From 2177ff89a456de6f013273944725be16a2cc2fea Mon Sep 17 00:00:00 2001 From: André Fabian Silva Delgado Date: Tue, 31 Jan 2017 22:56:46 -0300 Subject: systemd-232-8.parabola1: add hook for ConditionNeedsUpdate and update hwdb hook --- libre/systemd/PKGBUILD | 13 ++++++++----- libre/systemd/systemd-hwdb.hook | 11 +++++++++++ libre/systemd/systemd-update.hook | 11 +++++++++++ libre/systemd/systemd.install | 10 ++++++++++ libre/systemd/udev-hwdb.hook | 11 ----------- 5 files changed, 40 insertions(+), 16 deletions(-) create mode 100644 libre/systemd/systemd-hwdb.hook create mode 100644 libre/systemd/systemd-update.hook delete mode 100644 libre/systemd/udev-hwdb.hook (limited to 'libre/systemd') diff --git a/libre/systemd/PKGBUILD b/libre/systemd/PKGBUILD index e939c59a5..b2d3aa997 100644 --- a/libre/systemd/PKGBUILD +++ b/libre/systemd/PKGBUILD @@ -7,12 +7,12 @@ pkgbase=systemd pkgname=('systemd' 'libsystemd' 'systemd-sysvcompat' 'libsystemd-standalone' 'libudev' 'nss-myhostname' 'nss-mymachines' 'nss-resolve') pkgver=232 -pkgrel=7.parabola1 +pkgrel=8.parabola1 arch=('i686' 'x86_64' 'armv7h') url="https://www.github.com/systemd/systemd" makedepends=('acl' 'cryptsetup' 'docbook-xsl' 'gperf' 'lz4' 'xz' 'pam' 'libelf' 'intltool' 'iptables' 'kmod' 'libcap' 'libidn' 'libgcrypt' - 'libmicrohttpd' 'libxslt' 'util-linux' 'linux-api-headers' + 'libmicrohttpd' 'libxslt' 'util-linux' 'linux-libre-api-headers' 'python-lxml' 'quota-tools' 'shadow' 'git') makedepends_i686=('gnu-efi-libs') makedepends_x86_64=('gnu-efi-libs') @@ -24,9 +24,10 @@ source=("git://github.com/systemd/systemd.git#tag=v$pkgver" 'parabola.conf' 'loader.conf' 'systemd-user.pam' + 'systemd-hwdb.hook' 'systemd-sysusers.hook' 'systemd-tmpfiles.hook' - 'udev-hwdb.hook' + 'systemd-update.hook' '0001-disable-RestrictAddressFamilies-on-i686.patch' '0001-Revert-nspawn-try-to-bind-mount-resolved-s-resolv.co.patch' '0001-nspawn-don-t-hide-bind-tmp-mounts.patch' @@ -44,9 +45,10 @@ sha512sums=('SKIP' '70b3f1d6aaa9cd4b6b34055a587554770c34194100b17b2ef3aaf4f16f68da0865f6b3ae443b3252d395e80efabd412b763259ffb76c902b60e23b6b522e3cc8' '6c6f579644ea2ebb6b46ee274ab15110718b0de40def8c30173ba8480b045d403f2aedd15b50ad9b96453f4ad56920d1350ff76563755bb9a80b10fa7f64f1d9' 'b90c99d768dc2a4f020ba854edf45ccf1b86a09d2f66e475de21fe589ff7e32c33ef4aa0876d7f1864491488fd7edb2682fc0d68e83a6d4890a0778dc2d6fe19' + '2c1f765e7cefc50f07ad994634ea25d9396e6b9c0de46e58f18377e642a471517a0dbf5eb547070a38c6ecf84ec8e030f650a6cee010871cd7a466a32534adda' '9d27d97f172a503f5b7044480a0b9ccc0c4ed5dbb2eb3b2b1aa929332c3bcfe38ef0c0310b6566f23b34f9c05b77035221164a7ab7677784c4a54664f12fca22' '0f4efddd25256e09c42b953caeee4b93eb49ecc6eaebf02e616b4dcbfdac9860c3d8a3d1a106325b2ebc4dbc6e08ac46702abcb67a06737227ccb052aaa2a067' - '888ab01bc6e09beb08d7126472c34c9e1aa35ea34e62a09e900ae34c93b1de2fcc988586efd8d0dc962393974f45c77b206d59a86cf53e370f061bf9a1b1a862' + '10190fba9f39a8f4b620a0829e0ba8ed63bb4dbeca712966011ee7807880d01ab2abff1a80baafeb6674db70526a473fe585db8190e864f318fc4d6068552618' '89f9b2d3918c679ce4f76c2b10dc7fcb7e04f1925a5f92542f06891de2a123a91df7eb67fd4ce71506a8132f5440b3560b7bb667e1c1813944b115c1dfe35e3f' 'b993a42c5534582631f7b379d54f6abc37e3aaa56ecf869a6d86ff14ae5a52628f4e447b6a30751bc1c14c30cec63a5c6d0aa268362d235ed477b639cac3a219' '68478403433aafc91a03fda5d83813d2ed1dfc6ab7416b2927a803314ecf826edcb6c659587e74df65de3ccb1edf958522f56ff9ac461a1f696b6dede1d4dd35' @@ -268,9 +270,10 @@ package_systemd() { install -Dm644 "$srcdir/loader.conf" "$pkgdir"/usr/share/systemd/bootctl/loader.conf install -Dm644 "$srcdir/splash-parabola.bmp" "$pkgdir"/usr/share/systemd/bootctl/splash-parabola.bmp + install -Dm644 "$srcdir/systemd-hwdb.hook" "$pkgdir/usr/share/libalpm/hooks/systemd-hwdb.hook" install -Dm644 "$srcdir/systemd-sysusers.hook" "$pkgdir/usr/share/libalpm/hooks/systemd-sysusers.hook" install -Dm644 "$srcdir/systemd-tmpfiles.hook" "$pkgdir/usr/share/libalpm/hooks/systemd-tmpfiles.hook" - install -Dm644 "$srcdir/udev-hwdb.hook" "$pkgdir/usr/share/libalpm/hooks/udev-hwdb.hook" + install -Dm644 "$srcdir/systemd-update.hook" "$pkgdir/usr/share/libalpm/hooks/systemd-update.hook" # overwrite the systemd-user PAM configuration with our own install -Dm644 systemd-user.pam "$pkgdir/etc/pam.d/systemd-user" diff --git a/libre/systemd/systemd-hwdb.hook b/libre/systemd/systemd-hwdb.hook new file mode 100644 index 000000000..d7c987724 --- /dev/null +++ b/libre/systemd/systemd-hwdb.hook @@ -0,0 +1,11 @@ +[Trigger] +Type = File +Operation = Install +Operation = Upgrade +Operation = Remove +Target = usr/lib/udev/hwdb.d/* + +[Action] +Description = Updating udev hardware database... +When = PostTransaction +Exec = /usr/bin/systemd-hwdb --usr update diff --git a/libre/systemd/systemd-update.hook b/libre/systemd/systemd-update.hook new file mode 100644 index 000000000..3697fbd70 --- /dev/null +++ b/libre/systemd/systemd-update.hook @@ -0,0 +1,11 @@ +[Trigger] +Type = File +Operation = Install +Operation = Upgrade +Operation = Remove +Target = usr/ + +[Action] +Description = Arming ConditionNeedsUpdate... +When = PostTransaction +Exec = /usr/bin/touch -c /usr diff --git a/libre/systemd/systemd.install b/libre/systemd/systemd.install index b59de2008..f799c882d 100644 --- a/libre/systemd/systemd.install +++ b/libre/systemd/systemd.install @@ -36,6 +36,15 @@ _230_1_changes() { echo ':: systemd-bootchart is no longer included with systemd' } +_232_8_changes() { + # paper over possible effects of CVE-2016-10156 + local stamps=(/var/lib/systemd/timers/*.timer) + + if [[ -f ${stamps[0]} ]]; then + chmod 0644 "${stamps[@]}" + fi +} + post_install() { systemd-machine-id-setup @@ -68,6 +77,7 @@ post_upgrade() { 219-2 219-4 230-1 + 232-8 ) for v in "${upgrades[@]}"; do diff --git a/libre/systemd/udev-hwdb.hook b/libre/systemd/udev-hwdb.hook deleted file mode 100644 index 7bc055b4e..000000000 --- a/libre/systemd/udev-hwdb.hook +++ /dev/null @@ -1,11 +0,0 @@ -[Trigger] -Type = File -Operation = Install -Operation = Upgrade -Operation = Remove -Target = usr/lib/udev/hwdb.d/* - -[Action] -Description = Updating udev Hardware Database... -When = PostTransaction -Exec = /usr/bin/udevadm hwdb --update -- cgit v1.2.3