diff options
| author | Timothée Ravier | 2013-11-03 19:42:41 +0100 |
|---|---|---|
| committer | Timothée Ravier | 2013-11-03 19:42:41 +0100 |
| commit | b393925cb24c2570fda1b97ff79b6cd23ce9e7d4 (patch) | |
| tree | 80cceab593a9bfeef6c49452952d32ee63ae2fdb | |
| download | aur-b393925cb24c2570fda1b97ff79b6cd23ce9e7d4.tar.gz | |
General update: SELinux userspace & pkg renaming
| -rw-r--r-- | .SRCINFO | 100 | ||||
| -rw-r--r-- | 0001-fix-lingering-references-to-var-lib-backlight-random.patch | 54 | ||||
| -rw-r--r-- | 0001-mount-check-for-NULL-before-reading-pm-what.patch | 29 | ||||
| -rw-r--r-- | 0001-shared-util-fix-off-by-one-error-in-tag_to_udev_node.patch | 50 | ||||
| -rw-r--r-- | PKGBUILD | 156 | ||||
| -rw-r--r-- | initcpio-hook-udev | 22 | ||||
| -rw-r--r-- | initcpio-install-systemd | 159 | ||||
| -rw-r--r-- | initcpio-install-udev | 29 | ||||
| -rw-r--r-- | systemd.install | 120 |
9 files changed, 719 insertions, 0 deletions
diff --git a/.SRCINFO b/.SRCINFO new file mode 100644 index 000000000000..c3a9e3c89ac9 --- /dev/null +++ b/.SRCINFO @@ -0,0 +1,100 @@ +pkgbase = systemd-selinux + pkgver = 208 + pkgrel = 2 + url = http://www.freedesktop.org/wiki/Software/systemd + arch = i686 + arch = x86_64 + makedepends = acl + makedepends = cryptsetup + makedepends = dbus-core + makedepends = docbook-xsl + makedepends = gobject-introspection + makedepends = gperf + makedepends = gtk-doc + makedepends = intltool + makedepends = kmod + makedepends = libcap + makedepends = libgcrypt + makedepends = libmicrohttpd + makedepends = libxslt + makedepends = linux-api-headers + makedepends = python + makedepends = quota-tools + makedepends = xz + makedepends = pam-selinux + makedepends = libselinux + options = strip + options = debug + source = http://www.freedesktop.org/software/systemd/systemd-208.tar.xz + source = initcpio-hook-udev + source = initcpio-install-systemd + source = initcpio-install-udev + source = 0001-fix-lingering-references-to-var-lib-backlight-random.patch + source = 0001-mount-check-for-NULL-before-reading-pm-what.patch + source = 0001-shared-util-fix-off-by-one-error-in-tag_to_udev_node.patch + md5sums = df64550d92afbffb4f67a434193ee165 + md5sums = 29245f7a240bfba66e2b1783b63b6b40 + md5sums = 8b68b0218a3897d4d37a6ccf47914774 + md5sums = bde43090d4ac0ef048e3eaee8202a407 + md5sums = 1b191c4e7a209d322675fd199e3abc66 + md5sums = a693bef63548163ffc165f4c4801ebf7 + md5sums = ccafe716d87df9c42af0d1960b5a4105 + +pkgname = systemd-selinux + pkgdesc = system and service manager + install = systemd.install + license = GPL2 + license = LGPL2.1 + license = MIT + depends = acl + depends = bash + depends = dbus-core + depends = glib2 + depends = kbd + depends = kmod + depends = hwids + depends = libcap + depends = libgcrypt + depends = pam-selinux + depends = util-linux-selinux + depends = xz + depends = libselinux + optdepends = cryptsetup: required for encrypted block devices + optdepends = libmicrohttpd: systemd-journal-gatewayd + optdepends = quota-tools: kernel-level quota management + optdepends = python: systemd library bindings + optdepends = systemd-sysvcompat: symlink package to provide sysvinit binaries + provides = systemd=208-2 + conflicts = libsystemd + conflicts = nss-myhostname + conflicts = systemd-tools + conflicts = udev + conflicts = systemd + replaces = libsystemd + replaces = nss-myhostname + replaces = systemd-tools + replaces = udev + backup = etc/dbus-1/system.d/org.freedesktop.systemd1.conf + backup = etc/dbus-1/system.d/org.freedesktop.hostname1.conf + backup = etc/dbus-1/system.d/org.freedesktop.login1.conf + backup = etc/dbus-1/system.d/org.freedesktop.locale1.conf + backup = etc/dbus-1/system.d/org.freedesktop.machine1.conf + backup = etc/dbus-1/system.d/org.freedesktop.timedate1.conf + backup = etc/pam.d/systemd-user + backup = etc/systemd/bootchart.conf + backup = etc/systemd/journald.conf + backup = etc/systemd/logind.conf + backup = etc/systemd/system.conf + backup = etc/systemd/user.conf + backup = etc/udev/udev.conf + +pkgname = systemd-sysvcompat-selinux + pkgdesc = sysvinit compat for systemd + groups = selinux + license = GPL2 + depends = sysvinit-tools + depends = systemd-selinux + provides = systemd-sysvcompat-sysvcompat=208-2 + conflicts = sysvinit + conflicts = systemd-sysvcompat + diff --git a/0001-fix-lingering-references-to-var-lib-backlight-random.patch b/0001-fix-lingering-references-to-var-lib-backlight-random.patch new file mode 100644 index 000000000000..49b960c81b4b --- /dev/null +++ b/0001-fix-lingering-references-to-var-lib-backlight-random.patch @@ -0,0 +1,54 @@ +From 6c8c92fef72cf6a7ef7109a424ef82dbdc4f6952 Mon Sep 17 00:00:00 2001 +From: Dave Reisner <dreisner@archlinux.org> +Date: Wed, 2 Oct 2013 07:46:24 -0400 +Subject: [PATCH] fix lingering references to /var/lib/{backlight,random-seed} + +This should have been part of ef5bfcf668e6029faa78534dfe. +--- + man/systemd-backlight@.service.xml | 2 +- + man/systemd-random-seed.service.xml | 2 +- + units/systemd-backlight@.service.in | 2 +- + 3 files changed, 3 insertions(+), 3 deletions(-) + +diff --git a/man/systemd-backlight@.service.xml b/man/systemd-backlight@.service.xml +index 2b73625..4318964 100644 +--- a/man/systemd-backlight@.service.xml ++++ b/man/systemd-backlight@.service.xml +@@ -58,7 +58,7 @@ + is a service that restores the display backlight + brightness at early-boot and saves it at shutdown. On + disk, the backlight brightness is stored in +- <filename>/var/lib/backlight/</filename>. Note that by ++ <filename>/var/lib/systemd/backlight/</filename>. Note that by + default, only firmware backlight devices are + saved/restored.</para> + </refsect1> +diff --git a/man/systemd-random-seed.service.xml b/man/systemd-random-seed.service.xml +index 8cd14b7..e5cd037 100644 +--- a/man/systemd-random-seed.service.xml ++++ b/man/systemd-random-seed.service.xml +@@ -61,7 +61,7 @@ + for details. Saving/restoring the random seed across + boots increases the amount of available entropy early + at boot. On disk the random seed is stored in +- <filename>/var/lib/random-seed</filename>.</para> ++ <filename>/var/lib/systemd/random-seed</filename>.</para> + </refsect1> + + <refsect1> +diff --git a/units/systemd-backlight@.service.in b/units/systemd-backlight@.service.in +index b0e75db..5caa5d5 100644 +--- a/units/systemd-backlight@.service.in ++++ b/units/systemd-backlight@.service.in +@@ -9,7 +9,7 @@ + Description=Load/Save Screen Backlight Brightness of %I + Documentation=man:systemd-backlight@.service(8) + DefaultDependencies=no +-RequiresMountsFor=/var/lib/backlight ++RequiresMountsFor=/var/lib/systemd/backlight + Conflicts=shutdown.target + After=systemd-readahead-collect.service systemd-readahead-replay.service systemd-remount-fs.service + Before=sysinit.target shutdown.target +-- +1.8.4 + diff --git a/0001-mount-check-for-NULL-before-reading-pm-what.patch b/0001-mount-check-for-NULL-before-reading-pm-what.patch new file mode 100644 index 000000000000..27256484c087 --- /dev/null +++ b/0001-mount-check-for-NULL-before-reading-pm-what.patch @@ -0,0 +1,29 @@ +From 9c03872bc8fb2a381eafe7301ef9811b641686dd Mon Sep 17 00:00:00 2001 +From: Dave Reisner <dreisner@archlinux.org> +Date: Fri, 4 Oct 2013 18:22:40 -0400 +Subject: [PATCH] mount: check for NULL before reading pm->what + +Since a57f7e2c828b85, a mount unit with garbage in it would cause +systemd to crash on loading it. + +ref: https://bugs.freedesktop.org/show_bug.cgi?id=70148 +--- + src/core/mount.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/src/core/mount.c b/src/core/mount.c +index 93bfa99..db055f0 100644 +--- a/src/core/mount.c ++++ b/src/core/mount.c +@@ -182,7 +182,7 @@ static int mount_add_mount_links(Mount *m) { + * for the source path (if this is a bind mount) to be + * available. */ + pm = get_mount_parameters_fragment(m); +- if (pm && path_is_absolute(pm->what)) { ++ if (pm && pm->what && path_is_absolute(pm->what)) { + r = unit_require_mounts_for(UNIT(m), pm->what); + if (r < 0) + return r; +-- +1.8.4.1 + diff --git a/0001-shared-util-fix-off-by-one-error-in-tag_to_udev_node.patch b/0001-shared-util-fix-off-by-one-error-in-tag_to_udev_node.patch new file mode 100644 index 000000000000..8c8ea46c223d --- /dev/null +++ b/0001-shared-util-fix-off-by-one-error-in-tag_to_udev_node.patch @@ -0,0 +1,50 @@ +From 1d5989fd803d2019de0f6aaaf3cfb1cb2bbc3cdb Mon Sep 17 00:00:00 2001 +From: Dave Reisner <dreisner@archlinux.org> +Date: Sun, 6 Oct 2013 18:26:23 -0400 +Subject: [PATCH] shared/util: fix off-by-one error in tag_to_udev_node + +Triggered false negatives when encoding a string which needed every +character to be escaped, e.g. "LABEL=/". +--- + src/shared/util.c | 2 +- + src/test/test-device-nodes.c | 4 +++- + 2 files changed, 4 insertions(+), 2 deletions(-) + +diff --git a/src/shared/util.c b/src/shared/util.c +index 82f4221..31cea79 100644 +--- a/src/shared/util.c ++++ b/src/shared/util.c +@@ -3527,7 +3527,7 @@ static char *tag_to_udev_node(const char *tagvalue, const char *by) { + if (u == NULL) + return NULL; + +- enc_len = strlen(u) * 4; ++ enc_len = strlen(u) * 4 + 1; + t = new(char, enc_len); + if (t == NULL) + return NULL; +diff --git a/src/test/test-device-nodes.c b/src/test/test-device-nodes.c +index 2f3dedb..59ba4be 100644 +--- a/src/test/test-device-nodes.c ++++ b/src/test/test-device-nodes.c +@@ -26,7 +26,7 @@ + + /* helpers for test_encode_devnode_name */ + static char *do_encode_string(const char *in) { +- size_t out_len = strlen(in) * 4; ++ size_t out_len = strlen(in) * 4 + 1; + char *out = malloc(out_len); + + assert_se(out); +@@ -46,6 +46,8 @@ static void test_encode_devnode_name(void) { + assert_se(expect_encoded_as("pinkiepie", "pinkiepie")); + assert_se(expect_encoded_as("valíd\\ųtf8", "valíd\\x5cųtf8")); + assert_se(expect_encoded_as("s/ash/ng", "s\\x2fash\\x2fng")); ++ assert_se(expect_encoded_as("/", "\\x2f")); ++ assert_se(expect_encoded_as("!", "\\x21")); + } + + int main(int argc, char *argv[]) { +-- +1.8.4.1 + diff --git a/PKGBUILD b/PKGBUILD new file mode 100644 index 000000000000..9b4f132cb80c --- /dev/null +++ b/PKGBUILD @@ -0,0 +1,156 @@ +# Maintainer: Dave Reisner <dreisner@archlinux.org> +# Maintainer: Tom Gundersen <teg@jklm.no> +# SELinux Maintainer: Timothée Ravier <tim@siosm.fr> +# SELinux Contributor: Nicky726 <Nicky726@gmail.com> + +pkgname=('systemd-selinux') +true && pkgname=('systemd-selinux' 'systemd-sysvcompat-selinux') +pkgver=208 +pkgrel=2 +arch=('i686' 'x86_64') +url="http://www.freedesktop.org/wiki/Software/systemd" +makedepends=('acl' 'cryptsetup' 'dbus-core' 'docbook-xsl' + 'gobject-introspection' 'gperf' 'gtk-doc' 'intltool' 'kmod' + 'libcap' 'libgcrypt' 'libmicrohttpd' 'libxslt' + 'linux-api-headers' 'python' 'quota-tools' 'xz' 'pam-selinux' + 'libselinux') +options=('strip' 'debug') +source=("http://www.freedesktop.org/software/${pkgname/-selinux}/${pkgname/-selinux}-$pkgver.tar.xz" + 'initcpio-hook-udev' + 'initcpio-install-systemd' + 'initcpio-install-udev' + '0001-fix-lingering-references-to-var-lib-backlight-random.patch' + '0001-mount-check-for-NULL-before-reading-pm-what.patch' + '0001-shared-util-fix-off-by-one-error-in-tag_to_udev_node.patch') +md5sums=('df64550d92afbffb4f67a434193ee165' + '29245f7a240bfba66e2b1783b63b6b40' + '8b68b0218a3897d4d37a6ccf47914774' + 'bde43090d4ac0ef048e3eaee8202a407' + '1b191c4e7a209d322675fd199e3abc66' + 'a693bef63548163ffc165f4c4801ebf7' + 'ccafe716d87df9c42af0d1960b5a4105') + +prepare() { + cd "${pkgname/-selinux}-$pkgver" + patch -Np1 < "$srcdir"/0001-fix-lingering-references-to-var-lib-backlight-random.patch + patch -Np1 < "$srcdir"/0001-mount-check-for-NULL-before-reading-pm-what.patch + patch -Np1 < "$srcdir"/0001-shared-util-fix-off-by-one-error-in-tag_to_udev_node.patch +} + +build() { + cd "${pkgname/-selinux}-$pkgver" + + ./configure \ + --libexecdir=/usr/lib \ + --localstatedir=/var \ + --sysconfdir=/etc \ + --enable-introspection \ + --enable-gtk-doc \ + --enable-selinux \ + --disable-audit \ + --disable-ima \ + --with-sysvinit-path= \ + --with-sysvrcnd-path= \ + --with-firmware-path="/usr/lib/firmware/updates:/usr/lib/firmware" + + make +} + +check() { + make -C "${pkgname/-selinux}-$pkgver" check || : +} + +package_systemd-selinux() { + pkgdesc="system and service manager" + license=('GPL2' 'LGPL2.1' 'MIT') + depends=('acl' 'bash' 'dbus-core' 'glib2' 'kbd' 'kmod' 'hwids' 'libcap' 'libgcrypt' + 'pam-selinux' 'util-linux-selinux' 'xz' 'libselinux') + provides=("libsystemd=$pkgver" 'nss-myhostname' "systemd-tools=$pkgver" "udev=$pkgver" + 'libgudev-1.0.so' 'libsystemd-daemon.so' 'libsystemd-id128.so' + 'libsystemd-journal.so' 'libsystemd-login.so' 'libudev.so') + replaces=('libsystemd' 'nss-myhostname' 'systemd-tools' 'udev') + conflicts=('libsystemd' 'nss-myhostname' 'systemd-tools' 'udev' 'systemd') + provides=("${pkgname/-selinux}=${pkgver}-${pkgrel}") + optdepends=('cryptsetup: required for encrypted block devices' + 'libmicrohttpd: systemd-journal-gatewayd' + 'quota-tools: kernel-level quota management' + 'python: systemd library bindings' + 'systemd-sysvcompat: symlink package to provide sysvinit binaries') + backup=(etc/dbus-1/system.d/org.freedesktop.systemd1.conf + etc/dbus-1/system.d/org.freedesktop.hostname1.conf + etc/dbus-1/system.d/org.freedesktop.login1.conf + etc/dbus-1/system.d/org.freedesktop.locale1.conf + etc/dbus-1/system.d/org.freedesktop.machine1.conf + etc/dbus-1/system.d/org.freedesktop.timedate1.conf + etc/pam.d/systemd-user + etc/systemd/bootchart.conf + etc/systemd/journald.conf + etc/systemd/logind.conf + etc/systemd/system.conf + etc/systemd/user.conf + etc/udev/udev.conf) + install="systemd.install" + + make -C "${pkgname/-selinux}-$pkgver" DESTDIR="$pkgdir" install + + printf "d /run/console 0755 root root\n" > "$pkgdir/usr/lib/tmpfiles.d/console.conf" + + # fix .so links in manpage stubs + find "$pkgdir/usr/share/man" -type f -name '*.[[:digit:]]' \ + -exec sed -ri '1s|^\.so (.*)\.([0-9]+)|.so man\2/\1.\2|' {} + + + # don't write units to /etc by default -- we'll enable this on post_install + # as a sane default + rm "$pkgdir/etc/systemd/system/getty.target.wants/getty@tty1.service" + rmdir "$pkgdir/etc/systemd/system/getty.target.wants" + + # get rid of RPM macros + rm -r "$pkgdir/usr/lib/rpm" + + # add back tmpfiles.d/legacy.conf + install -m644 "systemd-$pkgver/tmpfiles.d/legacy.conf" "$pkgdir/usr/lib/tmpfiles.d" + + # Replace dialout/tape/cdrom group in rules with uucp/storage/optical group + sed -i 's#GROUP="dialout"#GROUP="uucp"#g; + s#GROUP="tape"#GROUP="storage"#g; + s#GROUP="cdrom"#GROUP="optical"#g' "$pkgdir"/usr/lib/udev/rules.d/*.rules + + # add mkinitcpio hooks + install -Dm644 "$srcdir/initcpio-install-systemd" "$pkgdir/usr/lib/initcpio/install/systemd" + install -Dm644 "$srcdir/initcpio-install-udev" "$pkgdir/usr/lib/initcpio/install/udev" + install -Dm644 "$srcdir/initcpio-hook-udev" "$pkgdir/usr/lib/initcpio/hooks/udev" + + # ensure proper permissions for /var/log/journal + chown root:systemd-journal "$pkgdir/var/log/journal" + chmod 2755 "$pkgdir/var/log/journal" + + ### split out manpages for sysvcompat + rm -rf "$srcdir/_sysvcompat" + install -dm755 "$srcdir"/_sysvcompat/usr/share/man/man8/ + mv "$pkgdir"/usr/share/man/man8/{telinit,halt,reboot,poweroff,runlevel,shutdown}.8 \ + "$srcdir"/_sysvcompat/usr/share/man/man8 + + # include MIT license, since it's technically custom + install -Dm644 "$srcdir/${pkgname/-selinux}-$pkgver/LICENSE.MIT" \ + "$pkgdir/usr/share/licenses/systemd/LICENSE.MIT" +} + +package_systemd-sysvcompat-selinux() { + pkgdesc="sysvinit compat for systemd" + license=('GPL2') + groups=('selinux') + conflicts=('sysvinit' 'systemd-sysvcompat') + provides=("${pkgname/-selinux}-sysvcompat=${pkgver}-${pkgrel}") + depends=('sysvinit-tools' 'systemd-selinux') + + mv "$srcdir/_sysvcompat"/* "$pkgdir" + + install -dm755 "$pkgdir/usr/bin" + for tool in runlevel reboot shutdown poweroff halt telinit; do + ln -s 'systemctl' "$pkgdir/usr/bin/$tool" + done + + ln -s '../lib/systemd/systemd' "$pkgdir/usr/bin/init" +} + +# vim: ft=sh syn=sh et diff --git a/initcpio-hook-udev b/initcpio-hook-udev new file mode 100644 index 000000000000..0bc32e008c2e --- /dev/null +++ b/initcpio-hook-udev @@ -0,0 +1,22 @@ +#!/usr/bin/ash + +run_earlyhook() { + kmod static-nodes --format=tmpfiles --output=/run/tmpfiles.d/kmod.conf + systemd-tmpfiles --prefix=/dev --create + /usr/lib/systemd/systemd-udevd --daemon --resolve-names=never + udevd_running=1 +} + +run_hook() { + msg ":: Triggering uevents..." + udevadm trigger --action=add --type=subsystems + udevadm trigger --action=add --type=devices + udevadm settle +} + +run_cleanuphook() { + udevadm control --exit + udevadm info --cleanup-db +} + +# vim: set ft=sh ts=4 sw=4 et: diff --git a/initcpio-install-systemd b/initcpio-install-systemd new file mode 100644 index 000000000000..2c59074a7c39 --- /dev/null +++ b/initcpio-install-systemd @@ -0,0 +1,159 @@ +#!/bin/bash + +strip_quotes() { + local len=${#1} quotes=$'[\'"]' str=${!1} + + if [[ ${str:0:1} = ${str: -1} && ${str:0:1} = $quotes ]]; then + declare -g "$1=${str:1:-1}" + fi +} + +add_udev_rule() { + # Add an udev rules file to the initcpio image. Dependencies on binaries + # will be discovered and added. + # $1: path to rules file (or name of rules file) + + local rules= rule= key= value= binary= + + rules=$(PATH=/usr/lib/udev/rules.d:/lib/udev/rules.d type -P "$1") + if [[ -z $rules ]]; then + # complain about not found rules + return 1 + fi + + add_file "$rules" + + while IFS=, read -ra rule; do + # skip empty lines, comments + [[ -z $rule || $rule = @(+([[:space:]])|#*) ]] && continue + + for pair in "${rule[@]}"; do + IFS=' =' read -r key value <<< "$pair" + case $key in + RUN@({program}|+)|IMPORT{program}|ENV{REMOVE_CMD}) + strip_quotes 'value' + # just take the first word as the binary name + binary=${value%% *} + if [[ ${binary:0:1} != '/' ]]; then + binary=$(PATH=/usr/lib/udev:/lib/udev type -P "$binary") + fi + add_binary "$binary" + ;; + esac + done + done <"$rules" +} + +add_systemd_unit() { + # Add a systemd unit file to the initcpio image. Hard dependencies on binaries + # and other unit files will be discovered and added. + # $1: path to rules file (or name of rules file) + + local unit= rule= entry= key= value= binary= dep= + + unit=$(PATH=/usr/lib/systemd/system:/lib/systemd/system type -P "$1") + if [[ -z $unit ]]; then + # complain about not found unit file + return 1 + fi + + add_file "$unit" + + while IFS='=' read -r key values; do + read -ra values <<< "$values" + + case $key in + Requires|OnFailure) + # only add hard dependencies (not Wants) + map add_systemd_unit "${values[@]}" + ;; + Exec*) + # don't add binaries unless they are required + if [[ ${values[0]:0:1} != '-' ]]; then + add_binary "${values[0]}" + fi + ;; + esac + + done <"$unit" + + # preserve reverse soft dependency + for dep in {/usr,}/lib/systemd/system/*.wants/${unit##*/}; do + if [[ -L $dep ]]; then + add_symlink "$dep" + fi + done + + # add hard dependencies + if [[ -d $unit.requires ]]; then + for dep in "$unit".requires/*; do + add_systemd_unit ${dep##*/} + done + fi +} + +build() { + local rules unit + + # from base + add_binary /bin/mount + add_binary /usr/bin/kmod /usr/bin/modprobe + + # systemd + add_binary /usr/lib/systemd/systemd /init + add_binary /usr/bin/systemd-tmpfiles + + # generate sysroot.mount and sysroot-usr.mount + add_file "/usr/lib/systemd/system-generators/systemd-fstab-generator" + + # udev rules and systemd units + map add_udev_rule "$rules" \ + 50-udev-default.rules \ + 60-persistent-storage.rules \ + 64-btrfs.rules \ + 80-drivers.rules \ + 99-systemd.rules \ + + map add_systemd_unit \ + ctrl-alt-del.target \ + initrd-cleanup.service \ + initrd-fs.target \ + initrd-parse-etc.service \ + initrd-root-fs.target \ + initrd-switch-root.service \ + initrd-switch-root.target \ + initrd-udevadm-cleanup-db.service \ + initrd.target \ + kmod-static-nodes.service \ + sockets.target \ + systemd-fsck@.service \ + systemd-journald.service \ + systemd-tmpfiles-setup-dev.service \ + systemd-udev-trigger.service \ + systemd-udevd-control.socket \ + systemd-udevd-kernel.socket \ + systemd-udevd.service + + add_symlink "/usr/lib/systemd/system/default.target" "initrd.target" + + # libdbus needs the passwd info of the root user + # TODO: make sure this is no longer necessary when systemctl moves to sd-bus + add_file "/etc/nsswitch.conf" + add_file "/etc/passwd" + add_binary "$(readlink -f /usr/lib/libnss_files.so)" + + # udev wants /etc/group since it doesn't launch with --resolve-names=never + add_file "/etc/group" +} + +help() { + cat <<HELPEOF +This will install a basic systemd setup in your initramfs, and is meant to +replace the 'base', 'usr', 'udev' and 'timestamp' hooks. Other hooks with runtime +components will need to be ported, and will not work as intended. You also may +wish to still include the 'base' hook (before this hook) to ensure that a +rescue shell exists on your initramfs. +HELPEOF +} + +# vim: set ft=sh ts=4 sw=4 et: diff --git a/initcpio-install-udev b/initcpio-install-udev new file mode 100644 index 000000000000..419c19e58338 --- /dev/null +++ b/initcpio-install-udev @@ -0,0 +1,29 @@ +#!/bin/bash + +build() { + local rules tool + + add_file "/etc/udev/udev.conf" + add_binary /usr/lib/systemd/systemd-udevd + add_binary /usr/bin/udevadm + add_binary /usr/bin/systemd-tmpfiles + + for rules in 50-udev-default.rules 60-persistent-storage.rules 64-btrfs.rules 80-drivers.rules; do + add_file "/usr/lib/udev/rules.d/$rules" + done + for tool in ata_id scsi_id; do + add_file "/usr/lib/udev/$tool" + done + + add_runscript +} + +help() { + cat <<HELPEOF +This hook will use udev to create your root device node and detect the needed +modules for your root device. It is also required for firmware loading in +initramfs. It is recommended to use this hook. +HELPEOF +} + +# vim: set ft=sh ts=4 sw=4 et: diff --git a/systemd.install b/systemd.install new file mode 100644 index 000000000000..1e79585d72e6 --- /dev/null +++ b/systemd.install @@ -0,0 +1,120 @@ +#!/bin/sh + +sd_booted() { + [ -e sys/fs/cgroup/systemd ] +} + +add_privs() { + if ! setcap "$2" "$1" 2>/dev/null; then + echo "==> Warning: setcap failed, falling back to setuid root on /$1" + chmod u+s "$1" + fi +} + +post_common() { + systemd-machine-id-setup + + add_privs usr/bin/systemd-detect-virt 'cap_dac_override,cap_sys_ptrace+ep' + + udevadm hwdb --update + journalctl --update-catalog + + if sd_booted; then + systemctl --system daemon-reexec + fi +} + +mask_net_naming() { + if [ ! -e etc/udev/rules.d/80-net-name-slot.rules ]; then + printf >etc/udev/rules.d/80-net-name-slot.rules '# %s\n' \ + "This file masks persistent renaming rules for network devices. If you" \ + "delete this file, /usr/lib/udev/rules.d/80-net-name-slot.rules may" \ + "rename network devices according to ID_NET_NAME_{ONBOARD,SLOT,PATH}" \ + "properties of your network devices, with priority in that order. See" \ + "the output of 'udevadm test-builtin net_id /sys/class/net/\$interface'" \ + "for details on what that new name might be." \ + "" \ + "http://www.freedesktop.org/wiki/Software/systemd/PredictableNetworkInterfaceNames" + fi +} + +_208_changes() { + chown root:systemd-journal var/log/journal + chmod 2755 var/log/journal + + if [ -e var/lib/backlight ] && [ ! -e var/lib/systemd/backlight ]; then + mv -T var/lib/backlight var/lib/systemd/backlight + fi + + if [ -e var/lib/random-seed ] && [ ! -e var/lib/systemd/random-seed ]; then + mv -T var/lib/random-seed var/lib/systemd/random-seed + fi +} + +post_install() { + post_common + + # enable getty@tty1 by default, but don't track the file + systemctl enable getty@tty1.service + + echo ":: Append 'init=/usr/lib/systemd/systemd' to your kernel command line in your" + echo " bootloader to replace sysvinit with systemd, or install systemd-sysvcompat" +} + +post_upgrade() { + post_common + + # getty@tty1.service is no longer enabled by default, but we don't want to break + # existing setups. + if [ "$(vercmp 183 "$2")" -eq 1 ]; then + # systemctl seems to be whiny on sysvinit. this will succeed unless something + # horrific happens, so just mask the error. + systemctl -q enable getty@tty1.service || true + fi + + if [ "$(vercmp 194-4 "$2")" -eq 1 ]; then + printf '==> journald now writes to /var/log/journal by default. This can be\n' + printf ' controlled with the Storage setting in /etc/systemd/journald.conf\n' + fi + + # logind's protocol changed. kindly restart the daemon to avoid locking + # out further logins. + if [ "$(vercmp 195 "$2")" -eq 1 ]; then + if sd_booted; then + systemctl restart systemd-logind.service + fi + fi + + if [ "$(vercmp 196-1 "$2")" -eq 1 ]; then + printf '==> The legacy configuration options are no longer supported in rc.conf,\n' + printf ' convert your rc.conf to the new configuration formats.\n' + fi + + if [ "$(vercmp 197-1 "$2")" -eq 1 ]; then + mask_net_naming + printf '==> Persistent net naming rules have been shipped as disabled.\n' + printf ' See /etc/udev/rules.d/80-net-name-slot.rules for more detail\n' + fi + + if [ "$(vercmp 204-1 "$2")" -eq 1 ]; then + printf '==> The /bin/systemd symlink has been removed. Any references in your\n' + printf ' bootloader (or elsewhere) must be updated to /usr/lib/systemd/systemd.\n' + fi + + if [ "$(vercmp 205-1 "$2")" -eq 1 ]; then + printf '==> systemd 205 restructures the cgroup hierarchy and changes internal\n' + printf ' protocols. You should reboot at your earliest convenience.\n' + fi + + if [ "$(vercmp 206-1 "$2")" -eq 1 ]; then + printf '==> The "timestamp" hook for mkinitcpio no longer exists. If you used\n' + printf ' this hook, you must remove it from /etc/mkinitcpio.conf. A "systemd"\n' + printf ' hook has been added which provides this functionality, and more.\n' + fi + + if [ "$(vercmp 208-1 "$2")" -eq 1 ]; then + _208_changes + fi +} + +# vim:set ts=2 sw=2 et: |