mirrors/flatcar-scripts
1
0
Fork 0
mirror of https://github.com/flatcar/scripts.git synced 2025-10-08 14:02:11 +02:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #781 from marineam/polkit

Browse Source 
Add polkit and support for DHCP host names
This commit is contained in:
Michael Marineau 2014-08-01 16:09:57 -07:00
commit 0da3ae7947
19 changed files with 151 additions and 895 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
sdk_container/src/third_party/coreos-overlay/profiles/coreos/targets/generic/make.defaults vendored
View File

@ -1,7 +1,7 @@
# Copyright (c) 2012 The Chromium OS Authors. All rights reserved.
# Distributed under the terms of the GNU General Public License v2
USE="cros-debug acpi usb symlink-usr cryptsetup -pam"
USE="cros-debug acpi usb symlink-usr cryptsetup policykit -pam"
USE="${USE} -cros_host -expat -pic -pie -cairo -X"
USE="${USE} -acl -cracklib -gpm -openmp -python -sha512"
USE="${USE} -fortran -abiword -perl -cups -poppler-data -nls"

0
sdk_container/src/third_party/coreos-overlay/sys-apps/baselayout/baselayout-3.0.7.ebuild → sdk_container/src/third_party/coreos-overlay/sys-apps/baselayout/baselayout-3.0.8.ebuild vendored
View File

2
sdk_container/src/third_party/coreos-overlay/sys-apps/baselayout/baselayout-9999.ebuild vendored
View File

@ -9,7 +9,7 @@ CROS_WORKON_REPO="git://github.com"
if [[ "${PV}" == 9999 ]]; then
KEYWORDS="~amd64 ~arm ~x86"
else
CROS_WORKON_COMMIT="ae1f7e3185508dd48b43c3cad03fcf83003f32cc"
CROS_WORKON_COMMIT="39e4ccfce6aae080fafb4619007899fbf381a667"
KEYWORDS="amd64 arm x86"
fi

1
sdk_container/src/third_party/coreos-overlay/sys-apps/systemd/Manifest vendored
View File

@ -1,2 +1 @@
DIST systemd-212.tar.xz 2722692 SHA256 652906b43704fe705cb47757ea9bbbf3c1ab4a1d55ea38b0013a6f2d0863f2c2 SHA512 3e6dac77785cb2f928886886f92cdd11ed00a4db1453699e0102d3ecffa03d1795f44df10239105e4b2b039f0e3e4b5d44c9f876f25c10a6dc4f7e1fbf87c333 WHIRLPOOL 31d1a967435963155c60ca5016f207aa105e9ddcb7d73e9fcde20f7e1fb66701384b81ee01134bf4d75dfa1ea0d412bb352ff11ac6f8c05e836135baf94bbe37
DIST systemd-215.tar.xz 2888652 SHA256 ce76a3c05e7d4adc806a3446a5510c0c9b76a33f19adc32754b69a0945124505 SHA512 58de0bf7c43c309c2f8e4b7af16b46608a4ea39cbb280496fe5d43d76ea25545484f4ef62efce18be487c69134e4a038d8787f2c262484f92f7fc6feb3ae2f11 WHIRLPOOL 07389822b9f09cd91f360f3cbdcd0b5bf46ba1750dd1a4ad44fd2813436ef40b447b954d33582ffe83aebde618ecbeac4d2f3231d8afbf3975caf84f52b1053a

12
sdk_container/src/third_party/coreos-overlay/sys-apps/systemd/files/211-tmpfiles.patch vendored
View File

@ -1,12 +0,0 @@
diff --git a/tmpfiles.d/systemd.conf b/tmpfiles.d/systemd.conf
index 7c6d6b9099b9..1aeb5e40f1ee 100644
--- a/tmpfiles.d/systemd.conf
+++ b/tmpfiles.d/systemd.conf
@@ -24,5 +24,7 @@ d /run/systemd/shutdown 0755 root root -
m /var/log/journal 2755 root systemd-journal - -
m /var/log/journal/%m 2755 root systemd-journal - -
+m /var/log/journal/%m/system.journal 2755 root systemd-journal - -
m /run/log/journal 2755 root systemd-journal - -
m /run/log/journal/%m 2755 root systemd-journal - -
+m /run/log/journal/%m/system.journal 2755 root systemd-journal - -

32
sdk_container/src/third_party/coreos-overlay/sys-apps/systemd/files/212-0001-sd-rtnl-fix-off-by-one.patch vendored
View File

@ -1,32 +0,0 @@
From ef1a79119cc9cdeef03af17795e6a05459a0f3af Mon Sep 17 00:00:00 2001
From: Steven Siloti <ssiloti@gmail.com>
Date: Sun, 30 Mar 2014 21:20:26 -0700
Subject: [PATCH] sd-rtnl: fix off-by-one
To: systemd-devel@lists.freedesktop.org
Also fix type parameter passed to new0
---
src/libsystemd/sd-rtnl/rtnl-message.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/src/libsystemd/sd-rtnl/rtnl-message.c b/src/libsystemd/sd-rtnl/rtnl-message.c
index 84a8ffa..97ace2a 100644
--- a/src/libsystemd/sd-rtnl/rtnl-message.c
+++ b/src/libsystemd/sd-rtnl/rtnl-message.c
@@ -1073,11 +1073,11 @@ int rtnl_message_parse(sd_rtnl_message *m,
unsigned short type;
size_t *tb;
- tb = (size_t *) new0(size_t *, max);
+ tb = new0(size_t, max + 1);
if(!tb)
return -ENOMEM;
- *rta_tb_size = max;
+ *rta_tb_size = max + 1;
for (; RTA_OK(rta, rt_len); rta = RTA_NEXT(rta, rt_len)) {
type = rta->rta_type;
--
1.9.1

35
sdk_container/src/third_party/coreos-overlay/sys-apps/systemd/files/212-0002-job-add-waiting-jobs-to-run-queue-in-unit_coldplug.patch vendored
View File

@ -1,35 +0,0 @@
From ff790a30ceae4e64249544f9719f78c385308f67 Mon Sep 17 00:00:00 2001
From: Brandon Philips <brandon@ifup.co>
Date: Fri, 25 Apr 2014 09:31:59 -0600
Subject: [PATCH 2/4] job: add waiting jobs to run queue in unit_coldplug
When we have job installed and added to run queue for service which is
still in dead state and systemd initiates reload then after reload we
never add deserialized job to the run queue again. This is caused by
check in service_coldplug() where we check if deserialized state is
something else than dead state, which is not the case thus we never call
service_set_state() and finally unit_notify() where we would have added
job to the run queue.
Thanks to Michal Sekletar <msekleta@redhat.com> for the original patch.
---
src/core/job.c | 3 +++
1 file changed, 3 insertions(+)
diff --git a/src/core/job.c b/src/core/job.c
index 35a9de6..835cfe1 100644
--- a/src/core/job.c
+++ b/src/core/job.c
@@ -1066,6 +1066,9 @@ int job_coldplug(Job *j) {
if (j->timer_event_source)
j->timer_event_source = sd_event_source_unref(j->timer_event_source);
+ if (j->state == JOB_WAITING)
+ job_add_to_run_queue(j);
+
r = sd_event_add_time(
j->manager->event,
&j->timer_event_source,
--
1.8.5.5

39
sdk_container/src/third_party/coreos-overlay/sys-apps/systemd/files/212-0003-job-always-add-waiting-jobs-to-run-queue-during-cold.patch vendored
View File

@ -1,39 +0,0 @@
From 05728416aba07cf66e6933e65c5c076643a1d62b Mon Sep 17 00:00:00 2001
From: Michael Marineau <michael.marineau@coreos.com>
Date: Mon, 12 May 2014 09:26:16 +0200
Subject: [PATCH 3/4] job: always add waiting jobs to run queue during coldplug
commit 20a83d7bf was not equivalent to the original bug fix proposed by
Michal Sekletar <msekleta@redhat.com>. The committed version only added
the job to the run queue if the job had a timeout, which most jobs do
not have. Just re-ordering the code gets us the intended functionality
---
src/core/job.c | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/src/core/job.c b/src/core/job.c
index 835cfe1..dc4f441 100644
--- a/src/core/job.c
+++ b/src/core/job.c
@@ -1060,15 +1060,15 @@ int job_coldplug(Job *j) {
if (r < 0)
return r;
+ if (j->state == JOB_WAITING)
+ job_add_to_run_queue(j);
+
if (j->begin_usec == 0 || j->unit->job_timeout == 0)
return 0;
if (j->timer_event_source)
j->timer_event_source = sd_event_source_unref(j->timer_event_source);
- if (j->state == JOB_WAITING)
- job_add_to_run_queue(j);
-
r = sd_event_add_time(
j->manager->event,
&j->timer_event_source,
--
1.8.5.5

118
sdk_container/src/third_party/coreos-overlay/sys-apps/systemd/files/212-0004-core-make-sure-to-serialize-jobs-for-all-units.patch vendored
View File

@ -1,118 +0,0 @@
From fb7fe351e092bb591a6fc24c76fd4a8effec644d Mon Sep 17 00:00:00 2001
From: Lennart Poettering <lennart@poettering.net>
Date: Fri, 16 May 2014 01:15:03 +0200
Subject: [PATCH 4/4] core: make sure to serialize jobs for all units
Previously we wouldn't serialize jobs for units that themselves have
nothing to serialize.
http://lists.freedesktop.org/archives/systemd-devel/2014-May/019051.html
---
src/core/manager.c | 3 ---
src/core/unit.c | 43 +++++++++++++++++++++----------------------
2 files changed, 21 insertions(+), 25 deletions(-)
diff --git a/src/core/manager.c b/src/core/manager.c
index 224106c..0b91db3 100644
--- a/src/core/manager.c
+++ b/src/core/manager.c
@@ -2129,9 +2129,6 @@ int manager_serialize(Manager *m, FILE *f, FDSet *fds, bool switching_root) {
if (u->id != t)
continue;
- if (!unit_can_serialize(u))
- continue;
-
/* Start marker */
fputs(u->id, f);
fputc('\n', f);
diff --git a/src/core/unit.c b/src/core/unit.c
index 153b79b..9147686 100644
--- a/src/core/unit.c
+++ b/src/core/unit.c
@@ -2287,25 +2287,25 @@ bool unit_can_serialize(Unit *u) {
}
int unit_serialize(Unit *u, FILE *f, FDSet *fds, bool serialize_jobs) {
- ExecRuntime *rt;
int r;
assert(u);
assert(f);
assert(fds);
- if (!unit_can_serialize(u))
- return 0;
-
- r = UNIT_VTABLE(u)->serialize(u, f, fds);
- if (r < 0)
- return r;
+ if (unit_can_serialize(u)) {
+ ExecRuntime *rt;
- rt = unit_get_exec_runtime(u);
- if (rt) {
- r = exec_runtime_serialize(rt, u, f, fds);
+ r = UNIT_VTABLE(u)->serialize(u, f, fds);
if (r < 0)
return r;
+
+ rt = unit_get_exec_runtime(u);
+ if (rt) {
+ r = exec_runtime_serialize(rt, u, f, fds);
+ if (r < 0)
+ return r;
+ }
}
dual_timestamp_serialize(f, "inactive-exit-timestamp", &u->inactive_exit_timestamp);
@@ -2367,17 +2367,14 @@ void unit_serialize_item(Unit *u, FILE *f, const char *key, const char *value) {
}
int unit_deserialize(Unit *u, FILE *f, FDSet *fds) {
- size_t offset;
ExecRuntime **rt = NULL;
+ size_t offset;
int r;
assert(u);
assert(f);
assert(fds);
- if (!unit_can_serialize(u))
- return 0;
-
offset = UNIT_VTABLE(u)->exec_runtime_offset;
if (offset > 0)
rt = (ExecRuntime**) ((uint8_t*) u + offset);
@@ -2494,17 +2491,19 @@ int unit_deserialize(Unit *u, FILE *f, FDSet *fds) {
continue;
}
- if (rt) {
- r = exec_runtime_deserialize_item(rt, u, l, v, fds);
+ if (unit_can_serialize(u)) {
+ if (rt) {
+ r = exec_runtime_deserialize_item(rt, u, l, v, fds);
+ if (r < 0)
+ return r;
+ if (r > 0)
+ continue;
+ }
+
+ r = UNIT_VTABLE(u)->deserialize_item(u, l, v, fds);
if (r < 0)
return r;
- if (r > 0)
- continue;
}
-
- r = UNIT_VTABLE(u)->deserialize_item(u, l, v, fds);
- if (r < 0)
- return r;
}
}
--
1.8.5.5

73
sdk_container/src/third_party/coreos-overlay/sys-apps/systemd/files/212-0005-conf-parser-silently-ignore-sections-starting-with-X.patch vendored
View File

@ -1,73 +0,0 @@
From 92b626e34454aa14b51a9b21a1e885806c10d2fb Mon Sep 17 00:00:00 2001
From: Michael Marineau <michael.marineau@coreos.com>
Date: Fri, 16 May 2014 16:03:38 -0700
Subject: [PATCH 5/5] conf-parser: silently ignore sections starting with "X-"
This allows external tools to keep additional unit information in a
separate section without scaring users with a big warning.
---
src/shared/conf-parser.c | 9 +++++++--
1 file changed, 7 insertions(+), 2 deletions(-)
diff --git a/src/shared/conf-parser.c b/src/shared/conf-parser.c
index d27b1b7..062b15b 100644
--- a/src/shared/conf-parser.c
+++ b/src/shared/conf-parser.c
@@ -204,6 +204,7 @@ static int parse_line(const char* unit,
bool allow_include,
char **section,
unsigned *section_line,
+ bool *section_ignored,
char *l,
void *userdata) {
@@ -266,7 +267,7 @@ static int parse_line(const char* unit,
if (sections && !nulstr_contains(sections, n)) {
- if (!relaxed)
+ if (!relaxed && !startswith(n, "X-"))
log_syntax(unit, LOG_WARNING, filename, line, EINVAL,
"Unknown section '%s'. Ignoring.", n);
@@ -274,10 +275,12 @@ static int parse_line(const char* unit,
free(*section);
*section = NULL;
*section_line = 0;
+ *section_ignored = true;
} else {
free(*section);
*section = n;
*section_line = line;
+ *section_ignored = false;
}
return 0;
@@ -285,7 +288,7 @@ static int parse_line(const char* unit,
if (sections && !*section) {
- if (!relaxed)
+ if (!relaxed && !*section_ignored)
log_syntax(unit, LOG_WARNING, filename, line, EINVAL,
"Assignment outside of section. Ignoring.");
@@ -328,6 +331,7 @@ int config_parse(const char *unit,
_cleanup_free_ char *section = NULL, *continuation = NULL;
_cleanup_fclose_ FILE *ours = NULL;
unsigned line = 0, section_line = 0;
+ bool section_ignored = false;
int r;
assert(filename);
@@ -399,6 +403,7 @@ int config_parse(const char *unit,
allow_include,
&section,
&section_line,
+ &section_ignored,
p,
userdata);
free(c);
--
1.8.5.5

74
sdk_container/src/third_party/coreos-overlay/sys-apps/systemd/files/212-0006-networkd-netdev-allow-setting-macaddress-in-netdev-files.patch vendored
View File

@ -1,74 +0,0 @@
From e846210989367233171151ae3528d65b63a9e5a8 Mon Sep 17 00:00:00 2001
From: Tom Gundersen <teg@jklm.no>
Date: Sat, 14 Jun 2014 15:38:35 +0200
Subject: [PATCH] networkd: netdev - allow setting MACAddress in .netdev files
It may sometimes be necessary to specify the MAC address of a netdev.
Let us set the correct one from the get-go, rather than having the
kernel generate a random one, and then change it after.
Conflicts:
src/network/networkd-netdev-gperf.gperf
src/network/networkd-netdev.c
src/network/networkd-tunnel.c
src/network/networkd-veth.c
src/network/networkd.h
---
src/network/networkd-netdev-gperf.gperf | 1 +
src/network/networkd-netdev.c | 11 +++++++++++
src/network/networkd.h | 1 +
3 files changed, 13 insertions(+)
diff --git a/src/network/networkd-netdev-gperf.gperf b/src/network/networkd-netdev-gperf.gperf
index ea7ba57..30b9333 100644
--- a/src/network/networkd-netdev-gperf.gperf
+++ b/src/network/networkd-netdev-gperf.gperf
@@ -24,3 +24,4 @@ NetDev.Name, config_parse_ifname, 0,
NetDev.Kind, config_parse_netdev_kind, 0, offsetof(NetDev, kind)
VLAN.Id, config_parse_uint64, 0, offsetof(NetDev, vlanid)
MACVLAN.Mode, config_parse_macvlan_mode, 0, offsetof(NetDev, macvlan_mode)
+NetDev.MACAddress, config_parse_hwaddr, 0, offsetof(NetDev, mac)
diff --git a/src/network/networkd-netdev.c b/src/network/networkd-netdev.c
index e333c47..07a0878 100644
--- a/src/network/networkd-netdev.c
+++ b/src/network/networkd-netdev.c
@@ -66,6 +66,7 @@ void netdev_free(NetDev *netdev) {
free(netdev->description);
free(netdev->name);
+ free(netdev->mac);
condition_free_list(netdev->match_host);
condition_free_list(netdev->match_virt);
@@ -277,6 +278,16 @@ static int netdev_create(NetDev *netdev, Link *link, sd_rtnl_message_handler_t c
return r;
}
+ if (netdev->mac) {
+ r = sd_rtnl_message_append_ether_addr(req, IFLA_ADDRESS, netdev->mac);
+ if (r < 0) {
+ log_error_netdev(netdev,
+ "Colud not append IFLA_ADDRESS attribute: %s",
+ strerror(-r));
+ return r;
+ }
+ }
+
r = sd_rtnl_message_open_container(req, IFLA_LINKINFO);
if (r < 0) {
log_error_netdev(netdev,
diff --git a/src/network/networkd.h b/src/network/networkd.h
index 8144031..877ac83 100644
--- a/src/network/networkd.h
+++ b/src/network/networkd.h
@@ -90,6 +90,7 @@ struct NetDev {
char *description;
char *name;
+ struct ether_addr *mac;
NetDevKind kind;
uint64_t vlanid;
--
1.9.3

1
sdk_container/src/third_party/coreos-overlay/sys-apps/systemd/files/213-systemd-resolv.conf vendored
View File

@ -1 +0,0 @@
L /etc/resolv.conf - - - - /run/systemd/network/resolv.conf

6
sdk_container/src/third_party/coreos-overlay/sys-apps/systemd/files/99-org.freedesktop.hostname1.rules vendored Normal file
View File

@ -0,0 +1,6 @@
polkit.addRule(function(action, subject) {
if (action.id == "org.freedesktop.hostname1.set-hostname" &&
subject.user == "systemd-network") {
return polkit.Result.YES;
}
});

506
sdk_container/src/third_party/coreos-overlay/sys-apps/systemd/systemd-212-r10.ebuild vendored
View File

@ -1,506 +0,0 @@
# Copyright 1999-2014 Gentoo Foundation
# Distributed under the terms of the GNU General Public License v2
# $Header: /var/cvsroot/gentoo-x86/sys-apps/systemd/systemd-9999.ebuild,v 1.103 2014/03/31 19:01:25 floppym Exp $
EAPI=5
if [[ ${PV} == 9999 ]]; then
AUTOTOOLS_AUTORECONF=yes
EGIT_REPO_URI="git://anongit.freedesktop.org/${PN}/${PN}
http://cgit.freedesktop.org/${PN}/${PN}/"
inherit git-r3
elif [[ ${PV} == *9999 ]]; then
AUTOTOOLS_AUTORECONF=yes
EGIT_REPO_URI="git://anongit.freedesktop.org/${PN}/${PN}-stable
http://cgit.freedesktop.org/${PN}/${PN}-stable/"
EGIT_BRANCH=v${PV%%.*}-stable
inherit git-r3
fi
AUTOTOOLS_PRUNE_LIBTOOL_FILES=all
PYTHON_COMPAT=( python{2_7,3_2,3_3} )
inherit autotools-utils bash-completion-r1 fcaps linux-info multilib \
multilib-minimal pam python-single-r1 systemd toolchain-funcs udev \
user
DESCRIPTION="System and service manager for Linux"
HOMEPAGE="http://www.freedesktop.org/wiki/Software/systemd"
SRC_URI="http://www.freedesktop.org/software/systemd/${P}.tar.xz"
LICENSE="GPL-2 LGPL-2.1 MIT public-domain"
SLOT="0/2"
KEYWORDS="~alpha amd64 ~arm ~ia64 ~ppc ~ppc64 ~sparc ~x86"
IUSE="acl audit cryptsetup doc +firmware-loader gcrypt gudev http introspection
kdbus +kmod lzma pam policykit python qrcode +seccomp selinux ssl
test xattr"
MINKV="3.0"
COMMON_DEPEND=">=sys-apps/util-linux-2.20:0=
sys-libs/libcap:0=
acl? ( sys-apps/acl:0= )
audit? ( >=sys-process/audit-2:0= )
cryptsetup? ( >=sys-fs/cryptsetup-1.6:0= )
gcrypt? ( >=dev-libs/libgcrypt-1.4.5:0= )
gudev? ( dev-libs/glib:2=[${MULTILIB_USEDEP}] )
http? ( >=net-libs/libmicrohttpd-0.9.33:0= )
introspection? ( >=dev-libs/gobject-introspection-1.31.1:0= )
kmod? ( >=sys-apps/kmod-15:0= )
lzma? ( app-arch/xz-utils:0=[${MULTILIB_USEDEP}] )
pam? ( virtual/pam:= )
python? ( ${PYTHON_DEPS} )
qrcode? ( media-gfx/qrencode:0= )
seccomp? ( >=sys-libs/libseccomp-2.1:0= )
selinux? ( sys-libs/libselinux:0= )
ssl? ( >=net-libs/gnutls-3.1.4:0= )
xattr? ( sys-apps/attr:0= )
abi_x86_32? ( !<=app-emulation/emul-linux-x86-baselibs-20130224-r9
!app-emulation/emul-linux-x86-baselibs[-abi_x86_32(-)] )"
# baselayout-2.2 has /run
RDEPEND="${COMMON_DEPEND}
>=sys-apps/baselayout-2.2
|| (
>=sys-apps/util-linux-2.22
<sys-apps/sysvinit-2.88-r4
)
!sys-auth/nss-myhostname
!<sys-libs/glibc-2.14
!sys-fs/udev"
# sys-apps/daemon: the daemon only (+ build-time lib dep for tests)
PDEPEND=">=sys-apps/dbus-1.6.8-r1:0
>=sys-apps/hwids-20130717-r1[udev]
policykit? ( sys-auth/polkit )"
# Newer linux-headers needed by ia64, bug #480218
DEPEND="${COMMON_DEPEND}
app-arch/xz-utils:0
dev-util/gperf
>=dev-util/intltool-0.50
>=sys-devel/binutils-2.23.1
>=sys-devel/gcc-4.6
>=sys-kernel/linux-headers-${MINKV}
ia64? ( >=sys-kernel/linux-headers-3.9 )
virtual/pkgconfig
doc? ( >=dev-util/gtk-doc-1.18 )
python? ( dev-python/lxml[${PYTHON_USEDEP}] )
test? ( >=sys-apps/dbus-1.6.8-r1:0 )"
if [[ ${PV} == *9999 ]]; then
DEPEND="${DEPEND}
app-text/docbook-xml-dtd:4.2
app-text/docbook-xml-dtd:4.5
app-text/docbook-xsl-stylesheets
dev-libs/libxslt:0
dev-libs/gobject-introspection
>=dev-libs/libgcrypt-1.4.5:0"
SRC_URI=
KEYWORDS=
fi
src_prepare() {
if [[ ${PV} == *9999 ]]; then
if use doc; then
gtkdocize --docdir docs/ || die
else
echo 'EXTRA_DIST =' > docs/gtk-doc.make
fi
fi
# fix networkd crash, https://bugs.gentoo.org/show_bug.cgi?id=507044
epatch "${FILESDIR}"/212-0001-sd-rtnl-fix-off-by-one.patch
# fix stuck jobs after daemon-reload
epatch "${FILESDIR}"/212-0002-job-add-waiting-jobs-to-run-queue-in-unit_coldplug.patch
epatch "${FILESDIR}"/212-0003-job-always-add-waiting-jobs-to-run-queue-during-cold.patch
# fix broken device dependencies after daemon-reload
epatch "${FILESDIR}"/212-0004-core-make-sure-to-serialize-jobs-for-all-units.patch
# stop scaring all our users with warnings about "X-Fleet"
epatch "${FILESDIR}"/212-0005-conf-parser-silently-ignore-sections-starting-with-X.patch
# networkd: netdev - allow setting MACAddress in .netdev files
epatch "${FILESDIR}"/212-0006-networkd-netdev-allow-setting-macaddress-in-netdev-files.patch
# patch to make journald work at first boot
epatch "${FILESDIR}"/211-tmpfiles.patch
# Bug 463376
sed -i -e 's/GROUP="dialout"/GROUP="uucp"/' rules/*.rules || die
autotools-utils_src_prepare
}
pkg_pretend() {
local CONFIG_CHECK="~AUTOFS4_FS ~BLK_DEV_BSG ~CGROUPS ~DEVTMPFS ~DMIID
~EPOLL ~FANOTIFY ~FHANDLE ~INOTIFY_USER ~IPV6 ~NET ~NET_NS ~PROC_FS
~SECCOMP ~SIGNALFD ~SYSFS ~TIMERFD
~!IDE ~!SYSFS_DEPRECATED ~!SYSFS_DEPRECATED_V2
~!GRKERNSEC_PROC"
use acl && CONFIG_CHECK+=" ~TMPFS_POSIX_ACL"
use pam && CONFIG_CHECK+=" ~AUDITSYSCALL"
use xattr && CONFIG_CHECK+=" ~TMPFS_XATTR"
kernel_is -lt 3 7 && CONFIG_CHECK+=" ~HOTPLUG"
use firmware-loader || CONFIG_CHECK+=" ~!FW_LOADER_USER_HELPER"
if linux_config_exists; then
local uevent_helper_path=$(linux_chkconfig_string UEVENT_HELPER_PATH)
if [ -n "${uevent_helper_path}" ] && [ "${uevent_helper_path}" != '""' ]; then
ewarn "It's recommended to set an empty value to the following kernel config option:"
ewarn "CONFIG_UEVENT_HELPER_PATH=${uevent_helper_path}"
fi
fi
if [[ ${MERGE_TYPE} != binary ]]; then
if [[ $(gcc-major-version) -lt 4
|| ( $(gcc-major-version) -eq 4 && $(gcc-minor-version) -lt 6 ) ]]
then
eerror "systemd requires at least gcc 4.6 to build. Please switch the active"
eerror "gcc version using gcc-config."
die "systemd requires at least gcc 4.6"
fi
fi
if [[ ${MERGE_TYPE} != buildonly ]]; then
if kernel_is -lt ${MINKV//./ }; then
ewarn "Kernel version at least ${MINKV} required"
fi
if ! use firmware-loader && kernel_is -lt 3 8; then
ewarn "You seem to be using kernel older than 3.8. Those kernel versions"
ewarn "require systemd with USE=firmware-loader to support loading"
ewarn "firmware. Missing this flag may cause some hardware not to work."
fi
check_extra_config
fi
}
pkg_setup() {
use python && python-single-r1_pkg_setup
}
multilib_src_configure() {
local myeconfargs=(
# disable -flto since it is an optimization flag
# and makes distcc less effective
cc_cv_CFLAGS__flto=no
--with-pamconfdir=/usr/share/pam.d
--with-dbuspolicydir=/usr/share/dbus-1/system.d
--disable-maintainer-mode
--localstatedir=/var
--with-pamlibdir=$(getpam_mod_dir)
# avoid bash-completion dep
--with-bashcompletiondir="$(get_bashcompdir)"
# make sure we get /bin:/sbin in $PATH
--enable-split-usr
# disable sysv compatibility
--with-sysvinit-path=
--with-sysvrcnd-path=
# no deps
--enable-efi
--enable-ima
# optional components/dependencies
$(use_enable acl)
$(use_enable audit)
$(use_enable cryptsetup libcryptsetup)
$(use_enable doc gtk-doc)
$(use_enable gcrypt)
$(use_enable gudev)
$(use_enable http microhttpd)
$(use_enable introspection)
$(use_enable kdbus)
$(use_enable kmod)
$(use_enable lzma xz)
$(use_enable pam)
$(use_enable policykit polkit)
$(use_with python)
$(use_enable python python-devel)
$(use_enable qrcode qrencode)
$(use_enable seccomp)
$(use_enable selinux)
$(use_enable ssl gnutls)
$(use_enable test tests)
$(use_enable xattr)
# not supported (avoid automagic deps in the future)
--disable-chkconfig
# hardcode a few paths to spare some deps
QUOTAON=/usr/sbin/quotaon
QUOTACHECK=/usr/sbin/quotacheck
)
# Keep using the one where the rules were installed.
MY_UDEVDIR=$(get_udevdir)
if use firmware-loader; then
myeconfargs+=(
--with-firmware-path="/lib/firmware/updates:/lib/firmware"
)
fi
# Added for testing; this is UNSUPPORTED by the Gentoo systemd team!
if [[ -n ${ROOTPREFIX+set} ]]; then
myeconfargs+=(
--with-rootprefix="${ROOTPREFIX}"
--with-rootlibdir="${ROOTPREFIX}/$(get_libdir)"
)
fi
if ! multilib_is_native_abi; then
myeconfargs+=(
ac_cv_search_cap_init=
ac_cv_header_sys_capability_h=yes
DBUS_CFLAGS=' '
DBUS_LIBS=' '
--disable-acl
--disable-audit
--disable-gcrypt
--disable-gnutls
--disable-gtk-doc
--disable-introspection
--disable-kmod
--disable-libcryptsetup
--disable-microhttpd
--disable-networkd
--disable-pam
--disable-polkit
--disable-qrencode
--disable-seccomp
--disable-selinux
--disable-tests
--disable-xattr
--disable-xz
--disable-python-devel
)
fi
# Work around bug 463846.
tc-export CC
autotools-utils_src_configure
}
multilib_src_compile() {
local mymakeopts=(
udevlibexecdir="${MY_UDEVDIR}"
)
if multilib_is_native_abi; then
emake "${mymakeopts[@]}"
else
# prerequisites for gudev
use gudev && emake src/gudev/gudev{enumtypes,marshal}.{c,h}
echo 'gentoo: $(BUILT_SOURCES)' | \
emake "${mymakeopts[@]}" -f Makefile -f - gentoo
echo 'gentoo: $(lib_LTLIBRARIES) $(pkgconfiglib_DATA)' | \
emake "${mymakeopts[@]}" -f Makefile -f - gentoo
fi
}
multilib_src_test() {
multilib_is_native_abi || continue
default
}
multilib_src_install() {
local mymakeopts=(
# automake fails with parallel libtool relinking
# https://bugs.gentoo.org/show_bug.cgi?id=491398
-j1
udevlibexecdir="${MY_UDEVDIR}"
dist_udevhwdb_DATA=
DESTDIR="${D}"
)
if multilib_is_native_abi; then
emake "${mymakeopts[@]}" install
else
mymakeopts+=(
install-libLTLIBRARIES
install-pkgconfiglibDATA
install-includeHEADERS
# safe to call unconditionally, 'installs' empty list
install-libgudev_includeHEADERS
install-pkgincludeHEADERS
)
emake "${mymakeopts[@]}"
fi
# install compat pkg-config files
local pcfiles=( src/compat-libs/libsystemd-{daemon,id128,journal,login}.pc )
emake "${mymakeopts[@]}" install-pkgconfiglibDATA \
pkgconfiglib_DATA="${pcfiles[*]}"
}
multilib_src_install_all() {
prune_libtool_files --modules
einstalldocs
# we just keep sysvinit tools, so no need for the mans
rm "${D}"/usr/share/man/man8/{halt,poweroff,reboot,runlevel,shutdown,telinit}.8 \
|| die
rm "${D}"/usr/share/man/man1/init.1 || die
# Disable storing coredumps in journald, bug #433457
mv "${D}"/usr/lib/sysctl.d/50-coredump.conf{,.disabled} || die
systemd_dotmpfilesd "${FILESDIR}"/systemd-coreos.conf
systemd_newtmpfilesd "${FILESDIR}"/213-systemd-resolv.conf systemd-resolv.conf
# Don't default to graphical.target
rm "${D}"/usr/lib/systemd/system/default.target || die
dosym multi-user.target /usr/lib/systemd/system/default.target
# Move a few services enabled in /etc to /usr
rm "${D}"/etc/systemd/system/getty.target.wants/getty@tty1.service || die
rmdir "${D}"/etc/systemd/system/getty.target.wants || die
dosym ../getty@.service /usr/lib/systemd/system/getty.target.wants/getty@tty1.service
rm "${D}"/etc/systemd/system/multi-user.target.wants/remote-fs.target \
"${D}"/etc/systemd/system/multi-user.target.wants/systemd-networkd.service \
|| die
rmdir "${D}"/etc/systemd/system/multi-user.target.wants || die
systemd_enable_service multi-user.target remote-fs.target
systemd_enable_service multi-user.target systemd-networkd.service
}
migrate_locale() {
local envd_locale_def="${EROOT%/}/etc/env.d/02locale"
local envd_locale=( "${EROOT%/}"/etc/env.d/??locale )
local locale_conf="${EROOT%/}/etc/locale.conf"
if [[ ! -L ${locale_conf} && ! -e ${locale_conf} ]]; then
# If locale.conf does not exist...
if [[ -e ${envd_locale} ]]; then
# ...either copy env.d/??locale if there's one
ebegin "Moving ${envd_locale} to ${locale_conf}"
mv "${envd_locale}" "${locale_conf}"
eend ${?} || FAIL=1
else
# ...or create a dummy default
ebegin "Creating ${locale_conf}"
cat > "${locale_conf}" <<-EOF
# This file has been created by the sys-apps/systemd ebuild.
# See locale.conf(5) and localectl(1).
# LANG=${LANG}
EOF
eend ${?} || FAIL=1
fi
fi
if [[ ! -L ${envd_locale} ]]; then
# now, if env.d/??locale is not a symlink (to locale.conf)...
if [[ -e ${envd_locale} ]]; then
# ...warn the user that he has duplicate locale settings
ewarn
ewarn "To ensure consistent behavior, you should replace ${envd_locale}"
ewarn "with a symlink to ${locale_conf}. Please migrate your settings"
ewarn "and create the symlink with the following command:"
ewarn "ln -s -n -f ../locale.conf ${envd_locale}"
ewarn
else
# ...or just create the symlink if there's nothing here
ebegin "Creating ${envd_locale_def} -> ../locale.conf symlink"
ln -n -s ../locale.conf "${envd_locale_def}"
eend ${?} || FAIL=1
fi
fi
}
migrate_net_name_slot() {
# If user has disabled 80-net-name-slot.rules using a empty file or a symlink to /dev/null,
# do the same for 80-net-setup-link.rules to keep the old behavior
local net_move=no
local net_name_slot_sym=no
local net_rules_path="${EROOT%/}"/etc/udev/rules.d
local net_name_slot="${net_rules_path}"/80-net-name-slot.rules
local net_setup_link="${net_rules_path}"/80-net-setup-link.rules
if [[ -e ${net_setup_link} ]]; then
net_move=no
elif [[ -f ${net_name_slot} && $(sed -e "/^#/d" -e "/^\W*$/d" ${net_name_slot} | wc -l) == 0 ]]; then
net_move=yes
elif [[ -L ${net_name_slot} && $(readlink ${net_name_slot}) == /dev/null ]]; then
net_move=yes
net_name_slot_sym=yes
fi
if [[ ${net_move} == yes ]]; then
ebegin "Copying ${net_name_slot} to ${net_setup_link}"
if [[ ${net_name_slot_sym} == yes ]]; then
ln -nfs /dev/null "${net_setup_link}"
else
cp "${net_name_slot}" "${net_setup_link}"
fi
eend $? || FAIL=1
fi
}
pkg_postinst() {
enewgroup systemd-journal
if use http; then
enewgroup systemd-journal-gateway
enewuser systemd-journal-gateway -1 -1 -1 systemd-journal-gateway
fi
systemd_update_catalog
# Keep this here in case the database format changes so it gets updated
# when required. Despite that this file is owned by sys-apps/hwids.
if has_version "sys-apps/hwids[udev]"; then
udevadm hwdb --update --root="${ROOT%/}"
fi
udev_reload || FAIL=1
# Bug 468876
fcaps cap_dac_override,cap_sys_ptrace=ep usr/bin/systemd-detect-virt
# Bug 465468, make sure locales are respect, and ensure consistency
# between OpenRC & systemd
migrate_locale
# Migrate 80-net-name-slot.rules -> 80-net-setup-link.rules
migrate_net_name_slot
if [[ ${FAIL} ]]; then
eerror "One of the postinst commands failed. Please check the postinst output"
eerror "for errors. You may need to clean up your system and/or try installing"
eerror "systemd again."
eerror
fi
if [[ ! -L "${ROOT}"/etc/mtab ]]; then
ewarn "Upstream mandates the /etc/mtab file should be a symlink to /proc/mounts."
ewarn "Not having it is not supported by upstream and will cause tools like 'df'"
ewarn "and 'mount' to not work properly. Please run:"
ewarn " # ln -sf '${ROOT}proc/self/mounts' '${ROOT}etc/mtab'"
ewarn
fi
if ! has_version sys-apps/systemd-ui; then
elog "To get additional features, a number of optional runtime dependencies may"
elog "be installed:"
elog "- sys-apps/systemd-ui: for GTK+ systemadm UI and gnome-ask-password-agent"
fi
}
pkg_prerm() {
# If removing systemd completely, remove the catalog database.
if [[ ! ${REPLACED_BY_VERSION} ]]; then
rm -f -v "${EROOT}"/var/lib/systemd/catalog/database
fi
}

7
sdk_container/src/third_party/coreos-overlay/sys-apps/systemd/systemd-215-r8.ebuild → sdk_container/src/third_party/coreos-overlay/sys-apps/systemd/systemd-215-r10.ebuild vendored
View File

@ -35,7 +35,7 @@ SLOT="0/2"
KEYWORDS="~alpha amd64 ~arm ~ia64 ~ppc ~ppc64 ~sparc ~x86"
IUSE="acl audit cryptsetup doc +firmware-loader gcrypt gudev http introspection
kdbus +kmod lzma pam policykit python qrcode +seccomp selinux ssl
test"
nls test"
MINKV="3.10"
@ -214,6 +214,7 @@ multilib_src_configure() {
$(use_enable kdbus)
$(use_enable kmod)
$(use_enable lzma xz)
$(use_enable nls)
$(use_enable pam)
$(use_enable policykit polkit)
$(use_with python)
@ -382,6 +383,10 @@ multilib_src_install_all() {
systemd_enable_service multi-user.target systemd-networkd.service
systemd_enable_service multi-user.target systemd-resolved.service
systemd_enable_service network-online.target systemd-networkd-wait-online.service
# Grant networkd access to set the transient host name
insinto /usr/share/polkit-1/rules.d
doins "${FILESDIR}"/99-org.freedesktop.hostname1.rules
}
migrate_locale() {

3
sdk_container/src/third_party/coreos-overlay/sys-apps/systemd/systemd-9999.ebuild vendored
View File

@ -35,7 +35,7 @@ SLOT="0/2"
KEYWORDS="~alpha ~amd64 ~arm ~ia64 ~ppc ~ppc64 ~sparc ~x86"
IUSE="acl audit cryptsetup doc +firmware-loader gcrypt gudev http introspection
kdbus +kmod lzma pam policykit python qrcode +seccomp selinux ssl
test"
nls test"
MINKV="3.10"
@ -209,6 +209,7 @@ multilib_src_configure() {
$(use_enable kdbus)
$(use_enable kmod)
$(use_enable lzma xz)
$(use_enable nls)
$(use_enable pam)
$(use_enable policykit polkit)
$(use_with python)

1
sdk_container/src/third_party/coreos-overlay/sys-auth/polkit/Manifest vendored Normal file
View File

@ -0,0 +1 @@
DIST polkit-0.112.tar.gz 1429240 SHA256 d695f43cba4748a822fbe864dd32c4887c5da1c71694a47693ace5e88fcf6af6 SHA512 e4ad1bd287b38e5650cb94b1897a959b2ceaa6c19b4478ba872eacb13b58758fd42f6ab1718976162d823d850cd5c99b3ccadf1b57d75dea7790101422029d5f WHIRLPOOL af5dd0a17b7356302b0319e80565d6ac916128dfc85b6e2711147f3de86651f11fe8d08f3d6067d7abd24e263be92403f9d8f46935ba93db571e386a603a038a

3
sdk_container/src/third_party/coreos-overlay/sys-auth/polkit/files/polkit.conf vendored Normal file
View File

@ -0,0 +1,3 @@
d /etc/polkit-1 - - - - -
d /etc/polkit-1/rules.d 0700 polkitd root - -
d /var/lib/polkit-1 0700 polkitd polkitd - -

131
sdk_container/src/third_party/coreos-overlay/sys-auth/polkit/polkit-0.112-r3.ebuild vendored Normal file
View File

@ -0,0 +1,131 @@
# Copyright 1999-2014 Gentoo Foundation
# Distributed under the terms of the GNU General Public License v2
# $Header: /var/cvsroot/gentoo-x86/sys-auth/polkit/polkit-0.112-r2.ebuild,v 1.2 2014/04/06 15:39:36 pacho Exp $
EAPI=5
inherit eutils multilib pam pax-utils systemd toolchain-funcs user
DESCRIPTION="Policy framework for controlling privileges for system-wide services"
HOMEPAGE="http://www.freedesktop.org/wiki/Software/polkit"
SRC_URI="http://www.freedesktop.org/software/${PN}/releases/${P}.tar.gz"
LICENSE="LGPL-2"
SLOT="0"
KEYWORDS="~alpha amd64 ~arm ~ia64 ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86"
IUSE="examples gtk +introspection jit kde nls pam selinux systemd"
RDEPEND="ia64? ( =dev-lang/spidermonkey-1.8.5*[-debug] )
mips? ( =dev-lang/spidermonkey-1.8.5*[-debug] )
!ia64? ( !mips? ( dev-lang/spidermonkey:17[-debug,jit=] ) )
>=dev-libs/glib-2.32
>=dev-libs/expat-2:=
introspection? ( >=dev-libs/gobject-introspection-1 )
pam? (
sys-auth/pambase
virtual/pam
)
selinux? ( sec-policy/selinux-policykit )
systemd? ( sys-apps/systemd:0= )"
DEPEND="${RDEPEND}
app-text/docbook-xml-dtd:4.1.2
app-text/docbook-xsl-stylesheets
dev-libs/libxslt
dev-util/intltool
virtual/pkgconfig"
PDEPEND="
gtk? ( || (
>=gnome-extra/polkit-gnome-0.105
lxde-base/lxpolkit
) )
kde? ( sys-auth/polkit-kde-agent )
!systemd? ( sys-auth/consolekit[policykit] )"
QA_MULTILIB_PATHS="
usr/lib/polkit-1/polkit-agent-helper-1
usr/lib/polkit-1/polkitd"
pkg_setup() {
local u=polkitd
local g=polkitd
local h=/var/lib/polkit-1
enewgroup ${g}
enewuser ${u} -1 -1 ${h} ${g}
esethome ${u} ${h}
}
src_prepare() {
sed -i -e 's|unix-group:wheel|unix-user:0|' src/polkitbackend/*-default.rules || die #401513
}
src_configure() {
local mozjs
if use ia64 || use mips; then
mozjs=mozjs185
else
mozjs=mozjs-17.0
fi
# pkg-config doesn't properly apply SYSROOT to -include
local sysroot="${PKG_CONFIG_SYSROOT_DIR:-${SYSROOT:-/}}"
if [[ "${sysroot}" != / ]]; then
local pkgconf=$(tc-getPKG_CONFIG)
LIBJS_CFLAGS=$($pkgconf --cflags "${mozjs}") || die
LIBJS_LIBS=$($pkgconf --libs "${mozjs}") || die
LIBJS_CFLAGS=$(echo "${LIBJS_CFLAGS}" | \
sed -e "s%-include /usr/%-include ${sysroot}/usr/%") || die
export LIBJS_CFLAGS LIBJS_LIBS
fi
econf \
--localstatedir="${EPREFIX}"/var \
--disable-static \
--enable-man-pages \
--disable-gtk-doc \
$(use_enable systemd libsystemd-login) \
$(use_enable introspection) \
--disable-examples \
$(use_enable nls) \
--with-mozjs="${mozjs}" \
"$(systemd_with_unitdir)" \
--with-authfw=$(usex pam pam shadow) \
$(use pam && echo --with-pam-module-dir="$(getpam_mod_dir)") \
--with-os-type=gentoo
}
src_compile() {
default
# Required for polkitd on hardened/PaX due to spidermonkey's JIT
local f='src/polkitbackend/.libs/polkitd test/polkitbackend/.libs/polkitbackendjsauthoritytest'
local m=''
# Only used when USE="jit" is enabled for 'dev-lang/spidermonkey:17' wrt #485910
has_version 'dev-lang/spidermonkey:17[jit]' && m='m'
# ia64 and mips uses spidermonkey-1.8.5 which requires different pax-mark flags
use ia64 && m='mr'
use mips && m='mr'
pax-mark ${m} ${f}
}
src_install() {
emake DESTDIR="${D}" install
dodoc docs/TODO HACKING NEWS README
# relocate default configs from /etc to /usr
dodir /usr/share/dbus-1/system.d
mv "${D}"/{etc,usr/share}/dbus-1/system.d/org.freedesktop.PolicyKit1.conf || die
mv "${D}"/{etc,usr/share}/polkit-1/rules.d/50-default.rules || die
rmdir "${D}"/etc/dbus-1/system.d "${D}"/etc/dbus-1 || die
systemd_dotmpfilesd "${FILESDIR}/polkit.conf"
diropts -m0700 -o polkitd -g polkitd
dodir /var/lib/polkit-1
if use examples; then
insinto /usr/share/doc/${PF}/examples
doins src/examples/{*.c,*.policy*}
fi
prune_libtool_files
}