source: general/sysutils/systemd.xml@ 93caa46

10.0 10.1 11.0 9.0 9.1 ken/refactor-virt lazarus qt5new trunk xry111/git-date xry111/git-date-for-trunk xry111/git-date-test
Last change on this file since 93caa46 was 93caa46, checked in by Douglas R. Reno <renodr@…>, 2 years ago

Typo fix in aspell
giflib: Fix the build by removing a duplicate instruction pertaining to static library removal,

which is now handled by the Makefile

fcron (systemd): Fix the systemd unit to silence warnings about the incorrect PID file being used.
systemd: Adapt to libseccomp-2.4.1, disable GnuTLS support and prefer OpenSSL due to API breakage,

and fix the systemd-networkd problem with Linux 5.2+ as well as with RDRAND on AMD CPUs.

KF5: external dependency URL fix.

git-svn-id: svn://svn.linuxfromscratch.org/BLFS/trunk/BOOK@21912 af4574ff-66df-0310-9fd7-8a98e5e911e0

  • Property mode set to 100644
File size: 11.1 KB
Line 
1<?xml version="1.0" encoding="ISO-8859-1"?>
2<!DOCTYPE sect1 PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN"
3 "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
4 <!ENTITY % general-entities SYSTEM "../../general.ent">
5 %general-entities;
6
7 <!-- <!ENTITY systemd-download-http "http://anduin.linuxfromscratch.org/LFS/systemd-&systemd-version;-&systemd-stable;.tar.xz"> For whenever we move to a stable snapshot for backports -->
8 <!ENTITY systemd-download-http "https://github.com/systemd/systemd/archive/v&systemd-version;/systemd-&systemd-version;.tar.gz">
9 <!ENTITY systemd-download-ftp " ">
10 <!ENTITY systemd-md5sum "c5953c24c850b44fcf714326e567dc37">
11 <!ENTITY systemd-size "7.3 MB">
12 <!ENTITY systemd-buildsize "242 MB (with tests)">
13 <!ENTITY systemd-time "2.7 SBU (with tests)">
14
15]>
16
17<sect1 id="systemd" xreflabel="Systemd-&systemd-version;" revision="systemd">
18 <?dbhtml filename="systemd.html"?>
19
20 <sect1info>
21 <othername>$LastChangedBy$</othername>
22 <date>$Date$</date>
23 </sect1info>
24
25 <title>Systemd-&systemd-version;</title>
26 <!-- Whenever we switch back to stable backports, make sure to add the systemd-stable reference back. -->
27
28 <indexterm zone="systemd">
29 <primary sortas="a-systemd">systemd</primary>
30 </indexterm>
31
32 <sect2 role="package">
33 <title>Introduction to systemd</title>
34
35 <para>
36 While <application>systemd</application> was installed when
37 building LFS, there are many features provided by the package that
38 were not included in the initial installation because
39 <application>Linux-PAM</application> was not yet installed.
40 The <application>systemd</application> package needs to be
41 rebuilt to provide a working <command>systemd-logind</command> service,
42 which provides many additional features for dependent packages.
43 </para>
44
45 &lfs84_checked;
46
47 <bridgehead renderas="sect3">Package Information</bridgehead>
48 <itemizedlist spacing="compact">
49 <listitem>
50 <para>Download (HTTP): <ulink url="&systemd-download-http;"/></para>
51 </listitem>
52 <listitem>
53 <para>Download (FTP): <ulink url="&systemd-download-ftp;"/></para>
54 </listitem>
55 <listitem>
56 <para>Download MD5 sum: &systemd-md5sum;</para>
57 </listitem>
58 <listitem>
59 <para>Download size: &systemd-size;</para>
60 </listitem>
61 <listitem>
62 <para>Estimated disk space required: &systemd-buildsize;</para>
63 </listitem>
64 <listitem>
65 <para>Estimated build time: &systemd-time;</para>
66 </listitem>
67 </itemizedlist>
68
69 <bridgehead renderas="sect3">Additional Downloads</bridgehead>
70 <itemizedlist spacing="compact">
71 <listitem>
72 <para>
73 Required patch:
74 <ulink url="&patch-root;/systemd-&systemd-version;-networkd_and_rdrand_fixes-1.patch"/>
75 </para>
76 </listitem>
77 </itemizedlist>
78
79 <bridgehead renderas="sect3">systemd Dependencies</bridgehead>
80
81 <bridgehead renderas="sect4">Required</bridgehead>
82 <para role="required">
83 <xref linkend="linux-pam"/>
84 </para>
85
86 <bridgehead renderas="sect4">Recommended Runtime Dependencies</bridgehead>
87 <para role="recommended">
88 <xref role="runtime" linkend="polkit"/>
89 </para>
90
91 <bridgehead renderas="sect4">Optional</bridgehead>
92 <para role="optional">
93 <xref linkend="curl"/>,
94 <xref linkend="cryptsetup"/>,
95 <xref linkend="git"/>,
96 <xref linkend="gnutls"/>,
97 <xref linkend="iptables"/>,
98 <xref linkend="libgcrypt"/>,
99 <xref linkend="libidn2"/>,
100 <xref linkend="libseccomp"/>,
101 <xref linkend="libxkbcommon"/>,
102 <xref linkend="make-ca"/>,
103 <xref linkend="qemu"/>,
104 <xref linkend="valgrind"/>,
105 <xref linkend="zsh"/> (for the zsh completions),
106 <ulink url="http://sourceforge.net/projects/gnu-efi/">gnu-efi</ulink>,
107 <ulink url="https://www.kernel.org/pub/linux/utils/kernel/kexec/">kexec-tools</ulink>,
108 <ulink url="https://www.gnu.org/software/libmicrohttpd/">libmicrohttpd</ulink>,
109 <ulink url="http://lz4.github.io/lz4/">lz4</ulink>,
110 <ulink url="http://fukuchi.org/works/qrencode/">qrencode</ulink>,
111 <ulink url="http://sourceforge.net/projects/linuxquota/">quota-tools</ulink> and
112 <ulink url="https://pypi.python.org/pypi/Sphinx">Sphinx</ulink>
113 </para>
114
115 <bridgehead renderas="sect4">Optional (to rebuild the manual pages)</bridgehead>
116 <para role="optional">
117 <xref linkend="DocBook"/>,
118 <xref linkend="docbook-xsl"/>,
119 <xref linkend="libxslt"/>, and
120 <xref linkend="lxml"/> (to build the index of systemd manual pages)
121 </para>
122
123 <para condition="html" role="usernotes">User Notes:
124 <ulink url="&blfs-wiki;/systemd"/>
125 </para>
126 </sect2>
127
128 <sect2 role="installation">
129 <title>Installation of systemd</title>
130
131 <para>Apply a patch to allow systemd-networkd to function under 5.2+
132 kernels, and to fix problems with RDRAND on Ryzen CPUs:</para>
133
134<screen><userinput remap="pre">patch -Np1 -i ../systemd-&systemd-version;-networkd_and_rdrand_fixes-1.patch</userinput></screen>
135
136 <para>Fix an incompatibility with the latest version of
137 <application>libseccomp</application>:</para>
138
139<screen><userinput remap="pre">sed -i '1506 s/&lt;/&gt;/' \
140 '1507 s/&lt;/&gt;/' \
141 '1508 s/&lt;/&gt;/' src/shared/seccomp-util.c</userinput></screen>
142
143 <para>Remove an unneeded group,
144 <systemitem class="groupname">render</systemitem>, from the default udev
145 rules:</para>
146
147<screen><userinput remap="pre">sed -i 's/GROUP="render", //' rules/50-udev-default.rules.in</userinput></screen>
148
149 <para>
150 Rebuild <application>systemd</application> by running the
151 following commands:
152 </para>
153
154<screen><userinput>mkdir build &amp;&amp;
155cd build &amp;&amp;
156
157CFLAGS+="-Wno-format-overflow" \
158meson --prefix=/usr \
159 --sysconfdir=/etc \
160 --localstatedir=/var \
161 -Dblkid=true \
162 -Dbuildtype=release \
163 -Ddefault-dnssec=no \
164 -Dfirstboot=false \
165 -Dinstall-tests=false \
166 -Dldconfig=false \
167 -Drootprefix= \
168 -Drootlibdir=/lib \
169 -Dsplit-usr=true \
170 -Dsysusers=false \
171 -Drpmmacrosdir=no \
172 -Db_lto=false \
173 -Dgnutls=false \
174 .. &amp;&amp;
175
176ninja</userinput></screen>
177
178<!-- GnuTLS support is disabled due to a bug with 3.6.9. systemd already
179 supports OpenSSL. -->
180
181 <note>
182 <para>
183 For the best test results, make sure you run the testsuite from
184 a system that is booted by the same
185 <application>systemd</application> version you are rebuilding.
186 </para>
187 </note>
188
189 <para>
190 To test the results, issue: <command>ninja test</command>. <!--One test,
191 <filename>test-fs-util</filename>, is known to fail.-->
192 <!-- https://github.com/systemd/systemd/pull/10263/commits -->
193 </para>
194
195 <warning>
196 <para>
197 Installing the package will overwrite all files installed by
198 <application>systemd</application> in LFS. It is critical that
199 nothing uses either <application>systemd</application> or
200 <application>Udev</application> libraries during the installation.
201 The best way to ensure that these libraries are not being used is to
202 run the installation in rescue mode. To switch to rescue mode,
203 run the following command as the
204 <systemitem class="username">root</systemitem> user (from a TTY):
205 </para>
206
207<screen role="root"><userinput>systemctl start rescue.target</userinput></screen>
208 </warning>
209
210 <para>
211 Now, as the <systemitem class="username">root</systemitem> user:
212 </para>
213
214<screen role="root"><userinput>ninja install</userinput></screen>
215<!--
216 <para>
217 If <application>RPM</application> is not installed, remove an
218 unnecessary directory by running the following command as the
219 <systemitem class="username">root</systemitem> user:
220 </para>
221
222<screen role="root"><userinput>rm -rfv /usr/lib/rpm</userinput></screen>
223-->
224 </sect2>
225
226 <sect2 role="configuration">
227 <title>Configuring systemd</title>
228
229 <para>
230 The <filename>/etc/pam.d/system-session</filename> file needs to
231 be modified and a new file needs to be created in order for
232 <command>systemd-logind</command> to work correctly. Run the following
233 commands as the <systemitem class="username">root</systemitem> user:
234 </para>
235
236<screen role="root"><userinput>cat &gt;&gt; /etc/pam.d/system-session &lt;&lt; "EOF"
237<literal># Begin Systemd addition
238
239session required pam_loginuid.so
240session optional pam_systemd.so
241
242# End Systemd addition</literal>
243EOF
244
245cat &gt; /etc/pam.d/systemd-user &lt;&lt; "EOF"
246<literal># Begin /etc/pam.d/systemd-user
247
248account required pam_access.so
249account include system-account
250
251session required pam_env.so
252session required pam_limits.so
253session required pam_unix.so
254session required pam_loginuid.so
255session optional pam_keyinit.so force revoke
256session optional pam_systemd.so
257
258auth required pam_deny.so
259password required pam_deny.so
260
261# End /etc/pam.d/systemd-user</literal>
262EOF</userinput></screen>
263
264 <para>
265 At this point, you should reload the systemd daemon, and reenter
266 multi-user mode with the following commands (as the
267 <systemitem class="username">root</systemitem> user):
268 </para>
269
270<screen role="root"><userinput>systemctl daemon-reload
271systemctl start multi-user.target</userinput></screen>
272
273 <warning><para>If upgrading from a previous version of systemd and an
274 initrd is used for system boot, you should generate a new initrd before
275 rebooting the system.</para></warning>
276
277 </sect2>
278
279 <sect2 role="content">
280 <title>Contents</title>
281
282 <para>
283 A list of the installed files, along with their short
284 descriptions can be found at
285 <ulink url="&lfs-root;/chapter06/systemd.html#contents-systemd"/>.
286 </para>
287
288 <para>
289 Listed below are the newly installed libraries and directories
290 along with short descriptions.
291 </para>
292
293 <segmentedlist>
294 <segtitle>Installed Programs</segtitle>
295 <segtitle>Installed Libraries</segtitle>
296 <segtitle>Installed Directories</segtitle>
297
298 <seglistitem>
299 <seg>
300 None
301 </seg>
302 <seg>
303 pam_systemd.so
304 (in <filename class="directory">/lib/security</filename>)
305 </seg>
306 <seg>
307 None
308 </seg>
309 </seglistitem>
310 </segmentedlist>
311
312 <variablelist>
313 <bridgehead renderas="sect3">Short Descriptions</bridgehead>
314 <?dbfo list-presentation="list"?>
315 <?dbhtml list-presentation="table"?>
316
317 <varlistentry id="pam_systemd">
318 <term><filename class="libraryfile">pam_systemd.so</filename></term>
319 <listitem>
320 <para>
321 is a PAM module used to register user sessions with the
322 <application>systemd</application> login manager,
323 <command>systemd-logind</command>.
324 </para>
325 <indexterm zone="systemd pam_systemd">
326 <primary sortas="c-pam_systemd">pam_systemd.so</primary>
327 </indexterm>
328 </listitem>
329 </varlistentry>
330
331 </variablelist>
332
333 </sect2>
334
335</sect1>
Note: See TracBrowser for help on using the repository browser.