- A bunch of fixes in many components.
- Stop creating user namespace for system services (rhbz#2391343)
- Systemd trigger scriptlets are updated
(cherry picked from commit 1a7506a105)
2ace9416e8 broke packit as the fallback
url wasn't listed first anymore. Make sure the fallback URL is listed
first again as clearly documented just above the conditionals.
(cherry picked from commit dffbf2beba)
systemd-networkd-resolve-hook.socket will be introduced by
https://github.com/systemd/systemd/pull/39293 but we need the spec
to handle the socket for the upgrade/downgrade test to pass so adding
it early behind the upstream bcond.
(cherry picked from commit ea1d871ecd)
We use our own macros. They get pulled into the buildroot in Fedora
builds, but we shouldn't rely on this. In OBS builds, they are not
pulled in and the build fails.
(cherry picked from commit 7208fa2b1b)
- This is the first (large) batch of fixes after v258:
- fixes for boot loader and early boot code
- fixes for systemd itself, systemd-udevd, systemd-logind,
systemd-machined, and library code
- unprivileged operation in systemd-machined is disabled for now
- lots of documentation and shell-completion fixes
- includes an hwdb update
... (rhbz#2397579)
In https://bugzilla.redhat.com/show_bug.cgi?id=2397579 users are doing
a partial upgrade (seemingly) and that fails because of a file conflict.
Add Conflicts to prevent such partial upgrades.
An admin can create users in this directory instead of /etc/passwd. As
the .user file can contain hashed password, only root should be able to
read the files.
The upstream PR was closed with the intent to force the SELinux
policy to be updated instead. While we're waiting for that to happen,
include the patch here.
The RPM recipe files for SUSE and Fedora conflict and cannot be
both unpacked at the same time (e.g.: triggers.systemd, systemd.spec,
etc). The tarballs creation are unconditional. This means the same
project build cannot build for both Fedora and SUSE.
All other distros can co-habitate in the same project, so that a single
repository checkout, single trigger, single everything is used.
By storing the RPM recipe files in a separate directory it means they
don't conflict anymore, and they are moved in place in the right recipe
at the right time.
This allows building fedora/suse/centos/debian/ubuntu/arch from a
single project.
[skip changelog]
In the light of the recent discussion about dropping i686 packages, let's stop
building our docs there. This reduces the amount of tools needed in the mock
root.
Unfortunately we need to move the man page out of the noarch ukify subpackage,
because it needs to be the same on all architectures where it is built.
When testing build reproducibility, we got the following result:
+ rpmdiff cache/rpms/systemd-257.6-1.fc43/systemd-257.6-1.fc43.x86_64.rpm \
cache/build/systemd-257.6-1.fc43/rebuild/systemd-257.6-1.fc43.x86_64.rpm
......V..F. /etc/xdg/systemd/user
This is because we'd apply %ghost to a symlink to a directory, if the directory
stat reported 0 blocks. It seems that this depends on the filesystem type or
something and didn't pop up in previous rebuilds.
The first chunk is a noop to increase clarity.
The resulting difference from this patch in the file list:
$ diff -u systemd-257.6-build/systemd-257.6/.file-list-main{.0,}
-%config(noreplace) %ghost /etc/xdg/systemd/user
+%config(noreplace) /etc/xdg/systemd/user
When downgrading to package versions before 257.3-6 we have this error:
Error: Transaction test error:
file /usr/bin/systemd-sysusers from install of systemd-257-9.el10.x86_64 conflicts
with file from package systemd-sysusers-258~devel-20250416115850.el10.x86_64
Add Conflicts on systemd-sysusers subpackage to allow downgrades
across version 257.3-6.
- Fix for local information disclosure in systemd-coredump (CVE-2025-4598)
- Fixes for systemd itself, run0, systemd-networkd, "secure" pager,
man pages, shell completions, sd-boot, sd-varlink
- Hardware database update
This breaks suspend on my machine as of Linux 6.14, furthermore both
linked issues in rhbz#2321268 are closed and fixed in Linux upstream.
This reverts commit 6162965002.
Running from the source tarball implies running with unpatched tests,
whereas the same files from the systemd-tests package (which now contains
the mkosi and integration test files) will be patched.
[skip changelog]
Both work and if we do full sha we can retrieve the full sha from the
source filename in the source rpm later on which is useful for various
use cases.
[skip changelog]
Using the source tree of the spec can still lead to conflicts if a
mkosi/ directory exists there (which is the case in the hyperscale
systemd spec repo), so let's check out mkosi in /var/tmp to ensure
we don't conflict.
https://github.com/systemd/systemd/pull/36954 will move all the mkosi
configuration in the systemd repository into a mkosi/ subdirectory. This
means we have to put mkosi.local.conf in that subdirectory as well, so check
if the mkosi/ directory exists and put mkosi.local.conf in there if it exists.
The mkosi/ directory will conflict with our checkout of mkosi so we move that
checkout one level up. Additionally, we can't use .. anymore as the package
directory as that only works when mkosi.local.conf is in the top level directory
of the repository so we use an absolute path instead.
