[arch-commits] Commit in lib32-systemd/repos/multilib-x86_64 (4 files)
Laurent Carlier
lcarlier at archlinux.org
Mon Dec 5 20:33:53 UTC 2016
Date: Monday, December 5, 2016 @ 20:33:52
Author: lcarlier
Revision: 198072
archrelease: copy trunk to multilib-x86_64
Added:
lib32-systemd/repos/multilib-x86_64/0001-Revert-nspawn-try-to-bind-mount-resolved-s-resolv.co.patch
(from rev 198071, lib32-systemd/trunk/0001-Revert-nspawn-try-to-bind-mount-resolved-s-resolv.co.patch)
lib32-systemd/repos/multilib-x86_64/0001-disable-RestrictAddressFamilies-on-i686.patch
(from rev 198071, lib32-systemd/trunk/0001-disable-RestrictAddressFamilies-on-i686.patch)
lib32-systemd/repos/multilib-x86_64/PKGBUILD
(from rev 198071, lib32-systemd/trunk/PKGBUILD)
Deleted:
lib32-systemd/repos/multilib-x86_64/PKGBUILD
-----------------------------------------------------------------+
0001-Revert-nspawn-try-to-bind-mount-resolved-s-resolv.co.patch | 62 ++
0001-disable-RestrictAddressFamilies-on-i686.patch | 30 +
PKGBUILD | 212 ++++++----
3 files changed, 223 insertions(+), 81 deletions(-)
Copied: lib32-systemd/repos/multilib-x86_64/0001-Revert-nspawn-try-to-bind-mount-resolved-s-resolv.co.patch (from rev 198071, lib32-systemd/trunk/0001-Revert-nspawn-try-to-bind-mount-resolved-s-resolv.co.patch)
===================================================================
--- 0001-Revert-nspawn-try-to-bind-mount-resolved-s-resolv.co.patch (rev 0)
+++ 0001-Revert-nspawn-try-to-bind-mount-resolved-s-resolv.co.patch 2016-12-05 20:33:52 UTC (rev 198072)
@@ -0,0 +1,62 @@
+From 481712d9ee88395042f0640f272c1f87142bc0a8 Mon Sep 17 00:00:00 2001
+From: Dave Reisner <dreisner at archlinux.org>
+Date: Wed, 9 Nov 2016 11:14:03 -0500
+Subject: [PATCH] Revert "nspawn: try to bind mount resolved's resolv.conf
+ snippet into the container"
+
+This reverts commit 3539724c26a1b2b00c4eb3c004b635a4b8647de6.
+---
+ src/nspawn/nspawn.c | 27 ++++++++-------------------
+ 1 file changed, 8 insertions(+), 19 deletions(-)
+
+diff --git a/src/nspawn/nspawn.c b/src/nspawn/nspawn.c
+index c8b18bc..93df7c6 100644
+--- a/src/nspawn/nspawn.c
++++ b/src/nspawn/nspawn.c
+@@ -1309,35 +1309,24 @@ static int setup_resolv_conf(const char *dest) {
+ /* Fix resolv.conf, if possible */
+ where = prefix_roota(dest, "/etc/resolv.conf");
+
+- if (access("/usr/lib/systemd/resolv.conf", F_OK) >= 0) {
+- /* resolved is enabled on the host. In this, case bind mount its static resolv.conf file into the
+- * container, so that the container can use the host's resolver. Given that network namespacing is
+- * disabled it's only natural of the container also uses the host's resolver. It also has the big
+- * advantage that the container will be able to follow the host's DNS server configuration changes
+- * transparently. */
+-
+- r = mount_verbose(LOG_WARNING, "/usr/lib/systemd/resolv.conf", where, NULL, MS_BIND, NULL);
+- if (r >= 0)
+- return mount_verbose(LOG_ERR, NULL, where, NULL,
+- MS_BIND|MS_REMOUNT|MS_RDONLY|MS_NOSUID|MS_NODEV, NULL);
+- }
+-
+- /* If that didn't work, let's copy the file */
+ r = copy_file("/etc/resolv.conf", where, O_TRUNC|O_NOFOLLOW, 0644, 0);
+ if (r < 0) {
+- /* If the file already exists as symlink, let's suppress the warning, under the assumption that
+- * resolved or something similar runs inside and the symlink points there.
++ /* If the file already exists as symlink, let's
++ * suppress the warning, under the assumption that
++ * resolved or something similar runs inside and the
++ * symlink points there.
+ *
+- * If the disk image is read-only, there's also no point in complaining.
++ * If the disk image is read-only, there's also no
++ * point in complaining.
+ */
+ log_full_errno(IN_SET(r, -ELOOP, -EROFS) ? LOG_DEBUG : LOG_WARNING, r,
+- "Failed to copy /etc/resolv.conf to %s, ignoring: %m", where);
++ "Failed to copy /etc/resolv.conf to %s: %m", where);
+ return 0;
+ }
+
+ r = userns_lchown(where, 0, 0);
+ if (r < 0)
+- log_warning_errno(r, "Failed to chown /etc/resolv.conf, ignoring: %m");
++ log_warning_errno(r, "Failed to chown /etc/resolv.conf: %m");
+
+ return 0;
+ }
+--
+2.10.2
+
Copied: lib32-systemd/repos/multilib-x86_64/0001-disable-RestrictAddressFamilies-on-i686.patch (from rev 198071, lib32-systemd/trunk/0001-disable-RestrictAddressFamilies-on-i686.patch)
===================================================================
--- 0001-disable-RestrictAddressFamilies-on-i686.patch (rev 0)
+++ 0001-disable-RestrictAddressFamilies-on-i686.patch 2016-12-05 20:33:52 UTC (rev 198072)
@@ -0,0 +1,30 @@
+From ff59e06f9423af0532aaeedf931474823f764875 Mon Sep 17 00:00:00 2001
+From: Dave Reisner <dreisner at archlinux.org>
+Date: Wed, 9 Nov 2016 08:00:26 -0500
+Subject: [PATCH] disable RestrictAddressFamilies on i686
+
+Shit's broke, yo.
+
+https://github.com/systemd/systemd/issues/4575
+---
+ src/core/execute.c | 4 ++++
+ 1 file changed, 4 insertions(+)
+
+diff --git a/src/core/execute.c b/src/core/execute.c
+index f666f7c..7d09154 100644
+--- a/src/core/execute.c
++++ b/src/core/execute.c
+@@ -1254,6 +1254,10 @@ static int apply_address_families(const Unit* u, const ExecContext *c) {
+ Iterator i;
+ int r;
+
++#if defined(__i386__)
++ return 0;
++#endif
++
+ assert(c);
+
+ if (skip_seccomp_unavailable(u, "RestrictAddressFamilies="))
+--
+2.10.2
+
Deleted: PKGBUILD
===================================================================
--- PKGBUILD 2016-12-05 20:33:43 UTC (rev 198071)
+++ PKGBUILD 2016-12-05 20:33:52 UTC (rev 198072)
@@ -1,81 +0,0 @@
-# $Id$
-# Maintainer: Dave Reisner <dreisner at archlinux.org>
-# Maintainer: Tom Gundersen <teg at jklm.no>
-
-pkgname=lib32-systemd
-_pkgbasename=systemd
-pkgver=231
-pkgrel=1
-pkgdesc="system and service manager (32-bit)"
-arch=('x86_64')
-url="http://www.freedesktop.org/wiki/Software/systemd"
-license=('GPL2' 'LGPL2.1')
-depends=('lib32-libgcrypt' 'lib32-xz' 'lib32-libcap' 'lib32-acl' 'lib32-libidn' 'lib32-gcc-libs' 'systemd')
-makedepends=('lib32-gcc-libs' 'gcc-multilib' 'lib32-libidn' 'lib32-glib2' 'intltool' 'gperf'
- 'lib32-curl' 'lib32-bzip2' 'git')
-source=("git://github.com/systemd/systemd.git#tag=v$pkgver")
-md5sums=('SKIP')
-
-_backports=(
-)
-
-prepare() {
- cd systemd
-
- if (( ${#_backports[*]} > 0 )); then
- git cherry-pick -n "${_backports[@]}"
- fi
-
- ./autogen.sh
-}
-
-build() {
- export CC="gcc -m32"
- export CXX="g++ -m32"
- export PKG_CONFIG_PATH="/usr/lib32/pkgconfig"
-
- cd systemd
-
- local timeservers=({0..3}.arch.pool.ntp.org)
-
- local configure_options=(
- --libexecdir=/usr/lib32
- --libdir=/usr/lib32
- --localstatedir=/var
- --sysconfdir=/etc
-
- --disable-audit
- --disable-tests
- --disable-ima
- --disable-seccomp
- --disable-pam
- --disable-kmod
- --disable-networkd
- --disable-blkid
- --disable-libiptc
- --disable-lz4
- --disable-manpages
- --without-python
-
- --with-sysvinit-path=
- --with-sysvrcnd-path=
- --with-ntp-servers="${timeservers[*]}"
- --with-default-dnssec=no
- --with-dbuspolicydir=/usr/share/dbus-1/system.d
- --without-kill-user-processes
- )
- # --disable-libcryptsetup
-
- ./configure "${configure_options[@]}"
-
- make
-}
-
-package() {
- cd systemd
-
- make DESTDIR="$pkgdir" install
-
- rm -rf "${pkgdir}"/{etc,var}
- rm -rf "${pkgdir}"/usr/{bin,include,lib,share}
-}
Copied: lib32-systemd/repos/multilib-x86_64/PKGBUILD (from rev 198071, lib32-systemd/trunk/PKGBUILD)
===================================================================
--- PKGBUILD (rev 0)
+++ PKGBUILD 2016-12-05 20:33:52 UTC (rev 198072)
@@ -0,0 +1,131 @@
+# $Id$
+# Maintainer: Dave Reisner <dreisner at archlinux.org>
+# Maintainer: Tom Gundersen <teg at jklm.no>
+
+pkgname=lib32-systemd
+_pkgbasename=systemd
+pkgver=232
+pkgrel=1
+pkgdesc="system and service manager (32-bit)"
+arch=('x86_64')
+url="https://www.github.com/systemd/systemd"
+license=('GPL2' 'LGPL2.1')
+depends=('lib32-libgcrypt' 'lib32-xz' 'lib32-libcap' 'lib32-gcc-libs' 'systemd')
+makedepends=('lib32-gcc-libs' 'gcc-multilib' 'lib32-libidn' 'lib32-glib2' 'intltool' 'gperf'
+ 'lib32-curl' 'lib32-bzip2' 'git')
+options=('strip')
+source=("git://github.com/systemd/systemd.git#tag=v$pkgver"
+ '0001-disable-RestrictAddressFamilies-on-i686.patch'
+ '0001-Revert-nspawn-try-to-bind-mount-resolved-s-resolv.co.patch')
+md5sums=('SKIP'
+ '9536d399938a48fbf38c24e322f4f078'
+ '2f324d6ddd4fd78b73d453044292b9b1')
+validpgpkeys=(
+ '63CDA1E5D3FC22B998D20DD6327F26951A015CC4' # Lennart Poettering
+)
+
+_backports=(
+ '843d5baf6aad6c53fc00ea8d95d83209a4f92de1' # core: don't use the unified hierarchy for the systemd cgroup yet (#4628)
+ 'abd67ce74858491565cde157c7b08fda43d3279c' # basic/virt: fix userns check on CONFIG_USER_NS=n kernel (#4651)
+ '4318abe8d26e969ebdb97744a63ab900233a0185' # build-sys: do not install ctrl-alt-del.target symlink twice
+ 'd112eae7da77899be245ab52aa1747d4675549f1' # device: Avoid calling unit_free(NULL) in device setup logic (#4748)
+)
+
+_validate_tag() {
+ local success fingerprint trusted status tag=v$pkgver
+
+ parse_gpg_statusfile /dev/stdin < <(git verify-tag --raw "$tag" 2>&1)
+
+ if (( ! success )); then
+ error 'failed to validate tag %s\n' "$tag"
+ return 1
+ fi
+
+ if ! in_array "$fingerprint" "${validpgpkeys[@]}" && (( ! trusted )); then
+ error 'unknown or untrusted public key: %s\n' "$fingerprint"
+ return 1
+ fi
+
+ case $status in
+ 'expired')
+ warning 'the signature has expired'
+ ;;
+ 'expiredkey')
+ warning 'the key has expired'
+ ;;
+ esac
+
+ return 0
+}
+
+prepare() {
+ cd systemd
+
+ _validate_tag || return
+
+ if (( ${#_backports[*]} > 0 )); then
+ git cherry-pick -n "${_backports[@]}"
+ fi
+
+ # these patches aren't upstream, but they make v232 more useable.
+
+ # https://github.com/systemd/systemd/issues/4575
+ patch -Np1 <../0001-disable-RestrictAddressFamilies-on-i686.patch
+
+ # https://github.com/systemd/systemd/issues/4595
+ # https://github.com/systemd/systemd/issues/3826
+ patch -Np1 <../0001-Revert-nspawn-try-to-bind-mount-resolved-s-resolv.co.patch
+
+ ./autogen.sh
+}
+
+build() {
+ export CC="gcc -m32"
+ export CXX="g++ -m32"
+ export PKG_CONFIG_PATH="/usr/lib32/pkgconfig"
+
+ cd systemd
+
+ local timeservers=({0..3}.arch.pool.ntp.org)
+
+ local configure_options=(
+ --libexecdir=/usr/lib32
+ --libdir=/usr/lib32
+ --localstatedir=/var
+ --sysconfdir=/etc
+
+ --disable-audit
+ --disable-tests
+ --disable-ima
+ --disable-seccomp
+ --disable-pam
+ --disable-kmod
+ --disable-networkd
+ --disable-blkid
+ --disable-libiptc
+ --disable-lz4
+ --disable-manpages
+ --without-python
+
+ --with-sysvinit-path=
+ --with-sysvrcnd-path=
+ --with-ntp-servers="${timeservers[*]}"
+ --with-default-dnssec=no
+ --with-dbuspolicydir=/usr/share/dbus-1/system.d
+ --without-kill-user-processes
+ )
+ # --disable-libcryptsetup
+
+ ./configure "${configure_options[@]}"
+
+ make
+}
+
+package() {
+ cd systemd
+
+ make DESTDIR="$pkgdir" install
+
+ rm -rf "${pkgdir}"/{etc,var}
+ rm -rf "${pkgdir}"/usr/{bin,include,lib,share}
+}
More information about the arch-commits
mailing list