From 7f231684fd2943d4d5585022ec8595ea1b67cf8a Mon Sep 17 00:00:00 2001 From: Sven Eden Date: Tue, 3 Jan 2017 09:38:07 +0100 Subject: [PATCH] Prep v223: Sync basic build system with upstream. --- .gitignore | 8 ++----- .travis.yml | 14 ----------- Makefile.am | 7 +++--- NEWS | 68 ++++++++++++++++++++++++++++++++++++++++++++++++++-- README | 18 ++++++++++++-- TODO | 15 +++--------- configure.ac | 46 +++++++++++++---------------------- 7 files changed, 106 insertions(+), 70 deletions(-) delete mode 100644 .travis.yml diff --git a/.gitignore b/.gitignore index 52ad32027..6a51fbbdc 100644 --- a/.gitignore +++ b/.gitignore @@ -66,7 +66,6 @@ /systemd-cgls /systemd-cgroups-agent /systemd-cgtop -/systemd-consoled /systemd-coredump /systemd-cryptsetup /systemd-cryptsetup-generator @@ -76,7 +75,6 @@ /systemd-detect-virt /systemd-efi-boot-generator /systemd-escape -/systemd-evcat /systemd-export /systemd-firstboot /systemd-fsck @@ -102,7 +100,6 @@ /systemd-machine-id-commit /systemd-machine-id-setup /systemd-machined -/systemd-modeset /systemd-modules-load /systemd-networkd /systemd-networkd-wait-online @@ -124,7 +121,6 @@ /systemd-sleep /systemd-socket-proxyd /systemd-stdio-bridge -/systemd-subterm /systemd-sysctl /systemd-system-update-generator /systemd-sysusers @@ -144,6 +140,7 @@ /test-audit-type /test-async /test-barrier +/test-bitmap /test-boot-timestamp /test-btrfs /test-bus-benchmark @@ -159,6 +156,7 @@ /test-bus-match /test-bus-objects /test-bus-policy +/test-bus-proxy /test-bus-server /test-bus-signature /test-bus-zero-copy @@ -256,8 +254,6 @@ /test-strv /test-strxcpyx /test-tables -/test-term-page -/test-term-parser /test-terminal-util /test-time /test-tmpfiles diff --git a/.travis.yml b/.travis.yml deleted file mode 100644 index 5d63474c1..000000000 --- a/.travis.yml +++ /dev/null @@ -1,14 +0,0 @@ -language: c -compiler: - - gcc -before_install: - - sudo apt-get update -qq - - sudo apt-get install autotools-dev automake autoconf libtool libdbus-1-dev libcap-dev libblkid-dev libmount-dev libpam-dev libcryptsetup-dev libaudit-dev libacl1-dev libattr1-dev libselinux-dev liblzma-dev libgcrypt-dev libqrencode-dev libmicrohttpd-dev gperf python2.7-dev -script: ./autogen.sh && ./configure && make V=1 && sudo ./systemd-machine-id-setup && make check && make distcheck -after_failure: cat test-suite.log -notifications: - irc: - channels: - - "irc.freenode.org#systemd" - on_success: change - on_failure: always diff --git a/Makefile.am b/Makefile.am index 639fd577a..9292e78a3 100644 --- a/Makefile.am +++ b/Makefile.am @@ -38,9 +38,9 @@ SUBDIRS = . po # Keep the test-suite.log .PRECIOUS: $(TEST_SUITE_LOG) Makefile -LIBELOGIND_CURRENT=9 -LIBELOGIND_REVISION=3 -LIBELOGIND_AGE=9 +LIBELOGIND_CURRENT=10 +LIBELOGIND_REVISION=0 +LIBELOGIND_AGE=10 # Dirs of external packages dbuspolicydir=@dbuspolicydir@ @@ -835,7 +835,6 @@ substitutions = \ '|RC_LOCAL_SCRIPT_PATH_START=$(RC_LOCAL_SCRIPT_PATH_START)|' \ '|RC_LOCAL_SCRIPT_PATH_STOP=$(RC_LOCAL_SCRIPT_PATH_STOP)|' \ '|PYTHON=$(PYTHON)|' \ - '|PYTHON_BINARY=$(PYTHON_BINARY)|' \ '|NTP_SERVERS=$(NTP_SERVERS)|' \ '|DNS_SERVERS=$(DNS_SERVERS)|' \ '|systemuidmax=$(SYSTEM_UID_MAX)|' \ diff --git a/NEWS b/NEWS index 3f80af378..9fc6cc6e0 100644 --- a/NEWS +++ b/NEWS @@ -1,5 +1,69 @@ systemd System and Service Manager +CHANGES WITH 223: + + * The python-systemd code has been removed from the systemd repository. + A new repository has been created which accommodates the code from + now on, and we kindly ask distributions to create a separate package + for this: https://github.com/systemd/python-systemd + + * The systemd daemon will now reload its main configuration + (/etc/systemd/system.conf) on daemon-reload. + + * sd-dhcp now exposes vendor specific extensions via + sd_dhcp_lease_get_vendor_specific(). + + * systemd-networkd gained a number of new configuration options. + + - A new boolean configuration option for TAP devices called + 'VNetHeader='. If set, the IFF_VNET_HDR flag is set for the + device, thus allowing to send and receive GSO packets. + + - A new tunnel configuration option called 'CopyDSCP='. + If enabled, the DSCP field of ip6 tunnels is copied into the + decapsulated packet. + + - A set of boolean bridge configuration options were added. + 'UseBPDU=', 'HairPin=', 'FastLeave=', 'AllowPortToBeRoot=', + and 'UnicastFlood=' are now parsed by networkd and applied to the + respective bridge link device via the respective IFLA_BRPORT_* + netlink attribute. + + - A new string configuration option to override the hostname sent + to a DHCP server, called 'Hostname='. If set and 'SendHostname=' + is true, networkd will use the configured hostname instead of the + system hostname when sending DHCP requests. + + - A new tunnel configuration option called 'IPv6FlowLabel='. If set, + networkd will configure the IPv6 flow-label of the tunnel device + according to RFC2460. + + - The 'macvtap' virtual network devices are now supported, similar to + the already supported 'macvlan' devices. + + * systemd-resolved now implements RFC5452 to improve resilience against + cache poisoning. Additionally, source port randomization is enabled + by default to further protect against DNS spoofing attacks. + + * nss-mymachines now supports translating UIDs and GIDs of running + containers with user-namespaces enabled. If a container 'foo' + translates a host uid 'UID' to the container uid 'TUID', then + nss-mymachines will also map uid 'UID' to/from username 'vu-foo-TUID' + (with 'foo' and 'TUID' replaced accordingly). Similarly, groups are + mapped as 'vg-foo-TGID'. + + Contributions from: Beniamino Galvani, cee1, Christian Hesse, Daniel + Buch, Daniel Mack, daurnimator, David Herrmann, Dimitri John Ledkov, Jan + Alexander Steffens (heftig), Johan Ouwerkerk, Jose Carlos Venegas Munoz, + Kay Sievers, Lennart Poettering, Lidong Zhong, Martin Pitt, Michael + Biebl, Michael Olbrich, Michal Schmidt, Mike Gilbert, Namhyung Kim, Nick + Owens, Peter Hutterer, Richard Maw, Steven Allen, Sungbae Yoo, Susant + Sahani, Thomas Blume, Thomas Hindoe Paaboel Andersen, Tom Gundersen, + Umut Tezduyar Lindskog, Vito Caputo, Vivenzio Pagliari, Zbigniew + Jędrzejewski-Szmek + + -- Berlin, 2015-XX-XX + CHANGES WITH 222: * udev does not longer support the WAIT_FOR_SYSFS= key in udev rules. @@ -411,7 +475,7 @@ CHANGES WITH 219: decompress bz2, xz, gzip compressed downloads if necessary, and restore sparse files on disk. The daemon uses privilege separation to ensure the actual download logic runs with - fewer privileges than the deamon itself. machinectl has + fewer privileges than the daemon itself. machinectl has gained new commands "pull-tar", "pull-raw" and "pull-dkr" to make the functionality of importd available to the user. With this in place the Fedora and Ubuntu "Cloud" @@ -502,7 +566,7 @@ CHANGES WITH 219: * systemd now provides a way to store file descriptors per-service in PID 1.This is useful for daemons to ensure that fds they require are not lost during a daemon - restart. The fds are passed to the deamon on the next + restart. The fds are passed to the daemon on the next invocation in the same way socket activation fds are passed. This is now used by journald to ensure that the various sockets connected to all the system's stdout/stderr diff --git a/README b/README index 53220ff3f..759594976 100644 --- a/README +++ b/README @@ -82,11 +82,11 @@ REQUIREMENTS: CONFIG_SECCOMP CONFIG_CHECKPOINT_RESTORE (for the kcmp() syscall) - Required for CPUShares in resource control unit settings + Required for CPUShares= in resource control unit settings CONFIG_CGROUP_SCHED CONFIG_FAIR_GROUP_SCHED - Required for CPUQuota in resource control unit settings + Required for CPUQuota= in resource control unit settings CONFIG_CFS_BANDWIDTH For systemd-bootchart, several proc debug interfaces are required: @@ -97,6 +97,15 @@ REQUIREMENTS: CONFIG_EFIVAR_FS CONFIG_EFI_PARTITION + We recommend to turn off Real-Time group scheduling in the + kernel when using systemd. RT group scheduling effectively + makes RT scheduling unavailable for most userspace, since it + requires explicit assignment of RT budgets to each unit whose + processes making use of RT. As there's no sensible way to + assign these budgets automatically this cannot really be + fixed, and it's best to disable group scheduling hence. + CONFIG_RT_GROUP_SCHED=n + Note that kernel auditing is broken when used with systemd's container code. When using systemd in conjunction with containers, please make sure to either turn off auditing at @@ -261,6 +270,11 @@ WARNINGS: false positives will be triggered by code which violates some rules but is actually safe. + Currently, systemd-timesyncd defaults to use the Google NTP + servers if not specified otherwise at configure time. You + really should not ship an OS or device with this default + setting. See DISTRO_PORTING for details. + ENGINEERING AND CONSULTING SERVICES: ENDOCODE offers professional engineering and consulting services for systemd. Please diff --git a/TODO b/TODO index 2904e2b44..9514af5a9 100644 --- a/TODO +++ b/TODO @@ -51,8 +51,6 @@ Features: * install: include generator dirs in unit file search paths -* introduce an NSS module that uses machined info to give container UIDs pretty names when user namespacing is used. - * stop using off_t, it's a crazy type. Use uint64_t instead. * logind: follow PropertiesChanged state more closely, to deal with quick logouts and relogins @@ -71,8 +69,6 @@ Features: * log accumulated resource usage after each service invocation -* networkd: dhcp server: try to assign stable IP addresses based on client's MAC address - * nspawn: a nice way to boot up without machine id set, so that it is set at boot automatically for supporting --ephemeral. Maybe hash the host machine id together with the machine name to generate the machine id for the container * logind: rename session scope so that it includes the UID. THat way @@ -98,8 +94,6 @@ Features: * nspawn: as soon as networkd has a bus interface, hook up --network-interface=, --network-bridge= with networkd, to trigger netdev creation should an interface be missing -* networkd: make DHCP server IP range configurable, including only with a single IP address - * rework C11 utf8.[ch] to use char32_t instead of uint32_t when referring to unicode chars, to make things more expressive. @@ -318,11 +312,11 @@ Features: (throughout the codebase, not only PID1) * networkd: + - make DHCP server IP range configurable, including only with a single IP address + - dhcp server: try to assign stable IP addresses based on client's MAC address - add LLDP client side support - the DHCP lease data (such as NTP/DNS) is still made available when a carrier is lost on a link. It should be removed instantly. - - .network setting that allows overriding of the hostname to send to the dhcp server - http://lists.freedesktop.org/archives/systemd-devel/2014-July/021550.html - expose in the API the following bits: - option 15, domain name and/or option 119, search list - option 12, host name and/or option 81, fqdn @@ -337,14 +331,13 @@ Features: - allow Name= to be specified repeatedly in the [Match] section. Maybe also support Name=foo*|bar*|baz ? - duplicate address check for static IPs (like ARPCHECK in network-scripts) + - allow DUID/IAID to be customized, see issue #394. * resolved: - put networkd events and rtnl events at a higher priority, so that we always process them before we process client requests - DNSSEC - - use base64 for key presentation? - add display of private key types (http://tools.ietf.org/html/rfc4034#appendix-A.1.1)? - - add nice formatting of DNS timestamps - DNS - search paths - mDNS/DNS-SD @@ -353,8 +346,6 @@ Features: - edns0 - dname - cname on PTR (?) - - maybe randomize DNS UDP source ports - - maybe compare query section of DNS replies * Allow multiple ExecStart= for all Type= settings, so that we can cover rescue.service nicely diff --git a/configure.ac b/configure.ac index 5da3365c0..8c5168b12 100644 --- a/configure.ac +++ b/configure.ac @@ -20,7 +20,7 @@ AC_PREREQ([2.64]) AC_INIT([elogind], - [222], + [223], [https://github.com/elogind/elogind/issues], [elogind], [https://github.com/elogind/elogind]) @@ -38,6 +38,11 @@ AM_INIT_AUTOMAKE([foreign 1.11 -Wall -Wno-portability silent-rules tar-pax no-di AM_SILENT_RULES([yes]) AC_CANONICAL_HOST AC_DEFINE_UNQUOTED([CANONICAL_HOST], "$host", [Canonical host string.]) + +AC_CHECK_TOOLS([AR], [gcc-ar ar], [:]) +AC_CHECK_TOOLS([NM], [gcc-nm nm], [:]) +AC_CHECK_TOOLS([RANLIB], [gcc-ranlib ranlib], [:]) + LT_PREREQ(2.2) LT_INIT([disable-static]) @@ -181,10 +186,10 @@ AS_CASE([$CC], [*clang*], -Wno-gnu-variable-sized-type-not-at-end \ ])]) -dnl AS_CASE([$CFLAGS], [*-O[[12345sz\ ]]*], -dnl [CC_CHECK_FLAGS_APPEND([with_cflags], [CFLAGS], [\ -dnl -flto -ffat-lto-objects])], -dnl [AC_MSG_RESULT([skipping -flto, optimization not enabled])]) +AS_CASE([$CFLAGS], [*-O[[12345sz\ ]]*], + [CC_CHECK_FLAGS_APPEND([with_cflags], [CFLAGS], [\ + -flto])], + [AC_MSG_RESULT([skipping -flto, optimization not enabled])]) AC_SUBST([OUR_CFLAGS], "$with_cflags $sanitizer_cflags") AS_CASE([$CFLAGS], [*-O[[12345sz\ ]]*], @@ -225,7 +230,7 @@ AC_CHECK_SIZEOF(rlim_t,,[ ]) # ------------------------------------------------------------------------------ -# we use python to build the man page index, and for systemd-python +# we use python to build the man page index have_python=no AC_ARG_WITH([python], [AS_HELP_STRING([--without-python], [Disable building the man page index and systemd-python (default: test)])]) @@ -249,28 +254,6 @@ AS_IF([test "$have_python" != "yes"], [ ]) AM_CONDITIONAL([HAVE_PYTHON], [test "x$have_python" = "xyes"]) -AS_IF([test "x$PYTHON_BINARY" = "x"], - [AS_IF([test "x$have_python" = "xyes"], - [PYTHON_BINARY="$(which "$PYTHON")"], - [PYTHON_BINARY=/usr/bin/python])]) -AC_ARG_VAR(PYTHON_BINARY, [Python binary used to launch installed scripts]) - -AS_IF([test "x$have_python" != "xyes" -a "x$enable_python_devel" = "xyes"], - [AC_MSG_ERROR([*** python-devel support requires --with-python])]) - -have_python_devel=no -AC_ARG_ENABLE(python_devel, AS_HELP_STRING([--disable-python-devel], [Do not build python modules])) -AS_IF([test "x$have_python" = "xyes" -a "x$enable_python_devel" != "xno"], [ - PKG_CHECK_MODULES([PYTHON_DEVEL], [python-${PYTHON_VERSION}], - [have_python_devel=yes], - [PKG_CHECK_MODULES([PYTHON_DEVEL], [python], - [have_python_devel=yes], - [have_python_devel=no])]) - AS_IF([test "x$have_python_devel" = xno -a "x$enable_python_devel" = xyes], - [AC_MSG_ERROR([*** python-devel support requested but libraries not found])]) - AC_PATH_PROGS(SPHINX_BUILD, sphinx-build-${PYTHON_VERSION} sphinx-build) -]) -AM_CONDITIONAL([HAVE_PYTHON_DEVEL], [test "$have_python_devel" = "yes"]) # ------------------------------------------------------------------------------ @@ -319,9 +302,10 @@ AC_CHECK_DECLS([IFLA_INET6_ADDR_GEN_MODE, IFLA_VLAN_PROTOCOL, IFLA_VXLAN_REMCSUM_NOPARTIAL, IFLA_VXLAN_LOCAL6, - IFLA_IPTUN_6RD_RELAY_PREFIXLEN, + IFLA_IPTUN_ENCAP_DPORT, + IFLA_GRE_ENCAP_DPORT, IFLA_BRIDGE_VLAN_INFO, - IFLA_BRPORT_UNICAST_FLOOD, + IFLA_BRPORT_LEARNING_SYNC, NDA_IFINDEX, IFA_FLAGS], [], [], [[ @@ -760,6 +744,7 @@ AC_MSG_RESULT([ blkid: ${have_blkid} dbus: ${have_dbus} kdbus: ${have_kdbus} + Python: ${have_python} man pages: ${have_manpages} test coverage: ${have_coverage} Split /usr: ${enable_split_usr} @@ -772,6 +757,7 @@ AC_MSG_RESULT([ includedir: ${includedir} lib dir: ${libdir} rootlib dir: ${with_rootlibdir} + Build Python: ${PYTHON} PAM modules dir: ${with_pamlibdir} PAM configuration dir: ${with_pamconfdir} D-Bus policy dir: ${with_dbuspolicydir} -- 2.30.2