diff options
| author | Ed Tanous <ed.tanous@intel.com> | 2019-06-19 01:53:56 +0300 |
|---|---|---|
| committer | Ed Tanous <ed.tanous@intel.com> | 2019-06-19 20:26:17 +0300 |
| commit | 2c7e8f4ce61f2e0407c37e98e22bbb13e562b414 (patch) | |
| tree | 9ea192b408585fc2a19b54d196c3d56eaddc4acb /meta-openbmc-mods/meta-common/recipes-core/systemd | |
| parent | aea9e7cbf9bd7677228747a8e7bab4d22bc80103 (diff) | |
| download | openbmc-2c7e8f4ce61f2e0407c37e98e22bbb13e562b414.tar.xz | |
Update to internal 6-18-19
Signed-off-by: Ed Tanous <ed.tanous@intel.com>
Diffstat (limited to 'meta-openbmc-mods/meta-common/recipes-core/systemd')
3 files changed, 94 insertions, 0 deletions
diff --git a/meta-openbmc-mods/meta-common/recipes-core/systemd/systemd/systemd-time-wait-sync.service b/meta-openbmc-mods/meta-common/recipes-core/systemd/systemd/systemd-time-wait-sync.service new file mode 100644 index 000000000..f71aea39d --- /dev/null +++ b/meta-openbmc-mods/meta-common/recipes-core/systemd/systemd/systemd-time-wait-sync.service @@ -0,0 +1,36 @@ +# SPDX-License-Identifier: LGPL-2.1+ +# +# This file is part of systemd. +# +# systemd is free software; you can redistribute it and/or modify it +# under the terms of the GNU Lesser General Public License as published by +# the Free Software Foundation; either version 2.1 of the License, or +# (at your option) any later version. + +[Unit] +Description=Wait Until Kernel Time Synchronized +Documentation=man:systemd-time-wait-sync.service(8) + +# Note that this tool doesn't need CAP_SYS_TIME itself, but it's primary +# usecase is to run in conjunction with a local NTP service such as +# systemd-timesyncd.service, which is conditioned this way. There might be +# niche usecases where running this service independently is desired, but let's +# make this all "just work" for the general case, and leave it to local +# modifications to make it work in the remaining cases. + +ConditionCapability=CAP_SYS_TIME +ConditionVirtualization=!container + +DefaultDependencies=no +Before=time-sync.target shutdown.target +Wants=time-sync.target +Conflicts=shutdown.target + +[Service] +Type=oneshot +ExecStart=/lib/systemd/systemd-time-wait-sync +TimeoutStartSec=10 +RemainAfterExit=yes + +[Install] +WantedBy=sysinit.target diff --git a/meta-openbmc-mods/meta-common/recipes-core/systemd/systemd/systemd-timesyncd.service b/meta-openbmc-mods/meta-common/recipes-core/systemd/systemd/systemd-timesyncd.service new file mode 100644 index 000000000..9a5fffbb3 --- /dev/null +++ b/meta-openbmc-mods/meta-common/recipes-core/systemd/systemd/systemd-timesyncd.service @@ -0,0 +1,53 @@ +# SPDX-License-Identifier: LGPL-2.1+ +# +# This file is part of systemd. +# +# systemd is free software; you can redistribute it and/or modify it +# under the terms of the GNU Lesser General Public License as published by +# the Free Software Foundation; either version 2.1 of the License, or +# (at your option) any later version. + +[Unit] +Description=Network Time Synchronization +Documentation=man:systemd-timesyncd.service(8) +ConditionCapability=CAP_SYS_TIME +ConditionVirtualization=!container +DefaultDependencies=no +After=systemd-remount-fs.service systemd-sysusers.service var.mount +Before=time-set.target sysinit.target shutdown.target +Conflicts=shutdown.target +Wants=time-set.target time-sync.target + +[Service] +AmbientCapabilities=CAP_SYS_TIME +CapabilityBoundingSet=CAP_SYS_TIME +ExecStart=!!/lib/systemd/systemd-timesyncd +LockPersonality=yes +MemoryDenyWriteExecute=yes +NoNewPrivileges=yes +PrivateDevices=yes +PrivateTmp=yes +ProtectControlGroups=yes +ProtectHome=yes +ProtectHostname=yes +ProtectKernelModules=yes +ProtectKernelTunables=yes +ProtectSystem=strict +Restart=always +RestartSec=0 +RestrictAddressFamilies=AF_UNIX AF_INET AF_INET6 +RestrictNamespaces=yes +RestrictRealtime=yes +RestrictSUIDSGID=yes +RuntimeDirectory=systemd/timesync +StateDirectory=systemd/timesync +SystemCallArchitectures=native +SystemCallErrorNumber=EPERM +SystemCallFilter=@system-service @clock +Type=notify +User=systemd-timesync +WatchdogSec=3min + +[Install] +WantedBy=sysinit.target +Alias=dbus-org.freedesktop.timesync1.service diff --git a/meta-openbmc-mods/meta-common/recipes-core/systemd/systemd_%.bbappend b/meta-openbmc-mods/meta-common/recipes-core/systemd/systemd_%.bbappend index ef7ac20e2..3e5adf7ce 100644 --- a/meta-openbmc-mods/meta-common/recipes-core/systemd/systemd_%.bbappend +++ b/meta-openbmc-mods/meta-common/recipes-core/systemd/systemd_%.bbappend @@ -6,6 +6,11 @@ FILESEXTRAPATHS_prepend := "${THISDIR}/${PN}:" SRC_URI += "file://000-ro-rootfs-tmpfile-defaults.patch \ file://0001-Modfiy-system.conf-DefaultTimeoutStopSec.patch \ + file://systemd-time-wait-sync.service \ " USERADD_PACKAGES_remove = "${PN}-journal-gateway ${PN}-journal-upload ${PN}-journal-remote" + +do_install_append(){ + cp -f ${WORKDIR}/systemd-time-wait-sync.service ${D}/lib/systemd/system/ +} |