diff options
author | Andreas Rammhold <andreas@rammhold.de> | 2021-12-12 03:56:45 +0100 |
---|---|---|
committer | Florian Klink <flokli@flokli.de> | 2022-03-05 21:27:44 +0100 |
commit | 3869ce784e80445cc6037999b087e7ca61ebf60f (patch) | |
tree | 43b4495e30a171988d65269fd2a6bb32b06f0e53 /pkgs/os-specific/linux/systemd/default.nix | |
parent | 0423158e106ec4a838f0d8f956faecfacf4396f3 (diff) | |
download | nixpkgs-3869ce784e80445cc6037999b087e7ca61ebf60f.tar nixpkgs-3869ce784e80445cc6037999b087e7ca61ebf60f.tar.gz nixpkgs-3869ce784e80445cc6037999b087e7ca61ebf60f.tar.bz2 nixpkgs-3869ce784e80445cc6037999b087e7ca61ebf60f.tar.lz nixpkgs-3869ce784e80445cc6037999b087e7ca61ebf60f.tar.xz nixpkgs-3869ce784e80445cc6037999b087e7ca61ebf60f.tar.zst nixpkgs-3869ce784e80445cc6037999b087e7ca61ebf60f.zip |
systemd: 249.7 -> 250.3
Diffstat (limited to 'pkgs/os-specific/linux/systemd/default.nix')
-rw-r--r-- | pkgs/os-specific/linux/systemd/default.nix | 189 |
1 files changed, 126 insertions, 63 deletions
diff --git a/pkgs/os-specific/linux/systemd/default.nix b/pkgs/os-specific/linux/systemd/default.nix index c29bd637bf4..95782d2c075 100644 --- a/pkgs/os-specific/linux/systemd/default.nix +++ b/pkgs/os-specific/linux/systemd/default.nix @@ -123,7 +123,14 @@ assert withHomed -> withCryptsetup; assert withCryptsetup -> (cryptsetup != null); let wantCurl = withRemote || withImportd; - version = "249.7"; + wantGcrypt = withResolved || withImportd; + version = "250.3"; + + # Bump this variable on every (major) version change. See below (in the meson options list) for why. + # command: + # $ curl -s https://api.github.com/repos/systemd/systemd/releases/latest | \ + # jq '.created_at|strptime("%Y-%m-%dT%H:%M:%SZ")|mktime' + releaseTimestamp = "1640290180"; in stdenv.mkDerivation { inherit pname version; @@ -134,12 +141,12 @@ stdenv.mkDerivation { owner = "systemd"; repo = "systemd-stable"; rev = "v${version}"; - sha256 = "sha256-y33/BvvI+JyhsvuT1Cbm6J2Z72j71oXgLw6X9NwCMPE="; + sha256 = "sha256-O1XE0BhIuDAlFVX7WIy02M9YTIxLX0Q8atJAYsUgQDQ="; }; - # If these need to be regenerated, `git am path/to/00*.patch` them into a - # systemd worktree, rebase to the more recent systemd version, and export the - # patches again via `git -c format.signoff=false format-patch v${version}`. + # On major changes, or when otherwise required, you *must* reformat the patches, + # `git am path/to/00*.patch` them into a systemd worktree, rebase to the more recent + # systemd version, and export the patches again via `git -c format.signoff=false format-patch v${version}`. # Use `find . -name "*.patch" | sort` to get an up-to-date listing of all patches patches = [ ./0001-Start-device-units-for-uninitialised-encrypted-devic.patch @@ -168,14 +175,6 @@ stdenv.mkDerivation { # need (AFAICT). # See https://github.com/systemd/systemd/pull/20479 for upsteam discussion. ./0019-core-handle-lookup-paths-being-symlinks.patch - - # In v248 compiler weirdness and refactoring lead to the bootloader - # erroring out handling keyboard input on some systems. See - # https://github.com/systemd/systemd/issues/19191 - # This should be redundant in v249.6 when it offically gets tagged in - # systemd-stable - ./0020-sd-boot-Unify-error-handling.patch - ./0021-sd-boot-Rework-console-input-handling.patch ] ++ lib.optional stdenv.hostPlatform.isMusl ( let oe-core = fetchzip { @@ -287,6 +286,10 @@ stdenv.mkDerivation { { name = "libtss2-mu.so.0"; pkg = opt withTpm2Tss tpm2-tss; } { name = "libtss2-tcti-"; pkg = opt withTpm2Tss tpm2-tss; } { name = "libfido2.so.1"; pkg = opt withFido2 libfido2; } + + # inspect-elf support + { name = "libelf.so.1"; pkg = opt withCoredump elfutils; } + { name = "libdw.so.1"; pkg = opt withCoredump elfutils; } ]; patchDlOpen = dl: @@ -446,7 +449,12 @@ stdenv.mkDerivation { "-Dsmack=true" "-Db_pie=true" "-Dinstall-sysconfdir=false" - "-Defi-ld=${stdenv.cc.bintools.targetPrefix}ld" + "-Defi-ld=gold" + "-Dsbat-distro=nixos" + "-Dsbat-distro-summary=NixOS" + "-Dsbat-distro-url=https://nixos.org/" + "-Dsbat-distro-pkgname=${pname}" + "-Dsbat-distro-version=${version}" /* As of now, systemd doesn't allow runtime configuration of these values. So the settings in /etc/login.defs have no effect on it. Many people think this @@ -498,57 +506,112 @@ stdenv.mkDerivation { "-Dutmp=false" "-Didn=false" ]; + preConfigure = + let + # A list of all the runtime binaries that the systemd exectuables, tests and libraries are referencing in their source code, scripts and unit files. + # As soon as a dependency isn't required anymore we should remove it from the list. The `where` attribute for each of the replacement patterns must be exhaustive. If another (unhandled) case is found in the source code the build fails with an error message. + binaryReplacements = [ + { search = "/usr/bin/getent"; replacement = "${getent}/bin/getent"; where = [ "src/nspawn/nspawn-setuid.c" ]; } + + { + search = "/sbin/mkswap"; + replacement = "${lib.getBin util-linux}/sbin/mkswap"; + where = [ + "man/systemd-makefs@.service.xml" + ]; + } + { search = "/sbin/swapon"; replacement = "${lib.getBin util-linux}/sbin/swapon"; where = [ "src/core/swap.c" "src/basic/unit-def.h" ]; } + { search = "/sbin/swapoff"; replacement = "${lib.getBin util-linux}/sbin/swapoff"; where = [ "src/core/swap.c" ]; } + { + search = "/bin/echo"; + replacement = "${coreutils}/bin/echo"; + where = [ + "man/systemd-analyze.xml" + "man/systemd.service.xml" + "src/analyze/test-verify.c" + "src/test/test-env-file.c" + "src/test/test-fileio.c" + "test/test-execute/exec-systemcallfilter-failing2.service" + "test/test-execute/exec-systemcallfilter-failing3.service" + "test/test-execute/exec-systemcallfilter-failing.service" + "test/testsuite-06.units/hola.service" + "test/udev-test.pl" + "test/units/hello.service" + "test/units/testsuite-07.sh" + "test/units/testsuite-15.sh" + "test/units/testsuite-17.05.sh" + "test/units/testsuite-40.sh" + "test/units/unstoppable.service" + ]; + } + { + search = "/bin/cat"; + replacement = "${coreutils}/bin/cat"; + where = [ "test/create-busybox-container" "test/test-execute/exec-noexecpaths-simple.service" "src/journal/cat.c" ]; + } + { search = "/sbin/modprobe"; replacement = "${lib.getBin kmod}/sbin/modprobe"; where = [ "units/modprobe@.service" ]; } + { + search = "/usr/lib/systemd/systemd-fsck"; + replacement = "$out/lib/systemd/systemd-fsck"; + where = [ + "man/systemd-fsck@.service.xml" + "test/test-fstab-generator.sh" + "test/test-fstab-generator/test-12-dev-sdx.expected/systemd-fsck-root.service" + "test/test-fstab-generator/test-13-label.expected/systemd-fsck-root.service" + "test/test-fstab-generator/test-14-uuid.expected/systemd-fsck-root.service" + "test/test-fstab-generator/test-15-partuuid.expected/systemd-fsck-root.service" + ]; + } + ] ++ lib.optionals withImportd [ + { + search = "\"gpg\""; + replacement = "\\\"${gnupg}/bin/gpg\\\""; + where = [ "src/import/pull-common.c" ]; + } + { + search = "\"tar\""; + replacement = "\\\"${gnutar}/bin/tar\\\""; + where = [ + "src/import/export-tar.c" + "src/import/export.c" + "src/import/import-common.c" + "src/import/import-tar.c" + "src/import/import.c" + "src/import/importd.c" + "src/import/pull-tar.c" + "src/import/pull.c" + ]; + } + ]; + + # { replacement, search, where } -> List[str] + mkSubstitute = { replacement, search, where }: + map (path: "substituteInPlace ${path} --replace '${search}' \"${replacement}\"") where; + mkEnsureSubstituted = { replacement, search, where }: + '' + if [[ $(grep -r '${search}' | grep -v "${replacement}" | grep -v NEWS | wc -l) -gt 0 ]]; then + echo "Not all references to '${search}' have been replace. Found the following matches:" + grep '${search}' -r | grep -v "${replacement}" | grep -v NEWS + exit 1 + fi + ''; - preConfigure = '' - mesonFlagsArray+=(-Dntp-servers="0.nixos.pool.ntp.org 1.nixos.pool.ntp.org 2.nixos.pool.ntp.org 3.nixos.pool.ntp.org") - export LC_ALL="en_US.UTF-8"; - # FIXME: patch this in systemd properly (and send upstream). - # already fixed in f00929ad622c978f8ad83590a15a765b4beecac9: (u)mount - for i in \ - src/core/mount.c \ - src/core/swap.c \ - src/cryptsetup/cryptsetup-generator.c \ - src/journal/cat.c \ - src/nspawn/nspawn.c \ - src/remount-fs/remount-fs.c \ - src/shared/generator.c \ - src/shutdown/shutdown.c \ - units/emergency.service.in \ - units/modprobe@.service \ - units/rescue.service.in \ - units/systemd-logind.service.in \ - units/systemd-nspawn@.service.in; \ - do - test -e $i - substituteInPlace $i \ - --replace /usr/bin/getent ${getent}/bin/getent \ - --replace /sbin/mkswap ${lib.getBin util-linux}/sbin/mkswap \ - --replace /sbin/swapon ${lib.getBin util-linux}/sbin/swapon \ - --replace /sbin/swapoff ${lib.getBin util-linux}/sbin/swapoff \ - --replace /bin/echo ${coreutils}/bin/echo \ - --replace /bin/cat ${coreutils}/bin/cat \ - --replace /sbin/sulogin ${lib.getBin util-linux}/sbin/sulogin \ - --replace /sbin/modprobe ${lib.getBin kmod}/sbin/modprobe \ - --replace /usr/lib/systemd/systemd-fsck $out/lib/systemd/systemd-fsck \ - --replace /bin/plymouth /run/current-system/sw/bin/plymouth # To avoid dependency - done + in + '' + mesonFlagsArray+=(-Dntp-servers="0.nixos.pool.ntp.org 1.nixos.pool.ntp.org 2.nixos.pool.ntp.org 3.nixos.pool.ntp.org") + export LC_ALL="en_US.UTF-8"; - for dir in tools src/resolve test src/test src/shared; do - patchShebangs $dir - done + ${lib.concatStringsSep "\n" (lib.flatten (map mkSubstitute binaryReplacements))} + ${lib.concatMapStringsSep "\n" mkEnsureSubstituted binaryReplacements} - # absolute paths to gpg & tar - substituteInPlace src/import/pull-common.c \ - --replace '"gpg"' '"${gnupg}/bin/gpg"' - for file in src/import/{{export,import,pull}-tar,import-common}.c; do - substituteInPlace $file \ - --replace '"tar"' '"${gnutar}/bin/tar"' - done + for dir in tools src/resolve test src/test src/shared; do + patchShebangs $dir + done - substituteInPlace src/libsystemd/sd-journal/catalog.c \ - --replace /usr/lib/systemd/catalog/ $out/lib/systemd/catalog/ - ''; + substituteInPlace src/libsystemd/sd-journal/catalog.c \ + --replace /usr/lib/systemd/catalog/ $out/lib/systemd/catalog/ + ''; # These defines are overridden by CFLAGS and would trigger annoying # warning messages @@ -556,7 +619,7 @@ stdenv.mkDerivation { substituteInPlace config.h \ --replace "POLKIT_AGENT_BINARY_PATH" "_POLKIT_AGENT_BINARY_PATH" \ --replace "SYSTEMD_BINARY_PATH" "_SYSTEMD_BINARY_PATH" \ - --replace "SYSTEMD_CGROUP_AGENT_PATH" "_SYSTEMD_CGROUP_AGENT_PATH" + --replace "SYSTEMD_CGROUP_AGENTS_PATH" "_SYSTEMD_CGROUP_AGENT_PATH" ''; NIX_CFLAGS_COMPILE = toString ([ @@ -568,8 +631,8 @@ stdenv.mkDerivation { # Set the release_agent on /sys/fs/cgroup/systemd to the # currently running systemd (/run/current-system/systemd) so # that we don't use an obsolete/garbage-collected release agent. - "-USYSTEMD_CGROUP_AGENT_PATH" - "-DSYSTEMD_CGROUP_AGENT_PATH=\"/run/current-system/systemd/lib/systemd/systemd-cgroups-agent\"" + "-USYSTEMD_CGROUP_AGENTS_PATH" + "-DSYSTEMD_CGROUP_AGENTS_PATH=\"/run/current-system/systemd/lib/systemd/systemd-cgroups-agent\"" "-USYSTEMD_BINARY_PATH" "-DSYSTEMD_BINARY_PATH=\"/run/current-system/systemd/lib/systemd/systemd\"" |