From 64a73c4dd3fe662b3ffcd919d61a000180d48601 Mon Sep 17 00:00:00 2001
From: Luke Shumaker <lukeshu@lukeshu.com>
Date: Tue, 12 Sep 2017 14:34:24 -0400
Subject: [PATCH 00/32] notsystemd-233.1 release

________________________________________________________________________________
Preface

  This is the third release of "notsystemd", a project to turn the various
  components of systemd into independent pieces that can be used no matter
  which software is used for PID 1; in a similar spirit to eudev or elogind.

  notsystemd is developed as part of the Parabola project.  notsytemd
  development tracks not upstream systemd, but the version of systemd shipped
  by Parabola GNU/Linux-libre (which in turn tracks the version shipped by
  Arch Linux).

  Parabola is currently shipping systemd 234, but this release is based on
  Parabola's last 233 release.  This is because Parabola was not yet shipping
  234 when work on this release began.  The next notsystemd release will be
  based on systemd 234.

________________________________________________________________________________
Functional Description

  At a minimum, the following utilities should be functional on non-systemd
  systems:

    systemd-nspawn
    systemd-machine-id-setup
    systemd-tmpfiles
    systemd-sysusers

  Notes about notsystemd's nspawn:

    systemd-nspawn is a tool for running containers.  By default it attempts
    to register its containers with machined over its dubs API.  If machined
    isn't running, or can't be started automatically by dbus-daemon, then
    this will fail.  If you can't or won't run machined, you will need to
    pass the `--register=no` flag to systemd-nspawn.  At this time,
    notsystemd has made no effort to make systemd-machined usable on
    non-systemd systems.

    By default, it will attempt to re-create the cgroup setup of the host in
    the container.  It does not support cgroup v1/v2 mixed setups except for
    the one of the specific arrangements used by systemd.  If using a cgroup
    setup different than one that systemd can use, then the
    $UNIFIED_CGROUP_HIERARCHY variable may not be used.  More specifically,
    here is how it handles each of the following cgroup setups:

     - cgroup v1, systemd: (that is, with a name=systemd hierarchy at
                           /sys/fs/cgroup/systemd) Mimic the setup of the
                           host.  $UNIFIED_CGROUP_HIERARCHY may be used to
                           override this.

     - cgroup v1, other  : Mimic the setup of the host.
                           $UNIFIED_CGROUP_HIERARCHY may not be used.

     - cgroup v2         : Mimic the setup of the host; unless the container
                           looks like it has a version of systemd older than
                           230, in which case it will create a "cgroup v1,
                           systemd" setup in the container.
                           $UNIFIED_CGROUP_HIERARCHY may be used to override
                           this.

     - cgroup v1/v2 mixed, systemd-232 : Mimic the setup of the host; unless
                           the container looks like it has a version of
                           systemd older than 232, in which case it will
                           create a "cgroup v1, systemd" setup in the
                           container.  $UNIFIED_CGROUP_HIERARCHY may be used
                           to override this.

     - cgroup v1/v2 mixed, systemd-233+: Mimic the setup of the host; unless
                           the container looks like it has a version of
                           systemd older than 233, in which case it will
                           create a "cgroup v1, systemd" setup in the
                           container.  $UNIFIED_CGROUP_HIERARCHY may be used
                           to override this.

     - cgroup v1/v2 mixed, other       : Unsupported, will refuse to run.

________________________________________________________________________________
Compiling notsystemd-233.1


  Like previous versions of notsystemd, this release of notsystemd is
  published as a set of patches, rather than as a full source tarball.

  The patches should apply cleanly over the version of systemd 233 last
  shipped by Parabola.  The details of that release can be found at (pay
  particular attention to the prepare() function in the PKGBUILD)

    https://git.parabola.nu/abslibre.git/tree/libre/systemd?id=beb0e21d1829fa4e7cace72f57237cd3af6bb38f

  notsystemd expects that any changes applied by the Parabola to already be
  applied (though I would be surprised if you had trouble applying the
  notsystemd patches without without them).  If you do have trouble applying
  them to a different base, see the note about mechanical changes below.

  Additionally, if your operating system includes a modern version of glibc
  (2.26 or later), you will need to backport the following upstream systemd
  commit (eg using `git cherry-pick`):

     glibc 2.26 : 284d1cd0a12cad96a5ea61d1afb0dd677dbd147e : fix includes

________________________________________________________________________________
Description of changes

  Mostly-mechanical changes (5):

      These changes should have no user-visible affects; they are all code
      cleanup, organization, and plumbing changes that are mechanical in
      nature (search/replace, copy/paste), and may be easier to re-create by
      hand rather than by applying the patch when being applied to a
      different base.

    (0001) nspawn: Simplify tmpfs_patch_options() usage, and trickle that up
    (0002) nspawn: Simplify mkdir_userns() usage, and trickle that up
    (0003) nspawn: Move cgroup mount stuff from nspawn-mount.c to nspawn-cgroup.c
    (0004) nspawn: nspawn-cgroup.{c,h}: s/unified_requested/inner_cgver/
    (0005) nspawn: sync_cgroup(): Rename arg_uid_shift -> uid_shift

  Better 232/233 distinction (5)

      The first 4 patches should have no user-visible affects; they are all
      code cleanup, organization, and plumbing changes for the 5th commit,
      which fixes systemd bug #6310, in which it fails to differentiate
      between systemd-232-style cgroup v1/v2 mixed setups and 233-style
      setups.

    (0006) cgroup-util: Fix a comment about cg_kernel_controllers() behavior
    (0007) cgroup-util: Merge the unified_cache and unified_systemd_v232 caches
    (0008) cgroup-util: Add cg_version() to get the raw CGroupUnified enum
    (0009) cgroup-util,nspawn: Use switch cases around CGroupUnified when possible
    (0010) nspawn: Allow the container to inherit a 232-style hybrid (#6310)

  Non-functional changes (15):

      These changes should have no user-visible affects; they are all code
      cleanup, organization, and plumbing changes that set the stage for
      user-visible changes below.

    (0011) cgroup-util: Split out cg_pid_get_path_internal()
    (0012) nspawn: mount_sysfs(): Reword the comment about /sys/fs/cgroup
    (0013) nspawn: if !cg_ns_supported() then force arg_use_cgns = false
    (0014) nspawn: Expand comments in detect_unified_cgroup_hierarchy()
    (0015) nspawn: Parse UNIFIED_CGROUP_HIERARCHY similarly to any other arg
    (0016) nspawn: Detect the outer_cgver once, and pass that around
    (0017) nspawn: Merge chown_cgroup(), sync_cgroup(), & create_subcgroup() into one cgroup_setup()
    (0018) nspawn: mount_legacy_cgns_supported(): Rename variables to not lie
    (0019) nspawn: get_v1_hierarchies(): Ditch a pointless check for "name=unified"
    (0020) nspawn: Change where we filter the name=systemd hierarchy
    (0021) nspawn: Track the inner child and outer child PIDs separately
    (0022) nspawn: Add functions for deciding cgroup mounts before performing them
    (0023) nspawn: Decide all cgroup mounts/symlinks before performing any of them
    (0024) nspawn: Split off cgroup_decide_mounts() from mount_cgroups()
    (0025) nspawn: Go ahead and always decide the cgroup mounts in the outer child, not inner

  Functional changes (7):

      These are the user-visible changes.

    (0026) nspawn: Detect cgroup version after parsing argv
    (0027) nspawn: Improve --help text
    (0028) nspawn: Clarify sync_cgroup(); tmp dirname, error message
    (0029) nspawn: Improve error messages
    (0030) nspawn: Be more robust when deciding to create subcgroups or chown cgroups
    (0031) nspawn: (Re)mount the systemd hierarchy RO in the outer child, not inner
    (0032) cgroup-util,nspawn: Add a special "inherit" cgroup mode for nspawn

 Makefile.am                |   2 +
 configure.ac               |   2 +-
 src/basic/cgroup-util.c    |  93 ++++--
 src/basic/cgroup-util.h    |   8 +-
 src/nspawn/nspawn-cgroup.c | 747 +++++++++++++++++++++++++++++++++++++++++----
 src/nspawn/nspawn-cgroup.h |  13 +-
 src/nspawn/nspawn-mount.c  | 454 ++-------------------------
 src/nspawn/nspawn-mount.h  |   7 +-
 src/nspawn/nspawn.c        | 354 +++++++++++++--------
 9 files changed, 1013 insertions(+), 667 deletions(-)

-- 
2.14.1

Happy hacking,
~ Luke Shumaker
