bottlerocket-os · bcressey · Mar 17, 2021 · Mar 17, 2021
diff --git a/packages/systemd/9001-use-absolute-path-for-var-run-symlink.patch b/packages/systemd/9001-use-absolute-path-for-var-run-symlink.patch
@@ -1,7 +1,7 @@
-From 659b1d5916b16e0d0bde877a25a340c45278ef38 Mon Sep 17 00:00:00 2001
+From 14dc71e93ad0c704369de133446f8d67a8c37fad Mon Sep 17 00:00:00 2001
 From: Ben Cressey <bcressey@amazon.com>
 Date: Tue, 17 Sep 2019 01:35:51 +0000
-Subject: [PATCH 9001/9006] use absolute path for /var/run symlink
+Subject: [PATCH 9001/9007] use absolute path for /var/run symlink
 
 Otherwise the symlink may be broken if /var is a bind mount from
 somewhere else.
@@ -25,5 +25,5 @@ index 0e2c509..6716540 100644
  d /var/log 0755 - - -
  m4_ifdef(`ENABLE_UTMP',
 -- 
-2.26.2
+2.21.3
 
diff --git a/packages/systemd/9002-core-add-separate-timeout-for-system-shutdown.patch b/packages/systemd/9002-core-add-separate-timeout-for-system-shutdown.patch
@@ -1,7 +1,7 @@
-From 6319499bc376c8e0843573261f395071ff03db90 Mon Sep 17 00:00:00 2001
+From 386b8c116963192875ad4d97e38c8becb5408da7 Mon Sep 17 00:00:00 2001
 From: Ben Cressey <bcressey@amazon.com>
 Date: Tue, 10 Mar 2020 20:30:10 +0000
-Subject: [PATCH 9002/9006] core: add separate timeout for system shutdown
+Subject: [PATCH 9002/9007] core: add separate timeout for system shutdown
 
 There is an existing setting for this (DefaultTimeoutStopUSec), but
 changing it has no effect because `reset_arguments()` is called just
@@ -19,7 +19,7 @@ Signed-off-by: Ben Cressey <bcressey@amazon.com>
  2 files changed, 6 insertions(+), 1 deletion(-)
 
 diff --git a/src/basic/def.h b/src/basic/def.h
-index 970654a..9251bb9 100644
+index 2e60abb..8ba399a 100644
 --- a/src/basic/def.h
 +++ b/src/basic/def.h
 @@ -13,6 +13,9 @@
@@ -33,18 +33,18 @@ index 970654a..9251bb9 100644
  #define DEFAULT_UNIX_MAX_DGRAM_QLEN 512UL
 
 diff --git a/src/core/main.c b/src/core/main.c
-index 4a37697..619bad4 100644
+index a280b75..de946a0 100644
 --- a/src/core/main.c
 +++ b/src/core/main.c
-@@ -121,6 +121,7 @@ static ExecOutput arg_default_std_error;
+@@ -123,6 +123,7 @@ static ExecOutput arg_default_std_error;
  static usec_t arg_default_restart_usec;
  static usec_t arg_default_timeout_start_usec;
  static usec_t arg_default_timeout_stop_usec;
 +static usec_t arg_default_timeout_shutdown_usec;
  static usec_t arg_default_timeout_abort_usec;
  static bool arg_default_timeout_abort_set;
  static usec_t arg_default_start_limit_interval;
-@@ -1468,7 +1469,7 @@ static int become_shutdown(
+@@ -1467,7 +1468,7 @@ static int become_shutdown(
          env_block = strv_copy(environ);
 
          xsprintf(log_level, "%d", log_get_max_level());
@@ -53,7 +53,7 @@ index 4a37697..619bad4 100644
 
          switch (log_get_target()) {
 
-@@ -2282,6 +2283,7 @@ static void reset_arguments(void) {
+@@ -2307,6 +2308,7 @@ static void reset_arguments(void) {
          arg_default_restart_usec = DEFAULT_RESTART_USEC;
          arg_default_timeout_start_usec = DEFAULT_TIMEOUT_USEC;
          arg_default_timeout_stop_usec = DEFAULT_TIMEOUT_USEC;
@@ -62,5 +62,5 @@ index 4a37697..619bad4 100644
          arg_default_timeout_abort_set = false;
          arg_default_start_limit_interval = DEFAULT_START_LIMIT_INTERVAL;
 -- 
-2.26.2
+2.21.3
 
diff --git a/packages/systemd/9003-repart-always-use-random-UUIDs.patch b/packages/systemd/9003-repart-always-use-random-UUIDs.patch
@@ -1,7 +1,7 @@
-From d80f5878542dda9389fc5c491288a2e6b35a0c32 Mon Sep 17 00:00:00 2001
+From 4a649efbfabfffba80924646b5bbbe46be12549f Mon Sep 17 00:00:00 2001
 From: Ben Cressey <bcressey@amazon.com>
 Date: Thu, 16 Apr 2020 15:10:41 +0000
-Subject: [PATCH 9003/9006] repart: always use random UUIDs
+Subject: [PATCH 9003/9007] repart: always use random UUIDs
 
 We would like to avoid adding OpenSSL to the base OS, and for our use
 case we do not need the UUIDs assigned to disks or partitions to be
@@ -22,11 +22,11 @@ Signed-off-by: Ben Cressey <bcressey@amazon.com>
  2 files changed, 14 insertions(+), 92 deletions(-)
 
 diff --git a/meson.build b/meson.build
-index f406d595e6..c16b50c1e8 100644
+index 580964c..781b0a2 100644
 --- a/meson.build
 +++ b/meson.build
-@@ -1374,8 +1374,7 @@ substs.set('DEFAULT_LLMNR_MODE', default_llmnr)
-
+@@ -1375,8 +1375,7 @@ substs.set('DEFAULT_LLMNR_MODE', default_llmnr)
+ 
  want_repart = get_option('repart')
  if want_repart != 'false'
 -        have = (conf.get('HAVE_OPENSSL') == 1 and
@@ -36,33 +36,33 @@ index f406d595e6..c16b50c1e8 100644
                  error('repart support was requested, but dependencies are not available')
          endif
 diff --git a/src/partition/repart.c b/src/partition/repart.c
-index 6db413ed5e..f771c3317a 100644
+index 6db413e..f771c33 100644
 --- a/src/partition/repart.c
 +++ b/src/partition/repart.c
 @@ -13,9 +13,6 @@
  #include <sys/ioctl.h>
  #include <sys/stat.h>
-
+ 
 -#include <openssl/hmac.h>
 -#include <openssl/sha.h>
 -
  #include "sd-id128.h"
-
+ 
  #include "alloc-util.h"
 @@ -1347,28 +1344,18 @@ static int fdisk_set_disklabel_id_by_uuid(struct fdisk_context *c, sd_id128_t id
  }
-
+ 
  static int derive_uuid(sd_id128_t base, const char *token, sd_id128_t *ret) {
 -        union {
 -                unsigned char md[SHA256_DIGEST_LENGTH];
 -                sd_id128_t id;
 -        } result;
 +        sd_id128_t id;
 +        int r;
-
+ 
          assert(token);
          assert(ret);
-
+ 
 -        /* Derive a new UUID from the specified UUID in a stable and reasonably safe way. Specifically, we
 -         * calculate the HMAC-SHA256 of the specified token string, keyed by the supplied base (typically the
 -         * machine ID). We use the machine ID as key (and not as cleartext!) of the HMAC operation since it's
@@ -77,17 +77,17 @@ index 6db413ed5e..f771c3317a 100644
 +        r = sd_id128_randomize(&id);
 +        if (r < 0)
 +            return log_error_errno(r, "Failed to generate randomized UUID: %m");
-
+ 
 -        /* Take the first half, mark it as v4 UUID */
 -        assert_cc(sizeof(result.md) == sizeof(result.id) * 2);
 -        *ret = id128_make_v4_uuid(result.id);
 +        *ret = id;
          return 0;
  }
-
+ 
 @@ -2810,83 +2797,19 @@ static int context_mkfs(Context *context) {
  }
-
+ 
  static int partition_acquire_uuid(Context *context, Partition *p, sd_id128_t *ret) {
 -        struct {
 -                sd_id128_t type_uuid;
@@ -102,11 +102,11 @@ index 6db413ed5e..f771c3317a 100644
 -        Partition *q;
 +        sd_id128_t id;
          int r;
-
+ 
          assert(context);
          assert(p);
          assert(ret);
-
+ 
 -        /* Calculate a good UUID for the indicated partition. We want a certain degree of reproducibility,
 -         * hence we won't generate the UUIDs randomly. Instead we use a cryptographic hash (precisely:
 -         * HMAC-SHA256) to derive them from a single seed. The seed is generally the machine ID of the
@@ -169,12 +169,12 @@ index 6db413ed5e..f771c3317a 100644
 +        r = sd_id128_randomize(&id);
 +        if (r < 0)
 +                return log_error_errno(r, "Failed to generate randomized UUID: %m");
-
+ 
 -        *ret = result.id;
 +        *ret = id;
          return 0;
  }
-
---
-2.17.1
+ 
+-- 
+2.21.3
 
diff --git a/packages/systemd/9004-machine-id-setup-generate-stable-ID-under-Xen.patch b/packages/systemd/9004-machine-id-setup-generate-stable-ID-under-Xen.patch
@@ -1,7 +1,7 @@
-From a659db335da0bf8e27c851fe3f8ae30c7c0f5eaf Mon Sep 17 00:00:00 2001
+From f201fcb17276d84a22332cde915f8c3ffac63c51 Mon Sep 17 00:00:00 2001
 From: Ben Cressey <bcressey@amazon.com>
 Date: Tue, 7 Jul 2020 22:38:20 +0000
-Subject: [PATCH 9004/9006] machine-id-setup: generate stable ID under Xen
+Subject: [PATCH 9004/9007] machine-id-setup: generate stable ID under Xen
 
 Signed-off-by: Ben Cressey <bcressey@amazon.com>
 ---
@@ -10,10 +10,10 @@ Signed-off-by: Ben Cressey <bcressey@amazon.com>
  2 files changed, 12 insertions(+), 1 deletion(-)
 
 diff --git a/man/machine-id.xml b/man/machine-id.xml
-index bd55366..6a58b9d 100644
+index f61634f..06aa223 100644
 --- a/man/machine-id.xml
 +++ b/man/machine-id.xml
-@@ -100,7 +100,8 @@
+@@ -101,7 +101,8 @@
      to use the D-Bus machine ID from <filename>/var/lib/dbus/machine-id</filename>, the
      value of the kernel command line option <varname>container_uuid</varname>, the KVM DMI
      <filename>product_uuid</filename> or the devicetree <filename>vm,uuid</filename>
@@ -24,10 +24,10 @@ index bd55366..6a58b9d 100644
      <para>After the machine ID is established,
      <citerefentry><refentrytitle>systemd</refentrytitle><manvolnum>1</manvolnum></citerefentry>
 diff --git a/src/core/machine-id-setup.c b/src/core/machine-id-setup.c
-index f76b82a..d2024ee 100644
+index 6d15f9c..aa9609f 100644
 --- a/src/core/machine-id-setup.c
 +++ b/src/core/machine-id-setup.c
-@@ -73,6 +73,16 @@ static int generate_machine_id(const char *root, sd_id128_t *ret) {
+@@ -75,6 +75,16 @@ static int generate_machine_id(const char *root, sd_id128_t *ret) {
                                  log_info("Initializing machine ID from KVM UUID.");
                                  return 0;
                          }
@@ -45,5 +45,5 @@ index f76b82a..d2024ee 100644
          }
 
 -- 
-2.26.2
+2.21.3
 
diff --git a/packages/systemd/9005-core-mount-etc-with-specific-label.patch b/packages/systemd/9005-core-mount-etc-with-specific-label.patch
@@ -1,7 +1,7 @@
-From f7d3e4c5d991d910b6d73d357908dbf9fa6a631b Mon Sep 17 00:00:00 2001
+From 71d1fce8c9c3f1787add39625221bfe09140a572 Mon Sep 17 00:00:00 2001
 From: Ben Cressey <bcressey@amazon.com>
 Date: Thu, 9 Jul 2020 20:00:36 +0000
-Subject: [PATCH 9005/9006] core: mount /etc with specific label
+Subject: [PATCH 9005/9007] core: mount /etc with specific label
 
 The filesystem is mounted after we load the SELinux policy, so we can
 apply the label we need to restrict access.
@@ -12,10 +12,10 @@ Signed-off-by: Ben Cressey <bcressey@amazon.com>
  1 file changed, 2 insertions(+)
 
 diff --git a/src/core/mount-setup.c b/src/core/mount-setup.c
-index feb88f3..ce2ae73 100644
+index 915b101..38c1a29 100644
 --- a/src/core/mount-setup.c
 +++ b/src/core/mount-setup.c
-@@ -75,6 +75,8 @@ static const MountPoint mount_table[] = {
+@@ -76,6 +76,8 @@ static const MountPoint mount_table[] = {
          { "tmpfs",       "/dev/shm",                  "tmpfs",      "mode=1777,smackfsroot=*",                 MS_NOSUID|MS_NODEV|MS_STRICTATIME,
            mac_smack_use, MNT_FATAL                  },
  #endif
@@ -25,5 +25,5 @@ index feb88f3..ce2ae73 100644
            NULL,          MNT_FATAL|MNT_IN_CONTAINER },
          { "devpts",      "/dev/pts",                  "devpts",     "mode=620,gid=" STRINGIFY(TTY_GID),        MS_NOSUID|MS_NOEXEC,
 -- 
-2.26.2
+2.21.3
 
diff --git a/packages/systemd/9006-journal-disable-keyed-hashes-for-compatibility.patch b/packages/systemd/9006-journal-disable-keyed-hashes-for-compatibility.patch
@@ -1,7 +1,7 @@
-From 3d93e3d1e9bae766e6c436e9fbf4b156fcc44bca Mon Sep 17 00:00:00 2001
+From f504b52791a80b07c1d2d835614532ff6eb0060f Mon Sep 17 00:00:00 2001
 From: Ben Cressey <bcressey@amazon.com>
 Date: Thu, 12 Nov 2020 16:18:15 +0000
-Subject: [PATCH 9006/9006] journal: disable keyed hashes for compatibility
+Subject: [PATCH 9006/9007] journal: disable keyed hashes for compatibility
 
 Otherwise the journal is not readable by older versions of systemd.
 
@@ -14,10 +14,10 @@ Signed-off-by: Ben Cressey <bcressey@amazon.com>
  1 file changed, 2 insertions(+), 3 deletions(-)
 
 diff --git a/src/journal/journal-file.c b/src/journal/journal-file.c
-index cdcded2..abfa14c 100644
+index 6bee5da..791145e 100644
 --- a/src/journal/journal-file.c
 +++ b/src/journal/journal-file.c
-@@ -3390,13 +3390,12 @@ int journal_file_open(
+@@ -3463,13 +3463,12 @@ int journal_file_open(
  #endif
          };
 
@@ -34,5 +34,5 @@ index cdcded2..abfa14c 100644
                  f->keyed_hash = r;
 
 -- 
-2.26.2
+2.21.3
 
diff --git a/packages/systemd/9007-pkg-config-make-prefix-overridable-again.patch b/packages/systemd/9007-pkg-config-make-prefix-overridable-again.patch
diff --git a/...onfig-stop-hardcoding-prefix-to-usr.patch → ...onfig-stop-hardcoding-prefix-to-usr.patch b/...onfig-stop-hardcoding-prefix-to-usr.patch → ...onfig-stop-hardcoding-prefix-to-usr.patch
@@ -1,7 +1,7 @@
-From e59f3c3ac5a7939573e8562655e5ad9c933af9c7 Mon Sep 17 00:00:00 2001
+From 247d2b76343f839cf7c03d58f7e08b608ad6d402 Mon Sep 17 00:00:00 2001
 From: Erikson Tung <etung@amazon.com>
 Date: Wed, 27 Jan 2021 14:43:47 -0800
-Subject: [PATCH] pkg-config: stop hardcoding prefix to /usr
+Subject: [PATCH 9007/9007] pkg-config: stop hardcoding prefix to /usr
 
 While we ensure /usr points to the sys-root at runtime, for Bottlerocket's
 packaging we need to be careful to avoid dependencies on the host OS so
@@ -11,7 +11,7 @@ the prefix needs to be configurable.
  1 file changed, 1 insertion(+), 1 deletion(-)
 
 diff --git a/src/core/systemd.pc.in b/src/core/systemd.pc.in
-index b5cc8f94a5..ec4992b798 100644
+index b5cc8f9..ec4992b 100644
 --- a/src/core/systemd.pc.in
 +++ b/src/core/systemd.pc.in
 @@ -11,7 +11,7 @@
@@ -24,5 +24,5 @@ index b5cc8f94a5..ec4992b798 100644
  rootprefix=${root_prefix}
  sysconf_dir=@sysconfdir@
 -- 
-2.17.1
+2.21.3