gentoo auto-resync : 11:01:2023 - 11:44:03

author: V3n3RiX <venerix@koprulu.sector> 2023-01-11 11:44:03 +0000
committer: V3n3RiX <venerix@koprulu.sector> 2023-01-11 11:44:03 +0000
commit: df26c7469c1f2af2e643d43e2e32a6c9142e4885 (patch)
tree: 1beee9b11d06bfcc69d1d6c8ab00566f8633aec1 /sys-apps/systemd
parent: ad391b961414c99124b93cb86695c04bd8d57937 (diff)
5 files changed, 87 insertions, 543 deletions
diff --git a/sys-apps/systemd/Manifest b/sys-apps/systemd/Manifest
index 37d0ad427ccf..1dff251a0c90 100644
--- a/sys-apps/systemd/Manifest
+++ b/sys-apps/systemd/Manifest
@@ -1,4 +1,5 @@
 AUX 251-gpt-auto-no-cryptsetup.patch 958 BLAKE2B 7067224e613433fcb139c38597552e080e07d33b207965a9c9a2b3d4e353c43dae38e6800d6ce28cadcba5f914b1b49e80fa48929df2c4bb96248bfeb6bf6aa5 SHA512 6a78bbdde3aae9a2ad4c4f824eb5281ca9ab24770516ad7c9a9e3daf7f39475bf9b4dd868c857a9833dd408db801393f949b8fae1700b2ad04ea822dc84e3429
+AUX 252-tmpfiles-ub.patch 2892 BLAKE2B 0c65c90c0a631a48b7f3b8194350fb90e6915e0e7f32b0de87cfb83ca170f68576017efbe8a531fdeb01485ac6840a4c75628d1a384e750fc5094dff68dddcab SHA512 5c4fac1933a0b8443b80cff7069f21904773d486f30be24337f2b68234c708568ccd0f1ab216968ce71f760e4e27f85912971cdb9dd3ee724d7e6a2d8bc917d7
 AUX gentoo-generator-path-r2.patch 994 BLAKE2B 2bfb42623221291030fa9f7310e9bf747351a26f6ffd842628298787b74d4ec562bacaa9fc5365f7e854f695dab5f74bc06883fefc1f210dce4fd415926817ac SHA512 98054222ea232e120625573b6a532c312eccc02fe657152610b7d056b964bb2165fffae9d17fd986cf547af885d44c26b117fe68df5b24e2607d37f3729d0ada
 AUX gentoo-journald-audit.patch 1485 BLAKE2B 9cba28ce907330bbc1eafcf04a837987ed68272fcfa9cc34a309ff5d4cc2230f71a6f7fed42c79afb1c96605df141e8e40b2d8290d12ad3c18038269814f2df8 SHA512 d77d4dae9f8a7819c6d4855476f3163ee19f52b20f66a93e25818f0747404462c47e3cafbd82ba85ce1b3d2fdbabdd96a0398b71149b318c540d82403f8ad0ad
 AUX gentoo-systemctl-disable-sysv-sync-r1.patch 821 BLAKE2B f5ef796725e023bb1ed83b34a3e4d45bb008de9a134892a5321b37b56809c7a44530d18e33c7877177e8b64b2d89dfc2de844bed433db6d5e57831d20fbfb456 SHA512 8d697dbd305f6b95a4ddc47cf9d99a0e954f54e161bd59164917b62a78ff5c23fa2d5be2614569c0a2297595dae59e1ee71bb04da72cbe0c0807e1abd7da974d
@@ -6,13 +7,10 @@ AUX nsswitch.conf 734 BLAKE2B 5f5a7821a84f6c8aa31fe9a68c29a1a0f24be578d427a623f1
 AUX systemd-user.pam 122 BLAKE2B cccc07cab47dfc0481438e503c34fa1a0b2c6b1f8ab282197719a523421d2a526f19230bb459e0347cbeb2046e35a407c78178a3fb5b79619e987cbc4ac7d5e4 SHA512 c5437677ff00fbb45798fe594e8d61b1c2bfc2d103105d7bd82e476240452477ac263700800f5d0ba91ddc895eb85f4517d5cb15c80611ec1680a686d47cd781
 DIST systemd-stable-251.10.tar.gz 11461671 BLAKE2B a351b6dd9fc307e4bdcf0323b16e7f58c714392cfa466180a81196309c289b54767bfe5d03037eb1bd6b273d7eb8f6f42b927aabaa1310be04266675d1a3dd06 SHA512 49e33dbbc1b2ebe123b2f722070c87524b3126d1e605fb3e24a3f9f328ab67de506dc4588a92caf157428c21b9c73c3884726c4a5b1f67bb997d4a68bb871e5b
 DIST systemd-stable-251.8.tar.gz 11457551 BLAKE2B d4ca799a5b22164362fa8948bbec95215d6ebc04380f13f755916c4bfd4e1cc43a82177c21d2c56aa9d8440b44872b773f21682fc127c7f6d2b3542661c27d80 SHA512 c337fad3cf2beef11401850ddd6418efef035d4ec6405049084302738042f77ac1f8bfd7eb3611668a13038878389c9617e63278ec0b37782b3e0242e69c4843
-DIST systemd-stable-251.9.tar.gz 11461131 BLAKE2B ba8fa2d70cc992ded3d1aa354e36d9815c6ae87a6f438f8879771e9e5ae9f7d10591956cf8c617ba0c5c13fdc229bc23a7ea173aa9849bfdf6476cc0721d62be SHA512 27df2076445a826911274101286a3555528ebd0894a5c32f2dea71a075b5fcde3931f4d04f5726c5b39d482357939d2fbd2b52ac9a894b6853f48833984f4c17
-DIST systemd-stable-252.3.tar.gz 11750469 BLAKE2B 855ca884d8e843605f8b467e8453ccdadf0c17e45f4511f2ba25decd5a46429ca5d765346bd5a2ec345cb62d425c8961306cc91f179566f2ff64d043ada3fdfb SHA512 fd7594f0cb232996fda33f14a09565b4c315db8969579512f39a3f96734fc0841a1c6a83c3668103b70d108f73ffc11e7465bf5867d1ff313d0e428d4a6e2134
 DIST systemd-stable-252.4.tar.gz 11753300 BLAKE2B 8819ca6d3a64c110e5a245ae0369dc431079556e200d13d8edfc64fc35b2b04f1cdc215b81d9bf126245f315be3662ebd2c094167f88d2465f0dce25aa1fd196 SHA512 d4e99a67c59091dae78f654433a6c5e114ae66256b72d9d43292c43a986ee6a58e2d06f12866cbd7ec821b61580ec003af1725f60fd4b038b4a981b3ca839ee2
 EBUILD systemd-251.10.ebuild 15120 BLAKE2B a404f680f9b7eff301418a907f68a7f22d0034577bbf05b809253fa61a442ada0fcd448d5ecb94c2da55a7e9d7b18d85919786ef04536ebc028cd9e0eb6b641a SHA512 c68a4dbaa013ff91196115cbb668e9cd4079ed029ee002511f7da04154ea930a56aa7bc280f144b4b601e9f9dd75588b5c9c63cd76d6a875e7ba5debd99aefb6
 EBUILD systemd-251.8.ebuild 15112 BLAKE2B 635842b3738399e3396f468f264464b3429b0893c5e20d56738c616423b6c5d3e958738a6b6ae27c99753983e06f6e13156cb80b7152ba3756760bd4aa4c5bc2 SHA512 41608cc213cc0f2ffb781274c45750389c2f034ce1c83f714b157904d4630638bd804ab302abe9266e48d5145b4895c8c385f6ec706ed0b23a1c3136ec2bb9c5
-EBUILD systemd-251.9.ebuild 15120 BLAKE2B a404f680f9b7eff301418a907f68a7f22d0034577bbf05b809253fa61a442ada0fcd448d5ecb94c2da55a7e9d7b18d85919786ef04536ebc028cd9e0eb6b641a SHA512 c68a4dbaa013ff91196115cbb668e9cd4079ed029ee002511f7da04154ea930a56aa7bc280f144b4b601e9f9dd75588b5c9c63cd76d6a875e7ba5debd99aefb6
-EBUILD systemd-252.3.ebuild 15071 BLAKE2B 44c5a6bc034d0ae2c155ebdf2bf0b9d9ebe8f18d9d622a4e674a0b5c0c6151a2652d81b5edc17c00910f1e74dbf598f8691854f617c314311d01f90d46644abb SHA512 a072edd9753935be12099565db628e79fde0ed6a33830ce4e31e4ba7e827f824368e1dc50a90895e9a6d436fa72910a54f3b8787c3bee2d7e8a42092f7132bac
+EBUILD systemd-252.4-r1.ebuild 15532 BLAKE2B 95c5122732ffb567a5654c3d68b7496b47c4fd3e89783f48ea33b9066716f76bdadd66f2013d5c50034de2bafc4950d6d85fda200c94d69fb8fd2a143d3df54e SHA512 3be67bee749405cf24de4554b9829cfe7a8960da090201821d885b8f8e9ffef24ed2987bcba1e0d56c572eca5f88bee57bb9fbb7682a98ad42d3610e7b1bbcde
 EBUILD systemd-252.4.ebuild 15070 BLAKE2B ebb45f827727fbc92cb384ce54e769cb75dd1ef3a35cb19b8a130d92663e7ec78eb33ea81d08f25ba0089feb46e9e5b748dc8bee353e7e0b251e9eff50c090d4 SHA512 b7bb0d28ef1c5a61474c866c50b532a0f36bc7e43f1269039cb3d52afdfbd21be30371521350d90e520362c3de1099add551a6dcc22462b77c113aff0fb7e2e1
-EBUILD systemd-9999.ebuild 15071 BLAKE2B 44c5a6bc034d0ae2c155ebdf2bf0b9d9ebe8f18d9d622a4e674a0b5c0c6151a2652d81b5edc17c00910f1e74dbf598f8691854f617c314311d01f90d46644abb SHA512 a072edd9753935be12099565db628e79fde0ed6a33830ce4e31e4ba7e827f824368e1dc50a90895e9a6d436fa72910a54f3b8787c3bee2d7e8a42092f7132bac
+EBUILD systemd-9999.ebuild 14545 BLAKE2B 8d5c7e0453c9ce3835c3aabaa6cdf5baeee7dab3436fac1a6f7a6fb29735bc99b2a0f2fdbd72e0e15dd77ca5e64400aef90e991624ebc495496a5eade16c322d SHA512 40f720382d91759b11c7a9301fe78c38f57ef284dd582bb5530b9bca77dacd18fd1079b716675b1dd396b5c7e56ecb1af4b10abf8b6c86446c8813571120c4d7
 MISC metadata.xml 2545 BLAKE2B fc424b7f9e471860cba69b6f11ea2094c70f125cd55c42ea77e4549a399680c4444119c79424c266828a284b0214001421f760477b1341844dddd2d474d70c33 SHA512 f0b8c4614e3c88d123916bb3399d6025ab30ff839849b136a29e1960bf0c50699b3f09b5307f40b77cc8c5566c20b11de2364a08311adceb15507df3e4bb0565
diff --git a/sys-apps/systemd/files/252-tmpfiles-ub.patch b/sys-apps/systemd/files/252-tmpfiles-ub.patch
new file mode 100644
index 000000000000..df190d500e34
--- /dev/null
+++ b/sys-apps/systemd/files/252-tmpfiles-ub.patch
@@ -0,0 +1,71 @@
+https://github.com/systemd/systemd/pull/25957
+https://github.com/systemd/systemd/pull/25959
+https://github.com/systemd/systemd/commit/9f804ab04d566ff745849e1c4ced680a0447cf76
+https://github.com/systemd/systemd/commit/34680637e838415204850f77c93ca6ca219abaf1
+
+From 9f804ab04d566ff745849e1c4ced680a0447cf76 Mon Sep 17 00:00:00 2001
+From: Sam James <sam@gentoo.org>
+Date: Fri, 6 Jan 2023 10:58:32 +0000
+Subject: [PATCH] tmpfiles: avoid null free() for acl attributes
+
+When built with ACL support, we might be processing a tmpfiles
+entry where there's no cause for us to call parse_acls_from_arg,
+then we get to the end of parse_line without having ever populated
+i.{acl_access, acl_default}.
+
+Then we pass a null pointer into acl_free().
+
+From UBSAN w/ GCC 13.0.0_pre20230101:
+```
+$ systemd-tmpfiles --clean
+/var/tmp/portage/sys-apps/acl-2.3.1-r1/work/acl-2.3.1/libacl/acl_free.c:44:14: runtime error: applying non-zero offset 18446744073709551608 to null pointer
+    #0 0x7f65d868b482 in acl_free /var/tmp/portage/sys-apps/acl-2.3.1-r1/work/acl-2.3.1/libacl/acl_free.c:44
+    #1 0x55fe7e592249 in item_free_contents ../systemd-9999/src/tmpfiles/tmpfiles.c:2855
+    #2 0x55fe7e5a347a in parse_line ../systemd-9999/src/tmpfiles/tmpfiles.c:3158
+    #3 0x55fe7e5a347a in read_config_file ../systemd-9999/src/tmpfiles/tmpfiles.c:3897
+    #4 0x55fe7e590c61 in read_config_files ../systemd-9999/src/tmpfiles/tmpfiles.c:3985
+    #5 0x55fe7e590c61 in run ../systemd-9999/src/tmpfiles/tmpfiles.c:4157
+    #6 0x55fe7e590c61 in main ../systemd-9999/src/tmpfiles/tmpfiles.c:4218
+    #7 0x7f65d7ebe289  (/usr/lib64/libc.so.6+0x23289)
+    #8 0x7f65d7ebe344 in __libc_start_main (/usr/lib64/libc.so.6+0x23344)
+    #9 0x55fe7e591900 in _start (/usr/bin/systemd-tmpfiles+0x11900)
+```
+--- a/src/tmpfiles/tmpfiles.c
++++ b/src/tmpfiles/tmpfiles.c
+@@ -2852,8 +2852,11 @@ static void item_free_contents(Item *i) {
+         strv_free(i->xattrs);
+ 
+ #if HAVE_ACL
+-        acl_free(i->acl_access);
+-        acl_free(i->acl_default);
++        if (i->acl_access)
++                acl_free(i->acl_access);
++
++        if (i->acl_default)
++                acl_free(i->acl_default);
+ #endif
+ }
+ 
+
+From 34680637e838415204850f77c93ca6ca219abaf1 Mon Sep 17 00:00:00 2001
+From: Lennart Poettering <lennart@poettering.net>
+Date: Fri, 6 Jan 2023 12:30:36 +0100
+Subject: [PATCH] nspawn: guard acl_free() with a NULL check
+
+Inspired by #25957 there's one other place where we don't guard
+acl_free() calls with a NULL check.
+
+Fix that.
+--- a/src/nspawn/nspawn-patch-uid.c
++++ b/src/nspawn/nspawn-patch-uid.c
+@@ -181,7 +181,9 @@ static int patch_acls(int fd, const char *name, const struct stat *st, uid_t shi
+ 
+         if (S_ISDIR(st->st_mode)) {
+                 acl_free(acl);
+-                acl_free(shifted);
++
++                if (shifted)
++                        acl_free(shifted);
+ 
+                 acl = shifted = NULL;
+ 
diff --git a/sys-apps/systemd/systemd-252.3.ebuild b/sys-apps/systemd/systemd-252.3.ebuild
deleted file mode 100644
index 6a423f8c5593..000000000000
--- a/sys-apps/systemd/systemd-252.3.ebuild
+++ /dev/null
@@ -1,520 +0,0 @@
-# Copyright 2011-2022 Gentoo Authors
-# Distributed under the terms of the GNU General Public License v2
-
-EAPI=7
-PYTHON_COMPAT=( python3_{8..11} )
-
-# Avoid QA warnings
-TMPFILES_OPTIONAL=1
-UDEV_OPTIONAL=1
-
-QA_PKGCONFIG_VERSION=$(ver_cut 1)
-
-if [[ ${PV} == 9999 ]]; then
-	EGIT_REPO_URI="https://github.com/systemd/systemd.git"
-	inherit git-r3
-else
-	if [[ ${PV} == *.* ]]; then
-		MY_PN=systemd-stable
-	else
-		MY_PN=systemd
-	fi
-	MY_PV=${PV/_/-}
-	MY_P=${MY_PN}-${MY_PV}
-	S=${WORKDIR}/${MY_P}
-	SRC_URI="https://github.com/systemd/${MY_PN}/archive/v${MY_PV}/${MY_P}.tar.gz"
-	KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~loong ~m68k ~mips ~ppc ~ppc64 ~riscv ~s390 ~sparc ~x86"
-fi
-
-inherit bash-completion-r1 flag-o-matic linux-info meson-multilib pam
-inherit python-any-r1 systemd toolchain-funcs udev usr-ldscript
-
-DESCRIPTION="System and service manager for Linux"
-HOMEPAGE="http://systemd.io/"
-
-LICENSE="GPL-2 LGPL-2.1 MIT public-domain"
-SLOT="0/2"
-IUSE="
-	acl apparmor audit cgroup-hybrid cryptsetup curl +dns-over-tls elfutils
-	fido2 +gcrypt gnuefi gnutls homed http idn importd iptables +kmod
-	+lz4 lzma +openssl pam pcre pkcs11 policykit pwquality qrcode
-	+resolvconf +seccomp selinux split-usr +sysv-utils test tpm vanilla xkb +zstd
-"
-REQUIRED_USE="
-	dns-over-tls? ( || ( gnutls openssl ) )
-	homed? ( cryptsetup pam openssl )
-	importd? ( curl lzma || ( gcrypt openssl ) )
-	pwquality? ( homed )
-"
-RESTRICT="!test? ( test )"
-
-MINKV="4.15"
-
-COMMON_DEPEND="
-	>=sys-apps/util-linux-2.30:0=[${MULTILIB_USEDEP}]
-	sys-libs/libcap:0=[${MULTILIB_USEDEP}]
-	virtual/libcrypt:=[${MULTILIB_USEDEP}]
-	acl? ( sys-apps/acl:0= )
-	apparmor? ( sys-libs/libapparmor:0= )
-	audit? ( >=sys-process/audit-2:0= )
-	cryptsetup? ( >=sys-fs/cryptsetup-2.0.1:0= )
-	curl? ( net-misc/curl:0= )
-	elfutils? ( >=dev-libs/elfutils-0.158:0= )
-	fido2? ( dev-libs/libfido2:0= )
-	gcrypt? ( >=dev-libs/libgcrypt-1.4.5:0=[${MULTILIB_USEDEP}] )
-	gnutls? ( >=net-libs/gnutls-3.6.0:0= )
-	http? ( >=net-libs/libmicrohttpd-0.9.33:0=[epoll(+)] )
-	idn? ( net-dns/libidn2:= )
-	importd? (
-		app-arch/bzip2:0=
-		sys-libs/zlib:0=
-	)
-	kmod? ( >=sys-apps/kmod-15:0= )
-	lz4? ( >=app-arch/lz4-0_p131:0=[${MULTILIB_USEDEP}] )
-	lzma? ( >=app-arch/xz-utils-5.0.5-r1:0=[${MULTILIB_USEDEP}] )
-	iptables? ( net-firewall/iptables:0= )
-	openssl? ( >=dev-libs/openssl-1.1.0:0= )
-	pam? ( sys-libs/pam:=[${MULTILIB_USEDEP}] )
-	pkcs11? ( app-crypt/p11-kit:0= )
-	pcre? ( dev-libs/libpcre2 )
-	pwquality? ( dev-libs/libpwquality:0= )
-	qrcode? ( media-gfx/qrencode:0= )
-	seccomp? ( >=sys-libs/libseccomp-2.3.3:0= )
-	selinux? ( sys-libs/libselinux:0= )
-	tpm? ( app-crypt/tpm2-tss:0= )
-	xkb? ( >=x11-libs/libxkbcommon-0.4.1:0= )
-	zstd? ( >=app-arch/zstd-1.4.0:0=[${MULTILIB_USEDEP}] )
-"
-
-# Newer linux-headers needed by ia64, bug #480218
-DEPEND="${COMMON_DEPEND}
-	>=sys-kernel/linux-headers-${MINKV}
-	gnuefi? ( >=sys-boot/gnu-efi-3.0.2 )
-"
-
-# baselayout-2.2 has /run
-RDEPEND="${COMMON_DEPEND}
-	>=acct-group/adm-0-r1
-	>=acct-group/wheel-0-r1
-	>=acct-group/kmem-0-r1
-	>=acct-group/tty-0-r1
-	>=acct-group/utmp-0-r1
-	>=acct-group/audio-0-r1
-	>=acct-group/cdrom-0-r1
-	>=acct-group/dialout-0-r1
-	>=acct-group/disk-0-r1
-	>=acct-group/input-0-r1
-	>=acct-group/kvm-0-r1
-	>=acct-group/lp-0-r1
-	>=acct-group/render-0-r1
-	acct-group/sgx
-	>=acct-group/tape-0-r1
-	acct-group/users
-	>=acct-group/video-0-r1
-	>=acct-group/systemd-journal-0-r1
-	>=acct-user/root-0-r1
-	acct-user/nobody
-	>=acct-user/systemd-journal-remote-0-r1
-	>=acct-user/systemd-coredump-0-r1
-	>=acct-user/systemd-network-0-r1
-	acct-user/systemd-oom
-	>=acct-user/systemd-resolve-0-r1
-	>=acct-user/systemd-timesync-0-r1
-	>=sys-apps/baselayout-2.2
-	selinux? (
-		sec-policy/selinux-base-policy[systemd]
-		sec-policy/selinux-ntp
-	)
-	sysv-utils? (
-		!sys-apps/openrc[sysv-utils(-)]
-		!sys-apps/sysvinit
-	)
-	!sysv-utils? ( sys-apps/sysvinit )
-	resolvconf? ( !net-dns/openresolv )
-	!sys-apps/hwids[udev]
-	!sys-auth/nss-myhostname
-	!sys-fs/eudev
-	!sys-fs/udev
-"
-
-# sys-apps/dbus: the daemon only (+ build-time lib dep for tests)
-PDEPEND=">=sys-apps/dbus-1.9.8[systemd]
-	>=sys-fs/udev-init-scripts-34
-	policykit? ( sys-auth/polkit )
-	!vanilla? ( sys-apps/gentoo-systemd-integration )"
-
-BDEPEND="
-	app-arch/xz-utils:0
-	dev-util/gperf
-	>=dev-util/meson-0.46
-	>=sys-apps/coreutils-8.16
-	sys-devel/gettext
-	virtual/pkgconfig
-	test? (
-		app-text/tree
-		dev-lang/perl
-		sys-apps/dbus
-	)
-	app-text/docbook-xml-dtd:4.2
-	app-text/docbook-xml-dtd:4.5
-	app-text/docbook-xsl-stylesheets
-	dev-libs/libxslt:0
-	$(python_gen_any_dep 'dev-python/jinja[${PYTHON_USEDEP}]')
-	$(python_gen_any_dep 'dev-python/lxml[${PYTHON_USEDEP}]')
-"
-
-python_check_deps() {
-	python_has_version "dev-python/jinja[${PYTHON_USEDEP}]" &&
-	python_has_version "dev-python/lxml[${PYTHON_USEDEP}]"
-}
-
-QA_FLAGS_IGNORED="usr/lib/systemd/boot/efi/.*"
-QA_EXECSTACK="usr/lib/systemd/boot/efi/*"
-
-pkg_pretend() {
-	if [[ ${MERGE_TYPE} != buildonly ]]; then
-		if use test && has pid-sandbox ${FEATURES}; then
-			ewarn "Tests are known to fail with PID sandboxing enabled."
-			ewarn "See https://bugs.gentoo.org/674458."
-		fi
-
-		local CONFIG_CHECK=" ~BINFMT_MISC ~BLK_DEV_BSG ~CGROUPS
-			~CGROUP_BPF ~DEVTMPFS ~EPOLL ~FANOTIFY ~FHANDLE
-			~INOTIFY_USER ~IPV6 ~NET ~NET_NS ~PROC_FS ~SIGNALFD ~SYSFS
-			~TIMERFD ~TMPFS_XATTR ~UNIX ~USER_NS
-			~CRYPTO_HMAC ~CRYPTO_SHA256 ~CRYPTO_USER_API_HASH
-			~!GRKERNSEC_PROC ~!IDE ~!SYSFS_DEPRECATED
-			~!SYSFS_DEPRECATED_V2"
-
-		use acl && CONFIG_CHECK+=" ~TMPFS_POSIX_ACL"
-		use seccomp && CONFIG_CHECK+=" ~SECCOMP ~SECCOMP_FILTER"
-
-		if kernel_is -ge 5 10 20; then
-			CONFIG_CHECK+=" ~KCMP"
-		else
-			CONFIG_CHECK+=" ~CHECKPOINT_RESTORE"
-		fi
-
-		if kernel_is -ge 4 18; then
-			CONFIG_CHECK+=" ~AUTOFS_FS"
-		else
-			CONFIG_CHECK+=" ~AUTOFS4_FS"
-		fi
-
-		if linux_config_exists; then
-			local uevent_helper_path=$(linux_chkconfig_string UEVENT_HELPER_PATH)
-			if [[ -n ${uevent_helper_path} ]] && [[ ${uevent_helper_path} != '""' ]]; then
-				ewarn "It's recommended to set an empty value to the following kernel config option:"
-				ewarn "CONFIG_UEVENT_HELPER_PATH=${uevent_helper_path}"
-			fi
-			if linux_chkconfig_present X86; then
-				CONFIG_CHECK+=" ~DMIID"
-			fi
-		fi
-
-		if kernel_is -lt ${MINKV//./ }; then
-			ewarn "Kernel version at least ${MINKV} required"
-		fi
-
-		check_extra_config
-	fi
-}
-
-pkg_setup() {
-	:
-}
-
-src_unpack() {
-	default
-	[[ ${PV} != 9999 ]] || git-r3_src_unpack
-}
-
-src_prepare() {
-	local PATCHES=(
-	)
-
-	if ! use vanilla; then
-		PATCHES+=(
-			"${FILESDIR}/gentoo-generator-path-r2.patch"
-			"${FILESDIR}/gentoo-systemctl-disable-sysv-sync-r1.patch"
-			"${FILESDIR}/gentoo-journald-audit.patch"
-		)
-	fi
-
-	# Fails with split-usr.
-	sed -i -e '2i exit 77' test/test-rpm-macros.sh || die
-
-	default
-}
-
-src_configure() {
-	# Prevent conflicts with i686 cross toolchain, bug 559726
-	tc-export AR CC NM OBJCOPY RANLIB
-
-	# Broken with FORTIFY_SOURCE=3: bug #841770.
-	#
-	# Our toolchain sets F_S=2 by default w/ >= -O2, so we need
-	# to unset F_S first, then explicitly set 2, to negate any default
-	# and anything set by the user if they're choosing 3 (or if they've
-	# modified GCC to set 3).
-	#
-	if is-flagq '-O[23]' || is-flagq '-Ofast' ; then
-		# We can't unconditionally do this b/c we fortify needs
-		# some level of optimisation.
-		filter-flags -D_FORTIFY_SOURCE=3
-		append-cppflags -U_FORTIFY_SOURCE -D_FORTIFY_SOURCE=2
-	fi
-
-	python_setup
-
-	multilib-minimal_src_configure
-}
-
-multilib_src_configure() {
-	local myconf=(
-		--localstatedir="${EPREFIX}/var"
-		-Dsupport-url="https://gentoo.org/support/"
-		-Dpamlibdir="$(getpam_mod_dir)"
-		# avoid bash-completion dep
-		-Dbashcompletiondir="$(get_bashcompdir)"
-		$(meson_use split-usr)
-		$(meson_use split-usr split-bin)
-		-Drootprefix="$(usex split-usr "${EPREFIX:-/}" "${EPREFIX}/usr")"
-		-Drootlibdir="${EPREFIX}/usr/$(get_libdir)"
-		# Avoid infinite exec recursion, bug 642724
-		-Dtelinit-path="${EPREFIX}/lib/sysvinit/telinit"
-		# no deps
-		-Dima=true
-		-Ddefault-hierarchy=$(usex cgroup-hybrid hybrid unified)
-		# Optional components/dependencies
-		$(meson_native_use_bool acl)
-		$(meson_native_use_bool apparmor)
-		$(meson_native_use_bool audit)
-		$(meson_native_use_bool cryptsetup libcryptsetup)
-		$(meson_native_use_bool curl libcurl)
-		$(meson_native_use_bool dns-over-tls dns-over-tls)
-		$(meson_native_use_bool elfutils)
-		$(meson_native_use_bool fido2 libfido2)
-		$(meson_use gcrypt)
-		$(meson_native_use_bool gnuefi gnu-efi)
-		$(meson_native_use_bool gnutls)
-		-Defi-includedir="${ESYSROOT}/usr/include/efi"
-		-Defi-libdir="${ESYSROOT}/usr/$(get_libdir)"
-		$(meson_native_use_bool homed)
-		$(meson_native_use_bool http microhttpd)
-		$(meson_native_use_bool idn)
-		$(meson_native_use_bool importd)
-		$(meson_native_use_bool importd bzip2)
-		$(meson_native_use_bool importd zlib)
-		$(meson_native_use_bool kmod)
-		$(meson_use lz4)
-		$(meson_use lzma xz)
-		$(meson_use zstd)
-		$(meson_native_use_bool iptables libiptc)
-		$(meson_native_use_bool openssl)
-		$(meson_use pam)
-		$(meson_native_use_bool pkcs11 p11kit)
-		$(meson_native_use_bool pcre pcre2)
-		$(meson_native_use_bool policykit polkit)
-		$(meson_native_use_bool pwquality)
-		$(meson_native_use_bool qrcode qrencode)
-		$(meson_native_use_bool seccomp)
-		$(meson_native_use_bool selinux)
-		$(meson_native_use_bool tpm tpm2)
-		$(meson_native_use_bool test dbus)
-		$(meson_native_use_bool xkb xkbcommon)
-		-Dntp-servers="0.gentoo.pool.ntp.org 1.gentoo.pool.ntp.org 2.gentoo.pool.ntp.org 3.gentoo.pool.ntp.org"
-		# Breaks screen, tmux, etc.
-		-Ddefault-kill-user-processes=false
-		-Dcreate-log-dirs=false
-
-		# multilib options
-		$(meson_native_true backlight)
-		$(meson_native_true binfmt)
-		$(meson_native_true coredump)
-		$(meson_native_true environment-d)
-		$(meson_native_true firstboot)
-		$(meson_native_true hibernate)
-		$(meson_native_true hostnamed)
-		$(meson_native_true ldconfig)
-		$(meson_native_true localed)
-		$(meson_native_true man)
-		$(meson_native_true networkd)
-		$(meson_native_true quotacheck)
-		$(meson_native_true randomseed)
-		$(meson_native_true rfkill)
-		$(meson_native_true sysusers)
-		$(meson_native_true timedated)
-		$(meson_native_true timesyncd)
-		$(meson_native_true tmpfiles)
-		$(meson_native_true vconsole)
-	)
-
-	meson_src_configure "${myconf[@]}"
-}
-
-multilib_src_test() {
-	unset DBUS_SESSION_BUS_ADDRESS XDG_RUNTIME_DIR
-	meson_src_test
-}
-
-multilib_src_install_all() {
-	local rootprefix=$(usex split-usr '' /usr)
-	local sbin=$(usex split-usr sbin bin)
-
-	# meson doesn't know about docdir
-	mv "${ED}"/usr/share/doc/{systemd,${PF}} || die
-
-	einstalldocs
-	dodoc "${FILESDIR}"/nsswitch.conf
-
-	if ! use resolvconf; then
-		rm -f "${ED}${rootprefix}/${sbin}"/resolvconf || die
-	fi
-
-	rm "${ED}"/etc/init.d/README || die
-	rm "${ED}${rootprefix}"/lib/systemd/system-generators/systemd-sysv-generator || die
-
-	if ! use sysv-utils; then
-		rm "${ED}${rootprefix}/${sbin}"/{halt,init,poweroff,reboot,runlevel,shutdown,telinit} || die
-		rm "${ED}"/usr/share/man/man1/init.1 || die
-		rm "${ED}"/usr/share/man/man8/{halt,poweroff,reboot,runlevel,shutdown,telinit}.8 || die
-	fi
-
-	if ! use resolvconf && ! use sysv-utils && use split-usr; then
-		rmdir "${ED}${rootprefix}"/sbin || die
-	fi
-
-	# https://bugs.gentoo.org/761763
-	rm -r "${ED}"/usr/lib/sysusers.d || die
-
-	# Preserve empty dirs in /etc & /var, bug #437008
-	keepdir /etc/{binfmt.d,modules-load.d,tmpfiles.d}
-	keepdir /etc/kernel/install.d
-	keepdir /etc/systemd/{network,system,user}
-	keepdir /etc/udev/rules.d
-
-	keepdir /etc/udev/hwdb.d
-
-	keepdir "${rootprefix}"/lib/systemd/{system-sleep,system-shutdown}
-	keepdir /usr/lib/{binfmt.d,modules-load.d}
-	keepdir /usr/lib/systemd/user-generators
-	keepdir /var/lib/systemd
-	keepdir /var/log/journal
-
-	# Symlink /etc/sysctl.conf for easy migration.
-	dosym ../../../etc/sysctl.conf /usr/lib/sysctl.d/99-sysctl.conf
-
-	if use pam; then
-		newpamd "${FILESDIR}"/systemd-user.pam systemd-user
-	fi
-
-	if use split-usr; then
-		# Avoid breaking boot/reboot
-		dosym ../../../lib/systemd/systemd /usr/lib/systemd/systemd
-		dosym ../../../lib/systemd/systemd-shutdown /usr/lib/systemd/systemd-shutdown
-	fi
-
-	gen_usr_ldscript -a systemd udev
-}
-
-migrate_locale() {
-	local envd_locale_def="${EROOT}/etc/env.d/02locale"
-	local envd_locale=( "${EROOT}"/etc/env.d/??locale )
-	local locale_conf="${EROOT}/etc/locale.conf"
-
-	if [[ ! -L ${locale_conf} && ! -e ${locale_conf} ]]; then
-		# If locale.conf does not exist...
-		if [[ -e ${envd_locale} ]]; then
-			# ...either copy env.d/??locale if there's one
-			ebegin "Moving ${envd_locale} to ${locale_conf}"
-			mv "${envd_locale}" "${locale_conf}"
-			eend ${?} || FAIL=1
-		else
-			# ...or create a dummy default
-			ebegin "Creating ${locale_conf}"
-			cat > "${locale_conf}" <<-EOF
-				# This file has been created by the sys-apps/systemd ebuild.
-				# See locale.conf(5) and localectl(1).
-
-				# LANG=${LANG}
-			EOF
-			eend ${?} || FAIL=1
-		fi
-	fi
-
-	if [[ ! -L ${envd_locale} ]]; then
-		# now, if env.d/??locale is not a symlink (to locale.conf)...
-		if [[ -e ${envd_locale} ]]; then
-			# ...warn the user that he has duplicate locale settings
-			ewarn
-			ewarn "To ensure consistent behavior, you should replace ${envd_locale}"
-			ewarn "with a symlink to ${locale_conf}. Please migrate your settings"
-			ewarn "and create the symlink with the following command:"
-			ewarn "ln -s -n -f ../locale.conf ${envd_locale}"
-			ewarn
-		else
-			# ...or just create the symlink if there's nothing here
-			ebegin "Creating ${envd_locale_def} -> ../locale.conf symlink"
-			ln -n -s ../locale.conf "${envd_locale_def}"
-			eend ${?} || FAIL=1
-		fi
-	fi
-}
-
-pkg_preinst() {
-	if ! use split-usr; then
-		local dir
-		for dir in bin sbin lib usr/sbin; do
-			if [[ ! -L ${EROOT}/${dir} ]]; then
-				eerror "'${EROOT}/${dir}' is not a symbolic link."
-				FAIL=1
-			fi
-		done
-		if [[ ${FAIL} ]]; then
-			eerror "Migration to system layout with merged directories must be performed before"
-			eerror "installing ${CATEGORY}/${PN} with USE=\"-split-usr\" to avoid run-time breakage."
-			die "System layout with split directories still used"
-		fi
-	fi
-}
-
-pkg_postinst() {
-	systemd_update_catalog
-
-	# Keep this here in case the database format changes so it gets updated
-	# when required.
-	systemd-hwdb --root="${ROOT}" update
-
-	udev_reload || FAIL=1
-
-	# Bug 465468, make sure locales are respected, and ensure consistency
-	# between OpenRC & systemd
-	migrate_locale
-
-	if [[ -z ${REPLACING_VERSIONS} ]]; then
-		if type systemctl &>/dev/null; then
-			systemctl --root="${ROOT:-/}" enable getty@.service remote-fs.target || FAIL=1
-		fi
-		elog "To enable a useful set of services, run the following:"
-		elog "  systemctl preset-all --preset-mode=enable-only"
-	fi
-
-	if [[ -L ${EROOT}/var/lib/systemd/timesync ]]; then
-		rm "${EROOT}/var/lib/systemd/timesync"
-	fi
-
-	if [[ ${FAIL} ]]; then
-		eerror "One of the postinst commands failed. Please check the postinst output"
-		eerror "for errors. You may need to clean up your system and/or try installing"
-		eerror "systemd again."
-		eerror
-	fi
-}
-
-pkg_prerm() {
-	# If removing systemd completely, remove the catalog database.
-	if [[ ! ${REPLACED_BY_VERSION} ]]; then
-		rm -f -v "${EROOT}"/var/lib/systemd/catalog/database
-	fi
-}
diff --git a/sys-apps/systemd/systemd-251.9.ebuild b/sys-apps/systemd/systemd-252.4-r1.ebuild
index f529ba8b84df..6391f42dbf34 100644
--- a/sys-apps/systemd/systemd-251.9.ebuild
+++ b/sys-apps/systemd/systemd-252.4-r1.ebuild
@@ -1,9 +1,18 @@
-# Copyright 2011-2022 Gentoo Authors
+# Copyright 2011-2023 Gentoo Authors
 # Distributed under the terms of the GNU General Public License v2
 
 EAPI=7
 PYTHON_COMPAT=( python3_{8..11} )
 
+if [[ ${PV} != 252.* ]] ; then
+	# The F_S=3 issues should be fixed in 253.
+	# - https://github.com/systemd/systemd/issues/22801
+	# - https://github.com/systemd/systemd/pull/25967
+	# - https://github.com/systemd/systemd/commit/7929e180aa47a2692ad4f053afac2857d7198758
+	# - https://github.com/systemd/systemd/commit/4f79f545b3c46c358666c9f5f2b384fe50aac4b4
+	die "Please remove the FORTIFY_SOURCE hacks in src_configure."
+fi
+
 # Avoid QA warnings
 TMPFILES_OPTIONAL=1
 UDEV_OPTIONAL=1
@@ -231,7 +240,7 @@ src_unpack() {
 
 src_prepare() {
 	local PATCHES=(
-		"${FILESDIR}/251-gpt-auto-no-cryptsetup.patch"
+		"${FILESDIR}/252-tmpfiles-ub.patch"
 	)
 
 	if ! use vanilla; then
diff --git a/sys-apps/systemd/systemd-9999.ebuild b/sys-apps/systemd/systemd-9999.ebuild
index 6a423f8c5593..9e93b8d36e1b 100644
--- a/sys-apps/systemd/systemd-9999.ebuild
+++ b/sys-apps/systemd/systemd-9999.ebuild
@@ -1,4 +1,4 @@
-# Copyright 2011-2022 Gentoo Authors
+# Copyright 2011-2023 Gentoo Authors
 # Distributed under the terms of the GNU General Public License v2
 
 EAPI=7
@@ -26,7 +26,7 @@ else
 	KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~loong ~m68k ~mips ~ppc ~ppc64 ~riscv ~s390 ~sparc ~x86"
 fi
 
-inherit bash-completion-r1 flag-o-matic linux-info meson-multilib pam
+inherit bash-completion-r1 linux-info meson-multilib pam
 inherit python-any-r1 systemd toolchain-funcs udev usr-ldscript
 
 DESCRIPTION="System and service manager for Linux"
@@ -251,20 +251,6 @@ src_configure() {
 	# Prevent conflicts with i686 cross toolchain, bug 559726
 	tc-export AR CC NM OBJCOPY RANLIB
 
-	# Broken with FORTIFY_SOURCE=3: bug #841770.
-	#
-	# Our toolchain sets F_S=2 by default w/ >= -O2, so we need
-	# to unset F_S first, then explicitly set 2, to negate any default
-	# and anything set by the user if they're choosing 3 (or if they've
-	# modified GCC to set 3).
-	#
-	if is-flagq '-O[23]' || is-flagq '-Ofast' ; then
-		# We can't unconditionally do this b/c we fortify needs
-		# some level of optimisation.
-		filter-flags -D_FORTIFY_SOURCE=3
-		append-cppflags -U_FORTIFY_SOURCE -D_FORTIFY_SOURCE=2
-	fi
-
 	python_setup
 
 	multilib-minimal_src_configure
author	V3n3RiX <venerix@koprulu.sector>	2023-01-11 11:44:03 +0000
committer	V3n3RiX <venerix@koprulu.sector>	2023-01-11 11:44:03 +0000
commit	df26c7469c1f2af2e643d43e2e32a6c9142e4885 (patch)
tree	1beee9b11d06bfcc69d1d6c8ab00566f8633aec1 /sys-apps/systemd
parent	ad391b961414c99124b93cb86695c04bd8d57937 (diff)