From 2916a1c247c905c1ccff3ab515fa24b2235309d0 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jan=20=C4=8Cerm=C3=A1k?= Date: Thu, 12 Sep 2024 12:47:22 +0200 Subject: [PATCH] Relocate HAOS Systemd drop-ins to /usr/lib/systemd (#3582) * Relocate HAOS Systemd drop-ins to /usr/lib/systemd With some exceptions, Systemd drop-ins overriding default unit configuration have been placed to `/etc/systemd/system`. This is meant for user overrides of those, or per `man 5 systemd.unit` for "system unites created by the administrator". Relocate all of these to `/usr/lib/systemd` which should be used as path for units "installed by the distribution package manager" which is closer to what we're trying to achieve. This will make it easier to detect changes to unit files once we enable the possibility to edit the content of /etc. * Patch systemd-timesyncd.service instead of replacing it fully --- ...d-delay-start-after-network-online.t.patch | 41 +++++++++++++ .../systemd/system/systemd-timesyncd.service | 60 ------------------- .../NetworkManager.service.d/hassos.conf | 0 .../system/dbus-broker.service.d/haos.conf | 0 .../systemd/system/dbus.service.d/haos.conf | 0 .../systemd/system/dbus.socket.d/haos.conf | 0 .../system/docker.service.d/failure.conf | 0 .../system/docker.service.d/hassos.conf | 0 .../system/docker.service.d/resource.conf | 0 .../system/dropbear.service.d/hassos.conf | 0 .../system/rpcbind.service.d/haos.conf | 0 .../10-reduce-verbosity.conf | 0 .../serial-getty@.service.d/hassos.conf | 0 .../hassos.conf | 0 .../network-online.conf | 0 .../timeout.conf | 0 .../systemd-timesyncd.service.d/hassos.conf | 1 - .../systemd-timesyncd.service.d/ro.conf | 0 .../lib}/systemd/system/tmp.mount.d/zram.conf | 0 .../system/udisks2.service.d/haos.conf | 0 .../systemd/system/udisks2.socket.d/haos.conf | 0 21 files changed, 41 insertions(+), 61 deletions(-) create mode 100644 buildroot-external/patches/systemd/0003-systemd-timesyncd-delay-start-after-network-online.t.patch delete mode 100644 buildroot-external/rootfs-overlay/etc/systemd/system/systemd-timesyncd.service rename buildroot-external/rootfs-overlay/{etc => usr/lib}/systemd/system/NetworkManager.service.d/hassos.conf (100%) rename buildroot-external/rootfs-overlay/{etc => usr/lib}/systemd/system/dbus-broker.service.d/haos.conf (100%) rename buildroot-external/rootfs-overlay/{etc => usr/lib}/systemd/system/dbus.service.d/haos.conf (100%) rename buildroot-external/rootfs-overlay/{etc => usr/lib}/systemd/system/dbus.socket.d/haos.conf (100%) rename buildroot-external/rootfs-overlay/{etc => usr/lib}/systemd/system/docker.service.d/failure.conf (100%) rename buildroot-external/rootfs-overlay/{etc => usr/lib}/systemd/system/docker.service.d/hassos.conf (100%) rename buildroot-external/rootfs-overlay/{etc => usr/lib}/systemd/system/docker.service.d/resource.conf (100%) rename buildroot-external/rootfs-overlay/{etc => usr/lib}/systemd/system/dropbear.service.d/hassos.conf (100%) rename buildroot-external/rootfs-overlay/{etc => usr/lib}/systemd/system/rpcbind.service.d/haos.conf (100%) rename buildroot-external/rootfs-overlay/{etc => usr/lib}/systemd/system/run-docker-.mount.d/10-reduce-verbosity.conf (100%) rename buildroot-external/rootfs-overlay/{etc => usr/lib}/systemd/system/serial-getty@.service.d/hassos.conf (100%) rename buildroot-external/rootfs-overlay/{etc => usr/lib}/systemd/system/systemd-modules-load.service.d/hassos.conf (100%) rename buildroot-external/rootfs-overlay/{etc => usr/lib}/systemd/system/systemd-time-wait-sync.service.d/network-online.conf (100%) rename buildroot-external/rootfs-overlay/{etc => usr/lib}/systemd/system/systemd-time-wait-sync.service.d/timeout.conf (100%) rename buildroot-external/rootfs-overlay/{etc => usr/lib}/systemd/system/systemd-timesyncd.service.d/hassos.conf (60%) rename buildroot-external/rootfs-overlay/{etc => usr/lib}/systemd/system/systemd-timesyncd.service.d/ro.conf (100%) rename buildroot-external/rootfs-overlay/{etc => usr/lib}/systemd/system/tmp.mount.d/zram.conf (100%) rename buildroot-external/rootfs-overlay/{etc => usr/lib}/systemd/system/udisks2.service.d/haos.conf (100%) rename buildroot-external/rootfs-overlay/{etc => usr/lib}/systemd/system/udisks2.socket.d/haos.conf (100%) diff --git a/buildroot-external/patches/systemd/0003-systemd-timesyncd-delay-start-after-network-online.t.patch b/buildroot-external/patches/systemd/0003-systemd-timesyncd-delay-start-after-network-online.t.patch new file mode 100644 index 00000000000..7f9562b05ee --- /dev/null +++ b/buildroot-external/patches/systemd/0003-systemd-timesyncd-delay-start-after-network-online.t.patch @@ -0,0 +1,41 @@ +From 13cf1bb9c5fa91762184c3b0dddea1328c2746bc Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Jan=20=C4=8Cerm=C3=A1k?= +Date: Wed, 11 Sep 2024 17:25:00 +0200 +Subject: [PATCH] systemd-timesyncd: delay start after network-online.target + +As explained in [1], it's desired for the systemd-timesyncd to run after +the network is deemed online, otherwise the connectivity (at least on +HAOS with NetworkManager) is not operational when the NTP sync is +attempted and it fails, delaying the boot and leading to other problems. +Because it's not possible to remove dependencies of existing units using +drop-ins, patch the service template file for systemd-timesyncd unit +instead, avoiding the need for complete unit file override as in [2]. + +[1] https://github.com/home-assistant/operating-system/pull/2068 +[2] https://github.com/home-assistant/operating-system/pull/2082 +--- + units/systemd-timesyncd.service.in | 6 +++--- + 1 file changed, 3 insertions(+), 3 deletions(-) + +diff --git a/units/systemd-timesyncd.service.in b/units/systemd-timesyncd.service.in +index c606461..5870744 100644 +--- a/units/systemd-timesyncd.service.in ++++ b/units/systemd-timesyncd.service.in +@@ -13,8 +13,8 @@ Documentation=man:systemd-timesyncd.service(8) + ConditionCapability=CAP_SYS_TIME + ConditionVirtualization=!container + DefaultDependencies=no +-After=systemd-sysusers.service +-Before=time-set.target sysinit.target shutdown.target ++After=systemd-sysusers.service network-online.target ++Before=time-set.target shutdown.target + Conflicts=shutdown.target + Wants=time-set.target + +@@ -56,5 +56,5 @@ User=systemd-timesync + {{SERVICE_WATCHDOG}} + + [Install] +-WantedBy=sysinit.target ++WantedBy=time-sync.target + Alias=dbus-org.freedesktop.timesync1.service diff --git a/buildroot-external/rootfs-overlay/etc/systemd/system/systemd-timesyncd.service b/buildroot-external/rootfs-overlay/etc/systemd/system/systemd-timesyncd.service deleted file mode 100644 index 6d29bf831dd..00000000000 --- a/buildroot-external/rootfs-overlay/etc/systemd/system/systemd-timesyncd.service +++ /dev/null @@ -1,60 +0,0 @@ -# SPDX-License-Identifier: LGPL-2.1-or-later -# -# This file is part of systemd. -# -# systemd is free software; you can redistribute it and/or modify it -# under the terms of the GNU Lesser General Public License as published by -# the Free Software Foundation; either version 2.1 of the License, or -# (at your option) any later version. - -[Unit] -Description=Network Time Synchronization -Documentation=man:systemd-timesyncd.service(8) -ConditionCapability=CAP_SYS_TIME -ConditionVirtualization=!container -DefaultDependencies=no -After=systemd-sysusers.service -Before=time-set.target shutdown.target -Conflicts=shutdown.target -Wants=time-set.target - -[Service] -AmbientCapabilities=CAP_SYS_TIME -BusName=org.freedesktop.timesync1 -CapabilityBoundingSet=CAP_SYS_TIME -# Turn off DNSSEC validation for hostname look-ups, since those need the -# correct time to work, but we likely won't acquire that without NTP. Let's -# break this chicken-and-egg cycle here. -Environment=SYSTEMD_NSS_RESOLVE_VALIDATE=0 -ExecStart=!!/usr/lib/systemd/systemd-timesyncd -LockPersonality=yes -MemoryDenyWriteExecute=yes -NoNewPrivileges=yes -PrivateDevices=yes -PrivateTmp=yes -ProtectProc=invisible -ProtectControlGroups=yes -ProtectHome=yes -ProtectHostname=yes -ProtectKernelLogs=yes -ProtectKernelModules=yes -ProtectKernelTunables=yes -ProtectSystem=strict -Restart=always -RestartSec=0 -RestrictAddressFamilies=AF_UNIX AF_INET AF_INET6 -RestrictNamespaces=yes -RestrictRealtime=yes -RestrictSUIDSGID=yes -RuntimeDirectory=systemd/timesync -StateDirectory=systemd/timesync -SystemCallArchitectures=native -SystemCallErrorNumber=EPERM -SystemCallFilter=@system-service @clock -Type=notify -User=systemd-timesync -WatchdogSec=3min - -[Install] -WantedBy=time-sync.target -Alias=dbus-org.freedesktop.timesync1.service diff --git a/buildroot-external/rootfs-overlay/etc/systemd/system/NetworkManager.service.d/hassos.conf b/buildroot-external/rootfs-overlay/usr/lib/systemd/system/NetworkManager.service.d/hassos.conf similarity index 100% rename from buildroot-external/rootfs-overlay/etc/systemd/system/NetworkManager.service.d/hassos.conf rename to buildroot-external/rootfs-overlay/usr/lib/systemd/system/NetworkManager.service.d/hassos.conf diff --git a/buildroot-external/rootfs-overlay/etc/systemd/system/dbus-broker.service.d/haos.conf b/buildroot-external/rootfs-overlay/usr/lib/systemd/system/dbus-broker.service.d/haos.conf similarity index 100% rename from buildroot-external/rootfs-overlay/etc/systemd/system/dbus-broker.service.d/haos.conf rename to buildroot-external/rootfs-overlay/usr/lib/systemd/system/dbus-broker.service.d/haos.conf diff --git a/buildroot-external/rootfs-overlay/etc/systemd/system/dbus.service.d/haos.conf b/buildroot-external/rootfs-overlay/usr/lib/systemd/system/dbus.service.d/haos.conf similarity index 100% rename from buildroot-external/rootfs-overlay/etc/systemd/system/dbus.service.d/haos.conf rename to buildroot-external/rootfs-overlay/usr/lib/systemd/system/dbus.service.d/haos.conf diff --git a/buildroot-external/rootfs-overlay/etc/systemd/system/dbus.socket.d/haos.conf b/buildroot-external/rootfs-overlay/usr/lib/systemd/system/dbus.socket.d/haos.conf similarity index 100% rename from buildroot-external/rootfs-overlay/etc/systemd/system/dbus.socket.d/haos.conf rename to buildroot-external/rootfs-overlay/usr/lib/systemd/system/dbus.socket.d/haos.conf diff --git a/buildroot-external/rootfs-overlay/etc/systemd/system/docker.service.d/failure.conf b/buildroot-external/rootfs-overlay/usr/lib/systemd/system/docker.service.d/failure.conf similarity index 100% rename from buildroot-external/rootfs-overlay/etc/systemd/system/docker.service.d/failure.conf rename to buildroot-external/rootfs-overlay/usr/lib/systemd/system/docker.service.d/failure.conf diff --git a/buildroot-external/rootfs-overlay/etc/systemd/system/docker.service.d/hassos.conf b/buildroot-external/rootfs-overlay/usr/lib/systemd/system/docker.service.d/hassos.conf similarity index 100% rename from buildroot-external/rootfs-overlay/etc/systemd/system/docker.service.d/hassos.conf rename to buildroot-external/rootfs-overlay/usr/lib/systemd/system/docker.service.d/hassos.conf diff --git a/buildroot-external/rootfs-overlay/etc/systemd/system/docker.service.d/resource.conf b/buildroot-external/rootfs-overlay/usr/lib/systemd/system/docker.service.d/resource.conf similarity index 100% rename from buildroot-external/rootfs-overlay/etc/systemd/system/docker.service.d/resource.conf rename to buildroot-external/rootfs-overlay/usr/lib/systemd/system/docker.service.d/resource.conf diff --git a/buildroot-external/rootfs-overlay/etc/systemd/system/dropbear.service.d/hassos.conf b/buildroot-external/rootfs-overlay/usr/lib/systemd/system/dropbear.service.d/hassos.conf similarity index 100% rename from buildroot-external/rootfs-overlay/etc/systemd/system/dropbear.service.d/hassos.conf rename to buildroot-external/rootfs-overlay/usr/lib/systemd/system/dropbear.service.d/hassos.conf diff --git a/buildroot-external/rootfs-overlay/etc/systemd/system/rpcbind.service.d/haos.conf b/buildroot-external/rootfs-overlay/usr/lib/systemd/system/rpcbind.service.d/haos.conf similarity index 100% rename from buildroot-external/rootfs-overlay/etc/systemd/system/rpcbind.service.d/haos.conf rename to buildroot-external/rootfs-overlay/usr/lib/systemd/system/rpcbind.service.d/haos.conf diff --git a/buildroot-external/rootfs-overlay/etc/systemd/system/run-docker-.mount.d/10-reduce-verbosity.conf b/buildroot-external/rootfs-overlay/usr/lib/systemd/system/run-docker-.mount.d/10-reduce-verbosity.conf similarity index 100% rename from buildroot-external/rootfs-overlay/etc/systemd/system/run-docker-.mount.d/10-reduce-verbosity.conf rename to buildroot-external/rootfs-overlay/usr/lib/systemd/system/run-docker-.mount.d/10-reduce-verbosity.conf diff --git a/buildroot-external/rootfs-overlay/etc/systemd/system/serial-getty@.service.d/hassos.conf b/buildroot-external/rootfs-overlay/usr/lib/systemd/system/serial-getty@.service.d/hassos.conf similarity index 100% rename from buildroot-external/rootfs-overlay/etc/systemd/system/serial-getty@.service.d/hassos.conf rename to buildroot-external/rootfs-overlay/usr/lib/systemd/system/serial-getty@.service.d/hassos.conf diff --git a/buildroot-external/rootfs-overlay/etc/systemd/system/systemd-modules-load.service.d/hassos.conf b/buildroot-external/rootfs-overlay/usr/lib/systemd/system/systemd-modules-load.service.d/hassos.conf similarity index 100% rename from buildroot-external/rootfs-overlay/etc/systemd/system/systemd-modules-load.service.d/hassos.conf rename to buildroot-external/rootfs-overlay/usr/lib/systemd/system/systemd-modules-load.service.d/hassos.conf diff --git a/buildroot-external/rootfs-overlay/etc/systemd/system/systemd-time-wait-sync.service.d/network-online.conf b/buildroot-external/rootfs-overlay/usr/lib/systemd/system/systemd-time-wait-sync.service.d/network-online.conf similarity index 100% rename from buildroot-external/rootfs-overlay/etc/systemd/system/systemd-time-wait-sync.service.d/network-online.conf rename to buildroot-external/rootfs-overlay/usr/lib/systemd/system/systemd-time-wait-sync.service.d/network-online.conf diff --git a/buildroot-external/rootfs-overlay/etc/systemd/system/systemd-time-wait-sync.service.d/timeout.conf b/buildroot-external/rootfs-overlay/usr/lib/systemd/system/systemd-time-wait-sync.service.d/timeout.conf similarity index 100% rename from buildroot-external/rootfs-overlay/etc/systemd/system/systemd-time-wait-sync.service.d/timeout.conf rename to buildroot-external/rootfs-overlay/usr/lib/systemd/system/systemd-time-wait-sync.service.d/timeout.conf diff --git a/buildroot-external/rootfs-overlay/etc/systemd/system/systemd-timesyncd.service.d/hassos.conf b/buildroot-external/rootfs-overlay/usr/lib/systemd/system/systemd-timesyncd.service.d/hassos.conf similarity index 60% rename from buildroot-external/rootfs-overlay/etc/systemd/system/systemd-timesyncd.service.d/hassos.conf rename to buildroot-external/rootfs-overlay/usr/lib/systemd/system/systemd-timesyncd.service.d/hassos.conf index 2e1d519ef01..deca0bec320 100644 --- a/buildroot-external/rootfs-overlay/etc/systemd/system/systemd-timesyncd.service.d/hassos.conf +++ b/buildroot-external/rootfs-overlay/usr/lib/systemd/system/systemd-timesyncd.service.d/hassos.conf @@ -1,3 +1,2 @@ [Unit] RequiresMountsFor=/var/lib/systemd -After=network-online.target diff --git a/buildroot-external/rootfs-overlay/etc/systemd/system/systemd-timesyncd.service.d/ro.conf b/buildroot-external/rootfs-overlay/usr/lib/systemd/system/systemd-timesyncd.service.d/ro.conf similarity index 100% rename from buildroot-external/rootfs-overlay/etc/systemd/system/systemd-timesyncd.service.d/ro.conf rename to buildroot-external/rootfs-overlay/usr/lib/systemd/system/systemd-timesyncd.service.d/ro.conf diff --git a/buildroot-external/rootfs-overlay/etc/systemd/system/tmp.mount.d/zram.conf b/buildroot-external/rootfs-overlay/usr/lib/systemd/system/tmp.mount.d/zram.conf similarity index 100% rename from buildroot-external/rootfs-overlay/etc/systemd/system/tmp.mount.d/zram.conf rename to buildroot-external/rootfs-overlay/usr/lib/systemd/system/tmp.mount.d/zram.conf diff --git a/buildroot-external/rootfs-overlay/etc/systemd/system/udisks2.service.d/haos.conf b/buildroot-external/rootfs-overlay/usr/lib/systemd/system/udisks2.service.d/haos.conf similarity index 100% rename from buildroot-external/rootfs-overlay/etc/systemd/system/udisks2.service.d/haos.conf rename to buildroot-external/rootfs-overlay/usr/lib/systemd/system/udisks2.service.d/haos.conf diff --git a/buildroot-external/rootfs-overlay/etc/systemd/system/udisks2.socket.d/haos.conf b/buildroot-external/rootfs-overlay/usr/lib/systemd/system/udisks2.socket.d/haos.conf similarity index 100% rename from buildroot-external/rootfs-overlay/etc/systemd/system/udisks2.socket.d/haos.conf rename to buildroot-external/rootfs-overlay/usr/lib/systemd/system/udisks2.socket.d/haos.conf