From f9383cc1b4a0d727fdb858dc5873d7b083845c52829532b319c1e509c6a75d10 Mon Sep 17 00:00:00 2001
From: Franck Bui <fbui@suse.com>
Date: Fri, 29 Sep 2023 06:37:16 +0000
Subject: [PATCH 1/7] document bsc#1215241 in systemd.changes

OBS-URL: https://build.opensuse.org/package/show/Base:System/systemd?expand=0&rev=1453
---
 systemd.changes | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/systemd.changes b/systemd.changes
index 19bb94c..450f080 100644
--- a/systemd.changes
+++ b/systemd.changes
@@ -589,6 +589,10 @@ Mon Mar  6 10:08:33 UTC 2023 - Franck Bui <fbui@suse.com>
 
   See https://github.com/openSUSE/systemd/blob/SUSE/v253/NEWS for details.
 
+  This includes the following bug fixes:
+
+    - upstream commit 3022916b4d2483452c3ddbbac9ee7c4372b1cb46 (bsc#1215241)
+
   * Rebased 0001-conf-parser-introduce-early-drop-ins.patch
 
   * Ship systemd-journald-audit.socket again: it can now be disabled via the

From 831f1bdbd46038332644decd92fe77c45f607a467ce72f0656105c331ef7a5c7 Mon Sep 17 00:00:00 2001
From: Franck Bui <fbui@suse.com>
Date: Wed, 4 Oct 2023 09:03:05 +0000
Subject: [PATCH 2/7] - Drop
 5000-core-manager-run-generators-directly-when-we-are-in-.patch   Since
 dracut-059+suse.447.g9d1fc722, this workaround is not needed anymore.

OBS-URL: https://build.opensuse.org/package/show/Base:System/systemd?expand=0&rev=1454
---
 ...-generators-directly-when-we-are-in-.patch | 34 -------------------
 systemd.changes                               |  7 ++++
 systemd.spec                                  |  1 -
 3 files changed, 7 insertions(+), 35 deletions(-)
 delete mode 100644 5000-core-manager-run-generators-directly-when-we-are-in-.patch

diff --git a/5000-core-manager-run-generators-directly-when-we-are-in-.patch b/5000-core-manager-run-generators-directly-when-we-are-in-.patch
deleted file mode 100644
index 20c0b68..0000000
--- a/5000-core-manager-run-generators-directly-when-we-are-in-.patch
+++ /dev/null
@@ -1,34 +0,0 @@
-From 9d0f728f65e6c3ad586e276c1ed3c2cd8cc944be Mon Sep 17 00:00:00 2001
-From: Yu Watanabe <watanabe.yu+github@gmail.com>
-Date: Mon, 20 Feb 2023 12:00:30 +0900
-Subject: [PATCH 5000/5000] core/manager: run generators directly when we are
- in initrd
-
-Some initrd system write files at ourside of /run, /etc, or other
-allowed places. This is a kind of workaround, but in most cases, such
-sandboxing is not necessary as the filesystem is on ramfs when we are in
-initrd.
-
-Fixes #26488.
----
- src/core/manager.c | 4 ++--
- 1 file changed, 2 insertions(+), 2 deletions(-)
-
-diff --git a/src/core/manager.c b/src/core/manager.c
-index 380a4e30d7..6135205761 100644
---- a/src/core/manager.c
-+++ b/src/core/manager.c
-@@ -3822,8 +3822,8 @@ static int manager_run_generators(Manager *m) {
-         /* If we are the system manager, we fork and invoke the generators in a sanitized mount namespace. If
-          * we are the user manager, let's just execute the generators directly. We might not have the
-          * necessary privileges, and the system manager has already mounted /tmp/ and everything else for us.
--         */
--        if (MANAGER_IS_USER(m)) {
-+         * If we are in initrd, let's also execute the generators directly, as we are in ramfs. */
-+        if (MANAGER_IS_USER(m) || in_initrd()) {
-                 r = manager_execute_generators(m, paths, /* remount_ro= */ false);
-                 goto finish;
-         }
--- 
-2.35.3
-
diff --git a/systemd.changes b/systemd.changes
index 450f080..51101b9 100644
--- a/systemd.changes
+++ b/systemd.changes
@@ -1,3 +1,10 @@
+-------------------------------------------------------------------
+Wed Oct  4 09:00:32 UTC 2023 - Franck Bui <fbui@suse.com>
+
+- Drop 5000-core-manager-run-generators-directly-when-we-are-in-.patch
+
+  Since dracut-059+suse.447.g9d1fc722, this workaround is not needed anymore.
+
 -------------------------------------------------------------------
 Wed Sep 27 13:14:12 UTC 2023 - Franck Bui <fbui@suse.com>
 
diff --git a/systemd.spec b/systemd.spec
index 1fda028..dd65ca2 100644
--- a/systemd.spec
+++ b/systemd.spec
@@ -206,7 +206,6 @@ Patch5:         0008-sysv-generator-translate-Required-Start-into-a-Wants.patch
 # very few cases, some stuff might be broken in upstream and need to be fixed or
 # worked around quickly. In these cases, the patches are added temporarily and
 # will be removed as soon as a proper fix will be merged by upstream.
-Patch5000:      5000-core-manager-run-generators-directly-when-we-are-in-.patch
 
 %description
 Systemd is a system and service manager, compatible with SysV and LSB

From 68c88b1954930ba886eb1e86400e0fb7e6c4073e4f806ca4be56997f5dcd39d8 Mon Sep 17 00:00:00 2001
From: Franck Bui <fbui@suse.com>
Date: Wed, 4 Oct 2023 10:36:20 +0000
Subject: [PATCH 3/7] Rename libudev-mini1 into libudev1-mini for consistency
 with libsystemd0-mini

OBS-URL: https://build.opensuse.org/package/show/Base:System/systemd?expand=0&rev=1455
---
 systemd.spec | 10 +++++-----
 1 file changed, 5 insertions(+), 5 deletions(-)

diff --git a/systemd.spec b/systemd.spec
index dd65ca2..fdf8a7d 100644
--- a/systemd.spec
+++ b/systemd.spec
@@ -221,7 +221,7 @@ drop-in replacement for sysvinit.
 Summary:        Development files for libsystemd and libudev
 License:        LGPL-2.1-or-later
 Requires:       libsystemd0%{?mini} = %{version}-%{release}
-Requires:       libudev%{?mini}1 = %{version}-%{release}
+Requires:       libudev1%{?mini} = %{version}-%{release}
 Requires:       systemd-rpm-macros
 Provides:       libudev%{?mini}-devel = %{version}-%{release}
 Obsoletes:      libudev%{?mini}-devel < %{version}-%{release}
@@ -350,7 +350,7 @@ mounted filesystem to full size of the underlying block device.
 
 This package shouldn't be necessary in containers.
 
-%package -n libudev%{?mini}1
+%package -n libudev1%{?mini}
 Summary:        Dynamic library to access udev device information
 License:        LGPL-2.1-or-later
 %if %{with bootstrap}
@@ -360,7 +360,7 @@ Provides:       libudev1 = %{version}-%{release}
 Requires:       this-is-only-for-build-envs
 %endif
 
-%description -n libudev%{?mini}1
+%description -n libudev1%{?mini}
 This package contains the dynamic library libudev, which provides
 access to udev device information
 
@@ -1130,7 +1130,7 @@ fi
 %regenerate_initrd_posttrans
 
 %ldconfig_scriptlets -n libsystemd0%{?mini}
-%ldconfig_scriptlets -n libudev%{?mini}1
+%ldconfig_scriptlets -n libudev1%{?mini}
 
 %if %{with machined}
 %pre container
@@ -1339,7 +1339,7 @@ fi
 %{_libdir}/libsystemd.so.0
 %{_libdir}/libsystemd.so.0.37.0
 
-%files -n libudev%{?mini}1
+%files -n libudev1%{?mini}
 %defattr(-,root,root)
 %license LICENSE.LGPL2.1
 %{_libdir}/libudev.so.1

From 7a1c765b75d5c94e935bb34e265e9735ee5c851a741c44f86273bdca6901925b Mon Sep 17 00:00:00 2001
From: Franck Bui <fbui@suse.com>
Date: Wed, 4 Oct 2023 14:25:23 +0000
Subject: [PATCH 4/7] systemd-rpmlintrc: don't consider NSS plugins as shared
 libs

OBS-URL: https://build.opensuse.org/package/show/Base:System/systemd?expand=0&rev=1456
---
 systemd-rpmlintrc | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/systemd-rpmlintrc b/systemd-rpmlintrc
index 717dd25..848c01e 100644
--- a/systemd-rpmlintrc
+++ b/systemd-rpmlintrc
@@ -12,3 +12,8 @@ addFilter(".*tmpfile-not-in-filelist .*")
 
 # shlib policy does not cover multibuilds
 addFilter("libsystemd0-mini\..*: E: shlib-policy-name-error SONAME: libsystemd.so.0.*")
+addFilter("libudev1-mini\..*: E: shlib-policy-name-error SONAME: libudev1")
+
+# These are NSS plugins and are not really subject to shlib policy.
+addFilter("systemd-container\..*: E: shlib-policy-name-error .* libnss_mymachines")
+addFilter("systemd-network\..*: E: shlib-policy-name-error .* libnss_resolve")

From 830ee8b2cce2a723430410af869423b04476e467e3c032a056609d3cf51a8cde Mon Sep 17 00:00:00 2001
From: Franck Bui <fbui@suse.com>
Date: Thu, 5 Oct 2023 06:41:50 +0000
Subject: [PATCH 5/7] fix rpmlint error due to the previous rename of libudev
 mini package

OBS-URL: https://build.opensuse.org/package/show/Base:System/systemd?expand=0&rev=1457
---
 systemd-rpmlintrc | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/systemd-rpmlintrc b/systemd-rpmlintrc
index 848c01e..6f07aeb 100644
--- a/systemd-rpmlintrc
+++ b/systemd-rpmlintrc
@@ -12,7 +12,7 @@ addFilter(".*tmpfile-not-in-filelist .*")
 
 # shlib policy does not cover multibuilds
 addFilter("libsystemd0-mini\..*: E: shlib-policy-name-error SONAME: libsystemd.so.0.*")
-addFilter("libudev1-mini\..*: E: shlib-policy-name-error SONAME: libudev1")
+addFilter("libudev.*-mini\..*: E: shlib-policy-name-error SONAME: libudev.*")
 
 # These are NSS plugins and are not really subject to shlib policy.
 addFilter("systemd-container\..*: E: shlib-policy-name-error .* libnss_mymachines")

From bafdf1f5d1d956f57b084b99e1960c8be28ab97624cee4deee8a61f9103a5175 Mon Sep 17 00:00:00 2001
From: Franck Bui <fbui@suse.com>
Date: Thu, 5 Oct 2023 09:08:59 +0000
Subject: [PATCH 6/7] Revert "Rename libudev-mini1 into libudev1-mini for
 consistency with libsystemd0-mini"

The name "libudev-mini1" is hardcoded in multiple OBS project configs.

OBS-URL: https://build.opensuse.org/package/show/Base:System/systemd?expand=0&rev=1458
---
 systemd.spec | 10 +++++-----
 1 file changed, 5 insertions(+), 5 deletions(-)

diff --git a/systemd.spec b/systemd.spec
index fdf8a7d..dd65ca2 100644
--- a/systemd.spec
+++ b/systemd.spec
@@ -221,7 +221,7 @@ drop-in replacement for sysvinit.
 Summary:        Development files for libsystemd and libudev
 License:        LGPL-2.1-or-later
 Requires:       libsystemd0%{?mini} = %{version}-%{release}
-Requires:       libudev1%{?mini} = %{version}-%{release}
+Requires:       libudev%{?mini}1 = %{version}-%{release}
 Requires:       systemd-rpm-macros
 Provides:       libudev%{?mini}-devel = %{version}-%{release}
 Obsoletes:      libudev%{?mini}-devel < %{version}-%{release}
@@ -350,7 +350,7 @@ mounted filesystem to full size of the underlying block device.
 
 This package shouldn't be necessary in containers.
 
-%package -n libudev1%{?mini}
+%package -n libudev%{?mini}1
 Summary:        Dynamic library to access udev device information
 License:        LGPL-2.1-or-later
 %if %{with bootstrap}
@@ -360,7 +360,7 @@ Provides:       libudev1 = %{version}-%{release}
 Requires:       this-is-only-for-build-envs
 %endif
 
-%description -n libudev1%{?mini}
+%description -n libudev%{?mini}1
 This package contains the dynamic library libudev, which provides
 access to udev device information
 
@@ -1130,7 +1130,7 @@ fi
 %regenerate_initrd_posttrans
 
 %ldconfig_scriptlets -n libsystemd0%{?mini}
-%ldconfig_scriptlets -n libudev1%{?mini}
+%ldconfig_scriptlets -n libudev%{?mini}1
 
 %if %{with machined}
 %pre container
@@ -1339,7 +1339,7 @@ fi
 %{_libdir}/libsystemd.so.0
 %{_libdir}/libsystemd.so.0.37.0
 
-%files -n libudev1%{?mini}
+%files -n libudev%{?mini}1
 %defattr(-,root,root)
 %license LICENSE.LGPL2.1
 %{_libdir}/libudev.so.1

From fe43e79acbd4a34c484d8c8611883b1667bc01002d77f34d22588dd9baf85b4b Mon Sep 17 00:00:00 2001
From: Franck Bui <fbui@suse.com>
Date: Thu, 5 Oct 2023 15:07:08 +0000
Subject: [PATCH 7/7] - rpmlintrc: allow systemd-network and systemd-container
 sub-packages to ship   shared libs. These are actually NSS plugins and are
 not really subject to   shlib policy.

OBS-URL: https://build.opensuse.org/package/show/Base:System/systemd?expand=0&rev=1459
---
 systemd.changes | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/systemd.changes b/systemd.changes
index 51101b9..2403066 100644
--- a/systemd.changes
+++ b/systemd.changes
@@ -1,3 +1,10 @@
+-------------------------------------------------------------------
+Thu Oct  5 15:04:50 UTC 2023 - Franck Bui <fbui@suse.com>
+
+- rpmlintrc: allow systemd-network and systemd-container sub-packages to ship
+  shared libs. These are actually NSS plugins and are not really subject to
+  shlib policy.
+
 -------------------------------------------------------------------
 Wed Oct  4 09:00:32 UTC 2023 - Franck Bui <fbui@suse.com>