From 9dc0c1c53308e0d04cf3902e198ce9b1f15c98383901e8b07fcd433b3d289c8d Mon Sep 17 00:00:00 2001 From: Dominique Leuenberger Date: Tue, 20 Jun 2017 07:33:30 +0000 Subject: [PATCH] Accepting request 504040 from Base:System 1 OBS-URL: https://build.opensuse.org/request/show/504040 OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/systemd?expand=0&rev=255 --- systemd-232.tar.xz | 3 - systemd-233.tar.xz | 3 + systemd-mini.changes | 65 +++++++++++++++++++++ systemd-mini.spec | 31 +++++++++- systemd-sysv-convert | 132 ++++++++++++++++++++++++------------------- systemd-user | 9 +++ systemd.changes | 65 +++++++++++++++++++++ systemd.spec | 31 +++++++++- 8 files changed, 272 insertions(+), 67 deletions(-) delete mode 100644 systemd-232.tar.xz create mode 100644 systemd-233.tar.xz create mode 100644 systemd-user diff --git a/systemd-232.tar.xz b/systemd-232.tar.xz deleted file mode 100644 index 345e172d..00000000 --- a/systemd-232.tar.xz +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:81d3fc89d42d3f3f27d898e94ef8e7d6b5b6bae6deccaffc0a778b30f4b7c570 -size 3213256 diff --git a/systemd-233.tar.xz b/systemd-233.tar.xz new file mode 100644 index 00000000..15902cbf --- /dev/null +++ b/systemd-233.tar.xz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:68abe8a1ad8d19c64f4e10fdee7b8aceebc7d49fc2bb2711408171bdc841e67a +size 3255548 diff --git a/systemd-mini.changes b/systemd-mini.changes index ed4231ac..ffafade9 100644 --- a/systemd-mini.changes +++ b/systemd-mini.changes @@ -1,3 +1,68 @@ +------------------------------------------------------------------- +Fri Jun 16 09:14:43 UTC 2017 - fbui@suse.com + +- Make sure "lock" group is created + + On SUSE distros, /run/lock must be owned by "lock" group (see + boo#733523). + + This group was previously created by another package but since a + recent changes it doesn't seem to be true anymore or at least this + package isn't pulled in anymore when building the rescue system. + + For now make systemd creates the group by adding + "Requires: group(post)". + + I'm currently not sure why we don't use sysusers.d stuff for that + purpose and if the "lock" group on /run/lock is still + mandatory. This should be revisited later. + +------------------------------------------------------------------- +Wed Jun 7 08:17:54 UTC 2017 - fbui@suse.com + +- Make sure dracut (if installed) will embed the new compat rule (bsc#982303) + + The new compat rule must be embedded in the initramfs so make sure + that the installed dracut supports it. + +------------------------------------------------------------------- +Wed May 24 11:23:10 UTC 2017 - fbui@suse.com + +- Upgrade to v233 (commit 330b55d5e28d17f361062dba66426e46fb7d7857) + + - package new systemd-umount binary + - package new environment generator stuff + - drop /dev/root symlink support + - /etc/pam.d/systemd-user is not patched anymore but we ship a + dedicated file for SUSE now. + - manage compat symlink generation in a dedicated branch (bsc#1040153) + +------------------------------------------------------------------- +Wed May 17 15:57:19 UTC 2017 - fbui@suse.com + +- Fix systemd-sysv-convert when a package starts shipping service units (bsc#982303) + + The database might be missing when upgrading a package which was + shipping no sysv init scripts nor unit files (at the time --save was + called) but the new version start shipping unit files. + +------------------------------------------------------------------- +Wed May 17 13:14:40 UTC 2017 - fbui@suse.com + +- Fix indentation in systemd-sysv-convert + + While at it, strip trailing whitespaces. + + No functional changes. + +------------------------------------------------------------------- +Thu May 11 08:47:48 UTC 2017 - fbui@suse.com + +- Disable group shadow support (bsc#1029516) + + The new configure option will be imported during the next tarball + update. + ------------------------------------------------------------------- Tue May 2 16:17:08 UTC 2017 - fbui@suse.com diff --git a/systemd-mini.spec b/systemd-mini.spec index be8414b7..a40555f2 100644 --- a/systemd-mini.spec +++ b/systemd-mini.spec @@ -49,7 +49,7 @@ Name: systemd-mini Url: http://www.freedesktop.org/wiki/Software/systemd -Version: 232 +Version: 233 Release: 0 Summary: A System and Session Manager License: LGPL-2.1+ @@ -121,6 +121,7 @@ Requires: systemd-presets-branding Requires: sysvinit-tools Requires: udev = %{version}-%{release} Requires: util-linux >= 2.27.1 +Requires: group(lock) Recommends: %{name}-bash-completion Requires(post): coreutils Requires(post): findutils @@ -142,6 +143,7 @@ Obsoletes: pm-utils <= 1.4.1 Obsoletes: suspend <= 1.0 Source0: systemd-%{version}.tar.xz Source1: %{name}-rpmlintrc +Source2: systemd-user Source3: systemd-sysv-convert Source6: baselibs.conf Source7: libgcrypt.m4 @@ -237,6 +239,7 @@ Conflicts: systemd < 39 Conflicts: aaa_base < 11.5 Conflicts: filesystem < 11.5 Conflicts: mkinitrd < 2.7.0 +Conflicts: dracut < 044.1 Conflicts: util-linux < 2.16 Conflicts: ConsoleKit < 0.4.1 Requires: filesystem @@ -433,6 +436,7 @@ systemd_cryptsetup_LDFLAGS =\\\ --disable-lto \ --disable-tests \ --without-kill-user-processes \ + --with-default-hierarchy=hybrid \ --with-rc-local-script-path-start=/etc/init.d/boot.local \ --with-rc-local-script-path-stop=/etc/init.d/halt.local \ --with-debug-shell=/bin/bash \ @@ -441,6 +445,7 @@ systemd_cryptsetup_LDFLAGS =\\\ --disable-adm-group \ --disable-wheel-group \ --disable-ldconfig \ + --disable-gshadow \ %if %{without networkd} --disable-networkd \ %endif @@ -497,6 +502,10 @@ ln -s ../usr/bin/systemctl %{buildroot}/sbin/runlevel rm -rf %{buildroot}/etc/systemd/system/*.target.wants rm -f %{buildroot}/etc/systemd/system/default.target +# Overwrite /etc/pam.d/systemd-user shipped by upstream with one +# customized for openSUSE distros. +install -m0644 %{S:2} %{buildroot}%{_sysconfdir}/pam.d/ + # We keep a copy of tmp.mount because it may be removed if not used # (see %post): we want to be sure tmpfs won't be used for /tmp by # default on Suse distros. @@ -756,6 +765,14 @@ elif [ ! -e /lib/udev ]; then ln -s /usr/lib/udev /lib/udev fi +# New installations uses the last compat symlink generation number +# (currently at 2), which basically disables all compat symlinks. On +# old systems, the file doesn't exist. This is equivalent to +# generation #1, which enables the creation of all compat symlinks. +if [ $1 -eq 1 ]; then + echo "COMPAT_SYMLINK_GENERATION=2">/usr/lib/udev/compat-symlink-generation +fi + # Create "tape"/"input" group which is referenced by some udev rules # that we're shipping. FIXME: maybe we should consider using # "sysusers_create basic.conf" instead ? @@ -869,6 +886,7 @@ fi %{_bindir}/systemd-path %{_bindir}/systemd-sysusers %{_bindir}/systemd-mount +%{_bindir}/systemd-umount %{_bindir}/systemd-notify %{_bindir}/systemd-run %{_bindir}/journalctl @@ -921,7 +939,7 @@ fi %{_prefix}/lib/systemd/user/*.service %{_prefix}/lib/systemd/systemd-* %{_prefix}/lib/systemd/systemd -%{_prefix}/lib/systemd/libsystemd-shared-%{version}.so +%{_prefix}/lib/systemd/libsystemd-shared-*.so %{_prefix}/lib/systemd/resolv.conf %{_prefix}/lib/systemd/fix-machines-subvol-for-rollbacks.sh %dir %{_prefix}/lib/systemd/catalog @@ -931,6 +949,7 @@ fi %{_prefix}/lib/systemd/user-preset %{_prefix}/lib/systemd/system-generators %{_prefix}/lib/systemd/user-generators +%{_prefix}/lib/systemd/user-environment-generators %dir %{_prefix}/lib/systemd/ntp-units.d/ %dir %{_prefix}/lib/systemd/system-shutdown/ %dir %{_prefix}/lib/systemd/system-sleep/ @@ -961,6 +980,8 @@ fi %{_libexecdir}/tmpfiles.d/ %exclude %{_libexecdir}/tmpfiles.d/systemd-remote.conf +%{_libexecdir}/environment.d/ + %dir %{_libexecdir}/binfmt.d %dir %{_sysconfdir}/binfmt.d @@ -1076,6 +1097,9 @@ fi %if %{with importd} %{_datadir}/polkit-1/actions/org.freedesktop.import1.policy %endif +%if %{with networkd} +%{_datadir}/polkit-1/rules.d/systemd-networkd.rules +%endif %if ! 0%{?bootstrap} %{_mandir}/man1/[a-rt-z]*ctl.1* @@ -1090,6 +1114,7 @@ fi %{_mandir}/man8/systemd-h[aioy]* %{_mandir}/man8/systemd-journald* %{_mandir}/man8/systemd-u[ps]* +%{_mandir}/man8/30-systemd-environment-d-generator.* %endif %{_docdir}/systemd @@ -1157,7 +1182,7 @@ fi %{_prefix}/lib/udev/scsi_id %{_prefix}/lib/udev/v4l_id %{_prefix}/lib/udev/remount-tmpfs -%{_prefix}/lib/udev/rootsymlink-generator +%ghost %{_prefix}/lib/udev/compat-symlink-generation %dir %{_prefix}/lib/udev/rules.d/ %exclude %{_prefix}/lib/udev/rules.d/70-uaccess.rules %exclude %{_prefix}/lib/udev/rules.d/71-seat.rules diff --git a/systemd-sysv-convert b/systemd-sysv-convert index c9f777a6..479c8ba3 100644 --- a/systemd-sysv-convert +++ b/systemd-sysv-convert @@ -9,15 +9,15 @@ declare -A results_runlevel declare -A results_priority usage() { -cat << EOF + cat << EOF usage: systemd-sysv-convert [-h] [--save] [--show] [--apply] SERVICE [SERVICE ...] EOF } help() { -usage -cat << EOF + usage + cat << EOF Save and Restore SysV Service Runlevel Information positional arguments: @@ -33,45 +33,48 @@ EOF } find_service() { -local service -local runlevel -declare -i priority -service=$1 -runlevel=$2 -priority=-1 -for l in $(ls /etc/rc.d/rc$runlevel.d/) ; do - initscript=$(basename $l) - if [ ${initscript:0:1} != "S" -o ${initscript:3} != "$service" ]; then - continue - fi - if [ ${initscript:1:2} -ge 0 -a ${initscript:1:2} -le 99 -a ${initscript:1:2} -ge $priority ]; then - if [ ${initscript:1:1} == 0 ]; then - priority=${initscript:2:1} - else - priority=${initscript:1:2} + local service + local runlevel + declare -i priority + + service=$1 + runlevel=$2 + priority=-1 + + for l in $(ls /etc/rc.d/rc$runlevel.d/) ; do + initscript=$(basename $l) + if [ ${initscript:0:1} != "S" -o ${initscript:3} != "$service" ]; then + continue fi + if [ ${initscript:1:2} -ge 0 -a ${initscript:1:2} -le 99 -a ${initscript:1:2} -ge $priority ]; then + if [ ${initscript:1:1} == 0 ]; then + priority=${initscript:2:1} + else + priority=${initscript:1:2} + fi + fi + done + if [ $priority -ge 0 ]; then + return $priority fi -done -if [ $priority -ge 0 ]; then - return $priority -else return 255 -fi } lookup_database() { -local services -local service -local service_file -local runlevel -local priority -local -i k -declare -a parsed -services=$@ -k=0 -results_runlevel=() -results_priority=() -while read line ; do + local services + local service + local service_file + local runlevel + local priority + local -i k + declare -a parsed + + services=$@ + k=0 + results_runlevel=() + results_priority=() + + while read line ; do k+=1 parsed=($line) service=${parsed[0]} @@ -85,7 +88,7 @@ while read line ; do echo "Priority out of bounds in database line $k. Ignoring" >/dev/stderr continue fi - + declare -i found found=0 for s in $services ; do @@ -99,12 +102,12 @@ while read line ; do fi results_runlevel[$service]+=" $runlevel" results_priority[$service]+=" $priority" -done < /var/lib/systemd/sysv-convert/database + done < /var/lib/systemd/sysv-convert/database } declare -i fail=0 -case "$1" in - -h|--help) +case "$1" in + -h|--help) help exit 0 ;; @@ -112,17 +115,16 @@ case "$1" in shift for service in $@ ; do if [ ! -r "/etc/init.d/$service" ]; then - echo "SysV service $service does not exist" >/dev/stderr - let fail++ + echo "SysV service $service does not exist, skipping" continue fi for runlevel in 2 3 4 5; do find_service $service $runlevel priority=$? if [ $priority -lt 255 ]; then - echo "$service $runlevel $priority" + echo "$service $runlevel $priority" >>/var/lib/systemd/sysv-convert/database fi - done >>/var/lib/systemd/sysv-convert/database + done done ;; --show) @@ -153,23 +155,37 @@ case "$1" in exit 1 fi done - lookup_database $services - for service in $services; do - [ -f "/lib/systemd/system/$service.service" ] && service_file="/lib/systemd/system/$service.service" - [ -f "/usr/lib/systemd/system/$service.service" ] && service_file="/usr/lib/systemd/system/$service.service" - # If $service is not present in the database, - # then it simply means that the sysv init - # service was not enabled at all. - for runlevel in ${results_runlevel[$service]}; do - echo ln -sf $service_file /etc/systemd/system/runlevel$runlevel.target.wants/$service.service >/dev/stderr - mkdir -p "/etc/systemd/system/runlevel$runlevel.target.wants" - /bin/ln -sf $service_file /etc/systemd/system/runlevel$runlevel.target.wants/$service.service + # + # The database might no have been created by a previous --save + # call. This can happen when: + # + # - we're upgrading a package which initially didn't + # have any unit file nor sysv init script and now + # start shipping one or more unit files (bsc#982303). + # + # - the sysv init service wasn't enabled at all before + # being migrated to a native unit file (bsc#982211). + # + if [ -e /var/lib/systemd/sysv-convert/database ]; then + lookup_database $services + for service in $services; do + [ -f "/lib/systemd/system/$service.service" ] && service_file="/lib/systemd/system/$service.service" + [ -f "/usr/lib/systemd/system/$service.service" ] && service_file="/usr/lib/systemd/system/$service.service" + + # If $service is not present in the database, + # then it simply means that the sysv init + # service was not enabled at all. + for runlevel in ${results_runlevel[$service]}; do + echo ln -sf $service_file /etc/systemd/system/runlevel$runlevel.target.wants/$service.service >/dev/stderr + mkdir -p "/etc/systemd/system/runlevel$runlevel.target.wants" + /bin/ln -sf $service_file /etc/systemd/system/runlevel$runlevel.target.wants/$service.service + done done - - done + fi ;; - *) usage + *) + usage let fail=2 ;; esac diff --git a/systemd-user b/systemd-user new file mode 100644 index 00000000..f1d252b7 --- /dev/null +++ b/systemd-user @@ -0,0 +1,9 @@ +# This file is part of systemd. +# +# Used by systemd --user instances. + +account include common-account + +session required pam_selinux.so close +session required pam_selinux.so nottys open +session include common-session diff --git a/systemd.changes b/systemd.changes index ed4231ac..ffafade9 100644 --- a/systemd.changes +++ b/systemd.changes @@ -1,3 +1,68 @@ +------------------------------------------------------------------- +Fri Jun 16 09:14:43 UTC 2017 - fbui@suse.com + +- Make sure "lock" group is created + + On SUSE distros, /run/lock must be owned by "lock" group (see + boo#733523). + + This group was previously created by another package but since a + recent changes it doesn't seem to be true anymore or at least this + package isn't pulled in anymore when building the rescue system. + + For now make systemd creates the group by adding + "Requires: group(post)". + + I'm currently not sure why we don't use sysusers.d stuff for that + purpose and if the "lock" group on /run/lock is still + mandatory. This should be revisited later. + +------------------------------------------------------------------- +Wed Jun 7 08:17:54 UTC 2017 - fbui@suse.com + +- Make sure dracut (if installed) will embed the new compat rule (bsc#982303) + + The new compat rule must be embedded in the initramfs so make sure + that the installed dracut supports it. + +------------------------------------------------------------------- +Wed May 24 11:23:10 UTC 2017 - fbui@suse.com + +- Upgrade to v233 (commit 330b55d5e28d17f361062dba66426e46fb7d7857) + + - package new systemd-umount binary + - package new environment generator stuff + - drop /dev/root symlink support + - /etc/pam.d/systemd-user is not patched anymore but we ship a + dedicated file for SUSE now. + - manage compat symlink generation in a dedicated branch (bsc#1040153) + +------------------------------------------------------------------- +Wed May 17 15:57:19 UTC 2017 - fbui@suse.com + +- Fix systemd-sysv-convert when a package starts shipping service units (bsc#982303) + + The database might be missing when upgrading a package which was + shipping no sysv init scripts nor unit files (at the time --save was + called) but the new version start shipping unit files. + +------------------------------------------------------------------- +Wed May 17 13:14:40 UTC 2017 - fbui@suse.com + +- Fix indentation in systemd-sysv-convert + + While at it, strip trailing whitespaces. + + No functional changes. + +------------------------------------------------------------------- +Thu May 11 08:47:48 UTC 2017 - fbui@suse.com + +- Disable group shadow support (bsc#1029516) + + The new configure option will be imported during the next tarball + update. + ------------------------------------------------------------------- Tue May 2 16:17:08 UTC 2017 - fbui@suse.com diff --git a/systemd.spec b/systemd.spec index ecb0ea33..55318178 100644 --- a/systemd.spec +++ b/systemd.spec @@ -47,7 +47,7 @@ Name: systemd Url: http://www.freedesktop.org/wiki/Software/systemd -Version: 232 +Version: 233 Release: 0 Summary: A System and Session Manager License: LGPL-2.1+ @@ -119,6 +119,7 @@ Requires: systemd-presets-branding Requires: sysvinit-tools Requires: udev = %{version}-%{release} Requires: util-linux >= 2.27.1 +Requires: group(lock) Recommends: %{name}-bash-completion Requires(post): coreutils Requires(post): findutils @@ -140,6 +141,7 @@ Obsoletes: pm-utils <= 1.4.1 Obsoletes: suspend <= 1.0 Source0: systemd-%{version}.tar.xz Source1: %{name}-rpmlintrc +Source2: systemd-user Source3: systemd-sysv-convert Source6: baselibs.conf Source7: libgcrypt.m4 @@ -235,6 +237,7 @@ Conflicts: systemd < 39 Conflicts: aaa_base < 11.5 Conflicts: filesystem < 11.5 Conflicts: mkinitrd < 2.7.0 +Conflicts: dracut < 044.1 Conflicts: util-linux < 2.16 Conflicts: ConsoleKit < 0.4.1 Requires: filesystem @@ -431,6 +434,7 @@ systemd_cryptsetup_LDFLAGS =\\\ --disable-lto \ --disable-tests \ --without-kill-user-processes \ + --with-default-hierarchy=hybrid \ --with-rc-local-script-path-start=/etc/init.d/boot.local \ --with-rc-local-script-path-stop=/etc/init.d/halt.local \ --with-debug-shell=/bin/bash \ @@ -439,6 +443,7 @@ systemd_cryptsetup_LDFLAGS =\\\ --disable-adm-group \ --disable-wheel-group \ --disable-ldconfig \ + --disable-gshadow \ %if %{without networkd} --disable-networkd \ %endif @@ -495,6 +500,10 @@ ln -s ../usr/bin/systemctl %{buildroot}/sbin/runlevel rm -rf %{buildroot}/etc/systemd/system/*.target.wants rm -f %{buildroot}/etc/systemd/system/default.target +# Overwrite /etc/pam.d/systemd-user shipped by upstream with one +# customized for openSUSE distros. +install -m0644 %{S:2} %{buildroot}%{_sysconfdir}/pam.d/ + # We keep a copy of tmp.mount because it may be removed if not used # (see %post): we want to be sure tmpfs won't be used for /tmp by # default on Suse distros. @@ -754,6 +763,14 @@ elif [ ! -e /lib/udev ]; then ln -s /usr/lib/udev /lib/udev fi +# New installations uses the last compat symlink generation number +# (currently at 2), which basically disables all compat symlinks. On +# old systems, the file doesn't exist. This is equivalent to +# generation #1, which enables the creation of all compat symlinks. +if [ $1 -eq 1 ]; then + echo "COMPAT_SYMLINK_GENERATION=2">/usr/lib/udev/compat-symlink-generation +fi + # Create "tape"/"input" group which is referenced by some udev rules # that we're shipping. FIXME: maybe we should consider using # "sysusers_create basic.conf" instead ? @@ -867,6 +884,7 @@ fi %{_bindir}/systemd-path %{_bindir}/systemd-sysusers %{_bindir}/systemd-mount +%{_bindir}/systemd-umount %{_bindir}/systemd-notify %{_bindir}/systemd-run %{_bindir}/journalctl @@ -919,7 +937,7 @@ fi %{_prefix}/lib/systemd/user/*.service %{_prefix}/lib/systemd/systemd-* %{_prefix}/lib/systemd/systemd -%{_prefix}/lib/systemd/libsystemd-shared-%{version}.so +%{_prefix}/lib/systemd/libsystemd-shared-*.so %{_prefix}/lib/systemd/resolv.conf %{_prefix}/lib/systemd/fix-machines-subvol-for-rollbacks.sh %dir %{_prefix}/lib/systemd/catalog @@ -929,6 +947,7 @@ fi %{_prefix}/lib/systemd/user-preset %{_prefix}/lib/systemd/system-generators %{_prefix}/lib/systemd/user-generators +%{_prefix}/lib/systemd/user-environment-generators %dir %{_prefix}/lib/systemd/ntp-units.d/ %dir %{_prefix}/lib/systemd/system-shutdown/ %dir %{_prefix}/lib/systemd/system-sleep/ @@ -959,6 +978,8 @@ fi %{_libexecdir}/tmpfiles.d/ %exclude %{_libexecdir}/tmpfiles.d/systemd-remote.conf +%{_libexecdir}/environment.d/ + %dir %{_libexecdir}/binfmt.d %dir %{_sysconfdir}/binfmt.d @@ -1074,6 +1095,9 @@ fi %if %{with importd} %{_datadir}/polkit-1/actions/org.freedesktop.import1.policy %endif +%if %{with networkd} +%{_datadir}/polkit-1/rules.d/systemd-networkd.rules +%endif %if ! 0%{?bootstrap} %{_mandir}/man1/[a-rt-z]*ctl.1* @@ -1088,6 +1112,7 @@ fi %{_mandir}/man8/systemd-h[aioy]* %{_mandir}/man8/systemd-journald* %{_mandir}/man8/systemd-u[ps]* +%{_mandir}/man8/30-systemd-environment-d-generator.* %endif %{_docdir}/systemd @@ -1155,7 +1180,7 @@ fi %{_prefix}/lib/udev/scsi_id %{_prefix}/lib/udev/v4l_id %{_prefix}/lib/udev/remount-tmpfs -%{_prefix}/lib/udev/rootsymlink-generator +%ghost %{_prefix}/lib/udev/compat-symlink-generation %dir %{_prefix}/lib/udev/rules.d/ %exclude %{_prefix}/lib/udev/rules.d/70-uaccess.rules %exclude %{_prefix}/lib/udev/rules.d/71-seat.rules