Commit Graph

151 Commits

Author SHA1 Message Date
Michal Sekletar
7c593159af systemd-252-40
Resolves: RHEL-46339
2024-08-07 14:41:48 +02:00
Jan Macku
57b9bd38d3 systemd-252-39
Resolves: RHEL-30372,RHEL-33436,RHEL-44630,RHEL-36276
2024-07-17 12:44:37 +02:00
Jan Macku
4f97ea019f systemd-252-38
Resolves: RHEL-30372
2024-06-19 12:59:17 +02:00
Jan Macku
75aa201631 systemd-252-37
Resolves: RHEL-13159,RHEL-20322,RHEL-27512,RHEL-30372,RHEL-31070,RHEL-31219,RHEL-33890,RHEL-35703,RHEL-38864,RHEL-40878,RHEL-6589
2024-06-13 16:16:12 +02:00
Jan Macku
db6c9f7775 spec: return selinux dependencies
Resolves: RHEL-35732
2024-05-22 09:32:21 +02:00
Jan Macku
c86ff2aa72 systemd-252-34
Resolves: RHEL-30372,RHEL-33384,RHEL-36284,RHEL-36505
2024-05-20 10:24:35 +02:00
Jan Macku
e3a92f63d1 spec: remove selinux post-requires for python
Resolves: RHEL-35732
2024-05-15 09:49:02 +02:00
Jan Macku
d78b616bab spec: systemd-ukify should depend on systemd-boot
`systemd-ukify` requires `/usr/lib/systemd/boot/efi/{addonx64,linuxx64}.efi.stub` to work properly, e.g.

```
Traceback (most recent call last):
  File "/usr/bin/ukify", line 1660, in <module>
    main()
  File "/usr/bin/ukify", line 1648, in main
    check_inputs(opts)
  File "/usr/bin/ukify", line 390, in check_inputs
    value.open().close()
  File "/usr/lib64/python3.9/pathlib.py", line 1252, in open
    return io.open(self, mode, buffering, encoding, errors, newline,
  File "/usr/lib64/python3.9/pathlib.py", line 1120, in _opener
    return self._accessor.open(self, flags, mode)
FileNotFoundError: [Errno 2] No such file or directory: '/usr/lib/systemd/boot/efi/addonx64.efi.stub'
```

`/usr/lib/systemd/boot/efi/{addonx64,linuxx64}.efi.stub` are now contained in `systemd-boot-unsigned` sub-package so adding a dependency on it seems like the easiest solution.

Originally reported by: Vitaly Kuznetsov <vkuznets@redhat.com> in https://issues.redhat.com/browse/RHEL-33990

Signed-off-by: Jan Macku <jamacku@redhat.com>

(cherry picked from commit b9ec39c0efa664f18666c8c94140f3bbfb0bca3b)

Resolves: RHEL-33990
2024-05-02 14:12:56 +02:00
Jan Macku
ce6f3446e8 systemd-252-33
Resolves: RHEL-15501,RHEL-29430,RHEL-30372,RHEL-31783
2024-04-26 15:32:22 +02:00
Jan Macku
1a6d41c6ce spec: rebase rhel-net-naming-sysattrs to v0.5
Resolves: RHEL-29441
2024-03-18 13:29:43 +01:00
Jan Macku
a83ff382a5 systemd-252-31
Resolves: RHEL-16952
2024-03-15 14:22:25 +01:00
Jan Macku
fe8745ee78 systemd-252-30
Resolves: RHEL-26133,RHEL-26643
2024-03-11 14:28:31 +01:00
Jan Macku
bfeaf3ce4b systemd-252-29
Resolves: RHEL-16952
2024-02-26 08:28:57 +01:00
Jan Macku
bed495948c systemd-252-28
Resolves: RHEL-1086,RHEL-16952
2024-02-20 16:13:49 +01:00
Jan Macku
e5f65c3fc6 systemd-252-27
Resolves: RHEL-1086,RHEL-11591,RHEL-16182,RHEL-19483,RHEL-7026
2024-02-15 09:36:23 +01:00
Jan Macku
3e543ba0c0 spec: replace deprecated udevadm hwdb --update
Resolves: RHEL-23756
2024-02-08 14:45:09 +00:00
Jan Macku
e70f9cc65d spec: move systemd-oomd.conf to oomd subpackage
Resolves: RHEL-22430
2024-02-06 16:05:22 +01:00
Jan Macku
1e287bdc63 spec: update rhel-net-naming-sysattrs to v0.4
Resolves: RHEL-22278
2024-02-01 16:36:41 +01:00
Jan Macku
4c91fa82fc spec: update hwdb after installation of rhel-net-naming-sysattrs
Related: RHEL-22278
2024-01-31 14:52:51 +01:00
Jan Macku
68287ac528 spec: fix typo in description of rhel-net-naming-sysattrs
Related: RHEL-22278
2024-01-30 13:36:38 +01:00
Jan Macku
8fdd66f6a4 spec: add new package with RHEL-specific network naming sysattrs
Resolves: RHEL-22278
2024-01-30 09:30:56 +01:00
Jan Macku
d1be2e5c92 systemd-252-24
Resolves: RHEL-1086,RHEL-22427,RHEL-22443
2024-01-24 15:58:50 +01:00
Jan Macku
8e064030ef systemd-252-23
Resolves: RHEL-16354,RHEL-20757
2024-01-12 15:48:06 +01:00
Jan Macku
5718504336 systemd-252-22
Resolves: RHEL-1317,RHEL-19436,RHEL-6216
2024-01-08 09:48:02 +01:00
Zbigniew Jędrzejewski-Szmek
2090c56503 Backport patches to add ukify and 90-uki-copy.install
Resolves: RHEL-13199

Signed-off-by: Zbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl>
2023-12-11 22:04:36 +01:00
Jan Macku
484e7cdd90 systemd-252-21
Resolves: RHEL-13199,RHEL-5988,RHEL-6090
2023-12-11 15:54:06 +01:00
Jan Macku
2d3ff96397 spec: set SBAT URL to mailto:secalert@redhat.com
Resolves: RHEL-16810
2023-12-08 11:50:19 +00:00
Jan Macku
d3e892ecce systemd-252-20
Resolves: RHEL-13199,RHEL-16354,RHEL-5988
2023-12-08 10:00:06 +01:00
Jan Macku
14ddea439d systemd-252-19
Resolves: RHEL-1086,RHEL-11040,RHEL-5070,RHEL-7026
2023-11-13 14:52:30 +01:00
Jan Macku
ea71a49292 systemd-252-18
Resolves: #2161260,#2170883,#2178222,#2190226,#2209912,#2211065,#2213521,#2226980,#2230364,#2231845
2023-08-22 13:24:53 +02:00
Jan Macku
234ac58cb7 systemd-252-17
Resolves: #2210237,#2225667
2023-08-04 11:07:32 +02:00
Jan Macku
5f20544e0d systemd-252-16
Resolves: #2169959,#2170883,#2172509,#2176899,#2182632,#2193456,#2208240,#2210145,#2210237,#2212612,#2215412,#2218184,#2218886
2023-07-17 09:28:26 +02:00
Jan Macku
c8e795b373 pam: add a call to pam_namespace
A call to pam_namespace is required so that children of user@.service end up in
a namespace as expected. pam_namespace gets called as part of the stack that
creates a session (login, sshd, gdm, etc.) and those processes end up in a
namespace, but it also needs to be called from our stack which is parallel and
descends from pid1 itself.

The call to pam_namespace is similar to the call to pam_keyinit that was added
in ab79099. The pam stack for user@.service
creates a new session which is disconnected from the parent environment. Both
calls are not suitable for inclusion in the shared part of the stack (e.g.
@system-auth on Fedora/RHEL systems), because for example su/sudo/runuser
should not include them.

Fixes #17043 (Allow to execute user service into dedicated namespace
              if pam_namespace enabled)
Related to https://bugzilla.redhat.com/show_bug.cgi?id=1861836
(Polyinstantiation is ignored/bypassed in GNOME sessions)

rhel-only

Resolves: #2218184
2023-07-13 16:23:05 +02:00
Jan Macku
8478dae30b pam: add call to pam_umask
Setting umask for user sessions via UMASK setting in /etc/login.defs is
a well-known feature. Let's make sure that user manager also runs with
this umask value.

rhel-only

Resolves: #2210145
2023-07-13 16:19:01 +02:00
Jan Macku
e181f5306e pam: add pam_keyinit.so to systemd-user
rhel-only

Resolves: #2044486
2023-07-13 14:14:05 +00:00
Zbigniew Jędrzejewski-Szmek
66144f688d sysusers.generate-pre.sh: properly escape quotes in description strings
... (rhbz#2104141)

In the first version, I wanted to use POSIX quotes with $''. But that required
'printf %q', which brings in a dependency on coreutils.

Following mcr0mmand's suggestion, ${foo@Q} is used instead, which should work
equivalently, and does not require anything new.

Tested with 'sysusers.generate-pre.sh /usr/lib/sysusers.d/*conf'. The output is
the same before and after, apart from the dovecot user with a quote.

rhel-only

Resolves: #2217149
2023-06-29 15:29:04 +02:00
Zbigniew Jędrzejewski-Szmek
00374b7b6e sysusers.generate-pre.sh: fix indentation in generated scripts
We need to use a mix of spaces and tabs: the tabs are removed because of -EOF,
and then the spaces indent the output. Jesus.

rhel-only

Resolves: #2217149
2023-06-29 15:29:04 +02:00
Martin Osvald
b99e4e7874 Support user:group notation by sysusers.generate-pre.sh script
#Type Name       ID                  GECOS              Home directory Shell
u     user_name  uid:gid             "User Description" /home/dir      /path/to/shell

According to: https://www.freedesktop.org/software/systemd/man/sysusers.d.html

rhel-only

Resolves: #2217149
2023-06-29 15:27:54 +02:00
Zbigniew Jędrzejewski-Szmek
302add7ebd Fix indentation in %sysusers_create_compat macro (rhbz#2132835)
Automatic unindentation after <<-EOF only works with tabs. Jesus.

rhel-only

Resolves: #2217149
2023-06-29 15:24:37 +02:00
Luca BRUNO
7c2e28783a sysusers/generate: bridge 'm' entries to usermod
This tweaks the sysusers.d handling logic so that 'm' entries are
now translated to a series of groupadd + useradd + usermod call.
The last usermod call is the notable change, effectively affecting
the list of secondary groups now.

rhel-only

Resolves: #2217149
2023-06-29 15:24:30 +02:00
Luca BRUNO
83d62beefc Align sysusers-generated shell value with upstream systemd default
rhel-only

Resolves: #2217149
2023-06-29 15:24:24 +02:00
Zbigniew Jędrzejewski-Szmek
1a82a5d221 Supress errors from useradd/groupadd
rhel-only

Resolves: #2217149
2023-06-29 15:24:19 +02:00
Zbigniew Jędrzejewski-Szmek
eac5440e8e Shellcheckify sysusers.generate-pre.sh
There should be almost no functional change, but shellcheck complains
less. User/group descriptions with escaped characters are handled
properly.

rhel-only

Resolves: #2217149
2023-06-29 15:24:11 +02:00
Zbigniew Jędrzejewski-Szmek
42b42fd61e sysusers.generate-pre: indentation
rhel-only

Resolves: #2217149
2023-06-29 15:24:04 +02:00
Jacek Migacz
36f2f948cd spec: Append 'systemd' to nsswitch.conf only during install
Without that patch, on every package upgrade, a 'systemd' is forcibly appended
to passwd and group in nsswitch.conf which is not desirable for some customers.

It is required until authselect change introduction in RHEL.

RHEL-only

Resolves: #2176337
2023-05-29 11:31:10 +00:00
Jan Macku
96f92a96d3 systemd-252-15
Resolves: #2100440,#2143107,#2183546,#2203133
2023-05-18 13:38:48 +02:00
Jan Macku
2a07d74ee6 systemd-252-14
Resolves: #2176918,#2180120
2023-03-21 14:10:11 +01:00
Zbigniew Jędrzejewski-Szmek
6cce65c41b Move /usr/lib/systemd/boot/ to systemd-boot-unsigned subpackage
(cherry picked from commit 1a6178ce6e)

Resolves: #2176772
2023-03-09 10:30:51 +01:00
Zbigniew Jędrzejewski-Szmek
0802b86b22 Move man pages for sd-boot into systemd-boot-unsigned
(cherry picked from commit 7a81930dd2)

Resolves: #2176772
2023-03-09 10:30:35 +01:00
Jan Macku
54fa34c9c2 systemd-252-8
Resolves: #2173682
2023-02-27 17:36:21 +01:00