Commit Graph

1047 Commits

Author SHA1 Message Date
Zbigniew Jędrzejewski-Szmek
4f23aac033 Version 253-rc3
- A bunch of bugfixes for regressions, some documentation and bug fixes too.
- Really fix rhbz#2165692 (previous build carried an unapplied patch).
2023-02-10 18:57:22 +01:00
Zbigniew Jędrzejewski-Szmek
8eea43e714 Disable systemd-boot-update.service in presets 2023-02-08 16:39:45 +01:00
Zbigniew Jędrzejewski-Szmek
0dfb1a37e1 Use proper capitalization in license string
[skip changelog]
2023-02-08 12:38:11 +01:00
Zbigniew Jędrzejewski-Szmek
eb6fe37e3c Update License to SPDX 2023-02-08 12:31:21 +01:00
Thomas Haller
aff167152e add "98-default-mac-none.link" to keep default MAC address of bridge/bond/team
https://bugzilla.redhat.com/show_bug.cgi?id=2107754
https://fedoraproject.org/wiki/Changes/MAC_Address_Policy_none
https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org/thread/FZGH473ZUGPXK2E3GOEQ5TBLJ62FYJBC/
2023-02-06 15:30:29 +01:00
Michael Catanzaro
ba02e90496 Shorten shutdown timeout to 45 s 2023-02-02 20:46:37 +01:00
Zbigniew Jędrzejewski-Szmek
708a09cead Version 253~rc2
- Sysusers fixup (rhbz#2156900) + other small changes
2023-02-02 20:40:31 +01:00
Zbigniew Jędrzejewski-Szmek
ba48b51817 BuildRequire pytest
This is needed to run ukify tests. They were skipped because pytest
was not available.

[skip changelog]
2023-02-02 20:34:01 +01:00
Yaakov Selkowitz
3c935dd203 Build with xen only on Fedora 2023-02-01 20:14:52 -05:00
Zbigniew Jędrzejewski-Szmek
189f5d16f4 Add a new provides with just the version
[skip changelog]
2023-01-27 16:08:56 +01:00
Zbigniew Jędrzejewski-Szmek
efa3d301b9 Reenable systemd-journald-audit.socket after upgrades
... (rhbz#2164594)

The socket exists and is enabled in the initrd. After switch-root, the system
goes into an infinite loop trying to stop the socket while incoming audit
messages trigger start jobs for the socket. This is a bug in the transaction
logic, that'll need to be fixed separately.

We need to preset the socket after the upgrade so that it remains enabled
by default. This should fix the boot issue, though it's not a complete fix,
because we actually want to allow people to disable the socket.

On initial install, the socket is covered by preset-all and gets enabled.
2023-01-26 11:28:32 +01:00
Zbigniew Jędrzejewski-Szmek
58eb55671d Add Requires on Python modules to systemd-ukify and Recommends for libp11-kit 2023-01-25 15:10:41 +01:00
Zbigniew Jędrzejewski-Szmek
903ce887fd Version 253~rc1
- See https://raw.githubusercontent.com/systemd/systemd/v253-rc1/NEWS
- New subpackages: systemd-repart-standalone, systemd-shutdown-standalone,
  and systemd-ukify.
2023-01-25 00:16:28 +01:00
Zbigniew Jędrzejewski-Szmek
a142c87042 Backport patches to fix issues gcc-13 and -D_FORTIFY_SOURCE=3
gcc has a new warning which caught a bug of int/enum mismatches.
And we would crash on some architectures when built with -D_FORTIFY_SOURCE=3
because of our malloc_usable_size() use.

This should resolve the build failure in F38 mass build.
2023-01-22 22:41:22 +01:00
Daan De Meyer
67561d75bf Add python3 to BuildRequires
Let's make it explicit that python3 is required during the build
process.
2023-01-05 13:52:34 +01:00
Zbigniew Jędrzejewski-Szmek
befb0e11dd Version 252.4
- Fixes a few different issues (systemd-timesyncd connectivity problems, broken
  emoji output on the console, crashes in pid1 unit dependency logic)
- CVE-2022-4415: systemd: coredump not respecting fs.suid_dumpable kernel
  setting
2022-12-20 19:27:52 +01:00
Zbigniew Jędrzejewski-Szmek
732bdcb223 boot: add Provides:systemd-boot(isa)
As requested in https://github.com/rhinstaller/anaconda/pull/4368#discussion_r1043839809,
so that it's easier to depend on the appropriate package. Once we have the
signed version built, this provides might be dropped. But let's add it at least
for now so that there's a stable name to depend on.

While at it, let's drop ? from %{_isa}. Systemd is always archful.
2022-12-17 18:34:31 +01:00
Zbigniew Jędrzejewski-Szmek
1d366e53d8 Stop trying to use removed source file
[skip changelog]
2022-12-15 12:48:00 +01:00
Zbigniew Jędrzejewski-Szmek
2a3fc2e21f Use upstream pam systemd-auth file with a patch, add pam_keyinit
This file changes rarely, but it does every one in a while. And since we have an
independent copy, we forget to adjust it. We have had already two bugs because
of this. I submitted a PR upstream to include pam_namespace (because that makes
sense for all distros), so the diff between upstream and us now is just the
inclusion of system-auth (which is not upstreamable).

Effectively, the only difference right now is that 'pam_keyinit force revoke'
is included. It was added upstream with the comment:

   We want that systemd --user gets its own keyring as usual, even if the
   barebones PAM snippet we ship upstream is used. If we don't do this we get
   the basic keyring systemd --system sets up for us.
2022-12-14 22:35:52 +01:00
Zbigniew Jędrzejewski-Szmek
ef4c00c6a4 Version 252.3
... (rhbz#2136916, rhbz#2083900)
2022-12-08 23:10:51 +01:00
Zbigniew Jędrzejewski-Szmek
778f8ef8a5 Do not create boot subpackage on non-efi arches
This fixes build.
[skip changelog]
2022-12-03 09:47:34 +01:00
Zbigniew Jędrzejewski-Szmek
54a3b6f942 Split out systemd-boot-unsigned package 2022-12-02 19:08:56 +01:00
Zbigniew Jędrzejewski-Szmek
da37ad3139 Version 252.2
- Latest batch of bugfixes (rhbz#2137631)
2022-11-24 17:48:41 +01:00
Zbigniew Jędrzejewski-Szmek
b3fa8789f9 BR: xen-devel
This improves support for XEN.

[skip changelog]
2022-11-21 11:46:31 +01:00
Zbigniew Jędrzejewski-Szmek
c6d202c6ac Version 252.1
... (just some small fixes).
2022-11-08 20:27:13 +01:00
Zbigniew Jędrzejewski-Szmek
eeb9a47dfb Version 252
No big changes from -rc3. A bunch of bugfixes.
2022-10-31 22:27:33 +01:00
Zbigniew Jędrzejewski-Szmek
9acedf97ae Version 252-rc3 (#2135778) 2022-10-25 09:00:02 +02:00
Zbigniew Jędrzejewski-Szmek
6594cdc49b Version 252-rc2 (#2134741, #2133792) 2022-10-18 14:48:29 +02:00
Zbigniew Jędrzejewski-Szmek
bab6dfc23a Fix upgrade detection in %posttrans scriptlet (rhbz#2115094)
4047e4fb7b got things very wrong.
The trick with "[ $1 -eq 1 ]" doesn't work for transaction triggers
because the argument is not provided by rpm. We need to use a state
file to propagate the information from %post to %posttrans.
2022-10-14 16:18:53 +02:00
Zbigniew Jędrzejewski-Szmek
0b51ecfabd Version 252-rc1
... (for details see https://raw.githubusercontent.com/systemd/systemd/v252-rc1/NEWS)

systemd-pcrphase and systemd-measure and initrd-* units are moved to systemd-udev.
systemd-udev should be part of the initrd, and those tools don't make much sense
in systems without hardware (i.e. containers). (systemd-measure could possibly be
useful, but we can always move it back if there's a good reason.)
2022-10-07 18:39:55 +02:00
Zbigniew Jędrzejewski-Szmek
58777c7cac Fix permissions on %ghost files (rhbz#2122889) 2022-10-01 19:35:11 +02:00
Zbigniew Jędrzejewski-Szmek
1ffb1df909 Version 251.5 (rhbz#2129343, rhbz#2121106, rhbz#2130188) 2022-10-01 19:27:15 +02:00
Yu Watanabe
38161d034a Replace patch for test-mountpoint-util
Imported from https://github.com/systemd/systemd/pull/24639.
2022-09-30 19:01:28 +02:00
Anita Zhang
7665e1796f Update systemd-oomd defaults to friendlier values
- Remove swap policy. Default amount of swap (8GB?) is a lot lower than
  what we use internally with the swap policy. Which frequently leads to
  GNOME getting killed
  (e.g. https://bugzilla.redhat.com/show_bug.cgi?id=1941170, and other
  BZs not linked here). Internally we use 0.5x-1x size of physical memory
  for swap via swapfiles (this will be documented in systemd upstream).
  In simple cases of using more memory than is available (but without
  memory pressure), the Kernel OOM killer can handle killing the
  offending process.

- Expand the memory pressure policy to system.slice, user-.slice, and
  all user owned slices. Support for ManagedOOM*= on user services was
  added in https://github.com/systemd/systemd/pull/20690 which allows
  us to be more fine grained on the pressure monitoring at the user
  level. In addition to the system.slice and user-.slice PSI monitoring
  this should result in a better systemd-oomd experience for desktop
  systems.
2022-09-30 14:49:03 +00:00
Zbigniew Jędrzejewski-Szmek
aac22baa3b Make systemd-devel conditionally pull in systemd-rpm-macros
If people BR:systemd-devel, they should get the macros too. It's a
tiny package, and we shouldn't require people to BR two things.

https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org/message/A5BGKRZVFDOBNMCBUPUCKLKHWEW5V2JE/
2022-09-29 10:22:45 +02:00
Neal Gompa
95413629b4 Manually bump release and add changelog for previous commit
C.f. https://pagure.io/fedora-infra/rpmautospec/pull-request/267

[skip changelog]
2022-08-19 15:49:11 -04:00
Neal Gompa
f5157f6a05 Set compile-time fallback hostname to "localhost"
This ensures that we have a universal unbranded fallback hostname.
The branded fallback hostname will be set in os-release(5) instead.

Reference: https://fedoraproject.org/wiki/Changes/FallbackHostname
2022-08-19 19:41:09 +00:00
Kalev Lember
76ce06c4a6 Manually bump release and add changelog for previous commit
C.f. https://pagure.io/fedora-infra/rpmautospec/pull-request/267

[skip changelog]
2022-08-19 14:44:43 +02:00
Kalev Lember
1e997acc65 Avoid requiring systemd-pam from -devel subpackage
Instead, add systemd-pam to pungi-fedora's multilib whitelist:
https://pagure.io/pungi-fedora/pull-request/1113

This should help with flatpak runtime packaging so that we can avoid
having to ship systemd-pam in the flatpak container.
2022-08-18 18:45:42 +02:00
Zbigniew Jędrzejewski-Szmek
aeb2225403 Manually bump release version for rpmautospec
C.f. https://pagure.io/releng/issue/10952.

[skip changelog]
2022-08-09 16:31:12 +02:00
Zbigniew Jędrzejewski-Szmek
89715a5ded Backport patches and do a full preset on first boot
... (#2114065,
https://fedoraproject.org/wiki/Changes/Preset_All_Systemd_Units_on_First_Boot)
2022-08-09 13:02:59 +02:00
Zbigniew Jędrzejewski-Szmek
fa3038d631 Version 251.4
... (fixes rhbz#2112551)
- A bunch of fixes to documentation, crashes in systemd-resolved,
  systemd-networkd, systemd itself, and other smaller fixes.
2022-08-08 13:10:27 +02:00
Zbigniew Jędrzejewski-Szmek
99fbfcd5a2 Convert to rpmautospec 2022-08-08 13:10:06 +02:00
Fedora Release Engineering
31a512dde1 Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild
Signed-off-by: Fedora Release Engineering <releng@fedoraproject.org>
2022-07-23 09:59:57 +00:00
Zbigniew Jędrzejewski-Szmek
8ed6e37eb4 Version 251.3 2022-07-14 09:48:35 +02:00
Zbigniew Jędrzejewski-Szmek
9e8220ffd3 Drop forgotten "temporary" workaround for #1663040 2022-07-13 15:06:22 +02:00
Zbigniew Jędrzejewski-Szmek
27c0d43eff Drop Obsoletes for systemd-standalone-{tmpfiles,sysusers}
It turns out that with the Obsoletes, dnf will just install the normal
systemd package if systemd-standalone-* is requested. The commit message
for b36512ad8f which added this says I tested
with local package builds (where it works), but not when going through the
full repo with all packages.

I'm adding the Provides instead, so that it's possible to request on or
the other more easily.
2022-07-03 21:31:40 +02:00
Zbigniew Jędrzejewski-Szmek
ee5cf7fbad Drop forward-secure-sealing code from sd-journal and tools
I asked on fedora-devel@, and the lone reply was from Matthew Miller
who tried it once when it was introduced and hasn't used it since.
Dropping this removes the last dependency on libgcrypt and libgpg-error
in libsystemd, significantly reducing our installation footprint.

Right now libmicrohttpd is still linked to libgcrypt, so
libsystemd-journal-remote subpackage will pull libgcrypt in.
2022-06-29 17:17:14 +02:00
Zbigniew Jędrzejewski-Szmek
fae302cf1d Revert "Add workaround for audit breakage"
This reverts commit a4d136e22a.

audit-3.0.8 is out, so this should be fixed now.
2022-06-29 08:37:59 +02:00
Zbigniew Jędrzejewski-Szmek
6af49ef1a1 Add patch to fix build on i686 2022-06-03 10:15:05 +02:00