Noticed in https://bugzilla.redhat.com/show_bug.cgi?id=2348669#c25.
Most of those units listed don't have an [Install] section, and of those that
have, almost all were disabled by default. This might be something to fix, e.g.
we might want to enable systemd-udev-load-credentials.service, this is
something to consider. But it's clearer if we list all the units that those
packages ship. In priciple somebody might ship a preset to enable them.
Anyway, the impact of this change is much smaller than might seem at first.
But systemd-network-generator.service has an [Install] section and is preset
to true, so not listing it in the scriptlets was a visible bug.
There's the additional caveat that systemd-network-generator.service is coowned
by two packages. The current system does not have a way of handling this
properly, because unit enablement is tied to the package install state. Let's
just call the scriptlet for this unit twice for now. I think that's not going
to cause any real problem.
I noticed that systemd-sysusers creates accounts with /usr/bin/nologin.
On merged systems is fine, but would not work for systems where
/usr/sbin is still a separate directory and /usr/bin/nologin does not
exist. This problem occurs because the meson configuration script discovers
the location using $PATH, which on recent builds results in /usr/bin always.
Just specify all the paths so that we don't depend on the presence and
order of paths in $PATH.
And in non-Fedora builds, undo the neutering of sysusers macros.
Downstreams like CentosStream did not go through the same changes
as Fedora but they may use packages built from the rawhide branch.
We had a bunch of Obsolets on self. This is useful when a subpackage
is split out to make it optional, and we want to install both the
original subpackage and the subpackage on ugprades. If both new
subpackages have Obsoletes on the old name, dnf will install both. But
we don't need to keep this infinitely, it's mostly useful for the
duration of a single stable release.
Apparatenly, those Obsoletes cause problems with downgrades.
The most recently added case is for the split of systemd-sysusers. But
we have an alternative mechanism in place: systemd Requires
/usr/bin/systemd-sysusers, and this path is provided by systemd-sysusers
and systemd-standalone-sysusers, with a bias towards systemd-sysusers.
So we should be able to drop the self-Obsoletes without a change in
functionality.
Also, drop some old Provides where 'dnf repoquery' indicates it is not
used by anything. Actually, only 'timedatex'. All the other ones are
used by one spec or another.
We don't need 1.5.0 to avoid the libbpf crash, the latest libbpf 1.4
patch release (1.4.7) also has the necessary fixes, so relax the
requirement a little to allow builds on Fedora 41 to succeed.
In CI builds we have %version that it smaller than 257.3-4 when the split
happened, and this causes problems when the packages are installed:
Failed to resolve the transaction:
Problem: package
systemd-sysusers-257-1.20250225060108317145.pr36507.1659.g4635c37946.fc43.x86_64
from @commandline
obsoletes
systemd < 257.3-4 provided by
systemd-257-1.20250225060108317145.pr36507.1659.g4635c37946.fc43.x86_64
from @commandline
- conflicting requests
I'm not sure if we even need the self-Obsoletes. We have a Requires and
Recommends in the main systemd package that will cause on of the providers of
/usr/bin/systemd-sysusers to be installed, and the non-standalone version is
preferred. But it's possible that if recommends are disabled, the
non-standalone package could be installed for some reason. So let's keep the
self-Obsoletes for now.
Another caveat is that it's not clear if v-string comparisons require %[] as a
wrapper. Some chat in #fedora-devel suggested that that's the case, but things
seem to work without it.
None of the systemd git tags have tildes in them, so there's no need
to use version_no_tilde for these.
This is another change to make packit work as the archive it sets up
for us based on the systemd upstream packit config file does have a
tilde in its name which then makes %prep fail as we transform the tilde
to a hyphen and then fail to find the systemd source directory.
"""
+ /usr/lib/rpm/rpmuncompress -x /builddir/build/SOURCES/systemd-258~devel.tar.gz
+ STATUS=0
+ '[' 0 -ne 0 ']'
+ cd systemd-258-devel
/var/tmp/rpm-tmp.gw7KSw: line 42: cd: systemd-258-devel: No such file or directory
"""
Previously, /usr/bin/systemd-sysusers was provided by both systemd and
systemd-standalone-sysusers, creating a file conflict, and the packages
declared Conflicts. This changed when systemd-sysusers was split out to a
separate subpackage. So we don't need the Conflicts and can allow a "cross
installation" of systemd-sysusers-standalone and and the other "normal"
systemd subpackages.
This should solve https://bugzilla.redhat.com/show_bug.cgi?id=2344322 without
requiring changes in the container definitions. (Though those changes probably
should be made anyway. If we end up installing systemd, we probably want to use
shared systemd-sysusers, to avoid wasting space.)
... (rhbz#2344322)
rpm-libs has Requires:/usr/bin/systemd-sysusers.
We split split out /usr/bin/systemd-sysusers (the normal version) to a
subpackage, and the shared library
/usr/lib64/systemd/libsystemd-shared-257.2-14.fc42.so to a second subpackage.
(In preparation for maybe making further splits later.)
systemd-sysusers+libsystemd-shared.so is 4.8MB, but libsystemd-shared.so also
pulls in a bunch of libraries. We'll find out what the actual change in
installation footprint (compared to systemd-standalone-sysusers) really is when
we build some images with the new split.
We are doing self-signing, so don't tag the EFI binaries as if
they were Fedora's, since they are not. Set upstream-specific
tags, that are the same for all distros built on OBS..
[skip changelog]
Let's add a tmt plan to read the upstream fmf metadata which contains
a single test to run the upstream integration tests.
To make this work, we also add a downstream patch with some fmf test
script fixes that landed after 257.2 was released.
We request virtualization support so we can run qemu based integration
tests in qemu with KVM.
On OBS the https://github.com/openSUSE/pesign-obs-integration
package is the way to get binaries signed. Build depend on it,
and call its hook.
Also rename and change the description and provides of the package,
given it is signed.
[skip changelog]
In the past, we used patch numbers to skip some patches in upstream CI
builds. The upstream bcond is now used for this instead, so we can
drop the numbering to make it easier to add an remove patches.
[skip changelog]
- Fixes for assertion crashes and memory access issues in pid1 and
systemd-machined, and other fixes for systemd-repart, systemd-resolved,
systemd-stdio-bridge, systemctl, journalctl, sd-device, hibernation,
and the hardware database.
The version substitution system is not able to fully subst
the current Version field due to the inline use of macros, so you end up with like:
257-123-gabcd257.1
instead of:
257-123-gabcd
I.e., the hard-coded 257.1 gets appended to the OBS-specified version.
If it was simply hardcoded as 257.1 it would work, but the inline
macros throw it off.
[skip changelog]
OBS does not support files with names starting with a dot.
https://fedoraproject.org/wiki/How_to_filter_libabigail_reports does
not make it really clear if the file can renamed. (The first part of
the paragraph implies a positive answer, the second is unclear.)
Let's see how this goes.
Let's use the %upstream macro to gate patches which are backports of
upstream instead of relying on patch numbers. We'll build with %upstream
defined in packit so that patches which should not be applied on upstream
builds are skipped.
Building with %upstream doesn't necessarily imply we want a developer
build, so let's always build in release mode. If needed
%meson_extra_configure_options can be used to override this and build
in developer mode after all.
From the 257 release notes:
* The --purge switch of systemd-tmpfiles (which was added in v256) has
been reworked: it will now only apply to tmpfiles.d/ lines marked
with the new "$" flag. This is an incompatible change, and means any
tmpfiles.d/ files which shall be used together with --purge need to
be updated accordingly. This change has been made to make it harder
to accidentally delete too many files when using --purge incorrectly.
The feature is now sufficiently hard to misuse that we can drop the patch.
- A bunch of small fixes in various components: systemd itself, systemd-cryptenroll,
sd-varlink, sd-boot, documentation, tests
- Includes an update of the hardware database
The build is slow anyway, so the difference shouldn't matter. But more
tests is better. The build logs show that slow tests were disabled.
Inspired by https://github.com/systemd/systemd/issues/34471.
Our mkosi.conf.d/10-centos-fedora/mkosi.prepare script tries to install
the soft dependencies too.
The build fails in centos 9 and 10:
Error: Unable to find a match: qemu-device-display-virtio-gpu
qemu-device-display-virtio-vga
[skip changelog]
