3.4.2-8.fc36.x86_64 45/76
Installing : p11-kit-0.24.1-2.fc36.x86_64 46/76
Installing : libgpg-error-1.44-1.fc36.x86_64 47/76
Installing : libgcrypt-1.10.0-1.fc36.x86_64 48/76
Installing : systemd-libs-250.3-4.fc37.x86_64 49/76
Running scriptlet: dbus-broker-29-5.fc36.x86_64 50/76
useradd warning: dbus's uid 81 outside of the SYS_UID_MIN 201 and SYS_UID_MAX 999 range.
Installing : dbus-broker-29-5.fc36.x86_64 50/76
Running scriptlet: dbus-broker-29-5.fc36.x86_64 50/76
Installing : dbus-1:1.13.20-3.fc36.x86_64 51/76
Installing : libseccomp-2.5.3-2.fc36.x86_64 52/76
Installing : libsmartcols-2.38-0.2.fc36.x86_64 53/76
Installing : libtasn1-4.18.0-2.fc36.x86_64 54/76
Installing : p11-kit-trust-0.24.1-2.fc36.x86_64 55/76
Running scriptlet: p11-kit-trust-0.24.1-2.fc36.x86_64 55/76
Installing : libunistring-1.0-1.fc36.x86_64 56/76
Installing : libidn2-2.3.2-4.fc36.x86_64 57/76
Installing : pcre-8.45-1.fc36.1.x86_64 58/76
Installing : grep-3.7-2.fc36.x86_64 59/76
Installing : crypto-policies-20220203-2.git112f859.fc36.noarch 60/76
Running scriptlet: crypto-policies-20220203-2.git112f859.fc36.noarch 60/76
Installing : coreutils-common-9.0-3.fc36.x86_64 61/76
Installing : openssl-libs-1:3.0.0-1.fc36.x86_64 62/76
Installing : coreutils-9.0-3.fc36.x86_64 63/76
Running scriptlet: ca-certificates-2021.2.52-3.fc36.noarch 64/76
Installing : ca-certificates-2021.2.52-3.fc36.noarch 64/76
Running scriptlet: ca-certificates-2021.2.52-3.fc36.noarch 64/76
Installing : libblkid-2.38-0.2.fc36.x86_64 65/76
Running scriptlet: libblkid-2.38-0.2.fc36.x86_64 65/76
Installing : libmount-2.38-0.2.fc36.x86_64 66/76
Installing : util-linux-core-2.38-0.2.fc36.x86_64 67/76
Running scriptlet: util-linux-core-2.38-0.2.fc36.x86_64 67/76
Installing : libfdisk-2.38-0.2.fc36.x86_64 68/76
Installing : kmod-libs-29-7.fc36.x86_64 69/76
Installing : cryptsetup-libs-2.4.3-2.fc36.x86_64 70/76
Installing : device-mapper-libs-1.02.175-7.fc36.x86_64 71/76
Installing : device-mapper-1.02.175-7.fc36.x86_64 72/76
Installing : systemd-pam-250.3-4.fc37.x86_64 73/76
Installing : systemd-resolved-250.3-4.fc37.x86_64 74/76
Running scriptlet: systemd-resolved-250.3-4.fc37.x86_64 74/76
Installing : systemd-networkd-250.3-4.fc37.x86_64 75/76
Running scriptlet: systemd-networkd-250.3-4.fc37.x86_64 75/76
Installing : systemd-250.3-4.fc37.x86_64 76/76
warning: group utmp does not exist - using root
warning: group utmp does not exist - using root
warning: group utmp does not exist - using root
warning: group utmp does not exist - using root
Running scriptlet: systemd-250.3-4.fc37.x86_64 76/76
Creating group 'utmp' with GID 22.
Creating group 'input' with GID 104.
Creating group 'kvm' with GID 36.
Creating group 'render' with GID 105.
Creating group 'sgx' with GID 106.
Creating group 'systemd-journal' with GID 190.
Creating group 'systemd-network' with GID 192.
Creating user 'systemd-network' (systemd Network Management) with UID 192 and GID 192.
Creating group 'systemd-oom' with GID 999.
Creating user 'systemd-oom' (systemd Userspace OOM Killer) with UID 999 and GID 999.
Creating group 'systemd-resolve' with GID 193.
Creating user 'systemd-resolve' (systemd Resolver) with UID 193 and GID 193.
Running scriptlet: filesystem-3.16-2.fc36.x86_64 76/76
Running scriptlet: ca-certificates-2021.2.52-3.fc36.noarch 76/76
Running scriptlet: systemd-resolved-250.3-4.fc37.x86_64 76/76
'/etc/resolv.conf' -> '../run/systemd/resolve/stub-resolv.conf'
Running scriptlet: systemd-250.3-4.fc37.x86_64 76/76
2022-02-24 00:11:19 +01:00
Zbigniew Jędrzejewski-Szmek
4cc75bbba5
Move part of %post scriptlet for resolved to %posttrans (rhbz#2018913)
2022-02-23 23:52:08 +01:00
Zbigniew Jędrzejewski-Szmek
996c95efaf
Bump release
2022-02-16 22:42:27 +01:00
Zbigniew Jędrzejewski-Szmek
4c2d7265ec
Add patch for new kernel headers
...
It's already included in systemd-stable, but v250.4 hasn't been tagged
yet.
2022-02-16 22:33:01 +01:00
Zbigniew Jędrzejewski-Szmek
e48b9066b7
Drop unused dependencies for scriptlets
2022-02-16 22:33:01 +01:00
Zbigniew Jędrzejewski-Szmek
1ba983e0be
Specify owner of /var/log/journal as root in the rpm listing
...
$ rpm -qlv systemd |grep -v 'root root'
-rw-rw-r-- 1 root utmp 0 Jan 22 03:38 /run/utmp
-rw-rw---- 1 root utmp 0 Jan 22 03:38 /var/log/btmp
-rw-rw-r-- 1 root utmp 0 Jan 22 03:38 /var/log/lastlog
-rw-rw-r-- 1 root utmp 0 Jan 22 03:38 /var/log/wtmp
drwxr-sr-x 2 root systemd- 0 Jan 22 03:38 /var/log/journal
During installation rpm would log an error that systemd-journal group
is unknown. We create all our users by calling sysusers in the %post
scriptlet, but that is too late. To avoid the warning we could either
add a %pre scriptlet, but that'd require adding a dependency on
shadow-utils for groupadd, since we can't use our own tools before we
are installed. Let's instead create the directory owned by root.root,
and change the group afterwards. The group ownership is for file
ownership, and in the worst case (we don't assign the group or set
mode +s), unprivileged users will not be able to read the logs.
We also use 'utmp' group, but that is provided by setup.rpm and is not
an issue.
https://bugzilla.redhat.com/show_bug.cgi?id=2018913#c24
2022-02-16 22:33:01 +01:00
Zbigniew Jędrzejewski-Szmek
cac0b2a5a7
Drop scriptlet for handling nobody user upgrades from Fedora <28
...
For https://fedoraproject.org/wiki/Changes/RenameNobodyUser a scriptlet
was introduced with prevents nss-systemd from synthesizing entries for nobody.
Let's remove the scriptlet: very few people upgrade from such old systems,
and even if they do, having a duplicate entry for nobody is annoying
but hardly a big problem.
(The other side of this, support in nss-systemd remains in place.)
This allows deps on the tools used in the scriptlet to be dropped from -libs.
While at it, also drop noop ldconfig scriptlets.
2022-02-16 22:32:56 +01:00
Zbigniew Jędrzejewski-Szmek
2731a22179
Bias the resolver towards libcurl-minimal
2022-02-10 18:14:26 +01:00
Zbigniew Jędrzejewski-Szmek
b54029abba
Drop 20-grubby.install plugin for kernel-install
2022-02-10 18:02:31 +01:00
Zbigniew Jędrzejewski-Szmek
f42ae67ed3
Add pam_namespace to systemd-user pam config
2022-02-10 17:42:47 +01:00
Zbigniew Jędrzejewski-Szmek
3ce3375cc6
Remove duplicated pam systemd-user file
2022-02-10 17:37:56 +01:00
Fedora Release Engineering
c763537617
- Rebuilt for https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild
...
Signed-off-by: Fedora Release Engineering <releng@fedoraproject.org>
2022-01-22 02:12:42 +00:00
Zbigniew Jędrzejewski-Szmek
238e8e0e64
Fix creation of /var/log/lastlog
...
I have no idea how I managed to screw that up yesterday…
2022-01-19 08:31:33 +01:00
Zbigniew Jędrzejewski-Szmek
f97cf5817a
Take ownership of /var/log/lastlog
...
https://pagure.io/setup/pull-request/30 and
https://src.fedoraproject.org/rpms/util-linux/pull-request/10 are the
opposite steps for setup and util-linux.
2022-01-18 16:22:31 +01:00
Zbigniew Jędrzejewski-Szmek
3fe8cebea3
Version 250.3
2022-01-18 12:56:37 +01:00
Zbigniew Jędrzejewski-Szmek
d1787ccd07
Version 250.2
2022-01-10 22:04:43 +01:00
Zbigniew Jędrzejewski-Szmek
c1e2f480f7
Disable bpf filters on s390x
2022-01-04 18:27:08 +01:00
Zbigniew Jędrzejewski-Szmek
206f30e9fd
Version 250.1
2022-01-04 18:27:08 +01:00
Zbigniew Jędrzejewski-Szmek
620e0cff6b
Install only license files relevant to the effective license
...
We installed all the license files for the licenses used in the sources
(as %doc), but that doesn't seem useful.
2022-01-04 18:27:08 +01:00
Zbigniew Jędrzejewski-Szmek
60d0bbefe2
Disable bpf filters on arm64
2021-12-30 21:42:10 +01:00
Zbigniew Jędrzejewski-Szmek
114f45fe1f
Skip bpf filtering on arm32 and ppc64el
2021-12-28 16:10:15 +01:00
Zbigniew Jędrzejewski-Szmek
7993a98ea4
Enable bpf-framework
2021-12-25 15:31:58 +01:00
Zbigniew Jędrzejewski-Szmek
3c872dc5d9
Fix warning about systemd-boot-update.service not existing on arm32
2021-12-25 11:02:05 +01:00
Zbigniew Jędrzejewski-Szmek
2edf38c273
Version 250
2021-12-23 21:15:44 +01:00
Zbigniew Jędrzejewski-Szmek
34a8fa5907
Switch unit status name format to 'combined'
2021-12-23 13:45:31 +01:00
Zbigniew Jędrzejewski-Szmek
b1af825426
Version 250-rc3
2021-12-20 19:48:35 +01:00
Zbigniew Jędrzejewski-Szmek
7f4e198603
Create /etc/resolv.conf symlink if nothing is present yet
2021-12-18 17:40:12 +01:00
Zbigniew Jędrzejewski-Szmek
184bb74091
Move libcryptsetup-token plugins to -udev
2021-12-14 19:09:00 +01:00
Zbigniew Jędrzejewski-Szmek
711d924ba3
Move systemd-boot-update.service to -udev subpackage
...
It will not be enabled on upgrades, but I think this is OK. sd-boot
is not very widely used anyway.
2021-12-12 13:01:40 +01:00
Pavel Březina
0898a89444
spec: remove nsswitch.conf scriptlet
...
Related to: https://fedoraproject.org/wiki/Changes/Make_Authselect_Mandatory
Both systemd and resolved nss modules are now enabled by default in
authselect. Users are now expected to use authselect to configure
the system and packages should no longer support non-authselect
configurations.
Resolves: rhbz#2023743
2021-12-10 17:09:21 +01:00
Zbigniew Jędrzejewski-Szmek
b24b99d669
Add Recommends for dlopened libs and move files into subpackages
2021-12-09 23:23:39 +01:00
Zbigniew Jędrzejewski-Szmek
1634b1b16a
Revert "spec: remove nsswitch.conf scriptlet"
...
This reverts commit 2afe364ac4
.
Unfortunately the build failed on dependencies:
DEBUG util.py:444: Error:
DEBUG util.py:444: Problem: package authselect-libs-1.3.0-1.fc36.x86_64 conflicts with glibc < 2.34.9000-27 provided by glibc-2.34.9000-26.fc36.x86_64
DEBUG util.py:444: - package util-linux-2.37.2-1.fc36.x86_64 requires /etc/pam.d/system-auth, but none of the providers can be installed
DEBUG util.py:444: - package gawk-5.1.1-1.fc36.x86_64 requires libm.so.6()(64bit), but none of the providers can be installed
DEBUG util.py:444: - package gawk-5.1.1-1.fc36.x86_64 requires libm.so.6(GLIBC_2.2.5)(64bit), but none of the providers can be installed
DEBUG util.py:444: - package gawk-5.1.1-1.fc36.x86_64 requires libm.so.6(GLIBC_2.29)(64bit), but none of the providers can be installed
DEBUG util.py:444: - package gawk-5.1.1-1.fc36.x86_64 requires rtld(GNU_HASH), but none of the providers can be installed
DEBUG util.py:444: - package gawk-5.1.1-1.fc36.x86_64 requires libc.so.6(GLIBC_2.34)(64bit), but none of the providers can be installed
DEBUG util.py:444: - conflicting requests
I need to build the package again in rawhide, so this needs to be reverted
for now.
2021-12-09 18:49:59 +01:00
Pavel Březina
2afe364ac4
spec: remove nsswitch.conf scriptlet
...
Related to: https://fedoraproject.org/wiki/Changes/Make_Authselect_Mandatory
Both systemd and resolved nss modules are now enabled by default in
authselect. Users are now expected to use authselect to configure
the system and packages should no longer support non-authselect
configurations.
Resolves: rhbz#2023743
2021-12-09 18:27:16 +01:00
Zbigniew Jędrzejewski-Szmek
11bf124056
Fix memleak
2021-12-09 16:02:25 +01:00
Zbigniew Jędrzejewski-Szmek
ce4156b3dd
Version 250-rc1
...
The crypto backend is switched to openssl.
gcrypt is still used for FSS in libsystemd.so.
2021-12-09 16:02:25 +01:00
Zbigniew Jędrzejewski-Szmek
e19aaa4604
Drop comments about already-merged pull request
2021-12-03 15:48:22 +01:00
Ludwig Nussel
6ffa8d89d6
Fix video link
2021-12-02 16:28:17 +00:00
Zbigniew Jędrzejewski-Szmek
d1ad6b189d
%ghost /var/lib/{machines,portables}
2021-11-24 10:00:32 +01:00
Davide Cavalca
b7c95ddd9e
Disable legacy iptables support
2021-11-19 08:29:38 -08:00
Luca BRUNO
21ca64d8e0
sysusers/provides: parse and output static IDs
...
This adds support for parsing static UIDs and GIDs from sysusers.d
fragments, and automatically forwarding them to the generated
'Provides' entries.
It will allow inspecting users/groups with static IDs directly
from package metadata:
```
$ rpm --query --provides --package gdm-41.0-3.fc36.x86_64.rpm
[...]
group(gdm) = 42
user(gdm) = 42
```
2021-11-16 16:36:58 +00:00
Zbigniew Jędrzejewski-Szmek
2d54326a8c
Bump release
...
Oh, no autorelease here!
2021-11-15 14:09:32 +01:00
Zbigniew Jędrzejewski-Szmek
1d712f8acf
Supress errors on selinux systems
...
See https://bugzilla.redhat.com/show_bug.cgi?id=2023332 .
https://bugzilla.redhat.com/show_bug.cgi?id=2023332 is also related.
2021-11-15 13:47:07 +01:00
Zbigniew Jędrzejewski-Szmek
87e1ce3317
Version 249.7
2021-11-14 16:12:23 +01:00
Petr Menšík
27cc5e08c2
Switch to NM resolver on systemd-resolved uninstall
...
If /etc/resolv.conf pointed to systemd-resolved stub configuration, it
is obvious it would stop working. Compensate it by deleting the link, it
would be created again on installation. Try to pass ownership to NM,
which also provides similar file. Keep it missing otherwise, might be
created by unknown tool on reboot.
Signed-off-by: Petr Menšík <pemensik@redhat.com>
2021-11-14 09:38:52 +00:00