diff options
author | Nicolas Iooss | 2021-07-14 16:37:47 +0200 |
---|---|---|
committer | Nicolas Iooss | 2021-07-14 16:37:47 +0200 |
commit | 246284c1a558e5065bb1c4d40f1ade4edd9ddf98 (patch) | |
tree | f46a13070a05238c9ffa6f77f5b60474f3d3272a | |
parent | cf4b50d3f368f61095e8deefb1ac4cf1bf4c14aa (diff) | |
download | aur-246284c1a558e5065bb1c4d40f1ade4edd9ddf98.tar.gz |
systemd-selinux 249-3 update
-rw-r--r-- | .SRCINFO | 28 | ||||
-rw-r--r-- | 0001-Use-Arch-Linux-device-access-groups.patch | 113 | ||||
-rw-r--r-- | PKGBUILD | 21 | ||||
-rw-r--r-- | systemd.install | 4 |
4 files changed, 126 insertions, 40 deletions
@@ -1,6 +1,6 @@ pkgbase = systemd-selinux - pkgver = 248.3 - pkgrel = 2 + pkgver = 249 + pkgrel = 3 url = https://www.github.com/systemd/systemd arch = x86_64 arch = aarch64 @@ -24,6 +24,7 @@ pkgbase = systemd-selinux makedepends = libxslt makedepends = util-linux makedepends = linux-api-headers + makedepends = python-jinja makedepends = python-lxml makedepends = quota-tools makedepends = shadow-selinux @@ -43,8 +44,8 @@ pkgbase = systemd-selinux makedepends = rsync makedepends = libselinux options = strip - source = git+https://github.com/systemd/systemd-stable#tag=fd9ad7d3bc35a3633b99edac14ff2a4fb10599b7?signed - source = git+https://github.com/systemd/systemd#tag=v248?signed + source = git+https://github.com/systemd/systemd-stable#tag=b134c9cc4b02eddca2ea098324369018123fdf15?signed + source = git+https://github.com/systemd/systemd#tag=v249?signed source = 0001-Use-Arch-Linux-device-access-groups.patch source = 0003-PARTIAL-REVERT-commit-tree-wide-replace-strverscmp-and-str_verscmp-with-strverscmp_improved.patch source = initcpio-hook-udev @@ -65,10 +66,11 @@ pkgbase = systemd-selinux source = 30-systemd-udev-reload.hook source = 30-systemd-update.hook validpgpkeys = 63CDA1E5D3FC22B998D20DD6327F26951A015CC4 + validpgpkeys = A9EA9081724FFAE0484C35A1A81CEA22BC8C7E2E validpgpkeys = 5C251B5FC54EB2F80F407AAAC54CA336CFEB557E sha512sums = SKIP sha512sums = SKIP - sha512sums = 882e486b6d88c8bafc50088845e41a49686e98981967f72ca1fb4ef07a01767400632f4b648fd31857d2a2a24a8fd65bcc2a8983284dd4fff2380732741d4c41 + sha512sums = 10f3b477527ec263cc6465c84d94416e356435930edc9e26844a0fd4f71e87a27fa0f91ce24b43a22cacdd2ead5e760e9d607369bc537a8da8d34021302a89a1 sha512sums = 34541f1967536524329867f9f341f8d9250d9d771c60dc3e6a22ccb82fc01f103cfd3f9903329777591ccbecd2446622a5d6b3804fa0411482b85c70593ee8ad sha512sums = f0d933e8c6064ed830dec54049b0a01e27be87203208f6ae982f10fb4eddc7258cb2919d594cbfb9a33e74c3510cfd682f3416ba8e804387ab87d1a217eb4b73 sha512sums = f599e1a35cba2c4e83e37c2299fac23ae128d8f68081283e71e1729384975dee1c4b677787f31a17890aeb98c8d2fc90405a202644290708ef9c027315022b17 @@ -134,9 +136,9 @@ pkgname = systemd-selinux optdepends = libfido2: unlocking LUKS2 volumes with FIDO2 token optdepends = tpm2-tss: unlocking LUKS2 volumes with TPM2 provides = nss-myhostname - provides = systemd-tools=248.3 - provides = udev=248.3 - provides = systemd=248.3-2 + provides = systemd-tools=249 + provides = udev=249 + provides = systemd=249-3 conflicts = nss-myhostname conflicts = systemd-tools conflicts = udev @@ -174,7 +176,7 @@ pkgname = systemd-libs-selinux provides = libsystemd.so provides = libudev.so provides = libsystemd-selinux - provides = systemd-libs=248.3-2 + provides = systemd-libs=249-3 conflicts = libsystemd conflicts = libsystemd-selinux conflicts = systemd-libs @@ -186,16 +188,16 @@ pkgname = systemd-resolvconf-selinux depends = systemd-selinux provides = openresolv provides = resolvconf - provides = systemd-resolvconf=248.3-2 + provides = systemd-resolvconf=249-3 conflicts = openresolv - conflicts = systemd-resolvconf=248.3-2 + conflicts = systemd-resolvconf=249-3 pkgname = systemd-sysvcompat-selinux pkgdesc = sysvinit compat for systemd with SELinux support license = GPL2 depends = systemd-selinux - provides = systemd-sysvcompat=248.3-2 - provides = selinux-systemd-sysvcompat=248.3-2 + provides = systemd-sysvcompat=249-3 + provides = selinux-systemd-sysvcompat=249-3 conflicts = sysvinit conflicts = systemd-sysvcompat conflicts = selinux-systemd-sysvcompat diff --git a/0001-Use-Arch-Linux-device-access-groups.patch b/0001-Use-Arch-Linux-device-access-groups.patch index 3abb448bfe92..6449c017db0c 100644 --- a/0001-Use-Arch-Linux-device-access-groups.patch +++ b/0001-Use-Arch-Linux-device-access-groups.patch @@ -1,4 +1,4 @@ -From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 +From f7d07e298c819a81eab965efbdbf53a2ce67fc0e Mon Sep 17 00:00:00 2001 From: "Jan Alexander Steffens (heftig)" <jan.steffens@gmail.com> Date: Tue, 6 Mar 2018 23:39:47 +0100 Subject: [PATCH] Use Arch Linux' device access groups @@ -10,12 +10,81 @@ Content-Transfer-Encoding: 8bit dialout → uucp tape → storage --- + meson.build | 6 +++--- + meson_options.txt | 12 ++++++------ rules.d/50-udev-default.rules.in | 14 +++++++------- sysusers.d/basic.conf.in | 6 +++--- - 2 files changed, 10 insertions(+), 10 deletions(-) + 4 files changed, 19 insertions(+), 19 deletions(-) +diff --git a/meson.build b/meson.build +index 32e5413a62..f781e06fed 100644 +--- a/meson.build ++++ b/meson.build +@@ -796,19 +796,19 @@ conf.set_quoted('NOBODY_GROUP_NAME', nobody_group) + static_ugids = [] + foreach option : ['adm-gid', + 'audio-gid', +- 'cdrom-gid', +- 'dialout-gid', + 'disk-gid', + 'input-gid', + 'kmem-gid', + 'kvm-gid', + 'lp-gid', ++ 'optical-gid', + 'render-gid', + 'sgx-gid', +- 'tape-gid', ++ 'storage-gid', + 'tty-gid', + 'users-gid', + 'utmp-gid', ++ 'uucp-gid', + 'video-gid', + 'wheel-gid', + 'systemd-journal-gid', +diff --git a/meson_options.txt b/meson_options.txt +index 5048de755d..676e5e2e0d 100644 +--- a/meson_options.txt ++++ b/meson_options.txt +@@ -235,10 +235,6 @@ option('adm-gid', type : 'integer', value : '-1', + description : 'soft-static allocation for the "adm" group') + option('audio-gid', type : 'integer', value : '-1', + description : 'soft-static allocation for the "audio" group') +-option('cdrom-gid', type : 'integer', value : '-1', +- description : 'soft-static allocation for the "cdrom" group') +-option('dialout-gid', type : 'integer', value : '-1', +- description : 'soft-static allocation for the "dialout" group') + option('disk-gid', type : 'integer', value : '-1', + description : 'soft-static allocation for the "disk" group') + option('input-gid', type : 'integer', value : '-1', +@@ -249,18 +245,22 @@ option('kvm-gid', type : 'integer', value : '-1', + description : 'soft-static allocation for the "kvm" group') + option('lp-gid', type : 'integer', value : '-1', + description : 'soft-static allocation for the "lp" group') ++option('optical-gid', type : 'integer', value : '-1', ++ description : 'soft-static allocation for the "optical" group') + option('render-gid', type : 'integer', value : '-1', + description : 'soft-static allocation for the "render" group') + option('sgx-gid', type : 'integer', value : '-1', + description : 'soft-static allocation for the "sgx" group') +-option('tape-gid', type : 'integer', value : '-1', +- description : 'soft-static allocation for the "tape" group') ++option('storage-gid', type : 'integer', value : '-1', ++ description : 'soft-static allocation for the "storage" group') + option('tty-gid', type : 'integer', value : 5, + description : 'the numeric GID of the "tty" group') + option('users-gid', type : 'integer', value : '-1', + description : 'soft-static allocation for the "users" group') + option('utmp-gid', type : 'integer', value : '-1', + description : 'soft-static allocation for the "utmp" group') ++option('uucp-gid', type : 'integer', value : '-1', ++ description : 'soft-static allocation for the "uucp" group') + option('video-gid', type : 'integer', value : '-1', + description : 'soft-static allocation for the "video" group') + option('wheel-gid', type : 'integer', value : '-1', diff --git a/rules.d/50-udev-default.rules.in b/rules.d/50-udev-default.rules.in -index edfa8bb107..35b8d4ba41 100644 +index 18a3cf46bf..f3c440fd89 100644 --- a/rules.d/50-udev-default.rules.in +++ b/rules.d/50-udev-default.rules.in @@ -22,7 +22,7 @@ SUBSYSTEM=="tty", KERNEL=="sclp_line[0-9]*", GROUP="tty", MODE="0620" @@ -27,7 +96,7 @@ index edfa8bb107..35b8d4ba41 100644 SUBSYSTEM=="mem", KERNEL=="mem|kmem|port", GROUP="kmem", MODE="0640" -@@ -62,13 +62,13 @@ KERNEL=="irlpt[0-9]*", GROUP="lp" +@@ -67,13 +67,13 @@ KERNEL=="irlpt[0-9]*", GROUP="lp" SUBSYSTEM=="usb", ENV{DEVTYPE}=="usb_device", ENV{ID_USB_INTERFACES}=="*:0701??:*", GROUP="lp" SUBSYSTEM=="block", GROUP="disk" @@ -48,25 +117,27 @@ index edfa8bb107..35b8d4ba41 100644 KERNEL=="qft[0-9]*|nqft[0-9]*|zqft[0-9]*|nzqft[0-9]*|rawqft[0-9]*|nrawqft[0-9]*", GROUP="disk" KERNEL=="loop-control", GROUP="disk", OPTIONS+="static_node=loop-control" diff --git a/sysusers.d/basic.conf.in b/sysusers.d/basic.conf.in -index 4be0bd869e..cc3721b58a 100644 +index 8cc1a7cad2..21bb6d8948 100644 --- a/sysusers.d/basic.conf.in +++ b/sysusers.d/basic.conf.in -@@ -24,15 +24,15 @@ g utmp - - - +@@ -22,17 +22,17 @@ g utmp {{UTMP_GID }} - - - # Hardware access groups - g audio - - - --g cdrom - - - --g dialout - - - - g disk - - - - g input - - - - g kvm - - - - g lp - - - -+g optical - - - - g render - - - - g sgx - - - --g tape - - - -+g storage - - - -+g uucp - - - - g video - - - + # Physical and virtual hardware access groups + g audio {{AUDIO_GID }} - - +-g cdrom {{CDROM_GID }} - - +-g dialout {{DIALOUT_GID}} - - + g disk {{DISK_GID }} - - + g input {{INPUT_GID }} - - + g kmem {{KMEM_GID }} - - + g kvm {{KVM_GID }} - - + g lp {{LP_GID }} - - ++g optical {{OPTICAL_GID}} - - + g render {{RENDER_GID }} - - + g sgx {{SGX_GID }} - - +-g tape {{TAPE_GID }} - - ++g storage {{STORAGE_GID}} - - + g tty {{TTY_GID }} - - ++g uucp {{UUCP_GID }} - - + g video {{VIDEO_GID }} - - # Default group for normal users @@ -10,21 +10,22 @@ pkgbase=systemd-selinux pkgname=('systemd-selinux' 'systemd-libs-selinux' 'systemd-resolvconf-selinux' 'systemd-sysvcompat-selinux') -_tag='fd9ad7d3bc35a3633b99edac14ff2a4fb10599b7' # git rev-parse v${_tag_name} -_tag_name=248.3 +_tag='b134c9cc4b02eddca2ea098324369018123fdf15' # git rev-parse v${_tag_name} +_tag_name=249 pkgver="${_tag_name/-/}" -pkgrel=2 +pkgrel=3 arch=('x86_64' 'aarch64') url='https://www.github.com/systemd/systemd' groups=('selinux') makedepends=('acl' 'cryptsetup' 'docbook-xsl' 'gperf' 'lz4' 'xz' 'pam-selinux' 'libelf' 'intltool' 'iptables' 'kmod' 'libcap' 'libidn2' 'libgcrypt' 'libmicrohttpd' 'libxcrypt' 'libxslt' 'util-linux' 'linux-api-headers' - 'python-lxml' 'quota-tools' 'shadow-selinux' 'gnu-efi-libs' 'git' + 'python-jinja' 'python-lxml' 'quota-tools' 'shadow-selinux' 'gnu-efi-libs' 'git' 'meson' 'libseccomp' 'pcre2' 'audit' 'kexec-tools' 'libxkbcommon' 'bash-completion' 'p11-kit' 'systemd' 'libfido2' 'tpm2-tss' 'rsync' 'libselinux') options=('strip') validpgpkeys=('63CDA1E5D3FC22B998D20DD6327F26951A015CC4' # Lennart Poettering <lennart@poettering.net> + 'A9EA9081724FFAE0484C35A1A81CEA22BC8C7E2E' # Luca Boccassi <luca.boccassi@gmail.com> '5C251B5FC54EB2F80F407AAAC54CA336CFEB557E') # Zbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl> source=("git+https://github.com/systemd/systemd-stable#tag=${_tag}?signed" "git+https://github.com/systemd/systemd#tag=v${_tag_name%.*}?signed" @@ -49,7 +50,7 @@ source=("git+https://github.com/systemd/systemd-stable#tag=${_tag}?signed" '30-systemd-update.hook') sha512sums=('SKIP' 'SKIP' - '882e486b6d88c8bafc50088845e41a49686e98981967f72ca1fb4ef07a01767400632f4b648fd31857d2a2a24a8fd65bcc2a8983284dd4fff2380732741d4c41' + '10f3b477527ec263cc6465c84d94416e356435930edc9e26844a0fd4f71e87a27fa0f91ce24b43a22cacdd2ead5e760e9d607369bc537a8da8d34021302a89a1' '34541f1967536524329867f9f341f8d9250d9d771c60dc3e6a22ccb82fc01f103cfd3f9903329777591ccbecd2446622a5d6b3804fa0411482b85c70593ee8ad' 'f0d933e8c6064ed830dec54049b0a01e27be87203208f6ae982f10fb4eddc7258cb2919d594cbfb9a33e74c3510cfd682f3416ba8e804387ab87d1a217eb4b73' 'f599e1a35cba2c4e83e37c2299fac23ae128d8f68081283e71e1729384975dee1c4b677787f31a17890aeb98c8d2fc90405a202644290708ef9c027315022b17' @@ -116,7 +117,9 @@ build() { ) local _meson_options=( - -Dversion-tag="${pkgver}-${pkgrel}-arch" + # internal version comparison is incompatible with pacman: + # 249~rc1 < 249 < 249.1 < 249rc + -Dversion-tag="${_tag_name/-/\~}-${pkgrel}-arch" -Dmode=release -Daudit=true @@ -144,6 +147,12 @@ build() { -Drpmmacrosdir=no -Dsysvinit-path= -Dsysvrcnd-path= + + -Dsbat-distro='arch' + -Dsbat-distro-summary='Arch Linux' + -Dsbat-distro-pkgname="${pkgname}" + -Dsbat-distro-version="${pkgver}" + -Dsbat-distro-url="https://aur.archlinux.org/packages/${pkgname}/" ) arch-meson "${pkgbase/-selinux}-stable" build "${_meson_options[@]}" diff --git a/systemd.install b/systemd.install index bbc7efd83606..cece9d2dea25 100644 --- a/systemd.install +++ b/systemd.install @@ -47,6 +47,10 @@ post_install() { post_upgrade() { post_common "$@" + if sd_booted; then + systemctl --system daemon-reexec + fi + local v upgrades=( 242.0-2 ) |