Upstream systemd-stable has started tagging point releses.
The commit we currently used has now been tagged as v243.3, and this
brings us to v243.4.
Signed-off-by: Jérémy Rosen <jeremy.rosen@smile.fr>
[yann.morin.1998@free.fr:
- expand commit log to explain previous version
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Docker fails to start with "Devices cgroup isn't mounted" as of systemd 243.
According to the systemd documentation:
systemd now defaults to the "unified" cgroup hierarchy setup during
build-time, i.e. -Ddefault-hierarchy=unified is now the build-time default.
Previously, -Ddefault-hierarchy=hybrid was the default. [...] Downstream
production distributions might want to continue to use
-Ddefault-hierarchy=hybrid (or even =legacy) for their builds as unfortunately
the popular container managers have not caught up with the kernel API changes.
Changing this option to "hybrid" or "legacy" fixes the Docker startup.
Reference: https://github.com/opencontainers/runc/issues/654
Signed-off-by: Christian Stewart <christian@paral.in>
Tested-by: Jérémy Rosen <jeremy.rosen@smile.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
The systemd project maintains a separate repository on github where patches
are backported on top of released version by the systemd maintainers.
This patch changes the SYSTEMD_SITE to point on that repository and points
to the latest version of v243, which was the previous version used by
systemd.
Unfortunately, upstream does not tag any version,so we use 'git describe'
as a SYSTEMD_VERSION
Signed-off-by: Jérémy Rosen <jeremy.rosen@smile.fr>
Reviewed-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Added config option for new systemd-pstore feature.
Removed patches that have been committed upstream.
Added symlinks required to enable some services.
After extensive discussion with upstream it does not seem there is any
acceptable option to have symlink installation handled on their side.
The recommended solution from upstream is to have systemctl handle
service installation, however this has a number of downsides such as
requiring us to build a host-systemd just to install a few symlinks.
Since we already customize service installation it is simpler for us
to create the symlinks ourselves, this will also simplify service
customization on our side as we will not need to disable any systemd
default services in cases where we need to make customizations.
In addition using systemctl would introduce a minimum host headers
dependency in which we don't have the infrastructure to handle
properly.
The downside to this approach is that we need to track service creation
changes from upstream ourselves, however this is relatively straightforward
and since upstream service file locations are relatively stable regressions
should be limited. This will mostly be a concern in regards to adding
support for new systemd features.
Details:
https://github.com/systemd/systemd/issues/12767https://github.com/systemd/systemd/pull/12164https://github.com/systemd/systemd/pull/12769https://github.com/systemd/systemd/pull/12775
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Tested-by: Jérémy Rosen <jeremy.rosen@smile.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
This commit was pushed accidentally, it was not yet ready for prime
time. A better way to implement it was proposed.
In addition, it still introduces a circular dependency: systemd ->
polkit -> libglib2 -> util-linux -> systemd
This reverts commit 335c77b667.
The findmount and lsblk utilities need udev to work correctly but cannot
be built with udev support because the packages providing libudev (eudev
and systemd) depend on util-linux, creating a chicken-egg problem. Solve
it by means of the following changes:
- Split util-linux into three packages:
- util-linux-libs, providing lib{blkid,fdisk,mount,smartcols,uuid}.
- util-linux-programs, providing both the aforementioned libs and the
programs.
- util-linux, a dummy package that drives configuration and building
of the other ones.
- Add blind selections for -libs and -programs, i.e. they are indirectly
selected according to the util-linux options.
- Make util-linux have build dependencies on util-linux-{libs,programs}
if they are selected.
- host-util-linux has a build dependency on either host-util-linux-libs
or host-util-linux-programs (not on both, since they are installed on
the same destination).
- Make eudev and systemd have build dependencies on util-linux-libs.
This can be extended to other packages in the future but is not needed
right now because the configuration options are backward-compatible.
- Make util-linux-programs have an optional build dependency on the
package that provides libudev (either eudev or systemd), if it is
selected.
util-linux-libs is installed on STAGING_DIR by default and on TARGET_DIR
if util-linux-programs is not selected. Conversely, util-linux-programs
installs on TARGET_DIR by default and on STAGING_DIR if util-linux-libs
is not selected. This prevents installing the libraries twice on the
same destination, which would confuse check-uniq-files.
With this approach we don't need to patch configuration files neither
change other packages besides eudev and systemd. Other packages that
require util-linux libraries and whose libraries can be used by
util-linux programs can be updated later. We also don't need to change
any existing defcconfig, since all configuration options are kept in
the dummy util-linux package.
The main drawback of this approach is that util-linux-rebuild, as wel as
-reinstall, -reconfigure and even -dirclean targets do not have real
effect. It's necessary to use util-linux-libs-rebuild, for instance, but
this is a reasonable price to pay for the solution.
Fixes: https://bugs.busybox.net/show_bug.cgi?id=11811
Signed-off-by: Carlos Santos <unixmania@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
systemd-journal-remote was added in systemd v211, so add a new option
to enable or disable it.
Signed-off-by: Yi Zheng <goodmenzy@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
systemd-boot is the integration of gummiboot into systemd, when
gummiboot is no longer maintained [0].
Add an option to build systemd-boot as part of the systemd build.
Install the boot files, that can serve as a template for the user
to tweak for their system.
[0] https://cgit.freedesktop.org/gummiboot/commit/?id=55df1539c9d330732e88bd196afee386db6e4a1d
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
[yann.morin.1998@free.fr:
- add missing depends on i386 || x86_64
- add missing dependency to gnu-efi
- add missing boot files
]
Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
In addition:
- Remove patches that have been committed upstream.
- Update hash for the README file. (Meson and Dbus dependency version updates)
./support/testing/run-tests -d dl -o output -k tests.init.test_systemd
14:18:20 TestInitSystemSystemdRwNetworkd Starting
14:18:21 TestInitSystemSystemdRwNetworkd Building
14:26:20 TestInitSystemSystemdRwNetworkd Building done
14:27:01 TestInitSystemSystemdRwNetworkd Cleaning up
.14:27:01 TestInitSystemSystemdRwIfupdown Starting
14:27:01 TestInitSystemSystemdRwIfupdown Building
14:28:35 TestInitSystemSystemdRwIfupdown Building done
14:29:03 TestInitSystemSystemdRwIfupdown Cleaning up
.14:29:03 TestInitSystemSystemdRwFull Starting
14:29:04 TestInitSystemSystemdRwFull Building
14:44:35 TestInitSystemSystemdRwFull Building done
14:45:18 TestInitSystemSystemdRwFull Cleaning up
.14:45:18 TestInitSystemSystemdRoNetworkd Starting
14:45:19 TestInitSystemSystemdRoNetworkd Building
14:55:59 TestInitSystemSystemdRoNetworkd Building done
14:56:23 TestInitSystemSystemdRoNetworkd Cleaning up
.14:56:23 TestInitSystemSystemdRoIfupdown Starting
14:56:24 TestInitSystemSystemdRoIfupdown Building
15:06:42 TestInitSystemSystemdRoIfupdown Building done
15:07:09 TestInitSystemSystemdRoIfupdown Cleaning up
.15:07:09 TestInitSystemSystemdRoFull Starting
15:07:10 TestInitSystemSystemdRoFull Building
15:21:17 TestInitSystemSystemdRoFull Building done
15:21:46 TestInitSystemSystemdRoFull Cleaning up
.
----------------------------------------------------------------------
Ran 6 tests in 3806.472s
OK
Signed-off-by: Adam Duskett <Aduskett@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Buildroot built with systemd fails to open a login prompt on the
serial port when /dev/console is specified as BR2_TARGET_GENERIC_GETTY_PORT
(which is its default value):
systemd[1]: dev-console.device: Job dev-console.device/start timed out.
systemd[1]: Timed out waiting for device /dev/console.
systemd[1]: Dependency failed for Serial Getty on console.
systemd[1]: serial-getty@console.service: Job serial-getty@console.service/start failed with result 'dependency'.
systemd[1]: dev-console.device: Job dev-console.device/start failed with result 'timeout'.
systemd[1]: Reached target Login Prompts.
systemd[1]: Reached target Multi-User System.
According to this issue on Github [1], serial-getty@.service should
not be instantiated on /dev/console, console-getty@.service should
be used instead. This stems from the fact that there should be no
dependency on /dev/console.
[1] https://github.com/systemd/systemd/issues/10914
Signed-off-by: Xavier Ruppen <xruppen@gmail.com>
Reviewed-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
[Peter: drop SERVICE variable as suggested by Yann]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
In addition:
- Remove unused option -Dkill-path.
(See commit 9a85778412fa3e3f8d4561064131ba69f3259b28)
- Change option -Dmyhostname to -Dnss-myhostname.
- Remove patches from upstream.
- Update hash of README file. The changes are unrelated to licensing.
Signed-off-by: Adam Duskett <Aduskett@gmail.com>
Tested-by: Jérémy Rosen <jeremy.rosen@smile.fr>
[Thomas: update the hash of the README file.]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Since version v239, systemd-nspawn unconditioanlly uses prlimit(2),
which is not implemented in uClibc-ng. systemd-nspawn can not be
disabled.
This makes systemd glibc-only again.
After a bit of discussion with upstream (om IRC), it looks very
improbable that they accept a patch making systemd-nspawn optional.
They would probably consider a patch that provides that syscall wrapper
if it is missing, though, but that's less trivial...
Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Cc: Waldemar Brodkorb <wbx@openadk.org>
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Cc: Peter Korsgaard <peter@korsgaard.com>
Reviewed-by: Matt Weber <matthew.weber@rockwellcollins.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
meson-based build of systemd runs a couple of checks on the structure
of the *host* system which will incorrectly configure systemd if build
host configuration doesn't match Buildroot target.
One can also find the following in the NEWS file:
* A new -Dsplit-bin= build configuration switch may be used to specify
whether bin and sbin directories are merged, or if they should be
included separately in $PATH and various listings of executable
directories. The build configuration scripts will try to autodetect
the proper values of -Dsplit-usr= and -Dsplit-bin= based on build
system, but distributions are encouraged to configure this
explicitly.
Signed-off-by: Alexander Sverdlin <alexander.sverdlin@gmail.com>
Acked-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
systemd can use elfutils when available, so this commit adds the
detection of this library.
Signed-off-by: Keith Mok <ek9852@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
We need to install polkit before systemd if we want to enable
polkit integration, because systemd will not install polkit
policy files unless it finds polkit-gobject-1.
Signed-off-by: Asgeir Bjarni Ingvarsson <asgeir@appdynamic.com>
Acked-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
systemd can use libpcre2 when available, so this commit adds the
detection of this library.
Signed-off-by: Jérémy Rosen <jeremy.rosen@smile.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
* remove upstreamed patches
* refresh patch 0002 which didn't apply cleanly
* update patch 0001 to catch more uses of agetty
* the README file hash has changed because some parts of this file
were modified between v237 and v239, but the modifications are not
related to licensing aspects
Signed-off-by: Jérémy Rosen <jeremy.rosen@smile.fr>
[Thomas: regenerate patches with less "noise", update README file
hash.]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Commit 4ded5d6af4 ("systemd: add
optional dependency on libidn2") contained a mistake: -Dlibidn2=true
was passed even when neither libidn nor libidn2 are
available. Obviously it should be -Dlibidn2=false.
Reported-by: Arnout Vandecappelle <arnout@mind.be>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
systemd meson.build uses values from host /etc/login.defs if
system-uid-max and system-gid-max build options are not explicitly
specified.
Avoid that by setting system-uid-max and system-gid-max to 999 which is
the systemd default if SYSTEM_UID_MAX and SYSTEM_GID_MAX are not set in
/etc/login.defs.
Signed-off-by: Anssi Hannula <anssi.hannula@bitwise.fi>
Acked-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
udevd needs extra groups for its bundled rules:
Mar 03 12:21:30 buildroot systemd-udevd[732]: Specified group 'render' unknown
Mar 03 12:21:30 buildroot systemd-udevd[732]: Specified group 'kvm' unknown
Add those missing groups.
Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Cc: Maxime Hadjinlian <maxime.hadjinlian@gmail.com>
Cc: Julius Kriukas <julius@kriukas.lt>
Cc: Trent Piepho <tpiepho@impinj.com>
Cc: Adam Duskett <aduskett@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
When BR2_REPRODUCIBLE is enabled or host uses non UTF-8 capable locale
building systemd fails with an error:
[1/1080] Generating systemd.bg.catalog with a meson_exe.py custom command.
FAILED: catalog/systemd.bg.catalog
/buildroot/output/host/bin/python3 /buildroot/output/host/bin/meson --internal exe /buildroot/output/build/systemd-236/build/meson-private/meson_exe_sed_232a0623cc7ce2cd67ec72ed784b76307102ed76.dat
Warning: You are using 'ANSI_X3.4-1968' which is not a Unicode-compatible locale.
You might see errors if you use UTF-8 strings as filenames, as strings, or as file contents.
Please switch to a UTF-8 locale for your platform.
...
UnicodeDecodeError: 'ascii' codec can't decode byte 0xd0 in position 1079: ordinal not in range(128)
package/pkg-generic.mk:247: recipe for target '/buildroot/output/build/systemd-236/.stamp_built' failed
make: *** [/buildroot/output/build/systemd-236/.stamp_built] Error 1
This patch changes default host system locale from C to C.UTF-8 when
building systemd package to fix this issue. It also introduces
BR2_NEEDS_HOST_C_UTF8_LOCALE flag that checks if this locale is available on
the host system. If locale is not available error message is show and build
process is stopped.
Signed-off-by: Julius Kriukas <julius@kriukas.lt>
[Thomas: use C.UTF-8 instead of en_US.UTF-8.]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
We need to disable any systemd parts using either IDN, NSS or gshadow.
IDN is only disabled in C library function call to getnameinfo(),
it does not effect libidn/libidn2 usage in systemd.
Tested with qemu-system-arm.
Signed-off-by: Waldemar Brodkorb <wbx@openadk.org>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
While the conversion to meson, this seems to be missed.
Found while trying to build systemd with uClibc toolchain.
Signed-off-by: Waldemar Brodkorb <wbx@openadk.org>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Also refresh patches and remove 0004-add-false-option-for-tests.patch as it has
been added upstream.
Signed-off-by: Adam Duskett <Adamduskett@outlook.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
When BR2_TARGET_GENERIC_HOSTNAME is set, use the config option
--with-fallback-hostname to specify the fallback hostname to use
if none is configured in /etc/hostname. This is useful in a
pristine installation with an empty /etc.
Signed-off-by: Chris Lesiak <chris.lesiak@licor.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
systemd is no longer an autotools package, as such, it has now been converted
over to meson.
Even though systemd234 has meson support, it is broken with gcc7, as such
the revision bump and conversion to meson must be in a single patch.
Changes include:
- Change systemd from an autotools package to a generic package
- Changing all the options from --enable/disable to -Doption=true/false
- Remove --without-python (no longer an option)
- Remove all of the ac_cv_path_ variables, and move them into CONF_OPTS
with the prefix -Doption-path=/path.
- Add sha256sum's for the license files.
- Remove 0002-build-check-for-ln-relative.patch and add
0002-install-dont-use-ln-relative.patch in its place, the old patch relied on autotools and is no longer relevant.
- Add 0004-add-false-option-for-tests.patch. With the conversion to meson,
systemd no longer has the option to disable unit tests from being built.
This patch re-adds the functionality. This prevents 381 files from being
built, and prevents gcrypt from becoming a dependency.
Signed-off-by: Adam Duskett <Adamduskett@outlook.com>
Tested-by: Jérémy Rosen <jeremy.rosen@smile.fr>
Reviewed-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Tested-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Tested-by: gitlab-ci https://gitlab.com/ymorin/buildroot-ci/pipelines/15857672/builds
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Other changes:
- Removed the following patches due to being merged upstream:
- resolved-bugfix-of-null-pointer-p-question-dereferencing.patch
- resolved-simplify-alloc-size-calculation.patch
- resolved-do-not-allocate-packets-with-minimum-size.patch
- Updated the following patches to work with 234:
- fix-getty-unit.patch
- build-check-for-ln-relative.patch
- fix-am-path-libgcrypt-no-found.patch
- Updated ordering of remaining patches.
- Reformatted remaining patches as git style patches.
- Updated Upstream-Status comment in "build-check-for-ln-relative.patch" to
"Denied [No desire to support building on old distributions]"
Signed-off-by: Adam Duskett <aduskett@gmail.com>
Tested-by: Marcus Hoffmann <m.hoffmann@caretelsol.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Since things are no longer installed in $(HOST_DIR)/usr, the callers
should also not refer to it.
This is a mechanical change with
git grep -l '$(HOST_DIR)/usr/bin' | xargs sed -i 's%$(HOST_DIR)/usr/bin%$(HOST_DIR)/bin%g'
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
The ifupdown scripts can be used independently of the init system, be it
sysv, busybox or systemd; they could even be used when there is no init
system (i.e. the user is providing his own).
Currently, those ifupdown scripts are bundled in the skeleton.
But we soon will have a skeleton specific to systemd, so we would be
missing those scripts (when systemd-networkd is not enabled).
So, move those scripts to their own package.
To keep the current behaviour (before it is changed in future commits),
we make that package default to y, but depend on the default skeleton.
Instead of being a target-finalize hook, the scripts are installed as
any other package are, with a package install-target command.
Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Cc: Arnout Vandecappelle <arnout@mind.be>
Cc: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Cc: Maxime Hadjinlian <maxime.hadjinlian@gmail.com>
Reviewed-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
[Thomas: drop empty IFUPDOWN_SCRIPTS_SOURCE]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Add a fix for CVE-2017-9445: In systemd through 233, certain sizes passed to
dns_packet_new in systemd-resolved can cause it to allocate a buffer that's
too small. A malicious DNS server can exploit this via a response with a
specially crafted TCP payload to trick systemd-resolved into allocating a
buffer that's too small, and subsequently write arbitrary data beyond the
end of it.
The other patch fixes an issue with the security fix.
[Peter: use CVE description from MITRE]
Cc: Maxime Hadjinlian <maxime.hadjinlian@gmail.com>
Cc: Yann E. MORIN <yann.morin.1998@free.fr>
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
systemd's configure is looking in $PATH to find utilities that will be
needed at runtime.
Usually, those utilties, when installed on the host, will be found in
the same path they would be present on the target. For example,
/usr/bin/mount on the host would also be /usr/bin/mount on the target,
and all is find.
Except when we need to install a host variant of util-linux, which will
install mount in $(HOST_DIR), in which case systemd's configure would
find that one.
Of course, it is also very well possible that those utilities are not
installed on the host in the same location they would be on the target,
in case a user has manually installed some of those (e.g. in /usr/local/
or in /opt/)
Forcibly set the path to those utilities, as they are expected to be on
the target.
For kexec, we can set it even though we do not depend on it (yet).
systemd will appropriately test it at runtime.
For quota, we point to non-existing files, so as to catch errors at
runtime. It is to be noted that quotacheck is optional, while quotaon
does not seem to be (a service file is always installed, that uses it).
Note: utilties listed in the order they appear in configure.ac
Reported-by: Adam Duskett <aduskett@gmail.com>
Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Cc: Maxime Hadjinlian <maxime.hadjinlian@gmail.com>
Cc: Adam Duskett <aduskett@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
The check-package script when ran gave warnings on only using
one space before backslashes on all of these makefiles.
This patch cleans up all warnings related to the one space before
backslashes rule in the make files in the package directory.
Signed-off-by: Adam Duskett <aduskett@codeblue.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
We want to use SPDX identifier for license string as much as possible.
SPDX short identifier for LGPLv2.1/LGPLv2.1+ is LGPL-2.1/LGPL-2.1+.
This change is done using following command.
find . -name "*.mk" | xargs sed -ri '/LICENSE( )?[\+:]?=/s/LGPLv2.1(\+)?/LGPL-2.1\1/g'
Signed-off-by: Rahul Bedarkar <rahulbedarkar89@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
