mirrors/flatcar-scripts
1
0
Fork 0
mirror of https://github.com/flatcar/scripts.git synced 2025-11-07 03:32:12 +01:00
Code Issues Packages Projects Releases Wiki Activity

overlay sys-apps/systemd: Move patches to user-patches

Browse Source 
Add two more patches that replace some modifications we did inside the
ebuild.

Signed-off-by: Krzesimir Nowak <knowak@microsoft.com>
This commit is contained in:
Krzesimir Nowak 2025-10-24 11:17:08 +02:00
parent 2596960fa2
commit 9e772529b4
11 changed files with 101 additions and 33 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
sdk_container/src/third_party/coreos-overlay/sys-apps/systemd/files/0001-wait-online-set-any-by-default.patch → sdk_container/src/third_party/coreos-overlay/coreos/user-patches/sys-apps/systemd/0001-wait-online-set-any-by-default.patch vendored
View File

@ -1,7 +1,7 @@
From e228bd8a939e77f4ebc37aa029f8a89e8b9d4807 Mon Sep 17 00:00:00 2001
From: David Michael <dm0@redhat.com>
Date: Tue, 16 Apr 2019 02:44:51 +0000
Subject: [PATCH 1/7] wait-online: set --any by default
Subject: [PATCH 1/9] wait-online: set --any by default
The systemd-networkd-wait-online command would normally continue
waiting after a network interface is usable if other interfaces are

2
sdk_container/src/third_party/coreos-overlay/sys-apps/systemd/files/0002-needs-update-don-t-require-strictly-newer-usr.patch → sdk_container/src/third_party/coreos-overlay/coreos/user-patches/sys-apps/systemd/0002-needs-update-don-t-require-strictly-newer-usr.patch vendored
View File

@ -1,7 +1,7 @@
From b8139561768e6745405461e1a765b262ece8f959 Mon Sep 17 00:00:00 2001
From: Alex Crawford <alex.crawford@coreos.com>
Date: Wed, 2 Mar 2016 10:46:33 -0800
Subject: [PATCH 2/7] needs-update: don't require strictly newer usr
Subject: [PATCH 2/9] needs-update: don't require strictly newer usr
Updates should be triggered whenever usr changes, not only when it is newer.
---

2
sdk_container/src/third_party/coreos-overlay/sys-apps/systemd/files/0003-core-use-max-for-DefaultTasksMax.patch → sdk_container/src/third_party/coreos-overlay/coreos/user-patches/sys-apps/systemd/0003-core-use-max-for-DefaultTasksMax.patch vendored
View File

@ -1,7 +1,7 @@
From f5635c6b5153d894cf1bf6dca92219150d4252d5 Mon Sep 17 00:00:00 2001
From: Adrian Vladu <avladu@cloudbasesolutions.com>
Date: Fri, 16 Feb 2024 11:22:08 +0000
Subject: [PATCH 3/7] core: use max for DefaultTasksMax
Subject: [PATCH 3/9] core: use max for DefaultTasksMax
Since systemd v228, systemd has a DefaultTasksMax which defaulted
to 512, later 15% of the system's maximum number of PIDs. This

2
sdk_container/src/third_party/coreos-overlay/sys-apps/systemd/files/0004-systemd-Disable-SELinux-permissions-checks.patch → sdk_container/src/third_party/coreos-overlay/coreos/user-patches/sys-apps/systemd/0004-systemd-Disable-SELinux-permissions-checks.patch vendored
View File

@ -1,7 +1,7 @@
From f55e6415307ce77b3376a2bf9cc96b924c6ec52e Mon Sep 17 00:00:00 2001
From: Matthew Garrett <mjg59@coreos.com>
Date: Tue, 20 Dec 2016 16:43:22 +0000
Subject: [PATCH 4/7] systemd: Disable SELinux permissions checks
Subject: [PATCH 4/9] systemd: Disable SELinux permissions checks
We don't care about the interaction between systemd and SELinux policy, so
let's just disable these checks rather than having to incorporate policy

2
sdk_container/src/third_party/coreos-overlay/sys-apps/systemd/files/0005-Revert-getty-Pass-tty-to-use-by-agetty-via-stdin.patch → sdk_container/src/third_party/coreos-overlay/coreos/user-patches/sys-apps/systemd/0005-Revert-getty-Pass-tty-to-use-by-agetty-via-stdin.patch vendored
View File

@ -1,7 +1,7 @@
From cf500f14557926259b58ee641fffb38b707494d6 Mon Sep 17 00:00:00 2001
From: Sayan Chowdhury <schowdhury@microsoft.com>
Date: Fri, 16 Dec 2022 16:28:26 +0530
Subject: [PATCH 5/7] Revert "getty: Pass tty to use by agetty via stdin"
Subject: [PATCH 5/9] Revert "getty: Pass tty to use by agetty via stdin"
This reverts commit b4bf9007cbee7dc0b1356897344ae2a7890df84c.

2
sdk_container/src/third_party/coreos-overlay/sys-apps/systemd/files/0006-units-Keep-using-old-journal-file-format.patch → sdk_container/src/third_party/coreos-overlay/coreos/user-patches/sys-apps/systemd/0006-units-Keep-using-old-journal-file-format.patch vendored
View File

@ -1,7 +1,7 @@
From 1bf0301376df8e82593efccb80cd4e43638666c0 Mon Sep 17 00:00:00 2001
From: Adrian Vladu <avladu@cloudbasesolutions.com>
Date: Fri, 16 Feb 2024 11:29:04 +0000
Subject: [PATCH 6/7] units: Keep using old journal file format
Subject: [PATCH 6/9] units: Keep using old journal file format
Systemd 252 made an incompatible change in journal file format. Temporarily
force journald to use the old journal format to give logging containers more

2
sdk_container/src/third_party/coreos-overlay/sys-apps/systemd/files/0007-Revert-Revert-initrd-parse-etc-override-argv-0-to-av.patch → sdk_container/src/third_party/coreos-overlay/coreos/user-patches/sys-apps/systemd/0007-Revert-Revert-initrd-parse-etc-override-argv-0-to-av.patch vendored
View File

@ -1,7 +1,7 @@
From 93775241c5f873a5862c2e7b06532bd3969341a0 Mon Sep 17 00:00:00 2001
From: Adrian Vladu <avladu@cloudbasesolutions.com>
Date: Wed, 25 Sep 2024 15:51:02 +0000
Subject: [PATCH 7/7] Revert "Revert "initrd-parse-etc: override argv[0] to
Subject: [PATCH 7/9] Revert "Revert "initrd-parse-etc: override argv[0] to
avoid dracut issue""
This reverts commit 1c585a4ccda3258088d7bc27b27a314e7ed8be80.

36
sdk_container/src/third_party/coreos-overlay/coreos/user-patches/sys-apps/systemd/0008-tmpfiles.d-Fix-DNS-issues-with-default-k8s-configura.patch vendored Normal file
View File

@ -0,0 +1,36 @@
From 3938b8d561e747ef1dea83afc9f254d594291dc1 Mon Sep 17 00:00:00 2001
From: Krzesimir Nowak <knowak@microsoft.com>
Date: Wed, 22 Oct 2025 10:39:42 +0200
Subject: [PATCH 8/9] tmpfiles.d: Fix DNS issues with default k8s configuration
The Kubelet takes /etc/resolv.conf for, e.g., CoreDNS which has dnsPolicy
"default", but unless the kubelet `--resolv-conf` flag is set to point to
`/run/systemd/resolve/resolv.conf` this won't work with `/etc/resolv.conf`
pointing to `/run/systemd/resolve/stub-resolv.conf` which configures
`127.0.0.53`. See:
https://kubernetes.io/docs/tasks/administer-cluster/dns-debugging-resolution/#known-issues
This means that users who need split DNS to work should point
`/etc/resolv.conf` back to `/run/systemd/resolve/stub-resolv.conf` (and if
using K8s configure the kubelet `resolvConf` variable/`--resolv-conf` flag to
`/run/systemd/resolve/resolv.conf`).
Signed-off-by: Krzesimir Nowak <knowak@microsoft.com>
---
tmpfiles.d/systemd-resolve.conf | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/tmpfiles.d/systemd-resolve.conf b/tmpfiles.d/systemd-resolve.conf
index be5edc98e0..bea686682a 100644
--- a/tmpfiles.d/systemd-resolve.conf
+++ b/tmpfiles.d/systemd-resolve.conf
@@ -7,4 +7,4 @@
# See tmpfiles.d(5) for details.
-L! /etc/resolv.conf - - - - ../run/systemd/resolve/stub-resolv.conf
+L! /etc/resolv.conf - - - - ../run/systemd/resolve/resolv.conf
--
2.51.0

35
sdk_container/src/third_party/coreos-overlay/coreos/user-patches/sys-apps/systemd/0009-units-Make-multi-user.target-the-default-target.patch vendored Normal file
View File

@ -0,0 +1,35 @@
From 946db05da46d3c453b129c6413d1fd0b3794d038 Mon Sep 17 00:00:00 2001
From: Krzesimir Nowak <knowak@microsoft.com>
Date: Fri, 24 Oct 2025 11:06:57 +0200
Subject: [PATCH 9/9] units: Make multi-user.target the default target
Signed-off-by: Krzesimir Nowak <knowak@microsoft.com>
---
units/meson.build | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/units/meson.build b/units/meson.build
index 96f4852741..4b1efbc4b1 100644
--- a/units/meson.build
+++ b/units/meson.build
@@ -46,7 +46,7 @@ units = [
},
{
'file' : 'graphical.target',
- 'symlinks' : ['default.target'] + (with_runlevels ? ['runlevel5.target'] : []),
+ 'symlinks' : with_runlevels ? ['runlevel5.target'] : [],
},
{ 'file' : 'halt.target' },
{
@@ -140,7 +140,7 @@ units = [
{ 'file' : 'modprobe@.service' },
{
'file' : 'multi-user.target',
- 'symlinks' : with_runlevels ? ['runlevel2.target', 'runlevel3.target', 'runlevel4.target'] : [],
+ 'symlinks' : ['default.target'] + (with_runlevels ? ['runlevel2.target', 'runlevel3.target', 'runlevel4.target'] : []),
},
{ 'file' : 'network-online.target' },
{ 'file' : 'network-pre.target' },
--
2.51.0

23
sdk_container/src/third_party/coreos-overlay/coreos/user-patches/sys-apps/systemd/README.md vendored Normal file
View File

@ -0,0 +1,23 @@
Most of these patches are not really upstreamable.
- `0001-wait-online-set-any-by-default.patch`
- backward compat stuff
- `0002-needs-update-don-t-require-strictly-newer-usr.patch`
- trigger updates only when /usr changes
- `0003-core-use-max-for-DefaultTasksMax.patch`
- increase the too-low limits
- `0004-systemd-Disable-SELinux-permissions-checks.patch`
- disable interactions between systemd and SELinux policies
- this will be dropped when we increase SELinux coverage also to a host system
- `0005-Revert-getty-Pass-tty-to-use-by-agetty-via-stdin.patch`
- SELinux denial workaround
- this will be dropped when we increase SELinux coverage also to a host system
- `0006-units-Keep-using-old-journal-file-format.patch`
- backward compat stuff
- `0007-Revert-Revert-initrd-parse-etc-override-argv-0-to-av.patch`
- dracut issue workaround
- should be dropped when we update dracut to a version without the issue
- `0008-tmpfiles.d-Fix-DNS-issues-with-default-k8s-configura.patch`
- workaround for issues with default k8s coredns config
- `0009-units-Make-multi-user.target-the-default-target.patch`
- change default.target to a suitable symlink for Flatcar

26
sdk_container/src/third_party/coreos-overlay/sys-apps/systemd/systemd-257.7-r1.ebuild vendored
View File

@ -282,14 +282,6 @@ src_unpack() {
src_prepare() {
local PATCHES=(
"${FILESDIR}"/systemd-257-cred-util-tpm2.patch
# Flatcar: Adding our own patches here.
"${FILESDIR}/0001-wait-online-set-any-by-default.patch"
"${FILESDIR}/0002-needs-update-don-t-require-strictly-newer-usr.patch"
"${FILESDIR}/0003-core-use-max-for-DefaultTasksMax.patch"
"${FILESDIR}/0004-systemd-Disable-SELinux-permissions-checks.patch"
"${FILESDIR}/0005-Revert-getty-Pass-tty-to-use-by-agetty-via-stdin.patch"
"${FILESDIR}/0006-units-Keep-using-old-journal-file-format.patch"
"${FILESDIR}/0007-Revert-Revert-initrd-parse-etc-override-argv-0-to-av.patch"
)
if ! use vanilla; then
@ -298,20 +290,6 @@ src_prepare() {
)
fi
# Flatcar: The Kubelet takes /etc/resolv.conf for, e.g.,
# CoreDNS which has dnsPolicy "default", but unless the
# kubelet --resolv-conf flag is set to point to
# /run/systemd/resolve/resolv.conf this won't work with
# /etc/resolv.conf pointing to
# /run/systemd/resolve/stub-resolv.conf which configures
# 127.0.0.53. See
# https://kubernetes.io/docs/tasks/administer-cluster/dns-debugging-resolution/#known-issues
# This means that users who need split DNS to work should
# point /etc/resolv.conf back to
# /run/systemd/resolve/stub-resolv.conf (and if using K8s
# configure the kubelet resolvConf variable/--resolv-conf flag
# to /run/systemd/resolve/resolv.conf).
sed -i -e 's,/run/systemd/resolve/stub-resolv.conf,/run/systemd/resolve/resolv.conf,' tmpfiles.d/systemd-resolve.conf || die
default
}
@ -538,10 +516,6 @@ multilib_src_install_all() {
# baselayout now.
dotmpfiles "${FILESDIR}"/systemd-resolv.conf
# Flatcar: Don't default to graphical.target.
local unitdir=$(builddir_systemd_get_systemunitdir)
dosym multi-user.target "${unitdir}"/default.target
# Flatcar: Don't set any extra environment variables by default.
rm "${ED}/usr/lib/environment.d/99-environment.conf" || die