FS#55075 - [systemd] sysusers/tmpfiles hooks do not respect the local administrator configuration directory
Attached to Project:
Arch Linux
Opened by Eli Schwartz (eschwartz) - Tuesday, 08 August 2017, 22:09 GMT
Last edited by Christian Hesse (eworm) - Thursday, 10 August 2017, 19:32 GMT
Opened by Eli Schwartz (eschwartz) - Tuesday, 08 August 2017, 22:09 GMT
Last edited by Christian Hesse (eworm) - Thursday, 10 August 2017, 19:32 GMT
|
Details
The hooks systemd-tmpfiles.hook and systemd-sysusers.hook
use NeedsTargets to accept a list of /usr/lib filenames to
run the systemd-{sysusers,tmpfiles} commands. This causes
them to ignore overrides that the local administrator has
provided.
e.g. in my makechrootpkg build root, I symlinked etc/tmpfiles.d/systemd-nspawn.conf to /dev/null to prevent creating recursive btrfs subvolumes. This was later fixed by makechrootpkg learning to search for and delete those snapshots itself... but it's still a bit awkward to delete them by hand for whatever reason. Except, it didn't work, they kept being recreated whenever a package installed systemd, and I eventually figured out it was because the pacman hooks were ignoring my override altogether. I'm not sure what the original motivation was to call systemd-{sysusers,tmpfiles} with each filename, since by default they are supposed to do the right thing and update/reapply the entire configured system state as applicable. |
This task depends upon
Closed by Christian Hesse (eworm)
Thursday, 10 August 2017, 19:32 GMT
Reason for closing: Fixed
Additional comments about closing: systemd 234.11-7
Thursday, 10 August 2017, 19:32 GMT
Reason for closing: Fixed
Additional comments about closing: systemd 234.11-7
So we can...
... wait for pacman 5.1.0 (or backport commit 5678298f) and use shell parameter expansion
... run systemd-{sysusers,tmpfiles} once without parameter
... use something like the attached patch
Dave, any opinion on that?
[0] https://bugs.archlinux.org/task/51916
[1] https://git.archlinux.org/pacman.git/commit/?id=5678298f7dc8e0d4394e477a1a64d734e65a3ef0
https://git.archlinux.org/pacman.git/commit/?id=8a19c4a78251c5e34ecf508a65d943ca2dc833c7
There is no telling when pacman 5.1 will be released, and it doesn't appear to be on agregory's backports queue for a 5.0.3 release, so at the moment it probably makes sense to just use basename. Assuming you want to limit the effects of the hooks to only the files that pacman has just installed/upgraded, which sort of makes sense if it can be done properly. :D