From bbd2be66727c5c07b6b29994f1fa73e7b5c60370 Mon Sep 17 00:00:00 2001 From: Simon Rettberg Date: Fri, 31 Aug 2018 09:50:01 +0200 Subject: [systemd] Update to v234 --- .../data/usr/lib/systemd/system/busnames.target | 10 +++++++ .../org.freedesktop.login1.busname | 1 + .../org.freedesktop.machine1.busname | 1 + .../org.freedesktop.network1.busname | 1 + .../org.freedesktop.resolve1.busname | 1 + .../org.freedesktop.systemd1.busname | 1 + .../system/dbus-org.freedesktop.machine1.service | 1 + .../data/usr/lib/systemd/system/exit.target | 17 +++++++++++ .../lib/systemd/system/kmod-static-nodes.service | 18 ++++++++++++ .../data/usr/lib/systemd/system/machine.slice | 11 +++++++ .../data/usr/lib/systemd/system/machines.target | 17 +++++++++++ .../machines.target.wants/var-lib-machines.mount | 1 + .../data/usr/lib/systemd/system/network-pre.target | 12 ++++++++ .../systemd/system/org.freedesktop.login1.busname | 16 ++++++++++ .../system/org.freedesktop.machine1.busname | 15 ++++++++++ .../system/org.freedesktop.network1.busname | 20 +++++++++++++ .../system/org.freedesktop.resolve1.busname | 21 +++++++++++++ .../system/org.freedesktop.systemd1.busname | 15 ++++++++++ .../usr/lib/systemd/system/remote-fs-pre.target | 11 +++++++ .../remote-fs.target.wants/var-lib-machines.mount | 1 + .../data/usr/lib/systemd/system/slices.target | 12 ++++++++ .../data/usr/lib/systemd/system/syslog.socket | 4 +-- .../usr/lib/systemd/system/system-update.target | 7 +++-- .../data/usr/lib/systemd/system/system.slice | 14 +++++++++ .../usr/lib/systemd/system/systemd-binfmt.service | 3 +- .../usr/lib/systemd/system/systemd-exit.service | 17 +++++++++++ .../usr/lib/systemd/system/systemd-initctl.service | 16 ++++++++++ .../usr/lib/systemd/system/systemd-initctl.socket | 17 +++++++++++ .../lib/systemd/system/systemd-journald.service | 19 +++++++++--- .../usr/lib/systemd/system/systemd-journald.socket | 4 +-- .../usr/lib/systemd/system/systemd-logind.service | 21 +++++++++++-- .../system/systemd-machine-id-commit.service | 22 ++++++++++++++ .../lib/systemd/system/systemd-machined.service | 29 ++++++++++++++++++ .../usr/lib/systemd/system/systemd-nspawn@.service | 25 ++++++++++++++-- .../lib/systemd/system/systemd-poweroff.service | 4 +-- .../lib/systemd/system/systemd-remount-fs.service | 22 ++++++++++++++ .../lib/systemd/system/systemd-shutdownd.service | 15 ---------- .../lib/systemd/system/systemd-shutdownd.socket | 18 ------------ .../lib/systemd/system/systemd-sysusers.service | 21 +++++++++++++ .../system/systemd-tmpfiles-setup-dev.service | 11 ++++--- .../systemd/system/systemd-tmpfiles-setup.service | 13 ++++----- .../lib/systemd/system/systemd-udev-settle.service | 10 ++----- .../systemd/system/systemd-udev-trigger.service | 8 ++--- .../systemd/system/systemd-udevd-control.socket | 3 +- .../usr/lib/systemd/system/systemd-udevd.service | 14 +++++++-- .../system/systemd-update-utmp-runlevel.service | 21 +++++++++++++ .../lib/systemd/system/systemd-update-utmp.service | 21 +++++++++++++ .../systemd/system/systemd-volatile-root.service | 21 +++++++++++++ .../data/usr/lib/systemd/system/time-sync.target | 3 -- .../systemd-tmpfiles-clean.timer | 1 + .../systemd/data/usr/lib/systemd/system/user.slice | 11 +++++++ .../data/usr/lib/systemd/system/user@.service | 18 +++++------- core/modules/systemd/module.build | 34 +++++++++++++++------- core/modules/systemd/module.conf | 12 +++----- core/modules/systemd/module.conf.ubuntu | 1 + core/modules/systemd/systemd-openslx-234.patch | 1 + 56 files changed, 572 insertions(+), 112 deletions(-) create mode 100644 core/modules/systemd/data/usr/lib/systemd/system/busnames.target create mode 120000 core/modules/systemd/data/usr/lib/systemd/system/busnames.target.wants/org.freedesktop.login1.busname create mode 120000 core/modules/systemd/data/usr/lib/systemd/system/busnames.target.wants/org.freedesktop.machine1.busname create mode 120000 core/modules/systemd/data/usr/lib/systemd/system/busnames.target.wants/org.freedesktop.network1.busname create mode 120000 core/modules/systemd/data/usr/lib/systemd/system/busnames.target.wants/org.freedesktop.resolve1.busname create mode 120000 core/modules/systemd/data/usr/lib/systemd/system/busnames.target.wants/org.freedesktop.systemd1.busname create mode 120000 core/modules/systemd/data/usr/lib/systemd/system/dbus-org.freedesktop.machine1.service create mode 100644 core/modules/systemd/data/usr/lib/systemd/system/exit.target create mode 100644 core/modules/systemd/data/usr/lib/systemd/system/kmod-static-nodes.service create mode 100644 core/modules/systemd/data/usr/lib/systemd/system/machine.slice create mode 100644 core/modules/systemd/data/usr/lib/systemd/system/machines.target create mode 120000 core/modules/systemd/data/usr/lib/systemd/system/machines.target.wants/var-lib-machines.mount create mode 100644 core/modules/systemd/data/usr/lib/systemd/system/network-pre.target create mode 100644 core/modules/systemd/data/usr/lib/systemd/system/org.freedesktop.login1.busname create mode 100644 core/modules/systemd/data/usr/lib/systemd/system/org.freedesktop.machine1.busname create mode 100644 core/modules/systemd/data/usr/lib/systemd/system/org.freedesktop.network1.busname create mode 100644 core/modules/systemd/data/usr/lib/systemd/system/org.freedesktop.resolve1.busname create mode 100644 core/modules/systemd/data/usr/lib/systemd/system/org.freedesktop.systemd1.busname create mode 100644 core/modules/systemd/data/usr/lib/systemd/system/remote-fs-pre.target create mode 120000 core/modules/systemd/data/usr/lib/systemd/system/remote-fs.target.wants/var-lib-machines.mount create mode 100644 core/modules/systemd/data/usr/lib/systemd/system/slices.target create mode 100644 core/modules/systemd/data/usr/lib/systemd/system/system.slice create mode 100644 core/modules/systemd/data/usr/lib/systemd/system/systemd-exit.service create mode 100644 core/modules/systemd/data/usr/lib/systemd/system/systemd-initctl.service create mode 100644 core/modules/systemd/data/usr/lib/systemd/system/systemd-initctl.socket create mode 100644 core/modules/systemd/data/usr/lib/systemd/system/systemd-machine-id-commit.service create mode 100644 core/modules/systemd/data/usr/lib/systemd/system/systemd-machined.service create mode 100644 core/modules/systemd/data/usr/lib/systemd/system/systemd-remount-fs.service delete mode 100644 core/modules/systemd/data/usr/lib/systemd/system/systemd-shutdownd.service delete mode 100644 core/modules/systemd/data/usr/lib/systemd/system/systemd-shutdownd.socket create mode 100644 core/modules/systemd/data/usr/lib/systemd/system/systemd-sysusers.service create mode 100644 core/modules/systemd/data/usr/lib/systemd/system/systemd-update-utmp-runlevel.service create mode 100644 core/modules/systemd/data/usr/lib/systemd/system/systemd-update-utmp.service create mode 100644 core/modules/systemd/data/usr/lib/systemd/system/systemd-volatile-root.service create mode 120000 core/modules/systemd/data/usr/lib/systemd/system/timers.target.wants/systemd-tmpfiles-clean.timer create mode 100644 core/modules/systemd/data/usr/lib/systemd/system/user.slice create mode 120000 core/modules/systemd/systemd-openslx-234.patch (limited to 'core/modules/systemd') diff --git a/core/modules/systemd/data/usr/lib/systemd/system/busnames.target b/core/modules/systemd/data/usr/lib/systemd/system/busnames.target new file mode 100644 index 00000000..5e866b40 --- /dev/null +++ b/core/modules/systemd/data/usr/lib/systemd/system/busnames.target @@ -0,0 +1,10 @@ +# This file is part of systemd. +# +# systemd is free software; you can redistribute it and/or modify it +# under the terms of the GNU Lesser General Public License as published by +# the Free Software Foundation; either version 2.1 of the License, or +# (at your option) any later version. + +[Unit] +Description=Bus Names +Documentation=man:systemd.special(7) diff --git a/core/modules/systemd/data/usr/lib/systemd/system/busnames.target.wants/org.freedesktop.login1.busname b/core/modules/systemd/data/usr/lib/systemd/system/busnames.target.wants/org.freedesktop.login1.busname new file mode 120000 index 00000000..9d1bd813 --- /dev/null +++ b/core/modules/systemd/data/usr/lib/systemd/system/busnames.target.wants/org.freedesktop.login1.busname @@ -0,0 +1 @@ +../org.freedesktop.login1.busname \ No newline at end of file diff --git a/core/modules/systemd/data/usr/lib/systemd/system/busnames.target.wants/org.freedesktop.machine1.busname b/core/modules/systemd/data/usr/lib/systemd/system/busnames.target.wants/org.freedesktop.machine1.busname new file mode 120000 index 00000000..068b1676 --- /dev/null +++ b/core/modules/systemd/data/usr/lib/systemd/system/busnames.target.wants/org.freedesktop.machine1.busname @@ -0,0 +1 @@ +../org.freedesktop.machine1.busname \ No newline at end of file diff --git a/core/modules/systemd/data/usr/lib/systemd/system/busnames.target.wants/org.freedesktop.network1.busname b/core/modules/systemd/data/usr/lib/systemd/system/busnames.target.wants/org.freedesktop.network1.busname new file mode 120000 index 00000000..13f4a8a7 --- /dev/null +++ b/core/modules/systemd/data/usr/lib/systemd/system/busnames.target.wants/org.freedesktop.network1.busname @@ -0,0 +1 @@ +../org.freedesktop.network1.busname \ No newline at end of file diff --git a/core/modules/systemd/data/usr/lib/systemd/system/busnames.target.wants/org.freedesktop.resolve1.busname b/core/modules/systemd/data/usr/lib/systemd/system/busnames.target.wants/org.freedesktop.resolve1.busname new file mode 120000 index 00000000..1ede82df --- /dev/null +++ b/core/modules/systemd/data/usr/lib/systemd/system/busnames.target.wants/org.freedesktop.resolve1.busname @@ -0,0 +1 @@ +../org.freedesktop.resolve1.busname \ No newline at end of file diff --git a/core/modules/systemd/data/usr/lib/systemd/system/busnames.target.wants/org.freedesktop.systemd1.busname b/core/modules/systemd/data/usr/lib/systemd/system/busnames.target.wants/org.freedesktop.systemd1.busname new file mode 120000 index 00000000..bf976b87 --- /dev/null +++ b/core/modules/systemd/data/usr/lib/systemd/system/busnames.target.wants/org.freedesktop.systemd1.busname @@ -0,0 +1 @@ +../org.freedesktop.systemd1.busname \ No newline at end of file diff --git a/core/modules/systemd/data/usr/lib/systemd/system/dbus-org.freedesktop.machine1.service b/core/modules/systemd/data/usr/lib/systemd/system/dbus-org.freedesktop.machine1.service new file mode 120000 index 00000000..22692cce --- /dev/null +++ b/core/modules/systemd/data/usr/lib/systemd/system/dbus-org.freedesktop.machine1.service @@ -0,0 +1 @@ +systemd-machined.service \ No newline at end of file diff --git a/core/modules/systemd/data/usr/lib/systemd/system/exit.target b/core/modules/systemd/data/usr/lib/systemd/system/exit.target new file mode 100644 index 00000000..f5f953d1 --- /dev/null +++ b/core/modules/systemd/data/usr/lib/systemd/system/exit.target @@ -0,0 +1,17 @@ +# This file is part of systemd. +# +# systemd is free software; you can redistribute it and/or modify it +# under the terms of the GNU Lesser General Public License as published by +# the Free Software Foundation; either version 2.1 of the License, or +# (at your option) any later version. + +[Unit] +Description=Exit the container +Documentation=man:systemd.special(7) +DefaultDependencies=no +Requires=systemd-exit.service +After=systemd-exit.service +AllowIsolate=yes + +[Install] +Alias=ctrl-alt-del.target diff --git a/core/modules/systemd/data/usr/lib/systemd/system/kmod-static-nodes.service b/core/modules/systemd/data/usr/lib/systemd/system/kmod-static-nodes.service new file mode 100644 index 00000000..49c5d9bc --- /dev/null +++ b/core/modules/systemd/data/usr/lib/systemd/system/kmod-static-nodes.service @@ -0,0 +1,18 @@ +# This file is part of systemd. +# +# systemd is free software; you can redistribute it and/or modify it +# under the terms of the GNU Lesser General Public License as published by +# the Free Software Foundation; either version 2.1 of the License, or +# (at your option) any later version. + +[Unit] +Description=Create list of required static device nodes for the current kernel +DefaultDependencies=no +Before=sysinit.target systemd-tmpfiles-setup-dev.service +ConditionCapability=CAP_SYS_MODULE +ConditionFileNotEmpty=/lib/modules/%v/modules.devname + +[Service] +Type=oneshot +RemainAfterExit=yes +ExecStart=/bin/kmod static-nodes --format=tmpfiles --output=/run/tmpfiles.d/kmod.conf diff --git a/core/modules/systemd/data/usr/lib/systemd/system/machine.slice b/core/modules/systemd/data/usr/lib/systemd/system/machine.slice new file mode 100644 index 00000000..3d40dfd7 --- /dev/null +++ b/core/modules/systemd/data/usr/lib/systemd/system/machine.slice @@ -0,0 +1,11 @@ +# This file is part of systemd. +# +# systemd is free software; you can redistribute it and/or modify it +# under the terms of the GNU Lesser General Public License as published by +# the Free Software Foundation; either version 2.1 of the License, or +# (at your option) any later version. + +[Unit] +Description=Virtual Machine and Container Slice +Documentation=man:systemd.special(7) +Before=slices.target diff --git a/core/modules/systemd/data/usr/lib/systemd/system/machines.target b/core/modules/systemd/data/usr/lib/systemd/system/machines.target new file mode 100644 index 00000000..99618a19 --- /dev/null +++ b/core/modules/systemd/data/usr/lib/systemd/system/machines.target @@ -0,0 +1,17 @@ +# This file is part of systemd. +# +# systemd is free software; you can redistribute it and/or modify it +# under the terms of the GNU Lesser General Public License as published by +# the Free Software Foundation; either version 2.1 of the License, or +# (at your option) any later version. + +[Unit] +Description=Containers +Documentation=man:systemd.special(7) +Requires=basic.target +Conflicts=rescue.service rescue.target +After=basic.target rescue.service rescue.target +Before=multi-user.target + +[Install] +WantedBy=multi-user.target diff --git a/core/modules/systemd/data/usr/lib/systemd/system/machines.target.wants/var-lib-machines.mount b/core/modules/systemd/data/usr/lib/systemd/system/machines.target.wants/var-lib-machines.mount new file mode 120000 index 00000000..94338197 --- /dev/null +++ b/core/modules/systemd/data/usr/lib/systemd/system/machines.target.wants/var-lib-machines.mount @@ -0,0 +1 @@ +../var-lib-machines.mount \ No newline at end of file diff --git a/core/modules/systemd/data/usr/lib/systemd/system/network-pre.target b/core/modules/systemd/data/usr/lib/systemd/system/network-pre.target new file mode 100644 index 00000000..0d54a4cf --- /dev/null +++ b/core/modules/systemd/data/usr/lib/systemd/system/network-pre.target @@ -0,0 +1,12 @@ +# This file is part of systemd. +# +# systemd is free software; you can redistribute it and/or modify it +# under the terms of the GNU Lesser General Public License as published by +# the Free Software Foundation; either version 2.1 of the License, or +# (at your option) any later version. + +[Unit] +Description=Network (Pre) +Documentation=man:systemd.special(7) +Documentation=https://www.freedesktop.org/wiki/Software/systemd/NetworkTarget +RefuseManualStart=yes diff --git a/core/modules/systemd/data/usr/lib/systemd/system/org.freedesktop.login1.busname b/core/modules/systemd/data/usr/lib/systemd/system/org.freedesktop.login1.busname new file mode 100644 index 00000000..b169720f --- /dev/null +++ b/core/modules/systemd/data/usr/lib/systemd/system/org.freedesktop.login1.busname @@ -0,0 +1,16 @@ +# This file is part of systemd. +# +# systemd is free software; you can redistribute it and/or modify it +# under the terms of the GNU Lesser General Public License as published by +# the Free Software Foundation; either version 2.1 of the License, or +# (at your option) any later version. + +[Unit] +Description=Login Service Bus Name +Documentation=man:systemd-logind.service(8) man:logind.conf(5) +Documentation=https://www.freedesktop.org/wiki/Software/systemd/logind +Documentation=https://www.freedesktop.org/wiki/Software/systemd/multiseat + +[BusName] +Service=systemd-logind.service +AllowWorld=talk diff --git a/core/modules/systemd/data/usr/lib/systemd/system/org.freedesktop.machine1.busname b/core/modules/systemd/data/usr/lib/systemd/system/org.freedesktop.machine1.busname new file mode 100644 index 00000000..a1f01547 --- /dev/null +++ b/core/modules/systemd/data/usr/lib/systemd/system/org.freedesktop.machine1.busname @@ -0,0 +1,15 @@ +# This file is part of systemd. +# +# systemd is free software; you can redistribute it and/or modify it +# under the terms of the GNU Lesser General Public License as published by +# the Free Software Foundation; either version 2.1 of the License, or +# (at your option) any later version. + +[Unit] +Description=Virtual Machine and Container Registration Service Bus Name +Documentation=man:systemd-machined.service(8) +Documentation=https://www.freedesktop.org/wiki/Software/systemd/machined + +[BusName] +Service=systemd-machined.service +AllowWorld=talk diff --git a/core/modules/systemd/data/usr/lib/systemd/system/org.freedesktop.network1.busname b/core/modules/systemd/data/usr/lib/systemd/system/org.freedesktop.network1.busname new file mode 100644 index 00000000..3a0e1189 --- /dev/null +++ b/core/modules/systemd/data/usr/lib/systemd/system/org.freedesktop.network1.busname @@ -0,0 +1,20 @@ +# This file is part of systemd. +# +# systemd is free software; you can redistribute it and/or modify it +# under the terms of the GNU Lesser General Public License as published by +# the Free Software Foundation; either version 2.1 of the License, or +# (at your option) any later version. + +[Unit] +Description=Network Service Bus Name +Documentation=man:systemd-networkd.service(8) + +# This is pulled in by systemd-networkd.service, since it cannot run +# without its policy set. However, let's conditionalize this unit on +# non-kdbus system. +ConditionPathExists=/sys/fs/kdbus/0-system/ + +[BusName] +Service=systemd-networkd.service +AllowWorld=talk +AllowUser=systemd-network own diff --git a/core/modules/systemd/data/usr/lib/systemd/system/org.freedesktop.resolve1.busname b/core/modules/systemd/data/usr/lib/systemd/system/org.freedesktop.resolve1.busname new file mode 100644 index 00000000..28c8f970 --- /dev/null +++ b/core/modules/systemd/data/usr/lib/systemd/system/org.freedesktop.resolve1.busname @@ -0,0 +1,21 @@ +# This file is part of systemd. +# +# systemd is free software; you can redistribute it and/or modify it +# under the terms of the GNU Lesser General Public License as published by +# the Free Software Foundation; either version 2.1 of the License, or +# (at your option) any later version. + +[Unit] +Description=Network Name Resolution Service Bus Name +Documentation=man:systemd-resolved.service(8) +Documentation=https://www.freedesktop.org/wiki/Software/systemd/resolved + +# This is pulled in by systemd-resolved.service, since it cannot run +# without its policy set. However, let's conditionalize this unit on +# non-kdbus system. +ConditionPathExists=/sys/fs/kdbus/0-system/ + +[BusName] +Service=systemd-resolved.service +AllowWorld=talk +AllowUser=systemd-resolve own diff --git a/core/modules/systemd/data/usr/lib/systemd/system/org.freedesktop.systemd1.busname b/core/modules/systemd/data/usr/lib/systemd/system/org.freedesktop.systemd1.busname new file mode 100644 index 00000000..f9f41cba --- /dev/null +++ b/core/modules/systemd/data/usr/lib/systemd/system/org.freedesktop.systemd1.busname @@ -0,0 +1,15 @@ +# This file is part of systemd. +# +# systemd is free software; you can redistribute it and/or modify it +# under the terms of the GNU Lesser General Public License as published by +# the Free Software Foundation; either version 2.1 of the License, or +# (at your option) any later version. + +[Unit] +Description=System and Service Manager Bus Name +Documentation=man:systemd(1) +Documentation=https://www.freedesktop.org/wiki/Software/systemd + +[BusName] +Activating=no +AllowWorld=talk diff --git a/core/modules/systemd/data/usr/lib/systemd/system/remote-fs-pre.target b/core/modules/systemd/data/usr/lib/systemd/system/remote-fs-pre.target new file mode 100644 index 00000000..36a196cf --- /dev/null +++ b/core/modules/systemd/data/usr/lib/systemd/system/remote-fs-pre.target @@ -0,0 +1,11 @@ +# This file is part of systemd. +# +# systemd is free software; you can redistribute it and/or modify it +# under the terms of the GNU Lesser General Public License as published by +# the Free Software Foundation; either version 2.1 of the License, or +# (at your option) any later version. + +[Unit] +Description=Remote File Systems (Pre) +Documentation=man:systemd.special(7) +RefuseManualStart=yes diff --git a/core/modules/systemd/data/usr/lib/systemd/system/remote-fs.target.wants/var-lib-machines.mount b/core/modules/systemd/data/usr/lib/systemd/system/remote-fs.target.wants/var-lib-machines.mount new file mode 120000 index 00000000..94338197 --- /dev/null +++ b/core/modules/systemd/data/usr/lib/systemd/system/remote-fs.target.wants/var-lib-machines.mount @@ -0,0 +1 @@ +../var-lib-machines.mount \ No newline at end of file diff --git a/core/modules/systemd/data/usr/lib/systemd/system/slices.target b/core/modules/systemd/data/usr/lib/systemd/system/slices.target new file mode 100644 index 00000000..a29310c0 --- /dev/null +++ b/core/modules/systemd/data/usr/lib/systemd/system/slices.target @@ -0,0 +1,12 @@ +# This file is part of systemd. +# +# systemd is free software; you can redistribute it and/or modify it +# under the terms of the GNU Lesser General Public License as published by +# the Free Software Foundation; either version 2.1 of the License, or +# (at your option) any later version. + +[Unit] +Description=Slices +Documentation=man:systemd.special(7) +Wants=-.slice system.slice +After=-.slice system.slice diff --git a/core/modules/systemd/data/usr/lib/systemd/system/syslog.socket b/core/modules/systemd/data/usr/lib/systemd/system/syslog.socket index e6e9cf85..d3987cb9 100644 --- a/core/modules/systemd/data/usr/lib/systemd/system/syslog.socket +++ b/core/modules/systemd/data/usr/lib/systemd/system/syslog.socket @@ -8,7 +8,7 @@ [Unit] Description=Syslog Socket Documentation=man:systemd.special(7) -Documentation=http://www.freedesktop.org/wiki/Software/systemd/syslog +Documentation=https://www.freedesktop.org/wiki/Software/systemd/syslog DefaultDependencies=no Before=sockets.target shutdown.target @@ -37,4 +37,4 @@ ReceiveBuffer=8M # [Install] # Alias=syslog.service # -# See http://www.freedesktop.org/wiki/Software/systemd/syslog for details. +# See https://www.freedesktop.org/wiki/Software/systemd/syslog for details. diff --git a/core/modules/systemd/data/usr/lib/systemd/system/system-update.target b/core/modules/systemd/data/usr/lib/systemd/system/system-update.target index b6008c8f..35428797 100644 --- a/core/modules/systemd/data/usr/lib/systemd/system/system-update.target +++ b/core/modules/systemd/data/usr/lib/systemd/system/system-update.target @@ -6,11 +6,12 @@ # (at your option) any later version. [Unit] -Description=System Update -Documentation=http://freedesktop.org/wiki/Software/systemd/SystemUpdates +Description=Offline System Update +Documentation=man:systemd.offline-updates(7) Documentation=man:systemd.special(7) man:systemd-system-update-generator(8) Requires=sysinit.target -Conflicts=shutdown.target +Conflicts=shutdown.target After=sysinit.target Before=shutdown.target AllowIsolate=yes +Wants=system-update-cleanup.service diff --git a/core/modules/systemd/data/usr/lib/systemd/system/system.slice b/core/modules/systemd/data/usr/lib/systemd/system/system.slice new file mode 100644 index 00000000..841f049b --- /dev/null +++ b/core/modules/systemd/data/usr/lib/systemd/system/system.slice @@ -0,0 +1,14 @@ +# This file is part of systemd. +# +# systemd is free software; you can redistribute it and/or modify it +# under the terms of the GNU Lesser General Public License as published by +# the Free Software Foundation; either version 2.1 of the License, or +# (at your option) any later version. + +[Unit] +Description=System Slice +Documentation=man:systemd.special(7) +DefaultDependencies=no +Before=slices.target +Requires=-.slice +After=-.slice diff --git a/core/modules/systemd/data/usr/lib/systemd/system/systemd-binfmt.service b/core/modules/systemd/data/usr/lib/systemd/system/systemd-binfmt.service index 897cf4e5..b47d89af 100644 --- a/core/modules/systemd/data/usr/lib/systemd/system/systemd-binfmt.service +++ b/core/modules/systemd/data/usr/lib/systemd/system/systemd-binfmt.service @@ -11,7 +11,7 @@ Documentation=man:systemd-binfmt.service(8) man:binfmt.d(5) Documentation=https://www.kernel.org/doc/Documentation/binfmt_misc.txt DefaultDependencies=no Conflicts=shutdown.target -After= proc-sys-fs-binfmt_misc.automount +After=proc-sys-fs-binfmt_misc.automount Before=sysinit.target shutdown.target ConditionPathIsReadWrite=/proc/sys/ ConditionDirectoryNotEmpty=|/lib/binfmt.d @@ -24,3 +24,4 @@ ConditionDirectoryNotEmpty=|/run/binfmt.d Type=oneshot RemainAfterExit=yes ExecStart=/usr/lib/systemd/systemd-binfmt +TimeoutSec=90s diff --git a/core/modules/systemd/data/usr/lib/systemd/system/systemd-exit.service b/core/modules/systemd/data/usr/lib/systemd/system/systemd-exit.service new file mode 100644 index 00000000..22bb6fbe --- /dev/null +++ b/core/modules/systemd/data/usr/lib/systemd/system/systemd-exit.service @@ -0,0 +1,17 @@ +# This file is part of systemd. +# +# systemd is free software; you can redistribute it and/or modify it +# under the terms of the GNU Lesser General Public License as published by +# the Free Software Foundation; either version 2.1 of the License, or +# (at your option) any later version. + +[Unit] +Description=Exit the Session +Documentation=man:systemd.special(7) +DefaultDependencies=no +Requires=shutdown.target +After=shutdown.target + +[Service] +Type=oneshot +ExecStart=/usr/bin/systemctl --force exit diff --git a/core/modules/systemd/data/usr/lib/systemd/system/systemd-initctl.service b/core/modules/systemd/data/usr/lib/systemd/system/systemd-initctl.service new file mode 100644 index 00000000..7a600a62 --- /dev/null +++ b/core/modules/systemd/data/usr/lib/systemd/system/systemd-initctl.service @@ -0,0 +1,16 @@ +# This file is part of systemd. +# +# systemd is free software; you can redistribute it and/or modify it +# under the terms of the GNU Lesser General Public License as published by +# the Free Software Foundation; either version 2.1 of the License, or +# (at your option) any later version. + +[Unit] +Description=/dev/initctl Compatibility Daemon +Documentation=man:systemd-initctl.service(8) +DefaultDependencies=no + +[Service] +NotifyAccess=all +ExecStart=/usr/lib/systemd/systemd-initctl +SystemCallArchitectures=native diff --git a/core/modules/systemd/data/usr/lib/systemd/system/systemd-initctl.socket b/core/modules/systemd/data/usr/lib/systemd/system/systemd-initctl.socket new file mode 100644 index 00000000..f628c2e8 --- /dev/null +++ b/core/modules/systemd/data/usr/lib/systemd/system/systemd-initctl.socket @@ -0,0 +1,17 @@ +# This file is part of systemd. +# +# systemd is free software; you can redistribute it and/or modify it +# under the terms of the GNU Lesser General Public License as published by +# the Free Software Foundation; either version 2.1 of the License, or +# (at your option) any later version. + +[Unit] +Description=/dev/initctl Compatibility Named Pipe +Documentation=man:systemd-initctl.service(8) +DefaultDependencies=no +Before=sockets.target + +[Socket] +ListenFIFO=/run/systemd/initctl/fifo +Symlinks=/dev/initctl +SocketMode=0600 diff --git a/core/modules/systemd/data/usr/lib/systemd/system/systemd-journald.service b/core/modules/systemd/data/usr/lib/systemd/system/systemd-journald.service index 77b4bfe9..38ee6d44 100644 --- a/core/modules/systemd/data/usr/lib/systemd/system/systemd-journald.service +++ b/core/modules/systemd/data/usr/lib/systemd/system/systemd-journald.service @@ -10,17 +10,28 @@ Description=Journal Service Documentation=man:systemd-journald.service(8) man:journald.conf(5) DefaultDependencies=no Requires=systemd-journald.socket -After=systemd-journald.socket syslog.socket +After=systemd-journald.socket systemd-journald-dev-log.socket systemd-journald-audit.socket syslog.socket Before=sysinit.target [Service] +Type=notify +Sockets=systemd-journald.socket systemd-journald-dev-log.socket systemd-journald-audit.socket ExecStart=/usr/lib/systemd/systemd-journald Restart=always RestartSec=0 -NotifyAccess=all StandardOutput=null -CapabilityBoundingSet=CAP_SYS_ADMIN CAP_DAC_OVERRIDE CAP_SYS_PTRACE CAP_SYSLOG CAP_AUDIT_CONTROL CAP_CHOWN CAP_DAC_READ_SEARCH CAP_FOWNER CAP_SETUID CAP_SETGID +WatchdogSec=3min +FileDescriptorStoreMax=1024 +CapabilityBoundingSet=CAP_SYS_ADMIN CAP_DAC_OVERRIDE CAP_SYS_PTRACE CAP_SYSLOG CAP_AUDIT_CONTROL CAP_AUDIT_READ CAP_CHOWN CAP_DAC_READ_SEARCH CAP_FOWNER CAP_SETUID CAP_SETGID CAP_MAC_OVERRIDE +MemoryDenyWriteExecute=yes +RestrictRealtime=yes +RestrictNamespaces=yes +RestrictAddressFamilies=AF_UNIX AF_NETLINK +SystemCallFilter=~@clock @cpu-emulation @debug @keyring @module @mount @obsolete @raw-io @reboot @swap +SystemCallArchitectures=native # Increase the default a bit in order to allow many simultaneous -# services being run since we keep one fd open per service. +# services being run since we keep one fd open per service. Also, when +# flushing journal files to disk, we might need a lot of fds when many +# journal files are combined. LimitNOFILE=16384 diff --git a/core/modules/systemd/data/usr/lib/systemd/system/systemd-journald.socket b/core/modules/systemd/data/usr/lib/systemd/system/systemd-journald.socket index 4f0619d2..71737014 100644 --- a/core/modules/systemd/data/usr/lib/systemd/system/systemd-journald.socket +++ b/core/modules/systemd/data/usr/lib/systemd/system/systemd-journald.socket @@ -12,15 +12,15 @@ DefaultDependencies=no Before=sockets.target # Mount and swap units need this. If this socket unit is removed by an -# isolate request the mount and and swap units would be removed too, +# isolate request the mount and swap units would be removed too, # hence let's exclude this from isolate requests. IgnoreOnIsolate=yes [Socket] ListenStream=/run/systemd/journal/stdout ListenDatagram=/run/systemd/journal/socket -ListenDatagram=/dev/log SocketMode=0666 PassCredentials=yes PassSecurity=yes ReceiveBuffer=8M +Service=systemd-journald.service diff --git a/core/modules/systemd/data/usr/lib/systemd/system/systemd-logind.service b/core/modules/systemd/data/usr/lib/systemd/system/systemd-logind.service index 71971e44..1cd60b9c 100644 --- a/core/modules/systemd/data/usr/lib/systemd/system/systemd-logind.service +++ b/core/modules/systemd/data/usr/lib/systemd/system/systemd-logind.service @@ -8,15 +8,30 @@ [Unit] Description=Login Service Documentation=man:systemd-logind.service(8) man:logind.conf(5) -Documentation=http://www.freedesktop.org/wiki/Software/systemd/multiseat -After= +Documentation=https://www.freedesktop.org/wiki/Software/systemd/logind +Documentation=https://www.freedesktop.org/wiki/Software/systemd/multiseat +Wants=user.slice +After=nss-user-lookup.target user.slice + +# Ask for the dbus socket. If running over kdbus, the socket will +# not be actually used. +Wants=dbus.socket +After=dbus.socket [Service] ExecStart=/usr/lib/systemd/systemd-logind Restart=always RestartSec=0 BusName=org.freedesktop.login1 -CapabilityBoundingSet=CAP_AUDIT_CONTROL CAP_CHOWN CAP_KILL CAP_DAC_READ_SEARCH CAP_DAC_OVERRIDE CAP_FOWNER CAP_SYS_TTY_CONFIG +WatchdogSec=3min +CapabilityBoundingSet=CAP_SYS_ADMIN CAP_MAC_ADMIN CAP_AUDIT_CONTROL CAP_CHOWN CAP_KILL CAP_DAC_READ_SEARCH CAP_DAC_OVERRIDE CAP_FOWNER CAP_SYS_TTY_CONFIG +MemoryDenyWriteExecute=yes +RestrictRealtime=yes +RestrictNamespaces=yes +RestrictAddressFamilies=AF_UNIX AF_NETLINK AF_INET AF_INET6 +SystemCallFilter=~@clock @cpu-emulation @debug @keyring @module @obsolete @raw-io @reboot @swap +SystemCallArchitectures=native +FileDescriptorStoreMax=512 # Increase the default a bit in order to allow many simultaneous # logins since we keep one fd open per session. diff --git a/core/modules/systemd/data/usr/lib/systemd/system/systemd-machine-id-commit.service b/core/modules/systemd/data/usr/lib/systemd/system/systemd-machine-id-commit.service new file mode 100644 index 00000000..58e7239b --- /dev/null +++ b/core/modules/systemd/data/usr/lib/systemd/system/systemd-machine-id-commit.service @@ -0,0 +1,22 @@ +# This file is part of systemd. +# +# systemd is free software; you can redistribute it and/or modify it +# under the terms of the GNU Lesser General Public License as published by +# the Free Software Foundation; either version 2.1 of the License, or +# (at your option) any later version. + +[Unit] +Description=Commit a transient machine-id on disk +Documentation=man:systemd-machine-id-commit.service(8) +DefaultDependencies=no +Conflicts=shutdown.target +Before=sysinit.target shutdown.target +After=local-fs.target +ConditionPathIsReadWrite=/etc +ConditionPathIsMountPoint=/etc/machine-id + +[Service] +Type=oneshot +RemainAfterExit=yes +ExecStart=/usr/bin/systemd-machine-id-setup --commit +TimeoutSec=30s diff --git a/core/modules/systemd/data/usr/lib/systemd/system/systemd-machined.service b/core/modules/systemd/data/usr/lib/systemd/system/systemd-machined.service new file mode 100644 index 00000000..ea30d064 --- /dev/null +++ b/core/modules/systemd/data/usr/lib/systemd/system/systemd-machined.service @@ -0,0 +1,29 @@ +# This file is part of systemd. +# +# systemd is free software; you can redistribute it and/or modify it +# under the terms of the GNU Lesser General Public License as published by +# the Free Software Foundation; either version 2.1 of the License, or +# (at your option) any later version. + +[Unit] +Description=Virtual Machine and Container Registration Service +Documentation=man:systemd-machined.service(8) +Documentation=https://www.freedesktop.org/wiki/Software/systemd/machined +Wants=machine.slice +After=machine.slice +RequiresMountsFor=/var/lib/machines + +[Service] +ExecStart=/usr/lib/systemd/systemd-machined +BusName=org.freedesktop.machine1 +WatchdogSec=3min +CapabilityBoundingSet=CAP_KILL CAP_SYS_PTRACE CAP_SYS_ADMIN CAP_SETGID CAP_SYS_CHROOT CAP_DAC_READ_SEARCH CAP_DAC_OVERRIDE CAP_CHOWN CAP_FOWNER CAP_FSETID CAP_MKNOD +MemoryDenyWriteExecute=yes +RestrictRealtime=yes +RestrictAddressFamilies=AF_UNIX AF_NETLINK AF_INET AF_INET6 +SystemCallFilter=~@clock @cpu-emulation @debug @keyring @module @obsolete @raw-io @reboot @swap +SystemCallArchitectures=native + +# Note that machined cannot be placed in a mount namespace, since it +# needs access to the host's mount namespace in order to implement the +# "machinectl bind" operation. diff --git a/core/modules/systemd/data/usr/lib/systemd/system/systemd-nspawn@.service b/core/modules/systemd/data/usr/lib/systemd/system/systemd-nspawn@.service index f9f9aa65..d0dfe700 100644 --- a/core/modules/systemd/data/usr/lib/systemd/system/systemd-nspawn@.service +++ b/core/modules/systemd/data/usr/lib/systemd/system/systemd-nspawn@.service @@ -8,11 +8,30 @@ [Unit] Description=Container %i Documentation=man:systemd-nspawn(1) +PartOf=machines.target +Before=machines.target +After=network.target systemd-resolved.service +RequiresMountsFor=/var/lib/machines [Service] -ExecStart=/usr/bin/systemd-nspawn -bjD /var/lib/container/%i -ControlGroup=%R/machine/%i.nspawn cpu:/ +ExecStart=/usr/bin/systemd-nspawn --quiet --keep-unit --boot --link-journal=try-guest --network-veth -U --settings=override --machine=%i +KillMode=mixed Type=notify +RestartForceExitStatus=133 +SuccessExitStatus=133 +Slice=machine.slice +Delegate=yes +TasksMax=16384 + +DevicePolicy=closed +DeviceAllow=/dev/net/tun rwm +DeviceAllow=char-pts rw + +# nspawn itself needs access to /dev/loop-control and /dev/loop, to +# implement the --image= option. Add these here, too. +DeviceAllow=/dev/loop-control rw +DeviceAllow=block-loop rw +DeviceAllow=block-blkext rw [Install] -Also=multi-user.target +WantedBy=machines.target diff --git a/core/modules/systemd/data/usr/lib/systemd/system/systemd-poweroff.service b/core/modules/systemd/data/usr/lib/systemd/system/systemd-poweroff.service index eede0eab..4749129d 100644 --- a/core/modules/systemd/data/usr/lib/systemd/system/systemd-poweroff.service +++ b/core/modules/systemd/data/usr/lib/systemd/system/systemd-poweroff.service @@ -9,8 +9,8 @@ Description=Power-Off Documentation=man:systemd-halt.service(8) DefaultDependencies=no -Requires=shutdown.target final.target -After=shutdown.target final.target +Requires=shutdown.target umount.target final.target +After=shutdown.target umount.target final.target [Service] Type=oneshot diff --git a/core/modules/systemd/data/usr/lib/systemd/system/systemd-remount-fs.service b/core/modules/systemd/data/usr/lib/systemd/system/systemd-remount-fs.service new file mode 100644 index 00000000..98222c6a --- /dev/null +++ b/core/modules/systemd/data/usr/lib/systemd/system/systemd-remount-fs.service @@ -0,0 +1,22 @@ +# This file is part of systemd. +# +# systemd is free software; you can redistribute it and/or modify it +# under the terms of the GNU Lesser General Public License as published by +# the Free Software Foundation; either version 2.1 of the License, or +# (at your option) any later version. + +[Unit] +Description=Remount Root and Kernel File Systems +Documentation=man:systemd-remount-fs.service(8) +Documentation=https://www.freedesktop.org/wiki/Software/systemd/APIFileSystems +DefaultDependencies=no +Conflicts=shutdown.target +After=systemd-fsck-root.service +Before=local-fs-pre.target local-fs.target shutdown.target +Wants=local-fs-pre.target +ConditionPathExists=/etc/fstab + +[Service] +Type=oneshot +RemainAfterExit=yes +ExecStart=/usr/lib/systemd/systemd-remount-fs diff --git a/core/modules/systemd/data/usr/lib/systemd/system/systemd-shutdownd.service b/core/modules/systemd/data/usr/lib/systemd/system/systemd-shutdownd.service deleted file mode 100644 index 38c663de..00000000 --- a/core/modules/systemd/data/usr/lib/systemd/system/systemd-shutdownd.service +++ /dev/null @@ -1,15 +0,0 @@ -# This file is part of systemd. -# -# systemd is free software; you can redistribute it and/or modify it -# under the terms of the GNU Lesser General Public License as published by -# the Free Software Foundation; either version 2.1 of the License, or -# (at your option) any later version. - -[Unit] -Description=Delayed Shutdown Service -Documentation=man:systemd-shutdownd.service(8) -DefaultDependencies=no - -[Service] -ExecStart=/usr/lib/systemd/systemd-shutdownd -NotifyAccess=all diff --git a/core/modules/systemd/data/usr/lib/systemd/system/systemd-shutdownd.socket b/core/modules/systemd/data/usr/lib/systemd/system/systemd-shutdownd.socket deleted file mode 100644 index 9421ce8a..00000000 --- a/core/modules/systemd/data/usr/lib/systemd/system/systemd-shutdownd.socket +++ /dev/null @@ -1,18 +0,0 @@ -# This file is part of systemd. -# -# systemd is free software; you can redistribute it and/or modify it -# under the terms of the GNU Lesser General Public License as published by -# the Free Software Foundation; either version 2.1 of the License, or -# (at your option) any later version. - -[Unit] -Description=Delayed Shutdown Socket -Documentation=man:systemd-shutdownd.service(8) -DefaultDependencies=no -Before=sockets.target - -[Socket] -ListenDatagram=/run/systemd/shutdownd -SocketMode=0600 -PassCredentials=yes -PassSecurity=yes diff --git a/core/modules/systemd/data/usr/lib/systemd/system/systemd-sysusers.service b/core/modules/systemd/data/usr/lib/systemd/system/systemd-sysusers.service new file mode 100644 index 00000000..1802b313 --- /dev/null +++ b/core/modules/systemd/data/usr/lib/systemd/system/systemd-sysusers.service @@ -0,0 +1,21 @@ +# This file is part of systemd. +# +# systemd is free software; you can redistribute it and/or modify it +# under the terms of the GNU Lesser General Public License as published by +# the Free Software Foundation; either version 2.1 of the License, or +# (at your option) any later version. + +[Unit] +Description=Create System Users +Documentation=man:sysusers.d(5) man:systemd-sysusers.service(8) +DefaultDependencies=no +Conflicts=shutdown.target +After=systemd-remount-fs.service +Before=sysinit.target shutdown.target systemd-update-done.service +ConditionNeedsUpdate=/etc + +[Service] +Type=oneshot +RemainAfterExit=yes +ExecStart=/usr/bin/systemd-sysusers +TimeoutSec=90s diff --git a/core/modules/systemd/data/usr/lib/systemd/system/systemd-tmpfiles-setup-dev.service b/core/modules/systemd/data/usr/lib/systemd/system/systemd-tmpfiles-setup-dev.service index da1ee1f8..761a4fc9 100644 --- a/core/modules/systemd/data/usr/lib/systemd/system/systemd-tmpfiles-setup-dev.service +++ b/core/modules/systemd/data/usr/lib/systemd/system/systemd-tmpfiles-setup-dev.service @@ -6,12 +6,15 @@ # (at your option) any later version. [Unit] -Description=Create static device nodes in /dev +Description=Create Static Device Nodes in /dev Documentation=man:tmpfiles.d(5) man:systemd-tmpfiles(8) DefaultDependencies=no -Before=sysinit.target systemd-udevd.service -ConditionCapability=CAP_MKNOD +Conflicts=shutdown.target +After=systemd-sysusers.service +Before=sysinit.target local-fs-pre.target systemd-udevd.service shutdown.target +ConditionCapability=CAP_SYS_MODULE [Service] Type=oneshot -ExecStart=/usr/bin/systemd-tmpfiles --prefix=/dev --create +RemainAfterExit=yes +ExecStart=/usr/bin/systemd-tmpfiles --prefix=/dev --create --boot diff --git a/core/modules/systemd/data/usr/lib/systemd/system/systemd-tmpfiles-setup.service b/core/modules/systemd/data/usr/lib/systemd/system/systemd-tmpfiles-setup.service index 157a7451..fce1c42f 100644 --- a/core/modules/systemd/data/usr/lib/systemd/system/systemd-tmpfiles-setup.service +++ b/core/modules/systemd/data/usr/lib/systemd/system/systemd-tmpfiles-setup.service @@ -6,18 +6,15 @@ # (at your option) any later version. [Unit] -Description=Recreate Volatile Files and Directories +Description=Create Volatile Files and Directories Documentation=man:tmpfiles.d(5) man:systemd-tmpfiles(8) DefaultDependencies=no -Wants= -After= +Conflicts=shutdown.target +After=local-fs.target systemd-sysusers.service Before=sysinit.target shutdown.target -ConditionDirectoryNotEmpty=|/usr/lib/tmpfiles.d -ConditionDirectoryNotEmpty=|/usr/local/lib/tmpfiles.d -ConditionDirectoryNotEmpty=|/etc/tmpfiles.d -ConditionDirectoryNotEmpty=|/run/tmpfiles.d +RefuseManualStop=yes [Service] Type=oneshot RemainAfterExit=yes -ExecStart=/usr/bin/systemd-tmpfiles --create --remove +ExecStart=/usr/bin/systemd-tmpfiles --create --remove --boot --exclude-prefix=/dev diff --git a/core/modules/systemd/data/usr/lib/systemd/system/systemd-udev-settle.service b/core/modules/systemd/data/usr/lib/systemd/system/systemd-udev-settle.service index 146c6499..20a89228 100644 --- a/core/modules/systemd/data/usr/lib/systemd/system/systemd-udev-settle.service +++ b/core/modules/systemd/data/usr/lib/systemd/system/systemd-udev-settle.service @@ -16,16 +16,10 @@ DefaultDependencies=no Wants=systemd-udevd.service After=systemd-udev-trigger.service Before=sysinit.target -ConditionCapability=CAP_MKNOD +ConditionPathIsReadWrite=/sys [Service] Type=oneshot TimeoutSec=180 RemainAfterExit=yes -# Don't ask... -ExecStart=/opt/openslx/bin/usleep 100000 -ExecStart=/usr/bin/udevadm settle --timeout=3 -ExecStart=/opt/openslx/bin/usleep 20000 -ExecStart=/usr/bin/udevadm settle --timeout=3 -ExecStart=/opt/openslx/bin/usleep 20000 -ExecStart=/usr/bin/udevadm settle --timeout=3 +ExecStart=/usr/bin/udevadm settle diff --git a/core/modules/systemd/data/usr/lib/systemd/system/systemd-udev-trigger.service b/core/modules/systemd/data/usr/lib/systemd/system/systemd-udev-trigger.service index 6b19c75d..fbc52694 100644 --- a/core/modules/systemd/data/usr/lib/systemd/system/systemd-udev-trigger.service +++ b/core/modules/systemd/data/usr/lib/systemd/system/systemd-udev-trigger.service @@ -9,10 +9,10 @@ Description=udev Coldplug all Devices Documentation=man:udev(7) man:systemd-udevd.service(8) DefaultDependencies=no -Wants=systemd-udevd.service systemd-udev-settle.service -After=systemd-udevd-kernel.socket systemd-udevd-control.socket -Before=sysinit.target systemd-udev-settle.service -ConditionCapability=CAP_MKNOD +Wants=systemd-udevd.service +After=systemd-udevd-kernel.socket systemd-udevd-control.socket systemd-hwdb-update.service +Before=sysinit.target +ConditionPathIsReadWrite=/sys [Service] Type=oneshot diff --git a/core/modules/systemd/data/usr/lib/systemd/system/systemd-udevd-control.socket b/core/modules/systemd/data/usr/lib/systemd/system/systemd-udevd-control.socket index ca17102d..46f704ed 100644 --- a/core/modules/systemd/data/usr/lib/systemd/system/systemd-udevd-control.socket +++ b/core/modules/systemd/data/usr/lib/systemd/system/systemd-udevd-control.socket @@ -10,10 +10,11 @@ Description=udev Control Socket Documentation=man:systemd-udevd.service(8) man:udev(7) DefaultDependencies=no Before=sockets.target -ConditionCapability=CAP_MKNOD +ConditionPathIsReadWrite=/sys [Socket] Service=systemd-udevd.service ListenSequentialPacket=/run/udev/control SocketMode=0600 PassCredentials=yes +RemoveOnStop=yes diff --git a/core/modules/systemd/data/usr/lib/systemd/system/systemd-udevd.service b/core/modules/systemd/data/usr/lib/systemd/system/systemd-udevd.service index 2c33ce53..17534c34 100644 --- a/core/modules/systemd/data/usr/lib/systemd/system/systemd-udevd.service +++ b/core/modules/systemd/data/usr/lib/systemd/system/systemd-udevd.service @@ -10,9 +10,9 @@ Description=udev Kernel Device Manager Documentation=man:systemd-udevd.service(8) man:udev(7) DefaultDependencies=no Wants=systemd-udevd-control.socket systemd-udevd-kernel.socket -After=systemd-udevd-control.socket systemd-udevd-kernel.socket -Before=sysinit.target -ConditionCapability=CAP_MKNOD +After=systemd-udevd-control.socket systemd-udevd-kernel.socket systemd-sysusers.service +Before=sysinit.target +ConditionPathIsReadWrite=/sys [Service] Type=notify @@ -21,3 +21,11 @@ Sockets=systemd-udevd-control.socket systemd-udevd-kernel.socket Restart=always RestartSec=0 ExecStart=/usr/lib/systemd/systemd-udevd +KillMode=mixed +WatchdogSec=3min +TasksMax=infinity +MountFlags=slave +MemoryDenyWriteExecute=yes +RestrictRealtime=yes +RestrictAddressFamilies=AF_UNIX AF_NETLINK AF_INET AF_INET6 +SystemCallArchitectures=native diff --git a/core/modules/systemd/data/usr/lib/systemd/system/systemd-update-utmp-runlevel.service b/core/modules/systemd/data/usr/lib/systemd/system/systemd-update-utmp-runlevel.service new file mode 100644 index 00000000..511f6679 --- /dev/null +++ b/core/modules/systemd/data/usr/lib/systemd/system/systemd-update-utmp-runlevel.service @@ -0,0 +1,21 @@ +# This file is part of systemd. +# +# systemd is free software; you can redistribute it and/or modify it +# under the terms of the GNU Lesser General Public License as published by +# the Free Software Foundation; either version 2.1 of the License, or +# (at your option) any later version. + +[Unit] +Description=Update UTMP about System Runlevel Changes +Documentation=man:systemd-update-utmp.service(8) man:utmp(5) +DefaultDependencies=no +RequiresMountsFor=/var/log/wtmp +Conflicts=shutdown.target +Requisite=systemd-update-utmp.service +After=systemd-update-utmp.service +After=runlevel1.target runlevel2.target runlevel3.target runlevel4.target runlevel5.target +Before=shutdown.target + +[Service] +Type=oneshot +ExecStart=/usr/lib/systemd/systemd-update-utmp runlevel diff --git a/core/modules/systemd/data/usr/lib/systemd/system/systemd-update-utmp.service b/core/modules/systemd/data/usr/lib/systemd/system/systemd-update-utmp.service new file mode 100644 index 00000000..b3651c64 --- /dev/null +++ b/core/modules/systemd/data/usr/lib/systemd/system/systemd-update-utmp.service @@ -0,0 +1,21 @@ +# This file is part of systemd. +# +# systemd is free software; you can redistribute it and/or modify it +# under the terms of the GNU Lesser General Public License as published by +# the Free Software Foundation; either version 2.1 of the License, or +# (at your option) any later version. + +[Unit] +Description=Update UTMP about System Boot/Shutdown +Documentation=man:systemd-update-utmp.service(8) man:utmp(5) +DefaultDependencies=no +RequiresMountsFor=/var/log/wtmp +Conflicts=shutdown.target +After=systemd-remount-fs.service systemd-tmpfiles-setup.service auditd.service +Before=sysinit.target shutdown.target + +[Service] +Type=oneshot +RemainAfterExit=yes +ExecStart=/usr/lib/systemd/systemd-update-utmp reboot +ExecStop=/usr/lib/systemd/systemd-update-utmp shutdown diff --git a/core/modules/systemd/data/usr/lib/systemd/system/systemd-volatile-root.service b/core/modules/systemd/data/usr/lib/systemd/system/systemd-volatile-root.service new file mode 100644 index 00000000..e7997791 --- /dev/null +++ b/core/modules/systemd/data/usr/lib/systemd/system/systemd-volatile-root.service @@ -0,0 +1,21 @@ +# This file is part of systemd. +# +# systemd is free software; you can redistribute it and/or modify it +# under the terms of the GNU Lesser General Public License as published by +# the Free Software Foundation; either version 2.1 of the License, or +# (at your option) any later version. + +[Unit] +Description=Enforce Volatile Root File Systems +Documentation=man:systemd-volatile-root.service(8) +DefaultDependencies=no +Conflicts=shutdown.target +After=sysroot.mount +Before=initrd-root-fs.target shutdown.target +Conflicts=shutdown.target +AssertPathExists=/etc/initrd-release + +[Service] +Type=oneshot +RemainAfterExit=yes +ExecStart=/usr/lib/systemd/systemd-volatile-root yes /sysroot diff --git a/core/modules/systemd/data/usr/lib/systemd/system/time-sync.target b/core/modules/systemd/data/usr/lib/systemd/system/time-sync.target index 54078069..debee741 100644 --- a/core/modules/systemd/data/usr/lib/systemd/system/time-sync.target +++ b/core/modules/systemd/data/usr/lib/systemd/system/time-sync.target @@ -5,9 +5,6 @@ # the Free Software Foundation; either version 2.1 of the License, or # (at your option) any later version. -# This exists mostly for compatibility with SysV/LSB units, and -# implementations lacking socket/bus activation. - [Unit] Description=System Time Synchronized Documentation=man:systemd.special(7) diff --git a/core/modules/systemd/data/usr/lib/systemd/system/timers.target.wants/systemd-tmpfiles-clean.timer b/core/modules/systemd/data/usr/lib/systemd/system/timers.target.wants/systemd-tmpfiles-clean.timer new file mode 120000 index 00000000..ea23a64d --- /dev/null +++ b/core/modules/systemd/data/usr/lib/systemd/system/timers.target.wants/systemd-tmpfiles-clean.timer @@ -0,0 +1 @@ +../systemd-tmpfiles-clean.timer \ No newline at end of file diff --git a/core/modules/systemd/data/usr/lib/systemd/system/user.slice b/core/modules/systemd/data/usr/lib/systemd/system/user.slice new file mode 100644 index 00000000..9fa6284c --- /dev/null +++ b/core/modules/systemd/data/usr/lib/systemd/system/user.slice @@ -0,0 +1,11 @@ +# This file is part of systemd. +# +# systemd is free software; you can redistribute it and/or modify it +# under the terms of the GNU Lesser General Public License as published by +# the Free Software Foundation; either version 2.1 of the License, or +# (at your option) any later version. + +[Unit] +Description=User and Session Slice +Documentation=man:systemd.special(7) +Before=slices.target diff --git a/core/modules/systemd/data/usr/lib/systemd/system/user@.service b/core/modules/systemd/data/usr/lib/systemd/system/user@.service index 876c28c9..9966ae33 100644 --- a/core/modules/systemd/data/usr/lib/systemd/system/user@.service +++ b/core/modules/systemd/data/usr/lib/systemd/system/user@.service @@ -6,18 +6,16 @@ # (at your option) any later version. [Unit] -Description=User Manager for %u +Description=User Manager for UID %i After=systemd-user-sessions.service [Service] -User=%I -PAMName=systemd-shared -# in order to allow MEM_CG features to work, add "memory:/" here -ControlGroup=%R/user/%U.user/shared cpu:/ -ControlGroupModify=yes +User=%i +PAMName=systemd-user Type=notify ExecStart=-/usr/lib/systemd/systemd --user -Environment=DBUS_SESSION_BUS_ADDRESS=unix:path=/run/user/%U/dbus/user_bus_socket - -[Install] -Alias=user@%i.service +Slice=user-%i.slice +KillMode=mixed +Delegate=yes +TasksMax=infinity +TimeoutStopSec=120s diff --git a/core/modules/systemd/module.build b/core/modules/systemd/module.build index f433a7bd..5d634f0e 100644 --- a/core/modules/systemd/module.build +++ b/core/modules/systemd/module.build @@ -11,11 +11,11 @@ fetch_source () { if [ "x$REQUIRED_XATTR_PATCH" = "xyes" ]; then pinfo "Patching 'src/core/socket.c' ..." # patch it - if [ -e "src/$REQUIRED_VERSION/src/core/socket.c" ]; then - sed -i 's/^#include $/#include \n#include /g' "src/$REQUIRED_VERSION/src/core/socket.c" \ - || perror "Could not patch 'src/$REQUIRED_VERSION/src/core/socket.c'" + if [ -e "src/systemd-$REQUIRED_VERSION/src/core/socket.c" ]; then + sed -i 's/^#include $/#include \n#include /g' "src/systemd-$REQUIRED_VERSION/src/core/socket.c" \ + || perror "Could not patch 'src/systemd-$REQUIRED_VERSION/src/core/socket.c'" else - perror "'src/$REQUIRED_VERSION/src/core/socket.c' does not exist." + perror "'src/systemd-$REQUIRED_VERSION/src/core/socket.c' does not exist." fi fi # now check if the old fix needs to be applied @@ -51,11 +51,11 @@ fetch_source () { fi fi - elif [ "x${REQUIRED_VERSION#systemd-}" = "x229" ]; then - patch -p0 src/systemd-*/src/basic/path-util.h < ${MODULE_DIR}/systemd-openslx-229.patch || perror "Failed to apply openslx systemd patch." + elif [ -e "${MODULE_DIR}/systemd-openslx-${REQUIRED_VERSION#systemd-}.patch" ]; then + patch -p0 src/systemd-*/src/basic/path-util.h < "${MODULE_DIR}/systemd-openslx-${REQUIRED_VERSION#systemd-}.patch" || perror "Failed to apply openslx systemd patch." else # TODO use the above hint for setting environmenet through /etc/systemd/system.conf - pinfo "Missing..." + pwarning "OpenSLX patch for systemd missing..." fi # libkmod @@ -73,8 +73,8 @@ build () { #build systemd pinfo "Building systemd" - cd "${MODULE_WORK_DIR}/src/$REQUIRED_VERSION" - pinfo "calling configure in ${MODULE_WORK_DIR}/src/$REQUIRED_VERSION" + cd "${MODULE_WORK_DIR}/src/systemd-$REQUIRED_VERSION" + pinfo "calling configure in ${MODULE_WORK_DIR}/src/systemd-$REQUIRED_VERSION" # Save potentially pre-used paths/flages OLDLDFLAGS="$LDFLAGS" @@ -103,6 +103,16 @@ build () { --disable-localed \ --disable-coredump \ --disable-keymap \ + --disable-hwdb \ + --disable-ldconfig \ + --disable-networkd \ + --disable-resolved \ + --disable-timesyncd \ + --disable-importd \ + --disable-rfkill \ + --disable-backlight \ + --disable-firstboot \ + --disable-nss-systemd \ --without-python \ --enable-blkid \ --enable-acl \ @@ -116,6 +126,9 @@ build () { pinfo "calling make install" DESTDIR="${MODULE_BUILD_DIR}" make install || perror "make install failed." cd - &> /dev/null + # Nonsense in our env + rm -f -- "${MODULE_BUILD_DIR}/usr/lib/tmpfiles.d/etc.conf" + rm -f -- "${MODULE_BUILD_DIR}/usr/lib/tmpfiles.d/systemd-remote.conf" # Restore used flags/paths: export LDFLAGS="$OLDLDFLAGS" @@ -125,6 +138,7 @@ build () { } post_copy() { - : + add_user "kvm" + add_user "systemd-journal-upload" } diff --git a/core/modules/systemd/module.conf b/core/modules/systemd/module.conf index d0194c9b..4ee773b9 100644 --- a/core/modules/systemd/module.conf +++ b/core/modules/systemd/module.conf @@ -1,7 +1,7 @@ #!/bin/bash -REQUIRED_VERSION="systemd-204" -REQUIRED_URL="http://www.freedesktop.org/software/systemd/${REQUIRED_VERSION}.tar.xz" -REQUIRED_LIBKMOD_VERSION="kmod-14" +REQUIRED_VERSION="234" +REQUIRED_URL="https://github.com/systemd/systemd/archive/v${REQUIRED_VERSION}.tar.gz" +REQUIRED_LIBKMOD_VERSION="kmod-15" REQUIRED_LIBKMOD_URL="http://www.kernel.org/pub/linux/utils/kernel/kmod/${REQUIRED_LIBKMOD_VERSION}.tar.gz" REQUIRED_BINARIES=" journalctl @@ -31,16 +31,12 @@ REQUIRED_BINARIES=" systemd-journald systemd-logind systemd-modules-load - systemd-multi-seat-x systemd-random-seed - systemd-readahead systemd-remount-fs systemd-reply-password systemd-shutdown - systemd-shutdownd systemd-sleep systemd-sysctl - systemd-timestamp systemd-udevd systemd-update-utmp systemd-user-sessions @@ -49,7 +45,6 @@ REQUIRED_BINARIES=" systemd-getty-generator systemd-rc-local-generator systemd-system-update-generator - accelerometer ata_id cdrom_id collect @@ -64,4 +59,5 @@ REQUIRED_DIRECTORIES=" /usr/share/polkit-1 /usr/lib/udev /usr/lib/tmpfiles.d + /usr/lib/systemd/user " diff --git a/core/modules/systemd/module.conf.ubuntu b/core/modules/systemd/module.conf.ubuntu index 09233f45..f742bb03 100644 --- a/core/modules/systemd/module.conf.ubuntu +++ b/core/modules/systemd/module.conf.ubuntu @@ -9,4 +9,5 @@ REQUIRED_INSTALLED_PACKAGES=" libblkid-dev libacl1-dev libpam-dev + libmount-dev " diff --git a/core/modules/systemd/systemd-openslx-234.patch b/core/modules/systemd/systemd-openslx-234.patch new file mode 120000 index 00000000..68290ecb --- /dev/null +++ b/core/modules/systemd/systemd-openslx-234.patch @@ -0,0 +1 @@ +systemd-openslx-229.patch \ No newline at end of file -- cgit v1.2.3-55-g7522