diff --git a/files.systemd b/files.systemd index b919c2af..044ab793 100644 --- a/files.systemd +++ b/files.systemd @@ -27,18 +27,11 @@ %endif %dir %{_environmentdir} %dir %{_journalcatalogdir} -%if ! %{bootstrap} -%dir %{_libdir}/cryptsetup -%endif %dir %{_localstatedir}/lib/systemd %dir %{_localstatedir}/lib/systemd/catalog %dir %{_modprobedir} -%dir %{_modulesloaddir} -%dir %{_prefix}/lib/kernel -%dir %{_prefix}/lib/kernel/install.d %dir %{_sysconfdir}/X11/xorg.conf.d %dir %{_sysconfdir}/binfmt.d -%dir %{_sysconfdir}/modules-load.d %dir %{_sysconfdir}/sysctl.d %dir %{_sysconfdir}/systemd %dir %{_sysconfdir}/systemd/system @@ -49,10 +42,6 @@ %dir %{_systemd_system_env_generator_dir} %dir %{_systemd_user_env_generator_dir} %dir %{_systemd_util_dir} -%if %{with sd_boot} -%dir %{_systemd_util_dir}/boot -%dir %{_systemd_util_dir}/boot/efi -%endif %dir %{_systemd_util_dir}/ntp-units.d %dir %{_systemd_util_dir}/scripts %dir %{_systemd_util_dir}/system-preset @@ -97,18 +86,13 @@ %ghost %config(noreplace) %{_sysconfdir}/machine-info %ghost %config(noreplace) %{_sysconfdir}/vconsole.conf %ghost %dir %attr(2755, root, systemd-journal) %{_localstatedir}/log/journal -%ghost %{_localstatedir}/lib/systemd/backlight %ghost %{_localstatedir}/lib/systemd/catalog/database %ghost %{_localstatedir}/lib/systemd/i18n-migrated %license LICENSE.GPL2 %license LICENSE.LGPL2.1 -%if %{with sd_boot} -%{_bindir}/bootctl -%endif %{_bindir}/busctl %{_bindir}/hostnamectl %{_bindir}/journalctl -%{_bindir}/kernel-install %{_bindir}/localectl %{_bindir}/loginctl %{_bindir}/systemctl @@ -118,9 +102,6 @@ %{_bindir}/systemd-cgls %{_bindir}/systemd-cgtop %{_bindir}/systemd-creds -%if ! %{bootstrap} -%{_bindir}/systemd-cryptenroll -%endif %{_bindir}/systemd-delta %{_bindir}/systemd-detect-virt %{_bindir}/systemd-dissect @@ -142,14 +123,10 @@ %{_bindir}/systemd-umount %{_bindir}/timedatectl %if ! %{bootstrap} -%if %{with sd_boot} -%{_datadir}/bash-completion/completions/bootctl -%endif %{_datadir}/bash-completion/completions/busctl %{_datadir}/bash-completion/completions/coredumpctl %{_datadir}/bash-completion/completions/hostnamectl %{_datadir}/bash-completion/completions/journalctl -%{_datadir}/bash-completion/completions/kernel-install %{_datadir}/bash-completion/completions/localectl %{_datadir}/bash-completion/completions/loginctl %{_datadir}/bash-completion/completions/portablectl @@ -210,14 +187,10 @@ %{_datadir}/systemd/kbd-model-map %{_datadir}/systemd/language-fallback-map %if ! %{bootstrap} -%if %{with sd_boot} -%{_datadir}/zsh/site-functions/_bootctl -%endif %{_datadir}/zsh/site-functions/_busctl %{_datadir}/zsh/site-functions/_coredumpctl %{_datadir}/zsh/site-functions/_hostnamectl %{_datadir}/zsh/site-functions/_journalctl -%{_datadir}/zsh/site-functions/_kernel-install %{_datadir}/zsh/site-functions/_localectl %{_datadir}/zsh/site-functions/_loginctl %{_datadir}/zsh/site-functions/_sd_hosts_or_user_at_host @@ -247,14 +220,6 @@ %{_journalcatalogdir}/systemd.zh_CN.catalog %{_journalcatalogdir}/systemd.zh_TW.catalog %if ! 0%{bootstrap} -%{_libdir}/cryptsetup/libcryptsetup-token-systemd-fido2.so -%{_libdir}/cryptsetup/libcryptsetup-token-systemd-pkcs11.so -%{_libdir}/cryptsetup/libcryptsetup-token-systemd-tpm2.so -%endif -%if ! 0%{bootstrap} -%if %{with sd_boot} -%{_mandir}/man1/bootctl.1.gz -%endif %{_mandir}/man1/busctl.1.gz %{_mandir}/man1/hostnamectl.1.gz %{_mandir}/man1/init.1.gz @@ -268,7 +233,6 @@ %{_mandir}/man1/systemd-cgls.1.gz %{_mandir}/man1/systemd-cgtop.1.gz %{_mandir}/man1/systemd-creds.1.gz -%{_mandir}/man1/systemd-cryptenroll.1.gz %{_mandir}/man1/systemd-delta.1.gz %{_mandir}/man1/systemd-detect-virt.1.gz %{_mandir}/man1/systemd-dissect.1.gz @@ -289,26 +253,20 @@ %{_mandir}/man1/systemd.1.gz %{_mandir}/man1/timedatectl.1.gz %{_mandir}/man5/binfmt.d.5.gz -%{_mandir}/man5/crypttab.5.gz %{_mandir}/man5/dnssec-trust-anchors.d.5.gz %{_mandir}/man5/environment.d.5.gz %{_mandir}/man5/extension-release.5.gz %{_mandir}/man5/hostname.5.gz %{_mandir}/man5/initrd-release.5.gz -%{_mandir}/man5/integritytab.5.gz %{_mandir}/man5/journald.conf.5.gz %{_mandir}/man5/journald.conf.d.5.gz %{_mandir}/man5/journald@.conf.5.gz -%if %{with sd_boot} -%{_mandir}/man5/loader.conf.5.gz -%endif %{_mandir}/man5/locale.conf.5.gz %{_mandir}/man5/localtime.5.gz %{_mandir}/man5/logind.conf.5.gz %{_mandir}/man5/logind.conf.d.5.gz %{_mandir}/man5/machine-id.5.gz %{_mandir}/man5/machine-info.5.gz -%{_mandir}/man5/modules-load.d.5.gz %{_mandir}/man5/org.freedesktop.LogControl1.5.gz %{_mandir}/man5/org.freedesktop.hostname1.5.gz %{_mandir}/man5/org.freedesktop.locale1.5.gz @@ -353,19 +311,10 @@ %{_mandir}/man5/user.conf.d.5.gz %{_mandir}/man5/user@.service.5.gz %{_mandir}/man5/vconsole.conf.5.gz -%{_mandir}/man5/veritytab.5.gz %{_mandir}/man7/bootup.7.gz %{_mandir}/man7/daemon.7.gz %{_mandir}/man7/file-hierarchy.7.gz %{_mandir}/man7/kernel-command-line.7.gz -%if %{with sd_boot} -%{_mandir}/man7/linuxaa64.efi.stub.7.gz -%{_mandir}/man7/linuxia32.efi.stub.7.gz -%{_mandir}/man7/linuxx64.efi.stub.7.gz -%{_mandir}/man7/sd-boot.7.gz -%{_mandir}/man7/systemd-boot.7.gz -%{_mandir}/man7/systemd-stub.7.gz -%endif %{_mandir}/man7/systemd.directives.7.gz %{_mandir}/man7/systemd.environment-generator.7.gz %{_mandir}/man7/systemd.generator.7.gz @@ -378,7 +327,6 @@ %{_mandir}/man7/systemd.time.7.gz %{_mandir}/man8/30-systemd-environment-d-generator.8.gz %{_mandir}/man8/halt.8.gz -%{_mandir}/man8/kernel-install.8.gz %{_mandir}/man8/pam_systemd.8.gz %{_mandir}/man8/poweroff.8.gz %{_mandir}/man8/rc-local.service.8.gz @@ -388,33 +336,16 @@ %{_mandir}/man8/systemd-ask-password-console.service.8.gz %{_mandir}/man8/systemd-ask-password-wall.path.8.gz %{_mandir}/man8/systemd-ask-password-wall.service.8.gz -%{_mandir}/man8/systemd-backlight.8.gz -%{_mandir}/man8/systemd-backlight@.service.8.gz %{_mandir}/man8/systemd-binfmt.8.gz %{_mandir}/man8/systemd-binfmt.service.8.gz -%if %{with sd_boot} -%{_mandir}/man8/systemd-bless-boot-generator.8.gz -%{_mandir}/man8/systemd-bless-boot.8.gz -%{_mandir}/man8/systemd-bless-boot.service.8.gz -%endif %{_mandir}/man8/systemd-boot-check-no-failures.8.gz %{_mandir}/man8/systemd-boot-check-no-failures.service.8.gz -%if %{with sd_boot} -%{_mandir}/man8/systemd-boot-system-token.service.8.gz -%endif -%{_mandir}/man8/systemd-cryptsetup-generator.8.gz -%{_mandir}/man8/systemd-cryptsetup.8.gz -%{_mandir}/man8/systemd-cryptsetup@.service.8.gz %{_mandir}/man8/systemd-debug-generator.8.gz %{_mandir}/man8/systemd-environment-d-generator.8.gz %{_mandir}/man8/systemd-fsck-root.service.8.gz %{_mandir}/man8/systemd-fsck.8.gz %{_mandir}/man8/systemd-fsck@.service.8.gz -%{_mandir}/man8/systemd-fstab-generator.8.gz %{_mandir}/man8/systemd-getty-generator.8.gz -%{_mandir}/man8/systemd-gpt-auto-generator.8.gz -%{_mandir}/man8/systemd-growfs.8.gz -%{_mandir}/man8/systemd-growfs@.service.8.gz %{_mandir}/man8/systemd-halt.service.8.gz %{_mandir}/man8/systemd-hibernate-resume-generator.8.gz %{_mandir}/man8/systemd-hibernate-resume.8.gz @@ -423,9 +354,6 @@ %{_mandir}/man8/systemd-hostnamed.8.gz %{_mandir}/man8/systemd-hostnamed.service.8.gz %{_mandir}/man8/systemd-hybrid-sleep.service.8.gz -%{_mandir}/man8/systemd-integritysetup-generator.8.gz -%{_mandir}/man8/systemd-integritysetup.8.gz -%{_mandir}/man8/systemd-integritysetup@.service.8.gz %{_mandir}/man8/systemd-journald-audit.socket.8.gz %{_mandir}/man8/systemd-journald-dev-log.socket.8.gz %{_mandir}/man8/systemd-journald-varlink@.socket.8.gz @@ -440,11 +368,7 @@ %{_mandir}/man8/systemd-logind.8.gz %{_mandir}/man8/systemd-logind.service.8.gz %{_mandir}/man8/systemd-machine-id-commit.service.8.gz -%{_mandir}/man8/systemd-makefs.8.gz -%{_mandir}/man8/systemd-makefs@.service.8.gz %{_mandir}/man8/systemd-mkswap@.service.8.gz -%{_mandir}/man8/systemd-modules-load.8.gz -%{_mandir}/man8/systemd-modules-load.service.8.gz %{_mandir}/man8/systemd-poweroff.service.8.gz %{_mandir}/man8/systemd-quotacheck.8.gz %{_mandir}/man8/systemd-quotacheck.service.8.gz @@ -453,9 +377,6 @@ %{_mandir}/man8/systemd-reboot.service.8.gz %{_mandir}/man8/systemd-remount-fs.8.gz %{_mandir}/man8/systemd-remount-fs.service.8.gz -%{_mandir}/man8/systemd-rfkill.8.gz -%{_mandir}/man8/systemd-rfkill.service.8.gz -%{_mandir}/man8/systemd-rfkill.socket.8.gz %{_mandir}/man8/systemd-run-generator.8.gz %{_mandir}/man8/systemd-shutdown.8.gz %{_mandir}/man8/systemd-sleep.8.gz @@ -477,7 +398,6 @@ %{_mandir}/man8/systemd-timesyncd.service.8.gz %{_mandir}/man8/systemd-tmpfiles-clean.service.8.gz %{_mandir}/man8/systemd-tmpfiles-clean.timer.8.gz -%{_mandir}/man8/systemd-tmpfiles-setup-dev.service.8.gz %{_mandir}/man8/systemd-tmpfiles-setup.service.8.gz %{_mandir}/man8/systemd-tmpfiles.8.gz %{_mandir}/man8/systemd-update-done.8.gz @@ -488,19 +408,11 @@ %{_mandir}/man8/systemd-user-sessions.service.8.gz %{_mandir}/man8/systemd-vconsole-setup.8.gz %{_mandir}/man8/systemd-vconsole-setup.service.8.gz -%{_mandir}/man8/systemd-veritysetup-generator.8.gz -%{_mandir}/man8/systemd-veritysetup.8.gz -%{_mandir}/man8/systemd-veritysetup@.service.8.gz -%{_mandir}/man8/systemd-volatile-root.8.gz -%{_mandir}/man8/systemd-volatile-root.service.8.gz %{_mandir}/man8/systemd-xdg-autostart-generator.8.gz %endif %{_modprobedir}/systemd.conf %{_pam_moduledir}/pam_systemd.so %{_pam_vendordir}/systemd-user -%{_prefix}/lib/kernel/install.conf -%{_prefix}/lib/kernel/install.d/50-depmod.install -%{_prefix}/lib/kernel/install.d/90-loaderentry.install %{_sbindir}/halt %{_sbindir}/init %{_sbindir}/poweroff @@ -509,12 +421,6 @@ %{_sysconfdir}/xdg/systemd/user %{_sysctldir}/99-sysctl.conf %{_systemd_user_env_generator_dir}/30-systemd-environment-d-generator -%if %{with sd_boot} -# These are part of the very few exceptions where glob pattern is allowd. -%{_systemd_util_dir}/boot/efi/linux*.efi.stub -%{_systemd_util_dir}/boot/efi/linux*.elf.stub -%{_systemd_util_dir}/boot/efi/systemd-boot*.efi -%endif %{_systemd_util_dir}/libsystemd-shared-250.so %{_systemd_util_dir}/ntp-units.d/80-systemd-timesync.list %{_systemd_util_dir}/scripts/migrate-sysconfig-i18n.sh @@ -522,33 +428,19 @@ %{_systemd_util_dir}/system-preset/99-default.preset %{_systemd_util_dir}/systemd %{_systemd_util_dir}/systemd-ac-power -%{_systemd_util_dir}/systemd-backlight %{_systemd_util_dir}/systemd-binfmt -%if %{with sd_boot} -%{_systemd_util_dir}/systemd-bless-boot -%endif %{_systemd_util_dir}/systemd-boot-check-no-failures %{_systemd_util_dir}/systemd-cgroups-agent -%if ! %{bootstrap} -%{_systemd_util_dir}/systemd-cryptsetup -%endif %{_systemd_util_dir}/systemd-fsck -%{_systemd_util_dir}/systemd-growfs %{_systemd_util_dir}/systemd-hibernate-resume %{_systemd_util_dir}/systemd-hostnamed -%if ! %{bootstrap} -%{_systemd_util_dir}/systemd-integritysetup -%endif %{_systemd_util_dir}/systemd-journald %{_systemd_util_dir}/systemd-localed %{_systemd_util_dir}/systemd-logind -%{_systemd_util_dir}/systemd-makefs -%{_systemd_util_dir}/systemd-modules-load %{_systemd_util_dir}/systemd-quotacheck %{_systemd_util_dir}/systemd-random-seed %{_systemd_util_dir}/systemd-remount-fs %{_systemd_util_dir}/systemd-reply-password -%{_systemd_util_dir}/systemd-rfkill %{_systemd_util_dir}/systemd-shutdown %{_systemd_util_dir}/systemd-sleep %{_systemd_util_dir}/systemd-socket-proxyd @@ -562,10 +454,6 @@ %{_systemd_util_dir}/systemd-user-runtime-dir %{_systemd_util_dir}/systemd-user-sessions %{_systemd_util_dir}/systemd-vconsole-setup -%if ! %{bootstrap} -%{_systemd_util_dir}/systemd-veritysetup -%endif -%{_systemd_util_dir}/systemd-volatile-root %{_systemd_util_dir}/systemd-xdg-autostart-condition %{_systemd_util_dir}/user-generators/systemd-xdg-autostart-generator %{_systemd_util_dir}/user-preset/90-systemd.preset @@ -591,25 +479,11 @@ %{_systemd_util_dir}/user/systemd-tmpfiles-setup.service %{_systemd_util_dir}/user/timers.target %{_systemd_util_dir}/user/xdg-desktop-autostart.target -%if %{with sd_boot} -%{_systemdgeneratordir}/systemd-bless-boot-generator -%endif -%if ! %{bootstrap} -%{_systemdgeneratordir}/systemd-cryptsetup-generator -%endif %{_systemdgeneratordir}/systemd-debug-generator -%{_systemdgeneratordir}/systemd-fstab-generator %{_systemdgeneratordir}/systemd-getty-generator -%{_systemdgeneratordir}/systemd-gpt-auto-generator %{_systemdgeneratordir}/systemd-hibernate-resume-generator -%if ! %{bootstrap} -%{_systemdgeneratordir}/systemd-integritysetup-generator -%endif %{_systemdgeneratordir}/systemd-run-generator %{_systemdgeneratordir}/systemd-system-update-generator -%if ! %{bootstrap} -%{_systemdgeneratordir}/systemd-veritysetup-generator -%endif %{_sysusersdir}/systemd-journal.conf %if %{with networkd} # Yes, systemd-network.conf really belongs here, see @@ -635,10 +509,6 @@ %{_unitdir}/boot-complete.target %{_unitdir}/console-getty.service %{_unitdir}/container-getty@.service -%if ! %{bootstrap} -%{_unitdir}/cryptsetup-pre.target -%{_unitdir}/cryptsetup.target -%endif %{_unitdir}/ctrl-alt-del.target %{_unitdir}/dbus-org.freedesktop.hostname1.service %{_unitdir}/dbus-org.freedesktop.locale1.service @@ -665,19 +535,11 @@ %{_unitdir}/initrd-fs.target %{_unitdir}/initrd-parse-etc.service %{_unitdir}/initrd-root-device.target -%if ! %{bootstrap} -%{_unitdir}/initrd-root-device.target.wants/remote-cryptsetup.target -%{_unitdir}/initrd-root-device.target.wants/remote-veritysetup.target -%endif %{_unitdir}/initrd-root-fs.target %{_unitdir}/initrd-switch-root.service %{_unitdir}/initrd-switch-root.target %{_unitdir}/initrd-usr-fs.target %{_unitdir}/initrd.target -%if ! %{bootstrap} -%{_unitdir}/integritysetup-pre.target -%{_unitdir}/integritysetup.target -%endif %{_unitdir}/kexec.target %{_unitdir}/local-fs-pre.target %{_unitdir}/local-fs.target @@ -700,14 +562,8 @@ %{_unitdir}/proc-sys-fs-binfmt_misc.mount %{_unitdir}/quotaon.service %{_unitdir}/reboot.target -%if ! %{bootstrap} -%{_unitdir}/remote-cryptsetup.target -%endif %{_unitdir}/remote-fs-pre.target %{_unitdir}/remote-fs.target -%if ! %{bootstrap} -%{_unitdir}/remote-veritysetup.target -%endif %{_unitdir}/rescue.service %{_unitdir}/rescue.target %{_unitdir}/rpcbind.target @@ -729,14 +585,8 @@ %{_unitdir}/sys-kernel-debug.mount %{_unitdir}/sys-kernel-tracing.mount %{_unitdir}/sysinit.target -%if ! %{bootstrap} -%{_unitdir}/sysinit.target.wants/cryptsetup.target -%endif %{_unitdir}/sysinit.target.wants/dev-hugepages.mount %{_unitdir}/sysinit.target.wants/dev-mqueue.mount -%if ! %{bootstrap} -%{_unitdir}/sysinit.target.wants/integritysetup.target -%endif %{_unitdir}/sysinit.target.wants/proc-sys-fs-binfmt_misc.automount %{_unitdir}/sysinit.target.wants/sys-fs-fuse-connections.mount %{_unitdir}/sysinit.target.wants/sys-kernel-config.mount @@ -744,29 +594,18 @@ %{_unitdir}/sysinit.target.wants/sys-kernel-tracing.mount %{_unitdir}/sysinit.target.wants/systemd-ask-password-console.path %{_unitdir}/sysinit.target.wants/systemd-binfmt.service -%if %{with sd_boot} -%{_unitdir}/sysinit.target.wants/systemd-boot-system-token.service -%endif %{_unitdir}/sysinit.target.wants/systemd-firstboot.service %{_unitdir}/sysinit.target.wants/systemd-journal-catalog-update.service %{_unitdir}/sysinit.target.wants/systemd-journal-flush.service %{_unitdir}/sysinit.target.wants/systemd-journald.service %{_unitdir}/sysinit.target.wants/systemd-machine-id-commit.service -%{_unitdir}/sysinit.target.wants/systemd-modules-load.service %{_unitdir}/sysinit.target.wants/systemd-random-seed.service %{_unitdir}/sysinit.target.wants/systemd-sysctl.service %{_unitdir}/sysinit.target.wants/systemd-sysusers.service -%{_unitdir}/sysinit.target.wants/systemd-tmpfiles-setup-dev.service %{_unitdir}/sysinit.target.wants/systemd-tmpfiles-setup.service %{_unitdir}/sysinit.target.wants/systemd-update-done.service %{_unitdir}/sysinit.target.wants/systemd-update-utmp.service -%if ! %{bootstrap} -%{_unitdir}/sysinit.target.wants/veritysetup.target -%endif %{_unitdir}/syslog.socket -%if ! %{bootstrap} -%{_unitdir}/system-systemd\x2dcryptsetup.slice -%endif %{_unitdir}/system-update-cleanup.service %{_unitdir}/system-update-pre.target %{_unitdir}/system-update.target @@ -774,16 +613,8 @@ %{_unitdir}/systemd-ask-password-console.service %{_unitdir}/systemd-ask-password-wall.path %{_unitdir}/systemd-ask-password-wall.service -%{_unitdir}/systemd-backlight@.service %{_unitdir}/systemd-binfmt.service -%if %{with sd_boot} -%{_unitdir}/systemd-bless-boot.service -%endif %{_unitdir}/systemd-boot-check-no-failures.service -%if %{with sd_boot} -%{_unitdir}/systemd-boot-system-token.service -%{_unitdir}/systemd-boot-update.service -%endif %{_unitdir}/systemd-exit.service %{_unitdir}/systemd-firstboot.service %{_unitdir}/systemd-fsck-root.service @@ -805,14 +636,11 @@ %{_unitdir}/systemd-localed.service %{_unitdir}/systemd-logind.service %{_unitdir}/systemd-machine-id-commit.service -%{_unitdir}/systemd-modules-load.service %{_unitdir}/systemd-poweroff.service %{_unitdir}/systemd-quotacheck.service %{_unitdir}/systemd-random-seed.service %{_unitdir}/systemd-reboot.service %{_unitdir}/systemd-remount-fs.service -%{_unitdir}/systemd-rfkill.service -%{_unitdir}/systemd-rfkill.socket %{_unitdir}/systemd-suspend-then-hibernate.service %{_unitdir}/systemd-suspend.service %{_unitdir}/systemd-sysctl.service @@ -823,13 +651,11 @@ %{_unitdir}/systemd-timesyncd.service %{_unitdir}/systemd-tmpfiles-clean.service %{_unitdir}/systemd-tmpfiles-clean.timer -%{_unitdir}/systemd-tmpfiles-setup-dev.service %{_unitdir}/systemd-tmpfiles-setup.service %{_unitdir}/systemd-update-done.service %{_unitdir}/systemd-update-utmp.service %{_unitdir}/systemd-user-sessions.service %{_unitdir}/systemd-vconsole-setup.service -%{_unitdir}/systemd-volatile-root.service %{_unitdir}/time-set.target %{_unitdir}/time-sync.target %{_unitdir}/timers.target @@ -842,10 +668,6 @@ %{_unitdir}/user-runtime-dir@.service %{_unitdir}/user.slice %{_unitdir}/user@.service -%if ! %{bootstrap} -%{_unitdir}/veritysetup-pre.target -%{_unitdir}/veritysetup.target -%endif %{xinitconfdir}/xinitrc.d/50-systemd-user.sh %if %{with split_usr} /bin/systemctl diff --git a/files.udev b/files.udev index 52a309e6..389f9592 100644 --- a/files.udev +++ b/files.udev @@ -2,7 +2,16 @@ # Please keep the list sorted (with `LC_ALL=C sort`). # %config(noreplace) %{_sysconfdir}/udev/udev.conf +%if ! %{bootstrap} +%dir %{_libdir}/cryptsetup +%dir %{_modulesloaddir} +%dir %{_prefix}/lib/kernel +%dir %{_prefix}/lib/kernel/install.d +%endif %dir %{_prefix}/lib/udev +%if ! %{bootstrap} +%dir %{_sysconfdir}/modules-load.d +%endif %dir %{_sysconfdir}/udev %dir %{_sysconfdir}/udev/rules.d %dir %{_systemd_util_dir}/network @@ -12,28 +21,72 @@ %doc %{_udevrulesdir}/README %ghost %attr(444, root, root) %{_sysconfdir}/udev/hwdb.bin %ghost %attr(644, root, root) %{_prefix}/lib/udev/compat-symlink-generation +%ghost %{_localstatedir}/lib/systemd/backlight +%if ! %{bootstrap} +%{_bindir}/kernel-install +%{_bindir}/systemd-cryptenroll +%endif %{_bindir}/systemd-hwdb %{_bindir}/udevadm %if ! %{bootstrap} +%{_datadir}/bash-completion/completions/kernel-install %{_datadir}/bash-completion/completions/udevadm %endif %{_datadir}/pkgconfig/udev.pc %if ! %{bootstrap} +%{_datadir}/zsh/site-functions/_kernel-install %{_datadir}/zsh/site-functions/_udevadm %endif %if ! %{bootstrap} +%{_libdir}/cryptsetup/libcryptsetup-token-systemd-fido2.so +%{_libdir}/cryptsetup/libcryptsetup-token-systemd-pkcs11.so +%{_libdir}/cryptsetup/libcryptsetup-token-systemd-tpm2.so +%{_mandir}/man1/systemd-cryptenroll.1.gz +%{_mandir}/man5/crypttab.5.gz +%{_mandir}/man5/integritytab.5.gz +%{_mandir}/man5/modules-load.d.5.gz %{_mandir}/man5/udev.conf.5.gz +%{_mandir}/man5/veritytab.5.gz %{_mandir}/man7/hwdb.7.gz %{_mandir}/man7/udev.7.gz +%{_mandir}/man8/kernel-install.8.gz +%{_mandir}/man8/systemd-backlight.8.gz +%{_mandir}/man8/systemd-backlight@.service.8.gz +%{_mandir}/man8/systemd-cryptsetup-generator.8.gz +%{_mandir}/man8/systemd-cryptsetup.8.gz +%{_mandir}/man8/systemd-cryptsetup@.service.8.gz +%{_mandir}/man8/systemd-fstab-generator.8.gz +%{_mandir}/man8/systemd-gpt-auto-generator.8.gz +%{_mandir}/man8/systemd-growfs.8.gz +%{_mandir}/man8/systemd-growfs@.service.8.gz %{_mandir}/man8/systemd-hwdb.8.gz +%{_mandir}/man8/systemd-integritysetup-generator.8.gz +%{_mandir}/man8/systemd-integritysetup.8.gz +%{_mandir}/man8/systemd-integritysetup@.service.8.gz +%{_mandir}/man8/systemd-makefs.8.gz +%{_mandir}/man8/systemd-makefs@.service.8.gz +%{_mandir}/man8/systemd-modules-load.8.gz +%{_mandir}/man8/systemd-modules-load.service.8.gz %{_mandir}/man8/systemd-network-generator.8.gz %{_mandir}/man8/systemd-network-generator.service.8.gz +%{_mandir}/man8/systemd-rfkill.8.gz +%{_mandir}/man8/systemd-rfkill.service.8.gz +%{_mandir}/man8/systemd-rfkill.socket.8.gz +%{_mandir}/man8/systemd-tmpfiles-setup-dev.service.8.gz %{_mandir}/man8/systemd-udev-settle.service.8.gz %{_mandir}/man8/systemd-udevd-control.socket.8.gz %{_mandir}/man8/systemd-udevd-kernel.socket.8.gz %{_mandir}/man8/systemd-udevd.8.gz %{_mandir}/man8/systemd-udevd.service.8.gz +%{_mandir}/man8/systemd-veritysetup-generator.8.gz +%{_mandir}/man8/systemd-veritysetup.8.gz +%{_mandir}/man8/systemd-veritysetup@.service.8.gz +%{_mandir}/man8/systemd-volatile-root.8.gz +%{_mandir}/man8/systemd-volatile-root.service.8.gz %{_mandir}/man8/udevadm.8.gz +%{_prefix}/lib/kernel/install.conf +%{_prefix}/lib/kernel/install.d/50-depmod.install +%{_prefix}/lib/kernel/install.d/90-loaderentry.install %endif %{_prefix}/lib/udev/ata_id %{_prefix}/lib/udev/cdrom_id @@ -47,8 +100,34 @@ %{_prefix}/lib/udev/scsi_id %{_prefix}/lib/udev/v4l_id %{_systemd_util_dir}/network/99-default.link +%{_systemd_util_dir}/systemd-backlight +%if ! %{bootstrap} +%{_systemd_util_dir}/systemd-cryptsetup +%endif +%{_systemd_util_dir}/systemd-growfs +%if ! %{bootstrap} +%{_systemd_util_dir}/systemd-integritysetup +%endif +%{_systemd_util_dir}/systemd-makefs +%if ! %{bootstrap} +%{_systemd_util_dir}/systemd-modules-load +%endif %{_systemd_util_dir}/systemd-network-generator +%{_systemd_util_dir}/systemd-rfkill %{_systemd_util_dir}/systemd-udevd +%if ! %{bootstrap} +%{_systemd_util_dir}/systemd-veritysetup +%endif +%{_systemd_util_dir}/systemd-volatile-root +%if ! %{bootstrap} +%{_systemdgeneratordir}/systemd-cryptsetup-generator +%endif +%{_systemdgeneratordir}/systemd-fstab-generator +%{_systemdgeneratordir}/systemd-gpt-auto-generator +%if ! %{bootstrap} +%{_systemdgeneratordir}/systemd-integritysetup-generator +%{_systemdgeneratordir}/systemd-veritysetup-generator +%endif %{_tmpfilesdir}/static-nodes-permissions.conf %{_udevhwdbdir}/20-OUI.hwdb %{_udevhwdbdir}/20-acpi-vendor.hwdb @@ -105,25 +184,63 @@ %{_udevrulesdir}/75-net-description.rules %{_udevrulesdir}/75-probe_mtd.rules %{_udevrulesdir}/78-sound-card.rules +%if ! %{bootstrap} %{_udevrulesdir}/80-drivers.rules +%endif %{_udevrulesdir}/80-net-setup-link.rules %{_udevrulesdir}/81-net-dhcp.rules %{_udevrulesdir}/90-vconsole.rules +%if ! %{bootstrap} +%{_unitdir}/cryptsetup-pre.target +%{_unitdir}/cryptsetup.target +%{_unitdir}/initrd-root-device.target.wants/remote-cryptsetup.target +%{_unitdir}/initrd-root-device.target.wants/remote-veritysetup.target +%endif %{_unitdir}/initrd-udevadm-cleanup-db.service +%if ! %{bootstrap} +%{_unitdir}/integritysetup-pre.target +%{_unitdir}/integritysetup.target %{_unitdir}/kmod-static-nodes.service +%{_unitdir}/remote-cryptsetup.target +%{_unitdir}/remote-veritysetup.target +%endif %{_unitdir}/sockets.target.wants/systemd-udevd-control.socket %{_unitdir}/sockets.target.wants/systemd-udevd-kernel.socket +%if ! %{bootstrap} +%{_unitdir}/sysinit.target.wants/cryptsetup.target +%{_unitdir}/sysinit.target.wants/integritysetup.target %{_unitdir}/sysinit.target.wants/kmod-static-nodes.service +%endif %{_unitdir}/sysinit.target.wants/systemd-hwdb-update.service +%if ! %{bootstrap} +%{_unitdir}/sysinit.target.wants/systemd-modules-load.service +%endif +%{_unitdir}/sysinit.target.wants/systemd-tmpfiles-setup-dev.service %{_unitdir}/sysinit.target.wants/systemd-udev-trigger.service %{_unitdir}/sysinit.target.wants/systemd-udevd.service +%if ! %{bootstrap} +%{_unitdir}/sysinit.target.wants/veritysetup.target +%{_unitdir}/system-systemd\x2dcryptsetup.slice +%endif +%{_unitdir}/systemd-backlight@.service %{_unitdir}/systemd-hwdb-update.service +%if ! %{bootstrap} +%{_unitdir}/systemd-modules-load.service +%endif %{_unitdir}/systemd-network-generator.service +%{_unitdir}/systemd-rfkill.service +%{_unitdir}/systemd-rfkill.socket +%{_unitdir}/systemd-tmpfiles-setup-dev.service %{_unitdir}/systemd-udev-settle.service %{_unitdir}/systemd-udev-trigger.service %{_unitdir}/systemd-udevd-control.socket %{_unitdir}/systemd-udevd-kernel.socket %{_unitdir}/systemd-udevd.service +%{_unitdir}/systemd-volatile-root.service +%if ! %{bootstrap} +%{_unitdir}/veritysetup-pre.target +%{_unitdir}/veritysetup.target +%endif %if %{with split_usr} /sbin/udevadm %endif diff --git a/files.uefi-boot b/files.uefi-boot new file mode 100644 index 00000000..ebb3ff29 --- /dev/null +++ b/files.uefi-boot @@ -0,0 +1,34 @@ +# +# Please keep the list sorted (with `LC_ALL=C sort`). +# +%if %{with sd_boot} +%dir %{_systemd_util_dir}/boot +%dir %{_systemd_util_dir}/boot/efi +%{_bindir}/bootctl +%if ! %{bootstrap} +%{_datadir}/bash-completion/completions/bootctl +%{_datadir}/zsh/site-functions/_bootctl +%{_mandir}/man1/bootctl.1.gz +%{_mandir}/man5/loader.conf.5.gz +%{_mandir}/man7/linuxaa64.efi.stub.7.gz +%{_mandir}/man7/linuxia32.efi.stub.7.gz +%{_mandir}/man7/linuxx64.efi.stub.7.gz +%{_mandir}/man7/sd-boot.7.gz +%{_mandir}/man7/systemd-boot.7.gz +%{_mandir}/man7/systemd-stub.7.gz +%{_mandir}/man8/systemd-bless-boot-generator.8.gz +%{_mandir}/man8/systemd-bless-boot.8.gz +%{_mandir}/man8/systemd-bless-boot.service.8.gz +%{_mandir}/man8/systemd-boot-system-token.service.8.gz +%endif +# These are part of the very few exceptions where glob pattern is allowd. +%{_systemd_util_dir}/boot/efi/linux*.efi.stub +%{_systemd_util_dir}/boot/efi/linux*.elf.stub +%{_systemd_util_dir}/boot/efi/systemd-boot*.efi +%{_systemd_util_dir}/systemd-bless-boot +%{_systemdgeneratordir}/systemd-bless-boot-generator +%{_unitdir}/sysinit.target.wants/systemd-boot-system-token.service +%{_unitdir}/systemd-bless-boot.service +%{_unitdir}/systemd-boot-system-token.service +%{_unitdir}/systemd-boot-update.service +%endif diff --git a/systemd.changes b/systemd.changes index 06dfd7aa..5c3597e8 100644 --- a/systemd.changes +++ b/systemd.changes @@ -1,3 +1,13 @@ +------------------------------------------------------------------- +Mon Mar 28 18:36:39 UTC 2022 - Franck Bui + +- Move systemd-boot and all components managing (secure) UEFI boot into udev + sub-package: they may deserve a dedicated sub-package in the future but for + now move them to udev so they aren't installed in systemd based containers. + +- Move a bunch of components operating on (mainly block) devices into udev as + without udev they're most likely useless. + ------------------------------------------------------------------- Mon Mar 28 17:02:04 UTC 2022 - Franck Bui diff --git a/systemd.spec b/systemd.spec index 53805e43..f097922a 100644 --- a/systemd.spec +++ b/systemd.spec @@ -87,9 +87,7 @@ BuildRequires: polkit BuildRequires: python3-base BuildRequires: python3-lxml BuildRequires: pkgconfig(audit) -BuildRequires: pkgconfig(libcryptsetup) >= 1.6.0 BuildRequires: pkgconfig(libdw) -BuildRequires: pkgconfig(libfido2) BuildRequires: pkgconfig(libiptc) BuildRequires: pkgconfig(liblz4) BuildRequires: pkgconfig(liblzma) @@ -97,9 +95,6 @@ BuildRequires: pkgconfig(libpcre2-8) BuildRequires: pkgconfig(libqrencode) BuildRequires: pkgconfig(libselinux) >= 2.1.9 BuildRequires: pkgconfig(libzstd) -BuildRequires: pkgconfig(tss2-esys) -BuildRequires: pkgconfig(tss2-mu) -BuildRequires: pkgconfig(tss2-rc) %ifarch aarch64 %ix86 x86_64 x32 %arm ppc64le s390x BuildRequires: pkgconfig(libseccomp) >= 2.3.1 %endif @@ -117,20 +112,7 @@ BuildRequires: python3-jinja2 BuildRequires: suse-module-tools >= 12.4 BuildRequires: systemd-rpm-macros BuildRequires: pkgconfig(blkid) >= 2.26 -BuildRequires: pkgconfig(libkmod) >= 15 BuildRequires: pkgconfig(libpci) >= 3 -%if %{with importd} -BuildRequires: pkgconfig(bzip2) -BuildRequires: pkgconfig(libcurl) -BuildRequires: pkgconfig(zlib) -%endif -%if %{with journal_remote} -BuildRequires: pkgconfig(libcurl) -BuildRequires: pkgconfig(libmicrohttpd) >= 0.9.33 -%endif -%if %{with sd_boot} -BuildRequires: gnu-efi -%endif %if %{bootstrap} #!BuildIgnore: dbus-1 @@ -156,11 +138,6 @@ Requires: util-linux >= 2.27.1 Requires: group(lock) # This Recommends because some symbols of libpcre2 are dlopen()ed by journalctl Recommends: libpcre2-8-0 -# ditto but dlopen()ed by systemd-cryptenroll -Recommends: libfido2 -Recommends: libtss2-esys0 -Recommends: libtss2-mu0 -Recommends: libtss2-rc0 Requires(post): coreutils Requires(post): findutils Requires(post): systemd-presets-branding @@ -201,6 +178,7 @@ Source202: files.container Source203: files.network Source204: files.devel Source205: files.sysvcompat +Source206: files.uefi-boot # # All changes backported from upstream are tracked by the git repository, which @@ -328,6 +306,9 @@ This library provides several of the systemd C APIs: Summary: A rule-based device node and kernel event manager License: GPL-2.0-only URL: http://www.kernel.org/pub/linux/utils/kernel/hotplug/udev.html +%if %{with sd_boot} +BuildRequires: gnu-efi +%endif Requires: %{name} = %{version}-%{release} %systemd_requires Requires: filesystem @@ -337,6 +318,22 @@ Requires: group(kvm) Requires(post): sed Requires(post): coreutils Requires(postun):coreutils +%if ! %{bootstrap} +BuildRequires: pkgconfig(libcryptsetup) >= 1.6.0 +BuildRequires: pkgconfig(libkmod) >= 15 +# Enable fido2 and tpm supports in systemd-cryptsetup, systemd-enroll. However +# these tools are not linked against the libs directly but instead are +# dlopen()ed at runtime to avoid hard dependencies. Hence the use of soft +# dependencies. +BuildRequires: pkgconfig(libfido2) +BuildRequires: pkgconfig(tss2-esys) +BuildRequires: pkgconfig(tss2-mu) +BuildRequires: pkgconfig(tss2-rc) +Recommends: libfido2 +Recommends: libtss2-esys0 +Recommends: libtss2-mu0 +Recommends: libtss2-rc0 +%endif Conflicts: ConsoleKit < 0.4.1 Conflicts: dracut < 044.1 Conflicts: filesystem < 11.5 @@ -385,6 +382,11 @@ This package contains systemd-coredump, coredumpctl. %package container Summary: Systemd tools for container management License: LGPL-2.1-or-later +%if %{with importd} +BuildRequires: pkgconfig(bzip2) +BuildRequires: pkgconfig(libcurl) +BuildRequires: pkgconfig(zlib) +%endif Requires: %{name} = %{version}-%{release} %systemd_requires Obsoletes: nss-mymachines < %{version}-%{release} @@ -494,6 +496,8 @@ To activate this NSS module, you will need to include it in %package journal-remote Summary: Gateway for serving journal events over the network using HTTP License: LGPL-2.1-or-later +BuildRequires: pkgconfig(libcurl) +BuildRequires: pkgconfig(libmicrohttpd) >= 0.9.33 Requires: %{name} = %{version}-%{release} %systemd_requires @@ -695,6 +699,7 @@ Have fun with these services at your own risk. -Dportabled=%{when portabled} \ -Dremote=%{when journal_remote} \ \ + -Dkernel-install=%{when sd_boot} \ -Dgnu-efi=%{when sd_boot} \ -Dsbat-distro= \ \ @@ -996,7 +1001,6 @@ fi # Create default config in /etc at first install. # Later package updates should not overwrite these settings. -%systemd_post remote-cryptsetup.target %systemd_post getty@.service %systemd_post machines.target %systemd_post remote-fs.target @@ -1075,6 +1079,8 @@ fi %regenerate_initrd_post %udev_hwdb_update +%systemd_post remote-cryptsetup.target + # add KERNEL name match to existing persistent net rules sed -ri '/KERNEL/ ! { s/NAME="(eth|wlan|ath)([0-9]+)"/KERNEL=="\1*", NAME="\1\2"/}' \ /etc/udev/rules.d/70-persistent-net.rules 2>/dev/null || : @@ -1257,6 +1263,7 @@ fi %files -n udev%{?mini} %defattr(-,root,root) %include %{SOURCE201} +%include %{SOURCE206} %files container %defattr(-,root,root)