diff --git a/0001-conf-parser-introduce-early-drop-ins.patch b/0001-conf-parser-introduce-early-drop-ins.patch index 47f4da7c..0d06f860 100644 --- a/0001-conf-parser-introduce-early-drop-ins.patch +++ b/0001-conf-parser-introduce-early-drop-ins.patch @@ -1,7 +1,7 @@ -From 77391d9baf86f10daf210ccf5527e0155a33fc73 Mon Sep 17 00:00:00 2001 +From 288be40eb94ddc1d549a98556baea71d20df224f Mon Sep 17 00:00:00 2001 From: Franck Bui Date: Fri, 22 Jan 2021 14:57:08 +0100 -Subject: [PATCH 1/1] conf-parser: introduce 'early' drop-ins +Subject: [PATCH 1/8] conf-parser: introduce 'early' drop-ins MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit @@ -62,14 +62,14 @@ drop this feature at any time. Fixes: #2121 --- src/shared/conf-parser.c | 55 ++++++++++-- - src/test/test-conf-parser.c | 166 +++++++++++++++++++++++++++++++++++- - 2 files changed, 215 insertions(+), 6 deletions(-) + src/test/test-conf-parser.c | 164 ++++++++++++++++++++++++++++++++++++ + 2 files changed, 214 insertions(+), 5 deletions(-) diff --git a/src/shared/conf-parser.c b/src/shared/conf-parser.c -index 29051ca0e3..72935030ea 100644 +index 5cb41a39da..86dc1c95f6 100644 --- a/src/shared/conf-parser.c +++ b/src/shared/conf-parser.c -@@ -477,6 +477,7 @@ int hashmap_put_stats_by_path(Hashmap **stats_by_path, const char *path, const s +@@ -478,6 +478,7 @@ int hashmap_put_stats_by_path(Hashmap **stats_by_path, const char *path, const s static int config_parse_many_files( const char* const* conf_files, @@ -77,7 +77,7 @@ index 29051ca0e3..72935030ea 100644 char **files, const char *sections, ConfigItemLookup lookup, -@@ -495,6 +496,20 @@ static int config_parse_many_files( +@@ -496,6 +497,20 @@ static int config_parse_many_files( return -ENOMEM; } @@ -98,7 +98,7 @@ index 29051ca0e3..72935030ea 100644 /* First read the first found main config file. */ STRV_FOREACH(fn, conf_files) { r = config_parse(NULL, *fn, NULL, sections, lookup, table, flags, userdata, &st); -@@ -533,6 +548,27 @@ static int config_parse_many_files( +@@ -534,6 +549,27 @@ static int config_parse_many_files( return 0; } @@ -126,7 +126,7 @@ index 29051ca0e3..72935030ea 100644 /* Parse each config file in the directories specified as nulstr. */ int config_parse_many_nulstr( const char *conf_file, -@@ -544,15 +580,19 @@ int config_parse_many_nulstr( +@@ -545,15 +581,19 @@ int config_parse_many_nulstr( void *userdata, Hashmap **ret_stats_by_path) { @@ -149,7 +149,7 @@ index 29051ca0e3..72935030ea 100644 ret_stats_by_path); } -@@ -590,6 +630,7 @@ int config_parse_many( +@@ -591,6 +631,7 @@ int config_parse_many( Hashmap **ret_stats_by_path, char ***ret_dropin_files) { @@ -157,7 +157,7 @@ index 29051ca0e3..72935030ea 100644 _cleanup_strv_free_ char **files = NULL; int r; -@@ -602,12 +643,16 @@ int config_parse_many( +@@ -603,12 +644,16 @@ int config_parse_many( if (r < 0) return r; @@ -177,22 +177,20 @@ index 29051ca0e3..72935030ea 100644 return 0; } diff --git a/src/test/test-conf-parser.c b/src/test/test-conf-parser.c -index 0acb4131b5..96a52e759f 100644 +index 8c27dcac3f..745e4a127a 100644 --- a/src/test/test-conf-parser.c +++ b/src/test/test-conf-parser.c -@@ -5,7 +5,10 @@ +@@ -5,6 +5,9 @@ #include "fs-util.h" #include "log.h" #include "macro.h" --#include "string-util.h" +#include "mkdir.h" -+#include "nulstr-util.h" +#include "path-util.h" +#include "rm-rf.h" + #include "string-util.h" #include "strv.h" #include "tests.h" - #include "tmpfile-util.h" -@@ -390,4 +393,165 @@ TEST(config_parse) { +@@ -391,4 +394,165 @@ TEST(config_parse) { test_config_parse_one(i, config_file[i]); } diff --git a/5000-core-manager-run-generators-directly-when-we-are-in-.patch b/5000-core-manager-run-generators-directly-when-we-are-in-.patch deleted file mode 100644 index 20c0b682..00000000 --- a/5000-core-manager-run-generators-directly-when-we-are-in-.patch +++ /dev/null @@ -1,34 +0,0 @@ -From 9d0f728f65e6c3ad586e276c1ed3c2cd8cc944be Mon Sep 17 00:00:00 2001 -From: Yu Watanabe -Date: Mon, 20 Feb 2023 12:00:30 +0900 -Subject: [PATCH 5000/5000] core/manager: run generators directly when we are - in initrd - -Some initrd system write files at ourside of /run, /etc, or other -allowed places. This is a kind of workaround, but in most cases, such -sandboxing is not necessary as the filesystem is on ramfs when we are in -initrd. - -Fixes #26488. ---- - src/core/manager.c | 4 ++-- - 1 file changed, 2 insertions(+), 2 deletions(-) - -diff --git a/src/core/manager.c b/src/core/manager.c -index 380a4e30d7..6135205761 100644 ---- a/src/core/manager.c -+++ b/src/core/manager.c -@@ -3822,8 +3822,8 @@ static int manager_run_generators(Manager *m) { - /* If we are the system manager, we fork and invoke the generators in a sanitized mount namespace. If - * we are the user manager, let's just execute the generators directly. We might not have the - * necessary privileges, and the system manager has already mounted /tmp/ and everything else for us. -- */ -- if (MANAGER_IS_USER(m)) { -+ * If we are in initrd, let's also execute the generators directly, as we are in ramfs. */ -+ if (MANAGER_IS_USER(m) || in_initrd()) { - r = manager_execute_generators(m, paths, /* remount_ro= */ false); - goto finish; - } --- -2.35.3 - diff --git a/files.devel b/files.devel index f9248ea5..2bd1c670 100644 --- a/files.devel +++ b/files.devel @@ -197,8 +197,6 @@ %{_mandir}/man3/sd_bus_emit_properties_changed.3.gz %{_mandir}/man3/sd_bus_emit_properties_changed_strv.3.gz %{_mandir}/man3/sd_bus_emit_signal.3.gz -%{_mandir}/man3/sd_bus_emit_signal_to.3.gz -%{_mandir}/man3/sd_bus_emit_signal_tov.3.gz %{_mandir}/man3/sd_bus_emit_signalv.3.gz %{_mandir}/man3/sd_bus_enqueue_for_read.3.gz %{_mandir}/man3/sd_bus_error.3.gz @@ -314,7 +312,6 @@ %{_mandir}/man3/sd_bus_message_new_method_errorf.3.gz %{_mandir}/man3/sd_bus_message_new_method_return.3.gz %{_mandir}/man3/sd_bus_message_new_signal.3.gz -%{_mandir}/man3/sd_bus_message_new_signal_to.3.gz %{_mandir}/man3/sd_bus_message_open_container.3.gz %{_mandir}/man3/sd_bus_message_peek_type.3.gz %{_mandir}/man3/sd_bus_message_read.3.gz @@ -666,14 +663,6 @@ %{_mandir}/man3/sd_pid_notify.3.gz %{_mandir}/man3/sd_pid_notify_with_fds.3.gz %{_mandir}/man3/sd_pid_notifyf.3.gz -%{_mandir}/man3/sd_pidfd_get_cgroup.3.gz -%{_mandir}/man3/sd_pidfd_get_machine_name.3.gz -%{_mandir}/man3/sd_pidfd_get_owner_uid.3.gz -%{_mandir}/man3/sd_pidfd_get_session.3.gz -%{_mandir}/man3/sd_pidfd_get_slice.3.gz -%{_mandir}/man3/sd_pidfd_get_unit.3.gz -%{_mandir}/man3/sd_pidfd_get_user_slice.3.gz -%{_mandir}/man3/sd_pidfd_get_user_unit.3.gz %{_mandir}/man3/sd_seat_can_graphical.3.gz %{_mandir}/man3/sd_seat_can_tty.3.gz %{_mandir}/man3/sd_seat_get_active.3.gz diff --git a/files.experimental b/files.experimental index 0cea03ba..6bc23ede 100644 --- a/files.experimental +++ b/files.experimental @@ -27,7 +27,6 @@ %{_mandir}/man1/oomctl.1.gz %if %{with sd_boot} %{_mandir}/man1/systemd-measure.1.gz -%{_mandir}/man1/ukify.1.gz %endif %{_mandir}/man1/userdbctl.1.gz %{_mandir}/man5/homed.conf.5.gz @@ -44,9 +43,6 @@ %{_mandir}/man8/systemd-oomd.8.gz %{_mandir}/man8/systemd-oomd.service.8.gz %if %{with sd_boot} -%{_mandir}/man8/systemd-pcrfs-root.service.8.gz -%{_mandir}/man8/systemd-pcrfs@.service.8.gz -%{_mandir}/man8/systemd-pcrmachine.service.8.gz %{_mandir}/man8/systemd-pcrphase-initrd.service.8.gz %{_mandir}/man8/systemd-pcrphase-sysinit.service.8.gz %{_mandir}/man8/systemd-pcrphase.8.gz @@ -76,13 +72,9 @@ %{_systemd_util_dir}/systemd-sysupdate %{_systemd_util_dir}/systemd-userdbd %{_systemd_util_dir}/systemd-userwork -%if %{with sd_boot} -%{_systemd_util_dir}/ukify -%endif %{_sysusersdir}/systemd-oom.conf %if %{with sd_boot} %{_unitdir}/initrd.target.wants/systemd-pcrphase-initrd.service -%{_unitdir}/sysinit.target.wants/systemd-pcrmachine.service %{_unitdir}/sysinit.target.wants/systemd-pcrphase-sysinit.service %{_unitdir}/sysinit.target.wants/systemd-pcrphase.service %endif @@ -91,9 +83,6 @@ %{_unitdir}/systemd-oomd.service %{_unitdir}/systemd-oomd.socket %if %{with sd_boot} -%{_unitdir}/systemd-pcrfs-root.service -%{_unitdir}/systemd-pcrfs@.service -%{_unitdir}/systemd-pcrmachine.service %{_unitdir}/systemd-pcrphase-initrd.service %{_unitdir}/systemd-pcrphase-sysinit.service %{_unitdir}/systemd-pcrphase.service diff --git a/files.systemd b/files.systemd index 6d2276f1..b7b53f15 100644 --- a/files.systemd +++ b/files.systemd @@ -100,7 +100,6 @@ %{_bindir}/localectl %{_bindir}/loginctl %{_bindir}/systemctl -%{_bindir}/systemd-ac-power %{_bindir}/systemd-analyze %{_bindir}/systemd-ask-password %{_bindir}/systemd-cat @@ -233,8 +232,8 @@ %{_libdir}/libnss_myhostname.so.2 %{_libdir}/libnss_systemd.so.2 %endif -%{_libdir}/systemd/libsystemd-core-253.so -%{_libdir}/systemd/libsystemd-shared-253.so +%{_libdir}/systemd/libsystemd-core-252.so +%{_libdir}/systemd/libsystemd-shared-252.so %if %{without bootstrap} %{_mandir}/man1/busctl.1.gz %{_mandir}/man1/hostnamectl.1.gz @@ -243,7 +242,6 @@ %{_mandir}/man1/localectl.1.gz %{_mandir}/man1/loginctl.1.gz %{_mandir}/man1/systemctl.1.gz -%{_mandir}/man1/systemd-ac-power.1.gz %{_mandir}/man1/systemd-analyze.1.gz %{_mandir}/man1/systemd-ask-password.1.gz %{_mandir}/man1/systemd-cat.1.gz @@ -447,6 +445,7 @@ %{_systemd_util_dir}/scripts/upgrade-from-pre-210.sh %{_systemd_util_dir}/system-preset/99-default.preset %{_systemd_util_dir}/systemd +%{_systemd_util_dir}/systemd-ac-power %{_systemd_util_dir}/systemd-binfmt %{_systemd_util_dir}/systemd-boot-check-no-failures %{_systemd_util_dir}/systemd-cgroups-agent @@ -506,7 +505,6 @@ %{_systemdgeneratordir}/systemd-system-update-generator %{_sysusersdir}/systemd-journal.conf %{_sysusersdir}/systemd-timesync.conf -%{_tmpfilesdir}/credstore.conf %{_tmpfilesdir}/journal-nocow.conf %{_tmpfilesdir}/provision.conf %{_tmpfilesdir}/suse.conf @@ -643,7 +641,6 @@ %{_unitdir}/systemd-hybrid-sleep.service %{_unitdir}/systemd-journal-catalog-update.service %{_unitdir}/systemd-journal-flush.service -%{_unitdir}/systemd-journald-audit.socket %{_unitdir}/systemd-journald-dev-log.socket %{_unitdir}/systemd-journald-varlink@.socket %{_unitdir}/systemd-journald.service diff --git a/files.udev b/files.udev index a793d096..1ea1a437 100644 --- a/files.udev +++ b/files.udev @@ -94,6 +94,7 @@ %endif %{_prefix}/lib/udev/fido_id %{_prefix}/lib/udev/mtd_probe +%{_prefix}/lib/udev/path_id_compat %{_prefix}/lib/udev/scsi_id %{_prefix}/lib/udev/v4l_id %{_systemd_util_dir}/network/99-default.link @@ -173,6 +174,7 @@ %{_udevrulesdir}/60-persistent-v4l.rules %{_udevrulesdir}/60-sensor.rules %{_udevrulesdir}/60-serial.rules +%{_udevrulesdir}/61-persistent-storage-compat.rules %{_udevrulesdir}/64-btrfs.rules %{_udevrulesdir}/70-camera.rules %{_udevrulesdir}/70-joystick.rules @@ -224,8 +226,6 @@ %{_unitdir}/system-systemd\x2dcryptsetup.slice %endif %{_unitdir}/systemd-backlight@.service -%{_unitdir}/systemd-growfs-root.service -%{_unitdir}/systemd-growfs@.service %{_unitdir}/systemd-hwdb-update.service %if %{without bootstrap} %{_unitdir}/systemd-modules-load.service diff --git a/files.uefi-boot b/files.uefi-boot index 7c50c27a..75c3d0c4 100644 --- a/files.uefi-boot +++ b/files.uefi-boot @@ -26,20 +26,19 @@ %{_mandir}/man8/systemd-bless-boot-generator.8.gz %{_mandir}/man8/systemd-bless-boot.8.gz %{_mandir}/man8/systemd-bless-boot.service.8.gz -%{_mandir}/man8/systemd-boot-random-seed.service.8.gz +%{_mandir}/man8/systemd-boot-system-token.service.8.gz %endif %{_prefix}/lib/kernel/install.conf %{_prefix}/lib/kernel/install.d/50-depmod.install %{_prefix}/lib/kernel/install.d/90-loaderentry.install -%{_prefix}/lib/kernel/install.d/90-uki-copy.install # These are the few exceptions where glob pattern is allowed. %{_systemd_util_dir}/boot/efi/linux*.efi.stub %{_systemd_util_dir}/boot/efi/linux*.elf.stub %{_systemd_util_dir}/boot/efi/systemd-boot*.efi %{_systemd_util_dir}/systemd-bless-boot %{_systemdgeneratordir}/systemd-bless-boot-generator -%{_unitdir}/sysinit.target.wants/systemd-boot-random-seed.service +%{_unitdir}/sysinit.target.wants/systemd-boot-system-token.service %{_unitdir}/systemd-bless-boot.service -%{_unitdir}/systemd-boot-random-seed.service +%{_unitdir}/systemd-boot-system-token.service %{_unitdir}/systemd-boot-update.service %endif diff --git a/systemd-v252.7+suse.50.gd447802fee.tar.xz b/systemd-v252.7+suse.50.gd447802fee.tar.xz new file mode 100644 index 00000000..0a07938e --- /dev/null +++ b/systemd-v252.7+suse.50.gd447802fee.tar.xz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:fd9f697fdbb194da090ef87f472c1c6d05d16cfa49b3b668648ea6d3c8f177d2 +size 8089304 diff --git a/systemd-v253.1.tar.xz b/systemd-v253.1.tar.xz deleted file mode 100644 index 18ac8b19..00000000 --- a/systemd-v253.1.tar.xz +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:84aad84973ab74246f5eff59641a5570c3a0bb6fce66402a4644212d71f38d07 -size 8205144 diff --git a/systemd.changes b/systemd.changes index c87c37ca..897181a9 100644 --- a/systemd.changes +++ b/systemd.changes @@ -1,26 +1,3 @@ -------------------------------------------------------------------- -Thu Mar 9 10:38:10 UTC 2023 - Franck Bui - -- Add 5000-core-manager-run-generators-directly-when-we-are-in-.patch, a - temporary workaround until https://github.com/dracutdevs/dracut/issues/2211 is - fixed in dracut. - -------------------------------------------------------------------- -Mon Mar 6 10:08:33 UTC 2023 - Franck Bui - -- Upgrade to v253.1 (commit 6c327d74aa0d350482e82a247d7018559699798d) - - See https://github.com/openSUSE/systemd/blob/SUSE/v253/NEWS for details. - - * Rebased 0001-conf-parser-introduce-early-drop-ins.patch - - * Ship systemd-journald-audit.socket again: it can now be disabled via the - usual "systemctl disable" mechanism to stop collection of audit - messages. Note that it's handled by the preset logic, which turns it off by - default. - - * TEST_06_SELINUX needs selinux-policy-devel. - ------------------------------------------------------------------- Mon Mar 6 08:40:35 UTC 2023 - Franck Bui diff --git a/systemd.spec b/systemd.spec index a4b18fcc..75d654a5 100644 --- a/systemd.spec +++ b/systemd.spec @@ -19,7 +19,7 @@ %global flavor @BUILD_FLAVOR@%{nil} %define min_kernel_version 4.5 -%define archive_version %nil +%define archive_version +suse.50.gd447802fee %define _testsuitedir /usr/lib/systemd/tests %define xinitconfdir %{?_distconfdir}%{!?_distconfdir:%{_sysconfdir}}/X11/xinit @@ -72,7 +72,7 @@ Name: systemd%{?mini} URL: http://www.freedesktop.org/wiki/Software/systemd -Version: 253.1 +Version: 252.7 Release: 0 Summary: A System and Session Manager License: LGPL-2.1-or-later @@ -209,10 +209,9 @@ Patch12: 0009-pid1-handle-console-specificities-weirdness-for-s390.patch # Patches listed below are put in quarantine. Normally all changes must go to # upstream first and then are cherry-picked in the SUSE git repository. But for -# very few cases, some stuff might be broken in upstream and need to be fixed or -# worked around quickly. In these cases, the patches are added temporarily and -# will be removed as soon as a proper fix will be merged by upstream. -Patch5000: 5000-core-manager-run-generators-directly-when-we-are-in-.patch +# very few cases, some stuff might be broken in upstream and need to be fixed +# quickly. But even in these cases, the patches are temporary and should be +# removed as soon as a fix is merged by upstream. %description Systemd is a system and service manager, compatible with SysV and LSB @@ -531,7 +530,6 @@ Requires: netcat Requires: python3-pexpect Requires: qemu-kvm Requires: quota -Requires: selinux-policy-devel Requires: socat Requires: squashfs Requires: systemd-container @@ -887,8 +885,8 @@ rm -f %{buildroot}%{_presetdir}/*.preset echo 'disable *' >%{buildroot}%{_presetdir}/99-default.preset echo 'disable *' >%{buildroot}%{_userpresetdir}/99-default.preset -# The current situation with tmpfiles snippets dealing with the generic paths is -# pretty messy currently because: +# The tmpfiles dealing with the generic paths is pretty messy +# currently because: # # 1. filesystem package wants to define the generic paths and some of them # conflict with the definition given by systemd in var.conf, see @@ -932,6 +930,12 @@ fi # still be used by yast. cat %{SOURCE14} >>%{buildroot}%{_datarootdir}/systemd/kbd-model-map +# Don't ship systemd-journald-audit.socket as there's no other way for us to +# prevent journald from recording audit messages in the journal by default +# (bsc#1109252). +rm -f %{buildroot}%{_unitdir}/systemd-journald-audit.socket +rm -f %{buildroot}%{_unitdir}/sockets.target.wants/systemd-journald-audit.socket + %if %{with testsuite} # -Dinstall_test took care of installing the unit tests only (those in # src/tests) and testdata directory. Here we copy the integration tests @@ -960,7 +964,6 @@ tar -cO \ %systemd_pre remote-fs.target %systemd_pre getty@.service %systemd_pre systemd-timesyncd.service -%systemd_pre systemd-journald-audit.socket %post # Make /etc/machine-id an empty file during package installation. On the first @@ -1020,7 +1023,6 @@ fi %systemd_post remote-fs.target %systemd_post getty@.service %systemd_post systemd-timesyncd.service -%systemd_post systemd-journald-audit.socket # v228 wrongly set world writable suid root permissions on timestamp files used # by permanent timers. Fix the timestamps that might have been created by the @@ -1312,13 +1314,13 @@ fi %defattr(-,root,root) %license LICENSE.LGPL2.1 %{_libdir}/libsystemd.so.0 -%{_libdir}/libsystemd.so.0.36.0 +%{_libdir}/libsystemd.so.0.35.0 %files -n libudev%{?mini}1 %defattr(-,root,root) %license LICENSE.LGPL2.1 %{_libdir}/libudev.so.1 -%{_libdir}/libudev.so.1.7.6 +%{_libdir}/libudev.so.1.7.5 %if %{with coredump} %files coredump