36e8a3
#global gitcommit 10e465b5321bd53c1fc59ffab27e724535c6bc0f
36e8a3
%{?gitcommit:%global gitcommitshort %(c=%{gitcommit}; echo ${c:0:7})}
36e8a3
36e8a3
# We ship a .pc file but don't want to have a dep on pkg-config. We
36e8a3
# strip the automatically generated dep here and instead co-own the
36e8a3
# directory.
36e8a3
%global __requires_exclude pkg-config
36e8a3
36e8a3
%global pkgdir %{_prefix}/lib/systemd
36e8a3
%global system_unit_dir %{pkgdir}/system
36e8a3
%global user_unit_dir %{pkgdir}/user
36e8a3
36e8a3
Name:           systemd
36e8a3
Url:            http://www.freedesktop.org/wiki/Software/systemd
36e8a3
Version:        239
446ea3
Release:        45%{?dist}.3
36e8a3
# For a breakdown of the licensing, see README
36e8a3
License:        LGPLv2+ and MIT and GPLv2+
36e8a3
Summary:        System and Service Manager
36e8a3
36e8a3
# download tarballs with "spectool -g systemd.spec"
36e8a3
%if %{defined gitcommit}
36e8a3
Source0:        https://github.com/systemd/systemd-stable/archive/%{?gitcommit}.tar.gz#/%{name}-%{gitcommitshort}.tar.gz
36e8a3
%else
36e8a3
Source0:        https://github.com/systemd/systemd/archive/v%{version}.tar.gz#/%{name}-%{version}.tar.gz
36e8a3
%endif
36e8a3
# This file must be available before %%prep.
36e8a3
# It is generated during systemd build and can be found in src/core/.
36e8a3
Source1:        triggers.systemd
36e8a3
Source2:        split-files.py
36e8a3
Source3:        purge-nobody-user
36e8a3
36e8a3
# Prevent accidental removal of the systemd package
36e8a3
Source4:        yum-protect-systemd.conf
36e8a3
36e8a3
Source5:        inittab
36e8a3
Source6:        sysctl.conf.README
36e8a3
Source7:        systemd-journal-remote.xml
36e8a3
Source8:        systemd-journal-gatewayd.xml
36e8a3
Source9:        20-yama-ptrace.conf
36e8a3
Source10:       systemd-udev-trigger-no-reload.conf
36e8a3
Source11:       20-grubby.install
36e8a3
Source12:       systemd-user
36e8a3
Source13:       rc.local
36e8a3
36e8a3
%if 0
36e8a3
GIT_DIR=../../src/systemd/.git git format-patch-ab --no-signature -M -N v235..v235-stable
36e8a3
i=1; for j in 00*patch; do printf "Patch%04d:      %s\n" $i $j; i=$((i+1));done|xclip
36e8a3
GIT_DIR=../../src/systemd/.git git diffab -M v233..master@{2017-06-15} -- hwdb/[67]* hwdb/parse_hwdb.py > hwdb.patch
36e8a3
%endif
36e8a3
36e8a3
# RHEL-specific
36e8a3
Patch0001: 0001-build-sys-Detect-whether-struct-statx-is-defined-in-.patch
36e8a3
Patch0002: 0002-logind-set-RemoveIPC-to-false-by-default.patch
36e8a3
Patch0003: 0003-pid1-bump-DefaultTasksMax-to-80-of-the-kernel-pid.ma.patch
36e8a3
Patch0004: 0004-Avoid-tmp-being-mounted-as-tmpfs-without-the-user-s-.patch
36e8a3
Patch0005: 0005-pid1-bump-maximum-number-of-process-in-user-slice-to.patch
36e8a3
Patch0006: 0006-rules-automatically-online-hot-plugged-CPUs.patch
36e8a3
Patch0007: 0007-rules-add-rule-for-naming-Dell-iDRAC-USB-Virtual-NIC.patch
36e8a3
Patch0008: 0008-rules-enable-memory-hotplug.patch
36e8a3
Patch0009: 0009-rules-reload-sysctl-settings-when-the-bridge-module-.patch
36e8a3
Patch0010: 0010-rules-load-sg-module.patch
36e8a3
Patch0011: 0011-rules-prandom-character-device-node-permissions.patch
36e8a3
Patch0012: 0012-rules-load-sg-driver-also-when-scsi_target-appears-4.patch
36e8a3
Patch0013: 0013-rules-don-t-hoplug-memory-on-s390x.patch
36e8a3
Patch0014: 0014-rules-disable-auto-online-of-hot-plugged-memory-on-I.patch
36e8a3
Patch0015: 0015-rules-introduce-old-style-by-path-symlinks-for-FCP-b.patch
36e8a3
Patch0016: 0016-Revert-udev-remove-WAIT_FOR-key.patch
36e8a3
Patch0017: 0017-net_setup_link-allow-renaming-interfaces-that-were-r.patch
36e8a3
Patch0018: 0018-units-drop-DynamicUser-yes-from-systemd-resolved.ser.patch
36e8a3
Patch0019: 0019-journal-remove-journal-audit-socket.patch
36e8a3
Patch0020: 0020-bus-move-BUS_DONT_DESTROY-calls-after-asserts.patch
36e8a3
Patch0021: 0021-random-seed-raise-POOL_SIZE_MIN-constant-to-1024.patch
36e8a3
Patch0022: 0022-cryptsetup-add-support-for-sector-size-option-9936.patch
36e8a3
Patch0023: 0023-cryptsetup-do-not-define-arg_sector_size-if-libgcryp.patch
36e8a3
Patch0024: 0024-units-don-t-enable-per-service-IP-firewall-by-defaul.patch
36e8a3
Patch0025: 0025-bus-message-do-not-crash-on-message-with-a-string-of.patch
36e8a3
Patch0026: 0026-Introduce-free_and_strndup-and-use-it-in-bus-message.patch
36e8a3
Patch0027: 0027-tests-backport-test_setup_logging.patch
36e8a3
Patch0028: 0028-journal-change-support-URL-shown-in-the-catalog-entr.patch
36e8a3
Patch0029: 0029-resolved-create-etc-resolv.conf-symlink-at-runtime.patch
36e8a3
Patch0030: 0030-dissect-image-use-right-comparison-function.patch
36e8a3
Patch0031: 0031-login-avoid-leak-of-name-returned-by-uid_to_name.patch
36e8a3
Patch0032: 0032-firewall-util-add-an-assert-that-we-re-not-overwriti.patch
36e8a3
Patch0033: 0033-journal-file-avoid-calling-ftruncate-with-invalid-fd.patch
36e8a3
Patch0034: 0034-dhcp6-make-sure-we-have-enough-space-for-the-DHCP6-o.patch
36e8a3
Patch0035: 0035-core-rename-queued_message-pending_reload_message.patch
36e8a3
Patch0036: 0036-core-when-we-can-t-send-the-pending-reload-message-s.patch
36e8a3
Patch0037: 0037-core-make-sure-we-don-t-throttle-change-signal-gener.patch
36e8a3
Patch0038: 0038-proc-cmdline-introduce-PROC_CMDLINE_RD_STRICT.patch
36e8a3
Patch0039: 0039-debug-generator-introduce-rd.-version-of-all-options.patch
36e8a3
Patch0040: 0040-chown-recursive-let-s-rework-the-recursive-logic-to-.patch
36e8a3
Patch0041: 0041-chown-recursive-also-drop-ACLs-when-recursively-chow.patch
36e8a3
Patch0042: 0042-chown-recursive-TAKE_FD-is-your-friend.patch
36e8a3
Patch0043: 0043-test-add-test-case-for-recursive-chown-ing.patch
36e8a3
Patch0044: 0044-Revert-sysctl.d-request-ECN-on-both-in-and-outgoing-.patch
36e8a3
Patch0045: 0045-detect-virt-do-not-try-to-read-all-of-proc-cpuinfo.patch
36e8a3
Patch0046: 0046-sd-bus-unify-three-code-paths-which-free-struct-bus_.patch
36e8a3
Patch0047: 0047-sd-bus-properly-initialize-containers.patch
36e8a3
Patch0048: 0048-cryptsetup-generator-introduce-basic-keydev-support.patch
36e8a3
Patch0049: 0049-cryptsetup-don-t-use-m-if-there-s-no-error-to-show.patch
36e8a3
Patch0050: 0050-cryptsetup-generator-don-t-return-error-if-target-di.patch
36e8a3
Patch0051: 0051-cryptsetup-generator-allow-whitespace-characters-in-.patch
36e8a3
Patch0052: 0052-rules-watch-metadata-changes-on-DASD-devices.patch
36e8a3
Patch0053: 0053-sysctl.d-switch-net.ipv4.conf.all.rp_filter-from-1-t.patch
36e8a3
Patch0054: 0054-tests-explicitly-enable-user-namespaces-for-TEST-13-.patch
36e8a3
Patch0055: 0055-nspawn-beef-up-netns-checking-a-bit-for-compat-with-.patch
36e8a3
Patch0056: 0056-test-Drop-SKIP_INITRD-for-QEMU-based-tests.patch
36e8a3
Patch0057: 0057-meson-rename-Ddebug-to-Ddebug-extra.patch
36e8a3
Patch0058: 0058-meson-check-whether-gnutls-supports-TCP-fast-open.patch
36e8a3
Patch0059: 0059-unit-don-t-add-Requires-for-tmp.mount.patch
36e8a3
Patch0060: 0060-tests-drop-the-precondition-check-for-inherited-flag.patch
36e8a3
Patch0061: 0061-core-when-deserializing-state-always-use-read_line-L.patch
36e8a3
Patch0062: 0062-core-enforce-a-limit-on-STATUS-texts-recvd-from-serv.patch
36e8a3
Patch0063: 0063-travis-enable-Travis-CI-on-CentOS-7.patch
36e8a3
Patch0064: 0064-travis-RHEL8-support.patch
36e8a3
Patch0065: 0065-travis-drop-the-SELinux-Fedora-workaround.patch
36e8a3
Patch0066: 0066-travis-fix-syntax-error-in-.travis.yml.patch
36e8a3
Patch0067: 0067-travis-reboot-the-container-before-running-tests.patch
36e8a3
Patch0068: 0068-coredump-remove-duplicate-MESSAGE-prefix-from-messag.patch
36e8a3
Patch0069: 0069-journald-remove-unnecessary.patch
36e8a3
Patch0070: 0070-journald-do-not-store-the-iovec-entry-for-process-co.patch
36e8a3
Patch0071: 0071-basic-process-util-limit-command-line-lengths-to-_SC.patch
36e8a3
Patch0072: 0072-coredump-fix-message-when-we-fail-to-save-a-journald.patch
36e8a3
Patch0073: 0073-procfs-util-expose-functionality-to-query-total-memo.patch
36e8a3
Patch0074: 0074-basic-prioq-add-prioq_peek_item.patch
36e8a3
Patch0075: 0075-journal-limit-the-number-of-entries-in-the-cache-bas.patch
36e8a3
Patch0076: 0076-journald-periodically-drop-cache-for-all-dead-PIDs.patch
36e8a3
Patch0077: 0077-process-util-don-t-use-overly-large-buffer-to-store-.patch
36e8a3
Patch0078: 0078-Revert-sysctl.d-switch-net.ipv4.conf.all.rp_filter-f.patch
36e8a3
Patch0079: 0079-journal-fix-syslog_parse_identifier.patch
36e8a3
Patch0080: 0080-journald-set-a-limit-on-the-number-of-fields-1k.patch
36e8a3
Patch0081: 0081-journald-when-processing-a-native-message-bail-more-.patch
36e8a3
Patch0082: 0082-journald-lower-the-maximum-entry-size-limit-to-for-n.patch
36e8a3
Patch0083: 0083-httpd-use-a-cleanup-function-to-call-MHD_destroy_res.patch
36e8a3
Patch0084: 0084-journal-remote-verify-entry-length-from-header.patch
36e8a3
Patch0085: 0085-journal-remote-set-a-limit-on-the-number-of-fields-i.patch
36e8a3
Patch0086: 0086-journald-correctly-attribute-log-messages-also-with-.patch
36e8a3
Patch0087: 0087-test-replace-echo-with-socat.patch
36e8a3
Patch0088: 0088-test-network-ignore-tunnel-devices-automatically-add.patch
36e8a3
Patch0089: 0089-rules-add-elevator-kernel-command-line-parameter.patch
4bff0a
Patch0090: 0090-rule-syntax-check-allow-PROGRAM-as-an-assignment.patch
4bff0a
Patch0091: 0091-rules-implement-new-memory-hotplug-policy.patch
4bff0a
Patch0092: 0092-LGTM-make-LGTM.com-use-meson-from-pip.patch
4bff0a
Patch0093: 0093-lgtm-use-python3.patch
4bff0a
Patch0094: 0094-tools-use-print-function-in-Python-3-code.patch
4bff0a
Patch0095: 0095-lgtm-add-a-custom-query-for-catching-the-use-of-fget.patch
4bff0a
Patch0096: 0096-lgtm-drop-redundant-newlines.patch
4bff0a
Patch0097: 0097-rules-add-the-rule-that-adds-elevator-kernel-command.patch
4bff0a
Patch0098: 0098-test-add-TEST-24-UNIT-TESTS-running-all-basic-tests-.patch
4bff0a
Patch0099: 0099-tests-create-the-asan-wrapper-automatically-if-syste.patch
4bff0a
Patch0100: 0100-tests-add-a-wrapper-for-when-systemd-is-built-with-A.patch
4bff0a
Patch0101: 0101-tests-redirect-ASAN-reports-on-journald-to-a-file.patch
4bff0a
Patch0102: 0102-tests-use-the-asan-wrapper-to-boot-a-VM-container-if.patch
4bff0a
Patch0103: 0103-tests-allow-passing-additional-arguments-to-nspawn-v.patch
4bff0a
Patch0104: 0104-tests-also-run-TEST-01-BASIC-in-an-unprivileged-cont.patch
4bff0a
Patch0105: 0105-test-don-t-overwrite-TESTDIR-if-already-set.patch
4bff0a
Patch0106: 0106-bus-socket-Fix-line_begins-to-accept-word-matching-f.patch
4bff0a
Patch0107: 0107-Refuse-dbus-message-paths-longer-than-BUS_PATH_SIZE_.patch
4bff0a
Patch0108: 0108-Allocate-temporary-strings-to-hold-dbus-paths-on-the.patch
4bff0a
Patch0109: 0109-sd-bus-if-we-receive-an-invalid-dbus-message-ignore-.patch
4bff0a
Patch0110: 0110-meson-drop-misplaced-Wl-undefined-argument.patch
4bff0a
Patch0111: 0111-Revert-core-one-step-back-again-for-nspawn-we-actual.patch
4bff0a
Patch0112: 0112-tree-wide-shorten-error-logging-a-bit.patch
4bff0a
Patch0113: 0113-nspawn-simplify-machine-terminate-bus-call.patch
4bff0a
Patch0114: 0114-nspawn-merge-two-variable-declaration-lines.patch
4bff0a
Patch0115: 0115-nspawn-rework-how-we-allocate-kill-scopes.patch
4bff0a
Patch0116: 0116-unit-enqueue-cgroup-empty-check-event-if-the-last-re.patch
4bff0a
Patch0117: 0117-Revert-journal-remove-journal-audit-socket.patch
4bff0a
Patch0118: 0118-journal-don-t-enable-systemd-journald-audit.socket-b.patch
4bff0a
Patch0119: 0119-logs-show-use-grey-color-for-de-emphasizing-journal-.patch
4bff0a
Patch0120: 0120-units-add-Install-section-to-tmp.mount.patch
4bff0a
Patch0121: 0121-nss-do-not-modify-errno-when-NSS_STATUS_NOTFOUND-or-.patch
4bff0a
Patch0122: 0122-util.h-add-new-UNPROTECT_ERRNO-macro.patch
4bff0a
Patch0123: 0123-nss-unportect-errno-before-writing-to-NSS-errnop.patch
4bff0a
Patch0124: 0124-seccomp-reduce-logging-about-failure-to-add-syscall-.patch
4bff0a
Patch0125: 0125-format-table-when-duplicating-a-cell-also-copy-the-c.patch
4bff0a
Patch0126: 0126-format-table-optionally-make-specific-cells-clickabl.patch
4bff0a
Patch0127: 0127-format-table-before-outputting-a-color-check-if-colo.patch
4bff0a
Patch0128: 0128-format-table-add-option-to-store-format-percent-and-.patch
4bff0a
Patch0129: 0129-format-table-optionally-allow-reversing-the-sort-ord.patch
4bff0a
Patch0130: 0130-format-table-add-table_update-to-update-existing-ent.patch
4bff0a
Patch0131: 0131-format-table-add-an-API-for-getting-the-cell-at-a-sp.patch
4bff0a
Patch0132: 0132-format-table-always-underline-header-line.patch
4bff0a
Patch0133: 0133-format-table-add-calls-to-query-the-data-in-a-specif.patch
4bff0a
Patch0134: 0134-format-table-make-sure-we-never-call-memcmp-with-NUL.patch
4bff0a
Patch0135: 0135-format-table-use-right-field-for-display.patch
4bff0a
Patch0136: 0136-format-table-add-option-to-uppercase-cells-on-displa.patch
4bff0a
Patch0137: 0137-format-table-never-try-to-reuse-cells-that-have-colo.patch
4bff0a
Patch0138: 0138-locale-util-add-logic-to-output-smiley-emojis-at-var.patch
4bff0a
Patch0139: 0139-analyze-add-new-security-verb.patch
4bff0a
Patch0140: 0140-tests-add-a-rudimentary-fuzzer-for-server_process_sy.patch
4bff0a
Patch0141: 0141-journald-make-it-clear-that-dev_kmsg_record-modifies.patch
4bff0a
Patch0142: 0142-journald-free-the-allocated-memory-before-returning-.patch
4bff0a
Patch0143: 0143-tests-rework-the-code-fuzzing-journald.patch
4bff0a
Patch0144: 0144-journald-make-server_process_native_message-compatib.patch
4bff0a
Patch0145: 0145-tests-add-a-fuzzer-for-server_process_native_message.patch
4bff0a
Patch0146: 0146-tests-add-a-fuzzer-for-sd-ndisc.patch
4bff0a
Patch0147: 0147-ndisc-fix-two-infinite-loops.patch
4bff0a
Patch0148: 0148-tests-add-reproducers-for-several-issues-uncovered-w.patch
4bff0a
Patch0149: 0149-tests-add-a-reproducer-for-an-infinite-loop-in-ndisc.patch
4bff0a
Patch0150: 0150-tests-add-a-reproducer-for-another-infinite-loop-in-.patch
4bff0a
Patch0151: 0151-fuzz-rename-fuzz-corpus-directory-to-just-fuzz.patch
4bff0a
Patch0152: 0152-test-add-testcase-for-issue-10007-by-oss-fuzz.patch
4bff0a
Patch0153: 0153-fuzz-unify-the-fuzz-regressions-directory-with-the-m.patch
4bff0a
Patch0154: 0154-test-bus-marshal-use-cescaping-instead-of-hexmem.patch
4bff0a
Patch0155: 0155-meson-add-Dlog-trace-to-set-LOG_TRACE.patch
4bff0a
Patch0156: 0156-meson-allow-building-resolved-and-machined-without-n.patch
4bff0a
Patch0157: 0157-meson-drop-duplicated-condition.patch
4bff0a
Patch0158: 0158-meson-use-.source_root-in-more-places.patch
4bff0a
Patch0159: 0159-meson-treat-all-fuzz-cases-as-unit-tests.patch
4bff0a
Patch0160: 0160-fuzz-bus-message-add-fuzzer-for-message-parsing.patch
4bff0a
Patch0161: 0161-bus-message-use-structured-initialization-to-avoid-u.patch
4bff0a
Patch0162: 0162-bus-message-avoid-an-infinite-loop-on-empty-structur.patch
4bff0a
Patch0163: 0163-bus-message-let-s-always-use-EBADMSG-when-the-messag.patch
4bff0a
Patch0164: 0164-bus-message-rename-function-for-clarity.patch
4bff0a
Patch0165: 0165-bus-message-use-define.patch
4bff0a
Patch0166: 0166-bus-do-not-print-null-if-the-message-has-unknown-typ.patch
4bff0a
Patch0167: 0167-bus-message-fix-calculation-of-offsets-table.patch
4bff0a
Patch0168: 0168-bus-message-remove-duplicate-assignment.patch
4bff0a
Patch0169: 0169-bus-message-fix-calculation-of-offsets-table-for-arr.patch
4bff0a
Patch0170: 0170-bus-message-drop-asserts-in-functions-which-are-wrap.patch
4bff0a
Patch0171: 0171-bus-message-output-debug-information-about-offset-tr.patch
4bff0a
Patch0172: 0172-bus-message-fix-skipping-of-array-fields-in-gvariant.patch
4bff0a
Patch0173: 0173-bus-message-also-properly-copy-struct-signature-when.patch
4bff0a
Patch0174: 0174-fuzz-bus-message-add-two-test-cases-that-pass-now.patch
4bff0a
Patch0175: 0175-bus-message-return-EBADMSG-not-EINVAL-on-invalid-gva.patch
4bff0a
Patch0176: 0176-bus-message-avoid-wrap-around-when-using-length-read.patch
4bff0a
Patch0177: 0177-util-do-not-use-stack-frame-for-parsing-arbitrary-in.patch
4bff0a
Patch0178: 0178-travis-enable-ASan-and-UBSan-on-RHEL8.patch
4bff0a
Patch0179: 0179-tests-keep-SYS_PTRACE-when-running-under-ASan.patch
4bff0a
Patch0180: 0180-tree-wide-various-ubsan-zero-size-memory-fixes.patch
4bff0a
Patch0181: 0181-util-introduce-memcmp_safe.patch
4bff0a
Patch0182: 0182-test-socket-util-avoid-memleak-reported-by-valgrind.patch
4bff0a
Patch0183: 0183-sd-journal-escape-binary-data-in-match_make_string.patch
4bff0a
Patch0184: 0184-capability-introduce-CAP_TO_MASK_CORRECTED-macro-rep.patch
4bff0a
Patch0185: 0185-sd-bus-use-size_t-when-dealing-with-memory-offsets.patch
4bff0a
Patch0186: 0186-sd-bus-call-cap_last_cap-only-once-in-has_cap.patch
4bff0a
Patch0187: 0187-mount-point-honour-AT_SYMLINK_FOLLOW-correctly.patch
4bff0a
Patch0188: 0188-travis-switch-from-trusty-to-xenial.patch
4bff0a
Patch0189: 0189-test-socket-util-Add-tests-for-receive_fd_iov-and-fr.patch
4bff0a
Patch0190: 0190-socket-util-Introduce-send_one_fd_iov-and-receive_on.patch
4bff0a
Patch0191: 0191-core-swap-order-of-n_storage_fds-and-n_socket_fds-pa.patch
4bff0a
Patch0192: 0192-execute-use-our-usual-syntax-for-defining-bit-masks.patch
4bff0a
Patch0193: 0193-core-introduce-new-Type-exec-service-type.patch
4bff0a
Patch0194: 0194-man-document-the-new-Type-exec-type.patch
4bff0a
Patch0195: 0195-sd-bus-allow-connecting-to-the-pseudo-container-.hos.patch
4bff0a
Patch0196: 0196-sd-login-let-s-also-make-sd-login-understand-.host.patch
4bff0a
Patch0197: 0197-test-add-test-for-Type-exec.patch
4bff0a
Patch0198: 0198-journal-gateway-explicitly-declare-local-variables.patch
4bff0a
Patch0199: 0199-tools-drop-unused-variable.patch
4bff0a
Patch0200: 0200-journal-gateway-use-localStorage-cursor-only-when-it.patch
4bff0a
Patch0201: 0201-sd-bus-deal-with-cookie-overruns.patch
4bff0a
Patch0202: 0202-journal-remote-do-not-request-Content-Length-if-Tran.patch
4bff0a
Patch0203: 0203-journal-do-not-remove-multiple-spaces-after-identifi.patch
4bff0a
Patch0204: 0204-cryptsetup-Do-not-fallback-to-PLAIN-mapping-if-LUKS-.patch
4bff0a
Patch0205: 0205-cryptsetup-call-crypt_load-for-LUKS-only-once.patch
4bff0a
Patch0206: 0206-cryptsetup-Add-LUKS2-token-support.patch
4bff0a
Patch0207: 0207-udev-scsi_id-fix-incorrect-page-length-when-get-devi.patch
4bff0a
Patch0208: 0208-Change-job-mode-of-manager-triggered-restarts-to-JOB.patch
4bff0a
Patch0209: 0209-bash-completion-analyze-support-security.patch
4bff0a
Patch0210: 0210-man-note-that-journal-does-not-validate-syslog-field.patch
4bff0a
Patch0211: 0211-rules-skip-memory-hotplug-on-ppc64.patch
4bff0a
Patch0212: 0212-mount-simplify-proc-self-mountinfo-handler.patch
4bff0a
Patch0213: 0213-mount-rescan-proc-self-mountinfo-before-processing-w.patch
4bff0a
Patch0214: 0214-swap-scan-proc-swaps-before-processing-waitid-result.patch
4bff0a
Patch0215: 0215-analyze-security-fix-potential-division-by-zero.patch
b9a53a
Patch0216: 0216-core-never-propagate-reload-failure-to-service-resul.patch
b9a53a
Patch0217: 0217-man-document-systemd-analyze-security.patch
b9a53a
Patch0218: 0218-man-reorder-and-add-examples-to-systemd-analyze-1.patch
b9a53a
Patch0219: 0219-travis-move-to-CentOS-8-docker-images.patch
b9a53a
Patch0220: 0220-travis-drop-SCL-remains.patch
b9a53a
Patch0221: 0221-syslog-fix-segfault-in-syslog_parse_priority.patch
b9a53a
Patch0222: 0222-sd-bus-make-strict-asan-shut-up.patch
b9a53a
Patch0223: 0223-travis-don-t-run-slow-tests-under-ASan-UBSan.patch
b9a53a
Patch0224: 0224-kernel-install-do-not-require-non-empty-kernel-cmdli.patch
b9a53a
Patch0225: 0225-ask-password-prevent-buffer-overrow-when-reading-fro.patch
b9a53a
Patch0226: 0226-core-try-to-reopen-dev-kmsg-again-right-after-mounti.patch
b9a53a
Patch0227: 0227-buildsys-don-t-garbage-collect-sections-while-linkin.patch
b9a53a
Patch0228: 0228-udev-introduce-CONST-key-name.patch
b9a53a
Patch0229: 0229-Call-getgroups-to-know-size-of-supplementary-groups-.patch
b9a53a
Patch0230: 0230-Consider-smb3-as-remote-filesystem.patch
b9a53a
Patch0231: 0231-process-util-introduce-pid_is_my_child-helper.patch
b9a53a
Patch0232: 0232-core-reduce-the-number-of-stalled-PIDs-from-the-watc.patch
b9a53a
Patch0233: 0233-core-only-watch-processes-when-it-s-really-necessary.patch
b9a53a
Patch0234: 0234-core-implement-per-unit-journal-rate-limiting.patch
b9a53a
Patch0235: 0235-path-stop-watching-path-specs-once-we-triggered-the-.patch
b9a53a
Patch0236: 0236-journald-fixed-assertion-failure-when-system-journal.patch
b9a53a
Patch0237: 0237-test-use-PBKDF2-instead-of-Argon2-in-cryptsetup.patch
b9a53a
Patch0238: 0238-test-mask-several-unnecessary-services.patch
b9a53a
Patch0239: 0239-test-bump-the-second-partition-s-size-to-50M.patch
b9a53a
Patch0240: 0240-shared-sleep-config-exclude-zram-devices-from-hibern.patch
b9a53a
Patch0241: 0241-selinux-don-t-log-SELINUX_INFO-and-SELINUX_WARNING-m.patch
b9a53a
Patch0242: 0242-sd-device-introduce-log_device_-macros.patch
b9a53a
Patch0243: 0243-udev-Add-id-program-and-rule-for-FIDO-security-token.patch
b9a53a
Patch0244: 0244-shared-but-util-drop-trusted-annotation-from-bus_ope.patch
b9a53a
Patch0245: 0245-sd-bus-adjust-indentation-of-comments.patch
b9a53a
Patch0246: 0246-resolved-do-not-run-loop-twice.patch
b9a53a
Patch0247: 0247-resolved-allow-access-to-Set-Link-and-Revert-methods.patch
b9a53a
Patch0248: 0248-resolved-query-polkit-only-after-parsing-the-data.patch
b9a53a
Patch0249: 0249-journal-rely-on-_cleanup_free_-to-free-a-temporary-s.patch
b9a53a
Patch0250: 0250-basic-user-util-allow-dots-in-user-names.patch
b9a53a
Patch0251: 0251-sd-bus-bump-message-queue-size-again.patch
b9a53a
Patch0252: 0252-tests-put-fuzz_journald_processing_function-in-a-.c-.patch
b9a53a
Patch0253: 0253-tests-add-a-fuzzer-for-dev_kmsg_record.patch
b9a53a
Patch0254: 0254-basic-remove-an-assertion-from-cunescape_one.patch
b9a53a
Patch0255: 0255-journal-fix-an-off-by-one-error-in-dev_kmsg_record.patch
b9a53a
Patch0256: 0256-tests-add-a-reproducer-for-a-memory-leak-fixed-in-30.patch
b9a53a
Patch0257: 0257-tests-add-a-reproducer-for-a-heap-buffer-overflow-fi.patch
b9a53a
Patch0258: 0258-test-initialize-syslog_fd-in-fuzz-journald-kmsg-too.patch
b9a53a
Patch0259: 0259-tests-add-a-fuzzer-for-process_audit_string.patch
b9a53a
Patch0260: 0260-journald-check-whether-sscanf-has-changed-the-value-.patch
b9a53a
Patch0261: 0261-tests-introduce-dummy_server_init-and-use-it-in-all-.patch
b9a53a
Patch0262: 0262-tests-add-a-fuzzer-for-journald-streams.patch
b9a53a
Patch0263: 0263-tests-add-a-fuzzer-for-server_process_native_file.patch
b9a53a
Patch0264: 0264-fuzz-journal-stream-avoid-assertion-failure-on-sampl.patch
b9a53a
Patch0265: 0265-journald-take-leading-spaces-into-account-in-syslog_.patch
b9a53a
Patch0266: 0266-Add-a-warning-about-the-difference-in-permissions-be.patch
b9a53a
Patch0267: 0267-execute-remove-one-redundant-comparison-check.patch
b9a53a
Patch0268: 0268-core-change-ownership-mode-of-the-execution-director.patch
b9a53a
Patch0269: 0269-core-dbus-execute-remove-unnecessary-initialization.patch
b9a53a
Patch0270: 0270-shared-cpu-set-util-move-the-part-to-print-cpu-set-i.patch
b9a53a
Patch0271: 0271-shared-cpu-set-util-remove-now-unused-CPU_SIZE_TO_NU.patch
b9a53a
Patch0272: 0272-Rework-cpu-affinity-parsing.patch
b9a53a
Patch0273: 0273-Move-cpus_in_affinity_mask-to-cpu-set-util.-ch.patch
b9a53a
Patch0274: 0274-test-cpu-set-util-add-simple-test-for-cpus_in_affini.patch
b9a53a
Patch0275: 0275-test-cpu-set-util-add-a-smoke-test-for-test_parse_cp.patch
b9a53a
Patch0276: 0276-pid1-parse-CPUAffinity-in-incremental-fashion.patch
b9a53a
Patch0277: 0277-pid1-don-t-reset-setting-from-proc-cmdline-upon-rest.patch
b9a53a
Patch0278: 0278-pid1-when-reloading-configuration-forget-old-setting.patch
b9a53a
Patch0279: 0279-test-execute-use-CPUSet-too.patch
b9a53a
Patch0280: 0280-shared-cpu-set-util-drop-now-unused-cleanup-function.patch
b9a53a
Patch0281: 0281-shared-cpu-set-util-make-transfer-of-cpu_set_t-over-.patch
b9a53a
Patch0282: 0282-test-cpu-set-util-add-test-for-dbus-conversions.patch
b9a53a
Patch0283: 0283-shared-cpu-set-util-introduce-cpu_set_to_range.patch
b9a53a
Patch0284: 0284-systemctl-present-CPUAffinity-mask-as-a-list-of-CPU-.patch
b9a53a
Patch0285: 0285-shared-cpu-set-util-only-force-range-printing-one-ti.patch
b9a53a
Patch0286: 0286-execute-dump-CPUAffinity-as-a-range-string-instead-o.patch
b9a53a
Patch0287: 0287-cpu-set-util-use-d-d-format-in-cpu_set_to_range_stri.patch
b9a53a
Patch0288: 0288-core-introduce-NUMAPolicy-and-NUMAMask-options.patch
b9a53a
Patch0289: 0289-core-disable-CPUAccounting-by-default.patch
b9a53a
Patch0290: 0290-set-kptr_restrict-1.patch
b9a53a
Patch0291: 0291-cryptsetup-reduce-the-chance-that-we-will-be-OOM-kil.patch
b9a53a
Patch0292: 0292-core-job-fix-breakage-of-ordering-dependencies-by-sy.patch
b9a53a
Patch0293: 0293-debug-generator-enable-custom-systemd.debug_shell-tt.patch
b9a53a
Patch0294: 0294-test-cpu-set-util-fix-comparison-for-allocation-size.patch
b9a53a
Patch0295: 0295-test-cpu-set-util-fix-allocation-size-check-on-i386.patch
b9a53a
Patch0296: 0296-catalog-fix-name-of-variable.patch
b9a53a
Patch0297: 0297-cryptsetup-add-keyfile-timeout-to-allow-a-keydev-tim.patch
b9a53a
Patch0298: 0298-cryptsetup-add-documentation-for-keyfile-timeout.patch
b9a53a
Patch0299: 0299-cryptsetup-use-unabbrieviated-variable-names.patch
b9a53a
Patch0300: 0300-cryptsetup-don-t-assert-on-variable-which-is-optiona.patch
b9a53a
Patch0301: 0301-cryptsetup-generator-guess-whether-the-keyfile-argum.patch
b9a53a
Patch0302: 0302-crypt-util-Translate-libcryptsetup-log-level-instead.patch
b9a53a
Patch0303: 0303-cryptsetup-add-some-commenting-about-EAGAIN-generati.patch
b9a53a
Patch0304: 0304-cryptsetup-downgrade-a-log-message-we-ignore.patch
b9a53a
Patch0305: 0305-cryptsetup-rework-how-we-log-about-activation-failur.patch
b9a53a
Patch0306: 0306-rules-reintroduce-60-alias-kmsg.rules.patch
b9a53a
Patch0307: 0307-sd-bus-make-rqueue-wqueue-sizes-of-type-size_t.patch
b9a53a
Patch0308: 0308-sd-bus-reorder-bus-ref-and-bus-message-ref-handling.patch
b9a53a
Patch0309: 0309-sd-bus-make-sure-dispatch_rqueue-initializes-return-.patch
b9a53a
Patch0310: 0310-sd-bus-drop-two-inappropriate-empty-lines.patch
b9a53a
Patch0311: 0311-sd-bus-initialize-mutex-after-we-allocated-the-wqueu.patch
b9a53a
Patch0312: 0312-sd-bus-always-go-through-sd_bus_unref-to-free-messag.patch
b9a53a
Patch0313: 0313-bus-message-introduce-two-kinds-of-references-to-bus.patch
b9a53a
Patch0314: 0314-sd-bus-introduce-API-for-re-enqueuing-incoming-messa.patch
b9a53a
Patch0315: 0315-sd-event-add-sd_event_source_disable_unref-helper.patch
b9a53a
Patch0316: 0316-polkit-when-authorizing-via-PK-let-s-re-resolve-call.patch
b9a53a
Patch0317: 0317-sysctl-let-s-by-default-increase-the-numeric-PID-ran.patch
b9a53a
Patch0318: 0318-journal-do-not-trigger-assertion-when-journal_file_c.patch
b9a53a
Patch0319: 0319-journal-use-cleanup-attribute-at-one-more-place.patch
b9a53a
Patch0320: 0320-sd-bus-use-queue-message-references-for-managing-r-w.patch
b9a53a
Patch0321: 0321-pid1-make-sure-to-restore-correct-default-values-for.patch
b9a53a
Patch0322: 0322-main-introduce-a-define-HIGH_RLIMIT_MEMLOCK-similar-.patch
b9a53a
Patch0323: 0323-seccomp-introduce-seccomp_restrict_suid_sgid-for-blo.patch
b9a53a
Patch0324: 0324-test-add-test-case-for-restrict_suid_sgid.patch
b9a53a
Patch0325: 0325-core-expose-SUID-SGID-restriction-as-new-unit-settin.patch
b9a53a
Patch0326: 0326-analyze-check-for-RestrictSUIDSGID-in-systemd-analyz.patch
b9a53a
Patch0327: 0327-man-document-the-new-RestrictSUIDSGID-setting.patch
b9a53a
Patch0328: 0328-units-turn-on-RestrictSUIDSGID-in-most-of-our-long-r.patch
b9a53a
Patch0329: 0329-core-imply-NNP-and-SUID-SGID-restriction-for-Dynamic.patch
b9a53a
Patch0330: 0330-cgroup-introduce-support-for-cgroup-v2-CPUSET-contro.patch
b9a53a
Patch0331: 0331-pid1-fix-DefaultTasksMax-initialization.patch
b9a53a
Patch0332: 0332-cgroup-make-sure-that-cpuset-is-supported-on-cgroup-.patch
b9a53a
Patch0333: 0333-test-introduce-TEST-36-NUMAPOLICY.patch
b9a53a
Patch0334: 0334-test-replace-tail-f-with-journal-cursor-which-should.patch
b9a53a
Patch0335: 0335-test-support-MPOL_LOCAL-matching-in-unpatched-strace.patch
b9a53a
Patch0336: 0336-test-make-sure-the-strace-process-is-indeed-dead.patch
b9a53a
Patch0337: 0337-test-skip-the-test-on-systems-without-NUMA-support.patch
b9a53a
Patch0338: 0338-test-give-strace-some-time-to-initialize.patch
b9a53a
Patch0339: 0339-test-add-a-simple-sanity-check-for-systems-without-N.patch
b9a53a
Patch0340: 0340-test-drop-the-missed-exit-1-expression.patch
b9a53a
Patch0341: 0341-test-replace-cursor-file-with-a-plain-cursor.patch
b9a53a
Patch0342: 0342-cryptsetup-Treat-key-file-errors-as-a-failed-passwor.patch
52b84b
Patch0343: 0343-swap-finish-the-secondary-swap-units-jobs-if-deactiv.patch
52b84b
Patch0344: 0344-resolved-Recover-missing-PrivateTmp-yes-and-ProtectS.patch
52b84b
Patch0345: 0345-bus_open-leak-sd_event_source-when-udevadm-trigger.patch
52b84b
Patch0346: 0346-core-rework-StopWhenUnneeded-logic.patch
52b84b
Patch0347: 0347-pid1-fix-the-names-of-AllowedCPUs-and-AllowedMemoryN.patch
52b84b
Patch0348: 0348-core-fix-re-realization-of-cgroup-siblings.patch
52b84b
Patch0349: 0349-basic-use-comma-as-separator-in-cpuset-cgroup-cpu-ra.patch
52b84b
Patch0350: 0350-core-transition-to-FINAL_SIGTERM-state-after-ExecSto.patch
52b84b
Patch0351: 0351-sd-journal-close-journal-files-that-were-deleted-by-.patch
52b84b
Patch0352: 0352-sd-journal-remove-the-dead-code-and-actually-fix-146.patch
52b84b
Patch0353: 0353-udev-downgrade-message-when-we-fail-to-set-inotify-w.patch
52b84b
Patch0354: 0354-logind-check-PolicyKit-before-allowing-VT-switch.patch
52b84b
Patch0355: 0355-test-do-not-use-global-variable-to-pass-error.patch
52b84b
Patch0356: 0356-test-install-libraries-required-by-tests.patch
52b84b
Patch0357: 0357-test-introduce-install_zoneinfo.patch
52b84b
Patch0358: 0358-test-replace-duplicated-Makefile-by-symbolic-link.patch
52b84b
Patch0359: 0359-test-add-paths-of-keymaps-in-install_keymaps.patch
52b84b
Patch0360: 0360-test-make-install_keymaps-optionally-install-more-ke.patch
52b84b
Patch0361: 0361-test-fs-util-skip-some-tests-when-running-in-unprivi.patch
52b84b
Patch0362: 0362-test-process-util-skip-several-verifications-when-ru.patch
52b84b
Patch0363: 0363-test-execute-also-check-python3-is-installed-or-not.patch
52b84b
Patch0364: 0364-test-execute-skip-several-tests-when-running-in-cont.patch
52b84b
Patch0365: 0365-test-introduce-test_is_running_from_builddir.patch
52b84b
Patch0366: 0366-test-make-test-catalog-relocatable.patch
52b84b
Patch0367: 0367-test-parallelize-tasks-in-TEST-24-UNIT-TESTS.patch
52b84b
Patch0368: 0368-test-try-to-determine-QEMU_SMP-dynamically.patch
52b84b
Patch0369: 0369-test-store-coredumps-in-journal.patch
52b84b
Patch0370: 0370-pid1-add-new-kernel-cmdline-arg-systemd.cpu_affinity.patch
52b84b
Patch0371: 0371-udev-rules-make-tape-changers-also-apprear-in-dev-ta.patch
52b84b
Patch0372: 0372-man-be-clearer-that-.timer-time-expressions-need-to-.patch
52b84b
Patch0373: 0373-Add-support-for-opening-files-for-appending.patch
52b84b
Patch0374: 0374-nspawn-move-payload-to-sub-cgroup-first-then-sync-cg.patch
52b84b
Patch0375: 0375-nspawn-chown-the-legacy-hierarchy-when-it-s-used-in-.patch
52b84b
Patch0376: 0376-core-move-unit_status_emit_starting_stopping_reloadi.patch
52b84b
Patch0377: 0377-job-when-a-job-was-skipped-due-to-a-failed-condition.patch
52b84b
Patch0378: 0378-core-split-out-all-logic-that-updates-a-Job-on-a-uni.patch
52b84b
Patch0379: 0379-core-make-log-messages-about-units-entering-a-failed.patch
52b84b
Patch0380: 0380-core-log-a-recognizable-message-when-a-unit-succeeds.patch
52b84b
Patch0381: 0381-tests-always-use-the-right-vtable-wrapper-calls.patch
52b84b
Patch0382: 0382-test-execute-allow-filtering-test-cases-by-pattern.patch
52b84b
Patch0383: 0383-test-execute-provide-custom-failure-message.patch
52b84b
Patch0384: 0384-core-ExecCondition-for-services.patch
52b84b
Patch0385: 0385-Drop-support-for-lz4-1.3.0.patch
52b84b
Patch0386: 0386-test-compress-add-test-for-short-decompress_startswi.patch
52b84b
Patch0387: 0387-journal-adapt-for-new-improved-LZ4_decompress_safe_p.patch
52b84b
Patch0388: 0388-fuzz-compress-add-fuzzer-for-compression-and-decompr.patch
52b84b
Patch0389: 0389-seccomp-fix-__NR__sysctl-usage.patch
52b84b
Patch0390: 0390-tmpfiles-fix-crash-with-NULL-in-arg_root-and-other-f.patch
52b84b
Patch0391: 0391-sulogin-shell-Use-force-if-SYSTEMD_SULOGIN_FORCE-set.patch
52b84b
Patch0392: 0392-resolvconf-fixes-for-the-compatibility-interface.patch
52b84b
Patch0393: 0393-mount-don-t-add-Requires-for-tmp.mount.patch
52b84b
Patch0394: 0394-core-coldplug-possible-nop_job.patch
52b84b
Patch0395: 0395-core-add-IODeviceLatencyTargetSec.patch
52b84b
Patch0396: 0396-time-util-Introduce-parse_sec_def_infinity.patch
52b84b
Patch0397: 0397-cgroup-use-structured-initialization.patch
52b84b
Patch0398: 0398-core-add-CPUQuotaPeriodSec.patch
52b84b
Patch0399: 0399-core-downgrade-CPUQuotaPeriodSec-clamping-logs-to-de.patch
52b84b
Patch0400: 0400-sd-bus-avoid-magic-number-in-SASL-length-calculation.patch
52b84b
Patch0401: 0401-sd-bus-fix-SASL-reply-to-empty-AUTH.patch
52b84b
Patch0402: 0402-sd-bus-skip-sending-formatted-UIDs-via-SASL.patch
52b84b
Patch0403: 0403-core-add-MemoryMin.patch
52b84b
Patch0404: 0404-core-introduce-cgroup_add_device_allow.patch
52b84b
Patch0405: 0405-test-remove-support-for-suffix-in-get_testdata_dir.patch
52b84b
Patch0406: 0406-cgroup-Implement-default-propagation-of-MemoryLow-wi.patch
52b84b
Patch0407: 0407-cgroup-Create-UNIT_DEFINE_ANCESTOR_MEMORY_LOOKUP.patch
52b84b
Patch0408: 0408-unit-Add-DefaultMemoryMin.patch
52b84b
Patch0409: 0409-cgroup-Polish-hierarchically-aware-protection-docs-a.patch
52b84b
Patch0410: 0410-cgroup-Readd-some-plumbing-for-DefaultMemoryMin.patch
52b84b
Patch0411: 0411-cgroup-Support-0-value-for-memory-protection-directi.patch
52b84b
Patch0412: 0412-cgroup-Test-that-it-s-possible-to-set-memory-protect.patch
52b84b
Patch0413: 0413-cgroup-Check-ancestor-memory-min-for-unified-memory-.patch
52b84b
Patch0414: 0414-cgroup-Respect-DefaultMemoryMin-when-setting-memory..patch
52b84b
Patch0415: 0415-cgroup-Mark-memory-protections-as-explicitly-set-in-.patch
52b84b
Patch0416: 0416-meson-allow-setting-the-version-string-during-config.patch
52b84b
Patch0417: 0417-core-don-t-consider-SERVICE_SKIP_CONDITION-for-abnor.patch
52b84b
Patch0418: 0418-selinux-do-preprocessor-check-only-in-selinux-access.patch
52b84b
Patch0419: 0419-basic-cgroup-util-introduce-cg_get_keyed_attribute_f.patch
52b84b
Patch0420: 0420-shared-add-generic-logic-for-waiting-for-a-unit-to-e.patch
52b84b
Patch0421: 0421-shared-fix-assert-call.patch
52b84b
Patch0422: 0422-shared-Don-t-try-calling-NULL-callback-in-bus_wait_f.patch
52b84b
Patch0423: 0423-shared-add-NULL-callback-check-in-one-more-place.patch
52b84b
Patch0424: 0424-core-introduce-support-for-cgroup-freezer.patch
52b84b
Patch0425: 0425-core-cgroup-fix-return-value-of-unit_cgorup_freezer_.patch
52b84b
Patch0426: 0426-core-fix-the-return-value-in-order-to-make-sure-we-d.patch
52b84b
Patch0427: 0427-test-add-test-for-cgroup-v2-freezer-support.patch
52b84b
Patch0428: 0428-fix-mis-merge.patch
52b84b
Patch0429: 0429-tests-sleep-a-bit-and-give-kernel-time-to-perform-th.patch
52b84b
Patch0430: 0430-device-make-sure-we-emit-PropertiesChanged-signal-on.patch
52b84b
Patch0431: 0431-device-don-t-emit-PropetiesChanged-needlessly.patch
52b84b
Patch0432: 0432-units-add-generic-boot-complete.target.patch
52b84b
Patch0433: 0433-man-document-new-boot-complete.target-unit.patch
52b84b
Patch0434: 0434-core-make-sure-to-restore-the-control-command-id-too.patch
0b4d5a
Patch0435: 0435-cgroup-freezer-action-must-be-NOP-when-cgroup-v2-fre.patch
bdc714
Patch0436: 0436-logind-don-t-print-warning-when-user-.service-templa.patch
21255d
Patch0437: 0437-build-use-simple-project-version-in-pkgconfig-files.patch
21255d
Patch0438: 0438-basic-virt-try-the-proc-1-sched-hack-also-for-PID1.patch
21255d
Patch0439: 0439-seccomp-rework-how-the-S-UG-ID-filter-is-installed.patch
21255d
Patch0440: 0440-vconsole-setup-downgrade-log-message-when-setting-fo.patch
21255d
Patch0441: 0441-units-fix-systemd.special-man-page-reference-in-syst.patch
21255d
Patch0442: 0442-units-drop-reference-to-sushell-man-page.patch
21255d
Patch0443: 0443-sd-bus-break-the-loop-in-bus_ensure_running-if-the-b.patch
21255d
Patch0444: 0444-core-add-new-API-for-enqueing-a-job-with-returning-t.patch
21255d
Patch0445: 0445-systemctl-replace-switch-statement-by-table-of-struc.patch
21255d
Patch0446: 0446-systemctl-reindent-table.patch
21255d
Patch0447: 0447-systemctl-Only-wait-when-there-s-something-to-wait-f.patch
21255d
Patch0448: 0448-systemctl-clean-up-start_unit_one-error-handling.patch
21255d
Patch0449: 0449-systemctl-split-out-extra-args-generation-into-helpe.patch
21255d
Patch0450: 0450-systemctl-add-new-show-transaction-switch.patch
21255d
Patch0451: 0451-test-add-some-basic-testing-that-systemctl-start-T-d.patch
21255d
Patch0452: 0452-man-document-the-new-systemctl-show-transaction-opti.patch
21255d
Patch0453: 0453-socket-New-option-FlushPending-boolean-to-flush-sock.patch
21255d
Patch0454: 0454-core-remove-support-for-API-bus-started-outside-our-.patch
21255d
Patch0455: 0455-mount-setup-fix-segfault-in-mount_cgroup_controllers.patch
21255d
Patch0456: 0456-dbus-execute-make-transfer-of-CPUAffinity-endian-saf.patch
21255d
Patch0457: 0457-core-add-support-for-setting-CPUAffinity-to-special-.patch
21255d
Patch0458: 0458-basic-user-util-always-use-base-10-for-user-group-nu.patch
21255d
Patch0459: 0459-parse-util-sometimes-it-is-useful-to-check-if-a-stri.patch
21255d
Patch0460: 0460-basic-parse-util-add-safe_atoux64.patch
21255d
Patch0461: 0461-parse-util-allow-tweaking-how-to-parse-integers.patch
21255d
Patch0462: 0462-parse-util-allow-0-as-alternative-to-0-and-0.patch
21255d
Patch0463: 0463-parse-util-make-return-parameter-optional-in-safe_at.patch
21255d
Patch0464: 0464-parse-util-rewrite-parse_mode-on-top-of-safe_atou_fu.patch
21255d
Patch0465: 0465-user-util-be-stricter-in-parse_uid.patch
21255d
Patch0466: 0466-strv-add-new-macro-STARTSWITH_SET.patch
21255d
Patch0467: 0467-parse-util-also-parse-integers-prefixed-with-0b-and-.patch
21255d
Patch0468: 0468-tests-beef-up-integer-parsing-tests.patch
21255d
Patch0469: 0469-shared-user-util-add-compat-forms-of-user-name-check.patch
21255d
Patch0470: 0470-shared-user-util-emit-a-warning-on-names-with-dots.patch
21255d
Patch0471: 0471-user-util-Allow-names-starting-with-a-digit.patch
21255d
Patch0472: 0472-shared-user-util-allow-usernames-with-dots-in-specif.patch
21255d
Patch0473: 0473-user-util-switch-order-of-checks-in-valid_user_group.patch
21255d
Patch0474: 0474-user-util-rework-how-we-validate-user-names.patch
21255d
Patch0475: 0475-man-mention-System-Administrator-s-Guide-in-systemct.patch
21255d
Patch0476: 0476-udev-introduce-udev-net_id-naming-schemes.patch
21255d
Patch0477: 0477-meson-make-net.naming-scheme-default-configurable.patch
21255d
Patch0478: 0478-man-describe-naming-schemes-in-a-new-man-page.patch
21255d
Patch0479: 0479-udev-net_id-parse-_SUN-ACPI-index-as-a-signed-intege.patch
21255d
Patch0480: 0480-udev-net_id-don-t-generate-slot-based-names-if-multi.patch
21255d
Patch0481: 0481-fix-typo-in-ProtectSystem-option.patch
21255d
Patch0482: 0482-remove-references-of-non-existent-man-pages.patch
21255d
Patch0483: 0483-log-Prefer-logging-to-CLI-unless-JOURNAL_STREAM-is-s.patch
21255d
Patch0484: 0484-locale-util-add-new-helper-locale_is_installed.patch
21255d
Patch0485: 0485-test-add-test-case-for-locale_is_installed.patch
21255d
Patch0486: 0486-tree-wide-port-various-bits-over-to-locale_is_instal.patch
21255d
Patch0487: 0487-install-allow-instantiated-units-to-be-enabled-via-p.patch
21255d
Patch0488: 0488-install-small-refactor-to-combine-two-function-calls.patch
21255d
Patch0489: 0489-test-fix-a-memleak.patch
21255d
Patch0490: 0490-docs-Add-syntax-for-templated-units-to-systemd.prese.patch
21255d
Patch0491: 0491-shared-install-fix-preset-operations-for-non-service.patch
21255d
Patch0492: 0492-introduce-setsockopt_int-helper.patch
21255d
Patch0493: 0493-socket-util-add-generic-socket_pass_pktinfo-helper.patch
21255d
Patch0494: 0494-core-add-new-PassPacketInfo-socket-unit-property.patch
21255d
Patch0495: 0495-resolved-tweak-cmsg-calculation.patch
21255d
Patch0496: 0496-ci-PowerTools-repo-was-renamed-to-powertools-in-RHEL.patch
21255d
Patch0497: 0497-ci-use-quay.io-instead-of-Docker-Hub-to-avoid-rate-l.patch
21255d
Patch0498: 0498-ci-move-jobs-from-Travis-CI-to-GH-Actions.patch
21255d
Patch0499: 0499-unit-make-UNIT-cast-function-deal-with-NULL-pointers.patch
21255d
Patch0500: 0500-use-link-to-RHEL-8-docs.patch
21255d
Patch0501: 0501-cgroup-Also-set-blkio.bfq.weight.patch
21255d
Patch0502: 0502-units-make-sure-initrd-cleanup.service-terminates-be.patch
21255d
Patch0503: 0503-core-reload-SELinux-label-cache-on-daemon-reload.patch
21255d
Patch0504: 0504-selinux-introduce-mac_selinux_create_file_prepare_at.patch
21255d
Patch0505: 0505-selinux-add-trigger-for-policy-reload-to-refresh-int.patch
21255d
Patch0506: 0506-udev-net_id-give-RHEL-8.4-naming-scheme-a-name.patch
21255d
Patch0507: 0507-basic-stat-util-make-mtime-check-stricter-and-use-en.patch
21255d
Patch0508: 0508-udev-make-algorithm-that-selects-highest-priority-de.patch
21255d
Patch0509: 0509-test-create-dev-null-in-test-udev.pl.patch
21255d
Patch0510: 0510-test-missing-die.patch
21255d
Patch0511: 0511-udev-test-remove-a-check-for-whether-the-test-is-run.patch
21255d
Patch0512: 0512-udev-test-skip-the-test-only-if-it-can-t-setup-its-e.patch
21255d
Patch0513: 0513-udev-test-fix-test-skip-condition.patch
21255d
Patch0514: 0514-udev-test-fix-missing-directory-test-run.patch
21255d
Patch0515: 0515-udev-test-check-if-permitted-to-create-block-device-.patch
21255d
Patch0516: 0516-test-udev-add-a-testcase-of-too-long-line.patch
21255d
Patch0517: 0517-test-udev-use-proper-semantics-for-too-long-line-wit.patch
21255d
Patch0518: 0518-test-udev-add-more-tests-for-line-continuations-and-.patch
21255d
Patch0519: 0519-test-udev-add-more-tests-for-line-continuation.patch
21255d
Patch0520: 0520-test-udev-fix-alignment-and-drop-unnecessary-white-s.patch
21255d
Patch0521: 0521-test-udev-test.pl-cleanup-if-skipping-test.patch
21255d
Patch0522: 0522-test-add-test-cases-for-empty-string-match.patch
21255d
Patch0523: 0523-test-add-test-case-for-multi-matches-when-use.patch
21255d
Patch0524: 0524-udev-test-do-not-rely-on-mail-group-being-defined.patch
21255d
Patch0525: 0525-test-udev-test.pl-allow-multiple-devices-per-test.patch
21255d
Patch0526: 0526-test-udev-test.pl-create-rules-only-once.patch
21255d
Patch0527: 0527-test-udev-test.pl-allow-concurrent-additions-and-rem.patch
21255d
Patch0528: 0528-test-udev-test.pl-use-computed-devnode-name.patch
21255d
Patch0529: 0529-test-udev-test.pl-test-correctness-of-symlink-target.patch
21255d
Patch0530: 0530-test-udev-test.pl-allow-checking-multiple-symlinks.patch
21255d
Patch0531: 0531-test-udev-test.pl-fix-wrong-test-descriptions.patch
21255d
Patch0532: 0532-test-udev-test.pl-last_rule-is-unsupported.patch
21255d
Patch0533: 0533-test-udev-test.pl-Make-some-tests-a-little-harder.patch
21255d
Patch0534: 0534-test-udev-test.pl-remove-bogus-rules-from-magic-subs.patch
21255d
Patch0535: 0535-test-udev-test.pl-merge-space-and-var-with-space-tes.patch
21255d
Patch0536: 0536-test-udev-test.pl-merge-import-parent-tests-into-one.patch
21255d
Patch0537: 0537-test-udev-test.pl-count-good-results.patch
21255d
Patch0538: 0538-tests-udev-test.pl-add-multiple-device-test.patch
21255d
Patch0539: 0539-test-udev-test.pl-add-repeat-count.patch
21255d
Patch0540: 0540-test-udev-test.pl-generator-for-large-list-of-block-.patch
21255d
Patch0541: 0541-test-udev-test.pl-suppress-umount-error-message-at-s.patch
21255d
Patch0542: 0542-test-udev_test.pl-add-expected-good-count.patch
21255d
Patch0543: 0543-test-udev-test-gracefully-exit-when-imports-fail.patch
21255d
Patch0544: 0544-Revert-test-add-test-cases-for-empty-string-match-an.patch
21255d
Patch0545: 0545-test-sys-script.py-add-missing-DEVNAME-entries-to-ue.patch
21255d
Patch0546: 0546-sd-event-split-out-helper-functions-for-reshuffling-.patch
21255d
Patch0547: 0547-sd-event-split-out-enable-and-disable-codepaths-from.patch
21255d
Patch0548: 0548-sd-event-mention-that-two-debug-logged-events-are-ig.patch
21255d
Patch0549: 0549-sd-event-split-clock-data-allocation-out-of-sd_event.patch
21255d
Patch0550: 0550-sd-event-split-out-code-to-add-remove-timer-event-so.patch
21255d
Patch0551: 0551-sd-event-fix-delays-assert-brain-o-17790.patch
21255d
Patch0552: 0552-sd-event-let-s-suffix-last_run-last_log-with-_usec.patch
21255d
Patch0553: 0553-sd-event-refuse-running-default-event-loops-in-any-o.patch
21255d
Patch0554: 0554-sd-event-ref-event-loop-while-in-sd_event_prepare-ot.patch
21255d
Patch0555: 0555-sd-event-follow-coding-style-with-naming-return-para.patch
21255d
Patch0556: 0556-sd-event-remove-earliest_index-latest_index-into-com.patch
21255d
Patch0557: 0557-sd-event-update-state-at-the-end-in-event_source_ena.patch
21255d
Patch0558: 0558-sd-event-increase-n_enabled_child_sources-just-once.patch
21255d
Patch0559: 0559-sd-event-add-ability-to-ratelimit-event-sources.patch
21255d
Patch0560: 0560-test-add-ratelimiting-test.patch
21255d
Patch0561: 0561-core-prevent-excessive-proc-self-mountinfo-parsing.patch
21255d
Patch0562: 0562-udev-run-link_update-with-increased-retry-count-in-s.patch
21255d
Patch0563: 0563-pam-systemd-use-secure_getenv-rather-than-getenv.patch
4bf4e7
Patch0564: 0564-Revert-udev-run-link_update-with-increased-retry-cou.patch
4bf4e7
Patch0565: 0565-Revert-udev-make-algorithm-that-selects-highest-prio.patch
4bf4e7
Patch0566: 0566-test-udev-test.pl-drop-test-cases-that-add-mutliple-.patch
446ea3
Patch0567: 0567-basic-unit-name-do-not-use-strdupa-on-a-path.patch
446ea3
Patch0568: 0568-sd-event-change-ordering-of-pending-ratelimited-even.patch
446ea3
Patch0569: 0569-sd-event-drop-unnecessary-else.patch
446ea3
Patch0570: 0570-sd-event-use-CMP-macro.patch
446ea3
Patch0571: 0571-sd-event-use-usec_add.patch
446ea3
Patch0572: 0572-sd-event-make-event_source_time_prioq_reshuffle-acce.patch
446ea3
Patch0573: 0573-sd-event-always-reshuffle-time-prioq-on-changing-onl.patch
446ea3
Patch0574: 0574-meson-remove-strange-dep-that-causes-meson-to-enter-.patch
446ea3
Patch0575: 0575-copy-handle-copy_file_range-weirdness-on-procfs-sysf.patch
446ea3
Patch0576: 0576-ci-run-unit-tests-on-z-stream-branches-as-well.patch
446ea3
Patch0577: 0577-remove-a-left-over-break.patch
36e8a3
36e8a3
31ac43
# Security patches
31ac43
36e8a3
%ifarch %{ix86} x86_64 aarch64
36e8a3
%global have_gnu_efi 1
36e8a3
%endif
36e8a3
36e8a3
BuildRequires:  gcc
36e8a3
BuildRequires:  gcc-c++
36e8a3
BuildRequires:  libcap-devel
36e8a3
BuildRequires:  libmount-devel
36e8a3
BuildRequires:  pam-devel
36e8a3
BuildRequires:  libselinux-devel
36e8a3
BuildRequires:  audit-libs-devel
36e8a3
BuildRequires:  cryptsetup-devel
36e8a3
BuildRequires:  dbus-devel
36e8a3
BuildRequires:  libacl-devel
36e8a3
BuildRequires:  gobject-introspection-devel
36e8a3
BuildRequires:  libblkid-devel
36e8a3
BuildRequires:  xz-devel
36e8a3
BuildRequires:  xz
36e8a3
BuildRequires:  lz4-devel
36e8a3
BuildRequires:  lz4
36e8a3
BuildRequires:  bzip2-devel
36e8a3
BuildRequires:  libidn2-devel
36e8a3
BuildRequires:  libcurl-devel
36e8a3
BuildRequires:  kmod-devel
36e8a3
BuildRequires:  elfutils-devel
36e8a3
BuildRequires:  libgcrypt-devel
36e8a3
BuildRequires:  libgpg-error-devel
36e8a3
BuildRequires:  gnutls-devel
36e8a3
BuildRequires:  libmicrohttpd-devel
36e8a3
BuildRequires:  libxkbcommon-devel
36e8a3
BuildRequires:  iptables-devel
36e8a3
BuildRequires:  libxslt
36e8a3
BuildRequires:  docbook-style-xsl
36e8a3
BuildRequires:  pkgconfig
36e8a3
BuildRequires:  gperf
36e8a3
BuildRequires:  gawk
36e8a3
BuildRequires:  tree
36e8a3
BuildRequires:  python3-devel
36e8a3
BuildRequires:  python3-lxml
36e8a3
BuildRequires:  firewalld-filesystem
36e8a3
%if 0%{?have_gnu_efi}
36e8a3
BuildRequires:  gnu-efi gnu-efi-devel
36e8a3
%endif
36e8a3
BuildRequires:  libseccomp-devel
36e8a3
BuildRequires:  git
36e8a3
BuildRequires:  meson >= 0.43
36e8a3
BuildRequires:  gettext
36e8a3
36e8a3
Requires(post): coreutils
36e8a3
Requires(post): sed
36e8a3
Requires(post): acl
36e8a3
Requires(post): grep
36e8a3
Requires(pre):  coreutils
36e8a3
Requires(pre):  /usr/bin/getent
36e8a3
Requires(pre):  /usr/sbin/groupadd
36e8a3
Requires:       dbus >= 1.9.18
36e8a3
Requires:       %{name}-pam = %{version}-%{release}
36e8a3
Requires:       %{name}-libs = %{version}-%{release}
36e8a3
Recommends:     diffutils
36e8a3
Requires:       util-linux
36e8a3
Recommends:     libxkbcommon%{?_isa}
36e8a3
Provides:       /bin/systemctl
36e8a3
Provides:       /sbin/shutdown
36e8a3
Provides:       syslog
36e8a3
Provides:       systemd-units = %{version}-%{release}
b9a53a
Provides:       systemd-rpm-macros = %{version}-%{release}
36e8a3
Obsoletes:      system-setup-keyboard < 0.9
36e8a3
Provides:       system-setup-keyboard = 0.9
36e8a3
# systemd-sysv-convert was removed in f20: https://fedorahosted.org/fpc/ticket/308
36e8a3
Obsoletes:      systemd-sysv < 206
36e8a3
# self-obsoletes so that dnf will install new subpackages on upgrade (#1260394)
36e8a3
Obsoletes:      %{name} < 229-5
36e8a3
Provides:       systemd-sysv = 206
36e8a3
Conflicts:      initscripts < 9.56.1
36e8a3
%if 0%{?fedora}
36e8a3
Conflicts:      fedora-release < 23-0.12
36e8a3
%endif
36e8a3
36e8a3
%description
36e8a3
systemd is a system and service manager that runs as PID 1 and starts
36e8a3
the rest of the system. It provides aggressive parallelization
36e8a3
capabilities, uses socket and D-Bus activation for starting services,
36e8a3
offers on-demand starting of daemons, keeps track of processes using
36e8a3
Linux control groups, maintains mount and automount points, and
36e8a3
implements an elaborate transactional dependency-based service control
36e8a3
logic. systemd supports SysV and LSB init scripts and works as a
36e8a3
replacement for sysvinit. Other parts of this package are a logging daemon,
36e8a3
utilities to control basic system configuration like the hostname,
36e8a3
date, locale, maintain a list of logged-in users, system accounts,
36e8a3
runtime directories and settings, and daemons to manage simple network
36e8a3
configuration, network time synchronization, log forwarding, and name
36e8a3
resolution.
36e8a3
36e8a3
%package libs
36e8a3
Summary:        systemd libraries
36e8a3
License:        LGPLv2+ and MIT
36e8a3
Obsoletes:      libudev < 183
36e8a3
Obsoletes:      systemd < 185-4
36e8a3
Conflicts:      systemd < 185-4
36e8a3
Obsoletes:      systemd-compat-libs < 230
36e8a3
Obsoletes:      nss-myhostname < 0.4
36e8a3
Provides:       nss-myhostname = 0.4
36e8a3
Provides:       nss-myhostname%{_isa} = 0.4
36e8a3
Requires(post): coreutils
36e8a3
Requires(post): sed
36e8a3
Requires(post): grep
36e8a3
Requires(post): /usr/bin/getent
36e8a3
36e8a3
%description libs
36e8a3
Libraries for systemd and udev.
36e8a3
36e8a3
%package pam
36e8a3
Summary:        systemd PAM module
36e8a3
Requires:       %{name} = %{version}-%{release}
36e8a3
36e8a3
%description pam
36e8a3
Systemd PAM module registers the session with systemd-logind.
36e8a3
36e8a3
%package devel
36e8a3
Summary:        Development headers for systemd
36e8a3
License:        LGPLv2+ and MIT
36e8a3
Requires:       %{name}-libs%{?_isa} = %{version}-%{release}
36e8a3
Provides:       libudev-devel = %{version}
36e8a3
Provides:       libudev-devel%{_isa} = %{version}
36e8a3
Obsoletes:      libudev-devel < 183
36e8a3
# Fake dependency to make sure systemd-pam is pulled into multilib (#1414153)
36e8a3
Requires:       %{name}-pam = %{version}-%{release}
36e8a3
36e8a3
%description devel
36e8a3
Development headers and auxiliary files for developing applications linking
36e8a3
to libudev or libsystemd.
36e8a3
36e8a3
%package udev
36e8a3
Summary: Rule-based device node and kernel event manager
36e8a3
Requires:       %{name}%{?_isa} = %{version}-%{release}
36e8a3
Requires(post):   systemd
36e8a3
Requires(preun):  systemd
36e8a3
Requires(postun): systemd
36e8a3
Requires(post): grep
36e8a3
Requires:       kmod >= 18-4
36e8a3
# obsolete parent package so that dnf will install new subpackage on upgrade (#1260394)
36e8a3
Obsoletes:      %{name} < 229-5
36e8a3
Provides:       udev = %{version}
36e8a3
Provides:       udev%{_isa} = %{version}
36e8a3
Obsoletes:      udev < 183
36e8a3
# https://bugzilla.redhat.com/show_bug.cgi?id=1408878
36e8a3
Recommends:     kbd
36e8a3
License:        LGPLv2+
36e8a3
36e8a3
%description udev
36e8a3
This package contains systemd-udev and the rules and hardware database
36e8a3
needed to manage device nodes. This package is necessary on physical
36e8a3
machines and in virtual machines, but not in containers.
36e8a3
36e8a3
%package container
36e8a3
# Name is the same as in Debian
36e8a3
Summary: Tools for containers and VMs
36e8a3
Requires:       %{name}%{?_isa} = %{version}-%{release}
36e8a3
Requires(post):   systemd
36e8a3
Requires(preun):  systemd
36e8a3
Requires(postun): systemd
36e8a3
# obsolete parent package so that dnf will install new subpackage on upgrade (#1260394)
36e8a3
Obsoletes:      %{name} < 229-5
36e8a3
License:        LGPLv2+
36e8a3
36e8a3
%description container
36e8a3
Systemd tools to spawn and manage containers and virtual machines.
36e8a3
36e8a3
This package contains systemd-nspawn, machinectl, systemd-machined,
36e8a3
and systemd-importd.
36e8a3
36e8a3
%package journal-remote
36e8a3
# Name is the same as in Debian
36e8a3
Summary:        Tools to send journal events over the network
36e8a3
Requires:       %{name}%{?_isa} = %{version}-%{release}
36e8a3
License:        LGPLv2+
36e8a3
Requires(pre):    /usr/bin/getent
36e8a3
Requires(post):   systemd
36e8a3
Requires(preun):  systemd
36e8a3
Requires(postun): systemd
36e8a3
Requires:       firewalld-filesystem
36e8a3
Provides:       %{name}-journal-gateway = %{version}-%{release}
36e8a3
Provides:       %{name}-journal-gateway%{_isa} = %{version}-%{release}
36e8a3
Obsoletes:      %{name}-journal-gateway < 227-7
36e8a3
36e8a3
%description journal-remote
36e8a3
Programs to forward journal entries over the network, using encrypted HTTP,
36e8a3
and to write journal files from serialized journal contents.
36e8a3
36e8a3
This package contains systemd-journal-gatewayd,
36e8a3
systemd-journal-remote, and systemd-journal-upload.
36e8a3
36e8a3
%package tests
36e8a3
Summary:       Internal unit tests for systemd
36e8a3
Requires:      %{name}%{?_isa} = %{version}-%{release}
36e8a3
License:       LGPLv2+
36e8a3
36e8a3
%description tests
36e8a3
"Installed tests" that are usually run as part of the build system.
36e8a3
They can be useful to test systemd internals.
36e8a3
36e8a3
%prep
36e8a3
%autosetup %{?gitcommit:-n %{name}-%{gitcommit}} -S git_am
36e8a3
36e8a3
%build
36e8a3
%define ntpvendor %(source /etc/os-release; echo ${ID})
36e8a3
%{!?ntpvendor: echo 'NTP vendor zone is not set!'; exit 1}
36e8a3
36e8a3
CONFIGURE_OPTS=(
36e8a3
        -Dsysvinit-path=/etc/rc.d/init.d
36e8a3
        -Drc-local=/etc/rc.d/rc.local
36e8a3
        -Dntp-servers='0.%{ntpvendor}.pool.ntp.org 1.%{ntpvendor}.pool.ntp.org 2.%{ntpvendor}.pool.ntp.org 3.%{ntpvendor}.pool.ntp.org'
36e8a3
        -Ddns-servers=''
36e8a3
        -Ddev-kvm-mode=0666
36e8a3
        -Dkmod=true
36e8a3
        -Dxkbcommon=true
36e8a3
        -Dblkid=true
36e8a3
        -Dseccomp=true
36e8a3
        -Dima=true
36e8a3
        -Dselinux=true
36e8a3
        -Dapparmor=false
36e8a3
        -Dpolkit=true
36e8a3
        -Dxz=true
36e8a3
        -Dzlib=true
36e8a3
        -Dbzip2=true
36e8a3
        -Dlz4=true
36e8a3
        -Dpam=true
36e8a3
        -Dacl=true
36e8a3
        -Dsmack=true
36e8a3
        -Dgcrypt=true
36e8a3
        -Daudit=true
36e8a3
        -Delfutils=true
36e8a3
        -Dlibcryptsetup=true
36e8a3
        -Delfutils=true
36e8a3
        -Dqrencode=false
36e8a3
        -Dgnutls=true
36e8a3
        -Dmicrohttpd=true
36e8a3
        -Dlibidn2=true
36e8a3
        -Dlibiptc=true
36e8a3
        -Dlibcurl=true
36e8a3
        -Defi=true
36e8a3
        -Dgnu-efi=%{?have_gnu_efi:true}%{?!have_gnu_efi:false}
36e8a3
        -Dtpm=true
36e8a3
        -Dhwdb=true
36e8a3
        -Dsysusers=true
36e8a3
        -Ddefault-kill-user-processes=false
36e8a3
        -Dtests=unsafe
36e8a3
        -Dinstall-tests=true
36e8a3
        -Dtty-gid=5
36e8a3
        -Dusers-gid=100
36e8a3
        -Dnobody-user=nobody
36e8a3
        -Dnobody-group=nobody
36e8a3
        -Dsplit-usr=false
36e8a3
        -Dsplit-bin=true
36e8a3
        -Db_lto=false
36e8a3
        -Dnetworkd=false
36e8a3
        -Dtimesyncd=false
36e8a3
        -Ddefault-hierarchy=legacy
52b84b
        -Dversion-tag=%{version}-%{release}
36e8a3
)
36e8a3
b9a53a
# Don't ship /var/log/README. The relationship between journal and syslog should be documented
b9a53a
# in the official documentation.
b9a53a
sed -ie "/subdir('doc\/var-log')/d" meson.build
b9a53a
36e8a3
%meson "${CONFIGURE_OPTS[@]}"
36e8a3
%meson_build
36e8a3
36e8a3
if diff %{SOURCE1} %{_vpath_builddir}/triggers.systemd; then
36e8a3
   echo -e "\n\n\nWARNING: triggers.systemd in Source1 is different!"
36e8a3
   echo -e "      cp %{_vpath_builddir}/triggers.systemd %{SOURCE1}\n\n\n"
36e8a3
fi
36e8a3
36e8a3
%install
36e8a3
%meson_install
36e8a3
36e8a3
# udev links
36e8a3
mkdir -p %{buildroot}/%{_sbindir}
36e8a3
ln -sf ../bin/udevadm %{buildroot}%{_sbindir}/udevadm
36e8a3
36e8a3
# Compatiblity and documentation files
36e8a3
touch %{buildroot}/etc/crypttab
36e8a3
chmod 600 %{buildroot}/etc/crypttab
36e8a3
36e8a3
# /etc/initab
36e8a3
install -Dm0644 -t %{buildroot}/etc/ %{SOURCE5}
36e8a3
36e8a3
# /etc/sysctl.conf compat
36e8a3
install -Dm0644 %{SOURCE6} %{buildroot}/etc/sysctl.conf
36e8a3
ln -s ../sysctl.conf %{buildroot}/etc/sysctl.d/99-sysctl.conf
36e8a3
36e8a3
# We create all wants links manually at installation time to make sure
36e8a3
# they are not owned and hence overriden by rpm after the user deleted
36e8a3
# them.
36e8a3
rm -r %{buildroot}%{_sysconfdir}/systemd/system/*.target.wants
36e8a3
36e8a3
# Make sure these directories are properly owned
36e8a3
mkdir -p %{buildroot}%{system_unit_dir}/basic.target.wants
36e8a3
mkdir -p %{buildroot}%{system_unit_dir}/default.target.wants
36e8a3
mkdir -p %{buildroot}%{system_unit_dir}/dbus.target.wants
36e8a3
mkdir -p %{buildroot}%{system_unit_dir}/syslog.target.wants
36e8a3
mkdir -p %{buildroot}%{_localstatedir}/run
36e8a3
mkdir -p %{buildroot}%{_localstatedir}/log
36e8a3
touch %{buildroot}%{_localstatedir}/run/utmp
36e8a3
touch %{buildroot}%{_localstatedir}/log/{w,b}tmp
36e8a3
36e8a3
# Make sure the user generators dir exists too
36e8a3
mkdir -p %{buildroot}%{pkgdir}/system-generators
36e8a3
mkdir -p %{buildroot}%{pkgdir}/user-generators
36e8a3
36e8a3
# Create new-style configuration files so that we can ghost-own them
36e8a3
touch %{buildroot}%{_sysconfdir}/hostname
36e8a3
touch %{buildroot}%{_sysconfdir}/vconsole.conf
36e8a3
touch %{buildroot}%{_sysconfdir}/locale.conf
36e8a3
touch %{buildroot}%{_sysconfdir}/machine-id
36e8a3
touch %{buildroot}%{_sysconfdir}/machine-info
36e8a3
touch %{buildroot}%{_sysconfdir}/localtime
36e8a3
mkdir -p %{buildroot}%{_sysconfdir}/X11/xorg.conf.d
36e8a3
touch %{buildroot}%{_sysconfdir}/X11/xorg.conf.d/00-keyboard.conf
36e8a3
36e8a3
# Make sure the shutdown/sleep drop-in dirs exist
36e8a3
mkdir -p %{buildroot}%{pkgdir}/system-shutdown/
36e8a3
mkdir -p %{buildroot}%{pkgdir}/system-sleep/
36e8a3
36e8a3
# Make sure directories in /var exist
36e8a3
mkdir -p %{buildroot}%{_localstatedir}/lib/systemd/coredump
36e8a3
mkdir -p %{buildroot}%{_localstatedir}/lib/systemd/catalog
36e8a3
mkdir -p %{buildroot}%{_localstatedir}/lib/systemd/backlight
36e8a3
mkdir -p %{buildroot}%{_localstatedir}/lib/systemd/rfkill
36e8a3
mkdir -p %{buildroot}%{_localstatedir}/lib/systemd/linger
36e8a3
mkdir -p %{buildroot}%{_localstatedir}/lib/private
36e8a3
mkdir -p %{buildroot}%{_localstatedir}/log/private
36e8a3
mkdir -p %{buildroot}%{_localstatedir}/cache/private
36e8a3
mkdir -p %{buildroot}%{_localstatedir}/lib/private/systemd/journal-upload
36e8a3
ln -s ../private/systemd/journal-upload %{buildroot}%{_localstatedir}/lib/systemd/journal-upload
36e8a3
mkdir -p %{buildroot}%{_localstatedir}/log/journal
36e8a3
touch %{buildroot}%{_localstatedir}/lib/systemd/catalog/database
36e8a3
touch %{buildroot}%{_sysconfdir}/udev/hwdb.bin
36e8a3
touch %{buildroot}%{_localstatedir}/lib/systemd/random-seed
36e8a3
touch %{buildroot}%{_localstatedir}/lib/private/systemd/journal-upload/state
36e8a3
36e8a3
# Install rc.local
36e8a3
mkdir -p %{buildroot}%{_sysconfdir}/rc.d/
36e8a3
install -m 0644 %{SOURCE13} %{buildroot}%{_sysconfdir}/rc.d/rc.local
36e8a3
ln -s rc.d/rc.local %{buildroot}%{_sysconfdir}/rc.local
36e8a3
36e8a3
# Install yum protection fragment
36e8a3
install -Dm0644 %{SOURCE4} %{buildroot}%{_sysconfdir}/dnf/protected.d/systemd.conf
36e8a3
36e8a3
install -Dm0644 -t %{buildroot}/usr/lib/firewalld/services/ %{SOURCE7} %{SOURCE8}
36e8a3
36e8a3
# Restore systemd-user pam config from before "removal of Fedora-specific bits"
36e8a3
install -Dm0644 -t %{buildroot}/etc/pam.d/ %{SOURCE12}
36e8a3
36e8a3
# Install additional docs
36e8a3
# https://bugzilla.redhat.com/show_bug.cgi?id=1234951
36e8a3
install -Dm0644 -t %{buildroot}%{_pkgdocdir}/ %{SOURCE9}
36e8a3
36e8a3
# https://bugzilla.redhat.com/show_bug.cgi?id=1378974
36e8a3
install -Dm0644 -t %{buildroot}%{system_unit_dir}/systemd-udev-trigger.service.d/ %{SOURCE10}
36e8a3
36e8a3
install -Dm0755 -t %{buildroot}%{_prefix}/lib/kernel/install.d/ %{SOURCE11}
36e8a3
36e8a3
install -D -t %{buildroot}/usr/lib/systemd/ %{SOURCE3}
36e8a3
36e8a3
# No tmp-on-tmpfs by default in RHEL. bz#876122 bz#1578772
36e8a3
rm -f %{buildroot}%{_prefix}/lib/systemd/system/local-fs.target.wants/tmp.mount
36e8a3
52b84b
# bz#1844465
52b84b
rm -f %{buildroot}/etc/systemd/system/dbus-org.freedesktop.resolve1.service
52b84b
36e8a3
%find_lang %{name}
36e8a3
36e8a3
# Split files in build root into rpms. See split-files.py for the
36e8a3
# rules towards the end, anything which is an exception needs a line
36e8a3
# here.
36e8a3
python3 %{SOURCE2} %buildroot <
36e8a3
%ghost %config(noreplace) /etc/crypttab
52b84b
%ghost %verify (not mode) /etc/udev/hwdb.bin
36e8a3
/etc/inittab
36e8a3
/etc/yum/protected.d/systemd.conf
36e8a3
/usr/lib/systemd/purge-nobody-user
36e8a3
%ghost %config(noreplace) /etc/vconsole.conf
36e8a3
%ghost %config(noreplace) /etc/X11/xorg.conf.d/00-keyboard.conf
36e8a3
%ghost %attr(0664,root,utmp) /var/run/utmp
36e8a3
%ghost %attr(0664,root,utmp) /var/log/wtmp
52b84b
%ghost %attr(0660,root,utmp) /var/log/btmp
36e8a3
%ghost %config(noreplace) /etc/hostname
36e8a3
%ghost %config(noreplace) /etc/localtime
36e8a3
%ghost %config(noreplace) /etc/locale.conf
52b84b
%ghost %config(noreplace) %attr(0444,root,root) /etc/machine-id
36e8a3
%ghost %config(noreplace) /etc/machine-info
52b84b
%verify(owner group) %config(noreplace) %{_sysconfdir}/rc.d/rc.local
36e8a3
%{_sysconfdir}/rc.local
52b84b
%ghost %dir %attr(0700,root,root) /var/cache/private
52b84b
%ghost %dir %attr(0700,root,root) /var/lib/private
36e8a3
%ghost %dir /var/lib/private/systemd
36e8a3
%ghost %dir /var/lib/private/systemd/journal-upload
36e8a3
%ghost /var/lib/private/systemd/journal-upload/state
36e8a3
%ghost %dir /var/lib/systemd/backlight
36e8a3
%ghost /var/lib/systemd/catalog/database
36e8a3
%ghost %dir /var/lib/systemd/coredump
36e8a3
%ghost /var/lib/systemd/journal-upload
36e8a3
%ghost %dir /var/lib/systemd/linger
52b84b
%ghost %attr(0600,root,root) /var/lib/systemd/random-seed
36e8a3
%ghost %dir /var/lib/systemd/rfkill
52b84b
%ghost %verify (not mode group md5 mtime) %dir /var/log/journal
36e8a3
%ghost %dir /var/log/journal/remote
52b84b
%ghost %dir %attr(0700,root,root) /var/log/private
36e8a3
EOF
36e8a3
36e8a3
%check
36e8a3
%meson_test
36e8a3
36e8a3
#############################################################################################
36e8a3
36e8a3
%include %{SOURCE1}
36e8a3
36e8a3
%pre
36e8a3
getent group cdrom &>/dev/null || groupadd -r -g 11 cdrom &>/dev/null || :
36e8a3
getent group utmp &>/dev/null || groupadd -r -g 22 utmp &>/dev/null || :
36e8a3
getent group tape &>/dev/null || groupadd -r -g 33 tape &>/dev/null || :
36e8a3
getent group dialout &>/dev/null || groupadd -r -g 18 dialout &>/dev/null || :
36e8a3
getent group input &>/dev/null || groupadd -r input &>/dev/null || :
36e8a3
getent group kvm &>/dev/null || groupadd -r -g 36 kvm &>/dev/null || :
36e8a3
getent group render &>/dev/null || groupadd -r render &>/dev/null || :
36e8a3
getent group systemd-journal &>/dev/null || groupadd -r -g 190 systemd-journal 2>&1 || :
36e8a3
36e8a3
getent group systemd-coredump &>/dev/null || groupadd -r systemd-coredump 2>&1 || :
36e8a3
getent passwd systemd-coredump &>/dev/null || useradd -r -l -g systemd-coredump -d / -s /sbin/nologin -c "systemd Core Dumper" systemd-coredump &>/dev/null || :
36e8a3
36e8a3
getent group systemd-resolve &>/dev/null || groupadd -r -g 193 systemd-resolve 2>&1 || :
36e8a3
getent passwd systemd-resolve &>/dev/null || useradd -r -u 193 -l -g systemd-resolve -d / -s /sbin/nologin -c "systemd Resolver" systemd-resolve &>/dev/null || :
36e8a3
36e8a3
%post
36e8a3
systemd-machine-id-setup &>/dev/null || :
36e8a3
systemctl daemon-reexec &>/dev/null || :
36e8a3
journalctl --update-catalog &>/dev/null || :
36e8a3
systemd-tmpfiles --create &>/dev/null || :
36e8a3
36e8a3
# Make sure new journal files will be owned by the "systemd-journal" group
36e8a3
chgrp systemd-journal /run/log/journal/ /run/log/journal/`cat /etc/machine-id 2>/dev/null` /var/log/journal/ /var/log/journal/`cat /etc/machine-id 2>/dev/null` &>/dev/null || :
36e8a3
chmod g+s /run/log/journal/ /run/log/journal/`cat /etc/machine-id 2>/dev/null` /var/log/journal/ /var/log/journal/`cat /etc/machine-id 2>/dev/null` &>/dev/null || :
36e8a3
36e8a3
# Apply ACL to the journal directory
36e8a3
setfacl -Rnm g:wheel:rx,d:g:wheel:rx,g:adm:rx,d:g:adm:rx /var/log/journal/ &>/dev/null || :
36e8a3
36e8a3
# Stop-gap until rsyslog.rpm does this on its own. (This is supposed
36e8a3
# to fail when the link already exists)
36e8a3
ln -s /usr/lib/systemd/system/rsyslog.service /etc/systemd/system/syslog.service &>/dev/null || :
36e8a3
36e8a3
# Remove spurious /etc/fstab entries from very old installations
36e8a3
# https://bugzilla.redhat.com/show_bug.cgi?id=1009023
36e8a3
if [ -e /etc/fstab ]; then
36e8a3
   grep -v -E -q '^(devpts|tmpfs|sysfs|proc)' /etc/fstab || \
36e8a3
         sed -i.rpm.bak -r '/^devpts\s+\/dev\/pts\s+devpts\s+defaults\s+/d; /^tmpfs\s+\/dev\/shm\s+tmpfs\s+defaults\s+/d; /^sysfs\s+\/sys\s+sysfs\s+defaults\s+/d; /^proc\s+\/proc\s+proc\s+defaults\s+/d' /etc/fstab || :
36e8a3
fi
36e8a3
36e8a3
# Services we install by default, and which are controlled by presets.
36e8a3
if [ $1 -eq 1 ] ; then
36e8a3
        systemctl preset --quiet \
36e8a3
                remote-fs.target \
36e8a3
                getty@.service \
36e8a3
                serial-getty@.service \
36e8a3
                console-getty.service \
36e8a3
                debug-shell.service \
36e8a3
                systemd-resolved.service \
36e8a3
                >/dev/null || :
36e8a3
fi
36e8a3
36e8a3
# remove obsolete systemd-readahead file
36e8a3
rm -f /.readahead &>/dev/null || :
36e8a3
36e8a3
%preun
36e8a3
if [ $1 -eq 0 ] ; then
36e8a3
        systemctl disable --quiet \
36e8a3
                remote-fs.target \
36e8a3
                getty@.service \
36e8a3
                serial-getty@.service \
36e8a3
                console-getty.service \
36e8a3
                debug-shell.service \
36e8a3
                systemd-readahead-replay.service \
36e8a3
                systemd-readahead-collect.service \
36e8a3
                systemd-resolved.service \
36e8a3
                >/dev/null || :
36e8a3
36e8a3
        rm -f /etc/systemd/system/default.target &>/dev/null || :
36e8a3
fi
36e8a3
36e8a3
%post libs
36e8a3
%{?ldconfig}
36e8a3
36e8a3
function mod_nss() {
36e8a3
    if [ -f "$1" ] ; then
36e8a3
        # sed-fu to add myhostanme to hosts line
36e8a3
        grep -E -q '^hosts:.* myhostname' "$1" ||
36e8a3
        sed -i.bak -e '
36e8a3
                /^hosts:/ !b
36e8a3
                /\<myhostname\>/ b
36e8a3
                s/[[:blank:]]*$/ myhostname/
36e8a3
                ' "$1" &>/dev/null || :
36e8a3
36e8a3
        # Add nss-systemd to passwd and group
36e8a3
        grep -E -q '^(passwd|group):.* systemd' "$1" ||
36e8a3
        sed -i.bak -r -e '
36e8a3
                s/^(passwd|group):(.*)/\1: \2 systemd/
36e8a3
                ' "$1" &>/dev/null || :
36e8a3
    fi
36e8a3
}
36e8a3
36e8a3
FILE="$(readlink /etc/nsswitch.conf || echo /etc/nsswitch.conf)"
36e8a3
mod_nss "$FILE"
36e8a3
36e8a3
if [ "$FILE" = "/etc/authselect/user-nsswitch.conf" ] ; then
36e8a3
        authselect apply-changes &> /dev/null
36e8a3
else
36e8a3
        # also apply the same changes to nsswitch.conf to affect
36e8a3
        # possible future authselect configuration
36e8a3
	mod_nss "/etc/authselect/user-nsswitch.conf"
36e8a3
fi
36e8a3
36e8a3
# check if nobody or nfsnobody is defined
36e8a3
export SYSTEMD_NSS_BYPASS_SYNTHETIC=1
36e8a3
if getent passwd nfsnobody &>/dev/null; then
36e8a3
   test -f /etc/systemd/dont-synthesize-nobody || {
36e8a3
       echo 'Detected system with nfsnobody defined, creating /etc/systemd/dont-synthesize-nobody'
36e8a3
       mkdir -p /etc/systemd || :
36e8a3
       : >/etc/systemd/dont-synthesize-nobody || :
36e8a3
   }
36e8a3
elif getent passwd nobody 2>/dev/null | grep -v 'nobody:[x*]:65534:65534:.*:/:/sbin/nologin' &>/dev/null; then
36e8a3
   test -f /etc/systemd/dont-synthesize-nobody || {
36e8a3
       echo 'Detected system with incompatible nobody defined, creating /etc/systemd/dont-synthesize-nobody'
36e8a3
       mkdir -p /etc/systemd || :
36e8a3
       : >/etc/systemd/dont-synthesize-nobody || :
36e8a3
   }
36e8a3
fi
36e8a3
36e8a3
%{?ldconfig:%postun libs -p %ldconfig}
36e8a3
36e8a3
%global udev_services systemd-udev{d,-settle,-trigger}.service systemd-udevd-{control,kernel}.socket
36e8a3
36e8a3
%post udev
36e8a3
# Move old stuff around in /var/lib
36e8a3
mv %{_localstatedir}/lib/random-seed %{_localstatedir}/lib/systemd/random-seed &>/dev/null
36e8a3
mv %{_localstatedir}/lib/backlight %{_localstatedir}/lib/systemd/backlight &>/dev/null
36e8a3
36e8a3
udevadm hwdb --update &>/dev/null
36e8a3
%systemd_post %udev_services
36e8a3
/usr/lib/systemd/systemd-random-seed save 2>&1
36e8a3
36e8a3
# Replace obsolete keymaps
36e8a3
# https://bugzilla.redhat.com/show_bug.cgi?id=1151958
36e8a3
grep -q -E '^KEYMAP="?fi-latin[19]"?' /etc/vconsole.conf 2>/dev/null &&
36e8a3
    sed -i.rpm.bak -r 's/^KEYMAP="?fi-latin[19]"?/KEYMAP="fi"/' /etc/vconsole.conf || :
36e8a3
36e8a3
%postun udev
36e8a3
# Only restart systemd-udev, to run the upgraded dameon.
36e8a3
# Others are either oneshot services, or sockets, and restarting them causes issues (#1378974)
36e8a3
%systemd_postun_with_restart systemd-udevd.service
36e8a3
36e8a3
%pre journal-remote
36e8a3
getent group systemd-journal-remote &>/dev/null || groupadd -r systemd-journal-remote 2>&1 || :
36e8a3
getent passwd systemd-journal-remote &>/dev/null || useradd -r -l -g systemd-journal-remote -d %{_localstatedir}/log/journal/remote -s /sbin/nologin -c "Journal Remote" systemd-journal-remote &>/dev/null || :
36e8a3
36e8a3
%post journal-remote
36e8a3
%systemd_post systemd-journal-gatewayd.socket systemd-journal-gatewayd.service
36e8a3
%systemd_post systemd-journal-remote.socket systemd-journal-remote.service
36e8a3
%systemd_post systemd-journal-upload.service
36e8a3
%firewalld_reload
36e8a3
36e8a3
%preun journal-remote
36e8a3
%systemd_preun systemd-journal-gatewayd.socket systemd-journal-gatewayd.service
36e8a3
%systemd_preun systemd-journal-remote.socket systemd-journal-remote.service
36e8a3
%systemd_preun systemd-journal-upload.service
36e8a3
if [ $1 -eq 1 ] ; then
36e8a3
    if [ -f %{_localstatedir}/lib/systemd/journal-upload/state -a ! -L %{_localstatedir}/lib/systemd/journal-upload ] ; then
36e8a3
        mkdir -p %{_localstatedir}/lib/private/systemd/journal-upload
36e8a3
        mv %{_localstatedir}/lib/systemd/journal-upload/state %{_localstatedir}/lib/private/systemd/journal-upload/.
36e8a3
        rmdir %{_localstatedir}/lib/systemd/journal-upload || :
36e8a3
    fi
36e8a3
fi
36e8a3
36e8a3
%postun journal-remote
36e8a3
%systemd_postun_with_restart systemd-journal-gatewayd.service
36e8a3
%systemd_postun_with_restart systemd-journal-remote.service
36e8a3
%systemd_postun_with_restart systemd-journal-upload.service
36e8a3
%firewalld_reload
36e8a3
36e8a3
%global _docdir_fmt %{name}
36e8a3
36e8a3
%files -f %{name}.lang -f .file-list-rest
36e8a3
%doc %{_pkgdocdir}
36e8a3
%exclude %{_pkgdocdir}/LICENSE.*
36e8a3
%license LICENSE.GPL2 LICENSE.LGPL2.1
36e8a3
%ghost %dir %attr(0755,-,-) /etc/systemd/system/basic.target.wants
36e8a3
%ghost %dir %attr(0755,-,-) /etc/systemd/system/bluetooth.target.wants
36e8a3
%ghost %dir %attr(0755,-,-) /etc/systemd/system/default.target.wants
36e8a3
%ghost %dir %attr(0755,-,-) /etc/systemd/system/getty.target.wants
36e8a3
%ghost %dir %attr(0755,-,-) /etc/systemd/system/graphical.target.wants
36e8a3
%ghost %dir %attr(0755,-,-) /etc/systemd/system/local-fs.target.wants
36e8a3
%ghost %dir %attr(0755,-,-) /etc/systemd/system/machines.target.wants
36e8a3
%ghost %dir %attr(0755,-,-) /etc/systemd/system/multi-user.target.wants
36e8a3
%ghost %dir %attr(0755,-,-) /etc/systemd/system/printer.target.wants
36e8a3
%ghost %dir %attr(0755,-,-) /etc/systemd/system/remote-fs.target.wants
36e8a3
%ghost %dir %attr(0755,-,-) /etc/systemd/system/sockets.target.wants
36e8a3
%ghost %dir %attr(0755,-,-) /etc/systemd/system/sysinit.target.wants
36e8a3
%ghost %dir %attr(0755,-,-) /etc/systemd/system/system-update.target.wants
36e8a3
%ghost %dir %attr(0755,-,-) /etc/systemd/system/timers.target.wants
36e8a3
%ghost %dir %attr(0755,-,-) /var/lib/rpm-state/systemd
36e8a3
36e8a3
%files libs -f .file-list-libs
36e8a3
%license LICENSE.LGPL2.1
36e8a3
36e8a3
%files pam -f .file-list-pam
36e8a3
36e8a3
%files devel -f .file-list-devel
36e8a3
36e8a3
%files udev -f .file-list-udev
36e8a3
36e8a3
%files container -f .file-list-container
36e8a3
36e8a3
%files journal-remote -f .file-list-remote
36e8a3
36e8a3
%files tests -f .file-list-tests
36e8a3
36e8a3
%changelog
446ea3
* Wed Jul 28 2021 systemd maintenance team <systemd-maint@redhat.com> - 239-45.3
446ea3
- sd-event: change ordering of pending/ratelimited events (#1984406)
446ea3
- sd-event: drop unnecessary "else" (#1984406)
446ea3
- sd-event: use CMP() macro (#1984406)
446ea3
- sd-event: use usec_add() (#1984406)
446ea3
- sd-event: make event_source_time_prioq_reshuffle() accept all event source type (#1984406)
446ea3
- sd-event: always reshuffle time prioq on changing online/offline state (#1984406)
446ea3
- meson: remove strange dep that causes meson to enter infinite loop (#1984406)
446ea3
- copy: handle copy_file_range() weirdness on procfs/sysfs (#1984406)
446ea3
- ci: run unit tests on z-stream branches as well (#1984406)
446ea3
- remove a left-over break (#1984406)
446ea3
31ac43
* Mon Jun 28 2021 Jan Macku <jamacku@redhat.com> - 239-45.2
31ac43
- basic/unit-name: do not use strdupa() on a path (CVE-2021-33910, #1974699)
31ac43
4bf4e7
* Tue May 25 2021 systemd maintenance team <systemd-maint@redhat.com> - 239-45.1
4bf4e7
- Revert "udev: run link_update() with increased retry count in second invocation" (#1963980)
4bf4e7
- Revert "udev: make algorithm that selects highest priority devlink less susceptible to race conditions" (#1963980)
4bf4e7
- test/udev-test.pl: drop test cases that add mutliple devices (#1963980)
4bf4e7
21255d
* Thu Mar 11 2021 systemd maintenance team <systemd-maint@redhat.com> - 239-45
21255d
- Revert "test: add test cases for empty string match" and "test: add test case for multi matches when use ||" (#1931947)
21255d
- test/sys-script.py: add missing DEVNAME entries to uevents (#1931947)
21255d
- sd-event: split out helper functions for reshuffling prioqs (#1819868)
21255d
- sd-event: split out enable and disable codepaths from sd_event_source_set_enabled() (#1819868)
21255d
- sd-event: mention that two debug logged events are ignored (#1819868)
21255d
- sd-event: split clock data allocation out of sd_event_add_time() (#1819868)
21255d
- sd-event: split out code to add/remove timer event sources to earliest/latest prioq (#1819868)
21255d
- sd-event: fix delays assert brain-o (#17790) (#1819868)
21255d
- sd-event: let's suffix last_run/last_log with "_usec" (#1819868)
21255d
- sd-event: refuse running default event loops in any other thread than the one they are default for (#1819868)
21255d
- sd-event: ref event loop while in sd_event_prepare() ot sd_event_run() (#1819868)
21255d
- sd-event: follow coding style with naming return parameter (#1819868)
21255d
- sd-event: remove earliest_index/latest_index into common part of event source objects (#1819868)
21255d
- sd-event: update state at the end in event_source_enable (#1819868)
21255d
- sd-event: increase n_enabled_child_sources just once (#1819868)
21255d
- sd-event: add ability to ratelimit event sources (#1819868)
21255d
- test: add ratelimiting test (#1819868)
21255d
- core: prevent excessive /proc/self/mountinfo parsing (#1819868)
21255d
- udev: run link_update() with increased retry count in second invocation (#1931947)
21255d
- pam-systemd: use secure_getenv() rather than getenv() (#1687514)
21255d
21255d
* Thu Jan 28 2021 systemd maintenance team <systemd-maint@redhat.com> - 239-44
21255d
- ci: PowerTools repo was renamed to powertools in RHEL 8.3 (#1871827)
21255d
- ci: use quay.io instead of Docker Hub to avoid rate limits (#1871827)
21255d
- ci: move jobs from Travis CI to GH Actions (#1871827)
21255d
- unit: make UNIT() cast function deal with NULL pointers (#1871827)
21255d
- use link to RHEL-8 docs (#1623116)
21255d
- cgroup: Also set blkio.bfq.weight (#1657810)
21255d
- units: make sure initrd-cleanup.service terminates before switching to rootfs (#1657810)
21255d
- core: reload SELinux label cache on daemon-reload (#1888912)
21255d
- selinux: introduce mac_selinux_create_file_prepare_at() (#1888912)
21255d
- selinux: add trigger for policy reload to refresh internal selabel cache (#1888912)
21255d
- udev/net_id: give RHEL-8.4 naming scheme a name (#1827462)
21255d
- basic/stat-util: make mtime check stricter and use entire timestamp (#1642728)
21255d
- udev: make algorithm that selects highest priority devlink less susceptible to race conditions (#1642728)
21255d
- test: create /dev/null in test-udev.pl (#1642728)
21255d
- test: missing "die" (#1642728)
21255d
- udev-test: remove a check for whether the test is run in a container (#1642728)
21255d
- udev-test: skip the test only if it can't setup its environment (#1642728)
21255d
- udev-test: fix test skip condition (#1642728)
21255d
- udev-test: fix missing directory test/run (#1642728)
21255d
- udev-test: check if permitted to create block device nodes (#1642728)
21255d
- test-udev: add a testcase of too long line (#1642728)
21255d
- test-udev: use proper semantics for too long line with continuation (#1642728)
21255d
- test-udev: add more tests for line continuations and comments (#1642728)
21255d
- test-udev: add more tests for line continuation (#1642728)
21255d
- test-udev: fix alignment and drop unnecessary white spaces (#1642728)
21255d
- test/udev-test.pl: cleanup if skipping test (#1642728)
21255d
- test: add test cases for empty string match (#1642728)
21255d
- test: add test case for multi matches when use "||" (#1642728)
21255d
- udev-test: do not rely on "mail" group being defined (#1642728)
21255d
- test/udev-test.pl: allow multiple devices per test (#1642728)
21255d
- test/udev-test.pl: create rules only once (#1642728)
21255d
- test/udev-test.pl: allow concurrent additions and removals (#1642728)
21255d
- test/udev-test.pl: use computed devnode name (#1642728)
21255d
- test/udev-test.pl: test correctness of symlink targets (#1642728)
21255d
- test/udev-test.pl: allow checking multiple symlinks (#1642728)
21255d
- test/udev-test.pl: fix wrong test descriptions (#1642728)
21255d
- test/udev-test.pl: last_rule is unsupported (#1642728)
21255d
- test/udev-test.pl: Make some tests a little harder (#1642728)
21255d
- test/udev-test.pl: remove bogus rules from magic subsys test (#1642728)
21255d
- test/udev-test.pl: merge "space and var with space" tests (#1642728)
21255d
- test/udev-test.pl: merge import parent tests into one (#1642728)
21255d
- test/udev-test.pl: count "good" results (#1642728)
21255d
- tests/udev-test.pl: add multiple device test (#1642728)
21255d
- test/udev-test.pl: add repeat count (#1642728)
21255d
- test/udev-test.pl: generator for large list of block devices (#1642728)
21255d
- test/udev-test.pl: suppress umount error message at startup (#1642728)
21255d
- test/udev_test.pl: add "expected good" count (#1642728)
21255d
- test/udev-test: gracefully exit when imports fail (#1642728)
21255d
21255d
* Thu Nov 26 2020 systemd maintenance team <systemd-maint@redhat.com> - 239-43
21255d
- man: mention System Administrator's Guide in systemctl manpage (#1623116)
21255d
- udev: introduce udev net_id "naming schemes" (#1827462)
21255d
- meson: make net.naming-scheme= default configurable (#1827462)
21255d
- man: describe naming schemes in a new man page (#1827462)
21255d
- udev/net_id: parse _SUN ACPI index as a signed integer (#1827462)
21255d
- udev/net_id: don't generate slot based names if multiple devices might claim the same slot (#1827462)
21255d
- fix typo in ProtectSystem= option (#1871139)
21255d
- remove references of non-existent man pages (#1876807)
21255d
- log: Prefer logging to CLI unless JOURNAL_STREAM is set (#1865840)
21255d
- locale-util: add new helper locale_is_installed() (#1755287)
21255d
- test: add test case for locale_is_installed() (#1755287)
21255d
- tree-wide: port various bits over to locale_is_installed() (#1755287)
21255d
- install: allow instantiated units to be enabled via presets (#1812972)
21255d
- install: small refactor to combine two function calls into one function (#1812972)
21255d
- test: fix a memleak (#1812972)
21255d
- docs: Add syntax for templated units to systemd.preset man page (#1812972)
21255d
- shared/install: fix preset operations for non-service instantiated units (#1812972)
21255d
- introduce setsockopt_int() helper (#1887181)
21255d
- socket-util: add generic socket_pass_pktinfo() helper (#1887181)
21255d
- core: add new PassPacketInfo= socket unit property (#1887181)
21255d
- resolved: tweak cmsg calculation (#1887181)
21255d
21255d
* Tue Nov 03 2020 systemd maintenance team <systemd-maint@redhat.com> - 239-42
21255d
- logind: don't print warning when user@.service template is masked (#1880270)
21255d
- build: use simple project version in pkgconfig files (#1862714)
21255d
- basic/virt: try the /proc/1/sched hack also for PID1 (#1868877)
21255d
- seccomp: rework how the S[UG]ID filter is installed (#1860374)
21255d
- vconsole-setup: downgrade log message when setting font fails on dummy console (#1889996)
21255d
- units: fix systemd.special man page reference in system-update-cleanup.service (#1871827)
21255d
- units: drop reference to sushell man page (#1871827)
21255d
- sd-bus: break the loop in bus_ensure_running() if the bus is not connecting (#1885553)
21255d
- core: add new API for enqueing a job with returning the transaction data (#846319)
21255d
- systemctl: replace switch statement by table of structures (#846319)
21255d
- systemctl: reindent table (#846319)
21255d
- systemctl: Only wait when there's something to wait for. (#846319)
21255d
- systemctl: clean up start_unit_one() error handling (#846319)
21255d
- systemctl: split out extra args generation into helper function of its own (#846319)
21255d
- systemctl: add new --show-transaction switch (#846319)
21255d
- test: add some basic testing that "systemctl start -T" does something (#846319)
21255d
- man: document the new systemctl --show-transaction option (#846319)
21255d
- socket: New option 'FlushPending' (boolean) to flush socket before entering listening state (#1870638)
21255d
- core: remove support for API bus "started outside our own logic" (#1764282)
21255d
- mount-setup: fix segfault in mount_cgroup_controllers when using gcc9 compiler (#1868877)
21255d
- dbus-execute: make transfer of CPUAffinity endian safe (#12711) (#1740657)
21255d
- core: add support for setting CPUAffinity= to special "numa" value (#1740657)
21255d
- basic/user-util: always use base 10 for user/group numbers (#1848373)
21255d
- parse-util: sometimes it is useful to check if a string is a valid integer, but not actually parse it (#1848373)
21255d
- basic/parse-util: add safe_atoux64() (#1848373)
21255d
- parse-util: allow tweaking how to parse integers (#1848373)
21255d
- parse-util: allow '-0' as alternative to '0' and '+0' (#1848373)
21255d
- parse-util: make return parameter optional in safe_atou16_full() (#1848373)
21255d
- parse-util: rewrite parse_mode() on top of safe_atou_full() (#1848373)
21255d
- user-util: be stricter in parse_uid() (#1848373)
21255d
- strv: add new macro STARTSWITH_SET() (#1848373)
21255d
- parse-util: also parse integers prefixed with 0b and 0o (#1848373)
21255d
- tests: beef up integer parsing tests (#1848373)
21255d
- shared/user-util: add compat forms of user name checking functions (#1848373)
21255d
- shared/user-util: emit a warning on names with dots (#1848373)
21255d
- user-util: Allow names starting with a digit (#1848373)
21255d
- shared/user-util: allow usernames with dots in specific fields (#1848373)
21255d
- user-util: switch order of checks in valid_user_group_name_or_id_full() (#1848373)
21255d
- user-util: rework how we validate user names (#1848373)
bdc714
0b4d5a
* Wed Oct 07 2020 systemd maintenance team <systemd-maint@redhat.com> - 239-41
0b4d5a
- cgroup: freezer action must be NOP when cgroup v2 freezer is not available (#1868831)
0b4d5a
52b84b
* Fri Aug 28 2020 systemd maintenance team <systemd-maint@redhat.com> - 239-40
52b84b
- units: add generic boot-complete.target (#1872243)
52b84b
- man: document new "boot-complete.target" unit (#1872243)
52b84b
- core: make sure to restore the control command id, too (#1829867)
52b84b
52b84b
* Thu Aug 06 2020 systemd maintenance team <systemd-maint@redhat.com> - 239-39
52b84b
- device: make sure we emit PropertiesChanged signal once we set sysfs (#1793533)
52b84b
- device: don't emit PropetiesChanged needlessly (#1793533)
52b84b
52b84b
* Tue Aug 04 2020 systemd maintenance team <systemd-maint@redhat.com> - 239-38
52b84b
- spec: fix rpm verification (#1702300)
52b84b
52b84b
* Wed Jul 08 2020 systemd maintenance team <systemd-maint@redhat.com> - 239-37
52b84b
- spec: don't package /etc/systemd/system/dbus-org.freedesktop.resolve1.service (#1844465)
52b84b
52b84b
* Fri Jun 26 2020 systemd maintenance team <systemd-maint@redhat.com> - 239-36
52b84b
- core: don't consider SERVICE_SKIP_CONDITION for abnormal or failure restarts (#1737283)
52b84b
- selinux: do preprocessor check only in selinux-access.c (#1830861)
52b84b
- basic/cgroup-util: introduce cg_get_keyed_attribute_full() (#1830861)
52b84b
- shared: add generic logic for waiting for a unit to enter some state (#1830861)
52b84b
- shared: fix assert call (#1830861)
52b84b
- shared: Don't try calling NULL callback in bus_wait_for_units_clear (#1830861)
52b84b
- shared: add NULL callback check in one more place (#1830861)
52b84b
- core: introduce support for cgroup freezer (#1830861)
52b84b
- core/cgroup: fix return value of unit_cgorup_freezer_action() (#1830861)
52b84b
- core: fix the return value in order to make sure we don't dipatch method return too early (#1830861)
52b84b
- test: add test for cgroup v2 freezer support (#1830861)
52b84b
- fix mis-merge (#1848421)
52b84b
- tests: sleep a bit and give kernel time to perform the action after manual freeze/thaw (#1848421)
52b84b
52b84b
* Fri Jun 26 2020 systemd maintenance team <systemd-maint@redhat.com> - 239-35
52b84b
- spec: fix rpm verification (#1702300)
52b84b
52b84b
* Thu Jun 18 2020 systemd maintenance team <systemd-maint@redhat.com> - 239-34
52b84b
- spec: fix rpm verification (#1702300)
52b84b
52b84b
* Tue Jun 09 2020 systemd maintenance team <systemd-maint@redhat.com> - 239-33
52b84b
- tmpfiles: fix crash with NULL in arg_root and other fixes and tests (#1836024)
52b84b
- sulogin-shell: Use force if SYSTEMD_SULOGIN_FORCE set (#1625929)
52b84b
- resolvconf: fixes for the compatibility interface (#1835594)
52b84b
- mount: don't add Requires for tmp.mount (#1748840)
52b84b
- core: coldplug possible nop_job (#1829798)
52b84b
- core: add IODeviceLatencyTargetSec (#1831519)
52b84b
- time-util: Introduce parse_sec_def_infinity (#1770379)
52b84b
- cgroup: use structured initialization (#1770379)
52b84b
- core: add CPUQuotaPeriodSec= (#1770379)
52b84b
- core: downgrade CPUQuotaPeriodSec= clamping logs to debug (#1770379)
52b84b
- sd-bus: avoid magic number in SASL length calculation (#1838081)
52b84b
- sd-bus: fix SASL reply to empty AUTH (#1838081)
52b84b
- sd-bus: skip sending formatted UIDs via SASL (#1838081)
52b84b
- core: add MemoryMin (#1763435)
52b84b
- core: introduce cgroup_add_device_allow() (#1763435)
52b84b
- test: remove support for suffix in get_testdata_dir() (#1763435)
52b84b
- cgroup: Implement default propagation of MemoryLow with DefaultMemoryLow (#1763435)
52b84b
- cgroup: Create UNIT_DEFINE_ANCESTOR_MEMORY_LOOKUP (#1763435)
52b84b
- unit: Add DefaultMemoryMin (#1763435)
52b84b
- cgroup: Polish hierarchically aware protection docs a bit (#1763435)
52b84b
- cgroup: Readd some plumbing for DefaultMemoryMin (#1763435)
52b84b
- cgroup: Support 0-value for memory protection directives (#1763435)
52b84b
- cgroup: Test that it's possible to set memory protection to 0 again (#1763435)
52b84b
- cgroup: Check ancestor memory min for unified memory config (#1763435)
52b84b
- cgroup: Respect DefaultMemoryMin when setting memory.min (#1763435)
52b84b
- cgroup: Mark memory protections as explicitly set in transient units (#1763435)
52b84b
- meson: allow setting the version string during configuration (#1804252)
52b84b
52b84b
* Thu Jun 04 2020 systemd maintenance team <systemd-maint@redhat.com> - 239-32
b9a53a
- pid1: fix DefaultTasksMax initialization (#1809037)
52b84b
- cgroup: make sure that cpuset is supported on cgroup v2 and disabled with v1 (#1808940)
b9a53a
- test: introduce TEST-36-NUMAPOLICY (#1808940)
52b84b
- test: replace `tail -f` with journal cursor which should be... (#1808940)
52b84b
- test: support MPOL_LOCAL matching in unpatched strace versions (#1808940)
b9a53a
- test: make sure the strace process is indeed dead (#1808940)
b9a53a
- test: skip the test on systems without NUMA support (#1808940)
b9a53a
- test: give strace some time to initialize (#1808940)
52b84b
- test: add a simple sanity check for systems without NUMA support (#1808940)
b9a53a
- test: drop the missed || exit 1 expression (#1808940)
b9a53a
- test: replace cursor file with a plain cursor (#1808940)
52b84b
- cryptsetup: Treat key file errors as a failed password attempt (#1763155)
52b84b
- swap: finish the secondary swap units' jobs if deactivation of the primary swap unit fails (#1749622)
52b84b
- resolved: Recover missing PrivateTmp=yes and ProtectSystem=strict (#1810869)
52b84b
- bus_open leak sd_event_source when udevadm trigger。 (#1798504)
52b84b
- core: rework StopWhenUnneeded= logic (#1798046)
52b84b
- pid1: fix the names of AllowedCPUs= and AllowedMemoryNodes= (#1818054)
52b84b
- core: fix re-realization of cgroup siblings (#1818054)
52b84b
- basic: use comma as separator in cpuset cgroup cpu ranges (#1818054)
52b84b
- core: transition to FINAL_SIGTERM state after ExecStopPost= (#1766479)
52b84b
- sd-journal: close journal files that were deleted by journald before we've setup inotify watch (#1796128)
52b84b
- sd-journal: remove the dead code and actually fix #14695 (#1796128)
52b84b
- udev: downgrade message when we fail to set inotify watch up (#1808051)
52b84b
- logind: check PolicyKit before allowing VT switch (#1797679)
52b84b
- test: do not use global variable to pass error (#1823767)
52b84b
- test: install libraries required by tests (#1823767)
52b84b
- test: introduce install_zoneinfo() (#1823767)
52b84b
- test: replace duplicated Makefile by symbolic link (#1823767)
52b84b
- test: add paths of keymaps in install_keymaps() (#1823767)
52b84b
- test: make install_keymaps() optionally install more keymaps (#1823767)
52b84b
- test-fs-util: skip some tests when running in unprivileged container (#1823767)
52b84b
- test-process-util: skip several verifications when running in unprivileged container (#1823767)
52b84b
- test-execute: also check python3 is installed or not (#1823767)
52b84b
- test-execute: skip several tests when running in container (#1823767)
52b84b
- test: introduce test_is_running_from_builddir() (#1823767)
52b84b
- test: make test-catalog relocatable (#1823767)
52b84b
- test: parallelize tasks in TEST-24-UNIT-TESTS (#1823767)
52b84b
- test: try to determine QEMU_SMP dynamically (#1823767)
52b84b
- test: store coredumps in journal (#1823767)
52b84b
- pid1: add new kernel cmdline arg systemd.cpu_affinity= (#1812894)
52b84b
- udev-rules: make tape-changers also apprear in /dev/tape/by-path/ (#1820112)
52b84b
- man: be clearer that .timer time expressions need to be reset to override them (#1816908)
52b84b
- Add support for opening files for appending (#1809175)
52b84b
- nspawn: move payload to sub-cgroup first, then sync cgroup trees (#1837094)
52b84b
- core: move unit_status_emit_starting_stopping_reloading() and related calls to job.c (#1737283)
52b84b
- job: when a job was skipped due to a failed condition, log about it (#1737283)
52b84b
- core: split out all logic that updates a Job on a unit's unit_notify() invocation (#1737283)
52b84b
- core: make log messages about units entering a 'failed' state recognizable (#1737283)
52b84b
- core: log a recognizable message when a unit succeeds, too (#1737283)
52b84b
- tests: always use the right vtable wrapper calls (#1737283)
52b84b
- test-execute: allow filtering test cases by pattern (#1737283)
52b84b
- test-execute: provide custom failure message (#1737283)
52b84b
- core: ExecCondition= for services (#1737283)
52b84b
- Drop support for lz4 < 1.3.0 (#1843871)
52b84b
- test-compress: add test for short decompress_startswith calls (#1843871)
52b84b
- journal: adapt for new improved LZ4_decompress_safe_partial() (#1843871)
52b84b
- fuzz-compress: add fuzzer for compression and decompression (#1843871)
52b84b
- seccomp: fix __NR__sysctl usage (#1843871)
b9a53a
b9a53a
* Fri Feb 21 2020 systemd maintenance team <systemd-maint@redhat.com> - 239-27
b9a53a
- cgroup: introduce support for cgroup v2 CPUSET controller (#1724617)
b9a53a
b9a53a
* Wed Feb 19 2020 systemd maintenance team <systemd-maint@redhat.com> - 239-26
b9a53a
- seccomp: introduce seccomp_restrict_suid_sgid() for blocking chmod() for suid/sgid files (#1687512)
b9a53a
- test: add test case for restrict_suid_sgid() (#1687512)
b9a53a
- core: expose SUID/SGID restriction as new unit setting RestrictSUIDSGID= (#1687512)
b9a53a
- analyze: check for RestrictSUIDSGID= in "systemd-analyze security" (#1687512)
b9a53a
- man: document the new RestrictSUIDSGID= setting (#1687512)
b9a53a
- units: turn on RestrictSUIDSGID= in most of our long-running daemons (#1687512)
b9a53a
- core: imply NNP and SUID/SGID restriction for DynamicUser=yes service (#1687512)
b9a53a
b9a53a
* Mon Feb 17 2020 systemd maintenance team <systemd-maint@redhat.com> - 239-25
4b8c80
- sd-bus: use "queue" message references for managing r/w message queues in connection objects (CVE-2020-1712)
b9a53a
- pid1: make sure to restore correct default values for some rlimits (#1789930)
b9a53a
- main: introduce a define HIGH_RLIMIT_MEMLOCK similar to HIGH_RLIMIT_NOFILE (#1789930)
b9a53a
b9a53a
* Thu Feb 13 2020 systemd maintenance team <systemd-maint@redhat.com> - 239-24
b9a53a
- rules: reintroduce 60-alias-kmsg.rules (#1739353)
b9a53a
- sd-bus: make rqueue/wqueue sizes of type size_t (CVE-2020-1712)
b9a53a
- sd-bus: reorder bus ref and bus message ref handling (CVE-2020-1712)
b9a53a
- sd-bus: make sure dispatch_rqueue() initializes return parameter on all types of success (CVE-2020-1712)
b9a53a
- sd-bus: drop two inappropriate empty lines (CVE-2020-1712)
b9a53a
- sd-bus: initialize mutex after we allocated the wqueue (CVE-2020-1712)
b9a53a
- sd-bus: always go through sd_bus_unref() to free messages (CVE-2020-1712)
b9a53a
- bus-message: introduce two kinds of references to bus messages (CVE-2020-1712)
b9a53a
- sd-bus: introduce API for re-enqueuing incoming messages (CVE-2020-1712)
b9a53a
- sd-event: add sd_event_source_disable_unref() helper (CVE-2020-1712)
b9a53a
- polkit: when authorizing via PK let's re-resolve callback/userdata instead of caching it (CVE-2020-1712)
b9a53a
- sysctl: let's by default increase the numeric PID range from 2^16 to 2^22 (#1744214)
b9a53a
- journal: do not trigger assertion when journal_file_close() get NULL (#1788085)
b9a53a
- journal: use cleanup attribute at one more place (#1788085)
b9a53a
b9a53a
* Mon Jan 13 2020 systemd maintenance team <systemd-maint@redhat.com> - 239-23
b9a53a
- catalog: fix name of variable (#1677768)
b9a53a
- cryptsetup: add keyfile-timeout to allow a keydev timeout and allow to fallback to a password if it fails. (#1763155)
b9a53a
- cryptsetup: add documentation for keyfile-timeout (#1763155)
b9a53a
- cryptsetup: use unabbrieviated variable names (#1763155)
b9a53a
- cryptsetup: don't assert on variable which is optional (#1763155)
b9a53a
- cryptsetup-generator: guess whether the keyfile argument is two items or one (#1763155)
b9a53a
- crypt-util: Translate libcryptsetup log level instead of using log_debug() (#1776408)
b9a53a
- cryptsetup: add some commenting about EAGAIN generation (#1776408)
b9a53a
- cryptsetup: downgrade a log message we ignore (#1776408)
b9a53a
- cryptsetup: rework how we log about activation failures (#1776408)
b9a53a
b9a53a
* Tue Dec 17 2019 systemd maintenance team <systemd-maint@redhat.com> - 239-22
b9a53a
- spec: don't ship /var/log/README
b9a53a
- spec: provide systemd-rpm-macros
b9a53a
b9a53a
* Mon Dec 09 2019 systemd maintenance team <systemd-maint@redhat.com> - 239-21
b9a53a
- test-cpu-set-util: fix comparison for allocation size (#1734787)
b9a53a
- test-cpu-set-util: fix allocation size check on i386 (#1734787)
b9a53a
b9a53a
* Mon Dec 09 2019 systemd maintenance team <systemd-maint@redhat.com> - 239-20
b9a53a
- journal: rely on _cleanup_free_ to free a temporary string used in client_context_read_cgroup (#1764560)
b9a53a
- basic/user-util: allow dots in user names (#1717603)
b9a53a
- sd-bus: bump message queue size again (#1770189)
b9a53a
- tests: put fuzz_journald_processing_function in a .c file (#1764560)
b9a53a
- tests: add a fuzzer for dev_kmsg_record (#1764560)
b9a53a
- basic: remove an assertion from cunescape_one (#1764560)
b9a53a
- journal: fix an off-by-one error in dev_kmsg_record (#1764560)
b9a53a
- tests: add a reproducer for a memory leak fixed in 30eddcd51b8a472e05d3b8d1 in August (#1764560)
b9a53a
- tests: add a reproducer for a heap-buffer-overflow fixed in 937b1171378bc1000a (#1764560)
b9a53a
- test: initialize syslog_fd in fuzz-journald-kmsg too (#1764560)
b9a53a
- tests: add a fuzzer for process_audit_string (#1764560)
b9a53a
- journald: check whether sscanf has changed the value corresponding to %n (#1764560)
b9a53a
- tests: introduce dummy_server_init and use it in all journald fuzzers (#1764560)
b9a53a
- tests: add a fuzzer for journald streams (#1764560)
b9a53a
- tests: add a fuzzer for server_process_native_file (#1764560)
b9a53a
- fuzz-journal-stream: avoid assertion failure on samples which don't fit in pipe (#1764560)
b9a53a
- journald: take leading spaces into account in syslog_parse_identifier (#1764560)
b9a53a
- Add a warning about the difference in permissions between existing directories and unit settings. (#1778384)
b9a53a
- execute: remove one redundant comparison check (#1778384)
b9a53a
- core: change ownership/mode of the execution directories also for static users (#1778384)
b9a53a
- core/dbus-execute: remove unnecessary initialization (#1734787)
b9a53a
- shared/cpu-set-util: move the part to print cpu-set into a separate function (#1734787)
b9a53a
- shared/cpu-set-util: remove now-unused CPU_SIZE_TO_NUM() (#1734787)
b9a53a
- Rework cpu affinity parsing (#1734787)
b9a53a
- Move cpus_in_affinity_mask() to cpu-set-util.[ch] (#1734787)
b9a53a
- test-cpu-set-util: add simple test for cpus_in_affinity_mask() (#1734787)
b9a53a
- test-cpu-set-util: add a smoke test for test_parse_cpu_set_extend() (#1734787)
b9a53a
- pid1: parse CPUAffinity= in incremental fashion (#1734787)
b9a53a
- pid1: don't reset setting from /proc/cmdline upon restart (#1734787)
b9a53a
- pid1: when reloading configuration, forget old settings (#1734787)
b9a53a
- test-execute: use CPUSet too (#1734787)
b9a53a
- shared/cpu-set-util: drop now-unused cleanup function (#1734787)
b9a53a
- shared/cpu-set-util: make transfer of cpu_set_t over bus endian safe (#1734787)
b9a53a
- test-cpu-set-util: add test for dbus conversions (#1734787)
b9a53a
- shared/cpu-set-util: introduce cpu_set_to_range() (#1734787)
b9a53a
- systemctl: present CPUAffinity mask as a list of CPU index ranges (#1734787)
b9a53a
- shared/cpu-set-util: only force range printing one time (#1734787)
b9a53a
- execute: dump CPUAffinity as a range string instead of a list of CPUs (#1734787)
b9a53a
- cpu-set-util: use %d-%d format in  cpu_set_to_range_string() only for actual ranges (#1734787)
b9a53a
- core: introduce NUMAPolicy and NUMAMask options (#1734787)
b9a53a
- core: disable CPUAccounting by default (#1734787)
b9a53a
- set kptr_restrict=1 (#1689346)
b9a53a
- cryptsetup: reduce the chance that we will be OOM killed (#1696602)
b9a53a
- core, job: fix breakage of ordering dependencies by systemctl reload command (#1766417)
b9a53a
- debug-generator: enable custom systemd.debug_shell tty (#1723722)
b9a53a
b9a53a
* Thu Oct 24 2019 Lukas Nykryn <lnykryn@redhat.com> - 239-19
b9a53a
- core: never propagate reload failure to service result (#1735787)
b9a53a
- man: document systemd-analyze security (#1750343)
b9a53a
- man: reorder and add examples to systemd-analyze(1) (#1750343)
b9a53a
- travis: move to CentOS 8 docker images (#1761519)
b9a53a
- travis: drop SCL remains (#1761519)
b9a53a
- syslog: fix segfault in syslog_parse_priority() (#1761519)
b9a53a
- sd-bus: make strict asan shut up (#1761519)
b9a53a
- travis: don't run slow tests under ASan/UBSan (#1761519)
b9a53a
- kernel-install: do not require non-empty kernel cmdline (#1701454)
b9a53a
- ask-password: prevent buffer overrow when reading from keyring (#1752050)
b9a53a
- core: try to reopen /dev/kmsg again right after mounting /dev (#1749212)
b9a53a
- buildsys: don't garbage collect sections while linking (#1748258)
b9a53a
- udev: introduce CONST key name (#1762679)
b9a53a
- Call getgroups() to know size of supplementary groups array to allocate (#1743230256 KB
b9a53a
#1743235)
b9a53a
- Consider smb3 as remote filesystem (#1757257)
b9a53a
- process-util: introduce pid_is_my_child() helper (#1744972)
b9a53a
- core: reduce the number of stalled PIDs from the watched processes list when possible (#1744972)
b9a53a
- core: only watch processes when it's really necessary (#1744972)
b9a53a
- core: implement per unit journal rate limiting (#1719577)
b9a53a
- path: stop watching path specs once we triggered the target unit (#1763161)
b9a53a
- journald: fixed assertion failure when system journal rotation fails (#9893) (#1763619)
b9a53a
- test: use PBKDF2 instead of Argon2 in cryptsetup... (#1761519)
b9a53a
- test: mask several unnecessary services (#1761519)
b9a53a
- test: bump the second partition's size to 50M (#1761519)
b9a53a
- shared/sleep-config: exclude zram devices from hibernation candidates (#1763617)
b9a53a
- selinux: don't log SELINUX_INFO and SELINUX_WARNING messages to audit (#1763612)
b9a53a
- sd-device: introduce log_device_*() macros (#1753369)
b9a53a
- udev: Add id program and rule for FIDO security tokens (#1753369)
b9a53a
- shared/but-util: drop trusted annotation from bus_open_system_watch_bind_with_description() (#1746857)
b9a53a
- sd-bus: adjust indentation of comments (#1746857)
b9a53a
- resolved: do not run loop twice (#1746857)
b9a53a
- resolved: allow access to Set*Link and Revert methods through polkit (#1746857)
b9a53a
- resolved: query polkit only after parsing the data (#1746857)
ae80ad
4bff0a
* Fri Aug 30 2019 Lukas Nykryn <lnykryn@redhat.com> - 239-18
4bff0a
- shared/but-util: drop trusted annotation from bus_open_system_watch_bind_with_description() (#1746857)
4bff0a
- sd-bus: adjust indentation of comments (#1746857)
4bff0a
- resolved: do not run loop twice (#1746857)
4bff0a
- resolved: allow access to Set*Link and Revert methods through polkit (#1746857)
4bff0a
- resolved: query polkit only after parsing the data (#1746857)
4bff0a
4bff0a
* Wed Aug 07 2019 Lukas Nykryn <lnykryn@redhat.com> - 239-17
4bff0a
- mount: simplify /proc/self/mountinfo handler (#1696178)
4bff0a
- mount: rescan /proc/self/mountinfo before processing waitid() results (#1696178)
4bff0a
- swap: scan /proc/swaps before processing waitid() results (#1696178)
4bff0a
- analyze-security: fix potential division by zero (#1734400)
4bff0a
4bff0a
* Fri Jul 26 2019 Lukas Nykryn <lnykryn@redhat.com> - 239-16
4bff0a
- sd-bus: deal with cookie overruns (#1694999)
4bff0a
- journal-remote: do not request Content-Length if Transfer-Encoding is chunked (#1708849)
4bff0a
- journal: do not remove multiple spaces after identifier in syslog message (#1691817)
4bff0a
- cryptsetup: Do not fallback to PLAIN mapping if LUKS data device set fails. (#1719153)
4bff0a
- cryptsetup: call crypt_load() for LUKS only once (#1719153)
4bff0a
- cryptsetup: Add LUKS2 token support. (#1719153)
4bff0a
- udev/scsi_id: fix incorrect page length when get device identification VPD page (#1713227)
4bff0a
- Change job mode of manager triggered restarts to JOB_REPLACE (#11456
4bff0a
#1712524)
4bff0a
- bash-completion: analyze: support 'security' (#1733395)
4bff0a
- man: note that journal does not validate syslog fields (#1707175)
4bff0a
- rules: skip memory hotplug on ppc64 (#1713159)
4bff0a
4bff0a
* Thu May 23 2019 Lukas Nykryn <lnykryn@redhat.com> - 239-15
4bff0a
- tree-wide: shorten error logging a bit (#1697893)
4bff0a
- nspawn: simplify machine terminate bus call (#1697893)
4bff0a
- nspawn: merge two variable declaration lines (#1697893)
4bff0a
- nspawn: rework how we allocate/kill scopes (#1697893)
4bff0a
- unit: enqueue cgroup empty check event if the last ref on a unit is dropped (#1697893)
4bff0a
- Revert "journal: remove journal audit socket" (#1699287)
4bff0a
- journal: don't enable systemd-journald-audit.socket by default (#1699287)
4bff0a
- logs-show: use grey color for de-emphasizing journal log output (#1695601)
4bff0a
- units: add [Install] section to tmp.mount (#1667065)
4bff0a
- nss: do not modify errno when NSS_STATUS_NOTFOUND or NSS_STATUS_SUCCESS (#1691691)
4bff0a
- util.h: add new UNPROTECT_ERRNO macro (#1691691)
4bff0a
- nss: unportect errno before writing to NSS' *errnop (#1691691)
4bff0a
- seccomp: reduce logging about failure to add syscall to seccomp (#1658691)
4bff0a
- format-table: when duplicating a cell, also copy the color (#1689832)
4bff0a
- format-table: optionally make specific cells clickable links (#1689832)
4bff0a
- format-table: before outputting a color, check if colors are available (#1689832)
4bff0a
- format-table: add option to store/format percent and uint64_t values in cells (#1689832)
4bff0a
- format-table: optionally allow reversing the sort order for a column (#1689832)
4bff0a
- format-table: add table_update() to update existing entries (#1689832)
4bff0a
- format-table: add an API for getting the cell at a specific row/column (#1689832)
4bff0a
- format-table: always underline header line (#1689832)
4bff0a
- format-table: add calls to query the data in a specific cell (#1689832)
4bff0a
- format-table: make sure we never call memcmp() with NULL parameters (#1689832)
4bff0a
- format-table: use right field for display (#1689832)
4bff0a
- format-table: add option to uppercase cells on display (#1689832)
4bff0a
- format-table: never try to reuse cells that have color/url/uppercase set (#1689832)
4bff0a
- locale-util: add logic to output smiley emojis at various happiness levels (#1689832)
4bff0a
- analyze: add new security verb (#1689832)
4bff0a
- tests: add a rudimentary fuzzer for server_process_syslog_message (#9979) (#1696224)
4bff0a
- journald: make it clear that dev_kmsg_record modifies the string passed to it (#1696224)
4bff0a
- journald: free the allocated memory before returning from dev_kmsg_record (#1696224)
4bff0a
- tests: rework the code fuzzing journald (#1696224)
4bff0a
- journald: make server_process_native_message compatible with fuzz_journald_processing_function (#1696224)
4bff0a
- tests: add a fuzzer for server_process_native_message (#1696224)
4bff0a
- tests: add a fuzzer for sd-ndisc (#1696224)
4bff0a
- ndisc: fix two infinite loops (#1696224)
4bff0a
- tests: add reproducers for several issues uncovered with fuzz-journald-syslog (#1696224)
4bff0a
- tests: add a reproducer for an infinite loop in ndisc_handle_datagram (#1696224)
4bff0a
- tests: add a reproducer for another infinite loop in ndisc_handle_datagram (#1696224)
4bff0a
- fuzz: rename "fuzz-corpus" directory to just "fuzz" (#1696224)
4bff0a
- test: add testcase for issue 10007 by oss-fuzz (#1696224)
4bff0a
- fuzz: unify the "fuzz-regressions" directory with the main corpus (#1696224)
4bff0a
- test-bus-marshal: use cescaping instead of hexmem (#1696224)
4bff0a
- meson: add -Dlog-trace to set LOG_TRACE (#1696224)
4bff0a
- meson: allow building resolved and machined without nss modules (#1696224)
4bff0a
- meson: drop duplicated condition (#1696224)
4bff0a
- meson: use .source_root() in more places (#1696224)
4bff0a
- meson: treat all fuzz cases as unit tests (#1696224)
4bff0a
- fuzz-bus-message: add fuzzer for message parsing (#1696224)
4bff0a
- bus-message: use structured initialization to avoid use of unitialized memory (#1696224)
4bff0a
- bus-message: avoid an infinite loop on empty structures (#1696224)
4bff0a
- bus-message: let's always use -EBADMSG when the message is bad (#1696224)
4bff0a
- bus-message: rename function for clarity (#1696224)
4bff0a
- bus-message: use define (#1696224)
4bff0a
- bus: do not print (null) if the message has unknown type (#1696224)
4bff0a
- bus-message: fix calculation of offsets table (#1696224)
4bff0a
- bus-message: remove duplicate assignment (#1696224)
4bff0a
- bus-message: fix calculation of offsets table for arrays (#1696224)
4bff0a
- bus-message: drop asserts in functions which are wrappers for varargs version (#1696224)
4bff0a
- bus-message: output debug information about offset troubles (#1696224)
4bff0a
- bus-message: fix skipping of array fields in !gvariant messages (#1696224)
4bff0a
- bus-message: also properly copy struct signature when skipping (#1696224)
4bff0a
- fuzz-bus-message: add two test cases that pass now (#1696224)
4bff0a
- bus-message: return -EBADMSG not -EINVAL on invalid !gvariant messages (#1696224)
4bff0a
- bus-message: avoid wrap-around when using length read from message (#1696224)
4bff0a
- util: do not use stack frame for parsing arbitrary inputs (#1696224)
4bff0a
- travis: enable ASan and UBSan on RHEL8 (#1683319)
4bff0a
- tests: keep SYS_PTRACE when running under ASan (#1683319)
4bff0a
- tree-wide: various ubsan zero size memory fixes (#1683319)
4bff0a
- util: introduce memcmp_safe() (#1683319)
4bff0a
- test-socket-util: avoid "memleak" reported by valgrind (#1683319)
4bff0a
- sd-journal: escape binary data in match_make_string() (#1683319)
4bff0a
- capability: introduce CAP_TO_MASK_CORRECTED() macro replacing CAP_TO_MASK() (#1683319)
4bff0a
- sd-bus: use size_t when dealing with memory offsets (#1683319)
4bff0a
- sd-bus: call cap_last_cap() only once in has_cap() (#1683319)
4bff0a
- mount-point: honour AT_SYMLINK_FOLLOW correctly (#1683319)
4bff0a
- travis: switch from trusty to xenial (#1683319)
4bff0a
- test-socket-util: Add tests for receive_fd_iov() and friends. (#1683319)
4bff0a
- socket-util: Introduce send_one_fd_iov() and receive_one_fd_iov() (#1683319)
4bff0a
- core: swap order of "n_storage_fds" and "n_socket_fds" parameters (#1683334)
4bff0a
- execute: use our usual syntax for defining bit masks (#1683334)
4bff0a
- core: introduce new Type=exec service type (#1683334)
4bff0a
- man: document the new Type=exec type (#1683334)
4bff0a
- sd-bus: allow connecting to the pseudo-container ".host" (#1683334)
4bff0a
- sd-login: let's also make sd-login understand ".host" (#1683334)
4bff0a
- test: add test for Type=exec (#1683334)
4bff0a
- journal-gateway: explicitly declare local variables (#1705971)
4bff0a
- tools: drop unused variable (#1705971)
4bff0a
- journal-gateway: use localStorage["cursor"] only when it has valid value (#1705971)
4bff0a
4bff0a
* Tue Apr 30 2019 Lukas Nykryn <lnykryn@redhat.com> - 239-14
4bff0a
- rules: implement new memory hotplug policy (#1670728)
4bff0a
- rules: add the rule that adds elevator= kernel command line parameter (#1670126)
4bff0a
- bus-socket: Fix line_begins() to accept word matching full string (#1692991)
563e3e
- Refuse dbus message paths longer than BUS_PATH_SIZE_MAX limit. (#1678641)
563e3e
- Allocate temporary strings to hold dbus paths on the heap (#1678641)
563e3e
- sd-bus: if we receive an invalid dbus message, ignore and proceeed (#1678641)
4bff0a
- Revert "core: one step back again, for nspawn we actually can't wait for cgroups running empty since systemd will get exactly zero notifications about it" (#1703485)
563e3e
36e8a3
* Tue Feb 26 2019 Lukas Nykryn <lnykryn@redhat.com> - 239-13
36e8a3
- rules: add the rule that adds elevator= kernel command line parameter (#1670126)
36e8a3
36e8a3
* Fri Feb 15 2019 Lukas Nykryn <lnykryn@redhat.com> - 239-12
36e8a3
- core: when deserializing state always use read_line(…, LONG_LINE_MAX, …) (CVE-2018-15686)
36e8a3
- coredump: remove duplicate MESSAGE= prefix from message (#1664976)
36e8a3
- journald: remove unnecessary {} (#1664976)
36e8a3
- journald: do not store the iovec entry for process commandline on stack (#1664976)
36e8a3
- basic/process-util: limit command line lengths to _SC_ARG_MAX (#1664976)
36e8a3
- coredump: fix message when we fail to save a journald coredump (#1664976)
36e8a3
- procfs-util: expose functionality to query total memory (#1664976)
36e8a3
- basic/prioq: add prioq_peek_item() (#1664976)
36e8a3
- journal: limit the number of entries in the cache based on available memory (#1664976)
36e8a3
- journald: periodically drop cache for all dead PIDs (#1664976)
36e8a3
- process-util: don't use overly large buffer to store process command line (#1664976)
36e8a3
- Revert "sysctl.d: switch net.ipv4.conf.all.rp_filter from 1 to 2" (#1653824)
36e8a3
- journal: fix syslog_parse_identifier() (#1664978)
36e8a3
- journald: set a limit on the number of fields (1k) (#1664977)
36e8a3
- journald: when processing a native message, bail more quickly on overbig messages (#1664977)
36e8a3
- journald: lower the maximum entry size limit to ½ for non-sealed fds (#1664977)
36e8a3
- µhttpd: use a cleanup function to call MHD_destroy_response (#1664977)
36e8a3
- journal-remote: verify entry length from header (#1664977)
36e8a3
- journal-remote: set a limit on the number of fields in a message (#1664977)
36e8a3
- journald: correctly attribute log messages also with cgroupsv1 (#1658115)
36e8a3
- rules: add elevator= kernel command line parameter (#1670126)
36e8a3
36e8a3
* Mon Jan 14 2019 Lukas Nykryn <lnykryn@redhat.com> - 239-11
36e8a3
- unit: don't add Requires for tmp.mount (#1619292)
36e8a3
- remove bootchart dependency (#1660119)
36e8a3
36e8a3
* Wed Dec 12 2018 Lukas Nykryn <lnykryn@redhat.com> - 239-10
36e8a3
- cryptsetup-generator: introduce basic keydev support (#1656869)
36e8a3
- cryptsetup: don't use %m if there's no error to show (#1656869)
36e8a3
- cryptsetup-generator: don't return error if target directory already exists (#1656869)
36e8a3
- cryptsetup-generator: allow whitespace characters in keydev specification (#1656869)
36e8a3
- rules: watch metadata changes on DASD devices (#1638676)
36e8a3
- sysctl.d: switch net.ipv4.conf.all.rp_filter from 1 to 2 (#1653824)
36e8a3
36e8a3
* Thu Dec 06 2018 Lukas Nykryn <lnykryn@redhat.com> - 239-9
36e8a3
- dissect-image: use right comparison function (#1602706)
36e8a3
- login: avoid leak of name returned by uid_to_name() (#1602706)
36e8a3
- firewall-util: add an assert that we're not overwriting a buffer (#1602706)
36e8a3
- journal-file: avoid calling ftruncate with invalid fd (#1602706)
36e8a3
- dhcp6: make sure we have enough space for the DHCP6 option header (#1643363)
36e8a3
- core: rename queued_message → pending_reload_message (#1647359)
36e8a3
- core: when we can't send the pending reload message, say we ignore it in the warning we log (#1647359)
36e8a3
- core: make sure we don't throttle change signal generator when a reload is pending (#1647359)
36e8a3
- proc-cmdline: introduce PROC_CMDLINE_RD_STRICT (#1643429)
36e8a3
- debug-generator: introduce rd.* version of all options (#1643429)
36e8a3
- chown-recursive: let's rework the recursive logic to use O_PATH (#1643368)
36e8a3
- chown-recursive: also drop ACLs when recursively chown()ing (#1643368)
36e8a3
- chown-recursive: TAKE_FD() is your friend (#1643368)
36e8a3
- test: add test case for recursive chown()ing (#1643368)
36e8a3
- Revert "sysctl.d: request ECN on both in and outgoing connections" (#1619790)
36e8a3
- detect-virt: do not try to read all of /proc/cpuinfo (#1631532)
36e8a3
- sd-bus: unify three code-paths which free struct bus_container (#1635435)
36e8a3
- sd-bus: properly initialize containers (#1635435)
36e8a3
36e8a3
* Tue Oct 16 2018 Lukas Nykryn <lnykryn@redhat.com> - 239-8
36e8a3
- revert sd-bus: unify three code-paths which free struct bus_container (#1635435)
36e8a3
36e8a3
* Fri Oct 12 2018 Michal Sekletár <msekleta@redhat.com> - 239-7
36e8a3
- change default cgroup hierarchy to "legacy" (#1638650)
36e8a3
- we never added mymachines module to passwd: or group: in RHEL8, hence don't try to remove it (#1638450)
36e8a3
- bump minimal size of random pool to 1024 bytes (#1619268)
36e8a3
- install RHEL-7 compatible rc.local (#1625209)
36e8a3
- backport support for sector-size crypttab option (#1572563)
36e8a3
- units: don't enable per-service IP firewall by default (#1630219)
36e8a3
- sd-bus: unify three code-paths which free struct bus_container (#1635435)
36e8a3
- bus-message: do not crash on message with a string of zero length (#1635439)
36e8a3
- bus-message: stack based buffer overflow in free_and_strdup (#1635428)
36e8a3
- journal: change support URL shown in the catalog entries (#1550548)
36e8a3
36e8a3
* Mon Sep 10 2018 Michal Sekletár <msekleta@redhat.com> - 239-6
36e8a3
- move /etc/yum/protected.d/systemd.conf to /etc/dnf/ (#1626973)
36e8a3
36e8a3
* Fri Sep 07 2018 Josh Boyer <jwboyer@redhat.com> - 239-5
36e8a3
- Fix file conflict between yum and systemd (#1626682)
36e8a3
36e8a3
* Tue Aug 14 2018 Michal Sekletár <msekleta@redhat.com> - 239-4
36e8a3
- drop the patch for delayed loading of config in net_setup_link and set NAME in prefixdevname udev rules (#1614681)
36e8a3
- bus: move BUS_DONT_DESTROY calls after asserts (#1610397)
36e8a3
36e8a3
* Fri Aug 10 2018 Michal Sekletár <msekleta@redhat.com> - 239-3
36e8a3
- net_setup_link: delay loading configuration, just before we apply it (#1614681)
36e8a3
36e8a3
* Thu Aug 09 2018 Michal Sekletár <msekleta@redhat.com> - 239-2
36e8a3
- 20-grubby.install: populate symvers.gz file (#1609698)
36e8a3
- net_setup_link: allow renaming interfaces that were renamed already
36e8a3
- units: drop DynamicUser=yes from systemd-resolved.service
36e8a3
- journal: remove journal audit socket
36e8a3
36e8a3
* Wed Aug 01 2018 Michal Sekletár <msekleta@redhat.com> - 239-1
36e8a3
- rebase to systemd-239
36e8a3
- Override systemd-user PAM config in install and not prep (patch by Filipe Brandenburger <filbranden@google.com>)
36e8a3
- use %%autosetup -S git_am to apply patches
36e8a3
- revert upstream default for RemoveIPC (#1523233)
36e8a3
- bump DefaultTasksMax to 80% of kernel default (#1523236)
36e8a3
- avoid /tmp being mounted as tmpfs without the user's will (#1578772)
36e8a3
- bump maximum number of processes in user slice to 80% of pid.max (#1523236)
36e8a3
- forwardport downstream-only udev rules from RHEL-7 (#1523227)
36e8a3
- don't ship systemd-networkd
36e8a3
- don't ship systemd-timesyncd
36e8a3
- add back support for WAIT_FOR to udev rules (#1523213)
36e8a3
36e8a3
* Wed May 16 2018 Jan Synáček <jsynacek@redhat.com> - 238-8
36e8a3
- do not mount /tmp as tmpfs (#1578772)
36e8a3
36e8a3
* Tue May 15 2018 Jan Synáček <jsynacek@redhat.com> - 238-7
36e8a3
- fix compilation (#1578318)
36e8a3
36e8a3
* Fri Apr 27 2018 Michal Sekletar <msekleta@redhat.com> - 238-6
36e8a3
- forwardport downstream-only udev rules from RHEL-7 (#1523227)
36e8a3
- set RemoveIPC=no by default (#1523233)
36e8a3
36e8a3
* Thu Apr 12 2018 Michal Sekletar <msekleta@redhat.com> - 238-5
36e8a3
- also drop qrencode-devel from BuildRequires as it is no longer needed (#1566158)
36e8a3
36e8a3
* Wed Apr 11 2018 Michal Sekletar <msekleta@redhat.com> - 238-4
36e8a3
- disable support for qrencode (#1566158)
36e8a3
- bump default journal rate limit to 10000 messages per 30s (#1563729)
36e8a3
- fix unit reloads (#1560549)
36e8a3
- don't create /var/log/journal during package installation (#1523188)
36e8a3
36e8a3
* Fri Mar 09 2018 Troy Dawson <tdawson@redhat.com> - 238-3.1
36e8a3
- Rebuild with cryptsetup-2
36e8a3
36e8a3
* Wed Mar  7 2018 Zbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl> - 238-3
36e8a3
- Revert the patches for GRUB BootLoaderSpec support
36e8a3
- Add patch for /etc/machine-id creation (#1552843)
36e8a3
36e8a3
* Tue Mar  6 2018 Yu Watanabe <watanabe.yu@gmail.com> - 238-2
36e8a3
- Fix transfiletrigger script (#1551793)
36e8a3
36e8a3
* Mon Mar  5 2018 Zbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl> - 238-1
36e8a3
- Update to latest version
36e8a3
- This fixes a hard-to-trigger potential vulnerability (CVE-2018-6954)
36e8a3
- New transfiletriggers are installed for udev hwdb and rules, the journal
36e8a3
  catalog, sysctl.d, binfmt.d, sysusers.d, tmpfiles.d.
36e8a3
36e8a3
* Tue Feb 27 2018 Javier Martinez Canillas <javierm@redhat.com> - 237-7.git84c8da5
36e8a3
- Add patch to install kernel images for GRUB BootLoaderSpec support
36e8a3
36e8a3
* Sat Feb 24 2018 Zbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl> - 237-6.git84c8da5
36e8a3
- Create /etc/systemd in %%post libs if necessary (#1548607)
36e8a3
36e8a3
* Fri Feb 23 2018 Adam Williamson <awilliam@redhat.com> - 237-5.git84c8da5
36e8a3
- Use : not touch to create file in -libs %%post
36e8a3
36e8a3
* Thu Feb 22 2018 Patrick Uiterwijk <patrick@puiterwijk.org> - 237-4.git84c8da5
36e8a3
- Add coreutils dep for systemd-libs %%post
36e8a3
- Add patch to typecast USB IDs to avoid compile failure
36e8a3
36e8a3
* Wed Feb 21 2018 Zbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl> - 237-3.git84c8da5
36e8a3
- Update some patches for test skipping that were updated upstream
36e8a3
  before merging
36e8a3
- Add /usr/lib/systemd/purge-nobody-user — a script to check if nobody is defined
36e8a3
  correctly and possibly replace existing mappings
36e8a3
36e8a3
* Tue Feb 20 2018 Zbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl> - 237-2.gitdff4849
36e8a3
- Backport a bunch of patches, most notably for the journal and various
36e8a3
  memory issues. Some minor build fixes.
36e8a3
- Switch to new ldconfig macros that do nothing in F28+
36e8a3
- /etc/systemd/dont-synthesize-nobody is created in %%post if nfsnobody
36e8a3</