diff --git a/meta-citadel/recipes-citadel/bbappends/systemd/0001-Modify-systemd-to-use-localtime-in-storage-citadel-s.patch b/meta-citadel/recipes-citadel/bbappends/systemd/0001-Modify-systemd-to-use-localtime-in-storage-citadel-s.patch new file mode 100644 index 0000000..3dd5d3a --- /dev/null +++ b/meta-citadel/recipes-citadel/bbappends/systemd/0001-Modify-systemd-to-use-localtime-in-storage-citadel-s.patch @@ -0,0 +1,245 @@ +From 14cd68b1fdd3a16a3aa2892f9216096bea02173d Mon Sep 17 00:00:00 2001 +From: isa +Date: Thu, 11 Jul 2024 18:58:40 +0000 +Subject: [PATCH] Modify systemd to use localtime in /storage/citadel-state +Upstream-Status: Inappropriate [citadel specific] + +--- + src/basic/time-util.c | 4 ++-- + src/core/manager.c | 18 +++++++++--------- + src/core/manager.h | 2 +- + src/core/unit.h | 2 +- + src/firstboot/firstboot.c | 20 ++++++++++---------- + src/timedate/timedated.c | 12 ++++++------ + units/systemd-timedated.service.in | 2 +- + 7 files changed, 30 insertions(+), 30 deletions(-) + +diff --git a/src/basic/time-util.c b/src/basic/time-util.c +index f9014dc560..bab1db4224 100644 +--- a/src/basic/time-util.c ++++ b/src/basic/time-util.c +@@ -1612,7 +1612,7 @@ int get_timezone(char **ret) { + + assert(ret); + +- r = readlink_malloc("/etc/localtime", &t); ++ r = readlink_malloc("/storage/citadel-state/localtime", &t); + if (r == -ENOENT) { + /* If the symlink does not exist, assume "UTC", like glibc does */ + z = strdup("UTC"); +@@ -1625,7 +1625,7 @@ int get_timezone(char **ret) { + if (r < 0) + return r; /* returns EINVAL if not a symlink */ + +- e = PATH_STARTSWITH_SET(t, "/usr/share/zoneinfo/", "../usr/share/zoneinfo/"); ++ e = PATH_STARTSWITH_SET(t, "/usr/share/zoneinfo/", "../../usr/share/zoneinfo/"); + if (!e) + return -EINVAL; + +diff --git a/src/core/manager.c b/src/core/manager.c +index 88eebfc626..59c4dbbae1 100644 +--- a/src/core/manager.c ++++ b/src/core/manager.c +@@ -412,9 +412,9 @@ static int manager_read_timezone_stat(Manager *m) { + + assert(m); + +- /* Read the current stat() data of /etc/localtime so that we detect changes */ +- if (lstat("/etc/localtime", &st) < 0) { +- log_debug_errno(errno, "Failed to stat /etc/localtime, ignoring: %m"); ++ /* Read the current stat() data of /storage/citadel-state/localtime so that we detect changes */ ++ if (lstat("/storage/citadel-state/localtime", &st) < 0) { ++ log_debug_errno(errno, "Failed to stat /storage/citadel-state/localtime, ignoring: %m"); + changed = m->etc_localtime_accessible; + m->etc_localtime_accessible = false; + } else { +@@ -439,7 +439,7 @@ static int manager_setup_timezone_change(Manager *m) { + if (MANAGER_IS_TEST_RUN(m)) + return 0; + +- /* We watch /etc/localtime for three events: change of the link count (which might mean removal from /etc even ++ /* We watch /storage/citadel-state/localtime for three events: change of the link count (which might mean removal from /etc even + * though another link might be kept), renames, and file close operations after writing. Note we don't bother + * with IN_DELETE_SELF, as that would just report when the inode is removed entirely, i.e. after the link count + * went to zero and all fds to it are closed. +@@ -450,14 +450,14 @@ static int manager_setup_timezone_change(Manager *m) { + * Note that we create the new event source first here, before releasing the old one. This should optimize + * behaviour as this way sd-event can reuse the old watch in case the inode didn't change. */ + +- r = sd_event_add_inotify(m->event, &new_event, "/etc/localtime", ++ r = sd_event_add_inotify(m->event, &new_event, "/storage/citadel-state/localtime", + IN_ATTRIB|IN_MOVE_SELF|IN_CLOSE_WRITE|IN_DONT_FOLLOW, manager_dispatch_timezone_change, m); + if (r == -ENOENT) { + /* If the file doesn't exist yet, subscribe to /etc instead, and wait until it is created either by + * O_CREATE or by rename() */ + +- log_debug_errno(r, "/etc/localtime doesn't exist yet, watching /etc instead."); +- r = sd_event_add_inotify(m->event, &new_event, "/etc", ++ log_debug_errno(r, "/storage/citadel-state/localtime doesn't exist yet, watching /storage/citadel-state instead."); ++ r = sd_event_add_inotify(m->event, &new_event, "/storage/citadel-state", + IN_CREATE|IN_MOVED_TO|IN_ONLYDIR, manager_dispatch_timezone_change, m); + } + if (r < 0) +@@ -3173,13 +3173,13 @@ static int manager_dispatch_timezone_change( + int changed; + Unit *u; + +- log_debug("inotify event for /etc/localtime"); ++ log_debug("inotify event for /storage/citadel-state/localtime"); + + changed = manager_read_timezone_stat(m); + if (changed <= 0) + return changed; + +- /* Something changed, restart the watch, to ensure we watch the new /etc/localtime if it changed */ ++ /* Something changed, restart the watch, to ensure we watch the new /storage/citadel-state/localtime if it changed */ + (void) manager_setup_timezone_change(m); + + /* Read the new timezone */ +diff --git a/src/core/manager.h b/src/core/manager.h +index d96eb7b995..68066cac50 100644 +--- a/src/core/manager.h ++++ b/src/core/manager.h +@@ -370,7 +370,7 @@ struct Manager { + + unsigned gc_marker; + +- /* The stat() data the last time we saw /etc/localtime */ ++ /* The stat() data the last time we saw /storage/citadel-state/localtime */ + usec_t etc_localtime_mtime; + bool etc_localtime_accessible; + +diff --git a/src/core/unit.h b/src/core/unit.h +index 60bc2e3d35..c19af861f9 100644 +--- a/src/core/unit.h ++++ b/src/core/unit.h +@@ -713,7 +713,7 @@ typedef struct UnitVTable { + /* Called whenever CLOCK_REALTIME made a jump */ + void (*time_change)(Unit *u); + +- /* Called whenever /etc/localtime was modified */ ++ /* Called whenever /storage/citadel-state/localtime was modified */ + void (*timezone_change)(Unit *u); + + /* Returns the next timeout of a unit */ +diff --git a/src/firstboot/firstboot.c b/src/firstboot/firstboot.c +index d4029272de..5bc0976f63 100644 +--- a/src/firstboot/firstboot.c ++++ b/src/firstboot/firstboot.c +@@ -606,15 +606,15 @@ static int process_timezone(int rfd) { + + assert(rfd >= 0); + +- pfd = chase_and_open_parent_at(rfd, "/etc/localtime", ++ pfd = chase_and_open_parent_at(rfd, "/storage/citadel-state/localtime", + CHASE_AT_RESOLVE_IN_ROOT|CHASE_MKDIR_0755|CHASE_WARN|CHASE_NOFOLLOW, + &f); + if (pfd < 0) +- return log_error_errno(pfd, "Failed to chase /etc/localtime: %m"); ++ return log_error_errno(pfd, "Failed to chase /storage/citadel-state/localtime: %m"); + + r = should_configure(pfd, f); + if (r == 0) +- log_debug("Found /etc/localtime, assuming timezone has been configured."); ++ log_debug("Found /storage/citadel-state/localtime, assuming timezone has been configured."); + if (r <= 0) + return r; + +@@ -625,16 +625,16 @@ static int process_timezone(int rfd) { + if (arg_copy_timezone && r == 0) { + _cleanup_free_ char *s = NULL; + +- r = readlink_malloc("/etc/localtime", &s); ++ r = readlink_malloc("/storage/citadel-state/localtime", &s); + if (r != -ENOENT) { + if (r < 0) +- return log_error_errno(r, "Failed to read host's /etc/localtime: %m"); ++ return log_error_errno(r, "Failed to read host's /storage/citadel-state/localtime: %m"); + + r = symlinkat_atomic_full(s, pfd, f, /* make_relative= */ false); + if (r < 0) +- return log_error_errno(r, "Failed to create /etc/localtime symlink: %m"); ++ return log_error_errno(r, "Failed to create /storage/citadel-state/localtime symlink: %m"); + +- log_info("Copied host's /etc/localtime."); ++ log_info("Copied host's /storage/citadel-state/localtime."); + return 0; + } + } +@@ -650,9 +650,9 @@ static int process_timezone(int rfd) { + + r = symlinkat_atomic_full(e, pfd, f, /* make_relative= */ false); + if (r < 0) +- return log_error_errno(r, "Failed to create /etc/localtime symlink: %m"); ++ return log_error_errno(r, "Failed to create /storage/citadel-state/localtime symlink: %m"); + +- log_info("/etc/localtime written"); ++ log_info("/storage/citadel-state/localtime written"); + return 0; + } + +@@ -1223,7 +1223,7 @@ static int process_reset(int rfd) { + "/etc/hostname", + "/etc/machine-id", + "/etc/kernel/cmdline", +- "/etc/localtime") { ++ "/storage/citadel-state/localtime") { + r = reset_one(rfd, p); + if (r < 0) + return r; +diff --git a/src/timedate/timedated.c b/src/timedate/timedated.c +index c7be30f563..334e5e251e 100644 +--- a/src/timedate/timedated.c ++++ b/src/timedate/timedated.c +@@ -276,9 +276,9 @@ static int context_read_data(Context *c) { + + r = get_timezone(&t); + if (r == -EINVAL) +- log_warning_errno(r, "/etc/localtime should be a symbolic link to a time zone data file in /usr/share/zoneinfo/."); ++ log_warning_errno(r, "/storage/citadel-state/localtime should be a symbolic link to a time zone data file in /usr/share/zoneinfo/."); + else if (r < 0) +- log_warning_errno(r, "Failed to get target of /etc/localtime: %m"); ++ log_warning_errno(r, "Failed to get target of /storage/citadel-state/localtime: %m"); + + free_and_replace(c->zone, t); + +@@ -302,22 +302,22 @@ static int context_write_data_timezone(Context *c) { + + if (access("/usr/share/zoneinfo/UTC", F_OK) < 0) { + +- if (unlink("/etc/localtime") < 0 && errno != ENOENT) ++ if (unlink("/storage/citadel-state/localtime") < 0 && errno != ENOENT) + return -errno; + + return 0; + } + +- source = "../usr/share/zoneinfo/UTC"; ++ source = "../../usr/share/zoneinfo/UTC"; + } else { +- p = path_join("../usr/share/zoneinfo", c->zone); ++ p = path_join("../../usr/share/zoneinfo", c->zone); + if (!p) + return -ENOMEM; + + source = p; + } + +- return symlink_atomic(source, "/etc/localtime"); ++ return symlink_atomic(source, "/storage/citadel-state/localtime"); + } + + static int context_write_data_local_rtc(Context *c) { +diff --git a/units/systemd-timedated.service.in b/units/systemd-timedated.service.in +index 00f6643ba7..9be4010576 100644 +--- a/units/systemd-timedated.service.in ++++ b/units/systemd-timedated.service.in +@@ -31,7 +31,7 @@ ProtectKernelLogs=yes + ProtectKernelModules=yes + ProtectKernelTunables=yes + ProtectSystem=strict +-ReadWritePaths=/etc ++ReadWritePaths=/storage/citadel-state + RestrictAddressFamilies=AF_UNIX + RestrictNamespaces=yes + RestrictRealtime=yes diff --git a/meta-citadel/recipes-citadel/bbappends/systemd_%.bbappend b/meta-citadel/recipes-citadel/bbappends/systemd_%.bbappend index 453ad8e..8c9077e 100644 --- a/meta-citadel/recipes-citadel/bbappends/systemd_%.bbappend +++ b/meta-citadel/recipes-citadel/bbappends/systemd_%.bbappend @@ -16,3 +16,7 @@ do_install:append() { rm -f ${D}${sysconfdir}/tmpfiles.d/00-create-volatile.conf ln -s rescue.target ${D}${systemd_unitdir}/system/kbrequest.target } + +SRC_URI += " \ + file://0001-Modify-systemd-to-use-localtime-in-storage-citadel-s.patch \ + " diff --git a/meta-citadel/recipes-citadel/bbappends/tzdata%.bbappend b/meta-citadel/recipes-citadel/bbappends/tzdata%.bbappend new file mode 100644 index 0000000..7995e89 --- /dev/null +++ b/meta-citadel/recipes-citadel/bbappends/tzdata%.bbappend @@ -0,0 +1,5 @@ +pkg_postinst:${PN}() { + etc_lt="$D${sysconfdir}/localtime" + + ln -sf ../storage/citadel-state/localtime $etc_lt +} diff --git a/meta-citadel/recipes-citadel/citadel-config/citadel-config.bb b/meta-citadel/recipes-citadel/citadel-config/citadel-config.bb index c766ffa..627bff9 100644 --- a/meta-citadel/recipes-citadel/citadel-config/citadel-config.bb +++ b/meta-citadel/recipes-citadel/citadel-config/citadel-config.bb @@ -41,6 +41,7 @@ SRC_URI = "\ file://share/dot.profile \ file://share/dot.vimrc \ file://polkit/citadel.rules \ + file://polkit/gnome-control-center.rules \ file://citadel-installer.session \ file://citadel-installer.json \ file://citadel-installer.desktop \ @@ -163,6 +164,7 @@ do_install() { install -m 0644 ${WORKDIR}/polkit/citadel.rules ${D}${sysconfdir}/polkit-1/rules.d/ + install -m 0644 ${WORKDIR}/polkit/gnome-control-center.rules ${D}${sysconfdir}/polkit-1/rules.d/ install -m 0644 ${WORKDIR}/modprobe.d/audio_powersave.conf ${D}${sysconfdir}/modprobe.d/ diff --git a/meta-citadel/recipes-citadel/citadel-config/files/polkit/gnome-control-center.rules b/meta-citadel/recipes-citadel/citadel-config/files/polkit/gnome-control-center.rules new file mode 100644 index 0000000..3638a78 --- /dev/null +++ b/meta-citadel/recipes-citadel/citadel-config/files/polkit/gnome-control-center.rules @@ -0,0 +1,13 @@ +polkit.addRule(function(action, subject) { + if ((action.id == "org.freedesktop.locale1.set-locale" || + action.id == "org.freedesktop.locale1.set-keyboard" || + action.id == "org.freedesktop.ModemManager1.Device.Control" || + action.id == "org.freedesktop.hostname1.set-static-hostname" || + action.id == "org.freedesktop.hostname1.set-hostname" || + action.id == "org.gnome.controlcenter.datetime.configure") && + subject.local && + subject.active && + subject.isInGroup ("citadel")) { + return polkit.Result.YES; + } +}); diff --git a/meta-citadel/recipes-core/glib-2.0/glib-2.0/0001-Modify-glib-to-accommodate-citadel-timezone-symlink-.patch b/meta-citadel/recipes-core/glib-2.0/glib-2.0/0001-Modify-glib-to-accommodate-citadel-timezone-symlink-.patch new file mode 100644 index 0000000..5ebe7db --- /dev/null +++ b/meta-citadel/recipes-core/glib-2.0/glib-2.0/0001-Modify-glib-to-accommodate-citadel-timezone-symlink-.patch @@ -0,0 +1,51 @@ +From a9ad6dd95f0aa2d413a5328edf3e3e4668e39415 Mon Sep 17 00:00:00 2001 +From: isa +Date: Thu, 22 Aug 2024 15:23:03 +0000 +Subject: [PATCH] Modify glib to use localtime in /storage/citadel-state +Upstream-Status: Inappropriate [citadel specific] + +--- + glib/gtimezone.c | 8 ++++---- + 1 file changed, 4 insertions(+), 4 deletions(-) + +diff --git a/glib/gtimezone.c b/glib/gtimezone.c +index 4a4a2d0..ed1444a 100644 +--- a/glib/gtimezone.c ++++ b/glib/gtimezone.c +@@ -538,14 +538,14 @@ zone_identifier_unix (void) + gboolean not_a_symlink_to_zoneinfo = FALSE; + struct stat file_status; + +- /* Resolve the actual timezone pointed to by /etc/localtime. */ +- resolved_identifier = g_file_read_link ("/etc/localtime", &read_link_err); ++ /* Resolve the actual timezone pointed to by /storage/citadel-state/localtime. */ ++ resolved_identifier = g_file_read_link ("/storage/citadel-state/localtime", &read_link_err); + + if (resolved_identifier != NULL) + { + if (!g_path_is_absolute (resolved_identifier)) + { +- gchar *absolute_resolved_identifier = g_build_filename ("/etc", resolved_identifier, NULL); ++ gchar *absolute_resolved_identifier = g_build_filename ("/storage/citadel-state", resolved_identifier, NULL); + g_free (resolved_identifier); + resolved_identifier = g_steal_pointer (&absolute_resolved_identifier); + } +@@ -604,7 +604,7 @@ zone_identifier_unix (void) + else + { + /* Resolve relative path */ +- canonical_path = g_canonicalize_filename (resolved_identifier, "/etc"); ++ canonical_path = g_canonicalize_filename (resolved_identifier, "/storage/citadel-state"); + g_free (resolved_identifier); + resolved_identifier = g_steal_pointer (&canonical_path); + } + file = g_mapped_file_new (filename, FALSE, NULL); +@@ -671,7 +671,7 @@ zone_info_unix (const gchar *identifier, + if (resolved_identifier == NULL) + goto out; + +- filename = g_strdup ("/etc/localtime"); ++ filename = g_strdup ("/storage/citadel-state/localtime"); + } + + file = g_mapped_file_new (filename, FALSE, NULL); diff --git a/meta-citadel/recipes-core/glib-2.0/glib-2.0_%.bbappend b/meta-citadel/recipes-core/glib-2.0/glib-2.0_%.bbappend new file mode 100644 index 0000000..e9bf082 --- /dev/null +++ b/meta-citadel/recipes-core/glib-2.0/glib-2.0_%.bbappend @@ -0,0 +1,4 @@ +FILESEXTRAPATHS:prepend := "${THISDIR}/${PN}:" + +SRC_URI += "file://0001-Modify-glib-to-accommodate-citadel-timezone-symlink-.patch" + diff --git a/meta-citadel/recipes-gnome/gnome-desktop/gnome-desktop/0001-Modify-gnome-desktop-to-use-localtime-in-storage-cit.patch b/meta-citadel/recipes-gnome/gnome-desktop/gnome-desktop/0001-Modify-gnome-desktop-to-use-localtime-in-storage-cit.patch new file mode 100644 index 0000000..21ac5d2 --- /dev/null +++ b/meta-citadel/recipes-gnome/gnome-desktop/gnome-desktop/0001-Modify-gnome-desktop-to-use-localtime-in-storage-cit.patch @@ -0,0 +1,23 @@ +From f96b772948fa78cbb6b2e58f6fe41e53501cc629 Mon Sep 17 00:00:00 2001 +From: isa +Date: Fri, 23 Aug 2024 16:00:25 +0000 +Subject: [PATCH] Modify gnome-desktop to use localtime in /storage/citadel-state +Upstream-Status: Inappropriate [citadel specific] + +--- + libgnome-desktop/gnome-wall-clock.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/libgnome-desktop/gnome-wall-clock.c b/libgnome-desktop/gnome-wall-clock.c +index 4646220..1bb8269 100644 +--- a/libgnome-desktop/gnome-wall-clock.c ++++ b/libgnome-desktop/gnome-wall-clock.c +@@ -78,7 +78,7 @@ gnome_wall_clock_init (GnomeWallClock *self) + + self->priv->clock_string = NULL; + +- tz = g_file_new_for_path ("/etc/localtime"); ++ tz = g_file_new_for_path ("/storage/citadel-state/localtime"); + self->priv->tz_monitor = g_file_monitor_file (tz, 0, NULL, NULL); + g_object_unref (tz); + diff --git a/meta-citadel/recipes-gnome/gnome-desktop/gnome-desktop_%.bbappend b/meta-citadel/recipes-gnome/gnome-desktop/gnome-desktop_%.bbappend new file mode 100644 index 0000000..ef5caa3 --- /dev/null +++ b/meta-citadel/recipes-gnome/gnome-desktop/gnome-desktop_%.bbappend @@ -0,0 +1,4 @@ +FILESEXTRAPATHS:prepend := "${THISDIR}/${PN}:" + +SRC_URI += "file://0001-Modify-gnome-desktop-to-use-localtime-in-storage-cit.patch" +