diff options
Diffstat (limited to 'abs/core/systemd/PKGBUILD')
-rw-r--r-- | abs/core/systemd/PKGBUILD | 238 |
1 files changed, 160 insertions, 78 deletions
diff --git a/abs/core/systemd/PKGBUILD b/abs/core/systemd/PKGBUILD index ecbf16c..f2c335c 100644 --- a/abs/core/systemd/PKGBUILD +++ b/abs/core/systemd/PKGBUILD @@ -1,88 +1,155 @@ +# $Id$ +# Maintainer: Christian Hesse <mail@eworm.de> # Maintainer: Dave Reisner <dreisner@archlinux.org> # Maintainer: Tom Gundersen <teg@jklm.no> pkgbase=systemd pkgname=('systemd' 'libsystemd' 'systemd-sysvcompat') -pkgver=224 -pkgrel=2 -arch=('i686' 'x86_64') -url="http://www.freedesktop.org/wiki/Software/systemd" -makedepends=('acl' 'cryptsetup' 'docbook-xsl' 'gperf' 'lz4' 'xz' 'pam' +# latest commit on stable branch +_commit='7909254c7a8ee09d91b8b21fd779320b3e2fe716' +# Bump this to latest major release for signed tag verification, +# the commit count is handled by pkgver() function. +pkgver=237.64 +pkgrel=1 +arch=('x86_64') +url="https://www.github.com/systemd/systemd" +makedepends=('acl' 'cryptsetup' 'docbook-xsl' 'gperf' 'lz4' 'xz' 'pam' 'libelf' 'intltool' 'iptables' 'kmod' 'libcap' 'libidn' 'libgcrypt' 'libmicrohttpd' 'libxslt' 'util-linux' 'linux-api-headers' - 'python2-lxml' 'quota-tools' 'shadow' 'gnu-efi-libs' 'git') -options=('strip' 'debug') -source=("git://github.com/systemd/systemd.git#tag=v$pkgver" + 'python-lxml' 'quota-tools' 'shadow' 'gnu-efi-libs' 'git' + 'meson' 'libseccomp' 'pcre2') +options=('strip') +validpgpkeys=('63CDA1E5D3FC22B998D20DD6327F26951A015CC4') # Lennart Poettering <lennart@poettering.net> +source=('git://github.com/systemd/systemd-stable.git' + 'git://github.com/systemd/systemd.git' # pull in for tags, backports & reverts 'initcpio-hook-udev' 'initcpio-install-systemd' 'initcpio-install-udev' 'arch.conf' 'loader.conf' - 'splash-arch.bmp') -md5sums=('SKIP' - '90ea67a7bb237502094914622a39e281' - '976c5511b6493715e381f43f16cdb151' - '1b3aa3a0551b08af9305d33f85b5c2fc' - '20ead378f5d6df4b2a3e670301510a7d' - 'ddaef54f68f6c86c6c07835fc668f62a' - '1e2f9a8b0fa32022bf0a8f39123e5f4e') + 'splash-arch.bmp' + 'systemd-user.pam' + 'systemd-hwdb.hook' + 'systemd-sysusers.hook' + 'systemd-tmpfiles.hook' + 'systemd-update.hook') +sha512sums=('SKIP' + 'SKIP' + 'f0d933e8c6064ed830dec54049b0a01e27be87203208f6ae982f10fb4eddc7258cb2919d594cbfb9a33e74c3510cfd682f3416ba8e804387ab87d1a217eb4b73' + '86d7cacd7536b1069c82bbbb08de7ec81e7f0f18a19fc2b06fabe90db4700623eb3540b75121080d325672d92e26912632ae4f93fd3c0bb48eb3e5eedd88352c' + 'a25b28af2e8c516c3a2eec4e64b8c7f70c21f974af4a955a4a9d45fd3e3ff0d2a98b4419fe425d47152d5acae77d64e69d8d014a7209524b75a81b0edb10bf3a' + '61032d29241b74a0f28446f8cf1be0e8ec46d0847a61dadb2a4f096e8686d5f57fe5c72bcf386003f6520bc4b5856c32d63bf3efe7eb0bc0deefc9f68159e648' + 'c416e2121df83067376bcaacb58c05b01990f4614ad9de657d74b6da3efa441af251d13bf21e3f0f71ddcb4c9ea658b81da3d915667dc5c309c87ec32a1cb5a5' + '5a1d78b5170da5abe3d18fdf9f2c3a4d78f15ba7d1ee9ec2708c4c9c2e28973469bc19386f70b3cf32ffafbe4fcc4303e5ebbd6d5187a1df3314ae0965b25e75' + 'b90c99d768dc2a4f020ba854edf45ccf1b86a09d2f66e475de21fe589ff7e32c33ef4aa0876d7f1864491488fd7edb2682fc0d68e83a6d4890a0778dc2d6fe19' + '2c1f765e7cefc50f07ad994634ea25d9396e6b9c0de46e58f18377e642a471517a0dbf5eb547070a38c6ecf84ec8e030f650a6cee010871cd7a466a32534adda' + '7d49a948f5d58f662a7d81544254528257ef8c0a08ca560834f09a7cdf566161d2df4d419ebbc2983196cd45c9eeefcd0c4c2c554376916dce42e895262afc30' + 'e521d92674597f82d589b83c378c50c92c881fdb84c436c8b26f7a3436a4c91a20585824a5563933f6868a3023b9ee2fdc7bd58e04bb47c25a0a36e296308fd3' + '10190fba9f39a8f4b620a0829e0ba8ed63bb4dbeca712966011ee7807880d01ab2abff1a80baafeb6674db70526a473fe585db8190e864f318fc4d6068552618') + +_backports=( +) + +_reverts=( +) + +_validate_tag() { + local success fingerprint trusted status tag=v${pkgver%.*} + + parse_gpg_statusfile /dev/stdin < <(git verify-tag --raw "$tag" 2>&1) + + if (( ! success )); then + error 'failed to validate tag %s\n' "$tag" + return 1 + fi + + if ! in_array "$fingerprint" "${validpgpkeys[@]}" && (( ! trusted )); then + error 'unknown or untrusted public key: %s\n' "$fingerprint" + return 1 + fi + + case $status in + 'expired') + warning 'the signature has expired' + ;; + 'expiredkey') + warning 'the key has expired' + ;; + esac + + return 0 +} + +pkgver() { + local version count + + cd "$pkgbase-stable" + + version="$(git describe --abbrev=0 --tags)" + count="$(git rev-list --count ${version}..)" + printf '%s.%s' "${version#v}" "${count}" +} prepare() { - cd "$pkgname" + cd "$pkgbase-stable" + + git remote add upstream ../systemd/ + git fetch --all - # networkd: fix neworkd crash - # https://github.com/systemd/systemd/commit/49f6e11e89b4 - git cherry-pick -n 49f6e11e89b4 + git checkout "${_commit}" - ./autogen.sh + _validate_tag || return + + local _commit + for _commit in "${_backports[@]}"; do + git cherry-pick -n "$_commit" + done + for _commit in "${_reverts[@]}"; do + git revert -n "$_commit" + done } build() { - cd "$pkgname" - local timeservers=({0..3}.arch.pool.ntp.org) - ./configure \ - --libexecdir=/usr/lib \ - --localstatedir=/var \ - --sysconfdir=/etc \ - --enable-lz4 \ - --enable-compat-libs \ - --enable-gnuefi \ - --disable-audit \ - --disable-ima \ - --disable-kdbus \ - --with-sysvinit-path= \ - --with-sysvrcnd-path= \ - --with-ntp-servers="${timeservers[*]}" - - make + local meson_options=( + -Daudit=false + -Dgnuefi=true + -Dima=false + -Dlz4=true + + -Ddbuspolicydir=/usr/share/dbus-1/system.d + -Ddefault-dnssec=no + # TODO(dreisner): consider changing this to unified + -Ddefault-hierarchy=hybrid + -Ddefault-kill-user-processes=false + -Dfallback-hostname='archlinux' + -Dntp-servers="${timeservers[*]}" + -Drpmmacrosdir=no + -Dsysvinit-path= + -Dsysvrcnd-path= + ) + + arch-meson "$pkgbase-stable" build "${meson_options[@]}" + + ninja -C build } package_systemd() { pkgdesc="system and service manager" license=('GPL2' 'LGPL2.1') - depends=('acl' 'bash' 'dbus' 'iptables' 'kbd' 'kmod' 'hwids' 'libcap' - 'libgcrypt' 'libsystemd' 'libidn' 'lz4' 'pam' 'libseccomp' 'util-linux' - 'xz') + groups=('base-devel') + depends=('acl' 'bash' 'cryptsetup' 'dbus' 'iptables' 'kbd' 'kmod' 'hwids' 'libcap' + 'libgcrypt' 'libsystemd' 'libidn' 'lz4' 'pam' 'libelf' 'libseccomp' + 'util-linux' 'xz' 'pcre2') provides=('nss-myhostname' "systemd-tools=$pkgver" "udev=$pkgver") replaces=('nss-myhostname' 'systemd-tools' 'udev') conflicts=('nss-myhostname' 'systemd-tools' 'udev') - optdepends=('cryptsetup: required for encrypted block devices' - 'libmicrohttpd: remote journald capabilities' + optdepends=('libmicrohttpd: remote journald capabilities' 'quota-tools: kernel-level quota management' 'systemd-sysvcompat: symlink package to provide sysvinit binaries' 'polkit: allow administration as unprivileged user') - backup=(etc/dbus-1/system.d/org.freedesktop.systemd1.conf - etc/dbus-1/system.d/org.freedesktop.hostname1.conf - etc/dbus-1/system.d/org.freedesktop.login1.conf - etc/dbus-1/system.d/org.freedesktop.locale1.conf - etc/dbus-1/system.d/org.freedesktop.machine1.conf - etc/dbus-1/system.d/org.freedesktop.timedate1.conf - etc/dbus-1/system.d/org.freedesktop.import1.conf - etc/dbus-1/system.d/org.freedesktop.network1.conf - etc/pam.d/systemd-user - etc/systemd/bootchart.conf + backup=(etc/pam.d/systemd-user etc/systemd/coredump.conf etc/systemd/journald.conf etc/systemd/journal-remote.conf @@ -95,17 +162,15 @@ package_systemd() { etc/udev/udev.conf) install="systemd.install" - make -C "$pkgname" DESTDIR="$pkgdir" install + DESTDIR="$pkgdir" ninja -C build install # don't write units to /etc by default. some of these will be re-enabled on # post_install. rm -r "$pkgdir/etc/systemd/system/"*.wants - - # get rid of RPM macros - rm -r "$pkgdir/usr/lib/rpm" + rm -r "$pkgdir/etc/systemd/system/"*.service # add back tmpfiles.d/legacy.conf - install -m644 "$pkgname/tmpfiles.d/legacy.conf" "$pkgdir/usr/lib/tmpfiles.d" + install -m644 "$pkgbase-stable/tmpfiles.d/legacy.conf" "$pkgdir/usr/lib/tmpfiles.d" # Replace dialout/tape/cdrom group in rules with uucp/storage/optical group sed -i 's#GROUP="dialout"#GROUP="uucp"#g; @@ -120,45 +185,59 @@ package_systemd() { install -Dm644 "$srcdir/initcpio-install-udev" "$pkgdir/usr/lib/initcpio/install/udev" install -Dm644 "$srcdir/initcpio-hook-udev" "$pkgdir/usr/lib/initcpio/hooks/udev" - # ensure proper permissions for /var/log/journal. This is only to placate + # ensure proper permissions for /var/log/journal + # The permissions are stored with named group by tar, so this works with + # users and groups populated by systemd-sysusers. This is only to prevent a + # warning from pacman as permissions are set by systemd-tmpfiles anyway. chown root:systemd-journal "$pkgdir/var/log/journal" chmod 2755 "$pkgdir/var/log/journal" - # we'll create this on installation - #rmdir "$pkgdir/var/log/journal/remote" + # match directory owner/group and mode from extra/polkit + chown root:102 "$pkgdir"/usr/share/polkit-1/rules.d + chmod 0750 "$pkgdir"/usr/share/polkit-1/rules.d - # fix pam file - sed 's|system-auth|system-login|g' -i "$pkgdir/etc/pam.d/systemd-user" + # we'll create this on installation + # rmdir "$pkgdir/var/log/journal/remote" # ship default policy to leave services disabled echo 'disable *' >"$pkgdir"/usr/lib/systemd/system-preset/99-default.preset - ### split out manpages for sysvcompat - rm -rf "$srcdir/_sysvcompat" - install -dm755 "$srcdir"/_sysvcompat/usr/share/man/man8/ - mv "$pkgdir"/usr/share/man/man8/{telinit,halt,reboot,poweroff,runlevel,shutdown}.8 \ - "$srcdir"/_sysvcompat/usr/share/man/man8 + # manpages shipped with systemd-sysvcompat + rm "$pkgdir"/usr/share/man/man8/{telinit,halt,reboot,poweroff,runlevel,shutdown}.8 + + # runtime libraries shipped with libsystemd + rm "$pkgdir"/usr/lib/lib{nss,systemd,udev}*.so* - ### split off runtime libraries - rm -rf "$srcdir/_libsystemd" - install -dm755 "$srcdir"/_libsystemd/usr/lib - cd "$srcdir"/_libsystemd - mv "$pkgdir"/usr/lib/lib{systemd,udev}*.so* usr/lib + # allow core/filesystem to pristine nsswitch.conf + rm "$pkgdir/usr/share/factory/etc/nsswitch.conf" + sed -i '/^C \/etc\/nsswitch\.conf/d' "$pkgdir/usr/lib/tmpfiles.d/etc.conf" # add example bootctl configuration install -Dm644 "$srcdir/arch.conf" "$pkgdir"/usr/share/systemd/bootctl/arch.conf install -Dm644 "$srcdir/loader.conf" "$pkgdir"/usr/share/systemd/bootctl/loader.conf install -Dm644 "$srcdir/splash-arch.bmp" "$pkgdir"/usr/share/systemd/bootctl/splash-arch.bmp + + install -Dm644 "$srcdir/systemd-hwdb.hook" "$pkgdir/usr/share/libalpm/hooks/systemd-hwdb.hook" + install -Dm644 "$srcdir/systemd-sysusers.hook" "$pkgdir/usr/share/libalpm/hooks/systemd-sysusers.hook" + install -Dm644 "$srcdir/systemd-tmpfiles.hook" "$pkgdir/usr/share/libalpm/hooks/systemd-tmpfiles.hook" + install -Dm644 "$srcdir/systemd-update.hook" "$pkgdir/usr/share/libalpm/hooks/systemd-update.hook" + + # overwrite the systemd-user PAM configuration with our own + install -Dm644 systemd-user.pam "$pkgdir/etc/pam.d/systemd-user" } package_libsystemd() { pkgdesc="systemd client libraries" - depends=('glibc' 'libgcrypt' 'lz4' 'xz') + depends=('glibc' 'libcap' 'libgcrypt' 'lz4' 'xz') license=('GPL2') - provides=('libsystemd.so' 'libsystemd-daemon.so' 'libsystemd-id128.so' - 'libsystemd-journal.so' 'libsystemd-login.so' 'libudev.so') + provides=('libsystemd.so' 'libudev.so') + + # meson does not support installing subsets of files, no? + # So do a full install to temporary directory, then install what we need. + DESTDIR="$srcdir"/full-install ninja -C build install - mv "$srcdir/_libsystemd"/* "$pkgdir" + install -dm755 "$pkgdir"/usr/lib/ + cp --archive "$srcdir"/full-install/usr/lib/lib{nss_*,systemd,udev}.so* "$pkgdir"/usr/lib/ } package_systemd-sysvcompat() { @@ -168,7 +247,10 @@ package_systemd-sysvcompat() { conflicts=('sysvinit') depends=('systemd') - mv "$srcdir/_sysvcompat"/* "$pkgdir" + install -dm755 "$pkgdir"/usr/share/man/man8 + cp -d --no-preserve=ownership,timestamp \ + build/man/{telinit,halt,reboot,poweroff,runlevel,shutdown}.8 \ + "$pkgdir"/usr/share/man/man8 install -dm755 "$pkgdir/usr/bin" #for tool in runlevel reboot shutdown poweroff halt telinit; do |