IF YOU WOULD LIKE TO GET AN ACCOUNT, please write an
email to Administrator. User accounts are meant only to access repo
and report issues and/or generate pull requests.
This is a purpose-specific Git hosting for
BaseALT
projects. Thank you for your understanding!
Только зарегистрированные пользователи имеют доступ к сервису!
Для получения аккаунта, обратитесь к администратору.
We'd copy /etc/nsswitch.conf, /etc/pam.d/, and /etc/issue (*) on every
tmpfiles --create run. I think we should only do this at boot, so if
people install systemd.rpm in a larger transaction and want to create those
files at a later step, we don't interfere with that.
(Stuff like /etc/os-release and /etc/mtab is not really configurable,
we might as was create it uncondtionally.)
(Seemingly, the alternative approach might be to not call
systemd-tmpfiles --create in systemd.rpm %post. But this wouldn't have much
effect, because various packages call it anyway, and our
%tmpfiles_create_package macro does too. So we need to change the
configuration instead.)
(*) We don't provide /usr/share/factory/issue, so normally this fails, but
somebody else might provide that file, so it seems useful to keep the
C line.
If the symlink is not present, UTC is the default. There *is* a slight
advantage to it: humans might expect it to be present and look in /etc.
But it might interfere with post-install scripts and it doesn't serve
any technical purpose. Let's not create it. Fixes#13183.
This makes two major changes to the way systemd-random-seed operates:
1. We now optionally credit entropy if this is configured (via an env
var). Previously we never would do that, with this change we still don't
by default, but it's possible to enable this if people acknowledge that
they shouldn't replicate an image with a contained random seed to
multiple systems. Note that in this patch crediting entropy is a boolean
thing (unlike in previous attempts such as #1062), where only a relative
amount of bits was credited. The simpler scheme implemented here should
be OK though as the random seeds saved to disk are now written only with
data from the kernel's entropy pool retrieved after the pool is fully
initialized. Specifically:
2. This makes systemd-random-seed.service a synchronization point for
kernel entropy pool initialization. It was already used like this, for
example by systemd-cryptsetup-generator's /dev/urandom passphrase
handling, with this change it explicitly operates like that (at least
systems which provide getrandom(), where we can support this). This
means services that rely on an initialized random pool should now place
After=systemd-random-seed.service and everything should be fine. Note
that with this change sysinit.target (and thus early boot) is NOT
systematically delayed until the entropy pool is initialized, i.e.
regular services need to add explicit ordering deps on this service if
they require an initialized random pool.
Fixes: #4271
Replaces: #10621#4513
There's no reason why writing should work if reading and writing
doesn't. Let's simplify this hence. /dev/urandom is generally an r/w
device, and everything else would be a serious system misconfiguration.