Update systemd from 27 to 238 #621
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
|
Oh my gosh, you've made it. Great! Looking forward to test and merge this! |
|
UDisks is now updated (rebuilt) from 1.0.2 to 2.1.8. Updating the package shows the messages below. |
|
Reported VLC 3.0.0 build error upstream. |
|
Best use full version for |
|
Why do we need "/var/run" to be a symlink? Systemds var-run.mount unit bind-mounts /run to /var/run, so /run and /var/run are already the same. |
|
Am 17.02.2018 um 19:50 schrieb Donald Buczek:
Why do we need "/var/run" to be a symlink? Systemds var-run.mount
unit bind-mounts /run to /var/run, so /run and /var/run are already
the same.
Good question. At least on *rabammel* after the update of `systemd` and
a reboot, `system_bus_socket` only existed in `/var/run/dbus/` and not
`/run`.
|
|
I couldn’t clarify until now due to the Vodafone Internet outage. There are several packages, like D-Bus, creating directories under |
|
pmenzel
force-pushed
the
update-systemd-from-27-to-237
branch
2 times, most recently
from
09bd419
to
4e16688
Compare
|
Tried on sigusr2 and bricked it :-) |
|
Am 19.02.2018 um 10:34 schrieb Donald Buczek:
Tried on sigusr2 and bricked it :-)
Ah, maybe you have to specify `init=/lib/systemd/systemd` on the Linux
command line.
I thought I had updated that on *deinemuddah*, but maybe only on
*rabammel*. The question, how to deal with too, as there are symbolic
links in the system, not part of the systemd v27 bee package. Sorry, if
that was the problem.
|
|
if /var/run is a mounted tmpfs, |
pmenzel
force-pushed
the
update-systemd-from-27-to-237
branch
from
4e16688
to
3ad7c39
Compare
|
Am 19.02.2018 um 10:42 schrieb Donald Buczek:
The rename of fhs-1-1.bee to fhs.be0 is in 75d3acc "fhs: Create
directories and symlinks according to latest FHS" not in the previous
commit ee07e0d "fhs: Convert to versionless bee file" where it
belongs.
Thank you. Fixed.
D-Bus 1.12.4 is rebuilt, the version of the FHS package is now 3.0
instead of 8.1.
|
|
sigusr2 could boot with added |
|
Am 19.02.2018 um 10:57 schrieb Donald Buczek:
_sigusr2_ could boot with added `init=/lib/systemd/systemd`
In the package systemd v27, `/usr/bin/systemd` is not included, and it
looks like `/bin/systemd` was moved to `/usr/bin/systemd`, and a
symbolic link was added.
```
$ sudo bee query /bin/systemd
systemd-27-0.x86_64
/bin/systemd
/bin/systemd-ask-password
/bin/systemd-machine-id-setup
/bin/systemd-notify
/bin/systemd-tmpfiles
/bin/systemd-tty-ask-password-agent
/usr/bin/systemd-analyze
/usr/bin/systemd-cgls
/usr/bin/systemd-gnome-ask-password-agent
/usr/bin/systemd-nspawn
/usr/bin/systemd-stdio-bridge
$ ls -l /usr/bin/systemd
-rwxr-xr-x 1 root system 2768685 May 20 2011 /usr/bin/systemd
$ md5sum /usr/bin/systemd /bin/systemd
ed9436b95e39f713a8f1c241eec3cd84 /usr/bin/systemd
ed9436b95e39f713a8f1c241eec3cd84 /bin/systemd
$ ls -l /bin/systemd
lrwxrwxrwx 1 root system 16 Mar 17 2014 /bin/systemd -> /usr/bin/systemd
```
So, a solution for that has to be found, too.
For `/lib/systemd/systemd`, I am just for updating the initramfs script.
|
|
Am 19.02.2018 um 10:45 schrieb Donald Buczek:
if /var/run is a mounted tmpfs, `bee update fsh` will not make it
into a symlink. I still don't understand this whole issue. On the
current systems /var/run mounts the same tmpfs ans /run. How can the
content of /run and /var/run ever become different?
It’s not about differences. Newer systemd doesn’t seem to bind mount it,
when there are already files in `/var/run`, which happens for example,
if you install the system with the MarIuX installer. But I need to check
that theory.
|
|
How does the boot work now? initramfs/init defaults to /sbin/init and there is no override in grub.cfg. But /sbin/init is from sysvinit-2.88dsf-2.x86_64 ? |
Looks to me, that it never mounts it (there no longer is a var-run.mount unit) but assumes the symlink. |
|
Am 19.02.2018 um 11:18 schrieb Donald Buczek:
> Newer systemd doesn’t seem to bind mount it, when there are already
> files in `/var/run`, which happens for example, if you install the
> system with the MarIuX installer.
Looks to me, that it never mounts it (there no longer is a
var-run.mount unit) but assumes the symlink.
Indeed. From the change-log of systemd v183.
… * var-run.mount and var-lock.mount are no longer provided
(which previously bind mounted these directories to their new
places). Distributions which have not converted these
directories to symlinks should consider stealing these files
from git history and add them downstream
|
|
Stupid me. Its from the kernel config |
|
Am 19.02.2018 um 11:10 schrieb Donald Buczek:
How does the boot work now? initramfs/init defaults to /sbin/init and
there is no override in grub.cfg. But /sbin/init is from
sysvinit-2.88dsf-2.x86_64 ?
I just added `init=/lib/systemd/systemd` in `/boot/grub/grub.cfg` on
*rabammel*. I looked into the initramfs, but only came as far as you,
and didn’t investigate, what `/sbin/init` actually does. `/sbin/init` is
still used in the LFS initscript [1].
Reading the Linux From Scratch systemd section [2] again, `/sbin/init`
should point to `../lib/systemd/systemd`.
```
Create the Sysvinit compatibility symlinks, so systemd is used as the default init system:
for tool in runlevel reboot shutdown poweroff halt telinit; do
ln -sfv ../bin/systemctl /sbin/${tool}
done
ln -sfv ../lib/systemd/systemd /sbin/init
```
I should update the systemd package to create that symbolic link, and
look into removing the package sysvinit too.
[1] http://www.linuxfromscratch.org/blfs/view/systemd/postlfs/initramfs.html
[2] http://www.linuxfromscratch.org/lfs/view/systemd/chapter06/systemd.html
|
pmenzel
force-pushed
the
update-systemd-from-27-to-237
branch
from
3ad7c39
to
e096c53
Compare
|
Then there are our few leftover lilo systems which have append="init=/bin/systemd" ini /etc/lilo.conf. But these can be changed easily. [EDIT: several times...] |
|
Put the update script into the repository (perhaps remove it before merge)? So I can reset a test system, pull the branch, run the script.... And if this changed (version, added or removed packages) the script would change, too. |
|
We could
Need to exclude /var/run from dist until all systems have changed. |
|
Am 19.02.2018 um 12:34 schrieb Donald Buczek:
We could
1. re-add the var-run.mount unit
2. change the (hidden) directory /var/run into a (hidden) symbolic link to /run on all systems
3. change /var/run into a symbolic link to /run from initramfs/init.
If option 2 is easily implemented, I’d prefer that.
Need to exclude /var/run from dist until all systems have changed.
Strange, that it was distributed anyway, and that it worked.
|
From the manual page systemd-resolved(8): > /ETC/RESOLV.CONF > Four modes of handling /etc/resolv.conf (see resolv.conf(5)) > are supported: > > · systemd-resolved maintains the > /run/systemd/resolve/stub-resolv.conf file for > compatibility with traditional Linux programs. This file > may be symlinked from /etc/resolv.conf. This file lists the > 127.0.0.53 DNS stub (see above) as the only DNS server. It > also contains a list of search domains that are in use by > systemd-resolved. The list of search domains is always kept > up-to-date. […]
Add the search domain `molgen.mpg.de`.
Several packages still depend on these shared library versions, so add a compatibility package to avoid rebuilding them. A lot of them are KDE packages.
…onfig tag is not present
udev rules work as expected, so use them.
Currently, systemd-networkd assigns IPv6 addresses, which is unwanted.
…solved [1] https://de.wikipedia.org/wiki/Link-local_Multicast_Name_Resolution [2] https://github.com/systemd/systemd/issues/6224#issuecomment-312639959 [3] https://github.com/systemd/systemd/issues/2514#issuecomment-179203186 [4] https://github.com/systemd/systemd/issues/4821#issuecomment-264995354
This reverts commit 6aa5581. Some GnuTLS files are linked against some libunbound.so.2`, so keep the unbound package around, despite using Unbound anymore. ``` MISS libunbound.so.2 /usr/bin/danetool MISS libunbound.so.2 /usr/bin/gnutls-cli MISS libunbound.so.2 /usr/lib/libgnutls-dane.so.0.4.1 ```
From the manual page logind.conf(5): > KillUserProcesses= > Takes a boolean argument. Configures whether the processes of a > user should be killed when the user logs out. If true, the scope > unit corresponding to the session and all processes inside that > scope will be terminated. If false, the scope is "abandoned", see > systemd.scope(5), and processes are not killed. Defaults to "yes", > but see the options KillOnlyUsers= and KillExcludeUsers= below. > > In addition to session processes, user process may run under the > user manager unit user@.service. Depending on the linger settings, > this may allow users to run processes independent of their login > sessions. See the description of enable-linger in loginctl(1). > > Note that setting KillUserProcesses=yes will break tools like > screen(1) and tmux(1), unless they are moved out of the session > scope. See example in systemd-run(1).
[Announcement][1]:
> CHANGES WITH 238:
>
> * The MemoryAccounting= unit property now defaults to on. After
> discussions with the upstream control group maintainers we learnt
> that the negative impact of cgroup memory accounting on current
> kernels is finally relatively minimal, so that it should be safe to
> enable this by default without affecting system performance. Besides
> memory accounting only task accounting is turned on by default, all
> other forms of resource accounting (CPU, IO, IP) remain off for now,
> because it's not clear yet that their impact is small enough to move
> from opt-in to opt-out. We recommend downstreams to leave memory
> accounting on by default if kernel 4.14 or higher is are primarily
> used. On very resource constrained systems or when support for old
> kernels is a necessity, -Dmemory-accounting-default=false can be
> used to revert this change.
>
> * rpm scriptlets to update the udev hwdb and rules
> (%udev_hwdb_update, %udev_rules_update) and the journal catalog
> (%journal_catalog_update) from the upgrade scriptlets of individual
> packages now do nothing. Transfiletriggers have been added which will
> perform those updates once at the end of the transaction.
>
> Similar transfiletriggers have been added to execute any sysctl.d and
> binfmt.d rules. Thus, it should be unnecessary to provide any
> scriptlets to execute this configuration from package installation
> scripts.
>
> * systemd-sysusers gained a mode where the configuration to execute
> is specified on the command line, but this configuration is not
> executed directly, but instead it is merged with the configuration on
> disk, and the result is executed. This is useful for package
> installation scripts which want to create the user before installing
> any files on disk (in case some of those files are owned by that
> user), while still allowing local admin overrides.
>
> This functionality is exposed to rpm scriplets through a new
> %sysusers_create_package macro. Old %sysusers_create and
> %sysusers_create_inline macros are deprecated.
>
> A transfiletrigger for sysusers.d configuration is now installed,
> which means that it should be uncessary to call systemd-sysusers
> from package installation scripts, unless the package installs any
> files owned by those newly-created users, in which case
> %sysusers_create_package should be used.
>
> * Analogous change has been done for systemd-tmpfiles: it gained a
> mode where the command-line configuration is merged with the
> configuration on disk. This is exposed as the new
> %tmpfiles_create_package macro, and %tmpfiles_create is deprecated. A
> transfiletrigger is installed for tmpfiles.d, hence it should be
> unnecessary to call systemd-tmpfiles from package installation
> scripts.
>
> * sysusers.d configuration for a user may now also specify the group
> number, in addition to the user number ("u username 123:456"), or
> without the user number ("u username -:456").
>
> * Configution items for systemd-sysusers can now be specified as
> positional arguments when the new --inline switch is used.
>
> * The login shell of users created through sysusers.d may now be
> specified (previously, it was always /bin/sh for root and
> /sbin/nologin for other users).
>
> * systemd-analyze gained a new --global switch to look at global
> user configuration. It also gained a unit-paths verb to list the unit
> load paths that are compiled into systemd (which can be used with
> --systemd, --user, or --global).
>
> * udevadm trigger gained a new --settle/-w option to wait for any
> triggered events to finish (but just those, and not any other events
> which are triggered meanwhile).
>
> * The action that systemd-logind takes when the lid is closed and
> the machine is connected to external power can now be configured
> using HandleLidSwitchExternalPower= in logind.conf. Previously, this
> action was determined by HandleLidSwitch=, and, for backwards
> compatibility, is still is, if HandleLidSwitchExternalPower= is not
> explicitly set.
>
> * journalctl will periodically call sd_journal_process() to make it
> resilient against inotify queue overruns when journal files are
> rotated very quickly.
>
> * Two new functions in libsystemd — sd_bus_get_n_queued_read and
> sd_bus_get_n_queued_write — may be used to check the number of
> pending bus messages.
>
> * systemd gained a new
> org.freedesktop.systemd1.Manager.AttachProcessesToUnit dbus call
> which can be used to migrate foreign processes to scope and service
> units. The primary user for this new API is systemd itself: the
> systemd --user instance uses this call of the systemd --system
> instance to migrate processes if it itself gets the request to
> migrate processes and the kernel refuses this due to access
> restrictions. Thanks to this "systemd-run --scope --user …" works
> again in pure cgroups v2 environments when invoked from the user
> session scope.
>
> * A new TemporaryFileSystem= setting can be used to mask out part of
> the real file system tree with tmpfs mounts. This may be combined
> with BindPaths= and BindReadOnlyPaths= to hide files or directories
> not relevant to the unit, while still allowing some paths lower in
> the tree to be accessed.
>
> ProtectHome=tmpfs may now be used to hide user home and runtime
> directories from units, in a way that is mostly equivalent to
> "TemporaryFileSystem=/home /run/user /root".
>
> * Non-service units are now started with KeyringMode=shared by
> default. This means that mount and swapon and other mount tools have
> access to keys in the main keyring.
>
> * /sys/fs/bpf is now mounted automatically.
>
> * QNX virtualization is now detected by systemd-detect-virt and may
> be used in ConditionVirtualization=.
>
> * IPAccounting= may now be enabled also for slice units.
>
> * A new -Dsplit-bin= build configuration switch may be used to
> specify whether bin and sbin directories are merged, or if they
> should be included separately in $PATH and various listings of
> executable directories. The build configuration scripts will try to
> autodetect the proper values of -Dsplit-usr= and -Dsplit-bin= based
> on build system, but distributions are encouraged to configure this
> explicitly.
>
> * A new -Dok-color= build configuration switch may be used to change
> the colour of "OK" status messages.
>
> * UPGRADE ISSUE: serialization of units using JoinsNamespaceOf= with
> PrivateNetwork=yes was buggy in previous versions of systemd. This
> means that after the upgrade and daemon-reexec, any such units must
> be restarted.
>
> * INCOMPATIBILITY: as announced in the NEWS for 237,
> systemd-tmpfiles will not exclude read-only files owned by root from
> cleanup.
>
> Contributions from: Alan Jenkins, Alexander F Rødseth, Alexis
> Jeandet, Andika Triwidada, Andrei Gherzan, Ansgar Burchardt,
> antizealot1337, Batuhan Osman Taşkaya, Beniamino Galvani, Bill
> Yodlowsky, Caio Marcelo de Oliveira Filho, CuBiC, Daniele Medri,
> Daniel Mouritzen, Daniel Rusek, Davide Cavalca, Dimitri John Ledkov,
> Douglas Christman, Evgeny Vereshchagin, Faalagorn, Filipe
> Brandenburger, Franck Bui, futpib, Giacomo Longo, Gunnar Hjalmarsson,
> Hans de Goede, Hermann Gausterer, Iago López Galeiras, Jakub Filak,
> Jan Synacek, Jason A. Donenfeld, Javier Martinez Canillas, Jérémy
> Rosen, Lennart Poettering, Lucas Werkmeister, Mao Huang, Marco
> Gulino, Michael Biebl, Michael Vogt, MilhouseVH, Neal Gompa (ニール・ゴン
> パ), Oleander Reis, Olof Mogren, Patrick Uiterwijk, Peter Hutterer,
> Peter Portante, Piotr Drąg, Robert Antoni Buj Gelonch, Sergey
> Ptashnick, Shawn Landden, Shuang Liu, Simon Fowler, SjonHortensius,
> snorreflorre, Susant Sahani, Sylvain Plantefève, Thomas Blume, Thomas
> Haller, Vito Caputo, Yu Watanabe, Zbigniew Jędrzejewski-Szmek, Марко
> М. Костић (Marko M. Kostić)
[1]: https://lists.freedesktop.org/archives/systemd-devel/2018-March/040469.html
It looks like, systemd does it for us now with the script `tools/meson-make-symlink.sh`. No idea, why it wasn’t the case in systemd 237. ``` [BEE] => entering mee_install_post() .. mkdir: cannot create directory ‘/dev/shm/bee-root/systemd/systemd-238-0/image/sbin’: File exists ```
pmenzel
force-pushed
the
update-systemd-from-27-to-237
branch
from
73bf402
to
2a47330
Compare
|
Problem with mxnetctl interface renaming and possible fix: mariux64/mxtools#31 |
|
The systemd builtin DSN resolver suddenly failed for me on my workstation. Additionally it doesn't support the CD (checking disabled) flag on DNS request. Paul reported both ( https://github.com/systemd/systemd/issues/8451 , https://github.com/systemd/systemd/issues/8450 ) but we can not continue to roll out systemd with an unstable resolver, so IMO we need to return backup to unbound. |
|
On 03/14/2018 01:19 PM, Donald Buczek wrote:
The systemd builtin DNS resolver suddenly failed for me on my
workstation. Additionally it doesn't support the CD (checking
disabled) flag on DNS request. Paul reported both (
https://github.com/systemd/systemd/issues/8451 ,
https://github.com/systemd/systemd/issues/8450 ) but we can not
continue to roll out systemd with an unstable resolver, so IMO we
need to return backup to unbound.
I’ll update the script to keep Unbound running and configured as DNS
resolver in `/etc/resolve.conf`.
|
|
I've reenabled unbound on the mx64 distmaster&nodes (enable unbound,start unbound, restore resolv.conf) and commented out the relevant lines in /root/bin/update-systemd-from-27-to-238.sh. If your change is ready we can replace the script from the one in the repository. |
|
Next problem: SysRq 'b' : This sysrq operation is disabled. wtf? |
|
Next problem: Time is jumping backwards: |
Sign in
to join this conversation on GitHub.
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
TODO
/lib/systemd/systemd(Rebuild systemd v27 with correct symbolic links for smooth upgrade?)/tmpas tmpfs/var/runand systemd-logind (better follow-up)Finally update systemd from the almost seven year old version 27 to the current version 238. Several packages need to be updated, or rebuilt.
Use the commands below to perform the update. Note,
/var/runhas to be made a symbolic link to/run. Update/etc/pam.d/system-auth, and remove the ConsoleKit line, and makepam_systemd.sooptional and remove the parameters.Tested on rabammel.