mirrors/flatcar-scripts
1
0
Fork 0
mirror of https://github.com/flatcar/scripts.git synced 2025-08-18 21:11:08 +02:00
Code Issues Packages Projects Releases Wiki Activity

sys-apps/systemd: Sync with Gentoo upstream; updates to v249.2

Browse Source 
Signed-off-by: Sayan Chowdhury <sayan@kinvolk.io>
This commit is contained in:
Sayan Chowdhury 2021-09-02 07:49:40 +00:00 committed by Sayan Chowdhury
parent eaeea59b17
commit ff243aa613
15 changed files with 210 additions and 547 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
sdk_container/src/third_party/coreos-overlay/sys-apps/systemd/Manifest vendored
View File

@ -1 +1 @@
DIST systemd-stable-247.9.tar.gz 9915803 BLAKE2B cca6a40dac78d48eb0f7752e96b19894baff1cd462b8a3001e121820ca792a4752c03d725e13d91f238ce26980c62b1830b49e56ae7bfdc7b48b838508810163 SHA512 61cd36bec931a3550c9d25abd86d12b031d55cebf3c31eb08805947484aa93d215e3d12227cd41131a26c2a6024a74b1fef5cd4929e6240f916279bfbfc67116 DIST systemd-stable-249.3.tar.gz 10592081 BLAKE2B e780ffeedbe916c8c633937475b14586023f80e438f9afcdce264ae97e34443567af2c35cba16e19f8456f40e5a16ce71e6cdd61b1d7995cb99fbfbdb4700aac SHA512 06cf03e448f0a311cca5faa2c3e75087355441514dc3d7d6d7f0924b27cdd21867d0dbb33ff2e9451e2ae90eb6fb206c77539805f30c7e54f6a1e7b6800c0120

13
sdk_container/src/third_party/coreos-overlay/sys-apps/systemd/README vendored
View File

@ -1,13 +0,0 @@
= CoreOS systemd packages
The systemd git repo lives in src/third_party/systemd and is normally
checked out to the 'master' branch by repo and the live ebuild,
systemd-9999, will build the master branch. Release ebuilds must
specify a specific git commit to build which may be the upstream tagged
commit (e.g. v218) or a commit on one of the CoreOS release branches
(e.g. v218-coreos). If you want to use cros-workon and the live ebuild
to test new changes to a release branch it is up to you to check out
that branch in src/third_party/systemd and be warned: a repo sync will
always switch back to master. I don't have a particularly good
recommendation for dealing with this, repo thinks it should be
authoritative when in fact it is the ebuilds that are authoritative.

32
sdk_container/src/third_party/coreos-overlay/sys-apps/systemd/files/0004-wait-online-set-any-by-default.patch vendored
View File

@ -1,32 +0,0 @@
From eb00b0bf1014fd9da26fc1ed2612c579cbcf09ce Mon Sep 17 00:00:00 2001
From: David Michael <dm0@redhat.com>
Date: Tue, 16 Apr 2019 02:44:51 +0000
Subject: [PATCH 1/5] wait-online: set --any by default
The systemd-networkd-wait-online command would normally continue
waiting after a network interface is usable if other interfaces are
still configuring. There is a new flag --any to change this.
Preserve previous Container Linux behavior for compatibility by
setting the --any flag by default. See patches from v241 (or
earlier) for the original implementation.
---
src/network/wait-online/wait-online.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/network/wait-online/wait-online.c b/src/network/wait-online/wait-online.c
index cfd9093f1a..3c67e3a379 100644
--- a/src/network/wait-online/wait-online.c
+++ b/src/network/wait-online/wait-online.c
@@ -19,7 +19,7 @@ static usec_t arg_timeout = 120 * USEC_PER_SEC;
static Hashmap *arg_interfaces = NULL;
static char **arg_ignore = NULL;
static LinkOperationalStateRange arg_required_operstate = { _LINK_OPERSTATE_INVALID, _LINK_OPERSTATE_INVALID };
-static bool arg_any = false;
+static bool arg_any = true;
STATIC_DESTRUCTOR_REGISTER(arg_interfaces, hashmap_free_free_freep);
STATIC_DESTRUCTOR_REGISTER(arg_ignore, strv_freep);
--
2.26.2

24
sdk_container/src/third_party/coreos-overlay/sys-apps/systemd/files/0005-networkd-default-to-kernel-IPForwarding-setting.patch vendored
View File

@ -1,24 +0,0 @@
From 9acb14187bacd1d716adaed491813ea1cde12237 Mon Sep 17 00:00:00 2001
From: Nick Owens <nick.owens@coreos.com>
Date: Tue, 2 Jun 2015 18:22:32 -0700
Subject: [PATCH 2/5] networkd: default to "kernel" IPForwarding setting
---
src/network/networkd-network.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/src/network/networkd-network.c b/src/network/networkd-network.c
index 3254641461..4f34daa919 100644
--- a/src/network/networkd-network.c
+++ b/src/network/networkd-network.c
@@ -410,6 +410,7 @@ int network_load_one(Manager *manager, OrderedHashmap **networks, const char *fi
.ipv6ll_address_gen_mode = _IPV6_LINK_LOCAL_ADDRESS_GEN_MODE_INVALID,
.ipv4_accept_local = -1,
+ .ip_forward = _ADDRESS_FAMILY_INVALID,
.ipv6_privacy_extensions = IPV6_PRIVACY_EXTENSIONS_NO,
.ipv6_accept_ra = -1,
.ipv6_dad_transmits = -1,
--
2.26.2

58
sdk_container/src/third_party/coreos-overlay/sys-apps/systemd/files/0006-needs-update-don-t-require-strictly-newer-usr.patch vendored
View File

@ -1,58 +0,0 @@
From e073ce40241db173d160d5d9986129820a98270a Mon Sep 17 00:00:00 2001
From: Alex Crawford <alex.crawford@coreos.com>
Date: Wed, 2 Mar 2016 10:46:33 -0800
Subject: [PATCH 3/5] needs-update: don't require strictly newer usr
Updates should be triggered whenever usr changes, not only when it is newer.
---
man/systemd-update-done.service.xml | 2 +-
src/shared/condition.c | 6 +++---
2 files changed, 4 insertions(+), 4 deletions(-)
diff --git a/man/systemd-update-done.service.xml b/man/systemd-update-done.service.xml
index 3393010ff6..5478baca25 100644
--- a/man/systemd-update-done.service.xml
+++ b/man/systemd-update-done.service.xml
@@ -50,7 +50,7 @@
<varname>ConditionNeedsUpdate=</varname> (see
<citerefentry><refentrytitle>systemd.unit</refentrytitle><manvolnum>5</manvolnum></citerefentry>)
condition to make sure to run when <filename>/etc/</filename> or
- <filename>/var/</filename> are older than <filename>/usr/</filename>
+ <filename>/var/</filename> aren't the same age as <filename>/usr/</filename>
according to the modification times of the files described above.
This requires that updates to <filename>/usr/</filename> are always
followed by an update of the modification time of
diff --git a/src/shared/condition.c b/src/shared/condition.c
index b2ec690bc3..4cf6523b90 100644
--- a/src/shared/condition.c
+++ b/src/shared/condition.c
@@ -593,7 +593,7 @@ static int condition_test_needs_update(Condition *c, char **env) {
* First, compare seconds as they are always accurate...
*/
if (usr.st_mtim.tv_sec != other.st_mtim.tv_sec)
- return usr.st_mtim.tv_sec > other.st_mtim.tv_sec;
+ return true;
/*
* ...then compare nanoseconds.
@@ -604,7 +604,7 @@ static int condition_test_needs_update(Condition *c, char **env) {
* (otherwise the filesystem supports nsec timestamps, see stat(2)).
*/
if (usr.st_mtim.tv_nsec == 0 || other.st_mtim.tv_nsec > 0)
- return usr.st_mtim.tv_nsec > other.st_mtim.tv_nsec;
+ return usr.st_mtim.tv_nsec != other.st_mtim.tv_nsec;
_cleanup_free_ char *timestamp_str = NULL;
r = parse_env_file(NULL, p, "TIMESTAMP_NSEC", &timestamp_str);
@@ -623,7 +623,7 @@ static int condition_test_needs_update(Condition *c, char **env) {
return true;
}
- return timespec_load_nsec(&usr.st_mtim) > timestamp;
+ return timespec_load_nsec(&usr.st_mtim) != timestamp;
}
static int condition_test_first_boot(Condition *c, char **env) {
--
2.26.2

65
sdk_container/src/third_party/coreos-overlay/sys-apps/systemd/files/0007-core-use-max-for-DefaultTasksMax.patch vendored
View File

@ -1,65 +0,0 @@
From 3acaafc6fcd34b272e5249c49e498ff7facb564e Mon Sep 17 00:00:00 2001
From: Sayan Chowdhury <sayan@kinvolk.io>
Date: Thu, 22 Apr 2021 20:08:33 +0530
Subject: [PATCH] core: use max for DefaultTasksMax
Since systemd v228, systemd has a DefaultTasksMax which defaulted
to 512, later 15% of the system's maximum number of PIDs. This
limit is low and a change in behavior that people running services
in containers will hit frequently, so revert to previous behavior.
Though later the TasksMax was changed in the a dynamic property to
accommodate stale values.
This change is built on previous patch by David Michael(dm0-).
Signed-off-by: Sayan Chowdhury <sayan@kinvolk.io>
---
man/systemd-system.conf.xml | 2 +-
src/core/main.c | 2 +-
src/core/system.conf.in | 2 +-
3 files changed, 3 insertions(+), 3 deletions(-)
diff --git a/man/systemd-system.conf.xml b/man/systemd-system.conf.xml
index d39928ec23..4d89a68b16 100644
--- a/man/systemd-system.conf.xml
+++ b/man/systemd-system.conf.xml
@@ -376,7 +376,7 @@
<listitem><para>Configure the default value for the per-unit <varname>TasksMax=</varname> setting. See
<citerefentry><refentrytitle>systemd.resource-control</refentrytitle><manvolnum>5</manvolnum></citerefentry>
for details. This setting applies to all unit types that support resource control settings, with the exception
- of slice units. Defaults to 15% of the minimum of <varname>kernel.pid_max=</varname>, <varname>kernel.threads-max=</varname>
+ of slice units. Defaults to 100% of the minimum of <varname>kernel.pid_max=</varname>, <varname>kernel.threads-max=</varname>
and root cgroup <varname>pids.max</varname>.
Kernel has a default value for <varname>kernel.pid_max=</varname> and an algorithm of counting in case of more than 32 cores.
For example with the default <varname>kernel.pid_max=</varname>, <varname>DefaultTasksMax=</varname> defaults to 4915,
diff --git a/src/core/main.c b/src/core/main.c
index 0ddd629851..5e25a1b4b7 100644
--- a/src/core/main.c
+++ b/src/core/main.c
@@ -91,7 +91,7 @@
#include <sanitizer/lsan_interface.h>
#endif
-#define DEFAULT_TASKS_MAX ((TasksMax) { 15U, 100U }) /* 15% */
+#define DEFAULT_TASKS_MAX ((TasksMax) { 100U, 100U }) /* 100% */
static enum {
ACTION_RUN,
diff --git a/src/core/system.conf.in b/src/core/system.conf.in
index fa6fb690c7..1e6df17d94 100644
--- a/src/core/system.conf.in
+++ b/src/core/system.conf.in
@@ -55,7 +55,7 @@
#DefaultBlockIOAccounting=no
#DefaultMemoryAccounting=@MEMORY_ACCOUNTING_DEFAULT@
#DefaultTasksAccounting=yes
-#DefaultTasksMax=15%
+#DefaultTasksMax=100%
#DefaultLimitCPU=
#DefaultLimitFSIZE=
#DefaultLimitDATA=
--
2.30.2

29
sdk_container/src/third_party/coreos-overlay/sys-apps/systemd/files/0008-systemd-Disable-SELinux-permissions-checks.patch vendored
View File

@ -1,29 +0,0 @@
From f83a1a190139d6f7752e0d7c86396330f845b261 Mon Sep 17 00:00:00 2001
From: Matthew Garrett <mjg59@coreos.com>
Date: Tue, 20 Dec 2016 16:43:22 +0000
Subject: [PATCH 5/5] systemd: Disable SELinux permissions checks
We don't care about the interaction between systemd and SELinux policy, so
let's just disable these checks rather than having to incorporate policy
support. This has no impact on our SELinux use-case, which is purely intended
to limit containers and not anything running directly on the host.
---
src/core/selinux-access.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/core/selinux-access.c b/src/core/selinux-access.c
index 1d52b5ff04..1653d241f6 100644
--- a/src/core/selinux-access.c
+++ b/src/core/selinux-access.c
@@ -2,7 +2,7 @@
#include "selinux-access.h"
-#if HAVE_SELINUX
+#if 0
#include <errno.h>
#include <selinux/avc.h>
--
2.26.2

26
sdk_container/src/third_party/coreos-overlay/sys-apps/systemd/files/249-libudev-static.patch vendored Normal file
View File

@ -0,0 +1,26 @@
From f2c57d4f3805775e0ffdc80ce578eaa737017d31 Mon Sep 17 00:00:00 2001
From: Mike Gilbert <floppym@gentoo.org>
Date: Fri, 9 Jul 2021 13:05:23 -0400
Subject: [PATCH] libudev: add "Libs.private: -lrt -pthread" to libudev.pc
This resolves a failure when linking cryptsetup.static against libudev.a.
```
libtool: link: x86_64-pc-linux-gnu-gcc -Wall -O2 -pipe -march=amdfam10 -static -O2 -o cryptsetup.static lib/utils_crypt.o lib/utils_loop.o lib/utils_io.o lib/utils_blkid.o src/utils_tools.o src/utils_password.o src/utils_luks2.o src/utils_blockdev.o src/cryptsetup.o -pthread -pthread -Wl,--as-needed ./.libs/libcryptsetup.a -largon2 -lrt -ljson-c -lpopt -luuid -lblkid -lssl -lcrypto -lz -ldl -ldevmapper -lm -lpthread -ludev -pthread
/usr/lib/gcc/x86_64-pc-linux-gnu/11.1.0/../../../../x86_64-pc-linux-gnu/bin/ld: /usr/lib/gcc/x86_64-pc-linux-gnu/11.1.0/../../../../lib64/libudev.a(src_libsystemd_sd-daemon_sd-daemon.c.o): in function `sd_is_mq':
(.text.sd_is_mq+0x3a): undefined reference to `mq_getattr'
```
---
src/libudev/libudev.pc.in | 1 +
1 file changed, 1 insertion(+)
diff --git a/src/libudev/libudev.pc.in b/src/libudev/libudev.pc.in
index 89028aaa6bf2..1d6487fa4084 100644
--- a/src/libudev/libudev.pc.in
+++ b/src/libudev/libudev.pc.in
@@ -16,4 +16,5 @@ Name: libudev
Description: Library to access udev device information
Version: {{PROJECT_VERSION}}
Libs: -L${libdir} -ludev
+Libs.private: -lrt -pthread
Cflags: -I${includedir}

2
sdk_container/src/third_party/coreos-overlay/sys-apps/systemd/files/99-default.preset vendored
View File

@ -1,2 +0,0 @@
# Do not enable any services if /etc is detected as empty.
disable *

10
sdk_container/src/third_party/coreos-overlay/sys-apps/systemd/files/systemd-flatcar.conf vendored
View File

@ -1,10 +0,0 @@
d /etc/binfmt.d - - - - -
d /etc/modules-load.d - - - - -
d /etc/sysctl.d - - - - -
d /etc/systemd - - - - -
d /etc/systemd/network - - - - -
d /etc/systemd/system - - - - -
d /etc/systemd/user - - - - -
d /etc/tmpfiles.d - - - - -
d /etc/sysusers.d - - - - -
d /var/log/journal/remote - systemd-journal-remote systemd-journal-remote - -

2
sdk_container/src/third_party/coreos-overlay/sys-apps/systemd/files/systemd-resolv.conf vendored
View File

@ -1,2 +0,0 @@
d /run/systemd/network - - - - -
L /run/systemd/network/resolv.conf - - - - ../resolve/resolv.conf

5
sdk_container/src/third_party/coreos-overlay/sys-apps/systemd/files/systemd-user.pam vendored Normal file
View File

@ -0,0 +1,5 @@
account include system-auth
session required pam_loginuid.so
session include system-auth
session optional pam_systemd.so

10
sdk_container/src/third_party/coreos-overlay/sys-apps/systemd/metadata.xml vendored
View File

@ -11,21 +11,27 @@
<use> <use>
<flag name="apparmor">Enable AppArmor support</flag> <flag name="apparmor">Enable AppArmor support</flag>
<flag name="audit">Enable support for <pkg>sys-process/audit</pkg></flag> <flag name="audit">Enable support for <pkg>sys-process/audit</pkg></flag>
<flag name="cgroup-hybrid">Default to hybrid (legacy) cgroup hierarchy instead of unified (modern).</flag>
<flag name="curl">Enable support for uploading journals</flag> <flag name="curl">Enable support for uploading journals</flag>
<flag name="cryptsetup">Enable cryptsetup tools (includes unit generator for crypttab)</flag> <flag name="cryptsetup">Enable cryptsetup tools (includes unit generator for crypttab)</flag>
<flag name="dns-over-tls">Enable DNS-over-TLS support</flag>
<flag name="gnuefi">Enable EFI boot manager and stub loader (built using <pkg>sys-boot/gnu-efi</pkg>)</flag> <flag name="gnuefi">Enable EFI boot manager and stub loader (built using <pkg>sys-boot/gnu-efi</pkg>)</flag>
<flag name="elfutils">Enable coredump stacktraces in the journal</flag> <flag name="elfutils">Enable coredump stacktraces in the journal</flag>
<flag name="gcrypt">Enable sealing of journal files using gcrypt</flag> <flag name="gcrypt">Enable sealing of journal files using gcrypt</flag>
<flag name="homed">Enable portable home directories</flag>
<flag name="http">Enable embedded HTTP server in journald</flag> <flag name="http">Enable embedded HTTP server in journald</flag>
<flag name="hwdb">Enable support for the hardware database</flag>
<flag name="importd">Enable import daemon</flag> <flag name="importd">Enable import daemon</flag>
<flag name="kmod">Enable kernel module loading via <pkg>sys-apps/kmod</pkg></flag> <flag name="kmod">Enable kernel module loading via <pkg>sys-apps/kmod</pkg></flag>
<flag name="libidn2">If IDN support is enabled, use <pkg>net-dns/libidn2</pkg> instead of <pkg>net-dns/libidn</pkg></flag>
<flag name="lz4">Enable lz4 compression for the journal</flag> <flag name="lz4">Enable lz4 compression for the journal</flag>
<flag name="nat">Enable support for network address translation in networkd</flag> <flag name="nat">Enable support for network address translation in networkd</flag>
<flag name="pkcs11">Enable PKCS#11 support for cryptsetup and homed</flag>
<flag name="pwquality">Enable password quality checking in homed</flag>
<flag name="repart">Enable support for growing/adding partitions</flag>
<flag name="qrcode">Enable qrcode output support in journal</flag> <flag name="qrcode">Enable qrcode output support in journal</flag>
<flag name="resolvconf">Install resolvconf symlink for systemd-resolve</flag> <flag name="resolvconf">Install resolvconf symlink for systemd-resolve</flag>
<flag name="sysv-utils">Install sysvinit compatibility symlinks and manpages for init, telinit, halt, poweroff, reboot, runlevel, and shutdown</flag> <flag name="sysv-utils">Install sysvinit compatibility symlinks and manpages for init, telinit, halt, poweroff, reboot, runlevel, and shutdown</flag>
<flag name="split-usr">Enable this if /bin and /usr/bin are separate directories</flag> <flag name="tpm">Enable TPM support</flag>
<flag name="vanilla">Disable Gentoo-specific behavior and compatibility quirks</flag> <flag name="vanilla">Disable Gentoo-specific behavior and compatibility quirks</flag>
<flag name="xkb">Depend on <pkg>x11-libs/libxkbcommon</pkg> to allow logind to control the X11 keymap</flag> <flag name="xkb">Depend on <pkg>x11-libs/libxkbcommon</pkg> to allow logind to control the X11 keymap</flag>
</use> </use>

0
sdk_container/src/third_party/coreos-overlay/sys-apps/systemd/systemd-247.9.ebuild → sdk_container/src/third_party/coreos-overlay/sys-apps/systemd/systemd-249.3.ebuild vendored
View File

479
sdk_container/src/third_party/coreos-overlay/sys-apps/systemd/systemd-9999.ebuild vendored
View File

@ -1,11 +1,8 @@
# Copyright 2011-2020 Gentoo Authors # Copyright 2011-2021 Gentoo Authors
# Distributed under the terms of the GNU General Public License v2 # Distributed under the terms of the GNU General Public License v2
# Flatcar: Based on systemd-246-r2.ebuild from commit
# 4bf7b81548f70cbf7ce5ae377e85fd21ae259ce7 in gentoo repo (see
# https://gitweb.gentoo.org/repo/gentoo.git/plain/sys-apps/systemd/systemd-246-r2.ebuild?id=4bf7b81548f70cbf7ce5ae377e85fd21ae259ce7).
EAPI=7 EAPI=7
PYTHON_COMPAT=( python3_{8..10} )
if [[ ${PV} == 9999 ]]; then if [[ ${PV} == 9999 ]]; then
EGIT_REPO_URI="https://github.com/systemd/systemd.git" EGIT_REPO_URI="https://github.com/systemd/systemd.git"
@ -20,27 +17,22 @@ else
MY_P=${MY_PN}-${MY_PV} MY_P=${MY_PN}-${MY_PV}
S=${WORKDIR}/${MY_P} S=${WORKDIR}/${MY_P}
SRC_URI="https://github.com/systemd/${MY_PN}/archive/v${MY_PV}/${MY_P}.tar.gz" SRC_URI="https://github.com/systemd/${MY_PN}/archive/v${MY_PV}/${MY_P}.tar.gz"
KEYWORDS="~alpha amd64 arm arm64 ~hppa ~ia64 ~mips ppc ppc64 sparc x86" KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~mips ~ppc ~ppc64 ~riscv ~sparc ~x86"
fi fi
# Flatcar: We still have python 3.5, and have no python3.8 yet. inherit bash-completion-r1 linux-info meson-multilib pam python-any-r1 systemd toolchain-funcs udev usr-ldscript
PYTHON_COMPAT=( python3_{5,6,7} )
inherit bash-completion-r1 linux-info meson multilib-minimal ninja-utils pam python-any-r1 systemd toolchain-funcs udev user
DESCRIPTION="System and service manager for Linux" DESCRIPTION="System and service manager for Linux"
HOMEPAGE="https://www.freedesktop.org/wiki/Software/systemd" HOMEPAGE="https://www.freedesktop.org/wiki/Software/systemd"
LICENSE="GPL-2 LGPL-2.1 MIT public-domain" LICENSE="GPL-2 LGPL-2.1 MIT public-domain"
SLOT="0/2" SLOT="0/2"
# Flatcar: Dropped cgroup-hybrid. We use legacy hierarchy by default IUSE="acl apparmor audit build cgroup-hybrid cryptsetup curl dns-over-tls elfutils +gcrypt gnuefi homed http +hwdb idn importd +kmod +lz4 lzma nat pam pcre pkcs11 policykit pwquality qrcode repart +resolvconf +seccomp selinux split-usr static-libs +sysv-utils test tpm vanilla xkb +zstd"
# to keep docker working. Dropped static-libs, we don't care about
# static libraries.
IUSE="acl apparmor audit build cryptsetup curl dns-over-tls elfutils +gcrypt gnuefi homed http +hwdb idn importd +kmod +lz4 lzma nat pam pcre pkcs11 policykit pwquality qrcode repart +resolvconf +seccomp selinux +split-usr ssl +sysv-utils test vanilla xkb +zstd"
REQUIRED_USE=" REQUIRED_USE="
homed? ( cryptsetup ) homed? ( cryptsetup pam )
importd? ( curl gcrypt lzma ) importd? ( curl gcrypt lzma )
pwquality? ( homed )
" "
RESTRICT="!test? ( test )" RESTRICT="!test? ( test )"
@ -50,6 +42,7 @@ OPENSSL_DEP=">=dev-libs/openssl-1.1.0:0="
COMMON_DEPEND=">=sys-apps/util-linux-2.30:0=[${MULTILIB_USEDEP}] COMMON_DEPEND=">=sys-apps/util-linux-2.30:0=[${MULTILIB_USEDEP}]
sys-libs/libcap:0=[${MULTILIB_USEDEP}] sys-libs/libcap:0=[${MULTILIB_USEDEP}]
virtual/libcrypt:=[${MULTILIB_USEDEP}]
acl? ( sys-apps/acl:0= ) acl? ( sys-apps/acl:0= )
apparmor? ( sys-libs/libapparmor:0= ) apparmor? ( sys-libs/libapparmor:0= )
audit? ( >=sys-process/audit-2:0= ) audit? ( >=sys-process/audit-2:0= )
@ -60,8 +53,8 @@ COMMON_DEPEND=">=sys-apps/util-linux-2.30:0=[${MULTILIB_USEDEP}]
gcrypt? ( >=dev-libs/libgcrypt-1.4.5:0=[${MULTILIB_USEDEP}] ) gcrypt? ( >=dev-libs/libgcrypt-1.4.5:0=[${MULTILIB_USEDEP}] )
homed? ( ${OPENSSL_DEP} ) homed? ( ${OPENSSL_DEP} )
http? ( http? (
>=net-libs/libmicrohttpd-0.9.33:0= >=net-libs/libmicrohttpd-0.9.33:0=[epoll(+)]
ssl? ( >=net-libs/gnutls-3.1.4:0= ) >=net-libs/gnutls-3.1.4:0=
) )
idn? ( net-dns/libidn2:= ) idn? ( net-dns/libidn2:= )
importd? ( importd? (
@ -69,7 +62,7 @@ COMMON_DEPEND=">=sys-apps/util-linux-2.30:0=[${MULTILIB_USEDEP}]
sys-libs/zlib:0= sys-libs/zlib:0=
) )
kmod? ( >=sys-apps/kmod-15:0= ) kmod? ( >=sys-apps/kmod-15:0= )
lz4? ( >=app-arch/lz4-1.9.3-r1:0=[${MULTILIB_USEDEP}] ) lz4? ( >=app-arch/lz4-0_p131:0=[${MULTILIB_USEDEP}] )
lzma? ( >=app-arch/xz-utils-5.0.5-r1:0=[${MULTILIB_USEDEP}] ) lzma? ( >=app-arch/xz-utils-5.0.5-r1:0=[${MULTILIB_USEDEP}] )
nat? ( net-firewall/iptables:0= ) nat? ( net-firewall/iptables:0= )
pam? ( sys-libs/pam:=[${MULTILIB_USEDEP}] ) pam? ( sys-libs/pam:=[${MULTILIB_USEDEP}] )
@ -80,12 +73,51 @@ COMMON_DEPEND=">=sys-apps/util-linux-2.30:0=[${MULTILIB_USEDEP}]
repart? ( ${OPENSSL_DEP} ) repart? ( ${OPENSSL_DEP} )
seccomp? ( >=sys-libs/libseccomp-2.3.3:0= ) seccomp? ( >=sys-libs/libseccomp-2.3.3:0= )
selinux? ( sys-libs/libselinux:0= ) selinux? ( sys-libs/libselinux:0= )
tpm? ( app-crypt/tpm2-tss:0= )
xkb? ( >=x11-libs/libxkbcommon-0.4.1:0= ) xkb? ( >=x11-libs/libxkbcommon-0.4.1:0= )
zstd? ( >=app-arch/zstd-1.4.0:0=[${MULTILIB_USEDEP}] ) zstd? ( >=app-arch/zstd-1.4.0:0=[${MULTILIB_USEDEP}] )
" "
# Newer linux-headers needed by ia64, bug #480218
DEPEND="${COMMON_DEPEND}
>=sys-kernel/linux-headers-${MINKV}
gnuefi? ( >=sys-boot/gnu-efi-3.0.2 )
"
# baselayout-2.2 has /run
RDEPEND="${COMMON_DEPEND} RDEPEND="${COMMON_DEPEND}
sysv-utils? ( !sys-apps/sysvinit ) >=acct-group/adm-0-r1
>=acct-group/wheel-0-r1
>=acct-group/kmem-0-r1
>=acct-group/tty-0-r1
>=acct-group/utmp-0-r1
>=acct-group/audio-0-r1
>=acct-group/cdrom-0-r1
>=acct-group/dialout-0-r1
>=acct-group/disk-0-r1
>=acct-group/input-0-r1
>=acct-group/kvm-0-r1
>=acct-group/lp-0-r1
>=acct-group/render-0-r1
acct-group/sgx
>=acct-group/tape-0-r1
acct-group/users
>=acct-group/video-0-r1
>=acct-group/systemd-journal-0-r1
>=acct-user/root-0-r1
acct-user/nobody
>=acct-user/systemd-journal-remote-0-r1
>=acct-user/systemd-coredump-0-r1
>=acct-user/systemd-network-0-r1
acct-user/systemd-oom
>=acct-user/systemd-resolve-0-r1
>=acct-user/systemd-timesync-0-r1
>=sys-apps/baselayout-2.2
selinux? ( sec-policy/selinux-base-policy[systemd] )
sysv-utils? (
!sys-apps/openrc[sysv-utils(-)]
!sys-apps/sysvinit
)
!sysv-utils? ( sys-apps/sysvinit ) !sysv-utils? ( sys-apps/sysvinit )
resolvconf? ( !net-dns/openresolv ) resolvconf? ( !net-dns/openresolv )
!build? ( || ( !build? ( || (
@ -95,13 +127,13 @@ RDEPEND="${COMMON_DEPEND}
) ) ) )
!sys-auth/nss-myhostname !sys-auth/nss-myhostname
!sys-fs/eudev !sys-fs/eudev
!sys-fs/udev
" "
# sys-apps/dbus: the daemon only (+ build-time lib dep for tests) # sys-apps/dbus: the daemon only (+ build-time lib dep for tests)
#
# Flatcar: We don't have sys-fs/udev-init-scripts-25, so it's dropped.
PDEPEND=">=sys-apps/dbus-1.9.8[systemd] PDEPEND=">=sys-apps/dbus-1.9.8[systemd]
hwdb? ( >=sys-apps/hwids-20150417[udev] ) hwdb? ( sys-apps/hwids[systemd(+),udev] )
>=sys-fs/udev-init-scripts-34
policykit? ( sys-auth/polkit ) policykit? ( sys-auth/polkit )
!vanilla? ( sys-apps/gentoo-systemd-integration )" !vanilla? ( sys-apps/gentoo-systemd-integration )"
@ -109,22 +141,30 @@ BDEPEND="
app-arch/xz-utils:0 app-arch/xz-utils:0
dev-util/gperf dev-util/gperf
>=dev-util/meson-0.46 >=dev-util/meson-0.46
>=dev-util/intltool-0.50
>=sys-apps/coreutils-8.16 >=sys-apps/coreutils-8.16
sys-devel/m4 sys-devel/gettext
virtual/pkgconfig virtual/pkgconfig
test? ( sys-apps/dbus ) test? (
app-text/tree
dev-lang/perl
sys-apps/dbus
)
app-text/docbook-xml-dtd:4.2 app-text/docbook-xml-dtd:4.2
app-text/docbook-xml-dtd:4.5 app-text/docbook-xml-dtd:4.5
app-text/docbook-xsl-stylesheets app-text/docbook-xsl-stylesheets
dev-libs/libxslt:0 dev-libs/libxslt:0
$(python_gen_any_dep 'dev-python/jinja[${PYTHON_USEDEP}]')
$(python_gen_any_dep 'dev-python/lxml[${PYTHON_USEDEP}]') $(python_gen_any_dep 'dev-python/lxml[${PYTHON_USEDEP}]')
" "
python_check_deps() { python_check_deps() {
has_version -b "dev-python/jinja[${PYTHON_USEDEP}]" &&
has_version -b "dev-python/lxml[${PYTHON_USEDEP}]" has_version -b "dev-python/lxml[${PYTHON_USEDEP}]"
} }
QA_FLAGS_IGNORED="usr/lib/systemd/boot/efi/.*"
QA_EXECSTACK="usr/lib/systemd/boot/efi/*"
pkg_pretend() { pkg_pretend() {
if [[ ${MERGE_TYPE} != buildonly ]]; then if [[ ${MERGE_TYPE} != buildonly ]]; then
if use test && has pid-sandbox ${FEATURES}; then if use test && has pid-sandbox ${FEATURES}; then
@ -182,25 +222,15 @@ src_prepare() {
# Add local patches here # Add local patches here
PATCHES+=( PATCHES+=(
# Flatcar: Adding our own patches here.
"${FILESDIR}/0004-wait-online-set-any-by-default.patch"
"${FILESDIR}/0005-networkd-default-to-kernel-IPForwarding-setting.patch"
"${FILESDIR}/0006-needs-update-don-t-require-strictly-newer-usr.patch"
"${FILESDIR}/0007-core-use-max-for-DefaultTasksMax.patch"
"${FILESDIR}/0008-systemd-Disable-SELinux-permissions-checks.patch"
) )
# Flatcar: We carry our own patches, we don't use the ones if ! use vanilla; then
# from Gentoo. Thus we dropped the `if ! use vanilla` code PATCHES+=(
# here. "${FILESDIR}/gentoo-generator-path-r2.patch"
"${FILESDIR}/gentoo-systemctl-disable-sysv-sync-r1.patch"
# Flatcar: The Kubelet takes /etc/resolv.conf for, e.g., CoreDNS which has dnsPolicy "default", but unless "${FILESDIR}/gentoo-journald-audit.patch"
# the kubelet --resolv-conf flag is set to point to /run/systemd/resolve/resolv.conf this won't work with )
# /etc/resolv.conf pointing to /run/systemd/resolve/stub-resolv.conf which configures 127.0.0.53. fi
# See https://kubernetes.io/docs/tasks/administer-cluster/dns-debugging-resolution/#known-issues
# This means that users who need split DNS to work should point /etc/resolv.conf back to /run/systemd/resolve/stub-resolv.conf
# (and if using K8s configure the kubelet resolvConf variable/--resolv-conf flag to /run/systemd/resolve/resolv.conf).
sed -i -e 's,/run/systemd/resolve/stub-resolv.conf,/run/systemd/resolve/resolv.conf,' tmpfiles.d/etc.conf.m4 || die
default default
} }
@ -214,165 +244,98 @@ src_configure() {
multilib-minimal_src_configure multilib-minimal_src_configure
} }
meson_use() {
usex "$1" true false
}
meson_multilib() {
if multilib_is_native_abi; then
echo true
else
echo false
fi
}
meson_multilib_native_use() {
if multilib_is_native_abi && use "$1"; then
echo true
else
echo false
fi
}
multilib_src_configure() { multilib_src_configure() {
local myconf=( local myconf=(
--localstatedir="${EPREFIX}/var" --localstatedir="${EPREFIX}/var"
# Flatcar: Point to our user mailing list. -Dsupport-url="https://gentoo.org/support/"
-Dsupport-url="https://groups.google.com/forum/#!forum/flatcar-linux-user"
-Dpamlibdir="$(getpam_mod_dir)" -Dpamlibdir="$(getpam_mod_dir)"
# avoid bash-completion dep # avoid bash-completion dep
-Dbashcompletiondir="$(get_bashcompdir)" -Dbashcompletiondir="$(get_bashcompdir)"
# make sure we get /bin:/sbin in PATH # make sure we get /bin:/sbin in PATH
-Dsplit-usr=$(usex split-usr true false) $(meson_use split-usr)
-Dsplit-bin=true -Dsplit-bin=true
-Drootprefix="$(usex split-usr "${EPREFIX:-/}" "${EPREFIX}/usr")" -Drootprefix="$(usex split-usr "${EPREFIX:-/}" "${EPREFIX}/usr")"
-Drootlibdir="${EPREFIX}/usr/$(get_libdir)" -Drootlibdir="${EPREFIX}/usr/$(get_libdir)"
# Avoid infinite exec recursion, bug 642724 # Avoid infinite exec recursion, bug 642724
-Dtelinit-path="${EPREFIX}/lib/sysvinit/telinit" -Dtelinit-path="${EPREFIX}/lib/sysvinit/telinit"
# no deps # no deps
#
# Flatcar: TODO: We have no clue why this was dropped
# from upstream, so we keep it until we understand
# more.
-Defi=$(meson_multilib)
-Dima=true -Dima=true
# Flatcar: Use unified hierarchy now that docker-20.10 is available -Ddefault-hierarchy=$(usex cgroup-hybrid hybrid unified)
-Ddefault-hierarchy=unified
# Optional components/dependencies # Optional components/dependencies
-Dacl=$(meson_multilib_native_use acl) $(meson_native_use_bool acl)
-Dapparmor=$(meson_multilib_native_use apparmor) $(meson_native_use_bool apparmor)
-Daudit=$(meson_multilib_native_use audit) $(meson_native_use_bool audit)
-Dlibcryptsetup=$(meson_multilib_native_use cryptsetup) $(meson_native_use_bool cryptsetup libcryptsetup)
-Dlibcurl=$(meson_multilib_native_use curl) $(meson_native_use_bool curl libcurl)
-Delfutils=$(meson_multilib_native_use elfutils) $(meson_native_use_bool dns-over-tls dns-over-tls)
-Dgcrypt=$(meson_use gcrypt) $(meson_native_use_bool elfutils)
-Dgnu-efi=$(meson_multilib_native_use gnuefi) $(meson_use gcrypt)
$(meson_native_use_bool gnuefi gnu-efi)
-Defi-includedir="${ESYSROOT}/usr/include/efi"
-Defi-ld="$(tc-getLD)"
-Defi-libdir="${ESYSROOT}/usr/$(get_libdir)" -Defi-libdir="${ESYSROOT}/usr/$(get_libdir)"
-Dhomed=$(meson_multilib_native_use homed) $(meson_native_use_bool homed)
-Dhwdb=$(meson_multilib_native_use hwdb) $(meson_native_use_bool hwdb)
-Dmicrohttpd=$(meson_multilib_native_use http) $(meson_native_use_bool http microhttpd)
-Didn=$(meson_multilib_native_use idn) $(meson_native_use_bool idn)
-Dimportd=$(meson_multilib_native_use importd) $(meson_native_use_bool importd)
-Dbzip2=$(meson_multilib_native_use importd) $(meson_native_use_bool importd bzip2)
-Dzlib=$(meson_multilib_native_use importd) $(meson_native_use_bool importd zlib)
-Dkmod=$(meson_multilib_native_use kmod) $(meson_native_use_bool kmod)
-Dlz4=$(meson_use lz4) $(meson_use lz4)
-Dxz=$(meson_use lzma) $(meson_use lzma xz)
-Dzstd=$(meson_use zstd) $(meson_use zstd)
-Dlibiptc=$(meson_multilib_native_use nat) $(meson_native_use_bool nat libiptc)
-Dpam=$(meson_use pam) $(meson_use pam)
-Dp11kit=$(meson_multilib_native_use pkcs11) $(meson_native_use_bool pkcs11 p11kit)
-Dpcre2=$(meson_multilib_native_use pcre) $(meson_native_use_bool pcre pcre2)
-Dpolkit=$(meson_multilib_native_use policykit) $(meson_native_use_bool policykit polkit)
-Dpwquality=$(meson_multilib_native_use pwquality) $(meson_native_use_bool pwquality)
-Dqrencode=$(meson_multilib_native_use qrcode) $(meson_native_use_bool qrcode qrencode)
-Drepart=$(meson_multilib_native_use repart) $(meson_native_use_bool repart)
-Dseccomp=$(meson_multilib_native_use seccomp) $(meson_native_use_bool seccomp)
-Dselinux=$(meson_multilib_native_use selinux) $(meson_native_use_bool selinux)
-Ddbus=$(meson_multilib_native_use test) $(meson_native_use_bool tpm tpm2)
-Dxkbcommon=$(meson_multilib_native_use xkb) $(meson_native_use_bool test dbus)
# Flatcar: Use our ntp servers. $(meson_native_use_bool xkb xkbcommon)
-Dntp-servers="0.flatcar.pool.ntp.org 1.flatcar.pool.ntp.org 2.flatcar.pool.ntp.org 3.flatcar.pool.ntp.org" -Dntp-servers="0.gentoo.pool.ntp.org 1.gentoo.pool.ntp.org 2.gentoo.pool.ntp.org 3.gentoo.pool.ntp.org"
# Breaks screen, tmux, etc. # Breaks screen, tmux, etc.
-Ddefault-kill-user-processes=false -Ddefault-kill-user-processes=false
# Flatcar: TODO: Investigate if we want this.
-Dcreate-log-dirs=false -Dcreate-log-dirs=false
# multilib options # multilib options
-Dbacklight=$(meson_multilib) $(meson_native_true backlight)
-Dbinfmt=$(meson_multilib) $(meson_native_true binfmt)
-Dcoredump=$(meson_multilib) $(meson_native_true coredump)
-Denvironment-d=$(meson_multilib) $(meson_native_true environment-d)
-Dfirstboot=$(meson_multilib) $(meson_native_true firstboot)
-Dhibernate=$(meson_multilib) $(meson_native_true hibernate)
-Dhostnamed=$(meson_multilib) $(meson_native_true hostnamed)
-Dldconfig=$(meson_multilib) $(meson_native_true ldconfig)
-Dlocaled=$(meson_multilib) $(meson_native_true localed)
-Dman=$(meson_multilib) $(meson_native_true man)
-Dnetworkd=$(meson_multilib) $(meson_native_true networkd)
-Dquotacheck=$(meson_multilib) $(meson_native_true quotacheck)
-Drandomseed=$(meson_multilib) $(meson_native_true randomseed)
-Drfkill=$(meson_multilib) $(meson_native_true rfkill)
-Dsysusers=$(meson_multilib) $(meson_native_true sysusers)
-Dtimedated=$(meson_multilib) $(meson_native_true timedated)
-Dtimesyncd=$(meson_multilib) $(meson_native_true timesyncd)
-Dtmpfiles=$(meson_multilib) $(meson_native_true tmpfiles)
-Dvconsole=$(meson_multilib) $(meson_native_true vconsole)
# Flatcar: Specify this, or meson breaks due to no # static-libs
# /etc/login.defs. $(meson_use static-libs static-libudev)
-Dsystem-gid-max=999
-Dsystem-uid-max=999
# Flatcar: DBus paths.
-Ddbussessionservicedir="${EPREFIX}/usr/share/dbus-1/services"
-Ddbussystemservicedir="${EPREFIX}/usr/share/dbus-1/system-services"
# Flatcar: PAM config directory.
-Dpamconfdir=/usr/share/pam.d
# Flatcar: The CoreOS epoch, Mon Jul 1 00:00:00 UTC
# 2013. Used by timesyncd as a sanity check for the
# minimum acceptable time. Explicitly set to avoid
# using the current build time.
-Dtime-epoch=1372636800
# Flatcar: No default name servers.
-Ddns-servers=
# Flatcar: Disable the "First Boot Wizard", it isn't
# very applicable to us.
-Dfirstboot=false
# Flatcar: Set latest network interface naming scheme
# for
# https://github.com/flatcar-linux/Flatcar/issues/36
-Ddefault-net-naming-scheme=latest
# Flatcar: Unported options, still needed?
-Defi-cc="$(tc-getCC)"
-Dquotaon-path=/usr/sbin/quotaon
-Dquotacheck-path=/usr/sbin/quotacheck
# Flatcar: No static libs.
) )
meson_src_configure "${myconf[@]}" meson_src_configure "${myconf[@]}"
} }
multilib_src_compile() {
eninja
}
multilib_src_test() { multilib_src_test() {
unset DBUS_SESSION_BUS_ADDRESS XDG_RUNTIME_DIR unset DBUS_SESSION_BUS_ADDRESS XDG_RUNTIME_DIR
meson_src_test meson_src_test
} }
multilib_src_install() {
DESTDIR="${D}" eninja install
}
multilib_src_install_all() { multilib_src_install_all() {
local rootprefix=$(usex split-usr '' /usr) local rootprefix=$(usex split-usr '' /usr)
@ -380,8 +343,7 @@ multilib_src_install_all() {
mv "${ED}"/usr/share/doc/{systemd,${PF}} || die mv "${ED}"/usr/share/doc/{systemd,${PF}} || die
einstalldocs einstalldocs
# Flatcar: Do not install sample nsswitch.conf, we don't dodoc "${FILESDIR}"/nsswitch.conf
# provide it.
if ! use resolvconf; then if ! use resolvconf; then
rm -f "${ED}${rootprefix}"/sbin/resolvconf || die rm -f "${ED}${rootprefix}"/sbin/resolvconf || die
@ -400,11 +362,31 @@ multilib_src_install_all() {
rmdir "${ED}${rootprefix}"/sbin || die rmdir "${ED}${rootprefix}"/sbin || die
fi fi
# Flatcar: Upstream uses keepdir commands to keep some empty # https://bugs.gentoo.org/761763
# directories. rm -r "${ED}"/usr/lib/sysusers.d || die
#
# Flatcar: TODO: Consider using that instead of # Preserve empty dirs in /etc & /var, bug #437008
# systemd_dotmpfilesd "${FILESDIR}"/systemd-flatcar.conf below. keepdir /etc/{binfmt.d,modules-load.d,tmpfiles.d}
keepdir /etc/kernel/install.d
keepdir /etc/systemd/{network,system,user}
keepdir /etc/udev/rules.d
if use hwdb; then
keepdir /etc/udev/hwdb.d
fi
keepdir "${rootprefix}"/lib/systemd/{system-sleep,system-shutdown}
keepdir /usr/lib/{binfmt.d,modules-load.d}
keepdir /usr/lib/systemd/user-generators
keepdir /var/lib/systemd
keepdir /var/log/journal
# Symlink /etc/sysctl.conf for easy migration.
dosym ../sysctl.conf /etc/sysctl.d/99-sysctl.conf
if use pam; then
newpamd "${FILESDIR}"/systemd-user.pam systemd-user
fi
if use hwdb; then if use hwdb; then
rm -r "${ED}${rootprefix}"/lib/udev/hwdb.d || die rm -r "${ED}${rootprefix}"/lib/udev/hwdb.d || die
@ -416,100 +398,7 @@ multilib_src_install_all() {
dosym ../../../lib/systemd/systemd-shutdown /usr/lib/systemd/systemd-shutdown dosym ../../../lib/systemd/systemd-shutdown /usr/lib/systemd/systemd-shutdown
fi fi
# Flatcar: Ensure journal directory has correct ownership/mode gen_usr_ldscript -a systemd udev
# in inital image. This is fixed by systemd-tmpfiles *but*
# journald starts before that and will create the journal if
# the filesystem is already read-write. Conveniently the
# systemd Makefile sets this up completely wrong.
#
# Flatcar: TODO: Is this still a problem?
dodir /var/log/journal
fowners root:systemd-journal /var/log/journal
fperms 2755 /var/log/journal
# Flatcar: Don't prune systemd dirs.
#
# Flatcar: TODO: Upstream probably fixed it in different way -
# it's using some keepdir commands.
systemd_dotmpfilesd "${FILESDIR}"/systemd-flatcar.conf
# Flatcar: Add tmpfiles rule for resolv.conf. This path has
# changed after v213 so it must be handled here instead of
# baselayout now.
systemd_dotmpfilesd "${FILESDIR}"/systemd-resolv.conf
# Flatcar: Don't default to graphical.target.
local unitdir=$(builddir_systemd_get_systemunitdir)
dosym multi-user.target "${unitdir}"/default.target
# Flatcar: Don't set any extra environment variables by default.
rm "${ED}/usr/lib/environment.d/99-environment.conf" || die
# Flatcar: These lines more or less follow the systemd's
# preset file (90-systemd.preset). We do it that way, to avoid
# putting symlink in /etc. Please keep the lines in the same
# order as the "enable" lines appear in the preset file.
builddir_systemd_enable_service multi-user.target remote-fs.target
builddir_systemd_enable_service multi-user.target remote-cryptsetup.target
builddir_systemd_enable_service multi-user.target machines.target
# Flatcar: getty@.service is enabled manually below.
builddir_systemd_enable_service sysinit.target systemd-timesyncd.service
builddir_systemd_enable_service multi-user.target systemd-networkd.service
# Flatcar: For systemd-networkd.service, it has it in Also, which also
# needs to be enabled
builddir_systemd_enable_service sockets.target systemd-networkd.socket
# Flatcar: For systemd-networkd.service, it has it in Also, which also
# needs to be enabled
builddir_systemd_enable_service network-online.target systemd-networkd-wait-online.service
builddir_systemd_enable_service multi-user.target systemd-resolved.service
if use homed; then
builddir_systemd_enable_service multi-user.target systemd-homed.target
# Flatcar: systemd-homed.target has
# Also=systemd-userdbd.service, but the service has no
# WantedBy entry. It's likely going to be executed through
# systemd-userdbd.socket, which is enabled in upstream's
# presets file.
builddir_systemd_enable_service sockets.target systemd-userdbd.socket
fi
builddir_systemd_enable_service sysinit.target systemd-pstore.service
# Flatcar: not enabling reboot.target - it has no WantedBy
# entry.
# Flatcar: Enable getty manually.
dodir "${unitdir}/getty.target.wants"
dosym ../getty@.service "${unitdir}/getty.target.wants/getty@tty1.service"
# Flatcar: Use an empty preset file, because systemctl
# preset-all puts symlinks in /etc, not in /usr. We don't use
# /etc, because it is not autoupdated. We do the "preset" above.
rm "${ED}$(usex split-usr '' /usr)/lib/systemd/system-preset/90-systemd.preset" || die
insinto $(usex split-usr '' /usr)/lib/systemd/system-preset
doins "${FILESDIR}"/99-default.preset
# Flatcar: Do not ship distro-specific files (nsswitch.conf
# pam.d). This conflicts with our own configuration provided
# by baselayout.
rm -rf "${ED}"/usr/share/factory
sed -i "${ED}"/usr/lib/tmpfiles.d/etc.conf \
-e '/^C!* \/etc\/nsswitch\.conf/d' \
-e '/^C!* \/etc\/pam\.d/d' \
-e '/^C!* \/etc\/issue/d'
# Flatcar: gen_usr_ldscript is likely for static libs, so we
# dropped it.
}
builddir_systemd_enable_service() {
(
export SYSROOT="${ED}"
systemd_enable_service "$@"
)
}
builddir_systemd_get_systemunitdir() {
(
export SYSROOT="${ED}"
systemd_get_systemunitdir
)
} }
migrate_locale() { migrate_locale() {
@ -556,15 +445,7 @@ migrate_locale() {
fi fi
} }
# Flatcar: save_enabled_units function is dropped, because it's
# unused. When building releases, we assume that there was no systemd
# previously, so there are no units to remember.
pkg_preinst() { pkg_preinst() {
# Flatcar: When building releases, we assume that there was no
# systemd previously, so there are no units to remember, so
# there is no point in calling save_enabled_units.
if ! use split-usr; then if ! use split-usr; then
local dir local dir
for dir in bin sbin lib; do for dir in bin sbin lib; do
@ -583,47 +464,27 @@ pkg_preinst() {
} }
pkg_postinst() { pkg_postinst() {
newusergroup() {
enewgroup "$1"
enewuser "$1" -1 -1 -1 "$1"
}
enewgroup input
enewgroup kvm 78
enewgroup render 30
enewgroup systemd-journal
newusergroup systemd-coredump
newusergroup systemd-journal-remote
newusergroup systemd-network
newusergroup systemd-resolve
newusergroup systemd-timesync
newusergroup systemd-oom
systemd_update_catalog systemd_update_catalog
# Keep this here in case the database format changes so it gets updated # Keep this here in case the database format changes so it gets updated
# when required. Despite that this file is owned by sys-apps/hwids. # when required.
if has_version "sys-apps/hwids[udev]"; then if use hwdb; then
udevadm hwdb --update --root="${EROOT}" systemd-hwdb --root="${ROOT}" update
fi fi
udev_reload || FAIL=1 udev_reload || FAIL=1
# Bug 465468, make sure locales are respect, and ensure consistency # Bug 465468, make sure locales are respected, and ensure consistency
# between OpenRC & systemd # between OpenRC & systemd
migrate_locale migrate_locale
# Flatcar: Dropping the reenabling, since there earlier there if [[ -z ${REPLACING_VERSIONS} ]]; then
# was no systemd (we are building the release from scratch if type systemctl &>/dev/null; then
# here). The function checks if the unit is enabled before systemctl --root="${ROOT:-/}" enable getty@.service remote-fs.target || FAIL=1
# running reenable, which in our case results in no action at fi
# all (because no service is enabled). elog "To enable a useful set of services, run the following:"
elog " systemctl preset-all --preset-mode=enable-only"
# Flatcar: Dropping handling of ENABLED_UNITS. fi
# Flatcar: We enable getty and remote-fs targets in /usr
# ourselves above.
if [[ -L ${EROOT}/var/lib/systemd/timesync ]]; then if [[ -L ${EROOT}/var/lib/systemd/timesync ]]; then
rm "${EROOT}/var/lib/systemd/timesync" rm "${EROOT}/var/lib/systemd/timesync"