summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--pcr/systemd-knock/0001-nspawn-ignore-EEXIST-when-creating-mount-point.patch33
-rw-r--r--pcr/systemd-knock/0001-sd-bus-properly-handle-removals-of-non-existing-matc.patch25
-rw-r--r--pcr/systemd-knock/0001-sd-dhcp-client-clean-up-raw-socket-sd_event_source-w.patch31
-rw-r--r--pcr/systemd-knock/0001-shared-install-avoid-prematurely-rejecting-missing-u.patch39
-rw-r--r--pcr/systemd-knock/0001-shutdown-fix-arguments-to-run-initramfs-shutdown.patch68
-rw-r--r--pcr/systemd-knock/0001-udev-hwdb-Change-error-message-regarding-missing-hwd.patch32
-rw-r--r--pcr/systemd-knock/0001-units-don-t-order-journal-flushing-afte-remote-fs.ta.patch31
-rw-r--r--pcr/systemd-knock/0001-units-make-systemd-journald.service-Type-notify.patch35
-rw-r--r--pcr/systemd-knock/0001-units-order-sd-journal-flush-after-sd-remount-fs.patch29
-rw-r--r--pcr/systemd-knock/PKGBUILD163
-rw-r--r--pcr/systemd-knock/initcpio-install-systemd14
-rw-r--r--pcr/systemd-knock/loader.conf1
-rw-r--r--pcr/systemd-knock/parabola.conf7
-rw-r--r--pcr/systemd-knock/splash-parabola.bmpbin0 -> 760390 bytes
-rw-r--r--pcr/systemd-knock/systemd.install30
15 files changed, 132 insertions, 406 deletions
diff --git a/pcr/systemd-knock/0001-nspawn-ignore-EEXIST-when-creating-mount-point.patch b/pcr/systemd-knock/0001-nspawn-ignore-EEXIST-when-creating-mount-point.patch
deleted file mode 100644
index 86817596b..000000000
--- a/pcr/systemd-knock/0001-nspawn-ignore-EEXIST-when-creating-mount-point.patch
+++ /dev/null
@@ -1,33 +0,0 @@
-From 1ab19cb167b32967556eefd8f6d3df0e3de7d67d Mon Sep 17 00:00:00 2001
-From: Dave Reisner <dreisner@archlinux.org>
-Date: Wed, 29 Oct 2014 13:32:43 -0400
-Subject: [PATCH] nspawn: ignore EEXIST when creating mount point
-
-A combination of commits f3c80515c and 79d80fc14 cause nspawn to
-silently fail with a commandline such as:
-
- # systemd-nspawn -D /build/extra-x86_64 --bind=/usr
-
-strace shows the culprit:
-
- [pid 27868] writev(2, [{"Failed to create mount point /build/extra-x86_64/usr: File exists", 82}, {"\n", 1}], 2) = 83
----
- src/nspawn/nspawn.c | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
-diff --git a/src/nspawn/nspawn.c b/src/nspawn/nspawn.c
-index b6d9bc6..d88987a 100644
---- a/src/nspawn/nspawn.c
-+++ b/src/nspawn/nspawn.c
-@@ -758,7 +758,7 @@ static int mount_binds(const char *dest, char **l, bool ro) {
- * and char devices. */
- if (S_ISDIR(source_st.st_mode)) {
- r = mkdir_label(where, 0755);
-- if (r < 0) {
-+ if (r < 0 && errno != EEXIST) {
- log_error("Failed to create mount point %s: %s", where, strerror(-r));
-
- return r;
---
-2.1.2
-
diff --git a/pcr/systemd-knock/0001-sd-bus-properly-handle-removals-of-non-existing-matc.patch b/pcr/systemd-knock/0001-sd-bus-properly-handle-removals-of-non-existing-matc.patch
deleted file mode 100644
index fc8f16a79..000000000
--- a/pcr/systemd-knock/0001-sd-bus-properly-handle-removals-of-non-existing-matc.patch
+++ /dev/null
@@ -1,25 +0,0 @@
-From ef7b6c0190fefaacf6d8f8e1a6dda4ba8b98091b Mon Sep 17 00:00:00 2001
-From: Lennart Poettering <lennart@poettering.net>
-Date: Wed, 29 Oct 2014 17:58:43 +0100
-Subject: [PATCH] sd-bus: properly handle removals of non-existing matches
-
----
- src/libsystemd/sd-bus/bus-match.c | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
-diff --git a/src/libsystemd/sd-bus/bus-match.c b/src/libsystemd/sd-bus/bus-match.c
-index 18afe0f..5658c61 100644
---- a/src/libsystemd/sd-bus/bus-match.c
-+++ b/src/libsystemd/sd-bus/bus-match.c
-@@ -537,7 +537,7 @@ static int bus_match_find_compare_value(
- else if (BUS_MATCH_CAN_HASH(t))
- n = hashmap_get(c->compare.children, value_str);
- else {
-- for (n = c->child; !value_node_same(n, t, value_u8, value_str); n = n->next)
-+ for (n = c->child; n && !value_node_same(n, t, value_u8, value_str); n = n->next)
- ;
- }
-
---
-2.1.3
-
diff --git a/pcr/systemd-knock/0001-sd-dhcp-client-clean-up-raw-socket-sd_event_source-w.patch b/pcr/systemd-knock/0001-sd-dhcp-client-clean-up-raw-socket-sd_event_source-w.patch
deleted file mode 100644
index 3d72b5df2..000000000
--- a/pcr/systemd-knock/0001-sd-dhcp-client-clean-up-raw-socket-sd_event_source-w.patch
+++ /dev/null
@@ -1,31 +0,0 @@
-From d5a248dbe933c5cbe3ba3d0c5eb8a035018ba6af Mon Sep 17 00:00:00 2001
-From: Dan Williams <dcbw@redhat.com>
-Date: Thu, 30 Oct 2014 14:23:00 -0500
-Subject: [PATCH] sd-dhcp-client: clean up raw socket sd_event_source when
- creating new UDP socket
-
-The raw socket sd_event_source used for DHCP server solicitations
-was simply dropped on the floor when creating the new UDP socket
-after a lease has been acquired. Clean it up properly so we're
-not still listening and responding to events on it.
----
- src/libsystemd-network/sd-dhcp-client.c | 3 +++
- 1 file changed, 3 insertions(+)
-
-diff --git a/src/libsystemd-network/sd-dhcp-client.c b/src/libsystemd-network/sd-dhcp-client.c
-index 0eba4c3..1f7f238 100644
---- a/src/libsystemd-network/sd-dhcp-client.c
-+++ b/src/libsystemd-network/sd-dhcp-client.c
-@@ -1269,6 +1269,9 @@ static int client_handle_message(sd_dhcp_client *client, DHCPMessage *message,
- if (r >= 0) {
- client->timeout_resend =
- sd_event_source_unref(client->timeout_resend);
-+ client->receive_message =
-+ sd_event_source_unref(client->receive_message);
-+ client->fd = asynchronous_close(client->fd);
-
- if (IN_SET(client->state, DHCP_STATE_REQUESTING,
- DHCP_STATE_REBOOTING))
---
-2.1.3
-
diff --git a/pcr/systemd-knock/0001-shared-install-avoid-prematurely-rejecting-missing-u.patch b/pcr/systemd-knock/0001-shared-install-avoid-prematurely-rejecting-missing-u.patch
deleted file mode 100644
index 6ea9c7cca..000000000
--- a/pcr/systemd-knock/0001-shared-install-avoid-prematurely-rejecting-missing-u.patch
+++ /dev/null
@@ -1,39 +0,0 @@
-From 0ffce503cd6e5a5ff5ba5cd1cc23684cfb8bb9e3 Mon Sep 17 00:00:00 2001
-From: Dave Reisner <dreisner@archlinux.org>
-Date: Thu, 30 Oct 2014 20:12:05 -0400
-Subject: [PATCH] shared/install: avoid prematurely rejecting "missing" units
-
-f7101b7368df copied some logic to prevent enabling masked units, but
-also added a check which causes attempts to enable templated units to
-fail. Since we know the logic beyond this check will properly handle
-units which truly do not exist, we can rely on the unit file state
-comparison to suffice for expressing the intent of f7101b7368df.
-
-ref: https://bugs.archlinux.org/task/42616
----
- src/shared/install.c | 8 +++-----
- 1 file changed, 3 insertions(+), 5 deletions(-)
-
-diff --git a/src/shared/install.c b/src/shared/install.c
-index 035b44c..cab93e8 100644
---- a/src/shared/install.c
-+++ b/src/shared/install.c
-@@ -1620,12 +1620,10 @@ int unit_file_enable(
- STRV_FOREACH(i, files) {
- UnitFileState state;
-
-+ /* We only want to know if this unit is masked, so we ignore
-+ * errors from unit_file_get_state, deferring other checks.
-+ * This allows templated units to be enabled on the fly. */
- state = unit_file_get_state(scope, root_dir, *i);
-- if (state < 0) {
-- log_error("Failed to get unit file state for %s: %s", *i, strerror(-state));
-- return state;
-- }
--
- if (state == UNIT_FILE_MASKED || state == UNIT_FILE_MASKED_RUNTIME) {
- log_error("Failed to enable unit: Unit %s is masked", *i);
- return -ENOTSUP;
---
-2.1.3
-
diff --git a/pcr/systemd-knock/0001-shutdown-fix-arguments-to-run-initramfs-shutdown.patch b/pcr/systemd-knock/0001-shutdown-fix-arguments-to-run-initramfs-shutdown.patch
deleted file mode 100644
index 5d48d17bc..000000000
--- a/pcr/systemd-knock/0001-shutdown-fix-arguments-to-run-initramfs-shutdown.patch
+++ /dev/null
@@ -1,68 +0,0 @@
-From 4b5d8d0f22ae61ceb45a25391354ba53b43ee992 Mon Sep 17 00:00:00 2001
-From: Michal Schmidt <mschmidt@redhat.com>
-Date: Thu, 6 Nov 2014 22:24:13 +0100
-Subject: [PATCH] shutdown: fix arguments to /run/initramfs/shutdown
-
-Our initrd interface specifies that the verb is in argv[1].
-This is where systemd passes it to systemd-shutdown, but getopt
-permutes argv[]. This confuses dracut's shutdown script:
- Shutdown called with argument '--log-level'. Rebooting!
-
-getopt can be convinced to not permute argv[] by having '-' as the first
-character of optstring. Let's use it. This requires changing the way
-non-option arguments (in our case, the verb) are processed.
-
-This fixes a bug where the system would reboot instead of powering off.
----
- src/core/shutdown.c | 17 +++++++++++------
- 1 file changed, 11 insertions(+), 6 deletions(-)
-
-diff --git a/src/core/shutdown.c b/src/core/shutdown.c
-index dd11ae3..48ed7fa 100644
---- a/src/core/shutdown.c
-+++ b/src/core/shutdown.c
-@@ -75,7 +75,9 @@ static int parse_argv(int argc, char *argv[]) {
- assert(argc >= 1);
- assert(argv);
-
-- while ((c = getopt_long(argc, argv, "", options, NULL)) >= 0)
-+ /* "-" prevents getopt from permuting argv[] and moving the verb away
-+ * from argv[1]. Our interface to initrd promises it'll be there. */
-+ while ((c = getopt_long(argc, argv, "-", options, NULL)) >= 0)
- switch (c) {
-
- case ARG_LOG_LEVEL:
-@@ -113,6 +115,13 @@ static int parse_argv(int argc, char *argv[]) {
-
- break;
-
-+ case '\001':
-+ if (!arg_verb)
-+ arg_verb = optarg;
-+ else
-+ log_error("Excess arguments, ignoring");
-+ break;
-+
- case '?':
- return -EINVAL;
-
-@@ -120,15 +129,11 @@ static int parse_argv(int argc, char *argv[]) {
- assert_not_reached("Unhandled option code.");
- }
-
-- if (optind >= argc) {
-+ if (!arg_verb) {
- log_error("Verb argument missing.");
- return -EINVAL;
- }
-
-- arg_verb = argv[optind];
--
-- if (optind + 1 < argc)
-- log_error("Excess arguments, ignoring");
- return 0;
- }
-
---
-2.1.3
-
diff --git a/pcr/systemd-knock/0001-udev-hwdb-Change-error-message-regarding-missing-hwd.patch b/pcr/systemd-knock/0001-udev-hwdb-Change-error-message-regarding-missing-hwd.patch
deleted file mode 100644
index 1a2ac1edf..000000000
--- a/pcr/systemd-knock/0001-udev-hwdb-Change-error-message-regarding-missing-hwd.patch
+++ /dev/null
@@ -1,32 +0,0 @@
-From 8232e39e7cf32071e11b3b04839e6c98fbc81d0f Mon Sep 17 00:00:00 2001
-From: Colin Guthrie <colin@mageia.org>
-Date: Wed, 5 Nov 2014 15:29:41 +0000
-Subject: [PATCH] udev hwdb: Change error message regarding missing hwdb.bin
- back to debug.
-
-When used in an initramfs, it's expected that the hwdb.bin file is
-not present (it makes for a very large initramfs otherwise).
-
-While it's nice to tell the user about this, as it's not strictly
-speaking an error we really shouldn't be so forceful in our
-reporting.
----
- src/libudev/libudev-hwdb.c | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
-diff --git a/src/libudev/libudev-hwdb.c b/src/libudev/libudev-hwdb.c
-index a1cfc0b..0716072 100644
---- a/src/libudev/libudev-hwdb.c
-+++ b/src/libudev/libudev-hwdb.c
-@@ -296,7 +296,7 @@ _public_ struct udev_hwdb *udev_hwdb_new(struct udev *udev) {
- }
-
- if (!hwdb->f) {
-- udev_err(udev, "hwdb.bin does not exist, please run udevadm hwdb --update");
-+ udev_dbg(udev, "hwdb.bin does not exist, please run udevadm hwdb --update");
- udev_hwdb_unref(hwdb);
- return NULL;
- }
---
-2.1.3
-
diff --git a/pcr/systemd-knock/0001-units-don-t-order-journal-flushing-afte-remote-fs.ta.patch b/pcr/systemd-knock/0001-units-don-t-order-journal-flushing-afte-remote-fs.ta.patch
deleted file mode 100644
index 0be955ec7..000000000
--- a/pcr/systemd-knock/0001-units-don-t-order-journal-flushing-afte-remote-fs.ta.patch
+++ /dev/null
@@ -1,31 +0,0 @@
-From 919699ec301ea507edce4a619141ed22e789ac0d Mon Sep 17 00:00:00 2001
-From: Lennart Poettering <lennart@poettering.net>
-Date: Fri, 31 Oct 2014 16:22:36 +0100
-Subject: [PATCH] units: don't order journal flushing afte remote-fs.target
-
-Instead, only depend on the actual file systems we need.
-
-This should solve dep loops on setups where remote-fs.target is moved
-into late boot.
----
- units/systemd-journal-flush.service.in | 3 ++-
- 1 file changed, 2 insertions(+), 1 deletion(-)
-
-diff --git a/units/systemd-journal-flush.service.in b/units/systemd-journal-flush.service.in
-index 699670b..2612220 100644
---- a/units/systemd-journal-flush.service.in
-+++ b/units/systemd-journal-flush.service.in
-@@ -10,8 +10,9 @@ Description=Trigger Flushing of Journal to Persistent Storage
- Documentation=man:systemd-journald.service(8) man:journald.conf(5)
- DefaultDependencies=no
- Requires=systemd-journald.service
--After=systemd-journald.service local-fs.target remote-fs.target
-+After=systemd-journald.service
- Before=systemd-user-sessions.service systemd-tmpfiles-setup.service
-+RequiresMountsFor=/var/log/journal
-
- [Service]
- ExecStart=@rootbindir@/journalctl --flush
---
-2.1.3
-
diff --git a/pcr/systemd-knock/0001-units-make-systemd-journald.service-Type-notify.patch b/pcr/systemd-knock/0001-units-make-systemd-journald.service-Type-notify.patch
deleted file mode 100644
index 820b23fbf..000000000
--- a/pcr/systemd-knock/0001-units-make-systemd-journald.service-Type-notify.patch
+++ /dev/null
@@ -1,35 +0,0 @@
-From a87a38c20196a4aeb56b6ba71d688eefd0b21c30 Mon Sep 17 00:00:00 2001
-From: Michal Schmidt <mschmidt@redhat.com>
-Date: Tue, 4 Nov 2014 20:28:08 +0100
-Subject: [PATCH] units: make systemd-journald.service Type=notify
-
-It already calls sd_notify(), so it looks like an oversight.
-
-Without it, its ordering to systemd-journal-flush.service is
-non-deterministic and the SIGUSR1 from flushing may kill journald before
-it has its signal handlers set up.
-
-https://bugs.freedesktop.org/show_bug.cgi?id=85871
-https://bugzilla.redhat.com/show_bug.cgi?id=1159641
----
-(foutrelis: dropped systemd-journald-audit.socket from Sockets= in order to
- apply to systemd 217)
-
- units/systemd-journald.service.in | 1 +
- 1 file changed, 1 insertion(+)
-
-diff --git a/units/systemd-journald.service.in b/units/systemd-journald.service.in
-index 7ee67fd..8d380c8 100644
---- a/units/systemd-journald.service.in
-+++ b/units/systemd-journald.service.in
-@@ -14,6 +14,7 @@ After=systemd-journald.socket systemd-journald-dev-log.socket systemd-journald-a
- Before=sysinit.target
-
- [Service]
-+Type=notify
- Sockets=systemd-journald.socket systemd-journald-dev-log.socket
- ExecStart=@rootlibexecdir@/systemd-journald
- Restart=always
---
-2.1.3
-
diff --git a/pcr/systemd-knock/0001-units-order-sd-journal-flush-after-sd-remount-fs.patch b/pcr/systemd-knock/0001-units-order-sd-journal-flush-after-sd-remount-fs.patch
deleted file mode 100644
index b288b5765..000000000
--- a/pcr/systemd-knock/0001-units-order-sd-journal-flush-after-sd-remount-fs.patch
+++ /dev/null
@@ -1,29 +0,0 @@
-From 1f1926aa5e836caa3bd6df43704aecd606135103 Mon Sep 17 00:00:00 2001
-From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= <zbyszek@in.waw.pl>
-Date: Sun, 2 Nov 2014 21:45:42 -0500
-Subject: [PATCH] units: order sd-journal-flush after sd-remount-fs
-
-Otherwise we could attempt to flush the journal while /var/log/ was
-still ro, and silently skip journal flushing.
-
-The way that errors in flushing are handled should still be changed to
-be more transparent and robust.
----
- units/systemd-journal-flush.service.in | 1 +
- 1 file changed, 1 insertion(+)
-
-diff --git a/units/systemd-journal-flush.service.in b/units/systemd-journal-flush.service.in
-index fa29089..98c91b4 100644
---- a/units/systemd-journal-flush.service.in
-+++ b/units/systemd-journal-flush.service.in
-@@ -11,6 +11,7 @@ Documentation=man:systemd-journald.service(8) man:journald.conf(5)
- DefaultDependencies=no
- Requires=systemd-journald.service
- After=systemd-journald.service
-+After=systemd-remount-fs.service
- Before=systemd-user-sessions.service systemd-tmpfiles-setup.service
- RequiresMountsFor=/var/log/journal
-
---
-2.1.3
-
diff --git a/pcr/systemd-knock/PKGBUILD b/pcr/systemd-knock/PKGBUILD
index 932fe14cd..ad7e45925 100644
--- a/pcr/systemd-knock/PKGBUILD
+++ b/pcr/systemd-knock/PKGBUILD
@@ -1,78 +1,82 @@
# Maintainer (Arch): Dave Reisner <dreisner@archlinux.org>
# Maintainer (Arch): Tom Gundersen <teg@jklm.no>
# Maintainer: Márcio Silva <coadde@parabola.nu>
+# Maintainer: André Silva <emulatorman@parabola.nu>
_pkgbase=systemd
pkgbase=systemd-knock
-pkgname=('systemd-knock' 'libsystemd-knock')
-pkgver=217
-pkgrel=8
+pkgname=('systemd-knock' 'libsystemd-knock' 'systemd-knock-sysvcompat')
+pkgver=221
+pkgrel=2
arch=('i686' 'x86_64')
url="http://www.freedesktop.org/wiki/Software/systemd"
-makedepends=('acl' 'cryptsetup' 'docbook-xsl' 'gobject-introspection' 'gperf'
- 'gtk-doc' 'intltool' 'kmod' 'libcap' 'libidn' 'libgcrypt' 'libmicrohttpd'
- 'libxslt' 'util-linux' 'linux-api-headers' 'lz4' 'pam' 'python'
- 'python-lxml' 'quota-tools' 'shadow' 'xz')
+makedepends=('acl' 'cryptsetup' 'docbook-xsl' 'gperf' 'lz4' 'xz' 'pam'
+ 'intltool' 'iptables' 'kmod' 'libcap' 'libidn' 'libgcrypt'
+ 'libmicrohttpd' 'libxslt' 'util-linux' 'linux-libre-api-headers'
+ 'python' 'python-lxml' 'quota-tools' 'shadow' 'gnu-efi-libs' 'git')
options=('strip' 'debug')
-source=("http://www.freedesktop.org/software/$_pkgbase/$_pkgbase-$pkgver.tar.xz"
- '0001-nspawn-ignore-EEXIST-when-creating-mount-point.patch'
- '0001-sd-dhcp-client-clean-up-raw-socket-sd_event_source-w.patch'
- '0001-shared-install-avoid-prematurely-rejecting-missing-u.patch'
- '0001-sd-bus-properly-handle-removals-of-non-existing-matc.patch'
- '0001-units-don-t-order-journal-flushing-afte-remote-fs.ta.patch'
- '0001-units-order-sd-journal-flush-after-sd-remount-fs.patch'
- '0001-units-make-systemd-journald.service-Type-notify.patch'
- '0001-shutdown-fix-arguments-to-run-initramfs-shutdown.patch'
- '0001-udev-hwdb-Change-error-message-regarding-missing-hwd.patch'
- '0001-adds-TCP-Stealth-support-to-systemd.patch::https://gnunet.org/sites/default/files/systemd-knock-patch.diff'
+source=("git://github.com/systemd/systemd.git#tag=v$pkgver"
+ #'0001-adds-TCP-Stealth-support-to-systemd.patch::https://gnunet.org/sites/default/files/systemd-knock-patch.diff'
+ "https://repo.parabola.nu/other/knock/patches/systemd/0001-adds-TCP-Stealth-support-to-systemd-221.patch"
'initcpio-hook-udev'
'initcpio-install-systemd'
- 'initcpio-install-udev')
-md5sums=('e68dbff3cc19f66e341572d9fb2ffa89'
- 'ca9e33118fd8d456563854d95512a577'
- 'ade8c1b5b2c85d0a83b7bcf5aa6d131a'
- '7aaf44ce842deb449fca0f2595bbc1e4'
- '4adc3ddce027693bafa53089322e859b'
- '42ff9d59bb057637355b202157d59991'
- '92497d06e0af615be4b368fe615109c0'
- 'a321d62d6ffada9e6976bdd339fa3219'
- 'f72e8d086172177c224f0ce48ef54222'
- '6326988822e9d18217525b2cb25cec1d'
- '460945a02c8972bbc6616a5d8136a3ad'
+ 'initcpio-install-udev'
+ 'parabola.conf'
+ 'loader.conf'
+ 'splash-parabola.bmp')
+md5sums=('SKIP'
+ '936208db8995db77efbb388735f950af'
'90ea67a7bb237502094914622a39e281'
- '107c489f27c667be4101aecd3369b355'
- 'bde43090d4ac0ef048e3eaee8202a407')
-
+ '976c5511b6493715e381f43f16cdb151'
+ 'bde43090d4ac0ef048e3eaee8202a407'
+ '36ee74767ac8734dede1cbd0f4f275d7'
+ '9b9f4a58e4c4009bf5290c5b297600c3'
+ 'db7c5e4aaa501c1af4301e011f4f5966')
prepare() {
- cd "$_pkgbase-$pkgver"
-
- patch -Np1 <../0001-nspawn-ignore-EEXIST-when-creating-mount-point.patch
- patch -Np1 <../0001-sd-dhcp-client-clean-up-raw-socket-sd_event_source-w.patch
- patch -Np1 <../0001-shared-install-avoid-prematurely-rejecting-missing-u.patch
- patch -Np1 <../0001-sd-bus-properly-handle-removals-of-non-existing-matc.patch
- patch -Np1 <../0001-units-don-t-order-journal-flushing-afte-remote-fs.ta.patch
- patch -Np1 <../0001-units-order-sd-journal-flush-after-sd-remount-fs.patch
- patch -Np1 <../0001-units-make-systemd-journald.service-Type-notify.patch
- patch -Np1 <../0001-shutdown-fix-arguments-to-run-initramfs-shutdown.patch
- patch -Np1 <../0001-udev-hwdb-Change-error-message-regarding-missing-hwd.patch
- patch -Np1 <../0001-adds-TCP-Stealth-support-to-systemd.patch
+ cd "$_pkgbase"
+
+ # pam_systemd: Properly check kdbus availability
+ # https://github.com/systemd/systemd/commit/c5d452bb228e
+ git cherry-pick -n c5d452bb228e
+
+ # udevd: suppress warning if we don't find cgroup
+ # https://github.com/systemd/systemd/commit/11b9fb15be96
+ git cherry-pick -n 11b9fb15be96
+
+ # core: fix reversed dependency check in unit_check_unneeded
+ # https://github.com/systemd/systemd/commit/084918ba41ac
+ git cherry-pick -n 084918ba41ac
+
+ # rules: remove all power management from udev
+ # https://github.com/systemd/systemd/commit/e2452eef02a8
+ git cherry-pick -n e2452eef02a8
+
+ # logind: fix delayed execution regression
+ # https://github.com/systemd/systemd/commit/418b22b88f79
+ git cherry-pick -n 418b22b88f79
+
+ # bus-proxy: never apply policy when sending signals
+ # https://github.com/systemd/systemd/commit/3723263f4989
+ git cherry-pick -n 3723263f4989
+
+ patch -Np1 <../0001-adds-TCP-Stealth-support-to-systemd-221.patch
+
+ ./autogen.sh
}
build() {
- cd "$_pkgbase-$pkgver"
+ cd "$_pkgbase"
local timeservers=({0..3}.arch.pool.ntp.org)
- autoreconf --force --install -I config -I m4
./configure \
--libexecdir=/usr/lib \
--localstatedir=/var \
--sysconfdir=/etc \
- --enable-introspection \
- --enable-gtk-doc \
--enable-lz4 \
--enable-compat-libs \
+ --enable-gnuefi \
--enable-tcp-stealth \
--disable-audit \
--disable-ima \
@@ -85,10 +89,11 @@ build() {
}
package_systemd-knock() {
- pkgdesc="system and service manager with support for stealth TCP sockets"
- license=('GPL2' 'LGPL2.1' 'MIT')
- depends=('acl' 'bash' 'dbus' 'glib2' 'kbd' 'kmod' 'hwids' 'libcap' 'libgcrypt'
- 'libsystemd-knock' 'libidn' 'lz4' 'pam' 'libseccomp' 'util-linux' 'xz')
+ pkgdesc="system and service manager with support for stealth TCP sockets (Parabola rebranded)"
+ license=('GPL2' 'LGPL2.1')
+ depends=('acl' 'bash' 'dbus' 'glib2' 'iptables' 'kbd' 'kmod' 'hwids' 'libcap'
+ 'libgcrypt' 'libsystemd-knock' 'libidn' 'lz4' 'pam' 'libseccomp' 'util-linux'
+ 'xz')
provides=('nss-myhostname' "systemd-tools=$pkgver" "udev=$pkgver" "systemd=$pkgver")
replaces=('nss-myhostname' 'systemd-tools' 'udev')
conflicts=('nss-myhostname' 'systemd-tools' 'udev' 'systemd')
@@ -96,7 +101,7 @@ package_systemd-knock() {
'cryptsetup: required for encrypted block devices'
'libmicrohttpd: remote journald capabilities'
'quota-tools: kernel-level quota management'
- 'systemd-sysvcompat: symlink package to provide sysvinit binaries'
+ 'systemd-knock-sysvcompat: symlink package to provide sysvinit binaries'
'polkit: allow administration as unprivileged user')
backup=(etc/dbus-1/system.d/org.freedesktop.systemd1.conf
etc/dbus-1/system.d/org.freedesktop.hostname1.conf
@@ -104,10 +109,14 @@ package_systemd-knock() {
etc/dbus-1/system.d/org.freedesktop.locale1.conf
etc/dbus-1/system.d/org.freedesktop.machine1.conf
etc/dbus-1/system.d/org.freedesktop.timedate1.conf
+ etc/dbus-1/system.d/org.freedesktop.import1.conf
+ etc/dbus-1/system.d/org.freedesktop.network1.conf
etc/pam.d/systemd-user
etc/systemd/bootchart.conf
etc/systemd/coredump.conf
etc/systemd/journald.conf
+ etc/systemd/journal-remote.conf
+ etc/systemd/journal-upload.conf
etc/systemd/logind.conf
etc/systemd/system.conf
etc/systemd/timesyncd.conf
@@ -116,23 +125,17 @@ package_systemd-knock() {
etc/udev/udev.conf)
install="systemd.install"
- make -C "$_pkgbase-$pkgver" DESTDIR="$pkgdir" install
+ make -C "$_pkgbase" DESTDIR="$pkgdir" install
# don't write units to /etc by default. some of these will be re-enabled on
# post_install.
- rm "$pkgdir/etc/systemd/system/getty.target.wants/getty@tty1.service" \
- "$pkgdir/etc/systemd/system/multi-user.target.wants/systemd-networkd.service" \
- "$pkgdir/etc/systemd/system/multi-user.target.wants/systemd-resolved.service" \
- "$pkgdir/etc/systemd/system/sysinit.target.wants/systemd-timesyncd.service" \
- "$pkgdir/etc/systemd/system/network-online.target.wants/systemd-networkd-wait-online.service"
- rmdir "$pkgdir/etc/systemd/system/getty.target.wants" \
- "$pkgdir/etc/systemd/system/network-online.target.wants"
+ rm -r "$pkgdir/etc/systemd/system/"*.wants
# get rid of RPM macros
rm -r "$pkgdir/usr/lib/rpm"
# add back tmpfiles.d/legacy.conf
- install -m644 "systemd-$pkgver/tmpfiles.d/legacy.conf" "$pkgdir/usr/lib/tmpfiles.d"
+ install -m644 "systemd/tmpfiles.d/legacy.conf" "$pkgdir/usr/lib/tmpfiles.d"
# Replace dialout/tape/cdrom group in rules with uucp/storage/optical group
sed -i 's#GROUP="dialout"#GROUP="uucp"#g;
@@ -149,7 +152,10 @@ package_systemd-knock() {
# ensure proper permissions for /var/log/journal. This is only to placate
chown root:systemd-journal "$pkgdir/var/log/journal"
- chmod 2755 "$pkgdir/var/log/journal"{,/remote}
+ chmod 2755 "$pkgdir/var/log/journal"
+
+ # we'll create this on installation
+ rmdir "$pkgdir/var/log/journal/remote"
# fix pam file
sed 's|system-auth|system-login|g' -i "$pkgdir/etc/pam.d/systemd-user"
@@ -167,22 +173,41 @@ package_systemd-knock() {
rm -rf "$srcdir/_libsystemd"
install -dm755 "$srcdir"/_libsystemd/usr/lib
cd "$srcdir"/_libsystemd
- mv "$pkgdir"/usr/lib/lib{systemd,{g,}udev}*.so* usr/lib
+ mv "$pkgdir"/usr/lib/lib{systemd,udev}*.so* usr/lib
- # include MIT license, since it's technically custom
- install -Dm644 "$srcdir/$_pkgbase-$pkgver/LICENSE.MIT" \
- "$pkgdir/usr/share/licenses/systemd/LICENSE.MIT"
+ # add example bootctl configuration
+ install -Dm644 "$srcdir/parabola.conf" "$pkgdir"/usr/share/systemd/bootctl/parabola.conf
+ install -Dm644 "$srcdir/loader.conf" "$pkgdir"/usr/share/systemd/bootctl/loader.conf
+ install -Dm644 "$srcdir/splash-parabola.bmp" "$pkgdir"/usr/share/systemd/bootctl/splash-parabola.bmp
}
package_libsystemd-knock() {
pkgdesc="systemd client libraries with support for stealth TCP sockets"
depends=('glib2' 'glibc' 'libgcrypt' 'lz4' 'xz')
license=('GPL2')
- provides=('libgudev-1.0.so' 'libsystemd.so' 'libsystemd-daemon.so' 'libsystemd-id128.so'
+ provides=('libsystemd.so' 'libsystemd-daemon.so' 'libsystemd-id128.so'
'libsystemd-journal.so' 'libsystemd-login.so' 'libudev.so' "libsystemd=$pkgver")
conflicts=('libsystemd')
mv "$srcdir/_libsystemd"/* "$pkgdir"
}
+package_systemd-knock-sysvcompat() {
+ pkgdesc="sysvinit compat for systemd-knock"
+ license=('GPL2')
+ groups=('base')
+ provides=("systemd-sysvcompat=$pkgver")
+ conflicts=('sysvinit' 'systemd-sysvcompat')
+ depends=('systemd-knock')
+
+ mv "$srcdir/_sysvcompat"/* "$pkgdir"
+
+ install -dm755 "$pkgdir/usr/bin"
+ for tool in runlevel reboot shutdown poweroff halt telinit; do
+ ln -s 'systemctl' "$pkgdir/usr/bin/$tool"
+ done
+
+ ln -s '../lib/systemd/systemd' "$pkgdir/usr/bin/init"
+}
+
# vim: ft=sh syn=sh et
diff --git a/pcr/systemd-knock/initcpio-install-systemd b/pcr/systemd-knock/initcpio-install-systemd
index 1ebca01a8..96df98ada 100644
--- a/pcr/systemd-knock/initcpio-install-systemd
+++ b/pcr/systemd-knock/initcpio-install-systemd
@@ -34,6 +34,7 @@ add_udev_rule() {
strip_quotes 'value'
# just take the first word as the binary name
binary=${value%% *}
+ [[ ${binary:0:1} == '$' ]] && continue
if [[ ${binary:0:1} != '/' ]]; then
binary=$(PATH=/usr/lib/udev:/lib/udev type -P "$binary")
fi
@@ -101,14 +102,13 @@ build() {
add_binary /usr/lib/systemd/systemd /init
map add_binary \
+ /usr/bin/systemd-tmpfiles \
/usr/lib/systemd/systemd-hibernate-resume \
- /usr/lib/systemd/system-generators/systemd-hibernate-resume-generator \
- /usr/bin/systemd-tmpfiles
-
- # generators
- map add_file \
/usr/lib/systemd/system-generators/systemd-fstab-generator \
- /usr/lib/systemd/system-generators/systemd-gpt-auto-generator
+ /usr/lib/systemd/system-generators/systemd-gpt-auto-generator \
+ /usr/lib/systemd/system-generators/systemd-hibernate-resume-generator
+
+ add_module "kdbus?"
# udev rules and systemd units
map add_udev_rule "$rules" \
@@ -131,12 +131,14 @@ build() {
local-fs.target \
local-fs-pre.target \
paths.target \
+ reboot.target \
slices.target \
sockets.target \
swap.target \
systemd-fsck@.service \
systemd-hibernate-resume@.service \
systemd-journald.service \
+ systemd-journald-audit.socket \
systemd-journald-dev-log.socket \
systemd-tmpfiles-setup-dev.service \
systemd-udev-trigger.service \
diff --git a/pcr/systemd-knock/loader.conf b/pcr/systemd-knock/loader.conf
new file mode 100644
index 000000000..a064e3463
--- /dev/null
+++ b/pcr/systemd-knock/loader.conf
@@ -0,0 +1 @@
+default parabola
diff --git a/pcr/systemd-knock/parabola.conf b/pcr/systemd-knock/parabola.conf
new file mode 100644
index 000000000..111072ea2
--- /dev/null
+++ b/pcr/systemd-knock/parabola.conf
@@ -0,0 +1,7 @@
+## This is just an example config file.
+## Please edit the paths and kernel parameters according to your system.
+
+title Parabola GNU/Linux-libre
+linux /vmlinuz-linux-libre
+initrd /initramfs-linux-libre.img
+options root=PARTUUID=XXXX rootfstype=XXXX add_efi_memmap
diff --git a/pcr/systemd-knock/splash-parabola.bmp b/pcr/systemd-knock/splash-parabola.bmp
new file mode 100644
index 000000000..b6ae7fcee
--- /dev/null
+++ b/pcr/systemd-knock/splash-parabola.bmp
Binary files differ
diff --git a/pcr/systemd-knock/systemd.install b/pcr/systemd-knock/systemd.install
index 8957a3336..b0a3e1fa4 100644
--- a/pcr/systemd-knock/systemd.install
+++ b/pcr/systemd-knock/systemd.install
@@ -146,22 +146,34 @@ _216_2_changes() {
echo ' tuned in /etc/systemd/coredump.conf.'
}
+_219_2_changes() {
+ if mkdir -m2755 var/log/journal/remote 2>/dev/null; then
+ chgrp systemd-journal-remote var/log/journal/remote
+ fi
+}
+
+_219_4_changes() {
+ if ! systemctl is-enabled -q remote-fs.target; then
+ systemctl enable -q remote-fs.target
+ fi
+}
+
post_install() {
- # because systemd can't sanely manage this meanial task...
- uuidgen | {
- read
- echo "${REPLY//-}">etc/machine-id
- }
+ systemd-machine-id-setup
post_common "$@"
add_journal_acls
- # enable getty@tty1 by default, but don't track the file
- systemctl enable getty@tty1.service
+ # enable some services by default, but don't track them
+ systemctl enable getty@tty1.service remote-fs.target
echo ":: Append 'init=/usr/lib/systemd/systemd' to your kernel command line in your"
echo " bootloader to replace sysvinit with systemd, or install systemd-sysvcompat"
+
+ # group 'systemd-journal-remote' is created by systemd-sysusers
+ mkdir -m2755 var/log/journal/remote
+ chgrp systemd-journal-remote var/log/journal/remote
}
post_upgrade() {
@@ -179,7 +191,9 @@ post_upgrade() {
213-4
214-2
215-2
- 216-2)
+ 216-2
+ 219-2
+ 219-4)
for v in "${upgrades[@]}"; do
if [[ $(vercmp "$v" "$2") -eq 1 ]]; then