Commit Graph

1166 Commits

Author SHA1 Message Date
Zbigniew Jędrzejewski-Szmek
2a3fc2e21f Use upstream pam systemd-auth file with a patch, add pam_keyinit
This file changes rarely, but it does every one in a while. And since we have an
independent copy, we forget to adjust it. We have had already two bugs because
of this. I submitted a PR upstream to include pam_namespace (because that makes
sense for all distros), so the diff between upstream and us now is just the
inclusion of system-auth (which is not upstreamable).

Effectively, the only difference right now is that 'pam_keyinit force revoke'
is included. It was added upstream with the comment:

   We want that systemd --user gets its own keyring as usual, even if the
   barebones PAM snippet we ship upstream is used. If we don't do this we get
   the basic keyring systemd --system sets up for us.
2022-12-14 22:35:52 +01:00
Zbigniew Jędrzejewski-Szmek
ef4c00c6a4 Version 252.3
... (rhbz#2136916, rhbz#2083900)
2022-12-08 23:10:51 +01:00
Zbigniew Jędrzejewski-Szmek
778f8ef8a5 Do not create boot subpackage on non-efi arches
This fixes build.
[skip changelog]
2022-12-03 09:47:34 +01:00
Zbigniew Jędrzejewski-Szmek
54a3b6f942 Split out systemd-boot-unsigned package 2022-12-02 19:08:56 +01:00
Zbigniew Jędrzejewski-Szmek
da37ad3139 Version 252.2
- Latest batch of bugfixes (rhbz#2137631)
2022-11-24 17:48:41 +01:00
Martin Osvald
83301531c0 Support user:group notation by sysusers.generate-pre.sh script
#Type Name       ID                  GECOS              Home directory Shell
u     user_name  uid:gid             "User Description" /home/dir      /path/to/shell

According to: https://www.freedesktop.org/software/systemd/man/sysusers.d.html
2022-11-24 13:35:27 +01:00
Zbigniew Jędrzejewski-Szmek
b3fa8789f9 BR: xen-devel
This improves support for XEN.

[skip changelog]
2022-11-21 11:46:31 +01:00
Zbigniew Jędrzejewski-Szmek
c6d202c6ac Version 252.1
... (just some small fixes).
2022-11-08 20:27:13 +01:00
Zbigniew Jędrzejewski-Szmek
eeb9a47dfb Version 252
No big changes from -rc3. A bunch of bugfixes.
2022-10-31 22:27:33 +01:00
Zbigniew Jędrzejewski-Szmek
9acedf97ae Version 252-rc3 (#2135778) 2022-10-25 09:00:02 +02:00
Zbigniew Jędrzejewski-Szmek
6594cdc49b Version 252-rc2 (#2134741, #2133792) 2022-10-18 14:48:29 +02:00
Zbigniew Jędrzejewski-Szmek
bab6dfc23a Fix upgrade detection in %posttrans scriptlet (rhbz#2115094)
4047e4fb7b got things very wrong.
The trick with "[ $1 -eq 1 ]" doesn't work for transaction triggers
because the argument is not provided by rpm. We need to use a state
file to propagate the information from %post to %posttrans.
2022-10-14 16:18:53 +02:00
Zbigniew Jędrzejewski-Szmek
3c5b26ff79 Fix indentation in %sysusers_create_compat macro (rhbz#2132835)
Automatic unindentation after <<-EOF only works with tabs. Jesus.
2022-10-09 15:20:41 +02:00
Zbigniew Jędrzejewski-Szmek
b2ad8fb38b Correctly move systemd-measure to systemd-udev subpackage
I had a local modification that didn't make it into commit.
2022-10-09 15:20:41 +02:00
Zbigniew Jędrzejewski-Szmek
0b51ecfabd Version 252-rc1
... (for details see https://raw.githubusercontent.com/systemd/systemd/v252-rc1/NEWS)

systemd-pcrphase and systemd-measure and initrd-* units are moved to systemd-udev.
systemd-udev should be part of the initrd, and those tools don't make much sense
in systems without hardware (i.e. containers). (systemd-measure could possibly be
useful, but we can always move it back if there's a good reason.)
2022-10-07 18:39:55 +02:00
Zbigniew Jędrzejewski-Szmek
58777c7cac Fix permissions on %ghost files (rhbz#2122889) 2022-10-01 19:35:11 +02:00
Zbigniew Jędrzejewski-Szmek
1ffb1df909 Version 251.5 (rhbz#2129343, rhbz#2121106, rhbz#2130188) 2022-10-01 19:27:15 +02:00
Yu Watanabe
38161d034a Replace patch for test-mountpoint-util
Imported from https://github.com/systemd/systemd/pull/24639.
2022-09-30 19:01:28 +02:00
Yu Watanabe
0455d50768 patch: fix regression in bfq patch
This fixes a bug introduced by d906ff0238.

Fixes RHBZ#2130188.
2022-09-30 19:01:28 +02:00
Luca BRUNO
f27d461663 sysusers/generate: bridge 'm' entries to usermod
This tweaks the sysusers.d handling logic so that 'm' entries are
now translated to a series of groupadd + useradd + usermod call.
The last usermod call is the notable change, effectively affecting
the list of secondary groups now.
2022-09-30 15:31:34 +00:00
Anita Zhang
7665e1796f Update systemd-oomd defaults to friendlier values
- Remove swap policy. Default amount of swap (8GB?) is a lot lower than
  what we use internally with the swap policy. Which frequently leads to
  GNOME getting killed
  (e.g. https://bugzilla.redhat.com/show_bug.cgi?id=1941170, and other
  BZs not linked here). Internally we use 0.5x-1x size of physical memory
  for swap via swapfiles (this will be documented in systemd upstream).
  In simple cases of using more memory than is available (but without
  memory pressure), the Kernel OOM killer can handle killing the
  offending process.

- Expand the memory pressure policy to system.slice, user-.slice, and
  all user owned slices. Support for ManagedOOM*= on user services was
  added in https://github.com/systemd/systemd/pull/20690 which allows
  us to be more fine grained on the pressure monitoring at the user
  level. In addition to the system.slice and user-.slice PSI monitoring
  this should result in a better systemd-oomd experience for desktop
  systems.
2022-09-30 14:49:03 +00:00
Zbigniew Jędrzejewski-Szmek
aac22baa3b Make systemd-devel conditionally pull in systemd-rpm-macros
If people BR:systemd-devel, they should get the macros too. It's a
tiny package, and we shouldn't require people to BR two things.

https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org/message/A5BGKRZVFDOBNMCBUPUCKLKHWEW5V2JE/
2022-09-29 10:22:45 +02:00
Neal Gompa
95413629b4 Manually bump release and add changelog for previous commit
C.f. https://pagure.io/fedora-infra/rpmautospec/pull-request/267

[skip changelog]
2022-08-19 15:49:11 -04:00
Neal Gompa
f5157f6a05 Set compile-time fallback hostname to "localhost"
This ensures that we have a universal unbranded fallback hostname.
The branded fallback hostname will be set in os-release(5) instead.

Reference: https://fedoraproject.org/wiki/Changes/FallbackHostname
2022-08-19 19:41:09 +00:00
Kalev Lember
76ce06c4a6 Manually bump release and add changelog for previous commit
C.f. https://pagure.io/fedora-infra/rpmautospec/pull-request/267

[skip changelog]
2022-08-19 14:44:43 +02:00
Kalev Lember
1e997acc65 Avoid requiring systemd-pam from -devel subpackage
Instead, add systemd-pam to pungi-fedora's multilib whitelist:
https://pagure.io/pungi-fedora/pull-request/1113

This should help with flatpak runtime packaging so that we can avoid
having to ship systemd-pam in the flatpak container.
2022-08-18 18:45:42 +02:00
Zbigniew Jędrzejewski-Szmek
cbb106a7a6 Fix formatting and number in changelog
https://pagure.io/releng/issue/10952: rpmdev-bumpspec apparently does
not like the way the Release field was conditionalized.
But since the switch to rpmautospec this isn't important, since the
v-r string will be generated by rpmautospec. I went over the changelog
and manually inserted tags for the old builds.

Unfortunately there's another issue, rpmautospec cannot deal with
%include: https://pagure.io/fedora-infra/rpmautospec/pull-request/267
Numbers for the latest builds are adjusted to match what koji lists.
2022-08-10 14:44:03 +02:00
Zbigniew Jędrzejewski-Szmek
aeb2225403 Manually bump release version for rpmautospec
C.f. https://pagure.io/releng/issue/10952.

[skip changelog]
2022-08-09 16:31:12 +02:00
Luca BRUNO
d00b46ea87 Align sysusers-generated shell value with upstream systemd default 2022-08-09 13:02:59 +02:00
Zbigniew Jędrzejewski-Szmek
89715a5ded Backport patches and do a full preset on first boot
... (#2114065,
https://fedoraproject.org/wiki/Changes/Preset_All_Systemd_Units_on_First_Boot)
2022-08-09 13:02:59 +02:00
Zbigniew Jędrzejewski-Szmek
fa3038d631 Version 251.4
... (fixes rhbz#2112551)
- A bunch of fixes to documentation, crashes in systemd-resolved,
  systemd-networkd, systemd itself, and other smaller fixes.
2022-08-08 13:10:27 +02:00
Zbigniew Jędrzejewski-Szmek
99fbfcd5a2 Convert to rpmautospec 2022-08-08 13:10:06 +02:00
Fedora Release Engineering
31a512dde1 Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild
Signed-off-by: Fedora Release Engineering <releng@fedoraproject.org>
2022-07-23 09:59:57 +00:00
Zbigniew Jędrzejewski-Szmek
8ed6e37eb4 Version 251.3 2022-07-14 09:48:35 +02:00
Zbigniew Jędrzejewski-Szmek
9e8220ffd3 Drop forgotten "temporary" workaround for #1663040 2022-07-13 15:06:22 +02:00
Daan De Meyer
901acf5a2a Move networkd sysusers snippet to networkd rpm
Now that the tmpfiles snippet is a separate file shipped as part
of the networkd package, we can ship the sysusers snippet as a part
of the networkd package as well.
2022-07-07 12:07:01 +02:00
Daan De Meyer
77e121360a Move networkd man pages to networkd package 2022-07-06 20:50:31 +02:00
Zbigniew Jędrzejewski-Szmek
27c0d43eff Drop Obsoletes for systemd-standalone-{tmpfiles,sysusers}
It turns out that with the Obsoletes, dnf will just install the normal
systemd package if systemd-standalone-* is requested. The commit message
for b36512ad8f which added this says I tested
with local package builds (where it works), but not when going through the
full repo with all packages.

I'm adding the Provides instead, so that it's possible to request on or
the other more easily.
2022-07-03 21:31:40 +02:00
Zbigniew Jędrzejewski-Szmek
ee5cf7fbad Drop forward-secure-sealing code from sd-journal and tools
I asked on fedora-devel@, and the lone reply was from Matthew Miller
who tried it once when it was introduced and hasn't used it since.
Dropping this removes the last dependency on libgcrypt and libgpg-error
in libsystemd, significantly reducing our installation footprint.

Right now libmicrohttpd is still linked to libgcrypt, so
libsystemd-journal-remote subpackage will pull libgcrypt in.
2022-06-29 17:17:14 +02:00
Zbigniew Jędrzejewski-Szmek
fae302cf1d Revert "Add workaround for audit breakage"
This reverts commit a4d136e22a.

audit-3.0.8 is out, so this should be fixed now.
2022-06-29 08:37:59 +02:00
Zbigniew Jędrzejewski-Szmek
6af49ef1a1 Add patch to fix build on i686 2022-06-03 10:15:05 +02:00
Zbigniew Jędrzejewski-Szmek
81108b2d49 Version 251.2 2022-06-02 20:30:56 +02:00
David Auer
ccbadf1a74 Fix formatting of README.build-in-place 2022-05-30 16:53:38 +02:00
Zbigniew Jędrzejewski-Szmek
b45625adb1 Revert "Drop old work-around patch"
This reverts commit 9a48377e0a.

Apparently the patch is still needed, without it we get issues in CI
packit builds.
2022-05-25 21:48:16 +02:00
Zbigniew Jędrzejewski-Szmek
6ac7409b1e Bump release 2022-05-25 15:38:21 +02:00
Zbigniew Jędrzejewski-Szmek
9a48377e0a Drop old work-around patch
This was reported to be an issue on older kernels, so let's hope
it is resolved now.
2022-05-25 14:48:33 +02:00
Zbigniew Jędrzejewski-Szmek
7776269804 Reintroduce the tag for shared libraries 2022-05-25 14:45:31 +02:00
Zbigniew Jędrzejewski-Szmek
ee6588e902 Drop "v" from the version tag, add tilde back
When -Dversion-tag was initially added in edaa157918,
I used "v" without any comment. But upstream does not use "v", so we have
versions which don't compare directly:

$ build/systemctl --version|head -n1
systemd 251 (251-66-g7e46a5c+)
$ systemctl --version|head -n1
systemd 251 (v251-1.fc37)

And in 3c4f9413a7, when -Dshared-lib-tag= was
introduced, %{version} was replaced by %{version_no_tilde}, again without any
specific comment. For the shared-lib-tag, it makes sense to use _no_tilde,
because it's enough to have non-conflicting file names, and we don't compare
the tags. I guess I wanted both uses to be consistent. But if we substitute
the tilde, we can't do proper comparisons.

I noticed the following issue: with sd-boot installed from git and a
package, upgrades wouldn't work:

Comparing versions: "systemd-boot v251-1.fc37" < "systemd-boot 251-rc1-390-g3603f15
Skipping "/boot/efi/EFI/systemd/systemd-bootx64.efi", since newer boot loader version in place already.

The two changes should make those comparisons work properly in most
cases.
2022-05-25 14:32:47 +02:00
Zbigniew Jędrzejewski-Szmek
a65bd010dd Supress errors from useradd/groupadd 2022-05-25 14:18:25 +02:00
Zbigniew Jędrzejewski-Szmek
b68903c0ee Upload sources
(no changelog)
2022-05-24 23:51:05 +02:00