From eea67bab1442797d3f3b0f8cf9efde2dab197bcc4650c230b105a6c3210eee81 Mon Sep 17 00:00:00 2001 From: Franck Bui Date: Fri, 29 Sep 2023 06:37:16 +0000 Subject: [PATCH 1/7] document bsc#1215241 in systemd.changes OBS-URL: https://build.opensuse.org/package/show/Base:System/systemd?expand=0&rev=1453 --- systemd.changes | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/systemd.changes b/systemd.changes index 19bb94ca..450f0805 100644 --- a/systemd.changes +++ b/systemd.changes @@ -589,6 +589,10 @@ Mon Mar 6 10:08:33 UTC 2023 - Franck Bui See https://github.com/openSUSE/systemd/blob/SUSE/v253/NEWS for details. + This includes the following bug fixes: + + - upstream commit 3022916b4d2483452c3ddbbac9ee7c4372b1cb46 (bsc#1215241) + * Rebased 0001-conf-parser-introduce-early-drop-ins.patch * Ship systemd-journald-audit.socket again: it can now be disabled via the From a7fb681d2b89aa87cc82a4f15c570046eb36a62ed1e2c434903ff5458ea5798e Mon Sep 17 00:00:00 2001 From: Franck Bui Date: Wed, 4 Oct 2023 09:03:05 +0000 Subject: [PATCH 2/7] - Drop 5000-core-manager-run-generators-directly-when-we-are-in-.patch Since dracut-059+suse.447.g9d1fc722, this workaround is not needed anymore. OBS-URL: https://build.opensuse.org/package/show/Base:System/systemd?expand=0&rev=1454 --- ...-generators-directly-when-we-are-in-.patch | 34 ------------------- systemd.changes | 7 ++++ systemd.spec | 1 - 3 files changed, 7 insertions(+), 35 deletions(-) delete mode 100644 5000-core-manager-run-generators-directly-when-we-are-in-.patch diff --git a/5000-core-manager-run-generators-directly-when-we-are-in-.patch b/5000-core-manager-run-generators-directly-when-we-are-in-.patch deleted file mode 100644 index 20c0b682..00000000 --- a/5000-core-manager-run-generators-directly-when-we-are-in-.patch +++ /dev/null @@ -1,34 +0,0 @@ -From 9d0f728f65e6c3ad586e276c1ed3c2cd8cc944be Mon Sep 17 00:00:00 2001 -From: Yu Watanabe -Date: Mon, 20 Feb 2023 12:00:30 +0900 -Subject: [PATCH 5000/5000] core/manager: run generators directly when we are - in initrd - -Some initrd system write files at ourside of /run, /etc, or other -allowed places. This is a kind of workaround, but in most cases, such -sandboxing is not necessary as the filesystem is on ramfs when we are in -initrd. - -Fixes #26488. ---- - src/core/manager.c | 4 ++-- - 1 file changed, 2 insertions(+), 2 deletions(-) - -diff --git a/src/core/manager.c b/src/core/manager.c -index 380a4e30d7..6135205761 100644 ---- a/src/core/manager.c -+++ b/src/core/manager.c -@@ -3822,8 +3822,8 @@ static int manager_run_generators(Manager *m) { - /* If we are the system manager, we fork and invoke the generators in a sanitized mount namespace. If - * we are the user manager, let's just execute the generators directly. We might not have the - * necessary privileges, and the system manager has already mounted /tmp/ and everything else for us. -- */ -- if (MANAGER_IS_USER(m)) { -+ * If we are in initrd, let's also execute the generators directly, as we are in ramfs. */ -+ if (MANAGER_IS_USER(m) || in_initrd()) { - r = manager_execute_generators(m, paths, /* remount_ro= */ false); - goto finish; - } --- -2.35.3 - diff --git a/systemd.changes b/systemd.changes index 450f0805..51101b98 100644 --- a/systemd.changes +++ b/systemd.changes @@ -1,3 +1,10 @@ +------------------------------------------------------------------- +Wed Oct 4 09:00:32 UTC 2023 - Franck Bui + +- Drop 5000-core-manager-run-generators-directly-when-we-are-in-.patch + + Since dracut-059+suse.447.g9d1fc722, this workaround is not needed anymore. + ------------------------------------------------------------------- Wed Sep 27 13:14:12 UTC 2023 - Franck Bui diff --git a/systemd.spec b/systemd.spec index 1fda0289..dd65ca2a 100644 --- a/systemd.spec +++ b/systemd.spec @@ -206,7 +206,6 @@ Patch5: 0008-sysv-generator-translate-Required-Start-into-a-Wants.patch # very few cases, some stuff might be broken in upstream and need to be fixed or # worked around quickly. In these cases, the patches are added temporarily and # will be removed as soon as a proper fix will be merged by upstream. -Patch5000: 5000-core-manager-run-generators-directly-when-we-are-in-.patch %description Systemd is a system and service manager, compatible with SysV and LSB From 5cac7fa73584ee02c987d7c2415e7d4579624afcd2412bef78538f3a30fc3b55 Mon Sep 17 00:00:00 2001 From: Franck Bui Date: Wed, 4 Oct 2023 10:36:20 +0000 Subject: [PATCH 3/7] Rename libudev-mini1 into libudev1-mini for consistency with libsystemd0-mini OBS-URL: https://build.opensuse.org/package/show/Base:System/systemd?expand=0&rev=1455 --- systemd.spec | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/systemd.spec b/systemd.spec index dd65ca2a..fdf8a7d2 100644 --- a/systemd.spec +++ b/systemd.spec @@ -221,7 +221,7 @@ drop-in replacement for sysvinit. Summary: Development files for libsystemd and libudev License: LGPL-2.1-or-later Requires: libsystemd0%{?mini} = %{version}-%{release} -Requires: libudev%{?mini}1 = %{version}-%{release} +Requires: libudev1%{?mini} = %{version}-%{release} Requires: systemd-rpm-macros Provides: libudev%{?mini}-devel = %{version}-%{release} Obsoletes: libudev%{?mini}-devel < %{version}-%{release} @@ -350,7 +350,7 @@ mounted filesystem to full size of the underlying block device. This package shouldn't be necessary in containers. -%package -n libudev%{?mini}1 +%package -n libudev1%{?mini} Summary: Dynamic library to access udev device information License: LGPL-2.1-or-later %if %{with bootstrap} @@ -360,7 +360,7 @@ Provides: libudev1 = %{version}-%{release} Requires: this-is-only-for-build-envs %endif -%description -n libudev%{?mini}1 +%description -n libudev1%{?mini} This package contains the dynamic library libudev, which provides access to udev device information @@ -1130,7 +1130,7 @@ fi %regenerate_initrd_posttrans %ldconfig_scriptlets -n libsystemd0%{?mini} -%ldconfig_scriptlets -n libudev%{?mini}1 +%ldconfig_scriptlets -n libudev1%{?mini} %if %{with machined} %pre container @@ -1339,7 +1339,7 @@ fi %{_libdir}/libsystemd.so.0 %{_libdir}/libsystemd.so.0.37.0 -%files -n libudev%{?mini}1 +%files -n libudev1%{?mini} %defattr(-,root,root) %license LICENSE.LGPL2.1 %{_libdir}/libudev.so.1 From f6b76a3a2ad1798c7e46a175be4eb2062da2ea9d32b4dd97d78d3498ac0717fc Mon Sep 17 00:00:00 2001 From: Franck Bui Date: Wed, 4 Oct 2023 14:25:23 +0000 Subject: [PATCH 4/7] systemd-rpmlintrc: don't consider NSS plugins as shared libs OBS-URL: https://build.opensuse.org/package/show/Base:System/systemd?expand=0&rev=1456 --- systemd-rpmlintrc | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/systemd-rpmlintrc b/systemd-rpmlintrc index 717dd254..848c01ec 100644 --- a/systemd-rpmlintrc +++ b/systemd-rpmlintrc @@ -12,3 +12,8 @@ addFilter(".*tmpfile-not-in-filelist .*") # shlib policy does not cover multibuilds addFilter("libsystemd0-mini\..*: E: shlib-policy-name-error SONAME: libsystemd.so.0.*") +addFilter("libudev1-mini\..*: E: shlib-policy-name-error SONAME: libudev1") + +# These are NSS plugins and are not really subject to shlib policy. +addFilter("systemd-container\..*: E: shlib-policy-name-error .* libnss_mymachines") +addFilter("systemd-network\..*: E: shlib-policy-name-error .* libnss_resolve") From 4b4dee5b9a68799aebb5d54f093bb4c9ebac1b74b49d222b13055c250efee96d Mon Sep 17 00:00:00 2001 From: Franck Bui Date: Thu, 5 Oct 2023 06:41:50 +0000 Subject: [PATCH 5/7] fix rpmlint error due to the previous rename of libudev mini package OBS-URL: https://build.opensuse.org/package/show/Base:System/systemd?expand=0&rev=1457 --- systemd-rpmlintrc | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/systemd-rpmlintrc b/systemd-rpmlintrc index 848c01ec..6f07aeb3 100644 --- a/systemd-rpmlintrc +++ b/systemd-rpmlintrc @@ -12,7 +12,7 @@ addFilter(".*tmpfile-not-in-filelist .*") # shlib policy does not cover multibuilds addFilter("libsystemd0-mini\..*: E: shlib-policy-name-error SONAME: libsystemd.so.0.*") -addFilter("libudev1-mini\..*: E: shlib-policy-name-error SONAME: libudev1") +addFilter("libudev.*-mini\..*: E: shlib-policy-name-error SONAME: libudev.*") # These are NSS plugins and are not really subject to shlib policy. addFilter("systemd-container\..*: E: shlib-policy-name-error .* libnss_mymachines") From a9a04c61d4fcf4e619e9cd48bc47e6a2a050bae86fb420569cfaa185007994b5 Mon Sep 17 00:00:00 2001 From: Franck Bui Date: Thu, 5 Oct 2023 09:08:59 +0000 Subject: [PATCH 6/7] Revert "Rename libudev-mini1 into libudev1-mini for consistency with libsystemd0-mini" The name "libudev-mini1" is hardcoded in multiple OBS project configs. OBS-URL: https://build.opensuse.org/package/show/Base:System/systemd?expand=0&rev=1458 --- systemd.spec | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/systemd.spec b/systemd.spec index fdf8a7d2..dd65ca2a 100644 --- a/systemd.spec +++ b/systemd.spec @@ -221,7 +221,7 @@ drop-in replacement for sysvinit. Summary: Development files for libsystemd and libudev License: LGPL-2.1-or-later Requires: libsystemd0%{?mini} = %{version}-%{release} -Requires: libudev1%{?mini} = %{version}-%{release} +Requires: libudev%{?mini}1 = %{version}-%{release} Requires: systemd-rpm-macros Provides: libudev%{?mini}-devel = %{version}-%{release} Obsoletes: libudev%{?mini}-devel < %{version}-%{release} @@ -350,7 +350,7 @@ mounted filesystem to full size of the underlying block device. This package shouldn't be necessary in containers. -%package -n libudev1%{?mini} +%package -n libudev%{?mini}1 Summary: Dynamic library to access udev device information License: LGPL-2.1-or-later %if %{with bootstrap} @@ -360,7 +360,7 @@ Provides: libudev1 = %{version}-%{release} Requires: this-is-only-for-build-envs %endif -%description -n libudev1%{?mini} +%description -n libudev%{?mini}1 This package contains the dynamic library libudev, which provides access to udev device information @@ -1130,7 +1130,7 @@ fi %regenerate_initrd_posttrans %ldconfig_scriptlets -n libsystemd0%{?mini} -%ldconfig_scriptlets -n libudev1%{?mini} +%ldconfig_scriptlets -n libudev%{?mini}1 %if %{with machined} %pre container @@ -1339,7 +1339,7 @@ fi %{_libdir}/libsystemd.so.0 %{_libdir}/libsystemd.so.0.37.0 -%files -n libudev1%{?mini} +%files -n libudev%{?mini}1 %defattr(-,root,root) %license LICENSE.LGPL2.1 %{_libdir}/libudev.so.1 From cd6da999b026230968bf1dcab72160485e4ec425a3a13a37329f95d348d10f26 Mon Sep 17 00:00:00 2001 From: Franck Bui Date: Thu, 5 Oct 2023 15:07:08 +0000 Subject: [PATCH 7/7] - rpmlintrc: allow systemd-network and systemd-container sub-packages to ship shared libs. These are actually NSS plugins and are not really subject to shlib policy. OBS-URL: https://build.opensuse.org/package/show/Base:System/systemd?expand=0&rev=1459 --- systemd.changes | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/systemd.changes b/systemd.changes index 51101b98..2403066f 100644 --- a/systemd.changes +++ b/systemd.changes @@ -1,3 +1,10 @@ +------------------------------------------------------------------- +Thu Oct 5 15:04:50 UTC 2023 - Franck Bui + +- rpmlintrc: allow systemd-network and systemd-container sub-packages to ship + shared libs. These are actually NSS plugins and are not really subject to + shlib policy. + ------------------------------------------------------------------- Wed Oct 4 09:00:32 UTC 2023 - Franck Bui