From 0db6c679ae4e8dadd94a77842b07709f1f966c63 Mon Sep 17 00:00:00 2001 From: Sean McGinnis Date: Mon, 31 Jul 2023 18:02:16 +0000 Subject: [PATCH] Include systemd-logind for inhibit functionality Settings were added for kubelet to be configured with pod shutdown grace policy settings. This feature allows kubelet to hold off a system shutdown until it has had a chance to terminate and migrate pod workloads cleanly. Unfortunately, it was missed when these settings were added that the mechanism kubelet uses internally for this is to use systemd-inhibit that is part of systemd-logind. Without the systemd-logind functionality included in Bottlerocket, the attempt to start processes with inhibit protection would fail and shutdown calls would be immediate. This adds systemd-logind to the systemd build process to enable this functionality, excluding things like PAM and its CLI since those are not needed for our inhibit requirements. Signed-off-by: Sean McGinnis --- packages/systemd/systemd-tmpfiles.conf | 2 ++ packages/systemd/systemd.spec | 12 +++++++++++- 2 files changed, 13 insertions(+), 1 deletion(-) diff --git a/packages/systemd/systemd-tmpfiles.conf b/packages/systemd/systemd-tmpfiles.conf index f8ea677f2e9..2781b74eef7 100644 --- a/packages/systemd/systemd-tmpfiles.conf +++ b/packages/systemd/systemd-tmpfiles.conf @@ -3,4 +3,6 @@ d /run/lock 0755 root root - L /var/lock - - - - /run/lock Z /var/lib/systemd 0755 root root - z /var/lib/systemd/random-seed 600 root root - +R /var/lib/systemd/linger +D /var/lib/systemd/linger 0700 root root - d /etc/sysctl.d 0700 root root - diff --git a/packages/systemd/systemd.spec b/packages/systemd/systemd.spec index 7a85ae213bb..793b20a50cc 100644 --- a/packages/systemd/systemd.spec +++ b/packages/systemd/systemd.spec @@ -137,7 +137,7 @@ CONFIGURE_OPTS=( -Dcoredump=false -Dpstore=true -Doomd=false - -Dlogind=false + -Dlogind=true -Dhostnamed=false -Dlocaled=false -Dmachined=false @@ -301,6 +301,7 @@ install -p -m 0644 %{S:4} %{buildroot}%{_cross_factorydir}%{_cross_sysconfdir}/i %{_cross_bindir}/systemd-detect-virt %{_cross_bindir}/systemd-escape %{_cross_bindir}/systemd-id128 +%{_cross_bindir}/systemd-inhibit %{_cross_bindir}/systemd-machine-id-setup %{_cross_bindir}/systemd-mount %{_cross_bindir}/systemd-notify @@ -315,6 +316,7 @@ install -p -m 0644 %{S:4} %{buildroot}%{_cross_factorydir}%{_cross_sysconfdir}/i %{_cross_bindir}/systemd-tty-ask-password-agent %{_cross_bindir}/systemd-umount %{_cross_bindir}/udevadm +%{_cross_bindir}/loginctl %{_cross_sbindir}/halt %{_cross_sbindir}/init @@ -338,11 +340,17 @@ install -p -m 0644 %{S:4} %{buildroot}%{_cross_factorydir}%{_cross_sysconfdir}/i %{_cross_libdir}/udev/* %exclude %{_cross_libdir}/tmpfiles.d/systemd-network.conf %exclude %{_cross_libdir}/sysusers.d/systemd-network.conf +%exclude %{_cross_libdir}/systemd/system/dbus-org.freedesktop.login1.service %exclude %{_cross_libdir}/systemd/systemd-networkd %exclude %{_cross_libdir}/systemd/systemd-networkd-wait-online +%exclude %{_cross_libdir}/systemd/systemd-user-runtime-dir %exclude %{_cross_libdir}/systemd/system/systemd-networkd.service %exclude %{_cross_libdir}/systemd/system/systemd-networkd-wait-online.service %exclude %{_cross_libdir}/systemd/system/systemd-networkd.socket +%exclude %{_cross_libdir}/pam.d/systemd-user +%exclude %{_cross_libdir}/udev/rules.d/70-uaccess.rules +%exclude %{_cross_libdir}/udev/rules.d/71-seat.rules +%exclude %{_cross_libdir}/udev/rules.d/73-seat-late.rules %{_cross_tmpfilesdir}/* %exclude %{_cross_tmpfilesdir}/x11.conf @@ -355,6 +363,7 @@ install -p -m 0644 %{S:4} %{buildroot}%{_cross_factorydir}%{_cross_sysconfdir}/i %{_cross_datadir}/dbus-1/* %exclude %{_cross_datadir}/polkit-1 %exclude %{_cross_datadir}/dbus-1/system-services/org.freedesktop.network1.service +%exclude %{_cross_datadir}/dbus-1/system-services/org.freedesktop.login1.service %exclude %{_cross_datadir}/dbus-1/system.d/org.freedesktop.network1.conf %dir %{_cross_factorydir} @@ -364,6 +373,7 @@ install -p -m 0644 %{S:4} %{buildroot}%{_cross_factorydir}%{_cross_sysconfdir}/i %exclude %{_cross_factorydir}%{_cross_sysconfdir}/pam.d %exclude %{_cross_factorydir}%{_cross_sysconfdir}/pam.d/other %exclude %{_cross_factorydir}%{_cross_sysconfdir}/pam.d/system-auth +%exclude %{_cross_factorydir}%{_cross_sysconfdir}/pam.d/systemd-user %exclude %{_cross_docdir}