mirrors/flatcar-scripts
1
0
Fork 0
mirror of https://github.com/flatcar/scripts.git synced 2025-08-18 10:27:00 +02:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #1268 from flatcar-linux/sayan/systemd-v249

Browse Source 
sys-apps/systemd: Update to v249
This commit is contained in:
Sayan Chowdhury 2021-10-07 14:54:52 +05:30 committed by GitHub
commit 0365faaa3d
13 changed files with 260 additions and 176 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
sdk_container/src/third_party/coreos-overlay/profiles/coreos/base/package.use vendored
View File

@ -144,3 +144,6 @@ net-firewall/iptables nftables
# Install `perl` with a minimal set of dependencies
dev-lang/perl minimal
# Disable cgroup-hybrid as we use the unified mode
sys-apps/systemd -cgroup-hybrid

2
sdk_container/src/third_party/coreos-overlay/sys-apps/baselayout/baselayout-9999.ebuild vendored
View File

@ -9,7 +9,7 @@ CROS_WORKON_REPO="git://github.com"
if [[ "${PV}" == 9999 ]]; then
KEYWORDS="~amd64 ~arm ~arm64 ~x86"
else
CROS_WORKON_COMMIT="02af6a455750d698d3af3397d55595adf63c1217" # flatcar-master
CROS_WORKON_COMMIT="8b127fd75007c9f3571f017dd0be6e1dff5d36ae" # flatcar-master
KEYWORDS="amd64 arm arm64 x86"
fi

2
sdk_container/src/third_party/coreos-overlay/sys-apps/systemd/Manifest vendored
View File

@ -1 +1 @@
DIST systemd-stable-247.9.tar.gz 9915803 BLAKE2B cca6a40dac78d48eb0f7752e96b19894baff1cd462b8a3001e121820ca792a4752c03d725e13d91f238ce26980c62b1830b49e56ae7bfdc7b48b838508810163 SHA512 61cd36bec931a3550c9d25abd86d12b031d55cebf3c31eb08805947484aa93d215e3d12227cd41131a26c2a6024a74b1fef5cd4929e6240f916279bfbfc67116
DIST systemd-stable-249.3.tar.gz 10592081 BLAKE2B e780ffeedbe916c8c633937475b14586023f80e438f9afcdce264ae97e34443567af2c35cba16e19f8456f40e5a16ce71e6cdd61b1d7995cb99fbfbdb4700aac SHA512 06cf03e448f0a311cca5faa2c3e75087355441514dc3d7d6d7f0924b27cdd21867d0dbb33ff2e9451e2ae90eb6fb206c77539805f30c7e54f6a1e7b6800c0120

13
sdk_container/src/third_party/coreos-overlay/sys-apps/systemd/README vendored
View File

@ -1,13 +0,0 @@
= CoreOS systemd packages
The systemd git repo lives in src/third_party/systemd and is normally
checked out to the 'master' branch by repo and the live ebuild,
systemd-9999, will build the master branch. Release ebuilds must
specify a specific git commit to build which may be the upstream tagged
commit (e.g. v218) or a commit on one of the CoreOS release branches
(e.g. v218-coreos). If you want to use cros-workon and the live ebuild
to test new changes to a release branch it is up to you to check out
that branch in src/third_party/systemd and be warned: a repo sync will
always switch back to master. I don't have a particularly good
recommendation for dealing with this, repo thinks it should be
authoritative when in fact it is the ebuilds that are authoritative.

8
sdk_container/src/third_party/coreos-overlay/sys-apps/systemd/files/0004-wait-online-set-any-by-default.patch vendored
View File

@ -15,18 +15,18 @@ earlier) for the original implementation.
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/network/wait-online/wait-online.c b/src/network/wait-online/wait-online.c
index cfd9093f1a..3c67e3a379 100644
index 1b24b6f1a6..dedbd50725 100644
--- a/src/network/wait-online/wait-online.c
+++ b/src/network/wait-online/wait-online.c
@@ -19,7 +19,7 @@ static usec_t arg_timeout = 120 * USEC_PER_SEC;
static Hashmap *arg_interfaces = NULL;
@@ -20,7 +20,7 @@ static Hashmap *arg_interfaces = NULL;
static char **arg_ignore = NULL;
static LinkOperationalStateRange arg_required_operstate = { _LINK_OPERSTATE_INVALID, _LINK_OPERSTATE_INVALID };
static AddressFamily arg_required_family = ADDRESS_FAMILY_NO;
-static bool arg_any = false;
+static bool arg_any = true;
STATIC_DESTRUCTOR_REGISTER(arg_interfaces, hashmap_free_free_freep);
STATIC_DESTRUCTOR_REGISTER(arg_ignore, strv_freep);
--
2.26.2
2.30.2

8
sdk_container/src/third_party/coreos-overlay/sys-apps/systemd/files/0005-networkd-default-to-kernel-IPForwarding-setting.patch vendored
View File

@ -8,17 +8,17 @@ Subject: [PATCH 2/5] networkd: default to "kernel" IPForwarding setting
1 file changed, 1 insertion(+)
diff --git a/src/network/networkd-network.c b/src/network/networkd-network.c
index 3254641461..4f34daa919 100644
index 850b4f449e..951c2d0815 100644
--- a/src/network/networkd-network.c
+++ b/src/network/networkd-network.c
@@ -410,6 +410,7 @@ int network_load_one(Manager *manager, OrderedHashmap **networks, const char *fi
@@ -398,6 +398,7 @@ int network_load_one(Manager *manager, OrderedHashmap **networks, const char *fi
.ipv6ll_address_gen_mode = _IPV6_LINK_LOCAL_ADDRESS_GEN_MODE_INVALID,
.ipv4_accept_local = -1,
+ .ip_forward = _ADDRESS_FAMILY_INVALID,
.ipv4_route_localnet = -1,
.ipv6_privacy_extensions = IPV6_PRIVACY_EXTENSIONS_NO,
.ipv6_accept_ra = -1,
.ipv6_dad_transmits = -1,
--
2.26.2
2.30.2

84
sdk_container/src/third_party/coreos-overlay/sys-apps/systemd/files/0009-core-handle-lookup-paths-being-symlinks.patch vendored Normal file
View File

@ -0,0 +1,84 @@
From 67d9962aa637401a1332069b6c8ad99a54e2b451 Mon Sep 17 00:00:00 2001
From: Sayan Chowdhury <sayan@kinvolk.io>
Date: Wed, 8 Sep 2021 12:10:35 +0530
Subject: [PATCH] core: handle lookup paths being symlinks
With a recent change paths leaving the statically known lookup paths
would be treated differently then those that remained within those. That
was done (AFAIK) to consistently handle alias names. Unfortunately that
means that on some distributions, especially those where /etc/ consists
mostly of symlinks, would trigger that new detection for every single
unit in /etc/systemd/system. The reason for that is that the units
directory itself is already a symlink.
Original Patch from: https://github.com/systemd/systemd/pull/20479
Signed-off-by: Sayan Chowdhury <sayan@kinvolk.io>
---
src/basic/unit-file.c | 33 +++++++++++++++++++++++++++++++--
1 file changed, 31 insertions(+), 2 deletions(-)
diff --git a/src/basic/unit-file.c b/src/basic/unit-file.c
index 884a0674a9..3ae2a115d0 100644
--- a/src/basic/unit-file.c
+++ b/src/basic/unit-file.c
@@ -254,6 +254,7 @@ int unit_file_build_name_map(
_cleanup_hashmap_free_ Hashmap *ids = NULL, *names = NULL;
_cleanup_set_free_free_ Set *paths = NULL;
+ _cleanup_strv_free_ char **expanded_search_paths = NULL;
uint64_t timestamp_hash;
char **dir;
int r;
@@ -273,6 +274,34 @@ int unit_file_build_name_map(
return log_oom();
}
+ /* Go over all our search paths, chase their symlinks and store the
+ * result in the expanded_search_paths list.
+ *
+ * This is important for cases where any of the unit directories itself
+ * are symlinks into other directories and would therefore cause all of
+ * the unit files to be recognized as linked units.
+ *
+ * This is important for distributions such as NixOS where most paths
+ * in /etc/ are symlinks to some other location on the filesystem (e.g.
+ * into /nix/store/).
+ */
+ STRV_FOREACH(dir, (char**) lp->search_path) {
+ _cleanup_free_ char *resolved_dir = NULL;
+ r = strv_extend(&expanded_search_paths, *dir);
+ if (r < 0)
+ return log_oom();
+
+ r = chase_symlinks(*dir, NULL, 0, &resolved_dir, NULL);
+ if (r < 0) {
+ if (r != -ENOENT)
+ log_warning_errno(r, "Failed to resolve symlink %s, ignoring: %m", *dir);
+ continue;
+ }
+
+ if (strv_consume(&expanded_search_paths, TAKE_PTR(resolved_dir)) < 0)
+ return log_oom();
+ }
+
STRV_FOREACH(dir, (char**) lp->search_path) {
struct dirent *de;
_cleanup_closedir_ DIR *d = NULL;
@@ -351,11 +380,11 @@ int unit_file_build_name_map(
continue;
}
- /* Check if the symlink goes outside of our search path.
+ /* Check if the symlink goes outside of our (expanded) search path.
* If yes, it's a linked unit file or mask, and we don't care about the target name.
* Let's just store the link source directly.
* If not, let's verify that it's a good symlink. */
- char *tail = path_startswith_strv(simplified, lp->search_path);
+ char *tail = path_startswith_strv(simplified, expanded_search_paths);
if (!tail) {
log_debug("%s: linked unit file: %s → %s",
__func__, filename, simplified);
--
2.30.2

26
sdk_container/src/third_party/coreos-overlay/sys-apps/systemd/files/249-libudev-static.patch vendored Normal file
View File

@ -0,0 +1,26 @@
From f2c57d4f3805775e0ffdc80ce578eaa737017d31 Mon Sep 17 00:00:00 2001
From: Mike Gilbert <floppym@gentoo.org>
Date: Fri, 9 Jul 2021 13:05:23 -0400
Subject: [PATCH] libudev: add "Libs.private: -lrt -pthread" to libudev.pc
This resolves a failure when linking cryptsetup.static against libudev.a.
```
libtool: link: x86_64-pc-linux-gnu-gcc -Wall -O2 -pipe -march=amdfam10 -static -O2 -o cryptsetup.static lib/utils_crypt.o lib/utils_loop.o lib/utils_io.o lib/utils_blkid.o src/utils_tools.o src/utils_password.o src/utils_luks2.o src/utils_blockdev.o src/cryptsetup.o -pthread -pthread -Wl,--as-needed ./.libs/libcryptsetup.a -largon2 -lrt -ljson-c -lpopt -luuid -lblkid -lssl -lcrypto -lz -ldl -ldevmapper -lm -lpthread -ludev -pthread
/usr/lib/gcc/x86_64-pc-linux-gnu/11.1.0/../../../../x86_64-pc-linux-gnu/bin/ld: /usr/lib/gcc/x86_64-pc-linux-gnu/11.1.0/../../../../lib64/libudev.a(src_libsystemd_sd-daemon_sd-daemon.c.o): in function `sd_is_mq':
(.text.sd_is_mq+0x3a): undefined reference to `mq_getattr'
```
---
src/libudev/libudev.pc.in | 1 +
1 file changed, 1 insertion(+)
diff --git a/src/libudev/libudev.pc.in b/src/libudev/libudev.pc.in
index 89028aaa6bf2..1d6487fa4084 100644
--- a/src/libudev/libudev.pc.in
+++ b/src/libudev/libudev.pc.in
@@ -16,4 +16,5 @@ Name: libudev
Description: Library to access udev device information
Version: {{PROJECT_VERSION}}
Libs: -L${libdir} -ludev
+Libs.private: -lrt -pthread
Cflags: -I${includedir}

4
sdk_container/src/third_party/coreos-overlay/sys-apps/systemd/files/systemd-flatcar.conf vendored
View File

@ -1,4 +1,5 @@
d /etc/binfmt.d - - - - -
d /etc/kernel/install.d - - - - -
d /etc/modules-load.d - - - - -
d /etc/sysctl.d - - - - -
d /etc/systemd - - - - -
@ -7,4 +8,7 @@ d /etc/systemd/system - - - - -
d /etc/systemd/user - - - - -
d /etc/tmpfiles.d - - - - -
d /etc/sysusers.d - - - - -
d /etc/udev/hwdb.d - - - - -
d /etc/udev/rules.d - - - - -
d /var/lib/systemd - - - - -
d /var/log/journal/remote - systemd-journal-remote systemd-journal-remote - -

5
sdk_container/src/third_party/coreos-overlay/sys-apps/systemd/files/systemd-user.pam vendored Normal file
View File

@ -0,0 +1,5 @@
account include system-auth
session required pam_loginuid.so
session include system-auth
session optional pam_systemd.so

10
sdk_container/src/third_party/coreos-overlay/sys-apps/systemd/metadata.xml vendored
View File

@ -11,21 +11,27 @@
<use>
<flag name="apparmor">Enable AppArmor support</flag>
<flag name="audit">Enable support for <pkg>sys-process/audit</pkg></flag>
<flag name="cgroup-hybrid">Default to hybrid (legacy) cgroup hierarchy instead of unified (modern).</flag>
<flag name="curl">Enable support for uploading journals</flag>
<flag name="cryptsetup">Enable cryptsetup tools (includes unit generator for crypttab)</flag>
<flag name="dns-over-tls">Enable DNS-over-TLS support</flag>
<flag name="gnuefi">Enable EFI boot manager and stub loader (built using <pkg>sys-boot/gnu-efi</pkg>)</flag>
<flag name="elfutils">Enable coredump stacktraces in the journal</flag>
<flag name="gcrypt">Enable sealing of journal files using gcrypt</flag>
<flag name="homed">Enable portable home directories</flag>
<flag name="http">Enable embedded HTTP server in journald</flag>
<flag name="hwdb">Enable support for the hardware database</flag>
<flag name="importd">Enable import daemon</flag>
<flag name="kmod">Enable kernel module loading via <pkg>sys-apps/kmod</pkg></flag>
<flag name="libidn2">If IDN support is enabled, use <pkg>net-dns/libidn2</pkg> instead of <pkg>net-dns/libidn</pkg></flag>
<flag name="lz4">Enable lz4 compression for the journal</flag>
<flag name="nat">Enable support for network address translation in networkd</flag>
<flag name="pkcs11">Enable PKCS#11 support for cryptsetup and homed</flag>
<flag name="pwquality">Enable password quality checking in homed</flag>
<flag name="repart">Enable support for growing/adding partitions</flag>
<flag name="qrcode">Enable qrcode output support in journal</flag>
<flag name="resolvconf">Install resolvconf symlink for systemd-resolve</flag>
<flag name="sysv-utils">Install sysvinit compatibility symlinks and manpages for init, telinit, halt, poweroff, reboot, runlevel, and shutdown</flag>
<flag name="split-usr">Enable this if /bin and /usr/bin are separate directories</flag>
<flag name="tpm">Enable TPM support</flag>
<flag name="vanilla">Disable Gentoo-specific behavior and compatibility quirks</flag>
<flag name="xkb">Depend on <pkg>x11-libs/libxkbcommon</pkg> to allow logind to control the X11 keymap</flag>
</use>

0
sdk_container/src/third_party/coreos-overlay/sys-apps/systemd/systemd-247.9.ebuild → sdk_container/src/third_party/coreos-overlay/sys-apps/systemd/systemd-249.3.ebuild vendored
View File

267
sdk_container/src/third_party/coreos-overlay/sys-apps/systemd/systemd-9999.ebuild vendored
View File

@ -1,11 +1,9 @@
# Copyright 2011-2020 Gentoo Authors
# Copyright 2011-2021 Gentoo Authors
# Distributed under the terms of the GNU General Public License v2
# Flatcar: Based on systemd-246-r2.ebuild from commit
# 4bf7b81548f70cbf7ce5ae377e85fd21ae259ce7 in gentoo repo (see
# https://gitweb.gentoo.org/repo/gentoo.git/plain/sys-apps/systemd/systemd-246-r2.ebuild?id=4bf7b81548f70cbf7ce5ae377e85fd21ae259ce7).
EAPI=7
# Flatcar: We still have python 3.6.
PYTHON_COMPAT=( python3_{5,6,7} )
if [[ ${PV} == 9999 ]]; then
EGIT_REPO_URI="https://github.com/systemd/systemd.git"
@ -20,27 +18,24 @@ else
MY_P=${MY_PN}-${MY_PV}
S=${WORKDIR}/${MY_P}
SRC_URI="https://github.com/systemd/${MY_PN}/archive/v${MY_PV}/${MY_P}.tar.gz"
KEYWORDS="~alpha amd64 arm arm64 ~hppa ~ia64 ~mips ppc ppc64 sparc x86"
KEYWORDS="~alpha amd64 arm arm64 ~hppa ~ia64 ~mips ppc ppc64 ~riscv sparc x86"
fi
# Flatcar: We still have python 3.5, and have no python3.8 yet.
PYTHON_COMPAT=( python3_{5,6,7} )
inherit bash-completion-r1 linux-info meson multilib-minimal ninja-utils pam python-any-r1 systemd toolchain-funcs udev user
# Flatcar: We don't use gen_usr_ldscript so dropping usr-ldscript
inherit bash-completion-r1 linux-info meson-multilib pam python-any-r1 systemd toolchain-funcs udev user
DESCRIPTION="System and service manager for Linux"
HOMEPAGE="https://www.freedesktop.org/wiki/Software/systemd"
LICENSE="GPL-2 LGPL-2.1 MIT public-domain"
SLOT="0/2"
# Flatcar: Dropped cgroup-hybrid. We use legacy hierarchy by default
# to keep docker working. Dropped static-libs, we don't care about
# static libraries.
IUSE="acl apparmor audit build cryptsetup curl dns-over-tls elfutils +gcrypt gnuefi homed http +hwdb idn importd +kmod +lz4 lzma nat pam pcre pkcs11 policykit pwquality qrcode repart +resolvconf +seccomp selinux +split-usr ssl +sysv-utils test vanilla xkb +zstd"
# Flatcar: Dropped static-libs, we don't care about static libraries.
IUSE="acl apparmor audit build cgroup-hybrid cryptsetup curl dns-over-tls elfutils +gcrypt gnuefi homed http +hwdb idn importd +kmod +lz4 lzma nat pam pcre pkcs11 policykit pwquality qrcode repart +resolvconf +seccomp selinux split-usr +sysv-utils test tpm vanilla xkb +zstd"
REQUIRED_USE="
homed? ( cryptsetup )
homed? ( cryptsetup pam )
importd? ( curl gcrypt lzma )
pwquality? ( homed )
"
RESTRICT="!test? ( test )"
@ -50,6 +45,7 @@ OPENSSL_DEP=">=dev-libs/openssl-1.1.0:0="
COMMON_DEPEND=">=sys-apps/util-linux-2.30:0=[${MULTILIB_USEDEP}]
sys-libs/libcap:0=[${MULTILIB_USEDEP}]
virtual/libcrypt:=[${MULTILIB_USEDEP}]
acl? ( sys-apps/acl:0= )
apparmor? ( sys-libs/libapparmor:0= )
audit? ( >=sys-process/audit-2:0= )
@ -60,8 +56,8 @@ COMMON_DEPEND=">=sys-apps/util-linux-2.30:0=[${MULTILIB_USEDEP}]
gcrypt? ( >=dev-libs/libgcrypt-1.4.5:0=[${MULTILIB_USEDEP}] )
homed? ( ${OPENSSL_DEP} )
http? (
>=net-libs/libmicrohttpd-0.9.33:0=
ssl? ( >=net-libs/gnutls-3.1.4:0= )
>=net-libs/libmicrohttpd-0.9.33:0=[epoll(+)]
>=net-libs/gnutls-3.1.4:0=
)
idn? ( net-dns/libidn2:= )
importd? (
@ -69,7 +65,7 @@ COMMON_DEPEND=">=sys-apps/util-linux-2.30:0=[${MULTILIB_USEDEP}]
sys-libs/zlib:0=
)
kmod? ( >=sys-apps/kmod-15:0= )
lz4? ( >=app-arch/lz4-1.9.3-r1:0=[${MULTILIB_USEDEP}] )
lz4? ( >=app-arch/lz4-0_p131:0=[${MULTILIB_USEDEP}] )
lzma? ( >=app-arch/xz-utils-5.0.5-r1:0=[${MULTILIB_USEDEP}] )
nat? ( net-firewall/iptables:0= )
pam? ( sys-libs/pam:=[${MULTILIB_USEDEP}] )
@ -80,12 +76,38 @@ COMMON_DEPEND=">=sys-apps/util-linux-2.30:0=[${MULTILIB_USEDEP}]
repart? ( ${OPENSSL_DEP} )
seccomp? ( >=sys-libs/libseccomp-2.3.3:0= )
selinux? ( sys-libs/libselinux:0= )
tpm? ( app-crypt/tpm2-tss:0= )
xkb? ( >=x11-libs/libxkbcommon-0.4.1:0= )
zstd? ( >=app-arch/zstd-1.4.0:0=[${MULTILIB_USEDEP}] )
"
# Newer linux-headers needed by ia64, bug #480218
DEPEND="${COMMON_DEPEND}
>=sys-kernel/linux-headers-${MINKV}
gnuefi? ( >=sys-boot/gnu-efi-3.0.2 )
"
# Flatcar: We drop a few of the acct-group and acct-user as the gid provided by
# the upstream does not match with the ones we carry in baselayout.
RDEPEND="${COMMON_DEPEND}
sysv-utils? ( !sys-apps/sysvinit )
>=acct-group/adm-0-r1
>=acct-group/wheel-0-r1
>=acct-group/kmem-0-r1
>=acct-group/tty-0-r1
>=acct-group/utmp-0-r1
>=acct-group/kvm-0-r1
acct-group/sgx
acct-group/users
>=acct-user/root-0-r1
acct-user/nobody
>=acct-user/systemd-coredump-0-r1
acct-user/systemd-oom
>=acct-user/systemd-timesync-0-r1
selinux? ( sec-policy/selinux-base-policy[systemd] )
sysv-utils? (
!sys-apps/openrc[sysv-utils(-)]
!sys-apps/sysvinit
)
!sysv-utils? ( sys-apps/sysvinit )
resolvconf? ( !net-dns/openresolv )
!build? ( || (
@ -95,13 +117,14 @@ RDEPEND="${COMMON_DEPEND}
) )
!sys-auth/nss-myhostname
!sys-fs/eudev
!sys-fs/udev
"
# sys-apps/dbus: the daemon only (+ build-time lib dep for tests)
#
# Flatcar: We don't have sys-fs/udev-init-scripts-25, so it's dropped.
# Flatcar: We don't have sys-fs/udev-init-scripts-34, so it's dropped.
PDEPEND=">=sys-apps/dbus-1.9.8[systemd]
hwdb? ( >=sys-apps/hwids-20150417[udev] )
hwdb? ( sys-apps/hwids[systemd(+),udev] )
policykit? ( sys-auth/polkit )
!vanilla? ( sys-apps/gentoo-systemd-integration )"
@ -109,22 +132,30 @@ BDEPEND="
app-arch/xz-utils:0
dev-util/gperf
>=dev-util/meson-0.46
>=dev-util/intltool-0.50
>=sys-apps/coreutils-8.16
sys-devel/m4
sys-devel/gettext
virtual/pkgconfig
test? ( sys-apps/dbus )
test? (
app-text/tree
dev-lang/perl
sys-apps/dbus
)
app-text/docbook-xml-dtd:4.2
app-text/docbook-xml-dtd:4.5
app-text/docbook-xsl-stylesheets
dev-libs/libxslt:0
$(python_gen_any_dep 'dev-python/jinja[${PYTHON_USEDEP}]')
$(python_gen_any_dep 'dev-python/lxml[${PYTHON_USEDEP}]')
"
python_check_deps() {
has_version -b "dev-python/jinja[${PYTHON_USEDEP}]" &&
has_version -b "dev-python/lxml[${PYTHON_USEDEP}]"
}
QA_FLAGS_IGNORED="usr/lib/systemd/boot/efi/.*"
QA_EXECSTACK="usr/lib/systemd/boot/efi/*"
pkg_pretend() {
if [[ ${MERGE_TYPE} != buildonly ]]; then
if use test && has pid-sandbox ${FEATURES}; then
@ -183,11 +214,13 @@ src_prepare() {
# Add local patches here
PATCHES+=(
# Flatcar: Adding our own patches here.
"${FILESDIR}/249-libudev-static.patch"
"${FILESDIR}/0004-wait-online-set-any-by-default.patch"
"${FILESDIR}/0005-networkd-default-to-kernel-IPForwarding-setting.patch"
"${FILESDIR}/0006-needs-update-don-t-require-strictly-newer-usr.patch"
"${FILESDIR}/0007-core-use-max-for-DefaultTasksMax.patch"
"${FILESDIR}/0008-systemd-Disable-SELinux-permissions-checks.patch"
"${FILESDIR}/0009-core-handle-lookup-paths-being-symlinks.patch"
)
# Flatcar: We carry our own patches, we don't use the ones
@ -200,7 +233,7 @@ src_prepare() {
# See https://kubernetes.io/docs/tasks/administer-cluster/dns-debugging-resolution/#known-issues
# This means that users who need split DNS to work should point /etc/resolv.conf back to /run/systemd/resolve/stub-resolv.conf
# (and if using K8s configure the kubelet resolvConf variable/--resolv-conf flag to /run/systemd/resolve/resolv.conf).
sed -i -e 's,/run/systemd/resolve/stub-resolv.conf,/run/systemd/resolve/resolv.conf,' tmpfiles.d/etc.conf.m4 || die
sed -i -e 's,/run/systemd/resolve/stub-resolv.conf,/run/systemd/resolve/resolv.conf,' tmpfiles.d/etc.conf.in || die
default
}
@ -214,26 +247,6 @@ src_configure() {
multilib-minimal_src_configure
}
meson_use() {
usex "$1" true false
}
meson_multilib() {
if multilib_is_native_abi; then
echo true
else
echo false
fi
}
meson_multilib_native_use() {
if multilib_is_native_abi && use "$1"; then
echo true
else
echo false
fi
}
multilib_src_configure() {
local myconf=(
--localstatedir="${EPREFIX}/var"
@ -243,54 +256,51 @@ multilib_src_configure() {
# avoid bash-completion dep
-Dbashcompletiondir="$(get_bashcompdir)"
# make sure we get /bin:/sbin in PATH
-Dsplit-usr=$(usex split-usr true false)
$(meson_use split-usr)
-Dsplit-bin=true
-Drootprefix="$(usex split-usr "${EPREFIX:-/}" "${EPREFIX}/usr")"
-Drootlibdir="${EPREFIX}/usr/$(get_libdir)"
# Avoid infinite exec recursion, bug 642724
-Dtelinit-path="${EPREFIX}/lib/sysvinit/telinit"
# no deps
#
# Flatcar: TODO: We have no clue why this was dropped
# from upstream, so we keep it until we understand
# more.
-Defi=$(meson_multilib)
-Dima=true
# Flatcar: Use unified hierarchy now that docker-20.10 is available
-Ddefault-hierarchy=unified
-Ddefault-hierarchy=$(usex cgroup-hybrid hybrid unified)
# Optional components/dependencies
-Dacl=$(meson_multilib_native_use acl)
-Dapparmor=$(meson_multilib_native_use apparmor)
-Daudit=$(meson_multilib_native_use audit)
-Dlibcryptsetup=$(meson_multilib_native_use cryptsetup)
-Dlibcurl=$(meson_multilib_native_use curl)
-Delfutils=$(meson_multilib_native_use elfutils)
-Dgcrypt=$(meson_use gcrypt)
-Dgnu-efi=$(meson_multilib_native_use gnuefi)
$(meson_native_use_bool acl)
$(meson_native_use_bool apparmor)
$(meson_native_use_bool audit)
$(meson_native_use_bool cryptsetup libcryptsetup)
$(meson_native_use_bool curl libcurl)
$(meson_native_use_bool dns-over-tls dns-over-tls)
$(meson_native_use_bool elfutils)
$(meson_use gcrypt)
$(meson_native_use_bool gnuefi gnu-efi)
-Defi-includedir="${ESYSROOT}/usr/include/efi"
-Defi-ld="$(tc-getLD)"
-Defi-libdir="${ESYSROOT}/usr/$(get_libdir)"
-Dhomed=$(meson_multilib_native_use homed)
-Dhwdb=$(meson_multilib_native_use hwdb)
-Dmicrohttpd=$(meson_multilib_native_use http)
-Didn=$(meson_multilib_native_use idn)
-Dimportd=$(meson_multilib_native_use importd)
-Dbzip2=$(meson_multilib_native_use importd)
-Dzlib=$(meson_multilib_native_use importd)
-Dkmod=$(meson_multilib_native_use kmod)
-Dlz4=$(meson_use lz4)
-Dxz=$(meson_use lzma)
-Dzstd=$(meson_use zstd)
-Dlibiptc=$(meson_multilib_native_use nat)
-Dpam=$(meson_use pam)
-Dp11kit=$(meson_multilib_native_use pkcs11)
-Dpcre2=$(meson_multilib_native_use pcre)
-Dpolkit=$(meson_multilib_native_use policykit)
-Dpwquality=$(meson_multilib_native_use pwquality)
-Dqrencode=$(meson_multilib_native_use qrcode)
-Drepart=$(meson_multilib_native_use repart)
-Dseccomp=$(meson_multilib_native_use seccomp)
-Dselinux=$(meson_multilib_native_use selinux)
-Ddbus=$(meson_multilib_native_use test)
-Dxkbcommon=$(meson_multilib_native_use xkb)
$(meson_native_use_bool homed)
$(meson_native_use_bool hwdb)
$(meson_native_use_bool http microhttpd)
$(meson_native_use_bool idn)
$(meson_native_use_bool importd)
$(meson_native_use_bool importd bzip2)
$(meson_native_use_bool importd zlib)
$(meson_native_use_bool kmod)
$(meson_use lz4)
$(meson_use lzma xz)
$(meson_use zstd)
$(meson_native_use_bool nat libiptc)
$(meson_use pam)
$(meson_native_use_bool pkcs11 p11kit)
$(meson_native_use_bool pcre pcre2)
$(meson_native_use_bool policykit polkit)
$(meson_native_use_bool pwquality)
$(meson_native_use_bool qrcode qrencode)
$(meson_native_use_bool repart)
$(meson_native_use_bool seccomp)
$(meson_native_use_bool selinux)
$(meson_native_use_bool tpm tpm2)
$(meson_native_use_bool test dbus)
$(meson_native_use_bool xkb xkbcommon)
# Flatcar: Use our ntp servers.
-Dntp-servers="0.flatcar.pool.ntp.org 1.flatcar.pool.ntp.org 2.flatcar.pool.ntp.org 3.flatcar.pool.ntp.org"
# Breaks screen, tmux, etc.
@ -299,25 +309,25 @@ multilib_src_configure() {
-Dcreate-log-dirs=false
# multilib options
-Dbacklight=$(meson_multilib)
-Dbinfmt=$(meson_multilib)
-Dcoredump=$(meson_multilib)
-Denvironment-d=$(meson_multilib)
-Dfirstboot=$(meson_multilib)
-Dhibernate=$(meson_multilib)
-Dhostnamed=$(meson_multilib)
-Dldconfig=$(meson_multilib)
-Dlocaled=$(meson_multilib)
-Dman=$(meson_multilib)
-Dnetworkd=$(meson_multilib)
-Dquotacheck=$(meson_multilib)
-Drandomseed=$(meson_multilib)
-Drfkill=$(meson_multilib)
-Dsysusers=$(meson_multilib)
-Dtimedated=$(meson_multilib)
-Dtimesyncd=$(meson_multilib)
-Dtmpfiles=$(meson_multilib)
-Dvconsole=$(meson_multilib)
$(meson_native_true backlight)
$(meson_native_true binfmt)
$(meson_native_true coredump)
$(meson_native_true environment-d)
$(meson_native_true firstboot)
$(meson_native_true hibernate)
$(meson_native_true hostnamed)
$(meson_native_true ldconfig)
$(meson_native_true localed)
$(meson_native_true man)
$(meson_native_true networkd)
$(meson_native_true quotacheck)
$(meson_native_true randomseed)
$(meson_native_true rfkill)
$(meson_native_true sysusers)
$(meson_native_true timedated)
$(meson_native_true timesyncd)
$(meson_native_true tmpfiles)
$(meson_native_true vconsole)
# Flatcar: Specify this, or meson breaks due to no
# /etc/login.defs.
@ -360,19 +370,11 @@ multilib_src_configure() {
meson_src_configure "${myconf[@]}"
}
multilib_src_compile() {
eninja
}
multilib_src_test() {
unset DBUS_SESSION_BUS_ADDRESS XDG_RUNTIME_DIR
meson_src_test
}
multilib_src_install() {
DESTDIR="${D}" eninja install
}
multilib_src_install_all() {
local rootprefix=$(usex split-usr '' /usr)
@ -556,15 +558,7 @@ migrate_locale() {
fi
}
# Flatcar: save_enabled_units function is dropped, because it's
# unused. When building releases, we assume that there was no systemd
# previously, so there are no units to remember.
pkg_preinst() {
# Flatcar: When building releases, we assume that there was no
# systemd previously, so there are no units to remember, so
# there is no point in calling save_enabled_units.
if ! use split-usr; then
local dir
for dir in bin sbin lib; do
@ -583,45 +577,20 @@ pkg_preinst() {
}
pkg_postinst() {
newusergroup() {
enewgroup "$1"
enewuser "$1" -1 -1 -1 "$1"
}
enewgroup input
enewgroup kvm 78
enewgroup render 30
enewgroup systemd-journal
newusergroup systemd-coredump
newusergroup systemd-journal-remote
newusergroup systemd-network
newusergroup systemd-resolve
newusergroup systemd-timesync
newusergroup systemd-oom
systemd_update_catalog
# Keep this here in case the database format changes so it gets updated
# when required. Despite that this file is owned by sys-apps/hwids.
if has_version "sys-apps/hwids[udev]"; then
udevadm hwdb --update --root="${EROOT}"
# when required.
if use hwdb; then
systemd-hwdb --root="${ROOT}" update
fi
udev_reload || FAIL=1
# Bug 465468, make sure locales are respect, and ensure consistency
# Bug 465468, make sure locales are respected, and ensure consistency
# between OpenRC & systemd
migrate_locale
# Flatcar: Dropping the reenabling, since there earlier there
# was no systemd (we are building the release from scratch
# here). The function checks if the unit is enabled before
# running reenable, which in our case results in no action at
# all (because no service is enabled).
# Flatcar: Dropping handling of ENABLED_UNITS.
# Flatcar: We enable getty and remote-fs targets in /usr
# ourselves above.