From: Lennart Poettering Date: Fri, 13 Sep 2024 15:24:20 +0000 (+0200) Subject: tmpfiles.d: add $ flag to all lines which are clearly private to our packages, and... X-Git-Tag: v257-rc1~429^2 X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=a859d0d378f7972b423fd4e16b6c9f0cd73c4f0f;p=thirdparty%2Fsystemd.git tmpfiles.d: add $ flag to all lines which are clearly private to our packages, and should be removed on package removal (This excludes any dirs that contain resources placed there by the user) (I also didn't bother marking resources belonging to components that are really not optional for us) --- diff --git a/tmpfiles.d/20-systemd-shell-extra.conf.in b/tmpfiles.d/20-systemd-shell-extra.conf.in index 8ebe83dd697..02f1ef58023 100644 --- a/tmpfiles.d/20-systemd-shell-extra.conf.in +++ b/tmpfiles.d/20-systemd-shell-extra.conf.in @@ -8,5 +8,5 @@ # See tmpfiles.d(5) for details {% if LINK_SHELL_EXTRA_DROPIN %} -L {{SHELLPROFILEDIR}}/70-systemd-shell-extra.sh - - - - {{LIBEXECDIR}}/profile.d/70-systemd-shell-extra.sh +L$ {{SHELLPROFILEDIR}}/70-systemd-shell-extra.sh - - - - {{LIBEXECDIR}}/profile.d/70-systemd-shell-extra.sh {% endif %} diff --git a/tmpfiles.d/20-systemd-ssh-generator.conf.in b/tmpfiles.d/20-systemd-ssh-generator.conf.in index dbe354a2d2d..8c9d3af1c35 100644 --- a/tmpfiles.d/20-systemd-ssh-generator.conf.in +++ b/tmpfiles.d/20-systemd-ssh-generator.conf.in @@ -8,7 +8,7 @@ # See tmpfiles.d(5) for details {% if LINK_SSH_PROXY_DROPIN %} -L {{SSHCONFDIR}}/20-systemd-ssh-proxy.conf - - - - {{LIBEXECDIR}}/ssh_config.d/20-systemd-ssh-proxy.conf +L$ {{SSHCONFDIR}}/20-systemd-ssh-proxy.conf - - - - {{LIBEXECDIR}}/ssh_config.d/20-systemd-ssh-proxy.conf {% endif %} {% if CREATE_SSHDPRIVSEPDIR %} d {{SSHDPRIVSEPDIR}} 0755 diff --git a/tmpfiles.d/legacy.conf.in b/tmpfiles.d/legacy.conf.in index 4f2c0d7c431..ec2f7aea72c 100644 --- a/tmpfiles.d/legacy.conf.in +++ b/tmpfiles.d/legacy.conf.in @@ -13,7 +13,7 @@ d /run/lock 0755 root root - L /var/lock - - - - ../run/lock {% if CREATE_LOG_DIRS %} -L /var/log/README - - - - ../..{{DOC_DIR}}/README.logs +L$ /var/log/README - - - - ../..{{DOC_DIR}}/README.logs {% endif %} # /run/lock/subsys is used for serializing SysV service execution, and diff --git a/tmpfiles.d/systemd-network.conf b/tmpfiles.d/systemd-network.conf index 323beca59c5..5898e88de56 100644 --- a/tmpfiles.d/systemd-network.conf +++ b/tmpfiles.d/systemd-network.conf @@ -7,7 +7,7 @@ # See tmpfiles.d(5) for details -d /run/systemd/netif 0755 systemd-network systemd-network - -d /run/systemd/netif/links 0755 systemd-network systemd-network - -d /run/systemd/netif/leases 0755 systemd-network systemd-network - -d /var/lib/systemd/network 0755 systemd-network systemd-network - +d$ /run/systemd/netif 0755 systemd-network systemd-network - +d$ /run/systemd/netif/links 0755 systemd-network systemd-network - +d$ /run/systemd/netif/leases 0755 systemd-network systemd-network - +d$ /var/lib/systemd/network 0755 systemd-network systemd-network - diff --git a/tmpfiles.d/systemd-nspawn.conf b/tmpfiles.d/systemd-nspawn.conf index 78bd1c670e0..6549ea41018 100644 --- a/tmpfiles.d/systemd-nspawn.conf +++ b/tmpfiles.d/systemd-nspawn.conf @@ -19,5 +19,5 @@ Q /var/lib/machines 0700 - - - # systemd-nspawn --ephemeral places snapshots) we are more strict, to # avoid removing unrelated temporary files. -R! /var/lib/machines/.#* -R! /.#machine.* +R!$ /var/lib/machines/.#* +R!$ /.#machine.* diff --git a/tmpfiles.d/systemd-tmp.conf b/tmpfiles.d/systemd-tmp.conf index d47d468fba8..093830586c1 100644 --- a/tmpfiles.d/systemd-tmp.conf +++ b/tmpfiles.d/systemd-tmp.conf @@ -14,10 +14,10 @@ x /var/tmp/systemd-private-%b-* X /var/tmp/systemd-private-%b-*/tmp # Remove top-level private temporary directories on each boot -R! /tmp/systemd-private-* -R! /var/tmp/systemd-private-* +R!$ /tmp/systemd-private-* +R!$ /var/tmp/systemd-private-* # Handle lost systemd-coredump temp files. They could be lost on old filesystems, # for example, after hard reboot. x /var/lib/systemd/coredump/.#core*.%b* -r! /var/lib/systemd/coredump/.#* +r!$ /var/lib/systemd/coredump/.#* diff --git a/tmpfiles.d/systemd.conf.in b/tmpfiles.d/systemd.conf.in index 815fb2dd408..dac2e5bbc40 100644 --- a/tmpfiles.d/systemd.conf.in +++ b/tmpfiles.d/systemd.conf.in @@ -13,11 +13,11 @@ f+! /run/utmp 0664 root utmp - {% endif %} d /run/systemd/ask-password 0755 root root - -d /run/systemd/seats 0755 root root - -d /run/systemd/sessions 0755 root root - -d /run/systemd/users 0755 root root - +d$ /run/systemd/seats 0755 root root - +d$ /run/systemd/sessions 0755 root root - +d$ /run/systemd/users 0755 root root - d /run/systemd/machines 0755 root root - -d /run/systemd/shutdown 0755 root root - +d$ /run/systemd/shutdown 0755 root root - d /run/log 0755 root root -