Accepting request 922217 from Base:System

- Work around rpmlint complaining about /var/log/journal shipped with setgid bit
  This setgid bit has been already reviewed in the past and wasn't a
  concern. However we want the mode/ownership adjusted by tmpfiles and
  avoid the duplication of these info in rpm.
- Don't ghost own any directories created dynamically by tmpfiles
  Again rpmlint complains but it doesn't seem to make sense to try to
  track all paths (including theirs perms, ownerships...) created
  dynamically. And 'rpm -V' is likely to report issues later with
  these paths anyway.
  This effectively partially reverts the two previous commits.

- Make sure the build process won't create /var/log/journal
- /var/log/journal/remote is owned by systemd-journal-remote

- systemd.spec: fix a bunch of rpmlint errors/warnings

- Drop systemd-logger
  This sub package was introduced in order to configure persistent
  journal and also to make sure that another syslog provider (such as
  rsyslog) couldn't be installed at the same time: each syslog
  provider conflicts with each others.
  However this mechanism didn't work since uninstalling systemd-logger
  wasn't magically turning off persistent logging because
  /var/log/journal is likely to be populated hence not removed.
  Moreover using a subpackage to configure the mode of journald was
  overkill and the usual ways (main conf file or drop-ins) should be
  preferred.

- Import commit 7a5801342fe2f53e5c2a8578d6db132c0eca2d97
  8d65ec4a66 test: wc is needed by test/units/testsuite-50.sh

OBS-URL: https://build.opensuse.org/request/show/922217
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/systemd?expand=0&rev=337
This commit is contained in:
Dominique Leuenberger 2021-10-04 16:39:17 +00:00 committed by Git OBS Bridge
commit 59610b51cc
8 changed files with 233 additions and 147 deletions

View File

@ -1,32 +1,11 @@
addFilter("invalid-pkgconfig-file") addFilter(".*filelist-forbidden-systemd-userdirs /etc/systemd/.*\.conf")
addFilter(".*dangling-symlink /sbin/(halt|init|poweroff|telinit|shutdown|runlevel|reboot).*")
addFilter(".*dangling-symlink .* /dev/null.*")
addFilter(".*files-duplicate .*/reboot\.8.*")
addFilter(".*files-duplicate .*/sd_is_socket\.3.*")
addFilter("non-conffile-in-etc /etc/bash_completion.d/systemd-bash-completion\.sh")
addFilter("non-conffile-in-etc /etc/rpm/macros\.systemd")
addFilter(".*dbus-policy-allow-receive") addFilter(".*dbus-policy-allow-receive")
addFilter(".*dangling-symlink /lib/udev/devices/std(in|out|err).*")
addFilter(".*dangling-symlink /lib/udev/devices/core.*")
addFilter(".*dangling-symlink /lib/udev/devices/fd.*")
addFilter(".*incoherent-init-script-name boot\.udev.*")
addFilter(".init-script-without-%stop_on_removal-preun /etc/init\.d/boot\.udev")
addFilter(".init-script-without-%restart_on_update-postun /etc/init\.d/boot\.udev")
addFilter(".*devel-file-in-non-devel-package.*udev.pc.*") addFilter(".*devel-file-in-non-devel-package.*udev.pc.*")
addFilter(".*libgudev-.*shlib-fixed-dependency.*")
addFilter(".*suse-filelist-forbidden-systemd-userdirs.*")
addFilter("libudev-mini.*shlib-policy-name-error.*")
addFilter("nss-systemd.*shlib-policy-name-error.*")
addFilter("nss-myhostname.*shlib-policy-name-error.*")
addFilter("nss-mymachines.*shlib-policy-name-error.*")
addFilter("nss-resolve.*shlib-policy-name-error.*")
addFilter("systemd-logger.*useless-provides sysvinit(syslog).*")
addFilter("devel-file-in-non-devel-package.*/usr/share/pkgconfig/(udev|systemd)\.pc.*") addFilter("devel-file-in-non-devel-package.*/usr/share/pkgconfig/(udev|systemd)\.pc.*")
addFilter(".*script-without-shebang.*/usr/lib/udev/rule_generator.functions.*")
addFilter(".*files-duplicate.*/systemd-logger.*")
addFilter(".*missing-call-to-setgroups-before-setuid.*") addFilter(".*missing-call-to-setgroups-before-setuid.*")
addFilter(".*missing-call-to-chdir-with-chroot.*")
addFilter(".*systemd-service-without-service.*") addFilter(".*systemd-service-without-service.*")
addFilter(".*shlib-policy-missing-suffix.*")
addFilter(".*suse-missing-rclink.*")
addFilter("env-script-interpreter") addFilter("env-script-interpreter")
addFilter(".*files-duplicate /usr/lib/systemd/.*")
addFilter(".*files-duplicated-waste.*")
addFilter(".*explicit-lib-dependency .*")
addFilter(".*tmpfile-not-in-filelist .*")

View File

@ -1,3 +1,80 @@
-------------------------------------------------------------------
Wed Sep 29 10:04:38 UTC 2021 - Franck Bui <fbui@suse.com>
- Work around rpmlint complaining about /var/log/journal shipped with setgid bit
This setgid bit has been already reviewed in the past and wasn't a
concern. However we want the mode/ownership adjusted by tmpfiles and
avoid the duplication of these info in rpm.
- Don't ghost own any directories created dynamically by tmpfiles
Again rpmlint complains but it doesn't seem to make sense to try to
track all paths (including theirs perms, ownerships...) created
dynamically. And 'rpm -V' is likely to report issues later with
these paths anyway.
This effectively partially reverts the two previous commits.
-------------------------------------------------------------------
Fri Sep 24 12:56:31 UTC 2021 - Franck Bui <fbui@suse.com>
- Make sure the build process won't create /var/log/journal
- /var/log/journal/remote is owned by systemd-journal-remote
-------------------------------------------------------------------
Fri Sep 24 09:28:38 UTC 2021 - Franck Bui <fbui@suse.com>
- systemd.spec: fix a bunch of rpmlint errors/warnings
-------------------------------------------------------------------
Fri Sep 24 07:27:58 UTC 2021 - Franck Bui <fbui@suse.com>
- Drop systemd-logger
This sub package was introduced in order to configure persistent
journal and also to make sure that another syslog provider (such as
rsyslog) couldn't be installed at the same time: each syslog
provider conflicts with each others.
However this mechanism didn't work since uninstalling systemd-logger
wasn't magically turning off persistent logging because
/var/log/journal is likely to be populated hence not removed.
Moreover using a subpackage to configure the mode of journald was
overkill and the usual ways (main conf file or drop-ins) should be
preferred.
-------------------------------------------------------------------
Wed Sep 22 13:41:34 UTC 2021 - Franck Bui <fbui@suse.com>
- Import commit 7a5801342fe2f53e5c2a8578d6db132c0eca2d97
8d65ec4a66 test: wc is needed by test/units/testsuite-50.sh
1527bcc5dd test: make the installation of the debug tools optional in the image
f4e6bf0b37 journalctl: never fail at flushing when the flushed flag is set (bsc#1188588)
-------------------------------------------------------------------
Wed Sep 22 13:25:26 UTC 2021 - Franck Bui <fbui@suse.com>
- Update the dependencies of the testsuite package
The debug tools are optional thus no more required.
OTOH strip(1) is needed when building the test image and nc(1) is
needed by some tests.
-------------------------------------------------------------------
Fri Sep 10 13:30:14 UTC 2021 - Franck Bui <fbui@suse.com>
- Drop git internal files from the testsuite sub-package
-------------------------------------------------------------------
Fri Sep 10 09:51:06 UTC 2021 - Franck Bui <fbui@suse.com>
- Adjust pam macros
------------------------------------------------------------------- -------------------------------------------------------------------
Wed Sep 8 17:01:58 UTC 2021 - Franck Bui <fbui@suse.com> Wed Sep 8 17:01:58 UTC 2021 - Franck Bui <fbui@suse.com>
@ -69,6 +146,10 @@ Mon Aug 2 12:54:44 UTC 2021 - Franck Bui <fbui@suse.com>
See https://github.com/openSUSE/systemd/blob/SUSE/v249/NEWS for See https://github.com/openSUSE/systemd/blob/SUSE/v249/NEWS for
details. details.
This includes the following bug fixes:
- upstream commit 6fb61918ccdd0610b425d5b0e5417751f8f8f783 (bsc#1182870)
- Rebased 0002-rc-local-fix-ordering-startup-for-etc-init.d-boot.lo.patch - Rebased 0002-rc-local-fix-ordering-startup-for-etc-init.d-boot.lo.patch
0012-resolved-create-etc-resolv.conf-symlink-at-runtime.patch 0012-resolved-create-etc-resolv.conf-symlink-at-runtime.patch
@ -310,6 +391,11 @@ Mon Apr 26 16:25:38 UTC 2021 - Franck Bui <fbui@suse.com>
See https://github.com/openSUSE/systemd/blob/SUSE/v248/NEWS for See https://github.com/openSUSE/systemd/blob/SUSE/v248/NEWS for
details. details.
This includes the following bug fixes:
- upstream commit 4327574fc1093513badc2177f71cede2fc88c13c (bsc#1166028)
- upstream commit 3573e032f26724949e86626eace058d006b8bf70 (bsc#1186411)
- A couple runtime dependencies on libraries are now tracked - A couple runtime dependencies on libraries are now tracked
manually (with Recommends:) due to the fact that some symbols of manually (with Recommends:) due to the fact that some symbols of
these libs are dynamically loaded with dlopen() (heck!) these libs are dynamically loaded with dlopen() (heck!)
@ -974,7 +1060,7 @@ Mon Apr 27 14:50:36 UTC 2020 - Franck Bui <fbui@suse.com>
------------------------------------------------------------------- -------------------------------------------------------------------
Mon Apr 27 14:33:35 UTC 2020 - Franck Bui <fbui@suse.com> Mon Apr 27 14:33:35 UTC 2020 - Franck Bui <fbui@suse.com>
- Drop most of the tmpfiles that deal with generic paths (bsc#1078466) - Drop most of the tmpfiles that deal with generic paths (bsc#1078466 bsc#1181831)
They are problematic because some of them conflict with SUSE They are problematic because some of them conflict with SUSE
defaults. Therefore it seems better to let the revelant packages defaults. Therefore it seems better to let the revelant packages

View File

@ -26,7 +26,7 @@
##### WARNING: please do not edit this auto generated spec file. Use the systemd.spec! ##### ##### WARNING: please do not edit this auto generated spec file. Use the systemd.spec! #####
%define mini -mini %define mini -mini
%define min_kernel_version 4.5 %define min_kernel_version 4.5
%define suse_version +suse.35.gec72db9ee0 %define suse_version +suse.39.g7a5801342f
%define _testsuitedir /usr/lib/systemd/tests %define _testsuitedir /usr/lib/systemd/tests
%bcond_with gnuefi %bcond_with gnuefi
@ -154,10 +154,12 @@ Conflicts: kiwi
Conflicts: sysvinit Conflicts: sysvinit
Conflicts: filesystem < 11.5 Conflicts: filesystem < 11.5
Conflicts: mkinitrd < 2.7.0 Conflicts: mkinitrd < 2.7.0
Obsoletes: systemd-analyze < 201 Provides: systemd-logger = %{version}-%{release}
Obsoletes: systemd-logger < %{version}-%{release}
Provides: systemd-analyze = %{version}-%{release} Provides: systemd-analyze = %{version}-%{release}
Obsoletes: pm-utils <= 1.4.1 Obsoletes: pm-utils <= 1.4.1
Obsoletes: suspend <= 1.0 Obsoletes: suspend <= 1.0
Obsoletes: systemd-analyze < 201
Source0: systemd-v%{version}%{suse_version}.tar.xz Source0: systemd-v%{version}%{suse_version}.tar.xz
Source1: %{name}-rpmlintrc Source1: %{name}-rpmlintrc
Source2: systemd-user Source2: systemd-user
@ -236,7 +238,7 @@ Summary: System V init tools
License: LGPL-2.1-or-later License: LGPL-2.1-or-later
Requires: %{name} = %{version}-%{release} Requires: %{name} = %{version}-%{release}
Provides: sbin_init Provides: sbin_init
Conflicts: otherproviders(sbin_init) Conflicts: sbin_init
Provides: systemd-sysvinit = %{version}-%{release} Provides: systemd-sysvinit = %{version}-%{release}
Provides: sysvinit:/sbin/init Provides: sysvinit:/sbin/init
@ -398,21 +400,9 @@ More information can be found online:
http://0pointer.net/blog/walkthrough-for-portable-services.html http://0pointer.net/blog/walkthrough-for-portable-services.html
https://systemd.io/PORTABLE_SERVICES https://systemd.io/PORTABLE_SERVICES
%endif %endif
%if ! 0%{?bootstrap} %if ! 0%{?bootstrap}
%package logger
Summary: Journal only logging
License: LGPL-2.1-or-later
Provides: syslog
Provides: sysvinit(syslog)
Requires(post): /usr/bin/systemctl
Conflicts: otherproviders(syslog)
%description logger
This package marks the installation to not use syslog but only the journal.
%package -n nss-systemd %package -n nss-systemd
Summary: Plugin for local virtual host name resolution Summary: Plugin for local virtual host name resolution
License: LGPL-2.1-or-later License: LGPL-2.1-or-later
@ -511,13 +501,13 @@ Requires: libqrencode4 pkgconfig(libqrencode)
%endif %endif
Requires: %{name} = %{version}-%{release} Requires: %{name} = %{version}-%{release}
Requires: attr Requires: attr
Requires: binutils
Requires: busybox-static Requires: busybox-static
Requires: cryptsetup Requires: cryptsetup
Requires: dhcp-client
Requires: dosfstools Requires: dosfstools
Requires: libcap-progs Requires: libcap-progs
Requires: lz4 Requires: lz4
Requires: net-tools-deprecated Requires: netcat
Requires: qemu-kvm Requires: qemu-kvm
Requires: quota Requires: quota
Requires: socat Requires: socat
@ -621,14 +611,15 @@ Have fun with these services at your own risk.
-Dsplit-bin=true \ -Dsplit-bin=true \
-Dsystem-uid-max=499 \ -Dsystem-uid-max=499 \
-Dsystem-gid-max=499 \ -Dsystem-gid-max=499 \
-Dpamconfdir=%{_distconfdir}/pam.d \ -Dpamconfdir=%{_pam_vendordir} \
-Dpamlibdir=%{_pamdir} \ -Dpamlibdir=%{_pam_moduledir} \
-Dxinitrcdir=%{_distconfdir}/X11/xinit/xinitrc.d \ -Dxinitrcdir=%{_distconfdir}/X11/xinit/xinitrc.d \
-Drpmmacrosdir=no \ -Drpmmacrosdir=no \
-Dcertificate-root=%{_sysconfdir}/pki/systemd \ -Dcertificate-root=%{_sysconfdir}/pki/systemd \
-Ddefault-hierarchy=unified \ -Ddefault-hierarchy=unified \
-Ddefault-kill-user-processes=false \ -Ddefault-kill-user-processes=false \
-Drc-local=/etc/init.d/boot.local \ -Drc-local=/etc/init.d/boot.local \
-Dcreate-log-dirs=false \
-Dbump-proc-sys-fs-nr-open=false \ -Dbump-proc-sys-fs-nr-open=false \
-Ddebug-shell=/bin/bash \ -Ddebug-shell=/bin/bash \
-Dseccomp=auto \ -Dseccomp=auto \
@ -752,7 +743,7 @@ rm -rf %{buildroot}/etc/systemd/system/*.target.{requires,wants}
rm -f %{buildroot}/etc/systemd/system/default.target rm -f %{buildroot}/etc/systemd/system/default.target
# Replace upstream systemd-user with the openSUSE one. # Replace upstream systemd-user with the openSUSE one.
install -m0644 %{S:2} %{buildroot}%{_distconfdir}/pam.d install -m0644 %{S:2} %{buildroot}%{_pam_vendordir}
# don't enable wall ask password service, it spams every console (bnc#747783) # don't enable wall ask password service, it spams every console (bnc#747783)
rm %{buildroot}%{_unitdir}/multi-user.target.wants/systemd-ask-password-wall.path rm %{buildroot}%{_unitdir}/multi-user.target.wants/systemd-ask-password-wall.path
@ -782,10 +773,6 @@ rm -f %{buildroot}%{_sysusersdir}/basic.conf
# in this directory... oh well. # in this directory... oh well.
rm -f %{buildroot}/etc/init.d/README rm -f %{buildroot}/etc/init.d/README
# Create the /var/log/journal directory to change the volatile journal
# to a persistent one
mkdir -p %{buildroot}%{_localstatedir}/log/journal/
# This dir must be owned (and thus created) by systemd otherwise the # This dir must be owned (and thus created) by systemd otherwise the
# build system will complain. This is odd since we simply own a ghost # build system will complain. This is odd since we simply own a ghost
# file in it... # file in it...
@ -898,6 +885,7 @@ rm -f %{buildroot}%{_unitdir}/sockets.target.wants/systemd-journald-audit.socket
%if %{with testsuite} %if %{with testsuite}
cp -a test %{buildroot}%{_testsuitedir}/ cp -a test %{buildroot}%{_testsuitedir}/
find %{buildroot}%{_testsuitedir}/ -name .git\* -exec rm -fr {} \;
%endif %endif
%if ! 0%{?bootstrap} %if ! 0%{?bootstrap}
@ -905,7 +893,7 @@ cp -a test %{buildroot}%{_testsuitedir}/
%endif %endif
# Build of installation images uses a hard coded list of packages with # Build of installation images uses a hard coded list of packages with
# a %pre that needs to be run during the build. systemd is one of them # a %%pre that needs to be run during the build. systemd is one of them
# so keep the section even if it's empty. # so keep the section even if it's empty.
%pre %pre
: :
@ -934,7 +922,7 @@ pam-config --add --systemd || :
%endif %endif
# systemd-sysusers is not available in %pre so this needs to be done # systemd-sysusers is not available in %pre so this needs to be done
# in %post. However this shouldn't be an issue since all files the # in %%post. However this shouldn't be an issue since all files the
# main package ships are owned by root. # main package ships are owned by root.
%sysusers_create systemd.conf %sysusers_create systemd.conf
@ -959,6 +947,11 @@ systemctl daemon-reexec || :
# #
# systemctl kill --kill-who=main --signal=SIGRTMIN+25 "user@*.service" || : # systemctl kill --kill-who=main --signal=SIGRTMIN+25 "user@*.service" || :
if [ "$1" -eq 1 ]; then
# Persistent journal is the default
mkdir -p %{_localstatedir}/log/journal
fi
%journal_catalog_update %journal_catalog_update
%tmpfiles_create %tmpfiles_create
@ -1102,13 +1095,6 @@ fi
%endif %endif
%if ! 0%{?bootstrap} %if ! 0%{?bootstrap}
%post logger
%tmpfiles_create -- --prefix=%{_localstatedir}/log/journal/
if [ "$1" -eq 1 ]; then
# tell journal to start logging on disk if directory didn't exist before
systemctl --no-block restart systemd-journal-flush.service >/dev/null || :
fi
%post -n nss-myhostname -p /sbin/ldconfig %post -n nss-myhostname -p /sbin/ldconfig
%postun -n nss-myhostname -p /sbin/ldconfig %postun -n nss-myhostname -p /sbin/ldconfig
@ -1226,8 +1212,6 @@ fi
%service_del_postun systemd-homed.service %service_del_postun systemd-homed.service
%endif %endif
%clean
%files %files
%defattr(-,root,root) %defattr(-,root,root)
%license LICENSE* %license LICENSE*
@ -1379,7 +1363,7 @@ fi
%dir %{_prefix}/lib/systemd/system-shutdown/ %dir %{_prefix}/lib/systemd/system-shutdown/
%dir %{_prefix}/lib/systemd/system-sleep/ %dir %{_prefix}/lib/systemd/system-sleep/
%{_pamdir}/pam_systemd.so %{_pam_moduledir}/pam_systemd.so
%if %{with gnuefi} %if %{with gnuefi}
%dir %{_prefix}/lib/systemd/boot %dir %{_prefix}/lib/systemd/boot
@ -1421,7 +1405,7 @@ fi
%dir %{_distconfdir}/X11/xinit/xinitrc.d %dir %{_distconfdir}/X11/xinit/xinitrc.d
%{_distconfdir}/X11/xinit/xinitrc.d/50-systemd-user.sh %{_distconfdir}/X11/xinit/xinitrc.d/50-systemd-user.sh
%{_distconfdir}/pam.d/systemd-user %{_pam_vendordir}/systemd-user
%config(noreplace) %{_sysconfdir}/systemd/journald.conf %config(noreplace) %{_sysconfdir}/systemd/journald.conf
%config(noreplace) %{_sysconfdir}/systemd/logind.conf %config(noreplace) %{_sysconfdir}/systemd/logind.conf
@ -1558,7 +1542,6 @@ fi
%defattr(-,root,root,-) %defattr(-,root,root,-)
%dir %{_docdir}/systemd %dir %{_docdir}/systemd
%{_docdir}/systemd/html %{_docdir}/systemd/html
# /bootstrap # /bootstrap
%endif %endif
@ -1734,12 +1717,6 @@ fi
%if ! 0%{?bootstrap} %if ! 0%{?bootstrap}
%files lang -f systemd.lang %files lang -f systemd.lang
%files logger
%defattr(-,root,root)
# package without explicit setgid bit / attrs (see bsc#1172550)
%dir %{_localstatedir}/log/journal/
%doc %{_localstatedir}/log/README
%files -n nss-myhostname %files -n nss-myhostname
%defattr(-, root, root) %defattr(-, root, root)
%{_libdir}/*nss_myhostname* %{_libdir}/*nss_myhostname*
@ -1808,6 +1785,7 @@ fi
%{_unitdir}/systemd-networkd.service %{_unitdir}/systemd-networkd.service
%{_unitdir}/systemd-networkd.socket %{_unitdir}/systemd-networkd.socket
%{_unitdir}/systemd-networkd-wait-online.service %{_unitdir}/systemd-networkd-wait-online.service
# Some files created at runtime
%endif %endif
%if %{with resolved} %if %{with resolved}
%{_bindir}/resolvectl %{_bindir}/resolvectl
@ -1869,7 +1847,7 @@ fi
%{_prefix}/lib/systemd/systemd-homework %{_prefix}/lib/systemd/systemd-homework
%{_unitdir}/systemd-homed.service %{_unitdir}/systemd-homed.service
%{_unitdir}/systemd-homed-activate.service %{_unitdir}/systemd-homed-activate.service
%{_pamdir}/pam_systemd_home.so %{_pam_moduledir}/pam_systemd_home.so
%{_datadir}/dbus-1/system-services/org.freedesktop.home1.service %{_datadir}/dbus-1/system-services/org.freedesktop.home1.service
%{_datadir}/dbus-1/system.d/org.freedesktop.home1.conf %{_datadir}/dbus-1/system.d/org.freedesktop.home1.conf
%{_datadir}/polkit-1/actions/org.freedesktop.home1.policy %{_datadir}/polkit-1/actions/org.freedesktop.home1.policy

View File

@ -1,32 +1,11 @@
addFilter("invalid-pkgconfig-file") addFilter(".*filelist-forbidden-systemd-userdirs /etc/systemd/.*\.conf")
addFilter(".*dangling-symlink /sbin/(halt|init|poweroff|telinit|shutdown|runlevel|reboot).*")
addFilter(".*dangling-symlink .* /dev/null.*")
addFilter(".*files-duplicate .*/reboot\.8.*")
addFilter(".*files-duplicate .*/sd_is_socket\.3.*")
addFilter("non-conffile-in-etc /etc/bash_completion.d/systemd-bash-completion\.sh")
addFilter("non-conffile-in-etc /etc/rpm/macros\.systemd")
addFilter(".*dbus-policy-allow-receive") addFilter(".*dbus-policy-allow-receive")
addFilter(".*dangling-symlink /lib/udev/devices/std(in|out|err).*")
addFilter(".*dangling-symlink /lib/udev/devices/core.*")
addFilter(".*dangling-symlink /lib/udev/devices/fd.*")
addFilter(".*incoherent-init-script-name boot\.udev.*")
addFilter(".init-script-without-%stop_on_removal-preun /etc/init\.d/boot\.udev")
addFilter(".init-script-without-%restart_on_update-postun /etc/init\.d/boot\.udev")
addFilter(".*devel-file-in-non-devel-package.*udev.pc.*") addFilter(".*devel-file-in-non-devel-package.*udev.pc.*")
addFilter(".*libgudev-.*shlib-fixed-dependency.*")
addFilter(".*suse-filelist-forbidden-systemd-userdirs.*")
addFilter("libudev-mini.*shlib-policy-name-error.*")
addFilter("nss-systemd.*shlib-policy-name-error.*")
addFilter("nss-myhostname.*shlib-policy-name-error.*")
addFilter("nss-mymachines.*shlib-policy-name-error.*")
addFilter("nss-resolve.*shlib-policy-name-error.*")
addFilter("systemd-logger.*useless-provides sysvinit(syslog).*")
addFilter("devel-file-in-non-devel-package.*/usr/share/pkgconfig/(udev|systemd)\.pc.*") addFilter("devel-file-in-non-devel-package.*/usr/share/pkgconfig/(udev|systemd)\.pc.*")
addFilter(".*script-without-shebang.*/usr/lib/udev/rule_generator.functions.*")
addFilter(".*files-duplicate.*/systemd-logger.*")
addFilter(".*missing-call-to-setgroups-before-setuid.*") addFilter(".*missing-call-to-setgroups-before-setuid.*")
addFilter(".*missing-call-to-chdir-with-chroot.*")
addFilter(".*systemd-service-without-service.*") addFilter(".*systemd-service-without-service.*")
addFilter(".*shlib-policy-missing-suffix.*")
addFilter(".*suse-missing-rclink.*")
addFilter("env-script-interpreter") addFilter("env-script-interpreter")
addFilter(".*files-duplicate /usr/lib/systemd/.*")
addFilter(".*files-duplicated-waste.*")
addFilter(".*explicit-lib-dependency .*")
addFilter(".*tmpfile-not-in-filelist .*")

View File

@ -1,3 +0,0 @@
version https://git-lfs.github.com/spec/v1
oid sha256:d581f2ec411b41826c395147fe9a040b0e916de7fdeeaae0681f43be8b92bb82
size 7266280

View File

@ -0,0 +1,3 @@
version https://git-lfs.github.com/spec/v1
oid sha256:253802820cf7090eb06e26f5dc23dfd9dfd967fc20b8c85350ea4856fe99442d
size 7266304

View File

@ -1,3 +1,80 @@
-------------------------------------------------------------------
Wed Sep 29 10:04:38 UTC 2021 - Franck Bui <fbui@suse.com>
- Work around rpmlint complaining about /var/log/journal shipped with setgid bit
This setgid bit has been already reviewed in the past and wasn't a
concern. However we want the mode/ownership adjusted by tmpfiles and
avoid the duplication of these info in rpm.
- Don't ghost own any directories created dynamically by tmpfiles
Again rpmlint complains but it doesn't seem to make sense to try to
track all paths (including theirs perms, ownerships...) created
dynamically. And 'rpm -V' is likely to report issues later with
these paths anyway.
This effectively partially reverts the two previous commits.
-------------------------------------------------------------------
Fri Sep 24 12:56:31 UTC 2021 - Franck Bui <fbui@suse.com>
- Make sure the build process won't create /var/log/journal
- /var/log/journal/remote is owned by systemd-journal-remote
-------------------------------------------------------------------
Fri Sep 24 09:28:38 UTC 2021 - Franck Bui <fbui@suse.com>
- systemd.spec: fix a bunch of rpmlint errors/warnings
-------------------------------------------------------------------
Fri Sep 24 07:27:58 UTC 2021 - Franck Bui <fbui@suse.com>
- Drop systemd-logger
This sub package was introduced in order to configure persistent
journal and also to make sure that another syslog provider (such as
rsyslog) couldn't be installed at the same time: each syslog
provider conflicts with each others.
However this mechanism didn't work since uninstalling systemd-logger
wasn't magically turning off persistent logging because
/var/log/journal is likely to be populated hence not removed.
Moreover using a subpackage to configure the mode of journald was
overkill and the usual ways (main conf file or drop-ins) should be
preferred.
-------------------------------------------------------------------
Wed Sep 22 13:41:34 UTC 2021 - Franck Bui <fbui@suse.com>
- Import commit 7a5801342fe2f53e5c2a8578d6db132c0eca2d97
8d65ec4a66 test: wc is needed by test/units/testsuite-50.sh
1527bcc5dd test: make the installation of the debug tools optional in the image
f4e6bf0b37 journalctl: never fail at flushing when the flushed flag is set (bsc#1188588)
-------------------------------------------------------------------
Wed Sep 22 13:25:26 UTC 2021 - Franck Bui <fbui@suse.com>
- Update the dependencies of the testsuite package
The debug tools are optional thus no more required.
OTOH strip(1) is needed when building the test image and nc(1) is
needed by some tests.
-------------------------------------------------------------------
Fri Sep 10 13:30:14 UTC 2021 - Franck Bui <fbui@suse.com>
- Drop git internal files from the testsuite sub-package
-------------------------------------------------------------------
Fri Sep 10 09:51:06 UTC 2021 - Franck Bui <fbui@suse.com>
- Adjust pam macros
------------------------------------------------------------------- -------------------------------------------------------------------
Wed Sep 8 17:01:58 UTC 2021 - Franck Bui <fbui@suse.com> Wed Sep 8 17:01:58 UTC 2021 - Franck Bui <fbui@suse.com>
@ -69,6 +146,10 @@ Mon Aug 2 12:54:44 UTC 2021 - Franck Bui <fbui@suse.com>
See https://github.com/openSUSE/systemd/blob/SUSE/v249/NEWS for See https://github.com/openSUSE/systemd/blob/SUSE/v249/NEWS for
details. details.
This includes the following bug fixes:
- upstream commit 6fb61918ccdd0610b425d5b0e5417751f8f8f783 (bsc#1182870)
- Rebased 0002-rc-local-fix-ordering-startup-for-etc-init.d-boot.lo.patch - Rebased 0002-rc-local-fix-ordering-startup-for-etc-init.d-boot.lo.patch
0012-resolved-create-etc-resolv.conf-symlink-at-runtime.patch 0012-resolved-create-etc-resolv.conf-symlink-at-runtime.patch
@ -310,6 +391,11 @@ Mon Apr 26 16:25:38 UTC 2021 - Franck Bui <fbui@suse.com>
See https://github.com/openSUSE/systemd/blob/SUSE/v248/NEWS for See https://github.com/openSUSE/systemd/blob/SUSE/v248/NEWS for
details. details.
This includes the following bug fixes:
- upstream commit 4327574fc1093513badc2177f71cede2fc88c13c (bsc#1166028)
- upstream commit 3573e032f26724949e86626eace058d006b8bf70 (bsc#1186411)
- A couple runtime dependencies on libraries are now tracked - A couple runtime dependencies on libraries are now tracked
manually (with Recommends:) due to the fact that some symbols of manually (with Recommends:) due to the fact that some symbols of
these libs are dynamically loaded with dlopen() (heck!) these libs are dynamically loaded with dlopen() (heck!)
@ -974,7 +1060,7 @@ Mon Apr 27 14:50:36 UTC 2020 - Franck Bui <fbui@suse.com>
------------------------------------------------------------------- -------------------------------------------------------------------
Mon Apr 27 14:33:35 UTC 2020 - Franck Bui <fbui@suse.com> Mon Apr 27 14:33:35 UTC 2020 - Franck Bui <fbui@suse.com>
- Drop most of the tmpfiles that deal with generic paths (bsc#1078466) - Drop most of the tmpfiles that deal with generic paths (bsc#1078466 bsc#1181831)
They are problematic because some of them conflict with SUSE They are problematic because some of them conflict with SUSE
defaults. Therefore it seems better to let the revelant packages defaults. Therefore it seems better to let the revelant packages

View File

@ -24,7 +24,7 @@
%define bootstrap 0 %define bootstrap 0
%define mini %nil %define mini %nil
%define min_kernel_version 4.5 %define min_kernel_version 4.5
%define suse_version +suse.35.gec72db9ee0 %define suse_version +suse.39.g7a5801342f
%define _testsuitedir /usr/lib/systemd/tests %define _testsuitedir /usr/lib/systemd/tests
%bcond_with gnuefi %bcond_with gnuefi
@ -152,10 +152,12 @@ Conflicts: kiwi
Conflicts: sysvinit Conflicts: sysvinit
Conflicts: filesystem < 11.5 Conflicts: filesystem < 11.5
Conflicts: mkinitrd < 2.7.0 Conflicts: mkinitrd < 2.7.0
Obsoletes: systemd-analyze < 201 Provides: systemd-logger = %{version}-%{release}
Obsoletes: systemd-logger < %{version}-%{release}
Provides: systemd-analyze = %{version}-%{release} Provides: systemd-analyze = %{version}-%{release}
Obsoletes: pm-utils <= 1.4.1 Obsoletes: pm-utils <= 1.4.1
Obsoletes: suspend <= 1.0 Obsoletes: suspend <= 1.0
Obsoletes: systemd-analyze < 201
Source0: systemd-v%{version}%{suse_version}.tar.xz Source0: systemd-v%{version}%{suse_version}.tar.xz
Source1: %{name}-rpmlintrc Source1: %{name}-rpmlintrc
Source2: systemd-user Source2: systemd-user
@ -234,7 +236,7 @@ Summary: System V init tools
License: LGPL-2.1-or-later License: LGPL-2.1-or-later
Requires: %{name} = %{version}-%{release} Requires: %{name} = %{version}-%{release}
Provides: sbin_init Provides: sbin_init
Conflicts: otherproviders(sbin_init) Conflicts: sbin_init
Provides: systemd-sysvinit = %{version}-%{release} Provides: systemd-sysvinit = %{version}-%{release}
Provides: sysvinit:/sbin/init Provides: sysvinit:/sbin/init
@ -396,21 +398,9 @@ More information can be found online:
http://0pointer.net/blog/walkthrough-for-portable-services.html http://0pointer.net/blog/walkthrough-for-portable-services.html
https://systemd.io/PORTABLE_SERVICES https://systemd.io/PORTABLE_SERVICES
%endif %endif
%if ! 0%{?bootstrap} %if ! 0%{?bootstrap}
%package logger
Summary: Journal only logging
License: LGPL-2.1-or-later
Provides: syslog
Provides: sysvinit(syslog)
Requires(post): /usr/bin/systemctl
Conflicts: otherproviders(syslog)
%description logger
This package marks the installation to not use syslog but only the journal.
%package -n nss-systemd %package -n nss-systemd
Summary: Plugin for local virtual host name resolution Summary: Plugin for local virtual host name resolution
License: LGPL-2.1-or-later License: LGPL-2.1-or-later
@ -509,13 +499,13 @@ Requires: libqrencode4 pkgconfig(libqrencode)
%endif %endif
Requires: %{name} = %{version}-%{release} Requires: %{name} = %{version}-%{release}
Requires: attr Requires: attr
Requires: binutils
Requires: busybox-static Requires: busybox-static
Requires: cryptsetup Requires: cryptsetup
Requires: dhcp-client
Requires: dosfstools Requires: dosfstools
Requires: libcap-progs Requires: libcap-progs
Requires: lz4 Requires: lz4
Requires: net-tools-deprecated Requires: netcat
Requires: qemu-kvm Requires: qemu-kvm
Requires: quota Requires: quota
Requires: socat Requires: socat
@ -619,14 +609,15 @@ Have fun with these services at your own risk.
-Dsplit-bin=true \ -Dsplit-bin=true \
-Dsystem-uid-max=499 \ -Dsystem-uid-max=499 \
-Dsystem-gid-max=499 \ -Dsystem-gid-max=499 \
-Dpamconfdir=%{_distconfdir}/pam.d \ -Dpamconfdir=%{_pam_vendordir} \
-Dpamlibdir=%{_pamdir} \ -Dpamlibdir=%{_pam_moduledir} \
-Dxinitrcdir=%{_distconfdir}/X11/xinit/xinitrc.d \ -Dxinitrcdir=%{_distconfdir}/X11/xinit/xinitrc.d \
-Drpmmacrosdir=no \ -Drpmmacrosdir=no \
-Dcertificate-root=%{_sysconfdir}/pki/systemd \ -Dcertificate-root=%{_sysconfdir}/pki/systemd \
-Ddefault-hierarchy=unified \ -Ddefault-hierarchy=unified \
-Ddefault-kill-user-processes=false \ -Ddefault-kill-user-processes=false \
-Drc-local=/etc/init.d/boot.local \ -Drc-local=/etc/init.d/boot.local \
-Dcreate-log-dirs=false \
-Dbump-proc-sys-fs-nr-open=false \ -Dbump-proc-sys-fs-nr-open=false \
-Ddebug-shell=/bin/bash \ -Ddebug-shell=/bin/bash \
-Dseccomp=auto \ -Dseccomp=auto \
@ -750,7 +741,7 @@ rm -rf %{buildroot}/etc/systemd/system/*.target.{requires,wants}
rm -f %{buildroot}/etc/systemd/system/default.target rm -f %{buildroot}/etc/systemd/system/default.target
# Replace upstream systemd-user with the openSUSE one. # Replace upstream systemd-user with the openSUSE one.
install -m0644 %{S:2} %{buildroot}%{_distconfdir}/pam.d install -m0644 %{S:2} %{buildroot}%{_pam_vendordir}
# don't enable wall ask password service, it spams every console (bnc#747783) # don't enable wall ask password service, it spams every console (bnc#747783)
rm %{buildroot}%{_unitdir}/multi-user.target.wants/systemd-ask-password-wall.path rm %{buildroot}%{_unitdir}/multi-user.target.wants/systemd-ask-password-wall.path
@ -780,10 +771,6 @@ rm -f %{buildroot}%{_sysusersdir}/basic.conf
# in this directory... oh well. # in this directory... oh well.
rm -f %{buildroot}/etc/init.d/README rm -f %{buildroot}/etc/init.d/README
# Create the /var/log/journal directory to change the volatile journal
# to a persistent one
mkdir -p %{buildroot}%{_localstatedir}/log/journal/
# This dir must be owned (and thus created) by systemd otherwise the # This dir must be owned (and thus created) by systemd otherwise the
# build system will complain. This is odd since we simply own a ghost # build system will complain. This is odd since we simply own a ghost
# file in it... # file in it...
@ -896,6 +883,7 @@ rm -f %{buildroot}%{_unitdir}/sockets.target.wants/systemd-journald-audit.socket
%if %{with testsuite} %if %{with testsuite}
cp -a test %{buildroot}%{_testsuitedir}/ cp -a test %{buildroot}%{_testsuitedir}/
find %{buildroot}%{_testsuitedir}/ -name .git\* -exec rm -fr {} \;
%endif %endif
%if ! 0%{?bootstrap} %if ! 0%{?bootstrap}
@ -903,7 +891,7 @@ cp -a test %{buildroot}%{_testsuitedir}/
%endif %endif
# Build of installation images uses a hard coded list of packages with # Build of installation images uses a hard coded list of packages with
# a %pre that needs to be run during the build. systemd is one of them # a %%pre that needs to be run during the build. systemd is one of them
# so keep the section even if it's empty. # so keep the section even if it's empty.
%pre %pre
: :
@ -932,7 +920,7 @@ pam-config --add --systemd || :
%endif %endif
# systemd-sysusers is not available in %pre so this needs to be done # systemd-sysusers is not available in %pre so this needs to be done
# in %post. However this shouldn't be an issue since all files the # in %%post. However this shouldn't be an issue since all files the
# main package ships are owned by root. # main package ships are owned by root.
%sysusers_create systemd.conf %sysusers_create systemd.conf
@ -957,6 +945,11 @@ systemctl daemon-reexec || :
# #
# systemctl kill --kill-who=main --signal=SIGRTMIN+25 "user@*.service" || : # systemctl kill --kill-who=main --signal=SIGRTMIN+25 "user@*.service" || :
if [ "$1" -eq 1 ]; then
# Persistent journal is the default
mkdir -p %{_localstatedir}/log/journal
fi
%journal_catalog_update %journal_catalog_update
%tmpfiles_create %tmpfiles_create
@ -1100,13 +1093,6 @@ fi
%endif %endif
%if ! 0%{?bootstrap} %if ! 0%{?bootstrap}
%post logger
%tmpfiles_create -- --prefix=%{_localstatedir}/log/journal/
if [ "$1" -eq 1 ]; then
# tell journal to start logging on disk if directory didn't exist before
systemctl --no-block restart systemd-journal-flush.service >/dev/null || :
fi
%post -n nss-myhostname -p /sbin/ldconfig %post -n nss-myhostname -p /sbin/ldconfig
%postun -n nss-myhostname -p /sbin/ldconfig %postun -n nss-myhostname -p /sbin/ldconfig
@ -1224,8 +1210,6 @@ fi
%service_del_postun systemd-homed.service %service_del_postun systemd-homed.service
%endif %endif
%clean
%files %files
%defattr(-,root,root) %defattr(-,root,root)
%license LICENSE* %license LICENSE*
@ -1377,7 +1361,7 @@ fi
%dir %{_prefix}/lib/systemd/system-shutdown/ %dir %{_prefix}/lib/systemd/system-shutdown/
%dir %{_prefix}/lib/systemd/system-sleep/ %dir %{_prefix}/lib/systemd/system-sleep/
%{_pamdir}/pam_systemd.so %{_pam_moduledir}/pam_systemd.so
%if %{with gnuefi} %if %{with gnuefi}
%dir %{_prefix}/lib/systemd/boot %dir %{_prefix}/lib/systemd/boot
@ -1419,7 +1403,7 @@ fi
%dir %{_distconfdir}/X11/xinit/xinitrc.d %dir %{_distconfdir}/X11/xinit/xinitrc.d
%{_distconfdir}/X11/xinit/xinitrc.d/50-systemd-user.sh %{_distconfdir}/X11/xinit/xinitrc.d/50-systemd-user.sh
%{_distconfdir}/pam.d/systemd-user %{_pam_vendordir}/systemd-user
%config(noreplace) %{_sysconfdir}/systemd/journald.conf %config(noreplace) %{_sysconfdir}/systemd/journald.conf
%config(noreplace) %{_sysconfdir}/systemd/logind.conf %config(noreplace) %{_sysconfdir}/systemd/logind.conf
@ -1556,7 +1540,6 @@ fi
%defattr(-,root,root,-) %defattr(-,root,root,-)
%dir %{_docdir}/systemd %dir %{_docdir}/systemd
%{_docdir}/systemd/html %{_docdir}/systemd/html
# /bootstrap # /bootstrap
%endif %endif
@ -1732,12 +1715,6 @@ fi
%if ! 0%{?bootstrap} %if ! 0%{?bootstrap}
%files lang -f systemd.lang %files lang -f systemd.lang
%files logger
%defattr(-,root,root)
# package without explicit setgid bit / attrs (see bsc#1172550)
%dir %{_localstatedir}/log/journal/
%doc %{_localstatedir}/log/README
%files -n nss-myhostname %files -n nss-myhostname
%defattr(-, root, root) %defattr(-, root, root)
%{_libdir}/*nss_myhostname* %{_libdir}/*nss_myhostname*
@ -1806,6 +1783,7 @@ fi
%{_unitdir}/systemd-networkd.service %{_unitdir}/systemd-networkd.service
%{_unitdir}/systemd-networkd.socket %{_unitdir}/systemd-networkd.socket
%{_unitdir}/systemd-networkd-wait-online.service %{_unitdir}/systemd-networkd-wait-online.service
# Some files created at runtime
%endif %endif
%if %{with resolved} %if %{with resolved}
%{_bindir}/resolvectl %{_bindir}/resolvectl
@ -1867,7 +1845,7 @@ fi
%{_prefix}/lib/systemd/systemd-homework %{_prefix}/lib/systemd/systemd-homework
%{_unitdir}/systemd-homed.service %{_unitdir}/systemd-homed.service
%{_unitdir}/systemd-homed-activate.service %{_unitdir}/systemd-homed-activate.service
%{_pamdir}/pam_systemd_home.so %{_pam_moduledir}/pam_systemd_home.so
%{_datadir}/dbus-1/system-services/org.freedesktop.home1.service %{_datadir}/dbus-1/system-services/org.freedesktop.home1.service
%{_datadir}/dbus-1/system.d/org.freedesktop.home1.conf %{_datadir}/dbus-1/system.d/org.freedesktop.home1.conf
%{_datadir}/polkit-1/actions/org.freedesktop.home1.policy %{_datadir}/polkit-1/actions/org.freedesktop.home1.policy