[gentoo-commits] repo/gentoo:master commit in: sys-apps/systemd/, sys-apps/systemd/files/ - gentoo-commits

From:	Georgy Yakovlev <gyakovlev@g.o>
To:	gentoo-commits@l.g.o
Subject:	[gentoo-commits] repo/gentoo:master commit in: sys-apps/systemd/, sys-apps/systemd/files/
Date:	Sun, 07 Nov 2021 05:27:33
Message-Id:	`1636262772.c897165ab00b566f2a21db3bb1d8da0fee67bfc8.gyakovlev@gentoo`

1

commit:     c897165ab00b566f2a21db3bb1d8da0fee67bfc8

2

Author:     Georgy Yakovlev <gyakovlev <AT> gentoo <DOT> org>

3

AuthorDate: Mon Nov  1 23:33:10 2021 +0000

4

Commit:     Georgy Yakovlev <gyakovlev <AT> gentoo <DOT> org>

5

CommitDate: Sun Nov  7 05:26:12 2021 +0000

6

URL:        https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=c897165a

7

8

sys-apps/systemd: add hostnamed-fallback mode

9

10

this will allow networkd/hostnamed to properly set hostname

11

on systems without polkit.

12

13

while it's possible to set hostname/fqdn manually already, with fallback workaround

14

it will be possible to get hostnames from DHCP via networkd too without

15

using polkit->spidermonkey->rust->llvm chain of deps.

16

17

ideas and configs taken from yocto/oe

18

https://git.yoctoproject.org/cgit/cgit.cgi/poky/commit/?id=3dc37c12c17d5bb6d4701a425a4f79f6e31784ee

19

20

https://github.com/systemd/systemd/issues/13501

21

Closes: https://github.com/gentoo/gentoo/pull/22792

22

Signed-off-by: Georgy Yakovlev <gyakovlev <AT> gentoo.org>

23

24

 sys-apps/systemd/files/00-hostnamed-network-user.conf   |  6 ++++++

25

 .../files/org.freedesktop.hostname1_no_polkit.conf      | 11 +++++++++++

26

 sys-apps/systemd/metadata.xml                           |  1 +

27

 sys-apps/systemd/systemd-9999.ebuild                    | 17 ++++++++++++++++-

28

 4 files changed, 34 insertions(+), 1 deletion(-)

29

30

diff --git a/sys-apps/systemd/files/00-hostnamed-network-user.conf b/sys-apps/systemd/files/00-hostnamed-network-user.conf

31

new file mode 100644

32

index 00000000000..6b224ba9b93

33

--- /dev/null

34

+++ b/sys-apps/systemd/files/00-hostnamed-network-user.conf

35

@@ -0,0 +1,6 @@

36

+[Service]

37

+# By running with these options instead of root, networkd is allowed to request

38

+# a hostname change via DBUS when policykit is not present

39

+User=systemd-network

40

+Group=systemd-hostname

41

+AmbientCapabilities=CAP_SYS_ADMIN

42

43

diff --git a/sys-apps/systemd/files/org.freedesktop.hostname1_no_polkit.conf b/sys-apps/systemd/files/org.freedesktop.hostname1_no_polkit.conf

44

new file mode 100644

45

index 00000000000..f4d0271cdb6

46

--- /dev/null

47

+++ b/sys-apps/systemd/files/org.freedesktop.hostname1_no_polkit.conf

48

@@ -0,0 +1,11 @@

49

+<?xml version="1.0"?> <!--*-nxml-*-->

50

+<!DOCTYPE busconfig PUBLIC "-//freedesktop//DTD D-BUS Bus Configuration 1.0//EN"

51

+        "http://www.freedesktop.org/standards/dbus/1.0/busconfig.dtd">

52

+

53

+<busconfig>

54

+        <policy group="systemd-hostname">

55

+                <allow own="org.freedesktop.hostname1"/>

56

+                <allow send_destination="org.freedesktop.hostname1"/>

57

+                <allow receive_sender="org.freedesktop.hostname1"/>

58

+        </policy>

59

+</busconfig>

60

61

diff --git a/sys-apps/systemd/metadata.xml b/sys-apps/systemd/metadata.xml

62

index b35d6bfbd41..cd0754d004d 100644

63

--- a/sys-apps/systemd/metadata.xml

64

+++ b/sys-apps/systemd/metadata.xml

65

@@ -20,6 +20,7 @@

66

 		<flag name="fido2">Enable FIDO2 support</flag>

67

 		<flag name="gcrypt">Enable sealing of journal files using gcrypt</flag>

68

 		<flag name="homed">Enable portable home directories</flag>

69

+		<flag name="hostnamed-fallback">Enable setting hostname with networkd/hostnamed without polkit (requires running <pkg>sys-apps/dbus-broker</pkg>)</flag>

70

 		<flag name="http">Enable embedded HTTP server in journald</flag>

71

 		<flag name="hwdb">Enable support for the hardware database</flag>

72

 		<flag name="importd">Enable import daemon</flag>

73

74

diff --git a/sys-apps/systemd/systemd-9999.ebuild b/sys-apps/systemd/systemd-9999.ebuild

75

index 8348517478b..485b6498181 100644

76

--- a/sys-apps/systemd/systemd-9999.ebuild

77

+++ b/sys-apps/systemd/systemd-9999.ebuild

78

@@ -30,11 +30,12 @@ HOMEPAGE="https://www.freedesktop.org/wiki/Software/systemd"

79

80

 LICENSE="GPL-2 LGPL-2.1 MIT public-domain"

81

 SLOT="0/2"

82

-IUSE="acl apparmor audit build cgroup-hybrid cryptsetup curl dns-over-tls elfutils fido2 +gcrypt gnuefi homed http +hwdb idn importd +kmod +lz4 lzma nat pam pcre pkcs11 policykit pwquality qrcode repart +resolvconf +seccomp selinux split-usr +sysv-utils test tpm vanilla xkb +zstd"

83

+IUSE="acl apparmor audit build cgroup-hybrid cryptsetup curl dns-over-tls elfutils fido2 +gcrypt gnuefi homed hostnamed-fallback http +hwdb idn importd +kmod +lz4 lzma nat pam pcre pkcs11 policykit pwquality qrcode repart +resolvconf +seccomp selinux split-usr +sysv-utils test tpm vanilla xkb +zstd"

84

85

 REQUIRED_USE="

86

 	homed? ( cryptsetup pam )

87

 	importd? ( curl gcrypt lzma )

88

+	policykit? ( !hostnamed-fallback )

89

 	pwquality? ( homed )

90

"

91

 RESTRICT="!test? ( test )"

92

@@ -117,6 +118,10 @@ RDEPEND="${COMMON_DEPEND}

93

 	>=acct-user/systemd-resolve-0-r1

94

 	>=acct-user/systemd-timesync-0-r1

95

 	>=sys-apps/baselayout-2.2

96

+	hostnamed-fallback? (

97

+		acct-group/systemd-hostname

98

+		sys-apps/dbus-broker

99

+	)

100

 	selinux? ( sec-policy/selinux-base-policy[systemd] )

101

 	sysv-utils? (

102

 		!sys-apps/openrc[sysv-utils(-)]

103

@@ -400,6 +405,16 @@ multilib_src_install_all() {

104

 		dosym ../../../lib/systemd/systemd-shutdown /usr/lib/systemd/systemd-shutdown

105

fi

106

107

+	# workaround for https://github.com/systemd/systemd/issues/13501

108

+	if use hostnamed-fallback; then

109

+		# this file requires dbus-broker

110

+		insinto /usr/share/dbus-1/system.d/

111

+		doins "${FILESDIR}/org.freedesktop.hostname1_no_polkit.conf"

112

+

113

+		insinto "${rootprefix}/lib/systemd/system/systemd-hostnamed.service.d/"

114

+		doins "${FILESDIR}/00-hostnamed-network-user.conf"

115

+	fi

116

+

117

 	gen_usr_ldscript -a systemd udev

118

}

1	commit: c897165ab00b566f2a21db3bb1d8da0fee67bfc8
2	Author: Georgy Yakovlev <gyakovlev <AT> gentoo <DOT> org>
3	AuthorDate: Mon Nov 1 23:33:10 2021 +0000
4	Commit: Georgy Yakovlev <gyakovlev <AT> gentoo <DOT> org>
5	CommitDate: Sun Nov 7 05:26:12 2021 +0000
6	URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=c897165a
7
8	sys-apps/systemd: add hostnamed-fallback mode
9
10	this will allow networkd/hostnamed to properly set hostname
11	on systems without polkit.
12
13	while it's possible to set hostname/fqdn manually already, with fallback workaround
14	it will be possible to get hostnames from DHCP via networkd too without
15	using polkit->spidermonkey->rust->llvm chain of deps.
16
17	ideas and configs taken from yocto/oe
18	https://git.yoctoproject.org/cgit/cgit.cgi/poky/commit/?id=3dc37c12c17d5bb6d4701a425a4f79f6e31784ee
19
20	https://github.com/systemd/systemd/issues/13501
21	Closes: https://github.com/gentoo/gentoo/pull/22792
22	Signed-off-by: Georgy Yakovlev <gyakovlev <AT> gentoo.org>
23
24	sys-apps/systemd/files/00-hostnamed-network-user.conf \| 6 ++++++
25	.../files/org.freedesktop.hostname1_no_polkit.conf \| 11 +++++++++++
26	sys-apps/systemd/metadata.xml \| 1 +
27	sys-apps/systemd/systemd-9999.ebuild \| 17 ++++++++++++++++-
28	4 files changed, 34 insertions(+), 1 deletion(-)
29
30	diff --git a/sys-apps/systemd/files/00-hostnamed-network-user.conf b/sys-apps/systemd/files/00-hostnamed-network-user.conf
31	new file mode 100644
32	index 00000000000..6b224ba9b93
33	--- /dev/null
34	+++ b/sys-apps/systemd/files/00-hostnamed-network-user.conf
35	@@ -0,0 +1,6 @@
36	+[Service]
37	+# By running with these options instead of root, networkd is allowed to request
38	+# a hostname change via DBUS when policykit is not present
39	+User=systemd-network
40	+Group=systemd-hostname
41	+AmbientCapabilities=CAP_SYS_ADMIN
42
43	diff --git a/sys-apps/systemd/files/org.freedesktop.hostname1_no_polkit.conf b/sys-apps/systemd/files/org.freedesktop.hostname1_no_polkit.conf
44	new file mode 100644
45	index 00000000000..f4d0271cdb6
46	--- /dev/null
47	+++ b/sys-apps/systemd/files/org.freedesktop.hostname1_no_polkit.conf
48	@@ -0,0 +1,11 @@
49	+<?xml version="1.0"?> <!---nxml--->
50	+<!DOCTYPE busconfig PUBLIC "-//freedesktop//DTD D-BUS Bus Configuration 1.0//EN"
51	+ "http://www.freedesktop.org/standards/dbus/1.0/busconfig.dtd">
52	+
53	+<busconfig>
54	+ <policy group="systemd-hostname">
55	+ <allow own="org.freedesktop.hostname1"/>
56	+ <allow send_destination="org.freedesktop.hostname1"/>
57	+ <allow receive_sender="org.freedesktop.hostname1"/>
58	+ </policy>
59	+</busconfig>
60
61	diff --git a/sys-apps/systemd/metadata.xml b/sys-apps/systemd/metadata.xml
62	index b35d6bfbd41..cd0754d004d 100644
63	--- a/sys-apps/systemd/metadata.xml
64	+++ b/sys-apps/systemd/metadata.xml
65	@@ -20,6 +20,7 @@
66	<flag name="fido2">Enable FIDO2 support</flag>
67	<flag name="gcrypt">Enable sealing of journal files using gcrypt</flag>
68	<flag name="homed">Enable portable home directories</flag>
69	+ <flag name="hostnamed-fallback">Enable setting hostname with networkd/hostnamed without polkit (requires running <pkg>sys-apps/dbus-broker</pkg>)</flag>
70	<flag name="http">Enable embedded HTTP server in journald</flag>
71	<flag name="hwdb">Enable support for the hardware database</flag>
72	<flag name="importd">Enable import daemon</flag>
73
74	diff --git a/sys-apps/systemd/systemd-9999.ebuild b/sys-apps/systemd/systemd-9999.ebuild
75	index 8348517478b..485b6498181 100644
76	--- a/sys-apps/systemd/systemd-9999.ebuild
77	+++ b/sys-apps/systemd/systemd-9999.ebuild
78	@@ -30,11 +30,12 @@ HOMEPAGE="https://www.freedesktop.org/wiki/Software/systemd"
79
80	LICENSE="GPL-2 LGPL-2.1 MIT public-domain"
81	SLOT="0/2"
82	-IUSE="acl apparmor audit build cgroup-hybrid cryptsetup curl dns-over-tls elfutils fido2 +gcrypt gnuefi homed http +hwdb idn importd +kmod +lz4 lzma nat pam pcre pkcs11 policykit pwquality qrcode repart +resolvconf +seccomp selinux split-usr +sysv-utils test tpm vanilla xkb +zstd"
83	+IUSE="acl apparmor audit build cgroup-hybrid cryptsetup curl dns-over-tls elfutils fido2 +gcrypt gnuefi homed hostnamed-fallback http +hwdb idn importd +kmod +lz4 lzma nat pam pcre pkcs11 policykit pwquality qrcode repart +resolvconf +seccomp selinux split-usr +sysv-utils test tpm vanilla xkb +zstd"
84
85	REQUIRED_USE="
86	homed? ( cryptsetup pam )
87	importd? ( curl gcrypt lzma )
88	+ policykit? ( !hostnamed-fallback )
89	pwquality? ( homed )
90	"
91	RESTRICT="!test? ( test )"
92	@@ -117,6 +118,10 @@ RDEPEND="${COMMON_DEPEND}
93	>=acct-user/systemd-resolve-0-r1
94	>=acct-user/systemd-timesync-0-r1
95	>=sys-apps/baselayout-2.2
96	+ hostnamed-fallback? (
97	+ acct-group/systemd-hostname
98	+ sys-apps/dbus-broker
99	+ )
100	selinux? ( sec-policy/selinux-base-policy[systemd] )
101	sysv-utils? (
102	!sys-apps/openrc[sysv-utils(-)]
103	@@ -400,6 +405,16 @@ multilib_src_install_all() {
104	dosym ../../../lib/systemd/systemd-shutdown /usr/lib/systemd/systemd-shutdown
105	fi
106
107	+ # workaround for https://github.com/systemd/systemd/issues/13501
108	+ if use hostnamed-fallback; then
109	+ # this file requires dbus-broker
110	+ insinto /usr/share/dbus-1/system.d/
111	+ doins "${FILESDIR}/org.freedesktop.hostname1_no_polkit.conf"
112	+
113	+ insinto "${rootprefix}/lib/systemd/system/systemd-hostnamed.service.d/"
114	+ doins "${FILESDIR}/00-hostnamed-network-user.conf"
115	+ fi
116	+
117	gen_usr_ldscript -a systemd udev
118	}

Gentoo Archives: gentoo-commits