From 41d9804ed9326f5b326b3b62e5715cc4d7f69ef79ce49940e3b1e8f5ea194740 Mon Sep 17 00:00:00 2001 From: Franck Bui Date: Mon, 20 Mar 2023 08:20:36 +0000 Subject: [PATCH 1/2] Accepting request 1073043 from home:aplanas:branches:Base:System - Enable that systemd can load the IMA policy from /etc/ima/ima-policy. This is used to complement dracut-ima when using SELinux, as the SELinux policy should not be loaded in the initrd (https://github.com/openSUSE/microos-tools/pull/14) OBS-URL: https://build.opensuse.org/request/show/1073043 OBS-URL: https://build.opensuse.org/package/show/Base:System/systemd?expand=0&rev=1360 --- systemd.changes | 8 ++++++++ systemd.spec | 2 +- 2 files changed, 9 insertions(+), 1 deletion(-) diff --git a/systemd.changes b/systemd.changes index 10d34da..5f65d11 100644 --- a/systemd.changes +++ b/systemd.changes @@ -1,3 +1,11 @@ +------------------------------------------------------------------- +Mon Mar 20 07:48:49 UTC 2023 - Alberto Planas Dominguez + +- Enable that systemd can load the IMA policy from + /etc/ima/ima-policy. This is used to complement dracut-ima when + using SELinux, as the SELinux policy should not be loaded in the + initrd (https://github.com/openSUSE/microos-tools/pull/14) + ------------------------------------------------------------------- Thu Mar 16 07:33:21 UTC 2023 - Franck Bui diff --git a/systemd.spec b/systemd.spec index a234cc1..121afe1 100644 --- a/systemd.spec +++ b/systemd.spec @@ -684,7 +684,6 @@ export CFLAGS="%{optflags} -U_FORTIFY_SOURCE -D_FORTIFY_SOURCE=2" \ -Dbump-proc-sys-fs-nr-open=false \ -Dgshadow=false \ - -Dima=false \ -Dldconfig=false \ -Dsmack=false \ \ @@ -695,6 +694,7 @@ export CFLAGS="%{optflags} -U_FORTIFY_SOURCE -D_FORTIFY_SOURCE=2" -Defi=%{when_not bootstrap} \ -Delfutils=%{when_not bootstrap} \ -Dhtml=%{when_not bootstrap} \ + -Dima=%{when_not bootstrap} \ -Dlibcryptsetup-plugins=%{when_not bootstrap} \ -Dman=%{when_not bootstrap} \ -Dnss-myhostname=%{when_not bootstrap} \ From 150b109953578bb598fabbaadfa20bf099cdfb30039b02a0b9d9499601bc2a84 Mon Sep 17 00:00:00 2001 From: Franck Bui Date: Mon, 20 Mar 2023 08:37:06 +0000 Subject: [PATCH 2/2] - Drop 0005-udev-create-default-symlinks-for-primary-cd_dvd-driv.patch These obsolete symlinks were kept because several years ago VLC was still relying on some of them. However it's been a long a time ago that it's been fixed and cdrom or similar devices are discovered in a better way. OBS-URL: https://build.opensuse.org/package/show/Base:System/systemd?expand=0&rev=1361 --- ...ult-symlinks-for-primary-cd_dvd-driv.patch | 29 ------------------- systemd.changes | 9 ++++++ systemd.spec | 1 - 3 files changed, 9 insertions(+), 30 deletions(-) delete mode 100644 0005-udev-create-default-symlinks-for-primary-cd_dvd-driv.patch diff --git a/0005-udev-create-default-symlinks-for-primary-cd_dvd-driv.patch b/0005-udev-create-default-symlinks-for-primary-cd_dvd-driv.patch deleted file mode 100644 index c8b7f70..0000000 --- a/0005-udev-create-default-symlinks-for-primary-cd_dvd-driv.patch +++ /dev/null @@ -1,29 +0,0 @@ -From ae4741127dc0ae575d13b8a7b201207da6167517 Mon Sep 17 00:00:00 2001 -From: Robert Milasan -Date: Sat, 12 Jul 2014 14:20:36 +0200 -Subject: [PATCH 05/11] udev: create default symlinks for primary cd_dvd drive - -Imported from SLE12-SP1, commit 4f8bacfbffd7049608b5076. - -[rmilasan: fixes bnc#783054] ---- - rules.d/60-cdrom_id.rules | 4 ++++ - 1 file changed, 4 insertions(+) - -diff --git a/rules.d/60-cdrom_id.rules b/rules.d/60-cdrom_id.rules -index 288f8ce2f9..578c77441c 100644 ---- a/rules.d/60-cdrom_id.rules -+++ b/rules.d/60-cdrom_id.rules -@@ -25,5 +25,9 @@ IMPORT{program}="cdrom_id --lock-media $devnode" - ENV{DISK_MEDIA_CHANGE}=="?*", ENV{ID_CDROM_MEDIA}!="?*", ENV{SYSTEMD_READY}="0" - - KERNEL=="sr0", SYMLINK+="cdrom", OPTIONS+="link_priority=-100" -+KERNEL=="sr0", ENV{ID_CDROM}=="1", SYMLINK+="cdrom", OPTIONS+="link_priority=-100" -+KERNEL=="sr0", ENV{ID_CDROM_CD_RW}=="1", SYMLINK+="cdrw", OPTIONS+="link_priority=-100" -+KERNEL=="sr0", ENV{ID_CDROM_DVD}=="1", SYMLINK+="dvd", OPTIONS+="link_priority=-100" -+KERNEL=="sr0", ENV{ID_CDROM_DVD_RW}=="1", SYMLINK+="dvdrw", OPTIONS+="link_priority=-100" - - LABEL="cdrom_end" --- -2.26.2 - diff --git a/systemd.changes b/systemd.changes index 5f65d11..c252e36 100644 --- a/systemd.changes +++ b/systemd.changes @@ -1,3 +1,12 @@ +------------------------------------------------------------------- +Mon Mar 20 08:32:49 UTC 2023 - Franck Bui + +- Drop 0005-udev-create-default-symlinks-for-primary-cd_dvd-driv.patch + + These obsolete symlinks were kept because several years ago VLC was still + relying on some of them. However it's been a long a time ago that it's been + fixed and cdrom or similar devices are discovered in a better way. + ------------------------------------------------------------------- Mon Mar 20 07:48:49 UTC 2023 - Alberto Planas Dominguez diff --git a/systemd.spec b/systemd.spec index 121afe1..216528e 100644 --- a/systemd.spec +++ b/systemd.spec @@ -200,7 +200,6 @@ Source207: files.experimental Patch1: 0001-restore-var-run-and-var-lock-bind-mount-if-they-aren.patch Patch2: 0002-rc-local-fix-ordering-startup-for-etc-init.d-boot.lo.patch Patch3: 0003-strip-the-domain-part-from-etc-hostname-when-setting.patch -Patch5: 0005-udev-create-default-symlinks-for-primary-cd_dvd-driv.patch %if %{with sysvcompat} Patch8: 0008-sysv-generator-translate-Required-Start-into-a-Wants.patch %endif