diff options
Diffstat (limited to 'debian/extra')
40 files changed, 890 insertions, 0 deletions
diff --git a/debian/extra/checkout-upstream b/debian/extra/checkout-upstream new file mode 100755 index 0000000..1724fea --- /dev/null +++ b/debian/extra/checkout-upstream @@ -0,0 +1,147 @@ +#!/bin/sh +# Prepare systemd source package in current directory for testing an upstream +# commit, branch, or PR, without Debian patches. This replaces everything +# except the debian/ directory with an upstream checkout. +# NEVER run this in your actual packaging work directory! This is only meant +# for upstream CI. +# +# Author: Martin Pitt <martin.pitt@ubuntu.com> + +set -eu +test -x debian/rules +case "${DEB_BUILD_PROFILES:-}" in + *pkg.systemd.upstream*) ;; + *) + echo "Not in upstream testing mode. Do *not* run this script unless you know what you are doing." >&2 + exit 1 +esac +if [ -n "${UPSTREAM_PULL_REQUEST:-}" ]; then + FETCH="git fetch -fu origin refs/pull/$UPSTREAM_PULL_REQUEST/head:pr" + CO='git checkout pr' + DESC="PR #$UPSTREAM_PULL_REQUEST" +elif [ -n "${UPSTREAM_HEAD:-}" ]; then + FETCH='' + CO="git checkout $UPSTREAM_HEAD" + DESC="$UPSTREAM_HEAD" +else + echo "WARNING: $0: Neither UPSTREAM_PULL_REQUEST nor UPSTREAM_HEAD set, ignoring" >&2 + exit 0 +fi + +DUMMY_USER_NAME="Merge dummy user" +DUMMY_USER_EMAIL="invalid@example.com" + +UPSTREAM_REPO="${UPSTREAM_REPO:-https://github.com/systemd/systemd.git}" +BRANCH_NAME=$(git rev-parse --abbrev-ref HEAD) + +# Use git, if in a git repo +if [ -d .git ]; then + # make sure user.name/user.email are set, git commit wants them + git config --get user.name || git config user.name "$DUMMY_USER_NAME" + git config --get user.email || git config user.email "$DUMMY_USER_EMAIL" +fi + +if [ -n "${KEEP_DEBIAN_PATCHES:-}" ]; then + # set up pq branch if it does not exist + if [ "$BRANCH_NAME" = HEAD ]; then + echo "ERROR: $0 must be started from a branch when using KEEP_DEBIAN_PATCHES" >&2 + exit 1 + fi + gbp pq import 2> /dev/null && gbp pq switch || true + if ! git branch --contains "$BRANCH_NAME" | grep -q patch-queue/"$BRANCH_NAME"; then + echo "ERROR: patch-queue/$BRANCH_NAME exists but it is not rebased, please rebase it." >&2 + exit 1 + fi +fi + +# switch to native instead of quilt +echo '3.0 (native)' > debian/source/format + +# drop our patches +rm -rf debian/patches + +# disable tests which are not for upstream +[ -n "${KEEP_DEBIAN_TESTS:-}" ] || sed -i '/# NOUPSTREAM/ q' debian/tests/control + +# create new git commit with debian/ changes +if [ -d .git -a -n "$(git status --short debian)" ]; then + git add debian + git commit -n -m "checkout-upstream: edit debian/ files for upstream testing" +fi + +######## +# Everything below this changes only code outside debian/ +# besides temporary use of debian/tmp/ +# and the update to debian/changelog +######## + +mkdir -p debian/tmp +(cd debian/tmp + git clone "${UPSTREAM_REPO}" upstream || (rm -rf upstream; sleep 60; git clone "${UPSTREAM_REPO}" upstream) + cd upstream + $FETCH + $CO + git config user.email "$DUMMY_USER_EMAIL" + git config user.name "$DUMMY_USER_NAME" + if [ -n "${UPSTREAM_PULL_REQUEST:-}" ] && [ "${UPSTREAM_REPO}" != "https://github.com/systemd/systemd-stable.git" ]; then + git rebase main + fi + git submodule update --init --recursive) +UPSTREAM_VER=$(cd debian/tmp/upstream; git describe | sed 's/^v//;s/-/./g') + +# clean out original upstream sources +find -mindepth 1 -maxdepth 1 -name debian -o -name .git -prune -o -print0 | xargs -0n1 rm -rf + +# These options changes are only needed for the upstream CI, and we don't want to pollute d/rules with them. +# Also we want to ensure running on an older branch (e.g.: for the systemd-stable repository) doesn't break. +if grep -q default-timeout-sec debian/tmp/upstream/meson_options.txt; then + sed -i "s/option('default-timeout-sec', type : 'integer', value : 90/option('default-timeout-sec', type : 'integer', value : 180/" debian/tmp/upstream/meson_options.txt +fi +if grep -q log-trace debian/tmp/upstream/meson_options.txt; then + sed -i "s/option('log-trace', type : 'boolean', value : false/option('log-trace', type : 'boolean', value : true/" debian/tmp/upstream/meson_options.txt +fi +# TODO: drop when Jammy is no longer used +if grep -q sshdconfdir debian/tmp/upstream/meson_options.txt; then + sed -i "s/option('sshdconfdir',/option('sshdconfdir', value : 'no',/" debian/tmp/upstream/meson_options.txt +fi + +# replace with checkout +mv debian/tmp/upstream/* . +rm -rf debian/tmp + +# create new git commit with upstream code +if [ -d .git -a -n "$(git status --short)" ] ; then + git add . + git commit -n -m "checkout-upstream: replace with upstream code at version ${UPSTREAM_VER}" +fi + +# import Debian patches which apply cleanly +if [ -n "${KEEP_DEBIAN_PATCHES:-}" ]; then + for c in $(git log "$BRANCH_NAME"..patch-queue/"$BRANCH_NAME" --format='%H' --reverse); do + if ! git cherry-pick $c; then + git cherry-pick --abort + git reset --hard + git clean -dxf + fi + done +fi + +if [ -z "${UPSTREAM_KEEP_CHANGELOG:-}" ] ; then + # craft changelog + cat << EOF > debian/changelog.new +systemd (${UPSTREAM_VER}.0) UNRELEASED; urgency=low + + * Automatic build from upstream $DESC + + -- systemd test <pkg-systemd-maintainers@lists.alioth.debian.org> $(date -R) + +EOF + cat debian/changelog >> debian/changelog.new + mv debian/changelog.new debian/changelog + + # create new git commit with changelog entry + if [ -d .git ] ; then + git add debian + git commit -n -m "checkout-upstream: update changelog to version ${UPSTREAM_VER}.0" + fi +fi diff --git a/debian/extra/dhclient-exit-hooks.d/timesyncd b/debian/extra/dhclient-exit-hooks.d/timesyncd new file mode 100644 index 0000000..456deb2 --- /dev/null +++ b/debian/extra/dhclient-exit-hooks.d/timesyncd @@ -0,0 +1,52 @@ +TIMESYNCD_CONF=/run/systemd/timesyncd.conf.d/01-dhclient.conf + +timesyncd_servers_setup_remove() { + if [ ! -d /run/systemd/system ]; then + return + fi + if [ ! -x /usr/lib/systemd/systemd-timesyncd ]; then + return + fi + + if [ -e $TIMESYNCD_CONF ]; then + rm -f $TIMESYNCD_CONF + systemctl try-restart systemd-timesyncd.service || true + fi +} + +timesyncd_servers_setup_add() { + if [ ! -d /run/systemd/system ]; then + return + fi + if [ ! -x /usr/lib/systemd/systemd-timesyncd ]; then + return + fi + + if [ -e $TIMESYNCD_CONF ] && [ "$new_ntp_servers" = "$old_ntp_servers" ]; then + return + fi + + if [ -z "$new_ntp_servers" ]; then + timesyncd_servers_setup_remove + return + fi + + mkdir -p $(dirname $TIMESYNCD_CONF) + cat <<EOF > ${TIMESYNCD_CONF}.new +# NTP server entries received from DHCP server +[Time] +NTP=$new_ntp_servers +EOF + mv ${TIMESYNCD_CONF}.new ${TIMESYNCD_CONF} + systemctl try-restart systemd-timesyncd.service || true +} + + +case $reason in + BOUND|RENEW|REBIND|REBOOT) + timesyncd_servers_setup_add + ;; + EXPIRE|FAIL|RELEASE|STOP) + timesyncd_servers_setup_remove + ;; +esac diff --git a/debian/extra/fbdev-blacklist.conf b/debian/extra/fbdev-blacklist.conf new file mode 100644 index 0000000..00a9170 --- /dev/null +++ b/debian/extra/fbdev-blacklist.conf @@ -0,0 +1,20 @@ +# This file blacklists most old-style PCI framebuffer drivers. + +blacklist arkfb +blacklist aty128fb +blacklist atyfb +blacklist radeonfb +blacklist cirrusfb +blacklist cyber2000fb +blacklist kyrofb +blacklist matroxfb_base +blacklist mb862xxfb +blacklist neofb +blacklist pm2fb +blacklist pm3fb +blacklist s3fb +blacklist savagefb +blacklist sisfb +blacklist tdfxfb +blacklist tridentfb +blacklist vt8623fb diff --git a/debian/extra/init-functions.d/40-systemd b/debian/extra/init-functions.d/40-systemd new file mode 100644 index 0000000..d1dc03e --- /dev/null +++ b/debian/extra/init-functions.d/40-systemd @@ -0,0 +1,101 @@ +# -*-Shell-script-*- +# /lib/lsb/init-functions + +_use_systemctl=0 +if [ -d /run/systemd/system ]; then + + if [ -n "${__init_d_script_name:-}" ]; then # scripts run with new init-d-script + executable="$__init_d_script_name" + argument="$1" + elif [ "${0##*/}" = "init-d-script" ] || + [ "${0##*/}" = "${1:-}" ]; then # scripts run with old init-d-script + executable="$1" + argument="$2" + else # plain old scripts + executable="$0" + argument="${1:-}" + fi + + prog=${executable##*/} + service="${prog%.sh}.service" + + # Don't try to run masked services. systemctl <= 230 always succeeds here, + # but later systemctls fail on nonexisting units; be compatible with both + state=$(systemctl -p LoadState --value show $service 2>/dev/null) || state="not-found" + [ "$state" = "masked" ] && exit 0 + + # Redirect SysV init scripts when executed by the user + if [ $PPID -ne 1 ] && [ -z "${SYSTEMCTL_SKIP_REDIRECT:-}" ]; then + case $(readlink -f "$executable") in + /etc/init.d/*) + # If the state is not-found, this might be a newly installed SysV init + # script where systemd-sysv-generator has not been run yet. + [ "$state" != "not-found" ] || [ "$(id -u)" != 0 ] || systemctl --no-ask-password daemon-reload + + _use_systemctl=1 + # Some services can't reload through the .service file, + # but can through the init script. + if [ "$(systemctl -p CanReload --value show $service 2>/dev/null)" = "no" ] && [ "${argument:-}" = "reload" ]; then + _use_systemctl=0 + fi + ;; + esac + fi +fi + +systemctl_redirect () { + local s + local rc + local prog=${1##*/} + local command=$2 + + case "$command" in + start) + s="Starting $prog (via systemctl)" + ;; + stop) + s="Stopping $prog (via systemctl)" + ;; + reload|force-reload) + s="Reloading $prog configuration (via systemctl)" + ;; + try-restart) + s="Restarting $prog if running (via systemctl)" + ;; + restart) + s="Restarting $prog (via systemctl)" + ;; + esac + + service="${prog%.sh}.service" + + # avoid deadlocks during bootup and shutdown from units/hooks + # which call "invoke-rc.d service reload" and similar, since + # the synchronous wait plus systemd's normal behaviour of + # transactionally processing all dependencies first easily + # causes dependency loops + if ! systemctl --quiet is-system-running && [ "$command" = "reload" ]; then + sctl_args="--no-block" + fi + + [ "$command" = status ] || log_daemon_msg "$s" "$service" + systemctl --no-pager $sctl_args $command "$service" + rc=$? + [ "$command" = status ] || log_end_msg $rc + + return $rc +} + +if [ "$_use_systemctl" = "1" ]; then + # Some init scripts use "set -e" and "set -u", we don't want that + # here + set +e + set +u + + case "$argument" in + start|stop|restart|reload|force-reload|try-restart|status) + systemctl_redirect $executable $argument + exit $? + ;; + esac +fi diff --git a/debian/extra/initramfs-tools/hooks/udev b/debian/extra/initramfs-tools/hooks/udev new file mode 100755 index 0000000..4da5b28 --- /dev/null +++ b/debian/extra/initramfs-tools/hooks/udev @@ -0,0 +1,55 @@ +#!/bin/sh -e + +PREREQS="" + +prereqs() { echo "$PREREQS"; } + +case "$1" in + prereqs) + prereqs + exit 0 + ;; +esac + +. /usr/share/initramfs-tools/hook-functions + +mkdir -p "$DESTDIR/usr/lib/systemd" +copy_exec /usr/lib/systemd/systemd-udevd /usr/lib/systemd +copy_exec /usr/bin/udevadm /usr/bin + +mkdir -p "$DESTDIR/etc/udev" +cp -p /etc/udev/udev.conf "$DESTDIR/etc/udev/" + +# copy .link files containing interface naming definitions +mkdir -p "$DESTDIR/usr/lib/systemd/network/" +find -L /usr/lib/systemd/network -name '*.link' -execdir cp -pt "$DESTDIR/usr/lib/systemd/network/" '{}' + +if [ -d /etc/systemd/network ]; then + find -L /etc/systemd/network -name '*.link' -execdir cp -pt "$DESTDIR/usr/lib/systemd/network/" '{}' + +fi + +mkdir -p "$DESTDIR/usr/lib/udev/rules.d/" +for rules in 50-firmware.rules 50-udev-default.rules \ + 60-block.rules 60-persistent-storage.rules \ + 61-persistent-storage-android.rules 71-seat.rules \ + 73-special-net-names.rules 75-net-description.rules \ + 80-net-setup-link.rules 80-drivers.rules; do + if [ -e /etc/udev/rules.d/$rules ]; then + cp -p /etc/udev/rules.d/$rules "$DESTDIR/usr/lib/udev/rules.d/" + elif [ -e /usr/lib/udev/rules.d/$rules ]; then + cp -p /usr/lib/udev/rules.d/$rules "$DESTDIR/usr/lib/udev/rules.d/" + fi +done + +# now copy all custom udev rules which don't have an equivalent in /usr/lib (e. g. +# 70-persistent-net.rules or similar); They might contain network names or +# other bits which are relevant for the initramfs. +for rules in /etc/udev/rules.d/*.rules; do + if [ -e "$rules" ] && [ ! -e "/usr/lib/${rules#/etc/}" ]; then + cp -p "$rules" "$DESTDIR/usr/lib/udev/rules.d/" + fi +done + +for program in ata_id scsi_id; do + copy_exec /usr/lib/udev/$program /usr/lib/udev +done +copy_exec /sbin/blkid /sbin diff --git a/debian/extra/initramfs-tools/scripts/init-bottom/udev b/debian/extra/initramfs-tools/scripts/init-bottom/udev new file mode 100755 index 0000000..73887ea --- /dev/null +++ b/debian/extra/initramfs-tools/scripts/init-bottom/udev @@ -0,0 +1,28 @@ +#!/bin/sh -e + +PREREQS="" + +prereqs() { echo "$PREREQS"; } + +case "$1" in + prereqs) + prereqs + exit 0 + ;; +esac + +# Stop udevd, we'll miss a few events while we run init, but we catch up +udevadm control --exit + +# move the /dev tmpfs to the rootfs; fall back to util-linux mount that does +# not understand -o move +mount -n -o move /dev "${rootmnt:?}/dev" || mount -n --move /dev "${rootmnt}/dev" + +# create a temporary symlink to the final /dev for other initramfs scripts +if command -v nuke >/dev/null; then + nuke /dev +else + # shellcheck disable=SC2114 + rm -rf /dev +fi +ln -s "${rootmnt}/dev" /dev diff --git a/debian/extra/initramfs-tools/scripts/init-top/udev b/debian/extra/initramfs-tools/scripts/init-top/udev new file mode 100755 index 0000000..11ae72a --- /dev/null +++ b/debian/extra/initramfs-tools/scripts/init-top/udev @@ -0,0 +1,31 @@ +#!/bin/sh -e + +PREREQS="" + +prereqs() { echo "$PREREQS"; } + +case "$1" in + prereqs) + prereqs + exit 0 + ;; +esac + +if [ -w /sys/kernel/uevent_helper ]; then + echo > /sys/kernel/uevent_helper +fi + +if [ "${quiet:-n}" = "y" ]; then + log_level=notice +else + log_level=info +fi + +SYSTEMD_LOG_LEVEL=$log_level /usr/lib/systemd/systemd-udevd --daemon --resolve-names=never + +udevadm trigger --type=subsystems --action=add +udevadm trigger --type=devices --action=add +udevadm settle || true + +# Leave udev running to process events that come in out-of-band (like USB +# connections) diff --git a/debian/extra/initramfs/post-update.d/systemd-boot b/debian/extra/initramfs/post-update.d/systemd-boot new file mode 100755 index 0000000..1cee51c --- /dev/null +++ b/debian/extra/initramfs/post-update.d/systemd-boot @@ -0,0 +1,11 @@ +#!/bin/sh + +set -eu + +test -x /usr/bin/bootctl || exit 0 + +bootctl is-installed --quiet || exit 0 + +echo "Updating kernel version $1 in systemd-boot..." + +kernel-install add "$1" "/boot/vmlinuz-$1" "$2" diff --git a/debian/extra/journald.conf.d/syslog.conf b/debian/extra/journald.conf.d/syslog.conf new file mode 100644 index 0000000..0f07c01 --- /dev/null +++ b/debian/extra/journald.conf.d/syslog.conf @@ -0,0 +1,5 @@ +# Undo upstream commit 46b131574fdd7d77 for now. For details see +# http://lists.freedesktop.org/archives/systemd-devel/2014-November/025550.html + +[Journal] +ForwardToSyslog=yes diff --git a/debian/extra/kernel-install.d/55-initrd.install b/debian/extra/kernel-install.d/55-initrd.install new file mode 100755 index 0000000..ecbed87 --- /dev/null +++ b/debian/extra/kernel-install.d/55-initrd.install @@ -0,0 +1,26 @@ +#!/bin/sh +set -eu +# -*- mode: shell-script; indent-tabs-mode: nil; sh-basic-offset: 4; -*- +# ex: ts=8 sw=4 sts=4 et filetype=sh + +COMMAND="$1" +KERNEL_VERSION="$2" + +INITRD_SRC="/boot/initrd.img-$KERNEL_VERSION" + +[ "$COMMAND" = add ] || exit 0 + +if [ "$#" -ge 5 ]; then + # Explicit initrd paths were passed, fall through to default 90-loaderentry.install handling; + # we'd be either injecting an unwanted image or, worse, overriding a user-provided one + exit 0 +fi + +if [ -e "$INITRD_SRC" ]; then + [ "$KERNEL_INSTALL_VERBOSE" -gt 0 ] && echo "Installing '$INITRD_SRC'" + ln -fs "$INITRD_SRC" "$KERNEL_INSTALL_STAGING_AREA" +else + echo "$INITRD_SRC does not exist, not installing an initrd" +fi + +exit 0 diff --git a/debian/extra/kernel/postinst.d/zz-systemd-boot b/debian/extra/kernel/postinst.d/zz-systemd-boot new file mode 100755 index 0000000..8901140 --- /dev/null +++ b/debian/extra/kernel/postinst.d/zz-systemd-boot @@ -0,0 +1,11 @@ +#!/bin/sh + +set -e + +test -x /usr/bin/bootctl || exit 0 + +bootctl is-installed --quiet || exit 0 + +echo "Installing kernel version $1 in systemd-boot..." + +kernel-install add "$1" "$2" diff --git a/debian/extra/kernel/postrm.d/zz-systemd-boot b/debian/extra/kernel/postrm.d/zz-systemd-boot new file mode 100755 index 0000000..4db5e51 --- /dev/null +++ b/debian/extra/kernel/postrm.d/zz-systemd-boot @@ -0,0 +1,11 @@ +#!/bin/sh + +set -e + +test -x /usr/bin/bootctl || exit 0 + +bootctl is-installed --quiet || exit 0 + +echo "Removing kernel version $1 from systemd-boot..." + +kernel-install remove "$1" diff --git a/debian/extra/make-fbdev-blacklist b/debian/extra/make-fbdev-blacklist new file mode 100755 index 0000000..071a9fd --- /dev/null +++ b/debian/extra/make-fbdev-blacklist @@ -0,0 +1,52 @@ +#!/bin/sh +# This script should be run before building the package every time a new +# kernel is released. +# +# You should pass the name of the modules directory for a 486 flavour +# kernel, as that has the most framebuffer modules. +# +# Also, obsolete modules should not be removed from the list until after +# at least one stable release. + +set -e + +if [ $# = 0 ]; then + MODULES_DIR=/lib/modules/$(uname -r) +else + MODULES_DIR="$1" +fi + +BL='fbdev-blacklist.conf' + +if [ -e extra/$BL ]; then cd extra; fi + +{ +printf "# This file blacklists most old-style PCI framebuffer drivers.\n\n" + +find "$MODULES_DIR"/kernel/drivers/video -type f | sort | \ +while read file; do + name="$(basename $file .ko)" + case $name in + lxfb) + # This is needed for text consoles on OLPC XO-1, and it used to be + # built-in anyway. + ;; + viafb) + # Needed by OLPC XO-1.5. + ;; + hyperv_fb) + # Needed for graphical support on Hyper-V platforms, see LP: #1359933. + ;; + *) + /sbin/modinfo $file | grep -q '^alias: *pci:' \ + && echo blacklist $name || true + ;; + esac +done +} > $BL.tmp + +if diff --unified=0 $BL $BL.tmp; then + rm $BL.tmp +else + printf "\n\n\n$BL.tmp has changes!\n\n\n\n" +fi diff --git a/debian/extra/make-sysusers-basic b/debian/extra/make-sysusers-basic new file mode 100755 index 0000000..8ff1b15 --- /dev/null +++ b/debian/extra/make-sysusers-basic @@ -0,0 +1,18 @@ +#!/bin/sh +# generate a sysusers.d(5) file from Debian's static master passwd/group files +set -eu + +echo '# generated from /usr/share/base-passwd/{passwd,group}.master' + +# only take groups whose name+gid != the corresponding user in passwd.master +export IFS=: +while read name _ id _; do + if ! grep -q "^$name:\*:$id:$id:" /usr/share/base-passwd/passwd.master; then + printf "g %-10s %-5s -\n" $name $id + fi +done < /usr/share/base-passwd/group.master + +echo + +# treat "nobody:nogroup" specially: same ID, but different name, so prevent creating a "nobody" group +awk -F: '{ i = ($3 == $4 && $4 != 65534) ? $3 : $3":"$4; printf("u %-10s %-7s - %-20s %s\n", $1,i,$6,$7) }' < /usr/share/base-passwd/passwd.master diff --git a/debian/extra/modprobe.d-udeb/scsi-mod-scan-sync.conf b/debian/extra/modprobe.d-udeb/scsi-mod-scan-sync.conf new file mode 100644 index 0000000..b5781d7 --- /dev/null +++ b/debian/extra/modprobe.d-udeb/scsi-mod-scan-sync.conf @@ -0,0 +1,4 @@ +# Use synchronous scanning, to block update-dev in d-i/hw-detect until after the scan is done +# This ensures that partitioning stage has all the drives detected + +options scsi_mod scan=sync diff --git a/debian/extra/network/73-usb-net-by-mac.link b/debian/extra/network/73-usb-net-by-mac.link new file mode 100644 index 0000000..98800cd --- /dev/null +++ b/debian/extra/network/73-usb-net-by-mac.link @@ -0,0 +1,5 @@ +[Match] +Path=*-usb-* + +[Link] +NamePolicy=mac diff --git a/debian/extra/pam-configs/systemd b/debian/extra/pam-configs/systemd new file mode 100644 index 0000000..5b56996 --- /dev/null +++ b/debian/extra/pam-configs/systemd @@ -0,0 +1,7 @@ +Name: Register user sessions in the systemd control group hierarchy +Default: yes +Priority: 0 +Session-Interactive-Only: yes +Session-Type: Additional +Session: + optional pam_systemd.so diff --git a/debian/extra/pam-configs/systemd-homed b/debian/extra/pam-configs/systemd-homed new file mode 100644 index 0000000..0613efc --- /dev/null +++ b/debian/extra/pam-configs/systemd-homed @@ -0,0 +1,15 @@ +Name: Enable user management by systemd-homed +Default: yes +Priority: 257 +Auth-Type: Primary +Auth: + [success=end default=ignore] pam_systemd_home.so +Account-Type: Primary +Account: + [success=end default=ignore] pam_systemd_home.so +Session-Type: Additional +Session: + optional pam_systemd_home.so +Password-Type: Primary +Password: + [success=end default=ignore] pam_systemd_home.so diff --git a/debian/extra/pam.d/systemd-user b/debian/extra/pam.d/systemd-user new file mode 100644 index 0000000..65279f9 --- /dev/null +++ b/debian/extra/pam.d/systemd-user @@ -0,0 +1,13 @@ +# This file is part of systemd. +# +# Used by systemd --user instances. + +@include common-account + +session required pam_selinux.so close +session required pam_selinux.so nottys open +session required pam_loginuid.so +session required pam_limits.so +@include common-session-noninteractive +session optional pam_keyinit.so force revoke +session optional pam_systemd.so diff --git a/debian/extra/rules-ubuntu/40-vm-hotadd.rules b/debian/extra/rules-ubuntu/40-vm-hotadd.rules new file mode 100644 index 0000000..7f2640b --- /dev/null +++ b/debian/extra/rules-ubuntu/40-vm-hotadd.rules @@ -0,0 +1,14 @@ +# On Hyper-V and Xen Virtual Machines we want to add memory and cpus as soon as they appear +ATTR{[dmi/id]sys_vendor}=="Microsoft Corporation", ATTR{[dmi/id]product_name}=="Virtual Machine", GOTO="vm_hotadd_apply" +ATTR{[dmi/id]sys_vendor}=="Xen", GOTO="vm_hotadd_apply" +GOTO="vm_hotadd_end" + +LABEL="vm_hotadd_apply" + +# Memory hotadd request +SUBSYSTEM=="memory", ACTION=="add", DEVPATH=="/devices/system/memory/memory[0-9]*", TEST=="state", ATTR{state}!="online", ATTR{state}="online" + +# CPU hotadd request +SUBSYSTEM=="cpu", ACTION=="add", DEVPATH=="/devices/system/cpu/cpu[0-9]*", TEST=="online", ATTR{online}!="1", ATTR{online}="1" + +LABEL="vm_hotadd_end" diff --git a/debian/extra/rules-ubuntu/61-persistent-storage-android.rules b/debian/extra/rules-ubuntu/61-persistent-storage-android.rules new file mode 100644 index 0000000..369d5a6 --- /dev/null +++ b/debian/extra/rules-ubuntu/61-persistent-storage-android.rules @@ -0,0 +1,6 @@ +# Android based kernel exports the uevent property PARTNAME, which can be +# used to find out at run time the named partitions (e.g. boot) for the +# device. This is specially useful for the Touch based images and flash-kernel, +# to automatically update the kernel by writing at the correct partition +# (independently of the hardware revision). +ACTION!="remove", KERNEL=="mmcblk[0-9]p[0-9]", ENV{PARTNAME}=="?*", SYMLINK+="disk/by-partlabel/$env{PARTNAME}" diff --git a/debian/extra/rules-ubuntu/71-power-switch-proliant.rules b/debian/extra/rules-ubuntu/71-power-switch-proliant.rules new file mode 100644 index 0000000..022baeb --- /dev/null +++ b/debian/extra/rules-ubuntu/71-power-switch-proliant.rules @@ -0,0 +1,2 @@ +ACTION!="remove", SUBSYSTEM=="input", KERNEL=="event*", SUBSYSTEMS=="platform", KERNELS=="gpio_keys.6|soc:gpio_keys", PROGRAM="/bin/cat /proc/device-tree/model", RESULT=="HP ProLiant m400 Server Cartridge", TAG+="power-switch" +ACTION!="remove", SUBSYSTEM=="input", KERNEL=="event*", SUBSYSTEMS=="platform", KERNELS=="gpio_keys.12", ATTRS{keys}=="116", PROGRAM="/bin/cat /proc/device-tree/model", RESULT=="HP ProLiant m800 Server Cartridge", TAG+="power-switch" diff --git a/debian/extra/rules-ubuntu/78-graphics-card.rules b/debian/extra/rules-ubuntu/78-graphics-card.rules new file mode 100644 index 0000000..b3b906c --- /dev/null +++ b/debian/extra/rules-ubuntu/78-graphics-card.rules @@ -0,0 +1,30 @@ +# do not edit this file, it will be overwritten on update + +ACTION!="add", GOTO="graphics_end" + +# Tag the drm device for KMS-supporting drivers as the primary device for +# the display; for non-KMS drivers tag the framebuffer device instead. + +SUBSYSTEM!="drm", GOTO="drm_end" +KERNEL!="card[0-9]*", GOTO="drm_end" +ENV{DEVTYPE}!="drm_minor", GOTO="drm_end" + +DRIVERS=="i915", ENV{PRIMARY_DEVICE_FOR_DISPLAY}="1" +DRIVERS=="radeon", ENV{PRIMARY_DEVICE_FOR_DISPLAY}="1" +DRIVERS=="nouveau", ENV{PRIMARY_DEVICE_FOR_DISPLAY}="1" +DRIVERS=="vmwgfx", ENV{PRIMARY_DEVICE_FOR_DISPLAY}="1" + +LABEL="drm_end" + +SUBSYSTEM!="graphics", GOTO="graphics_end" + +DRIVERS=="i915", GOTO="graphics_end" +DRIVERS=="radeon", GOTO="graphics_end" +DRIVERS=="nouveau", GOTO="graphics_end" +DRIVERS=="efifb", GOTO="graphics_end" +DRIVERS=="efi-framebuffer", GOTO="graphics_end" +DRIVERS=="vesa-framebuffer", GOTO="graphics_end" + +KERNEL=="fb[0-9]*", ENV{PRIMARY_DEVICE_FOR_DISPLAY}="1" + +LABEL="graphics_end" diff --git a/debian/extra/rules/50-firmware.rules b/debian/extra/rules/50-firmware.rules new file mode 100644 index 0000000..f7a08ce --- /dev/null +++ b/debian/extra/rules/50-firmware.rules @@ -0,0 +1,3 @@ +# stub for immediately telling the kernel that userspace firmware loading +# failed; necessary to avoid long timeouts with CONFIG_FW_LOADER_USER_HELPER=y +SUBSYSTEM=="firmware", ACTION=="add", ATTR{loading}="-1" diff --git a/debian/extra/rules/73-special-net-names.rules b/debian/extra/rules/73-special-net-names.rules new file mode 100644 index 0000000..3b145ed --- /dev/null +++ b/debian/extra/rules/73-special-net-names.rules @@ -0,0 +1,14 @@ +# On Dell PowerEdge systems, the iDRAC7 and later support a USB Virtual NIC +# which terminates in the iDRAC. Help identify this with 'idrac' +ACTION=="add", SUBSYSTEM=="net", SUBSYSTEMS=="usb", ATTRS{idVendor}=="413c", ATTRS{idProduct}=="a102", NAME="idrac" + +# On IBM systems the Integrated Management Module is reachable using a +# # USB Virtual NIC. +ACTION=="add", SUBSYSTEM=="net", SUBSYSTEMS=="usb", \ + ATTRS{idVendor}=="04b3", ATTRS{idProduct}=="0325", NAME="ibmimm" + +# ibmveth devices' $DEVPATH number is tied to (virtual) hardware (slot id +# selected in the HMC), thus this provides a reliable naming (e. g. +# "/devices/vio/30000002/net/eth1"); we ignore the bus number, as +# there should only ever be one bus, and then remove leading zeros +ACTION=="add", SUBSYSTEM=="net", NAME=="", DRIVERS=="ibmveth", PROGRAM="/bin/sh -ec 'D=$${DEVPATH#*/vio/}; D=$${D%%%%/*}; D=$${D#????}; D=$${D#0}; D=$${D#0}; D=$${D#0}; D=$${D#0}; echo $${D:-0}'", NAME="ibmveth$result" diff --git a/debian/extra/rules/80-debian-compat.rules b/debian/extra/rules/80-debian-compat.rules new file mode 100644 index 0000000..1c4dbc5 --- /dev/null +++ b/debian/extra/rules/80-debian-compat.rules @@ -0,0 +1,16 @@ +# Debian specific udev rules for backwards compatibility + +# needed for old tape drivers, http://bugs.debian.org/657948 +SUBSYSTEM=="scsi", ENV{DEVTYPE}=="scsi_device", TEST!="[module/sg]", RUN{builtin}+="kmod load sg" + +# device permissions +KERNEL=="mISDNtimer", GROUP="dialout" +KERNEL=="mwave", GROUP="dialout" +KERNEL=="nvram", GROUP="kmem", MODE="0640" +KERNEL=="pktcdvd", GROUP="cdrom", MODE="0644" +KERNEL=="lirc[0-9]*", GROUP="video" +KERNEL=="legousbtower*", MODE="0666" +KERNEL=="sonypi", MODE="0666" +KERNEL=="mmtimer", MODE="0644" +KERNEL=="sgi_*", MODE="0666" +KERNEL=="z90crypt", MODE="0666" diff --git a/debian/extra/start-udev b/debian/extra/start-udev new file mode 100755 index 0000000..1adfc52 --- /dev/null +++ b/debian/extra/start-udev @@ -0,0 +1,23 @@ +#!/bin/sh -e + +if [ -w /sys/kernel/uevent_helper ]; then + echo > /sys/kernel/uevent_helper +fi + +if ! grep -E -q "^[^[:space:]]+ /dev devtmpfs" /proc/mounts; then + mount -n -o mode=0755 -t devtmpfs devtmpfs /dev + # Setup a few /dev symlinks, see #975018 + [ ! -h /dev/fd ] && ln -s /proc/self/fd /dev/fd + [ ! -h /dev/stdin ] && ln -s /proc/self/fd/0 /dev/stdin + [ ! -h /dev/stdout ] && ln -s /proc/self/fd/1 /dev/stdout + [ ! -h /dev/stderr ] && ln -s /proc/self/fd/2 /dev/stderr +fi + +SYSTEMD_LOG_LEVEL=notice /usr/lib/systemd/systemd-udevd --daemon --resolve-names=never + +udevadm trigger --action=add + +mkdir -p /dev/pts +mount -t devpts -o noexec,nosuid,gid=5,mode=0620 devpts /dev/pts + +udevadm settle || true diff --git a/debian/extra/systemd-oomd-defaults/-.slice.d/10-oomd-root-slice-defaults.conf b/debian/extra/systemd-oomd-defaults/-.slice.d/10-oomd-root-slice-defaults.conf new file mode 100644 index 0000000..49958e8 --- /dev/null +++ b/debian/extra/systemd-oomd-defaults/-.slice.d/10-oomd-root-slice-defaults.conf @@ -0,0 +1,2 @@ +[Slice] +ManagedOOMSwap=kill diff --git a/debian/extra/systemd-oomd-defaults/oomd.conf.d/10-oomd-defaults.conf b/debian/extra/systemd-oomd-defaults/oomd.conf.d/10-oomd-defaults.conf new file mode 100644 index 0000000..0254657 --- /dev/null +++ b/debian/extra/systemd-oomd-defaults/oomd.conf.d/10-oomd-defaults.conf @@ -0,0 +1,2 @@ +[OOM] +DefaultMemoryPressureDurationSec=20s diff --git a/debian/extra/systemd-oomd-defaults/user@.service.d/10-oomd-user-service-defaults.conf b/debian/extra/systemd-oomd-defaults/user@.service.d/10-oomd-user-service-defaults.conf new file mode 100644 index 0000000..94d5c87 --- /dev/null +++ b/debian/extra/systemd-oomd-defaults/user@.service.d/10-oomd-user-service-defaults.conf @@ -0,0 +1,3 @@ +[Service] +ManagedOOMMemoryPressure=kill +ManagedOOMMemoryPressureLimit=50% diff --git a/debian/extra/systemd-sysv-install b/debian/extra/systemd-sysv-install new file mode 100755 index 0000000..7e90dc2 --- /dev/null +++ b/debian/extra/systemd-sysv-install @@ -0,0 +1,56 @@ +#!/bin/sh +# This script is called by "systemctl enable/disable" when the given unit is a +# SysV init.d script. It needs to call the distribution's mechanism for +# enabling/disabling those, such as chkconfig, update-rc.d, or similar. This +# can optionally take a --root argument for enabling a SysV init script +# in a chroot or similar. +set -eu + +usage() { + echo "Usage: $0 [--root=path] enable|disable|is-enabled <sysv script name>" >&2 + exit 1 +} + +ROOT= + +# parse options +eval set -- "$(getopt -o r: --long root: -- "$@")" +while true; do + case "$1" in + -r|--root) + ROOT="$2" + shift 2 ;; + --) shift ; break ;; + *) usage ;; + esac +done + +NAME="${2:-}" + +run() { + if [ -n "$ROOT" ] && [ "$ROOT" != "/" ]; then + _SKIP_SYSTEMD_NATIVE=1 chroot "$ROOT" /usr/sbin/update-rc.d "$@" + else + _SKIP_SYSTEMD_NATIVE=1 /usr/sbin/update-rc.d "$@" + fi +} + +[ -n "$NAME" ] || usage + +case "$1" in + enable) + # call the command to enable SysV init script $NAME here.. + run "$NAME" defaults + run "$NAME" enable + ;; + disable) + run "$NAME" defaults + run "$NAME" disable + ;; + is-enabled) + # exit with 0 if $NAME is enabled, non-zero if it is disabled + ls "$ROOT"/etc/rc[S5].d/S??"$NAME" >/dev/null 2>&1 + ;; + *) + usage ;; +esac diff --git a/debian/extra/systemd.py b/debian/extra/systemd.py new file mode 100644 index 0000000..d79e0eb --- /dev/null +++ b/debian/extra/systemd.py @@ -0,0 +1,28 @@ +'''apport package hook for systemd + +(c) 2014 Canonical Ltd. +Author: Martin Pitt <martin.pitt@ubuntu.com> +''' + +import os.path +import apport.hookutils + +def add_info(report): + apport.hookutils.attach_hardware(report) + + report['SystemdDelta'] = apport.hookutils.command_output(['systemd-delta']) + + if not os.path.exists('/run/systemd/system'): + return + + # Add details about all failed units, if any + out = apport.hookutils.command_output(['systemctl', '--state=failed', '--full', + '--no-legend']).strip() + if out: + failed = '' + for line in out.splitlines(): + unit = line.split()[0] + if failed: + failed += '------\n' + failed += apport.hookutils.command_output(['systemctl', 'status', '--full', unit]) + report['SystemdFailedUnits'] = failed diff --git a/debian/extra/tmpfiles.d/debian.conf b/debian/extra/tmpfiles.d/debian.conf new file mode 100644 index 0000000..0f55da0 --- /dev/null +++ b/debian/extra/tmpfiles.d/debian.conf @@ -0,0 +1,16 @@ +# This file is part of the debianisation of systemd. +# +# systemd is free software; you can redistribute it and/or modify it +# under the terms of the GNU General Public License as published by +# the Free Software Foundation; either version 2 of the License, or +# (at your option) any later version. + +# See tmpfiles.d(5) for details + +# Type Path Mode UID GID Age Argument +L /run/shm - - - - /dev/shm +d /run/sendsigs.omit.d 0755 root root - + +L+ /etc/mtab - - - - ../proc/self/mounts +L+ /etc/default/locale - - - - ../locale.conf +L+ /etc/vconsole.conf - - - - default/keyboard diff --git a/debian/extra/udev.py b/debian/extra/udev.py new file mode 100644 index 0000000..d8bc76f --- /dev/null +++ b/debian/extra/udev.py @@ -0,0 +1,19 @@ +'''apport package hook for udev + +(c) 2009 Canonical Ltd. +Author: Martin Pitt <martin.pitt@ubuntu.com> +''' + +import os +import apport.hookutils + +def add_info(report): + apport.hookutils.attach_hardware(report) + + user_rules = [] + for f in os.listdir('/etc/udev/rules.d'): + if not f.startswith('70-persistent-') and f != 'README': + user_rules.append(f) + + if user_rules: + report['CustomUdevRuleFiles'] = ' '.join(user_rules) diff --git a/debian/extra/units-ubuntu/user@.service.d/timeout.conf b/debian/extra/units-ubuntu/user@.service.d/timeout.conf new file mode 100644 index 0000000..213eb65 --- /dev/null +++ b/debian/extra/units-ubuntu/user@.service.d/timeout.conf @@ -0,0 +1,4 @@ +# Avoid long hangs during shutdown if user services fail/hang due to X.org +# going away too early +[Service] +TimeoutStopSec=5 diff --git a/debian/extra/units/getty-static.service b/debian/extra/units/getty-static.service new file mode 100644 index 0000000..25c5c72 --- /dev/null +++ b/debian/extra/units/getty-static.service @@ -0,0 +1,10 @@ +[Unit] +Description=getty on tty2-tty6 if dbus and logind are not available +ConditionPathExists=/dev/tty0 +ConditionPathExists=!/usr/bin/dbus-daemon +ConditionPathExists=!/usr/bin/dbus-broker + +[Service] +Type=oneshot +ExecStart=systemctl --no-block start getty@tty2.service getty@tty3.service getty@tty4.service getty@tty5.service getty@tty6.service +RemainAfterExit=true diff --git a/debian/extra/units/rc-local.service.d/debian.conf b/debian/extra/units/rc-local.service.d/debian.conf new file mode 100644 index 0000000..ec77220 --- /dev/null +++ b/debian/extra/units/rc-local.service.d/debian.conf @@ -0,0 +1,10 @@ +[Unit] +# not specified by LSB, but has been behaving that way in Debian under SysV +# init and upstart +After=network-online.target + +# Often contains status messages which users expect to see on the console +# during boot +[Service] +StandardOutput=journal+console +StandardError=journal+console diff --git a/debian/extra/units/systemd-localed.service.d/x11-keyboard.conf b/debian/extra/units/systemd-localed.service.d/x11-keyboard.conf new file mode 100644 index 0000000..7c7f91f --- /dev/null +++ b/debian/extra/units/systemd-localed.service.d/x11-keyboard.conf @@ -0,0 +1,4 @@ +[Service] +# systemd-localed will try to write to /etc/X11/xorg.conf.d/00-keyboard.conf +# if it can, but we don't use it. Make the path read-only so that it skips it. +ReadOnlyPaths=-/etc/X11/xorg.conf.d/ diff --git a/debian/extra/units/systemd-logind.service.d/dbus.conf b/debian/extra/units/systemd-logind.service.d/dbus.conf new file mode 100644 index 0000000..bd78263 --- /dev/null +++ b/debian/extra/units/systemd-logind.service.d/dbus.conf @@ -0,0 +1,9 @@ +# logind fails to start in minimal environments without dbus, such as LXC +# containers or servers. Add a startup condition to avoid the very noisy +# startup failure. +# Consider both dbus-daemon (the reference implementation) and dbus-broker. +# See https://bugs.debian.org/772700 + +[Unit] +ConditionPathExists=|/usr/bin/dbus-daemon +ConditionPathExists=|/usr/bin/dbus-broker diff --git a/debian/extra/units/systemd-udevd.service.d/syscall-architecture.conf b/debian/extra/units/systemd-udevd.service.d/syscall-architecture.conf new file mode 100644 index 0000000..0395c2d --- /dev/null +++ b/debian/extra/units/systemd-udevd.service.d/syscall-architecture.conf @@ -0,0 +1,7 @@ +# We can't really control what helper programs are run from other udev +# rules. E.g. running i386 binaries under amd64 is a valid use case and +# should not trigger a SIGSYS failure. +# https://bugs.debian.org/869719 + +[Service] +SystemCallArchitectures= |