dcavalca / rpms / systemd

Forked from rpms/systemd 3 months ago
Clone
167d2b
#global commit c4b843473a75fb38ed5bf54e9d3cfb1cb3719efa
d0811f
%{?commit:%global shortcommit %(c=%{commit}; echo ${c:0:7})}
d0811f
d0811f
# We ship a .pc file but don't want to have a dep on pkg-config. We
d0811f
# strip the automatically generated dep here and instead co-own the
d0811f
# directory.
d0811f
%global __requires_exclude pkg-config
d0811f
d0811f
%global pkgdir %{_prefix}/lib/systemd
d0811f
%global system_unit_dir %{pkgdir}/system
d0811f
%global user_unit_dir %{pkgdir}/user
d0811f
ae4880
%if 0%{?__isa_bits} == 64
ae4880
%global elf_bits (64bit)
ae4880
%global elf_suffix ()%{elf_bits}
ae4880
%endif
ae4880
f2f90a
%bcond bzip2  1
f2f90a
%bcond gnutls 1
f2f90a
%bcond lz4    1
f2f90a
%bcond xz     1
f2f90a
%bcond zlib   1
f2f90a
%bcond zstd   1
f2f90a
9e3166
# Bootstrap may be needed to break circular dependencies with cryptsetup,
9e3166
# e.g. when re-building cryptsetup on a json-c SONAME-bump.
f2f90a
%bcond bootstrap 0
f2f90a
%bcond tests     1
f2f90a
%bcond lto       1
ae4880
f2f90a
# Build from git main
f2f90a
%bcond upstream 0
ae4880
d0811f
Name:           systemd
7172f2
Url:            https://pagure.io/centos-sig-hyperscale/systemd
151c7e
# Allow users to specify the version and release when building the rpm by
151c7e
# setting the %version_override and %release_override macros.
151c7e
Version:        %{?version_override}%{!?version_override:255.3}
04d2d2
Release:        %{?release_override:%{release_override}%{?dist}}%{!?release_override:%autorelease}
8c1b90
8c1b90
%global stable %(c="%version"; [ "$c" = "${c#*.*}" ]; echo $?)
9e3166
d0811f
# For a breakdown of the licensing, see README
8c1b90
License:        LGPL-2.1-or-later AND MIT AND GPL-2.0-or-later
d0811f
Summary:        System and Service Manager
d0811f
d0811f
# download tarballs with "spectool -g systemd.spec"
9a56f7
%if %{defined commit}
9a56f7
Source0:        https://github.com/systemd/systemd%{?stable:-stable}/archive/%{commit}/%{name}-%{shortcommit}.tar.gz
9a56f7
%elif 0%{?facebook}
9a56f7
Source0:        %{url}/archive/60ba4f39786d86e81142ac863fc09674182a816a/%{name}-hs+fb-%{version}.tar.gz
9a56f7
%else
9a56f7
Source0:        %{url}/archive/60ba4f39786d86e81142ac863fc09674182a816a/%{name}-hs-%{version}.tar.gz
9a56f7
%endif
d0811f
# This file must be available before %%prep.
d0811f
# It is generated during systemd build and can be found in build/src/core/.
d0811f
Source1:        triggers.systemd
d0811f
Source2:        split-files.py
d0811f
Source3:        purge-nobody-user
d0811f
d0811f
# Prevent accidental removal of the systemd package
d0811f
Source4:        yum-protect-systemd.conf
d0811f
09f814
Source5:        inittab
09f814
Source6:        sysctl.conf.README
09f814
Source7:        systemd-journal-remote.xml
09f814
Source8:        systemd-journal-gatewayd.xml
d0811f
Source9:        20-yama-ptrace.conf
d0811f
Source10:       systemd-udev-trigger-no-reload.conf
f2f90a
# https://fedoraproject.org/wiki/How_to_filter_libabigail_reports
f2f90a
Source13:       .abignore
d0811f
04a488
Source14:       10-oomd-defaults.conf
09f814
Source15:       10-oomd-per-slice-defaults.conf
f2f90a
Source16:       10-timeout-abort.conf
8c1b90
Source17:       10-map-count.conf
04a488
d0811f
Source21:       macros.sysusers
d0811f
Source22:       sysusers.attr
d0811f
Source23:       sysusers.prov
d0811f
Source24:       sysusers.generate-pre.sh
d0811f
8c1b90
Source25:       98-default-mac-none.link
8c1b90
7172f2
# Needed for selinux subpackage
7172f2
Source100:      Makefile.selinux
7172f2
Source101:      systemd_hs.te
7172f2
Source102:      systemd_hs.if
10eaf0
Source103:      systemd_hs.fc
7172f2
d0811f
%if 0
d0811f
GIT_DIR=../../src/systemd/.git git format-patch-ab --no-signature -M -N v235..v235-stable
d0811f
i=1; for j in 00*patch; do printf "Patch%04d:      %s\n" $i $j; i=$((i+1));done|xclip
9e3166
GIT_DIR=../../src/systemd/.git git diffab -M v233..master@{2017-06-15} -- hwdb/[67]* hwdb/parse_hwdb.py >hwdb.patch
d0811f
%endif
d0811f
505ca8
# Backports of patches from upstream (0000–0499)
167d2b
#
d2f4df
# Any patches which are "in preparation" upstream should be listed here, rather
d2f4df
# than in the next section. Packit CI will drop any patches in this range before
d2f4df
# applying upstream pull requests.
d2f4df
f2f90a
%if %{without upstream}
f2f90a
f2f90a
# Work-around for dracut issue: run generators directly when we are in initrd
8c1b90
# https://bugzilla.redhat.com/show_bug.cgi?id=2164404
f2f90a
# Drop when dracut-060 is available.
8c1b90
Patch0001:      https://github.com/systemd/systemd/pull/26494.patch
d0811f
f2f90a
d2f4df
# Those are downstream-only patches, but we don't want them in packit builds:
f2f90a
# https://bugzilla.redhat.com/show_bug.cgi?id=2251843
f2f90a
Patch0491:      https://github.com/systemd/systemd/pull/30846.patch
167d2b
09f814
# Adjust upstream config to use our shared stack
f2f90a
Patch0499:      fedora-use-system-auth-in-pam-systemd-user.patch
f2f90a
f2f90a
%endif
d0811f
d0811f
%ifarch %{ix86} x86_64 aarch64
f2f90a
%global want_bootloader 1
d0811f
%endif
d0811f
d0811f
BuildRequires:  gcc
d0811f
BuildRequires:  gcc-c++
9e3166
BuildRequires:  clang
d0811f
BuildRequires:  coreutils
d0811f
BuildRequires:  libcap-devel
d0811f
BuildRequires:  libmount-devel
9e3166
BuildRequires:  libfdisk-devel
d0811f
BuildRequires:  libpwquality-devel
d0811f
BuildRequires:  pam-devel
d0811f
BuildRequires:  libselinux-devel
d0811f
BuildRequires:  audit-libs-devel
d0811f
%if %{without bootstrap}
d0811f
BuildRequires:  cryptsetup-devel
d0811f
%endif
d0811f
BuildRequires:  dbus-devel
f2f90a
BuildRequires:  util-linux
d0811f
# /usr/bin/getfacl is needed by test-acl-util
f2f90a
BuildRequires:  acl
d0811f
BuildRequires:  libacl-devel
d0811f
BuildRequires:  gobject-introspection-devel
d0811f
BuildRequires:  libblkid-devel
f2f90a
%if %{with xz}
d0811f
BuildRequires:  xz-devel
d0811f
BuildRequires:  xz
f2f90a
%endif
f2f90a
%if %{with lz4}
d0811f
BuildRequires:  lz4-devel
d0811f
BuildRequires:  lz4
f2f90a
%endif
f2f90a
%if %{with bzip2}
d0811f
BuildRequires:  bzip2-devel
f2f90a
%endif
f2f90a
%if %{with zstd}
d0811f
BuildRequires:  libzstd-devel
f2f90a
%endif
d0811f
BuildRequires:  libidn2-devel
d0811f
BuildRequires:  libcurl-devel
d0811f
BuildRequires:  kmod-devel
d0811f
BuildRequires:  elfutils-devel
d0811f
BuildRequires:  openssl-devel
f2f90a
%if %{with gnutls}
d0811f
BuildRequires:  gnutls-devel
f2f90a
%endif
8c1b90
%if %{undefined rhel}
09f814
BuildRequires:  qrencode-devel
8c1b90
%endif
d0811f
BuildRequires:  libmicrohttpd-devel
d0811f
BuildRequires:  libxkbcommon-devel
d0811f
BuildRequires:  iptables-devel
09f814
BuildRequires:  pkgconfig(libfido2)
167d2b
BuildRequires:  pkgconfig(tss2-esys)
167d2b
BuildRequires:  pkgconfig(tss2-rc)
167d2b
BuildRequires:  pkgconfig(tss2-mu)
9e3166
BuildRequires:  pkgconfig(libbpf)
ae4880
BuildRequires:  systemtap-sdt-devel
d0811f
BuildRequires:  libxslt
d0811f
BuildRequires:  docbook-style-xsl
d0811f
BuildRequires:  pkgconfig
d0811f
BuildRequires:  gperf
d0811f
BuildRequires:  gawk
d0811f
BuildRequires:  tree
d0811f
BuildRequires:  hostname
09f814
BuildRequires:  python3
8c1b90
BuildRequires:  python3-devel
09f814
BuildRequires:  python3dist(jinja2)
8c1b90
BuildRequires:  python3dist(lxml)
8c1b90
BuildRequires:  python3dist(pefile)
8c1b90
%if %{undefined rhel}
8c1b90
BuildRequires:  python3dist(pillow)
8c1b90
BuildRequires:  python3dist(pytest-flakes)
d0811f
%endif
8c1b90
BuildRequires:  python3dist(pytest)
8c1b90
BuildRequires:  python3dist(zstd)
f2f90a
%if 0%{?want_bootloader}
f2f90a
BuildRequires:  python3dist(pyelftools)
23a125
%endif
8c1b90
# gzip and lzma are provided by the stdlib
8c1b90
BuildRequires:  firewalld-filesystem
d0811f
BuildRequires:  libseccomp-devel
d0811f
BuildRequires:  meson >= 0.43
d0811f
BuildRequires:  gettext
d0811f
# We use RUNNING_ON_VALGRIND in tests, so the headers need to be available
d0811f
BuildRequires:  valgrind-devel
d0811f
BuildRequires:  pkgconfig(bash-completion)
505ca8
BuildRequires:  perl
505ca8
BuildRequires:  perl(IPC::SysV)
f2f90a
f2f90a
%if %{with upstream}
f2f90a
BuildRequires:  pkgconfig(libarchive)
e7b73e
%endif
d0811f
d2f4df
%ifnarch %ix86
d2f4df
# bpftool is not built for i368
d2f4df
BuildRequires:  bpftool
d2f4df
%global have_bpf 1
d2f4df
%endif
d2f4df
8c1b90
%if 0%{?fedora}
8c1b90
%ifarch x86_64 aarch64
Yu Watanabe db600d
%global have_xen 1
8c1b90
# That package is only built for those two architectures
8c1b90
BuildRequires:  xen-devel
8c1b90
%endif
8c1b90
%endif
8c1b90
d0811f
Requires(post): coreutils
d0811f
Requires(post): grep
d0811f
# systemd-machine-id-setup requires libssl
d0811f
Requires(post): openssl-libs
d0811f
Requires:       dbus >= 1.9.18
f2f90a
Requires:       %{name}-pam%{_isa} = %{version}-%{release}
f2f90a
Requires(meta): (%{name}-rpm-macros = %{version}-%{release} if rpm-build)
f2f90a
Requires:       %{name}-libs%{_isa} = %{version}-%{release}
167d2b
%{?fedora:Recommends:     %{name}-networkd = %{version}-%{release}}
ae4880
%{?fedora:Recommends:     %{name}-resolved = %{version}-%{release}}
d0811f
Recommends:     diffutils
ae4880
Requires:       (util-linux-core or util-linux)
09f814
Recommends:     libxkbcommon%{_isa}
d0811f
Provides:       /bin/systemctl
d0811f
Provides:       /sbin/shutdown
d0811f
Provides:       syslog
d0811f
Provides:       systemd-units = %{version}-%{release}
d0811f
Obsoletes:      system-setup-keyboard < 0.9
d0811f
Provides:       system-setup-keyboard = 0.9
d0811f
# systemd-sysv-convert was removed in f20: https://fedorahosted.org/fpc/ticket/308
d0811f
Obsoletes:      systemd-sysv < 206
d0811f
# self-obsoletes so that dnf will install new subpackages on upgrade (#1260394)
ae4880
Obsoletes:      %{name} < 249~~
7172f2
Provides:       systemd-sysv = 206
f2f90a
Conflicts:      initscripts < 9.56.1
d0811f
%if 0%{?fedora}
d0811f
Conflicts:      fedora-release < 23-0.12
d0811f
%endif
f2f90a
# Make sure that dracut supports systemd-executor and the renames done for v255
f2f90a
Conflicts:      dracut < 059-16
f2f90a
d0811f
Obsoletes:      timedatex < 0.6-3
d0811f
Provides:       timedatex = 0.6-3
d2f4df
Conflicts:      %{name}-standalone-tmpfiles < %{version}-%{release}^
d2f4df
Provides:       %{name}-tmpfiles = %{version}-%{release}
d2f4df
Conflicts:      %{name}-standalone-sysusers < %{version}-%{release}^
d2f4df
Provides:       %{name}-sysusers = %{version}-%{release}
8c1b90
Conflicts:      %{name}-standalone-shutdown < %{version}-%{release}^
8c1b90
Provides:       %{name}-shutdown = %{version}-%{release}
505ca8
505ca8
# Recommends to replace normal Requires deps for stuff that is dlopen()ed
ae4880
Recommends:     libidn2.so.0%{?elf_suffix}
ae4880
Recommends:     libidn2.so.0(IDN2_0.0.0)%{?elf_bits}
ae4880
Recommends:     libpcre2-8.so.0%{?elf_suffix}
ae4880
Recommends:     libpwquality.so.1%{?elf_suffix}
ae4880
Recommends:     libpwquality.so.1(LIBPWQUALITY_1.0)%{?elf_bits}
8c1b90
%if %{undefined rhel}
9e3166
Recommends:     libqrencode.so.4%{?elf_suffix}
8c1b90
%endif
f2f90a
Recommends:     libbpf.so.1%{?elf_suffix}
f2f90a
Recommends:     libbpf.so.1(LIBBPF_0.4.0)%{?elf_bits}
7172f2
3d1810
%if 0%{?facebook} == 0
978f82
Requires:       (%{name}-selinux = %{version}-%{release} if selinux-policy)
3d1810
%endif
7172f2
9e3166
# used by systemd-coredump and systemd-analyze
9e3166
Recommends:     libdw.so.1%{?elf_suffix}
9e3166
Recommends:     libdw.so.1(ELFUTILS_0.186)%{?elf_bits}
9e3166
Recommends:     libelf.so.1%{?elf_suffix}
9e3166
Recommends:     libelf.so.1(ELFUTILS_1.7)%{?elf_bits}
9e3166
9e3166
# used by dissect, integritysetup, veritysetyp, growfs, repart, cryptenroll, home
9e3166
Recommends:     libcryptsetup.so.12%{?elf_suffix}
9e3166
Recommends:     libcryptsetup.so.12(CRYPTSETUP_2.4)%{?elf_bits}
9e3166
f2f90a
%if %{with upstream}
f2f90a
Recommends:     libarchive.so.13%{?elf_suffix}
f2f90a
%endif
f2f90a
d0811f
%description
9e3166
systemd is a system and service manager that runs as PID 1 and starts the rest
9e3166
of the system. It provides aggressive parallelization capabilities, uses socket
9e3166
and D-Bus activation for starting services, offers on-demand starting of
9e3166
daemons, keeps track of processes using Linux control groups, maintains mount
9e3166
and automount points, and implements an elaborate transactional dependency-based
9e3166
service control logic. systemd supports SysV and LSB init scripts and works as a
d0811f
replacement for sysvinit. Other parts of this package are a logging daemon,
9e3166
utilities to control basic system configuration like the hostname, date, locale,
9e3166
maintain a list of logged-in users, system accounts, runtime directories and
9e3166
settings, and a logging daemons.
d0811f
%if 0%{?stable}
8c1b90
This package was built from the %(c=%version; echo "v${c%.*}-stable") branch of systemd.
d0811f
%endif
d0811f
d0811f
%package libs
d0811f
Summary:        systemd libraries
8c1b90
License:        LGPL-2.1-or-later AND MIT
d0811f
Obsoletes:      libudev < 183
d0811f
Obsoletes:      systemd < 185-4
d0811f
Conflicts:      systemd < 185-4
d0811f
Obsoletes:      systemd-compat-libs < 230
d0811f
Obsoletes:      nss-myhostname < 0.4
d0811f
Provides:       nss-myhostname = 0.4
d0811f
Provides:       nss-myhostname%{_isa} = 0.4
d0811f
d0811f
%description libs
d0811f
Libraries for systemd and udev.
d0811f
d0811f
%package pam
d0811f
Summary:        systemd PAM module
d0811f
Requires:       %{name} = %{version}-%{release}
d0811f
d0811f
%description pam
d0811f
Systemd PAM module registers the session with systemd-logind.
d0811f
d0811f
%package rpm-macros
d0811f
Summary:        Macros that define paths and scriptlets related to systemd
d0811f
BuildArch:      noarch
7172f2
# Make sure we obsolete the existing version and any possible future versions
7172f2
# of epel-rpm-macros-systemd in c8s and c9s.
7172f2
Conflicts:      epel-rpm-macros-systemd < 10-0
7172f2
Obsoletes:      epel-rpm-macros-systemd < 10-0
7172f2
Provides:       epel-rpm-macros-systemd = 10-0
d0811f
d0811f
%description rpm-macros
d0811f
Just the definitions of rpm macros.
d0811f
d0811f
See
d0811f
https://docs.fedoraproject.org/en-US/packaging-guidelines/Scriptlets/#_systemd
d0811f
for information how to use those macros.
d0811f
d0811f
%package devel
d0811f
Summary:        Development headers for systemd
8c1b90
License:        LGPL-2.1-or-later AND MIT
09f814
Requires:       %{name}-libs%{_isa} = %{version}-%{release}
f2f90a
Requires(meta): (%{name}-rpm-macros = %{version}-%{release} if rpm-build)
d0811f
Provides:       libudev-devel = %{version}
d0811f
Provides:       libudev-devel%{_isa} = %{version}
d0811f
Obsoletes:      libudev-devel < 183
d0811f
d0811f
%description devel
d0811f
Development headers and auxiliary files for developing applications linking
d0811f
to libudev or libsystemd.
d0811f
d0811f
%package udev
d0811f
Summary: Rule-based device node and kernel event manager
8c1b90
License:        LGPL-2.1-or-later
d0811f
09f814
Requires:       systemd%{_isa} = %{version}-%{release}
d0811f
Requires(post):   systemd
d0811f
Requires(preun):  systemd
d0811f
Requires(postun): systemd
d0811f
Requires(post): grep
d0811f
Requires:       kmod >= 18-4
7172f2
%if 0%{?facebook} == 0
d0811f
# https://bodhi.fedoraproject.org/updates/FEDORA-2020-dd43dd05b1
d0811f
Obsoletes:      systemd < 245.6-1
7172f2
%endif
d0811f
Provides:       udev = %{version}
d0811f
Provides:       udev%{_isa} = %{version}
d0811f
Obsoletes:      udev < 183
7172f2
Conflicts:      systemd-timesyncd < %{version}-%{release}
7172f2
Obsoletes:      systemd-timesyncd < %{version}-%{release}
7172f2
Provides:       systemd-timesyncd = %{version}-%{release}
505ca8
9e3166
# Recommends to replace normal Requires deps for stuff that is dlopen()ed
9e3166
# used by dissect, integritysetup, veritysetyp, growfs, repart, cryptenroll, home
9e3166
Recommends:     libcryptsetup.so.12%{?elf_suffix}
9e3166
Recommends:     libcryptsetup.so.12(CRYPTSETUP_2.4)%{?elf_bits}
9e3166
9e3166
# used by systemd-coredump and systemd-analyze
9e3166
Recommends:     libdw.so.1%{?elf_suffix}
9e3166
Recommends:     libdw.so.1(ELFUTILS_0.186)%{?elf_bits}
9e3166
Recommends:     libelf.so.1%{?elf_suffix}
9e3166
Recommends:     libelf.so.1(ELFUTILS_1.7)%{?elf_bits}
9e3166
8c1b90
# used by home, cryptsetup, cryptenroll, logind
9e3166
Recommends:     libfido2.so.1%{?elf_suffix}
8c1b90
Recommends:     libp11-kit.so.0%{?elf_suffix}
9e3166
Recommends:     libtss2-esys.so.0%{?elf_suffix}
9e3166
Recommends:     libtss2-mu.so.0%{?elf_suffix}
9e3166
Recommends:     libtss2-rc.so.0%{?elf_suffix}
9e3166
d0811f
# https://bugzilla.redhat.com/show_bug.cgi?id=1377733#c9
d0811f
Suggests:       systemd-bootchart
d0811f
# https://bugzilla.redhat.com/show_bug.cgi?id=1408878
d0811f
Requires:       kbd
d0811f
d0811f
# https://bugzilla.redhat.com/show_bug.cgi?id=1753381
d0811f
Provides:       u2f-hidraw-policy = 1.0.2-40
d0811f
Obsoletes:      u2f-hidraw-policy < 1.0.2-40
d0811f
f2f90a
# self-obsoletes to install both packages after split of systemd-boot
f2f90a
Obsoletes:      systemd-udev < 252.2^
f2f90a
f2f90a
Conflicts:      %{name}-standalone-repart < %{version}-%{release}^
f2f90a
Provides:       %{name}-repart = %{version}-%{release}
f2f90a
d0811f
%description udev
9e3166
This package contains systemd-udev and the rules and hardware database needed to
9e3166
manage device nodes. This package is necessary on physical machines and in
9e3166
virtual machines, but not in containers.
9e3166
9e3166
This package also provides systemd-timesyncd, a network time protocol daemon.
9e3166
9e3166
It also contains tools to manage encrypted home areas and secrets bound to the
9e3166
machine, and to create or grow partitions and make file systems automatically.
d0811f
f2f90a
%if 0%{?want_bootloader}
8c1b90
%package ukify
8c1b90
Summary:        Tool to build Unified Kernel Images
8c1b90
Requires:       %{name} = %{version}-%{release}
8c1b90
8c1b90
Requires:       python3dist(pefile)
8c1b90
Requires:       python3dist(zstd)
f2f90a
Requires:       python3dist(cryptography)
8c1b90
Recommends:     python3dist(pillow)
8c1b90
8c1b90
BuildArch:      noarch
8c1b90
8c1b90
%description ukify
8c1b90
This package provides ukify, a script that combines a kernel image, an initrd,
8c1b90
with a command line, and possibly PCR measurements and other metadata, into a
8c1b90
Unified Kernel Image (UKI).
8c1b90
09f814
%package boot-unsigned
09f814
Summary: UEFI boot manager (unsigned version)
09f814
09f814
Provides: systemd-boot-unsigned-%{efi_arch} = %version-%release
09f814
Provides: systemd-boot = %version-%release
09f814
Provides: systemd-boot%{_isa} = %version-%release
8c1b90
# A provides with just the version, no release or dist, used to build systemd-boot
8c1b90
Provides: version(systemd-boot-unsigned) = %version
8c1b90
Provides: version(systemd-boot-unsigned)%{_isa} = %version
09f814
09f814
# self-obsoletes to install both packages after split of systemd-boot
09f814
Obsoletes:      systemd-udev < 252.2^
09f814
09f814
%description boot-unsigned
09f814
systemd-boot (short: sd-boot) is a simple UEFI boot manager. It provides a
09f814
graphical menu to select the entry to boot and an editor for the kernel command
09f814
line. systemd-boot supports systems with UEFI firmware only.
09f814
09f814
This package contains the unsigned version. Install systemd-boot instead to get
09f814
the version that works with Secure Boot.
09f814
%endif
09f814
d0811f
%package container
d0811f
# Name is the same as in Debian
d0811f
Summary: Tools for containers and VMs
09f814
Requires:       %{name}%{_isa} = %{version}-%{release}
d0811f
Requires(post):   systemd
d0811f
Requires(preun):  systemd
d0811f
Requires(postun): systemd
d0811f
# obsolete parent package so that dnf will install new subpackage on upgrade (#1260394)
d0811f
Obsoletes:      %{name} < 229-5
9e3166
# Bias the system towards libcurl-minimal if nothing pulls in full libcurl (#1997040)
9e3166
Suggests:       libcurl-minimal
8c1b90
License:        LGPL-2.1-or-later
d0811f
d0811f
%description container
d0811f
Systemd tools to spawn and manage containers and virtual machines.
d0811f
f2f90a
This package contains systemd-nspawn, systemd-vmspawn, machinectl,
f2f90a
systemd-machined, and systemd-importd.
d0811f
d0811f
%package journal-remote
d0811f
# Name is the same as in Debian
d0811f
Summary:        Tools to send journal events over the network
09f814
Requires:       %{name}%{_isa} = %{version}-%{release}
8c1b90
License:        LGPL-2.1-or-later
09f814
Requires:       firewalld-filesystem
d0811f
Provides:       %{name}-journal-gateway = %{version}-%{release}
d0811f
Provides:       %{name}-journal-gateway%{_isa} = %{version}-%{release}
d0811f
Obsoletes:      %{name}-journal-gateway < 227-7
9e3166
# Bias the system towards libcurl-minimal if nothing pulls in full libcurl (#1997040)
9e3166
Suggests:       libcurl-minimal
d0811f
d0811f
%description journal-remote
9e3166
Programs to forward journal entries over the network, using encrypted HTTP, and
9e3166
to write journal files from serialized journal contents.
d0811f
9e3166
This package contains systemd-journal-gatewayd, systemd-journal-remote, and
9e3166
systemd-journal-upload.
d0811f
ae4880
%package networkd
ae4880
Summary:        System daemon that manages network configurations
09f814
Requires:       %{name}%{_isa} = %{version}-%{release}
8c1b90
License:        LGPL-2.1-or-later
7172f2
%if 0%{?facebook} == 0
d2f4df
# https://src.fedoraproject.org/rpms/systemd/pull-request/34
d2f4df
Obsoletes:      systemd < 246.6-2
7172f2
%endif
ae4880
ae4880
%description networkd
9e3166
systemd-networkd is a system service that manages networks. It detects and
9e3166
configures network devices as they appear, as well as creating virtual network
9e3166
devices.
ae4880
f2f90a
%package networkd-defaults
f2f90a
Summary:        Configure network interfaces with networkd by default
f2f90a
Requires:       %{name}-networkd = %{version}-%{release}
f2f90a
License:        MIT-0
f2f90a
BuildArch:      noarch
f2f90a
f2f90a
%description networkd-defaults
f2f90a
This package contains a set of config files for systemd-networkd that cause it
f2f90a
to configure network interfaces by default. Note that systemd-networkd needs to
f2f90a
enabled for this to have any effect.
f2f90a
ae4880
%package resolved
ae4880
Summary:        Network Name Resolution manager
09f814
Requires:       %{name}%{_isa} = %{version}-%{release}
7172f2
%if 0%{?facebook} == 0
d2f4df
Obsoletes:      %{name} < 249~~
7172f2
%endif
9e3166
Requires:       libidn2.so.0%{?elf_suffix}
9e3166
Requires:       libidn2.so.0(IDN2_0.0.0)%{?elf_bits}
9e3166
Requires(posttrans): grep
ae4880
ae4880
%description resolved
9e3166
systemd-resolved is a system service that provides network name resolution to
9e3166
local applications. It implements a caching and validating DNS/DNSSEC stub
9e3166
resolver, as well as an LLMNR and MulticastDNS resolver and responder.
ae4880
04a488
%package oomd-defaults
04a488
Summary:        Configuration files for systemd-oomd
f2f90a
Requires:       %{name}-udev = %{version}-%{release}
8c1b90
License:        LGPL-2.1-or-later
ae4880
BuildArch:      noarch
04a488
04a488
%description oomd-defaults
04a488
A set of drop-in files for systemd units to enable action from systemd-oomd,
04a488
a userspace out-of-memory (OOM) killer.
04a488
d0811f
%package tests
d0811f
Summary:       Internal unit tests for systemd
09f814
Requires:      %{name}%{_isa} = %{version}-%{release}
f2f90a
# This dependency is provided transitively. Also add it explicitly to
f2f90a
# appease rpminspect, https://github.com/rpminspect/rpminspect/issues/1231:
f2f90a
Requires:      %{name}-libs%{_isa} = %{version}-%{release}
f2f90a
8c1b90
License:       LGPL-2.1-or-later
d0811f
d0811f
%description tests
9e3166
"Installed tests" that are usually run as part of the build system. They can be
9e3166
useful to test systemd internals.
d0811f
8c1b90
%package standalone-repart
8c1b90
Summary:       Standalone systemd-repart binary for use on systems without systemd
8c1b90
Provides:      %{name}-repart = %{version}-%{release}
8c1b90
RemovePathPostfixes: .standalone
8c1b90
8c1b90
%description standalone-repart
8c1b90
Standalone systemd-repart binary with no dependencies on the systemd-shared library or
8c1b90
other libraries from systemd-libs. This package conflicts with the main systemd
8c1b90
package and is meant for use on systems without systemd.
8c1b90
d2f4df
%package standalone-tmpfiles
8c1b90
Summary:       Standalone systemd-tmpfiles binary for use on systems without systemd
d2f4df
Provides:      %{name}-tmpfiles = %{version}-%{release}
d2f4df
RemovePathPostfixes: .standalone
36c356
d2f4df
%description standalone-tmpfiles
8c1b90
Standalone systemd-tmpfiles binary with no dependencies on the systemd-shared library or
d2f4df
other libraries from systemd-libs. This package conflicts with the main systemd
8c1b90
package and is meant for use on systems without systemd.
d0811f
d2f4df
%package standalone-sysusers
8c1b90
Summary:       Standalone systemd-sysusers binary for use on systems without systemd
d2f4df
Provides:      %{name}-sysusers = %{version}-%{release}
d2f4df
RemovePathPostfixes: .standalone
d2f4df
d2f4df
%description standalone-sysusers
8c1b90
Standalone systemd-sysusers binary with no dependencies on the systemd-shared library or
d2f4df
other libraries from systemd-libs. This package conflicts with the main systemd
8c1b90
package and is meant for use on systems without systemd.
8c1b90
8c1b90
%package standalone-shutdown
8c1b90
Summary:       Standalone systemd-shutdown binary for use on systems without systemd
8c1b90
Provides:      %{name}-shutdown = %{version}-%{release}
8c1b90
RemovePathPostfixes: .standalone
8c1b90
8c1b90
%description standalone-shutdown
8c1b90
Standalone systemd-shutdown binary with no dependencies on the systemd-shared library or
8c1b90
other libraries from systemd-libs. This package conflicts with the main systemd
8c1b90
package and is meant for use in exitrds.
d2f4df
7172f2
%package selinux
7172f2
Summary:        SELinux module for systemd
7172f2
BuildArch:      noarch
7172f2
BuildRequires:  bzip2
7172f2
BuildRequires:  make
7172f2
BuildRequires:  selinux-policy
7172f2
BuildRequires:  selinux-policy-devel
a5252a
%if 0%{?facebook}
a5252a
Requires(post): selinux-policy-base
a5252a
%else
7172f2
Requires(post): selinux-policy-base >= %{_selinux_policy_version}
a5252a
%endif
7172f2
Requires(post): policycoreutils
7172f2
Requires(pre):  libselinux-utils
7172f2
Requires(post): libselinux-utils
7172f2
7172f2
%description selinux
7172f2
This package provides the SELinux policy module to ensure systemd
7172f2
runs properly under an environment with SELinux enabled.
7172f2
d2f4df
%prep
9a56f7
%if %{defined commit}
9a56f7
%autosetup -n %{?commit:%{name}%[%stable?"-stable":""]-%{commit}}%{!?commit:%{name}%[%stable?"-stable":""]-%{version_no_tilde}} -p1
9a56f7
%else
7172f2
# pagure strips the '+' from 'hs+fb' for the top directory in the tar archive so
7172f2
# the top directory is hsfb-250.3 instead of hs+fb-250.3.
7172f2
%autosetup -n %{name}-hs%{?facebook:fb}-%{version} -p1
9a56f7
%endif
7172f2
2693e6
mkdir -p /tmp/selinux
2693e6
cp %SOURCE100 %SOURCE101 %SOURCE102 %SOURCE103 /tmp/selinux
5cdaa6
d0811f
%build
9e3166
%global ntpvendor %(source /etc/os-release; echo ${ID})
d0811f
%{!?ntpvendor: echo 'NTP vendor zone is not set!'; exit 1}
d0811f
d0811f
CONFIGURE_OPTS=(
505ca8
        -Dmode=release
d0811f
        -Dsysvinit-path=/etc/rc.d/init.d
d0811f
        -Drc-local=/etc/rc.d/rc.local
d0811f
        -Dntp-servers='0.%{ntpvendor}.pool.ntp.org 1.%{ntpvendor}.pool.ntp.org 2.%{ntpvendor}.pool.ntp.org 3.%{ntpvendor}.pool.ntp.org'
505ca8
        -Ddns-servers=
d0811f
        -Duser-path=/usr/local/bin:/usr/local/sbin:/usr/bin:/usr/sbin
d0811f
        -Dservice-watchdog=
d0811f
        -Ddev-kvm-mode=0666
f2f90a
        -Dkmod=enabled
f2f90a
        -Dxkbcommon=enabled
f2f90a
        -Dblkid=enabled
f2f90a
        -Dfdisk=enabled
f2f90a
        -Dseccomp=enabled
d0811f
        -Dima=true
f2f90a
        -Dselinux=enabled
f2f90a
        -Dbpf-framework=%[0%{?have_bpf}?"enabled":"disabled"]
f2f90a
        -Dapparmor=disabled
f2f90a
        -Dpolkit=enabled
f2f90a
        -Dxz=%[%{with xz}?"enabled":"disabled"]
f2f90a
        -Dzlib=%[%{with zlib}?"enabled":"disabled"]
f2f90a
        -Dbzip2=%[%{with bzip2}?"enabled":"disabled"]
f2f90a
        -Dlz4=%[%{with lz4}?"enabled":"disabled"]
f2f90a
        -Dzstd=%[%{with zstd}?"enabled":"disabled"]
f2f90a
        -Dpam=enabled
f2f90a
        -Dacl=enabled
d0811f
        -Dsmack=true
f2f90a
        -Dopenssl=enabled
9e3166
        -Dcryptolib=openssl
f2f90a
        -Dp11kit=enabled
f2f90a
        -Dgcrypt=disabled
f2f90a
        -Daudit=enabled
f2f90a
        -Delfutils=enabled
f2f90a
        -Dlibcryptsetup=%[%{with bootstrap}?"disabled":"enabled"]
f2f90a
        -Delfutils=enabled
f2f90a
        -Dpwquality=enabled
f2f90a
        -Dqrencode=%[%{defined rhel}?"disabled":"enabled"]
f2f90a
        -Dgnutls=%[%{with gnutls}?"enabled":"disabled"]
f2f90a
        -Dmicrohttpd=enabled
f2f90a
        -Dvmspawn=enabled
f2f90a
        -Dlibidn2=enabled
f2f90a
        -Dlibiptc=disabled
f2f90a
        -Dlibcurl=enabled
f2f90a
        -Dlibfido2=enabled
f2f90a
        -Dxenctrl=%[0%{?have_xen}?"enabled":"disabled"]
d0811f
        -Defi=true
d0811f
        -Dtpm=true
f2f90a
        -Dtpm2=enabled
d0811f
        -Dhwdb=true
d0811f
        -Dsysusers=true
09f814
        -Dstandalone-binaries=true
d0811f
        -Ddefault-kill-user-processes=false
09f814
        -Dfirst-boot-full-preset=true
f2f90a
        -Ddefault-network=%[0%{?facebook}?"false":"true"]
d0811f
        -Dtests=unsafe
d0811f
        -Dinstall-tests=true
d0811f
        -Dtty-gid=5
d0811f
        -Dusers-gid=100
d0811f
        -Dnobody-user=nobody
d0811f
        -Dnobody-group=nobody
505ca8
        -Dcompat-mutable-uid-boundaries=true
d0811f
        -Dsplit-bin=true
d0811f
        -Db_ndebug=false
f2f90a
        -Dman=enabled
7172f2
        # there is stuff that relies on the "v" prefix
f2f90a
        -Dversion-tag=v%{version}%[%{without upstream}?"-%{release}":""]
d2f4df
        # https://bugzilla.redhat.com/show_bug.cgi?id=1906010
f2f90a
        -Dshared-lib-tag=%{version_no_tilde}%[%{without upstream}?"-%{release}":""]
09f814
        -Dfallback-hostname="localhost"
505ca8
        -Ddefault-dnssec=no
d2f4df
        -Ddefault-dns-over-tls=no
505ca8
        # https://bugzilla.redhat.com/show_bug.cgi?id=1867830
505ca8
        -Ddefault-mdns=no
505ca8
        -Ddefault-llmnr=resolve
9e3166
        # https://bugzilla.redhat.com/show_bug.cgi?id=2028169
9e3166
        -Dstatus-unit-format-default=combined
f2f90a
        -Dconfigfiledir=/usr/lib
167d2b
        -Doomd=true
ae4880
        -Dadm-gid=4
ae4880
        -Daudio-gid=63
ae4880
        -Dcdrom-gid=11
ae4880
        -Ddialout-gid=18
ae4880
        -Ddisk-gid=6
9e3166
        -Dinput-gid=104
ae4880
        -Dkmem-gid=9
ae4880
        -Dkvm-gid=36
ae4880
        -Dlp-gid=7
9e3166
        -Drender-gid=105
9e3166
        -Dsgx-gid=106
ae4880
        -Dtape-gid=33
ae4880
        -Dtty-gid=5
ae4880
        -Dusers-gid=100
ae4880
        -Dutmp-gid=22
ae4880
        -Dvideo-gid=39
ae4880
        -Dwheel-gid=10
ae4880
        -Dsystemd-journal-gid=190
ae4880
        -Dsystemd-network-uid=192
ae4880
        -Dsystemd-resolve-uid=193
ae4880
        # -Dsystemd-timesync-uid=, not set yet
f2f90a
f2f90a
        # For now, let's build the bootloader in the same places where we
f2f90a
        # built with gnu-efi. Later on, we might want to extend coverage, but
f2f90a
        # considering that that support is untested, let's not do this now.
f2f90a
        # Note, ukify requires bootloader, let's also explicitly enable/disable it
f2f90a
        # here for https://github.com/systemd/systemd/pull/24175.
f2f90a
        -Dbootloader=%[%{?want_bootloader}?"enabled":"disabled"]
f2f90a
        -Dukify=%[%{?want_bootloader}?"enabled":"disabled"]
7172f2
)
7172f2
7172f2
%if 0%{?facebook}
7172f2
CONFIGURE_OPTS+=(
7172f2
        -Dntp-servers='1.ntp.vip.facebook.com 2.ntp.vip.facebook.com 3.ntp.vip.facebook.com 4.ntp.vip.facebook.com'
7172f2
        -Ddns-servers='10.127.255.51 10.191.255.51 2401:db00:eef0:a53:: 2401:db00:eef0:b53::'
66b4a7
        -Dsupport-url='https://fb.workplace.com/groups/systemd.and.friends'
7172f2
        -Dcontainer-uid-base-min=10485760
d0811f
)
7172f2
%endif
d0811f
505ca8
%if %{without lto}
505ca8
%global _lto_cflags %nil
505ca8
%endif
505ca8
ae4880
{ %meson "${CONFIGURE_OPTS[@]}"; }
ae4880
ae4880
%meson_build
167d2b
167d2b
new_triggers=%{_vpath_builddir}/src/rpm/triggers.systemd.sh
167d2b
if ! diff -u %{SOURCE1} ${new_triggers}; then
167d2b
   echo -e "\n\n\nWARNING: triggers.systemd in Source1 is different!"
167d2b
   echo -e "      cp $PWD/${new_triggers} %{SOURCE1}\n\n\n"
167d2b
   sleep 5
167d2b
fi
167d2b
f2f90a
sed -r 's|/system/|/user/|g' %{SOURCE16} >10-timeout-abort.conf.user
f2f90a
2693e6
cd /tmp/selinux
7172f2
%{__make} -f Makefile.selinux SHARE="%{_datadir}" TARGETS="systemd_hs"
7172f2
d0811f
%install
d0811f
%meson_install
d0811f
d0811f
# udev links
d0811f
mkdir -p %{buildroot}/%{_sbindir}
d0811f
ln -sf ../bin/udevadm %{buildroot}%{_sbindir}/udevadm
d0811f
d0811f
# Compatiblity and documentation files
d0811f
touch %{buildroot}/etc/crypttab
d0811f
chmod 600 %{buildroot}/etc/crypttab
d0811f
f2f90a
# Config files that were moved under /usr.
f2f90a
# We need to %ghost them so that they are not removed on upgrades.
f2f90a
touch %{buildroot}/etc/systemd/coredump.conf \
f2f90a
      %{buildroot}/etc/systemd/homed.conf \
f2f90a
      %{buildroot}/etc/systemd/journald.conf \
f2f90a
      %{buildroot}/etc/systemd/journal-remote.conf \
f2f90a
      %{buildroot}/etc/systemd/journal-upload.conf \
f2f90a
      %{buildroot}/etc/systemd/logind.conf \
f2f90a
      %{buildroot}/etc/systemd/networkd.conf \
f2f90a
      %{buildroot}/etc/systemd/oomd.conf \
f2f90a
      %{buildroot}/etc/systemd/pstore.conf \
f2f90a
      %{buildroot}/etc/systemd/resolved.conf \
f2f90a
      %{buildroot}/etc/systemd/sleep.conf \
f2f90a
      %{buildroot}/etc/systemd/system.conf \
f2f90a
      %{buildroot}/etc/systemd/timesyncd.conf \
f2f90a
      %{buildroot}/etc/systemd/user.conf \
f2f90a
      %{buildroot}/etc/udev/udev.conf \
f2f90a
      %{buildroot}/etc/udev/iocost.conf
f2f90a
09f814
# /etc/initab
09f814
install -Dm0644 -t %{buildroot}/etc/ %{SOURCE5}
09f814
d0811f
# /etc/sysctl.conf compat
09f814
install -Dm0644 %{SOURCE6} %{buildroot}/etc/sysctl.conf
d0811f
ln -s ../sysctl.conf %{buildroot}/etc/sysctl.d/99-sysctl.conf
d0811f
d0811f
# Make sure these directories are properly owned
d0811f
mkdir -p %{buildroot}%{system_unit_dir}/basic.target.wants
d0811f
mkdir -p %{buildroot}%{system_unit_dir}/default.target.wants
d0811f
mkdir -p %{buildroot}%{system_unit_dir}/dbus.target.wants
d0811f
mkdir -p %{buildroot}%{system_unit_dir}/syslog.target.wants
d0811f
mkdir -p %{buildroot}/run
d0811f
mkdir -p %{buildroot}%{_localstatedir}/log
9e3166
touch %{buildroot}%{_localstatedir}/log/lastlog
9e3166
chmod 0664 %{buildroot}%{_localstatedir}/log/lastlog
d0811f
touch %{buildroot}/run/utmp
d0811f
touch %{buildroot}%{_localstatedir}/log/{w,b}tmp
d0811f
d0811f
# Make sure the user generators dir exists too
d0811f
mkdir -p %{buildroot}%{pkgdir}/system-generators
d0811f
mkdir -p %{buildroot}%{pkgdir}/user-generators
d0811f
d0811f
# Create new-style configuration files so that we can ghost-own them
d0811f
touch %{buildroot}%{_sysconfdir}/hostname
d0811f
touch %{buildroot}%{_sysconfdir}/vconsole.conf
d0811f
touch %{buildroot}%{_sysconfdir}/locale.conf
d0811f
touch %{buildroot}%{_sysconfdir}/machine-id
d0811f
touch %{buildroot}%{_sysconfdir}/machine-info
d0811f
touch %{buildroot}%{_sysconfdir}/localtime
d0811f
mkdir -p %{buildroot}%{_sysconfdir}/X11/xorg.conf.d
d0811f
touch %{buildroot}%{_sysconfdir}/X11/xorg.conf.d/00-keyboard.conf
d0811f
d0811f
# Make sure the shutdown/sleep drop-in dirs exist
d0811f
mkdir -p %{buildroot}%{pkgdir}/system-shutdown/
d0811f
mkdir -p %{buildroot}%{pkgdir}/system-sleep/
d0811f
d0811f
# Make sure directories in /var exist
d0811f
mkdir -p %{buildroot}%{_localstatedir}/lib/systemd/coredump
d0811f
mkdir -p %{buildroot}%{_localstatedir}/lib/systemd/catalog
d0811f
mkdir -p %{buildroot}%{_localstatedir}/lib/systemd/backlight
d0811f
mkdir -p %{buildroot}%{_localstatedir}/lib/systemd/rfkill
d0811f
mkdir -p %{buildroot}%{_localstatedir}/lib/systemd/linger
d0811f
mkdir -p %{buildroot}%{_localstatedir}/lib/private
d0811f
mkdir -p %{buildroot}%{_localstatedir}/log/private
d0811f
mkdir -p %{buildroot}%{_localstatedir}/cache/private
d0811f
mkdir -p %{buildroot}%{_localstatedir}/lib/private/systemd/journal-upload
d0811f
mkdir -p %{buildroot}%{_localstatedir}/lib/systemd/timesync
d0811f
ln -s ../private/systemd/journal-upload %{buildroot}%{_localstatedir}/lib/systemd/journal-upload
d0811f
mkdir -p %{buildroot}%{_localstatedir}/log/journal
d0811f
touch %{buildroot}%{_localstatedir}/lib/systemd/catalog/database
d0811f
touch %{buildroot}%{_sysconfdir}/udev/hwdb.bin
d0811f
touch %{buildroot}%{_localstatedir}/lib/systemd/random-seed
d0811f
touch %{buildroot}%{_localstatedir}/lib/systemd/timesync/clock
d0811f
touch %{buildroot}%{_localstatedir}/lib/private/systemd/journal-upload/state
d0811f
d0811f
# Install yum protection fragment
d0811f
install -Dm0644 %{SOURCE4} %{buildroot}/etc/dnf/protected.d/systemd.conf
d0811f
09f814
install -Dm0644 -t %{buildroot}/usr/lib/firewalld/services/ %{SOURCE7} %{SOURCE8}
09f814
d0811f
# Install additional docs
d0811f
# https://bugzilla.redhat.com/show_bug.cgi?id=1234951
d0811f
install -Dm0644 -t %{buildroot}%{_pkgdocdir}/ %{SOURCE9}
d0811f
d0811f
# https://bugzilla.redhat.com/show_bug.cgi?id=1378974
d0811f
install -Dm0644 -t %{buildroot}%{system_unit_dir}/systemd-udev-trigger.service.d/ %{SOURCE10}
d0811f
ae4880
install -Dm0644 -t %{buildroot}%{_prefix}/lib/systemd/ %{SOURCE13}
ae4880
d0811f
install -D -t %{buildroot}/usr/lib/systemd/ %{SOURCE3}
d0811f
04a488
# systemd-oomd default configuration
04a488
install -Dm0644 -t %{buildroot}%{_prefix}/lib/systemd/oomd.conf.d/ %{SOURCE14}
09f814
install -Dm0644 -t %{buildroot}%{system_unit_dir}/system.slice.d/ %{SOURCE15}
09f814
install -Dm0644 -t %{buildroot}%{user_unit_dir}/slice.d/ %{SOURCE15}
8c1b90
8c1b90
# https://fedoraproject.org/wiki/Changes/IncreaseVmMaxMapCount
8c1b90
install -Dm0644 -t %{buildroot}%{_prefix}/lib/sysctl.d/ %{SOURCE17}
04a488
d0811f
sed -i 's|#!/usr/bin/env python3|#!%{__python3}|' %{buildroot}/usr/lib/systemd/tests/run-unit-tests.py
d0811f
d0811f
install -m 0644 -D -t %{buildroot}%{_rpmconfigdir}/macros.d/ %{SOURCE21}
f2f90a
# Use rpm's own sysusers provides where available
f2f90a
%if ! (0%{?fedora} >= 39 || 0%{?rhel} >= 10)
d0811f
install -m 0644 -D -t %{buildroot}%{_rpmconfigdir}/fileattrs/ %{SOURCE22}
d0811f
install -m 0755 -D -t %{buildroot}%{_rpmconfigdir}/ %{SOURCE23}
f2f90a
%endif
d0811f
install -m 0755 -D -t %{buildroot}%{_rpmconfigdir}/ %{SOURCE24}
d0811f
8c1b90
# https://bugzilla.redhat.com/show_bug.cgi?id=2107754
8c1b90
install -Dm0644 -t %{buildroot}%{_prefix}/lib/systemd/network/ %{SOURCE25}
8c1b90
d0811f
%find_lang %{name}
d0811f
f2f90a
# Split files in build root into rpms
f2f90a
python3 %{SOURCE2} %buildroot %{!?want_bootloader:--no-bootloader}
d0811f
7172f2
install -d -p %{buildroot}%{_datadir}/selinux/devel/include/contrib
2693e6
install -p -m 0644 /tmp/selinux/systemd_hs.if %{buildroot}%{_datadir}/selinux/devel/include/contrib
7172f2
install -d -p %{buildroot}%{_datadir}/selinux/packages
2693e6
install -p -m 0644 /tmp/selinux/systemd_hs.pp.bz2 %{buildroot}%{_datadir}/selinux/packages
7172f2
d0811f
%check
d0811f
%if %{with tests}
f2f90a
meson test -C %{_vpath_builddir} -t 6 --print-errorlogs
d0811f
%endif
d0811f
d0811f
#############################################################################################
d0811f
d0811f
%include %{SOURCE1}
d0811f
d0811f
%post
d0811f
systemd-machine-id-setup &>/dev/null || :
d0811f
ae4880
# FIXME: move to %postun. We want to restart systemd *after* removing
ae4880
# files from the old rpm. Right now we may still have bits the old
ae4880
# setup if the files are not present in the new version. But before
ae4880
# implement restarting of *other* services after the transaction, moving
ae4880
# this would make things worse, increasing the number of warnings we get
ae4880
# about needed daemon-reload.
ae4880
d0811f
systemctl daemon-reexec &>/dev/null || {
d0811f
  # systemd v239 had bug #9553 in D-Bus authentication of the private socket,
d0811f
  # which was later fixed in v240 by #9625.
d0811f
  #
d0811f
  # The end result is that a `systemctl daemon-reexec` call as root will fail
d0811f
  # when upgrading from systemd v239, which means the system will not start
d0811f
  # running the new version of systemd after this post install script runs.
d0811f
  #
d0811f
  # To work around this issue, let's fall back to using a `kill -TERM 1` to
d0811f
  # re-execute the daemon when the `systemctl daemon-reexec` call fails.
d0811f
  #
d0811f
  # In order to prevent issues when the reason why the daemon-reexec failed is
d0811f
  # not the aforementioned bug, let's only use this fallback when:
d0811f
  #   - we're upgrading this RPM package; and
d0811f
  #   - we confirm that systemd is running as PID1 on this system.
d0811f
  if [ $1 -gt 1 ] && [ -d /run/systemd/system ] ; then
d0811f
    kill -TERM 1 &>/dev/null || :
d0811f
  fi
d0811f
}
d0811f
ae4880
[ $1 -eq 1 ] || exit 0
d0811f
ae4880
# create /var/log/journal only on initial installation,
ae4880
# and only if it's writable (it won't be in rpm-ostree).
ae4880
[ -w %{_localstatedir} ] && mkdir -p %{_localstatedir}/log/journal
d0811f
ae4880
[ -w %{_localstatedir} ] && journalctl --update-catalog || :
ae4880
systemd-sysusers || :
ae4880
systemd-tmpfiles --create &>/dev/null || :
505ca8
d0811f
# We reset the enablement of all services upon initial installation
d0811f
# https://bugzilla.redhat.com/show_bug.cgi?id=1118740#c23
d0811f
# This will fix up enablement of any preset services that got installed
d0811f
# before systemd due to rpm ordering problems:
d0811f
# https://bugzilla.redhat.com/show_bug.cgi?id=1647172.
d0811f
# We also do this for user units, see
d0811f
# https://fedoraproject.org/wiki/Changes/Systemd_presets_for_user_units.
505ca8
systemctl preset-all &>/dev/null || :
505ca8
systemctl --global preset-all &>/dev/null || :
505ca8
ae4880
%postun
ae4880
if [ $1 -eq 1 ]; then
ae4880
   [ -w %{_localstatedir} ] && journalctl --update-catalog || :
ae4880
   systemd-tmpfiles --create &>/dev/null || :
d0811f
fi
d0811f
f2f90a
%systemd_postun_with_restart systemd-timedated.service systemd-hostnamed.service systemd-journald.service systemd-localed.service systemd-userdbd.service
ae4880
ae4880
# FIXME: systemd-logind.service is excluded (https://github.com/systemd/systemd/pull/17558)
f2f90a
f2f90a
# This is the explanded form of %%systemd_user_daemon_reexec. We
f2f90a
# can't use the macro because we define it ourselves.
f2f90a
if [ $1 -ge 1 ] && [ -x "/usr/lib/systemd/systemd-update-helper" ]; then
f2f90a
    # Package upgrade, not uninstall
f2f90a
    /usr/lib/systemd/systemd-update-helper user-reexec || :
f2f90a
fi
ae4880
09f814
%triggerun resolved -- systemd < 246.1-1
09f814
# This is for upgrades from previous versions before systemd-resolved became the default.
09f814
systemctl --no-reload preset systemd-resolved.service &>/dev/null || :
09f814
09f814
if systemctl -q is-enabled systemd-resolved.service &>/dev/null; then
09f814
  systemctl -q is-enabled NetworkManager.service 2>/dev/null && \
09f814
  ! test -L /etc/resolv.conf 2>/dev/null && \
09f814
  ! mountpoint /etc/resolv.conf &>/dev/null && \
09f814
  grep -q 'Generated by NetworkManager' /etc/resolv.conf 2>/dev/null && \
09f814
  echo -e '/etc/resolv.conf was generated by NetworkManager.\nRemoving it to let systemd-resolved manage this file.' && \
09f814
  mv -v /etc/resolv.conf /etc/resolv.conf.orig-with-nm && \
09f814
  ln -sv ../run/systemd/resolve/stub-resolv.conf /etc/resolv.conf 2>/dev/null || :
09f814
09f814
  systemctl start systemd-resolved.service &>/dev/null || :
09f814
fi
09f814
8c1b90
%triggerun -- systemd < 247.3-2
ae4880
# This is for upgrades from previous versions before oomd-defaults is available.
8c1b90
systemctl --no-reload preset systemd-oomd.service &>/dev/null || :
8c1b90
8c1b90
%triggerpostun -- systemd < 253~rc1-2
8c1b90
# This is for upgrades from previous versions where systemd-journald-audit.socket
8c1b90
# had a static enablement symlink.
ae4880
# We use %%triggerpostun here because rpm doesn't allow a second %%triggerun with
ae4880
# a different package version.
8c1b90
systemctl --no-reload preset systemd-journald-audit.socket &>/dev/null || :
8c1b90
f2f90a
%global udev_services systemd-udev{d,-settle,-trigger}.service systemd-udevd-{control,kernel}.socket systemd-homed.service %{?want_bootloader:systemd-boot-update.service} systemd-oomd.service systemd-portabled.service systemd-pstore.service systemd-timesyncd.service remote-cryptsetup.target
d0811f
d0811f
%post udev
d0811f
# Move old stuff around in /var/lib
d0811f
mv %{_localstatedir}/lib/random-seed %{_localstatedir}/lib/systemd/random-seed &>/dev/null
d0811f
mv %{_localstatedir}/lib/backlight %{_localstatedir}/lib/systemd/backlight &>/dev/null
d0811f
if [ -L %{_localstatedir}/lib/systemd/timesync ]; then
d0811f
    rm %{_localstatedir}/lib/systemd/timesync
d0811f
    mv %{_localstatedir}/lib/private/systemd/timesync %{_localstatedir}/lib/systemd/timesync
d0811f
fi
d0811f
if [ -f %{_localstatedir}/lib/systemd/clock ] ; then
d0811f
    mkdir -p %{_localstatedir}/lib/systemd/timesync
d0811f
    mv %{_localstatedir}/lib/systemd/clock %{_localstatedir}/lib/systemd/timesync/.
d0811f
fi
d0811f
d0811f
udevadm hwdb --update &>/dev/null
505ca8
d0811f
%systemd_post %udev_services
505ca8
505ca8
# Try to save the random seed, but don't complain if /dev/urandom is unavailable
505ca8
/usr/lib/systemd/systemd-random-seed save 2>&1 | \
505ca8
    grep -v 'Failed to open /dev/urandom' || :
d0811f
d0811f
# Replace obsolete keymaps
d0811f
# https://bugzilla.redhat.com/show_bug.cgi?id=1151958
d0811f
grep -q -E '^KEYMAP="?fi-latin[19]"?' /etc/vconsole.conf 2>/dev/null &&
d0811f
    sed -i.rpm.bak -r 's/^KEYMAP="?fi-latin[19]"?/KEYMAP="fi"/' /etc/vconsole.conf || :
d0811f
d0811f
%preun udev
d0811f
%systemd_preun %udev_services
d0811f
d0811f
%postun udev
167d2b
# Restart some services.
d0811f
# Others are either oneshot services, or sockets, and restarting them causes issues (#1378974)
167d2b
%systemd_postun_with_restart systemd-udevd.service systemd-timesyncd.service
d0811f
9e3166
ae4880
%global journal_remote_units_restart systemd-journal-gatewayd.service systemd-journal-remote.service systemd-journal-upload.service
ae4880
%global journal_remote_units_norestart systemd-journal-gatewayd.socket systemd-journal-remote.socket
d0811f
%post journal-remote
ae4880
%systemd_post %journal_remote_units_restart %journal_remote_units_norestart
09f814
%firewalld_reload
d0811f
d0811f
%preun journal-remote
ae4880
%systemd_preun %journal_remote_units_restart %journal_remote_units_norestart
d0811f
if [ $1 -eq 1 ] ; then
d0811f
    if [ -f %{_localstatedir}/lib/systemd/journal-upload/state -a ! -L %{_localstatedir}/lib/systemd/journal-upload ] ; then
d0811f
        mkdir -p %{_localstatedir}/lib/private/systemd/journal-upload
d0811f
        mv %{_localstatedir}/lib/systemd/journal-upload/state %{_localstatedir}/lib/private/systemd/journal-upload/.
d0811f
        rmdir %{_localstatedir}/lib/systemd/journal-upload || :
d0811f
    fi
d0811f
fi
d0811f
d0811f
%postun journal-remote
ae4880
%systemd_postun_with_restart %journal_remote_units_restart
09f814
%firewalld_reload
ae4880
ae4880
%post networkd
ae4880
# systemd-networkd was split out in systemd-246.6-2.
ae4880
# Ideally, we would have a trigger scriptlet to record enablement
ae4880
# state when upgrading from systemd <= systemd-246.6-1. But, AFAICS,
ae4880
# rpm doesn't allow us to trigger on another package, short of
ae4880
# querying the rpm database ourselves, which seems risky. For rpm,
ae4880
# systemd and systemd-networkd are completely unrelated.  So let's use
ae4880
# a hack to detect if an old systemd version is currently present in
ae4880
# the file system.
ae4880
# https://bugzilla.redhat.com/show_bug.cgi?id=1943263
ae4880
if [ $1 -eq 1 ] && ls /usr/lib/systemd/libsystemd-shared-24[0-6].so &>/dev/null; then
ae4880
    echo "Skipping presets for systemd-networkd.service, seems we are upgrading from old systemd."
ae4880
else
ae4880
    %systemd_post systemd-networkd.service systemd-networkd-wait-online.service
ae4880
fi
ae4880
ae4880
%preun networkd
ae4880
%systemd_preun systemd-networkd.service systemd-networkd-wait-online.service
ae4880
f2f90a
%postun networkd
f2f90a
%systemd_postun_with_restart systemd-networkd.service
f2f90a
%systemd_postun systemd-networkd-wait-online.service
f2f90a
f2f90a
%post resolved
f2f90a
[ $1 -eq 1 ] || exit 0
f2f90a
# Initial installation
f2f90a
f2f90a
touch %{_localstatedir}/lib/rpm-state/systemd-resolved.initial-installation
f2f90a
f2f90a
# Related to https://bugzilla.redhat.com/show_bug.cgi?id=1943263
f2f90a
if ls /usr/lib/systemd/libsystemd-shared-24[0-8].so &>/dev/null; then
f2f90a
    echo "Skipping presets for systemd-resolved.service, seems we are upgrading from old systemd."
f2f90a
    exit 0
f2f90a
fi
f2f90a
f2f90a
%systemd_post systemd-resolved.service
f2f90a
ae4880
%preun resolved
ae4880
if [ $1 -eq 0 ] ; then
ae4880
        systemctl disable --quiet \
ae4880
                systemd-resolved.service \
ae4880
                >/dev/null || :
9e3166
        if [ -L /etc/resolv.conf ] && \
9e3166
            realpath /etc/resolv.conf | grep ^/run/systemd/resolve/; then
9e3166
                rm -f /etc/resolv.conf # no longer useful
9e3166
                # if network manager is enabled, move to it instead
9e3166
                [ -f /run/NetworkManager/resolv.conf ] && \
9e3166
                systemctl -q is-enabled NetworkManager.service &>/dev/null && \
9e3166
                    ln -fsv ../run/NetworkManager/resolv.conf /etc/resolv.conf
9e3166
        fi
ae4880
fi
ae4880
f2f90a
%postun resolved
f2f90a
%systemd_postun_with_restart systemd-resolved.service
ae4880
9e3166
%posttrans resolved
09f814
[ -e %{_localstatedir}/lib/rpm-state/systemd-resolved.initial-installation ] || exit 0
09f814
rm %{_localstatedir}/lib/rpm-state/systemd-resolved.initial-installation
d2f4df
# Initial installation
d2f4df
ae4880
# Create /etc/resolv.conf symlink.
09f814
# (https://bugzilla.redhat.com/show_bug.cgi?id=1873856)
09f814
#
09f814
# We would also create it using tmpfiles, but let's do this here too
09f814
# before NetworkManager gets a chance. (systemd-tmpfiles invocation
09f814
# above does not do this, because the line is marked with ! and
09f814
# tmpfiles is invoked without --boot in the scriptlet.)
ae4880
#
9e3166
# *Create* the symlink if nothing is present yet.
9e3166
# (https://bugzilla.redhat.com/show_bug.cgi?id=2032085)
9e3166
#
9e3166
# *Override* the symlink if systemd is running. Don't do it if systemd
9e3166
# is not running, because that will immediately break DNS resolution,
9e3166
# since systemd-resolved is also not running
9e3166
# (https://bugzilla.redhat.com/show_bug.cgi?id=1891847).
ae4880
#
ae4880
# Also don't create the symlink to the stub when the stub is disabled (#1891847 again).
9e3166
if systemctl -q is-enabled systemd-resolved.service &>/dev/null &&
9e3166
   ! systemd-analyze cat-config systemd/resolved.conf 2>/dev/null |
9e3166
        grep -iqE '^DNSStubListener\s*=\s*(no?|false|0|off)\s*$'; then
9e3166
9e3166
  if ! test -e /etc/resolv.conf && ! test -L /etc/resolv.conf; then
9e3166
    ln -sv ../run/systemd/resolve/stub-resolv.conf /etc/resolv.conf || :
9e3166
  elif test -d /run/systemd/system/ &&
9e3166
     ! mountpoint /etc/resolv.conf &>/dev/null; then
9e3166
    ln -fsv ../run/systemd/resolve/stub-resolv.conf /etc/resolv.conf || :
9e3166
  fi
ae4880
fi
d0811f
7172f2
%pre selinux
7172f2
%selinux_relabel_pre
7172f2
7172f2
%post selinux
7172f2
%selinux_modules_install %{_datadir}/selinux/packages/systemd_hs.pp.bz2
7172f2
%selinux_relabel_post
7172f2
7172f2
%posttrans selinux
7172f2
%selinux_relabel_post
7172f2
7172f2
%postun selinux
7172f2
%selinux_modules_uninstall systemd_hs
7172f2
7172f2
if [ $1 -eq 0 ]; then
7172f2
    %selinux_relabel_post
7172f2
fi
7172f2
d0811f
%global _docdir_fmt %{name}
d0811f
d2f4df
%files -f %{name}.lang -f .file-list-main
d0811f
%doc %{_pkgdocdir}
9e3166
%exclude %{_pkgdocdir}/LICENSE*
9e3166
# Only the licenses texts for the licenses in License line are included.
f2f90a
%license LICENSE.GPL2
9e3166
%license LICENSES/MIT.txt
d0811f
%ghost %dir %attr(0755,-,-) /etc/systemd/system/basic.target.wants
d0811f
%ghost %dir %attr(0755,-,-) /etc/systemd/system/bluetooth.target.wants
d0811f
%ghost %dir %attr(0755,-,-) /etc/systemd/system/default.target.wants
d0811f
%ghost %dir %attr(0755,-,-) /etc/systemd/system/getty.target.wants
d0811f
%ghost %dir %attr(0755,-,-) /etc/systemd/system/graphical.target.wants
d0811f
%ghost %dir %attr(0755,-,-) /etc/systemd/system/local-fs.target.wants
d0811f
%ghost %dir %attr(0755,-,-) /etc/systemd/system/machines.target.wants
d0811f
%ghost %dir %attr(0755,-,-) /etc/systemd/system/multi-user.target.wants
d0811f
%ghost %dir %attr(0755,-,-) /etc/systemd/system/network-online.target.wants
d0811f
%ghost %dir %attr(0755,-,-) /etc/systemd/system/printer.target.wants
d0811f
%ghost %dir %attr(0755,-,-) /etc/systemd/system/remote-fs.target.wants
d0811f
%ghost %dir %attr(0755,-,-) /etc/systemd/system/sockets.target.wants
d0811f
%ghost %dir %attr(0755,-,-) /etc/systemd/system/sysinit.target.wants
d0811f
%ghost %dir %attr(0755,-,-) /etc/systemd/system/system-update.target.wants
d0811f
%ghost %dir %attr(0755,-,-) /etc/systemd/system/timers.target.wants
9e3166
%ghost %dir %attr(0700,-,-) /var/lib/portables
d0811f
%ghost %dir %attr(0755,-,-) /var/lib/rpm-state/systemd
d0811f
d0811f
%files libs -f .file-list-libs
d0811f
%license LICENSE.LGPL2.1
d0811f
d0811f
%files pam -f .file-list-pam
d0811f
d0811f
%files rpm-macros -f .file-list-rpm-macros
d0811f
ae4880
%files resolved -f .file-list-resolve
ae4880
d0811f
%files devel -f .file-list-devel
d0811f
d0811f
%files udev -f .file-list-udev
d0811f
f2f90a
%if 0%{?want_bootloader}
8c1b90
%files ukify -f .file-list-ukify
09f814
%files boot-unsigned -f .file-list-boot
09f814
%endif
09f814
d0811f
%files container -f .file-list-container
9e3166
%ghost %dir %attr(0700,-,-) /var/lib/machines
d0811f
d0811f
%files journal-remote -f .file-list-remote
d0811f
ae4880
%files networkd -f .file-list-networkd
ae4880
f2f90a
%files networkd-defaults -f .file-list-networkd-defaults
f2f90a
04a488
%files oomd-defaults -f .file-list-oomd-defaults
04a488
d0811f
%files tests -f .file-list-tests
d0811f
8c1b90
%files standalone-repart -f .file-list-standalone-repart
8c1b90
09f814
%files standalone-tmpfiles -f .file-list-standalone-tmpfiles
09f814
09f814
%files standalone-sysusers -f .file-list-standalone-sysusers
09f814
8c1b90
%files standalone-shutdown -f .file-list-standalone-shutdown
8c1b90
7172f2
%files selinux
7172f2
%{_datadir}/selinux/devel/include/contrib/systemd_hs.if
7172f2
%{_datadir}/selinux/packages/systemd_hs.pp.bz2
36c356
b81998
%clean
b81998
rm -rf $RPM_BUILD_ROOT
b81998
rm -f 10-timeout-abort.conf.user
b81998
rm -f .file-list-*
b81998
rm -f %{name}.lang
b81998
d0811f
%changelog
f2f90a
%autochangelog