From 1af84e8be6e665a660484f21da5a00167b669994 Mon Sep 17 00:00:00 2001 From: Mikko Rapeli Date: Mon, 14 Dec 2020 11:53:31 +0200 Subject: systemd: update from 244.3 to 244.5 stable release MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Brings in a number of fixes from upstream stable tree: $ git log --format="%h %s" v244.3..v244.5 3ceaa81c61 kernel-install/90-loaderentry: fix when /boot is not mountpoint ecbb5a4f67 nspawn: fix fd leak on failure path a09947ddd4 nspawn: check return of setsid() 334f8e2e8f dissect: is_loop_device() returns negative on error, don't mistake that is true b6efbbfb00 dissect: always invalidate secondary arch partitions if we found primary arch dc5c5cd5c8 util: wireguard is merged into upstream kernel 6349956dda fstab-generator: add 'nofail' when NFS 'bg' option is used f4777883f9 busctl: add missing shortopt -l 9f6249eb7f bootctl: handle if LoaderSystemToken is invalid for some reason bda316cc0a hashmap: make sure to initialize shared hash key atomically b80ea9e3da backlight: do not claim that ID_BACKLIGHT_CLAMP= property is not set c829f6e7ca coredump: don't convert s → µs twice bb9d872398 firstboot: fill empty color if ansi_color unavailable from os-release 156570cc77 resolved: make sure we initialize t->answer_errno before completing the transaction 02bba02fa6 src/shared/dissect-image.c: fix build without blkdid (#16901) 13cb598631 analyze: fix error handling in one case 6ab20e9f3b units: add missing usb-gadget.target 9ef259dd4d login/logind: Include sys/stat.h for struct stat usage 7762e59fd4 partition/makefs: Include missing sys/file.h header 3528ace8fb networkctl: label command does not take any argument 34b4dc64c6 missing: Add new Linux capability ba28e6fc45 tty-ask-pw-agent: properly propagate error 7b6e0f74f2 tty-ask-pw-agent: the message string might not be set 0bfe4bd39b tty-ask-pw-agent: make sure "--list" works correctly 0783b4f8ce path: Improve $PATH search directory case d0735d81d4 path: Skip directories when finalising $PATH search 436872f995 rules: don't install 80-drivers.rules when kmod is disabled 342dc4c15f zsh: correct journalctl command completion parsing fec0bb6df4 basic/missing_syscall: fix syscall numbers for arm64 :( bea900bb31 shared/install: fix preset operations for non-service instantiated units 677fb2b663 user-runtime-dir: deal gracefully with missing logind properties 11a97bc230 shared/seccomp: do not use ifdef guards around textual syscall names d411a4d6a6 machine-id-setup: don't use KVM or container manager supplied uuid if in chroot env 9b078df0ba analyze-security: do not assign badness to filtered-out syscalls da0cc77b52 load-fragment: fix grammar in error messages 74d7c53e5f test: accept that char device 0/0 can now be created witout privileges 5c35bcf329 tools/make-man-index: fix purpose text that contains tags da1eb548fb Newer Glibc use faccessat2 to implement faccessat b44e86ef76 bless-boot: add missing verb to --help 88b6379bcd fix typo in systemctl help d091e19bbd _sd-common.h: avoid parsing errors with Coverity d56055f47f nspawn: Fix incorrect usage of putenv 674a2beff0 udev: fix codesonar warnings 16477684d2 sd-boot: fix -Wpointer-sign warning cc8aeb9916 network: fix static assertion on IPPROTO_MAX range f047b0706c sd-boot: fix menu ordering with boot counting 896de33984 tests: add a testcase for https://github.com/systemd/systemd/issues/15885 bbc6ff960a network: Fix crash when SendOption= is invalid 1599741b55 kernel-install: strip BOOT_IMAGE= from kernel options 1d1f5006cb basic/user-util: always use base 10 for user/group numbers b07d782047 parse-util: backport safe_atou32_full() 7bc54463ce Fix build with µhttpd 0.9.71 b074499894 random-seed: add missing header for GRND_NONBLOCK (#14988) ec9fd71358 makefs: strdup arguments to mkfs efd5b1d443 network-generator: allow empty hostname c188248371 network: DHCP lease load SIP copy paste error cd7d8bb962 davfs is a network file system 6aae7f596a logind: log a more accurate error when we failed at session creation f4d5928122 docs: Add syntax for templated units to systemd.preset man page 148f7b147a man: add a tiny bit of markup dbe16df9cd test: wait a bit after starting the test service a713f52ddb fix journalctl regression (#15099) 49e7c3b617 core: transition to FINAL_SIGTERM state after ExecStopPost= d25598854d journalctl: show duplicate entries if they are from the same file (#14898) 037a0fa5d0 udev: fix SECLABEL{selinux} issue (#15064) 9de06cd65a dissect-image: avoid scanning partitions fa65938017 test: ignore IAB capabilities in `test-execute` 16cac70094 Support compiling with clang and gnu11 standard 1ea52d91c8 Typo fix 869614a551 boot: Ensure ARM UEFI binary does not contain FP/SIMD instructions Patches CVE-2020-13776.patch and systemd-udev-seclabel-options-crash-fix.patch can be dropped as they are already applied in 244.5 upstream release. Not needed on master branch or gatesgarth as they run newer systemd version 246. Tested on an ARM64 target with automatic tests which are passing on our side. (From OE-Core rev: 0c5151a7ec6ac0aaed1bc56ebb89f17442683072) Signed-off-by: Mikko Rapeli Signed-off-by: Steve Sakoman Signed-off-by: Richard Purdie --- meta/recipes-core/systemd/systemd-boot_244.3.bb | 70 -- meta/recipes-core/systemd/systemd-boot_244.5.bb | 70 ++ meta/recipes-core/systemd/systemd.inc | 2 +- .../systemd/systemd/CVE-2020-13776.patch | 96 --- .../systemd-udev-seclabel-options-crash-fix.patch | 30 - meta/recipes-core/systemd/systemd_244.3.bb | 709 -------------------- meta/recipes-core/systemd/systemd_244.5.bb | 710 +++++++++++++++++++++ 7 files changed, 781 insertions(+), 906 deletions(-) delete mode 100644 meta/recipes-core/systemd/systemd-boot_244.3.bb create mode 100644 meta/recipes-core/systemd/systemd-boot_244.5.bb delete mode 100644 meta/recipes-core/systemd/systemd/CVE-2020-13776.patch delete mode 100644 meta/recipes-core/systemd/systemd/systemd-udev-seclabel-options-crash-fix.patch delete mode 100644 meta/recipes-core/systemd/systemd_244.3.bb create mode 100644 meta/recipes-core/systemd/systemd_244.5.bb diff --git a/meta/recipes-core/systemd/systemd-boot_244.3.bb b/meta/recipes-core/systemd/systemd-boot_244.3.bb deleted file mode 100644 index f92c639810..0000000000 --- a/meta/recipes-core/systemd/systemd-boot_244.3.bb +++ /dev/null @@ -1,70 +0,0 @@ -require systemd.inc -FILESEXTRAPATHS =. "${FILE_DIRNAME}/systemd:" - -require conf/image-uefi.conf - -DEPENDS = "intltool-native libcap util-linux gnu-efi gperf-native" - -inherit meson pkgconfig gettext -inherit deploy - -LDFLAGS_prepend = "${@ " ".join(d.getVar('LD').split()[1:])} " - -do_write_config[vardeps] += "CC OBJCOPY" -do_write_config_append() { - cat >${WORKDIR}/meson-${PN}.cross <${WORKDIR}/meson-${PN}.cross < -Date: Sun, 31 May 2020 18:21:09 +0200 -Subject: [PATCH 1/1] basic/user-util: always use base 10 for user/group - numbers - -We would parse numbers with base prefixes as user identifiers. For example, -"0x2b3bfa0" would be interpreted as UID==45334432 and "01750" would be -interpreted as UID==1000. This parsing was used also in cases where either a -user/group name or number may be specified. This means that names like -0x2b3bfa0 would be ambiguous: they are a valid user name according to our -documented relaxed rules, but they would also be parsed as numeric uids. - -This behaviour is definitely not expected by users, since tools generally only -accept decimal numbers (e.g. id, getent passwd), while other tools only accept -user names and thus will interpret such strings as user names without even -attempting to convert them to numbers (su, ssh). So let's follow suit and only -accept numbers in decimal notation. Effectively this means that we will reject -such strings as a username/uid/groupname/gid where strict mode is used, and try -to look up a user/group with such a name in relaxed mode. - -Since the function changed is fairly low-level and fairly widely used, this -affects multiple tools: loginctl show-user/enable-linger/disable-linger foo', -the third argument in sysusers.d, fourth and fifth arguments in tmpfiles.d, -etc. - -Fixes #15985. ---- - src/basic/user-util.c | 2 +- - src/test/test-user-util.c | 10 ++++++++++ - 2 files changed, 11 insertions(+), 1 deletion(-) - ---- end of commit 156a5fd297b61bce31630d7a52c15614bf784843 --- - - -Add definition of safe_atou32_full() from commit b934ac3d6e7dcad114776ef30ee9098693e7ab7e - -CVE: CVE-2020-13776 - -Upstream-Status: Backport [https://github.com/systemd/systemd.git] - -Signed-off-by: Joe Slater - - - ---- git.orig/src/basic/user-util.c -+++ git/src/basic/user-util.c -@@ -49,7 +49,7 @@ int parse_uid(const char *s, uid_t *ret) - assert(s); - - assert_cc(sizeof(uid_t) == sizeof(uint32_t)); -- r = safe_atou32(s, &uid); -+ r = safe_atou32_full(s, 10, &uid); - if (r < 0) - return r; - ---- git.orig/src/test/test-user-util.c -+++ git/src/test/test-user-util.c -@@ -48,9 +48,19 @@ static void test_parse_uid(void) { - - r = parse_uid("65535", &uid); - assert_se(r == -ENXIO); -+ assert_se(uid == 100); -+ -+ r = parse_uid("0x1234", &uid); -+ assert_se(r == -EINVAL); -+ assert_se(uid == 100); -+ -+ r = parse_uid("01234", &uid); -+ assert_se(r == 0); -+ assert_se(uid == 1234); - - r = parse_uid("asdsdas", &uid); - assert_se(r == -EINVAL); -+ assert_se(uid == 1234); - } - - static void test_uid_ptr(void) { ---- git.orig/src/basic/parse-util.h -+++ git/src/basic/parse-util.h -@@ -45,9 +45,13 @@ static inline int safe_atoux16(const cha - - int safe_atoi16(const char *s, int16_t *ret); - --static inline int safe_atou32(const char *s, uint32_t *ret_u) { -+static inline int safe_atou32_full(const char *s, unsigned base, uint32_t *ret_u) { - assert_cc(sizeof(uint32_t) == sizeof(unsigned)); -- return safe_atou(s, (unsigned*) ret_u); -+ return safe_atou_full(s, base, (unsigned*) ret_u); -+} -+ -+static inline int safe_atou32(const char *s, uint32_t *ret_u) { -+ return safe_atou32_full(s, 0, (unsigned*) ret_u); - } - - static inline int safe_atoi32(const char *s, int32_t *ret_i) { diff --git a/meta/recipes-core/systemd/systemd/systemd-udev-seclabel-options-crash-fix.patch b/meta/recipes-core/systemd/systemd/systemd-udev-seclabel-options-crash-fix.patch deleted file mode 100644 index 27b2b60fad..0000000000 --- a/meta/recipes-core/systemd/systemd/systemd-udev-seclabel-options-crash-fix.patch +++ /dev/null @@ -1,30 +0,0 @@ -From 0335d110afc08baf47d76b7011ce02510dfdd524 Mon Sep 17 00:00:00 2001 -From: Valery0xff -Date: Wed, 11 Mar 2020 02:20:36 +0200 -Subject: [PATCH] udev: fix SECLABEL{selinux} issue (#15064) - -Add SECLABEL{selinux}="some value" cause udevadm crash -systemd-udevd[x]: Worker [x] terminated by signal 11 (SEGV) - -It happens since 25de7aa7b90 (Yu Watanabe 2019-04-25 01:21:11 +0200) -when udev rules processing changed to token model. Yu forgot store -attr to SECLABEL token so fix it. ---- - src/udev/udev-rules.c | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -Upstream-Status: Backport [https://github.com/systemd/systemd/commit/0335d110afc08baf47d76b7011ce02510dfdd524.patch] ---- -diff --git a/src/udev/udev-rules.c b/src/udev/udev-rules.c -index b9b350d1ef..b990f68e93 100644 ---- a/src/udev/udev-rules.c -+++ b/src/udev/udev-rules.c -@@ -921,7 +921,7 @@ static int parse_token(UdevRules *rules, const char *key, char *attr, UdevRuleOp - op = OP_ASSIGN; - } - -- r = rule_line_add_token(rule_line, TK_A_SECLABEL, op, value, NULL); -+ r = rule_line_add_token(rule_line, TK_A_SECLABEL, op, value, attr); - } else if (streq(key, "RUN")) { - if (is_match || op == OP_REMOVE) - return log_token_invalid_op(rules, key); diff --git a/meta/recipes-core/systemd/systemd_244.3.bb b/meta/recipes-core/systemd/systemd_244.3.bb deleted file mode 100644 index 64e3b18333..0000000000 --- a/meta/recipes-core/systemd/systemd_244.3.bb +++ /dev/null @@ -1,709 +0,0 @@ -require systemd.inc - -PROVIDES = "udev" - -PE = "1" - -DEPENDS = "intltool-native gperf-native libcap util-linux" - -SECTION = "base/shell" - -inherit useradd pkgconfig meson perlnative update-rc.d update-alternatives qemu systemd gettext bash-completion manpages features_check - -# As this recipe builds udev, respect systemd being in DISTRO_FEATURES so -# that we don't build both udev and systemd in world builds. -REQUIRED_DISTRO_FEATURES = "systemd" - -SRC_URI += "file://touchscreen.rules \ - file://00-create-volatile.conf \ - file://init \ - file://99-default.preset \ - file://0001-binfmt-Don-t-install-dependency-links-at-install-tim.patch \ - file://0003-implment-systemd-sysv-install-for-OE.patch \ - file://CVE-2020-13776.patch \ - file://systemd-udev-seclabel-options-crash-fix.patch \ - " - -# patches needed by musl -SRC_URI_append_libc-musl = " ${SRC_URI_MUSL}" -SRC_URI_MUSL = "\ - file://0002-don-t-use-glibc-specific-qsort_r.patch \ - file://0003-missing_type.h-add-__compare_fn_t-and-comparison_fn_.patch \ - file://0004-add-fallback-parse_printf_format-implementation.patch \ - file://0005-src-basic-missing.h-check-for-missing-strndupa.patch \ - file://0006-Include-netinet-if_ether.h.patch \ - file://0007-don-t-fail-if-GLOB_BRACE-and-GLOB_ALTDIRFUNC-is-not.patch \ - file://0008-add-missing-FTW_-macros-for-musl.patch \ - file://0010-fix-missing-of-__register_atfork-for-non-glibc-build.patch \ - file://0011-Use-uintmax_t-for-handling-rlim_t.patch \ - file://0014-test-sizeof.c-Disable-tests-for-missing-typedefs-in-.patch \ - file://0015-don-t-pass-AT_SYMLINK_NOFOLLOW-flag-to-faccessat.patch \ - file://0016-Define-glibc-compatible-basename-for-non-glibc-syste.patch \ - file://0017-Do-not-disable-buffering-when-writing-to-oom_score_a.patch \ - file://0018-distinguish-XSI-compliant-strerror_r-from-GNU-specif.patch \ - file://0019-Hide-__start_BUS_ERROR_MAP-and-__stop_BUS_ERROR_MAP.patch \ - file://0020-missing_type.h-add-__compar_d_fn_t-definition.patch \ - file://0021-avoid-redefinition-of-prctl_mm_map-structure.patch \ - file://0024-test-json.c-define-M_PIl.patch \ - file://0001-do-not-disable-buffer-in-writing-files.patch \ - file://0002-src-login-brightness.c-include-sys-wait.h.patch \ - file://0003-src-basic-copy.c-include-signal.h.patch \ - file://0004-src-shared-cpu-set-util.h-add-__cpu_mask-definition.patch \ - " - -PAM_PLUGINS = " \ - pam-plugin-unix \ - pam-plugin-loginuid \ - pam-plugin-keyinit \ -" - -PACKAGECONFIG ??= " \ - ${@bb.utils.filter('DISTRO_FEATURES', 'acl audit efi ldconfig pam selinux smack usrmerge polkit', d)} \ - ${@bb.utils.contains('DISTRO_FEATURES', 'wifi', 'rfkill', '', d)} \ - ${@bb.utils.contains('DISTRO_FEATURES', 'x11', 'xkbcommon', '', d)} \ - backlight \ - binfmt \ - gshadow \ - hibernate \ - hostnamed \ - idn \ - ima \ - kmod \ - localed \ - logind \ - machined \ - myhostname \ - networkd \ - nss \ - nss-mymachines \ - nss-resolve \ - quotacheck \ - randomseed \ - resolved \ - set-time-epoch \ - sysusers \ - sysvinit \ - timedated \ - timesyncd \ - utmp \ - vconsole \ - xz \ -" - -PACKAGECONFIG_remove_libc-musl = " \ - gshadow \ - idn \ - localed \ - myhostname \ - nss \ - nss-mymachines \ - nss-resolve \ - sysusers \ - utmp \ -" - -CFLAGS_append_libc-musl = " -D__UAPI_DEF_ETHHDR=0 " - -# Use the upstream systemd serial-getty@.service and rely on -# systemd-getty-generator instead of using the OE-core specific -# systemd-serialgetty.bb - not enabled by default. -PACKAGECONFIG[serial-getty-generator] = "" - -PACKAGECONFIG[acl] = "-Dacl=true,-Dacl=false,acl" -PACKAGECONFIG[audit] = "-Daudit=true,-Daudit=false,audit" -PACKAGECONFIG[backlight] = "-Dbacklight=true,-Dbacklight=false" -PACKAGECONFIG[binfmt] = "-Dbinfmt=true,-Dbinfmt=false" -PACKAGECONFIG[bzip2] = "-Dbzip2=true,-Dbzip2=false,bzip2" -PACKAGECONFIG[cgroupv2] = "-Ddefault-hierarchy=unified,-Ddefault-hierarchy=hybrid" -PACKAGECONFIG[coredump] = "-Dcoredump=true,-Dcoredump=false" -PACKAGECONFIG[cryptsetup] = "-Dlibcryptsetup=true,-Dlibcryptsetup=false,cryptsetup" -PACKAGECONFIG[dbus] = "-Ddbus=true,-Ddbus=false,dbus" -PACKAGECONFIG[efi] = "-Defi=true,-Defi=false" -PACKAGECONFIG[gnu-efi] = "-Dgnu-efi=true -Defi-libdir=${STAGING_LIBDIR} -Defi-includedir=${STAGING_INCDIR}/efi,-Dgnu-efi=false,gnu-efi" -PACKAGECONFIG[elfutils] = "-Delfutils=true,-Delfutils=false,elfutils" -PACKAGECONFIG[firstboot] = "-Dfirstboot=true,-Dfirstboot=false" -# Sign the journal for anti-tampering -PACKAGECONFIG[gcrypt] = "-Dgcrypt=true,-Dgcrypt=false,libgcrypt" -PACKAGECONFIG[gnutls] = "-Dgnutls=true,-Dgnutls=false,gnutls" -PACKAGECONFIG[gshadow] = "-Dgshadow=true,-Dgshadow=false" -PACKAGECONFIG[hibernate] = "-Dhibernate=true,-Dhibernate=false" -PACKAGECONFIG[hostnamed] = "-Dhostnamed=true,-Dhostnamed=false" -PACKAGECONFIG[idn] = "-Didn=true,-Didn=false" -PACKAGECONFIG[ima] = "-Dima=true,-Dima=false" -# importd requires curl/xz/zlib/bzip2/gcrypt -PACKAGECONFIG[importd] = "-Dimportd=true,-Dimportd=false" -# Update NAT firewall rules -PACKAGECONFIG[iptc] = "-Dlibiptc=true,-Dlibiptc=false,iptables" -PACKAGECONFIG[journal-upload] = "-Dlibcurl=true,-Dlibcurl=false,curl" -PACKAGECONFIG[kmod] = "-Dkmod=true,-Dkmod=false,kmod" -PACKAGECONFIG[ldconfig] = "-Dldconfig=true,-Dldconfig=false,,ldconfig" -PACKAGECONFIG[libidn] = "-Dlibidn=true,-Dlibidn=false,libidn" -PACKAGECONFIG[libidn2] = "-Dlibidn2=true,-Dlibidn2=false,libidn2" -PACKAGECONFIG[localed] = "-Dlocaled=true,-Dlocaled=false" -PACKAGECONFIG[logind] = "-Dlogind=true,-Dlogind=false" -PACKAGECONFIG[lz4] = "-Dlz4=true,-Dlz4=false,lz4" -PACKAGECONFIG[machined] = "-Dmachined=true,-Dmachined=false" -PACKAGECONFIG[manpages] = "-Dman=true,-Dman=false,libxslt-native xmlto-native docbook-xml-dtd4-native docbook-xsl-stylesheets-native" -PACKAGECONFIG[microhttpd] = "-Dmicrohttpd=true,-Dmicrohttpd=false,libmicrohttpd" -PACKAGECONFIG[myhostname] = "-Dnss-myhostname=true,-Dnss-myhostname=false,,libnss-myhostname" -PACKAGECONFIG[networkd] = "-Dnetworkd=true,-Dnetworkd=false" -PACKAGECONFIG[nss] = "-Dnss-systemd=true,-Dnss-systemd=false" -PACKAGECONFIG[nss-mymachines] = "-Dnss-mymachines=true,-Dnss-mymachines=false" -PACKAGECONFIG[nss-resolve] = "-Dnss-resolve=true,-Dnss-resolve=false" -PACKAGECONFIG[openssl] = "-Dopenssl=true,-Dopenssl=false,openssl" -PACKAGECONFIG[pam] = "-Dpam=true,-Dpam=false,libpam,${PAM_PLUGINS}" -PACKAGECONFIG[pcre2] = "-Dpcre2=true,-Dpcre2=false,libpcre2" -PACKAGECONFIG[polkit] = "-Dpolkit=true,-Dpolkit=false" -PACKAGECONFIG[portabled] = "-Dportabled=true,-Dportabled=false" -PACKAGECONFIG[qrencode] = "-Dqrencode=true,-Dqrencode=false,qrencode" -PACKAGECONFIG[quotacheck] = "-Dquotacheck=true,-Dquotacheck=false" -PACKAGECONFIG[randomseed] = "-Drandomseed=true,-Drandomseed=false" -PACKAGECONFIG[resolved] = "-Dresolve=true,-Dresolve=false" -PACKAGECONFIG[rfkill] = "-Drfkill=true,-Drfkill=false" -# libseccomp is found in meta-security -PACKAGECONFIG[seccomp] = "-Dseccomp=true,-Dseccomp=false,libseccomp" -PACKAGECONFIG[selinux] = "-Dselinux=true,-Dselinux=false,libselinux,initscripts-sushell" -PACKAGECONFIG[smack] = "-Dsmack=true,-Dsmack=false" -PACKAGECONFIG[sysusers] = "-Dsysusers=true,-Dsysusers=false" -PACKAGECONFIG[sysvinit] = "-Dsysvinit-path=${sysconfdir}/init.d -Dsysvrcnd-path=${sysconfdir},-Dsysvinit-path= -Dsysvrcnd-path=,,update-rc.d" -# When enabled use reproducble build timestamp if set as time epoch, -# or build time if not. When disabled, time epoch is unset. -def build_epoch(d): - epoch = d.getVar('SOURCE_DATE_EPOCH') or "-1" - return '-Dtime-epoch=%d' % int(epoch) -PACKAGECONFIG[set-time-epoch] = "${@build_epoch(d)},-Dtime-epoch=0" -PACKAGECONFIG[timedated] = "-Dtimedated=true,-Dtimedated=false" -PACKAGECONFIG[timesyncd] = "-Dtimesyncd=true,-Dtimesyncd=false" -PACKAGECONFIG[usrmerge] = "-Dsplit-usr=false,-Dsplit-usr=true" -PACKAGECONFIG[sbinmerge] = "-Dsplit-bin=false,-Dsplit-bin=true" -PACKAGECONFIG[utmp] = "-Dutmp=true,-Dutmp=false" -PACKAGECONFIG[valgrind] = "-DVALGRIND=1,,valgrind" -PACKAGECONFIG[vconsole] = "-Dvconsole=true,-Dvconsole=false,,${PN}-vconsole-setup" -# Verify keymaps on locale change -PACKAGECONFIG[xkbcommon] = "-Dxkbcommon=true,-Dxkbcommon=false,libxkbcommon" -PACKAGECONFIG[xz] = "-Dxz=true,-Dxz=false,xz" -PACKAGECONFIG[zlib] = "-Dzlib=true,-Dzlib=false,zlib" - -# Helper variables to clarify locations. This mirrors the logic in systemd's -# build system. -rootprefix ?= "${root_prefix}" -rootlibdir ?= "${base_libdir}" -rootlibexecdir = "${rootprefix}/lib" - -# This links udev statically with systemd helper library. -# Otherwise udev package would depend on systemd package (which has the needed shared library), -# and always pull it into images. -EXTRA_OEMESON += "-Dlink-udev-shared=false" - -EXTRA_OEMESON += "-Dnobody-user=nobody \ - -Dnobody-group=nobody \ - -Drootlibdir=${rootlibdir} \ - -Drootprefix=${rootprefix} \ - -Ddefault-locale=C \ - " - -# Hardcode target binary paths to avoid using paths from sysroot -EXTRA_OEMESON += "-Dkexec-path=${sbindir}/kexec \ - -Dkmod-path=${base_bindir}/kmod \ - -Dmount-path=${base_bindir}/mount \ - -Dquotacheck-path=${sbindir}/quotacheck \ - -Dquotaon-path=${sbindir}/quotaon \ - -Dsulogin-path=${base_sbindir}/sulogin \ - -Dnologin-path=${base_sbindir}/nologin \ - -Dumount-path=${base_bindir}/umount" - -do_install() { - meson_do_install - install -d ${D}/${base_sbindir} - if ${@bb.utils.contains('PACKAGECONFIG', 'serial-getty-generator', 'false', 'true', d)}; then - # Provided by a separate recipe - rm ${D}${systemd_unitdir}/system/serial-getty* -f - fi - - # Provide support for initramfs - [ ! -e ${D}/init ] && ln -s ${rootlibexecdir}/systemd/systemd ${D}/init - [ ! -e ${D}/${base_sbindir}/udevd ] && ln -s ${rootlibexecdir}/systemd/systemd-udevd ${D}/${base_sbindir}/udevd - - install -d ${D}${sysconfdir}/udev/rules.d/ - install -d ${D}${sysconfdir}/tmpfiles.d - install -m 0644 ${WORKDIR}/*.rules ${D}${sysconfdir}/udev/rules.d/ - - install -m 0644 ${WORKDIR}/00-create-volatile.conf ${D}${sysconfdir}/tmpfiles.d/ - - if ${@bb.utils.contains('DISTRO_FEATURES','sysvinit','true','false',d)}; then - install -d ${D}${sysconfdir}/init.d - install -m 0755 ${WORKDIR}/init ${D}${sysconfdir}/init.d/systemd-udevd - sed -i s%@UDEVD@%${rootlibexecdir}/systemd/systemd-udevd% ${D}${sysconfdir}/init.d/systemd-udevd - install -Dm 0755 ${S}/src/systemctl/systemd-sysv-install.SKELETON ${D}${systemd_unitdir}/systemd-sysv-install - fi - - chown root:systemd-journal ${D}/${localstatedir}/log/journal - - # Delete journal README, as log can be symlinked inside volatile. - rm -f ${D}/${localstatedir}/log/README - - # journal-remote creates this at start - rm -rf ${D}/${localstatedir}/log/journal/remote - - install -d ${D}${systemd_unitdir}/system/graphical.target.wants - install -d ${D}${systemd_unitdir}/system/multi-user.target.wants - install -d ${D}${systemd_unitdir}/system/poweroff.target.wants - install -d ${D}${systemd_unitdir}/system/reboot.target.wants - install -d ${D}${systemd_unitdir}/system/rescue.target.wants - - # Create symlinks for systemd-update-utmp-runlevel.service - if ${@bb.utils.contains('PACKAGECONFIG', 'utmp', 'true', 'false', d)}; then - ln -sf ../systemd-update-utmp-runlevel.service ${D}${systemd_unitdir}/system/graphical.target.wants/systemd-update-utmp-runlevel.service - ln -sf ../systemd-update-utmp-runlevel.service ${D}${systemd_unitdir}/system/multi-user.target.wants/systemd-update-utmp-runlevel.service - ln -sf ../systemd-update-utmp-runlevel.service ${D}${systemd_unitdir}/system/poweroff.target.wants/systemd-update-utmp-runlevel.service - ln -sf ../systemd-update-utmp-runlevel.service ${D}${systemd_unitdir}/system/reboot.target.wants/systemd-update-utmp-runlevel.service - ln -sf ../systemd-update-utmp-runlevel.service ${D}${systemd_unitdir}/system/rescue.target.wants/systemd-update-utmp-runlevel.service - fi - - # this file is needed to exist if networkd is disabled but timesyncd is still in use since timesyncd checks it - # for existence else it fails - if [ -s ${D}${exec_prefix}/lib/tmpfiles.d/systemd.conf ]; then - ${@bb.utils.contains('PACKAGECONFIG', 'networkd', ':', 'sed -i -e "\$ad /run/systemd/netif/links 0755 root root -" ${D}${exec_prefix}/lib/tmpfiles.d/systemd.conf', d)} - fi - if ! ${@bb.utils.contains('PACKAGECONFIG', 'resolved', 'true', 'false', d)}; then - echo 'L! ${sysconfdir}/resolv.conf - - - - ../run/systemd/resolve/resolv.conf' >>${D}${exec_prefix}/lib/tmpfiles.d/etc.conf - echo 'd /run/systemd/resolve 0755 root root -' >>${D}${exec_prefix}/lib/tmpfiles.d/systemd.conf - echo 'f /run/systemd/resolve/resolv.conf 0644 root root' >>${D}${exec_prefix}/lib/tmpfiles.d/systemd.conf - ln -s ../run/systemd/resolve/resolv.conf ${D}${sysconfdir}/resolv-conf.systemd - else - sed -i -e "s%^L! /etc/resolv.conf.*$%L! /etc/resolv.conf - - - - ../run/systemd/resolve/resolv.conf%g" ${D}${exec_prefix}/lib/tmpfiles.d/etc.conf - ln -s ../run/systemd/resolve/resolv.conf ${D}${sysconfdir}/resolv-conf.systemd - fi - if ${@bb.utils.contains('DISTRO_FEATURES', 'x11', 'false', 'true', d)}; then - rm ${D}${exec_prefix}/lib/tmpfiles.d/x11.conf - rm -r ${D}${sysconfdir}/X11 - fi - - # If polkit is setup fixup permissions and ownership - if ${@bb.utils.contains('PACKAGECONFIG', 'polkit', 'true', 'false', d)}; then - if [ -d ${D}${datadir}/polkit-1/rules.d ]; then - chmod 700 ${D}${datadir}/polkit-1/rules.d - chown polkitd:root ${D}${datadir}/polkit-1/rules.d - fi - fi - - # create link for existing udev rules - ln -s ${base_bindir}/udevadm ${D}${base_sbindir}/udevadm - - # duplicate udevadm for postinst script - install -d ${D}${libexecdir} - ln ${D}${base_bindir}/udevadm ${D}${libexecdir}/${MLPREFIX}udevadm - - # install default policy for presets - # https://www.freedesktop.org/wiki/Software/systemd/Preset/#howto - install -Dm 0644 ${WORKDIR}/99-default.preset ${D}${systemd_unitdir}/system-preset/99-default.preset -} - -python populate_packages_prepend (){ - systemdlibdir = d.getVar("rootlibdir") - do_split_packages(d, systemdlibdir, '^lib(.*)\.so\.*', 'lib%s', 'Systemd %s library', extra_depends='', allow_links=True) -} -PACKAGES_DYNAMIC += "^lib(udev|systemd|nss).*" - -PACKAGE_BEFORE_PN = "\ - ${PN}-gui \ - ${PN}-vconsole-setup \ - ${PN}-initramfs \ - ${PN}-analyze \ - ${PN}-kernel-install \ - ${PN}-rpm-macros \ - ${PN}-binfmt \ - ${PN}-zsh-completion \ - ${PN}-container \ - ${PN}-journal-gatewayd \ - ${PN}-journal-upload \ - ${PN}-journal-remote \ - ${PN}-extra-utils \ - udev \ - udev-hwdb \ -" - -SUMMARY_${PN}-container = "Tools for containers and VMs" -DESCRIPTION_${PN}-container = "Systemd tools to spawn and manage containers and virtual machines." - -SUMMARY_${PN}-journal-gatewayd = "HTTP server for journal events" -DESCRIPTION_${PN}-journal-gatewayd = "systemd-journal-gatewayd serves journal events over the network. Clients must connect using HTTP. The server listens on port 19531 by default." - -SUMMARY_${PN}-journal-upload = "Send journal messages over the network" -DESCRIPTION_${PN}-journal-upload = "systemd-journal-upload uploads journal entries to a specified URL." - -SUMMARY_${PN}-journal-remote = "Receive journal messages over the network" -DESCRIPTION_${PN}-journal-remote = "systemd-journal-remote is a command to receive serialized journal events and store them to journal files." - -SYSTEMD_PACKAGES = "${@bb.utils.contains('PACKAGECONFIG', 'binfmt', '${PN}-binfmt', '', d)} \ - ${@bb.utils.contains('PACKAGECONFIG', 'microhttpd', '${PN}-journal-gatewayd', '', d)} \ - ${@bb.utils.contains('PACKAGECONFIG', 'microhttpd', '${PN}-journal-remote', '', d)} \ - ${@bb.utils.contains('PACKAGECONFIG', 'journal-upload', '${PN}-journal-upload', '', d)} \ -" -SYSTEMD_SERVICE_${PN}-binfmt = "systemd-binfmt.service" - -USERADD_PACKAGES = "${PN} ${PN}-extra-utils \ - ${@bb.utils.contains('PACKAGECONFIG', 'microhttpd', '${PN}-journal-gateway', '', d)} \ - ${@bb.utils.contains('PACKAGECONFIG', 'microhttpd', '${PN}-journal-remote', '', d)} \ - ${@bb.utils.contains('PACKAGECONFIG', 'journal-upload', '${PN}-journal-upload', '', d)} \ -" -GROUPADD_PARAM_${PN} = "-r systemd-journal" -USERADD_PARAM_${PN} += "${@bb.utils.contains('PACKAGECONFIG', 'coredump', '--system -d / -M --shell /bin/nologin systemd-coredump;', '', d)}" -USERADD_PARAM_${PN} += "${@bb.utils.contains('PACKAGECONFIG', 'networkd', '--system -d / -M --shell /bin/nologin systemd-network;', '', d)}" -USERADD_PARAM_${PN} += "${@bb.utils.contains('PACKAGECONFIG', 'polkit', '--system --no-create-home --user-group --home-dir ${sysconfdir}/polkit-1 polkitd;', '', d)}" -USERADD_PARAM_${PN} += "${@bb.utils.contains('PACKAGECONFIG', 'resolved', '--system -d / -M --shell /bin/nologin systemd-resolve;', '', d)}" -USERADD_PARAM_${PN} += "${@bb.utils.contains('PACKAGECONFIG', 'timesyncd', '--system -d / -M --shell /bin/nologin systemd-timesync;', '', d)}" -USERADD_PARAM_${PN}-extra-utils = "--system -d / -M --shell /bin/nologin systemd-bus-proxy" -USERADD_PARAM_${PN}-journal-gateway = "--system -d / -M --shell /bin/nologin systemd-journal-gateway" -USERADD_PARAM_${PN}-journal-remote = "--system -d / -M --shell /bin/nologin systemd-journal-remote" -USERADD_PARAM_${PN}-journal-upload = "--system -d / -M --shell /bin/nologin systemd-journal-upload" - -FILES_${PN}-analyze = "${bindir}/systemd-analyze" - -FILES_${PN}-initramfs = "/init" -RDEPENDS_${PN}-initramfs = "${PN}" - -FILES_${PN}-gui = "${bindir}/systemadm" - -FILES_${PN}-vconsole-setup = "${rootlibexecdir}/systemd/systemd-vconsole-setup \ - ${systemd_unitdir}/system/systemd-vconsole-setup.service \ - ${systemd_unitdir}/system/sysinit.target.wants/systemd-vconsole-setup.service" - -RDEPENDS_${PN}-kernel-install += "bash" -FILES_${PN}-kernel-install = "${bindir}/kernel-install \ - ${sysconfdir}/kernel/ \ - ${exec_prefix}/lib/kernel \ - " -FILES_${PN}-rpm-macros = "${exec_prefix}/lib/rpm \ - " - -FILES_${PN}-zsh-completion = "${datadir}/zsh/site-functions" - -FILES_${PN}-binfmt = "${sysconfdir}/binfmt.d/ \ - ${exec_prefix}/lib/binfmt.d \ - ${rootlibexecdir}/systemd/systemd-binfmt \ - ${systemd_unitdir}/system/proc-sys-fs-binfmt_misc.* \ - ${systemd_unitdir}/system/systemd-binfmt.service" -RRECOMMENDS_${PN}-binfmt = "kernel-module-binfmt-misc" - -RRECOMMENDS_${PN}-vconsole-setup = "kbd kbd-consolefonts kbd-keymaps" - - -FILES_${PN}-journal-gatewayd = "${rootlibexecdir}/systemd/systemd-journal-gatewayd \ - ${systemd_system_unitdir}/systemd-journal-gatewayd.service \ - ${systemd_system_unitdir}/systemd-journal-gatewayd.socket \ - ${systemd_system_unitdir}/sockets.target.wants/systemd-journal-gatewayd.socket \ - ${datadir}/systemd/gatewayd/browse.html \ - " -SYSTEMD_SERVICE_${PN}-journal-gatewayd = "systemd-journal-gatewayd.socket" - -FILES_${PN}-journal-upload = "${rootlibexecdir}/systemd/systemd-journal-upload \ - ${systemd_system_unitdir}/systemd-journal-upload.service \ - ${sysconfdir}/systemd/journal-upload.conf \ - " -SYSTEMD_SERVICE_${PN}-journal-upload = "systemd-journal-upload.service" - -FILES_${PN}-journal-remote = "${rootlibexecdir}/systemd/systemd-journal-remote \ - ${sysconfdir}/systemd/journal-remote.conf \ - ${systemd_system_unitdir}/systemd-journal-remote.service \ - ${systemd_system_unitdir}/systemd-journal-remote.socket \ - " -SYSTEMD_SERVICE_${PN}-journal-remote = "systemd-journal-remote.socket" - - -FILES_${PN}-container = "${sysconfdir}/dbus-1/system.d/org.freedesktop.import1.conf \ - ${sysconfdir}/dbus-1/system.d/org.freedesktop.machine1.conf \ - ${sysconfdir}/systemd/system/multi-user.target.wants/machines.target \ - ${base_bindir}/machinectl \ - ${bindir}/systemd-nspawn \ - ${nonarch_libdir}/systemd/import-pubring.gpg \ - ${systemd_system_unitdir}/busnames.target.wants/org.freedesktop.import1.busname \ - ${systemd_system_unitdir}/busnames.target.wants/org.freedesktop.machine1.busname \ - ${systemd_system_unitdir}/local-fs.target.wants/var-lib-machines.mount \ - ${systemd_system_unitdir}/machines.target.wants/var-lib-machines.mount \ - ${systemd_system_unitdir}/remote-fs.target.wants/var-lib-machines.mount \ - ${systemd_system_unitdir}/machine.slice \ - ${systemd_system_unitdir}/machines.target \ - ${systemd_system_unitdir}/org.freedesktop.import1.busname \ - ${systemd_system_unitdir}/org.freedesktop.machine1.busname \ - ${systemd_system_unitdir}/systemd-importd.service \ - ${systemd_system_unitdir}/systemd-machined.service \ - ${systemd_system_unitdir}/dbus-org.freedesktop.machine1.service \ - ${systemd_system_unitdir}/var-lib-machines.mount \ - ${rootlibexecdir}/systemd/systemd-import \ - ${rootlibexecdir}/systemd/systemd-importd \ - ${rootlibexecdir}/systemd/systemd-machined \ - ${rootlibexecdir}/systemd/systemd-pull \ - ${exec_prefix}/lib/tmpfiles.d/systemd-nspawn.conf \ - ${systemd_system_unitdir}/systemd-nspawn@.service \ - ${libdir}/libnss_mymachines.so.2 \ - ${datadir}/dbus-1/system-services/org.freedesktop.import1.service \ - ${datadir}/dbus-1/system-services/org.freedesktop.machine1.service \ - ${datadir}/dbus-1/system.d/org.freedesktop.import1.conf \ - ${datadir}/dbus-1/system.d/org.freedesktop.machine1.conf \ - ${datadir}/polkit-1/actions/org.freedesktop.import1.policy \ - ${datadir}/polkit-1/actions/org.freedesktop.machine1.policy \ - " - -RRECOMMENDS_${PN}-container += "\ - ${PN}-journal-upload \ - ${PN}-journal-remote \ - ${PN}-journal-gatewayd \ - " - -FILES_${PN}-extra-utils = "\ - ${base_bindir}/systemd-escape \ - ${base_bindir}/systemd-inhibit \ - ${bindir}/systemd-detect-virt \ - ${bindir}/systemd-path \ - ${bindir}/systemd-run \ - ${bindir}/systemd-cat \ - ${bindir}/systemd-delta \ - ${bindir}/systemd-cgls \ - ${bindir}/systemd-cgtop \ - ${bindir}/systemd-stdio-bridge \ - ${base_bindir}/systemd-ask-password \ - ${base_bindir}/systemd-tty-ask-password-agent \ - ${systemd_unitdir}/system/systemd-ask-password-console.path \ - ${systemd_unitdir}/system/systemd-ask-password-console.service \ - ${systemd_unitdir}/system/systemd-ask-password-wall.path \ - ${systemd_unitdir}/system/systemd-ask-password-wall.service \ - ${systemd_unitdir}/system/sysinit.target.wants/systemd-ask-password-console.path \ - ${systemd_unitdir}/system/sysinit.target.wants/systemd-ask-password-wall.path \ - ${systemd_unitdir}/system/multi-user.target.wants/systemd-ask-password-wall.path \ - ${rootlibexecdir}/systemd/systemd-resolve-host \ - ${rootlibexecdir}/systemd/systemd-ac-power \ - ${rootlibexecdir}/systemd/systemd-activate \ - ${rootlibexecdir}/systemd/systemd-bus-proxyd \ - ${systemd_unitdir}/system/systemd-bus-proxyd.service \ - ${systemd_unitdir}/system/systemd-bus-proxyd.socket \ - ${rootlibexecdir}/systemd/systemd-socket-proxyd \ - ${rootlibexecdir}/systemd/systemd-reply-password \ - ${rootlibexecdir}/systemd/systemd-sleep \ - ${rootlibexecdir}/systemd/system-sleep \ - ${systemd_unitdir}/system/systemd-hibernate.service \ - ${systemd_unitdir}/system/systemd-hybrid-sleep.service \ - ${systemd_unitdir}/system/systemd-suspend.service \ - ${systemd_unitdir}/system/sleep.target \ - ${rootlibexecdir}/systemd/systemd-initctl \ - ${systemd_unitdir}/system/systemd-initctl.service \ - ${systemd_unitdir}/system/systemd-initctl.socket \ - ${systemd_unitdir}/system/sockets.target.wants/systemd-initctl.socket \ - ${rootlibexecdir}/systemd/system-generators/systemd-gpt-auto-generator \ - ${rootlibexecdir}/systemd/systemd-cgroups-agent \ -" - -CONFFILES_${PN} = "${sysconfdir}/systemd/coredump.conf \ - ${sysconfdir}/systemd/journald.conf \ - ${sysconfdir}/systemd/logind.conf \ - ${sysconfdir}/systemd/system.conf \ - ${sysconfdir}/systemd/user.conf \ - ${sysconfdir}/systemd/resolved.conf \ - ${sysconfdir}/systemd/timesyncd.conf \ -" - -FILES_${PN} = " ${base_bindir}/* \ - ${base_sbindir}/shutdown \ - ${base_sbindir}/halt \ - ${base_sbindir}/poweroff \ - ${base_sbindir}/runlevel \ - ${base_sbindir}/telinit \ - ${base_sbindir}/resolvconf \ - ${base_sbindir}/reboot \ - ${base_sbindir}/init \ - ${datadir}/dbus-1/services \ - ${datadir}/dbus-1/system-services \ - ${datadir}/polkit-1 \ - ${datadir}/${BPN} \ - ${datadir}/factory \ - ${sysconfdir}/dbus-1/ \ - ${sysconfdir}/modules-load.d/ \ - ${sysconfdir}/pam.d/ \ - ${sysconfdir}/sysctl.d/ \ - ${sysconfdir}/systemd/ \ - ${sysconfdir}/tmpfiles.d/ \ - ${sysconfdir}/xdg/ \ - ${sysconfdir}/init.d/README \ - ${sysconfdir}/resolv-conf.systemd \ - ${sysconfdir}/X11/xinit/xinitrc.d/* \ - ${rootlibexecdir}/systemd/* \ - ${systemd_unitdir}/* \ - ${base_libdir}/security/*.so \ - /cgroup \ - ${bindir}/systemd* \ - ${bindir}/busctl \ - ${bindir}/coredumpctl \ - ${bindir}/localectl \ - ${bindir}/hostnamectl \ - ${bindir}/resolvectl \ - ${bindir}/timedatectl \ - ${bindir}/bootctl \ - ${exec_prefix}/lib/tmpfiles.d/*.conf \ - ${exec_prefix}/lib/systemd \ - ${exec_prefix}/lib/modules-load.d \ - ${exec_prefix}/lib/sysctl.d \ - ${exec_prefix}/lib/sysusers.d \ - ${exec_prefix}/lib/environment.d \ - ${localstatedir} \ - ${rootlibexecdir}/udev/rules.d/70-uaccess.rules \ - ${rootlibexecdir}/udev/rules.d/71-seat.rules \ - ${rootlibexecdir}/udev/rules.d/73-seat-late.rules \ - ${rootlibexecdir}/udev/rules.d/99-systemd.rules \ - ${rootlibexecdir}/modprobe.d/systemd.conf \ - ${datadir}/dbus-1/system.d/org.freedesktop.timedate1.conf \ - ${datadir}/dbus-1/system.d/org.freedesktop.locale1.conf \ - ${datadir}/dbus-1/system.d/org.freedesktop.network1.conf \ - ${datadir}/dbus-1/system.d/org.freedesktop.resolve1.conf \ - ${datadir}/dbus-1/system.d/org.freedesktop.systemd1.conf \ - ${datadir}/dbus-1/system.d/org.freedesktop.hostname1.conf \ - ${datadir}/dbus-1/system.d/org.freedesktop.login1.conf \ - ${datadir}/dbus-1/system.d/org.freedesktop.timesync1.conf \ - ${datadir}/dbus-1/system.d/org.freedesktop.portable1.conf \ - " - -FILES_${PN}-dev += "${base_libdir}/security/*.la ${datadir}/dbus-1/interfaces/ ${sysconfdir}/rpm/macros.systemd" - -RDEPENDS_${PN} += "kmod dbus util-linux-mount util-linux-umount udev (= ${EXTENDPKGV}) util-linux-agetty util-linux-fsck" -RDEPENDS_${PN} += "${@bb.utils.contains('PACKAGECONFIG', 'serial-getty-generator', '', 'systemd-serialgetty', d)}" -RDEPENDS_${PN} += "volatile-binds" - -RRECOMMENDS_${PN} += "systemd-extra-utils \ - systemd-compat-units udev-hwdb \ - e2fsprogs-e2fsck \ - kernel-module-autofs4 kernel-module-unix kernel-module-ipv6 kernel-module-sch-fq-codel \ - os-release \ - systemd-conf \ -" - -INSANE_SKIP_${PN} += "dev-so libdir" -INSANE_SKIP_${PN}-dbg += "libdir" -INSANE_SKIP_${PN}-doc += " libdir" - -RPROVIDES_udev = "hotplug" - -RDEPENDS_udev-hwdb += "udev" - -FILES_udev += "${base_sbindir}/udevd \ - ${rootlibexecdir}/systemd/network/99-default.link \ - ${rootlibexecdir}/systemd/systemd-udevd \ - ${rootlibexecdir}/udev/accelerometer \ - ${rootlibexecdir}/udev/ata_id \ - ${rootlibexecdir}/udev/cdrom_id \ - ${rootlibexecdir}/udev/collect \ - ${rootlibexecdir}/udev/fido_id \ - ${rootlibexecdir}/udev/findkeyboards \ - ${rootlibexecdir}/udev/keyboard-force-release.sh \ - ${rootlibexecdir}/udev/keymap \ - ${rootlibexecdir}/udev/mtd_probe \ - ${rootlibexecdir}/udev/scsi_id \ - ${rootlibexecdir}/udev/v4l_id \ - ${rootlibexecdir}/udev/keymaps \ - ${rootlibexecdir}/udev/rules.d/50-udev-default.rules \ - ${rootlibexecdir}/udev/rules.d/60-autosuspend-chromiumos.rules \ - ${rootlibexecdir}/udev/rules.d/60-block.rules \ - ${rootlibexecdir}/udev/rules.d/60-cdrom_id.rules \ - ${rootlibexecdir}/udev/rules.d/60-drm.rules \ - ${rootlibexecdir}/udev/rules.d/60-evdev.rules \ - ${rootlibexecdir}/udev/rules.d/60-fido-id.rules \ - ${rootlibexecdir}/udev/rules.d/60-input-id.rules \ - ${rootlibexecdir}/udev/rules.d/60-persistent-alsa.rules \ - ${rootlibexecdir}/udev/rules.d/60-persistent-input.rules \ - ${rootlibexecdir}/udev/rules.d/60-persistent-storage.rules \ - ${rootlibexecdir}/udev/rules.d/60-persistent-storage-tape.rules \ - ${rootlibexecdir}/udev/rules.d/60-persistent-v4l.rules \ - ${rootlibexecdir}/udev/rules.d/60-sensor.rules \ - ${rootlibexecdir}/udev/rules.d/60-serial.rules \ - ${rootlibexecdir}/udev/rules.d/61-autosuspend-manual.rules \ - ${rootlibexecdir}/udev/rules.d/64-btrfs.rules \ - ${rootlibexecdir}/udev/rules.d/70-joystick.rules \ - ${rootlibexecdir}/udev/rules.d/70-mouse.rules \ - ${rootlibexecdir}/udev/rules.d/70-power-switch.rules \ - ${rootlibexecdir}/udev/rules.d/70-touchpad.rules \ - ${rootlibexecdir}/udev/rules.d/75-net-description.rules \ - ${rootlibexecdir}/udev/rules.d/75-probe_mtd.rules \ - ${rootlibexecdir}/udev/rules.d/78-sound-card.rules \ - ${rootlibexecdir}/udev/rules.d/80-drivers.rules \ - ${rootlibexecdir}/udev/rules.d/80-net-setup-link.rules \ - ${rootlibexecdir}/udev/rules.d/90-vconsole.rules \ - ${sysconfdir}/udev \ - ${sysconfdir}/init.d/systemd-udevd \ - ${systemd_unitdir}/system/*udev* \ - ${systemd_unitdir}/system/*.wants/*udev* \ - ${base_bindir}/systemd-hwdb \ - ${base_bindir}/udevadm \ - ${base_sbindir}/udevadm \ - ${libexecdir}/${MLPREFIX}udevadm \ - ${datadir}/bash-completion/completions/udevadm \ - ${systemd_unitdir}/system/systemd-hwdb-update.service \ - " - -FILES_udev-hwdb = "${rootlibexecdir}/udev/hwdb.d \ - " - -RCONFLICTS_${PN} = "tiny-init ${@bb.utils.contains('PACKAGECONFIG', 'resolved', 'resolvconf', '', d)}" - -INITSCRIPT_PACKAGES = "udev" -INITSCRIPT_NAME_udev = "systemd-udevd" -INITSCRIPT_PARAMS_udev = "start 03 S ." - -python __anonymous() { - if not bb.utils.contains('DISTRO_FEATURES', 'sysvinit', True, False, d): - d.setVar("INHIBIT_UPDATERCD_BBCLASS", "1") -} - -python do_warn_musl() { - if d.getVar('TCLIBC') == "musl": - bb.warn("Using systemd with musl is not recommended since it is not supported upstream and some patches are known to be problematic.") -} -addtask warn_musl before do_configure - -ALTERNATIVE_${PN} = "halt reboot shutdown poweroff runlevel ${@bb.utils.contains('PACKAGECONFIG', 'resolved', 'resolv-conf', '', d)}" - -ALTERNATIVE_TARGET[resolv-conf] = "${sysconfdir}/resolv-conf.systemd" -ALTERNATIVE_LINK_NAME[resolv-conf] = "${sysconfdir}/resolv.conf" -ALTERNATIVE_PRIORITY[resolv-conf] ?= "50" - -ALTERNATIVE_TARGET[halt] = "${base_bindir}/systemctl" -ALTERNATIVE_LINK_NAME[halt] = "${base_sbindir}/halt" -ALTERNATIVE_PRIORITY[halt] ?= "300" - -ALTERNATIVE_TARGET[reboot] = "${base_bindir}/systemctl" -ALTERNATIVE_LINK_NAME[reboot] = "${base_sbindir}/reboot" -ALTERNATIVE_PRIORITY[reboot] ?= "300" - -ALTERNATIVE_TARGET[shutdown] = "${base_bindir}/systemctl" -ALTERNATIVE_LINK_NAME[shutdown] = "${base_sbindir}/shutdown" -ALTERNATIVE_PRIORITY[shutdown] ?= "300" - -ALTERNATIVE_TARGET[poweroff] = "${base_bindir}/systemctl" -ALTERNATIVE_LINK_NAME[poweroff] = "${base_sbindir}/poweroff" -ALTERNATIVE_PRIORITY[poweroff] ?= "300" - -ALTERNATIVE_TARGET[runlevel] = "${base_bindir}/systemctl" -ALTERNATIVE_LINK_NAME[runlevel] = "${base_sbindir}/runlevel" -ALTERNATIVE_PRIORITY[runlevel] ?= "300" - -pkg_postinst_${PN}_libc-glibc () { - sed -e '/^hosts:/s/\s*\//' \ - -e 's/\(^hosts:.*\)\(\\)\(.*\)\(\\)\(.*\)/\1\2 myhostname \3\4\5/' \ - -i $D${sysconfdir}/nsswitch.conf -} - -pkg_prerm_${PN}_libc-glibc () { - sed -e '/^hosts:/s/\s*\//' \ - -e '/^hosts:/s/\s*myhostname//' \ - -i $D${sysconfdir}/nsswitch.conf -} - -PACKAGE_WRITE_DEPS += "qemu-native" -pkg_postinst_udev-hwdb () { - if test -n "$D"; then - $INTERCEPT_DIR/postinst_intercept update_udev_hwdb ${PKG} mlprefix=${MLPREFIX} binprefix=${MLPREFIX} rootlibexecdir="${rootlibexecdir}" PREFERRED_PROVIDER_udev="${PREFERRED_PROVIDER_udev}" - else - udevadm hwdb --update - fi -} - -pkg_prerm_udev-hwdb () { - rm -f $D${sysconfdir}/udev/hwdb.bin -} diff --git a/meta/recipes-core/systemd/systemd_244.5.bb b/meta/recipes-core/systemd/systemd_244.5.bb new file mode 100644 index 0000000000..8c95648ca0 --- /dev/null +++ b/meta/recipes-core/systemd/systemd_244.5.bb @@ -0,0 +1,710 @@ +require systemd.inc + +PROVIDES = "udev" + +PE = "1" + +DEPENDS = "intltool-native gperf-native libcap util-linux" + +SECTION = "base/shell" + +inherit useradd pkgconfig meson perlnative update-rc.d update-alternatives qemu systemd gettext bash-completion manpages features_check + +# As this recipe builds udev, respect systemd being in DISTRO_FEATURES so +# that we don't build both udev and systemd in world builds. +REQUIRED_DISTRO_FEATURES = "systemd" + +SRC_URI += "file://touchscreen.rules \ + file://00-create-volatile.conf \ + file://init \ + file://99-default.preset \ + file://0001-binfmt-Don-t-install-dependency-links-at-install-tim.patch \ + file://0003-implment-systemd-sysv-install-for-OE.patch \ + " + +# patches needed by musl +SRC_URI_append_libc-musl = " ${SRC_URI_MUSL}" +SRC_URI_MUSL = "\ + file://0002-don-t-use-glibc-specific-qsort_r.patch \ + file://0003-missing_type.h-add-__compare_fn_t-and-comparison_fn_.patch \ + file://0004-add-fallback-parse_printf_format-implementation.patch \ + file://0005-src-basic-missing.h-check-for-missing-strndupa.patch \ + file://0006-Include-netinet-if_ether.h.patch \ + file://0007-don-t-fail-if-GLOB_BRACE-and-GLOB_ALTDIRFUNC-is-not.patch \ + file://0008-add-missing-FTW_-macros-for-musl.patch \ + file://0010-fix-missing-of-__register_atfork-for-non-glibc-build.patch \ + file://0011-Use-uintmax_t-for-handling-rlim_t.patch \ + file://0014-test-sizeof.c-Disable-tests-for-missing-typedefs-in-.patch \ + file://0015-don-t-pass-AT_SYMLINK_NOFOLLOW-flag-to-faccessat.patch \ + file://0016-Define-glibc-compatible-basename-for-non-glibc-syste.patch \ + file://0017-Do-not-disable-buffering-when-writing-to-oom_score_a.patch \ + file://0018-distinguish-XSI-compliant-strerror_r-from-GNU-specif.patch \ + file://0019-Hide-__start_BUS_ERROR_MAP-and-__stop_BUS_ERROR_MAP.patch \ + file://0020-missing_type.h-add-__compar_d_fn_t-definition.patch \ + file://0021-avoid-redefinition-of-prctl_mm_map-structure.patch \ + file://0024-test-json.c-define-M_PIl.patch \ + file://0001-do-not-disable-buffer-in-writing-files.patch \ + file://0002-src-login-brightness.c-include-sys-wait.h.patch \ + file://0003-src-basic-copy.c-include-signal.h.patch \ + file://0004-src-shared-cpu-set-util.h-add-__cpu_mask-definition.patch \ + " + +# already applied in 244.5 +CVE_CHECK_WHITELIST += "CVE-2020-13776" + +PAM_PLUGINS = " \ + pam-plugin-unix \ + pam-plugin-loginuid \ + pam-plugin-keyinit \ +" + +PACKAGECONFIG ??= " \ + ${@bb.utils.filter('DISTRO_FEATURES', 'acl audit efi ldconfig pam selinux smack usrmerge polkit', d)} \ + ${@bb.utils.contains('DISTRO_FEATURES', 'wifi', 'rfkill', '', d)} \ + ${@bb.utils.contains('DISTRO_FEATURES', 'x11', 'xkbcommon', '', d)} \ + backlight \ + binfmt \ + gshadow \ + hibernate \ + hostnamed \ + idn \ + ima \ + kmod \ + localed \ + logind \ + machined \ + myhostname \ + networkd \ + nss \ + nss-mymachines \ + nss-resolve \ + quotacheck \ + randomseed \ + resolved \ + set-time-epoch \ + sysusers \ + sysvinit \ + timedated \ + timesyncd \ + utmp \ + vconsole \ + xz \ +" + +PACKAGECONFIG_remove_libc-musl = " \ + gshadow \ + idn \ + localed \ + myhostname \ + nss \ + nss-mymachines \ + nss-resolve \ + sysusers \ + utmp \ +" + +CFLAGS_append_libc-musl = " -D__UAPI_DEF_ETHHDR=0 " + +# Use the upstream systemd serial-getty@.service and rely on +# systemd-getty-generator instead of using the OE-core specific +# systemd-serialgetty.bb - not enabled by default. +PACKAGECONFIG[serial-getty-generator] = "" + +PACKAGECONFIG[acl] = "-Dacl=true,-Dacl=false,acl" +PACKAGECONFIG[audit] = "-Daudit=true,-Daudit=false,audit" +PACKAGECONFIG[backlight] = "-Dbacklight=true,-Dbacklight=false" +PACKAGECONFIG[binfmt] = "-Dbinfmt=true,-Dbinfmt=false" +PACKAGECONFIG[bzip2] = "-Dbzip2=true,-Dbzip2=false,bzip2" +PACKAGECONFIG[cgroupv2] = "-Ddefault-hierarchy=unified,-Ddefault-hierarchy=hybrid" +PACKAGECONFIG[coredump] = "-Dcoredump=true,-Dcoredump=false" +PACKAGECONFIG[cryptsetup] = "-Dlibcryptsetup=true,-Dlibcryptsetup=false,cryptsetup" +PACKAGECONFIG[dbus] = "-Ddbus=true,-Ddbus=false,dbus" +PACKAGECONFIG[efi] = "-Defi=true,-Defi=false" +PACKAGECONFIG[gnu-efi] = "-Dgnu-efi=true -Defi-libdir=${STAGING_LIBDIR} -Defi-includedir=${STAGING_INCDIR}/efi,-Dgnu-efi=false,gnu-efi" +PACKAGECONFIG[elfutils] = "-Delfutils=true,-Delfutils=false,elfutils" +PACKAGECONFIG[firstboot] = "-Dfirstboot=true,-Dfirstboot=false" +# Sign the journal for anti-tampering +PACKAGECONFIG[gcrypt] = "-Dgcrypt=true,-Dgcrypt=false,libgcrypt" +PACKAGECONFIG[gnutls] = "-Dgnutls=true,-Dgnutls=false,gnutls" +PACKAGECONFIG[gshadow] = "-Dgshadow=true,-Dgshadow=false" +PACKAGECONFIG[hibernate] = "-Dhibernate=true,-Dhibernate=false" +PACKAGECONFIG[hostnamed] = "-Dhostnamed=true,-Dhostnamed=false" +PACKAGECONFIG[idn] = "-Didn=true,-Didn=false" +PACKAGECONFIG[ima] = "-Dima=true,-Dima=false" +# importd requires curl/xz/zlib/bzip2/gcrypt +PACKAGECONFIG[importd] = "-Dimportd=true,-Dimportd=false" +# Update NAT firewall rules +PACKAGECONFIG[iptc] = "-Dlibiptc=true,-Dlibiptc=false,iptables" +PACKAGECONFIG[journal-upload] = "-Dlibcurl=true,-Dlibcurl=false,curl" +PACKAGECONFIG[kmod] = "-Dkmod=true,-Dkmod=false,kmod" +PACKAGECONFIG[ldconfig] = "-Dldconfig=true,-Dldconfig=false,,ldconfig" +PACKAGECONFIG[libidn] = "-Dlibidn=true,-Dlibidn=false,libidn" +PACKAGECONFIG[libidn2] = "-Dlibidn2=true,-Dlibidn2=false,libidn2" +PACKAGECONFIG[localed] = "-Dlocaled=true,-Dlocaled=false" +PACKAGECONFIG[logind] = "-Dlogind=true,-Dlogind=false" +PACKAGECONFIG[lz4] = "-Dlz4=true,-Dlz4=false,lz4" +PACKAGECONFIG[machined] = "-Dmachined=true,-Dmachined=false" +PACKAGECONFIG[manpages] = "-Dman=true,-Dman=false,libxslt-native xmlto-native docbook-xml-dtd4-native docbook-xsl-stylesheets-native" +PACKAGECONFIG[microhttpd] = "-Dmicrohttpd=true,-Dmicrohttpd=false,libmicrohttpd" +PACKAGECONFIG[myhostname] = "-Dnss-myhostname=true,-Dnss-myhostname=false,,libnss-myhostname" +PACKAGECONFIG[networkd] = "-Dnetworkd=true,-Dnetworkd=false" +PACKAGECONFIG[nss] = "-Dnss-systemd=true,-Dnss-systemd=false" +PACKAGECONFIG[nss-mymachines] = "-Dnss-mymachines=true,-Dnss-mymachines=false" +PACKAGECONFIG[nss-resolve] = "-Dnss-resolve=true,-Dnss-resolve=false" +PACKAGECONFIG[openssl] = "-Dopenssl=true,-Dopenssl=false,openssl" +PACKAGECONFIG[pam] = "-Dpam=true,-Dpam=false,libpam,${PAM_PLUGINS}" +PACKAGECONFIG[pcre2] = "-Dpcre2=true,-Dpcre2=false,libpcre2" +PACKAGECONFIG[polkit] = "-Dpolkit=true,-Dpolkit=false" +PACKAGECONFIG[portabled] = "-Dportabled=true,-Dportabled=false" +PACKAGECONFIG[qrencode] = "-Dqrencode=true,-Dqrencode=false,qrencode" +PACKAGECONFIG[quotacheck] = "-Dquotacheck=true,-Dquotacheck=false" +PACKAGECONFIG[randomseed] = "-Drandomseed=true,-Drandomseed=false" +PACKAGECONFIG[resolved] = "-Dresolve=true,-Dresolve=false" +PACKAGECONFIG[rfkill] = "-Drfkill=true,-Drfkill=false" +# libseccomp is found in meta-security +PACKAGECONFIG[seccomp] = "-Dseccomp=true,-Dseccomp=false,libseccomp" +PACKAGECONFIG[selinux] = "-Dselinux=true,-Dselinux=false,libselinux,initscripts-sushell" +PACKAGECONFIG[smack] = "-Dsmack=true,-Dsmack=false" +PACKAGECONFIG[sysusers] = "-Dsysusers=true,-Dsysusers=false" +PACKAGECONFIG[sysvinit] = "-Dsysvinit-path=${sysconfdir}/init.d -Dsysvrcnd-path=${sysconfdir},-Dsysvinit-path= -Dsysvrcnd-path=,,update-rc.d" +# When enabled use reproducble build timestamp if set as time epoch, +# or build time if not. When disabled, time epoch is unset. +def build_epoch(d): + epoch = d.getVar('SOURCE_DATE_EPOCH') or "-1" + return '-Dtime-epoch=%d' % int(epoch) +PACKAGECONFIG[set-time-epoch] = "${@build_epoch(d)},-Dtime-epoch=0" +PACKAGECONFIG[timedated] = "-Dtimedated=true,-Dtimedated=false" +PACKAGECONFIG[timesyncd] = "-Dtimesyncd=true,-Dtimesyncd=false" +PACKAGECONFIG[usrmerge] = "-Dsplit-usr=false,-Dsplit-usr=true" +PACKAGECONFIG[sbinmerge] = "-Dsplit-bin=false,-Dsplit-bin=true" +PACKAGECONFIG[utmp] = "-Dutmp=true,-Dutmp=false" +PACKAGECONFIG[valgrind] = "-DVALGRIND=1,,valgrind" +PACKAGECONFIG[vconsole] = "-Dvconsole=true,-Dvconsole=false,,${PN}-vconsole-setup" +# Verify keymaps on locale change +PACKAGECONFIG[xkbcommon] = "-Dxkbcommon=true,-Dxkbcommon=false,libxkbcommon" +PACKAGECONFIG[xz] = "-Dxz=true,-Dxz=false,xz" +PACKAGECONFIG[zlib] = "-Dzlib=true,-Dzlib=false,zlib" + +# Helper variables to clarify locations. This mirrors the logic in systemd's +# build system. +rootprefix ?= "${root_prefix}" +rootlibdir ?= "${base_libdir}" +rootlibexecdir = "${rootprefix}/lib" + +# This links udev statically with systemd helper library. +# Otherwise udev package would depend on systemd package (which has the needed shared library), +# and always pull it into images. +EXTRA_OEMESON += "-Dlink-udev-shared=false" + +EXTRA_OEMESON += "-Dnobody-user=nobody \ + -Dnobody-group=nobody \ + -Drootlibdir=${rootlibdir} \ + -Drootprefix=${rootprefix} \ + -Ddefault-locale=C \ + " + +# Hardcode target binary paths to avoid using paths from sysroot +EXTRA_OEMESON += "-Dkexec-path=${sbindir}/kexec \ + -Dkmod-path=${base_bindir}/kmod \ + -Dmount-path=${base_bindir}/mount \ + -Dquotacheck-path=${sbindir}/quotacheck \ + -Dquotaon-path=${sbindir}/quotaon \ + -Dsulogin-path=${base_sbindir}/sulogin \ + -Dnologin-path=${base_sbindir}/nologin \ + -Dumount-path=${base_bindir}/umount" + +do_install() { + meson_do_install + install -d ${D}/${base_sbindir} + if ${@bb.utils.contains('PACKAGECONFIG', 'serial-getty-generator', 'false', 'true', d)}; then + # Provided by a separate recipe + rm ${D}${systemd_unitdir}/system/serial-getty* -f + fi + + # Provide support for initramfs + [ ! -e ${D}/init ] && ln -s ${rootlibexecdir}/systemd/systemd ${D}/init + [ ! -e ${D}/${base_sbindir}/udevd ] && ln -s ${rootlibexecdir}/systemd/systemd-udevd ${D}/${base_sbindir}/udevd + + install -d ${D}${sysconfdir}/udev/rules.d/ + install -d ${D}${sysconfdir}/tmpfiles.d + install -m 0644 ${WORKDIR}/*.rules ${D}${sysconfdir}/udev/rules.d/ + + install -m 0644 ${WORKDIR}/00-create-volatile.conf ${D}${sysconfdir}/tmpfiles.d/ + + if ${@bb.utils.contains('DISTRO_FEATURES','sysvinit','true','false',d)}; then + install -d ${D}${sysconfdir}/init.d + install -m 0755 ${WORKDIR}/init ${D}${sysconfdir}/init.d/systemd-udevd + sed -i s%@UDEVD@%${rootlibexecdir}/systemd/systemd-udevd% ${D}${sysconfdir}/init.d/systemd-udevd + install -Dm 0755 ${S}/src/systemctl/systemd-sysv-install.SKELETON ${D}${systemd_unitdir}/systemd-sysv-install + fi + + chown root:systemd-journal ${D}/${localstatedir}/log/journal + + # Delete journal README, as log can be symlinked inside volatile. + rm -f ${D}/${localstatedir}/log/README + + # journal-remote creates this at start + rm -rf ${D}/${localstatedir}/log/journal/remote + + install -d ${D}${systemd_unitdir}/system/graphical.target.wants + install -d ${D}${systemd_unitdir}/system/multi-user.target.wants + install -d ${D}${systemd_unitdir}/system/poweroff.target.wants + install -d ${D}${systemd_unitdir}/system/reboot.target.wants + install -d ${D}${systemd_unitdir}/system/rescue.target.wants + + # Create symlinks for systemd-update-utmp-runlevel.service + if ${@bb.utils.contains('PACKAGECONFIG', 'utmp', 'true', 'false', d)}; then + ln -sf ../systemd-update-utmp-runlevel.service ${D}${systemd_unitdir}/system/graphical.target.wants/systemd-update-utmp-runlevel.service + ln -sf ../systemd-update-utmp-runlevel.service ${D}${systemd_unitdir}/system/multi-user.target.wants/systemd-update-utmp-runlevel.service + ln -sf ../systemd-update-utmp-runlevel.service ${D}${systemd_unitdir}/system/poweroff.target.wants/systemd-update-utmp-runlevel.service + ln -sf ../systemd-update-utmp-runlevel.service ${D}${systemd_unitdir}/system/reboot.target.wants/systemd-update-utmp-runlevel.service + ln -sf ../systemd-update-utmp-runlevel.service ${D}${systemd_unitdir}/system/rescue.target.wants/systemd-update-utmp-runlevel.service + fi + + # this file is needed to exist if networkd is disabled but timesyncd is still in use since timesyncd checks it + # for existence else it fails + if [ -s ${D}${exec_prefix}/lib/tmpfiles.d/systemd.conf ]; then + ${@bb.utils.contains('PACKAGECONFIG', 'networkd', ':', 'sed -i -e "\$ad /run/systemd/netif/links 0755 root root -" ${D}${exec_prefix}/lib/tmpfiles.d/systemd.conf', d)} + fi + if ! ${@bb.utils.contains('PACKAGECONFIG', 'resolved', 'true', 'false', d)}; then + echo 'L! ${sysconfdir}/resolv.conf - - - - ../run/systemd/resolve/resolv.conf' >>${D}${exec_prefix}/lib/tmpfiles.d/etc.conf + echo 'd /run/systemd/resolve 0755 root root -' >>${D}${exec_prefix}/lib/tmpfiles.d/systemd.conf + echo 'f /run/systemd/resolve/resolv.conf 0644 root root' >>${D}${exec_prefix}/lib/tmpfiles.d/systemd.conf + ln -s ../run/systemd/resolve/resolv.conf ${D}${sysconfdir}/resolv-conf.systemd + else + sed -i -e "s%^L! /etc/resolv.conf.*$%L! /etc/resolv.conf - - - - ../run/systemd/resolve/resolv.conf%g" ${D}${exec_prefix}/lib/tmpfiles.d/etc.conf + ln -s ../run/systemd/resolve/resolv.conf ${D}${sysconfdir}/resolv-conf.systemd + fi + if ${@bb.utils.contains('DISTRO_FEATURES', 'x11', 'false', 'true', d)}; then + rm ${D}${exec_prefix}/lib/tmpfiles.d/x11.conf + rm -r ${D}${sysconfdir}/X11 + fi + + # If polkit is setup fixup permissions and ownership + if ${@bb.utils.contains('PACKAGECONFIG', 'polkit', 'true', 'false', d)}; then + if [ -d ${D}${datadir}/polkit-1/rules.d ]; then + chmod 700 ${D}${datadir}/polkit-1/rules.d + chown polkitd:root ${D}${datadir}/polkit-1/rules.d + fi + fi + + # create link for existing udev rules + ln -s ${base_bindir}/udevadm ${D}${base_sbindir}/udevadm + + # duplicate udevadm for postinst script + install -d ${D}${libexecdir} + ln ${D}${base_bindir}/udevadm ${D}${libexecdir}/${MLPREFIX}udevadm + + # install default policy for presets + # https://www.freedesktop.org/wiki/Software/systemd/Preset/#howto + install -Dm 0644 ${WORKDIR}/99-default.preset ${D}${systemd_unitdir}/system-preset/99-default.preset +} + +python populate_packages_prepend (){ + systemdlibdir = d.getVar("rootlibdir") + do_split_packages(d, systemdlibdir, '^lib(.*)\.so\.*', 'lib%s', 'Systemd %s library', extra_depends='', allow_links=True) +} +PACKAGES_DYNAMIC += "^lib(udev|systemd|nss).*" + +PACKAGE_BEFORE_PN = "\ + ${PN}-gui \ + ${PN}-vconsole-setup \ + ${PN}-initramfs \ + ${PN}-analyze \ + ${PN}-kernel-install \ + ${PN}-rpm-macros \ + ${PN}-binfmt \ + ${PN}-zsh-completion \ + ${PN}-container \ + ${PN}-journal-gatewayd \ + ${PN}-journal-upload \ + ${PN}-journal-remote \ + ${PN}-extra-utils \ + udev \ + udev-hwdb \ +" + +SUMMARY_${PN}-container = "Tools for containers and VMs" +DESCRIPTION_${PN}-container = "Systemd tools to spawn and manage containers and virtual machines." + +SUMMARY_${PN}-journal-gatewayd = "HTTP server for journal events" +DESCRIPTION_${PN}-journal-gatewayd = "systemd-journal-gatewayd serves journal events over the network. Clients must connect using HTTP. The server listens on port 19531 by default." + +SUMMARY_${PN}-journal-upload = "Send journal messages over the network" +DESCRIPTION_${PN}-journal-upload = "systemd-journal-upload uploads journal entries to a specified URL." + +SUMMARY_${PN}-journal-remote = "Receive journal messages over the network" +DESCRIPTION_${PN}-journal-remote = "systemd-journal-remote is a command to receive serialized journal events and store them to journal files." + +SYSTEMD_PACKAGES = "${@bb.utils.contains('PACKAGECONFIG', 'binfmt', '${PN}-binfmt', '', d)} \ + ${@bb.utils.contains('PACKAGECONFIG', 'microhttpd', '${PN}-journal-gatewayd', '', d)} \ + ${@bb.utils.contains('PACKAGECONFIG', 'microhttpd', '${PN}-journal-remote', '', d)} \ + ${@bb.utils.contains('PACKAGECONFIG', 'journal-upload', '${PN}-journal-upload', '', d)} \ +" +SYSTEMD_SERVICE_${PN}-binfmt = "systemd-binfmt.service" + +USERADD_PACKAGES = "${PN} ${PN}-extra-utils \ + ${@bb.utils.contains('PACKAGECONFIG', 'microhttpd', '${PN}-journal-gateway', '', d)} \ + ${@bb.utils.contains('PACKAGECONFIG', 'microhttpd', '${PN}-journal-remote', '', d)} \ + ${@bb.utils.contains('PACKAGECONFIG', 'journal-upload', '${PN}-journal-upload', '', d)} \ +" +GROUPADD_PARAM_${PN} = "-r systemd-journal" +USERADD_PARAM_${PN} += "${@bb.utils.contains('PACKAGECONFIG', 'coredump', '--system -d / -M --shell /bin/nologin systemd-coredump;', '', d)}" +USERADD_PARAM_${PN} += "${@bb.utils.contains('PACKAGECONFIG', 'networkd', '--system -d / -M --shell /bin/nologin systemd-network;', '', d)}" +USERADD_PARAM_${PN} += "${@bb.utils.contains('PACKAGECONFIG', 'polkit', '--system --no-create-home --user-group --home-dir ${sysconfdir}/polkit-1 polkitd;', '', d)}" +USERADD_PARAM_${PN} += "${@bb.utils.contains('PACKAGECONFIG', 'resolved', '--system -d / -M --shell /bin/nologin systemd-resolve;', '', d)}" +USERADD_PARAM_${PN} += "${@bb.utils.contains('PACKAGECONFIG', 'timesyncd', '--system -d / -M --shell /bin/nologin systemd-timesync;', '', d)}" +USERADD_PARAM_${PN}-extra-utils = "--system -d / -M --shell /bin/nologin systemd-bus-proxy" +USERADD_PARAM_${PN}-journal-gateway = "--system -d / -M --shell /bin/nologin systemd-journal-gateway" +USERADD_PARAM_${PN}-journal-remote = "--system -d / -M --shell /bin/nologin systemd-journal-remote" +USERADD_PARAM_${PN}-journal-upload = "--system -d / -M --shell /bin/nologin systemd-journal-upload" + +FILES_${PN}-analyze = "${bindir}/systemd-analyze" + +FILES_${PN}-initramfs = "/init" +RDEPENDS_${PN}-initramfs = "${PN}" + +FILES_${PN}-gui = "${bindir}/systemadm" + +FILES_${PN}-vconsole-setup = "${rootlibexecdir}/systemd/systemd-vconsole-setup \ + ${systemd_unitdir}/system/systemd-vconsole-setup.service \ + ${systemd_unitdir}/system/sysinit.target.wants/systemd-vconsole-setup.service" + +RDEPENDS_${PN}-kernel-install += "bash" +FILES_${PN}-kernel-install = "${bindir}/kernel-install \ + ${sysconfdir}/kernel/ \ + ${exec_prefix}/lib/kernel \ + " +FILES_${PN}-rpm-macros = "${exec_prefix}/lib/rpm \ + " + +FILES_${PN}-zsh-completion = "${datadir}/zsh/site-functions" + +FILES_${PN}-binfmt = "${sysconfdir}/binfmt.d/ \ + ${exec_prefix}/lib/binfmt.d \ + ${rootlibexecdir}/systemd/systemd-binfmt \ + ${systemd_unitdir}/system/proc-sys-fs-binfmt_misc.* \ + ${systemd_unitdir}/system/systemd-binfmt.service" +RRECOMMENDS_${PN}-binfmt = "kernel-module-binfmt-misc" + +RRECOMMENDS_${PN}-vconsole-setup = "kbd kbd-consolefonts kbd-keymaps" + + +FILES_${PN}-journal-gatewayd = "${rootlibexecdir}/systemd/systemd-journal-gatewayd \ + ${systemd_system_unitdir}/systemd-journal-gatewayd.service \ + ${systemd_system_unitdir}/systemd-journal-gatewayd.socket \ + ${systemd_system_unitdir}/sockets.target.wants/systemd-journal-gatewayd.socket \ + ${datadir}/systemd/gatewayd/browse.html \ + " +SYSTEMD_SERVICE_${PN}-journal-gatewayd = "systemd-journal-gatewayd.socket" + +FILES_${PN}-journal-upload = "${rootlibexecdir}/systemd/systemd-journal-upload \ + ${systemd_system_unitdir}/systemd-journal-upload.service \ + ${sysconfdir}/systemd/journal-upload.conf \ + " +SYSTEMD_SERVICE_${PN}-journal-upload = "systemd-journal-upload.service" + +FILES_${PN}-journal-remote = "${rootlibexecdir}/systemd/systemd-journal-remote \ + ${sysconfdir}/systemd/journal-remote.conf \ + ${systemd_system_unitdir}/systemd-journal-remote.service \ + ${systemd_system_unitdir}/systemd-journal-remote.socket \ + " +SYSTEMD_SERVICE_${PN}-journal-remote = "systemd-journal-remote.socket" + + +FILES_${PN}-container = "${sysconfdir}/dbus-1/system.d/org.freedesktop.import1.conf \ + ${sysconfdir}/dbus-1/system.d/org.freedesktop.machine1.conf \ + ${sysconfdir}/systemd/system/multi-user.target.wants/machines.target \ + ${base_bindir}/machinectl \ + ${bindir}/systemd-nspawn \ + ${nonarch_libdir}/systemd/import-pubring.gpg \ + ${systemd_system_unitdir}/busnames.target.wants/org.freedesktop.import1.busname \ + ${systemd_system_unitdir}/busnames.target.wants/org.freedesktop.machine1.busname \ + ${systemd_system_unitdir}/local-fs.target.wants/var-lib-machines.mount \ + ${systemd_system_unitdir}/machines.target.wants/var-lib-machines.mount \ + ${systemd_system_unitdir}/remote-fs.target.wants/var-lib-machines.mount \ + ${systemd_system_unitdir}/machine.slice \ + ${systemd_system_unitdir}/machines.target \ + ${systemd_system_unitdir}/org.freedesktop.import1.busname \ + ${systemd_system_unitdir}/org.freedesktop.machine1.busname \ + ${systemd_system_unitdir}/systemd-importd.service \ + ${systemd_system_unitdir}/systemd-machined.service \ + ${systemd_system_unitdir}/dbus-org.freedesktop.machine1.service \ + ${systemd_system_unitdir}/var-lib-machines.mount \ + ${rootlibexecdir}/systemd/systemd-import \ + ${rootlibexecdir}/systemd/systemd-importd \ + ${rootlibexecdir}/systemd/systemd-machined \ + ${rootlibexecdir}/systemd/systemd-pull \ + ${exec_prefix}/lib/tmpfiles.d/systemd-nspawn.conf \ + ${systemd_system_unitdir}/systemd-nspawn@.service \ + ${libdir}/libnss_mymachines.so.2 \ + ${datadir}/dbus-1/system-services/org.freedesktop.import1.service \ + ${datadir}/dbus-1/system-services/org.freedesktop.machine1.service \ + ${datadir}/dbus-1/system.d/org.freedesktop.import1.conf \ + ${datadir}/dbus-1/system.d/org.freedesktop.machine1.conf \ + ${datadir}/polkit-1/actions/org.freedesktop.import1.policy \ + ${datadir}/polkit-1/actions/org.freedesktop.machine1.policy \ + " + +RRECOMMENDS_${PN}-container += "\ + ${PN}-journal-upload \ + ${PN}-journal-remote \ + ${PN}-journal-gatewayd \ + " + +FILES_${PN}-extra-utils = "\ + ${base_bindir}/systemd-escape \ + ${base_bindir}/systemd-inhibit \ + ${bindir}/systemd-detect-virt \ + ${bindir}/systemd-path \ + ${bindir}/systemd-run \ + ${bindir}/systemd-cat \ + ${bindir}/systemd-delta \ + ${bindir}/systemd-cgls \ + ${bindir}/systemd-cgtop \ + ${bindir}/systemd-stdio-bridge \ + ${base_bindir}/systemd-ask-password \ + ${base_bindir}/systemd-tty-ask-password-agent \ + ${systemd_unitdir}/system/systemd-ask-password-console.path \ + ${systemd_unitdir}/system/systemd-ask-password-console.service \ + ${systemd_unitdir}/system/systemd-ask-password-wall.path \ + ${systemd_unitdir}/system/systemd-ask-password-wall.service \ + ${systemd_unitdir}/system/sysinit.target.wants/systemd-ask-password-console.path \ + ${systemd_unitdir}/system/sysinit.target.wants/systemd-ask-password-wall.path \ + ${systemd_unitdir}/system/multi-user.target.wants/systemd-ask-password-wall.path \ + ${rootlibexecdir}/systemd/systemd-resolve-host \ + ${rootlibexecdir}/systemd/systemd-ac-power \ + ${rootlibexecdir}/systemd/systemd-activate \ + ${rootlibexecdir}/systemd/systemd-bus-proxyd \ + ${systemd_unitdir}/system/systemd-bus-proxyd.service \ + ${systemd_unitdir}/system/systemd-bus-proxyd.socket \ + ${rootlibexecdir}/systemd/systemd-socket-proxyd \ + ${rootlibexecdir}/systemd/systemd-reply-password \ + ${rootlibexecdir}/systemd/systemd-sleep \ + ${rootlibexecdir}/systemd/system-sleep \ + ${systemd_unitdir}/system/systemd-hibernate.service \ + ${systemd_unitdir}/system/systemd-hybrid-sleep.service \ + ${systemd_unitdir}/system/systemd-suspend.service \ + ${systemd_unitdir}/system/sleep.target \ + ${rootlibexecdir}/systemd/systemd-initctl \ + ${systemd_unitdir}/system/systemd-initctl.service \ + ${systemd_unitdir}/system/systemd-initctl.socket \ + ${systemd_unitdir}/system/sockets.target.wants/systemd-initctl.socket \ + ${rootlibexecdir}/systemd/system-generators/systemd-gpt-auto-generator \ + ${rootlibexecdir}/systemd/systemd-cgroups-agent \ +" + +CONFFILES_${PN} = "${sysconfdir}/systemd/coredump.conf \ + ${sysconfdir}/systemd/journald.conf \ + ${sysconfdir}/systemd/logind.conf \ + ${sysconfdir}/systemd/system.conf \ + ${sysconfdir}/systemd/user.conf \ + ${sysconfdir}/systemd/resolved.conf \ + ${sysconfdir}/systemd/timesyncd.conf \ +" + +FILES_${PN} = " ${base_bindir}/* \ + ${base_sbindir}/shutdown \ + ${base_sbindir}/halt \ + ${base_sbindir}/poweroff \ + ${base_sbindir}/runlevel \ + ${base_sbindir}/telinit \ + ${base_sbindir}/resolvconf \ + ${base_sbindir}/reboot \ + ${base_sbindir}/init \ + ${datadir}/dbus-1/services \ + ${datadir}/dbus-1/system-services \ + ${datadir}/polkit-1 \ + ${datadir}/${BPN} \ + ${datadir}/factory \ + ${sysconfdir}/dbus-1/ \ + ${sysconfdir}/modules-load.d/ \ + ${sysconfdir}/pam.d/ \ + ${sysconfdir}/sysctl.d/ \ + ${sysconfdir}/systemd/ \ + ${sysconfdir}/tmpfiles.d/ \ + ${sysconfdir}/xdg/ \ + ${sysconfdir}/init.d/README \ + ${sysconfdir}/resolv-conf.systemd \ + ${sysconfdir}/X11/xinit/xinitrc.d/* \ + ${rootlibexecdir}/systemd/* \ + ${systemd_unitdir}/* \ + ${base_libdir}/security/*.so \ + /cgroup \ + ${bindir}/systemd* \ + ${bindir}/busctl \ + ${bindir}/coredumpctl \ + ${bindir}/localectl \ + ${bindir}/hostnamectl \ + ${bindir}/resolvectl \ + ${bindir}/timedatectl \ + ${bindir}/bootctl \ + ${exec_prefix}/lib/tmpfiles.d/*.conf \ + ${exec_prefix}/lib/systemd \ + ${exec_prefix}/lib/modules-load.d \ + ${exec_prefix}/lib/sysctl.d \ + ${exec_prefix}/lib/sysusers.d \ + ${exec_prefix}/lib/environment.d \ + ${localstatedir} \ + ${rootlibexecdir}/udev/rules.d/70-uaccess.rules \ + ${rootlibexecdir}/udev/rules.d/71-seat.rules \ + ${rootlibexecdir}/udev/rules.d/73-seat-late.rules \ + ${rootlibexecdir}/udev/rules.d/99-systemd.rules \ + ${rootlibexecdir}/modprobe.d/systemd.conf \ + ${datadir}/dbus-1/system.d/org.freedesktop.timedate1.conf \ + ${datadir}/dbus-1/system.d/org.freedesktop.locale1.conf \ + ${datadir}/dbus-1/system.d/org.freedesktop.network1.conf \ + ${datadir}/dbus-1/system.d/org.freedesktop.resolve1.conf \ + ${datadir}/dbus-1/system.d/org.freedesktop.systemd1.conf \ + ${datadir}/dbus-1/system.d/org.freedesktop.hostname1.conf \ + ${datadir}/dbus-1/system.d/org.freedesktop.login1.conf \ + ${datadir}/dbus-1/system.d/org.freedesktop.timesync1.conf \ + ${datadir}/dbus-1/system.d/org.freedesktop.portable1.conf \ + " + +FILES_${PN}-dev += "${base_libdir}/security/*.la ${datadir}/dbus-1/interfaces/ ${sysconfdir}/rpm/macros.systemd" + +RDEPENDS_${PN} += "kmod dbus util-linux-mount util-linux-umount udev (= ${EXTENDPKGV}) util-linux-agetty util-linux-fsck" +RDEPENDS_${PN} += "${@bb.utils.contains('PACKAGECONFIG', 'serial-getty-generator', '', 'systemd-serialgetty', d)}" +RDEPENDS_${PN} += "volatile-binds" + +RRECOMMENDS_${PN} += "systemd-extra-utils \ + systemd-compat-units udev-hwdb \ + e2fsprogs-e2fsck \ + kernel-module-autofs4 kernel-module-unix kernel-module-ipv6 kernel-module-sch-fq-codel \ + os-release \ + systemd-conf \ +" + +INSANE_SKIP_${PN} += "dev-so libdir" +INSANE_SKIP_${PN}-dbg += "libdir" +INSANE_SKIP_${PN}-doc += " libdir" + +RPROVIDES_udev = "hotplug" + +RDEPENDS_udev-hwdb += "udev" + +FILES_udev += "${base_sbindir}/udevd \ + ${rootlibexecdir}/systemd/network/99-default.link \ + ${rootlibexecdir}/systemd/systemd-udevd \ + ${rootlibexecdir}/udev/accelerometer \ + ${rootlibexecdir}/udev/ata_id \ + ${rootlibexecdir}/udev/cdrom_id \ + ${rootlibexecdir}/udev/collect \ + ${rootlibexecdir}/udev/fido_id \ + ${rootlibexecdir}/udev/findkeyboards \ + ${rootlibexecdir}/udev/keyboard-force-release.sh \ + ${rootlibexecdir}/udev/keymap \ + ${rootlibexecdir}/udev/mtd_probe \ + ${rootlibexecdir}/udev/scsi_id \ + ${rootlibexecdir}/udev/v4l_id \ + ${rootlibexecdir}/udev/keymaps \ + ${rootlibexecdir}/udev/rules.d/50-udev-default.rules \ + ${rootlibexecdir}/udev/rules.d/60-autosuspend-chromiumos.rules \ + ${rootlibexecdir}/udev/rules.d/60-block.rules \ + ${rootlibexecdir}/udev/rules.d/60-cdrom_id.rules \ + ${rootlibexecdir}/udev/rules.d/60-drm.rules \ + ${rootlibexecdir}/udev/rules.d/60-evdev.rules \ + ${rootlibexecdir}/udev/rules.d/60-fido-id.rules \ + ${rootlibexecdir}/udev/rules.d/60-input-id.rules \ + ${rootlibexecdir}/udev/rules.d/60-persistent-alsa.rules \ + ${rootlibexecdir}/udev/rules.d/60-persistent-input.rules \ + ${rootlibexecdir}/udev/rules.d/60-persistent-storage.rules \ + ${rootlibexecdir}/udev/rules.d/60-persistent-storage-tape.rules \ + ${rootlibexecdir}/udev/rules.d/60-persistent-v4l.rules \ + ${rootlibexecdir}/udev/rules.d/60-sensor.rules \ + ${rootlibexecdir}/udev/rules.d/60-serial.rules \ + ${rootlibexecdir}/udev/rules.d/61-autosuspend-manual.rules \ + ${rootlibexecdir}/udev/rules.d/64-btrfs.rules \ + ${rootlibexecdir}/udev/rules.d/70-joystick.rules \ + ${rootlibexecdir}/udev/rules.d/70-mouse.rules \ + ${rootlibexecdir}/udev/rules.d/70-power-switch.rules \ + ${rootlibexecdir}/udev/rules.d/70-touchpad.rules \ + ${rootlibexecdir}/udev/rules.d/75-net-description.rules \ + ${rootlibexecdir}/udev/rules.d/75-probe_mtd.rules \ + ${rootlibexecdir}/udev/rules.d/78-sound-card.rules \ + ${rootlibexecdir}/udev/rules.d/80-drivers.rules \ + ${rootlibexecdir}/udev/rules.d/80-net-setup-link.rules \ + ${rootlibexecdir}/udev/rules.d/90-vconsole.rules \ + ${sysconfdir}/udev \ + ${sysconfdir}/init.d/systemd-udevd \ + ${systemd_unitdir}/system/*udev* \ + ${systemd_unitdir}/system/*.wants/*udev* \ + ${base_bindir}/systemd-hwdb \ + ${base_bindir}/udevadm \ + ${base_sbindir}/udevadm \ + ${libexecdir}/${MLPREFIX}udevadm \ + ${datadir}/bash-completion/completions/udevadm \ + ${systemd_unitdir}/system/systemd-hwdb-update.service \ + " + +FILES_udev-hwdb = "${rootlibexecdir}/udev/hwdb.d \ + " + +RCONFLICTS_${PN} = "tiny-init ${@bb.utils.contains('PACKAGECONFIG', 'resolved', 'resolvconf', '', d)}" + +INITSCRIPT_PACKAGES = "udev" +INITSCRIPT_NAME_udev = "systemd-udevd" +INITSCRIPT_PARAMS_udev = "start 03 S ." + +python __anonymous() { + if not bb.utils.contains('DISTRO_FEATURES', 'sysvinit', True, False, d): + d.setVar("INHIBIT_UPDATERCD_BBCLASS", "1") +} + +python do_warn_musl() { + if d.getVar('TCLIBC') == "musl": + bb.warn("Using systemd with musl is not recommended since it is not supported upstream and some patches are known to be problematic.") +} +addtask warn_musl before do_configure + +ALTERNATIVE_${PN} = "halt reboot shutdown poweroff runlevel ${@bb.utils.contains('PACKAGECONFIG', 'resolved', 'resolv-conf', '', d)}" + +ALTERNATIVE_TARGET[resolv-conf] = "${sysconfdir}/resolv-conf.systemd" +ALTERNATIVE_LINK_NAME[resolv-conf] = "${sysconfdir}/resolv.conf" +ALTERNATIVE_PRIORITY[resolv-conf] ?= "50" + +ALTERNATIVE_TARGET[halt] = "${base_bindir}/systemctl" +ALTERNATIVE_LINK_NAME[halt] = "${base_sbindir}/halt" +ALTERNATIVE_PRIORITY[halt] ?= "300" + +ALTERNATIVE_TARGET[reboot] = "${base_bindir}/systemctl" +ALTERNATIVE_LINK_NAME[reboot] = "${base_sbindir}/reboot" +ALTERNATIVE_PRIORITY[reboot] ?= "300" + +ALTERNATIVE_TARGET[shutdown] = "${base_bindir}/systemctl" +ALTERNATIVE_LINK_NAME[shutdown] = "${base_sbindir}/shutdown" +ALTERNATIVE_PRIORITY[shutdown] ?= "300" + +ALTERNATIVE_TARGET[poweroff] = "${base_bindir}/systemctl" +ALTERNATIVE_LINK_NAME[poweroff] = "${base_sbindir}/poweroff" +ALTERNATIVE_PRIORITY[poweroff] ?= "300" + +ALTERNATIVE_TARGET[runlevel] = "${base_bindir}/systemctl" +ALTERNATIVE_LINK_NAME[runlevel] = "${base_sbindir}/runlevel" +ALTERNATIVE_PRIORITY[runlevel] ?= "300" + +pkg_postinst_${PN}_libc-glibc () { + sed -e '/^hosts:/s/\s*\//' \ + -e 's/\(^hosts:.*\)\(\\)\(.*\)\(\\)\(.*\)/\1\2 myhostname \3\4\5/' \ + -i $D${sysconfdir}/nsswitch.conf +} + +pkg_prerm_${PN}_libc-glibc () { + sed -e '/^hosts:/s/\s*\//' \ + -e '/^hosts:/s/\s*myhostname//' \ + -i $D${sysconfdir}/nsswitch.conf +} + +PACKAGE_WRITE_DEPS += "qemu-native" +pkg_postinst_udev-hwdb () { + if test -n "$D"; then + $INTERCEPT_DIR/postinst_intercept update_udev_hwdb ${PKG} mlprefix=${MLPREFIX} binprefix=${MLPREFIX} rootlibexecdir="${rootlibexecdir}" PREFERRED_PROVIDER_udev="${PREFERRED_PROVIDER_udev}" + else + udevadm hwdb --update + fi +} + +pkg_prerm_udev-hwdb () { + rm -f $D${sysconfdir}/udev/hwdb.bin +} -- cgit v1.2.3-54-g00ecf