-DIST systemd-242.tar.gz 7831435 BLAKE2B 288e65d0a8e133ef5885689eb16118a83d93c730e342da63115cea0892fc999104c3a4856c83f3e7ef909ba2f3311146730b05ee02d84cc0400851ccbdcd54cd SHA512 578f68a3c8f2d454198fc04ff8d943abcfb390531d57f9603d185857f7afa7f4dc641dafecf49ce50fe22f5837b252b181400891e8efd4459fd4f69bb4283cb4
DIST systemd-243.tar.gz 8242522 BLAKE2B 89e3ebbea5a99061329f7c78220a66c1e075d5ba90dfdf5ee8d0d9b762ef4600dc82d8ca2054632e5e343b6272cd8046c92f7f99dcfa8287c5ef2b42fb96d4cb SHA512 56b52a297aa5ac04d9667eb3afb1598725b197de73ff72baa1aabbc2844e36fba7b7fccdf6d214ae8b5b926616b2b7e15772763aaa80ec938d74333ff9c8673e
DIST systemd-244.tar.gz 8445963 BLAKE2B 19751fb9c058a079694ee1b991259fd3f1fa30ae98ca38bbe8caadfc5628db7848c7f742a1b11781fbd67f911adda917d7a4da1dddb63064907f86f47e5a3256 SHA512 08f260fb15b5eb273faafda826dd9154e9a02841b4c5911cc1c7e1445072ad51389f8cced7b9acf112737c20fd56b2fbf48b3f914733c934c774d38a23b616fb
+++ /dev/null
-From 6e2f78948403a4cce45b9e34311c9577c624f066 Mon Sep 17 00:00:00 2001
-From: Lennart Poettering <lennart@poettering.net>
-Date: Mon, 17 Jun 2019 10:51:25 +0200
-Subject: [PATCH] core: set fs.file-max sysctl to LONG_MAX rather than
- ULONG_MAX
-
-Since kernel 5.2 the kernel thankfully returns proper errors when we
-write a value out of range to the sysctl. Which however breaks writing
-ULONG_MAX to request the maximum value. Hence let's write the new
-maximum value instead, LONG_MAX.
----
- src/core/main.c | 6 +++---
- 1 file changed, 3 insertions(+), 3 deletions(-)
-
-diff --git a/src/core/main.c b/src/core/main.c
-index b33ea1b5b52..e7f51815f07 100644
---- a/src/core/main.c
-+++ b/src/core/main.c
-@@ -1245,9 +1245,9 @@ static void bump_file_max_and_nr_open(void) {
- #endif
-
- #if BUMP_PROC_SYS_FS_FILE_MAX
-- /* I so wanted to use STRINGIFY(ULONG_MAX) here, but alas we can't as glibc/gcc define that as
-- * "(0x7fffffffffffffffL * 2UL + 1UL)". Seriously. 😢 */
-- if (asprintf(&t, "%lu\n", ULONG_MAX) < 0) {
-+ /* The maximum the kernel allows for this since 5.2 is LONG_MAX, use that. (Previously thing where
-+ * different but the operation would fail silently.) */
-+ if (asprintf(&t, "%li\n", LONG_MAX) < 0) {
- log_oom();
- return;
- }
+++ /dev/null
-From c98b3545008d8e984ab456dcf79787418fcbfe13 Mon Sep 17 00:00:00 2001
-From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= <zbyszek@in.waw.pl>
-Date: Tue, 7 May 2019 13:46:55 +0200
-Subject: [PATCH] network: remove redunant link name in message
-
-Fixes #12454.
-
-gcc was complaining that the link->ifname argument is NULL. Adding
-assert(link->ifname) right before the call has no effect. It seems that
-gcc is confused by the fact that log_link_warning_errno() internally
-calls log_object(), with link->ifname passed as the object. log_object()
-is also a macro and is does a check whether the passed object is NULL.
-So we have a check if something is NULL right next an unconditional use
-of it where it cannot be NULL. I think it's a bug in gcc.
-
-Anyway, we don't need to use link->ifname here. log_object() already prepends
-the object name to the message.
----
- src/network/networkd-link.c | 3 +--
- 1 file changed, 1 insertion(+), 2 deletions(-)
-
-diff --git a/src/network/networkd-link.c b/src/network/networkd-link.c
-index 533193ac932..6fc82940033 100644
---- a/src/network/networkd-link.c
-+++ b/src/network/networkd-link.c
-@@ -338,8 +338,7 @@ static int link_enable_ipv6(Link *link) {
-
- r = sysctl_write_ip_property_boolean(AF_INET6, link->ifname, "disable_ipv6", disabled);
- if (r < 0)
-- log_link_warning_errno(link, r, "Cannot %s IPv6 for interface %s: %m",
-- enable_disable(!disabled), link->ifname);
-+ log_link_warning_errno(link, r, "Cannot %s IPv6: %m", enable_disable(!disabled));
- else
- log_link_info(link, "IPv6 successfully %sd", enable_disable(!disabled));
-
-From bcb846f30f9ca8f42e79d109706aee9f2032261b Mon Sep 17 00:00:00 2001
-From: Mike Gilbert <floppym@gentoo.org>
-Date: Wed, 22 May 2019 10:31:01 -0400
-Subject: [PATCH] shared/machine-image: avoid passing NULL to log_debug_errno
-
-Fixes: https://github.com/systemd/systemd/issues/12534
----
- src/shared/machine-image.c | 11 ++++++++---
- 1 file changed, 8 insertions(+), 3 deletions(-)
-
-diff --git a/src/shared/machine-image.c b/src/shared/machine-image.c
-index 6b9d8fb97a6..6a6d952b424 100644
---- a/src/shared/machine-image.c
-+++ b/src/shared/machine-image.c
-@@ -201,11 +201,13 @@ static int image_make(
- Image **ret) {
-
- _cleanup_free_ char *pretty_buffer = NULL;
-+ _cleanup_free_ char *cwd = NULL;
- struct stat stbuf;
- bool read_only;
- int r;
-
- assert(dfd >= 0 || dfd == AT_FDCWD);
-+ assert(path || dfd == AT_FDCWD);
- assert(filename);
-
- /* We explicitly *do* follow symlinks here, since we want to allow symlinking trees, raw files and block
-@@ -221,6 +223,9 @@ static int image_make(
- st = &stbuf;
- }
-
-+ if (!path)
-+ safe_getcwd(&cwd);
-+
- read_only =
- (path && path_startswith(path, "/usr")) ||
- (faccessat(dfd, filename, W_OK, AT_EACCESS) < 0 && errno == EROFS);
-@@ -359,7 +364,7 @@ static int image_make(
-
- block_fd = openat(dfd, filename, O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_NOCTTY);
- if (block_fd < 0)
-- log_debug_errno(errno, "Failed to open block device %s/%s, ignoring: %m", path, filename);
-+ log_debug_errno(errno, "Failed to open block device %s/%s, ignoring: %m", path ?: strnull(cwd), filename);
- else {
- /* Refresh stat data after opening the node */
- if (fstat(block_fd, &stbuf) < 0)
-@@ -373,13 +378,13 @@ static int image_make(
- int state = 0;
-
- if (ioctl(block_fd, BLKROGET, &state) < 0)
-- log_debug_errno(errno, "Failed to issue BLKROGET on device %s/%s, ignoring: %m", path, filename);
-+ log_debug_errno(errno, "Failed to issue BLKROGET on device %s/%s, ignoring: %m", path ?: strnull(cwd), filename);
- else if (state)
- read_only = true;
- }
-
- if (ioctl(block_fd, BLKGETSIZE64, &size) < 0)
-- log_debug_errno(errno, "Failed to issue BLKGETSIZE64 on device %s/%s, ignoring: %m", path, filename);
-+ log_debug_errno(errno, "Failed to issue BLKGETSIZE64 on device %s/%s, ignoring: %m", path ?: strnull(cwd), filename);
-
- block_fd = safe_close(block_fd);
- }
-From 2570578d908a8e010828fa1f88826b1c45d534ff Mon Sep 17 00:00:00 2001
-From: Lennart Poettering <lennart@poettering.net>
-Date: Fri, 24 May 2019 10:54:09 +0200
-Subject: [PATCH] machine-image: openat() doesn't operate on the cwd if the
- first argument is specified
-
-A fix-up for bcb846f30f9ca8f42e79d109706aee9f2032261b.
----
- src/shared/machine-image.c | 17 ++++++++++-------
- 1 file changed, 10 insertions(+), 7 deletions(-)
-
-diff --git a/src/shared/machine-image.c b/src/shared/machine-image.c
-index 6a6d952b424..55e5f08f91e 100644
---- a/src/shared/machine-image.c
-+++ b/src/shared/machine-image.c
-@@ -200,8 +200,7 @@ static int image_make(
- const struct stat *st,
- Image **ret) {
-
-- _cleanup_free_ char *pretty_buffer = NULL;
-- _cleanup_free_ char *cwd = NULL;
-+ _cleanup_free_ char *pretty_buffer = NULL, *parent = NULL;
- struct stat stbuf;
- bool read_only;
- int r;
-@@ -223,8 +222,12 @@ static int image_make(
- st = &stbuf;
- }
-
-- if (!path)
-- safe_getcwd(&cwd);
-+ if (!path) {
-+ if (dfd == AT_FDCWD)
-+ (void) safe_getcwd(&parent);
-+ else
-+ (void) fd_get_path(dfd, &parent);
-+ }
-
- read_only =
- (path && path_startswith(path, "/usr")) ||
-@@ -364,7 +367,7 @@ static int image_make(
-
- block_fd = openat(dfd, filename, O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_NOCTTY);
- if (block_fd < 0)
-- log_debug_errno(errno, "Failed to open block device %s/%s, ignoring: %m", path ?: strnull(cwd), filename);
-+ log_debug_errno(errno, "Failed to open block device %s/%s, ignoring: %m", path ?: strnull(parent), filename);
- else {
- /* Refresh stat data after opening the node */
- if (fstat(block_fd, &stbuf) < 0)
-@@ -378,13 +381,13 @@ static int image_make(
- int state = 0;
-
- if (ioctl(block_fd, BLKROGET, &state) < 0)
-- log_debug_errno(errno, "Failed to issue BLKROGET on device %s/%s, ignoring: %m", path ?: strnull(cwd), filename);
-+ log_debug_errno(errno, "Failed to issue BLKROGET on device %s/%s, ignoring: %m", path ?: strnull(parent), filename);
- else if (state)
- read_only = true;
- }
-
- if (ioctl(block_fd, BLKGETSIZE64, &size) < 0)
-- log_debug_errno(errno, "Failed to issue BLKGETSIZE64 on device %s/%s, ignoring: %m", path ?: strnull(cwd), filename);
-+ log_debug_errno(errno, "Failed to issue BLKGETSIZE64 on device %s/%s, ignoring: %m", path ?: strnull(parent), filename);
-
- block_fd = safe_close(block_fd);
- }
+++ /dev/null
-From fe0e16db093a7da09fcb52a2bc7017197047443d Mon Sep 17 00:00:00 2001
-From: Yu Watanabe <watanabe.yu+github@gmail.com>
-Date: Mon, 13 May 2019 05:40:31 +0900
-Subject: [PATCH] network: do not use ordered_set_printf() for DOMAINS= or
- ROUTE_DOMAINS=
-
-This partially reverts 5e2a51d588dde4b52c6017ea80b75c16e6e23431.
-
-Fixes #12531.
----
- src/network/networkd-link.c | 17 +++++++++++------
- 1 file changed, 11 insertions(+), 6 deletions(-)
-
-diff --git a/src/network/networkd-link.c b/src/network/networkd-link.c
-index f8ee48802cb..1dc10c65a1b 100644
---- a/src/network/networkd-link.c
-+++ b/src/network/networkd-link.c
-@@ -3495,12 +3495,11 @@ int link_save(Link *link) {
- admin_state, oper_state);
-
- if (link->network) {
-- bool space;
-+ char **dhcp6_domains = NULL, **dhcp_domains = NULL;
-+ const char *dhcp_domainname = NULL, *p;
- sd_dhcp6_lease *dhcp6_lease = NULL;
-- const char *dhcp_domainname = NULL;
-- char **dhcp6_domains = NULL;
-- char **dhcp_domains = NULL;
- unsigned j;
-+ bool space;
-
- fprintf(f, "REQUIRED_FOR_ONLINE=%s\n",
- yes_no(link->network->required_for_online));
-@@ -3617,7 +3616,10 @@ int link_save(Link *link) {
- (void) sd_dhcp6_lease_get_domains(dhcp6_lease, &dhcp6_domains);
- }
-
-- ordered_set_print(f, "DOMAINS=", link->network->search_domains);
-+ fputs("DOMAINS=", f);
-+ space = false;
-+ ORDERED_SET_FOREACH(p, link->network->search_domains, i)
-+ fputs_with_space(f, p, NULL, &space);
-
- if (link->network->dhcp_use_domains == DHCP_USE_DOMAINS_YES) {
- NDiscDNSSL *dd;
-@@ -3635,7 +3637,10 @@ int link_save(Link *link) {
-
- fputc('\n', f);
-
-- ordered_set_print(f, "ROUTE_DOMAINS=", link->network->route_domains);
-+ fputs("ROUTE_DOMAINS=", f);
-+ space = false;
-+ ORDERED_SET_FOREACH(p, link->network->route_domains, i)
-+ fputs_with_space(f, p, NULL, &space);
-
- if (link->network->dhcp_use_domains == DHCP_USE_DOMAINS_ROUTE) {
- NDiscDNSSL *dd;
+++ /dev/null
-From 4eb086a38712ea98faf41e075b84555b11b54362 Mon Sep 17 00:00:00 2001
-From: Susant Sahani <ssahani@gmail.com>
-Date: Thu, 9 May 2019 07:35:35 +0530
-Subject: [PATCH] networkd: fix link_up() (#12505)
-
-Fillup IFLA_INET6_ADDR_GEN_MODE while we do link_up.
-
-Fixes the following error:
-```
-dummy-test: Could not bring up interface: Invalid argument
-```
-
-After reading the kernel code when we do a link up
-```
-net/core/rtnetlink.c
-IFLA_AF_SPEC
- af_ops->set_link_af(dev, af);
- inet6_set_link_af
- if (tb[IFLA_INET6_ADDR_GEN_MODE])
- Here it looks for IFLA_INET6_ADDR_GEN_MODE
-```
-Since link up we didn't filling up that it's failing.
-
-Closes #12504.
----
- src/network/networkd-link.c | 15 +++++++++++++++
- 1 file changed, 15 insertions(+)
-
-diff --git a/src/network/networkd-link.c b/src/network/networkd-link.c
-index 3c8b5c5cb43..4db9f3f980f 100644
---- a/src/network/networkd-link.c
-+++ b/src/network/networkd-link.c
-@@ -2031,6 +2031,8 @@ static int link_up(Link *link) {
- }
-
- if (link_ipv6_enabled(link)) {
-+ uint8_t ipv6ll_mode;
-+
- r = sd_netlink_message_open_container(req, IFLA_AF_SPEC);
- if (r < 0)
- return log_link_error_errno(link, r, "Could not open IFLA_AF_SPEC container: %m");
-@@ -2046,6 +2048,19 @@ static int link_up(Link *link) {
- return log_link_error_errno(link, r, "Could not append IFLA_INET6_TOKEN: %m");
- }
-
-+ if (!link_ipv6ll_enabled(link))
-+ ipv6ll_mode = IN6_ADDR_GEN_MODE_NONE;
-+ else if (sysctl_read_ip_property(AF_INET6, link->ifname, "stable_secret", NULL) < 0)
-+ /* The file may not exist. And event if it exists, when stable_secret is unset,
-+ * reading the file fails with EIO. */
-+ ipv6ll_mode = IN6_ADDR_GEN_MODE_EUI64;
-+ else
-+ ipv6ll_mode = IN6_ADDR_GEN_MODE_STABLE_PRIVACY;
-+
-+ r = sd_netlink_message_append_u8(req, IFLA_INET6_ADDR_GEN_MODE, ipv6ll_mode);
-+ if (r < 0)
-+ return log_link_error_errno(link, r, "Could not append IFLA_INET6_ADDR_GEN_MODE: %m");
-+
- r = sd_netlink_message_close_container(req);
- if (r < 0)
- return log_link_error_errno(link, r, "Could not close AF_INET6 container: %m");
-From 9f6e82e6eb3b6e73d66d00d1d6eee60691fb702f Mon Sep 17 00:00:00 2001
-From: Yu Watanabe <watanabe.yu+github@gmail.com>
-Date: Thu, 9 May 2019 14:39:46 +0900
-Subject: [PATCH] network: do not send ipv6 token to kernel
-
-We disabled kernel RA support. Then, we should not send
-IFLA_INET6_TOKEN.
-Thus, we do not need to send IFLA_INET6_ADDR_GEN_MODE twice.
-
-Follow-up for 0e2fdb83bb5e22047e0c7cc058b415d0e93f02cf and
-4eb086a38712ea98faf41e075b84555b11b54362.
----
- src/network/networkd-link.c | 51 +++++--------------------------------
- 1 file changed, 6 insertions(+), 45 deletions(-)
-
-diff --git a/src/network/networkd-link.c b/src/network/networkd-link.c
-index 2b6ff2b6c58..b6da4ea70b7 100644
---- a/src/network/networkd-link.c
-+++ b/src/network/networkd-link.c
-@@ -1954,6 +1954,9 @@ static int link_configure_addrgen_mode(Link *link) {
- assert(link->manager);
- assert(link->manager->rtnl);
-
-+ if (!socket_ipv6_is_supported())
-+ return 0;
-+
- log_link_debug(link, "Setting address genmode for link");
-
- r = sd_rtnl_message_new_link(link->manager->rtnl, &req, RTM_SETLINK, link->ifindex);
-@@ -2047,46 +2050,6 @@ static int link_up(Link *link) {
- return log_link_error_errno(link, r, "Could not set MAC address: %m");
- }
-
-- if (link_ipv6_enabled(link)) {
-- uint8_t ipv6ll_mode;
--
-- r = sd_netlink_message_open_container(req, IFLA_AF_SPEC);
-- if (r < 0)
-- return log_link_error_errno(link, r, "Could not open IFLA_AF_SPEC container: %m");
--
-- /* if the kernel lacks ipv6 support setting IFF_UP fails if any ipv6 options are passed */
-- r = sd_netlink_message_open_container(req, AF_INET6);
-- if (r < 0)
-- return log_link_error_errno(link, r, "Could not open AF_INET6 container: %m");
--
-- if (!in_addr_is_null(AF_INET6, &link->network->ipv6_token)) {
-- r = sd_netlink_message_append_in6_addr(req, IFLA_INET6_TOKEN, &link->network->ipv6_token.in6);
-- if (r < 0)
-- return log_link_error_errno(link, r, "Could not append IFLA_INET6_TOKEN: %m");
-- }
--
-- if (!link_ipv6ll_enabled(link))
-- ipv6ll_mode = IN6_ADDR_GEN_MODE_NONE;
-- else if (sysctl_read_ip_property(AF_INET6, link->ifname, "stable_secret", NULL) < 0)
-- /* The file may not exist. And event if it exists, when stable_secret is unset,
-- * reading the file fails with EIO. */
-- ipv6ll_mode = IN6_ADDR_GEN_MODE_EUI64;
-- else
-- ipv6ll_mode = IN6_ADDR_GEN_MODE_STABLE_PRIVACY;
--
-- r = sd_netlink_message_append_u8(req, IFLA_INET6_ADDR_GEN_MODE, ipv6ll_mode);
-- if (r < 0)
-- return log_link_error_errno(link, r, "Could not append IFLA_INET6_ADDR_GEN_MODE: %m");
--
-- r = sd_netlink_message_close_container(req);
-- if (r < 0)
-- return log_link_error_errno(link, r, "Could not close AF_INET6 container: %m");
--
-- r = sd_netlink_message_close_container(req);
-- if (r < 0)
-- return log_link_error_errno(link, r, "Could not close IFLA_AF_SPEC container: %m");
-- }
--
- r = netlink_call_async(link->manager->rtnl, NULL, req, link_up_handler,
- link_netlink_destroy_callback, link);
- if (r < 0)
-@@ -3226,11 +3189,9 @@ static int link_configure(Link *link) {
- if (r < 0)
- return r;
-
-- if (socket_ipv6_is_supported()) {
-- r = link_configure_addrgen_mode(link);
-- if (r < 0)
-- return r;
-- }
-+ r = link_configure_addrgen_mode(link);
-+ if (r < 0)
-+ return r;
-
- return link_configure_after_setting_mtu(link);
- }
+++ /dev/null
-From d351699739471734666230ae3c6f9ba56ce5ce45 Mon Sep 17 00:00:00 2001
-From: Lennart Poettering <lennart@poettering.net>
-Date: Tue, 7 May 2019 16:18:13 -0400
-Subject: [PATCH 1/6] =?UTF-8?q?random-util:=20rename=20RANDOM=5FDONT=5FDRA?=
- =?UTF-8?q?IN=20=E2=86=92=20RANDOM=5FMAY=5FFAIL?=
-MIME-Version: 1.0
-Content-Type: text/plain; charset=UTF-8
-Content-Transfer-Encoding: 8bit
-
-The old flag name was a bit of a misnomer, as /dev/urandom cannot be
-"drained". Once it's initialized it's initialized and then is good
-forever. (Only /dev/random has a concept of 'draining', but we never use
-that, as it's an obsolete interface).
-
-The flag is still useful though, since it allows us to suppress accesses
-to the random pool while it is not initialized, as that trips up the
-kernel and it logs about any such attempts, which we really don't want.
-
-(cherry picked from commit 1a0ffa1e737e65312abac63dcf4b44e1ac0e1642)
----
- src/basic/random-util.c | 36 +++++++++++++++++++-----------------
- src/basic/random-util.h | 4 ++--
- 2 files changed, 21 insertions(+), 19 deletions(-)
-
-diff --git a/src/basic/random-util.c b/src/basic/random-util.c
-index ca25fd2420..de29e07549 100644
---- a/src/basic/random-util.c
-+++ b/src/basic/random-util.c
-@@ -71,21 +71,22 @@ int genuine_random_bytes(void *p, size_t n, RandomFlags flags) {
- bool got_some = false;
- int r;
-
-- /* Gathers some randomness from the kernel (or the CPU if the RANDOM_ALLOW_RDRAND flag is set). This call won't
-- * block, unless the RANDOM_BLOCK flag is set. If RANDOM_DONT_DRAIN is set, an error is returned if the random
-- * pool is not initialized. Otherwise it will always return some data from the kernel, regardless of whether
-- * the random pool is fully initialized or not. */
-+ /* Gathers some randomness from the kernel (or the CPU if the RANDOM_ALLOW_RDRAND flag is set). This
-+ * call won't block, unless the RANDOM_BLOCK flag is set. If RANDOM_MAY_FAIL is set, an error is
-+ * returned if the random pool is not initialized. Otherwise it will always return some data from the
-+ * kernel, regardless of whether the random pool is fully initialized or not. */
-
- if (n == 0)
- return 0;
-
- if (FLAGS_SET(flags, RANDOM_ALLOW_RDRAND))
-- /* Try x86-64' RDRAND intrinsic if we have it. We only use it if high quality randomness is not
-- * required, as we don't trust it (who does?). Note that we only do a single iteration of RDRAND here,
-- * even though the Intel docs suggest calling this in a tight loop of 10 invocations or so. That's
-- * because we don't really care about the quality here. We generally prefer using RDRAND if the caller
-- * allows us too, since this way we won't drain the kernel randomness pool if we don't need it, as the
-- * pool's entropy is scarce. */
-+ /* Try x86-64' RDRAND intrinsic if we have it. We only use it if high quality randomness is
-+ * not required, as we don't trust it (who does?). Note that we only do a single iteration of
-+ * RDRAND here, even though the Intel docs suggest calling this in a tight loop of 10
-+ * invocations or so. That's because we don't really care about the quality here. We
-+ * generally prefer using RDRAND if the caller allows us to, since this way we won't upset
-+ * the kernel's random subsystem by accessing it before the pool is initialized (after all it
-+ * will kmsg log about every attempt to do so)..*/
- for (;;) {
- unsigned long u;
- size_t m;
-@@ -153,12 +154,13 @@ int genuine_random_bytes(void *p, size_t n, RandomFlags flags) {
- break;
-
- } else if (errno == EAGAIN) {
-- /* The kernel has no entropy whatsoever. Let's remember to use the syscall the next
-- * time again though.
-+ /* The kernel has no entropy whatsoever. Let's remember to use the syscall
-+ * the next time again though.
- *
-- * If RANDOM_DONT_DRAIN is set, return an error so that random_bytes() can produce some
-- * pseudo-random bytes instead. Otherwise, fall back to /dev/urandom, which we know is empty,
-- * but the kernel will produce some bytes for us on a best-effort basis. */
-+ * If RANDOM_MAY_FAIL is set, return an error so that random_bytes() can
-+ * produce some pseudo-random bytes instead. Otherwise, fall back to
-+ * /dev/urandom, which we know is empty, but the kernel will produce some
-+ * bytes for us on a best-effort basis. */
- have_syscall = true;
-
- if (got_some && FLAGS_SET(flags, RANDOM_EXTEND_WITH_PSEUDO)) {
-@@ -167,7 +169,7 @@ int genuine_random_bytes(void *p, size_t n, RandomFlags flags) {
- return 0;
- }
-
-- if (FLAGS_SET(flags, RANDOM_DONT_DRAIN))
-+ if (FLAGS_SET(flags, RANDOM_MAY_FAIL))
- return -ENODATA;
-
- /* Use /dev/urandom instead */
-@@ -250,7 +252,7 @@ void pseudo_random_bytes(void *p, size_t n) {
-
- void random_bytes(void *p, size_t n) {
-
-- if (genuine_random_bytes(p, n, RANDOM_EXTEND_WITH_PSEUDO|RANDOM_DONT_DRAIN|RANDOM_ALLOW_RDRAND) >= 0)
-+ if (genuine_random_bytes(p, n, RANDOM_EXTEND_WITH_PSEUDO|RANDOM_MAY_FAIL|RANDOM_ALLOW_RDRAND) >= 0)
- return;
-
- /* If for some reason some user made /dev/urandom unavailable to us, or the kernel has no entropy, use a PRNG instead. */
-diff --git a/src/basic/random-util.h b/src/basic/random-util.h
-index 3e8c288d3d..148b6c7813 100644
---- a/src/basic/random-util.h
-+++ b/src/basic/random-util.h
-@@ -8,11 +8,11 @@
- typedef enum RandomFlags {
- RANDOM_EXTEND_WITH_PSEUDO = 1 << 0, /* If we can't get enough genuine randomness, but some, fill up the rest with pseudo-randomness */
- RANDOM_BLOCK = 1 << 1, /* Rather block than return crap randomness (only if the kernel supports that) */
-- RANDOM_DONT_DRAIN = 1 << 2, /* If we can't get any randomness at all, return early with -EAGAIN */
-+ RANDOM_MAY_FAIL = 1 << 2, /* If we can't get any randomness at all, return early with -ENODATA */
- RANDOM_ALLOW_RDRAND = 1 << 3, /* Allow usage of the CPU RNG */
- } RandomFlags;
-
--int genuine_random_bytes(void *p, size_t n, RandomFlags flags); /* returns "genuine" randomness, optionally filled upwith pseudo random, if not enough is available */
-+int genuine_random_bytes(void *p, size_t n, RandomFlags flags); /* returns "genuine" randomness, optionally filled up with pseudo random, if not enough is available */
- void pseudo_random_bytes(void *p, size_t n); /* returns only pseudo-randommess (but possibly seeded from something better) */
- void random_bytes(void *p, size_t n); /* returns genuine randomness if cheaply available, and pseudo randomness if not. */
-
---
-2.22.0
-
-
-From 1f492b9ecc31aa3782f9ce82058d8fb72a5c323f Mon Sep 17 00:00:00 2001
-From: Lennart Poettering <lennart@poettering.net>
-Date: Tue, 7 May 2019 16:21:44 -0400
-Subject: [PATCH 2/6] random-util: use gcc's bit_RDRND definition if it exists
-
-(cherry picked from commit cc28145d51f62711fdc4b4c229aecd5778806419)
----
- src/basic/random-util.c | 7 ++++++-
- 1 file changed, 6 insertions(+), 1 deletion(-)
-
-diff --git a/src/basic/random-util.c b/src/basic/random-util.c
-index de29e07549..205d5501e5 100644
---- a/src/basic/random-util.c
-+++ b/src/basic/random-util.c
-@@ -45,7 +45,12 @@ int rdrand(unsigned long *ret) {
- return -EOPNOTSUPP;
- }
-
-- have_rdrand = !!(ecx & (1U << 30));
-+/* Compat with old gcc where bit_RDRND didn't exist yet */
-+#ifndef bit_RDRND
-+#define bit_RDRND (1U << 30)
-+#endif
-+
-+ have_rdrand = !!(ecx & bit_RDRND);
- }
-
- if (have_rdrand == 0)
---
-2.22.0
-
-
-From 6460c540e6183dd19de89b7f0672b3b47c4d41cc Mon Sep 17 00:00:00 2001
-From: Lennart Poettering <lennart@poettering.net>
-Date: Tue, 7 May 2019 17:26:55 -0400
-Subject: [PATCH 3/6] random-util: hash AT_RANDOM getauxval() value before
- using it
-
-Let's be a bit paranoid and hash the 16 bytes we get from getauxval()
-before using them. AFter all they might be used by other stuff too (in
-particular ASLR), and we probably shouldn't end up leaking that seed
-though our crappy pseudo-random numbers.
-
-(cherry picked from commit 80eb560a5bd7439103036867d5e09a5e0393e5d3)
----
- src/basic/random-util.c | 18 ++++++++++++------
- 1 file changed, 12 insertions(+), 6 deletions(-)
-
-diff --git a/src/basic/random-util.c b/src/basic/random-util.c
-index 205d5501e5..40f1928936 100644
---- a/src/basic/random-util.c
-+++ b/src/basic/random-util.c
-@@ -28,6 +28,7 @@
- #include "io-util.h"
- #include "missing.h"
- #include "random-util.h"
-+#include "siphash24.h"
- #include "time-util.h"
-
- int rdrand(unsigned long *ret) {
-@@ -203,14 +204,19 @@ void initialize_srand(void) {
- return;
-
- #if HAVE_SYS_AUXV_H
-- /* The kernel provides us with 16 bytes of entropy in auxv, so let's
-- * try to make use of that to seed the pseudo-random generator. It's
-- * better than nothing... */
-+ /* The kernel provides us with 16 bytes of entropy in auxv, so let's try to make use of that to seed
-+ * the pseudo-random generator. It's better than nothing... But let's first hash it to make it harder
-+ * to recover the original value by watching any pseudo-random bits we generate. After all the
-+ * AT_RANDOM data might be used by other stuff too (in particular: ASLR), and we probably shouldn't
-+ * leak the seed for that. */
-
-- auxv = (const void*) getauxval(AT_RANDOM);
-+ auxv = ULONG_TO_PTR(getauxval(AT_RANDOM));
- if (auxv) {
-- assert_cc(sizeof(x) <= 16);
-- memcpy(&x, auxv, sizeof(x));
-+ static const uint8_t auxval_hash_key[16] = {
-+ 0x92, 0x6e, 0xfe, 0x1b, 0xcf, 0x00, 0x52, 0x9c, 0xcc, 0x42, 0xcf, 0xdc, 0x94, 0x1f, 0x81, 0x0f
-+ };
-+
-+ x = (unsigned) siphash24(auxv, 16, auxval_hash_key);
- } else
- #endif
- x = 0;
---
-2.22.0
-
-
-From 17d52f6320b45d1728af6007b4df4aaccc6fdaf4 Mon Sep 17 00:00:00 2001
-From: Lennart Poettering <lennart@poettering.net>
-Date: Tue, 7 May 2019 18:51:26 -0400
-Subject: [PATCH 4/6] random-util: rename "err" to "success"
-
-After all rdrand returns 1 on success, and 0 on failure, hence let's
-name this accordingly.
-
-(cherry picked from commit 328f850e36e86d14ab06d11fa8f2397e9575a7f9)
----
- src/basic/random-util.c | 8 ++++----
- 1 file changed, 4 insertions(+), 4 deletions(-)
-
-diff --git a/src/basic/random-util.c b/src/basic/random-util.c
-index 40f1928936..7c64857592 100644
---- a/src/basic/random-util.c
-+++ b/src/basic/random-util.c
-@@ -35,7 +35,7 @@ int rdrand(unsigned long *ret) {
-
- #if defined(__i386__) || defined(__x86_64__)
- static int have_rdrand = -1;
-- unsigned char err;
-+ uint8_t success;
-
- if (have_rdrand < 0) {
- uint32_t eax, ebx, ecx, edx;
-@@ -60,9 +60,9 @@ int rdrand(unsigned long *ret) {
- asm volatile("rdrand %0;"
- "setc %1"
- : "=r" (*ret),
-- "=qm" (err));
-- msan_unpoison(&err, sizeof(err));
-- if (!err)
-+ "=qm" (success));
-+ msan_unpoison(&success, sizeof(sucess));
-+ if (!success)
- return -EAGAIN;
-
- return 0;
---
-2.22.0
-
-
-From a6c72245ba5ba688cd6544650b9c6e313b39b53e Mon Sep 17 00:00:00 2001
-From: Evgeny Vereshchagin <evvers@ya.ru>
-Date: Wed, 8 May 2019 15:50:53 +0200
-Subject: [PATCH 5/6] util-lib: fix a typo in rdrand
-
-Otherwise, the fuzzers will fail to compile with MSan:
-```
-../../src/systemd/src/basic/random-util.c:64:40: error: use of undeclared identifier 'sucess'; did you mean 'success'?
- msan_unpoison(&success, sizeof(sucess));
- ^~~~~~
- success
-../../src/systemd/src/basic/alloc-util.h:169:50: note: expanded from macro 'msan_unpoison'
- ^
-../../src/systemd/src/basic/random-util.c:38:17: note: 'success' declared here
- uint8_t success;
- ^
-1 error generated.
-[80/545] Compiling C object 'src/basic/a6ba3eb@@basic@sta/process-util.c.o'.
-ninja: build stopped: subcommand failed.
-Fuzzers build failed
-```
-
-(cherry picked from commit 7f2cdceaed4d37c4e601e531c7d863fca1bd1460)
----
- src/basic/random-util.c | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
-diff --git a/src/basic/random-util.c b/src/basic/random-util.c
-index 7c64857592..b8bbf2d418 100644
---- a/src/basic/random-util.c
-+++ b/src/basic/random-util.c
-@@ -61,7 +61,7 @@ int rdrand(unsigned long *ret) {
- "setc %1"
- : "=r" (*ret),
- "=qm" (success));
-- msan_unpoison(&success, sizeof(sucess));
-+ msan_unpoison(&success, sizeof(success));
- if (!success)
- return -EAGAIN;
-
---
-2.22.0
-
-
-From 47eec0ae61c887cb8cc05ce8d49b8d151bc4ef25 Mon Sep 17 00:00:00 2001
-From: Lennart Poettering <lennart@poettering.net>
-Date: Fri, 10 May 2019 15:16:16 -0400
-Subject: [PATCH 6/6] random-util: eat up bad RDRAND values seen on AMD CPUs
-
-An ugly, ugly work-around for #11810. And no, we shouldn't have to do
-this. This is something for AMD, the firmware or the kernel to
-fix/work-around, not us. But nonetheless, this should do it for now.
-
-Fixes: #11810
-(cherry picked from commit 1c53d4a070edbec8ad2d384ba0014d0eb6bae077)
----
- src/basic/random-util.c | 15 ++++++++++++++-
- 1 file changed, 14 insertions(+), 1 deletion(-)
-
-diff --git a/src/basic/random-util.c b/src/basic/random-util.c
-index b8bbf2d418..0561f0cb22 100644
---- a/src/basic/random-util.c
-+++ b/src/basic/random-util.c
-@@ -35,6 +35,7 @@ int rdrand(unsigned long *ret) {
-
- #if defined(__i386__) || defined(__x86_64__)
- static int have_rdrand = -1;
-+ unsigned long v;
- uint8_t success;
-
- if (have_rdrand < 0) {
-@@ -59,12 +60,24 @@ int rdrand(unsigned long *ret) {
-
- asm volatile("rdrand %0;"
- "setc %1"
-- : "=r" (*ret),
-+ : "=r" (v),
- "=qm" (success));
- msan_unpoison(&success, sizeof(success));
- if (!success)
- return -EAGAIN;
-
-+ /* Apparently on some AMD CPUs RDRAND will sometimes (after a suspend/resume cycle?) report success
-+ * via the carry flag but nonetheless return the same fixed value -1 in all cases. This appears to be
-+ * a bad bug in the CPU or firmware. Let's deal with that and work-around this by explicitly checking
-+ * for this special value (and also 0, just to be sure) and filtering it out. This is a work-around
-+ * only however and something AMD really should fix properly. The Linux kernel should probably work
-+ * around this issue by turning off RDRAND altogether on those CPUs. See:
-+ * https://github.com/systemd/systemd/issues/11810 */
-+ if (v == 0 || v == ULONG_MAX)
-+ return log_debug_errno(SYNTHETIC_ERRNO(EUCLEAN),
-+ "RDRAND returned suspicious value %lx, assuming bad hardware RNG, not using value.", v);
-+
-+ *ret = v;
- return 0;
- #else
- return -EOPNOTSUPP;
---
-2.22.0
-
+++ /dev/null
-From f3d75364fbebf2ddb6393e54db5e10b6f6234e14 Mon Sep 17 00:00:00 2001
-From: Lennart Poettering <lennart@poettering.net>
-Date: Thu, 18 Apr 2019 15:13:54 +0200
-Subject: [PATCH] socket-util: make sure flush_accept() doesn't hang on
- unexpected EOPNOTSUPP
-
-So apparently there are two reasons why accept() can return EOPNOTSUPP:
-because the socket is not a listening stream socket (or similar), or
-because the incoming TCP connection for some reason wasn't acceptable to
-the host. THe latter should be a transient error, as suggested on
-accept(2). The former however should be considered fatal for
-flush_accept(). Let's fix this by explicitly checking whether the socket
-is a listening socket beforehand.
----
- src/basic/socket-util.c | 17 +++++++++++++++--
- 1 file changed, 15 insertions(+), 2 deletions(-)
-
-diff --git a/src/basic/socket-util.c b/src/basic/socket-util.c
-index 904bafb76f9..e787d53d8f4 100644
---- a/src/basic/socket-util.c
-+++ b/src/basic/socket-util.c
-@@ -1225,9 +1225,22 @@ int flush_accept(int fd) {
- .fd = fd,
- .events = POLLIN,
- };
-- int r;
-+ int r, b;
-+ socklen_t l = sizeof(b);
-+
-+ /* Similar to flush_fd() but flushes all incoming connection by accepting them and immediately
-+ * closing them. */
-+
-+ if (getsockopt(fd, SOL_SOCKET, SO_ACCEPTCONN, &b, &l) < 0)
-+ return -errno;
-
-- /* Similar to flush_fd() but flushes all incoming connection by accepting them and immediately closing them. */
-+ assert(l == sizeof(b));
-+ if (!b) /* Let's check if this is a socket accepting connections before calling accept(). That's
-+ * because accept4() can return EOPNOTSUPP in the fd we are called on is not a listening
-+ * socket, or in case the incoming TCP connection transiently triggered that (see accept(2)
-+ * man page for details). The latter case is a transient error we should continue looping
-+ * on. The former case however is fatal. */
-+ return -ENOTTY;
-
- for (;;) {
- int cfd;
+++ /dev/null
-From a62b7bb79e9a2aa683624c32cde1c756d8466fb4 Mon Sep 17 00:00:00 2001
-From: Yu Watanabe <watanabe.yu+github@gmail.com>
-Date: Thu, 25 Apr 2019 00:39:04 +0200
-Subject: [PATCH] network: fix ListenPort= in [WireGuard] section
-
-This fixes a bug introduced by f1368a333e5e08575f0b45dfe41e936b106a8627.
-
-Fixes #12377.
----
- src/network/netdev/wireguard.c | 19 ++++++++++---------
- 1 file changed, 10 insertions(+), 9 deletions(-)
-
-diff --git a/src/network/netdev/wireguard.c b/src/network/netdev/wireguard.c
-index f3084c0773f..5ebc5dfed84 100644
---- a/src/network/netdev/wireguard.c
-+++ b/src/network/netdev/wireguard.c
-@@ -452,22 +452,23 @@ int config_parse_wireguard_listen_port(
- void *userdata) {
-
- uint16_t *s = data;
-- uint16_t port = 0;
- int r;
-
- assert(rvalue);
- assert(data);
-
-- if (!streq(rvalue, "auto")) {
-- r = parse_ip_port(rvalue, s);
-- if (r < 0) {
-- log_syntax(unit, LOG_ERR, filename, line, r,
-- "Invalid port specification, ignoring assignment: %s", rvalue);
-- return 0;
-- }
-+ if (isempty(rvalue) || streq(rvalue, "auto")) {
-+ *s = 0;
-+ return 0;
-+ }
-+
-+ r = parse_ip_port(rvalue, s);
-+ if (r < 0) {
-+ log_syntax(unit, LOG_ERR, filename, line, r,
-+ "Invalid port specification, ignoring assignment: %s", rvalue);
-+ return 0;
- }
-
-- *s = port;
- return 0;
- }
-
+++ /dev/null
-From 35e528018f315798d3bffcb592b32a0d8f5162bd Mon Sep 17 00:00:00 2001
-From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= <zbyszek@in.waw.pl>
-Date: Tue, 27 Aug 2019 19:00:34 +0200
-Subject: [PATCH] shared/but-util: drop trusted annotation from
- bus_open_system_watch_bind_with_description()
-
-https://bugzilla.redhat.com/show_bug.cgi?id=1746057
-
-This only affects systemd-resolved. bus_open_system_watch_bind_with_description()
-is also used in timesyncd, but it has no methods, only read-only properties, and
-in networkd, but it annotates all methods with SD_BUS_VTABLE_UNPRIVILEGED and does
-polkit checks.
----
- src/shared/bus-util.c | 4 ----
- 1 file changed, 4 deletions(-)
-
-diff --git a/src/shared/bus-util.c b/src/shared/bus-util.c
-index 6af115e7aa..821339d4ae 100644
---- a/src/shared/bus-util.c
-+++ b/src/shared/bus-util.c
-@@ -1705,10 +1705,6 @@ int bus_open_system_watch_bind_with_description(sd_bus **ret, const char *descri
- if (r < 0)
- return r;
-
-- r = sd_bus_set_trusted(bus, true);
-- if (r < 0)
-- return r;
--
- r = sd_bus_negotiate_creds(bus, true, SD_BUS_CREDS_UID|SD_BUS_CREDS_EUID|SD_BUS_CREDS_EFFECTIVE_CAPS);
- if (r < 0)
- return r;
<flag name="http">Enable embedded HTTP server in journald</flag>
<flag name="importd">Enable import daemon</flag>
<flag name="kmod">Enable kernel module loading via <pkg>sys-apps/kmod</pkg></flag>
- <flag name="libidn2">If IDN support is enabled, use <pkg>net-dns/libidn2</pkg> instead of <pkg>net-dns/libidn</pkg></flag>
<flag name="lz4">Enable lz4 compression for the journal</flag>
<flag name="nat">Enable support for network address translation in networkd</flag>
<flag name="qrcode">Enable qrcode output support in journal</flag>
+++ /dev/null
-# Copyright 2011-2020 Gentoo Authors
-# Distributed under the terms of the GNU General Public License v2
-
-EAPI=7
-
-if [[ ${PV} == 9999 ]]; then
- EGIT_REPO_URI="https://github.com/systemd/systemd.git"
- inherit git-r3
-else
- MY_PV=${PV/_/-}
- MY_P=${PN}-${MY_PV}
- S=${WORKDIR}/${MY_P}
- SRC_URI="https://github.com/systemd/systemd/archive/v${MY_PV}/${MY_P}.tar.gz"
- KEYWORDS="alpha amd64 arm arm64 ~hppa ia64 ~mips ppc ppc64 sparc x86"
-fi
-
-PYTHON_COMPAT=( python{3_6,3_7} )
-
-inherit bash-completion-r1 linux-info meson multilib-minimal ninja-utils pam python-any-r1 systemd toolchain-funcs udev
-
-DESCRIPTION="System and service manager for Linux"
-HOMEPAGE="https://www.freedesktop.org/wiki/Software/systemd"
-
-LICENSE="GPL-2 LGPL-2.1 MIT public-domain"
-SLOT="0/2"
-IUSE="acl apparmor audit build cryptsetup curl dns-over-tls elfutils +gcrypt gnuefi http idn importd +kmod libidn2 +lz4 lzma nat pam pcre policykit qrcode +resolvconf +seccomp selinux split-usr +sysv-utils test vanilla xkb"
-
-REQUIRED_USE="importd? ( curl gcrypt lzma )"
-RESTRICT="!test? ( test )"
-
-MINKV="3.11"
-
-COMMON_DEPEND=">=sys-apps/util-linux-2.30:0=[${MULTILIB_USEDEP}]
- sys-libs/libcap:0=[${MULTILIB_USEDEP}]
- !<sys-libs/glibc-2.16
- acl? ( sys-apps/acl:0= )
- apparmor? ( sys-libs/libapparmor:0= )
- audit? ( >=sys-process/audit-2:0= )
- cryptsetup? ( >=sys-fs/cryptsetup-1.6:0= )
- curl? ( net-misc/curl:0= )
- dns-over-tls? ( >=net-libs/gnutls-3.5.3:0= )
- elfutils? ( >=dev-libs/elfutils-0.158:0= )
- gcrypt? ( >=dev-libs/libgcrypt-1.4.5:0=[${MULTILIB_USEDEP}] )
- http? (
- >=net-libs/libmicrohttpd-0.9.33:0=[epoll(+)]
- >=net-libs/gnutls-3.1.4:0=
- )
- idn? (
- libidn2? ( net-dns/libidn2:= )
- !libidn2? ( net-dns/libidn:= )
- )
- importd? (
- app-arch/bzip2:0=
- sys-libs/zlib:0=
- )
- kmod? ( >=sys-apps/kmod-15:0= )
- lz4? ( >=app-arch/lz4-0_p131:0=[${MULTILIB_USEDEP}] )
- lzma? ( >=app-arch/xz-utils-5.0.5-r1:0=[${MULTILIB_USEDEP}] )
- nat? ( net-firewall/iptables:0= )
- pam? ( sys-libs/pam:=[${MULTILIB_USEDEP}] )
- pcre? ( dev-libs/libpcre2 )
- qrcode? ( media-gfx/qrencode:0= )
- seccomp? ( >=sys-libs/libseccomp-2.3.3:0= )
- selinux? ( sys-libs/libselinux:0= )
- xkb? ( >=x11-libs/libxkbcommon-0.4.1:0= )"
-
-# Newer linux-headers needed by ia64, bug #480218
-DEPEND="${COMMON_DEPEND}
- >=sys-kernel/linux-headers-${MINKV}
- gnuefi? ( >=sys-boot/gnu-efi-3.0.2 )
-"
-
-# baselayout-2.2 has /run
-RDEPEND="${COMMON_DEPEND}
- acct-group/adm
- acct-group/wheel
- acct-group/kmem
- acct-group/tty
- acct-group/utmp
- acct-group/audio
- acct-group/cdrom
- acct-group/dialout
- acct-group/disk
- acct-group/input
- acct-group/kvm
- acct-group/render
- acct-group/tape
- acct-group/video
- acct-group/systemd-journal
- acct-user/systemd-journal-remote
- acct-user/systemd-coredump
- acct-user/systemd-network
- acct-user/systemd-resolve
- acct-user/systemd-timesync
- >=sys-apps/baselayout-2.2
- selinux? ( sec-policy/selinux-base-policy[systemd] )
- sysv-utils? ( !sys-apps/sysvinit )
- !sysv-utils? ( sys-apps/sysvinit )
- resolvconf? ( !net-dns/openresolv )
- !build? ( || (
- sys-apps/util-linux[kill(-)]
- sys-process/procps[kill(+)]
- sys-apps/coreutils[kill(-)]
- ) )
- !sys-auth/nss-myhostname
- !<sys-kernel/dracut-044
- !sys-fs/eudev
- !sys-fs/udev
-"
-
-# sys-apps/dbus: the daemon only (+ build-time lib dep for tests)
-PDEPEND=">=sys-apps/dbus-1.9.8[systemd]
- >=sys-apps/hwids-20150417[udev]
- >=sys-fs/udev-init-scripts-25
- policykit? ( sys-auth/polkit )
- !vanilla? ( sys-apps/gentoo-systemd-integration )"
-
-BDEPEND="
- app-arch/xz-utils:0
- dev-util/gperf
- >=dev-util/meson-0.46
- >=dev-util/intltool-0.50
- >=sys-apps/coreutils-8.16
- sys-devel/m4
- virtual/pkgconfig[${MULTILIB_USEDEP}]
- test? ( sys-apps/dbus )
- app-text/docbook-xml-dtd:4.2
- app-text/docbook-xml-dtd:4.5
- app-text/docbook-xsl-stylesheets
- dev-libs/libxslt:0
- $(python_gen_any_dep 'dev-python/lxml[${PYTHON_USEDEP}]')
-"
-
-pkg_pretend() {
- if [[ ${MERGE_TYPE} != buildonly ]]; then
- if use test && has pid-sandbox ${FEATURES}; then
- ewarn "Tests are known to fail with PID sandboxing enabled."
- ewarn "See https://bugs.gentoo.org/674458."
- fi
-
- local CONFIG_CHECK="~AUTOFS4_FS ~BLK_DEV_BSG ~CGROUPS
- ~CHECKPOINT_RESTORE ~DEVTMPFS ~EPOLL ~FANOTIFY ~FHANDLE
- ~INOTIFY_USER ~IPV6 ~NET ~NET_NS ~PROC_FS ~SIGNALFD ~SYSFS
- ~TIMERFD ~TMPFS_XATTR ~UNIX
- ~CRYPTO_HMAC ~CRYPTO_SHA256 ~CRYPTO_USER_API_HASH
- ~!FW_LOADER_USER_HELPER_FALLBACK ~!GRKERNSEC_PROC ~!IDE ~!SYSFS_DEPRECATED
- ~!SYSFS_DEPRECATED_V2"
-
- use acl && CONFIG_CHECK+=" ~TMPFS_POSIX_ACL"
- use seccomp && CONFIG_CHECK+=" ~SECCOMP ~SECCOMP_FILTER"
- kernel_is -lt 3 7 && CONFIG_CHECK+=" ~HOTPLUG"
- kernel_is -lt 4 7 && CONFIG_CHECK+=" ~DEVPTS_MULTIPLE_INSTANCES"
- kernel_is -ge 4 10 && CONFIG_CHECK+=" ~CGROUP_BPF"
-
- if linux_config_exists; then
- local uevent_helper_path=$(linux_chkconfig_string UEVENT_HELPER_PATH)
- if [[ -n ${uevent_helper_path} ]] && [[ ${uevent_helper_path} != '""' ]]; then
- ewarn "It's recommended to set an empty value to the following kernel config option:"
- ewarn "CONFIG_UEVENT_HELPER_PATH=${uevent_helper_path}"
- fi
- if linux_chkconfig_present X86; then
- CONFIG_CHECK+=" ~DMIID"
- fi
- fi
-
- if kernel_is -lt ${MINKV//./ }; then
- ewarn "Kernel version at least ${MINKV} required"
- fi
-
- check_extra_config
- fi
-}
-
-pkg_setup() {
- :
-}
-
-src_unpack() {
- default
- [[ ${PV} != 9999 ]] || git-r3_src_unpack
-}
-
-src_prepare() {
- # Do NOT add patches here
- local PATCHES=()
-
- [[ -d "${WORKDIR}"/patches ]] && PATCHES+=( "${WORKDIR}"/patches )
-
- # Add local patches here
- PATCHES+=(
- "${FILESDIR}"/242-gcc-9.patch
- "${FILESDIR}"/242-socket-util-flush-accept.patch
- "${FILESDIR}"/242-wireguard-listenport.patch
- "${FILESDIR}"/242-file-max.patch
- "${FILESDIR}"/242-rdrand-ryzen.patch
- "${FILESDIR}"/242-networkd-ipv6-token.patch
- "${FILESDIR}"/242-network-domains.patch
- )
-
- if ! use vanilla; then
- PATCHES+=(
- "${FILESDIR}/gentoo-Dont-enable-audit-by-default.patch"
- "${FILESDIR}/gentoo-systemd-user-pam.patch"
- "${FILESDIR}/gentoo-generator-path-r1.patch"
- )
- fi
-
- default
-}
-
-src_configure() {
- # Prevent conflicts with i686 cross toolchain, bug 559726
- tc-export AR CC NM OBJCOPY RANLIB
-
- python_setup
-
- multilib-minimal_src_configure
-}
-
-meson_use() {
- usex "$1" true false
-}
-
-meson_multilib() {
- if multilib_is_native_abi; then
- echo true
- else
- echo false
- fi
-}
-
-meson_multilib_native_use() {
- if multilib_is_native_abi && use "$1"; then
- echo true
- else
- echo false
- fi
-}
-
-multilib_src_configure() {
- local myconf=(
- --localstatedir="${EPREFIX}/var"
- -Dsupport-url="https://gentoo.org/support/"
- -Dpamlibdir="$(getpam_mod_dir)"
- # avoid bash-completion dep
- -Dbashcompletiondir="$(get_bashcompdir)"
- # make sure we get /bin:/sbin in PATH
- -Dsplit-usr=$(usex split-usr true false)
- -Drootprefix="$(usex split-usr "${EPREFIX:-/}" "${EPREFIX}/usr")"
- -Dsysvinit-path=
- -Dsysvrcnd-path=
- # Avoid infinite exec recursion, bug 642724
- -Dtelinit-path="${EPREFIX}/lib/sysvinit/telinit"
- # no deps
- -Defi=$(meson_multilib)
- -Dima=true
- # Optional components/dependencies
- -Dacl=$(meson_multilib_native_use acl)
- -Dapparmor=$(meson_multilib_native_use apparmor)
- -Daudit=$(meson_multilib_native_use audit)
- -Dlibcryptsetup=$(meson_multilib_native_use cryptsetup)
- -Dlibcurl=$(meson_multilib_native_use curl)
- -Ddns-over-tls=$(meson_multilib_native_use dns-over-tls)
- -Delfutils=$(meson_multilib_native_use elfutils)
- -Dgcrypt=$(meson_use gcrypt)
- -Dgnu-efi=$(meson_multilib_native_use gnuefi)
- -Defi-libdir="${ESYSROOT}/usr/$(get_libdir)"
- -Dmicrohttpd=$(meson_multilib_native_use http)
- -Dimportd=$(meson_multilib_native_use importd)
- -Dbzip2=$(meson_multilib_native_use importd)
- -Dzlib=$(meson_multilib_native_use importd)
- -Dkmod=$(meson_multilib_native_use kmod)
- -Dlz4=$(meson_use lz4)
- -Dxz=$(meson_use lzma)
- -Dlibiptc=$(meson_multilib_native_use nat)
- -Dpam=$(meson_use pam)
- -Dpcre2=$(meson_multilib_native_use pcre)
- -Dpolkit=$(meson_multilib_native_use policykit)
- -Dqrencode=$(meson_multilib_native_use qrcode)
- -Dseccomp=$(meson_multilib_native_use seccomp)
- -Dselinux=$(meson_multilib_native_use selinux)
- -Ddbus=$(meson_multilib_native_use test)
- -Dxkbcommon=$(meson_multilib_native_use xkb)
- -Dntp-servers="0.gentoo.pool.ntp.org 1.gentoo.pool.ntp.org 2.gentoo.pool.ntp.org 3.gentoo.pool.ntp.org"
- # Breaks screen, tmux, etc.
- -Ddefault-kill-user-processes=false
- -Dcreate-log-dirs=false
-
- # multilib options
- -Dbacklight=$(meson_multilib)
- -Dbinfmt=$(meson_multilib)
- -Dcoredump=$(meson_multilib)
- -Denvironment-d=$(meson_multilib)
- -Dfirstboot=$(meson_multilib)
- -Dhibernate=$(meson_multilib)
- -Dhostnamed=$(meson_multilib)
- -Dhwdb=$(meson_multilib)
- -Dldconfig=$(meson_multilib)
- -Dlocaled=$(meson_multilib)
- -Dman=$(meson_multilib)
- -Dnetworkd=$(meson_multilib)
- -Dquotacheck=$(meson_multilib)
- -Drandomseed=$(meson_multilib)
- -Drfkill=$(meson_multilib)
- -Dsysusers=$(meson_multilib)
- -Dtimedated=$(meson_multilib)
- -Dtimesyncd=$(meson_multilib)
- -Dtmpfiles=$(meson_multilib)
- -Dvconsole=$(meson_multilib)
- )
-
- if multilib_is_native_abi && use idn; then
- myconf+=(
- -Dlibidn2=$(usex libidn2 true false)
- -Dlibidn=$(usex libidn2 false true)
- )
- else
- myconf+=(
- -Dlibidn2=false
- -Dlibidn=false
- )
- fi
-
- meson_src_configure "${myconf[@]}"
-}
-
-multilib_src_compile() {
- eninja
-}
-
-multilib_src_test() {
- unset DBUS_SESSION_BUS_ADDRESS XDG_RUNTIME_DIR
- eninja test
-}
-
-multilib_src_install() {
- DESTDIR="${D}" eninja install
-}
-
-multilib_src_install_all() {
- local rootprefix=$(usex split-usr '' /usr)
-
- # meson doesn't know about docdir
- mv "${ED}"/usr/share/doc/{systemd,${PF}} || die
-
- einstalldocs
- dodoc "${FILESDIR}"/nsswitch.conf
-
- if ! use resolvconf; then
- rm -f "${ED}${rootprefix}"/sbin/resolvconf || die
- fi
-
- if ! use sysv-utils; then
- rm "${ED}${rootprefix}"/sbin/{halt,init,poweroff,reboot,runlevel,shutdown,telinit} || die
- rm "${ED}"/usr/share/man/man1/init.1 || die
- rm "${ED}"/usr/share/man/man8/{halt,poweroff,reboot,runlevel,shutdown,telinit}.8 || die
- fi
-
- if ! use resolvconf && ! use sysv-utils; then
- rmdir "${ED}${rootprefix}"/sbin || die
- fi
-
- # Preserve empty dirs in /etc & /var, bug #437008
- keepdir /etc/{binfmt.d,modules-load.d,tmpfiles.d}
- keepdir /etc/kernel/install.d
- keepdir /etc/systemd/{network,user}
- keepdir /etc/udev/{hwdb.d,rules.d}
- keepdir "${rootprefix}"/lib/systemd/{system-sleep,system-shutdown}
- keepdir /usr/lib/{binfmt.d,modules-load.d}
- keepdir /usr/lib/systemd/user-generators
- keepdir /var/lib/systemd
- keepdir /var/log/journal
-
- # Symlink /etc/sysctl.conf for easy migration.
- dosym ../sysctl.conf /etc/sysctl.d/99-sysctl.conf
-
- local udevdir=/lib/udev
- use split-usr || udevdir=/usr/lib/udev
-
- rm -r "${ED}${udevdir}/hwdb.d" || die
-
- if use split-usr; then
- # Avoid breaking boot/reboot
- dosym ../../../lib/systemd/systemd /usr/lib/systemd/systemd
- dosym ../../../lib/systemd/systemd-shutdown /usr/lib/systemd/systemd-shutdown
- fi
-}
-
-migrate_locale() {
- local envd_locale_def="${EROOT}/etc/env.d/02locale"
- local envd_locale=( "${EROOT}"/etc/env.d/??locale )
- local locale_conf="${EROOT}/etc/locale.conf"
-
- if [[ ! -L ${locale_conf} && ! -e ${locale_conf} ]]; then
- # If locale.conf does not exist...
- if [[ -e ${envd_locale} ]]; then
- # ...either copy env.d/??locale if there's one
- ebegin "Moving ${envd_locale} to ${locale_conf}"
- mv "${envd_locale}" "${locale_conf}"
- eend ${?} || FAIL=1
- else
- # ...or create a dummy default
- ebegin "Creating ${locale_conf}"
- cat > "${locale_conf}" <<-EOF
- # This file has been created by the sys-apps/systemd ebuild.
- # See locale.conf(5) and localectl(1).
-
- # LANG=${LANG}
- EOF
- eend ${?} || FAIL=1
- fi
- fi
-
- if [[ ! -L ${envd_locale} ]]; then
- # now, if env.d/??locale is not a symlink (to locale.conf)...
- if [[ -e ${envd_locale} ]]; then
- # ...warn the user that he has duplicate locale settings
- ewarn
- ewarn "To ensure consistent behavior, you should replace ${envd_locale}"
- ewarn "with a symlink to ${locale_conf}. Please migrate your settings"
- ewarn "and create the symlink with the following command:"
- ewarn "ln -s -n -f ../locale.conf ${envd_locale}"
- ewarn
- else
- # ...or just create the symlink if there's nothing here
- ebegin "Creating ${envd_locale_def} -> ../locale.conf symlink"
- ln -n -s ../locale.conf "${envd_locale_def}"
- eend ${?} || FAIL=1
- fi
- fi
-}
-
-save_enabled_units() {
- ENABLED_UNITS=()
- type systemctl &>/dev/null || return
- for x; do
- if systemctl --quiet --root="${ROOT:-/}" is-enabled "${x}"; then
- ENABLED_UNITS+=( "${x}" )
- fi
- done
-}
-
-pkg_preinst() {
- save_enabled_units {machines,remote-{cryptsetup,fs}}.target getty@tty1.service
-}
-
-pkg_postinst() {
- systemd_update_catalog
-
- # Keep this here in case the database format changes so it gets updated
- # when required. Despite that this file is owned by sys-apps/hwids.
- if has_version "sys-apps/hwids[udev]"; then
- udevadm hwdb --update --root="${EROOT}"
- fi
-
- udev_reload || FAIL=1
-
- # Bug 465468, make sure locales are respect, and ensure consistency
- # between OpenRC & systemd
- migrate_locale
-
- systemd_reenable systemd-networkd.service systemd-resolved.service
-
- if [[ ${ENABLED_UNITS[@]} ]]; then
- systemctl --root="${ROOT:-/}" enable "${ENABLED_UNITS[@]}"
- fi
-
- if [[ -z ${REPLACING_VERSIONS} ]]; then
- if type systemctl &>/dev/null; then
- systemctl --root="${ROOT:-/}" enable getty@.service remote-fs.target || FAIL=1
- fi
- elog "To enable a useful set of services, run the following:"
- elog " systemctl preset-all --preset-mode=enable-only"
- fi
-
- if [[ -L ${EROOT}/var/lib/systemd/timesync ]]; then
- rm "${EROOT}/var/lib/systemd/timesync"
- fi
-
- if [[ -z ${ROOT} && -d /run/systemd/system ]]; then
- ebegin "Reexecuting system manager"
- systemctl daemon-reexec
- eend $?
- fi
-
- if [[ ${FAIL} ]]; then
- eerror "One of the postinst commands failed. Please check the postinst output"
- eerror "for errors. You may need to clean up your system and/or try installing"
- eerror "systemd again."
- eerror
- fi
-}
-
-pkg_prerm() {
- # If removing systemd completely, remove the catalog database.
- if [[ ! ${REPLACED_BY_VERSION} ]]; then
- rm -f -v "${EROOT}"/var/lib/systemd/catalog/database
- fi
-}
+++ /dev/null
-# Copyright 2011-2020 Gentoo Authors
-# Distributed under the terms of the GNU General Public License v2
-
-EAPI=7
-
-if [[ ${PV} == 9999 ]]; then
- EGIT_REPO_URI="https://github.com/systemd/systemd.git"
- inherit git-r3
-else
- MY_PV=${PV/_/-}
- MY_P=${PN}-${MY_PV}
- S=${WORKDIR}/${MY_P}
- SRC_URI="https://github.com/systemd/systemd/archive/v${MY_PV}/${MY_P}.tar.gz"
- KEYWORDS="alpha amd64 arm arm64 ~hppa ia64 ~mips ppc ppc64 sparc x86"
-fi
-
-PYTHON_COMPAT=( python{3_6,3_7} )
-
-inherit bash-completion-r1 linux-info meson multilib-minimal ninja-utils pam python-any-r1 systemd toolchain-funcs udev
-
-DESCRIPTION="System and service manager for Linux"
-HOMEPAGE="https://www.freedesktop.org/wiki/Software/systemd"
-
-LICENSE="GPL-2 LGPL-2.1 MIT public-domain"
-SLOT="0/2"
-IUSE="acl apparmor audit build cryptsetup curl dns-over-tls elfutils +gcrypt gnuefi http idn importd +kmod libidn2 +lz4 lzma nat pam pcre policykit qrcode +resolvconf +seccomp selinux split-usr +sysv-utils test vanilla xkb"
-
-REQUIRED_USE="importd? ( curl gcrypt lzma )"
-RESTRICT="!test? ( test )"
-
-MINKV="3.11"
-
-COMMON_DEPEND=">=sys-apps/util-linux-2.30:0=[${MULTILIB_USEDEP}]
- sys-libs/libcap:0=[${MULTILIB_USEDEP}]
- !<sys-libs/glibc-2.16
- acl? ( sys-apps/acl:0= )
- apparmor? ( sys-libs/libapparmor:0= )
- audit? ( >=sys-process/audit-2:0= )
- cryptsetup? ( >=sys-fs/cryptsetup-1.6:0= )
- curl? ( net-misc/curl:0= )
- dns-over-tls? ( >=net-libs/gnutls-3.5.3:0= )
- elfutils? ( >=dev-libs/elfutils-0.158:0= )
- gcrypt? ( >=dev-libs/libgcrypt-1.4.5:0=[${MULTILIB_USEDEP}] )
- http? (
- >=net-libs/libmicrohttpd-0.9.33:0=[epoll(+)]
- >=net-libs/gnutls-3.1.4:0=
- )
- idn? (
- libidn2? ( net-dns/libidn2:= )
- !libidn2? ( net-dns/libidn:= )
- )
- importd? (
- app-arch/bzip2:0=
- sys-libs/zlib:0=
- )
- kmod? ( >=sys-apps/kmod-15:0= )
- lz4? ( >=app-arch/lz4-0_p131:0=[${MULTILIB_USEDEP}] )
- lzma? ( >=app-arch/xz-utils-5.0.5-r1:0=[${MULTILIB_USEDEP}] )
- nat? ( net-firewall/iptables:0= )
- pam? ( sys-libs/pam:=[${MULTILIB_USEDEP}] )
- pcre? ( dev-libs/libpcre2 )
- qrcode? ( media-gfx/qrencode:0= )
- seccomp? ( >=sys-libs/libseccomp-2.3.3:0= )
- selinux? ( sys-libs/libselinux:0= )
- xkb? ( >=x11-libs/libxkbcommon-0.4.1:0= )"
-
-# Newer linux-headers needed by ia64, bug #480218
-DEPEND="${COMMON_DEPEND}
- >=sys-kernel/linux-headers-${MINKV}
- gnuefi? ( >=sys-boot/gnu-efi-3.0.2 )
-"
-
-# baselayout-2.2 has /run
-RDEPEND="${COMMON_DEPEND}
- acct-group/adm
- acct-group/wheel
- acct-group/kmem
- acct-group/tty
- acct-group/utmp
- acct-group/audio
- acct-group/cdrom
- acct-group/dialout
- acct-group/disk
- acct-group/input
- acct-group/kvm
- acct-group/render
- acct-group/tape
- acct-group/video
- acct-group/systemd-journal
- acct-user/systemd-journal-remote
- acct-user/systemd-coredump
- acct-user/systemd-network
- acct-user/systemd-resolve
- acct-user/systemd-timesync
- >=sys-apps/baselayout-2.2
- selinux? ( sec-policy/selinux-base-policy[systemd] )
- sysv-utils? ( !sys-apps/sysvinit )
- !sysv-utils? ( sys-apps/sysvinit )
- resolvconf? ( !net-dns/openresolv )
- !build? ( || (
- sys-apps/util-linux[kill(-)]
- sys-process/procps[kill(+)]
- sys-apps/coreutils[kill(-)]
- ) )
- !sys-auth/nss-myhostname
- !<sys-kernel/dracut-044
- !sys-fs/eudev
- !sys-fs/udev
-"
-
-# sys-apps/dbus: the daemon only (+ build-time lib dep for tests)
-PDEPEND=">=sys-apps/dbus-1.9.8[systemd]
- >=sys-apps/hwids-20150417[udev]
- >=sys-fs/udev-init-scripts-25
- policykit? ( sys-auth/polkit )
- !vanilla? ( sys-apps/gentoo-systemd-integration )"
-
-BDEPEND="
- app-arch/xz-utils:0
- dev-util/gperf
- >=dev-util/meson-0.46
- >=dev-util/intltool-0.50
- >=sys-apps/coreutils-8.16
- sys-devel/m4
- virtual/pkgconfig[${MULTILIB_USEDEP}]
- test? ( sys-apps/dbus )
- app-text/docbook-xml-dtd:4.2
- app-text/docbook-xml-dtd:4.5
- app-text/docbook-xsl-stylesheets
- dev-libs/libxslt:0
- $(python_gen_any_dep 'dev-python/lxml[${PYTHON_USEDEP}]')
-"
-
-pkg_pretend() {
- if [[ ${MERGE_TYPE} != buildonly ]]; then
- if use test && has pid-sandbox ${FEATURES}; then
- ewarn "Tests are known to fail with PID sandboxing enabled."
- ewarn "See https://bugs.gentoo.org/674458."
- fi
-
- local CONFIG_CHECK="~AUTOFS4_FS ~BLK_DEV_BSG ~CGROUPS
- ~CHECKPOINT_RESTORE ~DEVTMPFS ~EPOLL ~FANOTIFY ~FHANDLE
- ~INOTIFY_USER ~IPV6 ~NET ~NET_NS ~PROC_FS ~SIGNALFD ~SYSFS
- ~TIMERFD ~TMPFS_XATTR ~UNIX
- ~CRYPTO_HMAC ~CRYPTO_SHA256 ~CRYPTO_USER_API_HASH
- ~!FW_LOADER_USER_HELPER_FALLBACK ~!GRKERNSEC_PROC ~!IDE ~!SYSFS_DEPRECATED
- ~!SYSFS_DEPRECATED_V2"
-
- use acl && CONFIG_CHECK+=" ~TMPFS_POSIX_ACL"
- use seccomp && CONFIG_CHECK+=" ~SECCOMP ~SECCOMP_FILTER"
- kernel_is -lt 3 7 && CONFIG_CHECK+=" ~HOTPLUG"
- kernel_is -lt 4 7 && CONFIG_CHECK+=" ~DEVPTS_MULTIPLE_INSTANCES"
- kernel_is -ge 4 10 && CONFIG_CHECK+=" ~CGROUP_BPF"
-
- if linux_config_exists; then
- local uevent_helper_path=$(linux_chkconfig_string UEVENT_HELPER_PATH)
- if [[ -n ${uevent_helper_path} ]] && [[ ${uevent_helper_path} != '""' ]]; then
- ewarn "It's recommended to set an empty value to the following kernel config option:"
- ewarn "CONFIG_UEVENT_HELPER_PATH=${uevent_helper_path}"
- fi
- if linux_chkconfig_present X86; then
- CONFIG_CHECK+=" ~DMIID"
- fi
- fi
-
- if kernel_is -lt ${MINKV//./ }; then
- ewarn "Kernel version at least ${MINKV} required"
- fi
-
- check_extra_config
- fi
-}
-
-pkg_setup() {
- :
-}
-
-src_unpack() {
- default
- [[ ${PV} != 9999 ]] || git-r3_src_unpack
-}
-
-src_prepare() {
- # Do NOT add patches here
- local PATCHES=()
-
- [[ -d "${WORKDIR}"/patches ]] && PATCHES+=( "${WORKDIR}"/patches )
-
- # Add local patches here
- PATCHES+=(
- "${FILESDIR}"/242-gcc-9.patch
- "${FILESDIR}"/242-socket-util-flush-accept.patch
- "${FILESDIR}"/242-wireguard-listenport.patch
- "${FILESDIR}"/242-file-max.patch
- "${FILESDIR}"/242-rdrand-ryzen.patch
- "${FILESDIR}"/242-networkd-ipv6-token.patch
- "${FILESDIR}"/242-network-domains.patch
- "${FILESDIR}"/CVE-2019-15718.patch
- )
-
- if ! use vanilla; then
- PATCHES+=(
- "${FILESDIR}/gentoo-Dont-enable-audit-by-default.patch"
- "${FILESDIR}/gentoo-systemd-user-pam.patch"
- "${FILESDIR}/gentoo-generator-path-r1.patch"
- )
- fi
-
- default
-}
-
-src_configure() {
- # Prevent conflicts with i686 cross toolchain, bug 559726
- tc-export AR CC NM OBJCOPY RANLIB
-
- python_setup
-
- multilib-minimal_src_configure
-}
-
-meson_use() {
- usex "$1" true false
-}
-
-meson_multilib() {
- if multilib_is_native_abi; then
- echo true
- else
- echo false
- fi
-}
-
-meson_multilib_native_use() {
- if multilib_is_native_abi && use "$1"; then
- echo true
- else
- echo false
- fi
-}
-
-multilib_src_configure() {
- local myconf=(
- --localstatedir="${EPREFIX}/var"
- -Dsupport-url="https://gentoo.org/support/"
- -Dpamlibdir="$(getpam_mod_dir)"
- # avoid bash-completion dep
- -Dbashcompletiondir="$(get_bashcompdir)"
- # make sure we get /bin:/sbin in PATH
- -Dsplit-usr=$(usex split-usr true false)
- -Drootprefix="$(usex split-usr "${EPREFIX:-/}" "${EPREFIX}/usr")"
- -Dsysvinit-path=
- -Dsysvrcnd-path=
- # Avoid infinite exec recursion, bug 642724
- -Dtelinit-path="${EPREFIX}/lib/sysvinit/telinit"
- # no deps
- -Defi=$(meson_multilib)
- -Dima=true
- # Optional components/dependencies
- -Dacl=$(meson_multilib_native_use acl)
- -Dapparmor=$(meson_multilib_native_use apparmor)
- -Daudit=$(meson_multilib_native_use audit)
- -Dlibcryptsetup=$(meson_multilib_native_use cryptsetup)
- -Dlibcurl=$(meson_multilib_native_use curl)
- -Ddns-over-tls=$(meson_multilib_native_use dns-over-tls)
- -Delfutils=$(meson_multilib_native_use elfutils)
- -Dgcrypt=$(meson_use gcrypt)
- -Dgnu-efi=$(meson_multilib_native_use gnuefi)
- -Defi-libdir="${ESYSROOT}/usr/$(get_libdir)"
- -Dmicrohttpd=$(meson_multilib_native_use http)
- -Dimportd=$(meson_multilib_native_use importd)
- -Dbzip2=$(meson_multilib_native_use importd)
- -Dzlib=$(meson_multilib_native_use importd)
- -Dkmod=$(meson_multilib_native_use kmod)
- -Dlz4=$(meson_use lz4)
- -Dxz=$(meson_use lzma)
- -Dlibiptc=$(meson_multilib_native_use nat)
- -Dpam=$(meson_use pam)
- -Dpcre2=$(meson_multilib_native_use pcre)
- -Dpolkit=$(meson_multilib_native_use policykit)
- -Dqrencode=$(meson_multilib_native_use qrcode)
- -Dseccomp=$(meson_multilib_native_use seccomp)
- -Dselinux=$(meson_multilib_native_use selinux)
- -Ddbus=$(meson_multilib_native_use test)
- -Dxkbcommon=$(meson_multilib_native_use xkb)
- -Dntp-servers="0.gentoo.pool.ntp.org 1.gentoo.pool.ntp.org 2.gentoo.pool.ntp.org 3.gentoo.pool.ntp.org"
- # Breaks screen, tmux, etc.
- -Ddefault-kill-user-processes=false
- -Dcreate-log-dirs=false
-
- # multilib options
- -Dbacklight=$(meson_multilib)
- -Dbinfmt=$(meson_multilib)
- -Dcoredump=$(meson_multilib)
- -Denvironment-d=$(meson_multilib)
- -Dfirstboot=$(meson_multilib)
- -Dhibernate=$(meson_multilib)
- -Dhostnamed=$(meson_multilib)
- -Dhwdb=$(meson_multilib)
- -Dldconfig=$(meson_multilib)
- -Dlocaled=$(meson_multilib)
- -Dman=$(meson_multilib)
- -Dnetworkd=$(meson_multilib)
- -Dquotacheck=$(meson_multilib)
- -Drandomseed=$(meson_multilib)
- -Drfkill=$(meson_multilib)
- -Dsysusers=$(meson_multilib)
- -Dtimedated=$(meson_multilib)
- -Dtimesyncd=$(meson_multilib)
- -Dtmpfiles=$(meson_multilib)
- -Dvconsole=$(meson_multilib)
- )
-
- if multilib_is_native_abi && use idn; then
- myconf+=(
- -Dlibidn2=$(usex libidn2 true false)
- -Dlibidn=$(usex libidn2 false true)
- )
- else
- myconf+=(
- -Dlibidn2=false
- -Dlibidn=false
- )
- fi
-
- meson_src_configure "${myconf[@]}"
-}
-
-multilib_src_compile() {
- eninja
-}
-
-multilib_src_test() {
- unset DBUS_SESSION_BUS_ADDRESS XDG_RUNTIME_DIR
- eninja test
-}
-
-multilib_src_install() {
- DESTDIR="${D}" eninja install
-}
-
-multilib_src_install_all() {
- local rootprefix=$(usex split-usr '' /usr)
-
- # meson doesn't know about docdir
- mv "${ED}"/usr/share/doc/{systemd,${PF}} || die
-
- einstalldocs
- dodoc "${FILESDIR}"/nsswitch.conf
-
- if ! use resolvconf; then
- rm -f "${ED}${rootprefix}"/sbin/resolvconf || die
- fi
-
- if ! use sysv-utils; then
- rm "${ED}${rootprefix}"/sbin/{halt,init,poweroff,reboot,runlevel,shutdown,telinit} || die
- rm "${ED}"/usr/share/man/man1/init.1 || die
- rm "${ED}"/usr/share/man/man8/{halt,poweroff,reboot,runlevel,shutdown,telinit}.8 || die
- fi
-
- if ! use resolvconf && ! use sysv-utils; then
- rmdir "${ED}${rootprefix}"/sbin || die
- fi
-
- # Preserve empty dirs in /etc & /var, bug #437008
- keepdir /etc/{binfmt.d,modules-load.d,tmpfiles.d}
- keepdir /etc/kernel/install.d
- keepdir /etc/systemd/{network,user}
- keepdir /etc/udev/{hwdb.d,rules.d}
- keepdir "${rootprefix}"/lib/systemd/{system-sleep,system-shutdown}
- keepdir /usr/lib/{binfmt.d,modules-load.d}
- keepdir /usr/lib/systemd/user-generators
- keepdir /var/lib/systemd
- keepdir /var/log/journal
-
- # Symlink /etc/sysctl.conf for easy migration.
- dosym ../sysctl.conf /etc/sysctl.d/99-sysctl.conf
-
- local udevdir=/lib/udev
- use split-usr || udevdir=/usr/lib/udev
-
- rm -r "${ED}${udevdir}/hwdb.d" || die
-
- if use split-usr; then
- # Avoid breaking boot/reboot
- dosym ../../../lib/systemd/systemd /usr/lib/systemd/systemd
- dosym ../../../lib/systemd/systemd-shutdown /usr/lib/systemd/systemd-shutdown
- fi
-}
-
-migrate_locale() {
- local envd_locale_def="${EROOT}/etc/env.d/02locale"
- local envd_locale=( "${EROOT}"/etc/env.d/??locale )
- local locale_conf="${EROOT}/etc/locale.conf"
-
- if [[ ! -L ${locale_conf} && ! -e ${locale_conf} ]]; then
- # If locale.conf does not exist...
- if [[ -e ${envd_locale} ]]; then
- # ...either copy env.d/??locale if there's one
- ebegin "Moving ${envd_locale} to ${locale_conf}"
- mv "${envd_locale}" "${locale_conf}"
- eend ${?} || FAIL=1
- else
- # ...or create a dummy default
- ebegin "Creating ${locale_conf}"
- cat > "${locale_conf}" <<-EOF
- # This file has been created by the sys-apps/systemd ebuild.
- # See locale.conf(5) and localectl(1).
-
- # LANG=${LANG}
- EOF
- eend ${?} || FAIL=1
- fi
- fi
-
- if [[ ! -L ${envd_locale} ]]; then
- # now, if env.d/??locale is not a symlink (to locale.conf)...
- if [[ -e ${envd_locale} ]]; then
- # ...warn the user that he has duplicate locale settings
- ewarn
- ewarn "To ensure consistent behavior, you should replace ${envd_locale}"
- ewarn "with a symlink to ${locale_conf}. Please migrate your settings"
- ewarn "and create the symlink with the following command:"
- ewarn "ln -s -n -f ../locale.conf ${envd_locale}"
- ewarn
- else
- # ...or just create the symlink if there's nothing here
- ebegin "Creating ${envd_locale_def} -> ../locale.conf symlink"
- ln -n -s ../locale.conf "${envd_locale_def}"
- eend ${?} || FAIL=1
- fi
- fi
-}
-
-save_enabled_units() {
- ENABLED_UNITS=()
- type systemctl &>/dev/null || return
- for x; do
- if systemctl --quiet --root="${ROOT:-/}" is-enabled "${x}"; then
- ENABLED_UNITS+=( "${x}" )
- fi
- done
-}
-
-pkg_preinst() {
- save_enabled_units {machines,remote-{cryptsetup,fs}}.target getty@tty1.service
-}
-
-pkg_postinst() {
- systemd_update_catalog
-
- # Keep this here in case the database format changes so it gets updated
- # when required. Despite that this file is owned by sys-apps/hwids.
- if has_version "sys-apps/hwids[udev]"; then
- udevadm hwdb --update --root="${EROOT}"
- fi
-
- udev_reload || FAIL=1
-
- # Bug 465468, make sure locales are respect, and ensure consistency
- # between OpenRC & systemd
- migrate_locale
-
- systemd_reenable systemd-networkd.service systemd-resolved.service
-
- if [[ ${ENABLED_UNITS[@]} ]]; then
- systemctl --root="${ROOT:-/}" enable "${ENABLED_UNITS[@]}"
- fi
-
- if [[ -z ${REPLACING_VERSIONS} ]]; then
- if type systemctl &>/dev/null; then
- systemctl --root="${ROOT:-/}" enable getty@.service remote-fs.target || FAIL=1
- fi
- elog "To enable a useful set of services, run the following:"
- elog " systemctl preset-all --preset-mode=enable-only"
- fi
-
- if [[ -L ${EROOT}/var/lib/systemd/timesync ]]; then
- rm "${EROOT}/var/lib/systemd/timesync"
- fi
-
- if [[ -z ${ROOT} && -d /run/systemd/system ]]; then
- ebegin "Reexecuting system manager"
- systemctl daemon-reexec
- eend $?
- fi
-
- if [[ ${FAIL} ]]; then
- eerror "One of the postinst commands failed. Please check the postinst output"
- eerror "for errors. You may need to clean up your system and/or try installing"
- eerror "systemd again."
- eerror
- fi
-}
-
-pkg_prerm() {
- # If removing systemd completely, remove the catalog database.
- if [[ ! ${REPLACED_BY_VERSION} ]]; then
- rm -f -v "${EROOT}"/var/lib/systemd/catalog/database
- fi
-}
+++ /dev/null
-# Copyright 2011-2020 Gentoo Authors
-# Distributed under the terms of the GNU General Public License v2
-
-EAPI=7
-
-if [[ ${PV} == 9999 ]]; then
- EGIT_REPO_URI="https://github.com/systemd/systemd.git"
- inherit git-r3
-else
- MY_PV=${PV/_/-}
- MY_P=${PN}-${MY_PV}
- S=${WORKDIR}/${MY_P}
- SRC_URI="https://github.com/systemd/systemd/archive/v${MY_PV}/${MY_P}.tar.gz"
- KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~mips ~ppc ~ppc64 ~sparc ~x86"
-fi
-
-PYTHON_COMPAT=( python{3_6,3_7} )
-
-inherit bash-completion-r1 linux-info meson multilib-minimal ninja-utils pam python-any-r1 systemd toolchain-funcs udev
-
-DESCRIPTION="System and service manager for Linux"
-HOMEPAGE="https://www.freedesktop.org/wiki/Software/systemd"
-
-LICENSE="GPL-2 LGPL-2.1 MIT public-domain"
-SLOT="0/2"
-IUSE="acl apparmor audit build cgroup-hybrid cryptsetup curl dns-over-tls elfutils +gcrypt gnuefi http idn importd +kmod +lz4 lzma nat pam pcre policykit qrcode +resolvconf +seccomp selinux split-usr +sysv-utils test vanilla xkb"
-
-REQUIRED_USE="importd? ( curl gcrypt lzma )"
-RESTRICT="!test? ( test )"
-
-MINKV="3.11"
-
-COMMON_DEPEND=">=sys-apps/util-linux-2.30:0=[${MULTILIB_USEDEP}]
- sys-libs/libcap:0=[${MULTILIB_USEDEP}]
- !<sys-libs/glibc-2.16
- acl? ( sys-apps/acl:0= )
- apparmor? ( sys-libs/libapparmor:0= )
- audit? ( >=sys-process/audit-2:0= )
- cryptsetup? ( >=sys-fs/cryptsetup-1.6:0= )
- curl? ( net-misc/curl:0= )
- dns-over-tls? ( >=net-libs/gnutls-3.5.3:0= )
- elfutils? ( >=dev-libs/elfutils-0.158:0= )
- gcrypt? ( >=dev-libs/libgcrypt-1.4.5:0=[${MULTILIB_USEDEP}] )
- http? (
- >=net-libs/libmicrohttpd-0.9.33:0=[epoll(+)]
- >=net-libs/gnutls-3.1.4:0=
- )
- idn? ( net-dns/libidn2:= )
- importd? (
- app-arch/bzip2:0=
- sys-libs/zlib:0=
- )
- kmod? ( >=sys-apps/kmod-15:0= )
- lz4? ( >=app-arch/lz4-0_p131:0=[${MULTILIB_USEDEP}] )
- lzma? ( >=app-arch/xz-utils-5.0.5-r1:0=[${MULTILIB_USEDEP}] )
- nat? ( net-firewall/iptables:0= )
- pam? ( sys-libs/pam:=[${MULTILIB_USEDEP}] )
- pcre? ( dev-libs/libpcre2 )
- qrcode? ( media-gfx/qrencode:0= )
- seccomp? ( >=sys-libs/libseccomp-2.3.3:0= )
- selinux? ( sys-libs/libselinux:0= )
- xkb? ( >=x11-libs/libxkbcommon-0.4.1:0= )"
-
-# Newer linux-headers needed by ia64, bug #480218
-DEPEND="${COMMON_DEPEND}
- >=sys-kernel/linux-headers-${MINKV}
- gnuefi? ( >=sys-boot/gnu-efi-3.0.2 )
-"
-
-# baselayout-2.2 has /run
-RDEPEND="${COMMON_DEPEND}
- acct-group/adm
- acct-group/wheel
- acct-group/kmem
- acct-group/tty
- acct-group/utmp
- acct-group/audio
- acct-group/cdrom
- acct-group/dialout
- acct-group/disk
- acct-group/input
- acct-group/kvm
- acct-group/render
- acct-group/tape
- acct-group/video
- acct-group/systemd-journal
- acct-user/systemd-journal-remote
- acct-user/systemd-coredump
- acct-user/systemd-network
- acct-user/systemd-resolve
- acct-user/systemd-timesync
- >=sys-apps/baselayout-2.2
- selinux? ( sec-policy/selinux-base-policy[systemd] )
- sysv-utils? ( !sys-apps/sysvinit )
- !sysv-utils? ( sys-apps/sysvinit )
- resolvconf? ( !net-dns/openresolv )
- !build? ( || (
- sys-apps/util-linux[kill(-)]
- sys-process/procps[kill(+)]
- sys-apps/coreutils[kill(-)]
- ) )
- !sys-auth/nss-myhostname
- !<sys-kernel/dracut-044
- !sys-fs/eudev
- !sys-fs/udev
-"
-
-# sys-apps/dbus: the daemon only (+ build-time lib dep for tests)
-PDEPEND=">=sys-apps/dbus-1.9.8[systemd]
- >=sys-apps/hwids-20150417[udev]
- >=sys-fs/udev-init-scripts-25
- policykit? ( sys-auth/polkit )
- !vanilla? ( sys-apps/gentoo-systemd-integration )"
-
-BDEPEND="
- app-arch/xz-utils:0
- dev-util/gperf
- >=dev-util/meson-0.46
- >=dev-util/intltool-0.50
- >=sys-apps/coreutils-8.16
- sys-devel/m4
- virtual/pkgconfig[${MULTILIB_USEDEP}]
- test? ( sys-apps/dbus )
- app-text/docbook-xml-dtd:4.2
- app-text/docbook-xml-dtd:4.5
- app-text/docbook-xsl-stylesheets
- dev-libs/libxslt:0
- $(python_gen_any_dep 'dev-python/lxml[${PYTHON_USEDEP}]')
-"
-
-pkg_pretend() {
- if [[ ${MERGE_TYPE} != buildonly ]]; then
- if use test && has pid-sandbox ${FEATURES}; then
- ewarn "Tests are known to fail with PID sandboxing enabled."
- ewarn "See https://bugs.gentoo.org/674458."
- fi
-
- local CONFIG_CHECK="~AUTOFS4_FS ~BLK_DEV_BSG ~CGROUPS
- ~CHECKPOINT_RESTORE ~DEVTMPFS ~EPOLL ~FANOTIFY ~FHANDLE
- ~INOTIFY_USER ~IPV6 ~NET ~NET_NS ~PROC_FS ~SIGNALFD ~SYSFS
- ~TIMERFD ~TMPFS_XATTR ~UNIX
- ~CRYPTO_HMAC ~CRYPTO_SHA256 ~CRYPTO_USER_API_HASH
- ~!FW_LOADER_USER_HELPER_FALLBACK ~!GRKERNSEC_PROC ~!IDE ~!SYSFS_DEPRECATED
- ~!SYSFS_DEPRECATED_V2"
-
- use acl && CONFIG_CHECK+=" ~TMPFS_POSIX_ACL"
- use seccomp && CONFIG_CHECK+=" ~SECCOMP ~SECCOMP_FILTER"
- kernel_is -lt 3 7 && CONFIG_CHECK+=" ~HOTPLUG"
- kernel_is -lt 4 7 && CONFIG_CHECK+=" ~DEVPTS_MULTIPLE_INSTANCES"
- kernel_is -ge 4 10 && CONFIG_CHECK+=" ~CGROUP_BPF"
-
- if linux_config_exists; then
- local uevent_helper_path=$(linux_chkconfig_string UEVENT_HELPER_PATH)
- if [[ -n ${uevent_helper_path} ]] && [[ ${uevent_helper_path} != '""' ]]; then
- ewarn "It's recommended to set an empty value to the following kernel config option:"
- ewarn "CONFIG_UEVENT_HELPER_PATH=${uevent_helper_path}"
- fi
- if linux_chkconfig_present X86; then
- CONFIG_CHECK+=" ~DMIID"
- fi
- fi
-
- if kernel_is -lt ${MINKV//./ }; then
- ewarn "Kernel version at least ${MINKV} required"
- fi
-
- check_extra_config
- fi
-}
-
-pkg_setup() {
- :
-}
-
-src_unpack() {
- default
- [[ ${PV} != 9999 ]] || git-r3_src_unpack
-}
-
-src_prepare() {
- # Do NOT add patches here
- local PATCHES=()
-
- [[ -d "${WORKDIR}"/patches ]] && PATCHES+=( "${WORKDIR}"/patches )
-
- # Add local patches here
- PATCHES+=(
- )
-
- if ! use vanilla; then
- PATCHES+=(
- "${FILESDIR}/gentoo-Dont-enable-audit-by-default.patch"
- "${FILESDIR}/gentoo-systemd-user-pam.patch"
- "${FILESDIR}/gentoo-generator-path-r1.patch"
- )
- fi
-
- default
-}
-
-src_configure() {
- # Prevent conflicts with i686 cross toolchain, bug 559726
- tc-export AR CC NM OBJCOPY RANLIB
-
- python_setup
-
- multilib-minimal_src_configure
-}
-
-meson_use() {
- usex "$1" true false
-}
-
-meson_multilib() {
- if multilib_is_native_abi; then
- echo true
- else
- echo false
- fi
-}
-
-meson_multilib_native_use() {
- if multilib_is_native_abi && use "$1"; then
- echo true
- else
- echo false
- fi
-}
-
-multilib_src_configure() {
- local myconf=(
- --localstatedir="${EPREFIX}/var"
- -Dsupport-url="https://gentoo.org/support/"
- -Dpamlibdir="$(getpam_mod_dir)"
- # avoid bash-completion dep
- -Dbashcompletiondir="$(get_bashcompdir)"
- # make sure we get /bin:/sbin in PATH
- -Dsplit-usr=$(usex split-usr true false)
- -Drootprefix="$(usex split-usr "${EPREFIX:-/}" "${EPREFIX}/usr")"
- -Dsysvinit-path=
- -Dsysvrcnd-path=
- # Avoid infinite exec recursion, bug 642724
- -Dtelinit-path="${EPREFIX}/lib/sysvinit/telinit"
- # no deps
- -Defi=$(meson_multilib)
- -Dima=true
- -Ddefault-hierarchy=$(usex cgroup-hybrid hybrid unified)
- # Optional components/dependencies
- -Dacl=$(meson_multilib_native_use acl)
- -Dapparmor=$(meson_multilib_native_use apparmor)
- -Daudit=$(meson_multilib_native_use audit)
- -Dlibcryptsetup=$(meson_multilib_native_use cryptsetup)
- -Dlibcurl=$(meson_multilib_native_use curl)
- -Ddns-over-tls=$(meson_multilib_native_use dns-over-tls)
- -Delfutils=$(meson_multilib_native_use elfutils)
- -Dgcrypt=$(meson_use gcrypt)
- -Dgnu-efi=$(meson_multilib_native_use gnuefi)
- -Defi-libdir="${ESYSROOT}/usr/$(get_libdir)"
- -Dmicrohttpd=$(meson_multilib_native_use http)
- -Didn=$(meson_multilib_native_use idn)
- -Dimportd=$(meson_multilib_native_use importd)
- -Dbzip2=$(meson_multilib_native_use importd)
- -Dzlib=$(meson_multilib_native_use importd)
- -Dkmod=$(meson_multilib_native_use kmod)
- -Dlz4=$(meson_use lz4)
- -Dxz=$(meson_use lzma)
- -Dlibiptc=$(meson_multilib_native_use nat)
- -Dpam=$(meson_use pam)
- -Dpcre2=$(meson_multilib_native_use pcre)
- -Dpolkit=$(meson_multilib_native_use policykit)
- -Dqrencode=$(meson_multilib_native_use qrcode)
- -Dseccomp=$(meson_multilib_native_use seccomp)
- -Dselinux=$(meson_multilib_native_use selinux)
- -Ddbus=$(meson_multilib_native_use test)
- -Dxkbcommon=$(meson_multilib_native_use xkb)
- -Dntp-servers="0.gentoo.pool.ntp.org 1.gentoo.pool.ntp.org 2.gentoo.pool.ntp.org 3.gentoo.pool.ntp.org"
- # Breaks screen, tmux, etc.
- -Ddefault-kill-user-processes=false
- -Dcreate-log-dirs=false
-
- # multilib options
- -Dbacklight=$(meson_multilib)
- -Dbinfmt=$(meson_multilib)
- -Dcoredump=$(meson_multilib)
- -Denvironment-d=$(meson_multilib)
- -Dfirstboot=$(meson_multilib)
- -Dhibernate=$(meson_multilib)
- -Dhostnamed=$(meson_multilib)
- -Dhwdb=$(meson_multilib)
- -Dldconfig=$(meson_multilib)
- -Dlocaled=$(meson_multilib)
- -Dman=$(meson_multilib)
- -Dnetworkd=$(meson_multilib)
- -Dquotacheck=$(meson_multilib)
- -Drandomseed=$(meson_multilib)
- -Drfkill=$(meson_multilib)
- -Dsysusers=$(meson_multilib)
- -Dtimedated=$(meson_multilib)
- -Dtimesyncd=$(meson_multilib)
- -Dtmpfiles=$(meson_multilib)
- -Dvconsole=$(meson_multilib)
- )
-
- meson_src_configure "${myconf[@]}"
-}
-
-multilib_src_compile() {
- eninja
-}
-
-multilib_src_test() {
- unset DBUS_SESSION_BUS_ADDRESS XDG_RUNTIME_DIR
- meson_src_test
-}
-
-multilib_src_install() {
- DESTDIR="${D}" eninja install
-}
-
-multilib_src_install_all() {
- local rootprefix=$(usex split-usr '' /usr)
-
- # meson doesn't know about docdir
- mv "${ED}"/usr/share/doc/{systemd,${PF}} || die
-
- einstalldocs
- dodoc "${FILESDIR}"/nsswitch.conf
-
- if ! use resolvconf; then
- rm -f "${ED}${rootprefix}"/sbin/resolvconf || die
- fi
-
- if ! use sysv-utils; then
- rm "${ED}${rootprefix}"/sbin/{halt,init,poweroff,reboot,runlevel,shutdown,telinit} || die
- rm "${ED}"/usr/share/man/man1/init.1 || die
- rm "${ED}"/usr/share/man/man8/{halt,poweroff,reboot,runlevel,shutdown,telinit}.8 || die
- fi
-
- if ! use resolvconf && ! use sysv-utils; then
- rmdir "${ED}${rootprefix}"/sbin || die
- fi
-
- # Preserve empty dirs in /etc & /var, bug #437008
- keepdir /etc/{binfmt.d,modules-load.d,tmpfiles.d}
- keepdir /etc/kernel/install.d
- keepdir /etc/systemd/{network,system,user}
- keepdir /etc/udev/{hwdb.d,rules.d}
- keepdir "${rootprefix}"/lib/systemd/{system-sleep,system-shutdown}
- keepdir /usr/lib/{binfmt.d,modules-load.d}
- keepdir /usr/lib/systemd/user-generators
- keepdir /var/lib/systemd
- keepdir /var/log/journal
-
- # Symlink /etc/sysctl.conf for easy migration.
- dosym ../sysctl.conf /etc/sysctl.d/99-sysctl.conf
-
- rm -r "${ED}${rootprefix}"/lib/udev/hwdb.d || die
-
- if use split-usr; then
- # Avoid breaking boot/reboot
- dosym ../../../lib/systemd/systemd /usr/lib/systemd/systemd
- dosym ../../../lib/systemd/systemd-shutdown /usr/lib/systemd/systemd-shutdown
- fi
-}
-
-migrate_locale() {
- local envd_locale_def="${EROOT}/etc/env.d/02locale"
- local envd_locale=( "${EROOT}"/etc/env.d/??locale )
- local locale_conf="${EROOT}/etc/locale.conf"
-
- if [[ ! -L ${locale_conf} && ! -e ${locale_conf} ]]; then
- # If locale.conf does not exist...
- if [[ -e ${envd_locale} ]]; then
- # ...either copy env.d/??locale if there's one
- ebegin "Moving ${envd_locale} to ${locale_conf}"
- mv "${envd_locale}" "${locale_conf}"
- eend ${?} || FAIL=1
- else
- # ...or create a dummy default
- ebegin "Creating ${locale_conf}"
- cat > "${locale_conf}" <<-EOF
- # This file has been created by the sys-apps/systemd ebuild.
- # See locale.conf(5) and localectl(1).
-
- # LANG=${LANG}
- EOF
- eend ${?} || FAIL=1
- fi
- fi
-
- if [[ ! -L ${envd_locale} ]]; then
- # now, if env.d/??locale is not a symlink (to locale.conf)...
- if [[ -e ${envd_locale} ]]; then
- # ...warn the user that he has duplicate locale settings
- ewarn
- ewarn "To ensure consistent behavior, you should replace ${envd_locale}"
- ewarn "with a symlink to ${locale_conf}. Please migrate your settings"
- ewarn "and create the symlink with the following command:"
- ewarn "ln -s -n -f ../locale.conf ${envd_locale}"
- ewarn
- else
- # ...or just create the symlink if there's nothing here
- ebegin "Creating ${envd_locale_def} -> ../locale.conf symlink"
- ln -n -s ../locale.conf "${envd_locale_def}"
- eend ${?} || FAIL=1
- fi
- fi
-}
-
-save_enabled_units() {
- ENABLED_UNITS=()
- type systemctl &>/dev/null || return
- for x; do
- if systemctl --quiet --root="${ROOT:-/}" is-enabled "${x}"; then
- ENABLED_UNITS+=( "${x}" )
- fi
- done
-}
-
-pkg_preinst() {
- save_enabled_units {machines,remote-{cryptsetup,fs}}.target getty@tty1.service
-
- if ! use split-usr; then
- local dir
- for dir in bin sbin lib; do
- if [[ ! ${EROOT}/${dir} -ef ${EROOT}/usr/${dir} ]]; then
- eerror "\"${EROOT}/${dir}\" and \"${EROOT}/usr/${dir}\" are not merged."
- eerror "One of them should be a symbolic link to the other one."
- FAIL=1
- fi
- done
- if [[ ${FAIL} ]]; then
- eerror "Migration to system layout with merged directories must be performed before"
- eerror "rebuilding ${CATEGORY}/${PN} with USE=\"-split-usr\" to avoid run-time breakage."
- die "System layout with split directories still used"
- fi
- fi
-}
-
-pkg_postinst() {
- systemd_update_catalog
-
- # Keep this here in case the database format changes so it gets updated
- # when required. Despite that this file is owned by sys-apps/hwids.
- if has_version "sys-apps/hwids[udev]"; then
- udevadm hwdb --update --root="${EROOT}"
- fi
-
- udev_reload || FAIL=1
-
- # Bug 465468, make sure locales are respect, and ensure consistency
- # between OpenRC & systemd
- migrate_locale
-
- systemd_reenable systemd-networkd.service systemd-resolved.service
-
- if [[ ${ENABLED_UNITS[@]} ]]; then
- systemctl --root="${ROOT:-/}" enable "${ENABLED_UNITS[@]}"
- fi
-
- if [[ -z ${REPLACING_VERSIONS} ]]; then
- if type systemctl &>/dev/null; then
- systemctl --root="${ROOT:-/}" enable getty@.service remote-fs.target || FAIL=1
- fi
- elog "To enable a useful set of services, run the following:"
- elog " systemctl preset-all --preset-mode=enable-only"
- fi
-
- if [[ -L ${EROOT}/var/lib/systemd/timesync ]]; then
- rm "${EROOT}/var/lib/systemd/timesync"
- fi
-
- if [[ -z ${ROOT} && -d /run/systemd/system ]]; then
- ebegin "Reexecuting system manager"
- systemctl daemon-reexec
- eend $?
- fi
-
- if [[ ${FAIL} ]]; then
- eerror "One of the postinst commands failed. Please check the postinst output"
- eerror "for errors. You may need to clean up your system and/or try installing"
- eerror "systemd again."
- eerror
- fi
-}
-
-pkg_prerm() {
- # If removing systemd completely, remove the catalog database.
- if [[ ! ${REPLACED_BY_VERSION} ]]; then
- rm -f -v "${EROOT}"/var/lib/systemd/catalog/database
- fi
-}
projects / gentoo.git / commitdiff