forked from pool/systemd
Accepting request 834932 from Base:System
OBS-URL: https://build.opensuse.org/request/show/834932 OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/systemd?expand=0&rev=316
This commit is contained in:
parent
cf0713e8c1
commit
f34966767e
@ -0,0 +1,80 @@
|
||||
From f98af900e625b15862f9173a5c55662d4cee7356 Mon Sep 17 00:00:00 2001
|
||||
From: Frederic Crozat <fcrozat@suse.com>
|
||||
Date: Mon, 29 Oct 2012 13:01:20 +0000
|
||||
Subject: [PATCH 01/12] restore /var/run and /var/lock bind mount if they
|
||||
aren't symlink
|
||||
|
||||
---
|
||||
units/meson.build | 2 ++
|
||||
units/var-lock.mount | 19 +++++++++++++++++++
|
||||
units/var-run.mount | 19 +++++++++++++++++++
|
||||
3 files changed, 40 insertions(+)
|
||||
create mode 100644 units/var-lock.mount
|
||||
create mode 100644 units/var-run.mount
|
||||
|
||||
diff --git a/units/meson.build b/units/meson.build
|
||||
index 275daad3f4..dadc9432ef 100644
|
||||
--- a/units/meson.build
|
||||
+++ b/units/meson.build
|
||||
@@ -150,6 +150,8 @@ units = [
|
||||
['umount.target', ''],
|
||||
['usb-gadget.target', ''],
|
||||
['user.slice', ''],
|
||||
+ ['var-run.mount', 'HAVE_SYSV_COMPAT', 'local-fs.target.wants/'],
|
||||
+ ['var-lock.mount', 'HAVE_SYSV_COMPAT', 'local-fs.target.wants/'],
|
||||
['var-lib-machines.mount', 'ENABLE_MACHINED',
|
||||
'remote-fs.target.wants/ machines.target.wants/'],
|
||||
]
|
||||
diff --git a/units/var-lock.mount b/units/var-lock.mount
|
||||
new file mode 100644
|
||||
index 0000000000..07277adac3
|
||||
--- /dev/null
|
||||
+++ b/units/var-lock.mount
|
||||
@@ -0,0 +1,19 @@
|
||||
+# This file is part of systemd.
|
||||
+#
|
||||
+# systemd is free software; you can redistribute it and/or modify it
|
||||
+# under the terms of the GNU General Public License as published by
|
||||
+# the Free Software Foundation; either version 2 of the License, or
|
||||
+# (at your option) any later version.
|
||||
+
|
||||
+[Unit]
|
||||
+Description=Lock Directory
|
||||
+Before=local-fs.target
|
||||
+# skip mounting if the directory does not exist or is a symlink
|
||||
+ConditionPathIsDirectory=/var/lock
|
||||
+ConditionPathIsSymbolicLink=!/var/lock
|
||||
+
|
||||
+[Mount]
|
||||
+What=/run/lock
|
||||
+Where=/var/lock
|
||||
+Type=bind
|
||||
+Options=bind
|
||||
diff --git a/units/var-run.mount b/units/var-run.mount
|
||||
new file mode 100644
|
||||
index 0000000000..ab4da424c9
|
||||
--- /dev/null
|
||||
+++ b/units/var-run.mount
|
||||
@@ -0,0 +1,19 @@
|
||||
+# This file is part of systemd.
|
||||
+#
|
||||
+# systemd is free software; you can redistribute it and/or modify it
|
||||
+# under the terms of the GNU General Public License as published by
|
||||
+# the Free Software Foundation; either version 2 of the License, or
|
||||
+# (at your option) any later version.
|
||||
+
|
||||
+[Unit]
|
||||
+Description=Runtime Directory
|
||||
+Before=local-fs.target
|
||||
+# skip mounting if the directory does not exist or is a symlink
|
||||
+ConditionPathIsDirectory=/var/run
|
||||
+ConditionPathIsSymbolicLink=!/var/run
|
||||
+
|
||||
+[Mount]
|
||||
+What=/run
|
||||
+Where=/var/run
|
||||
+Type=bind
|
||||
+Options=bind
|
||||
--
|
||||
2.26.2
|
||||
|
@ -0,0 +1,27 @@
|
||||
From 59f2eadb29ac38803fd32fe52f1403343a7d74ac Mon Sep 17 00:00:00 2001
|
||||
From: Thomas Blume <thomas.blume@suse.com>
|
||||
Date: Tue, 25 Mar 2014 13:08:56 +0000
|
||||
Subject: [PATCH 02/12] rc-local: fix ordering startup for
|
||||
/etc/init.d/boot.local
|
||||
|
||||
[tblume: fixes bnc#869142]
|
||||
---
|
||||
units/rc-local.service.in | 2 +-
|
||||
1 file changed, 1 insertion(+), 1 deletion(-)
|
||||
|
||||
diff --git a/units/rc-local.service.in b/units/rc-local.service.in
|
||||
index 78ce69e0ae..0bcea82bed 100644
|
||||
--- a/units/rc-local.service.in
|
||||
+++ b/units/rc-local.service.in
|
||||
@@ -13,7 +13,7 @@
|
||||
Description=@RC_LOCAL_SCRIPT_PATH_START@ Compatibility
|
||||
Documentation=man:systemd-rc-local-generator(8)
|
||||
ConditionFileIsExecutable=@RC_LOCAL_SCRIPT_PATH_START@
|
||||
-After=network.target
|
||||
+After=basic.target
|
||||
|
||||
[Service]
|
||||
Type=forking
|
||||
--
|
||||
2.26.2
|
||||
|
@ -0,0 +1,43 @@
|
||||
From f299a8180f1db0680b454c0e37696891361e3067 Mon Sep 17 00:00:00 2001
|
||||
From: Frederic Crozat <fcrozat@suse.com>
|
||||
Date: Tue, 28 May 2013 15:17:35 +0200
|
||||
Subject: [PATCH 03/12] strip the domain part from /etc/hostname when setting
|
||||
system host name
|
||||
|
||||
[fbui: fixes bnc#820213]
|
||||
[fbui: forwardported from bfd2462b8ddec591d953841ab22bb30bdc6f9085]
|
||||
[fbui: adjust context and make sure that strip of the domain name is
|
||||
only done when setting the system host name. Therefore it's
|
||||
still possible to pass an FQDN to hostnamectl]
|
||||
[fbui: I'm still not sure that it was the right thing to do. Other
|
||||
possibility was to fix the installer to create a correct
|
||||
/etc/hostname file. Need to investigate...]
|
||||
---
|
||||
src/core/hostname-setup.c | 10 +++++++++-
|
||||
1 file changed, 9 insertions(+), 1 deletion(-)
|
||||
|
||||
diff --git a/src/core/hostname-setup.c b/src/core/hostname-setup.c
|
||||
index 6d047db838..1acc0c998b 100644
|
||||
--- a/src/core/hostname-setup.c
|
||||
+++ b/src/core/hostname-setup.c
|
||||
@@ -39,8 +39,16 @@ int hostname_setup(void) {
|
||||
enoent = true;
|
||||
else
|
||||
log_warning_errno(r, "Failed to read configured hostname: %m");
|
||||
- } else
|
||||
+ } else {
|
||||
+ char *domain;
|
||||
+
|
||||
+ /* SUSE: strip the domain name */
|
||||
+ domain = strchr(b, '.');
|
||||
+ if (domain)
|
||||
+ *domain = '\0';
|
||||
+
|
||||
hn = b;
|
||||
+ }
|
||||
}
|
||||
|
||||
if (isempty(hn)) {
|
||||
--
|
||||
2.26.2
|
||||
|
124
0004-tmpfiles-support-exclude-statements-based-on-file-ow.patch
Normal file
124
0004-tmpfiles-support-exclude-statements-based-on-file-ow.patch
Normal file
@ -0,0 +1,124 @@
|
||||
From b46d43bf980afe13cfff39fc2876aed10f33db1d Mon Sep 17 00:00:00 2001
|
||||
From: Thomas Blume <Thomas.Blume@suse.com>
|
||||
Date: Thu, 14 Apr 2016 15:42:02 +0200
|
||||
Subject: [PATCH 04/12] tmpfiles: support exclude statements based on file
|
||||
ownership
|
||||
|
||||
SUSE supported tmpfile cleanups based on file ownership before systemd.
|
||||
So this feature needs to be available in systemd.
|
||||
This was part of fate#314974
|
||||
|
||||
[tblume: suse-only patch ported from SLES12-SP1 commit e769a63907ae4b]
|
||||
[tblume: part of fate#314974]
|
||||
---
|
||||
man/tmpfiles.d.xml | 4 +++-
|
||||
src/tmpfiles/tmpfiles.c | 49 ++++++++++++++++++++++++++++++++---------
|
||||
2 files changed, 42 insertions(+), 11 deletions(-)
|
||||
|
||||
diff --git a/man/tmpfiles.d.xml b/man/tmpfiles.d.xml
|
||||
index b9e9eee96c..b90ae01345 100644
|
||||
--- a/man/tmpfiles.d.xml
|
||||
+++ b/man/tmpfiles.d.xml
|
||||
@@ -605,7 +605,9 @@ w- /proc/sys/vm/swappiness - - - - 10</programlisting></para>
|
||||
suffixed by a newline. For <varname>C</varname>, specifies the source file or directory. For <varname>t</varname>
|
||||
and <varname>T</varname>, determines extended attributes to be set. For <varname>a</varname> and
|
||||
<varname>A</varname>, determines ACL attributes to be set. For <varname>h</varname> and <varname>H</varname>,
|
||||
- determines the file attributes to set. Ignored for all other lines.</para>
|
||||
+ determines the file attributes to set. For <varname>x</varname> and <varname>X</varname> a comma separated list
|
||||
+ of usernames. If given, only paths belonging to these users will be excluded during directory cleanup. Ignored
|
||||
+ for all other lines.</para>
|
||||
|
||||
<para>This field can contain specifiers, see below.</para>
|
||||
</refsect2>
|
||||
diff --git a/src/tmpfiles/tmpfiles.c b/src/tmpfiles/tmpfiles.c
|
||||
index 2404e36bf2..349653c786 100644
|
||||
--- a/src/tmpfiles/tmpfiles.c
|
||||
+++ b/src/tmpfiles/tmpfiles.c
|
||||
@@ -14,6 +14,8 @@
|
||||
#include <sysexits.h>
|
||||
#include <time.h>
|
||||
#include <unistd.h>
|
||||
+#include <sys/types.h>
|
||||
+#include <pwd.h>
|
||||
|
||||
#include "sd-path.h"
|
||||
|
||||
@@ -505,6 +507,7 @@ static int dir_cleanup(
|
||||
struct stat s;
|
||||
usec_t age;
|
||||
_cleanup_free_ char *sub_path = NULL;
|
||||
+ Item *found;
|
||||
|
||||
if (dot_or_dot_dot(dent->d_name))
|
||||
continue;
|
||||
@@ -546,15 +549,41 @@ static int dir_cleanup(
|
||||
goto finish;
|
||||
}
|
||||
|
||||
- /* Is there an item configured for this path? */
|
||||
- if (ordered_hashmap_get(items, sub_path)) {
|
||||
- log_debug("Ignoring \"%s\": a separate entry exists.", sub_path);
|
||||
- continue;
|
||||
- }
|
||||
+ /* evaluate username arguments in ignore statements */
|
||||
+ found = find_glob(globs, sub_path);
|
||||
|
||||
- if (find_glob(globs, sub_path)) {
|
||||
- log_debug("Ignoring \"%s\": a separate glob exists.", sub_path);
|
||||
- continue;
|
||||
+ if (i->type == CREATE_DIRECTORY && found && found->argument) {
|
||||
+ struct passwd *pw;
|
||||
+ char *userfound = NULL, *args = strdup(found->argument);
|
||||
+ bool match = false;
|
||||
+
|
||||
+ while ((userfound = strsep(&args, ","))) {
|
||||
+ pw = getpwnam(userfound);
|
||||
+
|
||||
+ if (pw) {
|
||||
+ if (s.st_uid == pw->pw_uid) {
|
||||
+ match = true;
|
||||
+ break;
|
||||
+ }
|
||||
+ }
|
||||
+ }
|
||||
+
|
||||
+ if (match) {
|
||||
+ log_debug("Ignoring \"%s\" of user \"%s\".", sub_path, pw->pw_name);
|
||||
+ match=false;
|
||||
+ continue;
|
||||
+ }
|
||||
+ } else {
|
||||
+ /* Is there an item configured for this path? */
|
||||
+ if (ordered_hashmap_get(items, sub_path)) {
|
||||
+ log_debug("Ignoring \"%s\": a separate entry exists.", sub_path);
|
||||
+ continue;
|
||||
+ }
|
||||
+
|
||||
+ if (found) {
|
||||
+ log_debug("Ignoring \"%s\": a separate glob exists.", sub_path);
|
||||
+ continue;
|
||||
+ }
|
||||
}
|
||||
|
||||
if (S_ISDIR(s.st_mode)) {
|
||||
@@ -2637,8 +2666,6 @@ static int parse_line(
|
||||
case EMPTY_DIRECTORY:
|
||||
case TRUNCATE_DIRECTORY:
|
||||
case CREATE_FIFO:
|
||||
- case IGNORE_PATH:
|
||||
- case IGNORE_DIRECTORY_PATH:
|
||||
case REMOVE_PATH:
|
||||
case RECURSIVE_REMOVE_PATH:
|
||||
case ADJUST_MODE:
|
||||
@@ -2649,6 +2676,8 @@ static int parse_line(
|
||||
|
||||
break;
|
||||
|
||||
+ case IGNORE_PATH:
|
||||
+ case IGNORE_DIRECTORY_PATH:
|
||||
case CREATE_FILE:
|
||||
case TRUNCATE_FILE:
|
||||
break;
|
||||
--
|
||||
2.26.2
|
||||
|
@ -0,0 +1,29 @@
|
||||
From 8e95d5534e9a577529ac49aaec610e6ceefec0b9 Mon Sep 17 00:00:00 2001
|
||||
From: Robert Milasan <rmilasan@suse.com>
|
||||
Date: Sat, 12 Jul 2014 14:20:36 +0200
|
||||
Subject: [PATCH 05/12] udev: create default symlinks for primary cd_dvd drive
|
||||
|
||||
Imported from SLE12-SP1, commit 4f8bacfbffd7049608b5076.
|
||||
|
||||
[rmilasan: fixes bnc#783054]
|
||||
---
|
||||
rules.d/60-cdrom_id.rules | 4 ++++
|
||||
1 file changed, 4 insertions(+)
|
||||
|
||||
diff --git a/rules.d/60-cdrom_id.rules b/rules.d/60-cdrom_id.rules
|
||||
index 288f8ce2f9..578c77441c 100644
|
||||
--- a/rules.d/60-cdrom_id.rules
|
||||
+++ b/rules.d/60-cdrom_id.rules
|
||||
@@ -25,5 +25,9 @@ IMPORT{program}="cdrom_id --lock-media $devnode"
|
||||
ENV{DISK_MEDIA_CHANGE}=="?*", ENV{ID_CDROM_MEDIA}!="?*", ENV{SYSTEMD_READY}="0"
|
||||
|
||||
KERNEL=="sr0", SYMLINK+="cdrom", OPTIONS+="link_priority=-100"
|
||||
+KERNEL=="sr0", ENV{ID_CDROM}=="1", SYMLINK+="cdrom", OPTIONS+="link_priority=-100"
|
||||
+KERNEL=="sr0", ENV{ID_CDROM_CD_RW}=="1", SYMLINK+="cdrw", OPTIONS+="link_priority=-100"
|
||||
+KERNEL=="sr0", ENV{ID_CDROM_DVD}=="1", SYMLINK+="dvd", OPTIONS+="link_priority=-100"
|
||||
+KERNEL=="sr0", ENV{ID_CDROM_DVD_RW}=="1", SYMLINK+="dvdrw", OPTIONS+="link_priority=-100"
|
||||
|
||||
LABEL="cdrom_end"
|
||||
--
|
||||
2.26.2
|
||||
|
123
0006-sysv-generator-add-back-support-for-SysV-scripts-for.patch
Normal file
123
0006-sysv-generator-add-back-support-for-SysV-scripts-for.patch
Normal file
@ -0,0 +1,123 @@
|
||||
From f9521480d5dc5af747fecc9adc4c617e473e5494 Mon Sep 17 00:00:00 2001
|
||||
From: Franck Bui <fbui@suse.com>
|
||||
Date: Thu, 26 May 2016 08:59:41 +0200
|
||||
Subject: [PATCH 06/12] sysv-generator: add (back) support for SysV scripts for
|
||||
the early boot
|
||||
|
||||
For the record, the upstream support was removed by commit
|
||||
3cdebc217c42c8529086f2965319b6a48eaaeabe.
|
||||
|
||||
The sysv-generator has some weirdos: for example a service at the rc0
|
||||
runlevel won't be started during shutdown since it will get both
|
||||
"WantedBy=poweroff.target" and "Conflicts=shutdown.target".
|
||||
|
||||
Anyways what's the current patch implements the following:
|
||||
|
||||
- a symlink /etc/init.d/boot.d/S??boot.foo will add
|
||||
"WantedBy/Before=sysinit.target" constraints and make sure that the
|
||||
default dependencies added by systemd are turned off.
|
||||
|
||||
- a symlink /etc/init.d/boot.d/K??boot.foo will add
|
||||
"Conflicts/Before=shutdown.target" so "foo" service will be stopped
|
||||
like any other regular services. If this symlink is not installed
|
||||
however, "foo" will be stopped lately during the systemd killing
|
||||
spree.
|
||||
|
||||
This is a forward-port of commit 29db8537e1ca10796797d9854d1 in SP1.
|
||||
|
||||
[Since v232]
|
||||
|
||||
Support for S* symlinks in runlevel 0 or 6 has been completely and silently
|
||||
removed by 788d2b088b13a2444b9eb2ea82c0cc57d9f0980f. Since it was already
|
||||
broken as pointed out above, this probably wasn't really used and therefore
|
||||
no one will really care. So let's drop it too.
|
||||
|
||||
However this has the side effect to make the support of early sysv scripts more
|
||||
difficult. To make things easy, the support of K* symlinks in boot.d/ has been
|
||||
removed too: this is probably not used (anymore) (at least intentionally).
|
||||
|
||||
The consequence is that early sysv services are stopped during shutdown at
|
||||
the same time as 'normal' services.
|
||||
---
|
||||
src/sysv-generator/sysv-generator.c | 23 +++++++++++++++++++++++
|
||||
1 file changed, 23 insertions(+)
|
||||
|
||||
diff --git a/src/sysv-generator/sysv-generator.c b/src/sysv-generator/sysv-generator.c
|
||||
index a2c72d1009..1c01008967 100644
|
||||
--- a/src/sysv-generator/sysv-generator.c
|
||||
+++ b/src/sysv-generator/sysv-generator.c
|
||||
@@ -31,6 +31,9 @@ static const struct {
|
||||
const char *path;
|
||||
const char *target;
|
||||
} rcnd_table[] = {
|
||||
+ /* SUSE style boot.d */
|
||||
+ { "boot.d", SPECIAL_SYSINIT_TARGET },
|
||||
+
|
||||
/* Standard SysV runlevels for start-up */
|
||||
{ "rc1.d", SPECIAL_RESCUE_TARGET },
|
||||
{ "rc2.d", SPECIAL_MULTI_USER_TARGET },
|
||||
@@ -57,6 +60,7 @@ typedef struct SysvStub {
|
||||
bool has_lsb;
|
||||
bool reload;
|
||||
bool loaded;
|
||||
+ bool early;
|
||||
} SysvStub;
|
||||
|
||||
static void free_sysvstub(SysvStub *s) {
|
||||
@@ -147,6 +151,12 @@ static int generate_unit_file(SysvStub *s) {
|
||||
fprintf(f, "Description=%s\n", t);
|
||||
}
|
||||
|
||||
+ if (s->early) {
|
||||
+ fprintf(f, "DefaultDependencies=no\n");
|
||||
+ fprintf(f, "Conflicts=%s\n", SPECIAL_SHUTDOWN_TARGET);
|
||||
+ fprintf(f, "Before=%s\n", SPECIAL_SHUTDOWN_TARGET);
|
||||
+ }
|
||||
+
|
||||
STRV_FOREACH(p, s->before)
|
||||
fprintf(f, "Before=%s\n", *p);
|
||||
STRV_FOREACH(p, s->after)
|
||||
@@ -213,6 +223,10 @@ static char *sysv_translate_name(const char *name) {
|
||||
_cleanup_free_ char *c = NULL;
|
||||
char *res;
|
||||
|
||||
+ if (startswith(name, "boot."))
|
||||
+ /* Drop SuSE-style boot. prefix */
|
||||
+ name += 5;
|
||||
+
|
||||
c = strdup(name);
|
||||
if (!c)
|
||||
return NULL;
|
||||
@@ -289,6 +303,11 @@ static int sysv_translate_facility(SysvStub *s, unsigned line, const char *name,
|
||||
return 1;
|
||||
}
|
||||
|
||||
+ /* Strip "boot." prefix from file name for comparison (Suse specific) */
|
||||
+ e = startswith(filename, "boot.");
|
||||
+ if (e)
|
||||
+ filename += 5;
|
||||
+
|
||||
/* Strip ".sh" suffix from file name for comparison */
|
||||
filename_no_sh = strdupa(filename);
|
||||
e = endswith(filename_no_sh, ".sh");
|
||||
@@ -676,6 +695,9 @@ static int fix_order(SysvStub *s, Hashmap *all_services) {
|
||||
if (other->sysv_start_priority < 0)
|
||||
continue;
|
||||
|
||||
+ if (s->early != other->early)
|
||||
+ continue;
|
||||
+
|
||||
/* If both units have modern headers we don't care
|
||||
* about the priorities */
|
||||
if (s->has_lsb && other->has_lsb)
|
||||
@@ -800,6 +822,7 @@ static int enumerate_sysv(const LookupPaths *lp, Hashmap *all_services) {
|
||||
.sysv_start_priority = -1,
|
||||
.name = TAKE_PTR(name),
|
||||
.path = TAKE_PTR(fpath),
|
||||
+ .early = !!startswith(de->d_name, "boot."),
|
||||
};
|
||||
|
||||
r = hashmap_put(all_services, service->name, service);
|
||||
--
|
||||
2.26.2
|
||||
|
@ -0,0 +1,29 @@
|
||||
From 0adc3f402aeeadd73a0977ca6a1bc65d3d4201c1 Mon Sep 17 00:00:00 2001
|
||||
From: Pawel Wieczorkiewicz <pwieczorkiewicz@suse.de>
|
||||
Date: Tue, 2 Jun 2015 13:33:24 +0000
|
||||
Subject: [PATCH 07/12] networkd: make network.service an alias of
|
||||
systemd-networkd.service
|
||||
|
||||
NetworkManager and wicked does this already. This is needed by yast2
|
||||
and other parts of the system.
|
||||
|
||||
[fixes boo#933092]
|
||||
---
|
||||
units/systemd-networkd.service.in | 1 +
|
||||
1 file changed, 1 insertion(+)
|
||||
|
||||
diff --git a/units/systemd-networkd.service.in b/units/systemd-networkd.service.in
|
||||
index 2673146841..083a35b912 100644
|
||||
--- a/units/systemd-networkd.service.in
|
||||
+++ b/units/systemd-networkd.service.in
|
||||
@@ -50,6 +50,7 @@ User=systemd-network
|
||||
|
||||
[Install]
|
||||
WantedBy=multi-user.target
|
||||
+Alias=network.service
|
||||
Also=systemd-networkd.socket
|
||||
Alias=dbus-org.freedesktop.network1.service
|
||||
|
||||
--
|
||||
2.26.2
|
||||
|
@ -0,0 +1,73 @@
|
||||
From a32292849ca2837f99d6801da26b8d8e401831c4 Mon Sep 17 00:00:00 2001
|
||||
From: Thomas Blume <Thomas.Blume@suse.com>
|
||||
Date: Wed, 4 May 2016 17:40:04 +0200
|
||||
Subject: [PATCH 08/12] sysv-generator: translate "Required-Start" into a
|
||||
"Wants" dependency
|
||||
|
||||
[tblume: Port of SLES12SP1 patch 0018-Make-LSB-Skripts-know-about-Required-and-Should.patch]
|
||||
|
||||
[fbui: this is needed probably because insserv's behavior has been
|
||||
sadly changed since SLE11: it now doesn't failed if a
|
||||
dependency listed by Required-Start is missing.]
|
||||
|
||||
[fbui: according to Werner "This should fix bnc#858864 and
|
||||
bnc#857204." (see Base:System changelog)]
|
||||
---
|
||||
src/sysv-generator/sysv-generator.c | 12 ++++++++++--
|
||||
1 file changed, 10 insertions(+), 2 deletions(-)
|
||||
|
||||
diff --git a/src/sysv-generator/sysv-generator.c b/src/sysv-generator/sysv-generator.c
|
||||
index 1c01008967..7a58be9287 100644
|
||||
--- a/src/sysv-generator/sysv-generator.c
|
||||
+++ b/src/sysv-generator/sysv-generator.c
|
||||
@@ -258,6 +258,7 @@ static int sysv_translate_facility(SysvStub *s, unsigned line, const char *name,
|
||||
"remote_fs", SPECIAL_REMOTE_FS_TARGET,
|
||||
"syslog", NULL,
|
||||
"time", SPECIAL_TIME_SYNC_TARGET,
|
||||
+ "all", SPECIAL_DEFAULT_TARGET,
|
||||
};
|
||||
|
||||
const char *filename;
|
||||
@@ -272,6 +273,7 @@ static int sysv_translate_facility(SysvStub *s, unsigned line, const char *name,
|
||||
|
||||
filename = basename(s->path);
|
||||
|
||||
+ n = *name == '+' ? ++name : name;
|
||||
n = *name == '$' ? name + 1 : name;
|
||||
|
||||
for (i = 0; i < ELEMENTSOF(table); i += 2) {
|
||||
@@ -408,7 +410,7 @@ static int handle_dependencies(SysvStub *s, unsigned line, const char *full_text
|
||||
|
||||
for (;;) {
|
||||
_cleanup_free_ char *word = NULL, *m = NULL;
|
||||
- bool is_before;
|
||||
+ bool is_before, is_wanted;
|
||||
|
||||
r = extract_first_word(&text, &word, NULL, EXTRACT_UNQUOTE|EXTRACT_RELAX);
|
||||
if (r < 0)
|
||||
@@ -421,6 +423,7 @@ static int handle_dependencies(SysvStub *s, unsigned line, const char *full_text
|
||||
continue;
|
||||
|
||||
is_before = startswith_no_case(full_text, "X-Start-Before:");
|
||||
+ is_wanted = startswith_no_case(full_text, "Required-Start:");
|
||||
|
||||
if (streq(m, SPECIAL_NETWORK_ONLINE_TARGET) && !is_before) {
|
||||
/* the network-online target is special, as it needs to be actively pulled in */
|
||||
@@ -429,8 +432,13 @@ static int handle_dependencies(SysvStub *s, unsigned line, const char *full_text
|
||||
return log_oom();
|
||||
|
||||
r = strv_extend(&s->wants, m);
|
||||
- } else
|
||||
+ } else {
|
||||
r = strv_extend(is_before ? &s->before : &s->after, m);
|
||||
+
|
||||
+ if (is_wanted)
|
||||
+ r = strv_extend(&s->wants, m);
|
||||
+ }
|
||||
+
|
||||
if (r < 0)
|
||||
return log_oom();
|
||||
}
|
||||
--
|
||||
2.26.2
|
||||
|
@ -0,0 +1,60 @@
|
||||
From 7fc80ccccaa6f7b98af8bcd899a97d561777ff94 Mon Sep 17 00:00:00 2001
|
||||
From: Franck Bui <fbui@suse.com>
|
||||
Date: Fri, 10 Jun 2016 15:19:57 +0200
|
||||
Subject: [PATCH 09/12] pid1: handle console specificities/weirdness for s390
|
||||
arch
|
||||
|
||||
The 3270 console on S/390 can do color but not the 3215 console.
|
||||
|
||||
Partial forward port of
|
||||
0001-On_s390_con3270_disable_ANSI_colour_esc.patch from SLE12-SP1. A
|
||||
bunch of the previous code has been dropped since some changes
|
||||
imported from upsteam made them uneeded.
|
||||
|
||||
The remaining bits are probably hackish but at least they are now
|
||||
minimal.
|
||||
|
||||
It was an attempt to address bnc#860937. And yes turning the console
|
||||
color mode off by passing $TERM=dumb via the kernel command line would
|
||||
have been much more easier and enough.
|
||||
|
||||
This is actually implemented by recent systemd. There's also another
|
||||
command line option: systemd.log_color=off.
|
||||
|
||||
See also a short discussion which happened on @systemd-maintainers
|
||||
whose $subject is "[PATCH] support conmode setting on command line".
|
||||
|
||||
[ fbui: fixes bsc#860937 ]
|
||||
---
|
||||
src/basic/terminal-util.c | 15 ++++++++++++++-
|
||||
1 file changed, 14 insertions(+), 1 deletion(-)
|
||||
|
||||
diff --git a/src/basic/terminal-util.c b/src/basic/terminal-util.c
|
||||
index 6cacde90ba..1a03902acc 100644
|
||||
--- a/src/basic/terminal-util.c
|
||||
+++ b/src/basic/terminal-util.c
|
||||
@@ -780,7 +780,20 @@ bool tty_is_vc_resolve(const char *tty) {
|
||||
}
|
||||
|
||||
const char *default_term_for_tty(const char *tty) {
|
||||
- return tty && tty_is_vc_resolve(tty) ? "linux" : "vt220";
|
||||
+ if (tty && tty_is_vc_resolve(tty))
|
||||
+ return "linux";
|
||||
+
|
||||
+#if defined (__s390__) || defined (__s390x__)
|
||||
+ if (tty && tty_is_console(tty)) {
|
||||
+ _cleanup_free_ char *mode = NULL;
|
||||
+
|
||||
+ /* Simply return "dumb" in case of OOM. */
|
||||
+ (void) proc_cmdline_get_key("conmode", 0, &mode);
|
||||
+ (void) proc_cmdline_value_missing("conmode", mode);
|
||||
+ return streq_ptr(mode, "3270") ? "ibm327x" : "dumb";
|
||||
+ }
|
||||
+#endif
|
||||
+ return "vt220";
|
||||
}
|
||||
|
||||
int fd_columns(int fd) {
|
||||
--
|
||||
2.26.2
|
||||
|
@ -0,0 +1,45 @@
|
||||
From e5b3d1d00bbdbcb168889699c462bf01b58062a5 Mon Sep 17 00:00:00 2001
|
||||
From: Franck Bui <fbui@suse.com>
|
||||
Date: Thu, 6 Jul 2017 15:48:10 +0200
|
||||
Subject: [PATCH 11/12] core: disable session keyring per system sevice
|
||||
entirely for now
|
||||
|
||||
Until PAM module "pam_keyinit" is fully integrated in SUSE's PAM stack, this
|
||||
feature has to be disabled.
|
||||
|
||||
openSUSE is still not ready for enabling the keyring stuff (see
|
||||
bsc#1081947). Some services got fixed (sshd, getty@.service) but some still
|
||||
haven't (xdm, login, ...)
|
||||
|
||||
So leave it disabled again otherwise different users might end up using the
|
||||
same session keyring - the one created for the service used for logging in
|
||||
(sshd, getty@.service, xdm, etc...)
|
||||
|
||||
The integration of pam_keyinit is tracked here:
|
||||
https://bugzilla.opensuse.org/show_bug.cgi?id=1081947
|
||||
|
||||
See also:
|
||||
https://github.com/systemd/systemd/pull/6286
|
||||
|
||||
[fbui: fixes boo#1045886]
|
||||
---
|
||||
src/core/execute.c | 3 +++
|
||||
1 file changed, 3 insertions(+)
|
||||
|
||||
diff --git a/src/core/execute.c b/src/core/execute.c
|
||||
index 2a4840a3a9..aefd4eaff1 100644
|
||||
--- a/src/core/execute.c
|
||||
+++ b/src/core/execute.c
|
||||
@@ -2779,6 +2779,9 @@ static int setup_keyring(
|
||||
assert(context);
|
||||
assert(p);
|
||||
|
||||
+ /* SUSE: pam_keyinit is still not fully integrated to SUSE's PAM stack... */
|
||||
+ return 0;
|
||||
+
|
||||
/* Let's set up a new per-service "session" kernel keyring for each system service. This has the benefit that
|
||||
* each service runs with its own keyring shared among all processes of the service, but with no hook-up beyond
|
||||
* that scope, and in particular no link to the per-UID keyring. If we don't do this the keyring will be
|
||||
--
|
||||
2.26.2
|
||||
|
@ -0,0 +1,53 @@
|
||||
From 90d84a96aca84b39f6aabda048703dc7c0e79ef4 Mon Sep 17 00:00:00 2001
|
||||
From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= <zbyszek@in.waw.pl>
|
||||
Date: Fri, 11 Mar 2016 17:06:17 -0500
|
||||
Subject: [PATCH 12/12] resolved: create /etc/resolv.conf symlink at runtime
|
||||
|
||||
If the symlink doesn't exists, and we are being started, let's
|
||||
create it to provie name resolution.
|
||||
|
||||
If it exists, do nothing. In particular, if it is a broken symlink,
|
||||
we cannot really know if the administator configured it to point to
|
||||
a location used by some service that hasn't started yet, so we
|
||||
don't touch it in that case either.
|
||||
|
||||
https://bugzilla.redhat.com/show_bug.cgi?id=1313085
|
||||
---
|
||||
src/resolve/resolved.c | 6 ++++++
|
||||
tmpfiles.d/etc.conf.m4 | 3 ---
|
||||
2 files changed, 6 insertions(+), 3 deletions(-)
|
||||
|
||||
diff --git a/src/resolve/resolved.c b/src/resolve/resolved.c
|
||||
index 16477f28d6..3922804039 100644
|
||||
--- a/src/resolve/resolved.c
|
||||
+++ b/src/resolve/resolved.c
|
||||
@@ -53,6 +53,12 @@ static int run(int argc, char *argv[]) {
|
||||
if (r < 0)
|
||||
return log_error_errno(r, "Cannot resolve user name %s: %m", user);
|
||||
|
||||
+ /* As we're root, we can create /etc/resolv.conf symlink if it doesn't exist already */
|
||||
+ r = symlink("../run/systemd/resolve/resolv.conf", "/etc/resolv.conf");
|
||||
+ if (r < 0 && errno != EEXIST)
|
||||
+ log_warning_errno(errno,
|
||||
+ "Could not create /etc/resolv.conf symlink: %m");
|
||||
+
|
||||
/* As we're root, we can create the directory where resolv.conf will live */
|
||||
r = mkdir_safe_label("/run/systemd/resolve", 0755, uid, gid, MKDIR_WARN_MODE);
|
||||
if (r < 0)
|
||||
diff --git a/tmpfiles.d/etc.conf.m4 b/tmpfiles.d/etc.conf.m4
|
||||
index f82e0b82ce..66a777bdb2 100644
|
||||
--- a/tmpfiles.d/etc.conf.m4
|
||||
+++ b/tmpfiles.d/etc.conf.m4
|
||||
@@ -12,9 +12,6 @@ L+ /etc/mtab - - - - ../proc/self/mounts
|
||||
m4_ifdef(`HAVE_SMACK_RUN_LABEL',
|
||||
t /etc/mtab - - - - security.SMACK64=_
|
||||
)m4_dnl
|
||||
-m4_ifdef(`ENABLE_RESOLVE',
|
||||
-L! /etc/resolv.conf - - - - ../run/systemd/resolve/stub-resolv.conf
|
||||
-)m4_dnl
|
||||
C! /etc/nsswitch.conf - - - -
|
||||
m4_ifdef(`HAVE_PAM',
|
||||
C! /etc/pam.d - - - -
|
||||
--
|
||||
2.26.2
|
||||
|
@ -1,3 +1,75 @@
|
||||
-------------------------------------------------------------------
|
||||
Wed Sep 16 14:07:56 UTC 2020 - Franck Bui <fbui@suse.com>
|
||||
|
||||
- Drop 0001-udev-temporarly-restore-the-creation-a-few-symlinks-.patch
|
||||
|
||||
linuxrc has already been fixed.
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Wed Sep 16 13:42:04 UTC 2020 - Franck Bui <fbui@suse.com>
|
||||
|
||||
- Add 0001-udev-temporarly-restore-the-creation-a-few-symlinks-.patch
|
||||
|
||||
A temporary patch until the installer environment is updated to
|
||||
create some of the symlinks that udevd used to create during its
|
||||
startup but now udevd relies on the init system to do so.
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Thu Sep 10 12:59:54 UTC 2020 - Franck Bui <fbui@suse.com>
|
||||
|
||||
- Rework how we prevent journald from both enabling auditd and
|
||||
recording audit messages
|
||||
|
||||
journald.conf gained a new setting Audit= to control whether
|
||||
journald enables audit during the boot process. So let's use it and
|
||||
make sure it's disabled by default by shipping a drop-in that
|
||||
overrides upstream default.
|
||||
|
||||
Also we used to patch systemd to prevent journald from reading the
|
||||
audit messages. There's still no way for downstream to configure
|
||||
that properly (we would need to mask systemd-journald-audit.socket
|
||||
meaning shipping a symlink in /etc) but I think dropping
|
||||
systemd-journald-audit.socket from the package is a nicer way to do
|
||||
that as some users might choose to reenable this setting (by
|
||||
reintroducing the socket unit in /etc).
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Thu Sep 10 09:02:13 UTC 2020 - Franck Bui <fbui@suse.com>
|
||||
|
||||
- Enable audit support (bsc#1175883)
|
||||
|
||||
Enabling audit support in systemd will only make PID1 (and some of
|
||||
its services) to generate some audit records for certain events. But
|
||||
it doesn't affect journald, which has been prevented from recording
|
||||
audit messages in the journal (SUSE specific behavior).
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Wed Sep 2 10:14:10 UTC 2020 - Franck Bui <fbui@suse.com>
|
||||
|
||||
- Upgrade to v246.4 (commit f1344d5b7f31e98aedb01e606f41d74d3caaf446)
|
||||
|
||||
See https://github.com/openSUSE/systemd/blob/SUSE/v246/NEWS for
|
||||
details.
|
||||
|
||||
Now that the number of SUSE specific patches has been shrinked and
|
||||
is pretty low (12 at the time of this writing), they are no more
|
||||
tracked by the git repo and are now handled at the package
|
||||
level. Hence It is easier to maintain and identify them. This
|
||||
effectively means that SUSE/v246 will contain upstream commits only.
|
||||
|
||||
Added 0001-restore-var-run-and-var-lock-bind-mount-if-they-aren.patch
|
||||
Added 0002-rc-local-fix-ordering-startup-for-etc-init.d-boot.lo.patch
|
||||
Added 0003-strip-the-domain-part-from-etc-hostname-when-setting.patch
|
||||
Added 0004-tmpfiles-support-exclude-statements-based-on-file-ow.patch
|
||||
Added 0005-udev-create-default-symlinks-for-primary-cd_dvd-driv.patch
|
||||
Added 0006-sysv-generator-add-back-support-for-SysV-scripts-for.patch
|
||||
Added 0007-networkd-make-network.service-an-alias-of-systemd-ne.patch
|
||||
Added 0008-sysv-generator-translate-Required-Start-into-a-Wants.patch
|
||||
Added 0009-pid1-handle-console-specificities-weirdness-for-s390.patch
|
||||
Added 0010-journald-disable-audit-support-completely-from-the-j.patch
|
||||
Added 0011-core-disable-session-keyring-per-system-sevice-entir.patch
|
||||
Added 0012-resolved-create-etc-resolv.conf-symlink-at-runtime.patch
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Thu Aug 27 12:51:15 UTC 2020 - Fabian Vogt <fvogt@suse.com>
|
||||
|
||||
|
@ -26,7 +26,7 @@
|
||||
##### WARNING: please do not edit this auto generated spec file. Use the systemd.spec! #####
|
||||
%define mini -mini
|
||||
%define min_kernel_version 4.5
|
||||
%define suse_version +suse.51.ga4e393eecb
|
||||
%define suse_version +suse.20.gf1344d5b7f
|
||||
|
||||
%bcond_with gnuefi
|
||||
%if 0%{?bootstrap}
|
||||
@ -55,7 +55,7 @@
|
||||
|
||||
Name: systemd-mini
|
||||
URL: http://www.freedesktop.org/wiki/Software/systemd
|
||||
Version: 245.7
|
||||
Version: 246.4
|
||||
Release: 0
|
||||
Summary: A System and Session Manager
|
||||
License: LGPL-2.1-or-later
|
||||
@ -71,6 +71,7 @@ BuildRequires: polkit
|
||||
# python is only required for generating systemd.directives.xml
|
||||
BuildRequires: python3-base
|
||||
BuildRequires: python3-lxml
|
||||
BuildRequires: pkgconfig(audit)
|
||||
BuildRequires: pkgconfig(libcryptsetup) >= 1.6.0
|
||||
BuildRequires: pkgconfig(libdw)
|
||||
BuildRequires: pkgconfig(liblz4)
|
||||
@ -159,12 +160,28 @@ Source100: scripts-systemd-fix-machines-btrfs-subvol.sh
|
||||
Source101: scripts-systemd-upgrade-from-pre-210.sh
|
||||
Source102: scripts-systemd-migrate-sysconfig-i18n.sh
|
||||
|
||||
# Patches listed in here are put in quarantine. Normally all
|
||||
# changes must go to upstream first and then are cherry-picked in the
|
||||
# SUSE git repository. But in very few cases, some stuff might be
|
||||
# broken in upstream and need an urgent fix. Even in this case, the
|
||||
# patches are temporary and should be removed as soon as a fix is
|
||||
# merged by upstream.
|
||||
# Patches listed below are SUSE specific and should be kept at its
|
||||
# minimum. We try hard to push our changes to upstream but sometimes
|
||||
# they are only relevant for SUSE distros. Special rewards for those
|
||||
# who will manage to get rid of one of them !
|
||||
Patch1: 0001-restore-var-run-and-var-lock-bind-mount-if-they-aren.patch
|
||||
Patch2: 0002-rc-local-fix-ordering-startup-for-etc-init.d-boot.lo.patch
|
||||
Patch3: 0003-strip-the-domain-part-from-etc-hostname-when-setting.patch
|
||||
Patch4: 0004-tmpfiles-support-exclude-statements-based-on-file-ow.patch
|
||||
Patch5: 0005-udev-create-default-symlinks-for-primary-cd_dvd-driv.patch
|
||||
Patch6: 0006-sysv-generator-add-back-support-for-SysV-scripts-for.patch
|
||||
Patch7: 0007-networkd-make-network.service-an-alias-of-systemd-ne.patch
|
||||
Patch8: 0008-sysv-generator-translate-Required-Start-into-a-Wants.patch
|
||||
Patch9: 0009-pid1-handle-console-specificities-weirdness-for-s390.patch
|
||||
Patch11: 0011-core-disable-session-keyring-per-system-sevice-entir.patch
|
||||
Patch12: 0012-resolved-create-etc-resolv.conf-symlink-at-runtime.patch
|
||||
|
||||
# Patches listed below are put in quarantine. Normally all changes
|
||||
# must go to upstream first and then are cherry-picked in the SUSE git
|
||||
# repository. But in very few cases, some stuff might be broken in
|
||||
# upstream and need an urgent fix. Even in this case, the patches are
|
||||
# temporary and should be removed as soon as a fix is merged by
|
||||
# upstream.
|
||||
|
||||
%description
|
||||
Systemd is a system and service manager, compatible with SysV and LSB
|
||||
@ -604,8 +621,10 @@ ln -s ../usr/bin/systemctl %{buildroot}/sbin/reboot
|
||||
ln -s ../usr/bin/systemctl %{buildroot}/sbin/halt
|
||||
ln -s ../usr/bin/systemctl %{buildroot}/sbin/shutdown
|
||||
ln -s ../usr/bin/systemctl %{buildroot}/sbin/poweroff
|
||||
%if %{with sysvcompat}
|
||||
ln -s ../usr/bin/systemctl %{buildroot}/sbin/telinit
|
||||
ln -s ../usr/bin/systemctl %{buildroot}/sbin/runlevel
|
||||
%endif
|
||||
|
||||
# Make sure we don't ship static enablement symlinks in /etc during
|
||||
# installation, presets should be honoured instead.
|
||||
@ -778,6 +797,19 @@ fi
|
||||
# which may still be used by yast.
|
||||
cat %{S:14} >>%{buildroot}%{_datarootdir}/systemd/kbd-model-map
|
||||
|
||||
# Create a drop-in to prevent journald from starting auditd during
|
||||
# boot (bsc#984034).
|
||||
mkdir -p %{buildroot}%{_prefix}/lib/systemd/journald.conf.d
|
||||
cat >%{buildroot}%{_prefix}/lib/systemd/journald.conf.d/20-suse-defaults.conf <<EOF
|
||||
[Journal]
|
||||
Audit=no
|
||||
EOF
|
||||
|
||||
# Don't ship systemd-journald-audit.socket as there's no other way for
|
||||
# us to prevent journald from recording audit messages in the journal
|
||||
# by default (bsc#1109252).
|
||||
rm -f %{buildroot}%{_unitdir}/systemd-journald-audit.socket
|
||||
|
||||
%if ! 0%{?bootstrap}
|
||||
%find_lang systemd
|
||||
%endif
|
||||
@ -864,9 +896,18 @@ fi
|
||||
# It's run only once.
|
||||
%{_prefix}/lib/systemd/scripts/migrate-sysconfig-i18n.sh || :
|
||||
|
||||
# Previous versions had tmp.mount moved to /usr/share/systemd/tmp.mount.
|
||||
# It could be symlinked into /etc to make /tmp a tmpfs. The file does not exist anymore,
|
||||
# so migrate the link to the new location.
|
||||
# During the migration to tmpfs for /tmp, a bug was introduced that
|
||||
# affected users using tmpfs for /tmp and happened during the _second_
|
||||
# update following the one that introduced tmpfs on /tmp. It consisted
|
||||
# in creating a dangling symlink /etc/systemd/system/tmp.mount
|
||||
# pointing to the old copy that previous versions shipped in
|
||||
# /usr/share/systemd, which doesn't exist anymore. So we migrate the
|
||||
# link to the new location.
|
||||
#
|
||||
# Users have been exposed to this bug during a short period of time as
|
||||
# it was present only in one release and was fixed shortly after by
|
||||
# the next update. So we can assume that it's safe to drop it in 6
|
||||
# months (ie March 2021).
|
||||
if [ "$(readlink -f %{_sysconfdir}/systemd/system/tmp.mount)" = "%{_datadir}/systemd/tmp.mount" ] ; then
|
||||
ln -sf %{_unitdir}/tmp.mount %{_sysconfdir}/systemd/system/tmp.mount
|
||||
fi
|
||||
@ -883,7 +924,7 @@ fi
|
||||
# old systems, the file doesn't exist. This is equivalent to
|
||||
# generation #1, which enables the creation of all compat symlinks.
|
||||
if [ $1 -eq 1 ]; then
|
||||
echo "COMPAT_SYMLINK_GENERATION=2">/usr/lib/udev/compat-symlink-generation
|
||||
echo "COMPAT_SYMLINK_GENERATION=2" >/usr/lib/udev/compat-symlink-generation
|
||||
fi
|
||||
|
||||
%post -n udev%{?mini}
|
||||
@ -1218,6 +1259,8 @@ fi
|
||||
%config(noreplace) %{_sysconfdir}/systemd/timesyncd.conf
|
||||
%config(noreplace) %{_sysconfdir}/systemd/user.conf
|
||||
|
||||
%{_prefix}/lib/systemd/journald.conf.d/
|
||||
|
||||
%dir %{_datadir}/dbus-1
|
||||
%dir %{_datadir}/dbus-1/services
|
||||
%dir %{_datadir}/dbus-1/system.d
|
||||
@ -1273,7 +1316,7 @@ fi
|
||||
%{_mandir}/man7/[bdfks]*
|
||||
%{_mandir}/man8/kern*
|
||||
%{_mandir}/man8/pam_*
|
||||
%{_mandir}/man8/systemd-[a-gik-tv]*
|
||||
%{_mandir}/man8/systemd-[a-gik-tvx]*
|
||||
%{_mandir}/man8/systemd-h[aioy]*
|
||||
%{_mandir}/man8/systemd-journald*
|
||||
%{_mandir}/man8/systemd-u[ps]*
|
||||
@ -1350,15 +1393,19 @@ fi
|
||||
/sbin/halt
|
||||
/sbin/shutdown
|
||||
/sbin/poweroff
|
||||
%if %{with sysvcompat}
|
||||
/sbin/telinit
|
||||
/sbin/runlevel
|
||||
%endif
|
||||
%{_sbindir}/init
|
||||
%{_sbindir}/reboot
|
||||
%{_sbindir}/halt
|
||||
%{_sbindir}/shutdown
|
||||
%{_sbindir}/poweroff
|
||||
%if %{with sysvcompat}
|
||||
%{_sbindir}/telinit
|
||||
%{_sbindir}/runlevel
|
||||
%endif
|
||||
%if ! 0%{?bootstrap}
|
||||
%{_mandir}/man1/init.1*
|
||||
%{_mandir}/man8/halt.8*
|
||||
|
@ -1,3 +0,0 @@
|
||||
version https://git-lfs.github.com/spec/v1
|
||||
oid sha256:e0cce0a5990f8ddc03e1dcdb1af7f20331e3e885596710f8a68563882c50d31e
|
||||
size 6301856
|
3
systemd-v246.4+suse.20.gf1344d5b7f.tar.xz
Normal file
3
systemd-v246.4+suse.20.gf1344d5b7f.tar.xz
Normal file
@ -0,0 +1,3 @@
|
||||
version https://git-lfs.github.com/spec/v1
|
||||
oid sha256:707b0dca1d9dd0fa8c8858090b5e14d9741bacda2c4d0a1745707b57b395b254
|
||||
size 6548244
|
@ -1,3 +1,75 @@
|
||||
-------------------------------------------------------------------
|
||||
Wed Sep 16 14:07:56 UTC 2020 - Franck Bui <fbui@suse.com>
|
||||
|
||||
- Drop 0001-udev-temporarly-restore-the-creation-a-few-symlinks-.patch
|
||||
|
||||
linuxrc has already been fixed.
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Wed Sep 16 13:42:04 UTC 2020 - Franck Bui <fbui@suse.com>
|
||||
|
||||
- Add 0001-udev-temporarly-restore-the-creation-a-few-symlinks-.patch
|
||||
|
||||
A temporary patch until the installer environment is updated to
|
||||
create some of the symlinks that udevd used to create during its
|
||||
startup but now udevd relies on the init system to do so.
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Thu Sep 10 12:59:54 UTC 2020 - Franck Bui <fbui@suse.com>
|
||||
|
||||
- Rework how we prevent journald from both enabling auditd and
|
||||
recording audit messages
|
||||
|
||||
journald.conf gained a new setting Audit= to control whether
|
||||
journald enables audit during the boot process. So let's use it and
|
||||
make sure it's disabled by default by shipping a drop-in that
|
||||
overrides upstream default.
|
||||
|
||||
Also we used to patch systemd to prevent journald from reading the
|
||||
audit messages. There's still no way for downstream to configure
|
||||
that properly (we would need to mask systemd-journald-audit.socket
|
||||
meaning shipping a symlink in /etc) but I think dropping
|
||||
systemd-journald-audit.socket from the package is a nicer way to do
|
||||
that as some users might choose to reenable this setting (by
|
||||
reintroducing the socket unit in /etc).
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Thu Sep 10 09:02:13 UTC 2020 - Franck Bui <fbui@suse.com>
|
||||
|
||||
- Enable audit support (bsc#1175883)
|
||||
|
||||
Enabling audit support in systemd will only make PID1 (and some of
|
||||
its services) to generate some audit records for certain events. But
|
||||
it doesn't affect journald, which has been prevented from recording
|
||||
audit messages in the journal (SUSE specific behavior).
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Wed Sep 2 10:14:10 UTC 2020 - Franck Bui <fbui@suse.com>
|
||||
|
||||
- Upgrade to v246.4 (commit f1344d5b7f31e98aedb01e606f41d74d3caaf446)
|
||||
|
||||
See https://github.com/openSUSE/systemd/blob/SUSE/v246/NEWS for
|
||||
details.
|
||||
|
||||
Now that the number of SUSE specific patches has been shrinked and
|
||||
is pretty low (12 at the time of this writing), they are no more
|
||||
tracked by the git repo and are now handled at the package
|
||||
level. Hence It is easier to maintain and identify them. This
|
||||
effectively means that SUSE/v246 will contain upstream commits only.
|
||||
|
||||
Added 0001-restore-var-run-and-var-lock-bind-mount-if-they-aren.patch
|
||||
Added 0002-rc-local-fix-ordering-startup-for-etc-init.d-boot.lo.patch
|
||||
Added 0003-strip-the-domain-part-from-etc-hostname-when-setting.patch
|
||||
Added 0004-tmpfiles-support-exclude-statements-based-on-file-ow.patch
|
||||
Added 0005-udev-create-default-symlinks-for-primary-cd_dvd-driv.patch
|
||||
Added 0006-sysv-generator-add-back-support-for-SysV-scripts-for.patch
|
||||
Added 0007-networkd-make-network.service-an-alias-of-systemd-ne.patch
|
||||
Added 0008-sysv-generator-translate-Required-Start-into-a-Wants.patch
|
||||
Added 0009-pid1-handle-console-specificities-weirdness-for-s390.patch
|
||||
Added 0010-journald-disable-audit-support-completely-from-the-j.patch
|
||||
Added 0011-core-disable-session-keyring-per-system-sevice-entir.patch
|
||||
Added 0012-resolved-create-etc-resolv.conf-symlink-at-runtime.patch
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Thu Aug 27 12:51:15 UTC 2020 - Fabian Vogt <fvogt@suse.com>
|
||||
|
||||
|
73
systemd.spec
73
systemd.spec
@ -24,7 +24,7 @@
|
||||
%define bootstrap 0
|
||||
%define mini %nil
|
||||
%define min_kernel_version 4.5
|
||||
%define suse_version +suse.51.ga4e393eecb
|
||||
%define suse_version +suse.20.gf1344d5b7f
|
||||
|
||||
%bcond_with gnuefi
|
||||
%if 0%{?bootstrap}
|
||||
@ -53,7 +53,7 @@
|
||||
|
||||
Name: systemd
|
||||
URL: http://www.freedesktop.org/wiki/Software/systemd
|
||||
Version: 245.7
|
||||
Version: 246.4
|
||||
Release: 0
|
||||
Summary: A System and Session Manager
|
||||
License: LGPL-2.1-or-later
|
||||
@ -69,6 +69,7 @@ BuildRequires: polkit
|
||||
# python is only required for generating systemd.directives.xml
|
||||
BuildRequires: python3-base
|
||||
BuildRequires: python3-lxml
|
||||
BuildRequires: pkgconfig(audit)
|
||||
BuildRequires: pkgconfig(libcryptsetup) >= 1.6.0
|
||||
BuildRequires: pkgconfig(libdw)
|
||||
BuildRequires: pkgconfig(liblz4)
|
||||
@ -157,12 +158,28 @@ Source100: scripts-systemd-fix-machines-btrfs-subvol.sh
|
||||
Source101: scripts-systemd-upgrade-from-pre-210.sh
|
||||
Source102: scripts-systemd-migrate-sysconfig-i18n.sh
|
||||
|
||||
# Patches listed in here are put in quarantine. Normally all
|
||||
# changes must go to upstream first and then are cherry-picked in the
|
||||
# SUSE git repository. But in very few cases, some stuff might be
|
||||
# broken in upstream and need an urgent fix. Even in this case, the
|
||||
# patches are temporary and should be removed as soon as a fix is
|
||||
# merged by upstream.
|
||||
# Patches listed below are SUSE specific and should be kept at its
|
||||
# minimum. We try hard to push our changes to upstream but sometimes
|
||||
# they are only relevant for SUSE distros. Special rewards for those
|
||||
# who will manage to get rid of one of them !
|
||||
Patch1: 0001-restore-var-run-and-var-lock-bind-mount-if-they-aren.patch
|
||||
Patch2: 0002-rc-local-fix-ordering-startup-for-etc-init.d-boot.lo.patch
|
||||
Patch3: 0003-strip-the-domain-part-from-etc-hostname-when-setting.patch
|
||||
Patch4: 0004-tmpfiles-support-exclude-statements-based-on-file-ow.patch
|
||||
Patch5: 0005-udev-create-default-symlinks-for-primary-cd_dvd-driv.patch
|
||||
Patch6: 0006-sysv-generator-add-back-support-for-SysV-scripts-for.patch
|
||||
Patch7: 0007-networkd-make-network.service-an-alias-of-systemd-ne.patch
|
||||
Patch8: 0008-sysv-generator-translate-Required-Start-into-a-Wants.patch
|
||||
Patch9: 0009-pid1-handle-console-specificities-weirdness-for-s390.patch
|
||||
Patch11: 0011-core-disable-session-keyring-per-system-sevice-entir.patch
|
||||
Patch12: 0012-resolved-create-etc-resolv.conf-symlink-at-runtime.patch
|
||||
|
||||
# Patches listed below are put in quarantine. Normally all changes
|
||||
# must go to upstream first and then are cherry-picked in the SUSE git
|
||||
# repository. But in very few cases, some stuff might be broken in
|
||||
# upstream and need an urgent fix. Even in this case, the patches are
|
||||
# temporary and should be removed as soon as a fix is merged by
|
||||
# upstream.
|
||||
|
||||
%description
|
||||
Systemd is a system and service manager, compatible with SysV and LSB
|
||||
@ -602,8 +619,10 @@ ln -s ../usr/bin/systemctl %{buildroot}/sbin/reboot
|
||||
ln -s ../usr/bin/systemctl %{buildroot}/sbin/halt
|
||||
ln -s ../usr/bin/systemctl %{buildroot}/sbin/shutdown
|
||||
ln -s ../usr/bin/systemctl %{buildroot}/sbin/poweroff
|
||||
%if %{with sysvcompat}
|
||||
ln -s ../usr/bin/systemctl %{buildroot}/sbin/telinit
|
||||
ln -s ../usr/bin/systemctl %{buildroot}/sbin/runlevel
|
||||
%endif
|
||||
|
||||
# Make sure we don't ship static enablement symlinks in /etc during
|
||||
# installation, presets should be honoured instead.
|
||||
@ -776,6 +795,19 @@ fi
|
||||
# which may still be used by yast.
|
||||
cat %{S:14} >>%{buildroot}%{_datarootdir}/systemd/kbd-model-map
|
||||
|
||||
# Create a drop-in to prevent journald from starting auditd during
|
||||
# boot (bsc#984034).
|
||||
mkdir -p %{buildroot}%{_prefix}/lib/systemd/journald.conf.d
|
||||
cat >%{buildroot}%{_prefix}/lib/systemd/journald.conf.d/20-suse-defaults.conf <<EOF
|
||||
[Journal]
|
||||
Audit=no
|
||||
EOF
|
||||
|
||||
# Don't ship systemd-journald-audit.socket as there's no other way for
|
||||
# us to prevent journald from recording audit messages in the journal
|
||||
# by default (bsc#1109252).
|
||||
rm -f %{buildroot}%{_unitdir}/systemd-journald-audit.socket
|
||||
|
||||
%if ! 0%{?bootstrap}
|
||||
%find_lang systemd
|
||||
%endif
|
||||
@ -862,9 +894,18 @@ fi
|
||||
# It's run only once.
|
||||
%{_prefix}/lib/systemd/scripts/migrate-sysconfig-i18n.sh || :
|
||||
|
||||
# Previous versions had tmp.mount moved to /usr/share/systemd/tmp.mount.
|
||||
# It could be symlinked into /etc to make /tmp a tmpfs. The file does not exist anymore,
|
||||
# so migrate the link to the new location.
|
||||
# During the migration to tmpfs for /tmp, a bug was introduced that
|
||||
# affected users using tmpfs for /tmp and happened during the _second_
|
||||
# update following the one that introduced tmpfs on /tmp. It consisted
|
||||
# in creating a dangling symlink /etc/systemd/system/tmp.mount
|
||||
# pointing to the old copy that previous versions shipped in
|
||||
# /usr/share/systemd, which doesn't exist anymore. So we migrate the
|
||||
# link to the new location.
|
||||
#
|
||||
# Users have been exposed to this bug during a short period of time as
|
||||
# it was present only in one release and was fixed shortly after by
|
||||
# the next update. So we can assume that it's safe to drop it in 6
|
||||
# months (ie March 2021).
|
||||
if [ "$(readlink -f %{_sysconfdir}/systemd/system/tmp.mount)" = "%{_datadir}/systemd/tmp.mount" ] ; then
|
||||
ln -sf %{_unitdir}/tmp.mount %{_sysconfdir}/systemd/system/tmp.mount
|
||||
fi
|
||||
@ -881,7 +922,7 @@ fi
|
||||
# old systems, the file doesn't exist. This is equivalent to
|
||||
# generation #1, which enables the creation of all compat symlinks.
|
||||
if [ $1 -eq 1 ]; then
|
||||
echo "COMPAT_SYMLINK_GENERATION=2">/usr/lib/udev/compat-symlink-generation
|
||||
echo "COMPAT_SYMLINK_GENERATION=2" >/usr/lib/udev/compat-symlink-generation
|
||||
fi
|
||||
|
||||
%post -n udev%{?mini}
|
||||
@ -1216,6 +1257,8 @@ fi
|
||||
%config(noreplace) %{_sysconfdir}/systemd/timesyncd.conf
|
||||
%config(noreplace) %{_sysconfdir}/systemd/user.conf
|
||||
|
||||
%{_prefix}/lib/systemd/journald.conf.d/
|
||||
|
||||
%dir %{_datadir}/dbus-1
|
||||
%dir %{_datadir}/dbus-1/services
|
||||
%dir %{_datadir}/dbus-1/system.d
|
||||
@ -1271,7 +1314,7 @@ fi
|
||||
%{_mandir}/man7/[bdfks]*
|
||||
%{_mandir}/man8/kern*
|
||||
%{_mandir}/man8/pam_*
|
||||
%{_mandir}/man8/systemd-[a-gik-tv]*
|
||||
%{_mandir}/man8/systemd-[a-gik-tvx]*
|
||||
%{_mandir}/man8/systemd-h[aioy]*
|
||||
%{_mandir}/man8/systemd-journald*
|
||||
%{_mandir}/man8/systemd-u[ps]*
|
||||
@ -1348,15 +1391,19 @@ fi
|
||||
/sbin/halt
|
||||
/sbin/shutdown
|
||||
/sbin/poweroff
|
||||
%if %{with sysvcompat}
|
||||
/sbin/telinit
|
||||
/sbin/runlevel
|
||||
%endif
|
||||
%{_sbindir}/init
|
||||
%{_sbindir}/reboot
|
||||
%{_sbindir}/halt
|
||||
%{_sbindir}/shutdown
|
||||
%{_sbindir}/poweroff
|
||||
%if %{with sysvcompat}
|
||||
%{_sbindir}/telinit
|
||||
%{_sbindir}/runlevel
|
||||
%endif
|
||||
%if ! 0%{?bootstrap}
|
||||
%{_mandir}/man1/init.1*
|
||||
%{_mandir}/man8/halt.8*
|
||||
|
Loading…
Reference in New Issue
Block a user