If we can't build compiler-rt, we can't have a clang for that
platform. Example affected architecture: s390, which is useful for
testing assumptions in Nixpkgs because it's a Linux architecture that
we can't emulate.
I've written buildPackages.targetPackages.llvmPackages even though
it's the same thing as llvmPackages because of the comment in this
file that warns people against relying on splicing for llvmPackages.
Taking llvmPackages as an input directly would make it easier for
people to make that mistake without seeing the comment.
We shouldn't try compiling to aarch64-unknown-linux-gnu from
aarch64-unknown-linux-gnu, because that tends to confuse things and is
not representative of actual cross compilation usage. In this case,
kexec-tools didn't compile.
In NixOS, /etc is NOT read-only, and most things in /etc are symlinks
to /etc/static, which is a symlink into the nix store - so the upstream
systemd "/etc is read-only" detection doesn't work.
Fixes#224080.
Expose a new `withKmod` option to be able to enable and disable kmod
integration, including the `systemd-modules-load` tool for automatic
modules loading during the system boot sequence.
Expose a new `withPam` option to allow enabling and disabling
integration with PAM stack, including the `systemd-user-sessions` daemon
and the associated `.service` file, as well as `pam_systemd.so` PAM
module for integration with `systemd-logind` and user session
registration with the systemd cgroup hierarchy.
Expose a new `withAudit` flag (defaults to `true` for backwards compatibility) to be able to conditionally enable and disable an integration with the `libaudit` library, which is used to integrate with Linux Audit Framework for logging various security-relevant events.
Expose a new `withAcl` flag (defaults to true for backwards compatibility) to be able to conditionally enable and disable an integration with `libacl` library, which is used by variety of systemd tools and daemon, e.g. `journald` will check ACLs in addition to regular permissions when accessing journal files and `systemd-nspawn` will update ACL entries when used with the `--private-users-chown` flag.
Expose a new `withLibidn2` flag (defauts to true for backwards compatibility) to be able to conditionally enable and disable integration with `libidn2`, which is used by the `systemd-network` and `systemd-resolved` to support internationalized domain names.
Changelog:
```
6c327d74aa hwdb: update to 11875a98e4f1c31e247d99e00c7774ea3653bafd
0b81fcd16d chase-symlinks: Always open a dirfd to the root directory
aa20a210a0 chase-symlinks: chase_symlinks_at() AT_FDCWD fixes
bb3e44323b escape: add missing non-NULL parameter assertions
c4e7cf2bd7 test-escape: Add tests for escaping bogus UTF-8 sequences
e906fd2421 escape: Ensure that output is always valid UTF-8
1a22006574 virt: correctly detect QEMU emulated pSeries guests
5ee19fdfa0 psi-util: fix error handling
9ffa0d439f journald: remove triplicate logging about failure to write log lines
4f7f93cc6a journald: downgrade various log messages from LOG_WARNING to LOG_INFO
a2dc51cd8c journald: make sure shall_try_append_again() logs about all return codes passed in, not just some
144ac494ec systemctl: print better message if default target is masked
791754f683 Revert "dissect-image: don't probe swap partitions needlessly"
d0e7841dce rules: remove redundant duplicate comparisons
dc98d58dd8 man: add two missing commands to synopsys
e093acd062 core/dbus-socket: check the socket path is absolute
a719c2ec2f sd-event: fix error handling
58c821af60 sd-event: always initialize sd_event.perturb
2bfb07b22f systemctl: show "Until:" field only for service and scope units
d9abd8babe tmpfiles.d: drop misleading comment
0f4dbe6367 Enable TPM by default with SetCredentialEncrypted
8d8240bdf6 stub: Fix unaligned read
44c2ff5b1e efi: drop executable-stack bit from .elf file
f2460b78b9 logind-session: make stopping of idle session visible to admins
1947b9939c sleep: check if we're on AC power before checking battery capacity
452cad62c8 install: fail early if specifier expansion failed
eae11e3f06 homectl: add missing break
9024afb994 core/manager: falling back to execute generators without sandboxing
aac692160e man/tmpfiles.d: adjust the table in synopsis, improve spelling
d2739b8c14 test: disable pipefail when testing interactive firstboot
755431b233 ukify: Set fast_load option when parsing PE files
343e90462f core: permit sending augmented enable/disable methods
ba1cb4156b process-util: show requested process name in the log
5140da8937 systemctl: edit: fix double free of instanced name
c4cdbb978f journalctl: fix output when --lines is used with --grep
6dafcad55c loop-util: fix error condition and return value
ec6c1fbf7d Correct journal misspell
6b6df9a845 cryptsetup: check the existence of salt by salt_size > 0
cd5de2811a boot: Fix assertion failure
01b90e1588 pid1: generate compat warning for SystemCallArchitectures= if seccomp is off
a3177cbe54 core/mount: fix default target for /sysusr/usr and its child
3168bda640 mkosi: configure multiarch libdir in debian/ubuntu builds
51b7acfcef tpm2: fix build failure without openssl
a88e35bf95 resolved: Fall back to TCP if UDP is blocked
```
systemd v253 changelog/NEWS:
https://github.com/systemd/systemd/blob/v253/NEWS
NixOS changes:
0007-hostnamed-localed-timedated-disable-methods-that-cha.patch was
dropped, because systemd gained support to handle read-only /etc.
*-add-rootprefix-to-lookup-dir-paths.patch required some updates too,
as src/basic/def.h moved to src/basic/constants.h.
systemd/systemd#25771 switched p11kit to become
dlopen()'ed, so we need to patch that path.
added a note to the 23.05 release notes to recommend `nixos-rebuild boot`
Co-authored-by: Florian Klink <flokli@flokli.de>
with structuredAttrs lists will be bash arrays which cannot be exported
which will be a issue with some patches and some wrappers like cc-wrapper
this makes it clearer that NIX_CFLAGS_COMPILE must be a string as lists
in env cause a eval failure
libBPF does not compile for mips64 targets using clang (rathern than
gcc) because clang lacks the necessary _MIPS_SZPTR compiler builtin.
Let's allow the rest of systemd to compile.
- The glibc people noticed this problem [way back in
2011](https://sourceware.org/pipermail/libc-ports/2011-June/001959.html)
and consider it to be a clang/llvm bug. I am inclined to agree.
- [clang has the `_MIPS_SZPTR`
builtin](3af9cb5375/clang/lib/Basic/Targets/Mips.cpp (L185))
and seems to have had it since before they switched to git.
This may in fact be a nixpkgs bug -- that we're not invoking clang
in a way that tells the frontend to make the mips builtins
available, even if the backend is emitting mips binaries. Or at
least we aren't tricking systemd's build machinery into doing that.
