This might be more reliable when upgrading from an older systemd package. The
systemctl call to reexec will occasionally fail with "Access denied" when we
upgrade from a much older version (like 2-3 versions older). However, sending
PID 1 a SIGTERM is documented to be mostly the same and fixes it 100% of the
times.
Signed-off-by: Anita Zhang <the.anitazha@gmail.com>
Signed-off-by: Filipe Brandenburger <filbranden@gmail.com>
0002-Revert-units-set-NoNewPrivileges-for-all-long-runnin.patch was added exactly
a year ago because selinux policy needed to be updated. I think we can drop the
patch now.
Also drop part of 0998-resolved-create-etc-resolv.conf-symlink-at-runtime.patch:
the service runs as unprivileged user, so the creation cannot succeed. The other
part of the patch is kept.
systemd package numbering is completely different than
u2f-hidraw-policy, so I'm using a fixed number. "-40" is supposed to
be sufficiently high so that we stay higher and preserve the upgrade
path even if the package is updated in older releases.
sysctl, binfmt, and other rules are collected from multiple packages
and we don't want to see a report that systemd %triggerin failed.
So let's not silence the output, but use "|| :" to the trigger is
not reported as failed.
Also, adjust the udevadm check. In containers udevd might not be
running, even if systemd is, and we'd get:
Failed to send reload request: No such file or directory
https://bugzilla.redhat.com/show_bug.cgi?id=1698391
In principle systemd supports building without assertions for production,
but we want the assertions to be enabled to catch as many errors early as possible.
Also, let's remove the obsolete work-around for meson not showing logs. This
is already reverted upstream, but apparently not in the version of macros that
Fedora has.