Accepting request 365799 from home:lnussel:branches:Base:System

- require curl and bzip2 to build importd
- curl also causes building of journal-upload. That one has rather
  unusal certificate usage, set it's ca root to /etc/pki/systemd
  instead of the built-in default /etc/ssl as journal-remote and
  journal-upload think they kan put stuff in /etc/ssl/certs then but
  that directory is managed by p11-kit and doesn't serve the purpose
  those programs think.
- /var/lib/systemd/random-seed is a file
- own /var/lib/machines

OBS-URL: https://build.opensuse.org/request/show/365799
OBS-URL: https://build.opensuse.org/package/show/Base:System/systemd?expand=0&rev=931
This commit is contained in:
Dr. Werner Fink 2016-03-11 10:46:33 +00:00 committed by Git OBS Bridge
parent 33be5ae29e
commit b9f41ee894
7 changed files with 206 additions and 12 deletions

View File

@ -11,8 +11,8 @@ Fixes: #1969
diff --git src/core/scope.c src/core/scope.c diff --git src/core/scope.c src/core/scope.c
index c5d0ece..361695c 100644 index c5d0ece..361695c 100644
--- src/core/scope.c --- a/src/core/scope.c
+++ src/core/scope.c +++ b/src/core/scope.c
@@ -50,8 +50,7 @@ static void scope_init(Unit *u) { @@ -50,8 +50,7 @@ static void scope_init(Unit *u) {
assert(u->load_state == UNIT_STUB); assert(u->load_state == UNIT_STUB);
@ -25,8 +25,8 @@ index c5d0ece..361695c 100644
static void scope_done(Unit *u) { static void scope_done(Unit *u) {
diff --git src/core/slice.c src/core/slice.c diff --git src/core/slice.c src/core/slice.c
index d65364c..667f61b 100644 index d65364c..667f61b 100644
--- src/core/slice.c --- a/src/core/slice.c
+++ src/core/slice.c +++ b/src/core/slice.c
@@ -34,6 +34,13 @@ static const UnitActiveState state_translation_table[_SLICE_STATE_MAX] = { @@ -34,6 +34,13 @@ static const UnitActiveState state_translation_table[_SLICE_STATE_MAX] = {
[SLICE_ACTIVE] = UNIT_ACTIVE [SLICE_ACTIVE] = UNIT_ACTIVE
}; };

View File

@ -9,8 +9,8 @@ for the virtual consoles (boo#904214)
src/vconsole/vconsole-setup.c | 39 +++++++++++++++++++++++++-------------- src/vconsole/vconsole-setup.c | 39 +++++++++++++++++++++++++--------------
1 file changed, 25 insertions(+), 14 deletions(-) 1 file changed, 25 insertions(+), 14 deletions(-)
--- src/vconsole/vconsole-setup.c --- a/src/vconsole/vconsole-setup.c
+++ src/vconsole/vconsole-setup.c 2015-09-23 12:34:33.854018750 +0000 +++ b/src/vconsole/vconsole-setup.c 2015-09-23 12:34:33.854018750 +0000
@@ -202,8 +202,13 @@ static void font_copy_to_all_vcs(int fd) @@ -202,8 +202,13 @@ static void font_copy_to_all_vcs(int fd)
unsigned short map16[E_TABSZ]; unsigned short map16[E_TABSZ];
struct unimapdesc unimapd; struct unimapdesc unimapd;

View File

@ -0,0 +1,116 @@
From 84d816c48b57b43e833e2917bbd278c116816fcf Mon Sep 17 00:00:00 2001
From: Lennart Poettering <lennart@poettering.net>
Date: Thu, 28 Jan 2016 20:15:49 +0100
Subject: [PATCH] nspawn: make journal linking non-fatal in try and auto modes
Fixes #2091
---
src/nspawn/nspawn.c | 39 ++++++++++++++++++++-------------------
1 file changed, 20 insertions(+), 19 deletions(-)
diff --git a/src/nspawn/nspawn.c b/src/nspawn/nspawn.c
index f6a2c03..97ea51a 100644
--- a/src/nspawn/nspawn.c
+++ b/src/nspawn/nspawn.c
@@ -1338,6 +1338,7 @@ static int setup_journal(const char *directory) {
sd_id128_t machine_id, this_id;
_cleanup_free_ char *b = NULL, *d = NULL;
const char *etc_machine_id, *p, *q;
+ bool try;
char *id;
int r;
@@ -1345,16 +1346,21 @@ static int setup_journal(const char *directory) {
if (arg_ephemeral)
return 0;
+ if (arg_link_journal == LINK_NO)
+ return 0;
+
+ try = arg_link_journal_try || arg_link_journal == LINK_AUTO;
+
etc_machine_id = prefix_roota(directory, "/etc/machine-id");
r = read_one_line_file(etc_machine_id, &b);
- if (r == -ENOENT && arg_link_journal == LINK_AUTO)
+ if (r == -ENOENT && try)
return 0;
else if (r < 0)
return log_error_errno(r, "Failed to read machine ID from %s: %m", etc_machine_id);
id = strstrip(b);
- if (isempty(id) && arg_link_journal == LINK_AUTO)
+ if (isempty(id) && try)
return 0;
/* Verify validity */
@@ -1367,16 +1373,13 @@ static int setup_journal(const char *directory) {
return log_error_errno(r, "Failed to retrieve machine ID: %m");
if (sd_id128_equal(machine_id, this_id)) {
- log_full(arg_link_journal == LINK_AUTO ? LOG_WARNING : LOG_ERR,
+ log_full(try ? LOG_WARNING : LOG_ERR,
"Host and machine ids are equal (%s): refusing to link journals", id);
- if (arg_link_journal == LINK_AUTO)
+ if (try)
return 0;
return -EEXIST;
}
- if (arg_link_journal == LINK_NO)
- return 0;
-
r = userns_mkdir(directory, "/var", 0755, 0, 0);
if (r < 0)
return log_error_errno(r, "Failed to create /var: %m");
@@ -1393,21 +1396,19 @@ static int setup_journal(const char *directory) {
q = prefix_roota(directory, p);
if (path_is_mount_point(p, 0) > 0) {
- if (arg_link_journal != LINK_AUTO) {
- log_error("%s: already a mount point, refusing to use for journal", p);
- return -EEXIST;
- }
+ if (try)
+ return 0;
- return 0;
+ log_error("%s: already a mount point, refusing to use for journal", p);
+ return -EEXIST;
}
if (path_is_mount_point(q, 0) > 0) {
- if (arg_link_journal != LINK_AUTO) {
- log_error("%s: already a mount point, refusing to use for journal", q);
- return -EEXIST;
- }
+ if (try)
+ return 0;
- return 0;
+ log_error("%s: already a mount point, refusing to use for journal", q);
+ return -EEXIST;
}
r = readlink_and_make_absolute(p, &d);
@@ -1441,7 +1442,7 @@ static int setup_journal(const char *directory) {
if (arg_link_journal == LINK_GUEST) {
if (symlink(q, p) < 0) {
- if (arg_link_journal_try) {
+ if (try) {
log_debug_errno(errno, "Failed to symlink %s to %s, skipping journal setup: %m", q, p);
return 0;
} else
@@ -1459,7 +1460,7 @@ static int setup_journal(const char *directory) {
* permanent journal set up, don't force it here */
r = mkdir(p, 0755);
if (r < 0) {
- if (arg_link_journal_try) {
+ if (try) {
log_debug_errno(errno, "Failed to create %s, skipping journal setup: %m", p);
return 0;
} else
--
2.7.0

View File

@ -13,6 +13,19 @@ Tue Mar 1 09:16:08 UTC 2016 - werner@suse.de
this fixes forced logouts on isolate target aka changing runlevel this fixes forced logouts on isolate target aka changing runlevel
(boo#966535) (boo#966535)
-------------------------------------------------------------------
Thu Feb 4 11:05:37 UTC 2016 - lnussel@suse.de
- require curl and bzip2 to build importd
- curl also causes building of journal-upload. That one has rather
unusal certificate usage, set it's ca root to /etc/pki/systemd
instead of the built-in default /etc/ssl as journal-remote and
journal-upload think they kan put stuff in /etc/ssl/certs then but
that directory is managed by p11-kit and doesn't serve the purpose
those programs think.
- /var/lib/systemd/random-seed is a file
- own /var/lib/machines
------------------------------------------------------------------- -------------------------------------------------------------------
Sat Jan 9 22:46:21 UTC 2016 - afaerber@suse.de Sat Jan 9 22:46:21 UTC 2016 - afaerber@suse.de

View File

@ -92,6 +92,9 @@ Conflicts: kiwi
BuildRequires: docbook-xsl-stylesheets BuildRequires: docbook-xsl-stylesheets
BuildRequires: libgcrypt-devel BuildRequires: libgcrypt-devel
BuildRequires: libxslt-tools BuildRequires: libxslt-tools
# curl and bzip2 are required for building importd
BuildRequires: pkgconfig(bzip2)
BuildRequires: pkgconfig(libcurl)
%if %{with python} %if %{with python}
BuildRequires: python BuildRequires: python
%endif %endif
@ -250,6 +253,8 @@ Patch523: let-vconsole-setup-get-properties-only-once-to-copy-them.patch
Patch524: 0001-nss-mymachines-do-not-allow-overlong-machine-names.patch Patch524: 0001-nss-mymachines-do-not-allow-overlong-machine-names.patch
# PATCH-FIX-UPSTREAM (bsc#966535) # PATCH-FIX-UPSTREAM (bsc#966535)
Patch525: 0001-core-exclude-.slice-units-from-systemctl-isolate.patch Patch525: 0001-core-exclude-.slice-units-from-systemctl-isolate.patch
# PATCH-FIX-UPSTREAM -- fixed after 228
Patch526: systemd-228-nspawn-make-journal-linking-non-fatal-in-try-and-auto.diff
# UDEV PATCHES # UDEV PATCHES
# ============ # ============
@ -588,9 +593,10 @@ cp %{SOURCE7} m4/
%patch520 -p1 %patch520 -p1
%patch521 -p1 %patch521 -p1
%patch522 -p1 %patch522 -p1
%patch523 -p0 %patch523 -p1
%patch524 -p1 %patch524 -p1
%patch525 -p0 %patch525 -p1
%patch526 -p1
# udev patches # udev patches
%patch1002 -p1 %patch1002 -p1
@ -677,6 +683,12 @@ export LDFLAGS
cflags -pipe CFLAGS cflags -pipe CFLAGS
cflags -Wl,-O2 LDFLAGS cflags -Wl,-O2 LDFLAGS
cflags -Wl,--hash-size=8599 LDFLAGS cflags -Wl,--hash-size=8599 LDFLAGS
# certificate-root is set to /etc/pki/systemd instead of the
# built-in default /etc/ssl as journal-remote and journal-upload
# think they kan put stuff in /etc/ssl/certs then but that
# directory is managed by p11-kit and doesn't serve the purpose
# those programs think
#
# keep split-usr until all packages have moved their systemd rules to /usr # keep split-usr until all packages have moved their systemd rules to /usr
%configure \ %configure \
--with-ntp-servers="0.opensuse.pool.ntp.org 1.opensuse.pool.ntp.org 2.opensuse.pool.ntp.org 3.opensuse.pool.ntp.org" \ --with-ntp-servers="0.opensuse.pool.ntp.org 1.opensuse.pool.ntp.org 2.opensuse.pool.ntp.org 3.opensuse.pool.ntp.org" \
@ -686,10 +698,12 @@ cflags -Wl,--hash-size=8599 LDFLAGS
--with-dbussessionservicedir=%{_datadir}/dbus-1/services \ --with-dbussessionservicedir=%{_datadir}/dbus-1/services \
--with-dbussystemservicedir=%{_datadir}/dbus-1/system-services \ --with-dbussystemservicedir=%{_datadir}/dbus-1/system-services \
--with-dbusinterfacedir=%{_datadir}/dbus-1/interfaces \ --with-dbusinterfacedir=%{_datadir}/dbus-1/interfaces \
--with-certificate-root=/etc/pki/systemd \
%if 0%{?bootstrap} %if 0%{?bootstrap}
--disable-myhostname \ --disable-myhostname \
--disable-manpages \ --disable-manpages \
--disable-machined \ --disable-machined \
--disable-importd \
%else %else
--enable-manpages \ --enable-manpages \
%if %{with python} %if %{with python}
@ -847,7 +861,10 @@ install -m 644 %{S:11} %{buildroot}/%{_prefix}/lib/systemd/system/
ln -s ../after-local.service %{buildroot}/%{_prefix}/lib/systemd/system/multi-user.target.wants/ ln -s ../after-local.service %{buildroot}/%{_prefix}/lib/systemd/system/multi-user.target.wants/
mkdir -p %{buildroot}%{_localstatedir}/lib/systemd/backlight mkdir -p %{buildroot}%{_localstatedir}/lib/systemd/backlight
mkdir -p %{buildroot}%{_localstatedir}/lib/systemd/random-seed > %{buildroot}%{_localstatedir}/lib/systemd/random-seed
# machined
mkdir -p %{buildroot}%{_localstatedir}/lib/machines
%fdupes -s %{buildroot}%{_mandir} %fdupes -s %{buildroot}%{_mandir}
@ -1309,6 +1326,7 @@ exit 0
%config(noreplace) %{_sysconfdir}/systemd/coredump.conf %config(noreplace) %{_sysconfdir}/systemd/coredump.conf
%if !0%{?bootstrap} %if !0%{?bootstrap}
%config(noreplace) %{_sysconfdir}/systemd/journal-remote.conf %config(noreplace) %{_sysconfdir}/systemd/journal-remote.conf
%config(noreplace) %{_sysconfdir}/systemd/journal-upload.conf
%endif %endif
%config(noreplace) %{_sysconfdir}/systemd/timesyncd.conf %config(noreplace) %{_sysconfdir}/systemd/timesyncd.conf
%config(noreplace) %{_sysconfdir}/systemd/system.conf %config(noreplace) %{_sysconfdir}/systemd/system.conf
@ -1415,6 +1433,7 @@ exit 0
%{_datadir}/zsh/site-functions/* %{_datadir}/zsh/site-functions/*
%ghost %{_localstatedir}/lib/systemd/backlight %ghost %{_localstatedir}/lib/systemd/backlight
%ghost %{_localstatedir}/lib/systemd/random-seed %ghost %{_localstatedir}/lib/systemd/random-seed
%dir %{_localstatedir}/lib/machines
%if %{with resolved} %if %{with resolved}
%{_sysconfdir}/dbus-1/system.d/org.freedesktop.resolve1.conf %{_sysconfdir}/dbus-1/system.d/org.freedesktop.resolve1.conf
%{_sysconfdir}/systemd/resolved.conf %{_sysconfdir}/systemd/resolved.conf
@ -1422,6 +1441,13 @@ exit 0
%{_datadir}/dbus-1/system-services/org.freedesktop.resolve1.service %{_datadir}/dbus-1/system-services/org.freedesktop.resolve1.service
%{_prefix}/lib/systemd/system/org.freedesktop.resolve1.busname %{_prefix}/lib/systemd/system/org.freedesktop.resolve1.busname
%endif %endif
%if ! 0%{?bootstrap}
%{_sysconfdir}/dbus-1/system.d/org.freedesktop.import1.conf
%{_prefix}/lib/systemd/import-pubring.gpg
%{_prefix}/lib/systemd/system/org.freedesktop.import1.busname
%{_datadir}/dbus-1/system-services/org.freedesktop.import1.service
%{_datadir}/polkit-1/actions/org.freedesktop.import1.policy
%endif
%if ! 0%{?bootstrap} %if ! 0%{?bootstrap}
%files bash-completion -f files.completion %files bash-completion -f files.completion

View File

@ -13,6 +13,19 @@ Tue Mar 1 09:16:08 UTC 2016 - werner@suse.de
this fixes forced logouts on isolate target aka changing runlevel this fixes forced logouts on isolate target aka changing runlevel
(boo#966535) (boo#966535)
-------------------------------------------------------------------
Thu Feb 4 11:05:37 UTC 2016 - lnussel@suse.de
- require curl and bzip2 to build importd
- curl also causes building of journal-upload. That one has rather
unusal certificate usage, set it's ca root to /etc/pki/systemd
instead of the built-in default /etc/ssl as journal-remote and
journal-upload think they kan put stuff in /etc/ssl/certs then but
that directory is managed by p11-kit and doesn't serve the purpose
those programs think.
- /var/lib/systemd/random-seed is a file
- own /var/lib/machines
------------------------------------------------------------------- -------------------------------------------------------------------
Sat Jan 9 22:46:21 UTC 2016 - afaerber@suse.de Sat Jan 9 22:46:21 UTC 2016 - afaerber@suse.de

View File

@ -87,6 +87,9 @@ Conflicts: kiwi
BuildRequires: docbook-xsl-stylesheets BuildRequires: docbook-xsl-stylesheets
BuildRequires: libgcrypt-devel BuildRequires: libgcrypt-devel
BuildRequires: libxslt-tools BuildRequires: libxslt-tools
# curl and bzip2 are required for building importd
BuildRequires: pkgconfig(bzip2)
BuildRequires: pkgconfig(libcurl)
%if %{with python} %if %{with python}
BuildRequires: python BuildRequires: python
%endif %endif
@ -245,6 +248,8 @@ Patch523: let-vconsole-setup-get-properties-only-once-to-copy-them.patch
Patch524: 0001-nss-mymachines-do-not-allow-overlong-machine-names.patch Patch524: 0001-nss-mymachines-do-not-allow-overlong-machine-names.patch
# PATCH-FIX-UPSTREAM (bsc#966535) # PATCH-FIX-UPSTREAM (bsc#966535)
Patch525: 0001-core-exclude-.slice-units-from-systemctl-isolate.patch Patch525: 0001-core-exclude-.slice-units-from-systemctl-isolate.patch
# PATCH-FIX-UPSTREAM -- fixed after 228
Patch526: systemd-228-nspawn-make-journal-linking-non-fatal-in-try-and-auto.diff
# UDEV PATCHES # UDEV PATCHES
# ============ # ============
@ -583,9 +588,10 @@ cp %{SOURCE7} m4/
%patch520 -p1 %patch520 -p1
%patch521 -p1 %patch521 -p1
%patch522 -p1 %patch522 -p1
%patch523 -p0 %patch523 -p1
%patch524 -p1 %patch524 -p1
%patch525 -p0 %patch525 -p1
%patch526 -p1
# udev patches # udev patches
%patch1002 -p1 %patch1002 -p1
@ -672,6 +678,12 @@ export LDFLAGS
cflags -pipe CFLAGS cflags -pipe CFLAGS
cflags -Wl,-O2 LDFLAGS cflags -Wl,-O2 LDFLAGS
cflags -Wl,--hash-size=8599 LDFLAGS cflags -Wl,--hash-size=8599 LDFLAGS
# certificate-root is set to /etc/pki/systemd instead of the
# built-in default /etc/ssl as journal-remote and journal-upload
# think they kan put stuff in /etc/ssl/certs then but that
# directory is managed by p11-kit and doesn't serve the purpose
# those programs think
#
# keep split-usr until all packages have moved their systemd rules to /usr # keep split-usr until all packages have moved their systemd rules to /usr
%configure \ %configure \
--with-ntp-servers="0.opensuse.pool.ntp.org 1.opensuse.pool.ntp.org 2.opensuse.pool.ntp.org 3.opensuse.pool.ntp.org" \ --with-ntp-servers="0.opensuse.pool.ntp.org 1.opensuse.pool.ntp.org 2.opensuse.pool.ntp.org 3.opensuse.pool.ntp.org" \
@ -681,10 +693,12 @@ cflags -Wl,--hash-size=8599 LDFLAGS
--with-dbussessionservicedir=%{_datadir}/dbus-1/services \ --with-dbussessionservicedir=%{_datadir}/dbus-1/services \
--with-dbussystemservicedir=%{_datadir}/dbus-1/system-services \ --with-dbussystemservicedir=%{_datadir}/dbus-1/system-services \
--with-dbusinterfacedir=%{_datadir}/dbus-1/interfaces \ --with-dbusinterfacedir=%{_datadir}/dbus-1/interfaces \
--with-certificate-root=/etc/pki/systemd \
%if 0%{?bootstrap} %if 0%{?bootstrap}
--disable-myhostname \ --disable-myhostname \
--disable-manpages \ --disable-manpages \
--disable-machined \ --disable-machined \
--disable-importd \
%else %else
--enable-manpages \ --enable-manpages \
%if %{with python} %if %{with python}
@ -842,7 +856,10 @@ install -m 644 %{S:11} %{buildroot}/%{_prefix}/lib/systemd/system/
ln -s ../after-local.service %{buildroot}/%{_prefix}/lib/systemd/system/multi-user.target.wants/ ln -s ../after-local.service %{buildroot}/%{_prefix}/lib/systemd/system/multi-user.target.wants/
mkdir -p %{buildroot}%{_localstatedir}/lib/systemd/backlight mkdir -p %{buildroot}%{_localstatedir}/lib/systemd/backlight
mkdir -p %{buildroot}%{_localstatedir}/lib/systemd/random-seed > %{buildroot}%{_localstatedir}/lib/systemd/random-seed
# machined
mkdir -p %{buildroot}%{_localstatedir}/lib/machines
%fdupes -s %{buildroot}%{_mandir} %fdupes -s %{buildroot}%{_mandir}
@ -1304,6 +1321,7 @@ exit 0
%config(noreplace) %{_sysconfdir}/systemd/coredump.conf %config(noreplace) %{_sysconfdir}/systemd/coredump.conf
%if !0%{?bootstrap} %if !0%{?bootstrap}
%config(noreplace) %{_sysconfdir}/systemd/journal-remote.conf %config(noreplace) %{_sysconfdir}/systemd/journal-remote.conf
%config(noreplace) %{_sysconfdir}/systemd/journal-upload.conf
%endif %endif
%config(noreplace) %{_sysconfdir}/systemd/timesyncd.conf %config(noreplace) %{_sysconfdir}/systemd/timesyncd.conf
%config(noreplace) %{_sysconfdir}/systemd/system.conf %config(noreplace) %{_sysconfdir}/systemd/system.conf
@ -1410,6 +1428,7 @@ exit 0
%{_datadir}/zsh/site-functions/* %{_datadir}/zsh/site-functions/*
%ghost %{_localstatedir}/lib/systemd/backlight %ghost %{_localstatedir}/lib/systemd/backlight
%ghost %{_localstatedir}/lib/systemd/random-seed %ghost %{_localstatedir}/lib/systemd/random-seed
%dir %{_localstatedir}/lib/machines
%if %{with resolved} %if %{with resolved}
%{_sysconfdir}/dbus-1/system.d/org.freedesktop.resolve1.conf %{_sysconfdir}/dbus-1/system.d/org.freedesktop.resolve1.conf
%{_sysconfdir}/systemd/resolved.conf %{_sysconfdir}/systemd/resolved.conf
@ -1417,6 +1436,13 @@ exit 0
%{_datadir}/dbus-1/system-services/org.freedesktop.resolve1.service %{_datadir}/dbus-1/system-services/org.freedesktop.resolve1.service
%{_prefix}/lib/systemd/system/org.freedesktop.resolve1.busname %{_prefix}/lib/systemd/system/org.freedesktop.resolve1.busname
%endif %endif
%if ! 0%{?bootstrap}
%{_sysconfdir}/dbus-1/system.d/org.freedesktop.import1.conf
%{_prefix}/lib/systemd/import-pubring.gpg
%{_prefix}/lib/systemd/system/org.freedesktop.import1.busname
%{_datadir}/dbus-1/system-services/org.freedesktop.import1.service
%{_datadir}/polkit-1/actions/org.freedesktop.import1.policy
%endif
%if ! 0%{?bootstrap} %if ! 0%{?bootstrap}
%files bash-completion -f files.completion %files bash-completion -f files.completion