diff --git a/libgcrypt.m4 b/libgcrypt.m4 deleted file mode 100644 index b0aeccd2..00000000 --- a/libgcrypt.m4 +++ /dev/null @@ -1,123 +0,0 @@ -dnl Autoconf macros for libgcrypt -dnl Copyright (C) 2002, 2004 Free Software Foundation, Inc. -dnl -dnl This file is free software; as a special exception the author gives -dnl unlimited permission to copy and/or distribute it, with or without -dnl modifications, as long as this notice is preserved. -dnl -dnl This file is distributed in the hope that it will be useful, but -dnl WITHOUT ANY WARRANTY, to the extent permitted by law; without even the -dnl implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. - - -dnl AM_PATH_LIBGCRYPT([MINIMUM-VERSION, -dnl [ACTION-IF-FOUND [, ACTION-IF-NOT-FOUND ]]]) -dnl Test for libgcrypt and define LIBGCRYPT_CFLAGS and LIBGCRYPT_LIBS. -dnl MINIMUN-VERSION is a string with the version number optionalliy prefixed -dnl with the API version to also check the API compatibility. Example: -dnl a MINIMUN-VERSION of 1:1.2.5 won't pass the test unless the installed -dnl version of libgcrypt is at least 1.2.5 *and* the API number is 1. Using -dnl this features allows to prevent build against newer versions of libgcrypt -dnl with a changed API. -dnl -AC_DEFUN([AM_PATH_LIBGCRYPT], -[ AC_ARG_WITH(libgcrypt-prefix, - AC_HELP_STRING([--with-libgcrypt-prefix=PFX], - [prefix where LIBGCRYPT is installed (optional)]), - libgcrypt_config_prefix="$withval", libgcrypt_config_prefix="") - if test x$libgcrypt_config_prefix != x ; then - if test x${LIBGCRYPT_CONFIG+set} != xset ; then - LIBGCRYPT_CONFIG=$libgcrypt_config_prefix/bin/libgcrypt-config - fi - fi - - AC_PATH_TOOL(LIBGCRYPT_CONFIG, libgcrypt-config, no) - tmp=ifelse([$1], ,1:1.2.0,$1) - if echo "$tmp" | grep ':' >/dev/null 2>/dev/null ; then - req_libgcrypt_api=`echo "$tmp" | sed 's/\(.*\):\(.*\)/\1/'` - min_libgcrypt_version=`echo "$tmp" | sed 's/\(.*\):\(.*\)/\2/'` - else - req_libgcrypt_api=0 - min_libgcrypt_version="$tmp" - fi - - AC_MSG_CHECKING(for LIBGCRYPT - version >= $min_libgcrypt_version) - ok=no - if test "$LIBGCRYPT_CONFIG" != "no" ; then - req_major=`echo $min_libgcrypt_version | \ - sed 's/\([[0-9]]*\)\.\([[0-9]]*\)\.\([[0-9]]*\)/\1/'` - req_minor=`echo $min_libgcrypt_version | \ - sed 's/\([[0-9]]*\)\.\([[0-9]]*\)\.\([[0-9]]*\)/\2/'` - req_micro=`echo $min_libgcrypt_version | \ - sed 's/\([[0-9]]*\)\.\([[0-9]]*\)\.\([[0-9]]*\)/\3/'` - libgcrypt_config_version=`$LIBGCRYPT_CONFIG --version` - major=`echo $libgcrypt_config_version | \ - sed 's/\([[0-9]]*\)\.\([[0-9]]*\)\.\([[0-9]]*\).*/\1/'` - minor=`echo $libgcrypt_config_version | \ - sed 's/\([[0-9]]*\)\.\([[0-9]]*\)\.\([[0-9]]*\).*/\2/'` - micro=`echo $libgcrypt_config_version | \ - sed 's/\([[0-9]]*\)\.\([[0-9]]*\)\.\([[0-9]]*\).*/\3/'` - if test "$major" -gt "$req_major"; then - ok=yes - else - if test "$major" -eq "$req_major"; then - if test "$minor" -gt "$req_minor"; then - ok=yes - else - if test "$minor" -eq "$req_minor"; then - if test "$micro" -ge "$req_micro"; then - ok=yes - fi - fi - fi - fi - fi - fi - if test $ok = yes; then - AC_MSG_RESULT([yes ($libgcrypt_config_version)]) - else - AC_MSG_RESULT(no) - fi - if test $ok = yes; then - # If we have a recent libgcrypt, we should also check that the - # API is compatible - if test "$req_libgcrypt_api" -gt 0 ; then - tmp=`$LIBGCRYPT_CONFIG --api-version 2>/dev/null || echo 0` - if test "$tmp" -gt 0 ; then - AC_MSG_CHECKING([LIBGCRYPT API version]) - if test "$req_libgcrypt_api" -eq "$tmp" ; then - AC_MSG_RESULT([okay]) - else - ok=no - AC_MSG_RESULT([does not match. want=$req_libgcrypt_api got=$tmp]) - fi - fi - fi - fi - if test $ok = yes; then - LIBGCRYPT_CFLAGS=`$LIBGCRYPT_CONFIG --cflags` - LIBGCRYPT_LIBS=`$LIBGCRYPT_CONFIG --libs` - ifelse([$2], , :, [$2]) - if test x"$host" != x ; then - libgcrypt_config_host=`$LIBGCRYPT_CONFIG --host 2>/dev/null || echo none` - if test x"$libgcrypt_config_host" != xnone ; then - if test x"$libgcrypt_config_host" != x"$host" ; then - AC_MSG_WARN([[ -*** -*** The config script $LIBGCRYPT_CONFIG was -*** built for $libgcrypt_config_host and thus may not match the -*** used host $host. -*** You may want to use the configure option --with-libgcrypt-prefix -*** to specify a matching config script. -***]]) - fi - fi - fi - else - LIBGCRYPT_CFLAGS="" - LIBGCRYPT_LIBS="" - ifelse([$3], , :, [$3]) - fi - AC_SUBST(LIBGCRYPT_CFLAGS) - AC_SUBST(LIBGCRYPT_LIBS) -]) diff --git a/suse-disable-tmpfs-for-tmp.service b/suse-disable-tmpfs-for-tmp.service deleted file mode 100644 index df598082..00000000 --- a/suse-disable-tmpfs-for-tmp.service +++ /dev/null @@ -1,33 +0,0 @@ -# -# By default, /tmp doesn't use tmpfs on SUSE distros. -# -# This service is either run automatically during the firstboot (i.e. -# only once) of the system. -# -# Or it can also be (manually) started during systemd update (%post) -# only and only if tmp.mount wasn't already installed by the admin in -# /usr/lib during %pre. In this case tmp.mount should also masked. -# -# In any cases this service will never mask tmp.mount if the service -# has been created by either the admin or fstab-generator. -# -[Unit] -Description=Mask tmp.mount by default on SUSE systems -DefaultDependencies=no -Conflicts=shutdown.target -After=systemd-remount-fs.service -Before=tmp.mount -ConditionPathIsReadWrite=/etc -ConditionPathExists=!/usr/lib/systemd/system/.disable-tmpfs-for-tmp~done - -[Service] -Type=oneshot -RemainAfterExit=yes -ExecStart=/bin/sh -c ' \ - case "$(systemctl show -pFragmentPath tmp.mount)" in \ - FragmentPath=/usr/lib/systemd/system/tmp.mount) \ - systemctl mask --now tmp.mount ;; \ - FragmentPath=/usr/share/systemd/tmp.mount) \ - ln -sf /usr/lib/systemd/system/tmp.mount /etc/systemd/system/ ;; \ - esac' -ExecStartPost=/usr/bin/touch /usr/lib/systemd/system/.disable-tmpfs-for-tmp~done diff --git a/systemd-234.tar.xz b/systemd-234.tar.xz index 75985aaa..bf54056e 100644 --- a/systemd-234.tar.xz +++ b/systemd-234.tar.xz @@ -1,3 +1,3 @@ version https://git-lfs.github.com/spec/v1 -oid sha256:99fb2aa924449a90db2431507c82cb778a7563e22de08f1ac8e9e77c30c06fc3 -size 3353804 +oid sha256:3ebafff50a8ea2bce9ed34712b14947d8754fbdd4a1c085aa9dd285450e8dd2d +size 3354512 diff --git a/systemd-mini.changes b/systemd-mini.changes index 0fd8a7e7..4b3c533d 100644 --- a/systemd-mini.changes +++ b/systemd-mini.changes @@ -1,3 +1,82 @@ +------------------------------------------------------------------- +Fri Feb 9 14:01:24 UTC 2018 - fbui@suse.com + +- Import commit 4a6a1e4f0b02e6cedf7eba93b85a6dd968f875c7 + + db1d8eacd compat-rules: make path_id_compat build with meson + +- Drop 0001-compat-rules-make-path_id_compat-build-with-meson.patch + which is now part of the git repo (see above). + +------------------------------------------------------------------- +Fri Feb 9 07:59:56 UTC 2018 - fbui@suse.com + +- Don't ship /usr/lib/systemd/system/tmp.mnt at all (bsc#1071224) + + The previous fix couldn't work on platforms using a RO + rootfs. Therefore we don't ship /usr/lib/systemd/system/tmp.mnt but + we still ship a copy in /var. + + Users who want to use tmpfs on /tmp are supposed to add a symlink in + /etc/ pointing to the copy shipped in /var. + + To support the update path we automatically create the symlink if + tmp.mount in use is located in /usr. + +------------------------------------------------------------------- +Tue Feb 6 16:11:40 UTC 2018 - fbui@suse.com + +- Don't build seccomp support in the mini package + +------------------------------------------------------------------- +Tue Feb 6 15:12:42 UTC 2018 - fbui@suse.com + +- Switch to Meson build system + + Some rearrangement in the file list was also needed. That was + probably due to the upgrade of rpm. + +------------------------------------------------------------------- +Tue Feb 6 14:54:57 UTC 2018 - fbui@suse.com + +- Import commit 0a5600eb7f8263c7c79fec0d85cc159d54aba636 + + 2a181fc6f insserv-generator: make it build with meson + 7b0401da4 build-sys: don't build networkctl if networkd is disabled + +------------------------------------------------------------------- +Tue Feb 6 09:27:59 UTC 2018 - fbui@suse.com + +- Don't build-require selinux for the mini package + +------------------------------------------------------------------- +Tue Feb 6 08:56:33 UTC 2018 - fbui@suse.com + +- Drop libgcrypt.m4 + + The mini package builds fine without it so it doesn't seem necessary + anymore. + +------------------------------------------------------------------- +Mon Feb 5 20:25:31 UTC 2018 - fbui@suse.com + +- Import commit 846d838c37865da60eba48090e570e959291399f + + b1e0a348d fileio: include sys/mman.h + f1fa784cb meson: update header file to detect memfd_create() + 8838ba7ec meson: define _GNU_SOURCE to detect copy_file_range() (#7734) + 531a00c84 Restore "restore /var/run and /var/lock bind mount if they aren't symlink"" + + (the 3 first commits make systemd build against glibc 2.27) + +------------------------------------------------------------------- +Mon Feb 5 10:01:37 UTC 2018 - fbui@suse.com + +- Import commit 3f421e4fbf6fcb31d74caf729435868ba8824483 + + 7fb9ea39a Revert "restore /var/run and /var/lock bind mount if they aren't symlink" + 23ce1207a meson.build: make docdir configurable (#8068) + ------------------------------------------------------------------- Fri Feb 2 08:56:04 UTC 2018 - fbui@suse.com diff --git a/systemd-mini.spec b/systemd-mini.spec index 7b940175..003b565f 100644 --- a/systemd-mini.spec +++ b/systemd-mini.spec @@ -69,6 +69,10 @@ BuildRequires: pkgconfig(libcryptsetup) >= 1.6.0 BuildRequires: pkgconfig(liblz4) BuildRequires: pkgconfig(liblzma) BuildRequires: pkgconfig(libqrencode) +BuildRequires: pkgconfig(libselinux) >= 2.1.9 +%ifarch aarch64 %ix86 x86_64 x32 %arm ppc64le s390x +BuildRequires: pkgconfig(libseccomp) >= 2.3.1 +%endif %endif BuildRequires: fdupes BuildRequires: gperf @@ -76,8 +80,8 @@ BuildRequires: intltool BuildRequires: libacl-devel BuildRequires: libcap-devel BuildRequires: libmount-devel >= 2.27.1 -BuildRequires: libsepol-devel -BuildRequires: libtool +BuildRequires: m4 +BuildRequires: meson >= 0.43 BuildRequires: pam-devel # regenerate_initrd_post macro is expanded during build, hence this # BR. Also this macro was introduced since version 12.4. @@ -87,8 +91,6 @@ BuildRequires: pkgconfig(blkid) >= 2.26 BuildRequires: pkgconfig(libkmod) >= 15 BuildRequires: pkgconfig(libpci) >= 3 BuildRequires: pkgconfig(libpcre) -BuildRequires: pkgconfig(libselinux) >= 2.1.9 -BuildRequires: pkgconfig(libsepol) %if %{with importd} BuildRequires: pkgconfig(bzip2) BuildRequires: pkgconfig(libcurl) @@ -98,9 +100,6 @@ BuildRequires: pkgconfig(zlib) BuildRequires: pkgconfig(libcurl) BuildRequires: pkgconfig(libmicrohttpd) >= 0.9.33 %endif -%ifarch aarch64 %ix86 x86_64 x32 %arm ppc64le s390x -BuildRequires: pkgconfig(libseccomp) >= 2.3.1 -%endif %if %{with gnuefi} BuildRequires: gnu-efi %endif @@ -144,11 +143,9 @@ Source1: %{name}-rpmlintrc Source2: systemd-user Source3: systemd-sysv-convert Source6: baselibs.conf -Source7: libgcrypt.m4 Source11: after-local.service Source12: systemd-sysv-install Source14: kbd-model-map.legacy -Source15: suse-disable-tmpfs-for-tmp.service Source100: scripts-systemd-fix-machines-btrfs-subvol.sh Source101: scripts-systemd-upgrade-from-pre-210.sh @@ -163,8 +160,6 @@ Source1065: udev-remount-tmpfs # patches are temporary and should be removed as soon as a fix is # merged by upstream. -# Empty - %description Systemd is a system and service manager, compatible with SysV and LSB init scripts for Linux. systemd provides aggressive parallelization @@ -410,62 +405,52 @@ Some systemd commands offer bash completion, but it is an optional dependency. %setup -q -n systemd-%{version} # %autopatch -p1 -# only needed for bootstrap -%if 0%{?bootstrap} -cp %{SOURCE7} m4/ -%endif - %build -./autogen.sh - # keep split-usr until all packages have moved their systemd rules to /usr -%configure \ - --docdir=%{_docdir}/systemd \ - --with-pamlibdir=/%{_lib}/security \ - --with-dbuspolicydir=%{_sysconfdir}/dbus-1/system.d \ - --with-dbussessionservicedir=%{_datadir}/dbus-1/services \ - --with-dbussystemservicedir=%{_datadir}/dbus-1/system-services \ - --with-certificate-root=%{_sysconfdir}/pki/systemd \ +%meson \ + -Ddocdir=%{_docdir}/systemd \ + -Drootprefix=/usr \ + -Dsplit-usr=true \ + -Dpamlibdir=/%{_lib}/security \ + -Drpmmacrosdir=%{_prefix}/lib/rpm/macros.d \ + -Dcertificate-root=%{_sysconfdir}/pki/systemd \ + -Ddefault-hierarchy=hybrid \ + -Ddefault-kill-user-processes=false \ + -Drc-local=/etc/init.d/boot.local \ + -Dhalt-local=/etc/init.d/halt.local \ + -Ddebug-shell=/bin/bash \ + -Dseccomp=auto \ + -Dselinux=auto \ + -Dapparmor=auto \ + -Dsmack=false \ + -Dima=false \ %if 0%{?bootstrap} - --disable-myhostname \ - --disable-manpages \ + -Dman=false \ + -Dhtml=false \ + -Dmyhostname=false \ %endif - --enable-selinux \ - --enable-split-usr \ - --disable-static \ - --disable-lto \ - --disable-tests \ - --without-kill-user-processes \ - --with-default-hierarchy=hybrid \ - --with-rc-local-script-path-start=/etc/init.d/boot.local \ - --with-rc-local-script-path-stop=/etc/init.d/halt.local \ - --with-debug-shell=/bin/bash \ - --disable-smack \ - --disable-ima \ - --disable-adm-group \ - --disable-wheel-group \ - --disable-ldconfig \ - --disable-gshadow \ %if %{without networkd} - --disable-networkd \ -%endif -%if %{without machined} - --disable-machined \ -%endif -%if %{without sysvcompat} - --with-sysvinit-path= \ - --with-sysvrcnd-path= \ + -Dnetworkd=false \ %endif %if %{without resolved} - --disable-resolved \ + -Dresolve=false \ %endif - --disable-kdbus +%if %{without machined} + -Dmachined=false \ +%endif +%if %{without sysvcompat} + -Dsysvinit-path= \ + -Dsysvrcnd-path= \ +%endif + -Dadm-group=false \ + -Dwheel-group=false \ + -Dgshadow=false \ + -Dldconfig=false -%make_build V=e +%meson_build %install -%make_install -find %{buildroot} -type f -name '*.la' -delete +%meson_install # move to %{_lib} %if ! 0%{?bootstrap} @@ -481,13 +466,12 @@ ln -sf %{_bindir}/systemd-ask-password %{buildroot}/bin/systemd-ask-password ln -sf %{_bindir}/systemctl %{buildroot}/bin/systemctl ln -sf %{_prefix}/lib/systemd/systemd-udevd %{buildroot}/sbin/udevd -install -m755 -D %{S:1065} %{buildroot}/%{_prefix}/lib/udev/remount-tmpfs - mkdir -p %{buildroot}%{_localstatedir}/lib/systemd/sysv-convert mkdir -p %{buildroot}%{_localstatedir}/lib/systemd/migrated install -m0755 -D %{S:3} %{buildroot}/%{_sbindir}/systemd-sysv-convert install -m0755 -D %{S:12} %{buildroot}/%{_prefix}/lib/systemd/systemd-sysv-install +install -m0755 -D %{S:1065} %{buildroot}/%{_prefix}/lib/udev/remount-tmpfs # Package the scripts used to fix all packaging issues. Also drop the # "scripts-{systemd/udev}" prefix which is used because osc doesn't @@ -514,10 +498,11 @@ rm -f %{buildroot}/etc/systemd/system/default.target # customized for openSUSE distros. install -m0644 %{S:2} %{buildroot}%{_sysconfdir}/pam.d/ -# Install the service which will disable/mask tmpfs for /tmp (if -# needed) on first boot. -install -m0644 -D %{S:15} %{buildroot}/%{_prefix}/lib/systemd/system/suse-disable-tmpfs-for-tmp.service -ln -s ../suse-disable-tmpfs-for-tmp.service %{buildroot}/%{_prefix}/lib/systemd/system/sysinit.target.wants/ +# Remove tmp.mount from the unit search path as /tmp doesn't use tmpfs +# by default on SUSE distros. We still keep a copy in /var for those +# who want to switch to tmpfs: it's still can be copied in /etc. +rm %{buildroot}/%{_prefix}/lib/systemd/system/local-fs.target.wants/tmp.mount +mv %{buildroot}/%{_prefix}/lib/systemd/system/tmp.mount %{buildroot}/%{_datadir}/systemd/ # don't enable wall ask password service, it spams every console (bnc#747783) rm %{buildroot}%{_prefix}/lib/systemd/system/multi-user.target.wants/systemd-ask-password-wall.path @@ -529,10 +514,6 @@ cat << EOF > %{buildroot}%{_libexecdir}/modules-load.d/sg.conf sg EOF -# Remove .so file for the shared library, it's not supposed to be -# used. -rm %{buildroot}%{_libexecdir}/systemd/libsystemd-shared.so - # do not ship sysctl defaults in systemd package, will be part of # aaa_base (in procps for now) rm -f %{buildroot}%{_prefix}/lib/sysctl.d/50-default.conf @@ -653,13 +634,10 @@ cat %{S:14} >>%{buildroot}%{_datarootdir}/systemd/kbd-model-map # so keep the section even if it's empty. %pre if [ $1 -gt 1 ] ; then - # Check if tmp.mount has been restored by either the admin or - # was added at package installation. In both cases do nothing - # and prevent the service to be executed during %post for the - # former case. - if test -e %{_unitdir}/tmp.mount; then - touch %{_unitdir}/.disable-tmpfs-for-tmp~done - fi + case "$(systemctl show -pFragmentPath tmp.mount)" in + FragmentPath=/usr/lib/systemd/system/tmp.mount) + ln -sf %{_datadir}/systemd/tmp.mount /etc/systemd/system/ || : + esac fi %post @@ -734,13 +712,6 @@ if [ $1 -gt 1 ]; then # tmpfiles_create macro previously however it's empty so there # shouldn't be any issues. %{_prefix}/lib/systemd/scripts/fix-machines-btrfs-subvol.sh || : - - # Should we mask tmpfs ? If tmp.mount was already installed in - # /usr/lib then this is a nop as sysadmin restored the unit - # most likely to use tmpfs (see %pre) otherwise mask the mount - # unit unless it's overriden by a tmp.mount unit installed - # either by sysadmin or fstab-generator. - systemctl start suse-disable-tmpfs-for-tmp.service || : fi %postun @@ -902,14 +873,16 @@ fi %dir %{_prefix}/lib/systemd %dir %{_prefix}/lib/systemd/user %dir %{_prefix}/lib/systemd/system -%exclude %{_prefix}/lib/systemd/systemd-journal-gatewayd -%exclude %{_prefix}/lib/systemd/systemd-journal-remote -%exclude %{_prefix}/lib/systemd/systemd-journal-upload -%exclude %{_prefix}/lib/systemd/systemd-sysv* -%exclude %{_prefix}/lib/systemd/systemd-udevd +%if %{with journal_remote} %exclude %{_prefix}/lib/systemd/system/systemd-journal-gatewayd.* %exclude %{_prefix}/lib/systemd/system/systemd-journal-remote.* %exclude %{_prefix}/lib/systemd/system/systemd-journal-upload.* +%exclude %{_prefix}/lib/systemd/systemd-journal-gatewayd +%exclude %{_prefix}/lib/systemd/systemd-journal-remote +%exclude %{_prefix}/lib/systemd/systemd-journal-upload +%endif +%exclude %{_prefix}/lib/systemd/systemd-sysv* +%exclude %{_prefix}/lib/systemd/systemd-udevd %exclude %{_prefix}/lib/systemd/system/systemd-udev*.* %exclude %{_prefix}/lib/systemd/system/*.target.wants/systemd-udev*.* %exclude %{_prefix}/lib/systemd/system/initrd-udevadm-cleanup-db.service @@ -963,11 +936,13 @@ fi %{_libexecdir}/modules-load.d/sg.conf %{_libexecdir}/sysusers.d/ -%exclude %{_libexecdir}/sysusers.d/systemd-remote.conf - %dir %{_sysconfdir}/tmpfiles.d %{_libexecdir}/tmpfiles.d/ + +%if %{with journal_remote} +%exclude %{_libexecdir}/sysusers.d/systemd-remote.conf %exclude %{_libexecdir}/tmpfiles.d/systemd-remote.conf +%endif %{_libexecdir}/environment.d/ @@ -981,12 +956,12 @@ fi %dir %{_sysconfdir}/X11/xinit %dir %{_sysconfdir}/X11/xinit/xinitrc.d %dir %{_sysconfdir}/X11/xorg.conf.d -%dir %{_sysconfdir}/dbus-1 -%dir %{_sysconfdir}/dbus-1/system.d %dir %{_sysconfdir}/systemd %dir %{_sysconfdir}/systemd/system %dir %{_sysconfdir}/systemd/user +%if %{with networkd} %dir %{_sysconfdir}/systemd/network +%endif %dir %{_sysconfdir}/xdg/systemd %{_sysconfdir}/xdg/systemd/user %{_sysconfdir}/X11/xinit/xinitrc.d/50-systemd-user.sh @@ -1001,27 +976,33 @@ fi %if %{with resolved} %config(noreplace) %{_sysconfdir}/systemd/resolved.conf %endif -%config(noreplace) %{_sysconfdir}/dbus-1/system.d/org.freedesktop.locale1.conf -%config(noreplace) %{_sysconfdir}/dbus-1/system.d/org.freedesktop.login1.conf -%config(noreplace) %{_sysconfdir}/dbus-1/system.d/org.freedesktop.systemd1.conf -%config(noreplace) %{_sysconfdir}/dbus-1/system.d/org.freedesktop.hostname1.conf -%config(noreplace) %{_sysconfdir}/dbus-1/system.d/org.freedesktop.timedate1.conf + +%dir %{_datadir}/dbus-1 +%dir %{_datadir}/dbus-1/system.d +%dir %{_datadir}/dbus-1/services +%dir %{_datadir}/dbus-1/system-services + +%{_datadir}/dbus-1/system.d/org.freedesktop.locale1.conf +%{_datadir}/dbus-1/system.d/org.freedesktop.login1.conf +%{_datadir}/dbus-1/system.d/org.freedesktop.systemd1.conf +%{_datadir}/dbus-1/system.d/org.freedesktop.hostname1.conf +%{_datadir}/dbus-1/system.d/org.freedesktop.timedate1.conf %if %{with machined} -%config(noreplace) %{_sysconfdir}/dbus-1/system.d/org.freedesktop.machine1.conf +%{_datadir}/dbus-1/system.d/org.freedesktop.machine1.conf %endif %if %{with networkd} %{_sysconfdir}/systemd/system/dbus-org.freedesktop.network1.service -%config(noreplace) %{_sysconfdir}/dbus-1/system.d/org.freedesktop.network1.conf +%{_datadir}/dbus-1/system.d/org.freedesktop.network1.conf %endif %if %{with resolved} %{_sysconfdir}/systemd/system/dbus-org.freedesktop.resolve1.service -%config(noreplace) %{_sysconfdir}/dbus-1/system.d/org.freedesktop.resolve1.conf +%{_datadir}/dbus-1/system.d/org.freedesktop.resolve1.conf %endif %if %{with importd} -%config(noreplace) %{_sysconfdir}/dbus-1/system.d/org.freedesktop.import1.conf +%{_datadir}/dbus-1/system.d/org.freedesktop.import1.conf %endif -# Some files created by us. +# Some files created at runtime. %ghost %config(noreplace) %{_sysconfdir}/X11/xorg.conf.d/00-keyboard.conf %ghost %config(noreplace) %{_sysconfdir}/vconsole.conf %ghost %config(noreplace) %{_sysconfdir}/locale.conf @@ -1032,31 +1013,13 @@ fi %ghost %config(noreplace) %{_sysconfdir}/systemd/system/runlevel4.target %ghost %config(noreplace) %{_sysconfdir}/systemd/system/runlevel5.target -%{_prefix}/lib/systemd/system/org.freedesktop.systemd1.busname -%{_prefix}/lib/systemd/system/org.freedesktop.locale1.busname -%{_prefix}/lib/systemd/system/org.freedesktop.login1.busname -%{_prefix}/lib/systemd/system/org.freedesktop.hostname1.busname -%{_prefix}/lib/systemd/system/org.freedesktop.timedate1.busname -%if %{with networkd} -%{_prefix}/lib/systemd/system/org.freedesktop.network1.busname -%endif -%if %{with resolved} -%{_prefix}/lib/systemd/system/org.freedesktop.resolve1.busname -%endif -%if %{with machined} -%{_prefix}/lib/systemd/system/org.freedesktop.machine1.busname -%endif -%if %{with importd} -%{_prefix}/lib/systemd/system/org.freedesktop.import1.busname -%endif - %{_datadir}/systemd %{_datadir}/factory -%exclude %{_datadir}/systemd/gatewayd -%dir %{_datadir}/dbus-1 -%dir %{_datadir}/dbus-1/services -%dir %{_datadir}/dbus-1/system-services +%if %{with journal_remote} +%exclude %{_datadir}/systemd/gatewayd +%endif + %{_datadir}/dbus-1/services/org.freedesktop.systemd1.service %{_datadir}/dbus-1/system-services/org.freedesktop.systemd1.service %{_datadir}/dbus-1/system-services/org.freedesktop.locale1.service @@ -1206,7 +1169,9 @@ fi %{_prefix}/lib/systemd/system/sockets.target.wants/systemd-udev*.socket %dir %{_prefix}/lib/systemd/network %{_prefix}/lib/systemd/network/*.link +%if %{with networkd} %{_prefix}/lib/systemd/network/*.network +%endif %{_datadir}/pkgconfig/udev.pc %files -n libsystemd0%{?mini} diff --git a/systemd.changes b/systemd.changes index 0fd8a7e7..4b3c533d 100644 --- a/systemd.changes +++ b/systemd.changes @@ -1,3 +1,82 @@ +------------------------------------------------------------------- +Fri Feb 9 14:01:24 UTC 2018 - fbui@suse.com + +- Import commit 4a6a1e4f0b02e6cedf7eba93b85a6dd968f875c7 + + db1d8eacd compat-rules: make path_id_compat build with meson + +- Drop 0001-compat-rules-make-path_id_compat-build-with-meson.patch + which is now part of the git repo (see above). + +------------------------------------------------------------------- +Fri Feb 9 07:59:56 UTC 2018 - fbui@suse.com + +- Don't ship /usr/lib/systemd/system/tmp.mnt at all (bsc#1071224) + + The previous fix couldn't work on platforms using a RO + rootfs. Therefore we don't ship /usr/lib/systemd/system/tmp.mnt but + we still ship a copy in /var. + + Users who want to use tmpfs on /tmp are supposed to add a symlink in + /etc/ pointing to the copy shipped in /var. + + To support the update path we automatically create the symlink if + tmp.mount in use is located in /usr. + +------------------------------------------------------------------- +Tue Feb 6 16:11:40 UTC 2018 - fbui@suse.com + +- Don't build seccomp support in the mini package + +------------------------------------------------------------------- +Tue Feb 6 15:12:42 UTC 2018 - fbui@suse.com + +- Switch to Meson build system + + Some rearrangement in the file list was also needed. That was + probably due to the upgrade of rpm. + +------------------------------------------------------------------- +Tue Feb 6 14:54:57 UTC 2018 - fbui@suse.com + +- Import commit 0a5600eb7f8263c7c79fec0d85cc159d54aba636 + + 2a181fc6f insserv-generator: make it build with meson + 7b0401da4 build-sys: don't build networkctl if networkd is disabled + +------------------------------------------------------------------- +Tue Feb 6 09:27:59 UTC 2018 - fbui@suse.com + +- Don't build-require selinux for the mini package + +------------------------------------------------------------------- +Tue Feb 6 08:56:33 UTC 2018 - fbui@suse.com + +- Drop libgcrypt.m4 + + The mini package builds fine without it so it doesn't seem necessary + anymore. + +------------------------------------------------------------------- +Mon Feb 5 20:25:31 UTC 2018 - fbui@suse.com + +- Import commit 846d838c37865da60eba48090e570e959291399f + + b1e0a348d fileio: include sys/mman.h + f1fa784cb meson: update header file to detect memfd_create() + 8838ba7ec meson: define _GNU_SOURCE to detect copy_file_range() (#7734) + 531a00c84 Restore "restore /var/run and /var/lock bind mount if they aren't symlink"" + + (the 3 first commits make systemd build against glibc 2.27) + +------------------------------------------------------------------- +Mon Feb 5 10:01:37 UTC 2018 - fbui@suse.com + +- Import commit 3f421e4fbf6fcb31d74caf729435868ba8824483 + + 7fb9ea39a Revert "restore /var/run and /var/lock bind mount if they aren't symlink" + 23ce1207a meson.build: make docdir configurable (#8068) + ------------------------------------------------------------------- Fri Feb 2 08:56:04 UTC 2018 - fbui@suse.com diff --git a/systemd.spec b/systemd.spec index 80b8c033..351d9636 100644 --- a/systemd.spec +++ b/systemd.spec @@ -67,6 +67,10 @@ BuildRequires: pkgconfig(libcryptsetup) >= 1.6.0 BuildRequires: pkgconfig(liblz4) BuildRequires: pkgconfig(liblzma) BuildRequires: pkgconfig(libqrencode) +BuildRequires: pkgconfig(libselinux) >= 2.1.9 +%ifarch aarch64 %ix86 x86_64 x32 %arm ppc64le s390x +BuildRequires: pkgconfig(libseccomp) >= 2.3.1 +%endif %endif BuildRequires: fdupes BuildRequires: gperf @@ -74,8 +78,8 @@ BuildRequires: intltool BuildRequires: libacl-devel BuildRequires: libcap-devel BuildRequires: libmount-devel >= 2.27.1 -BuildRequires: libsepol-devel -BuildRequires: libtool +BuildRequires: m4 +BuildRequires: meson >= 0.43 BuildRequires: pam-devel # regenerate_initrd_post macro is expanded during build, hence this # BR. Also this macro was introduced since version 12.4. @@ -85,8 +89,6 @@ BuildRequires: pkgconfig(blkid) >= 2.26 BuildRequires: pkgconfig(libkmod) >= 15 BuildRequires: pkgconfig(libpci) >= 3 BuildRequires: pkgconfig(libpcre) -BuildRequires: pkgconfig(libselinux) >= 2.1.9 -BuildRequires: pkgconfig(libsepol) %if %{with importd} BuildRequires: pkgconfig(bzip2) BuildRequires: pkgconfig(libcurl) @@ -96,9 +98,6 @@ BuildRequires: pkgconfig(zlib) BuildRequires: pkgconfig(libcurl) BuildRequires: pkgconfig(libmicrohttpd) >= 0.9.33 %endif -%ifarch aarch64 %ix86 x86_64 x32 %arm ppc64le s390x -BuildRequires: pkgconfig(libseccomp) >= 2.3.1 -%endif %if %{with gnuefi} BuildRequires: gnu-efi %endif @@ -142,11 +141,9 @@ Source1: %{name}-rpmlintrc Source2: systemd-user Source3: systemd-sysv-convert Source6: baselibs.conf -Source7: libgcrypt.m4 Source11: after-local.service Source12: systemd-sysv-install Source14: kbd-model-map.legacy -Source15: suse-disable-tmpfs-for-tmp.service Source100: scripts-systemd-fix-machines-btrfs-subvol.sh Source101: scripts-systemd-upgrade-from-pre-210.sh @@ -161,8 +158,6 @@ Source1065: udev-remount-tmpfs # patches are temporary and should be removed as soon as a fix is # merged by upstream. -# Empty - %description Systemd is a system and service manager, compatible with SysV and LSB init scripts for Linux. systemd provides aggressive parallelization @@ -408,62 +403,52 @@ Some systemd commands offer bash completion, but it is an optional dependency. %setup -q -n systemd-%{version} # %autopatch -p1 -# only needed for bootstrap -%if 0%{?bootstrap} -cp %{SOURCE7} m4/ -%endif - %build -./autogen.sh - # keep split-usr until all packages have moved their systemd rules to /usr -%configure \ - --docdir=%{_docdir}/systemd \ - --with-pamlibdir=/%{_lib}/security \ - --with-dbuspolicydir=%{_sysconfdir}/dbus-1/system.d \ - --with-dbussessionservicedir=%{_datadir}/dbus-1/services \ - --with-dbussystemservicedir=%{_datadir}/dbus-1/system-services \ - --with-certificate-root=%{_sysconfdir}/pki/systemd \ +%meson \ + -Ddocdir=%{_docdir}/systemd \ + -Drootprefix=/usr \ + -Dsplit-usr=true \ + -Dpamlibdir=/%{_lib}/security \ + -Drpmmacrosdir=%{_prefix}/lib/rpm/macros.d \ + -Dcertificate-root=%{_sysconfdir}/pki/systemd \ + -Ddefault-hierarchy=hybrid \ + -Ddefault-kill-user-processes=false \ + -Drc-local=/etc/init.d/boot.local \ + -Dhalt-local=/etc/init.d/halt.local \ + -Ddebug-shell=/bin/bash \ + -Dseccomp=auto \ + -Dselinux=auto \ + -Dapparmor=auto \ + -Dsmack=false \ + -Dima=false \ %if 0%{?bootstrap} - --disable-myhostname \ - --disable-manpages \ + -Dman=false \ + -Dhtml=false \ + -Dmyhostname=false \ %endif - --enable-selinux \ - --enable-split-usr \ - --disable-static \ - --disable-lto \ - --disable-tests \ - --without-kill-user-processes \ - --with-default-hierarchy=hybrid \ - --with-rc-local-script-path-start=/etc/init.d/boot.local \ - --with-rc-local-script-path-stop=/etc/init.d/halt.local \ - --with-debug-shell=/bin/bash \ - --disable-smack \ - --disable-ima \ - --disable-adm-group \ - --disable-wheel-group \ - --disable-ldconfig \ - --disable-gshadow \ %if %{without networkd} - --disable-networkd \ -%endif -%if %{without machined} - --disable-machined \ -%endif -%if %{without sysvcompat} - --with-sysvinit-path= \ - --with-sysvrcnd-path= \ + -Dnetworkd=false \ %endif %if %{without resolved} - --disable-resolved \ + -Dresolve=false \ %endif - --disable-kdbus +%if %{without machined} + -Dmachined=false \ +%endif +%if %{without sysvcompat} + -Dsysvinit-path= \ + -Dsysvrcnd-path= \ +%endif + -Dadm-group=false \ + -Dwheel-group=false \ + -Dgshadow=false \ + -Dldconfig=false -%make_build V=e +%meson_build %install -%make_install -find %{buildroot} -type f -name '*.la' -delete +%meson_install # move to %{_lib} %if ! 0%{?bootstrap} @@ -479,13 +464,12 @@ ln -sf %{_bindir}/systemd-ask-password %{buildroot}/bin/systemd-ask-password ln -sf %{_bindir}/systemctl %{buildroot}/bin/systemctl ln -sf %{_prefix}/lib/systemd/systemd-udevd %{buildroot}/sbin/udevd -install -m755 -D %{S:1065} %{buildroot}/%{_prefix}/lib/udev/remount-tmpfs - mkdir -p %{buildroot}%{_localstatedir}/lib/systemd/sysv-convert mkdir -p %{buildroot}%{_localstatedir}/lib/systemd/migrated install -m0755 -D %{S:3} %{buildroot}/%{_sbindir}/systemd-sysv-convert install -m0755 -D %{S:12} %{buildroot}/%{_prefix}/lib/systemd/systemd-sysv-install +install -m0755 -D %{S:1065} %{buildroot}/%{_prefix}/lib/udev/remount-tmpfs # Package the scripts used to fix all packaging issues. Also drop the # "scripts-{systemd/udev}" prefix which is used because osc doesn't @@ -512,10 +496,11 @@ rm -f %{buildroot}/etc/systemd/system/default.target # customized for openSUSE distros. install -m0644 %{S:2} %{buildroot}%{_sysconfdir}/pam.d/ -# Install the service which will disable/mask tmpfs for /tmp (if -# needed) on first boot. -install -m0644 -D %{S:15} %{buildroot}/%{_prefix}/lib/systemd/system/suse-disable-tmpfs-for-tmp.service -ln -s ../suse-disable-tmpfs-for-tmp.service %{buildroot}/%{_prefix}/lib/systemd/system/sysinit.target.wants/ +# Remove tmp.mount from the unit search path as /tmp doesn't use tmpfs +# by default on SUSE distros. We still keep a copy in /var for those +# who want to switch to tmpfs: it's still can be copied in /etc. +rm %{buildroot}/%{_prefix}/lib/systemd/system/local-fs.target.wants/tmp.mount +mv %{buildroot}/%{_prefix}/lib/systemd/system/tmp.mount %{buildroot}/%{_datadir}/systemd/ # don't enable wall ask password service, it spams every console (bnc#747783) rm %{buildroot}%{_prefix}/lib/systemd/system/multi-user.target.wants/systemd-ask-password-wall.path @@ -527,10 +512,6 @@ cat << EOF > %{buildroot}%{_libexecdir}/modules-load.d/sg.conf sg EOF -# Remove .so file for the shared library, it's not supposed to be -# used. -rm %{buildroot}%{_libexecdir}/systemd/libsystemd-shared.so - # do not ship sysctl defaults in systemd package, will be part of # aaa_base (in procps for now) rm -f %{buildroot}%{_prefix}/lib/sysctl.d/50-default.conf @@ -651,13 +632,10 @@ cat %{S:14} >>%{buildroot}%{_datarootdir}/systemd/kbd-model-map # so keep the section even if it's empty. %pre if [ $1 -gt 1 ] ; then - # Check if tmp.mount has been restored by either the admin or - # was added at package installation. In both cases do nothing - # and prevent the service to be executed during %post for the - # former case. - if test -e %{_unitdir}/tmp.mount; then - touch %{_unitdir}/.disable-tmpfs-for-tmp~done - fi + case "$(systemctl show -pFragmentPath tmp.mount)" in + FragmentPath=/usr/lib/systemd/system/tmp.mount) + ln -sf %{_datadir}/systemd/tmp.mount /etc/systemd/system/ || : + esac fi %post @@ -732,13 +710,6 @@ if [ $1 -gt 1 ]; then # tmpfiles_create macro previously however it's empty so there # shouldn't be any issues. %{_prefix}/lib/systemd/scripts/fix-machines-btrfs-subvol.sh || : - - # Should we mask tmpfs ? If tmp.mount was already installed in - # /usr/lib then this is a nop as sysadmin restored the unit - # most likely to use tmpfs (see %pre) otherwise mask the mount - # unit unless it's overriden by a tmp.mount unit installed - # either by sysadmin or fstab-generator. - systemctl start suse-disable-tmpfs-for-tmp.service || : fi %postun @@ -900,14 +871,16 @@ fi %dir %{_prefix}/lib/systemd %dir %{_prefix}/lib/systemd/user %dir %{_prefix}/lib/systemd/system -%exclude %{_prefix}/lib/systemd/systemd-journal-gatewayd -%exclude %{_prefix}/lib/systemd/systemd-journal-remote -%exclude %{_prefix}/lib/systemd/systemd-journal-upload -%exclude %{_prefix}/lib/systemd/systemd-sysv* -%exclude %{_prefix}/lib/systemd/systemd-udevd +%if %{with journal_remote} %exclude %{_prefix}/lib/systemd/system/systemd-journal-gatewayd.* %exclude %{_prefix}/lib/systemd/system/systemd-journal-remote.* %exclude %{_prefix}/lib/systemd/system/systemd-journal-upload.* +%exclude %{_prefix}/lib/systemd/systemd-journal-gatewayd +%exclude %{_prefix}/lib/systemd/systemd-journal-remote +%exclude %{_prefix}/lib/systemd/systemd-journal-upload +%endif +%exclude %{_prefix}/lib/systemd/systemd-sysv* +%exclude %{_prefix}/lib/systemd/systemd-udevd %exclude %{_prefix}/lib/systemd/system/systemd-udev*.* %exclude %{_prefix}/lib/systemd/system/*.target.wants/systemd-udev*.* %exclude %{_prefix}/lib/systemd/system/initrd-udevadm-cleanup-db.service @@ -961,11 +934,13 @@ fi %{_libexecdir}/modules-load.d/sg.conf %{_libexecdir}/sysusers.d/ -%exclude %{_libexecdir}/sysusers.d/systemd-remote.conf - %dir %{_sysconfdir}/tmpfiles.d %{_libexecdir}/tmpfiles.d/ + +%if %{with journal_remote} +%exclude %{_libexecdir}/sysusers.d/systemd-remote.conf %exclude %{_libexecdir}/tmpfiles.d/systemd-remote.conf +%endif %{_libexecdir}/environment.d/ @@ -979,12 +954,12 @@ fi %dir %{_sysconfdir}/X11/xinit %dir %{_sysconfdir}/X11/xinit/xinitrc.d %dir %{_sysconfdir}/X11/xorg.conf.d -%dir %{_sysconfdir}/dbus-1 -%dir %{_sysconfdir}/dbus-1/system.d %dir %{_sysconfdir}/systemd %dir %{_sysconfdir}/systemd/system %dir %{_sysconfdir}/systemd/user +%if %{with networkd} %dir %{_sysconfdir}/systemd/network +%endif %dir %{_sysconfdir}/xdg/systemd %{_sysconfdir}/xdg/systemd/user %{_sysconfdir}/X11/xinit/xinitrc.d/50-systemd-user.sh @@ -999,27 +974,33 @@ fi %if %{with resolved} %config(noreplace) %{_sysconfdir}/systemd/resolved.conf %endif -%config(noreplace) %{_sysconfdir}/dbus-1/system.d/org.freedesktop.locale1.conf -%config(noreplace) %{_sysconfdir}/dbus-1/system.d/org.freedesktop.login1.conf -%config(noreplace) %{_sysconfdir}/dbus-1/system.d/org.freedesktop.systemd1.conf -%config(noreplace) %{_sysconfdir}/dbus-1/system.d/org.freedesktop.hostname1.conf -%config(noreplace) %{_sysconfdir}/dbus-1/system.d/org.freedesktop.timedate1.conf + +%dir %{_datadir}/dbus-1 +%dir %{_datadir}/dbus-1/system.d +%dir %{_datadir}/dbus-1/services +%dir %{_datadir}/dbus-1/system-services + +%{_datadir}/dbus-1/system.d/org.freedesktop.locale1.conf +%{_datadir}/dbus-1/system.d/org.freedesktop.login1.conf +%{_datadir}/dbus-1/system.d/org.freedesktop.systemd1.conf +%{_datadir}/dbus-1/system.d/org.freedesktop.hostname1.conf +%{_datadir}/dbus-1/system.d/org.freedesktop.timedate1.conf %if %{with machined} -%config(noreplace) %{_sysconfdir}/dbus-1/system.d/org.freedesktop.machine1.conf +%{_datadir}/dbus-1/system.d/org.freedesktop.machine1.conf %endif %if %{with networkd} %{_sysconfdir}/systemd/system/dbus-org.freedesktop.network1.service -%config(noreplace) %{_sysconfdir}/dbus-1/system.d/org.freedesktop.network1.conf +%{_datadir}/dbus-1/system.d/org.freedesktop.network1.conf %endif %if %{with resolved} %{_sysconfdir}/systemd/system/dbus-org.freedesktop.resolve1.service -%config(noreplace) %{_sysconfdir}/dbus-1/system.d/org.freedesktop.resolve1.conf +%{_datadir}/dbus-1/system.d/org.freedesktop.resolve1.conf %endif %if %{with importd} -%config(noreplace) %{_sysconfdir}/dbus-1/system.d/org.freedesktop.import1.conf +%{_datadir}/dbus-1/system.d/org.freedesktop.import1.conf %endif -# Some files created by us. +# Some files created at runtime. %ghost %config(noreplace) %{_sysconfdir}/X11/xorg.conf.d/00-keyboard.conf %ghost %config(noreplace) %{_sysconfdir}/vconsole.conf %ghost %config(noreplace) %{_sysconfdir}/locale.conf @@ -1030,31 +1011,13 @@ fi %ghost %config(noreplace) %{_sysconfdir}/systemd/system/runlevel4.target %ghost %config(noreplace) %{_sysconfdir}/systemd/system/runlevel5.target -%{_prefix}/lib/systemd/system/org.freedesktop.systemd1.busname -%{_prefix}/lib/systemd/system/org.freedesktop.locale1.busname -%{_prefix}/lib/systemd/system/org.freedesktop.login1.busname -%{_prefix}/lib/systemd/system/org.freedesktop.hostname1.busname -%{_prefix}/lib/systemd/system/org.freedesktop.timedate1.busname -%if %{with networkd} -%{_prefix}/lib/systemd/system/org.freedesktop.network1.busname -%endif -%if %{with resolved} -%{_prefix}/lib/systemd/system/org.freedesktop.resolve1.busname -%endif -%if %{with machined} -%{_prefix}/lib/systemd/system/org.freedesktop.machine1.busname -%endif -%if %{with importd} -%{_prefix}/lib/systemd/system/org.freedesktop.import1.busname -%endif - %{_datadir}/systemd %{_datadir}/factory -%exclude %{_datadir}/systemd/gatewayd -%dir %{_datadir}/dbus-1 -%dir %{_datadir}/dbus-1/services -%dir %{_datadir}/dbus-1/system-services +%if %{with journal_remote} +%exclude %{_datadir}/systemd/gatewayd +%endif + %{_datadir}/dbus-1/services/org.freedesktop.systemd1.service %{_datadir}/dbus-1/system-services/org.freedesktop.systemd1.service %{_datadir}/dbus-1/system-services/org.freedesktop.locale1.service @@ -1204,7 +1167,9 @@ fi %{_prefix}/lib/systemd/system/sockets.target.wants/systemd-udev*.socket %dir %{_prefix}/lib/systemd/network %{_prefix}/lib/systemd/network/*.link +%if %{with networkd} %{_prefix}/lib/systemd/network/*.network +%endif %{_datadir}/pkgconfig/udev.pc %files -n libsystemd0%{?mini}