From 4ac751387581c42d18a00a003508d860109401b3 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Kai=20L=C3=BCke?= Date: Fri, 24 Jul 2020 13:26:40 +0200 Subject: [PATCH 1/2] app-misc/ca-certificates|sys-apps/baselayout: Run flatcar-tmpfiles|clean-ca-certificates only once The flatcar-tmpfiles and clean-ca-certificates services were run many times and finally failed to run because they were spawned too often during the allowed time period. Mark them as active after they ran once. Also ensure that when they run all mounts are ready. Pulls in https://github.com/flatcar-linux/baselayout/pull/4 --- ...icates-3.27.1.ebuild => ca-certificates-3.27.1-r1.ebuild} | 0 .../ca-certificates/files/clean-ca-certificates.service | 5 +++-- .../{baselayout-3.6.6.ebuild => baselayout-3.6.7.ebuild} | 0 .../sys-apps/baselayout/baselayout-9999.ebuild | 2 +- 4 files changed, 4 insertions(+), 3 deletions(-) rename sdk_container/src/third_party/coreos-overlay/app-misc/ca-certificates/{ca-certificates-3.27.1.ebuild => ca-certificates-3.27.1-r1.ebuild} (100%) rename sdk_container/src/third_party/coreos-overlay/sys-apps/baselayout/{baselayout-3.6.6.ebuild => baselayout-3.6.7.ebuild} (100%) diff --git a/sdk_container/src/third_party/coreos-overlay/app-misc/ca-certificates/ca-certificates-3.27.1.ebuild b/sdk_container/src/third_party/coreos-overlay/app-misc/ca-certificates/ca-certificates-3.27.1-r1.ebuild similarity index 100% rename from sdk_container/src/third_party/coreos-overlay/app-misc/ca-certificates/ca-certificates-3.27.1.ebuild rename to sdk_container/src/third_party/coreos-overlay/app-misc/ca-certificates/ca-certificates-3.27.1-r1.ebuild diff --git a/sdk_container/src/third_party/coreos-overlay/app-misc/ca-certificates/files/clean-ca-certificates.service b/sdk_container/src/third_party/coreos-overlay/app-misc/ca-certificates/files/clean-ca-certificates.service index 50a4fd38e9..e7842407e4 100644 --- a/sdk_container/src/third_party/coreos-overlay/app-misc/ca-certificates/files/clean-ca-certificates.service +++ b/sdk_container/src/third_party/coreos-overlay/app-misc/ca-certificates/files/clean-ca-certificates.service @@ -2,11 +2,12 @@ Description=Clean up broken links in /etc/ssl/certs # Since other services depend on the certificate store run this early DefaultDependencies=no -Wants=systemd-tmpfiles-setup.service -After=systemd-tmpfiles-setup.service +Wants=systemd-tmpfiles-setup.service sysroot.mount sysroot-usr.mount +After=systemd-tmpfiles-setup.service sysroot.mount sysroot-usr.mount Before=sysinit.target ConditionPathIsReadWrite=/etc/ssl/certs [Service] Type=oneshot +RemainAfterExit=yes ExecStart=/usr/bin/find -L /etc/ssl/certs -type l -delete diff --git a/sdk_container/src/third_party/coreos-overlay/sys-apps/baselayout/baselayout-3.6.6.ebuild b/sdk_container/src/third_party/coreos-overlay/sys-apps/baselayout/baselayout-3.6.7.ebuild similarity index 100% rename from sdk_container/src/third_party/coreos-overlay/sys-apps/baselayout/baselayout-3.6.6.ebuild rename to sdk_container/src/third_party/coreos-overlay/sys-apps/baselayout/baselayout-3.6.7.ebuild diff --git a/sdk_container/src/third_party/coreos-overlay/sys-apps/baselayout/baselayout-9999.ebuild b/sdk_container/src/third_party/coreos-overlay/sys-apps/baselayout/baselayout-9999.ebuild index 1cffcf0b32..ff82954acc 100644 --- a/sdk_container/src/third_party/coreos-overlay/sys-apps/baselayout/baselayout-9999.ebuild +++ b/sdk_container/src/third_party/coreos-overlay/sys-apps/baselayout/baselayout-9999.ebuild @@ -9,7 +9,7 @@ CROS_WORKON_REPO="git://github.com" if [[ "${PV}" == 9999 ]]; then KEYWORDS="~amd64 ~arm ~arm64 ~x86" else - CROS_WORKON_COMMIT="355e0fa57068ce89a55109ca0e8a1a3f1fa0968e" # flatcar-master + CROS_WORKON_COMMIT="2b8e4de42771033072324713ba8919248585d263" # flatcar-master KEYWORDS="amd64 arm arm64 x86" fi From 7b28342265a86c6785b4d386ebc13b3661e06d7a Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Kai=20L=C3=BCke?= Date: Tue, 28 Jul 2020 18:32:15 +0200 Subject: [PATCH 2/2] sys-fs/lvm2: Run lvm2-activation(-early).service only once Increase the revision and apply a new lvm2-2.02.145-oneshot.patch: The lvm2-activation(-early).service was triggered multiple times which if done too quickly leads to a failure like this: systemd[1]: Finished Activation of LVM2 logical volumes. systemd[1]: lvm2-activation-early.service: Start request repeated too quickly. systemd[1]: lvm2-activation-early.service: Failed with result 'start-limit-hit'. Set RemainAfterExit=yes as done for the other oneshot services to prevent the unit from running multiple times in a row and hitting the restart limit. The patch was sent to upstream lvm-devel@redhat.com --- .../lvm2/files/lvm2-2.02.145-oneshot.patch | 12 + .../sys-fs/lvm2/lvm2-2.02.145-r4.ebuild | 293 ++++++++++++++++++ 2 files changed, 305 insertions(+) create mode 100644 sdk_container/src/third_party/coreos-overlay/sys-fs/lvm2/files/lvm2-2.02.145-oneshot.patch create mode 100644 sdk_container/src/third_party/coreos-overlay/sys-fs/lvm2/lvm2-2.02.145-r4.ebuild diff --git a/sdk_container/src/third_party/coreos-overlay/sys-fs/lvm2/files/lvm2-2.02.145-oneshot.patch b/sdk_container/src/third_party/coreos-overlay/sys-fs/lvm2/files/lvm2-2.02.145-oneshot.patch new file mode 100644 index 0000000000..58e06f07f1 --- /dev/null +++ b/sdk_container/src/third_party/coreos-overlay/sys-fs/lvm2/files/lvm2-2.02.145-oneshot.patch @@ -0,0 +1,12 @@ +diff -ur LVM2.2.02.145/scripts/lvm2_activation_generator_systemd_red_hat.c LVM2.2.02.145-patch/scripts/lvm2_activation_generator_systemd_red_hat.c +--- LVM2.2.02.145/scripts/lvm2_activation_generator_systemd_red_hat.c 2016-03-04 19:03:29.000000000 +0100 ++++ LVM2.2.02.145-patch/scripts/lvm2_activation_generator_systemd_red_hat.c 2020-07-28 18:15:35.766505354 +0200 +@@ -153,7 +153,7 @@ + fputs("ExecStart=" LVM_PATH " vgchange -aay --ignoreskippedcluster", f); + if (sysinit_needed) + fputs (" --sysinit", f); +- fputs("\nType=oneshot\n", f); ++ fputs("\nType=oneshot\nRemainAfterExit=yes\n", f); + + if (fclose(f) < 0) { + kmsg(LOG_ERR, "LVM: Failed to write unit file %s: %m.\n", unit_name); diff --git a/sdk_container/src/third_party/coreos-overlay/sys-fs/lvm2/lvm2-2.02.145-r4.ebuild b/sdk_container/src/third_party/coreos-overlay/sys-fs/lvm2/lvm2-2.02.145-r4.ebuild new file mode 100644 index 0000000000..59389b00c3 --- /dev/null +++ b/sdk_container/src/third_party/coreos-overlay/sys-fs/lvm2/lvm2-2.02.145-r4.ebuild @@ -0,0 +1,293 @@ +# Copyright 1999-2016 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 + +EAPI=6 +inherit autotools eutils linux-info multilib systemd toolchain-funcs udev flag-o-matic + +DESCRIPTION="User-land utilities for LVM2 (device-mapper) software" +HOMEPAGE="https://sourceware.org/lvm2/" +SRC_URI="ftp://sourceware.org/pub/lvm2/${PN/lvm/LVM}.${PV}.tgz + ftp://sourceware.org/pub/lvm2/old/${PN/lvm/LVM}.${PV}.tgz" + +LICENSE="GPL-2" +SLOT="0" +KEYWORDS="~alpha amd64 ~arm arm64 ~hppa ~ia64 ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86 ~amd64-linux ~x86-linux" +IUSE="readline static static-libs systemd clvm cman corosync lvm1 lvm2create_initrd openais selinux +udev +thin device-mapper-only" +REQUIRED_USE="device-mapper-only? ( !clvm !cman !corosync !lvm1 !lvm2create_initrd !openais !thin ) + systemd? ( udev ) + clvm? ( !systemd )" + +DEPEND_COMMON=" + clvm? ( + cman? ( =sys-cluster/cman-3* ) + corosync? ( sys-cluster/corosync ) + openais? ( sys-cluster/openais ) + =sys-cluster/libdlm-3* + ) + + readline? ( sys-libs/readline:0= ) + udev? ( >=virtual/libudev-208:=[static-libs?] )" +# /run is now required for locking during early boot. /var cannot be assumed to +# be available -- thus, pull in recent enough baselayout for /run. +# This version of LVM is incompatible with cryptsetup <1.1.2. +RDEPEND="${DEPEND_COMMON} + !=sys-apps/util-linux-2.16 + lvm2create_initrd? ( sys-apps/makedev ) + thin? ( >=sys-block/thin-provisioning-tools-0.3.0 )" +# note: thin- 0.3.0 is required to avoid --disable-thin_check_needs_check +# USE 'static' currently only works with eudev, bug 520450 +DEPEND="${DEPEND_COMMON} + virtual/pkgconfig + >=sys-devel/binutils-2.20.1-r1 + sys-devel/autoconf-archive + systemd? ( >=sys-apps/systemd-205:0= ) + static? ( + selinux? ( sys-libs/libselinux[static-libs] ) + udev? ( >=sys-fs/eudev-3.1.2[static-libs] ) + >=sys-apps/util-linux-2.16[static-libs] + )" + +S=${WORKDIR}/${PN/lvm/LVM}.${PV} + +PATCHES=( + # Gentoo specific modification(s): + "${FILESDIR}"/${PN}-2.02.129-example.conf.in.patch + + # For upstream -- review and forward: + "${FILESDIR}"/${PN}-2.02.63-always-make-static-libdm.patch + "${FILESDIR}"/${PN}-2.02.56-lvm2create_initrd.patch + "${FILESDIR}"/${PN}-2.02.67-createinitrd.patch #301331 + "${FILESDIR}"/${PN}-2.02.99-locale-muck.patch #330373 + "${FILESDIR}"/${PN}-2.02.70-asneeded.patch # -Wl,--as-needed + "${FILESDIR}"/${PN}-2.02.139-dynamic-static-ldflags.patch #332905 + "${FILESDIR}"/${PN}-2.02.129-static-pkgconfig-libs.patch #370217, #439414 + blkid + "${FILESDIR}"/${PN}-2.02.130-pthread-pkgconfig.patch #492450 + "${FILESDIR}"/${PN}-2.02.145-mkdev.patch #580062 + + # Flatcar: + "${FILESDIR}"/${PN}-2.02.145-oneshot.patch # https://github.com/lvmteam/lvm2/pull/37 +) + +pkg_setup() { + local CONFIG_CHECK="~SYSVIPC" + + if use udev; then + local WARNING_SYSVIPC="CONFIG_SYSVIPC:\tis not set (required for udev sync)\n" + if linux_config_exists; then + local uevent_helper_path=$(linux_chkconfig_string UEVENT_HELPER_PATH) + if [ -n "${uevent_helper_path}" ] && [ "${uevent_helper_path}" != '""' ]; then + ewarn "It's recommended to set an empty value to the following kernel config option:" + ewarn "CONFIG_UEVENT_HELPER_PATH=${uevent_helper_path}" + fi + fi + fi + + check_extra_config + + # 1. Genkernel no longer copies /sbin/lvm blindly. + if use static; then + elog "Warning, we no longer overwrite /sbin/lvm and /sbin/dmsetup with" + elog "their static versions. If you need the static binaries," + elog "you must append .static to the filename!" + fi +} + +src_prepare() { + default + + sed -i \ + -e "1iAR = $(tc-getAR)" \ + -e "s:CC ?= @CC@:CC = $(tc-getCC):" \ + make.tmpl.in || die #444082 + + sed -i -e '/FLAG/s:-O2::' configure{.in,} || die #480212 + + if use udev && ! use device-mapper-only; then + sed -i -e '/use_lvmetad =/s:0:1:' conf/example.conf.in || die #514196 + elog "Notice that \"use_lvmetad\" setting is enabled with USE=\"udev\" in" + elog "/etc/lvm/lvm.conf, which will require restart of udev, lvm, and lvmetad" + elog "if it was previously disabled." + fi + + sed -i -e "s:/usr/bin/true:$(type -P true):" scripts/blk_availability_systemd_red_hat.service.in || die #517514 + + # Without thin-privision-tools, there is nothing to install for target install_man7: + use thin || { sed -i -e '/^install_lvm2/s:install_man7::' man/Makefile.in || die; } + + eautoreconf +} + +src_configure() { + filter-flags -flto + local myconf=() + local buildmode + + myconf+=( $(use_enable !device-mapper-only dmeventd) ) + myconf+=( $(use_enable !device-mapper-only cmdlib) ) + myconf+=( $(use_enable !device-mapper-only applib) ) + myconf+=( $(use_enable !device-mapper-only fsadm) ) + myconf+=( $(use_enable !device-mapper-only lvmetad) ) + use device-mapper-only && myconf+=( --disable-udev-systemd-background-jobs ) + + # Most of this package does weird stuff. + # The build options are tristate, and --without is NOT supported + # options: 'none', 'internal', 'shared' + if use static; then + buildmode="internal" + # This only causes the .static versions to become available + myconf+=( --enable-static_link ) + else + buildmode="shared" + fi + dmbuildmode=$(use !device-mapper-only && echo internal || echo none) + + # dmeventd requires mirrors to be internal, and snapshot available + # so we cannot disable them + myconf+=( --with-mirrors=${dmbuildmode} ) + myconf+=( --with-snapshots=${dmbuildmode} ) + if use thin; then + myconf+=( --with-thin=internal --with-cache=internal ) + local texec + for texec in check dump repair restore; do + myconf+=( --with-thin-${texec}="${EPREFIX}"/sbin/thin_${texec} ) + myconf+=( --with-cache-${texec}="${EPREFIX}"/sbin/cache_${texec} ) + done + else + myconf+=( --with-thin=none --with-cache=none ) + fi + + if use lvm1; then + myconf+=( --with-lvm1=${buildmode} ) + else + myconf+=( --with-lvm1=none ) + fi + + # disable O_DIRECT support on hppa, breaks pv detection (#99532) + use hppa && myconf+=( --disable-o_direct ) + + if use clvm; then + myconf+=( --with-cluster=${buildmode} ) + # 4-state! Make sure we get it right, per bug 210879 + # Valid options are: none, cman, gulm, all + # + # 2009/02: + # gulm is removed now, now dual-state: + # cman, none + # all still exists, but is not needed + # + # 2009/07: + # TODO: add corosync and re-enable ALL + local clvmd="" + use cman && clvmd="cman" + #clvmd="${clvmd/cmangulm/all}" + use corosync && clvmd="${clvmd:+$clvmd,}corosync" + use openais && clvmd="${clvmd:+$clvmd,}openais" + [ -z "${clvmd}" ] && clvmd="none" + myconf+=( --with-clvmd=${clvmd} ) + myconf+=( --with-pool=${buildmode} ) + else + myconf+=( --with-clvmd=none --with-cluster=none ) + fi + + econf \ + $(use_enable readline) \ + $(use_enable selinux) \ + --enable-pkgconfig \ + --with-confdir="${EPREFIX}"/etc \ + --exec-prefix="${EPREFIX}" \ + --sbindir="${EPREFIX}/sbin" \ + --with-staticdir="${EPREFIX}"/sbin \ + --libdir="${EPREFIX}/$(get_libdir)" \ + --with-usrlibdir="${EPREFIX}/usr/$(get_libdir)" \ + --with-default-dm-run-dir=/run \ + --with-default-run-dir=/run/lvm \ + --with-default-locking-dir=/run/lock/lvm \ + --with-default-pid-dir=/run \ + $(use_enable udev udev_rules) \ + $(use_enable udev udev_sync) \ + $(use_with udev udevdir "$(get_udevdir)"/rules.d) \ + $(use_enable systemd udev-systemd-background-jobs) \ + --with-systemdsystemunitdir="$(systemd_get_systemunitdir)" \ + ${myconf[@]} \ + CLDFLAGS="${LDFLAGS}" +} + +src_compile() { + pushd include >/dev/null + emake + popd >/dev/null + + if use device-mapper-only ; then + emake device-mapper + else + emake + emake CC="$(tc-getCC)" -C scripts lvm2_activation_generator_systemd_red_hat + fi +} + +src_install() { + local inst + INSTALL_TARGETS="install install_tmpfiles_configuration" + # install systemd related files only when requested, bug #522430 + use systemd && INSTALL_TARGETS="${INSTALL_TARGETS} install_systemd_units install_systemd_generators" + use device-mapper-only && INSTALL_TARGETS="install_device-mapper" + for inst in ${INSTALL_TARGETS}; do + emake DESTDIR="${D}" ${inst} + done + + newinitd "${FILESDIR}"/device-mapper.rc-2.02.105-r2 device-mapper + newconfd "${FILESDIR}"/device-mapper.conf-1.02.22-r3 device-mapper + + if use !device-mapper-only ; then + newinitd "${FILESDIR}"/dmeventd.initd-2.02.67-r1 dmeventd + newinitd "${FILESDIR}"/lvm.rc-2.02.116-r6 lvm + newconfd "${FILESDIR}"/lvm.confd-2.02.28-r2 lvm + + newinitd "${FILESDIR}"/lvm-monitoring.initd-2.02.105-r2 lvm-monitoring + newinitd "${FILESDIR}"/lvmetad.initd-2.02.116-r3 lvmetad + fi + + if use clvm; then + newinitd "${FILESDIR}"/clvmd.rc-2.02.39 clvmd + newconfd "${FILESDIR}"/clvmd.confd-2.02.39 clvmd + fi + + if use static-libs; then + dolib.a libdm/ioctl/libdevmapper.a + dolib.a libdaemon/client/libdaemonclient.a #462908 + #gen_usr_ldscript libdevmapper.so + dolib.a daemons/dmeventd/libdevmapper-event.a + #gen_usr_ldscript libdevmapper-event.so + else + rm -f "${ED}"usr/$(get_libdir)/{libdevmapper-event,liblvm2cmd,liblvm2app,libdevmapper}.a + fi + + if use lvm2create_initrd; then + dosbin scripts/lvm2create_initrd/lvm2create_initrd + doman scripts/lvm2create_initrd/lvm2create_initrd.8 + newdoc scripts/lvm2create_initrd/README README.lvm2create_initrd + fi + + insinto /etc + doins "${FILESDIR}"/dmtab + + dodoc README VERSION* WHATS_NEW WHATS_NEW_DM doc/*.{c,txt} conf/*.conf +} + +pkg_postinst() { + ewarn "Make sure the \"lvm\" init script is in the runlevels:" + ewarn "# rc-update add lvm boot" + ewarn + ewarn "Make sure to enable lvmetad in /etc/lvm/lvm.conf if you want" + ewarn "to enable lvm autoactivation and metadata caching." +} + +src_test() { + einfo "Tests are disabled because of device-node mucking, if you want to" + einfo "run tests, compile the package and see ${S}/tests" +}