Compare commits
No commits in common. "f38-riscv64" and "master" have entirely different histories.
f38-riscv6
...
master
|
@ -1,5 +1,4 @@
|
|||
*~
|
||||
/.mail.list
|
||||
/systemd-*/
|
||||
/.build-*.log
|
||||
/x86_64/
|
||||
|
|
|
@ -1,5 +0,0 @@
|
|||
- project:
|
||||
vars:
|
||||
install_repo_exclude:
|
||||
- systemd-standalone-tmpfiles
|
||||
- systemd-standalone-sysuser
|
|
@ -0,0 +1,70 @@
|
|||
From 2e9d763e7cbeb33954bbe3f96fd94de2cd62edf7 Mon Sep 17 00:00:00 2001
|
||||
From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= <zbyszek@in.waw.pl>
|
||||
Date: Thu, 12 Nov 2020 14:28:24 +0100
|
||||
Subject: [PATCH] test-path-util: do not fail if the fd_is_mount_point check
|
||||
fails
|
||||
|
||||
This test fails on i686 and ppc64le in koji:
|
||||
/* test_path */
|
||||
Assertion 'fd_is_mount_point(fd, "/", 0) > 0' failed at src/test/test-path-util.c:85, function test_path(). Aborting.
|
||||
|
||||
I guess some permission error is the most likely.
|
||||
---
|
||||
src/test/test-path-util.c | 23 +++++++++++++++++------
|
||||
1 file changed, 17 insertions(+), 6 deletions(-)
|
||||
|
||||
diff --git a/src/test/test-path-util.c b/src/test/test-path-util.c
|
||||
index f4f8d0550b..be428334f3 100644
|
||||
--- a/src/test/test-path-util.c
|
||||
+++ b/src/test/test-path-util.c
|
||||
@@ -40,8 +40,6 @@ static void test_path_simplify(const char *in, const char *out, const char *out_
|
||||
}
|
||||
|
||||
static void test_path(void) {
|
||||
- _cleanup_close_ int fd = -1;
|
||||
-
|
||||
log_info("/* %s */", __func__);
|
||||
|
||||
test_path_compare("/goo", "/goo", 0);
|
||||
@@ -80,10 +78,6 @@ static void test_path(void) {
|
||||
assert_se(streq(basename("/aa///file..."), "file..."));
|
||||
assert_se(streq(basename("file.../"), ""));
|
||||
|
||||
- fd = open("/", O_RDONLY|O_CLOEXEC|O_DIRECTORY|O_NOCTTY);
|
||||
- assert_se(fd >= 0);
|
||||
- assert_se(fd_is_mount_point(fd, "/", 0) > 0);
|
||||
-
|
||||
test_path_simplify("aaa/bbb////ccc", "aaa/bbb/ccc", "aaa/bbb/ccc");
|
||||
test_path_simplify("//aaa/.////ccc", "/aaa/./ccc", "/aaa/ccc");
|
||||
test_path_simplify("///", "/", "/");
|
||||
@@ -120,6 +114,22 @@ static void test_path(void) {
|
||||
assert_se(!path_equal_ptr(NULL, "/a"));
|
||||
}
|
||||
|
||||
+static void test_path_is_mountpoint(void) {
|
||||
+ _cleanup_close_ int fd = -1;
|
||||
+ int r;
|
||||
+
|
||||
+ log_info("/* %s */", __func__);
|
||||
+
|
||||
+ fd = open("/", O_RDONLY|O_CLOEXEC|O_DIRECTORY|O_NOCTTY);
|
||||
+ assert_se(fd >= 0);
|
||||
+
|
||||
+ r = fd_is_mount_point(fd, "/", 0);
|
||||
+ if (r < 0)
|
||||
+ log_warning_errno(r, "Failed to check if / is a mount point, ignoring: %m");
|
||||
+ else
|
||||
+ assert_se(r == 1);
|
||||
+}
|
||||
+
|
||||
static void test_path_equal_root(void) {
|
||||
/* Nail down the details of how path_equal("/", ...) works. */
|
||||
|
||||
@@ -714,6 +724,7 @@ int main(int argc, char **argv) {
|
||||
|
||||
test_print_paths();
|
||||
test_path();
|
||||
+ test_path_is_mountpoint();
|
||||
test_path_equal_root();
|
||||
test_find_executable_full();
|
||||
test_find_executable(argv[0]);
|
|
@ -0,0 +1,33 @@
|
|||
From e8bca4ba55f855260eda684a16e8feb5f20b1deb Mon Sep 17 00:00:00 2001
|
||||
From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= <zbyszek@in.waw.pl>
|
||||
Date: Thu, 12 Nov 2020 15:06:12 +0100
|
||||
Subject: [PATCH] test-path-util: ignore test failure
|
||||
|
||||
---
|
||||
src/test/test-path-util.c | 7 +++++--
|
||||
1 file changed, 5 insertions(+), 2 deletions(-)
|
||||
|
||||
diff --git a/src/test/test-path-util.c b/src/test/test-path-util.c
|
||||
index be428334f3..207c659b8b 100644
|
||||
--- a/src/test/test-path-util.c
|
||||
+++ b/src/test/test-path-util.c
|
||||
@@ -120,14 +120,17 @@ static void test_path_is_mountpoint(void) {
|
||||
|
||||
log_info("/* %s */", __func__);
|
||||
|
||||
+ (void) system("uname -a");
|
||||
+ (void) system("mountpoint /");
|
||||
+
|
||||
fd = open("/", O_RDONLY|O_CLOEXEC|O_DIRECTORY|O_NOCTTY);
|
||||
assert_se(fd >= 0);
|
||||
|
||||
r = fd_is_mount_point(fd, "/", 0);
|
||||
if (r < 0)
|
||||
log_warning_errno(r, "Failed to check if / is a mount point, ignoring: %m");
|
||||
- else
|
||||
- assert_se(r == 1);
|
||||
+ else if (r == 0)
|
||||
+ log_warning("/ is not a mountpoint?");
|
||||
}
|
||||
|
||||
static void test_path_equal_root(void) {
|
|
@ -1,2 +0,0 @@
|
|||
[OOM]
|
||||
DefaultMemoryPressureDurationSec=20s
|
|
@ -1,3 +0,0 @@
|
|||
[Slice]
|
||||
ManagedOOMMemoryPressure=kill
|
||||
ManagedOOMMemoryPressureLimit=80%
|
|
@ -1,14 +0,0 @@
|
|||
# This file is part of the systemd package.
|
||||
# See https://fedoraproject.org/wiki/Changes/Shorter_Shutdown_Timer.
|
||||
#
|
||||
# To facilitate debugging when a service fails to stop cleanly,
|
||||
# TimeoutStopFailureMode=abort is set to "crash" services that fail to stop in
|
||||
# the time allotted. This will cause the service to be terminated with SIGABRT
|
||||
# and a coredump to be generated.
|
||||
#
|
||||
# To undo this configuration change, create a mask file:
|
||||
# sudo mkdir -p /etc/systemd/system/service.d
|
||||
# sudo ln -sv /dev/null /etc/systemd/system/service.d/10-timeout-abort.conf
|
||||
|
||||
[Service]
|
||||
TimeoutStopFailureMode=abort
|
|
@ -0,0 +1,51 @@
|
|||
#!/bin/bash
|
||||
|
||||
if [[ ! -x /sbin/new-kernel-pkg ]]; then
|
||||
exit 0
|
||||
fi
|
||||
|
||||
COMMAND="$1"
|
||||
KERNEL_VERSION="$2"
|
||||
BOOT_DIR_ABS="$3"
|
||||
KERNEL_IMAGE="$4"
|
||||
|
||||
KERNEL_DIR="${KERNEL_IMAGE%/*}"
|
||||
[[ "$KERNEL_VERSION" == *\+* ]] && flavor=-"${KERNEL_VERSION##*+}"
|
||||
case "$COMMAND" in
|
||||
add)
|
||||
if [[ "${KERNEL_DIR}" != "/boot" ]]; then
|
||||
for i in \
|
||||
"$KERNEL_IMAGE" \
|
||||
"$KERNEL_DIR"/System.map \
|
||||
"$KERNEL_DIR"/config \
|
||||
"$KERNEL_DIR"/zImage.stub \
|
||||
"$KERNEL_DIR"/dtb \
|
||||
; do
|
||||
[[ -e "$i" ]] || continue
|
||||
cp -aT "$i" "/boot/${i##*/}-${KERNEL_VERSION}"
|
||||
command -v restorecon &>/dev/null && \
|
||||
restorecon -R "/boot/${i##*/}-${KERNEL_VERSION}"
|
||||
done
|
||||
# hmac is .vmlinuz-<version>.hmac so needs a special treatment
|
||||
i="$KERNEL_DIR/.${KERNEL_IMAGE##*/}.hmac"
|
||||
if [[ -e "$i" ]]; then
|
||||
cp -a "$i" "/boot/.${KERNEL_IMAGE##*/}-${KERNEL_VERSION}.hmac"
|
||||
command -v restorecon &>/dev/null && \
|
||||
restorecon "/boot/.${KERNEL_IMAGE##*/}-${KERNEL_VERSION}.hmac"
|
||||
fi
|
||||
fi
|
||||
/sbin/new-kernel-pkg --package "kernel${flavor}" --install "$KERNEL_VERSION" || exit $?
|
||||
/sbin/new-kernel-pkg --package "kernel${flavor}" --mkinitrd --dracut --depmod --update "$KERNEL_VERSION" || exit $?
|
||||
/sbin/new-kernel-pkg --package "kernel${flavor}" --rpmposttrans "$KERNEL_VERSION" || exit $?
|
||||
;;
|
||||
remove)
|
||||
/sbin/new-kernel-pkg --package "kernel${flavor+-$flavor}" --rminitrd --rmmoddep --remove "$KERNEL_VERSION" || exit $?
|
||||
;;
|
||||
*)
|
||||
;;
|
||||
esac
|
||||
|
||||
# skip other installation plugins, if we can't find a boot loader spec conforming setup
|
||||
if ! [[ -d /boot/loader/entries || -L /boot/loader/entries ]]; then
|
||||
exit 77
|
||||
fi
|
30
26494.patch
30
26494.patch
|
@ -1,30 +0,0 @@
|
|||
From 6b25470ee28843a49c50442e9d8a98edc842ceca Mon Sep 17 00:00:00 2001
|
||||
From: Yu Watanabe <watanabe.yu+github@gmail.com>
|
||||
Date: Mon, 20 Feb 2023 12:00:30 +0900
|
||||
Subject: [PATCH] core/manager: run generators directly when we are in initrd
|
||||
|
||||
Some initrd system write files at ourside of /run, /etc, or other
|
||||
allowed places. This is a kind of workaround, but in most cases, such
|
||||
sandboxing is not necessary as the filesystem is on ramfs when we are in
|
||||
initrd.
|
||||
|
||||
Fixes #26488.
|
||||
---
|
||||
src/core/manager.c | 4 ++--
|
||||
1 file changed, 2 insertions(+), 2 deletions(-)
|
||||
|
||||
diff --git a/src/core/manager.c b/src/core/manager.c
|
||||
index 7b394794b0d4..306477c6e6c2 100644
|
||||
--- a/src/core/manager.c
|
||||
+++ b/src/core/manager.c
|
||||
@@ -3822,8 +3822,8 @@ static int manager_run_generators(Manager *m) {
|
||||
/* If we are the system manager, we fork and invoke the generators in a sanitized mount namespace. If
|
||||
* we are the user manager, let's just execute the generators directly. We might not have the
|
||||
* necessary privileges, and the system manager has already mounted /tmp/ and everything else for us.
|
||||
- */
|
||||
- if (MANAGER_IS_USER(m)) {
|
||||
+ * If we are in initrd, let's also execute the generators directly, as we are in ramfs. */
|
||||
+ if (MANAGER_IS_USER(m) || in_initrd()) {
|
||||
r = manager_execute_generators(m, paths, /* remount_ro= */ false);
|
||||
goto finish;
|
||||
}
|
|
@ -1,56 +0,0 @@
|
|||
diff --git a/src/kernel-install/90-loaderentry.install.in b/src/kernel-install/90-loaderentry.install.in
|
||||
index e8e8cf3..8f13307 100755
|
||||
--- a/src/kernel-install/90-loaderentry.install.in
|
||||
+++ b/src/kernel-install/90-loaderentry.install.in
|
||||
@@ -115,6 +115,43 @@ install -m 0644 "$KERNEL_IMAGE" "$KERNEL_DEST" || {
|
||||
}
|
||||
chown root:root "$KERNEL_DEST" || :
|
||||
|
||||
+if [ -n "$KERNEL_INSTALL_CONF_ROOT" ]; then
|
||||
+ if [ -f "$KERNEL_INSTALL_CONF_ROOT/devicetree" ]; then
|
||||
+ read -r DEVICETREE <"$KERNEL_INSTALL_CONF_ROOT/devicetree"
|
||||
+ fi
|
||||
+elif [ -f /etc/kernel/devicetree ]; then
|
||||
+ read -r DEVICETREE </etc/kernel/devicetree
|
||||
+elif [ -f /usr/lib/kernel/devicetree ]; then
|
||||
+ read -r DEVICETREE </usr/lib/kernel/devicetree
|
||||
+fi
|
||||
+if [ -n "$DEVICETREE" ]; then
|
||||
+ for prefix in \
|
||||
+ "/boot/dtb-$KERNEL_VERSION" \
|
||||
+ "/boot/dtbs/$KERNEL_VERSION" \
|
||||
+ "/lib/firmware/$KERNEL_VERSION/device-tree" \
|
||||
+ "/lib/linux-image-$KERNEL_VERSION" \
|
||||
+ "/lib/modules/$KERNEL_VERSION/dtb"
|
||||
+ do
|
||||
+ [ -f "$prefix/$DEVICETREE" ] || continue
|
||||
+ DEVICETREE_SRC="$prefix/$DEVICETREE"
|
||||
+ break
|
||||
+ done
|
||||
+
|
||||
+ [ -n "$DEVICETREE_SRC" ] || {
|
||||
+ echo "Error: could not find device tree blob '$DEVICETREE'." >&2
|
||||
+ exit 1
|
||||
+ }
|
||||
+
|
||||
+ DEVICETREE_DEST="$ENTRY_DIR_ABS/${DEVICETREE##*/}"
|
||||
+ DEVICETREE_ENTRY="$ENTRY_DIR/${DEVICETREE##*/}"
|
||||
+
|
||||
+ install -m 0644 "$DEVICETREE_SRC" "$DEVICETREE_DEST" || {
|
||||
+ echo "Error: could not copy '$DEVICETREE_SRC' to '$DEVICETREE_DEST'." >&2
|
||||
+ exit 1
|
||||
+ }
|
||||
+ chown root:root "$DEVICETREE_DEST" || :
|
||||
+fi
|
||||
+
|
||||
shift "$INITRD_OPTIONS_SHIFT"
|
||||
# All files listed as arguments, and staged files starting with "initrd" are installed as initrds.
|
||||
for initrd in "$@" "${KERNEL_INSTALL_STAGING_AREA}"/initrd*; do
|
||||
@@ -151,6 +188,7 @@ mkdir -p "${LOADER_ENTRY%/*}" || {
|
||||
[ -n "$SORT_KEY" ] && echo "sort-key $SORT_KEY"
|
||||
echo "options $BOOT_OPTIONS"
|
||||
echo "linux $KERNEL_ENTRY"
|
||||
+ [ -n "$DEVICETREE_ENTRY" ] && echo "devicetree $DEVICETREE_ENTRY"
|
||||
|
||||
have_initrd=
|
||||
for initrd in "${@}" "${KERNEL_INSTALL_STAGING_AREA}"/initrd*; do
|
|
@ -1,20 +0,0 @@
|
|||
# SPDX-License-Identifier: MIT-0
|
||||
#
|
||||
# This config file is installed as part of systemd.
|
||||
# It may be freely copied and edited (following the MIT No Attribution license).
|
||||
#
|
||||
# To make local modifications, one of the following methods may be used:
|
||||
# 1. add a drop-in file that extends this file by creating the
|
||||
# /etc/systemd/network/98-default-mac-none.link.d/ directory and creating a
|
||||
# new .conf file there.
|
||||
# 2. copy this file into /etc/systemd/network or one of the other paths checked
|
||||
# by systemd-udevd and edit it there.
|
||||
# This file should not be edited in place, because it'll be overwritten on upgrades.
|
||||
|
||||
[Match]
|
||||
Kind=bridge bond team
|
||||
|
||||
[Link]
|
||||
NamePolicy=keep kernel database onboard slot path
|
||||
AlternativeNamesPolicy=database onboard slot path
|
||||
MACAddressPolicy=none
|
|
@ -1,14 +0,0 @@
|
|||
# Building systemd rpms for local development using rpmbuild --build-in-place
|
||||
|
||||
This approach is based on filbranden's [git-rpmbuild](https://github.com/filbranden/git-rpmbuild)
|
||||
and his [talk during ASG2019](https://www.youtube.com/watch?v=fVM1kJrymRM).
|
||||
|
||||
```
|
||||
git clone https://github.com/systemd/systemd
|
||||
fedpkg clone systemd fedora-systemd
|
||||
cd systemd
|
||||
rpmbuild -bb --build-in-place --noprep --define "_sourcedir $PWD/../fedora-systemd" --define "_rpmdir $PWD/rpms" --with inplace ../systemd.spec
|
||||
sudo dnf upgrade --setopt install_weak_deps=False rpms/*/*.rpm
|
||||
```
|
||||
|
||||
`--without lto` and `--without tests` may be useful to speed up the build.
|
|
@ -0,0 +1,129 @@
|
|||
From f58b96d3e8d1cb0dd3666bc74fa673918b586612 Mon Sep 17 00:00:00 2001
|
||||
From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= <zbyszek@in.waw.pl>
|
||||
Date: Mon, 14 Sep 2020 17:58:03 +0200
|
||||
Subject: [PATCH] test-mountpointutil-util: do not assert in test_mnt_id()
|
||||
|
||||
https://bugzilla.redhat.com/show_bug.cgi?id=1803070
|
||||
|
||||
I *think* this a kernel bug: the mnt_id as listed in /proc/self/mountinfo is different
|
||||
than the one we get from /proc/self/fdinfo/. This only matters when both statx and
|
||||
name_to_handle_at are unavailable and we hit the fallback path that goes through fdinfo:
|
||||
|
||||
(gdb) !uname -r
|
||||
5.6.19-200.fc31.ppc64le
|
||||
|
||||
(gdb) !cat /proc/self/mountinfo
|
||||
697 664 253:0 /var/lib/mock/fedora-31-ppc64le/root / rw,relatime shared:298 master:1 - xfs /dev/mapper/fedora_rh--power--vm14-root rw,seclabel,attr2,inode64,logbufs=8,logbsize=32k,noquota
|
||||
698 697 253:0 /var/cache/mock/fedora-31-ppc64le/yum_cache /var/cache/yum rw,relatime shared:299 master:1 - xfs /dev/mapper/fedora_rh--power--vm14-root rw,seclabel,attr2,inode64,logbufs=8,logbsize=32k,noquota
|
||||
699 697 253:0 /var/cache/mock/fedora-31-ppc64le/dnf_cache /var/cache/dnf rw,relatime shared:300 master:1 - xfs /dev/mapper/fedora_rh--power--vm14-root rw,seclabel,attr2,inode64,logbufs=8,logbsize=32k,noquota
|
||||
700 697 0:32 /mock-selinux-plugin.7me9bfpi /proc/filesystems rw,nosuid,nodev shared:301 master:18 - tmpfs tmpfs rw,seclabel <==========================================================
|
||||
701 697 0:41 / /sys ro,nosuid,nodev,noexec,relatime shared:302 - sysfs sysfs ro,seclabel
|
||||
702 701 0:21 / /sys/fs/selinux ro,nosuid,nodev,noexec,relatime shared:306 master:8 - selinuxfs selinuxfs rw
|
||||
703 697 0:42 / /dev rw,nosuid shared:303 - tmpfs tmpfs rw,seclabel,mode=755
|
||||
704 703 0:43 / /dev/shm rw,nosuid,nodev shared:304 - tmpfs tmpfs rw,seclabel
|
||||
705 703 0:45 / /dev/pts rw,nosuid,noexec,relatime shared:307 - devpts devpts rw,seclabel,gid=5,mode=620,ptmxmode=666
|
||||
706 703 0:6 /btrfs-control /dev/btrfs-control rw,nosuid shared:308 master:9 - devtmpfs devtmpfs rw,seclabel,size=4107840k,nr_inodes=64185,mode=755
|
||||
707 703 0:6 /loop-control /dev/loop-control rw,nosuid shared:309 master:9 - devtmpfs devtmpfs rw,seclabel,size=4107840k,nr_inodes=64185,mode=755
|
||||
708 703 0:6 /loop0 /dev/loop0 rw,nosuid shared:310 master:9 - devtmpfs devtmpfs rw,seclabel,size=4107840k,nr_inodes=64185,mode=755
|
||||
709 703 0:6 /loop1 /dev/loop1 rw,nosuid shared:311 master:9 - devtmpfs devtmpfs rw,seclabel,size=4107840k,nr_inodes=64185,mode=755
|
||||
710 703 0:6 /loop10 /dev/loop10 rw,nosuid shared:312 master:9 - devtmpfs devtmpfs rw,seclabel,size=4107840k,nr_inodes=64185,mode=755
|
||||
711 703 0:6 /loop11 /dev/loop11 rw,nosuid shared:313 master:9 - devtmpfs devtmpfs rw,seclabel,size=4107840k,nr_inodes=64185,mode=755
|
||||
712 703 0:6 /loop2 /dev/loop2 rw,nosuid shared:314 master:9 - devtmpfs devtmpfs rw,seclabel,size=4107840k,nr_inodes=64185,mode=755
|
||||
713 703 0:6 /loop3 /dev/loop3 rw,nosuid shared:315 master:9 - devtmpfs devtmpfs rw,seclabel,size=4107840k,nr_inodes=64185,mode=755
|
||||
714 703 0:6 /loop4 /dev/loop4 rw,nosuid shared:316 master:9 - devtmpfs devtmpfs rw,seclabel,size=4107840k,nr_inodes=64185,mode=755
|
||||
715 703 0:6 /loop5 /dev/loop5 rw,nosuid shared:317 master:9 - devtmpfs devtmpfs rw,seclabel,size=4107840k,nr_inodes=64185,mode=755
|
||||
716 703 0:6 /loop6 /dev/loop6 rw,nosuid shared:318 master:9 - devtmpfs devtmpfs rw,seclabel,size=4107840k,nr_inodes=64185,mode=755
|
||||
717 703 0:6 /loop7 /dev/loop7 rw,nosuid shared:319 master:9 - devtmpfs devtmpfs rw,seclabel,size=4107840k,nr_inodes=64185,mode=755
|
||||
718 703 0:6 /loop8 /dev/loop8 rw,nosuid shared:320 master:9 - devtmpfs devtmpfs rw,seclabel,size=4107840k,nr_inodes=64185,mode=755
|
||||
719 703 0:6 /loop9 /dev/loop9 rw,nosuid shared:321 master:9 - devtmpfs devtmpfs rw,seclabel,size=4107840k,nr_inodes=64185,mode=755
|
||||
720 697 0:44 / /run rw,nosuid,nodev shared:305 - tmpfs tmpfs rw,seclabel,mode=755
|
||||
721 720 0:25 /systemd/nspawn/propagate/9cc8a155d0244558b273f773d2b92142 /run/systemd/nspawn/incoming ro master:12 - tmpfs tmpfs rw,seclabel,mode=755
|
||||
722 697 0:32 /mock-resolv.dvml91hp /etc/resolv.conf rw,nosuid,nodev shared:322 master:18 - tmpfs tmpfs rw,seclabel
|
||||
725 697 0:47 / /proc rw,nosuid,nodev,noexec,relatime shared:323 - proc proc rw
|
||||
603 725 0:47 /sys /proc/sys ro,nosuid,nodev,noexec,relatime shared:323 - proc proc rw
|
||||
604 725 0:44 /systemd/inaccessible/reg /proc/kallsyms ro,nosuid,nodev,noexec shared:305 - tmpfs tmpfs rw,seclabel,mode=755
|
||||
605 725 0:44 /systemd/inaccessible/reg /proc/kcore ro,nosuid,nodev,noexec shared:305 - tmpfs tmpfs rw,seclabel,mode=755
|
||||
606 725 0:44 /systemd/inaccessible/reg /proc/keys ro,nosuid,nodev,noexec shared:305 - tmpfs tmpfs rw,seclabel,mode=755
|
||||
607 725 0:44 /systemd/inaccessible/reg /proc/sysrq-trigger ro,nosuid,nodev,noexec shared:305 - tmpfs tmpfs rw,seclabel,mode=755
|
||||
608 725 0:44 /systemd/inaccessible/reg /proc/timer_list ro,nosuid,nodev,noexec shared:305 - tmpfs tmpfs rw,seclabel,mode=755
|
||||
609 725 0:47 /bus /proc/bus ro,nosuid,nodev,noexec,relatime shared:323 - proc proc rw
|
||||
610 725 0:47 /fs /proc/fs ro,nosuid,nodev,noexec,relatime shared:323 - proc proc rw
|
||||
611 725 0:47 /irq /proc/irq ro,nosuid,nodev,noexec,relatime shared:323 - proc proc rw
|
||||
612 725 0:47 /scsi /proc/scsi ro,nosuid,nodev,noexec,relatime shared:323 - proc proc rw
|
||||
613 703 0:46 / /dev/mqueue rw,nosuid,nodev,noexec,relatime shared:324 - mqueue mqueue rw,seclabel
|
||||
614 701 0:26 / /sys/fs/cgroup rw,nosuid,nodev,noexec,relatime shared:325 - cgroup2 cgroup rw,seclabel,nsdelegate
|
||||
615 603 0:44 /.#proc-sys-kernel-random-boot-id4fbdce67af46d1c2//deleted /proc/sys/kernel/random/boot_id ro,nosuid,nodev,noexec shared:305 - tmpfs tmpfs rw,seclabel,mode=755
|
||||
616 725 0:44 /.#proc-sys-kernel-random-boot-id4fbdce67af46d1c2//deleted /proc/sys/kernel/random/boot_id rw,nosuid,nodev shared:305 - tmpfs tmpfs rw,seclabel,mode=755
|
||||
617 725 0:44 /.#proc-kmsg5b7a8bcfe6717139//deleted /proc/kmsg rw,nosuid,nodev shared:305 - tmpfs tmpfs rw,seclabel,mode=755
|
||||
|
||||
The test process does
|
||||
name_to_handle_at("/proc/filesystems") which returns -EOPNOTSUPP, and then
|
||||
openat(AT_FDCWD, "/proc/filesystems") which returns 4, and then
|
||||
read(open("/proc/self/fdinfo/4", ...)) which gives
|
||||
"pos:\t0\nflags:\t012100000\nmnt_id:\t725\n"
|
||||
|
||||
and the "725" is clearly inconsistent with "700" in /proc/self/mountinfo.
|
||||
|
||||
We could either drop the fallback path (and fail name_to_handle_at() is not
|
||||
avaliable) or ignore the error in the test. Not sure what is better. I think
|
||||
this issue only occurs sometimes and with older kernels, so probably continuing
|
||||
with the current flaky implementation is better than ripping out the fallback.
|
||||
|
||||
Another strace:
|
||||
writev(2</dev/pts/0>, [{iov_base="mnt ids of /proc/sys is 603", iov_len=27}, {iov_base="\n", iov_len=1}], 2mnt ids of /proc/sys is 603
|
||||
) = 28
|
||||
name_to_handle_at(AT_FDCWD, "/", {handle_bytes=128 => 12, handle_type=129, f_handle=0x52748401000000008b93e20d}, [697], 0) = 0
|
||||
writev(2</dev/pts/0>, [{iov_base="mnt ids of / is 697", iov_len=19}, {iov_base="\n", iov_len=1}], 2mnt ids of / is 697
|
||||
) = 20
|
||||
name_to_handle_at(AT_FDCWD, "/proc/kcore", {handle_bytes=128 => 12, handle_type=1, f_handle=0x92ddcfcd2e802d0100000000}, [605], 0) = 0
|
||||
writev(2</dev/pts/0>, [{iov_base="mnt ids of /proc/kcore is 605", iov_len=29}, {iov_base="\n", iov_len=1}], 2mnt ids of /proc/kcore is 605
|
||||
) = 30
|
||||
name_to_handle_at(AT_FDCWD, "/dev", {handle_bytes=128 => 12, handle_type=1, f_handle=0x8ae269160c802d0100000000}, [703], 0) = 0
|
||||
writev(2</dev/pts/0>, [{iov_base="mnt ids of /dev is 703", iov_len=22}, {iov_base="\n", iov_len=1}], 2mnt ids of /dev is 703
|
||||
) = 23
|
||||
name_to_handle_at(AT_FDCWD, "/proc/filesystems", {handle_bytes=128}, 0x7fffe36ddb84, 0) = -1 EOPNOTSUPP (Operation not supported)
|
||||
openat(AT_FDCWD, "/proc/filesystems", O_RDONLY|O_NOFOLLOW|O_CLOEXEC|O_PATH) = 4</proc/filesystems>
|
||||
openat(AT_FDCWD, "/proc/self/fdinfo/4", O_RDONLY|O_CLOEXEC) = 5</proc/20/fdinfo/4>
|
||||
fstat(5</proc/20/fdinfo/4>, {st_mode=S_IFREG|0400, st_size=0, ...}) = 0
|
||||
fstat(5</proc/20/fdinfo/4>, {st_mode=S_IFREG|0400, st_size=0, ...}) = 0
|
||||
read(5</proc/20/fdinfo/4>, "pos:\t0\nflags:\t012100000\nmnt_id:\t725\n", 2048) = 36
|
||||
read(5</proc/20/fdinfo/4>, "", 1024) = 0
|
||||
close(5</proc/20/fdinfo/4>) = 0
|
||||
close(4</proc/filesystems>) = 0
|
||||
writev(2</dev/pts/0>, [{iov_base="mnt ids of /proc/filesystems are 700, 725", iov_len=41}, {iov_base="\n", iov_len=1}], 2mnt ids of /proc/filesystems are 700, 725
|
||||
) = 42
|
||||
writev(2</dev/pts/0>, [{iov_base="the other path for mnt id 725 is /proc", iov_len=38}, {iov_base="\n", iov_len=1}], 2the other path for mnt id 725 is /proc
|
||||
) = 39
|
||||
writev(2</dev/pts/0>, [{iov_base="Assertion 'path_equal(p, t)' failed at src/test/test-mountpoint-util.c:94, function test_mnt_id(). Aborting.", iov_len=108}, {iov_base="\n", iov_len=1}], 2Assertion 'path_equal(p, t)' failed at src/test/test-mountpoint-util.c:94, function test_mnt_id(). Aborting.
|
||||
) = 109
|
||||
rt_sigprocmask(SIG_UNBLOCK, [ABRT], NULL, 8) = 0
|
||||
rt_sigprocmask(SIG_BLOCK, ~[RTMIN RT_1], [], 8) = 0
|
||||
getpid() = 20
|
||||
gettid() = 20
|
||||
tgkill(20, 20, SIGABRT) = 0
|
||||
rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
|
||||
--- SIGABRT {si_signo=SIGABRT, si_code=SI_TKILL, si_pid=20, si_uid=0} ---
|
||||
+++ killed by SIGABRT (core dumped) +++
|
||||
---
|
||||
src/test/test-mountpoint-util.c | 8 ++++++--
|
||||
1 file changed, 6 insertions(+), 2 deletions(-)
|
||||
|
||||
diff --git a/src/test/test-mountpoint-util.c b/src/test/test-mountpoint-util.c
|
||||
index 30b00ae4d8b..ffe5144b04a 100644
|
||||
--- a/src/test/test-mountpoint-util.c
|
||||
+++ b/src/test/test-mountpoint-util.c
|
||||
@@ -89,8 +89,12 @@ static void test_mnt_id(void) {
|
||||
/* The ids don't match? If so, then there are two mounts on the same path, let's check if
|
||||
* that's really the case */
|
||||
char *t = hashmap_get(h, INT_TO_PTR(mnt_id2));
|
||||
- log_debug("the other path for mnt id %i is %s\n", mnt_id2, t);
|
||||
- assert_se(path_equal(p, t));
|
||||
+ log_debug("Path for mnt id %i from /proc/self/mountinfo is %s\n", mnt_id2, t);
|
||||
+
|
||||
+ if (!path_equal(p, t))
|
||||
+ /* Apparent kernel bug in /proc/self/fdinfo */
|
||||
+ log_warning("Bad mount id given for %s: %d, should be %d",
|
||||
+ p, mnt_id2, mnt_id);
|
||||
}
|
||||
}
|
||||
|
|
@ -1,31 +0,0 @@
|
|||
From 4e6479054ae2090b99a50d6ae954d22efc8340a0 Mon Sep 17 00:00:00 2001
|
||||
From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= <zbyszek@in.waw.pl>
|
||||
Date: Wed, 14 Dec 2022 22:24:53 +0100
|
||||
Subject: [PATCH 4/4] fedora: use system-auth in pam systemd-user
|
||||
|
||||
---
|
||||
src/login/systemd-user.in | 4 ++--
|
||||
1 file changed, 2 insertions(+), 2 deletions(-)
|
||||
|
||||
diff --git a/src/login/systemd-user.in b/src/login/systemd-user.in
|
||||
index 9a665bd959..703a4b3174 100644
|
||||
--- a/src/login/systemd-user.in
|
||||
+++ b/src/login/systemd-user.in
|
||||
@@ -7,7 +7,7 @@
|
||||
-account sufficient pam_systemd_home.so
|
||||
{% endif %}
|
||||
account sufficient pam_unix.so no_pass_expiry
|
||||
-account required pam_permit.so
|
||||
+account include system-auth
|
||||
|
||||
{% if HAVE_SELINUX %}
|
||||
session required pam_selinux.so close
|
||||
@@ -19,4 +19,4 @@ session required pam_namespace.so
|
||||
{% if ENABLE_HOMED %}
|
||||
-session optional pam_systemd_home.so
|
||||
{% endif %}
|
||||
-session optional pam_systemd.so
|
||||
+session include system-auth
|
||||
--
|
||||
2.38.1
|
||||
|
|
@ -1,3 +1,3 @@
|
|||
[suppress_file]
|
||||
# Those shared objects are private to systemd
|
||||
file_name_regexp=libsystemd-(shared|core)-.*.so
|
||||
# This shared object is private to systemd
|
||||
file_name_regexp=libsystemd-shared-.*.so
|
||||
|
|
|
@ -1,53 +0,0 @@
|
|||
#!/bin/bash
|
||||
set -e
|
||||
|
||||
verb="$1"
|
||||
|
||||
[ "$verb" = "-s" ] && do_send=1 || do_send=
|
||||
|
||||
[ -n "$do_send" ] && [ -z "$server" -o -z "login" ] && { echo '$server and $login need to be set'; exit 1; }
|
||||
|
||||
header=
|
||||
from=systemd-maint@fedoraproject.org
|
||||
time='2 years ago'
|
||||
# time='1 day ago'
|
||||
port=587
|
||||
|
||||
for user in "$@"; do
|
||||
echo "checking $user…"
|
||||
|
||||
p=$(git log -1 --all --author "$user")
|
||||
if [ -z "$p" ]; then
|
||||
echo "No commits from $user, check spelling"
|
||||
exit 1
|
||||
fi
|
||||
|
||||
t=$(git shortlog --all --author "$user" --since "@{$time}" | wc -l)
|
||||
if [ $t != 0 ]; then
|
||||
echo "$t commits in the last two years, OK"
|
||||
echo
|
||||
continue
|
||||
fi
|
||||
|
||||
echo "$p" | head -n6
|
||||
echo ".. adding to list"
|
||||
|
||||
if [ -z "$header" ]; then
|
||||
echo '$USER$;$EMAIL$' >.mail.list
|
||||
header=done
|
||||
fi
|
||||
|
||||
echo "$user;$user@fedoraproject.org" >>.mail.list
|
||||
echo
|
||||
done
|
||||
|
||||
[ -z "$header" ] && exit 0
|
||||
[ -n "$do_send" ] || exit 0
|
||||
|
||||
echo "Sending mails…"
|
||||
set -x
|
||||
massmail -F "$from" \
|
||||
-C "$from" \
|
||||
-S 'write access to the fedora systemd package' \
|
||||
-z "$server" -u "$login" -P "$port" \
|
||||
.mail.list <owner-check.template
|
|
@ -1,20 +0,0 @@
|
|||
Dear $USER$,
|
||||
|
||||
the automation to check activity in the systemd dist-git repo [1]
|
||||
determined that you haven't done any commits in the last two years.
|
||||
|
||||
To decrease the potential for unauthorized access, such checks will be
|
||||
executed periodically. Not-used accounts with write access to the repo
|
||||
will be downgraded to "ticket" (no write privileges).
|
||||
|
||||
If you want to retain access, please reply to this mail.
|
||||
Otherwise, in two weeks, your access mode will be changed to "ticket".
|
||||
Even without write access, anyone can open a pull request in pagure,
|
||||
so write access is not necessary to contribute to the package.
|
||||
Obviously such changes not permanent, so even if your access mode is
|
||||
downgraded, it can easily be restored later on.
|
||||
|
||||
Yours friendly,
|
||||
./owner-check.sh
|
||||
|
||||
[1] https://src.fedoraproject.org/rpms/systemd
|
|
@ -1,13 +0,0 @@
|
|||
# Disable badfuncs check that has tons of false positives.
|
||||
badfuncs:
|
||||
exclude_path: .*
|
||||
|
||||
# don't report changed content of compiled files
|
||||
# that is expected with every update
|
||||
changedfiles:
|
||||
exclude_path: .*
|
||||
|
||||
# completely disabled inspections:
|
||||
inspections:
|
||||
# we know about our patches, no need to report anything
|
||||
patches: off
|
2
sources
2
sources
|
@ -1 +1 @@
|
|||
SHA512 (systemd-253.9.tar.gz) = 69ef361ea8aae8da0ce909461379219a1a9034940df32f04c5bb9185cbb829ea54b3438cc06eb76ad58d9edf06d16a891ca6a1c901e7ebfc62087a9cd0997df8
|
||||
SHA512 (systemd-247.1.tar.gz) = 2a737afcee4409c2be073d8cb650c3465a25c101b3c3072ea6e6a0614d06e3ed7ae55c84f9ae60555915ad1480b3a13aa72fef4b9210139afe6b0d7a7629385a
|
||||
|
|
|
@ -17,22 +17,16 @@ def files(root):
|
|||
|
||||
o_libs = open('.file-list-libs', 'w')
|
||||
o_udev = open('.file-list-udev', 'w')
|
||||
o_ukify = open('.file-list-ukify', 'w')
|
||||
o_boot = open('.file-list-boot', 'w')
|
||||
o_pam = open('.file-list-pam', 'w')
|
||||
o_rpm_macros = open('.file-list-rpm-macros', 'w')
|
||||
o_devel = open('.file-list-devel', 'w')
|
||||
o_container = open('.file-list-container', 'w')
|
||||
o_networkd = open('.file-list-networkd', 'w')
|
||||
o_oomd_defaults = open('.file-list-oomd-defaults', 'w')
|
||||
o_remote = open('.file-list-remote', 'w')
|
||||
o_resolve = open('.file-list-resolve', 'w')
|
||||
o_tests = open('.file-list-tests', 'w')
|
||||
o_standalone_repart = open('.file-list-standalone-repart', 'w')
|
||||
o_standalone_tmpfiles = open('.file-list-standalone-tmpfiles', 'w')
|
||||
o_standalone_sysusers = open('.file-list-standalone-sysusers', 'w')
|
||||
o_standalone_shutdown = open('.file-list-standalone-shutdown', 'w')
|
||||
o_main = open('.file-list-main', 'w')
|
||||
o_rest = open('.file-list-rest', 'w')
|
||||
for file in files(buildroot):
|
||||
n = file.path[1:]
|
||||
if re.match(r'''/usr/(share|include)$|
|
||||
|
@ -56,32 +50,13 @@ for file in files(buildroot):
|
|||
/var(/cache|/log|/lib|/run|)$
|
||||
''', n, re.X):
|
||||
continue
|
||||
|
||||
if n.endswith('.standalone'):
|
||||
if 'repart' in n:
|
||||
o = o_standalone_repart
|
||||
elif 'tmpfiles' in n:
|
||||
o = o_standalone_tmpfiles
|
||||
elif 'sysusers' in n:
|
||||
o = o_standalone_sysusers
|
||||
elif 'shutdown' in n:
|
||||
o = o_standalone_shutdown
|
||||
else:
|
||||
assert False, 'Found .standalone not belonging to known packages'
|
||||
|
||||
elif '/security/pam_' in n or '/man8/pam_' in n:
|
||||
if '/security/pam_' in n or '/man8/pam_' in n:
|
||||
o = o_pam
|
||||
elif '/rpm/' in n:
|
||||
o = o_rpm_macros
|
||||
elif '/usr/lib/systemd/tests' in n:
|
||||
o = o_tests
|
||||
elif 'ukify' in n:
|
||||
o = o_ukify
|
||||
elif re.search(r'/libsystemd-(shared|core)-.*\.so$', n):
|
||||
o = o_main
|
||||
elif re.search(r'/libcryptsetup-token-systemd-.*\.so$', n):
|
||||
o = o_udev
|
||||
elif re.search(r'/lib.*\.pc|/man3/|/usr/include|\.so$', n):
|
||||
elif re.search(r'/lib.*\.pc|/man3/|/usr/include|(?<!/libsystemd-shared-...).so$', n):
|
||||
o = o_devel
|
||||
elif re.search(r'''journal-(remote|gateway|upload)|
|
||||
systemd-remote\.conf|
|
||||
|
@ -89,7 +64,6 @@ for file in files(buildroot):
|
|||
/var/log/journal/remote
|
||||
''', n, re.X):
|
||||
o = o_remote
|
||||
|
||||
elif re.search(r'''mymachines|
|
||||
machinectl|
|
||||
systemd-nspawn|
|
||||
|
@ -101,25 +75,18 @@ for file in files(buildroot):
|
|||
org.freedesktop.(import|machine)1
|
||||
''', n, re.X):
|
||||
o = o_container
|
||||
|
||||
elif re.search(r'''/usr/lib/systemd/network/80-|
|
||||
networkd|
|
||||
networkctl|
|
||||
org.freedesktop.network1|
|
||||
sysusers\.d/systemd-network.conf|
|
||||
tmpfiles\.d/systemd-network.conf|
|
||||
systemd\.network|
|
||||
systemd\.netdev
|
||||
org.freedesktop.network1
|
||||
''', n, re.X):
|
||||
o = o_networkd
|
||||
|
||||
elif '.so.' in n:
|
||||
o = o_libs
|
||||
|
||||
elif re.search(r'''udev(?!\.pc)|
|
||||
hwdb|
|
||||
bootctl|
|
||||
boot-update|
|
||||
sd-boot|systemd-boot\.|loader.conf|
|
||||
bless-boot|
|
||||
boot-system-token|
|
||||
kernel-install|
|
||||
|
@ -129,60 +96,36 @@ for file in files(buildroot):
|
|||
random-seed|
|
||||
modules-load|
|
||||
timesync|
|
||||
crypttab|
|
||||
cryptenroll|
|
||||
cryptsetup|
|
||||
kmod|
|
||||
quota|
|
||||
pstore|
|
||||
sleep|suspend|hibernate|
|
||||
systemd-tmpfiles-setup-dev|
|
||||
network/98-default-mac-none.link|
|
||||
network/99-default.link|
|
||||
growfs|makefs|makeswap|mkswap|
|
||||
fsck|
|
||||
repart|
|
||||
gpt-auto|
|
||||
volatile-root|
|
||||
veritysetup|
|
||||
integritysetup|
|
||||
integritytab|
|
||||
verity-setup|
|
||||
remount-fs|
|
||||
/initrd|
|
||||
systemd-pcrphase|
|
||||
systemd-measure|
|
||||
/boot$|
|
||||
/boot/efi|
|
||||
/kernel/|
|
||||
/kernel$|
|
||||
/modprobe.d|
|
||||
binfmt|
|
||||
sysctl|
|
||||
coredump|
|
||||
homed|home1|
|
||||
portabled|portable1
|
||||
''', n, re.X): # coredumpctl, homectl, portablectl are included in the main package because
|
||||
# they can be used to interact with remote daemons. Also, the user could be
|
||||
# confused if those user-facing binaries are not available.
|
||||
o = o_udev
|
||||
|
||||
elif re.search(r'''/boot/efi|
|
||||
/usr/lib/systemd/boot|
|
||||
sd-boot|systemd-boot\.|loader.conf
|
||||
/modprobe.d
|
||||
''', n, re.X):
|
||||
o = o_boot
|
||||
|
||||
elif re.search(r'''resolved|resolve1|
|
||||
systemd-resolve|
|
||||
resolvconf|
|
||||
systemd\.(positive|negative)
|
||||
''', n, re.X): # resolvectl and nss-resolve are in the main package.
|
||||
o = o_resolve
|
||||
|
||||
elif re.search(r'10-oomd-.*defaults.conf|lib/systemd/oomd.conf.d', n, re.X):
|
||||
o = o_oomd_defaults
|
||||
|
||||
o = o_udev
|
||||
elif n.endswith('.standalone'):
|
||||
if 'tmpfiles' in n:
|
||||
o = o_standalone_tmpfiles
|
||||
elif 'sysusers' in n:
|
||||
o = o_standalone_sysusers
|
||||
else:
|
||||
assert False, 'Found .standalone not belonging to known packages'
|
||||
else:
|
||||
o = o_main
|
||||
o = o_rest
|
||||
|
||||
if n in known_files:
|
||||
prefix = ' '.join(known_files[n].split()[:-1])
|
||||
|
@ -190,8 +133,6 @@ for file in files(buildroot):
|
|||
prefix += ' '
|
||||
elif file.is_dir() and not file.is_symlink():
|
||||
prefix = '%dir '
|
||||
elif 'README' in n:
|
||||
prefix = '%doc '
|
||||
elif n.startswith('/etc'):
|
||||
prefix = '%config(noreplace) '
|
||||
else:
|
||||
|
|
|
@ -0,0 +1,10 @@
|
|||
# This file is part of systemd.
|
||||
#
|
||||
# Used by systemd --user instances.
|
||||
|
||||
account include system-auth
|
||||
|
||||
session required pam_selinux.so close
|
||||
session required pam_selinux.so nottys open
|
||||
session required pam_loginuid.so
|
||||
session include system-auth
|
2931
systemd.spec
2931
systemd.spec
File diff suppressed because it is too large
Load Diff
|
@ -1,96 +1,79 @@
|
|||
#!/bin/bash
|
||||
# -*- mode: shell-script; indent-tabs-mode: true; tab-width: 4; -*-
|
||||
|
||||
# This script turns sysuser.d files into scriptlets mandated by Fedora
|
||||
# packaging guidelines. The general idea is to define users using the
|
||||
# declarative syntax but to turn this into traditional scriptlets.
|
||||
|
||||
user() {
|
||||
user="$1"
|
||||
uid="$2"
|
||||
desc="$3"
|
||||
group="$4"
|
||||
home="$5"
|
||||
shell="$6"
|
||||
user="$1"
|
||||
uid="$2"
|
||||
desc="$3"
|
||||
group="$4"
|
||||
home="$5"
|
||||
shell="$6"
|
||||
|
||||
[ "$desc" = '-' ] && desc=
|
||||
{ [ "$home" = '-' ] || [ "$home" = '' ]; } && home=/
|
||||
{ [ "$shell" = '-' ] || [ "$shell" = '' ]; } && shell=/usr/sbin/nologin
|
||||
[ "$desc" = '-' ] && desc=
|
||||
[ "$home" = '-' -o "$home" = '' ] && home=/
|
||||
[ "$shell" = '-' -o "$shell" = '' ] && shell=/sbin/nologin
|
||||
|
||||
if [ "$uid" = '-' ] || [ "$uid" = '' ]; then
|
||||
cat <<-EOF
|
||||
getent passwd '$user' >/dev/null || \\
|
||||
useradd -r -g ${group@Q} -d ${home@Q} -s ${shell@Q} -c ${desc@Q} ${user@Q} || :
|
||||
EOF
|
||||
else
|
||||
cat <<-EOF
|
||||
if ! getent passwd ${user@Q} >/dev/null; then
|
||||
if ! getent passwd ${uid@Q} >/dev/null; then
|
||||
useradd -r -u ${uid@Q} -g ${group@Q} -d ${home@Q} -s ${shell@Q} -c ${desc@Q} ${user@Q} || :
|
||||
else
|
||||
useradd -r -g ${group@Q} -d ${home@Q} -s ${shell@Q} -c ${desc@Q} ${user@Q} || :
|
||||
fi
|
||||
fi
|
||||
if [ "$uid" = '-' -o "$uid" = '' ]; then
|
||||
cat <<EOF
|
||||
getent passwd '$user' >/dev/null || \\
|
||||
useradd -r -g '$group' -d '$home' -s '$shell' -c '$desc' '$user'
|
||||
EOF
|
||||
else
|
||||
cat <<EOF
|
||||
if ! getent passwd '$user' >/dev/null ; then
|
||||
if ! getent passwd '$uid' >/dev/null ; then
|
||||
useradd -r -u '$uid' -g '$group' -d '$home' -s /sbin/nologin -c '$desc' '$user'
|
||||
else
|
||||
useradd -r -g '$group' -d '$home' -s /sbin/nologin -c '$desc' '$user'
|
||||
fi
|
||||
fi
|
||||
|
||||
EOF
|
||||
fi
|
||||
EOF
|
||||
fi
|
||||
}
|
||||
|
||||
group() {
|
||||
group="$1"
|
||||
gid="$2"
|
||||
|
||||
if [ "$gid" = '-' ]; then
|
||||
cat <<-EOF
|
||||
getent group ${group@Q} >/dev/null || groupadd -r ${group@Q} || :
|
||||
EOF
|
||||
else
|
||||
cat <<-EOF
|
||||
getent group ${group@Q} >/dev/null || groupadd -f -g ${gid@Q} -r ${group@Q} || :
|
||||
EOF
|
||||
fi
|
||||
}
|
||||
|
||||
usermod() {
|
||||
user="$1"
|
||||
group="$2"
|
||||
|
||||
cat <<-EOF
|
||||
if getent group ${group@Q} >/dev/null; then
|
||||
usermod -a -G ${group@Q} '$user' || :
|
||||
fi
|
||||
EOF
|
||||
group="$1"
|
||||
gid="$2"
|
||||
if [ "$gid" = '-' ]; then
|
||||
cat <<EOF
|
||||
getent group '$group' >/dev/null || groupadd -r '$group'
|
||||
EOF
|
||||
else
|
||||
cat <<EOF
|
||||
getent group '$group' >/dev/null || groupadd -f -g '$gid' -r '$group'
|
||||
EOF
|
||||
fi
|
||||
}
|
||||
|
||||
parse() {
|
||||
while read -r line || [ -n "$line" ] ; do
|
||||
{ [ "${line:0:1}" = '#' ] || [ "${line:0:1}" = ';' ]; } && continue
|
||||
line="${line## *}"
|
||||
[ -z "$line" ] && continue
|
||||
eval "arr=( $line )"
|
||||
case "${arr[0]}" in
|
||||
('u')
|
||||
if [[ "${arr[2]}" == *":"* ]]; then
|
||||
user "${arr[1]}" "${arr[2]%:*}" "${arr[3]}" "${arr[2]#*:}" "${arr[4]}" "${arr[5]}"
|
||||
else
|
||||
group "${arr[1]}" "${arr[2]}"
|
||||
user "${arr[1]}" "${arr[2]}" "${arr[3]}" "${arr[1]}" "${arr[4]}" "${arr[5]}"
|
||||
fi
|
||||
;;
|
||||
('g')
|
||||
group "${arr[1]}" "${arr[2]}"
|
||||
;;
|
||||
('m')
|
||||
group "${arr[2]}" "-"
|
||||
user "${arr[1]}" "-" "" "${arr[1]}" "" ""
|
||||
usermod "${arr[1]}" "${arr[2]}"
|
||||
;;
|
||||
esac
|
||||
done
|
||||
while read line || [ "$line" ]; do
|
||||
[ "${line:0:1}" = '#' -o "${line:0:1}" = ';' ] && continue
|
||||
line="${line## *}"
|
||||
[ -z "$line" ] && continue
|
||||
eval arr=( $line )
|
||||
case "${arr[0]}" in
|
||||
('u')
|
||||
group "${arr[1]}" "${arr[2]}"
|
||||
user "${arr[1]}" "${arr[2]}" "${arr[3]}" "${arr[1]}" "${arr[4]}" "${arr[5]}"
|
||||
# TODO: user:group support
|
||||
;;
|
||||
('g')
|
||||
group "${arr[1]}" "${arr[2]}"
|
||||
;;
|
||||
('m')
|
||||
group "${arr[2]}" "-"
|
||||
user "${arr[1]}" "-" "" "${arr[2]}"
|
||||
;;
|
||||
esac
|
||||
done
|
||||
}
|
||||
|
||||
for fn in "$@"; do
|
||||
[ -e "$fn" ] || continue
|
||||
echo "# generated from $(basename "$fn")"
|
||||
parse <"$fn"
|
||||
[ -e "$fn" ] || continue
|
||||
echo "# generated from $(basename $fn)"
|
||||
parse < "$fn"
|
||||
done
|
||||
|
|
|
@ -1,40 +1,5 @@
|
|||
#!/bin/bash
|
||||
|
||||
process_u() {
|
||||
if [ ! -z "${2##*[!0-9]*}" ]; then
|
||||
# Single shared static ID.
|
||||
echo "user($1) = $2"
|
||||
echo "group($1) = $2"
|
||||
elif [[ $2 == *:* ]]; then
|
||||
# UID:<group>.
|
||||
uid=$(echo $2 | cut -d':' -f1 -)
|
||||
group=$(echo $2 | cut -d':' -f2 -)
|
||||
if [ ! -z "${group##*[!0-9]*}" ]; then
|
||||
# UID:GID.
|
||||
echo "user($1) = ${uid}"
|
||||
echo "group($1) = ${group}"
|
||||
else
|
||||
# UID:<groupname>.
|
||||
echo "user($1) = ${uid}"
|
||||
echo "group(${group})"
|
||||
fi
|
||||
else
|
||||
# Dynamic (or something else uninteresting).
|
||||
echo "user($1)"
|
||||
echo "group($1)"
|
||||
fi
|
||||
}
|
||||
|
||||
process_g() {
|
||||
if [ ! -z "${2##*[!0-9]*}" ]; then
|
||||
# Static GID.
|
||||
echo "group($1) = $2"
|
||||
else
|
||||
# Dynamic (or something else uninteresting).
|
||||
echo "group($1)"
|
||||
fi
|
||||
}
|
||||
|
||||
parse() {
|
||||
while read line; do
|
||||
[ "${line:0:1}" = '#' -o "${line:0:1}" = ';' ] && continue
|
||||
|
@ -43,10 +8,12 @@ parse() {
|
|||
set -- $line
|
||||
case "$1" in
|
||||
('u')
|
||||
process_u "$2" "$3"
|
||||
echo "user($2)"
|
||||
echo "group($2)"
|
||||
# TODO: user:group support
|
||||
;;
|
||||
('g')
|
||||
process_g "$2" "$3"
|
||||
echo "group($2)"
|
||||
;;
|
||||
('m')
|
||||
echo "user($2)"
|
||||
|
|
130
triggers.systemd
130
triggers.systemd
|
@ -1,99 +1,111 @@
|
|||
# -*- Mode: rpm-spec; indent-tabs-mode: nil -*- */
|
||||
# SPDX-License-Identifier: LGPL-2.1-or-later
|
||||
# SPDX-License-Identifier: LGPL-2.1+
|
||||
#
|
||||
# This file is part of systemd.
|
||||
#
|
||||
# Copyright 2015 Zbigniew Jędrzejewski-Szmek
|
||||
# Copyright 2018 Neal Gompa
|
||||
#
|
||||
# systemd is free software; you can redistribute it and/or modify it
|
||||
# under the terms of the GNU Lesser General Public License as published by
|
||||
# the Free Software Foundation; either version 2.1 of the License, or
|
||||
# (at your option) any later version.
|
||||
#
|
||||
# systemd is distributed in the hope that it will be useful, but
|
||||
# WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
||||
# Lesser General Public License for more details.
|
||||
#
|
||||
# You should have received a copy of the GNU Lesser General Public License
|
||||
# along with systemd; If not, see <http://www.gnu.org/licenses/>.
|
||||
|
||||
# The contents of this are an example to be copied into systemd.spec.
|
||||
#
|
||||
# Minimum rpm version supported: 4.14.0
|
||||
# Minimum rpm version supported: 4.13.0
|
||||
|
||||
%transfiletriggerin -P 900900 -- /usr/lib/systemd/system /etc/systemd/system
|
||||
# This script will run after any package is initially installed or
|
||||
# upgraded. We care about the case where a package is initially
|
||||
# installed, because other cases are covered by the *un scriptlets,
|
||||
# so sometimes we will reload needlessly.
|
||||
/usr/lib/systemd/systemd-update-helper system-reload-restart || :
|
||||
|
||||
%transfiletriggerin -P 900899 -- /usr/lib/systemd/user /etc/systemd/user
|
||||
if selinuxenabled &>/dev/null; then
|
||||
/usr/lib/systemd/systemd-update-helper user-reload-restart 2>/dev/null || :
|
||||
else
|
||||
/usr/lib/systemd/systemd-update-helper user-reload-restart || :
|
||||
if test -d /run/systemd/system; then
|
||||
%{_bindir}/systemctl daemon-reload
|
||||
fi
|
||||
|
||||
%transfiletriggerpostun -P 1000100 -- /usr/lib/systemd/system /etc/systemd/system
|
||||
%transfiletriggerun -- /usr/lib/systemd/system /etc/systemd/system
|
||||
# On removal, we need to run daemon-reload after any units have been
|
||||
# removed.
|
||||
# removed. %transfiletriggerpostun would be ideal, but it does not get
|
||||
# executed for some reason.
|
||||
# On upgrade, we need to run daemon-reload after any new unit files
|
||||
# have been installed, but before %postun scripts in packages get
|
||||
# executed.
|
||||
/usr/lib/systemd/systemd-update-helper system-reload || :
|
||||
# executed. %transfiletriggerun gets the right list of files
|
||||
# but it is invoked too early (before changes happen).
|
||||
# %filetriggerpostun happens at the right time, but it fires for
|
||||
# every package.
|
||||
# To execute the reload at the right time, we create a state
|
||||
# file in %transfiletriggerun and execute the daemon-reload in
|
||||
# the first %filetriggerpostun.
|
||||
|
||||
%transfiletriggerpostun -P 1000099 -- /usr/lib/systemd/user /etc/systemd/user
|
||||
# Execute daemon-reload in user managers.
|
||||
if selinuxenabled &>/dev/null; then
|
||||
/usr/lib/systemd/systemd-update-helper user-reload 2>/dev/null || :
|
||||
else
|
||||
/usr/lib/systemd/systemd-update-helper user-reload || :
|
||||
if test -d "/run/systemd/system"; then
|
||||
mkdir -p "%{_localstatedir}/lib/rpm-state/systemd"
|
||||
touch "%{_localstatedir}/lib/rpm-state/systemd/needs-reload"
|
||||
fi
|
||||
|
||||
%transfiletriggerpostun -P 10000 -- /usr/lib/systemd/system /etc/systemd/system
|
||||
# We restart remaining system services that should be restarted here.
|
||||
/usr/lib/systemd/systemd-update-helper system-restart || :
|
||||
|
||||
%transfiletriggerpostun -P 9999 -- /usr/lib/systemd/user /etc/systemd/user
|
||||
# We restart remaining user services that should be restarted here.
|
||||
if selinuxenabled &>/dev/null; then
|
||||
/usr/lib/systemd/systemd-update-helper user-restart 2>/dev/null || :
|
||||
else
|
||||
/usr/lib/systemd/systemd-update-helper user-restart || :
|
||||
%filetriggerpostun -P 1000100 -- /usr/lib/systemd/system /etc/systemd/system
|
||||
if test -f "%{_localstatedir}/lib/rpm-state/systemd/needs-reload"; then
|
||||
rm -rf "%{_localstatedir}/lib/rpm-state/systemd"
|
||||
%{_bindir}/systemctl daemon-reload
|
||||
fi
|
||||
|
||||
%transfiletriggerin -P 1000700 -- /usr/lib/sysusers.d
|
||||
%transfiletriggerin -P 100700 -- /usr/lib/sysusers.d
|
||||
# This script will process files installed in /usr/lib/sysusers.d to create
|
||||
# specified users automatically. The priority is set such that it
|
||||
# will run before the tmpfiles file trigger.
|
||||
systemd-sysusers || :
|
||||
if test -d /run/systemd/system; then
|
||||
%{_bindir}/systemd-sysusers || :
|
||||
fi
|
||||
|
||||
%transfiletriggerin -P 1000700 udev -- /usr/lib/udev/hwdb.d
|
||||
%transfiletriggerin -P 100500 -- /usr/lib/tmpfiles.d
|
||||
# This script will process files installed in /usr/lib/tmpfiles.d to create
|
||||
# tmpfiles automatically. The priority is set such that it will run
|
||||
# after the sysusers file trigger, but before any other triggers.
|
||||
if test -d /run/systemd/system; then
|
||||
%{_bindir}/systemd-tmpfiles --create || :
|
||||
fi
|
||||
|
||||
%transfiletriggerin udev -- /usr/lib/udev/hwdb.d
|
||||
# This script will automatically invoke hwdb update if files have been
|
||||
# installed or updated in /usr/lib/udev/hwdb.d.
|
||||
systemd-hwdb update || :
|
||||
if test -d /run/systemd/system; then
|
||||
%{_bindir}/systemd-hwdb update || :
|
||||
fi
|
||||
|
||||
%transfiletriggerin -P 1000700 -- /usr/lib/systemd/catalog
|
||||
%transfiletriggerin -- /usr/lib/systemd/catalog
|
||||
# This script will automatically invoke journal catalog update if files
|
||||
# have been installed or updated in /usr/lib/systemd/catalog.
|
||||
journalctl --update-catalog || :
|
||||
if test -d /run/systemd/system; then
|
||||
%{_bindir}/journalctl --update-catalog || :
|
||||
fi
|
||||
|
||||
%transfiletriggerin -P 1000700 -- /usr/lib/binfmt.d
|
||||
%transfiletriggerin udev -- /usr/lib/udev/rules.d
|
||||
# This script will automatically update udev with new rules if files
|
||||
# have been installed or updated in /usr/lib/udev/rules.d.
|
||||
if test -e /run/udev/control; then
|
||||
%{_bindir}/udevadm control --reload || :
|
||||
fi
|
||||
|
||||
%transfiletriggerin -- /usr/lib/sysctl.d
|
||||
# This script will automatically apply sysctl rules if files have been
|
||||
# installed or updated in /usr/lib/sysctl.d.
|
||||
if test -d /run/systemd/system; then
|
||||
/usr/lib/systemd/systemd-sysctl || :
|
||||
fi
|
||||
|
||||
%transfiletriggerin -- /usr/lib/binfmt.d
|
||||
# This script will automatically apply binfmt rules if files have been
|
||||
# installed or updated in /usr/lib/binfmt.d.
|
||||
if test -d "/run/systemd/system"; then
|
||||
if test -d /run/systemd/system; then
|
||||
# systemd-binfmt might fail if binfmt_misc kernel module is not loaded
|
||||
# during install
|
||||
/usr/lib/systemd/systemd-binfmt || :
|
||||
fi
|
||||
|
||||
%transfiletriggerin -P 1000600 -- /usr/lib/tmpfiles.d
|
||||
# This script will process files installed in /usr/lib/tmpfiles.d to create
|
||||
# tmpfiles automatically. The priority is set such that it will run
|
||||
# after the sysusers file trigger, but before any other triggers.
|
||||
if test -d "/run/systemd/system"; then
|
||||
systemd-tmpfiles --create || :
|
||||
fi
|
||||
|
||||
%transfiletriggerin -P 1000600 udev -- /usr/lib/udev/rules.d
|
||||
# This script will automatically update udev with new rules if files
|
||||
# have been installed or updated in /usr/lib/udev/rules.d.
|
||||
if test -e /run/udev/control; then
|
||||
udevadm control --reload || :
|
||||
fi
|
||||
|
||||
%transfiletriggerin -P 1000500 -- /usr/lib/sysctl.d
|
||||
# This script will automatically apply sysctl rules if files have been
|
||||
# installed or updated in /usr/lib/sysctl.d.
|
||||
if test -d "/run/systemd/system"; then
|
||||
/usr/lib/systemd/systemd-sysctl || :
|
||||
fi
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
From 1990fb757f6d275d807fcb48ad09f5fc7c947bc6 Mon Sep 17 00:00:00 2001
|
||||
From 223ea50950f97ed4e67311dfcffed7ffc27a7cd3 Mon Sep 17 00:00:00 2001
|
||||
From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= <zbyszek@in.waw.pl>
|
||||
Date: Wed, 14 Aug 2019 15:57:42 +0200
|
||||
Subject: [PATCH] udev: use bfq as the default scheduler
|
||||
|
@ -17,27 +17,24 @@ See the bug for more discussion and links.
|
|||
|
||||
diff --git a/rules.d/60-block-scheduler.rules b/rules.d/60-block-scheduler.rules
|
||||
new file mode 100644
|
||||
index 0000000000..850b64540e
|
||||
index 0000000000..480b941761
|
||||
--- /dev/null
|
||||
+++ b/rules.d/60-block-scheduler.rules
|
||||
@@ -0,0 +1,5 @@
|
||||
+# do not edit this file, it will be overwritten on update
|
||||
+
|
||||
+ACTION=="add", SUBSYSTEM=="block", ENV{DEVTYPE}=="disk", \
|
||||
+ACTION=="add", SUBSYSTEM=="block", \
|
||||
+ KERNEL=="mmcblk*[0-9]|msblk*[0-9]|mspblk*[0-9]|sd*[!0-9]|sr*", \
|
||||
+ ATTR{queue/scheduler}="bfq"
|
||||
diff --git a/rules.d/meson.build b/rules.d/meson.build
|
||||
index 8d2878a36d..a3b395c9ce 100644
|
||||
index ca4445d774..38d6aa6970 100644
|
||||
--- a/rules.d/meson.build
|
||||
+++ b/rules.d/meson.build
|
||||
@@ -8,6 +8,7 @@ rules = [
|
||||
[files('60-autosuspend.rules',
|
||||
'60-block.rules',
|
||||
'60-cdrom_id.rules',
|
||||
+ '60-block-scheduler.rules',
|
||||
'60-drm.rules',
|
||||
'60-evdev.rules',
|
||||
'60-fido-id.rules',
|
||||
--
|
||||
2.37.2
|
||||
|
||||
@@ -3,6 +3,7 @@
|
||||
rules = files('''
|
||||
60-autosuspend.rules
|
||||
60-block.rules
|
||||
+ 60-block-scheduler.rules
|
||||
60-cdrom_id.rules
|
||||
60-drm.rules
|
||||
60-evdev.rules
|
||||
|
|
Loading…
Reference in New Issue