Accepting request 1070393 from Base:System

- Add 5000-core-manager-run-generators-directly-when-we-are-in-.patch, a
  temporary workaround until https://github.com/dracutdevs/dracut/issues/2211 is
  fixed in dracut.

- Upgrade to v253.1 (commit 6c327d74aa0d350482e82a247d7018559699798d)
  See https://github.com/openSUSE/systemd/blob/SUSE/v253/NEWS for details.
  * Rebased 0001-conf-parser-introduce-early-drop-ins.patch
  * Ship systemd-journald-audit.socket again: it can now be disabled via the
    usual "systemctl disable" mechanism to stop collection of audit
    messages. Note that it's handled by the preset logic, which turns it off by
    default.
  * TEST_06_SELINUX needs selinux-policy-devel.

OBS-URL: https://build.opensuse.org/request/show/1070393
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/systemd?expand=0&rev=381
This commit is contained in:
Dominique Leuenberger 2023-03-14 17:15:29 +00:00 committed by Git OBS Bridge
commit faa65513d1
11 changed files with 124 additions and 41 deletions

View File

@ -1,7 +1,7 @@
From 288be40eb94ddc1d549a98556baea71d20df224f Mon Sep 17 00:00:00 2001 From 77391d9baf86f10daf210ccf5527e0155a33fc73 Mon Sep 17 00:00:00 2001
From: Franck Bui <fbui@suse.com> From: Franck Bui <fbui@suse.com>
Date: Fri, 22 Jan 2021 14:57:08 +0100 Date: Fri, 22 Jan 2021 14:57:08 +0100
Subject: [PATCH 1/8] conf-parser: introduce 'early' drop-ins Subject: [PATCH 1/1] conf-parser: introduce 'early' drop-ins
MIME-Version: 1.0 MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8 Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit Content-Transfer-Encoding: 8bit
@ -62,14 +62,14 @@ drop this feature at any time.
Fixes: #2121 Fixes: #2121
--- ---
src/shared/conf-parser.c | 55 ++++++++++-- src/shared/conf-parser.c | 55 ++++++++++--
src/test/test-conf-parser.c | 164 ++++++++++++++++++++++++++++++++++++ src/test/test-conf-parser.c | 166 +++++++++++++++++++++++++++++++++++-
2 files changed, 214 insertions(+), 5 deletions(-) 2 files changed, 215 insertions(+), 6 deletions(-)
diff --git a/src/shared/conf-parser.c b/src/shared/conf-parser.c diff --git a/src/shared/conf-parser.c b/src/shared/conf-parser.c
index 5cb41a39da..86dc1c95f6 100644 index 29051ca0e3..72935030ea 100644
--- a/src/shared/conf-parser.c --- a/src/shared/conf-parser.c
+++ b/src/shared/conf-parser.c +++ b/src/shared/conf-parser.c
@@ -478,6 +478,7 @@ int hashmap_put_stats_by_path(Hashmap **stats_by_path, const char *path, const s @@ -477,6 +477,7 @@ int hashmap_put_stats_by_path(Hashmap **stats_by_path, const char *path, const s
static int config_parse_many_files( static int config_parse_many_files(
const char* const* conf_files, const char* const* conf_files,
@ -77,7 +77,7 @@ index 5cb41a39da..86dc1c95f6 100644
char **files, char **files,
const char *sections, const char *sections,
ConfigItemLookup lookup, ConfigItemLookup lookup,
@@ -496,6 +497,20 @@ static int config_parse_many_files( @@ -495,6 +496,20 @@ static int config_parse_many_files(
return -ENOMEM; return -ENOMEM;
} }
@ -98,7 +98,7 @@ index 5cb41a39da..86dc1c95f6 100644
/* First read the first found main config file. */ /* First read the first found main config file. */
STRV_FOREACH(fn, conf_files) { STRV_FOREACH(fn, conf_files) {
r = config_parse(NULL, *fn, NULL, sections, lookup, table, flags, userdata, &st); r = config_parse(NULL, *fn, NULL, sections, lookup, table, flags, userdata, &st);
@@ -534,6 +549,27 @@ static int config_parse_many_files( @@ -533,6 +548,27 @@ static int config_parse_many_files(
return 0; return 0;
} }
@ -126,7 +126,7 @@ index 5cb41a39da..86dc1c95f6 100644
/* Parse each config file in the directories specified as nulstr. */ /* Parse each config file in the directories specified as nulstr. */
int config_parse_many_nulstr( int config_parse_many_nulstr(
const char *conf_file, const char *conf_file,
@@ -545,15 +581,19 @@ int config_parse_many_nulstr( @@ -544,15 +580,19 @@ int config_parse_many_nulstr(
void *userdata, void *userdata,
Hashmap **ret_stats_by_path) { Hashmap **ret_stats_by_path) {
@ -149,7 +149,7 @@ index 5cb41a39da..86dc1c95f6 100644
ret_stats_by_path); ret_stats_by_path);
} }
@@ -591,6 +631,7 @@ int config_parse_many( @@ -590,6 +630,7 @@ int config_parse_many(
Hashmap **ret_stats_by_path, Hashmap **ret_stats_by_path,
char ***ret_dropin_files) { char ***ret_dropin_files) {
@ -157,7 +157,7 @@ index 5cb41a39da..86dc1c95f6 100644
_cleanup_strv_free_ char **files = NULL; _cleanup_strv_free_ char **files = NULL;
int r; int r;
@@ -603,12 +644,16 @@ int config_parse_many( @@ -602,12 +643,16 @@ int config_parse_many(
if (r < 0) if (r < 0)
return r; return r;
@ -177,20 +177,22 @@ index 5cb41a39da..86dc1c95f6 100644
return 0; return 0;
} }
diff --git a/src/test/test-conf-parser.c b/src/test/test-conf-parser.c diff --git a/src/test/test-conf-parser.c b/src/test/test-conf-parser.c
index 8c27dcac3f..745e4a127a 100644 index 0acb4131b5..96a52e759f 100644
--- a/src/test/test-conf-parser.c --- a/src/test/test-conf-parser.c
+++ b/src/test/test-conf-parser.c +++ b/src/test/test-conf-parser.c
@@ -5,6 +5,9 @@ @@ -5,7 +5,10 @@
#include "fs-util.h" #include "fs-util.h"
#include "log.h" #include "log.h"
#include "macro.h" #include "macro.h"
-#include "string-util.h"
+#include "mkdir.h" +#include "mkdir.h"
+#include "nulstr-util.h"
+#include "path-util.h" +#include "path-util.h"
+#include "rm-rf.h" +#include "rm-rf.h"
#include "string-util.h"
#include "strv.h" #include "strv.h"
#include "tests.h" #include "tests.h"
@@ -391,4 +394,165 @@ TEST(config_parse) { #include "tmpfile-util.h"
@@ -390,4 +393,165 @@ TEST(config_parse) {
test_config_parse_one(i, config_file[i]); test_config_parse_one(i, config_file[i]);
} }

View File

@ -0,0 +1,34 @@
From 9d0f728f65e6c3ad586e276c1ed3c2cd8cc944be Mon Sep 17 00:00:00 2001
From: Yu Watanabe <watanabe.yu+github@gmail.com>
Date: Mon, 20 Feb 2023 12:00:30 +0900
Subject: [PATCH 5000/5000] core/manager: run generators directly when we are
in initrd
Some initrd system write files at ourside of /run, /etc, or other
allowed places. This is a kind of workaround, but in most cases, such
sandboxing is not necessary as the filesystem is on ramfs when we are in
initrd.
Fixes #26488.
---
src/core/manager.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/src/core/manager.c b/src/core/manager.c
index 380a4e30d7..6135205761 100644
--- a/src/core/manager.c
+++ b/src/core/manager.c
@@ -3822,8 +3822,8 @@ static int manager_run_generators(Manager *m) {
/* If we are the system manager, we fork and invoke the generators in a sanitized mount namespace. If
* we are the user manager, let's just execute the generators directly. We might not have the
* necessary privileges, and the system manager has already mounted /tmp/ and everything else for us.
- */
- if (MANAGER_IS_USER(m)) {
+ * If we are in initrd, let's also execute the generators directly, as we are in ramfs. */
+ if (MANAGER_IS_USER(m) || in_initrd()) {
r = manager_execute_generators(m, paths, /* remount_ro= */ false);
goto finish;
}
--
2.35.3

View File

@ -197,6 +197,8 @@
%{_mandir}/man3/sd_bus_emit_properties_changed.3.gz %{_mandir}/man3/sd_bus_emit_properties_changed.3.gz
%{_mandir}/man3/sd_bus_emit_properties_changed_strv.3.gz %{_mandir}/man3/sd_bus_emit_properties_changed_strv.3.gz
%{_mandir}/man3/sd_bus_emit_signal.3.gz %{_mandir}/man3/sd_bus_emit_signal.3.gz
%{_mandir}/man3/sd_bus_emit_signal_to.3.gz
%{_mandir}/man3/sd_bus_emit_signal_tov.3.gz
%{_mandir}/man3/sd_bus_emit_signalv.3.gz %{_mandir}/man3/sd_bus_emit_signalv.3.gz
%{_mandir}/man3/sd_bus_enqueue_for_read.3.gz %{_mandir}/man3/sd_bus_enqueue_for_read.3.gz
%{_mandir}/man3/sd_bus_error.3.gz %{_mandir}/man3/sd_bus_error.3.gz
@ -312,6 +314,7 @@
%{_mandir}/man3/sd_bus_message_new_method_errorf.3.gz %{_mandir}/man3/sd_bus_message_new_method_errorf.3.gz
%{_mandir}/man3/sd_bus_message_new_method_return.3.gz %{_mandir}/man3/sd_bus_message_new_method_return.3.gz
%{_mandir}/man3/sd_bus_message_new_signal.3.gz %{_mandir}/man3/sd_bus_message_new_signal.3.gz
%{_mandir}/man3/sd_bus_message_new_signal_to.3.gz
%{_mandir}/man3/sd_bus_message_open_container.3.gz %{_mandir}/man3/sd_bus_message_open_container.3.gz
%{_mandir}/man3/sd_bus_message_peek_type.3.gz %{_mandir}/man3/sd_bus_message_peek_type.3.gz
%{_mandir}/man3/sd_bus_message_read.3.gz %{_mandir}/man3/sd_bus_message_read.3.gz
@ -663,6 +666,14 @@
%{_mandir}/man3/sd_pid_notify.3.gz %{_mandir}/man3/sd_pid_notify.3.gz
%{_mandir}/man3/sd_pid_notify_with_fds.3.gz %{_mandir}/man3/sd_pid_notify_with_fds.3.gz
%{_mandir}/man3/sd_pid_notifyf.3.gz %{_mandir}/man3/sd_pid_notifyf.3.gz
%{_mandir}/man3/sd_pidfd_get_cgroup.3.gz
%{_mandir}/man3/sd_pidfd_get_machine_name.3.gz
%{_mandir}/man3/sd_pidfd_get_owner_uid.3.gz
%{_mandir}/man3/sd_pidfd_get_session.3.gz
%{_mandir}/man3/sd_pidfd_get_slice.3.gz
%{_mandir}/man3/sd_pidfd_get_unit.3.gz
%{_mandir}/man3/sd_pidfd_get_user_slice.3.gz
%{_mandir}/man3/sd_pidfd_get_user_unit.3.gz
%{_mandir}/man3/sd_seat_can_graphical.3.gz %{_mandir}/man3/sd_seat_can_graphical.3.gz
%{_mandir}/man3/sd_seat_can_tty.3.gz %{_mandir}/man3/sd_seat_can_tty.3.gz
%{_mandir}/man3/sd_seat_get_active.3.gz %{_mandir}/man3/sd_seat_get_active.3.gz

View File

@ -27,6 +27,7 @@
%{_mandir}/man1/oomctl.1.gz %{_mandir}/man1/oomctl.1.gz
%if %{with sd_boot} %if %{with sd_boot}
%{_mandir}/man1/systemd-measure.1.gz %{_mandir}/man1/systemd-measure.1.gz
%{_mandir}/man1/ukify.1.gz
%endif %endif
%{_mandir}/man1/userdbctl.1.gz %{_mandir}/man1/userdbctl.1.gz
%{_mandir}/man5/homed.conf.5.gz %{_mandir}/man5/homed.conf.5.gz
@ -43,6 +44,9 @@
%{_mandir}/man8/systemd-oomd.8.gz %{_mandir}/man8/systemd-oomd.8.gz
%{_mandir}/man8/systemd-oomd.service.8.gz %{_mandir}/man8/systemd-oomd.service.8.gz
%if %{with sd_boot} %if %{with sd_boot}
%{_mandir}/man8/systemd-pcrfs-root.service.8.gz
%{_mandir}/man8/systemd-pcrfs@.service.8.gz
%{_mandir}/man8/systemd-pcrmachine.service.8.gz
%{_mandir}/man8/systemd-pcrphase-initrd.service.8.gz %{_mandir}/man8/systemd-pcrphase-initrd.service.8.gz
%{_mandir}/man8/systemd-pcrphase-sysinit.service.8.gz %{_mandir}/man8/systemd-pcrphase-sysinit.service.8.gz
%{_mandir}/man8/systemd-pcrphase.8.gz %{_mandir}/man8/systemd-pcrphase.8.gz
@ -72,9 +76,13 @@
%{_systemd_util_dir}/systemd-sysupdate %{_systemd_util_dir}/systemd-sysupdate
%{_systemd_util_dir}/systemd-userdbd %{_systemd_util_dir}/systemd-userdbd
%{_systemd_util_dir}/systemd-userwork %{_systemd_util_dir}/systemd-userwork
%if %{with sd_boot}
%{_systemd_util_dir}/ukify
%endif
%{_sysusersdir}/systemd-oom.conf %{_sysusersdir}/systemd-oom.conf
%if %{with sd_boot} %if %{with sd_boot}
%{_unitdir}/initrd.target.wants/systemd-pcrphase-initrd.service %{_unitdir}/initrd.target.wants/systemd-pcrphase-initrd.service
%{_unitdir}/sysinit.target.wants/systemd-pcrmachine.service
%{_unitdir}/sysinit.target.wants/systemd-pcrphase-sysinit.service %{_unitdir}/sysinit.target.wants/systemd-pcrphase-sysinit.service
%{_unitdir}/sysinit.target.wants/systemd-pcrphase.service %{_unitdir}/sysinit.target.wants/systemd-pcrphase.service
%endif %endif
@ -83,6 +91,9 @@
%{_unitdir}/systemd-oomd.service %{_unitdir}/systemd-oomd.service
%{_unitdir}/systemd-oomd.socket %{_unitdir}/systemd-oomd.socket
%if %{with sd_boot} %if %{with sd_boot}
%{_unitdir}/systemd-pcrfs-root.service
%{_unitdir}/systemd-pcrfs@.service
%{_unitdir}/systemd-pcrmachine.service
%{_unitdir}/systemd-pcrphase-initrd.service %{_unitdir}/systemd-pcrphase-initrd.service
%{_unitdir}/systemd-pcrphase-sysinit.service %{_unitdir}/systemd-pcrphase-sysinit.service
%{_unitdir}/systemd-pcrphase.service %{_unitdir}/systemd-pcrphase.service

View File

@ -100,6 +100,7 @@
%{_bindir}/localectl %{_bindir}/localectl
%{_bindir}/loginctl %{_bindir}/loginctl
%{_bindir}/systemctl %{_bindir}/systemctl
%{_bindir}/systemd-ac-power
%{_bindir}/systemd-analyze %{_bindir}/systemd-analyze
%{_bindir}/systemd-ask-password %{_bindir}/systemd-ask-password
%{_bindir}/systemd-cat %{_bindir}/systemd-cat
@ -232,8 +233,8 @@
%{_libdir}/libnss_myhostname.so.2 %{_libdir}/libnss_myhostname.so.2
%{_libdir}/libnss_systemd.so.2 %{_libdir}/libnss_systemd.so.2
%endif %endif
%{_libdir}/systemd/libsystemd-core-252.so %{_libdir}/systemd/libsystemd-core-253.so
%{_libdir}/systemd/libsystemd-shared-252.so %{_libdir}/systemd/libsystemd-shared-253.so
%if %{without bootstrap} %if %{without bootstrap}
%{_mandir}/man1/busctl.1.gz %{_mandir}/man1/busctl.1.gz
%{_mandir}/man1/hostnamectl.1.gz %{_mandir}/man1/hostnamectl.1.gz
@ -242,6 +243,7 @@
%{_mandir}/man1/localectl.1.gz %{_mandir}/man1/localectl.1.gz
%{_mandir}/man1/loginctl.1.gz %{_mandir}/man1/loginctl.1.gz
%{_mandir}/man1/systemctl.1.gz %{_mandir}/man1/systemctl.1.gz
%{_mandir}/man1/systemd-ac-power.1.gz
%{_mandir}/man1/systemd-analyze.1.gz %{_mandir}/man1/systemd-analyze.1.gz
%{_mandir}/man1/systemd-ask-password.1.gz %{_mandir}/man1/systemd-ask-password.1.gz
%{_mandir}/man1/systemd-cat.1.gz %{_mandir}/man1/systemd-cat.1.gz
@ -445,7 +447,6 @@
%{_systemd_util_dir}/scripts/upgrade-from-pre-210.sh %{_systemd_util_dir}/scripts/upgrade-from-pre-210.sh
%{_systemd_util_dir}/system-preset/99-default.preset %{_systemd_util_dir}/system-preset/99-default.preset
%{_systemd_util_dir}/systemd %{_systemd_util_dir}/systemd
%{_systemd_util_dir}/systemd-ac-power
%{_systemd_util_dir}/systemd-binfmt %{_systemd_util_dir}/systemd-binfmt
%{_systemd_util_dir}/systemd-boot-check-no-failures %{_systemd_util_dir}/systemd-boot-check-no-failures
%{_systemd_util_dir}/systemd-cgroups-agent %{_systemd_util_dir}/systemd-cgroups-agent
@ -505,6 +506,7 @@
%{_systemdgeneratordir}/systemd-system-update-generator %{_systemdgeneratordir}/systemd-system-update-generator
%{_sysusersdir}/systemd-journal.conf %{_sysusersdir}/systemd-journal.conf
%{_sysusersdir}/systemd-timesync.conf %{_sysusersdir}/systemd-timesync.conf
%{_tmpfilesdir}/credstore.conf
%{_tmpfilesdir}/journal-nocow.conf %{_tmpfilesdir}/journal-nocow.conf
%{_tmpfilesdir}/provision.conf %{_tmpfilesdir}/provision.conf
%{_tmpfilesdir}/suse.conf %{_tmpfilesdir}/suse.conf
@ -641,6 +643,7 @@
%{_unitdir}/systemd-hybrid-sleep.service %{_unitdir}/systemd-hybrid-sleep.service
%{_unitdir}/systemd-journal-catalog-update.service %{_unitdir}/systemd-journal-catalog-update.service
%{_unitdir}/systemd-journal-flush.service %{_unitdir}/systemd-journal-flush.service
%{_unitdir}/systemd-journald-audit.socket
%{_unitdir}/systemd-journald-dev-log.socket %{_unitdir}/systemd-journald-dev-log.socket
%{_unitdir}/systemd-journald-varlink@.socket %{_unitdir}/systemd-journald-varlink@.socket
%{_unitdir}/systemd-journald.service %{_unitdir}/systemd-journald.service

View File

@ -94,7 +94,6 @@
%endif %endif
%{_prefix}/lib/udev/fido_id %{_prefix}/lib/udev/fido_id
%{_prefix}/lib/udev/mtd_probe %{_prefix}/lib/udev/mtd_probe
%{_prefix}/lib/udev/path_id_compat
%{_prefix}/lib/udev/scsi_id %{_prefix}/lib/udev/scsi_id
%{_prefix}/lib/udev/v4l_id %{_prefix}/lib/udev/v4l_id
%{_systemd_util_dir}/network/99-default.link %{_systemd_util_dir}/network/99-default.link
@ -174,7 +173,6 @@
%{_udevrulesdir}/60-persistent-v4l.rules %{_udevrulesdir}/60-persistent-v4l.rules
%{_udevrulesdir}/60-sensor.rules %{_udevrulesdir}/60-sensor.rules
%{_udevrulesdir}/60-serial.rules %{_udevrulesdir}/60-serial.rules
%{_udevrulesdir}/61-persistent-storage-compat.rules
%{_udevrulesdir}/64-btrfs.rules %{_udevrulesdir}/64-btrfs.rules
%{_udevrulesdir}/70-camera.rules %{_udevrulesdir}/70-camera.rules
%{_udevrulesdir}/70-joystick.rules %{_udevrulesdir}/70-joystick.rules
@ -226,6 +224,8 @@
%{_unitdir}/system-systemd\x2dcryptsetup.slice %{_unitdir}/system-systemd\x2dcryptsetup.slice
%endif %endif
%{_unitdir}/systemd-backlight@.service %{_unitdir}/systemd-backlight@.service
%{_unitdir}/systemd-growfs-root.service
%{_unitdir}/systemd-growfs@.service
%{_unitdir}/systemd-hwdb-update.service %{_unitdir}/systemd-hwdb-update.service
%if %{without bootstrap} %if %{without bootstrap}
%{_unitdir}/systemd-modules-load.service %{_unitdir}/systemd-modules-load.service

View File

@ -26,19 +26,20 @@
%{_mandir}/man8/systemd-bless-boot-generator.8.gz %{_mandir}/man8/systemd-bless-boot-generator.8.gz
%{_mandir}/man8/systemd-bless-boot.8.gz %{_mandir}/man8/systemd-bless-boot.8.gz
%{_mandir}/man8/systemd-bless-boot.service.8.gz %{_mandir}/man8/systemd-bless-boot.service.8.gz
%{_mandir}/man8/systemd-boot-system-token.service.8.gz %{_mandir}/man8/systemd-boot-random-seed.service.8.gz
%endif %endif
%{_prefix}/lib/kernel/install.conf %{_prefix}/lib/kernel/install.conf
%{_prefix}/lib/kernel/install.d/50-depmod.install %{_prefix}/lib/kernel/install.d/50-depmod.install
%{_prefix}/lib/kernel/install.d/90-loaderentry.install %{_prefix}/lib/kernel/install.d/90-loaderentry.install
%{_prefix}/lib/kernel/install.d/90-uki-copy.install
# These are the few exceptions where glob pattern is allowed. # These are the few exceptions where glob pattern is allowed.
%{_systemd_util_dir}/boot/efi/linux*.efi.stub %{_systemd_util_dir}/boot/efi/linux*.efi.stub
%{_systemd_util_dir}/boot/efi/linux*.elf.stub %{_systemd_util_dir}/boot/efi/linux*.elf.stub
%{_systemd_util_dir}/boot/efi/systemd-boot*.efi %{_systemd_util_dir}/boot/efi/systemd-boot*.efi
%{_systemd_util_dir}/systemd-bless-boot %{_systemd_util_dir}/systemd-bless-boot
%{_systemdgeneratordir}/systemd-bless-boot-generator %{_systemdgeneratordir}/systemd-bless-boot-generator
%{_unitdir}/sysinit.target.wants/systemd-boot-system-token.service %{_unitdir}/sysinit.target.wants/systemd-boot-random-seed.service
%{_unitdir}/systemd-bless-boot.service %{_unitdir}/systemd-bless-boot.service
%{_unitdir}/systemd-boot-system-token.service %{_unitdir}/systemd-boot-random-seed.service
%{_unitdir}/systemd-boot-update.service %{_unitdir}/systemd-boot-update.service
%endif %endif

View File

@ -1,3 +0,0 @@
version https://git-lfs.github.com/spec/v1
oid sha256:fd9f697fdbb194da090ef87f472c1c6d05d16cfa49b3b668648ea6d3c8f177d2
size 8089304

3
systemd-v253.1.tar.xz Normal file
View File

@ -0,0 +1,3 @@
version https://git-lfs.github.com/spec/v1
oid sha256:84aad84973ab74246f5eff59641a5570c3a0bb6fce66402a4644212d71f38d07
size 8205144

View File

@ -1,3 +1,26 @@
-------------------------------------------------------------------
Thu Mar 9 10:38:10 UTC 2023 - Franck Bui <fbui@suse.com>
- Add 5000-core-manager-run-generators-directly-when-we-are-in-.patch, a
temporary workaround until https://github.com/dracutdevs/dracut/issues/2211 is
fixed in dracut.
-------------------------------------------------------------------
Mon Mar 6 10:08:33 UTC 2023 - Franck Bui <fbui@suse.com>
- Upgrade to v253.1 (commit 6c327d74aa0d350482e82a247d7018559699798d)
See https://github.com/openSUSE/systemd/blob/SUSE/v253/NEWS for details.
* Rebased 0001-conf-parser-introduce-early-drop-ins.patch
* Ship systemd-journald-audit.socket again: it can now be disabled via the
usual "systemctl disable" mechanism to stop collection of audit
messages. Note that it's handled by the preset logic, which turns it off by
default.
* TEST_06_SELINUX needs selinux-policy-devel.
------------------------------------------------------------------- -------------------------------------------------------------------
Mon Mar 6 08:40:35 UTC 2023 - Franck Bui <fbui@suse.com> Mon Mar 6 08:40:35 UTC 2023 - Franck Bui <fbui@suse.com>

View File

@ -19,7 +19,7 @@
%global flavor @BUILD_FLAVOR@%{nil} %global flavor @BUILD_FLAVOR@%{nil}
%define min_kernel_version 4.5 %define min_kernel_version 4.5
%define archive_version +suse.50.gd447802fee %define archive_version %nil
%define _testsuitedir /usr/lib/systemd/tests %define _testsuitedir /usr/lib/systemd/tests
%define xinitconfdir %{?_distconfdir}%{!?_distconfdir:%{_sysconfdir}}/X11/xinit %define xinitconfdir %{?_distconfdir}%{!?_distconfdir:%{_sysconfdir}}/X11/xinit
@ -72,7 +72,7 @@
Name: systemd%{?mini} Name: systemd%{?mini}
URL: http://www.freedesktop.org/wiki/Software/systemd URL: http://www.freedesktop.org/wiki/Software/systemd
Version: 252.7 Version: 253.1
Release: 0 Release: 0
Summary: A System and Session Manager Summary: A System and Session Manager
License: LGPL-2.1-or-later License: LGPL-2.1-or-later
@ -209,9 +209,10 @@ Patch12: 0009-pid1-handle-console-specificities-weirdness-for-s390.patch
# Patches listed below are put in quarantine. Normally all changes must go to # Patches listed below are put in quarantine. Normally all changes must go to
# upstream first and then are cherry-picked in the SUSE git repository. But for # upstream first and then are cherry-picked in the SUSE git repository. But for
# very few cases, some stuff might be broken in upstream and need to be fixed # very few cases, some stuff might be broken in upstream and need to be fixed or
# quickly. But even in these cases, the patches are temporary and should be # worked around quickly. In these cases, the patches are added temporarily and
# removed as soon as a fix is merged by upstream. # will be removed as soon as a proper fix will be merged by upstream.
Patch5000: 5000-core-manager-run-generators-directly-when-we-are-in-.patch
%description %description
Systemd is a system and service manager, compatible with SysV and LSB Systemd is a system and service manager, compatible with SysV and LSB
@ -530,6 +531,7 @@ Requires: netcat
Requires: python3-pexpect Requires: python3-pexpect
Requires: qemu-kvm Requires: qemu-kvm
Requires: quota Requires: quota
Requires: selinux-policy-devel
Requires: socat Requires: socat
Requires: squashfs Requires: squashfs
Requires: systemd-container Requires: systemd-container
@ -885,8 +887,8 @@ rm -f %{buildroot}%{_presetdir}/*.preset
echo 'disable *' >%{buildroot}%{_presetdir}/99-default.preset echo 'disable *' >%{buildroot}%{_presetdir}/99-default.preset
echo 'disable *' >%{buildroot}%{_userpresetdir}/99-default.preset echo 'disable *' >%{buildroot}%{_userpresetdir}/99-default.preset
# The tmpfiles dealing with the generic paths is pretty messy # The current situation with tmpfiles snippets dealing with the generic paths is
# currently because: # pretty messy currently because:
# #
# 1. filesystem package wants to define the generic paths and some of them # 1. filesystem package wants to define the generic paths and some of them
# conflict with the definition given by systemd in var.conf, see # conflict with the definition given by systemd in var.conf, see
@ -930,12 +932,6 @@ fi
# still be used by yast. # still be used by yast.
cat %{SOURCE14} >>%{buildroot}%{_datarootdir}/systemd/kbd-model-map cat %{SOURCE14} >>%{buildroot}%{_datarootdir}/systemd/kbd-model-map
# Don't ship systemd-journald-audit.socket as there's no other way for us to
# prevent journald from recording audit messages in the journal by default
# (bsc#1109252).
rm -f %{buildroot}%{_unitdir}/systemd-journald-audit.socket
rm -f %{buildroot}%{_unitdir}/sockets.target.wants/systemd-journald-audit.socket
%if %{with testsuite} %if %{with testsuite}
# -Dinstall_test took care of installing the unit tests only (those in # -Dinstall_test took care of installing the unit tests only (those in
# src/tests) and testdata directory. Here we copy the integration tests # src/tests) and testdata directory. Here we copy the integration tests
@ -964,6 +960,7 @@ tar -cO \
%systemd_pre remote-fs.target %systemd_pre remote-fs.target
%systemd_pre getty@.service %systemd_pre getty@.service
%systemd_pre systemd-timesyncd.service %systemd_pre systemd-timesyncd.service
%systemd_pre systemd-journald-audit.socket
%post %post
# Make /etc/machine-id an empty file during package installation. On the first # Make /etc/machine-id an empty file during package installation. On the first
@ -1023,6 +1020,7 @@ fi
%systemd_post remote-fs.target %systemd_post remote-fs.target
%systemd_post getty@.service %systemd_post getty@.service
%systemd_post systemd-timesyncd.service %systemd_post systemd-timesyncd.service
%systemd_post systemd-journald-audit.socket
# v228 wrongly set world writable suid root permissions on timestamp files used # v228 wrongly set world writable suid root permissions on timestamp files used
# by permanent timers. Fix the timestamps that might have been created by the # by permanent timers. Fix the timestamps that might have been created by the
@ -1314,13 +1312,13 @@ fi
%defattr(-,root,root) %defattr(-,root,root)
%license LICENSE.LGPL2.1 %license LICENSE.LGPL2.1
%{_libdir}/libsystemd.so.0 %{_libdir}/libsystemd.so.0
%{_libdir}/libsystemd.so.0.35.0 %{_libdir}/libsystemd.so.0.36.0
%files -n libudev%{?mini}1 %files -n libudev%{?mini}1
%defattr(-,root,root) %defattr(-,root,root)
%license LICENSE.LGPL2.1 %license LICENSE.LGPL2.1
%{_libdir}/libudev.so.1 %{_libdir}/libudev.so.1
%{_libdir}/libudev.so.1.7.5 %{_libdir}/libudev.so.1.7.6
%if %{with coredump} %if %{with coredump}
%files coredump %files coredump