diff --git a/.editorconfig b/.editorconfig deleted file mode 100644 index 1b58baf..0000000 --- a/.editorconfig +++ /dev/null @@ -1,11 +0,0 @@ -root = true - -[*] -charset = utf-8 -indent_size = 4 -indent_style = space -insert_final_newline = true -trim_trailing_whitespace = true - -[*.{yml,yaml}] -indent_size = 2 diff --git a/.fmf/version b/.fmf/version deleted file mode 100644 index d00491f..0000000 --- a/.fmf/version +++ /dev/null @@ -1 +0,0 @@ -1 diff --git a/.gitignore b/.gitignore index ca73e11..7d93b1b 100644 --- a/.gitignore +++ b/.gitignore @@ -1,5 +1,3 @@ -*~ -/.mail.list /systemd-*/ /.build-*.log /x86_64/ @@ -7,7 +5,3 @@ /systemd-*.tar.xz /systemd-*.tar.gz /*.rpm -/mkosi.output/ -/mkosi.cache/ -/mkosi.builddir/ -/mkosi.local.conf diff --git a/.zuul.yaml b/.zuul.yaml deleted file mode 100644 index b2e0850..0000000 --- a/.zuul.yaml +++ /dev/null @@ -1,7 +0,0 @@ -- project: - vars: - install_repo_exclude: - - systemd-standalone-repart - - systemd-standalone-shutdown - - systemd-standalone-sysusers - - systemd-standalone-tmpfiles diff --git a/0001-Revert-units-drop-runlevel-0-6-.target.patch b/0001-Revert-units-drop-runlevel-0-6-.target.patch deleted file mode 100644 index faf8341..0000000 --- a/0001-Revert-units-drop-runlevel-0-6-.target.patch +++ /dev/null @@ -1,88 +0,0 @@ -From 61750e265ce3f7783a8dba831e91140f84ad89f2 Mon Sep 17 00:00:00 2001 -From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= -Date: Wed, 5 Nov 2025 17:52:16 +0100 -Subject: [PATCH 1/3] Revert "units: drop runlevel[0-6].target" - -This partially reverts commit e58ba80a40fb6e96543d56774a5bc5aa9cdadbf3. -The unit are still needed for compat. ---- - units/meson.build | 27 ++++++++++++++++++++++----- - 1 file changed, 22 insertions(+), 5 deletions(-) - -diff --git a/units/meson.build b/units/meson.build -index 2e04c4aa2b..46eaac4073 100644 ---- a/units/meson.build -+++ b/units/meson.build -@@ -1,5 +1,7 @@ - # SPDX-License-Identifier: LGPL-2.1-or-later - -+with_runlevels = conf.get('HAVE_SYSV_COMPAT') == 1 -+ - units = [ - { 'file' : 'basic.target' }, - { 'file' : 'blockdev@.target' }, -@@ -49,7 +51,7 @@ units = [ - }, - { - 'file' : 'graphical.target', -- 'symlinks' : ['default.target'], -+ 'symlinks' : ['default.target'] + (with_runlevels ? ['runlevel5.target'] : []), - }, - { 'file' : 'halt.target' }, - { -@@ -142,7 +144,10 @@ units = [ - 'conditions' : ['ENABLE_MACHINED'], - }, - { 'file' : 'modprobe@.service' }, -- { 'file' : 'multi-user.target' }, -+ { -+ 'file' : 'multi-user.target', -+ 'symlinks' : with_runlevels ? ['runlevel2.target', 'runlevel3.target', 'runlevel4.target'] : [], -+ }, - { - 'file' : 'systemd-mute-console.socket', - 'symlinks' : ['sockets.target.wants/'] -@@ -155,7 +160,10 @@ units = [ - { 'file' : 'nss-lookup.target' }, - { 'file' : 'nss-user-lookup.target' }, - { 'file' : 'paths.target' }, -- { 'file' : 'poweroff.target' }, -+ { -+ 'file' : 'poweroff.target', -+ 'symlinks' : with_runlevels ? ['runlevel0.target'] : [], -+ }, - { 'file' : 'printer.target' }, - { - 'file' : 'proc-sys-fs-binfmt_misc.automount', -@@ -180,7 +188,7 @@ units = [ - }, - { - 'file' : 'reboot.target', -- 'symlinks' : ['ctrl-alt-del.target'], -+ 'symlinks' : ['ctrl-alt-del.target'] + (with_runlevels ? ['runlevel6.target'] : []), - }, - { - 'file' : 'remote-cryptsetup.target', -@@ -200,7 +208,10 @@ units = [ - 'symlinks' : ['initrd-root-device.target.wants/'], - }, - { 'file' : 'rescue.service.in' }, -- { 'file' : 'rescue.target' }, -+ { -+ 'file' : 'rescue.target', -+ 'symlinks' : with_runlevels ? ['runlevel1.target'] : [], -+ }, - { 'file' : 'rpcbind.target' }, - { 'file' : 'serial-getty@.service.in' }, - { 'file' : 'shutdown.target' }, -@@ -1001,4 +1012,10 @@ else - dbussessionservicedir / 'org.freedesktop.systemd1.service')) - endif - -+if conf.get('HAVE_SYSV_COMPAT') == 1 -+ foreach i : [1, 2, 3, 4, 5] -+ install_emptydir(systemunitdir / 'runlevel@0@.target.wants'.format(i)) -+ endforeach -+endif -+ - subdir('user') diff --git a/0001-test-cgroup-util-bail-out-when-running-under-mock.patch b/0001-test-cgroup-util-bail-out-when-running-under-mock.patch new file mode 100644 index 0000000..15e9ecb --- /dev/null +++ b/0001-test-cgroup-util-bail-out-when-running-under-mock.patch @@ -0,0 +1,33 @@ +From 62e20ce3dc0210e331147b717ea36b17a3d555f2 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= +Date: Tue, 6 Mar 2018 00:01:36 +0100 +Subject: [PATCH] test-cgroup-util: bail out when running under mock + +The builds were failing in Fedora koji, where something strange is mounted +on /sys/fs/cgroup. +--- + src/test/test-cgroup-util.c | 10 ++++++++-- + 1 file changed, 8 insertions(+), 2 deletions(-) + +diff --git a/src/test/test-cgroup-util.c b/src/test/test-cgroup-util.c +index c4163fc3a9..9ef7c97c74 100644 +--- a/src/test/test-cgroup-util.c ++++ b/src/test/test-cgroup-util.c +@@ -408,9 +408,15 @@ static void test_cg_tests(void) { + static void test_cg_get_keyed_attribute(void) { + _cleanup_free_ char *val = NULL; + char *vals3[3] = {}, *vals3a[3] = {}; +- int i; ++ int i, r; + +- assert_se(cg_get_keyed_attribute("cpu", "/init.scope", "no_such_file", STRV_MAKE("no_such_attr"), &val) == -ENOENT); ++ r = cg_get_keyed_attribute("cpu", "/init.scope", "no_such_file", STRV_MAKE("no_such_attr"), &val); ++ if (r == -ENOMEDIUM) { ++ log_info_errno(r, "Skipping most of %s, /sys/fs/cgroup not accessible: %m", __func__); ++ return; ++ } ++ ++ assert_se(r == -ENOENT); + assert_se(val == NULL); + + if (access("/sys/fs/cgroup/init.scope/cpu.stat", R_OK) < 0) { diff --git a/0002-basic-fs-util-skip-fsync_directory_of_file-if-proc-s.patch b/0002-basic-fs-util-skip-fsync_directory_of_file-if-proc-s.patch new file mode 100644 index 0000000..499e689 --- /dev/null +++ b/0002-basic-fs-util-skip-fsync_directory_of_file-if-proc-s.patch @@ -0,0 +1,97 @@ +From 83492cce79c0cda1ea634abe4ad6519aa69e2fdc Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= +Date: Wed, 7 Mar 2018 23:36:44 +0100 +Subject: [PATCH] basic/fs-util: skip fsync_directory_of_file() if + /proc/self/fd/ is not available + +When systemd is running under lorax (in Fedora compose process), it'd think that +it failed to write /etc/machine-id, even though the write succeeded, because +fsync_directory_of_file() would fail, because /proc/self/fd/ is not available. +fsync_directory_of_file() is mostly an additional safety net, so I think it's best +to just silently ignore the error. + +Strace of pid1: +35791 stat("/etc", {st_mode=S_IFDIR|0755, st_size=4096, ...}) = 0 +35791 openat(AT_FDCWD, "/etc/machine-id", O_RDWR|O_CREAT|O_NOCTTY|O_CLOEXEC, 0444) = 3 +35791 umask(022) = 000 +35791 read(3, "", 38) = 0 +35791 openat(AT_FDCWD, "/var/lib/dbus/machine-id", O_RDONLY|O_NOCTTY|O_NOFOLLOW|O_CLOEXEC) = -1 ENOENT (No such file o +r directory) +35791 openat(AT_FDCWD, "/sys/class/dmi/id/product_name", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory) +35791 openat(AT_FDCWD, "/sys/class/dmi/id/sys_vendor", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory) +35791 openat(AT_FDCWD, "/sys/class/dmi/id/board_vendor", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory) +35791 openat(AT_FDCWD, "/sys/class/dmi/id/bios_vendor", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory) +35791 access("/proc/xen", F_OK) = -1 ENOENT (No such file or directory) +35791 openat(AT_FDCWD, "/sys/hypervisor/type", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory) +35791 openat(AT_FDCWD, "/proc/cpuinfo", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory) +35791 getrandom("\xb8\x82\xed\xd4\x35\x11\xd0\xeb\xa6\x79\xd7\x31\x6e\x7b\x99\xce", 16, GRND_NONBLOCK) = 16 +35791 writev(2, [{iov_base="Initializing machine ID from random generator.", iov_len=46}, {iov_base="\n", iov_len=1}], + 2) = 47 +35791 lseek(3, 0, SEEK_SET) = 0 +35791 ftruncate(3, 0) = 0 +35791 write(3, "b882edd4351140eba679d7316e7b99ce\n", 33) = 33 +35791 fsync(3) = 0 +35791 fstat(3, {st_mode=S_IFREG|0444, st_size=33, ...}) = 0 +35791 readlinkat(AT_FDCWD, "/proc/self/fd/3", 0x564df8c694c0, 99) = -1 ENOENT (No such file or directory) +35791 close(3) = 0 +35791 umask(022) = 022 +35791 openat(AT_FDCWD, "/run/machine-id", O_WRONLY|O_CREAT|O_NOCTTY|O_TRUNC|O_CLOEXEC, 0444) = 3 +35791 write(3, "b882edd4351140eba679d7316e7b99ce\n", 33) = 33 +35791 close(3) = 0 +35791 umask(022) = 022 +35791 mount("/run/machine-id", "/etc/machine-id", NULL, MS_BIND, NULL) = 0 +35791 writev(2, [{iov_base="Installed transient /etc/machine-id file.", iov_len=41}, {iov_base="\n", iov_len=1}], 2) = 42 +35791 mount(NULL, "/etc/machine-id", NULL, MS_RDONLY|MS_REMOUNT|MS_BIND, NULL) = 0 + +https://bugzilla.redhat.com/show_bug.cgi?id=1552843 +--- + src/basic/fd-util.c | 15 +++++++++++---- + src/basic/fs-util.c | 5 +++++ + 2 files changed, 16 insertions(+), 4 deletions(-) + +diff --git a/src/basic/fd-util.c b/src/basic/fd-util.c +index 678ab12bb8..bb74f6c58e 100644 +--- a/src/basic/fd-util.c ++++ b/src/basic/fd-util.c +@@ -361,14 +361,21 @@ bool fdname_is_valid(const char *s) { + } + + int fd_get_path(int fd, char **ret) { +- char procfs_path[STRLEN("/proc/self/fd/") + DECIMAL_STR_MAX(int)]; ++ _cleanup_close_ int dir = -1; ++ char fdname[DECIMAL_STR_MAX(int)]; + int r; + +- xsprintf(procfs_path, "/proc/self/fd/%i", fd); ++ dir = open("/proc/self/fd/", O_CLOEXEC | O_DIRECTORY | O_PATH); ++ if (dir < 0) ++ /* /proc is not available or not setup up properly, we're most likely ++ * in some chroot environment. */ ++ return -EOPNOTSUPP; + +- r = readlink_malloc(procfs_path, ret); ++ xsprintf(fdname, "%i", fd); + +- if (r == -ENOENT) /* If the file doesn't exist the fd is invalid */ ++ r = readlinkat_malloc(dir, fdname, ret); ++ if (r == -ENOENT) ++ /* If the file doesn't exist the fd is invalid */ + return -EBADF; + + return r; +diff --git a/src/basic/fs-util.c b/src/basic/fs-util.c +index 85c8070a1b..8d8d986082 100644 +--- a/src/basic/fs-util.c ++++ b/src/basic/fs-util.c +@@ -978,6 +978,11 @@ int fsync_directory_of_file(int fd) { + return r; + + r = fd_get_path(fd, &path); ++ if (r == -EOPNOTSUPP) ++ /* If /proc is not available, we're most likely running in some ++ * chroot environment, and syncing the directory is not very ++ * important in that case. Let's just silently do nothing. */ ++ return 0; + if (r < 0) + return r; + diff --git a/0002-machined-continue-without-resolve.hook-socket.patch b/0002-machined-continue-without-resolve.hook-socket.patch deleted file mode 100644 index 2903c5e..0000000 --- a/0002-machined-continue-without-resolve.hook-socket.patch +++ /dev/null @@ -1,32 +0,0 @@ -From 8d6d86d1d7e45eeae921e88adde55d6524027c96 Mon Sep 17 00:00:00 2001 -From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= -Date: Wed, 26 Nov 2025 22:29:53 +0100 -Subject: [PATCH 3/3] machined: continue without resolve.hook socket - ---- - src/machine/machined-varlink.c | 12 +++++++++--- - 1 file changed, 9 insertions(+), 3 deletions(-) - -diff --git a/src/machine/machined-varlink.c b/src/machine/machined-varlink.c -index f83cbb8562..0b30cd0531 100644 ---- a/src/machine/machined-varlink.c -+++ b/src/machine/machined-varlink.c -@@ -894,9 +894,15 @@ static int manager_varlink_init_resolve_hook(Manager *m) { - - r = sd_varlink_server_listen_address(s, VARLINK_PATH_MACHINED_RESOLVE_HOOK, - 0666 | SD_VARLINK_SERVER_MODE_MKDIR_0755); -- if (r < 0) -- return log_error_errno(r, "Failed to bind to varlink socket %s: %m", -- VARLINK_PATH_MACHINED_RESOLVE_HOOK); -+ if (r < 0) { -+ bool ignore = ERRNO_IS_NEG_PRIVILEGE(r); -+ log_full_errno(ignore ? LOG_WARNING : LOG_ERR, -+ r, -+ "Failed to bind to varlink socket %s%s: %m", -+ VARLINK_PATH_MACHINED_RESOLVE_HOOK, -+ ignore ? ", ignoring" : ""); -+ return ignore ? 0 : r; -+ } - - r = sd_varlink_server_attach_event(s, m->event, SD_EVENT_PRIORITY_NORMAL); - if (r < 0) diff --git a/0003-ukify-omit-.osrel-section-when-os-release-is-empty.patch b/0003-ukify-omit-.osrel-section-when-os-release-is-empty.patch deleted file mode 100644 index 5f4a1dd..0000000 --- a/0003-ukify-omit-.osrel-section-when-os-release-is-empty.patch +++ /dev/null @@ -1,112 +0,0 @@ -From 75890d949f92c412c0936b8536b2e0dc8f7dfb40 Mon Sep 17 00:00:00 2001 -From: Nick Rosbrook -Date: Fri, 19 Dec 2025 11:01:49 -0500 -Subject: [PATCH] ukify: omit .osrel section when --os-release= is empty - -The primary motivation for this is to allow users of ukify to build -UKI-like objects, without having them later be detected as a UKI by -tools like kernel-install and bootctl. - -The common code used by these tools to determine if a PE binary is a UKI -checks that both .osrel and .linux sections are present. Hence, adding -a mechansim to skip .osrel provides a way to avoid being labeled a UKI. ---- - man/ukify.xml | 5 ++++- - src/ukify/test/test_ukify.py | 15 +++++++++++---- - src/ukify/ukify.py | 10 +++++++++- - 3 files changed, 24 insertions(+), 6 deletions(-) - -diff --git a/man/ukify.xml b/man/ukify.xml -index 829761642d..7462c5c92f 100644 ---- a/man/ukify.xml -+++ b/man/ukify.xml -@@ -365,7 +365,10 @@ - The os-release description (the .osrel section). The argument - may be a literal string, or @ followed by a path name. If not specified, the - os-release5 file -- will be picked up from the host system. -+ will be picked up from the host system. If explicitly set to an empty string, the ".osrel" section -+ is omitted from the UKI (this is not recommended in most cases, and causes the resulting artifact -+ to not be recognized as a UKI by other tools like kernel-install -+ and bootctl). - - - -diff --git a/src/ukify/test/test_ukify.py b/src/ukify/test/test_ukify.py -index f75ef0c891..224a38569f 100755 ---- a/src/ukify/test/test_ukify.py -+++ b/src/ukify/test/test_ukify.py -@@ -641,7 +641,7 @@ def test_efi_signing_pesign(kernel_initrd, tmp_path): - - shutil.rmtree(tmp_path) - --def test_inspect(kernel_initrd, tmp_path, capsys): -+def test_inspect(kernel_initrd, tmp_path, capsys, osrel=True): - if kernel_initrd is None: - pytest.skip('linux+initrd not found') - if not shutil.which('sbsign'): -@@ -653,7 +653,7 @@ def test_inspect(kernel_initrd, tmp_path, capsys): - - output = f'{tmp_path}/signed2.efi' - uname_arg='1.2.3' -- osrel_arg='Linux' -+ osrel_arg='Linux' if osrel else '' - cmdline_arg='ARG1 ARG2 ARG3' - - args = [ -@@ -680,8 +680,12 @@ def test_inspect(kernel_initrd, tmp_path, capsys): - - text = capsys.readouterr().out - -- expected_osrel = f'.osrel:\n size: {len(osrel_arg)}' -- assert expected_osrel in text -+ if osrel: -+ expected_osrel = f'.osrel:\n size: {len(osrel_arg)}' -+ assert expected_osrel in text -+ else: -+ assert '.osrel:' not in text -+ - expected_cmdline = f'.cmdline:\n size: {len(cmdline_arg)}' - assert expected_cmdline in text - expected_uname = f'.uname:\n size: {len(uname_arg)}' -@@ -694,6 +698,9 @@ def test_inspect(kernel_initrd, tmp_path, capsys): - - shutil.rmtree(tmp_path) - -+def test_inspect_no_osrel(kernel_initrd, tmp_path, capsys): -+ test_inspect(kernel_initrd, tmp_path, capsys, osrel=False) -+ - @pytest.mark.skipif(not slow_tests, reason='slow') - def test_pcr_signing(kernel_initrd, tmp_path): - if kernel_initrd is None: -diff --git a/src/ukify/ukify.py b/src/ukify/ukify.py -index c98f8e2a5d..b7542c7eca 100755 ---- a/src/ukify/ukify.py -+++ b/src/ukify/ukify.py -@@ -1477,6 +1477,9 @@ def make_uki(opts: UkifyConfig) -> None: - '.profile', - } - -+ if not opts.os_release: -+ to_import.remove('.osrel') -+ - for profile in opts.join_profiles: - pe = pefile.PE(profile, fast_load=True) - prev_len = len(uki.sections) -@@ -2412,7 +2415,12 @@ def finalize_options(opts: argparse.Namespace) -> None: - - opts.os_release = resolve_at_path(opts.os_release) - -- if not opts.os_release and opts.linux: -+ if opts.os_release == '': -+ # If --os-release= with an empty string was passed, treat that as -+ # explicitly disabling the .osrel section, and do not fallback to the -+ # system's os-release files. -+ pass -+ elif opts.os_release is None and opts.linux: - p = Path('/etc/os-release') - if not p.exists(): - p = Path('/usr/lib/os-release') --- -2.52.0 - diff --git a/0004-stub-Fix-NULL-pointer-deref-when-there-are-no-initrd.patch b/0004-stub-Fix-NULL-pointer-deref-when-there-are-no-initrd.patch deleted file mode 100644 index d6f362f..0000000 --- a/0004-stub-Fix-NULL-pointer-deref-when-there-are-no-initrd.patch +++ /dev/null @@ -1,51 +0,0 @@ -From e57e599e6b11039ab6484e5622b3deae20bfd678 Mon Sep 17 00:00:00 2001 -From: Hans de Goede -Date: Mon, 12 Jan 2026 14:56:36 +0100 -Subject: [PATCH] stub: Fix NULL pointer deref when there are no initrds - -When n_all_initrds == 0, then all_initrds is unmodified from its initial -value of: - - _cleanup_free_ struct iovec *all_initrds = NULL; - -and in the else block of the "if (n_all_initrds > 1)" the NULL is -dereferenced: - - final_initrd = all_initrds[0]; - -Leading to the stub crashing due to a NULL pointer deref. - -Fix this by initializing final_initrd to all 0s and only -running the else block if (n_all_initrds == 1). ---- - src/boot/stub.c | 6 +++--- - 1 file changed, 3 insertions(+), 3 deletions(-) - -diff --git a/src/boot/stub.c b/src/boot/stub.c -index 06ecbc7d18..65950262c6 100644 ---- a/src/boot/stub.c -+++ b/src/boot/stub.c -@@ -1302,9 +1302,9 @@ static EFI_STATUS run(EFI_HANDLE image) { - - /* Combine the initrds into one */ - _cleanup_pages_ Pages initrd_pages = {}; -- struct iovec final_initrd; -+ struct iovec final_initrd = {}; - if (n_all_initrds > 1) { -- /* There will always be a base initrd, if this counter is higher, we need to combine them */ -+ /* If there is more then 1 initrd we need to combine them */ - err = combine_initrds(all_initrds, n_all_initrds, &initrd_pages, &final_initrd.iov_len); - if (err != EFI_SUCCESS) - return err; -@@ -1313,7 +1313,7 @@ static EFI_STATUS run(EFI_HANDLE image) { - - /* Given these might be large let's free them explicitly before we pass control to Linux */ - initrds_free(&initrds); -- } else -+ } else if (n_all_initrds == 1) - final_initrd = all_initrds[0]; - - struct iovec kernel = IOVEC_MAKE( --- -2.52.0 - diff --git a/0998-resolved-create-etc-resolv.conf-symlink-at-runtime.patch b/0998-resolved-create-etc-resolv.conf-symlink-at-runtime.patch new file mode 100644 index 0000000..c94c786 --- /dev/null +++ b/0998-resolved-create-etc-resolv.conf-symlink-at-runtime.patch @@ -0,0 +1,48 @@ +From b727694500d24d19ac0d7c51c1eb67c281f2f301 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= +Date: Fri, 11 Mar 2016 17:06:17 -0500 +Subject: [PATCH] resolved: create /etc/resolv.conf symlink at runtime + +If the symlink doesn't exists, and we are being started, let's +create it to provie name resolution. + +If it exists, do nothing. In particular, if it is a broken symlink, +we cannot really know if the administator configured it to point to +a location used by some service that hasn't started yet, so we +don't touch it in that case either. + +https://bugzilla.redhat.com/show_bug.cgi?id=1313085 +--- + src/resolve/resolved.c | 4 ++++ + tmpfiles.d/etc.conf.m4 | 3 --- + 2 files changed, 4 insertions(+), 3 deletions(-) + +diff --git a/src/resolve/resolved.c b/src/resolve/resolved.c +index a4cda0b5ef..68bca80777 100644 +--- a/src/resolve/resolved.c ++++ b/src/resolve/resolved.c +@@ -71,6 +71,10 @@ int main(int argc, char *argv[]) { + /* Drop privileges, but only if we have been started as root. If we are not running as root we assume all + * privileges are already dropped. */ + if (getuid() == 0) { ++ r = symlink("../run/systemd/resolve/resolv.conf", "/etc/resolv.conf"); ++ if (r < 0 && errno != EEXIST) ++ log_warning_errno(errno, ++ "Could not create /etc/resolv.conf symlink: %m"); + + /* Drop privileges, but keep three caps. Note that we drop those too, later on (see below) */ + r = drop_privileges(uid, gid, +diff --git a/tmpfiles.d/etc.conf.m4 b/tmpfiles.d/etc.conf.m4 +index df8d42101c..928105ea8d 100644 +--- a/tmpfiles.d/etc.conf.m4 ++++ b/tmpfiles.d/etc.conf.m4 +@@ -13,9 +13,6 @@ L+ /etc/mtab - - - - ../proc/self/mounts + m4_ifdef(`HAVE_SMACK_RUN_LABEL', + t /etc/mtab - - - - security.SMACK64=_ + )m4_dnl +-m4_ifdef(`ENABLE_RESOLVE', +-L! /etc/resolv.conf - - - - ../run/systemd/resolve/stub-resolv.conf +-)m4_dnl + C /etc/nsswitch.conf - - - - + m4_ifdef(`HAVE_PAM', + C /etc/pam.d - - - - diff --git a/10-map-count.conf b/10-map-count.conf deleted file mode 100644 index 5cf5677..0000000 --- a/10-map-count.conf +++ /dev/null @@ -1,3 +0,0 @@ -# Increase the number of virtual memory areas that one process may request -# https://fedoraproject.org/wiki/Changes/IncreaseVmMaxMapCount -vm.max_map_count=1048576 diff --git a/10-oomd-defaults.conf b/10-oomd-defaults.conf deleted file mode 100644 index 0254657..0000000 --- a/10-oomd-defaults.conf +++ /dev/null @@ -1,2 +0,0 @@ -[OOM] -DefaultMemoryPressureDurationSec=20s diff --git a/10-oomd-per-slice-defaults.conf b/10-oomd-per-slice-defaults.conf deleted file mode 100644 index 63d8162..0000000 --- a/10-oomd-per-slice-defaults.conf +++ /dev/null @@ -1,3 +0,0 @@ -[Slice] -ManagedOOMMemoryPressure=kill -ManagedOOMMemoryPressureLimit=80% diff --git a/10-timeout-abort.conf b/10-timeout-abort.conf deleted file mode 100644 index 4852648..0000000 --- a/10-timeout-abort.conf +++ /dev/null @@ -1,14 +0,0 @@ -# This file is part of the systemd package. -# See https://fedoraproject.org/wiki/Changes/Shorter_Shutdown_Timer. -# -# To facilitate debugging when a service fails to stop cleanly, -# TimeoutStopFailureMode=abort is set to "crash" services that fail to stop in -# the time allotted. This will cause the service to be terminated with SIGABRT -# and a coredump to be generated. -# -# To undo this configuration change, create a mask file: -# sudo mkdir -p /etc/systemd/system/service.d -# sudo ln -sv /dev/null /etc/systemd/system/service.d/10-timeout-abort.conf - -[Service] -TimeoutStopFailureMode=abort diff --git a/20-grubby.install b/20-grubby.install new file mode 100755 index 0000000..e059125 --- /dev/null +++ b/20-grubby.install @@ -0,0 +1,51 @@ +#!/bin/bash + +if [[ ! -x /sbin/new-kernel-pkg ]]; then + exit 0 +fi + +COMMAND="$1" +KERNEL_VERSION="$2" +BOOT_DIR_ABS="$3" +KERNEL_IMAGE="$4" + +KERNEL_DIR="${KERNEL_IMAGE%/*}" +[[ "$KERNEL_VERSION" == *\+* ]] && flavor=-"${KERNEL_VERSION##*+}" +case "$COMMAND" in + add) + if [[ "${KERNEL_DIR}" != "/boot" ]]; then + for i in \ + "$KERNEL_IMAGE" \ + "$KERNEL_DIR"/System.map \ + "$KERNEL_DIR"/config \ + "$KERNEL_DIR"/zImage.stub \ + "$KERNEL_DIR"/dtb \ + ; do + [[ -e "$i" ]] || continue + cp -aT "$i" "/boot/${i##*/}-${KERNEL_VERSION}" + command -v restorecon &>/dev/null && \ + restorecon -R "/boot/${i##*/}-${KERNEL_VERSION}" + done + # hmac is .vmlinuz-.hmac so needs a special treatment + i="$KERNEL_DIR/.${KERNEL_IMAGE##*/}.hmac" + if [[ -e "$i" ]]; then + cp -a "$i" "/boot/.${KERNEL_IMAGE##*/}-${KERNEL_VERSION}.hmac" + command -v restorecon &>/dev/null && \ + restorecon "/boot/.${KERNEL_IMAGE##*/}-${KERNEL_VERSION}.hmac" + fi + fi + /sbin/new-kernel-pkg --package "kernel${flavor}" --install "$KERNEL_VERSION" || exit $? + /sbin/new-kernel-pkg --package "kernel${flavor}" --mkinitrd --dracut --depmod --update "$KERNEL_VERSION" || exit $? + /sbin/new-kernel-pkg --package "kernel${flavor}" --rpmposttrans "$KERNEL_VERSION" || exit $? + ;; + remove) + /sbin/new-kernel-pkg --package "kernel${flavor+-$flavor}" --rminitrd --rmmoddep --remove "$KERNEL_VERSION" || exit $? + ;; + *) + ;; +esac + +# skip other installation plugins, if we can't find a boot loader spec conforming setup +if ! [[ -d /boot/loader/entries || -L /boot/loader/entries ]]; then + exit 77 +fi diff --git a/26494.patch b/26494.patch deleted file mode 100644 index 19bc67b..0000000 --- a/26494.patch +++ /dev/null @@ -1,30 +0,0 @@ -From 6b25470ee28843a49c50442e9d8a98edc842ceca Mon Sep 17 00:00:00 2001 -From: Yu Watanabe -Date: Mon, 20 Feb 2023 12:00:30 +0900 -Subject: [PATCH] core/manager: run generators directly when we are in initrd - -Some initrd system write files at ourside of /run, /etc, or other -allowed places. This is a kind of workaround, but in most cases, such -sandboxing is not necessary as the filesystem is on ramfs when we are in -initrd. - -Fixes #26488. ---- - src/core/manager.c | 4 ++-- - 1 file changed, 2 insertions(+), 2 deletions(-) - -diff --git a/src/core/manager.c b/src/core/manager.c -index 7b394794b0d4..306477c6e6c2 100644 ---- a/src/core/manager.c -+++ b/src/core/manager.c -@@ -3822,8 +3822,8 @@ static int manager_run_generators(Manager *m) { - /* If we are the system manager, we fork and invoke the generators in a sanitized mount namespace. If - * we are the user manager, let's just execute the generators directly. We might not have the - * necessary privileges, and the system manager has already mounted /tmp/ and everything else for us. -- */ -- if (MANAGER_IS_USER(m)) { -+ * If we are in initrd, let's also execute the generators directly, as we are in ramfs. */ -+ if (MANAGER_IS_USER(m) || in_initrd()) { - r = manager_execute_generators(m, paths, /* remount_ro= */ false); - goto finish; - } diff --git a/30846.patch b/30846.patch deleted file mode 100644 index 77da69f..0000000 --- a/30846.patch +++ /dev/null @@ -1,56 +0,0 @@ -From 07bedc8f93277f705622625f440a1f56ccff1cd0 Mon Sep 17 00:00:00 2001 -From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= -Date: Tue, 9 Jan 2024 11:28:04 +0100 -Subject: [PATCH] journal: again create user journals for users with high uids - -This effectively reverts a change in 115d5145a257c1a27330acf9f063b5f4d910ca4d -'journald: move uid_for_system_journal() to uid-alloc-range.h', which slipped -in an additional check of uid_is_container(uid). The problem is that that change -is not backwards-compatible at all and very hard for users to handle. -There is no common agreement on mappings of high-range uids. Systemd declares -ownership of a large range for container uids in https://systemd.io/UIDS-GIDS/, -but this is only a recent change and various sites allocated those ranges -in a different way, in particular FreeIPA uses (used?) uids from this range -for human users. On big sites with lots of users changing uids is obviously a -hard problem. We generally assume that uids cannot be "freed" and/or changed -and/or reused safely, so we shouldn't demand the same from others. - -This is somewhat similar to the situation with SYSTEM_ALLOC_UID_MIN / -SYSTEM_UID_MAX, which we tried to define to a fixed value in our code, causing -huge problems for existing systems with were created with a different -definition and couldn't be easily updated. For that case, we added a -configuration time switch and we now parse /etc/login.defs to actually use the -value that is appropriate for the local system. - -Unfortunately, login.defs doesn't have a concept of container allocation ranges -(and we don't have code to parse and use those nonexistent names either), so we -can't tell users to adjust logind.defs to work around the changed definition. - -login.defs has SUB_UID_{MIN,MAX}, but those aren't really the same thing, -because they are used to define where the add allocations for subuids, which is -generally a much smaller range. Maybe we should talk with other folks about -the appropriate allocation ranges and define some new settings in login.defs. -But this would require discussion and coordination with other projects first. - -Actualy, it seems that this change was needed at all. The code in the container -does not log to the outside journal. It talks to its own journald, which does -journal splitting using its internal logic based on shifted uids. So let's -revert the change to fix user systems. - -Fixes https://bugzilla.redhat.com/show_bug.cgi?id=2251843. ---- - src/basic/uid-classification.c | 3 ++- - 1 file changed, 2 insertions(+), 1 deletion(-) - -diff --git a/src/basic/uid-classification.c b/src/basic/uid-classification.c -index 203ce2c68a..2eb384395d 100644 ---- a/src/basic/uid-classification.c -+++ b/src/basic/uid-classification.c -@@ -129,5 +129,6 @@ bool uid_for_system_journal(uid_t uid) { - - /* Returns true if the specified UID shall get its data stored in the system journal. */ - -- return uid_is_system(uid) || uid_is_dynamic(uid) || uid_is_greeter(uid) || uid == UID_NOBODY || uid_is_container(uid) || uid_is_foreign(uid); -+ return uid_is_system(uid) || uid_is_dynamic(uid) || uid_is_greeter(uid) || uid == UID_NOBODY || uid_is_foreign(uid); -+ - } diff --git a/38769.patch b/38769.patch deleted file mode 100644 index 09a7423..0000000 --- a/38769.patch +++ /dev/null @@ -1,42 +0,0 @@ -From 00d70f36a0866660693347009446b7f872a05bf4 Mon Sep 17 00:00:00 2001 -From: =?UTF-8?q?Christian=20G=C3=B6ttsche?= -Date: Sat, 30 Aug 2025 13:55:56 +0200 -Subject: [PATCH] core: create userdb root directory with correct label - -Set up the /run/systemd/userdb directory with the default SELinux context -on creation. - -With version 257.7-1 on Debian the directory was automatically created with the -correct label. Starting with version 258 (only tested with 258~rc3-1) it no -longer is. Regression introduced in 736349958efe34089131ca88950e2e5bb391d36a. - -[zjs: edited the patch to apply comments from review and update the description.] ---- - src/core/varlink.c | 7 ++++++- - 1 file changed, 6 insertions(+), 1 deletion(-) - -diff --git a/src/core/varlink.c b/src/core/varlink.c -index 99f12c59e5..71a8ffd0e5 100644 ---- a/src/core/varlink.c -+++ b/src/core/varlink.c -@@ -5,6 +5,7 @@ - #include "constants.h" - #include "errno-util.h" - #include "manager.h" -+#include "mkdir-label.h" - #include "path-util.h" - #include "pidref.h" - #include "string-util.h" -@@ -441,7 +442,11 @@ static int manager_varlink_init_system(Manager *m) { - if (!fresh && varlink_server_contains_socket(m->varlink_server, address)) - continue; - -- r = sd_varlink_server_listen_address(m->varlink_server, address, 0666 | SD_VARLINK_SERVER_MODE_MKDIR_0755); -+ r = mkdir_parents_label(address, 0755); -+ if (r < 0) -+ log_warning_errno(r, "Failed to create parent directory of '%s', ignoring: %m", address); -+ -+ r = sd_varlink_server_listen_address(m->varlink_server, address, 0666); - if (r < 0) - return log_error_errno(r, "Failed to bind to varlink socket '%s': %m", address); - } diff --git a/60-block-scheduler.rules b/60-block-scheduler.rules deleted file mode 100644 index 850b645..0000000 --- a/60-block-scheduler.rules +++ /dev/null @@ -1,5 +0,0 @@ -# do not edit this file, it will be overwritten on update - -ACTION=="add", SUBSYSTEM=="block", ENV{DEVTYPE}=="disk", \ - KERNEL=="mmcblk*[0-9]|msblk*[0-9]|mspblk*[0-9]|sd*[!0-9]|sr*", \ - ATTR{queue/scheduler}="bfq" diff --git a/98-default-mac-none.link b/98-default-mac-none.link deleted file mode 100644 index 8440f98..0000000 --- a/98-default-mac-none.link +++ /dev/null @@ -1,20 +0,0 @@ -# SPDX-License-Identifier: MIT-0 -# -# This config file is installed as part of systemd. -# It may be freely copied and edited (following the MIT No Attribution license). -# -# To make local modifications, one of the following methods may be used: -# 1. add a drop-in file that extends this file by creating the -# /etc/systemd/network/98-default-mac-none.link.d/ directory and creating a -# new .conf file there. -# 2. copy this file into /etc/systemd/network or one of the other paths checked -# by systemd-udevd and edit it there. -# This file should not be edited in place, because it'll be overwritten on upgrades. - -[Match] -Kind=bridge bond team - -[Link] -NamePolicy=keep kernel database onboard slot path -AlternativeNamesPolicy=database onboard slot path -MACAddressPolicy=none diff --git a/README.build-in-place.md b/README.build-in-place.md deleted file mode 100644 index df108d1..0000000 --- a/README.build-in-place.md +++ /dev/null @@ -1,14 +0,0 @@ -# Building systemd rpms for local development using rpmbuild --build-in-place - -This approach is based on filbranden's [git-rpmbuild](https://github.com/filbranden/git-rpmbuild) -and his [talk during ASG2019](https://www.youtube.com/watch?v=fVM1kJrymRM). - -``` -git clone https://github.com/systemd/systemd -fedpkg clone systemd fedora-systemd -cd systemd -rpmbuild -bb --build-in-place --noprep --define "_sourcedir $PWD/../fedora-systemd" --define "_rpmdir $PWD/rpms" --with upstream ../fedora-systemd/systemd.spec -sudo dnf upgrade --setopt install_weak_deps=False rpms/*/*.rpm -``` - -`--without lto` and `--without tests` may be useful to speed up the build. diff --git a/changelog b/changelog deleted file mode 100644 index 216ab62..0000000 --- a/changelog +++ /dev/null @@ -1,3221 +0,0 @@ -* Sun Jan 12 2025 Zbigniew Jędrzejewski-Szmek - 257.2-6 -- Rebuilt for the bin-sbin merge (2nd attempt) - -* Fri Jan 10 2025 Zbigniew Jędrzejewski-Szmek - 257.2-4 -- Revert use of PrivateTmp=disconnected (rhbz#2334015, - https://github.com/coreos/fedora-coreos-tracker/issues/1857) - -* Wed Jan 08 2025 Zbigniew Jędrzejewski-Szmek - 257.2-1 -- Version 257.2 -- Fixes for assertion crashes and memory access issues in pid1 and systemd- - machined, and other fixes for systemd-repart, systemd-resolved, systemd- - stdio-bridge, systemctl, journalctl, sd-device, hibernation, and the - hardware database. - -* Tue Jan 07 2025 Yu Watanabe - 257.1-7 -- Replace 'udevadm hwdb' with systemd-hwdb - -* Tue Jan 07 2025 Zbigniew Jędrzejewski-Szmek - 257.1-6 -- Rename source .abignore file - -* Fri Dec 20 2024 Daan De Meyer - 257.1-2 -- Re-enable upstream behaviour of systemd-tmpfiles --purge - -* Fri Dec 20 2024 Zbigniew Jędrzejewski-Szmek - 257.1-1 -- Version 257.1 -- A bunch of post-release fixes, incl. for systemd-resolved, tpm2 support, - systemd-networkd, systemd-logind, journalct. -- Should fix rhbz#2325780. - -* Sun Dec 15 2024 Yu Watanabe - 257-3 -- Add patch for test-time-util - -* Sun Dec 15 2024 Yu Watanabe - 257-2 -- sysusers: support new ! line flag for creating fully locked accounts - -* Tue Dec 10 2024 Zbigniew Jędrzejewski-Szmek - 257-1 -- Version 257 -- A bunch of small fixes in various components: systemd itself, systemd- - cryptenroll, sd-varlink, sd-boot, documentation, tests -- Includes an update of the hardware database - -* Thu Dec 05 2024 Zbigniew Jędrzejewski-Szmek - 257~rc3-5 -- Enable slow tests during build - -* Tue Dec 03 2024 Zbigniew Jędrzejewski-Szmek - 257~rc3-3 -- Recommend qemu-kvm-core instead of qemu-kvm (rhbz#2329979) - -* Fri Nov 29 2024 Yu Watanabe - 257~rc3-2 -- Update tmpfiles --destroy-data patch - -* Wed Nov 27 2024 Zbigniew Jędrzejewski-Szmek - 257~rc3-1 -- Version 257~rc3 -- A bunch of small fixes here and there: virtualization detection, udev, - systemd-networked, pid1. -- Includes a hardware database update. - -* Tue Nov 26 2024 Zbigniew Jędrzejewski-Szmek - 257~rc2-4 -- Make systemd-network-generator co-owned by -udev and -networkd - (rhbz#2328723) - -* Tue Nov 19 2024 Zbigniew Jędrzejewski-Szmek - 257~rc2-3 -- Pull in qemu from systemd-container - -* Fri Nov 15 2024 Zbigniew Jędrzejewski-Szmek - 257~rc2-2 -- Change sysusers u! lines to u because we don't have support in rpm - -* Fri Nov 15 2024 Zbigniew Jędrzejewski-Szmek - 257~rc2-1 -- Version 257~rc2 -- Changes in systemd-measure, systemd-networkd, documentation, systemd- - sysupdated, systemd-sbsign, systemd-boot, systemd-stub, systemd-nspawn, - run0, ukify -- Hardware database update - -* Fri Nov 15 2024 Zbigniew Jędrzejewski-Szmek - 257~rc1-3 -- Disable freezing of user sessions (rhbz#2321268) - -* Thu Nov 07 2024 Zbigniew Jędrzejewski-Szmek - 257~rc1-1 -- Version 257~rc1 - -* Thu Nov 07 2024 Daan De Meyer - 256.7-7 -- Use %%posttrans instead of %%postun to restart services - -* Thu Nov 07 2024 Yaakov Selkowitz - 256.7-6 -- Disable OpenSSL v3 ENGINE on RHEL - -* Tue Nov 05 2024 Daan De Meyer - 256.7-4 -- Backport user manager reexec changes - -* Tue Nov 05 2024 David Tardon - 256.7-3 -- Use %%systemd_preun in systemd-resolved - -* Thu Oct 24 2024 Yu Watanabe - 256.7-2 -- test_sysusers_defined: support new ! line flag for creating fully locked - accounts - -* Fri Oct 11 2024 Zbigniew Jędrzejewski-Szmek - 256.7-1 -- Version 256.7 -- Various small fixes in many components -- Documentation updates - -* Tue Sep 24 2024 Zbigniew Jędrzejewski-Szmek - 256.6-3 -- Move yum/dnf protection removal config file under /usr - -* Thu Sep 12 2024 Matteo Croce - 256.6-1 -- Version 256.6 - -* Thu Aug 29 2024 Daan De Meyer - 256.5-6 -- Always build ukify package - -* Wed Aug 28 2024 Daan De Meyer - 256.5-5 -- Do not use patch to modify systemd-user pam config file - -* Tue Aug 27 2024 Daan De Meyer - 256.5-3 -- Only make python3-pillow Recommends on Fedora - -* Sat Aug 24 2024 Davide Cavalca - 256.5-2 -- Do not require grubby on CentOS Stream 9 - -* Tue Aug 20 2024 Zbigniew Jędrzejewski-Szmek - 256.5-1 -- Version 256.5 -- Includes the patches for the kernel change with kernel threads in leaf - cgroups (https://github.com/systemd/systemd/pull/33885) -- Various smaller fixes - -* Tue Aug 20 2024 Zbigniew Jędrzejewski-Szmek - 256.4-4 -- Disable integration of userdb in sshd - -* Mon Jul 29 2024 Daan De Meyer - 256.4-3 -- Backport patch to only read /proc/cmdline when not in container - -* Mon Jul 29 2024 Daan De Meyer - 256.4-2 -- Backport upstream patch to try more initrd variants in - 90-loaderentry.install - -* Thu Jul 25 2024 Zbigniew Jędrzejewski-Szmek - 256.4-1 -- Version 256.4 -- Hardware db update -- Minor fixes for systemd-udevd and varlink protocol - -* Tue Jul 23 2024 Daan De Meyer - 256.3-3 -- Update tmpfiles --destroy-data patch - -* Tue Jul 23 2024 Zbigniew Jędrzejewski-Szmek - 256.3-1 -- Version 256.3 -- A bunch of fixes for systemd (pid1) -- Various upgrades related to running tests in mkosi - -* Sat Jul 20 2024 Daan De Meyer - 256.2-17 -- Simplify BFQ scheduler enablement - -* Sat Jul 20 2024 Fedora Release Engineering - 256.2-16 -- Rebuilt for https://fedoraproject.org/wiki/Fedora_41_Mass_Rebuild - -* Wed Jul 17 2024 Zbigniew Jędrzejewski-Szmek - 256.2-9 -- Backport udma buffer access patch (rhbz#2298422) - -* Tue Jul 16 2024 Daan De Meyer - 256.2-8 -- Add support for building from a specific branch - -* Tue Jul 16 2024 Daan De Meyer - 256.2-7 -- Update PR patch metadata - -* Mon Jul 15 2024 Zbigniew Jędrzejewski-Szmek - 256.2-6 -- In standalone subpackages, suggest coreutils-single - -* Mon Jul 15 2024 Zbigniew Jędrzejewski-Szmek - 256.2-5 -- Drop versions from Conflicts for standalone packages - -* Sun Jul 14 2024 Zbigniew Jędrzejewski-Szmek - 256.2-4 -- Use a more precise Recommends for libkxbcommon - -* Thu Jul 11 2024 Daan De Meyer - 256.2-3 -- Drop machined revert - -* Tue Jul 09 2024 Zbigniew Jędrzejewski-Szmek - 256.2-2 -- Rebuilt for the bin-sbin merge - -* Mon Jul 08 2024 Zbigniew Jędrzejewski-Szmek - 256.2-1 -- Version 256.2 -- A bunch of various small fixes - -* Mon Jul 08 2024 Zbigniew Jędrzejewski-Szmek - 256.1-13 -- Link systemd-executor statically - -* Fri Jul 05 2024 Yaakov Selkowitz - 256.1-12 -- Update dracut workaround - -* Fri Jul 05 2024 Yaakov Selkowitz - 256.1-11 -- Fix ELN build - -* Fri Jul 05 2024 Daan De Meyer - 256.1-10 -- Only exclude dracut conflicts on non-fedora on upstream builds - -* Fri Jul 05 2024 Daan De Meyer - 256.1-9 -- Conditionalize dracut Conflicts more - -* Tue Jul 02 2024 Daan De Meyer - 256.1-8 -- Use vmlinux.h from kernel-devel - -* Tue Jul 02 2024 Zbigniew Jędrzejewski-Szmek - 256.1-7 -- Pull in openssl-devel-engine - -* Mon Jul 01 2024 Daan De Meyer - 256.1-6 -- Only add Requires on python3-zstd on Fedora - -* Mon Jul 01 2024 Daan De Meyer - 256.1-5 -- Drop BuildRequires on python3-zstd - -* Tue Jun 25 2024 Zbigniew Jędrzejewski-Szmek - 256.1-4 -- Revert "Remove tmpfiles snippet for /home and /srv" - -* Tue Jun 18 2024 Zbigniew Jędrzejewski-Szmek - 256.1-3 -- Remove tmpfiles snippet for /home and /srv - -* Tue Jun 18 2024 Zbigniew Jędrzejewski-Szmek - 256.1-2 -- Soft-disable tmpfiles --purge until a good use case comes up - -* Tue Jun 18 2024 Zbigniew Jędrzejewski-Szmek - 256.1-1 -- Version 256.1 - -* Sun Jun 16 2024 U2FsdGVkX1 - 256-2 -- disable auto-features when bootstrapping - -* Tue Jun 11 2024 Zbigniew Jędrzejewski-Szmek - 256-1 -- Version 256 -- Only minor changes since -rc4. -- Hardward db is updated. - -* Fri Jun 07 2024 Zbigniew Jędrzejewski-Szmek - 256~rc4-2 -- Restore patch to drop varlink method call - -* Thu Jun 06 2024 Zbigniew Jędrzejewski-Szmek - 256~rc4-1 -- Version 256~rc4 - -* Thu Jun 06 2024 Zbigniew Jędrzejewski-Szmek - 256~rc3-6 -- Drop sysusers.d/basic.conf -- We rely on setup to provide all necessary groups. - -* Sun Jun 02 2024 Adam Williamson - 256~rc3-4 -- Partially backport PR #33016 to fix crashes in KDE 6.3.0 - -* Wed May 29 2024 Zbigniew Jędrzejewski-Szmek - 256~rc3-2 -- Add patch to work-around libbpf bug (rhbz#2280935) - -* Thu May 23 2024 Zbigniew Jędrzejewski-Szmek - 256~rc3-1 -- Version 256~rc3 - -* Wed May 15 2024 Zbigniew Jędrzejewski-Szmek - 256~rc2-6 -- Version 256~rc2 -- Various small changes all over -- A fix for rhbz#2273069 - -* Mon May 13 2024 Zbigniew Jędrzejewski-Szmek - 256~rc1^20240509git1781de1-4 -- Make %%release_override overridable from outside - -* Sat May 11 2024 Zbigniew Jędrzejewski-Szmek - 256~rc1^20240509git1781de1-2 -- Temporarily drop call to varlink method to avoid SELinux denial - -* Thu May 09 2024 Zbigniew Jędrzejewski-Szmek - 256~rc1^20240509git1781de1-1 -- Version 256-rc1^20240509git -- There were some fixes merged upstream, so let's try again before v256-rc2 - is released. - -* Thu May 02 2024 Jan Macku - 256~rc1-6 -- spec: `systemd-ukify` should depend on `systemd-boot` - -* Sat Apr 27 2024 Zbigniew Jędrzejewski-Szmek - 256~rc1-4 -- Add additional daemon-reexec for upgrades from old systemd versions - -* Sat Apr 27 2024 Zbigniew Jędrzejewski-Szmek - 256~rc1-3 -- Drop trigger scriptlets for upgrades from systemd < 247 - -* Sat Apr 27 2024 Zbigniew Jędrzejewski-Szmek - 256~rc1-2 -- Add Recommends for dlopen libraries - -* Fri Apr 26 2024 Zbigniew Jędrzejewski-Szmek - 256~rc1-1 -- Version 256~rc1 -- See https://raw.githubusercontent.com/systemd/systemd/v256-rc1/NEWS. Too - many changes to list or discuss here. - -* Wed Apr 24 2024 Zbigniew Jędrzejewski-Szmek - 255.5-3 -- Reexec systemd in %%postun - (https://github.com/systemd/systemd/issues/5096) -- The workaround dbus issues in upgrades from systemd-239 is dropped - -* Wed Apr 24 2024 Zbigniew Jędrzejewski-Szmek - 255.5-2 -- Drop workaround to run generators without sandboxing (requirement on - dracut >= 60 is added) - -* Wed Apr 24 2024 Zbigniew Jędrzejewski-Szmek - 255.5-1 -- Version 255.5 -- Many different small fixes: systemd itself, systemd-networkd, systemd- - journal-remote, compilation fixes for newer kernels and clang, systemd- - homed, systemd-resolved, ukify, systemd-tmpfiles, various other. - -* Wed Apr 10 2024 Zbigniew Jędrzejewski-Szmek - 255.4-16 -- Prepare for bin-sbin merge - -* Wed Mar 27 2024 Zbigniew Jędrzejewski-Szmek - 255.4-13 -- spec: add %%bcond to build without documentation - -* Fri Mar 22 2024 Zbigniew Jędrzejewski-Szmek - 255.4-11 -- Revert "Adjust release tag for riscv64" - -* Fri Mar 22 2024 David Abdurachmanov - 255.4-10 -- Enable bootloader stack for riscv64 - -* Fri Mar 22 2024 Zbigniew Jędrzejewski-Szmek - 255.4-9 -- Adjust release tag for riscv64 - -* Wed Mar 20 2024 David Tardon - 255.4-5 -- Make Requires(*) on systemd versioned - -* Wed Mar 20 2024 Zbigniew Jędrzejewski-Szmek - 255.4-4 -- Add R:systemd-udev to systemd-networkd subpackage (rhbz#2173425) - -* Mon Mar 18 2024 Daan De Meyer - 255.4-3 -- Add psutil dependency to systemd-tests - -* Thu Mar 07 2024 Daan De Meyer - 255.4-2 -- Build in developer mode when building for upstream - -* Fri Mar 01 2024 Zbigniew Jędrzejewski-Szmek - 255.4-1 -- Version 255.4 - -* Wed Feb 21 2024 Daan De Meyer - 255.3-13 -- Allow setting extra configure options using - %%meson_extra_configure_options - -* Wed Feb 21 2024 Daan De Meyer - 255.3-12 -- Apply pam patch when building for upstream - -* Wed Feb 21 2024 Daan De Meyer - 255.3-11 -- Use %%version_override/%%release_override to specify version/release by - users - -* Tue Feb 20 2024 Zbigniew Jędrzejewski-Szmek - 255.3-10 -- Let libkmod be a dlopen'ed dependency - -* Sat Feb 17 2024 Daan De Meyer - 255.3-9 -- Allow overriding the version and release using macros - -* Sat Feb 17 2024 Daan De Meyer - 255.3-8 -- Stop passing %%{release} to meson when building in upstream mode - -* Sat Feb 17 2024 Daan De Meyer - 255.3-7 -- Don't pass b_lto to meson - -* Thu Feb 15 2024 Daan De Meyer - 255.3-6 -- Update usage of meson-vcs-tag.sh to account for upstream changes - -* Sun Feb 11 2024 Daan De Meyer - 255.3-5 -- Replace inplace macro with upstream macro - -* Sun Feb 11 2024 Daan De Meyer - 255.3-4 -- Remove reconfiguration logic - -* Sun Feb 11 2024 Daan De Meyer - 255.3-3 -- Stop depending on filelists - -* Mon Jan 29 2024 Zbigniew Jędrzejewski-Szmek - 255.3-2 -- Conflicts/Provides with systemd-standalone-repart are moved udev - subpackage - -* Thu Jan 25 2024 Zbigniew Jędrzejewski-Szmek - 255.3-1 -- Version 255.3 -- A bunch of various fixes for memory and behaviour, in many different - components (bootctl, systemd, udev, systemd-networkd, systemd-homed, - systemd-logind, systemd-resolve, systemd-repart, systemd-analyze, - systemd-dissect, systemd-boot, pam modules, systemd-storagetm, systemd- - journal-remote, kernel-install) -- Improved detection of virtualization (Google Compute Engine, Apple Virt) -- Updates for shell completions and docs -- An update for hardware database - -* Tue Jan 23 2024 Zbigniew Jędrzejewski-Szmek - 255.2-3 -- Add temporary patch to adjust uid range classification (rhbz#2251843) - -* Tue Jan 09 2024 Zbigniew Jędrzejewski-Szmek - 255.2-1 -- Version 255.2 -- Fixes missing DNSSEC validity check in SOA DNS packets (CVE-2023-7008) -- systemd-resolved and systemd-networkd are restarted after an upgrade. - -* Tue Jan 09 2024 Zbigniew Jędrzejewski-Szmek - 255.1-2 -- Add missing %%postun scriptlets for systemd-{resolved,networkd} - (rhbz#2255718) - -* Sat Dec 16 2023 Zbigniew Jędrzejewski-Szmek - 255.1-1 -- Version 255.1 - -* Wed Dec 13 2023 Zbigniew Jędrzejewski-Szmek - 255-7 -- Do not remove modified config files - -* Fri Dec 08 2023 Zbigniew Jędrzejewski-Szmek - 255-4 -- Add /etc/ssh/sshd_config.d to the file list - -* Fri Dec 08 2023 Zbigniew Jędrzejewski-Szmek - 255-3 -- Move config files to /usr/lib/systemd (e.g. /etc/systemd/system.conf → - /usr/lib/systemd/systemd.conf). Both config file locations were already - supported, and the files installed in /etc/ were "empty" (i.e. they had - only comments and section headers). The move does not change the - configuration, but just makes /etc more empty by default. See - https://github.com/systemd/systemd/commit/6495361c7d for more discussion - and details. - -* Fri Dec 08 2023 Zbigniew Jędrzejewski-Szmek - 255-2 -- Move systemd-bsod is to udev subpackage - -* Wed Dec 06 2023 Zbigniew Jędrzejewski-Szmek - 255-1 -- Version 255 -- Just a few bugfixes since 255-rc4: seccomp filters, logging, - documentation, systemd-repart -- Includes a hardware database update. - -* Sat Dec 02 2023 Zbigniew Jędrzejewski-Szmek - 255~rc4-1 -- Version 255~rc4 - -* Fri Dec 01 2023 Adam Williamson - 255~rc3-4 -- Backport PRs #30170 and #30266 to fix BPF denials (RHBZ #2250930) - -* Wed Nov 29 2023 Adam Williamson - 255~rc3-3 -- Backport #30197 to fix vconsole startup (RHBZ #2251394) - -* Thu Nov 23 2023 Peter Robinson - 255~rc3-2 -- de-dupe LICENSE.LGPL2.1 in licenses - -* Wed Nov 22 2023 Zbigniew Jędrzejewski-Szmek - 255~rc3-1 -- Version 255~rc3 - -* Wed Nov 22 2023 Zbigniew Jędrzejewski-Szmek - 255~rc2-2 -- Add systemd-networkd-defaults subpackage - -* Wed Nov 15 2023 Zbigniew Jędrzejewski-Szmek - 255~rc2-1 -- Version 255~rc2 -- See See https://raw.githubusercontent.com/systemd/systemd/v255-rc2/NEWS - -* Wed Nov 08 2023 Zbigniew Jędrzejewski-Szmek -- Add Conflicts with older dracut which doesn't have required patches - -* Tue Nov 07 2023 Zbigniew Jędrzejewski-Szmek - 255~rc1-3 -- Also build systemd-vmspawn - -* Tue Nov 07 2023 Zbigniew Jędrzejewski-Szmek - 255~rc1-2 -- Move oomd to systemd-udev - -* Tue Nov 07 2023 Zbigniew Jędrzejewski-Szmek - 255~rc1-1 -- Version 255~rc1 -- See https://raw.githubusercontent.com/systemd/systemd/v255-rc1/NEWS -- All the files and services related to pcrs are moved to -udev subpackage. - This includes the new systemd-pcrlock binary. - -* Wed Sep 27 2023 Zbigniew Jędrzejewski-Szmek - 254.5-2 -- Pull in more patches for keyboard layout matching - -* Wed Sep 27 2023 Zbigniew Jędrzejewski-Szmek - 254.5-1 -- Version 254.5 -- Resolves rhbz#29216. - -* Wed Sep 27 2023 Zbigniew Jędrzejewski-Szmek - 254.2-14 -- Pull in patches to add PollLimit setting - -* Wed Sep 27 2023 Zbigniew Jędrzejewski-Szmek - 254.2-13 -- Change versioned Conflicts to rich Requires (rhbz#2240828) - -* Tue Sep 19 2023 Adam Williamson - 254.2-12 -- Backport PR #29215 to improve keyboard layout matching - -* Mon Sep 18 2023 Zbigniew Jędrzejewski-Szmek - 254.2-7 -- Fix creation of installkernel symlink - -* Fri Sep 15 2023 Zbigniew Jędrzejewski-Szmek - 254.2-6 -- Provide /usr/sbin/installkernel (rhbz#2239008). - -* Thu Sep 07 2023 Zbigniew Jędrzejewski-Szmek - 254.2-2 -- Make inter-subpackage dependencies archful - -* Thu Sep 07 2023 Zbigniew Jędrzejewski-Szmek - 254.2-1 -- Version 254.2 -- A bunch of fixes in various areas: manager, coredump, sysupdate, - hibernation, journal. -- Should fix rhbz#2234653. - -* Wed Sep 06 2023 Zbigniew Jędrzejewski-Szmek - 254.1-8 -- Actually reload user managers and backport unit reload macros - -* Sat Sep 02 2023 Daan De Meyer - 254.1-7 -- ukify: Drop obsolete dependency on objcopy - -* Sat Sep 02 2023 Daan De Meyer - 254.1-6 -- Add missing ukify dependency on python-cryptography - -* Sun Aug 20 2023 Yu Watanabe - 254.1-5 -- spec: also explicitly enable/disable ukify support - -* Sun Aug 13 2023 Yu Watanabe - 254.1-4 -- spec: explicitly enable/disable xen support - -* Wed Aug 09 2023 Zbigniew Jędrzejewski-Szmek - 254.1-1 -- Version 254.1 (rhbz#2228089, possibly partial fix for rhbz#2229524) - -* Wed Aug 09 2023 Zbigniew Jędrzejewski-Szmek - 254-5 -- Do daemon-reexec of user managers after package upgrade - -* Mon Aug 07 2023 Daan De Meyer - 254-4 -- Revert "Supress errors on selinux systems" - -* Thu Aug 03 2023 Daan De Meyer - 254-3 -- Add a custom %%clean implementation - -* Thu Aug 03 2023 Daan De Meyer - 254-2 -- Update libbpf soname - -* Fri Jul 28 2023 Zbigniew Jędrzejewski-Szmek - 254-1 -- Version 254 (just a bunch of bugfixes, mostly for unusual architectures, - since rc3) -- rhbz#2226908 -- See https://raw.githubusercontent.com/systemd/systemd/v254-rc1/NEWS for - the full changeset. - -* Mon Jul 24 2023 Zbigniew Jędrzejewski-Szmek - 254~rc3-1 -- Version 254~rc3 -- A bunch of fixes, e.g. rhbz#2223795. Also a bunch of reverts of commits - which were found to cause problems. - -* Sat Jul 22 2023 Fedora Release Engineering - 254~rc2-5 -- Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild - -* Mon Jul 17 2023 Zbigniew Jędrzejewski-Szmek - 254~rc2-4 -- Fix scriptlets for various services and remote-cryptsetup.target - (rhbz#2217997) - -* Sun Jul 16 2023 Stewart Smith - 254~rc2-3 -- Convert existing bcond_with[out] to plain bcond - -* Sun Jul 16 2023 Stewart Smith - 254~rc2-2 -- Move gnutls, zlib, bzip2, lz4, xz, and zstd to bconds - -* Sat Jul 15 2023 Zbigniew Jędrzejewski-Szmek - 254~rc2-1 -- Version 254~rc2 -- Various bug fixes, in particular kernel-install should again work without - /proc. - -* Thu Jul 13 2023 Zbigniew Jędrzejewski-Szmek - 254~rc1-1 -- Version 254~rc1 -- Way too many changes to list. See - https://raw.githubusercontent.com/systemd/systemd/v254-rc1/NEWS -- Fix regression in socket activation of services (rhbz#2213660). - -* Mon Jun 26 2023 Yaakov Selkowitz - 253.5-7 -- Use rpm sysuser provide generation on RHEL >= 10 - -* Thu Jun 22 2023 Panu Matilainen - 253.5-6 -- Use rpm's sysuser provide generation on Fedora >= 39 - -* Wed Jun 21 2023 Anita Zhang - 253.5-5 -- fix typos in standalone package provides - -* Mon Jun 05 2023 Yaakov Selkowitz - 253.5-4 -- Avoid pillow and pyflakes in RHEL builds - -* Mon Jun 05 2023 Yaakov Selkowitz - 253.5-3 -- Avoid qrencode dependency in RHEL builds - -* Fri Jun 02 2023 Alessandro Astone - 253.5-2 -- Increase vm.max_map_count - -* Thu Jun 01 2023 Zbigniew Jędrzejewski-Szmek - 253.5-1 -- Version 253.5 - -* Thu May 11 2023 Zbigniew Jędrzejewski-Szmek - 253.4-1 -- Version 253.4 - -* Thu May 11 2023 Michael Catanzaro - 253.2-6 -- Raise ManagedOOMMemoryPressureLimit from 50%% to 80%% - -* Tue May 09 2023 Zbigniew Jędrzejewski-Szmek - 253.2-5 -- Add forgotten Provides and Conflicts for standalones - -* Wed Apr 26 2023 Zbigniew Jędrzejewski-Szmek - 253.2-4 -- sysusers.generate-pre.sh: properly escape quotes in description strings - (rhbz#2104141) - -* Wed Apr 26 2023 Zbigniew Jędrzejewski-Szmek - 253.2-3 -- sysusers.generate-pre.sh: fix indentation in generated scripts - -* Wed Mar 29 2023 Zbigniew Jędrzejewski-Szmek - 253.2-1 -- Version 253.2 - -* Wed Mar 29 2023 Zbigniew Jędrzejewski-Szmek - 253.1-7 -- oomd: stop monitoring user-*.slice slices (rhbz#2177722) - -* Thu Mar 09 2023 Zbigniew Jędrzejewski-Szmek - 253.1-6 -- Move /usr/lib/systemd/boot/ to systemd-boot-unsigned subpackage - -* Fri Mar 03 2023 Zbigniew Jędrzejewski-Szmek - 253.1-2 -- Fix build with gnu-efi-3.0.11-13 - -* Fri Mar 03 2023 Zbigniew Jędrzejewski-Szmek - 253.1-1 -- Version 253.1 -- Fixes rhbz#2148464 - -* Wed Mar 01 2023 Zbigniew Jędrzejewski-Szmek - 253-7 -- Move man pages for sd-boot into systemd-boot-unsigned - -* Wed Feb 22 2023 Zbigniew Jędrzejewski-Szmek - 253-6 -- Set TimeoutStopFailureMode=abort for services (see - https://fedoraproject.org/wiki/Changes/Shorter_Shutdown_Timer) - -* Tue Feb 21 2023 Dusty Mabe - 253-5 -- remove group write permission from 98-default-mac-none.link - -* Tue Feb 21 2023 Dusty Mabe - 253-4 -- fix comment instructions for 98-default-mac-none.link - -* Tue Feb 21 2023 Zbigniew Jędrzejewski-Szmek - 253-3 -- Backport patch for container compatibility (rhbz#2165004) - -* Tue Feb 21 2023 Zbigniew Jędrzejewski-Szmek - 253-2 -- Add workaround patch for dracut generator issue (rhbz#2164404) - -* Mon Feb 20 2023 Zbigniew Jędrzejewski-Szmek - 253-1 -- Version 253 (mostly some documentation fixes since -rc3). - -* Fri Feb 10 2023 Zbigniew Jędrzejewski-Szmek - 253~rc3-1 -- Version 253-rc3 -- A bunch of bugfixes for regressions, some documentation and bug fixes - too. -- Really fix rhbz#2165692 (previous build carried an unapplied patch). - -* Thu Feb 09 2023 Zbigniew Jędrzejewski-Szmek - 253~rc2-7 -- Revert patch switch causes problems for 'systemctl isolate' - (rhbz#2165692) - -* Wed Feb 08 2023 Zbigniew Jędrzejewski-Szmek - 253~rc2-6 -- Disable systemd-boot-update.service in presets - -* Wed Feb 08 2023 Zbigniew Jędrzejewski-Szmek - 253~rc2-4 -- Update License to SPDX - -* Mon Feb 06 2023 Thomas Haller - 253~rc2-3 -- add "98-default-mac-none.link" to keep default MAC address of - bridge/bond/team - -* Thu Feb 02 2023 Michael Catanzaro - 253~rc2-2 -- Shorten shutdown timeout to 45 s - -* Thu Feb 02 2023 Zbigniew Jędrzejewski-Szmek - 253~rc2-1 -- Version 253~rc2 -- Sysusers fixup (rhbz#2156900) + other small changes - -* Thu Feb 02 2023 Yaakov Selkowitz - 253~rc1-5 -- Build with xen only on Fedora - -* Thu Jan 26 2023 Zbigniew Jędrzejewski-Szmek - 253~rc1-3 -- Reenable systemd-journald-audit.socket after upgrades (rhbz#2164594) - -* Wed Jan 25 2023 Zbigniew Jędrzejewski-Szmek - 253~rc1-2 -- Add Requires on Python modules to systemd-ukify and Recommends for - libp11-kit - -* Tue Jan 24 2023 Zbigniew Jędrzejewski-Szmek - 253~rc1-1 -- Version 253~rc1 -- See https://raw.githubusercontent.com/systemd/systemd/v253-rc1/NEWS -- New subpackages: systemd-repart-standalone, systemd-shutdown-standalone, - and systemd-ukify. - -* Sun Jan 22 2023 Zbigniew Jędrzejewski-Szmek - 252.4-4 -- Backport patches to fix issues gcc-13 and -D_FORTIFY_SOURCE=3 - -* Sat Jan 21 2023 Fedora Release Engineering - 252.4-3 -- Rebuilt for https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild - -* Thu Jan 05 2023 Daan De Meyer - 252.4-2 -- Add python3 to BuildRequires - -* Tue Dec 20 2022 Zbigniew Jędrzejewski-Szmek - 252.4-1 -- Version 252.4 -- Fixes a few different issues (systemd-timesyncd connectivity problems, - broken emoji output on the console, crashes in pid1 unit dependency - logic) -- CVE-2022-4415: systemd: coredump not respecting fs.suid_dumpable kernel - setting - -* Sat Dec 17 2022 Zbigniew Jędrzejewski-Szmek - 252.3-4 -- boot: add Provides:systemd-boot(isa) - -* Wed Dec 14 2022 Zbigniew Jędrzejewski-Szmek - 252.3-2 -- Use upstream pam systemd-auth file with a patch, add pam_keyinit - -* Thu Dec 08 2022 Zbigniew Jędrzejewski-Szmek - 252.3-1 -- Version 252.3 (rhbz#2136916, rhbz#2083900) - -* Fri Dec 02 2022 Zbigniew Jędrzejewski-Szmek - 252.2-2 -- Split out systemd-boot-unsigned package - -* Thu Nov 24 2022 Zbigniew Jędrzejewski-Szmek - 252.2-1 -- Version 252.2 -- Latest batch of bugfixes (rhbz#2137631) - -* Thu Nov 24 2022 Martin Osvald - 252.1-3 -- Support user:group notation by sysusers.generate-pre.sh script - -* Tue Nov 08 2022 Zbigniew Jędrzejewski-Szmek - 252.1-1 -- Version 252.1 (just some small fixes). - -* Mon Oct 31 2022 Zbigniew Jędrzejewski-Szmek - 252-1 -- Version 252 - -* Tue Oct 25 2022 Zbigniew Jędrzejewski-Szmek - 252~rc3-1 -- Version 252-rc3 (#2135778) - -* Tue Oct 18 2022 Zbigniew Jędrzejewski-Szmek - 252~rc2-28 -- Version 252-rc2 (#2134741, #2133792) - -* Fri Oct 14 2022 Zbigniew Jędrzejewski-Szmek - 252~rc1-31 -- Fix upgrade detection in %%posttrans scriptlet (rhbz#2115094) - -* Sun Oct 09 2022 Zbigniew Jędrzejewski-Szmek - 252~rc1-30 -- Fix indentation in %%sysusers_create_compat macro (rhbz#2132835) - -* Sun Oct 09 2022 Zbigniew Jędrzejewski-Szmek - 252~rc1-29 -- Correctly move systemd-measure to systemd-udev subpackage - -* Fri Oct 07 2022 Zbigniew Jędrzejewski-Szmek - 252~rc1-28 -- Version 252-rc1 (for details see - https://raw.githubusercontent.com/systemd/systemd/v252-rc1/NEWS) - -* Sat Oct 01 2022 Zbigniew Jędrzejewski-Szmek - 251.5-29 -- Fix permissions on %%ghost files (rhbz#2122889) - -* Sat Oct 01 2022 Zbigniew Jędrzejewski-Szmek - 251.5-28 -- Version 251.5 (rhbz#2129343, rhbz#2121106, rhbz#2130188) - -* Fri Sep 30 2022 Yu Watanabe - 251.4-41 -- Replace patch for test-mountpoint-util - -* Fri Sep 30 2022 Yu Watanabe - 251.4-40 -- patch: fix regression in bfq patch - -* Fri Sep 30 2022 Luca BRUNO - 251.4-39 -- sysusers/generate: bridge 'm' entries to usermod - -* Fri Sep 30 2022 Anita Zhang - 251.4-38 -- Update systemd-oomd defaults to friendlier values -- Remove swap policy. Default amount of swap (8GB?) is a lot lower than - what we use internally with the swap policy. Which frequently leads to - GNOME getting killed (e.g. - https://bugzilla.redhat.com/show_bug.cgi?id=1941170, and other BZs not - linked here). Internally we use 0.5x-1x size of physical memory for swap - via swapfiles (this will be documented in systemd upstream). In simple - cases of using more memory than is available (but without memory - pressure), the Kernel OOM killer can handle killing the offending - process. - -* Thu Sep 29 2022 Zbigniew Jędrzejewski-Szmek - 251.4-37 -- Make systemd-devel conditionally pull in systemd-rpm-macros - -* Fri Aug 19 2022 Neal Gompa - 251.4-53 -- Set compile-time fallback hostname to "localhost" - https://fedoraproject.org/wiki/Changes/FallbackHostname - -* Thu Aug 18 2022 Kalev Lember - 251.4-52 -- Avoid requiring systemd-pam from -devel subpackage - -* Tue Aug 09 2022 Zbigniew Jędrzejewski-Szmek - 251.4-51 -- Manually bump release version for rpmautospec - -* Tue Aug 09 2022 Luca BRUNO - 251.4-26 -- Align sysusers-generated shell value with upstream systemd default - -* Tue Aug 09 2022 Zbigniew Jędrzejewski-Szmek - 251.4-2 -- Backport patches and do a full preset on first boot (#2114065, - https://fedoraproject.org/wiki/Changes/Preset_All_Systemd_Units_on_First_Boot) - -* Mon Aug 08 2022 Zbigniew Jędrzejewski-Szmek - 251.4-1 -- Version 251.4 (fixes rhbz#2112551) -- A bunch of fixes to documentation, crashes in systemd-resolved, - systemd-networkd, systemd itself, and other smaller fixes. - -* Sat Jul 23 2022 Fedora Release Engineering - 251.3-2 -- Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild - -* Wed Jul 13 2022 Zbigniew Jędrzejewski-Szmek - 251.3-1 -- Update to latest bugfix release -- Drop forgotten "temporary" workaround for #1663040 - -* Wed Jun 29 2022 Zbigniew Jędrzejewski-Szmek - 251.2-2 -- Drop forward-secure-sealing code from sd-journal and tools - -* Thu Jun 2 2022 Zbigniew Jędrzejewski-Szmek - 251.2-1 -- A bunch of man page fixes, a few memory-access correctness fixes, - remove excessive messages to utmp sessions, suppress messages about - bpf setup in the user manager (#2084955) - -* Wed May 25 2022 Zbigniew Jędrzejewski-Szmek - 251.1-2 -- Supress errors from useradd/groupadd (#2090129) -- Drop "v" from the version tag, add tilde back -- The tag for shared-libraries is reintroduced (#1906010) - -* Tue May 24 2022 Zbigniew Jędrzejewski-Szmek - 251.1-1 -- First bugfix release for 250 -- Two fixes for kernel-install and a revert for #2087225, #2088788. - -* Sat May 21 2022 Zbigniew Jędrzejewski-Szmek - 251-1 -- Latest upstream release, for details see - https://raw.githubusercontent.com/systemd/systemd/v251/NEWS. -- Fixes for #2071034, #2084955, #2086166. - -* Mon May 16 2022 Zbigniew Jędrzejewski-Szmek - 251~rc3-1 -- Update to latest upstream prerelease (just various bugfixes) -- Udev rule processing should be now fixed (#2076459) -- Run sysusers and hwdb and catalog updates also if systemd is not running - (#2085481) - -* Wed May 11 2022 Adam Williamson - 251~rc2-2 -- Backport #23352 to fix RHBZ #2083374 - -* Thu May 5 2022 Zbigniew Jędrzejewski-Szmek - 251~rc2-1 -- New upstream prerelease, for details see - https://raw.githubusercontent.com/systemd/systemd/v251-rc2/NEWS. - -* Tue Apr 12 2022 Zbigniew Jędrzejewski-Szmek - 251~rc1-3 -- Do not touch /etc/resolv.conf on upgrades (#2074122) -- Add bugfix patch and revert one patch which might be causing - problems with the compose - -* Mon Apr 4 2022 Zbigniew Jędrzejewski-Szmek - 251~rc1-2 -- Merge libsystemd-core back into individual binaries and drop the - private shared library suffix (this should server as a work-around - for rhbz#2071069) - -* Tue Mar 29 2022 Zbigniew Jędrzejewski-Szmek - 251~rc1-1 -- First release candidate in the new cycle -- Fixes rhbz#1449751, rhbz#1906010 - -* Fri Mar 18 2022 Zbigniew Jędrzejewski-Szmek - 250.4-2 -- Fix the wrong file assignment done in previous version - -* Thu Mar 17 2022 Zbigniew Jędrzejewski-Szmek - 250.4-1 -- Move libcryptsetup plugins to -udev (#2031873) -- Move systemd-cryptenroll to -udev (David Tardon) -- Disable default DNS over TLS (#1889901) (Michael Catanzaro) - -* Thu Feb 24 2022 Zbigniew Jędrzejewski-Szmek - 250.3-6 -- Avoid trying to create the symlink if there's a dangling symlink already in - place (#2058388) - -* Wed Feb 23 2022 Zbigniew Jędrzejewski-Szmek - 250.3-5 -- Move part of %%post scriptlet for resolved to %%posttrans (#2018913) -- Specify owner of utmp/wtmp/btmp/lastlog as root in the rpm listing - -* Wed Feb 16 2022 Zbigniew Jędrzejewski-Szmek - 250.3-4 -- Drop scriptlet for handling nobody user upgrades from Fedora <28 -- Specify owner of /var/log/journal as root in the rpm listing (#2018913) - -* Thu Feb 10 2022 Zbigniew Jędrzejewski-Szmek - 250.3-4 -- Add pam_namespace to systemd-user pam config (rhbz#2053098) -- Drop 20-grubby.install plugin for kernel-install (rhbz#2033646) - -* Sat Jan 22 2022 Fedora Release Engineering - 250.3-3 -- Rebuilt for https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild - -* Tue Jan 18 2022 Zbigniew Jędrzejewski-Szmek - 250.3-2 -- Take ghost ownership of /var/log/lastlog (#1798685) - -* Tue Jan 18 2022 Zbigniew Jędrzejewski-Szmek - 250.3-1 -- Third stable release after v250: fixes for sd-boot on fringe hardware (e.g. VirtualBox), - various man page updates, sd-journal file verification is now stricter, - systemd-networkd by default will not add routes for wireguard AllowedIPs= - systemd nss modules shouldn't try to read kernel command line -- Don't do sd-boot updates when not installed (#2038289) -- xdg-autostart-service will ignore ExecCondition= when the helper binary is missing -- kernel-install does cleanup better (#2016630) - -* Fri Jan 7 2022 Zbigniew Jędrzejewski-Szmek - 250.2-1 -- Second stable release after v250: various bugfixes - (systemd-resolved, systemd-journald, userdbctl, homed). -- The manager should now gracefully handle the case where BPF LSM - cannot be initialized (#2036145). The BPF filters are enabled again - on all architectures, so *other* filter should also work on the - affected architectures. -- kernel-install now checks paths used by grub2 before sd-boot paths again - (#2036199) -- fstab-generator now ignores root-on-nfs/cifs/iscsi and live (#2037233) -- CVE-2021-3997, #2024639: systemd-tmpfiles would exhaust the stack and crash - during excessive recursion on a very deeply nested directory structure. - -* Tue Jan 4 2022 Zbigniew Jędrzejewski-Szmek - 250.1-1 -- First stable version after v250: various bugfixes, in particular for - sd-boot, systemd-networkd, and various build issues. -- Fixes #2036517, #2035608, #2036217. - -* Thu Dec 30 2021 Zbigniew Jędrzejewski-Szmek - 250-3 -- Disable bpf filters on arm64 (#2036145) - -* Sat Dec 25 2021 Zbigniew Jędrzejewski-Szmek - 250-2 -- Fix warning about systemd-boot-update.service not existing on - non-uefi architectures -- Enable all bpf features (#2035608) - -* Thu Dec 23 2021 Zbigniew Jędrzejewski-Szmek - 250-1 -- Version 250, only some very small changes since -rc3. -- Switch unit status name format to 'combined' (#2028169) - -* Mon Dec 20 2021 Zbigniew Jędrzejewski-Szmek - 250~rc3-1 -- Latest prerelease, see - https://raw.githubusercontent.com/systemd/systemd/v250-rc3/NEWS for - details. -- Fixes rhbz#2006761, rhbz#2027627, rhbz#1926323, rhbz#1919538. - -* Sun Dec 12 2021 Zbigniew Jędrzejewski-Szmek - 250~rc1-4 -- Move systemd-boot-update.service to -udev subpackage - and add it the the installation scriptlets (#2031400) -- Move libcryptsetup-token-systemd plugins to -udev (#2031873) -- Create /etc/resolv.conf symlink if nothing is present yet (#2032085) - -* Fri Dec 10 2021 Pavel Březina - 250~rc1-3 -- Remove nsswitch.conf scriptlets (#2023743) - -* Thu Dec 9 2021 Zbigniew Jędrzejewski-Szmek - 250~rc1-1 -- Version 250-rc1, - see https://raw.githubusercontent.com/systemd/systemd/v250-rc1/NEWS for - details. - -* Fri Nov 19 2021 Davide Cavalca - 249.7-3 -- Disable legacy iptables support - -* Mon Nov 15 2021 Zbigniew Jędrzejewski-Szmek - 249.7-2 -- Supress errors from update-helper when selinux is enabled (see #2023332) - -* Sun Nov 14 2021 Zbigniew Jędrzejewski-Szmek - 249.7-1 -- Latest bugfix release (better erofs detection, sd-event memory - corruption bugfix, logind, documentation) -- Really fix helper to restart user units with older systemd (#2020415) - -* Sun Nov 14 2021 Petr Menšík - 249.7-1 -- Switch /etc/resolv.conf over to NM when systemd-resolved is uninstalled - -* Wed Nov 10 2021 Kir Kolyshkin - 249.7-1 -- Fix scope activation from a user instance (#2022041) - -* Mon Nov 8 2021 Zbigniew Jędrzejewski-Szmek - 249.6-3 -- Fix helper to restart user units with older systemd (#2020415) - -* Thu Nov 4 2021 Zbigniew Jędrzejewski-Szmek - 249.6-2 -- Latest bugfix release (networkd, coredumpctl, varlink, udev, - systemctl, systemd itself, better detection of Hyper-V and - Virtualbox virtualization, documentation updates) -- Fix helper to restart user units - -* Fri Oct 29 2021 Adam Williamson - 249.5-2 -- Backport PR #133 to fix boot - -* Tue Oct 12 2021 Zbigniew Jędrzejewski-Szmek - 249.5-1 -- Latest bugfix release (various fixes in systemd-networkd, - -timesyncd, -journald, -udev, homed, -resolved, -repart, -oomd, - -coredump, systemd itself, seccomp filters, TPM2 handling, - -documentation, sd-event, sd-journal, journalctl, and nss-systemd). -- Fixes #1976445. - -* Tue Sep 14 2021 Sahana Prasad - 249.4-2 -- Rebuilt with OpenSSL 3.0.0 - -* Tue Aug 24 2021 Zbigniew Jędrzejewski-Szmek - 249.4-1 -- Latest bugfix release: various fixes for systemd-networkd, - systemd-resolved, systemd, systemd-boot. -- Backport of macros to restart systemd user units (#1993244) - -* Fri Aug 6 2021 Zbigniew Jędrzejewski-Szmek - 249.3-1 -- Latest bugfix release: improved compatibility with latest glibc, - various small documentation fixes, and fixes for systemd-networkd bridging, - other minor fixes. -- systemctl set-property accepts glob patterns now (#1986258) - -* Fri Jul 23 2021 Zbigniew Jędrzejewski-Szmek - 249.2-1 -- Latest bugfix release (a minor hwdb regression bugfix, and correction - to kernel commandline handling when reexecuting PID 1 in a container) - -* Fri Jul 23 2021 Michael Catanzaro - 249.2-1 -- Build with -Ddefault-dns-over-tls=opportunistic - (https://fedoraproject.org/wiki/Changes/DNS_Over_TLS, #1889901) - -* Tue Jul 20 2021 Zbigniew Jędrzejewski-Szmek - 249.1-1 -- Various minor documentation and correctness fixes. -- CVE-2021-33910, #1984020: an unchecked stack allocation could be used to - crash systemd and cause the system to reboot by creating a very long - fuse mountpoint path. - -* Wed Jul 7 2021 Neal Gompa - 249-2 -- Use correct NEWS URLs for systemd 249 releases in changelog entries - -* Wed Jul 7 2021 Zbigniew Jędrzejewski-Szmek - 249-1 -- Latest upstream release with minor bugfixes, see - https://github.com/systemd/systemd/blob/v249/NEWS. -- systemd-oomd cpu usage is reduced (#1944646) - -* Thu Jul 1 2021 Zbigniew Jędrzejewski-Szmek - 249~rc3-1 -- Latest upstream prerelease with various bugfixes, see - https://github.com/systemd/systemd/blob/v249-rc3/NEWS. - -* Fri Jun 25 2021 Zbigniew Jędrzejewski-Szmek - 249~rc2-1 -- Latest upstream prerelease with various bugfixes, see - https://github.com/systemd/systemd/blob/v249-rc2/NEWS. -- Ignore FORCERENEW DHCP packets (TALOS-2020-1142, CVE-2020-13529, #1959398) - -* Thu Jun 17 2021 Adam Williamson - 249~rc1-2 -- Stop systemd providing systemd-resolved, now the subpackage exists (#1973462) - -* Wed Jun 16 2021 Zbigniew Jędrzejewski-Szmek - 249~rc1-1 -- Latest upstream prerelease, see - https://github.com/systemd/systemd/blob/v249-rc1/NEWS. - Fixes #1963428. -- Use systemd-sysusers to create users (#1965815) -- Move systemd-resolved into systemd-resolved subpackage (#1923727) - [patch from Petr Menšík] - -* Sat May 15 2021 Zbigniew Jędrzejewski-Szmek - 248.3-1 -- A fix for resolved crashes (#1946386, #1960227, #1950241) -- Some minor fixes for documentation, systemd-networkd, systemd-run, bootctl. - -* Fri May 7 2021 Zbigniew Jędrzejewski-Szmek - 248.2-1 -- Pull in some more patches from upstream (#1944646, #1885090, #1941340) -- Adjust modes of some %%ghost files (#1956059) - -* Thu May 6 2021 Zbigniew Jędrzejewski-Szmek - 248.1-1 -- Latest stable version: a long list of minor correctness fixes all around - (#1955475, #911766, #1958167, #1952919) -- Enable tpm2-tss dependency (#1949505) - -* Tue Apr 06 2021 Adam Williamson - 248-2 -- Re-enable resolved caching, we hope all major bugs are resolved now - -* Wed Mar 31 2021 Zbigniew Jędrzejewski-Szmek - 248-1 -- Latest upstream release, see - https://github.com/systemd/systemd/blob/v248/NEWS. -- The changes since -rc4 are rather small, various fixes all over the place. - A fix to how systemd-oomd selects a candidate to kill, and more debug logging - to make this more transparent. - -* Tue Mar 30 2021 Anita Zhang - 248~rc4-6 -- Increase oomd user memory pressure limit to 50% (#1941170) - -* Fri Mar 26 2021 Zbigniew Jędrzejewski-Szmek - 248~rc4-5 -- Do not preset systemd-networkd.service and systemd-networkd-wait-online.service - on upgrades from before systemd-networkd was split out (#1943263) -- In nsswitch.conf, move nss-myhostname to the front, before nss-mdns4 (#1943199) - -* Wed Mar 24 2021 Zbigniew Jędrzejewski-Szmek - 248~rc4-4 -- Revert patch that seems to cause problems with dns resolution - (see comments on https://bodhi.fedoraproject.org/updates/FEDORA-2021-1c1a870ceb) - -* Mon Mar 22 2021 Zbigniew Jędrzejewski-Szmek - 248~rc4-3 -- Fix hang when processing timers during DST switch in Europe/Dublin timezone (#1941335) -- Fix returning combined IPv4/IPv6 responses from systemd-resolved cache (#1940715) - (But note that the disablement of caching added previously is - retained until we can do more testing.) -- Minor fix to interface naming by udev -- Fix for systemd-repart --size - -* Fri Mar 19 2021 Adam Williamson - 248~rc4-2 -- Disable resolved cache via config snippet (#1940715) - -* Thu Mar 18 2021 Yu Watanabe - 248~rc4-1 -- Latest upstream prerelease, see - https://github.com/systemd/systemd/blob/v248-rc4/NEWS. -- A bunch of documentation updates, and correctness fixes. - -* Tue Mar 16 2021 Adam Williamson - 248~rc3-2 -- Backport PR #19009 to fix CNAME redirect resolving some more (#1933433) - -* Thu Mar 11 2021 Zbigniew Jędrzejewski-Szmek - 248~rc3-1 -- Latest upstream prerelease, see - https://github.com/systemd/systemd/blob/v248-rc3/NEWS. -- A bunch of documentation updates, correctness fixes, and systemd-networkd - features. -- Resolves #1933137, #1935084, #1933873, #1931181, #1933335, #1935062, #1927148. - -* Thu Mar 11 2021 Zbigniew Jędrzejewski-Szmek - 248~rc2-5 -- Fix crash in pid1 during daemon-reexec (#1931034) - -* Fri Mar 05 2021 Adam Williamson - 248~rc2-3 -- Fix stub resolver CNAME chain resolving (#1933433) - -* Mon Mar 01 2021 Josh Boyer - 248~rc2-2 -- Don't set the fallback hostname to Fedora on non-Fedora OSes - -* Tue Feb 23 2021 Zbigniew Jędrzejewski-Szmek - 248~rc2-1 -- Latest upstream prelease, just a bunch of small fixes. -- Fixes #1931957. - -* Tue Feb 23 2021 Zbigniew Jędrzejewski-Szmek - 248~rc1-2 -- Rebuild with the newest scriptlets - -* Tue Feb 23 2021 Zbigniew Jędrzejewski-Szmek - 248~rc1-1 -- Latest upstream prerelease, see - https://github.com/systemd/systemd/blob/v248-rc1/NEWS. -- Fixes #1614751 by only restarting services at the end of transcation. - Various packages need to be rebuilt to have the updated macros. -- Fixes #1879028, though probably not completely. -- Fixes #1925805, #1928235. - -* Wed Feb 17 2021 Michel Alexandre Salim - 247.3-3 -- Increase oomd user memory pressure limit to 10% (#1929856) - -* Fri Feb 5 2021 Anita Zhang - 247.3-2 -- Changes for https://fedoraproject.org/wiki/Changes/EnableSystemdOomd. -- Backports consist primarily of PR #18361, #18444, and #18401 (plus some - additional ones to handle merge conflicts). -- Create systemd-oomd-defaults subpackage to install unit drop-ins that will - configure systemd-oomd to monitor and act. - -* Tue Feb 2 2021 Zbigniew Jędrzejewski-Szmek - 247.3-1 -- Minor stable release -- Fixes #1895937, #1813219, #1903106. - -* Wed Jan 27 2021 Fedora Release Engineering - 247.2-3 -- Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild - -* Wed Jan 13 2021 Zbigniew Jędrzejewski-Szmek - 247.2-2 -- Fix bfq patch again (#1813219) - -* Wed Dec 23 2020 Jonathan Underwood - 247.2-2 -- Add patch to enable crypttab to support disabling of luks read and - write workqueues (corresponding to - https://github.com/systemd/systemd/pull/18062/). - -* Wed Dec 16 2020 Zbigniew Jędrzejewski-Szmek - 247.2-1 -- Minor stable release -- Fixes #1908071. - -* Tue Dec 8 2020 Zbigniew Jędrzejewski-Szmek - 247.1-3 -- Rebuild with fallback hostname change reverted. - -* Fri Dec 04 2020 Bastien Nocera - 247.1-2 -- Unset fallback-hostname as plenty of applications expected localhost - to mean "default hostname" without ever standardising it (#1892235) - -* Tue Dec 1 2020 Zbigniew Jędrzejewski-Szmek - 247.1-1 -- Latest stable release -- Fixes #1902819. -- Files to configure networking with systemd-networkd in a VM or container are - moved to systemd-networkd subpackage. (They were previously in the -container - subpackage, which is for container/VM management.) - -* Thu Nov 26 2020 Zbigniew Jędrzejewski-Szmek - 247-1 -- Update to the latest version -- #1900878 should be fixed - -* Tue Oct 20 2020 Zbigniew Jędrzejewski-Szmek - 247~rc2 -- New upstream pre-release. See - https://github.com/systemd/systemd/blob/v247-rc1/NEWS. - Many smaller and bigger improvements and features are introduced. - (#1885101, #1890632, #1879216) - - A backwards-incompatible change affects PCI network devices which - are connected through a bridge which is itself associated with a - slot. When more than one device was associated with the same slot, - one of the devices would pseudo-randomly get named after the slot. - That name is now not generated at all. This changed behaviour is - causes the net naming scheme to be changed to "v247". To restore - previous behaviour, specify net.naming-scheme=v245. - - systemd-oomd is built, but should not be considered "production - ready" at this point. Testing and bug reports are welcome. - -* Wed Sep 30 2020 Dusty Mabe - 246.6-3 -- Try to make files in subpackages (especially the networkd subpackage) - more appropriate. - -* Thu Sep 24 2020 Filipe Brandenburger - 246.6-2 -- Build a package with standalone binaries for non-systemd systems. - For now, only systemd-sysusers is included. - -* Thu Sep 24 2020 Christian Glombek - 246.6-2 -- Split out networkd sub-package and add to main package as recommended dependency - -* Sun Sep 20 2020 Zbigniew Jędrzejewski-Szmek - 246.6-1 -- Update to latest stable release (various minor fixes: manager, - networking, bootct, kernel-install, systemd-dissect, systemd-homed, - fstab-generator, documentation) (#1876905) -- Do not fail in test because of kernel bug (#1803070) - -* Sun Sep 13 2020 Zbigniew Jędrzejewski-Szmek - 246.5-1 -- Update to latest stable release (a bunch of small network-related - fixes in systemd-networkd and socket handling, documentation updates, - a bunch of fixes for error handling). -- Also remove existing file when creating /etc/resolv.conf symlink - upon installation (#1873856 again) - -* Wed Sep 2 2020 Zbigniew Jędrzejewski-Szmek - 246.4-1 -- Update to latest stable version: a rework of how the unit cache mtime works - (hopefully #1872068, #1871327, #1867930), plus various fixes to - systemd-resolved, systemd-dissect, systemd-analyze, systemd-ask-password-agent, - systemd-networkd, systemd-homed, systemd-machine-id-setup, presets for - instantiated units, documentation and shell completions. -- Create /etc/resolv.conf symlink upon installation (#1873856) -- Move nss-mdns before nss-resolve in /etc/nsswitch.conf and disable - mdns by default in systemd-resolved (#1867830) - -* Wed Aug 26 2020 Zbigniew Jędrzejewski-Szmek - 246.3-1 -- Update to bugfix version (some networkd fixes, minor documentation - fixes, relax handling of various error conditions, other fixlets for - bugs without bugzilla numbers). - -* Mon Aug 17 2020 Zbigniew Jędrzejewski-Szmek - 246.2-1 -- A few minor bugfixes -- Adjust seccomp filter for kernel 5.8 and glibc 2.32 (#1869030) -- Create /etc/resolv.conf symlink on upgrade (#1867865) - -* Fri Aug 7 2020 Zbigniew Jędrzejewski-Szmek - 246.1-1 -- A few minor bugfixes -- Remove /etc/resolv.conf on upgrades (if managed by NetworkManager), so - that systemd-resolved can take over the management of the symlink. - -* Thu Jul 30 2020 Zbigniew Jędrzejewski-Szmek - 246-1 -- Update to released version. Only some minor bugfixes since the pre-release. - -* Sun Jul 26 2020 Zbigniew Jędrzejewski-Szmek - 246~rc2-2 -- Make /tmp be 50% of RAM again (#1856514) -- Re-run 'systemctl preset systemd-resolved' on upgrades. - /etc/resolv.conf is not modified, by a hint is emitted if it is - managed by NetworkManager. - -* Fri Jul 24 2020 Zbigniew Jędrzejewski-Szmek - 246~rc2-1 -- New pre-release with incremental fixes - (#1856037, #1858845, #1856122, #1857783) -- Enable systemd-resolved (with DNSSEC disabled by default, and LLMNR - and mDNS support in resolve-only mode by default). - See https://fedoraproject.org/wiki/Changes/systemd-resolved. - -* Thu Jul 9 2020 Zbigniew Jędrzejewski-Szmek - 246~rc1-1 -- New upstream release, see - https://raw.githubusercontent.com/systemd/systemd/v246-rc1/NEWS. - - This release includes many new unit settings, related inter alia to - cgroupsv2 freezer support and cpu affinity, encryption and verification. - systemd-networkd has a ton of new functionality and many other tools gained - smaller enhancements. systemd-homed gained FIDO2 support. - - Documentation has been significantly improved: sd-bus and sd-hwdb - libraries are now fully documented; man pages have been added for - the D-BUS APIs of systemd daemons and various new interfaces. - - Closes #1392925, #1790972, #1197886, #1525593. - -* Wed Jun 24 2020 Bastien Nocera - 245.6-3 -- Set fallback-hostname to fedora so that unset hostnames are still - recognisable (#1392925) - -* Tue Jun 2 2020 Zbigniew Jędrzejewski-Szmek - 245.6-2 -- Add self-obsoletes to fix upgrades from F31 - -* Sun May 31 2020 Zbigniew Jędrzejewski-Szmek - 245.6-1 -- Update to latest stable version (some documentation updates, minor - memory correctness issues) (#1815605, #1827467, #1842067) - -* Tue Apr 21 2020 Björn Esser - 245.5-2 -- Add explicit BuildRequires: acl -- Bootstrapping for json-c SONAME bump - -* Fri Apr 17 2020 Zbigniew Jędrzejewski-Szmek - 245.5-1 -- Update to latest stable version (#1819313, #1815412, #1800875) - -* Thu Apr 16 2020 Björn Esser - 245.4-2 -- Add bootstrap option to break circular deps on cryptsetup - -* Wed Apr 1 2020 Zbigniew Jędrzejewski-Szmek - 245.4-1 -- Update to latest stable version (#1814454) - -* Thu Mar 26 2020 Zbigniew Jędrzejewski-Szmek - 245.3-1 -- Update to latest stable version (no issue that got reported in bugzilla) - -* Wed Mar 18 2020 Zbigniew Jędrzejewski-Szmek - 245.2-1 -- Update to latest stable version (a few bug fixes for random things) (#1798776) - -* Fri Mar 6 2020 Zbigniew Jędrzejewski-Szmek - 245-1 -- Update to latest version (#1807485) - -* Wed Feb 26 2020 Zbigniew Jędrzejewski-Szmek - 245~rc2-1 -- Modify the downstream udev rule to use bfq to only apply to disks (#1803500) -- "Upgrade" dependency on kbd package from Recommends to Requires (#1408878) -- Move systemd-bless-boot.service and systemd-boot-system-token.service to - systemd-udev subpackage (#1807462) -- Move a bunch of other services to systemd-udev: - systemd-pstore.service, all fsck-related functionality, - systemd-volatile-root.service, systemd-verity-setup.service, and a few - other related files. -- Fix daemon-reload rule to not kill non-systemd pid1 (#1803240) -- Fix namespace-related failure when starting systemd-homed (#1807465) and - group lookup failure in nss_systemd (#1809147) -- Drop autogenerated BOOT_IMAGE= parameter from stored kernel command lines - (#1716164) -- Don't require /proc to be mounted for systemd-sysusers to work (#1807768) - -* Fri Feb 21 2020 Filipe Brandenburger - 245~rc1-4 -- Update daemon-reexec fallback to check whether the system is booted with - systemd as PID 1 and check whether we're upgrading before using kill -TERM - on PID 1 (#1803240) - -* Tue Feb 18 2020 Adam Williamson - 245~rc1-3 -- Revert 097537f0 to fix plymouth etc. running when they shouldn't (#1803293) - -* Fri Feb 7 2020 Zbigniew Jędrzejewski-Szmek - 245~rc1-2 -- Add default 'disable *' preset for user units (#1792474, #1468501), - see https://fedoraproject.org/wiki/Changes/Systemd_presets_for_user_units. -- Add macro to generate "compat" scriptlets based off sysusers.d format - and autogenerate user() and group() virtual provides (#1792462), - see https://fedoraproject.org/wiki/Changes/Adopting_sysusers.d_format. -- Revert patch to udev rules causing regression with usb hubs (#1800820). - -* Wed Feb 5 2020 Zbigniew Jędrzejewski-Szmek - 245~rc1-1 -- New upstream release, see - https://raw.githubusercontent.com/systemd/systemd/v245-rc1/NEWS. - - This release includes completely new functionality: systemd-repart, - systemd-homed, user reconds in json, and multi-instantiable - journald, and a partial rework of internal communcation to use - varlink, and bunch of more incremental changes. - - The "predictable" interface name naming scheme is changed, - net.naming-scheme= can be used to undo the change. The change applies - to container interface names on the host. - -- Fixes #1774242, #1787089, #1798414/CVE-2020-1712. - -* Fri Jan 31 2020 Fedora Release Engineering - 244.1-2 -- Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild - -* Sat Dec 21 2019 - 244.1-2 -- Disable service watchdogs (for systemd units) - -* Sun Dec 15 2019 - 244.1-1 -- Update to latest stable batch (systemd-networkd fixups, better - support for seccomp on s390x, minor cleanups to documentation). -- Drop patch to revert addition of NoNewPrivileges to systemd units - -* Fri Nov 29 2019 Zbigniew Jędrzejewski-Szmek - 244-1 -- Update to latest version. Just minor bugs fixed since the pre-release. - -* Fri Nov 22 2019 Zbigniew Jędrzejewski-Szmek - 244~rc1-1 -- Update to latest pre-release version, - see https://github.com/systemd/systemd/blob/master/NEWS#L3. - Biggest items: cgroups v2 cpuset controller, fido_id builtin in udev, - systemd-networkd does not create a default route for link local addressing, - systemd-networkd supports dynamic reconfiguration and a bunch of new settings. - Network files support matching on WLAN SSID and BSSID. -- Better error messages when preset/enable/disable are used with a glob (#1763488) -- u2f-hidraw-policy package is obsoleted (#1753381) - -* Tue Nov 19 2019 Zbigniew Jędrzejewski-Szmek - 243.4 -- Latest bugfix release. Systemd-stable snapshots will now be numbered. -- Fix broken PrivateDevices filter on big-endian, s390x in particular (#1769148) -- systemd-modules-load.service should only warn, not fail, on error (#1254340) -- Fix incorrect certificate validation with DNS over TLS (#1771725, #1771726, - CVE-2018-21029) -- Fix regression with crypttab keys with colons -- Various memleaks and minor memory access issues, warning adjustments - -* Fri Oct 18 2019 Adam Williamson - 243-4.gitef67743 -- Backport PR #13792 to fix nomodeset+BIOS CanGraphical bug (#1728240) - -* Thu Oct 10 2019 Zbigniew Jędrzejewski-Szmek - 243-3.gitef67743 -- Various minor documentation and error message cleanups -- Do not use cgroup v1 hierarchy in nspawn on groups v2 (#1756143) - -* Sat Sep 21 2019 Zbigniew Jędrzejewski-Szmek - 243-2.gitfab6f01 -- Backport a bunch of patches (memory access issues, improvements to error - reporting and handling in networkd, some misleading man page contents #1751363) -- Fix permissions on static nodes (#1740664) -- Make systemd-networks follow the RFC for DHPCv6 and radv timeouts -- Fix one crash in systemd-resolved (#1703598) -- Make journal catalog creation reproducible (avoid unordered hashmap use) -- Mark the accelerometer in HP laptops as part of the laptop base -- Fix relabeling of directories with relabel-extra.d/ -- Fix potential stuck noop jobs in pid1 -- Obsolete timedatex package (#1735584) - -* Tue Sep 3 2019 Zbigniew Jędrzejewski-Szmek - 243-1 -- Update to latest release -- Emission of Session property-changed notifications from logind is fixed - (this was breaking the switching of sessions to and from gnome). -- Security issue: unprivileged users were allowed to change DNS - servers configured in systemd-resolved. Now proper polkit authorization - is required. - -* Mon Aug 26 2019 Adam Williamson - 243~rc2-2 -- Backport PR #13406 to solve PATH ordering issue (#1744059) - -* Thu Aug 22 2019 Zbigniew Jędrzejewski-Szmek - 243~rc2-1 -- Update to latest pre-release. Fixes #1740113, #1717712. -- The default scheduler for disks is set to BFQ (1738828) -- The default cgroup hierarchy is set to unified (cgroups v2) (#1732114). - Use systemd.unified-cgroup-hierarchy=0 on the kernel command line to revert. - See https://fedoraproject.org/wiki/Changes/CGroupsV2. - -* Wed Aug 07 2019 Adam Williamson - 243~rc1-2 -- Backport PR #1737362 so we own /etc/systemd/system again (#1737362) - -* Tue Jul 30 2019 Zbigniew Jędrzejewski-Szmek - 243~rc1-1 -- Update to latest version (#1715699, #1696373, #1711065, #1718192) - -* Sat Jul 27 2019 Fedora Release Engineering - 242-7.git9d34e79 -- Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild - -* Sat Jul 20 2019 Zbigniew Jędrzejewski-Szmek - 242-6.git9d34e79 -- Ignore bad rdrand output on AMD CPUs (#1729268) -- A bunch of backported patches from upstream: documentation, memory - access fixups, command output tweaks (#1708996) - -* Tue Jun 25 2019 Björn Esser - 242-5.git7a6d834 -- Rebuilt (libqrencode.so.4) - -* Tue Jun 25 2019 Miro Hrončok - 242-4.git7a6d834 -- Rebuilt for iptables update (libip4tc.so.2) - -* Fri Apr 26 2019 Zbigniew Jędrzejewski-Szmek - 242-3.git7a6d834 -- Add symbol to mark vtable format changes (anything using sd_add_object_vtable - or sd_add_fallback_vtable needs to be rebuilt) -- Fix wireguard ListenPort handling in systemd-networkd -- Fix hang in flush_accept (#1702358) -- Fix handling of RUN keys in udevd -- Some documentation and shell completion updates and minor fixes - -* Tue Apr 16 2019 Adam Williamson - 242-2 -- Rebuild with Meson fix for #1699099 - -* Thu Apr 11 2019 Zbigniew Jędrzejewski-Szmek - 242-1 -- Update to latest release -- Make scriptlet failure non-fatal - -* Tue Apr 9 2019 Zbigniew Jędrzejewski-Szmek - 242~rc4-1 -- Update to latest prerelease - -* Thu Apr 4 2019 Zbigniew Jędrzejewski-Szmek - 242~rc3-1 -- Update to latest prerelease - -* Wed Apr 3 2019 Zbigniew Jędrzejewski-Szmek - 242~rc2-1 -- Update to the latest prerelease. -- The bug reported on latest update that systemd-resolved and systemd-networkd are - re-enabled after upgrade is fixed. - -* Fri Mar 29 2019 Zbigniew Jędrzejewski-Szmek - 241-4.gitcbf14c9 -- Backport various patches from the v241..v242 range: - kernel-install will not create the boot loader entry automatically (#1648907), - various bash completion improvements (#1183769), - memory leaks and such (#1685286). - -* Thu Mar 14 2019 Zbigniew Jędrzejewski-Szmek - 241-3.gitc1f8ff8 -- Declare hyperv and framebuffer devices master-of-seat again (#1683197) - -* Wed Feb 20 2019 Zbigniew Jędrzejewski-Szmek - 241-2.gita09c170 -- Prevent buffer overread in systemd-udevd -- Properly validate dbus paths received over dbus (#1678394, CVE-2019-6454) - -* Sat Feb 9 2019 Zbigniew Jędrzejewski-Szmek - 241~rc2-2 -- Turn LTO back on - -* Tue Feb 5 2019 Zbigniew Jędrzejewski-Szmek - 241~rc2-1 -- Update to latest release -rc2 - -* Sun Feb 03 2019 Fedora Release Engineering - 241~rc1-3 -- Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild - -* Sun Jan 27 2019 Yu Watanabe - 241~rc1-2 -- Backport a patch for kernel-install - -* Sat Jan 26 2019 Zbigniew Jędrzejewski-Szmek - 241~rc1-1 -- Update to latest release -rc1 - -* Tue Jan 15 2019 Zbigniew Jędrzejewski-Szmek - 240-6.gitf02b547 -- Add a work-around for #1663040 - -* Mon Jan 14 2019 Björn Esser - 240-5.gitf02b547 -- Rebuilt for libcrypt.so.2 (#1666033) - -* Fri Jan 11 2019 Zbigniew Jędrzejewski-Szmek - 240-4.gitf02b547 -- Add a work-around for selinux issue on live images (#1663040) - -* Fri Jan 11 2019 Zbigniew Jędrzejewski-Szmek - 240-3.gitf02b547 -- systemd-journald and systemd-journal-remote reject entries which - contain too many fields (CVE-2018-16865, #1664973) and set limits on the - process' command line length (CVE-2018-16864, #1664972) -- $DBUS_SESSION_BUS_ADDRESS is again exported by pam_systemd (#1662857) -- A fix for systemd-udevd crash (#1662303) - -* Sat Dec 22 2018 Zbigniew Jędrzejewski-Szmek - 240-2 -- Add two more patches that revert recent udev changes - -* Fri Dec 21 2018 Zbigniew Jędrzejewski-Szmek - 240-1 -- Update to latest release - See https://github.com/systemd/systemd/blob/master/NEWS for the list of changes. - -* Mon Dec 17 2018 Zbigniew Jędrzejewski-Szmek - 239-10.git9f3aed1 -- Hibernation checks for resume= are rescinded (#1645870) -- Various patches: - - memory issues in logind, networkd, journald (#1653068), sd-device, etc. - - Adaptations for newer meson, lz4, kernel - - Fixes for misleading bugs in documentation -- net.ipv4.conf.all.rp_filter is changed from 1 to 2 - -* Thu Nov 29 2018 Zbigniew Jędrzejewski-Szmek -- Adjust scriptlets to modify /etc/authselect/user-nsswitch.conf - (see https://github.com/pbrezina/authselect/issues/77) -- Drop old scriptlets for nsswitch.conf modifications for nss-mymachines and nss-resolve - -* Sun Nov 18 2018 Alejandro Domínguez Muñoz -- Remove link creation for rsyslog.service - -* Thu Nov 8 2018 Adam Williamson - 239-9.git9f3aed1 -- Go back to using systemctl preset-all in %%post (#1647172, #1118740) - -* Mon Nov 5 2018 Adam Williamson - 239-8.git9f3aed1 -- Requires(post) openssl-libs to fix live image build machine-id issue - See: https://pagure.io/dusty/failed-composes/issue/960 - -* Mon Nov 5 2018 Yu Watanabe -- Set proper attributes to private directories - -* Fri Nov 2 2018 Zbigniew Jędrzejewski-Szmek - 239-7.git9f3aed1 -- Split out the rpm macros into systemd-rpm-macros subpackage (#1645298) - -* Sun Oct 28 2018 Zbigniew Jędrzejewski-Szmek - 239-6.git9f3aed1 -- Fix a local vulnerability from a race condition in chown-recursive (CVE-2018-15687, #1639076) -- Fix a local vulnerability from invalid handling of long lines in state deserialization (CVE-2018-15686, #1639071) -- Fix a remote vulnerability in DHCPv6 in systemd-networkd (CVE-2018-15688, #1639067) -- The DHCP server is started only when link is UP -- DHCPv6 prefix delegation is improved -- Downgrade logging of various messages and add loging in other places -- Many many fixes in error handling and minor memory leaks and such -- Fix typos and omissions in documentation -- Typo in %%_environmnentdir rpm macro is fixed (with backwards compatiblity preserved) -- Matching by MACAddress= in systemd-networkd is fixed -- Creation of user runtime directories is improved, and the user - manager is only stopped after 10 s after the user logs out (#1642460 and other bugs) -- systemd units systemd-timesyncd, systemd-resolved, systemd-networkd are switched back to use DynamicUser=0 -- Aliases are now resolved when loading modules from pid1. This is a (redundant) fix for a brief kernel regression. -- "systemctl --wait start" exits immediately if no valid units are named -- zram devices are not considered as candidates for hibernation -- ECN is not requested for both in- and out-going connections (the sysctl overide for net.ipv4.tcp_ecn is removed) -- Various smaller improvements to unit ordering and dependencies -- generators are now called with the manager's environment -- Handling of invalid (intentionally corrupt) dbus messages is improved, fixing potential local DOS avenues -- The target of symlinks links in .wants/ and .requires/ is now ignored. This fixes an issue where - the unit file would sometimes be loaded from such a symlink, leading to non-deterministic unit contents. -- Filtering of kernel threads is improved. This fixes an issues with newer kernels where hybrid kernel/user - threads are used by bpfilter. -- "noresume" can be used on the kernel command line to force normal boot even if a hibernation images is present -- Hibernation is not advertised if resume= is not present on the kernenl command line -- Hibernation/Suspend/... modes can be disabled using AllowSuspend=, - AllowHibernation=, AllowSuspendThenHibernate=, AllowHybridSleep= -- LOGO= and DOCUMENTATION_URL= are documented for the os-release file -- The hashmap mempool is now only used internally in systemd, and is disabled for external users of the systemd libraries -- Additional state is serialized/deserialized when logind is restarted, fixing the handling of user objects -- Catalog entries for the journal are improved (#1639482) -- If suspend fails, the post-suspend hooks are still called. -- Various build issues on less-common architectures are fixed - -* Wed Oct 3 2018 Jan Synáček - 239-5 -- Fix meson using -Ddebug, which results in FTBFS -- Fix line_begins() to accept word matching full string (#1631840) - -* Mon Sep 10 2018 Zbigniew Jędrzejewski-Szmek - 239-4 -- Move /etc/yum/protected.d/systemd.conf to /etc/dnf/ (#1626969) - -* Wed Jul 18 2018 Terje Rosten - 239-3 -- Ignore return value from systemd-binfmt in scriptlet (#1565425) - -* Sun Jul 15 2018 Filipe Brandenburger - 239-3 -- Override systemd-user PAM config in install and not prep - -* Sat Jul 14 2018 Fedora Release Engineering - 239-3 -- Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild - -* Mon Jun 25 2018 Zbigniew Jędrzejewski-Szmek - 239-2 -- Rebuild for Python 3.7 again - -* Fri Jun 22 2018 Zbigniew Jędrzejewski-Szmek - 239-1 -- Update to latest version, mostly bug fixes and new functionality, - very little breaking changes. See - https://github.com/systemd/systemd/blob/v239/NEWS for details. - -* Tue Jun 19 2018 Miro Hrončok - 238-9.git0e0aa59 -- Rebuilt for Python 3.7 - -* Fri May 11 2018 Zbigniew Jędrzejewski-Szmek - 238-8.git0e0aa59 -- Backport a number of patches (documentation, hwdb updates) -- Fixes for tmpfiles 'e' entries -- systemd-networkd crashes -- XEN virtualization detection on hyper-v -- Avoid relabelling /sys/fs/cgroup if not needed (#1576240) - -* Wed Apr 18 2018 Zbigniew Jędrzejewski-Szmek - 238-7.fc28.1 -- Allow fake Delegate= setting on slices (#1568594) - -* Wed Mar 28 2018 Zbigniew Jędrzejewski-Szmek - 238-7 -- Move udev transfiletriggers to the right package, fix quoting - -* Tue Mar 27 2018 Colin Walters - 238-6 -- Use shell for triggers; see https://github.com/systemd/systemd/pull/8550 - This fixes compatibility with rpm-ostree. - -* Tue Mar 20 2018 Zbigniew Jędrzejewski-Szmek - 238-5 -- Backport patch to revert inadvertent change of "predictable" interface name (#1558027) - -* Fri Mar 16 2018 Zbigniew Jędrzejewski-Szmek - 238-4 -- Do not close dbus connection during dbus reload call (#1554578) - -* Wed Mar 7 2018 Zbigniew Jędrzejewski-Szmek - 238-3 -- Revert the patches for GRUB BootLoaderSpec support -- Add patch for /etc/machine-id creation (#1552843) - -* Tue Mar 6 2018 Yu Watanabe - 238-2 -- Fix transfiletrigger script (#1551793) - -* Mon Mar 5 2018 Zbigniew Jędrzejewski-Szmek - 238-1 -- Update to latest version -- This fixes a hard-to-trigger potential vulnerability (CVE-2018-6954) -- New transfiletriggers are installed for udev hwdb and rules, the journal - catalog, sysctl.d, binfmt.d, sysusers.d, tmpfiles.d. - -* Tue Feb 27 2018 Javier Martinez Canillas - 237-7.git84c8da5 -- Add patch to install kernel images for GRUB BootLoaderSpec support - -* Sat Feb 24 2018 Zbigniew Jędrzejewski-Szmek - 237-6.git84c8da5 -- Create /etc/systemd in %%post libs if necessary (#1548607) - -* Fri Feb 23 2018 Adam Williamson - 237-5.git84c8da5 -- Use : not touch to create file in -libs %%post - -* Thu Feb 22 2018 Patrick Uiterwijk - 237-4.git84c8da5 -- Add coreutils dep for systemd-libs %%post -- Add patch to typecast USB IDs to avoid compile failure - -* Wed Feb 21 2018 Zbigniew Jędrzejewski-Szmek - 237-3.git84c8da5 -- Update some patches for test skipping that were updated upstream - before merging -- Add /usr/lib/systemd/purge-nobody-user — a script to check if nobody is defined - correctly and possibly replace existing mappings - -* Tue Feb 20 2018 Zbigniew Jędrzejewski-Szmek - 237-2.gitdff4849 -- Backport a bunch of patches, most notably for the journal and various - memory issues. Some minor build fixes. -- Switch to new ldconfig macros that do nothing in F28+ -- /etc/systemd/dont-synthesize-nobody is created in %%post if nfsnobody - or nobody users are defined (#1537262) - -* Fri Feb 9 2018 Zbigniew Jędrzejeweski-Szmek - 237-1.git78bd769 -- Update to first stable snapshot (various minor memory leaks and misaccesses, - some documentation bugs, build fixes). - -* Sun Jan 28 2018 Zbigniew Jędrzejewski-Szmek - 237-1 -- Update to latest version - -* Sun Jan 21 2018 Björn Esser - 236-4.git3e14c4c -- Add patch to include if needed - -* Sat Jan 20 2018 Björn Esser - 236-3.git3e14c4c -- Rebuilt for switch to libxcrypt - -* Thu Jan 11 2018 Zbigniew Jędrzejewski-Szmek - 236-2.git23e14c4 -- Backport a bunch of bugfixes from upstream (#1531502, #1531381, #1526621 - various memory corruptions in systemd-networkd) -- /dev/kvm is marked as a static node which fixes permissions on s390x - and ppc64 (#1532382) - -* Fri Dec 15 2017 Zbigniew Jędrzejewski-Szmek - 236-1 -- Update to latest version - -* Mon Dec 11 2017 Zbigniew Jędrzejewski-Szmek - 235-5.git4a0e928 -- Update to latest git snapshot, do not build for realz -- Switch to libidn2 again (#1449145) - -* Tue Nov 07 2017 Zbigniew Jędrzejewski-Szmek - 235-4 -- Rebuild for cryptsetup-2.0.0-0.2.fc28 - -* Wed Oct 25 2017 Zbigniew Jędrzejewski-Szmek - 235-3 -- Backport a bunch of patches, including LP#172535 - -* Wed Oct 18 2017 Zbigniew Jędrzejewski-Szmek - 235-2 -- Patches for cryptsetup _netdev - -* Fri Oct 6 2017 Zbigniew Jędrzejewski-Szmek - 235-1 -- Update to latest version - -* Tue Sep 26 2017 Nathaniel McCallum - 234-8 -- Backport /etc/crypttab _netdev feature from upstream - -* Thu Sep 21 2017 Michal Sekletar - 234-7 -- Make sure to remove all device units sharing the same sysfs path (#1475570) - -* Mon Sep 18 2017 Zbigniew Jędrzejewski-Szmek - 234-6 -- Bump xslt recursion limit for libxslt-1.30 - -* Mon Jul 31 2017 Zbigniew Jędrzejewski-Szmek - 234-5 -- Backport more patches (#1476005, hopefully #1462378) - -* Thu Jul 27 2017 Fedora Release Engineering - 234-4 -- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild - -* Mon Jul 17 2017 Zbigniew Jędrzejewski-Szmek - 234-3 -- Fix x-systemd.timeout=0 in /etc/fstab (#1462378) -- Minor patches (memleaks, --help fixes, seccomp on arm64) - -* Thu Jul 13 2017 Zbigniew Jędrzejewski-Szmek - 234-2 -- Create kvm group (#1431876) - -* Thu Jul 13 2017 Zbigniew Jędrzejewski-Szmek - 234-1 -- Latest release - -* Sat Jul 1 2017 Zbigniew Jędrzejewski-Szmek - 233-7.git74d8f1c -- Update to snapshot -- Build with meson again - -* Tue Jun 27 2017 Zbigniew Jędrzejewski-Szmek - 233-6 -- Fix an out-of-bounds write in systemd-resolved (CVE-2017-9445) - -* Fri Jun 16 2017 Zbigniew Jędrzejewski-Szmek - 233-5.gitec36d05 -- Update to snapshot version, build with meson - -* Thu Jun 15 2017 Zbigniew Jędrzejewski-Szmek - 233-4 -- Backport a bunch of small fixes (memleaks, wrong format strings, - man page clarifications, shell completion) -- Fix systemd-resolved crash on crafted DNS packet (CVE-2017-9217, #1455493) -- Fix systemd-vconsole-setup.service error on systems with no VGA console (#1272686) -- Drop soft-static uid for systemd-journal-gateway -- Use ID from /etc/os-release as ntpvendor - -* Thu Mar 16 2017 Michal Sekletar - 233-3 -- Backport bugfixes from upstream -- Don't return error when machinectl couldn't figure out container IP addresses (#1419501) - -* Thu Mar 2 2017 Zbigniew Jędrzejewski-Szmek - 233-2 -- Fix installation conflict with polkit - -* Thu Mar 2 2017 Zbigniew Jędrzejewski-Szmek - 233-1 -- New upstream release (#1416201, #1405439, #1420753, many others) -- New systemd-tests subpackage with "installed tests" - -* Thu Feb 16 2017 Zbigniew Jędrzejewski-Szmek - 232-15 -- Add %%ghost %%dir entries for .wants dirs of our targets (#1422894) - -* Tue Feb 14 2017 Zbigniew Jędrzejewski-Szmek - 232-14 -- Ignore the hwdb parser test - -* Tue Feb 14 2017 Jan Synáček - 232-14 -- machinectl fails when virtual machine is running (#1419501) - -* Sat Feb 11 2017 Fedora Release Engineering - 232-13 -- Rebuilt for https://fedoraproject.org/wiki/Fedora_26_Mass_Rebuild - -* Tue Jan 31 2017 Zbigniew Jędrzejewski-Szmek - 232-12 -- Backport patch for initrd-switch-root.service getting killed (#1414904) -- Fix sd-journal-gatewayd -D, --trust, and COREDUMP_CONTAINER_CMDLINE - extraction by sd-coredump. - -* Sun Jan 29 2017 zbyszek - 232-11 -- Backport a number of patches (#1411299, #1413075, #1415745, - ##1415358, #1416588, #1408884) -- Fix various memleaks and unitialized variable access -- Shell completion enhancements -- Enable TPM logging by default (#1411156) -- Update hwdb (#1270124) - -* Thu Jan 19 2017 Adam Williamson - 232-10 -- Backport fix for boot failure in initrd-switch-root (#1414904) - -* Wed Jan 18 2017 Zbigniew Jędrzejewski-Szmek - 232-9 -- Add fake dependency on systemd-pam to systemd-devel to ensure systemd-pam - is available as multilib (#1414153) - -* Tue Jan 17 2017 Zbigniew Jędrzejewski-Szmek - 232-8 -- Fix buildsystem to check for lz4 correctly (#1404406) - -* Wed Jan 11 2017 Zbigniew Jędrzejewski-Szmek - 232-7 -- Various small tweaks to scriplets - -* Sat Jan 07 2017 Kevin Fenzi - 232-6 -- Fix scriptlets to never fail in libs post - -* Fri Jan 06 2017 Kevin Fenzi - 232-5 -- Add patch from Michal Schmidt to avoid process substitution (#1392236) - -* Sun Nov 6 2016 Zbigniew Jędrzejewski-Szmek - 232-4 -- Rebuild (#1392236) - -* Fri Nov 4 2016 Zbigniew Jędrzejewski-Szmek - 232-3 -- Make /etc/dbus-1/system.d directory non-%%ghost - -* Fri Nov 4 2016 Zbigniew Jędrzejewski-Szmek - 232-2 -- Fix kernel-install (#1391829) -- Restore previous systemd-user PAM config (#1391836) -- Move journal-upload.conf.5 from systemd main to journal-remote subpackage (#1391833) -- Fix permissions on /var/lib/systemd/journal-upload (#1262665) - -* Thu Nov 3 2016 Zbigniew Jędrzejewski-Szmek - 232-1 -- Update to latest version (#998615, #1181922, #1374371, #1390704, #1384150, #1287161) -- Add %%{_isa} to Provides on arch-full packages (#1387912) -- Create systemd-coredump user in %%pre (#1309574) -- Replace grubby patch with a short-circuiting install.d "plugin" -- Enable nss-systemd in the passwd, group lines in nsswith.conf -- Add [!UNAVAIL=return] fallback after nss-resolve in hosts line in nsswith.conf -- Move systemd-nspawn man pages to the right subpackage (#1391703) - -* Tue Oct 18 2016 Jan Synáček - 231-11 -- SPC - Cannot restart host operating from container (#1384523) - -* Sun Oct 9 2016 Zbigniew Jędrzejewski-Szmek - 231-10 -- Do not recreate /var/log/journal on upgrades (#1383066) -- Move nss-myhostname provides to systemd-libs (#1383271) - -* Fri Oct 7 2016 Zbigniew Jędrzejewski-Szmek - 231-9 -- Fix systemctl set-default (#1374371) -- Prevent systemd-udev-trigger.service from restarting (follow-up for #1378974) - -* Tue Oct 4 2016 Zbigniew Jędrzejewski-Szmek - 231-8 -- Apply fix for #1378974 - -* Mon Oct 3 2016 Zbigniew Jędrzejewski-Szmek - 231-7 -- Apply patches properly - -* Thu Sep 29 2016 Zbigniew Jędrzejewski-Szmek - 231-6 -- Better fix for (#1380286) - -* Thu Sep 29 2016 Zbigniew Jędrzejewski-Szmek - 231-5 -- Denial-of-service bug against pid1 (#1380286) - -* Thu Aug 25 2016 Zbigniew Jędrzejewski-Szmek - 231-4 -- Fix preset-all (#1363858) -- Fix issue with daemon-reload messing up graphics (#1367766) -- A few other bugfixes - -* Wed Aug 03 2016 Adam Williamson - 231-3 -- Revert preset-all change, it broke stuff (#1363858) - -* Wed Jul 27 2016 Zbigniew Jędrzejewski-Szmek - 231-2 -- Call preset-all on initial installation (#1118740) -- Fix botched Recommends for libxkbcommon - -* Tue Jul 26 2016 Zbigniew Jędrzejewski-Szmek - 231-1 -- Update to latest version - -* Wed Jun 8 2016 Zbigniew Jędrzejewski-Szmek - 230-3 -- Update to latest git snapshot (fixes for systemctl set-default, - polkit lingering policy, reversal of the framebuffer rules, - unaligned access fixes, fix for StartupBlockIOWeight-over-dbus). - Those changes are interspersed with other changes and new features - (mostly in lldp, networkd, and nspawn). Some of those new features - might not work, but I think that existing functionality should not - be broken, so it seems worthwile to update to the snapshot. - -* Sat May 21 2016 Zbigniew Jędrzejewski-Szmek - 230-2 -- Remove systemd-compat-libs on upgrade - -* Sat May 21 2016 Zbigniew Jędrzejewski-Szmek - 230-1 -- New version -- Drop compat-libs -- Require libxkbcommon explictly, since the automatic dependency will - not be generated anymore - -* Tue Apr 26 2016 Zbigniew Jędrzejewski-Szmek - 229-15 -- Remove duplicated entries in -container %%files (#1330395) - -* Fri Apr 22 2016 Zbigniew Jędrzejewski-Szmek - 229-14 -- Move installation of udev services to udev subpackage (#1329023) - -* Mon Apr 18 2016 Zbigniew Jędrzejewski-Szmek - 229-13 -- Split out systemd-pam subpackage (#1327402) - -* Mon Apr 18 2016 Harald Hoyer - 229-12 -- move more binaries and services from the main package to subpackages - -* Mon Apr 18 2016 Harald Hoyer - 229-11 -- move more binaries and services from the main package to subpackages - -* Mon Apr 18 2016 Harald Hoyer - 229-10 -- move device dependant stuff to the udev subpackage - -* Tue Mar 22 2016 Zbigniew Jędrzejewski-Szmek - 229-9 -- Add myhostname to /etc/nsswitch.conf (#1318303) - -* Mon Mar 21 2016 Harald Hoyer - 229-8 -- fixed kernel-install for copying files for grubby -Resolves: rhbz#1299019 - -* Thu Mar 17 2016 Zbigniew Jędrzejewski-Szmek - 229-7 -- Moar patches (#1316964, #1317928) -- Move vconsole-setup and tmpfiles-setup-dev bits to systemd-udev -- Protect systemd-udev from deinstallation - -* Fri Mar 11 2016 Zbigniew Jędrzejewski-Szmek - 229-6 -- Create /etc/resolv.conf symlink from systemd-resolved (#1313085) - -* Fri Mar 4 2016 Zbigniew Jędrzejewski-Szmek - 229-5 -- Split out systemd-container subpackage (#1163412) -- Split out system-udev subpackage -- Add various bugfix patches, incl. a tentative fix for #1308771 - -* Tue Mar 1 2016 Peter Robinson 229-4 -- Power64 and s390(x) now have libseccomp support -- aarch64 has gnu-efi - -* Tue Feb 23 2016 Jan Synáček - 229-3 -- Fix build failures on ppc64 (#1310800) - -* Tue Feb 16 2016 Dennis Gilmore - 229-2 -- revert: fixed kernel-install for copying files for grubby -Resolves: rhbz#1299019 -- this causes the dtb files to not get installed at all and the fdtdir -- line in extlinux.conf to not get updated correctly - -* Thu Feb 11 2016 Michal Sekletar - 229-1 -- New upstream release - -* Thu Feb 11 2016 Harald Hoyer - 228-10.gite35a787 -- fixed kernel-install for copying files for grubby -Resolves: rhbz#1299019 - -* Fri Feb 05 2016 Fedora Release Engineering - 228-9.gite35a787 -- Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild - -* Wed Jan 27 2016 Peter Robinson 228-8.gite35a787 -- Rebuild for binutils on aarch64 fix - -* Fri Jan 08 2016 Dan Horák - 228-7.gite35a787 -- apply the conflict with fedora-release only in Fedora - -* Thu Dec 10 2015 Jan Synáček - 228-6.gite35a787 -- Fix rawhide build failures on ppc64 (#1286249) - -* Sun Nov 29 2015 Zbigniew Jędrzejewski-Szmek - 228-6.gite35a787 -- Create /etc/systemd/network (#1286397) - -* Thu Nov 26 2015 Zbigniew Jędrzejewski-Szmek - 228-5.gite35a787 -- Do not install nss modules by default - -* Tue Nov 24 2015 Zbigniew Jędrzejewski-Szmek - 228-4.gite35a787 -- Update to latest upstream git: there is a bunch of fixes - (nss-mymachines overflow bug, networkd fixes, more completions are - properly installed), mixed with some new resolved features. -- Rework file triggers so that they always run before daemons are restarted - -* Thu Nov 19 2015 Zbigniew Jędrzejewski-Szmek - 228-3 -- Enable rpm file triggers for daemon-reload - -* Thu Nov 19 2015 Zbigniew Jędrzejewski-Szmek - 228-2 -- Fix version number in obsoleted package name (#1283452) - -* Wed Nov 18 2015 Kay Sievers - 228-1 -- New upstream release - -* Thu Nov 12 2015 Zbigniew Jędrzejewski-Szmek - 227-7 -- Rename journal-gateway subpackage to journal-remote -- Ignore the access mode on /var/log/journal (#1048424) -- Do not assume fstab is present (#1281606) - -* Wed Nov 11 2015 Fedora Release Engineering - 227-6 -- Rebuilt for https://fedoraproject.org/wiki/Changes/python3.5 - -* Tue Nov 10 2015 Lukáš Nykrýn - 227-5 -- Rebuild for libmicrohttpd soname bump - -* Fri Nov 06 2015 Robert Kuska - 227-4 -- Rebuilt for Python3.5 rebuild - -* Wed Nov 4 2015 Zbigniew Jędrzejewski-Szmek - 227-3 -- Fix syntax in kernel-install (#1277264) - -* Tue Nov 03 2015 Michal Schmidt - 227-2 -- Rebuild for libmicrohttpd soname bump. - -* Wed Oct 7 2015 Kay Sievers - 227-1 -- New upstream release - -* Fri Sep 18 2015 Jan Synáček - 226-3 -- user systemd-journal-upload should be in systemd-journal group (#1262743) - -* Fri Sep 18 2015 Kay Sievers - 226-2 -- Add selinux to system-user PAM config - -* Tue Sep 8 2015 Kay Sievers - 226-1 -- New upstream release - -* Thu Aug 27 2015 Kay Sievers - 225-1 -- New upstream release - -* Fri Jul 31 2015 Kay Sievers - 224-1 -- New upstream release - -* Wed Jul 29 2015 Kay Sievers - 223-2 -- update to git snapshot - -* Wed Jul 29 2015 Kay Sievers - 223-1 -- New upstream release - -* Thu Jul 9 2015 Zbigniew Jędrzejewski-Szmek - 222-2 -- Remove python subpackages (python-systemd in now standalone) - -* Tue Jul 7 2015 Kay Sievers - 222-1 -- New upstream release - -* Mon Jul 6 2015 Kay Sievers - 221-5.git619b80a -- update to git snapshot - -* Mon Jul 6 2015 Zbigniew Jędrzejewski-Szmek - 221-4.git604f02a -- Add example file with yama config (#1234951) - -* Sun Jul 5 2015 Kay Sievers - 221-3.git604f02a -- update to git snapshot - -* Mon Jun 22 2015 Kay Sievers - 221-2 -- build systemd-boot EFI tools - -* Fri Jun 19 2015 Lennart Poettering - 221-1 -- New upstream release -- Undoes botched translation check, should be reinstated later? - -* Fri Jun 19 2015 Fedora Release Engineering - 220-10 -- Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild - -* Thu Jun 11 2015 Peter Robinson 220-9 -- The gold linker is now fixed on aarch64 - -* Tue Jun 9 2015 Zbigniew Jędrzejewski-Szmek - 220-8 -- Remove gudev which is now provided as separate package (libgudev) -- Fix for spurious selinux denials (#1224211) -- Udev change events (#1225905) -- Patches for some potential crashes -- ProtectSystem=yes does not touch /home -- Man page fixes, hwdb updates, shell completion updates -- Restored persistent device symlinks for bcache, xen block devices -- Tag all DRM cards as master-of-seat - -* Tue Jun 09 2015 Harald Hoyer 220-7 -- fix udev block device watch - -* Tue Jun 09 2015 Harald Hoyer 220-6 -- add support for network disk encryption - -* Sun Jun 7 2015 Peter Robinson 220-5 -- Disable gold on aarch64 until it's fixed (tracked in rhbz #1225156) - -* Sat May 30 2015 Zbigniew Jędrzejewski-Szmek - 220-4 -- systemd-devel should require systemd-libs, not the main package (#1226301) -- Check for botched translations (#1226566) -- Make /etc/udev/hwdb.d part of the rpm (#1226379) - -* Thu May 28 2015 Richard W.M. Jones - 220-3 -- Add patch to fix udev --daemon not cleaning child processes - (upstream commit 86c3bece38bcf5). - -* Wed May 27 2015 Richard W.M. Jones - 220-2 -- Add patch to fix udev --daemon crash (upstream commit 040e689654ef08). - -* Thu May 21 2015 Lennart Poettering - 220-1 -- New upstream release -- Drop /etc/mtab hack, as that's apparently fixed in mock now (#1116158) -- Remove ghosting for /etc/systemd/system/runlevel*.target, these - targets are not configurable anymore in systemd upstream -- Drop work-around for #1002806, since this is solved upstream now - -* Wed May 20 2015 Dennis Gilmore - 219-15 -- fix up the conflicts version for fedora-release - -* Wed May 20 2015 Zbigniew Jędrzejewski-Szmek - 219-14 -- Remove presets (#1221340) -- Fix (potential) crash and memory leak in timedated, locking failure - in systemd-nspawn, crash in resolved. -- journalctl --list-boots should be faster -- zsh completions are improved -- various ommissions in docs are corrected (#1147651) -- VARIANT and VARIANT_ID fields in os-release are documented -- systemd-fsck-root.service is generated in the initramfs (#1201979, #1107818) -- systemd-tmpfiles should behave better on read-only file systems (#1207083) - -* Wed Apr 29 2015 Zbigniew Jędrzejewski-Szmek - 219-13 -- Patches for some outstanding annoyances -- Small keyboard hwdb updates - -* Wed Apr 8 2015 Zbigniew Jędrzejewski-Szmek - 219-12 -- Tighten requirements between subpackages (#1207381). - -* Sun Mar 22 2015 Zbigniew Jędrzejewski-Szmek - 219-11 -- Move all parts systemd-journal-{remote,upload} to - systemd-journal-gatewayd subpackage (#1193143). -- Create /var/lib/systemd/journal-upload directory (#1193145). -- Cut out lots of stupid messages at debug level which were obscuring more - important stuff. -- Apply "tentative" state for devices only when they are added, not removed. -- Ignore invalid swap pri= settings (#1204336) -- Fix SELinux check for timedated operations to enable/disable ntp (#1014315) -- Fix comparing of filesystem paths (#1184016) - -* Sat Mar 14 2015 Zbigniew Jędrzejewski-Szmek - 219-10 -- Fixes for bugs 1186018, 1195294, 1185604, 1196452. -- Hardware database update. -- Documentation fixes. -- A fix for journalctl performance regression. -- Fix detection of inability to open files in journalctl. -- Detect SuperH architecture properly. -- The first of duplicate lines in tmpfiles wins again. -- Do vconsole setup after loading vconsole driver, not fbcon. -- Fix problem where some units were restarted during systemd reexec. -- Fix race in udevadm settle tripping up NetworkManager. -- Downgrade various log messages. -- Fix issue where journal-remote would process some messages with a delay. -- GPT /srv partition autodiscovery is fixed. -- Reconfigure old Finnish keymaps in post (#1151958) - -* Tue Mar 10 2015 Jan Synáček - 219-9 -- Buttons on Lenovo X6* tablets broken (#1198939) - -* Tue Mar 3 2015 Zbigniew Jędrzejewski-Szmek - 219-8 -- Reworked device handling (#1195761) -- ACL handling fixes (with a script in %%post) -- Various log messages downgraded (#1184712) -- Allow PIE on s390 again (#1197721) - -* Wed Feb 25 2015 Michal Schmidt - 219-7 -- arm: reenable lto. gcc-5.0.0-0.16 fixed the crash (#1193212) - -* Tue Feb 24 2015 Colin Walters - 219-6 -- Revert patch that breaks Atomic/OSTree (#1195761) - -* Fri Feb 20 2015 Michal Schmidt - 219-5 -- Undo the resolv.conf workaround, Aim for a proper fix in Rawhide. - -* Fri Feb 20 2015 Michal Schmidt - 219-4 -- Revive fedora-disable-resolv.conf-symlink.patch to unbreak composes. - -* Wed Feb 18 2015 Michal Schmidt - 219-3 -- arm: disabling gold did not help; disable lto instead (#1193212) - -* Tue Feb 17 2015 Peter Jones - 219-2 -- Update 90-default.present for dbxtool. - -* Mon Feb 16 2015 Lennart Poettering - 219-1 -- New upstream release -- This removes the sysctl/bridge hack, a different solution needs to be found for this (see #634736) -- This removes the /etc/resolv.conf hack, anaconda needs to fix their handling of /etc/resolv.conf as symlink -- This enables "%%check" -- disable gold on arm, as that is broken (see #1193212) - -* Mon Feb 16 2015 Peter Robinson 218-6 -- aarch64 now has seccomp support - -* Thu Feb 05 2015 Michal Schmidt - 218-5 -- Don't overwrite systemd.macros with unrelated Source file. - -* Thu Feb 5 2015 Jan Synáček - 218-4 -- Add a touchpad hwdb (#1189319) - -* Thu Jan 15 2015 Zbigniew Jędrzejewski-Szmek - 218-4 -- Enable xkbcommon dependency to allow checking of keymaps -- Fix permissions of /var/log/journal (#1048424) -- Enable timedatex in presets (#1187072) -- Disable rpcbind in presets (#1099595) - -* Wed Jan 7 2015 Jan Synáček - 218-3 -- RFE: journal: automatically rotate the file if it is unlinked (#1171719) - -* Mon Jan 05 2015 Zbigniew Jędrzejewski-Szmek - 218-3 -- Add firewall description files (#1176626) - -* Thu Dec 18 2014 Jan Synáček - 218-2 -- systemd-nspawn doesn't work on s390/s390x (#1175394) - -* Wed Dec 10 2014 Lennart Poettering - 218-1 -- New upstream release -- Enable "nss-mymachines" in /etc/nsswitch.conf - -* Thu Nov 06 2014 Zbigniew Jędrzejewski-Szmek - 217-4 -- Change libgudev1 to only require systemd-libs (#727499), there's - no need to require full systemd stack. -- Fixes for bugs #1159448, #1152220, #1158035. -- Bash completions updates to allow propose more units for start/restart, - and completions for set-default,get-default. -- Again allow systemctl enable of instances. -- Hardware database update and fixes. -- Udev crash on invalid options and kernel commandline timeout parsing are fixed. -- Add "embedded" chassis type. -- Sync before 'reboot -f'. -- Fix restarting of timer units. - -* Wed Nov 05 2014 Michal Schmidt - 217-3 -- Fix hanging journal flush (#1159641) - -* Fri Oct 31 2014 Michal Schmidt - 217-2 -- Fix ordering cycles involving systemd-journal-flush.service and - remote-fs.target (#1159117) - -* Tue Oct 28 2014 Lennart Poettering - 217-1 -- New upstream release - -* Fri Oct 17 2014 Zbigniew Jędrzejewski-Szmek - 216-12 -- Drop PackageKit.service from presets (#1154126) - -* Mon Oct 13 2014 Zbigniew Jędrzejewski-Szmek - 216-11 -- Conflict with old versions of initscripts (#1152183) -- Remove obsolete Finnish keymap (#1151958) - -* Fri Oct 10 2014 Zbigniew Jędrzejewski-Szmek - 216-10 -- Fix a problem with voluntary daemon exits and some other bugs - (#1150477, #1095962, #1150289) - -* Fri Oct 03 2014 Zbigniew Jędrzejewski-Szmek - 216-9 -- Update to latest git, but without the readahead removal patch - (#1114786, #634736) - -* Wed Oct 01 2014 Kay Sievers - 216-8 -- revert "don't reset selinux context during CHANGE events" - -* Wed Oct 01 2014 Lukáš Nykrýn - 216-7 -- add temporary workaround for #1147910 -- don't reset selinux context during CHANGE events - -* Wed Sep 10 2014 Michal Schmidt - 216-6 -- Update timesyncd with patches to avoid hitting NTP pool too often. - -* Tue Sep 09 2014 Michal Schmidt - 216-5 -- Use common CONFIGURE_OPTS for build2 and build3. -- Configure timesyncd with NTP servers from Fedora/RHEL vendor zone. - -* Wed Sep 03 2014 Zbigniew Jędrzejewski-Szmek - 216-4 -- Move config files for sd-j-remote/upload to sd-journal-gateway subpackage (#1136580) - -* Thu Aug 28 2014 Peter Robinson 216-3 -- Drop no LTO build option for aarch64/s390 now it's fixed in binutils (RHBZ 1091611) - -* Thu Aug 21 2014 Zbigniew Jędrzejewski-Szmek - 216-2 -- Re-add patch to disable resolve.conf symlink (#1043119) - -* Wed Aug 20 2014 Lennart Poettering - 216-1 -- New upstream release - -* Mon Aug 18 2014 Fedora Release Engineering - 215-12 -- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - -* Wed Aug 13 2014 Dan Horák 215-11 -- disable LTO also on s390(x) - -* Sat Aug 09 2014 Harald Hoyer 215-10 -- fixed PPC64LE - -* Wed Aug 6 2014 Tom Callaway - 215-9 -- fix license handling - -* Wed Jul 30 2014 Zbigniew Jędrzejewski-Szmek - 215-8 -- Create systemd-journal-remote and systemd-journal-upload users (#1118907) - -* Thu Jul 24 2014 Zbigniew Jędrzejewski-Szmek - 215-7 -- Split out systemd-compat-libs subpackage - -* Tue Jul 22 2014 Kalev Lember - 215-6 -- Rebuilt for gobject-introspection 1.41.4 - -* Mon Jul 21 2014 Zbigniew Jędrzejewski-Szmek - 215-5 -- Fix SELinux context of /etc/passwd-, /etc/group-, /etc/.updated (#1121806) -- Add missing BR so gnutls and elfutils are used - -* Sat Jul 19 2014 Zbigniew Jędrzejewski-Szmek - 215-4 -- Various man page updates -- Static device node logic is conditionalized on CAP_SYS_MODULES instead of CAP_MKNOD - for better behaviour in containers -- Some small networkd link handling fixes -- vconsole-setup runs setfont before loadkeys (https://bugs.freedesktop.org/show_bug.cgi?id=80685) -- New systemd-escape tool -- XZ compression settings are tweaked to greatly improve journald performance -- "watch" is accepted as chassis type -- Various sysusers fixes, most importantly correct selinux labels -- systemd-timesyncd bug fix (https://bugs.freedesktop.org/show_bug.cgi?id=80932) -- Shell completion improvements -- New udev tag ID_SOFTWARE_RADIO can be used to instruct logind to allow user access -- XEN and s390 virtualization is properly detected - -* Mon Jul 07 2014 Colin Walters - 215-3 -- Add patch to disable resolve.conf symlink (#1043119) - -* Sun Jul 06 2014 Zbigniew Jędrzejewski-Szmek - 215-2 -- Move systemd-journal-remote to systemd-journal-gateway package (#1114688) -- Disable /etc/mtab handling temporarily (#1116158) - -* Thu Jul 03 2014 Lennart Poettering - 215-1 -- New upstream release -- Enable coredump logic (which abrt would normally override) - -* Sun Jun 29 2014 Peter Robinson 214-5 -- On aarch64 disable LTO as it still has issues on that arch - -* Thu Jun 26 2014 Zbigniew Jędrzejewski-Szmek - 214-4 -- Bugfixes (#996133, #1112908) - -* Mon Jun 23 2014 Zbigniew Jędrzejewski-Szmek - 214-3 -- Actually create input group (#1054549) - -* Sun Jun 22 2014 Zbigniew Jędrzejewski-Szmek - 214-2 -- Do not restart systemd-logind on upgrades (#1110697) -- Add some patches (#1081429, #1054549, #1108568, #928962) - -* Wed Jun 11 2014 Lennart Poettering - 214-1 -- New upstream release -- Get rid of "floppy" group, since udev uses "disk" now -- Reenable LTO - -* Sun Jun 08 2014 Fedora Release Engineering - 213-4 -- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild - -* Wed May 28 2014 Kay Sievers - 213-3 -- fix systemd-timesync user creation - -* Wed May 28 2014 Michal Sekletar - 213-2 -- Create temporary files after installation (#1101983) -- Add sysstat-collect.timer, sysstat-summary.timer to preset policy (#1101621) - -* Wed May 28 2014 Kay Sievers - 213-1 -- New upstream release - -* Tue May 27 2014 Kalev Lember - 212-6 -- Rebuilt for https://fedoraproject.org/wiki/Changes/Python_3.4 - -* Fri May 23 2014 Adam Williamson - 212-5 -- revert change from 212-4, causes boot fail on single CPU boxes (RHBZ 1095891) - -* Wed May 07 2014 Kay Sievers - 212-4 -- add netns udev workaround - -* Wed May 07 2014 Michal Sekletar - 212-3 -- enable uuidd.socket by default (#1095353) - -* Sat Apr 26 2014 Peter Robinson 212-2 -- Disable building with -flto for the moment due to gcc 4.9 issues (RHBZ 1091611) - -* Tue Mar 25 2014 Lennart Poettering - 212-1 -- New upstream release - -* Mon Mar 17 2014 Peter Robinson 211-2 -- Explicitly define which upstream platforms support libseccomp - -* Tue Mar 11 2014 Lennart Poettering - 211-1 -- New upstream release - -* Mon Mar 10 2014 Zbigniew Jędrzejewski-Szmek - 210-8 -- Fix logind unpriviledged reboot issue and a few other minor fixes -- Limit generator execution time -- Recognize buttonless joystick types - -* Fri Mar 07 2014 Karsten Hopp 210-7 -- ppc64le needs link warnings disabled, too - -* Fri Mar 07 2014 Karsten Hopp 210-6 -- move ifarch ppc64le to correct place (libseccomp req) - -* Fri Mar 07 2014 Zbigniew Jędrzejewski-Szmek - 210-5 -- Bugfixes: #1047568, #1047039, #1071128, #1073402 -- Bash completions for more systemd tools -- Bluetooth database update -- Manpage fixes - -* Thu Mar 06 2014 Zbigniew Jędrzejewski-Szmek - 210-4 -- Apply work-around for ppc64le too (#1073647). - -* Sat Mar 01 2014 Zbigniew Jędrzejewski-Szmek - 210-3 -- Backport a few patches, add completion for systemd-nspawn. - -* Fri Feb 28 2014 Zbigniew Jędrzejewski-Szmek - 210-3 -- Apply work-arounds for ppc/ppc64 for bugs 1071278 and 1071284 - -* Mon Feb 24 2014 Lennart Poettering - 210-2 -- Check more services against preset list and enable by default - -* Mon Feb 24 2014 Lennart Poettering - 210-1 -- new upstream release - -* Sun Feb 23 2014 Zbigniew Jędrzejewski-Szmek - 209-2.gitf01de96 -- Enable dnssec-triggerd.service by default (#1060754) - -* Sun Feb 23 2014 Kay Sievers - 209-2.gitf01de96 -- git snapshot to sort out ARM build issues - -* Thu Feb 20 2014 Lennart Poettering - 209-1 -- new upstream release - -* Tue Feb 18 2014 Zbigniew Jędrzejewski-Szmek - 208-15 -- Make gpsd lazily activated (#1066421) - -* Mon Feb 17 2014 Zbigniew Jędrzejewski-Szmek - 208-14 -- Back out patch which causes user manager to be destroyed when unneeded - and spams logs (#1053315) - -* Sun Feb 16 2014 Zbigniew Jędrzejewski-Szmek - 208-13 -- A different fix for #1023820 taken from Mageia -- Backported fix for #997031 -- Hardward database updates, man pages improvements, a few small memory - leaks, utf-8 correctness and completion fixes -- Support for key-slot option in crypttab - -* Sat Jan 25 2014 Ville Skyttä - 208-12 -- Own the %%{_prefix}/lib/kernel(/*) and %%{_datadir}/zsh(/*) dirs. - -* Tue Dec 03 2013 Zbigniew Jędrzejewski-Szmek - 208-11 -- Backport a few fixes, relevant documentation updates, and HWDB changes - (#1051797, #1051768, #1047335, #1047304, #1047186, #1045849, #1043304, - #1043212, #1039351, #1031325, #1023820, #1017509, #953077) -- Flip journalctl to --full by default (#984758) - -* Tue Dec 03 2013 Zbigniew Jędrzejewski-Szmek - 208-9 -- Apply two patches for #1026860 - -* Tue Dec 03 2013 Zbigniew Jędrzejewski-Szmek - 208-8 -- Bump release to stay ahead of f20 - -* Tue Dec 03 2013 Zbigniew Jędrzejewski-Szmek - 208-7 -- Backport patches (#1023041, #1036845, #1006386?) -- HWDB update -- Some small new features: nspawn --drop-capability=, running PID 1 under - valgrind, "yearly" and "annually" in calendar specifications -- Some small documentation and logging updates - -* Tue Nov 19 2013 Zbigniew Jędrzejewski-Szmek - 208-6 -- Bump release to stay ahead of f20 - -* Tue Nov 19 2013 Zbigniew Jędrzejewski-Szmek - 208-5 -- Use unit name in PrivateTmp= directories (#957439) -- Update manual pages, completion scripts, and hardware database -- Configurable Timeouts/Restarts default values -- Support printing of timestamps on the console -- Fix some corner cases in detecting when writing to the console is safe -- Python API: convert keyword values to string, fix sd_is_booted() wrapper -- Do not tread missing /sbin/fsck.btrfs as an error (#1015467) -- Allow masking of fsck units -- Advertise hibernation to swap files -- Fix SO_REUSEPORT settings -- Prefer converted xkb keymaps to legacy keymaps (#981805, #1026872) -- Make use of newer kmod -- Assorted bugfixes: #1017161, #967521, #988883, #1027478, #821723, #1014303 - -* Tue Oct 22 2013 Zbigniew Jędrzejewski-Szmek - 208-4 -- Add temporary fix for #1002806 - -* Mon Oct 21 2013 Zbigniew Jędrzejewski-Szmek - 208-3 -- Backport a bunch of fixes and hwdb updates - -* Wed Oct 2 2013 Lennart Poettering - 208-2 -- Move old random seed and backlight files into the right place - -* Wed Oct 2 2013 Lennart Poettering - 208-1 -- New upstream release - -* Thu Sep 26 2013 Zbigniew Jędrzejewski-Szmek 207-5 -- Do not create /var/var/... dirs - -* Wed Sep 18 2013 Zbigniew Jędrzejewski-Szmek 207-4 -- Fix policykit authentication -- Resolves: rhbz#1006680 - -* Tue Sep 17 2013 Harald Hoyer 207-3 -- fixed login -- Resolves: rhbz#1005233 - -* Mon Sep 16 2013 Harald Hoyer 207-2 -- add some upstream fixes for 207 -- fixed swap activation -- Resolves: rhbz#1008604 - -* Fri Sep 13 2013 Lennart Poettering - 207-1 -- New upstream release - -* Fri Sep 06 2013 Harald Hoyer 206-11 -- support "debug" kernel command line parameter -- journald: fix fd leak in journal_file_empty -- journald: fix vacuuming of archived journals -- libudev: enumerate - do not try to match against an empty subsystem -- cgtop: fixup the online help -- libudev: fix memleak when enumerating childs - -* Wed Sep 04 2013 Harald Hoyer 206-10 -- Do not require grubby, lorax now takes care of grubby -- cherry-picked a lot of patches from upstream - -* Tue Aug 27 2013 Dennis Gilmore - 206-9 -- Require grubby, Fedora installs require grubby, -- kernel-install took over from new-kernel-pkg -- without the Requires we are unable to compose Fedora -- everyone else says that since kernel-install took over -- it is responsible for ensuring that grubby is in place -- this is really what we want for Fedora - -* Tue Aug 27 2013 Kay Sievers - 206-8 -- Revert "Require grubby its needed by kernel-install" - -* Mon Aug 26 2013 Dennis Gilmore 206-7 -- Require grubby its needed by kernel-install - -* Thu Aug 22 2013 Harald Hoyer 206-6 -- kernel-install now understands kernel flavors like PAE - -* Tue Aug 20 2013 Rex Dieter - 206-5 -- add sddm.service to preset file (#998978) - -* Fri Aug 16 2013 Zbigniew Jędrzejewski-Szmek - 206-4 -- Filter out provides for private python modules. -- Add requires on kmod >= 14 (#990994). - -* Sun Aug 11 2013 Zbigniew Jedrzejewski-Szmek - 206-3 -- New systemd-python3 package (#976427). -- Add ownership of a few directories that we create (#894202). - -* Sun Aug 04 2013 Fedora Release Engineering - 206-2 -- Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - -* Tue Jul 23 2013 Kay Sievers - 206-1 -- New upstream release - Resolves (#984152) - -* Wed Jul 3 2013 Lennart Poettering - 205-1 -- New upstream release - -* Wed Jun 26 2013 Michal Schmidt 204-10 -- Split systemd-journal-gateway subpackage (#908081). - -* Mon Jun 24 2013 Michal Schmidt 204-9 -- Rename nm_dispatcher to NetworkManager-dispatcher in default preset (#977433) - -* Fri Jun 14 2013 Harald Hoyer 204-8 -- fix, which helps to sucessfully browse journals with - duplicated seqnums - -* Fri Jun 14 2013 Harald Hoyer 204-7 -- fix duplicate message ID bug -Resolves: rhbz#974132 - -* Thu Jun 06 2013 Harald Hoyer 204-6 -- introduce 99-default-disable.preset - -* Thu Jun 6 2013 Lennart Poettering - 204-5 -- Rename 90-display-manager.preset to 85-display-manager.preset so that it actually takes precedence over 90-default.preset's "disable *" line (#903690) - -* Tue May 28 2013 Harald Hoyer 204-4 -- Fix kernel-install (#965897) - -* Wed May 22 2013 Kay Sievers - 204-3 -- Fix kernel-install (#965897) - -* Thu May 9 2013 Lennart Poettering - 204-2 -- New upstream release -- disable isdn by default (#959793) - -* Tue May 07 2013 Harald Hoyer 203-2 -- forward port kernel-install-grubby.patch - -* Tue May 7 2013 Lennart Poettering - 203-1 -- New upstream release - -* Wed Apr 24 2013 Harald Hoyer 202-3 -- fix ENOENT for getaddrinfo -- Resolves: rhbz#954012 rhbz#956035 -- crypt-setup-generator: correctly check return of strdup -- logind-dbus: initialize result variable -- prevent library underlinking - -* Fri Apr 19 2013 Harald Hoyer 202-2 -- nspawn create empty /etc/resolv.conf if necessary -- python wrapper: add sd_journal_add_conjunction() -- fix s390 booting -- Resolves: rhbz#953217 - -* Thu Apr 18 2013 Lennart Poettering - 202-1 -- New upstream release - -* Tue Apr 09 2013 Michal Schmidt - 201-2 -- Automatically discover whether to run autoreconf and add autotools and git - BuildRequires based on the presence of patches to be applied. -- Use find -delete. - -* Mon Apr 8 2013 Lennart Poettering - 201-1 -- New upstream release - -* Mon Apr 8 2013 Lennart Poettering - 200-4 -- Update preset file - -* Fri Mar 29 2013 Lennart Poettering - 200-3 -- Remove NetworkManager-wait-online.service from presets file again, it should default to off - -* Fri Mar 29 2013 Lennart Poettering - 200-2 -- New upstream release - -* Tue Mar 26 2013 Lennart Poettering - 199-2 -- Add NetworkManager-wait-online.service to the presets file - -* Tue Mar 26 2013 Lennart Poettering - 199-1 -- New upstream release - -* Mon Mar 18 2013 Michal Schmidt 198-7 -- Drop /usr/s?bin/ prefixes. - -* Fri Mar 15 2013 Harald Hoyer 198-6 -- run autogen to pickup all changes - -* Fri Mar 15 2013 Harald Hoyer 198-5 -- do not mount anything, when not running as pid 1 -- add initrd.target for systemd in the initrd - -* Wed Mar 13 2013 Harald Hoyer 198-4 -- fix switch-root and local-fs.target problem -- patch kernel-install to use grubby, if available - -* Fri Mar 08 2013 Harald Hoyer 198-3 -- add Conflict with dracut < 026 because of the new switch-root isolate - -* Thu Mar 7 2013 Lennart Poettering - 198-2 -- Create required users - -* Thu Mar 7 2013 Lennart Poettering - 198-1 -- New release -- Enable journal persistancy by default - -* Sun Feb 10 2013 Peter Robinson 197-3 -- Bump for ARM - -* Fri Jan 18 2013 Michal Schmidt - 197-2 -- Added qemu-guest-agent.service to presets (Lennart, #885406). -- Add missing pygobject3-base to systemd-analyze deps (Lennart). -- Do not require hwdata, it is all in the hwdb now (Kay). -- Drop dependency on dbus-python. - -* Tue Jan 8 2013 Lennart Poettering - 197-1 -- New upstream release - -* Mon Dec 10 2012 Michal Schmidt - 196-4 -- Enable rngd.service by default (#857765). - -* Mon Dec 10 2012 Michal Schmidt - 196-3 -- Disable hardening on s390(x) because PIE is broken there and produces - text relocations with __thread (#868839). - -* Wed Dec 05 2012 Michal Schmidt - 196-2 -- added spice-vdagentd.service to presets (Lennart, #876237) -- BR cryptsetup-devel instead of the legacy cryptsetup-luks-devel provide name - (requested by Milan Brož). -- verbose make to see the actual build flags - -* Wed Nov 21 2012 Lennart Poettering - 196-1 -- New upstream release - -* Tue Nov 20 2012 Lennart Poettering - 195-8 -- https://bugzilla.redhat.com/show_bug.cgi?id=873459 -- https://bugzilla.redhat.com/show_bug.cgi?id=878093 - -* Thu Nov 15 2012 Michal Schmidt - 195-7 -- Revert udev killing cgroup patch for F18 Beta. -- https://bugzilla.redhat.com/show_bug.cgi?id=873576 - -* Fri Nov 09 2012 Michal Schmidt - 195-6 -- Fix cyclical dep between systemd and systemd-libs. -- Avoid broken build of test-journal-syslog. -- https://bugzilla.redhat.com/show_bug.cgi?id=873387 -- https://bugzilla.redhat.com/show_bug.cgi?id=872638 - -* Thu Oct 25 2012 Kay Sievers - 195-5 -- require 'sed', limit HOSTNAME= match - -* Wed Oct 24 2012 Michal Schmidt - 195-4 -- add dmraid-activation.service to the default preset -- add yum protected.d fragment -- https://bugzilla.redhat.com/show_bug.cgi?id=869619 -- https://bugzilla.redhat.com/show_bug.cgi?id=869717 - -* Wed Oct 24 2012 Kay Sievers - 195-3 -- Migrate /etc/sysconfig/ i18n, keyboard, network files/variables to - systemd native files - -* Tue Oct 23 2012 Lennart Poettering - 195-2 -- Provide syslog because the journal is fine as a syslog implementation - -* Tue Oct 23 2012 Lennart Poettering - 195-1 -- New upstream release -- https://bugzilla.redhat.com/show_bug.cgi?id=831665 -- https://bugzilla.redhat.com/show_bug.cgi?id=847720 -- https://bugzilla.redhat.com/show_bug.cgi?id=858693 -- https://bugzilla.redhat.com/show_bug.cgi?id=863481 -- https://bugzilla.redhat.com/show_bug.cgi?id=864629 -- https://bugzilla.redhat.com/show_bug.cgi?id=864672 -- https://bugzilla.redhat.com/show_bug.cgi?id=864674 -- https://bugzilla.redhat.com/show_bug.cgi?id=865128 -- https://bugzilla.redhat.com/show_bug.cgi?id=866346 -- https://bugzilla.redhat.com/show_bug.cgi?id=867407 -- https://bugzilla.redhat.com/show_bug.cgi?id=868603 - -* Wed Oct 10 2012 Michal Schmidt - 194-2 -- Add scriptlets for migration away from systemd-timedated-ntp.target - -* Wed Oct 3 2012 Lennart Poettering - 194-1 -- New upstream release -- https://bugzilla.redhat.com/show_bug.cgi?id=859614 -- https://bugzilla.redhat.com/show_bug.cgi?id=859655 - -* Fri Sep 28 2012 Lennart Poettering - 193-1 -- New upstream release - -* Tue Sep 25 2012 Lennart Poettering - 192-1 -- New upstream release - -* Fri Sep 21 2012 Lennart Poettering - 191-2 -- Fix journal mmap header prototype definition to fix compilation on 32bit - -* Fri Sep 21 2012 Lennart Poettering - 191-1 -- New upstream release -- Enable all display managers by default, as discussed with Adam Williamson - -* Thu Sep 20 2012 Lennart Poettering - 190-1 -- New upstream release -- Take possession of /etc/localtime, and remove /etc/sysconfig/clock -- https://bugzilla.redhat.com/show_bug.cgi?id=858780 -- https://bugzilla.redhat.com/show_bug.cgi?id=858787 -- https://bugzilla.redhat.com/show_bug.cgi?id=858771 -- https://bugzilla.redhat.com/show_bug.cgi?id=858754 -- https://bugzilla.redhat.com/show_bug.cgi?id=858746 -- https://bugzilla.redhat.com/show_bug.cgi?id=858266 -- https://bugzilla.redhat.com/show_bug.cgi?id=858224 -- https://bugzilla.redhat.com/show_bug.cgi?id=857670 -- https://bugzilla.redhat.com/show_bug.cgi?id=856975 -- https://bugzilla.redhat.com/show_bug.cgi?id=855863 -- https://bugzilla.redhat.com/show_bug.cgi?id=851970 -- https://bugzilla.redhat.com/show_bug.cgi?id=851275 -- https://bugzilla.redhat.com/show_bug.cgi?id=851131 -- https://bugzilla.redhat.com/show_bug.cgi?id=847472 -- https://bugzilla.redhat.com/show_bug.cgi?id=847207 -- https://bugzilla.redhat.com/show_bug.cgi?id=846483 -- https://bugzilla.redhat.com/show_bug.cgi?id=846085 -- https://bugzilla.redhat.com/show_bug.cgi?id=845973 -- https://bugzilla.redhat.com/show_bug.cgi?id=845194 -- https://bugzilla.redhat.com/show_bug.cgi?id=845028 -- https://bugzilla.redhat.com/show_bug.cgi?id=844630 -- https://bugzilla.redhat.com/show_bug.cgi?id=839736 -- https://bugzilla.redhat.com/show_bug.cgi?id=835848 -- https://bugzilla.redhat.com/show_bug.cgi?id=831740 -- https://bugzilla.redhat.com/show_bug.cgi?id=823485 -- https://bugzilla.redhat.com/show_bug.cgi?id=821813 -- https://bugzilla.redhat.com/show_bug.cgi?id=807886 -- https://bugzilla.redhat.com/show_bug.cgi?id=802198 -- https://bugzilla.redhat.com/show_bug.cgi?id=767795 -- https://bugzilla.redhat.com/show_bug.cgi?id=767561 -- https://bugzilla.redhat.com/show_bug.cgi?id=752774 -- https://bugzilla.redhat.com/show_bug.cgi?id=732874 -- https://bugzilla.redhat.com/show_bug.cgi?id=858735 - -* Thu Sep 13 2012 Lennart Poettering - 189-4 -- Don't pull in pkg-config as dep -- https://bugzilla.redhat.com/show_bug.cgi?id=852828 - -* Wed Sep 12 2012 Lennart Poettering - 189-3 -- Update preset policy -- Rename preset policy file from 99-default.preset to 90-default.preset so that people can order their own stuff after the Fedora default policy if they wish - -* Thu Aug 23 2012 Lennart Poettering - 189-2 -- Update preset policy -- https://bugzilla.redhat.com/show_bug.cgi?id=850814 - -* Thu Aug 23 2012 Lennart Poettering - 189-1 -- New upstream release - -* Thu Aug 16 2012 Ray Strode 188-4 -- more scriptlet fixes - (move dm migration logic to %%posttrans so the service - files it's looking for are available at the time - the logic is run) - -* Sat Aug 11 2012 Lennart Poettering - 188-3 -- Remount file systems MS_PRIVATE before switching roots -- https://bugzilla.redhat.com/show_bug.cgi?id=847418 - -* Wed Aug 08 2012 Rex Dieter - 188-2 -- fix scriptlets - -* Wed Aug 8 2012 Lennart Poettering - 188-1 -- New upstream release -- Enable gdm and avahi by default via the preset file -- Convert /etc/sysconfig/desktop to display-manager.service symlink -- Enable hardened build - -* Mon Jul 30 2012 Kay Sievers - 187-3 -- Obsolete: system-setup-keyboard - -* Wed Jul 25 2012 Kalev Lember - 187-2 -- Run ldconfig for the new -libs subpackage - -* Thu Jul 19 2012 Lennart Poettering - 187-1 -- New upstream release - -* Mon Jul 09 2012 Harald Hoyer 186-2 -- fixed dracut conflict version - -* Tue Jul 3 2012 Lennart Poettering - 186-1 -- New upstream release - -* Fri Jun 22 2012 Nils Philippsen - 185-7.gite7aee75 -- add obsoletes/conflicts so multilib systemd -> systemd-libs updates work - -* Thu Jun 14 2012 Michal Schmidt - 185-6.gite7aee75 -- Update to current git - -* Wed Jun 06 2012 Kay Sievers - 185-5.gita2368a3 -- disable plymouth in configure, to drop the .wants/ symlinks - -* Wed Jun 06 2012 Michal Schmidt - 185-4.gita2368a3 -- Update to current git snapshot - - Add systemd-readahead-analyze - - Drop upstream patch -- Split systemd-libs -- Drop duplicate doc files -- Fixed License headers of subpackages - -* Wed Jun 06 2012 Ray Strode - 185-3 -- Drop plymouth files -- Conflict with old plymouth - -* Tue Jun 05 2012 Kay Sievers - 185-2 -- selinux udev labeling fix -- conflict with older dracut versions for new udev file names - -* Mon Jun 04 2012 Kay Sievers - 185-1 -- New upstream release - - udev selinux labeling fixes - - new man pages - - systemctl help - -* Thu May 31 2012 Lennart Poettering - 184-1 -- New upstream release - -* Thu May 24 2012 Kay Sievers - 183-1 -- New upstream release including udev merge. - -* Wed Mar 28 2012 Michal Schmidt - 44-4 -- Add triggers from Bill Nottingham to correct the damage done by - the obsoleted systemd-units's preun scriptlet (#807457). - -* Mon Mar 26 2012 Dennis Gilmore - 44-3 -- apply patch from upstream so we can build systemd on arm and ppc -- and likely the rest of the secondary arches - -* Tue Mar 20 2012 Michal Schmidt - 44-2 -- Don't build the gtk parts anymore. They're moving into systemd-ui. -- Remove a dead patch file. - -* Fri Mar 16 2012 Lennart Poettering - 44-1 -- New upstream release -- Closes #798760, #784921, #783134, #768523, #781735 - -* Mon Feb 27 2012 Dennis Gilmore - 43-2 -- don't conflict with fedora-release systemd never actually provided -- /etc/os-release so there is no actual conflict - -* Wed Feb 15 2012 Lennart Poettering - 43-1 -- New upstream release -- Closes #789758, #790260, #790522 - -* Sat Feb 11 2012 Lennart Poettering - 42-1 -- New upstream release -- Save a bit of entropy during system installation (#789407) -- Don't own /etc/os-release anymore, leave that to fedora-release - -* Thu Feb 9 2012 Adam Williamson - 41-2 -- rebuild for fixed binutils - -* Thu Feb 9 2012 Lennart Poettering - 41-1 -- New upstream release - -* Tue Feb 7 2012 Lennart Poettering - 40-1 -- New upstream release - -* Thu Jan 26 2012 Kay Sievers - 39-3 -- provide /sbin/shutdown - -* Wed Jan 25 2012 Harald Hoyer 39-2 -- increment release - -* Wed Jan 25 2012 Kay Sievers - 39-1.1 -- install everything in /usr - https://fedoraproject.org/wiki/Features/UsrMove - -* Wed Jan 25 2012 Lennart Poettering - 39-1 -- New upstream release - -* Sun Jan 22 2012 Michal Schmidt - 38-6.git9fa2f41 -- Update to a current git snapshot. -- Resolves: #781657 - -* Sun Jan 22 2012 Michal Schmidt - 38-5 -- Build against libgee06. Reenable gtk tools. -- Delete unused patches. -- Add easy building of git snapshots. -- Remove legacy spec file elements. -- Don't mention implicit BuildRequires. -- Configure with --disable-static. -- Merge -units into the main package. -- Move section 3 manpages to -devel. -- Fix unowned directory. -- Run ldconfig in scriptlets. -- Split systemd-analyze to a subpackage. - -* Sat Jan 21 2012 Dan Horák - 38-4 -- fix build on big-endians - -* Wed Jan 11 2012 Lennart Poettering - 38-3 -- Disable building of gtk tools for now - -* Wed Jan 11 2012 Lennart Poettering - 38-2 -- Fix a few (build) dependencies - -* Wed Jan 11 2012 Lennart Poettering - 38-1 -- New upstream release - -* Tue Nov 15 2011 Michal Schmidt - 37-4 -- Run authconfig if /etc/pam.d/system-auth is not a symlink. -- Resolves: #753160 - -* Wed Nov 02 2011 Michal Schmidt - 37-3 -- Fix remote-fs-pre.target and its ordering. -- Resolves: #749940 - -* Wed Oct 19 2011 Michal Schmidt - 37-2 -- A couple of fixes from upstream: -- Fix a regression in bash-completion reported in Bodhi. -- Fix a crash in isolating. -- Resolves: #717325 - -* Tue Oct 11 2011 Lennart Poettering - 37-1 -- New upstream release -- Resolves: #744726, #718464, #713567, #713707, #736756 - -* Thu Sep 29 2011 Michal Schmidt - 36-5 -- Undo the workaround. Kay says it does not belong in systemd. -- Unresolves: #741655 - -* Thu Sep 29 2011 Michal Schmidt - 36-4 -- Workaround for the crypto-on-lvm-on-crypto disk layout -- Resolves: #741655 - -* Sun Sep 25 2011 Michal Schmidt - 36-3 -- Revert an upstream patch that caused ordering cycles -- Resolves: #741078 - -* Fri Sep 23 2011 Lennart Poettering - 36-2 -- Add /etc/timezone to ghosted files - -* Fri Sep 23 2011 Lennart Poettering - 36-1 -- New upstream release -- Resolves: #735013, #736360, #737047, #737509, #710487, #713384 - -* Thu Sep 1 2011 Lennart Poettering - 35-1 -- New upstream release -- Update post scripts -- Resolves: #726683, #713384, #698198, #722803, #727315, #729997, #733706, #734611 - -* Thu Aug 25 2011 Lennart Poettering - 34-1 -- New upstream release - -* Fri Aug 19 2011 Harald Hoyer 33-2 -- fix ABRT on service file reloading -- Resolves: rhbz#732020 - -* Wed Aug 3 2011 Lennart Poettering - 33-1 -- New upstream release - -* Fri Jul 29 2011 Lennart Poettering - 32-1 -- New upstream release - -* Wed Jul 27 2011 Lennart Poettering - 31-2 -- Fix access mode of modprobe file, restart logind after upgrade - -* Wed Jul 27 2011 Lennart Poettering - 31-1 -- New upstream release - -* Wed Jul 13 2011 Lennart Poettering - 30-1 -- New upstream release - -* Thu Jun 16 2011 Lennart Poettering - 29-1 -- New upstream release - -* Mon Jun 13 2011 Michal Schmidt - 28-4 -- Apply patches from current upstream. -- Fixes memory size detection on 32-bit with >4GB RAM (BZ712341) - -* Wed Jun 08 2011 Michal Schmidt - 28-3 -- Apply patches from current upstream -- https://bugzilla.redhat.com/show_bug.cgi?id=709909 -- https://bugzilla.redhat.com/show_bug.cgi?id=710839 -- https://bugzilla.redhat.com/show_bug.cgi?id=711015 - -* Sat May 28 2011 Lennart Poettering - 28-2 -- Pull in nss-myhostname - -* Thu May 26 2011 Lennart Poettering - 28-1 -- New upstream release - -* Wed May 25 2011 Lennart Poettering - 26-2 -- Bugfix release -- https://bugzilla.redhat.com/show_bug.cgi?id=707507 -- https://bugzilla.redhat.com/show_bug.cgi?id=707483 -- https://bugzilla.redhat.com/show_bug.cgi?id=705427 -- https://bugzilla.redhat.com/show_bug.cgi?id=707577 - -* Sat Apr 30 2011 Lennart Poettering - 26-1 -- New upstream release -- https://bugzilla.redhat.com/show_bug.cgi?id=699394 -- https://bugzilla.redhat.com/show_bug.cgi?id=698198 -- https://bugzilla.redhat.com/show_bug.cgi?id=698674 -- https://bugzilla.redhat.com/show_bug.cgi?id=699114 -- https://bugzilla.redhat.com/show_bug.cgi?id=699128 - -* Thu Apr 21 2011 Lennart Poettering - 25-1 -- New upstream release -- https://bugzilla.redhat.com/show_bug.cgi?id=694788 -- https://bugzilla.redhat.com/show_bug.cgi?id=694321 -- https://bugzilla.redhat.com/show_bug.cgi?id=690253 -- https://bugzilla.redhat.com/show_bug.cgi?id=688661 -- https://bugzilla.redhat.com/show_bug.cgi?id=682662 -- https://bugzilla.redhat.com/show_bug.cgi?id=678555 -- https://bugzilla.redhat.com/show_bug.cgi?id=628004 - -* Wed Apr 6 2011 Lennart Poettering - 24-1 -- New upstream release -- https://bugzilla.redhat.com/show_bug.cgi?id=694079 -- https://bugzilla.redhat.com/show_bug.cgi?id=693289 -- https://bugzilla.redhat.com/show_bug.cgi?id=693274 -- https://bugzilla.redhat.com/show_bug.cgi?id=693161 - -* Tue Apr 5 2011 Lennart Poettering - 23-1 -- New upstream release -- Include systemd-sysv-convert - -* Fri Apr 1 2011 Lennart Poettering - 22-1 -- New upstream release - -* Wed Mar 30 2011 Lennart Poettering - 21-2 -- The quota services are now pulled in by mount points, hence no need to enable them explicitly - -* Tue Mar 29 2011 Lennart Poettering - 21-1 -- New upstream release - -* Mon Mar 28 2011 Matthias Clasen - 20-2 -- Apply upstream patch to not send untranslated messages to plymouth - -* Tue Mar 8 2011 Lennart Poettering - 20-1 -- New upstream release - -* Tue Mar 1 2011 Lennart Poettering - 19-1 -- New upstream release - -* Wed Feb 16 2011 Lennart Poettering - 18-1 -- New upstream release - -* Mon Feb 14 2011 Bill Nottingham - 17-6 -- bump upstart obsoletes (#676815) - -* Wed Feb 9 2011 Tom Callaway - 17-5 -- add macros.systemd file for %%{_unitdir} - -* Wed Feb 09 2011 Fedora Release Engineering - 17-4 -- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild - -* Wed Feb 9 2011 Lennart Poettering - 17-3 -- Fix popen() of systemctl, #674916 - -* Mon Feb 7 2011 Bill Nottingham - 17-2 -- add epoch to readahead obsolete - -* Sat Jan 22 2011 Lennart Poettering - 17-1 -- New upstream release - -* Tue Jan 18 2011 Lennart Poettering - 16-2 -- Drop console.conf again, since it is not shipped in pamtmp.conf - -* Sat Jan 8 2011 Lennart Poettering - 16-1 -- New upstream release - -* Thu Nov 25 2010 Lennart Poettering - 15-1 -- New upstream release - -* Thu Nov 25 2010 Lennart Poettering - 14-1 -- Upstream update -- Enable hwclock-load by default -- Obsolete readahead -- Enable /var/run and /var/lock on tmpfs - -* Fri Nov 19 2010 Lennart Poettering - 13-1 -- new upstream release - -* Wed Nov 17 2010 Bill Nottingham 12-3 -- Fix clash - -* Wed Nov 17 2010 Lennart Poettering - 12-2 -- Don't clash with initscripts for now, so that we don't break the builders - -* Wed Nov 17 2010 Lennart Poettering - 12-1 -- New upstream release - -* Fri Nov 12 2010 Matthias Clasen - 11-2 -- Rebuild with newer vala, libnotify - -* Thu Oct 7 2010 Lennart Poettering - 11-1 -- New upstream release - -* Wed Sep 29 2010 Jesse Keating - 10-6 -- Rebuilt for gcc bug 634757 - -* Thu Sep 23 2010 Bill Nottingham - 10-5 -- merge -sysvinit into main package - -* Mon Sep 20 2010 Bill Nottingham - 10-4 -- obsolete upstart-sysvinit too - -* Fri Sep 17 2010 Bill Nottingham - 10-3 -- Drop upstart requires - -* Tue Sep 14 2010 Lennart Poettering - 10-2 -- Enable audit -- https://bugzilla.redhat.com/show_bug.cgi?id=633771 - -* Tue Sep 14 2010 Lennart Poettering - 10-1 -- New upstream release -- https://bugzilla.redhat.com/show_bug.cgi?id=630401 -- https://bugzilla.redhat.com/show_bug.cgi?id=630225 -- https://bugzilla.redhat.com/show_bug.cgi?id=626966 -- https://bugzilla.redhat.com/show_bug.cgi?id=623456 - -* Fri Sep 3 2010 Bill Nottingham - 9-3 -- move fedora-specific units to initscripts; require newer version thereof - -* Fri Sep 3 2010 Lennart Poettering - 9-2 -- Add missing tarball - -* Fri Sep 3 2010 Lennart Poettering - 9-1 -- New upstream version -- Closes 501720, 614619, 621290, 626443, 626477, 627014, 627785, 628913 - -* Fri Aug 27 2010 Lennart Poettering - 8-3 -- Reexecute after installation, take ownership of /var/run/user -- https://bugzilla.redhat.com/show_bug.cgi?id=627457 -- https://bugzilla.redhat.com/show_bug.cgi?id=627634 - -* Thu Aug 26 2010 Lennart Poettering - 8-2 -- Properly create default.target link - -* Wed Aug 25 2010 Lennart Poettering - 8-1 -- New upstream release - -* Thu Aug 12 2010 Lennart Poettering - 7-3 -- Fix https://bugzilla.redhat.com/show_bug.cgi?id=623561 - -* Thu Aug 12 2010 Lennart Poettering - 7-2 -- Fix https://bugzilla.redhat.com/show_bug.cgi?id=623430 - -* Tue Aug 10 2010 Lennart Poettering - 7-1 -- New upstream release - -* Fri Aug 6 2010 Lennart Poettering - 6-2 -- properly hide output on package installation -- pull in coreutils during package installtion - -* Fri Aug 6 2010 Lennart Poettering - 6-1 -- New upstream release -- Fixes #621200 - -* Wed Aug 4 2010 Lennart Poettering - 5-2 -- Add tarball - -* Wed Aug 4 2010 Lennart Poettering - 5-1 -- Prepare release 5 - -* Tue Jul 27 2010 Bill Nottingham - 4-4 -- Add 'sysvinit-userspace' provide to -sysvinit package to fix upgrade/install (#618537) - -* Sat Jul 24 2010 Lennart Poettering - 4-3 -- Add libselinux to build dependencies - -* Sat Jul 24 2010 Lennart Poettering - 4-2 -- Use the right tarball - -* Sat Jul 24 2010 Lennart Poettering - 4-1 -- New upstream release, and make default - -* Tue Jul 13 2010 Lennart Poettering - 3-3 -- Used wrong tarball - -* Tue Jul 13 2010 Lennart Poettering - 3-2 -- Own /cgroup jointly with libcgroup, since we don't dpend on it anymore - -* Tue Jul 13 2010 Lennart Poettering - 3-1 -- New upstream release - -* Fri Jul 9 2010 Lennart Poettering - 2-0 -- New upstream release - -* Wed Jul 7 2010 Lennart Poettering - 1-0 -- First upstream release - -* Tue Jun 29 2010 Lennart Poettering - 0-0.7.20100629git4176e5 -- New snapshot -- Split off -units package where other packages can depend on without pulling in the whole of systemd - -* Tue Jun 22 2010 Lennart Poettering - 0-0.6.20100622gita3723b -- Add missing libtool dependency. - -* Tue Jun 22 2010 Lennart Poettering - 0-0.5.20100622gita3723b -- Update snapshot - -* Mon Jun 14 2010 Rahul Sundaram - 0-0.4.20100614git393024 -- Pull the latest snapshot that fixes a segfault. Resolves rhbz#603231 - -* Fri Jun 11 2010 Rahul Sundaram - 0-0.3.20100610git2f198e -- More minor fixes as per review - -* Thu Jun 10 2010 Rahul Sundaram - 0-0.2.20100610git2f198e -- Spec improvements from David Hollis - -* Wed Jun 09 2010 Rahul Sundaram - 0-0.1.20090609git2f198e -- Address review comments - -* Tue Jun 01 2010 Rahul Sundaram - 0-0.0.git2010-06-02 -- Initial spec (adopted from Kay Sievers) - diff --git a/libabigail.abignore b/libabigail.abignore deleted file mode 100644 index 6a33b88..0000000 --- a/libabigail.abignore +++ /dev/null @@ -1,3 +0,0 @@ -[suppress_file] -# Those shared objects are private to systemd -file_name_regexp=libsystemd-(shared|core)-.*.so diff --git a/macros.sysusers b/macros.sysusers deleted file mode 100644 index 534b0e7..0000000 --- a/macros.sysusers +++ /dev/null @@ -1,10 +0,0 @@ -# RPM macros for packages creating system accounts -# -# Turn a sysusers.d file into macros specified by -# https://docs.fedoraproject.org/en-US/packaging-guidelines/UsersAndGroups/#_dynamic_allocation -# -# After https://fedoraproject.org/wiki/Changes/RPMSuportForSystemdSysusers, -# those macros are not needed anymore. - -%sysusers_requires_compat %nil -%sysusers_create_compat() %nil diff --git a/macros.sysusers.compat b/macros.sysusers.compat deleted file mode 100644 index d8d8c1d..0000000 --- a/macros.sysusers.compat +++ /dev/null @@ -1,10 +0,0 @@ -# RPM macros for packages creating system accounts -# -# Turn a sysusers.d file into macros specified by -# https://docs.fedoraproject.org/en-US/packaging-guidelines/UsersAndGroups/#_dynamic_allocation - -%sysusers_requires_compat Requires(pre): shadow-utils - -%sysusers_create_compat() \ -%(%{_rpmconfigdir}/sysusers.generate-pre.sh %{?*}) \ -%{nil} diff --git a/owner-check.sh b/owner-check.sh deleted file mode 100755 index 3273a3f..0000000 --- a/owner-check.sh +++ /dev/null @@ -1,53 +0,0 @@ -#!/bin/bash -set -e - -verb="$1" - -[ "$verb" = "-s" ] && do_send=1 || do_send= - -[ -n "$do_send" ] && [ -z "$server" -o -z "login" ] && { echo '$server and $login need to be set'; exit 1; } - -header= -from=systemd-maint@fedoraproject.org -time='2 years ago' -# time='1 day ago' -port=587 - -for user in "$@"; do - echo "checking $user…" - - p=$(git log -1 --all --author "$user") - if [ -z "$p" ]; then - echo "No commits from $user, check spelling" - exit 1 - fi - - t=$(git shortlog --all --author "$user" --since "@{$time}" | wc -l) - if [ $t != 0 ]; then - echo "$t commits in the last two years, OK" - echo - continue - fi - - echo "$p" | head -n6 - echo ".. adding to list" - - if [ -z "$header" ]; then - echo '$USER$;$EMAIL$' >.mail.list - header=done - fi - - echo "$user;$user@fedoraproject.org" >>.mail.list - echo -done - -[ -z "$header" ] && exit 0 -[ -n "$do_send" ] || exit 0 - -echo "Sending mails…" -set -x -massmail -F "$from" \ - -C "$from" \ - -S 'write access to the fedora systemd package' \ - -z "$server" -u "$login" -P "$port" \ - .mail.list /dev/null; then + # this will remove both the user and the group. + ( set -x + userdel nobody + ) + fi + + if getent passwd 65534 >/dev/null; then + # Make sure the uid is unused. This should free gid too. + name="$(getent passwd 65534 | cut -d: -f1)" + ( set -x + userdel "$name" + ) + fi + + if grep -qE '^(passwd|group):.*\bsss\b' /etc/nsswitch.conf; then + echo "Sleeping, so sss can catch up" + sleep 3 + fi + + if getent group 65534; then + # Make sure the gid is unused, even if uid wasn't. + name="$(getent group 65534 | cut -d: -f1)" + ( set -x + groupdel "$name" + ) + fi + + # systemd-sysusers uses the same gid and uid + ( set -x + systemd-sysusers --inline 'u nobody 65534 "Kernel Overflow User" / /sbin/nologin' + ) +else + echo "Pass '-x' to perform changes" +fi diff --git a/rpminspect.yaml b/rpminspect.yaml deleted file mode 100644 index 6318820..0000000 --- a/rpminspect.yaml +++ /dev/null @@ -1,24 +0,0 @@ - # Disable badfuncs check that has tons of false positives. -badfuncs: - allowed: - /usr/lib/systemd/tests/unit-tests/*: - - inet_addr - - inet_aton - /usr/bin/networkctl: - - inet_addr - - inet_aton - -# don't report changed content of compiled files -# that is expected with every update -changedfiles: - exclude_path: .* - -# completely disable inspections: -inspections: - # we know about our patches, no need to report anything - patches: off - - # this inspection uses `udevadm` which comes from this package - # disable so we do not check udev rules with a possibly outdated version - # of the command - udevrules: off diff --git a/sources b/sources index af6ddf0..9b3646e 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -SHA512 (systemd-259.tar.gz) = ef46b13661df43e3cfbeee1bc22f0b1eb902e8ebe39c19868c465efd08b35a199c2a2cd9d8021a6bc4d692fa0c6e0eab3f13eecd6ce24dde81d3945464a25b50 +SHA512 (systemd-238.tar.gz) = c0f272b022308d3bd94679184e102a8dc85de55310bda205a458ea33c77c7733e5c8c8e5b15f786ba3e0ce59e7c6a9bf0d5a0950517c6b91e0f345950129b9c8 diff --git a/split-files.py b/split-files.py index 38bde60..03f29c5 100644 --- a/split-files.py +++ b/split-files.py @@ -1,47 +1,8 @@ import re, sys, os, collections buildroot = sys.argv[1] -no_bootloader = '--no-bootloader' in sys.argv - -known_files = ''' -%ghost %config(noreplace) /etc/crypttab -%ghost %attr(0444,root,root) /etc/udev/hwdb.bin -/etc/inittab -# This directory is owned by openssh-server, but we don't want to introduce -# a dependency. So let's copy the config and co-own the directory. -%dir %attr(0700,root,root) /etc/ssh/sshd_config.d -%ghost %config(noreplace) /etc/vconsole.conf -%ghost %config(noreplace) /etc/X11/xorg.conf.d/00-keyboard.conf -%ghost %attr(0664,root,root) %verify(not group) /run/utmp -%ghost %attr(0664,root,root) %verify(not group) /var/log/wtmp -%ghost %attr(0660,root,root) %verify(not group) /var/log/btmp -%ghost %attr(0664,root,root) %verify(not md5 size mtime group) /var/log/lastlog -%ghost %config(noreplace) /etc/hostname -%ghost %config(noreplace) /etc/localtime -%ghost %config(noreplace) /etc/locale.conf -%ghost %attr(0444,root,root) %config(noreplace) /etc/machine-id -%ghost %config(noreplace) /etc/machine-info -%ghost %attr(0700,root,root) %dir /var/cache/private -%ghost %attr(0700,root,root) %dir /var/lib/private -%ghost %dir /var/lib/private/systemd -%ghost %dir /var/lib/private/systemd/journal-upload -%ghost /var/lib/private/systemd/journal-upload/state -%ghost %dir /var/lib/systemd/timesync -%ghost /var/lib/systemd/timesync/clock -%ghost %dir /var/lib/systemd/backlight -%ghost /var/lib/systemd/catalog/database -%ghost %dir /var/lib/systemd/coredump -%ghost /var/lib/systemd/journal-upload -%ghost %dir /var/lib/systemd/linger -%ghost %attr(0600,root,root) /var/lib/systemd/random-seed -%ghost %dir /var/lib/systemd/rfkill -%ghost %dir %verify(not mode group) /var/log/journal -%ghost %dir /var/log/journal/remote -%ghost %attr(0700,root,root) %dir /var/log/private -''' - -known_files = {line.split()[-1]:line for line in known_files.splitlines() - if line and not line.startswith('#')} +known_files = sys.stdin.read().splitlines() +known_files = {line.split()[-1]:line for line in known_files} def files(root): os.chdir(root) @@ -54,31 +15,14 @@ def files(root): if file.is_dir() and not file.is_symlink(): todo.append(file) -outputs = {suffix: open(f'.file-list-{suffix}', 'w') - for suffix in ( - 'shared', - 'libs', - 'udev', - 'ukify', - 'boot', - 'pam', - 'rpm-macros', - 'sysusers', - 'devel', - 'container', - 'networkd', - 'networkd-defaults', - 'oomd-defaults', - 'remote', - 'resolve', - 'tests', - 'standalone-repart', - 'standalone-tmpfiles', - 'standalone-sysusers', - 'standalone-shutdown', - 'main', - )} - +o_libs = open('.file-list-libs', 'w') +o_udev = open('.file-list-udev', 'w') +o_pam = open('.file-list-pam', 'w') +o_devel = open('.file-list-devel', 'w') +o_container = open('.file-list-container', 'w') +o_remote = open('.file-list-remote', 'w') +o_tests = open('.file-list-tests', 'w') +o_rest = open('.file-list-rest', 'w') for file in files(buildroot): n = file.path[1:] if re.match(r'''/usr/(share|include)$| @@ -96,203 +40,76 @@ for file in files(buildroot): /usr/lib/firewalld(/services|)$| /usr/share/(locale|licenses|doc)| # no $ /etc(/pam\.d|/xdg|/X11|/X11/xinit|/X11.*\.d|)$| - /etc/(dnf|dnf/protected.d)$| /usr/(src|lib/debug)| # no $ - /run$| /var(/cache|/log|/lib|/run|)$ ''', n, re.X): continue - - if n.endswith('.standalone'): - if 'repart' in n: - o = outputs['standalone-repart'] - elif 'tmpfiles' in n: - o = outputs['standalone-tmpfiles'] - elif 'sysusers' in n: - o = outputs['standalone-sysusers'] - elif 'shutdown' in n: - o = outputs['standalone-shutdown'] - else: - assert False, 'Found .standalone not belonging to known packages' - - elif '/security/pam_' in n or '/man8/pam_' in n: - o = outputs['pam'] - elif '/rpm/' in n: - o = outputs['rpm-macros'] + if '/security/pam_' in n: + o = o_pam + elif re.search(r'/lib.*\.pc|/man3/|/usr/include|(?= 64] - -# Build from git main -%bcond upstream 0 - -# Build with OBS-specific quirks -%bcond obs 0 - -# When bootstrap, libcryptsetup is disabled -# but auto-features causes many options to be turned on -# that depend on libcryptsetup (e.g. libcryptsetup-plugins, homed) -%if %{with bootstrap} -%global __meson_auto_features disabled -# If we're building for upstream, don't unconditionally enable all -# new features as new features might be introduced for which we're -# missing build dependencies. -%elif %{with upstream} -%global __meson_auto_features auto -%endif - -# Override %%autorelease. This is ugly, but rpmautospec doesn't implement -# autorelease correctly if the macro is conditionalized in the Release field. -%{?release_override:%global autorelease %{release_override}%{?dist}} - -# In OBS, noarch packages are shared between all architectures and -# independent architectures can be rebuilt automatically without all -# the other architectures getting rebuilt. This can result in the noarch -# packages being newer than the archful packages for some architectures, -# which means our current strict deps from the noarch packages on the -# archful packages can't be satisfied. -# -# To address this problem, let's relax the dependencies from the noarch -# packages on the archful packages for OBS builds. Let's only do this for -# OBS builds because this isn't an issue on Fedora as it's impossible to -# build a package for only some of the architectures. -%if %{with obs} -%define noarch_requires_version %{version} -%else -%define noarch_requires_version %{version}-%{release} -%endif - Name: systemd -Url: https://systemd.io -# Allow users to specify the version and release when building the rpm by -# setting the %%version_override and %%release_override macros. -# But don't do that on OBS, otherwise the version subst fails, and will be -# like 257-123-gabcd257.1 instead of 257-123-gabcd -%if %{without obs} -Version: %{?version_override}%{!?version_override:259} -%else -Version: %{?version_override}%{!?version_override:%(cat meson.version)} -%endif -Release: %autorelease - -%global stable %(c="%version"; [ "$c" = "${c#*.*}" ]; echo $?) - +Url: http://www.freedesktop.org/wiki/Software/systemd +Version: 238 +Release: 3%{?gitcommit:.git%{gitcommitshort}}%{?dist} # For a breakdown of the licensing, see README -License: LGPL-2.1-or-later AND MIT AND GPL-2.0-or-later +License: LGPLv2+ and MIT and GPLv2+ Summary: System and Service Manager # download tarballs with "spectool -g systemd.spec" -# packit will always rewrite the first Source0 it finds, ignoring any conditionals so list -# the fallback source that's used if neither %%branch, %%commit or %%obs are defined first. -%if %{undefined branch} && %{undefined commit} && %{without obs} -Source0: https://github.com/systemd/systemd/archive/v%{version_no_tilde}/%{name}-%{version_no_tilde}.tar.gz -%elif %{defined branch} -Source0: https://github.com/systemd/systemd/archive/refs/heads/%{branch}.tar.gz -%elif %{defined commit} -Source0: https://github.com/systemd/systemd/archive/%{commit}/%{name}-%{commit}.tar.gz -%elif %{with obs} -Source0: https://github.com/systemd/systemd/archive/v%{version_no_tilde}/%{name}-%{version}.tar.xz +%if %{defined gitcommit} +Source0: https://github.com/systemd/systemd-stable/archive/%{?gitcommit}.tar.gz#/%{name}-%{gitcommitshort}.tar.gz +%else +Source0: https://github.com/systemd/systemd/archive/v%{version}.tar.gz#/%{name}-%{version}.tar.gz %endif # This file must be available before %%prep. -# It is generated during systemd build and can be found at build/src/rpm/triggers.systemd.sh. +# It is generated during systemd build and can be found in src/core/. Source1: triggers.systemd Source2: split-files.py -Source4: test_sysusers_defined.py +Source3: purge-nobody-user -Source6: inittab -Source7: sysctl.conf.README -Source8: systemd-journal-remote.xml -Source9: systemd-journal-gatewayd.xml -Source10: 20-yama-ptrace.conf -Source11: systemd-udev-trigger-no-reload.conf -# https://fedoraproject.org/wiki/How_to_filter_libabigail_reports -Source13: libabigail.abignore +# Prevent accidental removal of the systemd package +Source4: yum-protect-systemd.conf -Source14: 10-oomd-defaults.conf -Source15: 10-oomd-per-slice-defaults.conf -Source16: 10-timeout-abort.conf -Source17: 10-map-count.conf -Source18: 60-block-scheduler.rules +Source5: inittab +Source6: sysctl.conf.README +Source7: systemd-journal-remote.xml +Source8: systemd-journal-gatewayd.xml +Source9: 20-yama-ptrace.conf +Source10: systemd-udev-trigger-no-reload.conf +Source11: 20-grubby.install +Source12: https://raw.githubusercontent.com/systemd/systemd/1000522a60ceade446773c67031b47a566d4a70d/src/login/systemd-user.m4 -Source20: macros.sysusers.compat -Source21: macros.sysusers -Source22: sysusers.attr -Source23: sysusers.prov -Source24: sysusers.generate-pre.sh - -Source25: 98-default-mac-none.link - -Source26: systemd-user - -%if 0%{?fedora} < 40 && 0%{?rhel} < 10 -# Work-around for dracut issue: run generators directly when we are in initrd -# https://bugzilla.redhat.com/show_bug.cgi?id=2164404 -# Drop when dracut-060 is available. -Patch: https://github.com/systemd/systemd/pull/26494.patch +%if 0 +GIT_DIR=../../src/systemd/.git git format-patch-ab --no-signature -M -N v235..v235-stable +i=1; for j in 00*patch; do printf "Patch%04d: %s\n" $i $j; i=$((i+1));done|xclip +GIT_DIR=../../src/systemd/.git git diffab -M v233..master@{2017-06-15} -- hwdb/[67]* hwdb/parse_hwdb.py > hwdb.patch %endif -%if %{without upstream} -# Those are downstream-only patches, but we don't want them in packit builds. +%if 0%{?dlrn} == 0 +Patch0001: 0001-test-cgroup-util-bail-out-when-running-under-mock.patch +Patch0002: 0002-basic-fs-util-skip-fsync_directory_of_file-if-proc-s.patch -# Create user journals for users with high UIDs -# https://bugzilla.redhat.com/show_bug.cgi?id=2251843 -Patch: 30846.patch - -# Again create runlevelX.target. Dropping those files breaks upgrades. -# https://bugzilla.redhat.com/show_bug.cgi?id=2411195 -Patch: 0001-Revert-units-drop-runlevel-0-6-.target.patch - -# userdb: create userdb root directory with correct label -# We can drop this after SELinux policy is updated to handle the transition. -Patch: 38769.patch - -# Workaround for https://bugzilla.redhat.com/show_bug.cgi?id=2415701 -Patch: 0002-machined-continue-without-resolve.hook-socket.patch - -# 2 patches for https://fedoraproject.org/wiki/Changes/Automatic_DTB_selection_for_aarch64_EFI_systems -# Upstream commit: https://github.com/systemd/systemd/commit/75890d949f92c412c0936b8536b2e0dc8f7dfb40 -Patch: 0003-ukify-omit-.osrel-section-when-os-release-is-empty.patch -# Upstream PR: https://github.com/systemd/systemd/pull/40329 -Patch: 0004-stub-Fix-NULL-pointer-deref-when-there-are-no-initrd.patch +Patch0998: 0998-resolved-create-etc-resolv.conf-symlink-at-runtime.patch %endif -%ifarch %{ix86} x86_64 aarch64 riscv64 -%global want_bootloader 1 +%global num_patches %{lua: c=0; for i,p in ipairs(patches) do c=c+1; end; print(c);} + +%ifarch %{ix86} x86_64 aarch64 +%global have_gnu_efi 1 %endif BuildRequires: gcc BuildRequires: gcc-c++ -BuildRequires: clang -BuildRequires: coreutils -BuildRequires: rpmdevtools +BuildRequires: libcap-devel BuildRequires: libmount-devel -BuildRequires: libfdisk-devel -BuildRequires: libpwquality-devel -BuildRequires: libxcrypt-devel BuildRequires: pam-devel BuildRequires: libselinux-devel BuildRequires: audit-libs-devel -%if %{without bootstrap} BuildRequires: cryptsetup-devel -# Require (previous version) of our macros package. -# We use the %%systemd_{post,preun,…} macros for various services. -BuildRequires: systemd-rpm-macros -%endif BuildRequires: dbus-devel -BuildRequires: util-linux -# /usr/bin/getfacl is needed by test-acl-util -BuildRequires: acl BuildRequires: libacl-devel BuildRequires: gobject-introspection-devel BuildRequires: libblkid-devel -%if %{with xz} BuildRequires: xz-devel BuildRequires: xz -%endif -%if %{with lz4} BuildRequires: lz4-devel BuildRequires: lz4 -%endif -%if %{with bzip2} BuildRequires: bzip2-devel -%endif -%if %{with zstd} -BuildRequires: libzstd-devel -%endif BuildRequires: libidn2-devel BuildRequires: libcurl-devel BuildRequires: kmod-devel BuildRequires: elfutils-devel -BuildRequires: openssl-devel -%if 0%{?fedora} >= 41 -BuildRequires: openssl-devel-engine -%endif -%if %{with gnutls} +BuildRequires: libgcrypt-devel +BuildRequires: libgpg-error-devel BuildRequires: gnutls-devel -%endif -%if 0%{?fedora} BuildRequires: qrencode-devel -%endif BuildRequires: libmicrohttpd-devel BuildRequires: libxkbcommon-devel BuildRequires: iptables-devel -BuildRequires: pkgconfig(bash-completion) -BuildRequires: pkgconfig(libarchive) -BuildRequires: pkgconfig(libfido2) -BuildRequires: pkgconfig(tss2-esys) -BuildRequires: pkgconfig(tss2-rc) -BuildRequires: pkgconfig(tss2-mu) -BuildRequires: pkgconfig(libbpf) -BuildRequires: systemtap-sdt-devel -%if %{with docs} BuildRequires: libxslt BuildRequires: docbook-style-xsl -%endif BuildRequires: pkgconfig BuildRequires: gperf BuildRequires: gawk BuildRequires: tree -BuildRequires: hostname -BuildRequires: python3 BuildRequires: python3-devel -BuildRequires: python3dist(jinja2) -BuildRequires: python3dist(lxml) -BuildRequires: python3dist(pefile) -%if 0%{?fedora} -BuildRequires: python3dist(pillow) -%endif -BuildRequires: python3dist(pytest) -%if 0%{?want_bootloader} -BuildRequires: python3dist(pyelftools) -%endif -# gzip and lzma are provided by the stdlib +BuildRequires: python3-lxml BuildRequires: firewalld-filesystem +%if 0%{?have_gnu_efi} +BuildRequires: gnu-efi gnu-efi-devel +%endif BuildRequires: libseccomp-devel +%if %{num_patches} +BuildRequires: git +%endif BuildRequires: meson >= 0.43 BuildRequires: gettext -# We use RUNNING_ON_VALGRIND in tests, so the headers need to be available -%ifarch %{valgrind_arches} -BuildRequires: valgrind-devel -%endif -%if %{defined rhel} && 0%{?rhel} < 10 -BuildRequires: rsync -%endif - -%ifnarch %ix86 -# bpftool is not built for i368 -BuildRequires: bpftool -BuildRequires: kernel-devel -%global have_bpf 1 -%endif - -%if 0%{?fedora} -%ifarch x86_64 aarch64 -%global have_xen 1 -# That package is only built for those two architectures -BuildRequires: xen-devel -%endif -%endif - -%if %{with obs} -BuildRequires: pesign-obs-integration -%endif +BuildRequires: python3-pyparsing +BuildRequires: python3-evdev +BuildRequires: perl(IPC::SysV) Requires(post): coreutils +Requires(post): sed +Requires(post): acl Requires(post): grep -# systemd-machine-id-setup requires libssl -Requires(post): openssl-libs -Recommends: dbus >= 1.9.18 -Recommends: systemd-pam%{_isa} = %{version}-%{release} -Requires(meta): (systemd-rpm-macros = %{version}-%{release} if rpm-build) -Requires: systemd-libs%{_isa} = %{version}-%{release} -%{?fedora:Recommends: systemd-networkd = %{version}-%{release}} -%{?fedora:Recommends: systemd-resolved = %{version}-%{release}} -Requires: systemd-shared%{_isa} = %{version}-%{release} -Requires: /usr/bin/systemd-sysusers -# The standalone version doesn't Provide the _isa suffix, -# so this biases towards the common version. -Recommends: systemd-sysusers%{_isa} = %{version}-%{release} +Requires(pre): coreutils +Requires(pre): /usr/bin/getent +Requires(pre): /usr/sbin/groupadd +Requires: dbus >= 1.9.18 +Requires: %{name}-pam = %{version}-%{release} +Requires: %{name}-libs = %{version}-%{release} Recommends: diffutils -Requires: (util-linux-core or util-linux) -Requires: (libbpf >= 2:1.4.7 if libbpf) +Requires: util-linux +Recommends: libxkbcommon%{?_isa} Provides: /bin/systemctl Provides: /sbin/shutdown Provides: syslog @@ -307,156 +132,63 @@ Obsoletes: system-setup-keyboard < 0.9 Provides: system-setup-keyboard = 0.9 # systemd-sysv-convert was removed in f20: https://fedorahosted.org/fpc/ticket/308 Obsoletes: systemd-sysv < 206 +# self-obsoletes so that dnf will install new subpackages on upgrade (#1260394) +Obsoletes: %{name} < 229-5 Provides: systemd-sysv = 206 Conflicts: initscripts < 9.56.1 %if 0%{?fedora} Conflicts: fedora-release < 23-0.12 %endif -%if 0%{?fedora} >= 41 -BuildRequires: setup >= 2.15.0-3 -BuildRequires: python3 -Conflicts: setup < 2.15.0-3 -Conflicts: selinux-policy-any < 41.3 -%endif - -%if 0%{?fedora} >= 41 || 0%{?rhel} >= 10 -# Make sure that dracut supports systemd-executor and the renames done for v255, -# and dlopen libraries and read-only fs in initrd. -Conflicts: dracut < 060-2 -%elif 0%{?fedora} || %{without upstream} -# Make sure that dracut supports systemd-executor and the renames done for v255. -Conflicts: dracut < 059-16 -%endif - -Conflicts: systemd-standalone-tmpfiles -Provides: systemd-tmpfiles = %{version}-%{release} -Conflicts: systemd-standalone-shutdown -Provides: systemd-shutdown = %{version}-%{release} - -%if "%{_sbindir}" == "%{_bindir}" -# Compat symlinks for Requires in other packages. -# We rely on filesystem to create the symlinks for us. -Requires: filesystem(unmerged-sbin-symlinks) -Provides: /usr/sbin/halt -Provides: /usr/sbin/init -Provides: /usr/sbin/poweroff -Provides: /usr/sbin/reboot -Provides: /usr/sbin/shutdown -%endif - -# libmount is always required, even in containers, so make it a hard dependency. -Requires: libmount.so.1%{?elf_suffix} -Requires: libmount.so.1(MOUNT_2.26)%{?elf_bits} -# Various systemd services have syscall filters so make libseccomp a hard dependency. -Requires: libseccomp.so.2%{?elf_suffix} - -# Recommends to replace normal Requires deps for stuff that is dlopen()ed -Recommends: libxkbcommon.so.0%{?elf_suffix} -Recommends: libidn2.so.0%{?elf_suffix} -Recommends: libidn2.so.0(IDN2_0.0.0)%{?elf_bits} -Recommends: libpcre2-8.so.0%{?elf_suffix} -Recommends: libpwquality.so.1%{?elf_suffix} -Recommends: libpwquality.so.1(LIBPWQUALITY_1.0)%{?elf_bits} -%if 0%{?fedora} -Recommends: libqrencode.so.4%{?elf_suffix} -%endif -Recommends: libbpf.so.1%{?elf_suffix} -Recommends: libbpf.so.1(LIBBPF_0.4.0)%{?elf_bits} - -# used by systemd-coredump and systemd-analyze -Recommends: libdw.so.1%{?elf_suffix} -Recommends: libdw.so.1(ELFUTILS_0.186)%{?elf_bits} -Recommends: libelf.so.1%{?elf_suffix} -Recommends: libelf.so.1(ELFUTILS_1.7)%{?elf_bits} - -# used by dissect, integritysetup, veritysetyp, growfs, repart, cryptenroll, home -Recommends: libcryptsetup.so.12%{?elf_suffix} -Recommends: libcryptsetup.so.12(CRYPTSETUP_2.4)%{?elf_bits} - -# Libkmod is used to load modules. -Recommends: libkmod.so.2%{?elf_suffix} -# kmod_list_next, kmod_load_resources, kmod_module_get_initstate, -# kmod_module_get_module, kmod_module_get_name, kmod_module_new_from_lookup, -# kmod_module_probe_insert_module, kmod_module_unref, kmod_module_unref_list, -# kmod_new, kmod_set_log_fn, kmod_unref, kmod_validate_resources -# are part of LIBKMOD_5. -Recommends: libkmod.so.2(LIBKMOD_5)%{?elf_bits} - -Recommends: libarchive.so.13%{?elf_suffix} %description -systemd is a system and service manager that runs as PID 1 and starts the rest -of the system. It provides aggressive parallelization capabilities, uses socket -and D-Bus activation for starting services, offers on-demand starting of -daemons, keeps track of processes using Linux control groups, maintains mount -and automount points, and implements an elaborate transactional dependency-based -service control logic. systemd supports SysV and LSB init scripts and works as a +systemd is a system and service manager that runs as PID 1 and starts +the rest of the system. It provides aggressive parallelization +capabilities, uses socket and D-Bus activation for starting services, +offers on-demand starting of daemons, keeps track of processes using +Linux control groups, maintains mount and automount points, and +implements an elaborate transactional dependency-based service control +logic. systemd supports SysV and LSB init scripts and works as a replacement for sysvinit. Other parts of this package are a logging daemon, -utilities to control basic system configuration like the hostname, date, locale, -maintain a list of logged-in users, system accounts, runtime directories and -settings, and a logging daemons. -%if 0%{?stable} -This package was built from the %(c=%version; echo "v${c%.*}-stable") branch of systemd. -%endif +utilities to control basic system configuration like the hostname, +date, locale, maintain a list of logged-in users and running +containers and virtual machines, system accounts, runtime directories +and settings, and daemons to manage simple network configuration, +network time synchronization, log forwarding, and name resolution. %package libs Summary: systemd libraries -License: LGPL-2.1-or-later AND MIT +License: LGPLv2+ and MIT +Obsoletes: libudev < 183 +Obsoletes: systemd < 185-4 +Conflicts: systemd < 185-4 +Obsoletes: systemd-compat-libs < 230 +Obsoletes: nss-myhostname < 0.4 Provides: nss-myhostname = 0.4 Provides: nss-myhostname%{_isa} = 0.4 -Conflicts: systemd-shared < %{version}-%{release} +Requires(post): coreutils +Requires(post): sed +Requires(post): grep +Requires(post): /usr/bin/getent %description libs Libraries for systemd and udev. -%package shared -Summary: Internal systemd shared library -License: LGPL-2.1-or-later AND MIT -# in 257.3-6 /usr/lib64/systemd/libsystemd-shared-257.2-14.fc42.so -# was moved from package systemd to systemd-shared. -# Add a conflit to allow downgrades across this change. -Conflicts: systemd < 257.3-6 -Conflicts: systemd-libs < %{version}-%{release} - -%description shared -Internal libraries used by various systemd binaries. - %package pam Summary: systemd PAM module -Requires: systemd = %{version}-%{release} +Requires: %{name} = %{version}-%{release} %description pam Systemd PAM module registers the session with systemd-logind. -%package rpm-macros -Summary: Macros that define paths and scriptlets related to systemd -BuildArch: noarch - -%description rpm-macros -Just the definitions of rpm macros. - -See -https://docs.fedoraproject.org/en-US/packaging-guidelines/Scriptlets/#_systemd -for information how to use those macros. - -%package sysusers -Summary: systemd-sysusers program -Requires: systemd-shared%{_isa} = %{version}-%{release} -Conflicts: systemd-standalone-sysusers -# in 257.3-6 /usr/bin/systemd-sysusers was moved from package systemd -# to systemd-sysusers. Add a conflit to allow downgrades across this change. -Conflicts: systemd < 257.3-6 - -%description sysusers -This package contains the systemd-sysusers program. - %package devel Summary: Development headers for systemd -License: LGPL-2.1-or-later AND MIT -Requires: systemd-libs%{_isa} = %{version}-%{release} -Requires(meta): (systemd-rpm-macros = %{version}-%{release} if rpm-build) +License: LGPLv2+ and MIT +Requires: %{name}-libs%{?_isa} = %{version}-%{release} Provides: libudev-devel = %{version} Provides: libudev-devel%{_isa} = %{version} +Obsoletes: libudev-devel < 183 +# Fake dependency to make sure systemd-pam is pulled into multilib (#1414153) +Requires: %{name}-pam = %{version}-%{release} %description devel Development headers and auxiliary files for developing applications linking @@ -464,555 +196,186 @@ to libudev or libsystemd. %package udev Summary: Rule-based device node and kernel event manager -License: LGPL-2.1-or-later - -Requires: systemd%{_isa} = %{version}-%{release} -Requires(post): systemd%{_isa} = %{version}-%{release} -Requires(preun): systemd%{_isa} = %{version}-%{release} -Requires(postun): systemd%{_isa} = %{version}-%{release} +Requires: %{name}%{?_isa} = %{version}-%{release} +Requires(post): systemd +Requires(preun): systemd +Requires(postun): systemd Requires(post): grep Requires: kmod >= 18-4 +# obsolete parent package so that dnf will install new subpackage on upgrade (#1260394) +Obsoletes: %{name} < 229-5 Provides: udev = %{version} Provides: udev%{_isa} = %{version} -%if 0%{?fedora} || 0%{?rhel} >= 10 -Requires: (grubby > 8.40-72 if grubby) -%endif -%if 0%{?fedora} -Requires: (sdubby > 1.0-3 if sdubby) -%endif -# A backport of systemd-timesyncd is shipped as a separate package in EPEL so -# let's make sure we properly handle that. -%if 0%{?rhel} -Conflicts: systemd-timesyncd < %{version}-%{release} -Obsoletes: systemd-timesyncd < %{version}-%{release} -Provides: systemd-timesyncd = %{version}-%{release} -%endif -Conflicts: systemd-networkd < %{version}-%{release} - -# Libkmod is used to load modules. Assume that if we need udevd, we certainly -# want to load modules, so make this into a hard dependency here. -Requires: libkmod.so.2%{?elf_suffix} -Requires: libkmod.so.2(LIBKMOD_5)%{?elf_bits} -# udev uses libblkid in various builtins so make it a hard dependency. -Requires: libblkid.so.1%{?elf_suffix} -Requires: libblkid.so.1(BLKID_2.30)%{?elf_bits} - -# Recommends to replace normal Requires deps for stuff that is dlopen()ed -# used by dissect, integritysetup, veritysetyp, growfs, repart, cryptenroll, home -Recommends: libcryptsetup.so.12%{?elf_suffix} -Recommends: libcryptsetup.so.12(CRYPTSETUP_2.4)%{?elf_bits} - -# used by systemd-coredump and systemd-analyze -Recommends: libdw.so.1%{?elf_suffix} -Recommends: libdw.so.1(ELFUTILS_0.186)%{?elf_bits} -Recommends: libelf.so.1%{?elf_suffix} -Recommends: libelf.so.1(ELFUTILS_1.7)%{?elf_bits} - -# used by home, cryptsetup, cryptenroll, logind -Recommends: libfido2.so.1%{?elf_suffix} -Recommends: libp11-kit.so.0%{?elf_suffix} -Recommends: libtss2-esys.so.0%{?elf_suffix} -Recommends: libtss2-mu.so.0%{?elf_suffix} -Recommends: libtss2-rc.so.0%{?elf_suffix} - +Obsoletes: udev < 183 # https://bugzilla.redhat.com/show_bug.cgi?id=1377733#c9 -Suggests: systemd-bootchart +Recommends: systemd-bootchart # https://bugzilla.redhat.com/show_bug.cgi?id=1408878 -Requires: kbd - -# https://bugzilla.redhat.com/show_bug.cgi?id=1753381 -Provides: u2f-hidraw-policy = 1.0.2-40 -Obsoletes: u2f-hidraw-policy < 1.0.2-40 - -Conflicts: systemd-standalone-repart -Provides: systemd-repart = %{version}-%{release} - -# Newer versions of those are required to support X11 keycode remapping -Conflicts: xorg-x11-drv-evdev < 2.11.0 -Conflicts: xorg-x11-drv-libinput < 1.5.0 - -%if "%{_sbindir}" == "%{_bindir}" -# Compat symlinks for Requires in other packages. -# We rely on filesystem to create the symlinks for us. -Requires: filesystem(unmerged-sbin-symlinks) -Provides: /usr/sbin/udevadm -%endif +Recommends: kbd +License: LGPLv2+ %description udev -This package contains systemd-udev and the rules and hardware database needed to -manage device nodes. This package is necessary on physical machines and in -virtual machines, but not in containers. - -This package also provides systemd-timesyncd, a network time protocol daemon. - -It also contains tools to manage encrypted home areas and secrets bound to the -machine, and to create or grow partitions and make file systems automatically. - -%package ukify -Summary: Tool to build Unified Kernel Images -Requires: systemd = %{noarch_requires_version} - -Requires: (systemd-boot if %{shrink:( - filesystem(x86-32) or - filesystem(x86-64) or - filesystem(aarch64) or - filesystem(riscv64) -)}) -Requires: python3dist(pefile) -Requires: python3dist(zstandard) -Requires: python3dist(cryptography) -%if 0%{?fedora} -Recommends: python3dist(pillow) -%endif - -# for tests -%ifarch riscv64 -# 2.42 received support for riscv64 + efi targets -%global binutils_version_req >= 2.42 -%endif -BuildRequires: binutils %{?binutils_version_req} - -BuildArch: noarch - -%description ukify -This package provides ukify, a script that combines a kernel image, an initrd, -with a command line, and possibly PCR measurements and other metadata, into a -Unified Kernel Image (UKI). - -%if 0%{?want_bootloader} -%if %{without obs} -%package boot-unsigned -Summary: UEFI boot manager (unsigned version) - -Provides: systemd-boot-unsigned-%{efi_arch} = %version-%release -Provides: systemd-boot = %version-%release -Provides: systemd-boot%{_isa} = %version-%release -# A provides with just the version, no release or dist, used to build systemd-boot -Provides: version(systemd-boot-unsigned) = %version -Provides: version(systemd-boot-unsigned)%{_isa} = %version - -%description boot-unsigned -systemd-boot (short: sd-boot) is a simple UEFI boot manager. It provides a -graphical menu to select the entry to boot and an editor for the kernel command -line. systemd-boot supports systems with UEFI firmware only. - -This package contains the unsigned version. Install systemd-boot instead to get -the version that works with Secure Boot. -%else -%package boot -Summary: UEFI boot manager (signed version) - -Provides: systemd-boot-signed-%{efi_arch} = %version-%release -Provides: systemd-boot = %version-%release -Provides: systemd-boot%{_isa} = %version-%release -# A provides with just the version, no release or dist, used to build systemd-boot -Provides: version(systemd-boot-signed) = %version -Provides: version(systemd-boot-signed)%{_isa} = %version - -%description boot -systemd-boot (short: sd-boot) is a simple UEFI boot manager. It provides a -graphical menu to select the entry to boot and an editor for the kernel command -line. systemd-boot supports systems with UEFI firmware only. - -This package contains the signed version. -%endif -%endif +This package contains systemd-udev and the rules and hardware database +needed to manage device nodes. This package is necessary on physical +machines and in virtual machines, but not in containers. %package container # Name is the same as in Debian Summary: Tools for containers and VMs -Requires: systemd%{_isa} = %{version}-%{release} -Requires(post): systemd%{_isa} = %{version}-%{release} -Requires(preun): systemd%{_isa} = %{version}-%{release} -Requires(postun): systemd%{_isa} = %{version}-%{release} -# For systemd-vmspawn which uses qemu: -Recommends: qemu-kvm-core -%if 0%{?fedora} -Recommends: qemu-device-display-virtio-gpu -Recommends: qemu-device-display-virtio-vga -%endif -# Bias the system towards libcurl-minimal if nothing pulls in full libcurl (#1997040) -Suggests: libcurl-minimal -License: LGPL-2.1-or-later +Requires: %{name}%{?_isa} = %{version}-%{release} +Requires(post): systemd +Requires(preun): systemd +Requires(postun): systemd +# obsolete parent package so that dnf will install new subpackage on upgrade (#1260394) +Obsoletes: %{name} < 229-5 +License: LGPLv2+ %description container Systemd tools to spawn and manage containers and virtual machines. -This package contains systemd-nspawn, systemd-vmspawn, machinectl, -systemd-machined, and systemd-importd. +This package contains systemd-nspawn, machinectl, systemd-machined, +and systemd-importd. %package journal-remote # Name is the same as in Debian Summary: Tools to send journal events over the network -Requires: systemd%{_isa} = %{version}-%{release} -License: LGPL-2.1-or-later +Requires: %{name}%{?_isa} = %{version}-%{release} +License: LGPLv2+ +Requires(pre): /usr/bin/getent +Requires(post): systemd +Requires(preun): systemd +Requires(postun): systemd Requires: firewalld-filesystem -Provides: systemd-journal-gateway = %{version}-%{release} -Provides: systemd-journal-gateway%{_isa} = %{version}-%{release} -# Bias the system towards libcurl-minimal if nothing pulls in full libcurl (#1997040) -Suggests: libcurl-minimal +Provides: %{name}-journal-gateway = %{version}-%{release} +Provides: %{name}-journal-gateway%{_isa} = %{version}-%{release} +Obsoletes: %{name}-journal-gateway < 227-7 %description journal-remote -Programs to forward journal entries over the network, using encrypted HTTP, and -to write journal files from serialized journal contents. +Programs to forward journal entries over the network, using encrypted HTTP, +and to write journal files from serialized journal contents. -This package contains systemd-journal-gatewayd, systemd-journal-remote, and -systemd-journal-upload. - -%package networkd -Summary: System daemon that manages network configurations -Requires: systemd%{_isa} = %{version}-%{release} -%{?fedora:Recommends: systemd-udev = %{version}-%{release}} -Conflicts: systemd-udev < %{version}-%{release} -License: LGPL-2.1-or-later - -%description networkd -systemd-networkd is a system service that manages networks. It detects and -configures network devices as they appear, as well as creating virtual network -devices. - -%package networkd-defaults -Summary: Configure network interfaces with networkd by default -Requires: systemd-networkd = %{noarch_requires_version} -License: MIT-0 -BuildArch: noarch - -%description networkd-defaults -This package contains a set of config files for systemd-networkd that cause it -to configure network interfaces by default. Note that systemd-networkd needs to -enabled for this to have any effect. - -%package resolved -Summary: Network Name Resolution manager -Requires: systemd%{_isa} = %{version}-%{release} -Requires: libidn2.so.0%{?elf_suffix} -Requires: libidn2.so.0(IDN2_0.0.0)%{?elf_bits} -Requires(posttrans): grep - -%description resolved -systemd-resolved is a system service that provides network name resolution to -local applications. It implements a caching and validating DNS/DNSSEC stub -resolver, as well as an LLMNR and MulticastDNS resolver and responder. - -%package oomd-defaults -Summary: Configuration files for systemd-oomd -Requires: systemd-udev = %{noarch_requires_version} -License: LGPL-2.1-or-later -BuildArch: noarch - -%description oomd-defaults -A set of drop-in files for systemd units to enable action from systemd-oomd, -a userspace out-of-memory (OOM) killer. +This package contains systemd-journal-gatewayd, +systemd-journal-remote, and systemd-journal-upload. %package tests Summary: Internal unit tests for systemd -Requires: systemd%{_isa} = %{version}-%{release} -# This dependency is provided transitively. Also add it explicitly to -# appease rpminspect, https://github.com/rpminspect/rpminspect/issues/1231: -Requires: systemd-libs%{_isa} = %{version}-%{release} -Requires: python3dist(psutil) - -License: LGPL-2.1-or-later +Requires: %{name}%{?_isa} = %{version}-%{release} +License: LGPLv2+ %description tests -Systemd unit tests used to test the internal implementation after a build. -Different binaries test different parts of the codebase. - -%package standalone-repart -Summary: Standalone systemd-repart binary for use on systems without systemd -Provides: systemd-repart = %{version}-%{release} -Conflicts: systemd-udev -Suggests: coreutils-single -RemovePathPostfixes: .standalone - -%description standalone-repart -Standalone systemd-repart binary with no dependencies on the systemd-shared -library or other libraries from systemd-libs. This package conflicts with the -main systemd package and is meant for use on systems without systemd. - -%package standalone-tmpfiles -Summary: Standalone systemd-tmpfiles binary for use on systems without systemd -Provides: systemd-tmpfiles = %{version}-%{release} -Conflicts: systemd -Suggests: coreutils-single -RemovePathPostfixes: .standalone - -%description standalone-tmpfiles -Standalone systemd-tmpfiles binary with no dependencies on the systemd-shared -library or other libraries from systemd-libs. This package conflicts with the -main systemd package and is meant for use on systems without systemd. - -%package standalone-sysusers -Summary: Standalone systemd-sysusers binary for use on systems without systemd -Provides: systemd-sysusers = %{version}-%{release} -Suggests: coreutils-single -RemovePathPostfixes: .standalone - -%description standalone-sysusers -Standalone systemd-sysusers binary with no dependencies on the systemd-shared -library or other libraries from systemd-libs. This package conflicts with the -main systemd package and is meant for use on systems without systemd. - -%package standalone-shutdown -Summary: Standalone systemd-shutdown binary for use in exitrds -Provides: systemd-shutdown = %{version}-%{release} -Conflicts: systemd -Suggests: coreutils-single -RemovePathPostfixes: .standalone - -%description standalone-shutdown -Standalone systemd-shutdown binary with no dependencies on the systemd-shared -library or other libraries from systemd-libs. This package conflicts with the -main systemd package and is meant for use in exitrds. +"Installed tests" that are usually run as part of the build system. +They can be useful to test systemd internals. %prep -%if %{with obs} -# Recipe files in the OBS build are in a distro-specific dir, as they conflict (e.g. with SUSE ones) -mv %{_sourcedir}/%{name}.fedora/* %{_sourcedir} +%setup -q %{?gitcommit:-n %{name}-stable-%{gitcommit}} + +%if 0%{?dlrn} == 0 +%if %{num_patches} + git init + git config user.email "systemd-maint@redhat.com" + git config user.name "Fedora systemd team" + git add . + git commit -a -q -m "%{version} baseline." + + # Apply all the patches. + git am %{patches} %endif -# Automatically figure out the name of the top-level directory. -# TODO: Use %%autosetup -C once we can depend on rpm >= 4.20. -%if %{undefined _build_in_place} -%autosetup -n %(tar -tf %{SOURCE0} 2>/dev/null | head -n1) -p1 %endif -# Disable user lockdown until rpm implements it natively. -# https://github.com/rpm-software-management/rpm/issues/3450 -sed -r -i 's/^u!/u/' sysusers.d/*.conf* +# Restore systemd-user pam config from before "removal of Fedora-specific bits" +cp -p %{SOURCE12} src/login/ %build -%global ntpvendor %(source /etc/os-release; echo ${ID}) +%define ntpvendor %(source /etc/os-release; echo ${ID}) %{!?ntpvendor: echo 'NTP vendor zone is not set!'; exit 1} -VMLINUX_H_PATH='' - -%if 0%{?have_bpf} - -%global find_vmlinux_h %{expand: -import functools, glob, subprocess -def cmp(a, b): - c = subprocess.call(["rpmdev-vercmp", a, b], stdout=subprocess.DEVNULL) - return {0:0, 11:+1, 12:-1}[c] -choices = list(glob.glob("/usr/src/kernels/*/vmlinux.h")) -assert choices -print(max(choices, key=functools.cmp_to_key(cmp))) -} - -# The build fails on ppc64le with -# "GCC error "Must specify a BPF target arch via __TARGET_ARCH_xxx". -# TODO: Remove this when libbpf checks for __powerpc64__ macro. -%ifnarch ppc64le -VMLINUX_H_PATH=$(%python3 -c '%find_vmlinux_h') -%endif -%endif - CONFIGURE_OPTS=( - -Dmode=release - -Dslow-tests=true -Dsysvinit-path=/etc/rc.d/init.d -Drc-local=/etc/rc.d/rc.local -Dntp-servers='0.%{ntpvendor}.pool.ntp.org 1.%{ntpvendor}.pool.ntp.org 2.%{ntpvendor}.pool.ntp.org 3.%{ntpvendor}.pool.ntp.org' - -Ddns-servers= - -Dservice-watchdog= -Ddev-kvm-mode=0666 - -Dkmod=enabled - -Dxkbcommon=enabled - -Dblkid=enabled - -Dfdisk=enabled - -Dseccomp=enabled + -Dkmod=true + -Dxkbcommon=true + -Dblkid=true + -Dseccomp=true -Dima=true - -Dselinux=enabled - -Dbpf-framework=%[0%{?have_bpf}?"enabled":"disabled"] - -Dvmlinux-h=%[0%{?have_bpf}?"auto":"disabled"] - -Dvmlinux-h-path="$VMLINUX_H_PATH" - -Dapparmor=disabled - -Dpolkit=enabled - -Dxz=%[%{with xz}?"enabled":"disabled"] - -Dzlib=%[%{with zlib}?"enabled":"disabled"] - -Dbzip2=%[%{with bzip2}?"enabled":"disabled"] - -Dlz4=%[%{with lz4}?"enabled":"disabled"] - -Dzstd=%[%{with zstd}?"enabled":"disabled"] - -Dpam=enabled - -Dacl=enabled + -Dselinux=true + -Dapparmor=false + -Dpolkit=true + -Dxz=true + -Dzlib=true + -Dbzip2=true + -Dlz4=true + -Dpam=true + -Dacl=true -Dsmack=true - -Dopenssl=enabled - -Dp11kit=enabled - -Dgcrypt=disabled - -Daudit=enabled - -Delfutils=enabled - -Dlibcryptsetup=%[%{with bootstrap}?"disabled":"enabled"] - -Delfutils=enabled - -Drepart=enabled - -Dpwquality=enabled - -Dqrencode=%[%{defined rhel}?"disabled":"enabled"] - -Dgnutls=%[%{with gnutls}?"enabled":"disabled"] - -Dmicrohttpd=enabled - -Dvmspawn=enabled - -Dlibidn2=enabled - -Dlibiptc=disabled - -Dlibcurl=enabled - -Dlibfido2=enabled - -Dxenctrl=%[0%{?have_xen}?"enabled":"disabled"] + -Dgcrypt=true + -Daudit=true + -Delfutils=true + -Dlibcryptsetup=true + -Delfutils=true + -Dqrencode=true + -Dgnutls=true + -Dmicrohttpd=true + -Dlibidn2=true + -Dlibiptc=true + -Dlibcurl=true -Defi=true - -Dsysupdate=enabled - -Dsysupdated=enabled + -Dgnu-efi=%{?have_gnu_efi:true}%{?!have_gnu_efi:false} -Dtpm=true - -Dtpm2=enabled -Dhwdb=true -Dsysusers=true - -Dstandalone-binaries=true -Ddefault-kill-user-processes=false - -Dfirst-boot-full-preset=true - -Ddefault-network=true -Dtests=unsafe -Dinstall-tests=true + -Dtty-gid=5 + -Dusers-gid=100 -Dnobody-user=nobody -Dnobody-group=nobody - -Dcompat-mutable-uid-boundaries=true + -Dsplit-usr=false -Dsplit-bin=true - -Db_ndebug=false - -Dman=%[%{with docs}?"enabled":"disabled"] - -Dversion-tag=%{version}%[%{without upstream}?"-%{release}":""] - # https://bugzilla.redhat.com/show_bug.cgi?id=1906010 - -Dshared-lib-tag=%{version_no_tilde}%[%{without upstream}?"-%{release}":""] - -Dlink-executor-shared=false - -Dfallback-hostname="localhost" - -Ddefault-dnssec=no - -Ddefault-dns-over-tls=no - # https://bugzilla.redhat.com/show_bug.cgi?id=1867830 - -Ddefault-mdns=no - -Ddefault-llmnr=resolve - # https://bugzilla.redhat.com/show_bug.cgi?id=2028169 - -Dstatus-unit-format-default=combined -%if 0%{?fedora} - # https://fedoraproject.org/wiki/Changes/Shorter_Shutdown_Timer - -Ddefault-timeout-sec=45 - -Ddefault-user-timeout-sec=45 -%endif - -Dconfigfiledir=/usr/lib - -Doomd=true - - -Dadm-gid=4 - -Dtty-gid=5 - -Ddisk-gid=6 - -Dlp-gid=7 - -Dkmem-gid=9 - -Dwheel-gid=10 - -Dcdrom-gid=11 - -Ddialout-gid=18 - -Dutmp-gid=22 - -Dtape-gid=33 - -Dkvm-gid=36 - -Dvideo-gid=39 - -Daudio-gid=63 - -Dusers-gid=100 - -Dinput-gid=104 - -Drender-gid=105 - -Dsgx-gid=106 - -Dsystemd-journal-gid=190 - -Dsystemd-network-uid=192 - -Dsystemd-resolve-uid=193 - # -Dsystemd-timesync-uid=, not set yet - - # Make sure we use the original paths to maintain compatibility - # with unmerged systems - -Dquotaon-path=/usr/sbin/quotaon - -Dquotacheck-path=/usr/sbin/quotacheck - -Dkmod-path=/usr/bin/kmod - -Dkexec-path=/usr/sbin/kexec - -Dsulogin-path=/usr/sbin/sulogin - -Dmount-path=/usr/bin/mount - -Dumount-path=/usr/bin/umount - -Dloadkeys-path=/usr/bin/loadkeys - -Dsetfont-path=/usr/bin/setfont - -Dnologin-path=/usr/sbin/nologin - - # For now, let's build the bootloader in the same places where we - # built with gnu-efi. Later on, we might want to extend coverage, but - # considering that that support is untested, let's not do this now. - -Dbootloader=%[%{?want_bootloader}?"enabled":"disabled"] - -Dukify=enabled -%if 0%{?want_bootloader} && %{with obs} - -Dsbat-distro-url=https://github.com/systemd/systemd - -Dsbat-distro=upstream - -Dsbat-distro-summary='Upstream build from git' -%endif + -Db_lto=false ) -%if %{without lto} -%global _lto_cflags %nil -%endif - -{ %meson "${CONFIGURE_OPTS[@]}" %{?meson_extra_configure_options} ; } - +%meson "${CONFIGURE_OPTS[@]}" %meson_build -# If dynamic spec generation is available, directly pick up the triggers -# from the build directory for upstream builds. -%if %{with upstream} && (0%{?fedora} >= 41 || 0%{?rhel} >= 11) -# Include the triggers -cp %{_vpath_builddir}/src/rpm/triggers.systemd.sh %{specpartsdir}/triggers.specpart -%else -new_triggers=%{_vpath_builddir}/src/rpm/triggers.systemd.sh -if ! diff -u %{SOURCE1} ${new_triggers}; then +if diff %{SOURCE1} %{_vpath_builddir}/triggers.systemd; then echo -e "\n\n\nWARNING: triggers.systemd in Source1 is different!" - echo -e " cp $PWD/${new_triggers} %{SOURCE1}\n\n\n" - sleep 5 + echo -e " cp %{_vpath_builddir}/triggers.systemd %{SOURCE1}\n\n\n" fi -%endif - -sed -r 's|/system/|/user/|g' %{SOURCE16} >10-timeout-abort.conf.user %install %meson_install # udev links -%if "%{_sbindir}" != "%{_bindir}" mkdir -p %{buildroot}/%{_sbindir} ln -sf ../bin/udevadm %{buildroot}%{_sbindir}/udevadm -%endif # Compatiblity and documentation files touch %{buildroot}/etc/crypttab chmod 600 %{buildroot}/etc/crypttab -# Config files that were moved under /usr. -# We need to %ghost them so that they are not removed on upgrades. -touch %{buildroot}/etc/systemd/coredump.conf \ - %{buildroot}/etc/systemd/homed.conf \ - %{buildroot}/etc/systemd/journald.conf \ - %{buildroot}/etc/systemd/journal-remote.conf \ - %{buildroot}/etc/systemd/journal-upload.conf \ - %{buildroot}/etc/systemd/logind.conf \ - %{buildroot}/etc/systemd/networkd.conf \ - %{buildroot}/etc/systemd/oomd.conf \ - %{buildroot}/etc/systemd/pstore.conf \ - %{buildroot}/etc/systemd/resolved.conf \ - %{buildroot}/etc/systemd/sleep.conf \ - %{buildroot}/etc/systemd/system.conf \ - %{buildroot}/etc/systemd/timesyncd.conf \ - %{buildroot}/etc/systemd/user.conf \ - %{buildroot}/etc/udev/udev.conf \ - %{buildroot}/etc/udev/iocost.conf - # /etc/initab -install -Dm0644 -t %{buildroot}/etc/ %{SOURCE6} +install -Dm0644 -t %{buildroot}/etc/ %{SOURCE5} # /etc/sysctl.conf compat -install -Dm0644 %{SOURCE7} %{buildroot}/etc/sysctl.conf +install -Dm0644 %{SOURCE6} %{buildroot}/etc/sysctl.conf ln -s ../sysctl.conf %{buildroot}/etc/sysctl.d/99-sysctl.conf +# We create all wants links manually at installation time to make sure +# they are not owned and hence overriden by rpm after the user deleted +# them. +rm -r %{buildroot}%{_sysconfdir}/systemd/system/*.target.wants + # Make sure these directories are properly owned mkdir -p %{buildroot}%{system_unit_dir}/basic.target.wants mkdir -p %{buildroot}%{system_unit_dir}/default.target.wants mkdir -p %{buildroot}%{system_unit_dir}/dbus.target.wants mkdir -p %{buildroot}%{system_unit_dir}/syslog.target.wants -mkdir -p %{buildroot}/run +mkdir -p %{buildroot}%{_localstatedir}/run mkdir -p %{buildroot}%{_localstatedir}/log -touch %{buildroot}%{_localstatedir}/log/lastlog -chmod 0664 %{buildroot}%{_localstatedir}/log/lastlog -touch %{buildroot}/run/utmp +touch %{buildroot}%{_localstatedir}/run/utmp touch %{buildroot}%{_localstatedir}/log/{w,b}tmp # Make sure the user generators dir exists too @@ -1028,7 +391,6 @@ touch %{buildroot}%{_sysconfdir}/machine-info touch %{buildroot}%{_sysconfdir}/localtime mkdir -p %{buildroot}%{_sysconfdir}/X11/xorg.conf.d touch %{buildroot}%{_sysconfdir}/X11/xorg.conf.d/00-keyboard.conf -install -d -m 0700 %{buildroot}%{_sysconfdir}/userdb # Make sure the shutdown/sleep drop-in dirs exist mkdir -p %{buildroot}%{pkgdir}/system-shutdown/ @@ -1044,325 +406,230 @@ mkdir -p %{buildroot}%{_localstatedir}/lib/private mkdir -p %{buildroot}%{_localstatedir}/log/private mkdir -p %{buildroot}%{_localstatedir}/cache/private mkdir -p %{buildroot}%{_localstatedir}/lib/private/systemd/journal-upload -mkdir -p %{buildroot}%{_localstatedir}/lib/systemd/timesync +mkdir -p %{buildroot}%{_localstatedir}/lib/private/systemd/timesync ln -s ../private/systemd/journal-upload %{buildroot}%{_localstatedir}/lib/systemd/journal-upload +ln -s ../private/systemd/timesync %{buildroot}%{_localstatedir}/lib/systemd/timesync mkdir -p %{buildroot}%{_localstatedir}/log/journal touch %{buildroot}%{_localstatedir}/lib/systemd/catalog/database touch %{buildroot}%{_sysconfdir}/udev/hwdb.bin touch %{buildroot}%{_localstatedir}/lib/systemd/random-seed -touch %{buildroot}%{_localstatedir}/lib/systemd/timesync/clock +touch %{buildroot}%{_localstatedir}/lib/private/systemd/timesync/clock touch %{buildroot}%{_localstatedir}/lib/private/systemd/journal-upload/state -# Install yum protection config. Old location in /etc. -mkdir -p %{buildroot}/etc/dnf/protected.d/ -cat >%{buildroot}/etc/dnf/protected.d/systemd.conf <%{buildroot}/usr/share/dnf5/libdnf.conf.d/protect-systemd.conf <= 42 -install -m 0644 -D %{SOURCE21} %{buildroot}%{_rpmconfigdir}/macros.d/macros.sysusers -%else -install -m 0644 -D %{SOURCE20} %{buildroot}%{_rpmconfigdir}/macros.d/macros.sysusers -# Use rpm's own sysusers provides where available -%if ! (0%{?fedora} >= 39 || 0%{?rhel} >= 10) -install -m 0644 -D -t %{buildroot}%{_rpmconfigdir}/fileattrs/ %{SOURCE22} -install -m 0755 -D -t %{buildroot}%{_rpmconfigdir}/ %{SOURCE23} -%endif -install -m 0755 -D -t %{buildroot}%{_rpmconfigdir}/ %{SOURCE24} -%endif - -# https://bugzilla.redhat.com/show_bug.cgi?id=2107754 -install -Dm0644 -t %{buildroot}%{_prefix}/lib/systemd/network/ %{SOURCE25} - -%if 0%{?fedora} || 0%{?rhel} >= 10 -ln -s --relative %{buildroot}%{_bindir}/kernel-install %{buildroot}%{_sbindir}/installkernel -%endif - -%if "%{_sbindir}" == "%{_bindir}" -# Systemd has the split-sbin option which is also used to select the directory -# for alias symlinks. We need to keep split-sbin=true for now, to support -# unmerged systems. Move the symlinks here instead. -mv -v %{buildroot}/usr/sbin/* %{buildroot}%{_bindir}/ -%endif - -%if 0%{?fedora} >= 41 -%if %{without upstream} -# This requires https://pagure.io/setup/pull-request/50 -# and https://src.fedoraproject.org/rpms/setup/pull-request/10. -# We skip this on upstream builds so that new users and groups -# can be added without breaking the build. -%if 0%{?fedora} >= 43 -IGNORED=empower \ - %{python3} %{SOURCE4} /usr/lib/sysusers.d/setup.conf %{buildroot}/usr/lib/sysusers.d/basic.conf -%else -%{python3} %{SOURCE4} /usr/lib/sysusers.d/20-setup-{users,groups}.conf %{buildroot}/usr/lib/sysusers.d/basic.conf -%endif -%endif -sed -n -r -i '1,7p; /can .do.|empower/p' %{buildroot}/usr/lib/sysusers.d/basic.conf -%endif - -# Disable sshd_config.d/20-systemd-userdb.conf for now. -# This option may override an existing AuthorizedKeysCommand setting -# (or be ineffective, depending on the order of configuration). -# See https://github.com/systemd/systemd/issues/33648. -rm %{buildroot}/etc/ssh/sshd_config.d/20-systemd-userdb.conf -mv %{buildroot}/usr/lib/tmpfiles.d/20-systemd-userdb.conf{,.example} - -install -m 0644 -t %{buildroot}%{_prefix}/lib/pam.d/ %{SOURCE26} - %find_lang %{name} -# Split files in build root into rpms -python3 %{SOURCE2} %buildroot %{!?want_bootloader:--no-bootloader} - -# Stage sd-boot binaries for signing -%if %{with obs} && 0%{?want_bootloader} -BRP_PESIGN_FILES=/usr/lib/systemd/boot/efi/systemd-boot%{efi_arch}.efi BRP_PESIGN_PACKAGES=systemd-boot /usr/lib/rpm/brp-suse.d/brp-99-pesign -%endif +# Split files in build root into rpms. See split-files.py for the +# rules towards the end, anything which is an exception needs a line +# here. +python3 %{SOURCE2} %buildroot </dev/null || groupadd -r -g 11 cdrom &>/dev/null || : +getent group utmp &>/dev/null || groupadd -r -g 22 utmp &>/dev/null || : +getent group tape &>/dev/null || groupadd -r -g 33 tape &>/dev/null || : +getent group dialout &>/dev/null || groupadd -r -g 18 dialout &>/dev/null || : +getent group input &>/dev/null || groupadd -r input &>/dev/null || : +getent group kvm &>/dev/null || groupadd -r -g 36 kvm &>/dev/null || : +getent group render &>/dev/null || groupadd -r render &>/dev/null || : +getent group systemd-journal &>/dev/null || groupadd -r -g 190 systemd-journal 2>&1 || : + +getent group systemd-coredump &>/dev/null || groupadd -r systemd-coredump 2>&1 || : +getent passwd systemd-coredump &>/dev/null || useradd -r -l -g systemd-coredump -d / -s /sbin/nologin -c "systemd Core Dumper" systemd-coredump &>/dev/null || : + +getent group systemd-network &>/dev/null || groupadd -r -g 192 systemd-network 2>&1 || : +getent passwd systemd-network &>/dev/null || useradd -r -u 192 -l -g systemd-network -d / -s /sbin/nologin -c "systemd Network Management" systemd-network &>/dev/null || : + +getent group systemd-resolve &>/dev/null || groupadd -r -g 193 systemd-resolve 2>&1 || : +getent passwd systemd-resolve &>/dev/null || useradd -r -u 193 -l -g systemd-resolve -d / -s /sbin/nologin -c "systemd Resolver" systemd-resolve &>/dev/null || : %post systemd-machine-id-setup &>/dev/null || : - -[ $1 -eq 1 ] || exit 0 - -# create /var/log/journal only on initial installation, -# and only if it's writable (it won't be in rpm-ostree). -[ -w %{_localstatedir} ] && mkdir -p %{_localstatedir}/log/journal - -[ -w %{_localstatedir} ] && journalctl --update-catalog || : -systemd-sysusers || : +systemctl daemon-reexec &>/dev/null || : +journalctl --update-catalog &>/dev/null || : systemd-tmpfiles --create &>/dev/null || : -# We reset the enablement of all services upon initial installation -# https://bugzilla.redhat.com/show_bug.cgi?id=1118740#c23 -# This will fix up enablement of any preset services that got installed -# before systemd due to rpm ordering problems: -# https://bugzilla.redhat.com/show_bug.cgi?id=1647172. -# We also do this for user units, see -# https://fedoraproject.org/wiki/Changes/Systemd_presets_for_user_units. -systemctl preset-all &>/dev/null || : -systemctl --global preset-all &>/dev/null || : - -%posttrans -if [ $1 -ge 2 ]; then - [ -w %{_localstatedir} ] && journalctl --update-catalog || : - - systemctl daemon-reexec || : - - systemd-tmpfiles --create &>/dev/null || : +if [ $1 -eq 1 ] ; then + # create /var/log/journal only on initial installation + mkdir -p %{_localstatedir}/log/journal fi -%systemd_posttrans_with_restart systemd-timedated.service systemd-hostnamed.service systemd-journald.service systemd-localed.service systemd-userdbd.service +# Make sure new journal files will be owned by the "systemd-journal" group +chgrp systemd-journal /run/log/journal/ /run/log/journal/`cat /etc/machine-id 2>/dev/null` /var/log/journal/ /var/log/journal/`cat /etc/machine-id 2>/dev/null` &>/dev/null || : +chmod g+s /run/log/journal/ /run/log/journal/`cat /etc/machine-id 2>/dev/null` /var/log/journal/ /var/log/journal/`cat /etc/machine-id 2>/dev/null` &>/dev/null || : -# FIXME: systemd-logind.service is excluded (https://github.com/systemd/systemd/pull/17558) +# Apply ACL to the journal directory +setfacl -Rnm g:wheel:rx,d:g:wheel:rx,g:adm:rx,d:g:adm:rx /var/log/journal/ &>/dev/null || : -# This is the expanded form of %%systemd_user_daemon_reexec. We -# can't use the macro because we define it ourselves. -if [ $1 -ge 2 ] && [ -x "/usr/lib/systemd/systemd-update-helper" ]; then - # Package upgrade, not uninstall - /usr/lib/systemd/systemd-update-helper user-reexec || : +# Stop-gap until rsyslog.rpm does this on its own. (This is supposed +# to fail when the link already exists) +ln -s /usr/lib/systemd/system/rsyslog.service /etc/systemd/system/syslog.service &>/dev/null || : + +# Remove spurious /etc/fstab entries from very old installations +# https://bugzilla.redhat.com/show_bug.cgi?id=1009023 +if [ -e /etc/fstab ]; then + grep -v -E -q '^(devpts|tmpfs|sysfs|proc)' /etc/fstab || \ + sed -i.rpm.bak -r '/^devpts\s+\/dev\/pts\s+devpts\s+defaults\s+/d; /^tmpfs\s+\/dev\/shm\s+tmpfs\s+defaults\s+/d; /^sysfs\s+\/sys\s+sysfs\s+defaults\s+/d; /^proc\s+\/proc\s+proc\s+defaults\s+/d' /etc/fstab || : fi -%triggerun -- systemd < 256 -# This is for upgrades from previous versions before systemd restart was moved to %%postun -systemctl daemon-reexec || : +# Services we install by default, and which are controlled by presets. +if [ $1 -eq 1 ] ; then + systemctl preset --quiet \ + remote-fs.target \ + getty@.service \ + serial-getty@.service \ + console-getty.service \ + debug-shell.service \ + systemd-networkd.service \ + systemd-networkd-wait-online.service \ + systemd-resolved.service \ + >/dev/null || : +fi -%triggerpostun -- systemd < 253~rc1-2 -# This is for upgrades from previous versions where systemd-journald-audit.socket -# had a static enablement symlink. -# We use %%triggerpostun here because rpm doesn't allow a second %%triggerun with -# a different package version. -systemctl --no-reload preset systemd-journald-audit.socket &>/dev/null || : +# remove obsolete systemd-readahead file +rm -f /.readahead &>/dev/null || : -%global udev_services %{shrink: - cryptsetup-pre.target - cryptsetup.target - hibernate.target - hybrid-sleep.target - initrd-cleanup.service - initrd-fs.target - initrd-parse-etc.service - initrd-root-device.target - initrd-root-fs.target - initrd-switch-root.service - initrd-switch-root.target - initrd-udevadm-cleanup-db.service - initrd-usr-fs.target - initrd.target - integritysetup-pre.target - integritysetup.target - kmod-static-nodes.service - proc-sys-fs-binfmt_misc.automount - proc-sys-fs-binfmt_misc.mount - quotaon-root.service - quotaon@.service - remote-cryptsetup.target - remote-veritysetup.target - sleep.target - suspend-then-hibernate.target - suspend.target - system-systemd\\x2dcryptsetup.slice - system-systemd\\x2dveritysetup.slice - systemd-backlight@.service - systemd-binfmt.service - systemd-bless-boot.service - systemd-bsod.service - systemd-coredump.socket - systemd-coredump@.service - systemd-fsck-root.service - systemd-fsck@.service - systemd-growfs-root.service - systemd-growfs@.service - systemd-hibernate-clear.service - systemd-hibernate-resume.service - systemd-hibernate.service - systemd-homed-activate.service - systemd-homed-firstboot.service - systemd-homed.service - systemd-hwdb-update.service - systemd-hybrid-sleep.service - systemd-modules-load.service - systemd-network-generator.service - systemd-oomd.service - systemd-oomd.socket - systemd-pcrextend.socket - systemd-pcrextend@.service - systemd-pcrfs-root.service - systemd-pcrfs@.service - systemd-pcrlock-file-system.service - systemd-pcrlock-firmware-code.service - systemd-pcrlock-firmware-config.service - systemd-pcrlock-machine-id.service - systemd-pcrlock-make-policy.service - systemd-pcrlock-secureboot-authority.service - systemd-pcrlock-secureboot-policy.service - systemd-pcrlock.socket - systemd-pcrlock@.service - systemd-pcrmachine.service - systemd-pcrphase-initrd.service - systemd-pcrphase-sysinit.service - systemd-pcrphase.service - systemd-portabled.service - systemd-pstore.service - systemd-quotacheck-root.service - systemd-quotacheck@.service - systemd-random-seed.service - systemd-remount-fs.service - systemd-repart.service - systemd-rfkill.service - systemd-rfkill.socket - systemd-suspend-then-hibernate.service - systemd-suspend.service - systemd-sysctl.service - systemd-timesyncd.service - systemd-tmpfiles-setup-dev-early.service - systemd-tmpfiles-setup-dev.service - systemd-udev-load-credentials.service - systemd-udev-settle.service - systemd-udev-trigger.service - systemd-udevd-control.socket - systemd-udevd-kernel.socket - systemd-udevd.service - systemd-vconsole-setup.service - systemd-volatile-root.service - veritysetup-pre.target - veritysetup.target - %{?want_bootloader: - systemd-boot-random-seed.service - systemd-boot-update.service - systemd-bootctl.socket - systemd-bootctl@.service - } - } +%preun +if [ $1 -eq 0 ] ; then + systemctl disable --quiet \ + remote-fs.target \ + getty@.service \ + serial-getty@.service \ + console-getty.service \ + debug-shell.service \ + systemd-readahead-replay.service \ + systemd-readahead-collect.service \ + systemd-networkd.service \ + systemd-networkd-wait-online.service \ + systemd-resolved.service \ + >/dev/null || : + + rm -f /etc/systemd/system/default.target &>/dev/null || : +fi + +%post libs +%{?ldconfig} + +if [ -f /etc/nsswitch.conf ] ; then + # sed-fu to add myhostanme to hosts line + grep -v -E -q '^hosts:.* myhostname' /etc/nsswitch.conf && + sed -i.bak -e ' + /^hosts:/ !b + /\/ b + s/[[:blank:]]*$/ myhostname/ + ' /etc/nsswitch.conf &>/dev/null || : + + # remove mymachines from passwd and group lines of /etc/nsswitch.conf + # https://bugzilla.redhat.com/show_bug.cgi?id=1284325 + # https://meetbot.fedoraproject.org/fedora-meeting/2015-11-25/fesco.2015-11-25-18.00.html + # To avoid the removal, e.g. add a space at the end of the line. + grep -E -q '^(passwd|group):.* mymachines$' /etc/nsswitch.conf && + sed -i.bak -r -e ' + s/^(passwd:.*) mymachines$/\1/; + s/^(group:.*) mymachines$/\1/; + ' /etc/nsswitch.conf &>/dev/null || : + + # Add [!UNAVAIL=return] after resolve + grep -E -q '^hosts:.*resolve[[:space:]]*($|[[:alpha:]])' /etc/nsswitch.conf && + sed -i.bak -e ' + /^hosts:/ { s/resolve/& [!UNAVAIL=return]/} + ' /etc/nsswitch.conf &>/dev/null || : + + # Add nss-systemd to passwd and group + grep -E -q '^(passwd|group):.* systemd' /etc/nsswitch.conf || + sed -i.bak -r -e ' + s/^(passwd|group):(.*)/\1: \2 systemd/ + ' /etc/nsswitch.conf &>/dev/null || : +fi + +# check if nobody or nfsnobody is defined +export SYSTEMD_NSS_BYPASS_SYNTHETIC=1 +if getent passwd nfsnobody &>/dev/null; then + test -f /etc/systemd/dont-synthesize-nobody || { + echo 'Detected system with nfsnobody defined, creating /etc/systemd/dont-synthesize-nobody' + mkdir -p /etc/systemd || : + : >/etc/systemd/dont-synthesize-nobody || : + } +elif getent passwd nobody 2>/dev/null | grep -v 'nobody:[x*]:65534:65534:.*:/:/sbin/nologin' &>/dev/null; then + test -f /etc/systemd/dont-synthesize-nobody || { + echo 'Detected system with incompatible nobody defined, creating /etc/systemd/dont-synthesize-nobody' + mkdir -p /etc/systemd || : + : >/etc/systemd/dont-synthesize-nobody || : + } +fi + +%{?ldconfig:%postun libs -p %ldconfig} + +%global udev_services systemd-udev{d,-settle,-trigger}.service systemd-udevd-{control,kernel}.socket systemd-timesyncd.service %post udev # Move old stuff around in /var/lib mv %{_localstatedir}/lib/random-seed %{_localstatedir}/lib/systemd/random-seed &>/dev/null mv %{_localstatedir}/lib/backlight %{_localstatedir}/lib/systemd/backlight &>/dev/null -if [ -L %{_localstatedir}/lib/systemd/timesync ]; then - rm %{_localstatedir}/lib/systemd/timesync - mv %{_localstatedir}/lib/private/systemd/timesync %{_localstatedir}/lib/systemd/timesync -fi -if [ -f %{_localstatedir}/lib/systemd/clock ]; then - mkdir -p %{_localstatedir}/lib/systemd/timesync - mv %{_localstatedir}/lib/systemd/clock %{_localstatedir}/lib/systemd/timesync/. -fi - -systemd-hwdb update &>/dev/null +udevadm hwdb --update &>/dev/null %systemd_post %udev_services - -# Try to save the random seed, but don't complain if /dev/urandom is unavailable -/usr/lib/systemd/systemd-random-seed save 2>&1 | \ - grep -v 'Failed to open /dev/urandom' || : +/usr/lib/systemd/systemd-random-seed save 2>&1 # Replace obsolete keymaps # https://bugzilla.redhat.com/show_bug.cgi?id=1151958 @@ -1371,20 +638,32 @@ grep -q -E '^KEYMAP="?fi-latin[19]"?' /etc/vconsole.conf 2>/dev/null && %preun udev %systemd_preun %udev_services +if [ $1 -eq 1 ] ; then + if [ -f %{_localstatedir}/lib/systemd/clock ] ; then + mkdir -p %{_localstatedir}/lib/private/systemd/timesync + mv %{_localstatedir}/lib/systemd/clock %{_localstatedir}/lib/private/systemd/timesync/. + fi +fi -%posttrans udev -# Restart some services. +%postun udev +# Only restart systemd-udev, to run the upgraded dameon. # Others are either oneshot services, or sockets, and restarting them causes issues (#1378974) -%systemd_posttrans_with_restart systemd-udevd.service systemd-timesyncd.service systemd-homed.service systemd-oomd.service systemd-portabled.service +%systemd_postun_with_restart systemd-udevd.service + +%pre journal-remote +getent group systemd-journal-remote &>/dev/null || groupadd -r systemd-journal-remote 2>&1 || : +getent passwd systemd-journal-remote &>/dev/null || useradd -r -l -g systemd-journal-remote -d %{_localstatedir}/log/journal/remote -s /sbin/nologin -c "Journal Remote" systemd-journal-remote &>/dev/null || : -%global journal_remote_units_restart systemd-journal-gatewayd.service systemd-journal-remote.service systemd-journal-upload.service -%global journal_remote_units_norestart systemd-journal-gatewayd.socket systemd-journal-remote.socket %post journal-remote -%systemd_post %journal_remote_units_restart %journal_remote_units_norestart +%systemd_post systemd-journal-gatewayd.socket systemd-journal-gatewayd.service +%systemd_post systemd-journal-remote.socket systemd-journal-remote.service +%systemd_post systemd-journal-upload.service %firewalld_reload %preun journal-remote -%systemd_preun %journal_remote_units_restart %journal_remote_units_norestart +%systemd_preun systemd-journal-gatewayd.socket systemd-journal-gatewayd.service +%systemd_preun systemd-journal-remote.socket systemd-journal-remote.service +%systemd_preun systemd-journal-upload.service if [ $1 -eq 1 ] ; then if [ -f %{_localstatedir}/lib/systemd/journal-upload/state -a ! -L %{_localstatedir}/lib/systemd/journal-upload ] ; then mkdir -p %{_localstatedir}/lib/private/systemd/journal-upload @@ -1393,111 +672,18 @@ if [ $1 -eq 1 ] ; then fi fi -%posttrans journal-remote -%systemd_posttrans_with_restart %journal_remote_units_restart +%postun journal-remote +%systemd_postun_with_restart systemd-journal-gatewayd.service +%systemd_postun_with_restart systemd-journal-remote.service +%systemd_postun_with_restart systemd-journal-upload.service %firewalld_reload -%global networkd_services %{shrink: - systemd-networkd.service - systemd-networkd.socket - systemd-networkd-varlink.socket - systemd-networkd-wait-online.service - systemd-network-generator.service - systemd-networkd-persistent-storage.service - } - -%post networkd -# systemd-networkd was split out in systemd-246.6-2. -# Ideally, we would have a trigger scriptlet to record enablement -# state when upgrading from systemd <= systemd-246.6-1. But, AFAICS, -# rpm doesn't allow us to trigger on another package, short of -# querying the rpm database ourselves, which seems risky. For rpm, -# systemd and systemd-networkd are completely unrelated. So let's use -# a hack to detect if an old systemd version is currently present in -# the file system. -# https://bugzilla.redhat.com/show_bug.cgi?id=1943263 -if [ $1 -eq 1 ] && ls /usr/lib/systemd/libsystemd-shared-24[0-6].so &>/dev/null; then - echo "Skipping presets for systemd-networkd.service, seems we are upgrading from old systemd." -else - %systemd_post %networkd_services -fi - -%preun networkd -%systemd_preun %networkd_services - -%posttrans networkd -%systemd_posttrans_with_restart systemd-networkd.service - -%post resolved -[ $1 -eq 1 ] || exit 0 -# Initial installation - -touch %{_localstatedir}/lib/rpm-state/systemd-resolved.initial-installation - -# Related to https://bugzilla.redhat.com/show_bug.cgi?id=1943263 -if ls /usr/lib/systemd/libsystemd-shared-24[0-8].so &>/dev/null; then - echo "Skipping presets for systemd-resolved.service, seems we are upgrading from old systemd." - exit 0 -fi - -%systemd_post systemd-resolved.service - -%preun resolved -%systemd_preun systemd-resolved.service -if [ $1 -eq 0 ] ; then - if [ -L /etc/resolv.conf ] && \ - realpath /etc/resolv.conf | grep ^/run/systemd/resolve/; then - rm -f /etc/resolv.conf # no longer useful - # if network manager is enabled, move to it instead - [ -f /run/NetworkManager/resolv.conf ] && \ - systemctl -q is-enabled NetworkManager.service &>/dev/null && \ - ln -fsv ../run/NetworkManager/resolv.conf /etc/resolv.conf - fi -fi - -%posttrans resolved -%systemd_posttrans_with_restart systemd-resolved.service -[ -e %{_localstatedir}/lib/rpm-state/systemd-resolved.initial-installation ] || exit 0 -rm %{_localstatedir}/lib/rpm-state/systemd-resolved.initial-installation -# Initial installation - -# Create /etc/resolv.conf symlink. -# (https://bugzilla.redhat.com/show_bug.cgi?id=1873856) -# -# We would also create it using tmpfiles, but let's do this here too -# before NetworkManager gets a chance. (systemd-tmpfiles invocation -# above does not do this, because the line is marked with ! and -# tmpfiles is invoked without --boot in the scriptlet.) -# -# *Create* the symlink if nothing is present yet. -# (https://bugzilla.redhat.com/show_bug.cgi?id=2032085) -# -# *Override* the symlink if systemd is running. Don't do it if systemd -# is not running, because that will immediately break DNS resolution, -# since systemd-resolved is also not running -# (https://bugzilla.redhat.com/show_bug.cgi?id=1891847). -# -# Also don't create the symlink to the stub when the stub is disabled (#1891847 again). -if systemctl -q is-enabled systemd-resolved.service &>/dev/null && - ! systemd-analyze cat-config systemd/resolved.conf 2>/dev/null | - grep -iqE '^DNSStubListener\s*=\s*(no?|false|0|off)\s*$'; then - - if ! test -e /etc/resolv.conf && ! test -L /etc/resolv.conf; then - ln -sv ../run/systemd/resolve/stub-resolv.conf /etc/resolv.conf || : - elif test -d /run/systemd/system/ && - ! mountpoint /etc/resolv.conf &>/dev/null; then - ln -fsv ../run/systemd/resolve/stub-resolv.conf /etc/resolv.conf || : - fi -fi - %global _docdir_fmt %{name} -%files -f %{name}.lang -f .file-list-main +%files -f %{name}.lang -f .file-list-rest %doc %{_pkgdocdir} -%exclude %{_pkgdocdir}/LICENSE* -# Only the licenses texts for the licenses in License line are included. -%license LICENSE.GPL2 -%license LICENSES/MIT.txt +%exclude %{_pkgdocdir}/LICENSE.* +%license LICENSE.GPL2 LICENSE.LGPL2.1 %ghost %dir %attr(0755,-,-) /etc/systemd/system/basic.target.wants %ghost %dir %attr(0755,-,-) /etc/systemd/system/bluetooth.target.wants %ghost %dir %attr(0755,-,-) /etc/systemd/system/default.target.wants @@ -1513,69 +699,1633 @@ fi %ghost %dir %attr(0755,-,-) /etc/systemd/system/sysinit.target.wants %ghost %dir %attr(0755,-,-) /etc/systemd/system/system-update.target.wants %ghost %dir %attr(0755,-,-) /etc/systemd/system/timers.target.wants -%ghost %dir %attr(0700,-,-) /var/lib/portables %ghost %dir %attr(0755,-,-) /var/lib/rpm-state/systemd %files libs -f .file-list-libs %license LICENSE.LGPL2.1 -%files shared -f .file-list-shared -%license LICENSE.LGPL2.1 -%license LICENSES/MIT.txt - %files pam -f .file-list-pam -%files rpm-macros -f .file-list-rpm-macros - -%files sysusers -f .file-list-sysusers - -%files resolved -f .file-list-resolve - %files devel -f .file-list-devel %files udev -f .file-list-udev -%files ukify -f .file-list-ukify -%if 0%{?want_bootloader} -%if %{without obs} -%files boot-unsigned -f .file-list-boot -%else -%files boot -f .file-list-boot -%endif -%endif - %files container -f .file-list-container -%ghost %dir %attr(0700,-,-) /var/lib/machines %files journal-remote -f .file-list-remote -%files networkd -f .file-list-networkd - -%files networkd-defaults -f .file-list-networkd-defaults - -%files oomd-defaults -f .file-list-oomd-defaults - %files tests -f .file-list-tests -%files standalone-repart -f .file-list-standalone-repart - -%files standalone-tmpfiles -f .file-list-standalone-tmpfiles - -%files standalone-sysusers -f .file-list-standalone-sysusers - -%files standalone-shutdown -f .file-list-standalone-shutdown - -%clean -rm -rf \ - $RPM_BUILD_ROOT \ - 10-timeout-abort.conf.user \ - .file-list-* \ - %{name}.lang \ - debugfiles.list \ - debuglinks.list \ - debugsourcefiles.list \ - debugsources.list \ - elfbins.list - %changelog -%autochangelog +* Wed Mar 7 2018 Zbigniew Jędrzejewski-Szmek - 238-3 +- Revert the patches for GRUB BootLoaderSpec support +- Add patch for /etc/machine-id creation (#1552843) + +* Tue Mar 6 2018 Yu Watanabe - 238-2 +- Fix transfiletrigger script (#1551793) + +* Mon Mar 5 2018 Zbigniew Jędrzejewski-Szmek - 238-1 +- Update to latest version +- This fixes a hard-to-trigger potential vulnerability (CVE-2018-6954) +- New transfiletriggers are installed for udev hwdb and rules, the journal + catalog, sysctl.d, binfmt.d, sysusers.d, tmpfiles.d. + +* Tue Feb 27 2018 Javier Martinez Canillas - 237-7.git84c8da5 +- Add patch to install kernel images for GRUB BootLoaderSpec support + +* Sat Feb 24 2018 Zbigniew Jędrzejewski-Szmek - 237-6.git84c8da5 +- Create /etc/systemd in %%post libs if necessary (#1548607) + +* Fri Feb 23 2018 Adam Williamson - 237-5.git84c8da5 +- Use : not touch to create file in -libs %%post + +* Thu Feb 22 2018 Patrick Uiterwijk - 237-4.git84c8da5 +- Add coreutils dep for systemd-libs %%post +- Add patch to typecast USB IDs to avoid compile failure + +* Wed Feb 21 2018 Zbigniew Jędrzejewski-Szmek - 237-3.git84c8da5 +- Update some patches for test skipping that were updated upstream + before merging +- Add /usr/lib/systemd/purge-nobody-user — a script to check if nobody is defined + correctly and possibly replace existing mappings + +* Tue Feb 20 2018 Zbigniew Jędrzejewski-Szmek - 237-2.gitdff4849 +- Backport a bunch of patches, most notably for the journal and various + memory issues. Some minor build fixes. +- Switch to new ldconfig macros that do nothing in F28+ +- /etc/systemd/dont-synthesize-nobody is created in %%post if nfsnobody + or nobody users are defined (#1537262) + +* Fri Feb 9 2018 Zbigniew Jędrzejeweski-Szmek - 237-1.git78bd769 +- Update to first stable snapshot (various minor memory leaks and misaccesses, + some documentation bugs, build fixes). + +* Sun Jan 28 2018 Zbigniew Jędrzejewski-Szmek - 237-1 +- Update to latest version + +* Sun Jan 21 2018 Björn Esser - 236-4.git3e14c4c +- Add patch to include if needed + +* Sat Jan 20 2018 Björn Esser - 236-3.git3e14c4c +- Rebuilt for switch to libxcrypt + +* Thu Jan 11 2018 Zbigniew Jędrzejewski-Szmek - 236-2.git23e14c4 +- Backport a bunch of bugfixes from upstream (#1531502, #1531381, #1526621 + various memory corruptions in systemd-networkd) +- /dev/kvm is marked as a static node which fixes permissions on s390x + and ppc64 (#1532382) + +* Fri Dec 15 2017 Zbigniew Jędrzejewski-Szmek - 236-1 +- Update to latest version + +* Mon Dec 11 2017 Zbigniew Jędrzejewski-Szmek - 235-5.git4a0e928 +- Update to latest git snapshot, do not build for realz +- Switch to libidn2 again (#1449145) + +* Tue Nov 07 2017 Zbigniew Jędrzejewski-Szmek - 235-4 +- Rebuild for cryptsetup-2.0.0-0.2.fc28 + +* Wed Oct 25 2017 Zbigniew Jędrzejewski-Szmek - 235-3 +- Backport a bunch of patches, including LP#172535 + +* Wed Oct 18 2017 Zbigniew Jędrzejewski-Szmek - 235-2 +- Patches for cryptsetup _netdev + +* Fri Oct 6 2017 Zbigniew Jędrzejewski-Szmek - 235-1 +- Update to latest version + +* Tue Sep 26 2017 Nathaniel McCallum - 234-8 +- Backport /etc/crypttab _netdev feature from upstream + +* Thu Sep 21 2017 Michal Sekletar - 234-7 +- Make sure to remove all device units sharing the same sysfs path (#1475570) + +* Mon Sep 18 2017 Zbigniew Jędrzejewski-Szmek - 234-6 +- Bump xslt recursion limit for libxslt-1.30 + +* Mon Jul 31 2017 Zbigniew Jędrzejewski-Szmek - 234-5 +- Backport more patches (#1476005, hopefully #1462378) + +* Thu Jul 27 2017 Fedora Release Engineering +- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild + +* Mon Jul 17 2017 Zbigniew Jędrzejewski-Szmek - 234-3 +- Fix x-systemd.timeout=0 in /etc/fstab (#1462378) +- Minor patches (memleaks, --help fixes, seccomp on arm64) + +* Thu Jul 13 2017 Zbigniew Jędrzejewski-Szmek - 234-2 +- Create kvm group (#1431876) + +* Thu Jul 13 2017 Zbigniew Jędrzejewski-Szmek - 234-1 +- Latest release + +* Sat Jul 1 2017 Zbigniew Jędrzejewski-Szmek - 233-7.git74d8f1c +- Update to snapshot +- Build with meson again + +* Tue Jun 27 2017 Zbigniew Jędrzejewski-Szmek - 233-6 +- Fix an out-of-bounds write in systemd-resolved (CVE-2017-9445) + +* Fri Jun 16 2017 Zbigniew Jędrzejewski-Szmek - 233-5.gitec36d05 +- Update to snapshot version, build with meson + +* Thu Jun 15 2017 Zbigniew Jędrzejewski-Szmek - 233-4 +- Backport a bunch of small fixes (memleaks, wrong format strings, + man page clarifications, shell completion) +- Fix systemd-resolved crash on crafted DNS packet (CVE-2017-9217, #1455493) +- Fix systemd-vconsole-setup.service error on systems with no VGA console (#1272686) +- Drop soft-static uid for systemd-journal-gateway +- Use ID from /etc/os-release as ntpvendor + +* Thu Mar 16 2017 Michal Sekletar - 233-3 +- Backport bugfixes from upstream +- Don't return error when machinectl couldn't figure out container IP addresses (#1419501) + +* Thu Mar 2 2017 Zbigniew Jędrzejewski-Szmek - 233-2 +- Fix installation conflict with polkit + +* Thu Mar 2 2017 Zbigniew Jędrzejewski-Szmek - 233-1 +- New upstream release (#1416201, #1405439, #1420753, many others) +- New systemd-tests subpackage with "installed tests" + +* Thu Feb 16 2017 Zbigniew Jędrzejewski-Szmek - 232-15 +- Add %%ghost %%dir entries for .wants dirs of our targets (#1422894) + +* Tue Feb 14 2017 Zbigniew Jędrzejewski-Szmek - 232-14 +- Ignore the hwdb parser test + +* Tue Feb 14 2017 Jan Synáček - 232-14 +- machinectl fails when virtual machine is running (#1419501) + +* Sat Feb 11 2017 Fedora Release Engineering - 232-13 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_26_Mass_Rebuild + +* Tue Jan 31 2017 Zbigniew Jędrzejewski-Szmek - 232-12 +- Backport patch for initrd-switch-root.service getting killed (#1414904) +- Fix sd-journal-gatewayd -D, --trust, and COREDUMP_CONTAINER_CMDLINE + extraction by sd-coredump. + +* Sun Jan 29 2017 zbyszek - 232-11 +- Backport a number of patches (#1411299, #1413075, #1415745, + ##1415358, #1416588, #1408884) +- Fix various memleaks and unitialized variable access +- Shell completion enhancements +- Enable TPM logging by default (#1411156) +- Update hwdb (#1270124) + +* Thu Jan 19 2017 Adam Williamson - 232-10 +- Backport fix for boot failure in initrd-switch-root (#1414904) + +* Wed Jan 18 2017 Zbigniew Jędrzejewski-Szmek - 232-9 +- Add fake dependency on systemd-pam to systemd-devel to ensure systemd-pam + is available as multilib (#1414153) + +* Tue Jan 17 2017 Zbigniew Jędrzejewski-Szmek - 232-8 +- Fix buildsystem to check for lz4 correctly (#1404406) + +* Wed Jan 11 2017 Zbigniew Jędrzejewski-Szmek - 232-7 +- Various small tweaks to scriplets + +* Sat Jan 07 2017 Kevin Fenzi - 232-6 +- Fix scriptlets to never fail in libs post + +* Fri Jan 06 2017 Kevin Fenzi - 232-5 +- Add patch from Michal Schmidt to avoid process substitution (#1392236) + +* Sun Nov 6 2016 Zbigniew Jędrzejewski-Szmek - 232-4 +- Rebuild (#1392236) + +* Fri Nov 4 2016 Zbigniew Jędrzejewski-Szmek - 232-3 +- Make /etc/dbus-1/system.d directory non-%%ghost + +* Fri Nov 4 2016 Zbigniew Jędrzejewski-Szmek - 232-2 +- Fix kernel-install (#1391829) +- Restore previous systemd-user PAM config (#1391836) +- Move journal-upload.conf.5 from systemd main to journal-remote subpackage (#1391833) +- Fix permissions on /var/lib/systemd/journal-upload (#1262665) + +* Thu Nov 3 2016 Zbigniew Jędrzejewski-Szmek - 232-1 +- Update to latest version (#998615, #1181922, #1374371, #1390704, #1384150, #1287161) +- Add %%{_isa} to Provides on arch-full packages (#1387912) +- Create systemd-coredump user in %%pre (#1309574) +- Replace grubby patch with a short-circuiting install.d "plugin" +- Enable nss-systemd in the passwd, group lines in nsswith.conf +- Add [!UNAVAIL=return] fallback after nss-resolve in hosts line in nsswith.conf +- Move systemd-nspawn man pages to the right subpackage (#1391703) + +* Tue Oct 18 2016 Jan Synáček - 231-11 +- SPC - Cannot restart host operating from container (#1384523) + +* Sun Oct 9 2016 Zbigniew Jędrzejewski-Szmek - 231-10 +- Do not recreate /var/log/journal on upgrades (#1383066) +- Move nss-myhostname provides to systemd-libs (#1383271) + +* Fri Oct 7 2016 Zbigniew Jędrzejewski-Szmek - 231-9 +- Fix systemctl set-default (#1374371) +- Prevent systemd-udev-trigger.service from restarting (follow-up for #1378974) + +* Tue Oct 4 2016 Zbigniew Jędrzejewski-Szmek - 231-8 +- Apply fix for #1378974 + +* Mon Oct 3 2016 Zbigniew Jędrzejewski-Szmek - 231-7 +- Apply patches properly + +* Thu Sep 29 2016 Zbigniew Jędrzejewski-Szmek - 231-6 +- Better fix for (#1380286) + +* Thu Sep 29 2016 Zbigniew Jędrzejewski-Szmek - 231-5 +- Denial-of-service bug against pid1 (#1380286) + +* Thu Aug 25 2016 Zbigniew Jędrzejewski-Szmek - 231-4 +- Fix preset-all (#1363858) +- Fix issue with daemon-reload messing up graphics (#1367766) +- A few other bugfixes + +* Wed Aug 03 2016 Adam Williamson - 231-3 +- Revert preset-all change, it broke stuff (#1363858) + +* Wed Jul 27 2016 Zbigniew Jędrzejewski-Szmek - 231-2 +- Call preset-all on initial installation (#1118740) +- Fix botched Recommends for libxkbcommon + +* Tue Jul 26 2016 Zbigniew Jędrzejewski-Szmek - 231-1 +- Update to latest version + +* Wed Jun 8 2016 Zbigniew Jędrzejewski-Szmek - 230-3 +- Update to latest git snapshot (fixes for systemctl set-default, + polkit lingering policy, reversal of the framebuffer rules, + unaligned access fixes, fix for StartupBlockIOWeight-over-dbus). + Those changes are interspersed with other changes and new features + (mostly in lldp, networkd, and nspawn). Some of those new features + might not work, but I think that existing functionality should not + be broken, so it seems worthwile to update to the snapshot. + +* Sat May 21 2016 Zbigniew Jędrzejewski-Szmek - 230-2 +- Remove systemd-compat-libs on upgrade + +* Sat May 21 2016 Zbigniew Jędrzejewski-Szmek - 230-1 +- New version +- Drop compat-libs +- Require libxkbcommon explictly, since the automatic dependency will + not be generated anymore + +* Tue Apr 26 2016 Zbigniew Jędrzejewski-Szmek - 229-15 +- Remove duplicated entries in -container %%files (#1330395) + +* Fri Apr 22 2016 Zbigniew Jędrzejewski-Szmek - 229-14 +- Move installation of udev services to udev subpackage (#1329023) + +* Mon Apr 18 2016 Zbigniew Jędrzejewski-Szmek - 229-13 +- Split out systemd-pam subpackage (#1327402) + +* Mon Apr 18 2016 Harald Hoyer - 229-12 +- move more binaries and services from the main package to subpackages + +* Mon Apr 18 2016 Harald Hoyer - 229-11 +- move more binaries and services from the main package to subpackages + +* Mon Apr 18 2016 Harald Hoyer - 229-10 +- move device dependant stuff to the udev subpackage + +* Tue Mar 22 2016 Zbigniew Jędrzejewski-Szmek - 229-9 +- Add myhostname to /etc/nsswitch.conf (#1318303) + +* Mon Mar 21 2016 Harald Hoyer - 229-8 +- fixed kernel-install for copying files for grubby +Resolves: rhbz#1299019 + +* Thu Mar 17 2016 Zbigniew Jędrzejewski-Szmek - 229-7 +- Moar patches (#1316964, #1317928) +- Move vconsole-setup and tmpfiles-setup-dev bits to systemd-udev +- Protect systemd-udev from deinstallation + +* Fri Mar 11 2016 Zbigniew Jędrzejewski-Szmek - 229-6 +- Create /etc/resolv.conf symlink from systemd-resolved (#1313085) + +* Fri Mar 4 2016 Zbigniew Jędrzejewski-Szmek - 229-5 +- Split out systemd-container subpackage (#1163412) +- Split out system-udev subpackage +- Add various bugfix patches, incl. a tentative fix for #1308771 + +* Tue Mar 1 2016 Peter Robinson 229-4 +- Power64 and s390(x) now have libseccomp support +- aarch64 has gnu-efi + +* Tue Feb 23 2016 Jan Synáček - 229-3 +- Fix build failures on ppc64 (#1310800) + +* Tue Feb 16 2016 Dennis Gilmore - 229-2 +- revert: fixed kernel-install for copying files for grubby +Resolves: rhbz#1299019 +- this causes the dtb files to not get installed at all and the fdtdir +- line in extlinux.conf to not get updated correctly + +* Thu Feb 11 2016 Michal Sekletar - 229-1 +- New upstream release + +* Thu Feb 11 2016 Harald Hoyer - 228-10.gite35a787 +- fixed kernel-install for copying files for grubby +Resolves: rhbz#1299019 + +* Fri Feb 05 2016 Fedora Release Engineering - 228-9.gite35a787 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild + +* Wed Jan 27 2016 Peter Robinson 228-8.gite35a787 +- Rebuild for binutils on aarch64 fix + +* Fri Jan 08 2016 Dan Horák - 228-7.gite35a787 +- apply the conflict with fedora-release only in Fedora + +* Thu Dec 10 2015 Jan Synáček - 228-6.gite35a787 +- Fix rawhide build failures on ppc64 (#1286249) + +* Sun Nov 29 2015 Zbigniew Jędrzejewski-Szmek - 228-6.gite35a787 +- Create /etc/systemd/network (#1286397) + +* Thu Nov 26 2015 Zbigniew Jędrzejewski-Szmek - 228-5.gite35a787 +- Do not install nss modules by default + +* Tue Nov 24 2015 Zbigniew Jędrzejewski-Szmek - 228-4.gite35a787 +- Update to latest upstream git: there is a bunch of fixes + (nss-mymachines overflow bug, networkd fixes, more completions are + properly installed), mixed with some new resolved features. +- Rework file triggers so that they always run before daemons are restarted + +* Thu Nov 19 2015 Zbigniew Jędrzejewski-Szmek - 228-3 +- Enable rpm file triggers for daemon-reload + +* Thu Nov 19 2015 Zbigniew Jędrzejewski-Szmek - 228-2 +- Fix version number in obsoleted package name (#1283452) + +* Wed Nov 18 2015 Kay Sievers - 228-1 +- New upstream release + +* Thu Nov 12 2015 Zbigniew Jędrzejewski-Szmek - 227-7 +- Rename journal-gateway subpackage to journal-remote +- Ignore the access mode on /var/log/journal (#1048424) +- Do not assume fstab is present (#1281606) + +* Wed Nov 11 2015 Fedora Release Engineering - 227-6 +- Rebuilt for https://fedoraproject.org/wiki/Changes/python3.5 + +* Tue Nov 10 2015 Lukáš Nykrýn - 227-5 +- Rebuild for libmicrohttpd soname bump + +* Fri Nov 06 2015 Robert Kuska - 227-4 +- Rebuilt for Python3.5 rebuild + +* Wed Nov 4 2015 Zbigniew Jędrzejewski-Szmek - 227-3 +- Fix syntax in kernel-install (#1277264) + +* Tue Nov 03 2015 Michal Schmidt - 227-2 +- Rebuild for libmicrohttpd soname bump. + +* Wed Oct 7 2015 Kay Sievers - 227-1 +- New upstream release + +* Fri Sep 18 2015 Jan Synáček - 226-3 +- user systemd-journal-upload should be in systemd-journal group (#1262743) + +* Fri Sep 18 2015 Kay Sievers - 226-2 +- Add selinux to system-user PAM config + +* Tue Sep 8 2015 Kay Sievers - 226-1 +- New upstream release + +* Thu Aug 27 2015 Kay Sievers - 225-1 +- New upstream release + +* Fri Jul 31 2015 Kay Sievers - 224-1 +- New upstream release + +* Wed Jul 29 2015 Kay Sievers - 223-2 +- update to git snapshot + +* Wed Jul 29 2015 Kay Sievers - 223-1 +- New upstream release + +* Thu Jul 9 2015 Zbigniew Jędrzejewski-Szmek - 222-2 +- Remove python subpackages (python-systemd in now standalone) + +* Tue Jul 7 2015 Kay Sievers - 222-1 +- New upstream release + +* Mon Jul 6 2015 Kay Sievers - 221-5.git619b80a +- update to git snapshot + +* Mon Jul 6 2015 Zbigniew Jędrzejewski-Szmek - 221-4.git604f02a +- Add example file with yama config (#1234951) + +* Sun Jul 5 2015 Kay Sievers - 221-3.git604f02a +- update to git snapshot + +* Mon Jun 22 2015 Kay Sievers - 221-2 +- build systemd-boot EFI tools + +* Fri Jun 19 2015 Lennart Poettering - 221-1 +- New upstream release +- Undoes botched translation check, should be reinstated later? + +* Fri Jun 19 2015 Fedora Release Engineering - 220-10 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild + +* Thu Jun 11 2015 Peter Robinson 220-9 +- The gold linker is now fixed on aarch64 + +* Tue Jun 9 2015 Zbigniew Jędrzejewski-Szmek - 220-8 +- Remove gudev which is now provided as separate package (libgudev) +- Fix for spurious selinux denials (#1224211) +- Udev change events (#1225905) +- Patches for some potential crashes +- ProtectSystem=yes does not touch /home +- Man page fixes, hwdb updates, shell completion updates +- Restored persistent device symlinks for bcache, xen block devices +- Tag all DRM cards as master-of-seat + +* Tue Jun 09 2015 Harald Hoyer 220-7 +- fix udev block device watch + +* Tue Jun 09 2015 Harald Hoyer 220-6 +- add support for network disk encryption + +* Sun Jun 7 2015 Peter Robinson 220-5 +- Disable gold on aarch64 until it's fixed (tracked in rhbz #1225156) + +* Sat May 30 2015 Zbigniew Jędrzejewski-Szmek - 220-4 +- systemd-devel should require systemd-libs, not the main package (#1226301) +- Check for botched translations (#1226566) +- Make /etc/udev/hwdb.d part of the rpm (#1226379) + +* Thu May 28 2015 Richard W.M. Jones - 220-3 +- Add patch to fix udev --daemon not cleaning child processes + (upstream commit 86c3bece38bcf5). + +* Wed May 27 2015 Richard W.M. Jones - 220-2 +- Add patch to fix udev --daemon crash (upstream commit 040e689654ef08). + +* Thu May 21 2015 Lennart Poettering - 220-1 +- New upstream release +- Drop /etc/mtab hack, as that's apparently fixed in mock now (#1116158) +- Remove ghosting for %%{_sysconfdir}/systemd/system/runlevel*.target, these targets are not configurable anymore in systemd upstream +- Drop work-around for #1002806, since this is solved upstream now + +* Wed May 20 2015 Dennis Gilmore - 219-15 +- fix up the conflicts version for fedora-release + +* Wed May 20 2015 Zbigniew Jędrzejewski-Szmek - 219-14 +- Remove presets (#1221340) +- Fix (potential) crash and memory leak in timedated, locking failure + in systemd-nspawn, crash in resolved. +- journalctl --list-boots should be faster +- zsh completions are improved +- various ommissions in docs are corrected (#1147651) +- VARIANT and VARIANT_ID fields in os-release are documented +- systemd-fsck-root.service is generated in the initramfs (#1201979, #1107818) +- systemd-tmpfiles should behave better on read-only file systems (#1207083) + +* Wed Apr 29 2015 Zbigniew Jędrzejewski-Szmek - 219-13 +- Patches for some outstanding annoyances +- Small keyboard hwdb updates + +* Wed Apr 8 2015 Zbigniew Jędrzejewski-Szmek - 219-12 +- Tighten requirements between subpackages (#1207381). + +* Sun Mar 22 2015 Zbigniew Jędrzejewski-Szmek - 219-11 +- Move all parts systemd-journal-{remote,upload} to + systemd-journal-gatewayd subpackage (#1193143). +- Create /var/lib/systemd/journal-upload directory (#1193145). +- Cut out lots of stupid messages at debug level which were obscuring more + important stuff. +- Apply "tentative" state for devices only when they are added, not removed. +- Ignore invalid swap pri= settings (#1204336) +- Fix SELinux check for timedated operations to enable/disable ntp (#1014315) +- Fix comparing of filesystem paths (#1184016) + +* Sat Mar 14 2015 Zbigniew Jędrzejewski-Szmek - 219-10 +- Fixes for bugs 1186018, 1195294, 1185604, 1196452. +- Hardware database update. +- Documentation fixes. +- A fix for journalctl performance regression. +- Fix detection of inability to open files in journalctl. +- Detect SuperH architecture properly. +- The first of duplicate lines in tmpfiles wins again. +- Do vconsole setup after loading vconsole driver, not fbcon. +- Fix problem where some units were restarted during systemd reexec. +- Fix race in udevadm settle tripping up NetworkManager. +- Downgrade various log messages. +- Fix issue where journal-remote would process some messages with a delay. +- GPT /srv partition autodiscovery is fixed. +- Reconfigure old Finnish keymaps in post (#1151958) + +* Tue Mar 10 2015 Jan Synáček - 219-9 +- Buttons on Lenovo X6* tablets broken (#1198939) + +* Tue Mar 3 2015 Zbigniew Jędrzejewski-Szmek - 219-8 +- Reworked device handling (#1195761) +- ACL handling fixes (with a script in %%post) +- Various log messages downgraded (#1184712) +- Allow PIE on s390 again (#1197721) + +* Wed Feb 25 2015 Michal Schmidt - 219-7 +- arm: reenable lto. gcc-5.0.0-0.16 fixed the crash (#1193212) + +* Tue Feb 24 2015 Colin Walters - 219-6 +- Revert patch that breaks Atomic/OSTree (#1195761) + +* Fri Feb 20 2015 Michal Schmidt - 219-5 +- Undo the resolv.conf workaround, Aim for a proper fix in Rawhide. + +* Fri Feb 20 2015 Michal Schmidt - 219-4 +- Revive fedora-disable-resolv.conf-symlink.patch to unbreak composes. + +* Wed Feb 18 2015 Michal Schmidt - 219-3 +- arm: disabling gold did not help; disable lto instead (#1193212) + +* Tue Feb 17 2015 Peter Jones - 219-2 +- Update 90-default.present for dbxtool. + +* Mon Feb 16 2015 Lennart Poettering - 219-1 +- New upstream release +- This removes the sysctl/bridge hack, a different solution needs to be found for this (see #634736) +- This removes the /etc/resolv.conf hack, anaconda needs to fix their handling of /etc/resolv.conf as symlink +- This enables "%%check" +- disable gold on arm, as that is broken (see #1193212) + +* Mon Feb 16 2015 Peter Robinson 218-6 +- aarch64 now has seccomp support + +* Thu Feb 05 2015 Michal Schmidt - 218-5 +- Don't overwrite systemd.macros with unrelated Source file. + +* Thu Feb 5 2015 Jan Synáček - 218-4 +- Add a touchpad hwdb (#1189319) + +* Thu Jan 15 2015 Zbigniew Jędrzejewski-Szmek - 218-4 +- Enable xkbcommon dependency to allow checking of keymaps +- Fix permissions of /var/log/journal (#1048424) +- Enable timedatex in presets (#1187072) +- Disable rpcbind in presets (#1099595) + +* Wed Jan 7 2015 Jan Synáček - 218-3 +- RFE: journal: automatically rotate the file if it is unlinked (#1171719) + +* Mon Jan 05 2015 Zbigniew Jędrzejewski-Szmek - 218-3 +- Add firewall description files (#1176626) + +* Thu Dec 18 2014 Jan Synáček - 218-2 +- systemd-nspawn doesn't work on s390/s390x (#1175394) + +* Wed Dec 10 2014 Lennart Poettering - 218-1 +- New upstream release +- Enable "nss-mymachines" in /etc/nsswitch.conf + +* Thu Nov 06 2014 Zbigniew Jędrzejewski-Szmek - 217-4 +- Change libgudev1 to only require systemd-libs (#727499), there's + no need to require full systemd stack. +- Fixes for bugs #1159448, #1152220, #1158035. +- Bash completions updates to allow propose more units for start/restart, + and completions for set-default,get-default. +- Again allow systemctl enable of instances. +- Hardware database update and fixes. +- Udev crash on invalid options and kernel commandline timeout parsing are fixed. +- Add "embedded" chassis type. +- Sync before 'reboot -f'. +- Fix restarting of timer units. + +* Wed Nov 05 2014 Michal Schmidt - 217-3 +- Fix hanging journal flush (#1159641) + +* Fri Oct 31 2014 Michal Schmidt - 217-2 +- Fix ordering cycles involving systemd-journal-flush.service and + remote-fs.target (#1159117) + +* Tue Oct 28 2014 Lennart Poettering - 217-1 +- New upstream release + +* Fri Oct 17 2014 Zbigniew Jędrzejewski-Szmek - 216-12 +- Drop PackageKit.service from presets (#1154126) + +* Mon Oct 13 2014 Zbigniew Jędrzejewski-Szmek - 216-11 +- Conflict with old versions of initscripts (#1152183) +- Remove obsolete Finnish keymap (#1151958) + +* Fri Oct 10 2014 Zbigniew Jędrzejewski-Szmek - 216-10 +- Fix a problem with voluntary daemon exits and some other bugs + (#1150477, #1095962, #1150289) + +* Fri Oct 03 2014 Zbigniew Jędrzejewski-Szmek - 216-9 +- Update to latest git, but without the readahead removal patch + (#1114786, #634736) + +* Wed Oct 01 2014 Kay Sievers - 216-8 +- revert "don't reset selinux context during CHANGE events" + +* Wed Oct 01 2014 Lukáš Nykrýn - 216-7 +- add temporary workaround for #1147910 +- don't reset selinux context during CHANGE events + +* Wed Sep 10 2014 Michal Schmidt - 216-6 +- Update timesyncd with patches to avoid hitting NTP pool too often. + +* Tue Sep 09 2014 Michal Schmidt - 216-5 +- Use common CONFIGURE_OPTS for build2 and build3. +- Configure timesyncd with NTP servers from Fedora/RHEL vendor zone. + +* Wed Sep 03 2014 Zbigniew Jędrzejewski-Szmek - 216-4 +- Move config files for sd-j-remote/upload to sd-journal-gateway subpackage (#1136580) + +* Thu Aug 28 2014 Peter Robinson 216-3 +- Drop no LTO build option for aarch64/s390 now it's fixed in binutils (RHBZ 1091611) + +* Thu Aug 21 2014 Zbigniew Jędrzejewski-Szmek - 216-2 +- Re-add patch to disable resolve.conf symlink (#1043119) + +* Wed Aug 20 2014 Lennart Poettering - 216-1 +- New upstream release + +* Mon Aug 18 2014 Fedora Release Engineering - 215-12 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild + +* Wed Aug 13 2014 Dan Horák 215-11 +- disable LTO also on s390(x) + +* Sat Aug 09 2014 Harald Hoyer 215-10 +- fixed PPC64LE + +* Wed Aug 6 2014 Tom Callaway - 215-9 +- fix license handling + +* Wed Jul 30 2014 Zbigniew Jędrzejewski-Szmek - 215-8 +- Create systemd-journal-remote and systemd-journal-upload users (#1118907) + +* Thu Jul 24 2014 Zbigniew Jędrzejewski-Szmek - 215-7 +- Split out systemd-compat-libs subpackage + +* Tue Jul 22 2014 Kalev Lember - 215-6 +- Rebuilt for gobject-introspection 1.41.4 + +* Mon Jul 21 2014 Zbigniew Jędrzejewski-Szmek - 215-5 +- Fix SELinux context of /etc/passwd-, /etc/group-, /etc/.updated (#1121806) +- Add missing BR so gnutls and elfutils are used + +* Sat Jul 19 2014 Zbigniew Jędrzejewski-Szmek - 215-4 +- Various man page updates +- Static device node logic is conditionalized on CAP_SYS_MODULES instead of CAP_MKNOD + for better behaviour in containers +- Some small networkd link handling fixes +- vconsole-setup runs setfont before loadkeys (https://bugs.freedesktop.org/show_bug.cgi?id=80685) +- New systemd-escape tool +- XZ compression settings are tweaked to greatly improve journald performance +- "watch" is accepted as chassis type +- Various sysusers fixes, most importantly correct selinux labels +- systemd-timesyncd bug fix (https://bugs.freedesktop.org/show_bug.cgi?id=80932) +- Shell completion improvements +- New udev tag ID_SOFTWARE_RADIO can be used to instruct logind to allow user access +- XEN and s390 virtualization is properly detected + +* Mon Jul 07 2014 Colin Walters - 215-3 +- Add patch to disable resolve.conf symlink (#1043119) + +* Sun Jul 06 2014 Zbigniew Jędrzejewski-Szmek - 215-2 +- Move systemd-journal-remote to systemd-journal-gateway package (#1114688) +- Disable /etc/mtab handling temporarily (#1116158) + +* Thu Jul 03 2014 Lennart Poettering - 215-1 +- New upstream release +- Enable coredump logic (which abrt would normally override) + +* Sun Jun 29 2014 Peter Robinson 214-5 +- On aarch64 disable LTO as it still has issues on that arch + +* Thu Jun 26 2014 Zbigniew Jędrzejewski-Szmek - 214-4 +- Bugfixes (#996133, #1112908) + +* Mon Jun 23 2014 Zbigniew Jędrzejewski-Szmek - 214-3 +- Actually create input group (#1054549) + +* Sun Jun 22 2014 Zbigniew Jędrzejewski-Szmek - 214-2 +- Do not restart systemd-logind on upgrades (#1110697) +- Add some patches (#1081429, #1054549, #1108568, #928962) + +* Wed Jun 11 2014 Lennart Poettering - 214-1 +- New upstream release +- Get rid of "floppy" group, since udev uses "disk" now +- Reenable LTO + +* Sun Jun 08 2014 Fedora Release Engineering - 213-4 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild + +* Wed May 28 2014 Kay Sievers - 213-3 +- fix systemd-timesync user creation + +* Wed May 28 2014 Michal Sekletar - 213-2 +- Create temporary files after installation (#1101983) +- Add sysstat-collect.timer, sysstat-summary.timer to preset policy (#1101621) + +* Wed May 28 2014 Kay Sievers - 213-1 +- New upstream release + +* Tue May 27 2014 Kalev Lember - 212-6 +- Rebuilt for https://fedoraproject.org/wiki/Changes/Python_3.4 + +* Fri May 23 2014 Adam Williamson - 212-5 +- revert change from 212-4, causes boot fail on single CPU boxes (RHBZ 1095891) + +* Wed May 07 2014 Kay Sievers - 212-4 +- add netns udev workaround + +* Wed May 07 2014 Michal Sekletar - 212-3 +- enable uuidd.socket by default (#1095353) + +* Sat Apr 26 2014 Peter Robinson 212-2 +- Disable building with -flto for the moment due to gcc 4.9 issues (RHBZ 1091611) + +* Tue Mar 25 2014 Lennart Poettering - 212-1 +- New upstream release + +* Mon Mar 17 2014 Peter Robinson 211-2 +- Explicitly define which upstream platforms support libseccomp + +* Tue Mar 11 2014 Lennart Poettering - 211-1 +- New upstream release + +* Mon Mar 10 2014 Zbigniew Jędrzejewski-Szmek - 210-8 +- Fix logind unpriviledged reboot issue and a few other minor fixes +- Limit generator execution time +- Recognize buttonless joystick types + +* Fri Mar 07 2014 Karsten Hopp 210-7 +- ppc64le needs link warnings disabled, too + +* Fri Mar 07 2014 Karsten Hopp 210-6 +- move ifarch ppc64le to correct place (libseccomp req) + +* Fri Mar 07 2014 Zbigniew Jędrzejewski-Szmek - 210-5 +- Bugfixes: #1047568, #1047039, #1071128, #1073402 +- Bash completions for more systemd tools +- Bluetooth database update +- Manpage fixes + +* Thu Mar 06 2014 Zbigniew Jędrzejewski-Szmek - 210-4 +- Apply work-around for ppc64le too (#1073647). + +* Sat Mar 01 2014 Zbigniew Jędrzejewski-Szmek - 210-3 +- Backport a few patches, add completion for systemd-nspawn. + +* Fri Feb 28 2014 Zbigniew Jędrzejewski-Szmek - 210-3 +- Apply work-arounds for ppc/ppc64 for bugs 1071278 and 1071284 + +* Mon Feb 24 2014 Lennart Poettering - 210-2 +- Check more services against preset list and enable by default + +* Mon Feb 24 2014 Lennart Poettering - 210-1 +- new upstream release + +* Sun Feb 23 2014 Zbigniew Jędrzejewski-Szmek - 209-2.gitf01de96 +- Enable dnssec-triggerd.service by default (#1060754) + +* Sun Feb 23 2014 Kay Sievers - 209-2.gitf01de96 +- git snapshot to sort out ARM build issues + +* Thu Feb 20 2014 Lennart Poettering - 209-1 +- new upstream release + +* Tue Feb 18 2014 Zbigniew Jędrzejewski-Szmek - 208-15 +- Make gpsd lazily activated (#1066421) + +* Mon Feb 17 2014 Zbigniew Jędrzejewski-Szmek - 208-14 +- Back out patch which causes user manager to be destroyed when unneeded + and spams logs (#1053315) + +* Sun Feb 16 2014 Zbigniew Jędrzejewski-Szmek - 208-13 +- A different fix for #1023820 taken from Mageia +- Backported fix for #997031 +- Hardward database updates, man pages improvements, a few small memory + leaks, utf-8 correctness and completion fixes +- Support for key-slot option in crypttab + +* Sat Jan 25 2014 Ville Skyttä - 208-12 +- Own the %%{_prefix}/lib/kernel(/*) and %%{_datadir}/zsh(/*) dirs. + +* Tue Dec 03 2013 Zbigniew Jędrzejewski-Szmek - 208-11 +- Backport a few fixes, relevant documentation updates, and HWDB changes + (#1051797, #1051768, #1047335, #1047304, #1047186, #1045849, #1043304, + #1043212, #1039351, #1031325, #1023820, #1017509, #953077) +- Flip journalctl to --full by default (#984758) + +* Tue Dec 03 2013 Zbigniew Jędrzejewski-Szmek - 208-9 +- Apply two patches for #1026860 + +* Tue Dec 03 2013 Zbigniew Jędrzejewski-Szmek - 208-8 +- Bump release to stay ahead of f20 + +* Tue Dec 03 2013 Zbigniew Jędrzejewski-Szmek - 208-7 +- Backport patches (#1023041, #1036845, #1006386?) +- HWDB update +- Some small new features: nspawn --drop-capability=, running PID 1 under + valgrind, "yearly" and "annually" in calendar specifications +- Some small documentation and logging updates + +* Tue Nov 19 2013 Zbigniew Jędrzejewski-Szmek - 208-6 +- Bump release to stay ahead of f20 + +* Tue Nov 19 2013 Zbigniew Jędrzejewski-Szmek - 208-5 +- Use unit name in PrivateTmp= directories (#957439) +- Update manual pages, completion scripts, and hardware database +- Configurable Timeouts/Restarts default values +- Support printing of timestamps on the console +- Fix some corner cases in detecting when writing to the console is safe +- Python API: convert keyword values to string, fix sd_is_booted() wrapper +- Do not tread missing /sbin/fsck.btrfs as an error (#1015467) +- Allow masking of fsck units +- Advertise hibernation to swap files +- Fix SO_REUSEPORT settings +- Prefer converted xkb keymaps to legacy keymaps (#981805, #1026872) +- Make use of newer kmod +- Assorted bugfixes: #1017161, #967521, #988883, #1027478, #821723, #1014303 + +* Tue Oct 22 2013 Zbigniew Jędrzejewski-Szmek - 208-4 +- Add temporary fix for #1002806 + +* Mon Oct 21 2013 Zbigniew Jędrzejewski-Szmek - 208-3 +- Backport a bunch of fixes and hwdb updates + +* Wed Oct 2 2013 Lennart Poettering - 208-2 +- Move old random seed and backlight files into the right place + +* Wed Oct 2 2013 Lennart Poettering - 208-1 +- New upstream release + +* Thu Sep 26 2013 Zbigniew Jędrzejewski-Szmek 207-5 +- Do not create /var/var/... dirs + +* Wed Sep 18 2013 Zbigniew Jędrzejewski-Szmek 207-4 +- Fix policykit authentication +- Resolves: rhbz#1006680 + +* Tue Sep 17 2013 Harald Hoyer 207-3 +- fixed login +- Resolves: rhbz#1005233 + +* Mon Sep 16 2013 Harald Hoyer 207-2 +- add some upstream fixes for 207 +- fixed swap activation +- Resolves: rhbz#1008604 + +* Fri Sep 13 2013 Lennart Poettering - 207-1 +- New upstream release + +* Fri Sep 06 2013 Harald Hoyer 206-11 +- support "debug" kernel command line parameter +- journald: fix fd leak in journal_file_empty +- journald: fix vacuuming of archived journals +- libudev: enumerate - do not try to match against an empty subsystem +- cgtop: fixup the online help +- libudev: fix memleak when enumerating childs + +* Wed Sep 04 2013 Harald Hoyer 206-10 +- Do not require grubby, lorax now takes care of grubby +- cherry-picked a lot of patches from upstream + +* Tue Aug 27 2013 Dennis Gilmore - 206-9 +- Require grubby, Fedora installs require grubby, +- kernel-install took over from new-kernel-pkg +- without the Requires we are unable to compose Fedora +- everyone else says that since kernel-install took over +- it is responsible for ensuring that grubby is in place +- this is really what we want for Fedora + +* Tue Aug 27 2013 Kay Sievers - 206-8 +- Revert "Require grubby its needed by kernel-install" + +* Mon Aug 26 2013 Dennis Gilmore 206-7 +- Require grubby its needed by kernel-install + +* Thu Aug 22 2013 Harald Hoyer 206-6 +- kernel-install now understands kernel flavors like PAE + +* Tue Aug 20 2013 Rex Dieter - 206-5 +- add sddm.service to preset file (#998978) + +* Fri Aug 16 2013 Zbigniew Jędrzejewski-Szmek - 206-4 +- Filter out provides for private python modules. +- Add requires on kmod >= 14 (#990994). + +* Sun Aug 11 2013 Zbigniew Jedrzejewski-Szmek - 206-3 +- New systemd-python3 package (#976427). +- Add ownership of a few directories that we create (#894202). + +* Sun Aug 04 2013 Fedora Release Engineering - 206-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild + +* Tue Jul 23 2013 Kay Sievers - 206-1 +- New upstream release + Resolves (#984152) + +* Wed Jul 3 2013 Lennart Poettering - 205-1 +- New upstream release + +* Wed Jun 26 2013 Michal Schmidt 204-10 +- Split systemd-journal-gateway subpackage (#908081). + +* Mon Jun 24 2013 Michal Schmidt 204-9 +- Rename nm_dispatcher to NetworkManager-dispatcher in default preset (#977433) + +* Fri Jun 14 2013 Harald Hoyer 204-8 +- fix, which helps to sucessfully browse journals with + duplicated seqnums + +* Fri Jun 14 2013 Harald Hoyer 204-7 +- fix duplicate message ID bug +Resolves: rhbz#974132 + +* Thu Jun 06 2013 Harald Hoyer 204-6 +- introduce 99-default-disable.preset + +* Thu Jun 6 2013 Lennart Poettering - 204-5 +- Rename 90-display-manager.preset to 85-display-manager.preset so that it actually takes precedence over 90-default.preset's "disable *" line (#903690) + +* Tue May 28 2013 Harald Hoyer 204-4 +- Fix kernel-install (#965897) + +* Wed May 22 2013 Kay Sievers - 204-3 +- Fix kernel-install (#965897) + +* Thu May 9 2013 Lennart Poettering - 204-2 +- New upstream release +- disable isdn by default (#959793) + +* Tue May 07 2013 Harald Hoyer 203-2 +- forward port kernel-install-grubby.patch + +* Tue May 7 2013 Lennart Poettering - 203-1 +- New upstream release + +* Wed Apr 24 2013 Harald Hoyer 202-3 +- fix ENOENT for getaddrinfo +- Resolves: rhbz#954012 rhbz#956035 +- crypt-setup-generator: correctly check return of strdup +- logind-dbus: initialize result variable +- prevent library underlinking + +* Fri Apr 19 2013 Harald Hoyer 202-2 +- nspawn create empty /etc/resolv.conf if necessary +- python wrapper: add sd_journal_add_conjunction() +- fix s390 booting +- Resolves: rhbz#953217 + +* Thu Apr 18 2013 Lennart Poettering - 202-1 +- New upstream release + +* Tue Apr 09 2013 Michal Schmidt - 201-2 +- Automatically discover whether to run autoreconf and add autotools and git + BuildRequires based on the presence of patches to be applied. +- Use find -delete. + +* Mon Apr 8 2013 Lennart Poettering - 201-1 +- New upstream release + +* Mon Apr 8 2013 Lennart Poettering - 200-4 +- Update preset file + +* Fri Mar 29 2013 Lennart Poettering - 200-3 +- Remove NetworkManager-wait-online.service from presets file again, it should default to off + +* Fri Mar 29 2013 Lennart Poettering - 200-2 +- New upstream release + +* Tue Mar 26 2013 Lennart Poettering - 199-2 +- Add NetworkManager-wait-online.service to the presets file + +* Tue Mar 26 2013 Lennart Poettering - 199-1 +- New upstream release + +* Mon Mar 18 2013 Michal Schmidt 198-7 +- Drop /usr/s?bin/ prefixes. + +* Fri Mar 15 2013 Harald Hoyer 198-6 +- run autogen to pickup all changes + +* Fri Mar 15 2013 Harald Hoyer 198-5 +- do not mount anything, when not running as pid 1 +- add initrd.target for systemd in the initrd + +* Wed Mar 13 2013 Harald Hoyer 198-4 +- fix switch-root and local-fs.target problem +- patch kernel-install to use grubby, if available + +* Fri Mar 08 2013 Harald Hoyer 198-3 +- add Conflict with dracut < 026 because of the new switch-root isolate + +* Thu Mar 7 2013 Lennart Poettering - 198-2 +- Create required users + +* Thu Mar 7 2013 Lennart Poettering - 198-1 +- New release +- Enable journal persistancy by default + +* Sun Feb 10 2013 Peter Robinson 197-3 +- Bump for ARM + +* Fri Jan 18 2013 Michal Schmidt - 197-2 +- Added qemu-guest-agent.service to presets (Lennart, #885406). +- Add missing pygobject3-base to systemd-analyze deps (Lennart). +- Do not require hwdata, it is all in the hwdb now (Kay). +- Drop dependency on dbus-python. + +* Tue Jan 8 2013 Lennart Poettering - 197-1 +- New upstream release + +* Mon Dec 10 2012 Michal Schmidt - 196-4 +- Enable rngd.service by default (#857765). + +* Mon Dec 10 2012 Michal Schmidt - 196-3 +- Disable hardening on s390(x) because PIE is broken there and produces + text relocations with __thread (#868839). + +* Wed Dec 05 2012 Michal Schmidt - 196-2 +- added spice-vdagentd.service to presets (Lennart, #876237) +- BR cryptsetup-devel instead of the legacy cryptsetup-luks-devel provide name + (requested by Milan Brož). +- verbose make to see the actual build flags + +* Wed Nov 21 2012 Lennart Poettering - 196-1 +- New upstream release + +* Tue Nov 20 2012 Lennart Poettering - 195-8 +- https://bugzilla.redhat.com/show_bug.cgi?id=873459 +- https://bugzilla.redhat.com/show_bug.cgi?id=878093 + +* Thu Nov 15 2012 Michal Schmidt - 195-7 +- Revert udev killing cgroup patch for F18 Beta. +- https://bugzilla.redhat.com/show_bug.cgi?id=873576 + +* Fri Nov 09 2012 Michal Schmidt - 195-6 +- Fix cyclical dep between systemd and systemd-libs. +- Avoid broken build of test-journal-syslog. +- https://bugzilla.redhat.com/show_bug.cgi?id=873387 +- https://bugzilla.redhat.com/show_bug.cgi?id=872638 + +* Thu Oct 25 2012 Kay Sievers - 195-5 +- require 'sed', limit HOSTNAME= match + +* Wed Oct 24 2012 Michal Schmidt - 195-4 +- add dmraid-activation.service to the default preset +- add yum protected.d fragment +- https://bugzilla.redhat.com/show_bug.cgi?id=869619 +- https://bugzilla.redhat.com/show_bug.cgi?id=869717 + +* Wed Oct 24 2012 Kay Sievers - 195-3 +- Migrate /etc/sysconfig/ i18n, keyboard, network files/variables to + systemd native files + +* Tue Oct 23 2012 Lennart Poettering - 195-2 +- Provide syslog because the journal is fine as a syslog implementation + +* Tue Oct 23 2012 Lennart Poettering - 195-1 +- New upstream release +- https://bugzilla.redhat.com/show_bug.cgi?id=831665 +- https://bugzilla.redhat.com/show_bug.cgi?id=847720 +- https://bugzilla.redhat.com/show_bug.cgi?id=858693 +- https://bugzilla.redhat.com/show_bug.cgi?id=863481 +- https://bugzilla.redhat.com/show_bug.cgi?id=864629 +- https://bugzilla.redhat.com/show_bug.cgi?id=864672 +- https://bugzilla.redhat.com/show_bug.cgi?id=864674 +- https://bugzilla.redhat.com/show_bug.cgi?id=865128 +- https://bugzilla.redhat.com/show_bug.cgi?id=866346 +- https://bugzilla.redhat.com/show_bug.cgi?id=867407 +- https://bugzilla.redhat.com/show_bug.cgi?id=868603 + +* Wed Oct 10 2012 Michal Schmidt - 194-2 +- Add scriptlets for migration away from systemd-timedated-ntp.target + +* Wed Oct 3 2012 Lennart Poettering - 194-1 +- New upstream release +- https://bugzilla.redhat.com/show_bug.cgi?id=859614 +- https://bugzilla.redhat.com/show_bug.cgi?id=859655 + +* Fri Sep 28 2012 Lennart Poettering - 193-1 +- New upstream release + +* Tue Sep 25 2012 Lennart Poettering - 192-1 +- New upstream release + +* Fri Sep 21 2012 Lennart Poettering - 191-2 +- Fix journal mmap header prototype definition to fix compilation on 32bit + +* Fri Sep 21 2012 Lennart Poettering - 191-1 +- New upstream release +- Enable all display managers by default, as discussed with Adam Williamson + +* Thu Sep 20 2012 Lennart Poettering - 190-1 +- New upstream release +- Take possession of /etc/localtime, and remove /etc/sysconfig/clock +- https://bugzilla.redhat.com/show_bug.cgi?id=858780 +- https://bugzilla.redhat.com/show_bug.cgi?id=858787 +- https://bugzilla.redhat.com/show_bug.cgi?id=858771 +- https://bugzilla.redhat.com/show_bug.cgi?id=858754 +- https://bugzilla.redhat.com/show_bug.cgi?id=858746 +- https://bugzilla.redhat.com/show_bug.cgi?id=858266 +- https://bugzilla.redhat.com/show_bug.cgi?id=858224 +- https://bugzilla.redhat.com/show_bug.cgi?id=857670 +- https://bugzilla.redhat.com/show_bug.cgi?id=856975 +- https://bugzilla.redhat.com/show_bug.cgi?id=855863 +- https://bugzilla.redhat.com/show_bug.cgi?id=851970 +- https://bugzilla.redhat.com/show_bug.cgi?id=851275 +- https://bugzilla.redhat.com/show_bug.cgi?id=851131 +- https://bugzilla.redhat.com/show_bug.cgi?id=847472 +- https://bugzilla.redhat.com/show_bug.cgi?id=847207 +- https://bugzilla.redhat.com/show_bug.cgi?id=846483 +- https://bugzilla.redhat.com/show_bug.cgi?id=846085 +- https://bugzilla.redhat.com/show_bug.cgi?id=845973 +- https://bugzilla.redhat.com/show_bug.cgi?id=845194 +- https://bugzilla.redhat.com/show_bug.cgi?id=845028 +- https://bugzilla.redhat.com/show_bug.cgi?id=844630 +- https://bugzilla.redhat.com/show_bug.cgi?id=839736 +- https://bugzilla.redhat.com/show_bug.cgi?id=835848 +- https://bugzilla.redhat.com/show_bug.cgi?id=831740 +- https://bugzilla.redhat.com/show_bug.cgi?id=823485 +- https://bugzilla.redhat.com/show_bug.cgi?id=821813 +- https://bugzilla.redhat.com/show_bug.cgi?id=807886 +- https://bugzilla.redhat.com/show_bug.cgi?id=802198 +- https://bugzilla.redhat.com/show_bug.cgi?id=767795 +- https://bugzilla.redhat.com/show_bug.cgi?id=767561 +- https://bugzilla.redhat.com/show_bug.cgi?id=752774 +- https://bugzilla.redhat.com/show_bug.cgi?id=732874 +- https://bugzilla.redhat.com/show_bug.cgi?id=858735 + +* Thu Sep 13 2012 Lennart Poettering - 189-4 +- Don't pull in pkg-config as dep +- https://bugzilla.redhat.com/show_bug.cgi?id=852828 + +* Wed Sep 12 2012 Lennart Poettering - 189-3 +- Update preset policy +- Rename preset policy file from 99-default.preset to 90-default.preset so that people can order their own stuff after the Fedora default policy if they wish + +* Thu Aug 23 2012 Lennart Poettering - 189-2 +- Update preset policy +- https://bugzilla.redhat.com/show_bug.cgi?id=850814 + +* Thu Aug 23 2012 Lennart Poettering - 189-1 +- New upstream release + +* Thu Aug 16 2012 Ray Strode 188-4 +- more scriptlet fixes + (move dm migration logic to %%posttrans so the service + files it's looking for are available at the time + the logic is run) + +* Sat Aug 11 2012 Lennart Poettering - 188-3 +- Remount file systems MS_PRIVATE before switching roots +- https://bugzilla.redhat.com/show_bug.cgi?id=847418 + +* Wed Aug 08 2012 Rex Dieter - 188-2 +- fix scriptlets + +* Wed Aug 8 2012 Lennart Poettering - 188-1 +- New upstream release +- Enable gdm and avahi by default via the preset file +- Convert /etc/sysconfig/desktop to display-manager.service symlink +- Enable hardened build + +* Mon Jul 30 2012 Kay Sievers - 187-3 +- Obsolete: system-setup-keyboard + +* Wed Jul 25 2012 Kalev Lember - 187-2 +- Run ldconfig for the new -libs subpackage + +* Thu Jul 19 2012 Lennart Poettering - 187-1 +- New upstream release + +* Mon Jul 09 2012 Harald Hoyer 186-2 +- fixed dracut conflict version + +* Tue Jul 3 2012 Lennart Poettering - 186-1 +- New upstream release + +* Fri Jun 22 2012 Nils Philippsen - 185-7.gite7aee75 +- add obsoletes/conflicts so multilib systemd -> systemd-libs updates work + +* Thu Jun 14 2012 Michal Schmidt - 185-6.gite7aee75 +- Update to current git + +* Wed Jun 06 2012 Kay Sievers - 185-5.gita2368a3 +- disable plymouth in configure, to drop the .wants/ symlinks + +* Wed Jun 06 2012 Michal Schmidt - 185-4.gita2368a3 +- Update to current git snapshot + - Add systemd-readahead-analyze + - Drop upstream patch +- Split systemd-libs +- Drop duplicate doc files +- Fixed License headers of subpackages + +* Wed Jun 06 2012 Ray Strode - 185-3 +- Drop plymouth files +- Conflict with old plymouth + +* Tue Jun 05 2012 Kay Sievers - 185-2 +- selinux udev labeling fix +- conflict with older dracut versions for new udev file names + +* Mon Jun 04 2012 Kay Sievers - 185-1 +- New upstream release + - udev selinux labeling fixes + - new man pages + - systemctl help + +* Thu May 31 2012 Lennart Poettering - 184-1 +- New upstream release + +* Thu May 24 2012 Kay Sievers - 183-1 +- New upstream release including udev merge. + +* Wed Mar 28 2012 Michal Schmidt - 44-4 +- Add triggers from Bill Nottingham to correct the damage done by + the obsoleted systemd-units's preun scriptlet (#807457). + +* Mon Mar 26 2012 Dennis Gilmore - 44-3 +- apply patch from upstream so we can build systemd on arm and ppc +- and likely the rest of the secondary arches + +* Tue Mar 20 2012 Michal Schmidt - 44-2 +- Don't build the gtk parts anymore. They're moving into systemd-ui. +- Remove a dead patch file. + +* Fri Mar 16 2012 Lennart Poettering - 44-1 +- New upstream release +- Closes #798760, #784921, #783134, #768523, #781735 + +* Mon Feb 27 2012 Dennis Gilmore - 43-2 +- don't conflict with fedora-release systemd never actually provided +- /etc/os-release so there is no actual conflict + +* Wed Feb 15 2012 Lennart Poettering - 43-1 +- New upstream release +- Closes #789758, #790260, #790522 + +* Sat Feb 11 2012 Lennart Poettering - 42-1 +- New upstream release +- Save a bit of entropy during system installation (#789407) +- Don't own /etc/os-release anymore, leave that to fedora-release + +* Thu Feb 9 2012 Adam Williamson - 41-2 +- rebuild for fixed binutils + +* Thu Feb 9 2012 Lennart Poettering - 41-1 +- New upstream release + +* Tue Feb 7 2012 Lennart Poettering - 40-1 +- New upstream release + +* Thu Jan 26 2012 Kay Sievers - 39-3 +- provide /sbin/shutdown + +* Wed Jan 25 2012 Harald Hoyer 39-2 +- increment release + +* Wed Jan 25 2012 Kay Sievers - 39-1.1 +- install everything in /usr + https://fedoraproject.org/wiki/Features/UsrMove + +* Wed Jan 25 2012 Lennart Poettering - 39-1 +- New upstream release + +* Sun Jan 22 2012 Michal Schmidt - 38-6.git9fa2f41 +- Update to a current git snapshot. +- Resolves: #781657 + +* Sun Jan 22 2012 Michal Schmidt - 38-5 +- Build against libgee06. Reenable gtk tools. +- Delete unused patches. +- Add easy building of git snapshots. +- Remove legacy spec file elements. +- Don't mention implicit BuildRequires. +- Configure with --disable-static. +- Merge -units into the main package. +- Move section 3 manpages to -devel. +- Fix unowned directory. +- Run ldconfig in scriptlets. +- Split systemd-analyze to a subpackage. + +* Sat Jan 21 2012 Dan Horák - 38-4 +- fix build on big-endians + +* Wed Jan 11 2012 Lennart Poettering - 38-3 +- Disable building of gtk tools for now + +* Wed Jan 11 2012 Lennart Poettering - 38-2 +- Fix a few (build) dependencies + +* Wed Jan 11 2012 Lennart Poettering - 38-1 +- New upstream release + +* Tue Nov 15 2011 Michal Schmidt - 37-4 +- Run authconfig if /etc/pam.d/system-auth is not a symlink. +- Resolves: #753160 + +* Wed Nov 02 2011 Michal Schmidt - 37-3 +- Fix remote-fs-pre.target and its ordering. +- Resolves: #749940 + +* Wed Oct 19 2011 Michal Schmidt - 37-2 +- A couple of fixes from upstream: +- Fix a regression in bash-completion reported in Bodhi. +- Fix a crash in isolating. +- Resolves: #717325 + +* Tue Oct 11 2011 Lennart Poettering - 37-1 +- New upstream release +- Resolves: #744726, #718464, #713567, #713707, #736756 + +* Thu Sep 29 2011 Michal Schmidt - 36-5 +- Undo the workaround. Kay says it does not belong in systemd. +- Unresolves: #741655 + +* Thu Sep 29 2011 Michal Schmidt - 36-4 +- Workaround for the crypto-on-lvm-on-crypto disk layout +- Resolves: #741655 + +* Sun Sep 25 2011 Michal Schmidt - 36-3 +- Revert an upstream patch that caused ordering cycles +- Resolves: #741078 + +* Fri Sep 23 2011 Lennart Poettering - 36-2 +- Add /etc/timezone to ghosted files + +* Fri Sep 23 2011 Lennart Poettering - 36-1 +- New upstream release +- Resolves: #735013, #736360, #737047, #737509, #710487, #713384 + +* Thu Sep 1 2011 Lennart Poettering - 35-1 +- New upstream release +- Update post scripts +- Resolves: #726683, #713384, #698198, #722803, #727315, #729997, #733706, #734611 + +* Thu Aug 25 2011 Lennart Poettering - 34-1 +- New upstream release + +* Fri Aug 19 2011 Harald Hoyer 33-2 +- fix ABRT on service file reloading +- Resolves: rhbz#732020 + +* Wed Aug 3 2011 Lennart Poettering - 33-1 +- New upstream release + +* Fri Jul 29 2011 Lennart Poettering - 32-1 +- New upstream release + +* Wed Jul 27 2011 Lennart Poettering - 31-2 +- Fix access mode of modprobe file, restart logind after upgrade + +* Wed Jul 27 2011 Lennart Poettering - 31-1 +- New upstream release + +* Wed Jul 13 2011 Lennart Poettering - 30-1 +- New upstream release + +* Thu Jun 16 2011 Lennart Poettering - 29-1 +- New upstream release + +* Mon Jun 13 2011 Michal Schmidt - 28-4 +- Apply patches from current upstream. +- Fixes memory size detection on 32-bit with >4GB RAM (BZ712341) + +* Wed Jun 08 2011 Michal Schmidt - 28-3 +- Apply patches from current upstream +- https://bugzilla.redhat.com/show_bug.cgi?id=709909 +- https://bugzilla.redhat.com/show_bug.cgi?id=710839 +- https://bugzilla.redhat.com/show_bug.cgi?id=711015 + +* Sat May 28 2011 Lennart Poettering - 28-2 +- Pull in nss-myhostname + +* Thu May 26 2011 Lennart Poettering - 28-1 +- New upstream release + +* Wed May 25 2011 Lennart Poettering - 26-2 +- Bugfix release +- https://bugzilla.redhat.com/show_bug.cgi?id=707507 +- https://bugzilla.redhat.com/show_bug.cgi?id=707483 +- https://bugzilla.redhat.com/show_bug.cgi?id=705427 +- https://bugzilla.redhat.com/show_bug.cgi?id=707577 + +* Sat Apr 30 2011 Lennart Poettering - 26-1 +- New upstream release +- https://bugzilla.redhat.com/show_bug.cgi?id=699394 +- https://bugzilla.redhat.com/show_bug.cgi?id=698198 +- https://bugzilla.redhat.com/show_bug.cgi?id=698674 +- https://bugzilla.redhat.com/show_bug.cgi?id=699114 +- https://bugzilla.redhat.com/show_bug.cgi?id=699128 + +* Thu Apr 21 2011 Lennart Poettering - 25-1 +- New upstream release +- https://bugzilla.redhat.com/show_bug.cgi?id=694788 +- https://bugzilla.redhat.com/show_bug.cgi?id=694321 +- https://bugzilla.redhat.com/show_bug.cgi?id=690253 +- https://bugzilla.redhat.com/show_bug.cgi?id=688661 +- https://bugzilla.redhat.com/show_bug.cgi?id=682662 +- https://bugzilla.redhat.com/show_bug.cgi?id=678555 +- https://bugzilla.redhat.com/show_bug.cgi?id=628004 + +* Wed Apr 6 2011 Lennart Poettering - 24-1 +- New upstream release +- https://bugzilla.redhat.com/show_bug.cgi?id=694079 +- https://bugzilla.redhat.com/show_bug.cgi?id=693289 +- https://bugzilla.redhat.com/show_bug.cgi?id=693274 +- https://bugzilla.redhat.com/show_bug.cgi?id=693161 + +* Tue Apr 5 2011 Lennart Poettering - 23-1 +- New upstream release +- Include systemd-sysv-convert + +* Fri Apr 1 2011 Lennart Poettering - 22-1 +- New upstream release + +* Wed Mar 30 2011 Lennart Poettering - 21-2 +- The quota services are now pulled in by mount points, hence no need to enable them explicitly + +* Tue Mar 29 2011 Lennart Poettering - 21-1 +- New upstream release + +* Mon Mar 28 2011 Matthias Clasen - 20-2 +- Apply upstream patch to not send untranslated messages to plymouth + +* Tue Mar 8 2011 Lennart Poettering - 20-1 +- New upstream release + +* Tue Mar 1 2011 Lennart Poettering - 19-1 +- New upstream release + +* Wed Feb 16 2011 Lennart Poettering - 18-1 +- New upstream release + +* Mon Feb 14 2011 Bill Nottingham - 17-6 +- bump upstart obsoletes (#676815) + +* Wed Feb 9 2011 Tom Callaway - 17-5 +- add macros.systemd file for %%{_unitdir} + +* Wed Feb 09 2011 Fedora Release Engineering - 17-4 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild + +* Wed Feb 9 2011 Lennart Poettering - 17-3 +- Fix popen() of systemctl, #674916 + +* Mon Feb 7 2011 Bill Nottingham - 17-2 +- add epoch to readahead obsolete + +* Sat Jan 22 2011 Lennart Poettering - 17-1 +- New upstream release + +* Tue Jan 18 2011 Lennart Poettering - 16-2 +- Drop console.conf again, since it is not shipped in pamtmp.conf + +* Sat Jan 8 2011 Lennart Poettering - 16-1 +- New upstream release + +* Thu Nov 25 2010 Lennart Poettering - 15-1 +- New upstream release + +* Thu Nov 25 2010 Lennart Poettering - 14-1 +- Upstream update +- Enable hwclock-load by default +- Obsolete readahead +- Enable /var/run and /var/lock on tmpfs + +* Fri Nov 19 2010 Lennart Poettering - 13-1 +- new upstream release + +* Wed Nov 17 2010 Bill Nottingham 12-3 +- Fix clash + +* Wed Nov 17 2010 Lennart Poettering - 12-2 +- Don't clash with initscripts for now, so that we don't break the builders + +* Wed Nov 17 2010 Lennart Poettering - 12-1 +- New upstream release + +* Fri Nov 12 2010 Matthias Clasen - 11-2 +- Rebuild with newer vala, libnotify + +* Thu Oct 7 2010 Lennart Poettering - 11-1 +- New upstream release + +* Wed Sep 29 2010 Jesse Keating - 10-6 +- Rebuilt for gcc bug 634757 + +* Thu Sep 23 2010 Bill Nottingham - 10-5 +- merge -sysvinit into main package + +* Mon Sep 20 2010 Bill Nottingham - 10-4 +- obsolete upstart-sysvinit too + +* Fri Sep 17 2010 Bill Nottingham - 10-3 +- Drop upstart requires + +* Tue Sep 14 2010 Lennart Poettering - 10-2 +- Enable audit +- https://bugzilla.redhat.com/show_bug.cgi?id=633771 + +* Tue Sep 14 2010 Lennart Poettering - 10-1 +- New upstream release +- https://bugzilla.redhat.com/show_bug.cgi?id=630401 +- https://bugzilla.redhat.com/show_bug.cgi?id=630225 +- https://bugzilla.redhat.com/show_bug.cgi?id=626966 +- https://bugzilla.redhat.com/show_bug.cgi?id=623456 + +* Fri Sep 3 2010 Bill Nottingham - 9-3 +- move fedora-specific units to initscripts; require newer version thereof + +* Fri Sep 3 2010 Lennart Poettering - 9-2 +- Add missing tarball + +* Fri Sep 3 2010 Lennart Poettering - 9-1 +- New upstream version +- Closes 501720, 614619, 621290, 626443, 626477, 627014, 627785, 628913 + +* Fri Aug 27 2010 Lennart Poettering - 8-3 +- Reexecute after installation, take ownership of /var/run/user +- https://bugzilla.redhat.com/show_bug.cgi?id=627457 +- https://bugzilla.redhat.com/show_bug.cgi?id=627634 + +* Thu Aug 26 2010 Lennart Poettering - 8-2 +- Properly create default.target link + +* Wed Aug 25 2010 Lennart Poettering - 8-1 +- New upstream release + +* Thu Aug 12 2010 Lennart Poettering - 7-3 +- Fix https://bugzilla.redhat.com/show_bug.cgi?id=623561 + +* Thu Aug 12 2010 Lennart Poettering - 7-2 +- Fix https://bugzilla.redhat.com/show_bug.cgi?id=623430 + +* Tue Aug 10 2010 Lennart Poettering - 7-1 +- New upstream release + +* Fri Aug 6 2010 Lennart Poettering - 6-2 +- properly hide output on package installation +- pull in coreutils during package installtion + +* Fri Aug 6 2010 Lennart Poettering - 6-1 +- New upstream release +- Fixes #621200 + +* Wed Aug 4 2010 Lennart Poettering - 5-2 +- Add tarball + +* Wed Aug 4 2010 Lennart Poettering - 5-1 +- Prepare release 5 + +* Tue Jul 27 2010 Bill Nottingham - 4-4 +- Add 'sysvinit-userspace' provide to -sysvinit package to fix upgrade/install (#618537) + +* Sat Jul 24 2010 Lennart Poettering - 4-3 +- Add libselinux to build dependencies + +* Sat Jul 24 2010 Lennart Poettering - 4-2 +- Use the right tarball + +* Sat Jul 24 2010 Lennart Poettering - 4-1 +- New upstream release, and make default + +* Tue Jul 13 2010 Lennart Poettering - 3-3 +- Used wrong tarball + +* Tue Jul 13 2010 Lennart Poettering - 3-2 +- Own /cgroup jointly with libcgroup, since we don't dpend on it anymore + +* Tue Jul 13 2010 Lennart Poettering - 3-1 +- New upstream release + +* Fri Jul 9 2010 Lennart Poettering - 2-0 +- New upstream release + +* Wed Jul 7 2010 Lennart Poettering - 1-0 +- First upstream release + +* Tue Jun 29 2010 Lennart Poettering - 0-0.7.20100629git4176e5 +- New snapshot +- Split off -units package where other packages can depend on without pulling in the whole of systemd + +* Tue Jun 22 2010 Lennart Poettering - 0-0.6.20100622gita3723b +- Add missing libtool dependency. + +* Tue Jun 22 2010 Lennart Poettering - 0-0.5.20100622gita3723b +- Update snapshot + +* Mon Jun 14 2010 Rahul Sundaram - 0-0.4.20100614git393024 +- Pull the latest snapshot that fixes a segfault. Resolves rhbz#603231 + +* Fri Jun 11 2010 Rahul Sundaram - 0-0.3.20100610git2f198e +- More minor fixes as per review + +* Thu Jun 10 2010 Rahul Sundaram - 0-0.2.20100610git2f198e +- Spec improvements from David Hollis + +* Wed Jun 09 2010 Rahul Sundaram - 0-0.1.20090609git2f198e +- Address review comments + +* Tue Jun 01 2010 Rahul Sundaram - 0-0.0.git2010-06-02 +- Initial spec (adopted from Kay Sievers) diff --git a/sysusers.attr b/sysusers.attr deleted file mode 100644 index 367c137..0000000 --- a/sysusers.attr +++ /dev/null @@ -1,2 +0,0 @@ -%__sysusers_provides %{_rpmconfigdir}/sysusers.prov -%__sysusers_path ^%{_sysusersdir}/.*\\.conf$ diff --git a/sysusers.generate-pre.sh b/sysusers.generate-pre.sh deleted file mode 100755 index 944abff..0000000 --- a/sysusers.generate-pre.sh +++ /dev/null @@ -1,96 +0,0 @@ -#!/bin/bash -# -*- mode: shell-script; indent-tabs-mode: true; tab-width: 4; -*- - -# This script turns sysuser.d files into scriptlets mandated by Fedora -# packaging guidelines. The general idea is to define users using the -# declarative syntax but to turn this into traditional scriptlets. - -user() { - user="$1" - uid="$2" - desc="$3" - group="$4" - home="$5" - shell="$6" - - [ "$desc" = '-' ] && desc= - { [ "$home" = '-' ] || [ "$home" = '' ]; } && home=/ - { [ "$shell" = '-' ] || [ "$shell" = '' ]; } && shell=/usr/sbin/nologin - - if [ "$uid" = '-' ] || [ "$uid" = '' ]; then - cat <<-EOF - getent passwd '$user' >/dev/null || \\ - useradd -r -g ${group@Q} -d ${home@Q} -s ${shell@Q} -c ${desc@Q} ${user@Q} || : - EOF - else - cat <<-EOF - if ! getent passwd ${user@Q} >/dev/null; then - if ! getent passwd ${uid@Q} >/dev/null; then - useradd -r -u ${uid@Q} -g ${group@Q} -d ${home@Q} -s ${shell@Q} -c ${desc@Q} ${user@Q} || : - else - useradd -r -g ${group@Q} -d ${home@Q} -s ${shell@Q} -c ${desc@Q} ${user@Q} || : - fi - fi - - EOF - fi -} - -group() { - group="$1" - gid="$2" - - if [ "$gid" = '-' ]; then - cat <<-EOF - getent group ${group@Q} >/dev/null || groupadd -r ${group@Q} || : - EOF - else - cat <<-EOF - getent group ${group@Q} >/dev/null || groupadd -f -g ${gid@Q} -r ${group@Q} || : - EOF - fi -} - -usermod() { - user="$1" - group="$2" - - cat <<-EOF - if getent group ${group@Q} >/dev/null; then - usermod -a -G ${group@Q} '$user' || : - fi - EOF -} - -parse() { - while read -r line || [ -n "$line" ] ; do - { [ "${line:0:1}" = '#' ] || [ "${line:0:1}" = ';' ]; } && continue - line="${line## *}" - [ -z "$line" ] && continue - eval "arr=( $line )" - case "${arr[0]}" in - ('u'|'u!') - if [[ "${arr[2]}" == *":"* ]]; then - user "${arr[1]}" "${arr[2]%:*}" "${arr[3]}" "${arr[2]#*:}" "${arr[4]}" "${arr[5]}" - else - group "${arr[1]}" "${arr[2]}" - user "${arr[1]}" "${arr[2]}" "${arr[3]}" "${arr[1]}" "${arr[4]}" "${arr[5]}" - fi - ;; - ('g') - group "${arr[1]}" "${arr[2]}" - ;; - ('m') - group "${arr[2]}" "-" - user "${arr[1]}" "-" "" "${arr[1]}" "" "" - usermod "${arr[1]}" "${arr[2]}" - ;; - esac - done -} - -for fn in "$@"; do - [ -e "$fn" ] || continue - echo "# generated from $(basename "$fn")" - parse <"$fn" -done diff --git a/sysusers.prov b/sysusers.prov deleted file mode 100755 index 7b3d704..0000000 --- a/sysusers.prov +++ /dev/null @@ -1,61 +0,0 @@ -#!/bin/bash - -process_u() { - if [ ! -z "${2##*[!0-9]*}" ]; then - # Single shared static ID. - echo "user($1) = $2" - echo "group($1) = $2" - elif [[ $2 == *:* ]]; then - # UID:. - uid=$(echo $2 | cut -d':' -f1 -) - group=$(echo $2 | cut -d':' -f2 -) - if [ ! -z "${group##*[!0-9]*}" ]; then - # UID:GID. - echo "user($1) = ${uid}" - echo "group($1) = ${group}" - else - # UID:. - echo "user($1) = ${uid}" - echo "group(${group})" - fi - else - # Dynamic (or something else uninteresting). - echo "user($1)" - echo "group($1)" - fi -} - -process_g() { - if [ ! -z "${2##*[!0-9]*}" ]; then - # Static GID. - echo "group($1) = $2" - else - # Dynamic (or something else uninteresting). - echo "group($1)" - fi -} - -parse() { - while read line; do - [ "${line:0:1}" = '#' -o "${line:0:1}" = ';' ] && continue - line="${line## *}" - [ -z "$line" ] && continue - set -- $line - case "$1" in - ('u'|'u!') - process_u "$2" "$3" - ;; - ('g') - process_g "$2" "$3" - ;; - ('m') - echo "user($2)" - echo "group($3)" - ;; - esac - done -} - -while read fn; do - parse < "$fn" -done diff --git a/test_sysusers_defined.py b/test_sysusers_defined.py deleted file mode 100755 index 3c1e04f..0000000 --- a/test_sysusers_defined.py +++ /dev/null @@ -1,39 +0,0 @@ -#!/usr/bin/python - -import os -import sys - -def parse_sysusers_file(filename): - users, groups = set(), set() - - for line in open(filename): - line = line.strip() - if not line or line.startswith('#'): - continue - words = line.split() - match words[0]: - case 'u'|'u!': - users.add(words[1]) - case 'g': - groups.add(words[1]) - case 'm'|'r': - continue - case _: - assert False - return users, groups - -setup_users, setup_groups = set(), set() - -for arg in sys.argv[1:-1]: - users, groups = parse_sysusers_file(arg) - setup_users |= users - setup_groups |= groups - -basic_users, basic_groups = parse_sysusers_file(sys.argv[-1]) - -ignored = set(os.getenv('IGNORED', '').split()) - -if d := basic_users - setup_users - ignored: - exit(f'We have new users: {d}') -if d := basic_groups - setup_groups - ignored: - exit(f'We have new groups: {d}') diff --git a/triggers.systemd b/triggers.systemd index 28ddc1f..90a5d84 100644 --- a/triggers.systemd +++ b/triggers.systemd @@ -1,85 +1,158 @@ # -*- Mode: rpm-spec; indent-tabs-mode: nil -*- */ -# SPDX-License-Identifier: LGPL-2.1-or-later +# SPDX-License-Identifier: LGPL-2.1+ # # This file is part of systemd. # +# Copyright 2015 Zbigniew Jędrzejewski-Szmek # Copyright 2018 Neal Gompa +# +# systemd is free software; you can redistribute it and/or modify it +# under the terms of the GNU Lesser General Public License as published by +# the Free Software Foundation; either version 2.1 of the License, or +# (at your option) any later version. +# +# systemd is distributed in the hope that it will be useful, but +# WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +# Lesser General Public License for more details. +# +# You should have received a copy of the GNU Lesser General Public License +# along with systemd; If not, see . # The contents of this are an example to be copied into systemd.spec. # -# Minimum rpm version supported: 4.14.0 +# Minimum rpm version supported: 4.13.0 -%transfiletriggerin -P 900900 -- /usr/lib/systemd/system/ /etc/systemd/system/ -# This script will run after any package is initially installed or -# upgraded. We care about the case where a package is initially -# installed, because other cases are covered by the *un scriptlets, -# so sometimes we will reload needlessly. -/usr/lib/systemd/systemd-update-helper system-reload-restart || : +%transfiletriggerin -P 900900 -p -- /usr/lib/systemd/system /etc/systemd/system +-- This script will run after any package is initially installed or +-- upgraded. We care about the case where a package is initially +-- installed, because other cases are covered by the *un scriptlets, +-- so sometimes we will reload needlessly. -%transfiletriggerin -P 900899 -- /usr/lib/systemd/user/ /etc/systemd/user/ -/usr/lib/systemd/systemd-update-helper user-reload-restart || : +if posix.access("/run/systemd/system") then + pid = posix.fork() + if pid == 0 then + assert(posix.exec("%{_bindir}/systemctl", "daemon-reload")) + elseif pid > 0 then + posix.wait(pid) + end +end -%transfiletriggerpostun -P 1000100 -- /usr/lib/systemd/system/ /etc/systemd/system/ -# On removal, we need to run daemon-reload after any units have been -# removed. -# On upgrade, we need to run daemon-reload after any new unit files -# have been installed, but before %postun scripts in packages get -# executed. -/usr/lib/systemd/systemd-update-helper system-reload || : +%transfiletriggerun -p -- /usr/lib/systemd/system /etc/systemd/system +-- On removal, we need to run daemon-reload after any units have been +-- removed. %transfiletriggerpostun would be ideal, but it does not get +-- executed for some reason. +-- On upgrade, we need to run daemon-reload after any new unit files +-- have been installed, but before %postun scripts in packages get +-- executed. %transfiletriggerun gets the right list of files +-- but it is invoked too early (before changes happen). +-- %filetriggerpostun happens at the right time, but it fires for +-- every package. +-- To execute the reload at the right time, we create a state +-- file in %transfiletriggerun and execute the daemon-reload in +-- the first %filetriggerpostun. -%transfiletriggerpostun -P 1000099 -- /usr/lib/systemd/user/ /etc/systemd/user/ -# Execute daemon-reload in user managers. -/usr/lib/systemd/systemd-update-helper user-reload || : +if posix.access("/run/systemd/system") then + posix.mkdir("%{_localstatedir}/lib") + posix.mkdir("%{_localstatedir}/lib/rpm-state") + posix.mkdir("%{_localstatedir}/lib/rpm-state/systemd") + io.open("%{_localstatedir}/lib/rpm-state/systemd/needs-reload", "w") +end -%transfiletriggerpostun -P 10000 -- /usr/lib/systemd/system/ /etc/systemd/system/ -# We restart remaining system services that should be restarted here. -/usr/lib/systemd/systemd-update-helper system-restart || : +%filetriggerpostun -P 1000100 -p -- /usr/lib/systemd/system /etc/systemd/system +if posix.access("%{_localstatedir}/lib/rpm-state/systemd/needs-reload") then + posix.unlink("%{_localstatedir}/lib/rpm-state/systemd/needs-reload") + posix.rmdir("%{_localstatedir}/lib/rpm-state/systemd") + pid = posix.fork() + if pid == 0 then + assert(posix.exec("%{_bindir}/systemctl", "daemon-reload")) + elseif pid > 0 then + posix.wait(pid) + end +end -%transfiletriggerpostun -P 9999 -- /usr/lib/systemd/user/ /etc/systemd/user/ -# We restart remaining user services that should be restarted here. -/usr/lib/systemd/systemd-update-helper user-restart || : +%transfiletriggerin -P 100700 -p -- /usr/lib/sysusers.d +-- This script will process files installed in /usr/lib/sysusers.d to create +-- specified users automatically. The priority is set such that it +-- will run before the tmpfiles file trigger. +if posix.access("/run/systemd/system") then + pid = posix.fork() + if pid == 0 then + assert(posix.exec("%{_bindir}/systemd-sysusers")) + elseif pid > 0 then + posix.wait(pid) + end +end -%transfiletriggerin -P 1000700 -- /usr/lib/sysusers.d/ -# This script will process files installed in /usr/lib/sysusers.d to create -# specified users automatically. The priority is set such that it -# will run before the tmpfiles file trigger. -systemd-sysusers || : +%transfiletriggerin -P 100500 -p -- /usr/lib/tmpfiles.d +-- This script will process files installed in /usr/lib/tmpfiles.d to create +-- tmpfiles automatically. The priority is set such that it will run +-- after the sysusers file trigger, but before any other triggers. +if posix.access("/run/systemd/system") then + pid = posix.fork() + if pid == 0 then + assert(posix.exec("%{_bindir}/systemd-tmpfiles", "--create")) + elseif pid > 0 then + posix.wait(pid) + end +end -%transfiletriggerin -P 1000700 udev -- /usr/lib/udev/hwdb.d/ -# This script will automatically invoke hwdb update if files have been -# installed or updated in /usr/lib/udev/hwdb.d. -systemd-hwdb update || : +%transfiletriggerin -p -- /usr/lib/udev/hwdb.d +-- This script will automatically invoke hwdb update if files have been +-- installed or updated in /usr/lib/udev/hwdb.d. +if posix.access("/run/systemd/system") then + pid = posix.fork() + if pid == 0 then + assert(posix.exec("%{_bindir}/systemd-hwdb", "update")) + elseif pid > 0 then + posix.wait(pid) + end +end -%transfiletriggerin -P 1000700 -- /usr/lib/systemd/catalog/ -# This script will automatically invoke journal catalog update if files -# have been installed or updated in /usr/lib/systemd/catalog. -journalctl --update-catalog || : +%transfiletriggerin -p -- /usr/lib/systemd/catalog +-- This script will automatically invoke journal catalog update if files +-- have been installed or updated in /usr/lib/systemd/catalog. +if posix.access("/run/systemd/system") then + pid = posix.fork() + if pid == 0 then + assert(posix.exec("%{_bindir}/journalctl", "--update-catalog")) + elseif pid > 0 then + posix.wait(pid) + end +end -%transfiletriggerin -P 1000700 -- /usr/lib/binfmt.d/ -# This script will automatically apply binfmt rules if files have been -# installed or updated in /usr/lib/binfmt.d. -if test -d "/run/systemd/system"; then - # systemd-binfmt might fail if binfmt_misc kernel module is not loaded - # during install - /usr/lib/systemd/systemd-binfmt || : -fi +%transfiletriggerin -p -- /usr/lib/udev/rules.d +-- This script will automatically update udev with new rules if files +-- have been installed or updated in /usr/lib/udev/rules.d. +if posix.access("/run/systemd/system") then + pid = posix.fork() + if pid == 0 then + assert(posix.exec("%{_bindir}/udevadm", "control", "--reload")) + elseif pid > 0 then + posix.wait(pid) + end +end -%transfiletriggerin -P 1000600 -- /usr/lib/tmpfiles.d/ -# This script will process files installed in /usr/lib/tmpfiles.d to create -# tmpfiles automatically. The priority is set such that it will run -# after the sysusers file trigger, but before any other triggers. -if test -d "/run/systemd/system"; then - systemd-tmpfiles --create || : -fi +%transfiletriggerin -p -- /usr/lib/sysctl.d +-- This script will automatically apply sysctl rules if files have been +-- installed or updated in /usr/lib/sysctl.d. +if posix.access("/run/systemd/system") then + pid = posix.fork() + if pid == 0 then + assert(posix.exec("/usr/lib/systemd/systemd-sysctl")) + elseif pid > 0 then + posix.wait(pid) + end +end -%transfiletriggerin -P 1000600 udev -- /usr/lib/udev/rules.d/ -# This script will automatically update udev with new rules if files -# have been installed or updated in /usr/lib/udev/rules.d. -/usr/lib/systemd/systemd-update-helper mark-reload-system-units systemd-udevd.service || : - -%transfiletriggerin -P 1000500 -- /usr/lib/sysctl.d/ -# This script will automatically apply sysctl rules if files have been -# installed or updated in /usr/lib/sysctl.d. -if test -d "/run/systemd/system"; then - /usr/lib/systemd/systemd-sysctl || : -fi +%transfiletriggerin -p -- /usr/lib/binfmt.d +-- This script will automatically apply binfmt rules if files have been +-- installed or updated in /usr/lib/binfmt.d. +if posix.access("/run/systemd/system") then + pid = posix.fork() + if pid == 0 then + assert(posix.exec("/usr/lib/systemd/systemd-binfmt")) + elseif pid > 0 then + posix.wait(pid) + end +end diff --git a/yum-protect-systemd.conf b/yum-protect-systemd.conf new file mode 100644 index 0000000..39426d7 --- /dev/null +++ b/yum-protect-systemd.conf @@ -0,0 +1,2 @@ +systemd +systemd-udev