diff options
| author |   Georgy Yakovlev <gyakovlev@gentoo.org> | 2021-11-01 16:33:10 -0700 |
|---|---|---|
| committer | Georgy Yakovlev <gyakovlev@gentoo.org> | 2021-11-06 22:26:12 -0700 |
| commit | c897165ab00b566f2a21db3bb1d8da0fee67bfc8 (patch) | |
| tree | 72309657c1eee8c4471b2de5c40cb71edf7eb555 | |
| parent | profiles/arch/powerpc/ppc64: unmask systemd[hostnamed-fallback] (diff) | |
| download | gentoo-c897165a.tar.gz gentoo-c897165a.tar.bz2 gentoo-c897165a.zip | |
sys-apps/systemd: add hostnamed-fallback mode
this will allow networkd/hostnamed to properly set hostname
on systems without polkit.
while it's possible to set hostname/fqdn manually already, with fallback workaround
it will be possible to get hostnames from DHCP via networkd too without
using polkit->spidermonkey->rust->llvm chain of deps.
ideas and configs taken from yocto/oe
https://git.yoctoproject.org/cgit/cgit.cgi/poky/commit/?id=3dc37c12c17d5bb6d4701a425a4f79f6e31784ee
https://github.com/systemd/systemd/issues/13501
Closes: https://github.com/gentoo/gentoo/pull/22792
Signed-off-by: Georgy Yakovlev <gyakovlev@gentoo.org>
| -rw-r--r-- | sys-apps/systemd/files/00-hostnamed-network-user.conf | 6 | ||||
| -rw-r--r-- | sys-apps/systemd/files/org.freedesktop.hostname1_no_polkit.conf | 11 | ||||
| -rw-r--r-- | sys-apps/systemd/metadata.xml | 1 | ||||
| -rw-r--r-- | sys-apps/systemd/systemd-9999.ebuild | 17 |
4 files changed, 34 insertions, 1 deletions
diff --git a/sys-apps/systemd/files/00-hostnamed-network-user.conf b/sys-apps/systemd/files/00-hostnamed-network-user.conf new file mode 100644 index 000000000000..6b224ba9b937 --- /dev/null +++ b/sys-apps/systemd/files/00-hostnamed-network-user.conf @@ -0,0 +1,6 @@ +[Service] +# By running with these options instead of root, networkd is allowed to request +# a hostname change via DBUS when policykit is not present +User=systemd-network +Group=systemd-hostname +AmbientCapabilities=CAP_SYS_ADMIN diff --git a/sys-apps/systemd/files/org.freedesktop.hostname1_no_polkit.conf b/sys-apps/systemd/files/org.freedesktop.hostname1_no_polkit.conf new file mode 100644 index 000000000000..f4d0271cdb6a --- /dev/null +++ b/sys-apps/systemd/files/org.freedesktop.hostname1_no_polkit.conf @@ -0,0 +1,11 @@ +<?xml version="1.0"?> <!--*-nxml-*--> +<!DOCTYPE busconfig PUBLIC "-//freedesktop//DTD D-BUS Bus Configuration 1.0//EN" + "http://www.freedesktop.org/standards/dbus/1.0/busconfig.dtd"> + +<busconfig> + <policy group="systemd-hostname"> + <allow own="org.freedesktop.hostname1"/> + <allow send_destination="org.freedesktop.hostname1"/> + <allow receive_sender="org.freedesktop.hostname1"/> + </policy> +</busconfig> diff --git a/sys-apps/systemd/metadata.xml b/sys-apps/systemd/metadata.xml index b35d6bfbd411..cd0754d004d6 100644 --- a/sys-apps/systemd/metadata.xml +++ b/sys-apps/systemd/metadata.xml @@ -20,6 +20,7 @@ <flag name="fido2">Enable FIDO2 support</flag> <flag name="gcrypt">Enable sealing of journal files using gcrypt</flag> <flag name="homed">Enable portable home directories</flag> + <flag name="hostnamed-fallback">Enable setting hostname with networkd/hostnamed without polkit (requires running <pkg>sys-apps/dbus-broker</pkg>)</flag> <flag name="http">Enable embedded HTTP server in journald</flag> <flag name="hwdb">Enable support for the hardware database</flag> <flag name="importd">Enable import daemon</flag> diff --git a/sys-apps/systemd/systemd-9999.ebuild b/sys-apps/systemd/systemd-9999.ebuild index 8348517478b6..485b6498181e 100644 --- a/sys-apps/systemd/systemd-9999.ebuild +++ b/sys-apps/systemd/systemd-9999.ebuild @@ -30,11 +30,12 @@ HOMEPAGE="https://www.freedesktop.org/wiki/Software/systemd" LICENSE="GPL-2 LGPL-2.1 MIT public-domain" SLOT="0/2" -IUSE="acl apparmor audit build cgroup-hybrid cryptsetup curl dns-over-tls elfutils fido2 +gcrypt gnuefi homed http +hwdb idn importd +kmod +lz4 lzma nat pam pcre pkcs11 policykit pwquality qrcode repart +resolvconf +seccomp selinux split-usr +sysv-utils test tpm vanilla xkb +zstd" +IUSE="acl apparmor audit build cgroup-hybrid cryptsetup curl dns-over-tls elfutils fido2 +gcrypt gnuefi homed hostnamed-fallback http +hwdb idn importd +kmod +lz4 lzma nat pam pcre pkcs11 policykit pwquality qrcode repart +resolvconf +seccomp selinux split-usr +sysv-utils test tpm vanilla xkb +zstd" REQUIRED_USE=" homed? ( cryptsetup pam ) importd? ( curl gcrypt lzma ) + policykit? ( !hostnamed-fallback ) pwquality? ( homed ) " RESTRICT="!test? ( test )" @@ -117,6 +118,10 @@ RDEPEND="${COMMON_DEPEND} >=acct-user/systemd-resolve-0-r1 >=acct-user/systemd-timesync-0-r1 >=sys-apps/baselayout-2.2 + hostnamed-fallback? ( + acct-group/systemd-hostname + sys-apps/dbus-broker + ) selinux? ( sec-policy/selinux-base-policy[systemd] ) sysv-utils? ( !sys-apps/openrc[sysv-utils(-)] @@ -400,6 +405,16 @@ multilib_src_install_all() { dosym ../../../lib/systemd/systemd-shutdown /usr/lib/systemd/systemd-shutdown fi + # workaround for https://github.com/systemd/systemd/issues/13501 + if use hostnamed-fallback; then + # this file requires dbus-broker + insinto /usr/share/dbus-1/system.d/ + doins "${FILESDIR}/org.freedesktop.hostname1_no_polkit.conf" + + insinto "${rootprefix}/lib/systemd/system/systemd-hostnamed.service.d/" + doins "${FILESDIR}/00-hostnamed-network-user.conf" + fi + gen_usr_ldscript -a systemd udev } |