diff options
author | Mike Gilbert <floppym@gentoo.org> | 2021-12-09 14:39:31 -0500 |
---|---|---|
committer | Mike Gilbert <floppym@gentoo.org> | 2021-12-09 14:39:31 -0500 |
commit | 1f2e7fd084a9c6571af78262eacd9c153fbf1c3f (patch) | |
tree | 2af33169fafb32bde316d638474df1d6c175af78 /sys-apps/systemd | |
parent | dev-ada/langkit: LIBRARY_TYPE is now handled in gnatcoll-bindings (diff) | |
download | gentoo-1f2e7fd084a9c6571af78262eacd9c153fbf1c3f.tar.gz gentoo-1f2e7fd084a9c6571af78262eacd9c153fbf1c3f.tar.bz2 gentoo-1f2e7fd084a9c6571af78262eacd9c153fbf1c3f.zip |
sys-apps/systemd: drop 249.4-r4
Signed-off-by: Mike Gilbert <floppym@gentoo.org>
Diffstat (limited to 'sys-apps/systemd')
-rw-r--r-- | sys-apps/systemd/Manifest | 1 | ||||
-rw-r--r-- | sys-apps/systemd/files/249-fido2.patch | 58 | ||||
-rw-r--r-- | sys-apps/systemd/files/249-home-secret-assert.patch | 106 | ||||
-rw-r--r-- | sys-apps/systemd/files/249-libudev-static.patch | 26 | ||||
-rw-r--r-- | sys-apps/systemd/files/249-network-renaming.patch | 41 | ||||
-rw-r--r-- | sys-apps/systemd/systemd-249.4-r4.ebuild | 524 |
6 files changed, 0 insertions, 756 deletions
diff --git a/sys-apps/systemd/Manifest b/sys-apps/systemd/Manifest index b4ec49408dd1..ec8fbe294598 100644 --- a/sys-apps/systemd/Manifest +++ b/sys-apps/systemd/Manifest @@ -1,2 +1 @@ -DIST systemd-stable-249.4.tar.gz 10593723 BLAKE2B 466b3cb27c4bc6c85c9ba50f6614175b2c31a4c177d452542faa1395e99511440029b1a093dc80a5a1a0135eed09d8b1849572f36dba4e18a1396230bfc31adb SHA512 5b9ec28102538bc3dcb632ee16389ff20dccf4b723186f6ae2da119a1809d84db0d8bcecf9b75c5e2da8427f5543e1da281bbed1a154e529d8a82ea5128c465c DIST systemd-stable-249.6.tar.gz 10599611 BLAKE2B 9c0cbaa4319f2ce9a78dbe820d1b6df5191e6c632e2eac9f71f9ff9817564d9b3fc177d2aec0c0daea8ac33bbdc2066ad68a8967cf8857f4af3668b9a3e7d3bf SHA512 7a7791dfe4923c00987b924adcb1cd08c4d17af2b17b4c6c6c701856c6810cfda61f06821c39787339fc05293853c0ea61b9973fcf4495c7bf4f8054ecfae66f diff --git a/sys-apps/systemd/files/249-fido2.patch b/sys-apps/systemd/files/249-fido2.patch deleted file mode 100644 index bbfa4afb540e..000000000000 --- a/sys-apps/systemd/files/249-fido2.patch +++ /dev/null @@ -1,58 +0,0 @@ -From b6aa89b0a399992c8ea762e6ec4f30cff90618f2 Mon Sep 17 00:00:00 2001 -From: pedro martelletto <pedro@yubico.com> -Date: Wed, 8 Sep 2021 10:42:56 +0200 -Subject: [PATCH] explicitly close FIDO2 devices - -FIDO2 device access is serialised by libfido2 using flock(). -Therefore, make sure to close a FIDO2 device once we are done -with it, or we risk opening it again at a later point and -deadlocking. Fixes #20664. ---- - src/shared/libfido2-util.c | 2 ++ - src/shared/libfido2-util.h | 5 ++++- - 2 files changed, 6 insertions(+), 1 deletion(-) - -diff --git a/src/shared/libfido2-util.c b/src/shared/libfido2-util.c -index 12c644dcfcce..6d18178b68c9 100644 ---- a/src/shared/libfido2-util.c -+++ b/src/shared/libfido2-util.c -@@ -58,6 +58,7 @@ bool (*sym_fido_dev_is_fido2)(const fido_dev_t *) = NULL; - int (*sym_fido_dev_make_cred)(fido_dev_t *, fido_cred_t *, const char *) = NULL; - fido_dev_t* (*sym_fido_dev_new)(void) = NULL; - int (*sym_fido_dev_open)(fido_dev_t *, const char *) = NULL; -+int (*sym_fido_dev_close)(fido_dev_t *) = NULL; - const char* (*sym_fido_strerr)(int) = NULL; - - int dlopen_libfido2(void) { -@@ -106,6 +107,7 @@ int dlopen_libfido2(void) { - DLSYM_ARG(fido_dev_make_cred), - DLSYM_ARG(fido_dev_new), - DLSYM_ARG(fido_dev_open), -+ DLSYM_ARG(fido_dev_close), - DLSYM_ARG(fido_strerr)); - } - -diff --git a/src/shared/libfido2-util.h b/src/shared/libfido2-util.h -index 5640cca5e39b..4ebf8ab77509 100644 ---- a/src/shared/libfido2-util.h -+++ b/src/shared/libfido2-util.h -@@ -60,6 +60,7 @@ extern bool (*sym_fido_dev_is_fido2)(const fido_dev_t *); - extern int (*sym_fido_dev_make_cred)(fido_dev_t *, fido_cred_t *, const char *); - extern fido_dev_t* (*sym_fido_dev_new)(void); - extern int (*sym_fido_dev_open)(fido_dev_t *, const char *); -+extern int (*sym_fido_dev_close)(fido_dev_t *); - extern const char* (*sym_fido_strerr)(int); - - int dlopen_libfido2(void); -@@ -75,8 +76,10 @@ static inline void fido_assert_free_wrapper(fido_assert_t **p) { - } - - static inline void fido_dev_free_wrapper(fido_dev_t **p) { -- if (*p) -+ if (*p) { -+ sym_fido_dev_close(*p); - sym_fido_dev_free(p); -+ } - } - - static inline void fido_cred_free_wrapper(fido_cred_t **p) { diff --git a/sys-apps/systemd/files/249-home-secret-assert.patch b/sys-apps/systemd/files/249-home-secret-assert.patch deleted file mode 100644 index e6e2a8e7cc78..000000000000 --- a/sys-apps/systemd/files/249-home-secret-assert.patch +++ /dev/null @@ -1,106 +0,0 @@ -From 6a09dbb89507449d158af6c7097d2c51ce83205f Mon Sep 17 00:00:00 2001 -From: Yu Watanabe <watanabe.yu+github@gmail.com> -Date: Sun, 5 Sep 2021 11:16:26 +0900 -Subject: [PATCH] home: 'secret' argument of handle_generic_user_record_error - may be null - -When RefHome() bus method is called in acquire_home(), secret is NULL. - -Fixes #20639. ---- - src/home/pam_systemd_home.c | 19 ++++++++++++++++++- - 1 file changed, 18 insertions(+), 1 deletion(-) - -diff --git a/src/home/pam_systemd_home.c b/src/home/pam_systemd_home.c -index 836ed0d5e96d..a04d50208a8e 100644 ---- a/src/home/pam_systemd_home.c -+++ b/src/home/pam_systemd_home.c -@@ -281,7 +281,6 @@ static int handle_generic_user_record_error( - const sd_bus_error *error) { - - assert(user_name); -- assert(secret); - assert(error); - - int r; -@@ -301,6 +300,8 @@ static int handle_generic_user_record_error( - } else if (sd_bus_error_has_name(error, BUS_ERROR_BAD_PASSWORD)) { - _cleanup_(erase_and_freep) char *newp = NULL; - -+ assert(secret); -+ - /* This didn't work? Ask for an (additional?) password */ - - if (strv_isempty(secret->password)) -@@ -326,6 +327,8 @@ static int handle_generic_user_record_error( - } else if (sd_bus_error_has_name(error, BUS_ERROR_BAD_PASSWORD_AND_NO_TOKEN)) { - _cleanup_(erase_and_freep) char *newp = NULL; - -+ assert(secret); -+ - if (strv_isempty(secret->password)) { - (void) pam_prompt(handle, PAM_ERROR_MSG, NULL, "Security token of user %s not inserted.", user_name); - r = pam_prompt(handle, PAM_PROMPT_ECHO_OFF, &newp, "Try again with password: "); -@@ -350,6 +353,8 @@ static int handle_generic_user_record_error( - } else if (sd_bus_error_has_name(error, BUS_ERROR_TOKEN_PIN_NEEDED)) { - _cleanup_(erase_and_freep) char *newp = NULL; - -+ assert(secret); -+ - r = pam_prompt(handle, PAM_PROMPT_ECHO_OFF, &newp, "Security token PIN: "); - if (r != PAM_SUCCESS) - return PAM_CONV_ERR; /* no logging here */ -@@ -367,6 +372,8 @@ static int handle_generic_user_record_error( - - } else if (sd_bus_error_has_name(error, BUS_ERROR_TOKEN_PROTECTED_AUTHENTICATION_PATH_NEEDED)) { - -+ assert(secret); -+ - (void) pam_prompt(handle, PAM_ERROR_MSG, NULL, "Please authenticate physically on security token of user %s.", user_name); - - r = user_record_set_pkcs11_protected_authentication_path_permitted(secret, true); -@@ -377,6 +384,8 @@ static int handle_generic_user_record_error( - - } else if (sd_bus_error_has_name(error, BUS_ERROR_TOKEN_USER_PRESENCE_NEEDED)) { - -+ assert(secret); -+ - (void) pam_prompt(handle, PAM_ERROR_MSG, NULL, "Please confirm presence on security token of user %s.", user_name); - - r = user_record_set_fido2_user_presence_permitted(secret, true); -@@ -387,6 +396,8 @@ static int handle_generic_user_record_error( - - } else if (sd_bus_error_has_name(error, BUS_ERROR_TOKEN_USER_VERIFICATION_NEEDED)) { - -+ assert(secret); -+ - (void) pam_prompt(handle, PAM_ERROR_MSG, NULL, "Please verify user on security token of user %s.", user_name); - - r = user_record_set_fido2_user_verification_permitted(secret, true); -@@ -403,6 +414,8 @@ static int handle_generic_user_record_error( - } else if (sd_bus_error_has_name(error, BUS_ERROR_TOKEN_BAD_PIN)) { - _cleanup_(erase_and_freep) char *newp = NULL; - -+ assert(secret); -+ - (void) pam_prompt(handle, PAM_ERROR_MSG, NULL, "Security token PIN incorrect for user %s.", user_name); - r = pam_prompt(handle, PAM_PROMPT_ECHO_OFF, &newp, "Sorry, retry security token PIN: "); - if (r != PAM_SUCCESS) -@@ -422,6 +435,8 @@ static int handle_generic_user_record_error( - } else if (sd_bus_error_has_name(error, BUS_ERROR_TOKEN_BAD_PIN_FEW_TRIES_LEFT)) { - _cleanup_(erase_and_freep) char *newp = NULL; - -+ assert(secret); -+ - (void) pam_prompt(handle, PAM_ERROR_MSG, NULL, "Security token PIN of user %s incorrect (only a few tries left!)", user_name); - r = pam_prompt(handle, PAM_PROMPT_ECHO_OFF, &newp, "Sorry, retry security token PIN: "); - if (r != PAM_SUCCESS) -@@ -441,6 +456,8 @@ static int handle_generic_user_record_error( - } else if (sd_bus_error_has_name(error, BUS_ERROR_TOKEN_BAD_PIN_ONE_TRY_LEFT)) { - _cleanup_(erase_and_freep) char *newp = NULL; - -+ assert(secret); -+ - (void) pam_prompt(handle, PAM_ERROR_MSG, NULL, "Security token PIN of user %s incorrect (only one try left!)", user_name); - r = pam_prompt(handle, PAM_PROMPT_ECHO_OFF, &newp, "Sorry, retry security token PIN: "); - if (r != PAM_SUCCESS) diff --git a/sys-apps/systemd/files/249-libudev-static.patch b/sys-apps/systemd/files/249-libudev-static.patch deleted file mode 100644 index 73375b716e9b..000000000000 --- a/sys-apps/systemd/files/249-libudev-static.patch +++ /dev/null @@ -1,26 +0,0 @@ -From f2c57d4f3805775e0ffdc80ce578eaa737017d31 Mon Sep 17 00:00:00 2001 -From: Mike Gilbert <floppym@gentoo.org> -Date: Fri, 9 Jul 2021 13:05:23 -0400 -Subject: [PATCH] libudev: add "Libs.private: -lrt -pthread" to libudev.pc - -This resolves a failure when linking cryptsetup.static against libudev.a. - -``` -libtool: link: x86_64-pc-linux-gnu-gcc -Wall -O2 -pipe -march=amdfam10 -static -O2 -o cryptsetup.static lib/utils_crypt.o lib/utils_loop.o lib/utils_io.o lib/utils_blkid.o src/utils_tools.o src/utils_password.o src/utils_luks2.o src/utils_blockdev.o src/cryptsetup.o -pthread -pthread -Wl,--as-needed ./.libs/libcryptsetup.a -largon2 -lrt -ljson-c -lpopt -luuid -lblkid -lssl -lcrypto -lz -ldl -ldevmapper -lm -lpthread -ludev -pthread -/usr/lib/gcc/x86_64-pc-linux-gnu/11.1.0/../../../../x86_64-pc-linux-gnu/bin/ld: /usr/lib/gcc/x86_64-pc-linux-gnu/11.1.0/../../../../lib64/libudev.a(src_libsystemd_sd-daemon_sd-daemon.c.o): in function `sd_is_mq': -(.text.sd_is_mq+0x3a): undefined reference to `mq_getattr' -``` ---- - src/libudev/libudev.pc.in | 1 + - 1 file changed, 1 insertion(+) - -diff --git a/src/libudev/libudev.pc.in b/src/libudev/libudev.pc.in -index 89028aaa6bf2..1d6487fa4084 100644 ---- a/src/libudev/libudev.pc.in -+++ b/src/libudev/libudev.pc.in -@@ -16,4 +16,5 @@ Name: libudev - Description: Library to access udev device information - Version: {{PROJECT_VERSION}} - Libs: -L${libdir} -ludev -+Libs.private: -lrt -pthread - Cflags: -I${includedir} diff --git a/sys-apps/systemd/files/249-network-renaming.patch b/sys-apps/systemd/files/249-network-renaming.patch deleted file mode 100644 index b9eecf57b10f..000000000000 --- a/sys-apps/systemd/files/249-network-renaming.patch +++ /dev/null @@ -1,41 +0,0 @@ -From 160203e974945ce520fe8f569458634ef898c61c Mon Sep 17 00:00:00 2001 -From: Yu Watanabe <watanabe.yu+github@gmail.com> -Date: Fri, 10 Sep 2021 08:09:56 +0900 -Subject: [PATCH] network: fix handling of network interface renaming - -Fixes #20657. ---- - src/network/networkd-link.c | 14 +++++++++----- - 1 file changed, 9 insertions(+), 5 deletions(-) - -diff --git a/src/network/networkd-link.c b/src/network/networkd-link.c -index 4afd540d2015..caad6205ae83 100644 ---- a/src/network/networkd-link.c -+++ b/src/network/networkd-link.c -@@ -1470,17 +1470,21 @@ static int link_initialized(Link *link, sd_device *device) { - assert(link); - assert(device); - -- if (link->state != LINK_STATE_PENDING) -- return 0; -+ /* Always replace with the new sd_device object. As the sysname (and possibly other properties -+ * or sysattrs) may be outdated. */ -+ sd_device_ref(device); -+ sd_device_unref(link->sd_device); -+ link->sd_device = device; - -- if (link->sd_device) -+ /* Do not ignore unamanaged state case here. If an interface is renamed after being once -+ * configured, and the corresponding .network file has Name= in [Match] section, then the -+ * interface may be already in unmanaged state. See #20657. */ -+ if (!IN_SET(link->state, LINK_STATE_PENDING, LINK_STATE_UNMANAGED)) - return 0; - - log_link_debug(link, "udev initialized link"); - link_set_state(link, LINK_STATE_INITIALIZED); - -- link->sd_device = sd_device_ref(device); -- - /* udev has initialized the link, but we don't know if we have yet - * processed the NEWLINK messages with the latest state. Do a GETLINK, - * when it returns we know that the pending NEWLINKs have already been diff --git a/sys-apps/systemd/systemd-249.4-r4.ebuild b/sys-apps/systemd/systemd-249.4-r4.ebuild deleted file mode 100644 index 722d9f6b3f04..000000000000 --- a/sys-apps/systemd/systemd-249.4-r4.ebuild +++ /dev/null @@ -1,524 +0,0 @@ -# Copyright 2011-2021 Gentoo Authors -# Distributed under the terms of the GNU General Public License v2 - -EAPI=7 -PYTHON_COMPAT=( python3_{8..10} ) - -# Avoid QA warnings -TMPFILES_OPTIONAL=1 - -if [[ ${PV} == 9999 ]]; then - EGIT_REPO_URI="https://github.com/systemd/systemd.git" - inherit git-r3 -else - if [[ ${PV} == *.* ]]; then - MY_PN=systemd-stable - else - MY_PN=systemd - fi - MY_PV=${PV/_/-} - MY_P=${MY_PN}-${MY_PV} - S=${WORKDIR}/${MY_P} - SRC_URI="https://github.com/systemd/${MY_PN}/archive/v${MY_PV}/${MY_P}.tar.gz" - KEYWORDS="~alpha amd64 arm arm64 ~hppa ~ia64 ~mips ppc ppc64 ~riscv sparc x86" -fi - -inherit bash-completion-r1 linux-info meson-multilib pam python-any-r1 systemd toolchain-funcs udev usr-ldscript - -DESCRIPTION="System and service manager for Linux" -HOMEPAGE="https://www.freedesktop.org/wiki/Software/systemd" - -LICENSE="GPL-2 LGPL-2.1 MIT public-domain" -SLOT="0/2" -IUSE="acl apparmor audit build cgroup-hybrid cryptsetup curl dns-over-tls elfutils fido2 +gcrypt gnuefi homed http +hwdb idn importd +kmod +lz4 lzma nat pam pcre pkcs11 policykit pwquality qrcode repart +resolvconf +seccomp selinux split-usr +sysv-utils test tpm vanilla xkb +zstd" - -REQUIRED_USE=" - homed? ( cryptsetup pam ) - importd? ( curl gcrypt lzma ) - pwquality? ( homed ) -" -RESTRICT="!test? ( test )" - -MINKV="3.11" - -OPENSSL_DEP=">=dev-libs/openssl-1.1.0:0=" - -COMMON_DEPEND=">=sys-apps/util-linux-2.30:0=[${MULTILIB_USEDEP}] - sys-libs/libcap:0=[${MULTILIB_USEDEP}] - virtual/libcrypt:=[${MULTILIB_USEDEP}] - acl? ( sys-apps/acl:0= ) - apparmor? ( sys-libs/libapparmor:0= ) - audit? ( >=sys-process/audit-2:0= ) - cryptsetup? ( >=sys-fs/cryptsetup-2.0.1:0= ) - curl? ( net-misc/curl:0= ) - dns-over-tls? ( >=net-libs/gnutls-3.6.0:0= ) - elfutils? ( >=dev-libs/elfutils-0.158:0= ) - fido2? ( dev-libs/libfido2:0= ) - gcrypt? ( >=dev-libs/libgcrypt-1.4.5:0=[${MULTILIB_USEDEP}] ) - homed? ( ${OPENSSL_DEP} ) - http? ( - >=net-libs/libmicrohttpd-0.9.33:0=[epoll(+)] - >=net-libs/gnutls-3.1.4:0= - ) - idn? ( net-dns/libidn2:= ) - importd? ( - app-arch/bzip2:0= - sys-libs/zlib:0= - ) - kmod? ( >=sys-apps/kmod-15:0= ) - lz4? ( >=app-arch/lz4-0_p131:0=[${MULTILIB_USEDEP}] ) - lzma? ( >=app-arch/xz-utils-5.0.5-r1:0=[${MULTILIB_USEDEP}] ) - nat? ( net-firewall/iptables:0= ) - pam? ( sys-libs/pam:=[${MULTILIB_USEDEP}] ) - pkcs11? ( app-crypt/p11-kit:0= ) - pcre? ( dev-libs/libpcre2 ) - pwquality? ( dev-libs/libpwquality:0= ) - qrcode? ( media-gfx/qrencode:0= ) - repart? ( ${OPENSSL_DEP} ) - seccomp? ( >=sys-libs/libseccomp-2.3.3:0= ) - selinux? ( sys-libs/libselinux:0= ) - tpm? ( app-crypt/tpm2-tss:0= ) - xkb? ( >=x11-libs/libxkbcommon-0.4.1:0= ) - zstd? ( >=app-arch/zstd-1.4.0:0=[${MULTILIB_USEDEP}] ) -" - -# Newer linux-headers needed by ia64, bug #480218 -DEPEND="${COMMON_DEPEND} - >=sys-kernel/linux-headers-${MINKV} - gnuefi? ( >=sys-boot/gnu-efi-3.0.2 ) -" - -# baselayout-2.2 has /run -RDEPEND="${COMMON_DEPEND} - >=acct-group/adm-0-r1 - >=acct-group/wheel-0-r1 - >=acct-group/kmem-0-r1 - >=acct-group/tty-0-r1 - >=acct-group/utmp-0-r1 - >=acct-group/audio-0-r1 - >=acct-group/cdrom-0-r1 - >=acct-group/dialout-0-r1 - >=acct-group/disk-0-r1 - >=acct-group/input-0-r1 - >=acct-group/kvm-0-r1 - >=acct-group/lp-0-r1 - >=acct-group/render-0-r1 - acct-group/sgx - >=acct-group/tape-0-r1 - acct-group/users - >=acct-group/video-0-r1 - >=acct-group/systemd-journal-0-r1 - >=acct-user/root-0-r1 - acct-user/nobody - >=acct-user/systemd-journal-remote-0-r1 - >=acct-user/systemd-coredump-0-r1 - >=acct-user/systemd-network-0-r1 - acct-user/systemd-oom - >=acct-user/systemd-resolve-0-r1 - >=acct-user/systemd-timesync-0-r1 - >=sys-apps/baselayout-2.2 - selinux? ( sec-policy/selinux-base-policy[systemd] ) - sysv-utils? ( - !sys-apps/openrc[sysv-utils(-)] - !sys-apps/sysvinit - ) - !sysv-utils? ( sys-apps/sysvinit ) - resolvconf? ( !net-dns/openresolv ) - !build? ( || ( - sys-apps/util-linux[kill(-)] - sys-process/procps[kill(+)] - sys-apps/coreutils[kill(-)] - ) ) - !sys-auth/nss-myhostname - !sys-fs/eudev - !sys-fs/udev -" - -# sys-apps/dbus: the daemon only (+ build-time lib dep for tests) -PDEPEND=">=sys-apps/dbus-1.9.8[systemd] - hwdb? ( sys-apps/hwids[systemd(+),udev] ) - >=sys-fs/udev-init-scripts-34 - policykit? ( sys-auth/polkit ) - !vanilla? ( sys-apps/gentoo-systemd-integration )" - -BDEPEND=" - app-arch/xz-utils:0 - dev-util/gperf - >=dev-util/meson-0.46 - >=sys-apps/coreutils-8.16 - sys-devel/gettext - virtual/pkgconfig - test? ( - app-text/tree - dev-lang/perl - sys-apps/dbus - ) - app-text/docbook-xml-dtd:4.2 - app-text/docbook-xml-dtd:4.5 - app-text/docbook-xsl-stylesheets - dev-libs/libxslt:0 - $(python_gen_any_dep 'dev-python/jinja[${PYTHON_USEDEP}]') - $(python_gen_any_dep 'dev-python/lxml[${PYTHON_USEDEP}]') -" - -python_check_deps() { - has_version -b "dev-python/jinja[${PYTHON_USEDEP}]" && - has_version -b "dev-python/lxml[${PYTHON_USEDEP}]" -} - -QA_FLAGS_IGNORED="usr/lib/systemd/boot/efi/.*" -QA_EXECSTACK="usr/lib/systemd/boot/efi/*" - -pkg_pretend() { - if [[ ${MERGE_TYPE} != buildonly ]]; then - if use test && has pid-sandbox ${FEATURES}; then - ewarn "Tests are known to fail with PID sandboxing enabled." - ewarn "See https://bugs.gentoo.org/674458." - fi - - local CONFIG_CHECK="~AUTOFS4_FS ~BLK_DEV_BSG ~CGROUPS - ~DEVTMPFS ~EPOLL ~FANOTIFY ~FHANDLE - ~INOTIFY_USER ~IPV6 ~NET ~NET_NS ~PROC_FS ~SIGNALFD ~SYSFS - ~TIMERFD ~TMPFS_XATTR ~UNIX ~USER_NS - ~CRYPTO_HMAC ~CRYPTO_SHA256 ~CRYPTO_USER_API_HASH - ~!GRKERNSEC_PROC ~!IDE ~!SYSFS_DEPRECATED - ~!SYSFS_DEPRECATED_V2" - - use acl && CONFIG_CHECK+=" ~TMPFS_POSIX_ACL" - use seccomp && CONFIG_CHECK+=" ~SECCOMP ~SECCOMP_FILTER" - kernel_is -lt 3 7 && CONFIG_CHECK+=" ~HOTPLUG" - kernel_is -lt 4 7 && CONFIG_CHECK+=" ~DEVPTS_MULTIPLE_INSTANCES" - kernel_is -ge 4 10 && CONFIG_CHECK+=" ~CGROUP_BPF" - - if kernel_is -lt 5 10 20; then - CONFIG_CHECK+=" ~CHECKPOINT_RESTORE" - else - CONFIG_CHECK+=" ~KCMP" - fi - - if linux_config_exists; then - local uevent_helper_path=$(linux_chkconfig_string UEVENT_HELPER_PATH) - if [[ -n ${uevent_helper_path} ]] && [[ ${uevent_helper_path} != '""' ]]; then - ewarn "It's recommended to set an empty value to the following kernel config option:" - ewarn "CONFIG_UEVENT_HELPER_PATH=${uevent_helper_path}" - fi - if linux_chkconfig_present X86; then - CONFIG_CHECK+=" ~DMIID" - fi - fi - - if kernel_is -lt ${MINKV//./ }; then - ewarn "Kernel version at least ${MINKV} required" - fi - - check_extra_config - fi -} - -pkg_setup() { - : -} - -src_unpack() { - default - [[ ${PV} != 9999 ]] || git-r3_src_unpack -} - -src_prepare() { - # Do NOT add patches here - local PATCHES=() - - [[ -d "${WORKDIR}"/patches ]] && PATCHES+=( "${WORKDIR}"/patches ) - - # Add local patches here - PATCHES+=( - "${FILESDIR}/249-libudev-static.patch" - "${FILESDIR}/249-home-secret-assert.patch" - "${FILESDIR}/249-fido2.patch" - "${FILESDIR}/249-network-renaming.patch" - ) - - if ! use vanilla; then - PATCHES+=( - "${FILESDIR}/gentoo-generator-path-r2.patch" - "${FILESDIR}/gentoo-systemctl-disable-sysv-sync-r1.patch" - "${FILESDIR}/gentoo-journald-audit.patch" - ) - fi - - default -} - -src_configure() { - # Prevent conflicts with i686 cross toolchain, bug 559726 - tc-export AR CC NM OBJCOPY RANLIB - - python_setup - - multilib-minimal_src_configure -} - -multilib_src_configure() { - local myconf=( - --localstatedir="${EPREFIX}/var" - -Dsupport-url="https://gentoo.org/support/" - -Dpamlibdir="$(getpam_mod_dir)" - # avoid bash-completion dep - -Dbashcompletiondir="$(get_bashcompdir)" - # make sure we get /bin:/sbin in PATH - $(meson_use split-usr) - -Dsplit-bin=true - -Drootprefix="$(usex split-usr "${EPREFIX:-/}" "${EPREFIX}/usr")" - -Drootlibdir="${EPREFIX}/usr/$(get_libdir)" - # Avoid infinite exec recursion, bug 642724 - -Dtelinit-path="${EPREFIX}/lib/sysvinit/telinit" - # no deps - -Dima=true - -Ddefault-hierarchy=$(usex cgroup-hybrid hybrid unified) - # Optional components/dependencies - $(meson_native_use_bool acl) - $(meson_native_use_bool apparmor) - $(meson_native_use_bool audit) - $(meson_native_use_bool cryptsetup libcryptsetup) - $(meson_native_use_bool curl libcurl) - $(meson_native_use_bool dns-over-tls dns-over-tls) - $(meson_native_use_bool elfutils) - $(meson_native_use_bool fido2 libfido2) - $(meson_use gcrypt) - $(meson_native_use_bool gnuefi gnu-efi) - -Defi-includedir="${ESYSROOT}/usr/include/efi" - -Defi-ld="$(tc-getLD)" - -Defi-libdir="${ESYSROOT}/usr/$(get_libdir)" - $(meson_native_use_bool homed) - $(meson_native_use_bool hwdb) - $(meson_native_use_bool http microhttpd) - $(meson_native_use_bool idn) - $(meson_native_use_bool importd) - $(meson_native_use_bool importd bzip2) - $(meson_native_use_bool importd zlib) - $(meson_native_use_bool kmod) - $(meson_use lz4) - $(meson_use lzma xz) - $(meson_use zstd) - $(meson_native_use_bool nat libiptc) - $(meson_use pam) - $(meson_native_use_bool pkcs11 p11kit) - $(meson_native_use_bool pcre pcre2) - $(meson_native_use_bool policykit polkit) - $(meson_native_use_bool pwquality) - $(meson_native_use_bool qrcode qrencode) - $(meson_native_use_bool repart) - $(meson_native_use_bool seccomp) - $(meson_native_use_bool selinux) - $(meson_native_use_bool tpm tpm2) - $(meson_native_use_bool test dbus) - $(meson_native_use_bool xkb xkbcommon) - -Dntp-servers="0.gentoo.pool.ntp.org 1.gentoo.pool.ntp.org 2.gentoo.pool.ntp.org 3.gentoo.pool.ntp.org" - # Breaks screen, tmux, etc. - -Ddefault-kill-user-processes=false - -Dcreate-log-dirs=false - - # multilib options - $(meson_native_true backlight) - $(meson_native_true binfmt) - $(meson_native_true coredump) - $(meson_native_true environment-d) - $(meson_native_true firstboot) - $(meson_native_true hibernate) - $(meson_native_true hostnamed) - $(meson_native_true ldconfig) - $(meson_native_true localed) - $(meson_native_true man) - $(meson_native_true networkd) - $(meson_native_true quotacheck) - $(meson_native_true randomseed) - $(meson_native_true rfkill) - $(meson_native_true sysusers) - $(meson_native_true timedated) - $(meson_native_true timesyncd) - $(meson_native_true tmpfiles) - $(meson_native_true vconsole) - ) - - meson_src_configure "${myconf[@]}" -} - -multilib_src_test() { - unset DBUS_SESSION_BUS_ADDRESS XDG_RUNTIME_DIR - meson_src_test -} - -multilib_src_install_all() { - local rootprefix=$(usex split-usr '' /usr) - - # meson doesn't know about docdir - mv "${ED}"/usr/share/doc/{systemd,${PF}} || die - - einstalldocs - dodoc "${FILESDIR}"/nsswitch.conf - - if ! use resolvconf; then - rm -f "${ED}${rootprefix}"/sbin/resolvconf || die - fi - - rm "${ED}"/etc/init.d/README || die - rm "${ED}${rootprefix}"/lib/systemd/system-generators/systemd-sysv-generator || die - - if ! use sysv-utils; then - rm "${ED}${rootprefix}"/sbin/{halt,init,poweroff,reboot,runlevel,shutdown,telinit} || die - rm "${ED}"/usr/share/man/man1/init.1 || die - rm "${ED}"/usr/share/man/man8/{halt,poweroff,reboot,runlevel,shutdown,telinit}.8 || die - fi - - if ! use resolvconf && ! use sysv-utils; then - rmdir "${ED}${rootprefix}"/sbin || die - fi - - # https://bugs.gentoo.org/761763 - rm -r "${ED}"/usr/lib/sysusers.d || die - - # Preserve empty dirs in /etc & /var, bug #437008 - keepdir /etc/{binfmt.d,modules-load.d,tmpfiles.d} - keepdir /etc/kernel/install.d - keepdir /etc/systemd/{network,system,user} - keepdir /etc/udev/rules.d - - if use hwdb; then - keepdir /etc/udev/hwdb.d - fi - - keepdir "${rootprefix}"/lib/systemd/{system-sleep,system-shutdown} - keepdir /usr/lib/{binfmt.d,modules-load.d} - keepdir /usr/lib/systemd/user-generators - keepdir /var/lib/systemd - keepdir /var/log/journal - - # Symlink /etc/sysctl.conf for easy migration. - dosym ../../../etc/sysctl.conf /usr/lib/sysctl.d/99-sysctl.conf - - if use pam; then - newpamd "${FILESDIR}"/systemd-user.pam systemd-user - fi - - if use hwdb; then - rm -r "${ED}${rootprefix}"/lib/udev/hwdb.d || die - fi - - if use split-usr; then - # Avoid breaking boot/reboot - dosym ../../../lib/systemd/systemd /usr/lib/systemd/systemd - dosym ../../../lib/systemd/systemd-shutdown /usr/lib/systemd/systemd-shutdown - fi - - gen_usr_ldscript -a systemd udev -} - -migrate_locale() { - local envd_locale_def="${EROOT}/etc/env.d/02locale" - local envd_locale=( "${EROOT}"/etc/env.d/??locale ) - local locale_conf="${EROOT}/etc/locale.conf" - - if [[ ! -L ${locale_conf} && ! -e ${locale_conf} ]]; then - # If locale.conf does not exist... - if [[ -e ${envd_locale} ]]; then - # ...either copy env.d/??locale if there's one - ebegin "Moving ${envd_locale} to ${locale_conf}" - mv "${envd_locale}" "${locale_conf}" - eend ${?} || FAIL=1 - else - # ...or create a dummy default - ebegin "Creating ${locale_conf}" - cat > "${locale_conf}" <<-EOF - # This file has been created by the sys-apps/systemd ebuild. - # See locale.conf(5) and localectl(1). - - # LANG=${LANG} - EOF - eend ${?} || FAIL=1 - fi - fi - - if [[ ! -L ${envd_locale} ]]; then - # now, if env.d/??locale is not a symlink (to locale.conf)... - if [[ -e ${envd_locale} ]]; then - # ...warn the user that he has duplicate locale settings - ewarn - ewarn "To ensure consistent behavior, you should replace ${envd_locale}" - ewarn "with a symlink to ${locale_conf}. Please migrate your settings" - ewarn "and create the symlink with the following command:" - ewarn "ln -s -n -f ../locale.conf ${envd_locale}" - ewarn - else - # ...or just create the symlink if there's nothing here - ebegin "Creating ${envd_locale_def} -> ../locale.conf symlink" - ln -n -s ../locale.conf "${envd_locale_def}" - eend ${?} || FAIL=1 - fi - fi -} - -pkg_preinst() { - if ! use split-usr; then - local dir - for dir in bin sbin lib; do - if [[ ! ${EROOT}/${dir} -ef ${EROOT}/usr/${dir} ]]; then - eerror "\"${EROOT}/${dir}\" and \"${EROOT}/usr/${dir}\" are not merged." - eerror "One of them should be a symbolic link to the other one." - FAIL=1 - fi - done - if [[ ${FAIL} ]]; then - eerror "Migration to system layout with merged directories must be performed before" - eerror "rebuilding ${CATEGORY}/${PN} with USE=\"-split-usr\" to avoid run-time breakage." - die "System layout with split directories still used" - fi - fi -} - -pkg_postinst() { - systemd_update_catalog - - # Keep this here in case the database format changes so it gets updated - # when required. - if use hwdb; then - systemd-hwdb --root="${ROOT}" update - fi - - udev_reload || FAIL=1 - - # Bug 465468, make sure locales are respected, and ensure consistency - # between OpenRC & systemd - migrate_locale - - if [[ -z ${REPLACING_VERSIONS} ]]; then - if type systemctl &>/dev/null; then - systemctl --root="${ROOT:-/}" enable getty@.service remote-fs.target || FAIL=1 - fi - elog "To enable a useful set of services, run the following:" - elog " systemctl preset-all --preset-mode=enable-only" - fi - - if [[ -L ${EROOT}/var/lib/systemd/timesync ]]; then - rm "${EROOT}/var/lib/systemd/timesync" - fi - - if [[ -z ${ROOT} && -d /run/systemd/system ]]; then - ebegin "Reexecuting system manager" - systemctl daemon-reexec - eend $? - fi - - if [[ ${FAIL} ]]; then - eerror "One of the postinst commands failed. Please check the postinst output" - eerror "for errors. You may need to clean up your system and/or try installing" - eerror "systemd again." - eerror - fi -} - -pkg_prerm() { - # If removing systemd completely, remove the catalog database. - if [[ ! ${REPLACED_BY_VERSION} ]]; then - rm -f -v "${EROOT}"/var/lib/systemd/catalog/database - fi -} |