b12f/nixpkgs
1
0
Fork 0
Code Issues Pull requests Packages Projects Releases Wiki Activity

Merge pull request #111786 from flokli/systemd-247.3

Browse source 
systemd: 247.2 -> 247.3
This commit is contained in:
Florian Klink 2021-02-12 12:52:49 +01:00 committed by GitHub
parent 35e12d8343 24bebfa308
commit 53a0c2878b
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
2 changed files with 81 additions and 85 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

12
nixos/modules/tasks/network-interfaces-systemd.nix
View file

@ -93,17 +93,7 @@ in
(if i.useDHCP != null then i.useDHCP else false));
address = forEach (interfaceIps i)
(ip: "${ip.address}/${toString ip.prefixLength}");
# IPv6PrivacyExtensions=kernel seems to be broken with networkd.
# Instead of using IPv6PrivacyExtensions=kernel, configure it according to the value of
# `tempAddress`:
networkConfig.IPv6PrivacyExtensions = {
# generate temporary addresses and use them by default
"default" = true;
# generate temporary addresses but keep using the standard EUI-64 ones by default
"enabled" = "prefer-public";
# completely disable temporary addresses
"disabled" = false;
}.${i.tempAddress};
networkConfig.IPv6PrivacyExtensions = "kernel";
linkConfig = optionalAttrs (i.macAddress != null) {
MACAddress = i.macAddress;
} // optionalAttrs (i.mtu != null) {

154
pkgs/os-specific/linux/systemd/default.nix
View file

@ -1,3 +1,5 @@
# NOTE: Make sure to (re-)format this file on changes with `nixpkgs-fmt`!
{ stdenv
, lib
, fetchFromGitHub
@ -111,7 +113,7 @@ assert withCryptsetup ->
let
wantCurl = withRemote || withImportd;
version = "247.2";
version = "247.3";
in
stdenv.mkDerivation {
inherit version pname;
@ -122,7 +124,7 @@ stdenv.mkDerivation {
owner = "systemd";
repo = "systemd-stable";
rev = "v${version}";
sha256 = "091pwrvxz3gcf80shlp28d6l4gvjzc6pb61v4mwxmk9d71qaq7ry";
sha256 = "0zn0b74iwz3vxabqsk4yydwpgky3c5z4dl83wxbs1qi5d2dnbqa7";
};
# If these need to be regenerated, `git am path/to/00*.patch` them into a
@ -160,83 +162,87 @@ stdenv.mkDerivation {
--replace \
"find_program('objcopy'" \
"find_program('${stdenv.cc.bintools.targetPrefix}objcopy'"
'' + (let
'' + (
let
# The folllowing dlopen patches ensure that all the features that are
# implemented via dlopen(3) are available (or explicitly deactivated) by
# pointing dlopen to the absolute store path instead of relying on the
# linkers runtime lookup code.
#
# All of the dlopen calls have to be handled. When new ones are introduced
# by upstream (or one of our patches) they must be explicitly declared,
# otherwise the build will fail.
#
# As of systemd version 247 we've seen a few errors like `libpcre2.… not
# found` when using e.g. --grep with journalctl. Those errors should
# become less unexpected now.
#
# There are generally two classes of dlopen(3) calls. Those that we want to
# support and those that should be deactivated / unsupported. This change
# enforces that we handle all dlopen calls explicitly. Meaning: There is
# not a single dlopen call in the source code tree that we did not
# explicitly handle.
#
# In order to do this we introduced a list of attributes that maps from
# shared object name to the package that contains them. The package can be
# null meaning the reference should be nuked and the shared object will
# never be loadable during runtime (because it points at an invalid store
# path location).
#
# To get a list of dynamically loaded libraries issue something like
# `grep -ri 'dlopen("lib' $src` and update the below list.
dlopenLibs = [
# We did never provide support for libxkbcommon & qrencode
{ name = "libxkbcommon.so.0"; pkg = null; }
{ name = "libqrencode.so.4"; pkg = null; }
# The folllowing dlopen patches ensure that all the features that are
# implemented via dlopen(3) are available (or explicitly deactivated) by
# pointing dlopen to the absolute store path instead of relying on the
# linkers runtime lookup code.
#
# All of the dlopen calls have to be handled. When new ones are introduced
# by upstream (or one of our patches) they must be explicitly declared,
# otherwise the build will fail.
#
# As of systemd version 247 we've seen a few errors like `libpcre2.… not
# found` when using e.g. --grep with journalctl. Those errors should
# become less unexpected now.
#
# There are generally two classes of dlopen(3) calls. Those that we want to
# support and those that should be deactivated / unsupported. This change
# enforces that we handle all dlopen calls explicitly. Meaning: There is
# not a single dlopen call in the source code tree that we did not
# explicitly handle.
#
# In order to do this we introduced a list of attributes that maps from
# shared object name to the package that contains them. The package can be
# null meaning the reference should be nuked and the shared object will
# never be loadable during runtime (because it points at an invalid store
# path location).
#
# To get a list of dynamically loaded libraries issue something like
# `grep -ri 'dlopen("lib' $src` and update the below list.
dlopenLibs = [
# We did never provide support for libxkbcommon & qrencode
{ name = "libxkbcommon.so.0"; pkg = null; }
{ name = "libqrencode.so.4"; pkg = null; }
# We did not provide libpwquality before so it is safe to disable it for
# now.
{ name = "libpwquality.so.1"; pkg = null; }
# We did not provide libpwquality before so it is safe to disable it for
# now.
{ name = "libpwquality.so.1"; pkg = null; }
# Only include cryptsetup if it is enabled. We might not be able to
# provide it during "bootstrap" in e.g. the minimal systemd build as
# cryptsetup has udev (aka systemd) in it's dependencies.
{ name = "libcryptsetup.so.12"; pkg = if withCryptsetup then cryptsetup else null; }
# Only include cryptsetup if it is enabled. We might not be able to
# provide it during "bootstrap" in e.g. the minimal systemd build as
# cryptsetup has udev (aka systemd) in it's dependencies.
{ name = "libcryptsetup.so.12"; pkg = if withCryptsetup then cryptsetup else null; }
# We are using libidn2 so we only provide that and ignore the others.
# Systemd does this decision during configure time and uses ifdef's to
# enable specific branches. We can safely ignore (nuke) the libidn "v1"
# libraries.
{ name = "libidn2.so.0"; pkg = libidn2; }
{ name = "libidn.so.12"; pkg = null; }
{ name = "libidn.so.11"; pkg = null; }
# We are using libidn2 so we only provide that and ignore the others.
# Systemd does this decision during configure time and uses ifdef's to
# enable specific branches. We can safely ignore (nuke) the libidn "v1"
# libraries.
{ name = "libidn2.so.0"; pkg = libidn2; }
{ name = "libidn.so.12"; pkg = null; }
{ name = "libidn.so.11"; pkg = null; }
# journalctl --grep requires libpcre so lets provide it
{ name = "libpcre2-8.so.0"; pkg = pcre2; }
];
# journalctl --grep requires libpcre so lets provide it
{ name = "libpcre2-8.so.0"; pkg = pcre2; }
];
patchDlOpen = dl: let
library = "${lib.makeLibraryPath [dl.pkg]}/${dl.name}";
in if dl.pkg == null then ''
# remove the dependency on the library by replacing it with an invalid path
for file in $(grep -lr 'dlopen("${dl.name}"' src); do
echo "patching dlopen(\"${dl.name}\", ) in $file to an invalid store path ("/nix/store/eeeeeeeeeeeeeeeeeeeeeeeeeeeeeeee-not-implemented/${dl.name}")"
substituteInPlace "$file" --replace 'dlopen("${dl.name}"' 'dlopen("/nix/store/eeeeeeeeeeeeeeeeeeeeeeeeeeeeeeee-not-implemented/${dl.name}"'
done
'' else ''
# ensure that the library we provide actually exists
if ! [ -e ${library} ]; then
echo 'The shared library `${library}` does not exist but was given as subtitute for `${dl.name}`'
exit 1
fi
# make the path to the dependency explicit
for file in $(grep -lr 'dlopen("${dl.name}"' src); do
echo "patching dlopen(\"${dl.name}\", ) in $file to ${library}"
substituteInPlace "$file" --replace 'dlopen("${dl.name}"' 'dlopen("${library}"'
done
'';
in # patch all the dlopen calls to contain absolute paths to the libraries
lib.concatMapStringsSep "\n" patchDlOpen dlopenLibs)
patchDlOpen = dl:
let
library = "${lib.makeLibraryPath [ dl.pkg ]}/${dl.name}";
in
if dl.pkg == null then ''
# remove the dependency on the library by replacing it with an invalid path
for file in $(grep -lr 'dlopen("${dl.name}"' src); do
echo "patching dlopen(\"${dl.name}\", ) in $file to an invalid store path ("/nix/store/eeeeeeeeeeeeeeeeeeeeeeeeeeeeeeee-not-implemented/${dl.name}")"
substituteInPlace "$file" --replace 'dlopen("${dl.name}"' 'dlopen("/nix/store/eeeeeeeeeeeeeeeeeeeeeeeeeeeeeeee-not-implemented/${dl.name}"'
done
'' else ''
# ensure that the library we provide actually exists
if ! [ -e ${library} ]; then
echo 'The shared library `${library}` does not exist but was given as subtitute for `${dl.name}`'
exit 1
fi
# make the path to the dependency explicit
for file in $(grep -lr 'dlopen("${dl.name}"' src); do
echo "patching dlopen(\"${dl.name}\", ) in $file to ${library}"
substituteInPlace "$file" --replace 'dlopen("${dl.name}"' 'dlopen("${library}"'
done
'';
in
# patch all the dlopen calls to contain absolute paths to the libraries
lib.concatMapStringsSep "\n" patchDlOpen dlopenLibs
)
# finally ensure that there are no left-over dlopen calls that we didn't handle
+ ''
if grep -qr 'dlopen("[^/]' src; then