Changes in general/sysutils/systemd.xml [e3b4ce18:e6940ab]

File:

• general/sysutils/systemd.xml (modified) (20 diffs)

general/sysutils/systemd.xml

@@ -5 +5 @@
   %general-entities;
 
-  <!--  <!ENTITY systemd-download-http "http://anduin.linuxfromscratch.org/LFS/systemd-&systemd-version;-&systemd-stable;.tar.xz"> For whenever we move to a stable snapshot for backports -->
+  <!--  <!ENTITY systemd-download-http "https://anduin.linuxfromscratch.org/LFS/systemd-&systemd-version;-&systemd-stable;.tar.xz"> For whenever we move to a stable snapshot for backports -->
   <!ENTITY systemd-download-http "https://github.com/systemd/systemd/archive/v&systemd-version;/systemd-&systemd-version;.tar.gz">
   <!ENTITY systemd-download-ftp  " ">
-  <!ENTITY systemd-md5sum        "8e8adf909c255914dfc10709bd372e69">
-  <!ENTITY systemd-size          "10 MB">
-  <!ENTITY systemd-buildsize     "287 MB (with tests)">
-  <!ENTITY systemd-time          "2.5 SBU (with tests)">
+  <!ENTITY systemd-md5sum        "b9456750a212dd54d81caeb3c38134b6">
+  <!ENTITY systemd-size          "11 MB">
+  <!ENTITY systemd-buildsize     "307 MB (with tests)">
+  <!ENTITY systemd-time          "2.8 SBU (with tests)">
 
 ]>
@@ -18 +18 @@
   <?dbhtml filename="systemd.html"?>
 
-  <sect1info>
-    <date>$Date$</date>
-  </sect1info>
 
   <title>Systemd-&systemd-version;</title>
@@ -42 +39 @@
     </para>
 
-    &lfs110a_checked;
+    &lfs112_checked;
 
     <bridgehead renderas="sect3">Package Information</bridgehead>
@@ -78 +75 @@
     </itemizedlist>
 
+<!--  Keep here in case a patch will be needed.-->
+
     <bridgehead renderas="sect3">Additional Downloads</bridgehead>
     <itemizedlist spacing="compact">
@@ -83 +82 @@
         <para>
          Required patch:
-         <ulink url="&patch-root;/systemd-&systemd-version;-upstream_fixes-1.patch"/>
+         <ulink url="&patch-root;/systemd-&systemd-version;-security_fix-1.patch"/>
         </para>
       </listitem>
@@ -92 +91 @@
     <bridgehead renderas="sect4">Required</bridgehead>
     <para role="required">
-      <xref linkend="Jinja2"/> and
       <xref linkend="linux-pam"/>
     </para>
 
-    <bridgehead renderas="sect4">Recommended Runtime Dependencies</bridgehead>
+    <bridgehead renderas="sect4">Recommended Runtime Dependency</bridgehead>
     <para role="recommended">
       <xref role="runtime" linkend="polkit"/>
@@ -124 +122 @@
       <ulink url="https://sourceforge.net/projects/gnu-efi/">gnu-efi</ulink>,
       <ulink url="https://www.kernel.org/pub/linux/utils/kernel/kexec/">kexec-tools</ulink>,
+      <ulink url="https://github.com/libbpf/libbpf">libbpf</ulink>,
       <ulink url="https://sourceware.org/elfutils/">libdw</ulink>,
       <ulink url="https://developers.yubico.com/libfido2/">libfido2</ulink>,
       <ulink url="https://www.gnu.org/software/libmicrohttpd/">libmicrohttpd</ulink>,
-      <ulink url="http://lz4.github.io/lz4/">lz4</ulink>,
+      <ulink url="https://lz4.github.io/lz4/">lz4</ulink>,
       <!--<ulink url="http://fukuchi.org/works/qrencode/">qrencode</ulink>,-->
       <ulink url="https://sourceforge.net/projects/linuxquota/">quota-tools</ulink>,
@@ -151 +150 @@
 
     <para>
-      Apply a patch to fix a security vulnerability:
-    </para>
-
-<screen><userinput remap="pre">patch -Np1 -i ../systemd-&systemd-version;-upstream_fixes-1.patch</userinput></screen>
+      First, fix a security issue in systemd-coredump:
+    </para>
+
+<screen><userinput>patch -Np1 -i ../systemd-&systemd-version;-security_fix-1.patch</userinput></screen>
 
     <para>
@@ -167 +166 @@
 
     <para>
-      Fix a problem with meson version 0.60 and higher:
-    </para>
-
-<screen><userinput remap="pre">sed -i 's/+ want_libfuzzer.*$/and want_libfuzzer/' meson.build</userinput></screen>
-
-    <para>
-      Fix a problem when building with kernel headers from linux-5.14 and later:
-    </para>
-
-<screen><userinput remap="pre">sed -i '/ARPHRD_CAN/a#define ARPHRD_MCTP        290' src/basic/linux/if_arp.h</userinput></screen>
-
-    <para>
       Rebuild <application>systemd</application> by running the
       following commands:
@@ -188 +175 @@
 meson --prefix=/usr                 \
       --buildtype=release           \
-      -Dblkid=true                  \
       -Ddefault-dnssec=no           \
       -Dfirstboot=false             \
@@ -196 +182 @@
       -Dsysusers=false              \
       -Drpmmacrosdir=no             \
-      -Db_lto=false                 \
       -Dhomed=false                 \
       -Duserdb=false                \
       -Dmode=release                \
+      -Dpam=true                    \
       -Dpamconfdir=/etc/pam.d       \
       -Ddocdir=/usr/share/doc/systemd-&systemd-version; \
@@ -209 +195 @@
     <note>
       <para>
-        For the best test results, make sure you run the testsuite from
+        For the best test results, make sure you run the test suite from
         a system that is booted by the same
         <application>systemd</application> version you are rebuilding.
@@ -221 +207 @@
     </para>
 
-<!--
-    <warning>
-      <para>
-        Installing the package will overwrite all files installed by
-        <application>systemd</application> in LFS. It is critical that
-        nothing uses either <application>systemd</application> or
-        <application>Udev</application> libraries during the installation.
-        The best way to ensure that these libraries are not being used is to
-        run the installation in rescue mode. To switch to rescue mode,
-        run the following command as the
-        <systemitem class="username">root</systemitem> user (from a TTY):
-      </para>
-
-<screen role="root"><userinput>systemctl isolate rescue.target</userinput></screen>
-    </warning>
-    Nobody has reported problems with this in years. Let's comment it. -->
-
    <para>
      Now, as the <systemitem class="username">root</systemitem> user:
@@ -243 +212 @@
 
 <screen role="root"><userinput>ninja install</userinput></screen>
-  <!-- No longer needed as of systemd-244.
-    <para>
-      Remove a configuration file that causes some problems with PID files:
-    </para>
-
-<screen role="root"><userinput>rm -fv /etc/sysctl.d/50-pid-max.conf</userinput></screen>
-  -->
+
   </sect2>
 
   <sect2 role="commands">
     <title>Command Explanations</title>
-
-<!-- Not needed with the patch
-    <para>
-      <parameter>-Dc_args=-Wno-format-overflow</parameter>: Prevents an error
-      when building with <application>GCC 10</application>. The default is
-      <option>-Werror=format-overflow</option>,
-      which generates false positives. This switch may be used with previous
-      versions of GCC too.
-    </para>
--->
 
     <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
@@ -284 +237 @@
       any use under a traditional BLFS configuration, especially using accounts
       created with useradd. To enable systemd-homed, first ensure that you have
-      <xref linkend="cryptsetup"/> and <xref linkend="libpwquality"/>, and then
-      change "false" to "true" in the above meson command.
+      <xref linkend="cryptsetup"/> and <xref linkend="libpwquality"/> installed,
+      and then change "false" to "true" in the above meson command.
     </para>
 
@@ -333 +286 @@
     </para>
 
-<screen role="root"><userinput>cat &gt;&gt; /etc/pam.d/system-session &lt;&lt; "EOF"
+<screen role="root"><userinput>grep 'pam_systemd' /etc/pam.d/system-session ||
+cat &gt;&gt; /etc/pam.d/system-session &lt;&lt; "EOF"
 <literal># Begin Systemd addition
 
@@ -360 +314 @@
 # End /etc/pam.d/systemd-user</literal>
 EOF</userinput></screen>
-
-<!--
-    <para>
-      At this point, you should reload the systemd daemon, and reenter
-      multi-user mode with the following commands (as the
-      <systemitem class="username">root</systemitem> user).  If a desktop
-      manager is installed and you wish to reenter the graphical mode,
-      replace <userinput>multi-user.target</userinput> with
-      <userinput>graphical.target</userinput>:
-    </para>
-
-<screen role="root"><userinput>systemctl daemon-reexec
-systemctl start multi-user.target</userinput></screen>-->
 
     <warning>
@@ -394 +335 @@
 
       <para>
-        Listed below are the newly installed libraries and directories
+        Listed below are the newly installed programs
         along with short descriptions.
       </para>
@@ -400 +341 @@
     <segmentedlist>
       <segtitle>Installed Programs</segtitle>
-      <segtitle>Installed Libraries</segtitle>
-      <segtitle>Installed Directories</segtitle>
 
       <seglistitem>
         <seg>
           <!-- maybe userdbd/userdbctl can go in LFS, try at next time -->
-          homectl (if <xref linkend="cryptsetup"/> is installed)
+          homectl (if <xref linkend="cryptsetup"/> is installed),
+          systemd-cryptenroll (if <xref linkend="cryptsetup"/> is installed),
           and userdbctl (optionally)
-        </seg>
-        <seg>
-          pam_systemd.so
-          (in <filename class="directory">/lib/security</filename>)
-        </seg>
-        <seg>
-          None
         </seg>
       </seglistitem>
@@ -439 +372 @@
       </varlistentry>
 
+      <varlistentry id="systemd-cryptenroll">
+        <term><command>systemd-cryptenroll</command></term>
+        <listitem>
+          <para>
+            Is used to enroll or remove a system from full disk encryption,
+            as well as set and query private keys and recovery keys
+          </para>
+          <indexterm zone="systemd systemd-cryptenroll">
+            <primary sortas="b-systemd-cryptenroll">systemd-cryptenroll</primary>
+          </indexterm>
+        </listitem>
+      </varlistentry>
+
       <varlistentry id="userdbctl">
         <term><command>userdbctl</command></term>