diff options
| author | tqre | 2021-04-02 11:58:37 +0300 |
|---|---|---|
| committer | tqre | 2021-04-02 11:58:37 +0300 |
| commit | 9eeb636bde8d972420daa792a3411a4bb940e5d8 (patch) | |
| tree | 30a9cda5df6c91f0291bb40e9768c2beda1d1bdf | |
| parent | e209a66c9f470effed93abf4837962dee261947b (diff) | |
| download | aur-9eeb636bde8d972420daa792a3411a4bb940e5d8.tar.gz | |
systemd-selinux 248-2 update
| -rw-r--r-- | .SRCINFO | 34 | ||||
| -rw-r--r-- | 0001-Use-Arch-Linux-device-access-groups.patch | 15 | ||||
| -rw-r--r-- | 0002-Disable-SYSTEMD_URLIFY-by-default.patch | 23 | ||||
| -rw-r--r-- | 0002-PR-18987-boot-Move-console-declarations-to-missing_efi.h.patch | 216 | ||||
| -rw-r--r-- | PKGBUILD | 51 | ||||
| -rw-r--r-- | initcpio-install-systemd | 12 |
6 files changed, 78 insertions, 273 deletions
@@ -1,5 +1,5 @@ pkgbase = systemd-selinux - pkgver = 247.4 + pkgver = 248 pkgrel = 2 url = https://www.github.com/systemd/systemd arch = x86_64 @@ -37,12 +37,14 @@ pkgbase = systemd-selinux makedepends = bash-completion makedepends = p11-kit makedepends = systemd + makedepends = libfido2 + makedepends = tpm2-tss makedepends = libselinux options = strip - source = git+https://github.com/systemd/systemd-stable#tag=f948f652768a5279087e13961ebb87f345626e2e?signed - source = git+https://github.com/systemd/systemd#tag=v247?signed + source = git+https://github.com/systemd/systemd-stable#tag=e13126bd95857eb9344e030edbb4c603aab63884?signed + source = git+https://github.com/systemd/systemd#tag=v248?signed source = 0001-Use-Arch-Linux-device-access-groups.patch - source = 0002-PR-18987-boot-Move-console-declarations-to-missing_efi.h.patch + source = 0002-Disable-SYSTEMD_URLIFY-by-default.patch source = initcpio-hook-udev source = initcpio-install-systemd source = initcpio-install-udev @@ -64,10 +66,10 @@ pkgbase = systemd-selinux validpgpkeys = 5C251B5FC54EB2F80F407AAAC54CA336CFEB557E sha512sums = SKIP sha512sums = SKIP - sha512sums = e38c7c422c82953f9c2476a5ab8009d614cbec839e4088bff5db7698ddc84e3d8ed64f32ed323f57b1913c5c9703546f794996cb415ed7cdda930b627962a3c4 - sha512sums = 235e7f48e7e76cfa87f5e31022df17a18600055ede0aa173e8274042ebac463e27a4693aba7aa0b48e774e01af34ad497cdbcfaed17e71c702e3ff41832ecabd + sha512sums = 882e486b6d88c8bafc50088845e41a49686e98981967f72ca1fb4ef07a01767400632f4b648fd31857d2a2a24a8fd65bcc2a8983284dd4fff2380732741d4c41 + sha512sums = 313f3d6cc3d88f718509007e029213a82d84b196afdadc6ef560580acf70ab480aaecd7622f51726cc1af7d7841c6ec5390f72890b055a54fc74722341395651 sha512sums = f0d933e8c6064ed830dec54049b0a01e27be87203208f6ae982f10fb4eddc7258cb2919d594cbfb9a33e74c3510cfd682f3416ba8e804387ab87d1a217eb4b73 - sha512sums = 8e76f8334b95ce7fee9190f4a1016b16109f3a75b68635fc227b2b4791cf8179ef09b532b66b4ed885ddf98ed76befed3106f3c3088f1819ed8cdf4c13e0805a + sha512sums = 1c8bdc6ecc3b755b0258faf4cbfac1b5bc25dbcd88c68cbb2ef1c41842ed349cdce84ce3f6f537845e49fab02cb5282504e1f97aa73c163fbc78997f9f00fc61 sha512sums = a25b28af2e8c516c3a2eec4e64b8c7f70c21f974af4a955a4a9d45fd3e3ff0d2a98b4419fe425d47152d5acae77d64e69d8d014a7209524b75a81b0edb10bf3a sha512sums = 61032d29241b74a0f28446f8cf1be0e8ec46d0847a61dadb2a4f096e8686d5f57fe5c72bcf386003f6520bc4b5856c32d63bf3efe7eb0bc0deefc9f68159e648 sha512sums = c416e2121df83067376bcaacb58c05b01990f4614ad9de657d74b6da3efa441af251d13bf21e3f0f71ddcb4c9ea658b81da3d915667dc5c309c87ec32a1cb5a5 @@ -127,10 +129,12 @@ pkgname = systemd-selinux optdepends = systemd-sysvcompat: symlink package to provide sysvinit binaries optdepends = polkit: allow administration as unprivileged user optdepends = curl: machinectl pull-tar and pull-raw + optdepends = libfido2: unlocking LUKS2 volumes + optdepends = tpm2-tss: unlocking LUKS2 volumes provides = nss-myhostname - provides = systemd-tools=247.4 - provides = udev=247.4 - provides = systemd=247.4-2 + provides = systemd-tools=248 + provides = udev=248 + provides = systemd=248-2 conflicts = nss-myhostname conflicts = systemd-tools conflicts = udev @@ -166,7 +170,7 @@ pkgname = systemd-libs-selinux provides = libsystemd.so provides = libudev.so provides = libsystemd-selinux - provides = systemd-libs=247.4-2 + provides = systemd-libs=248-2 conflicts = libsystemd conflicts = libsystemd-selinux conflicts = systemd-libs @@ -178,16 +182,16 @@ pkgname = systemd-resolvconf-selinux depends = systemd-selinux provides = openresolv provides = resolvconf - provides = systemd-resolvconf=247.4-2 + provides = systemd-resolvconf=248-2 conflicts = openresolv - conflicts = systemd-resolvconf=247.4-2 + conflicts = systemd-resolvconf=248-2 pkgname = systemd-sysvcompat-selinux pkgdesc = sysvinit compat for systemd with SELinux support license = GPL2 depends = systemd-selinux - provides = systemd-sysvcompat=247.4-2 - provides = selinux-systemd-sysvcompat=247.4-2 + provides = systemd-sysvcompat=248-2 + provides = selinux-systemd-sysvcompat=248-2 conflicts = sysvinit conflicts = systemd-sysvcompat conflicts = selinux-systemd-sysvcompat diff --git a/0001-Use-Arch-Linux-device-access-groups.patch b/0001-Use-Arch-Linux-device-access-groups.patch index ccc9ad2ade00..3abb448bfe92 100644 --- a/0001-Use-Arch-Linux-device-access-groups.patch +++ b/0001-Use-Arch-Linux-device-access-groups.patch @@ -1,17 +1,21 @@ +From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 From: "Jan Alexander Steffens (heftig)" <jan.steffens@gmail.com> Date: Tue, 6 Mar 2018 23:39:47 +0100 Subject: [PATCH] Use Arch Linux' device access groups +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit cdrom → optical dialout → uucp tape → storage --- rules.d/50-udev-default.rules.in | 14 +++++++------- - sysusers.d/basic.conf.in | 6 +++--- + sysusers.d/basic.conf.in | 6 +++--- 2 files changed, 10 insertions(+), 10 deletions(-) diff --git a/rules.d/50-udev-default.rules.in b/rules.d/50-udev-default.rules.in -index 191f56f42..f81c4d0fc 100644 +index edfa8bb107..35b8d4ba41 100644 --- a/rules.d/50-udev-default.rules.in +++ b/rules.d/50-udev-default.rules.in @@ -22,7 +22,7 @@ SUBSYSTEM=="tty", KERNEL=="sclp_line[0-9]*", GROUP="tty", MODE="0620" @@ -23,7 +27,7 @@ index 191f56f42..f81c4d0fc 100644 SUBSYSTEM=="mem", KERNEL=="mem|kmem|port", GROUP="kmem", MODE="0640" -@@ -57,13 +57,13 @@ KERNEL=="irlpt[0-9]*", GROUP="lp" +@@ -62,13 +62,13 @@ KERNEL=="irlpt[0-9]*", GROUP="lp" SUBSYSTEM=="usb", ENV{DEVTYPE}=="usb_device", ENV{ID_USB_INTERFACES}=="*:0701??:*", GROUP="lp" SUBSYSTEM=="block", GROUP="disk" @@ -44,10 +48,10 @@ index 191f56f42..f81c4d0fc 100644 KERNEL=="qft[0-9]*|nqft[0-9]*|zqft[0-9]*|nzqft[0-9]*|rawqft[0-9]*|nrawqft[0-9]*", GROUP="disk" KERNEL=="loop-control", GROUP="disk", OPTIONS+="static_node=loop-control" diff --git a/sysusers.d/basic.conf.in b/sysusers.d/basic.conf.in -index 8e358c02d..33e513a36 100644 +index 4be0bd869e..cc3721b58a 100644 --- a/sysusers.d/basic.conf.in +++ b/sysusers.d/basic.conf.in -@@ -24,14 +24,14 @@ g utmp - - - +@@ -24,15 +24,15 @@ g utmp - - - # Hardware access groups g audio - - - @@ -59,6 +63,7 @@ index 8e358c02d..33e513a36 100644 g lp - - - +g optical - - - g render - - - + g sgx - - - -g tape - - - +g storage - - - +g uucp - - - diff --git a/0002-Disable-SYSTEMD_URLIFY-by-default.patch b/0002-Disable-SYSTEMD_URLIFY-by-default.patch new file mode 100644 index 000000000000..b2f04ee7a6a2 --- /dev/null +++ b/0002-Disable-SYSTEMD_URLIFY-by-default.patch @@ -0,0 +1,23 @@ +From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 +From: "Jan Alexander Steffens (heftig)" <jan.steffens@gmail.com> +Date: Mon, 29 Mar 2021 00:12:34 +0000 +Subject: [PATCH] Disable SYSTEMD_URLIFY by default + +Until https://github.com/gwsw/less/issues/140 is fixed. +--- + src/shared/pretty-print.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/src/shared/pretty-print.c b/src/shared/pretty-print.c +index 0f02f32760..1d0f9901dd 100644 +--- a/src/shared/pretty-print.c ++++ b/src/shared/pretty-print.c +@@ -28,7 +28,7 @@ bool urlify_enabled(void) { + if (val >= 0) + cached_urlify_enabled = val; + else +- cached_urlify_enabled = colors_enabled(); ++ cached_urlify_enabled = 0; + } + + return cached_urlify_enabled; diff --git a/0002-PR-18987-boot-Move-console-declarations-to-missing_efi.h.patch b/0002-PR-18987-boot-Move-console-declarations-to-missing_efi.h.patch deleted file mode 100644 index 6d2810500338..000000000000 --- a/0002-PR-18987-boot-Move-console-declarations-to-missing_efi.h.patch +++ /dev/null @@ -1,216 +0,0 @@ -From 7d2ebb6f85cdeb0c4ddcdf08004f0547cad5cfe9 Mon Sep 17 00:00:00 2001 -From: Daan De Meyer <daan.j.demeyer@gmail.com> -Date: Sat, 30 Jan 2021 23:10:13 +0000 -Subject: [PATCH] boot: Turn all guid constants into C99 compound initializers - -Avoids having to use the address operator all the time and -avoids having to cast or do other unintuitive stuff. - -[ Patch truncated to backport changes to src/boot/efi/console.c only] - -diff --git a/src/boot/efi/console.c b/src/boot/efi/console.c -index 2dd4543d515..e3de27fee5c 100644 ---- a/src/boot/efi/console.c -+++ b/src/boot/efi/console.c -@@ -9,8 +9,8 @@ - #define SYSTEM_FONT_WIDTH 8 - #define SYSTEM_FONT_HEIGHT 19 - --#define EFI_SIMPLE_TEXT_INPUT_EX_PROTOCOL_GUID \ -- { 0xdd9e7534, 0x7762, 0x4698, { 0x8c, 0x14, 0xf5, 0x85, 0x17, 0xa6, 0x25, 0xaa } } -+#define EFI_SIMPLE_TEXT_INPUT_EX_GUID \ -+ &(EFI_GUID) { 0xdd9e7534, 0x7762, 0x4698, { 0x8c, 0x14, 0xf5, 0x85, 0x17, 0xa6, 0x25, 0xaa } } - - struct _EFI_SIMPLE_TEXT_INPUT_EX_PROTOCOL; - -@@ -67,7 +67,6 @@ typedef struct _EFI_SIMPLE_TEXT_INPUT_EX_PROTOCOL { - } EFI_SIMPLE_TEXT_INPUT_EX_PROTOCOL; - - EFI_STATUS console_key_read(UINT64 *key, BOOLEAN wait) { -- EFI_GUID EfiSimpleTextInputExProtocolGuid = EFI_SIMPLE_TEXT_INPUT_EX_PROTOCOL_GUID; - static EFI_SIMPLE_TEXT_INPUT_EX_PROTOCOL *TextInputEx; - static BOOLEAN checked; - UINTN index; -@@ -75,7 +74,7 @@ EFI_STATUS console_key_read(UINT64 *key, BOOLEAN wait) { - EFI_STATUS err; - - if (!checked) { -- err = LibLocateProtocol(&EfiSimpleTextInputExProtocolGuid, (VOID **)&TextInputEx); -+ err = LibLocateProtocol(EFI_SIMPLE_TEXT_INPUT_EX_GUID, (VOID **)&TextInputEx); - if (EFI_ERROR(err)) - TextInputEx = NULL; - -From 252bcf48f31c1ea7aa8dfbd51a353e2a1eddc94c Mon Sep 17 00:00:00 2001 -From: Daan De Meyer <daan.j.demeyer@gmail.com> -Date: Fri, 12 Mar 2021 22:09:44 +0000 -Subject: [PATCH] boot: Move console declarations to missing_efi.h - -These were added to eficonex.h in gnu-efi 3.0.13. Let's move them -to missing_efi.h behind an appropriate guard to fix the build with -recent versions of gnu-efi. ---- - src/boot/efi/console.c | 57 +------------------------------- - src/boot/efi/console.h | 6 +--- - src/boot/efi/missing_efi.h | 67 ++++++++++++++++++++++++++++++++++++++ - 3 files changed, 69 insertions(+), 61 deletions(-) - -diff --git a/src/boot/efi/console.c b/src/boot/efi/console.c -index e3de27fee5c..83619d2147f 100644 ---- a/src/boot/efi/console.c -+++ b/src/boot/efi/console.c -@@ -9,62 +9,7 @@ - #define SYSTEM_FONT_WIDTH 8 - #define SYSTEM_FONT_HEIGHT 19 - --#define EFI_SIMPLE_TEXT_INPUT_EX_GUID \ -- &(EFI_GUID) { 0xdd9e7534, 0x7762, 0x4698, { 0x8c, 0x14, 0xf5, 0x85, 0x17, 0xa6, 0x25, 0xaa } } -- --struct _EFI_SIMPLE_TEXT_INPUT_EX_PROTOCOL; -- --typedef EFI_STATUS (EFIAPI *EFI_INPUT_RESET_EX)( -- struct _EFI_SIMPLE_TEXT_INPUT_EX_PROTOCOL *This, -- BOOLEAN ExtendedVerification --); -- --typedef UINT8 EFI_KEY_TOGGLE_STATE; -- --typedef struct { -- UINT32 KeyShiftState; -- EFI_KEY_TOGGLE_STATE KeyToggleState; --} EFI_KEY_STATE; -- --typedef struct { -- EFI_INPUT_KEY Key; -- EFI_KEY_STATE KeyState; --} EFI_KEY_DATA; -- --typedef EFI_STATUS (EFIAPI *EFI_INPUT_READ_KEY_EX)( -- struct _EFI_SIMPLE_TEXT_INPUT_EX_PROTOCOL *This, -- EFI_KEY_DATA *KeyData --); -- --typedef EFI_STATUS (EFIAPI *EFI_SET_STATE)( -- struct _EFI_SIMPLE_TEXT_INPUT_EX_PROTOCOL *This, -- EFI_KEY_TOGGLE_STATE *KeyToggleState --); -- --typedef EFI_STATUS (EFIAPI *EFI_KEY_NOTIFY_FUNCTION)( -- EFI_KEY_DATA *KeyData --); -- --typedef EFI_STATUS (EFIAPI *EFI_REGISTER_KEYSTROKE_NOTIFY)( -- struct _EFI_SIMPLE_TEXT_INPUT_EX_PROTOCOL *This, -- EFI_KEY_DATA KeyData, -- EFI_KEY_NOTIFY_FUNCTION KeyNotificationFunction, -- VOID **NotifyHandle --); -- --typedef EFI_STATUS (EFIAPI *EFI_UNREGISTER_KEYSTROKE_NOTIFY)( -- struct _EFI_SIMPLE_TEXT_INPUT_EX_PROTOCOL *This, -- VOID *NotificationHandle --); -- --typedef struct _EFI_SIMPLE_TEXT_INPUT_EX_PROTOCOL { -- EFI_INPUT_RESET_EX Reset; -- EFI_INPUT_READ_KEY_EX ReadKeyStrokeEx; -- EFI_EVENT WaitForKeyEx; -- EFI_SET_STATE SetState; -- EFI_REGISTER_KEYSTROKE_NOTIFY RegisterKeyNotify; -- EFI_UNREGISTER_KEYSTROKE_NOTIFY UnregisterKeyNotify; --} EFI_SIMPLE_TEXT_INPUT_EX_PROTOCOL; -+#define EFI_SIMPLE_TEXT_INPUT_EX_GUID &(EFI_GUID) EFI_SIMPLE_TEXT_INPUT_EX_PROTOCOL_GUID - - EFI_STATUS console_key_read(UINT64 *key, BOOLEAN wait) { - static EFI_SIMPLE_TEXT_INPUT_EX_PROTOCOL *TextInputEx; -diff --git a/src/boot/efi/console.h b/src/boot/efi/console.h -index 41df3a406e0..2c69af552a6 100644 ---- a/src/boot/efi/console.h -+++ b/src/boot/efi/console.h -@@ -1,11 +1,7 @@ - /* SPDX-License-Identifier: LGPL-2.1-or-later */ - #pragma once - --#define EFI_SHIFT_STATE_VALID 0x80000000 --#define EFI_RIGHT_CONTROL_PRESSED 0x00000004 --#define EFI_LEFT_CONTROL_PRESSED 0x00000008 --#define EFI_RIGHT_ALT_PRESSED 0x00000010 --#define EFI_LEFT_ALT_PRESSED 0x00000020 -+#include "missing_efi.h" - - #define EFI_CONTROL_PRESSED (EFI_RIGHT_CONTROL_PRESSED|EFI_LEFT_CONTROL_PRESSED) - #define EFI_ALT_PRESSED (EFI_RIGHT_ALT_PRESSED|EFI_LEFT_ALT_PRESSED) -diff --git a/src/boot/efi/missing_efi.h b/src/boot/efi/missing_efi.h -index 1b838af2a4e..b983931348b 100644 ---- a/src/boot/efi/missing_efi.h -+++ b/src/boot/efi/missing_efi.h -@@ -53,3 +53,70 @@ typedef struct _EFI_RNG_PROTOCOL { - } EFI_RNG_PROTOCOL; - - #endif -+ -+#ifndef EFI_SIMPLE_TEXT_INPUT_EX_PROTOCOL_GUID -+ -+#define EFI_SIMPLE_TEXT_INPUT_EX_PROTOCOL_GUID \ -+ { 0xdd9e7534, 0x7762, 0x4698, {0x8c, 0x14, 0xf5, 0x85, 0x17, 0xa6, 0x25, 0xaa} } -+ -+#define EFI_SHIFT_STATE_VALID 0x80000000 -+#define EFI_RIGHT_CONTROL_PRESSED 0x00000004 -+#define EFI_LEFT_CONTROL_PRESSED 0x00000008 -+#define EFI_RIGHT_ALT_PRESSED 0x00000010 -+#define EFI_LEFT_ALT_PRESSED 0x00000020 -+ -+struct _EFI_SIMPLE_TEXT_INPUT_EX_PROTOCOL; -+ -+typedef EFI_STATUS (EFIAPI *EFI_INPUT_RESET_EX)( -+ struct _EFI_SIMPLE_TEXT_INPUT_EX_PROTOCOL *This, -+ BOOLEAN ExtendedVerification -+); -+ -+typedef UINT8 EFI_KEY_TOGGLE_STATE; -+ -+typedef struct { -+ UINT32 KeyShiftState; -+ EFI_KEY_TOGGLE_STATE KeyToggleState; -+} EFI_KEY_STATE; -+ -+typedef struct { -+ EFI_INPUT_KEY Key; -+ EFI_KEY_STATE KeyState; -+} EFI_KEY_DATA; -+ -+typedef EFI_STATUS (EFIAPI *EFI_INPUT_READ_KEY_EX)( -+ struct _EFI_SIMPLE_TEXT_INPUT_EX_PROTOCOL *This, -+ EFI_KEY_DATA *KeyData -+); -+ -+typedef EFI_STATUS (EFIAPI *EFI_SET_STATE)( -+ struct _EFI_SIMPLE_TEXT_INPUT_EX_PROTOCOL *This, -+ EFI_KEY_TOGGLE_STATE *KeyToggleState -+); -+ -+typedef EFI_STATUS (EFIAPI *EFI_KEY_NOTIFY_FUNCTION)( -+ EFI_KEY_DATA *KeyData -+); -+ -+typedef EFI_STATUS (EFIAPI *EFI_REGISTER_KEYSTROKE_NOTIFY)( -+ struct _EFI_SIMPLE_TEXT_INPUT_EX_PROTOCOL *This, -+ EFI_KEY_DATA KeyData, -+ EFI_KEY_NOTIFY_FUNCTION KeyNotificationFunction, -+ VOID **NotifyHandle -+); -+ -+typedef EFI_STATUS (EFIAPI *EFI_UNREGISTER_KEYSTROKE_NOTIFY)( -+ struct _EFI_SIMPLE_TEXT_INPUT_EX_PROTOCOL *This, -+ VOID *NotificationHandle -+); -+ -+typedef struct _EFI_SIMPLE_TEXT_INPUT_EX_PROTOCOL { -+ EFI_INPUT_RESET_EX Reset; -+ EFI_INPUT_READ_KEY_EX ReadKeyStrokeEx; -+ EFI_EVENT WaitForKeyEx; -+ EFI_SET_STATE SetState; -+ EFI_REGISTER_KEYSTROKE_NOTIFY RegisterKeyNotify; -+ EFI_UNREGISTER_KEYSTROKE_NOTIFY UnregisterKeyNotify; -+} EFI_SIMPLE_TEXT_INPUT_EX_PROTOCOL; -+ -+#endif @@ -10,8 +10,8 @@ pkgbase=systemd-selinux pkgname=('systemd-selinux' 'systemd-libs-selinux' 'systemd-resolvconf-selinux' 'systemd-sysvcompat-selinux') -_tag='f948f652768a5279087e13961ebb87f345626e2e' # git rev-parse v${pkgver} -pkgver=247.4 +_tag='e13126bd95857eb9344e030edbb4c603aab63884' # git rev-parse v${_tag_name} +pkgver=248 pkgrel=2 arch=('x86_64') url='https://www.github.com/systemd/systemd' @@ -21,24 +21,14 @@ makedepends=('acl' 'cryptsetup' 'docbook-xsl' 'gperf' 'lz4' 'xz' 'pam-selinux' ' 'libmicrohttpd' 'libxcrypt' 'libxslt' 'util-linux' 'linux-api-headers' 'python-lxml' 'quota-tools' 'shadow-selinux' 'gnu-efi-libs' 'git' 'meson' 'libseccomp' 'pcre2' 'audit' 'kexec-tools' 'libxkbcommon' - 'bash-completion' 'p11-kit' 'systemd' 'libselinux') + 'bash-completion' 'p11-kit' 'systemd' 'libfido2' 'tpm2-tss' 'libselinux') options=('strip') validpgpkeys=('63CDA1E5D3FC22B998D20DD6327F26951A015CC4' # Lennart Poettering <lennart@poettering.net> '5C251B5FC54EB2F80F407AAAC54CA336CFEB557E') # Zbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl> -# Retrieve the splash-arch.bmp image from systemd package sources, as this -# file is too big to fit in the AUR. -# -# systemd 238.0-2 removed the ".git" from the Github URLs -# (cf. https://git.archlinux.org/svntogit/packages.git/commit/trunk?h=packages/systemd&id=fa248b709cd106bf65b42f3e93e68decc811e163 -# or https://github.com/archlinux/svntogit-packages/commit/fa248b709cd106bf65b42f3e93e68decc811e163 ) -# When updating, if makepkg reports "systemd-stable is not a clone of https://github.com/systemd/systemd-stable", -# you need to update the remotes of the git repositories, for example with the following commands: -# git -C systemd-stable remote set-url origin https://github.com/systemd/systemd-stable -# git -C systemd remote set-url origin https://github.com/systemd/systemd source=("git+https://github.com/systemd/systemd-stable#tag=${_tag}?signed" "git+https://github.com/systemd/systemd#tag=v${pkgver%.*}?signed" '0001-Use-Arch-Linux-device-access-groups.patch' - '0002-PR-18987-boot-Move-console-declarations-to-missing_efi.h.patch' + '0002-Disable-SYSTEMD_URLIFY-by-default.patch' 'initcpio-hook-udev' 'initcpio-install-systemd' 'initcpio-install-udev' @@ -58,10 +48,10 @@ source=("git+https://github.com/systemd/systemd-stable#tag=${_tag}?signed" '30-systemd-update.hook') sha512sums=('SKIP' 'SKIP' - 'e38c7c422c82953f9c2476a5ab8009d614cbec839e4088bff5db7698ddc84e3d8ed64f32ed323f57b1913c5c9703546f794996cb415ed7cdda930b627962a3c4' - '235e7f48e7e76cfa87f5e31022df17a18600055ede0aa173e8274042ebac463e27a4693aba7aa0b48e774e01af34ad497cdbcfaed17e71c702e3ff41832ecabd' + '882e486b6d88c8bafc50088845e41a49686e98981967f72ca1fb4ef07a01767400632f4b648fd31857d2a2a24a8fd65bcc2a8983284dd4fff2380732741d4c41' + '313f3d6cc3d88f718509007e029213a82d84b196afdadc6ef560580acf70ab480aaecd7622f51726cc1af7d7841c6ec5390f72890b055a54fc74722341395651' 'f0d933e8c6064ed830dec54049b0a01e27be87203208f6ae982f10fb4eddc7258cb2919d594cbfb9a33e74c3510cfd682f3416ba8e804387ab87d1a217eb4b73' - '8e76f8334b95ce7fee9190f4a1016b16109f3a75b68635fc227b2b4791cf8179ef09b532b66b4ed885ddf98ed76befed3106f3c3088f1819ed8cdf4c13e0805a' + '1c8bdc6ecc3b755b0258faf4cbfac1b5bc25dbcd88c68cbb2ef1c41842ed349cdce84ce3f6f537845e49fab02cb5282504e1f97aa73c163fbc78997f9f00fc61' 'a25b28af2e8c516c3a2eec4e64b8c7f70c21f974af4a955a4a9d45fd3e3ff0d2a98b4419fe425d47152d5acae77d64e69d8d014a7209524b75a81b0edb10bf3a' '61032d29241b74a0f28446f8cf1be0e8ec46d0847a61dadb2a4f096e8686d5f57fe5c72bcf386003f6520bc4b5856c32d63bf3efe7eb0bc0deefc9f68159e648' 'c416e2121df83067376bcaacb58c05b01990f4614ad9de657d74b6da3efa441af251d13bf21e3f0f71ddcb4c9ea658b81da3d915667dc5c309c87ec32a1cb5a5' @@ -82,8 +72,6 @@ _backports=( ) _reverts=( - # resolved: gracefully handle with packets with too large RR count - 'fdfffdaf20a18a50c9a6d858359cf4af6d2f4c8b' ) prepare() { @@ -105,9 +93,8 @@ prepare() { # Replace cdrom/dialout/tape groups with optical/uucp/storage patch -Np1 -i ../0001-Use-Arch-Linux-device-access-groups.patch - # Fix build with gnu-efi 3.0.13 - # https://github.com/systemd/systemd/pull/18987 - patch -Np1 -i ../0002-PR-18987-boot-Move-console-declarations-to-missing_efi.h.patch + # https://github.com/gwsw/less/issues/140 + patch -Np1 -i ../0002-Disable-SYSTEMD_URLIFY-by-default.patch } build() { @@ -143,9 +130,10 @@ build() { -Ddbuspolicydir=/usr/share/dbus-1/system.d -Ddefault-dnssec=no - -Ddefault-hierarchy=hybrid + -Ddefault-hierarchy=unified -Ddefault-kill-user-processes=false -Ddefault-locale=C + -Dlocalegen-path=/usr/bin/locale-gen -Ddns-over-tls=openssl -Dfallback-hostname='archlinux' -Dnologin-path=/usr/bin/nologin @@ -156,19 +144,6 @@ build() { -Dsysvrcnd-path= ) - # meson needs a UTF-8 locale. Otherwise it displays the following error message: - # WARNING: You are using 'ANSI_X3.4-1968' which is not a a Unicode-compatible locale. - # WARNING: You might see errors if you use UTF-8 strings as filenames, as strings, or as file contents. - # WARNING: Please switch to a UTF-8 locale for your platform. - # c.f. https://github.com/mesonbuild/meson/blob/0.42.0/meson.py#L21 - if ! (echo "$LANG" | grep -i '\.utf-\?8' > /dev/null) ; then - export LANG="$(locale -a | grep -i '\.utf-\?8' | head -n1)" - if [ -z "$LANG" ] ; then - echo >&2 "Unable to find a UTF-8 locale on the system" - return 1 - fi - fi - arch-meson "${pkgbase/-selinux}-stable" build "${_meson_options[@]}" ninja -C build @@ -195,7 +170,9 @@ package_systemd-selinux() { 'quota-tools: kernel-level quota management' 'systemd-sysvcompat: symlink package to provide sysvinit binaries' 'polkit: allow administration as unprivileged user' - 'curl: machinectl pull-tar and pull-raw') + 'curl: machinectl pull-tar and pull-raw' + 'libfido2: unlocking LUKS2 volumes' + 'tpm2-tss: unlocking LUKS2 volumes') backup=(etc/pam.d/systemd-user etc/systemd/coredump.conf etc/systemd/homed.conf diff --git a/initcpio-install-systemd b/initcpio-install-systemd index 18846528cecc..c5b82b17d00b 100644 --- a/initcpio-install-systemd +++ b/initcpio-install-systemd @@ -125,6 +125,7 @@ build() { # udev rules and systemd units map add_udev_rule "$rules" \ 50-udev-default.rules \ + 60-fido-id.rules \ 60-persistent-storage.rules \ 64-btrfs.rules \ 80-drivers.rules \ @@ -163,6 +164,17 @@ build() { rescue.target \ emergency.target + # add libraries dlopen()ed by systemd and its tools + for LIB in fido2 tss2-{{esys,rc,mu},tcti-'*'}; do + for FILE in $(find /usr/lib/ -maxdepth 1 -name "lib${LIB}.so*"); do + if [[ -L "${FILE}" ]]; then + add_symlink "${FILE}" + else + add_binary "${FILE}" + fi + done + done + add_symlink "/usr/lib/systemd/system/default.target" "initrd.target" add_symlink "/usr/lib/systemd/system/ctrl-alt-del.target" "reboot.target" |