summaryrefslogtreecommitdiff
path: root/libre-testing/systemd
diff options
context:
space:
mode:
Diffstat (limited to 'libre-testing/systemd')
-rw-r--r--libre-testing/systemd/0001-Use-Arch-Linux-device-access-groups.patch75
-rw-r--r--libre-testing/systemd/PKGBUILD274
-rw-r--r--libre-testing/systemd/arch.conf7
-rw-r--r--libre-testing/systemd/initcpio-hook-udev22
-rw-r--r--libre-testing/systemd/initcpio-install-systemd202
-rw-r--r--libre-testing/systemd/initcpio-install-udev29
-rw-r--r--libre-testing/systemd/loader.conf1
-rw-r--r--libre-testing/systemd/splash-arch.bmpbin0 -> 378226 bytes
-rw-r--r--libre-testing/systemd/systemd-binfmt.hook10
-rw-r--r--libre-testing/systemd/systemd-catalog.hook11
-rw-r--r--libre-testing/systemd/systemd-daemon-reload.hook11
-rw-r--r--libre-testing/systemd/systemd-hook32
-rw-r--r--libre-testing/systemd/systemd-hwdb.hook11
-rw-r--r--libre-testing/systemd/systemd-sysctl.hook10
-rw-r--r--libre-testing/systemd/systemd-sysusers.hook10
-rw-r--r--libre-testing/systemd/systemd-tmpfiles.hook10
-rw-r--r--libre-testing/systemd/systemd-udev-reload.hook11
-rw-r--r--libre-testing/systemd/systemd-update.hook11
-rw-r--r--libre-testing/systemd/systemd-user.pam5
-rw-r--r--libre-testing/systemd/systemd.install99
20 files changed, 841 insertions, 0 deletions
diff --git a/libre-testing/systemd/0001-Use-Arch-Linux-device-access-groups.patch b/libre-testing/systemd/0001-Use-Arch-Linux-device-access-groups.patch
new file mode 100644
index 000000000..c511144de
--- /dev/null
+++ b/libre-testing/systemd/0001-Use-Arch-Linux-device-access-groups.patch
@@ -0,0 +1,75 @@
+From 34e4b4953cb99642e9144d97823edf32b06ffe93 Mon Sep 17 00:00:00 2001
+Message-Id: <34e4b4953cb99642e9144d97823edf32b06ffe93.1520376078.git.jan.steffens@gmail.com>
+From: "Jan Alexander Steffens (heftig)" <jan.steffens@gmail.com>
+Date: Tue, 6 Mar 2018 23:39:47 +0100
+Subject: [PATCH] Use Arch Linux' device access groups
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+ cdrom → optical
+ dialout → uucp
+ tape → storage
+---
+ rules/50-udev-default.rules.in | 14 +++++++-------
+ sysusers.d/basic.conf.in | 6 +++---
+ 2 files changed, 10 insertions(+), 10 deletions(-)
+
+diff --git a/rules/50-udev-default.rules.in b/rules/50-udev-default.rules.in
+index 191f56f42..f81c4d0fc 100644
+--- a/rules/50-udev-default.rules.in
++++ b/rules/50-udev-default.rules.in
+@@ -22,7 +22,7 @@ SUBSYSTEM=="tty", KERNEL=="sclp_line[0-9]*", GROUP="tty", MODE="0620"
+ SUBSYSTEM=="tty", KERNEL=="ttysclp[0-9]*", GROUP="tty", MODE="0620"
+ SUBSYSTEM=="tty", KERNEL=="3270/tty[0-9]*", GROUP="tty", MODE="0620"
+ SUBSYSTEM=="vc", KERNEL=="vcs*|vcsa*", GROUP="tty"
+-KERNEL=="tty[A-Z]*[0-9]|ttymxc[0-9]*|pppox[0-9]*|ircomm[0-9]*|noz[0-9]*|rfcomm[0-9]*", GROUP="dialout"
++KERNEL=="tty[A-Z]*[0-9]|ttymxc[0-9]*|pppox[0-9]*|ircomm[0-9]*|noz[0-9]*|rfcomm[0-9]*", GROUP="uucp"
+
+ SUBSYSTEM=="mem", KERNEL=="mem|kmem|port", GROUP="kmem", MODE="0640"
+
+@@ -57,13 +57,13 @@ KERNEL=="irlpt[0-9]*", GROUP="lp"
+ SUBSYSTEM=="usb", ENV{DEVTYPE}=="usb_device", ENV{ID_USB_INTERFACES}=="*:0701??:*", GROUP="lp"
+
+ SUBSYSTEM=="block", GROUP="disk"
+-SUBSYSTEM=="block", KERNEL=="sr[0-9]*", GROUP="cdrom"
+-SUBSYSTEM=="scsi_generic", SUBSYSTEMS=="scsi", ATTRS{type}=="4|5", GROUP="cdrom"
+-KERNEL=="sch[0-9]*", GROUP="cdrom"
+-KERNEL=="pktcdvd[0-9]*", GROUP="cdrom"
+-KERNEL=="pktcdvd", GROUP="cdrom"
++SUBSYSTEM=="block", KERNEL=="sr[0-9]*", GROUP="optical"
++SUBSYSTEM=="scsi_generic", SUBSYSTEMS=="scsi", ATTRS{type}=="4|5", GROUP="optical"
++KERNEL=="sch[0-9]*", GROUP="optical"
++KERNEL=="pktcdvd[0-9]*", GROUP="optical"
++KERNEL=="pktcdvd", GROUP="optical"
+
+-SUBSYSTEM=="scsi_generic|scsi_tape", SUBSYSTEMS=="scsi", ATTRS{type}=="1|8", GROUP="tape"
++SUBSYSTEM=="scsi_generic|scsi_tape", SUBSYSTEMS=="scsi", ATTRS{type}=="1|8", GROUP="storage"
+ SUBSYSTEM=="scsi_generic", SUBSYSTEMS=="scsi", ATTRS{type}=="0", GROUP="disk"
+ KERNEL=="qft[0-9]*|nqft[0-9]*|zqft[0-9]*|nzqft[0-9]*|rawqft[0-9]*|nrawqft[0-9]*", GROUP="disk"
+ KERNEL=="loop-control", GROUP="disk", OPTIONS+="static_node=loop-control"
+diff --git a/sysusers.d/basic.conf.in b/sysusers.d/basic.conf.in
+index 8e358c02d..33e513a36 100644
+--- a/sysusers.d/basic.conf.in
++++ b/sysusers.d/basic.conf.in
+@@ -24,14 +24,14 @@ g utmp - - -
+
+ # Hardware access groups
+ g audio - - -
+-g cdrom - - -
+-g dialout - - -
+ g disk - - -
+ g input - - -
+ g kvm - - -
+ g lp - - -
++g optical - - -
+ g render - - -
+-g tape - - -
++g storage - - -
++g uucp - - -
+ g video - - -
+
+ # Default group for normal users
+--
+2.16.2
+
diff --git a/libre-testing/systemd/PKGBUILD b/libre-testing/systemd/PKGBUILD
new file mode 100644
index 000000000..d0b46eb12
--- /dev/null
+++ b/libre-testing/systemd/PKGBUILD
@@ -0,0 +1,274 @@
+# Maintainer: Christian Hesse <mail@eworm.de>
+# Maintainer: Dave Reisner <dreisner@archlinux.org>
+# Maintainer: Tom Gundersen <teg@jklm.no>
+
+pkgbase=systemd
+pkgname=('systemd' 'libsystemd' 'systemd-resolvconf' 'systemd-sysvcompat')
+# Can be from either systemd or systemd-stable
+_commit='c38499d476026d999558a7eee9c95ca2fa41e115'
+pkgver=239.2
+pkgrel=2
+arch=('x86_64' 'ppc64le')
+url='https://www.github.com/systemd/systemd'
+makedepends=('acl' 'cryptsetup' 'docbook-xsl' 'gperf' 'lz4' 'xz' 'pam' 'libelf'
+ 'intltool' 'iptables' 'kmod' 'libcap' 'libidn2' 'libgcrypt'
+ 'libmicrohttpd' 'libxslt' 'util-linux' 'linux-api-headers'
+ 'python-lxml' 'quota-tools' 'shadow' 'gnu-efi-libs' 'git'
+ 'meson' 'libseccomp' 'pcre2' 'audit' 'kexec-tools' 'libxkbcommon'
+ 'bash-completion')
+options=('strip')
+validpgpkeys=('63CDA1E5D3FC22B998D20DD6327F26951A015CC4' # Lennart Poettering <lennart@poettering.net>
+ '5C251B5FC54EB2F80F407AAAC54CA336CFEB557E') # Zbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl>
+source=(# fragment is latest tag for source verification, final merge in prepare()
+ "git+https://github.com/systemd/systemd-stable#tag=v${pkgver%.*}?signed"
+ "git+https://github.com/systemd/systemd#tag=v${pkgver%.*}?signed"
+ '0001-Use-Arch-Linux-device-access-groups.patch'
+ 'initcpio-hook-udev'
+ 'initcpio-install-systemd'
+ 'initcpio-install-udev'
+ 'arch.conf'
+ 'loader.conf'
+ 'splash-arch.bmp'
+ 'systemd-user.pam'
+ 'systemd-hook'
+ 'systemd-binfmt.hook'
+ 'systemd-catalog.hook'
+ 'systemd-daemon-reload.hook'
+ 'systemd-hwdb.hook'
+ 'systemd-sysctl.hook'
+ 'systemd-sysusers.hook'
+ 'systemd-tmpfiles.hook'
+ 'systemd-udev-reload.hook'
+ 'systemd-update.hook')
+sha512sums=('SKIP'
+ 'SKIP'
+ '9348683829190628e25b7b3300fd880c426d555bde330d5fc5150a9a54b3ad9d4d1f2e69ea1dc6d6f086693dacc53c5af30f1fa7ad9b479791fd77bcdafa430e'
+ 'f0d933e8c6064ed830dec54049b0a01e27be87203208f6ae982f10fb4eddc7258cb2919d594cbfb9a33e74c3510cfd682f3416ba8e804387ab87d1a217eb4b73'
+ '01de24951a05d38eca6b615a7645beb3677ca0e0f87638d133649f6dc14dcd2ea82594a60b793c31b14493a286d1d11a0d25617f54dbfa02be237652c8faa691'
+ 'a25b28af2e8c516c3a2eec4e64b8c7f70c21f974af4a955a4a9d45fd3e3ff0d2a98b4419fe425d47152d5acae77d64e69d8d014a7209524b75a81b0edb10bf3a'
+ '61032d29241b74a0f28446f8cf1be0e8ec46d0847a61dadb2a4f096e8686d5f57fe5c72bcf386003f6520bc4b5856c32d63bf3efe7eb0bc0deefc9f68159e648'
+ 'c416e2121df83067376bcaacb58c05b01990f4614ad9de657d74b6da3efa441af251d13bf21e3f0f71ddcb4c9ea658b81da3d915667dc5c309c87ec32a1cb5a5'
+ '5a1d78b5170da5abe3d18fdf9f2c3a4d78f15ba7d1ee9ec2708c4c9c2e28973469bc19386f70b3cf32ffafbe4fcc4303e5ebbd6d5187a1df3314ae0965b25e75'
+ 'b90c99d768dc2a4f020ba854edf45ccf1b86a09d2f66e475de21fe589ff7e32c33ef4aa0876d7f1864491488fd7edb2682fc0d68e83a6d4890a0778dc2d6fe19'
+ '6b82386fc20619eefa911cd9cdac8efbd0c7137bba4955e8ae75a0ea378d19dbfccc1f7bde6684f03e5f2badefa4abf20623153d88a170d14499167319586db7'
+ '5a6b6beef8c31c79018884d948de840f4d3dfb07d9a87081ebf65e2b8fe595bc8c96dbd7742920ccf948c233213ed0026abc913650cefd77ad90c6f8c89bddb8'
+ '4cff2ebd962e26e2f516d8b4ac45c839dbfa54dd0588b423c224a328b9f7c62306ca7b2f6cb55240c564caf9972d5bcd2e0efaf2de49d64729aeb3bc1560c9eb'
+ '872de70325e9798f0b5a77e991c85bd2ab6de24d9b9ba4e35002d2dd5df15f8b30739a0042a624776177ffc14a838cde7ee98622016ed41df3efda9a659730b2'
+ '471342b8d0e05533908cda5d6a906050a51e3181beda1239e91d717029ee40a9eaed714996a445417d87c4e31b7f8522a665de176077fe0536d538369594996d'
+ 'da783e3bfc6469b92dee4064a13e2b427520d3d96b57c95a4e07aaca3e844d95210a8b16122b022080f5452d65096f274dd1c1467725bbdb2e40ef304b78774a'
+ '08a590d08043a21f30f04252164b94df972b1ff1022a0469d6aef713e14484a3a037cce290a2a582851e6fac3e64add69d6cc8fc130bbeeaea08626ebf3e1763'
+ '577e33a1c50b4b41157a67f64162b035dd0c4a541e19cee55a100048bdb50cb2c82852741b1372989a0fe4c4782ba477522747fcc81d72aed99b3db512a86447'
+ 'e4a9d7607fe93daf1d45270971c8d8455c4bfc2c0bea8bcad05aeb89847edee23cd1a41073a72042622acf417018fe254f5bfc137604fe2c71292680bf67a1c2'
+ '209b01b044877cc986757fa4009a92ea98f480306c2530075d153203c3cd2b3afccab6aacc1453dee8857991e04270572f1700310705d7a0f4d5bed27fab8c67')
+
+_backports=(
+ # statx fixes
+ '75720bff62a84896e9a0654afc7cf9408cf89a38'
+ '9c869d08d82c73f62ab3527567858ce4b0cf1257'
+)
+
+_reverts=(
+)
+
+prepare() {
+ cd "$pkgbase-stable"
+
+ # add upstream repository for cherry-picking
+ git remote add -f upstream ../systemd
+ # merge the latest stable commit (fast-foward only to make sure
+ # the verified tag is in)
+ git merge --ff-only "${_commit}"
+
+ local _c
+ for _c in "${_backports[@]}"; do
+ git cherry-pick -n "${_c}"
+ done
+ for _c in "${_reverts[@]}"; do
+ git revert -n "${_c}"
+ done
+
+ # Replace cdrom/dialout/tape groups with optical/uucp/storage
+ patch -Np1 -i ../0001-Use-Arch-Linux-device-access-groups.patch
+}
+
+pkgver() {
+ cd "$pkgbase-stable"
+
+ local _version _count
+ _version="$(git describe --abbrev=0 --tags)"
+ _count="$(git rev-list --count ${_version}..)"
+ printf '%s.%s' "${_version#v}" "${_count}"
+}
+
+build() {
+ local _timeservers=({0..3}.arch.pool.ntp.org)
+ local _nameservers=(
+ # We use these public name services, ordered by their
+ # privacy policy (hopefully):
+ # * Cloudflare (https://1.1.1.1/)
+ # * Quad9 without filtering (https://www.quad9.net/)
+ # * Google (https://developers.google.com/speed/public-dns/)
+ 1.1.1.1
+ 9.9.9.10
+ 8.8.8.8
+ 2606:4700:4700::1111
+ 2620:fe::10
+ 2001:4860:4860::8888
+ )
+
+ local _meson_options=(
+ -Dgnu-efi=true
+ -Dima=false
+ -Dlibidn2=true
+ -Dlz4=true
+
+ -Ddbuspolicydir=/usr/share/dbus-1/system.d
+ # TODO(dreisner): consider changing this to unified
+ -Ddefault-hierarchy=hybrid
+ -Ddefault-kill-user-processes=false
+ -Dfallback-hostname='archlinux'
+ -Dntp-servers="${_timeservers[*]}"
+ -Ddns-servers="${_nameservers[*]}"
+ -Drpmmacrosdir=no
+ -Dsysvinit-path=
+ -Dsysvrcnd-path=
+ )
+
+ arch-meson "$pkgbase-stable" build "${_meson_options[@]}"
+
+ ninja -C build
+}
+
+check() {
+ meson test -C build
+}
+
+package_systemd() {
+ pkgdesc='system and service manager'
+ license=('GPL2' 'LGPL2.1')
+ groups=('base-devel')
+ depends=('acl' 'bash' 'cryptsetup' 'dbus' 'iptables' 'kbd' 'kmod' 'hwids' 'libcap'
+ 'libgcrypt' 'libsystemd' 'libidn2' 'lz4' 'pam' 'libelf' 'libseccomp'
+ 'util-linux' 'xz' 'pcre2' 'audit')
+ provides=('nss-myhostname' "systemd-tools=$pkgver" "udev=$pkgver")
+ replaces=('nss-myhostname' 'systemd-tools' 'udev')
+ conflicts=('nss-myhostname' 'systemd-tools' 'udev')
+ optdepends=('libmicrohttpd: remote journald capabilities'
+ 'quota-tools: kernel-level quota management'
+ 'systemd-sysvcompat: symlink package to provide sysvinit binaries'
+ 'polkit: allow administration as unprivileged user'
+ 'curl: machinectl pull-tar and pull-raw')
+ backup=(etc/pam.d/systemd-user
+ etc/systemd/coredump.conf
+ etc/systemd/journald.conf
+ etc/systemd/journal-remote.conf
+ etc/systemd/journal-upload.conf
+ etc/systemd/logind.conf
+ etc/systemd/system.conf
+ etc/systemd/timesyncd.conf
+ etc/systemd/resolved.conf
+ etc/systemd/user.conf
+ etc/udev/udev.conf)
+ install=systemd.install
+
+ DESTDIR="$pkgdir" meson install -C build
+
+ # don't write units to /etc by default. some of these will be re-enabled on
+ # post_install.
+ rm -rv "$pkgdir"/etc/systemd/system/*
+
+ # we'll create this on installation
+ rmdir "$pkgdir"/var/log/journal/remote
+
+ # runtime libraries shipped with libsystemd
+ install -d -m0755 libsystemd
+ mv "$pkgdir"/usr/lib/lib{nss,systemd,udev}*.so* libsystemd
+
+ # manpages shipped with systemd-sysvcompat
+ rm "$pkgdir"/usr/share/man/man8/{halt,poweroff,reboot,runlevel,shutdown,telinit}.8
+
+ # executable (symlinks) shipped with systemd-sysvcompat
+ rm "$pkgdir"/usr/bin/{halt,init,poweroff,reboot,runlevel,shutdown,telinit}
+
+ # files shipped with systemd-resolvconf
+ rm "$pkgdir"/usr/{bin/resolvconf,share/man/man1/resolvconf.1}
+
+ # avoid a potential conflict with [core]/filesystem
+ rm "$pkgdir"/usr/share/factory/etc/nsswitch.conf
+ sed -i '/^C \/etc\/nsswitch\.conf/d' "$pkgdir"/usr/lib/tmpfiles.d/etc.conf
+
+ # add back tmpfiles.d/legacy.conf, normally omitted without sysv-compat
+ install -m0644 $pkgbase-stable/tmpfiles.d/legacy.conf "$pkgdir"/usr/lib/tmpfiles.d
+
+ # ship default policy to leave services disabled
+ echo 'disable *' >"$pkgdir"/usr/lib/systemd/system-preset/99-default.preset
+
+ # add mkinitcpio hooks
+ install -D -m0644 initcpio-install-systemd "$pkgdir"/usr/lib/initcpio/install/systemd
+ install -D -m0644 initcpio-install-udev "$pkgdir"/usr/lib/initcpio/install/udev
+ install -D -m0644 initcpio-hook-udev "$pkgdir"/usr/lib/initcpio/hooks/udev
+
+ # ensure proper permissions for /var/log/journal
+ # The permissions are stored with named group by tar, so this works with
+ # users and groups populated by systemd-sysusers. This is only to prevent a
+ # warning from pacman as permissions are set by systemd-tmpfiles anyway.
+ install -d -o root -g systemd-journal -m 2755 "$pkgdir"/var/log/journal
+
+ # match directory owner/group and mode from [extra]/polkit
+ install -d -o root -g 102 -m 0750 "$pkgdir"/usr/share/polkit-1/rules.d
+
+ # add example bootctl configuration
+ install -D -m0644 arch.conf "$pkgdir"/usr/share/systemd/bootctl/arch.conf
+ install -D -m0644 loader.conf "$pkgdir"/usr/share/systemd/bootctl/loader.conf
+ install -D -m0644 splash-arch.bmp "$pkgdir"/usr/share/systemd/bootctl/splash-arch.bmp
+
+ # pacman hooks
+ install -D -m0755 systemd-hook "$pkgdir"/usr/share/libalpm/scripts/systemd-hook
+ install -D -m0644 -t "$pkgdir"/usr/share/libalpm/hooks *.hook
+
+ # overwrite the systemd-user PAM configuration with our own
+ install -D -m0644 systemd-user.pam "$pkgdir"/etc/pam.d/systemd-user
+}
+
+package_libsystemd() {
+ pkgdesc='systemd client libraries'
+ depends=('glibc' 'libcap' 'libgcrypt' 'lz4' 'xz')
+ license=('GPL2')
+ provides=('libsystemd.so' 'libudev.so')
+
+ install -d -m0755 "$pkgdir"/usr
+ mv libsystemd "$pkgdir"/usr/lib
+}
+
+package_systemd-resolvconf() {
+ pkgdesc='systemd resolvconf replacement'
+ license=('GPL2')
+ depends=('systemd')
+ provides=('openresolv' 'resolvconf')
+ conflicts=('openresolv')
+
+ install -d -m0755 "$pkgdir"/usr/bin
+ ln -s resolvectl "$pkgdir"/usr/bin/resolvconf
+
+ install -d -m0755 "$pkgdir"/usr/share/man/man1
+ ln -s resolvectl.1.gz "$pkgdir"/usr/share/man/man1/resolvconf.1.gz
+}
+
+package_systemd-sysvcompat() {
+ pkgdesc='sysvinit compat for systemd'
+ license=('GPL2')
+ groups=('base')
+ conflicts=('sysvinit')
+ depends=('systemd')
+
+ install -D -m0644 -t "$pkgdir"/usr/share/man/man8 \
+ build/man/{telinit,halt,reboot,poweroff,runlevel,shutdown}.8
+
+ install -d -m0755 "$pkgdir"/usr/bin
+ ln -s ../lib/systemd/systemd "$pkgdir"/usr/bin/init
+ for tool in runlevel reboot shutdown poweroff halt telinit; do
+ ln -s systemctl "$pkgdir"/usr/bin/$tool
+ done
+}
+
+# vim:ft=sh syn=sh et sw=2:
diff --git a/libre-testing/systemd/arch.conf b/libre-testing/systemd/arch.conf
new file mode 100644
index 000000000..250b7785e
--- /dev/null
+++ b/libre-testing/systemd/arch.conf
@@ -0,0 +1,7 @@
+## This is just an example config file.
+## Please edit the paths and kernel parameters according to your system.
+
+title Arch Linux
+linux /vmlinuz-linux
+initrd /initramfs-linux.img
+options root=PARTUUID=XXXX rootfstype=XXXX add_efi_memmap
diff --git a/libre-testing/systemd/initcpio-hook-udev b/libre-testing/systemd/initcpio-hook-udev
new file mode 100644
index 000000000..ea9a11f8c
--- /dev/null
+++ b/libre-testing/systemd/initcpio-hook-udev
@@ -0,0 +1,22 @@
+#!/usr/bin/ash
+
+run_earlyhook() {
+ kmod static-nodes --format=tmpfiles --output=/run/tmpfiles.d/kmod.conf
+ systemd-tmpfiles --prefix=/dev --create --boot
+ /usr/lib/systemd/systemd-udevd --daemon --resolve-names=never
+ udevd_running=1
+}
+
+run_hook() {
+ msg ":: Triggering uevents..."
+ udevadm trigger --action=add --type=subsystems
+ udevadm trigger --action=add --type=devices
+ udevadm settle
+}
+
+run_cleanuphook() {
+ udevadm control --exit
+ udevadm info --cleanup-db
+}
+
+# vim: set ft=sh ts=4 sw=4 et:
diff --git a/libre-testing/systemd/initcpio-install-systemd b/libre-testing/systemd/initcpio-install-systemd
new file mode 100644
index 000000000..8fb4441f7
--- /dev/null
+++ b/libre-testing/systemd/initcpio-install-systemd
@@ -0,0 +1,202 @@
+#!/bin/bash
+
+strip_quotes() {
+ local len=${#1} quotes=$'[\'"]' str=${!1}
+
+ if [[ ${str:0:1} = ${str: -1} && ${str:0:1} = $quotes ]]; then
+ printf -v "$1" %s "${str:1:-1}"
+ fi
+}
+
+add_udev_rule() {
+ # Add an udev rules file to the initcpio image. Dependencies on binaries
+ # will be discovered and added.
+ # $1: path to rules file (or name of rules file)
+
+ local rules= rule= key= value= binary=
+
+ rules=$(PATH=/usr/lib/udev/rules.d:/lib/udev/rules.d type -P "$1")
+ if [[ -z $rules ]]; then
+ # complain about not found rules
+ return 1
+ fi
+
+ add_file "$rules"
+
+ while IFS=, read -ra rule; do
+ # skip empty lines, comments
+ [[ -z $rule || $rule = @(+([[:space:]])|#*) ]] && continue
+
+ for pair in "${rule[@]}"; do
+ IFS=' =' read -r key value <<< "$pair"
+ case $key in
+ RUN@({program}|+)|IMPORT{program}|ENV{REMOVE_CMD})
+ strip_quotes 'value'
+ # just take the first word as the binary name
+ binary=${value%% *}
+ [[ ${binary:0:1} == '$' ]] && continue
+ if [[ ${binary:0:1} != '/' ]]; then
+ binary=$(PATH=/usr/lib/udev:/lib/udev type -P "$binary")
+ fi
+ add_binary "$binary"
+ ;;
+ esac
+ done
+ done <"$rules"
+}
+
+add_systemd_unit() {
+ # Add a systemd unit file to the initcpio image. Hard dependencies on binaries
+ # and other unit files will be discovered and added.
+ # $1: path to rules file (or name of rules file)
+
+ local unit= rule= entry= key= value= binary= dep=
+
+ unit=$(PATH=/usr/lib/systemd/system:/lib/systemd/system type -P "$1")
+ if [[ -z $unit ]]; then
+ # complain about not found unit file
+ return 1
+ fi
+
+ add_file "$unit"
+
+ while IFS='=' read -r key values; do
+ read -ra values <<< "$values"
+
+ case $key in
+ Requires|OnFailure)
+ # only add hard dependencies (not Wants)
+ map add_systemd_unit "${values[@]}"
+ ;;
+ Exec*)
+ # don't add binaries unless they are required
+ if [[ ${values[0]:0:1} != '-' ]]; then
+ add_binary "${values[0]}"
+ fi
+ ;;
+ esac
+
+ done <"$unit"
+
+ # preserve reverse soft dependency
+ for dep in {/usr,}/lib/systemd/system/*.wants/${unit##*/}; do
+ if [[ -L $dep ]]; then
+ add_symlink "$dep"
+ fi
+ done
+
+ # add hard dependencies
+ if [[ -d $unit.requires ]]; then
+ for dep in "$unit".requires/*; do
+ add_systemd_unit ${dep##*/}
+ done
+ fi
+}
+
+add_systemd_drop_in() {
+ local unit=$1 dropin_name=$2
+
+ mkdir -p "$BUILDROOT/etc/systemd/system/$unit.d"
+ cat >"$BUILDROOT/etc/systemd/system/$unit.d/$2.conf"
+}
+
+build() {
+ local rules unit
+
+ # from base
+ add_binary /bin/mount
+ add_binary /usr/bin/kmod /usr/bin/modprobe
+ add_binary /usr/lib/systemd/systemd /init
+ add_binary /usr/bin/sulogin
+
+ map add_binary \
+ /usr/bin/systemd-tmpfiles \
+ /usr/lib/systemd/systemd-hibernate-resume \
+ /usr/lib/systemd/systemd-shutdown \
+ /usr/lib/systemd/systemd-sulogin-shell \
+ /usr/lib/systemd/system-generators/systemd-fstab-generator \
+ /usr/lib/systemd/system-generators/systemd-gpt-auto-generator \
+ /usr/lib/systemd/system-generators/systemd-hibernate-resume-generator
+
+ # for journalctl in emergency shell
+ add_binary journalctl
+
+ # udev rules and systemd units
+ map add_udev_rule "$rules" \
+ 50-udev-default.rules \
+ 60-persistent-storage.rules \
+ 64-btrfs.rules \
+ 80-drivers.rules \
+ 99-systemd.rules
+
+ map add_systemd_unit \
+ initrd-cleanup.service \
+ initrd-fs.target \
+ initrd-parse-etc.service \
+ initrd-root-fs.target \
+ initrd-root-device.target \
+ initrd-switch-root.service \
+ initrd-switch-root.target \
+ initrd-udevadm-cleanup-db.service \
+ initrd.target \
+ kmod-static-nodes.service \
+ local-fs.target \
+ local-fs-pre.target \
+ paths.target \
+ reboot.target \
+ slices.target \
+ sockets.target \
+ swap.target \
+ systemd-fsck@.service \
+ systemd-hibernate-resume@.service \
+ systemd-journald.service \
+ systemd-journald-audit.socket \
+ systemd-journald-dev-log.socket \
+ systemd-modules-load.service \
+ systemd-tmpfiles-setup-dev.service \
+ systemd-udev-trigger.service \
+ systemd-udevd-control.socket \
+ systemd-udevd-kernel.socket \
+ systemd-udevd.service \
+ timers.target \
+ rescue.target \
+ emergency.target
+
+ add_symlink "/usr/lib/systemd/system/default.target" "initrd.target"
+ add_symlink "/usr/lib/systemd/system/ctrl-alt-del.target" "reboot.target"
+
+ add_binary "$(readlink -f /usr/lib/libnss_files.so)"
+ printf '%s\n' >"$BUILDROOT/etc/nsswitch.conf" \
+ 'passwd: files' \
+ 'group: files' \
+ 'shadow: files'
+
+ echo "root:x:0:0:root:/:/bin/sh" >"$BUILDROOT/etc/passwd"
+ echo "root:x:0:root" >"$BUILDROOT/etc/group"
+ echo "root::::::::" >"$BUILDROOT/etc/shadow"
+
+ add_systemd_drop_in systemd-udevd.service resolve-names <<EOF
+[Service]
+ExecStart=
+ExecStart=/usr/lib/systemd/systemd-udevd --resolve-names=never
+EOF
+
+ add_dir "/etc/modules-load.d"
+ (
+ . "$_f_config"
+ set -f
+ printf '%s\n' ${MODULES[@]} >"$BUILDROOT/etc/modules-load.d/MODULES.conf"
+ )
+}
+
+help() {
+ cat <<HELPEOF
+This will install a basic systemd setup in your initramfs, and is meant to
+replace the 'base', 'usr', 'udev' and 'resume' hooks. Other hooks with runtime
+components will need to be ported, and will not work as intended. You also may
+wish to still include the 'base' hook (before this hook) to ensure that a
+rescue shell exists on your initramfs.
+HELPEOF
+}
+
+# vim: set ft=sh ts=4 sw=4 et:
diff --git a/libre-testing/systemd/initcpio-install-udev b/libre-testing/systemd/initcpio-install-udev
new file mode 100644
index 000000000..31d982712
--- /dev/null
+++ b/libre-testing/systemd/initcpio-install-udev
@@ -0,0 +1,29 @@
+#!/bin/bash
+
+build() {
+ local rules tool
+
+ add_binary /usr/lib/systemd/systemd-udevd
+ add_binary /usr/bin/udevadm
+ add_binary /usr/bin/systemd-tmpfiles
+
+ for rules in 50-udev-default.rules 60-persistent-storage.rules 64-btrfs.rules 80-drivers.rules; do
+ add_file "/usr/lib/udev/rules.d/$rules"
+ done
+ for tool in ata_id scsi_id; do
+ add_file "/usr/lib/udev/$tool"
+ done
+
+ add_runscript
+}
+
+help() {
+ cat <<HELPEOF
+This hook adds the udev daemon to the initramfs, allowing for dynamic loading
+of modules and reliable detection of the root device via tags (e.g. UUID or
+LABEL). Do not remove this hook unless you are using the systemd hook, or you
+know what you're doing.
+HELPEOF
+}
+
+# vim: set ft=sh ts=4 sw=4 et:
diff --git a/libre-testing/systemd/loader.conf b/libre-testing/systemd/loader.conf
new file mode 100644
index 000000000..1f7cd7ef4
--- /dev/null
+++ b/libre-testing/systemd/loader.conf
@@ -0,0 +1 @@
+default arch
diff --git a/libre-testing/systemd/splash-arch.bmp b/libre-testing/systemd/splash-arch.bmp
new file mode 100644
index 000000000..f083d4bbf
--- /dev/null
+++ b/libre-testing/systemd/splash-arch.bmp
Binary files differ
diff --git a/libre-testing/systemd/systemd-binfmt.hook b/libre-testing/systemd/systemd-binfmt.hook
new file mode 100644
index 000000000..9c31a4b16
--- /dev/null
+++ b/libre-testing/systemd/systemd-binfmt.hook
@@ -0,0 +1,10 @@
+[Trigger]
+Type = File
+Operation = Install
+Operation = Upgrade
+Target = usr/lib/binfmt.d/*.conf
+
+[Action]
+Description = Registering binary formats...
+When = PostTransaction
+Exec = /usr/share/libalpm/scripts/systemd-hook binfmt
diff --git a/libre-testing/systemd/systemd-catalog.hook b/libre-testing/systemd/systemd-catalog.hook
new file mode 100644
index 000000000..d28bddc4b
--- /dev/null
+++ b/libre-testing/systemd/systemd-catalog.hook
@@ -0,0 +1,11 @@
+[Trigger]
+Type = File
+Operation = Install
+Operation = Upgrade
+Operation = Remove
+Target = usr/lib/systemd/catalog/*
+
+[Action]
+Description = Updating journal message catalog...
+When = PostTransaction
+Exec = /usr/share/libalpm/scripts/systemd-hook catalog
diff --git a/libre-testing/systemd/systemd-daemon-reload.hook b/libre-testing/systemd/systemd-daemon-reload.hook
new file mode 100644
index 000000000..87923e862
--- /dev/null
+++ b/libre-testing/systemd/systemd-daemon-reload.hook
@@ -0,0 +1,11 @@
+[Trigger]
+Type = File
+Operation = Install
+Operation = Upgrade
+Operation = Remove
+Target = usr/lib/systemd/system/*
+
+[Action]
+Description = Reloading system manager configuration...
+When = PostTransaction
+Exec = /usr/share/libalpm/scripts/systemd-hook daemon-reload
diff --git a/libre-testing/systemd/systemd-hook b/libre-testing/systemd/systemd-hook
new file mode 100644
index 000000000..0a664f2c5
--- /dev/null
+++ b/libre-testing/systemd/systemd-hook
@@ -0,0 +1,32 @@
+#!/bin/sh -e
+
+systemd_live() {
+ if [ ! -d /run/systemd/system ]; then
+ echo >&2 " Skipped: Current root is not booted."
+ exit 0
+ fi
+}
+
+udevd_live() {
+ if [ ! -d /run/udev ]; then
+ echo >&2 " Skipped: Device manager is not running."
+ exit 0
+ fi
+}
+
+case $1 in
+ catalog) /usr/bin/journalctl --update-catalog ;;
+ hwdb) /usr/bin/systemd-hwdb --usr update ;;
+ update) touch -c /usr ;;
+ sysusers) /usr/bin/systemd-sysusers ;;
+ tmpfiles) /usr/bin/systemd-tmpfiles --create ;;
+
+ daemon-reload) systemd_live; /usr/bin/systemctl daemon-reload ;;
+ udev-reload) udevd_live; /usr/bin/udevadm control --reload ;;
+ binfmt) systemd_live; /usr/lib/systemd/systemd-binfmt ;;
+ sysctl) systemd_live; /usr/lib/systemd/systemd-sysctl ;;
+
+ *) echo >&2 " Invalid operation '$1'"; exit 1 ;;
+esac
+
+exit 0
diff --git a/libre-testing/systemd/systemd-hwdb.hook b/libre-testing/systemd/systemd-hwdb.hook
new file mode 100644
index 000000000..f0440b0a6
--- /dev/null
+++ b/libre-testing/systemd/systemd-hwdb.hook
@@ -0,0 +1,11 @@
+[Trigger]
+Type = File
+Operation = Install
+Operation = Upgrade
+Operation = Remove
+Target = usr/lib/udev/hwdb.d/*
+
+[Action]
+Description = Updating udev hardware database...
+When = PostTransaction
+Exec = /usr/share/libalpm/scripts/systemd-hook hwdb
diff --git a/libre-testing/systemd/systemd-sysctl.hook b/libre-testing/systemd/systemd-sysctl.hook
new file mode 100644
index 000000000..aec5ac1b0
--- /dev/null
+++ b/libre-testing/systemd/systemd-sysctl.hook
@@ -0,0 +1,10 @@
+[Trigger]
+Type = File
+Operation = Install
+Operation = Upgrade
+Target = usr/lib/sysctl.d/*.conf
+
+[Action]
+Description = Applying kernel sysctl settings...
+When = PostTransaction
+Exec = /usr/share/libalpm/scripts/systemd-hook sysctl
diff --git a/libre-testing/systemd/systemd-sysusers.hook b/libre-testing/systemd/systemd-sysusers.hook
new file mode 100644
index 000000000..9873dd402
--- /dev/null
+++ b/libre-testing/systemd/systemd-sysusers.hook
@@ -0,0 +1,10 @@
+[Trigger]
+Type = File
+Operation = Install
+Operation = Upgrade
+Target = usr/lib/sysusers.d/*.conf
+
+[Action]
+Description = Creating system user accounts...
+When = PostTransaction
+Exec = /usr/share/libalpm/scripts/systemd-hook sysusers
diff --git a/libre-testing/systemd/systemd-tmpfiles.hook b/libre-testing/systemd/systemd-tmpfiles.hook
new file mode 100644
index 000000000..df60d8275
--- /dev/null
+++ b/libre-testing/systemd/systemd-tmpfiles.hook
@@ -0,0 +1,10 @@
+[Trigger]
+Type = File
+Operation = Install
+Operation = Upgrade
+Target = usr/lib/tmpfiles.d/*.conf
+
+[Action]
+Description = Creating temporary files...
+When = PostTransaction
+Exec = /usr/share/libalpm/scripts/systemd-hook tmpfiles
diff --git a/libre-testing/systemd/systemd-udev-reload.hook b/libre-testing/systemd/systemd-udev-reload.hook
new file mode 100644
index 000000000..04238bd58
--- /dev/null
+++ b/libre-testing/systemd/systemd-udev-reload.hook
@@ -0,0 +1,11 @@
+[Trigger]
+Type = File
+Operation = Install
+Operation = Upgrade
+Operation = Remove
+Target = usr/lib/udev/rules.d/*
+
+[Action]
+Description = Reloading device manager configuration...
+When = PostTransaction
+Exec = /usr/share/libalpm/scripts/systemd-hook udev-reload
diff --git a/libre-testing/systemd/systemd-update.hook b/libre-testing/systemd/systemd-update.hook
new file mode 100644
index 000000000..7084a0c16
--- /dev/null
+++ b/libre-testing/systemd/systemd-update.hook
@@ -0,0 +1,11 @@
+[Trigger]
+Type = File
+Operation = Install
+Operation = Upgrade
+Operation = Remove
+Target = usr/
+
+[Action]
+Description = Arming ConditionNeedsUpdate...
+When = PostTransaction
+Exec = /usr/share/libalpm/scripts/systemd-hook update
diff --git a/libre-testing/systemd/systemd-user.pam b/libre-testing/systemd/systemd-user.pam
new file mode 100644
index 000000000..83f762696
--- /dev/null
+++ b/libre-testing/systemd/systemd-user.pam
@@ -0,0 +1,5 @@
+# Used by systemd --user instances.
+
+account include system-login
+session required pam_loginuid.so
+session include system-login
diff --git a/libre-testing/systemd/systemd.install b/libre-testing/systemd/systemd.install
new file mode 100644
index 000000000..fedc747ea
--- /dev/null
+++ b/libre-testing/systemd/systemd.install
@@ -0,0 +1,99 @@
+#!/bin/bash
+
+sd_booted() {
+ [[ -d run/systemd/system && ! -L run/systemd/system ]]
+}
+
+add_journal_acls() {
+ # ignore errors, since the filesystem might not support ACLs
+ setfacl -Rnm g:wheel:rx,d:g:wheel:rx,g:adm:rx,d:g:adm:rx var/log/journal/ 2>/dev/null
+ :
+}
+
+post_common() {
+ systemd-sysusers
+ journalctl --update-catalog
+}
+
+_216_2_changes() {
+ echo ':: Coredumps are handled by systemd by default. Collection behavior can be'
+ echo ' tuned in /etc/systemd/coredump.conf.'
+}
+
+_219_2_changes() {
+ if mkdir -m2755 var/log/journal/remote 2>/dev/null; then
+ chgrp systemd-journal-remote var/log/journal/remote
+ fi
+}
+
+_219_4_changes() {
+ if ! systemctl is-enabled -q remote-fs.target; then
+ systemctl enable -q remote-fs.target
+ fi
+}
+
+_230_1_changes() {
+ echo ':: systemd-bootchart is no longer included with systemd'
+}
+
+_232_8_changes() {
+ # paper over possible effects of CVE-2016-10156
+ local stamps=(/var/lib/systemd/timers/*.timer)
+
+ if [[ -f ${stamps[0]} ]]; then
+ chmod 0644 "${stamps[@]}"
+ fi
+}
+
+_233_75_3_changes() {
+ # upstream installs services to /etc, which we remove
+ # to keep bus activation we re-enable systemd-resolved
+ if systemctl is-enabled -q systemd-resolved.service; then
+ systemctl reenable systemd-resolved.service 2>/dev/null
+ fi
+}
+
+post_install() {
+ systemd-machine-id-setup
+
+ post_common "$@"
+
+ add_journal_acls
+
+ # enable some services by default, but don't track them
+ systemctl enable getty@tty1.service remote-fs.target
+
+ echo ":: Append 'init=/usr/lib/systemd/systemd' to your kernel command line in your"
+ echo " bootloader to replace sysvinit with systemd, or install systemd-sysvcompat"
+
+ # group 'systemd-journal-remote' is created by systemd-sysusers
+ mkdir -m2755 var/log/journal/remote
+ chgrp systemd-journal-remote var/log/journal/remote
+}
+
+post_upgrade() {
+ post_common "$@"
+
+ # don't reexec if the old version is 231-1 or 231-2.
+ # https://github.com/systemd/systemd/commit/bd64d82c1c
+ if [[ $1 != 231-[12] ]] && sd_booted; then
+ systemctl --system daemon-reexec
+ fi
+
+ local v upgrades=(
+ 216-2
+ 219-2
+ 219-4
+ 230-1
+ 232-8
+ 233.75-3
+ )
+
+ for v in "${upgrades[@]}"; do
+ if [[ $(vercmp "$v" "$2") -eq 1 ]]; then
+ "_${v//[.-]/_}_changes"
+ fi
+ done
+}
+
+# vim:set ts=2 sw=2 et: