From: DaanDeMeyer <daan.j.demeyer@gmail.com>
Date: Wed, 2 Jul 2025 07:43:30 +0000 (+0200)
Subject: tree-wide: Add initrd presets
X-Git-Tag: v258-rc1~191
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=4a8c395167c1631224c02d990c847955a2bf23b0;p=thirdparty%2Fsystemd.git

tree-wide: Add initrd presets

Currently, when running "systemctl preset-all --root=xxx" in mkosi
to enable/disable units for initrds, the system presets are used.
The problem with this approach is that the system presets are written
for the system, and that is not necessarily ideal for an initrd, but we
still want to use the same packages in the initrd that we install in the
system, so let's introduce a separate directory for initrd presets which
is used to pick up preset files from when we detect that we're configuring
an initrd (by looking for /etc/initrd-release).

We also introduce a systemd preset file for the initrd, which is based on
the system one, except with all the stuff unnecessary for the initrd removed.
---

diff --git a/docs/PRESET.md b/docs/PRESET.md
index 62aab967b63..ba3c0a4770d 100644
--- a/docs/PRESET.md
+++ b/docs/PRESET.md
@@ -29,7 +29,7 @@ systemd 32 and newer support package "preset" policies.
 These encode which units shall be enabled by default when they are installed, and which units shall not be enabled.
 
 Preset files may be written for specific distributions, for specific spins or for specific sites, in order to enforce different policies as needed.
-Preset policies are stored in .preset files in /usr/lib/systemd/system-preset/.
+Preset policies are stored in .preset files in /usr/lib/systemd/system-preset/ (or /usr/lib/systemd/initrd-preset/ for initrds).
 If no policy exists the default implied policy of "enable everything" is enforced, i.e. in Debian style.
 
 The policy encoded in preset files is applied to a unit by invoking "systemctl preset ".
diff --git a/man/systemd.preset.xml b/man/systemd.preset.xml
index dcc740a16da..a83492495e1 100644
--- a/man/systemd.preset.xml
+++ b/man/systemd.preset.xml
@@ -30,6 +30,10 @@
       <member><filename>/run/systemd/user-preset/*.preset</filename></member>
       <member><filename>/usr/local/lib/systemd/user-preset/*.preset</filename></member>
       <member><filename>/usr/lib/systemd/user-preset/*.preset</filename></member>
+      <member><filename>/etc/systemd/initrd-preset/*.preset</filename></member>
+      <member><filename>/run/systemd/initrd-preset/*.preset</filename></member>
+      <member><filename>/usr/local/lib/systemd/initrd-preset/*.preset</filename></member>
+      <member><filename>/usr/lib/systemd/initrd-preset/*.preset</filename></member>
     </simplelist></para>
   </refsynopsisdiv>
 
diff --git a/meson.build b/meson.build
index 8d252832aac..55874ee6c6a 100644
--- a/meson.build
+++ b/meson.build
@@ -172,6 +172,7 @@ systemshutdowndir = libexecdir / 'system-shutdown'
 systemsleepdir = libexecdir / 'system-sleep'
 systemunitdir = prefixdir / 'lib/systemd/system'
 systempresetdir = prefixdir / 'lib/systemd/system-preset'
+initrdpresetdir = prefixdir / 'lib/systemd/initrd-preset'
 udevlibexecdir = prefixdir / 'lib/udev'
 udevrulesdir = udevlibexecdir / 'rules.d'
 udevhwdbdir = udevlibexecdir / 'hwdb.d'
diff --git a/presets/90-systemd-initrd.preset b/presets/90-systemd-initrd.preset
new file mode 100644
index 00000000000..e966a182f15
--- /dev/null
+++ b/presets/90-systemd-initrd.preset
@@ -0,0 +1,38 @@
+#  SPDX-License-Identifier: LGPL-2.1-or-later
+#
+#  This file is part of systemd.
+#
+#  systemd is free software; you can redistribute it and/or modify it
+#  under the terms of the GNU Lesser General Public License as published by
+#  the Free Software Foundation; either version 2.1 of the License, or
+#  (at your option) any later version.
+
+# Settings for systemd units distributed with systemd itself, specific to initrds.
+
+enable systemd-journald-audit.socket
+enable systemd-network-generator.service
+enable systemd-networkd.service
+enable systemd-networkd-wait-online.service
+enable systemd-pstore.service
+enable systemd-resolved.service
+enable systemd-tpm2-clear.service
+
+disable console-getty.service
+disable debug-shell.service
+
+disable exit.target
+disable halt.target
+disable kexec.target
+disable poweroff.target
+enable reboot.target
+disable rescue.target
+
+disable proc-sys-fs-binfmt_misc.mount
+
+disable syslog.socket
+
+disable systemd-boot-check-no-failures.service
+disable systemd-journal-gatewayd.*
+disable systemd-journal-remote.*
+disable systemd-journal-upload.*
+disable systemd-time-wait-sync.service
diff --git a/presets/user/90-systemd.preset b/presets/90-systemd-user.preset
similarity index 100%
rename from presets/user/90-systemd.preset
rename to presets/90-systemd-user.preset
diff --git a/presets/meson.build b/presets/meson.build
index 84abeded2fd..cc852d7c172 100644
--- a/presets/meson.build
+++ b/presets/meson.build
@@ -3,5 +3,10 @@
 install_data('90-systemd.preset',
              install_dir : systempresetdir)
 
-install_data('user/90-systemd.preset',
-             install_dir : userpresetdir)
+install_data('90-systemd-user.preset',
+             install_dir : userpresetdir,
+             rename : '90-systemd.preset')
+
+install_data('90-systemd-initrd.preset',
+             install_dir : initrdpresetdir,
+             rename : '90-systemd.preset')
diff --git a/src/core/systemd.pc.in b/src/core/systemd.pc.in
index 2b5fb8a2ece..58f24631046 100644
--- a/src/core/systemd.pc.in
+++ b/src/core/systemd.pc.in
@@ -31,6 +31,9 @@ systemdsystemunitdir=${systemd_system_unit_dir}
 systemd_system_preset_dir=${prefix}/lib/systemd/system-preset
 systemdsystempresetdir=${systemd_system_preset_dir}
 
+systemd_initrd_preset_dir=${prefix}/lib/systemd/initrd-preset
+systemdinitrdpresetdir=${systemd_initrd_preset_dir}
+
 systemd_user_unit_dir=${prefix}/lib/systemd/user
 systemduserunitdir=${systemd_user_unit_dir}
 
diff --git a/src/libsystemd/sd-path/sd-path.c b/src/libsystemd/sd-path/sd-path.c
index f562e3a7ecb..00969971353 100644
--- a/src/libsystemd/sd-path/sd-path.c
+++ b/src/libsystemd/sd-path/sd-path.c
@@ -302,6 +302,10 @@ static int get_path(uint64_t type, char **buffer, const char **ret) {
                 *ret = PREFIX_NOSLASH "/lib/systemd/user-preset";
                 return 0;
 
+        case SD_PATH_SYSTEMD_INITRD_PRESET:
+                *ret = PREFIX_NOSLASH "/lib/systemd/initrd-preset";
+                return 0;
+
         case SD_PATH_SYSTEMD_SYSTEM_CONF:
                 *ret = SYSTEM_CONFIG_UNIT_DIR;
                 return 0;
diff --git a/src/path/path-tool.c b/src/path/path-tool.c
index c725dd76fdc..41d0ba861cc 100644
--- a/src/path/path-tool.c
+++ b/src/path/path-tool.c
@@ -75,6 +75,7 @@ static const char* const path_table[_SD_PATH_MAX] = {
         [SD_PATH_SYSTEMD_USER_UNIT]                           = "systemd-user-unit",
         [SD_PATH_SYSTEMD_USER_PRESET]                         = "systemd-user-preset",
         [SD_PATH_SYSTEMD_USER_CONF]                           = "systemd-user-conf",
+        [SD_PATH_SYSTEMD_INITRD_PRESET]                       = "systemd-initrd-preset",
 
         [SD_PATH_SYSTEMD_SEARCH_SYSTEM_UNIT]                  = "systemd-search-system-unit",
         [SD_PATH_SYSTEMD_SEARCH_USER_UNIT]                    = "systemd-search-user-unit",
diff --git a/src/shared/install.c b/src/shared/install.c
index 8c6909ddf2e..8fc087fb78c 100644
--- a/src/shared/install.c
+++ b/src/shared/install.c
@@ -3284,16 +3284,22 @@ static int split_pattern_into_name_and_instances(const char *pattern, char **out
 }
 
 static int presets_find_config(RuntimeScope scope, const char *root_dir, char ***files) {
+        static const char* const initrd_dirs[] = { CONF_PATHS("systemd/initrd-preset"), NULL };
         static const char* const system_dirs[] = { CONF_PATHS("systemd/system-preset"), NULL };
         static const char* const user_dirs[] = { CONF_PATHS("systemd/user-preset"), NULL };
         const char* const* dirs;
+        int r;
 
         assert(scope >= 0);
         assert(scope < _RUNTIME_SCOPE_MAX);
 
-        if (scope == RUNTIME_SCOPE_SYSTEM)
-                dirs = system_dirs;
-        else if (IN_SET(scope, RUNTIME_SCOPE_GLOBAL, RUNTIME_SCOPE_USER))
+        if (scope == RUNTIME_SCOPE_SYSTEM) {
+                r = chase_and_access("/etc/initrd-release", root_dir, CHASE_PREFIX_ROOT, F_OK, /* ret_path= */ NULL);
+                if (r < 0 && r != -ENOENT)
+                        return r;
+
+                dirs = r >= 0 ? initrd_dirs : system_dirs;
+        } else if (IN_SET(scope, RUNTIME_SCOPE_GLOBAL, RUNTIME_SCOPE_USER))
                 dirs = user_dirs;
         else
                 assert_not_reached();
diff --git a/src/shared/pretty-print.c b/src/shared/pretty-print.c
index 8be99a8d3f4..95d6d7051e1 100644
--- a/src/shared/pretty-print.c
+++ b/src/shared/pretty-print.c
@@ -372,7 +372,7 @@ static int guess_type(const char **name, char ***ret_prefixes, bool *ret_is_coll
         } else if (path_equal(n, "systemd/relabel-extra.d")) {
                 coll = run = true;
                 ext = ".relabel";
-        } else if (PATH_IN_SET(n, "systemd/system-preset", "systemd/user-preset")) {
+        } else if (PATH_IN_SET(n, "systemd/system-preset", "systemd/user-preset", "systemd/initrd-preset")) {
                 coll = true;
                 ext = ".preset";
         }
diff --git a/src/systemd/sd-path.h b/src/systemd/sd-path.h
index 5d5bdfe2066..58726f731ce 100644
--- a/src/systemd/sd-path.h
+++ b/src/systemd/sd-path.h
@@ -88,6 +88,7 @@ enum {
         SD_PATH_SYSTEMD_USER_UNIT,
         SD_PATH_SYSTEMD_USER_PRESET,
         SD_PATH_SYSTEMD_USER_CONF,
+        SD_PATH_SYSTEMD_INITRD_PRESET,
 
         SD_PATH_SYSTEMD_SEARCH_SYSTEM_UNIT,
         SD_PATH_SYSTEMD_SEARCH_USER_UNIT,