The TPM2 support is used, among other things, for unlocking encrypted
volumes.
(From OE-Core rev: 7b7dfbfaedde775add3be7a3cb44b115d8ec5036)
Signed-off-by: Kristian Klausen <kristian@klausen.dk>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
If the distro does not include the group 'wheel' systemd will
complain when trying to parse ACL rules for tmpfiles.d.
systemd-tmpfiles[273]: Failed to parse ACL "d:group:adm:r-x,d:group:wheel:r-x": Invalid argument. Ignoring
Systemd has a configuration parameter to avoid using 'wheel'
group in the standard config files for tmpfiles. Add this as
a PACKAGECONFIG and enable it by default to keep default.
(From OE-Core rev: 1b5648e6aeb9837cb807ce086c26fbfaa16f6f8b)
Signed-off-by: Peter Bergin <peter@berginkonsult.se>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Repo-wide replacement to use newer variable to represent systemd
system unitdir directory.
(From OE-Core rev: 5ace3ada5c54500c71becc8e0c6eddeb8bc053e3)
Signed-off-by: Robert P. J. Day <rpjday@crashcourse.ca>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
If systemd is built with fdisk support[1] and the openssl and cryptsetup
PACKAGECONFIG are enabled, systemd-homed[1] is automatically enabled.
The org.freedesktop.home1.conf file was forgotten, so this commit adds
the file and make enabling homed a explicit choice.
systemd-homed.service and systemd-homed-activate.service have a Also= on
each other, so "systemctl" has been fixed to handle the circular
dependency.
userdb isn't strictly speaking needed for homed but "systemctl" can't
handle the missing unit file and upstream recommend enabling both[3].
[1] Automatically enabled if the fdisk dependency is installed which it
is as util-linux is pulled in by systemd
[2] https://www.freedesktop.org/software/systemd/man/systemd-homed.service.html
[3] 871dc8d644
(From OE-Core rev: fff339b5bd7789db5d0c024fc84490ac17fa4fe9)
Signed-off-by: Kristian Klausen <kristian@klausen.dk>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
systemd-repart[1] is useful for partitioning the disk:
"systemd-repart grows and adds partitions to a partition table, based on
the configuration files described in repart.d(5)."[1]
openssl is required by repart, so it can be enabled like so:
PACKAGECONFIG += "openssl repart"
[1] https://www.freedesktop.org/software/systemd/man/systemd-repart.html
(From OE-Core rev: a9fb51b75d4536d13734d91222bb0bc612555ae2)
Signed-off-by: Kristian Klausen <kristian@klausen.dk>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Fixes [YOCTO #14538]
Recipes shouldn't use the "virtual/" string in RPROVIDES and RDEPENDS.
That's confusing because "virtual/" has no special meaning in
RPROVIDES and RDEPENDS (unlike in PROVIDES and DEPENDS).
Instead, using "virtual-" instead of "virtual/"
as already done in the glibc recipe.
(From OE-Core rev: 93ac180d8c389f16964bce8bd5538d9389e970e6)
Signed-off-by: Michael Opdenacker <michael.opdenacker@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
The patch changes are all git rearranging chunks on rebase; there are no functional changes.
(From OE-Core rev: 88cfba0762fe3bb6f593901f9a673b373534b756)
Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Switch the default PACKAGECONFIG for compression feature from xz
to zstd. zstd is significantly faster than xz with only slightly
worse compression ratios. It is therefore much better suited for
activities like systemd-journald.
(From OE-Core rev: b1558bb058243f3a3de600ef5cf04bfaeac4fdeb)
Signed-off-by: Patrick Williams <patrick@stwcx.xyz>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
systemd supports using zstd compression for journald and core files.
Add the necessary PACKAGECONFIG to enable zstd.
(From OE-Core rev: 0e0f8b708beeb1f6add5168b92a5a6a2c8ce96cd)
Signed-off-by: Patrick Williams <patrick@stwcx.xyz>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* since the upgrade to 249.1 in:
https://git.openembedded.org/openembedded-core/commit/?id=323ec445dfe22860cd450c303db5ed8fcb4e791c
the builds with ld-is-gold are failing with:
[17/21] Generating linuxx64.elf.stub with a custom command
FAILED: src/boot/efi/linuxx64.elf.stub
/OE/build/oe-core/tmp-glibc/work/core2-64-oe-linux/systemd-boot/249.1-r0/recipe-sysroot-native/usr/bin/x86_64-oe-linux/x86_64-oe-linux-ld -o src/boot/efi/linuxx64.elf.stub -T /OE/build/oe-core/tmp-glibc/work/core2-64-oe-linux/systemd-boot/249.1-r0/recipe-sysroot/usr/lib/elf_x86_64_efi.lds -shared -Bsymbolic -nostdlib -znocombreloc --build-id=sha1 -L /OE/build/oe-core/tmp-glibc/work/core2-64-oe-linux/systemd-boot/249.1-r0/recipe-sysroot/usr/lib /OE/build/oe-core/tmp-glibc/work/core2-64-oe-linux/systemd-boot/249.1-r0/recipe-sysroot/usr/lib/crt0-efi-x86_64.o src/boot/efi/string-util-fundamental.c.o src/boot/efi/disk.c.o src/boot/efi/graphics.c.o src/boot/efi/measure.c.o src/boot/efi/pe.c.o src/boot/efi/secure-boot.c.o src/boot/efi/util.c.o src/boot/efi/linux.c.o src/boot/efi/splash.c.o src/boot/efi/stub.c.o -lefi -lgnuefi /OE/build/oe-core/tmp-glibc/work/core2-64-oe-linux/systemd-boot/249.1-r0/recipe-sysroot/usr/lib/../lib/x86_64-oe-linux/11.2.0/libgcc.a
/OE/build/oe-core/tmp-glibc/work/core2-64-oe-linux/systemd-boot/249.1-r0/recipe-sysroot-native/usr/bin/x86_64-oe-linux/x86_64-oe-linux-ld: internal error in segment_precedes, at ../../gold/layout.cc:3721
[18/21] Generating boot.c.o with a custom command
ninja: build stopped: subcommand failed.
WARNING: exit code 1 from a shell command.
as reported in:
https://lists.openembedded.org/g/openembedded-core/message/154246
* if someone is using lld or ld.lld in ${LD} then it would fail as well:
e39288193f
* work around this by always using ld.bfd instead of whatever is set in ${LD}
* it needs to be prefixed with ${HOST_PREFIX} to match how LD is constructed:
$ bitbake-getvar -r systemd-boot LD
#
# $LD [2 operations]
# exported /OE/build/oe-core/openembedded-core/meta/conf/bitbake.conf:523
# [export] "1"
# set /OE/build/oe-core/openembedded-core/meta/conf/bitbake.conf:523
# "${HOST_PREFIX}ld${TOOLCHAIN_OPTIONS} ${HOST_LD_ARCH}"
# pre-expansion value:
# "${HOST_PREFIX}ld${TOOLCHAIN_OPTIONS} ${HOST_LD_ARCH}"
export LD="x86_64-oe-linux-ld --sysroot=/OE/build/oe-core/tmp-glibc/work/core2-64-oe-linux/systemd-boot/249.1-r0/recipe-sysroot "
$ bitbake-getvar -r systemd-boot EFI_LD
#
# $EFI_LD
# set /OE/build/oe-core/openembedded-core/meta/recipes-core/systemd/systemd-boot_249.1.bb:23
# "${HOST_PREFIX}ld.bfd"
EFI_LD="x86_64-oe-linux-ld.bfd"
otherwise first ld.bfd it will find will be from HOSTTOOLS_NONFATAL and
fail when host's binutils isn't compatible as in:
https://autobuilder.yoctoproject.org/typhoon/#/builders/104/builds/2673/steps/11/logs/stdio
FAILED: src/boot/efi/linuxx64.elf.stub
/home/pokybuild/yocto-worker/genericx86-64-alt/build/build/tmp/hosttools/ld.bfd -o src/boot/efi/linuxx64.elf.stub -T /home/pokybuild/yocto-worker/genericx86-64-alt/build/build/tmp/work/core2-64-poky-linux/systemd-boot/249.1-r0/recipe-sysroot/usr/lib/elf_x86_64_efi.lds -shared -Bsymbolic -nostdlib -znocombreloc --build-id=sha1 -L /home/pokybuild/yocto-worker/genericx86-64-alt/build/build/tmp/work/core2-64-poky-linux/systemd-boot/249.1-r0/recipe-sysroot/usr/lib /home/pokybuild/yocto-worker/genericx86-64-alt/build/build/tmp/work/core2-64-poky-linux/systemd-boot/249.1-r0/recipe-sysroot/usr/lib/crt0-efi-x86_64.o src/boot/efi/string-util-fundamental.c.o src/boot/efi/disk.c.o src/boot/efi/graphics.c.o src/boot/efi/measure.c.o src/boot/efi/pe.c.o src/boot/efi/secure-boot.c.o src/boot/efi/util.c.o src/boot/efi/linux.c.o src/boot/efi/splash.c.o src/boot/efi/stub.c.o -lefi -lgnuefi /home/pokybuild/yocto-worker/genericx86-64-alt/build/build/tmp/work/core2-64-poky-linux/systemd-boot/249.1-r0/recipe-sysroot/usr/lib/../lib/x86_64-poky-linux/11.2.0/libgcc.a
/home/pokybuild/yocto-worker/genericx86-64-alt/build/build/tmp/hosttools/ld.bfd: warning: /home/pokybuild/yocto-worker/genericx86-64-alt/build/build/tmp/work/core2-64-poky-linux/systemd-boot/249.1-r0/recipe-sysroot/usr/lib/crt0-efi-x86_64.o: unsupported GNU_PROPERTY_TYPE (5) type: 0xc0010002
/home/pokybuild/yocto-worker/genericx86-64-alt/build/build/tmp/hosttools/ld.bfd: warning: /home/pokybuild/yocto-worker/genericx86-64-alt/build/build/tmp/work/core2-64-poky-linux/systemd-boot/249.1-r0/recipe-sysroot/usr/lib/crt0-efi-x86_64.o: unsupported GNU_PROPERTY_TYPE (5) type: 0xc0010001
/home/pokybuild/yocto-worker/genericx86-64-alt/build/build/tmp/hosttools/ld.bfd: /home/pokybuild/yocto-worker/genericx86-64-alt/build/build/tmp/work/core2-64-poky-linux/systemd-boot/249.1-r0/recipe-sysroot/usr/lib/crt0-efi-x86_64.o: unable to initialize decompress status for section .debug_line
/home/pokybuild/yocto-worker/genericx86-64-alt/build/build/tmp/hosttools/ld.bfd: /home/pokybuild/yocto-worker/genericx86-64-alt/build/build/tmp/work/core2-64-poky-linux/systemd-boot/249.1-r0/recipe-sysroot/usr/lib/crt0-efi-x86_64.o: unable to initialize decompress status for section .debug_line
/home/pokybuild/yocto-worker/genericx86-64-alt/build/build/tmp/work/core2-64-poky-linux/systemd-boot/249.1-r0/recipe-sysroot/usr/lib/crt0-efi-x86_64.o: file not recognized: File format not recognized
(From OE-Core rev: 603e50f3db224a0e36a65decb9a98df41b9e22b3)
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
This is the result of automated script conversion:
scripts/contrib/convert-overrides.py <oe-core directory>
converting the metadata to use ":" as the override character instead of "_".
(From OE-Core rev: 42344347be29f0997cc2f7636d9603b1fe1875ae)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
We need to prevent systemd-network from managing veth interface when
using platforms like k3s as they control creation and management of the
interfaces.
(From OE-Core rev: b615bb279730ce3e0c4b4098a9e43700f2f095af)
Signed-off-by: Matt Spencer <matt.spencer@arm.com>
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
When systemctl fail it would throw an exception and
dump a traceback. Lets use a more controlled workflow.
[Yocto #14395]
(From OE-Core rev: df510ae9a1494bc1be8d6673fbaa43d3f7cc8f40)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
This is not needed as systemd-conf only packages
standalone config files.
(From OE-Core rev: 02bebaaf927e2cf5326bcae1de10cd4a82fd9495)
Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Drop backports:
48fff0a2af3f62acd446ebec8081b039b72caad8.patch
7c5fd25119a495009ea62f79e5daec34cc464628.patch
0001-analyze-resolve-executable-path-if-it-is-relative.patch
0001-analyze-resolve-executable-path-if-it-is-relative.patch
Drop 0027-proc-dont-trigger-mount-error-with-invalid-options-o.patch
as difficult to rebase; please resend if you feel strongly that
it is needed.
Rebase the big pile of musl patches.
(From OE-Core rev: e8dd5a36bf2f1e645fb2ff15eb3b5e97c04776e6)
Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
refresh the following patches:
systemd/0001-systemd.pc.in-use-ROOTPREFIX-without-suffixed-slash.patch
systemd/0006-Include-netinet-if_ether.h.patch
(From OE-Core rev: 5db15aec00517e5b6f6585b534a2314c226841bf)
Signed-off-by: Wang Mingyu <wangmy@cn.fujitsu.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
In cases where we configure the IP address and more on the kernel
command line with ip= we should not ask for DHCP with systemd-networkd
later on. We have such a setup with our runqemu script.
With this match in place we can also deploy this unit on qemu systems.
(From OE-Core rev: 8c4981e740c0e630200dbc77c9e3dfd3e43b790b)
Signed-off-by: Stefan Schmidt <stefan.schmidt@huawei.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
The systemd-nspawn@.service file uses the following line to try
loading the tun, loop and dm-mod kernel modules, in a non fatal way:
ExecStartPre=-/sbin/modprobe -abq tun loop dm-mod
A non-zero return code from modprobe will not stop the service from
starting, but it would be convenient to inform the user about this
optional support, so add these modules to RRECOMMENDS.
(From OE-Core rev: 9644285dc8a7e7c52b5f7554ef06d9ff53167832)
Signed-off-by: Vivien Didelot <vdidelot@pbsc.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
If systemd is configured with importd, "machinectl import-*" can be
used to add container trees under /var/lib/machines.
But "machinectl import-tar" makes use of "tar --numeric-owner" which
is not supported by the busybox binary, as shown below:
# machinectl import-tar /tmp/container.tar.xz
Enqueued transfer job 1. Press C-c to continue download in background.
Importing '/tmp/container.tar.xz', saving as 'container'.
Imported 0%.
tar: unrecognized option '--numeric-owner'
BusyBox v1.31.1 () multi-call binary.
Usage: tar c|x|t [-ZzJjahmvokO] [-f TARFILE] [-C DIR] [-T FILE] [-X FILE] [FILE]...
Failed to decode and write: Broken pipe
Exiting.
To fix this, recommend the standard tar package.
Cc: Chen Qi <Qi.Chen@windriver.com>
(From OE-Core rev: 801658f0161270c76829a123a4f531ca5a1f73db)
Signed-off-by: Vivien Didelot <vdidelot@pbsc.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Sort packages in RRECOMMENDS_${PN}-container alphabetically to avoid
subjective sorting and ease future additions.
(From OE-Core rev: 636c048b9d49b0f0bf083add688b4de80f3e37cd)
Signed-off-by: Vivien Didelot <vdidelot@pbsc.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
The comment above the importd config states curl, which does not
exist in PACKAGECONFIG. Adding it results in the following error
(and then misleading compilation failures):
WARNING: systemd-1_244.5-r0 do_configure: QA Issue: systemd: invalid PACKAGECONFIG: curl [invalid-packageconfig]
Support for curl is currently enabled through journal-upload:
PACKAGECONFIG[journal-upload] = "-Dlibcurl=true,-Dlibcurl=false,curl"
While it might be more appropriate to deprecate "journal-upload"
in favor of a "curl" PACKAGECONFIG entry, simply fix the importd
comment for now by stating upload-journal instead of curl.
(From OE-Core rev: e6a0bced605da58ff43ff06ea6a1d67e84c98d91)
Signed-off-by: Vivien Didelot <vdidelot@pbsc.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
The licenses were renamed to match their SPDX names, fix the
references in LIC_FILES_CHKSUM in OE-Core.
(From OE-Core rev: 9af48917cfe583d2db9e1e088c7e396fcf638949)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
When polkit is not available, networkd will not have permissions
to call hostnamed's dbus methods, as it runs without privileges.
To solve this, when building without polkit, make a new PACKAGECONFIG
'polkit_hostnamed_fallback' available which changes hostnamed so that
it runs as the 'systemd-network' user, the same as networkd, so that
the authorization works (and also with CAP_SYS_ADMIN since it loses
root).
Also run it with a separate 'systemd-hostname' group which also owns
the bus, to avoid giving the 'systemd-network' additional privileges.
(From OE-Core rev: 07a8f1629662d4d66d056d95be3cb9e749242274)
Signed-off-by: Luca Boccassi <luca.boccassi@microsoft.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
These two header fixes are not needed with the current source as the
headers are there through other header files. Drop the patches.
(From OE-Core rev: ece3efe43b6b9de5426c23f29db15dd709bcd749)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
As mentioned during review, this patch can be less invasive and hence easier
to maintain. Improve as such.
(From OE-Core rev: 3a1bd768e62a493aa73e82f5c443ca28b108af51)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
include "missing_stdlib.h" is needed for strndupa()
(From OE-Core rev: 87c9ed35fce8c9358d8a5dda20ece0a46cbff325)
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Backport a patch to fix the below systemd-analyze issue:
# systemd-analyze --man=false verify /lib/systemd/system/initrd-cleanup.service
initrd-cleanup.service: Command systemctl is not executable: No such file or directory
# which systemctl
/bin/systemctl
# cat /lib/systemd/system/initrd-cleanup.service
[snip]
[Unit]
Description=Cleaning Up and Shutting Down Daemons
DefaultDependencies=no
AssertPathExists=/etc/initrd-release
OnFailure=emergency.target
OnFailureJobMode=replace-irreversibly
After=initrd-root-fs.target initrd-fs.target initrd.target
[Service]
Type=oneshot
ExecStart=systemctl --no-block isolate initrd-switch-root.target
(From OE-Core rev: 2e0259931f71701147039bb8e60251892f67dbcd)
Signed-off-by: Mingli Yu <mingli.yu@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Recent systemd started using ascii args to "hidepid=" mount options
for proc fs - unconditionally -- even though kernels older than v5.8
emit an error message on each attempt:
root@qemux86-64:~# cat /proc/version
Linux version 5.4.87-yocto-standard (oe-user@oe-host) (gcc version 10.2.0 (GCC)) #1 SMP PREEMPT Fri Jan 8 01:47:13 UTC 2021
root@qemux86-64:~# dmesg|grep proc:
[ 29.487995] proc: Bad value for 'hidepid'
[ 43.170571] proc: Bad value for 'hidepid'
[ 44.175615] proc: Bad value for 'hidepid'
[ 46.213300] proc: Bad value for 'hidepid'
root@qemux86-64:~#
Simply ignoring them as the systemd maintainer unconditionally says
is the resolution is clearly not acceptable, given the above.
Add a kernel version check to avoid calling mount with invalid args.
Further details are within the enclosed systemd commit.
Cc: Luca Boccassi <luca.boccassi@microsoft.com>
Cc: Richard Purdie <richard.purdie@linuxfoundation.org>
(From OE-Core rev: 76107fd7372559aa4cd22a89d5517a4dfce9314d)
Signed-off-by: Paul Gortmaker <paul.gortmaker@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
meson.build will fall back to greping /etc/login.defs for values of these
if they're not set. Different distros set them (Centos 7/8 does, Ubuntu
does not) so output was not deterministic. Avoid this by setting to the
default values. We now match the vaules from login.defs from shadow.
(From OE-Core rev: 77a6ac0ac266d71e4fe67fd332662081f30cd7bf)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Some libraries are now dlopen'ed and skipped at runtime if
not available. Add them to the RRECOMMENDS list, to allow
users to exclude them for smaller images even if generally
enabled at build time.
(From OE-Core rev: 0131a794be1a97f9aef3224c7c66fcf27576ce84)
Signed-off-by: Luca Boccassi <luca.boccassi@microsoft.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Update systemd to v247.2.
Add rule for new oomd dbus conf and for new pam.d
conf directory in /usr/lib|lib64.
Drop selinux-hook-handling-to-enumerate-nexthop.patch,
merged upstream.
Drop 0001-meson-Fix-reallocarray-check.patch,
merged upstream.
Refresh musl patches.
(From OE-Core rev: 1e1d26de68ed13fd53c1a16b9662ac9860dca714)
Signed-off-by: Luca Boccassi <luca.boccassi@microsoft.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
systemd-boot works on 32-bit and 64-bit Arm targets (assuming the
firmware does EFI, obviously), so allow it to be built.
(From OE-Core rev: 3325992e66e8fbd80292beb4b0ffd50beca138d8)
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Also build and deploy the EFI stub. SYSTEMD_BOOT_EFI_ARCH can be dropped
as image-uefi.conf now sets EFI_ARCH.
Changes originally taken from meta-intel.
(From OE-Core rev: 00191504bd9321334a5c01b95179ed15b063f1b6)
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
