From 538fd3f7b38c837b3d7e21c08b23e051ea2b821a Mon Sep 17 00:00:00 2001 From: Alexander Miroshnichenko Date: Wed, 25 Sep 2024 22:42:59 +0300 Subject: [PATCH] sys-apps/systemd: add v256.5 with musl libc patches - https://code.atwilcox.tech/sphen/scaly/systemd - https://catfox.life/2024/09/05/porting-systemd-to-musl-libc-powered-linux/ --- sys-apps/systemd/Manifest | 41 + ...p-split-usr-and-unmerged-usr-support.patch | 2607 +++++++++++++++++ ...strerror_r-instead-of-GNU-strerror_r.patch | 165 ++ ...isable-use-of-disabling-write-buffer.patch | 34 + ...dle-musl-O_ACCMODE-containing-O_PATH.patch | 32 + ...ver-Linux-UAPI-headers-when-possible.patch | 760 +++++ ...H-sbin-so-fstab-generator-finds-fsck.patch | 33 + .../files/0007-Handle-lack-of-printf.h.patch | 416 +++ ...sysusers-test-11-passes-on-musl-libc.patch | 28 + ...xpected-message-for-unhappy-sysusers.patch | 26 + ...ic-Support-musl-definition-of-rlim_t.patch | 30 + .../0011-Handle-musl-lack-of-GLOB_BRACE.patch | 160 + ...l-s-longer-HOST_NAME_MAX-hardcode-64.patch | 58 + ...013-basic-Handle-musl-lack-of-NI_IDN.patch | 33 + ...efine-comparison_fn_t-in-sort-util.h.patch | 33 + .../0015-basic-Define-our-own-basename.patch | 34 + ...-musl-s-interesting-locale-decisions.patch | 53 + .../systemd/files/0017-Port-to-s6-utmps.patch | 72 + ...st-Add-definition-for-__cpu_set-type.patch | 32 + ...sume-unknown-errors-have-their-codes.patch | 44 + ...il-Use-whole-fractions-no-4-digit-TZ.patch | 126 + ...Don-t-use-malloc_trim-or-malloc_info.patch | 74 + .../files/0022-Port-to-musl-strptime.patch | 90 + ...onditionalise-sgrp-on-ENABLE_GSHADOW.patch | 193 ++ ...sic-Use-sys-prctl.h-vs-linux-prctl.h.patch | 29 + ...ure-notify-example-includes-string.h.patch | 31 + ...asic-Add-needed-signal.h-to-pidref.h.patch | 28 + ...file.h-include-for-LOCK_-definitions.patch | 28 + ...-Handle-NIS-compat-entries-ourselves.patch | 55 + ...-t-clobber-reserved-identifier-stdin.patch | 87 + ...-FTW_CONTINUE-if-not-already-defined.patch | 29 + ...ndle-negative-time_t-values-properly.patch | 33 + ...sable-fileio-test-that-fails-on-musl.patch | 32 + ...r-Perform-correct-pointer-math-on-de.patch | 33 + .../0034-build-path-Disable-for-now.patch | 35 + sys-apps/systemd/files/256-bpf-gcc.patch | 26 + .../files/gentoo-journald-audit-r1.patch | 51 + sys-apps/systemd/files/legacy.conf | 3 + .../files/systemd-test-process-util.patch | 31 + sys-apps/systemd/files/systemd-user.pam | 5 + sys-apps/systemd/systemd-256.5.ebuild | 608 ++++ 41 files changed, 6318 insertions(+) create mode 100644 sys-apps/systemd/files/0001-Revert-Drop-split-usr-and-unmerged-usr-support.patch create mode 100644 sys-apps/systemd/files/0002-Use-XSI-strerror_r-instead-of-GNU-strerror_r.patch create mode 100644 sys-apps/systemd/files/0003-fileio-Disable-use-of-disabling-write-buffer.patch create mode 100644 sys-apps/systemd/files/0004-fs-util-Handle-musl-O_ACCMODE-containing-O_PATH.patch create mode 100644 sys-apps/systemd/files/0005-Use-libc-over-Linux-UAPI-headers-when-possible.patch create mode 100644 sys-apps/systemd/files/0006-test-PATH-sbin-so-fstab-generator-finds-fsck.patch create mode 100644 sys-apps/systemd/files/0007-Handle-lack-of-printf.h.patch create mode 100644 sys-apps/systemd/files/0008-test-Ensure-sysusers-test-11-passes-on-musl-libc.patch create mode 100644 sys-apps/systemd/files/0009-test-Change-expected-message-for-unhappy-sysusers.patch create mode 100644 sys-apps/systemd/files/0010-basic-Support-musl-definition-of-rlim_t.patch create mode 100644 sys-apps/systemd/files/0011-Handle-musl-lack-of-GLOB_BRACE.patch create mode 100644 sys-apps/systemd/files/0012-Handle-musl-s-longer-HOST_NAME_MAX-hardcode-64.patch create mode 100644 sys-apps/systemd/files/0013-basic-Handle-musl-lack-of-NI_IDN.patch create mode 100644 sys-apps/systemd/files/0014-basic-Define-comparison_fn_t-in-sort-util.h.patch create mode 100644 sys-apps/systemd/files/0015-basic-Define-our-own-basename.patch create mode 100644 sys-apps/systemd/files/0016-test-Handle-musl-s-interesting-locale-decisions.patch create mode 100644 sys-apps/systemd/files/0017-Port-to-s6-utmps.patch create mode 100644 sys-apps/systemd/files/0018-test-Add-definition-for-__cpu_set-type.patch create mode 100644 sys-apps/systemd/files/0019-test-Don-t-assume-unknown-errors-have-their-codes.patch create mode 100644 sys-apps/systemd/files/0020-test-time-util-Use-whole-fractions-no-4-digit-TZ.patch create mode 100644 sys-apps/systemd/files/0021-Don-t-use-malloc_trim-or-malloc_info.patch create mode 100644 sys-apps/systemd/files/0022-Port-to-musl-strptime.patch create mode 100644 sys-apps/systemd/files/0023-shared-Conditionalise-sgrp-on-ENABLE_GSHADOW.patch create mode 100644 sys-apps/systemd/files/0024-basic-Use-sys-prctl.h-vs-linux-prctl.h.patch create mode 100644 sys-apps/systemd/files/0025-man-Ensure-notify-example-includes-string.h.patch create mode 100644 sys-apps/systemd/files/0026-basic-Add-needed-signal.h-to-pidref.h.patch create mode 100644 sys-apps/systemd/files/0027-Add-sys-file.h-include-for-LOCK_-definitions.patch create mode 100644 sys-apps/systemd/files/0028-basic-Handle-NIS-compat-entries-ourselves.patch create mode 100644 sys-apps/systemd/files/0029-edit-util-Don-t-clobber-reserved-identifier-stdin.patch create mode 100644 sys-apps/systemd/files/0030-test-Define-FTW_CONTINUE-if-not-already-defined.patch create mode 100644 sys-apps/systemd/files/0031-os-util-Handle-negative-time_t-values-properly.patch create mode 100644 sys-apps/systemd/files/0032-test-Disable-fileio-test-that-fails-on-musl.patch create mode 100644 sys-apps/systemd/files/0033-recurse-dir-Perform-correct-pointer-math-on-de.patch create mode 100644 sys-apps/systemd/files/0034-build-path-Disable-for-now.patch create mode 100644 sys-apps/systemd/files/256-bpf-gcc.patch create mode 100644 sys-apps/systemd/files/gentoo-journald-audit-r1.patch create mode 100644 sys-apps/systemd/files/legacy.conf create mode 100644 sys-apps/systemd/files/systemd-test-process-util.patch create mode 100644 sys-apps/systemd/files/systemd-user.pam create mode 100644 sys-apps/systemd/systemd-256.5.ebuild diff --git a/sys-apps/systemd/Manifest b/sys-apps/systemd/Manifest index 5185536..1fd5105 100644 --- a/sys-apps/systemd/Manifest +++ b/sys-apps/systemd/Manifest @@ -1,8 +1,49 @@ AUX 0001-Allow-building-on-musl-libc.patch 99748 BLAKE2B f3556996debaf72d38873e444187dd3fe431a9dfad0a22a500f90c02d087ab170d4b0eee36cd34fd45b5caa44d7bf5c434ee9dfa527f4391cfbd41ee8ddc0399 SHA512 5b3b3d165c293d54f96c4566b1bf30d29a743499c7bdbc82db581e6b613a56895d32dedc47db4c1f5eb13bc98749d33e0e050c9cb735804b43abcb28feb04511 +AUX 0001-Revert-Drop-split-usr-and-unmerged-usr-support.patch 117312 BLAKE2B 997866ba44e9ac435c024b1a5f5dd943df472fce8ea8f645b803f4e5d9666a14ff6a20e50d39c8b4e00c42703497569978fdd63c18c8425f6cb28cc7a76ad845 SHA512 25f6e3b8f888cf892ff6aeed2089f10603937ecb3ff699a09bc6c4429cae376a34f7afcdfb6be4e34fbf7daf1726ace1022af7a79a9449e285022e2f95b57787 +AUX 0002-Use-XSI-strerror_r-instead-of-GNU-strerror_r.patch 6398 BLAKE2B e2c4c34d22602db83aa71ff0e6ba46c9b33d33d4e25691fbfd49de284ad8a8ee2f2340ff9bf92c63dea007031457fc3c321e61192543f420984bdebe6ba93829 SHA512 80869ff3df2e5f4174a77fdfd09fbfe230b1500f821a58738619af031cbec22d1b5b8f3448efe91e9901426e59cba50b08adbb81d939b6f2d0f17564810aac6f +AUX 0003-fileio-Disable-use-of-disabling-write-buffer.patch 1080 BLAKE2B 6c666c9672a97490a7df52e98cd03089bd2c81dd75f48c59cff71d80c8615547ae957a5c851d5b2437bbe4e7a45347cf77c98e264c9203cc73e780beadb7fea5 SHA512 d1b768ba9b1b1e4bc88fbd974aa365c71a52d1175e7b8aec5aadfd0e2dd2c1498428d1929ecc2dd986f8dc77753509442f93459ad5bc1288fe3308354ac3394e +AUX 0004-fs-util-Handle-musl-O_ACCMODE-containing-O_PATH.patch 1247 BLAKE2B 73a57386eee5f3dd2c7f2d81d457899922dbd9cc818a3b07ad780eb15239a749d1c5dbd670387064fe71b06c3568cdcfbba72c29d64316e3d063cf4e4f76f70c SHA512 eb3cce9f5d2f2d668ef257ad9028be8e76d20b6fbce20156dac3f839d4fe66b1c98a42a7fc4cc4cc2ea25c4ef8af49dca20cf474baae5c40586f52e3f674012d +AUX 0005-Use-libc-over-Linux-UAPI-headers-when-possible.patch 24508 BLAKE2B 706b19b1312ee570b2686f64cd506e5f586d3ec7f219c766f8821afaecdcbaa7348edee699ffab6bc9c70d0b92065475ae51c14c6aef250e640a9871588703bc SHA512 361444abb9325b3ec61c414d3750d56c7c9d41e1109254ec0541cf991a8f7e915a4425a24e0879dcb57153494630abfa4174f1becdff7c951a4a94ed5c9407c4 +AUX 0006-test-PATH-sbin-so-fstab-generator-finds-fsck.patch 1106 BLAKE2B 450a1e4646b217d23397341455ced64d89b8a90b7d58e4dd34758feccd63ed7eba3a8f668a35f7efe2dfaf8f32443e671a651dc91f5959da39fc76d5a8eb52f6 SHA512 9656f02297a30f4f40540f02d2121ccf39fcbf69bedd736354d5fbed0f3e29ba913fba8ecd9066258b45d6a18bd3a392b0a7c4008abe68ac75b1a524193aae1a +AUX 0007-Handle-lack-of-printf.h.patch 13471 BLAKE2B 62c32077727779fac72ca22182683e86407406f0e51e11c802290b34b91611093c02c45d43c431c8afeac59b251dc4d97248594feaa1908b86fef4d42174b69e SHA512 7be3e9ab92fa1639a7c86b2ba9db7b3f8b6990235820628a7735f38cf4a6a623772ed27815b9921607f5978c52b3b5fac57e43d7f0dea49ee7daa5e1cc635320 +AUX 0008-test-Ensure-sysusers-test-11-passes-on-musl-libc.patch 912 BLAKE2B 956662ca637be7acd3372500db6aa2701daaee7f63f0f91a737affe1967acf81fdc6d931234a8706f11bb4b3383c2556f0fc67e68245235c670715cbd3474e81 SHA512 a3c7db17ddaa70ba6e399caddd57da2ab3bef4f6e58d5248911647ff565b99f9f35aba0202e68ac9df847a58f4c5a952d9035cf23c372cf3293dfeaab7f13e9d +AUX 0009-test-Change-expected-message-for-unhappy-sysusers.patch 948 BLAKE2B 7ba21aca8810817f2b8a0b2b6737b02174b9dca60a0f8d544e9009151ccd6aad621dbc73b4a459a9e0abdbd6c2a12c8c8502dbf14795362f55f83ffab6746e85 SHA512 417bd0f2c1f13717e0907d3c1124833e8d36446b5e2e29140c5cafdff54543925d019b171cd0737362ee3c790fe9368660c6acb41764dc22f520d70acfb365bc +AUX 0010-basic-Support-musl-definition-of-rlim_t.patch 901 BLAKE2B 9eae85812719b454b666a1602edafd4c3acd8ee335af954a986ce6e9af1952032a93b2c90cf32b42a38a800d18b7d885db2afde1d7a8b3beb01992bdd4f7b612 SHA512 87f96782647eed828c23b2276ae296aa718edffe834431eb8329b1628026929b4f88eeffbfe19a1b57b52d2ed2fddaebcafaefaf1807fae02b804014a216d716 +AUX 0011-Handle-musl-lack-of-GLOB_BRACE.patch 4786 BLAKE2B 30099112f2b3950effe568c657bb6b7b9bbac0fa0c3e76f48615032aded245a3140a8a43333e232293cf408b11d41b10b05e7dd015140ca3fd2c3b22c3e05214 SHA512 8cd480fce5c69fd86020f62ac6c8f59dc64467a5c087b2b02778d4f94016327fd3145846fb7ec0be0f9e9e1fb0d6f8bfe5bb762c49b619b57d96d7f011e2dc57 +AUX 0012-Handle-musl-s-longer-HOST_NAME_MAX-hardcode-64.patch 2198 BLAKE2B 434709bf3379c6a1e4cb4df5ea02cb26ab10943b8921405adc980b22f824af9d5f525cb02f2d9b251827d3bffc44fdf1bf3540ae7b78ce2e2a67c9945fd1c0cf SHA512 ae42ffbb831e1f55f185a713fc8c1762caf425b36ad419f280815490da8a44b5d1efc7c40fe27163a3719824b855bd58a5f05178e84064a5f6b26f57bd12cb62 +AUX 0013-basic-Handle-musl-lack-of-NI_IDN.patch 898 BLAKE2B 4d210b2820599ae9ce3191d66f4d423f2de5a68b4cb1e4e3c39a50d8dab37be08d0a0047e9e85479a32fd15c34078c84b219ee1af433eaac1445a3601e42d6bc SHA512 4e039d2149be3985f51ee9850b7ad14620805bcdf5b00f4173c1a0081b0940ee93f1c7e77d444334e075035d47dd969a6daef3a0a7ca656d110616e962446dfa +AUX 0014-basic-Define-comparison_fn_t-in-sort-util.h.patch 1184 BLAKE2B d2b3f5a2602e629fadf8736f8ff0356336d868066c85eb5fd65c194be680836985cfd6e9ad0a3bb755cd744f7b1390b64bf965c0aa6b163be5476756e1cd80a5 SHA512 e6b01ed21707fbd3e346d0a42cbf0ab1ec446f26bf7d038d9ad6edcf8d4ca29e9c19abf6dd73ac385eea4707843a5c776116c2a841af3aae36e733cf6ec5939a +AUX 0015-basic-Define-our-own-basename.patch 1201 BLAKE2B f198148b55a3a486d7af8e90daec52e9578a2a135accb3ae95e046bf10434480a0f4d274133680811804d81f265f6c52d5c1f6c3f83ae2da2b90bc07ca57a326 SHA512 33d8d05c58dc512dd6476aed70de754d47b9b7140e72173d3036e2bdce0269be3a4498b1368d31d8572afadb04b72f37549556f449536bcf1277a363e2f8701c +AUX 0016-test-Handle-musl-s-interesting-locale-decisions.patch 1740 BLAKE2B 72bbea733fd9965a26633548508c5cea8edda62ecf336072cad3d7306be269fa4a1a5842b7e3445f1a4f1c053bcd203e2baae25c1c10bd3e27225e9a7ca3bed6 SHA512 d060952b0d8648bc4d1980711b8aa9106af6bc5922a662a2db546d600ab0ac65df5fb224e2bf2174e20bbe394d0a7152c0937783d3e73c00d35dc5353d7c53cd +AUX 0017-Port-to-s6-utmps.patch 1869 BLAKE2B 74657985830501fd8158be70fe3222729d385055f94d880d188c03661253d7c415ea392741ac730f0de9218e4bd1ed3f706b0f38693be570881c0876282c2879 SHA512 a0442b6d9f81d7ef7281bd26cdc6eb1899007948f45106cd82a6dc874660710b7fa979a90d1bd48bd483c58853c2d1ff8e19eaf6941235a84bd7f7dd20b71319 +AUX 0018-test-Add-definition-for-__cpu_set-type.patch 884 BLAKE2B 1d739270a5a07e9852c75f8d2f00d96d69972812dbd041cc51ea8eabf2a7f4965a06ca58de1a5b6ae9237b209ce4bf086be2f0c68afbfcb53cff5bc1e3230abc SHA512 c69195fbc9fc6b4e10ae49c5a0a0d9922721e30b37c536a3f563193dac075ef8c99c4a928bcfe7cab31b979bf045ef07b728ef361eae2878847984be0ddc03a8 +AUX 0019-test-Don-t-assume-unknown-errors-have-their-codes.patch 1568 BLAKE2B 79000dd81dc935009f25c3850b87aa042a36ecde1fb046185d7892498dccde5a82c624c6e626a247174c7ecaf181a1ba6ab4adb6464b9435249baeddef280739 SHA512 c89bad8e878ef85a68ce7fca43cc19faab89953772c62c6eb84251dbb6c25cc00edb92b616d5adf2cacc45a81ecff3f3e3e5bb5af9bbebf6b2ca3c883f8adb85 +AUX 0020-test-time-util-Use-whole-fractions-no-4-digit-TZ.patch 6181 BLAKE2B edf10a4fce1081247cad1ba44a7bb2e7445681ff479351198a5dca593ea2338b5843b420393dc95ddc8f785cae294b335ffc90801df8cc12a2722c3a309dd72c SHA512 08f28b2915260dee0030118a19b3993cf0c21afeb13f14f147b73c78bce2f4da5fbaeb0ea6b7c2c3487ef6c66fffa071d41eb1fad98a80d59622d552db6fcd87 +AUX 0021-Don-t-use-malloc_trim-or-malloc_info.patch 2437 BLAKE2B 221a575793161a2a419aa722b5db5465fc317a7b48641cb3ee6d05d05b45c49ea943d07a1ce65e587c1fa7d440d11ecba604c123c3fa5d65abfb14bda6bcb104 SHA512 c7a22625d2219c2a5c622661340620182cd80785b3a9ed35e85429223af3355dd2f916b2ff504aaf9a8c0ff276487471facf2c64acd310d552b60c4f2625ad4b +AUX 0022-Port-to-musl-strptime.patch 4151 BLAKE2B 0c701dab8a2f04612dd9197e795aa11c8910bf33f16ecf85aef82a4545e15ea3395f9a87127b49c13d804ebb263fde666f2ed1701824d403e29b48dc026859e3 SHA512 04fa2e0c1ea35f61cfa2b52169138956527aa0fb801fb02475827bf10fdc334aeb28a67f09d4c55b914971a8a6912bb30a04d0331d4ae88aaed1b89ca2cdb28a +AUX 0023-shared-Conditionalise-sgrp-on-ENABLE_GSHADOW.patch 6550 BLAKE2B 80d3315b8cd4772770cf9ab7f841765950bcb63c54e551964cf47d25bad8bdec2f4f69ce3915de274cd9498e71edee0271937018cd738e6e7f238cc3af52ca6b SHA512 44eeb3b1d2359399d99cc8b839690cbf4530663c0ef4d57795384b914b204911598de3e851f6ec7790feec89514e2036645b31a0058080c3f1a17601bd7649d7 +AUX 0024-basic-Use-sys-prctl.h-vs-linux-prctl.h.patch 833 BLAKE2B 97c77ebf75a81e7ad476199ca0270d3fe4f1300151436da83477be0c6c9402c007ecbdddf2b357608058815e4ba35a8baeee27c04a2997180b9c3eec29639758 SHA512 aef482032a87775bcd966ca841cb5b519592263787b057919b384ead8e68b0dda208a0641bae7a3966985bc02bf5a6559300c43613c5afe03a5d0d0b97d906ca +AUX 0025-man-Ensure-notify-example-includes-string.h.patch 1014 BLAKE2B e2f82ba0efdfbea62d05a23c6594654fae044b83a1147035ddd7865d2c0f431b1af27ef969d914ce76eebb4cf21e3339d5add821964bcaea8ecb4e6039f5af03 SHA512 a2a95214fe6439dad28642be0d19841783563ef8a94ec7b435aa448e15079119cea0efb7dd47914735eb25ba34de7689726db78a76c8bc142755a7aeff23083c +AUX 0026-basic-Add-needed-signal.h-to-pidref.h.patch 872 BLAKE2B c3661ed273f302a78b1382779e0c09f3549f4e9bd5f2e2b2922b57ecbcfc229dca8682e74b49fcb7344655ad82b694d55ecdf2baffcfeba8690bde84fbec95d1 SHA512 2388122f4bb63818255726eae3c5a2cd813b3405d5ff090f3b1f360c6dd583cacbd3e93a2934a78f1e30c437a36782d91523a8369b7f76e05d192efb59f13ac9 +AUX 0027-Add-sys-file.h-include-for-LOCK_-definitions.patch 770 BLAKE2B 62cb2df3f92dff8b9760dc3ae74ad356060ceac32739a7fee2cad086a23f7a89fe3a4139d6873228e11e52b52257ab0300482f164b22af7415c9fb2ca1643d67 SHA512 9a6c9f36608c592a051c4fced42ac3b7d9c66d57b85e716c814eb2837578b8b8805c7a24bb5599f109ffc6a71c72cc83d96a4a72270f0745db87da27def4e9a7 +AUX 0028-basic-Handle-NIS-compat-entries-ourselves.patch 2034 BLAKE2B a16aa5a1ea79ee08ad6c34dfe7778a77f79083cfb9da44b00dd05dd26f1d27c2be0f882dd61fb5455564f395a5d58c0cae1a2d85f7facec2b682b7e1a4057575 SHA512 71ac20d5d7e2c52a075f4c7be0e007c8778b2510cc9f4804327d5f67c321c8e37a2667589d447b6fcb102046bcb925d65b8a3dc21005ace216f9ec7785d5f527 +AUX 0029-edit-util-Don-t-clobber-reserved-identifier-stdin.patch 3756 BLAKE2B 93c15e9b3c967f401242f028fbd7a8dcba7268ef05bfce3e0550d098dd37439907bcb287c911ccb94586f07dc8d41be8f96dd84e1a1222529ad0f1899ff7a8df SHA512 90cedef281ddb32fe66698f198dbdbb14c4254460c657c5dd5bd60e0067a9a89e11581c138c781897724cc5eee5e46c567cbea5f3b136895b32ce868b54b6a77 +AUX 0030-test-Define-FTW_CONTINUE-if-not-already-defined.patch 810 BLAKE2B df79842d464c7fb2049bd7dbb2a89d68c597acd550919e1e405ad37a5fe64d71ab2a212872b2d40e640f72409508ef2db3798792b4559533033e3a5056b9b125 SHA512 da26399fcd9f41bcbea866d3b94ae161643b56842614ac584caf9af77c543f6d758fd1c17e8adcb81ff3b23af55cd69e7f13326498f9c441f4ca7ebe787d464a +AUX 0031-os-util-Handle-negative-time_t-values-properly.patch 1350 BLAKE2B d2bc8739470c243ac3094d2c52cc25512b0ae3cdd5066f871eed72bbbfcc943a2dcea7cde53956f506085c56b6f63e2240878406e1d4d9b029358e89fd713a91 SHA512 706c6d934a6c7be5803d86988207df011eb0c31d34498ffb0d3dd7e6c5897ed4224014e2ab02fa49b7021d27f6d36efbdac27f45931aecd5e9ccd67057637d71 +AUX 0032-test-Disable-fileio-test-that-fails-on-musl.patch 958 BLAKE2B 4056c7dd25e4ed9eba2a722e8eab0fb6dd4cc83d3150dbdd78abbd778db9e973022c6a8c734023a06aa0760af73fa77d44ba9d74653409074b348cd38148f421 SHA512 7d1296c4b5c120d342ec23c9369df1437552132fdd2138fd19159fc8e18c5d95f7efd5576ec9e3f05afa5307a6a4e98a66ffafc754e2b4e9e588bff7c07e39c5 +AUX 0033-recurse-dir-Perform-correct-pointer-math-on-de.patch 1371 BLAKE2B cc31893f3db90d85849a5ad6853c6583b76b7e3c0b50a3c0cd44b56e5ad67cd43921107189e050aa624c34a2588b9df6d7c2abd49d88e7873d5ed9c677e26877 SHA512 0e13cf60e768d1f65ea8dbee9a84cfa26f23b6fb2b23a089b58b92fa107d7298ca64095cb6da6c5e1a1a1489adbc71895ffdff3b02a5011970b69d373f5cf89d +AUX 0034-build-path-Disable-for-now.patch 1304 BLAKE2B 2ba2eae8bfe046faa1255e9d684474b350a7cb912f1e0b0de43d5050044ddd19ebacb223752c5438b7fd2b0e548923c3dc06bb36f8a4fdd07cd72e0b125ec04a SHA512 dce04705983b4f0bf219e5cef65c9bfbadeeef888f824f392bdc96d3097d071045c227f029656140da8740129f7247126c9199c78cffb32f8c3961ef5e432648 +AUX 256-bpf-gcc.patch 1044 BLAKE2B 856e9ab9f7067ad616419a5ac42e84cd726c3d464cc2415bd2ea5236df9eb306f91cd54dedc3c762cfd627aba330f1c5126046a725576d8748b89d7f4485ef93 SHA512 59a3da348f68b6202062cf01024713173f3143d8413177f66833b03ca4a47ce1e3439615c7eba5c160daf45cf16d0eaae36e63e69945e4d3fc9d9a3fa14d008d AUX gentoo-generator-path-r2.patch 994 BLAKE2B 2bfb42623221291030fa9f7310e9bf747351a26f6ffd842628298787b74d4ec562bacaa9fc5365f7e854f695dab5f74bc06883fefc1f210dce4fd415926817ac SHA512 98054222ea232e120625573b6a532c312eccc02fe657152610b7d056b964bb2165fffae9d17fd986cf547af885d44c26b117fe68df5b24e2607d37f3729d0ada +AUX gentoo-journald-audit-r1.patch 1941 BLAKE2B 93f1a0ba8dd575359e5ab4bd04f99ed3172dbe1ba14d8cade6fc08b0158e66847900d8531898ee9ec3855ac3857cf07a3e10804a3cb67719f0e9378437eba836 SHA512 affbe58aa65ebca7c1c6d790f9f68ffc44bda70a08165f5298ee4a84ab1c16cf534950ac50ffdb61b647e5eb068f51c333a76e39d8336e21e5d1b0199192139c AUX gentoo-journald-audit.patch 1485 BLAKE2B 9cba28ce907330bbc1eafcf04a837987ed68272fcfa9cc34a309ff5d4cc2230f71a6f7fed42c79afb1c96605df141e8e40b2d8290d12ad3c18038269814f2df8 SHA512 d77d4dae9f8a7819c6d4855476f3163ee19f52b20f66a93e25818f0747404462c47e3cafbd82ba85ce1b3d2fdbabdd96a0398b71149b318c540d82403f8ad0ad AUX gentoo-systemctl-disable-sysv-sync-r1.patch 821 BLAKE2B f5ef796725e023bb1ed83b34a3e4d45bb008de9a134892a5321b37b56809c7a44530d18e33c7877177e8b64b2d89dfc2de844bed433db6d5e57831d20fbfb456 SHA512 8d697dbd305f6b95a4ddc47cf9d99a0e954f54e161bd59164917b62a78ff5c23fa2d5be2614569c0a2297595dae59e1ee71bb04da72cbe0c0807e1abd7da974d +AUX legacy.conf 80 BLAKE2B 23eca4dd1743a5cf77767894d23d419c1663147c5aee6be971da64fdea0531eadfe97ac8bc4e63b44404dcf89940d438de6b7081158b78639945ce0fadbb103c SHA512 f74f05991102b644dee7822a80cb8e6c14cd1eb48bd9342bc662d5947b9f04d32e875d2a5e6476a67bdbface4d2b2159b99c11d72eb4658c5cb4caf595f138be AUX nsswitch.conf 734 BLAKE2B 5f5a7821a84f6c8aa31fe9a68c29a1a0f24be578d427a623f14a9ef795e7da481f226efe5511d92932b5edf5638fa719808a0c3a0b8fd340799dd6bcb703a0a1 SHA512 dcbd51dacaaebdff32edb3840cc7b9b47b6521009b8786690e3673a2e78bc60bfd8e591b1048c5d452117c6659b9917ae2864462f5057cc39b704b0130522e60 +AUX systemd-test-process-util.patch 1077 BLAKE2B 0f01ea7641366cdb01a9e310d326ea73052dd0e6fe8b4217e45d0632aa2af3f2ee33b8a8f6dfe70c3b4e3f240f0e2c738a6c4d28f6f38d9e36c4f408b2ac0202 SHA512 ca23effa72da5875ec6ee112e25db51229bf1a03b61053ce4bf2b81becceb31456c137ce9f0fa05071fe1bfc2fe705fa6b885df88d9fe093fc87970936feb071 +AUX systemd-user.pam 122 BLAKE2B cccc07cab47dfc0481438e503c34fa1a0b2c6b1f8ab282197719a523421d2a526f19230bb459e0347cbeb2046e35a407c78178a3fb5b79619e987cbc4ac7d5e4 SHA512 c5437677ff00fbb45798fe594e8d61b1c2bfc2d103105d7bd82e476240452477ac263700800f5d0ba91ddc895eb85f4517d5cb15c80611ec1680a686d47cd781 +DIST systemd-256.5.tar.gz 15664466 BLAKE2B 334f197b53b9d35e3784bcdf81af426806339250a01a249c80392c4e7cc26633a94356581fb59edb3d042c35fb80fadcc077ebbc79eac488c18469030552d0b0 SHA512 40558194e05a17b218adf3d6df48b738c866855d43d09c1e9381c2c568a44a8f1617b64476736fc7e34416ad9e8d25dc023cf9de090b4ef9079866919377009f DIST systemd-stable-248.6.tar.gz 10388927 BLAKE2B a102d0fd37a3422f673ced2bbd5bb88b6589195e1f436f43231fd91d79aaf9f548154a3ab2a62a9b409527b3f2e7a9ea735925364ece15c2e151d06c0e4f303f SHA512 35a9d4a9ae04423959c71ad0175d04a1792b9ab39897a497776b93cea166de58b8fb111207c104c0e747d3ffbd85480d8b0cab38e3dc0defbbf09b15211954ce EBUILD systemd-248.6.ebuild 15713 BLAKE2B 8ef44ddd78bd0e71f3b3f09edea5e3dca67f4e042d5ce384b410d19dd84623271913d07c6725bf886602801c55050f8b19490025a318e1c726f1324a119cb074 SHA512 5f3e7a5e9d56371d3e45133fbb7aa4287280ed8e691f622cc488df50c0594b45d2603c4c616a242901763ee8354a30a409175da4177c07837523560b6ced1d30 +EBUILD systemd-256.5.ebuild 18526 BLAKE2B 5e99f3cc8a8097785af9c289b6539164d8d451657851a827bcb01bc29a4c14120bd53ca8ea71cac862af575a975a4f76a1775bebc7f41dadd27e34e3076532e4 SHA512 3716918ac6c4d13f453f59d9e91c255edf8618bc04d86fd26dbb443fa1bb3fc2d87cb687141f0b598c558ac04491a78534d6a532343d54a12e4d1a8d12dbe716 MISC metadata.xml 2373 BLAKE2B fac7a9db4c217998f84bcbb5bc490eee748a35f9d991962d5aa21c6ec562d494af06b67fe35879ee2b245445d22ea7eadc4db6305215f393c4565b86665b3130 SHA512 e2d999684255f6c6509af7dca1b9e1411eac9a4cde6f30d9631c5b9d2bbe749a40f3d08c067d2cad5eb1cdd8ad823c3afb6844cc5e3c1d455fbd8cd20d87a696 diff --git a/sys-apps/systemd/files/0001-Revert-Drop-split-usr-and-unmerged-usr-support.patch b/sys-apps/systemd/files/0001-Revert-Drop-split-usr-and-unmerged-usr-support.patch new file mode 100644 index 0000000..ca9c16c --- /dev/null +++ b/sys-apps/systemd/files/0001-Revert-Drop-split-usr-and-unmerged-usr-support.patch @@ -0,0 +1,2607 @@ +From 6238160415cedaad4292938ba1c8df26da5ca2c0 Mon Sep 17 00:00:00 2001 +From: "A. Wilcox" +Date: Fri, 16 Aug 2024 20:45:29 -0500 +Subject: [PATCH 01/34] Revert "Drop split-usr and unmerged-usr support" +Content-Type: text/plain; charset="utf-8" +Content-Transfer-Encoding: 8bit + +This reverts commit b0d3095fd6cc1791a38f57a1982116b4475244ba. + +Signed-off-by: Alexander Miroshnichenko +--- + .semaphore/semaphore-runner.sh | 2 +- + README | 35 ++++- + catalog/meson.build | 2 +- + catalog/systemd.bg.catalog.in | 2 + + catalog/systemd.catalog.in | 3 - + catalog/systemd.fr.catalog.in | 2 + + catalog/systemd.it.catalog.in | 1 + + catalog/systemd.pl.catalog.in | 3 - + catalog/systemd.ru.catalog.in | 2 + + docs/DISTRO_PORTING.md | 1 + + hwdb.d/meson.build | 2 +- + man/org.freedesktop.systemd1.xml | 11 ++ + man/systemd.exec.xml | 11 +- + meson.build | 138 ++++++++++++------ + meson_options.txt | 14 +- + rules.d/64-btrfs.rules.in | 2 +- + rules.d/71-seat.rules.in | 4 +- + rules.d/99-systemd.rules.in | 2 +- + shell-completion/bash/systemctl.in | 2 +- + shell-completion/zsh/_systemctl.in | 2 +- + src/basic/constants.h | 17 ++- + src/basic/path-lookup.c | 5 +- + src/basic/path-lookup.h | 2 +- + src/basic/path-util.h | 4 +- + src/boot/meson.build | 3 + + src/core/manager-serialize.c | 10 ++ + src/core/manager.c | 4 +- + src/core/manager.h | 2 + + src/core/meson.build | 4 +- + src/core/namespace.c | 8 +- + src/core/org.freedesktop.systemd1.policy.in | 2 +- + src/core/systemd.pc.in | 29 ++-- + src/cryptsetup/cryptsetup-generator.c | 4 +- + src/cryptsetup/cryptsetup-tokens/meson.build | 2 +- + src/delta/delta.c | 36 +++++ + src/dissect/meson.build | 2 +- + src/fstab-generator/meson.build | 2 +- + src/import/meson.build | 2 +- + src/integritysetup/integritysetup-generator.c | 4 +- + src/libsystemd/libsystemd.pc.in | 2 +- + src/libsystemd/sd-hwdb/hwdb-internal.h | 1 + + src/libsystemd/sd-path/sd-path.c | 27 ++-- + src/libudev/libudev.pc.in | 2 +- + src/login/meson.build | 2 + + src/machine/machinectl.c | 2 +- + src/portable/meson.build | 2 + + src/portable/portable.c | 10 +- + src/resolve/meson.build | 14 +- + src/rpm/macros.systemd.in | 6 +- + src/rpm/meson.build | 4 +- + src/rpm/triggers.systemd.in | 4 +- + src/rpm/triggers.systemd.sh.in | 4 +- + src/shared/install.c | 5 + + src/shared/kbd-util.c | 3 +- + src/shared/meson.build | 2 +- + src/shared/resolve-util.h | 2 +- + src/shared/userdb-dropin.h | 3 +- + src/shared/userdb.c | 2 +- + src/sysext/meson.build | 4 +- + src/systemctl/meson.build | 1 + + src/systemctl/systemctl-sysv-compat.c | 2 +- + src/udev/meson.build | 2 +- + src/userdb/20-systemd-userdb.conf.in | 2 +- + .../xdg-autostart-service.c | 2 +- + sysctl.d/50-coredump.conf.in | 2 +- + test/fuzz/fuzz-catalog/systemd.pl.catalog | 2 + + test/test-fstab-generator.sh | 5 + + test/test-functions | 10 +- + units/emergency.service.in | 2 +- + units/initrd-parse-etc.service.in | 2 +- + units/rescue.service.in | 2 +- + units/systemd-backlight@.service.in | 4 +- + units/systemd-battery-check.service.in | 2 +- + units/systemd-binfmt.service.in | 4 +- + units/systemd-bless-boot.service.in | 2 +- + .../systemd-boot-check-no-failures.service.in | 2 +- + units/systemd-coredump@.service.in | 2 +- + units/systemd-fsck-root.service.in | 2 +- + units/systemd-fsck@.service.in | 2 +- + units/systemd-growfs-root.service.in | 2 +- + units/systemd-growfs@.service.in | 2 +- + units/systemd-hibernate.service.in | 2 +- + units/systemd-homed.service.in | 2 +- + units/systemd-hostnamed.service.in | 2 +- + units/systemd-hybrid-sleep.service.in | 2 +- + units/systemd-importd.service.in | 2 +- + units/systemd-initctl.service.in | 2 +- + units/systemd-journal-gatewayd.service.in | 2 +- + units/systemd-journal-remote.service.in | 2 +- + units/systemd-journal-upload.service.in | 2 +- + units/systemd-journald.service.in | 2 +- + units/systemd-journald@.service.in | 2 +- + units/systemd-localed.service.in | 2 +- + units/systemd-logind.service.in | 2 +- + units/systemd-machined.service.in | 2 +- + units/systemd-modules-load.service.in | 2 +- + units/systemd-network-generator.service.in | 2 +- + units/systemd-networkd-wait-online.service.in | 2 +- + .../systemd-networkd-wait-online@.service.in | 2 +- + units/systemd-networkd.service.in | 2 +- + units/systemd-oomd.service.in | 2 +- + units/systemd-pcrfs-root.service.in | 2 +- + units/systemd-pcrfs@.service.in | 2 +- + units/systemd-pcrmachine.service.in | 2 +- + units/systemd-pcrphase-initrd.service.in | 4 +- + units/systemd-pcrphase-sysinit.service.in | 4 +- + units/systemd-pcrphase.service.in | 4 +- + units/systemd-portabled.service.in | 2 +- + units/systemd-pstore.service.in | 2 +- + units/systemd-quotacheck@.service.in | 2 +- + units/systemd-random-seed.service.in | 4 +- + units/systemd-remount-fs.service.in | 2 +- + units/systemd-repart.service | 2 +- + units/systemd-resolved.service.in | 2 +- + units/systemd-rfkill.service.in | 2 +- + .../systemd-suspend-then-hibernate.service.in | 2 +- + units/systemd-suspend.service.in | 2 +- + units/systemd-sysctl.service.in | 2 +- + units/systemd-sysupdate-reboot.service.in | 2 +- + units/systemd-sysupdate.service.in | 2 +- + units/systemd-time-wait-sync.service.in | 2 +- + units/systemd-timedated.service.in | 2 +- + units/systemd-timesyncd.service.in | 2 +- + units/systemd-udevd.service.in | 2 +- + units/systemd-update-done.service.in | 2 +- + units/systemd-update-utmp-runlevel.service.in | 2 +- + units/systemd-update-utmp.service.in | 4 +- + units/systemd-user-sessions.service.in | 4 +- + units/systemd-userdbd.service.in | 2 +- + units/systemd-vconsole-setup.service.in | 2 +- + units/systemd-volatile-root.service.in | 2 +- + units/user-runtime-dir@.service.in | 4 +- + units/user@.service.in | 2 +- + 133 files changed, 425 insertions(+), 235 deletions(-) + +diff --git a/.semaphore/semaphore-runner.sh b/.semaphore/semaphore-runner.sh +index bc0cb6a9005d..831b45f062ed 100755 +--- a/.semaphore/semaphore-runner.sh ++++ b/.semaphore/semaphore-runner.sh +@@ -94,7 +94,7 @@ EOF + # disable autopkgtests which are not for upstream + sed -i '/# NOUPSTREAM/ q' debian/tests/control + # enable more unit tests +- sed -i '/^CONFFLAGS =/ s/=/= --werror -Dtests=unsafe -Dslow-tests=true -Dfuzz-tests=true -Dman=true /' debian/rules ++ sed -i '/^CONFFLAGS =/ s/=/= --werror -Dtests=unsafe -Dsplit-usr=true -Dslow-tests=true -Dfuzz-tests=true -Dman=true /' debian/rules + # no orig tarball + echo '1.0' >debian/source/format + +diff --git a/README b/README +index 7c7bbaf07015..a24f4097dd40 100644 +--- a/README ++++ b/README +@@ -266,14 +266,13 @@ REQUIREMENTS: + make use of DynamicUser= now, hence enabling nss-systemd is not + optional. + +- Note that the build prefix for systemd must be /usr/. (Moreover, packages ++ Note that the build prefix for systemd must be /usr. (Moreover, packages + systemd relies on — such as D-Bus — really should use the same prefix, +- otherwise you are on your own.) Split-usr and unmerged-usr systems are no +- longer supported, and moving everything under /usr/ is required. Systems +- with a separate /usr/ partition must mount it before transitioning into it +- (i.e.: from the initrd). For more information see: +- https://systemd.io/SEPARATE_USR_IS_BROKEN +- https://systemd.io/THE_CASE_FOR_THE_USR_MERGE ++ otherwise you are on your own.) -Dsplit-usr=false (which is the default ++ and does not need to be specified) is the recommended setting. ++ -Dsplit-usr=true can be used to give a semblance of support for systems ++ with programs installed split between / and /usr. Moving everything ++ under /usr is strongly encouraged. + + Additional packages are necessary to run some tests: + - nc (used by test/TEST-12-ISSUE-3171) +@@ -413,6 +412,28 @@ SYSV INIT.D SCRIPTS: + needs to look like, and provide an implementation at the marked places. + + WARNINGS and TAINT FLAGS: ++ systemd will warn during early boot if /usr is not already mounted at ++ this point (that means: either located on the same file system as / or ++ already mounted in the initrd). While in systemd itself very little ++ will break if /usr is on a separate late-mounted partition, many of its ++ dependencies very likely will break sooner or later in one form or ++ another. For example, udev rules tend to refer to binaries in /usr, ++ binaries that link to libraries in /usr, or binaries that refer to data ++ files in /usr. Since these breakages are not always directly visible, ++ systemd will warn about this. Such setups are not really supported by ++ the basic set of Linux OS components. Taint flag 'split-usr' will be ++ set when this condition is detected. ++ ++ For more information on this issue consult ++ https://www.freedesktop.org/wiki/Software/systemd/separate-usr-is-broken ++ ++ systemd will warn if the filesystem is not usr-merged (i.e.: /bin, /sbin ++ and /lib* are not symlinks to their counterparts under /usr). Taint flag ++ 'unmerged-usr' will be set when this condition is detected. ++ ++ For more information on this issue consult ++ https://www.freedesktop.org/wiki/Software/systemd/TheCaseForTheUsrMerge ++ + systemd requires that the /run mount point exists. systemd also + requires that /var/run is a symlink to /run. Taint flag 'var-run-bad' + will be set when this condition is detected. +diff --git a/catalog/meson.build b/catalog/meson.build +index 3c62749cf982..1cc977992db5 100644 +--- a/catalog/meson.build ++++ b/catalog/meson.build +@@ -35,4 +35,4 @@ foreach file : in_files + endforeach + + meson.add_install_script(sh, '-c', +- 'test -n "$DESTDIR" || @0@/journalctl --update-catalog'.format(bindir)) ++ 'test -n "$DESTDIR" || @0@/journalctl --update-catalog'.format(rootbindir)) +diff --git a/catalog/systemd.bg.catalog.in b/catalog/systemd.bg.catalog.in +index e1c32ede7820..08123a7b2606 100644 +--- a/catalog/systemd.bg.catalog.in ++++ b/catalog/systemd.bg.catalog.in +@@ -395,6 +395,8 @@ Defined-By: systemd + Support: %SUPPORT_URL% + + Възможни са следните етикети: ++⁃ „split-usr“ — „/usr“ е отделна файлова система, която не е била монтирана при ++ стартирането на systemd + ⁃ „cgroups-missing“ — ядрото е компилирано без поддръжка на „cgroup“ или е + ограничен достъпът до тази подсистема + ⁃ „var-run-bad“ — „/var/run“ не е символна връзка към „/run“ +diff --git a/catalog/systemd.catalog.in b/catalog/systemd.catalog.in +index 2831152763ec..f2a24ee6a101 100644 +--- a/catalog/systemd.catalog.in ++++ b/catalog/systemd.catalog.in +@@ -558,9 +558,6 @@ Defined-By: systemd + Support: %SUPPORT_URL% + + The following "tags" are possible: +-- "unmerged-usr" - /bin, /sbin, /lib* are not symlinks to their counterparts +- under /usr/ +-- "unmerged-bin" - /usr/sbin is not a symlink to /usr/bin/ + - "var-run-bad" — /var/run is not a symlink to /run/ + - "cgroupsv1" - the system is using the deprecated cgroup v1 hierarchy + - "local-hwclock" - the local hardware clock (RTC) is configured to be in +diff --git a/catalog/systemd.fr.catalog.in b/catalog/systemd.fr.catalog.in +index 6b28ecb779e3..c25380c8a269 100644 +--- a/catalog/systemd.fr.catalog.in ++++ b/catalog/systemd.fr.catalog.in +@@ -337,6 +337,8 @@ Defined-By: systemd + Support: %SUPPORT_URL% + + Les étiquettes suivantes sont possibles : ++- "split-usr" — /usr est un système de fichiers séparé et nétait pas ++ monté quand systemd a été démarré + - "cgroups-missing" — le noyau a été compilé sans le support des groupes + de contrôle (cgroups) ou l'accès aux fichiers d'interface est restreint + - "var-run-bad" — /var/run n'est pas un lien symbolique vers /run +diff --git a/catalog/systemd.it.catalog.in b/catalog/systemd.it.catalog.in +index bcbbcc2eb0e0..fc2531405c54 100644 +--- a/catalog/systemd.it.catalog.in ++++ b/catalog/systemd.it.catalog.in +@@ -403,6 +403,7 @@ Defined-By: systemd + Support: %SUPPORT_URL% + + I seguenti "tags" sono possibili: ++- "split-usr" — /usr è un file system separato e non è stato montato all'avvio di systemd + - "cgroups-missing" — il kernel era compilato senza supporto cgroup o l'accesso ai + file attesi è ristretto. + - "var-run-bad" — /var/run non è un link simbolico (symlink) a /run +diff --git a/catalog/systemd.pl.catalog.in b/catalog/systemd.pl.catalog.in +index 75039e9fcd4e..5956afe099d8 100644 +--- a/catalog/systemd.pl.catalog.in ++++ b/catalog/systemd.pl.catalog.in +@@ -564,9 +564,6 @@ Defined-By: systemd + Support: %SUPPORT_URL% + + Możliwe są następujące „etykiety”: +-• „unmerged-usr” — /bin, /sbin, /lib* nie są dowiązaniami symbolicznymi +- do swoich odpowiedników pod /usr/, +-• „unmerged-bin” — /usr/sbin nie jest dowiązaniem symbolicznym do /usr/bin/, + • „var-run-bad” — /var/run nie jest dowiązaniem symbolicznym do /run/, + • „cgroupsv1” — system używa przestarzałej hierarchii cgroup v1, + • „local-hwclock” — lokalny zegar sprzętowy (RTC) jest skonfigurowany +diff --git a/catalog/systemd.ru.catalog.in b/catalog/systemd.ru.catalog.in +index 2d0d8c82a080..d49c39347529 100644 +--- a/catalog/systemd.ru.catalog.in ++++ b/catalog/systemd.ru.catalog.in +@@ -388,6 +388,8 @@ Defined-By: systemd + Support: %SUPPORT_URL% + + Перечень всех возможных меток, указывающих на проблемы конфигурации: ++- "split-usr" — каталог /usr расположен на отдельной файловой системе, ++ которая не была смонтирована на момент запуска systemd + - "cgroups-missing" — ядро собрано без поддержки контрольных групп, либо + отсутствуют права для доступа к интерфейсным файлам контрольных групп + - "var-run-bad" — /var/run не является символьной ссылкой на /run +diff --git a/docs/DISTRO_PORTING.md b/docs/DISTRO_PORTING.md +index cb230937f447..e5ee7995bd6e 100644 +--- a/docs/DISTRO_PORTING.md ++++ b/docs/DISTRO_PORTING.md +@@ -13,6 +13,7 @@ You need to make the follow changes to adapt systemd to your distribution: + + 1. Find the right configure parameters for: + ++ * `-Drootprefix=` + * `-Dsysvinit-path=` + * `-Dsysvrcnd-path=` + * `-Drc-local=` +diff --git a/hwdb.d/meson.build b/hwdb.d/meson.build +index b69b6d8f2518..780537facc19 100644 +--- a/hwdb.d/meson.build ++++ b/hwdb.d/meson.build +@@ -55,7 +55,7 @@ if conf.get('ENABLE_HWDB') == 1 + install_emptydir(sysconfdir / 'udev/hwdb.d') + + meson.add_install_script(sh, '-c', +- 'test -n "$DESTDIR" || @0@/systemd-hwdb update'.format(bindir)) ++ 'test -n "$DESTDIR" || @0@/systemd-hwdb update'.format(rootbindir)) + endif + + if want_tests != 'false' +diff --git a/man/org.freedesktop.systemd1.xml b/man/org.freedesktop.systemd1.xml +index b0b45097e30a..290054fa42a8 100644 +--- a/man/org.freedesktop.systemd1.xml ++++ b/man/org.freedesktop.systemd1.xml +@@ -1654,6 +1654,17 @@ node /org/freedesktop/systemd1 { + used to lower the chance of bogus bug reports. The following taints are currently known: + + ++ ++ split-usr ++ ++ /usr/ was not available when systemd was first invoked. It ++ must either be part of the root file system, or it must be mounted before ++ systemd is invoked. See ++ ++ Booting Without /usr is Broken for details why this is bad. ++ ++ ++ + + unmerged-usr + +diff --git a/man/systemd.exec.xml b/man/systemd.exec.xml +index 21527f756d66..4dda7b2c43b8 100644 +--- a/man/systemd.exec.xml ++++ b/man/systemd.exec.xml +@@ -3658,11 +3658,12 @@ StandardInputData=V2XigLJyZSBubyBzdHJhbmdlcnMgdG8gbG92ZQpZb3Uga25vdyB0aGUgcnVsZX + Colon-separated list of directories to use when launching + executables. systemd uses a fixed value of + /usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin +- in the system manager. In case of the user manager, a different path may be configured by the +- distribution. It is recommended to not rely on the order of entries, and have only one program +- with a given name in $PATH. +- +- ++ in the system manager. When compiled for systems with "unmerged /usr/" ++ (/bin is not a symlink to /usr/bin), ++ :/sbin:/bin is appended. In case of ++ the user manager, a different path may be configured by the distribution. It is recommended to ++ not rely on the order of entries, and have only one program with a given name in ++ $PATH. + + + +diff --git a/meson.build b/meson.build +index 737f9f0c6600..c068acc169a3 100644 +--- a/meson.build ++++ b/meson.build +@@ -84,6 +84,14 @@ endif + ##################################################################### + + fs = import('fs') ++if get_option('split-usr') == 'auto' ++ split_usr = not fs.is_symlink('/bin') ++else ++ split_usr = get_option('split-usr') == 'true' ++endif ++conf.set10('HAVE_SPLIT_USR', split_usr, ++ description : '/usr/bin and /bin directories are separate') ++ + if get_option('split-bin') == 'auto' + split_bin = not fs.is_symlink('/usr/sbin') + else +@@ -92,6 +100,15 @@ endif + conf.set10('HAVE_SPLIT_BIN', split_bin, + description : 'bin and sbin directories are separate') + ++rootprefixdir = get_option('rootprefix') ++# Unusual rootprefixdir values are used by some distros ++# (see https://github.com/systemd/systemd/pull/7461). ++rootprefix_default = split_usr ? '/' : '/usr' ++if rootprefixdir == '' ++ rootprefixdir = rootprefix_default ++endif ++rootprefixdir_noslash = rootprefixdir == '/' ? '' : rootprefixdir ++ + have_standalone_binaries = get_option('standalone-binaries') + + sysvinit_path = get_option('sysvinit-path') +@@ -115,8 +132,11 @@ prefixdir = get_option('prefix') + if not prefixdir.startswith('/') + error('Prefix is not absolute: "@0@"'.format(prefixdir)) + endif ++if prefixdir != rootprefixdir and rootprefixdir != '/' and not prefixdir.strip('/').startswith(rootprefixdir.strip('/') + '/') ++ error('Prefix is not below root prefix (now rootprefix=@0@ prefix=@1@)'.format( ++ rootprefixdir, prefixdir)) ++endif + +-prefixdir_noslash = '/' + prefixdir.strip('/') + bindir = prefixdir / get_option('bindir') + sbindir = prefixdir / (split_bin ? 'sbin' : 'bin') + sbin_to_bin = split_bin ? '../bin/' : '' +@@ -126,8 +146,20 @@ includedir = prefixdir / get_option('includedir') + datadir = prefixdir / get_option('datadir') + localstatedir = '/' / get_option('localstatedir') + +-libexecdir = prefixdir / 'lib/systemd' +-pkglibdir = libdir / 'systemd' ++rootbindir = rootprefixdir / 'bin' ++rootsbindir = rootprefixdir / (split_bin ? 'sbin' : 'bin') ++rootlibexecdir = rootprefixdir / 'lib/systemd' ++ ++rootlibdir = get_option('rootlibdir') ++if rootlibdir == '' ++ # This will be a relative path if libdir is in prefix. ++ rootlibdir = get_option('libdir') ++endif ++if not rootlibdir.startswith('/') ++ # If we have a relative path, add rootprefixdir to the front. ++ rootlibdir = rootprefixdir / rootlibdir ++endif ++rootpkglibdir = rootlibdir / 'systemd' + + install_sysconfdir = get_option('install-sysconfdir') != 'false' + install_sysconfdir_samples = get_option('install-sysconfdir') == 'true' +@@ -142,7 +174,7 @@ rpmmacrosdir = get_option('rpmmacrosdir') + if rpmmacrosdir != 'no' + rpmmacrosdir = prefixdir / rpmmacrosdir + endif +-modprobedir = prefixdir / 'lib/modprobe.d' ++modprobedir = rootprefixdir / 'lib/modprobe.d' + + # Our own paths + pkgdatadir = datadir / 'systemd' +@@ -156,16 +188,16 @@ sysusersdir = prefixdir / 'lib/sysusers.d' + sysctldir = prefixdir / 'lib/sysctl.d' + binfmtdir = prefixdir / 'lib/binfmt.d' + modulesloaddir = prefixdir / 'lib/modules-load.d' +-networkdir = prefixdir / 'lib/systemd/network' +-systemgeneratordir = libexecdir / 'system-generators' ++networkdir = rootprefixdir / 'lib/systemd/network' ++systemgeneratordir = rootlibexecdir / 'system-generators' + usergeneratordir = prefixdir / 'lib/systemd/user-generators' + systemenvgeneratordir = prefixdir / 'lib/systemd/system-environment-generators' + userenvgeneratordir = prefixdir / 'lib/systemd/user-environment-generators' +-systemshutdowndir = libexecdir / 'system-shutdown' +-systemsleepdir = libexecdir / 'system-sleep' +-systemunitdir = prefixdir / 'lib/systemd/system' +-systempresetdir = prefixdir / 'lib/systemd/system-preset' +-udevlibexecdir = prefixdir / 'lib/udev' ++systemshutdowndir = rootlibexecdir / 'system-shutdown' ++systemsleepdir = rootlibexecdir / 'system-sleep' ++systemunitdir = rootprefixdir / 'lib/systemd/system' ++systempresetdir = rootprefixdir / 'lib/systemd/system-preset' ++udevlibexecdir = rootprefixdir / 'lib/udev' + udevrulesdir = udevlibexecdir / 'rules.d' + udevhwdbdir = udevlibexecdir / 'hwdb.d' + catalogdir = prefixdir / 'lib/systemd/catalog' +@@ -179,12 +211,13 @@ testdata_dir = testsdir / 'testdata' + systemdstatedir = localstatedir / 'lib/systemd' + catalogstatedir = systemdstatedir / 'catalog' + randomseeddir = localstatedir / 'lib/systemd' +-profiledir = libexecdir / 'portable' / 'profile' +-repartdefinitionsdir = libexecdir / 'repart/definitions' +-ntpservicelistdir = prefixdir / 'lib/systemd/ntp-units.d' ++profiledir = rootlibexecdir / 'portable' / 'profile' ++repartdefinitionsdir = rootlibexecdir / 'repart/definitions' ++ntpservicelistdir = rootprefixdir / 'lib/systemd/ntp-units.d' + credstoredir = prefixdir / 'lib/credstore' + pcrlockdir = prefixdir / 'lib/pcrlock.d' + mimepackagesdir = prefixdir / 'share/mime/packages' ++libexecdir = rootlibexecdir + + configfiledir = get_option('configfiledir') + if configfiledir == '' +@@ -199,12 +232,12 @@ endif + + pamlibdir = get_option('pamlibdir') + if pamlibdir == '' +- pamlibdir = libdir / 'security' ++ pamlibdir = rootlibdir / 'security' + endif + + pamconfdir = get_option('pamconfdir') + if pamconfdir == '' +- pamconfdir = prefixdir / 'lib/pam.d' ++ pamconfdir = rootlibdir / 'pam.d' + endif + + sshconfdir = get_option('sshconfdir') +@@ -225,7 +258,7 @@ conf.set('SSHDPRIVSEPDIR', sshdprivsepdir, description : 'SSH privilege separati + + libcryptsetup_plugins_dir = get_option('libcryptsetup-plugins-dir') + if libcryptsetup_plugins_dir == '' +- libcryptsetup_plugins_dir = libdir / 'cryptsetup' ++ libcryptsetup_plugins_dir = rootlibdir / 'cryptsetup' + endif + + memory_accounting_default = get_option('memory-accounting-default') +@@ -234,7 +267,6 @@ if status_unit_format_default == 'auto' + status_unit_format_default = conf.get('BUILD_MODE_DEVELOPER') == 1 ? 'name' : 'description' + endif + +-conf.set_quoted('BINDIR', bindir) + conf.set_quoted('BINFMT_DIR', binfmtdir) + conf.set_quoted('BOOTLIBDIR', bootlibdir) + conf.set_quoted('CATALOG_DATABASE', catalogstatedir / 'database') +@@ -251,39 +283,43 @@ conf.set_quoted('MODULESLOAD_DIR', modulesloaddir) + conf.set_quoted('PKGSYSCONFDIR', pkgsysconfdir) + conf.set_quoted('POLKIT_AGENT_BINARY_PATH', bindir / 'pkttyagent') + conf.set_quoted('PREFIX', prefixdir) +-conf.set_quoted('PREFIX_NOSLASH', prefixdir_noslash) + conf.set_quoted('RANDOM_SEED', randomseeddir / 'random-seed') + conf.set_quoted('RANDOM_SEED_DIR', randomseeddir) + conf.set_quoted('RC_LOCAL_PATH', get_option('rc-local')) ++conf.set_quoted('ROOTBINDIR', rootbindir) ++conf.set_quoted('ROOTLIBDIR', rootlibdir) ++conf.set_quoted('ROOTLIBEXECDIR', rootlibexecdir) ++conf.set_quoted('ROOTPREFIX', rootprefixdir) ++conf.set_quoted('ROOTPREFIX_NOSLASH', rootprefixdir_noslash) + conf.set_quoted('SSHCONFDIR', sshconfdir) + conf.set_quoted('SSHDCONFDIR', sshdconfdir) + conf.set_quoted('SYSCONF_DIR', sysconfdir) + conf.set_quoted('SYSCTL_DIR', sysctldir) +-conf.set_quoted('SYSTEMCTL_BINARY_PATH', bindir / 'systemctl') +-conf.set_quoted('SYSTEMD_BINARY_PATH', libexecdir / 'systemd') +-conf.set_quoted('SYSTEMD_EXECUTOR_BINARY_PATH', libexecdir / 'systemd-executor') ++conf.set_quoted('SYSTEMCTL_BINARY_PATH', rootbindir / 'systemctl') ++conf.set_quoted('SYSTEMD_BINARY_PATH', rootlibexecdir / 'systemd') ++conf.set_quoted('SYSTEMD_EXECUTOR_BINARY_PATH', rootlibexecdir / 'systemd-executor') + conf.set_quoted('SYSTEMD_CATALOG_DIR', catalogdir) +-conf.set_quoted('SYSTEMD_CGROUPS_AGENT_PATH', libexecdir / 'systemd-cgroups-agent') +-conf.set_quoted('SYSTEMD_CRYPTSETUP_PATH', bindir / 'systemd-cryptsetup') +-conf.set_quoted('SYSTEMD_EXPORT_PATH', libexecdir / 'systemd-export') +-conf.set_quoted('SYSTEMD_FSCK_PATH', libexecdir / 'systemd-fsck') +-conf.set_quoted('SYSTEMD_GROWFS_PATH', libexecdir / 'systemd-growfs') +-conf.set_quoted('SYSTEMD_HOMEWORK_PATH', libexecdir / 'systemd-homework') +-conf.set_quoted('SYSTEMD_IMPORT_FS_PATH', libexecdir / 'systemd-import-fs') +-conf.set_quoted('SYSTEMD_IMPORT_PATH', libexecdir / 'systemd-import') +-conf.set_quoted('SYSTEMD_INTEGRITYSETUP_PATH', libexecdir / 'systemd-integritysetup') ++conf.set_quoted('SYSTEMD_CGROUPS_AGENT_PATH', rootlibexecdir / 'systemd-cgroups-agent') ++conf.set_quoted('SYSTEMD_CRYPTSETUP_PATH', rootlibexecdir / 'systemd-cryptsetup') ++conf.set_quoted('SYSTEMD_EXPORT_PATH', rootlibexecdir / 'systemd-export') ++conf.set_quoted('SYSTEMD_FSCK_PATH', rootlibexecdir / 'systemd-fsck') ++conf.set_quoted('SYSTEMD_GROWFS_PATH', rootlibexecdir / 'systemd-growfs') ++conf.set_quoted('SYSTEMD_HOMEWORK_PATH', rootlibexecdir / 'systemd-homework') ++conf.set_quoted('SYSTEMD_IMPORT_FS_PATH', rootlibexecdir / 'systemd-import-fs') ++conf.set_quoted('SYSTEMD_IMPORT_PATH', rootlibexecdir / 'systemd-import') ++conf.set_quoted('SYSTEMD_INTEGRITYSETUP_PATH', rootlibexecdir / 'systemd-integritysetup') + conf.set_quoted('SYSTEMD_KBD_MODEL_MAP', pkgdatadir / 'kbd-model-map') + conf.set_quoted('SYSTEMD_LANGUAGE_FALLBACK_MAP', pkgdatadir / 'language-fallback-map') +-conf.set_quoted('SYSTEMD_MAKEFS_PATH', libexecdir / 'systemd-makefs') +-conf.set_quoted('SYSTEMD_PULL_PATH', libexecdir / 'systemd-pull') +-conf.set_quoted('SYSTEMD_SHUTDOWN_BINARY_PATH', libexecdir / 'systemd-shutdown') ++conf.set_quoted('SYSTEMD_MAKEFS_PATH', rootlibexecdir / 'systemd-makefs') ++conf.set_quoted('SYSTEMD_PULL_PATH', rootlibexecdir / 'systemd-pull') ++conf.set_quoted('SYSTEMD_SHUTDOWN_BINARY_PATH', rootlibexecdir / 'systemd-shutdown') + conf.set_quoted('SYSTEMD_TEST_DATA', testdata_dir) +-conf.set_quoted('SYSTEMD_TTY_ASK_PASSWORD_AGENT_BINARY_PATH', bindir / 'systemd-tty-ask-password-agent') +-conf.set_quoted('SYSTEMD_UPDATE_HELPER_PATH', libexecdir / 'systemd-update-helper') +-conf.set_quoted('SYSTEMD_USERWORK_PATH', libexecdir / 'systemd-userwork') +-conf.set_quoted('SYSTEMD_MOUNTWORK_PATH', libexecdir / 'systemd-mountwork') +-conf.set_quoted('SYSTEMD_NSRESOURCEWORK_PATH', libexecdir / 'systemd-nsresourcework') +-conf.set_quoted('SYSTEMD_VERITYSETUP_PATH', libexecdir / 'systemd-veritysetup') ++conf.set_quoted('SYSTEMD_TTY_ASK_PASSWORD_AGENT_BINARY_PATH', rootbindir / 'systemd-tty-ask-password-agent') ++conf.set_quoted('SYSTEMD_UPDATE_HELPER_PATH', rootlibexecdir / 'systemd-update-helper') ++conf.set_quoted('SYSTEMD_USERWORK_PATH', rootlibexecdir / 'systemd-userwork') ++conf.set_quoted('SYSTEMD_MOUNTWORK_PATH', rootlibexecdir / 'systemd-mountwork') ++conf.set_quoted('SYSTEMD_NSRESOURCEWORK_PATH', rootlibexecdir / 'systemd-nsresourcework') ++conf.set_quoted('SYSTEMD_VERITYSETUP_PATH', rootlibexecdir / 'systemd-veritysetup') + conf.set_quoted('SYSTEM_CONFIG_UNIT_DIR', pkgsysconfdir / 'system') + conf.set_quoted('SYSTEM_DATA_UNIT_DIR', systemunitdir) + conf.set_quoted('SYSTEM_ENV_GENERATOR_DIR', systemenvgeneratordir) +@@ -305,7 +341,7 @@ conf.set_quoted('USER_ENV_GENERATOR_DIR', userenvgeneratordi + conf.set_quoted('USER_GENERATOR_DIR', usergeneratordir) + conf.set_quoted('USER_KEYRING_PATH', pkgsysconfdir / 'import-pubring.gpg') + conf.set_quoted('USER_PRESET_DIR', userpresetdir) +-conf.set_quoted('VENDOR_KEYRING_PATH', libexecdir / 'import-pubring.gpg') ++conf.set_quoted('VENDOR_KEYRING_PATH', rootlibexecdir / 'import-pubring.gpg') + + conf.set('ANSI_OK_COLOR', 'ANSI_' + get_option('ok-color').underscorify().to_upper()) + conf.set10('ENABLE_URLIFY', get_option('urlify')) +@@ -2098,7 +2134,7 @@ libsystemd = shared_library( + link_depends : libsystemd_sym, + install : true, + install_tag: 'libsystemd', +- install_dir : libdir) ++ install_dir : rootlibdir) + + install_libsystemd_static = static_library( + 'systemd', +@@ -2109,7 +2145,7 @@ install_libsystemd_static = static_library( + build_by_default : static_libsystemd != 'false', + install : static_libsystemd != 'false', + install_tag: 'libsystemd', +- install_dir : libdir, ++ install_dir : rootlibdir, + pic : static_libsystemd_pic, + dependencies : [libblkid, + libcap, +@@ -2144,7 +2180,7 @@ libudev = shared_library( + link_depends : libudev_sym, + install : true, + install_tag: 'libudev', +- install_dir : libdir) ++ install_dir : rootlibdir) + + install_libudev_static = static_library( + 'udev', +@@ -2157,7 +2193,7 @@ install_libudev_static = static_library( + build_by_default : static_libudev != 'false', + install : static_libudev != 'false', + install_tag: 'libudev', +- install_dir : libdir, ++ install_dir : rootlibdir, + link_depends : libudev_sym, + dependencies : [libmount, + libshared_deps, +@@ -2197,7 +2233,7 @@ endif + executable_template = { + 'include_directories' : includes, + 'link_with' : libshared, +- 'install_rpath' : pkglibdir, ++ 'install_rpath' : rootpkglibdir, + 'install' : true, + } + +@@ -2903,11 +2939,14 @@ alt_time_epoch = run_command('date', '-Is', '-u', '-d', '@@0@'.format(time_epoch + check : true).stdout().strip() + + summary({ ++ 'split /usr' : split_usr, + 'split bin-sbin' : split_bin, + 'prefix directory' : prefixdir, ++ 'rootprefix directory' : rootprefixdir, + 'sysconf directory' : sysconfdir, + 'include directory' : includedir, + 'lib directory' : libdir, ++ 'rootlib directory' : rootlibdir, + 'SysV init scripts' : sysvinit_path, + 'SysV rc?.d directories' : sysvrcnd_path, + 'PAM modules directory' : pamlibdir, +@@ -3139,3 +3178,10 @@ summary({ + 'enabled' : ', '.join(found), + 'disabled' : ', '.join(missing)}, + section : 'Features') ++ ++if rootprefixdir != rootprefix_default ++ warning('\n' + ++ 'Note that the installation prefix was changed to "@0@".\n'.format(rootprefixdir) + ++ 'systemd used fixed names for unit file directories and other paths, so anything\n' + ++ 'except the default ("@0@") is strongly discouraged.'.format(rootprefix_default)) ++endif +diff --git a/meson_options.txt b/meson_options.txt +index 909e2d53e8b0..67b1fc1b7e9e 100644 +--- a/meson_options.txt ++++ b/meson_options.txt +@@ -11,14 +11,14 @@ option('vcs-tag', type : 'boolean', value : true, + option('mode', type : 'combo', choices : ['developer', 'release'], + description : 'autoenable features suitable for systemd development/release builds') + +-option('split-usr', type : 'combo', choices : ['auto', 'true', 'false'], deprecated: true, +- description : 'This option is deprecated and will be removed in a future release') ++option('split-usr', type : 'combo', choices : ['auto', 'true', 'false'], ++ description : '''/bin, /sbin aren't symlinks into /usr''') + option('split-bin', type : 'combo', choices : ['auto', 'true', 'false'], +- description : 'sbin is not a symlink to bin') +-option('rootlibdir', type : 'string', deprecated: true, +- description : 'This option is deprecated and will be removed in a future release') +-option('rootprefix', type : 'string', deprecated: true, +- description : 'This option is deprecated and will be removed in a future release') ++ description : '''sbin is not a symlink to bin''') ++option('rootlibdir', type : 'string', ++ description : '''[/usr]/lib/x86_64-linux-gnu or such''') ++option('rootprefix', type : 'string', ++ description : '''override the root prefix [default '/' if split-usr and '/usr' otherwise]''') + option('link-udev-shared', type : 'boolean', + description : 'link systemd-udevd and its helpers to libsystemd-shared.so') + option('link-executor-shared', type : 'boolean', +diff --git a/rules.d/64-btrfs.rules.in b/rules.d/64-btrfs.rules.in +index 039d759f621d..df6e12a5ddc5 100644 +--- a/rules.d/64-btrfs.rules.in ++++ b/rules.d/64-btrfs.rules.in +@@ -12,6 +12,6 @@ IMPORT{builtin}="btrfs ready $devnode" + ENV{ID_BTRFS_READY}=="0", ENV{SYSTEMD_READY}="0" + + # reconsider pending devices in case when multidevice volume awaits +-ENV{ID_BTRFS_READY}=="1", RUN+="{{BINDIR}}/udevadm trigger -s block -p ID_BTRFS_READY=0" ++ENV{ID_BTRFS_READY}=="1", RUN+="{{ROOTBINDIR}}/udevadm trigger -s block -p ID_BTRFS_READY=0" + + LABEL="btrfs_end" +diff --git a/rules.d/71-seat.rules.in b/rules.d/71-seat.rules.in +index 1fd7ec23b097..25e4ee7e5893 100644 +--- a/rules.d/71-seat.rules.in ++++ b/rules.d/71-seat.rules.in +@@ -71,11 +71,11 @@ SUBSYSTEM=="usb", ATTR{idVendor}=="17e9", ATTR{idProduct}=="401a", ATTR{product} + SUBSYSTEM=="usb", ATTR{idVendor}=="17e9", ATTR{idProduct}=="401a", ATTR{product}=="mimo inc", \ + ATTR{../idVendor}=="058f", ATTR{../idProduct}=="6254", \ + ENV{ID_AVOID_LOOP}=="", \ +- RUN+="{{BINDIR}}/udevadm trigger --parent-match=%p/.." ++ RUN+="{{ROOTBINDIR}}/udevadm trigger --parent-match=%p/.." + + TAG=="seat", ENV{ID_PATH}=="", IMPORT{builtin}="path_id" + TAG=="seat", ENV{ID_FOR_SEAT}=="", ENV{ID_PATH_TAG}!="", ENV{ID_FOR_SEAT}="$env{SUBSYSTEM}-$env{ID_PATH_TAG}" + +-SUBSYSTEM=="input", ATTR{name}=="Wiebetech LLC Wiebetech", RUN+="{{BINDIR}}/loginctl lock-sessions" ++SUBSYSTEM=="input", ATTR{name}=="Wiebetech LLC Wiebetech", RUN+="{{ROOTBINDIR}}/loginctl lock-sessions" + + LABEL="seat_end" +diff --git a/rules.d/99-systemd.rules.in b/rules.d/99-systemd.rules.in +index 8ba6f177f845..5cacff93c5fa 100644 +--- a/rules.d/99-systemd.rules.in ++++ b/rules.d/99-systemd.rules.in +@@ -68,7 +68,7 @@ SUBSYSTEM=="usb", ENV{DEVTYPE}=="usb_device", ENV{ID_USB_INTERFACES}=="*:0701??: + SUBSYSTEM=="udc", TAG+="systemd", ENV{SYSTEMD_WANTS}+="usb-gadget.target" + + # Apply sysctl variables to network devices (and only to those) as they appear. +-ACTION=="add", SUBSYSTEM=="net", KERNEL!="lo", RUN+="{{LIBEXECDIR}}/systemd-sysctl --prefix=/net/ipv4/conf/$name --prefix=/net/ipv4/neigh/$name --prefix=/net/ipv6/conf/$name --prefix=/net/ipv6/neigh/$name" ++ACTION=="add", SUBSYSTEM=="net", KERNEL!="lo", RUN+="{{ROOTLIBEXECDIR}}/systemd-sysctl --prefix=/net/ipv4/conf/$name --prefix=/net/ipv4/neigh/$name --prefix=/net/ipv6/conf/$name --prefix=/net/ipv6/neigh/$name" + + {% if ENABLE_BACKLIGHT %} + # Pull in backlight save/restore for all backlight devices and +diff --git a/shell-completion/bash/systemctl.in b/shell-completion/bash/systemctl.in +index f4576c4355b7..74507e9cfd32 100644 +--- a/shell-completion/bash/systemctl.in ++++ b/shell-completion/bash/systemctl.in +@@ -13,7 +13,7 @@ __systemctl() { + } + + __systemd_properties() { +- {{LIBEXECDIR}}/systemd --dump-bus-properties ++ {{ROOTLIBEXECDIR}}/systemd --dump-bus-properties + } + + __contains_word () { +diff --git a/shell-completion/zsh/_systemctl.in b/shell-completion/zsh/_systemctl.in +index df9045f229bc..d9f4686f89d1 100644 +--- a/shell-completion/zsh/_systemctl.in ++++ b/shell-completion/zsh/_systemctl.in +@@ -472,7 +472,7 @@ done + + (( $+functions[_systemctl_unit_properties] )) || + _systemctl_unit_properties() { +- local -a _sys_all_properties=( ${(f)"$({{LIBEXECDIR}}/systemd --no-pager --dump-bus-properties 2>/dev/null)"} ) ++ local -a _sys_all_properties=( ${(f)"$({{ROOTLIBEXECDIR}}/systemd --no-pager --dump-bus-properties 2>/dev/null)"} ) + _wanted systemd-unit-properties expl 'unit property' \ + _values -s , "${_sys_all_properties[@]}" + } +diff --git a/src/basic/constants.h b/src/basic/constants.h +index e70817c51f84..cec9c478a2c4 100644 +--- a/src/basic/constants.h ++++ b/src/basic/constants.h +@@ -56,19 +56,32 @@ + #define NOTIFY_FD_MAX 768 + #define NOTIFY_BUFFER_MAX PIPE_BUF + ++#if HAVE_SPLIT_USR ++# define _CONF_PATHS_SPLIT_USR_NULSTR(n) "/lib/" n "\0" ++# define _CONF_PATHS_SPLIT_USR(n) , "/lib/" n ++#else ++# define _CONF_PATHS_SPLIT_USR_NULSTR(n) ++# define _CONF_PATHS_SPLIT_USR(n) ++#endif ++ + /* Return a nulstr for a standard cascade of configuration paths, suitable to pass to + * conf_files_list_nulstr() to implement drop-in directories for extending configuration files. */ + #define CONF_PATHS_NULSTR(n) \ + "/etc/" n "\0" \ + "/run/" n "\0" \ + "/usr/local/lib/" n "\0" \ +- "/usr/lib/" n "\0" ++ "/usr/lib/" n "\0" \ ++ _CONF_PATHS_SPLIT_USR_NULSTR(n) + + #define CONF_PATHS(n) \ + "/etc/" n, \ + "/run/" n, \ + "/usr/local/lib/" n, \ +- "/usr/lib/" n ++ "/usr/lib/" n \ ++ _CONF_PATHS_SPLIT_USR(n) ++ ++#define CONF_PATHS_USR_STRV(n) \ ++ STRV_MAKE(CONF_PATHS_USR(n)) + + #define CONF_PATHS_STRV(n) \ + STRV_MAKE(CONF_PATHS(n)) +diff --git a/src/basic/path-lookup.c b/src/basic/path-lookup.c +index 540256b73b84..3d3df61fb927 100644 +--- a/src/basic/path-lookup.c ++++ b/src/basic/path-lookup.c +@@ -551,6 +551,10 @@ int lookup_paths_init( + assert(scope >= 0); + assert(scope < _RUNTIME_SCOPE_MAX); + ++#if HAVE_SPLIT_USR ++ flags |= LOOKUP_PATHS_SPLIT_USR; ++#endif ++ + if (!empty_or_root(root_dir)) { + if (scope == RUNTIME_SCOPE_USER) + return -EINVAL; +@@ -642,7 +646,6 @@ int lookup_paths_init( + "/usr/local/lib/systemd/system", + SYSTEM_DATA_UNIT_DIR, + "/usr/lib/systemd/system", +- /* To be used ONLY for images which might be legacy split-usr */ + STRV_IFNOTNULL(flags & LOOKUP_PATHS_SPLIT_USR ? "/lib/systemd/system" : NULL), + STRV_IFNOTNULL(generator_late)); + break; +diff --git a/src/basic/path-lookup.h b/src/basic/path-lookup.h +index 0db2c5a98caf..cbf1bcf24e54 100644 +--- a/src/basic/path-lookup.h ++++ b/src/basic/path-lookup.h +@@ -10,7 +10,7 @@ + typedef enum LookupPathsFlags { + LOOKUP_PATHS_EXCLUDE_GENERATED = 1 << 0, + LOOKUP_PATHS_TEMPORARY_GENERATED = 1 << 1, +- LOOKUP_PATHS_SPLIT_USR = 1 << 2, /* Legacy, use ONLY for image payloads which might be old */ ++ LOOKUP_PATHS_SPLIT_USR = 1 << 2, + } LookupPathsFlags; + + typedef struct LookupPaths { +diff --git a/src/basic/path-util.h b/src/basic/path-util.h +index 792b8ff2cbc6..a224091db4ce 100644 +--- a/src/basic/path-util.h ++++ b/src/basic/path-util.h +@@ -17,8 +17,8 @@ + #define PATH_MERGED_BIN(x) x "bin" + #define PATH_MERGED_BIN_NULSTR(x) x "bin\0" + +-#define DEFAULT_PATH_WITH_SBIN PATH_SPLIT_BIN("/usr/local/") ":" PATH_SPLIT_BIN("/usr/") +-#define DEFAULT_PATH_WITHOUT_SBIN PATH_MERGED_BIN("/usr/local/") ":" PATH_MERGED_BIN("/usr/") ++#define DEFAULT_PATH_WITH_SBIN PATH_SPLIT_BIN("/usr/local/") ":" PATH_SPLIT_BIN("/usr/") ":" PATH_SPLIT_BIN("/") ++#define DEFAULT_PATH_WITHOUT_SBIN PATH_MERGED_BIN("/usr/local/") ":" PATH_MERGED_BIN("/usr/") ":" PATH_MERGED_BIN("/") + + #define DEFAULT_PATH_COMPAT PATH_SPLIT_BIN("/usr/local/") ":" PATH_SPLIT_BIN("/usr/") ":" PATH_SPLIT_BIN("/") + +diff --git a/src/boot/meson.build b/src/boot/meson.build +index 55b9bd6294b0..ec1ba21d49f5 100644 +--- a/src/boot/meson.build ++++ b/src/boot/meson.build +@@ -30,6 +30,7 @@ executables += [ + ], + 'sources' : bootctl_sources, + 'link_with' : boot_link_with, ++ 'install_dir' : rootbindir, + 'dependencies' : libblkid, + }, + libexec_template + { +@@ -41,6 +42,7 @@ executables += [ + ], + 'sources' : files('bless-boot.c'), + 'link_with' : boot_link_with, ++ 'install_dir' : rootlibexecdir, + 'dependencies' : libblkid, + }, + generator_template + { +@@ -65,5 +67,6 @@ executables += [ + libexec_template + { + 'name' : 'systemd-boot-check-no-failures', + 'sources' : files('boot-check-no-failures.c'), ++ 'install_dir' : rootlibexecdir, + }, + ] +diff --git a/src/core/manager-serialize.c b/src/core/manager-serialize.c +index 1d2959abf439..03803a810172 100644 +--- a/src/core/manager-serialize.c ++++ b/src/core/manager-serialize.c +@@ -90,6 +90,7 @@ int manager_serialize( + (void) serialize_item_format(f, "current-job-id", "%" PRIu32, m->current_job_id); + (void) serialize_item_format(f, "n-installed-jobs", "%u", m->n_installed_jobs); + (void) serialize_item_format(f, "n-failed-jobs", "%u", m->n_failed_jobs); ++ (void) serialize_bool(f, "taint-usr", m->taint_usr); + (void) serialize_bool(f, "ready-sent", m->ready_sent); + (void) serialize_bool(f, "taint-logged", m->taint_logged); + (void) serialize_bool(f, "service-watchdogs", m->service_watchdogs); +@@ -354,6 +355,15 @@ int manager_deserialize(Manager *m, FILE *f, FDSet *fds) { + else + m->n_failed_jobs += n; + ++ } else if ((val = startswith(l, "taint-usr="))) { ++ int b; ++ ++ b = parse_boolean(val); ++ if (b < 0) ++ log_notice("Failed to parse taint /usr flag '%s', ignoring.", val); ++ else ++ m->taint_usr = m->taint_usr || b; ++ + } else if ((val = startswith(l, "ready-sent="))) { + int b; + +diff --git a/src/core/manager.c b/src/core/manager.c +index 5997ef0cf13b..cc2e145260dc 100644 +--- a/src/core/manager.c ++++ b/src/core/manager.c +@@ -1056,6 +1056,9 @@ int manager_new(RuntimeScope runtime_scope, ManagerTestRunFlags test_run_flags, + + log_debug("Using systemd-executor binary from '%s'.", executor_path); + } ++ m->taint_usr = ++ !in_initrd() && ++ dir_is_empty("/usr", /* ignore_hidden_or_backup= */ false) > 0; + + /* Note that we do not set up the notify fd here. We do that after deserialization, + * since they might have gotten serialized across the reexec. */ +@@ -4946,7 +4949,6 @@ static int manager_dispatch_handoff_timestamp_fd(sd_event_source *source, int fd + FOREACH_ARRAY(u, units, n_units) { + if (!UNIT_VTABLE(*u)->notify_handoff_timestamp) + continue; +- + UNIT_VTABLE(*u)->notify_handoff_timestamp(*u, ucred, &dt); + } + +diff --git a/src/core/manager.h b/src/core/manager.h +index 0641b2726f0f..cdb1e36d3fea 100644 +--- a/src/core/manager.h ++++ b/src/core/manager.h +@@ -388,6 +388,8 @@ struct Manager { + /* Flags */ + bool dispatching_load_queue; + ++ bool taint_usr; ++ + /* Have we already sent out the READY=1 notification? */ + bool ready_sent; + +diff --git a/src/core/meson.build b/src/core/meson.build +index dbeb752977c8..5fa5abc82c75 100644 +--- a/src/core/meson.build ++++ b/src/core/meson.build +@@ -142,7 +142,7 @@ libcore = shared_library( + link_whole: libcore_static, + link_with : libshared, + install : true, +- install_dir : pkglibdir) ++ install_dir : rootpkglibdir) + + core_includes = [includes, include_directories('.')] + +@@ -261,7 +261,7 @@ if install_sysconfdir + endif + + install_emptydir(sbindir) +-meson.add_install_script(sh, '-c', ln_s.format(libexecdir / 'systemd', sbindir / 'init')) ++meson.add_install_script(sh, '-c', ln_s.format(rootlibexecdir / 'systemd', rootsbindir / 'init')) + + ############################################################ + +diff --git a/src/core/namespace.c b/src/core/namespace.c +index a9b98bcd32b2..e2f37287075e 100644 +--- a/src/core/namespace.c ++++ b/src/core/namespace.c +@@ -154,7 +154,7 @@ static const MountEntry protect_kernel_tunables_sys_table[] = { + + /* ProtectKernelModules= option */ + static const MountEntry protect_kernel_modules_table[] = { +- { "/usr/lib/modules", MOUNT_INACCESSIBLE, true }, ++ { "/lib/modules", MOUNT_INACCESSIBLE, true }, + }; + + /* ProtectKernelLogs= option */ +@@ -195,6 +195,9 @@ static const MountEntry protect_system_yes_table[] = { + { "/usr", MOUNT_READ_ONLY, false }, + { "/boot", MOUNT_READ_ONLY, true }, + { "/efi", MOUNT_READ_ONLY, true }, ++ { "/lib", MOUNT_READ_ONLY, true }, ++ { "/bin", MOUNT_READ_ONLY, true }, ++ { "/sbin", MOUNT_READ_ONLY, true }, + }; + + /* ProtectSystem=full includes ProtectSystem=yes */ +@@ -203,6 +206,9 @@ static const MountEntry protect_system_full_table[] = { + { "/boot", MOUNT_READ_ONLY, true }, + { "/efi", MOUNT_READ_ONLY, true }, + { "/etc", MOUNT_READ_ONLY, false }, ++ { "/lib", MOUNT_READ_ONLY, false }, ++ { "/bin", MOUNT_READ_ONLY, false }, ++ { "/sbin", MOUNT_READ_ONLY, false }, + }; + + /* ProtectSystem=strict table. In this strict mode, we mount everything read-only, except for /proc, /dev, +diff --git a/src/core/org.freedesktop.systemd1.policy.in b/src/core/org.freedesktop.systemd1.policy.in +index 0083e0b58521..9e9a20f66f67 100644 +--- a/src/core/org.freedesktop.systemd1.policy.in ++++ b/src/core/org.freedesktop.systemd1.policy.in +@@ -26,7 +26,7 @@ + no + auth_admin_keep + +- {{LIBEXECDIR}}/systemd-reply-password ++ {{ROOTLIBEXECDIR}}/systemd-reply-password + + + +diff --git a/src/core/systemd.pc.in b/src/core/systemd.pc.in +index f3b85b01909a..693433b34b87 100644 +--- a/src/core/systemd.pc.in ++++ b/src/core/systemd.pc.in +@@ -11,24 +11,19 @@ + # considered deprecated (though there is no plan to remove them). New names + # shall have underscores. + +-# root_prefix and rootprefix are deprecated since we dropped support for split-usr +-# however we used to install units in root_prefix and a lot of downstream software +-# overrode this variable in their build system to support installing units elsewhere. +-# To stop those builds from silently breaking we keep root_prefix around but have +-# it as an alias for prefix +-root_prefix={{PREFIX_NOSLASH}} ++prefix=/usr ++root_prefix={{ROOTPREFIX_NOSLASH}} + rootprefix=${root_prefix} +-prefix=${rootprefix} + sysconf_dir={{SYSCONF_DIR}} + sysconfdir=${sysconf_dir} + +-systemd_util_dir=${prefix}/lib/systemd ++systemd_util_dir=${root_prefix}/lib/systemd + systemdutildir=${systemd_util_dir} + +-systemd_system_unit_dir=${prefix}/lib/systemd/system ++systemd_system_unit_dir=${rootprefix}/lib/systemd/system + systemdsystemunitdir=${systemd_system_unit_dir} + +-systemd_system_preset_dir=${prefix}/lib/systemd/system-preset ++systemd_system_preset_dir=${rootprefix}/lib/systemd/system-preset + systemdsystempresetdir=${systemd_system_preset_dir} + + systemd_user_unit_dir=${prefix}/lib/systemd/user +@@ -49,7 +44,7 @@ systemdsystemunitpath=${systemd_system_unit_path} + systemd_user_unit_path=${systemd_user_conf_dir}:/etc/systemd/user:/run/systemd/user:/usr/local/lib/systemd/user:/usr/local/share/systemd/user:${systemd_user_unit_dir}:/usr/lib/systemd/user:/usr/share/systemd/user + systemduserunitpath=${systemd_user_unit_path} + +-systemd_system_generator_dir=${prefix}/lib/systemd/system-generators ++systemd_system_generator_dir=${root_prefix}/lib/systemd/system-generators + systemdsystemgeneratordir=${systemd_system_generator_dir} + + systemd_user_generator_dir=${prefix}/lib/systemd/user-generators +@@ -61,10 +56,10 @@ systemdsystemgeneratorpath=${systemd_system_generator_path} + systemd_user_generator_path=/run/systemd/user-generators:/etc/systemd/user-generators:/usr/local/lib/systemd/user-generators:${systemd_user_generator_dir} + systemdusergeneratorpath=${systemd_user_generator_path} + +-systemd_sleep_dir=${prefix}/lib/systemd/system-sleep ++systemd_sleep_dir=${root_prefix}/lib/systemd/system-sleep + systemdsleepdir=${systemd_sleep_dir} + +-systemd_shutdown_dir=${prefix}/lib/systemd/system-shutdown ++systemd_shutdown_dir=${root_prefix}/lib/systemd/system-shutdown + systemdshutdowndir=${systemd_shutdown_dir} + + tmpfiles_dir=${prefix}/lib/tmpfiles.d +@@ -72,16 +67,16 @@ tmpfilesdir=${tmpfiles_dir} + + user_tmpfiles_dir=${prefix}/share/user-tmpfiles.d + +-sysusers_dir=${prefix}/lib/sysusers.d ++sysusers_dir=${rootprefix}/lib/sysusers.d + sysusersdir=${sysusers_dir} + +-sysctl_dir=${prefix}/lib/sysctl.d ++sysctl_dir=${rootprefix}/lib/sysctl.d + sysctldir=${sysctl_dir} + +-binfmt_dir=${prefix}/lib/binfmt.d ++binfmt_dir=${rootprefix}/lib/binfmt.d + binfmtdir=${binfmt_dir} + +-modules_load_dir=${prefix}/lib/modules-load.d ++modules_load_dir=${rootprefix}/lib/modules-load.d + modulesloaddir=${modules_load_dir} + + catalog_dir=${prefix}/lib/systemd/catalog +diff --git a/src/cryptsetup/cryptsetup-generator.c b/src/cryptsetup/cryptsetup-generator.c +index 4db25d362f05..b42fe806a547 100644 +--- a/src/cryptsetup/cryptsetup-generator.c ++++ b/src/cryptsetup/cryptsetup-generator.c +@@ -536,13 +536,13 @@ static int create_disk( + } + + fprintf(f, +- "ExecStartPost=" LIBEXECDIR "/systemd-makefs '%s' '/dev/mapper/%s'\n", ++ "ExecStartPost=" ROOTLIBEXECDIR "/systemd-makefs '%s' '/dev/mapper/%s'\n", + tmp_fstype_escaped ?: "ext4", name_escaped); + } + + if (swap) + fprintf(f, +- "ExecStartPost=" LIBEXECDIR "/systemd-makefs swap '/dev/mapper/%s'\n", ++ "ExecStartPost=" ROOTLIBEXECDIR "/systemd-makefs swap '/dev/mapper/%s'\n", + name_escaped); + + r = fflush_and_check(f); +diff --git a/src/cryptsetup/cryptsetup-tokens/meson.build b/src/cryptsetup/cryptsetup-tokens/meson.build +index b26940c6a3b1..9f9c1f20b649 100644 +--- a/src/cryptsetup/cryptsetup-tokens/meson.build ++++ b/src/cryptsetup/cryptsetup-tokens/meson.build +@@ -30,7 +30,7 @@ template = { + libshared, + ], + 'version-script' : meson.current_source_dir() / 'cryptsetup-token.sym', +- 'install_rpath' : pkglibdir, ++ 'install_rpath' : rootpkglibdir, + 'install' : true, + 'install_dir' : libcryptsetup_plugins_dir, + } +diff --git a/src/delta/delta.c b/src/delta/delta.c +index 3433250549bb..a82f7f5ee17a 100644 +--- a/src/delta/delta.c ++++ b/src/delta/delta.c +@@ -35,6 +35,9 @@ static const char prefixes[] = + "/usr/local/share\0" + "/usr/lib\0" + "/usr/share\0" ++#if HAVE_SPLIT_USR ++ "/lib\0" ++#endif + ; + + static const char suffixes[] = +@@ -365,6 +368,36 @@ static int enumerate_dir( + return 0; + } + ++static int should_skip_path(const char *prefix, const char *suffix) { ++#if HAVE_SPLIT_USR ++ _cleanup_free_ char *target = NULL, *dirname = NULL; ++ ++ dirname = path_join(prefix, suffix); ++ if (!dirname) ++ return -ENOMEM; ++ ++ if (chase(dirname, NULL, 0, &target, NULL) < 0) ++ return false; ++ ++ NULSTR_FOREACH(p, prefixes) { ++ _cleanup_free_ char *tmp = NULL; ++ ++ if (path_startswith(dirname, p)) ++ continue; ++ ++ tmp = path_join(p, suffix); ++ if (!tmp) ++ return -ENOMEM; ++ ++ if (path_equal(target, tmp)) { ++ log_debug("%s redirects to %s, skipping.", dirname, target); ++ return true; ++ } ++ } ++#endif ++ return false; ++} ++ + static int process_suffix(const char *suffix, const char *onlyprefix) { + char *f, *key; + OrderedHashmap *top, *bottom, *drops, *h; +@@ -388,6 +421,9 @@ static int process_suffix(const char *suffix, const char *onlyprefix) { + NULSTR_FOREACH(p, prefixes) { + _cleanup_free_ char *t = NULL; + ++ if (should_skip_path(p, suffix) > 0) ++ continue; ++ + t = path_join(p, suffix); + if (!t) { + r = -ENOMEM; +diff --git a/src/dissect/meson.build b/src/dissect/meson.build +index e422dbdd27b2..c6a485db97ec 100644 +--- a/src/dissect/meson.build ++++ b/src/dissect/meson.build +@@ -13,5 +13,5 @@ if conf.get('HAVE_BLKID') == 1 + install_emptydir(sbindir) + meson.add_install_script(sh, '-c', + ln_s.format(bindir / 'systemd-dissect', +- sbindir / 'mount.ddi')) ++ rootsbindir / 'mount.ddi')) + endif +diff --git a/src/fstab-generator/meson.build b/src/fstab-generator/meson.build +index 7b90580e9063..2146d24474bb 100644 +--- a/src/fstab-generator/meson.build ++++ b/src/fstab-generator/meson.build +@@ -9,4 +9,4 @@ executables += [ + + meson.add_install_script(sh, '-c', + ln_s.format(systemgeneratordir / 'systemd-fstab-generator', +- libexecdir / 'systemd-sysroot-fstab-check')) ++ rootlibexecdir / 'systemd-sysroot-fstab-check')) +diff --git a/src/import/meson.build b/src/import/meson.build +index 184dd7bbf2dc..ed5290df9cf6 100644 +--- a/src/import/meson.build ++++ b/src/import/meson.build +@@ -129,5 +129,5 @@ install_data('org.freedesktop.import1.policy', + install_dir : polkitpolicydir) + + install_data('import-pubring.gpg', +- install_dir : libexecdir) ++ install_dir : rootlibexecdir) + # TODO: shouldn't this be in pkgdatadir? +diff --git a/src/integritysetup/integritysetup-generator.c b/src/integritysetup/integritysetup-generator.c +index 72b890575ce1..ea187e0c191a 100644 +--- a/src/integritysetup/integritysetup-generator.c ++++ b/src/integritysetup/integritysetup-generator.c +@@ -101,8 +101,8 @@ static int create_disk( + "Type=oneshot\n" + "RemainAfterExit=yes\n" + "TimeoutSec=infinity\n" +- "ExecStart=" LIBEXECDIR "/systemd-integritysetup attach '%s' '%s' '%s' '%s'\n" +- "ExecStop=" LIBEXECDIR "/systemd-integritysetup detach '%s'\n", ++ "ExecStart=" ROOTLIBEXECDIR "/systemd-integritysetup attach '%s' '%s' '%s' '%s'\n" ++ "ExecStop=" ROOTLIBEXECDIR "/systemd-integritysetup detach '%s'\n", + name_escaped, device, empty_to_dash(key_file_escaped), empty_to_dash(options), + name_escaped); + +diff --git a/src/libsystemd/libsystemd.pc.in b/src/libsystemd/libsystemd.pc.in +index 3a43ef60710e..da6e4e667ef7 100644 +--- a/src/libsystemd/libsystemd.pc.in ++++ b/src/libsystemd/libsystemd.pc.in +@@ -9,7 +9,7 @@ + + prefix={{PREFIX}} + exec_prefix={{PREFIX}} +-libdir={{LIBDIR}} ++libdir={{ROOTLIBDIR}} + includedir={{INCLUDE_DIR}} + + Name: systemd +diff --git a/src/libsystemd/sd-hwdb/hwdb-internal.h b/src/libsystemd/sd-hwdb/hwdb-internal.h +index 9db3b314416e..5302679a6252 100644 +--- a/src/libsystemd/sd-hwdb/hwdb-internal.h ++++ b/src/libsystemd/sd-hwdb/hwdb-internal.h +@@ -86,4 +86,5 @@ struct trie_value_entry2_f { + "/etc/systemd/hwdb/hwdb.bin\0" \ + "/etc/udev/hwdb.bin\0" \ + "/usr/lib/systemd/hwdb/hwdb.bin\0" \ ++ _CONF_PATHS_SPLIT_USR_NULSTR("systemd/hwdb/hwdb.bin") \ + UDEVLIBEXECDIR "/hwdb.bin\0" +diff --git a/src/libsystemd/sd-path/sd-path.c b/src/libsystemd/sd-path/sd-path.c +index 8edbde9c8ec4..0d68a4394514 100644 +--- a/src/libsystemd/sd-path/sd-path.c ++++ b/src/libsystemd/sd-path/sd-path.c +@@ -311,7 +311,7 @@ static int get_path(uint64_t type, char **buffer, const char **ret) { + return from_user_dir("XDG_DESKTOP_DIR", buffer, ret); + + case SD_PATH_SYSTEMD_UTIL: +- *ret = PREFIX_NOSLASH "/lib/systemd"; ++ *ret = ROOTPREFIX_NOSLASH "/lib/systemd"; + return 0; + + case SD_PATH_SYSTEMD_SYSTEM_UNIT: +@@ -319,7 +319,7 @@ static int get_path(uint64_t type, char **buffer, const char **ret) { + return 0; + + case SD_PATH_SYSTEMD_SYSTEM_PRESET: +- *ret = PREFIX_NOSLASH "/lib/systemd/system-preset"; ++ *ret = ROOTPREFIX_NOSLASH "/lib/systemd/system-preset"; + return 0; + + case SD_PATH_SYSTEMD_USER_UNIT: +@@ -327,7 +327,7 @@ static int get_path(uint64_t type, char **buffer, const char **ret) { + return 0; + + case SD_PATH_SYSTEMD_USER_PRESET: +- *ret = PREFIX_NOSLASH "/lib/systemd/user-preset"; ++ *ret = ROOTPREFIX_NOSLASH "/lib/systemd/user-preset"; + return 0; + + case SD_PATH_SYSTEMD_SYSTEM_CONF: +@@ -347,11 +347,11 @@ static int get_path(uint64_t type, char **buffer, const char **ret) { + return 0; + + case SD_PATH_SYSTEMD_SLEEP: +- *ret = PREFIX_NOSLASH "/lib/systemd/system-sleep"; ++ *ret = ROOTPREFIX_NOSLASH "/lib/systemd/system-sleep"; + return 0; + + case SD_PATH_SYSTEMD_SHUTDOWN: +- *ret = PREFIX_NOSLASH "/lib/systemd/system-shutdown"; ++ *ret = ROOTPREFIX_NOSLASH "/lib/systemd/system-shutdown"; + return 0; + + case SD_PATH_TMPFILES: +@@ -359,19 +359,19 @@ static int get_path(uint64_t type, char **buffer, const char **ret) { + return 0; + + case SD_PATH_SYSUSERS: +- *ret = PREFIX_NOSLASH "/lib/sysusers.d"; ++ *ret = ROOTPREFIX_NOSLASH "/lib/sysusers.d"; + return 0; + + case SD_PATH_SYSCTL: +- *ret = PREFIX_NOSLASH "/lib/sysctl.d"; ++ *ret = ROOTPREFIX_NOSLASH "/lib/sysctl.d"; + return 0; + + case SD_PATH_BINFMT: +- *ret = PREFIX_NOSLASH "/lib/binfmt.d"; ++ *ret = ROOTPREFIX_NOSLASH "/lib/binfmt.d"; + return 0; + + case SD_PATH_MODULES_LOAD: +- *ret = PREFIX_NOSLASH "/lib/modules-load.d"; ++ *ret = ROOTPREFIX_NOSLASH "/lib/modules-load.d"; + return 0; + + case SD_PATH_CATALOG: +@@ -531,6 +531,9 @@ static int get_search(uint64_t type, char ***ret) { + true, + ARRAY_SBIN_BIN("/usr/local/"), + ARRAY_SBIN_BIN("/usr/"), ++#if HAVE_SPLIT_USR ++ ARRAY_SBIN_BIN("/"), ++#endif + NULL); + + case SD_PATH_SEARCH_LIBRARY_PRIVATE: +@@ -541,6 +544,9 @@ static int get_search(uint64_t type, char ***ret) { + false, + "/usr/local/lib", + "/usr/lib", ++#if HAVE_SPLIT_USR ++ "/lib", ++#endif + NULL); + + case SD_PATH_SEARCH_LIBRARY_ARCH: +@@ -550,6 +556,9 @@ static int get_search(uint64_t type, char ***ret) { + "LD_LIBRARY_PATH", + true, + LIBDIR, ++#if HAVE_SPLIT_USR ++ ROOTLIBDIR, ++#endif + NULL); + + case SD_PATH_SEARCH_SHARED: +diff --git a/src/libudev/libudev.pc.in b/src/libudev/libudev.pc.in +index 6541bcb1ab6b..1d6487fa4084 100644 +--- a/src/libudev/libudev.pc.in ++++ b/src/libudev/libudev.pc.in +@@ -9,7 +9,7 @@ + + prefix={{PREFIX}} + exec_prefix={{PREFIX}} +-libdir={{LIBDIR}} ++libdir={{ROOTLIBDIR}} + includedir={{INCLUDE_DIR}} + + Name: libudev +diff --git a/src/login/meson.build b/src/login/meson.build +index 43db03184c58..5636dbde41ae 100644 +--- a/src/login/meson.build ++++ b/src/login/meson.build +@@ -50,6 +50,7 @@ executables += [ + 'dbus' : true, + 'conditions' : ['ENABLE_LOGIND'], + 'sources' : systemd_logind_sources, ++ 'install_dir' : rootlibexecdir, + 'link_with' : [ + liblogind_core, + libshared, +@@ -64,6 +65,7 @@ executables += [ + 'public' : true, + 'conditions' : ['ENABLE_LOGIND'], + 'sources' : loginctl_sources, ++ 'install_dir' : rootbindir, + 'dependencies' : [ + liblz4_cflags, + libxz_cflags, +diff --git a/src/machine/machinectl.c b/src/machine/machinectl.c +index 1b63e6d20378..e419289e5c78 100644 +--- a/src/machine/machinectl.c ++++ b/src/machine/machinectl.c +@@ -1997,7 +1997,7 @@ static int chainload_importctl(int argc, char *argv[]) { + log_debug("Chainloading: %s", joined); + } + +- r = invoke_callout_binary(BINDIR "/importctl", c); ++ r = invoke_callout_binary(ROOTBINDIR "/importctl", c); + return log_error_errno(r, "Failed to invoke 'importctl': %m"); + } + +diff --git a/src/portable/meson.build b/src/portable/meson.build +index 210829b85145..e168b509c340 100644 +--- a/src/portable/meson.build ++++ b/src/portable/meson.build +@@ -25,6 +25,7 @@ executables += [ + 'conditions' : ['ENABLE_PORTABLED'], + 'sources' : systemd_portabled_sources, + 'link_with' : portabled_link_with, ++ 'install_dir' : rootlibexecdir, + 'dependencies' : [ + libselinux, + threads, +@@ -36,6 +37,7 @@ executables += [ + 'conditions' : ['ENABLE_PORTABLED'], + 'sources' : files('portablectl.c'), + 'link_with' : portabled_link_with, ++ 'install_dir' : rootbindir, + 'dependencies' : threads, + }, + ] +diff --git a/src/portable/portable.c b/src/portable/portable.c +index 53418c417b51..153c8dfb74f5 100644 +--- a/src/portable/portable.c ++++ b/src/portable/portable.c +@@ -245,8 +245,8 @@ static int extract_now( + } + + /* Then, send unit file data to the parent (or/and add it to the hashmap). For that we use our usual unit +- * discovery logic. Note that we force looking inside of /lib/systemd/system/ for units too, as the +- * image might have a legacy split-usr layout. */ ++ * discovery logic. Note that we force looking inside of /lib/systemd/system/ for units too, as we mightbe ++ * compiled for a split-usr system but the image might be a legacy-usr one. */ + r = lookup_paths_init(&paths, RUNTIME_SCOPE_SYSTEM, LOOKUP_PATHS_SPLIT_USR, where); + if (r < 0) + return log_debug_errno(r, "Failed to acquire lookup paths: %m"); +@@ -1664,7 +1664,7 @@ int portable_attach( + strempty(extensions_joined)); + } + +- r = lookup_paths_init(&paths, RUNTIME_SCOPE_SYSTEM, /* flags= */ 0, NULL); ++ r = lookup_paths_init(&paths, RUNTIME_SCOPE_SYSTEM, LOOKUP_PATHS_SPLIT_USR, NULL); + if (r < 0) + return r; + +@@ -1854,7 +1854,7 @@ int portable_detach( + + assert(name_or_path); + +- r = lookup_paths_init(&paths, RUNTIME_SCOPE_SYSTEM, /* flags= */ 0, NULL); ++ r = lookup_paths_init(&paths, RUNTIME_SCOPE_SYSTEM, LOOKUP_PATHS_SPLIT_USR, NULL); + if (r < 0) + return r; + +@@ -2040,7 +2040,7 @@ static int portable_get_state_internal( + assert(name_or_path); + assert(ret); + +- r = lookup_paths_init(&paths, RUNTIME_SCOPE_SYSTEM, /* flags= */ 0, NULL); ++ r = lookup_paths_init(&paths, RUNTIME_SCOPE_SYSTEM, LOOKUP_PATHS_SPLIT_USR, NULL); + if (r < 0) + return r; + +diff --git a/src/resolve/meson.build b/src/resolve/meson.build +index d336b2c07bf4..ae1bc2a825dc 100644 +--- a/src/resolve/meson.build ++++ b/src/resolve/meson.build +@@ -144,6 +144,7 @@ executables += [ + files('resolved.c'), + 'include_directories' : resolve_includes, + 'link_with' : link_with, ++ 'install_dir': rootlibexecdir, + 'dependencies' : systemd_resolved_dependencies, + }, + executable_template + { +@@ -152,6 +153,7 @@ executables += [ + 'conditions' : ['ENABLE_RESOLVE'], + 'sources' : resolvectl_sources, + 'link_with' : link_with, ++ 'install_dir': rootbindir, + 'dependencies' : [ + lib_openssl_or_gcrypt, + libidn, +@@ -231,17 +233,17 @@ if conf.get('ENABLE_RESOLVE') == 1 + install_data('org.freedesktop.resolve1.policy', + install_dir : polkitpolicydir) + install_data('resolv.conf', +- install_dir : libexecdir) ++ install_dir : rootlibexecdir) + +- install_emptydir(sbindir) ++ install_emptydir(rootsbindir) + meson.add_install_script(sh, '-c', +- ln_s.format(bindir / 'resolvectl', +- sbindir / 'resolvconf')) ++ ln_s.format(rootbindir / 'resolvectl', ++ rootsbindir / 'resolvconf')) + + # symlink for backwards compatibility after rename + meson.add_install_script(sh, '-c', +- ln_s.format(bindir / 'resolvectl', +- bindir / 'systemd-resolve')) ++ ln_s.format(rootbindir / 'resolvectl', ++ rootbindir / 'systemd-resolve')) + endif + + custom_target( +diff --git a/src/rpm/macros.systemd.in b/src/rpm/macros.systemd.in +index ce65ec670042..815e8ce9c838 100644 +--- a/src/rpm/macros.systemd.in ++++ b/src/rpm/macros.systemd.in +@@ -5,7 +5,7 @@ + + # RPM macros for packages installing systemd unit files + +-%_systemd_util_dir {{LIBEXECDIR}} ++%_systemd_util_dir {{ROOTLIBEXECDIR}} + %_unitdir {{SYSTEM_DATA_UNIT_DIR}} + %_userunitdir {{USER_DATA_UNIT_DIR}} + %_presetdir {{SYSTEM_PRESET_DIR}} +@@ -187,10 +187,10 @@ SYSTEMD_INLINE_EOF\ + + %sysctl_apply() \ + %{expand:%%{?__systemd_someargs_%#:%%__systemd_someargs_%# sysctl_apply}} \ +-[ -x {{LIBEXECDIR}}/systemd-sysctl ] && {{LIBEXECDIR}}/systemd-sysctl %{?*} || : \ ++[ -x {{ROOTLIBEXECDIR}}/systemd-sysctl ] && {{ROOTLIBEXECDIR}}/systemd-sysctl %{?*} || : \ + %{nil} + + %binfmt_apply() \ + %{expand:%%{?__systemd_someargs_%#:%%__systemd_someargs_%# binfmt_apply}} \ +-[ -x {{LIBEXECDIR}}/systemd-binfmt ] && {{LIBEXECDIR}}/systemd-binfmt %{?*} || : \ ++[ -x {{ROOTLIBEXECDIR}}/systemd-binfmt ] && {{ROOTLIBEXECDIR}}/systemd-binfmt %{?*} || : \ + %{nil} +diff --git a/src/rpm/meson.build b/src/rpm/meson.build +index af39ff145ab9..817665912a9f 100644 +--- a/src/rpm/meson.build ++++ b/src/rpm/meson.build +@@ -3,8 +3,8 @@ + in_files = [ + ['macros.systemd', rpmmacrosdir != 'no', rpmmacrosdir], + +- # we conditionalize on rpmmacrosdir, but install into libexecdir +- ['systemd-update-helper', rpmmacrosdir != 'no', libexecdir], ++ # we conditionalize on rpmmacrosdir, but install into rootlibexecdir ++ ['systemd-update-helper', rpmmacrosdir != 'no', rootlibexecdir], + + ['triggers.systemd', false], + ['triggers.systemd.sh', false]] +diff --git a/src/rpm/triggers.systemd.in b/src/rpm/triggers.systemd.in +index d480ab84b6bb..60b963fffdfd 100644 +--- a/src/rpm/triggers.systemd.in ++++ b/src/rpm/triggers.systemd.in +@@ -58,7 +58,7 @@ assert(rpm.execute("journalctl", "--update-catalog")) + -- This script will automatically apply binfmt rules if files have been + -- installed or updated in {{BINFMT_DIR}}. + if posix.access("/run/systemd/system") then +- assert(rpm.execute("{{LIBEXECDIR}}/systemd-binfmt")) ++ assert(rpm.execute("{{ROOTLIBEXECDIR}}/systemd-binfmt")) + end + + %transfiletriggerin -P 1000600 -p -- {{TMPFILES_DIR}} +@@ -78,5 +78,5 @@ end + -- This script will automatically apply sysctl rules if files have been + -- installed or updated in {{SYSCTL_DIR}}. + if posix.access("/run/systemd/system") then +- assert(rpm.execute("{{LIBEXECDIR}}/systemd-sysctl")) ++ assert(rpm.execute("{{ROOTLIBEXECDIR}}/systemd-sysctl")) + end +diff --git a/src/rpm/triggers.systemd.sh.in b/src/rpm/triggers.systemd.sh.in +index 1b94f7d73a05..8c301f5ed9d6 100644 +--- a/src/rpm/triggers.systemd.sh.in ++++ b/src/rpm/triggers.systemd.sh.in +@@ -61,7 +61,7 @@ journalctl --update-catalog || : + if test -d "/run/systemd/system"; then + # systemd-binfmt might fail if binfmt_misc kernel module is not loaded + # during install +- {{LIBEXECDIR}}/systemd-binfmt || : ++ {{ROOTLIBEXECDIR}}/systemd-binfmt || : + fi + + %transfiletriggerin -P 1000600 -- {{TMPFILES_DIR}} +@@ -83,5 +83,5 @@ fi + # This script will automatically apply sysctl rules if files have been + # installed or updated in {{SYSCTL_DIR}}. + if test -d "/run/systemd/system"; then +- {{LIBEXECDIR}}/systemd-sysctl || : ++ {{ROOTLIBEXECDIR}}/systemd-sysctl || : + fi +diff --git a/src/shared/install.c b/src/shared/install.c +index 53566b7eef7f..50e899274450 100644 +--- a/src/shared/install.c ++++ b/src/shared/install.c +@@ -266,6 +266,11 @@ static int path_is_vendor_or_generator(const LookupPaths *lp, const char *path) + if (path_startswith(rpath, "/usr")) + return true; + ++#if HAVE_SPLIT_USR ++ if (path_startswith(rpath, "/lib")) ++ return true; ++#endif ++ + if (path_is_generator(lp, rpath)) + return true; + +diff --git a/src/shared/kbd-util.c b/src/shared/kbd-util.c +index 60e0429b82a8..2b918138cb67 100644 +--- a/src/shared/kbd-util.c ++++ b/src/shared/kbd-util.c +@@ -14,7 +14,8 @@ + #define KBD_KEYMAP_DIRS \ + "/usr/share/keymaps/", \ + "/usr/share/kbd/keymaps/", \ +- "/usr/lib/kbd/keymaps/" ++ "/usr/lib/kbd/keymaps/", \ ++ "/lib/kbd/keymaps/" + + int keymap_directories(char ***ret) { + assert(ret); +diff --git a/src/shared/meson.build b/src/shared/meson.build +index e513c0ec1c27..e7ce0cf4935c 100644 +--- a/src/shared/meson.build ++++ b/src/shared/meson.build +@@ -363,7 +363,7 @@ libshared = shared_library( + dependencies : [libshared_deps, + userspace], + install : true, +- install_dir : pkglibdir) ++ install_dir : rootpkglibdir) + + shared_fdisk_sources = files('fdisk-util.c') + +diff --git a/src/shared/resolve-util.h b/src/shared/resolve-util.h +index 2d210f9af755..7c9008c7053f 100644 +--- a/src/shared/resolve-util.h ++++ b/src/shared/resolve-util.h +@@ -96,4 +96,4 @@ DnsCacheMode dns_cache_mode_from_string(const char *s) _pure_; + #define PRIVATE_STUB_RESOLV_CONF "/run/systemd/resolve/stub-resolv.conf" + + /* A static resolv.conf file containing no domains, but only our own DNS server address */ +-#define PRIVATE_STATIC_RESOLV_CONF LIBEXECDIR "/resolv.conf" ++#define PRIVATE_STATIC_RESOLV_CONF ROOTLIBEXECDIR "/resolv.conf" +diff --git a/src/shared/userdb-dropin.h b/src/shared/userdb-dropin.h +index 3bd1b9c8451f..fad3981f7c6b 100644 +--- a/src/shared/userdb-dropin.h ++++ b/src/shared/userdb-dropin.h +@@ -13,7 +13,8 @@ + "/run/" n "\0" \ + "/run/host/" n "\0" \ + "/usr/local/lib/" n "\0" \ +- "/usr/lib/" n "\0" ++ "/usr/lib/" n "\0" \ ++ _CONF_PATHS_SPLIT_USR_NULSTR(n) + + int dropin_user_record_by_name(const char *name, const char *path, UserDBFlags flags, UserRecord **ret); + int dropin_user_record_by_uid(uid_t uid, const char *path, UserDBFlags flags, UserRecord **ret); +diff --git a/src/shared/userdb.c b/src/shared/userdb.c +index 75dece344293..353388125f79 100644 +--- a/src/shared/userdb.c ++++ b/src/shared/userdb.c +@@ -1448,7 +1448,7 @@ int userdb_block_nss_systemd(int b) { + + /* Note that we might be called from libnss_systemd.so.2 itself, but that should be fine, really. */ + +- dl = dlopen(LIBDIR "/libnss_systemd.so.2", RTLD_LAZY|RTLD_NODELETE); ++ dl = dlopen(ROOTLIBDIR "/libnss_systemd.so.2", RTLD_LAZY|RTLD_NODELETE); + if (!dl) { + /* If the file isn't installed, don't complain loudly */ + log_debug("Failed to dlopen(libnss_systemd.so.2), ignoring: %s", dlerror()); +diff --git a/src/sysext/meson.build b/src/sysext/meson.build +index 2983970d802a..09b68fde382a 100644 +--- a/src/sysext/meson.build ++++ b/src/sysext/meson.build +@@ -10,6 +10,6 @@ executables += [ + ] + + if conf.get('ENABLE_SYSEXT') == 1 +- meson.add_install_script(sh, '-c', ln_s.format(bindir / 'systemd-sysext', +- bindir / 'systemd-confext')) ++ meson.add_install_script(sh, '-c', ln_s.format(rootbindir / 'systemd-sysext', ++ rootbindir / 'systemd-confext')) + endif +diff --git a/src/systemctl/meson.build b/src/systemctl/meson.build +index 88f73bf502a7..30d173ed123c 100644 +--- a/src/systemctl/meson.build ++++ b/src/systemctl/meson.build +@@ -53,6 +53,7 @@ executables += [ + 'public' : true, + 'sources' : systemctl_sources, + 'link_with' : systemctl_link_with, ++ 'install_dir' : rootbindir, + 'dependencies' : [ + libcap, + liblz4_cflags, +diff --git a/src/systemctl/systemctl-sysv-compat.c b/src/systemctl/systemctl-sysv-compat.c +index 8ee16eb13f88..b55675c83aa1 100644 +--- a/src/systemctl/systemctl-sysv-compat.c ++++ b/src/systemctl/systemctl-sysv-compat.c +@@ -137,7 +137,7 @@ int enable_sysv_units(const char *verb, char **args) { + while (args[f]) { + + const char *argv[] = { +- LIBEXECDIR "/systemd-sysv-install", ++ ROOTLIBEXECDIR "/systemd-sysv-install", + NULL, /* --root= */ + NULL, /* verb */ + NULL, /* service */ +diff --git a/src/udev/meson.build b/src/udev/meson.build +index 3535551e7440..33d9aef9fbad 100644 +--- a/src/udev/meson.build ++++ b/src/udev/meson.build +@@ -97,7 +97,7 @@ link_config_gperf_c = custom_target( + + if get_option('link-udev-shared') + udev_link_with = [libshared] +- udev_rpath = pkglibdir ++ udev_rpath = rootpkglibdir + else + udev_link_with = [libshared_static, + libsystemd_static] +diff --git a/src/userdb/20-systemd-userdb.conf.in b/src/userdb/20-systemd-userdb.conf.in +index 031fc3a4b89b..823907a5fe31 100644 +--- a/src/userdb/20-systemd-userdb.conf.in ++++ b/src/userdb/20-systemd-userdb.conf.in +@@ -2,5 +2,5 @@ + # + # Make sure SSH authorized keys recorded in user records can be consumed by SSH + # +-AuthorizedKeysCommand {{BINDIR}}/userdbctl ssh-authorized-keys %u ++AuthorizedKeysCommand {{ROOTBINDIR}}/userdbctl ssh-authorized-keys %u + AuthorizedKeysCommandUser root +diff --git a/src/xdg-autostart-generator/xdg-autostart-service.c b/src/xdg-autostart-generator/xdg-autostart-service.c +index 480d1009c3e5..6778c90535b2 100644 +--- a/src/xdg-autostart-generator/xdg-autostart-service.c ++++ b/src/xdg-autostart-generator/xdg-autostart-service.c +@@ -668,7 +668,7 @@ int xdg_autostart_service_generate_unit( + + /* Just assume the values are reasonably sane */ + fprintf(f, +- "ExecCondition=" LIBEXECDIR "/systemd-xdg-autostart-condition \"%s\" \"%s\"\n", ++ "ExecCondition=" ROOTLIBEXECDIR "/systemd-xdg-autostart-condition \"%s\" \"%s\"\n", + e_only_show_in, + e_not_show_in); + } +diff --git a/sysctl.d/50-coredump.conf.in b/sysctl.d/50-coredump.conf.in +index 90c080bdfefa..5fb551a8cf9f 100644 +--- a/sysctl.d/50-coredump.conf.in ++++ b/sysctl.d/50-coredump.conf.in +@@ -13,7 +13,7 @@ + # the core dump. + # + # See systemd-coredump(8) and core(5). +-kernel.core_pattern=|{{LIBEXECDIR}}/systemd-coredump %P %u %g %s %t %c %h ++kernel.core_pattern=|{{ROOTLIBEXECDIR}}/systemd-coredump %P %u %g %s %t %c %h + + # Allow 16 coredumps to be dispatched in parallel by the kernel. + # We collect metadata from /proc/%P/, and thus need to make sure the crashed +diff --git a/test/fuzz/fuzz-catalog/systemd.pl.catalog b/test/fuzz/fuzz-catalog/systemd.pl.catalog +index 99a62ce5e0b6..a064813fab94 100644 +--- a/test/fuzz/fuzz-catalog/systemd.pl.catalog ++++ b/test/fuzz/fuzz-catalog/systemd.pl.catalog +@@ -376,6 +376,8 @@ Defined-By: systemd + Support: https://lists.freedesktop.org/mailman/listinfo/systemd-devel + + Możliwe są następujące „etykiety”: ++• „split-usr” — /usr jest oddzielnym systemem plików, który nie był ++ zamontowany w czasie uruchomienia systemd, + • „cgroups-missing” — jądro zostało skompilowane bez obsługi cgroups + lub dostęp do oczekiwanych plików interfejsu jest ograniczony, + • „var-run-bad” — /var/run nie jest dowiązaniem symbolicznym do /run, +diff --git a/test/test-fstab-generator.sh b/test/test-fstab-generator.sh +index af8fa7c226d5..476312133e43 100755 +--- a/test/test-fstab-generator.sh ++++ b/test/test-fstab-generator.sh +@@ -59,6 +59,11 @@ test_one() ( + touch "$i" + done + ++ # For split-usr system ++ for i in "$out"/systemd-*.service; do ++ sed -i -e 's:ExecStart=/lib/systemd/:ExecStart=/usr/lib/systemd/:' "$i" ++ done ++ + if [[ "${input##*/}" =~ \.fstab\.input ]]; then + for i in "$out"/*.{automount,mount,swap}; do + sed -i -e 's:SourcePath=.*$:SourcePath=/etc/fstab:' "$i" +diff --git a/test/test-functions b/test/test-functions +index 04fe20f5478c..5ed9041eb182 100644 +--- a/test/test-functions ++++ b/test/test-functions +@@ -95,7 +95,7 @@ else + fi + + if ! ROOTLIBDIR=$(pkg-config --variable=systemdutildir systemd); then +- echo "WARNING! Cannot determine libdir from pkg-config, assuming /usr/lib/systemd" >&2 ++ echo "WARNING! Cannot determine rootlibdir from pkg-config, assuming /usr/lib/systemd" >&2 + ROOTLIBDIR=/usr/lib/systemd + fi + +@@ -2183,6 +2183,14 @@ install_keymaps() { + + dinfo "Install console keymaps" + ++ if command -v meson >/dev/null \ ++ && [[ "$(meson configure "${BUILD_DIR:?}" | grep 'split-usr' | awk '{ print $2 }')" == "true" ]] \ ++ || [[ ! -L /lib ]]; then ++ prefix+=( ++ "/lib" ++ ) ++ fi ++ + if (( $# == 0 )); then + for p in "${prefix[@]}"; do + # The first three paths may be deprecated. +diff --git a/units/emergency.service.in b/units/emergency.service.in +index 25aa8ec5106d..c21336ff0251 100644 +--- a/units/emergency.service.in ++++ b/units/emergency.service.in +@@ -20,7 +20,7 @@ Before=rescue.service + Environment=HOME=/root + WorkingDirectory=-/root + ExecStartPre=-plymouth --wait quit +-ExecStart=-{{LIBEXECDIR}}/systemd-sulogin-shell emergency ++ExecStart=-{{ROOTLIBEXECDIR}}/systemd-sulogin-shell emergency + Type=idle + StandardInput=tty-force + StandardOutput=inherit +diff --git a/units/initrd-parse-etc.service.in b/units/initrd-parse-etc.service.in +index 1eef2bd9be8b..fb8c941832bc 100644 +--- a/units/initrd-parse-etc.service.in ++++ b/units/initrd-parse-etc.service.in +@@ -23,7 +23,7 @@ OnFailureJobMode=replace-irreversibly + [Service] + Type=oneshot + +-ExecStart={{LIBEXECDIR}}/systemd-sysroot-fstab-check ++ExecStart={{ROOTLIBEXECDIR}}/systemd-sysroot-fstab-check + + # We want to enqueue initrd-cleanup.service/start after we finished the part + # above. It can't be part of the initial transaction, because non-oneshot units +diff --git a/units/rescue.service.in b/units/rescue.service.in +index add604724a7e..c95a44dcdbc6 100644 +--- a/units/rescue.service.in ++++ b/units/rescue.service.in +@@ -19,7 +19,7 @@ Before=shutdown.target + Environment=HOME=/root + WorkingDirectory=-/root + ExecStartPre=-plymouth --wait quit +-ExecStart=-{{LIBEXECDIR}}/systemd-sulogin-shell rescue ++ExecStart=-{{ROOTLIBEXECDIR}}/systemd-sulogin-shell rescue + Type=idle + StandardInput=tty-force + StandardOutput=inherit +diff --git a/units/systemd-backlight@.service.in b/units/systemd-backlight@.service.in +index e7e35ecf0d0b..981d0f278ee3 100644 +--- a/units/systemd-backlight@.service.in ++++ b/units/systemd-backlight@.service.in +@@ -19,7 +19,7 @@ Before=sysinit.target shutdown.target + [Service] + Type=oneshot + RemainAfterExit=yes +-ExecStart={{LIBEXECDIR}}/systemd-backlight load %i +-ExecStop={{LIBEXECDIR}}/systemd-backlight save %i ++ExecStart={{ROOTLIBEXECDIR}}/systemd-backlight load %i ++ExecStop={{ROOTLIBEXECDIR}}/systemd-backlight save %i + TimeoutSec=90s + StateDirectory=systemd/backlight +diff --git a/units/systemd-battery-check.service.in b/units/systemd-battery-check.service.in +index ee87118a074b..30d5ea145fc8 100644 +--- a/units/systemd-battery-check.service.in ++++ b/units/systemd-battery-check.service.in +@@ -22,5 +22,5 @@ Before=initrd-root-device.target systemd-hibernate-resume.service + [Service] + Type=oneshot + RemainAfterExit=yes +-ExecStart={{LIBEXECDIR}}/systemd-battery-check ++ExecStart={{ROOTLIBEXECDIR}}/systemd-battery-check + FailureAction=poweroff-force +diff --git a/units/systemd-binfmt.service.in b/units/systemd-binfmt.service.in +index 318bf8efc290..44024436b13d 100644 +--- a/units/systemd-binfmt.service.in ++++ b/units/systemd-binfmt.service.in +@@ -28,6 +28,6 @@ ConditionDirectoryNotEmpty=|/run/binfmt.d + [Service] + Type=oneshot + RemainAfterExit=yes +-ExecStart={{LIBEXECDIR}}/systemd-binfmt +-ExecStop={{LIBEXECDIR}}/systemd-binfmt --unregister ++ExecStart={{ROOTLIBEXECDIR}}/systemd-binfmt ++ExecStop={{ROOTLIBEXECDIR}}/systemd-binfmt --unregister + TimeoutSec=90s +diff --git a/units/systemd-bless-boot.service.in b/units/systemd-bless-boot.service.in +index e7a45481447d..557f77b16f63 100644 +--- a/units/systemd-bless-boot.service.in ++++ b/units/systemd-bless-boot.service.in +@@ -19,4 +19,4 @@ Before=shutdown.target + [Service] + Type=oneshot + RemainAfterExit=yes +-ExecStart={{LIBEXECDIR}}/systemd-bless-boot good ++ExecStart={{ROOTLIBEXECDIR}}/systemd-bless-boot good +diff --git a/units/systemd-boot-check-no-failures.service.in b/units/systemd-boot-check-no-failures.service.in +index 2e17cb9c8e8b..2eb4c79966ed 100644 +--- a/units/systemd-boot-check-no-failures.service.in ++++ b/units/systemd-boot-check-no-failures.service.in +@@ -16,7 +16,7 @@ Before=boot-complete.target + [Service] + Type=oneshot + RemainAfterExit=yes +-ExecStart={{LIBEXECDIR}}/systemd-boot-check-no-failures ++ExecStart={{ROOTLIBEXECDIR}}/systemd-boot-check-no-failures + + [Install] + RequiredBy=boot-complete.target +diff --git a/units/systemd-coredump@.service.in b/units/systemd-coredump@.service.in +index 012c60d2f684..15bfb243b41d 100644 +--- a/units/systemd-coredump@.service.in ++++ b/units/systemd-coredump@.service.in +@@ -17,7 +17,7 @@ Requires=systemd-journald.socket + Before=shutdown.target + + [Service] +-ExecStart=-{{LIBEXECDIR}}/systemd-coredump ++ExecStart=-{{ROOTLIBEXECDIR}}/systemd-coredump + IPAddressDeny=any + LockPersonality=yes + MemoryDenyWriteExecute=yes +diff --git a/units/systemd-fsck-root.service.in b/units/systemd-fsck-root.service.in +index ebe8262a49e2..8cfbe7ce9879 100644 +--- a/units/systemd-fsck-root.service.in ++++ b/units/systemd-fsck-root.service.in +@@ -20,5 +20,5 @@ OnFailureJobMode=replace-irreversibly + [Service] + Type=oneshot + RemainAfterExit=yes +-ExecStart={{LIBEXECDIR}}/systemd-fsck ++ExecStart={{ROOTLIBEXECDIR}}/systemd-fsck + TimeoutSec=infinity +diff --git a/units/systemd-fsck@.service.in b/units/systemd-fsck@.service.in +index 8eb4821d41f5..a3a7a2e36720 100644 +--- a/units/systemd-fsck@.service.in ++++ b/units/systemd-fsck@.service.in +@@ -20,5 +20,5 @@ Before=systemd-quotacheck.service shutdown.target + [Service] + Type=oneshot + RemainAfterExit=yes +-ExecStart={{LIBEXECDIR}}/systemd-fsck %f ++ExecStart={{ROOTLIBEXECDIR}}/systemd-fsck %f + TimeoutSec=infinity +diff --git a/units/systemd-growfs-root.service.in b/units/systemd-growfs-root.service.in +index a6568638b02c..0468774cb002 100644 +--- a/units/systemd-growfs-root.service.in ++++ b/units/systemd-growfs-root.service.in +@@ -19,5 +19,5 @@ Before=shutdown.target + [Service] + Type=oneshot + RemainAfterExit=yes +-ExecStart={{LIBEXECDIR}}/systemd-growfs / ++ExecStart={{ROOTLIBEXECDIR}}/systemd-growfs / + TimeoutSec=infinity +diff --git a/units/systemd-growfs@.service.in b/units/systemd-growfs@.service.in +index 8099b1ea4701..90fb0a86619b 100644 +--- a/units/systemd-growfs@.service.in ++++ b/units/systemd-growfs@.service.in +@@ -20,5 +20,5 @@ Before=shutdown.target + [Service] + Type=oneshot + RemainAfterExit=yes +-ExecStart={{LIBEXECDIR}}/systemd-growfs %f ++ExecStart={{ROOTLIBEXECDIR}}/systemd-growfs %f + TimeoutSec=infinity +diff --git a/units/systemd-hibernate.service.in b/units/systemd-hibernate.service.in +index c43195bc076d..94181fcc6d1b 100644 +--- a/units/systemd-hibernate.service.in ++++ b/units/systemd-hibernate.service.in +@@ -16,4 +16,4 @@ After=sleep.target + + [Service] + Type=oneshot +-ExecStart={{LIBEXECDIR}}/systemd-sleep hibernate ++ExecStart={{ROOTLIBEXECDIR}}/systemd-sleep hibernate +diff --git a/units/systemd-homed.service.in b/units/systemd-homed.service.in +index b54e5d30b200..2063f6ddfd7d 100644 +--- a/units/systemd-homed.service.in ++++ b/units/systemd-homed.service.in +@@ -20,7 +20,7 @@ DeviceAllow=/dev/loop-control rw + DeviceAllow=/dev/mapper/control rw + DeviceAllow=block-* rw + DeviceAllow=char-hidraw rw +-ExecStart={{LIBEXECDIR}}/systemd-homed ++ExecStart={{ROOTLIBEXECDIR}}/systemd-homed + KillMode=mixed + LimitNOFILE={{HIGH_RLIMIT_NOFILE}} + LockPersonality=yes +diff --git a/units/systemd-hostnamed.service.in b/units/systemd-hostnamed.service.in +index ab00c24b53b2..48bffe3e4e72 100644 +--- a/units/systemd-hostnamed.service.in ++++ b/units/systemd-hostnamed.service.in +@@ -18,7 +18,7 @@ Documentation=man:org.freedesktop.hostname1(5) + Type=notify + BusName=org.freedesktop.hostname1 + CapabilityBoundingSet=CAP_SYS_ADMIN +-ExecStart={{LIBEXECDIR}}/systemd-hostnamed ++ExecStart={{ROOTLIBEXECDIR}}/systemd-hostnamed + IPAddressDeny=any + LockPersonality=yes + MemoryDenyWriteExecute=yes +diff --git a/units/systemd-hybrid-sleep.service.in b/units/systemd-hybrid-sleep.service.in +index c85215bdacfd..ec5142085e82 100644 +--- a/units/systemd-hybrid-sleep.service.in ++++ b/units/systemd-hybrid-sleep.service.in +@@ -16,4 +16,4 @@ After=sleep.target + + [Service] + Type=oneshot +-ExecStart={{LIBEXECDIR}}/systemd-sleep hybrid-sleep ++ExecStart={{ROOTLIBEXECDIR}}/systemd-sleep hybrid-sleep +diff --git a/units/systemd-importd.service.in b/units/systemd-importd.service.in +index daa93776e178..dab382a55fa3 100644 +--- a/units/systemd-importd.service.in ++++ b/units/systemd-importd.service.in +@@ -14,7 +14,7 @@ Documentation=man:org.freedesktop.import1(5) + + [Service] + Type=notify +-ExecStart={{LIBEXECDIR}}/systemd-importd ++ExecStart={{ROOTLIBEXECDIR}}/systemd-importd + BusName=org.freedesktop.import1 + KillMode=mixed + CapabilityBoundingSet=CAP_CHOWN CAP_FOWNER CAP_FSETID CAP_MKNOD CAP_SETFCAP CAP_SYS_ADMIN CAP_SETPCAP CAP_DAC_OVERRIDE CAP_LINUX_IMMUTABLE +diff --git a/units/systemd-initctl.service.in b/units/systemd-initctl.service.in +index 6a19058186ca..efac5c4b1143 100644 +--- a/units/systemd-initctl.service.in ++++ b/units/systemd-initctl.service.in +@@ -13,7 +13,7 @@ Documentation=man:systemd-initctl.service(8) + DefaultDependencies=no + + [Service] +-ExecStart={{LIBEXECDIR}}/systemd-initctl ++ExecStart={{ROOTLIBEXECDIR}}/systemd-initctl + NoNewPrivileges=yes + NotifyAccess=all + SystemCallArchitectures=native +diff --git a/units/systemd-journal-gatewayd.service.in b/units/systemd-journal-gatewayd.service.in +index 27ae42cccee8..81c53fa01f41 100644 +--- a/units/systemd-journal-gatewayd.service.in ++++ b/units/systemd-journal-gatewayd.service.in +@@ -14,7 +14,7 @@ Requires=systemd-journal-gatewayd.socket + + [Service] + DynamicUser=yes +-ExecStart={{LIBEXECDIR}}/systemd-journal-gatewayd ++ExecStart={{ROOTLIBEXECDIR}}/systemd-journal-gatewayd + LockPersonality=yes + MemoryDenyWriteExecute=yes + PrivateDevices=yes +diff --git a/units/systemd-journal-remote.service.in b/units/systemd-journal-remote.service.in +index 651741099055..d8f28f252c0e 100644 +--- a/units/systemd-journal-remote.service.in ++++ b/units/systemd-journal-remote.service.in +@@ -13,7 +13,7 @@ Documentation=man:systemd-journal-remote(8) man:journal-remote.conf(5) + Requires=systemd-journal-remote.socket + + [Service] +-ExecStart={{LIBEXECDIR}}/systemd-journal-remote --listen-https=-3 --output=/var/log/journal/remote/ ++ExecStart={{ROOTLIBEXECDIR}}/systemd-journal-remote --listen-https=-3 --output=/var/log/journal/remote/ + LockPersonality=yes + LogsDirectory=journal/remote + MemoryDenyWriteExecute=yes +diff --git a/units/systemd-journal-upload.service.in b/units/systemd-journal-upload.service.in +index 273511e72f7f..7e64870e9d5d 100644 +--- a/units/systemd-journal-upload.service.in ++++ b/units/systemd-journal-upload.service.in +@@ -15,7 +15,7 @@ After=network-online.target + + [Service] + DynamicUser=yes +-ExecStart={{LIBEXECDIR}}/systemd-journal-upload --save-state ++ExecStart={{ROOTLIBEXECDIR}}/systemd-journal-upload --save-state + LockPersonality=yes + MemoryDenyWriteExecute=yes + PrivateDevices=yes +diff --git a/units/systemd-journald.service.in b/units/systemd-journald.service.in +index 4404af963bb4..669d3bef9a9f 100644 +--- a/units/systemd-journald.service.in ++++ b/units/systemd-journald.service.in +@@ -30,7 +30,7 @@ IgnoreOnIsolate=yes + + [Service] + DeviceAllow=char-* rw +-ExecStart={{LIBEXECDIR}}/systemd-journald ++ExecStart={{ROOTLIBEXECDIR}}/systemd-journald + FileDescriptorStoreMax=4224 + # Ensure services using StandardOutput=journal do not break when journald is stopped + FileDescriptorStorePreserve=yes +diff --git a/units/systemd-journald@.service.in b/units/systemd-journald@.service.in +index b705ce08ff5c..35c998285f2f 100644 +--- a/units/systemd-journald@.service.in ++++ b/units/systemd-journald@.service.in +@@ -16,7 +16,7 @@ After=systemd-journald@%i.socket systemd-journald-varlink@%i.socket + [Service] + CapabilityBoundingSet=CAP_SYS_ADMIN CAP_DAC_OVERRIDE CAP_SYS_PTRACE CAP_CHOWN CAP_DAC_READ_SEARCH CAP_FOWNER CAP_SETUID CAP_SETGID CAP_MAC_OVERRIDE + DevicePolicy=closed +-ExecStart={{LIBEXECDIR}}/systemd-journald %i ++ExecStart={{ROOTLIBEXECDIR}}/systemd-journald %i + FileDescriptorStoreMax=4224 + Group=systemd-journal + IPAddressDeny=any +diff --git a/units/systemd-localed.service.in b/units/systemd-localed.service.in +index 4de89aa8ddd9..13020914d9a6 100644 +--- a/units/systemd-localed.service.in ++++ b/units/systemd-localed.service.in +@@ -18,7 +18,7 @@ Documentation=man:org.freedesktop.locale1(5) + Type=notify + BusName=org.freedesktop.locale1 + CapabilityBoundingSet= +-ExecStart={{LIBEXECDIR}}/systemd-localed ++ExecStart={{ROOTLIBEXECDIR}}/systemd-localed + IPAddressDeny=any + LockPersonality=yes + MemoryDenyWriteExecute=yes +diff --git a/units/systemd-logind.service.in b/units/systemd-logind.service.in +index cc1b6be429c9..2912301a3a41 100644 +--- a/units/systemd-logind.service.in ++++ b/units/systemd-logind.service.in +@@ -30,7 +30,7 @@ DeviceAllow=char-drm rw + DeviceAllow=char-input rw + DeviceAllow=char-tty rw + DeviceAllow=char-vcs rw +-ExecStart={{LIBEXECDIR}}/systemd-logind ++ExecStart={{ROOTLIBEXECDIR}}/systemd-logind + FileDescriptorStoreMax=768 + IPAddressDeny=any + LockPersonality=yes +diff --git a/units/systemd-machined.service.in b/units/systemd-machined.service.in +index 47aa5deeedc5..d3f8abd9e4c6 100644 +--- a/units/systemd-machined.service.in ++++ b/units/systemd-machined.service.in +@@ -19,7 +19,7 @@ RequiresMountsFor=/var/lib/machines + [Service] + BusName=org.freedesktop.machine1 + CapabilityBoundingSet=CAP_KILL CAP_SYS_PTRACE CAP_SYS_ADMIN CAP_SETGID CAP_SYS_CHROOT CAP_DAC_READ_SEARCH CAP_DAC_OVERRIDE CAP_CHOWN CAP_FOWNER CAP_FSETID CAP_MKNOD CAP_LINUX_IMMUTABLE +-ExecStart={{LIBEXECDIR}}/systemd-machined ++ExecStart={{ROOTLIBEXECDIR}}/systemd-machined + IPAddressDeny=any + LockPersonality=yes + MemoryDenyWriteExecute=yes +diff --git a/units/systemd-modules-load.service.in b/units/systemd-modules-load.service.in +index ad262fa13ab1..9c5be76d2181 100644 +--- a/units/systemd-modules-load.service.in ++++ b/units/systemd-modules-load.service.in +@@ -27,5 +27,5 @@ ConditionKernelCommandLine=|rd.modules_load + [Service] + Type=oneshot + RemainAfterExit=yes +-ExecStart={{LIBEXECDIR}}/systemd-modules-load ++ExecStart={{ROOTLIBEXECDIR}}/systemd-modules-load + TimeoutSec=90s +diff --git a/units/systemd-network-generator.service.in b/units/systemd-network-generator.service.in +index f7d13d308467..c5cf7b1cd0ea 100644 +--- a/units/systemd-network-generator.service.in ++++ b/units/systemd-network-generator.service.in +@@ -20,7 +20,7 @@ Before=shutdown.target initrd-switch-root.target + [Service] + Type=oneshot + RemainAfterExit=yes +-ExecStart={{LIBEXECDIR}}/systemd-network-generator ++ExecStart={{ROOTLIBEXECDIR}}/systemd-network-generator + ImportCredential=network.netdev.* + ImportCredential=network.link.* + ImportCredential=network.network.* +diff --git a/units/systemd-networkd-wait-online.service.in b/units/systemd-networkd-wait-online.service.in +index 7768121f5fc2..3dc5ce926527 100644 +--- a/units/systemd-networkd-wait-online.service.in ++++ b/units/systemd-networkd-wait-online.service.in +@@ -19,7 +19,7 @@ Before=network-online.target shutdown.target + + [Service] + Type=oneshot +-ExecStart={{LIBEXECDIR}}/systemd-networkd-wait-online ++ExecStart={{ROOTLIBEXECDIR}}/systemd-networkd-wait-online + RemainAfterExit=yes + + [Install] +diff --git a/units/systemd-networkd-wait-online@.service.in b/units/systemd-networkd-wait-online@.service.in +index 60d173490b38..b7a1e409f443 100644 +--- a/units/systemd-networkd-wait-online@.service.in ++++ b/units/systemd-networkd-wait-online@.service.in +@@ -19,7 +19,7 @@ Before=network-online.target shutdown.target + + [Service] + Type=oneshot +-ExecStart={{LIBEXECDIR}}/systemd-networkd-wait-online -i %i ++ExecStart={{ROOTLIBEXECDIR}}/systemd-networkd-wait-online -i %i + RemainAfterExit=yes + + [Install] +diff --git a/units/systemd-networkd.service.in b/units/systemd-networkd.service.in +index 6141fdbb6d78..cf7aff4caeda 100644 +--- a/units/systemd-networkd.service.in ++++ b/units/systemd-networkd.service.in +@@ -24,7 +24,7 @@ AmbientCapabilities=CAP_NET_ADMIN CAP_NET_BIND_SERVICE CAP_NET_BROADCAST CAP_NET + BusName=org.freedesktop.network1 + CapabilityBoundingSet=CAP_NET_ADMIN CAP_NET_BIND_SERVICE CAP_NET_BROADCAST CAP_NET_RAW + DeviceAllow=char-* rw +-ExecStart=!!{{LIBEXECDIR}}/systemd-networkd ++ExecStart=!!{{ROOTLIBEXECDIR}}/systemd-networkd + FileDescriptorStoreMax=512 + ImportCredential=network.wireguard.* + LockPersonality=yes +diff --git a/units/systemd-oomd.service.in b/units/systemd-oomd.service.in +index 82bd6245f83a..c138f5eefaff 100644 +--- a/units/systemd-oomd.service.in ++++ b/units/systemd-oomd.service.in +@@ -26,7 +26,7 @@ After=systemd-oomd.socket + AmbientCapabilities=CAP_KILL CAP_DAC_OVERRIDE + BusName=org.freedesktop.oom1 + CapabilityBoundingSet=CAP_KILL CAP_DAC_OVERRIDE +-ExecStart={{LIBEXECDIR}}/systemd-oomd ++ExecStart={{ROOTLIBEXECDIR}}/systemd-oomd + IPAddressDeny=any + LockPersonality=yes + MemoryDenyWriteExecute=yes +diff --git a/units/systemd-pcrfs-root.service.in b/units/systemd-pcrfs-root.service.in +index 5b40a91ca649..a3d78a27382f 100644 +--- a/units/systemd-pcrfs-root.service.in ++++ b/units/systemd-pcrfs-root.service.in +@@ -20,4 +20,4 @@ ConditionSecurity=measured-uki + [Service] + Type=oneshot + RemainAfterExit=yes +-ExecStart={{LIBEXECDIR}}/systemd-pcrextend --graceful --file-system=/ ++ExecStart={{ROOTLIBEXECDIR}}/systemd-pcrphase --graceful --file-system=/ +diff --git a/units/systemd-pcrfs@.service.in b/units/systemd-pcrfs@.service.in +index 203d7b9782e1..964422e603cf 100644 +--- a/units/systemd-pcrfs@.service.in ++++ b/units/systemd-pcrfs@.service.in +@@ -21,4 +21,4 @@ ConditionSecurity=measured-uki + [Service] + Type=oneshot + RemainAfterExit=yes +-ExecStart={{LIBEXECDIR}}/systemd-pcrextend --graceful --file-system=%f ++ExecStart={{ROOTLIBEXECDIR}}/systemd-pcrphase --graceful --file-system=%f +diff --git a/units/systemd-pcrmachine.service.in b/units/systemd-pcrmachine.service.in +index 65caf2ed4928..278c5b7640ae 100644 +--- a/units/systemd-pcrmachine.service.in ++++ b/units/systemd-pcrmachine.service.in +@@ -20,4 +20,4 @@ ConditionSecurity=measured-uki + [Service] + Type=oneshot + RemainAfterExit=yes +-ExecStart={{LIBEXECDIR}}/systemd-pcrextend --graceful --machine-id ++ExecStart={{ROOTLIBEXECDIR}}/systemd-pcrphase --graceful --machine-id +diff --git a/units/systemd-pcrphase-initrd.service.in b/units/systemd-pcrphase-initrd.service.in +index 6fcf94de76c5..c6b7e5975964 100644 +--- a/units/systemd-pcrphase-initrd.service.in ++++ b/units/systemd-pcrphase-initrd.service.in +@@ -20,5 +20,5 @@ ConditionSecurity=measured-uki + [Service] + Type=oneshot + RemainAfterExit=yes +-ExecStart={{LIBEXECDIR}}/systemd-pcrextend --graceful enter-initrd +-ExecStop={{LIBEXECDIR}}/systemd-pcrextend --graceful leave-initrd ++ExecStart={{ROOTLIBEXECDIR}}/systemd-pcrphase --graceful enter-initrd ++ExecStop={{ROOTLIBEXECDIR}}/systemd-pcrphase --graceful leave-initrd +diff --git a/units/systemd-pcrphase-sysinit.service.in b/units/systemd-pcrphase-sysinit.service.in +index 8c0c0c82a2c7..e4680609bf8e 100644 +--- a/units/systemd-pcrphase-sysinit.service.in ++++ b/units/systemd-pcrphase-sysinit.service.in +@@ -20,5 +20,5 @@ ConditionSecurity=measured-uki + [Service] + Type=oneshot + RemainAfterExit=yes +-ExecStart={{LIBEXECDIR}}/systemd-pcrextend --graceful sysinit +-ExecStop={{LIBEXECDIR}}/systemd-pcrextend --graceful final ++ExecStart={{ROOTLIBEXECDIR}}/systemd-pcrphase --graceful sysinit ++ExecStop={{ROOTLIBEXECDIR}}/systemd-pcrphase --graceful final +diff --git a/units/systemd-pcrphase.service.in b/units/systemd-pcrphase.service.in +index 04ace12e14d4..1c54df829ca3 100644 +--- a/units/systemd-pcrphase.service.in ++++ b/units/systemd-pcrphase.service.in +@@ -18,5 +18,5 @@ ConditionSecurity=measured-uki + [Service] + Type=oneshot + RemainAfterExit=yes +-ExecStart={{LIBEXECDIR}}/systemd-pcrextend --graceful ready +-ExecStop={{LIBEXECDIR}}/systemd-pcrextend --graceful shutdown ++ExecStart={{ROOTLIBEXECDIR}}/systemd-pcrphase --graceful ready ++ExecStop={{ROOTLIBEXECDIR}}/systemd-pcrphase --graceful shutdown +diff --git a/units/systemd-portabled.service.in b/units/systemd-portabled.service.in +index b4ec252c0394..ab660ce36c8d 100644 +--- a/units/systemd-portabled.service.in ++++ b/units/systemd-portabled.service.in +@@ -14,7 +14,7 @@ Documentation=man:org.freedesktop.portable1(5) + RequiresMountsFor=/var/lib/portables + + [Service] +-ExecStart={{LIBEXECDIR}}/systemd-portabled ++ExecStart={{ROOTLIBEXECDIR}}/systemd-portabled + BusName=org.freedesktop.portable1 + CapabilityBoundingSet=CAP_KILL CAP_SYS_PTRACE CAP_SYS_ADMIN CAP_SETGID CAP_SYS_CHROOT CAP_DAC_READ_SEARCH CAP_DAC_OVERRIDE CAP_CHOWN CAP_FOWNER CAP_FSETID CAP_MKNOD + MemoryDenyWriteExecute=yes +diff --git a/units/systemd-pstore.service.in b/units/systemd-pstore.service.in +index 0b5a20a3532e..02ac29caa4ed 100644 +--- a/units/systemd-pstore.service.in ++++ b/units/systemd-pstore.service.in +@@ -20,7 +20,7 @@ Wants=modprobe@efi_pstore.service + + [Service] + Type=oneshot +-ExecStart={{LIBEXECDIR}}/systemd-pstore ++ExecStart={{ROOTLIBEXECDIR}}/systemd-pstore + RemainAfterExit=yes + StateDirectory=systemd/pstore + +diff --git a/units/systemd-quotacheck@.service.in b/units/systemd-quotacheck@.service.in +index f2b8db7abb89..735dd76f2bae 100644 +--- a/units/systemd-quotacheck@.service.in ++++ b/units/systemd-quotacheck@.service.in +@@ -23,5 +23,5 @@ Conflicts=shutdown.target + [Service] + Type=oneshot + RemainAfterExit=yes +-ExecStart={{LIBEXECDIR}}/systemd-quotacheck %f ++ExecStart={{ROOTLIBEXECDIR}}/systemd-quotacheck %f + TimeoutSec=infinity +diff --git a/units/systemd-random-seed.service.in b/units/systemd-random-seed.service.in +index 99b5f33ea262..820fdd8536dd 100644 +--- a/units/systemd-random-seed.service.in ++++ b/units/systemd-random-seed.service.in +@@ -25,8 +25,8 @@ Before=shutdown.target + [Service] + Type=oneshot + RemainAfterExit=yes +-ExecStart={{LIBEXECDIR}}/systemd-random-seed load +-ExecStop={{LIBEXECDIR}}/systemd-random-seed save ++ExecStart={{ROOTLIBEXECDIR}}/systemd-random-seed load ++ExecStop={{ROOTLIBEXECDIR}}/systemd-random-seed save + + # This service waits until the kernel's entropy pool is initialized, and may be + # used as ordering barrier for service that require an initialized entropy +diff --git a/units/systemd-remount-fs.service.in b/units/systemd-remount-fs.service.in +index 4ac8978ff22f..cbb792ea68ee 100644 +--- a/units/systemd-remount-fs.service.in ++++ b/units/systemd-remount-fs.service.in +@@ -22,4 +22,4 @@ Before=shutdown.target + [Service] + Type=oneshot + RemainAfterExit=yes +-ExecStart={{LIBEXECDIR}}/systemd-remount-fs ++ExecStart={{ROOTLIBEXECDIR}}/systemd-remount-fs +diff --git a/units/systemd-repart.service b/units/systemd-repart.service +index 1f7e2a612a71..8285788a4fae 100644 +--- a/units/systemd-repart.service ++++ b/units/systemd-repart.service +@@ -29,7 +29,7 @@ Before=shutdown.target initrd-switch-root.target + [Service] + Type=oneshot + RemainAfterExit=yes +-ExecStart=systemd-repart --dry-run=no ++ExecStart={{ROOTBINDIR}}/systemd-repart --dry-run=no + + # The tool returns 76 if it can't find the root block device + SuccessExitStatus=76 +diff --git a/units/systemd-resolved.service.in b/units/systemd-resolved.service.in +index 4aa0788ac4e3..7305d7904bb3 100644 +--- a/units/systemd-resolved.service.in ++++ b/units/systemd-resolved.service.in +@@ -24,7 +24,7 @@ Wants=nss-lookup.target + AmbientCapabilities=CAP_SETPCAP CAP_NET_RAW CAP_NET_BIND_SERVICE + BusName=org.freedesktop.resolve1 + CapabilityBoundingSet=CAP_SETPCAP CAP_NET_RAW CAP_NET_BIND_SERVICE +-ExecStart=!!{{LIBEXECDIR}}/systemd-resolved ++ExecStart=!!{{ROOTLIBEXECDIR}}/systemd-resolved + LockPersonality=yes + MemoryDenyWriteExecute=yes + NoNewPrivileges=yes +diff --git a/units/systemd-rfkill.service.in b/units/systemd-rfkill.service.in +index 072ae643b087..a5b6cc4b7f91 100644 +--- a/units/systemd-rfkill.service.in ++++ b/units/systemd-rfkill.service.in +@@ -19,7 +19,7 @@ After=sys-devices-virtual-misc-rfkill.device + Before=shutdown.target + + [Service] +-ExecStart={{LIBEXECDIR}}/systemd-rfkill ++ExecStart={{ROOTLIBEXECDIR}}/systemd-rfkill + NoNewPrivileges=yes + StateDirectory=systemd/rfkill + TimeoutSec=90s +diff --git a/units/systemd-suspend-then-hibernate.service.in b/units/systemd-suspend-then-hibernate.service.in +index d7ab2c195e59..f9c96757be65 100644 +--- a/units/systemd-suspend-then-hibernate.service.in ++++ b/units/systemd-suspend-then-hibernate.service.in +@@ -16,4 +16,4 @@ After=sleep.target + + [Service] + Type=oneshot +-ExecStart={{LIBEXECDIR}}/systemd-sleep suspend-then-hibernate ++ExecStart={{ROOTLIBEXECDIR}}/systemd-sleep suspend-then-hibernate +diff --git a/units/systemd-suspend.service.in b/units/systemd-suspend.service.in +index aa264e860c5b..2515575e1040 100644 +--- a/units/systemd-suspend.service.in ++++ b/units/systemd-suspend.service.in +@@ -16,4 +16,4 @@ After=sleep.target + + [Service] + Type=oneshot +-ExecStart={{LIBEXECDIR}}/systemd-sleep suspend ++ExecStart={{ROOTLIBEXECDIR}}/systemd-sleep suspend +diff --git a/units/systemd-sysctl.service.in b/units/systemd-sysctl.service.in +index 4179753cde50..7307601a7dfb 100644 +--- a/units/systemd-sysctl.service.in ++++ b/units/systemd-sysctl.service.in +@@ -19,6 +19,6 @@ ConditionPathIsReadWrite=/proc/sys/net/ + [Service] + Type=oneshot + RemainAfterExit=yes +-ExecStart={{LIBEXECDIR}}/systemd-sysctl ++ExecStart={{ROOTLIBEXECDIR}}/systemd-sysctl + TimeoutSec=90s + ImportCredential=sysctl.* +diff --git a/units/systemd-sysupdate-reboot.service.in b/units/systemd-sysupdate-reboot.service.in +index 5d4011a21327..9d7b7d1657ad 100644 +--- a/units/systemd-sysupdate-reboot.service.in ++++ b/units/systemd-sysupdate-reboot.service.in +@@ -14,7 +14,7 @@ ConditionVirtualization=!container + + [Service] + Type=oneshot +-ExecStart={{LIBEXECDIR}}/systemd-sysupdate reboot ++ExecStart={{ROOTLIBEXECDIR}}/systemd-sysupdate reboot + + [Install] + Also=systemd-sysupdate-reboot.timer +diff --git a/units/systemd-sysupdate.service.in b/units/systemd-sysupdate.service.in +index 1becbec5edeb..085a9c4a22c2 100644 +--- a/units/systemd-sysupdate.service.in ++++ b/units/systemd-sysupdate.service.in +@@ -17,7 +17,7 @@ ConditionVirtualization=!container + [Service] + Type=simple + NotifyAccess=main +-ExecStart={{LIBEXECDIR}}/systemd-sysupdate update ++ExecStart={{ROOTLIBEXECDIR}}/systemd-sysupdate update + CapabilityBoundingSet=CAP_CHOWN CAP_FOWNER CAP_FSETID CAP_MKNOD CAP_SETFCAP CAP_SYS_ADMIN CAP_SETPCAP CAP_DAC_OVERRIDE CAP_LINUX_IMMUTABLE + NoNewPrivileges=yes + MemoryDenyWriteExecute=yes +diff --git a/units/systemd-time-wait-sync.service.in b/units/systemd-time-wait-sync.service.in +index 6b99393f6908..25adecc86b19 100644 +--- a/units/systemd-time-wait-sync.service.in ++++ b/units/systemd-time-wait-sync.service.in +@@ -28,7 +28,7 @@ Conflicts=shutdown.target + + [Service] + Type=oneshot +-ExecStart={{LIBEXECDIR}}/systemd-time-wait-sync ++ExecStart={{ROOTLIBEXECDIR}}/systemd-time-wait-sync + TimeoutStartSec=infinity + RemainAfterExit=yes + +diff --git a/units/systemd-timedated.service.in b/units/systemd-timedated.service.in +index 06c3306a6eb6..d73b398244b5 100644 +--- a/units/systemd-timedated.service.in ++++ b/units/systemd-timedated.service.in +@@ -18,7 +18,7 @@ Type=notify + BusName=org.freedesktop.timedate1 + CapabilityBoundingSet=CAP_SYS_TIME + DeviceAllow=char-rtc r +-ExecStart={{LIBEXECDIR}}/systemd-timedated ++ExecStart={{ROOTLIBEXECDIR}}/systemd-timedated + IPAddressDeny=any + LockPersonality=yes + MemoryDenyWriteExecute=yes +diff --git a/units/systemd-timesyncd.service.in b/units/systemd-timesyncd.service.in +index cf233fbffd4f..c60646109138 100644 +--- a/units/systemd-timesyncd.service.in ++++ b/units/systemd-timesyncd.service.in +@@ -26,7 +26,7 @@ CapabilityBoundingSet=CAP_SYS_TIME + # correct time to work, but we likely won't acquire that without NTP. Let's + # break this chicken-and-egg cycle here. + Environment=SYSTEMD_NSS_RESOLVE_VALIDATE=0 +-ExecStart=!!{{LIBEXECDIR}}/systemd-timesyncd ++ExecStart=!!{{ROOTLIBEXECDIR}}/systemd-timesyncd + LockPersonality=yes + MemoryDenyWriteExecute=yes + NoNewPrivileges=yes +diff --git a/units/systemd-udevd.service.in b/units/systemd-udevd.service.in +index f4a44820880d..3cc35a976848 100644 +--- a/units/systemd-udevd.service.in ++++ b/units/systemd-udevd.service.in +@@ -26,7 +26,7 @@ OOMScoreAdjust=-1000 + Sockets=systemd-udevd-control.socket systemd-udevd-kernel.socket + Restart=always + RestartSec=0 +-ExecStart={{LIBEXECDIR}}/systemd-udevd ++ExecStart={{ROOTLIBEXECDIR}}/systemd-udevd + KillMode=mixed + TasksMax=infinity + PrivateMounts=yes +diff --git a/units/systemd-update-done.service.in b/units/systemd-update-done.service.in +index 4ea43c7dca7e..53cc6dd621bd 100644 +--- a/units/systemd-update-done.service.in ++++ b/units/systemd-update-done.service.in +@@ -20,4 +20,4 @@ ConditionNeedsUpdate=|/var + [Service] + Type=oneshot + RemainAfterExit=yes +-ExecStart={{LIBEXECDIR}}/systemd-update-done ++ExecStart={{ROOTLIBEXECDIR}}/systemd-update-done +diff --git a/units/systemd-update-utmp-runlevel.service.in b/units/systemd-update-utmp-runlevel.service.in +index 17772d4576c4..18c92f9b5a4c 100644 +--- a/units/systemd-update-utmp-runlevel.service.in ++++ b/units/systemd-update-utmp-runlevel.service.in +@@ -22,4 +22,4 @@ Before=shutdown.target + + [Service] + Type=oneshot +-ExecStart={{LIBEXECDIR}}/systemd-update-utmp runlevel ++ExecStart={{ROOTLIBEXECDIR}}/systemd-update-utmp runlevel +diff --git a/units/systemd-update-utmp.service.in b/units/systemd-update-utmp.service.in +index 1a88b7b2b891..73a848390e95 100644 +--- a/units/systemd-update-utmp.service.in ++++ b/units/systemd-update-utmp.service.in +@@ -22,5 +22,5 @@ RequiresMountsFor=/var/log/wtmp + [Service] + Type=oneshot + RemainAfterExit=yes +-ExecStart={{LIBEXECDIR}}/systemd-update-utmp reboot +-ExecStop={{LIBEXECDIR}}/systemd-update-utmp shutdown ++ExecStart={{ROOTLIBEXECDIR}}/systemd-update-utmp reboot ++ExecStop={{ROOTLIBEXECDIR}}/systemd-update-utmp shutdown +diff --git a/units/systemd-user-sessions.service.in b/units/systemd-user-sessions.service.in +index ae694bf21b51..adca848c2a60 100644 +--- a/units/systemd-user-sessions.service.in ++++ b/units/systemd-user-sessions.service.in +@@ -15,5 +15,5 @@ After=remote-fs.target nss-user-lookup.target network.target home.mount + [Service] + Type=oneshot + RemainAfterExit=yes +-ExecStart={{LIBEXECDIR}}/systemd-user-sessions start +-ExecStop={{LIBEXECDIR}}/systemd-user-sessions stop ++ExecStart={{ROOTLIBEXECDIR}}/systemd-user-sessions start ++ExecStop={{ROOTLIBEXECDIR}}/systemd-user-sessions stop +diff --git a/units/systemd-userdbd.service.in b/units/systemd-userdbd.service.in +index 1c092654b99c..b57661100cd0 100644 +--- a/units/systemd-userdbd.service.in ++++ b/units/systemd-userdbd.service.in +@@ -17,7 +17,7 @@ DefaultDependencies=no + + [Service] + CapabilityBoundingSet=CAP_DAC_READ_SEARCH CAP_SYS_RESOURCE +-ExecStart={{LIBEXECDIR}}/systemd-userdbd ++ExecStart={{ROOTLIBEXECDIR}}/systemd-userdbd + IPAddressDeny=any + LimitNOFILE={{HIGH_RLIMIT_NOFILE}} + LockPersonality=yes +diff --git a/units/systemd-vconsole-setup.service.in b/units/systemd-vconsole-setup.service.in +index c6c5bc9130a3..2884e84e6cfe 100644 +--- a/units/systemd-vconsole-setup.service.in ++++ b/units/systemd-vconsole-setup.service.in +@@ -31,6 +31,6 @@ Type=oneshot + SuccessExitStatus=SIGTERM + RemainAfterExit=yes + +-ExecStart={{LIBEXECDIR}}/systemd-vconsole-setup ++ExecStart={{ROOTLIBEXECDIR}}/systemd-vconsole-setup + + ImportCredential=vconsole.* +diff --git a/units/systemd-volatile-root.service.in b/units/systemd-volatile-root.service.in +index 6f221dc5ecb4..5a0ec89fd685 100644 +--- a/units/systemd-volatile-root.service.in ++++ b/units/systemd-volatile-root.service.in +@@ -19,4 +19,4 @@ AssertPathExists=/etc/initrd-release + [Service] + Type=oneshot + RemainAfterExit=yes +-ExecStart={{LIBEXECDIR}}/systemd-volatile-root yes /sysroot ++ExecStart={{ROOTLIBEXECDIR}}/systemd-volatile-root yes /sysroot +diff --git a/units/user-runtime-dir@.service.in b/units/user-runtime-dir@.service.in +index 241e9267bb0c..e49eb20441fc 100644 +--- a/units/user-runtime-dir@.service.in ++++ b/units/user-runtime-dir@.service.in +@@ -14,8 +14,8 @@ After=systemd-logind.service dbus.service + IgnoreOnIsolate=yes + + [Service] +-ExecStart={{LIBEXECDIR}}/systemd-user-runtime-dir start %i +-ExecStop={{LIBEXECDIR}}/systemd-user-runtime-dir stop %i ++ExecStart={{ROOTLIBEXECDIR}}/systemd-user-runtime-dir start %i ++ExecStop={{ROOTLIBEXECDIR}}/systemd-user-runtime-dir stop %i + Type=oneshot + RemainAfterExit=yes + Slice=user-%i.slice +diff --git a/units/user@.service.in b/units/user@.service.in +index 569546574721..03791f338f8d 100644 +--- a/units/user@.service.in ++++ b/units/user@.service.in +@@ -18,7 +18,7 @@ IgnoreOnIsolate=yes + User=%i + PAMName=systemd-user + Type=notify-reload +-ExecStart={{LIBEXECDIR}}/systemd --user ++ExecStart={{ROOTLIBEXECDIR}}/systemd --user + Slice=user-%i.slice + KillMode=mixed + Delegate=pids memory cpu +-- +2.41.0 + diff --git a/sys-apps/systemd/files/0002-Use-XSI-strerror_r-instead-of-GNU-strerror_r.patch b/sys-apps/systemd/files/0002-Use-XSI-strerror_r-instead-of-GNU-strerror_r.patch new file mode 100644 index 0000000..f0fb421 --- /dev/null +++ b/sys-apps/systemd/files/0002-Use-XSI-strerror_r-instead-of-GNU-strerror_r.patch @@ -0,0 +1,165 @@ +From efaf94d0fde9fcd2ed890f4f8674c0c456d14610 Mon Sep 17 00:00:00 2001 +From: "A. Wilcox" +Date: Sun, 18 Aug 2024 02:01:56 -0500 +Subject: [PATCH 02/34] Use XSI strerror_r instead of GNU strerror_r +Content-Type: text/plain; charset="utf-8" +Content-Transfer-Encoding: 8bit + +This cannot go upstream. + +Signed-off-by: Alexander Miroshnichenko +--- + src/basic/errno-util.h | 2 +- + src/libsystemd/sd-bus/bus-error.c | 56 ++++++++---------------- + src/libsystemd/sd-bus/test-bus-error.c | 1 - + src/libsystemd/sd-journal/journal-send.c | 7 +-- + 4 files changed, 20 insertions(+), 46 deletions(-) + +diff --git a/src/basic/errno-util.h b/src/basic/errno-util.h +index 48b76e4bf70d..c48679c55cfd 100644 +--- a/src/basic/errno-util.h ++++ b/src/basic/errno-util.h +@@ -15,7 +15,7 @@ + * https://stackoverflow.com/questions/34880638/compound-literal-lifetime-and-if-blocks + * + * Note that we use the GNU variant of strerror_r() here. */ +-#define STRERROR(errnum) strerror_r(abs(errnum), (char[ERRNO_BUF_LEN]){}, ERRNO_BUF_LEN) ++#define STRERROR(errnum) strerror(abs(errnum)) + + /* A helper to print an error message or message for functions that return 0 on EOF. + * Note that we can't use ({ … }) to define a temporary variable, so errnum is +diff --git a/src/libsystemd/sd-bus/bus-error.c b/src/libsystemd/sd-bus/bus-error.c +index f415797700ef..34bc7307bbcf 100644 +--- a/src/libsystemd/sd-bus/bus-error.c ++++ b/src/libsystemd/sd-bus/bus-error.c +@@ -403,15 +403,13 @@ static void bus_error_strerror(sd_bus_error *e, int error) { + assert(e); + + for (;;) { +- char *x; +- + m = new(char, k); + if (!m) + return; + + errno = 0; +- x = strerror_r(error, m, k); +- if (errno == ERANGE || strlen(x) >= k - 1) { ++ strerror_r(error, m, k); ++ if (errno == ERANGE) { + free(m); + k *= 2; + continue; +@@ -422,43 +420,24 @@ static void bus_error_strerror(sd_bus_error *e, int error) { + return; + } + +- if (x == m) { +- if (e->_need_free > 0) { +- /* Error is already dynamic, let's just update the message */ +- free((char*) e->message); +- e->message = x; +- +- } else { +- char *t; +- /* Error was const so far, let's make it dynamic, if we can */ +- +- t = strdup(e->name); +- if (!t) { +- free(m); +- return; +- } ++ if (e->_need_free > 0) { ++ /* Error is already dynamic, let's just update the message */ ++ free((char*) e->message); ++ e->message = m; + +- e->_need_free = 1; +- e->name = t; +- e->message = x; +- } + } else { +- free(m); +- +- if (e->_need_free > 0) { +- char *t; +- +- /* Error is dynamic, let's hence make the message also dynamic */ +- t = strdup(x); +- if (!t) +- return; ++ char *t; ++ /* Error was const so far, let's make it dynamic, if we can */ + +- free((char*) e->message); +- e->message = t; +- } else { +- /* Error is const, hence we can just override */ +- e->message = x; ++ t = strdup(e->name); ++ if (!t) { ++ free(m); ++ return; + } ++ ++ e->_need_free = 1; ++ e->name = t; ++ e->message = m; + } + + return; +@@ -596,7 +575,8 @@ const char* _bus_error_message(const sd_bus_error *e, int error, char buf[static + if (e && e->message) + return e->message; + +- return strerror_r(abs(error), buf, ERRNO_BUF_LEN); ++ strerror_r(abs(error), buf, ERRNO_BUF_LEN); ++ return buf; + } + + static bool map_ok(const sd_bus_error_map *map) { +diff --git a/src/libsystemd/sd-bus/test-bus-error.c b/src/libsystemd/sd-bus/test-bus-error.c +index 91045c06c2ae..af3332d29a23 100644 +--- a/src/libsystemd/sd-bus/test-bus-error.c ++++ b/src/libsystemd/sd-bus/test-bus-error.c +@@ -232,7 +232,6 @@ TEST(sd_bus_error_set_errnof) { + errno = EACCES; + assert_se(asprintf(&str, "%m") >= 0); + assert_se(streq(error.message, str)); +- assert_se(error._need_free == 0); + + str = mfree(str); + sd_bus_error_free(&error); +diff --git a/src/libsystemd/sd-journal/journal-send.c b/src/libsystemd/sd-journal/journal-send.c +index 7d02b57d7b42..1eea1e885620 100644 +--- a/src/libsystemd/sd-journal/journal-send.c ++++ b/src/libsystemd/sd-journal/journal-send.c +@@ -2,7 +2,6 @@ + + #include + #include +-#include + #include + #include + #include +@@ -358,16 +357,12 @@ static int fill_iovec_perror_and_send(const char *message, int skip, struct iove + + for (;;) { + char buffer[n]; +- char* j; + + errno = 0; +- j = strerror_r(_saved_errno_, buffer + 8 + k, n - 8 - k); ++ strerror_r(_saved_errno_, buffer + 8 + k, n - 8 - k); + if (errno == 0) { + char error[STRLEN("ERRNO=") + DECIMAL_STR_MAX(int) + 1]; + +- if (j != buffer + 8 + k) +- memmove(buffer + 8 + k, j, strlen(j)+1); +- + memcpy(buffer, "MESSAGE=", 8); + + if (k > 0) { +-- +2.41.0 + diff --git a/sys-apps/systemd/files/0003-fileio-Disable-use-of-disabling-write-buffer.patch b/sys-apps/systemd/files/0003-fileio-Disable-use-of-disabling-write-buffer.patch new file mode 100644 index 0000000..5376d4a --- /dev/null +++ b/sys-apps/systemd/files/0003-fileio-Disable-use-of-disabling-write-buffer.patch @@ -0,0 +1,34 @@ +From e14c8f31006bda5cdc2e42d9f7dcc9c00bca1f06 Mon Sep 17 00:00:00 2001 +From: "A. Wilcox" +Date: Sun, 18 Aug 2024 02:02:34 -0500 +Subject: [PATCH 03/34] fileio: Disable use of disabling write buffer +Content-Type: text/plain; charset="utf-8" +Content-Transfer-Encoding: 8bit + +It doesn't work properly on musl and it breaks more than it fixes. + +This cannot be sent upstream. + +Signed-off-by: Alexander Miroshnichenko +--- + src/basic/fileio.c | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) + +diff --git a/src/basic/fileio.c b/src/basic/fileio.c +index 523378177fb7..2e2875ec171c 100644 +--- a/src/basic/fileio.c ++++ b/src/basic/fileio.c +@@ -311,8 +311,8 @@ int write_string_file_ts_at( + if (r < 0) + goto fail; + +- if (flags & WRITE_STRING_FILE_DISABLE_BUFFER) +- setvbuf(f, NULL, _IONBF, 0); ++ /*if (flags & WRITE_STRING_FILE_DISABLE_BUFFER) ++ setvbuf(f, NULL, _IONBF, 0);*/ + + r = write_string_stream_ts(f, line, flags, ts); + if (r < 0) +-- +2.41.0 + diff --git a/sys-apps/systemd/files/0004-fs-util-Handle-musl-O_ACCMODE-containing-O_PATH.patch b/sys-apps/systemd/files/0004-fs-util-Handle-musl-O_ACCMODE-containing-O_PATH.patch new file mode 100644 index 0000000..cb70ce4 --- /dev/null +++ b/sys-apps/systemd/files/0004-fs-util-Handle-musl-O_ACCMODE-containing-O_PATH.patch @@ -0,0 +1,32 @@ +From df3fdeb9091977698a3c6775ed835b68105b6ae6 Mon Sep 17 00:00:00 2001 +From: "A. Wilcox" +Date: Sun, 18 Aug 2024 02:09:55 -0500 +Subject: [PATCH 04/34] fs-util: Handle musl O_ACCMODE containing O_PATH +Content-Type: text/plain; charset="utf-8" +Content-Transfer-Encoding: 8bit + +O_ACCMODE strictly includes 'O_SEARCH', but that is defined as 'O_PATH' +in musl. This makes the read-only test fail when O_PATH is specified as +a flag for open_mkdir_at. + +Signed-off-by: Alexander Miroshnichenko +--- + src/basic/fs-util.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/src/basic/fs-util.c b/src/basic/fs-util.c +index 64d309317d52..744ce847ffe5 100644 +--- a/src/basic/fs-util.c ++++ b/src/basic/fs-util.c +@@ -1036,7 +1036,7 @@ int open_mkdir_at_full(int dirfd, const char *path, int flags, XOpenFlags xopen_ + + if (flags & ~(O_RDONLY|O_CLOEXEC|O_DIRECTORY|O_EXCL|O_NOATIME|O_NOFOLLOW|O_PATH)) + return -EINVAL; +- if ((flags & O_ACCMODE) != O_RDONLY) ++ if (((flags & O_ACCMODE) & ~O_PATH) != O_RDONLY) + return -EINVAL; + + /* Note that O_DIRECTORY|O_NOFOLLOW is implied, but we allow specifying it anyway. The following +-- +2.41.0 + diff --git a/sys-apps/systemd/files/0005-Use-libc-over-Linux-UAPI-headers-when-possible.patch b/sys-apps/systemd/files/0005-Use-libc-over-Linux-UAPI-headers-when-possible.patch new file mode 100644 index 0000000..2ade36d --- /dev/null +++ b/sys-apps/systemd/files/0005-Use-libc-over-Linux-UAPI-headers-when-possible.patch @@ -0,0 +1,760 @@ +From f423321481330c5f2f9158c490162b2e62b4c8bd Mon Sep 17 00:00:00 2001 +From: "A. Wilcox" +Date: Sun, 18 Aug 2024 02:15:10 -0500 +Subject: [PATCH 05/34] Use libc over Linux UAPI headers when possible +Content-Type: text/plain; charset="utf-8" +Content-Transfer-Encoding: 8bit + +The Linux UAPI headers cause a lot of breakage. I can see that upstream +has started doing this already with some of the comments, so it is +possible this might need to be massaged and upstreamed. + +Signed-off-by: Alexander Miroshnichenko +--- + src/basic/arphrd-util.c | 3 ++- + src/basic/generate-arphrd-list.sh | 2 +- + src/basic/socket-util.h | 2 +- + src/libsystemd-network/sd-dhcp6-client.c | 3 ++- + src/libsystemd/sd-netlink/netlink-message-rtnl.c | 1 + + src/libsystemd/sd-netlink/netlink-types-rtnl.c | 1 + + src/network/netdev/bareudp.c | 3 ++- + src/network/netdev/batadv.c | 2 +- + src/network/netdev/bond.c | 3 ++- + src/network/netdev/bridge.c | 5 +++-- + src/network/netdev/dummy.c | 2 +- + src/network/netdev/geneve.c | 2 +- + src/network/netdev/ifb.c | 2 +- + src/network/netdev/ipoib.c | 2 +- + src/network/netdev/ipvlan.c | 2 +- + src/network/netdev/macsec.c | 3 ++- + src/network/netdev/macvlan.c | 2 +- + src/network/netdev/netdev-gperf.gperf | 1 + + src/network/netdev/netdev.c | 3 ++- + src/network/netdev/netdevsim.c | 2 +- + src/network/netdev/nlmon.c | 2 +- + src/network/netdev/tunnel.c | 3 ++- + src/network/netdev/tuntap.c | 2 +- + src/network/netdev/vcan.c | 2 +- + src/network/netdev/veth.c | 2 +- + src/network/netdev/vlan.c | 2 +- + src/network/netdev/vrf.c | 2 +- + src/network/netdev/vxcan.c | 2 +- + src/network/netdev/vxlan.c | 2 +- + src/network/netdev/wireguard.c | 5 +++-- + src/network/netdev/xfrm.c | 2 +- + src/network/networkctl.c | 1 + + src/network/networkd-bridge-mdb.c | 2 ++ + src/network/networkd-bridge-vlan.c | 1 + + src/network/networkd-dhcp-common.c | 4 +++- + src/network/networkd-dhcp-prefix-delegation.c | 1 + + src/network/networkd-dhcp-server.c | 3 ++- + src/network/networkd-dhcp4.c | 3 ++- + src/network/networkd-ipv6ll.c | 2 +- + src/network/networkd-link.c | 3 ++- + src/network/networkd-ndisc.c | 3 ++- + src/network/networkd-network.c | 1 + + src/network/networkd-route.c | 1 + + src/network/networkd-setlink.c | 3 ++- + src/network/networkd-sysctl.c | 2 +- + src/network/test-network-tables.c | 1 + + src/shared/ethtool-util.c | 1 + + src/shared/netif-util.c | 2 +- + src/test/test-arphrd-util.c | 2 +- + src/udev/net/link-config.c | 1 + + src/udev/udev-builtin-net_id.c | 3 ++- + 51 files changed, 71 insertions(+), 41 deletions(-) + +diff --git a/src/basic/arphrd-util.c b/src/basic/arphrd-util.c +index 3ea2c9d09a90..e21b60957376 100644 +--- a/src/basic/arphrd-util.c ++++ b/src/basic/arphrd-util.c +@@ -1,8 +1,9 @@ + /* SPDX-License-Identifier: LGPL-2.1-or-later */ + + #include ++#include ++#include + #include +-#include + #include + #include + +diff --git a/src/basic/generate-arphrd-list.sh b/src/basic/generate-arphrd-list.sh +index ca1ba7cad4d1..2e8fb64ba305 100755 +--- a/src/basic/generate-arphrd-list.sh ++++ b/src/basic/generate-arphrd-list.sh +@@ -3,6 +3,6 @@ + set -eu + set -o pipefail + +-${1:?} -dM -include linux/if_arp.h -include "${2:?}" - + #include +-#include ++#include + #include + #include + #include +diff --git a/src/libsystemd-network/sd-dhcp6-client.c b/src/libsystemd-network/sd-dhcp6-client.c +index 3e992d7cadcd..131bc83c614c 100644 +--- a/src/libsystemd-network/sd-dhcp6-client.c ++++ b/src/libsystemd-network/sd-dhcp6-client.c +@@ -4,8 +4,9 @@ + ***/ + + #include ++#include ++#include + #include +-#include + #include + + #include "sd-dhcp6-client.h" +diff --git a/src/libsystemd/sd-netlink/netlink-message-rtnl.c b/src/libsystemd/sd-netlink/netlink-message-rtnl.c +index fb11c7e02bb2..5159b122653c 100644 +--- a/src/libsystemd/sd-netlink/netlink-message-rtnl.c ++++ b/src/libsystemd/sd-netlink/netlink-message-rtnl.c +@@ -1,5 +1,6 @@ + /* SPDX-License-Identifier: LGPL-2.1-or-later */ + ++#include + #include + #include + #include +diff --git a/src/libsystemd/sd-netlink/netlink-types-rtnl.c b/src/libsystemd/sd-netlink/netlink-types-rtnl.c +index e39a75cfe475..dbf2583dd815 100644 +--- a/src/libsystemd/sd-netlink/netlink-types-rtnl.c ++++ b/src/libsystemd/sd-netlink/netlink-types-rtnl.c +@@ -1,5 +1,6 @@ + /* SPDX-License-Identifier: LGPL-2.1-or-later */ + ++#include + #include + #include + #include +diff --git a/src/network/netdev/bareudp.c b/src/network/netdev/bareudp.c +index 1df886573ba2..d324c716917b 100644 +--- a/src/network/netdev/bareudp.c ++++ b/src/network/netdev/bareudp.c +@@ -1,8 +1,9 @@ + /* SPDX-License-Identifier: LGPL-2.1-or-later + * Copyright © 2020 VMware, Inc. */ + ++#include ++#include + #include +-#include + + #include "bareudp.h" + #include "netlink-util.h" +diff --git a/src/network/netdev/batadv.c b/src/network/netdev/batadv.c +index 26da0231d459..dbdfc7f80ee2 100644 +--- a/src/network/netdev/batadv.c ++++ b/src/network/netdev/batadv.c +@@ -1,9 +1,9 @@ + /* SPDX-License-Identifier: LGPL-2.1-or-later */ + + #include ++#include + #include + #include +-#include + + #include "batadv.h" + #include "fileio.h" +diff --git a/src/network/netdev/bond.c b/src/network/netdev/bond.c +index 52a7f126b6db..dc5d1fedb229 100644 +--- a/src/network/netdev/bond.c ++++ b/src/network/netdev/bond.c +@@ -1,7 +1,8 @@ + /* SPDX-License-Identifier: LGPL-2.1-or-later */ + ++#include ++#include + #include +-#include + + #include "alloc-util.h" + #include "bond.h" +diff --git a/src/network/netdev/bridge.c b/src/network/netdev/bridge.c +index d426c0c5019f..0f60a7dfae9b 100644 +--- a/src/network/netdev/bridge.c ++++ b/src/network/netdev/bridge.c +@@ -2,9 +2,10 @@ + + /* Make sure the net/if.h header is included before any linux/ one */ + #include +-#include +-#include ++#include ++#include + #include ++#include + + #include "bridge.h" + #include "netlink-util.h" +diff --git a/src/network/netdev/dummy.c b/src/network/netdev/dummy.c +index 00df1d278737..9e03d02b42ea 100644 +--- a/src/network/netdev/dummy.c ++++ b/src/network/netdev/dummy.c +@@ -1,6 +1,6 @@ + /* SPDX-License-Identifier: LGPL-2.1-or-later */ + +-#include ++#include + + #include "dummy.h" + +diff --git a/src/network/netdev/geneve.c b/src/network/netdev/geneve.c +index 22c2b00e1b70..170aeddfd597 100644 +--- a/src/network/netdev/geneve.c ++++ b/src/network/netdev/geneve.c +@@ -2,7 +2,7 @@ + + /* Make sure the net/if.h header is included before any linux/ one */ + #include +-#include ++#include + #include + + #include "alloc-util.h" +diff --git a/src/network/netdev/ifb.c b/src/network/netdev/ifb.c +index d7ff44cb9ea6..747733139ac7 100644 +--- a/src/network/netdev/ifb.c ++++ b/src/network/netdev/ifb.c +@@ -1,7 +1,7 @@ + /* SPDX-License-Identifier: LGPL-2.1-or-later + * Copyright © 2019 VMware, Inc. */ + +-#include ++#include + + #include "ifb.h" + +diff --git a/src/network/netdev/ipoib.c b/src/network/netdev/ipoib.c +index d5fe299b7b43..a3d9309d7b5e 100644 +--- a/src/network/netdev/ipoib.c ++++ b/src/network/netdev/ipoib.c +@@ -1,6 +1,6 @@ + /* SPDX-License-Identifier: LGPL-2.1-or-later */ + +-#include ++#include + #include + + #include "ipoib.h" +diff --git a/src/network/netdev/ipvlan.c b/src/network/netdev/ipvlan.c +index 51ae64341db2..5908733b6b57 100644 +--- a/src/network/netdev/ipvlan.c ++++ b/src/network/netdev/ipvlan.c +@@ -2,8 +2,8 @@ + + /* Make sure the net/if.h header is included before any linux/ one */ + #include ++#include + #include +-#include + + #include "conf-parser.h" + #include "ipvlan.h" +diff --git a/src/network/netdev/macsec.c b/src/network/netdev/macsec.c +index 4b9f19cc95cf..58729ad29461 100644 +--- a/src/network/netdev/macsec.c ++++ b/src/network/netdev/macsec.c +@@ -1,7 +1,8 @@ + /* SPDX-License-Identifier: LGPL-2.1-or-later */ + ++#include ++#include + #include +-#include + #include + #include + #include +diff --git a/src/network/netdev/macvlan.c b/src/network/netdev/macvlan.c +index 21933d3970a1..adbe9817e7b3 100644 +--- a/src/network/netdev/macvlan.c ++++ b/src/network/netdev/macvlan.c +@@ -2,8 +2,8 @@ + + /* Make sure the net/if.h header is included before any linux/ one */ + #include ++#include + #include +-#include + + #include "conf-parser.h" + #include "macvlan.h" +diff --git a/src/network/netdev/netdev-gperf.gperf b/src/network/netdev/netdev-gperf.gperf +index 4883a2652d46..3d2b560941de 100644 +--- a/src/network/netdev/netdev-gperf.gperf ++++ b/src/network/netdev/netdev-gperf.gperf +@@ -3,6 +3,7 @@ + #if __GNUC__ >= 7 + _Pragma("GCC diagnostic ignored \"-Wimplicit-fallthrough\"") + #endif ++#include + #include + #include "bareudp.h" + #include "batadv.h" +diff --git a/src/network/netdev/netdev.c b/src/network/netdev/netdev.c +index 2b411425ba16..db44e67df621 100644 +--- a/src/network/netdev/netdev.c ++++ b/src/network/netdev/netdev.c +@@ -2,8 +2,9 @@ + + /* Make sure the net/if.h header is included before any linux/ one */ + #include ++#include ++#include + #include +-#include + #include + + #include "alloc-util.h" +diff --git a/src/network/netdev/netdevsim.c b/src/network/netdev/netdevsim.c +index 15d5c132f967..8b1d3440325b 100644 +--- a/src/network/netdev/netdevsim.c ++++ b/src/network/netdev/netdevsim.c +@@ -1,6 +1,6 @@ + /* SPDX-License-Identifier: LGPL-2.1-or-later */ + +-#include ++#include + + #include "netdevsim.h" + +diff --git a/src/network/netdev/nlmon.c b/src/network/netdev/nlmon.c +index ff372092e614..3118df501054 100644 +--- a/src/network/netdev/nlmon.c ++++ b/src/network/netdev/nlmon.c +@@ -1,6 +1,6 @@ + /* SPDX-License-Identifier: LGPL-2.1-or-later */ + +-#include ++#include + + #include "nlmon.h" + +diff --git a/src/network/netdev/tunnel.c b/src/network/netdev/tunnel.c +index db84e7cf6eeb..1789f532b762 100644 +--- a/src/network/netdev/tunnel.c ++++ b/src/network/netdev/tunnel.c +@@ -1,8 +1,9 @@ + /* SPDX-License-Identifier: LGPL-2.1-or-later */ + ++#include ++#include + #include + #include +-#include + #include + #include + #include +diff --git a/src/network/netdev/tuntap.c b/src/network/netdev/tuntap.c +index f5be31ed9438..06a0c3e616f0 100644 +--- a/src/network/netdev/tuntap.c ++++ b/src/network/netdev/tuntap.c +@@ -2,10 +2,10 @@ + + /* Make sure the net/if.h header is included before any linux/ one */ + #include ++#include + #include + #include + #include +-#include + #include + #include + #include +diff --git a/src/network/netdev/vcan.c b/src/network/netdev/vcan.c +index 380547ee1e85..5dbf74f10c4d 100644 +--- a/src/network/netdev/vcan.c ++++ b/src/network/netdev/vcan.c +@@ -1,6 +1,6 @@ + /* SPDX-License-Identifier: LGPL-2.1-or-later */ + +-#include ++#include + + #include "vcan.h" + +diff --git a/src/network/netdev/veth.c b/src/network/netdev/veth.c +index 78555286d1a4..4dc4ed146a8a 100644 +--- a/src/network/netdev/veth.c ++++ b/src/network/netdev/veth.c +@@ -2,8 +2,8 @@ + + /* Make sure the net/if.h header is included before any linux/ one */ + #include ++#include + #include +-#include + #include + #include + +diff --git a/src/network/netdev/vlan.c b/src/network/netdev/vlan.c +index 60e49a5b8a9a..1dd2b962ac86 100644 +--- a/src/network/netdev/vlan.c ++++ b/src/network/netdev/vlan.c +@@ -2,8 +2,8 @@ + + /* Make sure the net/if.h header is included before any linux/ one */ + #include ++#include + #include +-#include + #include + + #include "parse-util.h" +diff --git a/src/network/netdev/vrf.c b/src/network/netdev/vrf.c +index 24079a7203c8..9108c891cc13 100644 +--- a/src/network/netdev/vrf.c ++++ b/src/network/netdev/vrf.c +@@ -2,7 +2,7 @@ + + /* Make sure the net/if.h header is included before any linux/ one */ + #include +-#include ++#include + #include + + #include "vrf.h" +diff --git a/src/network/netdev/vxcan.c b/src/network/netdev/vxcan.c +index c0343f45b621..7d74950c33fa 100644 +--- a/src/network/netdev/vxcan.c ++++ b/src/network/netdev/vxcan.c +@@ -1,7 +1,7 @@ + /* SPDX-License-Identifier: LGPL-2.1-or-later */ + ++#include + #include +-#include + + #include "vxcan.h" + +diff --git a/src/network/netdev/vxlan.c b/src/network/netdev/vxlan.c +index 37f65967a6bd..065b3966bd79 100644 +--- a/src/network/netdev/vxlan.c ++++ b/src/network/netdev/vxlan.c +@@ -2,8 +2,8 @@ + + /* Make sure the net/if.h header is included before any linux/ one */ + #include ++#include + #include +-#include + + #include "conf-parser.h" + #include "alloc-util.h" +diff --git a/src/network/netdev/wireguard.c b/src/network/netdev/wireguard.c +index fed1be8d1104..ff4d1c1bc501 100644 +--- a/src/network/netdev/wireguard.c ++++ b/src/network/netdev/wireguard.c +@@ -5,9 +5,10 @@ + + /* Make sure the net/if.h header is included before any linux/ one */ + #include +-#include +-#include ++#include ++#include + #include ++#include + #include + + #include "sd-resolve.h" +diff --git a/src/network/netdev/xfrm.c b/src/network/netdev/xfrm.c +index 905bfc0bdf03..c4a226da19a0 100644 +--- a/src/network/netdev/xfrm.c ++++ b/src/network/netdev/xfrm.c +@@ -1,6 +1,6 @@ + /* SPDX-License-Identifier: LGPL-2.1-or-later */ + +-#include ++#include + + #include "missing_network.h" + #include "xfrm.h" +diff --git a/src/network/networkctl.c b/src/network/networkctl.c +index a447c39a6414..0dbdbe0837f2 100644 +--- a/src/network/networkctl.c ++++ b/src/network/networkctl.c +@@ -2,6 +2,7 @@ + + /* Make sure the net/if.h header is included before any linux/ one */ + #include ++#include + #include + #include + #include +diff --git a/src/network/networkd-bridge-mdb.c b/src/network/networkd-bridge-mdb.c +index 7ff4a1884671..9b417e3bf58b 100644 +--- a/src/network/networkd-bridge-mdb.c ++++ b/src/network/networkd-bridge-mdb.c +@@ -2,6 +2,8 @@ + + /* Make sure the net/if.h header is included before any linux/ one */ + #include ++#include ++#include + #include + + #include "netlink-util.h" +diff --git a/src/network/networkd-bridge-vlan.c b/src/network/networkd-bridge-vlan.c +index 0deffa46510d..94b15550205a 100644 +--- a/src/network/networkd-bridge-vlan.c ++++ b/src/network/networkd-bridge-vlan.c +@@ -3,6 +3,7 @@ + Copyright © 2016 BISDN GmbH. All rights reserved. + ***/ + ++#include + #include + #include + #include +diff --git a/src/network/networkd-dhcp-common.c b/src/network/networkd-dhcp-common.c +index 9f0268d934e4..a452dafb8a97 100644 +--- a/src/network/networkd-dhcp-common.c ++++ b/src/network/networkd-dhcp-common.c +@@ -1,7 +1,9 @@ + /* SPDX-License-Identifier: LGPL-2.1-or-later */ + ++#include ++#include ++#include + #include +-#include + + #include "bus-error.h" + #include "bus-locator.h" +diff --git a/src/network/networkd-dhcp-prefix-delegation.c b/src/network/networkd-dhcp-prefix-delegation.c +index 2e660b77631a..25b3fb747406 100644 +--- a/src/network/networkd-dhcp-prefix-delegation.c ++++ b/src/network/networkd-dhcp-prefix-delegation.c +@@ -1,5 +1,6 @@ + /* SPDX-License-Identifier: LGPL-2.1-or-later */ + ++#include + #include + + #include "dhcp6-lease-internal.h" +diff --git a/src/network/networkd-dhcp-server.c b/src/network/networkd-dhcp-server.c +index c35102af74a5..8fb7700e8cd3 100644 +--- a/src/network/networkd-dhcp-server.c ++++ b/src/network/networkd-dhcp-server.c +@@ -1,7 +1,8 @@ + /* SPDX-License-Identifier: LGPL-2.1-or-later */ + ++#include ++#include + #include +-#include + #include + + #include "sd-dhcp-server.h" +diff --git a/src/network/networkd-dhcp4.c b/src/network/networkd-dhcp4.c +index 4dd6044b1897..359a8bd3b5e2 100644 +--- a/src/network/networkd-dhcp4.c ++++ b/src/network/networkd-dhcp4.c +@@ -1,9 +1,10 @@ + /* SPDX-License-Identifier: LGPL-2.1-or-later */ + ++#include ++#include + #include + #include + #include +-#include + + #include "alloc-util.h" + #include "dhcp-client-internal.h" +diff --git a/src/network/networkd-ipv6ll.c b/src/network/networkd-ipv6ll.c +index 32229a3fc70e..5e5d2926f3e2 100644 +--- a/src/network/networkd-ipv6ll.c ++++ b/src/network/networkd-ipv6ll.c +@@ -1,7 +1,7 @@ + /* SPDX-License-Identifier: LGPL-2.1-or-later */ + ++#include + #include +-#include + + #include "in-addr-util.h" + #include "networkd-address.h" +diff --git a/src/network/networkd-link.c b/src/network/networkd-link.c +index 9ce75361fdca..17ab1b38be15 100644 +--- a/src/network/networkd-link.c ++++ b/src/network/networkd-link.c +@@ -2,9 +2,10 @@ + + /* Make sure the net/if.h header is included before any linux/ one */ + #include ++#include ++#include + #include + #include +-#include + #include + #include + #include +diff --git a/src/network/networkd-ndisc.c b/src/network/networkd-ndisc.c +index 84558a5afc5c..23a0dc06172f 100644 +--- a/src/network/networkd-ndisc.c ++++ b/src/network/networkd-ndisc.c +@@ -4,9 +4,10 @@ + ***/ + + #include ++#include ++#include + #include + #include +-#include + + #include "sd-ndisc.h" + +diff --git a/src/network/networkd-network.c b/src/network/networkd-network.c +index 8232db06c934..fd3599420831 100644 +--- a/src/network/networkd-network.c ++++ b/src/network/networkd-network.c +@@ -2,6 +2,7 @@ + + /* Make sure the net/if.h header is included before any linux/ one */ + #include ++#include + #include + #include + #include +diff --git a/src/network/networkd-route.c b/src/network/networkd-route.c +index d596fd81e63c..e2dcc87f6c2e 100644 +--- a/src/network/networkd-route.c ++++ b/src/network/networkd-route.c +@@ -1,5 +1,6 @@ + /* SPDX-License-Identifier: LGPL-2.1-or-later */ + ++#include + #include + #include + +diff --git a/src/network/networkd-setlink.c b/src/network/networkd-setlink.c +index 058bc00ba10b..3f84f9ca58a5 100644 +--- a/src/network/networkd-setlink.c ++++ b/src/network/networkd-setlink.c +@@ -1,8 +1,9 @@ + /* SPDX-License-Identifier: LGPL-2.1-or-later */ + ++#include ++#include + #include + #include +-#include + #include + + #include "missing_network.h" +diff --git a/src/network/networkd-sysctl.c b/src/network/networkd-sysctl.c +index 68c23e0eb796..fb56ee006fdc 100644 +--- a/src/network/networkd-sysctl.c ++++ b/src/network/networkd-sysctl.c +@@ -1,8 +1,8 @@ + /* SPDX-License-Identifier: LGPL-2.1-or-later */ + ++#include + #include + #include +-#include + + #include "af-list.h" + #include "missing_network.h" +diff --git a/src/network/test-network-tables.c b/src/network/test-network-tables.c +index f4e14c6d9b30..bc8378c9c946 100644 +--- a/src/network/test-network-tables.c ++++ b/src/network/test-network-tables.c +@@ -2,6 +2,7 @@ + + /* Make sure the net/if.h header is included before any linux/ one */ + #include ++#include + #include + + #include "bond.h" +diff --git a/src/shared/ethtool-util.c b/src/shared/ethtool-util.c +index 1e100c35ef53..2a28b14d6fc5 100644 +--- a/src/shared/ethtool-util.c ++++ b/src/shared/ethtool-util.c +@@ -1,6 +1,7 @@ + /* SPDX-License-Identifier: LGPL-2.1-or-later */ + + #include ++#include + #include + #include + #include +diff --git a/src/shared/netif-util.c b/src/shared/netif-util.c +index 8adc2c89c814..393db78123ca 100644 +--- a/src/shared/netif-util.c ++++ b/src/shared/netif-util.c +@@ -1,7 +1,7 @@ + /* SPDX-License-Identifier: LGPL-2.1-or-later */ + ++#include + #include +-#include + + #include "arphrd-util.h" + #include "device-util.h" +diff --git a/src/test/test-arphrd-util.c b/src/test/test-arphrd-util.c +index 15b799775043..00072979111a 100644 +--- a/src/test/test-arphrd-util.c ++++ b/src/test/test-arphrd-util.c +@@ -2,7 +2,7 @@ + + /* Make sure the net/if.h header is included before any linux/ one */ + #include +-#include ++#include + + #include "arphrd-util.h" + #include "string-util.h" +diff --git a/src/udev/net/link-config.c b/src/udev/net/link-config.c +index 647cdeeb9dba..0325cb3a8e97 100644 +--- a/src/udev/net/link-config.c ++++ b/src/udev/net/link-config.c +@@ -1,5 +1,6 @@ + /* SPDX-License-Identifier: LGPL-2.1-or-later */ + ++#include + #include + #include + #include +diff --git a/src/udev/udev-builtin-net_id.c b/src/udev/udev-builtin-net_id.c +index 384a1f31cbc4..2c97e9651eda 100644 +--- a/src/udev/udev-builtin-net_id.c ++++ b/src/udev/udev-builtin-net_id.c +@@ -14,12 +14,13 @@ + + /* Make sure the net/if.h header is included before any linux/ one */ + #include ++#include ++#include + #include + #include + #include + #include + #include +-#include + #include + #include + +-- +2.41.0 + diff --git a/sys-apps/systemd/files/0006-test-PATH-sbin-so-fstab-generator-finds-fsck.patch b/sys-apps/systemd/files/0006-test-PATH-sbin-so-fstab-generator-finds-fsck.patch new file mode 100644 index 0000000..6a2b844 --- /dev/null +++ b/sys-apps/systemd/files/0006-test-PATH-sbin-so-fstab-generator-finds-fsck.patch @@ -0,0 +1,33 @@ +From 8c528bcfd198d318fc25b4e75874e74449c2f020 Mon Sep 17 00:00:00 2001 +From: "A. Wilcox" +Date: Sun, 18 Aug 2024 02:26:39 -0500 +Subject: [PATCH 06/34] test: $PATH += /sbin so fstab-generator finds fsck +Content-Type: text/plain; charset="utf-8" +Content-Transfer-Encoding: 8bit + +Our fsck is in /sbin, not /usr/sbin. (Likely, Debian's was in /sbin +before the ill-advised usr-merge, too.) + +This cannot be upstreamed. + +Signed-off-by: Alexander Miroshnichenko +--- + test/test-fstab-generator.sh | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/test/test-fstab-generator.sh b/test/test-fstab-generator.sh +index 476312133e43..c265c60e03d6 100755 +--- a/test/test-fstab-generator.sh ++++ b/test/test-fstab-generator.sh +@@ -17,7 +17,7 @@ fi + src="$(dirname "$0")/testdata/test-fstab-generator" + + # fsck(8) is located in /usr/sbin on Debian +-PATH=$PATH:/usr/sbin ++PATH=$PATH:/usr/sbin:/sbin + + # systemd-pcrfs@.service could be enabled or not, depending on the host state + # of the host system. Override the measurement to avoid the issue. +-- +2.41.0 + diff --git a/sys-apps/systemd/files/0007-Handle-lack-of-printf.h.patch b/sys-apps/systemd/files/0007-Handle-lack-of-printf.h.patch new file mode 100644 index 0000000..050295b --- /dev/null +++ b/sys-apps/systemd/files/0007-Handle-lack-of-printf.h.patch @@ -0,0 +1,416 @@ +From 93a4b034c58490d73a7eaae26d262b7de3d19ef6 Mon Sep 17 00:00:00 2001 +From: "A. Wilcox" +Date: Sun, 18 Aug 2024 02:32:31 -0500 +Subject: [PATCH 07/34] Handle lack of +Content-Type: text/plain; charset="utf-8" +Content-Transfer-Encoding: 8bit + +We are more portable about it than most other patchsets, and we +conditionalise it well enough, but I doubt upstream will accept this. + +Signed-off-by: Alexander Miroshnichenko +--- + meson.build | 1 + + src/basic/meson.build | 5 + + src/basic/parse-printf-format.c | 273 ++++++++++++++++++++++++++++++++ + src/basic/parse-printf-format.h | 57 +++++++ + src/basic/stdio-util.h | 6 +- + 5 files changed, 341 insertions(+), 1 deletion(-) + create mode 100644 src/basic/parse-printf-format.c + create mode 100644 src/basic/parse-printf-format.h + +diff --git a/meson.build b/meson.build +index c068acc169a3..b11f73dc0c20 100644 +--- a/meson.build ++++ b/meson.build +@@ -800,6 +800,7 @@ foreach header : ['crypt.h', + 'linux/memfd.h', + 'linux/time_types.h', + 'linux/vm_sockets.h', ++ 'printf.h', + 'sys/auxv.h', + 'sys/sdt.h', + 'threads.h', +diff --git a/src/basic/meson.build b/src/basic/meson.build +index b538775576ab..ed5ce81876bc 100644 +--- a/src/basic/meson.build ++++ b/src/basic/meson.build +@@ -189,6 +189,11 @@ endforeach + + basic_sources += generated_gperf_headers + ++if conf.get('HAVE_PRINTF_H') != 1 ++ basic_sources += [files('parse-printf-format.c')] ++endif ++ ++ + ############################################################ + + arch_list = [ +diff --git a/src/basic/parse-printf-format.c b/src/basic/parse-printf-format.c +new file mode 100644 +index 000000000000..49437e544540 +--- /dev/null ++++ b/src/basic/parse-printf-format.c +@@ -0,0 +1,273 @@ ++/*-*- Mode: C; c-basic-offset: 8; indent-tabs-mode: nil -*-*/ ++ ++/*** ++ This file is part of systemd. ++ ++ Copyright 2014 Emil Renner Berthing ++ ++ With parts from the musl C library ++ Copyright 2005-2014 Rich Felker, et al. ++ ++ systemd is free software; you can redistribute it and/or modify it ++ under the terms of the GNU Lesser General Public License as published by ++ the Free Software Foundation; either version 2.1 of the License, or ++ (at your option) any later version. ++ ++ systemd is distributed in the hope that it will be useful, but ++ WITHOUT ANY WARRANTY; without even the implied warranty of ++ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU ++ Lesser General Public License for more details. ++ ++ You should have received a copy of the GNU Lesser General Public License ++ along with systemd; If not, see . ++***/ ++ ++#include ++#include ++ ++#include "parse-printf-format.h" ++ ++static const char *consume_nonarg(const char *fmt) ++{ ++ do { ++ if (*fmt == '\0') ++ return fmt; ++ } while (*fmt++ != '%'); ++ return fmt; ++} ++ ++static const char *consume_num(const char *fmt) ++{ ++ for (;*fmt >= '0' && *fmt <= '9'; fmt++) ++ /* do nothing */; ++ return fmt; ++} ++ ++static const char *consume_argn(const char *fmt, size_t *arg) ++{ ++ const char *p = fmt; ++ size_t val = 0; ++ ++ if (*p < '1' || *p > '9') ++ return fmt; ++ do { ++ val = 10*val + (*p++ - '0'); ++ } while (*p >= '0' && *p <= '9'); ++ ++ if (*p != '$') ++ return fmt; ++ *arg = val; ++ return p+1; ++} ++ ++static const char *consume_flags(const char *fmt) ++{ ++ while (1) { ++ switch (*fmt) { ++ case '#': ++ case '0': ++ case '-': ++ case ' ': ++ case '+': ++ case '\'': ++ case 'I': ++ fmt++; ++ continue; ++ } ++ return fmt; ++ } ++} ++ ++enum state { ++ BARE, ++ LPRE, ++ LLPRE, ++ HPRE, ++ HHPRE, ++ BIGLPRE, ++ ZTPRE, ++ JPRE, ++ STOP ++}; ++ ++enum type { ++ NONE, ++ PTR, ++ INT, ++ UINT, ++ ULLONG, ++ LONG, ++ ULONG, ++ SHORT, ++ USHORT, ++ CHAR, ++ UCHAR, ++ LLONG, ++ SIZET, ++ IMAX, ++ UMAX, ++ PDIFF, ++ UIPTR, ++ DBL, ++ LDBL, ++ MAXTYPE ++}; ++ ++static const short pa_types[MAXTYPE] = { ++ [NONE] = PA_INT, ++ [PTR] = PA_POINTER, ++ [INT] = PA_INT, ++ [UINT] = PA_INT, ++ [ULLONG] = PA_INT | PA_FLAG_LONG_LONG, ++ [LONG] = PA_INT | PA_FLAG_LONG, ++ [ULONG] = PA_INT | PA_FLAG_LONG, ++ [SHORT] = PA_INT | PA_FLAG_SHORT, ++ [USHORT] = PA_INT | PA_FLAG_SHORT, ++ [CHAR] = PA_CHAR, ++ [UCHAR] = PA_CHAR, ++ [LLONG] = PA_INT | PA_FLAG_LONG_LONG, ++ [SIZET] = PA_INT | PA_FLAG_LONG, ++ [IMAX] = PA_INT | PA_FLAG_LONG_LONG, ++ [UMAX] = PA_INT | PA_FLAG_LONG_LONG, ++ [PDIFF] = PA_INT | PA_FLAG_LONG_LONG, ++ [UIPTR] = PA_INT | PA_FLAG_LONG, ++ [DBL] = PA_DOUBLE, ++ [LDBL] = PA_DOUBLE | PA_FLAG_LONG_DOUBLE ++}; ++ ++#define S(x) [(x)-'A'] ++#define E(x) (STOP + (x)) ++ ++static const unsigned char states[]['z'-'A'+1] = { ++ { /* 0: bare types */ ++ S('d') = E(INT), S('i') = E(INT), ++ S('o') = E(UINT),S('u') = E(UINT),S('x') = E(UINT), S('X') = E(UINT), ++ S('e') = E(DBL), S('f') = E(DBL), S('g') = E(DBL), S('a') = E(DBL), ++ S('E') = E(DBL), S('F') = E(DBL), S('G') = E(DBL), S('A') = E(DBL), ++ S('c') = E(CHAR),S('C') = E(INT), ++ S('s') = E(PTR), S('S') = E(PTR), S('p') = E(UIPTR),S('n') = E(PTR), ++ S('m') = E(NONE), ++ S('l') = LPRE, S('h') = HPRE, S('L') = BIGLPRE, ++ S('z') = ZTPRE, S('j') = JPRE, S('t') = ZTPRE ++ }, { /* 1: l-prefixed */ ++ S('d') = E(LONG), S('i') = E(LONG), ++ S('o') = E(ULONG),S('u') = E(ULONG),S('x') = E(ULONG),S('X') = E(ULONG), ++ S('e') = E(DBL), S('f') = E(DBL), S('g') = E(DBL), S('a') = E(DBL), ++ S('E') = E(DBL), S('F') = E(DBL), S('G') = E(DBL), S('A') = E(DBL), ++ S('c') = E(INT), S('s') = E(PTR), S('n') = E(PTR), ++ S('l') = LLPRE ++ }, { /* 2: ll-prefixed */ ++ S('d') = E(LLONG), S('i') = E(LLONG), ++ S('o') = E(ULLONG),S('u') = E(ULLONG), ++ S('x') = E(ULLONG),S('X') = E(ULLONG), ++ S('n') = E(PTR) ++ }, { /* 3: h-prefixed */ ++ S('d') = E(SHORT), S('i') = E(SHORT), ++ S('o') = E(USHORT),S('u') = E(USHORT), ++ S('x') = E(USHORT),S('X') = E(USHORT), ++ S('n') = E(PTR), ++ S('h') = HHPRE ++ }, { /* 4: hh-prefixed */ ++ S('d') = E(CHAR), S('i') = E(CHAR), ++ S('o') = E(UCHAR),S('u') = E(UCHAR), ++ S('x') = E(UCHAR),S('X') = E(UCHAR), ++ S('n') = E(PTR) ++ }, { /* 5: L-prefixed */ ++ S('e') = E(LDBL),S('f') = E(LDBL),S('g') = E(LDBL), S('a') = E(LDBL), ++ S('E') = E(LDBL),S('F') = E(LDBL),S('G') = E(LDBL), S('A') = E(LDBL), ++ S('n') = E(PTR) ++ }, { /* 6: z- or t-prefixed (assumed to be same size) */ ++ S('d') = E(PDIFF),S('i') = E(PDIFF), ++ S('o') = E(SIZET),S('u') = E(SIZET), ++ S('x') = E(SIZET),S('X') = E(SIZET), ++ S('n') = E(PTR) ++ }, { /* 7: j-prefixed */ ++ S('d') = E(IMAX), S('i') = E(IMAX), ++ S('o') = E(UMAX), S('u') = E(UMAX), ++ S('x') = E(UMAX), S('X') = E(UMAX), ++ S('n') = E(PTR) ++ } ++}; ++ ++size_t parse_printf_format(const char *fmt, size_t n, int *types) ++{ ++ size_t i = 0; ++ size_t last = 0; ++ ++ memset(types, 0, n); ++ ++ while (1) { ++ size_t arg; ++ unsigned int state; ++ ++ fmt = consume_nonarg(fmt); ++ if (*fmt == '\0') ++ break; ++ if (*fmt == '%') { ++ fmt++; ++ continue; ++ } ++ arg = 0; ++ fmt = consume_argn(fmt, &arg); ++ /* flags */ ++ fmt = consume_flags(fmt); ++ /* width */ ++ if (*fmt == '*') { ++ size_t warg = 0; ++ fmt = consume_argn(fmt+1, &warg); ++ if (warg == 0) ++ warg = ++i; ++ if (warg > last) ++ last = warg; ++ if (warg <= n && types[warg-1] == NONE) ++ types[warg-1] = INT; ++ } else ++ fmt = consume_num(fmt); ++ /* precision */ ++ if (*fmt == '.') { ++ fmt++; ++ if (*fmt == '*') { ++ size_t parg = 0; ++ fmt = consume_argn(fmt+1, &parg); ++ if (parg == 0) ++ parg = ++i; ++ if (parg > last) ++ last = parg; ++ if (parg <= n && types[parg-1] == NONE) ++ types[parg-1] = INT; ++ } else { ++ if (*fmt == '-') ++ fmt++; ++ fmt = consume_num(fmt); ++ } ++ } ++ /* length modifier and conversion specifier */ ++ state = BARE; ++ do { ++ unsigned char c = *fmt++; ++ ++ if (c < 'A' || c > 'z') ++ continue; ++ state = states[state]S(c); ++ if (state == 0) ++ continue; ++ } while (state < STOP); ++ ++ if (state == E(NONE)) ++ continue; ++ ++ if (arg == 0) ++ arg = ++i; ++ if (arg > last) ++ last = arg; ++ if (arg <= n) ++ types[arg-1] = state - STOP; ++ } ++ ++ if (last > n) ++ last = n; ++ for (i = 0; i < last; i++) ++ types[i] = pa_types[types[i]]; ++ ++ return last; ++} +diff --git a/src/basic/parse-printf-format.h b/src/basic/parse-printf-format.h +new file mode 100644 +index 000000000000..47be7522d7fa +--- /dev/null ++++ b/src/basic/parse-printf-format.h +@@ -0,0 +1,57 @@ ++/*-*- Mode: C; c-basic-offset: 8; indent-tabs-mode: nil -*-*/ ++ ++/*** ++ This file is part of systemd. ++ ++ Copyright 2014 Emil Renner Berthing ++ ++ With parts from the GNU C Library ++ Copyright 1991-2014 Free Software Foundation, Inc. ++ ++ systemd is free software; you can redistribute it and/or modify it ++ under the terms of the GNU Lesser General Public License as published by ++ the Free Software Foundation; either version 2.1 of the License, or ++ (at your option) any later version. ++ ++ systemd is distributed in the hope that it will be useful, but ++ WITHOUT ANY WARRANTY; without even the implied warranty of ++ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU ++ Lesser General Public License for more details. ++ ++ You should have received a copy of the GNU Lesser General Public License ++ along with systemd; If not, see . ++***/ ++ ++#pragma once ++ ++#include "config.h" ++ ++#if HAVE_PRINTF_H ++#include ++#else ++ ++#include ++ ++enum { /* C type: */ ++ PA_INT, /* int */ ++ PA_CHAR, /* int, cast to char */ ++ PA_WCHAR, /* wide char */ ++ PA_STRING, /* const char *, a '\0'-terminated string */ ++ PA_WSTRING, /* const wchar_t *, wide character string */ ++ PA_POINTER, /* void * */ ++ PA_FLOAT, /* float */ ++ PA_DOUBLE, /* double */ ++ PA_LAST ++}; ++ ++/* Flag bits that can be set in a type returned by `parse_printf_format'. */ ++#define PA_FLAG_MASK 0xff00 ++#define PA_FLAG_LONG_LONG (1 << 8) ++#define PA_FLAG_LONG_DOUBLE PA_FLAG_LONG_LONG ++#define PA_FLAG_LONG (1 << 9) ++#define PA_FLAG_SHORT (1 << 10) ++#define PA_FLAG_PTR (1 << 11) ++ ++size_t parse_printf_format(const char *fmt, size_t n, int *types); ++ ++#endif /* HAVE_PRINTF_H */ +diff --git a/src/basic/stdio-util.h b/src/basic/stdio-util.h +index 0a2239d02259..259255fc651d 100644 +--- a/src/basic/stdio-util.h ++++ b/src/basic/stdio-util.h +@@ -1,12 +1,16 @@ + /* SPDX-License-Identifier: LGPL-2.1-or-later */ + #pragma once + +-#include + #include + #include + #include + + #include "macro.h" ++#if HAVE_PRINTF_H ++#include ++#else ++#include "parse-printf-format.h" ++#endif + + _printf_(3, 4) + static inline char* snprintf_ok(char *buf, size_t len, const char *format, ...) { +-- +2.41.0 + diff --git a/sys-apps/systemd/files/0008-test-Ensure-sysusers-test-11-passes-on-musl-libc.patch b/sys-apps/systemd/files/0008-test-Ensure-sysusers-test-11-passes-on-musl-libc.patch new file mode 100644 index 0000000..d4244f5 --- /dev/null +++ b/sys-apps/systemd/files/0008-test-Ensure-sysusers-test-11-passes-on-musl-libc.patch @@ -0,0 +1,28 @@ +From eb5cb893099e14f9228a114b3647df602a1c831e Mon Sep 17 00:00:00 2001 +From: "A. Wilcox" +Date: Sun, 18 Aug 2024 02:34:01 -0500 +Subject: [PATCH 08/34] test: Ensure sysusers test 11 passes on musl libc +Content-Type: text/plain; charset="utf-8" +Content-Transfer-Encoding: 8bit + +musl will skip invalid lines, like the o1 group in the sysusers test. +Make the line valid so that the test passes. + +Signed-off-by: Alexander Miroshnichenko +--- + test/test-sysusers/test-11.initial-group | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/test/test-sysusers/test-11.initial-group b/test/test-sysusers/test-11.initial-group +index 88d31f2c729a..df98ae771c5f 100644 +--- a/test/test-sysusers/test-11.initial-group ++++ b/test/test-sysusers/test-11.initial-group +@@ -1,4 +1,4 @@ +-o1:x:100 ++o1:x:100: + +giant:::bill,tina,alan,hetty + -transport::: + +::: +-- +2.41.0 + diff --git a/sys-apps/systemd/files/0009-test-Change-expected-message-for-unhappy-sysusers.patch b/sys-apps/systemd/files/0009-test-Change-expected-message-for-unhappy-sysusers.patch new file mode 100644 index 0000000..3b8ffcb --- /dev/null +++ b/sys-apps/systemd/files/0009-test-Change-expected-message-for-unhappy-sysusers.patch @@ -0,0 +1,26 @@ +From 8356019ca35e557a98fbb5ccfbc5b60f64ea38d5 Mon Sep 17 00:00:00 2001 +From: "A. Wilcox" +Date: Sun, 18 Aug 2024 02:34:45 -0500 +Subject: [PATCH 09/34] test: Change expected message for unhappy sysusers +Content-Type: text/plain; charset="utf-8" +Content-Transfer-Encoding: 8bit + +The error string for ERANGE is different between musl and glibc. + +This cannot be upstreamed. + +Signed-off-by: Alexander Miroshnichenko +--- + test/test-sysusers/unhappy-1.expected-err | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/test/test-sysusers/unhappy-1.expected-err b/test/test-sysusers/unhappy-1.expected-err +index f6b1b3c5e6f0..17da5bd2537b 100644 +--- a/test/test-sysusers/unhappy-1.expected-err ++++ b/test/test-sysusers/unhappy-1.expected-err +@@ -1 +1 @@ +- Failed to parse UID: '9999999999': Numerical result out of range ++ Failed to parse UID: '9999999999': Result not representable +-- +2.41.0 + diff --git a/sys-apps/systemd/files/0010-basic-Support-musl-definition-of-rlim_t.patch b/sys-apps/systemd/files/0010-basic-Support-musl-definition-of-rlim_t.patch new file mode 100644 index 0000000..b448ea1 --- /dev/null +++ b/sys-apps/systemd/files/0010-basic-Support-musl-definition-of-rlim_t.patch @@ -0,0 +1,30 @@ +From ff5d3856b452bc6890b54a94b40302029195d965 Mon Sep 17 00:00:00 2001 +From: "A. Wilcox" +Date: Sun, 18 Aug 2024 02:44:04 -0500 +Subject: [PATCH 10/34] basic: Support musl definition of rlim_t +Content-Type: text/plain; charset="utf-8" +Content-Transfer-Encoding: 8bit + +This cannot be upstreamed, but we should find a better way anyway. + +Signed-off-by: Alexander Miroshnichenko +--- + src/basic/format-util.h | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/src/basic/format-util.h b/src/basic/format-util.h +index ba7cff6a8b55..6239051d5f88 100644 +--- a/src/basic/format-util.h ++++ b/src/basic/format-util.h +@@ -43,7 +43,7 @@ assert_cc(sizeof(gid_t) == sizeof(uint32_t)); + #endif + + #if SIZEOF_RLIM_T == 8 +-# define RLIM_FMT "%" PRIu64 ++# define RLIM_FMT "%llu" + #elif SIZEOF_RLIM_T == 4 + # define RLIM_FMT "%" PRIu32 + #else +-- +2.41.0 + diff --git a/sys-apps/systemd/files/0011-Handle-musl-lack-of-GLOB_BRACE.patch b/sys-apps/systemd/files/0011-Handle-musl-lack-of-GLOB_BRACE.patch new file mode 100644 index 0000000..3125d09 --- /dev/null +++ b/sys-apps/systemd/files/0011-Handle-musl-lack-of-GLOB_BRACE.patch @@ -0,0 +1,160 @@ +From 14f2aeac2ca72df478bc9ddd33070f7ec850baa3 Mon Sep 17 00:00:00 2001 +From: "A. Wilcox" +Date: Sun, 18 Aug 2024 02:45:11 -0500 +Subject: [PATCH 11/34] Handle musl lack of GLOB_BRACE +Content-Type: text/plain; charset="utf-8" +Content-Transfer-Encoding: 8bit + +Based on OE patch. This cannot be upstreamed. + +Signed-off-by: Alexander Miroshnichenko +--- + src/basic/glob-util.c | 12 ++++++++++++ + src/test/test-glob-util.c | 39 +++++++-------------------------------- + src/tmpfiles/tmpfiles.c | 10 ++++++++++ + 3 files changed, 29 insertions(+), 32 deletions(-) + +diff --git a/src/basic/glob-util.c b/src/basic/glob-util.c +index 802ca8c655fc..23818a67c680 100644 +--- a/src/basic/glob-util.c ++++ b/src/basic/glob-util.c +@@ -12,6 +12,12 @@ + #include "path-util.h" + #include "strv.h" + ++/* Don't fail if the standard library ++ * doesn't provide brace expansion */ ++#ifndef GLOB_BRACE ++#define GLOB_BRACE 0 ++#endif ++ + static void closedir_wrapper(void* v) { + (void) closedir(v); + } +@@ -19,6 +25,7 @@ static void closedir_wrapper(void* v) { + int safe_glob(const char *path, int flags, glob_t *pglob) { + int k; + ++#ifdef GLOB_ALTDIRFUNC + /* We want to set GLOB_ALTDIRFUNC ourselves, don't allow it to be set. */ + assert(!(flags & GLOB_ALTDIRFUNC)); + +@@ -32,9 +39,14 @@ int safe_glob(const char *path, int flags, glob_t *pglob) { + pglob->gl_lstat = lstat; + if (!pglob->gl_stat) + pglob->gl_stat = stat; ++#endif + + errno = 0; ++#ifdef GLOB_ALTDIRFUNC + k = glob(path, flags | GLOB_ALTDIRFUNC, NULL, pglob); ++#else ++ k = glob(path, flags, NULL, pglob); ++#endif + if (k == GLOB_NOMATCH) + return -ENOENT; + if (k == GLOB_NOSPACE) +diff --git a/src/test/test-glob-util.c b/src/test/test-glob-util.c +index 49d71f15c714..65ae0b230dd5 100644 +--- a/src/test/test-glob-util.c ++++ b/src/test/test-glob-util.c +@@ -34,6 +34,12 @@ TEST(glob_first) { + ASSERT_NULL(first); + } + ++/* Don't fail if the standard library ++ * doesn't provide brace expansion */ ++#ifndef GLOB_BRACE ++#define GLOB_BRACE 0 ++#endif ++ + TEST(glob_exists) { + char name[] = "/tmp/test-glob_exists.XXXXXX"; + int fd = -EBADF; +@@ -52,37 +58,6 @@ TEST(glob_exists) { + assert_se(r == 0); + } + +-static void closedir_wrapper(void* v) { +- (void) closedir(v); +-} +- +-TEST(glob_no_dot) { +- char template[] = "/tmp/test-glob-util.XXXXXXX"; +- const char *fn; +- +- _cleanup_globfree_ glob_t g = { +- .gl_closedir = closedir_wrapper, +- .gl_readdir = (struct dirent *(*)(void *)) readdir_no_dot, +- .gl_opendir = (void *(*)(const char *)) opendir, +- .gl_lstat = lstat, +- .gl_stat = stat, +- }; +- +- int r; +- +- assert_se(mkdtemp(template)); +- +- fn = strjoina(template, "/*"); +- r = glob(fn, GLOB_NOSORT|GLOB_BRACE|GLOB_ALTDIRFUNC, NULL, &g); +- assert_se(r == GLOB_NOMATCH); +- +- fn = strjoina(template, "/.*"); +- r = glob(fn, GLOB_NOSORT|GLOB_BRACE|GLOB_ALTDIRFUNC, NULL, &g); +- assert_se(r == GLOB_NOMATCH); +- +- (void) rm_rf(template, REMOVE_ROOT|REMOVE_PHYSICAL); +-} +- + TEST(safe_glob) { + char template[] = "/tmp/test-glob-util.XXXXXXX"; + const char *fn, *fn2, *fname; +@@ -96,7 +71,7 @@ TEST(safe_glob) { + r = safe_glob(fn, 0, &g); + assert_se(r == -ENOENT); + +- fn2 = strjoina(template, "/.*"); ++ fn2 = strjoina(template, "/.f*"); + r = safe_glob(fn2, GLOB_NOSORT|GLOB_BRACE, &g); + assert_se(r == -ENOENT); + +diff --git a/src/tmpfiles/tmpfiles.c b/src/tmpfiles/tmpfiles.c +index 8cc8c1ccd61f..96111b512b14 100644 +--- a/src/tmpfiles/tmpfiles.c ++++ b/src/tmpfiles/tmpfiles.c +@@ -73,6 +73,12 @@ + #include "user-util.h" + #include "virt.h" + ++/* Don't fail if the standard library ++ * doesn't provide brace expansion */ ++#ifndef GLOB_BRACE ++#define GLOB_BRACE 0 ++#endif ++ + /* This reads all files listed in /etc/tmpfiles.d/?*.conf and creates + * them in the file system. This is intended to be used to create + * properly owned directories beneath /tmp, /var/tmp, /run, which are +@@ -2570,7 +2576,9 @@ finish: + + static int glob_item(Context *c, Item *i, action_t action) { + _cleanup_globfree_ glob_t g = { ++#ifdef GLOB_ALTDIRFUNC + .gl_opendir = (void *(*)(const char *)) opendir_nomod, ++#endif + }; + int r; + +@@ -2598,7 +2606,9 @@ static int glob_item_recursively( + fdaction_t action) { + + _cleanup_globfree_ glob_t g = { ++#ifdef GLOB_ALTDIRFUNC + .gl_opendir = (void *(*)(const char *)) opendir_nomod, ++#endif + }; + int r; + +-- +2.41.0 + diff --git a/sys-apps/systemd/files/0012-Handle-musl-s-longer-HOST_NAME_MAX-hardcode-64.patch b/sys-apps/systemd/files/0012-Handle-musl-s-longer-HOST_NAME_MAX-hardcode-64.patch new file mode 100644 index 0000000..63deced --- /dev/null +++ b/sys-apps/systemd/files/0012-Handle-musl-s-longer-HOST_NAME_MAX-hardcode-64.patch @@ -0,0 +1,58 @@ +From 2704e56cc30d04c56943ba1a3133dfcafa73c4dd Mon Sep 17 00:00:00 2001 +From: "A. Wilcox" +Date: Sun, 18 Aug 2024 02:46:06 -0500 +Subject: [PATCH 12/34] Handle musl's longer HOST_NAME_MAX: hardcode 64 +Content-Type: text/plain; charset="utf-8" +Content-Transfer-Encoding: 8bit + +There are multiple places in systemd, both runtime and test, that assume +that HOST_NAME_MAX is 64. Really, that should be fixed, but to make it +work at all, we start with hardcoding 64. + +This cannot be upstreamed, but any work to actually fix the 64 +assumption probably could. + +Signed-off-by: Alexander Miroshnichenko +--- + src/basic/hostname-util.c | 4 ++-- + src/shared/hostname-setup.c | 2 +- + 2 files changed, 3 insertions(+), 3 deletions(-) + +diff --git a/src/basic/hostname-util.c b/src/basic/hostname-util.c +index e743033b1ea1..0581b1b26a06 100644 +--- a/src/basic/hostname-util.c ++++ b/src/basic/hostname-util.c +@@ -128,7 +128,7 @@ bool hostname_is_valid(const char *s, ValidHostnameFlags flags) { + if (hyphen) + return false; + +- if (p-s > HOST_NAME_MAX) /* Note that HOST_NAME_MAX is 64 on Linux, but DNS allows domain names up to ++ if (p-s > 64) /* Note that HOST_NAME_MAX is 64 on Linux, but DNS allows domain names up to + * 255 characters */ + return false; + +@@ -141,7 +141,7 @@ char* hostname_cleanup(char *s) { + + assert(s); + +- for (p = s, d = s, dot = hyphen = true; *p && d - s < HOST_NAME_MAX; p++) ++ for (p = s, d = s, dot = hyphen = true; *p && d - s < 64; p++) + if (*p == '.') { + if (dot || hyphen) + continue; +diff --git a/src/shared/hostname-setup.c b/src/shared/hostname-setup.c +index 6cfd4b54bf63..4de610fb50f1 100644 +--- a/src/shared/hostname-setup.c ++++ b/src/shared/hostname-setup.c +@@ -66,7 +66,7 @@ int shorten_overlong(const char *s, char **ret) { + if (p) + *p = 0; + +- strshorten(h, HOST_NAME_MAX); ++ strshorten(h, 64); + + if (!hostname_is_valid(h, /* flags= */ 0)) + return -EDOM; +-- +2.41.0 + diff --git a/sys-apps/systemd/files/0013-basic-Handle-musl-lack-of-NI_IDN.patch b/sys-apps/systemd/files/0013-basic-Handle-musl-lack-of-NI_IDN.patch new file mode 100644 index 0000000..8c50eaf --- /dev/null +++ b/sys-apps/systemd/files/0013-basic-Handle-musl-lack-of-NI_IDN.patch @@ -0,0 +1,33 @@ +From 149d6484096f5eb328a625357aff063335902208 Mon Sep 17 00:00:00 2001 +From: "A. Wilcox" +Date: Sun, 18 Aug 2024 02:48:52 -0500 +Subject: [PATCH 13/34] basic: Handle musl lack of NI_IDN +Content-Type: text/plain; charset="utf-8" +Content-Transfer-Encoding: 8bit + +Hopefully musl will grow support for IDN in the stub resolver soon, and +this won't matter. + +This cannot be upstreamed. + +Signed-off-by: Alexander Miroshnichenko +--- + src/basic/socket-util.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/src/basic/socket-util.c b/src/basic/socket-util.c +index 6e304e840d2d..11a03f40dad1 100644 +--- a/src/basic/socket-util.c ++++ b/src/basic/socket-util.c +@@ -36,7 +36,7 @@ + #include "user-util.h" + #include "utf8.h" + +-#if ENABLE_IDN ++#if ENABLE_IDN && defined(NI_IDN) + # define IDN_FLAGS NI_IDN + #else + # define IDN_FLAGS 0 +-- +2.41.0 + diff --git a/sys-apps/systemd/files/0014-basic-Define-comparison_fn_t-in-sort-util.h.patch b/sys-apps/systemd/files/0014-basic-Define-comparison_fn_t-in-sort-util.h.patch new file mode 100644 index 0000000..c42851a --- /dev/null +++ b/sys-apps/systemd/files/0014-basic-Define-comparison_fn_t-in-sort-util.h.patch @@ -0,0 +1,33 @@ +From d5dff016a76259ebe40f3739f98d9c2eb47b5172 Mon Sep 17 00:00:00 2001 +From: "A. Wilcox" +Date: Sun, 18 Aug 2024 02:49:49 -0500 +Subject: [PATCH 14/34] basic: Define comparison_fn_t in sort-util.h +Content-Type: text/plain; charset="utf-8" +Content-Transfer-Encoding: 8bit + +glibc may define a public comparison_fn_t type, but musl libc doesn't. + +This cannot be upstreamed. Really, we should consider adding it to our +musl patchset. + +Signed-off-by: Alexander Miroshnichenko +--- + src/basic/sort-util.h | 2 ++ + 1 file changed, 2 insertions(+) + +diff --git a/src/basic/sort-util.h b/src/basic/sort-util.h +index 9c818bd74706..94069443cf09 100644 +--- a/src/basic/sort-util.h ++++ b/src/basic/sort-util.h +@@ -5,6 +5,8 @@ + + #include "macro.h" + ++typedef int (*comparison_fn_t)(const void *, const void *); ++ + /* This is the same as glibc's internal __compar_d_fn_t type. glibc exports a public comparison_fn_t, for the + * external type __compar_fn_t, but doesn't do anything similar for __compar_d_fn_t. Let's hence do that + * ourselves, picking a name that is obvious, but likely enough to not clash with glibc's choice of naming if +-- +2.41.0 + diff --git a/sys-apps/systemd/files/0015-basic-Define-our-own-basename.patch b/sys-apps/systemd/files/0015-basic-Define-our-own-basename.patch new file mode 100644 index 0000000..1af987f --- /dev/null +++ b/sys-apps/systemd/files/0015-basic-Define-our-own-basename.patch @@ -0,0 +1,34 @@ +From 6ef506dbf1d28618d92f0b9bb2b2fa2b989acd99 Mon Sep 17 00:00:00 2001 +From: "A. Wilcox" +Date: Sun, 18 Aug 2024 02:50:50 -0500 +Subject: [PATCH 15/34] basic: Define our own basename +Content-Type: text/plain; charset="utf-8" +Content-Transfer-Encoding: 8bit + +This prevents issues where the POSIX basename is not the same as the GNU +basename. I think maybe upstream could be convinced since glibc does +provide the POSIX one as well, but until then, let's do this. + +This cannot be upstreamed. + +Signed-off-by: Alexander Miroshnichenko +--- + src/basic/string-util.h | 2 ++ + 1 file changed, 2 insertions(+) + +diff --git a/src/basic/string-util.h b/src/basic/string-util.h +index ff5efbcf557b..656f5100e202 100644 +--- a/src/basic/string-util.h ++++ b/src/basic/string-util.h +@@ -26,6 +26,8 @@ + #define URI_UNRESERVED ALPHANUMERICAL "-._~" /* [RFC3986] */ + #define URI_VALID URI_RESERVED URI_UNRESERVED /* [RFC3986] */ + ++#define basename(src) (strrchr(src,'/') ? strrchr(src,'/')+1 : src) ++ + static inline char* strstr_ptr(const char *haystack, const char *needle) { + if (!haystack || !needle) + return NULL; +-- +2.41.0 + diff --git a/sys-apps/systemd/files/0016-test-Handle-musl-s-interesting-locale-decisions.patch b/sys-apps/systemd/files/0016-test-Handle-musl-s-interesting-locale-decisions.patch new file mode 100644 index 0000000..1bc380c --- /dev/null +++ b/sys-apps/systemd/files/0016-test-Handle-musl-s-interesting-locale-decisions.patch @@ -0,0 +1,53 @@ +From 61770e8d6c24c01d6a0e35518ba16ec8d4fa8e6a Mon Sep 17 00:00:00 2001 +From: "A. Wilcox" +Date: Sun, 18 Aug 2024 02:53:59 -0500 +Subject: [PATCH 16/34] test: Handle musl's interesting locale decisions +Content-Type: text/plain; charset="utf-8" +Content-Transfer-Encoding: 8bit + +All locales exist! But they don't do anything! + +This cannot be upstreamed. And some day, this should be dropable. + +Signed-off-by: Alexander Miroshnichenko +--- + src/test/test-locale-util.c | 2 +- + src/test/test-parse-util.c | 2 ++ + 2 files changed, 3 insertions(+), 1 deletion(-) + +diff --git a/src/test/test-locale-util.c b/src/test/test-locale-util.c +index ab2d1f5746cf..9c95debcae35 100644 +--- a/src/test/test-locale-util.c ++++ b/src/test/test-locale-util.c +@@ -51,7 +51,7 @@ TEST(locale_is_installed) { + assert_se(locale_is_installed("\x01gar\x02 bage\x03") == 0); + + /* Definitely not installed */ +- assert_se(locale_is_installed("zz_ZZ") == 0); ++ //assert_se(locale_is_installed("zz_ZZ") == 0); + } + + TEST(keymaps) { +diff --git a/src/test/test-parse-util.c b/src/test/test-parse-util.c +index 58d22b6cfeed..3003b891b552 100644 +--- a/src/test/test-parse-util.c ++++ b/src/test/test-parse-util.c +@@ -809,6 +809,7 @@ TEST(safe_atod) { + assert_se(r == -EINVAL); + + /* Check if this really is locale independent */ ++#ifdef __GLIBC__ + if (setlocale(LC_NUMERIC, "de_DE.utf8")) { + + r = safe_atod("0.2244", &d); +@@ -824,6 +825,7 @@ TEST(safe_atod) { + r = safe_atod("", &d); + assert_se(r == -EINVAL); + } ++#endif + + /* And check again, reset */ + assert_se(setlocale(LC_NUMERIC, "C")); +-- +2.41.0 + diff --git a/sys-apps/systemd/files/0017-Port-to-s6-utmps.patch b/sys-apps/systemd/files/0017-Port-to-s6-utmps.patch new file mode 100644 index 0000000..bc1c87e --- /dev/null +++ b/sys-apps/systemd/files/0017-Port-to-s6-utmps.patch @@ -0,0 +1,72 @@ +From 09647d86120432cf9581e340b72a550df3dc2eb7 Mon Sep 17 00:00:00 2001 +From: "A. Wilcox" +Date: Sun, 18 Aug 2024 03:00:43 -0500 +Subject: [PATCH 17/34] Port to s6-utmps +Content-Type: text/plain; charset="utf-8" +Content-Transfer-Encoding: 8bit + +This cannot be upstreamed. + +Signed-off-by: Alexander Miroshnichenko +--- + src/basic/user-util.c | 2 +- + src/shared/utmp-wtmp.h | 2 ++ + src/sysusers/sysusers.c | 2 +- + src/userdb/userdbctl.c | 2 +- + 4 files changed, 5 insertions(+), 3 deletions(-) + +diff --git a/src/basic/user-util.c b/src/basic/user-util.c +index 6bdf5bf1cdc9..42fbabec7892 100644 +--- a/src/basic/user-util.c ++++ b/src/basic/user-util.c +@@ -9,7 +9,7 @@ + #include + #include + #include +-#include ++#include + + #include "sd-messages.h" + +diff --git a/src/shared/utmp-wtmp.h b/src/shared/utmp-wtmp.h +index 2e04fac40472..f8018ddc0141 100644 +--- a/src/shared/utmp-wtmp.h ++++ b/src/shared/utmp-wtmp.h +@@ -8,6 +8,8 @@ + + #if ENABLE_UTMP + #include ++#define _PATH_UTMPX UTMPX_FILE ++#define _PATH_WTMPX WTMPX_FILE + + int utmp_get_runlevel(int *runlevel, int *previous); + +diff --git a/src/sysusers/sysusers.c b/src/sysusers/sysusers.c +index 7758267b17ab..3e2c91bfa323 100644 +--- a/src/sysusers/sysusers.c ++++ b/src/sysusers/sysusers.c +@@ -1,7 +1,7 @@ + /* SPDX-License-Identifier: LGPL-2.1-or-later */ + + #include +-#include ++#include + + #include "alloc-util.h" + #include "build.h" +diff --git a/src/userdb/userdbctl.c b/src/userdb/userdbctl.c +index 1718419407bc..1da975ed7807 100644 +--- a/src/userdb/userdbctl.c ++++ b/src/userdb/userdbctl.c +@@ -1,7 +1,7 @@ + /* SPDX-License-Identifier: LGPL-2.1-or-later */ + + #include +-#include ++#include + + #include "build.h" + #include "dirent-util.h" +-- +2.41.0 + diff --git a/sys-apps/systemd/files/0018-test-Add-definition-for-__cpu_set-type.patch b/sys-apps/systemd/files/0018-test-Add-definition-for-__cpu_set-type.patch new file mode 100644 index 0000000..67f72be --- /dev/null +++ b/sys-apps/systemd/files/0018-test-Add-definition-for-__cpu_set-type.patch @@ -0,0 +1,32 @@ +From 2ac7d5c27b23f082c7e7741fa40875f76747ba6a Mon Sep 17 00:00:00 2001 +From: "A. Wilcox" +Date: Sun, 18 Aug 2024 03:02:43 -0500 +Subject: [PATCH 18/34] test: Add definition for __cpu_set type +Content-Type: text/plain; charset="utf-8" +Content-Transfer-Encoding: 8bit + +glibc defines this type, but musl does not. + +This cannot be upstreamed. + +Signed-off-by: Alexander Miroshnichenko +--- + src/test/test-cpu-set-util.c | 2 ++ + 1 file changed, 2 insertions(+) + +diff --git a/src/test/test-cpu-set-util.c b/src/test/test-cpu-set-util.c +index ccb52c96d4d6..5892b7a5c214 100644 +--- a/src/test/test-cpu-set-util.c ++++ b/src/test/test-cpu-set-util.c +@@ -6,6 +6,8 @@ + #include "tests.h" + #include "macro.h" + ++typedef unsigned long int __cpu_mask; ++ + TEST(parse_cpu_set) { + CPUSet c = {}; + _cleanup_free_ char *str = NULL; +-- +2.41.0 + diff --git a/sys-apps/systemd/files/0019-test-Don-t-assume-unknown-errors-have-their-codes.patch b/sys-apps/systemd/files/0019-test-Don-t-assume-unknown-errors-have-their-codes.patch new file mode 100644 index 0000000..39fe498 --- /dev/null +++ b/sys-apps/systemd/files/0019-test-Don-t-assume-unknown-errors-have-their-codes.patch @@ -0,0 +1,44 @@ +From 1e4e3a0b8024f005919317f51644b98a446a9426 Mon Sep 17 00:00:00 2001 +From: "A. Wilcox" +Date: Sun, 18 Aug 2024 03:03:22 -0500 +Subject: [PATCH 19/34] test: Don't assume unknown errors have their codes +Content-Type: text/plain; charset="utf-8" +Content-Transfer-Encoding: 8bit + +glibc will give "Unknown error 200", but musl just says "No error +information", which makes these tests seem to fail. + +This cannot be upstreamed. + +Signed-off-by: Alexander Miroshnichenko +--- + src/test/test-errno-util.c | 6 +++--- + 1 file changed, 3 insertions(+), 3 deletions(-) + +diff --git a/src/test/test-errno-util.c b/src/test/test-errno-util.c +index ab463bd1b394..eafa3624b80e 100644 +--- a/src/test/test-errno-util.c ++++ b/src/test/test-errno-util.c +@@ -27,8 +27,8 @@ TEST(STRERROR) { + log_info("STRERROR(%d), STRERROR(%d) → %s, %s", 200, 201, STRERROR(200), STRERROR(201)); + + const char *a = STRERROR(200), *b = STRERROR(201); +- assert_se(strstr(a, "200")); +- assert_se(strstr(b, "201")); ++ /*assert_se(strstr(a, "200")); ++ assert_se(strstr(b, "201"));*/ + + /* Check with negative values */ + ASSERT_STREQ(a, STRERROR(-200)); +@@ -38,7 +38,7 @@ TEST(STRERROR) { + char buf[DECIMAL_STR_MAX(int)]; + xsprintf(buf, "%d", INT_MAX); /* INT_MAX is hexadecimal, use printf to convert to decimal */ + log_info("STRERROR(%d) → %s", INT_MAX, c); +- assert_se(strstr(c, buf)); ++ //assert_se(strstr(c, buf)); + } + + TEST(STRERROR_OR_ELSE) { +-- +2.41.0 + diff --git a/sys-apps/systemd/files/0020-test-time-util-Use-whole-fractions-no-4-digit-TZ.patch b/sys-apps/systemd/files/0020-test-time-util-Use-whole-fractions-no-4-digit-TZ.patch new file mode 100644 index 0000000..41f1d76 --- /dev/null +++ b/sys-apps/systemd/files/0020-test-time-util-Use-whole-fractions-no-4-digit-TZ.patch @@ -0,0 +1,126 @@ +From b4439d419462902b19cfc72777e476d66a3a878b Mon Sep 17 00:00:00 2001 +From: "A. Wilcox" +Date: Sun, 18 Aug 2024 03:04:53 -0500 +Subject: [PATCH 20/34] test-time-util: Use whole fractions, no 4 digit TZ +Content-Type: text/plain; charset="utf-8" +Content-Transfer-Encoding: 8bit + +Both of these things are unsupported by musl strptime. + +This cannot be upstreamed. + +Signed-off-by: Alexander Miroshnichenko +--- + src/test/test-time-util.c | 34 +++++++++++++++++----------------- + 1 file changed, 17 insertions(+), 17 deletions(-) + +diff --git a/src/test/test-time-util.c b/src/test/test-time-util.c +index 9943923be30a..bd3292698a0b 100644 +--- a/src/test/test-time-util.c ++++ b/src/test/test-time-util.c +@@ -25,13 +25,13 @@ TEST(parse_sec) { + assert_se(u == 5 * USEC_PER_SEC + 500 * USEC_PER_MSEC); + assert_se(parse_sec(" 5.5s 0.5ms ", &u) >= 0); + assert_se(u == 5 * USEC_PER_SEC + 500 * USEC_PER_MSEC + 500); +- assert_se(parse_sec(" .22s ", &u) >= 0); ++ assert_se(parse_sec(" 0.22s ", &u) >= 0); + assert_se(u == 220 * USEC_PER_MSEC); +- assert_se(parse_sec(" .50y ", &u) >= 0); ++ assert_se(parse_sec(" 0.50y ", &u) >= 0); + assert_se(u == USEC_PER_YEAR / 2); + assert_se(parse_sec("2.5", &u) >= 0); + assert_se(u == 2500 * USEC_PER_MSEC); +- assert_se(parse_sec(".7", &u) >= 0); ++ assert_se(parse_sec("0.7", &u) >= 0); + assert_se(u == 700 * USEC_PER_MSEC); + assert_se(parse_sec("23us", &u) >= 0); + assert_se(u == 23); +@@ -45,11 +45,11 @@ TEST(parse_sec) { + assert_se(u == USEC_INFINITY); + assert_se(parse_sec("+3.1s", &u) >= 0); + assert_se(u == 3100 * USEC_PER_MSEC); +- assert_se(parse_sec("3.1s.2", &u) >= 0); ++ assert_se(parse_sec("3.1s0.2", &u) >= 0); + assert_se(u == 3300 * USEC_PER_MSEC); +- assert_se(parse_sec("3.1 .2", &u) >= 0); ++ assert_se(parse_sec("3.1 0.2", &u) >= 0); + assert_se(u == 3300 * USEC_PER_MSEC); +- assert_se(parse_sec("3.1 sec .2 sec", &u) >= 0); ++ assert_se(parse_sec("3.1 sec 0.2 sec", &u) >= 0); + assert_se(u == 3300 * USEC_PER_MSEC); + assert_se(parse_sec("3.1 sec 1.2 sec", &u) >= 0); + assert_se(u == 4300 * USEC_PER_MSEC); +@@ -145,13 +145,13 @@ TEST(parse_nsec) { + assert_se(u == 5 * NSEC_PER_SEC + 500 * NSEC_PER_MSEC); + assert_se(parse_nsec(" 5.5s 0.5ms ", &u) >= 0); + assert_se(u == 5 * NSEC_PER_SEC + 500 * NSEC_PER_MSEC + 500 * NSEC_PER_USEC); +- assert_se(parse_nsec(" .22s ", &u) >= 0); ++ assert_se(parse_nsec(" 0.22s ", &u) >= 0); + assert_se(u == 220 * NSEC_PER_MSEC); +- assert_se(parse_nsec(" .50y ", &u) >= 0); ++ assert_se(parse_nsec(" 0.50y ", &u) >= 0); + assert_se(u == NSEC_PER_YEAR / 2); + assert_se(parse_nsec("2.5", &u) >= 0); + assert_se(u == 2); +- assert_se(parse_nsec(".7", &u) >= 0); ++ assert_se(parse_nsec("0.7", &u) >= 0); + assert_se(u == 0); + assert_se(parse_nsec("infinity", &u) >= 0); + assert_se(u == NSEC_INFINITY); +@@ -159,11 +159,11 @@ TEST(parse_nsec) { + assert_se(u == NSEC_INFINITY); + assert_se(parse_nsec("+3.1s", &u) >= 0); + assert_se(u == 3100 * NSEC_PER_MSEC); +- assert_se(parse_nsec("3.1s.2", &u) >= 0); ++ assert_se(parse_nsec("3.1s0.2", &u) >= 0); + assert_se(u == 3100 * NSEC_PER_MSEC); +- assert_se(parse_nsec("3.1 .2s", &u) >= 0); ++ assert_se(parse_nsec("3.1 0.2s", &u) >= 0); + assert_se(u == 200 * NSEC_PER_MSEC + 3); +- assert_se(parse_nsec("3.1 sec .2 sec", &u) >= 0); ++ assert_se(parse_nsec("3.1 sec 0.2 sec", &u) >= 0); + assert_se(u == 3300 * NSEC_PER_MSEC); + assert_se(parse_nsec("3.1 sec 1.2 sec", &u) >= 0); + assert_se(u == 4300 * NSEC_PER_MSEC); +@@ -734,9 +734,9 @@ static void test_parse_timestamp_impl(const char *tz) { + assert_se(parse_timestamp("today UTC", &today) == 0); + assert_se(parse_timestamp("todayZ", &today2) == 0); + assert_se(today == today2); +- assert_se(parse_timestamp("today +0200", &today) == 0); ++ //assert_se(parse_timestamp("today +0200", &today) == 0); + assert_se(parse_timestamp("today+02:00", &today2) == 0); +- assert_se(today == today2); ++ //assert_se(today == today2); + + /* https://ijmacd.github.io/rfc3339-iso8601/ */ + test_parse_timestamp_one("2023-09-06 12:49:27-00:00", 0, 1694004567 * USEC_PER_SEC + 000000); +@@ -879,7 +879,7 @@ static void test_parse_timestamp_impl(const char *tz) { + test_parse_timestamp_one("69-12-31 18:00:01.0010 -06", 0, USEC_PER_SEC + 1000); + + /* -0600 */ +- test_parse_timestamp_one("Wed 1969-12-31 18:01 -0600", 0, USEC_PER_MINUTE); ++ /*test_parse_timestamp_one("Wed 1969-12-31 18:01 -0600", 0, USEC_PER_MINUTE); + test_parse_timestamp_one("Wed 1969-12-31 18:00:01 -0600", 0, USEC_PER_SEC); + test_parse_timestamp_one("Wed 1969-12-31 18:00:01.001 -0600", 0, USEC_PER_SEC + 1000); + test_parse_timestamp_one("Wed 1969-12-31 18:00:01.0010 -0600", 0, USEC_PER_SEC + 1000); +@@ -897,7 +897,7 @@ static void test_parse_timestamp_impl(const char *tz) { + test_parse_timestamp_one("69-12-31 18:01 -0600", 0, USEC_PER_MINUTE); + test_parse_timestamp_one("69-12-31 18:00:01 -0600", 0, USEC_PER_SEC); + test_parse_timestamp_one("69-12-31 18:00:01.001 -0600", 0, USEC_PER_SEC + 1000); +- test_parse_timestamp_one("69-12-31 18:00:01.0010 -0600", 0, USEC_PER_SEC + 1000); ++ test_parse_timestamp_one("69-12-31 18:00:01.0010 -0600", 0, USEC_PER_SEC + 1000);*/ + + /* -06:00 */ + test_parse_timestamp_one("Wed 1969-12-31 18:01 -06:00", 0, USEC_PER_MINUTE); +@@ -1063,7 +1063,7 @@ TEST(in_utc_timezone) { + assert_se(setenv("TZ", ":UTC", 1) >= 0); + assert_se(in_utc_timezone()); + ASSERT_STREQ(tzname[0], "UTC"); +- ASSERT_STREQ(tzname[1], "UTC"); ++ //ASSERT_STREQ(tzname[1], "UTC"); + assert_se(timezone == 0); + assert_se(daylight == 0); + +-- +2.41.0 + diff --git a/sys-apps/systemd/files/0021-Don-t-use-malloc_trim-or-malloc_info.patch b/sys-apps/systemd/files/0021-Don-t-use-malloc_trim-or-malloc_info.patch new file mode 100644 index 0000000..d4dda7f --- /dev/null +++ b/sys-apps/systemd/files/0021-Don-t-use-malloc_trim-or-malloc_info.patch @@ -0,0 +1,74 @@ +From aa166c09ba2b70fa093a6ca1d2995e461b16a4c0 Mon Sep 17 00:00:00 2001 +From: "A. Wilcox" +Date: Sun, 18 Aug 2024 03:08:13 -0500 +Subject: [PATCH 21/34] Don't use malloc_trim or malloc_info +Content-Type: text/plain; charset="utf-8" +Content-Transfer-Encoding: 8bit + +The musl allocator does not define these functions. + +This probably cannot be upstreamed. + +Signed-off-by: Alexander Miroshnichenko +--- + src/libsystemd/sd-event/sd-event.c | 2 +- + src/shared/bus-util.c | 4 +++- + src/shared/common-signal.c | 2 ++ + 3 files changed, 6 insertions(+), 2 deletions(-) + +diff --git a/src/libsystemd/sd-event/sd-event.c b/src/libsystemd/sd-event/sd-event.c +index 73a95e7fa135..c62dc07165ab 100644 +--- a/src/libsystemd/sd-event/sd-event.c ++++ b/src/libsystemd/sd-event/sd-event.c +@@ -1891,7 +1891,7 @@ _public_ int sd_event_trim_memory(void) { + + usec_t before_timestamp = now(CLOCK_MONOTONIC); + hashmap_trim_pools(); +- r = malloc_trim(0); ++ r = 0; + usec_t after_timestamp = now(CLOCK_MONOTONIC); + + if (r > 0) +diff --git a/src/shared/bus-util.c b/src/shared/bus-util.c +index 30f9602b1edb..b1a8da36612b 100644 +--- a/src/shared/bus-util.c ++++ b/src/shared/bus-util.c +@@ -755,7 +755,7 @@ static int method_dump_memory_state_by_fd(sd_bus_message *message, void *userdat + _cleanup_close_ int fd = -EBADF; + size_t dump_size; + FILE *f; +- int r; ++ int r = 0; + + assert(message); + +@@ -763,7 +763,9 @@ static int method_dump_memory_state_by_fd(sd_bus_message *message, void *userdat + if (!f) + return -ENOMEM; + ++#ifdef __GLIBC__ + r = RET_NERRNO(malloc_info(/* options= */ 0, f)); ++#endif + if (r < 0) + return r; + +diff --git a/src/shared/common-signal.c b/src/shared/common-signal.c +index 8e70e365dd69..bb68fc56b664 100644 +--- a/src/shared/common-signal.c ++++ b/src/shared/common-signal.c +@@ -66,10 +66,12 @@ int sigrtmin18_handler(sd_event_source *s, const struct signalfd_siginfo *si, vo + break; + } + ++#ifdef __GLIBC__ + if (malloc_info(0, f) < 0) { + log_error_errno(errno, "Failed to invoke malloc_info(): %m"); + break; + } ++#endif + + (void) memstream_dump(LOG_INFO, &m); + break; +-- +2.41.0 + diff --git a/sys-apps/systemd/files/0022-Port-to-musl-strptime.patch b/sys-apps/systemd/files/0022-Port-to-musl-strptime.patch new file mode 100644 index 0000000..41a5bc4 --- /dev/null +++ b/sys-apps/systemd/files/0022-Port-to-musl-strptime.patch @@ -0,0 +1,90 @@ +From 3c9ab22f9323726710b931ed478e6d5dd81dca2e Mon Sep 17 00:00:00 2001 +From: "A. Wilcox" +Date: Sun, 18 Aug 2024 03:09:47 -0500 +Subject: [PATCH 22/34] Port to musl strptime +Content-Type: text/plain; charset="utf-8" +Content-Transfer-Encoding: 8bit + +This cannot be upstreamed. + +Signed-off-by: Alexander Miroshnichenko +--- + src/basic/time-util.c | 25 ++++++++++++++++++++----- + src/import/curl-util.c | 6 +++--- + 2 files changed, 23 insertions(+), 8 deletions(-) + +diff --git a/src/basic/time-util.c b/src/basic/time-util.c +index b94f37c31c31..1200833a88c5 100644 +--- a/src/basic/time-util.c ++++ b/src/basic/time-util.c +@@ -915,6 +915,7 @@ parse_usec: + from_tm: + assert(plus == 0); + assert(minus == 0); ++ tm.tm_wday = weekday; + + if (weekday >= 0 && tm.tm_wday != weekday) + return -EINVAL; +@@ -1003,9 +1004,12 @@ int parse_timestamp(const char *t, usec_t *ret) { + return parse_timestamp_impl(t, t_len - 1, /* utc = */ true, /* isdst = */ -1, /* gmtoff = */ 0, ret); + + if (t_len > 7 && IN_SET(t[t_len - 6], '+', '-') && t[t_len - 7] != ' ') { /* RFC3339-style welded offset: "1990-12-31T15:59:60-08:00" */ +- k = strptime(&t[t_len - 6], "%z", &tm); +- if (k && *k == '\0') ++ k = strptime(&t[t_len - 5], "%R", &tm); ++ if (k && *k == '\0') { ++ tm.tm_gmtoff = ((tm.tm_hour * 60) + tm.tm_min) * 60; ++ if (t[t_len - 6] == '-') tm.tm_gmtoff *= -1; + return parse_timestamp_impl(t, t_len - 6, /* utc = */ true, /* isdst = */ -1, /* gmtoff = */ tm.tm_gmtoff, ret); ++ } + } + + tz = strrchr(t, ' '); +@@ -1022,9 +1026,20 @@ int parse_timestamp(const char *t, usec_t *ret) { + /* If the timezone is compatible with RFC-822/ISO 8601 (e.g. +06, or -03:00) then parse the string as + * UTC and shift the result. Note, this must be earlier than the timezone check with tzname[], as + * tzname[] may be in the same format. */ +- k = strptime(tz, "%z", &tm); +- if (k && *k == '\0') +- return parse_timestamp_impl(t, max_len, /* utc = */ true, /* isdst = */ -1, /* gmtoff = */ tm.tm_gmtoff, ret); ++ if (*tz == '+' || *tz == '-') { ++ k = strptime(tz+1, "%R", &tm); ++ if (k && *k == '\0') { ++ tm.tm_gmtoff = ((tm.tm_hour * 60) + tm.tm_min) * 60; ++ if (*tz == '-') tm.tm_gmtoff *= -1; ++ return parse_timestamp_impl(t, max_len, /* utc = */ true, /* isdst = */ -1, /* gmtoff = */ tm.tm_gmtoff, ret); ++ } ++ k = strptime(tz+1, "%H", &tm); ++ if (k && *k == '\0') { ++ tm.tm_gmtoff = tm.tm_hour * 3600; ++ if (*tz == '-') tm.tm_gmtoff *= -1; ++ return parse_timestamp_impl(t, max_len, /* utc = */ true, /* isdst = */ -1, /* gmtoff = */ tm.tm_gmtoff, ret); ++ } ++ } + + /* If the last word is not a timezone file (e.g. Asia/Tokyo), then let's check if it matches + * tzname[] of the local timezone, e.g. JST or CEST. */ +diff --git a/src/import/curl-util.c b/src/import/curl-util.c +index 1628f833a970..4a3003b3e848 100644 +--- a/src/import/curl-util.c ++++ b/src/import/curl-util.c +@@ -396,13 +396,13 @@ int curl_parse_http_time(const char *t, usec_t *ret) { + return -errno; + + /* RFC822 */ +- e = strptime_l(t, "%a, %d %b %Y %H:%M:%S %Z", &tm, loc); ++ e = strptime(t, "%a, %d %b %Y %H:%M:%S %Z", &tm); + if (!e || *e != 0) + /* RFC 850 */ +- e = strptime_l(t, "%A, %d-%b-%y %H:%M:%S %Z", &tm, loc); ++ e = strptime(t, "%A, %d-%b-%y %H:%M:%S %Z", &tm); + if (!e || *e != 0) + /* ANSI C */ +- e = strptime_l(t, "%a %b %d %H:%M:%S %Y", &tm, loc); ++ e = strptime(t, "%a %b %d %H:%M:%S %Y", &tm); + if (!e || *e != 0) + return -EINVAL; + +-- +2.41.0 + diff --git a/sys-apps/systemd/files/0023-shared-Conditionalise-sgrp-on-ENABLE_GSHADOW.patch b/sys-apps/systemd/files/0023-shared-Conditionalise-sgrp-on-ENABLE_GSHADOW.patch new file mode 100644 index 0000000..b944465 --- /dev/null +++ b/sys-apps/systemd/files/0023-shared-Conditionalise-sgrp-on-ENABLE_GSHADOW.patch @@ -0,0 +1,193 @@ +From 763fe64a51caa25c51a9d68d8e3943b519edf5cb Mon Sep 17 00:00:00 2001 +From: "A. Wilcox" +Date: Sun, 18 Aug 2024 03:11:15 -0500 +Subject: [PATCH 23/34] shared: Conditionalise sgrp on ENABLE_GSHADOW +Content-Type: text/plain; charset="utf-8" +Content-Transfer-Encoding: 8bit + +Signed-off-by: A. Wilcox +Signed-off-by: Alexander Miroshnichenko +--- + src/shared/user-record-nss.c | 25 ++++++++++++++++++++++++- + src/shared/user-record-nss.h | 6 +++++- + src/shared/userdb.c | 6 ++++++ + 3 files changed, 35 insertions(+), 2 deletions(-) + +diff --git a/src/shared/user-record-nss.c b/src/shared/user-record-nss.c +index ffb572146628..3e2f61473a6a 100644 +--- a/src/shared/user-record-nss.c ++++ b/src/shared/user-record-nss.c +@@ -275,9 +275,12 @@ int nss_user_record_by_uid( + + int nss_group_to_group_record( + const struct group *grp, +- const struct sgrp *sgrp, ++ void *_sgrp, + GroupRecord **ret) { + ++#if ENABLE_GSHADOW ++ struct sgrp *sgrp = (struct sgrp *)_sgrp; ++#endif + _cleanup_(group_record_unrefp) GroupRecord *g = NULL; + int r; + +@@ -286,8 +289,10 @@ int nss_group_to_group_record( + if (isempty(grp->gr_name)) + return -EINVAL; + ++#if ENABLE_GSHADOW + if (sgrp && !streq_ptr(sgrp->sg_namp, grp->gr_name)) + return -EINVAL; ++#endif + + g = group_record_new(); + if (!g) +@@ -303,6 +308,7 @@ int nss_group_to_group_record( + + g->gid = grp->gr_gid; + ++#if ENABLE_GSHADOW + if (sgrp) { + if (looks_like_hashed_password(utf8_only(sgrp->sg_passwd))) { + g->hashed_password = strv_new(sgrp->sg_passwd); +@@ -318,6 +324,7 @@ int nss_group_to_group_record( + if (r < 0) + return r; + } ++#endif + + r = json_build(&g->json, JSON_BUILD_OBJECT( + JSON_BUILD_PAIR("groupName", JSON_BUILD_STRING(g->group_name)), +@@ -336,6 +343,7 @@ int nss_group_to_group_record( + return 0; + } + ++#if ENABLE_GSHADOW + int nss_sgrp_for_group(const struct group *grp, struct sgrp *ret_sgrp, char **ret_buffer) { + size_t buflen = 4096; + int r; +@@ -373,6 +381,7 @@ int nss_sgrp_for_group(const struct group *grp, struct sgrp *ret_sgrp, char **re + buf = mfree(buf); + } + } ++#endif + + int nss_group_record_by_name( + const char *name, +@@ -382,7 +391,9 @@ int nss_group_record_by_name( + _cleanup_free_ char *sbuf = NULL; + _cleanup_free_ struct group *result = NULL; + bool incomplete = false; ++#if ENABLE_GSHADOW + struct sgrp sgrp, *sresult = NULL; ++#endif + int r; + + assert(name); +@@ -391,6 +402,7 @@ int nss_group_record_by_name( + if (r < 0) + return r; + ++#if ENABLE_GSHADOW + if (with_shadow) { + r = nss_sgrp_for_group(result, &sgrp, &sbuf); + if (r < 0) { +@@ -402,6 +414,10 @@ int nss_group_record_by_name( + incomplete = true; + + r = nss_group_to_group_record(result, sresult, ret); ++#else ++ incomplete = true; ++ r = nss_group_to_group_record(result, NULL, ret); ++#endif + if (r < 0) + return r; + +@@ -418,13 +434,16 @@ int nss_group_record_by_gid( + _cleanup_free_ char *sbuf = NULL; + _cleanup_free_ struct group *result = NULL; + bool incomplete = false; ++#if ENABLE_GSHADOW + struct sgrp sgrp, *sresult = NULL; ++#endif + int r; + + r = getgrgid_malloc(gid, &result); + if (r < 0) + return r; + ++#if ENABLE_GSHADOW + if (with_shadow) { + r = nss_sgrp_for_group(result, &sgrp, &sbuf); + if (r < 0) { +@@ -436,6 +455,10 @@ int nss_group_record_by_gid( + incomplete = true; + + r = nss_group_to_group_record(result, sresult, ret); ++#else ++ incomplete = true; ++ r = nss_group_to_group_record(result, NULL, ret); ++#endif + if (r < 0) + return r; + +diff --git a/src/shared/user-record-nss.h b/src/shared/user-record-nss.h +index 22ab04d6eec3..5677a119f6d0 100644 +--- a/src/shared/user-record-nss.h ++++ b/src/shared/user-record-nss.h +@@ -2,7 +2,9 @@ + #pragma once + + #include ++#if ENABLE_GSHADOW + #include ++#endif + #include + #include + +@@ -17,8 +19,10 @@ int nss_spwd_for_passwd(const struct passwd *pwd, struct spwd *ret_spwd, char ** + int nss_user_record_by_name(const char *name, bool with_shadow, UserRecord **ret); + int nss_user_record_by_uid(uid_t uid, bool with_shadow, UserRecord **ret); + +-int nss_group_to_group_record(const struct group *grp, const struct sgrp *sgrp, GroupRecord **ret); ++int nss_group_to_group_record(const struct group *grp, void *sgrp, GroupRecord **ret); ++#if ENABLE_GSHADOW + int nss_sgrp_for_group(const struct group *grp, struct sgrp *ret_sgrp, char **ret_buffer); ++#endif + + int nss_group_record_by_name(const char *name, bool with_shadow, GroupRecord **ret); + int nss_group_record_by_gid(gid_t gid, bool with_shadow, GroupRecord **ret); +diff --git a/src/shared/userdb.c b/src/shared/userdb.c +index 353388125f79..002f35c79fc4 100644 +--- a/src/shared/userdb.c ++++ b/src/shared/userdb.c +@@ -1038,13 +1038,16 @@ int groupdb_iterator_get(UserDBIterator *iterator, GroupRecord **ret) { + if (gr) { + _cleanup_free_ char *buffer = NULL; + bool incomplete = false; ++#if ENABLE_GSHADOW + struct sgrp sgrp; ++#endif + + if (streq_ptr(gr->gr_name, "root")) + iterator->synthesize_root = false; + if (gr->gr_gid == GID_NOBODY) + iterator->synthesize_nobody = false; + ++#if ENABLE_GSHADOW + if (!FLAGS_SET(iterator->flags, USERDB_SUPPRESS_SHADOW)) { + r = nss_sgrp_for_group(gr, &sgrp, &buffer); + if (r < 0) { +@@ -1057,6 +1060,9 @@ int groupdb_iterator_get(UserDBIterator *iterator, GroupRecord **ret) { + } + + r = nss_group_to_group_record(gr, r >= 0 ? &sgrp : NULL, ret); ++#else ++ r = nss_group_to_group_record(gr, NULL, ret); ++#endif + if (r < 0) + return r; + +-- +2.41.0 + diff --git a/sys-apps/systemd/files/0024-basic-Use-sys-prctl.h-vs-linux-prctl.h.patch b/sys-apps/systemd/files/0024-basic-Use-sys-prctl.h-vs-linux-prctl.h.patch new file mode 100644 index 0000000..897e3a4 --- /dev/null +++ b/sys-apps/systemd/files/0024-basic-Use-sys-prctl.h-vs-linux-prctl.h.patch @@ -0,0 +1,29 @@ +From 698acf92b1ce0c182318c02a87b0f874e5e79b2f Mon Sep 17 00:00:00 2001 +From: "A. Wilcox" +Date: Sun, 18 Aug 2024 03:12:10 -0500 +Subject: [PATCH 24/34] basic: Use vs +Content-Type: text/plain; charset="utf-8" +Content-Transfer-Encoding: 8bit + +Signed-off-by: A. Wilcox +Signed-off-by: Alexander Miroshnichenko +--- + src/basic/missing_prctl.h | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/src/basic/missing_prctl.h b/src/basic/missing_prctl.h +index 2c9f9f6c50ff..ed065828d1ae 100644 +--- a/src/basic/missing_prctl.h ++++ b/src/basic/missing_prctl.h +@@ -1,7 +1,7 @@ + /* SPDX-License-Identifier: LGPL-2.1-or-later */ + #pragma once + +-#include ++#include + + #include "macro.h" + +-- +2.41.0 + diff --git a/sys-apps/systemd/files/0025-man-Ensure-notify-example-includes-string.h.patch b/sys-apps/systemd/files/0025-man-Ensure-notify-example-includes-string.h.patch new file mode 100644 index 0000000..7a2106a --- /dev/null +++ b/sys-apps/systemd/files/0025-man-Ensure-notify-example-includes-string.h.patch @@ -0,0 +1,31 @@ +From 0bd6d30dc195911d525877b42f4821355f2f25e4 Mon Sep 17 00:00:00 2001 +From: "A. Wilcox" +Date: Sun, 18 Aug 2024 03:12:46 -0500 +Subject: [PATCH 25/34] man: Ensure notify example includes +Content-Type: text/plain; charset="utf-8" +Content-Transfer-Encoding: 8bit + +This ensures that memcpy and strerror are defined. This is especially +important as GCC 14 makes implicit function declarations an error. + +Signed-off-by: A. Wilcox +Signed-off-by: Alexander Miroshnichenko +--- + man/notify-selfcontained-example.c | 1 + + 1 file changed, 1 insertion(+) + +diff --git a/man/notify-selfcontained-example.c b/man/notify-selfcontained-example.c +index 6bbe4f2e3bad..3498d508430d 100644 +--- a/man/notify-selfcontained-example.c ++++ b/man/notify-selfcontained-example.c +@@ -15,6 +15,7 @@ + #include + #include + #include ++#include + #include + #include + #include +-- +2.41.0 + diff --git a/sys-apps/systemd/files/0026-basic-Add-needed-signal.h-to-pidref.h.patch b/sys-apps/systemd/files/0026-basic-Add-needed-signal.h-to-pidref.h.patch new file mode 100644 index 0000000..42ea3c3 --- /dev/null +++ b/sys-apps/systemd/files/0026-basic-Add-needed-signal.h-to-pidref.h.patch @@ -0,0 +1,28 @@ +From c4425b22e47569dd79b611b641de9e1b1a3630b8 Mon Sep 17 00:00:00 2001 +From: "A. Wilcox" +Date: Sun, 18 Aug 2024 03:14:44 -0500 +Subject: [PATCH 26/34] basic: Add needed to pidref.h +Content-Type: text/plain; charset="utf-8" +Content-Transfer-Encoding: 8bit + +Signed-off-by: A. Wilcox +Signed-off-by: Alexander Miroshnichenko +--- + src/basic/pidref.h | 1 + + 1 file changed, 1 insertion(+) + +diff --git a/src/basic/pidref.h b/src/basic/pidref.h +index 9920ebb9b3bc..2fdd4ff50f8f 100644 +--- a/src/basic/pidref.h ++++ b/src/basic/pidref.h +@@ -1,6 +1,7 @@ + /* SPDX-License-Identifier: LGPL-2.1-or-later */ + #pragma once + ++#include + #include "macro.h" + + /* An embeddable structure carrying a reference to a process. Supposed to be used when tracking processes continuously. */ +-- +2.41.0 + diff --git a/sys-apps/systemd/files/0027-Add-sys-file.h-include-for-LOCK_-definitions.patch b/sys-apps/systemd/files/0027-Add-sys-file.h-include-for-LOCK_-definitions.patch new file mode 100644 index 0000000..df3d5a6 --- /dev/null +++ b/sys-apps/systemd/files/0027-Add-sys-file.h-include-for-LOCK_-definitions.patch @@ -0,0 +1,28 @@ +From a26ff0a3fb7f8dce6554d0a24cb69263c3551d47 Mon Sep 17 00:00:00 2001 +From: "A. Wilcox" +Date: Sun, 18 Aug 2024 03:15:39 -0500 +Subject: [PATCH 27/34] Add include for LOCK_* definitions +Content-Type: text/plain; charset="utf-8" +Content-Transfer-Encoding: 8bit + +Signed-off-by: A. Wilcox +Signed-off-by: Alexander Miroshnichenko +--- + src/basic/lock-util.h | 1 + + 1 file changed, 1 insertion(+) + +diff --git a/src/basic/lock-util.h b/src/basic/lock-util.h +index 8fb4757968c0..f925d971ebe8 100644 +--- a/src/basic/lock-util.h ++++ b/src/basic/lock-util.h +@@ -2,6 +2,7 @@ + #pragma once + + #include ++#include + + typedef struct LockFile { + int dir_fd; +-- +2.41.0 + diff --git a/sys-apps/systemd/files/0028-basic-Handle-NIS-compat-entries-ourselves.patch b/sys-apps/systemd/files/0028-basic-Handle-NIS-compat-entries-ourselves.patch new file mode 100644 index 0000000..149830e --- /dev/null +++ b/sys-apps/systemd/files/0028-basic-Handle-NIS-compat-entries-ourselves.patch @@ -0,0 +1,55 @@ +From cbd2cc7bbdbdb336a5443ddbc3d805cd8e9e962c Mon Sep 17 00:00:00 2001 +From: "A. Wilcox" +Date: Sun, 18 Aug 2024 03:16:18 -0500 +Subject: [PATCH 28/34] basic: Handle NIS compat entries ourselves +Content-Type: text/plain; charset="utf-8" +Content-Transfer-Encoding: 8bit + +This is needed on musl, which will otherwise mangle them. + +This cannot be upstreamed. + +Signed-off-by: Alexander Miroshnichenko +--- + src/basic/user-util.c | 18 ++++++++++++++++++ + 1 file changed, 18 insertions(+) + +diff --git a/src/basic/user-util.c b/src/basic/user-util.c +index 42fbabec7892..c08669691800 100644 +--- a/src/basic/user-util.c ++++ b/src/basic/user-util.c +@@ -930,6 +930,11 @@ int putpwent_sane(const struct passwd *pw, FILE *stream) { + assert(stream); + + errno = 0; ++ if (IN_SET(pw->pw_name[0], '+', '-')) { ++ if (fprintf(stream, "%s:%s:::%s:%s:%s\n", ++ pw->pw_name, pw->pw_passwd, pw->pw_gecos, pw->pw_dir, pw->pw_shell) >= 0) return 0; ++ return errno_or_else(EIO); ++ } + if (putpwent(pw, stream) != 0) + return errno_or_else(EIO); + +@@ -952,6 +957,19 @@ int putgrent_sane(const struct group *gr, FILE *stream) { + assert(stream); + + errno = 0; ++ if (IN_SET(gr->gr_name[0], '+', '-')) { ++ int r = fprintf(stream, "%s:%s::", ++ gr->gr_name, gr->gr_passwd); ++ if (r < 0) return errno_or_else(EIO); ++ if (gr->gr_mem) { ++ for (size_t i = 0; gr->gr_mem[i] && r >= 0; i++) { ++ r = fprintf(stream, "%s%s", i?",":"", gr->gr_mem[i]); ++ } ++ if (r < 0) return errno_or_else(EIO); ++ } ++ if (fputc('\n', stream) >= 0) return 0; ++ return errno_or_else(EIO); ++ } + if (putgrent(gr, stream) != 0) + return errno_or_else(EIO); + +-- +2.41.0 + diff --git a/sys-apps/systemd/files/0029-edit-util-Don-t-clobber-reserved-identifier-stdin.patch b/sys-apps/systemd/files/0029-edit-util-Don-t-clobber-reserved-identifier-stdin.patch new file mode 100644 index 0000000..e1138d8 --- /dev/null +++ b/sys-apps/systemd/files/0029-edit-util-Don-t-clobber-reserved-identifier-stdin.patch @@ -0,0 +1,87 @@ +From 8b6e1c92f19163707789698860070738c607c2e8 Mon Sep 17 00:00:00 2001 +From: "A. Wilcox" +Date: Sun, 18 Aug 2024 03:17:18 -0500 +Subject: [PATCH 29/34] edit-util: Don't clobber reserved identifier stdin +Content-Type: text/plain; charset="utf-8" +Content-Transfer-Encoding: 8bit + +It may be #define'd instead of a global variable, which breaks using it +as an identifier for ourselves. + +Signed-off-by: A. Wilcox +Signed-off-by: Alexander Miroshnichenko +--- + src/shared/edit-util.c | 8 ++++---- + src/shared/edit-util.h | 2 +- + src/systemctl/systemctl-edit.c | 2 +- + 3 files changed, 6 insertions(+), 6 deletions(-) + +diff --git a/src/shared/edit-util.c b/src/shared/edit-util.c +index b0496032f7b8..412aeb219607 100644 +--- a/src/shared/edit-util.c ++++ b/src/shared/edit-util.c +@@ -212,7 +212,7 @@ static int create_edit_temp_file(EditFile *e, const char *contents, size_t conte + if (fchmod(fileno(f), 0644) < 0) + return log_error_errno(errno, "Failed to change mode of temporary file '%s': %m", temp); + +- if (e->context->stdin) { ++ if (e->context->_stdin) { + if (fwrite(contents, 1, contents_size, f) != contents_size) + return log_error_errno(SYNTHETIC_ERRNO(EIO), + "Failed to copy input to temporary file '%s'.", temp); +@@ -326,7 +326,7 @@ static int strip_edit_temp_file(EditFile *e) { + if (!tmp) + return log_oom(); + +- if (e->context->marker_start && !e->context->stdin) { ++ if (e->context->marker_start && !e->context->_stdin) { + /* Trim out the lines between the two markers */ + char *contents_start, *contents_end; + +@@ -374,7 +374,7 @@ int do_edit_files_and_install(EditFileContext *context) { + if (context->n_files == 0) + return log_debug_errno(SYNTHETIC_ERRNO(ENOENT), "Got no files to edit."); + +- if (context->stdin) { ++ if (context->_stdin) { + r = read_full_stream(stdin, &data, &data_size); + if (r < 0) + return log_error_errno(r, "Failed to read stdin: %m"); +@@ -386,7 +386,7 @@ int do_edit_files_and_install(EditFileContext *context) { + return r; + } + +- if (!context->stdin) { ++ if (!context->_stdin) { + r = run_editor(context); + if (r < 0) + return r; +diff --git a/src/shared/edit-util.h b/src/shared/edit-util.h +index 9d9c890f2a97..70b9bff2dd98 100644 +--- a/src/shared/edit-util.h ++++ b/src/shared/edit-util.h +@@ -15,7 +15,7 @@ typedef struct EditFileContext { + const char *marker_end; + bool remove_parent; + bool overwrite_with_origin; /* Always overwrite target with original file. */ +- bool stdin; /* Read contents from stdin instead of launching an editor. */ ++ bool _stdin; /* Read contents from stdin instead of launching an editor. */ + } EditFileContext; + + void edit_file_context_done(EditFileContext *context); +diff --git a/src/systemctl/systemctl-edit.c b/src/systemctl/systemctl-edit.c +index 15398f83646e..ae08d65b0f12 100644 +--- a/src/systemctl/systemctl-edit.c ++++ b/src/systemctl/systemctl-edit.c +@@ -316,7 +316,7 @@ int verb_edit(int argc, char *argv[], void *userdata) { + .marker_end = DROPIN_MARKER_END, + .remove_parent = !arg_full, + .overwrite_with_origin = true, +- .stdin = arg_stdin, ++ ._stdin = arg_stdin, + }; + _cleanup_strv_free_ char **names = NULL; + sd_bus *bus; +-- +2.41.0 + diff --git a/sys-apps/systemd/files/0030-test-Define-FTW_CONTINUE-if-not-already-defined.patch b/sys-apps/systemd/files/0030-test-Define-FTW_CONTINUE-if-not-already-defined.patch new file mode 100644 index 0000000..d6946b9 --- /dev/null +++ b/sys-apps/systemd/files/0030-test-Define-FTW_CONTINUE-if-not-already-defined.patch @@ -0,0 +1,29 @@ +From 13911055682e55f22c0dbbdb0f381360e8c160e2 Mon Sep 17 00:00:00 2001 +From: "A. Wilcox" +Date: Sun, 18 Aug 2024 03:18:10 -0500 +Subject: [PATCH 30/34] test: Define FTW_CONTINUE if not already defined +Content-Type: text/plain; charset="utf-8" +Content-Transfer-Encoding: 8bit + +Signed-off-by: Alexander Miroshnichenko +--- + src/test/test-recurse-dir.c | 3 +++ + 1 file changed, 3 insertions(+) + +diff --git a/src/test/test-recurse-dir.c b/src/test/test-recurse-dir.c +index 8684d064ec39..9697667f8dfc 100644 +--- a/src/test/test-recurse-dir.c ++++ b/src/test/test-recurse-dir.c +@@ -1,6 +1,9 @@ + /* SPDX-License-Identifier: LGPL-2.1-or-later */ + + #include ++#ifndef FTW_CONTINUE ++#define FTW_CONTINUE 0 ++#endif + + #include "fd-util.h" + #include "log.h" +-- +2.41.0 + diff --git a/sys-apps/systemd/files/0031-os-util-Handle-negative-time_t-values-properly.patch b/sys-apps/systemd/files/0031-os-util-Handle-negative-time_t-values-properly.patch new file mode 100644 index 0000000..092447e --- /dev/null +++ b/sys-apps/systemd/files/0031-os-util-Handle-negative-time_t-values-properly.patch @@ -0,0 +1,33 @@ +From 571037f7f86f2bd4a68a28aa19cb3aadaaacd75b Mon Sep 17 00:00:00 2001 +From: "A. Wilcox" +Date: Sun, 18 Aug 2024 03:18:29 -0500 +Subject: [PATCH 31/34] os-util: Handle negative time_t values properly +Content-Type: text/plain; charset="utf-8" +Content-Transfer-Encoding: 8bit + +musl's time framework happily accepts dates before 1970, which can +result in negative time_t values being returned. These should still be +considered as invalid dates for OS support. + +Signed-off-by: A. Wilcox +Signed-off-by: Alexander Miroshnichenko +--- + src/basic/os-util.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/src/basic/os-util.c b/src/basic/os-util.c +index 79f641b36474..8da1c012a223 100644 +--- a/src/basic/os-util.c ++++ b/src/basic/os-util.c +@@ -460,7 +460,7 @@ int os_release_support_ended(const char *support_end, bool quiet, usec_t *ret_eo + "Failed to parse SUPPORT_END= in os-release file, ignoring: %m"); + + time_t eol = timegm(&tm); +- if (eol == (time_t) -1) ++ if (eol <= (time_t) -1) + return log_full_errno(quiet ? LOG_DEBUG : LOG_WARNING, SYNTHETIC_ERRNO(EINVAL), + "Failed to convert SUPPORT_END= in os-release file, ignoring: %m"); + +-- +2.41.0 + diff --git a/sys-apps/systemd/files/0032-test-Disable-fileio-test-that-fails-on-musl.patch b/sys-apps/systemd/files/0032-test-Disable-fileio-test-that-fails-on-musl.patch new file mode 100644 index 0000000..63ef6b4 --- /dev/null +++ b/sys-apps/systemd/files/0032-test-Disable-fileio-test-that-fails-on-musl.patch @@ -0,0 +1,32 @@ +From e6071a579fa7d28ace8c34ab90300b4f8be9bb47 Mon Sep 17 00:00:00 2001 +From: "A. Wilcox" +Date: Sun, 18 Aug 2024 03:19:34 -0500 +Subject: [PATCH 32/34] test: Disable fileio test that fails on musl +Content-Type: text/plain; charset="utf-8" +Content-Transfer-Encoding: 8bit + +Needs further investigation. + +This cannot be upstreamed. + +Signed-off-by: Alexander Miroshnichenko +--- + src/test/test-fileio.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/src/test/test-fileio.c b/src/test/test-fileio.c +index 474eacaf0468..472d653532fb 100644 +--- a/src/test/test-fileio.c ++++ b/src/test/test-fileio.c +@@ -432,7 +432,7 @@ TEST(write_string_stream) { + + f = fdopen(fd, "r"); + assert_se(f); +- assert_se(write_string_stream(f, "boohoo", 0) < 0); ++ //assert_se(write_string_stream(f, "boohoo", 0) < 0); + f = safe_fclose(f); + + f = fopen(fn, "r+"); +-- +2.41.0 + diff --git a/sys-apps/systemd/files/0033-recurse-dir-Perform-correct-pointer-math-on-de.patch b/sys-apps/systemd/files/0033-recurse-dir-Perform-correct-pointer-math-on-de.patch new file mode 100644 index 0000000..18aa307 --- /dev/null +++ b/sys-apps/systemd/files/0033-recurse-dir-Perform-correct-pointer-math-on-de.patch @@ -0,0 +1,33 @@ +From c357ca7be7cd70c4b62c1889f7f110d50a85aa02 Mon Sep 17 00:00:00 2001 +From: "A. Wilcox" +Date: Sun, 18 Aug 2024 06:18:40 -0500 +Subject: [PATCH 33/34] recurse-dir: Perform correct pointer math on de +Content-Type: text/plain; charset="utf-8" +Content-Transfer-Encoding: 8bit + +Without this, we are casting the pointer math itself to struct dirent* +which causes invalid calculations on systems with structs aligned to a +different width than uint8_t* (i.e. ppc64). + +Signed-off-by: Alexander Miroshnichenko +--- + src/basic/recurse-dir.c | 3 ++- + 1 file changed, 2 insertions(+), 1 deletion(-) + +diff --git a/src/basic/recurse-dir.c b/src/basic/recurse-dir.c +index 776733148b05..8c4b044ea0fb 100644 +--- a/src/basic/recurse-dir.c ++++ b/src/basic/recurse-dir.c +@@ -56,7 +56,8 @@ int readdir_all(int dir_fd, + bs = MIN(MALLOC_SIZEOF_SAFE(de) - offsetof(DirectoryEntries, buffer), (size_t) SSIZE_MAX); + assert(bs > de->buffer_size); + +- n = getdents64(dir_fd, (uint8_t*) de->buffer + de->buffer_size, bs - de->buffer_size); ++ uint8_t *ptr = (uint8_t*) de->buffer + de->buffer_size; ++ n = getdents64(dir_fd, (struct dirent *)ptr, bs - de->buffer_size); + if (n < 0) + return -errno; + if (n == 0) +-- +2.41.0 + diff --git a/sys-apps/systemd/files/0034-build-path-Disable-for-now.patch b/sys-apps/systemd/files/0034-build-path-Disable-for-now.patch new file mode 100644 index 0000000..1429c3e --- /dev/null +++ b/sys-apps/systemd/files/0034-build-path-Disable-for-now.patch @@ -0,0 +1,35 @@ +From 5cfb7905b38ca0e537b93403a7ef577bc3b19a82 Mon Sep 17 00:00:00 2001 +From: "A. Wilcox" +Date: Sun, 18 Aug 2024 20:23:03 -0500 +Subject: [PATCH 34/34] build-path: Disable for now +Content-Type: text/plain; charset="utf-8" +Content-Transfer-Encoding: 8bit + +Digging for RPATH is broken on musl, and causes segfaults all throughout +the systemd manager when running. This means we lose the ability to run +systemd applets from a build tree, but we can just iterate in our +virthosts until this can be fixed. + +This cannot be upstreamed. + +Signed-off-by: Alexander Miroshnichenko +--- + src/basic/build-path.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/src/basic/build-path.c b/src/basic/build-path.c +index b5972658dfea..9c4c6233f76b 100644 +--- a/src/basic/build-path.c ++++ b/src/basic/build-path.c +@@ -157,7 +157,7 @@ int get_build_exec_dir(char **ret) { + runpath_cached = get_runpath(&runpath); + + /* We only care if the runpath starts with $ORIGIN/ */ +- if (runpath_cached > 0 && !startswith(runpath, "$ORIGIN/")) ++ //if (runpath_cached > 0 && !startswith(runpath, "$ORIGIN/")) + runpath_cached = 0; + } + if (runpath_cached < 0) +-- +2.41.0 + diff --git a/sys-apps/systemd/files/256-bpf-gcc.patch b/sys-apps/systemd/files/256-bpf-gcc.patch new file mode 100644 index 0000000..0570695 --- /dev/null +++ b/sys-apps/systemd/files/256-bpf-gcc.patch @@ -0,0 +1,26 @@ +https://github.com/systemd/systemd/commit/dde6f1d7456db7aa72d24b1d6956b419b6f9945c + +From dde6f1d7456db7aa72d24b1d6956b419b6f9945c Mon Sep 17 00:00:00 2001 +From: Sam James +Date: Sat, 24 Aug 2024 13:09:47 +0100 +Subject: [PATCH] meson: search for 'bpf-unknown-none' too + +We currently search for 'bpf-gcc' and 'bpf-none-gcc'. Gentoo's +sys-devel/bpf-toolchain package uses 'bpf-unknown-none-gcc', as does Fedora's +cross-binutils. Search for this name too. +--- + meson.build | 1 + + 1 file changed, 1 insertion(+) + +diff --git a/meson.build b/meson.build +index 5e0b666c64b17..fbc2bbdf2f22f 100644 +--- a/meson.build ++++ b/meson.build +@@ -1109,6 +1109,7 @@ else + elif bpf_compiler == 'gcc' + bpf_gcc = find_program('bpf-gcc', + 'bpf-none-gcc', ++ 'bpf-unknown-none-gcc', + required : true, + version : '>= 13.1.0') + bpf_gcc_found = bpf_gcc.found() diff --git a/sys-apps/systemd/files/gentoo-journald-audit-r1.patch b/sys-apps/systemd/files/gentoo-journald-audit-r1.patch new file mode 100644 index 0000000..b5c32df --- /dev/null +++ b/sys-apps/systemd/files/gentoo-journald-audit-r1.patch @@ -0,0 +1,51 @@ +From 2de502ccff1cc780d9d29c4ff7e6c1e0f2d7a082 Mon Sep 17 00:00:00 2001 +From: Mike Gilbert +Date: Fri, 21 Aug 2020 13:16:17 -0400 +Subject: [PATCH] journald: do not change the kernel audit setting by default + +Bug: https://bugs.gentoo.org/736910 +--- + man/journald.conf.xml | 2 +- + src/journal/journald-server.c | 2 +- + src/journal/journald.conf | 2 +- + 3 files changed, 3 insertions(+), 3 deletions(-) + +diff --git a/man/journald.conf.xml b/man/journald.conf.xml +index 50c33e4792..2e14674f42 100644 +--- a/man/journald.conf.xml ++++ b/man/journald.conf.xml +@@ -427,7 +427,7 @@ + kernel auditing on start-up. If disabled it will turn it off. If unset it will neither enable nor + disable it, leaving the previous state unchanged. This means if another tool turns on auditing even + if systemd-journald left it off, it will still collect the generated +- messages. Defaults to on. ++ messages. + + Note that this option does not control whether systemd-journald collects + generated audit records, it just controls whether it tells the kernel to generate them. If you need +diff --git a/src/journal/journald-server.c b/src/journal/journald-server.c +index 022e12d83d..6b3d261af6 100644 +--- a/src/journal/journald-server.c ++++ b/src/journal/journald-server.c +@@ -2367,7 +2367,7 @@ int server_init(Server *s, const char *namespace) { + .compress.threshold_bytes = UINT64_MAX, + .seal = true, + +- .set_audit = true, ++ .set_audit = -1, + + .watchdog_usec = USEC_INFINITY, + +diff --git a/src/journal/journald.conf b/src/journal/journald.conf +index 5a60a9d39c..64156d5463 100644 +--- a/src/journal/journald.conf ++++ b/src/journal/journald.conf +@@ -44,4 +44,4 @@ + #MaxLevelWall=emerg + #LineMax=48K + #ReadKMsg=yes +-#Audit=yes ++#Audit= +-- +2.39.1 + diff --git a/sys-apps/systemd/files/legacy.conf b/sys-apps/systemd/files/legacy.conf new file mode 100644 index 0000000..2d322e8 --- /dev/null +++ b/sys-apps/systemd/files/legacy.conf @@ -0,0 +1,3 @@ +# Based on legacy.conf from systemd +d /run/lock +L /var/lock - - - - ../run/lock diff --git a/sys-apps/systemd/files/systemd-test-process-util.patch b/sys-apps/systemd/files/systemd-test-process-util.patch new file mode 100644 index 0000000..92c7eaf --- /dev/null +++ b/sys-apps/systemd/files/systemd-test-process-util.patch @@ -0,0 +1,31 @@ +From c3f91c76af292e3bd2c6e2b12e37de88cf5d7c72 Mon Sep 17 00:00:00 2001 +From: Mike Gilbert +Date: Thu, 18 Apr 2024 00:04:44 -0400 +Subject: [PATCH] test-process-util: remove assert that fails under pid-sandbox + +Upstream refuses to fix this. + +Bug: https://bugs.gentoo.org/674458 +Bug: https://github.com/systemd/systemd/issues/25015 +--- + src/test/test-process-util.c | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) + +diff --git a/src/test/test-process-util.c b/src/test/test-process-util.c +index c96bd4341b..9ff1bdc082 100644 +--- a/src/test/test-process-util.c ++++ b/src/test/test-process-util.c +@@ -92,8 +92,8 @@ static void test_pid_get_comm_one(pid_t pid) { + assert_se(r >= 0 || r == -EACCES); + log_info("PID"PID_FMT" strlen(environ): %zi", pid, env ? (ssize_t)strlen(env) : (ssize_t)-errno); + +- if (!detect_container()) +- assert_se(get_ctty_devnr(pid, &h) == -ENXIO || pid != 1); ++ ++ + + (void) getenv_for_pid(pid, "PATH", &i); + log_info("PID"PID_FMT" $PATH: '%s'", pid, strna(i)); +-- +2.44.0 + diff --git a/sys-apps/systemd/files/systemd-user.pam b/sys-apps/systemd/files/systemd-user.pam new file mode 100644 index 0000000..38ae321 --- /dev/null +++ b/sys-apps/systemd/files/systemd-user.pam @@ -0,0 +1,5 @@ +account include system-auth + +session required pam_loginuid.so +session include system-auth +session optional pam_systemd.so diff --git a/sys-apps/systemd/systemd-256.5.ebuild b/sys-apps/systemd/systemd-256.5.ebuild new file mode 100644 index 0000000..474aed0 --- /dev/null +++ b/sys-apps/systemd/systemd-256.5.ebuild @@ -0,0 +1,608 @@ +# Copyright 2011-2024 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=8 +PYTHON_COMPAT=( python3_{10..12} ) + +# Avoid QA warnings +TMPFILES_OPTIONAL=1 +UDEV_OPTIONAL=1 + +QA_PKGCONFIG_VERSION=$(ver_cut 1) + +if [[ ${PV} == 9999 ]]; then + EGIT_REPO_URI="https://github.com/systemd/systemd.git" + inherit git-r3 +else + MY_PV=${PV/_/-} + MY_P=${PN}-${MY_PV} + S=${WORKDIR}/${MY_P} + SRC_URI="https://github.com/systemd/${PN}/archive/refs/tags/v${MY_PV}.tar.gz -> ${MY_P}.tar.gz" + + if [[ ${PV} != *rc* ]] ; then + KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~loong ~m68k ~mips ~ppc ~ppc64 ~riscv ~s390 ~sparc ~x86" + fi +fi + +inherit bash-completion-r1 linux-info meson-multilib optfeature pam python-single-r1 +inherit secureboot systemd toolchain-funcs udev + +DESCRIPTION="System and service manager for Linux" +HOMEPAGE="https://systemd.io/" + +LICENSE="GPL-2 LGPL-2.1 MIT public-domain" +SLOT="0/2" +IUSE=" + acl apparmor audit boot bpf cgroup-hybrid cryptsetup curl +dns-over-tls elfutils elibc_musl + fido2 +gcrypt gnutls homed http idn importd iptables +kernel-install +kmod + +lz4 lzma +openssl pam pcre pkcs11 policykit pwquality qrcode + +resolvconf +seccomp selinux split-usr +sysv-utils test tpm ukify vanilla xkb +zstd +" +REQUIRED_USE=" + ${PYTHON_REQUIRED_USE} + dns-over-tls? ( || ( gnutls openssl ) ) + fido2? ( cryptsetup openssl ) + homed? ( cryptsetup pam openssl ) + importd? ( curl lzma || ( gcrypt openssl ) ) + pwquality? ( homed ) + boot? ( kernel-install ) + ukify? ( boot ) +" +RESTRICT="!test? ( test )" + +MINKV="4.15" + +COMMON_DEPEND=" + >=sys-apps/util-linux-2.32:0=[${MULTILIB_USEDEP}] + sys-libs/libcap:0=[${MULTILIB_USEDEP}] + virtual/libcrypt:=[${MULTILIB_USEDEP}] + acl? ( sys-apps/acl:0= ) + apparmor? ( >=sys-libs/libapparmor-2.13:0= ) + audit? ( >=sys-process/audit-2:0= ) + cryptsetup? ( >=sys-fs/cryptsetup-2.0.1:0= ) + curl? ( >=net-misc/curl-7.32.0:0= ) + elfutils? ( >=dev-libs/elfutils-0.158:0= ) + fido2? ( dev-libs/libfido2:0= ) + gcrypt? ( >=dev-libs/libgcrypt-1.4.5:0=[${MULTILIB_USEDEP}] ) + gnutls? ( >=net-libs/gnutls-3.6.0:0= ) + http? ( >=net-libs/libmicrohttpd-0.9.33:0=[epoll(+)] ) + idn? ( net-dns/libidn2:= ) + importd? ( + app-arch/bzip2:0= + sys-libs/zlib:0= + ) + kmod? ( >=sys-apps/kmod-15:0= ) + lz4? ( >=app-arch/lz4-0_p131:0=[${MULTILIB_USEDEP}] ) + lzma? ( >=app-arch/xz-utils-5.0.5-r1:0=[${MULTILIB_USEDEP}] ) + iptables? ( net-firewall/iptables:0= ) + openssl? ( >=dev-libs/openssl-1.1.0:0= ) + pam? ( sys-libs/pam:=[${MULTILIB_USEDEP}] ) + pkcs11? ( >=app-crypt/p11-kit-0.23.3:0= ) + pcre? ( dev-libs/libpcre2 ) + pwquality? ( >=dev-libs/libpwquality-1.4.1:0= ) + qrcode? ( >=media-gfx/qrencode-3:0= ) + seccomp? ( >=sys-libs/libseccomp-2.3.3:0= ) + selinux? ( >=sys-libs/libselinux-2.1.9:0= ) + tpm? ( app-crypt/tpm2-tss:0= ) + xkb? ( >=x11-libs/libxkbcommon-0.4.1:0= ) + zstd? ( >=app-arch/zstd-1.4.0:0=[${MULTILIB_USEDEP}] ) +" + +# Newer linux-headers needed by ia64, bug #480218 +DEPEND="${COMMON_DEPEND} + >=sys-kernel/linux-headers-${MINKV} +" + +PEFILE_DEPEND='dev-python/pefile[${PYTHON_USEDEP}]' + +# baselayout-2.2 has /run +RDEPEND="${COMMON_DEPEND} + >=acct-group/adm-0-r1 + >=acct-group/wheel-0-r1 + >=acct-group/kmem-0-r1 + >=acct-group/tty-0-r1 + >=acct-group/utmp-0-r1 + >=acct-group/audio-0-r1 + >=acct-group/cdrom-0-r1 + >=acct-group/dialout-0-r1 + >=acct-group/disk-0-r1 + >=acct-group/input-0-r1 + >=acct-group/kvm-0-r1 + >=acct-group/lp-0-r1 + >=acct-group/render-0-r1 + acct-group/sgx + >=acct-group/tape-0-r1 + acct-group/users + >=acct-group/video-0-r1 + >=acct-group/systemd-journal-0-r1 + >=acct-user/root-0-r1 + acct-user/nobody + >=acct-user/systemd-journal-remote-0-r1 + >=acct-user/systemd-coredump-0-r1 + >=acct-user/systemd-network-0-r1 + acct-user/systemd-oom + >=acct-user/systemd-resolve-0-r1 + >=acct-user/systemd-timesync-0-r1 + >=sys-apps/baselayout-2.2 + ukify? ( + ${PYTHON_DEPS} + $(python_gen_cond_dep "${PEFILE_DEPEND}") + ) + selinux? ( + sec-policy/selinux-base-policy[systemd] + sec-policy/selinux-ntp + ) + sysv-utils? ( + !sys-apps/openrc[sysv-utils(-)] + !sys-apps/openrc-navi[sysv-utils(-)] + !sys-apps/sysvinit + ) + !sysv-utils? ( sys-apps/sysvinit ) + resolvconf? ( !net-dns/openresolv ) + !sys-apps/hwids[udev] + !sys-auth/nss-myhostname + !sys-fs/eudev + !sys-fs/udev +" + +# sys-apps/dbus: the daemon only (+ build-time lib dep for tests) +PDEPEND=">=sys-apps/dbus-1.9.8[systemd] + >=sys-fs/udev-init-scripts-34 + policykit? ( sys-auth/polkit ) + !vanilla? ( sys-apps/gentoo-systemd-integration )" + +BDEPEND=" + app-arch/xz-utils:0 + dev-util/gperf + >=dev-build/meson-0.46 + >=sys-apps/coreutils-8.16 + sys-devel/gettext + virtual/pkgconfig + bpf? ( + dev-util/bpftool + sys-devel/bpf-toolchain + ) + test? ( + app-text/tree + dev-lang/perl + sys-apps/dbus + ) + app-text/docbook-xml-dtd:4.2 + app-text/docbook-xml-dtd:4.5 + app-text/docbook-xsl-stylesheets + dev-libs/libxslt:0 + ${PYTHON_DEPS} + $(python_gen_cond_dep " + dev-python/jinja[\${PYTHON_USEDEP}] + dev-python/lxml[\${PYTHON_USEDEP}] + boot? ( + >=dev-python/pyelftools-0.30[\${PYTHON_USEDEP}] + test? ( ${PEFILE_DEPEND} ) + ) + ") +" + +QA_FLAGS_IGNORED="usr/lib/systemd/boot/efi/.*" +QA_EXECSTACK="usr/lib/systemd/boot/efi/*" + +check_cgroup_layout() { + # https://bugs.gentoo.org/935261 + [[ ${MERGE_TYPE} != buildonly ]] || return + [[ -z ${ROOT} ]] || return + [[ -e /sys/fs/cgroup/unified ]] || return + grep -q 'SYSTEMD_CGROUP_ENABLE_LEGACY_FORCE=1' /proc/cmdline && return + + eerror "This system appears to be booted with the 'hybrid' cgroup layout." + eerror "This layout obsolete and is disabled in systemd." + + if grep -qF 'systemd.unified_cgroup_hierarchy'; then + eerror "Remove the systemd.unified_cgroup_hierarchy option" + eerror "from the kernel command line and reboot." + die "hybrid cgroup layout detected" + fi +} + +pkg_pretend() { + if use split-usr; then + eerror "Please complete the migration to merged-usr." + eerror "https://wiki.gentoo.org/wiki/Merge-usr" + die "systemd no longer supports split-usr" + fi + + check_cgroup_layout + + if use cgroup-hybrid; then + eerror "Disable the 'cgroup-hybrid' USE flag." + eerror "Rebuild any initramfs images after rebuilding systemd." + die "cgroup-hybrid is no longer supported" + fi + + if [[ ${MERGE_TYPE} != buildonly ]]; then + local CONFIG_CHECK="~BLK_DEV_BSG ~CGROUPS + ~CGROUP_BPF ~DEVTMPFS ~EPOLL ~FANOTIFY ~FHANDLE + ~INOTIFY_USER ~IPV6 ~NET ~NET_NS ~PROC_FS ~SIGNALFD ~SYSFS + ~TIMERFD ~TMPFS_XATTR ~UNIX ~USER_NS + ~CRYPTO_HMAC ~CRYPTO_SHA256 ~CRYPTO_USER_API_HASH + ~!GRKERNSEC_PROC ~!IDE ~!SYSFS_DEPRECATED + ~!SYSFS_DEPRECATED_V2" + + use acl && CONFIG_CHECK+=" ~TMPFS_POSIX_ACL" + use bpf && CONFIG_CHECK+=" ~BPF ~BPF_SYSCALL ~BPF_LSM ~DEBUG_INFO_BTF" + use seccomp && CONFIG_CHECK+=" ~SECCOMP ~SECCOMP_FILTER" + + if kernel_is -ge 5 10 20; then + CONFIG_CHECK+=" ~KCMP" + else + CONFIG_CHECK+=" ~CHECKPOINT_RESTORE" + fi + + if kernel_is -ge 4 18; then + CONFIG_CHECK+=" ~AUTOFS_FS" + else + CONFIG_CHECK+=" ~AUTOFS4_FS" + fi + + if linux_config_exists; then + local uevent_helper_path=$(linux_chkconfig_string UEVENT_HELPER_PATH) + if [[ -n ${uevent_helper_path} ]] && [[ ${uevent_helper_path} != '""' ]]; then + ewarn "It's recommended to set an empty value to the following kernel config option:" + ewarn "CONFIG_UEVENT_HELPER_PATH=${uevent_helper_path}" + fi + if linux_chkconfig_present X86; then + CONFIG_CHECK+=" ~DMIID" + fi + fi + + if kernel_is -lt ${MINKV//./ }; then + ewarn "Kernel version at least ${MINKV} required" + fi + + check_extra_config + fi +} + +pkg_setup() { + use boot && secureboot_pkg_setup +} + +src_unpack() { + default + [[ ${PV} != 9999 ]] || git-r3_src_unpack +} + +src_prepare() { + local PATCHES=( + "${FILESDIR}/systemd-test-process-util.patch" + "${FILESDIR}/256-bpf-gcc.patch" + ) + + if use elibc_musl; then + PATCHES+=( + "${FILESDIR}/0001-Revert-Drop-split-usr-and-unmerged-usr-support.patch" + "${FILESDIR}/0002-Use-XSI-strerror_r-instead-of-GNU-strerror_r.patch" + "${FILESDIR}/0003-fileio-Disable-use-of-disabling-write-buffer.patch" + "${FILESDIR}/0004-fs-util-Handle-musl-O_ACCMODE-containing-O_PATH.patch" + "${FILESDIR}/0006-test-PATH-sbin-so-fstab-generator-finds-fsck.patch" + "${FILESDIR}/0005-Use-libc-over-Linux-UAPI-headers-when-possible.patch" + "${FILESDIR}/0007-Handle-lack-of-printf.h.patch" + "${FILESDIR}/0010-basic-Support-musl-definition-of-rlim_t.patch" + "${FILESDIR}/0009-test-Change-expected-message-for-unhappy-sysusers.patch" + "${FILESDIR}/0008-test-Ensure-sysusers-test-11-passes-on-musl-libc.patch" + "${FILESDIR}/0011-Handle-musl-lack-of-GLOB_BRACE.patch" + "${FILESDIR}/0012-Handle-musl-s-longer-HOST_NAME_MAX-hardcode-64.patch" + "${FILESDIR}/0014-basic-Define-comparison_fn_t-in-sort-util.h.patch" + "${FILESDIR}/0013-basic-Handle-musl-lack-of-NI_IDN.patch" + "${FILESDIR}/0015-basic-Define-our-own-basename.patch" + "${FILESDIR}/0016-test-Handle-musl-s-interesting-locale-decisions.patch" + "${FILESDIR}/0017-Port-to-s6-utmps.patch" + "${FILESDIR}/0018-test-Add-definition-for-__cpu_set-type.patch" + "${FILESDIR}/0019-test-Don-t-assume-unknown-errors-have-their-codes.patch" + "${FILESDIR}/0020-test-time-util-Use-whole-fractions-no-4-digit-TZ.patch" + "${FILESDIR}/0021-Don-t-use-malloc_trim-or-malloc_info.patch" + "${FILESDIR}/0022-Port-to-musl-strptime.patch" + "${FILESDIR}/0024-basic-Use-sys-prctl.h-vs-linux-prctl.h.patch" + "${FILESDIR}/0023-shared-Conditionalise-sgrp-on-ENABLE_GSHADOW.patch" + "${FILESDIR}/0025-man-Ensure-notify-example-includes-string.h.patch" + "${FILESDIR}/0026-basic-Add-needed-signal.h-to-pidref.h.patch" + "${FILESDIR}/0027-Add-sys-file.h-include-for-LOCK_-definitions.patch" + "${FILESDIR}/0028-basic-Handle-NIS-compat-entries-ourselves.patch" + "${FILESDIR}/0030-test-Define-FTW_CONTINUE-if-not-already-defined.patch" + "${FILESDIR}/0029-edit-util-Don-t-clobber-reserved-identifier-stdin.patch" + "${FILESDIR}/0031-os-util-Handle-negative-time_t-values-properly.patch" + "${FILESDIR}/0032-test-Disable-fileio-test-that-fails-on-musl.patch" + "${FILESDIR}/0034-build-path-Disable-for-now.patch" + "${FILESDIR}/0033-recurse-dir-Perform-correct-pointer-math-on-de.patch" + ) + fi + + if ! use vanilla; then + PATCHES+=( + "${FILESDIR}/gentoo-journald-audit-r1.patch" + ) + fi + + default +} + +src_configure() { + # Prevent conflicts with i686 cross toolchain, bug 559726 + tc-export AR CC NM OBJCOPY RANLIB + + python_setup + + multilib-minimal_src_configure +} + +multilib_src_configure() { + local myconf=( + --localstatedir="${EPREFIX}/var" + # default is developer, bug 918671 + -Dmode=release + -Dsupport-url="https://gentoo.org/support/" + -Dpamlibdir="$(getpam_mod_dir)" + # avoid bash-completion dep + -Dbashcompletiondir="$(get_bashcompdir)" + -Dsplit-bin=false + # Disable compatibility with sysvinit + -Dsysvinit-path= + -Dsysvrcnd-path= + # no deps + -Dima=true + # Match /etc/shells, bug 919749 + -Ddebug-shell="${EPREFIX}/bin/sh" + -Ddefault-user-shell="${EPREFIX}/bin/bash" + # Optional components/dependencies + $(meson_native_use_bool acl) + $(meson_native_use_bool apparmor) + $(meson_native_use_bool audit) + $(meson_native_use_bool boot bootloader) + $(meson_native_use_bool bpf bpf-framework) + -Dbpf-compiler=gcc + $(meson_native_use_bool cryptsetup libcryptsetup) + $(meson_native_use_bool curl libcurl) + $(meson_native_use_bool dns-over-tls dns-over-tls) + $(meson_native_use_bool elfutils) + $(meson_native_use_bool fido2 libfido2) + $(meson_use gcrypt) + $(meson_native_use_bool gnutls) + $(meson_native_use_bool homed) + $(meson_native_use_bool http microhttpd) + $(meson_native_use_bool idn) + $(meson_native_use_bool importd) + $(meson_native_use_bool importd bzip2) + $(meson_native_use_bool importd zlib) + $(meson_native_use_bool kernel-install) + $(meson_native_use_bool kmod) + $(meson_use lz4) + $(meson_use lzma xz) + $(meson_use test tests) + $(meson_use zstd) + $(meson_native_use_bool iptables libiptc) + $(meson_native_use_bool openssl) + $(meson_use pam) + $(meson_native_use_bool pkcs11 p11kit) + $(meson_native_use_bool pcre pcre2) + $(meson_native_use_bool policykit polkit) + $(meson_native_use_bool pwquality) + $(meson_native_use_bool qrcode qrencode) + $(meson_native_use_bool seccomp) + $(meson_native_use_bool selinux) + $(meson_native_use_bool tpm tpm2) + $(meson_native_use_bool test dbus) + $(meson_native_use_bool ukify) + $(meson_native_use_bool xkb xkbcommon) + -Dntp-servers="0.gentoo.pool.ntp.org 1.gentoo.pool.ntp.org 2.gentoo.pool.ntp.org 3.gentoo.pool.ntp.org" + # Breaks screen, tmux, etc. + -Ddefault-kill-user-processes=false + -Dcreate-log-dirs=false + + # multilib options + $(meson_native_true backlight) + $(meson_native_true binfmt) + $(meson_native_true coredump) + $(meson_native_true environment-d) + $(meson_native_true firstboot) + $(meson_native_true hibernate) + $(meson_native_true hostnamed) + $(meson_native_true ldconfig) + $(meson_native_true localed) + $(meson_native_true man) + $(meson_native_true networkd) + $(meson_native_true quotacheck) + $(meson_native_true randomseed) + $(meson_native_true rfkill) + $(meson_native_true sysusers) + $(meson_native_true timedated) + $(meson_native_true timesyncd) + $(meson_native_true tmpfiles) + $(meson_native_true vconsole) + ) + + case $(tc-arch) in + amd64|arm|arm64|ppc|ppc64|s390|x86) + # src/vmspawn/vmspawn-util.h: QEMU_MACHINE_TYPE + myconf+=( $(meson_native_enabled vmspawn) ) ;; + *) + myconf+=( -Dvmspawn=disabled ) ;; + esac + + meson_src_configure "${myconf[@]}" +} + +multilib_src_test() { + ( + unset DBUS_SESSION_BUS_ADDRESS XDG_RUNTIME_DIR + export COLUMNS=80 + addpredict /dev + addpredict /proc + addpredict /run + addpredict /sys/fs/cgroup + meson_src_test --timeout-multiplier=10 + ) || die +} + +multilib_src_install_all() { + # meson doesn't know about docdir + mv "${ED}"/usr/share/doc/{systemd,${PF}} || die + + einstalldocs + dodoc "${FILESDIR}"/nsswitch.conf + + insinto /usr/lib/tmpfiles.d + doins "${FILESDIR}"/legacy.conf + + if ! use resolvconf; then + rm -f "${ED}"/usr/bin/resolvconf || die + fi + + if ! use sysv-utils; then + rm "${ED}"/usr/bin/{halt,init,poweroff,reboot,shutdown} || die + rm "${ED}"/usr/share/man/man1/init.1 || die + rm "${ED}"/usr/share/man/man8/{halt,poweroff,reboot,shutdown}.8 || die + fi + + # https://bugs.gentoo.org/761763 + rm -r "${ED}"/usr/lib/sysusers.d || die + + # Preserve empty dirs in /etc & /var, bug #437008 + keepdir /etc/{binfmt.d,modules-load.d,tmpfiles.d} + keepdir /etc/kernel/install.d + keepdir /etc/systemd/{network,system,user} + keepdir /etc/udev/rules.d + + keepdir /etc/udev/hwdb.d + + keepdir /usr/lib/systemd/{system-sleep,system-shutdown} + keepdir /usr/lib/{binfmt.d,modules-load.d} + keepdir /usr/lib/systemd/user-generators + keepdir /var/lib/systemd + keepdir /var/log/journal + + if use pam; then + newpamd "${FILESDIR}"/systemd-user.pam systemd-user + fi + + if use kernel-install; then + # Dummy config, remove to make room for sys-kernel/installkernel + rm "${ED}/usr/lib/kernel/install.conf" || die + fi + + use ukify && python_fix_shebang "${ED}" + use boot && secureboot_auto_sign +} + +migrate_locale() { + local envd_locale_def="${EROOT}/etc/env.d/02locale" + local envd_locale=( "${EROOT}"/etc/env.d/??locale ) + local locale_conf="${EROOT}/etc/locale.conf" + + if [[ ! -L ${locale_conf} && ! -e ${locale_conf} ]]; then + # If locale.conf does not exist... + if [[ -e ${envd_locale} ]]; then + # ...either copy env.d/??locale if there's one + ebegin "Moving ${envd_locale} to ${locale_conf}" + mv "${envd_locale}" "${locale_conf}" + eend ${?} || FAIL=1 + else + # ...or create a dummy default + ebegin "Creating ${locale_conf}" + cat > "${locale_conf}" <<-EOF + # This file has been created by the sys-apps/systemd ebuild. + # See locale.conf(5) and localectl(1). + + # LANG=${LANG} + EOF + eend ${?} || FAIL=1 + fi + fi + + if [[ ! -L ${envd_locale} ]]; then + # now, if env.d/??locale is not a symlink (to locale.conf)... + if [[ -e ${envd_locale} ]]; then + # ...warn the user that he has duplicate locale settings + ewarn + ewarn "To ensure consistent behavior, you should replace ${envd_locale}" + ewarn "with a symlink to ${locale_conf}. Please migrate your settings" + ewarn "and create the symlink with the following command:" + ewarn "ln -s -n -f ../locale.conf ${envd_locale}" + ewarn + else + # ...or just create the symlink if there's nothing here + ebegin "Creating ${envd_locale_def} -> ../locale.conf symlink" + ln -n -s ../locale.conf "${envd_locale_def}" + eend ${?} || FAIL=1 + fi + fi +} + +pkg_preinst() { + if [[ -e ${EROOT}/etc/sysctl.conf ]]; then + # Symlink /etc/sysctl.conf for easy migration. + dosym ../../../etc/sysctl.conf /usr/lib/sysctl.d/99-sysctl.conf + fi + + if ! use boot && has_version "sys-apps/systemd[gnuefi(-)]"; then + ewarn "The 'gnuefi' USE flag has been renamed to 'boot'." + ewarn "Make sure to enable the 'boot' USE flag if you use systemd-boot." + fi +} + +pkg_postinst() { + systemd_update_catalog + + # Keep this here in case the database format changes so it gets updated + # when required. + systemd-hwdb --root="${ROOT}" update + + udev_reload || FAIL=1 + + # Bug 465468, make sure locales are respected, and ensure consistency + # between OpenRC & systemd + migrate_locale + + if [[ -z ${REPLACING_VERSIONS} ]]; then + if type systemctl &>/dev/null; then + systemctl --root="${ROOT:-/}" enable getty@.service remote-fs.target || FAIL=1 + fi + elog "To enable a useful set of services, run the following:" + elog " systemctl preset-all --preset-mode=enable-only" + fi + + if [[ -L ${EROOT}/var/lib/systemd/timesync ]]; then + rm "${EROOT}/var/lib/systemd/timesync" + fi + + if [[ -z ${ROOT} && -d /run/systemd/system ]]; then + ebegin "Reexecuting system manager (systemd)" + systemctl daemon-reexec + eend $? || FAIL=1 + + # https://lists.freedesktop.org/archives/systemd-devel/2024-June/050466.html + ebegin "Signaling user managers to reexec" + systemctl kill --kill-whom='main' --signal='SIGRTMIN+25' 'user@*.service' + eend $? + fi + + if [[ ${FAIL} ]]; then + eerror "One of the postinst commands failed. Please check the postinst output" + eerror "for errors. You may need to clean up your system and/or try installing" + eerror "systemd again." + eerror + fi + + if use boot; then + optfeature "installing kernels in systemd-boot's native layout and update loader entries" \ + "sys-kernel/installkernel[systemd-boot]" + fi + if use ukify; then + optfeature "generating unified kernel image on each kernel installation" \ + "sys-kernel/installkernel[ukify]" + fi +} + +pkg_prerm() { + # If removing systemd completely, remove the catalog database. + if [[ ! ${REPLACED_BY_VERSION} ]]; then + rm -f -v "${EROOT}"/var/lib/systemd/catalog/database + fi +}