Merge remote-tracking branch 'up/f38' into f38-riscv64
This commit is contained in:
commit
dd91b81685
46
26478.patch
46
26478.patch
|
|
@ -1,46 +0,0 @@
|
|||
From e7662d18a14588740c245d10027e2c42a0a21c0e Mon Sep 17 00:00:00 2001
|
||||
From: Yu Watanabe <watanabe.yu+github@gmail.com>
|
||||
Date: Sun, 19 Feb 2023 02:42:52 +0900
|
||||
Subject: [PATCH] core/manager: falling back to execute generators without
|
||||
sandboxing
|
||||
|
||||
When running in a container, like podman, docker or so, creating new mount
|
||||
namespace may be disabled.
|
||||
|
||||
Fixes #26474.
|
||||
Fixes RHBZ#2165004 (https://bugzilla.redhat.com/show_bug.cgi?id=2165004).
|
||||
---
|
||||
src/core/manager.c | 15 ++++++++++++++-
|
||||
1 file changed, 14 insertions(+), 1 deletion(-)
|
||||
|
||||
diff --git a/src/core/manager.c b/src/core/manager.c
|
||||
index 7b394794b0d4..380a4e30d7af 100644
|
||||
--- a/src/core/manager.c
|
||||
+++ b/src/core/manager.c
|
||||
@@ -3829,12 +3829,25 @@ static int manager_run_generators(Manager *m) {
|
||||
}
|
||||
|
||||
r = safe_fork("(sd-gens)",
|
||||
- FORK_RESET_SIGNALS | FORK_LOG | FORK_WAIT | FORK_NEW_MOUNTNS | FORK_MOUNTNS_SLAVE | FORK_PRIVATE_TMP,
|
||||
+ FORK_RESET_SIGNALS | FORK_WAIT | FORK_NEW_MOUNTNS | FORK_MOUNTNS_SLAVE | FORK_PRIVATE_TMP,
|
||||
NULL);
|
||||
if (r == 0) {
|
||||
r = manager_execute_generators(m, paths, /* remount_ro= */ true);
|
||||
_exit(r >= 0 ? EXIT_SUCCESS : EXIT_FAILURE);
|
||||
}
|
||||
+ if (r < 0) {
|
||||
+ if (!ERRNO_IS_PRIVILEGE(r)) {
|
||||
+ log_error_errno(r, "Failed to fork off sandboxing environment for executing generators: %m");
|
||||
+ goto finish;
|
||||
+ }
|
||||
+
|
||||
+ /* Failed to fork with new mount namespace? Maybe, running in a container environment with
|
||||
+ * seccomp or without capability. */
|
||||
+ log_debug_errno(r,
|
||||
+ "Failed to fork off sandboxing environment for executing generators. "
|
||||
+ "Falling back to execute generators without sandboxing: %m");
|
||||
+ r = manager_execute_generators(m, paths, /* remount_ro= */ false);
|
||||
+ }
|
||||
|
||||
finish:
|
||||
lookup_paths_trim_generator(&m->lookup_paths);
|
||||
2
sources
2
sources
|
|
@ -1 +1 @@
|
|||
SHA512 (systemd-253.tar.gz) = 3bbc431a292ab590b70d3b490a528f71d30ccf478ddfa66d1c210f40c260ef49ac30651c19f2d073acf38d68398a4a6fbf95391f0e3ea0333d94b9d4e81d514f
|
||||
SHA512 (systemd-253.2.tar.gz) = bfa8d232055603beb851156cc4dac3f8efa89da648114f97d0e62a4b9d3fda5ce6dd2358eb056c766d475c560645638ea8041794e03a7950613b791e69820280
|
||||
|
|
|
|||
|
|
@ -120,7 +120,6 @@ for file in files(buildroot):
|
|||
hwdb|
|
||||
bootctl|
|
||||
boot-update|
|
||||
sd-boot|systemd-boot\.|loader.conf|
|
||||
bless-boot|
|
||||
boot-system-token|
|
||||
kernel-install|
|
||||
|
|
@ -166,7 +165,10 @@ for file in files(buildroot):
|
|||
# confused if those user-facing binaries are not available.
|
||||
o = o_udev
|
||||
|
||||
elif re.search(r'''/boot/efi''', n, re.X):
|
||||
elif re.search(r'''/boot/efi|
|
||||
/usr/lib/systemd/boot|
|
||||
sd-boot|systemd-boot\.|loader.conf
|
||||
''', n, re.X):
|
||||
o = o_boot
|
||||
|
||||
elif re.search(r'''resolved|resolve1|
|
||||
|
|
|
|||
37
systemd.spec
37
systemd.spec
|
|
@ -1,8 +1,6 @@
|
|||
#global commit c4b843473a75fb38ed5bf54e9d3cfb1cb3719efa
|
||||
%{?commit:%global shortcommit %(c=%{commit}; echo ${c:0:7})}
|
||||
|
||||
#global stable 1
|
||||
|
||||
# We ship a .pc file but don't want to have a dep on pkg-config. We
|
||||
# strip the automatically generated dep here and instead co-own the
|
||||
# directory.
|
||||
|
|
@ -30,13 +28,15 @@
|
|||
Name: systemd
|
||||
Url: https://systemd.io
|
||||
%if %{without inplace}
|
||||
Version: 253
|
||||
Version: 253.2
|
||||
%else
|
||||
# determine the build information from local checkout
|
||||
Version: %(tools/meson-vcs-tag.sh . error | sed -r 's/-([0-9])/.^\1/; s/-g/_g/')
|
||||
%endif
|
||||
Release: %autorelease -e 0.riscv64
|
||||
|
||||
%global stable %(c="%version"; [ "$c" = "${c#*.*}" ]; echo $?)
|
||||
|
||||
# For a breakdown of the licensing, see README
|
||||
License: LGPL-2.1-or-later AND MIT AND GPL-2.0-or-later
|
||||
Summary: System and Service Manager
|
||||
|
|
@ -94,11 +94,8 @@ GIT_DIR=../../src/systemd/.git git diffab -M v233..master@{2017-06-15} -- hwdb/[
|
|||
|
||||
# https://github.com/systemd/systemd/issues/26488
|
||||
# https://bugzilla.redhat.com/show_bug.cgi?id=2164404
|
||||
Patch0001: https://patch-diff.githubusercontent.com/raw/systemd/systemd/pull/26494.patch
|
||||
Patch0001: https://github.com/systemd/systemd/pull/26494.patch
|
||||
|
||||
# https://github.com/systemd/systemd/issues/26474
|
||||
# https://bugzilla.redhat.com/show_bug.cgi?id=2165004
|
||||
Patch0002: https://patch-diff.githubusercontent.com/raw/systemd/systemd/pull/26478.patch
|
||||
|
||||
# Those are downstream-only patches, but we don't want them in packit builds:
|
||||
# https://bugzilla.redhat.com/show_bug.cgi?id=1738828
|
||||
|
|
@ -171,9 +168,6 @@ BuildRequires: python3dist(pytest)
|
|||
BuildRequires: python3dist(zstd)
|
||||
# gzip and lzma are provided by the stdlib
|
||||
BuildRequires: firewalld-filesystem
|
||||
%if 0%{?have_gnu_efi}
|
||||
BuildRequires: gnu-efi gnu-efi-devel
|
||||
%endif
|
||||
BuildRequires: libseccomp-devel
|
||||
BuildRequires: meson >= 0.43
|
||||
BuildRequires: gettext
|
||||
|
|
@ -265,7 +259,7 @@ utilities to control basic system configuration like the hostname, date, locale,
|
|||
maintain a list of logged-in users, system accounts, runtime directories and
|
||||
settings, and a logging daemons.
|
||||
%if 0%{?stable}
|
||||
This package was built from the %{version}-stable branch of systemd.
|
||||
This package was built from the %(c=%version; echo "v${c%.*}-stable") branch of systemd.
|
||||
%endif
|
||||
|
||||
%package libs
|
||||
|
|
@ -542,6 +536,16 @@ sed -r -i '/^enable systemd-boot-update.service/d' presets/90-systemd.preset
|
|||
|
||||
sed -r 's|/system/|/user/|g' %{SOURCE16} >10-timeout-abort.conf.user
|
||||
|
||||
%generate_buildrequires
|
||||
%if 0%{?have_gnu_efi}
|
||||
if grep -q gnu-efi meson_options.txt; then
|
||||
echo 'gnu-efi'
|
||||
echo 'gnu-efi-devel'
|
||||
else
|
||||
echo 'python3dist(pyelftools)'
|
||||
fi
|
||||
%endif
|
||||
|
||||
%build
|
||||
%global ntpvendor %(source /etc/os-release; echo ${ID})
|
||||
%{!?ntpvendor: echo 'NTP vendor zone is not set!'; exit 1}
|
||||
|
|
@ -590,7 +594,6 @@ CONFIGURE_OPTS=(
|
|||
-Dlibcurl=true
|
||||
-Dlibfido2=true
|
||||
-Defi=true
|
||||
-Dgnu-efi=%[%{?have_gnu_efi}?"true":"false"]
|
||||
-Dtpm=true
|
||||
-Dtpm2=true
|
||||
-Dhwdb=true
|
||||
|
|
@ -648,6 +651,15 @@ CONFIGURE_OPTS=(
|
|||
# -Dsystemd-timesync-uid=, not set yet
|
||||
)
|
||||
|
||||
if grep gnu-efi meson_options.txt; then
|
||||
CONFIGURE_OPTS+=( -Dgnu-efi=%[%{?have_gnu_efi}?"true":"false"] )
|
||||
else
|
||||
# For now, let's build the bootloader in the same places where we
|
||||
# built with gnu-efi. Later on, we might want to extend coverage, but
|
||||
# considering that that support is untested, let's not do this now.
|
||||
CONFIGURE_OPTS+=( -Dbootloader=%[%{?have_gnu_efi}?"true":"false"] )
|
||||
fi
|
||||
|
||||
%if %{without lto}
|
||||
%global _lto_cflags %nil
|
||||
%endif
|
||||
|
|
@ -758,7 +770,6 @@ install -D -t %{buildroot}/usr/lib/systemd/ %{SOURCE3}
|
|||
|
||||
# systemd-oomd default configuration
|
||||
install -Dm0644 -t %{buildroot}%{_prefix}/lib/systemd/oomd.conf.d/ %{SOURCE14}
|
||||
install -Dm0644 -t %{buildroot}%{system_unit_dir}/user-.slice.d/ %{SOURCE15}
|
||||
install -Dm0644 -t %{buildroot}%{system_unit_dir}/system.slice.d/ %{SOURCE15}
|
||||
install -Dm0644 -t %{buildroot}%{user_unit_dir}/slice.d/ %{SOURCE15}
|
||||
# https://fedoraproject.org/wiki/Changes/Shorter_Shutdown_Timer
|
||||
|
|
|
|||
Loading…
Reference in New Issue