diff options
Diffstat (limited to 'pcr/systemd-knock/PKGBUILD')
-rw-r--r-- | pcr/systemd-knock/PKGBUILD | 220 |
1 files changed, 162 insertions, 58 deletions
diff --git a/pcr/systemd-knock/PKGBUILD b/pcr/systemd-knock/PKGBUILD index 02d675c41..8327810a4 100644 --- a/pcr/systemd-knock/PKGBUILD +++ b/pcr/systemd-knock/PKGBUILD @@ -2,32 +2,42 @@ # Maintainer (Arch): Tom Gundersen <teg@jklm.no> # Maintainer: Márcio Silva <coadde@parabola.nu> # Maintainer: André Silva <emulatorman@parabola.nu> +# Contributor: Luke Shumaker <lukeshu@sbcglobal.net> _pkgbase=systemd pkgbase=systemd-knock -pkgname=('systemd-knock' 'libsystemd-knock' 'systemd-knock-sysvcompat') -pkgver=229 -pkgrel=3 +pkgname=('systemd-knock' 'libsystemd-knock' 'systemd-knock-sysvcompat' + 'libsystemd-knock-standalone' 'libudev-knock' 'nss-knock-myhostname' 'nss-knock-mymachines' 'nss-knock-resolve') +pkgver=230 +pkgrel=4 arch=('i686' 'x86_64' 'armv7h') url="http://www.freedesktop.org/wiki/Software/systemd" makedepends=('acl' 'cryptsetup' 'docbook-xsl' 'gperf' 'lz4' 'xz' 'pam' 'libelf' 'intltool' 'iptables' 'kmod' 'libcap' 'libidn' 'libgcrypt' 'libmicrohttpd' 'libxslt' 'util-linux' 'linux-libre-api-headers' 'python-lxml' 'quota-tools' 'shadow' 'git') -[ "$CARCH" != "armv7h" ] && makedepends+=('gnu-efi-libs') +makedepends_i686=('gnu-efi-libs') +makedepends_x86_64=('gnu-efi-libs') options=('strip' 'debug') source=("git://github.com/systemd/systemd.git#tag=v$pkgver" #'0001-adds-TCP-Stealth-support-to-systemd.patch::https://gnunet.org/sites/default/files/systemd-knock-patch.diff' - "https://repo.parabola.nu/other/knock/patches/systemd/0001-adds-TCP-Stealth-support-to-systemd-221.patch"{,.sig} + "https://repo.parabola.nu/other/knock/patches/systemd/0001-adds-TCP-Stealth-support-to-systemd-230.patch"{,.sig} "https://repo.parabola.nu/other/systemd/splash-parabola.bmp"{,.sig} 'initcpio-hook-udev' 'initcpio-install-systemd' 'initcpio-install-udev' 'parabola.conf' 'loader.conf' - 'gnu+linux.patch') + 'udev-hwdb.hook' + '0001-FSDG-man-Refer-to-the-operating-system-as-GNU-Linux.patch' + '0002-FSDG-os-release-Default-to-PRETTY_NAME-GNU-Linux-ins.patch' + '0003-FSDG-os-release-Default-to-NAME-GNU-Linux-instead-of.patch' + '0004-FSDG-os-release-Default-ID-to-gnu-linux-instead-of-l.patch' + '0005-FSDG-systemd-resolved-Default-to-hostname-gnu-linux-.patch' + '0006-FSDG-man-Use-FSDG-operating-systems-as-examples.patch' + "https://repo.parabola.nu/other/systemd/splash-parabola.bmp"{,.sig}) md5sums=('SKIP' - '936208db8995db77efbb388735f950af' + '32e8e7c8802dac3078a2c4b0e05abd30' 'SKIP' 'f8253cd3c0f249591338fbb4c223d249' 'SKIP' @@ -36,38 +46,50 @@ md5sums=('SKIP' '1b3aa3a0551b08af9305d33f85b5c2fc' '36ee74767ac8734dede1cbd0f4f275d7' '9b9f4a58e4c4009bf5290c5b297600c3' - 'd37895215ef74e172c594aebe1ba23cb') + 'a475a5ed8f03fb0f6b58b4684998d05c' + '92a4bb5e527e1e956743c1ffa622adc7' + '397e2262bf96df3bc1762a3b0bef2f75' + 'e592f6778c12627d46982ddfe0698361' + 'c4c559f9916806f5162ccff3e7c433e8' + '5166fe700ef5991c2da3876206c699fb' + '166ce41b60d4eaa7738486f7aab5ebd8' + 'f8253cd3c0f249591338fbb4c223d249' + 'SKIP') validpgpkeys=( '684D54A189305A9CC95446D36B888913DDB59515' # Márcio Silva 'C92BAA713B8D53D3CAE63FC9E6974752F9704456' # André Silva ) -prepare() { - cd "$_pkgbase" +_backports=( + # Revert "rules: allow users to access frame buffer devices" (#3333) + e77813ca9f4e0735fd0e3e2caae4d7d1ee436011 - # networkd: FIONREAD is not reliable on some sockets - git cherry-pick -n 4edc2c9b6b5b921873eb82e58719ed4d9e0d69bf + # {machine,system}ctl: always pass &changes and &n_changes (#3350) + acc0269cad31d1aaef2034a055b34c07c88a353d - # fix assertion failure in src/core/timer.c on bootup (FS#48197) - git cherry-pick -n 3f51aec8647fe13f4b1e46b2f75ff635403adf91 + # systemctl: fix return values on success + 5f056378b0ceffb6e6fba3513f7eae72e2d09dc8 - # fix udevd error checking from cg_unified() (FS#48188) - git cherry-pick -n 6d2353394fc33e923d1ab464c8f88df2a5105ffb + # automount: handle expire_tokens when the mount unit changes its state (#3434) + 0a62f81045dd810c8f1223cccbac4d706ea2cb45 +) - # revert "core: resolve specifier in config_parse_exec()" - git cherry-pick -n bd1b973fb326e9b7587494fd6108e5ded46e9163 +prepare() { + cd "$_pkgbase" - # Rename "Linux" -> "GNU/Linux" - patch -Np1 -i "$srcdir/gnu+linux.patch" - sed -i '\|os_name| s|Linux|GNU/Linux|' src/journal-remote/journal-gatewayd.c - sed -i '\|pretty_name| s|Linux|GNU/Linux|' src/analyze/analyze.c src/core/main.c src/firstboot/firstboot.c - sed -i '\|PRETTY_NAME| s|Linux|GNU/Linux|' src/kernel-install/90-loaderentry.install + if (( ${#_backports[*]} > 0 )); then + git cherry-pick -n "${_backports[@]}" + fi + + # apply FSDG and Knock patches + local patchfile + for patchfile in "$srcdir"/*.patch; do + patch -Np1 -i "$patchfile" + done # Rename "Linux Boot Manager" -> "Systemd Boot Manager" sed -i 's|Linux Boot Manager|Systemd Boot Manager|' src/boot/bootctl.c - patch -Np1 <../0001-adds-TCP-Stealth-support-to-systemd-221.patch - ./autogen.sh } @@ -80,24 +102,66 @@ build() { LDFLAGS+=" -Wl,-fuse-ld=bfd" CFLAGS+=" -fno-lto" CXXFLAGS+=" -fno-lto" - else - extra=--enable-gnuefi fi - ./configure \ - --libexecdir=/usr/lib \ - --localstatedir=/var \ - --sysconfdir=/etc \ - --enable-lz4 \ - --enable-tcp-stealth \ - --disable-audit \ - --disable-ima \ - --with-sysvinit-path= \ - --with-sysvrcnd-path= \ - --with-ntp-servers="${timeservers[*]}" \ - $extra + local enable_gnuefi='' + if [ "$CARCH" != "armv7h" ]; then + enable_gnuefi='--enable-gnuefi' + fi + + local configure_options=( + --libexecdir=/usr/lib + --localstatedir=/var + --sysconfdir=/etc + + --enable-lz4 + $enable_gnuefi + --disable-audit + --disable-ima + --enable-tcp-stealth + + --with-sysvinit-path= + --with-sysvrcnd-path= + --with-ntp-servers="${timeservers[*]}" + --with-default-dnssec=no + --without-kill-user-processes + ) + + ./configure "${configure_options[@]}" make + + # Go ahead and split the package now. It's easier this way, because + # we can use mv instead of awkward, error-prone rm/cp pairs. + rm -rf "$srcdir/dest" + + # Put things in the main systemd package by default + make DESTDIR="$srcdir/dest/systemd" install + + install -dm755 "$srcdir/dest/libsystemd"/usr/{lib/pkgconfig,share/man/man3,include} + mv -T "$srcdir/dest"/{systemd,libsystemd}/usr/include/systemd + mv -T "$srcdir/dest"/{systemd,libsystemd}/usr/lib/pkgconfig/libsystemd.pc + mv "$srcdir/dest"/systemd/usr/lib/libsystemd.so* -t "$srcdir/dest"/libsystemd/usr/lib/ + mv "$srcdir/dest"/systemd/usr/share/man/man3/{SD,sd}* -t "$srcdir/dest"/libsystemd/usr/share/man/man3/ + + install -dm755 "$srcdir/dest/libudev"/usr/{lib/pkgconfig,share/man/man3,include} + mv -T "$srcdir/dest"/{systemd,libudev}/usr/include/libudev.h + mv -T "$srcdir/dest"/{systemd,libudev}/usr/lib/pkgconfig/libudev.pc + mv "$srcdir/dest"/systemd/usr/lib/libudev.so* -t "$srcdir/dest"/libudev/usr/lib/ + mv "$srcdir/dest"/systemd/usr/share/man/man3/*udev* -t "$srcdir/dest"/libudev/usr/share/man/man3/ + + local nssmodule + for nssmodule in myhostname mymachines resolve; do + install -dm755 "$srcdir/dest/nss-$nssmodule"/usr/{lib,share/man/man8} + mv -T "$srcdir/dest"/{systemd,nss-$nssmodule}/usr/share/man/man8/nss-$nssmodule.8 + mv "$srcdir/dest"/systemd/usr/lib/libnss_$nssmodule.so* -t "$srcdir/dest"/nss-$nssmodule/usr/lib/ + done + + install -dm755 "$srcdir/dest/systemd-sysvcompat"/usr/share/man/man8 + mv "$srcdir/dest/systemd"/usr/share/man/man8/{telinit,halt,reboot,poweroff,runlevel,shutdown}.8 \ + -t "$srcdir/dest/systemd-sysvcompat"/usr/share/man/man8 + + rmdir "$srcdir/dest"/systemd/usr/{share/man/man3,lib/pkgconfig,include} } package_systemd-knock() { @@ -106,9 +170,9 @@ package_systemd-knock() { depends=('acl' 'bash' 'dbus' 'iptables' 'kbd' 'kmod' 'hwids' 'libcap' 'libgcrypt' 'libsystemd-knock' 'libidn' 'lz4' 'pam' 'libelf' 'libseccomp' 'util-linux' 'xz') - provides=('nss-myhostname' "systemd-tools=$pkgver" "udev=$pkgver" "systemd=$pkgver") - replaces=('nss-myhostname' 'systemd-tools' 'udev') - conflicts=('nss-myhostname' 'systemd-tools' 'udev' 'systemd') + provides=("systemd-tools=$pkgver" "udev=$pkgver" "systemd=$pkgver") + replaces=('systemd-tools' 'udev') + conflicts=('systemd-tools' 'udev' 'systemd') optdepends=('cryptsetup: required for encrypted block devices' 'libmicrohttpd: remote journald capabilities' 'quota-tools: kernel-level quota management' @@ -123,7 +187,6 @@ package_systemd-knock() { etc/dbus-1/system.d/org.freedesktop.import1.conf etc/dbus-1/system.d/org.freedesktop.network1.conf etc/pam.d/systemd-user - etc/systemd/bootchart.conf etc/systemd/coredump.conf etc/systemd/journald.conf etc/systemd/journal-remote.conf @@ -136,7 +199,7 @@ package_systemd-knock() { etc/udev/udev.conf) install="systemd.install" - make -C "$_pkgbase" DESTDIR="$pkgdir" install + cp -rT -d --no-preserve=ownership,timestamp "$srcdir/dest/$_pkgbase" "$pkgdir" # don't write units to /etc by default. some of these will be re-enabled on # post_install. @@ -174,26 +237,70 @@ package_systemd-knock() { # ship default policy to leave services disabled echo 'disable *' >"$pkgdir"/usr/lib/systemd/system-preset/99-default.preset - ### manpages shipped with systemd-sysvcompat - rm "$pkgdir"/usr/share/man/man8/{telinit,halt,reboot,poweroff,runlevel,shutdown}.8 - - ### runtime libraries shipped with libsystemd - rm "$pkgdir"/usr/lib/lib{nss,systemd,udev}*.so* - # add example bootctl configuration install -Dm644 "$srcdir/parabola.conf" "$pkgdir"/usr/share/systemd/bootctl/parabola.conf install -Dm644 "$srcdir/loader.conf" "$pkgdir"/usr/share/systemd/bootctl/loader.conf install -Dm644 "$srcdir/splash-parabola.bmp" "$pkgdir"/usr/share/systemd/bootctl/splash-parabola.bmp + + install -Dm644 "$srcdir/udev-hwdb.hook" "$pkgdir/usr/share/libalpm/hooks/udev-hwdb.hook" } package_libsystemd-knock() { - pkgdesc="systemd client libraries with support for stealth TCP sockets" - depends=('glibc' 'libcap' 'libgcrypt' 'lz4' 'xz') + pkgdesc="systemd client libraries metapackage" + depends=(libsystemd-knock-standalone libudev-knock nss-knock-myhostname nss-knock-mymachines nss-knock-resolve) license=('GPL2') - provides=('libsystemd.so' 'libudev.so' "libsystemd=$pkgver") + provides=("libsystemd=$pkgver") conflicts=('libsystemd') +} + +package_libsystemd-knock-standalone() { + pkgdesc="systemd client library" + depends=('glibc' 'libcap' 'libgcrypt' 'lz4' 'xz') + license=('GPL2') + provides=('libsystemd.so' "libsystemd-standalone=$pkgver") + conflicts=('libsystemd-standalone') + + cp -rT -d --no-preserve=ownership,timestamp "$srcdir/dest/libsystemd" "$pkgdir" +} + +package_libudev-knock() { + pkgdesc="systemd library for enumerating and introspecting local devices" + depends=('glibc' 'libcap') + license=('GPL2') + provides=('libudev.so' "libudev=$pkgver") + conflicts=('libudev-knock') + + cp -rT -d --no-preserve=ownership,timestamp "$srcdir/dest/$_pkgbase" "$pkgdir" +} + +package_nss-knock-myhostname() { + pkgdesc="NSS module providing hostname resolution for the locally configured system hostname" + depends=('glibc' 'libcap') + license=('GPL2') + provides=("nss-myhostname=$pkgver") + conflicts=('nss-myhostname') + + cp -rT -d --no-preserve=ownership,timestamp "$srcdir/dest/$_pkgbase" "$pkgdir" +} + +package_nss-knock-mymachines() { + pkgdesc="NSS module providing hostname resolution for local systemd-machined container instances" + depends=('glibc' 'libcap') + license=('GPL2') + provides=("nss-mymachines=$pkgver") + conflicts=('nss-mymachines') + + cp -rT -d --no-preserve=ownership,timestamp "$srcdir/dest/$_pkgbase" "$pkgdir" +} + +package_nss-knock-resolve() { + pkgdesc="NSS module providing hostname resolution via systemd-resolved" + depends=('glibc' 'libcap') + license=('GPL2') + provides=("nss-resolve=$pkgver") + conflicts=('nss-resolve') - make -C "$_pkgbase" DESTDIR="$pkgdir" install-libLTLIBRARIES + cp -rT -d --no-preserve=ownership,timestamp "$srcdir/dest/$_pkgbase" "$pkgdir" } package_systemd-knock-sysvcompat() { @@ -203,10 +310,7 @@ package_systemd-knock-sysvcompat() { conflicts=('sysvinit' 'systemd-sysvcompat') depends=('systemd-knock') - install -dm755 "$pkgdir"/usr/share/man/man8 - cp -d --no-preserve=ownership,timestamp \ - "$_pkgbase"/man/{telinit,halt,reboot,poweroff,runlevel,shutdown}.8 \ - "$pkgdir"/usr/share/man/man8 + cp -rT -d --no-preserve=ownership,timestamp "$srcdir/dest/$_pkgbase" "$pkgdir" install -dm755 "$pkgdir/usr/bin" for tool in runlevel reboot shutdown poweroff halt telinit; do |