Bumping the version of systemd is a little more complicated than the
usual package, and it's easy to forget some of the things that need to
be done - and this has happened several times in the past.
Add a checklist of things to worry about when updating systemd.
Note that there are many other complicated packages that also need a lot
of attention when upgrading. However, systemd is a really critical
package so it's more important that we get that one right than, say,
valgrind.
Cc: Norbert Lange <nolange79@gmail.com>
Cc: Jérémy ROSEN <jeremy.rosen@smile.fr>
Cc: Adam Duskett <aduskett@gmail.com>
Cc: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
add the missing user if oomd is enabled.
Signed-off-by: Norbert Lange <nolange79@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Especially for read-only filesystems it is helpful to
pre-create all folders for non-volatile paths.
This needs to run under fakeroot to allow setting
uids/gids/perms for the target fs.
systemd-tmpfilesd supports specifiers and target rootfs,
but some specifiers resolve to information from the host,
it is necessary to specially handle (skip) entries that
contain problematic specifiers.
Signed-off-by: Norbert Lange <nolange79@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Since tmpfiles is no longer optional, the Config.in symbol serves no
purpose. It was only used in cryptsetup.mk, where we replace it with
BR2_PACKAGE_SYSTEMD.
Advise to do the same in Config.in.legacy.
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
this tool and service is pretty much expected to be enabled,
making this a certainty will enable future improvements.
The config variable BR2_PACKAGE_SYSTEMD_TMPFILES is still
availabe and always set.
Signed-off-by: Norbert Lange <nolange79@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
This modifies the order of the nss modules, reflecting the current
state of the documentation.
nss-mymachines lost support for resolution of users and groups,
and now only does resolution of hostnames. Changed in v246.
Multiple changes in regards to nss-myhostname now recommend placement
after nss-files and before nss-dns. See commits ce266330, f918c67.
nss-resolve handles the nss-files logic itself, and its suggested to
move in front of nss-files. Changed in v249.
Signed-off-by: Norbert Lange <nolange79@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
realign the configuration to the README.
enable CONFIG_AUTOFS_FS (kernel >= 4.18) as well as the someday
to be removed CONFIG_AUTOFS4_FS option.
Signed-off-by: Norbert Lange <nolange79@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Use the unified hierarchy, which is systemds default since v243.
The biggest holdover was docker which now supports the unified
layout.
Note that systemd will automatically fallback to hybrid if the
kernel is too old or the unified hierarchy fails for other reasons.
Signed-off-by: Norbert Lange <nolange79@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
journald supports catalog files, or rather a binary database of
those.
Functionality added includes:
- A config option allows enabling the binary database.
- If BR2_ENABLE_LOCALE_PURGE is enabled, the catalogs not in the
language whitelist are deleted first. This is done independently
of the new option, since the catalogs are removed later anyway.
- If the option is enabled, the database is built and moved to
/usr/share/factory. This makes sure that /usr contains the entire
system. A symlink is created in /var pointing to that file.
- The catalog source files are deleted. They serve no purpose on the
target once the database exists.
- All of the above is done in a ROOTFS_PRE_CMD_HOOK rather than in the
build/install step, because other packages than systemd itself may
also install catalogs. This also makes sure that it is possible to
do a re-build, because the catalog files are not removed in
$(TARGET_DIR) itself, only in the temporary copy for rootfs creation.
- The service normally used for creating the DB during boot is
deleted. If the DB is not enabled, we also don't want to waste time
and space on re-generating every boot. Conversely, if the DB is
enabled, it is already there so doesn't need to be re-done on every
boot either.
The new option depends on !BR2_TARGET_GENERIC_REMOUNT_ROOTFS_RW because
if the rootfs is not RW, /var is overmounted with a tmpfs. The factory
should handle this, but this only half-works [1].
[1] http://lists.busybox.net/pipermail/buildroot/2020-July/287016.html
Signed-off-by: Norbert Lange <nolange79@gmail.com>
Reviewed-by: Jérémy Rosen <jeremy.rosen@smile.fr>
Reviewed-by: Adam Duskett <aduskett@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
legacy.conf no longer exists, it's now legacy.conf.in that has to be
preprocessed. The preprocessing is only done if sysv-compat is enabled.
This reverts commit 0e71f51119.
Systemd doesn't install tmpfiles.d/legacy.conf when sysv compatiblity
isn't enabled. This config sets up /var/lock, which many programs such
as uboot's fw_printenv/setenv still depend on by default.
Signed-off-by: Joseph Kogut <joseph.kogut@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
various services need directories in /var when they are started,
and create them if necessary. Creating those before, allows
those services to start even if /var is read-only.
Signed-off-by: Norbert Lange <nolange79@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Remove upstream patch
Fixes a build issue with toolchains using kernel headers < 5.6,
when the openat2(2) syscall is not available [2].
Add a new patch to fix homework-mount with linux-headers < 5.2.
[1] cd88d010e8
[2] https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=fddb5d430ad9fa91b49b1d34d0202ffe2fa0e179
Signed-off-by: Romain Naour <romain.naour@smile.fr>
Cc: Norbert Lange <nolange79@gmail.com>
Cc: Yann E. MORIN <yann.morin.1998@free.fr>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Combination of cryptolib=openssl and dns-over-tls=gnutls is disallowed
since version 250 and
e37ad765c8
resulting in the following build failure since commit
e9fb26cbb8:
../output-1/build/systemd-250/meson.build:1482:16: ERROR: Problem encountered: Sorry, -Ddns-over-tls=gnutls is not supported when openssl is used as the cryptolib
Fixes:
- http://autobuild.buildroot.org/results/2fcd4ad64b32cc4835866c9d99e05ab8c9bc794a
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Drop disable urlify patch that is now upstream.
Backport missing-syscall: define all MOUNT_ATTR_* if missing patch.
Update license info based on LICENSES/README.md.
Most licenses are moved to SPDX LICENSES folder.
Add libcryptsetup-plugins support.
The efi-ld option expects either "bfd" or "gold", since we don't
support "gold" set it to "bfd" which is also the default fallback.
Set link-boot-shared to true since we build systemd at the same time
as the boot tools.
See link-boot-shared details:
7964702007
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Drop python2 support.
Remove python3-markupsafe host build as python2 host builds for
markupsafe are not supported, python3 host builds are moved to
python-markupsafe.
Remove python3-jinja2 host build as python2 host builds for
jinja2 are not supported, python3 host builds are moved to
python-jinja2.
Remove python3-mako host build as python2 host builds for
mako are not supported, python3 host builds are moved to
python-mako.
Propagate reverse python3 dependency.
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Remove efi-ldsdir meson config option which is no longer used.
Meson config variable systemd-analyze is renamed to analyze.
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
The startup.nsh file is useless to boot EFI payloads. We just need to
follow the naming detection specified in the UEFI spec.
The EFI payload need to be placed in the boot/efi folder in the EFI partition
and follow the architecture naming as described below:
32bit : bootia32.efi
x64 : bootx64.efi
aarch32 : bootarm.efi
aarch64 : bootaa64.efi
This naming is already right in the packages involved (systemd, grub2,
gummiboot), therefore we just need to drop the generation of the
startup.nsh file.
The usage of the startup.nsh in genimage is also dropped to avoid errors in
the image generation.
Signed-off-by: Kory Maincent <kory.maincent@bootlin.com>
Tested-by: Erico Nunes <nunes.erico@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Unfortunately, as of commit 3e1d61868fa8bfc586099302e931433270e5d17d, polkit
requires mozjs >= 78, which means spidermonkey is too old. As such, this patch
is larger than usual.
Spidermonkey has a few major issues:
- The source directory after compilation is enormous (2.7G!)
- The shared library is 24MB stripped!
- It requires python2 to build, which is EOLed, and Buildroot is working
towards removing. See: https://elinux.org/Buildroot:Python2Packages
Instead of going through the arduous task of updating Spidermonkey, there is a
better solution: use duktape.
There has been a pending patch for over a year that incorporates duktape as an
optional backend for polkit found here:
https://gitlab.freedesktop.org/polkit/polkit/-/merge_requests/35
As Thomas Petazzoni put it:
"As I am subscribed to notifications on this merge request, I have been
following the intermittent discussions taking place on this topic.
And indeed, discussions have been sparse, and the polkit maintainer reaction
has not been very supportive. It even feels like they are trying to find
every possible argument or small issue not to merge the duktape integration."
Many people have come out to support using duktape, and many users, including
myself, have used polkit with duktape for as long as the above merge request has
been around without issues; merging in the above merge request is an acceptable
exception to the typical Buildroot package policies.
As Thomas also suggested, I have forked polkit on Github
(https://github.com/aduskett/polkit-duktape), with the above duktape
merge request applied, and a release made with the same tag as upstream (0.119).
I refrained from also adding 0001-make-netgroup-support-optional.patch as it is
outside of the scope of why the fork exists.
Changes:
- refactor 0001-make-netgroup-support-optional.patch to work with 0.119 and
duktape.
- Remove upstream incorporated 0002-jsauthority-memleak.patch
- Remove upstream 0003-polkit-0.116-pkttyagent-sigttou-bg-job.patch
- Remove any trace of spidermonkey from polkit, udisks, and systemd-polkit
- Add duktape as a dependency of polkit
- Change POLKIT_SITE to the above polkit-duktape GitHub repository.
Signed-off-by: Adam Duskett <aduskett@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
The urlify feature in the systemd pager is only supported by the full
less package and not busybox less, enable only for builds with full
less support.
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Add config option for systemd-sysext.
Add config option for systemd-oomd.
Add new host-python3-jinja2 dependency.
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fixes:
showing "enable home daemon"
and "homed support needs a toolchain w/ threads, dynamic library, kernel headers >= 4.12"
when BR2_TOOLCHAIN_HEADERS_AT_LEAST_4_12
introduced by fa62b5165c
Signed-off-by: Michael Nosthoff <buildroot@heine.tech>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Drop upstream patch.
Use the new mode=release switch, this should automatically
disable features deemed not ready for use.
Signed-off-by: Norbert Lange <nolange79@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Add -p argument that ignore that specified directory already exists.
Signed-off-by: Bartosz Bilas <b.bilas@grinn-global.com>
[yann.morin.1998@free.fr:
- split to its own patch
- rewrite commit title
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
The meson options were in some semi-sorted order with no logic in it.
Sort them alphabetically instead.
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Since we don't enable sysv any support, it makes no sense to set the
path to telinit either.
The path we were setting was anyway wrong: we set a path into
TARGET_DIR, but this path is only used at runtime, on the target, where
TARGET_DIR doesn't exist (it should have been /usr/sbin/telinit).
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
If paths are not set, then meson will search the host system for the
binaries (or the target, where those binaries are not yet installed).
So add the missing paths.
Signed-off-by: Norbert Lange <nolange79@gmail.com>
Reviewed-by: Adam Duskett <aduskett@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
The -Dremote=true flag enables three tools: systemd-journal-gatewayd,
systemd-journal-remote and systemd-journal-upload.
It is not possible with simple means to install them seperately. So use
the systemd-journal-remote option to enable or disable them all together.
Drop systemd-journal-gatewayd option and add it to legacy.
Fixes: #12301
Signed-off-by: Michael Nosthoff <buildroot@heine.tech>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
systemds libqrencode support is independent from journal-gatewayd. In
v247 it will additionally be used in homectl for recovery key
generation.
Signed-off-by: Michael Nosthoff <buildroot@heine.tech>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
systemd 246 added support for zstd compression of large fields in
journal files [1]. Since zstd is only used at runtime, we don't
need it to enable its support in host-systemd.
[1] https://github.com/systemd/systemd/blob/v246/NEWS#L323-L331
Signed-off-by: Titouan Christophe <titouan.christophe@railnova.eu>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Select the systemd and udev SELinux modules so that they will be
compiled in the refpolicy. This way, if an SELinux policy is generated,
Systemd will be supported.
Signed-off-by: Antoine Tenart <antoine.tenart@bootlin.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Use UDEV_USERS, now that it's suported by virtual packages.
Signed-off-by: Carlos Santos <unixmania@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
The different tools and libraries in util-linux have a lot of optional
dependencies. When we want to support those optional dependencies, we
can easily generate dependency cycles. For instance, findmount and lsblk
need udev to work correctly, but eudev and systemd both depend libblkid,
which comes from util-linux.
Normal distros (e.g. Debian) solve this by first building a minimal
package that has no dependencies at all, then build the packages that
depend on util-linux, and finally rebuild util-linux with all bells and
whistles. Solve it in Buildroot by means of the following changes:
- Split util-linux into two packages:
- util-linux-libs, providing lib{blkid,fdisk,mount,smartcols,uuid}.
- util-linux, providing both the aforementioned libs and the programs.
- Add a blind selection for util-linux-libs, i.e. it is indirectly
selected according to the util-linux options.
- Make host and target util-linux have a build dependencies on the -libs
packages.
- Make eudev and systemd have build dependencies on util-linux-libs.
This can be extended to other packages in the future but is not needed
right now because the configuration options are backward-compatible.
- Make util-linux have an optional build dependency on the package that
provides libudev (either eudev or systemd), if it is selected.
Installing util-linux overrides files installed by util-linux-libs but
this is not a problem: it's allowed for a package to overwrite files
from another package, as long as there is a dependency between the two.
util-linux-libs has a Config.in symbol for the package as a whole, but
not for the individual libraries: it simply reuses the symbols of the
full package.
The build dependency of util-linux on util-linux-libs ensures that
util-linux overwrites the files installed by util-linux-libs and not
vice versa. In practice this dependency shouldn't be needed: the only
reason for util-linux-libs to be built is to break a circular
dependency. In that case, there is already a transitive dependency of
util-linux on util-linux-libs, so adding it explicitly is redundant.
Still, better safe than sorry.
host-util-linux-libs is not needed at the moment. It can be added if we
have a dependency cycle problem later.
With this approach we don't need to patch configuration files neither
change packages other than eudev and systemd.
Other packages that require util-linux libraries and whose libraries may
be used by util-linux programs can be updated later. We also don't need
to change any existing defconfig, since all configuration options are
kept in the util-linux package.
Fixes: https://bugs.busybox.net/show_bug.cgi?id=11811
Signed-off-by: Carlos Santos <unixmania@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Disable audit for host package to avoid getting the following error if
it is found on host:
[84/662] Generating audit_type-list.txt with a meson_exe.py custom command
In file included from <command-line>:32:
./../src/basic/missing_audit.h:7:10: fatal error: libaudit.h: No such file or directory
7 | #include <libaudit.h>
| ^~~~~~~~~~~~
Fixes:
- http://autobuild.buildroot.org/results/67782c225c08387c1bbcbea9eee3ca12bc6577cd
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Build with cryptsetup and without libblkid will fail on:
../src/shared/dissect-image.c:1336:34: error: 'N_DEVICE_NODE_LIST_ATTEMPTS' undeclared (first use in this function)
1336 | for (unsigned i = 0; i < N_DEVICE_NODE_LIST_ATTEMPTS; i++) {
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~
This bug has been reported upstream:
https://github.com/systemd/systemd/pull/16901
and is not an issue for the target variant as libblkid is select by
BR2_PACKAGE_UTIL_LINUX_MOUNT
As cryptsetup does not seem needed for host-systemd, just disable it
Fixes:
- http://autobuild.buildroot.org/results/67782c225c08387c1bbcbea9eee3ca12bc6577cd
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
portabled is a container-like service, but so far its still a preview
and basically unknown as the portablectl is hidden in
/usr/lib/systemd.
Disable it for now.
See https://systemd.io/PORTABLE_SERVICES/
Signed-off-by: Norbert Lange <nolange79@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
if the tool is not enabled, then configure /bin/false
as fallback.
Signed-off-by: Norbert Lange <nolange79@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
None of the tools in this set are necessary.
Signed-off-by: Norbert Lange <nolange79@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
this dependency is optional, it is used to
allow udev to add information to blockdevices.
Aslong as MOUNT or FSCK are enabled, it will end up enabled
anyway, but this seems more clear and correct.
Signed-off-by: Norbert Lange <nolange79@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>