diff --git a/.editorconfig b/.editorconfig new file mode 100644 index 0000000..1b58baf --- /dev/null +++ b/.editorconfig @@ -0,0 +1,11 @@ +root = true + +[*] +charset = utf-8 +indent_size = 4 +indent_style = space +insert_final_newline = true +trim_trailing_whitespace = true + +[*.{yml,yaml}] +indent_size = 2 diff --git a/.fmf/version b/.fmf/version new file mode 100644 index 0000000..d00491f --- /dev/null +++ b/.fmf/version @@ -0,0 +1 @@ +1 diff --git a/.gitignore b/.gitignore index 7d93b1b..ca73e11 100644 --- a/.gitignore +++ b/.gitignore @@ -1,3 +1,5 @@ +*~ +/.mail.list /systemd-*/ /.build-*.log /x86_64/ @@ -5,3 +7,7 @@ /systemd-*.tar.xz /systemd-*.tar.gz /*.rpm +/mkosi.output/ +/mkosi.cache/ +/mkosi.builddir/ +/mkosi.local.conf diff --git a/.zuul.yaml b/.zuul.yaml new file mode 100644 index 0000000..b2e0850 --- /dev/null +++ b/.zuul.yaml @@ -0,0 +1,7 @@ +- project: + vars: + install_repo_exclude: + - systemd-standalone-repart + - systemd-standalone-shutdown + - systemd-standalone-sysusers + - systemd-standalone-tmpfiles diff --git a/0001-Revert-units-drop-runlevel-0-6-.target.patch b/0001-Revert-units-drop-runlevel-0-6-.target.patch new file mode 100644 index 0000000..faf8341 --- /dev/null +++ b/0001-Revert-units-drop-runlevel-0-6-.target.patch @@ -0,0 +1,88 @@ +From 61750e265ce3f7783a8dba831e91140f84ad89f2 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= +Date: Wed, 5 Nov 2025 17:52:16 +0100 +Subject: [PATCH 1/3] Revert "units: drop runlevel[0-6].target" + +This partially reverts commit e58ba80a40fb6e96543d56774a5bc5aa9cdadbf3. +The unit are still needed for compat. +--- + units/meson.build | 27 ++++++++++++++++++++++----- + 1 file changed, 22 insertions(+), 5 deletions(-) + +diff --git a/units/meson.build b/units/meson.build +index 2e04c4aa2b..46eaac4073 100644 +--- a/units/meson.build ++++ b/units/meson.build +@@ -1,5 +1,7 @@ + # SPDX-License-Identifier: LGPL-2.1-or-later + ++with_runlevels = conf.get('HAVE_SYSV_COMPAT') == 1 ++ + units = [ + { 'file' : 'basic.target' }, + { 'file' : 'blockdev@.target' }, +@@ -49,7 +51,7 @@ units = [ + }, + { + 'file' : 'graphical.target', +- 'symlinks' : ['default.target'], ++ 'symlinks' : ['default.target'] + (with_runlevels ? ['runlevel5.target'] : []), + }, + { 'file' : 'halt.target' }, + { +@@ -142,7 +144,10 @@ units = [ + 'conditions' : ['ENABLE_MACHINED'], + }, + { 'file' : 'modprobe@.service' }, +- { 'file' : 'multi-user.target' }, ++ { ++ 'file' : 'multi-user.target', ++ 'symlinks' : with_runlevels ? ['runlevel2.target', 'runlevel3.target', 'runlevel4.target'] : [], ++ }, + { + 'file' : 'systemd-mute-console.socket', + 'symlinks' : ['sockets.target.wants/'] +@@ -155,7 +160,10 @@ units = [ + { 'file' : 'nss-lookup.target' }, + { 'file' : 'nss-user-lookup.target' }, + { 'file' : 'paths.target' }, +- { 'file' : 'poweroff.target' }, ++ { ++ 'file' : 'poweroff.target', ++ 'symlinks' : with_runlevels ? ['runlevel0.target'] : [], ++ }, + { 'file' : 'printer.target' }, + { + 'file' : 'proc-sys-fs-binfmt_misc.automount', +@@ -180,7 +188,7 @@ units = [ + }, + { + 'file' : 'reboot.target', +- 'symlinks' : ['ctrl-alt-del.target'], ++ 'symlinks' : ['ctrl-alt-del.target'] + (with_runlevels ? ['runlevel6.target'] : []), + }, + { + 'file' : 'remote-cryptsetup.target', +@@ -200,7 +208,10 @@ units = [ + 'symlinks' : ['initrd-root-device.target.wants/'], + }, + { 'file' : 'rescue.service.in' }, +- { 'file' : 'rescue.target' }, ++ { ++ 'file' : 'rescue.target', ++ 'symlinks' : with_runlevels ? ['runlevel1.target'] : [], ++ }, + { 'file' : 'rpcbind.target' }, + { 'file' : 'serial-getty@.service.in' }, + { 'file' : 'shutdown.target' }, +@@ -1001,4 +1012,10 @@ else + dbussessionservicedir / 'org.freedesktop.systemd1.service')) + endif + ++if conf.get('HAVE_SYSV_COMPAT') == 1 ++ foreach i : [1, 2, 3, 4, 5] ++ install_emptydir(systemunitdir / 'runlevel@0@.target.wants'.format(i)) ++ endforeach ++endif ++ + subdir('user') diff --git a/0001-escape-Fix-help-description-6352.patch b/0001-escape-Fix-help-description-6352.patch deleted file mode 100644 index 7b8249d..0000000 --- a/0001-escape-Fix-help-description-6352.patch +++ /dev/null @@ -1,23 +0,0 @@ -From b2954c2fbed0409adba2687b17fb956f002b2bbe Mon Sep 17 00:00:00 2001 -From: Jeremy Bicha -Date: Thu, 13 Jul 2017 10:44:33 -0400 -Subject: [PATCH] escape: Fix help description (#6352) - -Resolves: #6351(cherry picked from commit 303608c1bcf9568371625fbbd9442946cadba422) ---- - src/escape/escape.c | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/src/escape/escape.c b/src/escape/escape.c -index af98c98e40..89e885d47c 100644 ---- a/src/escape/escape.c -+++ b/src/escape/escape.c -@@ -38,7 +38,7 @@ static bool arg_path = false; - - static void help(void) { - printf("%s [OPTIONS...] [NAME...]\n\n" -- "Show system and user paths.\n\n" -+ "Escape strings for usage in system unit names.\n\n" - " -h --help Show this help\n" - " --version Show package version\n" - " --suffix=SUFFIX Unit suffix to append to escaped strings\n" diff --git a/0002-build-sys-install-udev-rule-70-joystick.-rules-hwdb-.patch b/0002-build-sys-install-udev-rule-70-joystick.-rules-hwdb-.patch deleted file mode 100644 index 06e6edd..0000000 --- a/0002-build-sys-install-udev-rule-70-joystick.-rules-hwdb-.patch +++ /dev/null @@ -1,51 +0,0 @@ -From 33145774d9d41ac306f972e0247c9a073d5dbfc9 Mon Sep 17 00:00:00 2001 -From: Christian Hesse -Date: Fri, 14 Jul 2017 18:28:28 +0200 -Subject: [PATCH] build-sys: install udev rule 70-joystick.{rules,hwdb} (#6363) - -* meson: install udev files 70-joystick.{rules,hwdb} -* Makefile: install udev file 70-joystick.hwdb - -(cherry picked from commit 816be2ba448940e2517dba81492e80b1e6a5954f) ---- - Makefile.am | 1 + - hwdb/meson.build | 1 + - rules/meson.build | 1 + - 3 files changed, 3 insertions(+) - -diff --git a/Makefile.am b/Makefile.am -index c16e62280b..b95c93bb98 100644 ---- a/Makefile.am -+++ b/Makefile.am -@@ -4062,6 +4062,7 @@ dist_udevhwdb_DATA = \ - hwdb/60-evdev.hwdb \ - hwdb/60-keyboard.hwdb \ - hwdb/60-sensor.hwdb \ -+ hwdb/70-joystick.hwdb \ - hwdb/70-mouse.hwdb \ - hwdb/70-pointingstick.hwdb \ - hwdb/70-touchpad.hwdb -diff --git a/hwdb/meson.build b/hwdb/meson.build -index 74a93f9ccb..6fceff2b3b 100644 ---- a/hwdb/meson.build -+++ b/hwdb/meson.build -@@ -12,6 +12,7 @@ hwdb_files = files(''' - 60-evdev.hwdb - 60-keyboard.hwdb - 60-sensor.hwdb -+ 70-joystick.hwdb - 70-mouse.hwdb - 70-pointingstick.hwdb - 70-touchpad.hwdb -diff --git a/rules/meson.build b/rules/meson.build -index 0f818a506f..7f4725ad65 100644 ---- a/rules/meson.build -+++ b/rules/meson.build -@@ -12,6 +12,7 @@ rules = files(''' - 60-sensor.rules - 60-serial.rules - 64-btrfs.rules -+ 70-joystick.rules - 70-mouse.rules - 70-touchpad.rules - 75-net-description.rules diff --git a/0002-machined-continue-without-resolve.hook-socket.patch b/0002-machined-continue-without-resolve.hook-socket.patch new file mode 100644 index 0000000..2903c5e --- /dev/null +++ b/0002-machined-continue-without-resolve.hook-socket.patch @@ -0,0 +1,32 @@ +From 8d6d86d1d7e45eeae921e88adde55d6524027c96 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= +Date: Wed, 26 Nov 2025 22:29:53 +0100 +Subject: [PATCH 3/3] machined: continue without resolve.hook socket + +--- + src/machine/machined-varlink.c | 12 +++++++++--- + 1 file changed, 9 insertions(+), 3 deletions(-) + +diff --git a/src/machine/machined-varlink.c b/src/machine/machined-varlink.c +index f83cbb8562..0b30cd0531 100644 +--- a/src/machine/machined-varlink.c ++++ b/src/machine/machined-varlink.c +@@ -894,9 +894,15 @@ static int manager_varlink_init_resolve_hook(Manager *m) { + + r = sd_varlink_server_listen_address(s, VARLINK_PATH_MACHINED_RESOLVE_HOOK, + 0666 | SD_VARLINK_SERVER_MODE_MKDIR_0755); +- if (r < 0) +- return log_error_errno(r, "Failed to bind to varlink socket %s: %m", +- VARLINK_PATH_MACHINED_RESOLVE_HOOK); ++ if (r < 0) { ++ bool ignore = ERRNO_IS_NEG_PRIVILEGE(r); ++ log_full_errno(ignore ? LOG_WARNING : LOG_ERR, ++ r, ++ "Failed to bind to varlink socket %s%s: %m", ++ VARLINK_PATH_MACHINED_RESOLVE_HOOK, ++ ignore ? ", ignoring" : ""); ++ return ignore ? 0 : r; ++ } + + r = sd_varlink_server_attach_event(s, m->event, SD_EVENT_PRIORITY_NORMAL); + if (r < 0) diff --git a/0003-add-version-argument-to-help-function-6377.patch b/0003-add-version-argument-to-help-function-6377.patch deleted file mode 100644 index 817077e..0000000 --- a/0003-add-version-argument-to-help-function-6377.patch +++ /dev/null @@ -1,22 +0,0 @@ -From a1b21ca91835ec0322ccd0eedf9951ba0e52db80 Mon Sep 17 00:00:00 2001 -From: IPv4v6 -Date: Sat, 15 Jul 2017 13:53:21 +0200 -Subject: [PATCH] add version argument to help function (#6377) - -Signed-off-by: Stefan Pietsch (cherry picked from commit cb4069d95e447e8a01fc3feee6d6cb99669c4c38) ---- - src/core/main.c | 1 + - 1 file changed, 1 insertion(+) - -diff --git a/src/core/main.c b/src/core/main.c -index 88e2c92504..babcab4978 100644 ---- a/src/core/main.c -+++ b/src/core/main.c -@@ -1091,6 +1091,7 @@ static int help(void) { - printf("%s [OPTIONS...]\n\n" - "Starts up and maintains the system or user services.\n\n" - " -h --help Show this help\n" -+ " --version Show version\n" - " --test Determine startup sequence, dump it and exit\n" - " --no-pager Do not pipe output into a pager\n" - " --dump-configuration-items Dump understood unit configuration items\n" diff --git a/0003-ukify-omit-.osrel-section-when-os-release-is-empty.patch b/0003-ukify-omit-.osrel-section-when-os-release-is-empty.patch new file mode 100644 index 0000000..5f4a1dd --- /dev/null +++ b/0003-ukify-omit-.osrel-section-when-os-release-is-empty.patch @@ -0,0 +1,112 @@ +From 75890d949f92c412c0936b8536b2e0dc8f7dfb40 Mon Sep 17 00:00:00 2001 +From: Nick Rosbrook +Date: Fri, 19 Dec 2025 11:01:49 -0500 +Subject: [PATCH] ukify: omit .osrel section when --os-release= is empty + +The primary motivation for this is to allow users of ukify to build +UKI-like objects, without having them later be detected as a UKI by +tools like kernel-install and bootctl. + +The common code used by these tools to determine if a PE binary is a UKI +checks that both .osrel and .linux sections are present. Hence, adding +a mechansim to skip .osrel provides a way to avoid being labeled a UKI. +--- + man/ukify.xml | 5 ++++- + src/ukify/test/test_ukify.py | 15 +++++++++++---- + src/ukify/ukify.py | 10 +++++++++- + 3 files changed, 24 insertions(+), 6 deletions(-) + +diff --git a/man/ukify.xml b/man/ukify.xml +index 829761642d..7462c5c92f 100644 +--- a/man/ukify.xml ++++ b/man/ukify.xml +@@ -365,7 +365,10 @@ + The os-release description (the .osrel section). The argument + may be a literal string, or @ followed by a path name. If not specified, the + os-release5 file +- will be picked up from the host system. ++ will be picked up from the host system. If explicitly set to an empty string, the ".osrel" section ++ is omitted from the UKI (this is not recommended in most cases, and causes the resulting artifact ++ to not be recognized as a UKI by other tools like kernel-install ++ and bootctl). + + + +diff --git a/src/ukify/test/test_ukify.py b/src/ukify/test/test_ukify.py +index f75ef0c891..224a38569f 100755 +--- a/src/ukify/test/test_ukify.py ++++ b/src/ukify/test/test_ukify.py +@@ -641,7 +641,7 @@ def test_efi_signing_pesign(kernel_initrd, tmp_path): + + shutil.rmtree(tmp_path) + +-def test_inspect(kernel_initrd, tmp_path, capsys): ++def test_inspect(kernel_initrd, tmp_path, capsys, osrel=True): + if kernel_initrd is None: + pytest.skip('linux+initrd not found') + if not shutil.which('sbsign'): +@@ -653,7 +653,7 @@ def test_inspect(kernel_initrd, tmp_path, capsys): + + output = f'{tmp_path}/signed2.efi' + uname_arg='1.2.3' +- osrel_arg='Linux' ++ osrel_arg='Linux' if osrel else '' + cmdline_arg='ARG1 ARG2 ARG3' + + args = [ +@@ -680,8 +680,12 @@ def test_inspect(kernel_initrd, tmp_path, capsys): + + text = capsys.readouterr().out + +- expected_osrel = f'.osrel:\n size: {len(osrel_arg)}' +- assert expected_osrel in text ++ if osrel: ++ expected_osrel = f'.osrel:\n size: {len(osrel_arg)}' ++ assert expected_osrel in text ++ else: ++ assert '.osrel:' not in text ++ + expected_cmdline = f'.cmdline:\n size: {len(cmdline_arg)}' + assert expected_cmdline in text + expected_uname = f'.uname:\n size: {len(uname_arg)}' +@@ -694,6 +698,9 @@ def test_inspect(kernel_initrd, tmp_path, capsys): + + shutil.rmtree(tmp_path) + ++def test_inspect_no_osrel(kernel_initrd, tmp_path, capsys): ++ test_inspect(kernel_initrd, tmp_path, capsys, osrel=False) ++ + @pytest.mark.skipif(not slow_tests, reason='slow') + def test_pcr_signing(kernel_initrd, tmp_path): + if kernel_initrd is None: +diff --git a/src/ukify/ukify.py b/src/ukify/ukify.py +index c98f8e2a5d..b7542c7eca 100755 +--- a/src/ukify/ukify.py ++++ b/src/ukify/ukify.py +@@ -1477,6 +1477,9 @@ def make_uki(opts: UkifyConfig) -> None: + '.profile', + } + ++ if not opts.os_release: ++ to_import.remove('.osrel') ++ + for profile in opts.join_profiles: + pe = pefile.PE(profile, fast_load=True) + prev_len = len(uki.sections) +@@ -2412,7 +2415,12 @@ def finalize_options(opts: argparse.Namespace) -> None: + + opts.os_release = resolve_at_path(opts.os_release) + +- if not opts.os_release and opts.linux: ++ if opts.os_release == '': ++ # If --os-release= with an empty string was passed, treat that as ++ # explicitly disabling the .osrel section, and do not fallback to the ++ # system's os-release files. ++ pass ++ elif opts.os_release is None and opts.linux: + p = Path('/etc/os-release') + if not p.exists(): + p = Path('/usr/lib/os-release') +-- +2.52.0 + diff --git a/0004-seccomp-arm64-x32-do-not-have-_sysctl.patch b/0004-seccomp-arm64-x32-do-not-have-_sysctl.patch deleted file mode 100644 index 1aa9de3..0000000 --- a/0004-seccomp-arm64-x32-do-not-have-_sysctl.patch +++ /dev/null @@ -1,79 +0,0 @@ -From 5d56b6fb41fb29cd636e64f079f9a1e1982820be Mon Sep 17 00:00:00 2001 -From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= -Date: Sat, 15 Jul 2017 19:28:02 +0000 -Subject: [PATCH] seccomp: arm64/x32 do not have _sysctl - -So don't even try to added the filter to reduce noise. -The test is updated to skip calling _sysctl because the kernel prints -an oops-like message that is confusing and unhelpful: - -Jul 15 21:07:01 rpi3 kernel: test-seccomp[8448]: syscall -10080 -Jul 15 21:07:01 rpi3 kernel: Code: aa0503e4 aa0603e5 aa0703e6 d4000001 (b13ffc1f) -Jul 15 21:07:01 rpi3 kernel: CPU: 3 PID: 8448 Comm: test-seccomp Tainted: G W 4.11.8-300.fc26.aarch64 #1 -Jul 15 21:07:01 rpi3 kernel: Hardware name: raspberrypi rpi/rpi, BIOS 2017.05 06/24/2017 -Jul 15 21:07:01 rpi3 kernel: task: ffff80002bb0bb00 task.stack: ffff800036354000 -Jul 15 21:07:01 rpi3 kernel: PC is at 0xffff8669c7c4 -Jul 15 21:07:01 rpi3 kernel: LR is at 0xaaaac64b6750 -Jul 15 21:07:01 rpi3 kernel: pc : [<0000ffff8669c7c4>] lr : [<0000aaaac64b6750>] pstate: 60000000 -Jul 15 21:07:01 rpi3 kernel: sp : 0000ffffdc640fd0 -Jul 15 21:07:01 rpi3 kernel: x29: 0000ffffdc640fd0 x28: 0000000000000000 -Jul 15 21:07:01 rpi3 kernel: x27: 0000000000000000 x26: 0000000000000000 -Jul 15 21:07:01 rpi3 kernel: x25: 0000000000000000 x24: 0000000000000000 -Jul 15 21:07:01 rpi3 kernel: x23: 0000000000000000 x22: 0000000000000000 -Jul 15 21:07:01 rpi3 kernel: x21: 0000aaaac64b4940 x20: 0000000000000000 -Jul 15 21:07:01 rpi3 kernel: x19: 0000aaaac64b88f8 x18: 0000000000000020 -Jul 15 21:07:01 rpi3 kernel: x17: 0000ffff8669c7a0 x16: 0000aaaac64d2ee0 -Jul 15 21:07:01 rpi3 kernel: x15: 0000000000000000 x14: 0000000000000000 -Jul 15 21:07:01 rpi3 kernel: x13: 203a657275746365 x12: 0000000000000000 -Jul 15 21:07:01 rpi3 kernel: x11: 0000ffffdc640418 x10: 0000000000000000 -Jul 15 21:07:01 rpi3 kernel: x9 : 0000000000000005 x8 : 00000000ffffd8a0 -Jul 15 21:07:01 rpi3 kernel: x7 : 7f7f7f7f7f7f7f7f x6 : 7f7f7f7f7f7f7f7f -Jul 15 21:07:01 rpi3 kernel: x5 : 65736d68716f7277 x4 : 0000000000000000 -Jul 15 21:07:01 rpi3 kernel: x3 : 0000000000000008 x2 : 0000000000000000 -Jul 15 21:07:01 rpi3 kernel: x1 : 0000000000000000 x0 : 0000000000000000 -Jul 15 21:07:01 rpi3 kernel: - -(cherry picked from commit 1e20e640132c700c23494bb9e2619afb83878380) -(cherry picked from commit 2e64e8f46d726689a44d4084226fe3e0ea255c29) ---- - src/shared/seccomp-util.c | 4 ++++ - src/test/test-seccomp.c | 4 ++++ - 2 files changed, 8 insertions(+) - -diff --git a/src/shared/seccomp-util.c b/src/shared/seccomp-util.c -index 36843d4bf5..1a8bfbe416 100644 ---- a/src/shared/seccomp-util.c -+++ b/src/shared/seccomp-util.c -@@ -899,6 +899,10 @@ int seccomp_protect_sysctl(void) { - - log_debug("Operating on architecture: %s", seccomp_arch_to_string(arch)); - -+ if (IN_SET(arch, SCMP_ARCH_X32, SCMP_ARCH_AARCH64)) -+ /* No _sysctl syscall */ -+ continue; -+ - r = seccomp_init_for_arch(&seccomp, arch, SCMP_ACT_ALLOW); - if (r < 0) - return r; -diff --git a/src/test/test-seccomp.c b/src/test/test-seccomp.c -index efd145e063..50fe24c794 100644 ---- a/src/test/test-seccomp.c -+++ b/src/test/test-seccomp.c -@@ -244,13 +244,17 @@ static void test_protect_sysctl(void) { - assert_se(pid >= 0); - - if (pid == 0) { -+#if __NR__sysctl > 0 - assert_se(syscall(__NR__sysctl, NULL) < 0); - assert_se(errno == EFAULT); -+#endif - - assert_se(seccomp_protect_sysctl() >= 0); - -+#if __NR__sysctl > 0 - assert_se(syscall(__NR__sysctl, 0, 0, 0) < 0); - assert_se(errno == EPERM); -+#endif - - _exit(EXIT_SUCCESS); - } diff --git a/0004-stub-Fix-NULL-pointer-deref-when-there-are-no-initrd.patch b/0004-stub-Fix-NULL-pointer-deref-when-there-are-no-initrd.patch new file mode 100644 index 0000000..d6f362f --- /dev/null +++ b/0004-stub-Fix-NULL-pointer-deref-when-there-are-no-initrd.patch @@ -0,0 +1,51 @@ +From e57e599e6b11039ab6484e5622b3deae20bfd678 Mon Sep 17 00:00:00 2001 +From: Hans de Goede +Date: Mon, 12 Jan 2026 14:56:36 +0100 +Subject: [PATCH] stub: Fix NULL pointer deref when there are no initrds + +When n_all_initrds == 0, then all_initrds is unmodified from its initial +value of: + + _cleanup_free_ struct iovec *all_initrds = NULL; + +and in the else block of the "if (n_all_initrds > 1)" the NULL is +dereferenced: + + final_initrd = all_initrds[0]; + +Leading to the stub crashing due to a NULL pointer deref. + +Fix this by initializing final_initrd to all 0s and only +running the else block if (n_all_initrds == 1). +--- + src/boot/stub.c | 6 +++--- + 1 file changed, 3 insertions(+), 3 deletions(-) + +diff --git a/src/boot/stub.c b/src/boot/stub.c +index 06ecbc7d18..65950262c6 100644 +--- a/src/boot/stub.c ++++ b/src/boot/stub.c +@@ -1302,9 +1302,9 @@ static EFI_STATUS run(EFI_HANDLE image) { + + /* Combine the initrds into one */ + _cleanup_pages_ Pages initrd_pages = {}; +- struct iovec final_initrd; ++ struct iovec final_initrd = {}; + if (n_all_initrds > 1) { +- /* There will always be a base initrd, if this counter is higher, we need to combine them */ ++ /* If there is more then 1 initrd we need to combine them */ + err = combine_initrds(all_initrds, n_all_initrds, &initrd_pages, &final_initrd.iov_len); + if (err != EFI_SUCCESS) + return err; +@@ -1313,7 +1313,7 @@ static EFI_STATUS run(EFI_HANDLE image) { + + /* Given these might be large let's free them explicitly before we pass control to Linux */ + initrds_free(&initrds); +- } else ++ } else if (n_all_initrds == 1) + final_initrd = all_initrds[0]; + + struct iovec kernel = IOVEC_MAKE( +-- +2.52.0 + diff --git a/0005-seccomp-arm64-does-not-have-mmap2.patch b/0005-seccomp-arm64-does-not-have-mmap2.patch deleted file mode 100644 index ea9e622..0000000 --- a/0005-seccomp-arm64-does-not-have-mmap2.patch +++ /dev/null @@ -1,40 +0,0 @@ -From e04118bd11f8268e7ee7b893f861f18f03bc6970 Mon Sep 17 00:00:00 2001 -From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= -Date: Sat, 15 Jul 2017 19:30:01 +0000 -Subject: [PATCH] seccomp: arm64 does not have mmap2 - -I messed up when adding the definitions in 4278d1f5310f5acb4c6a6788233625234edb5145. -Unfortunately I didn't have the hardware at hand and went by -looking at the kernel headers. - -(cherry picked from commit 53196fafcb7b24b45ed4f48ab894d00a24a6d871) -(cherry picked from commit 79873bc850177050baa0c5165b119adafeebb891) ---- - src/shared/seccomp-util.c | 7 ++----- - 1 file changed, 2 insertions(+), 5 deletions(-) - -diff --git a/src/shared/seccomp-util.c b/src/shared/seccomp-util.c -index 1a8bfbe416..637ee8526e 100644 ---- a/src/shared/seccomp-util.c -+++ b/src/shared/seccomp-util.c -@@ -1223,10 +1223,6 @@ int seccomp_memory_deny_write_execute(void) { - - break; - -- case SCMP_ARCH_AARCH64: -- block_syscall = SCMP_SYS(mmap); -- /* fall through */ -- - case SCMP_ARCH_ARM: - filter_syscall = SCMP_SYS(mmap2); /* arm has only mmap2 */ - shmat_syscall = SCMP_SYS(shmat); -@@ -1234,7 +1230,8 @@ int seccomp_memory_deny_write_execute(void) { - - case SCMP_ARCH_X86_64: - case SCMP_ARCH_X32: -- filter_syscall = SCMP_SYS(mmap); /* amd64 and x32 have only mmap */ -+ case SCMP_ARCH_AARCH64: -+ filter_syscall = SCMP_SYS(mmap); /* amd64, x32, and arm64 have only mmap */ - shmat_syscall = SCMP_SYS(shmat); - break; - diff --git a/0006-test-seccomp-arm64-does-not-have-access-and-poll.patch b/0006-test-seccomp-arm64-does-not-have-access-and-poll.patch deleted file mode 100644 index 7000aa4..0000000 --- a/0006-test-seccomp-arm64-does-not-have-access-and-poll.patch +++ /dev/null @@ -1,41 +0,0 @@ -From 5a3e65fa2537b31334ccb8b73a28208a3b535076 Mon Sep 17 00:00:00 2001 -From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= -Date: Sat, 15 Jul 2017 19:30:48 +0000 -Subject: [PATCH] test-seccomp: arm64 does not have access() and poll() - -glibc uses faccessat and ppoll, so just add a filters for that. - -(cherry picked from commit abc0213839fef92e2e2b98a434914f22ece48490) -(cherry picked from commit f60a865a496e1e6fde7436b4013dd8ff677f29a1) ---- - src/test/test-seccomp.c | 8 ++++++++ - 1 file changed, 8 insertions(+) - -diff --git a/src/test/test-seccomp.c b/src/test/test-seccomp.c -index 50fe24c794..28fe206507 100644 ---- a/src/test/test-seccomp.c -+++ b/src/test/test-seccomp.c -@@ -529,7 +529,11 @@ static void test_load_syscall_filter_set_raw(void) { - assert_se(poll(NULL, 0, 0) == 0); - - assert_se(s = set_new(NULL)); -+#if SCMP_SYS(access) >= 0 - assert_se(set_put(s, UINT32_TO_PTR(__NR_access + 1)) >= 0); -+#else -+ assert_se(set_put(s, UINT32_TO_PTR(__NR_faccessat + 1)) >= 0); -+#endif - - assert_se(seccomp_load_syscall_filter_set_raw(SCMP_ACT_ALLOW, s, SCMP_ACT_ERRNO(EUCLEAN)) >= 0); - -@@ -541,7 +545,11 @@ static void test_load_syscall_filter_set_raw(void) { - s = set_free(s); - - assert_se(s = set_new(NULL)); -+#if SCMP_SYS(poll) >= 0 - assert_se(set_put(s, UINT32_TO_PTR(__NR_poll + 1)) >= 0); -+#else -+ assert_se(set_put(s, UINT32_TO_PTR(__NR_ppoll + 1)) >= 0); -+#endif - - assert_se(seccomp_load_syscall_filter_set_raw(SCMP_ACT_ALLOW, s, SCMP_ACT_ERRNO(EUNATCH)) >= 0); - diff --git a/0007-fstab-generator-ignore-x-systemd.device-timeout-for-.patch b/0007-fstab-generator-ignore-x-systemd.device-timeout-for-.patch deleted file mode 100644 index 16e85bf..0000000 --- a/0007-fstab-generator-ignore-x-systemd.device-timeout-for-.patch +++ /dev/null @@ -1,31 +0,0 @@ -From 713917bd94272fc65d94016a208b72309ae1320a Mon Sep 17 00:00:00 2001 -From: NeilBrown -Date: Mon, 17 Jul 2017 18:03:34 +1000 -Subject: [PATCH] fstab-generator: ignore x-systemd.device-timeout for - non-devices (#6368) - -If you specify "x-systemd.device-timeout" for an NFS mount -point, you get no warning and a meaningless device unit -dependency created. - -Better to have a warning and no dependency. -(cherry picked from commit c67bd1f758f087496741ce0b3e227d82c6b4a304) ---- - src/shared/generator.c | 4 ++++ - 1 file changed, 4 insertions(+) - -diff --git a/src/shared/generator.c b/src/shared/generator.c -index 6a78ebbda7..6a887e3aad 100644 ---- a/src/shared/generator.c -+++ b/src/shared/generator.c -@@ -182,6 +182,10 @@ int generator_write_timeouts( - node = fstab_node_to_udev_node(what); - if (!node) - return log_oom(); -+ if (!is_device_path(node)) { -+ log_warning("x-systemd.device-timeout ignored for %s", what); -+ return 0; -+ } - - r = unit_name_from_path(node, ".device", &unit); - if (r < 0) diff --git a/0008-core-modify-resource-leak-by-SmackProcessLabel.patch b/0008-core-modify-resource-leak-by-SmackProcessLabel.patch deleted file mode 100644 index d27b8e9..0000000 --- a/0008-core-modify-resource-leak-by-SmackProcessLabel.patch +++ /dev/null @@ -1,22 +0,0 @@ -From 83030c7aea991d863591df2e09d41bb19d6e01d0 Mon Sep 17 00:00:00 2001 -From: WaLyong Cho -Date: Thu, 13 Jul 2017 13:06:34 +0900 -Subject: [PATCH] core: modify resource leak by SmackProcessLabel= - -(cherry picked from commit 5b8e1b7755092e162bcf0bad8afe2e55dfbbd9e2) ---- - src/core/execute.c | 1 + - 1 file changed, 1 insertion(+) - -diff --git a/src/core/execute.c b/src/core/execute.c -index d72e5bf08c..4ed133fb6a 100644 ---- a/src/core/execute.c -+++ b/src/core/execute.c -@@ -3099,6 +3099,7 @@ void exec_context_done(ExecContext *c) { - c->utmp_id = mfree(c->utmp_id); - c->selinux_context = mfree(c->selinux_context); - c->apparmor_profile = mfree(c->apparmor_profile); -+ c->smack_process_label = mfree(c->smack_process_label); - - c->syscall_filter = set_free(c->syscall_filter); - c->syscall_archs = set_free(c->syscall_archs); diff --git a/0009-core-dump-also-missed-security-context.patch b/0009-core-dump-also-missed-security-context.patch deleted file mode 100644 index 40ab919..0000000 --- a/0009-core-dump-also-missed-security-context.patch +++ /dev/null @@ -1,31 +0,0 @@ -From d8e3c9d25867f7081f060f1491186b6e3b30975b Mon Sep 17 00:00:00 2001 -From: WaLyong Cho -Date: Thu, 13 Jul 2017 13:10:41 +0900 -Subject: [PATCH] core: dump also missed security context - -(cherry picked from commit 80c21aea118eeccfb2a0fcc5986b4432588dc857) ---- - src/core/execute.c | 10 ++++++++++ - 1 file changed, 10 insertions(+) - -diff --git a/src/core/execute.c b/src/core/execute.c -index 4ed133fb6a..62faa028a1 100644 ---- a/src/core/execute.c -+++ b/src/core/execute.c -@@ -3614,6 +3614,16 @@ void exec_context_dump(ExecContext *c, FILE* f, const char *prefix) { - "%sSELinuxContext: %s%s\n", - prefix, c->selinux_context_ignore ? "-" : "", c->selinux_context); - -+ if (c->apparmor_profile) -+ fprintf(f, -+ "%sAppArmorProfile: %s%s\n", -+ prefix, c->apparmor_profile_ignore ? "-" : "", c->apparmor_profile); -+ -+ if (c->smack_process_label) -+ fprintf(f, -+ "%sSmackProcessLabel: %s%s\n", -+ prefix, c->smack_process_label_ignore ? "-" : "", c->smack_process_label); -+ - if (c->personality != PERSONALITY_INVALID) - fprintf(f, - "%sPersonality: %s\n", diff --git a/0010-journald-make-sure-we-retain-all-stream-fds-across-r.patch b/0010-journald-make-sure-we-retain-all-stream-fds-across-r.patch deleted file mode 100644 index 1546e98..0000000 --- a/0010-journald-make-sure-we-retain-all-stream-fds-across-r.patch +++ /dev/null @@ -1,32 +0,0 @@ -From 3dd07ebf08dd630b0f50dfff3ef6d05628b8708b Mon Sep 17 00:00:00 2001 -From: Michal Sekletar -Date: Mon, 17 Jul 2017 10:04:37 +0200 -Subject: [PATCH] journald: make sure we retain all stream fds across restarts - (#6348) - -Currently we set 4096 as maximum for number of stream connections that -we accept. However maximum number of file descriptors that systemd is -willing to accept from us is just 1024. This means we can't retain all -stream connections that we accepted. Hence bump the limit of fds in a -unit file so that systemd holds open all stream fds while we are -restarted. - -New limit is set to 4224 (4096 + 128). -(cherry picked from commit 3c978aca69e0e43d4dd453437ec9c498ea788795) ---- - units/systemd-journald.service.in | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/units/systemd-journald.service.in b/units/systemd-journald.service.in -index 66b7c6a48e..1e86d63648 100644 ---- a/units/systemd-journald.service.in -+++ b/units/systemd-journald.service.in -@@ -21,7 +21,7 @@ Restart=always - RestartSec=0 - StandardOutput=null - WatchdogSec=3min --FileDescriptorStoreMax=1024 -+FileDescriptorStoreMax=4224 - CapabilityBoundingSet=CAP_SYS_ADMIN CAP_DAC_OVERRIDE CAP_SYS_PTRACE CAP_SYSLOG CAP_AUDIT_CONTROL CAP_AUDIT_READ CAP_CHOWN CAP_DAC_READ_SEARCH CAP_FOWNER CAP_SETUID CAP_SETGID CAP_MAC_OVERRIDE - MemoryDenyWriteExecute=yes - RestrictRealtime=yes diff --git a/0011-Use-config_parse_sec_fix_0-also-for-JobRunningTimeou.patch b/0011-Use-config_parse_sec_fix_0-also-for-JobRunningTimeou.patch deleted file mode 100644 index 6a275fa..0000000 --- a/0011-Use-config_parse_sec_fix_0-also-for-JobRunningTimeou.patch +++ /dev/null @@ -1,37 +0,0 @@ -From d52e2bb9c20216972754c054e8534bca28baab66 Mon Sep 17 00:00:00 2001 -From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= -Date: Mon, 17 Jul 2017 15:45:44 -0400 -Subject: [PATCH] Use config_parse_sec_fix_0() also for JobRunningTimeoutSec - -2d79a0bbb9f651656384a0a86ed814e6306fb5dd did that for TimeoutSec=, -89beff89edba592366b2960bd830d3f6e602c2c7 did that for JobTimeoutSec=, -and 0004f698df1410ef8b6ab3fb5f4b41a60c91182c did that for -x-systemd.device-timeout=. But after parsing x-systemd.device-timeout=xxx -we write it out as JobRunningTimeoutSec=xxx. Two options: -- write out JobRunningTimeoutSec=, -- change JobRunningTimeoutSec= to behave like the other options. - -I think it would be confusing for JobRunningTimeoutSec= to have different -syntax then TimeoutSec= and JobTimeoutSec=, so this patch implements the -second option. - -Fixes #6264, https://bugzilla.redhat.com/show_bug.cgi?id=1462378. - -(cherry picked from commit 4a06cbf8387555c7c04a1ee6f0c5a6f858bf4b19) ---- - src/core/load-fragment-gperf.gperf.m4 | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/src/core/load-fragment-gperf.gperf.m4 b/src/core/load-fragment-gperf.gperf.m4 -index 5b5a86250e..7fb39cf948 100644 ---- a/src/core/load-fragment-gperf.gperf.m4 -+++ b/src/core/load-fragment-gperf.gperf.m4 -@@ -194,7 +194,7 @@ Unit.OnFailureIsolate, config_parse_job_mode_isolate, 0, - Unit.IgnoreOnIsolate, config_parse_bool, 0, offsetof(Unit, ignore_on_isolate) - Unit.IgnoreOnSnapshot, config_parse_warn_compat, DISABLED_LEGACY, 0 - Unit.JobTimeoutSec, config_parse_sec_fix_0, 0, offsetof(Unit, job_timeout) --Unit.JobRunningTimeoutSec, config_parse_sec, 0, offsetof(Unit, job_running_timeout) -+Unit.JobRunningTimeoutSec, config_parse_sec_fix_0, 0, offsetof(Unit, job_running_timeout) - Unit.JobTimeoutAction, config_parse_emergency_action, 0, offsetof(Unit, job_timeout_action) - Unit.JobTimeoutRebootArgument, config_parse_unit_string_printf, 0, offsetof(Unit, job_timeout_reboot_arg) - Unit.StartLimitIntervalSec, config_parse_sec, 0, offsetof(Unit, start_limit.interval) diff --git a/0012-virt-enable-detecting-QEMU-TCG-via-CPUID-6399.patch b/0012-virt-enable-detecting-QEMU-TCG-via-CPUID-6399.patch deleted file mode 100644 index 5856ed0..0000000 --- a/0012-virt-enable-detecting-QEMU-TCG-via-CPUID-6399.patch +++ /dev/null @@ -1,31 +0,0 @@ -From e48936b0be085f15a2e2ac88b2e50a91a66782ac Mon Sep 17 00:00:00 2001 -From: Daniel Berrange -Date: Wed, 19 Jul 2017 10:06:07 +0100 -Subject: [PATCH] virt: enable detecting QEMU (TCG) via CPUID (#6399) - -QEMU >= 2.10 will include a CPUID leaf with value "TCGTCGTCGTCG" -on x86 when running with the TCG CPU emulator: - - https://lists.gnu.org/archive/html/qemu-devel/2017-07/msg05231.html - -Existing methods of detecting QEMU are left unchanged for sake of -backcompatibility. - -Signed-off-by: Daniel P. Berrange -(cherry picked from commit 5588612e9e8828691f13141e3fcebe08a59201fe) ---- - src/basic/virt.c | 1 + - 1 file changed, 1 insertion(+) - -diff --git a/src/basic/virt.c b/src/basic/virt.c -index 6011744523..5143ac6656 100644 ---- a/src/basic/virt.c -+++ b/src/basic/virt.c -@@ -46,6 +46,7 @@ static int detect_vm_cpuid(void) { - } cpuid_vendor_table[] = { - { "XenVMMXenVMM", VIRTUALIZATION_XEN }, - { "KVMKVMKVM", VIRTUALIZATION_KVM }, -+ { "TCGTCGTCGTCG", VIRTUALIZATION_QEMU }, - /* http://kb.vmware.com/selfservice/microsites/search.do?language=en_US&cmd=displayKC&externalId=1009458 */ - { "VMwareVMware", VIRTUALIZATION_VMWARE }, - /* https://docs.microsoft.com/en-us/virtualization/hyper-v-on-windows/reference/tlfs */ diff --git a/0013-test-condition-don-t-assume-that-all-non-root-users-.patch b/0013-test-condition-don-t-assume-that-all-non-root-users-.patch deleted file mode 100644 index 8212cd4..0000000 --- a/0013-test-condition-don-t-assume-that-all-non-root-users-.patch +++ /dev/null @@ -1,28 +0,0 @@ -From 8864ff594b43a34e5a593da42336f28e2f30b9f5 Mon Sep 17 00:00:00 2001 -From: Felipe Sateler -Date: Wed, 19 Jul 2017 20:48:23 -0400 -Subject: [PATCH] test-condition: don't assume that all non-root users are - normal users (#6409) - -Automated builders may run under a dedicated system user, and this test would fail that - -Fixes #6366 - -(cherry picked from commit 708d423915c4ea48d408b5a3395c11055247b9bc) ---- - src/test/test-condition.c | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/src/test/test-condition.c b/src/test/test-condition.c -index 121345cfd1..b15f1b98c0 100644 ---- a/src/test/test-condition.c -+++ b/src/test/test-condition.c -@@ -390,7 +390,7 @@ static void test_condition_test_user(void) { - assert_se(condition); - r = condition_test(condition); - log_info("ConditionUser=@system → %i", r); -- if (geteuid() == 0) -+ if (getuid() < SYSTEM_UID_MAX || geteuid() < SYSTEM_UID_MAX) - assert_se(r > 0); - else - assert_se(r == 0); diff --git a/0014-call-chase_symlinks-without-the-sysroot-prefix-6411.patch b/0014-call-chase_symlinks-without-the-sysroot-prefix-6411.patch deleted file mode 100644 index 79a140d..0000000 --- a/0014-call-chase_symlinks-without-the-sysroot-prefix-6411.patch +++ /dev/null @@ -1,31 +0,0 @@ -From eca55fbc51056b2a4fa3242917b6fc2f0c02e981 Mon Sep 17 00:00:00 2001 -From: Harald Hoyer -Date: Thu, 20 Jul 2017 19:13:09 +0200 -Subject: [PATCH] call chase_symlinks without the /sysroot prefix (#6411) - -In case fstab-generator is called in the initrd, chase_symlinks() -returns with a canonical path "/sysroot/sysroot/", if the -"/sysroot" prefix is present in the path. - -This patch skips the "/sysroot" prefix for the chase_symlinks() call, -because "/sysroot" is already the root directory and chase_symlinks() -prepends the root directory in the canonical path returned. - -(cherry picked from commit 98eda38aed6a10c4f6d6ad0cac6e5361e87de52b) ---- - src/fstab-generator/fstab-generator.c | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/src/fstab-generator/fstab-generator.c b/src/fstab-generator/fstab-generator.c -index 7f23b9fd74..f172e9c07b 100644 ---- a/src/fstab-generator/fstab-generator.c -+++ b/src/fstab-generator/fstab-generator.c -@@ -537,7 +537,7 @@ static int parse_fstab(bool initrd) { - continue; - } - -- where = initrd ? strappend("/sysroot/", me->mnt_dir) : strdup(me->mnt_dir); -+ where = strdup(me->mnt_dir); - if (!where) - return log_oom(); - diff --git a/0015-nspawn-downgrade-warning-when-we-get-sd_notify-messa.patch b/0015-nspawn-downgrade-warning-when-we-get-sd_notify-messa.patch deleted file mode 100644 index 0dc1b02..0000000 --- a/0015-nspawn-downgrade-warning-when-we-get-sd_notify-messa.patch +++ /dev/null @@ -1,31 +0,0 @@ -From 0e50428d3699e3ad25861f458540d24038cfaa4e Mon Sep 17 00:00:00 2001 -From: Lennart Poettering -Date: Thu, 20 Jul 2017 20:46:58 +0200 -Subject: [PATCH] nspawn: downgrade warning when we get sd_notify() message - from unexpected process (#6416) - -Given that we set NOTIFY_SOCKET unconditionally it's not surprising that -processes way down the process tree think it's smart to send us a -notification message. - -It's still useful to keep this message, for debugging things, but it -shouldn't be generated by default. - -(cherry picked from commit 8cb574307963d1aeb1c53e1d1fbeee4a2be37259) ---- - src/nspawn/nspawn.c | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/src/nspawn/nspawn.c b/src/nspawn/nspawn.c -index 8a5fedd4b0..0cbd8c3491 100644 ---- a/src/nspawn/nspawn.c -+++ b/src/nspawn/nspawn.c -@@ -2836,7 +2836,7 @@ static int nspawn_dispatch_notify_fd(sd_event_source *source, int fd, uint32_t r - } - - if (!ucred || ucred->pid != inner_child_pid) { -- log_warning("Received notify message without valid credentials. Ignoring."); -+ log_debug("Received notify message without valid credentials. Ignoring."); - return 0; - } - diff --git a/0016-Revert-core-don-t-load-dropin-data-multiple-times-fo.patch b/0016-Revert-core-don-t-load-dropin-data-multiple-times-fo.patch deleted file mode 100644 index 383d5bd..0000000 --- a/0016-Revert-core-don-t-load-dropin-data-multiple-times-fo.patch +++ /dev/null @@ -1,71 +0,0 @@ -From 29d9cfc097586ac79911a5f5035c45b1971a5b1f Mon Sep 17 00:00:00 2001 -From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= -Date: Sat, 22 Jul 2017 08:39:49 -0400 -Subject: [PATCH] Revert "core: don't load dropin data multiple times for the - same unit (#5139)" - -This reverts commit 2d058a87ffb2d31a50422a8aebd119bbb4427244. - -When we add another name to a unit (by following an alias), we need to -reload all drop-ins. This is necessary to load any additional dropins -found in the dirs created from the alias name. - -Fixes #6334. - -(cherry picked from commit 9e4ea9cc34fa032a47c253ddd94ac6c7afda663e) ---- - src/core/unit.c | 23 +++++++---------------- - 1 file changed, 7 insertions(+), 16 deletions(-) - -diff --git a/src/core/unit.c b/src/core/unit.c -index b28eeb2262..9d913e8c64 100644 ---- a/src/core/unit.c -+++ b/src/core/unit.c -@@ -1098,7 +1098,6 @@ void unit_dump(Unit *u, FILE *f, const char *prefix) { - - /* Common implementation for multiple backends */ - int unit_load_fragment_and_dropin(Unit *u) { -- Unit *t; - int r; - - assert(u); -@@ -1111,18 +1110,15 @@ int unit_load_fragment_and_dropin(Unit *u) { - if (u->load_state == UNIT_STUB) - return -ENOENT; - -- /* If the unit is an alias and the final unit has already been -- * loaded, there's no point in reloading the dropins one more time. */ -- t = unit_follow_merge(u); -- if (t != u && t->load_state != UNIT_STUB) -- return 0; -- -- return unit_load_dropin(t); -+ /* Load drop-in directory data. If u is an alias, we might be reloading the -+ * target unit needlessly. But we cannot be sure which drops-ins have already -+ * been loaded and which not, at least without doing complicated book-keeping, -+ * so let's always reread all drop-ins. */ -+ return unit_load_dropin(unit_follow_merge(u)); - } - - /* Common implementation for multiple backends */ - int unit_load_fragment_and_dropin_optional(Unit *u) { -- Unit *t; - int r; - - assert(u); -@@ -1138,13 +1134,8 @@ int unit_load_fragment_and_dropin_optional(Unit *u) { - if (u->load_state == UNIT_STUB) - u->load_state = UNIT_LOADED; - -- /* If the unit is an alias and the final unit has already been -- * loaded, there's no point in reloading the dropins one more time. */ -- t = unit_follow_merge(u); -- if (t != u && t->load_state != UNIT_STUB) -- return 0; -- -- return unit_load_dropin(t); -+ /* Load drop-in directory data */ -+ return unit_load_dropin(unit_follow_merge(u)); - } - - int unit_add_default_target_dependency(Unit *u, Unit *target) { diff --git a/0017-bash-completion-use-the-first-argument-instead-of-th.patch b/0017-bash-completion-use-the-first-argument-instead-of-th.patch deleted file mode 100644 index 82333fe..0000000 --- a/0017-bash-completion-use-the-first-argument-instead-of-th.patch +++ /dev/null @@ -1,73 +0,0 @@ -From f6441eaf050267c05ef8df8d5614bb598528942f Mon Sep 17 00:00:00 2001 -From: Yu Watanabe -Date: Thu, 27 Jul 2017 20:22:54 +0900 -Subject: [PATCH] bash-completion: use the first argument instead of the global - variable (#6457) - -Without this fix: - -$ systemctl start -Display all 135 possibilities? (y or n) -$ __get_startable_units --system | wc -l -224 - -the number of the suggestions are quite different, as __get_startable_units --system does -not filter already started units. With this fix, - -$ systemctl start -Display all 135 possibilities? (y or n) -$ __get_startable_units --system | wc -l -123 -$ __get_template_names --system | wc -l -12 - -the number of the suggestions matches one the function returns. -For consistency with the other internal functions, it should use the first argument -instead of the global variable $mode. - -[zj: add commit message to make it sound like we know what we're doing] - -(cherry picked from commit 6bda23dd6aaba50cf8e3e6024248cf736cc443ca) ---- - shell-completion/bash/systemctl.in | 14 +++++++------- - 1 file changed, 7 insertions(+), 7 deletions(-) - -diff --git a/shell-completion/bash/systemctl.in b/shell-completion/bash/systemctl.in -index 0398d09d18..bde28efc3e 100644 ---- a/shell-completion/bash/systemctl.in -+++ b/shell-completion/bash/systemctl.in -@@ -68,7 +68,7 @@ __filter_units_by_properties () { - done - for ((i=0; i < ${#units[*]}; i++)); do - for ((j=0; j < ${#conditions[*]}; j++)); do -- if [[ "${props[ i * ${#conditions[*]} + j]}" != "${conditions[j]}" ]]; then -+ if [[ "${props[i * ${#conditions[*]} + j]}" != "${conditions[j]}" ]]; then - break - fi - done -@@ -87,19 +87,19 @@ __get_active_units () { __systemctl $1 list-units \ - | { while read -r a b; do echo " $a"; done; }; } - __get_startable_units () { - # find startable inactive units -- __filter_units_by_properties $mode ActiveState,CanStart inactive,yes $( -- { __systemctl $mode list-unit-files --state enabled,enabled-runtime,linked,linked-runtime,static,indirect,disabled,generated,transient | \ -+ __filter_units_by_properties $1 ActiveState,CanStart inactive,yes $( -+ { __systemctl $1 list-unit-files --state enabled,enabled-runtime,linked,linked-runtime,static,indirect,disabled,generated,transient | \ - { while read -r a b; do [[ $a =~ @\. ]] || echo " $a"; done; } -- __systemctl $mode list-units --state inactive,failed | \ -+ __systemctl $1 list-units --state inactive,failed | \ - { while read -r a b c; do [[ $b == "loaded" ]] && echo " $a"; done; } - } | sort -u ) - } - __get_restartable_units () { - # filter out masked and not-found -- __filter_units_by_property $mode CanStart yes $( -- __systemctl $mode list-unit-files --state enabled,disabled,static | \ -+ __filter_units_by_property $1 CanStart yes $( -+ __systemctl $1 list-unit-files --state enabled,disabled,static | \ - { while read -r a b; do [[ $a =~ @\. ]] || echo " $a"; done; } -- __systemctl $mode list-units | \ -+ __systemctl $1 list-units | \ - { while read -r a b; do echo " $a"; done; } ) - } - __get_failed_units () { __systemctl $1 list-units \ diff --git a/0018-boot-efi-don-t-hard-fail-on-error-for-tpm-measure-64.patch b/0018-boot-efi-don-t-hard-fail-on-error-for-tpm-measure-64.patch deleted file mode 100644 index 6d5976f..0000000 --- a/0018-boot-efi-don-t-hard-fail-on-error-for-tpm-measure-64.patch +++ /dev/null @@ -1,49 +0,0 @@ -From ea0ff5cd4efb1d67820572fb0d7d1d8da0fc1dc1 Mon Sep 17 00:00:00 2001 -From: Harald Hoyer -Date: Fri, 28 Jul 2017 09:46:05 +0200 -Subject: [PATCH] boot/efi: don't hard fail on error for tpm measure (#6473) - -Display the error for a small amount of time, but don't fail hard. - -In case of a faulty BIOS, a TPM error should not prevent the boot. -If something cares about the PCM measurement, it will be noticed -anyway later on. - -Especially important now, that TPM measurement is the default now on -some distribution builds. - -https://bugzilla.redhat.com/show_bug.cgi?id=1411156 -(cherry picked from commit 522aa9f5f8755d7389131da41bd60b6276917ff2) ---- - src/boot/efi/boot.c | 3 +-- - src/boot/efi/stub.c | 3 +-- - 2 files changed, 2 insertions(+), 4 deletions(-) - -diff --git a/src/boot/efi/boot.c b/src/boot/efi/boot.c -index 1e990b3825..316e95a72b 100644 ---- a/src/boot/efi/boot.c -+++ b/src/boot/efi/boot.c -@@ -1657,8 +1657,7 @@ static EFI_STATUS image_start(EFI_HANDLE parent_image, const Config *config, con - loaded_image->LoadOptionsSize, loaded_image->LoadOptions); - if (EFI_ERROR(err)) { - Print(L"Unable to add image options measurement: %r", err); -- uefi_call_wrapper(BS->Stall, 1, 3 * 1000 * 1000); -- return err; -+ uefi_call_wrapper(BS->Stall, 1, 200 * 1000); - } - #endif - } -diff --git a/src/boot/efi/stub.c b/src/boot/efi/stub.c -index bab5d46de9..2562228090 100644 ---- a/src/boot/efi/stub.c -+++ b/src/boot/efi/stub.c -@@ -94,8 +94,7 @@ EFI_STATUS efi_main(EFI_HANDLE image, EFI_SYSTEM_TABLE *sys_table) { - loaded_image->LoadOptionsSize, loaded_image->LoadOptions); - if (EFI_ERROR(err)) { - Print(L"Unable to add image options measurement: %r", err); -- uefi_call_wrapper(BS->Stall, 1, 3 * 1000 * 1000); -- return err; -+ uefi_call_wrapper(BS->Stall, 1, 200 * 1000); - } - #endif - } diff --git a/0019-meson-D-remote-and-D-importd-should-be-combo-options.patch b/0019-meson-D-remote-and-D-importd-should-be-combo-options.patch deleted file mode 100644 index 6d79dce..0000000 --- a/0019-meson-D-remote-and-D-importd-should-be-combo-options.patch +++ /dev/null @@ -1,37 +0,0 @@ -From 9c27ced1fac191139a131d179a25801ce9ca3357 Mon Sep 17 00:00:00 2001 -From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= -Date: Wed, 26 Jul 2017 14:11:15 -0400 -Subject: [PATCH] meson: -D remote and -D importd should be "combo" options - -The default should be 'auto', and we allow 'true' -and 'false' too. - -Fixes #6445. - -(cherry picked from commit b1519d656691e725a8b8950fc0e6cc8d25b1016a) ---- - meson_options.txt | 4 ++-- - 1 file changed, 2 insertions(+), 2 deletions(-) - -diff --git a/meson_options.txt b/meson_options.txt -index 1594fec41f..b7a45d5806 100644 ---- a/meson_options.txt -+++ b/meson_options.txt -@@ -69,7 +69,7 @@ option('timedated', type : 'boolean', - description : 'install the systemd-timedated daemon') - option('timesyncd', type : 'boolean', - description : 'install the systemd-timesyncd daemon') --option('remote', type : 'boolean', -+option('remote', type : 'combo', choices : ['auto', 'true', 'false'], - description : 'support for "journal over the network"') - option('myhostname', type : 'boolean', - description : 'nss-myhostname support') -@@ -87,7 +87,7 @@ option('sysusers', type : 'boolean', - description : 'support for the sysusers configuration') - option('tmpfiles', type : 'boolean', - description : 'support for tmpfiles.d') --option('importd', type : 'boolean', -+option('importd', type : 'combo', choices : ['auto', 'true', 'false'], - description : 'install the systemd-importd daemon') - option('hwdb', type : 'boolean', - description : 'support for the hardware database') diff --git a/0020-cryptsetup-fix-infinite-timeout-6486.patch b/0020-cryptsetup-fix-infinite-timeout-6486.patch deleted file mode 100644 index 860d816..0000000 --- a/0020-cryptsetup-fix-infinite-timeout-6486.patch +++ /dev/null @@ -1,42 +0,0 @@ -From c64c6a8b259abfbff5ce202d5d5982b120cf928f Mon Sep 17 00:00:00 2001 -From: Andrew Soutar -Date: Mon, 31 Jul 2017 02:19:16 -0400 -Subject: [PATCH] cryptsetup: fix infinite timeout (#6486) - -0004f698d causes `arg_timeout` to be infinity instead of 0 when timeout=0. The -logic here now matches this change. - -Fixes #6381 - -(cherry picked from commit 0864d311766498563331f486909a0d950ba7de87) ---- - src/cryptsetup/cryptsetup.c | 8 ++++---- - 1 file changed, 4 insertions(+), 4 deletions(-) - -diff --git a/src/cryptsetup/cryptsetup.c b/src/cryptsetup/cryptsetup.c -index 3b4c086162..08ed7e53ba 100644 ---- a/src/cryptsetup/cryptsetup.c -+++ b/src/cryptsetup/cryptsetup.c -@@ -56,7 +56,7 @@ static bool arg_tcrypt_veracrypt = false; - static char **arg_tcrypt_keyfiles = NULL; - static uint64_t arg_offset = 0; - static uint64_t arg_skip = 0; --static usec_t arg_timeout = 0; -+static usec_t arg_timeout = USEC_INFINITY; - - /* Options Debian's crypttab knows we don't: - -@@ -670,10 +670,10 @@ int main(int argc, char *argv[]) { - if (arg_discards) - flags |= CRYPT_ACTIVATE_ALLOW_DISCARDS; - -- if (arg_timeout > 0) -- until = now(CLOCK_MONOTONIC) + arg_timeout; -- else -+ if (arg_timeout == USEC_INFINITY) - until = 0; -+ else -+ until = now(CLOCK_MONOTONIC) + arg_timeout; - - arg_key_size = (arg_key_size > 0 ? arg_key_size : (256 / 8)); - diff --git a/0021-rfkill-fix-erroneous-behavior-when-polling-the-udev-.patch b/0021-rfkill-fix-erroneous-behavior-when-polling-the-udev-.patch deleted file mode 100644 index 4790389..0000000 --- a/0021-rfkill-fix-erroneous-behavior-when-polling-the-udev-.patch +++ /dev/null @@ -1,45 +0,0 @@ -From cb81159ce49380d39c80f803353784633b8f306c Mon Sep 17 00:00:00 2001 -From: "S. Fan" -Date: Mon, 31 Jul 2017 05:10:10 -0500 -Subject: [PATCH] rfkill: fix erroneous behavior when polling the udev monitor - (#6489) - -Comparing udev_device_get_sysname(device) and sysname will always return -true. We need to check the device received from udev monitor instead. - -Also, fd_wait_for_event() sometimes never exits. Better set a timeout -here. - -(cherry picked from commit 8ec1a07998758f6a85f3ea5bf2ed14d87609398f) ---- - src/rfkill/rfkill.c | 8 ++++++-- - 1 file changed, 6 insertions(+), 2 deletions(-) - -diff --git a/src/rfkill/rfkill.c b/src/rfkill/rfkill.c -index c0f138b4f4..470853d1d2 100644 ---- a/src/rfkill/rfkill.c -+++ b/src/rfkill/rfkill.c -@@ -138,17 +138,21 @@ static int wait_for_initialized( - for (;;) { - _cleanup_udev_device_unref_ struct udev_device *t = NULL; - -- r = fd_wait_for_event(watch_fd, POLLIN, USEC_INFINITY); -+ r = fd_wait_for_event(watch_fd, POLLIN, EXIT_USEC); - if (r == -EINTR) - continue; - if (r < 0) - return log_error_errno(r, "Failed to watch udev monitor: %m"); -+ if (r == 0) { -+ log_error("Timed out wating for udev monitor."); -+ return -ETIMEDOUT; -+ } - - t = udev_monitor_receive_device(monitor); - if (!t) - continue; - -- if (streq_ptr(udev_device_get_sysname(device), sysname)) { -+ if (streq_ptr(udev_device_get_sysname(t), sysname)) { - *ret = udev_device_ref(t); - return 0; - } diff --git a/0022-core-Do-not-fail-perpetual-mount-units-without-fragm.patch b/0022-core-Do-not-fail-perpetual-mount-units-without-fragm.patch deleted file mode 100644 index f310a4f..0000000 --- a/0022-core-Do-not-fail-perpetual-mount-units-without-fragm.patch +++ /dev/null @@ -1,34 +0,0 @@ -From b56c4c19c8d0adca67eb34e1924d881e7d61b97f Mon Sep 17 00:00:00 2001 -From: =?UTF-8?q?Abd=C3=B3=20Roig-Maranges?= -Date: Mon, 31 Jul 2017 12:32:09 +0200 -Subject: [PATCH] core: Do not fail perpetual mount units without fragment - (#6459) - -mount_load does not require fragment files to be present in order to -load mount units which are perpetual, or come from /proc/self/mountinfo. - -mount_verify should do the same, otherwise a synthesized '-.mount' would -be marked as failed with "No such file or directory", as it is perpetual -but not marked to come from /proc/self/mountinfo at this point. - -This happens for the user instance, and I suspect it was the cause of #5375 -for the system instance, without gpt-generator. - -(cherry picked from commit 1df96fcb31b3bc30c4a983de4734f61ed5a29115) ---- - src/core/mount.c | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/src/core/mount.c b/src/core/mount.c -index 214364d87d..7d9644e305 100644 ---- a/src/core/mount.c -+++ b/src/core/mount.c -@@ -503,7 +503,7 @@ static int mount_verify(Mount *m) { - if (UNIT(m)->load_state != UNIT_LOADED) - return 0; - -- if (!m->from_fragment && !m->from_proc_self_mountinfo) -+ if (!m->from_fragment && !m->from_proc_self_mountinfo && !UNIT(m)->perpetual) - return -ENOENT; - - r = unit_name_from_path(m->where, ".mount", &e); diff --git a/0023-build-sys-bump-xslt-maxdepth-limit.patch b/0023-build-sys-bump-xslt-maxdepth-limit.patch deleted file mode 100644 index f33ddb8..0000000 --- a/0023-build-sys-bump-xslt-maxdepth-limit.patch +++ /dev/null @@ -1,26 +0,0 @@ -From f2618d3474090751ae364ca326f3563797cce54a Mon Sep 17 00:00:00 2001 -From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= -Date: Mon, 18 Sep 2017 17:09:52 +0200 -Subject: [PATCH] build-sys: bump xslt maxdepth limit - -With libxslt-1.30, builds were failing on some recursion depth limit -with systemd.index.xml. Bumping the limit fixes the issue. ---- - man/meson.build | 1 + - 1 file changed, 1 insertion(+) - -diff --git a/man/meson.build b/man/meson.build -index 8ddbd5557c..5b6a21fb9f 100644 ---- a/man/meson.build -+++ b/man/meson.build -@@ -11,6 +11,7 @@ want_html = want_html != 'false' and xsltproc.found() - xsltproc_flags = [ - '--nonet', - '--xinclude', -+ '--maxdepth', '9000', - '--stringparam', 'man.output.quietly', '1', - '--stringparam', 'funcsynopsis.style', 'ansi', - '--stringparam', 'man.authors.section.enabled', '0', --- -2.13.5 - diff --git a/0024-device-make-sure-to-remove-all-device-units-sharing-.patch b/0024-device-make-sure-to-remove-all-device-units-sharing-.patch deleted file mode 100644 index dd853fe..0000000 --- a/0024-device-make-sure-to-remove-all-device-units-sharing-.patch +++ /dev/null @@ -1,44 +0,0 @@ -From 6d0fe8a5809ef5ccc8e92bdf2eea031178b87083 Mon Sep 17 00:00:00 2001 -From: Franck Bui -Date: Wed, 30 Aug 2017 17:16:16 +0200 -Subject: [PATCH] device: make sure to remove all device units sharing the same - sysfs path (#6679) - -When a device is unplugged all device units sharing the same sysfs path -pointing to that device are supposed to be removed. - -However it didn't work since while iterating the device unit list containing -all the relevant units, each unit was removed during each iteration of -LIST_FOREACH. However LIST_FOREACH doesn't support this use case and -LIST_FOREACH_SAFE must be use instead. - -(cherry picked from commit cc0df6cc35339976c367977dc292278a1939db0c) ---- - src/core/device.c | 4 ++-- - 1 file changed, 2 insertions(+), 2 deletions(-) - -diff --git a/src/core/device.c b/src/core/device.c -index 77601c552..87186f135 100644 ---- a/src/core/device.c -+++ b/src/core/device.c -@@ -514,7 +514,7 @@ static void device_update_found_one(Device *d, bool add, DeviceFound found, bool - } - - static int device_update_found_by_sysfs(Manager *m, const char *sysfs, bool add, DeviceFound found, bool now) { -- Device *d, *l; -+ Device *d, *l, *n; - - assert(m); - assert(sysfs); -@@ -523,7 +523,7 @@ static int device_update_found_by_sysfs(Manager *m, const char *sysfs, bool add, - return 0; - - l = hashmap_get(m->devices_by_sysfs, sysfs); -- LIST_FOREACH(same_sysfs, d, l) -+ LIST_FOREACH_SAFE(same_sysfs, d, n, l) - device_update_found_one(d, add, found, now); - - return 0; --- -2.13.5 - diff --git a/0998-resolved-create-etc-resolv.conf-symlink-at-runtime.patch b/0998-resolved-create-etc-resolv.conf-symlink-at-runtime.patch deleted file mode 100644 index 2418bc7..0000000 --- a/0998-resolved-create-etc-resolv.conf-symlink-at-runtime.patch +++ /dev/null @@ -1,51 +0,0 @@ -From 108c060c5521309b9448e3a7905b50dd505f36a8 Mon Sep 17 00:00:00 2001 -From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= -Date: Fri, 11 Mar 2016 17:06:17 -0500 -Subject: [PATCH] resolved: create /etc/resolv.conf symlink at runtime - -If the symlink doesn't exists, and we are being started, let's -create it to provie name resolution. - -If it exists, do nothing. In particular, if it is a broken symlink, -we cannot really know if the administator configured it to point to -a location used by some service that hasn't started yet, so we -don't touch it in that case either. - -https://bugzilla.redhat.com/show_bug.cgi?id=1313085 ---- - src/resolve/resolved.c | 4 ++++ - tmpfiles.d/etc.conf.m4 | 3 --- - 2 files changed, 4 insertions(+), 3 deletions(-) - -diff --git a/src/resolve/resolved.c b/src/resolve/resolved.c -index deb75f9ae5..914d3b8a2d 100644 ---- a/src/resolve/resolved.c -+++ b/src/resolve/resolved.c -@@ -67,6 +67,10 @@ int main(int argc, char *argv[]) { - goto finish; - } - -+ r = symlink("../run/systemd/resolve/resolv.conf", "/etc/resolv.conf"); -+ if (r < 0 && errno != EEXIST) -+ log_warning_errno(errno, "Could not create /etc/resolv.conf symlink: %m"); -+ - /* Drop privileges, but keep three caps. Note that we drop those too, later on (see below) */ - r = drop_privileges(uid, gid, - (UINT64_C(1) << CAP_NET_RAW)| /* needed for SO_BINDTODEVICE */ -diff --git a/tmpfiles.d/etc.conf.m4 b/tmpfiles.d/etc.conf.m4 -index 064eae94f1..928105ea8d 100644 ---- a/tmpfiles.d/etc.conf.m4 -+++ b/tmpfiles.d/etc.conf.m4 -@@ -13,9 +13,6 @@ L+ /etc/mtab - - - - ../proc/self/mounts - m4_ifdef(`HAVE_SMACK_RUN_LABEL', - t /etc/mtab - - - - security.SMACK64=_ - )m4_dnl --m4_ifdef(`ENABLE_RESOLVED', --L! /etc/resolv.conf - - - - ../usr/lib/systemd/resolv.conf --)m4_dnl - C /etc/nsswitch.conf - - - - - m4_ifdef(`HAVE_PAM', - C /etc/pam.d - - - - --- -2.9.2 - diff --git a/0999-netdev-crypttab.patch b/0999-netdev-crypttab.patch deleted file mode 100644 index ba91dee..0000000 --- a/0999-netdev-crypttab.patch +++ /dev/null @@ -1,280 +0,0 @@ -From 3acb27df403c9e5772eb1d81aba1c65b6c7acc08 Mon Sep 17 00:00:00 2001 -From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= -Date: Tue, 5 Sep 2017 09:14:51 +0200 -Subject: [PATCH 1/3] units: order cryptsetup-pre.target before - cryptsetup.target - -Normally this happens automatically, but if it happened that both targets were -pulled in, even though there were no cryptsetup units, they could be started -in reverse order, which would be somewhat confusing. Add an explicit ordering -to avoid this potential issue. ---- - units/cryptsetup-pre.target | 1 + - 1 file changed, 1 insertion(+) - -diff --git a/units/cryptsetup-pre.target b/units/cryptsetup-pre.target -index 65353419f..42e35dd4e 100644 ---- a/units/cryptsetup-pre.target -+++ b/units/cryptsetup-pre.target -@@ -9,3 +9,4 @@ - Description=Encrypted Volumes (Pre) - Documentation=man:systemd.special(7) - RefuseManualStart=yes -+Before=cryptsetup.target --- -2.14.1 - - -From 51a012da40e8d0d4d8df931b3bc56ea913c3856a Mon Sep 17 00:00:00 2001 -From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= -Date: Tue, 5 Sep 2017 10:15:13 +0200 -Subject: [PATCH 2/3] units: add remote-cryptsetup.target and - remote-cryptsetup-pre.target - -The pair is similar to remote-fs.target and remote-fs-pre.target. Any -cryptsetup devices which require network shall be ordered after -remote-cryptsetup-pre.target and before remote-cryptsetup.target. ---- - man/systemd.special.xml | 23 +++++++++++++++++++++++ - units/cryptsetup-pre.target | 2 +- - units/cryptsetup.target | 2 +- - units/meson.build | 3 +++ - units/remote-cryptsetup-pre.target | 15 +++++++++++++++ - units/remote-cryptsetup.target | 10 ++++++++++ - 6 files changed, 53 insertions(+), 2 deletions(-) - create mode 100644 units/remote-cryptsetup-pre.target - create mode 100644 units/remote-cryptsetup.target - -diff --git a/man/systemd.special.xml b/man/systemd.special.xml -index 66c45e39a..7107b8a92 100644 ---- a/man/systemd.special.xml -+++ b/man/systemd.special.xml -@@ -81,6 +81,8 @@ - poweroff.target, - printer.target, - reboot.target, -+ remote-cryptsetup-pre.target, -+ remote-cryptsetup.target, - remote-fs-pre.target, - remote-fs.target, - rescue.target, -@@ -450,6 +452,27 @@ - this target unit, for compatibility with SysV. - - -+ -+ remote-cryptsetup-pre.target -+ -+ This target unit is automatically ordered before all cryptsetup devices -+ marked with the . It can be used to execute additional -+ units before such devices are set up. -+ -+ It is ordered after network.target and -+ network-online.target, and also pulls the latter in as a -+ Wants= dependency. -+ -+ -+ -+ remote-cryptsetup.target -+ -+ Similar to cryptsetup.target, but for encrypted -+ devices which are accessed over the network. It is used for -+ crypttab8 -+ entries marked with . -+ -+ - - remote-fs.target - -diff --git a/units/cryptsetup-pre.target b/units/cryptsetup-pre.target -index 42e35dd4e..6cb28a61a 100644 ---- a/units/cryptsetup-pre.target -+++ b/units/cryptsetup-pre.target -@@ -6,7 +6,7 @@ - # (at your option) any later version. - - [Unit] --Description=Encrypted Volumes (Pre) -+Description=Local Encrypted Volumes (Pre) - Documentation=man:systemd.special(7) - RefuseManualStart=yes - Before=cryptsetup.target -diff --git a/units/cryptsetup.target b/units/cryptsetup.target -index 25d3e33f6..10b17fd38 100644 ---- a/units/cryptsetup.target -+++ b/units/cryptsetup.target -@@ -6,5 +6,5 @@ - # (at your option) any later version. - - [Unit] --Description=Encrypted Volumes -+Description=Local Encrypted Volumes - Documentation=man:systemd.special(7) -diff --git a/units/meson.build b/units/meson.build -index e94add6a6..e6351c7a2 100644 ---- a/units/meson.build -+++ b/units/meson.build -@@ -47,6 +47,9 @@ units = [ - ['proc-sys-fs-binfmt_misc.mount', 'ENABLE_BINFMT'], - ['reboot.target', '', - 'runlevel6.target ctrl-alt-del.target'], -+ ['remote-cryptsetup-pre.target', 'HAVE_LIBCRYPTSETUP'], -+ ['remote-cryptsetup.target', 'HAVE_LIBCRYPTSETUP', -+ join_paths(pkgsysconfdir, 'system/multi-user.target.wants/')], - ['remote-fs-pre.target', ''], - ['remote-fs.target', '', - join_paths(pkgsysconfdir, 'system/multi-user.target.wants/')], -diff --git a/units/remote-cryptsetup-pre.target b/units/remote-cryptsetup-pre.target -new file mode 100644 -index 000000000..a375e6188 ---- /dev/null -+++ b/units/remote-cryptsetup-pre.target -@@ -0,0 +1,15 @@ -+# This file is part of systemd. -+# -+# systemd is free software; you can redistribute it and/or modify it -+# under the terms of the GNU Lesser General Public License as published by -+# the Free Software Foundation; either version 2.1 of the License, or -+# (at your option) any later version. -+ -+[Unit] -+Description=Remote Encrypted Volumes (Pre) -+Documentation=man:systemd.special(7) -+RefuseManualStart=yes -+Before=remote-cryptsetup.target -+ -+After=network.target network-online.target -+Wants=network-online.target -diff --git a/units/remote-cryptsetup.target b/units/remote-cryptsetup.target -new file mode 100644 -index 000000000..60943bd1c ---- /dev/null -+++ b/units/remote-cryptsetup.target -@@ -0,0 +1,10 @@ -+# This file is part of systemd. -+# -+# systemd is free software; you can redistribute it and/or modify it -+# under the terms of the GNU Lesser General Public License as published by -+# the Free Software Foundation; either version 2.1 of the License, or -+# (at your option) any later version. -+ -+[Unit] -+Description=Remote Encrypted Volumes -+Documentation=man:systemd.special(7) --- -2.14.1 - - -From 543a62336565c840bbda22df0eb2a1c19180a8d5 Mon Sep 17 00:00:00 2001 -From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= -Date: Tue, 5 Sep 2017 11:30:33 +0200 -Subject: [PATCH 3/3] cryptsetup-generator: use remote-cryptsetup.target when - _netdev is present - -This allows such devices to depend on the network. Their startup will -be delayed similarly to network mount units. - -Fixes #4642. ---- - man/crypttab.xml | 13 +++++++++++++ - src/cryptsetup/cryptsetup-generator.c | 36 ++++++++++++++++++----------------- - 2 files changed, 32 insertions(+), 17 deletions(-) - -diff --git a/man/crypttab.xml b/man/crypttab.xml -index 17976f370..162377ebc 100644 ---- a/man/crypttab.xml -+++ b/man/crypttab.xml -@@ -213,6 +213,19 @@ - . - - -+ -+ -+ -+ Marks this cryptsetup device as requiring network. It will be -+ started after the network is available, similarly to -+ systemd.mount5 -+ units marked with . The service unit to set up this device -+ will be ordered between remote-cryptsetup-pre.target and -+ remote-cryptsetup.target, instead of -+ cryptsetup-pre.target and -+ cryptsetup.target. -+ -+ - - - -diff --git a/src/cryptsetup/cryptsetup-generator.c b/src/cryptsetup/cryptsetup-generator.c -index b58b6db7c..8571ab06e 100644 ---- a/src/cryptsetup/cryptsetup-generator.c -+++ b/src/cryptsetup/cryptsetup-generator.c -@@ -61,7 +61,7 @@ static int create_disk( - _cleanup_free_ char *p = NULL, *n = NULL, *d = NULL, *u = NULL, *to = NULL, *e = NULL, - *filtered = NULL; - _cleanup_fclose_ FILE *f = NULL; -- bool noauto, nofail, tmp, swap; -+ bool noauto, nofail, tmp, swap, netdev; - char *from; - int r; - -@@ -72,6 +72,7 @@ static int create_disk( - nofail = fstab_test_yes_no_option(options, "nofail\0" "fail\0"); - tmp = fstab_test_option(options, "tmp\0"); - swap = fstab_test_option(options, "swap\0"); -+ netdev = fstab_test_option(options, "_netdev\0"); - - if (tmp && swap) { - log_error("Device '%s' cannot be both 'tmp' and 'swap'. Ignoring.", name); -@@ -102,21 +103,22 @@ static int create_disk( - if (!f) - return log_error_errno(errno, "Failed to create unit file %s: %m", p); - -- fputs("# Automatically generated by systemd-cryptsetup-generator\n\n" -- "[Unit]\n" -- "Description=Cryptography Setup for %I\n" -- "Documentation=man:crypttab(5) man:systemd-cryptsetup-generator(8) man:systemd-cryptsetup@.service(8)\n" -- "SourcePath=/etc/crypttab\n" -- "DefaultDependencies=no\n" -- "Conflicts=umount.target\n" -- "BindsTo=dev-mapper-%i.device\n" -- "IgnoreOnIsolate=true\n" -- "After=cryptsetup-pre.target\n", -- f); -+ fprintf(f, -+ "# Automatically generated by systemd-cryptsetup-generator\n\n" -+ "[Unit]\n" -+ "Description=Cryptography Setup for %%I\n" -+ "Documentation=man:crypttab(5) man:systemd-cryptsetup-generator(8) man:systemd-cryptsetup@.service(8)\n" -+ "SourcePath=/etc/crypttab\n" -+ "DefaultDependencies=no\n" -+ "Conflicts=umount.target\n" -+ "IgnoreOnIsolate=true\n" -+ "After=%s\n", -+ netdev ? "remote-cryptsetup-pre.target" : "cryptsetup-pre.target"); - - if (!nofail) - fprintf(f, -- "Before=cryptsetup.target\n"); -+ "Before=%s\n", -+ netdev ? "remote-cryptsetup.target" : "cryptsetup.target"); - - if (password) { - if (STR_IN_SET(password, "/dev/urandom", "/dev/random", "/dev/hw_random")) -@@ -200,10 +202,10 @@ static int create_disk( - return log_error_errno(errno, "Failed to create symlink %s: %m", to); - - free(to); -- if (!nofail) -- to = strjoin(arg_dest, "/cryptsetup.target.requires/", n); -- else -- to = strjoin(arg_dest, "/cryptsetup.target.wants/", n); -+ to = strjoin(arg_dest, -+ netdev ? "/remote-cryptsetup" : "/cryptsetup", -+ ".target.", -+ nofail ? "wants/" : "requires/", n); - if (!to) - return log_oom(); - --- -2.14.1 - diff --git a/10-map-count.conf b/10-map-count.conf new file mode 100644 index 0000000..5cf5677 --- /dev/null +++ b/10-map-count.conf @@ -0,0 +1,3 @@ +# Increase the number of virtual memory areas that one process may request +# https://fedoraproject.org/wiki/Changes/IncreaseVmMaxMapCount +vm.max_map_count=1048576 diff --git a/10-oomd-defaults.conf b/10-oomd-defaults.conf new file mode 100644 index 0000000..0254657 --- /dev/null +++ b/10-oomd-defaults.conf @@ -0,0 +1,2 @@ +[OOM] +DefaultMemoryPressureDurationSec=20s diff --git a/10-oomd-per-slice-defaults.conf b/10-oomd-per-slice-defaults.conf new file mode 100644 index 0000000..63d8162 --- /dev/null +++ b/10-oomd-per-slice-defaults.conf @@ -0,0 +1,3 @@ +[Slice] +ManagedOOMMemoryPressure=kill +ManagedOOMMemoryPressureLimit=80% diff --git a/10-timeout-abort.conf b/10-timeout-abort.conf new file mode 100644 index 0000000..4852648 --- /dev/null +++ b/10-timeout-abort.conf @@ -0,0 +1,14 @@ +# This file is part of the systemd package. +# See https://fedoraproject.org/wiki/Changes/Shorter_Shutdown_Timer. +# +# To facilitate debugging when a service fails to stop cleanly, +# TimeoutStopFailureMode=abort is set to "crash" services that fail to stop in +# the time allotted. This will cause the service to be terminated with SIGABRT +# and a coredump to be generated. +# +# To undo this configuration change, create a mask file: +# sudo mkdir -p /etc/systemd/system/service.d +# sudo ln -sv /dev/null /etc/systemd/system/service.d/10-timeout-abort.conf + +[Service] +TimeoutStopFailureMode=abort diff --git a/20-grubby.install b/20-grubby.install deleted file mode 100755 index 418c4b6..0000000 --- a/20-grubby.install +++ /dev/null @@ -1,51 +0,0 @@ -#!/bin/bash - -if [[ ! -x /sbin/new-kernel-pkg ]]; then - exit 0 -fi - -COMMAND="$1" -KERNEL_VERSION="$2" -BOOT_DIR_ABS="$3" -KERNEL_IMAGE="$4" - -KERNEL_DIR="${KERNEL_IMAGE%/*}" -[[ "$KERNEL_VERSION" == *\+* ]] && flavor=-"${KERNEL_VERSION##*+}" -case "$COMMAND" in - add) - if [[ "${KERNEL_DIR}" != "/boot" ]]; then - for i in \ - "$KERNEL_IMAGE" \ - "$KERNEL_DIR"/System.map \ - "$KERNEL_DIR"/config \ - "$KERNEL_DIR"/zImage.stub \ - "$KERNEL_DIR"/dtb \ - ; do - [[ -e "$i" ]] || continue - cp -aT "$i" "/boot/${i##*/}-${KERNEL_VERSION}" - command -v restorecon &>/dev/null && \ - restorecon -R "/boot/${i##*/}-${KERNEL_VERSION}" - done - # hmac is .vmlinuz-.hmac so needs a special treatment - i="$KERNEL_DIR/.${KERNEL_IMAGE##*/}.hmac" - if [[ -e "$i" ]]; then - cp -a "$i" "/boot/.${KERNEL_IMAGE##*/}-${KERNEL_VERSION}.hmac" - command -v restorecon &>/dev/null && \ - restorecon "/boot/.${KERNEL_IMAGE##*/}-${KERNEL_VERSION}.hmac" - fi - fi - /sbin/new-kernel-pkg --package "kernel${flavor}" --install "$KERNEL_VERSION" || exit $? - /sbin/new-kernel-pkg --package "kernel${flavor}" --mkinitrd --dracut --depmod --update "$KERNEL_VERSION" || exit $? - /sbin/new-kernel-pkg --package "kernel${flavor}" --rpmposttrans "$KERNEL_VERSION" || exit $? - ;; - remove) - /sbin/new-kernel-pkg --package "kernel${flavor+-$flavor}" --rminitrd --rmmoddep --remove "$KERNEL_VERSION" || exit $? - ;; - *) - ;; -esac - -# skip other installation plugins, if we can't find a boot loader spec conforming setup -if ! [[ -d /boot/loader/entries || -L /boot/loader/entries ]]; then - exit 77 -fi diff --git a/26494.patch b/26494.patch new file mode 100644 index 0000000..19bc67b --- /dev/null +++ b/26494.patch @@ -0,0 +1,30 @@ +From 6b25470ee28843a49c50442e9d8a98edc842ceca Mon Sep 17 00:00:00 2001 +From: Yu Watanabe +Date: Mon, 20 Feb 2023 12:00:30 +0900 +Subject: [PATCH] core/manager: run generators directly when we are in initrd + +Some initrd system write files at ourside of /run, /etc, or other +allowed places. This is a kind of workaround, but in most cases, such +sandboxing is not necessary as the filesystem is on ramfs when we are in +initrd. + +Fixes #26488. +--- + src/core/manager.c | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) + +diff --git a/src/core/manager.c b/src/core/manager.c +index 7b394794b0d4..306477c6e6c2 100644 +--- a/src/core/manager.c ++++ b/src/core/manager.c +@@ -3822,8 +3822,8 @@ static int manager_run_generators(Manager *m) { + /* If we are the system manager, we fork and invoke the generators in a sanitized mount namespace. If + * we are the user manager, let's just execute the generators directly. We might not have the + * necessary privileges, and the system manager has already mounted /tmp/ and everything else for us. +- */ +- if (MANAGER_IS_USER(m)) { ++ * If we are in initrd, let's also execute the generators directly, as we are in ramfs. */ ++ if (MANAGER_IS_USER(m) || in_initrd()) { + r = manager_execute_generators(m, paths, /* remount_ro= */ false); + goto finish; + } diff --git a/30846.patch b/30846.patch new file mode 100644 index 0000000..77da69f --- /dev/null +++ b/30846.patch @@ -0,0 +1,56 @@ +From 07bedc8f93277f705622625f440a1f56ccff1cd0 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= +Date: Tue, 9 Jan 2024 11:28:04 +0100 +Subject: [PATCH] journal: again create user journals for users with high uids + +This effectively reverts a change in 115d5145a257c1a27330acf9f063b5f4d910ca4d +'journald: move uid_for_system_journal() to uid-alloc-range.h', which slipped +in an additional check of uid_is_container(uid). The problem is that that change +is not backwards-compatible at all and very hard for users to handle. +There is no common agreement on mappings of high-range uids. Systemd declares +ownership of a large range for container uids in https://systemd.io/UIDS-GIDS/, +but this is only a recent change and various sites allocated those ranges +in a different way, in particular FreeIPA uses (used?) uids from this range +for human users. On big sites with lots of users changing uids is obviously a +hard problem. We generally assume that uids cannot be "freed" and/or changed +and/or reused safely, so we shouldn't demand the same from others. + +This is somewhat similar to the situation with SYSTEM_ALLOC_UID_MIN / +SYSTEM_UID_MAX, which we tried to define to a fixed value in our code, causing +huge problems for existing systems with were created with a different +definition and couldn't be easily updated. For that case, we added a +configuration time switch and we now parse /etc/login.defs to actually use the +value that is appropriate for the local system. + +Unfortunately, login.defs doesn't have a concept of container allocation ranges +(and we don't have code to parse and use those nonexistent names either), so we +can't tell users to adjust logind.defs to work around the changed definition. + +login.defs has SUB_UID_{MIN,MAX}, but those aren't really the same thing, +because they are used to define where the add allocations for subuids, which is +generally a much smaller range. Maybe we should talk with other folks about +the appropriate allocation ranges and define some new settings in login.defs. +But this would require discussion and coordination with other projects first. + +Actualy, it seems that this change was needed at all. The code in the container +does not log to the outside journal. It talks to its own journald, which does +journal splitting using its internal logic based on shifted uids. So let's +revert the change to fix user systems. + +Fixes https://bugzilla.redhat.com/show_bug.cgi?id=2251843. +--- + src/basic/uid-classification.c | 3 ++- + 1 file changed, 2 insertions(+), 1 deletion(-) + +diff --git a/src/basic/uid-classification.c b/src/basic/uid-classification.c +index 203ce2c68a..2eb384395d 100644 +--- a/src/basic/uid-classification.c ++++ b/src/basic/uid-classification.c +@@ -129,5 +129,6 @@ bool uid_for_system_journal(uid_t uid) { + + /* Returns true if the specified UID shall get its data stored in the system journal. */ + +- return uid_is_system(uid) || uid_is_dynamic(uid) || uid_is_greeter(uid) || uid == UID_NOBODY || uid_is_container(uid) || uid_is_foreign(uid); ++ return uid_is_system(uid) || uid_is_dynamic(uid) || uid_is_greeter(uid) || uid == UID_NOBODY || uid_is_foreign(uid); ++ + } diff --git a/38769.patch b/38769.patch new file mode 100644 index 0000000..09a7423 --- /dev/null +++ b/38769.patch @@ -0,0 +1,42 @@ +From 00d70f36a0866660693347009446b7f872a05bf4 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Christian=20G=C3=B6ttsche?= +Date: Sat, 30 Aug 2025 13:55:56 +0200 +Subject: [PATCH] core: create userdb root directory with correct label + +Set up the /run/systemd/userdb directory with the default SELinux context +on creation. + +With version 257.7-1 on Debian the directory was automatically created with the +correct label. Starting with version 258 (only tested with 258~rc3-1) it no +longer is. Regression introduced in 736349958efe34089131ca88950e2e5bb391d36a. + +[zjs: edited the patch to apply comments from review and update the description.] +--- + src/core/varlink.c | 7 ++++++- + 1 file changed, 6 insertions(+), 1 deletion(-) + +diff --git a/src/core/varlink.c b/src/core/varlink.c +index 99f12c59e5..71a8ffd0e5 100644 +--- a/src/core/varlink.c ++++ b/src/core/varlink.c +@@ -5,6 +5,7 @@ + #include "constants.h" + #include "errno-util.h" + #include "manager.h" ++#include "mkdir-label.h" + #include "path-util.h" + #include "pidref.h" + #include "string-util.h" +@@ -441,7 +442,11 @@ static int manager_varlink_init_system(Manager *m) { + if (!fresh && varlink_server_contains_socket(m->varlink_server, address)) + continue; + +- r = sd_varlink_server_listen_address(m->varlink_server, address, 0666 | SD_VARLINK_SERVER_MODE_MKDIR_0755); ++ r = mkdir_parents_label(address, 0755); ++ if (r < 0) ++ log_warning_errno(r, "Failed to create parent directory of '%s', ignoring: %m", address); ++ ++ r = sd_varlink_server_listen_address(m->varlink_server, address, 0666); + if (r < 0) + return log_error_errno(r, "Failed to bind to varlink socket '%s': %m", address); + } diff --git a/60-block-scheduler.rules b/60-block-scheduler.rules new file mode 100644 index 0000000..850b645 --- /dev/null +++ b/60-block-scheduler.rules @@ -0,0 +1,5 @@ +# do not edit this file, it will be overwritten on update + +ACTION=="add", SUBSYSTEM=="block", ENV{DEVTYPE}=="disk", \ + KERNEL=="mmcblk*[0-9]|msblk*[0-9]|mspblk*[0-9]|sd*[!0-9]|sr*", \ + ATTR{queue/scheduler}="bfq" diff --git a/85-display-manager.preset b/85-display-manager.preset deleted file mode 100644 index 08d5060..0000000 --- a/85-display-manager.preset +++ /dev/null @@ -1,11 +0,0 @@ -# We enable all display managers by default. Since only one can -# actually be enabled at the same time the one which is installed -# first wins - -enable gdm.service -enable lightdm.service -enable slim.service -enable lxdm.service -enable sddm.service -enable kdm.service -enable xdm.service diff --git a/90-default.preset b/90-default.preset deleted file mode 100644 index d61aabe..0000000 --- a/90-default.preset +++ /dev/null @@ -1,126 +0,0 @@ -# Also see: -# https://fedoraproject.org/wiki/Starting_services_by_default - -# On Fedora we deviate from some upstream defaults -disable systemd-timesyncd.service -disable systemd-networkd.service -disable systemd-resolved.service - -# System stuff -enable sshd.service -enable atd.* -enable crond.* -enable chronyd.service -enable NetworkManager.service -enable NetworkManager-dispatcher.service -enable ModemManager.service -enable auditd.service -enable restorecond.service -enable bluetooth.* -enable avahi-daemon.* -enable cups.* - -# The various syslog implementations -enable rsyslog.* -enable syslog-ng.* -enable sysklogd.* - -# Network facing -enable firewalld.service -enable libvirtd.service -enable xinetd.service -enable ladvd.service - -# Storage -enable multipathd.service -enable libstoragemgmt.service -enable lvm2-monitor.* -enable lvm2-lvmetad.* -enable dm-event.* -enable dmraid-activation.service - -# https://bugzilla.redhat.com/show_bug.cgi?id=855372 -enable mdmonitor.service -enable mdmonitor-takeover.service - -# https://bugzilla.redhat.com/show_bug.cgi?id=876237 -enable spice-vdagentd.service - -# https://bugzilla.redhat.com/show_bug.cgi?id=885406 -enable qemu-guest-agent.service - -# https://bugzilla.redhat.com/show_bug.cgi?id=928726 -enable dnf-makecache.timer - -# https://bugzilla.redhat.com/show_bug.cgi?id=929403 -enable initial-setup-graphical.service -enable initial-setup-text.service - -# https://bugzilla.redhat.com/show_bug.cgi?id=957135 -enable vmtoolsd.service - -# https://bugzilla.redhat.com/show_bug.cgi?id=976315 -enable dkms.service - -# https://bugzilla.redhat.com/show_bug.cgi?id=961878 -enable ipmi.service -enable ipmievd.service - -# https://bugzilla.redhat.com/show_bug.cgi?id=1039351 -enable x509watch.timer - -# https://bugzilla.redhat.com/show_bug.cgi?id=1060754 -enable dnssec-triggerd.service - -# https://bugzilla.redhat.com/show_bug.cgi?id=1095353 -enable uuidd.socket - -# Hardware -enable gpm.* - -# https://bugzilla.redhat.com/show_bug.cgi?id=1066421 -enable gpsd.socket - -# https://bugzilla.redhat.com/show_bug.cgi?id=1141607 -enable x2gocleansessions.service - -# https://fedoraproject.org/wiki/Changes/UEFISecureBootBlacklistUpdates -# -enable dbxtool.service - -enable irqbalance.service -enable lm_sensors.service -enable mcelog.* -enable acpid.* -enable smartd.service -enable pcscd.socket -enable rngd.service - -# Other stuff -enable abrtd.service -enable abrt-ccpp.service -enable abrt-oops.service -enable abrt-xorg.service -enable abrt-vmcore.service -enable lttng-sessiond.service -enable ksm.service -enable ksmtuned.service -enable rootfs-resize.service -enable sysstat.service -enable sysstat-collect.timer -enable sysstat-summary.timer -enable uuidd.service -enable xendomains.service -enable xenstored.service -enable xenconsoled.service - -# Desktop stuff -enable accounts-daemon.service -enable rtkit-daemon.service -enable upower.service -enable udisks2.service -enable polkit.service -enable packagekit-offline-update.service - -# https://bugzilla.redhat.com/show_bug.cgi?id=1187072 -enable timedatex.service diff --git a/98-default-mac-none.link b/98-default-mac-none.link new file mode 100644 index 0000000..8440f98 --- /dev/null +++ b/98-default-mac-none.link @@ -0,0 +1,20 @@ +# SPDX-License-Identifier: MIT-0 +# +# This config file is installed as part of systemd. +# It may be freely copied and edited (following the MIT No Attribution license). +# +# To make local modifications, one of the following methods may be used: +# 1. add a drop-in file that extends this file by creating the +# /etc/systemd/network/98-default-mac-none.link.d/ directory and creating a +# new .conf file there. +# 2. copy this file into /etc/systemd/network or one of the other paths checked +# by systemd-udevd and edit it there. +# This file should not be edited in place, because it'll be overwritten on upgrades. + +[Match] +Kind=bridge bond team + +[Link] +NamePolicy=keep kernel database onboard slot path +AlternativeNamesPolicy=database onboard slot path +MACAddressPolicy=none diff --git a/99-default-disable.preset b/99-default-disable.preset deleted file mode 100644 index 1f29b50..0000000 --- a/99-default-disable.preset +++ /dev/null @@ -1 +0,0 @@ -disable * diff --git a/README.build-in-place.md b/README.build-in-place.md new file mode 100644 index 0000000..df108d1 --- /dev/null +++ b/README.build-in-place.md @@ -0,0 +1,14 @@ +# Building systemd rpms for local development using rpmbuild --build-in-place + +This approach is based on filbranden's [git-rpmbuild](https://github.com/filbranden/git-rpmbuild) +and his [talk during ASG2019](https://www.youtube.com/watch?v=fVM1kJrymRM). + +``` +git clone https://github.com/systemd/systemd +fedpkg clone systemd fedora-systemd +cd systemd +rpmbuild -bb --build-in-place --noprep --define "_sourcedir $PWD/../fedora-systemd" --define "_rpmdir $PWD/rpms" --with upstream ../fedora-systemd/systemd.spec +sudo dnf upgrade --setopt install_weak_deps=False rpms/*/*.rpm +``` + +`--without lto` and `--without tests` may be useful to speed up the build. diff --git a/changelog b/changelog new file mode 100644 index 0000000..216ab62 --- /dev/null +++ b/changelog @@ -0,0 +1,3221 @@ +* Sun Jan 12 2025 Zbigniew Jędrzejewski-Szmek - 257.2-6 +- Rebuilt for the bin-sbin merge (2nd attempt) + +* Fri Jan 10 2025 Zbigniew Jędrzejewski-Szmek - 257.2-4 +- Revert use of PrivateTmp=disconnected (rhbz#2334015, + https://github.com/coreos/fedora-coreos-tracker/issues/1857) + +* Wed Jan 08 2025 Zbigniew Jędrzejewski-Szmek - 257.2-1 +- Version 257.2 +- Fixes for assertion crashes and memory access issues in pid1 and systemd- + machined, and other fixes for systemd-repart, systemd-resolved, systemd- + stdio-bridge, systemctl, journalctl, sd-device, hibernation, and the + hardware database. + +* Tue Jan 07 2025 Yu Watanabe - 257.1-7 +- Replace 'udevadm hwdb' with systemd-hwdb + +* Tue Jan 07 2025 Zbigniew Jędrzejewski-Szmek - 257.1-6 +- Rename source .abignore file + +* Fri Dec 20 2024 Daan De Meyer - 257.1-2 +- Re-enable upstream behaviour of systemd-tmpfiles --purge + +* Fri Dec 20 2024 Zbigniew Jędrzejewski-Szmek - 257.1-1 +- Version 257.1 +- A bunch of post-release fixes, incl. for systemd-resolved, tpm2 support, + systemd-networkd, systemd-logind, journalct. +- Should fix rhbz#2325780. + +* Sun Dec 15 2024 Yu Watanabe - 257-3 +- Add patch for test-time-util + +* Sun Dec 15 2024 Yu Watanabe - 257-2 +- sysusers: support new ! line flag for creating fully locked accounts + +* Tue Dec 10 2024 Zbigniew Jędrzejewski-Szmek - 257-1 +- Version 257 +- A bunch of small fixes in various components: systemd itself, systemd- + cryptenroll, sd-varlink, sd-boot, documentation, tests +- Includes an update of the hardware database + +* Thu Dec 05 2024 Zbigniew Jędrzejewski-Szmek - 257~rc3-5 +- Enable slow tests during build + +* Tue Dec 03 2024 Zbigniew Jędrzejewski-Szmek - 257~rc3-3 +- Recommend qemu-kvm-core instead of qemu-kvm (rhbz#2329979) + +* Fri Nov 29 2024 Yu Watanabe - 257~rc3-2 +- Update tmpfiles --destroy-data patch + +* Wed Nov 27 2024 Zbigniew Jędrzejewski-Szmek - 257~rc3-1 +- Version 257~rc3 +- A bunch of small fixes here and there: virtualization detection, udev, + systemd-networked, pid1. +- Includes a hardware database update. + +* Tue Nov 26 2024 Zbigniew Jędrzejewski-Szmek - 257~rc2-4 +- Make systemd-network-generator co-owned by -udev and -networkd + (rhbz#2328723) + +* Tue Nov 19 2024 Zbigniew Jędrzejewski-Szmek - 257~rc2-3 +- Pull in qemu from systemd-container + +* Fri Nov 15 2024 Zbigniew Jędrzejewski-Szmek - 257~rc2-2 +- Change sysusers u! lines to u because we don't have support in rpm + +* Fri Nov 15 2024 Zbigniew Jędrzejewski-Szmek - 257~rc2-1 +- Version 257~rc2 +- Changes in systemd-measure, systemd-networkd, documentation, systemd- + sysupdated, systemd-sbsign, systemd-boot, systemd-stub, systemd-nspawn, + run0, ukify +- Hardware database update + +* Fri Nov 15 2024 Zbigniew Jędrzejewski-Szmek - 257~rc1-3 +- Disable freezing of user sessions (rhbz#2321268) + +* Thu Nov 07 2024 Zbigniew Jędrzejewski-Szmek - 257~rc1-1 +- Version 257~rc1 + +* Thu Nov 07 2024 Daan De Meyer - 256.7-7 +- Use %%posttrans instead of %%postun to restart services + +* Thu Nov 07 2024 Yaakov Selkowitz - 256.7-6 +- Disable OpenSSL v3 ENGINE on RHEL + +* Tue Nov 05 2024 Daan De Meyer - 256.7-4 +- Backport user manager reexec changes + +* Tue Nov 05 2024 David Tardon - 256.7-3 +- Use %%systemd_preun in systemd-resolved + +* Thu Oct 24 2024 Yu Watanabe - 256.7-2 +- test_sysusers_defined: support new ! line flag for creating fully locked + accounts + +* Fri Oct 11 2024 Zbigniew Jędrzejewski-Szmek - 256.7-1 +- Version 256.7 +- Various small fixes in many components +- Documentation updates + +* Tue Sep 24 2024 Zbigniew Jędrzejewski-Szmek - 256.6-3 +- Move yum/dnf protection removal config file under /usr + +* Thu Sep 12 2024 Matteo Croce - 256.6-1 +- Version 256.6 + +* Thu Aug 29 2024 Daan De Meyer - 256.5-6 +- Always build ukify package + +* Wed Aug 28 2024 Daan De Meyer - 256.5-5 +- Do not use patch to modify systemd-user pam config file + +* Tue Aug 27 2024 Daan De Meyer - 256.5-3 +- Only make python3-pillow Recommends on Fedora + +* Sat Aug 24 2024 Davide Cavalca - 256.5-2 +- Do not require grubby on CentOS Stream 9 + +* Tue Aug 20 2024 Zbigniew Jędrzejewski-Szmek - 256.5-1 +- Version 256.5 +- Includes the patches for the kernel change with kernel threads in leaf + cgroups (https://github.com/systemd/systemd/pull/33885) +- Various smaller fixes + +* Tue Aug 20 2024 Zbigniew Jędrzejewski-Szmek - 256.4-4 +- Disable integration of userdb in sshd + +* Mon Jul 29 2024 Daan De Meyer - 256.4-3 +- Backport patch to only read /proc/cmdline when not in container + +* Mon Jul 29 2024 Daan De Meyer - 256.4-2 +- Backport upstream patch to try more initrd variants in + 90-loaderentry.install + +* Thu Jul 25 2024 Zbigniew Jędrzejewski-Szmek - 256.4-1 +- Version 256.4 +- Hardware db update +- Minor fixes for systemd-udevd and varlink protocol + +* Tue Jul 23 2024 Daan De Meyer - 256.3-3 +- Update tmpfiles --destroy-data patch + +* Tue Jul 23 2024 Zbigniew Jędrzejewski-Szmek - 256.3-1 +- Version 256.3 +- A bunch of fixes for systemd (pid1) +- Various upgrades related to running tests in mkosi + +* Sat Jul 20 2024 Daan De Meyer - 256.2-17 +- Simplify BFQ scheduler enablement + +* Sat Jul 20 2024 Fedora Release Engineering - 256.2-16 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_41_Mass_Rebuild + +* Wed Jul 17 2024 Zbigniew Jędrzejewski-Szmek - 256.2-9 +- Backport udma buffer access patch (rhbz#2298422) + +* Tue Jul 16 2024 Daan De Meyer - 256.2-8 +- Add support for building from a specific branch + +* Tue Jul 16 2024 Daan De Meyer - 256.2-7 +- Update PR patch metadata + +* Mon Jul 15 2024 Zbigniew Jędrzejewski-Szmek - 256.2-6 +- In standalone subpackages, suggest coreutils-single + +* Mon Jul 15 2024 Zbigniew Jędrzejewski-Szmek - 256.2-5 +- Drop versions from Conflicts for standalone packages + +* Sun Jul 14 2024 Zbigniew Jędrzejewski-Szmek - 256.2-4 +- Use a more precise Recommends for libkxbcommon + +* Thu Jul 11 2024 Daan De Meyer - 256.2-3 +- Drop machined revert + +* Tue Jul 09 2024 Zbigniew Jędrzejewski-Szmek - 256.2-2 +- Rebuilt for the bin-sbin merge + +* Mon Jul 08 2024 Zbigniew Jędrzejewski-Szmek - 256.2-1 +- Version 256.2 +- A bunch of various small fixes + +* Mon Jul 08 2024 Zbigniew Jędrzejewski-Szmek - 256.1-13 +- Link systemd-executor statically + +* Fri Jul 05 2024 Yaakov Selkowitz - 256.1-12 +- Update dracut workaround + +* Fri Jul 05 2024 Yaakov Selkowitz - 256.1-11 +- Fix ELN build + +* Fri Jul 05 2024 Daan De Meyer - 256.1-10 +- Only exclude dracut conflicts on non-fedora on upstream builds + +* Fri Jul 05 2024 Daan De Meyer - 256.1-9 +- Conditionalize dracut Conflicts more + +* Tue Jul 02 2024 Daan De Meyer - 256.1-8 +- Use vmlinux.h from kernel-devel + +* Tue Jul 02 2024 Zbigniew Jędrzejewski-Szmek - 256.1-7 +- Pull in openssl-devel-engine + +* Mon Jul 01 2024 Daan De Meyer - 256.1-6 +- Only add Requires on python3-zstd on Fedora + +* Mon Jul 01 2024 Daan De Meyer - 256.1-5 +- Drop BuildRequires on python3-zstd + +* Tue Jun 25 2024 Zbigniew Jędrzejewski-Szmek - 256.1-4 +- Revert "Remove tmpfiles snippet for /home and /srv" + +* Tue Jun 18 2024 Zbigniew Jędrzejewski-Szmek - 256.1-3 +- Remove tmpfiles snippet for /home and /srv + +* Tue Jun 18 2024 Zbigniew Jędrzejewski-Szmek - 256.1-2 +- Soft-disable tmpfiles --purge until a good use case comes up + +* Tue Jun 18 2024 Zbigniew Jędrzejewski-Szmek - 256.1-1 +- Version 256.1 + +* Sun Jun 16 2024 U2FsdGVkX1 - 256-2 +- disable auto-features when bootstrapping + +* Tue Jun 11 2024 Zbigniew Jędrzejewski-Szmek - 256-1 +- Version 256 +- Only minor changes since -rc4. +- Hardward db is updated. + +* Fri Jun 07 2024 Zbigniew Jędrzejewski-Szmek - 256~rc4-2 +- Restore patch to drop varlink method call + +* Thu Jun 06 2024 Zbigniew Jędrzejewski-Szmek - 256~rc4-1 +- Version 256~rc4 + +* Thu Jun 06 2024 Zbigniew Jędrzejewski-Szmek - 256~rc3-6 +- Drop sysusers.d/basic.conf +- We rely on setup to provide all necessary groups. + +* Sun Jun 02 2024 Adam Williamson - 256~rc3-4 +- Partially backport PR #33016 to fix crashes in KDE 6.3.0 + +* Wed May 29 2024 Zbigniew Jędrzejewski-Szmek - 256~rc3-2 +- Add patch to work-around libbpf bug (rhbz#2280935) + +* Thu May 23 2024 Zbigniew Jędrzejewski-Szmek - 256~rc3-1 +- Version 256~rc3 + +* Wed May 15 2024 Zbigniew Jędrzejewski-Szmek - 256~rc2-6 +- Version 256~rc2 +- Various small changes all over +- A fix for rhbz#2273069 + +* Mon May 13 2024 Zbigniew Jędrzejewski-Szmek - 256~rc1^20240509git1781de1-4 +- Make %%release_override overridable from outside + +* Sat May 11 2024 Zbigniew Jędrzejewski-Szmek - 256~rc1^20240509git1781de1-2 +- Temporarily drop call to varlink method to avoid SELinux denial + +* Thu May 09 2024 Zbigniew Jędrzejewski-Szmek - 256~rc1^20240509git1781de1-1 +- Version 256-rc1^20240509git +- There were some fixes merged upstream, so let's try again before v256-rc2 + is released. + +* Thu May 02 2024 Jan Macku - 256~rc1-6 +- spec: `systemd-ukify` should depend on `systemd-boot` + +* Sat Apr 27 2024 Zbigniew Jędrzejewski-Szmek - 256~rc1-4 +- Add additional daemon-reexec for upgrades from old systemd versions + +* Sat Apr 27 2024 Zbigniew Jędrzejewski-Szmek - 256~rc1-3 +- Drop trigger scriptlets for upgrades from systemd < 247 + +* Sat Apr 27 2024 Zbigniew Jędrzejewski-Szmek - 256~rc1-2 +- Add Recommends for dlopen libraries + +* Fri Apr 26 2024 Zbigniew Jędrzejewski-Szmek - 256~rc1-1 +- Version 256~rc1 +- See https://raw.githubusercontent.com/systemd/systemd/v256-rc1/NEWS. Too + many changes to list or discuss here. + +* Wed Apr 24 2024 Zbigniew Jędrzejewski-Szmek - 255.5-3 +- Reexec systemd in %%postun + (https://github.com/systemd/systemd/issues/5096) +- The workaround dbus issues in upgrades from systemd-239 is dropped + +* Wed Apr 24 2024 Zbigniew Jędrzejewski-Szmek - 255.5-2 +- Drop workaround to run generators without sandboxing (requirement on + dracut >= 60 is added) + +* Wed Apr 24 2024 Zbigniew Jędrzejewski-Szmek - 255.5-1 +- Version 255.5 +- Many different small fixes: systemd itself, systemd-networkd, systemd- + journal-remote, compilation fixes for newer kernels and clang, systemd- + homed, systemd-resolved, ukify, systemd-tmpfiles, various other. + +* Wed Apr 10 2024 Zbigniew Jędrzejewski-Szmek - 255.4-16 +- Prepare for bin-sbin merge + +* Wed Mar 27 2024 Zbigniew Jędrzejewski-Szmek - 255.4-13 +- spec: add %%bcond to build without documentation + +* Fri Mar 22 2024 Zbigniew Jędrzejewski-Szmek - 255.4-11 +- Revert "Adjust release tag for riscv64" + +* Fri Mar 22 2024 David Abdurachmanov - 255.4-10 +- Enable bootloader stack for riscv64 + +* Fri Mar 22 2024 Zbigniew Jędrzejewski-Szmek - 255.4-9 +- Adjust release tag for riscv64 + +* Wed Mar 20 2024 David Tardon - 255.4-5 +- Make Requires(*) on systemd versioned + +* Wed Mar 20 2024 Zbigniew Jędrzejewski-Szmek - 255.4-4 +- Add R:systemd-udev to systemd-networkd subpackage (rhbz#2173425) + +* Mon Mar 18 2024 Daan De Meyer - 255.4-3 +- Add psutil dependency to systemd-tests + +* Thu Mar 07 2024 Daan De Meyer - 255.4-2 +- Build in developer mode when building for upstream + +* Fri Mar 01 2024 Zbigniew Jędrzejewski-Szmek - 255.4-1 +- Version 255.4 + +* Wed Feb 21 2024 Daan De Meyer - 255.3-13 +- Allow setting extra configure options using + %%meson_extra_configure_options + +* Wed Feb 21 2024 Daan De Meyer - 255.3-12 +- Apply pam patch when building for upstream + +* Wed Feb 21 2024 Daan De Meyer - 255.3-11 +- Use %%version_override/%%release_override to specify version/release by + users + +* Tue Feb 20 2024 Zbigniew Jędrzejewski-Szmek - 255.3-10 +- Let libkmod be a dlopen'ed dependency + +* Sat Feb 17 2024 Daan De Meyer - 255.3-9 +- Allow overriding the version and release using macros + +* Sat Feb 17 2024 Daan De Meyer - 255.3-8 +- Stop passing %%{release} to meson when building in upstream mode + +* Sat Feb 17 2024 Daan De Meyer - 255.3-7 +- Don't pass b_lto to meson + +* Thu Feb 15 2024 Daan De Meyer - 255.3-6 +- Update usage of meson-vcs-tag.sh to account for upstream changes + +* Sun Feb 11 2024 Daan De Meyer - 255.3-5 +- Replace inplace macro with upstream macro + +* Sun Feb 11 2024 Daan De Meyer - 255.3-4 +- Remove reconfiguration logic + +* Sun Feb 11 2024 Daan De Meyer - 255.3-3 +- Stop depending on filelists + +* Mon Jan 29 2024 Zbigniew Jędrzejewski-Szmek - 255.3-2 +- Conflicts/Provides with systemd-standalone-repart are moved udev + subpackage + +* Thu Jan 25 2024 Zbigniew Jędrzejewski-Szmek - 255.3-1 +- Version 255.3 +- A bunch of various fixes for memory and behaviour, in many different + components (bootctl, systemd, udev, systemd-networkd, systemd-homed, + systemd-logind, systemd-resolve, systemd-repart, systemd-analyze, + systemd-dissect, systemd-boot, pam modules, systemd-storagetm, systemd- + journal-remote, kernel-install) +- Improved detection of virtualization (Google Compute Engine, Apple Virt) +- Updates for shell completions and docs +- An update for hardware database + +* Tue Jan 23 2024 Zbigniew Jędrzejewski-Szmek - 255.2-3 +- Add temporary patch to adjust uid range classification (rhbz#2251843) + +* Tue Jan 09 2024 Zbigniew Jędrzejewski-Szmek - 255.2-1 +- Version 255.2 +- Fixes missing DNSSEC validity check in SOA DNS packets (CVE-2023-7008) +- systemd-resolved and systemd-networkd are restarted after an upgrade. + +* Tue Jan 09 2024 Zbigniew Jędrzejewski-Szmek - 255.1-2 +- Add missing %%postun scriptlets for systemd-{resolved,networkd} + (rhbz#2255718) + +* Sat Dec 16 2023 Zbigniew Jędrzejewski-Szmek - 255.1-1 +- Version 255.1 + +* Wed Dec 13 2023 Zbigniew Jędrzejewski-Szmek - 255-7 +- Do not remove modified config files + +* Fri Dec 08 2023 Zbigniew Jędrzejewski-Szmek - 255-4 +- Add /etc/ssh/sshd_config.d to the file list + +* Fri Dec 08 2023 Zbigniew Jędrzejewski-Szmek - 255-3 +- Move config files to /usr/lib/systemd (e.g. /etc/systemd/system.conf → + /usr/lib/systemd/systemd.conf). Both config file locations were already + supported, and the files installed in /etc/ were "empty" (i.e. they had + only comments and section headers). The move does not change the + configuration, but just makes /etc more empty by default. See + https://github.com/systemd/systemd/commit/6495361c7d for more discussion + and details. + +* Fri Dec 08 2023 Zbigniew Jędrzejewski-Szmek - 255-2 +- Move systemd-bsod is to udev subpackage + +* Wed Dec 06 2023 Zbigniew Jędrzejewski-Szmek - 255-1 +- Version 255 +- Just a few bugfixes since 255-rc4: seccomp filters, logging, + documentation, systemd-repart +- Includes a hardware database update. + +* Sat Dec 02 2023 Zbigniew Jędrzejewski-Szmek - 255~rc4-1 +- Version 255~rc4 + +* Fri Dec 01 2023 Adam Williamson - 255~rc3-4 +- Backport PRs #30170 and #30266 to fix BPF denials (RHBZ #2250930) + +* Wed Nov 29 2023 Adam Williamson - 255~rc3-3 +- Backport #30197 to fix vconsole startup (RHBZ #2251394) + +* Thu Nov 23 2023 Peter Robinson - 255~rc3-2 +- de-dupe LICENSE.LGPL2.1 in licenses + +* Wed Nov 22 2023 Zbigniew Jędrzejewski-Szmek - 255~rc3-1 +- Version 255~rc3 + +* Wed Nov 22 2023 Zbigniew Jędrzejewski-Szmek - 255~rc2-2 +- Add systemd-networkd-defaults subpackage + +* Wed Nov 15 2023 Zbigniew Jędrzejewski-Szmek - 255~rc2-1 +- Version 255~rc2 +- See See https://raw.githubusercontent.com/systemd/systemd/v255-rc2/NEWS + +* Wed Nov 08 2023 Zbigniew Jędrzejewski-Szmek +- Add Conflicts with older dracut which doesn't have required patches + +* Tue Nov 07 2023 Zbigniew Jędrzejewski-Szmek - 255~rc1-3 +- Also build systemd-vmspawn + +* Tue Nov 07 2023 Zbigniew Jędrzejewski-Szmek - 255~rc1-2 +- Move oomd to systemd-udev + +* Tue Nov 07 2023 Zbigniew Jędrzejewski-Szmek - 255~rc1-1 +- Version 255~rc1 +- See https://raw.githubusercontent.com/systemd/systemd/v255-rc1/NEWS +- All the files and services related to pcrs are moved to -udev subpackage. + This includes the new systemd-pcrlock binary. + +* Wed Sep 27 2023 Zbigniew Jędrzejewski-Szmek - 254.5-2 +- Pull in more patches for keyboard layout matching + +* Wed Sep 27 2023 Zbigniew Jędrzejewski-Szmek - 254.5-1 +- Version 254.5 +- Resolves rhbz#29216. + +* Wed Sep 27 2023 Zbigniew Jędrzejewski-Szmek - 254.2-14 +- Pull in patches to add PollLimit setting + +* Wed Sep 27 2023 Zbigniew Jędrzejewski-Szmek - 254.2-13 +- Change versioned Conflicts to rich Requires (rhbz#2240828) + +* Tue Sep 19 2023 Adam Williamson - 254.2-12 +- Backport PR #29215 to improve keyboard layout matching + +* Mon Sep 18 2023 Zbigniew Jędrzejewski-Szmek - 254.2-7 +- Fix creation of installkernel symlink + +* Fri Sep 15 2023 Zbigniew Jędrzejewski-Szmek - 254.2-6 +- Provide /usr/sbin/installkernel (rhbz#2239008). + +* Thu Sep 07 2023 Zbigniew Jędrzejewski-Szmek - 254.2-2 +- Make inter-subpackage dependencies archful + +* Thu Sep 07 2023 Zbigniew Jędrzejewski-Szmek - 254.2-1 +- Version 254.2 +- A bunch of fixes in various areas: manager, coredump, sysupdate, + hibernation, journal. +- Should fix rhbz#2234653. + +* Wed Sep 06 2023 Zbigniew Jędrzejewski-Szmek - 254.1-8 +- Actually reload user managers and backport unit reload macros + +* Sat Sep 02 2023 Daan De Meyer - 254.1-7 +- ukify: Drop obsolete dependency on objcopy + +* Sat Sep 02 2023 Daan De Meyer - 254.1-6 +- Add missing ukify dependency on python-cryptography + +* Sun Aug 20 2023 Yu Watanabe - 254.1-5 +- spec: also explicitly enable/disable ukify support + +* Sun Aug 13 2023 Yu Watanabe - 254.1-4 +- spec: explicitly enable/disable xen support + +* Wed Aug 09 2023 Zbigniew Jędrzejewski-Szmek - 254.1-1 +- Version 254.1 (rhbz#2228089, possibly partial fix for rhbz#2229524) + +* Wed Aug 09 2023 Zbigniew Jędrzejewski-Szmek - 254-5 +- Do daemon-reexec of user managers after package upgrade + +* Mon Aug 07 2023 Daan De Meyer - 254-4 +- Revert "Supress errors on selinux systems" + +* Thu Aug 03 2023 Daan De Meyer - 254-3 +- Add a custom %%clean implementation + +* Thu Aug 03 2023 Daan De Meyer - 254-2 +- Update libbpf soname + +* Fri Jul 28 2023 Zbigniew Jędrzejewski-Szmek - 254-1 +- Version 254 (just a bunch of bugfixes, mostly for unusual architectures, + since rc3) +- rhbz#2226908 +- See https://raw.githubusercontent.com/systemd/systemd/v254-rc1/NEWS for + the full changeset. + +* Mon Jul 24 2023 Zbigniew Jędrzejewski-Szmek - 254~rc3-1 +- Version 254~rc3 +- A bunch of fixes, e.g. rhbz#2223795. Also a bunch of reverts of commits + which were found to cause problems. + +* Sat Jul 22 2023 Fedora Release Engineering - 254~rc2-5 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild + +* Mon Jul 17 2023 Zbigniew Jędrzejewski-Szmek - 254~rc2-4 +- Fix scriptlets for various services and remote-cryptsetup.target + (rhbz#2217997) + +* Sun Jul 16 2023 Stewart Smith - 254~rc2-3 +- Convert existing bcond_with[out] to plain bcond + +* Sun Jul 16 2023 Stewart Smith - 254~rc2-2 +- Move gnutls, zlib, bzip2, lz4, xz, and zstd to bconds + +* Sat Jul 15 2023 Zbigniew Jędrzejewski-Szmek - 254~rc2-1 +- Version 254~rc2 +- Various bug fixes, in particular kernel-install should again work without + /proc. + +* Thu Jul 13 2023 Zbigniew Jędrzejewski-Szmek - 254~rc1-1 +- Version 254~rc1 +- Way too many changes to list. See + https://raw.githubusercontent.com/systemd/systemd/v254-rc1/NEWS +- Fix regression in socket activation of services (rhbz#2213660). + +* Mon Jun 26 2023 Yaakov Selkowitz - 253.5-7 +- Use rpm sysuser provide generation on RHEL >= 10 + +* Thu Jun 22 2023 Panu Matilainen - 253.5-6 +- Use rpm's sysuser provide generation on Fedora >= 39 + +* Wed Jun 21 2023 Anita Zhang - 253.5-5 +- fix typos in standalone package provides + +* Mon Jun 05 2023 Yaakov Selkowitz - 253.5-4 +- Avoid pillow and pyflakes in RHEL builds + +* Mon Jun 05 2023 Yaakov Selkowitz - 253.5-3 +- Avoid qrencode dependency in RHEL builds + +* Fri Jun 02 2023 Alessandro Astone - 253.5-2 +- Increase vm.max_map_count + +* Thu Jun 01 2023 Zbigniew Jędrzejewski-Szmek - 253.5-1 +- Version 253.5 + +* Thu May 11 2023 Zbigniew Jędrzejewski-Szmek - 253.4-1 +- Version 253.4 + +* Thu May 11 2023 Michael Catanzaro - 253.2-6 +- Raise ManagedOOMMemoryPressureLimit from 50%% to 80%% + +* Tue May 09 2023 Zbigniew Jędrzejewski-Szmek - 253.2-5 +- Add forgotten Provides and Conflicts for standalones + +* Wed Apr 26 2023 Zbigniew Jędrzejewski-Szmek - 253.2-4 +- sysusers.generate-pre.sh: properly escape quotes in description strings + (rhbz#2104141) + +* Wed Apr 26 2023 Zbigniew Jędrzejewski-Szmek - 253.2-3 +- sysusers.generate-pre.sh: fix indentation in generated scripts + +* Wed Mar 29 2023 Zbigniew Jędrzejewski-Szmek - 253.2-1 +- Version 253.2 + +* Wed Mar 29 2023 Zbigniew Jędrzejewski-Szmek - 253.1-7 +- oomd: stop monitoring user-*.slice slices (rhbz#2177722) + +* Thu Mar 09 2023 Zbigniew Jędrzejewski-Szmek - 253.1-6 +- Move /usr/lib/systemd/boot/ to systemd-boot-unsigned subpackage + +* Fri Mar 03 2023 Zbigniew Jędrzejewski-Szmek - 253.1-2 +- Fix build with gnu-efi-3.0.11-13 + +* Fri Mar 03 2023 Zbigniew Jędrzejewski-Szmek - 253.1-1 +- Version 253.1 +- Fixes rhbz#2148464 + +* Wed Mar 01 2023 Zbigniew Jędrzejewski-Szmek - 253-7 +- Move man pages for sd-boot into systemd-boot-unsigned + +* Wed Feb 22 2023 Zbigniew Jędrzejewski-Szmek - 253-6 +- Set TimeoutStopFailureMode=abort for services (see + https://fedoraproject.org/wiki/Changes/Shorter_Shutdown_Timer) + +* Tue Feb 21 2023 Dusty Mabe - 253-5 +- remove group write permission from 98-default-mac-none.link + +* Tue Feb 21 2023 Dusty Mabe - 253-4 +- fix comment instructions for 98-default-mac-none.link + +* Tue Feb 21 2023 Zbigniew Jędrzejewski-Szmek - 253-3 +- Backport patch for container compatibility (rhbz#2165004) + +* Tue Feb 21 2023 Zbigniew Jędrzejewski-Szmek - 253-2 +- Add workaround patch for dracut generator issue (rhbz#2164404) + +* Mon Feb 20 2023 Zbigniew Jędrzejewski-Szmek - 253-1 +- Version 253 (mostly some documentation fixes since -rc3). + +* Fri Feb 10 2023 Zbigniew Jędrzejewski-Szmek - 253~rc3-1 +- Version 253-rc3 +- A bunch of bugfixes for regressions, some documentation and bug fixes + too. +- Really fix rhbz#2165692 (previous build carried an unapplied patch). + +* Thu Feb 09 2023 Zbigniew Jędrzejewski-Szmek - 253~rc2-7 +- Revert patch switch causes problems for 'systemctl isolate' + (rhbz#2165692) + +* Wed Feb 08 2023 Zbigniew Jędrzejewski-Szmek - 253~rc2-6 +- Disable systemd-boot-update.service in presets + +* Wed Feb 08 2023 Zbigniew Jędrzejewski-Szmek - 253~rc2-4 +- Update License to SPDX + +* Mon Feb 06 2023 Thomas Haller - 253~rc2-3 +- add "98-default-mac-none.link" to keep default MAC address of + bridge/bond/team + +* Thu Feb 02 2023 Michael Catanzaro - 253~rc2-2 +- Shorten shutdown timeout to 45 s + +* Thu Feb 02 2023 Zbigniew Jędrzejewski-Szmek - 253~rc2-1 +- Version 253~rc2 +- Sysusers fixup (rhbz#2156900) + other small changes + +* Thu Feb 02 2023 Yaakov Selkowitz - 253~rc1-5 +- Build with xen only on Fedora + +* Thu Jan 26 2023 Zbigniew Jędrzejewski-Szmek - 253~rc1-3 +- Reenable systemd-journald-audit.socket after upgrades (rhbz#2164594) + +* Wed Jan 25 2023 Zbigniew Jędrzejewski-Szmek - 253~rc1-2 +- Add Requires on Python modules to systemd-ukify and Recommends for + libp11-kit + +* Tue Jan 24 2023 Zbigniew Jędrzejewski-Szmek - 253~rc1-1 +- Version 253~rc1 +- See https://raw.githubusercontent.com/systemd/systemd/v253-rc1/NEWS +- New subpackages: systemd-repart-standalone, systemd-shutdown-standalone, + and systemd-ukify. + +* Sun Jan 22 2023 Zbigniew Jędrzejewski-Szmek - 252.4-4 +- Backport patches to fix issues gcc-13 and -D_FORTIFY_SOURCE=3 + +* Sat Jan 21 2023 Fedora Release Engineering - 252.4-3 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild + +* Thu Jan 05 2023 Daan De Meyer - 252.4-2 +- Add python3 to BuildRequires + +* Tue Dec 20 2022 Zbigniew Jędrzejewski-Szmek - 252.4-1 +- Version 252.4 +- Fixes a few different issues (systemd-timesyncd connectivity problems, + broken emoji output on the console, crashes in pid1 unit dependency + logic) +- CVE-2022-4415: systemd: coredump not respecting fs.suid_dumpable kernel + setting + +* Sat Dec 17 2022 Zbigniew Jędrzejewski-Szmek - 252.3-4 +- boot: add Provides:systemd-boot(isa) + +* Wed Dec 14 2022 Zbigniew Jędrzejewski-Szmek - 252.3-2 +- Use upstream pam systemd-auth file with a patch, add pam_keyinit + +* Thu Dec 08 2022 Zbigniew Jędrzejewski-Szmek - 252.3-1 +- Version 252.3 (rhbz#2136916, rhbz#2083900) + +* Fri Dec 02 2022 Zbigniew Jędrzejewski-Szmek - 252.2-2 +- Split out systemd-boot-unsigned package + +* Thu Nov 24 2022 Zbigniew Jędrzejewski-Szmek - 252.2-1 +- Version 252.2 +- Latest batch of bugfixes (rhbz#2137631) + +* Thu Nov 24 2022 Martin Osvald - 252.1-3 +- Support user:group notation by sysusers.generate-pre.sh script + +* Tue Nov 08 2022 Zbigniew Jędrzejewski-Szmek - 252.1-1 +- Version 252.1 (just some small fixes). + +* Mon Oct 31 2022 Zbigniew Jędrzejewski-Szmek - 252-1 +- Version 252 + +* Tue Oct 25 2022 Zbigniew Jędrzejewski-Szmek - 252~rc3-1 +- Version 252-rc3 (#2135778) + +* Tue Oct 18 2022 Zbigniew Jędrzejewski-Szmek - 252~rc2-28 +- Version 252-rc2 (#2134741, #2133792) + +* Fri Oct 14 2022 Zbigniew Jędrzejewski-Szmek - 252~rc1-31 +- Fix upgrade detection in %%posttrans scriptlet (rhbz#2115094) + +* Sun Oct 09 2022 Zbigniew Jędrzejewski-Szmek - 252~rc1-30 +- Fix indentation in %%sysusers_create_compat macro (rhbz#2132835) + +* Sun Oct 09 2022 Zbigniew Jędrzejewski-Szmek - 252~rc1-29 +- Correctly move systemd-measure to systemd-udev subpackage + +* Fri Oct 07 2022 Zbigniew Jędrzejewski-Szmek - 252~rc1-28 +- Version 252-rc1 (for details see + https://raw.githubusercontent.com/systemd/systemd/v252-rc1/NEWS) + +* Sat Oct 01 2022 Zbigniew Jędrzejewski-Szmek - 251.5-29 +- Fix permissions on %%ghost files (rhbz#2122889) + +* Sat Oct 01 2022 Zbigniew Jędrzejewski-Szmek - 251.5-28 +- Version 251.5 (rhbz#2129343, rhbz#2121106, rhbz#2130188) + +* Fri Sep 30 2022 Yu Watanabe - 251.4-41 +- Replace patch for test-mountpoint-util + +* Fri Sep 30 2022 Yu Watanabe - 251.4-40 +- patch: fix regression in bfq patch + +* Fri Sep 30 2022 Luca BRUNO - 251.4-39 +- sysusers/generate: bridge 'm' entries to usermod + +* Fri Sep 30 2022 Anita Zhang - 251.4-38 +- Update systemd-oomd defaults to friendlier values +- Remove swap policy. Default amount of swap (8GB?) is a lot lower than + what we use internally with the swap policy. Which frequently leads to + GNOME getting killed (e.g. + https://bugzilla.redhat.com/show_bug.cgi?id=1941170, and other BZs not + linked here). Internally we use 0.5x-1x size of physical memory for swap + via swapfiles (this will be documented in systemd upstream). In simple + cases of using more memory than is available (but without memory + pressure), the Kernel OOM killer can handle killing the offending + process. + +* Thu Sep 29 2022 Zbigniew Jędrzejewski-Szmek - 251.4-37 +- Make systemd-devel conditionally pull in systemd-rpm-macros + +* Fri Aug 19 2022 Neal Gompa - 251.4-53 +- Set compile-time fallback hostname to "localhost" + https://fedoraproject.org/wiki/Changes/FallbackHostname + +* Thu Aug 18 2022 Kalev Lember - 251.4-52 +- Avoid requiring systemd-pam from -devel subpackage + +* Tue Aug 09 2022 Zbigniew Jędrzejewski-Szmek - 251.4-51 +- Manually bump release version for rpmautospec + +* Tue Aug 09 2022 Luca BRUNO - 251.4-26 +- Align sysusers-generated shell value with upstream systemd default + +* Tue Aug 09 2022 Zbigniew Jędrzejewski-Szmek - 251.4-2 +- Backport patches and do a full preset on first boot (#2114065, + https://fedoraproject.org/wiki/Changes/Preset_All_Systemd_Units_on_First_Boot) + +* Mon Aug 08 2022 Zbigniew Jędrzejewski-Szmek - 251.4-1 +- Version 251.4 (fixes rhbz#2112551) +- A bunch of fixes to documentation, crashes in systemd-resolved, + systemd-networkd, systemd itself, and other smaller fixes. + +* Sat Jul 23 2022 Fedora Release Engineering - 251.3-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild + +* Wed Jul 13 2022 Zbigniew Jędrzejewski-Szmek - 251.3-1 +- Update to latest bugfix release +- Drop forgotten "temporary" workaround for #1663040 + +* Wed Jun 29 2022 Zbigniew Jędrzejewski-Szmek - 251.2-2 +- Drop forward-secure-sealing code from sd-journal and tools + +* Thu Jun 2 2022 Zbigniew Jędrzejewski-Szmek - 251.2-1 +- A bunch of man page fixes, a few memory-access correctness fixes, + remove excessive messages to utmp sessions, suppress messages about + bpf setup in the user manager (#2084955) + +* Wed May 25 2022 Zbigniew Jędrzejewski-Szmek - 251.1-2 +- Supress errors from useradd/groupadd (#2090129) +- Drop "v" from the version tag, add tilde back +- The tag for shared-libraries is reintroduced (#1906010) + +* Tue May 24 2022 Zbigniew Jędrzejewski-Szmek - 251.1-1 +- First bugfix release for 250 +- Two fixes for kernel-install and a revert for #2087225, #2088788. + +* Sat May 21 2022 Zbigniew Jędrzejewski-Szmek - 251-1 +- Latest upstream release, for details see + https://raw.githubusercontent.com/systemd/systemd/v251/NEWS. +- Fixes for #2071034, #2084955, #2086166. + +* Mon May 16 2022 Zbigniew Jędrzejewski-Szmek - 251~rc3-1 +- Update to latest upstream prerelease (just various bugfixes) +- Udev rule processing should be now fixed (#2076459) +- Run sysusers and hwdb and catalog updates also if systemd is not running + (#2085481) + +* Wed May 11 2022 Adam Williamson - 251~rc2-2 +- Backport #23352 to fix RHBZ #2083374 + +* Thu May 5 2022 Zbigniew Jędrzejewski-Szmek - 251~rc2-1 +- New upstream prerelease, for details see + https://raw.githubusercontent.com/systemd/systemd/v251-rc2/NEWS. + +* Tue Apr 12 2022 Zbigniew Jędrzejewski-Szmek - 251~rc1-3 +- Do not touch /etc/resolv.conf on upgrades (#2074122) +- Add bugfix patch and revert one patch which might be causing + problems with the compose + +* Mon Apr 4 2022 Zbigniew Jędrzejewski-Szmek - 251~rc1-2 +- Merge libsystemd-core back into individual binaries and drop the + private shared library suffix (this should server as a work-around + for rhbz#2071069) + +* Tue Mar 29 2022 Zbigniew Jędrzejewski-Szmek - 251~rc1-1 +- First release candidate in the new cycle +- Fixes rhbz#1449751, rhbz#1906010 + +* Fri Mar 18 2022 Zbigniew Jędrzejewski-Szmek - 250.4-2 +- Fix the wrong file assignment done in previous version + +* Thu Mar 17 2022 Zbigniew Jędrzejewski-Szmek - 250.4-1 +- Move libcryptsetup plugins to -udev (#2031873) +- Move systemd-cryptenroll to -udev (David Tardon) +- Disable default DNS over TLS (#1889901) (Michael Catanzaro) + +* Thu Feb 24 2022 Zbigniew Jędrzejewski-Szmek - 250.3-6 +- Avoid trying to create the symlink if there's a dangling symlink already in + place (#2058388) + +* Wed Feb 23 2022 Zbigniew Jędrzejewski-Szmek - 250.3-5 +- Move part of %%post scriptlet for resolved to %%posttrans (#2018913) +- Specify owner of utmp/wtmp/btmp/lastlog as root in the rpm listing + +* Wed Feb 16 2022 Zbigniew Jędrzejewski-Szmek - 250.3-4 +- Drop scriptlet for handling nobody user upgrades from Fedora <28 +- Specify owner of /var/log/journal as root in the rpm listing (#2018913) + +* Thu Feb 10 2022 Zbigniew Jędrzejewski-Szmek - 250.3-4 +- Add pam_namespace to systemd-user pam config (rhbz#2053098) +- Drop 20-grubby.install plugin for kernel-install (rhbz#2033646) + +* Sat Jan 22 2022 Fedora Release Engineering - 250.3-3 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild + +* Tue Jan 18 2022 Zbigniew Jędrzejewski-Szmek - 250.3-2 +- Take ghost ownership of /var/log/lastlog (#1798685) + +* Tue Jan 18 2022 Zbigniew Jędrzejewski-Szmek - 250.3-1 +- Third stable release after v250: fixes for sd-boot on fringe hardware (e.g. VirtualBox), + various man page updates, sd-journal file verification is now stricter, + systemd-networkd by default will not add routes for wireguard AllowedIPs= + systemd nss modules shouldn't try to read kernel command line +- Don't do sd-boot updates when not installed (#2038289) +- xdg-autostart-service will ignore ExecCondition= when the helper binary is missing +- kernel-install does cleanup better (#2016630) + +* Fri Jan 7 2022 Zbigniew Jędrzejewski-Szmek - 250.2-1 +- Second stable release after v250: various bugfixes + (systemd-resolved, systemd-journald, userdbctl, homed). +- The manager should now gracefully handle the case where BPF LSM + cannot be initialized (#2036145). The BPF filters are enabled again + on all architectures, so *other* filter should also work on the + affected architectures. +- kernel-install now checks paths used by grub2 before sd-boot paths again + (#2036199) +- fstab-generator now ignores root-on-nfs/cifs/iscsi and live (#2037233) +- CVE-2021-3997, #2024639: systemd-tmpfiles would exhaust the stack and crash + during excessive recursion on a very deeply nested directory structure. + +* Tue Jan 4 2022 Zbigniew Jędrzejewski-Szmek - 250.1-1 +- First stable version after v250: various bugfixes, in particular for + sd-boot, systemd-networkd, and various build issues. +- Fixes #2036517, #2035608, #2036217. + +* Thu Dec 30 2021 Zbigniew Jędrzejewski-Szmek - 250-3 +- Disable bpf filters on arm64 (#2036145) + +* Sat Dec 25 2021 Zbigniew Jędrzejewski-Szmek - 250-2 +- Fix warning about systemd-boot-update.service not existing on + non-uefi architectures +- Enable all bpf features (#2035608) + +* Thu Dec 23 2021 Zbigniew Jędrzejewski-Szmek - 250-1 +- Version 250, only some very small changes since -rc3. +- Switch unit status name format to 'combined' (#2028169) + +* Mon Dec 20 2021 Zbigniew Jędrzejewski-Szmek - 250~rc3-1 +- Latest prerelease, see + https://raw.githubusercontent.com/systemd/systemd/v250-rc3/NEWS for + details. +- Fixes rhbz#2006761, rhbz#2027627, rhbz#1926323, rhbz#1919538. + +* Sun Dec 12 2021 Zbigniew Jędrzejewski-Szmek - 250~rc1-4 +- Move systemd-boot-update.service to -udev subpackage + and add it the the installation scriptlets (#2031400) +- Move libcryptsetup-token-systemd plugins to -udev (#2031873) +- Create /etc/resolv.conf symlink if nothing is present yet (#2032085) + +* Fri Dec 10 2021 Pavel Březina - 250~rc1-3 +- Remove nsswitch.conf scriptlets (#2023743) + +* Thu Dec 9 2021 Zbigniew Jędrzejewski-Szmek - 250~rc1-1 +- Version 250-rc1, + see https://raw.githubusercontent.com/systemd/systemd/v250-rc1/NEWS for + details. + +* Fri Nov 19 2021 Davide Cavalca - 249.7-3 +- Disable legacy iptables support + +* Mon Nov 15 2021 Zbigniew Jędrzejewski-Szmek - 249.7-2 +- Supress errors from update-helper when selinux is enabled (see #2023332) + +* Sun Nov 14 2021 Zbigniew Jędrzejewski-Szmek - 249.7-1 +- Latest bugfix release (better erofs detection, sd-event memory + corruption bugfix, logind, documentation) +- Really fix helper to restart user units with older systemd (#2020415) + +* Sun Nov 14 2021 Petr Menšík - 249.7-1 +- Switch /etc/resolv.conf over to NM when systemd-resolved is uninstalled + +* Wed Nov 10 2021 Kir Kolyshkin - 249.7-1 +- Fix scope activation from a user instance (#2022041) + +* Mon Nov 8 2021 Zbigniew Jędrzejewski-Szmek - 249.6-3 +- Fix helper to restart user units with older systemd (#2020415) + +* Thu Nov 4 2021 Zbigniew Jędrzejewski-Szmek - 249.6-2 +- Latest bugfix release (networkd, coredumpctl, varlink, udev, + systemctl, systemd itself, better detection of Hyper-V and + Virtualbox virtualization, documentation updates) +- Fix helper to restart user units + +* Fri Oct 29 2021 Adam Williamson - 249.5-2 +- Backport PR #133 to fix boot + +* Tue Oct 12 2021 Zbigniew Jędrzejewski-Szmek - 249.5-1 +- Latest bugfix release (various fixes in systemd-networkd, + -timesyncd, -journald, -udev, homed, -resolved, -repart, -oomd, + -coredump, systemd itself, seccomp filters, TPM2 handling, + -documentation, sd-event, sd-journal, journalctl, and nss-systemd). +- Fixes #1976445. + +* Tue Sep 14 2021 Sahana Prasad - 249.4-2 +- Rebuilt with OpenSSL 3.0.0 + +* Tue Aug 24 2021 Zbigniew Jędrzejewski-Szmek - 249.4-1 +- Latest bugfix release: various fixes for systemd-networkd, + systemd-resolved, systemd, systemd-boot. +- Backport of macros to restart systemd user units (#1993244) + +* Fri Aug 6 2021 Zbigniew Jędrzejewski-Szmek - 249.3-1 +- Latest bugfix release: improved compatibility with latest glibc, + various small documentation fixes, and fixes for systemd-networkd bridging, + other minor fixes. +- systemctl set-property accepts glob patterns now (#1986258) + +* Fri Jul 23 2021 Zbigniew Jędrzejewski-Szmek - 249.2-1 +- Latest bugfix release (a minor hwdb regression bugfix, and correction + to kernel commandline handling when reexecuting PID 1 in a container) + +* Fri Jul 23 2021 Michael Catanzaro - 249.2-1 +- Build with -Ddefault-dns-over-tls=opportunistic + (https://fedoraproject.org/wiki/Changes/DNS_Over_TLS, #1889901) + +* Tue Jul 20 2021 Zbigniew Jędrzejewski-Szmek - 249.1-1 +- Various minor documentation and correctness fixes. +- CVE-2021-33910, #1984020: an unchecked stack allocation could be used to + crash systemd and cause the system to reboot by creating a very long + fuse mountpoint path. + +* Wed Jul 7 2021 Neal Gompa - 249-2 +- Use correct NEWS URLs for systemd 249 releases in changelog entries + +* Wed Jul 7 2021 Zbigniew Jędrzejewski-Szmek - 249-1 +- Latest upstream release with minor bugfixes, see + https://github.com/systemd/systemd/blob/v249/NEWS. +- systemd-oomd cpu usage is reduced (#1944646) + +* Thu Jul 1 2021 Zbigniew Jędrzejewski-Szmek - 249~rc3-1 +- Latest upstream prerelease with various bugfixes, see + https://github.com/systemd/systemd/blob/v249-rc3/NEWS. + +* Fri Jun 25 2021 Zbigniew Jędrzejewski-Szmek - 249~rc2-1 +- Latest upstream prerelease with various bugfixes, see + https://github.com/systemd/systemd/blob/v249-rc2/NEWS. +- Ignore FORCERENEW DHCP packets (TALOS-2020-1142, CVE-2020-13529, #1959398) + +* Thu Jun 17 2021 Adam Williamson - 249~rc1-2 +- Stop systemd providing systemd-resolved, now the subpackage exists (#1973462) + +* Wed Jun 16 2021 Zbigniew Jędrzejewski-Szmek - 249~rc1-1 +- Latest upstream prerelease, see + https://github.com/systemd/systemd/blob/v249-rc1/NEWS. + Fixes #1963428. +- Use systemd-sysusers to create users (#1965815) +- Move systemd-resolved into systemd-resolved subpackage (#1923727) + [patch from Petr Menšík] + +* Sat May 15 2021 Zbigniew Jędrzejewski-Szmek - 248.3-1 +- A fix for resolved crashes (#1946386, #1960227, #1950241) +- Some minor fixes for documentation, systemd-networkd, systemd-run, bootctl. + +* Fri May 7 2021 Zbigniew Jędrzejewski-Szmek - 248.2-1 +- Pull in some more patches from upstream (#1944646, #1885090, #1941340) +- Adjust modes of some %%ghost files (#1956059) + +* Thu May 6 2021 Zbigniew Jędrzejewski-Szmek - 248.1-1 +- Latest stable version: a long list of minor correctness fixes all around + (#1955475, #911766, #1958167, #1952919) +- Enable tpm2-tss dependency (#1949505) + +* Tue Apr 06 2021 Adam Williamson - 248-2 +- Re-enable resolved caching, we hope all major bugs are resolved now + +* Wed Mar 31 2021 Zbigniew Jędrzejewski-Szmek - 248-1 +- Latest upstream release, see + https://github.com/systemd/systemd/blob/v248/NEWS. +- The changes since -rc4 are rather small, various fixes all over the place. + A fix to how systemd-oomd selects a candidate to kill, and more debug logging + to make this more transparent. + +* Tue Mar 30 2021 Anita Zhang - 248~rc4-6 +- Increase oomd user memory pressure limit to 50% (#1941170) + +* Fri Mar 26 2021 Zbigniew Jędrzejewski-Szmek - 248~rc4-5 +- Do not preset systemd-networkd.service and systemd-networkd-wait-online.service + on upgrades from before systemd-networkd was split out (#1943263) +- In nsswitch.conf, move nss-myhostname to the front, before nss-mdns4 (#1943199) + +* Wed Mar 24 2021 Zbigniew Jędrzejewski-Szmek - 248~rc4-4 +- Revert patch that seems to cause problems with dns resolution + (see comments on https://bodhi.fedoraproject.org/updates/FEDORA-2021-1c1a870ceb) + +* Mon Mar 22 2021 Zbigniew Jędrzejewski-Szmek - 248~rc4-3 +- Fix hang when processing timers during DST switch in Europe/Dublin timezone (#1941335) +- Fix returning combined IPv4/IPv6 responses from systemd-resolved cache (#1940715) + (But note that the disablement of caching added previously is + retained until we can do more testing.) +- Minor fix to interface naming by udev +- Fix for systemd-repart --size + +* Fri Mar 19 2021 Adam Williamson - 248~rc4-2 +- Disable resolved cache via config snippet (#1940715) + +* Thu Mar 18 2021 Yu Watanabe - 248~rc4-1 +- Latest upstream prerelease, see + https://github.com/systemd/systemd/blob/v248-rc4/NEWS. +- A bunch of documentation updates, and correctness fixes. + +* Tue Mar 16 2021 Adam Williamson - 248~rc3-2 +- Backport PR #19009 to fix CNAME redirect resolving some more (#1933433) + +* Thu Mar 11 2021 Zbigniew Jędrzejewski-Szmek - 248~rc3-1 +- Latest upstream prerelease, see + https://github.com/systemd/systemd/blob/v248-rc3/NEWS. +- A bunch of documentation updates, correctness fixes, and systemd-networkd + features. +- Resolves #1933137, #1935084, #1933873, #1931181, #1933335, #1935062, #1927148. + +* Thu Mar 11 2021 Zbigniew Jędrzejewski-Szmek - 248~rc2-5 +- Fix crash in pid1 during daemon-reexec (#1931034) + +* Fri Mar 05 2021 Adam Williamson - 248~rc2-3 +- Fix stub resolver CNAME chain resolving (#1933433) + +* Mon Mar 01 2021 Josh Boyer - 248~rc2-2 +- Don't set the fallback hostname to Fedora on non-Fedora OSes + +* Tue Feb 23 2021 Zbigniew Jędrzejewski-Szmek - 248~rc2-1 +- Latest upstream prelease, just a bunch of small fixes. +- Fixes #1931957. + +* Tue Feb 23 2021 Zbigniew Jędrzejewski-Szmek - 248~rc1-2 +- Rebuild with the newest scriptlets + +* Tue Feb 23 2021 Zbigniew Jędrzejewski-Szmek - 248~rc1-1 +- Latest upstream prerelease, see + https://github.com/systemd/systemd/blob/v248-rc1/NEWS. +- Fixes #1614751 by only restarting services at the end of transcation. + Various packages need to be rebuilt to have the updated macros. +- Fixes #1879028, though probably not completely. +- Fixes #1925805, #1928235. + +* Wed Feb 17 2021 Michel Alexandre Salim - 247.3-3 +- Increase oomd user memory pressure limit to 10% (#1929856) + +* Fri Feb 5 2021 Anita Zhang - 247.3-2 +- Changes for https://fedoraproject.org/wiki/Changes/EnableSystemdOomd. +- Backports consist primarily of PR #18361, #18444, and #18401 (plus some + additional ones to handle merge conflicts). +- Create systemd-oomd-defaults subpackage to install unit drop-ins that will + configure systemd-oomd to monitor and act. + +* Tue Feb 2 2021 Zbigniew Jędrzejewski-Szmek - 247.3-1 +- Minor stable release +- Fixes #1895937, #1813219, #1903106. + +* Wed Jan 27 2021 Fedora Release Engineering - 247.2-3 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild + +* Wed Jan 13 2021 Zbigniew Jędrzejewski-Szmek - 247.2-2 +- Fix bfq patch again (#1813219) + +* Wed Dec 23 2020 Jonathan Underwood - 247.2-2 +- Add patch to enable crypttab to support disabling of luks read and + write workqueues (corresponding to + https://github.com/systemd/systemd/pull/18062/). + +* Wed Dec 16 2020 Zbigniew Jędrzejewski-Szmek - 247.2-1 +- Minor stable release +- Fixes #1908071. + +* Tue Dec 8 2020 Zbigniew Jędrzejewski-Szmek - 247.1-3 +- Rebuild with fallback hostname change reverted. + +* Fri Dec 04 2020 Bastien Nocera - 247.1-2 +- Unset fallback-hostname as plenty of applications expected localhost + to mean "default hostname" without ever standardising it (#1892235) + +* Tue Dec 1 2020 Zbigniew Jędrzejewski-Szmek - 247.1-1 +- Latest stable release +- Fixes #1902819. +- Files to configure networking with systemd-networkd in a VM or container are + moved to systemd-networkd subpackage. (They were previously in the -container + subpackage, which is for container/VM management.) + +* Thu Nov 26 2020 Zbigniew Jędrzejewski-Szmek - 247-1 +- Update to the latest version +- #1900878 should be fixed + +* Tue Oct 20 2020 Zbigniew Jędrzejewski-Szmek - 247~rc2 +- New upstream pre-release. See + https://github.com/systemd/systemd/blob/v247-rc1/NEWS. + Many smaller and bigger improvements and features are introduced. + (#1885101, #1890632, #1879216) + + A backwards-incompatible change affects PCI network devices which + are connected through a bridge which is itself associated with a + slot. When more than one device was associated with the same slot, + one of the devices would pseudo-randomly get named after the slot. + That name is now not generated at all. This changed behaviour is + causes the net naming scheme to be changed to "v247". To restore + previous behaviour, specify net.naming-scheme=v245. + + systemd-oomd is built, but should not be considered "production + ready" at this point. Testing and bug reports are welcome. + +* Wed Sep 30 2020 Dusty Mabe - 246.6-3 +- Try to make files in subpackages (especially the networkd subpackage) + more appropriate. + +* Thu Sep 24 2020 Filipe Brandenburger - 246.6-2 +- Build a package with standalone binaries for non-systemd systems. + For now, only systemd-sysusers is included. + +* Thu Sep 24 2020 Christian Glombek - 246.6-2 +- Split out networkd sub-package and add to main package as recommended dependency + +* Sun Sep 20 2020 Zbigniew Jędrzejewski-Szmek - 246.6-1 +- Update to latest stable release (various minor fixes: manager, + networking, bootct, kernel-install, systemd-dissect, systemd-homed, + fstab-generator, documentation) (#1876905) +- Do not fail in test because of kernel bug (#1803070) + +* Sun Sep 13 2020 Zbigniew Jędrzejewski-Szmek - 246.5-1 +- Update to latest stable release (a bunch of small network-related + fixes in systemd-networkd and socket handling, documentation updates, + a bunch of fixes for error handling). +- Also remove existing file when creating /etc/resolv.conf symlink + upon installation (#1873856 again) + +* Wed Sep 2 2020 Zbigniew Jędrzejewski-Szmek - 246.4-1 +- Update to latest stable version: a rework of how the unit cache mtime works + (hopefully #1872068, #1871327, #1867930), plus various fixes to + systemd-resolved, systemd-dissect, systemd-analyze, systemd-ask-password-agent, + systemd-networkd, systemd-homed, systemd-machine-id-setup, presets for + instantiated units, documentation and shell completions. +- Create /etc/resolv.conf symlink upon installation (#1873856) +- Move nss-mdns before nss-resolve in /etc/nsswitch.conf and disable + mdns by default in systemd-resolved (#1867830) + +* Wed Aug 26 2020 Zbigniew Jędrzejewski-Szmek - 246.3-1 +- Update to bugfix version (some networkd fixes, minor documentation + fixes, relax handling of various error conditions, other fixlets for + bugs without bugzilla numbers). + +* Mon Aug 17 2020 Zbigniew Jędrzejewski-Szmek - 246.2-1 +- A few minor bugfixes +- Adjust seccomp filter for kernel 5.8 and glibc 2.32 (#1869030) +- Create /etc/resolv.conf symlink on upgrade (#1867865) + +* Fri Aug 7 2020 Zbigniew Jędrzejewski-Szmek - 246.1-1 +- A few minor bugfixes +- Remove /etc/resolv.conf on upgrades (if managed by NetworkManager), so + that systemd-resolved can take over the management of the symlink. + +* Thu Jul 30 2020 Zbigniew Jędrzejewski-Szmek - 246-1 +- Update to released version. Only some minor bugfixes since the pre-release. + +* Sun Jul 26 2020 Zbigniew Jędrzejewski-Szmek - 246~rc2-2 +- Make /tmp be 50% of RAM again (#1856514) +- Re-run 'systemctl preset systemd-resolved' on upgrades. + /etc/resolv.conf is not modified, by a hint is emitted if it is + managed by NetworkManager. + +* Fri Jul 24 2020 Zbigniew Jędrzejewski-Szmek - 246~rc2-1 +- New pre-release with incremental fixes + (#1856037, #1858845, #1856122, #1857783) +- Enable systemd-resolved (with DNSSEC disabled by default, and LLMNR + and mDNS support in resolve-only mode by default). + See https://fedoraproject.org/wiki/Changes/systemd-resolved. + +* Thu Jul 9 2020 Zbigniew Jędrzejewski-Szmek - 246~rc1-1 +- New upstream release, see + https://raw.githubusercontent.com/systemd/systemd/v246-rc1/NEWS. + + This release includes many new unit settings, related inter alia to + cgroupsv2 freezer support and cpu affinity, encryption and verification. + systemd-networkd has a ton of new functionality and many other tools gained + smaller enhancements. systemd-homed gained FIDO2 support. + + Documentation has been significantly improved: sd-bus and sd-hwdb + libraries are now fully documented; man pages have been added for + the D-BUS APIs of systemd daemons and various new interfaces. + + Closes #1392925, #1790972, #1197886, #1525593. + +* Wed Jun 24 2020 Bastien Nocera - 245.6-3 +- Set fallback-hostname to fedora so that unset hostnames are still + recognisable (#1392925) + +* Tue Jun 2 2020 Zbigniew Jędrzejewski-Szmek - 245.6-2 +- Add self-obsoletes to fix upgrades from F31 + +* Sun May 31 2020 Zbigniew Jędrzejewski-Szmek - 245.6-1 +- Update to latest stable version (some documentation updates, minor + memory correctness issues) (#1815605, #1827467, #1842067) + +* Tue Apr 21 2020 Björn Esser - 245.5-2 +- Add explicit BuildRequires: acl +- Bootstrapping for json-c SONAME bump + +* Fri Apr 17 2020 Zbigniew Jędrzejewski-Szmek - 245.5-1 +- Update to latest stable version (#1819313, #1815412, #1800875) + +* Thu Apr 16 2020 Björn Esser - 245.4-2 +- Add bootstrap option to break circular deps on cryptsetup + +* Wed Apr 1 2020 Zbigniew Jędrzejewski-Szmek - 245.4-1 +- Update to latest stable version (#1814454) + +* Thu Mar 26 2020 Zbigniew Jędrzejewski-Szmek - 245.3-1 +- Update to latest stable version (no issue that got reported in bugzilla) + +* Wed Mar 18 2020 Zbigniew Jędrzejewski-Szmek - 245.2-1 +- Update to latest stable version (a few bug fixes for random things) (#1798776) + +* Fri Mar 6 2020 Zbigniew Jędrzejewski-Szmek - 245-1 +- Update to latest version (#1807485) + +* Wed Feb 26 2020 Zbigniew Jędrzejewski-Szmek - 245~rc2-1 +- Modify the downstream udev rule to use bfq to only apply to disks (#1803500) +- "Upgrade" dependency on kbd package from Recommends to Requires (#1408878) +- Move systemd-bless-boot.service and systemd-boot-system-token.service to + systemd-udev subpackage (#1807462) +- Move a bunch of other services to systemd-udev: + systemd-pstore.service, all fsck-related functionality, + systemd-volatile-root.service, systemd-verity-setup.service, and a few + other related files. +- Fix daemon-reload rule to not kill non-systemd pid1 (#1803240) +- Fix namespace-related failure when starting systemd-homed (#1807465) and + group lookup failure in nss_systemd (#1809147) +- Drop autogenerated BOOT_IMAGE= parameter from stored kernel command lines + (#1716164) +- Don't require /proc to be mounted for systemd-sysusers to work (#1807768) + +* Fri Feb 21 2020 Filipe Brandenburger - 245~rc1-4 +- Update daemon-reexec fallback to check whether the system is booted with + systemd as PID 1 and check whether we're upgrading before using kill -TERM + on PID 1 (#1803240) + +* Tue Feb 18 2020 Adam Williamson - 245~rc1-3 +- Revert 097537f0 to fix plymouth etc. running when they shouldn't (#1803293) + +* Fri Feb 7 2020 Zbigniew Jędrzejewski-Szmek - 245~rc1-2 +- Add default 'disable *' preset for user units (#1792474, #1468501), + see https://fedoraproject.org/wiki/Changes/Systemd_presets_for_user_units. +- Add macro to generate "compat" scriptlets based off sysusers.d format + and autogenerate user() and group() virtual provides (#1792462), + see https://fedoraproject.org/wiki/Changes/Adopting_sysusers.d_format. +- Revert patch to udev rules causing regression with usb hubs (#1800820). + +* Wed Feb 5 2020 Zbigniew Jędrzejewski-Szmek - 245~rc1-1 +- New upstream release, see + https://raw.githubusercontent.com/systemd/systemd/v245-rc1/NEWS. + + This release includes completely new functionality: systemd-repart, + systemd-homed, user reconds in json, and multi-instantiable + journald, and a partial rework of internal communcation to use + varlink, and bunch of more incremental changes. + + The "predictable" interface name naming scheme is changed, + net.naming-scheme= can be used to undo the change. The change applies + to container interface names on the host. + +- Fixes #1774242, #1787089, #1798414/CVE-2020-1712. + +* Fri Jan 31 2020 Fedora Release Engineering - 244.1-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild + +* Sat Dec 21 2019 - 244.1-2 +- Disable service watchdogs (for systemd units) + +* Sun Dec 15 2019 - 244.1-1 +- Update to latest stable batch (systemd-networkd fixups, better + support for seccomp on s390x, minor cleanups to documentation). +- Drop patch to revert addition of NoNewPrivileges to systemd units + +* Fri Nov 29 2019 Zbigniew Jędrzejewski-Szmek - 244-1 +- Update to latest version. Just minor bugs fixed since the pre-release. + +* Fri Nov 22 2019 Zbigniew Jędrzejewski-Szmek - 244~rc1-1 +- Update to latest pre-release version, + see https://github.com/systemd/systemd/blob/master/NEWS#L3. + Biggest items: cgroups v2 cpuset controller, fido_id builtin in udev, + systemd-networkd does not create a default route for link local addressing, + systemd-networkd supports dynamic reconfiguration and a bunch of new settings. + Network files support matching on WLAN SSID and BSSID. +- Better error messages when preset/enable/disable are used with a glob (#1763488) +- u2f-hidraw-policy package is obsoleted (#1753381) + +* Tue Nov 19 2019 Zbigniew Jędrzejewski-Szmek - 243.4 +- Latest bugfix release. Systemd-stable snapshots will now be numbered. +- Fix broken PrivateDevices filter on big-endian, s390x in particular (#1769148) +- systemd-modules-load.service should only warn, not fail, on error (#1254340) +- Fix incorrect certificate validation with DNS over TLS (#1771725, #1771726, + CVE-2018-21029) +- Fix regression with crypttab keys with colons +- Various memleaks and minor memory access issues, warning adjustments + +* Fri Oct 18 2019 Adam Williamson - 243-4.gitef67743 +- Backport PR #13792 to fix nomodeset+BIOS CanGraphical bug (#1728240) + +* Thu Oct 10 2019 Zbigniew Jędrzejewski-Szmek - 243-3.gitef67743 +- Various minor documentation and error message cleanups +- Do not use cgroup v1 hierarchy in nspawn on groups v2 (#1756143) + +* Sat Sep 21 2019 Zbigniew Jędrzejewski-Szmek - 243-2.gitfab6f01 +- Backport a bunch of patches (memory access issues, improvements to error + reporting and handling in networkd, some misleading man page contents #1751363) +- Fix permissions on static nodes (#1740664) +- Make systemd-networks follow the RFC for DHPCv6 and radv timeouts +- Fix one crash in systemd-resolved (#1703598) +- Make journal catalog creation reproducible (avoid unordered hashmap use) +- Mark the accelerometer in HP laptops as part of the laptop base +- Fix relabeling of directories with relabel-extra.d/ +- Fix potential stuck noop jobs in pid1 +- Obsolete timedatex package (#1735584) + +* Tue Sep 3 2019 Zbigniew Jędrzejewski-Szmek - 243-1 +- Update to latest release +- Emission of Session property-changed notifications from logind is fixed + (this was breaking the switching of sessions to and from gnome). +- Security issue: unprivileged users were allowed to change DNS + servers configured in systemd-resolved. Now proper polkit authorization + is required. + +* Mon Aug 26 2019 Adam Williamson - 243~rc2-2 +- Backport PR #13406 to solve PATH ordering issue (#1744059) + +* Thu Aug 22 2019 Zbigniew Jędrzejewski-Szmek - 243~rc2-1 +- Update to latest pre-release. Fixes #1740113, #1717712. +- The default scheduler for disks is set to BFQ (1738828) +- The default cgroup hierarchy is set to unified (cgroups v2) (#1732114). + Use systemd.unified-cgroup-hierarchy=0 on the kernel command line to revert. + See https://fedoraproject.org/wiki/Changes/CGroupsV2. + +* Wed Aug 07 2019 Adam Williamson - 243~rc1-2 +- Backport PR #1737362 so we own /etc/systemd/system again (#1737362) + +* Tue Jul 30 2019 Zbigniew Jędrzejewski-Szmek - 243~rc1-1 +- Update to latest version (#1715699, #1696373, #1711065, #1718192) + +* Sat Jul 27 2019 Fedora Release Engineering - 242-7.git9d34e79 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild + +* Sat Jul 20 2019 Zbigniew Jędrzejewski-Szmek - 242-6.git9d34e79 +- Ignore bad rdrand output on AMD CPUs (#1729268) +- A bunch of backported patches from upstream: documentation, memory + access fixups, command output tweaks (#1708996) + +* Tue Jun 25 2019 Björn Esser - 242-5.git7a6d834 +- Rebuilt (libqrencode.so.4) + +* Tue Jun 25 2019 Miro Hrončok - 242-4.git7a6d834 +- Rebuilt for iptables update (libip4tc.so.2) + +* Fri Apr 26 2019 Zbigniew Jędrzejewski-Szmek - 242-3.git7a6d834 +- Add symbol to mark vtable format changes (anything using sd_add_object_vtable + or sd_add_fallback_vtable needs to be rebuilt) +- Fix wireguard ListenPort handling in systemd-networkd +- Fix hang in flush_accept (#1702358) +- Fix handling of RUN keys in udevd +- Some documentation and shell completion updates and minor fixes + +* Tue Apr 16 2019 Adam Williamson - 242-2 +- Rebuild with Meson fix for #1699099 + +* Thu Apr 11 2019 Zbigniew Jędrzejewski-Szmek - 242-1 +- Update to latest release +- Make scriptlet failure non-fatal + +* Tue Apr 9 2019 Zbigniew Jędrzejewski-Szmek - 242~rc4-1 +- Update to latest prerelease + +* Thu Apr 4 2019 Zbigniew Jędrzejewski-Szmek - 242~rc3-1 +- Update to latest prerelease + +* Wed Apr 3 2019 Zbigniew Jędrzejewski-Szmek - 242~rc2-1 +- Update to the latest prerelease. +- The bug reported on latest update that systemd-resolved and systemd-networkd are + re-enabled after upgrade is fixed. + +* Fri Mar 29 2019 Zbigniew Jędrzejewski-Szmek - 241-4.gitcbf14c9 +- Backport various patches from the v241..v242 range: + kernel-install will not create the boot loader entry automatically (#1648907), + various bash completion improvements (#1183769), + memory leaks and such (#1685286). + +* Thu Mar 14 2019 Zbigniew Jędrzejewski-Szmek - 241-3.gitc1f8ff8 +- Declare hyperv and framebuffer devices master-of-seat again (#1683197) + +* Wed Feb 20 2019 Zbigniew Jędrzejewski-Szmek - 241-2.gita09c170 +- Prevent buffer overread in systemd-udevd +- Properly validate dbus paths received over dbus (#1678394, CVE-2019-6454) + +* Sat Feb 9 2019 Zbigniew Jędrzejewski-Szmek - 241~rc2-2 +- Turn LTO back on + +* Tue Feb 5 2019 Zbigniew Jędrzejewski-Szmek - 241~rc2-1 +- Update to latest release -rc2 + +* Sun Feb 03 2019 Fedora Release Engineering - 241~rc1-3 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild + +* Sun Jan 27 2019 Yu Watanabe - 241~rc1-2 +- Backport a patch for kernel-install + +* Sat Jan 26 2019 Zbigniew Jędrzejewski-Szmek - 241~rc1-1 +- Update to latest release -rc1 + +* Tue Jan 15 2019 Zbigniew Jędrzejewski-Szmek - 240-6.gitf02b547 +- Add a work-around for #1663040 + +* Mon Jan 14 2019 Björn Esser - 240-5.gitf02b547 +- Rebuilt for libcrypt.so.2 (#1666033) + +* Fri Jan 11 2019 Zbigniew Jędrzejewski-Szmek - 240-4.gitf02b547 +- Add a work-around for selinux issue on live images (#1663040) + +* Fri Jan 11 2019 Zbigniew Jędrzejewski-Szmek - 240-3.gitf02b547 +- systemd-journald and systemd-journal-remote reject entries which + contain too many fields (CVE-2018-16865, #1664973) and set limits on the + process' command line length (CVE-2018-16864, #1664972) +- $DBUS_SESSION_BUS_ADDRESS is again exported by pam_systemd (#1662857) +- A fix for systemd-udevd crash (#1662303) + +* Sat Dec 22 2018 Zbigniew Jędrzejewski-Szmek - 240-2 +- Add two more patches that revert recent udev changes + +* Fri Dec 21 2018 Zbigniew Jędrzejewski-Szmek - 240-1 +- Update to latest release + See https://github.com/systemd/systemd/blob/master/NEWS for the list of changes. + +* Mon Dec 17 2018 Zbigniew Jędrzejewski-Szmek - 239-10.git9f3aed1 +- Hibernation checks for resume= are rescinded (#1645870) +- Various patches: + - memory issues in logind, networkd, journald (#1653068), sd-device, etc. + - Adaptations for newer meson, lz4, kernel + - Fixes for misleading bugs in documentation +- net.ipv4.conf.all.rp_filter is changed from 1 to 2 + +* Thu Nov 29 2018 Zbigniew Jędrzejewski-Szmek +- Adjust scriptlets to modify /etc/authselect/user-nsswitch.conf + (see https://github.com/pbrezina/authselect/issues/77) +- Drop old scriptlets for nsswitch.conf modifications for nss-mymachines and nss-resolve + +* Sun Nov 18 2018 Alejandro Domínguez Muñoz +- Remove link creation for rsyslog.service + +* Thu Nov 8 2018 Adam Williamson - 239-9.git9f3aed1 +- Go back to using systemctl preset-all in %%post (#1647172, #1118740) + +* Mon Nov 5 2018 Adam Williamson - 239-8.git9f3aed1 +- Requires(post) openssl-libs to fix live image build machine-id issue + See: https://pagure.io/dusty/failed-composes/issue/960 + +* Mon Nov 5 2018 Yu Watanabe +- Set proper attributes to private directories + +* Fri Nov 2 2018 Zbigniew Jędrzejewski-Szmek - 239-7.git9f3aed1 +- Split out the rpm macros into systemd-rpm-macros subpackage (#1645298) + +* Sun Oct 28 2018 Zbigniew Jędrzejewski-Szmek - 239-6.git9f3aed1 +- Fix a local vulnerability from a race condition in chown-recursive (CVE-2018-15687, #1639076) +- Fix a local vulnerability from invalid handling of long lines in state deserialization (CVE-2018-15686, #1639071) +- Fix a remote vulnerability in DHCPv6 in systemd-networkd (CVE-2018-15688, #1639067) +- The DHCP server is started only when link is UP +- DHCPv6 prefix delegation is improved +- Downgrade logging of various messages and add loging in other places +- Many many fixes in error handling and minor memory leaks and such +- Fix typos and omissions in documentation +- Typo in %%_environmnentdir rpm macro is fixed (with backwards compatiblity preserved) +- Matching by MACAddress= in systemd-networkd is fixed +- Creation of user runtime directories is improved, and the user + manager is only stopped after 10 s after the user logs out (#1642460 and other bugs) +- systemd units systemd-timesyncd, systemd-resolved, systemd-networkd are switched back to use DynamicUser=0 +- Aliases are now resolved when loading modules from pid1. This is a (redundant) fix for a brief kernel regression. +- "systemctl --wait start" exits immediately if no valid units are named +- zram devices are not considered as candidates for hibernation +- ECN is not requested for both in- and out-going connections (the sysctl overide for net.ipv4.tcp_ecn is removed) +- Various smaller improvements to unit ordering and dependencies +- generators are now called with the manager's environment +- Handling of invalid (intentionally corrupt) dbus messages is improved, fixing potential local DOS avenues +- The target of symlinks links in .wants/ and .requires/ is now ignored. This fixes an issue where + the unit file would sometimes be loaded from such a symlink, leading to non-deterministic unit contents. +- Filtering of kernel threads is improved. This fixes an issues with newer kernels where hybrid kernel/user + threads are used by bpfilter. +- "noresume" can be used on the kernel command line to force normal boot even if a hibernation images is present +- Hibernation is not advertised if resume= is not present on the kernenl command line +- Hibernation/Suspend/... modes can be disabled using AllowSuspend=, + AllowHibernation=, AllowSuspendThenHibernate=, AllowHybridSleep= +- LOGO= and DOCUMENTATION_URL= are documented for the os-release file +- The hashmap mempool is now only used internally in systemd, and is disabled for external users of the systemd libraries +- Additional state is serialized/deserialized when logind is restarted, fixing the handling of user objects +- Catalog entries for the journal are improved (#1639482) +- If suspend fails, the post-suspend hooks are still called. +- Various build issues on less-common architectures are fixed + +* Wed Oct 3 2018 Jan Synáček - 239-5 +- Fix meson using -Ddebug, which results in FTBFS +- Fix line_begins() to accept word matching full string (#1631840) + +* Mon Sep 10 2018 Zbigniew Jędrzejewski-Szmek - 239-4 +- Move /etc/yum/protected.d/systemd.conf to /etc/dnf/ (#1626969) + +* Wed Jul 18 2018 Terje Rosten - 239-3 +- Ignore return value from systemd-binfmt in scriptlet (#1565425) + +* Sun Jul 15 2018 Filipe Brandenburger - 239-3 +- Override systemd-user PAM config in install and not prep + +* Sat Jul 14 2018 Fedora Release Engineering - 239-3 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild + +* Mon Jun 25 2018 Zbigniew Jędrzejewski-Szmek - 239-2 +- Rebuild for Python 3.7 again + +* Fri Jun 22 2018 Zbigniew Jędrzejewski-Szmek - 239-1 +- Update to latest version, mostly bug fixes and new functionality, + very little breaking changes. See + https://github.com/systemd/systemd/blob/v239/NEWS for details. + +* Tue Jun 19 2018 Miro Hrončok - 238-9.git0e0aa59 +- Rebuilt for Python 3.7 + +* Fri May 11 2018 Zbigniew Jędrzejewski-Szmek - 238-8.git0e0aa59 +- Backport a number of patches (documentation, hwdb updates) +- Fixes for tmpfiles 'e' entries +- systemd-networkd crashes +- XEN virtualization detection on hyper-v +- Avoid relabelling /sys/fs/cgroup if not needed (#1576240) + +* Wed Apr 18 2018 Zbigniew Jędrzejewski-Szmek - 238-7.fc28.1 +- Allow fake Delegate= setting on slices (#1568594) + +* Wed Mar 28 2018 Zbigniew Jędrzejewski-Szmek - 238-7 +- Move udev transfiletriggers to the right package, fix quoting + +* Tue Mar 27 2018 Colin Walters - 238-6 +- Use shell for triggers; see https://github.com/systemd/systemd/pull/8550 + This fixes compatibility with rpm-ostree. + +* Tue Mar 20 2018 Zbigniew Jędrzejewski-Szmek - 238-5 +- Backport patch to revert inadvertent change of "predictable" interface name (#1558027) + +* Fri Mar 16 2018 Zbigniew Jędrzejewski-Szmek - 238-4 +- Do not close dbus connection during dbus reload call (#1554578) + +* Wed Mar 7 2018 Zbigniew Jędrzejewski-Szmek - 238-3 +- Revert the patches for GRUB BootLoaderSpec support +- Add patch for /etc/machine-id creation (#1552843) + +* Tue Mar 6 2018 Yu Watanabe - 238-2 +- Fix transfiletrigger script (#1551793) + +* Mon Mar 5 2018 Zbigniew Jędrzejewski-Szmek - 238-1 +- Update to latest version +- This fixes a hard-to-trigger potential vulnerability (CVE-2018-6954) +- New transfiletriggers are installed for udev hwdb and rules, the journal + catalog, sysctl.d, binfmt.d, sysusers.d, tmpfiles.d. + +* Tue Feb 27 2018 Javier Martinez Canillas - 237-7.git84c8da5 +- Add patch to install kernel images for GRUB BootLoaderSpec support + +* Sat Feb 24 2018 Zbigniew Jędrzejewski-Szmek - 237-6.git84c8da5 +- Create /etc/systemd in %%post libs if necessary (#1548607) + +* Fri Feb 23 2018 Adam Williamson - 237-5.git84c8da5 +- Use : not touch to create file in -libs %%post + +* Thu Feb 22 2018 Patrick Uiterwijk - 237-4.git84c8da5 +- Add coreutils dep for systemd-libs %%post +- Add patch to typecast USB IDs to avoid compile failure + +* Wed Feb 21 2018 Zbigniew Jędrzejewski-Szmek - 237-3.git84c8da5 +- Update some patches for test skipping that were updated upstream + before merging +- Add /usr/lib/systemd/purge-nobody-user — a script to check if nobody is defined + correctly and possibly replace existing mappings + +* Tue Feb 20 2018 Zbigniew Jędrzejewski-Szmek - 237-2.gitdff4849 +- Backport a bunch of patches, most notably for the journal and various + memory issues. Some minor build fixes. +- Switch to new ldconfig macros that do nothing in F28+ +- /etc/systemd/dont-synthesize-nobody is created in %%post if nfsnobody + or nobody users are defined (#1537262) + +* Fri Feb 9 2018 Zbigniew Jędrzejeweski-Szmek - 237-1.git78bd769 +- Update to first stable snapshot (various minor memory leaks and misaccesses, + some documentation bugs, build fixes). + +* Sun Jan 28 2018 Zbigniew Jędrzejewski-Szmek - 237-1 +- Update to latest version + +* Sun Jan 21 2018 Björn Esser - 236-4.git3e14c4c +- Add patch to include if needed + +* Sat Jan 20 2018 Björn Esser - 236-3.git3e14c4c +- Rebuilt for switch to libxcrypt + +* Thu Jan 11 2018 Zbigniew Jędrzejewski-Szmek - 236-2.git23e14c4 +- Backport a bunch of bugfixes from upstream (#1531502, #1531381, #1526621 + various memory corruptions in systemd-networkd) +- /dev/kvm is marked as a static node which fixes permissions on s390x + and ppc64 (#1532382) + +* Fri Dec 15 2017 Zbigniew Jędrzejewski-Szmek - 236-1 +- Update to latest version + +* Mon Dec 11 2017 Zbigniew Jędrzejewski-Szmek - 235-5.git4a0e928 +- Update to latest git snapshot, do not build for realz +- Switch to libidn2 again (#1449145) + +* Tue Nov 07 2017 Zbigniew Jędrzejewski-Szmek - 235-4 +- Rebuild for cryptsetup-2.0.0-0.2.fc28 + +* Wed Oct 25 2017 Zbigniew Jędrzejewski-Szmek - 235-3 +- Backport a bunch of patches, including LP#172535 + +* Wed Oct 18 2017 Zbigniew Jędrzejewski-Szmek - 235-2 +- Patches for cryptsetup _netdev + +* Fri Oct 6 2017 Zbigniew Jędrzejewski-Szmek - 235-1 +- Update to latest version + +* Tue Sep 26 2017 Nathaniel McCallum - 234-8 +- Backport /etc/crypttab _netdev feature from upstream + +* Thu Sep 21 2017 Michal Sekletar - 234-7 +- Make sure to remove all device units sharing the same sysfs path (#1475570) + +* Mon Sep 18 2017 Zbigniew Jędrzejewski-Szmek - 234-6 +- Bump xslt recursion limit for libxslt-1.30 + +* Mon Jul 31 2017 Zbigniew Jędrzejewski-Szmek - 234-5 +- Backport more patches (#1476005, hopefully #1462378) + +* Thu Jul 27 2017 Fedora Release Engineering - 234-4 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild + +* Mon Jul 17 2017 Zbigniew Jędrzejewski-Szmek - 234-3 +- Fix x-systemd.timeout=0 in /etc/fstab (#1462378) +- Minor patches (memleaks, --help fixes, seccomp on arm64) + +* Thu Jul 13 2017 Zbigniew Jędrzejewski-Szmek - 234-2 +- Create kvm group (#1431876) + +* Thu Jul 13 2017 Zbigniew Jędrzejewski-Szmek - 234-1 +- Latest release + +* Sat Jul 1 2017 Zbigniew Jędrzejewski-Szmek - 233-7.git74d8f1c +- Update to snapshot +- Build with meson again + +* Tue Jun 27 2017 Zbigniew Jędrzejewski-Szmek - 233-6 +- Fix an out-of-bounds write in systemd-resolved (CVE-2017-9445) + +* Fri Jun 16 2017 Zbigniew Jędrzejewski-Szmek - 233-5.gitec36d05 +- Update to snapshot version, build with meson + +* Thu Jun 15 2017 Zbigniew Jędrzejewski-Szmek - 233-4 +- Backport a bunch of small fixes (memleaks, wrong format strings, + man page clarifications, shell completion) +- Fix systemd-resolved crash on crafted DNS packet (CVE-2017-9217, #1455493) +- Fix systemd-vconsole-setup.service error on systems with no VGA console (#1272686) +- Drop soft-static uid for systemd-journal-gateway +- Use ID from /etc/os-release as ntpvendor + +* Thu Mar 16 2017 Michal Sekletar - 233-3 +- Backport bugfixes from upstream +- Don't return error when machinectl couldn't figure out container IP addresses (#1419501) + +* Thu Mar 2 2017 Zbigniew Jędrzejewski-Szmek - 233-2 +- Fix installation conflict with polkit + +* Thu Mar 2 2017 Zbigniew Jędrzejewski-Szmek - 233-1 +- New upstream release (#1416201, #1405439, #1420753, many others) +- New systemd-tests subpackage with "installed tests" + +* Thu Feb 16 2017 Zbigniew Jędrzejewski-Szmek - 232-15 +- Add %%ghost %%dir entries for .wants dirs of our targets (#1422894) + +* Tue Feb 14 2017 Zbigniew Jędrzejewski-Szmek - 232-14 +- Ignore the hwdb parser test + +* Tue Feb 14 2017 Jan Synáček - 232-14 +- machinectl fails when virtual machine is running (#1419501) + +* Sat Feb 11 2017 Fedora Release Engineering - 232-13 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_26_Mass_Rebuild + +* Tue Jan 31 2017 Zbigniew Jędrzejewski-Szmek - 232-12 +- Backport patch for initrd-switch-root.service getting killed (#1414904) +- Fix sd-journal-gatewayd -D, --trust, and COREDUMP_CONTAINER_CMDLINE + extraction by sd-coredump. + +* Sun Jan 29 2017 zbyszek - 232-11 +- Backport a number of patches (#1411299, #1413075, #1415745, + ##1415358, #1416588, #1408884) +- Fix various memleaks and unitialized variable access +- Shell completion enhancements +- Enable TPM logging by default (#1411156) +- Update hwdb (#1270124) + +* Thu Jan 19 2017 Adam Williamson - 232-10 +- Backport fix for boot failure in initrd-switch-root (#1414904) + +* Wed Jan 18 2017 Zbigniew Jędrzejewski-Szmek - 232-9 +- Add fake dependency on systemd-pam to systemd-devel to ensure systemd-pam + is available as multilib (#1414153) + +* Tue Jan 17 2017 Zbigniew Jędrzejewski-Szmek - 232-8 +- Fix buildsystem to check for lz4 correctly (#1404406) + +* Wed Jan 11 2017 Zbigniew Jędrzejewski-Szmek - 232-7 +- Various small tweaks to scriplets + +* Sat Jan 07 2017 Kevin Fenzi - 232-6 +- Fix scriptlets to never fail in libs post + +* Fri Jan 06 2017 Kevin Fenzi - 232-5 +- Add patch from Michal Schmidt to avoid process substitution (#1392236) + +* Sun Nov 6 2016 Zbigniew Jędrzejewski-Szmek - 232-4 +- Rebuild (#1392236) + +* Fri Nov 4 2016 Zbigniew Jędrzejewski-Szmek - 232-3 +- Make /etc/dbus-1/system.d directory non-%%ghost + +* Fri Nov 4 2016 Zbigniew Jędrzejewski-Szmek - 232-2 +- Fix kernel-install (#1391829) +- Restore previous systemd-user PAM config (#1391836) +- Move journal-upload.conf.5 from systemd main to journal-remote subpackage (#1391833) +- Fix permissions on /var/lib/systemd/journal-upload (#1262665) + +* Thu Nov 3 2016 Zbigniew Jędrzejewski-Szmek - 232-1 +- Update to latest version (#998615, #1181922, #1374371, #1390704, #1384150, #1287161) +- Add %%{_isa} to Provides on arch-full packages (#1387912) +- Create systemd-coredump user in %%pre (#1309574) +- Replace grubby patch with a short-circuiting install.d "plugin" +- Enable nss-systemd in the passwd, group lines in nsswith.conf +- Add [!UNAVAIL=return] fallback after nss-resolve in hosts line in nsswith.conf +- Move systemd-nspawn man pages to the right subpackage (#1391703) + +* Tue Oct 18 2016 Jan Synáček - 231-11 +- SPC - Cannot restart host operating from container (#1384523) + +* Sun Oct 9 2016 Zbigniew Jędrzejewski-Szmek - 231-10 +- Do not recreate /var/log/journal on upgrades (#1383066) +- Move nss-myhostname provides to systemd-libs (#1383271) + +* Fri Oct 7 2016 Zbigniew Jędrzejewski-Szmek - 231-9 +- Fix systemctl set-default (#1374371) +- Prevent systemd-udev-trigger.service from restarting (follow-up for #1378974) + +* Tue Oct 4 2016 Zbigniew Jędrzejewski-Szmek - 231-8 +- Apply fix for #1378974 + +* Mon Oct 3 2016 Zbigniew Jędrzejewski-Szmek - 231-7 +- Apply patches properly + +* Thu Sep 29 2016 Zbigniew Jędrzejewski-Szmek - 231-6 +- Better fix for (#1380286) + +* Thu Sep 29 2016 Zbigniew Jędrzejewski-Szmek - 231-5 +- Denial-of-service bug against pid1 (#1380286) + +* Thu Aug 25 2016 Zbigniew Jędrzejewski-Szmek - 231-4 +- Fix preset-all (#1363858) +- Fix issue with daemon-reload messing up graphics (#1367766) +- A few other bugfixes + +* Wed Aug 03 2016 Adam Williamson - 231-3 +- Revert preset-all change, it broke stuff (#1363858) + +* Wed Jul 27 2016 Zbigniew Jędrzejewski-Szmek - 231-2 +- Call preset-all on initial installation (#1118740) +- Fix botched Recommends for libxkbcommon + +* Tue Jul 26 2016 Zbigniew Jędrzejewski-Szmek - 231-1 +- Update to latest version + +* Wed Jun 8 2016 Zbigniew Jędrzejewski-Szmek - 230-3 +- Update to latest git snapshot (fixes for systemctl set-default, + polkit lingering policy, reversal of the framebuffer rules, + unaligned access fixes, fix for StartupBlockIOWeight-over-dbus). + Those changes are interspersed with other changes and new features + (mostly in lldp, networkd, and nspawn). Some of those new features + might not work, but I think that existing functionality should not + be broken, so it seems worthwile to update to the snapshot. + +* Sat May 21 2016 Zbigniew Jędrzejewski-Szmek - 230-2 +- Remove systemd-compat-libs on upgrade + +* Sat May 21 2016 Zbigniew Jędrzejewski-Szmek - 230-1 +- New version +- Drop compat-libs +- Require libxkbcommon explictly, since the automatic dependency will + not be generated anymore + +* Tue Apr 26 2016 Zbigniew Jędrzejewski-Szmek - 229-15 +- Remove duplicated entries in -container %%files (#1330395) + +* Fri Apr 22 2016 Zbigniew Jędrzejewski-Szmek - 229-14 +- Move installation of udev services to udev subpackage (#1329023) + +* Mon Apr 18 2016 Zbigniew Jędrzejewski-Szmek - 229-13 +- Split out systemd-pam subpackage (#1327402) + +* Mon Apr 18 2016 Harald Hoyer - 229-12 +- move more binaries and services from the main package to subpackages + +* Mon Apr 18 2016 Harald Hoyer - 229-11 +- move more binaries and services from the main package to subpackages + +* Mon Apr 18 2016 Harald Hoyer - 229-10 +- move device dependant stuff to the udev subpackage + +* Tue Mar 22 2016 Zbigniew Jędrzejewski-Szmek - 229-9 +- Add myhostname to /etc/nsswitch.conf (#1318303) + +* Mon Mar 21 2016 Harald Hoyer - 229-8 +- fixed kernel-install for copying files for grubby +Resolves: rhbz#1299019 + +* Thu Mar 17 2016 Zbigniew Jędrzejewski-Szmek - 229-7 +- Moar patches (#1316964, #1317928) +- Move vconsole-setup and tmpfiles-setup-dev bits to systemd-udev +- Protect systemd-udev from deinstallation + +* Fri Mar 11 2016 Zbigniew Jędrzejewski-Szmek - 229-6 +- Create /etc/resolv.conf symlink from systemd-resolved (#1313085) + +* Fri Mar 4 2016 Zbigniew Jędrzejewski-Szmek - 229-5 +- Split out systemd-container subpackage (#1163412) +- Split out system-udev subpackage +- Add various bugfix patches, incl. a tentative fix for #1308771 + +* Tue Mar 1 2016 Peter Robinson 229-4 +- Power64 and s390(x) now have libseccomp support +- aarch64 has gnu-efi + +* Tue Feb 23 2016 Jan Synáček - 229-3 +- Fix build failures on ppc64 (#1310800) + +* Tue Feb 16 2016 Dennis Gilmore - 229-2 +- revert: fixed kernel-install for copying files for grubby +Resolves: rhbz#1299019 +- this causes the dtb files to not get installed at all and the fdtdir +- line in extlinux.conf to not get updated correctly + +* Thu Feb 11 2016 Michal Sekletar - 229-1 +- New upstream release + +* Thu Feb 11 2016 Harald Hoyer - 228-10.gite35a787 +- fixed kernel-install for copying files for grubby +Resolves: rhbz#1299019 + +* Fri Feb 05 2016 Fedora Release Engineering - 228-9.gite35a787 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild + +* Wed Jan 27 2016 Peter Robinson 228-8.gite35a787 +- Rebuild for binutils on aarch64 fix + +* Fri Jan 08 2016 Dan Horák - 228-7.gite35a787 +- apply the conflict with fedora-release only in Fedora + +* Thu Dec 10 2015 Jan Synáček - 228-6.gite35a787 +- Fix rawhide build failures on ppc64 (#1286249) + +* Sun Nov 29 2015 Zbigniew Jędrzejewski-Szmek - 228-6.gite35a787 +- Create /etc/systemd/network (#1286397) + +* Thu Nov 26 2015 Zbigniew Jędrzejewski-Szmek - 228-5.gite35a787 +- Do not install nss modules by default + +* Tue Nov 24 2015 Zbigniew Jędrzejewski-Szmek - 228-4.gite35a787 +- Update to latest upstream git: there is a bunch of fixes + (nss-mymachines overflow bug, networkd fixes, more completions are + properly installed), mixed with some new resolved features. +- Rework file triggers so that they always run before daemons are restarted + +* Thu Nov 19 2015 Zbigniew Jędrzejewski-Szmek - 228-3 +- Enable rpm file triggers for daemon-reload + +* Thu Nov 19 2015 Zbigniew Jędrzejewski-Szmek - 228-2 +- Fix version number in obsoleted package name (#1283452) + +* Wed Nov 18 2015 Kay Sievers - 228-1 +- New upstream release + +* Thu Nov 12 2015 Zbigniew Jędrzejewski-Szmek - 227-7 +- Rename journal-gateway subpackage to journal-remote +- Ignore the access mode on /var/log/journal (#1048424) +- Do not assume fstab is present (#1281606) + +* Wed Nov 11 2015 Fedora Release Engineering - 227-6 +- Rebuilt for https://fedoraproject.org/wiki/Changes/python3.5 + +* Tue Nov 10 2015 Lukáš Nykrýn - 227-5 +- Rebuild for libmicrohttpd soname bump + +* Fri Nov 06 2015 Robert Kuska - 227-4 +- Rebuilt for Python3.5 rebuild + +* Wed Nov 4 2015 Zbigniew Jędrzejewski-Szmek - 227-3 +- Fix syntax in kernel-install (#1277264) + +* Tue Nov 03 2015 Michal Schmidt - 227-2 +- Rebuild for libmicrohttpd soname bump. + +* Wed Oct 7 2015 Kay Sievers - 227-1 +- New upstream release + +* Fri Sep 18 2015 Jan Synáček - 226-3 +- user systemd-journal-upload should be in systemd-journal group (#1262743) + +* Fri Sep 18 2015 Kay Sievers - 226-2 +- Add selinux to system-user PAM config + +* Tue Sep 8 2015 Kay Sievers - 226-1 +- New upstream release + +* Thu Aug 27 2015 Kay Sievers - 225-1 +- New upstream release + +* Fri Jul 31 2015 Kay Sievers - 224-1 +- New upstream release + +* Wed Jul 29 2015 Kay Sievers - 223-2 +- update to git snapshot + +* Wed Jul 29 2015 Kay Sievers - 223-1 +- New upstream release + +* Thu Jul 9 2015 Zbigniew Jędrzejewski-Szmek - 222-2 +- Remove python subpackages (python-systemd in now standalone) + +* Tue Jul 7 2015 Kay Sievers - 222-1 +- New upstream release + +* Mon Jul 6 2015 Kay Sievers - 221-5.git619b80a +- update to git snapshot + +* Mon Jul 6 2015 Zbigniew Jędrzejewski-Szmek - 221-4.git604f02a +- Add example file with yama config (#1234951) + +* Sun Jul 5 2015 Kay Sievers - 221-3.git604f02a +- update to git snapshot + +* Mon Jun 22 2015 Kay Sievers - 221-2 +- build systemd-boot EFI tools + +* Fri Jun 19 2015 Lennart Poettering - 221-1 +- New upstream release +- Undoes botched translation check, should be reinstated later? + +* Fri Jun 19 2015 Fedora Release Engineering - 220-10 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild + +* Thu Jun 11 2015 Peter Robinson 220-9 +- The gold linker is now fixed on aarch64 + +* Tue Jun 9 2015 Zbigniew Jędrzejewski-Szmek - 220-8 +- Remove gudev which is now provided as separate package (libgudev) +- Fix for spurious selinux denials (#1224211) +- Udev change events (#1225905) +- Patches for some potential crashes +- ProtectSystem=yes does not touch /home +- Man page fixes, hwdb updates, shell completion updates +- Restored persistent device symlinks for bcache, xen block devices +- Tag all DRM cards as master-of-seat + +* Tue Jun 09 2015 Harald Hoyer 220-7 +- fix udev block device watch + +* Tue Jun 09 2015 Harald Hoyer 220-6 +- add support for network disk encryption + +* Sun Jun 7 2015 Peter Robinson 220-5 +- Disable gold on aarch64 until it's fixed (tracked in rhbz #1225156) + +* Sat May 30 2015 Zbigniew Jędrzejewski-Szmek - 220-4 +- systemd-devel should require systemd-libs, not the main package (#1226301) +- Check for botched translations (#1226566) +- Make /etc/udev/hwdb.d part of the rpm (#1226379) + +* Thu May 28 2015 Richard W.M. Jones - 220-3 +- Add patch to fix udev --daemon not cleaning child processes + (upstream commit 86c3bece38bcf5). + +* Wed May 27 2015 Richard W.M. Jones - 220-2 +- Add patch to fix udev --daemon crash (upstream commit 040e689654ef08). + +* Thu May 21 2015 Lennart Poettering - 220-1 +- New upstream release +- Drop /etc/mtab hack, as that's apparently fixed in mock now (#1116158) +- Remove ghosting for /etc/systemd/system/runlevel*.target, these + targets are not configurable anymore in systemd upstream +- Drop work-around for #1002806, since this is solved upstream now + +* Wed May 20 2015 Dennis Gilmore - 219-15 +- fix up the conflicts version for fedora-release + +* Wed May 20 2015 Zbigniew Jędrzejewski-Szmek - 219-14 +- Remove presets (#1221340) +- Fix (potential) crash and memory leak in timedated, locking failure + in systemd-nspawn, crash in resolved. +- journalctl --list-boots should be faster +- zsh completions are improved +- various ommissions in docs are corrected (#1147651) +- VARIANT and VARIANT_ID fields in os-release are documented +- systemd-fsck-root.service is generated in the initramfs (#1201979, #1107818) +- systemd-tmpfiles should behave better on read-only file systems (#1207083) + +* Wed Apr 29 2015 Zbigniew Jędrzejewski-Szmek - 219-13 +- Patches for some outstanding annoyances +- Small keyboard hwdb updates + +* Wed Apr 8 2015 Zbigniew Jędrzejewski-Szmek - 219-12 +- Tighten requirements between subpackages (#1207381). + +* Sun Mar 22 2015 Zbigniew Jędrzejewski-Szmek - 219-11 +- Move all parts systemd-journal-{remote,upload} to + systemd-journal-gatewayd subpackage (#1193143). +- Create /var/lib/systemd/journal-upload directory (#1193145). +- Cut out lots of stupid messages at debug level which were obscuring more + important stuff. +- Apply "tentative" state for devices only when they are added, not removed. +- Ignore invalid swap pri= settings (#1204336) +- Fix SELinux check for timedated operations to enable/disable ntp (#1014315) +- Fix comparing of filesystem paths (#1184016) + +* Sat Mar 14 2015 Zbigniew Jędrzejewski-Szmek - 219-10 +- Fixes for bugs 1186018, 1195294, 1185604, 1196452. +- Hardware database update. +- Documentation fixes. +- A fix for journalctl performance regression. +- Fix detection of inability to open files in journalctl. +- Detect SuperH architecture properly. +- The first of duplicate lines in tmpfiles wins again. +- Do vconsole setup after loading vconsole driver, not fbcon. +- Fix problem where some units were restarted during systemd reexec. +- Fix race in udevadm settle tripping up NetworkManager. +- Downgrade various log messages. +- Fix issue where journal-remote would process some messages with a delay. +- GPT /srv partition autodiscovery is fixed. +- Reconfigure old Finnish keymaps in post (#1151958) + +* Tue Mar 10 2015 Jan Synáček - 219-9 +- Buttons on Lenovo X6* tablets broken (#1198939) + +* Tue Mar 3 2015 Zbigniew Jędrzejewski-Szmek - 219-8 +- Reworked device handling (#1195761) +- ACL handling fixes (with a script in %%post) +- Various log messages downgraded (#1184712) +- Allow PIE on s390 again (#1197721) + +* Wed Feb 25 2015 Michal Schmidt - 219-7 +- arm: reenable lto. gcc-5.0.0-0.16 fixed the crash (#1193212) + +* Tue Feb 24 2015 Colin Walters - 219-6 +- Revert patch that breaks Atomic/OSTree (#1195761) + +* Fri Feb 20 2015 Michal Schmidt - 219-5 +- Undo the resolv.conf workaround, Aim for a proper fix in Rawhide. + +* Fri Feb 20 2015 Michal Schmidt - 219-4 +- Revive fedora-disable-resolv.conf-symlink.patch to unbreak composes. + +* Wed Feb 18 2015 Michal Schmidt - 219-3 +- arm: disabling gold did not help; disable lto instead (#1193212) + +* Tue Feb 17 2015 Peter Jones - 219-2 +- Update 90-default.present for dbxtool. + +* Mon Feb 16 2015 Lennart Poettering - 219-1 +- New upstream release +- This removes the sysctl/bridge hack, a different solution needs to be found for this (see #634736) +- This removes the /etc/resolv.conf hack, anaconda needs to fix their handling of /etc/resolv.conf as symlink +- This enables "%%check" +- disable gold on arm, as that is broken (see #1193212) + +* Mon Feb 16 2015 Peter Robinson 218-6 +- aarch64 now has seccomp support + +* Thu Feb 05 2015 Michal Schmidt - 218-5 +- Don't overwrite systemd.macros with unrelated Source file. + +* Thu Feb 5 2015 Jan Synáček - 218-4 +- Add a touchpad hwdb (#1189319) + +* Thu Jan 15 2015 Zbigniew Jędrzejewski-Szmek - 218-4 +- Enable xkbcommon dependency to allow checking of keymaps +- Fix permissions of /var/log/journal (#1048424) +- Enable timedatex in presets (#1187072) +- Disable rpcbind in presets (#1099595) + +* Wed Jan 7 2015 Jan Synáček - 218-3 +- RFE: journal: automatically rotate the file if it is unlinked (#1171719) + +* Mon Jan 05 2015 Zbigniew Jędrzejewski-Szmek - 218-3 +- Add firewall description files (#1176626) + +* Thu Dec 18 2014 Jan Synáček - 218-2 +- systemd-nspawn doesn't work on s390/s390x (#1175394) + +* Wed Dec 10 2014 Lennart Poettering - 218-1 +- New upstream release +- Enable "nss-mymachines" in /etc/nsswitch.conf + +* Thu Nov 06 2014 Zbigniew Jędrzejewski-Szmek - 217-4 +- Change libgudev1 to only require systemd-libs (#727499), there's + no need to require full systemd stack. +- Fixes for bugs #1159448, #1152220, #1158035. +- Bash completions updates to allow propose more units for start/restart, + and completions for set-default,get-default. +- Again allow systemctl enable of instances. +- Hardware database update and fixes. +- Udev crash on invalid options and kernel commandline timeout parsing are fixed. +- Add "embedded" chassis type. +- Sync before 'reboot -f'. +- Fix restarting of timer units. + +* Wed Nov 05 2014 Michal Schmidt - 217-3 +- Fix hanging journal flush (#1159641) + +* Fri Oct 31 2014 Michal Schmidt - 217-2 +- Fix ordering cycles involving systemd-journal-flush.service and + remote-fs.target (#1159117) + +* Tue Oct 28 2014 Lennart Poettering - 217-1 +- New upstream release + +* Fri Oct 17 2014 Zbigniew Jędrzejewski-Szmek - 216-12 +- Drop PackageKit.service from presets (#1154126) + +* Mon Oct 13 2014 Zbigniew Jędrzejewski-Szmek - 216-11 +- Conflict with old versions of initscripts (#1152183) +- Remove obsolete Finnish keymap (#1151958) + +* Fri Oct 10 2014 Zbigniew Jędrzejewski-Szmek - 216-10 +- Fix a problem with voluntary daemon exits and some other bugs + (#1150477, #1095962, #1150289) + +* Fri Oct 03 2014 Zbigniew Jędrzejewski-Szmek - 216-9 +- Update to latest git, but without the readahead removal patch + (#1114786, #634736) + +* Wed Oct 01 2014 Kay Sievers - 216-8 +- revert "don't reset selinux context during CHANGE events" + +* Wed Oct 01 2014 Lukáš Nykrýn - 216-7 +- add temporary workaround for #1147910 +- don't reset selinux context during CHANGE events + +* Wed Sep 10 2014 Michal Schmidt - 216-6 +- Update timesyncd with patches to avoid hitting NTP pool too often. + +* Tue Sep 09 2014 Michal Schmidt - 216-5 +- Use common CONFIGURE_OPTS for build2 and build3. +- Configure timesyncd with NTP servers from Fedora/RHEL vendor zone. + +* Wed Sep 03 2014 Zbigniew Jędrzejewski-Szmek - 216-4 +- Move config files for sd-j-remote/upload to sd-journal-gateway subpackage (#1136580) + +* Thu Aug 28 2014 Peter Robinson 216-3 +- Drop no LTO build option for aarch64/s390 now it's fixed in binutils (RHBZ 1091611) + +* Thu Aug 21 2014 Zbigniew Jędrzejewski-Szmek - 216-2 +- Re-add patch to disable resolve.conf symlink (#1043119) + +* Wed Aug 20 2014 Lennart Poettering - 216-1 +- New upstream release + +* Mon Aug 18 2014 Fedora Release Engineering - 215-12 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild + +* Wed Aug 13 2014 Dan Horák 215-11 +- disable LTO also on s390(x) + +* Sat Aug 09 2014 Harald Hoyer 215-10 +- fixed PPC64LE + +* Wed Aug 6 2014 Tom Callaway - 215-9 +- fix license handling + +* Wed Jul 30 2014 Zbigniew Jędrzejewski-Szmek - 215-8 +- Create systemd-journal-remote and systemd-journal-upload users (#1118907) + +* Thu Jul 24 2014 Zbigniew Jędrzejewski-Szmek - 215-7 +- Split out systemd-compat-libs subpackage + +* Tue Jul 22 2014 Kalev Lember - 215-6 +- Rebuilt for gobject-introspection 1.41.4 + +* Mon Jul 21 2014 Zbigniew Jędrzejewski-Szmek - 215-5 +- Fix SELinux context of /etc/passwd-, /etc/group-, /etc/.updated (#1121806) +- Add missing BR so gnutls and elfutils are used + +* Sat Jul 19 2014 Zbigniew Jędrzejewski-Szmek - 215-4 +- Various man page updates +- Static device node logic is conditionalized on CAP_SYS_MODULES instead of CAP_MKNOD + for better behaviour in containers +- Some small networkd link handling fixes +- vconsole-setup runs setfont before loadkeys (https://bugs.freedesktop.org/show_bug.cgi?id=80685) +- New systemd-escape tool +- XZ compression settings are tweaked to greatly improve journald performance +- "watch" is accepted as chassis type +- Various sysusers fixes, most importantly correct selinux labels +- systemd-timesyncd bug fix (https://bugs.freedesktop.org/show_bug.cgi?id=80932) +- Shell completion improvements +- New udev tag ID_SOFTWARE_RADIO can be used to instruct logind to allow user access +- XEN and s390 virtualization is properly detected + +* Mon Jul 07 2014 Colin Walters - 215-3 +- Add patch to disable resolve.conf symlink (#1043119) + +* Sun Jul 06 2014 Zbigniew Jędrzejewski-Szmek - 215-2 +- Move systemd-journal-remote to systemd-journal-gateway package (#1114688) +- Disable /etc/mtab handling temporarily (#1116158) + +* Thu Jul 03 2014 Lennart Poettering - 215-1 +- New upstream release +- Enable coredump logic (which abrt would normally override) + +* Sun Jun 29 2014 Peter Robinson 214-5 +- On aarch64 disable LTO as it still has issues on that arch + +* Thu Jun 26 2014 Zbigniew Jędrzejewski-Szmek - 214-4 +- Bugfixes (#996133, #1112908) + +* Mon Jun 23 2014 Zbigniew Jędrzejewski-Szmek - 214-3 +- Actually create input group (#1054549) + +* Sun Jun 22 2014 Zbigniew Jędrzejewski-Szmek - 214-2 +- Do not restart systemd-logind on upgrades (#1110697) +- Add some patches (#1081429, #1054549, #1108568, #928962) + +* Wed Jun 11 2014 Lennart Poettering - 214-1 +- New upstream release +- Get rid of "floppy" group, since udev uses "disk" now +- Reenable LTO + +* Sun Jun 08 2014 Fedora Release Engineering - 213-4 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild + +* Wed May 28 2014 Kay Sievers - 213-3 +- fix systemd-timesync user creation + +* Wed May 28 2014 Michal Sekletar - 213-2 +- Create temporary files after installation (#1101983) +- Add sysstat-collect.timer, sysstat-summary.timer to preset policy (#1101621) + +* Wed May 28 2014 Kay Sievers - 213-1 +- New upstream release + +* Tue May 27 2014 Kalev Lember - 212-6 +- Rebuilt for https://fedoraproject.org/wiki/Changes/Python_3.4 + +* Fri May 23 2014 Adam Williamson - 212-5 +- revert change from 212-4, causes boot fail on single CPU boxes (RHBZ 1095891) + +* Wed May 07 2014 Kay Sievers - 212-4 +- add netns udev workaround + +* Wed May 07 2014 Michal Sekletar - 212-3 +- enable uuidd.socket by default (#1095353) + +* Sat Apr 26 2014 Peter Robinson 212-2 +- Disable building with -flto for the moment due to gcc 4.9 issues (RHBZ 1091611) + +* Tue Mar 25 2014 Lennart Poettering - 212-1 +- New upstream release + +* Mon Mar 17 2014 Peter Robinson 211-2 +- Explicitly define which upstream platforms support libseccomp + +* Tue Mar 11 2014 Lennart Poettering - 211-1 +- New upstream release + +* Mon Mar 10 2014 Zbigniew Jędrzejewski-Szmek - 210-8 +- Fix logind unpriviledged reboot issue and a few other minor fixes +- Limit generator execution time +- Recognize buttonless joystick types + +* Fri Mar 07 2014 Karsten Hopp 210-7 +- ppc64le needs link warnings disabled, too + +* Fri Mar 07 2014 Karsten Hopp 210-6 +- move ifarch ppc64le to correct place (libseccomp req) + +* Fri Mar 07 2014 Zbigniew Jędrzejewski-Szmek - 210-5 +- Bugfixes: #1047568, #1047039, #1071128, #1073402 +- Bash completions for more systemd tools +- Bluetooth database update +- Manpage fixes + +* Thu Mar 06 2014 Zbigniew Jędrzejewski-Szmek - 210-4 +- Apply work-around for ppc64le too (#1073647). + +* Sat Mar 01 2014 Zbigniew Jędrzejewski-Szmek - 210-3 +- Backport a few patches, add completion for systemd-nspawn. + +* Fri Feb 28 2014 Zbigniew Jędrzejewski-Szmek - 210-3 +- Apply work-arounds for ppc/ppc64 for bugs 1071278 and 1071284 + +* Mon Feb 24 2014 Lennart Poettering - 210-2 +- Check more services against preset list and enable by default + +* Mon Feb 24 2014 Lennart Poettering - 210-1 +- new upstream release + +* Sun Feb 23 2014 Zbigniew Jędrzejewski-Szmek - 209-2.gitf01de96 +- Enable dnssec-triggerd.service by default (#1060754) + +* Sun Feb 23 2014 Kay Sievers - 209-2.gitf01de96 +- git snapshot to sort out ARM build issues + +* Thu Feb 20 2014 Lennart Poettering - 209-1 +- new upstream release + +* Tue Feb 18 2014 Zbigniew Jędrzejewski-Szmek - 208-15 +- Make gpsd lazily activated (#1066421) + +* Mon Feb 17 2014 Zbigniew Jędrzejewski-Szmek - 208-14 +- Back out patch which causes user manager to be destroyed when unneeded + and spams logs (#1053315) + +* Sun Feb 16 2014 Zbigniew Jędrzejewski-Szmek - 208-13 +- A different fix for #1023820 taken from Mageia +- Backported fix for #997031 +- Hardward database updates, man pages improvements, a few small memory + leaks, utf-8 correctness and completion fixes +- Support for key-slot option in crypttab + +* Sat Jan 25 2014 Ville Skyttä - 208-12 +- Own the %%{_prefix}/lib/kernel(/*) and %%{_datadir}/zsh(/*) dirs. + +* Tue Dec 03 2013 Zbigniew Jędrzejewski-Szmek - 208-11 +- Backport a few fixes, relevant documentation updates, and HWDB changes + (#1051797, #1051768, #1047335, #1047304, #1047186, #1045849, #1043304, + #1043212, #1039351, #1031325, #1023820, #1017509, #953077) +- Flip journalctl to --full by default (#984758) + +* Tue Dec 03 2013 Zbigniew Jędrzejewski-Szmek - 208-9 +- Apply two patches for #1026860 + +* Tue Dec 03 2013 Zbigniew Jędrzejewski-Szmek - 208-8 +- Bump release to stay ahead of f20 + +* Tue Dec 03 2013 Zbigniew Jędrzejewski-Szmek - 208-7 +- Backport patches (#1023041, #1036845, #1006386?) +- HWDB update +- Some small new features: nspawn --drop-capability=, running PID 1 under + valgrind, "yearly" and "annually" in calendar specifications +- Some small documentation and logging updates + +* Tue Nov 19 2013 Zbigniew Jędrzejewski-Szmek - 208-6 +- Bump release to stay ahead of f20 + +* Tue Nov 19 2013 Zbigniew Jędrzejewski-Szmek - 208-5 +- Use unit name in PrivateTmp= directories (#957439) +- Update manual pages, completion scripts, and hardware database +- Configurable Timeouts/Restarts default values +- Support printing of timestamps on the console +- Fix some corner cases in detecting when writing to the console is safe +- Python API: convert keyword values to string, fix sd_is_booted() wrapper +- Do not tread missing /sbin/fsck.btrfs as an error (#1015467) +- Allow masking of fsck units +- Advertise hibernation to swap files +- Fix SO_REUSEPORT settings +- Prefer converted xkb keymaps to legacy keymaps (#981805, #1026872) +- Make use of newer kmod +- Assorted bugfixes: #1017161, #967521, #988883, #1027478, #821723, #1014303 + +* Tue Oct 22 2013 Zbigniew Jędrzejewski-Szmek - 208-4 +- Add temporary fix for #1002806 + +* Mon Oct 21 2013 Zbigniew Jędrzejewski-Szmek - 208-3 +- Backport a bunch of fixes and hwdb updates + +* Wed Oct 2 2013 Lennart Poettering - 208-2 +- Move old random seed and backlight files into the right place + +* Wed Oct 2 2013 Lennart Poettering - 208-1 +- New upstream release + +* Thu Sep 26 2013 Zbigniew Jędrzejewski-Szmek 207-5 +- Do not create /var/var/... dirs + +* Wed Sep 18 2013 Zbigniew Jędrzejewski-Szmek 207-4 +- Fix policykit authentication +- Resolves: rhbz#1006680 + +* Tue Sep 17 2013 Harald Hoyer 207-3 +- fixed login +- Resolves: rhbz#1005233 + +* Mon Sep 16 2013 Harald Hoyer 207-2 +- add some upstream fixes for 207 +- fixed swap activation +- Resolves: rhbz#1008604 + +* Fri Sep 13 2013 Lennart Poettering - 207-1 +- New upstream release + +* Fri Sep 06 2013 Harald Hoyer 206-11 +- support "debug" kernel command line parameter +- journald: fix fd leak in journal_file_empty +- journald: fix vacuuming of archived journals +- libudev: enumerate - do not try to match against an empty subsystem +- cgtop: fixup the online help +- libudev: fix memleak when enumerating childs + +* Wed Sep 04 2013 Harald Hoyer 206-10 +- Do not require grubby, lorax now takes care of grubby +- cherry-picked a lot of patches from upstream + +* Tue Aug 27 2013 Dennis Gilmore - 206-9 +- Require grubby, Fedora installs require grubby, +- kernel-install took over from new-kernel-pkg +- without the Requires we are unable to compose Fedora +- everyone else says that since kernel-install took over +- it is responsible for ensuring that grubby is in place +- this is really what we want for Fedora + +* Tue Aug 27 2013 Kay Sievers - 206-8 +- Revert "Require grubby its needed by kernel-install" + +* Mon Aug 26 2013 Dennis Gilmore 206-7 +- Require grubby its needed by kernel-install + +* Thu Aug 22 2013 Harald Hoyer 206-6 +- kernel-install now understands kernel flavors like PAE + +* Tue Aug 20 2013 Rex Dieter - 206-5 +- add sddm.service to preset file (#998978) + +* Fri Aug 16 2013 Zbigniew Jędrzejewski-Szmek - 206-4 +- Filter out provides for private python modules. +- Add requires on kmod >= 14 (#990994). + +* Sun Aug 11 2013 Zbigniew Jedrzejewski-Szmek - 206-3 +- New systemd-python3 package (#976427). +- Add ownership of a few directories that we create (#894202). + +* Sun Aug 04 2013 Fedora Release Engineering - 206-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild + +* Tue Jul 23 2013 Kay Sievers - 206-1 +- New upstream release + Resolves (#984152) + +* Wed Jul 3 2013 Lennart Poettering - 205-1 +- New upstream release + +* Wed Jun 26 2013 Michal Schmidt 204-10 +- Split systemd-journal-gateway subpackage (#908081). + +* Mon Jun 24 2013 Michal Schmidt 204-9 +- Rename nm_dispatcher to NetworkManager-dispatcher in default preset (#977433) + +* Fri Jun 14 2013 Harald Hoyer 204-8 +- fix, which helps to sucessfully browse journals with + duplicated seqnums + +* Fri Jun 14 2013 Harald Hoyer 204-7 +- fix duplicate message ID bug +Resolves: rhbz#974132 + +* Thu Jun 06 2013 Harald Hoyer 204-6 +- introduce 99-default-disable.preset + +* Thu Jun 6 2013 Lennart Poettering - 204-5 +- Rename 90-display-manager.preset to 85-display-manager.preset so that it actually takes precedence over 90-default.preset's "disable *" line (#903690) + +* Tue May 28 2013 Harald Hoyer 204-4 +- Fix kernel-install (#965897) + +* Wed May 22 2013 Kay Sievers - 204-3 +- Fix kernel-install (#965897) + +* Thu May 9 2013 Lennart Poettering - 204-2 +- New upstream release +- disable isdn by default (#959793) + +* Tue May 07 2013 Harald Hoyer 203-2 +- forward port kernel-install-grubby.patch + +* Tue May 7 2013 Lennart Poettering - 203-1 +- New upstream release + +* Wed Apr 24 2013 Harald Hoyer 202-3 +- fix ENOENT for getaddrinfo +- Resolves: rhbz#954012 rhbz#956035 +- crypt-setup-generator: correctly check return of strdup +- logind-dbus: initialize result variable +- prevent library underlinking + +* Fri Apr 19 2013 Harald Hoyer 202-2 +- nspawn create empty /etc/resolv.conf if necessary +- python wrapper: add sd_journal_add_conjunction() +- fix s390 booting +- Resolves: rhbz#953217 + +* Thu Apr 18 2013 Lennart Poettering - 202-1 +- New upstream release + +* Tue Apr 09 2013 Michal Schmidt - 201-2 +- Automatically discover whether to run autoreconf and add autotools and git + BuildRequires based on the presence of patches to be applied. +- Use find -delete. + +* Mon Apr 8 2013 Lennart Poettering - 201-1 +- New upstream release + +* Mon Apr 8 2013 Lennart Poettering - 200-4 +- Update preset file + +* Fri Mar 29 2013 Lennart Poettering - 200-3 +- Remove NetworkManager-wait-online.service from presets file again, it should default to off + +* Fri Mar 29 2013 Lennart Poettering - 200-2 +- New upstream release + +* Tue Mar 26 2013 Lennart Poettering - 199-2 +- Add NetworkManager-wait-online.service to the presets file + +* Tue Mar 26 2013 Lennart Poettering - 199-1 +- New upstream release + +* Mon Mar 18 2013 Michal Schmidt 198-7 +- Drop /usr/s?bin/ prefixes. + +* Fri Mar 15 2013 Harald Hoyer 198-6 +- run autogen to pickup all changes + +* Fri Mar 15 2013 Harald Hoyer 198-5 +- do not mount anything, when not running as pid 1 +- add initrd.target for systemd in the initrd + +* Wed Mar 13 2013 Harald Hoyer 198-4 +- fix switch-root and local-fs.target problem +- patch kernel-install to use grubby, if available + +* Fri Mar 08 2013 Harald Hoyer 198-3 +- add Conflict with dracut < 026 because of the new switch-root isolate + +* Thu Mar 7 2013 Lennart Poettering - 198-2 +- Create required users + +* Thu Mar 7 2013 Lennart Poettering - 198-1 +- New release +- Enable journal persistancy by default + +* Sun Feb 10 2013 Peter Robinson 197-3 +- Bump for ARM + +* Fri Jan 18 2013 Michal Schmidt - 197-2 +- Added qemu-guest-agent.service to presets (Lennart, #885406). +- Add missing pygobject3-base to systemd-analyze deps (Lennart). +- Do not require hwdata, it is all in the hwdb now (Kay). +- Drop dependency on dbus-python. + +* Tue Jan 8 2013 Lennart Poettering - 197-1 +- New upstream release + +* Mon Dec 10 2012 Michal Schmidt - 196-4 +- Enable rngd.service by default (#857765). + +* Mon Dec 10 2012 Michal Schmidt - 196-3 +- Disable hardening on s390(x) because PIE is broken there and produces + text relocations with __thread (#868839). + +* Wed Dec 05 2012 Michal Schmidt - 196-2 +- added spice-vdagentd.service to presets (Lennart, #876237) +- BR cryptsetup-devel instead of the legacy cryptsetup-luks-devel provide name + (requested by Milan Brož). +- verbose make to see the actual build flags + +* Wed Nov 21 2012 Lennart Poettering - 196-1 +- New upstream release + +* Tue Nov 20 2012 Lennart Poettering - 195-8 +- https://bugzilla.redhat.com/show_bug.cgi?id=873459 +- https://bugzilla.redhat.com/show_bug.cgi?id=878093 + +* Thu Nov 15 2012 Michal Schmidt - 195-7 +- Revert udev killing cgroup patch for F18 Beta. +- https://bugzilla.redhat.com/show_bug.cgi?id=873576 + +* Fri Nov 09 2012 Michal Schmidt - 195-6 +- Fix cyclical dep between systemd and systemd-libs. +- Avoid broken build of test-journal-syslog. +- https://bugzilla.redhat.com/show_bug.cgi?id=873387 +- https://bugzilla.redhat.com/show_bug.cgi?id=872638 + +* Thu Oct 25 2012 Kay Sievers - 195-5 +- require 'sed', limit HOSTNAME= match + +* Wed Oct 24 2012 Michal Schmidt - 195-4 +- add dmraid-activation.service to the default preset +- add yum protected.d fragment +- https://bugzilla.redhat.com/show_bug.cgi?id=869619 +- https://bugzilla.redhat.com/show_bug.cgi?id=869717 + +* Wed Oct 24 2012 Kay Sievers - 195-3 +- Migrate /etc/sysconfig/ i18n, keyboard, network files/variables to + systemd native files + +* Tue Oct 23 2012 Lennart Poettering - 195-2 +- Provide syslog because the journal is fine as a syslog implementation + +* Tue Oct 23 2012 Lennart Poettering - 195-1 +- New upstream release +- https://bugzilla.redhat.com/show_bug.cgi?id=831665 +- https://bugzilla.redhat.com/show_bug.cgi?id=847720 +- https://bugzilla.redhat.com/show_bug.cgi?id=858693 +- https://bugzilla.redhat.com/show_bug.cgi?id=863481 +- https://bugzilla.redhat.com/show_bug.cgi?id=864629 +- https://bugzilla.redhat.com/show_bug.cgi?id=864672 +- https://bugzilla.redhat.com/show_bug.cgi?id=864674 +- https://bugzilla.redhat.com/show_bug.cgi?id=865128 +- https://bugzilla.redhat.com/show_bug.cgi?id=866346 +- https://bugzilla.redhat.com/show_bug.cgi?id=867407 +- https://bugzilla.redhat.com/show_bug.cgi?id=868603 + +* Wed Oct 10 2012 Michal Schmidt - 194-2 +- Add scriptlets for migration away from systemd-timedated-ntp.target + +* Wed Oct 3 2012 Lennart Poettering - 194-1 +- New upstream release +- https://bugzilla.redhat.com/show_bug.cgi?id=859614 +- https://bugzilla.redhat.com/show_bug.cgi?id=859655 + +* Fri Sep 28 2012 Lennart Poettering - 193-1 +- New upstream release + +* Tue Sep 25 2012 Lennart Poettering - 192-1 +- New upstream release + +* Fri Sep 21 2012 Lennart Poettering - 191-2 +- Fix journal mmap header prototype definition to fix compilation on 32bit + +* Fri Sep 21 2012 Lennart Poettering - 191-1 +- New upstream release +- Enable all display managers by default, as discussed with Adam Williamson + +* Thu Sep 20 2012 Lennart Poettering - 190-1 +- New upstream release +- Take possession of /etc/localtime, and remove /etc/sysconfig/clock +- https://bugzilla.redhat.com/show_bug.cgi?id=858780 +- https://bugzilla.redhat.com/show_bug.cgi?id=858787 +- https://bugzilla.redhat.com/show_bug.cgi?id=858771 +- https://bugzilla.redhat.com/show_bug.cgi?id=858754 +- https://bugzilla.redhat.com/show_bug.cgi?id=858746 +- https://bugzilla.redhat.com/show_bug.cgi?id=858266 +- https://bugzilla.redhat.com/show_bug.cgi?id=858224 +- https://bugzilla.redhat.com/show_bug.cgi?id=857670 +- https://bugzilla.redhat.com/show_bug.cgi?id=856975 +- https://bugzilla.redhat.com/show_bug.cgi?id=855863 +- https://bugzilla.redhat.com/show_bug.cgi?id=851970 +- https://bugzilla.redhat.com/show_bug.cgi?id=851275 +- https://bugzilla.redhat.com/show_bug.cgi?id=851131 +- https://bugzilla.redhat.com/show_bug.cgi?id=847472 +- https://bugzilla.redhat.com/show_bug.cgi?id=847207 +- https://bugzilla.redhat.com/show_bug.cgi?id=846483 +- https://bugzilla.redhat.com/show_bug.cgi?id=846085 +- https://bugzilla.redhat.com/show_bug.cgi?id=845973 +- https://bugzilla.redhat.com/show_bug.cgi?id=845194 +- https://bugzilla.redhat.com/show_bug.cgi?id=845028 +- https://bugzilla.redhat.com/show_bug.cgi?id=844630 +- https://bugzilla.redhat.com/show_bug.cgi?id=839736 +- https://bugzilla.redhat.com/show_bug.cgi?id=835848 +- https://bugzilla.redhat.com/show_bug.cgi?id=831740 +- https://bugzilla.redhat.com/show_bug.cgi?id=823485 +- https://bugzilla.redhat.com/show_bug.cgi?id=821813 +- https://bugzilla.redhat.com/show_bug.cgi?id=807886 +- https://bugzilla.redhat.com/show_bug.cgi?id=802198 +- https://bugzilla.redhat.com/show_bug.cgi?id=767795 +- https://bugzilla.redhat.com/show_bug.cgi?id=767561 +- https://bugzilla.redhat.com/show_bug.cgi?id=752774 +- https://bugzilla.redhat.com/show_bug.cgi?id=732874 +- https://bugzilla.redhat.com/show_bug.cgi?id=858735 + +* Thu Sep 13 2012 Lennart Poettering - 189-4 +- Don't pull in pkg-config as dep +- https://bugzilla.redhat.com/show_bug.cgi?id=852828 + +* Wed Sep 12 2012 Lennart Poettering - 189-3 +- Update preset policy +- Rename preset policy file from 99-default.preset to 90-default.preset so that people can order their own stuff after the Fedora default policy if they wish + +* Thu Aug 23 2012 Lennart Poettering - 189-2 +- Update preset policy +- https://bugzilla.redhat.com/show_bug.cgi?id=850814 + +* Thu Aug 23 2012 Lennart Poettering - 189-1 +- New upstream release + +* Thu Aug 16 2012 Ray Strode 188-4 +- more scriptlet fixes + (move dm migration logic to %%posttrans so the service + files it's looking for are available at the time + the logic is run) + +* Sat Aug 11 2012 Lennart Poettering - 188-3 +- Remount file systems MS_PRIVATE before switching roots +- https://bugzilla.redhat.com/show_bug.cgi?id=847418 + +* Wed Aug 08 2012 Rex Dieter - 188-2 +- fix scriptlets + +* Wed Aug 8 2012 Lennart Poettering - 188-1 +- New upstream release +- Enable gdm and avahi by default via the preset file +- Convert /etc/sysconfig/desktop to display-manager.service symlink +- Enable hardened build + +* Mon Jul 30 2012 Kay Sievers - 187-3 +- Obsolete: system-setup-keyboard + +* Wed Jul 25 2012 Kalev Lember - 187-2 +- Run ldconfig for the new -libs subpackage + +* Thu Jul 19 2012 Lennart Poettering - 187-1 +- New upstream release + +* Mon Jul 09 2012 Harald Hoyer 186-2 +- fixed dracut conflict version + +* Tue Jul 3 2012 Lennart Poettering - 186-1 +- New upstream release + +* Fri Jun 22 2012 Nils Philippsen - 185-7.gite7aee75 +- add obsoletes/conflicts so multilib systemd -> systemd-libs updates work + +* Thu Jun 14 2012 Michal Schmidt - 185-6.gite7aee75 +- Update to current git + +* Wed Jun 06 2012 Kay Sievers - 185-5.gita2368a3 +- disable plymouth in configure, to drop the .wants/ symlinks + +* Wed Jun 06 2012 Michal Schmidt - 185-4.gita2368a3 +- Update to current git snapshot + - Add systemd-readahead-analyze + - Drop upstream patch +- Split systemd-libs +- Drop duplicate doc files +- Fixed License headers of subpackages + +* Wed Jun 06 2012 Ray Strode - 185-3 +- Drop plymouth files +- Conflict with old plymouth + +* Tue Jun 05 2012 Kay Sievers - 185-2 +- selinux udev labeling fix +- conflict with older dracut versions for new udev file names + +* Mon Jun 04 2012 Kay Sievers - 185-1 +- New upstream release + - udev selinux labeling fixes + - new man pages + - systemctl help + +* Thu May 31 2012 Lennart Poettering - 184-1 +- New upstream release + +* Thu May 24 2012 Kay Sievers - 183-1 +- New upstream release including udev merge. + +* Wed Mar 28 2012 Michal Schmidt - 44-4 +- Add triggers from Bill Nottingham to correct the damage done by + the obsoleted systemd-units's preun scriptlet (#807457). + +* Mon Mar 26 2012 Dennis Gilmore - 44-3 +- apply patch from upstream so we can build systemd on arm and ppc +- and likely the rest of the secondary arches + +* Tue Mar 20 2012 Michal Schmidt - 44-2 +- Don't build the gtk parts anymore. They're moving into systemd-ui. +- Remove a dead patch file. + +* Fri Mar 16 2012 Lennart Poettering - 44-1 +- New upstream release +- Closes #798760, #784921, #783134, #768523, #781735 + +* Mon Feb 27 2012 Dennis Gilmore - 43-2 +- don't conflict with fedora-release systemd never actually provided +- /etc/os-release so there is no actual conflict + +* Wed Feb 15 2012 Lennart Poettering - 43-1 +- New upstream release +- Closes #789758, #790260, #790522 + +* Sat Feb 11 2012 Lennart Poettering - 42-1 +- New upstream release +- Save a bit of entropy during system installation (#789407) +- Don't own /etc/os-release anymore, leave that to fedora-release + +* Thu Feb 9 2012 Adam Williamson - 41-2 +- rebuild for fixed binutils + +* Thu Feb 9 2012 Lennart Poettering - 41-1 +- New upstream release + +* Tue Feb 7 2012 Lennart Poettering - 40-1 +- New upstream release + +* Thu Jan 26 2012 Kay Sievers - 39-3 +- provide /sbin/shutdown + +* Wed Jan 25 2012 Harald Hoyer 39-2 +- increment release + +* Wed Jan 25 2012 Kay Sievers - 39-1.1 +- install everything in /usr + https://fedoraproject.org/wiki/Features/UsrMove + +* Wed Jan 25 2012 Lennart Poettering - 39-1 +- New upstream release + +* Sun Jan 22 2012 Michal Schmidt - 38-6.git9fa2f41 +- Update to a current git snapshot. +- Resolves: #781657 + +* Sun Jan 22 2012 Michal Schmidt - 38-5 +- Build against libgee06. Reenable gtk tools. +- Delete unused patches. +- Add easy building of git snapshots. +- Remove legacy spec file elements. +- Don't mention implicit BuildRequires. +- Configure with --disable-static. +- Merge -units into the main package. +- Move section 3 manpages to -devel. +- Fix unowned directory. +- Run ldconfig in scriptlets. +- Split systemd-analyze to a subpackage. + +* Sat Jan 21 2012 Dan Horák - 38-4 +- fix build on big-endians + +* Wed Jan 11 2012 Lennart Poettering - 38-3 +- Disable building of gtk tools for now + +* Wed Jan 11 2012 Lennart Poettering - 38-2 +- Fix a few (build) dependencies + +* Wed Jan 11 2012 Lennart Poettering - 38-1 +- New upstream release + +* Tue Nov 15 2011 Michal Schmidt - 37-4 +- Run authconfig if /etc/pam.d/system-auth is not a symlink. +- Resolves: #753160 + +* Wed Nov 02 2011 Michal Schmidt - 37-3 +- Fix remote-fs-pre.target and its ordering. +- Resolves: #749940 + +* Wed Oct 19 2011 Michal Schmidt - 37-2 +- A couple of fixes from upstream: +- Fix a regression in bash-completion reported in Bodhi. +- Fix a crash in isolating. +- Resolves: #717325 + +* Tue Oct 11 2011 Lennart Poettering - 37-1 +- New upstream release +- Resolves: #744726, #718464, #713567, #713707, #736756 + +* Thu Sep 29 2011 Michal Schmidt - 36-5 +- Undo the workaround. Kay says it does not belong in systemd. +- Unresolves: #741655 + +* Thu Sep 29 2011 Michal Schmidt - 36-4 +- Workaround for the crypto-on-lvm-on-crypto disk layout +- Resolves: #741655 + +* Sun Sep 25 2011 Michal Schmidt - 36-3 +- Revert an upstream patch that caused ordering cycles +- Resolves: #741078 + +* Fri Sep 23 2011 Lennart Poettering - 36-2 +- Add /etc/timezone to ghosted files + +* Fri Sep 23 2011 Lennart Poettering - 36-1 +- New upstream release +- Resolves: #735013, #736360, #737047, #737509, #710487, #713384 + +* Thu Sep 1 2011 Lennart Poettering - 35-1 +- New upstream release +- Update post scripts +- Resolves: #726683, #713384, #698198, #722803, #727315, #729997, #733706, #734611 + +* Thu Aug 25 2011 Lennart Poettering - 34-1 +- New upstream release + +* Fri Aug 19 2011 Harald Hoyer 33-2 +- fix ABRT on service file reloading +- Resolves: rhbz#732020 + +* Wed Aug 3 2011 Lennart Poettering - 33-1 +- New upstream release + +* Fri Jul 29 2011 Lennart Poettering - 32-1 +- New upstream release + +* Wed Jul 27 2011 Lennart Poettering - 31-2 +- Fix access mode of modprobe file, restart logind after upgrade + +* Wed Jul 27 2011 Lennart Poettering - 31-1 +- New upstream release + +* Wed Jul 13 2011 Lennart Poettering - 30-1 +- New upstream release + +* Thu Jun 16 2011 Lennart Poettering - 29-1 +- New upstream release + +* Mon Jun 13 2011 Michal Schmidt - 28-4 +- Apply patches from current upstream. +- Fixes memory size detection on 32-bit with >4GB RAM (BZ712341) + +* Wed Jun 08 2011 Michal Schmidt - 28-3 +- Apply patches from current upstream +- https://bugzilla.redhat.com/show_bug.cgi?id=709909 +- https://bugzilla.redhat.com/show_bug.cgi?id=710839 +- https://bugzilla.redhat.com/show_bug.cgi?id=711015 + +* Sat May 28 2011 Lennart Poettering - 28-2 +- Pull in nss-myhostname + +* Thu May 26 2011 Lennart Poettering - 28-1 +- New upstream release + +* Wed May 25 2011 Lennart Poettering - 26-2 +- Bugfix release +- https://bugzilla.redhat.com/show_bug.cgi?id=707507 +- https://bugzilla.redhat.com/show_bug.cgi?id=707483 +- https://bugzilla.redhat.com/show_bug.cgi?id=705427 +- https://bugzilla.redhat.com/show_bug.cgi?id=707577 + +* Sat Apr 30 2011 Lennart Poettering - 26-1 +- New upstream release +- https://bugzilla.redhat.com/show_bug.cgi?id=699394 +- https://bugzilla.redhat.com/show_bug.cgi?id=698198 +- https://bugzilla.redhat.com/show_bug.cgi?id=698674 +- https://bugzilla.redhat.com/show_bug.cgi?id=699114 +- https://bugzilla.redhat.com/show_bug.cgi?id=699128 + +* Thu Apr 21 2011 Lennart Poettering - 25-1 +- New upstream release +- https://bugzilla.redhat.com/show_bug.cgi?id=694788 +- https://bugzilla.redhat.com/show_bug.cgi?id=694321 +- https://bugzilla.redhat.com/show_bug.cgi?id=690253 +- https://bugzilla.redhat.com/show_bug.cgi?id=688661 +- https://bugzilla.redhat.com/show_bug.cgi?id=682662 +- https://bugzilla.redhat.com/show_bug.cgi?id=678555 +- https://bugzilla.redhat.com/show_bug.cgi?id=628004 + +* Wed Apr 6 2011 Lennart Poettering - 24-1 +- New upstream release +- https://bugzilla.redhat.com/show_bug.cgi?id=694079 +- https://bugzilla.redhat.com/show_bug.cgi?id=693289 +- https://bugzilla.redhat.com/show_bug.cgi?id=693274 +- https://bugzilla.redhat.com/show_bug.cgi?id=693161 + +* Tue Apr 5 2011 Lennart Poettering - 23-1 +- New upstream release +- Include systemd-sysv-convert + +* Fri Apr 1 2011 Lennart Poettering - 22-1 +- New upstream release + +* Wed Mar 30 2011 Lennart Poettering - 21-2 +- The quota services are now pulled in by mount points, hence no need to enable them explicitly + +* Tue Mar 29 2011 Lennart Poettering - 21-1 +- New upstream release + +* Mon Mar 28 2011 Matthias Clasen - 20-2 +- Apply upstream patch to not send untranslated messages to plymouth + +* Tue Mar 8 2011 Lennart Poettering - 20-1 +- New upstream release + +* Tue Mar 1 2011 Lennart Poettering - 19-1 +- New upstream release + +* Wed Feb 16 2011 Lennart Poettering - 18-1 +- New upstream release + +* Mon Feb 14 2011 Bill Nottingham - 17-6 +- bump upstart obsoletes (#676815) + +* Wed Feb 9 2011 Tom Callaway - 17-5 +- add macros.systemd file for %%{_unitdir} + +* Wed Feb 09 2011 Fedora Release Engineering - 17-4 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild + +* Wed Feb 9 2011 Lennart Poettering - 17-3 +- Fix popen() of systemctl, #674916 + +* Mon Feb 7 2011 Bill Nottingham - 17-2 +- add epoch to readahead obsolete + +* Sat Jan 22 2011 Lennart Poettering - 17-1 +- New upstream release + +* Tue Jan 18 2011 Lennart Poettering - 16-2 +- Drop console.conf again, since it is not shipped in pamtmp.conf + +* Sat Jan 8 2011 Lennart Poettering - 16-1 +- New upstream release + +* Thu Nov 25 2010 Lennart Poettering - 15-1 +- New upstream release + +* Thu Nov 25 2010 Lennart Poettering - 14-1 +- Upstream update +- Enable hwclock-load by default +- Obsolete readahead +- Enable /var/run and /var/lock on tmpfs + +* Fri Nov 19 2010 Lennart Poettering - 13-1 +- new upstream release + +* Wed Nov 17 2010 Bill Nottingham 12-3 +- Fix clash + +* Wed Nov 17 2010 Lennart Poettering - 12-2 +- Don't clash with initscripts for now, so that we don't break the builders + +* Wed Nov 17 2010 Lennart Poettering - 12-1 +- New upstream release + +* Fri Nov 12 2010 Matthias Clasen - 11-2 +- Rebuild with newer vala, libnotify + +* Thu Oct 7 2010 Lennart Poettering - 11-1 +- New upstream release + +* Wed Sep 29 2010 Jesse Keating - 10-6 +- Rebuilt for gcc bug 634757 + +* Thu Sep 23 2010 Bill Nottingham - 10-5 +- merge -sysvinit into main package + +* Mon Sep 20 2010 Bill Nottingham - 10-4 +- obsolete upstart-sysvinit too + +* Fri Sep 17 2010 Bill Nottingham - 10-3 +- Drop upstart requires + +* Tue Sep 14 2010 Lennart Poettering - 10-2 +- Enable audit +- https://bugzilla.redhat.com/show_bug.cgi?id=633771 + +* Tue Sep 14 2010 Lennart Poettering - 10-1 +- New upstream release +- https://bugzilla.redhat.com/show_bug.cgi?id=630401 +- https://bugzilla.redhat.com/show_bug.cgi?id=630225 +- https://bugzilla.redhat.com/show_bug.cgi?id=626966 +- https://bugzilla.redhat.com/show_bug.cgi?id=623456 + +* Fri Sep 3 2010 Bill Nottingham - 9-3 +- move fedora-specific units to initscripts; require newer version thereof + +* Fri Sep 3 2010 Lennart Poettering - 9-2 +- Add missing tarball + +* Fri Sep 3 2010 Lennart Poettering - 9-1 +- New upstream version +- Closes 501720, 614619, 621290, 626443, 626477, 627014, 627785, 628913 + +* Fri Aug 27 2010 Lennart Poettering - 8-3 +- Reexecute after installation, take ownership of /var/run/user +- https://bugzilla.redhat.com/show_bug.cgi?id=627457 +- https://bugzilla.redhat.com/show_bug.cgi?id=627634 + +* Thu Aug 26 2010 Lennart Poettering - 8-2 +- Properly create default.target link + +* Wed Aug 25 2010 Lennart Poettering - 8-1 +- New upstream release + +* Thu Aug 12 2010 Lennart Poettering - 7-3 +- Fix https://bugzilla.redhat.com/show_bug.cgi?id=623561 + +* Thu Aug 12 2010 Lennart Poettering - 7-2 +- Fix https://bugzilla.redhat.com/show_bug.cgi?id=623430 + +* Tue Aug 10 2010 Lennart Poettering - 7-1 +- New upstream release + +* Fri Aug 6 2010 Lennart Poettering - 6-2 +- properly hide output on package installation +- pull in coreutils during package installtion + +* Fri Aug 6 2010 Lennart Poettering - 6-1 +- New upstream release +- Fixes #621200 + +* Wed Aug 4 2010 Lennart Poettering - 5-2 +- Add tarball + +* Wed Aug 4 2010 Lennart Poettering - 5-1 +- Prepare release 5 + +* Tue Jul 27 2010 Bill Nottingham - 4-4 +- Add 'sysvinit-userspace' provide to -sysvinit package to fix upgrade/install (#618537) + +* Sat Jul 24 2010 Lennart Poettering - 4-3 +- Add libselinux to build dependencies + +* Sat Jul 24 2010 Lennart Poettering - 4-2 +- Use the right tarball + +* Sat Jul 24 2010 Lennart Poettering - 4-1 +- New upstream release, and make default + +* Tue Jul 13 2010 Lennart Poettering - 3-3 +- Used wrong tarball + +* Tue Jul 13 2010 Lennart Poettering - 3-2 +- Own /cgroup jointly with libcgroup, since we don't dpend on it anymore + +* Tue Jul 13 2010 Lennart Poettering - 3-1 +- New upstream release + +* Fri Jul 9 2010 Lennart Poettering - 2-0 +- New upstream release + +* Wed Jul 7 2010 Lennart Poettering - 1-0 +- First upstream release + +* Tue Jun 29 2010 Lennart Poettering - 0-0.7.20100629git4176e5 +- New snapshot +- Split off -units package where other packages can depend on without pulling in the whole of systemd + +* Tue Jun 22 2010 Lennart Poettering - 0-0.6.20100622gita3723b +- Add missing libtool dependency. + +* Tue Jun 22 2010 Lennart Poettering - 0-0.5.20100622gita3723b +- Update snapshot + +* Mon Jun 14 2010 Rahul Sundaram - 0-0.4.20100614git393024 +- Pull the latest snapshot that fixes a segfault. Resolves rhbz#603231 + +* Fri Jun 11 2010 Rahul Sundaram - 0-0.3.20100610git2f198e +- More minor fixes as per review + +* Thu Jun 10 2010 Rahul Sundaram - 0-0.2.20100610git2f198e +- Spec improvements from David Hollis + +* Wed Jun 09 2010 Rahul Sundaram - 0-0.1.20090609git2f198e +- Address review comments + +* Tue Jun 01 2010 Rahul Sundaram - 0-0.0.git2010-06-02 +- Initial spec (adopted from Kay Sievers) + diff --git a/libabigail.abignore b/libabigail.abignore new file mode 100644 index 0000000..6a33b88 --- /dev/null +++ b/libabigail.abignore @@ -0,0 +1,3 @@ +[suppress_file] +# Those shared objects are private to systemd +file_name_regexp=libsystemd-(shared|core)-.*.so diff --git a/macros.sysusers b/macros.sysusers new file mode 100644 index 0000000..534b0e7 --- /dev/null +++ b/macros.sysusers @@ -0,0 +1,10 @@ +# RPM macros for packages creating system accounts +# +# Turn a sysusers.d file into macros specified by +# https://docs.fedoraproject.org/en-US/packaging-guidelines/UsersAndGroups/#_dynamic_allocation +# +# After https://fedoraproject.org/wiki/Changes/RPMSuportForSystemdSysusers, +# those macros are not needed anymore. + +%sysusers_requires_compat %nil +%sysusers_create_compat() %nil diff --git a/macros.sysusers.compat b/macros.sysusers.compat new file mode 100644 index 0000000..d8d8c1d --- /dev/null +++ b/macros.sysusers.compat @@ -0,0 +1,10 @@ +# RPM macros for packages creating system accounts +# +# Turn a sysusers.d file into macros specified by +# https://docs.fedoraproject.org/en-US/packaging-guidelines/UsersAndGroups/#_dynamic_allocation + +%sysusers_requires_compat Requires(pre): shadow-utils + +%sysusers_create_compat() \ +%(%{_rpmconfigdir}/sysusers.generate-pre.sh %{?*}) \ +%{nil} diff --git a/owner-check.sh b/owner-check.sh new file mode 100755 index 0000000..3273a3f --- /dev/null +++ b/owner-check.sh @@ -0,0 +1,53 @@ +#!/bin/bash +set -e + +verb="$1" + +[ "$verb" = "-s" ] && do_send=1 || do_send= + +[ -n "$do_send" ] && [ -z "$server" -o -z "login" ] && { echo '$server and $login need to be set'; exit 1; } + +header= +from=systemd-maint@fedoraproject.org +time='2 years ago' +# time='1 day ago' +port=587 + +for user in "$@"; do + echo "checking $user…" + + p=$(git log -1 --all --author "$user") + if [ -z "$p" ]; then + echo "No commits from $user, check spelling" + exit 1 + fi + + t=$(git shortlog --all --author "$user" --since "@{$time}" | wc -l) + if [ $t != 0 ]; then + echo "$t commits in the last two years, OK" + echo + continue + fi + + echo "$p" | head -n6 + echo ".. adding to list" + + if [ -z "$header" ]; then + echo '$USER$;$EMAIL$' >.mail.list + header=done + fi + + echo "$user;$user@fedoraproject.org" >>.mail.list + echo +done + +[ -z "$header" ] && exit 0 +[ -n "$do_send" ] || exit 0 + +echo "Sending mails…" +set -x +massmail -F "$from" \ + -C "$from" \ + -S 'write access to the fedora systemd package' \ + -z "$server" -u "$login" -P "$port" \ + .mail.list = 64] + +# Build from git main +%bcond upstream 0 + +# Build with OBS-specific quirks +%bcond obs 0 + +# When bootstrap, libcryptsetup is disabled +# but auto-features causes many options to be turned on +# that depend on libcryptsetup (e.g. libcryptsetup-plugins, homed) +%if %{with bootstrap} +%global __meson_auto_features disabled +# If we're building for upstream, don't unconditionally enable all +# new features as new features might be introduced for which we're +# missing build dependencies. +%elif %{with upstream} +%global __meson_auto_features auto +%endif + +# Override %%autorelease. This is ugly, but rpmautospec doesn't implement +# autorelease correctly if the macro is conditionalized in the Release field. +%{?release_override:%global autorelease %{release_override}%{?dist}} + +# In OBS, noarch packages are shared between all architectures and +# independent architectures can be rebuilt automatically without all +# the other architectures getting rebuilt. This can result in the noarch +# packages being newer than the archful packages for some architectures, +# which means our current strict deps from the noarch packages on the +# archful packages can't be satisfied. +# +# To address this problem, let's relax the dependencies from the noarch +# packages on the archful packages for OBS builds. Let's only do this for +# OBS builds because this isn't an issue on Fedora as it's impossible to +# build a package for only some of the architectures. +%if %{with obs} +%define noarch_requires_version %{version} +%else +%define noarch_requires_version %{version}-%{release} +%endif + Name: systemd -Url: http://www.freedesktop.org/wiki/Software/systemd -Version: 234 -Release: 8%{?gitcommit:.git%{gitcommitshort}}%{?dist} +Url: https://systemd.io +# Allow users to specify the version and release when building the rpm by +# setting the %%version_override and %%release_override macros. +# But don't do that on OBS, otherwise the version subst fails, and will be +# like 257-123-gabcd257.1 instead of 257-123-gabcd +%if %{without obs} +Version: %{?version_override}%{!?version_override:259} +%else +Version: %{?version_override}%{!?version_override:%(cat meson.version)} +%endif +Release: %autorelease + +%global stable %(c="%version"; [ "$c" = "${c#*.*}" ]; echo $?) + # For a breakdown of the licensing, see README -License: LGPLv2+ and MIT and GPLv2+ +License: LGPL-2.1-or-later AND MIT AND GPL-2.0-or-later Summary: System and Service Manager # download tarballs with "spectool -g systemd.spec" -%if %{defined gitcommit} -Source0: https://github.com/systemd/systemd/archive/%{?gitcommit}.tar.gz#/%{name}-%{gitcommitshort}.tar.gz -%else -Source0: https://github.com/systemd/systemd/archive/v%{version}.tar.gz#/%{name}-%{version}.tar.gz +# packit will always rewrite the first Source0 it finds, ignoring any conditionals so list +# the fallback source that's used if neither %%branch, %%commit or %%obs are defined first. +%if %{undefined branch} && %{undefined commit} && %{without obs} +Source0: https://github.com/systemd/systemd/archive/v%{version_no_tilde}/%{name}-%{version_no_tilde}.tar.gz +%elif %{defined branch} +Source0: https://github.com/systemd/systemd/archive/refs/heads/%{branch}.tar.gz +%elif %{defined commit} +Source0: https://github.com/systemd/systemd/archive/%{commit}/%{name}-%{commit}.tar.gz +%elif %{with obs} +Source0: https://github.com/systemd/systemd/archive/v%{version_no_tilde}/%{name}-%{version}.tar.xz %endif # This file must be available before %%prep. -# It is generated during systemd build and can be found in src/core/. +# It is generated during systemd build and can be found at build/src/rpm/triggers.systemd.sh. Source1: triggers.systemd +Source2: split-files.py +Source4: test_sysusers_defined.py -# Prevent accidental removal of the systemd package -Source4: yum-protect-systemd.conf +Source6: inittab +Source7: sysctl.conf.README +Source8: systemd-journal-remote.xml +Source9: systemd-journal-gatewayd.xml +Source10: 20-yama-ptrace.conf +Source11: systemd-udev-trigger-no-reload.conf +# https://fedoraproject.org/wiki/How_to_filter_libabigail_reports +Source13: libabigail.abignore -Source5: inittab -Source6: sysctl.conf.README -Source7: systemd-journal-remote.xml -Source8: systemd-journal-gatewayd.xml -Source9: 20-yama-ptrace.conf -Source10: systemd-udev-trigger-no-reload.conf -Source11: 20-grubby.install -Source12: https://raw.githubusercontent.com/systemd/systemd/1000522a60ceade446773c67031b47a566d4a70d/src/login/systemd-user.m4 +Source14: 10-oomd-defaults.conf +Source15: 10-oomd-per-slice-defaults.conf +Source16: 10-timeout-abort.conf +Source17: 10-map-count.conf +Source18: 60-block-scheduler.rules -%if 0 -GIT_DIR=../../src/systemd/.git git format-patch-ab --no-signature -M -N v234..v234-stable -i=1; for j in 00*patch; do printf "Patch%04d: %s\n" $i $j; i=$((i+1));done|xclip -GIT_DIR=../../src/systemd/.git git diffab -M v233..master@{2017-06-15} -- hwdb/[67]* hwdb/parse_hwdb.py > hwdb.patch +Source20: macros.sysusers.compat +Source21: macros.sysusers +Source22: sysusers.attr +Source23: sysusers.prov +Source24: sysusers.generate-pre.sh + +Source25: 98-default-mac-none.link + +Source26: systemd-user + +%if 0%{?fedora} < 40 && 0%{?rhel} < 10 +# Work-around for dracut issue: run generators directly when we are in initrd +# https://bugzilla.redhat.com/show_bug.cgi?id=2164404 +# Drop when dracut-060 is available. +Patch: https://github.com/systemd/systemd/pull/26494.patch %endif -Patch0001: 0001-escape-Fix-help-description-6352.patch -Patch0002: 0002-build-sys-install-udev-rule-70-joystick.-rules-hwdb-.patch -Patch0003: 0003-add-version-argument-to-help-function-6377.patch -Patch0004: 0004-seccomp-arm64-x32-do-not-have-_sysctl.patch -Patch0005: 0005-seccomp-arm64-does-not-have-mmap2.patch -Patch0006: 0006-test-seccomp-arm64-does-not-have-access-and-poll.patch -Patch0007: 0007-fstab-generator-ignore-x-systemd.device-timeout-for-.patch -Patch0008: 0008-core-modify-resource-leak-by-SmackProcessLabel.patch -Patch0009: 0009-core-dump-also-missed-security-context.patch -Patch0010: 0010-journald-make-sure-we-retain-all-stream-fds-across-r.patch -Patch0011: 0011-Use-config_parse_sec_fix_0-also-for-JobRunningTimeou.patch -Patch0012: 0012-virt-enable-detecting-QEMU-TCG-via-CPUID-6399.patch -Patch0013: 0013-test-condition-don-t-assume-that-all-non-root-users-.patch -Patch0014: 0014-call-chase_symlinks-without-the-sysroot-prefix-6411.patch -Patch0015: 0015-nspawn-downgrade-warning-when-we-get-sd_notify-messa.patch -Patch0016: 0016-Revert-core-don-t-load-dropin-data-multiple-times-fo.patch -Patch0017: 0017-bash-completion-use-the-first-argument-instead-of-th.patch -Patch0018: 0018-boot-efi-don-t-hard-fail-on-error-for-tpm-measure-64.patch -Patch0019: 0019-meson-D-remote-and-D-importd-should-be-combo-options.patch -Patch0020: 0020-cryptsetup-fix-infinite-timeout-6486.patch -Patch0021: 0021-rfkill-fix-erroneous-behavior-when-polling-the-udev-.patch -Patch0022: 0022-core-Do-not-fail-perpetual-mount-units-without-fragm.patch -Patch0023: 0023-build-sys-bump-xslt-maxdepth-limit.patch -Patch0024: 0024-device-make-sure-to-remove-all-device-units-sharing-.patch +%if %{without upstream} +# Those are downstream-only patches, but we don't want them in packit builds. -Patch0998: 0998-resolved-create-etc-resolv.conf-symlink-at-runtime.patch -Patch0999: 0999-netdev-crypttab.patch +# Create user journals for users with high UIDs +# https://bugzilla.redhat.com/show_bug.cgi?id=2251843 +Patch: 30846.patch -%global num_patches %{lua: c=0; for i,p in ipairs(patches) do c=c+1; end; print(c);} +# Again create runlevelX.target. Dropping those files breaks upgrades. +# https://bugzilla.redhat.com/show_bug.cgi?id=2411195 +Patch: 0001-Revert-units-drop-runlevel-0-6-.target.patch -%ifarch %{ix86} x86_64 aarch64 -%global have_gnu_efi 1 +# userdb: create userdb root directory with correct label +# We can drop this after SELinux policy is updated to handle the transition. +Patch: 38769.patch + +# Workaround for https://bugzilla.redhat.com/show_bug.cgi?id=2415701 +Patch: 0002-machined-continue-without-resolve.hook-socket.patch + +# 2 patches for https://fedoraproject.org/wiki/Changes/Automatic_DTB_selection_for_aarch64_EFI_systems +# Upstream commit: https://github.com/systemd/systemd/commit/75890d949f92c412c0936b8536b2e0dc8f7dfb40 +Patch: 0003-ukify-omit-.osrel-section-when-os-release-is-empty.patch +# Upstream PR: https://github.com/systemd/systemd/pull/40329 +Patch: 0004-stub-Fix-NULL-pointer-deref-when-there-are-no-initrd.patch %endif -BuildRequires: libcap-devel +%ifarch %{ix86} x86_64 aarch64 riscv64 +%global want_bootloader 1 +%endif + +BuildRequires: gcc +BuildRequires: gcc-c++ +BuildRequires: clang +BuildRequires: coreutils +BuildRequires: rpmdevtools BuildRequires: libmount-devel +BuildRequires: libfdisk-devel +BuildRequires: libpwquality-devel +BuildRequires: libxcrypt-devel BuildRequires: pam-devel BuildRequires: libselinux-devel BuildRequires: audit-libs-devel +%if %{without bootstrap} BuildRequires: cryptsetup-devel +# Require (previous version) of our macros package. +# We use the %%systemd_{post,preun,…} macros for various services. +BuildRequires: systemd-rpm-macros +%endif BuildRequires: dbus-devel +BuildRequires: util-linux +# /usr/bin/getfacl is needed by test-acl-util +BuildRequires: acl BuildRequires: libacl-devel BuildRequires: gobject-introspection-devel BuildRequires: libblkid-devel +%if %{with xz} BuildRequires: xz-devel BuildRequires: xz +%endif +%if %{with lz4} BuildRequires: lz4-devel BuildRequires: lz4 +%endif +%if %{with bzip2} BuildRequires: bzip2-devel -BuildRequires: libidn-devel +%endif +%if %{with zstd} +BuildRequires: libzstd-devel +%endif +BuildRequires: libidn2-devel BuildRequires: libcurl-devel BuildRequires: kmod-devel BuildRequires: elfutils-devel -BuildRequires: libgcrypt-devel -BuildRequires: libgpg-error-devel +BuildRequires: openssl-devel +%if 0%{?fedora} >= 41 +BuildRequires: openssl-devel-engine +%endif +%if %{with gnutls} BuildRequires: gnutls-devel +%endif +%if 0%{?fedora} BuildRequires: qrencode-devel +%endif BuildRequires: libmicrohttpd-devel BuildRequires: libxkbcommon-devel BuildRequires: iptables-devel +BuildRequires: pkgconfig(bash-completion) +BuildRequires: pkgconfig(libarchive) +BuildRequires: pkgconfig(libfido2) +BuildRequires: pkgconfig(tss2-esys) +BuildRequires: pkgconfig(tss2-rc) +BuildRequires: pkgconfig(tss2-mu) +BuildRequires: pkgconfig(libbpf) +BuildRequires: systemtap-sdt-devel +%if %{with docs} BuildRequires: libxslt BuildRequires: docbook-style-xsl +%endif BuildRequires: pkgconfig BuildRequires: gperf BuildRequires: gawk BuildRequires: tree +BuildRequires: hostname +BuildRequires: python3 BuildRequires: python3-devel -BuildRequires: python3-lxml +BuildRequires: python3dist(jinja2) +BuildRequires: python3dist(lxml) +BuildRequires: python3dist(pefile) +%if 0%{?fedora} +BuildRequires: python3dist(pillow) +%endif +BuildRequires: python3dist(pytest) +%if 0%{?want_bootloader} +BuildRequires: python3dist(pyelftools) +%endif +# gzip and lzma are provided by the stdlib BuildRequires: firewalld-filesystem -%if 0%{?have_gnu_efi} -BuildRequires: gnu-efi gnu-efi-devel -%endif BuildRequires: libseccomp-devel -%if %{num_patches} -BuildRequires: git -%endif -BuildRequires: meson >= 0.40 +BuildRequires: meson >= 0.43 BuildRequires: gettext -# for now, should not be necessary when we switch to i18n.merge_file() -BuildRequires: intltool +# We use RUNNING_ON_VALGRIND in tests, so the headers need to be available +%ifarch %{valgrind_arches} +BuildRequires: valgrind-devel +%endif +%if %{defined rhel} && 0%{?rhel} < 10 +BuildRequires: rsync +%endif + +%ifnarch %ix86 +# bpftool is not built for i368 +BuildRequires: bpftool +BuildRequires: kernel-devel +%global have_bpf 1 +%endif + +%if 0%{?fedora} +%ifarch x86_64 aarch64 +%global have_xen 1 +# That package is only built for those two architectures +BuildRequires: xen-devel +%endif +%endif + +%if %{with obs} +BuildRequires: pesign-obs-integration +%endif Requires(post): coreutils -Requires(post): sed -Requires(post): acl Requires(post): grep -Requires(pre): coreutils -Requires(pre): /usr/bin/getent -Requires(pre): /usr/sbin/groupadd -Requires: dbus >= 1.9.18 -Requires: %{name}-pam = %{version}-%{release} -Requires: %{name}-libs = %{version}-%{release} +# systemd-machine-id-setup requires libssl +Requires(post): openssl-libs +Recommends: dbus >= 1.9.18 +Recommends: systemd-pam%{_isa} = %{version}-%{release} +Requires(meta): (systemd-rpm-macros = %{version}-%{release} if rpm-build) +Requires: systemd-libs%{_isa} = %{version}-%{release} +%{?fedora:Recommends: systemd-networkd = %{version}-%{release}} +%{?fedora:Recommends: systemd-resolved = %{version}-%{release}} +Requires: systemd-shared%{_isa} = %{version}-%{release} +Requires: /usr/bin/systemd-sysusers +# The standalone version doesn't Provide the _isa suffix, +# so this biases towards the common version. +Recommends: systemd-sysusers%{_isa} = %{version}-%{release} Recommends: diffutils -Requires: util-linux -Recommends: libxkbcommon%{?_isa} +Requires: (util-linux-core or util-linux) +Requires: (libbpf >= 2:1.4.7 if libbpf) Provides: /bin/systemctl Provides: /sbin/shutdown Provides: syslog @@ -148,61 +307,156 @@ Obsoletes: system-setup-keyboard < 0.9 Provides: system-setup-keyboard = 0.9 # systemd-sysv-convert was removed in f20: https://fedorahosted.org/fpc/ticket/308 Obsoletes: systemd-sysv < 206 -# self-obsoletes so that dnf will install new subpackages on upgrade (#1260394) -Obsoletes: %{name} < 229-5 Provides: systemd-sysv = 206 Conflicts: initscripts < 9.56.1 %if 0%{?fedora} Conflicts: fedora-release < 23-0.12 %endif +%if 0%{?fedora} >= 41 +BuildRequires: setup >= 2.15.0-3 +BuildRequires: python3 +Conflicts: setup < 2.15.0-3 +Conflicts: selinux-policy-any < 41.3 +%endif + +%if 0%{?fedora} >= 41 || 0%{?rhel} >= 10 +# Make sure that dracut supports systemd-executor and the renames done for v255, +# and dlopen libraries and read-only fs in initrd. +Conflicts: dracut < 060-2 +%elif 0%{?fedora} || %{without upstream} +# Make sure that dracut supports systemd-executor and the renames done for v255. +Conflicts: dracut < 059-16 +%endif + +Conflicts: systemd-standalone-tmpfiles +Provides: systemd-tmpfiles = %{version}-%{release} +Conflicts: systemd-standalone-shutdown +Provides: systemd-shutdown = %{version}-%{release} + +%if "%{_sbindir}" == "%{_bindir}" +# Compat symlinks for Requires in other packages. +# We rely on filesystem to create the symlinks for us. +Requires: filesystem(unmerged-sbin-symlinks) +Provides: /usr/sbin/halt +Provides: /usr/sbin/init +Provides: /usr/sbin/poweroff +Provides: /usr/sbin/reboot +Provides: /usr/sbin/shutdown +%endif + +# libmount is always required, even in containers, so make it a hard dependency. +Requires: libmount.so.1%{?elf_suffix} +Requires: libmount.so.1(MOUNT_2.26)%{?elf_bits} +# Various systemd services have syscall filters so make libseccomp a hard dependency. +Requires: libseccomp.so.2%{?elf_suffix} + +# Recommends to replace normal Requires deps for stuff that is dlopen()ed +Recommends: libxkbcommon.so.0%{?elf_suffix} +Recommends: libidn2.so.0%{?elf_suffix} +Recommends: libidn2.so.0(IDN2_0.0.0)%{?elf_bits} +Recommends: libpcre2-8.so.0%{?elf_suffix} +Recommends: libpwquality.so.1%{?elf_suffix} +Recommends: libpwquality.so.1(LIBPWQUALITY_1.0)%{?elf_bits} +%if 0%{?fedora} +Recommends: libqrencode.so.4%{?elf_suffix} +%endif +Recommends: libbpf.so.1%{?elf_suffix} +Recommends: libbpf.so.1(LIBBPF_0.4.0)%{?elf_bits} + +# used by systemd-coredump and systemd-analyze +Recommends: libdw.so.1%{?elf_suffix} +Recommends: libdw.so.1(ELFUTILS_0.186)%{?elf_bits} +Recommends: libelf.so.1%{?elf_suffix} +Recommends: libelf.so.1(ELFUTILS_1.7)%{?elf_bits} + +# used by dissect, integritysetup, veritysetyp, growfs, repart, cryptenroll, home +Recommends: libcryptsetup.so.12%{?elf_suffix} +Recommends: libcryptsetup.so.12(CRYPTSETUP_2.4)%{?elf_bits} + +# Libkmod is used to load modules. +Recommends: libkmod.so.2%{?elf_suffix} +# kmod_list_next, kmod_load_resources, kmod_module_get_initstate, +# kmod_module_get_module, kmod_module_get_name, kmod_module_new_from_lookup, +# kmod_module_probe_insert_module, kmod_module_unref, kmod_module_unref_list, +# kmod_new, kmod_set_log_fn, kmod_unref, kmod_validate_resources +# are part of LIBKMOD_5. +Recommends: libkmod.so.2(LIBKMOD_5)%{?elf_bits} + +Recommends: libarchive.so.13%{?elf_suffix} %description -systemd is a system and service manager that runs as PID 1 and starts -the rest of the system. It provides aggressive parallelization -capabilities, uses socket and D-Bus activation for starting services, -offers on-demand starting of daemons, keeps track of processes using -Linux control groups, maintains mount and automount points, and -implements an elaborate transactional dependency-based service control -logic. systemd supports SysV and LSB init scripts and works as a +systemd is a system and service manager that runs as PID 1 and starts the rest +of the system. It provides aggressive parallelization capabilities, uses socket +and D-Bus activation for starting services, offers on-demand starting of +daemons, keeps track of processes using Linux control groups, maintains mount +and automount points, and implements an elaborate transactional dependency-based +service control logic. systemd supports SysV and LSB init scripts and works as a replacement for sysvinit. Other parts of this package are a logging daemon, -utilities to control basic system configuration like the hostname, -date, locale, maintain a list of logged-in users and running -containers and virtual machines, system accounts, runtime directories -and settings, and daemons to manage simple network configuration, -network time synchronization, log forwarding, and name resolution. +utilities to control basic system configuration like the hostname, date, locale, +maintain a list of logged-in users, system accounts, runtime directories and +settings, and a logging daemons. +%if 0%{?stable} +This package was built from the %(c=%version; echo "v${c%.*}-stable") branch of systemd. +%endif %package libs Summary: systemd libraries -License: LGPLv2+ and MIT -Obsoletes: libudev < 183 -Obsoletes: systemd < 185-4 -Conflicts: systemd < 185-4 -Obsoletes: systemd-compat-libs < 230 -Obsoletes: nss-myhostname < 0.4 +License: LGPL-2.1-or-later AND MIT Provides: nss-myhostname = 0.4 Provides: nss-myhostname%{_isa} = 0.4 -Requires(post): sed -Requires(post): grep +Conflicts: systemd-shared < %{version}-%{release} %description libs Libraries for systemd and udev. +%package shared +Summary: Internal systemd shared library +License: LGPL-2.1-or-later AND MIT +# in 257.3-6 /usr/lib64/systemd/libsystemd-shared-257.2-14.fc42.so +# was moved from package systemd to systemd-shared. +# Add a conflit to allow downgrades across this change. +Conflicts: systemd < 257.3-6 +Conflicts: systemd-libs < %{version}-%{release} + +%description shared +Internal libraries used by various systemd binaries. + %package pam Summary: systemd PAM module -Requires: %{name} = %{version}-%{release} +Requires: systemd = %{version}-%{release} %description pam Systemd PAM module registers the session with systemd-logind. +%package rpm-macros +Summary: Macros that define paths and scriptlets related to systemd +BuildArch: noarch + +%description rpm-macros +Just the definitions of rpm macros. + +See +https://docs.fedoraproject.org/en-US/packaging-guidelines/Scriptlets/#_systemd +for information how to use those macros. + +%package sysusers +Summary: systemd-sysusers program +Requires: systemd-shared%{_isa} = %{version}-%{release} +Conflicts: systemd-standalone-sysusers +# in 257.3-6 /usr/bin/systemd-sysusers was moved from package systemd +# to systemd-sysusers. Add a conflit to allow downgrades across this change. +Conflicts: systemd < 257.3-6 + +%description sysusers +This package contains the systemd-sysusers program. + %package devel Summary: Development headers for systemd -License: LGPLv2+ and MIT -Requires: %{name}-libs%{?_isa} = %{version}-%{release} +License: LGPL-2.1-or-later AND MIT +Requires: systemd-libs%{_isa} = %{version}-%{release} +Requires(meta): (systemd-rpm-macros = %{version}-%{release} if rpm-build) Provides: libudev-devel = %{version} Provides: libudev-devel%{_isa} = %{version} -Obsoletes: libudev-devel < 183 -# Fake dependency to make sure systemd-pam is pulled into multilib (#1414153) -Requires: %{name}-pam = %{version}-%{release} %description devel Development headers and auxiliary files for developing applications linking @@ -210,182 +464,555 @@ to libudev or libsystemd. %package udev Summary: Rule-based device node and kernel event manager -Requires: %{name}%{?_isa} = %{version}-%{release} -Requires(post): systemd -Requires(preun): systemd -Requires(postun): systemd +License: LGPL-2.1-or-later + +Requires: systemd%{_isa} = %{version}-%{release} +Requires(post): systemd%{_isa} = %{version}-%{release} +Requires(preun): systemd%{_isa} = %{version}-%{release} +Requires(postun): systemd%{_isa} = %{version}-%{release} Requires(post): grep Requires: kmod >= 18-4 -# obsolete parent package so that dnf will install new subpackage on upgrade (#1260394) -Obsoletes: %{name} < 229-5 Provides: udev = %{version} Provides: udev%{_isa} = %{version} -Obsoletes: udev < 183 +%if 0%{?fedora} || 0%{?rhel} >= 10 +Requires: (grubby > 8.40-72 if grubby) +%endif +%if 0%{?fedora} +Requires: (sdubby > 1.0-3 if sdubby) +%endif +# A backport of systemd-timesyncd is shipped as a separate package in EPEL so +# let's make sure we properly handle that. +%if 0%{?rhel} +Conflicts: systemd-timesyncd < %{version}-%{release} +Obsoletes: systemd-timesyncd < %{version}-%{release} +Provides: systemd-timesyncd = %{version}-%{release} +%endif +Conflicts: systemd-networkd < %{version}-%{release} + +# Libkmod is used to load modules. Assume that if we need udevd, we certainly +# want to load modules, so make this into a hard dependency here. +Requires: libkmod.so.2%{?elf_suffix} +Requires: libkmod.so.2(LIBKMOD_5)%{?elf_bits} +# udev uses libblkid in various builtins so make it a hard dependency. +Requires: libblkid.so.1%{?elf_suffix} +Requires: libblkid.so.1(BLKID_2.30)%{?elf_bits} + +# Recommends to replace normal Requires deps for stuff that is dlopen()ed +# used by dissect, integritysetup, veritysetyp, growfs, repart, cryptenroll, home +Recommends: libcryptsetup.so.12%{?elf_suffix} +Recommends: libcryptsetup.so.12(CRYPTSETUP_2.4)%{?elf_bits} + +# used by systemd-coredump and systemd-analyze +Recommends: libdw.so.1%{?elf_suffix} +Recommends: libdw.so.1(ELFUTILS_0.186)%{?elf_bits} +Recommends: libelf.so.1%{?elf_suffix} +Recommends: libelf.so.1(ELFUTILS_1.7)%{?elf_bits} + +# used by home, cryptsetup, cryptenroll, logind +Recommends: libfido2.so.1%{?elf_suffix} +Recommends: libp11-kit.so.0%{?elf_suffix} +Recommends: libtss2-esys.so.0%{?elf_suffix} +Recommends: libtss2-mu.so.0%{?elf_suffix} +Recommends: libtss2-rc.so.0%{?elf_suffix} + # https://bugzilla.redhat.com/show_bug.cgi?id=1377733#c9 -Recommends: systemd-bootchart +Suggests: systemd-bootchart # https://bugzilla.redhat.com/show_bug.cgi?id=1408878 -Recommends: kbd -License: LGPLv2+ +Requires: kbd + +# https://bugzilla.redhat.com/show_bug.cgi?id=1753381 +Provides: u2f-hidraw-policy = 1.0.2-40 +Obsoletes: u2f-hidraw-policy < 1.0.2-40 + +Conflicts: systemd-standalone-repart +Provides: systemd-repart = %{version}-%{release} + +# Newer versions of those are required to support X11 keycode remapping +Conflicts: xorg-x11-drv-evdev < 2.11.0 +Conflicts: xorg-x11-drv-libinput < 1.5.0 + +%if "%{_sbindir}" == "%{_bindir}" +# Compat symlinks for Requires in other packages. +# We rely on filesystem to create the symlinks for us. +Requires: filesystem(unmerged-sbin-symlinks) +Provides: /usr/sbin/udevadm +%endif %description udev -This package contains systemd-udev and the rules and hardware database -needed to manage device nodes. This package is necessary on physical -machines and in virtual machines, but not in containers. +This package contains systemd-udev and the rules and hardware database needed to +manage device nodes. This package is necessary on physical machines and in +virtual machines, but not in containers. + +This package also provides systemd-timesyncd, a network time protocol daemon. + +It also contains tools to manage encrypted home areas and secrets bound to the +machine, and to create or grow partitions and make file systems automatically. + +%package ukify +Summary: Tool to build Unified Kernel Images +Requires: systemd = %{noarch_requires_version} + +Requires: (systemd-boot if %{shrink:( + filesystem(x86-32) or + filesystem(x86-64) or + filesystem(aarch64) or + filesystem(riscv64) +)}) +Requires: python3dist(pefile) +Requires: python3dist(zstandard) +Requires: python3dist(cryptography) +%if 0%{?fedora} +Recommends: python3dist(pillow) +%endif + +# for tests +%ifarch riscv64 +# 2.42 received support for riscv64 + efi targets +%global binutils_version_req >= 2.42 +%endif +BuildRequires: binutils %{?binutils_version_req} + +BuildArch: noarch + +%description ukify +This package provides ukify, a script that combines a kernel image, an initrd, +with a command line, and possibly PCR measurements and other metadata, into a +Unified Kernel Image (UKI). + +%if 0%{?want_bootloader} +%if %{without obs} +%package boot-unsigned +Summary: UEFI boot manager (unsigned version) + +Provides: systemd-boot-unsigned-%{efi_arch} = %version-%release +Provides: systemd-boot = %version-%release +Provides: systemd-boot%{_isa} = %version-%release +# A provides with just the version, no release or dist, used to build systemd-boot +Provides: version(systemd-boot-unsigned) = %version +Provides: version(systemd-boot-unsigned)%{_isa} = %version + +%description boot-unsigned +systemd-boot (short: sd-boot) is a simple UEFI boot manager. It provides a +graphical menu to select the entry to boot and an editor for the kernel command +line. systemd-boot supports systems with UEFI firmware only. + +This package contains the unsigned version. Install systemd-boot instead to get +the version that works with Secure Boot. +%else +%package boot +Summary: UEFI boot manager (signed version) + +Provides: systemd-boot-signed-%{efi_arch} = %version-%release +Provides: systemd-boot = %version-%release +Provides: systemd-boot%{_isa} = %version-%release +# A provides with just the version, no release or dist, used to build systemd-boot +Provides: version(systemd-boot-signed) = %version +Provides: version(systemd-boot-signed)%{_isa} = %version + +%description boot +systemd-boot (short: sd-boot) is a simple UEFI boot manager. It provides a +graphical menu to select the entry to boot and an editor for the kernel command +line. systemd-boot supports systems with UEFI firmware only. + +This package contains the signed version. +%endif +%endif %package container # Name is the same as in Debian Summary: Tools for containers and VMs -Requires: %{name}%{?_isa} = %{version}-%{release} -Requires(post): systemd -Requires(preun): systemd -Requires(postun): systemd -# obsolete parent package so that dnf will install new subpackage on upgrade (#1260394) -Obsoletes: %{name} < 229-5 -License: LGPLv2+ +Requires: systemd%{_isa} = %{version}-%{release} +Requires(post): systemd%{_isa} = %{version}-%{release} +Requires(preun): systemd%{_isa} = %{version}-%{release} +Requires(postun): systemd%{_isa} = %{version}-%{release} +# For systemd-vmspawn which uses qemu: +Recommends: qemu-kvm-core +%if 0%{?fedora} +Recommends: qemu-device-display-virtio-gpu +Recommends: qemu-device-display-virtio-vga +%endif +# Bias the system towards libcurl-minimal if nothing pulls in full libcurl (#1997040) +Suggests: libcurl-minimal +License: LGPL-2.1-or-later %description container Systemd tools to spawn and manage containers and virtual machines. -This package contains systemd-nspawn, machinectl, systemd-machined, -and systemd-importd. +This package contains systemd-nspawn, systemd-vmspawn, machinectl, +systemd-machined, and systemd-importd. %package journal-remote # Name is the same as in Debian Summary: Tools to send journal events over the network -Requires: %{name}%{?_isa} = %{version}-%{release} -License: LGPLv2+ -Requires(pre): /usr/bin/getent -Requires(post): systemd -Requires(preun): systemd -Requires(postun): systemd +Requires: systemd%{_isa} = %{version}-%{release} +License: LGPL-2.1-or-later Requires: firewalld-filesystem -Provides: %{name}-journal-gateway = %{version}-%{release} -Provides: %{name}-journal-gateway%{_isa} = %{version}-%{release} -Obsoletes: %{name}-journal-gateway < 227-7 +Provides: systemd-journal-gateway = %{version}-%{release} +Provides: systemd-journal-gateway%{_isa} = %{version}-%{release} +# Bias the system towards libcurl-minimal if nothing pulls in full libcurl (#1997040) +Suggests: libcurl-minimal %description journal-remote -Programs to forward journal entries over the network, using encrypted HTTP, -and to write journal files from serialized journal contents. +Programs to forward journal entries over the network, using encrypted HTTP, and +to write journal files from serialized journal contents. -This package contains systemd-journal-gatewayd, -systemd-journal-remote, and systemd-journal-upload. +This package contains systemd-journal-gatewayd, systemd-journal-remote, and +systemd-journal-upload. + +%package networkd +Summary: System daemon that manages network configurations +Requires: systemd%{_isa} = %{version}-%{release} +%{?fedora:Recommends: systemd-udev = %{version}-%{release}} +Conflicts: systemd-udev < %{version}-%{release} +License: LGPL-2.1-or-later + +%description networkd +systemd-networkd is a system service that manages networks. It detects and +configures network devices as they appear, as well as creating virtual network +devices. + +%package networkd-defaults +Summary: Configure network interfaces with networkd by default +Requires: systemd-networkd = %{noarch_requires_version} +License: MIT-0 +BuildArch: noarch + +%description networkd-defaults +This package contains a set of config files for systemd-networkd that cause it +to configure network interfaces by default. Note that systemd-networkd needs to +enabled for this to have any effect. + +%package resolved +Summary: Network Name Resolution manager +Requires: systemd%{_isa} = %{version}-%{release} +Requires: libidn2.so.0%{?elf_suffix} +Requires: libidn2.so.0(IDN2_0.0.0)%{?elf_bits} +Requires(posttrans): grep + +%description resolved +systemd-resolved is a system service that provides network name resolution to +local applications. It implements a caching and validating DNS/DNSSEC stub +resolver, as well as an LLMNR and MulticastDNS resolver and responder. + +%package oomd-defaults +Summary: Configuration files for systemd-oomd +Requires: systemd-udev = %{noarch_requires_version} +License: LGPL-2.1-or-later +BuildArch: noarch + +%description oomd-defaults +A set of drop-in files for systemd units to enable action from systemd-oomd, +a userspace out-of-memory (OOM) killer. %package tests Summary: Internal unit tests for systemd -Requires: %{name}%{?_isa} = %{version}-%{release} -License: LGPLv2+ +Requires: systemd%{_isa} = %{version}-%{release} +# This dependency is provided transitively. Also add it explicitly to +# appease rpminspect, https://github.com/rpminspect/rpminspect/issues/1231: +Requires: systemd-libs%{_isa} = %{version}-%{release} +Requires: python3dist(psutil) + +License: LGPL-2.1-or-later %description tests -"Installed tests" that are usually run as part of the build system. -They can be useful to test systemd internals. +Systemd unit tests used to test the internal implementation after a build. +Different binaries test different parts of the codebase. + +%package standalone-repart +Summary: Standalone systemd-repart binary for use on systems without systemd +Provides: systemd-repart = %{version}-%{release} +Conflicts: systemd-udev +Suggests: coreutils-single +RemovePathPostfixes: .standalone + +%description standalone-repart +Standalone systemd-repart binary with no dependencies on the systemd-shared +library or other libraries from systemd-libs. This package conflicts with the +main systemd package and is meant for use on systems without systemd. + +%package standalone-tmpfiles +Summary: Standalone systemd-tmpfiles binary for use on systems without systemd +Provides: systemd-tmpfiles = %{version}-%{release} +Conflicts: systemd +Suggests: coreutils-single +RemovePathPostfixes: .standalone + +%description standalone-tmpfiles +Standalone systemd-tmpfiles binary with no dependencies on the systemd-shared +library or other libraries from systemd-libs. This package conflicts with the +main systemd package and is meant for use on systems without systemd. + +%package standalone-sysusers +Summary: Standalone systemd-sysusers binary for use on systems without systemd +Provides: systemd-sysusers = %{version}-%{release} +Suggests: coreutils-single +RemovePathPostfixes: .standalone + +%description standalone-sysusers +Standalone systemd-sysusers binary with no dependencies on the systemd-shared +library or other libraries from systemd-libs. This package conflicts with the +main systemd package and is meant for use on systems without systemd. + +%package standalone-shutdown +Summary: Standalone systemd-shutdown binary for use in exitrds +Provides: systemd-shutdown = %{version}-%{release} +Conflicts: systemd +Suggests: coreutils-single +RemovePathPostfixes: .standalone + +%description standalone-shutdown +Standalone systemd-shutdown binary with no dependencies on the systemd-shared +library or other libraries from systemd-libs. This package conflicts with the +main systemd package and is meant for use in exitrds. %prep -%setup -q %{?gitcommit:-n %{name}-%{gitcommit}} - -%if %{num_patches} - git init - git config user.email "systemd-maint@redhat.com" - git config user.name "Fedora systemd team" - git add . - git commit -a -q -m "%{version} baseline." - - # Apply all the patches. - git am %{patches} +%if %{with obs} +# Recipe files in the OBS build are in a distro-specific dir, as they conflict (e.g. with SUSE ones) +mv %{_sourcedir}/%{name}.fedora/* %{_sourcedir} %endif -# Restore systemd-user pam config from before "removal of Fedora-specific bits" -cp -p %{SOURCE12} src/login/ +# Automatically figure out the name of the top-level directory. +# TODO: Use %%autosetup -C once we can depend on rpm >= 4.20. +%if %{undefined _build_in_place} +%autosetup -n %(tar -tf %{SOURCE0} 2>/dev/null | head -n1) -p1 +%endif + +# Disable user lockdown until rpm implements it natively. +# https://github.com/rpm-software-management/rpm/issues/3450 +sed -r -i 's/^u!/u/' sysusers.d/*.conf* %build -%define ntpvendor %(source /etc/os-release; echo ${ID}) +%global ntpvendor %(source /etc/os-release; echo ${ID}) %{!?ntpvendor: echo 'NTP vendor zone is not set!'; exit 1} +VMLINUX_H_PATH='' + +%if 0%{?have_bpf} + +%global find_vmlinux_h %{expand: +import functools, glob, subprocess +def cmp(a, b): + c = subprocess.call(["rpmdev-vercmp", a, b], stdout=subprocess.DEVNULL) + return {0:0, 11:+1, 12:-1}[c] +choices = list(glob.glob("/usr/src/kernels/*/vmlinux.h")) +assert choices +print(max(choices, key=functools.cmp_to_key(cmp))) +} + +# The build fails on ppc64le with +# "GCC error "Must specify a BPF target arch via __TARGET_ARCH_xxx". +# TODO: Remove this when libbpf checks for __powerpc64__ macro. +%ifnarch ppc64le +VMLINUX_H_PATH=$(%python3 -c '%find_vmlinux_h') +%endif +%endif + CONFIGURE_OPTS=( + -Dmode=release + -Dslow-tests=true -Dsysvinit-path=/etc/rc.d/init.d -Drc-local=/etc/rc.d/rc.local -Dntp-servers='0.%{ntpvendor}.pool.ntp.org 1.%{ntpvendor}.pool.ntp.org 2.%{ntpvendor}.pool.ntp.org 3.%{ntpvendor}.pool.ntp.org' + -Ddns-servers= + -Dservice-watchdog= -Ddev-kvm-mode=0666 - -Dkmod=true - -Dxkbcommon=true - -Dblkid=true - -Dseccomp=true + -Dkmod=enabled + -Dxkbcommon=enabled + -Dblkid=enabled + -Dfdisk=enabled + -Dseccomp=enabled -Dima=true - -Dselinux=true - -Dapparmor=false - -Dpolkit=true - -Dxz=true - -Dzlib=true - -Dbzip2=true - -Dlz4=true - -Dpam=true - -Dacl=true + -Dselinux=enabled + -Dbpf-framework=%[0%{?have_bpf}?"enabled":"disabled"] + -Dvmlinux-h=%[0%{?have_bpf}?"auto":"disabled"] + -Dvmlinux-h-path="$VMLINUX_H_PATH" + -Dapparmor=disabled + -Dpolkit=enabled + -Dxz=%[%{with xz}?"enabled":"disabled"] + -Dzlib=%[%{with zlib}?"enabled":"disabled"] + -Dbzip2=%[%{with bzip2}?"enabled":"disabled"] + -Dlz4=%[%{with lz4}?"enabled":"disabled"] + -Dzstd=%[%{with zstd}?"enabled":"disabled"] + -Dpam=enabled + -Dacl=enabled -Dsmack=true - -Dgcrypt=true - -Daudit=true - -Delfutils=true - -Dlibcryptsetup=true - -Delfutils=true - -Dqrencode=true - -Dgnutls=true - -Dmicrohttpd=true - -Dlibidn=true - -Dlibiptc=true - -Dlibcurl=true + -Dopenssl=enabled + -Dp11kit=enabled + -Dgcrypt=disabled + -Daudit=enabled + -Delfutils=enabled + -Dlibcryptsetup=%[%{with bootstrap}?"disabled":"enabled"] + -Delfutils=enabled + -Drepart=enabled + -Dpwquality=enabled + -Dqrencode=%[%{defined rhel}?"disabled":"enabled"] + -Dgnutls=%[%{with gnutls}?"enabled":"disabled"] + -Dmicrohttpd=enabled + -Dvmspawn=enabled + -Dlibidn2=enabled + -Dlibiptc=disabled + -Dlibcurl=enabled + -Dlibfido2=enabled + -Dxenctrl=%[0%{?have_xen}?"enabled":"disabled"] -Defi=true - -Dgnu-efi=%{?have_gnu_efi:true}%{?!have_gnu_efi:false} + -Dsysupdate=enabled + -Dsysupdated=enabled -Dtpm=true + -Dtpm2=enabled -Dhwdb=true -Dsysusers=true + -Dstandalone-binaries=true -Ddefault-kill-user-processes=false + -Dfirst-boot-full-preset=true + -Ddefault-network=true -Dtests=unsafe -Dinstall-tests=true - -Db_lto=true + -Dnobody-user=nobody + -Dnobody-group=nobody + -Dcompat-mutable-uid-boundaries=true + -Dsplit-bin=true + -Db_ndebug=false + -Dman=%[%{with docs}?"enabled":"disabled"] + -Dversion-tag=%{version}%[%{without upstream}?"-%{release}":""] + # https://bugzilla.redhat.com/show_bug.cgi?id=1906010 + -Dshared-lib-tag=%{version_no_tilde}%[%{without upstream}?"-%{release}":""] + -Dlink-executor-shared=false + -Dfallback-hostname="localhost" + -Ddefault-dnssec=no + -Ddefault-dns-over-tls=no + # https://bugzilla.redhat.com/show_bug.cgi?id=1867830 + -Ddefault-mdns=no + -Ddefault-llmnr=resolve + # https://bugzilla.redhat.com/show_bug.cgi?id=2028169 + -Dstatus-unit-format-default=combined +%if 0%{?fedora} + # https://fedoraproject.org/wiki/Changes/Shorter_Shutdown_Timer + -Ddefault-timeout-sec=45 + -Ddefault-user-timeout-sec=45 +%endif + -Dconfigfiledir=/usr/lib + -Doomd=true + + -Dadm-gid=4 + -Dtty-gid=5 + -Ddisk-gid=6 + -Dlp-gid=7 + -Dkmem-gid=9 + -Dwheel-gid=10 + -Dcdrom-gid=11 + -Ddialout-gid=18 + -Dutmp-gid=22 + -Dtape-gid=33 + -Dkvm-gid=36 + -Dvideo-gid=39 + -Daudio-gid=63 + -Dusers-gid=100 + -Dinput-gid=104 + -Drender-gid=105 + -Dsgx-gid=106 + -Dsystemd-journal-gid=190 + -Dsystemd-network-uid=192 + -Dsystemd-resolve-uid=193 + # -Dsystemd-timesync-uid=, not set yet + + # Make sure we use the original paths to maintain compatibility + # with unmerged systems + -Dquotaon-path=/usr/sbin/quotaon + -Dquotacheck-path=/usr/sbin/quotacheck + -Dkmod-path=/usr/bin/kmod + -Dkexec-path=/usr/sbin/kexec + -Dsulogin-path=/usr/sbin/sulogin + -Dmount-path=/usr/bin/mount + -Dumount-path=/usr/bin/umount + -Dloadkeys-path=/usr/bin/loadkeys + -Dsetfont-path=/usr/bin/setfont + -Dnologin-path=/usr/sbin/nologin + + # For now, let's build the bootloader in the same places where we + # built with gnu-efi. Later on, we might want to extend coverage, but + # considering that that support is untested, let's not do this now. + -Dbootloader=%[%{?want_bootloader}?"enabled":"disabled"] + -Dukify=enabled +%if 0%{?want_bootloader} && %{with obs} + -Dsbat-distro-url=https://github.com/systemd/systemd + -Dsbat-distro=upstream + -Dsbat-distro-summary='Upstream build from git' +%endif ) -%meson "${CONFIGURE_OPTS[@]}" +%if %{without lto} +%global _lto_cflags %nil +%endif + +{ %meson "${CONFIGURE_OPTS[@]}" %{?meson_extra_configure_options} ; } + %meson_build +# If dynamic spec generation is available, directly pick up the triggers +# from the build directory for upstream builds. +%if %{with upstream} && (0%{?fedora} >= 41 || 0%{?rhel} >= 11) +# Include the triggers +cp %{_vpath_builddir}/src/rpm/triggers.systemd.sh %{specpartsdir}/triggers.specpart +%else +new_triggers=%{_vpath_builddir}/src/rpm/triggers.systemd.sh +if ! diff -u %{SOURCE1} ${new_triggers}; then + echo -e "\n\n\nWARNING: triggers.systemd in Source1 is different!" + echo -e " cp $PWD/${new_triggers} %{SOURCE1}\n\n\n" + sleep 5 +fi +%endif + +sed -r 's|/system/|/user/|g' %{SOURCE16} >10-timeout-abort.conf.user + %install %meson_install # udev links +%if "%{_sbindir}" != "%{_bindir}" mkdir -p %{buildroot}/%{_sbindir} ln -sf ../bin/udevadm %{buildroot}%{_sbindir}/udevadm - -# Create SysV compatibility symlinks. systemctl/systemd are smart -# enough to detect in which way they are called. -ln -s ../lib/systemd/systemd %{buildroot}%{_sbindir}/init -ln -s ../bin/systemctl %{buildroot}%{_sbindir}/reboot -ln -s ../bin/systemctl %{buildroot}%{_sbindir}/halt -ln -s ../bin/systemctl %{buildroot}%{_sbindir}/poweroff -ln -s ../bin/systemctl %{buildroot}%{_sbindir}/shutdown -ln -s ../bin/systemctl %{buildroot}%{_sbindir}/telinit -ln -s ../bin/systemctl %{buildroot}%{_sbindir}/runlevel +%endif # Compatiblity and documentation files touch %{buildroot}/etc/crypttab chmod 600 %{buildroot}/etc/crypttab +# Config files that were moved under /usr. +# We need to %ghost them so that they are not removed on upgrades. +touch %{buildroot}/etc/systemd/coredump.conf \ + %{buildroot}/etc/systemd/homed.conf \ + %{buildroot}/etc/systemd/journald.conf \ + %{buildroot}/etc/systemd/journal-remote.conf \ + %{buildroot}/etc/systemd/journal-upload.conf \ + %{buildroot}/etc/systemd/logind.conf \ + %{buildroot}/etc/systemd/networkd.conf \ + %{buildroot}/etc/systemd/oomd.conf \ + %{buildroot}/etc/systemd/pstore.conf \ + %{buildroot}/etc/systemd/resolved.conf \ + %{buildroot}/etc/systemd/sleep.conf \ + %{buildroot}/etc/systemd/system.conf \ + %{buildroot}/etc/systemd/timesyncd.conf \ + %{buildroot}/etc/systemd/user.conf \ + %{buildroot}/etc/udev/udev.conf \ + %{buildroot}/etc/udev/iocost.conf + # /etc/initab -install -Dm0644 -t %{buildroot}/etc/ %{SOURCE5} +install -Dm0644 -t %{buildroot}/etc/ %{SOURCE6} # /etc/sysctl.conf compat -install -Dm0644 %{SOURCE6} %{buildroot}/etc/sysctl.conf +install -Dm0644 %{SOURCE7} %{buildroot}/etc/sysctl.conf ln -s ../sysctl.conf %{buildroot}/etc/sysctl.d/99-sysctl.conf -# We create all wants links manually at installation time to make sure -# they are not owned and hence overriden by rpm after the user deleted -# them. -rm -r %{buildroot}%{_sysconfdir}/systemd/system/*.target.wants - # Make sure these directories are properly owned mkdir -p %{buildroot}%{system_unit_dir}/basic.target.wants mkdir -p %{buildroot}%{system_unit_dir}/default.target.wants mkdir -p %{buildroot}%{system_unit_dir}/dbus.target.wants mkdir -p %{buildroot}%{system_unit_dir}/syslog.target.wants -mkdir -p %{buildroot}%{_localstatedir}/run +mkdir -p %{buildroot}/run mkdir -p %{buildroot}%{_localstatedir}/log -touch %{buildroot}%{_localstatedir}/run/utmp +touch %{buildroot}%{_localstatedir}/log/lastlog +chmod 0664 %{buildroot}%{_localstatedir}/log/lastlog +touch %{buildroot}/run/utmp touch %{buildroot}%{_localstatedir}/log/{w,b}tmp # Make sure the user generators dir exists too @@ -401,6 +1028,7 @@ touch %{buildroot}%{_sysconfdir}/machine-info touch %{buildroot}%{_sysconfdir}/localtime mkdir -p %{buildroot}%{_sysconfdir}/X11/xorg.conf.d touch %{buildroot}%{_sysconfdir}/X11/xorg.conf.d/00-keyboard.conf +install -d -m 0700 %{buildroot}%{_sysconfdir}/userdb # Make sure the shutdown/sleep drop-in dirs exist mkdir -p %{buildroot}%{pkgdir}/system-shutdown/ @@ -411,2180 +1039,543 @@ mkdir -p %{buildroot}%{_localstatedir}/lib/systemd/coredump mkdir -p %{buildroot}%{_localstatedir}/lib/systemd/catalog mkdir -p %{buildroot}%{_localstatedir}/lib/systemd/backlight mkdir -p %{buildroot}%{_localstatedir}/lib/systemd/rfkill -mkdir -p %{buildroot}%{_localstatedir}/lib/systemd/journal-upload mkdir -p %{buildroot}%{_localstatedir}/lib/systemd/linger +mkdir -p %{buildroot}%{_localstatedir}/lib/private +mkdir -p %{buildroot}%{_localstatedir}/log/private +mkdir -p %{buildroot}%{_localstatedir}/cache/private +mkdir -p %{buildroot}%{_localstatedir}/lib/private/systemd/journal-upload +mkdir -p %{buildroot}%{_localstatedir}/lib/systemd/timesync +ln -s ../private/systemd/journal-upload %{buildroot}%{_localstatedir}/lib/systemd/journal-upload mkdir -p %{buildroot}%{_localstatedir}/log/journal touch %{buildroot}%{_localstatedir}/lib/systemd/catalog/database touch %{buildroot}%{_sysconfdir}/udev/hwdb.bin touch %{buildroot}%{_localstatedir}/lib/systemd/random-seed -touch %{buildroot}%{_localstatedir}/lib/systemd/clock +touch %{buildroot}%{_localstatedir}/lib/systemd/timesync/clock +touch %{buildroot}%{_localstatedir}/lib/private/systemd/journal-upload/state -# Install yum protection fragment -install -Dm0644 %{SOURCE4} %{buildroot}%{_sysconfdir}/yum/protected.d/systemd.conf +# Install yum protection config. Old location in /etc. +mkdir -p %{buildroot}/etc/dnf/protected.d/ +cat >%{buildroot}/etc/dnf/protected.d/systemd.conf <%{buildroot}/usr/share/dnf5/libdnf.conf.d/protect-systemd.conf <= 42 +install -m 0644 -D %{SOURCE21} %{buildroot}%{_rpmconfigdir}/macros.d/macros.sysusers +%else +install -m 0644 -D %{SOURCE20} %{buildroot}%{_rpmconfigdir}/macros.d/macros.sysusers +# Use rpm's own sysusers provides where available +%if ! (0%{?fedora} >= 39 || 0%{?rhel} >= 10) +install -m 0644 -D -t %{buildroot}%{_rpmconfigdir}/fileattrs/ %{SOURCE22} +install -m 0755 -D -t %{buildroot}%{_rpmconfigdir}/ %{SOURCE23} +%endif +install -m 0755 -D -t %{buildroot}%{_rpmconfigdir}/ %{SOURCE24} +%endif + +# https://bugzilla.redhat.com/show_bug.cgi?id=2107754 +install -Dm0644 -t %{buildroot}%{_prefix}/lib/systemd/network/ %{SOURCE25} + +%if 0%{?fedora} || 0%{?rhel} >= 10 +ln -s --relative %{buildroot}%{_bindir}/kernel-install %{buildroot}%{_sbindir}/installkernel +%endif + +%if "%{_sbindir}" == "%{_bindir}" +# Systemd has the split-sbin option which is also used to select the directory +# for alias symlinks. We need to keep split-sbin=true for now, to support +# unmerged systems. Move the symlinks here instead. +mv -v %{buildroot}/usr/sbin/* %{buildroot}%{_bindir}/ +%endif + +%if 0%{?fedora} >= 41 +%if %{without upstream} +# This requires https://pagure.io/setup/pull-request/50 +# and https://src.fedoraproject.org/rpms/setup/pull-request/10. +# We skip this on upstream builds so that new users and groups +# can be added without breaking the build. +%if 0%{?fedora} >= 43 +IGNORED=empower \ + %{python3} %{SOURCE4} /usr/lib/sysusers.d/setup.conf %{buildroot}/usr/lib/sysusers.d/basic.conf +%else +%{python3} %{SOURCE4} /usr/lib/sysusers.d/20-setup-{users,groups}.conf %{buildroot}/usr/lib/sysusers.d/basic.conf +%endif +%endif +sed -n -r -i '1,7p; /can .do.|empower/p' %{buildroot}/usr/lib/sysusers.d/basic.conf +%endif + +# Disable sshd_config.d/20-systemd-userdb.conf for now. +# This option may override an existing AuthorizedKeysCommand setting +# (or be ineffective, depending on the order of configuration). +# See https://github.com/systemd/systemd/issues/33648. +rm %{buildroot}/etc/ssh/sshd_config.d/20-systemd-userdb.conf +mv %{buildroot}/usr/lib/tmpfiles.d/20-systemd-userdb.conf{,.example} + +install -m 0644 -t %{buildroot}%{_prefix}/lib/pam.d/ %{SOURCE26} %find_lang %{name} +# Split files in build root into rpms +python3 %{SOURCE2} %buildroot %{!?want_bootloader:--no-bootloader} + +# Stage sd-boot binaries for signing +%if %{with obs} && 0%{?want_bootloader} +BRP_PESIGN_FILES=/usr/lib/systemd/boot/efi/systemd-boot%{efi_arch}.efi BRP_PESIGN_PACKAGES=systemd-boot /usr/lib/rpm/brp-suse.d/brp-99-pesign +%endif + %check -%meson_test +%if %{with tests} +meson test -C %{_vpath_builddir} -t 6 --print-errorlogs +%endif + +%if %{with lto} +# Make sure that LTO is effective at removing unused code. When compiled +# without LTO, we end up with all of libbasic_static.a in libsystemd.so. +# For example, all the configuration stuff is not needed for libsystemd.so. +# Make sure it is gone. +(! strings %{buildroot}%{_libdir}/libsystemd.so | grep Config) +%endif ############################################################################################# +%if %{without upstream} || (0%{?fedora} < 41 && 0%{?rhel} < 11) %include %{SOURCE1} +%endif -%pre -getent group cdrom &>/dev/null || groupadd -r -g 11 cdrom &>/dev/null || : -getent group utmp &>/dev/null || groupadd -r -g 22 utmp &>/dev/null || : -getent group tape &>/dev/null || groupadd -r -g 33 tape &>/dev/null || : -getent group dialout &>/dev/null || groupadd -r -g 18 dialout &>/dev/null || : -getent group input &>/dev/null || groupadd -r input &>/dev/null || : -getent group kvm &>/dev/null || groupadd -r -g 36 kvm &>/dev/null || : -getent group systemd-journal &>/dev/null || groupadd -r -g 190 systemd-journal 2>&1 || : - -getent group systemd-coredump &>/dev/null || groupadd -r systemd-coredump 2>&1 || : -getent passwd systemd-coredump &>/dev/null || useradd -r -l -g systemd-coredump -d / -s /sbin/nologin -c "systemd Core Dumper" systemd-coredump &>/dev/null || : - -getent group systemd-timesync &>/dev/null || groupadd -r systemd-timesync 2>&1 || : -getent passwd systemd-timesync &>/dev/null || useradd -r -l -g systemd-timesync -d / -s /sbin/nologin -c "systemd Time Synchronization" systemd-timesync &>/dev/null || : - -getent group systemd-network &>/dev/null || groupadd -r -g 192 systemd-network 2>&1 || : -getent passwd systemd-network &>/dev/null || useradd -r -u 192 -l -g systemd-network -d / -s /sbin/nologin -c "systemd Network Management" systemd-network &>/dev/null || : - -getent group systemd-resolve &>/dev/null || groupadd -r -g 193 systemd-resolve 2>&1 || : -getent passwd systemd-resolve &>/dev/null || useradd -r -u 193 -l -g systemd-resolve -d / -s /sbin/nologin -c "systemd Resolver" systemd-resolve &>/dev/null || : +# This macro is newly added upstream so we can't rely on it being always being available +# in the systemd-rpm-macros yet so we define it ourselves. +%global systemd_posttrans_with_restart() \ +%{expand:%%{?__systemd_someargs_%#:%%__systemd_someargs_%# systemd_posttrans_with_restart}} \ +if [ $1 -ge 2 ] && [ -x "/usr/lib/systemd/systemd-update-helper" ]; then \ + # Package upgrade, not install \ + /usr/lib/systemd/systemd-update-helper mark-restart-system-units %* || : \ +fi \ +%{nil} %post systemd-machine-id-setup &>/dev/null || : -systemctl daemon-reexec &>/dev/null || : -journalctl --update-catalog &>/dev/null || : + +[ $1 -eq 1 ] || exit 0 + +# create /var/log/journal only on initial installation, +# and only if it's writable (it won't be in rpm-ostree). +[ -w %{_localstatedir} ] && mkdir -p %{_localstatedir}/log/journal + +[ -w %{_localstatedir} ] && journalctl --update-catalog || : +systemd-sysusers || : systemd-tmpfiles --create &>/dev/null || : -if [ $1 -eq 1 ] ; then - # create /var/log/journal only on initial installation - mkdir -p %{_localstatedir}/log/journal +# We reset the enablement of all services upon initial installation +# https://bugzilla.redhat.com/show_bug.cgi?id=1118740#c23 +# This will fix up enablement of any preset services that got installed +# before systemd due to rpm ordering problems: +# https://bugzilla.redhat.com/show_bug.cgi?id=1647172. +# We also do this for user units, see +# https://fedoraproject.org/wiki/Changes/Systemd_presets_for_user_units. +systemctl preset-all &>/dev/null || : +systemctl --global preset-all &>/dev/null || : + +%posttrans +if [ $1 -ge 2 ]; then + [ -w %{_localstatedir} ] && journalctl --update-catalog || : + + systemctl daemon-reexec || : + + systemd-tmpfiles --create &>/dev/null || : fi -# Make sure new journal files will be owned by the "systemd-journal" group -chgrp systemd-journal /run/log/journal/ /run/log/journal/`cat /etc/machine-id 2>/dev/null` /var/log/journal/ /var/log/journal/`cat /etc/machine-id 2>/dev/null` &>/dev/null || : -chmod g+s /run/log/journal/ /run/log/journal/`cat /etc/machine-id 2>/dev/null` /var/log/journal/ /var/log/journal/`cat /etc/machine-id 2>/dev/null` &>/dev/null || : +%systemd_posttrans_with_restart systemd-timedated.service systemd-hostnamed.service systemd-journald.service systemd-localed.service systemd-userdbd.service -# Apply ACL to the journal directory -setfacl -Rnm g:wheel:rx,d:g:wheel:rx,g:adm:rx,d:g:adm:rx /var/log/journal/ &>/dev/null || : +# FIXME: systemd-logind.service is excluded (https://github.com/systemd/systemd/pull/17558) -# Stop-gap until rsyslog.rpm does this on its own. (This is supposed -# to fail when the link already exists) -ln -s /usr/lib/systemd/system/rsyslog.service /etc/systemd/system/syslog.service &>/dev/null || : - -# Remove spurious /etc/fstab entries from very old installations -# https://bugzilla.redhat.com/show_bug.cgi?id=1009023 -if [ -e /etc/fstab ]; then - grep -v -E -q '^(devpts|tmpfs|sysfs|proc)' /etc/fstab || \ - sed -i.rpm.bak -r '/^devpts\s+\/dev\/pts\s+devpts\s+defaults\s+/d; /^tmpfs\s+\/dev\/shm\s+tmpfs\s+defaults\s+/d; /^sysfs\s+\/sys\s+sysfs\s+defaults\s+/d; /^proc\s+\/proc\s+proc\s+defaults\s+/d' /etc/fstab || : +# This is the expanded form of %%systemd_user_daemon_reexec. We +# can't use the macro because we define it ourselves. +if [ $1 -ge 2 ] && [ -x "/usr/lib/systemd/systemd-update-helper" ]; then + # Package upgrade, not uninstall + /usr/lib/systemd/systemd-update-helper user-reexec || : fi -# Services we install by default, and which are controlled by presets. -if [ $1 -eq 1 ] ; then - systemctl preset --quiet \ - remote-fs.target \ - getty@.service \ - serial-getty@.service \ - console-getty.service \ - debug-shell.service \ - systemd-networkd.service \ - systemd-networkd-wait-online.service \ - systemd-resolved.service \ - >/dev/null || : -fi +%triggerun -- systemd < 256 +# This is for upgrades from previous versions before systemd restart was moved to %%postun +systemctl daemon-reexec || : -# remove obsolete systemd-readahead file -rm -f /.readahead &>/dev/null || : +%triggerpostun -- systemd < 253~rc1-2 +# This is for upgrades from previous versions where systemd-journald-audit.socket +# had a static enablement symlink. +# We use %%triggerpostun here because rpm doesn't allow a second %%triggerun with +# a different package version. +systemctl --no-reload preset systemd-journald-audit.socket &>/dev/null || : -%preun -if [ $1 -eq 0 ] ; then - systemctl disable --quiet \ - remote-fs.target \ - getty@.service \ - serial-getty@.service \ - console-getty.service \ - debug-shell.service \ - systemd-readahead-replay.service \ - systemd-readahead-collect.service \ - systemd-networkd.service \ - systemd-networkd-wait-online.service \ - systemd-resolved.service \ - >/dev/null || : - - rm -f /etc/systemd/system/default.target &>/dev/null || : -fi - -%post libs -/sbin/ldconfig - -if [ -f /etc/nsswitch.conf ] ; then - # sed-fu to add myhostanme to hosts line - grep -v -E -q '^hosts:.* myhostname' /etc/nsswitch.conf && - sed -i.bak -e ' - /^hosts:/ !b - /\/ b - s/[[:blank:]]*$/ myhostname/ - ' /etc/nsswitch.conf &>/dev/null || : - - # remove mymachines from passwd and group lines of /etc/nsswitch.conf - # https://bugzilla.redhat.com/show_bug.cgi?id=1284325 - # https://meetbot.fedoraproject.org/fedora-meeting/2015-11-25/fesco.2015-11-25-18.00.html - # To avoid the removal, e.g. add a space at the end of the line. - grep -E -q '^(passwd|group):.* mymachines$' /etc/nsswitch.conf && - sed -i.bak -r -e ' - s/^(passwd:.*) mymachines$/\1/; - s/^(group:.*) mymachines$/\1/; - ' /etc/nsswitch.conf &>/dev/null || : - - # Add [!UNAVAIL=return] after resolve - grep -E -q '^hosts:.*resolve[[:space:]]*($|[[:alpha:]])' /etc/nsswitch.conf && - sed -i.bak -e ' - /^hosts:/ { s/resolve/& [!UNAVAIL=return]/} - ' /etc/nsswitch.conf &>/dev/null || : - - # Add nss-systemd to passwd and group - grep -E -q '^(passwd|group):.* systemd' /etc/nsswitch.conf || - sed -i.bak -r -e ' - s/^(passwd|group):(.*)/\1: \2 systemd/ - ' /etc/nsswitch.conf &>/dev/null || : -fi - -%postun libs -p /sbin/ldconfig - -%global udev_services systemd-udev{d,-settle,-trigger}.service systemd-udevd-{control,kernel}.socket systemd-timesyncd.service +%global udev_services %{shrink: + cryptsetup-pre.target + cryptsetup.target + hibernate.target + hybrid-sleep.target + initrd-cleanup.service + initrd-fs.target + initrd-parse-etc.service + initrd-root-device.target + initrd-root-fs.target + initrd-switch-root.service + initrd-switch-root.target + initrd-udevadm-cleanup-db.service + initrd-usr-fs.target + initrd.target + integritysetup-pre.target + integritysetup.target + kmod-static-nodes.service + proc-sys-fs-binfmt_misc.automount + proc-sys-fs-binfmt_misc.mount + quotaon-root.service + quotaon@.service + remote-cryptsetup.target + remote-veritysetup.target + sleep.target + suspend-then-hibernate.target + suspend.target + system-systemd\\x2dcryptsetup.slice + system-systemd\\x2dveritysetup.slice + systemd-backlight@.service + systemd-binfmt.service + systemd-bless-boot.service + systemd-bsod.service + systemd-coredump.socket + systemd-coredump@.service + systemd-fsck-root.service + systemd-fsck@.service + systemd-growfs-root.service + systemd-growfs@.service + systemd-hibernate-clear.service + systemd-hibernate-resume.service + systemd-hibernate.service + systemd-homed-activate.service + systemd-homed-firstboot.service + systemd-homed.service + systemd-hwdb-update.service + systemd-hybrid-sleep.service + systemd-modules-load.service + systemd-network-generator.service + systemd-oomd.service + systemd-oomd.socket + systemd-pcrextend.socket + systemd-pcrextend@.service + systemd-pcrfs-root.service + systemd-pcrfs@.service + systemd-pcrlock-file-system.service + systemd-pcrlock-firmware-code.service + systemd-pcrlock-firmware-config.service + systemd-pcrlock-machine-id.service + systemd-pcrlock-make-policy.service + systemd-pcrlock-secureboot-authority.service + systemd-pcrlock-secureboot-policy.service + systemd-pcrlock.socket + systemd-pcrlock@.service + systemd-pcrmachine.service + systemd-pcrphase-initrd.service + systemd-pcrphase-sysinit.service + systemd-pcrphase.service + systemd-portabled.service + systemd-pstore.service + systemd-quotacheck-root.service + systemd-quotacheck@.service + systemd-random-seed.service + systemd-remount-fs.service + systemd-repart.service + systemd-rfkill.service + systemd-rfkill.socket + systemd-suspend-then-hibernate.service + systemd-suspend.service + systemd-sysctl.service + systemd-timesyncd.service + systemd-tmpfiles-setup-dev-early.service + systemd-tmpfiles-setup-dev.service + systemd-udev-load-credentials.service + systemd-udev-settle.service + systemd-udev-trigger.service + systemd-udevd-control.socket + systemd-udevd-kernel.socket + systemd-udevd.service + systemd-vconsole-setup.service + systemd-volatile-root.service + veritysetup-pre.target + veritysetup.target + %{?want_bootloader: + systemd-boot-random-seed.service + systemd-boot-update.service + systemd-bootctl.socket + systemd-bootctl@.service + } + } %post udev # Move old stuff around in /var/lib mv %{_localstatedir}/lib/random-seed %{_localstatedir}/lib/systemd/random-seed &>/dev/null mv %{_localstatedir}/lib/backlight %{_localstatedir}/lib/systemd/backlight &>/dev/null +if [ -L %{_localstatedir}/lib/systemd/timesync ]; then + rm %{_localstatedir}/lib/systemd/timesync + mv %{_localstatedir}/lib/private/systemd/timesync %{_localstatedir}/lib/systemd/timesync +fi +if [ -f %{_localstatedir}/lib/systemd/clock ]; then + mkdir -p %{_localstatedir}/lib/systemd/timesync + mv %{_localstatedir}/lib/systemd/clock %{_localstatedir}/lib/systemd/timesync/. +fi + +systemd-hwdb update &>/dev/null -udevadm hwdb --update &>/dev/null %systemd_post %udev_services -/usr/lib/systemd/systemd-random-seed save 2>&1 + +# Try to save the random seed, but don't complain if /dev/urandom is unavailable +/usr/lib/systemd/systemd-random-seed save 2>&1 | \ + grep -v 'Failed to open /dev/urandom' || : # Replace obsolete keymaps # https://bugzilla.redhat.com/show_bug.cgi?id=1151958 grep -q -E '^KEYMAP="?fi-latin[19]"?' /etc/vconsole.conf 2>/dev/null && - sed -i.rpm.bak -r 's/^KEYMAP="?fi-latin[19]"?/KEYMAP="fi"/' /etc/vconsole.conf - -exit 0 + sed -i.rpm.bak -r 's/^KEYMAP="?fi-latin[19]"?/KEYMAP="fi"/' /etc/vconsole.conf || : %preun udev %systemd_preun %udev_services -%postun udev -# Only restart systemd-udev, to run the upgraded dameon. +%posttrans udev +# Restart some services. # Others are either oneshot services, or sockets, and restarting them causes issues (#1378974) -%systemd_postun_with_restart systemd-udevd.service - -%pre journal-remote -getent group systemd-journal-gateway &>/dev/null || groupadd -r systemd-journal-gateway 2>&1 || : -getent passwd systemd-journal-gateway &>/dev/null || useradd -r -l -g systemd-journal-gateway -d %{_localstatedir}/log/journal -s /sbin/nologin -c "Journal Gateway" systemd-journal-gateway &>/dev/null || : -getent group systemd-journal-remote &>/dev/null || groupadd -r systemd-journal-remote 2>&1 || : -getent passwd systemd-journal-remote &>/dev/null || useradd -r -l -g systemd-journal-remote -d %{_localstatedir}/log/journal/remote -s /sbin/nologin -c "Journal Remote" systemd-journal-remote &>/dev/null || : -getent group systemd-journal-upload &>/dev/null || groupadd -r systemd-journal-upload 2>&1 || : -getent passwd systemd-journal-upload &>/dev/null || useradd -r -l -g systemd-journal-upload -G systemd-journal -d %{_localstatedir}/log/journal/upload -s /sbin/nologin -c "Journal Upload" systemd-journal-upload &>/dev/null || : +%systemd_posttrans_with_restart systemd-udevd.service systemd-timesyncd.service systemd-homed.service systemd-oomd.service systemd-portabled.service +%global journal_remote_units_restart systemd-journal-gatewayd.service systemd-journal-remote.service systemd-journal-upload.service +%global journal_remote_units_norestart systemd-journal-gatewayd.socket systemd-journal-remote.socket %post journal-remote -%systemd_post systemd-journal-gatewayd.socket systemd-journal-gatewayd.service -%systemd_post systemd-journal-remote.socket systemd-journal-remote.service -%systemd_post systemd-journal-upload.service +%systemd_post %journal_remote_units_restart %journal_remote_units_norestart %firewalld_reload %preun journal-remote -%systemd_preun systemd-journal-gatewayd.socket systemd-journal-gatewayd.service -%systemd_preun systemd-journal-remote.socket systemd-journal-remote.service -%systemd_preun systemd-journal-upload.service +%systemd_preun %journal_remote_units_restart %journal_remote_units_norestart +if [ $1 -eq 1 ] ; then + if [ -f %{_localstatedir}/lib/systemd/journal-upload/state -a ! -L %{_localstatedir}/lib/systemd/journal-upload ] ; then + mkdir -p %{_localstatedir}/lib/private/systemd/journal-upload + mv %{_localstatedir}/lib/systemd/journal-upload/state %{_localstatedir}/lib/private/systemd/journal-upload/. + rmdir %{_localstatedir}/lib/systemd/journal-upload || : + fi +fi -%postun journal-remote -%systemd_postun_with_restart systemd-journal-gatewayd.service -%systemd_postun_with_restart systemd-journal-remote.service -%systemd_postun_with_restart systemd-journal-upload.service +%posttrans journal-remote +%systemd_posttrans_with_restart %journal_remote_units_restart %firewalld_reload +%global networkd_services %{shrink: + systemd-networkd.service + systemd-networkd.socket + systemd-networkd-varlink.socket + systemd-networkd-wait-online.service + systemd-network-generator.service + systemd-networkd-persistent-storage.service + } + +%post networkd +# systemd-networkd was split out in systemd-246.6-2. +# Ideally, we would have a trigger scriptlet to record enablement +# state when upgrading from systemd <= systemd-246.6-1. But, AFAICS, +# rpm doesn't allow us to trigger on another package, short of +# querying the rpm database ourselves, which seems risky. For rpm, +# systemd and systemd-networkd are completely unrelated. So let's use +# a hack to detect if an old systemd version is currently present in +# the file system. +# https://bugzilla.redhat.com/show_bug.cgi?id=1943263 +if [ $1 -eq 1 ] && ls /usr/lib/systemd/libsystemd-shared-24[0-6].so &>/dev/null; then + echo "Skipping presets for systemd-networkd.service, seems we are upgrading from old systemd." +else + %systemd_post %networkd_services +fi + +%preun networkd +%systemd_preun %networkd_services + +%posttrans networkd +%systemd_posttrans_with_restart systemd-networkd.service + +%post resolved +[ $1 -eq 1 ] || exit 0 +# Initial installation + +touch %{_localstatedir}/lib/rpm-state/systemd-resolved.initial-installation + +# Related to https://bugzilla.redhat.com/show_bug.cgi?id=1943263 +if ls /usr/lib/systemd/libsystemd-shared-24[0-8].so &>/dev/null; then + echo "Skipping presets for systemd-resolved.service, seems we are upgrading from old systemd." + exit 0 +fi + +%systemd_post systemd-resolved.service + +%preun resolved +%systemd_preun systemd-resolved.service +if [ $1 -eq 0 ] ; then + if [ -L /etc/resolv.conf ] && \ + realpath /etc/resolv.conf | grep ^/run/systemd/resolve/; then + rm -f /etc/resolv.conf # no longer useful + # if network manager is enabled, move to it instead + [ -f /run/NetworkManager/resolv.conf ] && \ + systemctl -q is-enabled NetworkManager.service &>/dev/null && \ + ln -fsv ../run/NetworkManager/resolv.conf /etc/resolv.conf + fi +fi + +%posttrans resolved +%systemd_posttrans_with_restart systemd-resolved.service +[ -e %{_localstatedir}/lib/rpm-state/systemd-resolved.initial-installation ] || exit 0 +rm %{_localstatedir}/lib/rpm-state/systemd-resolved.initial-installation +# Initial installation + +# Create /etc/resolv.conf symlink. +# (https://bugzilla.redhat.com/show_bug.cgi?id=1873856) +# +# We would also create it using tmpfiles, but let's do this here too +# before NetworkManager gets a chance. (systemd-tmpfiles invocation +# above does not do this, because the line is marked with ! and +# tmpfiles is invoked without --boot in the scriptlet.) +# +# *Create* the symlink if nothing is present yet. +# (https://bugzilla.redhat.com/show_bug.cgi?id=2032085) +# +# *Override* the symlink if systemd is running. Don't do it if systemd +# is not running, because that will immediately break DNS resolution, +# since systemd-resolved is also not running +# (https://bugzilla.redhat.com/show_bug.cgi?id=1891847). +# +# Also don't create the symlink to the stub when the stub is disabled (#1891847 again). +if systemctl -q is-enabled systemd-resolved.service &>/dev/null && + ! systemd-analyze cat-config systemd/resolved.conf 2>/dev/null | + grep -iqE '^DNSStubListener\s*=\s*(no?|false|0|off)\s*$'; then + + if ! test -e /etc/resolv.conf && ! test -L /etc/resolv.conf; then + ln -sv ../run/systemd/resolve/stub-resolv.conf /etc/resolv.conf || : + elif test -d /run/systemd/system/ && + ! mountpoint /etc/resolv.conf &>/dev/null; then + ln -fsv ../run/systemd/resolve/stub-resolv.conf /etc/resolv.conf || : + fi +fi + %global _docdir_fmt %{name} -%files -f %{name}.lang +%files -f %{name}.lang -f .file-list-main %doc %{_pkgdocdir} -%exclude %{_pkgdocdir}/LICENSE.* -%license LICENSE.GPL2 LICENSE.LGPL2.1 -%dir %{_sysconfdir}/systemd -%dir %{_sysconfdir}/systemd/system -%ghost %dir %{_sysconfdir}/systemd/system/basic.target.wants -%ghost %dir %{_sysconfdir}/systemd/system/bluetooth.target.wants -%ghost %dir %{_sysconfdir}/systemd/system/default.target.wants -%ghost %dir %{_sysconfdir}/systemd/system/getty.target.wants -%ghost %dir %{_sysconfdir}/systemd/system/graphical.target.wants -%ghost %dir %{_sysconfdir}/systemd/system/local-fs.target.wants -%ghost %dir %{_sysconfdir}/systemd/system/machines.target.wants -%ghost %dir %{_sysconfdir}/systemd/system/multi-user.target.wants -%ghost %dir %{_sysconfdir}/systemd/system/network-online.target.wants -%ghost %dir %{_sysconfdir}/systemd/system/printer.target.wants -%ghost %dir %{_sysconfdir}/systemd/system/remote-fs.target.wants -%ghost %dir %{_sysconfdir}/systemd/system/sockets.target.wants -%ghost %dir %{_sysconfdir}/systemd/system/sysinit.target.wants -%ghost %dir %{_sysconfdir}/systemd/system/system-update.target.wants -%ghost %dir %{_sysconfdir}/systemd/system/timers.target.wants -%dir %{_sysconfdir}/systemd/user -%dir %{_sysconfdir}/systemd/network -%dir %{_sysconfdir}/tmpfiles.d -%dir %{_sysconfdir}/sysctl.d -%dir %{_sysconfdir}/modules-load.d -%dir %{_sysconfdir}/binfmt.d -%{_sysconfdir}/X11/xinit/xinitrc.d/50-systemd-user.sh -%ghost %verify(not md5 size mtime) %config(noreplace,missingok) /etc/crypttab -/etc/inittab -%config(noreplace) %{_sysconfdir}/sysctl.conf -%{_sysconfdir}/sysctl.d/99-sysctl.conf -%dir %{pkgdir} -%{pkgdir}/system-generators -%exclude %{pkgdir}/system-generators/systemd-cryptsetup-generator -%exclude %{pkgdir}/system-generators/systemd-gpt-auto-generator -%exclude %{pkgdir}/system-generators/systemd-hibernate-resume-generator -%{pkgdir}/user-generators -%{pkgdir}/user-environment-generators -%dir %{pkgdir}/system-shutdown -%dir %{pkgdir}/system-sleep -%dir %{pkgdir}/catalog -%dir %{pkgdir}/network -%dir %{_prefix}/lib/tmpfiles.d -%dir %{_prefix}/lib/sysusers.d -%dir %{_prefix}/lib/sysctl.d -%dir %{_prefix}/lib/modules-load.d -%dir %{_prefix}/lib/binfmt.d -%dir %{_prefix}/lib/environment.d -%{_prefix}/lib/environment.d/99-environment.conf -%dir %{_prefix}/lib/kernel -%dir %{_datadir}/systemd -%dir %{_datadir}/dbus-1/system.d -%{_datadir}/dbus-1/system.d/org.freedesktop.systemd1.conf -%{_datadir}/dbus-1/system.d/org.freedesktop.hostname1.conf -%{_datadir}/dbus-1/system.d/org.freedesktop.login1.conf -%{_datadir}/dbus-1/system.d/org.freedesktop.locale1.conf -%{_datadir}/dbus-1/system.d/org.freedesktop.timedate1.conf -%{_datadir}/dbus-1/system.d/org.freedesktop.resolve1.conf -%{_datadir}/dbus-1/system.d/org.freedesktop.network1.conf -%dir %{_datadir}/pkgconfig -%dir %{_datadir}/zsh -%dir %{_datadir}/zsh/site-functions -%ghost %dir %{_localstatedir}/log/journal -%dir %{_localstatedir}/lib/systemd -%dir %{_localstatedir}/lib/systemd/catalog -%ghost %dir %{_localstatedir}/lib/systemd/coredump -%ghost %dir %{_localstatedir}/lib/systemd/backlight -%ghost %dir %{_localstatedir}/lib/systemd/rfkill -%ghost %dir %{_localstatedir}/lib/systemd/linger -%ghost %{_localstatedir}/lib/systemd/random-seed -%ghost %{_localstatedir}/lib/systemd/clock -%ghost %{_localstatedir}/lib/systemd/catalog/database -%{_localstatedir}/log/README -%ghost %attr(0664,root,utmp) %{_localstatedir}/run/utmp -%ghost %attr(0664,root,utmp) %{_localstatedir}/log/wtmp -%ghost %attr(0600,root,utmp) %{_localstatedir}/log/btmp -%config(noreplace) %{_sysconfdir}/systemd/system.conf -%config(noreplace) %{_sysconfdir}/systemd/user.conf -%config(noreplace) %{_sysconfdir}/systemd/logind.conf -%config(noreplace) %{_sysconfdir}/systemd/journald.conf -%config(noreplace) %{_sysconfdir}/systemd/resolved.conf -%config(noreplace) %{_sysconfdir}/systemd/coredump.conf -%config(noreplace) %{_sysconfdir}/systemd/system/dbus-org.freedesktop.resolve1.service -%config(noreplace) %{_sysconfdir}/systemd/system/dbus-org.freedesktop.network1.service -%config(noreplace) %{_sysconfdir}/yum/protected.d/systemd.conf -%config(noreplace) %{_sysconfdir}/pam.d/systemd-user -%{_rpmconfigdir}/macros.d/macros.systemd -%{_sysconfdir}/xdg/systemd -%{_sysconfdir}/rc.d/init.d/README -%ghost %config(noreplace) %{_sysconfdir}/hostname -%ghost %config(noreplace) %{_sysconfdir}/localtime -%ghost %config(noreplace) %{_sysconfdir}/locale.conf -%ghost %config(noreplace) %{_sysconfdir}/machine-id -%ghost %config(noreplace) %{_sysconfdir}/machine-info -%dir %{_sysconfdir}/X11/xorg.conf.d -%ghost %config(noreplace) %{_sysconfdir}/X11/xorg.conf.d/00-keyboard.conf -%{_bindir}/busctl -%{_bindir}/coredumpctl -%{_bindir}/hostnamectl -%{_bindir}/journalctl -%{_bindir}/localectl -%{_bindir}/loginctl -%{_bindir}/networkctl -%{_bindir}/systemctl -%{_bindir}/systemd-analyze -%{_bindir}/systemd-ask-password -%{_bindir}/systemd-cat -%{_bindir}/systemd-cgls -%{_bindir}/systemd-cgtop -%{_bindir}/systemd-delta -%{_bindir}/systemd-detect-virt -%{_bindir}/systemd-escape -%{_bindir}/systemd-firstboot -%{_bindir}/systemd-inhibit -%{_bindir}/systemd-machine-id-setup -%{_bindir}/systemd-mount -%{_bindir}/systemd-umount -%{_bindir}/systemd-notify -%{_bindir}/systemd-path -%{_bindir}/systemd-resolve -%{_bindir}/systemd-run -%{_bindir}/systemd-socket-activate -%{_bindir}/systemd-stdio-bridge -%{_bindir}/systemd-sysusers -%{_bindir}/systemd-tmpfiles -%{_bindir}/systemd-tty-ask-password-agent -%{_bindir}/timedatectl -%{pkgdir}/systemd -%{pkgdir}/libsystemd-shared-%{version}.so -%{system_unit_dir} -%{user_unit_dir} -%{pkgdir}/resolv.conf -%exclude %{system_unit_dir}/*udev* -%exclude %{system_unit_dir}/*/*udev* -%exclude %{system_unit_dir}/*hwdb* -%exclude %{system_unit_dir}/*/*hwdb* -%exclude %{system_unit_dir}/systemd-vconsole-setup.service -%exclude %{system_unit_dir}/kmod-static-nodes.service -%exclude %{system_unit_dir}/*/kmod-static-nodes.service -%exclude %{system_unit_dir}/systemd-tmpfiles-setup-dev.service -%exclude %{system_unit_dir}/*/systemd-tmpfiles-setup-dev.service -%exclude %{system_unit_dir}/*.machine1.* -%exclude %{system_unit_dir}/*.import1.* -%exclude %{system_unit_dir}/systemd-machined.service -%exclude %{system_unit_dir}/systemd-importd.service -%exclude %{system_unit_dir}/machine.slice -%exclude %{system_unit_dir}/machines.target -%exclude %{system_unit_dir}/var-lib-machines.mount -%exclude %{system_unit_dir}/*/var-lib-machines.mount -%exclude %{system_unit_dir}/systemd-journal-gatewayd.* -%exclude %{system_unit_dir}/systemd-journal-remote.* -%exclude %{system_unit_dir}/*upload.* -%exclude %{system_unit_dir}/systemd-rfkill.* -%exclude %{system_unit_dir}/systemd-backlight* -%exclude %{system_unit_dir}/*/systemd-random-seed.service -%exclude %{system_unit_dir}/systemd-random-seed.service -%exclude %{system_unit_dir}/systemd-quotacheck.service -%exclude %{system_unit_dir}/quotaon.service -%exclude %{system_unit_dir}/*/systemd-modules-load.service -%exclude %{system_unit_dir}/systemd-modules-load.service -%exclude %{system_unit_dir}/systemd-timesyncd.service -%exclude %{system_unit_dir}/systemd-hibernate-resume@.service -%exclude %{system_unit_dir}/systemd-hibernate.service -%exclude %{system_unit_dir}/systemd-suspend.service -%exclude %{system_unit_dir}/systemd-hybrid-sleep.service -%exclude %{system_unit_dir}/systemd-nspawn@.service -%exclude %{pkgdir}/systemd-udevd -%exclude %{pkgdir}/systemd-vconsole-setup -%exclude %{pkgdir}/systemd-machined -%exclude %{pkgdir}/systemd-import -%exclude %{pkgdir}/systemd-importd -%exclude %{pkgdir}/systemd-pull -%exclude %{pkgdir}/systemd-journal-gatewayd -%exclude %{pkgdir}/systemd-journal-remote -%exclude %{pkgdir}/systemd-journal-upload -%exclude %{pkgdir}/systemd-backlight -%exclude %{pkgdir}/systemd-rfkill -%exclude %{pkgdir}/systemd-random-seed -%exclude %{pkgdir}/systemd-quotacheck -%exclude %{pkgdir}/systemd-modules-load -%exclude %{pkgdir}/systemd-timesyncd -%exclude %{pkgdir}/systemd-cryptsetup -%exclude %{pkgdir}/systemd-hibernate-resume -%exclude %{pkgdir}/systemd-sleep +%exclude %{_pkgdocdir}/LICENSE* +# Only the licenses texts for the licenses in License line are included. +%license LICENSE.GPL2 +%license LICENSES/MIT.txt +%ghost %dir %attr(0755,-,-) /etc/systemd/system/basic.target.wants +%ghost %dir %attr(0755,-,-) /etc/systemd/system/bluetooth.target.wants +%ghost %dir %attr(0755,-,-) /etc/systemd/system/default.target.wants +%ghost %dir %attr(0755,-,-) /etc/systemd/system/getty.target.wants +%ghost %dir %attr(0755,-,-) /etc/systemd/system/graphical.target.wants +%ghost %dir %attr(0755,-,-) /etc/systemd/system/local-fs.target.wants +%ghost %dir %attr(0755,-,-) /etc/systemd/system/machines.target.wants +%ghost %dir %attr(0755,-,-) /etc/systemd/system/multi-user.target.wants +%ghost %dir %attr(0755,-,-) /etc/systemd/system/network-online.target.wants +%ghost %dir %attr(0755,-,-) /etc/systemd/system/printer.target.wants +%ghost %dir %attr(0755,-,-) /etc/systemd/system/remote-fs.target.wants +%ghost %dir %attr(0755,-,-) /etc/systemd/system/sockets.target.wants +%ghost %dir %attr(0755,-,-) /etc/systemd/system/sysinit.target.wants +%ghost %dir %attr(0755,-,-) /etc/systemd/system/system-update.target.wants +%ghost %dir %attr(0755,-,-) /etc/systemd/system/timers.target.wants +%ghost %dir %attr(0700,-,-) /var/lib/portables +%ghost %dir %attr(0755,-,-) /var/lib/rpm-state/systemd -%{pkgdir}/systemd-* -%{_prefix}/lib/tmpfiles.d/systemd.conf -%{_prefix}/lib/tmpfiles.d/systemd-nologin.conf -%{_prefix}/lib/tmpfiles.d/x11.conf -%{_prefix}/lib/tmpfiles.d/legacy.conf -%{_prefix}/lib/tmpfiles.d/tmp.conf -%{_prefix}/lib/tmpfiles.d/var.conf -%{_prefix}/lib/tmpfiles.d/etc.conf -%{_prefix}/lib/tmpfiles.d/home.conf -%{_prefix}/lib/tmpfiles.d/journal-nocow.conf -%{_prefix}/lib/sysctl.d/50-default.conf -%{_prefix}/lib/sysctl.d/50-coredump.conf -%{_prefix}/lib/sysusers.d/basic.conf -%{_prefix}/lib/sysusers.d/systemd.conf -%{pkgdir}/system-preset/90-systemd.preset -%{pkgdir}/catalog/systemd.catalog -%{_prefix}/lib/kernel/install.d/ -%{_sbindir}/init -%{_sbindir}/reboot -%{_sbindir}/halt -%{_sbindir}/poweroff -%{_sbindir}/shutdown -%{_sbindir}/telinit -%{_sbindir}/runlevel -%{_mandir}/man1/* -%{_mandir}/man5/* -%{_mandir}/man7/* -%{_mandir}/man8/* - -%exclude %{_mandir}/man*/*udev* -%exclude %{_mandir}/man*/*hwdb* -%exclude %{_mandir}/man*/systemd-tmpfiles-setup-dev.service* -%exclude %{_mandir}/man*/systemd-journal-gateway* -%exclude %{_mandir}/man*/*journal-remote.* -%exclude %{_mandir}/man*/*modules-load.* -%exclude %{_mandir}/man*/*timesyncd.* -%exclude %{_mandir}/man*/systemd-hibernate* -%exclude %{_mandir}/man*/systemd-hybrid-sleep* -%exclude %{_mandir}/man*/systemd-suspend* -%exclude %{_mandir}/man*/systemd-nspawn.* -%exclude %{_mandir}/man*/systemd-vconsole-setup* -%exclude %{_mandir}/man*/systemd-machined* -%exclude %{_mandir}/man*/systemd-journal-remote* -%exclude %{_mandir}/man*/systemd-journal-upload* -%exclude %{_mandir}/man*/systemd-backlight* -%exclude %{_mandir}/man*/systemd-rfkill* -%exclude %{_mandir}/man*/systemd-random-seed* -%exclude %{_mandir}/man*/systemd-quotacheck* -%exclude %{_mandir}/man*/systemd-cryptsetup* -%exclude %{_mandir}/man*/systemd-sleep* - -%{_datadir}/factory/ -%{_datadir}/systemd/kbd-model-map -%{_datadir}/systemd/language-fallback-map -%{_datadir}/dbus-1/services/org.freedesktop.systemd1.service -%{_datadir}/dbus-1/system-services/org.freedesktop.systemd1.service -%{_datadir}/dbus-1/system-services/org.freedesktop.hostname1.service -%{_datadir}/dbus-1/system-services/org.freedesktop.login1.service -%{_datadir}/dbus-1/system-services/org.freedesktop.locale1.service -%{_datadir}/dbus-1/system-services/org.freedesktop.timedate1.service -%{_datadir}/dbus-1/system-services/org.freedesktop.resolve1.service -%{_datadir}/dbus-1/system-services/org.freedesktop.network1.service -%dir %{_datadir}/polkit-1 -%dir %{_datadir}/polkit-1/actions -%{_datadir}/polkit-1/actions/org.freedesktop.systemd1.policy -%{_datadir}/polkit-1/actions/org.freedesktop.hostname1.policy -%{_datadir}/polkit-1/actions/org.freedesktop.login1.policy -%{_datadir}/polkit-1/actions/org.freedesktop.locale1.policy -%{_datadir}/polkit-1/actions/org.freedesktop.timedate1.policy -%{_datadir}/polkit-1/rules.d/systemd-networkd.rules -%{_datadir}/pkgconfig/systemd.pc -%{_datadir}/pkgconfig/udev.pc -%{_datadir}/bash-completion/completions/* -%exclude %{_datadir}/bash-completion/completions/udevadm -%exclude %{_datadir}/bash-completion/completions/machinectl -%exclude %{_datadir}/bash-completion/completions/systemd-nspawn -%{_datadir}/zsh/site-functions/* -%exclude %{_datadir}/zsh/site-functions/_udevadm -%exclude %{_datadir}/zsh/site-functions/_machinectl -%exclude %{_datadir}/zsh/site-functions/_systemd-nspawn -%{pkgdir}/catalog/systemd.*.catalog -%{pkgdir}/network/80-container-host0.network - -%ghost %dir %{_localstatedir}/lib/rpm-state/systemd - -%files libs -%{_libdir}/libnss_myhostname.so.2 -%{_libdir}/libnss_resolve.so.2 -%{_libdir}/libnss_systemd.so.2 -%{_libdir}/libudev.so.* -%{_libdir}/libsystemd.so.* +%files libs -f .file-list-libs %license LICENSE.LGPL2.1 -%files pam -%{_libdir}/security/pam_systemd.so +%files shared -f .file-list-shared +%license LICENSE.LGPL2.1 +%license LICENSES/MIT.txt -%files devel -%dir %{_includedir}/systemd -%{_libdir}/libudev.so -%{_libdir}/libsystemd.so -%{_includedir}/systemd/sd-daemon.h -%{_includedir}/systemd/sd-login.h -%{_includedir}/systemd/sd-journal.h -%{_includedir}/systemd/sd-id128.h -%{_includedir}/systemd/sd-messages.h -%{_includedir}/systemd/sd-bus-protocol.h -%{_includedir}/systemd/sd-bus-vtable.h -%{_includedir}/systemd/sd-bus.h -%{_includedir}/systemd/sd-event.h -%{_includedir}/systemd/_sd-common.h -%{_includedir}/libudev.h -%{_libdir}/pkgconfig/libudev.pc -%{_libdir}/pkgconfig/libsystemd.pc -%{_mandir}/man3/* +%files pam -f .file-list-pam -%files udev -%dir %{_sysconfdir}/udev -%dir %{_sysconfdir}/udev/rules.d -%dir %{_sysconfdir}/udev/hwdb.d -%config(noreplace) %{_sysconfdir}/udev/udev.conf -%ghost %{_sysconfdir}/udev/hwdb.bin -%ghost %config(noreplace) %{_sysconfdir}/vconsole.conf -%{system_unit_dir}/*udev* -%{system_unit_dir}/*/*udev* -%{system_unit_dir}/*hwdb* -%{system_unit_dir}/*/*hwdb* -%{system_unit_dir}/systemd-vconsole-setup.service -%{system_unit_dir}/kmod-static-nodes.service -%{system_unit_dir}/*/kmod-static-nodes.service -%{system_unit_dir}/systemd-tmpfiles-setup-dev.service -%{system_unit_dir}/*/systemd-tmpfiles-setup-dev.service -%{system_unit_dir}/systemd-rfkill.* -%{system_unit_dir}/systemd-backlight* -%{system_unit_dir}/*/systemd-random-seed.service -%{system_unit_dir}/systemd-random-seed.service -%{system_unit_dir}/systemd-quotacheck.service -%{system_unit_dir}/quotaon.service -%{system_unit_dir}/*/systemd-modules-load.service -%{system_unit_dir}/systemd-modules-load.service -%{system_unit_dir}/systemd-timesyncd.service -%{system_unit_dir}/systemd-hibernate-resume@.service -%{system_unit_dir}/systemd-hibernate.service -%{system_unit_dir}/systemd-hybrid-sleep.service -%{system_unit_dir}/systemd-suspend.service -%{_bindir}/udevadm -%{_sbindir}/udevadm -%{_bindir}/systemd-hwdb -%{_bindir}/bootctl -%{_bindir}/kernel-install -%{pkgdir}/systemd-udevd -%{pkgdir}/systemd-vconsole-setup -%{pkgdir}/systemd-backlight -%{pkgdir}/systemd-rfkill -%{pkgdir}/systemd-random-seed -%{pkgdir}/systemd-quotacheck -%{pkgdir}/systemd-modules-load -%{pkgdir}/systemd-timesyncd -%{pkgdir}/systemd-cryptsetup -%{pkgdir}/systemd-hibernate-resume -%{pkgdir}/systemd-sleep +%files rpm-macros -f .file-list-rpm-macros -%{pkgdir}/network/99-default.link -%{_prefix}/lib/udev -%{_datadir}/bash-completion/completions/udevadm -%{_datadir}/zsh/site-functions/_udevadm -%{pkgdir}/system-generators/systemd-cryptsetup-generator -%{pkgdir}/system-generators/systemd-gpt-auto-generator -%{pkgdir}/system-generators/systemd-hibernate-resume-generator -%config(noreplace) %{_sysconfdir}/systemd/timesyncd.conf +%files sysusers -f .file-list-sysusers -%ifarch %{ix86} x86_64 aarch64 -%dir %{pkgdir}/boot -%dir %{pkgdir}/boot/efi -%{pkgdir}/boot/efi/*.efi -%{pkgdir}/boot/efi/*.stub +%files resolved -f .file-list-resolve + +%files devel -f .file-list-devel + +%files udev -f .file-list-udev + +%files ukify -f .file-list-ukify +%if 0%{?want_bootloader} +%if %{without obs} +%files boot-unsigned -f .file-list-boot +%else +%files boot -f .file-list-boot +%endif %endif -%{_mandir}/man[1578]/*udev* -%{_mandir}/man[1578]/*hwdb* -%{_mandir}/man[1578]/systemd-tmpfiles-setup-dev.service* -%{_mandir}/man[1578]/*modules-load.* -%{_mandir}/man[1578]/*timesyncd.* -%{_mandir}/man[1578]/systemd-hibernate* -%{_mandir}/man[1578]/systemd-suspend* -%{_mandir}/man[1578]/systemd-vconsole-setup* -%{_mandir}/man[1578]/systemd-backlight* -%{_mandir}/man[1578]/systemd-rfkill* -%{_mandir}/man[1578]/systemd-random-seed* -%{_mandir}/man[1578]/systemd-quotacheck* -%{_mandir}/man[1578]/systemd-cryptsetup* -%{_mandir}/man[1578]/systemd-sleep* +%files container -f .file-list-container +%ghost %dir %attr(0700,-,-) /var/lib/machines -%files container -%{_libdir}/libnss_mymachines.so.2 -%{_bindir}/machinectl -%{_bindir}/systemd-nspawn -%{pkgdir}/import-pubring.gpg -%{_prefix}/lib/tmpfiles.d/systemd-nspawn.conf -%{system_unit_dir}/*.machine1.* -%{system_unit_dir}/*.import1.* -%{system_unit_dir}/systemd-machined.service -%{system_unit_dir}/systemd-importd.service -%{system_unit_dir}/machine.slice -%{system_unit_dir}/machines.target -%{system_unit_dir}/var-lib-machines.mount -%{system_unit_dir}/*/var-lib-machines.mount -%{system_unit_dir}/systemd-nspawn@.service -%{pkgdir}/systemd-machined -%{pkgdir}/systemd-import -%{pkgdir}/systemd-importd -%{pkgdir}/systemd-pull -%{pkgdir}/network/80-container-ve.network -%{pkgdir}/network/80-container-vz.network -%{_datadir}/dbus-1/system.d/org.freedesktop.import1.conf -%{_datadir}/dbus-1/system.d/org.freedesktop.machine1.conf -%{_datadir}/dbus-1/system-services/org.freedesktop.import1.service -%{_datadir}/dbus-1/system-services/org.freedesktop.machine1.service -%{_datadir}/polkit-1/actions/org.freedesktop.import1.policy -%{_datadir}/polkit-1/actions/org.freedesktop.machine1.policy -%{_datadir}/bash-completion/completions/machinectl -%{_datadir}/bash-completion/completions/systemd-nspawn -%{_datadir}/zsh/site-functions/_machinectl -%{_datadir}/zsh/site-functions/_systemd-nspawn -%{_mandir}/man1/machinectl.* -%{_mandir}/man8/systemd-machined.* -%{_mandir}/man8/*mymachines.* -%{_mandir}/man[1578]/systemd-nspawn.* +%files journal-remote -f .file-list-remote -%files journal-remote -%config(noreplace) %{_sysconfdir}/systemd/journal-remote.conf -%config(noreplace) %{_sysconfdir}/systemd/journal-upload.conf -%{system_unit_dir}/systemd-journal-gatewayd.* -%{system_unit_dir}/systemd-journal-remote.* -%{system_unit_dir}/*upload.* -%{pkgdir}/systemd-journal-gatewayd -%{pkgdir}/systemd-journal-remote -%{pkgdir}/systemd-journal-upload -%{_prefix}/lib/tmpfiles.d/systemd-remote.conf -%{_prefix}/lib/sysusers.d/systemd-remote.conf -%dir %attr(0755,systemd-journal-upload,systemd-journal-upload) %{_localstatedir}/lib/systemd/journal-upload -%{_datadir}/systemd/gatewayd -/usr/lib/firewalld/services/* -%{_mandir}/man[1578]/*journal-remote.* -%{_mandir}/man[1578]/systemd-journal-upload* -%{_mandir}/man[1578]/systemd-journal-gateway* +%files networkd -f .file-list-networkd -%files tests -%{pkgdir}/tests +%files networkd-defaults -f .file-list-networkd-defaults + +%files oomd-defaults -f .file-list-oomd-defaults + +%files tests -f .file-list-tests + +%files standalone-repart -f .file-list-standalone-repart + +%files standalone-tmpfiles -f .file-list-standalone-tmpfiles + +%files standalone-sysusers -f .file-list-standalone-sysusers + +%files standalone-shutdown -f .file-list-standalone-shutdown + +%clean +rm -rf \ + $RPM_BUILD_ROOT \ + 10-timeout-abort.conf.user \ + .file-list-* \ + %{name}.lang \ + debugfiles.list \ + debuglinks.list \ + debugsourcefiles.list \ + debugsources.list \ + elfbins.list %changelog -* Tue Sep 26 2017 Nathaniel McCallum - 234-8 -- Backport /etc/crypttab _netdev feature from upstream - -* Thu Sep 21 2017 Michal Sekletar - 234-7 -- Make sure to remove all device units sharing the same sysfs path (#1475570) - -* Mon Sep 18 2017 Zbigniew Jędrzejewski-Szmek - 234-6 -- Bump xslt recursion limit for libxslt-1.30 - -* Mon Jul 31 2017 Zbigniew Jędrzejewski-Szmek - 234-5 -- Backport more patches (#1476005, hopefully #1462378) - -* Thu Jul 27 2017 Fedora Release Engineering -- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild - -* Mon Jul 17 2017 Zbigniew Jędrzejewski-Szmek - 234-3 -- Fix x-systemd.timeout=0 in /etc/fstab (#1462378) -- Minor patches (memleaks, --help fixes, seccomp on arm64) - -* Thu Jul 13 2017 Zbigniew Jędrzejewski-Szmek - 234-2 -- Create kvm group (#1431876) - -* Thu Jul 13 2017 Zbigniew Jędrzejewski-Szmek - 234-1 -- Latest release - -* Sat Jul 1 2017 Zbigniew Jędrzejewski-Szmek - 233-7.git74d8f1c -- Update to snapshot -- Build with meson again - -* Tue Jun 27 2017 Zbigniew Jędrzejewski-Szmek - 233-6 -- Fix an out-of-bounds write in systemd-resolved (CVE-2017-9445) - -* Fri Jun 16 2017 Zbigniew Jędrzejewski-Szmek - 233-5.gitec36d05 -- Update to snapshot version, build with meson - -* Thu Jun 15 2017 Zbigniew Jędrzejewski-Szmek - 233-4 -- Backport a bunch of small fixes (memleaks, wrong format strings, - man page clarifications, shell completion) -- Fix systemd-resolved crash on crafted DNS packet (CVE-2017-9217, #1455493) -- Fix systemd-vconsole-setup.service error on systems with no VGA console (#1272686) -- Drop soft-static uid for systemd-journal-gateway -- Use ID from /etc/os-release as ntpvendor - -* Thu Mar 16 2017 Michal Sekletar - 233-3 -- Backport bugfixes from upstream -- Don't return error when machinectl couldn't figure out container IP addresses (#1419501) - -* Thu Mar 2 2017 Zbigniew Jędrzejewski-Szmek - 233-2 -- Fix installation conflict with polkit - -* Thu Mar 2 2017 Zbigniew Jędrzejewski-Szmek - 233-1 -- New upstream release (#1416201, #1405439, #1420753, many others) -- New systemd-tests subpackage with "installed tests" - -* Thu Feb 16 2017 Zbigniew Jędrzejewski-Szmek - 232-15 -- Add %%ghost %%dir entries for .wants dirs of our targets (#1422894) - -* Tue Feb 14 2017 Zbigniew Jędrzejewski-Szmek - 232-14 -- Ignore the hwdb parser test - -* Tue Feb 14 2017 Jan Synáček - 232-14 -- machinectl fails when virtual machine is running (#1419501) - -* Sat Feb 11 2017 Fedora Release Engineering - 232-13 -- Rebuilt for https://fedoraproject.org/wiki/Fedora_26_Mass_Rebuild - -* Tue Jan 31 2017 Zbigniew Jędrzejewski-Szmek - 232-12 -- Backport patch for initrd-switch-root.service getting killed (#1414904) -- Fix sd-journal-gatewayd -D, --trust, and COREDUMP_CONTAINER_CMDLINE - extraction by sd-coredump. - -* Sun Jan 29 2017 zbyszek - 232-11 -- Backport a number of patches (#1411299, #1413075, #1415745, - ##1415358, #1416588, #1408884) -- Fix various memleaks and unitialized variable access -- Shell completion enhancements -- Enable TPM logging by default (#1411156) -- Update hwdb (#1270124) - -* Thu Jan 19 2017 Adam Williamson - 232-10 -- Backport fix for boot failure in initrd-switch-root (#1414904) - -* Wed Jan 18 2017 Zbigniew Jędrzejewski-Szmek - 232-9 -- Add fake dependency on systemd-pam to systemd-devel to ensure systemd-pam - is available as multilib (#1414153) - -* Tue Jan 17 2017 Zbigniew Jędrzejewski-Szmek - 232-8 -- Fix buildsystem to check for lz4 correctly (#1404406) - -* Wed Jan 11 2017 Zbigniew Jędrzejewski-Szmek - 232-7 -- Various small tweaks to scriplets - -* Sat Jan 07 2017 Kevin Fenzi - 232-6 -- Fix scriptlets to never fail in libs post - -* Fri Jan 06 2017 Kevin Fenzi - 232-5 -- Add patch from Michal Schmidt to avoid process substitution (#1392236) - -* Sun Nov 6 2016 Zbigniew Jędrzejewski-Szmek - 232-4 -- Rebuild (#1392236) - -* Fri Nov 4 2016 Zbigniew Jędrzejewski-Szmek - 232-3 -- Make /etc/dbus-1/system.d directory non-%%ghost - -* Fri Nov 4 2016 Zbigniew Jędrzejewski-Szmek - 232-2 -- Fix kernel-install (#1391829) -- Restore previous systemd-user PAM config (#1391836) -- Move journal-upload.conf.5 from systemd main to journal-remote subpackage (#1391833) -- Fix permissions on /var/lib/systemd/journal-upload (#1262665) - -* Thu Nov 3 2016 Zbigniew Jędrzejewski-Szmek - 232-1 -- Update to latest version (#998615, #1181922, #1374371, #1390704, #1384150, #1287161) -- Add %%{_isa} to Provides on arch-full packages (#1387912) -- Create systemd-coredump user in %%pre (#1309574) -- Replace grubby patch with a short-circuiting install.d "plugin" -- Enable nss-systemd in the passwd, group lines in nsswith.conf -- Add [!UNAVAIL=return] fallback after nss-resolve in hosts line in nsswith.conf -- Move systemd-nspawn man pages to the right subpackage (#1391703) - -* Tue Oct 18 2016 Jan Synáček - 231-11 -- SPC - Cannot restart host operating from container (#1384523) - -* Sun Oct 9 2016 Zbigniew Jędrzejewski-Szmek - 231-10 -- Do not recreate /var/log/journal on upgrades (#1383066) -- Move nss-myhostname provides to systemd-libs (#1383271) - -* Fri Oct 7 2016 Zbigniew Jędrzejewski-Szmek - 231-9 -- Fix systemctl set-default (#1374371) -- Prevent systemd-udev-trigger.service from restarting (follow-up for #1378974) - -* Tue Oct 4 2016 Zbigniew Jędrzejewski-Szmek - 231-8 -- Apply fix for #1378974 - -* Mon Oct 3 2016 Zbigniew Jędrzejewski-Szmek - 231-7 -- Apply patches properly - -* Thu Sep 29 2016 Zbigniew Jędrzejewski-Szmek - 231-6 -- Better fix for (#1380286) - -* Thu Sep 29 2016 Zbigniew Jędrzejewski-Szmek - 231-5 -- Denial-of-service bug against pid1 (#1380286) - -* Thu Aug 25 2016 Zbigniew Jędrzejewski-Szmek - 231-4 -- Fix preset-all (#1363858) -- Fix issue with daemon-reload messing up graphics (#1367766) -- A few other bugfixes - -* Wed Aug 03 2016 Adam Williamson - 231-3 -- Revert preset-all change, it broke stuff (#1363858) - -* Wed Jul 27 2016 Zbigniew Jędrzejewski-Szmek - 231-2 -- Call preset-all on initial installation (#1118740) -- Fix botched Recommends for libxkbcommon - -* Tue Jul 26 2016 Zbigniew Jędrzejewski-Szmek - 231-1 -- Update to latest version - -* Wed Jun 8 2016 Zbigniew Jędrzejewski-Szmek - 230-3 -- Update to latest git snapshot (fixes for systemctl set-default, - polkit lingering policy, reversal of the framebuffer rules, - unaligned access fixes, fix for StartupBlockIOWeight-over-dbus). - Those changes are interspersed with other changes and new features - (mostly in lldp, networkd, and nspawn). Some of those new features - might not work, but I think that existing functionality should not - be broken, so it seems worthwile to update to the snapshot. - -* Sat May 21 2016 Zbigniew Jędrzejewski-Szmek - 230-2 -- Remove systemd-compat-libs on upgrade - -* Sat May 21 2016 Zbigniew Jędrzejewski-Szmek - 230-1 -- New version -- Drop compat-libs -- Require libxkbcommon explictly, since the automatic dependency will - not be generated anymore - -* Tue Apr 26 2016 Zbigniew Jędrzejewski-Szmek - 229-15 -- Remove duplicated entries in -container %%files (#1330395) - -* Fri Apr 22 2016 Zbigniew Jędrzejewski-Szmek - 229-14 -- Move installation of udev services to udev subpackage (#1329023) - -* Mon Apr 18 2016 Zbigniew Jędrzejewski-Szmek - 229-13 -- Split out systemd-pam subpackage (#1327402) - -* Mon Apr 18 2016 Harald Hoyer - 229-12 -- move more binaries and services from the main package to subpackages - -* Mon Apr 18 2016 Harald Hoyer - 229-11 -- move more binaries and services from the main package to subpackages - -* Mon Apr 18 2016 Harald Hoyer - 229-10 -- move device dependant stuff to the udev subpackage - -* Tue Mar 22 2016 Zbigniew Jędrzejewski-Szmek - 229-9 -- Add myhostname to /etc/nsswitch.conf (#1318303) - -* Mon Mar 21 2016 Harald Hoyer - 229-8 -- fixed kernel-install for copying files for grubby -Resolves: rhbz#1299019 - -* Thu Mar 17 2016 Zbigniew Jędrzejewski-Szmek - 229-7 -- Moar patches (#1316964, #1317928) -- Move vconsole-setup and tmpfiles-setup-dev bits to systemd-udev -- Protect systemd-udev from deinstallation - -* Fri Mar 11 2016 Zbigniew Jędrzejewski-Szmek - 229-6 -- Create /etc/resolv.conf symlink from systemd-resolved (#1313085) - -* Fri Mar 4 2016 Zbigniew Jędrzejewski-Szmek - 229-5 -- Split out systemd-container subpackage (#1163412) -- Split out system-udev subpackage -- Add various bugfix patches, incl. a tentative fix for #1308771 - -* Tue Mar 1 2016 Peter Robinson 229-4 -- Power64 and s390(x) now have libseccomp support -- aarch64 has gnu-efi - -* Tue Feb 23 2016 Jan Synáček - 229-3 -- Fix build failures on ppc64 (#1310800) - -* Tue Feb 16 2016 Dennis Gilmore - 229-2 -- revert: fixed kernel-install for copying files for grubby -Resolves: rhbz#1299019 -- this causes the dtb files to not get installed at all and the fdtdir -- line in extlinux.conf to not get updated correctly - -* Thu Feb 11 2016 Michal Sekletar - 229-1 -- New upstream release - -* Thu Feb 11 2016 Harald Hoyer - 228-10.gite35a787 -- fixed kernel-install for copying files for grubby -Resolves: rhbz#1299019 - -* Fri Feb 05 2016 Fedora Release Engineering - 228-9.gite35a787 -- Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild - -* Wed Jan 27 2016 Peter Robinson 228-8.gite35a787 -- Rebuild for binutils on aarch64 fix - -* Fri Jan 08 2016 Dan Horák - 228-7.gite35a787 -- apply the conflict with fedora-release only in Fedora - -* Thu Dec 10 2015 Jan Synáček - 228-6.gite35a787 -- Fix rawhide build failures on ppc64 (#1286249) - -* Sun Nov 29 2015 Zbigniew Jędrzejewski-Szmek - 228-6.gite35a787 -- Create /etc/systemd/network (#1286397) - -* Thu Nov 26 2015 Zbigniew Jędrzejewski-Szmek - 228-5.gite35a787 -- Do not install nss modules by default - -* Tue Nov 24 2015 Zbigniew Jędrzejewski-Szmek - 228-4.gite35a787 -- Update to latest upstream git: there is a bunch of fixes - (nss-mymachines overflow bug, networkd fixes, more completions are - properly installed), mixed with some new resolved features. -- Rework file triggers so that they always run before daemons are restarted - -* Thu Nov 19 2015 Zbigniew Jędrzejewski-Szmek - 228-3 -- Enable rpm file triggers for daemon-reload - -* Thu Nov 19 2015 Zbigniew Jędrzejewski-Szmek - 228-2 -- Fix version number in obsoleted package name (#1283452) - -* Wed Nov 18 2015 Kay Sievers - 228-1 -- New upstream release - -* Thu Nov 12 2015 Zbigniew Jędrzejewski-Szmek - 227-7 -- Rename journal-gateway subpackage to journal-remote -- Ignore the access mode on /var/log/journal (#1048424) -- Do not assume fstab is present (#1281606) - -* Wed Nov 11 2015 Fedora Release Engineering - 227-6 -- Rebuilt for https://fedoraproject.org/wiki/Changes/python3.5 - -* Tue Nov 10 2015 Lukáš Nykrýn - 227-5 -- Rebuild for libmicrohttpd soname bump - -* Fri Nov 06 2015 Robert Kuska - 227-4 -- Rebuilt for Python3.5 rebuild - -* Wed Nov 4 2015 Zbigniew Jędrzejewski-Szmek - 227-3 -- Fix syntax in kernel-install (#1277264) - -* Tue Nov 03 2015 Michal Schmidt - 227-2 -- Rebuild for libmicrohttpd soname bump. - -* Wed Oct 7 2015 Kay Sievers - 227-1 -- New upstream release - -* Fri Sep 18 2015 Jan Synáček - 226-3 -- user systemd-journal-upload should be in systemd-journal group (#1262743) - -* Fri Sep 18 2015 Kay Sievers - 226-2 -- Add selinux to system-user PAM config - -* Tue Sep 8 2015 Kay Sievers - 226-1 -- New upstream release - -* Thu Aug 27 2015 Kay Sievers - 225-1 -- New upstream release - -* Fri Jul 31 2015 Kay Sievers - 224-1 -- New upstream release - -* Wed Jul 29 2015 Kay Sievers - 223-2 -- update to git snapshot - -* Wed Jul 29 2015 Kay Sievers - 223-1 -- New upstream release - -* Thu Jul 9 2015 Zbigniew Jędrzejewski-Szmek - 222-2 -- Remove python subpackages (python-systemd in now standalone) - -* Tue Jul 7 2015 Kay Sievers - 222-1 -- New upstream release - -* Mon Jul 6 2015 Kay Sievers - 221-5.git619b80a -- update to git snapshot - -* Mon Jul 6 2015 Zbigniew Jędrzejewski-Szmek - 221-4.git604f02a -- Add example file with yama config (#1234951) - -* Sun Jul 5 2015 Kay Sievers - 221-3.git604f02a -- update to git snapshot - -* Mon Jun 22 2015 Kay Sievers - 221-2 -- build systemd-boot EFI tools - -* Fri Jun 19 2015 Lennart Poettering - 221-1 -- New upstream release -- Undoes botched translation check, should be reinstated later? - -* Fri Jun 19 2015 Fedora Release Engineering - 220-10 -- Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild - -* Thu Jun 11 2015 Peter Robinson 220-9 -- The gold linker is now fixed on aarch64 - -* Tue Jun 9 2015 Zbigniew Jędrzejewski-Szmek - 220-8 -- Remove gudev which is now provided as separate package (libgudev) -- Fix for spurious selinux denials (#1224211) -- Udev change events (#1225905) -- Patches for some potential crashes -- ProtectSystem=yes does not touch /home -- Man page fixes, hwdb updates, shell completion updates -- Restored persistent device symlinks for bcache, xen block devices -- Tag all DRM cards as master-of-seat - -* Tue Jun 09 2015 Harald Hoyer 220-7 -- fix udev block device watch - -* Tue Jun 09 2015 Harald Hoyer 220-6 -- add support for network disk encryption - -* Sun Jun 7 2015 Peter Robinson 220-5 -- Disable gold on aarch64 until it's fixed (tracked in rhbz #1225156) - -* Sat May 30 2015 Zbigniew Jędrzejewski-Szmek - 220-4 -- systemd-devel should require systemd-libs, not the main package (#1226301) -- Check for botched translations (#1226566) -- Make /etc/udev/hwdb.d part of the rpm (#1226379) - -* Thu May 28 2015 Richard W.M. Jones - 220-3 -- Add patch to fix udev --daemon not cleaning child processes - (upstream commit 86c3bece38bcf5). - -* Wed May 27 2015 Richard W.M. Jones - 220-2 -- Add patch to fix udev --daemon crash (upstream commit 040e689654ef08). - -* Thu May 21 2015 Lennart Poettering - 220-1 -- New upstream release -- Drop /etc/mtab hack, as that's apparently fixed in mock now (#1116158) -- Remove ghosting for %%{_sysconfdir}/systemd/system/runlevel*.target, these targets are not configurable anymore in systemd upstream -- Drop work-around for #1002806, since this is solved upstream now - -* Wed May 20 2015 Dennis Gilmore - 219-15 -- fix up the conflicts version for fedora-release - -* Wed May 20 2015 Zbigniew Jędrzejewski-Szmek - 219-14 -- Remove presets (#1221340) -- Fix (potential) crash and memory leak in timedated, locking failure - in systemd-nspawn, crash in resolved. -- journalctl --list-boots should be faster -- zsh completions are improved -- various ommissions in docs are corrected (#1147651) -- VARIANT and VARIANT_ID fields in os-release are documented -- systemd-fsck-root.service is generated in the initramfs (#1201979, #1107818) -- systemd-tmpfiles should behave better on read-only file systems (#1207083) - -* Wed Apr 29 2015 Zbigniew Jędrzejewski-Szmek - 219-13 -- Patches for some outstanding annoyances -- Small keyboard hwdb updates - -* Wed Apr 8 2015 Zbigniew Jędrzejewski-Szmek - 219-12 -- Tighten requirements between subpackages (#1207381). - -* Sun Mar 22 2015 Zbigniew Jędrzejewski-Szmek - 219-11 -- Move all parts systemd-journal-{remote,upload} to - systemd-journal-gatewayd subpackage (#1193143). -- Create /var/lib/systemd/journal-upload directory (#1193145). -- Cut out lots of stupid messages at debug level which were obscuring more - important stuff. -- Apply "tentative" state for devices only when they are added, not removed. -- Ignore invalid swap pri= settings (#1204336) -- Fix SELinux check for timedated operations to enable/disable ntp (#1014315) -- Fix comparing of filesystem paths (#1184016) - -* Sat Mar 14 2015 Zbigniew Jędrzejewski-Szmek - 219-10 -- Fixes for bugs 1186018, 1195294, 1185604, 1196452. -- Hardware database update. -- Documentation fixes. -- A fix for journalctl performance regression. -- Fix detection of inability to open files in journalctl. -- Detect SuperH architecture properly. -- The first of duplicate lines in tmpfiles wins again. -- Do vconsole setup after loading vconsole driver, not fbcon. -- Fix problem where some units were restarted during systemd reexec. -- Fix race in udevadm settle tripping up NetworkManager. -- Downgrade various log messages. -- Fix issue where journal-remote would process some messages with a delay. -- GPT /srv partition autodiscovery is fixed. -- Reconfigure old Finnish keymaps in post (#1151958) - -* Tue Mar 10 2015 Jan Synáček - 219-9 -- Buttons on Lenovo X6* tablets broken (#1198939) - -* Tue Mar 3 2015 Zbigniew Jędrzejewski-Szmek - 219-8 -- Reworked device handling (#1195761) -- ACL handling fixes (with a script in %%post) -- Various log messages downgraded (#1184712) -- Allow PIE on s390 again (#1197721) - -* Wed Feb 25 2015 Michal Schmidt - 219-7 -- arm: reenable lto. gcc-5.0.0-0.16 fixed the crash (#1193212) - -* Tue Feb 24 2015 Colin Walters - 219-6 -- Revert patch that breaks Atomic/OSTree (#1195761) - -* Fri Feb 20 2015 Michal Schmidt - 219-5 -- Undo the resolv.conf workaround, Aim for a proper fix in Rawhide. - -* Fri Feb 20 2015 Michal Schmidt - 219-4 -- Revive fedora-disable-resolv.conf-symlink.patch to unbreak composes. - -* Wed Feb 18 2015 Michal Schmidt - 219-3 -- arm: disabling gold did not help; disable lto instead (#1193212) - -* Tue Feb 17 2015 Peter Jones - 219-2 -- Update 90-default.present for dbxtool. - -* Mon Feb 16 2015 Lennart Poettering - 219-1 -- New upstream release -- This removes the sysctl/bridge hack, a different solution needs to be found for this (see #634736) -- This removes the /etc/resolv.conf hack, anaconda needs to fix their handling of /etc/resolv.conf as symlink -- This enables "%%check" -- disable gold on arm, as that is broken (see #1193212) - -* Mon Feb 16 2015 Peter Robinson 218-6 -- aarch64 now has seccomp support - -* Thu Feb 05 2015 Michal Schmidt - 218-5 -- Don't overwrite systemd.macros with unrelated Source file. - -* Thu Feb 5 2015 Jan Synáček - 218-4 -- Add a touchpad hwdb (#1189319) - -* Thu Jan 15 2015 Zbigniew Jędrzejewski-Szmek - 218-4 -- Enable xkbcommon dependency to allow checking of keymaps -- Fix permissions of /var/log/journal (#1048424) -- Enable timedatex in presets (#1187072) -- Disable rpcbind in presets (#1099595) - -* Wed Jan 7 2015 Jan Synáček - 218-3 -- RFE: journal: automatically rotate the file if it is unlinked (#1171719) - -* Mon Jan 05 2015 Zbigniew Jędrzejewski-Szmek - 218-3 -- Add firewall description files (#1176626) - -* Thu Dec 18 2014 Jan Synáček - 218-2 -- systemd-nspawn doesn't work on s390/s390x (#1175394) - -* Wed Dec 10 2014 Lennart Poettering - 218-1 -- New upstream release -- Enable "nss-mymachines" in /etc/nsswitch.conf - -* Thu Nov 06 2014 Zbigniew Jędrzejewski-Szmek - 217-4 -- Change libgudev1 to only require systemd-libs (#727499), there's - no need to require full systemd stack. -- Fixes for bugs #1159448, #1152220, #1158035. -- Bash completions updates to allow propose more units for start/restart, - and completions for set-default,get-default. -- Again allow systemctl enable of instances. -- Hardware database update and fixes. -- Udev crash on invalid options and kernel commandline timeout parsing are fixed. -- Add "embedded" chassis type. -- Sync before 'reboot -f'. -- Fix restarting of timer units. - -* Wed Nov 05 2014 Michal Schmidt - 217-3 -- Fix hanging journal flush (#1159641) - -* Fri Oct 31 2014 Michal Schmidt - 217-2 -- Fix ordering cycles involving systemd-journal-flush.service and - remote-fs.target (#1159117) - -* Tue Oct 28 2014 Lennart Poettering - 217-1 -- New upstream release - -* Fri Oct 17 2014 Zbigniew Jędrzejewski-Szmek - 216-12 -- Drop PackageKit.service from presets (#1154126) - -* Mon Oct 13 2014 Zbigniew Jędrzejewski-Szmek - 216-11 -- Conflict with old versions of initscripts (#1152183) -- Remove obsolete Finnish keymap (#1151958) - -* Fri Oct 10 2014 Zbigniew Jędrzejewski-Szmek - 216-10 -- Fix a problem with voluntary daemon exits and some other bugs - (#1150477, #1095962, #1150289) - -* Fri Oct 03 2014 Zbigniew Jędrzejewski-Szmek - 216-9 -- Update to latest git, but without the readahead removal patch - (#1114786, #634736) - -* Wed Oct 01 2014 Kay Sievers - 216-8 -- revert "don't reset selinux context during CHANGE events" - -* Wed Oct 01 2014 Lukáš Nykrýn - 216-7 -- add temporary workaround for #1147910 -- don't reset selinux context during CHANGE events - -* Wed Sep 10 2014 Michal Schmidt - 216-6 -- Update timesyncd with patches to avoid hitting NTP pool too often. - -* Tue Sep 09 2014 Michal Schmidt - 216-5 -- Use common CONFIGURE_OPTS for build2 and build3. -- Configure timesyncd with NTP servers from Fedora/RHEL vendor zone. - -* Wed Sep 03 2014 Zbigniew Jędrzejewski-Szmek - 216-4 -- Move config files for sd-j-remote/upload to sd-journal-gateway subpackage (#1136580) - -* Thu Aug 28 2014 Peter Robinson 216-3 -- Drop no LTO build option for aarch64/s390 now it's fixed in binutils (RHBZ 1091611) - -* Thu Aug 21 2014 Zbigniew Jędrzejewski-Szmek - 216-2 -- Re-add patch to disable resolve.conf symlink (#1043119) - -* Wed Aug 20 2014 Lennart Poettering - 216-1 -- New upstream release - -* Mon Aug 18 2014 Fedora Release Engineering - 215-12 -- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - -* Wed Aug 13 2014 Dan Horák 215-11 -- disable LTO also on s390(x) - -* Sat Aug 09 2014 Harald Hoyer 215-10 -- fixed PPC64LE - -* Wed Aug 6 2014 Tom Callaway - 215-9 -- fix license handling - -* Wed Jul 30 2014 Zbigniew Jędrzejewski-Szmek - 215-8 -- Create systemd-journal-remote and systemd-journal-upload users (#1118907) - -* Thu Jul 24 2014 Zbigniew Jędrzejewski-Szmek - 215-7 -- Split out systemd-compat-libs subpackage - -* Tue Jul 22 2014 Kalev Lember - 215-6 -- Rebuilt for gobject-introspection 1.41.4 - -* Mon Jul 21 2014 Zbigniew Jędrzejewski-Szmek - 215-5 -- Fix SELinux context of /etc/passwd-, /etc/group-, /etc/.updated (#1121806) -- Add missing BR so gnutls and elfutils are used - -* Sat Jul 19 2014 Zbigniew Jędrzejewski-Szmek - 215-4 -- Various man page updates -- Static device node logic is conditionalized on CAP_SYS_MODULES instead of CAP_MKNOD - for better behaviour in containers -- Some small networkd link handling fixes -- vconsole-setup runs setfont before loadkeys (https://bugs.freedesktop.org/show_bug.cgi?id=80685) -- New systemd-escape tool -- XZ compression settings are tweaked to greatly improve journald performance -- "watch" is accepted as chassis type -- Various sysusers fixes, most importantly correct selinux labels -- systemd-timesyncd bug fix (https://bugs.freedesktop.org/show_bug.cgi?id=80932) -- Shell completion improvements -- New udev tag ID_SOFTWARE_RADIO can be used to instruct logind to allow user access -- XEN and s390 virtualization is properly detected - -* Mon Jul 07 2014 Colin Walters - 215-3 -- Add patch to disable resolve.conf symlink (#1043119) - -* Sun Jul 06 2014 Zbigniew Jędrzejewski-Szmek - 215-2 -- Move systemd-journal-remote to systemd-journal-gateway package (#1114688) -- Disable /etc/mtab handling temporarily (#1116158) - -* Thu Jul 03 2014 Lennart Poettering - 215-1 -- New upstream release -- Enable coredump logic (which abrt would normally override) - -* Sun Jun 29 2014 Peter Robinson 214-5 -- On aarch64 disable LTO as it still has issues on that arch - -* Thu Jun 26 2014 Zbigniew Jędrzejewski-Szmek - 214-4 -- Bugfixes (#996133, #1112908) - -* Mon Jun 23 2014 Zbigniew Jędrzejewski-Szmek - 214-3 -- Actually create input group (#1054549) - -* Sun Jun 22 2014 Zbigniew Jędrzejewski-Szmek - 214-2 -- Do not restart systemd-logind on upgrades (#1110697) -- Add some patches (#1081429, #1054549, #1108568, #928962) - -* Wed Jun 11 2014 Lennart Poettering - 214-1 -- New upstream release -- Get rid of "floppy" group, since udev uses "disk" now -- Reenable LTO - -* Sun Jun 08 2014 Fedora Release Engineering - 213-4 -- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild - -* Wed May 28 2014 Kay Sievers - 213-3 -- fix systemd-timesync user creation - -* Wed May 28 2014 Michal Sekletar - 213-2 -- Create temporary files after installation (#1101983) -- Add sysstat-collect.timer, sysstat-summary.timer to preset policy (#1101621) - -* Wed May 28 2014 Kay Sievers - 213-1 -- New upstream release - -* Tue May 27 2014 Kalev Lember - 212-6 -- Rebuilt for https://fedoraproject.org/wiki/Changes/Python_3.4 - -* Fri May 23 2014 Adam Williamson - 212-5 -- revert change from 212-4, causes boot fail on single CPU boxes (RHBZ 1095891) - -* Wed May 07 2014 Kay Sievers - 212-4 -- add netns udev workaround - -* Wed May 07 2014 Michal Sekletar - 212-3 -- enable uuidd.socket by default (#1095353) - -* Sat Apr 26 2014 Peter Robinson 212-2 -- Disable building with -flto for the moment due to gcc 4.9 issues (RHBZ 1091611) - -* Tue Mar 25 2014 Lennart Poettering - 212-1 -- New upstream release - -* Mon Mar 17 2014 Peter Robinson 211-2 -- Explicitly define which upstream platforms support libseccomp - -* Tue Mar 11 2014 Lennart Poettering - 211-1 -- New upstream release - -* Mon Mar 10 2014 Zbigniew Jędrzejewski-Szmek - 210-8 -- Fix logind unpriviledged reboot issue and a few other minor fixes -- Limit generator execution time -- Recognize buttonless joystick types - -* Fri Mar 07 2014 Karsten Hopp 210-7 -- ppc64le needs link warnings disabled, too - -* Fri Mar 07 2014 Karsten Hopp 210-6 -- move ifarch ppc64le to correct place (libseccomp req) - -* Fri Mar 07 2014 Zbigniew Jędrzejewski-Szmek - 210-5 -- Bugfixes: #1047568, #1047039, #1071128, #1073402 -- Bash completions for more systemd tools -- Bluetooth database update -- Manpage fixes - -* Thu Mar 06 2014 Zbigniew Jędrzejewski-Szmek - 210-4 -- Apply work-around for ppc64le too (#1073647). - -* Sat Mar 01 2014 Zbigniew Jędrzejewski-Szmek - 210-3 -- Backport a few patches, add completion for systemd-nspawn. - -* Fri Feb 28 2014 Zbigniew Jędrzejewski-Szmek - 210-3 -- Apply work-arounds for ppc/ppc64 for bugs 1071278 and 1071284 - -* Mon Feb 24 2014 Lennart Poettering - 210-2 -- Check more services against preset list and enable by default - -* Mon Feb 24 2014 Lennart Poettering - 210-1 -- new upstream release - -* Sun Feb 23 2014 Zbigniew Jędrzejewski-Szmek - 209-2.gitf01de96 -- Enable dnssec-triggerd.service by default (#1060754) - -* Sun Feb 23 2014 Kay Sievers - 209-2.gitf01de96 -- git snapshot to sort out ARM build issues - -* Thu Feb 20 2014 Lennart Poettering - 209-1 -- new upstream release - -* Tue Feb 18 2014 Zbigniew Jędrzejewski-Szmek - 208-15 -- Make gpsd lazily activated (#1066421) - -* Mon Feb 17 2014 Zbigniew Jędrzejewski-Szmek - 208-14 -- Back out patch which causes user manager to be destroyed when unneeded - and spams logs (#1053315) - -* Sun Feb 16 2014 Zbigniew Jędrzejewski-Szmek - 208-13 -- A different fix for #1023820 taken from Mageia -- Backported fix for #997031 -- Hardward database updates, man pages improvements, a few small memory - leaks, utf-8 correctness and completion fixes -- Support for key-slot option in crypttab - -* Sat Jan 25 2014 Ville Skyttä - 208-12 -- Own the %%{_prefix}/lib/kernel(/*) and %%{_datadir}/zsh(/*) dirs. - -* Tue Dec 03 2013 Zbigniew Jędrzejewski-Szmek - 208-11 -- Backport a few fixes, relevant documentation updates, and HWDB changes - (#1051797, #1051768, #1047335, #1047304, #1047186, #1045849, #1043304, - #1043212, #1039351, #1031325, #1023820, #1017509, #953077) -- Flip journalctl to --full by default (#984758) - -* Tue Dec 03 2013 Zbigniew Jędrzejewski-Szmek - 208-9 -- Apply two patches for #1026860 - -* Tue Dec 03 2013 Zbigniew Jędrzejewski-Szmek - 208-8 -- Bump release to stay ahead of f20 - -* Tue Dec 03 2013 Zbigniew Jędrzejewski-Szmek - 208-7 -- Backport patches (#1023041, #1036845, #1006386?) -- HWDB update -- Some small new features: nspawn --drop-capability=, running PID 1 under - valgrind, "yearly" and "annually" in calendar specifications -- Some small documentation and logging updates - -* Tue Nov 19 2013 Zbigniew Jędrzejewski-Szmek - 208-6 -- Bump release to stay ahead of f20 - -* Tue Nov 19 2013 Zbigniew Jędrzejewski-Szmek - 208-5 -- Use unit name in PrivateTmp= directories (#957439) -- Update manual pages, completion scripts, and hardware database -- Configurable Timeouts/Restarts default values -- Support printing of timestamps on the console -- Fix some corner cases in detecting when writing to the console is safe -- Python API: convert keyword values to string, fix sd_is_booted() wrapper -- Do not tread missing /sbin/fsck.btrfs as an error (#1015467) -- Allow masking of fsck units -- Advertise hibernation to swap files -- Fix SO_REUSEPORT settings -- Prefer converted xkb keymaps to legacy keymaps (#981805, #1026872) -- Make use of newer kmod -- Assorted bugfixes: #1017161, #967521, #988883, #1027478, #821723, #1014303 - -* Tue Oct 22 2013 Zbigniew Jędrzejewski-Szmek - 208-4 -- Add temporary fix for #1002806 - -* Mon Oct 21 2013 Zbigniew Jędrzejewski-Szmek - 208-3 -- Backport a bunch of fixes and hwdb updates - -* Wed Oct 2 2013 Lennart Poettering - 208-2 -- Move old random seed and backlight files into the right place - -* Wed Oct 2 2013 Lennart Poettering - 208-1 -- New upstream release - -* Thu Sep 26 2013 Zbigniew Jędrzejewski-Szmek 207-5 -- Do not create /var/var/... dirs - -* Wed Sep 18 2013 Zbigniew Jędrzejewski-Szmek 207-4 -- Fix policykit authentication -- Resolves: rhbz#1006680 - -* Tue Sep 17 2013 Harald Hoyer 207-3 -- fixed login -- Resolves: rhbz#1005233 - -* Mon Sep 16 2013 Harald Hoyer 207-2 -- add some upstream fixes for 207 -- fixed swap activation -- Resolves: rhbz#1008604 - -* Fri Sep 13 2013 Lennart Poettering - 207-1 -- New upstream release - -* Fri Sep 06 2013 Harald Hoyer 206-11 -- support "debug" kernel command line parameter -- journald: fix fd leak in journal_file_empty -- journald: fix vacuuming of archived journals -- libudev: enumerate - do not try to match against an empty subsystem -- cgtop: fixup the online help -- libudev: fix memleak when enumerating childs - -* Wed Sep 04 2013 Harald Hoyer 206-10 -- Do not require grubby, lorax now takes care of grubby -- cherry-picked a lot of patches from upstream - -* Tue Aug 27 2013 Dennis Gilmore - 206-9 -- Require grubby, Fedora installs require grubby, -- kernel-install took over from new-kernel-pkg -- without the Requires we are unable to compose Fedora -- everyone else says that since kernel-install took over -- it is responsible for ensuring that grubby is in place -- this is really what we want for Fedora - -* Tue Aug 27 2013 Kay Sievers - 206-8 -- Revert "Require grubby its needed by kernel-install" - -* Mon Aug 26 2013 Dennis Gilmore 206-7 -- Require grubby its needed by kernel-install - -* Thu Aug 22 2013 Harald Hoyer 206-6 -- kernel-install now understands kernel flavors like PAE - -* Tue Aug 20 2013 Rex Dieter - 206-5 -- add sddm.service to preset file (#998978) - -* Fri Aug 16 2013 Zbigniew Jędrzejewski-Szmek - 206-4 -- Filter out provides for private python modules. -- Add requires on kmod >= 14 (#990994). - -* Sun Aug 11 2013 Zbigniew Jedrzejewski-Szmek - 206-3 -- New systemd-python3 package (#976427). -- Add ownership of a few directories that we create (#894202). - -* Sun Aug 04 2013 Fedora Release Engineering - 206-2 -- Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - -* Tue Jul 23 2013 Kay Sievers - 206-1 -- New upstream release - Resolves (#984152) - -* Wed Jul 3 2013 Lennart Poettering - 205-1 -- New upstream release - -* Wed Jun 26 2013 Michal Schmidt 204-10 -- Split systemd-journal-gateway subpackage (#908081). - -* Mon Jun 24 2013 Michal Schmidt 204-9 -- Rename nm_dispatcher to NetworkManager-dispatcher in default preset (#977433) - -* Fri Jun 14 2013 Harald Hoyer 204-8 -- fix, which helps to sucessfully browse journals with - duplicated seqnums - -* Fri Jun 14 2013 Harald Hoyer 204-7 -- fix duplicate message ID bug -Resolves: rhbz#974132 - -* Thu Jun 06 2013 Harald Hoyer 204-6 -- introduce 99-default-disable.preset - -* Thu Jun 6 2013 Lennart Poettering - 204-5 -- Rename 90-display-manager.preset to 85-display-manager.preset so that it actually takes precedence over 90-default.preset's "disable *" line (#903690) - -* Tue May 28 2013 Harald Hoyer 204-4 -- Fix kernel-install (#965897) - -* Wed May 22 2013 Kay Sievers - 204-3 -- Fix kernel-install (#965897) - -* Thu May 9 2013 Lennart Poettering - 204-2 -- New upstream release -- disable isdn by default (#959793) - -* Tue May 07 2013 Harald Hoyer 203-2 -- forward port kernel-install-grubby.patch - -* Tue May 7 2013 Lennart Poettering - 203-1 -- New upstream release - -* Wed Apr 24 2013 Harald Hoyer 202-3 -- fix ENOENT for getaddrinfo -- Resolves: rhbz#954012 rhbz#956035 -- crypt-setup-generator: correctly check return of strdup -- logind-dbus: initialize result variable -- prevent library underlinking - -* Fri Apr 19 2013 Harald Hoyer 202-2 -- nspawn create empty /etc/resolv.conf if necessary -- python wrapper: add sd_journal_add_conjunction() -- fix s390 booting -- Resolves: rhbz#953217 - -* Thu Apr 18 2013 Lennart Poettering - 202-1 -- New upstream release - -* Tue Apr 09 2013 Michal Schmidt - 201-2 -- Automatically discover whether to run autoreconf and add autotools and git - BuildRequires based on the presence of patches to be applied. -- Use find -delete. - -* Mon Apr 8 2013 Lennart Poettering - 201-1 -- New upstream release - -* Mon Apr 8 2013 Lennart Poettering - 200-4 -- Update preset file - -* Fri Mar 29 2013 Lennart Poettering - 200-3 -- Remove NetworkManager-wait-online.service from presets file again, it should default to off - -* Fri Mar 29 2013 Lennart Poettering - 200-2 -- New upstream release - -* Tue Mar 26 2013 Lennart Poettering - 199-2 -- Add NetworkManager-wait-online.service to the presets file - -* Tue Mar 26 2013 Lennart Poettering - 199-1 -- New upstream release - -* Mon Mar 18 2013 Michal Schmidt 198-7 -- Drop /usr/s?bin/ prefixes. - -* Fri Mar 15 2013 Harald Hoyer 198-6 -- run autogen to pickup all changes - -* Fri Mar 15 2013 Harald Hoyer 198-5 -- do not mount anything, when not running as pid 1 -- add initrd.target for systemd in the initrd - -* Wed Mar 13 2013 Harald Hoyer 198-4 -- fix switch-root and local-fs.target problem -- patch kernel-install to use grubby, if available - -* Fri Mar 08 2013 Harald Hoyer 198-3 -- add Conflict with dracut < 026 because of the new switch-root isolate - -* Thu Mar 7 2013 Lennart Poettering - 198-2 -- Create required users - -* Thu Mar 7 2013 Lennart Poettering - 198-1 -- New release -- Enable journal persistancy by default - -* Sun Feb 10 2013 Peter Robinson 197-3 -- Bump for ARM - -* Fri Jan 18 2013 Michal Schmidt - 197-2 -- Added qemu-guest-agent.service to presets (Lennart, #885406). -- Add missing pygobject3-base to systemd-analyze deps (Lennart). -- Do not require hwdata, it is all in the hwdb now (Kay). -- Drop dependency on dbus-python. - -* Tue Jan 8 2013 Lennart Poettering - 197-1 -- New upstream release - -* Mon Dec 10 2012 Michal Schmidt - 196-4 -- Enable rngd.service by default (#857765). - -* Mon Dec 10 2012 Michal Schmidt - 196-3 -- Disable hardening on s390(x) because PIE is broken there and produces - text relocations with __thread (#868839). - -* Wed Dec 05 2012 Michal Schmidt - 196-2 -- added spice-vdagentd.service to presets (Lennart, #876237) -- BR cryptsetup-devel instead of the legacy cryptsetup-luks-devel provide name - (requested by Milan Brož). -- verbose make to see the actual build flags - -* Wed Nov 21 2012 Lennart Poettering - 196-1 -- New upstream release - -* Tue Nov 20 2012 Lennart Poettering - 195-8 -- https://bugzilla.redhat.com/show_bug.cgi?id=873459 -- https://bugzilla.redhat.com/show_bug.cgi?id=878093 - -* Thu Nov 15 2012 Michal Schmidt - 195-7 -- Revert udev killing cgroup patch for F18 Beta. -- https://bugzilla.redhat.com/show_bug.cgi?id=873576 - -* Fri Nov 09 2012 Michal Schmidt - 195-6 -- Fix cyclical dep between systemd and systemd-libs. -- Avoid broken build of test-journal-syslog. -- https://bugzilla.redhat.com/show_bug.cgi?id=873387 -- https://bugzilla.redhat.com/show_bug.cgi?id=872638 - -* Thu Oct 25 2012 Kay Sievers - 195-5 -- require 'sed', limit HOSTNAME= match - -* Wed Oct 24 2012 Michal Schmidt - 195-4 -- add dmraid-activation.service to the default preset -- add yum protected.d fragment -- https://bugzilla.redhat.com/show_bug.cgi?id=869619 -- https://bugzilla.redhat.com/show_bug.cgi?id=869717 - -* Wed Oct 24 2012 Kay Sievers - 195-3 -- Migrate /etc/sysconfig/ i18n, keyboard, network files/variables to - systemd native files - -* Tue Oct 23 2012 Lennart Poettering - 195-2 -- Provide syslog because the journal is fine as a syslog implementation - -* Tue Oct 23 2012 Lennart Poettering - 195-1 -- New upstream release -- https://bugzilla.redhat.com/show_bug.cgi?id=831665 -- https://bugzilla.redhat.com/show_bug.cgi?id=847720 -- https://bugzilla.redhat.com/show_bug.cgi?id=858693 -- https://bugzilla.redhat.com/show_bug.cgi?id=863481 -- https://bugzilla.redhat.com/show_bug.cgi?id=864629 -- https://bugzilla.redhat.com/show_bug.cgi?id=864672 -- https://bugzilla.redhat.com/show_bug.cgi?id=864674 -- https://bugzilla.redhat.com/show_bug.cgi?id=865128 -- https://bugzilla.redhat.com/show_bug.cgi?id=866346 -- https://bugzilla.redhat.com/show_bug.cgi?id=867407 -- https://bugzilla.redhat.com/show_bug.cgi?id=868603 - -* Wed Oct 10 2012 Michal Schmidt - 194-2 -- Add scriptlets for migration away from systemd-timedated-ntp.target - -* Wed Oct 3 2012 Lennart Poettering - 194-1 -- New upstream release -- https://bugzilla.redhat.com/show_bug.cgi?id=859614 -- https://bugzilla.redhat.com/show_bug.cgi?id=859655 - -* Fri Sep 28 2012 Lennart Poettering - 193-1 -- New upstream release - -* Tue Sep 25 2012 Lennart Poettering - 192-1 -- New upstream release - -* Fri Sep 21 2012 Lennart Poettering - 191-2 -- Fix journal mmap header prototype definition to fix compilation on 32bit - -* Fri Sep 21 2012 Lennart Poettering - 191-1 -- New upstream release -- Enable all display managers by default, as discussed with Adam Williamson - -* Thu Sep 20 2012 Lennart Poettering - 190-1 -- New upstream release -- Take possession of /etc/localtime, and remove /etc/sysconfig/clock -- https://bugzilla.redhat.com/show_bug.cgi?id=858780 -- https://bugzilla.redhat.com/show_bug.cgi?id=858787 -- https://bugzilla.redhat.com/show_bug.cgi?id=858771 -- https://bugzilla.redhat.com/show_bug.cgi?id=858754 -- https://bugzilla.redhat.com/show_bug.cgi?id=858746 -- https://bugzilla.redhat.com/show_bug.cgi?id=858266 -- https://bugzilla.redhat.com/show_bug.cgi?id=858224 -- https://bugzilla.redhat.com/show_bug.cgi?id=857670 -- https://bugzilla.redhat.com/show_bug.cgi?id=856975 -- https://bugzilla.redhat.com/show_bug.cgi?id=855863 -- https://bugzilla.redhat.com/show_bug.cgi?id=851970 -- https://bugzilla.redhat.com/show_bug.cgi?id=851275 -- https://bugzilla.redhat.com/show_bug.cgi?id=851131 -- https://bugzilla.redhat.com/show_bug.cgi?id=847472 -- https://bugzilla.redhat.com/show_bug.cgi?id=847207 -- https://bugzilla.redhat.com/show_bug.cgi?id=846483 -- https://bugzilla.redhat.com/show_bug.cgi?id=846085 -- https://bugzilla.redhat.com/show_bug.cgi?id=845973 -- https://bugzilla.redhat.com/show_bug.cgi?id=845194 -- https://bugzilla.redhat.com/show_bug.cgi?id=845028 -- https://bugzilla.redhat.com/show_bug.cgi?id=844630 -- https://bugzilla.redhat.com/show_bug.cgi?id=839736 -- https://bugzilla.redhat.com/show_bug.cgi?id=835848 -- https://bugzilla.redhat.com/show_bug.cgi?id=831740 -- https://bugzilla.redhat.com/show_bug.cgi?id=823485 -- https://bugzilla.redhat.com/show_bug.cgi?id=821813 -- https://bugzilla.redhat.com/show_bug.cgi?id=807886 -- https://bugzilla.redhat.com/show_bug.cgi?id=802198 -- https://bugzilla.redhat.com/show_bug.cgi?id=767795 -- https://bugzilla.redhat.com/show_bug.cgi?id=767561 -- https://bugzilla.redhat.com/show_bug.cgi?id=752774 -- https://bugzilla.redhat.com/show_bug.cgi?id=732874 -- https://bugzilla.redhat.com/show_bug.cgi?id=858735 - -* Thu Sep 13 2012 Lennart Poettering - 189-4 -- Don't pull in pkg-config as dep -- https://bugzilla.redhat.com/show_bug.cgi?id=852828 - -* Wed Sep 12 2012 Lennart Poettering - 189-3 -- Update preset policy -- Rename preset policy file from 99-default.preset to 90-default.preset so that people can order their own stuff after the Fedora default policy if they wish - -* Thu Aug 23 2012 Lennart Poettering - 189-2 -- Update preset policy -- https://bugzilla.redhat.com/show_bug.cgi?id=850814 - -* Thu Aug 23 2012 Lennart Poettering - 189-1 -- New upstream release - -* Thu Aug 16 2012 Ray Strode 188-4 -- more scriptlet fixes - (move dm migration logic to %%posttrans so the service - files it's looking for are available at the time - the logic is run) - -* Sat Aug 11 2012 Lennart Poettering - 188-3 -- Remount file systems MS_PRIVATE before switching roots -- https://bugzilla.redhat.com/show_bug.cgi?id=847418 - -* Wed Aug 08 2012 Rex Dieter - 188-2 -- fix scriptlets - -* Wed Aug 8 2012 Lennart Poettering - 188-1 -- New upstream release -- Enable gdm and avahi by default via the preset file -- Convert /etc/sysconfig/desktop to display-manager.service symlink -- Enable hardened build - -* Mon Jul 30 2012 Kay Sievers - 187-3 -- Obsolete: system-setup-keyboard - -* Wed Jul 25 2012 Kalev Lember - 187-2 -- Run ldconfig for the new -libs subpackage - -* Thu Jul 19 2012 Lennart Poettering - 187-1 -- New upstream release - -* Mon Jul 09 2012 Harald Hoyer 186-2 -- fixed dracut conflict version - -* Tue Jul 3 2012 Lennart Poettering - 186-1 -- New upstream release - -* Fri Jun 22 2012 Nils Philippsen - 185-7.gite7aee75 -- add obsoletes/conflicts so multilib systemd -> systemd-libs updates work - -* Thu Jun 14 2012 Michal Schmidt - 185-6.gite7aee75 -- Update to current git - -* Wed Jun 06 2012 Kay Sievers - 185-5.gita2368a3 -- disable plymouth in configure, to drop the .wants/ symlinks - -* Wed Jun 06 2012 Michal Schmidt - 185-4.gita2368a3 -- Update to current git snapshot - - Add systemd-readahead-analyze - - Drop upstream patch -- Split systemd-libs -- Drop duplicate doc files -- Fixed License headers of subpackages - -* Wed Jun 06 2012 Ray Strode - 185-3 -- Drop plymouth files -- Conflict with old plymouth - -* Tue Jun 05 2012 Kay Sievers - 185-2 -- selinux udev labeling fix -- conflict with older dracut versions for new udev file names - -* Mon Jun 04 2012 Kay Sievers - 185-1 -- New upstream release - - udev selinux labeling fixes - - new man pages - - systemctl help - -* Thu May 31 2012 Lennart Poettering - 184-1 -- New upstream release - -* Thu May 24 2012 Kay Sievers - 183-1 -- New upstream release including udev merge. - -* Wed Mar 28 2012 Michal Schmidt - 44-4 -- Add triggers from Bill Nottingham to correct the damage done by - the obsoleted systemd-units's preun scriptlet (#807457). - -* Mon Mar 26 2012 Dennis Gilmore - 44-3 -- apply patch from upstream so we can build systemd on arm and ppc -- and likely the rest of the secondary arches - -* Tue Mar 20 2012 Michal Schmidt - 44-2 -- Don't build the gtk parts anymore. They're moving into systemd-ui. -- Remove a dead patch file. - -* Fri Mar 16 2012 Lennart Poettering - 44-1 -- New upstream release -- Closes #798760, #784921, #783134, #768523, #781735 - -* Mon Feb 27 2012 Dennis Gilmore - 43-2 -- don't conflict with fedora-release systemd never actually provided -- /etc/os-release so there is no actual conflict - -* Wed Feb 15 2012 Lennart Poettering - 43-1 -- New upstream release -- Closes #789758, #790260, #790522 - -* Sat Feb 11 2012 Lennart Poettering - 42-1 -- New upstream release -- Save a bit of entropy during system installation (#789407) -- Don't own /etc/os-release anymore, leave that to fedora-release - -* Thu Feb 9 2012 Adam Williamson - 41-2 -- rebuild for fixed binutils - -* Thu Feb 9 2012 Lennart Poettering - 41-1 -- New upstream release - -* Tue Feb 7 2012 Lennart Poettering - 40-1 -- New upstream release - -* Thu Jan 26 2012 Kay Sievers - 39-3 -- provide /sbin/shutdown - -* Wed Jan 25 2012 Harald Hoyer 39-2 -- increment release - -* Wed Jan 25 2012 Kay Sievers - 39-1.1 -- install everything in /usr - https://fedoraproject.org/wiki/Features/UsrMove - -* Wed Jan 25 2012 Lennart Poettering - 39-1 -- New upstream release - -* Sun Jan 22 2012 Michal Schmidt - 38-6.git9fa2f41 -- Update to a current git snapshot. -- Resolves: #781657 - -* Sun Jan 22 2012 Michal Schmidt - 38-5 -- Build against libgee06. Reenable gtk tools. -- Delete unused patches. -- Add easy building of git snapshots. -- Remove legacy spec file elements. -- Don't mention implicit BuildRequires. -- Configure with --disable-static. -- Merge -units into the main package. -- Move section 3 manpages to -devel. -- Fix unowned directory. -- Run ldconfig in scriptlets. -- Split systemd-analyze to a subpackage. - -* Sat Jan 21 2012 Dan Horák - 38-4 -- fix build on big-endians - -* Wed Jan 11 2012 Lennart Poettering - 38-3 -- Disable building of gtk tools for now - -* Wed Jan 11 2012 Lennart Poettering - 38-2 -- Fix a few (build) dependencies - -* Wed Jan 11 2012 Lennart Poettering - 38-1 -- New upstream release - -* Tue Nov 15 2011 Michal Schmidt - 37-4 -- Run authconfig if /etc/pam.d/system-auth is not a symlink. -- Resolves: #753160 - -* Wed Nov 02 2011 Michal Schmidt - 37-3 -- Fix remote-fs-pre.target and its ordering. -- Resolves: #749940 - -* Wed Oct 19 2011 Michal Schmidt - 37-2 -- A couple of fixes from upstream: -- Fix a regression in bash-completion reported in Bodhi. -- Fix a crash in isolating. -- Resolves: #717325 - -* Tue Oct 11 2011 Lennart Poettering - 37-1 -- New upstream release -- Resolves: #744726, #718464, #713567, #713707, #736756 - -* Thu Sep 29 2011 Michal Schmidt - 36-5 -- Undo the workaround. Kay says it does not belong in systemd. -- Unresolves: #741655 - -* Thu Sep 29 2011 Michal Schmidt - 36-4 -- Workaround for the crypto-on-lvm-on-crypto disk layout -- Resolves: #741655 - -* Sun Sep 25 2011 Michal Schmidt - 36-3 -- Revert an upstream patch that caused ordering cycles -- Resolves: #741078 - -* Fri Sep 23 2011 Lennart Poettering - 36-2 -- Add /etc/timezone to ghosted files - -* Fri Sep 23 2011 Lennart Poettering - 36-1 -- New upstream release -- Resolves: #735013, #736360, #737047, #737509, #710487, #713384 - -* Thu Sep 1 2011 Lennart Poettering - 35-1 -- New upstream release -- Update post scripts -- Resolves: #726683, #713384, #698198, #722803, #727315, #729997, #733706, #734611 - -* Thu Aug 25 2011 Lennart Poettering - 34-1 -- New upstream release - -* Fri Aug 19 2011 Harald Hoyer 33-2 -- fix ABRT on service file reloading -- Resolves: rhbz#732020 - -* Wed Aug 3 2011 Lennart Poettering - 33-1 -- New upstream release - -* Fri Jul 29 2011 Lennart Poettering - 32-1 -- New upstream release - -* Wed Jul 27 2011 Lennart Poettering - 31-2 -- Fix access mode of modprobe file, restart logind after upgrade - -* Wed Jul 27 2011 Lennart Poettering - 31-1 -- New upstream release - -* Wed Jul 13 2011 Lennart Poettering - 30-1 -- New upstream release - -* Thu Jun 16 2011 Lennart Poettering - 29-1 -- New upstream release - -* Mon Jun 13 2011 Michal Schmidt - 28-4 -- Apply patches from current upstream. -- Fixes memory size detection on 32-bit with >4GB RAM (BZ712341) - -* Wed Jun 08 2011 Michal Schmidt - 28-3 -- Apply patches from current upstream -- https://bugzilla.redhat.com/show_bug.cgi?id=709909 -- https://bugzilla.redhat.com/show_bug.cgi?id=710839 -- https://bugzilla.redhat.com/show_bug.cgi?id=711015 - -* Sat May 28 2011 Lennart Poettering - 28-2 -- Pull in nss-myhostname - -* Thu May 26 2011 Lennart Poettering - 28-1 -- New upstream release - -* Wed May 25 2011 Lennart Poettering - 26-2 -- Bugfix release -- https://bugzilla.redhat.com/show_bug.cgi?id=707507 -- https://bugzilla.redhat.com/show_bug.cgi?id=707483 -- https://bugzilla.redhat.com/show_bug.cgi?id=705427 -- https://bugzilla.redhat.com/show_bug.cgi?id=707577 - -* Sat Apr 30 2011 Lennart Poettering - 26-1 -- New upstream release -- https://bugzilla.redhat.com/show_bug.cgi?id=699394 -- https://bugzilla.redhat.com/show_bug.cgi?id=698198 -- https://bugzilla.redhat.com/show_bug.cgi?id=698674 -- https://bugzilla.redhat.com/show_bug.cgi?id=699114 -- https://bugzilla.redhat.com/show_bug.cgi?id=699128 - -* Thu Apr 21 2011 Lennart Poettering - 25-1 -- New upstream release -- https://bugzilla.redhat.com/show_bug.cgi?id=694788 -- https://bugzilla.redhat.com/show_bug.cgi?id=694321 -- https://bugzilla.redhat.com/show_bug.cgi?id=690253 -- https://bugzilla.redhat.com/show_bug.cgi?id=688661 -- https://bugzilla.redhat.com/show_bug.cgi?id=682662 -- https://bugzilla.redhat.com/show_bug.cgi?id=678555 -- https://bugzilla.redhat.com/show_bug.cgi?id=628004 - -* Wed Apr 6 2011 Lennart Poettering - 24-1 -- New upstream release -- https://bugzilla.redhat.com/show_bug.cgi?id=694079 -- https://bugzilla.redhat.com/show_bug.cgi?id=693289 -- https://bugzilla.redhat.com/show_bug.cgi?id=693274 -- https://bugzilla.redhat.com/show_bug.cgi?id=693161 - -* Tue Apr 5 2011 Lennart Poettering - 23-1 -- New upstream release -- Include systemd-sysv-convert - -* Fri Apr 1 2011 Lennart Poettering - 22-1 -- New upstream release - -* Wed Mar 30 2011 Lennart Poettering - 21-2 -- The quota services are now pulled in by mount points, hence no need to enable them explicitly - -* Tue Mar 29 2011 Lennart Poettering - 21-1 -- New upstream release - -* Mon Mar 28 2011 Matthias Clasen - 20-2 -- Apply upstream patch to not send untranslated messages to plymouth - -* Tue Mar 8 2011 Lennart Poettering - 20-1 -- New upstream release - -* Tue Mar 1 2011 Lennart Poettering - 19-1 -- New upstream release - -* Wed Feb 16 2011 Lennart Poettering - 18-1 -- New upstream release - -* Mon Feb 14 2011 Bill Nottingham - 17-6 -- bump upstart obsoletes (#676815) - -* Wed Feb 9 2011 Tom Callaway - 17-5 -- add macros.systemd file for %%{_unitdir} - -* Wed Feb 09 2011 Fedora Release Engineering - 17-4 -- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild - -* Wed Feb 9 2011 Lennart Poettering - 17-3 -- Fix popen() of systemctl, #674916 - -* Mon Feb 7 2011 Bill Nottingham - 17-2 -- add epoch to readahead obsolete - -* Sat Jan 22 2011 Lennart Poettering - 17-1 -- New upstream release - -* Tue Jan 18 2011 Lennart Poettering - 16-2 -- Drop console.conf again, since it is not shipped in pamtmp.conf - -* Sat Jan 8 2011 Lennart Poettering - 16-1 -- New upstream release - -* Thu Nov 25 2010 Lennart Poettering - 15-1 -- New upstream release - -* Thu Nov 25 2010 Lennart Poettering - 14-1 -- Upstream update -- Enable hwclock-load by default -- Obsolete readahead -- Enable /var/run and /var/lock on tmpfs - -* Fri Nov 19 2010 Lennart Poettering - 13-1 -- new upstream release - -* Wed Nov 17 2010 Bill Nottingham 12-3 -- Fix clash - -* Wed Nov 17 2010 Lennart Poettering - 12-2 -- Don't clash with initscripts for now, so that we don't break the builders - -* Wed Nov 17 2010 Lennart Poettering - 12-1 -- New upstream release - -* Fri Nov 12 2010 Matthias Clasen - 11-2 -- Rebuild with newer vala, libnotify - -* Thu Oct 7 2010 Lennart Poettering - 11-1 -- New upstream release - -* Wed Sep 29 2010 Jesse Keating - 10-6 -- Rebuilt for gcc bug 634757 - -* Thu Sep 23 2010 Bill Nottingham - 10-5 -- merge -sysvinit into main package - -* Mon Sep 20 2010 Bill Nottingham - 10-4 -- obsolete upstart-sysvinit too - -* Fri Sep 17 2010 Bill Nottingham - 10-3 -- Drop upstart requires - -* Tue Sep 14 2010 Lennart Poettering - 10-2 -- Enable audit -- https://bugzilla.redhat.com/show_bug.cgi?id=633771 - -* Tue Sep 14 2010 Lennart Poettering - 10-1 -- New upstream release -- https://bugzilla.redhat.com/show_bug.cgi?id=630401 -- https://bugzilla.redhat.com/show_bug.cgi?id=630225 -- https://bugzilla.redhat.com/show_bug.cgi?id=626966 -- https://bugzilla.redhat.com/show_bug.cgi?id=623456 - -* Fri Sep 3 2010 Bill Nottingham - 9-3 -- move fedora-specific units to initscripts; require newer version thereof - -* Fri Sep 3 2010 Lennart Poettering - 9-2 -- Add missing tarball - -* Fri Sep 3 2010 Lennart Poettering - 9-1 -- New upstream version -- Closes 501720, 614619, 621290, 626443, 626477, 627014, 627785, 628913 - -* Fri Aug 27 2010 Lennart Poettering - 8-3 -- Reexecute after installation, take ownership of /var/run/user -- https://bugzilla.redhat.com/show_bug.cgi?id=627457 -- https://bugzilla.redhat.com/show_bug.cgi?id=627634 - -* Thu Aug 26 2010 Lennart Poettering - 8-2 -- Properly create default.target link - -* Wed Aug 25 2010 Lennart Poettering - 8-1 -- New upstream release - -* Thu Aug 12 2010 Lennart Poettering - 7-3 -- Fix https://bugzilla.redhat.com/show_bug.cgi?id=623561 - -* Thu Aug 12 2010 Lennart Poettering - 7-2 -- Fix https://bugzilla.redhat.com/show_bug.cgi?id=623430 - -* Tue Aug 10 2010 Lennart Poettering - 7-1 -- New upstream release - -* Fri Aug 6 2010 Lennart Poettering - 6-2 -- properly hide output on package installation -- pull in coreutils during package installtion - -* Fri Aug 6 2010 Lennart Poettering - 6-1 -- New upstream release -- Fixes #621200 - -* Wed Aug 4 2010 Lennart Poettering - 5-2 -- Add tarball - -* Wed Aug 4 2010 Lennart Poettering - 5-1 -- Prepare release 5 - -* Tue Jul 27 2010 Bill Nottingham - 4-4 -- Add 'sysvinit-userspace' provide to -sysvinit package to fix upgrade/install (#618537) - -* Sat Jul 24 2010 Lennart Poettering - 4-3 -- Add libselinux to build dependencies - -* Sat Jul 24 2010 Lennart Poettering - 4-2 -- Use the right tarball - -* Sat Jul 24 2010 Lennart Poettering - 4-1 -- New upstream release, and make default - -* Tue Jul 13 2010 Lennart Poettering - 3-3 -- Used wrong tarball - -* Tue Jul 13 2010 Lennart Poettering - 3-2 -- Own /cgroup jointly with libcgroup, since we don't dpend on it anymore - -* Tue Jul 13 2010 Lennart Poettering - 3-1 -- New upstream release - -* Fri Jul 9 2010 Lennart Poettering - 2-0 -- New upstream release - -* Wed Jul 7 2010 Lennart Poettering - 1-0 -- First upstream release - -* Tue Jun 29 2010 Lennart Poettering - 0-0.7.20100629git4176e5 -- New snapshot -- Split off -units package where other packages can depend on without pulling in the whole of systemd - -* Tue Jun 22 2010 Lennart Poettering - 0-0.6.20100622gita3723b -- Add missing libtool dependency. - -* Tue Jun 22 2010 Lennart Poettering - 0-0.5.20100622gita3723b -- Update snapshot - -* Mon Jun 14 2010 Rahul Sundaram - 0-0.4.20100614git393024 -- Pull the latest snapshot that fixes a segfault. Resolves rhbz#603231 - -* Fri Jun 11 2010 Rahul Sundaram - 0-0.3.20100610git2f198e -- More minor fixes as per review - -* Thu Jun 10 2010 Rahul Sundaram - 0-0.2.20100610git2f198e -- Spec improvements from David Hollis - -* Wed Jun 09 2010 Rahul Sundaram - 0-0.1.20090609git2f198e -- Address review comments - -* Tue Jun 01 2010 Rahul Sundaram - 0-0.0.git2010-06-02 -- Initial spec (adopted from Kay Sievers) +%autochangelog diff --git a/sysusers.attr b/sysusers.attr new file mode 100644 index 0000000..367c137 --- /dev/null +++ b/sysusers.attr @@ -0,0 +1,2 @@ +%__sysusers_provides %{_rpmconfigdir}/sysusers.prov +%__sysusers_path ^%{_sysusersdir}/.*\\.conf$ diff --git a/sysusers.generate-pre.sh b/sysusers.generate-pre.sh new file mode 100755 index 0000000..944abff --- /dev/null +++ b/sysusers.generate-pre.sh @@ -0,0 +1,96 @@ +#!/bin/bash +# -*- mode: shell-script; indent-tabs-mode: true; tab-width: 4; -*- + +# This script turns sysuser.d files into scriptlets mandated by Fedora +# packaging guidelines. The general idea is to define users using the +# declarative syntax but to turn this into traditional scriptlets. + +user() { + user="$1" + uid="$2" + desc="$3" + group="$4" + home="$5" + shell="$6" + + [ "$desc" = '-' ] && desc= + { [ "$home" = '-' ] || [ "$home" = '' ]; } && home=/ + { [ "$shell" = '-' ] || [ "$shell" = '' ]; } && shell=/usr/sbin/nologin + + if [ "$uid" = '-' ] || [ "$uid" = '' ]; then + cat <<-EOF + getent passwd '$user' >/dev/null || \\ + useradd -r -g ${group@Q} -d ${home@Q} -s ${shell@Q} -c ${desc@Q} ${user@Q} || : + EOF + else + cat <<-EOF + if ! getent passwd ${user@Q} >/dev/null; then + if ! getent passwd ${uid@Q} >/dev/null; then + useradd -r -u ${uid@Q} -g ${group@Q} -d ${home@Q} -s ${shell@Q} -c ${desc@Q} ${user@Q} || : + else + useradd -r -g ${group@Q} -d ${home@Q} -s ${shell@Q} -c ${desc@Q} ${user@Q} || : + fi + fi + + EOF + fi +} + +group() { + group="$1" + gid="$2" + + if [ "$gid" = '-' ]; then + cat <<-EOF + getent group ${group@Q} >/dev/null || groupadd -r ${group@Q} || : + EOF + else + cat <<-EOF + getent group ${group@Q} >/dev/null || groupadd -f -g ${gid@Q} -r ${group@Q} || : + EOF + fi +} + +usermod() { + user="$1" + group="$2" + + cat <<-EOF + if getent group ${group@Q} >/dev/null; then + usermod -a -G ${group@Q} '$user' || : + fi + EOF +} + +parse() { + while read -r line || [ -n "$line" ] ; do + { [ "${line:0:1}" = '#' ] || [ "${line:0:1}" = ';' ]; } && continue + line="${line## *}" + [ -z "$line" ] && continue + eval "arr=( $line )" + case "${arr[0]}" in + ('u'|'u!') + if [[ "${arr[2]}" == *":"* ]]; then + user "${arr[1]}" "${arr[2]%:*}" "${arr[3]}" "${arr[2]#*:}" "${arr[4]}" "${arr[5]}" + else + group "${arr[1]}" "${arr[2]}" + user "${arr[1]}" "${arr[2]}" "${arr[3]}" "${arr[1]}" "${arr[4]}" "${arr[5]}" + fi + ;; + ('g') + group "${arr[1]}" "${arr[2]}" + ;; + ('m') + group "${arr[2]}" "-" + user "${arr[1]}" "-" "" "${arr[1]}" "" "" + usermod "${arr[1]}" "${arr[2]}" + ;; + esac + done +} + +for fn in "$@"; do + [ -e "$fn" ] || continue + echo "# generated from $(basename "$fn")" + parse <"$fn" +done diff --git a/sysusers.prov b/sysusers.prov new file mode 100755 index 0000000..7b3d704 --- /dev/null +++ b/sysusers.prov @@ -0,0 +1,61 @@ +#!/bin/bash + +process_u() { + if [ ! -z "${2##*[!0-9]*}" ]; then + # Single shared static ID. + echo "user($1) = $2" + echo "group($1) = $2" + elif [[ $2 == *:* ]]; then + # UID:. + uid=$(echo $2 | cut -d':' -f1 -) + group=$(echo $2 | cut -d':' -f2 -) + if [ ! -z "${group##*[!0-9]*}" ]; then + # UID:GID. + echo "user($1) = ${uid}" + echo "group($1) = ${group}" + else + # UID:. + echo "user($1) = ${uid}" + echo "group(${group})" + fi + else + # Dynamic (or something else uninteresting). + echo "user($1)" + echo "group($1)" + fi +} + +process_g() { + if [ ! -z "${2##*[!0-9]*}" ]; then + # Static GID. + echo "group($1) = $2" + else + # Dynamic (or something else uninteresting). + echo "group($1)" + fi +} + +parse() { + while read line; do + [ "${line:0:1}" = '#' -o "${line:0:1}" = ';' ] && continue + line="${line## *}" + [ -z "$line" ] && continue + set -- $line + case "$1" in + ('u'|'u!') + process_u "$2" "$3" + ;; + ('g') + process_g "$2" "$3" + ;; + ('m') + echo "user($2)" + echo "group($3)" + ;; + esac + done +} + +while read fn; do + parse < "$fn" +done diff --git a/test_sysusers_defined.py b/test_sysusers_defined.py new file mode 100755 index 0000000..3c1e04f --- /dev/null +++ b/test_sysusers_defined.py @@ -0,0 +1,39 @@ +#!/usr/bin/python + +import os +import sys + +def parse_sysusers_file(filename): + users, groups = set(), set() + + for line in open(filename): + line = line.strip() + if not line or line.startswith('#'): + continue + words = line.split() + match words[0]: + case 'u'|'u!': + users.add(words[1]) + case 'g': + groups.add(words[1]) + case 'm'|'r': + continue + case _: + assert False + return users, groups + +setup_users, setup_groups = set(), set() + +for arg in sys.argv[1:-1]: + users, groups = parse_sysusers_file(arg) + setup_users |= users + setup_groups |= groups + +basic_users, basic_groups = parse_sysusers_file(sys.argv[-1]) + +ignored = set(os.getenv('IGNORED', '').split()) + +if d := basic_users - setup_users - ignored: + exit(f'We have new users: {d}') +if d := basic_groups - setup_groups - ignored: + exit(f'We have new groups: {d}') diff --git a/triggers.systemd b/triggers.systemd index 6640c47..28ddc1f 100644 --- a/triggers.systemd +++ b/triggers.systemd @@ -1,64 +1,85 @@ # -*- Mode: rpm-spec; indent-tabs-mode: nil -*- */ +# SPDX-License-Identifier: LGPL-2.1-or-later # # This file is part of systemd. # -# Copyright 2015 Zbigniew Jędrzejewski-Szmek -# -# systemd is free software; you can redistribute it and/or modify it -# under the terms of the GNU Lesser General Public License as published by -# the Free Software Foundation; either version 2.1 of the License, or -# (at your option) any later version. -# -# systemd is distributed in the hope that it will be useful, but -# WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU -# Lesser General Public License for more details. -# -# You should have received a copy of the GNU Lesser General Public License -# along with systemd; If not, see . +# Copyright 2018 Neal Gompa # The contents of this are an example to be copied into systemd.spec. +# +# Minimum rpm version supported: 4.14.0 -%transfiletriggerin -P 900900 -p -- /usr/lib/systemd/system /etc/systemd/system --- This script will run after any package is initially installed or --- upgraded. We care about the case where a package is initially --- installed, because other cases are covered by the *un scriptlets, --- so sometimes we will reload needlessly. +%transfiletriggerin -P 900900 -- /usr/lib/systemd/system/ /etc/systemd/system/ +# This script will run after any package is initially installed or +# upgraded. We care about the case where a package is initially +# installed, because other cases are covered by the *un scriptlets, +# so sometimes we will reload needlessly. +/usr/lib/systemd/systemd-update-helper system-reload-restart || : -pid = posix.fork() -if pid == 0 then - assert(posix.exec("%{_bindir}/systemctl", "daemon-reload")) -elseif pid > 0 then - posix.wait(pid) -end +%transfiletriggerin -P 900899 -- /usr/lib/systemd/user/ /etc/systemd/user/ +/usr/lib/systemd/systemd-update-helper user-reload-restart || : -%transfiletriggerun -p -- /usr/lib/systemd/system /etc/systemd/system --- On removal, we need to run daemon-reload after any units have been --- removed. %transfiletriggerpostun would be ideal, but it does not get --- executed for some reason. --- On upgrade, we need to run daemon-reload after any new unit files --- have been installed, but before %postun scripts in packages get --- executed. %transfiletriggerun gets the right list of files --- but it is invoked too early (before changes happen). --- %filetriggerpostun happens at the right time, but it fires for --- every package. --- To execute the reload at the right time, we create a state --- file in %transfiletriggerun and execute the daemon-reload in --- the first %filetriggerpostun. +%transfiletriggerpostun -P 1000100 -- /usr/lib/systemd/system/ /etc/systemd/system/ +# On removal, we need to run daemon-reload after any units have been +# removed. +# On upgrade, we need to run daemon-reload after any new unit files +# have been installed, but before %postun scripts in packages get +# executed. +/usr/lib/systemd/systemd-update-helper system-reload || : -posix.mkdir("%{_localstatedir}/lib") -posix.mkdir("%{_localstatedir}/lib/rpm-state") -posix.mkdir("%{_localstatedir}/lib/rpm-state/systemd") -io.open("%{_localstatedir}/lib/rpm-state/systemd/needs-reload", "w") +%transfiletriggerpostun -P 1000099 -- /usr/lib/systemd/user/ /etc/systemd/user/ +# Execute daemon-reload in user managers. +/usr/lib/systemd/systemd-update-helper user-reload || : -%filetriggerpostun -P 1000100 -p -- /usr/lib/systemd/system /etc/systemd/system -if posix.access("%{_localstatedir}/lib/rpm-state/systemd/needs-reload") then - posix.unlink("%{_localstatedir}/lib/rpm-state/systemd/needs-reload") - posix.rmdir("%{_localstatedir}/lib/rpm-state/systemd") - pid = posix.fork() - if pid == 0 then - assert(posix.exec("%{_bindir}/systemctl", "daemon-reload")) - elseif pid > 0 then - posix.wait(pid) - end -end +%transfiletriggerpostun -P 10000 -- /usr/lib/systemd/system/ /etc/systemd/system/ +# We restart remaining system services that should be restarted here. +/usr/lib/systemd/systemd-update-helper system-restart || : + +%transfiletriggerpostun -P 9999 -- /usr/lib/systemd/user/ /etc/systemd/user/ +# We restart remaining user services that should be restarted here. +/usr/lib/systemd/systemd-update-helper user-restart || : + +%transfiletriggerin -P 1000700 -- /usr/lib/sysusers.d/ +# This script will process files installed in /usr/lib/sysusers.d to create +# specified users automatically. The priority is set such that it +# will run before the tmpfiles file trigger. +systemd-sysusers || : + +%transfiletriggerin -P 1000700 udev -- /usr/lib/udev/hwdb.d/ +# This script will automatically invoke hwdb update if files have been +# installed or updated in /usr/lib/udev/hwdb.d. +systemd-hwdb update || : + +%transfiletriggerin -P 1000700 -- /usr/lib/systemd/catalog/ +# This script will automatically invoke journal catalog update if files +# have been installed or updated in /usr/lib/systemd/catalog. +journalctl --update-catalog || : + +%transfiletriggerin -P 1000700 -- /usr/lib/binfmt.d/ +# This script will automatically apply binfmt rules if files have been +# installed or updated in /usr/lib/binfmt.d. +if test -d "/run/systemd/system"; then + # systemd-binfmt might fail if binfmt_misc kernel module is not loaded + # during install + /usr/lib/systemd/systemd-binfmt || : +fi + +%transfiletriggerin -P 1000600 -- /usr/lib/tmpfiles.d/ +# This script will process files installed in /usr/lib/tmpfiles.d to create +# tmpfiles automatically. The priority is set such that it will run +# after the sysusers file trigger, but before any other triggers. +if test -d "/run/systemd/system"; then + systemd-tmpfiles --create || : +fi + +%transfiletriggerin -P 1000600 udev -- /usr/lib/udev/rules.d/ +# This script will automatically update udev with new rules if files +# have been installed or updated in /usr/lib/udev/rules.d. +/usr/lib/systemd/systemd-update-helper mark-reload-system-units systemd-udevd.service || : + +%transfiletriggerin -P 1000500 -- /usr/lib/sysctl.d/ +# This script will automatically apply sysctl rules if files have been +# installed or updated in /usr/lib/sysctl.d. +if test -d "/run/systemd/system"; then + /usr/lib/systemd/systemd-sysctl || : +fi diff --git a/yum-protect-systemd.conf b/yum-protect-systemd.conf deleted file mode 100644 index 39426d7..0000000 --- a/yum-protect-systemd.conf +++ /dev/null @@ -1,2 +0,0 @@ -systemd -systemd-udev