From 1dd0355aaf7c29de219723b583394aab4c0179dfa2ac56d1553122f50d77c138 Mon Sep 17 00:00:00 2001 From: Franck Bui Date: Thu, 1 Jul 2021 07:51:39 +0000 Subject: [PATCH 1/2] - Finally don't create /run/lock/subsys anymore This effectively reverts the fix for bsc#1187292 made earlier. This directory is specific to RH sysvinit and since we're going to fade the support of SysV init script away the directory has no future. OBS-URL: https://build.opensuse.org/package/show/Base:System/systemd?expand=0&rev=1166 --- systemd-mini.changes | 9 +++++++++ systemd.changes | 9 +++++++++ tmpfiles-suse.conf | 4 ---- 3 files changed, 18 insertions(+), 4 deletions(-) diff --git a/systemd-mini.changes b/systemd-mini.changes index 84317eba..5c51d4f8 100644 --- a/systemd-mini.changes +++ b/systemd-mini.changes @@ -1,3 +1,12 @@ +------------------------------------------------------------------- +Thu Jul 1 07:47:31 UTC 2021 - Franck Bui + +- Finally don't create /run/lock/subsys anymore + + This effectively reverts the fix for bsc#1187292 made earlier. This + directory is specific to RH sysvinit and since we're going to fade + the support of SysV init script away the directory has no future. + ------------------------------------------------------------------- Mon Jun 28 16:45:04 UTC 2021 - Franck Bui diff --git a/systemd.changes b/systemd.changes index 84317eba..5c51d4f8 100644 --- a/systemd.changes +++ b/systemd.changes @@ -1,3 +1,12 @@ +------------------------------------------------------------------- +Thu Jul 1 07:47:31 UTC 2021 - Franck Bui + +- Finally don't create /run/lock/subsys anymore + + This effectively reverts the fix for bsc#1187292 made earlier. This + directory is specific to RH sysvinit and since we're going to fade + the support of SysV init script away the directory has no future. + ------------------------------------------------------------------- Mon Jun 28 16:45:04 UTC 2021 - Franck Bui diff --git a/tmpfiles-suse.conf b/tmpfiles-suse.conf index 68635292..885e852c 100644 --- a/tmpfiles-suse.conf +++ b/tmpfiles-suse.conf @@ -9,10 +9,6 @@ L+ /etc/mtab - - - - ../proc/self/mounts # FIXME: Might be moved to lockded. d /run/lock 0775 root lock - -# /run/lock/subsys is used for serializing SysV service execution, and -# hence without use on SysV-less systems. -d /run/lock/subsys 0755 root root - - # FIXME: Should these one be moved to shadow ? f /var/log/wtmp 0664 root utmp - f /var/log/btmp 0660 root utmp - From c745c33e884e1a3f55f453fa3b44396b23f5ce24141f5e1872b450bd90bfac77 Mon Sep 17 00:00:00 2001 From: Franck Bui Date: Thu, 1 Jul 2021 08:51:02 +0000 Subject: [PATCH 2/2] Accepting request 902825 from home:favogt:microtpm - Enable TPM2 support - Enable TPM2 support OBS-URL: https://build.opensuse.org/request/show/902825 OBS-URL: https://build.opensuse.org/package/show/Base:System/systemd?expand=0&rev=1167 --- systemd-mini.changes | 5 +++++ systemd-mini.spec | 7 +++++++ systemd.changes | 5 +++++ systemd.spec | 7 +++++++ 4 files changed, 24 insertions(+) diff --git a/systemd-mini.changes b/systemd-mini.changes index 5c51d4f8..c11e4dc7 100644 --- a/systemd-mini.changes +++ b/systemd-mini.changes @@ -15,6 +15,11 @@ Mon Jun 28 16:45:04 UTC 2021 - Franck Bui 8dd19c6ee3 sd-device: allow to read sysattr which contains embedded NUL d52409e5fe pid1: only add a Wants= type dependency on /tmp when PrivateTmp=yes (bsc#1181970 +------------------------------------------------------------------- +Mon Jun 28 12:46:04 UTC 2021 - Fabian Vogt + +- Enable TPM2 support + ------------------------------------------------------------------- Thu Jun 24 13:39:30 UTC 2021 - Franck Bui diff --git a/systemd-mini.spec b/systemd-mini.spec index cef89604..65f56a41 100644 --- a/systemd-mini.spec +++ b/systemd-mini.spec @@ -83,6 +83,9 @@ BuildRequires: pkgconfig(libpcre2-8) BuildRequires: pkgconfig(libqrencode) BuildRequires: pkgconfig(libselinux) >= 2.1.9 BuildRequires: pkgconfig(libzstd) +BuildRequires: pkgconfig(tss2-esys) +BuildRequires: pkgconfig(tss2-mu) +BuildRequires: pkgconfig(tss2-rc) %ifarch aarch64 %ix86 x86_64 x32 %arm ppc64le s390x BuildRequires: pkgconfig(libseccomp) >= 2.3.1 %endif @@ -134,6 +137,9 @@ Requires: group(lock) Recommends: libpcre2-8-0 # ditto but dlopen()ed by systemd-cryptenroll Recommends: libfido2 +Recommends: libtss2-esys0 +Recommends: libtss2-mu0 +Recommends: libtss2-rc0 Requires(post): coreutils Requires(post): findutils Requires(post): systemd-presets-branding @@ -588,6 +594,7 @@ Have fun with these services at your own risk. %if 0%{?bootstrap} -Dnss-myhostname=false \ %else + -Dtpm2=true \ -Dman=true \ -Dhtml=true \ %endif diff --git a/systemd.changes b/systemd.changes index 5c51d4f8..c11e4dc7 100644 --- a/systemd.changes +++ b/systemd.changes @@ -15,6 +15,11 @@ Mon Jun 28 16:45:04 UTC 2021 - Franck Bui 8dd19c6ee3 sd-device: allow to read sysattr which contains embedded NUL d52409e5fe pid1: only add a Wants= type dependency on /tmp when PrivateTmp=yes (bsc#1181970 +------------------------------------------------------------------- +Mon Jun 28 12:46:04 UTC 2021 - Fabian Vogt + +- Enable TPM2 support + ------------------------------------------------------------------- Thu Jun 24 13:39:30 UTC 2021 - Franck Bui diff --git a/systemd.spec b/systemd.spec index 9ba18701..1b9aeaae 100644 --- a/systemd.spec +++ b/systemd.spec @@ -81,6 +81,9 @@ BuildRequires: pkgconfig(libpcre2-8) BuildRequires: pkgconfig(libqrencode) BuildRequires: pkgconfig(libselinux) >= 2.1.9 BuildRequires: pkgconfig(libzstd) +BuildRequires: pkgconfig(tss2-esys) +BuildRequires: pkgconfig(tss2-mu) +BuildRequires: pkgconfig(tss2-rc) %ifarch aarch64 %ix86 x86_64 x32 %arm ppc64le s390x BuildRequires: pkgconfig(libseccomp) >= 2.3.1 %endif @@ -132,6 +135,9 @@ Requires: group(lock) Recommends: libpcre2-8-0 # ditto but dlopen()ed by systemd-cryptenroll Recommends: libfido2 +Recommends: libtss2-esys0 +Recommends: libtss2-mu0 +Recommends: libtss2-rc0 Requires(post): coreutils Requires(post): findutils Requires(post): systemd-presets-branding @@ -586,6 +592,7 @@ Have fun with these services at your own risk. %if 0%{?bootstrap} -Dnss-myhostname=false \ %else + -Dtpm2=true \ -Dman=true \ -Dhtml=true \ %endif