systemd.install 2.2 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100
  1. #!/bin/bash
  2. sd_booted() {
  3. [[ -d run/systemd/system && ! -L run/systemd/system ]]
  4. }
  5. add_journal_acls() {
  6. # ignore errors, since the filesystem might not support ACLs
  7. setfacl -Rnm g:wheel:rx,d:g:wheel:rx,g:adm:rx,d:g:adm:rx var/log/journal/ 2>/dev/null
  8. :
  9. }
  10. post_common() {
  11. systemd-sysusers
  12. journalctl --update-catalog
  13. }
  14. _216_2_changes() {
  15. echo ':: Coredumps are handled by systemd by default. Collection behavior can be'
  16. echo ' tuned in /etc/systemd/coredump.conf.'
  17. }
  18. _219_2_changes() {
  19. if mkdir -m2755 var/log/journal/remote 2>/dev/null; then
  20. chgrp systemd-journal-remote var/log/journal/remote
  21. fi
  22. }
  23. _219_4_changes() {
  24. if ! systemctl is-enabled -q remote-fs.target; then
  25. systemctl enable -q remote-fs.target
  26. fi
  27. }
  28. _230_1_changes() {
  29. echo ':: systemd-bootchart is no longer included with systemd'
  30. }
  31. _232_8_changes() {
  32. # paper over possible effects of CVE-2016-10156
  33. local stamps=(/var/lib/systemd/timers/*.timer)
  34. if [[ -f ${stamps[0]} ]]; then
  35. chmod 0644 "${stamps[@]}"
  36. fi
  37. }
  38. _233_75_3_changes() {
  39. # upstream installs services to /etc, which we remove
  40. # to keep bus activation we re-enable systemd-resolved
  41. if systemctl is-enabled -q systemd-resolved.service; then
  42. systemctl reenable systemd-resolved.service 2>/dev/null
  43. fi
  44. }
  45. post_install() {
  46. systemd-machine-id-setup
  47. post_common "$@"
  48. add_journal_acls
  49. # enable some services by default, but don't track them
  50. systemctl enable getty@tty1.service remote-fs.target
  51. echo ":: Append 'init=/usr/lib/systemd/systemd' to your kernel command line in your"
  52. echo " bootloader to replace sysvinit with systemd, or install systemd-sysvcompat"
  53. # group 'systemd-journal-remote' is created by systemd-sysusers
  54. mkdir -m2755 var/log/journal/remote
  55. chgrp systemd-journal-remote var/log/journal/remote
  56. }
  57. post_upgrade() {
  58. post_common "$@"
  59. # don't reexec if the old version is 231-1 or 231-2.
  60. # https://github.com/systemd/systemd/commit/bd64d82c1c
  61. if [[ $1 != 231-[12] ]] && sd_booted; then
  62. systemctl --system daemon-reexec
  63. fi
  64. local v upgrades=(
  65. 216-2
  66. 219-2
  67. 219-4
  68. 230-1
  69. 232-8
  70. 233.75-3
  71. )
  72. for v in "${upgrades[@]}"; do
  73. if [[ $(vercmp "$v" "$2") -eq 1 ]]; then
  74. "_${v//[.-]/_}_changes"
  75. fi
  76. done
  77. }
  78. # vim:set ts=2 sw=2 et: