gentoo resync : 10.09.2021

author: V3n3RiX <venerix@redcorelinux.org> 2021-09-10 04:21:55 +0100
committer: V3n3RiX <venerix@redcorelinux.org> 2021-09-10 04:21:55 +0100
commit: 677b7ba5c317778df2ad7e70df94b9b7eec4adbc (patch)
tree: 6c418a1546fff5becab5d8b9ed6803323e7f316e /sys-apps/systemd
parent: fbda87924e6faa7a1919f1a2b4182490bde5ec5c (diff)
7 files changed, 203 insertions, 44 deletions
diff --git a/sys-apps/systemd/Manifest b/sys-apps/systemd/Manifest
index 474a0d182d1b..5ed8ac581587 100644
--- a/sys-apps/systemd/Manifest
+++ b/sys-apps/systemd/Manifest
@@ -1,12 +1,14 @@
+AUX 249-fido2.patch 2323 BLAKE2B 5977ec0bed24f25ef3c152aab8e8b40cc91c115256cad912c22d93d4ec533921124448e0bd2d994a48ea58e0d1e38cdc7a8b0281730e68b90b58fd6f7a319d69 SHA512 a385fd7889fe3e679c70d7dd62fe468da83385eb000bd3af4b2df36e836a42d1549ba90e09e57b611e5550a6e3f95d7e8cde8e749e9a85c6dff58ce88ea611f1
+AUX 249-home-secret-assert.patch 5057 BLAKE2B 59fada3228e726110ed865e80f85c62d2faca852b3c3fdc47135123da622697e448a8c2d8826c140240210513b7474d27e71383f6d41b561790135d67d9324c1 SHA512 2ad4e15a900a27c55ca32b065ff91ea51344eeb0b5508ab6310efe2537a66e5eaa80c4acd287fb57b2d531c79528577c6fd0599e29e862c05cf81dc439a6a7f6
 AUX 249-libudev-static.patch 1454 BLAKE2B 420f9452066ccf951033c1ae1e215284fa9d11f24777c68ecd0178db5c7571ee881451300d409468c1ba3f3b2ad4b35adca5b2761309c84b315bbabd45f6b97f SHA512 4d616b4b02981c4622951a46f23519e03c2d1228453837d31fe060db70afa24722883ca57c08c55cd9fd35c720a5ef2ecb11ab3313867e1b3cfc3682e45e3f45
 AUX gentoo-generator-path-r2.patch 994 BLAKE2B 2bfb42623221291030fa9f7310e9bf747351a26f6ffd842628298787b74d4ec562bacaa9fc5365f7e854f695dab5f74bc06883fefc1f210dce4fd415926817ac SHA512 98054222ea232e120625573b6a532c312eccc02fe657152610b7d056b964bb2165fffae9d17fd986cf547af885d44c26b117fe68df5b24e2607d37f3729d0ada
 AUX gentoo-journald-audit.patch 1485 BLAKE2B 9cba28ce907330bbc1eafcf04a837987ed68272fcfa9cc34a309ff5d4cc2230f71a6f7fed42c79afb1c96605df141e8e40b2d8290d12ad3c18038269814f2df8 SHA512 d77d4dae9f8a7819c6d4855476f3163ee19f52b20f66a93e25818f0747404462c47e3cafbd82ba85ce1b3d2fdbabdd96a0398b71149b318c540d82403f8ad0ad
 AUX gentoo-systemctl-disable-sysv-sync-r1.patch 821 BLAKE2B f5ef796725e023bb1ed83b34a3e4d45bb008de9a134892a5321b37b56809c7a44530d18e33c7877177e8b64b2d89dfc2de844bed433db6d5e57831d20fbfb456 SHA512 8d697dbd305f6b95a4ddc47cf9d99a0e954f54e161bd59164917b62a78ff5c23fa2d5be2614569c0a2297595dae59e1ee71bb04da72cbe0c0807e1abd7da974d
 AUX nsswitch.conf 734 BLAKE2B 5f5a7821a84f6c8aa31fe9a68c29a1a0f24be578d427a623f14a9ef795e7da481f226efe5511d92932b5edf5638fa719808a0c3a0b8fd340799dd6bcb703a0a1 SHA512 dcbd51dacaaebdff32edb3840cc7b9b47b6521009b8786690e3673a2e78bc60bfd8e591b1048c5d452117c6659b9917ae2864462f5057cc39b704b0130522e60
 AUX systemd-user.pam 122 BLAKE2B cccc07cab47dfc0481438e503c34fa1a0b2c6b1f8ab282197719a523421d2a526f19230bb459e0347cbeb2046e35a407c78178a3fb5b79619e987cbc4ac7d5e4 SHA512 c5437677ff00fbb45798fe594e8d61b1c2bfc2d103105d7bd82e476240452477ac263700800f5d0ba91ddc895eb85f4517d5cb15c80611ec1680a686d47cd781
-DIST systemd-stable-248.6.tar.gz 10388927 BLAKE2B a102d0fd37a3422f673ced2bbd5bb88b6589195e1f436f43231fd91d79aaf9f548154a3ab2a62a9b409527b3f2e7a9ea735925364ece15c2e151d06c0e4f303f SHA512 35a9d4a9ae04423959c71ad0175d04a1792b9ab39897a497776b93cea166de58b8fb111207c104c0e747d3ffbd85480d8b0cab38e3dc0defbbf09b15211954ce
 DIST systemd-stable-249.2.tar.gz 10591728 BLAKE2B fb24c681cf2328aa26fa49a8ba20cccd1ee0fae82ec9f9931a69eaa377fc01b2ece12fdf407444514d494b8ac1418f155b0fceeff4925bebaba691f0b8a2acc8 SHA512 4f42a0b93156529a464545361436fa98193e12a7e0809315b9fdedbcf33b81dd2037acac27fb0dfefcb2679bc49ebb6da4d152ecb4b15db797c81f7ca4588a11
-EBUILD systemd-248.6.ebuild 15225 BLAKE2B e6f52236abedad5db4c80f01aeff4f5df3c9542f733945e33128e45da4ae758c2182d00583c690f359131e0bdb88968122b39360f97adf4f5b8d2ff8347c74c4 SHA512 3c03bbbb6d50b7cfb78b9f0932f988241efea10785b3f83accfe3edd9b98dd39da9572aeab5ac3779db8c72645bb1e436155b8a71800f30f12e4b1a4755428d3
-EBUILD systemd-249.2.ebuild 14928 BLAKE2B 6d2ebe202bba0e40c2ae249e1ef696370bf25383c7fedb8d025ce1f53847995f005c509bfe2a23ade70548c6852666cf8a1779166dd1a0c8292382fb36bcfbb3 SHA512 c5f8ea8a470134a38e467187dcf7bcb0144d58a7237527459fd1fc4673e5cacd383b66dc02295c5b8e6c38aa28358a26426ede6e4dc1d45800a038a0d376d29e
-EBUILD systemd-9999.ebuild 14894 BLAKE2B 76c6f116a2b7a5caada2198ded3930ece45f394d77e3a5b1f148d8f274da11fbe196cd02bb36c47f31c9776214510e8600cd1eddd3ab5a441eecd43330fb9973 SHA512 781cc16951b0fdc9ffa12595a59df304bf3beb3670ee0a83e2059b9ca515a103ac84548eab2b4d387549f3cfa46b9b44ae820d20431f1636f262711fe2c696ce
-MISC metadata.xml 2418 BLAKE2B bec7b05950f495cd678359bca70723286c33d4943407fee45e1214a53d9bfbbb25d3612a5b1bb51d885c38ea63719b3de2f0341d2b8aeb5d5919a29459cb89e4 SHA512 46979fbafe3561a722efefeb82e283e221cb930e56e9f43c25a47c299712dac21f6ef4c970afed86cb390e21dc8dd86b23eea310d5dd7e66a7a6fde250b929d7
+DIST systemd-stable-249.4.tar.gz 10593723 BLAKE2B 466b3cb27c4bc6c85c9ba50f6614175b2c31a4c177d452542faa1395e99511440029b1a093dc80a5a1a0135eed09d8b1849572f36dba4e18a1396230bfc31adb SHA512 5b9ec28102538bc3dcb632ee16389ff20dccf4b723186f6ae2da119a1809d84db0d8bcecf9b75c5e2da8427f5543e1da281bbed1a154e529d8a82ea5128c465c
+EBUILD systemd-249.2-r1.ebuild 14898 BLAKE2B 1ae761fca577ae1b19bc36348fb949464db1b178edafe53090669e2a743fd7c94a8127361612258518cbf7224dde539bfb91515218171713c722dc9c074bbcc4 SHA512 9e1819287c349534f323a7b516d7ca62522d26be8bcc82088590ffd1980be6cd6cc0ec5c04f2ed0ca61050e99a8b7030df58d9c70404966c024c6d69dab82365
+EBUILD systemd-249.4-r3.ebuild 15063 BLAKE2B 8459ba5014bfc6fc03dedb0c38a4ad481ec63086f6ade98dde04e9468097122992302899b47c78ac056c9ef953bf0bf1a51545ad47b3189c91f336d24a78799e SHA512 ad49b476361e39d0a833d5832ac5bddfdeaf929b083cdc388321d2b1d33dd79f65c80464070ec6de5d66a6e67fa2ea408c7d1ed79014cae7fe582a3d1d35092e
+EBUILD systemd-9999.ebuild 14945 BLAKE2B 20e31c4fea7aaa902f07a4bec51e864fa0597850d8a346c8391e622f57dcd9dd5ce46ac280ff34b5be685411fb373f62f81b6887257fe7bdf49ce5d209562217 SHA512 a3edc4527515791d7e508124f71ed85416f70d2ca94ccf997af5e81a93aba0d2e19de76819e78803c284aef3cf2c2a6270f2aa5d7012c0bbd02cdf98502354c2
+MISC metadata.xml 2467 BLAKE2B f4fea1d3af4d785ced74e32d5d31fd5e7d361ef1c661735e443d00828099ffb80cfde7951931b9bf0f900d06cef78923c5b198ff50678190b4ebc4befd66e6de SHA512 0abe12983b3569e58e8691a05165993d7653a1370c2c4465b926f1ec3d17d2a01897d77556fc0abe80d52b7610a52216c39a2426e8fe1db39a337c21d98a1590
diff --git a/sys-apps/systemd/files/249-fido2.patch b/sys-apps/systemd/files/249-fido2.patch
new file mode 100644
index 000000000000..bbfa4afb540e
--- /dev/null
+++ b/sys-apps/systemd/files/249-fido2.patch
@@ -0,0 +1,58 @@
+From b6aa89b0a399992c8ea762e6ec4f30cff90618f2 Mon Sep 17 00:00:00 2001
+From: pedro martelletto <pedro@yubico.com>
+Date: Wed, 8 Sep 2021 10:42:56 +0200
+Subject: [PATCH] explicitly close FIDO2 devices
+
+FIDO2 device access is serialised by libfido2 using flock().
+Therefore, make sure to close a FIDO2 device once we are done
+with it, or we risk opening it again at a later point and
+deadlocking. Fixes #20664.
+---
+ src/shared/libfido2-util.c | 2 ++
+ src/shared/libfido2-util.h | 5 ++++-
+ 2 files changed, 6 insertions(+), 1 deletion(-)
+
+diff --git a/src/shared/libfido2-util.c b/src/shared/libfido2-util.c
+index 12c644dcfcce..6d18178b68c9 100644
+--- a/src/shared/libfido2-util.c
++++ b/src/shared/libfido2-util.c
+@@ -58,6 +58,7 @@ bool (*sym_fido_dev_is_fido2)(const fido_dev_t *) = NULL;
+ int (*sym_fido_dev_make_cred)(fido_dev_t *, fido_cred_t *, const char *) = NULL;
+ fido_dev_t* (*sym_fido_dev_new)(void) = NULL;
+ int (*sym_fido_dev_open)(fido_dev_t *, const char *) = NULL;
++int (*sym_fido_dev_close)(fido_dev_t *) = NULL;
+ const char* (*sym_fido_strerr)(int) = NULL;
+ 
+ int dlopen_libfido2(void) {
+@@ -106,6 +107,7 @@ int dlopen_libfido2(void) {
+                         DLSYM_ARG(fido_dev_make_cred),
+                         DLSYM_ARG(fido_dev_new),
+                         DLSYM_ARG(fido_dev_open),
++                        DLSYM_ARG(fido_dev_close),
+                         DLSYM_ARG(fido_strerr));
+ }
+ 
+diff --git a/src/shared/libfido2-util.h b/src/shared/libfido2-util.h
+index 5640cca5e39b..4ebf8ab77509 100644
+--- a/src/shared/libfido2-util.h
++++ b/src/shared/libfido2-util.h
+@@ -60,6 +60,7 @@ extern bool (*sym_fido_dev_is_fido2)(const fido_dev_t *);
+ extern int (*sym_fido_dev_make_cred)(fido_dev_t *, fido_cred_t *, const char *);
+ extern fido_dev_t* (*sym_fido_dev_new)(void);
+ extern int (*sym_fido_dev_open)(fido_dev_t *, const char *);
++extern int (*sym_fido_dev_close)(fido_dev_t *);
+ extern const char* (*sym_fido_strerr)(int);
+ 
+ int dlopen_libfido2(void);
+@@ -75,8 +76,10 @@ static inline void fido_assert_free_wrapper(fido_assert_t **p) {
+ }
+ 
+ static inline void fido_dev_free_wrapper(fido_dev_t **p) {
+-        if (*p)
++        if (*p) {
++                sym_fido_dev_close(*p);
+                 sym_fido_dev_free(p);
++        }
+ }
+ 
+ static inline void fido_cred_free_wrapper(fido_cred_t **p) {
diff --git a/sys-apps/systemd/files/249-home-secret-assert.patch b/sys-apps/systemd/files/249-home-secret-assert.patch
new file mode 100644
index 000000000000..e6e2a8e7cc78
--- /dev/null
+++ b/sys-apps/systemd/files/249-home-secret-assert.patch
@@ -0,0 +1,106 @@
+From 6a09dbb89507449d158af6c7097d2c51ce83205f Mon Sep 17 00:00:00 2001
+From: Yu Watanabe <watanabe.yu+github@gmail.com>
+Date: Sun, 5 Sep 2021 11:16:26 +0900
+Subject: [PATCH] home: 'secret' argument of handle_generic_user_record_error
+ may be null
+
+When RefHome() bus method is called in acquire_home(), secret is NULL.
+
+Fixes #20639.
+---
+ src/home/pam_systemd_home.c | 19 ++++++++++++++++++-
+ 1 file changed, 18 insertions(+), 1 deletion(-)
+
+diff --git a/src/home/pam_systemd_home.c b/src/home/pam_systemd_home.c
+index 836ed0d5e96d..a04d50208a8e 100644
+--- a/src/home/pam_systemd_home.c
++++ b/src/home/pam_systemd_home.c
+@@ -281,7 +281,6 @@ static int handle_generic_user_record_error(
+                 const sd_bus_error *error) {
+ 
+         assert(user_name);
+-        assert(secret);
+         assert(error);
+ 
+         int r;
+@@ -301,6 +300,8 @@ static int handle_generic_user_record_error(
+         } else if (sd_bus_error_has_name(error, BUS_ERROR_BAD_PASSWORD)) {
+                 _cleanup_(erase_and_freep) char *newp = NULL;
+ 
++                assert(secret);
++
+                 /* This didn't work? Ask for an (additional?) password */
+ 
+                 if (strv_isempty(secret->password))
+@@ -326,6 +327,8 @@ static int handle_generic_user_record_error(
+         } else if (sd_bus_error_has_name(error, BUS_ERROR_BAD_PASSWORD_AND_NO_TOKEN)) {
+                 _cleanup_(erase_and_freep) char *newp = NULL;
+ 
++                assert(secret);
++
+                 if (strv_isempty(secret->password)) {
+                         (void) pam_prompt(handle, PAM_ERROR_MSG, NULL, "Security token of user %s not inserted.", user_name);
+                         r = pam_prompt(handle, PAM_PROMPT_ECHO_OFF, &newp, "Try again with password: ");
+@@ -350,6 +353,8 @@ static int handle_generic_user_record_error(
+         } else if (sd_bus_error_has_name(error, BUS_ERROR_TOKEN_PIN_NEEDED)) {
+                 _cleanup_(erase_and_freep) char *newp = NULL;
+ 
++                assert(secret);
++
+                 r = pam_prompt(handle, PAM_PROMPT_ECHO_OFF, &newp, "Security token PIN: ");
+                 if (r != PAM_SUCCESS)
+                         return PAM_CONV_ERR; /* no logging here */
+@@ -367,6 +372,8 @@ static int handle_generic_user_record_error(
+ 
+         } else if (sd_bus_error_has_name(error, BUS_ERROR_TOKEN_PROTECTED_AUTHENTICATION_PATH_NEEDED)) {
+ 
++                assert(secret);
++
+                 (void) pam_prompt(handle, PAM_ERROR_MSG, NULL, "Please authenticate physically on security token of user %s.", user_name);
+ 
+                 r = user_record_set_pkcs11_protected_authentication_path_permitted(secret, true);
+@@ -377,6 +384,8 @@ static int handle_generic_user_record_error(
+ 
+         } else if (sd_bus_error_has_name(error, BUS_ERROR_TOKEN_USER_PRESENCE_NEEDED)) {
+ 
++                assert(secret);
++
+                 (void) pam_prompt(handle, PAM_ERROR_MSG, NULL, "Please confirm presence on security token of user %s.", user_name);
+ 
+                 r = user_record_set_fido2_user_presence_permitted(secret, true);
+@@ -387,6 +396,8 @@ static int handle_generic_user_record_error(
+ 
+         } else if (sd_bus_error_has_name(error, BUS_ERROR_TOKEN_USER_VERIFICATION_NEEDED)) {
+ 
++                assert(secret);
++
+                 (void) pam_prompt(handle, PAM_ERROR_MSG, NULL, "Please verify user on security token of user %s.", user_name);
+ 
+                 r = user_record_set_fido2_user_verification_permitted(secret, true);
+@@ -403,6 +414,8 @@ static int handle_generic_user_record_error(
+         } else if (sd_bus_error_has_name(error, BUS_ERROR_TOKEN_BAD_PIN)) {
+                 _cleanup_(erase_and_freep) char *newp = NULL;
+ 
++                assert(secret);
++
+                 (void) pam_prompt(handle, PAM_ERROR_MSG, NULL, "Security token PIN incorrect for user %s.", user_name);
+                 r = pam_prompt(handle, PAM_PROMPT_ECHO_OFF, &newp, "Sorry, retry security token PIN: ");
+                 if (r != PAM_SUCCESS)
+@@ -422,6 +435,8 @@ static int handle_generic_user_record_error(
+         } else if (sd_bus_error_has_name(error, BUS_ERROR_TOKEN_BAD_PIN_FEW_TRIES_LEFT)) {
+                 _cleanup_(erase_and_freep) char *newp = NULL;
+ 
++                assert(secret);
++
+                 (void) pam_prompt(handle, PAM_ERROR_MSG, NULL, "Security token PIN of user %s incorrect (only a few tries left!)", user_name);
+                 r = pam_prompt(handle, PAM_PROMPT_ECHO_OFF, &newp, "Sorry, retry security token PIN: ");
+                 if (r != PAM_SUCCESS)
+@@ -441,6 +456,8 @@ static int handle_generic_user_record_error(
+         } else if (sd_bus_error_has_name(error, BUS_ERROR_TOKEN_BAD_PIN_ONE_TRY_LEFT)) {
+                 _cleanup_(erase_and_freep) char *newp = NULL;
+ 
++                assert(secret);
++
+                 (void) pam_prompt(handle, PAM_ERROR_MSG, NULL, "Security token PIN of user %s incorrect (only one try left!)", user_name);
+                 r = pam_prompt(handle, PAM_PROMPT_ECHO_OFF, &newp, "Sorry, retry security token PIN: ");
+                 if (r != PAM_SUCCESS)
diff --git a/sys-apps/systemd/metadata.xml b/sys-apps/systemd/metadata.xml
index cb86e5b1d243..c458d3f1e3b6 100644
--- a/sys-apps/systemd/metadata.xml
+++ b/sys-apps/systemd/metadata.xml
@@ -17,6 +17,7 @@
 		<flag name="dns-over-tls">Enable DNS-over-TLS support</flag>
 		<flag name="gnuefi">Enable EFI boot manager and stub loader (built using <pkg>sys-boot/gnu-efi</pkg>)</flag>
 		<flag name="elfutils">Enable coredump stacktraces in the journal</flag>
+		<flag name="fido2">Enable FIDO2 support</flag>
 		<flag name="gcrypt">Enable sealing of journal files using gcrypt</flag>
 		<flag name="homed">Enable portable home directories</flag>
 		<flag name="http">Enable embedded HTTP server in journald</flag>
diff --git a/sys-apps/systemd/systemd-249.2.ebuild b/sys-apps/systemd/systemd-249.2-r1.ebuild
index f55c30b02d8a..1f0dd24720fb 100644
--- a/sys-apps/systemd/systemd-249.2.ebuild
+++ b/sys-apps/systemd/systemd-249.2-r1.ebuild
@@ -4,6 +4,9 @@
 EAPI=7
 PYTHON_COMPAT=( python3_{8..10} )
 
+# Avoid QA warnings
+TMPFILES_OPTIONAL=1
+
 if [[ ${PV} == 9999 ]]; then
 	EGIT_REPO_URI="https://github.com/systemd/systemd.git"
 	inherit git-r3
@@ -27,7 +30,7 @@ HOMEPAGE="https://www.freedesktop.org/wiki/Software/systemd"
 
 LICENSE="GPL-2 LGPL-2.1 MIT public-domain"
 SLOT="0/2"
-IUSE="acl apparmor audit build cgroup-hybrid cryptsetup curl dns-over-tls elfutils +gcrypt gnuefi homed http +hwdb idn importd +kmod +lz4 lzma nat pam pcre pkcs11 policykit pwquality qrcode repart +resolvconf +seccomp selinux split-usr static-libs +sysv-utils test tpm vanilla xkb +zstd"
+IUSE="acl apparmor audit build cgroup-hybrid cryptsetup curl dns-over-tls elfutils +gcrypt gnuefi homed http +hwdb idn importd +kmod +lz4 lzma nat pam pcre pkcs11 policykit pwquality qrcode repart +resolvconf +seccomp selinux split-usr +sysv-utils test tpm vanilla xkb +zstd"
 
 REQUIRED_USE="
 	homed? ( cryptsetup pam )
@@ -324,9 +327,6 @@ multilib_src_configure() {
 		$(meson_native_true timesyncd)
 		$(meson_native_true tmpfiles)
 		$(meson_native_true vconsole)
-
-		# static-libs
-		$(meson_use static-libs static-libudev)
 	)
 
 	meson_src_configure "${myconf[@]}"
diff --git a/sys-apps/systemd/systemd-248.6.ebuild b/sys-apps/systemd/systemd-249.4-r3.ebuild
index 469ea95ee5be..f7381f4632b7 100644
--- a/sys-apps/systemd/systemd-248.6.ebuild
+++ b/sys-apps/systemd/systemd-249.4-r3.ebuild
@@ -2,6 +2,10 @@
 # Distributed under the terms of the GNU General Public License v2
 
 EAPI=7
+PYTHON_COMPAT=( python3_{8..10} )
+
+# Avoid QA warnings
+TMPFILES_OPTIONAL=1
 
 if [[ ${PV} == 9999 ]]; then
 	EGIT_REPO_URI="https://github.com/systemd/systemd.git"
@@ -16,11 +20,9 @@ else
 	MY_P=${MY_PN}-${MY_PV}
 	S=${WORKDIR}/${MY_P}
 	SRC_URI="https://github.com/systemd/${MY_PN}/archive/v${MY_PV}/${MY_P}.tar.gz"
-	KEYWORDS="~alpha amd64 arm arm64 ~hppa ~ia64 ~mips ppc ppc64 ~riscv sparc x86"
+	KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~mips ~ppc ~ppc64 ~riscv ~sparc ~x86"
 fi
 
-PYTHON_COMPAT=( python3_{7..9} )
-
 inherit bash-completion-r1 linux-info meson-multilib pam python-any-r1 systemd toolchain-funcs udev usr-ldscript
 
 DESCRIPTION="System and service manager for Linux"
@@ -28,7 +30,7 @@ HOMEPAGE="https://www.freedesktop.org/wiki/Software/systemd"
 
 LICENSE="GPL-2 LGPL-2.1 MIT public-domain"
 SLOT="0/2"
-IUSE="acl apparmor audit build cgroup-hybrid cryptsetup curl dns-over-tls elfutils +gcrypt gnuefi homed http +hwdb idn importd +kmod +lz4 lzma nat pam pcre pkcs11 policykit pwquality qrcode repart +resolvconf +seccomp selinux split-usr static-libs +sysv-utils test tpm vanilla xkb +zstd"
+IUSE="acl apparmor audit build cgroup-hybrid cryptsetup curl dns-over-tls elfutils fido2 +gcrypt gnuefi homed http +hwdb idn importd +kmod +lz4 lzma nat pam pcre pkcs11 policykit pwquality qrcode repart +resolvconf +seccomp selinux split-usr +sysv-utils test tpm vanilla xkb +zstd"
 
 REQUIRED_USE="
 	homed? ( cryptsetup pam )
@@ -51,6 +53,7 @@ COMMON_DEPEND=">=sys-apps/util-linux-2.30:0=[${MULTILIB_USEDEP}]
 	curl? ( net-misc/curl:0= )
 	dns-over-tls? ( >=net-libs/gnutls-3.6.0:0= )
 	elfutils? ( >=dev-libs/elfutils-0.158:0= )
+	fido2? ( dev-libs/libfido2:0= )
 	gcrypt? ( >=dev-libs/libgcrypt-1.4.5:0=[${MULTILIB_USEDEP}] )
 	homed? ( ${OPENSSL_DEP} )
 	http? (
@@ -133,7 +136,7 @@ RDEPEND="${COMMON_DEPEND}
 
 # sys-apps/dbus: the daemon only (+ build-time lib dep for tests)
 PDEPEND=">=sys-apps/dbus-1.9.8[systemd]
-	hwdb? ( >=sys-apps/hwids-20150417[udev] )
+	hwdb? ( sys-apps/hwids[systemd(+),udev] )
 	>=sys-fs/udev-init-scripts-34
 	policykit? ( sys-auth/polkit )
 	!vanilla? ( sys-apps/gentoo-systemd-integration )"
@@ -144,7 +147,6 @@ BDEPEND="
 	>=dev-util/meson-0.46
 	>=sys-apps/coreutils-8.16
 	sys-devel/gettext
-	sys-devel/m4
 	virtual/pkgconfig
 	test? (
 		app-text/tree
@@ -155,13 +157,18 @@ BDEPEND="
 	app-text/docbook-xml-dtd:4.5
 	app-text/docbook-xsl-stylesheets
 	dev-libs/libxslt:0
+	$(python_gen_any_dep 'dev-python/jinja[${PYTHON_USEDEP}]')
 	$(python_gen_any_dep 'dev-python/lxml[${PYTHON_USEDEP}]')
 "
 
 python_check_deps() {
+	has_version -b "dev-python/jinja[${PYTHON_USEDEP}]" &&
 	has_version -b "dev-python/lxml[${PYTHON_USEDEP}]"
 }
 
+QA_FLAGS_IGNORED="usr/lib/systemd/boot/efi/.*"
+QA_EXECSTACK="usr/lib/systemd/boot/efi/*"
+
 pkg_pretend() {
 	if [[ ${MERGE_TYPE} != buildonly ]]; then
 		if use test && has pid-sandbox ${FEATURES}; then
@@ -219,6 +226,9 @@ src_prepare() {
 
 	# Add local patches here
 	PATCHES+=(
+		"${FILESDIR}/249-libudev-static.patch"
+		"${FILESDIR}/249-home-secret-assert.patch"
+		"${FILESDIR}/249-fido2.patch"
 	)
 
 	if ! use vanilla; then
@@ -266,6 +276,7 @@ multilib_src_configure() {
 		$(meson_native_use_bool curl libcurl)
 		$(meson_native_use_bool dns-over-tls dns-over-tls)
 		$(meson_native_use_bool elfutils)
+		$(meson_native_use_bool fido2 libfido2)
 		$(meson_use gcrypt)
 		$(meson_native_use_bool gnuefi gnu-efi)
 		-Defi-includedir="${ESYSROOT}/usr/include/efi"
@@ -320,9 +331,6 @@ multilib_src_configure() {
 		$(meson_native_true timesyncd)
 		$(meson_native_true tmpfiles)
 		$(meson_native_true vconsole)
-
-		# static-libs
-		$(meson_use static-libs static-libudev)
 	)
 
 	meson_src_configure "${myconf[@]}"
@@ -442,19 +450,7 @@ migrate_locale() {
 	fi
 }
 
-save_enabled_units() {
-	ENABLED_UNITS=()
-	type systemctl &>/dev/null || return
-	for x; do
-		if systemctl --quiet --root="${ROOT:-/}" is-enabled "${x}"; then
-			ENABLED_UNITS+=( "${x}" )
-		fi
-	done
-}
-
 pkg_preinst() {
-	save_enabled_units {machines,remote-{cryptsetup,fs}}.target getty@tty1.service
-
 	if ! use split-usr; then
 		local dir
 		for dir in bin sbin lib; do
@@ -476,23 +472,17 @@ pkg_postinst() {
 	systemd_update_catalog
 
 	# Keep this here in case the database format changes so it gets updated
-	# when required. Despite that this file is owned by sys-apps/hwids.
-	if has_version "sys-apps/hwids[udev]"; then
-		udevadm hwdb --update --root="${EROOT}"
+	# when required.
+	if use hwdb; then
+		systemd-hwdb --root="${ROOT}" update
 	fi
 
 	udev_reload || FAIL=1
 
-	# Bug 465468, make sure locales are respect, and ensure consistency
+	# Bug 465468, make sure locales are respected, and ensure consistency
 	# between OpenRC & systemd
 	migrate_locale
 
-	systemd_reenable systemd-networkd.service systemd-resolved.service
-
-	if [[ ${ENABLED_UNITS[@]} ]]; then
-		systemctl --root="${ROOT:-/}" enable "${ENABLED_UNITS[@]}"
-	fi
-
 	if [[ -z ${REPLACING_VERSIONS} ]]; then
 		if type systemctl &>/dev/null; then
 			systemctl --root="${ROOT:-/}" enable getty@.service remote-fs.target || FAIL=1
diff --git a/sys-apps/systemd/systemd-9999.ebuild b/sys-apps/systemd/systemd-9999.ebuild
index 3683686fc0d1..ee6cfbea7dad 100644
--- a/sys-apps/systemd/systemd-9999.ebuild
+++ b/sys-apps/systemd/systemd-9999.ebuild
@@ -4,6 +4,9 @@
 EAPI=7
 PYTHON_COMPAT=( python3_{8..10} )
 
+# Avoid QA warnings
+TMPFILES_OPTIONAL=1
+
 if [[ ${PV} == 9999 ]]; then
 	EGIT_REPO_URI="https://github.com/systemd/systemd.git"
 	inherit git-r3
@@ -27,7 +30,7 @@ HOMEPAGE="https://www.freedesktop.org/wiki/Software/systemd"
 
 LICENSE="GPL-2 LGPL-2.1 MIT public-domain"
 SLOT="0/2"
-IUSE="acl apparmor audit build cgroup-hybrid cryptsetup curl dns-over-tls elfutils +gcrypt gnuefi homed http +hwdb idn importd +kmod +lz4 lzma nat pam pcre pkcs11 policykit pwquality qrcode repart +resolvconf +seccomp selinux split-usr static-libs +sysv-utils test tpm vanilla xkb +zstd"
+IUSE="acl apparmor audit build cgroup-hybrid cryptsetup curl dns-over-tls elfutils fido2 +gcrypt gnuefi homed http +hwdb idn importd +kmod +lz4 lzma nat pam pcre pkcs11 policykit pwquality qrcode repart +resolvconf +seccomp selinux split-usr +sysv-utils test tpm vanilla xkb +zstd"
 
 REQUIRED_USE="
 	homed? ( cryptsetup pam )
@@ -50,6 +53,7 @@ COMMON_DEPEND=">=sys-apps/util-linux-2.30:0=[${MULTILIB_USEDEP}]
 	curl? ( net-misc/curl:0= )
 	dns-over-tls? ( >=net-libs/gnutls-3.6.0:0= )
 	elfutils? ( >=dev-libs/elfutils-0.158:0= )
+	fido2? ( dev-libs/libfido2:0= )
 	gcrypt? ( >=dev-libs/libgcrypt-1.4.5:0=[${MULTILIB_USEDEP}] )
 	homed? ( ${OPENSSL_DEP} )
 	http? (
@@ -269,6 +273,7 @@ multilib_src_configure() {
 		$(meson_native_use_bool curl libcurl)
 		$(meson_native_use_bool dns-over-tls dns-over-tls)
 		$(meson_native_use_bool elfutils)
+		$(meson_native_use_bool fido2 libfido2)
 		$(meson_use gcrypt)
 		$(meson_native_use_bool gnuefi gnu-efi)
 		-Defi-includedir="${ESYSROOT}/usr/include/efi"
@@ -323,9 +328,6 @@ multilib_src_configure() {
 		$(meson_native_true timesyncd)
 		$(meson_native_true tmpfiles)
 		$(meson_native_true vconsole)
-
-		# static-libs
-		$(meson_use static-libs static-libudev)
 	)
 
 	meson_src_configure "${myconf[@]}"
author	V3n3RiX <venerix@redcorelinux.org>	2021-09-10 04:21:55 +0100
committer	V3n3RiX <venerix@redcorelinux.org>	2021-09-10 04:21:55 +0100
commit	677b7ba5c317778df2ad7e70df94b9b7eec4adbc (patch)
tree	6c418a1546fff5becab5d8b9ed6803323e7f316e /sys-apps/systemd
parent	fbda87924e6faa7a1919f1a2b4182490bde5ec5c (diff)