| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
systemd.inc is used by systemd, systemd-boot and
systemd-tools-native recipes so make sure all
match to "systemd" product in CVE database. The
split between systemd, systemd-boot and
systemd-tools-native is specific to oe-core and
upstream just refers to systemd. Not limiting
to "systemd_project" vendor since multiple
vendor names have been used in the past.
(From OE-Core rev: d92c1ca1c89f140a731aec9f3389c2dad2f59829)
Signed-off-by: Mikko Rapeli <mikko.rapeli@linaro.org>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit eb46ad379170f0a80ac2d061fa02c118f5ed1d31)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
intltool was dropped as a dependency in v236
See commit for reference:
https://github.com/systemd/systemd/pull/7313/commits/c81217920effddc93fb780cf8f9eb699d6fe1319
(From OE-Core rev: 0df327ea64ec6a9e99c8f96e1dab52d3db3711b3)
Signed-off-by: Guðni Már Gilbert <gudni.m.g@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
intltool was dropped as a dependency in v236
See commit for reference:
https://github.com/systemd/systemd/pull/7313/commits/c81217920effddc93fb780cf8f9eb699d6fe1319
(From OE-Core rev: 5c6254279c8b7faf76809024ebbc02856030179e)
Signed-off-by: Guðni Már Gilbert <gudni.m.g@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Since commit[1], PACKAGECONFIG[sysvinit] is not enabled by default when
sysvinit is not in DISTRO_FEATURES, which causes the following
sysvinit-compatible commands/services to not be built and installed:
runlevel
telinit
rc-local.service
systemd-initctl
systemd-initctl.service
systemd-rc-local-generator
systemd-sysv-generator
systemd-update-utmp-runlevel.service
Therefore, links to these commands/services should only be created when
PACKAGECONFIG[sysvinit] is enabled.
[1] https://git.openembedded.org/openembedded-core/commit/?id=3668235fd60a9027608f37251c4b453ed21b3687
(From OE-Core rev: 681e3d20c2ac16778e302b468ec278aed9562639)
Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit a20b698f1acdee972cf1ff570b09a2e2c36bef1a)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
As of systemd 256, libsystemd-shared.so doesn't directly link to a number
of libraries but instead dlopen()'s them as needed to reduce the size of
the attack surface.
Instead the .so has a .note.dlopen segment that lists the libraries that
may be opened, with the intention that these are transformed into package
recommendation fields.
We don't yet have support for these (see #15595) so explicit dependencies
have been added to the systemd package itself. However, in an initramfs
with udev but without systemd and no recommendations you end up without
libkmod, so module loading is impossible.
Add an explicit hard dependency on libkmod to udev, because modules are
critical functionality.
(From OE-Core rev: 12fadefe11ed9f09171087608c3c4b83c7302b3f)
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The sysvinit PACKAGECONFIG knob enables various legacy/compatibility
code that may not be needed or even desired. If DISTRO_FEATURES
includes systemd (as it must for this recipe to build) but not
sysvinit, there is no point building and installing that legacy
support.
As most other changes, this can cause breakage, but given that
sysvinit not being in DISTRO_FEATURES requires explicit opt-out (due
to backfill), I think the risk is low. Moreover, it is generally
easier to add to than to remove from PACKAGECONFIG.
(From OE-Core rev: 3668235fd60a9027608f37251c4b453ed21b3687)
Signed-off-by: Rasmus Villemoes <rasmus.villemoes@prevas.dk>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
In https://github.com/systemd/systemd/commit/924453c22599cc246746a0233b2f52a27ade0819
ProtectHome was set to true for systemd-coredump in order to reduce risk, since an attacker could craft a malicious binary in order to compromise systemd-coredump.
At that point the object analysis was done in the main systemd-coredump process.
Because of this systemd-coredump is unable to product symbolicated call-stacks for binaries running under /home ("n/a" is shown instead of function names).
However, later in https://github.com/systemd/systemd/commit/61aea456c12c54f49c4a76259af130e576130ce9 systemd-coredump was changed to do the object analysis in a forked process,
covering those security concerns.
Let's set ProtectHome to read-only so that systemd-coredump produces symbolicated call-stacks for processes running under /home.
Note: it still does not work in /tmp (because of PrivateTmp=yes) and in /root (for unknown reasons).
Before the change (with minidebuginfo enabled):
root@qemux86-64:~# /home/sleep 1000 &
[1] 426
root@qemux86-64:~# kill -11 $(pidof sleep)
root@qemux86-64:~# coredumpctl info
PID: 426 (sleep)
UID: 0 (root)
GID: 0 (root)
Signal: 11 (SEGV)
Timestamp: Fri 2024-09-06 17:25:18 UTC (3s ago)
Command Line: /home/sleep 1000
Executable: /home/sleep
Control Group: /system.slice/system-serial\x2dgetty.slice/serial-getty@ttyS0.service
Unit: serial-getty@ttyS0.service
Slice: system-serial\x2dgetty.slice
Boot ID: 44ef4ddfaad249ceaa29d1e9f330d3b5
Machine ID: fb279f18f2c849c59768754c7a274ee3
Hostname: qemux86-64
Storage: /var/lib/systemd/coredump/core.sleep.0.44ef4ddfaad249ceaa29d1e9f330d3b5.426.1725643518000000.zst (present)
Size on Disk: 16.5K
Message: Process 426 (sleep) of user 0 dumped core.
Stack trace of thread 426:
#0 0x00007f365f3849a7 clock_nanosleep (libc.so.6 + 0xd49a7)
#1 0x00007f365f38f667 __nanosleep (libc.so.6 + 0xdf667)
#2 0x0000561fee703737 n/a (/home/sleep + 0x7737)
#3 0x000000003a6227c5 n/a (n/a + 0x0)
ELF object binary architecture: AMD x86-64
[1]+ Segmentation fault (core dumped) /home/sleep 1000
After the change (with minidebuginfo enabled):
root@qemux86-64:~# /home/sleep 1000 &
[1] 450
root@qemux86-64:~# kill -11 $(pidof sleep)
root@qemux86-64:~# coredumpctl info
PID: 450 (sleep)
UID: 0 (root)
GID: 0 (root)
Signal: 11 (SEGV)
Timestamp: Fri 2024-09-06 17:30:12 UTC (4s ago)
Command Line: /home/sleep 1000
Executable: /home/sleep
Control Group: /system.slice/system-serial\x2dgetty.slice/serial-getty@ttyS0.service
Unit: serial-getty@ttyS0.service
Slice: system-serial\x2dgetty.slice
Boot ID: 44ef4ddfaad249ceaa29d1e9f330d3b5
Machine ID: fb279f18f2c849c59768754c7a274ee3
Hostname: qemux86-64
Storage: /var/lib/systemd/coredump/core.sleep.0.44ef4ddfaad249ceaa29d1e9f330d3b5.450.1725643812000000.zst (present)
Size on Disk: 16.5K
Message: Process 450 (sleep) of user 0 dumped core.
Stack trace of thread 450:
#0 0x00007f795dd689a7 clock_nanosleep (libc.so.6 + 0xd49a7)
#1 0x00007f795dd73667 __nanosleep (libc.so.6 + 0xdf667)
#2 0x0000561965c9d737 rpl_nanosleep (sleep + 0x7737)
#3 0x0000561965c9d0c1 xnanosleep (sleep + 0x70c1)
#4 0x0000561965c985c8 main (sleep + 0x25c8)
#5 0x00007f795dcba01b __libc_start_call_main (libc.so.6 + 0x2601b)
#6 0x00007f795dcba0d9 __libc_start_main (libc.so.6 + 0x260d9)
#7 0x0000561965c98685 _start (sleep + 0x2685)
ELF object binary architecture: AMD x86-64
[1]+ Segmentation fault (core dumped) /home/sleep 1000
(From OE-Core rev: b8c1f999038b7cd6fc2e80ed215541c8a4d9e19f)
Signed-off-by: Etienne Cordonnier <ecordonnier@snap.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
${MIMEDIR} (aka ${datadir}/mime) is packaged in ${PN}-mime and the
reference to ${datadir}/mime/packages/io.systemd.xml for FILES:${PN}
should have been removed in commit
5560243137f772683e53b614f134dd632b62be8b.
(From OE-Core rev: 3dba1443ef123714a4b1c77ade1ea3b2d0ad3f21)
Signed-off-by: Peter Kjellerstedt <peter.kjellerstedt@axis.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
According to this commit polkit rules should go to ${datadir} instead of ${sysconfdir}:
https://git.openembedded.org/meta-openembedded/commit/?h=master-next&id=d5e90541f8e35916abc930b2da6de037b23d51a1
Theres no need to adjust the permissions for ${datadir} anymore:
https://git.openembedded.org/meta-openembedded/commit/?h=master-next&id=6da0fd21c900e32a0693a6b27d38182f19c8c76c
Dont set polkit permissions manually. This allows to drop the manually
set polkit permissions for all files in meta-openembedded and also for
libvirt in meta-virtualization.
In addition, manually setting the permissions would not be needed for
new recipes anymore.
(From OE-Core rev: d27961962d2c8456d9a90148943d4282494146c2)
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* Drop VOLATILE_TMP_DIR, use FILESYSTEM_PERMS_TABLES instead. By default,
FILESYSTEM_PERMS_TABLES ?= "files/fs-perms.txt \
files/fs-perms-volatile-log.txt \
files/fs-perms-volatile-tmp.txt"
it contains 'files/fs-perms-volatile-tmp.txt', which means volatile tmp
is enabled. User can disable volatile tmp by remove
'files/fs-perms-volatile-tmp.txt' from FILESYSTEM_PERMS_TABLES.
* If volatile tmp is disabled, both /tmp and /var/tmp are persistent
(From OE-Core rev: 8d1ae67b89c45f78162e070228086c7ef88c3264)
Signed-off-by: Changqing Li <changqing.li@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Drop VOLATILE_LOG_DIR, use FILESYSTEM_PERMS_TABLES instead. By default,
it contains 'files/fs-perms-volatile-log.txt', which means volatile log
is enabled. User can disable volatile log by remove
'files/fs-perms-volatile-log.txt' from FILESYSTEM_PERMS_TABLES.
(From OE-Core rev: 91128c6517066715f2afe6b46aa3206c7cf3653e)
Signed-off-by: Changqing Li <changqing.li@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Fixes
ERROR: systemd-1_256.5-r0 do_patch: QA Issue: Fuzz detected:
Applying patch 0017-missing_syscall.h-Define-MIPS-ABI-defines-for-musl.patch
patching file src/basic/missing_syscall.h
Hunk #1 succeeded at 20 with fuzz 1.
The issue surfaces when building with musl
(From OE-Core rev: 4fc73793e0a053211b29d016a09afc430a48e81b)
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
| |
(From OE-Core rev: 0c0de2c8ca95ad73940430a7afe43b0219d4dec6)
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Changes:
566210c272 meson: Bump version to 256.4
16de138427 mkosi: update debian commit reference
b731debea9 hwdb: update to main@{2024-07-24}
a78a524652 add udev rules for trezor hw wallet devices
b825a8be0b core: reliably check if varlink socket has been deserialized
83c9043727 mkosi: Bump device timeout even more
e60d01bdbf man/systemd-repart: extend description and reword some sentences
766af3f782 Document that MemorySwapMax supports % configuration
1922d49fd6 Make vcs-tag do something useful for non-developer mode as well
5b9ad0bbb8 tools/fetch-distro: switch to the target branch
8334be48a3 tools/fetch-distro: only fetch the configured branch
92890d56e8 tools/update-distro-hash: rename, fetch the repository if appropriate
1f079607f8 Merge pull request #33803 from bluca/v256-stable
e05f93b5c4 mkosi: update arch commit reference
c9d39eea98 mkosi: update fedora commit reference
dbeed95d76 mkosi: Use the Fedora Rawhide spec for CentOS
6108f13fc0 mkosi: Switch back to PKG_SUBDIR instead of symlinks
fd2a6ea0a8 zsh/_networkctl: remove duplicated argument for completion (#31926)
995c702a34 import-creds: when we hit ENOENT on SMBIOS 11 do not even debug log
6a3cb4cd11 core/unit: ignore dropins for masked units completely when checking need_reload
f81659f5f3 test: add a reproducer for #33672
7fcfb73d71 shared: log error when execve fail
7da84cc154 test-execute: ExecStop= and friends should not get credentials
8f58652f5e test: override blocking localed policy in TEST-73-LOCALE
d6f8575f1e meson: fix missing failure if bpf-framework was enabled
e274de4b74 zsh: add varlinkctl completions
cae58967a5 docs: Document how to do stable releases
468b064634 man: Mention Type=oneshot timeout directive
d870f2335b l10n: fix credits for the French translation
8aa9e60f89 sd-device: remove debug log message when dirs are missing
86ec58a55c id128: refuse --app-specific= if we're listing GPT types
b60d5bc1b7 gpt: add more architecture aliases
b786185406 kernel-install: Remove existing loader entries and UKIs
e63ae80a89 bootspec: correct log level for fatal errors
3736e21341 bootspec: implement sorting by tries left/done, to match what sd-boot does
18143edf3e boot: compare filename suffixes without case
78fcf31f08 man: some fixes
bcda6d4637 man: fix typo in unit options section
1747350ffd fsck: do not pull down mount units on soft-reboot
a68188e985 man: fix typo in the alias symlink name
15c236806c vmspawn: define default machines for mips targets
fa2b2da146 path: drop IN_ATTRIB from parent directory watches
35e2f62967 Remove extra period at the end of systemd-bsod's unit description. (#33632)
a40eb432cb test: Set priority for TEST-73-LOCALE
172ffeb813 TEST-06-SELINUX: Disable RuntimeBuildSources=
2fd3514456 test: Add missing --no-rebuild to doc
69c9044525 meson: Bump version to 256.3
16b12506a6 core/cgroup: check root cgroup earlier for unit_get_memory_accounting
06c2ee3979 core/cgroup: make unit_has_host_root_cgroup take const Unit*
15732ee31f core: unify reset_accounting handling
50a0a55066 core: do not drop CGroupRuntime when unit stops, but only on GC
b08b5996d3 core/cgroup: use > 0 comparison rather than == 1
ffd90200b2 core/cgroup: actually make use of the cached accounting values
7684f52839 test-install-root: introduce test case for #33411
a42db16a1c shared/install: correctly report changes in install_info_symlink_alias()
bb83650f96 shared/install: propagate all errors in install_info_apply()
908edce5b6 shared/install: drop unneeded initialization
f414ca0ee3 systemctl: do not try to acquire triggering units for template units
67e0d09368 systemctl: skip triggering unit warning if unit vanished
bb71d5dfb4 man/systemctl: --no-reload is honored by mask/unmask/preset too
7122e226c3 logind-dbus: set gc_mode to USER_GC_BY_PIN when disable linger
5d6bf58cf2 logind-user: take gc_mode into account when reporting user state
bcb13a3fa2 test_ukify: do not use files from /boot
88264411b6 test_ukify: use sha384 in the signing tests
8b3bedd821 test_ukify: add instructions
168b788104 terminal-util: don't issue "ESC c" sequence on reset, but only when erasing the screen
5e4464bb64 mkosi: Bump default device timeout a little
0009ed8ee1 meson: Drop version from 256.3 to v256.2
1354f6194c meson: Drop ~devel suffix from systemd-stable version
fe37213c55 Merge pull request #33774 from DaanDeMeyer/mkosi-backport
677126d300 mkosi: Fix indentation
4c25e572a9 mkosi: Fix typo
400222fa1c mkosi: Drop util-linux from centos/fedora packages
dc3543a391 mkosi: Drop udev from Packages= list
82e2a5f47f mkosi: Fix formatting
11f065d3ee mkosi: Build CentOS Stream 10 images by default
c54eab5dd0 mkosi: Streamline running the integration tests without building systemd
3bde2db7a4 meson: Drop genkey target
baad1c0d0e mkosi: Skip sync script if NO_BUILD is enabled
102ed56c61 mkosi: Remove enforcing=0 from default kernel command line
611e82e660 mkosi: Stop setting apparmor=0
fa7892a690 docs: update mkosi version mentioned in HACKING.md (#33723)
ad444842e0 Merge pull request #33735 from DaanDeMeyer/backport-mkosi
a63e82ca4a repart: Allow overriding fstype per partition designator
9d05f2d559 mkosi: List library packages explicitly in VolatilePackages=
4a55046779 mkosi: Build initrd as a subimage
81bafc8dd9 mkosi: Drop CacheOnly=always from two subimages
1be0b1f54b TEST-13-NSPAWN: make sure we don't load libnss_systemd
0b9df91ce2 mkosi: Disable unique debug source names
89904fc10c systemd-networkd-tests: Skip tests requiring dhcpd if it is not available
c3342c3dc7 TEST-55-OOMD: Remove the opensuse user@ dropin
127f8362c1 mkosi: Install binutils
1a995b9d66 TEST-64-UDEV-STORAGE: Use max_ioqpairs instead of num_queues
367ad876a6 mkosi: Use clang --print-runtime-dir
8b859fa29d mkosi: Extend arch build script comment about symlinks
a8a7a6716e test: do not attempt to set xattr on tmpfs
3fc259ae25 mkosi: Add CI for CentOS Stream 10
945013a092 mkosi: Use squashfs for sysext if mkfs.erofs is not available
480f8fa839 mkosi: Make epel repositories optional for CentOS Stream 9
76e14148f6 mkosi: Introduce build image
abc3a61e59 mkosi: update fedora commit reference
748cd5a703 mkosi: Update to latest
6d07d59237 Merge pull request #33691 from DaanDeMeyer/backport-mkosi
180814f22f mkosi: Switch back to code.opensuse.org for opensuse
976a0d998e test: install split-out sshd-session binary if present
ca97b9a7e6 mkosi: update opensuse commit reference
fef4746218 tools/update-distro-hash: Fix path
54eb9b9301 TEST-06-SELINUX: Various fixes
de6c473b40 mkosi: Don't fail if /var/log/journal does not exist
74475a5169 test: Switch to ncat instead of nc
0c51e28088 TEST-55-OOMD: Switch to stress-ng
0c7d634157 docs: Simplify update commands in HACKING.md
5685a59371 mkosi: Update to latest
370bf11ec4 mkosi: Build a sysext if SYSEXT=1 is specified
0bdb879b3c mkosi: Check for configured build directory if WIPE=1
880c32b7e3 mkosi: Install erofs-utils
cd357eb029 Merge pull request #33674 from DaanDeMeyer/backport-mkosi
c350e02631 mkosi: Fix git commit
00bcc619db mkosi: Adapt configuration to take into account configuration rework
3cf12f4f9a mkosi: use apt pinning for locally built debian/ubuntu packages
7ab51fef1f mkosi: Make .autorelabel file empty
0123dbee1b mkosi: Update to latest
32981c454c build(deps): bump actions/checkout from 4.1.6 to 4.1.7
ab11d7e177 mkosi: policykit-1 was renamed to polkitd
8dd54e5adc mkosi: Use the "default" root filesystem for each distribution
d28aa922fd meson: add option to build systemd-executor "statically"
c3b4032fc3 meson: build libsystemd-core via an intermediate static library
9be2fe707e meson: rename libbasic to libbasic_static
fcbafc3ffe Bump meson version to 256.3~devel
c7e144eb4a Finalize v256.2
709655ea0d mkosi: switch debian to ci/v256-stable branch
e8bbe635cd workflows/labeler: do not set labels on stable backport PRs
aa1eb0b066 labeler: match all mkosi files
32f2b9bba6 labeler: remove matches for dropped files (Makefile)
9a2f16e4ed vmm: make sure we can handle smbios objects without variable part
c32f71aa14 README: update requirements for signed dm-verity
abba1e6bc2 sysusers: handle NSS errors gracefully
df1ed3fbe2 man: fully adopt ~/.local/state/
9d40e5c9c6 man: mention that distinction between /usr/lib/ and /usr/share/ is really about shared *ownership*
8dbb7e2a72 man: drop version info from file hiearchy man page
160b539a9d os-util: avoid matching on the wrong extension-release file
0ff6d2cf47 load-fragment: allow MountImages= with paths starting with /dev
cc4472c31e zsh: add run0 completions
d0a9cf084d docs: Update HACKING
a50e6c5709 README: add missing CONFIG_MEMCG kernel config option for oomd
71de25f2df boot: cover for hardware keys on phones/tablets
243276f008 core/manager: invoke special targets on signal only for system manager
efc44e0c3e core/dbus-manager: refuse SoftReboot() for user managers
399e788553 meson: Define __TARGET_ARCH macros required by bpf
a946258e9d coredump: correctly take tmpfs size into account for compression
05dcd242dc docs: update RELEASE.md to use same repository for stable branches
0a97db8789 docs: Add section to HACKING.md on distribution packages
3c91ea49d2 docs/CODING_STYLE: document that we nowadays prefer (const char*) for func ret type
ea92f16422 test: fix TEST-74-AUX-UTILS.ssh.sh on SUSE
f52475dcf3 test: preserve symlink in inst_recursive()
10b7e0a0af test: fix TEST-24-CRYPTSETUP on SUSE
4f7d6885a1 test: install /etc/hosts
e94e33b566 test: split the resolved test suite into separate test cases
4d561a0e08 mkosi: update debian commit reference
05c9bc547b units: add dep on systemd-logind.service by user@.service
d1cd66ca97 repart: add sections to --help text
c2f74defaa Conditional PSI check to reflect changes done in 5.13
df990be913 core: try again bind mounting if the destination was already created
24987eb3cc mkfs-util: Set sector size for btrfs as well
e34f436433 repart: Don't set filesystem sector size to 512
3c88c94432 repart: Log more about filesystem sector size
86d47d63b0 core/unit: follow merged units before updating SourcePath= timestamp too
9dec66fc5f meson: use less verbose quoting
6c8e99dedd TEST-54-CREDS: Use UEFI firmware if available
78631dcafd TEST-18-FAILUREACTION: Set auto firmware
71fb49d02c TEST-09-REBOOT: Set auto firmware
938f7b6f29 TEST-06-SELINUX: Explicitly pull in autorelabel.service
37412c952d TEST-70-TPM2: Use UEFI firmware if available
7ee60a8614 resolved: correct parsing of OPT extended RCODEs
711f843e3a TEST-45-TIMEDATE: Use syslog identifier journalctl match
6ead24fcac resolved: allow the full TTL to be used by OPT records
dc0167b674 TEST-64-UDEV-STORAGE: Make nvme_subsystem expected pci symlinks more generic
fb747bd8cd LICENSES/README: expand text to summarize state for binaries and libs
ffc8126cc6 test: pull in multi-user.target explicitly
b908f492bc TEST-64-UDEV-STORAGE: Fix python 3.9 compatibility
1c4f25c296 TEST-64-UDEV-STORAGE: Use bus pci slot 1 instead of 0
9663bb7410 TEST-58-REPART: reverse order of diff args
2f455914f7 man/tmpfiles: remove outdated behavior regarding symlink ownership
24dd273402 test-mountpoint-util: add a test for bind mounted symlinks
99cb4bdbbb mountpoint-util: do not assume symlinks are not mountpoints
4437967cab hostnamed: if polkit authentication fails for Varlink Describe() call, don't reply to client with an error
fb7ec285c9 core/exec-invoke: use sched_setattr instead of sched_setscheduler
5911f1ec25 cryptsetup: improve TPM2 blob display
57661f4ea9 util: make file_read() 64bit offset safe
e2fb3dda24 man/capsule@.service: the capsule user is prefixed with "c-" rather than "p_"
2547de4629 man/capsule@.service.xml: fix typo
98928cf0a7 nspawn, vmspawn: honor the new window title switch
9cbb3aadd5 run: add environment variable to prevent the setting of terminal title
81acc5b39a test-execute: add a test case for issue #33299
d008b3fb26 core: do not filter out write() if required in the very late stage
d580b1f850 core: use write() to send handoff timestamp
52eeeb7d3d seccomp-util: split out seccomp_filter_set_add_by_name()
8e775590f1 Fix typo in CAP_BPF description (#33464)
54910267ba test-network: check if static routes not overridden by NDisc routes
4fda6e8f34 network/ndisc: do not remove static routes when received RA with zero lifetime
34bef8dfac network/ndisc: do not override conflicting static routes
0b909bf685 core/exec-invoke: reopen OpenFile= fds with O_NOCTTY
52371fe526 core: verify WorkingDirectory= is outside of API VFS only under mount namespacing
ec5ac3ea53 terminal-util: use colon as separator for specifying color
421ccd7094 man: fix double is typo in systemd-tmpfiles
778034f42e test: skip test-cgroup-id on ENOSYS from cg_cgroupid_open
3174fae67b meson: bpf: propagate 'sysroot' for cross compilation
a6906475be kernel-install: correct the place where it works in man and help text
3e435e970d man/systemd.exec: list inaccessible files for ProtectKernelTunables
90b5cb35e9 Use consistent spelling of systemd.condition_first_boot argument
b6316b8fac login/user-runtime-dir: free ignored sd_bus_error, avoid triggering assertion
71546deef5 login/user-runtime-dir: use STRLEN where appropriate
fbfc88af5e pretty-print: take console glyph width into account when drawing progress bar
058fca7e6c mkosi: add support for TEST_SAVE_JOURNAL to integration test wrapper
50ae476efd semaphore: pin packaging to ci/v256/stable branch
771bb489bf test: skip TEST-69-SHUTDOWN on Debian
69c51768ef meson: Bump version to 256.2~devel
273b5622ac meson: Fix various versions
9150ffc98a src/boot/efi/meson.build: ensure VERSION_TAG exists in case of cross build
1eb122033f mkosi: Build a disk image by default again
84d6fec8f9 meson: Deal with potential stable versions
851f991b1c mkosi: bump to latest commit
3d3bc1d999 mkosi: Switch back to btrfs
ce41fdbfdc mkosi: Install btrfs-progs on CentOS as well
1566c15fe4 mkosi: Enable hyperscale-packages-experimental for CentOS
33ad0ea834 mkosi: Drop leftover systemd-coredump-debuginfo package for opensuse
2286ae91f4 mkosi: Drop s390x console patch from opensuse spec
7404ba69cf mkosi: use new standalone-shutdown package for debian's exitrd
3f0763b5a6 mkosi: update debian commit reference
9d0259e5bc mkosi: bump Debian Salsa commit to latest
87fc64db36 mkosi: install new split-out systemd packages
245d17d8dd mkosi: update arch commit reference
8717dc0dd4 mkosi: switch opensuse to devel branch
6f720b609a mkosi: update fedora commit reference
a09800cd16 mkosi: update fedora commit reference
e3703f4327 mkosi: Install zypper in opensuse images
a7da351f39 mkosi: Fix sync script git command
a39473aac7 mkosi: Clean up old packages from the build directory
2e0af5f6fe mkosi: remove conflicting deb packages from builddir
6a898c35da mkosi: Copy packages to the build directory as well
16ea64e2be mkosi: Make sure we don't hide errors from git merge-base
3f42d88faa mkosi: Install perf
f2c782c043 mkosi: Install pciutils
054fc83a23 mkosi: move variable to the right scope
8abb2e0f55 mkosi: Don't touch the packaging checkout if work is being done
59ab01d32f vmspawn: define QEMU_MACHINE_TYPE for loongarch64
ba28889c65 vmspawn: define QEMU_MACHINE_TYPE for riscv
715d146a3a docs: fix dead link to GNOME documentation
34ba18b012 logs-show: do not use _SOURCE_MONOTONIC_TIMESTAMP field
f8f669fd69 repart: fix memory leak
7b18adadde mkosi: restrict noble-backports to noble builds
08b8237303 tmpfiles: move --purge to command section in --help text where it belongs
e760157389 tmpfiles: insist on at least one configuration file being specified on --purge
90ec026570 tmpfiles: honour --dry-run when removing directories
c26e56d08f install: allow removing symlinks even for units that are gone
a776dcf7af NEWS: fix typo
d89c99c7ad mkosi: bump to latest
b455006ae1 CI: disable secure boot in mkosi GHA runs
4cc6da9a5d test-network: mention that the captive portal option is supported since v2.20
f7d55cc801 core/service: fix accept-socket deserialization
7d65709901 test: use 'auto' instead of 'uefi' for automated fallback
6178aa4bbc test: support TEST_NO_QEMU in mkosi integration wrapper
a36cb5660e test: support TEST_NO_KVM
df1e7d9572 test: drop obsolete comment
51a2e7be5e test: drop unneeded firmware: uefi setting
50b53b8221 test: check the skip condition before installing additional files
9802a28b36 mkosi: install EFI packages only on EFI architectures
21feae324e mkosi: use ports.ubuntu.com for non-x86 backports
9f5f3c2f8b mkosi: enable unprivileged user ns for integration tests
1a0e6961cf man,units: drop "temporary" from description of systemd-tmpfiles
aedeaf7450 man: add a bit of a warning to systemd-tmpfiles --purge
3706b5e8e9 fundamental: declare flex array updated for gcc15 and clang 19
51390a1f41 analyze: show pcrs also in sha384 bank
a61a83a22b CODING_STYLE: document "reterr_" return parameters
2034de6157 shell-completion: only offer devices for completion
4ebcdcb136 NEWS: note that new stable releases will be in the main repo
d316aed5d8 repart: Use CRYPT_ACTIVATE_PRIVATE
4a468387ac test: dump a simple summary at the end of TEST-02-UNITTEST
70f5fb2f7a repart: Use crypt_reencrypt_run() if available
ba031f1fe8 resolved: permit dnssec rrtype questions when we aren't validating
30df42a927 tpm2-setup: Don't fail if we can't access the TPM due to authorization failure
514ef0f93b strbuf: use GREEDY_REALLOC to grow the buffer
a3d94332a2 rules: Limit the number of device units generated for serial ttys
0d573787ea sd-dhcp-server: clear buffer before receive
f2b5c1ff51 hostnamed: don't allow hostnamed to exit on idle if varlink connections are still ongoing
d918804408 man/systemd: reorder content a bit
1c27c902ad Create CNAME
Dropped merged patches:
0001-src-boot-efi-meson.build-ensure-VERSION_TAG-exists-i.patch
0003-meson-bpf-propagate-sysroot-for-cross-compilation.patch
Changed git repo back to systemd main one since that is going to
be used for v256-stable branch and newer releases instead of the
systemd-stable git repo.
(From OE-Core rev: ab6c94006c1e902d63cdd04d978ea3b74fe811b2)
Signed-off-by: Mikko Rapeli <mikko.rapeli@linaro.org>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The base-files recipe provides /var/tmp -> /var/volatile/tmp symlink
which is in conflict with systemd upstream tmpfiles.d/tmp.conf which
defines it as a directory (or subvolume on btrfs).
This generates following error in journal:
Jul 03 15:37:21 qemux86-64 systemd-tmpfiles[158]: "/var/tmp" already exists and is not a directory.
Mitigate the issue by defining /var/tmp as symlink corresponding to
the one created by base-files.
(From OE-Core rev: 1f1f6f45e3cfe24dfee8a09d01a5d32f3080e381)
Signed-off-by: Niko Mauno <niko.mauno@vaisala.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
The systemd-mime package is added as a recommendation for systemd so
that it is installed by default, but can be excluded, e.g., via
BAD_RECOMMENDATIONS. Excluding it avoids pulling in the MIME database
for products that have no use for it.
(From OE-Core rev: 5560243137f772683e53b614f134dd632b62be8b)
Signed-off-by: Peter Kjellerstedt <peter.kjellerstedt@axis.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
| |
There was a mix of using tabs and spaces for indentation.
(From OE-Core rev: e0442c791578c55c7f198ae389cb820a7bf437d5)
Signed-off-by: Peter Kjellerstedt <peter.kjellerstedt@axis.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
In postinstall we run this script on target
these days systemd-hwdb is recommended
Fixes
...
Configuring udev-hwdb.
udevadm hwdb is deprecated. Use systemd-hwdb instead.
(From OE-Core rev: 16f3eba7f5097976a53e3ffabd3723d889df56e6)
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
| |
The patch 0001-src-boot-efi-meson.build-ensure-VERSION_TAG-exists-i.patch for
systemd-boot is also required by systemd to resolve VERSION_TAG related build
error.
(From OE-Core rev: dd0100137f5f7bcaea7f665ac08754a682cb2983)
Signed-off-by: Kai Kang <kai.kang@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
When VOLATILE_LOG_DIR evaluates as True, the base-files recipe provides
/var/log -> /var/volatile/log symlink which is in conflict with systemd
upstream tmpfiles.d/var.conf.in which defines it as a directory.
This generates following error in journal:
Jul 03 14:28:00 qemux86-64 systemd-tmpfiles[165]: "/var/log" already exists and is not a directory.
Mitigate the issue by defining /var/log as symlink corresponding to
the one created by base-files, when appropriate.
(From OE-Core rev: 711ee36e88c8968e3c45ea787b3adcf64352adf9)
Signed-off-by: Niko Mauno <niko.mauno@vaisala.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
| |
Patch 0001-src-boot-efi-meson.build-ensure-VERSION_TAG-exists-i.patch
is added to resolve build time error.
(From OE-Core rev: c3f53f641d04109bf88e51e44debb6c74582b5d0)
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The 'cgroupv2' PACKAGECONFIG is dropped as systemd now only supports
cgroupv2.
The 'kmod' PACKAGECONFIG is now added 'libkmod' as a runtime dependency.
This is because systemd 256 uses dlopen to make use of libkmod, and there's
no way for our library detection codes to know this and add such dependency
automatically. So we add it explicitly.
mime is now inherited because ${datadir}/mime/packages/io.systemd.xml
is a mime type file.
For musl specific patches, most are refreshed. One old patch is dropped,
and four new ones are added.
Newly added:
build-path.c: avoid boot time segfault for musl
adjust header inclusion order to avoid redeclaration
undef stdin for references using stdin as a struct member
include signal.h to avoid the 'undeclared' error
Dropped:
src/basic/missing.h: check for missing strndupa
(drop reason: systemd does not use strndupa any more)
(From OE-Core rev: 89b75b46371d5e9172cb496b461824d8551a2af5)
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
We're currently encouraging an "arms race" with the FLAGS variables since
a recipe might want to set a specific flag for all variants but to do so,
+= won't work due to the assignment in the native/nativesdk class files. This
means recipes are using append.
Since the default variables are constructed out of TARGET_XXX variables and
we redefine these, there is no need to re-define the un-prefixed variables. If
we drop that, the += appends and similar work and recipes don't have to resort
to append.
Change the classes and cleanup a number of recipes to adapt to the change. This
change will result in some flags appearing to some native/nativesdk variants
but that is probably what was originally expected anyway.
(From OE-Core rev: a157b2f9d93428ca21265cc860a3b58b3698b3aa)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Pass the "recipe-sysroot" path via the CFLAGS=--sysroot= to the
compiler used by systemd to build the BPF, so that it can find the
needed system includes.
(From OE-Core rev: 25560c19ac7629615adb2b1a71b05d36b0d157d5)
Signed-off-by: Johannes Schneider <johannes.schneider@leica-geosystems.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The eBPFs are pre-compiled during the systemd-build with a different
compiler than the cross-compiler used to build systemd itself.
This is either a 'clang-native' or a gcc (bpf-unknown-none) which do
not see the BUILD_CFLAGS, that point to the correct include search
patch. To address this have systemd's meson.build "propagate" the
--system from the C_FLAGS into the BPF compiler call.
(From OE-Core rev: 3a4d5b06f8e4ebf7b4738a99fe6b352bb03a64ae)
Signed-off-by: Johannes Schneider <johannes.schneider@leica-geosystems.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The bpf-framework is used to pre-compile eBPFs that required for the
systemd.resource-control features RestrictFileSystems=[1] and
RestrictNetworkInterfaces=[2] to work.
Apart from 'clang-native' to compile the eBPFs, the required kernel
switches are described in [3].
Link: https://www.freedesktop.org/software/systemd/man/latest/systemd.resource-control.html#RestrictFileSystems=
Link: https://www.freedesktop.org/software/systemd/man/latest/systemd.resource-control.html#RestrictNetworkInterfaces=
Link: https://kinvolk.io/blog/2021/04/extending-systemd-security-features-with-ebpf/
(From OE-Core rev: 6f90320bf3028a67d1fd444dfaa62f3888066ea4)
Signed-off-by: Johannes Schneider <johannes.schneider@leica-geosystems.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
According to meson.build, tmp.mount is installed under
"prefixdir/'lib/systemd/system'", but for 64bit system, rootlibdir is
/usr/lib64/systemd/system, this make tmp.mount not removed, and /tmp
still mounted as tmpfs filesystem. Fixed by using rootlibexecdir, which
is /usr/lib/systemd/system.
(From OE-Core rev: b44734c889b1b09fbbaea4d9195026707c55cbee)
Signed-off-by: Changqing Li <changqing.li@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
| |
musl patches are refreshed to avoid 'patch-fuzz' error.
(From OE-Core rev: 6bc5e3f3cd882c81c972dbd27aacc1ce00e5e59a)
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
When building against the 6.9 linux-libc-headrs the following build
issue was hit:
| Program check-filesystems.sh found: YES (build/tmp/work/cortexa57-poky-linux/systemd/255.4/git/src/basic/check-filesystems.sh)
|
| ../git/src/basic/meson.build:238:8: ERROR: Problem encountered: Unknown filesystems defined in kernel headers:
|
| Filesystem found in kernel header but not in filesystems-gperf.gperf: PID_FS_MAGIC
Upstream already has this fixed, so we backport the commit.
(From OE-Core rev: 5a8a116b270d26ce50429aa32f2883a9d2fd1206)
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Avoid:
WARNING: systemd-conf-1_1.0-r0 do_unpack: systemd-conf: the directory ${WORKDIR}/${BP}
(tmp/work/genericarm64-poky-linux/systemd-conf/1.0/systemd-conf-1.0) pointed to by
the S variable doesn't exist - please set S within the recipe to point to where the
source has been unpacked to
by using a dedicated unpack directory for sources.
(From OE-Core rev: 7804eb02bccc5f7f9f84f41ce782bfcfd94bfcc7)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Where recipes use S = ${WORKDIR}, change them to set UNPACKDIR to
a subdir of WORKDIR and make S point at this instead.
I've chosen not to force S into any standard UNPACKDIR we may pick in
future just so the S = UNPACKDIR case is clearly visible by the
directory naming under WORKDIR as that should aid usability.
(From OE-Core rev: d9328e3b0b062f0621de3d114584b44f384a1c02)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
| |
Since we want to be able to stop unpacking to WORKDIR, correct the WORKDIR
references in recipe do_compile/do_install tasks to use UNPACKDIR in the
appropraite places instead.
(From OE-Core rev: d73595df69667fe9d12ecd407b77a0b8dae2109c)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
| |
Where recipes use S = ${WORKDIR}, ensure they are referencing ${S} correctly
to access files as soon we want to stop doing this in WORKDIR at which point
they would break unless corrected.
(From OE-Core rev: f25dd633fffe6560f191526d1869e657e129bad9)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Fixes a bug introducted in ebafe46379 systemd: upgrade to 255.1.
Besides updating systemd, that commit also made other changes. One of them
being when to perform the replacement in order to fix ROOT_HOME.
Previously, that happened on a configure prefunc and on
${S}/sysusers.d/basic.conf.in.
Now it happens in install and on image/usr/lib/sysusers.d/basic.conf.
However, that file is not present if sysusers is not in PACKAGECONFIG,
since that file in that case is not installed hence resulting in:
sed: can't read <redactedpath>/image/usr/lib/sysusers.d/basic.conf: No such file or directory
Previously, in the case of sysusers not being in PACKAGECONFIG, that was a
"silent error" since the replacement was done but the file was not really
used since the file was not installed.
(From OE-Core rev: fac654a5445da2603b3435aca8db33fc8411d51b)
Signed-off-by: Christian Bräuner Sørensen <yocto@bsorensen.net>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Even the patch says it's inappropriate for upstream,
and it's also inappropriate for some downstream projects, too.
So make it possible to opt-out on it by replacing
the patch by sed and depend on distro feature pni-names.
(From OE-Core rev: 858eb2bac132adbde851f6594eac4f2efc9c2f35)
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
DISTRO_FEATURE zeroconf installs avahi. If additionally resolved mdns
implementation is running they will fight each other:
Mar 29 13:31:51 intel-corei7-64 avahi-daemon[752]: *** WARNING: Detected another IPv4 mDNS stack running on this host. This makes mDNS unreliable and is thus not recommended. ***
Mar 29 13:31:51 intel-corei7-64 avahi-daemon[752]: *** WARNING: Detected another IPv6 mDNS stack running on this host. This makes mDNS unreliable and is thus not recommended. ***
(From OE-Core rev: 8509edeafea8e62e1b9ffe76b33999447f739b20)
Signed-off-by: Markus Volk <f_l_k@t-online.de>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
Some BSPs only provide information to construct a
predictable network interface named based on a mac
address, so we enable that NamePolicy option.
This policy has been adopted for sysvinit as of
commit 4a7b42fcf6981d3120c08091a7ed3d4d7bcd41f0.
(From OE-Core rev: 37bd8e8dddce9d0b5bfbcf9244225c3b853d7077)
Signed-off-by: Joe Slater <joe.slater@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
da9db878a15 systemd: fix dead link /var/log/README
add -Dcreate-log-dirs=false which means journal dir
will not be generated regardless of VOLATILE_LOG_DIR value
if a distro decided to set VOLATILE_LOG_DIR=no this
code path will be executes and the directory being operated
upon wont exist ending in do_install errors
chown: cannot access '/mnt/b/yoe/master/build/tmp/work/riscv64-yoe-linux/systemd/255.4/image/var/log/journal': No such file or directory
(From OE-Core rev: e017f405bf6ae6c269a8c9c981878fd1ad8666b6)
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Cc: Changqing Li <changqing.li@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
systemd-bus-proxy was removed since v230.
>From the NEWS file:
"""
* systemd-bus-proxyd has been removed, as kdbus is unlikely to still be
merged into the kernel in its current form.
"""
(From OE-Core rev: e99003b244507d8586b1f878765aa4a546a767ef)
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
With NO_RECOMMENDATIONS set to "1", systemd-vonsole-setup.service
will fail because it invokes /usr/bin/loadkeys, which is from kbd.
The RRECOMMENDATION should be changed to RDEPENDS, because it's not
a recommenation, instead it's necessary.
(From OE-Core rev: 6126d2dfab3f6bafe23d4dce805110784d23acb1)
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
There are 2 issues here:
First, in package systemd, there is a file /usr/lib/tmpfile.d/legacy.conf,
which will create a symlink to /usr/share/doc/systemd/README.logs during
boot time. But for oe, /usr/share/doc/systemd/README.logs is packaged in
systemd-doc, which will make /var/log/README is dead link.
Second, the symlink /var/log/README in legacy.conf use relative path:
"L /var/log/README - - - - ../../usr/share/doc/systemd/README.logs"
But for oe, when VOLATILE_LOG_DIR is true, /var/log is a link to
/var/volatile/log, so /var/log/README need link to
../../../usr/share/doc/systemd/README.logs, while VOLATILE_LOG_DIR is
false, /var/log is a dir, so /var/log/README need link to
../../usr/share/doc/systemd/README.logs. So current symlink in
legacy.conf will also make it a dead link when VOLATILE_LOG_DIR is true.
Turn off CREATE_LOG_DIRS to avoid these issues.
(From OE-Core rev: 18d46e11d85da1f6feaba5a135931e43060024d6)
Signed-off-by: Changqing Li <changqing.li@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
| |
(From OE-Core rev: 1549cf92728ae3113160e5f8f72cc6d2433dc27d)
Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
libvirt has added a feature that all sockets for a service being enabled when a single
one of them is enabled since 9.9.x[1], it likes serviceA enable serviceB, serviceB enable
serviceA, that cause our systemctl script trap into a dead loop in postinstall stage,
the error message as below:
Traceback (most recent call last):
File "/usr/lib/python3.8/pathlib.py", line 722, in __str__
return self._str
AttributeError: _str
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "recipe-sysroot-native/usr/bin/systemctl", line 255, in enable
SystemdUnit(self.root, also).enable(unit)
File "recipe-sysroot-native/usr/bin/systemctl", line 255, in enable
SystemdUnit(self.root, also).enable(unit)
File "recipe-sysroot-native/usr/bin/systemctl", line 255, in enable
SystemdUnit(self.root, also).enable(unit)
[Previous line repeated 988 more times]
......
RecursionError: maximum recursion depth exceeded while calling a Python object
Here using an array to record the services which has been enabled to filter the duplicates.
Ref:
[1] https://github.com/libvirt/libvirt/commit/826931e95a38af8322f8ad069dc89117c6404a00
(From OE-Core rev: 4c45f975310184a773b25b8e7d7ef50fba2f7bd6)
Signed-off-by: Xiangyu Chen <xiangyu.chen@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
The new pcrlock tool systemd-pcrlock [1] is installed when
the tpm2 and openssl package config is enabled and with them
some pre-defined pcrlock files is installed on the target.
[1] https://github.com/systemd/systemd/pull/28891
(From OE-Core rev: 0ee7002d8f6bfca7b275c082d032936494dc7e8e)
Signed-off-by: Jose Quaresma <jose.quaresma@foundries.io>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
when elfutils is enabled, the elf reading code of systemd will dlopen
libelf and libdw. these dependencies are not automatically detected and
will not work at runtime without them installed. add them to RRECOMMENDS
when elfutils is turned on in PACKAGECONFIG.
fixes https://bugzilla.yoctoproject.org/show_bug.cgi?id=15379
(From OE-Core rev: f7366f44fd7d0bc5a5b073cec9c68ffd8258903c)
Signed-off-by: Nick Owens <nick.owens@eero.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
| |
0030-meson-Pass-all-static-pie-args-to-linker.patch is dropped as
it's a backported patch and is now in the new 255.1 version.
(From OE-Core rev: 6fdf03bd950e55ef7881041606f6e76141033716)
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
1. Patch changes:
0004-Move-sysusers.d-sysctl.d-binfmt.d-modules-load.d-to-.patch
is removed because it has no real effect now. The /lib is now
/usr/lib because 'usrmerge' is a required distro feature for systemd.
0002-binfmt-Don-t-install-dependency-links-at-install-tim.patch is
refreshed for the new version to avoid patch-fuzz issue.
2. root user's home directory now defaults to "/root":
The sysuers.d/basic.conf is still modified to respect the ROOT_HOME
value, so if users set ROOT_HOME to "/home/root", the behavior is the
same as before. However, this is only for backward compatibility. With
this patch, The ROOT_HOME value is set to "/root" in init-manager-systemd.inc.
This is because systemd's source codes are hardcoding "/root", and other
values are not officially supported. See the list below.
$ grep -rl '"/root"' src/ | grep -v 'src/test'
src/core/namespace.c
src/basic/user-util.c
src/nss-systemd/nss-systemd.c
src/nspawn/nspawn.c
src/firstboot/firstboot.c
src/shared/userdb.c
src/shared/user-record.c
$ grep -rl /root network/ factory/ sysctl.d/ sysusers.d/ rules.d/ tmpfiles.d/ units/ xorg/ tools/
sysusers.d/basic.conf.in
tmpfiles.d/provision.conf
units/emergency.service.in
units/rescue.service.in
tools/list-discoverable-partitions.py
Previously, the recipe was just substituting sysusers.d/basic.conf.in,
which is not enough to be treated as 'fully support'. I deliberately put
a warning message in do_install to warn users about non "/root" ROOT_HOME
value. Don't remove it until all above places are handled.
3. cgroupv2 is now the default.
cgroupv2 is the default for systemd for many years and it's the default
for distros such as ubuntu and fedora. Let's also use it as the default.
(From OE-Core rev: ebafe463799b39025a0b24a0a14a2f02b6de9bac)
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
| |
The current patches are refreshed. A new patch is added:
0022-avoid-missing-LOCK_EX-declaration.patch
(From OE-Core rev: b86b1f1265b87f73ea132a9c0d3b1978972ad41b)
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Move the 'udevadm' autocompletion script into a dedicated package.
Indeed, bash (and therefore, the bash-completion package) is not
always installed. But the 'udevadm' autocompletion script remains
in ${datadir}/bash-completion.
Creating a dedicated package allows better split, and avoids
installing it if the bash-completion package is missing.
(From OE-Core rev: 7155ceadbd90b7c90fa0d734f8bc8b089ddd12f3)
Signed-off-by: Corentin Guillevic <corentin.guillevic@smile.fr>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
| |
systemd-boot native recipe provides ukify tool to build
UKI images for systemd-boot
(From OE-Core rev: 8063bcb2d4fcfeded5edac3b0895151e8dc8bf0f)
Signed-off-by: Viswanath Kraleti <quic_vkraleti@quicinc.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
