c645a5a5e2
Resolves: RHEL-55132,RHEL-55728,RHEL-55734,RHEL-55746
1218 lines
47 KiB
RPMSpec
1218 lines
47 KiB
RPMSpec
#global commit 1781de18ab8ebc3e42a607851d8effb3b0355c87
|
||
%{?commit:%global shortcommit %(c=%{commit}; echo ${c:0:7})}
|
||
|
||
# We ship a .pc file but don't want to have a dep on pkg-config. We
|
||
# strip the automatically generated dep here and instead co-own the
|
||
# directory.
|
||
%global __requires_exclude pkg-config
|
||
|
||
%global pkgdir %{_prefix}/lib/systemd
|
||
%global system_unit_dir %{pkgdir}/system
|
||
%global user_unit_dir %{pkgdir}/user
|
||
|
||
%if 0%{?__isa_bits} == 64
|
||
%global elf_bits (64bit)
|
||
%global elf_suffix ()%{elf_bits}
|
||
%endif
|
||
|
||
%bcond bzip2 1
|
||
%bcond gnutls 1
|
||
%bcond lz4 1
|
||
%bcond xz 1
|
||
%bcond zlib 1
|
||
%bcond zstd 1
|
||
|
||
# Bootstrap may be needed to break circular dependencies with cryptsetup,
|
||
# e.g. when re-building cryptsetup on a json-c SONAME-bump.
|
||
%bcond bootstrap 0
|
||
%bcond tests 1
|
||
%bcond lto 1
|
||
%bcond docs 1
|
||
|
||
# Build from git main
|
||
%bcond upstream 0
|
||
|
||
# When bootstrap, libcryptsetup is disabled
|
||
# but auto-features causes many options to be turned on
|
||
# that depend on libcryptsetup (e.g. libcryptsetup-plugins)
|
||
%if %{with bootstrap}
|
||
%global __meson_auto_features disabled
|
||
%endif
|
||
|
||
# Override %%autorelease. This is ugly, but rpmautospec doesn't implement
|
||
# autorelease correctly if the macro is conditionalized in the Release field.
|
||
%{?release_override:%global autorelease %{release_override}%{?dist}}
|
||
|
||
Name: systemd
|
||
Url: https://systemd.io
|
||
# Allow users to specify the version and release when building the rpm by
|
||
# setting the %%version_override and %%release_override macros.
|
||
Version: %{?version_override}%{!?version_override:256}
|
||
Release: 13%{?dist}
|
||
|
||
%global stable %(c="%version"; [ "$c" = "${c#*.*}" ]; echo $?)
|
||
|
||
# For a breakdown of the licensing, see README
|
||
License: LGPL-2.1-or-later AND MIT AND GPL-2.0-or-later
|
||
Summary: System and Service Manager
|
||
|
||
# download tarballs with "spectool -g systemd.spec"
|
||
%if %{defined commit}
|
||
Source0: https://github.com/systemd/systemd/archive/%{commit}/%{name}-%{shortcommit}.tar.gz
|
||
%else
|
||
Source0: https://github.com/systemd/systemd/archive/v%{version_no_tilde}/%{name}-%{version_no_tilde}.tar.gz
|
||
%endif
|
||
# This file must be available before %%prep.
|
||
# It is generated during systemd build and can be found in build/src/core/.
|
||
Source1: triggers.systemd
|
||
Source2: split-files.py
|
||
Source3: purge-nobody-user
|
||
Source4: test_sysusers_defined.py
|
||
|
||
# Prevent accidental removal of the systemd package
|
||
Source5: yum-protect-systemd.conf
|
||
|
||
Source6: inittab
|
||
Source7: sysctl.conf.README
|
||
Source8: systemd-journal-remote.xml
|
||
Source9: systemd-journal-gatewayd.xml
|
||
Source10: 20-yama-ptrace.conf
|
||
Source11: systemd-udev-trigger-no-reload.conf
|
||
# https://fedoraproject.org/wiki/How_to_filter_libabigail_reports
|
||
Source13: .abignore
|
||
|
||
Source14: 10-oomd-defaults.conf
|
||
Source15: 10-oomd-per-slice-defaults.conf
|
||
|
||
Source17: 10-map-count.conf
|
||
|
||
Source21: macros.sysusers
|
||
Source22: sysusers.attr
|
||
Source23: sysusers.prov
|
||
Source24: sysusers.generate-pre.sh
|
||
|
||
Source25: 98-default-mac-none.link
|
||
|
||
%if 0
|
||
GIT_DIR=../../src/systemd/.git git format-patch-ab --no-signature -M -N v235..v235-stable
|
||
i=1; for j in 00*patch; do printf "Patch%04d: %s\n" $i $j; i=$((i+1));done|xclip
|
||
GIT_DIR=../../src/systemd/.git git diffab -M v233..master@{2017-06-15} -- hwdb/[67]* hwdb/parse_hwdb.py >hwdb.patch
|
||
%endif
|
||
|
||
# Backports of patches from upstream (0000–0499)
|
||
#
|
||
# Any patches which are "in preparation" upstream should be listed here, rather
|
||
# than in the next section. Packit CI will drop any patches in this range before
|
||
# applying upstream pull requests.
|
||
|
||
# RHEL-specific
|
||
Patch0001: 0001-Create-CNAME.patch
|
||
Patch0002: 0002-man-systemd-reorder-content-a-bit.patch
|
||
Patch0003: 0003-hostnamed-don-t-allow-hostnamed-to-exit-on-idle-if-v.patch
|
||
Patch0004: 0004-sd-dhcp-server-clear-buffer-before-receive.patch
|
||
Patch0005: 0005-rules-Limit-the-number-of-device-units-generated-for.patch
|
||
Patch0006: 0006-strbuf-use-GREEDY_REALLOC-to-grow-the-buffer.patch
|
||
Patch0007: 0007-tpm2-setup-Don-t-fail-if-we-can-t-access-the-TPM-due.patch
|
||
Patch0008: 0008-resolved-permit-dnssec-rrtype-questions-when-we-aren.patch
|
||
Patch0009: 0009-repart-Use-crypt_reencrypt_run-if-available.patch
|
||
Patch0010: 0010-test-dump-a-simple-summary-at-the-end-of-TEST-02-UNI.patch
|
||
Patch0011: 0011-repart-Use-CRYPT_ACTIVATE_PRIVATE.patch
|
||
Patch0012: 0012-NEWS-note-that-new-stable-releases-will-be-in-the-ma.patch
|
||
Patch0013: 0013-shell-completion-only-offer-devices-for-completion.patch
|
||
Patch0014: 0014-CODING_STYLE-document-reterr_-return-parameters.patch
|
||
Patch0015: 0015-analyze-show-pcrs-also-in-sha384-bank.patch
|
||
Patch0016: 0016-fundamental-declare-flex-array-updated-for-gcc15-and.patch
|
||
Patch0017: 0017-man-add-a-bit-of-a-warning-to-systemd-tmpfiles-purge.patch
|
||
Patch0018: 0018-man-units-drop-temporary-from-description-of-systemd.patch
|
||
Patch0019: 0019-mkosi-enable-unprivileged-user-ns-for-integration-te.patch
|
||
Patch0020: 0020-mkosi-use-ports.ubuntu.com-for-non-x86-backports.patch
|
||
Patch0021: 0021-mkosi-install-EFI-packages-only-on-EFI-architectures.patch
|
||
Patch0022: 0022-test-check-the-skip-condition-before-installing-addi.patch
|
||
Patch0023: 0023-test-drop-unneeded-firmware-uefi-setting.patch
|
||
Patch0024: 0024-test-drop-obsolete-comment.patch
|
||
Patch0025: 0025-test-support-TEST_NO_KVM.patch
|
||
Patch0026: 0026-test-support-TEST_NO_QEMU-in-mkosi-integration-wrapp.patch
|
||
Patch0027: 0027-test-use-auto-instead-of-uefi-for-automated-fallback.patch
|
||
Patch0028: 0028-core-service-fix-accept-socket-deserialization.patch
|
||
Patch0029: 0029-test-network-mention-that-the-captive-portal-option-.patch
|
||
Patch0030: 0030-CI-disable-secure-boot-in-mkosi-GHA-runs.patch
|
||
Patch0031: 0031-mkosi-bump-to-latest.patch
|
||
Patch0032: 0032-NEWS-fix-typo.patch
|
||
Patch0033: 0033-install-allow-removing-symlinks-even-for-units-that-.patch
|
||
Patch0034: 0034-tmpfiles-honour-dry-run-when-removing-directories.patch
|
||
Patch0035: 0035-tmpfiles-insist-on-at-least-one-configuration-file-b.patch
|
||
Patch0036: 0036-tmpfiles-move-purge-to-command-section-in-help-text-.patch
|
||
Patch0037: 0037-mkosi-restrict-noble-backports-to-noble-builds.patch
|
||
Patch0038: 0038-repart-fix-memory-leak.patch
|
||
Patch0039: 0039-logs-show-do-not-use-_SOURCE_MONOTONIC_TIMESTAMP-fie.patch
|
||
Patch0040: 0040-ci-update-workflows-to-run-on-source-git-setup.patch
|
||
Patch0041: 0041-ci-setup-source-git-automation.patch
|
||
Patch0042: 0042-ci-deploy-systemd-man-to-GitHub-Pages.patch
|
||
Patch0043: 0043-ci-reconfigure-Packit-for-RHEL-10.patch
|
||
Patch0044: 0044-ci-allow-to-pass-parameters-together-with-rhel-only-.patch
|
||
Patch0045: 0045-journal-again-create-user-journals-for-users-with-hi.patch
|
||
Patch0046: 0046-tmpfiles-make-purge-hard-to-mis-use.patch
|
||
Patch0047: 0047-fedora-use-system-auth-in-pam-systemd-user.patch
|
||
Patch0048: 0048-net-naming-scheme-start-rhel10-naming-and-include-rh.patch
|
||
Patch0049: 0049-rules-copy-40-redhat.rules-from-RHEL-9.patch
|
||
Patch0050: 0050-logind-set-RemoveIPC-to-false-by-default.patch
|
||
Patch0051: 0051-tmpfiles-don-t-create-resolv.conf-stub-resolv.conf-s.patch
|
||
Patch0052: 0052-rc-local-order-after-network-online.target.patch
|
||
Patch0053: 0053-random-util-increase-random-seed-size-to-1024.patch
|
||
Patch0054: 0054-journal-don-t-enable-systemd-journald-audit.socket-b.patch
|
||
Patch0055: 0055-journald.conf-don-t-touch-current-audit-settings.patch
|
||
Patch0056: 0056-rules-add-elevator-kernel-command-line-parameter.patch
|
||
Patch0057: 0057-pid1-bump-DefaultTasksMax-to-80-of-the-kernel-pid.ma.patch
|
||
Patch0058: 0058-udev-net-setup-link-change-the-default-MACAddressPol.patch
|
||
Patch0059: 0059-core-decrease-log-level-of-messages-about-use-of-Kil.patch
|
||
Patch0060: 0060-meson-rename-libbasic-to-libbasic_static.patch
|
||
Patch0061: 0061-meson-build-libsystemd-core-via-an-intermediate-stat.patch
|
||
Patch0062: 0062-meson-add-option-to-build-systemd-executor-staticall.patch
|
||
Patch0063: 0063-taint-remove-unmerged-bin.patch
|
||
Patch0064: 0064-presets-remove-resolved.patch
|
||
Patch0065: 0065-doc-add-downstream-CONTRIBUTING-document.patch
|
||
Patch0066: 0066-ci-allow-policy-as-rhel-only-keyword.patch
|
||
Patch0067: 0067-ci-run-mkosi-test-only-for-Fedora-and-CentOS-Stream.patch
|
||
Patch0068: 0068-taint-remove-unused-variable-usr_sbin.patch
|
||
Patch0069: 0069-packit-drop-the-libarchive-workaround.patch
|
||
Patch0070: 0070-packit-drop-the-dependency-on-python3-zstd.patch
|
||
Patch0071: 0071-coredump-by-default-process-and-store-core-files-up-.patch
|
||
Patch0072: 0072-Avoid-tmp-being-mounted-as-tmpfs-without-the-user-s-.patch
|
||
Patch0073: 0073-unit-don-t-add-Requires-for-tmp.mount.patch
|
||
Patch0074: 0074-units-add-Install-section-to-tmp.mount.patch
|
||
Patch0075: 0075-units-don-t-enable-tmp.mount-statically-in-local-fs..patch
|
||
Patch0076: 0076-netif-naming-scheme-add-rhel-9.5-scheme.patch
|
||
Patch0077: 0077-udev-builtin-net_id-use-firmware_node-sun-for-ID_NET.patch
|
||
Patch0078: 0078-man-net-naming-scheme-add-missing-period.patch
|
||
Patch0079: 0079-Revert-packit-drop-the-dependency-on-python3-zstd.patch
|
||
Patch0080: 0080-systemctl-do-not-try-to-acquire-triggering-units-for.patch
|
||
Patch0081: 0081-core-unit-add-one-assertion-for-u-manager.patch
|
||
Patch0082: 0082-core-service-destroy-runtime-data-when-Type-oneshot-.patch
|
||
Patch0083: 0083-cgroup-util-Ignore-kernel-threads-in-cg_kill_items.patch
|
||
Patch0084: 0084-cgroup-util-Don-t-try-to-open-pidfd-for-kernel-threa.patch
|
||
Patch0085: 0085-cgroup-util-fix-typo.patch
|
||
Patch0086: 0086-netif-naming-scheme-rename-rhel-10.0-to-rhel-10.0.be.patch
|
||
Patch0087: 0087-net-naming-scheme-disable-NAMING_FIRMWARE_NODE_SUN.patch
|
||
Patch0088: 0088-net-naming-scheme-remove-NAMING_FIRMWARE_NODE_SUN-fr.patch
|
||
|
||
# Downstream-only patches (9000–9999)
|
||
|
||
%ifarch %{ix86} x86_64 aarch64 riscv64
|
||
%global want_bootloader 1
|
||
%endif
|
||
|
||
BuildRequires: gcc
|
||
BuildRequires: gcc-c++
|
||
BuildRequires: clang
|
||
BuildRequires: coreutils
|
||
BuildRequires: libcap-devel
|
||
BuildRequires: libmount-devel
|
||
BuildRequires: libfdisk-devel
|
||
BuildRequires: libpwquality-devel
|
||
BuildRequires: pam-devel
|
||
BuildRequires: libselinux-devel
|
||
BuildRequires: audit-libs-devel
|
||
%if %{without bootstrap}
|
||
BuildRequires: cryptsetup-devel
|
||
%endif
|
||
BuildRequires: dbus-devel
|
||
BuildRequires: util-linux
|
||
# /usr/bin/getfacl is needed by test-acl-util
|
||
BuildRequires: acl
|
||
BuildRequires: libacl-devel
|
||
BuildRequires: gobject-introspection-devel
|
||
BuildRequires: libblkid-devel
|
||
%if %{with xz}
|
||
BuildRequires: xz-devel
|
||
BuildRequires: xz
|
||
%endif
|
||
%if %{with lz4}
|
||
BuildRequires: lz4-devel
|
||
BuildRequires: lz4
|
||
%endif
|
||
%if %{with bzip2}
|
||
BuildRequires: bzip2-devel
|
||
%endif
|
||
%if %{with zstd}
|
||
BuildRequires: libzstd-devel
|
||
%endif
|
||
BuildRequires: libidn2-devel
|
||
BuildRequires: libcurl-devel
|
||
BuildRequires: kmod-devel
|
||
BuildRequires: elfutils-devel
|
||
BuildRequires: openssl-devel
|
||
%if %{with gnutls}
|
||
BuildRequires: gnutls-devel
|
||
%endif
|
||
%if %{undefined rhel}
|
||
BuildRequires: qrencode-devel
|
||
%endif
|
||
BuildRequires: libmicrohttpd-devel
|
||
BuildRequires: libxkbcommon-devel
|
||
BuildRequires: iptables-devel
|
||
BuildRequires: pkgconfig(bash-completion)
|
||
BuildRequires: pkgconfig(libarchive)
|
||
BuildRequires: pkgconfig(libfido2)
|
||
BuildRequires: pkgconfig(tss2-esys)
|
||
BuildRequires: pkgconfig(tss2-rc)
|
||
BuildRequires: pkgconfig(tss2-mu)
|
||
BuildRequires: pkgconfig(libbpf)
|
||
BuildRequires: systemtap-sdt-devel
|
||
%if %{with docs}
|
||
BuildRequires: libxslt
|
||
BuildRequires: docbook-style-xsl
|
||
%endif
|
||
BuildRequires: pkgconfig
|
||
BuildRequires: gperf
|
||
BuildRequires: gawk
|
||
BuildRequires: tree
|
||
BuildRequires: hostname
|
||
BuildRequires: python3
|
||
BuildRequires: python3-devel
|
||
BuildRequires: python3dist(jinja2)
|
||
BuildRequires: python3dist(lxml)
|
||
BuildRequires: python3dist(pefile)
|
||
%if %{undefined rhel}
|
||
BuildRequires: python3dist(pillow)
|
||
BuildRequires: python3dist(pytest-flakes)
|
||
%endif
|
||
BuildRequires: python3dist(pytest)
|
||
BuildRequires: python3dist(zstd)
|
||
%if 0%{?want_bootloader}
|
||
BuildRequires: python3dist(pyelftools)
|
||
%endif
|
||
# gzip and lzma are provided by the stdlib
|
||
BuildRequires: firewalld-filesystem
|
||
BuildRequires: libseccomp-devel
|
||
BuildRequires: meson >= 0.43
|
||
BuildRequires: gettext
|
||
# We use RUNNING_ON_VALGRIND in tests, so the headers need to be available
|
||
%ifarch %{valgrind_arches}
|
||
BuildRequires: valgrind-devel
|
||
%endif
|
||
|
||
%ifnarch %ix86
|
||
# bpftool is not built for i368
|
||
BuildRequires: bpftool
|
||
%global have_bpf 1
|
||
%endif
|
||
|
||
%if 0%{?fedora}
|
||
%ifarch x86_64 aarch64
|
||
%global have_xen 1
|
||
# That package is only built for those two architectures
|
||
BuildRequires: xen-devel
|
||
%endif
|
||
%endif
|
||
|
||
Requires(post): coreutils
|
||
Requires(post): grep
|
||
# systemd-machine-id-setup requires libssl
|
||
Requires(post): openssl-libs
|
||
Requires: dbus >= 1.9.18
|
||
Requires: %{name}-pam%{_isa} = %{version}-%{release}
|
||
Requires(meta): (%{name}-rpm-macros = %{version}-%{release} if rpm-build)
|
||
Requires: %{name}-libs%{_isa} = %{version}-%{release}
|
||
%{?fedora:Recommends: %{name}-resolved = %{version}-%{release}}
|
||
Recommends: diffutils
|
||
Requires: (util-linux-core or util-linux)
|
||
Recommends: libxkbcommon%{_isa}
|
||
Provides: /bin/systemctl
|
||
Provides: /sbin/shutdown
|
||
Provides: syslog
|
||
Provides: systemd-units = %{version}-%{release}
|
||
Obsoletes: system-setup-keyboard < 0.9
|
||
Provides: system-setup-keyboard = 0.9
|
||
# systemd-sysv-convert was removed in f20: https://fedorahosted.org/fpc/ticket/308
|
||
Obsoletes: systemd-sysv < 206
|
||
# self-obsoletes so that dnf will install new subpackages on upgrade (#1260394)
|
||
Obsoletes: %{name} < 249~~
|
||
Provides: systemd-sysv = 206
|
||
Conflicts: initscripts < 9.56.1
|
||
%if 0%{?fedora}
|
||
Conflicts: fedora-release < 23-0.12
|
||
%endif
|
||
%if 0%{?fedora} >= 41
|
||
BuildRequires: setup >= 2.15.0-3
|
||
BuildRequires: python3
|
||
Conflicts: setup < 2.15.0-3
|
||
Conflicts: selinux-policy-any < 41.1
|
||
%endif
|
||
|
||
%if 0%{?fedora} >= 41
|
||
# Make sure that dracut supports systemd-executor and the renames done for v255,
|
||
# and dlopen libraries and read-only fs in initrd.
|
||
Conflicts: dracut < 060-2
|
||
%else
|
||
# Make sure that dracut supports systemd-executor and the renames done for v255.
|
||
Conflicts: dracut < 059-16
|
||
%endif
|
||
|
||
Obsoletes: timedatex < 0.6-3
|
||
Provides: timedatex = 0.6-3
|
||
Provides: %{name}-tmpfiles = %{version}-%{release}
|
||
Provides: %{name}-sysusers = %{version}-%{release}
|
||
Provides: %{name}-shutdown = %{version}-%{release}
|
||
|
||
# Recommends to replace normal Requires deps for stuff that is dlopen()ed
|
||
Recommends: libidn2.so.0%{?elf_suffix}
|
||
Recommends: libidn2.so.0(IDN2_0.0.0)%{?elf_bits}
|
||
Recommends: libpcre2-8.so.0%{?elf_suffix}
|
||
Recommends: libpwquality.so.1%{?elf_suffix}
|
||
Recommends: libpwquality.so.1(LIBPWQUALITY_1.0)%{?elf_bits}
|
||
%if %{undefined rhel}
|
||
Recommends: libqrencode.so.4%{?elf_suffix}
|
||
%endif
|
||
Recommends: libbpf.so.1%{?elf_suffix}
|
||
Recommends: libbpf.so.1(LIBBPF_0.4.0)%{?elf_bits}
|
||
|
||
# used by systemd-coredump and systemd-analyze
|
||
Recommends: libdw.so.1%{?elf_suffix}
|
||
Recommends: libdw.so.1(ELFUTILS_0.186)%{?elf_bits}
|
||
Recommends: libelf.so.1%{?elf_suffix}
|
||
Recommends: libelf.so.1(ELFUTILS_1.7)%{?elf_bits}
|
||
|
||
# used by dissect, integritysetup, veritysetyp, growfs, repart, cryptenroll, home
|
||
Recommends: libcryptsetup.so.12%{?elf_suffix}
|
||
Recommends: libcryptsetup.so.12(CRYPTSETUP_2.4)%{?elf_bits}
|
||
|
||
# Libkmod is used to load modules.
|
||
Recommends: libkmod.so.2%{?elf_suffix}
|
||
# kmod_list_next, kmod_load_resources, kmod_module_get_initstate,
|
||
# kmod_module_get_module, kmod_module_get_name, kmod_module_new_from_lookup,
|
||
# kmod_module_probe_insert_module, kmod_module_unref, kmod_module_unref_list,
|
||
# kmod_new, kmod_set_log_fn, kmod_unref, kmod_validate_resources
|
||
# are part of LIBKMOD_5.
|
||
Recommends: libkmod.so.2(LIBKMOD_5)%{?elf_bits}
|
||
|
||
Recommends: libarchive.so.13%{?elf_suffix}
|
||
|
||
%description
|
||
systemd is a system and service manager that runs as PID 1 and starts the rest
|
||
of the system. It provides aggressive parallelization capabilities, uses socket
|
||
and D-Bus activation for starting services, offers on-demand starting of
|
||
daemons, keeps track of processes using Linux control groups, maintains mount
|
||
and automount points, and implements an elaborate transactional dependency-based
|
||
service control logic. systemd supports SysV and LSB init scripts and works as a
|
||
replacement for sysvinit. Other parts of this package are a logging daemon,
|
||
utilities to control basic system configuration like the hostname, date, locale,
|
||
maintain a list of logged-in users, system accounts, runtime directories and
|
||
settings, and a logging daemons.
|
||
%if 0%{?stable}
|
||
This package was built from the %(c=%version; echo "v${c%.*}-stable") branch of systemd.
|
||
%endif
|
||
|
||
%package libs
|
||
Summary: systemd libraries
|
||
License: LGPL-2.1-or-later AND MIT
|
||
Obsoletes: libudev < 183
|
||
Obsoletes: systemd < 185-4
|
||
Conflicts: systemd < 185-4
|
||
Obsoletes: systemd-compat-libs < 230
|
||
Obsoletes: nss-myhostname < 0.4
|
||
Provides: nss-myhostname = 0.4
|
||
Provides: nss-myhostname%{_isa} = 0.4
|
||
|
||
%description libs
|
||
Libraries for systemd and udev.
|
||
|
||
%package pam
|
||
Summary: systemd PAM module
|
||
Requires: %{name} = %{version}-%{release}
|
||
|
||
%description pam
|
||
Systemd PAM module registers the session with systemd-logind.
|
||
|
||
%package rpm-macros
|
||
Summary: Macros that define paths and scriptlets related to systemd
|
||
BuildArch: noarch
|
||
|
||
%description rpm-macros
|
||
Just the definitions of rpm macros.
|
||
|
||
See
|
||
https://docs.fedoraproject.org/en-US/packaging-guidelines/Scriptlets/#_systemd
|
||
for information how to use those macros.
|
||
|
||
%package devel
|
||
Summary: Development headers for systemd
|
||
License: LGPL-2.1-or-later AND MIT
|
||
Requires: %{name}-libs%{_isa} = %{version}-%{release}
|
||
Requires(meta): (%{name}-rpm-macros = %{version}-%{release} if rpm-build)
|
||
Provides: libudev-devel = %{version}
|
||
Provides: libudev-devel%{_isa} = %{version}
|
||
Obsoletes: libudev-devel < 183
|
||
|
||
%description devel
|
||
Development headers and auxiliary files for developing applications linking
|
||
to libudev or libsystemd.
|
||
|
||
%package udev
|
||
Summary: Rule-based device node and kernel event manager
|
||
License: LGPL-2.1-or-later
|
||
|
||
Requires: systemd%{_isa} = %{version}-%{release}
|
||
Requires(post): systemd%{_isa} = %{version}-%{release}
|
||
Requires(preun): systemd%{_isa} = %{version}-%{release}
|
||
Requires(postun): systemd%{_isa} = %{version}-%{release}
|
||
Requires(post): grep
|
||
Requires: kmod >= 18-4
|
||
# https://bodhi.fedoraproject.org/updates/FEDORA-2020-dd43dd05b1
|
||
Obsoletes: systemd < 245.6-1
|
||
Provides: udev = %{version}
|
||
Provides: udev%{_isa} = %{version}
|
||
Obsoletes: udev < 183
|
||
Requires: (grubby > 8.40-72 if grubby)
|
||
Requires: (sdubby > 1.0-3 if sdubby)
|
||
|
||
# Libkmod is used to load modules. Assume that if we need udevd, we certainly
|
||
# want to load modules, so make this into a hard dependency here.
|
||
Requires: libkmod.so.2%{?elf_suffix}
|
||
Requires: libkmod.so.2(LIBKMOD_5)%{?elf_bits}
|
||
|
||
# Recommends to replace normal Requires deps for stuff that is dlopen()ed
|
||
# used by dissect, integritysetup, veritysetyp, growfs, repart, cryptenroll, home
|
||
Recommends: libcryptsetup.so.12%{?elf_suffix}
|
||
Recommends: libcryptsetup.so.12(CRYPTSETUP_2.4)%{?elf_bits}
|
||
|
||
# used by systemd-coredump and systemd-analyze
|
||
Recommends: libdw.so.1%{?elf_suffix}
|
||
Recommends: libdw.so.1(ELFUTILS_0.186)%{?elf_bits}
|
||
Recommends: libelf.so.1%{?elf_suffix}
|
||
Recommends: libelf.so.1(ELFUTILS_1.7)%{?elf_bits}
|
||
|
||
# used by home, cryptsetup, cryptenroll, logind
|
||
Recommends: libfido2.so.1%{?elf_suffix}
|
||
Recommends: libp11-kit.so.0%{?elf_suffix}
|
||
Recommends: libtss2-esys.so.0%{?elf_suffix}
|
||
Recommends: libtss2-mu.so.0%{?elf_suffix}
|
||
Recommends: libtss2-rc.so.0%{?elf_suffix}
|
||
|
||
# https://bugzilla.redhat.com/show_bug.cgi?id=1377733#c9
|
||
Suggests: systemd-bootchart
|
||
# https://bugzilla.redhat.com/show_bug.cgi?id=1408878
|
||
Requires: kbd
|
||
|
||
# https://bugzilla.redhat.com/show_bug.cgi?id=1753381
|
||
Provides: u2f-hidraw-policy = 1.0.2-40
|
||
Obsoletes: u2f-hidraw-policy < 1.0.2-40
|
||
|
||
# self-obsoletes to install both packages after split of systemd-boot
|
||
Obsoletes: systemd-udev < 252.2^
|
||
|
||
Provides: %{name}-repart = %{version}-%{release}
|
||
|
||
%description udev
|
||
This package contains systemd-udev and the rules and hardware database needed to
|
||
manage device nodes. This package is necessary on physical machines and in
|
||
virtual machines, but not in containers.
|
||
|
||
This package also provides systemd-timesyncd, a network time protocol daemon.
|
||
|
||
It also contains tools to manage encrypted home areas and secrets bound to the
|
||
machine, and to create or grow partitions and make file systems automatically.
|
||
|
||
%if 0%{?want_bootloader}
|
||
%package ukify
|
||
Summary: Tool to build Unified Kernel Images
|
||
Requires: %{name} = %{version}-%{release}
|
||
|
||
Requires: systemd-boot
|
||
Requires: python3dist(pefile)
|
||
Requires: python3dist(zstd)
|
||
Requires: python3dist(cryptography)
|
||
Recommends: python3dist(pillow)
|
||
|
||
# for tests
|
||
%ifarch riscv64
|
||
# 2.42 received support for riscv64 + efi targets
|
||
%global binutils_version_req >= 2.42
|
||
%endif
|
||
BuildRequires: binutils %{?binutils_version_req}
|
||
|
||
%description ukify
|
||
This package provides ukify, a script that combines a kernel image, an initrd,
|
||
with a command line, and possibly PCR measurements and other metadata, into a
|
||
Unified Kernel Image (UKI).
|
||
|
||
%package boot-unsigned
|
||
Summary: UEFI boot manager (unsigned version)
|
||
|
||
Provides: systemd-boot-unsigned-%{efi_arch} = %version-%release
|
||
Provides: systemd-boot = %version-%release
|
||
Provides: systemd-boot%{_isa} = %version-%release
|
||
# A provides with just the version, no release or dist, used to build systemd-boot
|
||
Provides: version(systemd-boot-unsigned) = %version
|
||
Provides: version(systemd-boot-unsigned)%{_isa} = %version
|
||
|
||
# self-obsoletes to install both packages after split of systemd-boot
|
||
Obsoletes: systemd-udev < 252.2^
|
||
|
||
%description boot-unsigned
|
||
systemd-boot (short: sd-boot) is a simple UEFI boot manager. It provides a
|
||
graphical menu to select the entry to boot and an editor for the kernel command
|
||
line. systemd-boot supports systems with UEFI firmware only.
|
||
|
||
This package contains the unsigned version. Install systemd-boot instead to get
|
||
the version that works with Secure Boot.
|
||
%endif
|
||
|
||
%package container
|
||
# Name is the same as in Debian
|
||
Summary: Tools for containers and VMs
|
||
Requires: %{name}%{_isa} = %{version}-%{release}
|
||
Requires(post): systemd%{_isa} = %{version}-%{release}
|
||
Requires(preun): systemd%{_isa} = %{version}-%{release}
|
||
Requires(postun): systemd%{_isa} = %{version}-%{release}
|
||
# obsolete parent package so that dnf will install new subpackage on upgrade (#1260394)
|
||
Obsoletes: %{name} < 229-5
|
||
# Bias the system towards libcurl-minimal if nothing pulls in full libcurl (#1997040)
|
||
Suggests: libcurl-minimal
|
||
License: LGPL-2.1-or-later
|
||
|
||
%description container
|
||
Systemd tools to spawn and manage containers and virtual machines.
|
||
|
||
This package contains systemd-nspawn, systemd-vmspawn, machinectl,
|
||
systemd-machined, and systemd-importd.
|
||
|
||
%package journal-remote
|
||
# Name is the same as in Debian
|
||
Summary: Tools to send journal events over the network
|
||
Requires: %{name}%{_isa} = %{version}-%{release}
|
||
License: LGPL-2.1-or-later
|
||
Requires: firewalld-filesystem
|
||
Provides: %{name}-journal-gateway = %{version}-%{release}
|
||
Provides: %{name}-journal-gateway%{_isa} = %{version}-%{release}
|
||
Obsoletes: %{name}-journal-gateway < 227-7
|
||
# Bias the system towards libcurl-minimal if nothing pulls in full libcurl (#1997040)
|
||
Suggests: libcurl-minimal
|
||
|
||
%description journal-remote
|
||
Programs to forward journal entries over the network, using encrypted HTTP, and
|
||
to write journal files from serialized journal contents.
|
||
|
||
This package contains systemd-journal-gatewayd, systemd-journal-remote, and
|
||
systemd-journal-upload.
|
||
|
||
%package resolved
|
||
Summary: Network Name Resolution manager
|
||
Requires: %{name}%{_isa} = %{version}-%{release}
|
||
Obsoletes: %{name} < 249~~
|
||
Requires: libidn2.so.0%{?elf_suffix}
|
||
Requires: libidn2.so.0(IDN2_0.0.0)%{?elf_bits}
|
||
Requires(posttrans): grep
|
||
|
||
%description resolved
|
||
systemd-resolved is a system service that provides network name resolution to
|
||
local applications. It implements a caching and validating DNS/DNSSEC stub
|
||
resolver, as well as an LLMNR and MulticastDNS resolver and responder.
|
||
|
||
%package oomd
|
||
Summary: A userspace out-of-memory (OOM) killer
|
||
Requires: %{name}-udev = %{version}-%{release}
|
||
Provides: %{name}-oomd-defaults = %{version}-%{release}
|
||
License: LGPL-2.1-or-later
|
||
|
||
%description oomd
|
||
systemd-oomd is a system service that uses cgroups-v2 and pressure stall
|
||
information (PSI) to monitor and take action on processes before an OOM
|
||
occurs in kernel space.
|
||
|
||
%prep
|
||
%autosetup -n %{?commit:%{name}-%{commit}}%{!?commit:%{name}-%{version_no_tilde}} -p1
|
||
|
||
%build
|
||
%global ntpvendor %(source /etc/os-release; echo ${ID})
|
||
%{!?ntpvendor: echo 'NTP vendor zone is not set!'; exit 1}
|
||
|
||
CONFIGURE_OPTS=(
|
||
-Dmode=%[%{with upstream}?"developer":"release"]
|
||
-Dsysvinit-path=/etc/rc.d/init.d
|
||
-Drc-local=/etc/rc.d/rc.local
|
||
-Ddns-servers=
|
||
-Duser-path=/usr/local/bin:/usr/local/sbin:/usr/bin:/usr/sbin
|
||
-Dservice-watchdog=3min
|
||
-Ddev-kvm-mode=0666
|
||
-Dkmod=enabled
|
||
-Dxkbcommon=enabled
|
||
-Dblkid=enabled
|
||
-Dfdisk=enabled
|
||
-Dseccomp=enabled
|
||
-Dima=true
|
||
-Dselinux=enabled
|
||
-Dbpf-framework=%[0%{?have_bpf}?"enabled":"disabled"]
|
||
-Dapparmor=disabled
|
||
-Dpolkit=enabled
|
||
-Dxz=%[%{with xz}?"enabled":"disabled"]
|
||
-Dzlib=%[%{with zlib}?"enabled":"disabled"]
|
||
-Dbzip2=%[%{with bzip2}?"enabled":"disabled"]
|
||
-Dlz4=%[%{with lz4}?"enabled":"disabled"]
|
||
-Dzstd=%[%{with zstd}?"enabled":"disabled"]
|
||
-Dpam=enabled
|
||
-Dacl=enabled
|
||
-Dsmack=true
|
||
-Dopenssl=enabled
|
||
-Dcryptolib=openssl
|
||
-Dp11kit=enabled
|
||
-Dgcrypt=disabled
|
||
-Daudit=enabled
|
||
-Delfutils=enabled
|
||
-Dlibcryptsetup=%[%{with bootstrap}?"disabled":"enabled"]
|
||
-Delfutils=enabled
|
||
-Drepart=enabled
|
||
-Dpwquality=enabled
|
||
-Dqrencode=%[%{defined rhel}?"disabled":"enabled"]
|
||
-Dmicrohttpd=enabled
|
||
-Dlibiptc=disabled
|
||
-Dlibcurl=enabled
|
||
-Dlibfido2=enabled
|
||
-Dxenctrl=%[0%{?have_xen}?"enabled":"disabled"]
|
||
-Defi=true
|
||
-Dtpm=true
|
||
-Dtpm2=enabled
|
||
-Dhwdb=true
|
||
-Dsysusers=true
|
||
-Ddefault-kill-user-processes=false
|
||
-Dfirst-boot-full-preset=true
|
||
-Ddefault-network=true
|
||
-Dtests=unsafe
|
||
-Dinstall-tests=false
|
||
-Dnobody-user=nobody
|
||
-Dnobody-group=nobody
|
||
-Dcompat-mutable-uid-boundaries=true
|
||
-Dsplit-bin=true
|
||
-Db_ndebug=false
|
||
-Dman=%[%{with docs}?"enabled":"disabled"]
|
||
-Dversion-tag=%{version}%[%{without upstream}?"-%{release}":""]
|
||
# https://bugzilla.redhat.com/show_bug.cgi?id=1906010
|
||
-Dshared-lib-tag=%{version_no_tilde}%[%{without upstream}?"-%{release}":""]
|
||
-Dlink-executor-shared=false
|
||
-Dfallback-hostname="localhost"
|
||
-Ddefault-dnssec=no
|
||
-Ddefault-dns-over-tls=no
|
||
# https://bugzilla.redhat.com/show_bug.cgi?id=1867830
|
||
-Ddefault-mdns=no
|
||
# https://bugzilla.redhat.com/show_bug.cgi?id=2028169
|
||
-Dstatus-unit-format-default=combined
|
||
-Dconfigfiledir=/usr/lib
|
||
-Doomd=true
|
||
|
||
-Dadm-gid=4
|
||
-Dtty-gid=5
|
||
-Ddisk-gid=6
|
||
-Dlp-gid=7
|
||
-Dkmem-gid=9
|
||
-Dwheel-gid=10
|
||
-Dcdrom-gid=11
|
||
-Ddialout-gid=18
|
||
-Dutmp-gid=22
|
||
-Dtape-gid=33
|
||
-Dkvm-gid=36
|
||
-Dvideo-gid=39
|
||
-Daudio-gid=63
|
||
-Dusers-gid=100
|
||
-Dinput-gid=104
|
||
-Drender-gid=105
|
||
-Dsgx-gid=106
|
||
-Dsystemd-journal-gid=190
|
||
-Dsystemd-network-uid=192
|
||
-Dsystemd-resolve-uid=193
|
||
# -Dsystemd-timesync-uid=, not set yet
|
||
|
||
# For now, let's build the bootloader in the same places where we
|
||
# built with gnu-efi. Later on, we might want to extend coverage, but
|
||
# considering that that support is untested, let's not do this now.
|
||
# Note, ukify requires bootloader, let's also explicitly enable/disable it
|
||
# here for https://github.com/systemd/systemd/pull/24175.
|
||
-Dbootloader=%[%{?want_bootloader}?"enabled":"disabled"]
|
||
-Dukify=%[%{?want_bootloader}?"enabled":"disabled"]
|
||
|
||
# RHEL10 bootstrapping
|
||
-Dstandalone-binaries=false
|
||
-Dnscd=false
|
||
-Dportabled=false
|
||
-Dmountfsd=false
|
||
-Dhomed=disabled
|
||
-Dnetworkd=false
|
||
-Dtimesyncd=false
|
||
-Dcreate-log-dirs=false
|
||
-Dnsresourced=false
|
||
-Dfirstboot=true
|
||
-Dvmspawn=disabled
|
||
-Dstoragetm=false
|
||
-Dhtml=disabled
|
||
-Ddefault-net-naming-scheme=rhel-10.0-beta
|
||
-Ddefault-llmnr=no
|
||
-Ddns-over-tls=openssl
|
||
-Dntp-servers=
|
||
-Dsupport-url=https://access.redhat.com/support
|
||
-Dlibidn=disabled
|
||
-Dgnutls=disabled
|
||
-Ddefault-compression=zstd
|
||
# https://issues.redhat.com/browse/RHEL-16810
|
||
-Dsbat-distro-url=mailto:secalert@redhat.com
|
||
-Dsshconfdir=no
|
||
-Dsshdconfdir=no
|
||
-Duserdb=false
|
||
)
|
||
|
||
%if %{without lto}
|
||
%global _lto_cflags %nil
|
||
%endif
|
||
|
||
{ %meson "${CONFIGURE_OPTS[@]}" %{?meson_extra_configure_options} ; }
|
||
|
||
%meson_build
|
||
|
||
new_triggers=%{_vpath_builddir}/src/rpm/triggers.systemd.sh
|
||
if ! diff -u %{SOURCE1} ${new_triggers}; then
|
||
echo -e "\n\n\nWARNING: triggers.systemd in Source1 is different!"
|
||
echo -e " cp $PWD/${new_triggers} %{SOURCE1}\n\n\n"
|
||
sleep 5
|
||
fi
|
||
|
||
%install
|
||
%meson_install
|
||
|
||
# udev links
|
||
mkdir -p %{buildroot}/%{_sbindir}
|
||
ln -sf ../bin/udevadm %{buildroot}%{_sbindir}/udevadm
|
||
|
||
# Compatiblity and documentation files
|
||
touch %{buildroot}/etc/crypttab
|
||
chmod 600 %{buildroot}/etc/crypttab
|
||
|
||
# Config files that were moved under /usr.
|
||
# We need to %ghost them so that they are not removed on upgrades.
|
||
touch %{buildroot}/etc/systemd/coredump.conf \
|
||
%{buildroot}/etc/systemd/journald.conf \
|
||
%{buildroot}/etc/systemd/journal-remote.conf \
|
||
%{buildroot}/etc/systemd/journal-upload.conf \
|
||
%{buildroot}/etc/systemd/logind.conf \
|
||
%{buildroot}/etc/systemd/oomd.conf \
|
||
%{buildroot}/etc/systemd/pstore.conf \
|
||
%{buildroot}/etc/systemd/resolved.conf \
|
||
%{buildroot}/etc/systemd/sleep.conf \
|
||
%{buildroot}/etc/systemd/system.conf \
|
||
%{buildroot}/etc/systemd/user.conf \
|
||
%{buildroot}/etc/udev/udev.conf \
|
||
%{buildroot}/etc/udev/iocost.conf
|
||
|
||
install -D -t %{buildroot}/usr/lib/systemd/ %{SOURCE3}
|
||
|
||
# /etc/initab
|
||
install -Dm0644 -t %{buildroot}/etc/ %{SOURCE6}
|
||
|
||
# /etc/sysctl.conf compat
|
||
install -Dm0644 %{SOURCE7} %{buildroot}/etc/sysctl.conf
|
||
ln -s ../sysctl.conf %{buildroot}/etc/sysctl.d/99-sysctl.conf
|
||
|
||
# Make sure these directories are properly owned
|
||
mkdir -p %{buildroot}%{system_unit_dir}/basic.target.wants
|
||
mkdir -p %{buildroot}%{system_unit_dir}/default.target.wants
|
||
mkdir -p %{buildroot}%{system_unit_dir}/dbus.target.wants
|
||
mkdir -p %{buildroot}%{system_unit_dir}/syslog.target.wants
|
||
mkdir -p %{buildroot}/run
|
||
mkdir -p %{buildroot}%{_localstatedir}/log
|
||
touch %{buildroot}%{_localstatedir}/log/lastlog
|
||
chmod 0664 %{buildroot}%{_localstatedir}/log/lastlog
|
||
touch %{buildroot}/run/utmp
|
||
touch %{buildroot}%{_localstatedir}/log/{w,b}tmp
|
||
|
||
# Make sure the user generators dir exists too
|
||
mkdir -p %{buildroot}%{pkgdir}/system-generators
|
||
mkdir -p %{buildroot}%{pkgdir}/user-generators
|
||
|
||
# Create new-style configuration files so that we can ghost-own them
|
||
touch %{buildroot}%{_sysconfdir}/hostname
|
||
touch %{buildroot}%{_sysconfdir}/vconsole.conf
|
||
touch %{buildroot}%{_sysconfdir}/locale.conf
|
||
touch %{buildroot}%{_sysconfdir}/machine-id
|
||
touch %{buildroot}%{_sysconfdir}/machine-info
|
||
touch %{buildroot}%{_sysconfdir}/localtime
|
||
mkdir -p %{buildroot}%{_sysconfdir}/X11/xorg.conf.d
|
||
touch %{buildroot}%{_sysconfdir}/X11/xorg.conf.d/00-keyboard.conf
|
||
|
||
# Make sure the shutdown/sleep drop-in dirs exist
|
||
mkdir -p %{buildroot}%{pkgdir}/system-shutdown/
|
||
mkdir -p %{buildroot}%{pkgdir}/system-sleep/
|
||
|
||
# Make sure directories in /var exist
|
||
mkdir -p %{buildroot}%{_localstatedir}/lib/systemd/coredump
|
||
mkdir -p %{buildroot}%{_localstatedir}/lib/systemd/catalog
|
||
mkdir -p %{buildroot}%{_localstatedir}/lib/systemd/backlight
|
||
mkdir -p %{buildroot}%{_localstatedir}/lib/systemd/rfkill
|
||
mkdir -p %{buildroot}%{_localstatedir}/lib/systemd/linger
|
||
mkdir -p %{buildroot}%{_localstatedir}/lib/private
|
||
mkdir -p %{buildroot}%{_localstatedir}/log/private
|
||
mkdir -p %{buildroot}%{_localstatedir}/cache/private
|
||
mkdir -p %{buildroot}%{_localstatedir}/lib/private/systemd/journal-upload
|
||
ln -s ../private/systemd/journal-upload %{buildroot}%{_localstatedir}/lib/systemd/journal-upload
|
||
mkdir -p %{buildroot}%{_localstatedir}/log/journal
|
||
touch %{buildroot}%{_localstatedir}/lib/systemd/catalog/database
|
||
touch %{buildroot}%{_sysconfdir}/udev/hwdb.bin
|
||
touch %{buildroot}%{_localstatedir}/lib/systemd/random-seed
|
||
touch %{buildroot}%{_localstatedir}/lib/private/systemd/journal-upload/state
|
||
|
||
# Install yum protection fragment
|
||
install -Dm0644 %{SOURCE5} %{buildroot}/etc/dnf/protected.d/systemd.conf
|
||
|
||
install -Dm0644 -t %{buildroot}/usr/lib/firewalld/services/ %{SOURCE8} %{SOURCE9}
|
||
|
||
# Install additional docs
|
||
# https://bugzilla.redhat.com/show_bug.cgi?id=1234951
|
||
install -Dm0644 -t %{buildroot}%{_pkgdocdir}/ %{SOURCE10}
|
||
|
||
# https://bugzilla.redhat.com/show_bug.cgi?id=1378974
|
||
install -Dm0644 -t %{buildroot}%{system_unit_dir}/systemd-udev-trigger.service.d/ %{SOURCE11}
|
||
|
||
install -Dm0644 -t %{buildroot}%{_prefix}/lib/systemd/ %{SOURCE13}
|
||
|
||
# systemd-oomd default configuration
|
||
install -Dm0644 -t %{buildroot}%{_prefix}/lib/systemd/oomd.conf.d/ %{SOURCE14}
|
||
install -Dm0644 -t %{buildroot}%{system_unit_dir}/system.slice.d/ %{SOURCE15}
|
||
install -Dm0644 -t %{buildroot}%{user_unit_dir}/slice.d/ %{SOURCE15}
|
||
|
||
# https://fedoraproject.org/wiki/Changes/IncreaseVmMaxMapCount
|
||
install -Dm0644 -t %{buildroot}%{_prefix}/lib/sysctl.d/ %{SOURCE17}
|
||
|
||
sed -i 's|#!/usr/bin/env python3|#!%{__python3}|' %{buildroot}/usr/lib/systemd/tests/run-unit-tests.py || :
|
||
|
||
install -m 0644 -D -t %{buildroot}%{_rpmconfigdir}/macros.d/ %{SOURCE21}
|
||
# Use rpm's own sysusers provides where available
|
||
%if ! (0%{?fedora} >= 39 || 0%{?rhel} >= 10)
|
||
install -m 0644 -D -t %{buildroot}%{_rpmconfigdir}/fileattrs/ %{SOURCE22}
|
||
install -m 0755 -D -t %{buildroot}%{_rpmconfigdir}/ %{SOURCE23}
|
||
%endif
|
||
install -m 0755 -D -t %{buildroot}%{_rpmconfigdir}/ %{SOURCE24}
|
||
|
||
# https://bugzilla.redhat.com/show_bug.cgi?id=2107754
|
||
install -Dm0644 -t %{buildroot}%{_prefix}/lib/systemd/network/ %{SOURCE25}
|
||
|
||
ln -s --relative %{buildroot}%{_bindir}/kernel-install %{buildroot}%{_sbindir}/installkernel
|
||
|
||
%if "%{_sbindir}" == "%{_bindir}"
|
||
# Systemd has the split-sbin option which is also used to select the directory
|
||
# for alias symlinks. We need to keep split-sbin=true for now, to support
|
||
# unmerged systems. Move the symlinks here instead.
|
||
mv -v %{buildroot}/usr/sbin/* %{buildroot}%{_bindir}/
|
||
%endif
|
||
|
||
%if 0%{?fedora} >= 41
|
||
# This requires https://pagure.io/setup/pull-request/50
|
||
# and https://src.fedoraproject.org/rpms/setup/pull-request/10.
|
||
%{python3} %{SOURCE4} /usr/lib/sysusers.d/20-setup-{users,groups}.conf %{buildroot}/usr/lib/sysusers.d/basic.conf
|
||
rm %{buildroot}/usr/lib/sysusers.d/basic.conf
|
||
%endif
|
||
|
||
# We don't want to ship systemd-ssh-generator and it is not possible to disable it via meson_options.txt
|
||
# OpenScanHub doesn't build man pages, so let's not fail when they are not present
|
||
rm %{buildroot}%{_prefix}/lib/systemd/system-generators/systemd-ssh-generator
|
||
rm %{buildroot}%{_prefix}/lib/systemd/system/ssh-access.target
|
||
rm %{buildroot}%{_prefix}/lib/systemd/systemd-ssh-proxy
|
||
rm %{buildroot}%{_mandir}/man1/systemd-ssh-proxy.1 || :
|
||
rm %{buildroot}%{_mandir}/man8/systemd-ssh-generator.8 || :
|
||
|
||
%find_lang %{name}
|
||
|
||
# Split files in build root into rpms
|
||
python3 %{SOURCE2} %buildroot %{!?want_bootloader:--no-bootloader}
|
||
|
||
%check
|
||
%if %{with tests}
|
||
meson test -C %{_vpath_builddir} -t 6 --print-errorlogs
|
||
%endif
|
||
|
||
#############################################################################################
|
||
|
||
%include %{SOURCE1}
|
||
|
||
%post
|
||
systemd-machine-id-setup &>/dev/null || :
|
||
|
||
[ $1 -eq 1 ] || exit 0
|
||
|
||
[ -w %{_localstatedir} ] && journalctl --update-catalog || :
|
||
systemd-sysusers || :
|
||
systemd-tmpfiles --create &>/dev/null || :
|
||
|
||
# We reset the enablement of all services upon initial installation
|
||
# https://bugzilla.redhat.com/show_bug.cgi?id=1118740#c23
|
||
# This will fix up enablement of any preset services that got installed
|
||
# before systemd due to rpm ordering problems:
|
||
# https://bugzilla.redhat.com/show_bug.cgi?id=1647172.
|
||
# We also do this for user units, see
|
||
# https://fedoraproject.org/wiki/Changes/Systemd_presets_for_user_units.
|
||
systemctl preset-all &>/dev/null || :
|
||
systemctl --global preset-all &>/dev/null || :
|
||
|
||
%postun
|
||
if [ $1 -ge 1 ]; then
|
||
[ -w %{_localstatedir} ] && journalctl --update-catalog || :
|
||
|
||
systemctl daemon-reexec || :
|
||
|
||
systemd-tmpfiles --create &>/dev/null || :
|
||
fi
|
||
|
||
%systemd_postun_with_restart systemd-timedated.service systemd-hostnamed.service systemd-journald.service systemd-localed.service
|
||
|
||
# FIXME: systemd-logind.service is excluded (https://github.com/systemd/systemd/pull/17558)
|
||
|
||
# This is the expanded form of %%systemd_user_daemon_reexec. We
|
||
# can't use the macro because we define it ourselves.
|
||
if [ $1 -ge 1 ] && [ -x "/usr/lib/systemd/systemd-update-helper" ]; then
|
||
# Package upgrade, not uninstall
|
||
/usr/lib/systemd/systemd-update-helper user-reexec || :
|
||
fi
|
||
|
||
%triggerun -- systemd < 256
|
||
# This is for upgrades from previous versions before systemd restart was moved to %%postun
|
||
systemctl daemon-reexec || :
|
||
|
||
%triggerpostun -- systemd < 256-9
|
||
if [ -L /etc/ssh/sshd_config.d/20-systemd-userdb.conf ] && \
|
||
[ "$(readlink -m /etc/ssh/sshd_config.d/20-systemd-userdb.conf)" = "/usr/lib/systemd/sshd_config.d/20-systemd-userdb.conf" ] ; then
|
||
rm -f /etc/ssh/sshd_config.d/20-systemd-userdb.conf || :
|
||
fi
|
||
|
||
%global udev_services systemd-udev{d,-settle,-trigger}.service systemd-udevd-{control,kernel}.socket %{?want_bootloader:systemd-boot-update.service} systemd-pstore.service remote-cryptsetup.target
|
||
|
||
%post udev
|
||
# Move old stuff around in /var/lib
|
||
mv %{_localstatedir}/lib/random-seed %{_localstatedir}/lib/systemd/random-seed &>/dev/null
|
||
mv %{_localstatedir}/lib/backlight %{_localstatedir}/lib/systemd/backlight &>/dev/null
|
||
|
||
udevadm hwdb --update &>/dev/null
|
||
|
||
%systemd_post %udev_services
|
||
|
||
# Try to save the random seed, but don't complain if /dev/urandom is unavailable
|
||
/usr/lib/systemd/systemd-random-seed save 2>&1 | \
|
||
grep -v 'Failed to open /dev/urandom' || :
|
||
|
||
# Replace obsolete keymaps
|
||
# https://bugzilla.redhat.com/show_bug.cgi?id=1151958
|
||
grep -q -E '^KEYMAP="?fi-latin[19]"?' /etc/vconsole.conf 2>/dev/null &&
|
||
sed -i.rpm.bak -r 's/^KEYMAP="?fi-latin[19]"?/KEYMAP="fi"/' /etc/vconsole.conf || :
|
||
|
||
%preun udev
|
||
%systemd_preun %udev_services
|
||
|
||
%postun udev
|
||
# Restart some services.
|
||
# Others are either oneshot services, or sockets, and restarting them causes issues (#1378974)
|
||
%systemd_postun_with_restart systemd-udevd.service
|
||
|
||
|
||
%global journal_remote_units_restart systemd-journal-gatewayd.service systemd-journal-remote.service systemd-journal-upload.service
|
||
%global journal_remote_units_norestart systemd-journal-gatewayd.socket systemd-journal-remote.socket
|
||
%post journal-remote
|
||
%systemd_post %journal_remote_units_restart %journal_remote_units_norestart
|
||
%firewalld_reload
|
||
|
||
%preun journal-remote
|
||
%systemd_preun %journal_remote_units_restart %journal_remote_units_norestart
|
||
if [ $1 -eq 1 ] ; then
|
||
if [ -f %{_localstatedir}/lib/systemd/journal-upload/state -a ! -L %{_localstatedir}/lib/systemd/journal-upload ] ; then
|
||
mkdir -p %{_localstatedir}/lib/private/systemd/journal-upload
|
||
mv %{_localstatedir}/lib/systemd/journal-upload/state %{_localstatedir}/lib/private/systemd/journal-upload/.
|
||
rmdir %{_localstatedir}/lib/systemd/journal-upload || :
|
||
fi
|
||
fi
|
||
|
||
%postun journal-remote
|
||
%systemd_postun_with_restart %journal_remote_units_restart
|
||
%firewalld_reload
|
||
|
||
%post resolved
|
||
%systemd_post systemd-resolved.service
|
||
|
||
%preun resolved
|
||
if [ $1 -eq 0 ] ; then
|
||
systemctl disable --quiet \
|
||
systemd-resolved.service \
|
||
>/dev/null || :
|
||
if [ -L /etc/resolv.conf ] && \
|
||
realpath /etc/resolv.conf | grep ^/run/systemd/resolve/; then
|
||
rm -f /etc/resolv.conf # no longer useful
|
||
# if network manager is enabled, move to it instead
|
||
[ -f /run/NetworkManager/resolv.conf ] && \
|
||
systemctl -q is-enabled NetworkManager.service &>/dev/null && \
|
||
ln -fsv ../run/NetworkManager/resolv.conf /etc/resolv.conf
|
||
fi
|
||
fi
|
||
|
||
%postun resolved
|
||
%systemd_postun_with_restart systemd-resolved.service
|
||
|
||
%pre
|
||
getent group systemd-oom &>/dev/null || groupadd -r systemd-oom 2>&1 || :
|
||
getent passwd systemd-oom &>/dev/null || useradd -r -l -g systemd-oom -d / -s /sbin/nologin -c "systemd Userspace OOM Killer" systemd-oom &>/dev/null || :
|
||
|
||
%preun oomd
|
||
%systemd_preun systemd-oomd.service
|
||
|
||
%post oomd
|
||
%systemd_post systemd-oomd.service
|
||
|
||
%postun oomd
|
||
%systemd_postun_with_restart systemd-oomd.service
|
||
|
||
%global _docdir_fmt %{name}
|
||
|
||
%files -f %{name}.lang -f .file-list-main
|
||
%doc %{_pkgdocdir}
|
||
%exclude %{_pkgdocdir}/LICENSE*
|
||
# Only the licenses texts for the licenses in License line are included.
|
||
%license LICENSE.GPL2
|
||
%license LICENSES/MIT.txt
|
||
%ghost %dir %attr(0755,-,-) /etc/systemd/system/basic.target.wants
|
||
%ghost %dir %attr(0755,-,-) /etc/systemd/system/bluetooth.target.wants
|
||
%ghost %dir %attr(0755,-,-) /etc/systemd/system/default.target.wants
|
||
%ghost %dir %attr(0755,-,-) /etc/systemd/system/getty.target.wants
|
||
%ghost %dir %attr(0755,-,-) /etc/systemd/system/graphical.target.wants
|
||
%ghost %dir %attr(0755,-,-) /etc/systemd/system/local-fs.target.wants
|
||
%ghost %dir %attr(0755,-,-) /etc/systemd/system/machines.target.wants
|
||
%ghost %dir %attr(0755,-,-) /etc/systemd/system/multi-user.target.wants
|
||
%ghost %dir %attr(0755,-,-) /etc/systemd/system/network-online.target.wants
|
||
%ghost %dir %attr(0755,-,-) /etc/systemd/system/printer.target.wants
|
||
%ghost %dir %attr(0755,-,-) /etc/systemd/system/remote-fs.target.wants
|
||
%ghost %dir %attr(0755,-,-) /etc/systemd/system/sockets.target.wants
|
||
%ghost %dir %attr(0755,-,-) /etc/systemd/system/sysinit.target.wants
|
||
%ghost %dir %attr(0755,-,-) /etc/systemd/system/system-update.target.wants
|
||
%ghost %dir %attr(0755,-,-) /etc/systemd/system/timers.target.wants
|
||
%ghost %dir %attr(0700,-,-) /var/lib/portables
|
||
%ghost %dir %attr(0755,-,-) /var/lib/rpm-state/systemd
|
||
|
||
%files libs -f .file-list-libs
|
||
%license LICENSE.LGPL2.1
|
||
|
||
%files pam -f .file-list-pam
|
||
|
||
%files rpm-macros -f .file-list-rpm-macros
|
||
|
||
%files resolved -f .file-list-resolve
|
||
|
||
%files devel -f .file-list-devel
|
||
|
||
%files udev -f .file-list-udev
|
||
|
||
%if 0%{?want_bootloader}
|
||
%files ukify -f .file-list-ukify
|
||
%files boot-unsigned -f .file-list-boot
|
||
%endif
|
||
|
||
%files container -f .file-list-container
|
||
%ghost %dir %attr(0700,-,-) /var/lib/machines
|
||
|
||
%files journal-remote -f .file-list-remote
|
||
|
||
%files oomd -f .file-list-oomd
|
||
|
||
%clean
|
||
rm -rf $RPM_BUILD_ROOT
|
||
rm -f 10-timeout-abort.conf.user
|
||
rm -f .file-list-*
|
||
rm -f %{name}.lang
|
||
|
||
%changelog
|
||
* Thu Aug 22 2024 systemd maintenance team <systemd-maint@redhat.com> - 256-13
|
||
- systemctl: do not try to acquire triggering units for template units (RHEL-55132)
|
||
- core/unit: add one assertion for u->manager (RHEL-55734)
|
||
- core/service: destroy runtime data when Type=oneshot services exit (RHEL-55734)
|
||
- cgroup-util: Ignore kernel threads in cg_kill_items() (RHEL-55746)
|
||
- cgroup-util: Don't try to open pidfd for kernel threads (RHEL-55746)
|
||
- cgroup-util: fix typo (RHEL-55746)
|
||
- netif-naming-scheme: rename rhel-10.0 to rhel-10.0.beta (RHEL-55728)
|
||
- net-naming-scheme: disable NAMING_FIRMWARE_NODE_SUN (RHEL-55728)
|
||
- net-naming-scheme: remove NAMING_FIRMWARE_NODE_SUN from 9.5 (RHEL-55728)
|
||
- make systemd-ukify subpackage arch dependent (RHEL-52634)
|
||
|
||
* Thu Aug 15 2024 systemd maintenance team <systemd-maint@redhat.com> - 256-12
|
||
- netif-naming-scheme: add rhel-9.5 scheme (RHEL-44416)
|
||
- udev-builtin-net_id: use firmware_node/sun for ID_NET_NAME_SLOT (RHEL-44416)
|
||
- man/net-naming-scheme: add missing period (RHEL-44416)
|
||
- Revert "packit: drop the dependency on python3-zstd" (RHEL-36636)
|
||
|
||
* Tue Jul 30 2024 systemd maintenance team <systemd-maint@redhat.com> - 256-11
|
||
- fix OpenScanHub builds (RHEL-40924)
|
||
|
||
* Mon Jul 29 2024 systemd maintenance team <systemd-maint@redhat.com> - 256-10
|
||
- fix updgrade from versions before removal of systemd-ssh-generator - follow-up (RHEL-50131)
|
||
|
||
* Thu Jul 25 2024 systemd maintenance team <systemd-maint@redhat.com> - 256-9
|
||
- fix updgrade from versions before removal of systemd-ssh-generator (RHEL-50131)
|
||
|
||
* Tue Jul 23 2024 systemd maintenance team <systemd-maint@redhat.com> - 256-8
|
||
- Avoid /tmp being mounted as tmpfs without the user's will (RHEL-40924)
|
||
- unit: don't add Requires for tmp.mount (RHEL-40924)
|
||
- units: add [Install] section to tmp.mount (RHEL-40924)
|
||
- units: don't enable tmp.mount statically in local-fs.target (RHEL-40924)
|
||
|
||
* Mon Jul 22 2024 systemd maintenance team <systemd-maint@redhat.com> - 256-7
|
||
- drop 10-timeout-abort.conf snippet (RHEL-46280)
|
||
- don't ship systemd-userdbd (RHEL-46280)
|
||
|
||
* Fri Jul 19 2024 systemd maintenance team <systemd-maint@redhat.com> - 256-6
|
||
- doc: add downstream CONTRIBUTING document (RHEL-40924)
|
||
- ci: allow `policy` as rhel-only keyword (RHEL-40924)
|
||
- ci: run mkosi test only for Fedora and CentOS Stream (RHEL-40924)
|
||
- taint: remove unused variable `usr_sbin` (RHEL-40924)
|
||
- packit: drop the libarchive workaround (RHEL-40924)
|
||
- packit: drop the dependency on python3-zstd (RHEL-40924)
|
||
- coredump: by default process and store core files up to 1GiB (RHEL-46778)
|
||
- don't ship systemd-ssh-generator harder (RHEL-40924)
|
||
|
||
* Wed Jul 17 2024 systemd maintenance team <systemd-maint@redhat.com> - 256-5
|
||
- don't ship systemd-ssh-generator (RHEL-40924)
|
||
|
||
* Tue Jul 16 2024 systemd maintenance team <systemd-maint@redhat.com> - 256-4
|
||
- reenable systemd-firstboot (RHEL-48822)
|
||
- don't create /var/log/journal (RHEL-40924)
|
||
|
||
* Mon Jul 08 2024 systemd maintenance team <systemd-maint@redhat.com> - 256-3
|
||
- taint: remove unmerged-bin (RHEL-46277)
|
||
- presets: remove resolved (RHEL-46576)
|
||
- remove resolved scriptlets
|
||
- don't install tests
|
||
|
||
* Thu Jul 04 2024 systemd maintenance team <systemd-maint@redhat.com> - 256-2
|
||
- logind: set RemoveIPC to false by default (RHEL-40924)
|
||
- tmpfiles: don't create resolv.conf -> stub-resolv.conf symlink (RHEL-40924)
|
||
- rc-local: order after network-online.target (RHEL-40924)
|
||
- random-util: increase random seed size to 1024 (RHEL-40924)
|
||
- journal: don't enable systemd-journald-audit.socket by default (RHEL-40924)
|
||
- journald.conf: don't touch current audit settings (RHEL-40924)
|
||
- rules: add elevator= kernel command line parameter (RHEL-40924)
|
||
- pid1: bump DefaultTasksMax to 80% of the kernel pid.max value (RHEL-40924)
|
||
- udev/net-setup-link: change the default MACAddressPolicy to "none" (RHEL-40924)
|
||
- core: decrease log level of messages about use of KillMode=none (RHEL-40924)
|
||
- meson: rename libbasic to libbasic_static (RHEL-46020)
|
||
- meson: build libsystemd-core via an intermediate static library (RHEL-46020)
|
||
- meson: add option to build systemd-executor "statically" (RHEL-46020)
|
||
|
||
* Wed Jun 26 2024 Jan Macku <jamacku@redhat.com> - 256-1
|
||
- Initial import and bootsprap from Fedora
|
||
* remove standalone packages
|
||
* remove networkd package
|
||
* remove homed
|
||
* remove portabled
|
||
* remove timesyncd
|
||
* remove tests package
|
||
* move oomd to separate package
|
||
* revert bin-sbin merge related changes
|
||
- remove autorelease stuff
|
||
* for changelog history see changelog file
|
||
- rules: copy 40-redhat.rules from RHEL 9 (RHEL-40360)
|
||
- net-naming-scheme: start rhel10 naming and include rhel8 and rhel9 ones (RHEL-22621)
|
||
- fedora: use system-auth in pam systemd-user (RHEL-40924)
|
||
- tmpfiles: make --purge hard to (mis-)use (RHEL-40924)
|
||
- journal: again create user journals for users with high uids (RHEL-40924)
|
||
- (origin/rhel-10.0.beta, rhel-10.0.beta) ci: allow to pass parameters together with rhel-only note (RHEL-36636)
|
||
- ci: reconfigure Packit for RHEL 10 (RHEL-36636)
|
||
- ci: deploy systemd man to GitHub Pages (RHEL-36636)
|
||
- ci: setup source-git automation (RHEL-36636)
|
||
- ci: update workflows to run on source-git setup (RHEL-36636)
|