Since we don't enable sysv any support, it makes no sense to set the
path to telinit either.
The path we were setting was anyway wrong: we set a path into
TARGET_DIR, but this path is only used at runtime, on the target, where
TARGET_DIR doesn't exist (it should have been /usr/sbin/telinit).
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
(cherry picked from commit 8bc9350963)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
If paths are not set, then meson will search the host system for the
binaries (or the target, where those binaries are not yet installed).
So add the missing paths.
Signed-off-by: Norbert Lange <nolange79@gmail.com>
Reviewed-by: Adam Duskett <aduskett@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
(cherry picked from commit acb62b3336)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Disable audit for host package to avoid getting the following error if
it is found on host:
[84/662] Generating audit_type-list.txt with a meson_exe.py custom command
In file included from <command-line>:32:
./../src/basic/missing_audit.h:7:10: fatal error: libaudit.h: No such file or directory
7 | #include <libaudit.h>
| ^~~~~~~~~~~~
Fixes:
- http://autobuild.buildroot.org/results/67782c225c08387c1bbcbea9eee3ca12bc6577cd
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Build with cryptsetup and without libblkid will fail on:
../src/shared/dissect-image.c:1336:34: error: 'N_DEVICE_NODE_LIST_ATTEMPTS' undeclared (first use in this function)
1336 | for (unsigned i = 0; i < N_DEVICE_NODE_LIST_ATTEMPTS; i++) {
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~
This bug has been reported upstream:
https://github.com/systemd/systemd/pull/16901
and is not an issue for the target variant as libblkid is select by
BR2_PACKAGE_UTIL_LINUX_MOUNT
As cryptsetup does not seem needed for host-systemd, just disable it
Fixes:
- http://autobuild.buildroot.org/results/67782c225c08387c1bbcbea9eee3ca12bc6577cd
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
this dependency is optional, it is used to
allow udev to add information to blockdevices.
Aslong as MOUNT or FSCK are enabled, it will end up enabled
anyway, but this seems more clear and correct.
Signed-off-by: Norbert Lange <nolange79@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
This adds switches for new options:
initrd: Installs services if systemd is used on an initramfs,
useless otherwise
kernel-install: helper scripts to update kernel with an
systemd-boot partition
analyze: tool to analyze bootup and dependencies
Signed-off-by: Norbert Lange <nolange79@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Add zstd as optional dependency, and
disable new options for host-systemd.
Signed-off-by: Norbert Lange <nolange79@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
From wikipedia:
utmp maintains a full accounting of the current status of the
system, system boot time (used by uptime), recording user
logins at which terminals, logouts, system events etc.
This is seldom use, if at all, on an embedded device, and may expose
users' behaviour to others (by observing who logs in from where, for
example).
Forcibly disable support for utmp.
Signed-off-by: Norbert Lange <nolange79@gmail.com>
[yann.morin.1998@free.fr: split off to its own patch]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Systemd enables compatibility with SysV services and utmp by default,
none of which is needed for buildroot as the packages' .mk will install
only the files for the chosen init system.
Furthermore, SysV support requires a setup where *both* /etc/init.d and
/etc/rc.d exists (the latter for the usual /etc/rcN.d). However, in
Buildroot, the latter does not exist; so we would not be able to provide
a working SysV support anyway.
So, just forcibly disable SysV support.
Signed-off-by: Norbert Lange <nolange79@gmail.com>
[yann.morin.1998@free.fr:
- expand commit log
- disable utmp in its own patch
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Currently, we define the so-called "overflow group" as 'nogroup'.
However, one practical issue is that systemd-sysusers will otherwise
create a 'nobody' group with gid 999, because that's is what is usual to
define the overflow group: users and groups are defined in LSB (Linux
Standard Base):
https://refspecs.linuxfoundation.org/LSB_5.0.0/LSB-Core-generic/LSB-Core-generic/usernames.html
Quoting: "If the username exists on a system,then they should be in the
suggested corresponding group".
Only Debian and derivatives depart from this custom, naming it 'nogroup'
(hence the rationale for commit 908198e756 (system/skeleton: remove
spurious group 'nobody').
See also commit 9c67af2c52 (system/skeleton: use uid/gid 65534 for
nobody/nogroup), and a related discussion on LWN.net (key is "overflow
UID" which also applies to GID):
https://lwn.net/Articles/695478/
Use the recommended groupname 'nobody'. Adapt packages accordingly.
Signed-off-by: Norbert Lange <nolange79@gmail.com>
[yann.morin.1998@free.fr:
- reword commit log
- extend commit log with more references (commits and LWN)
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
This supports 4 plugins, each will be added at the right spot if
enabled, based on the template coming with systemd.
The sed replacements are carefully written to be idempotent, and to
be robust enough to be combined with the other available packages
(nss_mdns4) in any installation order.
nss-systemd is used for the DynamicUser features, which is a defacto
necessity for systemd. It handles transient users/groups without
touching the /etc/{passwd,group} files on disk. To support the
'SupplementaryGroups' feature, groups should be merged.
nss-myhostname allows resolving the hostname, again without touching
files in /etc.
nss-mymachines adds name resolution from containers supported by
machined. Users from the containers might end up in system groups, so
groups should be merged.
nss-resolve, part of resolved, is required for consistent dns lookups.
As per the documentation (nss-resolve(8)), DNS queries shall not
continue past the resolve service, unless the service is not available.
We anchor nss_resolve to appear after files, if mymachines is also used,
remove that first (and add it back later). Other packages (mdns4) move
around the dns entry, so replacing that is not a good option.
If mdns4 is installed aswell, then resolved will take precedence for
host lookups.
Signed-off-by: Norbert Lange <nolange79@gmail.com>
[yann.morin.1998@free.fr:
- exp[lain why 'host: resolve' uses !UNAVAIL=return
- rewrap commit log
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
All systemd binaries depend on libsystemd-shared and need their RPATH
fixed. Use a glob to catch them all.
We can't use $(wildcard ...) because this is expanded before any file
may exist (it's in the same rule that install those file, and the
expansion in Makefile is done once at the beginning of the recipe).
We need to test each file:
1. to ignore files that were not build (e.g. because the host is
missing some dependencies (in which case we don't care; we're only
interested in systemctl, and that one is already built)
2. to ensure the glob was expanded (in case no file would match
systemd-*)
Signed-off-by: Norbert Lange <nolange79@gmail.com>
[yann.morin.1998@free.fr:
- don't use 'set -e', use the more traditional '|| eixt 1'
- don't cd into HOST_DIR/bin, but use $(addprefix ...)
- use positive logic in the test
- expand commit log
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
The necessary system users are documented in the projects README.
Description is matched to the ones in the upstream sysusers.d
files. Remove homedirectory (upstream doesnt care either).
Signed-off-by: Norbert Lange <nolange79@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Since V235 the "gateway" and "upload" services use DynamicUsers,
requiring no entries in /etc/passwd.
This functionality requires nss-systemd, which is always
enabled in buildroot.
The "bus-proxy" user was removed in V230.
Signed-off-by: Norbert Lange <nolange79@gmail.com>
Reviewed-by: Jérémy Rosen <jeremy.rosen@smile.fr>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
User can drop in more systemd units or presets
in an rootfs overlay, which will be copied over *after*
the TARGET_FINALIZE_HOOKS are run.
Instead, run preset-all afterwards from ROOTFS_PRE_CMD_HOOKS
Signed-off-by: Norbert Lange <nolange79@gmail.com>
Reviewed-by: Jérémy ROSEN <jeremy.rosen@smile.fr>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Signed-off-by: Adam Duskett <Aduskett@gmail.com>
[yann.morin.1998@free.fr: two sapces in hash file]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
When selecting "console" for the automatic getty, the buildroot logic
would collide with systemd's internal console detection logic, resulting
in two getty being started on the console.
This commit fixes that by doing nothing when "console" is selected and
letting systemd-getty-generator deal with starting the proper getty.
Note that if something other than the console is selected
* Things will work properly, even if the selected terminal is also the
console
* A getty will still be started on the console.
This is what systemd has been doing on buildroot since the beginning. it
could be disabled but I left it for backward compatibility
Fixes: #12361
Signed-off-by: Jérémy Rosen <jeremy.rosen@smile.fr>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
If libapparmor is selected, depend on libapparmor and set -Dapparmor=true
Signed-off-by: Adam Duskett <Aduskett@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
When libgcrypt is available set default-dnssec to the backwards
compatible allow-downgrade option.
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
systemd-homed is a system service that may be used to create, remove,
change or inspect home directories.
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
[Thomas:
- add missing dependency on kernel headers >= 4.12
- add missing Config.in comment about dependency]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Currently, the dependencies for the init system choice, and the
dependencies for the package, are slightly different, and not in the
same order, the latter making it difficult to assess consistency between
the two.
Fix all that, by cross-duplicating dependencies from the init choice and
the package, and order the dependencies according to the manual (arch
first, toolchain, then the others).
Note that some dependencies are redundant, but kept nonetheless for
correctness:
- BR2_USE_MMU is implied by BR2_TOOLCHAIN_USES_GLIBC, but systemd does
use fork();
- !BR2_STATIC_LIBS is also implied by BR2_TOOLCHAIN_USES_GLIBC, but it
is also inherited from kmod which we select;
- BR2_TOOLCHAIN_HAS_THREADS is also implied by BR2_TOOLCHAIN_USES_GLIBC,
but systemd does use pthread_*() functions.
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
On master during the stabilisation phase, a new patch was added to
systemd; in parallel, on the next branch, systemd was bumped. Then, when
next was merged into master, there was no merge conflict, so the uneeded
patch was left unnoticed.
That patch was applied upstream, and is present in the version we now
have, so it no longer applies.
Drop that patch.
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
systemd-userdbd is a system service that multiplexes user/group lookups
to all local services that provide JSON user/group record definitions
to the system. In addition it synthesizes JSON user/group records from
classic UNIX/glibc NSS user/group records in order to provide full
backwards compatibility.
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
systemd-repart grows and adds partitions to a partition table, based on
the configuration files described in repart.d.
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Set default-dns-over-tls to opportunistic when dns-over-tls is enabled
as it should be fully backwards compatible. The DNSOverTLS config in
resolved.conf can be used to override default-dns-over-tls.
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
