summarylogtreecommitdiffstats
diff options
context:
space:
mode:
authorNicolas Iooss2014-11-15 12:14:07 +0100
committerNicolas Iooss2015-06-27 11:44:58 +0800
commit5324fc18a5e684975aeff9bedac51c61dff0044d (patch)
treeb5beab7635b81cc9ad7703bb4205350f8fb804c5
parent84ce108e32ccd3d6aa4799fc30467e8dadaf5f03 (diff)
downloadaur-5324fc18a5e684975aeff9bedac51c61dff0044d.tar.gz
systemd-selinux 217-6 update
Diffstat
-rw-r--r--.SRCINFO47
-rw-r--r--0001-nspawn-ignore-EEXIST-when-creating-mount-point.patch33
-rw-r--r--0001-sd-bus-properly-handle-removals-of-non-existing-matc.patch25
-rw-r--r--0001-sd-dhcp-client-clean-up-raw-socket-sd_event_source-w.patch31
-rw-r--r--0001-shared-install-avoid-prematurely-rejecting-missing-u.patch39
-rw-r--r--0001-shutdown-fix-arguments-to-run-initramfs-shutdown.patch68
-rw-r--r--0001-units-don-t-order-journal-flushing-afte-remote-fs.ta.patch31
-rw-r--r--0001-units-make-systemd-journald.service-Type-notify.patch35
-rw-r--r--0001-units-order-sd-journal-flush-after-sd-remount-fs.patch29
-rw-r--r--PKGBUILD64
-rw-r--r--initcpio-install-systemd34
11 files changed, 391 insertions, 45 deletions
diff --git a/.SRCINFO b/.SRCINFO
index 0a9fb50078f6..a919c7f16f99 100644
--- a/.SRCINFO
+++ b/.SRCINFO
@@ -1,6 +1,6 @@
pkgbase = systemd-selinux
- pkgver = 216
- pkgrel = 3
+ pkgver = 217
+ pkgrel = 6
url = http://www.freedesktop.org/wiki/Software/systemd
arch = i686
arch = x86_64
@@ -14,11 +14,13 @@ pkgbase = systemd-selinux
makedepends = intltool
makedepends = kmod
makedepends = libcap
+ makedepends = libidn
makedepends = libgcrypt
makedepends = libmicrohttpd
makedepends = libxslt
- makedepends = libutil-linux
+ makedepends = util-linux
makedepends = linux-api-headers
+ makedepends = lz4
makedepends = pam-selinux
makedepends = python
makedepends = python-lxml
@@ -28,13 +30,29 @@ pkgbase = systemd-selinux
makedepends = libselinux
options = strip
options = debug
- source = http://www.freedesktop.org/software/systemd/systemd-216.tar.xz
+ source = http://www.freedesktop.org/software/systemd/systemd-217.tar.xz
+ source = 0001-nspawn-ignore-EEXIST-when-creating-mount-point.patch
+ source = 0001-sd-dhcp-client-clean-up-raw-socket-sd_event_source-w.patch
+ source = 0001-shared-install-avoid-prematurely-rejecting-missing-u.patch
+ source = 0001-sd-bus-properly-handle-removals-of-non-existing-matc.patch
+ source = 0001-units-don-t-order-journal-flushing-afte-remote-fs.ta.patch
+ source = 0001-units-order-sd-journal-flush-after-sd-remount-fs.patch
+ source = 0001-units-make-systemd-journald.service-Type-notify.patch
+ source = 0001-shutdown-fix-arguments-to-run-initramfs-shutdown.patch
source = initcpio-hook-udev
source = initcpio-install-systemd
source = initcpio-install-udev
- md5sums = 04fda588a04f549da0f397dce3ae6a39
+ md5sums = e68dbff3cc19f66e341572d9fb2ffa89
+ md5sums = ca9e33118fd8d456563854d95512a577
+ md5sums = ade8c1b5b2c85d0a83b7bcf5aa6d131a
+ md5sums = 7aaf44ce842deb449fca0f2595bbc1e4
+ md5sums = 4adc3ddce027693bafa53089322e859b
+ md5sums = 42ff9d59bb057637355b202157d59991
+ md5sums = 92497d06e0af615be4b368fe615109c0
+ md5sums = a321d62d6ffada9e6976bdd339fa3219
+ md5sums = f72e8d086172177c224f0ce48ef54222
md5sums = 29245f7a240bfba66e2b1783b63b6b40
- md5sums = 66cca7318e13eaf37c5b7db2efa69846
+ md5sums = 107c489f27c667be4101aecd3369b355
md5sums = bde43090d4ac0ef048e3eaee8202a407
pkgname = systemd-selinux
@@ -53,9 +71,11 @@ pkgname = systemd-selinux
depends = libcap
depends = libgcrypt
depends = libsystemd-selinux
+ depends = libidn
+ depends = lz4
depends = pam-selinux
depends = libseccomp
- depends = libutil-linux-selinux
+ depends = util-linux-selinux
depends = xz
depends = libselinux
optdepends = python: systemd library bindings
@@ -63,10 +83,11 @@ pkgname = systemd-selinux
optdepends = libmicrohttpd: remote journald capabilities
optdepends = quota-tools: kernel-level quota management
optdepends = systemd-sysvcompat: symlink package to provide sysvinit binaries
+ optdepends = polkit: allow administration as unprivileged user
provides = nss-myhostname
- provides = systemd-tools=216
- provides = udev=216
- provides = systemd=216-3
+ provides = systemd-tools=217
+ provides = udev=217
+ provides = systemd=217-6
conflicts = nss-myhostname
conflicts = systemd-tools
conflicts = udev
@@ -107,15 +128,15 @@ pkgname = libsystemd-selinux
provides = libsystemd-journal.so
provides = libsystemd-login.so
provides = libudev.so
- provides = libsystemd=216-3
+ provides = libsystemd=217-6
conflicts = libsystemd
pkgname = systemd-sysvcompat-selinux
pkgdesc = sysvinit compat for systemd with SELinux support
license = GPL2
depends = systemd-selinux
- provides = systemd-sysvcompat=216-3
- provides = selinux-systemd-sysvcompat=216-3
+ provides = systemd-sysvcompat=217-6
+ provides = selinux-systemd-sysvcompat=217-6
conflicts = sysvinit
conflicts = systemd-sysvcompat
conflicts = selinux-systemd-sysvcompat
diff --git a/0001-nspawn-ignore-EEXIST-when-creating-mount-point.patch b/0001-nspawn-ignore-EEXIST-when-creating-mount-point.patch
new file mode 100644
index 000000000000..86817596b20e
--- /dev/null
+++ b/0001-nspawn-ignore-EEXIST-when-creating-mount-point.patch
@@ -0,0 +1,33 @@
+From 1ab19cb167b32967556eefd8f6d3df0e3de7d67d Mon Sep 17 00:00:00 2001
+From: Dave Reisner <dreisner@archlinux.org>
+Date: Wed, 29 Oct 2014 13:32:43 -0400
+Subject: [PATCH] nspawn: ignore EEXIST when creating mount point
+
+A combination of commits f3c80515c and 79d80fc14 cause nspawn to
+silently fail with a commandline such as:
+
+ # systemd-nspawn -D /build/extra-x86_64 --bind=/usr
+
+strace shows the culprit:
+
+ [pid 27868] writev(2, [{"Failed to create mount point /build/extra-x86_64/usr: File exists", 82}, {"\n", 1}], 2) = 83
+---
+ src/nspawn/nspawn.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/src/nspawn/nspawn.c b/src/nspawn/nspawn.c
+index b6d9bc6..d88987a 100644
+--- a/src/nspawn/nspawn.c
++++ b/src/nspawn/nspawn.c
+@@ -758,7 +758,7 @@ static int mount_binds(const char *dest, char **l, bool ro) {
+ * and char devices. */
+ if (S_ISDIR(source_st.st_mode)) {
+ r = mkdir_label(where, 0755);
+- if (r < 0) {
++ if (r < 0 && errno != EEXIST) {
+ log_error("Failed to create mount point %s: %s", where, strerror(-r));
+
+ return r;
+--
+2.1.2
+
diff --git a/0001-sd-bus-properly-handle-removals-of-non-existing-matc.patch b/0001-sd-bus-properly-handle-removals-of-non-existing-matc.patch
new file mode 100644
index 000000000000..fc8f16a79cf9
--- /dev/null
+++ b/0001-sd-bus-properly-handle-removals-of-non-existing-matc.patch
@@ -0,0 +1,25 @@
+From ef7b6c0190fefaacf6d8f8e1a6dda4ba8b98091b Mon Sep 17 00:00:00 2001
+From: Lennart Poettering <lennart@poettering.net>
+Date: Wed, 29 Oct 2014 17:58:43 +0100
+Subject: [PATCH] sd-bus: properly handle removals of non-existing matches
+
+---
+ src/libsystemd/sd-bus/bus-match.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/src/libsystemd/sd-bus/bus-match.c b/src/libsystemd/sd-bus/bus-match.c
+index 18afe0f..5658c61 100644
+--- a/src/libsystemd/sd-bus/bus-match.c
++++ b/src/libsystemd/sd-bus/bus-match.c
+@@ -537,7 +537,7 @@ static int bus_match_find_compare_value(
+ else if (BUS_MATCH_CAN_HASH(t))
+ n = hashmap_get(c->compare.children, value_str);
+ else {
+- for (n = c->child; !value_node_same(n, t, value_u8, value_str); n = n->next)
++ for (n = c->child; n && !value_node_same(n, t, value_u8, value_str); n = n->next)
+ ;
+ }
+
+--
+2.1.3
+
diff --git a/0001-sd-dhcp-client-clean-up-raw-socket-sd_event_source-w.patch b/0001-sd-dhcp-client-clean-up-raw-socket-sd_event_source-w.patch
new file mode 100644
index 000000000000..3d72b5df2dd0
--- /dev/null
+++ b/0001-sd-dhcp-client-clean-up-raw-socket-sd_event_source-w.patch
@@ -0,0 +1,31 @@
+From d5a248dbe933c5cbe3ba3d0c5eb8a035018ba6af Mon Sep 17 00:00:00 2001
+From: Dan Williams <dcbw@redhat.com>
+Date: Thu, 30 Oct 2014 14:23:00 -0500
+Subject: [PATCH] sd-dhcp-client: clean up raw socket sd_event_source when
+ creating new UDP socket
+
+The raw socket sd_event_source used for DHCP server solicitations
+was simply dropped on the floor when creating the new UDP socket
+after a lease has been acquired. Clean it up properly so we're
+not still listening and responding to events on it.
+---
+ src/libsystemd-network/sd-dhcp-client.c | 3 +++
+ 1 file changed, 3 insertions(+)
+
+diff --git a/src/libsystemd-network/sd-dhcp-client.c b/src/libsystemd-network/sd-dhcp-client.c
+index 0eba4c3..1f7f238 100644
+--- a/src/libsystemd-network/sd-dhcp-client.c
++++ b/src/libsystemd-network/sd-dhcp-client.c
+@@ -1269,6 +1269,9 @@ static int client_handle_message(sd_dhcp_client *client, DHCPMessage *message,
+ if (r >= 0) {
+ client->timeout_resend =
+ sd_event_source_unref(client->timeout_resend);
++ client->receive_message =
++ sd_event_source_unref(client->receive_message);
++ client->fd = asynchronous_close(client->fd);
+
+ if (IN_SET(client->state, DHCP_STATE_REQUESTING,
+ DHCP_STATE_REBOOTING))
+--
+2.1.3
+
diff --git a/0001-shared-install-avoid-prematurely-rejecting-missing-u.patch b/0001-shared-install-avoid-prematurely-rejecting-missing-u.patch
new file mode 100644
index 000000000000..6ea9c7ccaf2a
--- /dev/null
+++ b/0001-shared-install-avoid-prematurely-rejecting-missing-u.patch
@@ -0,0 +1,39 @@
+From 0ffce503cd6e5a5ff5ba5cd1cc23684cfb8bb9e3 Mon Sep 17 00:00:00 2001
+From: Dave Reisner <dreisner@archlinux.org>
+Date: Thu, 30 Oct 2014 20:12:05 -0400
+Subject: [PATCH] shared/install: avoid prematurely rejecting "missing" units
+
+f7101b7368df copied some logic to prevent enabling masked units, but
+also added a check which causes attempts to enable templated units to
+fail. Since we know the logic beyond this check will properly handle
+units which truly do not exist, we can rely on the unit file state
+comparison to suffice for expressing the intent of f7101b7368df.
+
+ref: https://bugs.archlinux.org/task/42616
+---
+ src/shared/install.c | 8 +++-----
+ 1 file changed, 3 insertions(+), 5 deletions(-)
+
+diff --git a/src/shared/install.c b/src/shared/install.c
+index 035b44c..cab93e8 100644
+--- a/src/shared/install.c
++++ b/src/shared/install.c
+@@ -1620,12 +1620,10 @@ int unit_file_enable(
+ STRV_FOREACH(i, files) {
+ UnitFileState state;
+
++ /* We only want to know if this unit is masked, so we ignore
++ * errors from unit_file_get_state, deferring other checks.
++ * This allows templated units to be enabled on the fly. */
+ state = unit_file_get_state(scope, root_dir, *i);
+- if (state < 0) {
+- log_error("Failed to get unit file state for %s: %s", *i, strerror(-state));
+- return state;
+- }
+-
+ if (state == UNIT_FILE_MASKED || state == UNIT_FILE_MASKED_RUNTIME) {
+ log_error("Failed to enable unit: Unit %s is masked", *i);
+ return -ENOTSUP;
+--
+2.1.3
+
diff --git a/0001-shutdown-fix-arguments-to-run-initramfs-shutdown.patch b/0001-shutdown-fix-arguments-to-run-initramfs-shutdown.patch
new file mode 100644
index 000000000000..5d48d17bc69b
--- /dev/null
+++ b/0001-shutdown-fix-arguments-to-run-initramfs-shutdown.patch
@@ -0,0 +1,68 @@
+From 4b5d8d0f22ae61ceb45a25391354ba53b43ee992 Mon Sep 17 00:00:00 2001
+From: Michal Schmidt <mschmidt@redhat.com>
+Date: Thu, 6 Nov 2014 22:24:13 +0100
+Subject: [PATCH] shutdown: fix arguments to /run/initramfs/shutdown
+
+Our initrd interface specifies that the verb is in argv[1].
+This is where systemd passes it to systemd-shutdown, but getopt
+permutes argv[]. This confuses dracut's shutdown script:
+ Shutdown called with argument '--log-level'. Rebooting!
+
+getopt can be convinced to not permute argv[] by having '-' as the first
+character of optstring. Let's use it. This requires changing the way
+non-option arguments (in our case, the verb) are processed.
+
+This fixes a bug where the system would reboot instead of powering off.
+---
+ src/core/shutdown.c | 17 +++++++++++------
+ 1 file changed, 11 insertions(+), 6 deletions(-)
+
+diff --git a/src/core/shutdown.c b/src/core/shutdown.c
+index dd11ae3..48ed7fa 100644
+--- a/src/core/shutdown.c
++++ b/src/core/shutdown.c
+@@ -75,7 +75,9 @@ static int parse_argv(int argc, char *argv[]) {
+ assert(argc >= 1);
+ assert(argv);
+
+- while ((c = getopt_long(argc, argv, "", options, NULL)) >= 0)
++ /* "-" prevents getopt from permuting argv[] and moving the verb away
++ * from argv[1]. Our interface to initrd promises it'll be there. */
++ while ((c = getopt_long(argc, argv, "-", options, NULL)) >= 0)
+ switch (c) {
+
+ case ARG_LOG_LEVEL:
+@@ -113,6 +115,13 @@ static int parse_argv(int argc, char *argv[]) {
+
+ break;
+
++ case '\001':
++ if (!arg_verb)
++ arg_verb = optarg;
++ else
++ log_error("Excess arguments, ignoring");
++ break;
++
+ case '?':
+ return -EINVAL;
+
+@@ -120,15 +129,11 @@ static int parse_argv(int argc, char *argv[]) {
+ assert_not_reached("Unhandled option code.");
+ }
+
+- if (optind >= argc) {
++ if (!arg_verb) {
+ log_error("Verb argument missing.");
+ return -EINVAL;
+ }
+
+- arg_verb = argv[optind];
+-
+- if (optind + 1 < argc)
+- log_error("Excess arguments, ignoring");
+ return 0;
+ }
+
+--
+2.1.3
+
diff --git a/0001-units-don-t-order-journal-flushing-afte-remote-fs.ta.patch b/0001-units-don-t-order-journal-flushing-afte-remote-fs.ta.patch
new file mode 100644
index 000000000000..0be955ec7c1d
--- /dev/null
+++ b/0001-units-don-t-order-journal-flushing-afte-remote-fs.ta.patch
@@ -0,0 +1,31 @@
+From 919699ec301ea507edce4a619141ed22e789ac0d Mon Sep 17 00:00:00 2001
+From: Lennart Poettering <lennart@poettering.net>
+Date: Fri, 31 Oct 2014 16:22:36 +0100
+Subject: [PATCH] units: don't order journal flushing afte remote-fs.target
+
+Instead, only depend on the actual file systems we need.
+
+This should solve dep loops on setups where remote-fs.target is moved
+into late boot.
+---
+ units/systemd-journal-flush.service.in | 3 ++-
+ 1 file changed, 2 insertions(+), 1 deletion(-)
+
+diff --git a/units/systemd-journal-flush.service.in b/units/systemd-journal-flush.service.in
+index 699670b..2612220 100644
+--- a/units/systemd-journal-flush.service.in
++++ b/units/systemd-journal-flush.service.in
+@@ -10,8 +10,9 @@ Description=Trigger Flushing of Journal to Persistent Storage
+ Documentation=man:systemd-journald.service(8) man:journald.conf(5)
+ DefaultDependencies=no
+ Requires=systemd-journald.service
+-After=systemd-journald.service local-fs.target remote-fs.target
++After=systemd-journald.service
+ Before=systemd-user-sessions.service systemd-tmpfiles-setup.service
++RequiresMountsFor=/var/log/journal
+
+ [Service]
+ ExecStart=@rootbindir@/journalctl --flush
+--
+2.1.3
+
diff --git a/0001-units-make-systemd-journald.service-Type-notify.patch b/0001-units-make-systemd-journald.service-Type-notify.patch
new file mode 100644
index 000000000000..820b23fbfa28
--- /dev/null
+++ b/0001-units-make-systemd-journald.service-Type-notify.patch
@@ -0,0 +1,35 @@
+From a87a38c20196a4aeb56b6ba71d688eefd0b21c30 Mon Sep 17 00:00:00 2001
+From: Michal Schmidt <mschmidt@redhat.com>
+Date: Tue, 4 Nov 2014 20:28:08 +0100
+Subject: [PATCH] units: make systemd-journald.service Type=notify
+
+It already calls sd_notify(), so it looks like an oversight.
+
+Without it, its ordering to systemd-journal-flush.service is
+non-deterministic and the SIGUSR1 from flushing may kill journald before
+it has its signal handlers set up.
+
+https://bugs.freedesktop.org/show_bug.cgi?id=85871
+https://bugzilla.redhat.com/show_bug.cgi?id=1159641
+---
+(foutrelis: dropped systemd-journald-audit.socket from Sockets= in order to
+ apply to systemd 217)
+
+ units/systemd-journald.service.in | 1 +
+ 1 file changed, 1 insertion(+)
+
+diff --git a/units/systemd-journald.service.in b/units/systemd-journald.service.in
+index 7ee67fd..8d380c8 100644
+--- a/units/systemd-journald.service.in
++++ b/units/systemd-journald.service.in
+@@ -14,6 +14,7 @@ After=systemd-journald.socket systemd-journald-dev-log.socket systemd-journald-a
+ Before=sysinit.target
+
+ [Service]
++Type=notify
+ Sockets=systemd-journald.socket systemd-journald-dev-log.socket
+ ExecStart=@rootlibexecdir@/systemd-journald
+ Restart=always
+--
+2.1.3
+
diff --git a/0001-units-order-sd-journal-flush-after-sd-remount-fs.patch b/0001-units-order-sd-journal-flush-after-sd-remount-fs.patch
new file mode 100644
index 000000000000..b288b5765cdb
--- /dev/null
+++ b/0001-units-order-sd-journal-flush-after-sd-remount-fs.patch
@@ -0,0 +1,29 @@
+From 1f1926aa5e836caa3bd6df43704aecd606135103 Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= <zbyszek@in.waw.pl>
+Date: Sun, 2 Nov 2014 21:45:42 -0500
+Subject: [PATCH] units: order sd-journal-flush after sd-remount-fs
+
+Otherwise we could attempt to flush the journal while /var/log/ was
+still ro, and silently skip journal flushing.
+
+The way that errors in flushing are handled should still be changed to
+be more transparent and robust.
+---
+ units/systemd-journal-flush.service.in | 1 +
+ 1 file changed, 1 insertion(+)
+
+diff --git a/units/systemd-journal-flush.service.in b/units/systemd-journal-flush.service.in
+index fa29089..98c91b4 100644
+--- a/units/systemd-journal-flush.service.in
++++ b/units/systemd-journal-flush.service.in
+@@ -11,6 +11,7 @@ Documentation=man:systemd-journald.service(8) man:journald.conf(5)
+ DefaultDependencies=no
+ Requires=systemd-journald.service
+ After=systemd-journald.service
++After=systemd-remount-fs.service
+ Before=systemd-user-sessions.service systemd-tmpfiles-setup.service
+ RequiresMountsFor=/var/log/journal
+
+--
+2.1.3
+
diff --git a/PKGBUILD b/PKGBUILD
index 32558f2384c5..f898d45dd276 100644
--- a/PKGBUILD
+++ b/PKGBUILD
@@ -6,28 +6,60 @@
pkgbase=systemd-selinux
pkgname=('systemd-selinux' 'libsystemd-selinux' 'systemd-sysvcompat-selinux')
-pkgver=216
-pkgrel=3
+pkgver=217
+pkgrel=6
arch=('i686' 'x86_64')
url="http://www.freedesktop.org/wiki/Software/systemd"
groups=('selinux')
makedepends=('acl' 'cryptsetup' 'docbook-xsl' 'gobject-introspection' 'gperf'
- 'gtk-doc' 'intltool' 'kmod' 'libcap' 'libgcrypt' 'libmicrohttpd' 'libxslt'
- 'libutil-linux' 'linux-api-headers' 'pam-selinux' 'python' 'python-lxml' 'quota-tools'
- 'shadow-selinux' 'xz' 'libselinux')
+ 'gtk-doc' 'intltool' 'kmod' 'libcap' 'libidn' 'libgcrypt' 'libmicrohttpd'
+ 'libxslt' 'util-linux' 'linux-api-headers' 'lz4' 'pam-selinux' 'python'
+ 'python-lxml' 'quota-tools' 'shadow-selinux' 'xz' 'libselinux')
options=('strip' 'debug')
source=("http://www.freedesktop.org/software/${pkgname/-selinux}/${pkgname/-selinux}-$pkgver.tar.xz"
+ '0001-nspawn-ignore-EEXIST-when-creating-mount-point.patch'
+ '0001-sd-dhcp-client-clean-up-raw-socket-sd_event_source-w.patch'
+ '0001-shared-install-avoid-prematurely-rejecting-missing-u.patch'
+ '0001-sd-bus-properly-handle-removals-of-non-existing-matc.patch'
+ '0001-units-don-t-order-journal-flushing-afte-remote-fs.ta.patch'
+ '0001-units-order-sd-journal-flush-after-sd-remount-fs.patch'
+ '0001-units-make-systemd-journald.service-Type-notify.patch'
+ '0001-shutdown-fix-arguments-to-run-initramfs-shutdown.patch'
'initcpio-hook-udev'
'initcpio-install-systemd'
'initcpio-install-udev')
-md5sums=('04fda588a04f549da0f397dce3ae6a39'
+md5sums=('e68dbff3cc19f66e341572d9fb2ffa89'
+ 'ca9e33118fd8d456563854d95512a577'
+ 'ade8c1b5b2c85d0a83b7bcf5aa6d131a'
+ '7aaf44ce842deb449fca0f2595bbc1e4'
+ '4adc3ddce027693bafa53089322e859b'
+ '42ff9d59bb057637355b202157d59991'
+ '92497d06e0af615be4b368fe615109c0'
+ 'a321d62d6ffada9e6976bdd339fa3219'
+ 'f72e8d086172177c224f0ce48ef54222'
'29245f7a240bfba66e2b1783b63b6b40'
- '66cca7318e13eaf37c5b7db2efa69846'
+ '107c489f27c667be4101aecd3369b355'
'bde43090d4ac0ef048e3eaee8202a407')
+
+prepare() {
+ cd "${pkgname/-selinux}-$pkgver"
+
+ patch -Np1 <../0001-nspawn-ignore-EEXIST-when-creating-mount-point.patch
+ patch -Np1 <../0001-sd-dhcp-client-clean-up-raw-socket-sd_event_source-w.patch
+ patch -Np1 <../0001-shared-install-avoid-prematurely-rejecting-missing-u.patch
+ patch -Np1 <../0001-sd-bus-properly-handle-removals-of-non-existing-matc.patch
+ patch -Np1 <../0001-units-don-t-order-journal-flushing-afte-remote-fs.ta.patch
+ patch -Np1 <../0001-units-order-sd-journal-flush-after-sd-remount-fs.patch
+ patch -Np1 <../0001-units-make-systemd-journald.service-Type-notify.patch
+ patch -Np1 <../0001-shutdown-fix-arguments-to-run-initramfs-shutdown.patch
+}
+
build() {
cd "${pkgname/-selinux}-$pkgver"
+ local timeservers=({0..3}.arch.pool.ntp.org)
+
./configure \
--libexecdir=/usr/lib \
--localstatedir=/var \
@@ -35,13 +67,14 @@ build() {
--enable-audit \
--enable-introspection \
--enable-gtk-doc \
+ --enable-lz4 \
--enable-compat-libs \
--enable-selinux \
--disable-ima \
--disable-kdbus \
--with-sysvinit-path= \
--with-sysvrcnd-path= \
- --with-firmware-path="/usr/lib/firmware/updates:/usr/lib/firmware"
+ --with-ntp-servers="${timeservers[*]}"
make
}
@@ -54,8 +87,8 @@ package_systemd-selinux() {
pkgdesc="system and service manager with SELinux support"
license=('GPL2' 'LGPL2.1' 'MIT')
depends=('acl' 'bash' 'dbus' 'glib2' 'kbd' 'kmod' 'hwids' 'libcap' 'libgcrypt'
- 'libsystemd-selinux' 'pam-selinux' 'libseccomp'
- 'libutil-linux-selinux' 'xz' 'libselinux')
+ 'libsystemd-selinux' 'libidn' 'lz4' 'pam-selinux' 'libseccomp'
+ 'util-linux-selinux' 'xz' 'libselinux')
provides=('nss-myhostname' "systemd-tools=$pkgver" "udev=$pkgver"
"${pkgname/-selinux}=${pkgver}-${pkgrel}")
replaces=('nss-myhostname' 'systemd-tools' 'udev' 'selinux-systemd')
@@ -65,7 +98,8 @@ package_systemd-selinux() {
'cryptsetup: required for encrypted block devices'
'libmicrohttpd: remote journald capabilities'
'quota-tools: kernel-level quota management'
- 'systemd-sysvcompat: symlink package to provide sysvinit binaries')
+ 'systemd-sysvcompat: symlink package to provide sysvinit binaries'
+ 'polkit: allow administration as unprivileged user')
backup=(etc/dbus-1/system.d/org.freedesktop.systemd1.conf
etc/dbus-1/system.d/org.freedesktop.hostname1.conf
etc/dbus-1/system.d/org.freedesktop.login1.conf
@@ -173,12 +207,4 @@ package_systemd-sysvcompat-selinux() {
ln -s '../lib/systemd/systemd' "$pkgdir/usr/bin/init"
}
-workaround_for_the_aur_webinterface='
-pkgname="systemd-selinux"
-pkgdesc="System and service manager with SELinux support"
-depends=('acl' 'bash' 'dbus' 'glib2' 'kbd' 'kmod' 'hwids' 'libcap' 'libgcrypt'
- 'libsystemd-selinux' 'pam-selinux' 'libseccomp' 'libutil-linux-selinux'
- 'util-linux-selinux' 'xz' 'libselinux')
-'
-
# vim: ft=sh syn=sh et
diff --git a/initcpio-install-systemd b/initcpio-install-systemd
index 81ae8eb9731b..1ebca01a8de7 100644
--- a/initcpio-install-systemd
+++ b/initcpio-install-systemd
@@ -98,14 +98,17 @@ build() {
# from base
add_binary /bin/mount
add_binary /usr/bin/kmod /usr/bin/modprobe
-
- # systemd
add_binary /usr/lib/systemd/systemd /init
- add_binary /usr/bin/systemd-tmpfiles
+
+ map add_binary \
+ /usr/lib/systemd/systemd-hibernate-resume \
+ /usr/lib/systemd/system-generators/systemd-hibernate-resume-generator \
+ /usr/bin/systemd-tmpfiles
# generators
- add_file "/usr/lib/systemd/system-generators/systemd-fstab-generator"
- add_file "/usr/lib/systemd/system-generators/systemd-gpt-auto-generator"
+ map add_file \
+ /usr/lib/systemd/system-generators/systemd-fstab-generator \
+ /usr/lib/systemd/system-generators/systemd-gpt-auto-generator
# udev rules and systemd units
map add_udev_rule "$rules" \
@@ -113,10 +116,9 @@ build() {
60-persistent-storage.rules \
64-btrfs.rules \
80-drivers.rules \
- 99-systemd.rules \
+ 99-systemd.rules
map add_systemd_unit \
- ctrl-alt-del.target \
initrd-cleanup.service \
initrd-fs.target \
initrd-parse-etc.service \
@@ -126,24 +128,30 @@ build() {
initrd-udevadm-cleanup-db.service \
initrd.target \
kmod-static-nodes.service \
+ local-fs.target \
+ local-fs-pre.target \
+ paths.target \
+ slices.target \
sockets.target \
+ swap.target \
systemd-fsck@.service \
+ systemd-hibernate-resume@.service \
systemd-journald.service \
+ systemd-journald-dev-log.socket \
systemd-tmpfiles-setup-dev.service \
systemd-udev-trigger.service \
systemd-udevd-control.socket \
systemd-udevd-kernel.socket \
- systemd-udevd.service
+ systemd-udevd.service \
+ timers.target
add_symlink "/usr/lib/systemd/system/default.target" "initrd.target"
+ add_symlink "/usr/lib/systemd/system/ctrl-alt-del.target" "reboot.target"
- # libdbus needs the passwd info of the root user
- # TODO: make sure this is no longer necessary when systemctl moves to sd-bus
+ # udev wants /etc/group since it doesn't launch with --resolve-names=never
add_file "/etc/nsswitch.conf"
- add_file "/etc/passwd"
add_binary "$(readlink -f /usr/lib/libnss_files.so)"
-
- # udev wants /etc/group since it doesn't launch with --resolve-names=never
+ add_file "/etc/passwd"
add_file "/etc/group"
}