From 094773e3b290ee093785415fd4f1fbff8cfa8683 Mon Sep 17 00:00:00 2001 From: Flatcar Buildbot Date: Mon, 2 Mar 2026 07:29:21 +0000 Subject: [PATCH] sys-apps/systemd: Sync with Gentoo It's from Gentoo commit e445449a18282508e7de29993c41bc3a9829ac59. Signed-off-by: Flatcar Buildbot --- .../portage-stable/sys-apps/systemd/Manifest | 5 +- .../files/gentoo-journald-audit-r1.patch | 51 -- .../files/systemd-257-cred-util-tpm2.patch | 69 --- .../systemd/files/systemd-259-test-echo.patch | 32 + ...systemd-259-vmspawn-use-indexed-loop.patch | 71 +++ .../sys-apps/systemd/metadata.xml | 1 - .../sys-apps/systemd/systemd-257.9.ebuild | 570 ------------------ .../sys-apps/systemd/systemd-258.3.ebuild | 5 +- ...emd-257.10.ebuild => systemd-259.1.ebuild} | 42 +- ...temd-258.2.ebuild => systemd-259.2.ebuild} | 22 +- .../sys-apps/systemd/systemd-259.ebuild | 3 + .../sys-apps/systemd/systemd-9999.ebuild | 19 +- 12 files changed, 169 insertions(+), 721 deletions(-) delete mode 100644 sdk_container/src/third_party/portage-stable/sys-apps/systemd/files/gentoo-journald-audit-r1.patch delete mode 100644 sdk_container/src/third_party/portage-stable/sys-apps/systemd/files/systemd-257-cred-util-tpm2.patch create mode 100644 sdk_container/src/third_party/portage-stable/sys-apps/systemd/files/systemd-259-test-echo.patch create mode 100644 sdk_container/src/third_party/portage-stable/sys-apps/systemd/files/systemd-259-vmspawn-use-indexed-loop.patch delete mode 100644 sdk_container/src/third_party/portage-stable/sys-apps/systemd/systemd-257.9.ebuild rename sdk_container/src/third_party/portage-stable/sys-apps/systemd/{systemd-257.10.ebuild => systemd-259.1.ebuild} (93%) rename sdk_container/src/third_party/portage-stable/sys-apps/systemd/{systemd-258.2.ebuild => systemd-259.2.ebuild} (96%) diff --git a/sdk_container/src/third_party/portage-stable/sys-apps/systemd/Manifest b/sdk_container/src/third_party/portage-stable/sys-apps/systemd/Manifest index 7a4e6ea6a6..33ca9cacbc 100644 --- a/sdk_container/src/third_party/portage-stable/sys-apps/systemd/Manifest +++ b/sdk_container/src/third_party/portage-stable/sys-apps/systemd/Manifest @@ -1,5 +1,4 @@ -DIST systemd-257.10.tar.gz 16425661 BLAKE2B c8fef145933810110f5470f64dd41213864cc1cae889fb306c817d7a16cc300adbcab27e3a3be91428f0a7d354041f7f9ca431f7745bce9c7cc1e3bb065be84a SHA512 49a2c8cc1cd91363d90165a1145dcc417d524afd428917dad332e4b057ed9fc3ddb5b4beafab094b02a85d930c8aef9b63c8c9c1bc76ef3bdf0ce38a7d46466f -DIST systemd-257.9.tar.gz 16401765 BLAKE2B c3ad528d37b89de8f82548807e950b59aab43f875a533ad983169eb539594e5e8230b6b562caee5297dcec4572e27df0e53ebee04f79e85f429f47862031592e SHA512 23b3d2764e0f990d8373068ccb41177793413bc193f7bd34e38b03d6fc3cd32d07c86e9dcbf07e32904075bb5eeca208f65beab04d628ac0e0b81ba87a975c1b -DIST systemd-258.2.tar.gz 16989522 BLAKE2B 55c8a134d2c80241ed654fab6bf2df0a2139313dbbb905f3abf07c9f86940ff03c8787fe7c4604c34bbb84088c15cd73ae5e013929b290b92808b5473550235e SHA512 1dc016a5a037aec2682e08d2add0dcf8d03db15b45ce8c6b677898f734aefd4694ce18e588d579e42514071fc4c167b2bf53808478b2bd3856b257c9fbcde45d DIST systemd-258.3.tar.gz 17034328 BLAKE2B 668f5829d78412b256f49c3f46dffad5cf70fa335de3e5ca822bdc13e4f67874ac28005b616e7fdc0f3235f760c68809ae3ac97e1f53d3ca43fb7e0934ec0de9 SHA512 9f4261e1703efd1f38c90e4166e6d85fa9379c99ac7f3c66caa62955c3cbe8a43ab259c261ab20bce0dd84dd682258192ace66b4dee0390bf3740c32f4569fed +DIST systemd-259.1.tar.gz 17274033 BLAKE2B 08d3b640e699ecaae9f2e2471db4547870786a5b5e2953671a0a9460b13a4d942c605942f95c144e68a04ffd6be1a72d8a084fe1f59c4d49c0ac3dc1eda55533 SHA512 7cbeca5dad6413a876809200583854ddc706b7a69deff958eb1ca1afb726cf4dec014006c10d1945c450b754811d4b95a80fe1778cb3136997f6d11b11c0560e +DIST systemd-259.2.tar.gz 17284532 BLAKE2B a0826ef6f1cc8546957cbd558283e9bf634e434893de526d39b00f7d5ecdc982ccadf0f5397f74a8c9090887d14acbbe20dac27905376b72aa07b5246436c1ed SHA512 1cb677c98a56210948bfc9a6e296aa92dde030ceeca6b6e4fe3f4014d051f4d0f1d83584cfdceb921d7d578952b85112b2ba497385faefca4d6c871bf8de48cf DIST systemd-259.tar.gz 17250241 BLAKE2B 59ba6edea59338fc30d4cf72b197e8eda2ccd4fc7d53f016c0b9bd4422433839696fe553b58dcf1f31345ec92080a426a04a2878fd97cb17b3b1e3f92f08e135 SHA512 ef46b13661df43e3cfbeee1bc22f0b1eb902e8ebe39c19868c465efd08b35a199c2a2cd9d8021a6bc4d692fa0c6e0eab3f13eecd6ce24dde81d3945464a25b50 diff --git a/sdk_container/src/third_party/portage-stable/sys-apps/systemd/files/gentoo-journald-audit-r1.patch b/sdk_container/src/third_party/portage-stable/sys-apps/systemd/files/gentoo-journald-audit-r1.patch deleted file mode 100644 index b5c32df788..0000000000 --- a/sdk_container/src/third_party/portage-stable/sys-apps/systemd/files/gentoo-journald-audit-r1.patch +++ /dev/null @@ -1,51 +0,0 @@ -From 2de502ccff1cc780d9d29c4ff7e6c1e0f2d7a082 Mon Sep 17 00:00:00 2001 -From: Mike Gilbert -Date: Fri, 21 Aug 2020 13:16:17 -0400 -Subject: [PATCH] journald: do not change the kernel audit setting by default - -Bug: https://bugs.gentoo.org/736910 ---- - man/journald.conf.xml | 2 +- - src/journal/journald-server.c | 2 +- - src/journal/journald.conf | 2 +- - 3 files changed, 3 insertions(+), 3 deletions(-) - -diff --git a/man/journald.conf.xml b/man/journald.conf.xml -index 50c33e4792..2e14674f42 100644 ---- a/man/journald.conf.xml -+++ b/man/journald.conf.xml -@@ -427,7 +427,7 @@ - kernel auditing on start-up. If disabled it will turn it off. If unset it will neither enable nor - disable it, leaving the previous state unchanged. This means if another tool turns on auditing even - if systemd-journald left it off, it will still collect the generated -- messages. Defaults to on. -+ messages. - - Note that this option does not control whether systemd-journald collects - generated audit records, it just controls whether it tells the kernel to generate them. If you need -diff --git a/src/journal/journald-server.c b/src/journal/journald-server.c -index 022e12d83d..6b3d261af6 100644 ---- a/src/journal/journald-server.c -+++ b/src/journal/journald-server.c -@@ -2367,7 +2367,7 @@ int server_init(Server *s, const char *namespace) { - .compress.threshold_bytes = UINT64_MAX, - .seal = true, - -- .set_audit = true, -+ .set_audit = -1, - - .watchdog_usec = USEC_INFINITY, - -diff --git a/src/journal/journald.conf b/src/journal/journald.conf -index 5a60a9d39c..64156d5463 100644 ---- a/src/journal/journald.conf -+++ b/src/journal/journald.conf -@@ -44,4 +44,4 @@ - #MaxLevelWall=emerg - #LineMax=48K - #ReadKMsg=yes --#Audit=yes -+#Audit= --- -2.39.1 - diff --git a/sdk_container/src/third_party/portage-stable/sys-apps/systemd/files/systemd-257-cred-util-tpm2.patch b/sdk_container/src/third_party/portage-stable/sys-apps/systemd/files/systemd-257-cred-util-tpm2.patch deleted file mode 100644 index a4f798dc4e..0000000000 --- a/sdk_container/src/third_party/portage-stable/sys-apps/systemd/files/systemd-257-cred-util-tpm2.patch +++ /dev/null @@ -1,69 +0,0 @@ -https://bugs.gentoo.org/956681 -https://github.com/systemd/systemd/pull/37017 - -From fd9c4b4f49990f0656092035464b85256a0ba6e3 Mon Sep 17 00:00:00 2001 -From: Khem Raj -Date: Fri, 4 Apr 2025 21:40:41 -0700 -Subject: [PATCH] shared/cred-util: Ensure TPM code is used with HAVE_TPM2 - guards -MIME-Version: 1.0 -Content-Type: text/plain; charset=UTF-8 -Content-Transfer-Encoding: 8bit - -Building with no TPM2 we end up with following error - -/usr/include/x86_64-linux-gnu/bits/string_fortified.h:29:10: note: in a call to built-in function ‘__builtin___memcpy_chk’ -In function ‘memcpy’, - inlined from ‘encrypt_credential_and_warn’ at ../git/src/shared/creds-util.c:1091:17: -/usr/include/x86_64-linux-gnu/bits/string_fortified.h:29:10: error: argument 2 null where non-null expected [-Werror=nonnull] - 29 | return __builtin___memcpy_chk (__dest, __src, __len, - | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ - 30 | __glibc_objsize0 (__dest)); - | ~~~~~~~~~~~~~~~~~~~~~~~~~~ -/usr/include/x86_64-linux-gnu/bits/string_fortified.h:29:10: note: in a call to built-in function ‘__builtin___memcpy_chk’ -cc1: some warnings being treated as errors 29 | return __builtin___memcpy_chk (__dest, __src, __len, - | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ - 30 | __glibc_objsize0 (__dest)); - | ~~~~~~~~~~~~~~~~~~~~~~~~~~ - -This is because code referencing tpm2 data structures is still used while the -initialization of the function has been compiled out since its conditional on HAVE_TPM2 - -We add needed guards in places where it is missing to fix this problem - -Signed-off-by: Khem Raj ---- - src/shared/creds-util.c | 5 ++++- - 1 file changed, 4 insertions(+), 1 deletion(-) - -diff --git a/src/shared/creds-util.c b/src/shared/creds-util.c -index ca8e15d4c9d1e..e074c8b24680a 100644 ---- a/src/shared/creds-util.c -+++ b/src/shared/creds-util.c -@@ -804,7 +804,9 @@ int encrypt_credential_and_warn( - _cleanup_(iovec_done_erase) struct iovec tpm2_key = {}, output = {}, host_key = {}; - _cleanup_(EVP_CIPHER_CTX_freep) EVP_CIPHER_CTX *context = NULL; - _cleanup_free_ struct metadata_credential_header *m = NULL; -+#if HAVE_TPM2 - uint16_t tpm2_pcr_bank = 0, tpm2_primary_alg = 0; -+#endif - struct encrypted_credential_header *h; - int ksz, bsz, ivsz, tsz, added, r; - uint8_t md[SHA256_DIGEST_LENGTH]; -@@ -1078,6 +1080,7 @@ int encrypt_credential_and_warn( - - p = ALIGN8(offsetof(struct encrypted_credential_header, iv) + ivsz); - -+#if HAVE_TPM2 - if (iovec_is_set(&tpm2_key)) { - struct tpm2_credential_header *t; - -@@ -1092,7 +1095,7 @@ int encrypt_credential_and_warn( - - p += ALIGN8(offsetof(struct tpm2_credential_header, policy_hash_and_blob) + tpm2_blob.iov_len + tpm2_policy_hash.iov_len); - } -- -+#endif - if (iovec_is_set(&pubkey)) { - struct tpm2_public_key_credential_header *z; - diff --git a/sdk_container/src/third_party/portage-stable/sys-apps/systemd/files/systemd-259-test-echo.patch b/sdk_container/src/third_party/portage-stable/sys-apps/systemd/files/systemd-259-test-echo.patch new file mode 100644 index 0000000000..af592fc791 --- /dev/null +++ b/sdk_container/src/third_party/portage-stable/sys-apps/systemd/files/systemd-259-test-echo.patch @@ -0,0 +1,32 @@ +https://github.com/systemd/systemd/pull/40607 + +From 1766be649f2c153dee6fe2c79c5aac3a21c73a7b Mon Sep 17 00:00:00 2001 +From: Mike Gilbert +Date: Sun, 8 Feb 2026 19:12:30 -0500 +Subject: [PATCH] meson: use printf instead of echo + +The echo builtin provided by some shells (mksh) will interpret \x2d as +an escape sequence. This causes meson to fail: + +``` +test/fuzz/meson.build:93:52: ERROR: File fuzz-unit-file/dm-back-slash.swap does not exist. +``` + +Bug: https://bugs.gentoo.org/969789 +--- + test/fuzz/meson.build | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/test/fuzz/meson.build b/test/fuzz/meson.build +index d4cfc0a5b4816..6f9f43a4105f9 100644 +--- a/test/fuzz/meson.build ++++ b/test/fuzz/meson.build +@@ -42,7 +42,7 @@ if git.found() and fs.is_dir(meson.project_source_root() / '.git') + 'ls-files', ':/@0@/*/*'.format(fuzz_testsdir), + check: true) + else +- out = run_command(sh, '-c', 'cd "@0@"; echo @1@/*/*'.format(meson.project_source_root(), fuzz_testsdir), check: true) ++ out = run_command(sh, '-c', 'cd "@0@"; printf "%s " @1@/*/*'.format(meson.project_source_root(), fuzz_testsdir), check: true) + endif + + # Add crafted fuzz inputs we have in the repo diff --git a/sdk_container/src/third_party/portage-stable/sys-apps/systemd/files/systemd-259-vmspawn-use-indexed-loop.patch b/sdk_container/src/third_party/portage-stable/sys-apps/systemd/files/systemd-259-vmspawn-use-indexed-loop.patch new file mode 100644 index 0000000000..72f2cff078 --- /dev/null +++ b/sdk_container/src/third_party/portage-stable/sys-apps/systemd/files/systemd-259-vmspawn-use-indexed-loop.patch @@ -0,0 +1,71 @@ +https://bugs.gentoo.org/968936 +https://github.com/systemd/systemd/issues/40380 + +From 8a5fb3627a1518d2d2ef70919c81448158d64ac0 Mon Sep 17 00:00:00 2001 +From: Yu Watanabe +Date: Mon, 19 Jan 2026 23:14:26 +0900 +Subject: [PATCH] vmspawn: use indexed loop + +Previously, the index is obtained from the pointer offset. The +pointer offset is expressed by ptrdiff_t and may be different from +ssize_t. + +Let's avoid to use FOREACH_ARRAY() but use an indexed loop. +This also renames `mount` to `m` to avoid conflict with `mount()`. + +Fixes #40380. +--- + src/vmspawn/vmspawn.c | 15 ++++++++------- + 1 file changed, 8 insertions(+), 7 deletions(-) + +diff --git a/src/vmspawn/vmspawn.c b/src/vmspawn/vmspawn.c +index 43817954a3d22..b12e260fa4d1f 100644 +--- a/src/vmspawn/vmspawn.c ++++ b/src/vmspawn/vmspawn.c +@@ -2408,7 +2408,8 @@ static int run_virtual_machine(int kvm_device_fd, int vhost_device_fd) { + if (r < 0) + return log_oom(); + +- FOREACH_ARRAY(mount, arg_runtime_mounts.mounts, arg_runtime_mounts.n_mounts) { ++ for (size_t j = 0; j < arg_runtime_mounts.n_mounts; j++) { ++ RuntimeMount *m = arg_runtime_mounts.mounts + j; + _cleanup_free_ char *listen_address = NULL; + _cleanup_(fork_notify_terminate) PidRef child = PIDREF_NULL; + +@@ -2417,9 +2418,9 @@ static int run_virtual_machine(int kvm_device_fd, int vhost_device_fd) { + + r = start_virtiofsd( + unit, +- mount->source, +- /* source_uid= */ mount->source_uid, +- /* target_uid= */ mount->target_uid, ++ m->source, ++ /* source_uid= */ m->source_uid, ++ /* target_uid= */ m->target_uid, + /* uid_range= */ 1U, + runtime_dir, + sd_socket_activate, +@@ -2444,7 +2445,7 @@ static int run_virtual_machine(int kvm_device_fd, int vhost_device_fd) { + return log_oom(); + + _cleanup_free_ char *id = NULL; +- if (asprintf(&id, "mnt%zi", mount - arg_runtime_mounts.mounts) < 0) ++ if (asprintf(&id, "mnt%zu", j) < 0) + return log_oom(); + + if (strv_extendf(&cmdline, "socket,id=%s,path=%s", id, escaped_listen_address) < 0) +@@ -2456,12 +2457,12 @@ static int run_virtual_machine(int kvm_device_fd, int vhost_device_fd) { + if (strv_extendf(&cmdline, "vhost-user-fs-pci,queue-size=1024,chardev=%1$s,tag=%1$s", id) < 0) + return log_oom(); + +- _cleanup_free_ char *clean_target = xescape(mount->target, "\":"); ++ _cleanup_free_ char *clean_target = xescape(m->target, "\":"); + if (!clean_target) + return log_oom(); + + if (strv_extendf(&arg_kernel_cmdline_extra, "systemd.mount-extra=\"%s:%s:virtiofs:%s\"", +- id, clean_target, mount->read_only ? "ro" : "rw") < 0) ++ id, clean_target, m->read_only ? "ro" : "rw") < 0) + return log_oom(); + } + diff --git a/sdk_container/src/third_party/portage-stable/sys-apps/systemd/metadata.xml b/sdk_container/src/third_party/portage-stable/sys-apps/systemd/metadata.xml index b4a8e30ee3..c7c46b6219 100644 --- a/sdk_container/src/third_party/portage-stable/sys-apps/systemd/metadata.xml +++ b/sdk_container/src/third_party/portage-stable/sys-apps/systemd/metadata.xml @@ -40,6 +40,5 @@ systemd/systemd - systemd/systemd-stable diff --git a/sdk_container/src/third_party/portage-stable/sys-apps/systemd/systemd-257.9.ebuild b/sdk_container/src/third_party/portage-stable/sys-apps/systemd/systemd-257.9.ebuild deleted file mode 100644 index 3cee9769ce..0000000000 --- a/sdk_container/src/third_party/portage-stable/sys-apps/systemd/systemd-257.9.ebuild +++ /dev/null @@ -1,570 +0,0 @@ -# Copyright 2011-2025 Gentoo Authors -# Distributed under the terms of the GNU General Public License v2 - -EAPI=8 -PYTHON_COMPAT=( python3_{11..13} ) - -# Avoid QA warnings -TMPFILES_OPTIONAL=1 -UDEV_OPTIONAL=1 - -QA_PKGCONFIG_VERSION=$(ver_cut 1) - -if [[ ${PV} == 9999 ]]; then - EGIT_REPO_URI="https://github.com/systemd/systemd.git" - inherit git-r3 -else - MY_PV=${PV/_/-} - MY_P=${PN}-${MY_PV} - S=${WORKDIR}/${MY_P} - SRC_URI="https://github.com/systemd/${PN}/archive/refs/tags/v${MY_PV}.tar.gz -> ${MY_P}.tar.gz" - - if [[ ${PV} != *rc* ]] ; then - KEYWORDS="~alpha amd64 arm arm64 ~hppa ~loong ~m68k ~mips ppc ppc64 ~riscv ~s390 ~sparc x86" - fi -fi - -inherit bash-completion-r1 linux-info meson-multilib optfeature pam python-single-r1 -inherit secureboot systemd toolchain-funcs udev - -DESCRIPTION="System and service manager for Linux" -HOMEPAGE="https://systemd.io/" - -LICENSE="GPL-2 LGPL-2.1 MIT public-domain" -SLOT="0/2" -IUSE=" - acl apparmor audit boot bpf cgroup-hybrid cryptsetup curl +dns-over-tls elfutils - fido2 +gcrypt gnutls homed http idn importd iptables +kernel-install +kmod - +lz4 lzma +openssl pam pcre pkcs11 policykit pwquality qrcode - +resolvconf +seccomp selinux split-usr +sysv-utils test tpm ukify vanilla xkb +zstd -" -REQUIRED_USE=" - ${PYTHON_REQUIRED_USE} - dns-over-tls? ( || ( gnutls openssl ) ) - fido2? ( cryptsetup openssl ) - homed? ( cryptsetup pam openssl ) - importd? ( curl lzma || ( gcrypt openssl ) ) - pwquality? ( homed ) - boot? ( kernel-install ) - ukify? ( boot ) -" -RESTRICT="!test? ( test )" - -MINKV="4.15" - -COMMON_DEPEND=" - >=sys-apps/util-linux-2.32:0=[${MULTILIB_USEDEP}] - sys-libs/libcap:0=[${MULTILIB_USEDEP}] - virtual/libcrypt:=[${MULTILIB_USEDEP}] - acl? ( sys-apps/acl:0= ) - apparmor? ( >=sys-libs/libapparmor-2.13:0= ) - audit? ( >=sys-process/audit-2:0= ) - bpf? ( >=dev-libs/libbpf-1.4.0:0= ) - cryptsetup? ( >=sys-fs/cryptsetup-2.0.1:0= ) - curl? ( >=net-misc/curl-7.32.0:0= ) - elfutils? ( >=dev-libs/elfutils-0.158:0= ) - fido2? ( dev-libs/libfido2:0= ) - gcrypt? ( >=dev-libs/libgcrypt-1.4.5:0=[${MULTILIB_USEDEP}] ) - gnutls? ( >=net-libs/gnutls-3.6.0:0= ) - http? ( >=net-libs/libmicrohttpd-0.9.33:0=[epoll(+)] ) - idn? ( net-dns/libidn2:= ) - importd? ( - app-arch/bzip2:0= - virtual/zlib:= - ) - kmod? ( >=sys-apps/kmod-15:0= ) - lz4? ( >=app-arch/lz4-0_p131:0=[${MULTILIB_USEDEP}] ) - lzma? ( >=app-arch/xz-utils-5.0.5-r1:0=[${MULTILIB_USEDEP}] ) - iptables? ( net-firewall/iptables:0= ) - openssl? ( >=dev-libs/openssl-1.1.0:0= ) - pam? ( sys-libs/pam:=[${MULTILIB_USEDEP}] ) - pkcs11? ( >=app-crypt/p11-kit-0.23.3:0= ) - pcre? ( dev-libs/libpcre2 ) - pwquality? ( >=dev-libs/libpwquality-1.4.1:0= ) - qrcode? ( >=media-gfx/qrencode-3:0= ) - seccomp? ( >=sys-libs/libseccomp-2.3.3:0= ) - selinux? ( >=sys-libs/libselinux-2.1.9:0= ) - tpm? ( app-crypt/tpm2-tss:0= ) - xkb? ( >=x11-libs/libxkbcommon-0.4.1:0= ) - zstd? ( >=app-arch/zstd-1.4.0:0=[${MULTILIB_USEDEP}] ) -" - -# Newer linux-headers needed by ia64, bug #480218 -DEPEND="${COMMON_DEPEND} - >=sys-kernel/linux-headers-${MINKV} -" - -PEFILE_DEPEND='dev-python/pefile[${PYTHON_USEDEP}]' - -# baselayout-2.2 has /run -RDEPEND="${COMMON_DEPEND} - >=acct-group/adm-0-r1 - >=acct-group/wheel-0-r1 - >=acct-group/kmem-0-r1 - >=acct-group/tty-0-r1 - >=acct-group/utmp-0-r1 - >=acct-group/audio-0-r1 - >=acct-group/cdrom-0-r1 - >=acct-group/dialout-0-r1 - >=acct-group/disk-0-r1 - >=acct-group/input-0-r1 - >=acct-group/kvm-0-r1 - >=acct-group/lp-0-r1 - >=acct-group/render-0-r1 - acct-group/sgx - >=acct-group/tape-0-r1 - acct-group/users - >=acct-group/video-0-r1 - >=acct-group/systemd-journal-0-r1 - >=acct-user/root-0-r1 - acct-user/nobody - >=acct-user/systemd-journal-remote-0-r1 - >=acct-user/systemd-coredump-0-r1 - >=acct-user/systemd-network-0-r1 - acct-user/systemd-oom - >=acct-user/systemd-resolve-0-r1 - >=acct-user/systemd-timesync-0-r1 - >=sys-apps/baselayout-2.2 - ukify? ( - ${PYTHON_DEPS} - $(python_gen_cond_dep "${PEFILE_DEPEND}") - ) - selinux? ( - sec-policy/selinux-base-policy[systemd] - sec-policy/selinux-ntp - ) - sysv-utils? ( - !sys-apps/openrc[sysv-utils(-)] - !sys-apps/sysvinit - ) - !sysv-utils? ( sys-apps/sysvinit ) - resolvconf? ( !net-dns/openresolv ) - !sys-apps/hwids[udev] - !sys-auth/nss-myhostname - !sys-fs/eudev - !sys-fs/udev -" - -# sys-apps/dbus: the daemon only (+ build-time lib dep for tests) -PDEPEND=">=sys-apps/dbus-1.9.8[systemd] - >=sys-fs/udev-init-scripts-34 - policykit? ( sys-auth/polkit ) - !vanilla? ( sys-apps/gentoo-systemd-integration )" - -BDEPEND=" - app-arch/xz-utils:0 - dev-util/gperf - >=dev-build/meson-0.46 - >=sys-apps/coreutils-8.16 - sys-devel/gettext - virtual/pkgconfig - bpf? ( - >=dev-util/bpftool-7.0.0 - sys-devel/bpf-toolchain - ) - test? ( - app-text/tree - dev-lang/perl - sys-apps/dbus - ) - app-text/docbook-xml-dtd:4.2 - app-text/docbook-xml-dtd:4.5 - app-text/docbook-xsl-stylesheets - dev-libs/libxslt:0 - ${PYTHON_DEPS} - $(python_gen_cond_dep " - dev-python/jinja2[\${PYTHON_USEDEP}] - dev-python/lxml[\${PYTHON_USEDEP}] - boot? ( - >=dev-python/pyelftools-0.30[\${PYTHON_USEDEP}] - test? ( ${PEFILE_DEPEND} ) - ) - ") -" - -QA_FLAGS_IGNORED="usr/lib/systemd/boot/efi/.*" -QA_EXECSTACK="usr/lib/systemd/boot/efi/*" - -check_cgroup_layout() { - # https://bugs.gentoo.org/935261 - [[ ${MERGE_TYPE} != buildonly ]] || return - [[ -z ${ROOT} ]] || return - [[ -e /sys/fs/cgroup/unified ]] || return - grep -q 'SYSTEMD_CGROUP_ENABLE_LEGACY_FORCE=1' /proc/cmdline && return - - eerror "This system appears to be booted with the 'hybrid' cgroup layout." - eerror "This layout obsolete and is disabled in systemd." - - if grep -qF 'systemd.unified_cgroup_hierarchy'; then - eerror "Remove the systemd.unified_cgroup_hierarchy option" - eerror "from the kernel command line and reboot." - die "hybrid cgroup layout detected" - fi -} - -pkg_pretend() { - if use split-usr; then - eerror "Please complete the migration to merged-usr." - eerror "https://wiki.gentoo.org/wiki/Merge-usr" - die "systemd no longer supports split-usr" - fi - - check_cgroup_layout - - if use cgroup-hybrid; then - eerror "Disable the 'cgroup-hybrid' USE flag." - eerror "Rebuild any initramfs images after rebuilding systemd." - die "cgroup-hybrid is no longer supported" - fi - - if [[ ${MERGE_TYPE} != buildonly ]]; then - local CONFIG_CHECK="~BLK_DEV_BSG ~CGROUPS - ~CGROUP_BPF ~DEVTMPFS ~EPOLL ~FANOTIFY ~FHANDLE - ~INOTIFY_USER ~IPV6 ~NET ~NET_NS ~PROC_FS ~SIGNALFD ~SYSFS - ~TIMERFD ~TMPFS_XATTR ~UNIX ~USER_NS - ~CRYPTO_HMAC ~CRYPTO_SHA256 ~CRYPTO_USER_API_HASH - ~!GRKERNSEC_PROC ~!IDE ~!SYSFS_DEPRECATED - ~!SYSFS_DEPRECATED_V2" - - use acl && CONFIG_CHECK+=" ~TMPFS_POSIX_ACL" - use bpf && CONFIG_CHECK+=" ~BPF ~BPF_SYSCALL ~BPF_LSM ~DEBUG_INFO_BTF" - use seccomp && CONFIG_CHECK+=" ~SECCOMP ~SECCOMP_FILTER" - - if kernel_is -ge 5 10 20; then - CONFIG_CHECK+=" ~KCMP" - else - CONFIG_CHECK+=" ~CHECKPOINT_RESTORE" - fi - - if kernel_is -ge 4 18; then - CONFIG_CHECK+=" ~AUTOFS_FS" - else - CONFIG_CHECK+=" ~AUTOFS4_FS" - fi - - if linux_config_exists; then - local uevent_helper_path=$(linux_chkconfig_string UEVENT_HELPER_PATH) - if [[ -n ${uevent_helper_path} ]] && [[ ${uevent_helper_path} != '""' ]]; then - ewarn "It's recommended to set an empty value to the following kernel config option:" - ewarn "CONFIG_UEVENT_HELPER_PATH=${uevent_helper_path}" - fi - if linux_chkconfig_present X86; then - CONFIG_CHECK+=" ~DMIID" - fi - fi - - if kernel_is -lt ${MINKV//./ }; then - ewarn "Kernel version at least ${MINKV} required" - fi - - check_extra_config - fi -} - -pkg_setup() { - use boot && secureboot_pkg_setup -} - -src_unpack() { - default - [[ ${PV} != 9999 ]] || git-r3_src_unpack -} - -src_prepare() { - local PATCHES=( - "${FILESDIR}"/systemd-257-cred-util-tpm2.patch - ) - - if ! use vanilla; then - PATCHES+=( - "${FILESDIR}/gentoo-journald-audit-r1.patch" - ) - fi - - default -} - -src_configure() { - # Prevent conflicts with i686 cross toolchain, bug 559726 - tc-export AR CC NM OBJCOPY RANLIB - - python_setup - - multilib-minimal_src_configure -} - -multilib_src_configure() { - local myconf=( - --localstatedir="${EPREFIX}/var" - -Ddocdir="share/doc/${PF}" - # default is developer, bug 918671 - -Dmode=release - -Dsupport-url="https://gentoo.org/support/" - -Dpamlibdir="$(getpam_mod_dir)" - # avoid bash-completion dep - -Dbashcompletiondir="$(get_bashcompdir)" - -Dsplit-bin=false - # Disable compatibility with sysvinit - -Dsysvinit-path= - -Dsysvrcnd-path= - # no deps - -Dima=true - # Match /etc/shells, bug 919749 - -Ddebug-shell="${EPREFIX}/bin/sh" - -Ddefault-user-shell="${EPREFIX}/bin/bash" - # Optional components/dependencies - $(meson_native_use_feature acl) - $(meson_native_use_feature apparmor) - $(meson_native_use_feature audit) - $(meson_native_use_feature boot bootloader) - $(meson_native_use_feature bpf bpf-framework) - -Dbpf-compiler=gcc - $(meson_native_use_feature cryptsetup libcryptsetup) - $(meson_native_use_feature curl libcurl) - $(meson_native_use_bool dns-over-tls dns-over-tls) - $(meson_native_use_feature elfutils) - $(meson_native_use_feature fido2 libfido2) - $(meson_feature gcrypt) - $(meson_native_use_feature gnutls) - $(meson_native_use_feature homed) - $(meson_native_use_feature http microhttpd) - $(meson_native_use_bool idn) - $(meson_native_use_feature importd) - $(meson_native_use_feature importd bzip2) - $(meson_native_use_feature importd zlib) - $(meson_native_use_bool kernel-install) - $(meson_native_use_feature kmod) - $(meson_feature lz4) - $(meson_feature lzma xz) - $(meson_use test tests) - $(meson_feature zstd) - $(meson_native_use_feature iptables libiptc) - $(meson_native_use_feature openssl) - $(meson_feature pam) - $(meson_native_use_feature pkcs11 p11kit) - $(meson_native_use_feature pcre pcre2) - $(meson_native_use_feature policykit polkit) - $(meson_native_use_feature pwquality) - $(meson_native_use_feature qrcode qrencode) - $(meson_native_use_feature seccomp) - $(meson_native_use_feature selinux) - $(meson_native_use_feature tpm tpm2) - $(meson_native_use_feature test dbus) - $(meson_native_use_feature ukify) - $(meson_native_use_feature xkb xkbcommon) - -Dntp-servers="0.gentoo.pool.ntp.org 1.gentoo.pool.ntp.org 2.gentoo.pool.ntp.org 3.gentoo.pool.ntp.org" - # Breaks screen, tmux, etc. - -Ddefault-kill-user-processes=false - -Dcreate-log-dirs=false - - # multilib options - $(meson_native_true backlight) - $(meson_native_true binfmt) - $(meson_native_true coredump) - $(meson_native_true environment-d) - $(meson_native_true firstboot) - $(meson_native_true hibernate) - $(meson_native_true hostnamed) - $(meson_native_true ldconfig) - $(meson_native_true localed) - $(meson_native_enabled man) - $(meson_native_true networkd) - $(meson_native_true quotacheck) - $(meson_native_true randomseed) - $(meson_native_true rfkill) - $(meson_native_true sysusers) - $(meson_native_true timedated) - $(meson_native_true timesyncd) - $(meson_native_true tmpfiles) - $(meson_native_true vconsole) - ) - - case $(tc-arch) in - amd64|arm|arm64|loong|ppc|ppc64|riscv|s390|x86) - # src/vmspawn/vmspawn-util.h: QEMU_MACHINE_TYPE - myconf+=( $(meson_native_enabled vmspawn) ) ;; - *) - myconf+=( -Dvmspawn=disabled ) ;; - esac - - meson_src_configure "${myconf[@]}" -} - -multilib_src_test() { - ( - unset DBUS_SESSION_BUS_ADDRESS XDG_RUNTIME_DIR - export COLUMNS=80 - addpredict /dev - addpredict /proc - addpredict /run - addpredict /sys/fs/cgroup - meson_src_test --timeout-multiplier=10 - ) || die -} - -multilib_src_install_all() { - einstalldocs - dodoc "${FILESDIR}"/nsswitch.conf - - insinto /usr/lib/tmpfiles.d - doins "${FILESDIR}"/legacy.conf - - if ! use resolvconf; then - rm -f "${ED}"/usr/bin/resolvconf || die - fi - - if ! use sysv-utils; then - rm "${ED}"/usr/bin/{halt,init,poweroff,reboot,shutdown} || die - rm "${ED}"/usr/share/man/man1/init.1 || die - rm "${ED}"/usr/share/man/man8/{halt,poweroff,reboot,shutdown}.8 || die - fi - - # https://bugs.gentoo.org/761763 - rm -r "${ED}"/usr/lib/sysusers.d || die - - # Preserve empty dirs in /etc & /var, bug #437008 - keepdir /etc/{binfmt.d,modules-load.d,tmpfiles.d} - keepdir /etc/kernel/install.d - keepdir /etc/systemd/{network,system,user} - keepdir /etc/udev/rules.d - - keepdir /etc/udev/hwdb.d - - keepdir /usr/lib/systemd/{system-sleep,system-shutdown} - keepdir /usr/lib/{binfmt.d,modules-load.d} - keepdir /usr/lib/systemd/user-generators - keepdir /var/lib/systemd - keepdir /var/log/journal - - if use pam; then - if use selinux; then - newpamd "${FILESDIR}"/systemd-user-selinux.pam systemd-user - else - newpamd "${FILESDIR}"/systemd-user.pam systemd-user - fi - fi - - if use kernel-install; then - # Dummy config, remove to make room for sys-kernel/installkernel - rm "${ED}/usr/lib/kernel/install.conf" || die - fi - - use ukify && python_fix_shebang "${ED}" - use boot && secureboot_auto_sign -} - -migrate_locale() { - local envd_locale_def="${EROOT}/etc/env.d/02locale" - local envd_locale=( "${EROOT}"/etc/env.d/??locale ) - local locale_conf="${EROOT}/etc/locale.conf" - - if [[ ! -L ${locale_conf} && ! -e ${locale_conf} ]]; then - # If locale.conf does not exist... - if [[ -e ${envd_locale} ]]; then - # ...either copy env.d/??locale if there's one - ebegin "Moving ${envd_locale} to ${locale_conf}" - mv "${envd_locale}" "${locale_conf}" - eend ${?} || FAIL=1 - else - # ...or create a dummy default - ebegin "Creating ${locale_conf}" - cat > "${locale_conf}" <<-EOF - # This file has been created by the sys-apps/systemd ebuild. - # See locale.conf(5) and localectl(1). - - # LANG=${LANG} - EOF - eend ${?} || FAIL=1 - fi - fi - - if [[ ! -L ${envd_locale} ]]; then - # now, if env.d/??locale is not a symlink (to locale.conf)... - if [[ -e ${envd_locale} ]]; then - # ...warn the user that he has duplicate locale settings - ewarn - ewarn "To ensure consistent behavior, you should replace ${envd_locale}" - ewarn "with a symlink to ${locale_conf}. Please migrate your settings" - ewarn "and create the symlink with the following command:" - ewarn "ln -s -n -f ../locale.conf ${envd_locale}" - ewarn - else - # ...or just create the symlink if there's nothing here - ebegin "Creating ${envd_locale_def} -> ../locale.conf symlink" - ln -n -s ../locale.conf "${envd_locale_def}" - eend ${?} || FAIL=1 - fi - fi -} - -pkg_preinst() { - if [[ -e ${EROOT}/etc/sysctl.conf ]]; then - # Symlink /etc/sysctl.conf for easy migration. - dosym ../../../etc/sysctl.conf /usr/lib/sysctl.d/99-sysctl.conf - fi - - if ! use boot && has_version "sys-apps/systemd[gnuefi(-)]"; then - ewarn "The 'gnuefi' USE flag has been renamed to 'boot'." - ewarn "Make sure to enable the 'boot' USE flag if you use systemd-boot." - fi -} - -pkg_postinst() { - systemd_update_catalog - - # Keep this here in case the database format changes so it gets updated - # when required. - systemd-hwdb --root="${ROOT}" update - - udev_reload || FAIL=1 - - # Bug 465468, make sure locales are respected, and ensure consistency - # between OpenRC & systemd - migrate_locale - - if [[ -z ${REPLACING_VERSIONS} ]]; then - if type systemctl &>/dev/null; then - systemctl --root="${ROOT:-/}" enable getty@.service remote-fs.target || FAIL=1 - fi - elog "To enable a useful set of services, run the following:" - elog " systemctl preset-all --preset-mode=enable-only" - fi - - if [[ -L ${EROOT}/var/lib/systemd/timesync ]]; then - rm "${EROOT}/var/lib/systemd/timesync" - fi - - if [[ -z ${ROOT} && -d /run/systemd/system ]]; then - ebegin "Reexecuting system manager (systemd)" - systemctl daemon-reexec - eend $? || FAIL=1 - - # https://lists.freedesktop.org/archives/systemd-devel/2024-June/050466.html - ebegin "Signaling user managers to reexec" - systemctl kill --kill-whom='main' --signal='SIGRTMIN+25' 'user@*.service' - eend $? - fi - - if [[ ${FAIL} ]]; then - eerror "One of the postinst commands failed. Please check the postinst output" - eerror "for errors. You may need to clean up your system and/or try installing" - eerror "systemd again." - eerror - fi - - if use boot; then - optfeature "installing kernels in systemd-boot's native layout and update loader entries" \ - "sys-kernel/installkernel[systemd-boot]" - fi - if use ukify; then - optfeature "generating unified kernel image on each kernel installation" \ - "sys-kernel/installkernel[ukify]" - fi -} - -pkg_prerm() { - # If removing systemd completely, remove the catalog database. - if [[ ! ${REPLACED_BY_VERSION} ]]; then - rm -f -v "${EROOT}"/var/lib/systemd/catalog/database - fi -} diff --git a/sdk_container/src/third_party/portage-stable/sys-apps/systemd/systemd-258.3.ebuild b/sdk_container/src/third_party/portage-stable/sys-apps/systemd/systemd-258.3.ebuild index 907745ccf0..1d462d6ea4 100644 --- a/sdk_container/src/third_party/portage-stable/sys-apps/systemd/systemd-258.3.ebuild +++ b/sdk_container/src/third_party/portage-stable/sys-apps/systemd/systemd-258.3.ebuild @@ -1,4 +1,4 @@ -# Copyright 2011-2025 Gentoo Authors +# Copyright 2011-2026 Gentoo Authors # Distributed under the terms of the GNU General Public License v2 EAPI=8 @@ -20,7 +20,7 @@ else SRC_URI="https://github.com/systemd/${PN}/archive/refs/tags/v${MY_PV}.tar.gz -> ${MY_P}.tar.gz" if [[ ${PV} != *rc* ]] ; then - KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~loong ~m68k ~mips ~ppc ~ppc64 ~riscv ~s390 ~sparc ~x86" + KEYWORDS="~alpha amd64 arm arm64 ~hppa ~loong ~m68k ~mips ppc ppc64 ~riscv ~s390 ~sparc x86" fi fi @@ -280,6 +280,7 @@ src_prepare() { local PATCHES=( "${FILESDIR}/systemd-258-shared-add-missing-alloc-util.patch" "${FILESDIR}/systemd-258.3-kernel-install-test.patch" + "${FILESDIR}/systemd-259-test-echo.patch" ) if ! use vanilla; then diff --git a/sdk_container/src/third_party/portage-stable/sys-apps/systemd/systemd-257.10.ebuild b/sdk_container/src/third_party/portage-stable/sys-apps/systemd/systemd-259.1.ebuild similarity index 93% rename from sdk_container/src/third_party/portage-stable/sys-apps/systemd/systemd-257.10.ebuild rename to sdk_container/src/third_party/portage-stable/sys-apps/systemd/systemd-259.1.ebuild index 3cee9769ce..1750925132 100644 --- a/sdk_container/src/third_party/portage-stable/sys-apps/systemd/systemd-257.10.ebuild +++ b/sdk_container/src/third_party/portage-stable/sys-apps/systemd/systemd-259.1.ebuild @@ -1,8 +1,8 @@ -# Copyright 2011-2025 Gentoo Authors +# Copyright 2011-2026 Gentoo Authors # Distributed under the terms of the GNU General Public License v2 EAPI=8 -PYTHON_COMPAT=( python3_{11..13} ) +PYTHON_COMPAT=( python3_{11..14} ) # Avoid QA warnings TMPFILES_OPTIONAL=1 @@ -20,12 +20,12 @@ else SRC_URI="https://github.com/systemd/${PN}/archive/refs/tags/v${MY_PV}.tar.gz -> ${MY_P}.tar.gz" if [[ ${PV} != *rc* ]] ; then - KEYWORDS="~alpha amd64 arm arm64 ~hppa ~loong ~m68k ~mips ppc ppc64 ~riscv ~s390 ~sparc x86" + KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~loong ~m68k ~mips ~ppc ~ppc64 ~riscv ~s390 ~sparc ~x86" fi fi -inherit bash-completion-r1 linux-info meson-multilib optfeature pam python-single-r1 -inherit secureboot systemd toolchain-funcs udev +inherit branding linux-info meson-multilib optfeature pam python-single-r1 +inherit secureboot shell-completion systemd toolchain-funcs udev DESCRIPTION="System and service manager for Linux" HOMEPAGE="https://systemd.io/" @@ -35,15 +35,17 @@ SLOT="0/2" IUSE=" acl apparmor audit boot bpf cgroup-hybrid cryptsetup curl +dns-over-tls elfutils fido2 +gcrypt gnutls homed http idn importd iptables +kernel-install +kmod - +lz4 lzma +openssl pam pcre pkcs11 policykit pwquality qrcode + +lz4 lzma +openssl pam passwdqc pcre pkcs11 policykit pwquality qrcode +resolvconf +seccomp selinux split-usr +sysv-utils test tpm ukify vanilla xkb +zstd " REQUIRED_USE=" ${PYTHON_REQUIRED_USE} - dns-over-tls? ( || ( gnutls openssl ) ) + dns-over-tls? ( openssl ) fido2? ( cryptsetup openssl ) homed? ( cryptsetup pam openssl ) - importd? ( curl lzma || ( gcrypt openssl ) ) + importd? ( curl lzma openssl ) + ?? ( passwdqc pwquality ) + passwdqc? ( homed ) pwquality? ( homed ) boot? ( kernel-install ) ukify? ( boot ) @@ -63,7 +65,9 @@ COMMON_DEPEND=" cryptsetup? ( >=sys-fs/cryptsetup-2.0.1:0= ) curl? ( >=net-misc/curl-7.32.0:0= ) elfutils? ( >=dev-libs/elfutils-0.158:0= ) - fido2? ( dev-libs/libfido2:0= ) + fido2? ( + dev-libs/libfido2:0= + ) gcrypt? ( >=dev-libs/libgcrypt-1.4.5:0=[${MULTILIB_USEDEP}] ) gnutls? ( >=net-libs/gnutls-3.6.0:0= ) http? ( >=net-libs/libmicrohttpd-0.9.33:0=[epoll(+)] ) @@ -78,6 +82,7 @@ COMMON_DEPEND=" iptables? ( net-firewall/iptables:0= ) openssl? ( >=dev-libs/openssl-1.1.0:0= ) pam? ( sys-libs/pam:=[${MULTILIB_USEDEP}] ) + passwdqc? ( sys-auth/passwdqc:0= ) pkcs11? ( >=app-crypt/p11-kit-0.23.3:0= ) pcre? ( dev-libs/libpcre2 ) pwquality? ( >=dev-libs/libpwquality-1.4.1:0= ) @@ -105,6 +110,7 @@ RDEPEND="${COMMON_DEPEND} >=acct-group/utmp-0-r1 >=acct-group/audio-0-r1 >=acct-group/cdrom-0-r1 + acct-group/clock >=acct-group/dialout-0-r1 >=acct-group/disk-0-r1 >=acct-group/input-0-r1 @@ -125,6 +131,7 @@ RDEPEND="${COMMON_DEPEND} >=acct-user/systemd-resolve-0-r1 >=acct-user/systemd-timesync-0-r1 >=sys-apps/baselayout-2.2 + elibc_musl? ( >=sys-libs/musl-1.2.5-r8 ) ukify? ( ${PYTHON_DEPS} $(python_gen_cond_dep "${PEFILE_DEPEND}") @@ -272,12 +279,12 @@ src_unpack() { src_prepare() { local PATCHES=( - "${FILESDIR}"/systemd-257-cred-util-tpm2.patch + "${FILESDIR}/systemd-259-test-echo.patch" ) if ! use vanilla; then PATCHES+=( - "${FILESDIR}/gentoo-journald-audit-r1.patch" + "${FILESDIR}/gentoo-journald-audit-r4.patch" ) fi @@ -299,10 +306,12 @@ multilib_src_configure() { -Ddocdir="share/doc/${PF}" # default is developer, bug 918671 -Dmode=release - -Dsupport-url="https://gentoo.org/support/" + -Dsupport-url="${BRANDING_OS_SUPPORT_URL}" -Dpamlibdir="$(getpam_mod_dir)" + -Dlibc=$(usex elibc_musl musl glibc) # avoid bash-completion dep -Dbashcompletiondir="$(get_bashcompdir)" + -Dzshcompletiondir="$(get_zshcompdir)" -Dsplit-bin=false # Disable compatibility with sysvinit -Dsysvinit-path= @@ -336,11 +345,11 @@ multilib_src_configure() { $(meson_native_use_feature kmod) $(meson_feature lz4) $(meson_feature lzma xz) - $(meson_use test tests) $(meson_feature zstd) $(meson_native_use_feature iptables libiptc) $(meson_native_use_feature openssl) $(meson_feature pam) + $(meson_native_use_feature passwdqc) $(meson_native_use_feature pkcs11 p11kit) $(meson_native_use_feature pcre pcre2) $(meson_native_use_feature policykit polkit) @@ -379,6 +388,13 @@ multilib_src_configure() { $(meson_native_true vconsole) ) + # workaround for bug 969103 + if [[ ${CHOST} == riscv32* ]] ; then + myconf+=( -Dtests=true ) + else + myconf+=( $(meson_use test tests) ) + fi + case $(tc-arch) in amd64|arm|arm64|loong|ppc|ppc64|riscv|s390|x86) # src/vmspawn/vmspawn-util.h: QEMU_MACHINE_TYPE diff --git a/sdk_container/src/third_party/portage-stable/sys-apps/systemd/systemd-258.2.ebuild b/sdk_container/src/third_party/portage-stable/sys-apps/systemd/systemd-259.2.ebuild similarity index 96% rename from sdk_container/src/third_party/portage-stable/sys-apps/systemd/systemd-258.2.ebuild rename to sdk_container/src/third_party/portage-stable/sys-apps/systemd/systemd-259.2.ebuild index b8ecef3654..5a6103b359 100644 --- a/sdk_container/src/third_party/portage-stable/sys-apps/systemd/systemd-258.2.ebuild +++ b/sdk_container/src/third_party/portage-stable/sys-apps/systemd/systemd-259.2.ebuild @@ -1,4 +1,4 @@ -# Copyright 2011-2025 Gentoo Authors +# Copyright 2011-2026 Gentoo Authors # Distributed under the terms of the GNU General Public License v2 EAPI=8 @@ -24,8 +24,8 @@ else fi fi -inherit bash-completion-r1 linux-info meson-multilib optfeature pam python-single-r1 -inherit secureboot systemd toolchain-funcs udev +inherit branding linux-info meson-multilib optfeature pam python-single-r1 +inherit secureboot shell-completion systemd toolchain-funcs udev DESCRIPTION="System and service manager for Linux" HOMEPAGE="https://systemd.io/" @@ -131,6 +131,7 @@ RDEPEND="${COMMON_DEPEND} >=acct-user/systemd-resolve-0-r1 >=acct-user/systemd-timesync-0-r1 >=sys-apps/baselayout-2.2 + elibc_musl? ( >=sys-libs/musl-1.2.5-r8 ) ukify? ( ${PYTHON_DEPS} $(python_gen_cond_dep "${PEFILE_DEPEND}") @@ -278,12 +279,11 @@ src_unpack() { src_prepare() { local PATCHES=( - "${FILESDIR}/systemd-258-shared-add-missing-alloc-util.patch" ) if ! use vanilla; then PATCHES+=( - "${FILESDIR}/gentoo-journald-audit-r3.patch" + "${FILESDIR}/gentoo-journald-audit-r4.patch" ) fi @@ -305,10 +305,12 @@ multilib_src_configure() { -Ddocdir="share/doc/${PF}" # default is developer, bug 918671 -Dmode=release - -Dsupport-url="https://gentoo.org/support/" + -Dsupport-url="${BRANDING_OS_SUPPORT_URL}" -Dpamlibdir="$(getpam_mod_dir)" + -Dlibc=$(usex elibc_musl musl glibc) # avoid bash-completion dep -Dbashcompletiondir="$(get_bashcompdir)" + -Dzshcompletiondir="$(get_zshcompdir)" -Dsplit-bin=false # Disable compatibility with sysvinit -Dsysvinit-path= @@ -342,7 +344,6 @@ multilib_src_configure() { $(meson_native_use_feature kmod) $(meson_feature lz4) $(meson_feature lzma xz) - $(meson_use test tests) $(meson_feature zstd) $(meson_native_use_feature iptables libiptc) $(meson_native_use_feature openssl) @@ -386,6 +387,13 @@ multilib_src_configure() { $(meson_native_true vconsole) ) + # workaround for bug 969103 + if [[ ${CHOST} == riscv32* ]] ; then + myconf+=( -Dtests=true ) + else + myconf+=( $(meson_use test tests) ) + fi + case $(tc-arch) in amd64|arm|arm64|loong|ppc|ppc64|riscv|s390|x86) # src/vmspawn/vmspawn-util.h: QEMU_MACHINE_TYPE diff --git a/sdk_container/src/third_party/portage-stable/sys-apps/systemd/systemd-259.ebuild b/sdk_container/src/third_party/portage-stable/sys-apps/systemd/systemd-259.ebuild index f17ee9848e..83d7f3cc53 100644 --- a/sdk_container/src/third_party/portage-stable/sys-apps/systemd/systemd-259.ebuild +++ b/sdk_container/src/third_party/portage-stable/sys-apps/systemd/systemd-259.ebuild @@ -131,6 +131,7 @@ RDEPEND="${COMMON_DEPEND} >=acct-user/systemd-resolve-0-r1 >=acct-user/systemd-timesync-0-r1 >=sys-apps/baselayout-2.2 + elibc_musl? ( >=sys-libs/musl-1.2.5-r8 ) ukify? ( ${PYTHON_DEPS} $(python_gen_cond_dep "${PEFILE_DEPEND}") @@ -278,6 +279,7 @@ src_unpack() { src_prepare() { local PATCHES=( + "${FILESDIR}/systemd-259-vmspawn-use-indexed-loop.patch" ) if ! use vanilla; then @@ -306,6 +308,7 @@ multilib_src_configure() { -Dmode=release -Dsupport-url="https://gentoo.org/support/" -Dpamlibdir="$(getpam_mod_dir)" + -Dlibc=$(usex elibc_musl musl glibc) # avoid bash-completion dep -Dbashcompletiondir="$(get_bashcompdir)" -Dsplit-bin=false diff --git a/sdk_container/src/third_party/portage-stable/sys-apps/systemd/systemd-9999.ebuild b/sdk_container/src/third_party/portage-stable/sys-apps/systemd/systemd-9999.ebuild index ade9936865..5a6103b359 100644 --- a/sdk_container/src/third_party/portage-stable/sys-apps/systemd/systemd-9999.ebuild +++ b/sdk_container/src/third_party/portage-stable/sys-apps/systemd/systemd-9999.ebuild @@ -1,4 +1,4 @@ -# Copyright 2011-2025 Gentoo Authors +# Copyright 2011-2026 Gentoo Authors # Distributed under the terms of the GNU General Public License v2 EAPI=8 @@ -24,8 +24,8 @@ else fi fi -inherit bash-completion-r1 linux-info meson-multilib optfeature pam python-single-r1 -inherit secureboot systemd toolchain-funcs udev +inherit branding linux-info meson-multilib optfeature pam python-single-r1 +inherit secureboot shell-completion systemd toolchain-funcs udev DESCRIPTION="System and service manager for Linux" HOMEPAGE="https://systemd.io/" @@ -131,6 +131,7 @@ RDEPEND="${COMMON_DEPEND} >=acct-user/systemd-resolve-0-r1 >=acct-user/systemd-timesync-0-r1 >=sys-apps/baselayout-2.2 + elibc_musl? ( >=sys-libs/musl-1.2.5-r8 ) ukify? ( ${PYTHON_DEPS} $(python_gen_cond_dep "${PEFILE_DEPEND}") @@ -304,10 +305,12 @@ multilib_src_configure() { -Ddocdir="share/doc/${PF}" # default is developer, bug 918671 -Dmode=release - -Dsupport-url="https://gentoo.org/support/" + -Dsupport-url="${BRANDING_OS_SUPPORT_URL}" -Dpamlibdir="$(getpam_mod_dir)" + -Dlibc=$(usex elibc_musl musl glibc) # avoid bash-completion dep -Dbashcompletiondir="$(get_bashcompdir)" + -Dzshcompletiondir="$(get_zshcompdir)" -Dsplit-bin=false # Disable compatibility with sysvinit -Dsysvinit-path= @@ -341,7 +344,6 @@ multilib_src_configure() { $(meson_native_use_feature kmod) $(meson_feature lz4) $(meson_feature lzma xz) - $(meson_use test tests) $(meson_feature zstd) $(meson_native_use_feature iptables libiptc) $(meson_native_use_feature openssl) @@ -385,6 +387,13 @@ multilib_src_configure() { $(meson_native_true vconsole) ) + # workaround for bug 969103 + if [[ ${CHOST} == riscv32* ]] ; then + myconf+=( -Dtests=true ) + else + myconf+=( $(meson_use test tests) ) + fi + case $(tc-arch) in amd64|arm|arm64|loong|ppc|ppc64|riscv|s390|x86) # src/vmspawn/vmspawn-util.h: QEMU_MACHINE_TYPE