From 24a422b8aaa4abeab2da6620cf67ef573ac0f13e Mon Sep 17 00:00:00 2001 From: Krzesimir Nowak Date: Fri, 24 Oct 2025 11:45:03 +0200 Subject: [PATCH] overlay coreos/user-patches: Regenerate patches for sys-apps/systemd Signed-off-by: Krzesimir Nowak --- .../0001-wait-online-set-any-by-default.patch | 4 +-- ...ate-don-t-require-strictly-newer-usr.patch | 4 +-- ...003-core-use-max-for-DefaultTasksMax.patch | 4 +-- ...d-Disable-SELinux-permissions-checks.patch | 4 +-- ...-Pass-tty-to-use-by-agetty-via-stdin.patch | 4 +-- ...s-Keep-using-old-journal-file-format.patch | 4 +-- ...itrd-parse-etc-override-argv-0-to-av.patch | 29 ------------------- ...S-issues-with-default-k8s-configura.patch} | 4 +-- ...ulti-user.target-the-default-target.patch} | 6 ++-- .../user-patches/sys-apps/systemd/README.md | 7 ++--- 10 files changed, 19 insertions(+), 51 deletions(-) delete mode 100644 sdk_container/src/third_party/coreos-overlay/coreos/user-patches/sys-apps/systemd/0007-Revert-Revert-initrd-parse-etc-override-argv-0-to-av.patch rename sdk_container/src/third_party/coreos-overlay/coreos/user-patches/sys-apps/systemd/{0008-tmpfiles.d-Fix-DNS-issues-with-default-k8s-configura.patch => 0007-tmpfiles.d-Fix-DNS-issues-with-default-k8s-configura.patch} (91%) rename sdk_container/src/third_party/coreos-overlay/coreos/user-patches/sys-apps/systemd/{0009-units-Make-multi-user.target-the-default-target.patch => 0008-units-Make-multi-user.target-the-default-target.patch} (87%) diff --git a/sdk_container/src/third_party/coreos-overlay/coreos/user-patches/sys-apps/systemd/0001-wait-online-set-any-by-default.patch b/sdk_container/src/third_party/coreos-overlay/coreos/user-patches/sys-apps/systemd/0001-wait-online-set-any-by-default.patch index 7ebfbe6b1f..1ba8f64500 100644 --- a/sdk_container/src/third_party/coreos-overlay/coreos/user-patches/sys-apps/systemd/0001-wait-online-set-any-by-default.patch +++ b/sdk_container/src/third_party/coreos-overlay/coreos/user-patches/sys-apps/systemd/0001-wait-online-set-any-by-default.patch @@ -1,7 +1,7 @@ -From e228bd8a939e77f4ebc37aa029f8a89e8b9d4807 Mon Sep 17 00:00:00 2001 +From 83043596b6cc74b6f049999fa660afd983dc493a Mon Sep 17 00:00:00 2001 From: David Michael Date: Tue, 16 Apr 2019 02:44:51 +0000 -Subject: [PATCH 1/9] wait-online: set --any by default +Subject: [PATCH 1/8] wait-online: set --any by default The systemd-networkd-wait-online command would normally continue waiting after a network interface is usable if other interfaces are diff --git a/sdk_container/src/third_party/coreos-overlay/coreos/user-patches/sys-apps/systemd/0002-needs-update-don-t-require-strictly-newer-usr.patch b/sdk_container/src/third_party/coreos-overlay/coreos/user-patches/sys-apps/systemd/0002-needs-update-don-t-require-strictly-newer-usr.patch index 3684985fe8..ad1045e8b1 100644 --- a/sdk_container/src/third_party/coreos-overlay/coreos/user-patches/sys-apps/systemd/0002-needs-update-don-t-require-strictly-newer-usr.patch +++ b/sdk_container/src/third_party/coreos-overlay/coreos/user-patches/sys-apps/systemd/0002-needs-update-don-t-require-strictly-newer-usr.patch @@ -1,7 +1,7 @@ -From b8139561768e6745405461e1a765b262ece8f959 Mon Sep 17 00:00:00 2001 +From 3d6bfde35c8ce5c21ca55104852a319246a92bb8 Mon Sep 17 00:00:00 2001 From: Alex Crawford Date: Wed, 2 Mar 2016 10:46:33 -0800 -Subject: [PATCH 2/9] needs-update: don't require strictly newer usr +Subject: [PATCH 2/8] needs-update: don't require strictly newer usr Updates should be triggered whenever usr changes, not only when it is newer. --- diff --git a/sdk_container/src/third_party/coreos-overlay/coreos/user-patches/sys-apps/systemd/0003-core-use-max-for-DefaultTasksMax.patch b/sdk_container/src/third_party/coreos-overlay/coreos/user-patches/sys-apps/systemd/0003-core-use-max-for-DefaultTasksMax.patch index fc40376e7a..c5c316fe6a 100644 --- a/sdk_container/src/third_party/coreos-overlay/coreos/user-patches/sys-apps/systemd/0003-core-use-max-for-DefaultTasksMax.patch +++ b/sdk_container/src/third_party/coreos-overlay/coreos/user-patches/sys-apps/systemd/0003-core-use-max-for-DefaultTasksMax.patch @@ -1,7 +1,7 @@ -From f5635c6b5153d894cf1bf6dca92219150d4252d5 Mon Sep 17 00:00:00 2001 +From 6f691278df570cc87cb863a98fe320a1997c6dad Mon Sep 17 00:00:00 2001 From: Adrian Vladu Date: Fri, 16 Feb 2024 11:22:08 +0000 -Subject: [PATCH 3/9] core: use max for DefaultTasksMax +Subject: [PATCH 3/8] core: use max for DefaultTasksMax Since systemd v228, systemd has a DefaultTasksMax which defaulted to 512, later 15% of the system's maximum number of PIDs. This diff --git a/sdk_container/src/third_party/coreos-overlay/coreos/user-patches/sys-apps/systemd/0004-systemd-Disable-SELinux-permissions-checks.patch b/sdk_container/src/third_party/coreos-overlay/coreos/user-patches/sys-apps/systemd/0004-systemd-Disable-SELinux-permissions-checks.patch index a66305caa6..6949d9fc5e 100644 --- a/sdk_container/src/third_party/coreos-overlay/coreos/user-patches/sys-apps/systemd/0004-systemd-Disable-SELinux-permissions-checks.patch +++ b/sdk_container/src/third_party/coreos-overlay/coreos/user-patches/sys-apps/systemd/0004-systemd-Disable-SELinux-permissions-checks.patch @@ -1,7 +1,7 @@ -From f55e6415307ce77b3376a2bf9cc96b924c6ec52e Mon Sep 17 00:00:00 2001 +From 78b2d8b1a6df073003d64cffa532c3a320e96ad4 Mon Sep 17 00:00:00 2001 From: Matthew Garrett Date: Tue, 20 Dec 2016 16:43:22 +0000 -Subject: [PATCH 4/9] systemd: Disable SELinux permissions checks +Subject: [PATCH 4/8] systemd: Disable SELinux permissions checks We don't care about the interaction between systemd and SELinux policy, so let's just disable these checks rather than having to incorporate policy diff --git a/sdk_container/src/third_party/coreos-overlay/coreos/user-patches/sys-apps/systemd/0005-Revert-getty-Pass-tty-to-use-by-agetty-via-stdin.patch b/sdk_container/src/third_party/coreos-overlay/coreos/user-patches/sys-apps/systemd/0005-Revert-getty-Pass-tty-to-use-by-agetty-via-stdin.patch index eeb66a75ff..d380b96a9c 100644 --- a/sdk_container/src/third_party/coreos-overlay/coreos/user-patches/sys-apps/systemd/0005-Revert-getty-Pass-tty-to-use-by-agetty-via-stdin.patch +++ b/sdk_container/src/third_party/coreos-overlay/coreos/user-patches/sys-apps/systemd/0005-Revert-getty-Pass-tty-to-use-by-agetty-via-stdin.patch @@ -1,7 +1,7 @@ -From cf500f14557926259b58ee641fffb38b707494d6 Mon Sep 17 00:00:00 2001 +From 8064e1544a2b89f8389c0469ed4879a287a045a7 Mon Sep 17 00:00:00 2001 From: Sayan Chowdhury Date: Fri, 16 Dec 2022 16:28:26 +0530 -Subject: [PATCH 5/9] Revert "getty: Pass tty to use by agetty via stdin" +Subject: [PATCH 5/8] Revert "getty: Pass tty to use by agetty via stdin" This reverts commit b4bf9007cbee7dc0b1356897344ae2a7890df84c. diff --git a/sdk_container/src/third_party/coreos-overlay/coreos/user-patches/sys-apps/systemd/0006-units-Keep-using-old-journal-file-format.patch b/sdk_container/src/third_party/coreos-overlay/coreos/user-patches/sys-apps/systemd/0006-units-Keep-using-old-journal-file-format.patch index 8e76b1b1b1..9a3456cc51 100644 --- a/sdk_container/src/third_party/coreos-overlay/coreos/user-patches/sys-apps/systemd/0006-units-Keep-using-old-journal-file-format.patch +++ b/sdk_container/src/third_party/coreos-overlay/coreos/user-patches/sys-apps/systemd/0006-units-Keep-using-old-journal-file-format.patch @@ -1,7 +1,7 @@ -From 1bf0301376df8e82593efccb80cd4e43638666c0 Mon Sep 17 00:00:00 2001 +From c2924cc57c9e4aa836021ec2567c0fdbebecf944 Mon Sep 17 00:00:00 2001 From: Adrian Vladu Date: Fri, 16 Feb 2024 11:29:04 +0000 -Subject: [PATCH 6/9] units: Keep using old journal file format +Subject: [PATCH 6/8] units: Keep using old journal file format Systemd 252 made an incompatible change in journal file format. Temporarily force journald to use the old journal format to give logging containers more diff --git a/sdk_container/src/third_party/coreos-overlay/coreos/user-patches/sys-apps/systemd/0007-Revert-Revert-initrd-parse-etc-override-argv-0-to-av.patch b/sdk_container/src/third_party/coreos-overlay/coreos/user-patches/sys-apps/systemd/0007-Revert-Revert-initrd-parse-etc-override-argv-0-to-av.patch deleted file mode 100644 index e399b5401c..0000000000 --- a/sdk_container/src/third_party/coreos-overlay/coreos/user-patches/sys-apps/systemd/0007-Revert-Revert-initrd-parse-etc-override-argv-0-to-av.patch +++ /dev/null @@ -1,29 +0,0 @@ -From 93775241c5f873a5862c2e7b06532bd3969341a0 Mon Sep 17 00:00:00 2001 -From: Adrian Vladu -Date: Wed, 25 Sep 2024 15:51:02 +0000 -Subject: [PATCH 7/9] Revert "Revert "initrd-parse-etc: override argv[0] to - avoid dracut issue"" - -This reverts commit 1c585a4ccda3258088d7bc27b27a314e7ed8be80. ---- - units/initrd-parse-etc.service.in | 4 +++- - 1 file changed, 3 insertions(+), 1 deletion(-) - -diff --git a/units/initrd-parse-etc.service.in b/units/initrd-parse-etc.service.in -index 1eef2bd9be..3dadab1123 100644 ---- a/units/initrd-parse-etc.service.in -+++ b/units/initrd-parse-etc.service.in -@@ -23,7 +23,9 @@ OnFailureJobMode=replace-irreversibly - [Service] - Type=oneshot - --ExecStart={{LIBEXECDIR}}/systemd-sysroot-fstab-check -+# FIXME: once dracut is patched to install the symlink, change to: -+# ExecStart={{LIBEXECDIR}}/systemd-sysroot-fstab-check -+ExecStart=@{{SYSTEM_GENERATOR_DIR}}/systemd-fstab-generator systemd-sysroot-fstab-check - - # We want to enqueue initrd-cleanup.service/start after we finished the part - # above. It can't be part of the initial transaction, because non-oneshot units --- -2.51.0 - diff --git a/sdk_container/src/third_party/coreos-overlay/coreos/user-patches/sys-apps/systemd/0008-tmpfiles.d-Fix-DNS-issues-with-default-k8s-configura.patch b/sdk_container/src/third_party/coreos-overlay/coreos/user-patches/sys-apps/systemd/0007-tmpfiles.d-Fix-DNS-issues-with-default-k8s-configura.patch similarity index 91% rename from sdk_container/src/third_party/coreos-overlay/coreos/user-patches/sys-apps/systemd/0008-tmpfiles.d-Fix-DNS-issues-with-default-k8s-configura.patch rename to sdk_container/src/third_party/coreos-overlay/coreos/user-patches/sys-apps/systemd/0007-tmpfiles.d-Fix-DNS-issues-with-default-k8s-configura.patch index 66ec8d3311..ec1ef72025 100644 --- a/sdk_container/src/third_party/coreos-overlay/coreos/user-patches/sys-apps/systemd/0008-tmpfiles.d-Fix-DNS-issues-with-default-k8s-configura.patch +++ b/sdk_container/src/third_party/coreos-overlay/coreos/user-patches/sys-apps/systemd/0007-tmpfiles.d-Fix-DNS-issues-with-default-k8s-configura.patch @@ -1,7 +1,7 @@ -From 3938b8d561e747ef1dea83afc9f254d594291dc1 Mon Sep 17 00:00:00 2001 +From 7ee314dc08ea65e6951c7007a5f872fd32f0399a Mon Sep 17 00:00:00 2001 From: Krzesimir Nowak Date: Wed, 22 Oct 2025 10:39:42 +0200 -Subject: [PATCH 8/9] tmpfiles.d: Fix DNS issues with default k8s configuration +Subject: [PATCH 7/8] tmpfiles.d: Fix DNS issues with default k8s configuration The Kubelet takes /etc/resolv.conf for, e.g., CoreDNS which has dnsPolicy "default", but unless the kubelet `--resolv-conf` flag is set to point to diff --git a/sdk_container/src/third_party/coreos-overlay/coreos/user-patches/sys-apps/systemd/0009-units-Make-multi-user.target-the-default-target.patch b/sdk_container/src/third_party/coreos-overlay/coreos/user-patches/sys-apps/systemd/0008-units-Make-multi-user.target-the-default-target.patch similarity index 87% rename from sdk_container/src/third_party/coreos-overlay/coreos/user-patches/sys-apps/systemd/0009-units-Make-multi-user.target-the-default-target.patch rename to sdk_container/src/third_party/coreos-overlay/coreos/user-patches/sys-apps/systemd/0008-units-Make-multi-user.target-the-default-target.patch index 93a640f414..de0aa6eb46 100644 --- a/sdk_container/src/third_party/coreos-overlay/coreos/user-patches/sys-apps/systemd/0009-units-Make-multi-user.target-the-default-target.patch +++ b/sdk_container/src/third_party/coreos-overlay/coreos/user-patches/sys-apps/systemd/0008-units-Make-multi-user.target-the-default-target.patch @@ -1,7 +1,7 @@ -From 946db05da46d3c453b129c6413d1fd0b3794d038 Mon Sep 17 00:00:00 2001 +From f0ab1c6c59056afe1650f749d1af6ecc6ee8f5ec Mon Sep 17 00:00:00 2001 From: Krzesimir Nowak Date: Fri, 24 Oct 2025 11:06:57 +0200 -Subject: [PATCH 9/9] units: Make multi-user.target the default target +Subject: [PATCH 8/8] units: Make multi-user.target the default target Signed-off-by: Krzesimir Nowak --- @@ -9,7 +9,7 @@ Signed-off-by: Krzesimir Nowak 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/units/meson.build b/units/meson.build -index 96f4852741..4b1efbc4b1 100644 +index ef18dcae4a..887231840f 100644 --- a/units/meson.build +++ b/units/meson.build @@ -46,7 +46,7 @@ units = [ diff --git a/sdk_container/src/third_party/coreos-overlay/coreos/user-patches/sys-apps/systemd/README.md b/sdk_container/src/third_party/coreos-overlay/coreos/user-patches/sys-apps/systemd/README.md index c81b881d9f..643b45fdaf 100644 --- a/sdk_container/src/third_party/coreos-overlay/coreos/user-patches/sys-apps/systemd/README.md +++ b/sdk_container/src/third_party/coreos-overlay/coreos/user-patches/sys-apps/systemd/README.md @@ -14,10 +14,7 @@ Most of these patches are not really upstreamable. - this will be dropped when we increase SELinux coverage also to a host system - `0006-units-Keep-using-old-journal-file-format.patch` - backward compat stuff -- `0007-Revert-Revert-initrd-parse-etc-override-argv-0-to-av.patch` - - dracut issue workaround - - should be dropped when we update dracut to a version without the issue -- `0008-tmpfiles.d-Fix-DNS-issues-with-default-k8s-configura.patch` +- `0007-tmpfiles.d-Fix-DNS-issues-with-default-k8s-configura.patch` - workaround for issues with default k8s coredns config -- `0009-units-Make-multi-user.target-the-default-target.patch` +- `0008-units-Make-multi-user.target-the-default-target.patch` - change default.target to a suitable symlink for Flatcar