summaryrefslogtreecommitdiff
path: root/libre/systemd
diff options
context:
space:
mode:
Diffstat (limited to 'libre/systemd')
-rw-r--r--libre/systemd/PKGBUILD62
-rw-r--r--libre/systemd/initcpio-install-systemd27
2 files changed, 37 insertions, 52 deletions
diff --git a/libre/systemd/PKGBUILD b/libre/systemd/PKGBUILD
index 07f9c6b8c..8904d6cd0 100644
--- a/libre/systemd/PKGBUILD
+++ b/libre/systemd/PKGBUILD
@@ -11,9 +11,9 @@ pkgname+=('systemd-common' 'systemd-udev')
# We split Arch's systemd-libs into systemd-$X, for the following $X:
_systemd_libs=('libsystemd' 'libudev' 'nss-systemd' 'nss-myhostname' 'nss-mymachines' 'nss-resolve')
pkgname+=("${_systemd_libs[@]/#/systemd-}")
-_tag='a520e63382396661d79f630b2babe717a85b1209' # git rev-parse v${pkgver}
-pkgver=245.5
-pkgrel=2
+_tag='8a8b000d682a7108463c5c74bc876c5658d9de4a' # git rev-parse v${pkgver}
+pkgver=245.7
+pkgrel=1
pkgrel+=.parabola1
arch=('x86_64')
arch+=('i686' 'armv7h' 'ppc64le')
@@ -23,7 +23,7 @@ makedepends=('acl' 'cryptsetup' 'docbook-xsl' 'gperf' 'lz4' 'xz' 'pam' 'libelf'
'libmicrohttpd' 'libxslt' 'util-linux' 'linux-api-headers'
'python-lxml' 'quota-tools' 'shadow' 'git'
'meson' 'libseccomp' 'pcre2' 'audit' 'kexec-tools' 'libxkbcommon'
- 'bash-completion' 'p11-kit')
+ 'bash-completion' 'p11-kit' 'systemd')
makedepends_i686=('gnu-efi-libs' 'pkgconf')
makedepends_x86_64=('gnu-efi-libs')
options=('strip')
@@ -63,7 +63,7 @@ sha512sums=('SKIP'
'e38c7c422c82953f9c2476a5ab8009d614cbec839e4088bff5db7698ddc84e3d8ed64f32ed323f57b1913c5c9703546f794996cb415ed7cdda930b627962a3c4'
'85d11bbbb5c10016e4a67eec051315e2e292939844f260bf698018c5bd1c516c28444f635eb15832a23e26891c4beda14bacfa57fdeda45c00f1b653abe3b123'
'f0d933e8c6064ed830dec54049b0a01e27be87203208f6ae982f10fb4eddc7258cb2919d594cbfb9a33e74c3510cfd682f3416ba8e804387ab87d1a217eb4b73'
- '01de24951a05d38eca6b615a7645beb3677ca0e0f87638d133649f6dc14dcd2ea82594a60b793c31b14493a286d1d11a0d25617f54dbfa02be237652c8faa691'
+ 'f1f0bc599eb73b96f81e5413a55617ab82978d057dc0cabf226d225bb836a967fe13b84c4f24f64c074b6568026ab81d457512ff20a5918892c47a3a603eaa6e'
'a25b28af2e8c516c3a2eec4e64b8c7f70c21f974af4a955a4a9d45fd3e3ff0d2a98b4419fe425d47152d5acae77d64e69d8d014a7209524b75a81b0edb10bf3a'
'70b3f1d6aaa9cd4b6b34055a587554770c34194100b17b2ef3aaf4f16f68da0865f6b3ae443b3252d395e80efabd412b763259ffb76c902b60e23b6b522e3cc8'
'6c6f579644ea2ebb6b46ee274ab15110718b0de40def8c30173ba8480b045d403f2aedd15b50ad9b96453f4ad56920d1350ff76563755bb9a80b10fa7f64f1d9'
@@ -91,18 +91,6 @@ sha512sums=('SKIP'
_backports=(
# systemd-resolved: use hostname for certificate validation in DoT
'eec394f10bbfcc3d2fc8504ad8ff5be44231abd5'
-
- # unregister binary formats during shutdown #15566
- # shared: add common helper for unregistering all binfmt entries
- '965cc99416a3b5a2a71127e9e6d2e4a95ab3c432'
- # shutdown: unregister all binfmt_misc entries before entering shutdown loop
- '0282c0285a3e3c2e409305ce28555a6ad0489539'
- # binfmt: modernize code a bit
- 'f3670df13e144c2f81bf6f9a0bea581e6d555bdd'
- # binfmt: also unregister binfmt entries from unit
- '846acb6798a63f35162f58e1146d1a1f40849e86'
- # man: document binfmt's new --unregister switch
- 'cd9aa8f0f91b113acb079e79750c146c0529c2d7'
)
_reverts=(
@@ -167,10 +155,15 @@ build() {
-Dlz4=true
-Dman=true
+ # We disable DNSSEC by default, it still causes trouble:
+ # https://github.com/systemd/systemd/issues/10579
+
-Ddbuspolicydir=/usr/share/dbus-1/system.d
+ -Ddefault-dnssec=no
-Ddefault-hierarchy=hybrid
-Ddefault-kill-user-processes=false
-Ddefault-locale=C
+ -Ddns-over-tls=openssl
-Dfallback-hostname='parabola'
-Dnologin-path=/usr/bin/nologin
-Dntp-servers="${_timeservers[*]}"
@@ -240,8 +233,7 @@ check() {
package_systemd() {
pkgdesc='system and service manager'
license=('LGPL2.1')
- groups=('base-devel')
- depends=('bash' 'dbus' 'kbd' 'kmod'
+ depends=('bash' 'dbus' 'kbd' 'kmod' 'libkmod.so'
'systemd-libs' 'pam' 'libelf'
'util-linux' 'pcre2')
depends+=("systemd-common=$pkgver-$pkgrel" 'udev')
@@ -292,11 +284,10 @@ package_systemd() {
# add mkinitcpio hooks
install -D -m0644 initcpio-install-systemd "$pkgdir"/usr/lib/initcpio/install/systemd
- # ensure proper permissions for /var/log/journal
- # The permissions are stored with named group by tar, so this works with
- # users and groups populated by systemd-sysusers. This is only to prevent a
- # warning from pacman as permissions are set by systemd-tmpfiles anyway.
- install -d -o root -g systemd-journal -m 2755 "$pkgdir"/var/log/journal
+ # The group 'systemd-journal' is allocated dynamically and may have varying
+ # gid on different systems. Let's install with gid 0 (root), systemd-tmpfiles
+ # will fix the permissions for us. (see /usr/lib/tmpfiles.d/systemd.conf)
+ install -d -o root -g root -m 2755 "$pkgdir"/var/log/journal
# match directory owner/group and mode from [extra]/polkit
install -d -o root -g 102 -m 0750 "$pkgdir"/usr/share/polkit-1/rules.d
@@ -318,10 +309,11 @@ package_systemd() {
package_systemd-common() {
pkgdesc='systemd files shared between split packages'
license=('LGPL2.1')
- depends=('acl' 'cryptsetup' 'libdbus' 'glibc' 'iptables' 'libcap'
- 'libgcrypt' 'libidn2' 'libidn2.so' 'libseccomp' 'libsystemd.so'
+ depends=('acl' 'libacl.so' 'cryptsetup' 'libcryptsetup.so' 'libdbus'
+ 'glibc' 'iptables' 'libcap' 'libcap.so'
+ 'libgcrypt' 'libidn2' 'libidn2.so' 'libseccomp' 'libseccomp.so' 'libsystemd.so'
'libudev.so' 'libblkid.so' 'libmount.so' 'libuuid.so' 'lz4'
- 'xz' 'audit' 'libp11-kit')
+ 'xz' 'audit' 'libaudit.so' 'libp11-kit' 'libp11-kit.so' 'openssl')
cp -rT -d --no-preserve=ownership,timestamp "$srcdir/dest/${pkgname#systemd-}" "$pkgdir"
}
@@ -329,9 +321,8 @@ package_systemd-common() {
package_systemd-udev() {
pkgdesc='Userspace device file manager'
license=('GPL2') # NB: different than the rest
- groups=('base-devel')
depends=("systemd-common=$pkgver-$pkgrel" 'systemd-libudev'
- 'hwids' 'kmod' 'util-linux' 'zlib')
+ 'hwids' 'kmod' 'libkmod.so' 'util-linux' 'zlib')
backup=(etc/udev/udev.conf)
provides+=("${pkgname#systemd-}=$pkgver")
@@ -360,7 +351,7 @@ package_systemd-libs() {
package_systemd-libsystemd() {
pkgdesc='systemd client library'
- depends=('glibc' 'libcap' 'libgcrypt' 'lz4' 'xz')
+ depends=('glibc' 'libcap' 'libcap.so' 'libgcrypt' 'lz4' 'xz')
license=('LGPL2.1')
provides=('libsystemd.so')
@@ -373,8 +364,7 @@ package_systemd-libsystemd() {
package_systemd-libudev() {
pkgdesc='systemd library for enumerating and introspecting local devices'
- groups=('base-devel') # match systemd-udev
- depends=('glibc' 'libcap')
+ depends=('glibc' 'libcap' 'libcap.so')
license=('LGPL2.1')
provides=('libudev.so')
@@ -387,7 +377,7 @@ package_systemd-libudev() {
package_systemd-nss-systemd() {
pkgdesc='NSS module providing user and group resolution for dynamic users and groups'
- depends=('glibc' 'libcap')
+ depends=('glibc' 'libcap' 'libcap.so')
license=('LGPL2.1')
provides+=("${pkgname#systemd-}=$pkgver")
@@ -399,7 +389,7 @@ package_systemd-nss-systemd() {
package_systemd-nss-myhostname() {
pkgdesc='NSS module providing hostname resolution for the locally configured system hostname'
- depends=('glibc' 'libcap')
+ depends=('glibc' 'libcap' 'libcap.so')
license=('LGPL2.1')
provides+=("${pkgname#systemd-}=$pkgver")
@@ -411,7 +401,7 @@ package_systemd-nss-myhostname() {
package_systemd-nss-mymachines() {
pkgdesc='NSS module providing hostname resolution for local systemd-machined container instances'
- depends=('glibc' 'libcap')
+ depends=('glibc' 'libcap' 'libcap.so')
license=('LGPL2.1')
provides+=("${pkgname#systemd-}=$pkgver")
@@ -423,7 +413,7 @@ package_systemd-nss-mymachines() {
package_systemd-nss-resolve() {
pkgdesc='NSS module providing hostname resolution via systemd-resolved'
- depends=('glibc' 'libcap')
+ depends=('glibc' 'libcap' 'libcap.so')
license=('LGPL2.1')
provides+=("${pkgname#systemd-}=$pkgver")
diff --git a/libre/systemd/initcpio-install-systemd b/libre/systemd/initcpio-install-systemd
index 8fb4441f7..9e23070dd 100644
--- a/libre/systemd/initcpio-install-systemd
+++ b/libre/systemd/initcpio-install-systemd
@@ -69,10 +69,13 @@ add_systemd_unit() {
map add_systemd_unit "${values[@]}"
;;
Exec*)
- # don't add binaries unless they are required
- if [[ ${values[0]:0:1} != '-' ]]; then
- add_binary "${values[0]}"
- fi
+ # do not add binaries unless they are required,
+ # strip special executable prefixes
+ case ${values[0]} in
+ -*) ;;
+ !!*) add_binary "${values[0]#!!}" ;;
+ *) add_binary "${values[0]#[@!:+]}" ;;
+ esac
;;
esac
@@ -110,6 +113,7 @@ build() {
add_binary /usr/bin/sulogin
map add_binary \
+ /usr/bin/journalctl \
/usr/bin/systemd-tmpfiles \
/usr/lib/systemd/systemd-hibernate-resume \
/usr/lib/systemd/systemd-shutdown \
@@ -118,9 +122,6 @@ build() {
/usr/lib/systemd/system-generators/systemd-gpt-auto-generator \
/usr/lib/systemd/system-generators/systemd-hibernate-resume-generator
- # for journalctl in emergency shell
- add_binary journalctl
-
# udev rules and systemd units
map add_udev_rule "$rules" \
50-udev-default.rules \
@@ -171,15 +172,9 @@ build() {
'group: files' \
'shadow: files'
- echo "root:x:0:0:root:/:/bin/sh" >"$BUILDROOT/etc/passwd"
- echo "root:x:0:root" >"$BUILDROOT/etc/group"
- echo "root::::::::" >"$BUILDROOT/etc/shadow"
-
- add_systemd_drop_in systemd-udevd.service resolve-names <<EOF
-[Service]
-ExecStart=
-ExecStart=/usr/lib/systemd/systemd-udevd --resolve-names=never
-EOF
+ echo "root:x:0:0:root:/root:/bin/sh" >"$BUILDROOT/etc/passwd"
+ echo 'root:*:::::::' >"$BUILDROOT/etc/shadow"
+ getent group root audio disk input kmem kvm lp optical render storage tty uucp video | awk -F: ' { print $1 ":x:" $3 ":" }' >"$BUILDROOT/etc/group"
add_dir "/etc/modules-load.d"
(