Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

systemd: 247.2 -> 247.3 #111786

Merged
merged 4 commits into from
Feb 12, 2021
Merged

systemd: 247.2 -> 247.3 #111786

merged 4 commits into from
Feb 12, 2021

Conversation

flokli
Copy link
Contributor

@flokli flokli commented Feb 3, 2021

Motivation for this change

Sync with latest upstream stable release.

Fixes:

1cb171695a sd-device: make TAGS= property prefixed and suffixed with ":"
0e0a165d72 sd-device: keep escaped strings in DEVLINK= property
ca3b974a55 sd-device: use set_strjoin()
041fe7dfee set: introduce set_strjoin()
fc398137fc tools: make update-dbus-docs compatible with Python 3.6
539e67159c man: fix small issue in AllowedMemoryNodes description
eb6910c8ab man: make it clear how systemd calculate the DefaultTasksMax.
ab9f7e1a51 resolved: use reference counting for DnsQueryCandidate objects
91ba2eac4b resolved: minor cleanups
fd76ba69a1 tools: make update-dbus-docs compatible with Python 3.7
c6d30eb104 network: drop wrong flag for neighbor entry
b3465837dd sysusers: flush nscd's caches whenever /etc/{passwd,group} are modified
b7e0ac754e tree-wide: ignore messages with too long control data
a054fe9c89 systemctl: warn when importing environment variables with control characters
288b980fe5 Allow control characters in environment variable values
57bc92bf08 systemctl: print a warning when trying to import a nonexistent variable
64317106ae resolved: fix use-after-free with queries hitting the cache
c97c62ed3d man: clarify what network scopes are
490b9ae9dd rpm: expose $systemd_util_dir also as rpm macro
c77f5629d7 systemctl-edit: Add missing ret_dropin_paths argument in retry path
71630f1187 systemctl-edit: fix abort in find_paths_to_edit()
e12b4112a8 import: mangle untarred OS images after pull-tar, too
d60de7d137 dhcp6: refuse zero length vendor class
a455e20118 dhcp6: refuse zero length dhcp user class
ead71a1a95 network: refuse zero length dhcp user class
5dbb9342a1 dhcp: length of each user class field must be positive
dc9ab43854 journal: send journald logs to kmsg again
f3997dd056 timedate: actually reset system time with new timezone
fc4eae72f8 wifi-util: do not ignore wifi iftype when SSID is not set
3885103672 wifi-util: cleanup header inclusion
b81e441b61 docs: `mesonconf` is not a valid command, `meson configure` is
95ee2c6b48 bpf: do not use structured initialization for bpf_attr
3dcf950663 test-xattr-util: don't insist that /usr supports xattrs
94bb28590b bpf: zero bpf_attr before initialization
6db2ae6618 shell-completion: fix systemctl set/unset/import-environment
d0a124c0af man: improve description of environment block creation
a2f0da2de0 stat-util: don't try to open path on path_is_temporary_fs()
7c63e5ed58 systemctl: have is-enabled return success for aliases when calling into pid1 too
d0b76f0738 man: fix path reference to unit file
1f39070e40 docs: fix the link to boot loader specification
b7db0461a6 network: fix possible memory leak
310fd03e07 resolve: field size in dns resource record may be zero
9401ed294d siphash: introduce siphash24_compress_safe()
5cb414f8c5 fuzzers: set maximum length for several fuzzers
efa8f49344 shared/dns: fix dlopen_idn return code check
4032a13588 man/systemd-nspawn: document hashing machine name for uid base
5dd2b56443 udev: fix memleak
cefb123e8a journal-importer: ignore invalid field at one more place
a580023f1d man/localtime: document default timezone
14475e0e79 man/systemd.netdev: clarify the wireguard AllowedIPs= setting
2a76d510d9 logs-show: refuse data which contain invalid fields
2c53886b4f journal: refuse data which contain invalid fields
b7f69284f1 journal: move journal_field_valid() to journal_file.c
b7171ae4bd test: use modern qemu numa arguments
36bc4a18fd bus-util: improve logging when we can't connect to the bus
a1b1ef65a4 sd-bus: make credential acquisition more graceful
a62421591e sd-bus: 'ret' parameter to sd_bus_query_sender_creds() is not optional, check for it
242fc1d261 network: fix IPv6PrivacyExtensions=kernel handling
2ba904a2e5 network: fix typo
a22eef68c0 dissect: fix root hash signature autodiscovery
6fa5ec5a41 cryptsetup: add support for workqueue options
4275f1c95e test-login: skip consistency checks when logind is not active

Also, nixpkgs-fmt the changes introduced in 494ed4d.

Things done
  • Tested using sandboxing (nix.useSandbox on NixOS, or option sandbox in nix.conf on non-NixOS linux)
  • Built on platform(s)
    • NixOS
    • macOS
    • other Linux distributions
  • Tested via one or more NixOS test(s) if existing and applicable for the change (look inside nixos/tests)
  • Tested compilation of all pkgs that depend on this change using nix-shell -p nixpkgs-review --run "nixpkgs-review wip"
  • Tested execution of all binary files (usually in ./result/bin/)
  • Determined the impact on package closure size (by running nix path-info -S before and after)
  • Ensured that relevant documentation is up to date
  • Fits CONTRIBUTING.md.

@flokli
systemd: 247.2 -> 247.3
49cb525
@flokli
systemd: nixpkgs-fmt
f61a3bf 
This was recently introduced, and apparently not nixpkgs-fmt'ed.

While there's no global consensus on nixpkgs-fmt'ing everything,
indenting this by 2 more spaces won't hurt.
@flokli flokli added this to To Do in systemd via automation Feb 3, 2021
@flokli flokli moved this from To Do to In Progress in systemd Feb 3, 2021
@ofborg ofborg bot requested review from edolstra and kloenk February 3, 2021 18:09
andir
andir reviewed Feb 3, 2021
View reviewed changes
Copy link
Member

@andir andir left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Maybe add a comment to the top of the file that we expect this to be (re)formatted with nixpkgs-fmt otherwise we will end up with more of these reformatting commits.

@flokli
Copy link
Contributor Author

flokli commented Feb 3, 2021

I added a comment to the top.

@ofborg ofborg bot requested a review from andir February 3, 2021 19:36
@symphorien
Copy link
Member

If I read correctly the changelog:

242fc1d261 network: fix IPv6PrivacyExtensions=kernel handling

it is now possible to revert the temporary solution of #106858

@flokli
Revert "nixos/network-interfaces-systemd: fix IPv6 privacy extensions"
24bebfa 
This reverts commit d349582.

The workaround initially applied isn't necessary anymore, as 247.3
contains the following commit:

> 242fc1d261 network: fix IPv6PrivacyExtensions=kernel handling

… which fixes systemd/systemd#18003.
@flokli
Copy link
Contributor Author

flokli commented Feb 3, 2021

Good catch! I reverted the workaround and successfully ran nixosTests.networking.networkd.privacy.

@flokli
Copy link
Contributor Author

flokli commented Feb 4, 2021

With #110799 being merged, I pushed some cleanup fixes to remove the now-unused /etc/systemd-mutable/system paths and further simplify the amount of patching.

@flokli flokli mentioned this pull request Feb 8, 2021
Closed
@flokli
Copy link
Contributor Author

flokli commented Feb 10, 2021

Aside from the fact that the systemd-mutable/ directory is considered a requirement (or an obstacle if you will) for Dysnomia (that by itself is not something you should consider an impediment for applying this change), it is also used by the Nix process management framework to make deployments of generated systemd units possible, both on NixOS and conventional Linux distributions that have systemd and Nix installed.

I don't think other distributions read from /etc/systemd-mutable/system either, but Dysnomia writes to /etc/systemd/system there. If you want to keep using /etc/systemd-mutable/system, you can still override systemd via systemd.package, to also read from that path, without having to recompile the world - but I don't think it belongs into the "vanilla systemd" we link so many packages with.

If you remove this feature, then there is no longer a mutable directory in which you can store arbitrary systemd units. Managing systemd units can only be done by installing packages in the global Nix profile or the system profile (that themselves are immutable), basically introducing an all or nothing approach when it comes to working with systemd (meaning you always have to use Nix, or you can't change systemd's state).
Although for most the most common NixOS' use cases this is typically fine. I also consider it a useful feature to still have the ability experiment with systemd and deploy experimental systemd units during development, without requiring me to continuously update and redeploy my system configuration. (For example: for certain development projects, I tend to use this directory to regularly check whether my systemd unit is still doing the right thing).

There still is a very mutable location, /run/systemd/system/*, which works for quick testing during development. Some part in dysnomia could also copy things over from some persistent, but mutable location to that place, to avoid having to use a custom systemd package on "dysnomia/nix-processmgmt" systems.

@erikarvstedt
Copy link
Member

My extra-container utility also requires /etc/systemd-mutable for persistent or auto-starting containers. /run/systemd can't be used in this case.
A NixOS option like systemd.mutable might be a compromise. Let me know if I can help with the implementation.

@andir
Copy link
Member

andir commented Feb 12, 2021 via email

@flokli
Copy link
Contributor Author

flokli commented Feb 12, 2021

Let's move the systemd-mutable discussion to another place. I'll drop the relevant commits from this PR, and will open a new one for that (and link from here).

@flokli flokli merged commit 53a0c28 into NixOS:staging Feb 12, 2021
systemd automation moved this from In Progress to Done Feb 12, 2021
@flokli flokli deleted the systemd-247.3 branch February 12, 2021 11:52
@erikarvstedt
Copy link
Member

Why can't it be used?

Because the container service definitions need to persist between reboots.
/run/systemd would be fine for ephemeral containers.

@flokli flokli mentioned this pull request Feb 12, 2021
Merged
@flokli
Copy link
Contributor Author

flokli commented Feb 12, 2021

PR is open at #112891, and also proposes a solution for persistency across reboots. Let's do the discussion over there.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@arianvp arianvp Awaiting requested review from arianvp

@picnoir picnoir Awaiting requested review from picnoir

@edolstra edolstra Awaiting requested review from edolstra

@kloenk kloenk Awaiting requested review from kloenk

@andir andir Awaiting requested review from andir

Assignees
No one assigned
Labels
6.topic: nixos 6.topic: systemd 8.has: module (update) 10.rebuild-darwin: 101-500 10.rebuild-linux: 501+ 10.rebuild-linux: 5001+ 11.by: package-maintainer
Projects
systemd
Status: Done
systemd
  
Done
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
4 participants
@flokli @symphorien @erikarvstedt @andir