diff --git a/0001-Fix-run-lock-group-to-follow-openSUSE-policy.patch b/0001-Fix-run-lock-group-to-follow-openSUSE-policy.patch new file mode 100644 index 0000000..66eeece --- /dev/null +++ b/0001-Fix-run-lock-group-to-follow-openSUSE-policy.patch @@ -0,0 +1,38 @@ +From ca2788b478d763e49d2463378272d9fef2ef1bf3 Mon Sep 17 00:00:00 2001 +From: Franck Bui +Date: Mon, 9 May 2016 16:10:21 +0200 +Subject: [PATCH 1/1] Fix /run/lock group to follow openSUSE policy + +This is a partial import of commit +88013cabb939e4bd7347ce324c9eb9c1a45582de part of SUSE/v210 branch. + +However /var/lock/{subsys,lockdev} are left alone and will be created +because: + +- a bug was opened requesting /var/lock/subsys, see commit +0671c57670fc09e0cb970d081a1b523ea9c62b5b. + +- creating /var/lock/lockdev shouldn't hurt. + +[fixes: bnc#733523] +--- + tmpfiles.d/legacy.conf | 3 ++- + 1 file changed, 2 insertions(+), 1 deletion(-) + +diff --git a/tmpfiles.d/legacy.conf b/tmpfiles.d/legacy.conf +index 62e2ae0986..415918f407 100644 +--- a/tmpfiles.d/legacy.conf ++++ b/tmpfiles.d/legacy.conf +@@ -10,7 +10,8 @@ + # These files are considered legacy and are unnecessary on legacy-free + # systems. + +-d /run/lock 0755 root root - ++# On openSUSE, /run/lock is owned by the 'lock' group. ++d /run/lock 0775 root lock - + L /var/lock - - - - ../run/lock + + # /run/lock/subsys is used for serializing SysV service execution, and +-- +2.16.4 + diff --git a/0001-SUSE-policy-do-not-clean-tmp-by-default.patch b/0001-SUSE-policy-do-not-clean-tmp-by-default.patch new file mode 100644 index 0000000..6f37b2d --- /dev/null +++ b/0001-SUSE-policy-do-not-clean-tmp-by-default.patch @@ -0,0 +1,26 @@ +From b66a7b4b5aa25a1ffb4b76fe9545046dabd92c03 Mon Sep 17 00:00:00 2001 +From: Reinhard Max +Date: Fri, 19 Apr 2013 16:56:26 +0200 +Subject: [PATCH 1/1] SUSE policy: do not clean /tmp by default. + +Fix regression in the default for tmp auto-deletion (FATE#314974). +--- + tmpfiles.d/tmp.conf | 5 +++-- + 1 file changed, 3 insertions(+), 2 deletions(-) + +diff --git a/tmpfiles.d/tmp.conf b/tmpfiles.d/tmp.conf +index fe5225d751..dedc7569e1 100644 +--- a/tmpfiles.d/tmp.conf ++++ b/tmpfiles.d/tmp.conf +@@ -8,5 +8,6 @@ + # See tmpfiles.d(5) for details + + # Clear tmp directories separately, to make them easier to override +-q /tmp 1777 root root 10d +-q /var/tmp 1777 root root 30d ++# SUSE policy: we don't clean those directories ++q /tmp 1777 root root - ++q /var/tmp 1777 root root - +-- +2.16.4 + diff --git a/0001-logind-keep-backward-compatibility-with-UserTasksMax.patch b/0001-logind-keep-backward-compatibility-with-UserTasksMax.patch deleted file mode 100644 index 553fd89..0000000 --- a/0001-logind-keep-backward-compatibility-with-UserTasksMax.patch +++ /dev/null @@ -1,187 +0,0 @@ -From ce59acc7743f1897a335449b718f9ede33add394 Mon Sep 17 00:00:00 2001 -From: Franck Bui -Date: Tue, 6 Nov 2018 11:51:26 +0100 -Subject: [PATCH] logind: keep backward compatibility with UserTasksMax= in - logind.conf - -Since commit 284149392755f086d0a71, UserTasksMax= support has been simply -dropped. - -A generator is used to automatically create an appropriate dropin that has the -same effect. However since the snippet is generated in /run, sysadmin is -encouraged to copy it in /etc to make it persistent. - -The main advantages to use a generator are: - - - sysadmin is aware of this backward incompatible change - - - he will be the one who will fix logind.conf manually (to remove the use of - UserTasksMax=) - - - he will decide how to name the snippet and possibly merge it with an - existing one - -Expect this generator to be dropped in the future. ---- - meson.build | 8 +++ - src/login/compat-tasks-max-generator.c | 68 ++++++++++++++++++++++++++ - src/login/logind-user.c | 43 ++++++++++++++-- - 3 files changed, 114 insertions(+), 5 deletions(-) - create mode 100644 src/login/compat-tasks-max-generator.c - -diff --git a/meson.build b/meson.build -index dc6e970095..d834108f24 100644 ---- a/meson.build -+++ b/meson.build -@@ -1885,6 +1885,14 @@ if conf.get('ENABLE_LOGIND') == 1 - endif - endif - -+ executable('logind-compat-tasks-max-generator', -+ 'src/login/compat-tasks-max-generator.c', -+ include_directories : includes, -+ link_with : [libshared, liblogind_core], -+ install_rpath : rootlibexecdir, -+ install : true, -+ install_dir : systemgeneratordir) -+ - executable('systemd-user-runtime-dir', - user_runtime_dir_sources, - include_directories : includes, -diff --git a/src/login/compat-tasks-max-generator.c b/src/login/compat-tasks-max-generator.c -new file mode 100644 -index 0000000000..964d0596fb ---- /dev/null -+++ b/src/login/compat-tasks-max-generator.c -@@ -0,0 +1,68 @@ -+#include -+#include -+#include -+ -+#include "alloc-util.h" -+#include "dropin.h" -+#include "logind.h" -+#include "path-util.h" -+ -+static const char *arg_dest = "/tmp"; -+ -+static int read_manager_configuration(uint64_t *user_tasks_max) { -+ Manager m = {}; -+ int r; -+ -+ manager_reset_config(&m); -+ m.user_tasks_max = 0; -+ -+ r = manager_parse_config_file(&m); -+ if (r < 0) -+ return log_warning_errno(r, "Failed to parse logind.conf: %m"); -+ -+ if (m.user_tasks_max == 0) -+ return 0; -+ -+ *user_tasks_max = m.user_tasks_max; -+ return 1; -+} -+ -+int main(int argc, char *argv[]) { -+ _cleanup_free_ char *p = NULL; -+ uint64_t user_tasks_max; -+ int r = 0; -+ -+ if (argc > 1 && argc != 4) { -+ log_error("This program takes three or no arguments."); -+ return EXIT_FAILURE; -+ } -+ -+ if (argc > 1) -+ arg_dest = argv[1]; -+ -+ log_set_prohibit_ipc(true); -+ log_set_target(LOG_TARGET_AUTO); -+ log_parse_environment(); -+ log_open(); -+ -+ umask(0022); -+ -+ r = read_manager_configuration(&user_tasks_max); -+ if (r == 0) -+ return EXIT_SUCCESS; -+ if (r < 0) -+ return EXIT_FAILURE; -+ -+ p = path_join(arg_dest, "user-.slice.d", "50-limits.conf"); -+ if (!p) -+ return EXIT_FAILURE; -+ -+ log_warning("Creating %s to keep compability\n" -+ "Consider copying the snippet in /etc/systemd/system/user-.slice.d/\n", p); -+ -+ r = write_drop_in_format(arg_dest, "user-.slice", 50, "limits", -+ "# Automatically generated by logind-compat-tasks-max-generator\n\n" -+ "[Slice]\nTasksMax=%" PRIu64, user_tasks_max); -+ -+ return r < 0 ? EXIT_FAILURE : EXIT_SUCCESS; -+} -diff --git a/src/login/logind-user.c b/src/login/logind-user.c -index 045b6f0e17..1c19d6512b 100644 ---- a/src/login/logind-user.c -+++ b/src/login/logind-user.c -@@ -847,17 +847,50 @@ int config_parse_compat_user_tasks_max( - void *data, - void *userdata) { - -+ uint64_t *m = data; -+ uint64_t k; -+ int r; -+ - assert(filename); - assert(lvalue); - assert(rvalue); - assert(data); - -- log_syntax(unit, LOG_NOTICE, filename, line, 0, -+ log_syntax(unit, LOG_WARNING, filename, line, 0, - "Support for option %s= has been removed.", - lvalue); -- log_info("Hint: try creating /etc/systemd/system/user-.slice.d/50-limits.conf with:\n" -- " [Slice]\n" -- " TasksMax=%s", -- rvalue); -+ -+ if (isempty(rvalue)) { -+ *m = system_tasks_max_scale(DEFAULT_USER_TASKS_MAX_PERCENTAGE, 100U); -+ return 0; -+ } -+ -+ if (streq(rvalue, "infinity")) { -+ *m = CGROUP_LIMIT_MAX; -+ return 0; -+ } -+ -+ /* Try to parse as percentage */ -+ r = parse_percent(rvalue); -+ if (r >= 0) -+ k = system_tasks_max_scale(r, 100U); -+ else { -+ -+ /* If the passed argument was not a percentage, or out of range, parse as byte size */ -+ -+ r = safe_atou64(rvalue, &k); -+ if (r < 0) { -+ log_syntax(unit, LOG_ERR, filename, line, r, "Failed to parse tasks maximum, ignoring: %s", rvalue); -+ return 0; -+ } -+ } -+ -+ if (k <= 0 || k >= UINT64_MAX) { -+ log_syntax(unit, LOG_ERR, filename, line, 0, "Tasks maximum out of range, ignoring: %s", rvalue); -+ return 0; -+ } -+ -+ *m = k; -+ - return 0; - } --- -2.21.0 - diff --git a/systemd-mini.changes b/systemd-mini.changes index 7bf8c92..f987471 100644 --- a/systemd-mini.changes +++ b/systemd-mini.changes @@ -1,3 +1,76 @@ +------------------------------------------------------------------- +Tue Jan 14 14:21:40 UTC 2020 - Franck Bui + +- Temporarily restore /sbin/{udevd,udevadm) obsolete symlinks + + They're restored until YaST stop using them (see boo#1160890) + +------------------------------------------------------------------- +Tue Jan 14 13:56:31 UTC 2020 - Franck Bui + +- Import commit 8254b8d9646f3e0f5f8057d1ffb5d6c20f079aaa (merge v244.1) + + 639dc9f4bf network: set ipv6 mtu after link-up or device mtu change + cbced49daa man: fix typo in net-naming-scheme man page + 7dd04c99b0 network: tc: drop unused element + bf4b7d07ba man: fix typos (#14304) + 1ba2e7a730 ipv4ll: do not reset conflict counter on restart + 49806bb310 macro: avoid subtraction overflow in ALIGN_POWER2() + c4c1600689 test-network: add a test case for SendOption= + 6f15b45949 network: fix segfault in parsing SendOption= + 2e531b830d seccomp: real syscall numbers are >= 0 + f7616ed52b network: fix copy and paste mistake + e8b53300c4 network: do not drop foreign config if interface is in initialized state + 00f05813bf seccomp: mmap test results depend on kernel/libseccomp/glibc + 4de1909e61 seccomp: use per arch shmat_syscall + d83010521d seccomp: ensure rules are loaded in seccomp_memory_deny_write_execute + 2c6568221a seccomp: fix multiplexed system calls + bcf0aa02bf Fix typo (duplicate "or") + 96d7083c54 network: if /sys is rw, then udev should be around + e874419902 nspawn: do not fail if udev is not running + 29c9144655 Create parent directories when creating systemd-private subdirs + 9cbb8b5254 network: do not return error but return UINT64_MAX if speed meter is disabled + c08429ae33 core: swap priority can be negative + f25c0be335 networkctl: fix to show BSSID + 65fd2fce59 systemctl: enhance message about kexec missing kernel + bdd0af5f81 Fixup typo in NEWS + +------------------------------------------------------------------- +Wed Dec 11 17:20:04 UTC 2019 - Franck Bui + +- Manually set system-uid-max and system-gid-max to 499 + + It used to be detected automatically by meson but it's been broken + by the migration of login.defs from /etc to /usr/etc. + +------------------------------------------------------------------- +Wed Dec 11 17:01:57 UTC 2019 - Franck Bui + +- Import commit d8f6a204858bff68b8e0e7be86b418c36087ab2e + + 6c5e492a65 cryptsetup: umount encrypted devices before detaching it during shutdown + +------------------------------------------------------------------- +Thu Dec 5 14:00:03 UTC 2019 - Franck Bui + +- Upgrade to v244 (commit 090da85161ceb1ba0b4c208963c7156a8fdf10c6) + + See https://github.com/openSUSE/systemd/blob/SUSE/v244/NEWS for + details. + + Legacy and obsolete symlinks have been finally dropped. + + Dropped 0001-logind-keep-backward-compatibility-with-UserTasksMax.patch. + Users were notified about the deprecation of UserTasksMax option and + how to move to the new mechanism. The dropin replacement for + UserTasksMax is therefore no more generated but its use still + produces a warning. + + Added 0001-SUSE-policy-do-not-clean-tmp-by-default.patch and + 0001-Fix-run-lock-group-to-follow-openSUSE-policy.patch. + These patches were extracted from the git repo because it's not + clear where the SUSE tmpfiles specificities should be located. + ------------------------------------------------------------------- Tue Dec 3 16:56:31 UTC 2019 - Franck Bui diff --git a/systemd-mini.spec b/systemd-mini.spec index 770c21a..43d27e9 100644 --- a/systemd-mini.spec +++ b/systemd-mini.spec @@ -1,7 +1,7 @@ # # spec file for package systemd-mini # -# Copyright (c) 2019 SUSE LINUX GmbH, Nuernberg, Germany. +# Copyright (c) 2020 SUSE LINUX GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -26,7 +26,7 @@ ##### WARNING: please do not edit this auto generated spec file. Use the systemd.spec! ##### %define mini -mini %define min_kernel_version 4.5 -%define suse_version +suse.225.gdbb1d4734d +%define suse_version +suse.58.g8254b8d964 %bcond_with gnuefi %if 0%{?bootstrap} @@ -55,7 +55,7 @@ Name: systemd-mini Url: http://www.freedesktop.org/wiki/Software/systemd -Version: 243 +Version: 244 Release: 0 Summary: A System and Session Manager License: LGPL-2.1-or-later @@ -166,7 +166,8 @@ Source200: scripts-udev-convert-lib-udev-path.sh # broken in upstream and need an urgent fix. Even in this case, the # patches are temporary and should be removed as soon as a fix is # merged by upstream. -Patch2: 0001-logind-keep-backward-compatibility-with-UserTasksMax.patch +Patch1: 0001-SUSE-policy-do-not-clean-tmp-by-default.patch +Patch2: 0001-Fix-run-lock-group-to-follow-openSUSE-policy.patch %description Systemd is a system and service manager, compatible with SysV and LSB @@ -480,6 +481,8 @@ opensuse_ntp_servers=({0..3}.opensuse.pool.ntp.org) -Drootprefix=/usr \ -Dsplit-usr=true \ -Dsplit-bin=true \ + -Dsystem-uid-max=499 \ + -Dsystem-gid-max=499 \ -Dpamlibdir=/%{_lib}/security \ -Drpmmacrosdir=no \ -Dcertificate-root=%{_sysconfdir}/pki/systemd \ @@ -556,11 +559,10 @@ rm %{buildroot}%{_sbindir}/resolvconf rm %{buildroot}%{_mandir}/man1/resolvconf.1* %endif -# FIXME: these symlinks should die. -mkdir -p %{buildroot}/{sbin,lib,bin} +# FIXME: These obsolete symlinks are still needed by YaST so let's +# keep them until boo#1160890 is fixed. +mkdir -p %{buildroot}/sbin ln -sf %{_bindir}/udevadm %{buildroot}/sbin/udevadm -ln -sf %{_bindir}/systemd-ask-password %{buildroot}/bin/systemd-ask-password -ln -sf %{_bindir}/systemctl %{buildroot}/bin/systemctl ln -sf %{_prefix}/lib/systemd/systemd-udevd %{buildroot}/sbin/udevd %if %{with sysvcompat} @@ -583,7 +585,8 @@ for s in %{S:200}; do install -m0755 -D $s %{buildroot}%{_prefix}/lib/udev/scripts/${s#*/scripts-udev-} done -ln -s ../usr/lib/systemd/systemd %{buildroot}/bin/systemd +# Legacy sysvinit tools +mkdir -p %{buildroot}/sbin ln -s ../usr/lib/systemd/systemd %{buildroot}/sbin/init ln -s ../usr/bin/systemctl %{buildroot}/sbin/reboot ln -s ../usr/bin/systemctl %{buildroot}/sbin/halt @@ -642,9 +645,6 @@ rm -f %{buildroot}%{_prefix}/lib/systemd/systemd-journal-upload rm -f %{buildroot}%{_unitdir}/systemd-journal-upload.* %endif -# legacy link -ln -s /usr/lib/udev %{buildroot}/lib/udev - # Create the /var/log/journal directory to change the volatile journal # to a persistent one mkdir -p %{buildroot}%{_localstatedir}/log/journal/ @@ -1004,9 +1004,6 @@ fi %files %defattr(-,root,root) %license LICENSE* -/bin/systemd -/bin/systemd-ask-password -/bin/systemctl %{_bindir}/busctl %{_bindir}/bootctl %{_bindir}/hostnamectl @@ -1315,15 +1312,14 @@ fi %defattr(-,root,root) /sbin/udevd /sbin/udevadm -# keep for compatibility -%ghost /lib/udev %{_bindir}/udevadm %{_bindir}/systemd-hwdb %dir %{_prefix}/lib/udev/ %{_prefix}/lib/udev/ata_id -%{_prefix}/lib/udev/path_id_compat %{_prefix}/lib/udev/cdrom_id +%{_prefix}/lib/udev/fido_id %{_prefix}/lib/udev/mtd_probe +%{_prefix}/lib/udev/path_id_compat %{_prefix}/lib/udev/scsi_id %{_prefix}/lib/udev/v4l_id %ghost %{_prefix}/lib/udev/compat-symlink-generation @@ -1501,9 +1497,8 @@ fi %{_datadir}/dbus-1/system-services/org.freedesktop.network1.service %{_datadir}/polkit-1/actions/org.freedesktop.network1.policy %{_datadir}/polkit-1/rules.d/60-systemd-networkd.rules -%{_prefix}/lib/systemd/network/80-container-host0.network -%{_prefix}/lib/systemd/network/80-container-ve.network -%{_prefix}/lib/systemd/network/80-container-vz.network +%{_prefix}/lib/systemd/network/*.network +%{_prefix}/lib/systemd/network/*.network.example %endif %if %{with resolved} %{_bindir}/resolvectl diff --git a/systemd-v243+suse.225.gdbb1d4734d.tar.xz b/systemd-v243+suse.225.gdbb1d4734d.tar.xz deleted file mode 100644 index 17eae93..0000000 --- a/systemd-v243+suse.225.gdbb1d4734d.tar.xz +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:75e337763ce116e5e9125f6cd96c015ad29416f47c9bfe063f25478b532569d0 -size 5619504 diff --git a/systemd-v244+suse.58.g8254b8d964.tar.xz b/systemd-v244+suse.58.g8254b8d964.tar.xz new file mode 100644 index 0000000..cf95da8 --- /dev/null +++ b/systemd-v244+suse.58.g8254b8d964.tar.xz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:a1347645929f05fcc785b2f4531456eb50c6916d5f15a88cfe6fb57845ed1103 +size 5761288 diff --git a/systemd.changes b/systemd.changes index 7bf8c92..f987471 100644 --- a/systemd.changes +++ b/systemd.changes @@ -1,3 +1,76 @@ +------------------------------------------------------------------- +Tue Jan 14 14:21:40 UTC 2020 - Franck Bui + +- Temporarily restore /sbin/{udevd,udevadm) obsolete symlinks + + They're restored until YaST stop using them (see boo#1160890) + +------------------------------------------------------------------- +Tue Jan 14 13:56:31 UTC 2020 - Franck Bui + +- Import commit 8254b8d9646f3e0f5f8057d1ffb5d6c20f079aaa (merge v244.1) + + 639dc9f4bf network: set ipv6 mtu after link-up or device mtu change + cbced49daa man: fix typo in net-naming-scheme man page + 7dd04c99b0 network: tc: drop unused element + bf4b7d07ba man: fix typos (#14304) + 1ba2e7a730 ipv4ll: do not reset conflict counter on restart + 49806bb310 macro: avoid subtraction overflow in ALIGN_POWER2() + c4c1600689 test-network: add a test case for SendOption= + 6f15b45949 network: fix segfault in parsing SendOption= + 2e531b830d seccomp: real syscall numbers are >= 0 + f7616ed52b network: fix copy and paste mistake + e8b53300c4 network: do not drop foreign config if interface is in initialized state + 00f05813bf seccomp: mmap test results depend on kernel/libseccomp/glibc + 4de1909e61 seccomp: use per arch shmat_syscall + d83010521d seccomp: ensure rules are loaded in seccomp_memory_deny_write_execute + 2c6568221a seccomp: fix multiplexed system calls + bcf0aa02bf Fix typo (duplicate "or") + 96d7083c54 network: if /sys is rw, then udev should be around + e874419902 nspawn: do not fail if udev is not running + 29c9144655 Create parent directories when creating systemd-private subdirs + 9cbb8b5254 network: do not return error but return UINT64_MAX if speed meter is disabled + c08429ae33 core: swap priority can be negative + f25c0be335 networkctl: fix to show BSSID + 65fd2fce59 systemctl: enhance message about kexec missing kernel + bdd0af5f81 Fixup typo in NEWS + +------------------------------------------------------------------- +Wed Dec 11 17:20:04 UTC 2019 - Franck Bui + +- Manually set system-uid-max and system-gid-max to 499 + + It used to be detected automatically by meson but it's been broken + by the migration of login.defs from /etc to /usr/etc. + +------------------------------------------------------------------- +Wed Dec 11 17:01:57 UTC 2019 - Franck Bui + +- Import commit d8f6a204858bff68b8e0e7be86b418c36087ab2e + + 6c5e492a65 cryptsetup: umount encrypted devices before detaching it during shutdown + +------------------------------------------------------------------- +Thu Dec 5 14:00:03 UTC 2019 - Franck Bui + +- Upgrade to v244 (commit 090da85161ceb1ba0b4c208963c7156a8fdf10c6) + + See https://github.com/openSUSE/systemd/blob/SUSE/v244/NEWS for + details. + + Legacy and obsolete symlinks have been finally dropped. + + Dropped 0001-logind-keep-backward-compatibility-with-UserTasksMax.patch. + Users were notified about the deprecation of UserTasksMax option and + how to move to the new mechanism. The dropin replacement for + UserTasksMax is therefore no more generated but its use still + produces a warning. + + Added 0001-SUSE-policy-do-not-clean-tmp-by-default.patch and + 0001-Fix-run-lock-group-to-follow-openSUSE-policy.patch. + These patches were extracted from the git repo because it's not + clear where the SUSE tmpfiles specificities should be located. + ------------------------------------------------------------------- Tue Dec 3 16:56:31 UTC 2019 - Franck Bui diff --git a/systemd.spec b/systemd.spec index 335a6bd..2a1d8c3 100644 --- a/systemd.spec +++ b/systemd.spec @@ -1,7 +1,7 @@ # # spec file for package systemd # -# Copyright (c) 2019 SUSE LINUX GmbH, Nuernberg, Germany. +# Copyright (c) 2020 SUSE LINUX GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -24,7 +24,7 @@ %define bootstrap 0 %define mini %nil %define min_kernel_version 4.5 -%define suse_version +suse.225.gdbb1d4734d +%define suse_version +suse.58.g8254b8d964 %bcond_with gnuefi %if 0%{?bootstrap} @@ -53,7 +53,7 @@ Name: systemd Url: http://www.freedesktop.org/wiki/Software/systemd -Version: 243 +Version: 244 Release: 0 Summary: A System and Session Manager License: LGPL-2.1-or-later @@ -164,7 +164,8 @@ Source200: scripts-udev-convert-lib-udev-path.sh # broken in upstream and need an urgent fix. Even in this case, the # patches are temporary and should be removed as soon as a fix is # merged by upstream. -Patch2: 0001-logind-keep-backward-compatibility-with-UserTasksMax.patch +Patch1: 0001-SUSE-policy-do-not-clean-tmp-by-default.patch +Patch2: 0001-Fix-run-lock-group-to-follow-openSUSE-policy.patch %description Systemd is a system and service manager, compatible with SysV and LSB @@ -478,6 +479,8 @@ opensuse_ntp_servers=({0..3}.opensuse.pool.ntp.org) -Drootprefix=/usr \ -Dsplit-usr=true \ -Dsplit-bin=true \ + -Dsystem-uid-max=499 \ + -Dsystem-gid-max=499 \ -Dpamlibdir=/%{_lib}/security \ -Drpmmacrosdir=no \ -Dcertificate-root=%{_sysconfdir}/pki/systemd \ @@ -554,11 +557,10 @@ rm %{buildroot}%{_sbindir}/resolvconf rm %{buildroot}%{_mandir}/man1/resolvconf.1* %endif -# FIXME: these symlinks should die. -mkdir -p %{buildroot}/{sbin,lib,bin} +# FIXME: These obsolete symlinks are still needed by YaST so let's +# keep them until boo#1160890 is fixed. +mkdir -p %{buildroot}/sbin ln -sf %{_bindir}/udevadm %{buildroot}/sbin/udevadm -ln -sf %{_bindir}/systemd-ask-password %{buildroot}/bin/systemd-ask-password -ln -sf %{_bindir}/systemctl %{buildroot}/bin/systemctl ln -sf %{_prefix}/lib/systemd/systemd-udevd %{buildroot}/sbin/udevd %if %{with sysvcompat} @@ -581,7 +583,8 @@ for s in %{S:200}; do install -m0755 -D $s %{buildroot}%{_prefix}/lib/udev/scripts/${s#*/scripts-udev-} done -ln -s ../usr/lib/systemd/systemd %{buildroot}/bin/systemd +# Legacy sysvinit tools +mkdir -p %{buildroot}/sbin ln -s ../usr/lib/systemd/systemd %{buildroot}/sbin/init ln -s ../usr/bin/systemctl %{buildroot}/sbin/reboot ln -s ../usr/bin/systemctl %{buildroot}/sbin/halt @@ -640,9 +643,6 @@ rm -f %{buildroot}%{_prefix}/lib/systemd/systemd-journal-upload rm -f %{buildroot}%{_unitdir}/systemd-journal-upload.* %endif -# legacy link -ln -s /usr/lib/udev %{buildroot}/lib/udev - # Create the /var/log/journal directory to change the volatile journal # to a persistent one mkdir -p %{buildroot}%{_localstatedir}/log/journal/ @@ -1002,9 +1002,6 @@ fi %files %defattr(-,root,root) %license LICENSE* -/bin/systemd -/bin/systemd-ask-password -/bin/systemctl %{_bindir}/busctl %{_bindir}/bootctl %{_bindir}/hostnamectl @@ -1313,15 +1310,14 @@ fi %defattr(-,root,root) /sbin/udevd /sbin/udevadm -# keep for compatibility -%ghost /lib/udev %{_bindir}/udevadm %{_bindir}/systemd-hwdb %dir %{_prefix}/lib/udev/ %{_prefix}/lib/udev/ata_id -%{_prefix}/lib/udev/path_id_compat %{_prefix}/lib/udev/cdrom_id +%{_prefix}/lib/udev/fido_id %{_prefix}/lib/udev/mtd_probe +%{_prefix}/lib/udev/path_id_compat %{_prefix}/lib/udev/scsi_id %{_prefix}/lib/udev/v4l_id %ghost %{_prefix}/lib/udev/compat-symlink-generation @@ -1499,9 +1495,8 @@ fi %{_datadir}/dbus-1/system-services/org.freedesktop.network1.service %{_datadir}/polkit-1/actions/org.freedesktop.network1.policy %{_datadir}/polkit-1/rules.d/60-systemd-networkd.rules -%{_prefix}/lib/systemd/network/80-container-host0.network -%{_prefix}/lib/systemd/network/80-container-ve.network -%{_prefix}/lib/systemd/network/80-container-vz.network +%{_prefix}/lib/systemd/network/*.network +%{_prefix}/lib/systemd/network/*.network.example %endif %if %{with resolved} %{_bindir}/resolvectl