diff --git a/systemd-selinux/.SRCINFO b/systemd-selinux/.SRCINFO index a6678bfd..db035cbb 100644 --- a/systemd-selinux/.SRCINFO +++ b/systemd-selinux/.SRCINFO @@ -1,6 +1,6 @@ pkgbase = systemd-selinux pkgver = 255.4 - pkgrel = 1 + pkgrel = 2 url = https://www.github.com/systemd/systemd arch = x86_64 arch = aarch64 @@ -54,12 +54,10 @@ pkgbase = systemd-selinux makedepends = lib32-gcc-libs makedepends = python-pefile makedepends = libselinux + conflicts = mkinitcpio<38-1 source = git+https://github.com/systemd/systemd-stable#tag=4003dd6754e3446691402d3cc389fbfd4faccc90?signed source = git+https://github.com/systemd/systemd#tag=v255?signed source = 0001-Use-Arch-Linux-device-access-groups.patch - source = initcpio-hook-udev - source = initcpio-install-systemd - source = initcpio-install-udev source = arch.conf source = loader.conf source = splash-arch.bmp::https://raw.githubusercontent.com/archlinux/svntogit-packages/391c1f5d4a18d08be809caa08c769ef9cded28db/trunk/splash-arch.bmp @@ -82,9 +80,6 @@ pkgbase = systemd-selinux sha512sums = SKIP sha512sums = SKIP sha512sums = 3ccf783c28f7a1c857120abac4002ca91ae1f92205dcd5a84aff515d57e706a3f9240d75a0a67cff5085716885e06e62597baa86897f298662ec36a940cf410e - sha512sums = 4a6cd0cf6764863985dc5ad774d7c93b574645a05b3295f989342951d43c71696d069641592e37eeadb6d6f0531576de96b6392224452f15cd9f056fae038f8e - sha512sums = d8fc1def3af3260f222f3b6d5693f36677d7fe08ea8b933c14367f013a7fabf11e0acafc63370a06708a4fad4fd2cc3795eda57f81117238272ffa3655f71fd0 - sha512sums = a8c7e4a2cc9c9987e3c957a1fc3afe8281f2281fffd2e890913dcf00cf704024fb80d86cb75f9314b99b0e03bac275b22de93307bfc226d8be9435497e95b7e6 sha512sums = 61032d29241b74a0f28446f8cf1be0e8ec46d0847a61dadb2a4f096e8686d5f57fe5c72bcf386003f6520bc4b5856c32d63bf3efe7eb0bc0deefc9f68159e648 sha512sums = c416e2121df83067376bcaacb58c05b01990f4614ad9de657d74b6da3efa441af251d13bf21e3f0f71ddcb4c9ea658b81da3d915667dc5c309c87ec32a1cb5a5 sha512sums = 5a1d78b5170da5abe3d18fdf9f2c3a4d78f15ba7d1ee9ec2708c4c9c2e28973469bc19386f70b3cf32ffafbe4fcc4303e5ebbd6d5187a1df3314ae0965b25e75 @@ -158,7 +153,7 @@ pkgname = systemd-selinux provides = nss-myhostname provides = systemd-tools=255.4 provides = udev=255.4 - provides = systemd=255.4-1 + provides = systemd=255.4-2 conflicts = nss-myhostname conflicts = systemd-tools conflicts = udev @@ -199,7 +194,7 @@ pkgname = systemd-libs-selinux provides = libsystemd.so provides = libudev.so provides = libsystemd-selinux - provides = systemd-libs=255.4-1 + provides = systemd-libs=255.4-2 conflicts = libsystemd conflicts = libsystemd-selinux conflicts = systemd-libs @@ -210,15 +205,15 @@ pkgname = systemd-resolvconf-selinux depends = systemd-selinux provides = openresolv provides = resolvconf - provides = systemd-resolvconf=255.4-1 + provides = systemd-resolvconf=255.4-2 conflicts = resolvconf - conflicts = systemd-resolvconf=255.4-1 + conflicts = systemd-resolvconf=255.4-2 pkgname = systemd-sysvcompat-selinux pkgdesc = sysvinit compat for systemd with SELinux support depends = systemd-selinux - provides = systemd-sysvcompat=255.4-1 - provides = selinux-systemd-sysvcompat=255.4-1 + provides = systemd-sysvcompat=255.4-2 + provides = selinux-systemd-sysvcompat=255.4-2 conflicts = sysvinit conflicts = systemd-sysvcompat conflicts = selinux-systemd-sysvcompat @@ -232,4 +227,4 @@ pkgname = systemd-ukify-selinux optdepends = python-pillow: Show the size of splash image optdepends = sbsigntools: Sign the embedded kernel provides = ukify - provides = systemd-ukify=255.4-1 + provides = systemd-ukify=255.4-2 diff --git a/systemd-selinux/PKGBUILD b/systemd-selinux/PKGBUILD index 73f24dbe..3fe28947 100644 --- a/systemd-selinux/PKGBUILD +++ b/systemd-selinux/PKGBUILD @@ -22,7 +22,7 @@ _tag_name=255.4 # ➜ vercmp 255rc1 255 # -1 pkgver="${_tag_name/~/}" -pkgrel=1 +pkgrel=2 arch=('x86_64' 'aarch64') license=('LGPL-2.1-or-later') url='https://www.github.com/systemd/systemd' @@ -35,6 +35,7 @@ makedepends=('acl' 'cryptsetup' 'docbook-xsl' 'gperf' 'lz4' 'xz' 'pam-selinux' ' 'bash-completion' 'p11-kit' 'systemd' 'libfido2' 'tpm2-tss' 'rsync' 'bpf' 'libbpf' 'clang' 'llvm' 'curl' 'gnutls' 'python-pyelftools' 'libpwquality' 'qrencode' 'lib32-gcc-libs' 'python-pefile' 'libselinux') +conflicts=("mkinitcpio<38-1") validpgpkeys=('63CDA1E5D3FC22B998D20DD6327F26951A015CC4' # Lennart Poettering 'A9EA9081724FFAE0484C35A1A81CEA22BC8C7E2E' # Luca Boccassi '9A774DB5DB996C154EBBFBFDA0099A18E29326E1' # Yu Watanabe @@ -42,10 +43,6 @@ validpgpkeys=('63CDA1E5D3FC22B998D20DD6327F26951A015CC4' # Lennart Poettering < source=("git+https://github.com/systemd/systemd-stable#tag=${_tag}?signed" "git+https://github.com/systemd/systemd#tag=v${_tag_name%.*}?signed" '0001-Use-Arch-Linux-device-access-groups.patch' - # mkinitcpio files - 'initcpio-hook-udev' - 'initcpio-install-systemd' - 'initcpio-install-udev' # bootloader files 'arch.conf' 'loader.conf' @@ -67,9 +64,6 @@ source=("git+https://github.com/systemd/systemd-stable#tag=${_tag}?signed" sha512sums=('SKIP' 'SKIP' '3ccf783c28f7a1c857120abac4002ca91ae1f92205dcd5a84aff515d57e706a3f9240d75a0a67cff5085716885e06e62597baa86897f298662ec36a940cf410e' - '4a6cd0cf6764863985dc5ad774d7c93b574645a05b3295f989342951d43c71696d069641592e37eeadb6d6f0531576de96b6392224452f15cd9f056fae038f8e' - 'd8fc1def3af3260f222f3b6d5693f36677d7fe08ea8b933c14367f013a7fabf11e0acafc63370a06708a4fad4fd2cc3795eda57f81117238272ffa3655f71fd0' - 'a8c7e4a2cc9c9987e3c957a1fc3afe8281f2281fffd2e890913dcf00cf704024fb80d86cb75f9314b99b0e03bac275b22de93307bfc226d8be9435497e95b7e6' '61032d29241b74a0f28446f8cf1be0e8ec46d0847a61dadb2a4f096e8686d5f57fe5c72bcf386003f6520bc4b5856c32d63bf3efe7eb0bc0deefc9f68159e648' 'c416e2121df83067376bcaacb58c05b01990f4614ad9de657d74b6da3efa441af251d13bf21e3f0f71ddcb4c9ea658b81da3d915667dc5c309c87ec32a1cb5a5' '5a1d78b5170da5abe3d18fdf9f2c3a4d78f15ba7d1ee9ec2708c4c9c2e28973469bc19386f70b3cf32ffafbe4fcc4303e5ebbd6d5187a1df3314ae0965b25e75' @@ -269,11 +263,6 @@ package_systemd-selinux() { # ship default policy to leave services disabled echo 'disable *' >"$pkgdir"/usr/lib/systemd/system-preset/99-default.preset - # add mkinitcpio hooks - install -D -m0644 initcpio-install-systemd "$pkgdir"/usr/lib/initcpio/install/systemd - install -D -m0644 initcpio-install-udev "$pkgdir"/usr/lib/initcpio/install/udev - install -D -m0644 initcpio-hook-udev "$pkgdir"/usr/lib/initcpio/hooks/udev - # The group 'systemd-journal' is allocated dynamically and may have varying # gid on different systems. Let's install with gid 0 (root), systemd-tmpfiles # will fix the permissions for us. (see /usr/lib/tmpfiles.d/systemd.conf) diff --git a/systemd-selinux/initcpio-hook-udev b/systemd-selinux/initcpio-hook-udev deleted file mode 100644 index dfa87506..00000000 --- a/systemd-selinux/initcpio-hook-udev +++ /dev/null @@ -1,26 +0,0 @@ -#!/usr/bin/ash - -run_earlyhook() { - kmod static-nodes --format=tmpfiles --output=/run/tmpfiles.d/kmod.conf - systemd-tmpfiles --prefix=/dev --create --boot - if [ "${quiet}" = "y" ]; then - /usr/lib/systemd/systemd-udevd --daemon --resolve-names=never >/dev/null 2>&1 - else - /usr/lib/systemd/systemd-udevd --daemon --resolve-names=never - fi - udevd_running=1 -} - -run_hook() { - msg ":: Triggering uevents..." - udevadm trigger --action=add --type=subsystems - udevadm trigger --action=add --type=devices - udevadm settle -} - -run_cleanuphook() { - udevadm control --exit - udevadm info --cleanup-db -} - -# vim: set ft=sh ts=4 sw=4 et: diff --git a/systemd-selinux/initcpio-install-systemd b/systemd-selinux/initcpio-install-systemd deleted file mode 100644 index e2790c80..00000000 --- a/systemd-selinux/initcpio-install-systemd +++ /dev/null @@ -1,173 +0,0 @@ -#!/bin/bash - -add_systemd_unit() { - # Add a systemd unit file to the initcpio image. Hard dependencies on binaries - # and other unit files will be discovered and added. - # $1: path to rules file (or name of rules file) - - local unit= rule= entry= key= value= binary= dep= - - unit=$(PATH=/usr/lib/systemd/system:/lib/systemd/system type -P "$1") - if [[ -z $unit ]]; then - # complain about not found unit file - return 1 - fi - - add_file "$unit" - - while IFS='=' read -r key values; do - read -ra values <<< "$values" - - case $key in - Requires|OnFailure) - # only add hard dependencies (not Wants) - map add_systemd_unit "${values[@]}" - ;; - Exec*) - # do not add binaries unless they are required, - # strip special executable prefixes - case ${values[0]} in - -*) ;; - !!*) add_binary "${values[0]#!!}" ;; - *) add_binary "${values[0]#[@!:+]}" ;; - esac - ;; - esac - - done <"$unit" - - # preserve reverse soft dependency - for dep in {/usr,}/lib/systemd/system/*.wants/${unit##*/}; do - if [[ -L $dep ]]; then - add_symlink "$dep" - fi - done - - # add hard dependencies - if [[ -d $unit.requires ]]; then - for dep in "$unit".requires/*; do - add_systemd_unit ${dep##*/} - done - fi -} - -add_systemd_drop_in() { - local unit=$1 dropin_name=$2 - - mkdir -p "$BUILDROOT/etc/systemd/system/$unit.d" - cat >"$BUILDROOT/etc/systemd/system/$unit.d/$2.conf" -} - -build() { - local rules unit - - add_binary /usr/bin/kmod /usr/bin/modprobe - add_binary /usr/bin/mount - add_binary /usr/bin/sulogin - add_binary /usr/bin/umount - add_binary /usr/lib/systemd/systemd /init - - map add_binary \ - /usr/bin/journalctl \ - /usr/bin/systemd-tmpfiles \ - /usr/lib/systemd/systemd-executor \ - /usr/lib/systemd/systemd-hibernate-resume \ - /usr/lib/systemd/systemd-shutdown \ - /usr/lib/systemd/systemd-sulogin-shell \ - /usr/lib/systemd/system-generators/systemd-fstab-generator \ - /usr/lib/systemd/system-generators/systemd-gpt-auto-generator \ - /usr/lib/systemd/system-generators/systemd-hibernate-resume-generator - - # udev rules - map add_udev_rule "$rules" \ - 50-udev-default.rules \ - 60-persistent-storage.rules \ - 64-btrfs.rules \ - 80-drivers.rules \ - 99-systemd.rules - - # systemd units - map add_systemd_unit \ - initrd-cleanup.service \ - initrd-fs.target \ - initrd-parse-etc.service \ - initrd-root-fs.target \ - initrd-root-device.target \ - initrd-switch-root.service \ - initrd-switch-root.target \ - initrd-udevadm-cleanup-db.service \ - initrd.target \ - kmod-static-nodes.service \ - local-fs.target \ - local-fs-pre.target \ - paths.target \ - reboot.target \ - slices.target \ - sockets.target \ - swap.target \ - systemd-battery-check.service \ - systemd-bsod.service \ - systemd-fsck@.service \ - systemd-hibernate-resume.service \ - systemd-journald-audit.socket \ - systemd-journald-dev-log.socket \ - systemd-journald.service \ - systemd-modules-load.service \ - systemd-pcrphase-initrd.service \ - systemd-tmpfiles-setup-dev.service \ - systemd-udevd-control.socket \ - systemd-udevd-kernel.socket \ - systemd-udevd.service \ - systemd-udev-trigger.service \ - systemd-vconsole-setup.service \ - timers.target \ - rescue.target \ - emergency.target - - # add libraries dlopen()ed (hard and optional dependencies): - # kmod -> systemd-shared - # qrencode -> bsod - # tss2-* -> tpm2-util - for LIB in kmod qrencode tss2-{esys,rc,mu,tcti-'*'}; do - for FILE in $(find /usr/lib/ -maxdepth 1 -name "lib${LIB}.so*"); do - if [[ -L "${FILE}" ]]; then - add_symlink "${FILE}" - else - add_binary "${FILE}" - fi - done - done - - add_symlink "/usr/lib/systemd/system/default.target" "initrd.target" - add_symlink "/usr/lib/systemd/system/ctrl-alt-del.target" "reboot.target" - - printf '%s\n' >"$BUILDROOT/etc/nsswitch.conf" \ - 'passwd: files' \ - 'group: files' \ - 'shadow: files' - - echo "root:x:0:0:root:/root:/bin/sh" >"$BUILDROOT/etc/passwd" - echo 'root:*:::::::' >"$BUILDROOT/etc/shadow" - getent group root audio disk input kmem kvm lp optical render sgx storage tty uucp video | awk -F: ' { print $1 ":x:" $3 ":" }' >"$BUILDROOT/etc/group" - - add_dir "/etc/modules-load.d" - ( - . "$_f_config" - set -f - printf '%s\n' ${MODULES[@]} >"$BUILDROOT/etc/modules-load.d/MODULES.conf" - ) - - [[ -f /etc/fstab.initramfs ]] && add_file "/etc/fstab.initramfs" "/etc/fstab" -} - -help() { - cat <