mirrors/flatcar-scripts
1
0
Fork 0
mirror of https://github.com/flatcar/scripts.git synced 2025-11-08 12:12:09 +01:00
Code Issues Packages Projects Releases Wiki Activity

overlay sys-apps/systemd: Move our modifications to config overrides

Browse Source 
The most significant change here is to drop our manual service
enabling in favor of invoking systemctl preset-all and moving the
generated symlinks to /usr.

Signed-off-by: Krzesimir Nowak <knowak@microsoft.com>
This commit is contained in:
Krzesimir Nowak 2025-10-24 11:28:52 +02:00
parent ccee4d536c
commit fafa0f3d42
2 changed files with 201 additions and 177 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

191
sdk_container/src/third_party/coreos-overlay/coreos/config/env/sys-apps/systemd vendored
View File

@ -1,20 +1,192 @@
cros_post_src_install_timesync() { flatcar_systemd_meson_args_array=(
local dir="${D}$(systemd_get_systemunitdir)/systemd-timesyncd.service.d" # Point to our user mailing list.
mkdir -p "${dir}" -Dsupport-url='https://groups.google.com/forum/#!forum/flatcar-linux-user'
pushd "${dir}"
cat <<EOF >flatcar.conf || die # Use our ntp servers.
-Dntp-servers="0.flatcar.pool.ntp.org 1.flatcar.pool.ntp.org 2.flatcar.pool.ntp.org 3.flatcar.pool.ntp.org"
# Specify this, or meson breaks due to no /etc/login.defs.
-Dsystem-gid-max=999
-Dsystem-uid-max=999
# PAM config directory.
-Dpamconfdir="${EPREFIX}/usr/share/pam.d"
# The CoreOS epoch, Mon Jul 1 00:00:00 UTC 2013. Used by timesyncd
# as a sanity check for the minimum acceptable time. Explicitly
# set to avoid using the current build time.
-Dtime-epoch=1372636800
# No default name servers.
-Ddns-servers=
# Disable the "First Boot Wizard", it isn't very applicable to us.
-Dfirstboot=false
# Set latest network interface naming scheme for
# https://github.com/flatcar/Flatcar/issues/36
-Ddefault-net-naming-scheme=latest
# Combined log format: name plus description
-Dstatus-unit-format-default=combined
# Disable multicast-dns, Link-Local Multicast Name Resolution and
# dnssec
-Ddefault-mdns=no
-Ddefault-llmnr=no
-Ddefault-dnssec=no
)
export MYMESONARGS="${flatcar_systemd_meson_args_array[*]@Q}"
unset 'flatcar_systemd_meson_args_array'
# Save the original path to systemctl command, so we can use it for
# presetting, even after stubbing systemctl out below.
if [[ -z ${flatcar_hacked_systemctl} ]]; then
flatcar_hacked_systemctl=$(command -v systemctl) || die "systemctl not found"
fi
# Stubbed out completely - it is being invoked in the pkg_postinst to
# enable getty service and do some reexecs/reloads. None of these are
# necessary for us.
systemctl() {
:
}
flatcar_systemctl_preset() {
local scope=${1}
local systemctl_scope_arg
case ${scope} in
system) systemctl_scope_arg=--system;;
user) systemctl_scope_arg=--global;; # don't ask, using --user
# results in an "invalid
# argument" error
*) die "wrong scope ${scope@Q}, ought to be either system or user";;
esac
"${flatcar_hacked_systemctl}" --root="${ED}" "${systemctl_scope_arg}" --preset-mode=enable-only preset-all || die
local escaped_path
escaped_path=$(printf '%s' "${ED}/etc/systemd/" | sed -e 's/[#\&]/\\&/g') || die
# make symlinks relative
find "${ED}/etc/systemd/${scope}" -type l -lname "/usr/lib/systemd/${scope}/*" -printf "%l\0%p\0" | \
sed -z -e "s#^/usr/lib/systemd/#${escaped_path}#" | \
xargs -0 -n2 ln -sfTr || die
# We can't do just:
#
# mv "${ED}/etc/systemd/${scope}"/* "${ED}/usr/lib/systemd/${scope}/"
#
# Some directories already exist in both /etc/systemd/${scope} and
# /usr/lib/systemd/${scope}, but with different contents. "mv"
# complains that it can't overwrite them.
# create directories in /usr/lib/systemd/${scope} that match ones
# in /etc/systemd/${scope}
find "${ED}/etc/systemd/${scope}" ! -type d -printf '%h\0' | \
sort -z -u | \
sed -z -e "s#/etc/systemd/${scope}/#/usr/lib/systemd/${scope}/#" |
xargs -0 mkdir -p || die
# move files from /etc/systemd/${scope} to
# /usr/lib/systemd/${scope}
find "${ED}/etc/systemd/${scope}" ! -type d -print | \
sed -e "s#\(.*\)\(/etc/systemd/${scope}/\)\(.*\)#\1\2\3\n\1/usr/lib/systemd/${scope}/\3#" | \
xargs -n2 mv || die
# remove empty directories in /etc/systemd/${scope}
find "${ED}/etc/systemd/${scope}" -type d -printf '%d %p\0' | \
sort -z -k 1nr,1 -k2b | \
cut -z -d' ' -f2- | \
xargs -0 rmdir || die
}
cros_post_src_install_flatcar_stuff() {
# We provide our own systemd-user config file in baselayout.
#
# This one is installed by systemd build system regardless of
# USE=pam (the ebuild ought to pass -Dpamconfdir=no to disable the
# installation).
rm "${ED}/usr/share/pam.d/systemd-user" || die
# This one is installed by Gentoo's systemd ebuild only if USE=pam
# is enabled.
if use pam; then
rm "${ED}/etc/pam.d/systemd-user" || die
fi
# Ensure journal directory has correct ownership/mode in inital
# image. This is fixed by systemd-tmpfiles *but* journald starts
# before that and will create the journal if the filesystem is
# already read-write. Conveniently the systemd build system sets
# this up completely wrong.
keepdir /var/log/journal
fowners root:systemd-journal /var/log/journal
fperms 2755 /var/log/journal
keepdir /var/log/journal/remote
fowners systemd-journal-remote:systemd-journal-remote /var/log/journal/remote
(
insopts -m 0644
insinto /usr/lib/tmpfiles.d
# Add tmpfiles rule for resolv.conf. This path has changed
# after v213 so it must be handled here instead of baselayout
# now.
newins - systemd-resolv.conf <<'EOF'
d /run/systemd/network - - - - -
L /run/systemd/network/resolv.conf - - - - ../resolve/resolv.conf
EOF
)
# Don't set any extra environment variables by default.
rm "${ED}/usr/lib/environment.d/99-environment.conf" || die
# enable system units
flatcar_systemctl_preset system
# enable user units
flatcar_systemctl_preset user
# Use an empty preset file, because systemctl preset-all puts
# symlinks in /etc, not in /usr. We don't use /etc, because it is
# not autoupdated. We do the "preset" above.
rm "${ED}/usr/lib/systemd/system-preset/90-systemd.preset" || die
rm "${ED}/usr/lib/systemd/user-preset/90-systemd.preset" || die
(
insinto /usr/lib/systemd/system-preset
newins - 99-default.preset <<'EOF'
# Do not enable any services if /etc is detected as empty.
disable *
EOF
insinto /usr/lib/systemd/user-preset
newins - 99-default.preset <<'EOF'
# Do not enable any services if /etc is detected as empty.
disable *
EOF
)
# Do not ship distro-specific files (nsswitch.conf pam.d). This
# conflicts with our own configuration provided by baselayout.
rm -r "${ED}"/usr/share/factory || die
sed -i "${ED}"/usr/lib/tmpfiles.d/etc.conf \
-e '/^C!* \/etc\/nsswitch\.conf/d' \
-e '/^C!* \/etc\/pam\.d/d' \
-e '/^C!* \/etc\/issue/d' || die
(
# Some OEMs prefer chronyd, so allow them to replace
# systemd-timesyncd with it.
insinto "$(systemd_get_systemunitdir)/systemd-timesyncd.service.d"
newins - flatcar.conf <<'EOF'
# Allow sysexts to ship timesyncd replacements which can have # Allow sysexts to ship timesyncd replacements which can have
# a Conflicts=systemd-timesyncd directive that would result # a Conflicts=systemd-timesyncd directive that would result
# in systemd-timesyncd not being started. # in systemd-timesyncd not being started.
[Unit] [Unit]
After=ensure-sysext.service After=ensure-sysext.service
EOF EOF
popd )
}
cros_post_src_install_udev() { (
# Allow @mount syscalls for systemd-udevd.service
insinto "$(systemd_get_systemunitdir)/systemd-udevd.service.d" insinto "$(systemd_get_systemunitdir)/systemd-udevd.service.d"
newins - flatcar.conf <<EOF newins - flatcar.conf <<'EOF'
# In Flatcar we are using modprobe helpers that run depmod in temporary # In Flatcar we are using modprobe helpers that run depmod in temporary
# overlay. systemd-udevd.service may try to load drivers for some block devices # overlay. systemd-udevd.service may try to load drivers for some block devices
# (e.g. ZFS), which ends up calling our helpers, which invoke mount command. # (e.g. ZFS), which ends up calling our helpers, which invoke mount command.
@ -23,4 +195,5 @@ cros_post_src_install_udev() {
[Service] [Service]
SystemCallFilter=@mount SystemCallFilter=@mount
EOF EOF
)
} }

185
sdk_container/src/third_party/coreos-overlay/sys-apps/systemd/systemd-257.7-r1.ebuild vendored
View File

@ -25,8 +25,7 @@ else
fi fi
inherit bash-completion-r1 linux-info meson-multilib optfeature pam python-single-r1 inherit bash-completion-r1 linux-info meson-multilib optfeature pam python-single-r1
# Flatcar: Inherited tmpfiles inherit secureboot systemd toolchain-funcs udev
inherit secureboot systemd tmpfiles toolchain-funcs udev
DESCRIPTION="System and service manager for Linux" DESCRIPTION="System and service manager for Linux"
HOMEPAGE="https://systemd.io/" HOMEPAGE="https://systemd.io/"
@ -300,8 +299,7 @@ multilib_src_configure() {
-Ddocdir="share/doc/${PF}" -Ddocdir="share/doc/${PF}"
# default is developer, bug 918671 # default is developer, bug 918671
-Dmode=release -Dmode=release
# Flatcar: Point to our user mailing list. -Dsupport-url="https://gentoo.org/support/"
-Dsupport-url="https://groups.google.com/forum/#!forum/flatcar-linux-user"
-Dpamlibdir="$(getpam_mod_dir)" -Dpamlibdir="$(getpam_mod_dir)"
# avoid bash-completion dep # avoid bash-completion dep
-Dbashcompletiondir="$(get_bashcompdir)" -Dbashcompletiondir="$(get_bashcompdir)"
@ -354,8 +352,7 @@ multilib_src_configure() {
$(meson_native_use_feature test dbus) $(meson_native_use_feature test dbus)
$(meson_native_use_feature ukify) $(meson_native_use_feature ukify)
$(meson_native_use_feature xkb xkbcommon) $(meson_native_use_feature xkb xkbcommon)
# Flatcar: Use our ntp servers. -Dntp-servers="0.gentoo.pool.ntp.org 1.gentoo.pool.ntp.org 2.gentoo.pool.ntp.org 3.gentoo.pool.ntp.org"
-Dntp-servers="0.flatcar.pool.ntp.org 1.flatcar.pool.ntp.org 2.flatcar.pool.ntp.org 3.flatcar.pool.ntp.org"
# Breaks screen, tmux, etc. # Breaks screen, tmux, etc.
-Ddefault-kill-user-processes=false -Ddefault-kill-user-processes=false
-Dcreate-log-dirs=false -Dcreate-log-dirs=false
@ -380,42 +377,6 @@ multilib_src_configure() {
$(meson_native_true timesyncd) $(meson_native_true timesyncd)
$(meson_native_true tmpfiles) $(meson_native_true tmpfiles)
$(meson_native_true vconsole) $(meson_native_true vconsole)
# Flatcar: Specify this, or meson breaks due to no
# /etc/login.defs.
-Dsystem-gid-max=999
-Dsystem-uid-max=999
# Flatcar: DBus paths.
-Ddbussessionservicedir="${EPREFIX}/usr/share/dbus-1/services"
-Ddbussystemservicedir="${EPREFIX}/usr/share/dbus-1/system-services"
# Flatcar: PAM config directory.
-Dpamconfdir=/usr/share/pam.d
# Flatcar: The CoreOS epoch, Mon Jul 1 00:00:00 UTC
# 2013. Used by timesyncd as a sanity check for the
# minimum acceptable time. Explicitly set to avoid
# using the current build time.
-Dtime-epoch=1372636800
# Flatcar: No default name servers.
-Ddns-servers=
# Flatcar: Disable the "First Boot Wizard", it isn't
# very applicable to us.
-Dfirstboot=false
# Flatcar: Set latest network interface naming scheme
# for https://github.com/flatcar/Flatcar/issues/36
-Ddefault-net-naming-scheme=latest
# Flatcar: Combined log format: name plus description
-Dstatus-unit-format-default=combined
# Flatcar: Disable multicast-dns, Link-Local Multicast Name Resolution and dnssec
-Ddefault-mdns=no
-Ddefault-llmnr=no
-Ddefault-dnssec=no
) )
case $(tc-arch) in case $(tc-arch) in
@ -443,9 +404,7 @@ multilib_src_test() {
multilib_src_install_all() { multilib_src_install_all() {
einstalldocs einstalldocs
# Flatcar: Do not install sample nsswitch.conf, we don't dodoc "${FILESDIR}"/nsswitch.conf
# provide it.
# dodoc "${FILESDIR}"/nsswitch.conf
insinto /usr/lib/tmpfiles.d insinto /usr/lib/tmpfiles.d
doins "${FILESDIR}"/legacy.conf doins "${FILESDIR}"/legacy.conf
@ -477,129 +436,23 @@ multilib_src_install_all() {
keepdir /var/lib/systemd keepdir /var/lib/systemd
keepdir /var/log/journal keepdir /var/log/journal
# Flatcar: We provide our own systemd-user config file in baselayout. if use pam; then
# if use pam; then if use selinux; then
# if use selinux; then newpamd "${FILESDIR}"/systemd-user-selinux.pam systemd-user
# newpamd "${FILESDIR}"/systemd-user-selinux.pam systemd-user else
# else newpamd "${FILESDIR}"/systemd-user.pam systemd-user
# newpamd "${FILESDIR}"/systemd-user.pam systemd-user fi
# fi fi
# fi
if use kernel-install; then if use kernel-install; then
# Dummy config, remove to make room for sys-kernel/installkernel # Dummy config, remove to make room for sys-kernel/installkernel
rm "${ED}/usr/lib/kernel/install.conf" || die rm "${ED}/usr/lib/kernel/install.conf" || die
fi fi
# Flatcar: Ensure journal directory has correct ownership/mode
# in inital image. This is fixed by systemd-tmpfiles *but*
# journald starts before that and will create the journal if
# the filesystem is already read-write. Conveniently the
# systemd Makefile sets this up completely wrong.
#
# Flatcar: TODO: Is this still a problem?
dodir /var/log/journal
fowners root:systemd-journal /var/log/journal
fperms 2755 /var/log/journal
# Flatcar: Don't prune systemd dirs.
dotmpfiles "${FILESDIR}"/systemd-flatcar.conf
# Flatcar: Add tmpfiles rule for resolv.conf. This path has
# changed after v213 so it must be handled here instead of
# baselayout now.
dotmpfiles "${FILESDIR}"/systemd-resolv.conf
# Flatcar: Don't set any extra environment variables by default.
rm "${ED}/usr/lib/environment.d/99-environment.conf" || die
# Flatcar: These lines more or less follow the systemd's
# preset file (90-systemd.preset). We do it that way, to avoid
# putting symlinks in /etc. Please keep the lines in the same
# order as the "enable" lines appear in the preset file. For a
# single enable line in preset, there may be more lines if the
# unit file had Also: clause which has units we enable here
# too.
# Flatcar: enable remote-fs.target
builddir_systemd_enable_service multi-user.target remote-fs.target
# Flatcar: enable remote-cryptsetup.target
if use cryptsetup; then
builddir_systemd_enable_service multi-user.target remote-cryptsetup.target
fi
# Flatcar: enable machines.target
builddir_systemd_enable_service multi-user.target machines.target
# Flatcar: enable getty@.service
dodir "${unitdir}/getty.target.wants"
dosym ../getty@.service "${unitdir}/getty.target.wants/getty@tty1.service"
# Flatcar: enable systemd-timesyncd.service
builddir_systemd_enable_service sysinit.target systemd-timesyncd.service
# Flatcar: enable systemd-networkd.service (Also: systemd-networkd.socket, systemd-networkd-wait-online.service)
builddir_systemd_enable_service multi-user.target systemd-networkd.service
builddir_systemd_enable_service sockets.target systemd-networkd.socket
builddir_systemd_enable_service network-online.target systemd-networkd-wait-online.service
# Flatcar: enable systemd-network-generator.service
builddir_systemd_enable_service sysinit.target systemd-network-generator.service
# Flatcar: enable systemd-resolved.service
builddir_systemd_enable_service multi-user.target systemd-resolved.service
# Flatcar: enable systemd-homed.service (Also: systemd-userdbd.service [not enabled - has no WantedBy entry])
if use homed; then
builddir_systemd_enable_service multi-user.target systemd-homed.target
fi
# Flatcar: enable systemd-userdbd.socket
builddir_systemd_enable_service sockets.target systemd-userdbd.socket
# Flatcar: enable systemd-pstore.service
builddir_systemd_enable_service sysinit.target systemd-pstore.service
# Flatcar: enable systemd-boot-update.service
if use boot; then
builddir_systemd_enable_service sysinit.target systemd-boot-update.service
fi
# Flatcar: enable reboot.target (not enabled - has no WantedBy
# entry)
# Flatcar: enable systemd-sysext.service by default
builddir_systemd_enable_service sysinit.target systemd-sysext.service
# Flatcar: Use an empty preset file, because systemctl
# preset-all puts symlinks in /etc, not in /usr. We don't use
# /etc, because it is not autoupdated. We do the "preset" above.
rm "${ED}/usr/lib/systemd/system-preset/90-systemd.preset" || die
insinto /usr/lib/systemd/system-preset
doins "${FILESDIR}"/99-default.preset
# Flatcar: Do not ship distro-specific files (nsswitch.conf
# pam.d). This conflicts with our own configuration provided
# by baselayout.
rm -rf "${ED}"/usr/share/factory
sed -i "${ED}"/usr/lib/tmpfiles.d/etc.conf \
-e '/^C!* \/etc\/nsswitch\.conf/d' \
-e '/^C!* \/etc\/pam\.d/d' \
-e '/^C!* \/etc\/issue/d'
use ukify && python_fix_shebang "${ED}" use ukify && python_fix_shebang "${ED}"
use boot && secureboot_auto_sign use boot && secureboot_auto_sign
} }
# Flatcar: Our own version of systemd_get_systemunitdir, that returns
# a path inside /usr, not /etc.
builddir_systemd_get_systemunitdir() {
echo "${EPREFIX}/usr/lib/systemd/system"
}
# Flatcar: Our own version of systemd_enable_service, that does
# operations inside /usr, not /etc.
builddir_systemd_enable_service() {
local target=${1}
local service=${2}
local ud=$(builddir_systemd_get_systemunitdir)
local destname=${service##*/}
dodir "${ud}"/"${target}".wants && \
dosym ../"${service}" "${ud}"/"${target}".wants/"${destname}"
if use boot; then
python_fix_shebang "${ED}"
secureboot_auto_sign
fi
}
migrate_locale() { migrate_locale() {
local envd_locale_def="${EROOT}/etc/env.d/02locale" local envd_locale_def="${EROOT}/etc/env.d/02locale"
local envd_locale=( "${EROOT}"/etc/env.d/??locale ) local envd_locale=( "${EROOT}"/etc/env.d/??locale )
@ -669,15 +522,13 @@ pkg_postinst() {
# between OpenRC & systemd # between OpenRC & systemd
migrate_locale migrate_locale
# Flatcar: We enable getty and remote-fs targets in /usr if [[ -z ${REPLACING_VERSIONS} ]]; then
# ourselves above. if type systemctl &>/dev/null; then
# if [[ -z ${REPLACING_VERSIONS} ]]; then systemctl --root="${ROOT:-/}" enable getty@.service remote-fs.target || FAIL=1
# if type systemctl &>/dev/null; then fi
# systemctl --root="${ROOT:-/}" enable getty@.service remote-fs.target || FAIL=1 elog "To enable a useful set of services, run the following:"
# fi elog " systemctl preset-all --preset-mode=enable-only"
# elog "To enable a useful set of services, run the following:" fi
# elog " systemctl preset-all --preset-mode=enable-only"
# fi
if [[ -L ${EROOT}/var/lib/systemd/timesync ]]; then if [[ -L ${EROOT}/var/lib/systemd/timesync ]]; then
rm "${EROOT}/var/lib/systemd/timesync" rm "${EROOT}/var/lib/systemd/timesync"