diff --git a/0001-pam-align-second-and-third-columns.patch b/0001-pam-align-second-and-third-columns.patch deleted file mode 100644 index 8ab341b..0000000 --- a/0001-pam-align-second-and-third-columns.patch +++ /dev/null @@ -1,48 +0,0 @@ -From 9efb224443d819b7d64ec76cb94c8aa625a8abf2 Mon Sep 17 00:00:00 2001 -From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= -Date: Wed, 23 Nov 2022 16:05:48 +0100 -Subject: [PATCH 1/2] pam: align second and third columns - -In our template file, we have jinja2 template markers, so the file -looks fairly messy. But once it's rendered, it looks pretty clean, except -that the columns are unaligned becuase of "-" in some lines in the first -column. Let's make them aligned. ---- - src/login/systemd-user.in | 18 +++++++++--------- - 1 file changed, 9 insertions(+), 9 deletions(-) - -diff --git a/src/login/systemd-user.in b/src/login/systemd-user.in -index 39bcbd71fe..d5597d28cb 100644 ---- a/src/login/systemd-user.in -+++ b/src/login/systemd-user.in -@@ -4,18 +4,18 @@ - # Used by systemd --user instances. - - {% if ENABLE_HOMED %} ---account sufficient pam_systemd_home.so -+-account sufficient pam_systemd_home.so - {% endif %} --account sufficient pam_unix.so no_pass_expiry --account required pam_permit.so -+account sufficient pam_unix.so no_pass_expiry -+account required pam_permit.so - - {% if HAVE_SELINUX %} --session required pam_selinux.so close --session required pam_selinux.so nottys open -+session required pam_selinux.so close -+session required pam_selinux.so nottys open - {% endif %} --session required pam_loginuid.so --session optional pam_keyinit.so force revoke -+session required pam_loginuid.so -+session optional pam_keyinit.so force revoke - {% if ENABLE_HOMED %} ---session optional pam_systemd_home.so -+-session optional pam_systemd_home.so - {% endif %} --session optional pam_systemd.so -+session optional pam_systemd.so --- -2.38.1 - diff --git a/0001-shared-install-Use-InstallChangeType-consistently.patch b/0001-shared-install-Use-InstallChangeType-consistently.patch deleted file mode 100644 index 41ce82b..0000000 --- a/0001-shared-install-Use-InstallChangeType-consistently.patch +++ /dev/null @@ -1,37 +0,0 @@ -From 2fdd12acd5c69bc952d9ca4d5ad796e6e830d21b Mon Sep 17 00:00:00 2001 -From: =?UTF-8?q?Cristian=20Rodr=C3=ADguez?= -Date: Fri, 11 Nov 2022 15:34:32 +0000 -Subject: [PATCH 1/5] shared|install: Use InstallChangeType consistently - -gcc 13 -Wenum-int-mismatch, enabled by default, reminds us enum ! = int - -(cherry picked from commit 9264db1a0ac6034ab5b40ef3f5914d8dc7d77aba) ---- - src/shared/install.h | 4 ++-- - 1 file changed, 2 insertions(+), 2 deletions(-) - -diff --git a/src/shared/install.h b/src/shared/install.h -index 9bb412ba06..0abc73897e 100644 ---- a/src/shared/install.h -+++ b/src/shared/install.h -@@ -197,7 +197,7 @@ int unit_file_exists(LookupScope scope, const LookupPaths *paths, const char *na - int unit_file_get_list(LookupScope scope, const char *root_dir, Hashmap *h, char **states, char **patterns); - Hashmap* unit_file_list_free(Hashmap *h); - --InstallChangeType install_changes_add(InstallChange **changes, size_t *n_changes, int type, const char *path, const char *source); -+InstallChangeType install_changes_add(InstallChange **changes, size_t *n_changes, InstallChangeType type, const char *path, const char *source); - void install_changes_free(InstallChange *changes, size_t n_changes); - void install_changes_dump(int r, const char *verb, const InstallChange *changes, size_t n_changes, bool quiet); - -@@ -224,7 +224,7 @@ UnitFileState unit_file_state_from_string(const char *s) _pure_; - /* from_string conversion is unreliable because of the overlap between -EPERM and -1 for error. */ - - const char *install_change_type_to_string(InstallChangeType t) _const_; --int install_change_type_from_string(const char *s) _pure_; -+InstallChangeType install_change_type_from_string(const char *s) _pure_; - - const char *unit_file_preset_mode_to_string(UnitFilePresetMode m) _const_; - UnitFilePresetMode unit_file_preset_mode_from_string(const char *s) _pure_; --- -2.39.1 - diff --git a/0002-journal-remote-code-is-of-type-enum-MHD_RequestTermi.patch b/0002-journal-remote-code-is-of-type-enum-MHD_RequestTermi.patch deleted file mode 100644 index 3a86af1..0000000 --- a/0002-journal-remote-code-is-of-type-enum-MHD_RequestTermi.patch +++ /dev/null @@ -1,34 +0,0 @@ -From b1b7667a44c4e8635b6d8dc070fb2446187fcdc5 Mon Sep 17 00:00:00 2001 -From: =?UTF-8?q?Cristian=20Rodr=C3=ADguez?= -Date: Fri, 11 Nov 2022 15:28:51 +0000 -Subject: [PATCH 2/5] journal-remote: code is of type enum - MHD_RequestTerminationCode - -Fixes gcc 13 -Wenum-int-mismatch which are enabled by default. - -(cherry picked from commit aa70dd624bff6280ab6f2871f62d313bdb1e1bcc) ---- - src/journal-remote/microhttpd-util.h | 4 ++-- - 1 file changed, 2 insertions(+), 2 deletions(-) - -diff --git a/src/journal-remote/microhttpd-util.h b/src/journal-remote/microhttpd-util.h -index 7e7d1b56b1..df18335469 100644 ---- a/src/journal-remote/microhttpd-util.h -+++ b/src/journal-remote/microhttpd-util.h -@@ -64,11 +64,11 @@ void microhttpd_logger(void *arg, const char *fmt, va_list ap) _printf_(2, 0); - - int mhd_respondf(struct MHD_Connection *connection, - int error, -- unsigned code, -+ enum MHD_RequestTerminationCode code, - const char *format, ...) _printf_(4,5); - - int mhd_respond(struct MHD_Connection *connection, -- unsigned code, -+ enum MHD_RequestTerminationCode code, - const char *message); - - int mhd_respond_oom(struct MHD_Connection *connection); --- -2.39.1 - diff --git a/0002-pam-add-a-call-to-pam_namespace.patch b/0002-pam-add-a-call-to-pam_namespace.patch deleted file mode 100644 index 51564d9..0000000 --- a/0002-pam-add-a-call-to-pam_namespace.patch +++ /dev/null @@ -1,41 +0,0 @@ -From 0ef48896d9f23b9fd547a532a4e6e6b8f8b12901 Mon Sep 17 00:00:00 2001 -From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= -Date: Wed, 23 Nov 2022 16:09:56 +0100 -Subject: [PATCH 2/2] pam: add a call to pam_namespace - -A call to pam_namespace is required so that children of user@.service end up in -a namespace as expected. pam_namespace gets called as part of the stack that -creates a session (login, sshd, gdm, etc.) and those processes end up in a -namespace, but it also needs to be called from our stack which is parallel and -descends from pid1 itself. - -The call to pam_namespace is similar to the call to pam_keyinit that was added -in ab79099d1684457d040ee7c28b2012e8c1ea9a4f. The pam stack for user@.service -creates a new session which is disconnected from the parent environment. Both -calls are not suitable for inclusion in the shared part of the stack (e.g. -@system-auth on Fedora/RHEL systems), because for example su/sudo/runuser -should not include them. - -Fixes #17043 (Allow to execute user service into dedicated namespace - if pam_namespace enabled) -Related to https://bugzilla.redhat.com/show_bug.cgi?id=1861836 -(Polyinstantiation is ignored/bypassed in GNOME sessions) ---- - src/login/systemd-user.in | 1 + - 1 file changed, 1 insertion(+) - -diff --git a/src/login/systemd-user.in b/src/login/systemd-user.in -index d5597d28cb..06f7e36458 100644 ---- a/src/login/systemd-user.in -+++ b/src/login/systemd-user.in -@@ -15,6 +15,7 @@ session required pam_selinux.so nottys open - {% endif %} - session required pam_loginuid.so - session optional pam_keyinit.so force revoke -+session required pam_namespace.so - {% if ENABLE_HOMED %} - -session optional pam_systemd_home.so - {% endif %} --- -2.38.1 - diff --git a/0003-pam-actually-align-the-columns.patch b/0003-pam-actually-align-the-columns.patch deleted file mode 100644 index da4fcf2..0000000 --- a/0003-pam-actually-align-the-columns.patch +++ /dev/null @@ -1,47 +0,0 @@ -From 369dfbf43a0064b70a774ccdd3dd1c1a09fd95ca Mon Sep 17 00:00:00 2001 -From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= -Date: Wed, 14 Dec 2022 22:23:31 +0100 -Subject: [PATCH 3/4] pam: actually align the columns - -In 9efb224443d819b7d64ec76cb94c8aa625a8abf2 was supposed to align -them, but for some reason I just added a second space everywhere. ---- - src/login/systemd-user.in | 18 +++++++++--------- - 1 file changed, 9 insertions(+), 9 deletions(-) - -diff --git a/src/login/systemd-user.in b/src/login/systemd-user.in -index 06f7e36458..9a665bd959 100644 ---- a/src/login/systemd-user.in -+++ b/src/login/systemd-user.in -@@ -4,19 +4,19 @@ - # Used by systemd --user instances. - - {% if ENABLE_HOMED %} ---account sufficient pam_systemd_home.so -+-account sufficient pam_systemd_home.so - {% endif %} - account sufficient pam_unix.so no_pass_expiry --account required pam_permit.so -+account required pam_permit.so - - {% if HAVE_SELINUX %} --session required pam_selinux.so close --session required pam_selinux.so nottys open -+session required pam_selinux.so close -+session required pam_selinux.so nottys open - {% endif %} --session required pam_loginuid.so --session optional pam_keyinit.so force revoke --session required pam_namespace.so -+session required pam_loginuid.so -+session optional pam_keyinit.so force revoke -+session required pam_namespace.so - {% if ENABLE_HOMED %} ---session optional pam_systemd_home.so -+-session optional pam_systemd_home.so - {% endif %} --session optional pam_systemd.so -+session optional pam_systemd.so --- -2.38.1 - diff --git a/0003-resolve-dns_server_feature_level_-_string-type-is-Dn.patch b/0003-resolve-dns_server_feature_level_-_string-type-is-Dn.patch deleted file mode 100644 index d328854..0000000 --- a/0003-resolve-dns_server_feature_level_-_string-type-is-Dn.patch +++ /dev/null @@ -1,31 +0,0 @@ -From ba5f7915d25a400f0651bc9e8546a3ec6a738eaa Mon Sep 17 00:00:00 2001 -From: =?UTF-8?q?Cristian=20Rodr=C3=ADguez?= -Date: Fri, 11 Nov 2022 15:31:18 +0000 -Subject: [PATCH 3/5] resolve: dns_server_feature_level_*_string type is - DnsServerFeatureLevel - -gcc 13 -Wenum-int-mismatch reminds us that enum != int - -(cherry picked from commit e14afe31c3e8380496dc85b57103b2f648bc7d43) ---- - src/resolve/resolved-dns-server.h | 4 ++-- - 1 file changed, 2 insertions(+), 2 deletions(-) - -diff --git a/src/resolve/resolved-dns-server.h b/src/resolve/resolved-dns-server.h -index be9efb0a79..f939b534c3 100644 ---- a/src/resolve/resolved-dns-server.h -+++ b/src/resolve/resolved-dns-server.h -@@ -44,8 +44,8 @@ typedef enum DnsServerFeatureLevel { - #define DNS_SERVER_FEATURE_LEVEL_IS_DNSSEC(x) ((x) >= DNS_SERVER_FEATURE_LEVEL_DO) - #define DNS_SERVER_FEATURE_LEVEL_IS_UDP(x) IN_SET(x, DNS_SERVER_FEATURE_LEVEL_UDP, DNS_SERVER_FEATURE_LEVEL_EDNS0, DNS_SERVER_FEATURE_LEVEL_DO) - --const char* dns_server_feature_level_to_string(int i) _const_; --int dns_server_feature_level_from_string(const char *s) _pure_; -+const char* dns_server_feature_level_to_string(DnsServerFeatureLevel i) _const_; -+DnsServerFeatureLevel dns_server_feature_level_from_string(const char *s) _pure_; - - struct DnsServer { - Manager *manager; --- -2.39.1 - diff --git a/0004-Use-dummy-allocator-to-make-accesses-defined-as-per-.patch b/0004-Use-dummy-allocator-to-make-accesses-defined-as-per-.patch deleted file mode 100644 index 516f45c..0000000 --- a/0004-Use-dummy-allocator-to-make-accesses-defined-as-per-.patch +++ /dev/null @@ -1,104 +0,0 @@ -From 34b9eddfc12936917fab000b780a451d6277c2b4 Mon Sep 17 00:00:00 2001 -From: Siddhesh Poyarekar -Date: Tue, 13 Dec 2022 16:54:36 -0500 -Subject: [PATCH 4/5] Use dummy allocator to make accesses defined as per - standard - -systemd uses malloc_usable_size() everywhere to use memory blocks -obtained through malloc, but that is abuse since the -malloc_usable_size() interface isn't meant for this kind of use, it is -for diagnostics only. This is also why systemd behaviour is flaky when -built with _FORTIFY_SOURCE. - -One way to make this more standard (and hence safer) is to, at every -malloc_usable_size() call, also 'reallocate' the block so that the -compiler can see the larger size. This is done through a dummy -reallocator whose only purpose is to tell the compiler about the larger -usable size, it doesn't do any actual reallocation. - -Florian Weimer pointed out that this doesn't solve the problem of an -allocator potentially growing usable size at will, which will break the -implicit assumption in systemd use that the value returned remains -constant as long as the object is valid. The safest way to fix that is -for systemd to step away from using malloc_usable_size() like this. - -Resolves #22801. - -(cherry picked from commit 7929e180aa47a2692ad4f053afac2857d7198758) ---- - src/basic/alloc-util.c | 4 ++++ - src/basic/alloc-util.h | 38 ++++++++++++++++++++++++++++---------- - 2 files changed, 32 insertions(+), 10 deletions(-) - -diff --git a/src/basic/alloc-util.c b/src/basic/alloc-util.c -index b030f454b2..6063943c88 100644 ---- a/src/basic/alloc-util.c -+++ b/src/basic/alloc-util.c -@@ -102,3 +102,7 @@ void* greedy_realloc0( - - return q; - } -+ -+void *expand_to_usable(void *ptr, size_t newsize _unused_) { -+ return ptr; -+} -diff --git a/src/basic/alloc-util.h b/src/basic/alloc-util.h -index b38db7d473..eb53aae6f3 100644 ---- a/src/basic/alloc-util.h -+++ b/src/basic/alloc-util.h -@@ -2,6 +2,7 @@ - #pragma once - - #include -+#include - #include - #include - #include -@@ -184,17 +185,34 @@ void* greedy_realloc0(void **p, size_t need, size_t size); - # define msan_unpoison(r, s) - #endif - --/* This returns the number of usable bytes in a malloc()ed region as per malloc_usable_size(), in a way that -- * is compatible with _FORTIFY_SOURCES. If _FORTIFY_SOURCES is used many memory operations will take the -- * object size as returned by __builtin_object_size() into account. Hence, let's return the smaller size of -- * malloc_usable_size() and __builtin_object_size() here, so that we definitely operate in safe territory by -- * both the compiler's and libc's standards. Note that __builtin_object_size() evaluates to SIZE_MAX if the -- * size cannot be determined, hence the MIN() expression should be safe with dynamically sized memory, -- * too. Moreover, when NULL is passed malloc_usable_size() is documented to return zero, and -- * __builtin_object_size() returns SIZE_MAX too, hence we also return a sensible value of 0 in this corner -- * case. */ -+/* Dummy allocator to tell the compiler that the new size of p is newsize. The implementation returns the -+ * pointer as is; the only reason for its existence is as a conduit for the _alloc_ attribute. This cannot be -+ * a static inline because gcc then loses the attributes on the function. -+ * See: https://gcc.gnu.org/bugzilla/show_bug.cgi?id=96503 */ -+void *expand_to_usable(void *p, size_t newsize) _alloc_(2) _returns_nonnull_; -+ -+static inline size_t malloc_sizeof_safe(void **xp) { -+ if (_unlikely_(!xp || !*xp)) -+ return 0; -+ -+ size_t sz = malloc_usable_size(*xp); -+ *xp = expand_to_usable(*xp, sz); -+ /* GCC doesn't see the _returns_nonnull_ when built with ubsan, so yet another hint to make it doubly -+ * clear that expand_to_usable won't return NULL. -+ * See: https://gcc.gnu.org/bugzilla/show_bug.cgi?id=79265 */ -+ if (!*xp) -+ assert_not_reached(); -+ return sz; -+} -+ -+/* This returns the number of usable bytes in a malloc()ed region as per malloc_usable_size(), which may -+ * return a value larger than the size that was actually allocated. Access to that additional memory is -+ * discouraged because it violates the C standard; a compiler cannot see that this as valid. To help the -+ * compiler out, the MALLOC_SIZEOF_SAFE macro 'allocates' the usable size using a dummy allocator function -+ * expand_to_usable. There is a possibility of malloc_usable_size() returning different values during the -+ * lifetime of an object, which may cause problems, but the glibc allocator does not do that at the moment. */ - #define MALLOC_SIZEOF_SAFE(x) \ -- MIN(malloc_usable_size(x), __builtin_object_size(x, 0)) -+ malloc_sizeof_safe((void**) &__builtin_choose_expr(__builtin_constant_p(x), (void*) { NULL }, (x))) - - /* Inspired by ELEMENTSOF() but operates on malloc()'ed memory areas: typesafely returns the number of items - * that fit into the specified memory block */ --- -2.39.1 - diff --git a/0005-alloc-util-Disallow-inlining-of-expand_to_usable.patch b/0005-alloc-util-Disallow-inlining-of-expand_to_usable.patch deleted file mode 100644 index 0ab4473..0000000 --- a/0005-alloc-util-Disallow-inlining-of-expand_to_usable.patch +++ /dev/null @@ -1,48 +0,0 @@ -From e998c9d7c1a52ab02ff6e9c363c1cfe0b76cd6f4 Mon Sep 17 00:00:00 2001 -From: Siddhesh Poyarekar -Date: Sat, 7 Jan 2023 19:30:32 -0500 -Subject: [PATCH 5/5] alloc-util: Disallow inlining of expand_to_usable - -Explicitly set __attribute__ ((noinline)) so that the compiler does not -attempt to inline expand_to_usable, even with LTO. - -(cherry picked from commit 4f79f545b3c46c358666c9f5f2b384fe50aac4b4) ---- - src/basic/alloc-util.h | 7 ++++--- - src/fundamental/macro-fundamental.h | 1 + - 2 files changed, 5 insertions(+), 3 deletions(-) - -diff --git a/src/basic/alloc-util.h b/src/basic/alloc-util.h -index eb53aae6f3..bf783b15a2 100644 ---- a/src/basic/alloc-util.h -+++ b/src/basic/alloc-util.h -@@ -186,10 +186,11 @@ void* greedy_realloc0(void **p, size_t need, size_t size); - #endif - - /* Dummy allocator to tell the compiler that the new size of p is newsize. The implementation returns the -- * pointer as is; the only reason for its existence is as a conduit for the _alloc_ attribute. This cannot be -- * a static inline because gcc then loses the attributes on the function. -+ * pointer as is; the only reason for its existence is as a conduit for the _alloc_ attribute. This must not -+ * be inlined (hence a non-static function with _noinline_ because LTO otherwise tries to inline it) because -+ * gcc then loses the attributes on the function. - * See: https://gcc.gnu.org/bugzilla/show_bug.cgi?id=96503 */ --void *expand_to_usable(void *p, size_t newsize) _alloc_(2) _returns_nonnull_; -+void *expand_to_usable(void *p, size_t newsize) _alloc_(2) _returns_nonnull_ _noinline_; - - static inline size_t malloc_sizeof_safe(void **xp) { - if (_unlikely_(!xp || !*xp)) -diff --git a/src/fundamental/macro-fundamental.h b/src/fundamental/macro-fundamental.h -index c11a5b15f4..e73174a593 100644 ---- a/src/fundamental/macro-fundamental.h -+++ b/src/fundamental/macro-fundamental.h -@@ -20,6 +20,7 @@ - #define _hidden_ __attribute__((__visibility__("hidden"))) - #define _likely_(x) (__builtin_expect(!!(x), 1)) - #define _malloc_ __attribute__((__malloc__)) -+#define _noinline_ __attribute__((noinline)) - #define _noreturn_ _Noreturn - #define _packed_ __attribute__((__packed__)) - #define _printf_(a, b) __attribute__((__format__(printf, a, b))) --- -2.39.1 - diff --git a/sources b/sources index 0a5683d..e950fbd 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -SHA512 (systemd-252.4.tar.gz) = 007165a6ca0563e2fc9834179d502d3d5497c9d1b93c92a009f31a2e0d4a0b154bfa57eaf52b0c94243e09123b8184036a69c145be6efaa4baaffe687c1fd28e +SHA512 (systemd-253-rc1.tar.gz) = aaf0a6bf21bbc50a42015c9cb17f69d1aaf6cab6cabfba5140a94212fb864e38d638dace9a70447f62b4d2a817a0d3bd6f4ae8d9b3c2e741cdeb1cb332f70b65 diff --git a/split-files.py b/split-files.py index 783a284..c936843 100644 --- a/split-files.py +++ b/split-files.py @@ -17,6 +17,7 @@ def files(root): o_libs = open('.file-list-libs', 'w') o_udev = open('.file-list-udev', 'w') +o_ukify = open('.file-list-ukify', 'w') o_boot = open('.file-list-boot', 'w') o_pam = open('.file-list-pam', 'w') o_rpm_macros = open('.file-list-rpm-macros', 'w') @@ -27,8 +28,10 @@ o_oomd_defaults = open('.file-list-oomd-defaults', 'w') o_remote = open('.file-list-remote', 'w') o_resolve = open('.file-list-resolve', 'w') o_tests = open('.file-list-tests', 'w') +o_standalone_repart = open('.file-list-standalone-repart', 'w') o_standalone_tmpfiles = open('.file-list-standalone-tmpfiles', 'w') o_standalone_sysusers = open('.file-list-standalone-sysusers', 'w') +o_standalone_shutdown = open('.file-list-standalone-shutdown', 'w') o_main = open('.file-list-main', 'w') for file in files(buildroot): n = file.path[1:] @@ -53,12 +56,27 @@ for file in files(buildroot): /var(/cache|/log|/lib|/run|)$ ''', n, re.X): continue - if '/security/pam_' in n or '/man8/pam_' in n: + + if n.endswith('.standalone'): + if 'repart' in n: + o = o_standalone_repart + elif 'tmpfiles' in n: + o = o_standalone_tmpfiles + elif 'sysusers' in n: + o = o_standalone_sysusers + elif 'shutdown' in n: + o = o_standalone_shutdown + else: + assert False, 'Found .standalone not belonging to known packages' + + elif '/security/pam_' in n or '/man8/pam_' in n: o = o_pam elif '/rpm/' in n: o = o_rpm_macros elif '/usr/lib/systemd/tests' in n: o = o_tests + elif 'ukify' in n: + o = o_ukify elif re.search(r'/libsystemd-(shared|core)-.*\.so$', n): o = o_main elif re.search(r'/libcryptsetup-token-systemd-.*\.so$', n): @@ -160,14 +178,6 @@ for file in files(buildroot): elif re.search(r'10-oomd-.*defaults.conf|lib/systemd/oomd.conf.d', n, re.X): o = o_oomd_defaults - elif n.endswith('.standalone'): - if 'tmpfiles' in n: - o = o_standalone_tmpfiles - elif 'sysusers' in n: - o = o_standalone_sysusers - else: - assert False, 'Found .standalone not belonging to known packages' - else: o = o_main diff --git a/systemd.spec b/systemd.spec index a48ae37..4d7ec7c 100644 --- a/systemd.spec +++ b/systemd.spec @@ -1,7 +1,7 @@ #global commit c4b843473a75fb38ed5bf54e9d3cfb1cb3719efa %{?commit:%global shortcommit %(c=%{commit}; echo ${c:0:7})} -%global stable 1 +#global stable 1 # We ship a .pc file but don't want to have a dep on pkg-config. We # strip the automatically generated dep here and instead co-own the @@ -30,7 +30,7 @@ Name: systemd Url: https://systemd.io %if %{without inplace} -Version: 252.4 +Version: 253~rc1 %else # determine the build information from local checkout Version: %(tools/meson-vcs-tag.sh . error | sed -r 's/-([0-9])/.^\1/; s/-g/_g/') @@ -88,15 +88,6 @@ GIT_DIR=../../src/systemd/.git git diffab -M v233..master@{2017-06-15} -- hwdb/[ # than in the next section. Packit CI will drop any patches in this range before # applying upstream pull requests. -Patch0001: 0001-pam-align-second-and-third-columns.patch -Patch0002: 0002-pam-add-a-call-to-pam_namespace.patch -Patch0003: 0003-pam-actually-align-the-columns.patch - -Patch0011: 0001-shared-install-Use-InstallChangeType-consistently.patch -Patch0012: 0002-journal-remote-code-is-of-type-enum-MHD_RequestTermi.patch -Patch0013: 0003-resolve-dns_server_feature_level_-_string-type-is-Dn.patch -Patch0014: 0004-Use-dummy-allocator-to-make-accesses-defined-as-per-.patch -Patch0015: 0005-alloc-util-Disallow-inlining-of-expand_to_usable.patch # Those are downstream-only patches, but we don't want them in packit builds: # https://bugzilla.redhat.com/show_bug.cgi?id=1738828 @@ -160,8 +151,13 @@ BuildRequires: gawk BuildRequires: tree BuildRequires: hostname BuildRequires: python3 -BuildRequires: python3dist(lxml) +BuildRequires: python3-devel BuildRequires: python3dist(jinja2) +BuildRequires: python3dist(lxml) +BuildRequires: python3dist(pefile) +BuildRequires: python3dist(pillow) +BuildRequires: python3dist(zstd) +# gzip and lzma are provided by the stdlib BuildRequires: firewalld-filesystem %if 0%{?have_gnu_efi} BuildRequires: gnu-efi gnu-efi-devel @@ -357,6 +353,16 @@ It also contains tools to manage encrypted home areas and secrets bound to the machine, and to create or grow partitions and make file systems automatically. %if 0%{?have_gnu_efi} +%package ukify +Summary: Tool to build Unified Kernel Images +Requires: %{name} = %{version}-%{release} +BuildArch: noarch + +%description ukify +This package provides ukify, a script that combines a kernel image, an initrd, +with a command line, and possibly PCR measurements and other metadata, into a +Unified Kernel Image (UKI). + %package boot-unsigned Summary: UEFI boot manager (unsigned version) @@ -458,25 +464,45 @@ License: LGPLv2+ "Installed tests" that are usually run as part of the build system. They can be useful to test systemd internals. +%package standalone-repart +Summary: Standalone systemd-repart binary for use on systems without systemd +Provides: %{name}-tmpfiles = %{version}-%{release} +RemovePathPostfixes: .standalone + +%description standalone-repart +Standalone systemd-repart binary with no dependencies on the systemd-shared library or +other libraries from systemd-libs. This package conflicts with the main systemd +package and is meant for use on systems without systemd. + %package standalone-tmpfiles -Summary: Standalone tmpfiles binary for use in non-systemd systems +Summary: Standalone systemd-tmpfiles binary for use on systems without systemd Provides: %{name}-tmpfiles = %{version}-%{release} RemovePathPostfixes: .standalone %description standalone-tmpfiles -Standalone tmpfiles binary with no dependencies on the systemd-shared library or +Standalone systemd-tmpfiles binary with no dependencies on the systemd-shared library or other libraries from systemd-libs. This package conflicts with the main systemd -package and is meant for use in non-systemd systems. +package and is meant for use on systems without systemd. %package standalone-sysusers -Summary: Standalone sysusers binary for use in non-systemd systems +Summary: Standalone systemd-sysusers binary for use on systems without systemd Provides: %{name}-sysusers = %{version}-%{release} RemovePathPostfixes: .standalone %description standalone-sysusers -Standalone sysusers binary with no dependencies on the systemd-shared library or +Standalone systemd-sysusers binary with no dependencies on the systemd-shared library or other libraries from systemd-libs. This package conflicts with the main systemd -package and is meant for use in non-systemd systems. +package and is meant for use on systems without systemd. + +%package standalone-shutdown +Summary: Standalone systemd-shutdown binary for use on systems without systemd +Provides: %{name}-sysusers = %{version}-%{release} +RemovePathPostfixes: .standalone + +%description standalone-shutdown +Standalone systemd-shutdown binary with no dependencies on the systemd-shared library or +other libraries from systemd-libs. This package conflicts with the main systemd +package and is meant for use in exitrds. %prep %autosetup -n %{?commit:%{name}%{?stable:-stable}-%{commit}}%{!?commit:%{name}%{?stable:-stable}-%{version_no_tilde}} -p1 @@ -1025,6 +1051,7 @@ fi %files udev -f .file-list-udev %if 0%{?have_gnu_efi} +%files ukify -f .file-list-ukify %files boot-unsigned -f .file-list-boot %endif @@ -1039,9 +1066,13 @@ fi %files tests -f .file-list-tests +%files standalone-repart -f .file-list-standalone-repart + %files standalone-tmpfiles -f .file-list-standalone-tmpfiles %files standalone-sysusers -f .file-list-standalone-sysusers +%files standalone-shutdown -f .file-list-standalone-shutdown + %changelog %autochangelog