nordic-dev.net/nixpkgs
nordic-dev.net/nixpkgs
2
0
Fork 0
mirror of https://github.com/NixOS/nixpkgs.git synced 2024-12-02 20:03:16 +00:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #243242 from RaitoBezarius/systemd-254

Browse Source
This commit is contained in:
Ryan Lahfa 2023-09-13 15:23:00 +02:00 committed by GitHub
commit a314291652
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
25 changed files with 123 additions and 147 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
nixos/doc/manual/release-notes/rl-2311.section.md
View File

@ -10,6 +10,12 @@
- The `nixos-rebuild` command has been given a `list-generations` subcommand. See `man nixos-rebuild` for more details.
- [systemd](https://systemd.io) has been updated from v253 to v254, see [the release notes](https://github.com/systemd/systemd/blob/v254/NEWS#L3-L659) for more information on the changes.
- `boot.resumeDevice` **must be specified** when hibernating if not in EFI mode.
- systemd may warn your system about the permissions of your ESP partition (often `/boot`), this warning can be ignored for now, we are looking
into a satisfying solution regarding this problem.
- Updating with `nixos-rebuild boot` and rebooting is recommended, since in some rare cases the `nixos-rebuild switch` into the new generation on a live system might fail due to missing mount units.
## New Services {#sec-release-23.11-new-services}
- [MCHPRS](https://github.com/MCHPR/MCHPRS), a multithreaded Minecraft server built for redstone. Available as [services.mchprs](#opt-services.mchprs.enable).

3
nixos/modules/config/console.nix
View File

@ -168,6 +168,9 @@ in
# ...but only the keymaps if we don't
"/etc/kbd/keymaps" = lib.mkIf (!cfg.earlySetup) { source = "${consoleEnv config.boot.initrd.systemd.package.kbd}/share/keymaps"; };
};
boot.initrd.systemd.additionalUpstreamUnits = [
"systemd-vconsole-setup.service"
];
boot.initrd.systemd.storePaths = [
"${config.boot.initrd.systemd.package}/lib/systemd/systemd-vconsole-setup"
"${config.boot.initrd.systemd.package.kbd}/bin/setfont"

3
nixos/modules/image/repart.nix
View File

@ -188,6 +188,7 @@ in
nativeBuildInputs = [
cfg.package
pkgs.fakeroot
pkgs.util-linux
] ++ fileSystemTools;
} ''
amendedRepartDefinitions=$(${amendRepartDefinitions} ${partitions} ${definitionsDirectory})
@ -195,7 +196,7 @@ in
mkdir -p $out
cd $out
fakeroot systemd-repart \
unshare --map-root-user fakeroot systemd-repart \
--dry-run=no \
--empty=create \
--size=auto \

1
nixos/modules/system/boot/systemd.nix
View File

@ -48,6 +48,7 @@ let
"rescue.service"
# Udev.
"systemd-tmpfiles-setup-dev-early.service"
"systemd-udevd-control.socket"
"systemd-udevd-kernel.socket"
"systemd-udevd.service"

1
nixos/modules/system/boot/systemd/initrd.nix
View File

@ -57,7 +57,6 @@ let
"systemd-ask-password-console.service"
"systemd-fsck@.service"
"systemd-halt.service"
"systemd-hibernate-resume@.service"
"systemd-journald-audit.socket"
"systemd-journald-dev-log.socket"
"systemd-journald.service"

6
pkgs/development/python-modules/systemd/default.nix
View File

@ -36,7 +36,9 @@ buildPythonPackage rec {
export NIX_REDIRECTS=/etc/machine-id=$(realpath machine-id) \
LD_PRELOAD=${libredirect}/lib/libredirect.so
pytest $out/${python.sitePackages}/systemd
# Those tests assume /etc/machine-id to be available
# But our redirection technique does not work apparently
pytest $out/${python.sitePackages}/systemd -k 'not test_get_machine and not test_get_machine_app_specific and not test_reader_this_machine'
'';
pythonImportsCheck = [
@ -51,6 +53,6 @@ buildPythonPackage rec {
homepage = "https://www.freedesktop.org/software/systemd/python-systemd/";
changelog = "https://github.com/systemd/python-systemd/blob/v${version}/NEWS";
license = licenses.lgpl21Plus;
maintainers = with maintainers; [ ];
maintainers = with maintainers; [ raitobezarius ];
};
}

2
pkgs/os-specific/linux/systemd/0001-Start-device-units-for-uninitialised-encrypted-devic.patch
View File

@ -13,7 +13,7 @@ unit. (However, this ignores the fsck unit, so it's not perfect...)
1 file changed, 4 deletions(-)
diff --git a/rules.d/99-systemd.rules.in b/rules.d/99-systemd.rules.in
index 3dbba1f850..40d367d1c8 100644
index c0defc31de..8f80235731 100644
--- a/rules.d/99-systemd.rules.in
+++ b/rules.d/99-systemd.rules.in
@@ -20,10 +20,6 @@ SUBSYSTEM=="block", TAG+="systemd"

32
pkgs/os-specific/linux/systemd/0002-Don-t-try-to-unmount-nix-or-nix-store.patch
View File

@ -1,21 +1,23 @@
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: Eelco Dolstra <eelco.dolstra@logicblox.com>
Date: Fri, 12 Apr 2013 13:16:57 +0200
From: Raito Bezarius <masterancpp@gmail.com>
Date: Mon, 19 Jun 2023 02:11:35 +0200
Subject: [PATCH] Don't try to unmount /nix or /nix/store
They'll still be remounted read-only.
https://github.com/NixOS/nixos/issues/126
Original-Author: Eelco Dolstra <eelco.dolstra@logicblox.com>
---
src/shared/fstab-util.c | 2 ++
src/shutdown/umount.c | 2 ++
2 files changed, 4 insertions(+)
src/shutdown/umount.c | 6 ++++--
2 files changed, 6 insertions(+), 2 deletions(-)
diff --git a/src/shared/fstab-util.c b/src/shared/fstab-util.c
index 164e71a150..68e0766594 100644
index 4ffec25c75..b99031c54e 100644
--- a/src/shared/fstab-util.c
+++ b/src/shared/fstab-util.c
@@ -41,6 +41,8 @@ bool fstab_is_extrinsic(const char *mount, const char *opts) {
@@ -43,6 +43,8 @@ bool fstab_is_extrinsic(const char *mount, const char *opts) {
/* Don't bother with the OS data itself */
if (PATH_IN_SET(mount,
"/",
@ -25,15 +27,19 @@ index 164e71a150..68e0766594 100644
"/etc"))
return true;
diff --git a/src/shutdown/umount.c b/src/shutdown/umount.c
index 61bd9d2601..a6243da417 100644
index 1586c2e214..fcae95f824 100644
--- a/src/shutdown/umount.c
+++ b/src/shutdown/umount.c
@@ -531,6 +531,8 @@ static int delete_md(MountPoint *m) {
@@ -170,8 +170,10 @@ int mount_points_list_get(const char *mountinfo, MountPoint **head) {
static bool nonunmountable_path(const char *path) {
return path_equal(path, "/")
assert(path);
- return PATH_IN_SET(path, "/", "/usr") ||
- path_startswith(path, "/run/initramfs");
+ return PATH_IN_SET(path, "/", "/usr")
+ || path_equal(path, "/nix")
+ || path_equal(path, "/nix/store")
#if ! HAVE_SPLIT_USR
|| path_equal(path, "/usr")
#endif
+ || path_startswith(path, "/run/initramfs");
}
static void log_umount_blockers(const char *mnt) {

6
pkgs/os-specific/linux/systemd/0003-Fix-NixOS-containers.patch
View File

@ -10,10 +10,10 @@ container, so checking early whether it exists will fail.
1 file changed, 2 insertions(+)
diff --git a/src/nspawn/nspawn.c b/src/nspawn/nspawn.c
index 3dabe12672..e5aa4feb1e 100644
index e170958fc5..898a674631 100644
--- a/src/nspawn/nspawn.c
+++ b/src/nspawn/nspawn.c
@@ -5638,6 +5638,7 @@ static int run(int argc, char *argv[]) {
@@ -5648,6 +5648,7 @@ static int run(int argc, char *argv[]) {
goto finish;
}
} else {
@ -21,7 +21,7 @@ index 3dabe12672..e5aa4feb1e 100644
_cleanup_free_ char *p = NULL;
if (arg_pivot_root_new)
@@ -5652,6 +5653,7 @@ static int run(int argc, char *argv[]) {
@@ -5662,6 +5663,7 @@ static int run(int argc, char *argv[]) {
"Directory %s doesn't look like it has an OS tree (/usr/ directory is missing). Refusing.", arg_directory);
goto finish;
}

26
pkgs/os-specific/linux/systemd/0004-Add-some-NixOS-specific-unit-directories.patch
View File

@ -1,6 +1,6 @@
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: Eelco Dolstra <eelco.dolstra@logicblox.com>
Date: Fri, 19 Dec 2014 14:46:17 +0100
From: Raito Bezarius <masterancpp@gmail.com>
Date: Mon, 19 Jun 2023 02:13:42 +0200
Subject: [PATCH] Add some NixOS-specific unit directories
Look in `/nix/var/nix/profiles/default/lib/systemd/{system,user}` for
@ -8,13 +8,15 @@ units provided by packages installed into the default profile via
`nix-env -iA nixos.$package`.
Also, remove /usr and /lib as these don't exist on NixOS.
Original-Author: Eelco Dolstra <eelco.dolstra@logicblox.com>
---
src/basic/path-lookup.c | 17 ++---------------
src/core/systemd.pc.in | 8 ++++----
2 files changed, 6 insertions(+), 19 deletions(-)
diff --git a/src/basic/path-lookup.c b/src/basic/path-lookup.c
index c99e9d8786..b9f85d1f8c 100644
index 7d158a8295..f9bd62b631 100644
--- a/src/basic/path-lookup.c
+++ b/src/basic/path-lookup.c
@@ -92,11 +92,7 @@ int xdg_user_data_dir(char **ret, const char *suffix) {
@ -62,35 +64,37 @@ index c99e9d8786..b9f85d1f8c 100644
STRV_IFNOTNULL(generator_late));
break;
@@ -808,7 +799,6 @@ char **generator_binary_paths(LookupScope scope) {
case LOOKUP_SCOPE_SYSTEM:
@@ -808,7 +799,6 @@ char **generator_binary_paths(RuntimeScope scope) {
case RUNTIME_SCOPE_SYSTEM:
add = strv_new("/run/systemd/system-generators",
"/etc/systemd/system-generators",
- "/usr/local/lib/systemd/system-generators",
SYSTEM_GENERATOR_DIR);
break;
@@ -816,7 +806,6 @@ char **generator_binary_paths(LookupScope scope) {
case LOOKUP_SCOPE_USER:
@@ -816,7 +806,6 @@ char **generator_binary_paths(RuntimeScope scope) {
case RUNTIME_SCOPE_USER:
add = strv_new("/run/systemd/user-generators",
"/etc/systemd/user-generators",
- "/usr/local/lib/systemd/user-generators",
USER_GENERATOR_DIR);
break;
@@ -855,12 +844,10 @@ char **env_generator_binary_paths(bool is_system) {
if (is_system)
@@ -855,14 +844,12 @@ char **env_generator_binary_paths(RuntimeScope runtime_scope) {
case RUNTIME_SCOPE_SYSTEM:
add = strv_new("/run/systemd/system-environment-generators",
"/etc/systemd/system-environment-generators",
- "/usr/local/lib/systemd/system-environment-generators",
SYSTEM_ENV_GENERATOR_DIR);
else
break;
case RUNTIME_SCOPE_USER:
add = strv_new("/run/systemd/user-environment-generators",
"/etc/systemd/user-environment-generators",
- "/usr/local/lib/systemd/user-environment-generators",
USER_ENV_GENERATOR_DIR);
break;
if (!add)
diff --git a/src/core/systemd.pc.in b/src/core/systemd.pc.in
index 693433b34b..5932a21b5b 100644
--- a/src/core/systemd.pc.in

4
pkgs/os-specific/linux/systemd/0005-Get-rid-of-a-useless-message-in-user-sessions.patch
View File

@ -13,10 +13,10 @@ in containers.
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/src/core/manager.c b/src/core/manager.c
index 4bc8a06bd2..342892490e 100644
index 22ec6e79b1..771e8e7f16 100644
--- a/src/core/manager.c
+++ b/src/core/manager.c
@@ -1486,7 +1486,8 @@ static unsigned manager_dispatch_stop_when_bound_queue(Manager *m) {
@@ -1559,7 +1559,8 @@ static unsigned manager_dispatch_stop_when_bound_queue(Manager *m) {
if (!unit_is_bound_by_inactive(u, &culprit))
continue;

20
pkgs/os-specific/linux/systemd/0006-hostnamed-localed-timedated-disable-methods-that-cha.patch
View File

@ -11,10 +11,10 @@ Subject: [PATCH] hostnamed, localed, timedated: disable methods that change
3 files changed, 25 insertions(+)
diff --git a/src/hostname/hostnamed.c b/src/hostname/hostnamed.c
index 36ab0148b9..7d458d196d 100644
index 9ef45f8e75..99b1ec2e36 100644
--- a/src/hostname/hostnamed.c
+++ b/src/hostname/hostnamed.c
@@ -1028,6 +1028,9 @@ static int method_set_static_hostname(sd_bus_message *m, void *userdata, sd_bus_
@@ -1053,6 +1053,9 @@ static int method_set_static_hostname(sd_bus_message *m, void *userdata, sd_bus_
if (r < 0)
return r;
@ -24,7 +24,7 @@ index 36ab0148b9..7d458d196d 100644
name = empty_to_null(name);
context_read_etc_hostname(c);
@@ -1091,6 +1094,9 @@ static int set_machine_info(Context *c, sd_bus_message *m, int prop, sd_bus_mess
@@ -1116,6 +1119,9 @@ static int set_machine_info(Context *c, sd_bus_message *m, int prop, sd_bus_mess
if (r < 0)
return r;
@ -35,10 +35,10 @@ index 36ab0148b9..7d458d196d 100644
context_read_machine_info(c);
diff --git a/src/locale/localed.c b/src/locale/localed.c
index 841e5e3e91..a21e34430b 100644
index f544a73580..ce00c262cc 100644
--- a/src/locale/localed.c
+++ b/src/locale/localed.c
@@ -264,6 +264,9 @@ static int method_set_locale(sd_bus_message *m, void *userdata, sd_bus_error *er
@@ -229,6 +229,9 @@ static int method_set_locale(sd_bus_message *m, void *userdata, sd_bus_error *er
use_localegen = locale_gen_check_available();
@ -48,7 +48,7 @@ index 841e5e3e91..a21e34430b 100644
/* If single locale without variable name is provided, then we assume it is LANG=. */
if (strv_length(l) == 1 && !strchr(l[0], '=')) {
if (!locale_is_valid(l[0]))
@@ -382,6 +385,9 @@ static int method_set_vc_keyboard(sd_bus_message *m, void *userdata, sd_bus_erro
@@ -347,6 +350,9 @@ static int method_set_vc_keyboard(sd_bus_message *m, void *userdata, sd_bus_erro
if (r < 0)
return bus_log_parse_error(r);
@ -57,8 +57,8 @@ index 841e5e3e91..a21e34430b 100644
+
vc_context_empty_to_null(&in);
FOREACH_STRING(name, in.keymap ?: in.toggle, in.keymap ? in.toggle : NULL) {
@@ -607,6 +613,9 @@ static int method_set_x11_keyboard(sd_bus_message *m, void *userdata, sd_bus_err
r = vc_context_verify_and_warn(&in, LOG_ERR, error);
@@ -465,6 +471,9 @@ static int method_set_x11_keyboard(sd_bus_message *m, void *userdata, sd_bus_err
if (r < 0)
return bus_log_parse_error(r);
@ -67,9 +67,9 @@ index 841e5e3e91..a21e34430b 100644
+
x11_context_empty_to_null(&in);
if (!x11_context_is_safe(&in))
r = x11_context_verify_and_warn(&in, LOG_ERR, error);
diff --git a/src/timedate/timedated.c b/src/timedate/timedated.c
index ad483301ef..31ed86955b 100644
index ad1d492d6b..331af34505 100644
--- a/src/timedate/timedated.c
+++ b/src/timedate/timedated.c
@@ -665,6 +665,10 @@ static int method_set_timezone(sd_bus_message *m, void *userdata, sd_bus_error *

28
pkgs/os-specific/linux/systemd/0008-Change-usr-share-zoneinfo-to-etc-zoneinfo.patch
View File

@ -35,10 +35,10 @@ index e486474c44..5f373d0723 100644
<literal>Etc/UTC</literal>. The resulting link should lead to the
corresponding binary
diff --git a/src/basic/time-util.c b/src/basic/time-util.c
index 0bea149324..4b16115d43 100644
index 1db630003a..31744c3e68 100644
--- a/src/basic/time-util.c
+++ b/src/basic/time-util.c
@@ -1283,7 +1283,7 @@ static int get_timezones_from_zone1970_tab(char ***ret) {
@@ -1350,7 +1350,7 @@ static int get_timezones_from_zone1970_tab(char ***ret) {
assert(ret);
@ -47,16 +47,16 @@ index 0bea149324..4b16115d43 100644
if (!f)
return -errno;
@@ -1322,7 +1322,7 @@ static int get_timezones_from_tzdata_zi(char ***ret) {
_cleanup_strv_free_ char **zones = NULL;
int r;
@@ -1391,7 +1391,7 @@ static int get_timezones_from_tzdata_zi(char ***ret) {
assert(ret);
- f = fopen("/usr/share/zoneinfo/tzdata.zi", "re");
+ f = fopen("/etc/zoneinfo/tzdata.zi", "re");
if (!f)
return -errno;
@@ -1434,7 +1434,7 @@ int verify_timezone(const char *name, int log_level) {
@@ -1503,7 +1503,7 @@ int verify_timezone(const char *name, int log_level) {
if (p - name >= PATH_MAX)
return -ENAMETOOLONG;
@ -65,7 +65,7 @@ index 0bea149324..4b16115d43 100644
fd = open(t, O_RDONLY|O_CLOEXEC);
if (fd < 0)
@@ -1492,7 +1492,7 @@ int get_timezone(char **ret) {
@@ -1563,7 +1563,7 @@ int get_timezone(char **ret) {
if (r < 0)
return r; /* returns EINVAL if not a symlink */
@ -75,23 +75,23 @@ index 0bea149324..4b16115d43 100644
return -EINVAL;
diff --git a/src/firstboot/firstboot.c b/src/firstboot/firstboot.c
index 9e79f84691..1a1c75718c 100644
index 1956ab3b13..9ef356f8af 100644
--- a/src/firstboot/firstboot.c
+++ b/src/firstboot/firstboot.c
@@ -512,7 +512,7 @@ static int process_timezone(void) {
@@ -630,7 +630,7 @@ static int process_timezone(int rfd) {
if (isempty(arg_timezone))
return 0;
- e = strjoina("../usr/share/zoneinfo/", arg_timezone);
+ e = strjoina("zoneinfo/", arg_timezone);
(void) mkdir_parents(etc_localtime, 0755);
r = symlink_atomic(e, etc_localtime);
r = symlinkat_atomic_full(e, pfd, f, /* make_relative= */ false);
if (r < 0)
diff --git a/src/nspawn/nspawn.c b/src/nspawn/nspawn.c
index e5aa4feb1e..a7a8fae860 100644
index 898a674631..c41a416e04 100644
--- a/src/nspawn/nspawn.c
+++ b/src/nspawn/nspawn.c
@@ -1918,8 +1918,8 @@ int userns_mkdir(const char *root, const char *path, mode_t mode, uid_t uid, gid
@@ -1924,8 +1924,8 @@ int userns_mkdir(const char *root, const char *path, mode_t mode, uid_t uid, gid
static const char *timezone_from_path(const char *path) {
return PATH_STARTSWITH_SET(
path,
@ -103,7 +103,7 @@ index e5aa4feb1e..a7a8fae860 100644
static bool etc_writable(void) {
diff --git a/src/timedate/timedated.c b/src/timedate/timedated.c
index 31ed86955b..8db8d8c288 100644
index 331af34505..722c4b5b4f 100644
--- a/src/timedate/timedated.c
+++ b/src/timedate/timedated.c
@@ -282,7 +282,7 @@ static int context_read_data(Context *c) {

2
pkgs/os-specific/linux/systemd/0009-localectl-use-etc-X11-xkb-for-list-x11.patch
View File

@ -10,7 +10,7 @@ NixOS has an option to link the xkb data files to /etc/X11, but not to
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/locale/localectl.c b/src/locale/localectl.c
index fb83881cc7..c47a33134a 100644
index d8db9d9d22..4601bb5431 100644
--- a/src/locale/localectl.c
+++ b/src/locale/localectl.c
@@ -297,7 +297,7 @@ static int list_x11_keymaps(int argc, char **argv, void *userdata) {

4
pkgs/os-specific/linux/systemd/0010-build-don-t-create-statedir-and-don-t-touch-prefixdi.patch
View File

@ -8,10 +8,10 @@ Subject: [PATCH] build: don't create statedir and don't touch prefixdir
1 file changed, 3 deletions(-)
diff --git a/meson.build b/meson.build
index b1f5477836..1a39484855 100644
index 395eca1943..082cd748bb 100644
--- a/meson.build
+++ b/meson.build
@@ -4278,9 +4278,6 @@ install_data('LICENSE.GPL2',
@@ -4707,9 +4707,6 @@ install_data('LICENSE.GPL2',
install_subdir('LICENSES',
install_dir : docdir)

4
pkgs/os-specific/linux/systemd/0011-add-rootprefix-to-lookup-dir-paths.patch
View File

@ -12,10 +12,10 @@ files that I might have missed.
1 file changed, 4 insertions(+), 2 deletions(-)
diff --git a/src/basic/constants.h b/src/basic/constants.h
index 5d68cc6332..33c06c1f65 100644
index 3f96786da9..6e8fb40c08 100644
--- a/src/basic/constants.h
+++ b/src/basic/constants.h
@@ -73,13 +73,15 @@
@@ -74,13 +74,15 @@
"/run/" n "\0" \
"/usr/local/lib/" n "\0" \
"/usr/lib/" n "\0" \

4
pkgs/os-specific/linux/systemd/0012-systemd-shutdown-execute-scripts-in-etc-systemd-syst.patch
View File

@ -10,10 +10,10 @@ This is needed for NixOS to use such scripts as systemd directory is immutable.
1 file changed, 1 insertion(+)
diff --git a/src/shutdown/shutdown.c b/src/shutdown/shutdown.c
index 5dee1b3a92..c08cf80548 100644
index 8395bb429d..14fbc85bb4 100644
--- a/src/shutdown/shutdown.c
+++ b/src/shutdown/shutdown.c
@@ -339,6 +339,7 @@ static void init_watchdog(void) {
@@ -334,6 +334,7 @@ static void init_watchdog(void) {
int main(int argc, char *argv[]) {
static const char* const dirs[] = {
SYSTEM_SHUTDOWN_PATH,

4
pkgs/os-specific/linux/systemd/0013-systemd-sleep-execute-scripts-in-etc-systemd-system-.patch
View File

@ -9,10 +9,10 @@ This is needed for NixOS to use such scripts as systemd directory is immutable.
1 file changed, 1 insertion(+)
diff --git a/src/sleep/sleep.c b/src/sleep/sleep.c
index 288fa4ae84..07deb19d7c 100644
index de1f6c7ec1..d0cdebd80a 100644
--- a/src/sleep/sleep.c
+++ b/src/sleep/sleep.c
@@ -186,6 +186,7 @@ static int execute(
@@ -224,6 +224,7 @@ static int execute(
};
static const char* const dirs[] = {
SYSTEM_SLEEP_PATH,

4
pkgs/os-specific/linux/systemd/0014-path-util.h-add-placeholder-for-DEFAULT_PATH_NORMAL.patch
View File

@ -10,10 +10,10 @@ systemd itself uses extensively.
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/src/basic/path-util.h b/src/basic/path-util.h
index 56f01f41d8..f9b8627388 100644
index 97175bee11..3839704901 100644
--- a/src/basic/path-util.h
+++ b/src/basic/path-util.h
@@ -24,11 +24,11 @@
@@ -25,11 +25,11 @@
# define PATH_SBIN_BIN_NULSTR(x) PATH_NORMAL_SBIN_BIN_NULSTR(x)
#endif

6
pkgs/os-specific/linux/systemd/0016-inherit-systemd-environment-when-calling-generators.patch
View File

@ -16,10 +16,10 @@ executables that are being called from managers.
1 file changed, 8 insertions(+)
diff --git a/src/core/manager.c b/src/core/manager.c
index 342892490e..1117251fe0 100644
index 771e8e7f16..acf3ead8d7 100644
--- a/src/core/manager.c
+++ b/src/core/manager.c
@@ -3771,9 +3771,17 @@ static int build_generator_environment(Manager *m, char ***ret) {
@@ -3899,9 +3899,17 @@ static int build_generator_environment(Manager *m, char ***ret) {
* adjust generated units to that. Let's pass down some bits of information that are easy for us to
* determine (but a bit harder for generator scripts to determine), as environment variables. */
@ -35,5 +35,5 @@ index 342892490e..1117251fe0 100644
return -ENOMEM;
+#endif
r = strv_env_assign(&nl, "SYSTEMD_SCOPE", MANAGER_IS_SYSTEM(m) ? "system" : "user");
r = strv_env_assign(&nl, "SYSTEMD_SCOPE", runtime_scope_to_string(m->runtime_scope));
if (r < 0)

4
pkgs/os-specific/linux/systemd/0017-core-don-t-taint-on-unmerged-usr.patch
View File

@ -17,10 +17,10 @@ See also: https://github.com/systemd/systemd/issues/24191
1 file changed, 4 deletions(-)
diff --git a/src/core/manager.c b/src/core/manager.c
index 1117251fe0..bf5600a6cf 100644
index acf3ead8d7..bdbab16829 100644
--- a/src/core/manager.c
+++ b/src/core/manager.c
@@ -4617,10 +4617,6 @@ char* manager_taint_string(const Manager *m) {
@@ -4754,10 +4754,6 @@ char* manager_taint_string(const Manager *m) {
if (m->taint_usr)
stage[n++] = "split-usr";

4
pkgs/os-specific/linux/systemd/0018-tpm2_context_init-fix-driver-name-checking.patch
View File

@ -27,10 +27,10 @@ filename_is_valid with path_is_valid.
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/shared/tpm2-util.c b/src/shared/tpm2-util.c
index 4345b95106..424a334df1 100644
index ae8a8bc073..c284b244f8 100644
--- a/src/shared/tpm2-util.c
+++ b/src/shared/tpm2-util.c
@@ -176,7 +176,7 @@ int tpm2_context_new(const char *device, Tpm2Context **ret_context) {
@@ -582,7 +582,7 @@ int tpm2_context_new(const char *device, Tpm2Context **ret_context) {
fn = strjoina("libtss2-tcti-", driver, ".so.0");
/* Better safe than sorry, let's refuse strings that cannot possibly be valid driver early, before going to disk. */

46
pkgs/os-specific/linux/systemd/0019-bootctl-also-print-efi-files-not-owned-by-systemd-in.patch
View File

@ -1,46 +0,0 @@
From bc0f378a1149b59e88e9345e579d62fec7f50cdf Mon Sep 17 00:00:00 2001
From: Arian van Putten <arian.vanputten@gmail.com>
Date: Wed, 31 May 2023 13:27:13 +0200
Subject: [PATCH] bootctl: also print efi files not owned by systemd in status
We should not skip over unknown entries in EFI/BOOT/ but
also print them out in status so people are aware that they are there.
(cherry picked from commit a680d4fb87bad829989949e5ea4fc6db90453456)
---
src/boot/bootctl-status.c | 11 +++++------
1 file changed, 5 insertions(+), 6 deletions(-)
diff --git a/src/boot/bootctl-status.c b/src/boot/bootctl-status.c
index 2e2bf1f7e1..f1ac4a9c8a 100644
--- a/src/boot/bootctl-status.c
+++ b/src/boot/bootctl-status.c
@@ -225,9 +225,8 @@ static int enumerate_binaries(
return log_error_errno(errno, "Failed to open file '%s' for reading: %m", filename);
r = get_file_version(fd, &v);
- if (r == -ESRCH) /* Not the file we are looking for. */
- continue;
- if (r < 0)
+
+ if (r < 0 && r != -ESRCH)
return r;
if (*previous) { /* Let's output the previous entry now, since now we know that there will be
@@ -242,10 +241,10 @@ static int enumerate_binaries(
/* Do not output this entry immediately, but store what should be printed in a state
* variable, because we only will know the tree glyph to print (branch or final edge) once we
* read one more entry */
- if (r > 0)
- r = asprintf(previous, "/%s/%s (%s%s%s)", path, de->d_name, ansi_highlight(), v, ansi_normal());
- else
+ if (r == -ESRCH) /* No systemd-owned file but still interesting to print */
r = asprintf(previous, "/%s/%s", path, de->d_name);
+ else /* if (r >= 0) */
+ r = asprintf(previous, "/%s/%s (%s%s%s)", path, de->d_name, ansi_highlight(), v, ansi_normal());
if (r < 0)
return log_oom();
--
2.39.2 (Apple Git-143)

46
pkgs/os-specific/linux/systemd/default.nix
View File

@ -55,7 +55,6 @@
, e2fsprogs
, elfutils
, linuxHeaders ? stdenv.cc.libc.linuxHeaders
, gnu-efi
, iptables
, withSelinux ? false
, libselinux
@ -89,9 +88,11 @@
, withAnalyze ? true
, withApparmor ? true
, withAudit ? true
, withBootloader ? true # compiles systemd-boot, assumes EFI is available.
, withCompression ? true # adds bzip2, lz4, xz and zstd
, withCoredump ? true
, withCryptsetup ? true
, withRepart ? true
, withDocumentation ? true
, withEfi ? stdenv.hostPlatform.isEfi
, withFido2 ? true
@ -116,6 +117,7 @@
, withNss ? !stdenv.hostPlatform.isMusl
, withOomd ? true
, withPam ? true
, withPasswordQuality ? false
, withPCRE2 ? true
, withPolkit ? true
, withPortabled ? !stdenv.hostPlatform.isMusl
@ -123,6 +125,7 @@
, withResolved ? true
, withShellCompletions ? true
, withSysusers ? false # conflicts with the NixOS user management
, withSysupdate ? true
, withTimedated ? true
, withTimesyncd ? true
, withTpm2Tss ? true
@ -146,17 +149,21 @@ assert withCoredump -> withCompression;
assert withHomed -> withCryptsetup;
assert withHomed -> withPam;
assert withUkify -> withEfi;
assert withRepart -> withCryptsetup;
assert withBootloader -> withEfi;
# passwdqc is not packaged in nixpkgs yet, if you want to fix this, please submit a PR.
assert !withPasswordQuality;
let
wantCurl = withRemote || withImportd;
wantGcrypt = withResolved || withImportd;
version = "253.6";
version = "254.3";
# Bump this variable on every (major) version change. See below (in the meson options list) for why.
# command:
# $ curl -s https://api.github.com/repos/systemd/systemd/releases/latest | \
# jq '.created_at|strptime("%Y-%m-%dT%H:%M:%SZ")|mktime'
releaseTimestamp = "1676488940";
releaseTimestamp = "1690536449";
in
stdenv.mkDerivation (finalAttrs: {
inherit pname version;
@ -167,7 +174,7 @@ stdenv.mkDerivation (finalAttrs: {
owner = "systemd";
repo = "systemd-stable";
rev = "v${version}";
hash = "sha256-LZs6QuBe23W643bTuz+MD2pzHiapsBJBHoFXi/QjzG4=";
hash = "sha256-ObnsAiKwhwEb4ti611eS/wGpg3Sss/pUy/gANPAbXbs=";
};
# On major changes, or when otherwise required, you *must* reformat the patches,
@ -194,7 +201,6 @@ stdenv.mkDerivation (finalAttrs: {
./0016-inherit-systemd-environment-when-calling-generators.patch
./0017-core-don-t-taint-on-unmerged-usr.patch
./0018-tpm2_context_init-fix-driver-name-checking.patch
./0019-bootctl-also-print-efi-files-not-owned-by-systemd-in.patch
] ++ lib.optional stdenv.hostPlatform.isMusl (
let
oe-core = fetchzip {
@ -229,26 +235,14 @@ stdenv.mkDerivation (finalAttrs: {
postPatch = ''
substituteInPlace src/basic/path-util.h --replace "@defaultPathNormal@" "${placeholder "out"}/bin/"
substituteInPlace src/boot/efi/meson.build \
--replace \
"run_command(cc.cmd_array(), '-print-prog-name=objcopy', check: true).stdout().strip()" \
"'${stdenv.cc.bintools.targetPrefix}objcopy'"
'' + lib.optionalString withLibBPF ''
substituteInPlace meson.build \
--replace "find_program('clang'" "find_program('${stdenv.cc.targetPrefix}clang'"
# BPF does not work with stack protector
substituteInPlace src/core/bpf/meson.build \
--replace "clang_flags = [" "clang_flags = [ '-fno-stack-protector',"
'' + lib.optionalString withUkify ''
substituteInPlace src/ukify/ukify.py \
--replace \
"'readelf'" \
"'${targetPackages.stdenv.cc.bintools.targetPrefix}readelf'"
# The objcopy dependency is removed in v254
substituteInPlace src/ukify/ukify.py \
--replace \
"'objcopy'" \
"'${targetPackages.stdenv.cc.bintools.targetPrefix}objcopy'"
'' + (
let
# The following patches references to dynamic libraries to ensure that
@ -325,6 +319,9 @@ stdenv.mkDerivation (finalAttrs: {
# Support for PKCS#11 in systemd-cryptsetup, systemd-cryptenroll and systemd-homed
{ name = "libp11-kit.so.0"; pkg = opt (withHomed || withCryptsetup) p11-kit; }
# Password quality support
{ name = "libpasswdqc.so.1"; pkg = opt withPasswordQuality null; }
];
patchDlOpen = dl:
@ -371,7 +368,7 @@ stdenv.mkDerivation (finalAttrs: {
# when cross-compiling.
+ ''
shopt -s extglob
patchShebangs tools test src/!(rpm|kernel-install|ukify) src/kernel-install/test-kernel-install.sh
patchShebangs tools test src/!(rpm|ukify) src/kernel-install/test-kernel-install.sh
'';
outputs = [ "out" "man" "dev" ];
@ -395,7 +392,7 @@ stdenv.mkDerivation (finalAttrs: {
docbook_xml_dtd_42
docbook_xml_dtd_45
bash
(buildPackages.python3Packages.python.withPackages (ps: with ps; [ lxml jinja2 ]))
(buildPackages.python3Packages.python.withPackages (ps: with ps; [ lxml jinja2 ] ++ lib.optional withEfi ps.pyelftools))
]
++ lib.optionals withLibBPF [
bpftools
@ -422,7 +419,6 @@ stdenv.mkDerivation (finalAttrs: {
++ lib.optionals withCompression [ bzip2 lz4 xz zstd ]
++ lib.optional withCoredump elfutils
++ lib.optional withCryptsetup (lib.getDev cryptsetup.dev)
++ lib.optional withEfi gnu-efi
++ lib.optional withKexectools kexec-tools
++ lib.optional withKmod kmod
++ lib.optional withLibidn2 libidn2
@ -498,6 +494,8 @@ stdenv.mkDerivation (finalAttrs: {
"-Dlibidn2=${lib.boolToString withLibidn2}"
"-Dfirstboot=${lib.boolToString withFirstboot}"
"-Dsysusers=${lib.boolToString withSysusers}"
"-Drepart=${lib.boolToString withRepart}"
"-Dsysupdate=${lib.boolToString withSysupdate}"
"-Dquotacheck=false"
"-Dldconfig=false"
"-Dsmack=true"
@ -537,12 +535,9 @@ stdenv.mkDerivation (finalAttrs: {
"-Dman=true"
"-Defi=${lib.boolToString withEfi}"
"-Dgnu-efi=${lib.boolToString withEfi}"
"-Dbootloader=${lib.boolToString withBootloader}"
"-Dukify=${lib.boolToString withUkify}"
] ++ lib.optionals withEfi [
"-Defi-libdir=${toString gnu-efi}/lib"
"-Defi-includedir=${toString gnu-efi}/include/efi"
] ++ lib.optionals (withShellCompletions == false) [
"-Dbashcompletiondir=no"
"-Dzshcompletiondir=no"
@ -586,6 +581,7 @@ stdenv.mkDerivation (finalAttrs: {
where = [
"man/systemd-analyze.xml"
"man/systemd.service.xml"
"man/systemd-run.xml"
"src/analyze/test-verify.c"
"src/test/test-env-file.c"
"src/test/test-fileio.c"
@ -595,7 +591,7 @@ stdenv.mkDerivation (finalAttrs: {
{
search = "/bin/cat";
replacement = "${coreutils}/bin/cat";
where = [ "test/create-busybox-container" "test/test-execute/exec-noexecpaths-simple.service" "src/journal/cat.c" ];
where = [ "test/test-execute/exec-noexecpaths-simple.service" "src/journal/cat.c" ];
}
{
search = "/usr/lib/systemd/systemd-fsck";

4
pkgs/top-level/all-packages.nix
View File

@ -28973,6 +28973,7 @@ with pkgs;
withCompression = false;
withCoredump = false;
withCryptsetup = false;
withRepart = false;
withDocumentation = false;
withEfi = false;
withFido2 = false;
@ -28995,11 +28996,13 @@ with pkgs;
withRemote = false;
withResolved = false;
withShellCompletions = false;
withSysupdate = false;
withTimedated = false;
withTimesyncd = false;
withTpm2Tss = false;
withUserDb = false;
withUkify = false;
withBootloader = false;
};
systemdStage1 = systemdMinimal.override {
pname = "systemd-stage-1";
@ -29008,6 +29011,7 @@ with pkgs;
withFido2 = true;
withKmod = true;
withTpm2Tss = true;
withRepart = true;
};
systemdStage1Network = systemdStage1.override {
pname = "systemd-stage-1-network";