From f23ce46955c1fc71669bc4e75b216f06de84d94a1a5fadae17bfd52667eab4f1 Mon Sep 17 00:00:00 2001 From: Franck Bui Date: Thu, 4 Jul 2024 09:20:55 +0000 Subject: [PATCH 01/14] - Upgrade to v256.1 (commit dd15bf4f6430d8646e546ee0b980448c7d0c9699) OBS-URL: https://build.opensuse.org/package/show/Base:System/systemd?expand=0&rev=1537 --- files.container | 30 ++++++++++ files.devel-doc | 4 ++ files.experimental | 27 ++++++++- files.homed | 6 ++ files.network | 8 +-- files.systemd | 26 +++++--- files.udev | 29 ++++++--- fixlet-systemd-post.sh | 4 +- pam.systemd-run0 | 8 +++ systemd-v255.8+suse.34.g5a8eadd0c0.tar.xz | 3 - systemd-v256.1+suse.4.gdd15bf4f64.tar.xz | 3 + systemd.changes | 7 +++ systemd.spec | 72 +++++++++++++++++------ 13 files changed, 182 insertions(+), 45 deletions(-) create mode 100644 pam.systemd-run0 delete mode 100644 systemd-v255.8+suse.34.g5a8eadd0c0.tar.xz create mode 100644 systemd-v256.1+suse.4.gdd15bf4f64.tar.xz diff --git a/files.container b/files.container index 8692b83b..7dc9233e 100644 --- a/files.container +++ b/files.container @@ -5,13 +5,41 @@ %{_bindir}/systemd-nspawn %if %{without bootstrap} %{_datadir}/bash-completion/completions/systemd-nspawn +%endif +%{_datadir}/polkit-1/actions/io.systemd.mount-file-system.policy +%if %{without bootstrap} %{_datadir}/zsh/site-functions/_systemd-nspawn %{_mandir}/man1/systemd-nspawn.1.gz %{_mandir}/man5/systemd.nspawn.5.gz %{_mandir}/man8/libnss_mymachines.so.2.8.gz %{_mandir}/man8/nss-mymachines.8.gz +%{_mandir}/man8/systemd-mountfsd.8.gz +%{_mandir}/man8/systemd-mountfsd.service.8.gz +%{_mandir}/man8/systemd-nsresourced.8.gz +%{_mandir}/man8/systemd-nsresourced.service.8.gz %endif +%if %{with networkd} +%{_systemd_util_dir}/network/80-container-host0.network +%{_systemd_util_dir}/network/80-container-vb.link +%{_systemd_util_dir}/network/80-container-vb.network +%{_systemd_util_dir}/network/80-container-ve.link +%{_systemd_util_dir}/network/80-container-ve.network +%{_systemd_util_dir}/network/80-container-vz.link +%{_systemd_util_dir}/network/80-container-vz.network +%{_systemd_util_dir}/network/80-namespace-ns.link +%{_systemd_util_dir}/network/80-namespace-ns.network +%endif +%if %{without bootstrap} +%{_systemd_util_dir}/systemd-mountfsd +%{_systemd_util_dir}/systemd-mountwork +%{_systemd_util_dir}/systemd-nsresourced +%{_systemd_util_dir}/systemd-nsresourcework +%{_unitdir}/systemd-mountfsd.service +%{_unitdir}/systemd-mountfsd.socket %{_unitdir}/systemd-nspawn@.service +%{_unitdir}/systemd-nsresourced.service +%{_unitdir}/systemd-nsresourced.socket +%endif %if %{with machined} %dir %{_unitdir}/machines.target.wants @@ -43,12 +71,14 @@ %endif %if %{with importd} +%{_bindir}/importctl %{_datadir}/bash-completion/completions/importctl %{_datadir}/dbus-1/interfaces/org.freedesktop.import1.Manager.xml %{_datadir}/dbus-1/interfaces/org.freedesktop.import1.Transfer.xml %{_datadir}/dbus-1/system-services/org.freedesktop.import1.service %{_datadir}/dbus-1/system.d/org.freedesktop.import1.conf %{_datadir}/polkit-1/actions/org.freedesktop.import1.policy +%{_mandir}/man1/importctl.1.gz %{_mandir}/man5/org.freedesktop.import1.5.gz %{_mandir}/man8/systemd-importd.8.gz %{_mandir}/man8/systemd-importd.service.8.gz diff --git a/files.devel-doc b/files.devel-doc index 35b059a3..50c29175 100644 --- a/files.devel-doc +++ b/files.devel-doc @@ -158,6 +158,7 @@ %{_mandir}/man3/sd_bus_creds_get_mask.3.gz %{_mandir}/man3/sd_bus_creds_get_owner_uid.3.gz %{_mandir}/man3/sd_bus_creds_get_pid.3.gz +%{_mandir}/man3/sd_bus_creds_get_pidfd_dup.3.gz %{_mandir}/man3/sd_bus_creds_get_ppid.3.gz %{_mandir}/man3/sd_bus_creds_get_selinux_context.3.gz %{_mandir}/man3/sd_bus_creds_get_session.3.gz @@ -179,6 +180,7 @@ %{_mandir}/man3/sd_bus_creds_has_inheritable_cap.3.gz %{_mandir}/man3/sd_bus_creds_has_permitted_cap.3.gz %{_mandir}/man3/sd_bus_creds_new_from_pid.3.gz +%{_mandir}/man3/sd_bus_creds_new_from_pidfd.3.gz %{_mandir}/man3/sd_bus_creds_ref.3.gz %{_mandir}/man3/sd_bus_creds_unref.3.gz %{_mandir}/man3/sd_bus_creds_unrefp.3.gz @@ -496,6 +498,7 @@ %{_mandir}/man3/sd_event_source_get_exit_on_failure.3.gz %{_mandir}/man3/sd_event_source_get_floating.3.gz %{_mandir}/man3/sd_event_source_get_inotify_mask.3.gz +%{_mandir}/man3/sd_event_source_get_inotify_path.3.gz %{_mandir}/man3/sd_event_source_get_io_events.3.gz %{_mandir}/man3/sd_event_source_get_io_fd.3.gz %{_mandir}/man3/sd_event_source_get_io_fd_own.3.gz @@ -636,6 +639,7 @@ %{_mandir}/man3/sd_journal_set_data_threshold.3.gz %{_mandir}/man3/sd_journal_step_one.3.gz %{_mandir}/man3/sd_journal_stream_fd.3.gz +%{_mandir}/man3/sd_journal_stream_fd_with_namespace.3.gz %{_mandir}/man3/sd_journal_test_cursor.3.gz %{_mandir}/man3/sd_journal_wait.3.gz %{_mandir}/man3/sd_listen_fds.3.gz diff --git a/files.experimental b/files.experimental index ee0675ca..92d3b4ed 100644 --- a/files.experimental +++ b/files.experimental @@ -12,12 +12,15 @@ # Main config files have been replaced in favor of drop-ins. %ghost %{_sysconfdir}/systemd/oomd.conf %{_bindir}/oomctl +%{_bindir}/run0 %{_bindir}/systemd-vmspawn %if %{with sd_boot} %{_bindir}/ukify %endif %{_bindir}/varlinkctl %{_datadir}/bash-completion/completions/oomctl +%{_datadir}/bash-completion/completions/run0 +%{_datadir}/bash-completion/completions/systemd-vmspawn %{_datadir}/dbus-1/interfaces/org.freedesktop.oom1.Manager.xml %{_datadir}/dbus-1/interfaces/org.freedesktop.portable1.Image.xml %{_datadir}/dbus-1/interfaces/org.freedesktop.portable1.Manager.xml @@ -25,6 +28,7 @@ %{_datadir}/dbus-1/system.d/org.freedesktop.oom1.conf %{_datadir}/zsh/site-functions/_oomctl %{_mandir}/man1/oomctl.1.gz +%{_mandir}/man1/run0.1.gz %{_mandir}/man1/systemd-measure.1.gz %{_mandir}/man1/systemd-vmspawn.1.gz %if %{with sd_boot} @@ -45,7 +49,6 @@ %{_mandir}/man8/systemd-pcrextend.8.gz %{_mandir}/man8/systemd-pcrfs-root.service.8.gz %{_mandir}/man8/systemd-pcrfs@.service.8.gz -%endif %{_mandir}/man8/systemd-pcrlock-file-system.service.8.gz %{_mandir}/man8/systemd-pcrlock-firmware-code.service.8.gz %{_mandir}/man8/systemd-pcrlock-firmware-config.service.8.gz @@ -54,7 +57,6 @@ %{_mandir}/man8/systemd-pcrlock-secureboot-authority.service.8.gz %{_mandir}/man8/systemd-pcrlock-secureboot-policy.service.8.gz %{_mandir}/man8/systemd-pcrlock.8.gz -%if %{with sd_boot} %{_mandir}/man8/systemd-pcrmachine.service.8.gz %{_mandir}/man8/systemd-pcrphase-initrd.service.8.gz %{_mandir}/man8/systemd-pcrphase-sysinit.service.8.gz @@ -67,12 +69,14 @@ %{_mandir}/man8/systemd-sysupdate.8.gz %{_mandir}/man8/systemd-sysupdate.service.8.gz %{_mandir}/man8/systemd-sysupdate.timer.8.gz +%{_mandir}/man8/systemd-tpm2-generator.8.gz %if %{with sd_boot} %{_mandir}/man8/systemd-tpm2-setup-early.service.8.gz %{_mandir}/man8/systemd-tpm2-setup.8.gz %{_mandir}/man8/systemd-tpm2-setup.service.8.gz %{_prefix}/lib/kernel/install.d/60-ukify.install %endif +%{_pam_vendordir}/systemd-run0 %{_prefix}/lib/pcrlock.d/350-action-efi-application.pcrlock %{_prefix}/lib/pcrlock.d/400-secureboot-separator.pcrlock.d/300-0x00000000.pcrlock %{_prefix}/lib/pcrlock.d/400-secureboot-separator.pcrlock.d/600-0xffffffff.pcrlock @@ -103,11 +107,13 @@ %if %{with sd_boot} %{_systemd_util_dir}/ukify %endif +%{_systemdgeneratordir}/systemd-tpm2-generator %{_sysusersdir}/systemd-oom.conf %{_unitdir}/initrd.target.wants/systemd-bsod.service %if %{with sd_boot} %{_unitdir}/initrd.target.wants/systemd-pcrphase-initrd.service %{_unitdir}/sockets.target.wants/systemd-pcrextend.socket +%{_unitdir}/sockets.target.wants/systemd-pcrlock.socket %endif %{_unitdir}/storage-target-mode.target %if %{with sd_boot} @@ -132,6 +138,8 @@ %{_unitdir}/systemd-pcrlock-make-policy.service %{_unitdir}/systemd-pcrlock-secureboot-authority.service %{_unitdir}/systemd-pcrlock-secureboot-policy.service +%{_unitdir}/systemd-pcrlock.socket +%{_unitdir}/systemd-pcrlock@.service %{_unitdir}/systemd-pcrmachine.service %{_unitdir}/systemd-pcrphase-initrd.service %{_unitdir}/systemd-pcrphase-sysinit.service @@ -146,3 +154,18 @@ %{_unitdir}/systemd-tpm2-setup-early.service %{_unitdir}/systemd-tpm2-setup.service %endif +%{_unitdir}/systemd-vmspawn@.service + +# ssh-generator: in the futur to be moved to the main package +%{_systemdgeneratordir}/systemd-ssh-generator +%if %{without bootstrap} +%{_mandir}/man8/systemd-ssh-generator.8.gz +%endif +# the ssh proxy will likely be promoted to systemd-container +%dir %{_distconfdir}/ssh +%dir %{_distconfdir}/ssh/ssh_config.d +%{_distconfdir}/ssh/ssh_config.d/20-systemd-ssh-proxy.conf +%{_systemd_util_dir}/systemd-ssh-proxy +%if %{without bootstrap} +%{_mandir}/man1/systemd-ssh-proxy.1.gz +%endif diff --git a/files.homed b/files.homed index 04605934..065a5e7d 100644 --- a/files.homed +++ b/files.homed @@ -1,14 +1,19 @@ # # Please keep the list sorted (with `LC_ALL=C sort`). # +%dir %{_distconfdir}/ssh +%dir %{_distconfdir}/ssh/sshd_config.d %{_bindir}/homectl +%{_bindir}/systemd-home-fallback-shell %{_datadir}/bash-completion/completions/homectl %{_datadir}/dbus-1/interfaces/org.freedesktop.home1.Home.xml %{_datadir}/dbus-1/interfaces/org.freedesktop.home1.Manager.xml %{_datadir}/dbus-1/system-services/org.freedesktop.home1.service %{_datadir}/dbus-1/system.d/org.freedesktop.home1.conf %{_datadir}/polkit-1/actions/org.freedesktop.home1.policy +%{_distconfdir}/ssh/sshd_config.d/20-systemd-userdb.conf %{_mandir}/man1/homectl.1.gz +%{_mandir}/man1/systemd-homed-firstboot.service.1.gz %{_mandir}/man5/homed.conf.5.gz %{_mandir}/man5/homed.conf.d.5.gz %{_mandir}/man5/org.freedesktop.home1.5.gz @@ -20,4 +25,5 @@ %{_systemd_util_dir}/systemd-homed %{_systemd_util_dir}/systemd-homework %{_unitdir}/systemd-homed-activate.service +%{_unitdir}/systemd-homed-firstboot.service %{_unitdir}/systemd-homed.service diff --git a/files.network b/files.network index 2dd59e9a..a338b240 100644 --- a/files.network +++ b/files.network @@ -30,12 +30,11 @@ %{_mandir}/man8/systemd-networkd-wait-online@.service.8.gz %{_mandir}/man8/systemd-networkd.8.gz %{_mandir}/man8/systemd-networkd.service.8.gz +%{_systemd_util_dir}/network/80-6rd-tunnel.link %{_systemd_util_dir}/network/80-6rd-tunnel.network %{_systemd_util_dir}/network/80-auto-link-local.network.example -%{_systemd_util_dir}/network/80-container-host0.network -%{_systemd_util_dir}/network/80-container-vb.network -%{_systemd_util_dir}/network/80-container-ve.network -%{_systemd_util_dir}/network/80-container-vz.network +%{_systemd_util_dir}/network/80-container-host0-tun.network +%{_systemd_util_dir}/network/80-vm-vt.link %{_systemd_util_dir}/network/80-vm-vt.network %{_systemd_util_dir}/network/80-wifi-adhoc.network %{_systemd_util_dir}/network/80-wifi-ap.network.example @@ -46,6 +45,7 @@ %{_systemd_util_dir}/systemd-networkd-wait-online %{_sysusersdir}/systemd-network.conf %{_tmpfilesdir}/systemd-network.conf +%{_unitdir}/systemd-networkd-persistent-storage.service %{_unitdir}/systemd-networkd-wait-online.service %{_unitdir}/systemd-networkd-wait-online@.service %{_unitdir}/systemd-networkd.service diff --git a/files.systemd b/files.systemd index 477251f6..8a77a0c3 100644 --- a/files.systemd +++ b/files.systemd @@ -134,6 +134,7 @@ %{_bindir}/systemd-tmpfiles %{_bindir}/systemd-tty-ask-password-agent %{_bindir}/systemd-umount +%{_bindir}/systemd-vpick %{_bindir}/timedatectl %if %{without bootstrap} %{_bindir}/userdbctl @@ -157,6 +158,7 @@ %{_datadir}/bash-completion/completions/systemd-path %{_datadir}/bash-completion/completions/systemd-run %{_datadir}/bash-completion/completions/systemd-sysext +%{_datadir}/bash-completion/completions/systemd-vpick %{_datadir}/bash-completion/completions/timedatectl %endif # dbus introspection data for code generators: https://github.com/systemd/systemd/pull/20294 @@ -193,7 +195,9 @@ %{_datadir}/dbus-1/system.d/org.freedesktop.login1.conf %{_datadir}/dbus-1/system.d/org.freedesktop.systemd1.conf %{_datadir}/dbus-1/system.d/org.freedesktop.timedate1.conf +%{_datadir}/mime/packages/io.systemd.xml %{_datadir}/pkgconfig/systemd.pc +%{_datadir}/polkit-1/actions/io.systemd.credentials.policy %{_datadir}/polkit-1/actions/org.freedesktop.hostname1.policy %{_datadir}/polkit-1/actions/org.freedesktop.locale1.policy %{_datadir}/polkit-1/actions/org.freedesktop.login1.policy @@ -260,10 +264,12 @@ %{_mandir}/man1/systemd-stdio-bridge.1.gz %{_mandir}/man1/systemd-tty-ask-password-agent.1.gz %{_mandir}/man1/systemd-umount.1.gz +%{_mandir}/man1/systemd-vpick.1.gz %{_mandir}/man1/systemd.1.gz %{_mandir}/man1/timedatectl.1.gz %{_mandir}/man1/userdbctl.1.gz %{_mandir}/man5/binfmt.d.5.gz +%{_mandir}/man5/capsule@.service.5.gz %{_mandir}/man5/coredump.conf.5.gz %{_mandir}/man5/coredump.conf.d.5.gz %{_mandir}/man5/dnssec-trust-anchors.d.5.gz @@ -334,6 +340,7 @@ %{_mandir}/man7/systemd.syntax.7.gz %{_mandir}/man7/systemd.system-credentials.7.gz %{_mandir}/man7/systemd.time.7.gz +%{_mandir}/man7/systemd.v.7.gz %{_mandir}/man8/30-systemd-environment-d-generator.8.gz %{_mandir}/man8/halt.8.gz %{_mandir}/man8/libnss_myhostname.so.2.8.gz @@ -517,6 +524,8 @@ %{_unitdir}/blockdev@.target %{_unitdir}/bluetooth.target %{_unitdir}/boot-complete.target +%{_unitdir}/capsule.slice +%{_unitdir}/capsule@.service %{_unitdir}/console-getty.service %{_unitdir}/container-getty@.service %{_unitdir}/ctrl-alt-del.target @@ -567,15 +576,6 @@ %{_unitdir}/printer.target %{_unitdir}/proc-sys-fs-binfmt_misc.automount %{_unitdir}/proc-sys-fs-binfmt_misc.mount -%if %{with upstream} -%{_unitdir}/quotaon-root.service -%endif -%if %{without upstream} -%{_unitdir}/quotaon.service -%endif -%if %{with upstream} -%{_unitdir}/quotaon@.service -%endif %{_unitdir}/reboot.target %{_unitdir}/remote-fs-pre.target %{_unitdir}/remote-fs.target @@ -591,11 +591,14 @@ %if %{without bootstrap} %{_unitdir}/sockets.target.wants/systemd-coredump.socket %endif +%{_unitdir}/sockets.target.wants/systemd-creds.socket +%{_unitdir}/sockets.target.wants/systemd-hostnamed.socket %{_unitdir}/sockets.target.wants/systemd-journald-dev-log.socket %{_unitdir}/sockets.target.wants/systemd-journald.socket %{_unitdir}/sockets.target.wants/systemd-sysext.socket %{_unitdir}/soft-reboot.target %{_unitdir}/sound.target +%{_unitdir}/ssh-access.target %{_unitdir}/swap.target %{_unitdir}/sys-fs-fuse-connections.mount %{_unitdir}/sys-kernel-config.mount @@ -638,13 +641,17 @@ %{_unitdir}/systemd-coredump.socket %{_unitdir}/systemd-coredump@.service %endif +%{_unitdir}/systemd-creds.socket +%{_unitdir}/systemd-creds@.service %{_unitdir}/systemd-exit.service %{_unitdir}/systemd-halt.service %{_unitdir}/systemd-hostnamed.service +%{_unitdir}/systemd-hostnamed.socket %{_unitdir}/systemd-journal-catalog-update.service %{_unitdir}/systemd-journal-flush.service %{_unitdir}/systemd-journald-audit.socket %{_unitdir}/systemd-journald-dev-log.socket +%{_unitdir}/systemd-journald-sync@.service %{_unitdir}/systemd-journald-varlink@.socket %{_unitdir}/systemd-journald.service %{_unitdir}/systemd-journald.socket @@ -689,4 +696,5 @@ %{_unitdir}/user@.service %{_unitdir}/user@.service.d/10-login-barrier.conf %{_unitdir}/user@0.service.d/10-login-barrier.conf +%{_userunitdir}/capsule@.target %{xinitconfdir}/xinitrc.d/50-systemd-user.sh diff --git a/files.udev b/files.udev index 09ba6c98..cc2aa1ea 100644 --- a/files.udev +++ b/files.udev @@ -1,7 +1,6 @@ # # Please keep the list sorted (with `LC_ALL=C sort`). # -%config(noreplace) %{_sysconfdir}/udev/udev.conf %if %{without bootstrap} %dir %{_libdir}/cryptsetup %endif @@ -21,6 +20,7 @@ %dir %{_sysconfdir}/udev %dir %{_sysconfdir}/udev/iocost.conf.d %dir %{_sysconfdir}/udev/rules.d +%dir %{_sysconfdir}/udev/udev.conf.d %dir %{_systemd_util_dir}/network %if %{without bootstrap} %dir %{_systemd_util_dir}/repart @@ -87,6 +87,7 @@ %{_mandir}/man5/timesyncd.conf.5.gz %{_mandir}/man5/timesyncd.conf.d.5.gz %{_mandir}/man5/udev.conf.5.gz +%{_mandir}/man5/udev.conf.d.5.gz %{_mandir}/man5/vconsole.conf.5.gz %{_mandir}/man5/veritytab.5.gz %{_mandir}/man7/hwdb.7.gz @@ -110,6 +111,7 @@ %{_mandir}/man8/systemd-growfs-root.service.8.gz %{_mandir}/man8/systemd-growfs.8.gz %{_mandir}/man8/systemd-growfs@.service.8.gz +%{_mandir}/man8/systemd-hibernate-clear.service.8.gz %{_mandir}/man8/systemd-hibernate-resume-generator.8.gz %{_mandir}/man8/systemd-hibernate-resume.8.gz %{_mandir}/man8/systemd-hibernate.service.8.gz @@ -174,6 +176,7 @@ %{_prefix}/lib/udev/iocost.conf %{_prefix}/lib/udev/mtd_probe %{_prefix}/lib/udev/scsi_id +%{_prefix}/lib/udev/udev.conf %{_prefix}/lib/udev/v4l_id %{_systemd_util_dir}/network/99-default.link %{_systemd_util_dir}/ntp-units.d/80-systemd-timesync.list @@ -320,10 +323,17 @@ %{_unitdir}/integritysetup-pre.target %{_unitdir}/integritysetup.target %{_unitdir}/kmod-static-nodes.service +%endif +%{_unitdir}/quotaon-root.service +%{_unitdir}/quotaon@.service +%if %{without bootstrap} %{_unitdir}/remote-cryptsetup.target %{_unitdir}/remote-veritysetup.target %endif %{_unitdir}/sleep.target +%if %{with sd_boot} +%{_unitdir}/sockets.target.wants/systemd-bootctl.socket +%endif %{_unitdir}/sockets.target.wants/systemd-udevd-control.socket %{_unitdir}/sockets.target.wants/systemd-udevd-kernel.socket %{_unitdir}/suspend-then-hibernate.target @@ -332,6 +342,7 @@ %{_unitdir}/sysinit.target.wants/cryptsetup.target %{_unitdir}/sysinit.target.wants/integritysetup.target %{_unitdir}/sysinit.target.wants/kmod-static-nodes.service +%{_unitdir}/sysinit.target.wants/systemd-hibernate-clear.service %endif %{_unitdir}/sysinit.target.wants/systemd-hwdb-update.service %if %{without bootstrap} @@ -349,11 +360,18 @@ %endif %{_unitdir}/systemd-backlight@.service %{_unitdir}/systemd-battery-check.service +%if %{with sd_boot} +%{_unitdir}/systemd-bootctl.socket +%{_unitdir}/systemd-bootctl@.service +%endif %{_unitdir}/systemd-firstboot.service %{_unitdir}/systemd-fsck-root.service %{_unitdir}/systemd-fsck@.service %{_unitdir}/systemd-growfs-root.service %{_unitdir}/systemd-growfs@.service +%if %{without bootstrap} +%{_unitdir}/systemd-hibernate-clear.service +%endif %{_unitdir}/systemd-hibernate-resume.service %{_unitdir}/systemd-hibernate.service %{_unitdir}/systemd-hwdb-update.service @@ -363,15 +381,8 @@ %endif %{_unitdir}/systemd-network-generator.service %{_unitdir}/systemd-pstore.service -%if %{with upstream} %{_unitdir}/systemd-quotacheck-root.service -%endif -%if %{without upstream} -%{_unitdir}/systemd-quotacheck.service -%endif -%if %{with upstream} %{_unitdir}/systemd-quotacheck@.service -%endif %{_unitdir}/systemd-random-seed.service %{_unitdir}/systemd-remount-fs.service %if %{without bootstrap} @@ -384,6 +395,7 @@ %{_unitdir}/systemd-timesyncd.service %{_unitdir}/systemd-tmpfiles-setup-dev-early.service %{_unitdir}/systemd-tmpfiles-setup-dev.service +%{_unitdir}/systemd-udev-load-credentials.service %{_unitdir}/systemd-udev-settle.service %{_unitdir}/systemd-udev-trigger.service %{_unitdir}/systemd-udevd-control.socket @@ -391,6 +403,7 @@ %{_unitdir}/systemd-udevd.service %{_unitdir}/systemd-vconsole-setup.service %{_unitdir}/systemd-volatile-root.service +%{_unitdir}/tpm2.target %if %{without bootstrap} %{_unitdir}/veritysetup-pre.target %{_unitdir}/veritysetup.target diff --git a/fixlet-systemd-post.sh b/fixlet-systemd-post.sh index e32bf8fe..b631ae0a 100644 --- a/fixlet-systemd-post.sh +++ b/fixlet-systemd-post.sh @@ -288,14 +288,14 @@ check_config_files () { config_files=(systemd/journald.conf systemd/logind.conf systemd/system.conf systemd/user.conf systemd/pstore.conf systemd/sleep.conf systemd/timesyncd.conf systemd/coredump.conf systemd/journal-remote.conf systemd/journal-upload.conf systemd/networkd.conf - systemd/resolved.conf systemd/oomd.conf udev/iocost.conf) + systemd/resolved.conf systemd/oomd.conf udev/iocost.conf udev/udev.conf) for f in ${config_files[*]}; do [ -e /etc/$f ] || continue cat >&2 < + +- Upgrade to v256.1 (commit dd15bf4f6430d8646e546ee0b980448c7d0c9699) + + See https://github.com/openSUSE/systemd/blob/SUSE/v256/NEWS for details. + ------------------------------------------------------------------- Mon Jul 1 08:35:26 UTC 2024 - Franck Bui diff --git a/systemd.spec b/systemd.spec index a7b093f0..dd30fbfa 100644 --- a/systemd.spec +++ b/systemd.spec @@ -26,9 +26,9 @@ %define systemd_release %{?release_override}%{!?release_override:0} %define archive_version %{nil} %else -%define systemd_version 255.8 +%define systemd_version 256.1 %define systemd_release 0 -%define archive_version +suse.34.g5a8eadd0c0 +%define archive_version +suse.4.gdd15bf4f64 %endif %define systemd_major %{sub %systemd_version 1 3} @@ -190,6 +190,7 @@ Source5: tmpfiles-suse.conf Source6: baselibs.conf Source7: triggers.systemd Source8: pam.systemd-user +Source9: pam.systemd-run0 Source14: kbd-model-map.legacy Source100: fixlet-container-post.sh @@ -219,13 +220,13 @@ Source213: files.devel-doc # get rid of one of them ! # Patch: 0001-Drop-support-for-efivar-SystemdOptions.patch -Patch: 0009-pid1-handle-console-specificities-weirdness-for-s390.patch %if %{with sysvcompat} Patch: 0002-rc-local-fix-ordering-startup-for-etc-init.d-boot.lo.patch Patch: 0008-sysv-generator-translate-Required-Start-into-a-Wants.patch %endif %if %{without upstream} +Patch: 0009-pid1-handle-console-specificities-weirdness-for-s390.patch # Patches listed below are put in quarantine. Normally all changes must go to # upstream first and then are cherry-picked in the SUSE git repository. But for # very few cases, some stuff might be broken in upstream and need to be fixed or @@ -347,10 +348,12 @@ BuildRequires: pkgconfig(libkmod) >= 15 # these tools are not linked against the libs directly but instead are # dlopen()ed at runtime to avoid hard dependencies. Hence the use of soft # dependencies. +BuildRequires: pkgconfig(libarchive) BuildRequires: pkgconfig(libfido2) BuildRequires: pkgconfig(tss2-esys) BuildRequires: pkgconfig(tss2-mu) BuildRequires: pkgconfig(tss2-rc) +Recommends: libarchive13 Recommends: libfido2 Recommends: libtss2-esys0 Recommends: libtss2-mu0 @@ -367,10 +370,8 @@ Provides: udev = %{version}-%{release} %if %{with upstream} BuildRequires: pkgconfig(dbus-1) BuildRequires: pkgconfig(glib-2.0) -BuildRequires: pkgconfig(libarchive) BuildRequires: pkgconfig(xencontrol) BuildRequires: pkgconfig(xkbcommon) -Recommends: libarchive13 Recommends: libxkbcommon0 %endif @@ -616,6 +617,7 @@ Requires: qemu Requires: quota Requires: socat Requires: squashfs +Requires: stress-ng Requires: systemd-container # System users/groups that some tests rely on. Requires: group(bin) @@ -629,8 +631,10 @@ Requires: user(nobody) # The following deps on libs are for test-dlopen-so whereas the pkgconfig ones # are used by test-funtions to find the libs on the host and install them in the # image, see install_missing_libraries() for details. +Requires: pkgconfig(libarchive) Requires: pkgconfig(libfido2) Requires: pkgconfig(libidn2) +Requires: pkgconfig(libkmod) %if %{with experimental} Requires: pkgconfig(libqrencode) Requires: pkgconfig(pwquality) @@ -692,15 +696,16 @@ and are provided so users can do early experiments with the new features or technologies without waiting for them to be fully supported by both upstream and openSUSE. -Please note that all services should be considered in development phase and as -such their behaviors details, unit files, option names, etc... are subject to -change without the usual backwards-compatibility promises. +Please note that the material shipped by this package should be considered in +development phase and as such their behaviors, unit files, option names, +etc... are subject to change without the usual backwards-compatibility promises. Components that turn out to be stable and considered as fully supported will be merged into the main package or moved into a dedicated package. -Currently this package contains: bsod, oomd, measure, pcrextend, pcrlock, -storagetm, sysupdate, tpm2-setup, userwork and ukify. +Currently this package contains the following features : bsod, oomd, measure, +pcrextend, pcrlock, run0, ssh-generator, storagetm, systemd-vmspawn, sysupdate, +tpm2-setup, userwork and ukify. Have fun (at your own risk). %endif @@ -757,12 +762,14 @@ for the C APIs. \ -Dbump-proc-sys-fs-nr-open=false \ -Ddbus=disabled \ + -Ddefault-mountfsd-trusted-directories=false \ -Ddefault-network=false \ -Dglib=disabled \ -Dgshadow=false \ -Dldconfig=false \ -Dlibidn=disabled \ -Dsmack=false \ + -Dvmlinux-h=disabled \ -Dxenctrl=disabled \ -Dxkbcommon=disabled \ \ @@ -779,6 +786,7 @@ for the C APIs. -Dhtml=%{disabled_with bootstrap} \ -Dima=%{when_not bootstrap} \ -Dkernel-install=%{when_not bootstrap} \ + -Dlibarchive=%{disabled_with bootstrap} \ -Dlibfido2=%{disabled_with bootstrap} \ -Dlibidn2=%{enabled_with resolved} \ -Dlibiptc=%{disabled_with bootstrap} \ @@ -789,6 +797,8 @@ for the C APIs. -Dlibcryptsetup-plugins=%{disabled_with bootstrap} \ -Dlibcurl=%{disabled_with bootstrap} \ -Dman=%{disabled_with bootstrap} \ + -Dmountfsd=%{when_not bootstrap} \ + -Dnsresourced=%{when_not bootstrap} \ -Dmicrohttpd=%{enabled_with journal_remote} \ -Dnss-myhostname=%{when_not bootstrap} \ -Dnss-mymachines=%{enabled_with machined} \ @@ -835,12 +845,17 @@ for the C APIs. -Dresolve=%{when resolved} \ \ -Doomd=%{when experimental} \ - -Dsysupdate=%{enabled_with experimental} \ -%if %{with sd_boot} - -Dukify=%{enabled_with experimental} \ +%if %{with experimental} + -Dsshdconfdir=%{_distconfdir}/ssh/sshd_config.d \ + -Dsshconfdir=%{_distconfdir}/ssh/ssh_config.d \ + -Dukify=%{enabled_with sd_boot} \ %else + -Dsshdconfdir=no \ + -Dsshconfdir=no \ -Dukify=disabled \ %endif + -Dsshdprivsepdir=no \ + -Dsysupdate=%{enabled_with experimental} \ -Dvmspawn=%{enabled_with experimental} \ \ -Dtests=%{when testsuite unsafe} \ @@ -871,9 +886,6 @@ install -m0755 -D %{SOURCE3} %{buildroot}/%{_systemd_util_dir}/systemd-update-he install -m0755 -D %{SOURCE4} %{buildroot}/%{_systemd_util_dir}/systemd-sysv-install %endif -# Drop-ins are currently not supported by udev. -mv %{buildroot}%{_prefix}/lib/udev/udev.conf %{buildroot}%{_sysconfdir}/udev/ - # Install the fixlets mkdir -p %{buildroot}%{_systemd_util_dir}/rpm %if %{with machined} @@ -892,6 +904,9 @@ rm -f %{buildroot}%{_sysconfdir}/systemd/system/default.target # Replace upstream PAM configuration files with openSUSE ones. install -m0644 -D %{SOURCE8} %{buildroot}%{_pam_vendordir}/systemd-user +%if %{with experimental} +install -m0644 -D %{SOURCE9} %{buildroot}%{_pam_vendordir}/systemd-run0 +%endif # Don't enable wall ask password service, it spams every console (bnc#747783). rm %{buildroot}%{_unitdir}/multi-user.target.wants/systemd-ask-password-wall.path @@ -942,6 +957,7 @@ mkdir -p %{buildroot}%{_sysconfdir}/systemd/system.conf.d mkdir -p %{buildroot}%{_sysconfdir}/systemd/timesyncd.conf.d mkdir -p %{buildroot}%{_sysconfdir}/systemd/user.conf.d mkdir -p %{buildroot}%{_sysconfdir}/udev/iocost.conf.d +mkdir -p %{buildroot}%{_sysconfdir}/udev/udev.conf.d mkdir -p %{buildroot}%{_sysconfdir}/systemd/network mkdir -p %{buildroot}%{_sysconfdir}/systemd/nspawn @@ -1012,6 +1028,11 @@ echo 'disable *' >%{buildroot}%{_userpresetdir}/99-default.preset rm -f %{buildroot}%{_tmpfilesdir}/{etc,home,legacy,tmp,var}.conf install -m 644 %{SOURCE5} %{buildroot}%{_tmpfilesdir}/systemd-suse.conf +# These 2 following file are useless because on SUSE distros ssh can parse +# drop-ins in /usr. +rm -f %{buildroot}%{_tmpfilesdir}/20-systemd-ssh-generator.conf +rm -f %{buildroot}%{_tmpfilesdir}/20-systemd-userdb.conf + # The content of the files shipped by systemd doesn't match the # defaults used by SUSE. Don't ship those files but leave the decision # to use the mechanism to the individual packages that actually @@ -1043,6 +1064,11 @@ tar -cO \ rm -f %{buildroot}%{_bindir}/varlinkctl rm -f %{buildroot}%{_journalcatalogdir}/* rm -fr %{buildroot}%{_docdir}/systemd +rm -f %{buildroot}%{_bindir}/run0 +rm -f %{buildroot}%{_systemdgeneratordir}/systemd-ssh-generator +rm -f %{buildroot}%{_systemdgeneratordir}/systemd-tpm2-generator +rm -f %{buildroot}%{_unitdir}/systemd-nspawn@.service +rm -f %{buildroot}%{_systemd_util_dir}/systemd-ssh-proxy %endif # Don't drop %%pre section even if it becomes empty: the build process of @@ -1174,14 +1200,24 @@ fi %ldconfig_scriptlets -n libsystemd0%{?mini} %ldconfig_scriptlets -n libudev%{?mini}1 -%if %{with machined} %pre container +%systemd_pre systemd-mountfsd.socket +%systemd_pre systemd-nsresourced.socket +%if %{with machined} %systemd_pre machines.target +%endif %preun container +%systemd_preun systemd-mountfsd.socket +%systemd_preun systemd-nsresourced.socket +%if %{with machined} %systemd_preun machines.target +%endif %postun container +%systemd_postun systemd-mountfsd.socket +%systemd_postun systemd-nsresourced.socket +%if %{with machined} %ldconfig %systemd_postun machines.target %endif @@ -1192,6 +1228,8 @@ fi %if %{without filetriggers} %tmpfiles_create systemd-nspawn.conf %endif +%systemd_post systemd-mountfsd.socket +%systemd_post systemd-nsresourced.socket %systemd_post machines.target %{_systemd_util_dir}/rpm/fixlet-container-post.sh $1 || : %endif From 129741962e327bd82569d438d4b3d32fdf0c89538e2460a01386df1042370952 Mon Sep 17 00:00:00 2001 From: Franck Bui Date: Thu, 4 Jul 2024 13:05:10 +0000 Subject: [PATCH 02/14] - varlinkctl is no more considered as experimental and has been moved to the main package. OBS-URL: https://build.opensuse.org/package/show/Base:System/systemd?expand=0&rev=1538 --- files.experimental | 2 -- files.systemd | 4 ++++ systemd.changes | 6 ++++++ 3 files changed, 10 insertions(+), 2 deletions(-) diff --git a/files.experimental b/files.experimental index 92d3b4ed..70b4984b 100644 --- a/files.experimental +++ b/files.experimental @@ -17,7 +17,6 @@ %if %{with sd_boot} %{_bindir}/ukify %endif -%{_bindir}/varlinkctl %{_datadir}/bash-completion/completions/oomctl %{_datadir}/bash-completion/completions/run0 %{_datadir}/bash-completion/completions/systemd-vmspawn @@ -34,7 +33,6 @@ %if %{with sd_boot} %{_mandir}/man1/ukify.1.gz %endif -%{_mandir}/man1/varlinkctl.1.gz %{_mandir}/man5/oomd.conf.5.gz %{_mandir}/man5/oomd.conf.d.5.gz %{_mandir}/man5/org.freedesktop.oom1.5.gz diff --git a/files.systemd b/files.systemd index 8a77a0c3..2ae82e52 100644 --- a/files.systemd +++ b/files.systemd @@ -138,6 +138,9 @@ %{_bindir}/timedatectl %if %{without bootstrap} %{_bindir}/userdbctl +%endif +%{_bindir}/varlinkctl +%if %{without bootstrap} %{_datadir}/bash-completion/completions/busctl %{_datadir}/bash-completion/completions/coredumpctl %{_datadir}/bash-completion/completions/hostnamectl @@ -268,6 +271,7 @@ %{_mandir}/man1/systemd.1.gz %{_mandir}/man1/timedatectl.1.gz %{_mandir}/man1/userdbctl.1.gz +%{_mandir}/man1/varlinkctl.1.gz %{_mandir}/man5/binfmt.d.5.gz %{_mandir}/man5/capsule@.service.5.gz %{_mandir}/man5/coredump.conf.5.gz diff --git a/systemd.changes b/systemd.changes index e9ff2057..e6864660 100644 --- a/systemd.changes +++ b/systemd.changes @@ -1,3 +1,9 @@ +------------------------------------------------------------------- +Thu Jul 4 13:04:04 UTC 2024 - Franck Bui + +- varlinkctl is no more considered as experimental and has been moved to the + main package. + ------------------------------------------------------------------- Thu Jul 4 09:07:28 UTC 2024 - Franck Bui From 6fc7b83800587e1de88d56713c8076e36fd21f010a292de3e376dd45f52e8550 Mon Sep 17 00:00:00 2001 From: Franck Bui Date: Thu, 4 Jul 2024 16:25:36 +0000 Subject: [PATCH 03/14] varlinkctl is not built with the mini flavor OBS-URL: https://build.opensuse.org/package/show/Base:System/systemd?expand=0&rev=1539 --- files.systemd | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/files.systemd b/files.systemd index 2ae82e52..a1cce7b3 100644 --- a/files.systemd +++ b/files.systemd @@ -138,8 +138,8 @@ %{_bindir}/timedatectl %if %{without bootstrap} %{_bindir}/userdbctl -%endif %{_bindir}/varlinkctl +%endif %if %{without bootstrap} %{_datadir}/bash-completion/completions/busctl %{_datadir}/bash-completion/completions/coredumpctl From 5141372014e6314366647fdf612eacdbf86858e8926806c43ed0148fd7f2f671 Mon Sep 17 00:00:00 2001 From: Franck Bui Date: Fri, 5 Jul 2024 07:59:05 +0000 Subject: [PATCH 04/14] fix build on riscv64: vmspawn is currently not supported for this arch OBS-URL: https://build.opensuse.org/package/show/Base:System/systemd?expand=0&rev=1540 --- systemd.spec | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/systemd.spec b/systemd.spec index dd30fbfa..2c852493 100644 --- a/systemd.spec +++ b/systemd.spec @@ -856,7 +856,11 @@ for the C APIs. %endif -Dsshdprivsepdir=no \ -Dsysupdate=%{enabled_with experimental} \ +%ifarch riscv64 + -Dvmspawn=disabled \ +%else -Dvmspawn=%{enabled_with experimental} \ +%endif \ -Dtests=%{when testsuite unsafe} \ -Dinstall-tests=%{when testsuite} \ From 73e4000db664514e60c1406867b0ca92849e2cec46b2f822f1f45c483cd5419e Mon Sep 17 00:00:00 2001 From: Franck Bui Date: Mon, 8 Jul 2024 08:08:01 +0000 Subject: [PATCH 05/14] - Import commit bd8b5ee3cf0466b6b78e167967468cf6f93ec807 (merge of v256.2) For a complete list of changes, visit: https://github.com/openSUSE/systemd/compare/dd15bf4f6430d8646e546ee0b980448c7d0c9699...bd8b5ee3cf0466b6b78e167967468cf6f93ec807 OBS-URL: https://build.opensuse.org/package/show/Base:System/systemd?expand=0&rev=1541 --- files.experimental | 1 + systemd-v256.1+suse.4.gdd15bf4f64.tar.xz | 3 --- systemd-v256.2+suse.5.gbd8b5ee3cf.tar.xz | 3 +++ systemd.changes | 8 ++++++++ systemd.spec | 4 ++-- 5 files changed, 14 insertions(+), 5 deletions(-) delete mode 100644 systemd-v256.1+suse.4.gdd15bf4f64.tar.xz create mode 100644 systemd-v256.2+suse.5.gbd8b5ee3cf.tar.xz diff --git a/files.experimental b/files.experimental index 70b4984b..4519ee60 100644 --- a/files.experimental +++ b/files.experimental @@ -26,6 +26,7 @@ %{_datadir}/dbus-1/system-services/org.freedesktop.oom1.service %{_datadir}/dbus-1/system.d/org.freedesktop.oom1.conf %{_datadir}/zsh/site-functions/_oomctl +%{_datadir}/zsh/site-functions/_run0 %{_mandir}/man1/oomctl.1.gz %{_mandir}/man1/run0.1.gz %{_mandir}/man1/systemd-measure.1.gz diff --git a/systemd-v256.1+suse.4.gdd15bf4f64.tar.xz b/systemd-v256.1+suse.4.gdd15bf4f64.tar.xz deleted file mode 100644 index badec322..00000000 --- a/systemd-v256.1+suse.4.gdd15bf4f64.tar.xz +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:3178d499470d282d91c5e924e26b37ed3f87d61e1a22ed3901a3516b3c0f9dca -size 11218484 diff --git a/systemd-v256.2+suse.5.gbd8b5ee3cf.tar.xz b/systemd-v256.2+suse.5.gbd8b5ee3cf.tar.xz new file mode 100644 index 00000000..f2425770 --- /dev/null +++ b/systemd-v256.2+suse.5.gbd8b5ee3cf.tar.xz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:d8a726b287cb7107f4e7ba0b1f9048a8f1589b8aa226a25bb6222a701c18bc1e +size 11222348 diff --git a/systemd.changes b/systemd.changes index e6864660..cd3fa4db 100644 --- a/systemd.changes +++ b/systemd.changes @@ -1,3 +1,11 @@ +------------------------------------------------------------------- +Mon Jul 8 07:56:15 UTC 2024 - Franck Bui + +- Import commit bd8b5ee3cf0466b6b78e167967468cf6f93ec807 (merge of v256.2) + + For a complete list of changes, visit: + https://github.com/openSUSE/systemd/compare/dd15bf4f6430d8646e546ee0b980448c7d0c9699...bd8b5ee3cf0466b6b78e167967468cf6f93ec807 + ------------------------------------------------------------------- Thu Jul 4 13:04:04 UTC 2024 - Franck Bui diff --git a/systemd.spec b/systemd.spec index 2c852493..743b3e3c 100644 --- a/systemd.spec +++ b/systemd.spec @@ -26,9 +26,9 @@ %define systemd_release %{?release_override}%{!?release_override:0} %define archive_version %{nil} %else -%define systemd_version 256.1 +%define systemd_version 256.2 %define systemd_release 0 -%define archive_version +suse.4.gdd15bf4f64 +%define archive_version +suse.5.gbd8b5ee3cf %endif %define systemd_major %{sub %systemd_version 1 3} From 4b8f7acd373cb8274eb09ec2bf46f93f304ed7d8822d9080003741514a5d512c Mon Sep 17 00:00:00 2001 From: Franck Bui Date: Mon, 8 Jul 2024 10:44:23 +0000 Subject: [PATCH 06/14] since v256.2 vmspawn builds on riscv OBS-URL: https://build.opensuse.org/package/show/Base:System/systemd?expand=0&rev=1542 --- systemd.spec | 4 ---- 1 file changed, 4 deletions(-) diff --git a/systemd.spec b/systemd.spec index 743b3e3c..ce7a3bb4 100644 --- a/systemd.spec +++ b/systemd.spec @@ -856,11 +856,7 @@ for the C APIs. %endif -Dsshdprivsepdir=no \ -Dsysupdate=%{enabled_with experimental} \ -%ifarch riscv64 - -Dvmspawn=disabled \ -%else -Dvmspawn=%{enabled_with experimental} \ -%endif \ -Dtests=%{when testsuite unsafe} \ -Dinstall-tests=%{when testsuite} \ From 566be305a3984a7916475b58956110c52ce13680539cc703bcd73d7c4892fd68 Mon Sep 17 00:00:00 2001 From: Franck Bui Date: Thu, 11 Jul 2024 10:19:12 +0000 Subject: [PATCH 07/14] - Make sure systemd-sysvcompat replaces systemd-sysvinit on upgrades (bsc#1218110) OBS-URL: https://build.opensuse.org/package/show/Base:System/systemd?expand=0&rev=1543 --- systemd.changes | 5 +++++ systemd.spec | 6 ++---- 2 files changed, 7 insertions(+), 4 deletions(-) diff --git a/systemd.changes b/systemd.changes index cd3fa4db..2a3cf1e3 100644 --- a/systemd.changes +++ b/systemd.changes @@ -1,3 +1,8 @@ +------------------------------------------------------------------- +Thu Jul 11 10:17:06 UTC 2024 - Franck Bui + +- Make sure systemd-sysvcompat replaces systemd-sysvinit on upgrades (bsc#1218110) + ------------------------------------------------------------------- Mon Jul 8 07:56:15 UTC 2024 - Franck Bui diff --git a/systemd.spec b/systemd.spec index ce7a3bb4..10ce570a 100644 --- a/systemd.spec +++ b/systemd.spec @@ -174,8 +174,6 @@ Provides: systemd-coredump = %{version}-%{release} Obsoletes: systemd-coredump < %{version}-%{release} Provides: systemd-logger = %{version}-%{release} Obsoletes: systemd-logger < %{version}-%{release} -Provides: systemd-sysvinit = %{version}-%{release} -Obsoletes: systemd-sysvinit < %{version}-%{release} Provides: systemd-analyze = %{version}-%{release} Obsoletes: pm-utils <= 1.4.1 Obsoletes: suspend <= 1.0 @@ -270,8 +268,8 @@ developing and building applications linking to these libraries. Summary: SySV and LSB init script support for systemd (deprecated) License: LGPL-2.1-or-later Requires: %{name} = %{version}-%{release} -Provides: systemd-sysvinit:%{_sbindir}/runlevel -Provides: systemd-sysvinit:%{_sbindir}/telinit +Provides: systemd-sysvinit = %{version}-%{release} +Obsoletes: systemd-sysvinit < %{version}-%{release} %description sysvcompat This package ships the necessary files that enable minimal SysV and LSB init From 858d1db9981bb30237d052e5d1b50e39fd8c22e6a213dd5a481135ddeeff999b Mon Sep 17 00:00:00 2001 From: Franck Bui Date: Tue, 16 Jul 2024 14:31:57 +0000 Subject: [PATCH 08/14] - Skip running the test units in %check for now. Some tests don't appreciate to run inside the build environment of OBS currently and some of them take an unexpected long time to execute on both risc and s390x architectures. OBS-URL: https://build.opensuse.org/package/show/Base:System/systemd?expand=0&rev=1544 --- systemd.changes | 9 +++++++++ systemd.spec | 2 ++ 2 files changed, 11 insertions(+) diff --git a/systemd.changes b/systemd.changes index 2a3cf1e3..ee783f13 100644 --- a/systemd.changes +++ b/systemd.changes @@ -1,3 +1,12 @@ +------------------------------------------------------------------- +Tue Jul 16 14:29:24 UTC 2024 - Franck Bui + +- Skip running the test units in %check for now. + + Some tests don't appreciate to run inside the build environment of OBS + currently and some of them take an unexpected long time to execute on both + risc and s390x architectures. + ------------------------------------------------------------------- Thu Jul 11 10:17:06 UTC 2024 - Franck Bui diff --git a/systemd.spec b/systemd.spec index 10ce570a..c2947753 100644 --- a/systemd.spec +++ b/systemd.spec @@ -1084,8 +1084,10 @@ rm -f %{buildroot}%{_systemd_util_dir}/systemd-ssh-proxy %systemd_pre systemd-userdbd.service %check +%if %{with upstream} # Run the unit tests. %meson_test +%endif %post if [ $1 -eq 1 ]; then From 768f49f30206ff53f0c2cb4893a64e877e2bb2d3e0f90ca43acdb413025950ca Mon Sep 17 00:00:00 2001 From: Franck Bui Date: Mon, 22 Jul 2024 12:03:59 +0000 Subject: [PATCH 09/14] - Don't mention any rpm macros inside comments, even if escaped (bsc#1228091) Otherwise pesign-obs-integration ends up re-packaging systemd with all macros inside comments unescaped leading to unpredictable behavior. Now why rpm expands rpm macros inside comments is the question... OBS-URL: https://build.opensuse.org/package/show/Base:System/systemd?expand=0&rev=1545 --- systemd.changes | 9 +++++++++ systemd.spec | 15 +++++++++------ 2 files changed, 18 insertions(+), 6 deletions(-) diff --git a/systemd.changes b/systemd.changes index ee783f13..4172a984 100644 --- a/systemd.changes +++ b/systemd.changes @@ -1,3 +1,12 @@ +------------------------------------------------------------------- +Mon Jul 22 11:53:27 UTC 2024 - Franck Bui + +- Don't mention any rpm macros inside comments, even if escaped (bsc#1228091) + + Otherwise pesign-obs-integration ends up re-packaging systemd with all macros + inside comments unescaped leading to unpredictable behavior. Now why rpm + expands rpm macros inside comments is the question... + ------------------------------------------------------------------- Tue Jul 16 14:29:24 UTC 2024 - Franck Bui diff --git a/systemd.spec b/systemd.spec index c2947753..6214ac35 100644 --- a/systemd.spec +++ b/systemd.spec @@ -36,7 +36,7 @@ %define _testsuitedir %{_systemd_util_dir}/tests %define xinitconfdir %{?_distconfdir}%{!?_distconfdir:%{_sysconfdir}}/X11/xinit -# Similar to %%with but return true/false. The value when the condition is +# Similar to 'with' macro but return true/false. The value when the condition is # verified can be redefined when a second parameter is passed. %define __when_1() %{expand:%%{?with_%{1}:true}%%{!?with_%{1}:false}} %define __when_2() %{expand:%%{?with_%{1}:%{2}}%%{!?with_%{1}:false}} @@ -124,7 +124,8 @@ BuildRequires: pam-devel BuildRequires: python3-Jinja2 BuildRequires: systemd-rpm-macros BuildRequires: pkgconfig(blkid) >= 2.26 -# The following packages are only required by the execution of the unit tests during %%check +# The following packages are only required by the execution of the unit tests +# during the 'check' section. BuildRequires: acl BuildRequires: distribution-release BuildRequires: python3-pefile @@ -1069,9 +1070,10 @@ rm -f %{buildroot}%{_unitdir}/systemd-nspawn@.service rm -f %{buildroot}%{_systemd_util_dir}/systemd-ssh-proxy %endif -# Don't drop %%pre section even if it becomes empty: the build process of -# installation images uses a hardcoded list of packages with a %%pre that needs -# to be run during the build and complains if it can't find one. +# Don't drop the following 'pre' section even if it becomes empty: the build +# process of installation images uses a hardcoded list of packages with a 'pre' +# section that needs to be run during the build and complains if it can't find +# one. %pre # We don't really need to enable these units explicitely since during # installation `systemctl preset-all` is executed at the end of the install @@ -1124,7 +1126,8 @@ systemd-tmpfiles --create || : journalctl --update-catalog || : %endif -# See the comment in %%pre about why we need to call %%systemd_pre. +# See the comment in the 'pre' section about why we need to call 'systemd_pre' +# macro. %systemd_post remote-fs.target %systemd_post getty@.service %systemd_post systemd-journald-audit.socket From 59450c7bc7449de07efa2b0f0698f61e6e02a3e78448bc36065c15b10f345145 Mon Sep 17 00:00:00 2001 From: Franck Bui Date: Mon, 22 Jul 2024 12:09:13 +0000 Subject: [PATCH 10/14] - Add temporarily 5003-core-when-switching-root-remove-run-systemd-before-e.patch (bsc#1227580) OBS-URL: https://build.opensuse.org/package/show/Base:System/systemd?expand=0&rev=1546 --- ...ing-root-remove-run-systemd-before-e.patch | 51 +++++++++++++++++++ systemd.changes | 5 ++ systemd.spec | 1 + 3 files changed, 57 insertions(+) create mode 100644 5003-core-when-switching-root-remove-run-systemd-before-e.patch diff --git a/5003-core-when-switching-root-remove-run-systemd-before-e.patch b/5003-core-when-switching-root-remove-run-systemd-before-e.patch new file mode 100644 index 00000000..acb39cdd --- /dev/null +++ b/5003-core-when-switching-root-remove-run-systemd-before-e.patch @@ -0,0 +1,51 @@ +From 437ea859ca6fa13e1b4b5075c85f6a5ebe93cd01 Mon Sep 17 00:00:00 2001 +From: Franck Bui +Date: Wed, 17 Jul 2024 11:02:03 +0200 +Subject: [PATCH 5003/5003] core: when switching root remove /run/systemd + before executing the binary specified by init= + +It's important if the binary specified by the init= boot option is not systemd +otherwise it confuses systemctl that incorrectly assumes that systemd is still +the init system due to the presence of /run/systemd/system. + +Also some tools might also check the presence of /run/systemd/private to test +if systemd is running as pid1. + +(cherry picked from commit 8c28dd24427598214d4464565192ec3f3b1a74a4) +--- + src/core/main.c | 12 ++++++++++++ + 1 file changed, 12 insertions(+) + +diff --git a/src/core/main.c b/src/core/main.c +index 4b8a315d86..ae8272d7e7 100644 +--- a/src/core/main.c ++++ b/src/core/main.c +@@ -80,6 +80,7 @@ + #include "psi-util.h" + #include "random-util.h" + #include "rlimit-util.h" ++#include "rm-rf.h" + #include "seccomp-util.h" + #include "selinux-setup.h" + #include "selinux-util.h" +@@ -2037,6 +2038,17 @@ static int do_reexecute( + arg_serialization = safe_fclose(arg_serialization); + fds = fdset_free(fds); + ++ /* Drop /run/systemd directory. Some of its content can be used as a flag indicating that systemd is ++ * the init system but we might be replacing it with something different. If systemd is used again it ++ * will recreate the directory and its content anyway. */ ++ r = rm_rf("/run/systemd.pre-switch-root", REMOVE_ROOT|REMOVE_MISSING_OK); ++ if (r < 0) ++ log_warning_errno(r, "Failed to prepare /run/systemd.pre-switch-root/, ignoring: %m"); ++ ++ r = RET_NERRNO(rename("/run/systemd", "/run/systemd.pre-switch-root")); ++ if (r < 0) ++ log_warning_errno(r, "Failed to move /run/systemd/ to /run/systemd.pre-switch-root/, ignoring: %m"); ++ + /* Reopen the console */ + (void) make_console_stdio(); + +-- +2.35.3 + diff --git a/systemd.changes b/systemd.changes index 4172a984..7bc0ea5d 100644 --- a/systemd.changes +++ b/systemd.changes @@ -1,3 +1,8 @@ +------------------------------------------------------------------- +Mon Jul 22 12:06:23 UTC 2024 - Franck Bui + +- Add temporarily 5003-core-when-switching-root-remove-run-systemd-before-e.patch (bsc#1227580) + ------------------------------------------------------------------- Mon Jul 22 11:53:27 UTC 2024 - Franck Bui diff --git a/systemd.spec b/systemd.spec index 6214ac35..9513c545 100644 --- a/systemd.spec +++ b/systemd.spec @@ -234,6 +234,7 @@ Patch: 0009-pid1-handle-console-specificities-weirdness-for-s390.patch Patch: 5001-Revert-udev-update-devlink-with-the-newer-device-nod.patch Patch: 5002-Revert-udev-revert-workarounds-for-issues-caused-by-.patch %endif +Patch: 5003-core-when-switching-root-remove-run-systemd-before-e.patch %description Systemd is a system and service manager, compatible with SysV and LSB From fd124384ffe83626f8042f22b26865e50a70a70b7d223b232a0c35ae44a04f54 Mon Sep 17 00:00:00 2001 From: Franck Bui Date: Tue, 23 Jul 2024 06:50:19 +0000 Subject: [PATCH 11/14] document bsc#1226414 in the changlog OBS-URL: https://build.opensuse.org/package/show/Base:System/systemd?expand=0&rev=1547 --- systemd.changes | 1 + 1 file changed, 1 insertion(+) diff --git a/systemd.changes b/systemd.changes index 7bc0ea5d..64588d0d 100644 --- a/systemd.changes +++ b/systemd.changes @@ -1408,6 +1408,7 @@ Mon Nov 14 11:15:06 UTC 2022 - Franck Bui - upstream commit 67c3e1f63a5221b47a8fea85ae421671f29f3b7e (bsc#1200723) - upstream commit 9102c625a673a3246d7e73d8737f3494446bad4e (bsc#1204968 CVE-2022-3821) - upstream commit efbd4b3ca84c0426b6ff98d6352f82f3b7c090b2 (bsc#1213873) + - upstream commit f562abe2963bad241d34e0b308e48cf114672c84 (bsc#1226414) * Rebased 0001-conf-parser-introduce-early-drop-ins.patch 1000-Revert-getty-Pass-tty-to-use-by-agetty-via-stdin.patch From 6882300393538a88a5b1e0e9e8800c038a96abce1c8abf6f448281489ca75e7f Mon Sep 17 00:00:00 2001 From: Franck Bui Date: Wed, 24 Jul 2024 13:47:26 +0000 Subject: [PATCH 12/14] Accepting request 1189388 from home:mkoutny:branches:Base:System:simple - Add 5004-disable-session-freeze.patch as a temporary workaround for https://github.com/systemd/systemd/issues/33083 OBS-URL: https://build.opensuse.org/request/show/1189388 OBS-URL: https://build.opensuse.org/package/show/Base:System/systemd?expand=0&rev=1548 --- 5004-disable-session-freeze.patch | 53 +++++++++++++++++++++++++++++++ systemd.changes | 6 ++++ systemd.spec | 5 +-- 3 files changed, 62 insertions(+), 2 deletions(-) create mode 100644 5004-disable-session-freeze.patch diff --git a/5004-disable-session-freeze.patch b/5004-disable-session-freeze.patch new file mode 100644 index 00000000..bb78bddc --- /dev/null +++ b/5004-disable-session-freeze.patch @@ -0,0 +1,53 @@ +From: Michal Koutný +Date: Wed, 24 Jul 2024 14:20:17 +0200 +Subject: Disable session freeze + +Freezing of user.slice is not reliable and it breaks regular suspend/resume +operations for users [1]. +Disable the partial (user.slice) freezing (rely on kernel freezing of every +task upon suspend) since the benefit of user.slice freezing does not outweight +the breakage caused by cgroup freezing implementation. + +[1] https://github.com/systemd/systemd/issues/33083 +--- + src/home/homework.c | 7 ++++--- + src/sleep/sleep.c | 8 +++++--- + 2 files changed, 9 insertions(+), 6 deletions(-) + +--- a/src/sleep/sleep.c ++++ b/src/sleep/sleep.c +@@ -603,12 +603,14 @@ static int run(int argc, char *argv[]) { + r = getenv_bool("SYSTEMD_SLEEP_FREEZE_USER_SESSIONS"); + if (r < 0 && r != -ENXIO) + log_warning_errno(r, "Cannot parse value of $SYSTEMD_SLEEP_FREEZE_USER_SESSIONS, ignoring."); ++ if (r == -ENXIO) ++ r = 0; /* Do not freeze by default unless requested */ + if (r != 0) + (void) unit_freezer_new_freeze(SPECIAL_USER_SLICE, &user_slice_freezer); + else +- log_notice("User sessions remain unfrozen on explicit request ($SYSTEMD_SLEEP_FREEZE_USER_SESSIONS=0).\n" +- "This is not recommended, and might result in unexpected behavior, particularly\n" +- "in suspend-then-hibernate operations or setups with encrypted home directories."); ++ log_notice("User sessions remain unfrozen (add $SYSTEMD_SLEEP_FREEZE_USER_SESSIONS=1 to override),\n" ++ "relying on kernel to perform the freeze.\n" ++ "This is a temporary downstream workaround for https://github.com/systemd/systemd/issues/33083."); + + switch (arg_operation) { + +--- a/src/home/homework.c ++++ b/src/home/homework.c +@@ -1879,10 +1879,11 @@ static int user_session_freezer(uid_t ui + r = getenv_bool("SYSTEMD_HOME_LOCK_FREEZE_SESSION"); + if (r < 0 && r != -ENXIO) + log_warning_errno(r, "Cannot parse value of $SYSTEMD_HOME_LOCK_FREEZE_SESSION, ignoring: %m"); +- else if (r == 0) { ++ else if (r == 0 || r == -ENXIO) { /* Do not freeze by default unless requested */ + if (freeze_now) +- log_notice("Session remains unfrozen on explicit request ($SYSTEMD_HOME_LOCK_FREEZE_SESSION=0).\n" +- "This is not recommended, and might result in unexpected behavior including data loss!"); ++ log_notice("Session remains unfrozen (add $SYSTEMD_HOME_LOCK_FREEZE_SESSION=1 to override).\n" ++ "This is a temporary downstream workaround for https://github.com/systemd/systemd/issues/33083.\n" ++ "Home locking is thus experimental and might result in unexpected behavior including data loss!"); + + *ret = NULL; + return 0; diff --git a/systemd.changes b/systemd.changes index 64588d0d..df3755ad 100644 --- a/systemd.changes +++ b/systemd.changes @@ -1,3 +1,9 @@ +------------------------------------------------------------------- +Wed Jul 24 12:34:13 UTC 2024 - Michal Koutný + +- Add 5004-disable-session-freeze.patch as a temporary workaround for + https://github.com/systemd/systemd/issues/33083 + ------------------------------------------------------------------- Mon Jul 22 12:06:23 UTC 2024 - Franck Bui diff --git a/systemd.spec b/systemd.spec index 9513c545..bb313e6f 100644 --- a/systemd.spec +++ b/systemd.spec @@ -1,5 +1,5 @@ # -# spec file +# spec file for package systemd # # Copyright (c) 2024 SUSE LLC # @@ -233,6 +233,7 @@ Patch: 0009-pid1-handle-console-specificities-weirdness-for-s390.patch # will be removed as soon as a proper fix will be merged by upstream. Patch: 5001-Revert-udev-update-devlink-with-the-newer-device-nod.patch Patch: 5002-Revert-udev-revert-workarounds-for-issues-caused-by-.patch +Patch: 5004-disable-session-freeze.patch %endif Patch: 5003-core-when-switching-root-remove-run-systemd-before-e.patch @@ -336,7 +337,7 @@ Requires: group(lp) Requires(pre): group(kvm) Requires(post): sed Requires(post): coreutils -Requires(postun):coreutils +Requires(postun): coreutils # 'regenerate_initrd_post' macro is expanded during build, hence this BR. BuildRequires: suse-module-tools %if %{without bootstrap} From fb75b8960af18dfaf862956c09b403710a17a11bb28faf97ff9b620cb8e2b191 Mon Sep 17 00:00:00 2001 From: Franck Bui Date: Wed, 24 Jul 2024 14:15:54 +0000 Subject: [PATCH 13/14] - Import commit 5bba1ebe17564b606cc5d1c07b14123c305019a7 (merge of v256.4) For a complete list of changes, visit: https://github.com/openSUSE/systemd/compare/bd8b5ee3cf0466b6b78e167967468cf6f93ec807...5bba1ebe17564b606cc5d1c07b14123c305019a7 OBS-URL: https://build.opensuse.org/package/show/Base:System/systemd?expand=0&rev=1549 --- files.systemd | 3 ++- files.udev | 1 + systemd-v256.2+suse.5.gbd8b5ee3cf.tar.xz | 3 --- systemd-v256.4+suse.6.g5bba1ebe17.tar.xz | 3 +++ systemd.changes | 8 ++++++++ systemd.spec | 9 ++++----- 6 files changed, 18 insertions(+), 9 deletions(-) delete mode 100644 systemd-v256.2+suse.5.gbd8b5ee3cf.tar.xz create mode 100644 systemd-v256.4+suse.6.g5bba1ebe17.tar.xz diff --git a/files.systemd b/files.systemd index a1cce7b3..ea5011f3 100644 --- a/files.systemd +++ b/files.systemd @@ -138,8 +138,8 @@ %{_bindir}/timedatectl %if %{without bootstrap} %{_bindir}/userdbctl -%{_bindir}/varlinkctl %endif +%{_bindir}/varlinkctl %if %{without bootstrap} %{_datadir}/bash-completion/completions/busctl %{_datadir}/bash-completion/completions/coredumpctl @@ -227,6 +227,7 @@ %{_datadir}/zsh/site-functions/_systemd-run %{_datadir}/zsh/site-functions/_systemd-tmpfiles %{_datadir}/zsh/site-functions/_timedatectl +%{_datadir}/zsh/site-functions/_varlinkctl %{_journalcatalogdir}/systemd.catalog %{_libdir}/libnss_myhostname.so.2 %{_libdir}/libnss_systemd.so.2 diff --git a/files.udev b/files.udev index cc2aa1ea..3ab30201 100644 --- a/files.udev +++ b/files.udev @@ -263,6 +263,7 @@ %{_udevhwdbdir}/70-analyzers.hwdb %{_udevhwdbdir}/70-av-production.hwdb %{_udevhwdbdir}/70-cameras.hwdb +%{_udevhwdbdir}/70-hardware-wallets.hwdb %{_udevhwdbdir}/70-joystick.hwdb %{_udevhwdbdir}/70-mouse.hwdb %{_udevhwdbdir}/70-pda.hwdb diff --git a/systemd-v256.2+suse.5.gbd8b5ee3cf.tar.xz b/systemd-v256.2+suse.5.gbd8b5ee3cf.tar.xz deleted file mode 100644 index f2425770..00000000 --- a/systemd-v256.2+suse.5.gbd8b5ee3cf.tar.xz +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:d8a726b287cb7107f4e7ba0b1f9048a8f1589b8aa226a25bb6222a701c18bc1e -size 11222348 diff --git a/systemd-v256.4+suse.6.g5bba1ebe17.tar.xz b/systemd-v256.4+suse.6.g5bba1ebe17.tar.xz new file mode 100644 index 00000000..26985692 --- /dev/null +++ b/systemd-v256.4+suse.6.g5bba1ebe17.tar.xz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:72df6e07b7a1d1e706b752c5d9396f7a6c829140b90fa1f82481146bca5a2de8 +size 11233100 diff --git a/systemd.changes b/systemd.changes index df3755ad..7baa9a9d 100644 --- a/systemd.changes +++ b/systemd.changes @@ -1,3 +1,11 @@ +------------------------------------------------------------------- +Wed Jul 24 13:49:10 UTC 2024 - Franck Bui + +- Import commit 5bba1ebe17564b606cc5d1c07b14123c305019a7 (merge of v256.4) + + For a complete list of changes, visit: + https://github.com/openSUSE/systemd/compare/bd8b5ee3cf0466b6b78e167967468cf6f93ec807...5bba1ebe17564b606cc5d1c07b14123c305019a7 + ------------------------------------------------------------------- Wed Jul 24 12:34:13 UTC 2024 - Michal Koutný diff --git a/systemd.spec b/systemd.spec index bb313e6f..f8a9885a 100644 --- a/systemd.spec +++ b/systemd.spec @@ -1,5 +1,5 @@ # -# spec file for package systemd +# spec file # # Copyright (c) 2024 SUSE LLC # @@ -26,9 +26,9 @@ %define systemd_release %{?release_override}%{!?release_override:0} %define archive_version %{nil} %else -%define systemd_version 256.2 +%define systemd_version 256.4 %define systemd_release 0 -%define archive_version +suse.5.gbd8b5ee3cf +%define archive_version +suse.6.g5bba1ebe17 %endif %define systemd_major %{sub %systemd_version 1 3} @@ -337,7 +337,7 @@ Requires: group(lp) Requires(pre): group(kvm) Requires(post): sed Requires(post): coreutils -Requires(postun): coreutils +Requires(postun):coreutils # 'regenerate_initrd_post' macro is expanded during build, hence this BR. BuildRequires: suse-module-tools %if %{without bootstrap} @@ -1062,7 +1062,6 @@ tar -cO \ %if %{without bootstrap} %find_lang systemd %else -rm -f %{buildroot}%{_bindir}/varlinkctl rm -f %{buildroot}%{_journalcatalogdir}/* rm -fr %{buildroot}%{_docdir}/systemd rm -f %{buildroot}%{_bindir}/run0 From 666e23cce19860c83e6b166f98b4e74d63cbb92e0f2ffdf4098ef58ac407b25d Mon Sep 17 00:00:00 2001 From: Franck Bui Date: Fri, 26 Jul 2024 06:46:59 +0000 Subject: [PATCH 14/14] mention the addition of pam.systemd-run0 in the changelog OBS-URL: https://build.opensuse.org/package/show/Base:System/systemd?expand=0&rev=1550 --- systemd.changes | 2 ++ 1 file changed, 2 insertions(+) diff --git a/systemd.changes b/systemd.changes index 7baa9a9d..97aff89f 100644 --- a/systemd.changes +++ b/systemd.changes @@ -61,6 +61,8 @@ Thu Jul 4 09:07:28 UTC 2024 - Franck Bui See https://github.com/openSUSE/systemd/blob/SUSE/v256/NEWS for details. + - Added pam.systemd-run0 + ------------------------------------------------------------------- Mon Jul 1 08:35:26 UTC 2024 - Franck Bui