summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorSam James <sam@gentoo.org>2022-05-24 23:27:45 +0100
committerSam James <sam@gentoo.org>2022-05-24 23:35:50 +0100
commiteb84c4b6a972b074bc60f64d3348e93602795df1 (patch)
tree875891e6c056465db7a284bb0f170ae73832aa55 /sys-apps
parentapp-misc/kryoflux-dtc: amd64 stable (diff)
downloadgentoo-eb84c4b6a972b074bc60f64d3348e93602795df1.tar.gz
gentoo-eb84c4b6a972b074bc60f64d3348e93602795df1.tar.bz2
gentoo-eb84c4b6a972b074bc60f64d3348e93602795df1.zip
sys-apps/systemd: add 251.1
- Revert FORTIFY_SOURCE=3 patch for now as it breaks Clang (even without setting F_S=3, or seemingly F_S at all, as we don't patch Clang to add that in the way we do with GCC) - Turn off F_S=3 accordingly given we've had to revert the patch which fixes support for it. Bug: https://bugs.gentoo.org/841770 Signed-off-by: Sam James <sam@gentoo.org>
Diffstat (limited to 'sys-apps')
-rw-r--r--sys-apps/systemd/Manifest1
-rw-r--r--sys-apps/systemd/files/251-revert-fortify-source-3-fix.patch40
-rw-r--r--sys-apps/systemd/systemd-251.1.ebuild530
-rw-r--r--sys-apps/systemd/systemd-9999.ebuild20
4 files changed, 590 insertions, 1 deletions
diff --git a/sys-apps/systemd/Manifest b/sys-apps/systemd/Manifest
index 9b589c708f7e..a12a4d846fc0 100644
--- a/sys-apps/systemd/Manifest
+++ b/sys-apps/systemd/Manifest
@@ -1,3 +1,4 @@
DIST systemd-251.tar.gz 11431104 BLAKE2B da783d815adf244defc3c1ec8a788fffdff45215f5c2449c457e872ad89b8270caa3e48ecb696fa79eb1d79578ded3d098802fed0fc69a191ba2d7d6b120e068 SHA512 5a7116cfd99f7875334a1ce55a76ba1840a28b6500b02de82b879629768e10457efd8278024aa1ffefd43defe657284c4d51ab502ed3c7e6b63d5b6e0cc1f642
DIST systemd-stable-250.4.tar.gz 11132786 BLAKE2B 8fdfe1bad76e572dc1be0955f3d1c4080f2beb81a2f9670f80827899f5406ab8ed8675400c2f5e8ccef44cf1bceff42ceae12a42e1b67d46c0deb523e6495f25 SHA512 307ed0920da660b6c45d909fea66864fb98db8b2f6905d629fb2012fc4bf64dd25fd61168c22bf4098200be541be9b0e815fbde98806a99c85cb33d49d8b63d0
DIST systemd-stable-250.5.tar.gz 11212059 BLAKE2B b7dbcb9e82c51e966db20a92ccd59ac19309702c481dd575c4e6367ca5ade10fe4b689925416ce1169682380cbf22d7d692b2378ef091f3007c16891992e3f92 SHA512 ad864b67bd5e2f5fd5705b636467827e4735142cefba150d24bb8e51ac0263650b2b0e53d4426eb509d1db59b83dc3b4c4bf157cc355fc2b7524db6bc4a9b5cd
+DIST systemd-stable-251.1.tar.gz 11431880 BLAKE2B 0442489242b2fbfb316f207c7c8c718322a1ea2af8176378fb39bea441fdd8bbb36ea840af9bdec257b714f5f3099daa1139bc6df6ca6f0c2f467c59013fba92 SHA512 6fc72197b684abc343480acb66b8f749c186bd7a031ddd757c4a0e5fd8fdeda0cde9c9e634fd3d9e2b2d1ed96019c5f8e7119ad10a7f51d5dc13fac2571c6c70
diff --git a/sys-apps/systemd/files/251-revert-fortify-source-3-fix.patch b/sys-apps/systemd/files/251-revert-fortify-source-3-fix.patch
new file mode 100644
index 000000000000..bbe45f85dcf2
--- /dev/null
+++ b/sys-apps/systemd/files/251-revert-fortify-source-3-fix.patch
@@ -0,0 +1,40 @@
+From: Sam James <sam@gentoo.org>
+Date: Tue, 24 May 2022 23:21:50 +0100
+Subject: [PATCH] Revert "Support -D_FORTIFY_SOURCE=3 by using
+ __builtin_dynamic_object_size."
+
+Breaks Clang (even without F_S=3).
+
+This reverts commit 0bd292567a543d124cd303f7dd61169a209cae64.
+
+Bug: https://bugs.gentoo.org/841770
+Bug: https://github.com/systemd/systemd/issues/23150
+--- a/src/basic/alloc-util.h
++++ b/src/basic/alloc-util.h
+@@ -174,23 +174,13 @@ void* greedy_realloc0(void **p, size_t need, size_t size);
+ * is compatible with _FORTIFY_SOURCES. If _FORTIFY_SOURCES is used many memory operations will take the
+ * object size as returned by __builtin_object_size() into account. Hence, let's return the smaller size of
+ * malloc_usable_size() and __builtin_object_size() here, so that we definitely operate in safe territory by
+- * both the compiler's and libc's standards. Note that _FORTIFY_SOURCES=3 handles also dynamically allocated
+- * objects and thus it's safer using __builtin_dynamic_object_size if _FORTIFY_SOURCES=3 is used (#22801).
+- * Moreover, when NULL is passed malloc_usable_size() is documented to return zero, and
++ * both the compiler's and libc's standards. Note that __builtin_object_size() evaluates to SIZE_MAX if the
++ * size cannot be determined, hence the MIN() expression should be safe with dynamically sized memory,
++ * too. Moreover, when NULL is passed malloc_usable_size() is documented to return zero, and
+ * __builtin_object_size() returns SIZE_MAX too, hence we also return a sensible value of 0 in this corner
+ * case. */
+-
+-#if defined __has_builtin
+-# if __has_builtin(__builtin_dynamic_object_size)
+-# define MALLOC_SIZEOF_SAFE(x) \
+- MIN(malloc_usable_size(x), __builtin_dynamic_object_size(x, 0))
+-# endif
+-#endif
+-
+-#ifndef MALLOC_SIZEOF_SAFE
+ #define MALLOC_SIZEOF_SAFE(x) \
+ MIN(malloc_usable_size(x), __builtin_object_size(x, 0))
+-#endif
+
+ /* Inspired by ELEMENTSOF() but operates on malloc()'ed memory areas: typesafely returns the number of items
+ * that fit into the specified memory block */
diff --git a/sys-apps/systemd/systemd-251.1.ebuild b/sys-apps/systemd/systemd-251.1.ebuild
new file mode 100644
index 000000000000..9381570446ab
--- /dev/null
+++ b/sys-apps/systemd/systemd-251.1.ebuild
@@ -0,0 +1,530 @@
+# Copyright 2011-2022 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=7
+PYTHON_COMPAT=( python3_{8..10} )
+
+# Avoid QA warnings
+TMPFILES_OPTIONAL=1
+
+if [[ ${PV} == 9999 ]]; then
+ EGIT_REPO_URI="https://github.com/systemd/systemd.git"
+ inherit git-r3
+else
+ if [[ ${PV} == *.* ]]; then
+ MY_PN=systemd-stable
+ else
+ MY_PN=systemd
+ fi
+ MY_PV=${PV/_/-}
+ MY_P=${MY_PN}-${MY_PV}
+ S=${WORKDIR}/${MY_P}
+ SRC_URI="https://github.com/systemd/${MY_PN}/archive/v${MY_PV}/${MY_P}.tar.gz"
+ KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~loong ~mips ~ppc ~ppc64 ~riscv ~s390 ~sparc ~x86"
+fi
+
+inherit bash-completion-r1 flag-o-matic linux-info meson-multilib pam python-any-r1 systemd toolchain-funcs udev usr-ldscript
+
+DESCRIPTION="System and service manager for Linux"
+HOMEPAGE="https://www.freedesktop.org/wiki/Software/systemd"
+
+LICENSE="GPL-2 LGPL-2.1 MIT public-domain"
+SLOT="0/2"
+IUSE="
+ acl apparmor audit build cgroup-hybrid cryptsetup curl +dns-over-tls elfutils
+ fido2 +gcrypt gnuefi gnutls homed http idn importd +kmod
+ +lz4 lzma nat +openssl pam pcre pkcs11 policykit pwquality qrcode
+ +resolvconf +seccomp selinux split-usr +sysv-utils test tpm vanilla xkb +zstd
+"
+REQUIRED_USE="
+ dns-over-tls? ( || ( gnutls openssl ) )
+ homed? ( cryptsetup pam openssl )
+ importd? ( curl lzma || ( gcrypt openssl ) )
+ pwquality? ( homed )
+"
+RESTRICT="!test? ( test )"
+
+MINKV="4.15"
+
+COMMON_DEPEND="
+ >=sys-apps/util-linux-2.30:0=[${MULTILIB_USEDEP}]
+ sys-libs/libcap:0=[${MULTILIB_USEDEP}]
+ virtual/libcrypt:=[${MULTILIB_USEDEP}]
+ acl? ( sys-apps/acl:0= )
+ apparmor? ( sys-libs/libapparmor:0= )
+ audit? ( >=sys-process/audit-2:0= )
+ cryptsetup? ( >=sys-fs/cryptsetup-2.0.1:0= )
+ curl? ( net-misc/curl:0= )
+ elfutils? ( >=dev-libs/elfutils-0.158:0= )
+ fido2? ( dev-libs/libfido2:0= )
+ gcrypt? ( >=dev-libs/libgcrypt-1.4.5:0=[${MULTILIB_USEDEP}] )
+ gnutls? ( >=net-libs/gnutls-3.6.0:0= )
+ http? ( >=net-libs/libmicrohttpd-0.9.33:0=[epoll(+)] )
+ idn? ( net-dns/libidn2:= )
+ importd? (
+ app-arch/bzip2:0=
+ sys-libs/zlib:0=
+ )
+ kmod? ( >=sys-apps/kmod-15:0= )
+ lz4? ( >=app-arch/lz4-0_p131:0=[${MULTILIB_USEDEP}] )
+ lzma? ( >=app-arch/xz-utils-5.0.5-r1:0=[${MULTILIB_USEDEP}] )
+ nat? ( net-firewall/iptables:0= )
+ openssl? ( >=dev-libs/openssl-1.1.0:0= )
+ pam? ( sys-libs/pam:=[${MULTILIB_USEDEP}] )
+ pkcs11? ( app-crypt/p11-kit:0= )
+ pcre? ( dev-libs/libpcre2 )
+ pwquality? ( dev-libs/libpwquality:0= )
+ qrcode? ( media-gfx/qrencode:0= )
+ seccomp? ( >=sys-libs/libseccomp-2.3.3:0= )
+ selinux? ( sys-libs/libselinux:0= )
+ tpm? ( app-crypt/tpm2-tss:0= )
+ xkb? ( >=x11-libs/libxkbcommon-0.4.1:0= )
+ zstd? ( >=app-arch/zstd-1.4.0:0=[${MULTILIB_USEDEP}] )
+"
+
+# Newer linux-headers needed by ia64, bug #480218
+DEPEND="${COMMON_DEPEND}
+ >=sys-kernel/linux-headers-${MINKV}
+ gnuefi? ( >=sys-boot/gnu-efi-3.0.2 )
+"
+
+# baselayout-2.2 has /run
+RDEPEND="${COMMON_DEPEND}
+ >=acct-group/adm-0-r1
+ >=acct-group/wheel-0-r1
+ >=acct-group/kmem-0-r1
+ >=acct-group/tty-0-r1
+ >=acct-group/utmp-0-r1
+ >=acct-group/audio-0-r1
+ >=acct-group/cdrom-0-r1
+ >=acct-group/dialout-0-r1
+ >=acct-group/disk-0-r1
+ >=acct-group/input-0-r1
+ >=acct-group/kvm-0-r1
+ >=acct-group/lp-0-r1
+ >=acct-group/render-0-r1
+ acct-group/sgx
+ >=acct-group/tape-0-r1
+ acct-group/users
+ >=acct-group/video-0-r1
+ >=acct-group/systemd-journal-0-r1
+ >=acct-user/root-0-r1
+ acct-user/nobody
+ >=acct-user/systemd-journal-remote-0-r1
+ >=acct-user/systemd-coredump-0-r1
+ >=acct-user/systemd-network-0-r1
+ acct-user/systemd-oom
+ >=acct-user/systemd-resolve-0-r1
+ >=acct-user/systemd-timesync-0-r1
+ >=sys-apps/baselayout-2.2
+ selinux? ( sec-policy/selinux-base-policy[systemd] )
+ sysv-utils? (
+ !sys-apps/openrc[sysv-utils(-)]
+ !sys-apps/sysvinit
+ )
+ !sysv-utils? ( sys-apps/sysvinit )
+ resolvconf? ( !net-dns/openresolv )
+ !build? ( || (
+ sys-apps/util-linux[kill(-)]
+ sys-process/procps[kill(+)]
+ sys-apps/coreutils[kill(-)]
+ ) )
+ !sys-apps/hwids[udev]
+ !sys-auth/nss-myhostname
+ !sys-fs/eudev
+ !sys-fs/udev
+"
+
+# sys-apps/dbus: the daemon only (+ build-time lib dep for tests)
+PDEPEND=">=sys-apps/dbus-1.9.8[systemd]
+ >=sys-fs/udev-init-scripts-34
+ policykit? ( sys-auth/polkit )
+ !vanilla? ( sys-apps/gentoo-systemd-integration )"
+
+BDEPEND="
+ app-arch/xz-utils:0
+ dev-util/gperf
+ >=dev-util/meson-0.46
+ >=sys-apps/coreutils-8.16
+ sys-devel/gettext
+ virtual/pkgconfig
+ test? (
+ app-text/tree
+ dev-lang/perl
+ sys-apps/dbus
+ )
+ app-text/docbook-xml-dtd:4.2
+ app-text/docbook-xml-dtd:4.5
+ app-text/docbook-xsl-stylesheets
+ dev-libs/libxslt:0
+ $(python_gen_any_dep 'dev-python/jinja[${PYTHON_USEDEP}]')
+ $(python_gen_any_dep 'dev-python/lxml[${PYTHON_USEDEP}]')
+"
+
+python_check_deps() {
+ has_version -b "dev-python/jinja[${PYTHON_USEDEP}]" &&
+ has_version -b "dev-python/lxml[${PYTHON_USEDEP}]"
+}
+
+QA_FLAGS_IGNORED="usr/lib/systemd/boot/efi/.*"
+QA_EXECSTACK="usr/lib/systemd/boot/efi/*"
+
+pkg_pretend() {
+ if [[ ${MERGE_TYPE} != buildonly ]]; then
+ if use test && has pid-sandbox ${FEATURES}; then
+ ewarn "Tests are known to fail with PID sandboxing enabled."
+ ewarn "See https://bugs.gentoo.org/674458."
+ fi
+
+ local CONFIG_CHECK=" ~BINFMT_MISC ~BLK_DEV_BSG ~CGROUPS
+ ~CGROUP_BPF ~DEVTMPFS ~EPOLL ~FANOTIFY ~FHANDLE
+ ~INOTIFY_USER ~IPV6 ~NET ~NET_NS ~PROC_FS ~SIGNALFD ~SYSFS
+ ~TIMERFD ~TMPFS_XATTR ~UNIX ~USER_NS
+ ~CRYPTO_HMAC ~CRYPTO_SHA256 ~CRYPTO_USER_API_HASH
+ ~!GRKERNSEC_PROC ~!IDE ~!SYSFS_DEPRECATED
+ ~!SYSFS_DEPRECATED_V2"
+
+ use acl && CONFIG_CHECK+=" ~TMPFS_POSIX_ACL"
+ use seccomp && CONFIG_CHECK+=" ~SECCOMP ~SECCOMP_FILTER"
+
+ if kernel_is -ge 5 10 20; then
+ CONFIG_CHECK+=" ~KCMP"
+ else
+ CONFIG_CHECK+=" ~CHECKPOINT_RESTORE"
+ fi
+
+ if kernel_is -ge 4 18; then
+ CONFIG_CHECK+=" ~AUTOFS_FS"
+ else
+ CONFIG_CHECK+=" ~AUTOFS4_FS"
+ fi
+
+ if linux_config_exists; then
+ local uevent_helper_path=$(linux_chkconfig_string UEVENT_HELPER_PATH)
+ if [[ -n ${uevent_helper_path} ]] && [[ ${uevent_helper_path} != '""' ]]; then
+ ewarn "It's recommended to set an empty value to the following kernel config option:"
+ ewarn "CONFIG_UEVENT_HELPER_PATH=${uevent_helper_path}"
+ fi
+ if linux_chkconfig_present X86; then
+ CONFIG_CHECK+=" ~DMIID"
+ fi
+ fi
+
+ if kernel_is -lt ${MINKV//./ }; then
+ ewarn "Kernel version at least ${MINKV} required"
+ fi
+
+ check_extra_config
+ fi
+}
+
+pkg_setup() {
+ :
+}
+
+src_unpack() {
+ default
+ [[ ${PV} != 9999 ]] || git-r3_src_unpack
+}
+
+src_prepare() {
+ # Do NOT add patches here
+ local PATCHES=()
+
+ [[ -d "${WORKDIR}"/patches ]] && PATCHES+=( "${WORKDIR}"/patches )
+
+ # Add local patches here
+ PATCHES+=(
+ "${FILESDIR}/251-format-string.patch"
+ # Breaks Clang. Revert the commit for now and force off F_S=3.
+ # bug #841770.
+ "${FILESDIR}/251-revert-fortify-source-3-fix.patch"
+ )
+
+ if ! use vanilla; then
+ PATCHES+=(
+ "${FILESDIR}/gentoo-generator-path-r2.patch"
+ "${FILESDIR}/gentoo-systemctl-disable-sysv-sync-r1.patch"
+ "${FILESDIR}/gentoo-journald-audit.patch"
+ )
+ fi
+
+ # Fails with split-usr.
+ sed -i -e '2i exit 77' test/test-rpm-macros.sh || die
+
+ default
+}
+
+src_configure() {
+ # Prevent conflicts with i686 cross toolchain, bug 559726
+ tc-export AR CC NM OBJCOPY RANLIB
+
+ # Broken with FORTIFY_SOURCE=3 without a patch. We have to revert
+ # the upstream patch for it because it breaks Clang: bug #841770.
+ #
+ # Our toolchain sets F_S=2 by default w/ >= -O2, so we need
+ # to unset F_S first, then explicitly set 2, to negate any default
+ # and anything set by the user if they're choosing 3 (or if they've
+ # modified GCC to set 3).
+ #
+ if is-flagq '-O[23]' || is-flagq '-Ofast' ; then
+ # We can't unconditionally do this b/c we fortify needs
+ # some level of optimisation.
+ filter-flags -D_FORTIFY_SOURCE=3
+ append-cppflags -U_FORTIFY_SOURCE -D_FORTIFY_SOURCE=2
+ fi
+
+ python_setup
+
+ multilib-minimal_src_configure
+}
+
+multilib_src_configure() {
+ local myconf=(
+ --localstatedir="${EPREFIX}/var"
+ -Dsupport-url="https://gentoo.org/support/"
+ -Dpamlibdir="$(getpam_mod_dir)"
+ # avoid bash-completion dep
+ -Dbashcompletiondir="$(get_bashcompdir)"
+ # make sure we get /bin:/sbin in PATH
+ $(meson_use split-usr)
+ -Dsplit-bin=true
+ -Drootprefix="$(usex split-usr "${EPREFIX:-/}" "${EPREFIX}/usr")"
+ -Drootlibdir="${EPREFIX}/usr/$(get_libdir)"
+ # Avoid infinite exec recursion, bug 642724
+ -Dtelinit-path="${EPREFIX}/lib/sysvinit/telinit"
+ # no deps
+ -Dima=true
+ -Ddefault-hierarchy=$(usex cgroup-hybrid hybrid unified)
+ # Optional components/dependencies
+ $(meson_native_use_bool acl)
+ $(meson_native_use_bool apparmor)
+ $(meson_native_use_bool audit)
+ $(meson_native_use_bool cryptsetup libcryptsetup)
+ $(meson_native_use_bool curl libcurl)
+ $(meson_native_use_bool dns-over-tls dns-over-tls)
+ $(meson_native_use_bool elfutils)
+ $(meson_native_use_bool fido2 libfido2)
+ $(meson_use gcrypt)
+ $(meson_native_use_bool gnuefi gnu-efi)
+ $(meson_native_use_bool gnutls)
+ -Defi-includedir="${ESYSROOT}/usr/include/efi"
+ -Defi-libdir="${ESYSROOT}/usr/$(get_libdir)"
+ $(meson_native_use_bool homed)
+ $(meson_native_use_bool http microhttpd)
+ $(meson_native_use_bool idn)
+ $(meson_native_use_bool importd)
+ $(meson_native_use_bool importd bzip2)
+ $(meson_native_use_bool importd zlib)
+ $(meson_native_use_bool kmod)
+ $(meson_use lz4)
+ $(meson_use lzma xz)
+ $(meson_use zstd)
+ $(meson_native_use_bool nat libiptc)
+ $(meson_native_use_bool openssl)
+ $(meson_use pam)
+ $(meson_native_use_bool pkcs11 p11kit)
+ $(meson_native_use_bool pcre pcre2)
+ $(meson_native_use_bool policykit polkit)
+ $(meson_native_use_bool pwquality)
+ $(meson_native_use_bool qrcode qrencode)
+ $(meson_native_use_bool seccomp)
+ $(meson_native_use_bool selinux)
+ $(meson_native_use_bool tpm tpm2)
+ $(meson_native_use_bool test dbus)
+ $(meson_native_use_bool xkb xkbcommon)
+ -Dntp-servers="0.gentoo.pool.ntp.org 1.gentoo.pool.ntp.org 2.gentoo.pool.ntp.org 3.gentoo.pool.ntp.org"
+ # Breaks screen, tmux, etc.
+ -Ddefault-kill-user-processes=false
+ -Dcreate-log-dirs=false
+
+ # multilib options
+ $(meson_native_true backlight)
+ $(meson_native_true binfmt)
+ $(meson_native_true coredump)
+ $(meson_native_true environment-d)
+ $(meson_native_true firstboot)
+ $(meson_native_true hibernate)
+ $(meson_native_true hostnamed)
+ $(meson_native_true ldconfig)
+ $(meson_native_true localed)
+ $(meson_native_true man)
+ $(meson_native_true networkd)
+ $(meson_native_true quotacheck)
+ $(meson_native_true randomseed)
+ $(meson_native_true rfkill)
+ $(meson_native_true sysusers)
+ $(meson_native_true timedated)
+ $(meson_native_true timesyncd)
+ $(meson_native_true tmpfiles)
+ $(meson_native_true vconsole)
+ )
+
+ meson_src_configure "${myconf[@]}"
+}
+
+multilib_src_test() {
+ unset DBUS_SESSION_BUS_ADDRESS XDG_RUNTIME_DIR
+ meson_src_test
+}
+
+multilib_src_install_all() {
+ local rootprefix=$(usex split-usr '' /usr)
+
+ # meson doesn't know about docdir
+ mv "${ED}"/usr/share/doc/{systemd,${PF}} || die
+
+ einstalldocs
+ dodoc "${FILESDIR}"/nsswitch.conf
+
+ if ! use resolvconf; then
+ rm -f "${ED}${rootprefix}"/sbin/resolvconf || die
+ fi
+
+ rm "${ED}"/etc/init.d/README || die
+ rm "${ED}${rootprefix}"/lib/systemd/system-generators/systemd-sysv-generator || die
+
+ if ! use sysv-utils; then
+ rm "${ED}${rootprefix}"/sbin/{halt,init,poweroff,reboot,runlevel,shutdown,telinit} || die
+ rm "${ED}"/usr/share/man/man1/init.1 || die
+ rm "${ED}"/usr/share/man/man8/{halt,poweroff,reboot,runlevel,shutdown,telinit}.8 || die
+ fi
+
+ if ! use resolvconf && ! use sysv-utils; then
+ rmdir "${ED}${rootprefix}"/sbin || die
+ fi
+
+ # https://bugs.gentoo.org/761763
+ rm -r "${ED}"/usr/lib/sysusers.d || die
+
+ # Preserve empty dirs in /etc & /var, bug #437008
+ keepdir /etc/{binfmt.d,modules-load.d,tmpfiles.d}
+ keepdir /etc/kernel/install.d
+ keepdir /etc/systemd/{network,system,user}
+ keepdir /etc/udev/rules.d
+
+ keepdir /etc/udev/hwdb.d
+
+ keepdir "${rootprefix}"/lib/systemd/{system-sleep,system-shutdown}
+ keepdir /usr/lib/{binfmt.d,modules-load.d}
+ keepdir /usr/lib/systemd/user-generators
+ keepdir /var/lib/systemd
+ keepdir /var/log/journal
+
+ # Symlink /etc/sysctl.conf for easy migration.
+ dosym ../../../etc/sysctl.conf /usr/lib/sysctl.d/99-sysctl.conf
+
+ if use pam; then
+ newpamd "${FILESDIR}"/systemd-user.pam systemd-user
+ fi
+
+ if use split-usr; then
+ # Avoid breaking boot/reboot
+ dosym ../../../lib/systemd/systemd /usr/lib/systemd/systemd
+ dosym ../../../lib/systemd/systemd-shutdown /usr/lib/systemd/systemd-shutdown
+ fi
+
+ gen_usr_ldscript -a systemd udev
+}
+
+migrate_locale() {
+ local envd_locale_def="${EROOT}/etc/env.d/02locale"
+ local envd_locale=( "${EROOT}"/etc/env.d/??locale )
+ local locale_conf="${EROOT}/etc/locale.conf"
+
+ if [[ ! -L ${locale_conf} && ! -e ${locale_conf} ]]; then
+ # If locale.conf does not exist...
+ if [[ -e ${envd_locale} ]]; then
+ # ...either copy env.d/??locale if there's one
+ ebegin "Moving ${envd_locale} to ${locale_conf}"
+ mv "${envd_locale}" "${locale_conf}"
+ eend ${?} || FAIL=1
+ else
+ # ...or create a dummy default
+ ebegin "Creating ${locale_conf}"
+ cat > "${locale_conf}" <<-EOF
+ # This file has been created by the sys-apps/systemd ebuild.
+ # See locale.conf(5) and localectl(1).
+
+ # LANG=${LANG}
+ EOF
+ eend ${?} || FAIL=1
+ fi
+ fi
+
+ if [[ ! -L ${envd_locale} ]]; then
+ # now, if env.d/??locale is not a symlink (to locale.conf)...
+ if [[ -e ${envd_locale} ]]; then
+ # ...warn the user that he has duplicate locale settings
+ ewarn
+ ewarn "To ensure consistent behavior, you should replace ${envd_locale}"
+ ewarn "with a symlink to ${locale_conf}. Please migrate your settings"
+ ewarn "and create the symlink with the following command:"
+ ewarn "ln -s -n -f ../locale.conf ${envd_locale}"
+ ewarn
+ else
+ # ...or just create the symlink if there's nothing here
+ ebegin "Creating ${envd_locale_def} -> ../locale.conf symlink"
+ ln -n -s ../locale.conf "${envd_locale_def}"
+ eend ${?} || FAIL=1
+ fi
+ fi
+}
+
+pkg_preinst() {
+ if ! use split-usr; then
+ local dir
+ for dir in bin sbin lib; do
+ if [[ ! ${EROOT}/${dir} -ef ${EROOT}/usr/${dir} ]]; then
+ eerror "\"${EROOT}/${dir}\" and \"${EROOT}/usr/${dir}\" are not merged."
+ eerror "One of them should be a symbolic link to the other one."
+ FAIL=1
+ fi
+ done
+ if [[ ${FAIL} ]]; then
+ eerror "Migration to system layout with merged directories must be performed before"
+ eerror "rebuilding ${CATEGORY}/${PN} with USE=\"-split-usr\" to avoid run-time breakage."
+ die "System layout with split directories still used"
+ fi
+ fi
+}
+
+pkg_postinst() {
+ systemd_update_catalog
+
+ # Keep this here in case the database format changes so it gets updated
+ # when required.
+ systemd-hwdb --root="${ROOT}" update
+
+ udev_reload || FAIL=1
+
+ # Bug 465468, make sure locales are respected, and ensure consistency
+ # between OpenRC & systemd
+ migrate_locale
+
+ if [[ -z ${REPLACING_VERSIONS} ]]; then
+ if type systemctl &>/dev/null; then
+ systemctl --root="${ROOT:-/}" enable getty@.service remote-fs.target || FAIL=1
+ fi
+ elog "To enable a useful set of services, run the following:"
+ elog " systemctl preset-all --preset-mode=enable-only"
+ fi
+
+ if [[ -L ${EROOT}/var/lib/systemd/timesync ]]; then
+ rm "${EROOT}/var/lib/systemd/timesync"
+ fi
+
+ if [[ ${FAIL} ]]; then
+ eerror "One of the postinst commands failed. Please check the postinst output"
+ eerror "for errors. You may need to clean up your system and/or try installing"
+ eerror "systemd again."
+ eerror
+ fi
+}
+
+pkg_prerm() {
+ # If removing systemd completely, remove the catalog database.
+ if [[ ! ${REPLACED_BY_VERSION} ]]; then
+ rm -f -v "${EROOT}"/var/lib/systemd/catalog/database
+ fi
+}
diff --git a/sys-apps/systemd/systemd-9999.ebuild b/sys-apps/systemd/systemd-9999.ebuild
index 8d12de0b47a7..efeb0fe26832 100644
--- a/sys-apps/systemd/systemd-9999.ebuild
+++ b/sys-apps/systemd/systemd-9999.ebuild
@@ -23,7 +23,7 @@ else
KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~loong ~mips ~ppc ~ppc64 ~riscv ~s390 ~sparc ~x86"
fi
-inherit bash-completion-r1 linux-info meson-multilib pam python-any-r1 systemd toolchain-funcs udev usr-ldscript
+inherit bash-completion-r1 flag-o-matic linux-info meson-multilib pam python-any-r1 systemd toolchain-funcs udev usr-ldscript
DESCRIPTION="System and service manager for Linux"
HOMEPAGE="https://www.freedesktop.org/wiki/Software/systemd"
@@ -235,6 +235,9 @@ src_prepare() {
# Add local patches here
PATCHES+=(
+ # Breaks Clang. Revert the commit for now and force off F_S=3.
+ # bug #841770.
+ "${FILESDIR}/251-revert-fortify-source-3-fix.patch"
)
if ! use vanilla; then
@@ -255,6 +258,21 @@ src_configure() {
# Prevent conflicts with i686 cross toolchain, bug 559726
tc-export AR CC NM OBJCOPY RANLIB
+ # Broken with FORTIFY_SOURCE=3 without a patch. We have to revert
+ # the upstream patch for it because it breaks Clang: bug #841770.
+ #
+ # Our toolchain sets F_S=2 by default w/ >= -O2, so we need
+ # to unset F_S first, then explicitly set 2, to negate any default
+ # and anything set by the user if they're choosing 3 (or if they've
+ # modified GCC to set 3).
+ #
+ if is-flagq '-O[23]' || is-flagq '-Ofast' ; then
+ # We can't unconditionally do this b/c we fortify needs
+ # some level of optimisation.
+ filter-flags -D_FORTIFY_SOURCE=3
+ append-cppflags -U_FORTIFY_SOURCE -D_FORTIFY_SOURCE=2
+ fi
+
python_setup
multilib-minimal_src_configure