diff --git a/5002-Revert-core-service-when-resetting-PID-also-reset-kn.patch b/5002-Revert-core-service-when-resetting-PID-also-reset-kn.patch new file mode 100644 index 00000000..aedd52d9 --- /dev/null +++ b/5002-Revert-core-service-when-resetting-PID-also-reset-kn.patch @@ -0,0 +1,41 @@ +From 996b00ede87d6a870332e63974a7d4def3c2f1b0 Mon Sep 17 00:00:00 2001 +From: msizanoen +Date: Mon, 12 Jun 2023 10:30:12 +0700 +Subject: [PATCH 5002/5002] Revert "core/service: when resetting PID also reset + known flag" + +This reverts commit ff32060f2ed37b68dc26256b05e2e69013b0ecfe. + +This change is incorrect as we don't want to mark the PID as invalid but +only mark it as dead. + +The change in question also breaks user level socket activation for +`podman.service` as the termination of the main `podman system service` +process is not properly handled, causing any application accessing the +socket to hang. + +This is because the user-level `podman.service` unit also hosts two +non-main processes: `rootlessport` and `rootlessport-child` which causes +the `cgroup_good` check to still succeed. + +The original submitter of this commit is recommended to find another +more correct way to fix the cgroupsv1 issue on CentOS 8. +--- + src/core/service.c | 1 - + 1 file changed, 1 deletion(-) + +diff --git a/src/core/service.c b/src/core/service.c +index 171e091dff..cecdd3bf50 100644 +--- a/src/core/service.c ++++ b/src/core/service.c +@@ -3752,7 +3752,6 @@ static void service_sigchld_event(Unit *u, pid_t pid, int code, int status) { + return; + + s->main_pid = 0; +- s->main_pid_known = false; + exec_status_exit(&s->main_exec_status, &s->exec_context, pid, code, status); + + if (s->main_command) { +-- +2.35.3 + diff --git a/systemd.changes b/systemd.changes index 5aa4e43c..69e7e057 100644 --- a/systemd.changes +++ b/systemd.changes @@ -1,8 +1,52 @@ +------------------------------------------------------------------- +Wed Jun 21 10:30:58 UTC 2023 - Franck Bui + +- Make sure to pre-install the groups systemd and udev rely on. This is needed + when the tmpfiles are run at package installation time. Theoretically with + only "Requires(pre): group()", rpm is allowed to drop the group at the end of + the package installations hence let's keep "Requires: group()" dep. + + Note: this is also needed when (post)file-triggers are enabled due to the + current limitation of the default libzypp transaction backend. + +------------------------------------------------------------------- +Wed Jun 21 09:28:29 UTC 2023 - Franck Bui + +- file-triggers: fix lua trigger priority for sysusers (bsc#1212376) + + A single digit in the priority used for sysusers got dropped somehow and + upstream commit cd621954ed643c6ee0d869132293e26056a48826 forgot to restore it + in the lua implementation. + +------------------------------------------------------------------- +Tue Jun 20 15:46:04 UTC 2023 - Franck Bui + +- file-triggers: skip the call to systemd-tmpfiles in chroot too. That way we + ensure that packages that really need the tmpfiles in advance use the right + API which is %tmpfiles_create_package. + +- file-triggers: to be consistent with what we already does with tmpfiles, we + skip the call to systemd-sysusers and delay system user creations until the + next reboot. + +------------------------------------------------------------------- +Tue Jun 20 07:05:34 UTC 2023 - Franck Bui + +- Temporarily add + 5002-Revert-core-service-when-resetting-PID-also-reset-kn.patch until it's + backported to the next stable release + + See https://github.com/systemd/systemd/pull/28000 + ------------------------------------------------------------------- Fri Jun 16 14:38:33 UTC 2023 - Franck Bui -- Make sure to skip the call to systemd-tmpfile in the file-triggers when - running on transaction systems +- file-triggers: make sure to skip the call to systemd-tmpfile in the + file-triggers when running on transaction systems (bsc#1212449) + + systemd-tmpfiles usually modifies paths that are not supposed to change during + transactional updates (e.g. /var, /run). On transaction systems changes will + happen on the next reboot. ------------------------------------------------------------------- Thu Jun 1 15:58:24 UTC 2023 - Franck Bui diff --git a/systemd.spec b/systemd.spec index dc1958ec..7aeb2d5f 100644 --- a/systemd.spec +++ b/systemd.spec @@ -138,14 +138,16 @@ Requires: systemd-default-settings-branding Requires: systemd-presets-branding Requires: util-linux >= 2.27.1 Requires: group(lock) -# This Recommends because some symbols of libpcre2 are dlopen()ed by journalctl -Recommends: libpcre2-8-0 -Recommends: libbpf0 - +# The next dependency is also needed with file-triggers enabled due to the way +# the libzypp default transaction backend works. +Requires(pre): group(lock) Requires(post): coreutils Requires(post): findutils Requires(post): systemd-presets-branding Requires(post): pam-config >= 0.79-5 +# This Recommends because some symbols of libpcre2 are dlopen()ed by journalctl +Recommends: libpcre2-8-0 +Recommends: libbpf0 %endif Conflicts: filesystem < 11.5 Conflicts: mkinitrd < 2.7.0 @@ -216,6 +218,7 @@ Patch12: 0009-pid1-handle-console-specificities-weirdness-for-s390.patch # will be removed as soon as a proper fix will be merged by upstream. Patch5000: 5000-core-manager-run-generators-directly-when-we-are-in-.patch Patch5001: 5001-Revert-core-propagate-stop-too-if-restart-is-issued.patch +Patch5002: 5002-Revert-core-service-when-resetting-PID-also-reset-kn.patch %description Systemd is a system and service manager, compatible with SysV and LSB @@ -323,6 +326,9 @@ Requires: filesystem Requires: kmod Requires: system-group-hardware Requires: group(kvm) +# The next dependency is also needed with file-triggers enabled due to the way +# the libzypp default transaction backend works. +Requires(pre): group(kvm) Requires(post): sed Requires(post): coreutils Requires(postun):coreutils @@ -1096,14 +1102,14 @@ fi %endif %post container +%if %{with machined} %if %{without filetriggers} %tmpfiles_create systemd-nspawn.conf %endif -%if %{with machined} %systemd_post machines.target %ldconfig -%endif %{_systemd_util_dir}/rpm/fixlet-container-post.sh $1 || : +%endif %if %{with coredump} %post coredump diff --git a/triggers.systemd b/triggers.systemd index 7792e8ac..5a0e6c16 100644 --- a/triggers.systemd +++ b/triggers.systemd @@ -68,11 +68,14 @@ elseif pid > 0 then posix.wait(pid) end -%transfiletriggerin -P 100700 -p -- /usr/lib/sysusers.d +%transfiletriggerin -P 1000700 -p -- /usr/lib/sysusers.d -- This script will process files installed in /usr/lib/sysusers.d to create -- specified users automatically. The priority is set such that it -- will run before the tmpfiles file trigger. -assert(rpm.execute("systemd-sysusers")) +-- Note: /run is never mounted during transactional updates. +if posix.access("/run/systemd/system") then + assert(rpm.execute("systemd-sysusers")) +end %if %{without bootstrap} %transfiletriggerin -P 1000700 -n udev -p -- /usr/lib/udev/hwdb.d @@ -102,7 +105,8 @@ end -- This script will process files installed in /usr/lib/tmpfiles.d to create -- tmpfiles automatically. The priority is set such that it will run -- after the sysusers file trigger, but before any other triggers. -if os.getenv("TRANSACTIONAL_UPDATE") == nil then +-- Note: /run is never mounted during transactional updates. +if posix.access("/run/systemd/system") then assert(rpm.execute("systemd-tmpfiles", "--create")) endf