Let's add a tmt plan to read the upstream fmf metadata which contains
a single test to run the upstream integration tests.
To make this work, we also add a downstream patch with some fmf test
script fixes that landed after 257.2 was released.
We request virtualization support so we can run qemu based integration
tests in qemu with KVM.
On OBS the https://github.com/openSUSE/pesign-obs-integration
package is the way to get binaries signed. Build depend on it,
and call its hook.
Also rename and change the description and provides of the package,
given it is signed.
[skip changelog]
In the past, we used patch numbers to skip some patches in upstream CI
builds. The upstream bcond is now used for this instead, so we can
drop the numbering to make it easier to add an remove patches.
[skip changelog]
- Fixes for assertion crashes and memory access issues in pid1 and
systemd-machined, and other fixes for systemd-repart, systemd-resolved,
systemd-stdio-bridge, systemctl, journalctl, sd-device, hibernation,
and the hardware database.
The version substitution system is not able to fully subst
the current Version field due to the inline use of macros, so you end up with like:
257-123-gabcd257.1
instead of:
257-123-gabcd
I.e., the hard-coded 257.1 gets appended to the OBS-specified version.
If it was simply hardcoded as 257.1 it would work, but the inline
macros throw it off.
[skip changelog]
OBS does not support files with names starting with a dot.
https://fedoraproject.org/wiki/How_to_filter_libabigail_reports does
not make it really clear if the file can renamed. (The first part of
the paragraph implies a positive answer, the second is unclear.)
Let's see how this goes.
Let's use the %upstream macro to gate patches which are backports of
upstream instead of relying on patch numbers. We'll build with %upstream
defined in packit so that patches which should not be applied on upstream
builds are skipped.
Building with %upstream doesn't necessarily imply we want a developer
build, so let's always build in release mode. If needed
%meson_extra_configure_options can be used to override this and build
in developer mode after all.
From the 257 release notes:
* The --purge switch of systemd-tmpfiles (which was added in v256) has
been reworked: it will now only apply to tmpfiles.d/ lines marked
with the new "$" flag. This is an incompatible change, and means any
tmpfiles.d/ files which shall be used together with --purge need to
be updated accordingly. This change has been made to make it harder
to accidentally delete too many files when using --purge incorrectly.
The feature is now sufficiently hard to misuse that we can drop the patch.
- A bunch of small fixes in various components: systemd itself, systemd-cryptenroll,
sd-varlink, sd-boot, documentation, tests
- Includes an update of the hardware database
The build is slow anyway, so the difference shouldn't matter. But more
tests is better. The build logs show that slow tests were disabled.
Inspired by https://github.com/systemd/systemd/issues/34471.
Our mkosi.conf.d/10-centos-fedora/mkosi.prepare script tries to install
the soft dependencies too.
The build fails in centos 9 and 10:
Error: Unable to find a match: qemu-device-display-virtio-gpu
qemu-device-display-virtio-vga
[skip changelog]
Anything we put in a %postun script needs two releases of the rpm
before it is invoked. The reason for using %postun to restart services
is because it runs after the old version has been removed so we can be
sure all remaining dropins and such files from the old version have been
removed. %posttrans gives us the same guarantee but the %posttrans of the
new version will run on install and upgrade which means the changes will
be applied immediately instead of having to release twice before the changes
take effect.
We define the systemd_posttrans_with_restart macro in the spec because we
can't use the upstream one as we ship it ourselves.
This drastically simplifier reexecs of user managers by using
systemctl reload to do a user manager reexec. This means we don't
need systemd-run, a pam session or systemd-stdio-bridge anymore to
do a user manager reexec and all job tracking is handled by pid 1
instead of bash.
Even on non-uefi architectures, ukify can be used to build UKIs for
UEFI images. For example, mkosi can use it to build UKIs on s390x.
To enable this use case, let's always build ukify, but with a conditional
dependency on systemd-boot only on arches that support UEFI.
We still want the Fedora systemd-user pam config when building with
--noprep so let's install the pam config file using a regular source
instead of patching the one provided by systemd.
rpm will imply --noprep when using --build-in-place in rpm 4.20 and
we're switching the mkosi rpm builds to use --noprep as well on older
rpm versions. This means we don't need to gate out patch applications
anymore with the %upstream macro.
We had a *lot* of breakage caused by this change internally so let's
make the spec a little more conservative by only applying the shorter
shutdown timer for Fedora builds.
