#global commit 1781de18ab8ebc3e42a607851d8effb3b0355c87 %{?commit:%global shortcommit %(c=%{commit}; echo ${c:0:7})} # We ship a .pc file but don't want to have a dep on pkg-config. We # strip the automatically generated dep here and instead co-own the # directory. %global __requires_exclude pkg-config %global pkgdir %{_prefix}/lib/systemd %global system_unit_dir %{pkgdir}/system %global user_unit_dir %{pkgdir}/user %if 0%{?__isa_bits} == 64 %global elf_bits (64bit) %global elf_suffix ()%{elf_bits} %endif %bcond bzip2 1 %bcond gnutls 1 %bcond lz4 1 %bcond xz 1 %bcond zlib 1 %bcond zstd 1 # Bootstrap may be needed to break circular dependencies with cryptsetup, # e.g. when re-building cryptsetup on a json-c SONAME-bump. %bcond bootstrap 0 %bcond tests 1 %bcond lto 1 %bcond docs 1 # Build from git main %bcond upstream 0 # When bootstrap, libcryptsetup is disabled # but auto-features causes many options to be turned on # that depend on libcryptsetup (e.g. libcryptsetup-plugins) %if %{with bootstrap} %global __meson_auto_features disabled %endif # Override %%autorelease. This is ugly, but rpmautospec doesn't implement # autorelease correctly if the macro is conditionalized in the Release field. %{?release_override:%global autorelease %{release_override}%{?dist}} Name: systemd Url: https://systemd.io # Allow users to specify the version and release when building the rpm by # setting the %%version_override and %%release_override macros. Version: 257.2 Release: 2.20250106094757892497.pr49.1.g474bc5814b%{?dist} %global stable %(c="%version"; [ "$c" = "${c#*.*}" ]; echo $?) # For a breakdown of the licensing, see README License: LGPL-2.1-or-later AND MIT AND GPL-2.0-or-later Summary: System and Service Manager # download tarballs with "spectool -g systemd.spec" %if %{defined commit} Source0: systemd-257.2.tar.gz %else Source0: https://github.com/systemd/systemd/archive/v%{version_no_tilde}/%{name}-%{version_no_tilde}.tar.gz %endif # This file must be available before %%prep. # It is generated during systemd build and can be found in build/src/core/. Source1: triggers.systemd Source2: split-files.py Source3: purge-nobody-user Source4: test_sysusers_defined.py # Prevent accidental removal of the systemd package Source5: yum-protect-systemd.conf Source6: inittab Source7: sysctl.conf.README Source8: systemd-journal-remote.xml Source9: systemd-journal-gatewayd.xml Source10: 20-yama-ptrace.conf Source11: systemd-udev-trigger-no-reload.conf # https://fedoraproject.org/wiki/How_to_filter_libabigail_reports Source13: .abignore Source14: 10-oomd-defaults.conf Source15: 10-oomd-per-slice-defaults.conf Source17: 10-map-count.conf Source21: macros.sysusers Source22: sysusers.attr Source23: sysusers.prov Source24: sysusers.generate-pre.sh Source25: 98-default-mac-none.link Source26: rc.local Source27: systemd-resolved.sysusers %if 0 GIT_DIR=../../src/systemd/.git git format-patch-ab --no-signature -M -N v235..v235-stable i=1; for j in 00*patch; do printf "Patch%04d: %s\n" $i $j; i=$((i+1));done|xclip GIT_DIR=../../src/systemd/.git git diffab -M v233..master@{2017-06-15} -- hwdb/[67]* hwdb/parse_hwdb.py >hwdb.patch %endif # Backports of patches from upstream (0000–0499) # # Any patches which are "in preparation" upstream should be listed here, rather # than in the next section. Packit CI will drop any patches in this range before # applying upstream pull requests. # RHEL-specific # Downstream-only patches (9000–9999) %ifarch %{ix86} x86_64 aarch64 riscv64 %global want_bootloader 1 %endif BuildRequires: gcc BuildRequires: gcc-c++ BuildRequires: clang BuildRequires: coreutils BuildRequires: libcap-devel BuildRequires: libmount-devel BuildRequires: libfdisk-devel BuildRequires: libpwquality-devel BuildRequires: pam-devel BuildRequires: libselinux-devel BuildRequires: audit-libs-devel %if %{without bootstrap} BuildRequires: cryptsetup-devel %endif BuildRequires: dbus-devel BuildRequires: util-linux # /usr/bin/getfacl is needed by test-acl-util BuildRequires: acl BuildRequires: libacl-devel BuildRequires: gobject-introspection-devel BuildRequires: libblkid-devel %if %{with xz} BuildRequires: xz-devel BuildRequires: xz %endif %if %{with lz4} BuildRequires: lz4-devel BuildRequires: lz4 %endif %if %{with bzip2} BuildRequires: bzip2-devel %endif %if %{with zstd} BuildRequires: libzstd-devel %endif BuildRequires: libidn2-devel BuildRequires: libcurl-devel BuildRequires: kmod-devel BuildRequires: elfutils-devel BuildRequires: openssl-devel %if %{with gnutls} BuildRequires: gnutls-devel %endif %if %{undefined rhel} BuildRequires: qrencode-devel %endif BuildRequires: libmicrohttpd-devel BuildRequires: libxkbcommon-devel BuildRequires: iptables-devel BuildRequires: pkgconfig(bash-completion) BuildRequires: pkgconfig(libarchive) BuildRequires: pkgconfig(libfido2) BuildRequires: pkgconfig(tss2-esys) BuildRequires: pkgconfig(tss2-rc) BuildRequires: pkgconfig(tss2-mu) BuildRequires: pkgconfig(libbpf) BuildRequires: systemtap-sdt-devel %if %{with docs} BuildRequires: libxslt BuildRequires: docbook-style-xsl %endif BuildRequires: pkgconfig BuildRequires: gperf BuildRequires: gawk BuildRequires: tree BuildRequires: hostname BuildRequires: python3 BuildRequires: python3-devel BuildRequires: python3dist(jinja2) BuildRequires: python3dist(lxml) BuildRequires: python3dist(pefile) %if %{undefined rhel} BuildRequires: python3dist(pillow) BuildRequires: python3dist(pytest-flakes) %endif BuildRequires: python3dist(pytest) BuildRequires: python3dist(zstd) %if 0%{?want_bootloader} BuildRequires: python3dist(pyelftools) %endif # gzip and lzma are provided by the stdlib BuildRequires: firewalld-filesystem BuildRequires: libseccomp-devel BuildRequires: meson >= 0.43 BuildRequires: gettext # We use RUNNING_ON_VALGRIND in tests, so the headers need to be available %ifarch %{valgrind_arches} BuildRequires: valgrind-devel %endif %ifnarch %ix86 # bpftool is not built for i368 BuildRequires: bpftool %global have_bpf 1 %endif %if 0%{?fedora} %ifarch x86_64 aarch64 %global have_xen 1 # That package is only built for those two architectures BuildRequires: xen-devel %endif %endif Requires(post): coreutils Requires(post): grep # systemd-machine-id-setup requires libssl Requires(post): openssl-libs Requires: dbus >= 1.9.18 Requires: %{name}-pam%{_isa} = %{version}-%{release} Requires(meta): (%{name}-rpm-macros = %{version}-%{release} if rpm-build) Requires: %{name}-libs%{_isa} = %{version}-%{release} %{?fedora:Recommends: %{name}-resolved = %{version}-%{release}} Recommends: diffutils Requires: (util-linux-core or util-linux) Recommends: libxkbcommon%{_isa} Provides: /bin/systemctl Provides: /sbin/shutdown Provides: syslog Provides: systemd-units = %{version}-%{release} Obsoletes: system-setup-keyboard < 0.9 Provides: system-setup-keyboard = 0.9 # systemd-sysv-convert was removed in f20: https://fedorahosted.org/fpc/ticket/308 Obsoletes: systemd-sysv < 206 # self-obsoletes so that dnf will install new subpackages on upgrade (#1260394) Obsoletes: %{name} < 249~~ Provides: systemd-sysv = 206 Conflicts: initscripts < 9.56.1 %if 0%{?fedora} Conflicts: fedora-release < 23-0.12 %endif %if 0%{?fedora} >= 41 BuildRequires: setup >= 2.15.0-3 BuildRequires: python3 Conflicts: setup < 2.15.0-3 Conflicts: selinux-policy-any < 41.1 %endif %if 0%{?fedora} >= 41 # Make sure that dracut supports systemd-executor and the renames done for v255, # and dlopen libraries and read-only fs in initrd. Conflicts: dracut < 060-2 %else # Make sure that dracut supports systemd-executor and the renames done for v255. Conflicts: dracut < 059-16 %endif Obsoletes: timedatex < 0.6-3 Provides: timedatex = 0.6-3 Provides: %{name}-tmpfiles = %{version}-%{release} Provides: %{name}-sysusers = %{version}-%{release} Provides: %{name}-shutdown = %{version}-%{release} # Recommends to replace normal Requires deps for stuff that is dlopen()ed Recommends: libidn2.so.0%{?elf_suffix} Recommends: libidn2.so.0(IDN2_0.0.0)%{?elf_bits} Recommends: libpcre2-8.so.0%{?elf_suffix} Recommends: libpwquality.so.1%{?elf_suffix} Recommends: libpwquality.so.1(LIBPWQUALITY_1.0)%{?elf_bits} %if %{undefined rhel} Recommends: libqrencode.so.4%{?elf_suffix} %endif Recommends: libbpf.so.1%{?elf_suffix} Recommends: libbpf.so.1(LIBBPF_0.4.0)%{?elf_bits} # used by systemd-coredump and systemd-analyze Recommends: libdw.so.1%{?elf_suffix} Recommends: libdw.so.1(ELFUTILS_0.186)%{?elf_bits} Recommends: libelf.so.1%{?elf_suffix} Recommends: libelf.so.1(ELFUTILS_1.7)%{?elf_bits} # used by dissect, integritysetup, veritysetyp, growfs, repart, cryptenroll, home Recommends: libcryptsetup.so.12%{?elf_suffix} Recommends: libcryptsetup.so.12(CRYPTSETUP_2.4)%{?elf_bits} # Libkmod is used to load modules. Recommends: libkmod.so.2%{?elf_suffix} # kmod_list_next, kmod_load_resources, kmod_module_get_initstate, # kmod_module_get_module, kmod_module_get_name, kmod_module_new_from_lookup, # kmod_module_probe_insert_module, kmod_module_unref, kmod_module_unref_list, # kmod_new, kmod_set_log_fn, kmod_unref, kmod_validate_resources # are part of LIBKMOD_5. Recommends: libkmod.so.2(LIBKMOD_5)%{?elf_bits} Recommends: libarchive.so.13%{?elf_suffix} %description systemd is a system and service manager that runs as PID 1 and starts the rest of the system. It provides aggressive parallelization capabilities, uses socket and D-Bus activation for starting services, offers on-demand starting of daemons, keeps track of processes using Linux control groups, maintains mount and automount points, and implements an elaborate transactional dependency-based service control logic. systemd supports SysV and LSB init scripts and works as a replacement for sysvinit. Other parts of this package are a logging daemon, utilities to control basic system configuration like the hostname, date, locale, maintain a list of logged-in users, system accounts, runtime directories and settings, and a logging daemons. %if 0%{?stable} This package was built from the %(c=%version; echo "v${c%.*}-stable") branch of systemd. %endif %package libs Summary: systemd libraries License: LGPL-2.1-or-later AND MIT Obsoletes: libudev < 183 Obsoletes: systemd < 185-4 Conflicts: systemd < 185-4 Obsoletes: systemd-compat-libs < 230 Obsoletes: nss-myhostname < 0.4 Provides: nss-myhostname = 0.4 Provides: nss-myhostname%{_isa} = 0.4 %description libs Libraries for systemd and udev. %package pam Summary: systemd PAM module Requires: %{name} = %{version}-%{release} %description pam Systemd PAM module registers the session with systemd-logind. %package rpm-macros Summary: Macros that define paths and scriptlets related to systemd BuildArch: noarch %description rpm-macros Just the definitions of rpm macros. See https://docs.fedoraproject.org/en-US/packaging-guidelines/Scriptlets/#_systemd for information how to use those macros. %package devel Summary: Development headers for systemd License: LGPL-2.1-or-later AND MIT Requires: %{name}-libs%{_isa} = %{version}-%{release} Requires(meta): (%{name}-rpm-macros = %{version}-%{release} if rpm-build) Provides: libudev-devel = %{version} Provides: libudev-devel%{_isa} = %{version} Obsoletes: libudev-devel < 183 %description devel Development headers and auxiliary files for developing applications linking to libudev or libsystemd. %package udev Summary: Rule-based device node and kernel event manager License: LGPL-2.1-or-later Requires: systemd%{_isa} = %{version}-%{release} Requires(post): systemd%{_isa} = %{version}-%{release} Requires(preun): systemd%{_isa} = %{version}-%{release} Requires(postun): systemd%{_isa} = %{version}-%{release} Requires(post): grep Requires: kmod >= 18-4 # https://bodhi.fedoraproject.org/updates/FEDORA-2020-dd43dd05b1 Obsoletes: systemd < 245.6-1 Provides: udev = %{version} Provides: udev%{_isa} = %{version} Obsoletes: udev < 183 Requires: (grubby > 8.40-72 if grubby) Requires: (sdubby > 1.0-3 if sdubby) # Libkmod is used to load modules. Assume that if we need udevd, we certainly # want to load modules, so make this into a hard dependency here. Requires: libkmod.so.2%{?elf_suffix} Requires: libkmod.so.2(LIBKMOD_5)%{?elf_bits} # Recommends to replace normal Requires deps for stuff that is dlopen()ed # used by dissect, integritysetup, veritysetyp, growfs, repart, cryptenroll, home Recommends: libcryptsetup.so.12%{?elf_suffix} Recommends: libcryptsetup.so.12(CRYPTSETUP_2.4)%{?elf_bits} # used by systemd-coredump and systemd-analyze Recommends: libdw.so.1%{?elf_suffix} Recommends: libdw.so.1(ELFUTILS_0.186)%{?elf_bits} Recommends: libelf.so.1%{?elf_suffix} Recommends: libelf.so.1(ELFUTILS_1.7)%{?elf_bits} # used by home, cryptsetup, cryptenroll, logind Recommends: libfido2.so.1%{?elf_suffix} Recommends: libp11-kit.so.0%{?elf_suffix} Recommends: libtss2-esys.so.0%{?elf_suffix} Recommends: libtss2-mu.so.0%{?elf_suffix} Recommends: libtss2-rc.so.0%{?elf_suffix} # https://bugzilla.redhat.com/show_bug.cgi?id=1377733#c9 Suggests: systemd-bootchart # https://bugzilla.redhat.com/show_bug.cgi?id=1408878 Requires: kbd # https://bugzilla.redhat.com/show_bug.cgi?id=1753381 Provides: u2f-hidraw-policy = 1.0.2-40 Obsoletes: u2f-hidraw-policy < 1.0.2-40 # self-obsoletes to install both packages after split of systemd-boot Obsoletes: systemd-udev < 252.2^ Provides: %{name}-repart = %{version}-%{release} %description udev This package contains systemd-udev and the rules and hardware database needed to manage device nodes. This package is necessary on physical machines and in virtual machines, but not in containers. This package also provides systemd-timesyncd, a network time protocol daemon. It also contains tools to manage encrypted home areas and secrets bound to the machine, and to create or grow partitions and make file systems automatically. %package ukify Summary: Tool to build Unified Kernel Images Requires: %{name} = %{version}-%{release} Requires: (systemd-boot if %{shrink:( filesystem(x86-32) or filesystem(x86-64) or filesystem(aarch64) or filesystem(riscv64) )}) Requires: python3dist(pefile) Requires: python3dist(zstd) Requires: python3dist(cryptography) Recommends: python3dist(pillow) # for tests %ifarch riscv64 # 2.42 received support for riscv64 + efi targets %global binutils_version_req >= 2.42 %endif BuildRequires: binutils %{?binutils_version_req} BuildArch: noarch %description ukify This package provides ukify, a script that combines a kernel image, an initrd, with a command line, and possibly PCR measurements and other metadata, into a Unified Kernel Image (UKI). %if 0%{?want_bootloader} %package boot-unsigned Summary: UEFI boot manager (unsigned version) Provides: systemd-boot-unsigned-%{efi_arch} = %version-%release Provides: systemd-boot = %version-%release Provides: systemd-boot%{_isa} = %version-%release # A provides with just the version, no release or dist, used to build systemd-boot Provides: version(systemd-boot-unsigned) = %version Provides: version(systemd-boot-unsigned)%{_isa} = %version # self-obsoletes to install both packages after split of systemd-boot Obsoletes: systemd-udev < 252.2^ %description boot-unsigned systemd-boot (short: sd-boot) is a simple UEFI boot manager. It provides a graphical menu to select the entry to boot and an editor for the kernel command line. systemd-boot supports systems with UEFI firmware only. This package contains the unsigned version. Install systemd-boot instead to get the version that works with Secure Boot. %endif %package container # Name is the same as in Debian Summary: Tools for containers and VMs Requires: %{name}%{_isa} = %{version}-%{release} Requires(post): systemd%{_isa} = %{version}-%{release} Requires(preun): systemd%{_isa} = %{version}-%{release} Requires(postun): systemd%{_isa} = %{version}-%{release} # obsolete parent package so that dnf will install new subpackage on upgrade (#1260394) Obsoletes: %{name} < 229-5 # Bias the system towards libcurl-minimal if nothing pulls in full libcurl (#1997040) Suggests: libcurl-minimal License: LGPL-2.1-or-later %description container Systemd tools to spawn and manage containers and virtual machines. This package contains systemd-nspawn, machinectl, systemd-machined, and systemd-importd. %package journal-remote # Name is the same as in Debian Summary: Tools to send journal events over the network Requires: %{name}%{_isa} = %{version}-%{release} License: LGPL-2.1-or-later Requires: firewalld-filesystem Provides: %{name}-journal-gateway = %{version}-%{release} Provides: %{name}-journal-gateway%{_isa} = %{version}-%{release} Obsoletes: %{name}-journal-gateway < 227-7 # Bias the system towards libcurl-minimal if nothing pulls in full libcurl (#1997040) Suggests: libcurl-minimal %description journal-remote Programs to forward journal entries over the network, using encrypted HTTP, and to write journal files from serialized journal contents. This package contains systemd-journal-gatewayd, systemd-journal-remote, and systemd-journal-upload. %package resolved Summary: Network Name Resolution manager Requires: %{name}%{_isa} = %{version}-%{release} Obsoletes: %{name} < 249~~ Requires: libidn2.so.0%{?elf_suffix} Requires: libidn2.so.0(IDN2_0.0.0)%{?elf_bits} Requires(posttrans): grep %{?sysusers_requires_compat} %description resolved systemd-resolved is a system service that provides network name resolution to local applications. It implements a caching and validating DNS/DNSSEC stub resolver, as well as an LLMNR and MulticastDNS resolver and responder. %package oomd Summary: A userspace out-of-memory (OOM) killer Requires: %{name}-udev = %{version}-%{release} Provides: %{name}-oomd-defaults = %{version}-%{release} License: LGPL-2.1-or-later %description oomd systemd-oomd is a system service that uses cgroups-v2 and pressure stall information (PSI) to monitor and take action on processes before an OOM occurs in kernel space. %prep %autosetup -n systemd-257.2 -p1 %build %global ntpvendor %(source /etc/os-release; echo ${ID}) %{!?ntpvendor: echo 'NTP vendor zone is not set!'; exit 1} CONFIGURE_OPTS=( --werror -Dmode=%[%{with upstream}?"developer":"release"] -Dsysvinit-path=/etc/rc.d/init.d -Drc-local=/etc/rc.d/rc.local -Ddns-servers= -Duser-path=/usr/local/bin:/usr/local/sbin:/usr/bin:/usr/sbin -Dservice-watchdog=3min -Ddev-kvm-mode=0666 -Dkmod=enabled -Dxkbcommon=enabled -Dblkid=enabled -Dfdisk=enabled -Dseccomp=enabled -Dima=true -Dselinux=enabled -Dbpf-framework=%[0%{?have_bpf}?"enabled":"disabled"] -Dapparmor=disabled -Dpolkit=enabled -Dxz=%[%{with xz}?"enabled":"disabled"] -Dzlib=%[%{with zlib}?"enabled":"disabled"] -Dbzip2=%[%{with bzip2}?"enabled":"disabled"] -Dlz4=%[%{with lz4}?"enabled":"disabled"] -Dzstd=%[%{with zstd}?"enabled":"disabled"] -Dpam=enabled -Dacl=enabled -Dsmack=true -Dopenssl=enabled -Dcryptolib=openssl -Dp11kit=enabled -Dgcrypt=disabled -Daudit=enabled -Delfutils=enabled -Dlibcryptsetup=%[%{with bootstrap}?"disabled":"enabled"] -Delfutils=enabled -Drepart=enabled -Dpwquality=enabled -Dqrencode=%[%{defined rhel}?"disabled":"enabled"] -Dmicrohttpd=enabled -Dlibiptc=disabled -Dlibcurl=enabled -Dlibfido2=enabled -Dxenctrl=%[0%{?have_xen}?"enabled":"disabled"] -Defi=true -Dtpm=true -Dtpm2=enabled -Dhwdb=true -Dsysusers=true -Ddefault-kill-user-processes=false -Dfirst-boot-full-preset=true -Ddefault-network=true -Dtests=unsafe -Dinstall-tests=false -Dnobody-user=nobody -Dnobody-group=nobody -Dcompat-mutable-uid-boundaries=true -Dsplit-bin=true -Db_ndebug=false -Dman=%[%{with docs}?"enabled":"disabled"] -Dversion-tag=%{version}%[%{without upstream}?"-%{release}":""] # https://bugzilla.redhat.com/show_bug.cgi?id=1906010 -Dshared-lib-tag=%{version_no_tilde}%[%{without upstream}?"-%{release}":""] -Dlink-executor-shared=false -Dfallback-hostname="localhost" -Ddefault-dnssec=no -Ddefault-dns-over-tls=no # https://bugzilla.redhat.com/show_bug.cgi?id=1867830 -Ddefault-mdns=no # https://bugzilla.redhat.com/show_bug.cgi?id=2028169 -Dstatus-unit-format-default=combined -Dconfigfiledir=/usr/lib -Doomd=true -Dadm-gid=4 -Dtty-gid=5 -Ddisk-gid=6 -Dlp-gid=7 -Dkmem-gid=9 -Dwheel-gid=10 -Dcdrom-gid=11 -Ddialout-gid=18 -Dutmp-gid=22 -Dtape-gid=33 -Dkvm-gid=36 -Dvideo-gid=39 -Daudio-gid=63 -Dusers-gid=100 -Dinput-gid=104 -Drender-gid=105 -Dsgx-gid=106 -Dsystemd-journal-gid=190 -Dsystemd-network-uid=192 -Dsystemd-resolve-uid=193 # -Dsystemd-timesync-uid=, not set yet # For now, let's build the bootloader in the same places where we # built with gnu-efi. Later on, we might want to extend coverage, but # considering that that support is untested, let's not do this now. -Dbootloader=%[%{?want_bootloader}?"enabled":"disabled"] -Dukify=enabled # RHEL10 bootstrapping -Dstandalone-binaries=false -Dnscd=false -Dportabled=false -Dmountfsd=false -Dhomed=disabled -Dnetworkd=false -Dtimesyncd=false -Dcreate-log-dirs=false -Dnsresourced=false -Dfirstboot=true -Dvmspawn=disabled -Dstoragetm=false -Dhtml=disabled -Ddefault-net-naming-scheme=rhel-10.0-beta -Ddefault-llmnr=no -Ddns-over-tls=openssl -Dntp-servers= -Dsupport-url=https://access.redhat.com/support -Dlibidn=disabled -Dgnutls=disabled -Ddefault-compression=zstd # https://issues.redhat.com/browse/RHEL-16810 -Dsbat-distro-url=mailto:secalert@redhat.com -Dsshconfdir=no -Dsshdconfdir=no -Duserdb=false ) %if %{without lto} %global _lto_cflags %nil %endif { %meson "${CONFIGURE_OPTS[@]}" %{?meson_extra_configure_options} ; } %meson_build new_triggers=%{_vpath_builddir}/src/rpm/triggers.systemd.sh if ! diff -u %{SOURCE1} ${new_triggers}; then echo -e "\n\n\nWARNING: triggers.systemd in Source1 is different!" echo -e " cp $PWD/${new_triggers} %{SOURCE1}\n\n\n" sleep 5 fi %install %meson_install # udev links mkdir -p %{buildroot}/%{_sbindir} ln -sf ../bin/udevadm %{buildroot}%{_sbindir}/udevadm # Compatiblity and documentation files touch %{buildroot}/etc/crypttab chmod 600 %{buildroot}/etc/crypttab # Config files that were moved under /usr. # We need to %ghost them so that they are not removed on upgrades. touch %{buildroot}/etc/systemd/coredump.conf \ %{buildroot}/etc/systemd/journald.conf \ %{buildroot}/etc/systemd/journal-remote.conf \ %{buildroot}/etc/systemd/journal-upload.conf \ %{buildroot}/etc/systemd/logind.conf \ %{buildroot}/etc/systemd/oomd.conf \ %{buildroot}/etc/systemd/pstore.conf \ %{buildroot}/etc/systemd/resolved.conf \ %{buildroot}/etc/systemd/sleep.conf \ %{buildroot}/etc/systemd/system.conf \ %{buildroot}/etc/systemd/user.conf \ %{buildroot}/etc/udev/udev.conf \ %{buildroot}/etc/udev/iocost.conf install -D -t %{buildroot}/usr/lib/systemd/ %{SOURCE3} # /etc/initab install -Dm0644 -t %{buildroot}/etc/ %{SOURCE6} # /etc/sysctl.conf compat install -Dm0644 %{SOURCE7} %{buildroot}/etc/sysctl.conf ln -s ../sysctl.conf %{buildroot}/etc/sysctl.d/99-sysctl.conf # Make sure these directories are properly owned mkdir -p %{buildroot}%{system_unit_dir}/basic.target.wants mkdir -p %{buildroot}%{system_unit_dir}/default.target.wants mkdir -p %{buildroot}%{system_unit_dir}/dbus.target.wants mkdir -p %{buildroot}%{system_unit_dir}/syslog.target.wants mkdir -p %{buildroot}/run mkdir -p %{buildroot}%{_localstatedir}/log touch %{buildroot}%{_localstatedir}/log/lastlog chmod 0664 %{buildroot}%{_localstatedir}/log/lastlog touch %{buildroot}/run/utmp touch %{buildroot}%{_localstatedir}/log/{w,b}tmp # Make sure the user generators dir exists too mkdir -p %{buildroot}%{pkgdir}/system-generators mkdir -p %{buildroot}%{pkgdir}/user-generators # Create new-style configuration files so that we can ghost-own them touch %{buildroot}%{_sysconfdir}/hostname touch %{buildroot}%{_sysconfdir}/vconsole.conf touch %{buildroot}%{_sysconfdir}/locale.conf touch %{buildroot}%{_sysconfdir}/machine-id touch %{buildroot}%{_sysconfdir}/machine-info touch %{buildroot}%{_sysconfdir}/localtime mkdir -p %{buildroot}%{_sysconfdir}/X11/xorg.conf.d touch %{buildroot}%{_sysconfdir}/X11/xorg.conf.d/00-keyboard.conf # Make sure the shutdown/sleep drop-in dirs exist mkdir -p %{buildroot}%{pkgdir}/system-shutdown/ mkdir -p %{buildroot}%{pkgdir}/system-sleep/ # Make sure directories in /var exist mkdir -p %{buildroot}%{_localstatedir}/lib/systemd/coredump mkdir -p %{buildroot}%{_localstatedir}/lib/systemd/catalog mkdir -p %{buildroot}%{_localstatedir}/lib/systemd/backlight mkdir -p %{buildroot}%{_localstatedir}/lib/systemd/rfkill mkdir -p %{buildroot}%{_localstatedir}/lib/systemd/linger mkdir -p %{buildroot}%{_localstatedir}/lib/private mkdir -p %{buildroot}%{_localstatedir}/log/private mkdir -p %{buildroot}%{_localstatedir}/cache/private mkdir -p %{buildroot}%{_localstatedir}/lib/private/systemd/journal-upload ln -s ../private/systemd/journal-upload %{buildroot}%{_localstatedir}/lib/systemd/journal-upload mkdir -p %{buildroot}%{_localstatedir}/log/journal touch %{buildroot}%{_localstatedir}/lib/systemd/catalog/database touch %{buildroot}%{_sysconfdir}/udev/hwdb.bin touch %{buildroot}%{_localstatedir}/lib/systemd/random-seed touch %{buildroot}%{_localstatedir}/lib/private/systemd/journal-upload/state # Install rc.local mkdir -p %{buildroot}%{_sysconfdir}/rc.d/ install -m 0644 %{SOURCE26} %{buildroot}%{_sysconfdir}/rc.d/rc.local ln -s rc.d/rc.local %{buildroot}%{_sysconfdir}/rc.local # Install yum protection fragment install -Dm0644 %{SOURCE5} %{buildroot}/etc/dnf/protected.d/systemd.conf install -Dm0644 -t %{buildroot}/usr/lib/firewalld/services/ %{SOURCE8} %{SOURCE9} # Install additional docs # https://bugzilla.redhat.com/show_bug.cgi?id=1234951 install -Dm0644 -t %{buildroot}%{_pkgdocdir}/ %{SOURCE10} # https://bugzilla.redhat.com/show_bug.cgi?id=1378974 install -Dm0644 -t %{buildroot}%{system_unit_dir}/systemd-udev-trigger.service.d/ %{SOURCE11} install -Dm0644 -t %{buildroot}%{_prefix}/lib/systemd/ %{SOURCE13} # systemd-oomd default configuration install -Dm0644 -t %{buildroot}%{_prefix}/lib/systemd/oomd.conf.d/ %{SOURCE14} install -Dm0644 -t %{buildroot}%{system_unit_dir}/system.slice.d/ %{SOURCE15} install -Dm0644 -t %{buildroot}%{user_unit_dir}/slice.d/ %{SOURCE15} # https://fedoraproject.org/wiki/Changes/IncreaseVmMaxMapCount install -Dm0644 -t %{buildroot}%{_prefix}/lib/sysctl.d/ %{SOURCE17} sed -i 's|#!/usr/bin/env python3|#!%{__python3}|' %{buildroot}/usr/lib/systemd/tests/run-unit-tests.py || : install -m 0644 -D -t %{buildroot}%{_rpmconfigdir}/macros.d/ %{SOURCE21} # Use rpm's own sysusers provides where available %if ! (0%{?fedora} >= 39 || 0%{?rhel} >= 10) install -m 0644 -D -t %{buildroot}%{_rpmconfigdir}/fileattrs/ %{SOURCE22} install -m 0755 -D -t %{buildroot}%{_rpmconfigdir}/ %{SOURCE23} %endif install -m 0755 -D -t %{buildroot}%{_rpmconfigdir}/ %{SOURCE24} # https://bugzilla.redhat.com/show_bug.cgi?id=2107754 install -Dm0644 -t %{buildroot}%{_prefix}/lib/systemd/network/ %{SOURCE25} ln -s --relative %{buildroot}%{_bindir}/kernel-install %{buildroot}%{_sbindir}/installkernel %if "%{_sbindir}" == "%{_bindir}" # Systemd has the split-sbin option which is also used to select the directory # for alias symlinks. We need to keep split-sbin=true for now, to support # unmerged systems. Move the symlinks here instead. mv -v %{buildroot}/usr/sbin/* %{buildroot}%{_bindir}/ %endif %if 0%{?fedora} >= 41 # This requires https://pagure.io/setup/pull-request/50 # and https://src.fedoraproject.org/rpms/setup/pull-request/10. %{python3} %{SOURCE4} /usr/lib/sysusers.d/20-setup-{users,groups}.conf %{buildroot}/usr/lib/sysusers.d/basic.conf rm %{buildroot}/usr/lib/sysusers.d/basic.conf %endif %find_lang %{name} # Split files in build root into rpms python3 %{SOURCE2} %buildroot %{!?want_bootloader:--no-bootloader} %check %if %{with tests} meson test -C %{_vpath_builddir} -t 6 --print-errorlogs %endif ############################################################################################# %include %{SOURCE1} %post systemd-machine-id-setup &>/dev/null || : [ $1 -eq 1 ] || exit 0 [ -w %{_localstatedir} ] && journalctl --update-catalog || : systemd-sysusers || : systemd-tmpfiles --create &>/dev/null || : # We reset the enablement of all services upon initial installation # https://bugzilla.redhat.com/show_bug.cgi?id=1118740#c23 # This will fix up enablement of any preset services that got installed # before systemd due to rpm ordering problems: # https://bugzilla.redhat.com/show_bug.cgi?id=1647172. # We also do this for user units, see # https://fedoraproject.org/wiki/Changes/Systemd_presets_for_user_units. systemctl preset-all &>/dev/null || : systemctl --global preset-all &>/dev/null || : %postun if [ $1 -ge 1 ]; then [ -w %{_localstatedir} ] && journalctl --update-catalog || : systemctl daemon-reexec || : systemd-tmpfiles --create &>/dev/null || : fi %systemd_postun_with_restart systemd-timedated.service systemd-hostnamed.service systemd-journald.service systemd-localed.service # FIXME: systemd-logind.service is excluded (https://github.com/systemd/systemd/pull/17558) # This is the expanded form of %%systemd_user_daemon_reexec. We # can't use the macro because we define it ourselves. if [ $1 -ge 1 ] && [ -x "/usr/lib/systemd/systemd-update-helper" ]; then # Package upgrade, not uninstall /usr/lib/systemd/systemd-update-helper user-reexec || : fi %triggerun -- systemd < 256 # This is for upgrades from previous versions before systemd restart was moved to %%postun systemctl daemon-reexec || : %triggerpostun -- systemd < 256-9 if [ -L /etc/ssh/sshd_config.d/20-systemd-userdb.conf ] && \ [ "$(readlink -m /etc/ssh/sshd_config.d/20-systemd-userdb.conf)" = "/usr/lib/systemd/sshd_config.d/20-systemd-userdb.conf" ] ; then rm -f /etc/ssh/sshd_config.d/20-systemd-userdb.conf || : fi %global udev_services systemd-udev{d,-settle,-trigger}.service systemd-udevd-{control,kernel}.socket %{?want_bootloader:systemd-boot-update.service} systemd-pstore.service remote-cryptsetup.target %post udev # Move old stuff around in /var/lib mv %{_localstatedir}/lib/random-seed %{_localstatedir}/lib/systemd/random-seed &>/dev/null mv %{_localstatedir}/lib/backlight %{_localstatedir}/lib/systemd/backlight &>/dev/null udevadm hwdb --update &>/dev/null %systemd_post %udev_services # Try to save the random seed, but don't complain if /dev/urandom is unavailable /usr/lib/systemd/systemd-random-seed save 2>&1 | \ grep -v 'Failed to open /dev/urandom' || : # Replace obsolete keymaps # https://bugzilla.redhat.com/show_bug.cgi?id=1151958 grep -q -E '^KEYMAP="?fi-latin[19]"?' /etc/vconsole.conf 2>/dev/null && sed -i.rpm.bak -r 's/^KEYMAP="?fi-latin[19]"?/KEYMAP="fi"/' /etc/vconsole.conf || : %preun udev %systemd_preun %udev_services %postun udev # Restart some services. # Others are either oneshot services, or sockets, and restarting them causes issues (#1378974) %systemd_postun_with_restart systemd-udevd.service %global journal_remote_units_restart systemd-journal-gatewayd.service systemd-journal-remote.service systemd-journal-upload.service %global journal_remote_units_norestart systemd-journal-gatewayd.socket systemd-journal-remote.socket %post journal-remote %systemd_post %journal_remote_units_restart %journal_remote_units_norestart %firewalld_reload %preun journal-remote %systemd_preun %journal_remote_units_restart %journal_remote_units_norestart if [ $1 -eq 1 ] ; then if [ -f %{_localstatedir}/lib/systemd/journal-upload/state -a ! -L %{_localstatedir}/lib/systemd/journal-upload ] ; then mkdir -p %{_localstatedir}/lib/private/systemd/journal-upload mv %{_localstatedir}/lib/systemd/journal-upload/state %{_localstatedir}/lib/private/systemd/journal-upload/. rmdir %{_localstatedir}/lib/systemd/journal-upload || : fi fi %postun journal-remote %systemd_postun_with_restart %journal_remote_units_restart %firewalld_reload %pre resolved %sysusers_create_compat %{SOURCE27} %post resolved %systemd_post systemd-resolved.service %preun resolved if [ $1 -eq 0 ] ; then systemctl disable --quiet \ systemd-resolved.service \ >/dev/null || : if [ -L /etc/resolv.conf ] && \ realpath /etc/resolv.conf | grep ^/run/systemd/resolve/; then rm -f /etc/resolv.conf # no longer useful # if network manager is enabled, move to it instead [ -f /run/NetworkManager/resolv.conf ] && \ systemctl -q is-enabled NetworkManager.service &>/dev/null && \ ln -fsv ../run/NetworkManager/resolv.conf /etc/resolv.conf fi fi %postun resolved %systemd_postun_with_restart systemd-resolved.service %pre getent group systemd-oom &>/dev/null || groupadd -r systemd-oom 2>&1 || : getent passwd systemd-oom &>/dev/null || useradd -r -l -g systemd-oom -d / -s /sbin/nologin -c "systemd Userspace OOM Killer" systemd-oom &>/dev/null || : %preun oomd %systemd_preun systemd-oomd.service %post oomd %systemd_post systemd-oomd.service %postun oomd %systemd_postun_with_restart systemd-oomd.service %global _docdir_fmt %{name} %files -f %{name}.lang -f .file-list-main %doc %{_pkgdocdir} %exclude %{_pkgdocdir}/LICENSE* # Only the licenses texts for the licenses in License line are included. %license LICENSE.GPL2 %license LICENSES/MIT.txt %ghost %dir %attr(0755,-,-) /etc/systemd/system/basic.target.wants %ghost %dir %attr(0755,-,-) /etc/systemd/system/bluetooth.target.wants %ghost %dir %attr(0755,-,-) /etc/systemd/system/default.target.wants %ghost %dir %attr(0755,-,-) /etc/systemd/system/getty.target.wants %ghost %dir %attr(0755,-,-) /etc/systemd/system/graphical.target.wants %ghost %dir %attr(0755,-,-) /etc/systemd/system/local-fs.target.wants %ghost %dir %attr(0755,-,-) /etc/systemd/system/machines.target.wants %ghost %dir %attr(0755,-,-) /etc/systemd/system/multi-user.target.wants %ghost %dir %attr(0755,-,-) /etc/systemd/system/network-online.target.wants %ghost %dir %attr(0755,-,-) /etc/systemd/system/printer.target.wants %ghost %dir %attr(0755,-,-) /etc/systemd/system/remote-fs.target.wants %ghost %dir %attr(0755,-,-) /etc/systemd/system/sockets.target.wants %ghost %dir %attr(0755,-,-) /etc/systemd/system/sysinit.target.wants %ghost %dir %attr(0755,-,-) /etc/systemd/system/system-update.target.wants %ghost %dir %attr(0755,-,-) /etc/systemd/system/timers.target.wants %ghost %dir %attr(0700,-,-) /var/lib/portables %ghost %dir %attr(0755,-,-) /var/lib/rpm-state/systemd %files libs -f .file-list-libs %license LICENSE.LGPL2.1 %files pam -f .file-list-pam %files rpm-macros -f .file-list-rpm-macros %files resolved -f .file-list-resolve %files devel -f .file-list-devel %files udev -f .file-list-udev %files ukify -f .file-list-ukify %if 0%{?want_bootloader} %files boot-unsigned -f .file-list-boot %endif %files container -f .file-list-container %ghost %dir %attr(0700,-,-) /var/lib/machines %files journal-remote -f .file-list-remote %files oomd -f .file-list-oomd %clean rm -rf $RPM_BUILD_ROOT rm -f 10-timeout-abort.conf.user rm -f .file-list-* rm -f %{name}.lang %changelog * Mon Jan 06 2025 Packit - 257.2-2.20250106094757892497.pr49.1.g474bc5814b - udev/net_id: introduce naming scheme for RHEL-9.6 (Jan Macku) * Fri Dec 20 2024 Jan Macku - 257-2 - Rebase to new upstream stable release v257.1 (RHEL-71409) * Tue Dec 17 2024 Jan Macku - 257-1 - Rebase to new upstream release v257 (RHEL-71409) - netif-naming-scheme: introduce rhel-10.0 scheme (RHEL-44417) * Tue Nov 19 2024 systemd maintenance team - 256-18 - add %%pre sysuser scriptlet for resolved subpackage (RHEL-50564) * Tue Nov 12 2024 systemd maintenance team - 256-17 - socket: fix socket activation of stopped services with pinned FD store (RHEL-60896) * Tue Oct 29 2024 Troy Dawson - Bump release for October 2024 mass rebuild: Resolves: RHEL-64018 * Tue Oct 15 2024 systemd maintenance team - 256-15 - ci: rename beta branch to match dist-git name (RHEL-57603) - udev: Handle PTP device symlink properly on udev action 'change' (RHEL-59871) - Fix detection of TDX confidential VM on Azure platform (RHEL-56144) - confidential-virt: split caching of CVM detection into separate method (RHEL-56144) - confidential-virt: add detection for s390x target (RHEL-56144) - man/systemd-detect-virt: fix row spanning for VM header (RHEL-56144) - man/systemd-detect-virt: list known CVM technologies (RHEL-56144) * Fri Aug 30 2024 systemd maintenance team - 256-14 - Revert "cgroup-util: Don't try to open pidfd for kernel threads" (RHEL-52634) - ukify: Skip test on architectures without UEFI (RHEL-52634) * Thu Aug 22 2024 systemd maintenance team - 256-13 - systemctl: do not try to acquire triggering units for template units (RHEL-55132) - core/unit: add one assertion for u->manager (RHEL-55734) - core/service: destroy runtime data when Type=oneshot services exit (RHEL-55734) - cgroup-util: Ignore kernel threads in cg_kill_items() (RHEL-55746) - cgroup-util: Don't try to open pidfd for kernel threads (RHEL-55746) - cgroup-util: fix typo (RHEL-55746) - netif-naming-scheme: rename rhel-10.0 to rhel-10.0.beta (RHEL-55728) - net-naming-scheme: disable NAMING_FIRMWARE_NODE_SUN (RHEL-55728) - net-naming-scheme: remove NAMING_FIRMWARE_NODE_SUN from 9.5 (RHEL-55728) - make systemd-ukify subpackage arch dependent (RHEL-52634) * Thu Aug 15 2024 systemd maintenance team - 256-12 - netif-naming-scheme: add rhel-9.5 scheme (RHEL-44416) - udev-builtin-net_id: use firmware_node/sun for ID_NET_NAME_SLOT (RHEL-44416) - man/net-naming-scheme: add missing period (RHEL-44416) - Revert "packit: drop the dependency on python3-zstd" (RHEL-36636) * Tue Jul 30 2024 systemd maintenance team - 256-11 - fix OpenScanHub builds (RHEL-40924) * Mon Jul 29 2024 systemd maintenance team - 256-10 - fix updgrade from versions before removal of systemd-ssh-generator - follow-up (RHEL-50131) * Thu Jul 25 2024 systemd maintenance team - 256-9 - fix updgrade from versions before removal of systemd-ssh-generator (RHEL-50131) * Tue Jul 23 2024 systemd maintenance team - 256-8 - Avoid /tmp being mounted as tmpfs without the user's will (RHEL-40924) - unit: don't add Requires for tmp.mount (RHEL-40924) - units: add [Install] section to tmp.mount (RHEL-40924) - units: don't enable tmp.mount statically in local-fs.target (RHEL-40924) * Mon Jul 22 2024 systemd maintenance team - 256-7 - drop 10-timeout-abort.conf snippet (RHEL-46280) - don't ship systemd-userdbd (RHEL-46280) * Fri Jul 19 2024 systemd maintenance team - 256-6 - doc: add downstream CONTRIBUTING document (RHEL-40924) - ci: allow `policy` as rhel-only keyword (RHEL-40924) - ci: run mkosi test only for Fedora and CentOS Stream (RHEL-40924) - taint: remove unused variable `usr_sbin` (RHEL-40924) - packit: drop the libarchive workaround (RHEL-40924) - packit: drop the dependency on python3-zstd (RHEL-40924) - coredump: by default process and store core files up to 1GiB (RHEL-46778) - don't ship systemd-ssh-generator harder (RHEL-40924) * Wed Jul 17 2024 systemd maintenance team - 256-5 - don't ship systemd-ssh-generator (RHEL-40924) * Tue Jul 16 2024 systemd maintenance team - 256-4 - reenable systemd-firstboot (RHEL-48822) - don't create /var/log/journal (RHEL-40924) * Mon Jul 08 2024 systemd maintenance team - 256-3 - taint: remove unmerged-bin (RHEL-46277) - presets: remove resolved (RHEL-46576) - remove resolved scriptlets - don't install tests * Thu Jul 04 2024 systemd maintenance team - 256-2 - logind: set RemoveIPC to false by default (RHEL-40924) - tmpfiles: don't create resolv.conf -> stub-resolv.conf symlink (RHEL-40924) - rc-local: order after network-online.target (RHEL-40924) - random-util: increase random seed size to 1024 (RHEL-40924) - journal: don't enable systemd-journald-audit.socket by default (RHEL-40924) - journald.conf: don't touch current audit settings (RHEL-40924) - rules: add elevator= kernel command line parameter (RHEL-40924) - pid1: bump DefaultTasksMax to 80% of the kernel pid.max value (RHEL-40924) - udev/net-setup-link: change the default MACAddressPolicy to "none" (RHEL-40924) - core: decrease log level of messages about use of KillMode=none (RHEL-40924) - meson: rename libbasic to libbasic_static (RHEL-46020) - meson: build libsystemd-core via an intermediate static library (RHEL-46020) - meson: add option to build systemd-executor "statically" (RHEL-46020) * Wed Jun 26 2024 Jan Macku - 256-1 - Initial import and bootsprap from Fedora * remove standalone packages * remove networkd package * remove homed * remove portabled * remove timesyncd * remove tests package * move oomd to separate package * revert bin-sbin merge related changes - remove autorelease stuff * for changelog history see changelog file - rules: copy 40-redhat.rules from RHEL 9 (RHEL-40360) - net-naming-scheme: start rhel10 naming and include rhel8 and rhel9 ones (RHEL-22621) - fedora: use system-auth in pam systemd-user (RHEL-40924) - tmpfiles: make --purge hard to (mis-)use (RHEL-40924) - journal: again create user journals for users with high uids (RHEL-40924) - (origin/rhel-10.0.beta, rhel-10.0.beta) ci: allow to pass parameters together with rhel-only note (RHEL-36636) - ci: reconfigure Packit for RHEL 10 (RHEL-36636) - ci: deploy systemd man to GitHub Pages (RHEL-36636) - ci: setup source-git automation (RHEL-36636) - ci: update workflows to run on source-git setup (RHEL-36636)