diff --git a/core/systemd/.SRCINFO b/core/systemd/.SRCINFO
index ec3039ba2..e44add1a6 100644
--- a/core/systemd/.SRCINFO
+++ b/core/systemd/.SRCINFO
@@ -1,5 +1,5 @@
pkgbase = systemd
- pkgver = 256.6
+ pkgver = 256.7
pkgrel = 1
url = https://www.github.com/systemd/systemd
arch = x86_64
@@ -52,8 +52,9 @@ pkgbase = systemd
makedepends = libpwquality
makedepends = qrencode
makedepends = lib32-gcc-libs
+ makedepends = linux-headers
conflicts = mkinitcpio<38-1
- source = git+https://github.com/systemd/systemd#tag=v256.6?signed
+ source = git+https://github.com/systemd/systemd#tag=v256.7?signed
source = 0001-Use-Arch-Linux-device-access-groups.patch
source = arch.conf
source = loader.conf
@@ -74,13 +75,13 @@ pkgbase = systemd
validpgpkeys = A9EA9081724FFAE0484C35A1A81CEA22BC8C7E2E
validpgpkeys = 9A774DB5DB996C154EBBFBFDA0099A18E29326E1
validpgpkeys = 5C251B5FC54EB2F80F407AAAC54CA336CFEB557E
- sha512sums = e9fc19946f329aa89c1014a735d4d7828cebaa32ece8244b79e101c41d1c0cb0207b4109ce55d14204b0915f6cac57ace6286c6abaebd809031949693131de16
+ sha512sums = 468f772b3dfa83483da75516499c50159206dc5f8e26d7a62fc08437c93a4e536c0b27ee7fa5ac11fb1bc27a9c0e41315261751e5cc7428629a30849aeb23386
sha512sums = 3ccf783c28f7a1c857120abac4002ca91ae1f92205dcd5a84aff515d57e706a3f9240d75a0a67cff5085716885e06e62597baa86897f298662ec36a940cf410e
sha512sums = 61032d29241b74a0f28446f8cf1be0e8ec46d0847a61dadb2a4f096e8686d5f57fe5c72bcf386003f6520bc4b5856c32d63bf3efe7eb0bc0deefc9f68159e648
sha512sums = c416e2121df83067376bcaacb58c05b01990f4614ad9de657d74b6da3efa441af251d13bf21e3f0f71ddcb4c9ea658b81da3d915667dc5c309c87ec32a1cb5a5
sha512sums = 5a1d78b5170da5abe3d18fdf9f2c3a4d78f15ba7d1ee9ec2708c4c9c2e28973469bc19386f70b3cf32ffafbe4fcc4303e5ebbd6d5187a1df3314ae0965b25e75
sha512sums = b90c99d768dc2a4f020ba854edf45ccf1b86a09d2f66e475de21fe589ff7e32c33ef4aa0876d7f1864491488fd7edb2682fc0d68e83a6d4890a0778dc2d6fe19
- sha512sums = 3cb8f88c1bffc753d0c540be5d25a0fdb9224478cca64743b5663340f2f26b197775286e6e680228db54c614dcd11da1135e625674a622127681662bec4fa886
+ sha512sums = 2f12d7d00cf46334024db0382608a29e066f28eefe492438ab29fda505e80ad32d46f87a00ca41ae6567ff9b7835cf80c604baec0ee92b59ec6510b8508177a8
sha512sums = 299dcc7094ce53474521356647bdd2fb069731c08d14a872a425412fcd72da840727a23664b12d95465bf313e8e8297da31259508d1c62cc2dcea596160e21c5
sha512sums = 0d6bc3d928cfafe4e4e0bc04dbb95c5d2b078573e4f9e0576e7f53a8fab08a7077202f575d74a3960248c4904b5f7f0661bf17dbe163c524ab51dd30e3cb80f7
sha512sums = 2b50b25e8680878f7974fa9d519df7e141ca11c4bfe84a92a5d01bb193f034b1726ea05b3c0030bad1fbda8dbb78bf1dc7b73859053581b55ba813c39b27d9dc
@@ -99,7 +100,7 @@ pkgname = systemd
license = CC0-1.0
license = GPL-2.0-or-later
license = MIT-0
- depends = systemd-libs=256.6
+ depends = systemd-libs=256.7
depends = acl
depends = libacl.so
depends = bash
@@ -147,8 +148,8 @@ pkgname = systemd
optdepends = libp11-kit: support PKCS#11
optdepends = tpm2-tss: unlocking LUKS2 volumes with TPM2
provides = nss-myhostname
- provides = systemd-tools=256.6
- provides = udev=256.6
+ provides = systemd-tools=256.7
+ provides = udev=256.7
conflicts = nss-myhostname
conflicts = systemd-tools
conflicts = udev
@@ -193,19 +194,19 @@ pkgname = systemd-libs
pkgname = systemd-resolvconf
pkgdesc = systemd resolvconf replacement (for use with systemd-resolved)
- depends = systemd=256.6
+ depends = systemd=256.7
provides = openresolv
provides = resolvconf
conflicts = resolvconf
pkgname = systemd-sysvcompat
pkgdesc = sysvinit compat for systemd
- depends = systemd=256.6
+ depends = systemd=256.7
conflicts = sysvinit
pkgname = systemd-ukify
pkgdesc = Combine kernel and initrd into a signed Unified Kernel Image
- depends = systemd=256.6
+ depends = systemd=256.7
depends = binutils
depends = python-cryptography
depends = python-pefile
diff --git a/core/systemd/PKGBUILD b/core/systemd/PKGBUILD
index 5f8846d3b..f5659cf31 100644
--- a/core/systemd/PKGBUILD
+++ b/core/systemd/PKGBUILD
@@ -13,7 +13,7 @@ pkgname=('systemd'
'systemd-resolvconf'
'systemd-sysvcompat'
'systemd-ukify')
-_tag='256.6'
+_tag='256.7'
# Upstream versioning is incompatible with pacman's version comparisons, one
# way or another. So we replace dashes and tildes with the empty string to
# make sure pacman's version comparing does the right thing for rc versions:
@@ -56,13 +56,13 @@ source=("git+https://github.com/systemd/systemd#tag=v${_tag}?signed"
'30-systemd-tmpfiles.hook'
'30-systemd-udev-reload.hook'
'30-systemd-update.hook')
-sha512sums=('e9fc19946f329aa89c1014a735d4d7828cebaa32ece8244b79e101c41d1c0cb0207b4109ce55d14204b0915f6cac57ace6286c6abaebd809031949693131de16'
+sha512sums=('468f772b3dfa83483da75516499c50159206dc5f8e26d7a62fc08437c93a4e536c0b27ee7fa5ac11fb1bc27a9c0e41315261751e5cc7428629a30849aeb23386'
'3ccf783c28f7a1c857120abac4002ca91ae1f92205dcd5a84aff515d57e706a3f9240d75a0a67cff5085716885e06e62597baa86897f298662ec36a940cf410e'
'61032d29241b74a0f28446f8cf1be0e8ec46d0847a61dadb2a4f096e8686d5f57fe5c72bcf386003f6520bc4b5856c32d63bf3efe7eb0bc0deefc9f68159e648'
'c416e2121df83067376bcaacb58c05b01990f4614ad9de657d74b6da3efa441af251d13bf21e3f0f71ddcb4c9ea658b81da3d915667dc5c309c87ec32a1cb5a5'
'5a1d78b5170da5abe3d18fdf9f2c3a4d78f15ba7d1ee9ec2708c4c9c2e28973469bc19386f70b3cf32ffafbe4fcc4303e5ebbd6d5187a1df3314ae0965b25e75'
'b90c99d768dc2a4f020ba854edf45ccf1b86a09d2f66e475de21fe589ff7e32c33ef4aa0876d7f1864491488fd7edb2682fc0d68e83a6d4890a0778dc2d6fe19'
- '3cb8f88c1bffc753d0c540be5d25a0fdb9224478cca64743b5663340f2f26b197775286e6e680228db54c614dcd11da1135e625674a622127681662bec4fa886'
+ '2f12d7d00cf46334024db0382608a29e066f28eefe492438ab29fda505e80ad32d46f87a00ca41ae6567ff9b7835cf80c604baec0ee92b59ec6510b8508177a8'
'299dcc7094ce53474521356647bdd2fb069731c08d14a872a425412fcd72da840727a23664b12d95465bf313e8e8297da31259508d1c62cc2dcea596160e21c5'
'0d6bc3d928cfafe4e4e0bc04dbb95c5d2b078573e4f9e0576e7f53a8fab08a7077202f575d74a3960248c4904b5f7f0661bf17dbe163c524ab51dd30e3cb80f7'
'2b50b25e8680878f7974fa9d519df7e141ca11c4bfe84a92a5d01bb193f034b1726ea05b3c0030bad1fbda8dbb78bf1dc7b73859053581b55ba813c39b27d9dc'
@@ -153,13 +153,13 @@ build() {
-Dman=enabled
-Dnscd=false
-Dselinux=disabled
+ -Dsshdprivsepdir=/usr/share/empty.sshd
# We disable DNSSEC by default, it still causes trouble:
# https://github.com/systemd/systemd/issues/10579
-Ddbuspolicydir=/usr/share/dbus-1/system.d
-Ddefault-dnssec=no
- -Ddefault-hierarchy=unified
-Ddefault-kill-user-processes=false
-Ddefault-locale='C.UTF-8'
-Dlocalegen-path=/usr/bin/locale-gen
diff --git a/core/systemd/systemd-hook b/core/systemd/systemd-hook
index d64341fd3..64012bde8 100644
--- a/core/systemd/systemd-hook
+++ b/core/systemd/systemd-hook
@@ -1,6 +1,6 @@
#!/bin/sh -e
-is_chrooted() {
+skip_chrooted() {
if systemd-detect-virt --chroot; then
echo >&2 " Skipped: Running in chroot."
exit 0
@@ -8,15 +8,17 @@ is_chrooted() {
}
systemd_live() {
- is_chrooted
- if [ ! -d /run/systemd/system ]; then
+ skip_chrooted
+
+ if ! systemd-notify --booted &>/dev/null; then
echo >&2 " Skipped: Current root is not booted."
exit 0
fi
}
udevd_live() {
- is_chrooted
+ skip_chrooted
+
if [ ! -S /run/udev/control ]; then
echo >&2 " Skipped: Device manager is not running."
exit 0
diff --git a/core/systemd/systemd.install b/core/systemd/systemd.install
index 3b1a60b36..67f447d3e 100644
--- a/core/systemd/systemd.install
+++ b/core/systemd/systemd.install
@@ -4,12 +4,6 @@ sd_booted() {
[[ -d run/systemd/system && ! -L run/systemd/system ]]
}
-add_journal_acls() {
- # ignore errors, since the filesystem might not support ACLs
- setfacl -Rnm g:wheel:rx,d:g:wheel:rx,g:adm:rx,d:g:adm:rx var/log/journal/ 2>/dev/null
- :
-}
-
post_common() {
systemd-sysusers
journalctl --update-catalog
@@ -24,8 +18,6 @@ post_install() {
post_common "$@"
- add_journal_acls
-
# enable some services by default, but don't track them
systemctl enable \
getty@tty1.service \