Systemd-250
Introduction to systemd
While systemd was installed when
building LFS, there are many features provided by the package that
were not included in the initial installation because Linux-PAM was not yet installed. The
systemd package needs to be
rebuilt to provide a working systemd-logind service, which
provides many additional features for dependent packages.
This package is known to build and work properly using an LFS-11.1
platform.
Package Information
Additional Downloads
systemd Dependencies
Required
Jinja2-3.0.3 and Linux-PAM-1.5.2
Recommended Runtime Dependencies
Polkit-0.120
Optional
btrfs-progs-5.16.2, cURL-7.81.0,
cryptsetup-2.4.3, git-2.35.1, GnuTLS-3.7.3,
iptables-1.8.7, libgcrypt-1.10.0,
libidn2-2.3.2, libpwquality-1.4.4, libseccomp-2.5.3,
libxkbcommon-1.4.0, make-ca-1.10,
p11-kit-0.24.1, pcre2-10.39, qemu-6.2.0,
qrencode-4.1.1, rsync-3.2.3,
Valgrind-3.18.1, zsh-5.8.1 (for the zsh
completions), gnu-efi, kexec-tools,
libbpf, libdw, libfido2,
libmicrohttpd,
lz4,
quota-tools,
Sphinx, and tpm2-tss
Optional (to rebuild the manual pages)
docbook-xml-4.5, docbook-xsl-1.79.2, libxslt-1.1.35, and
lxml-4.7.1 (to build the index of systemd manual
pages)
User Notes: https://wiki.linuxfromscratch.org/blfs/wiki/systemd
Installation of systemd
Apply a patch to fix a security vulnerability and fix issues with
the default hostname on some systems:
patch -Np1 -i ../systemd-250-upstream_fixes-1.patch
Remove two unneeded groups, render
and sgx
, from the default udev
rules:
sed -i -e 's/GROUP="render"/GROUP="video"/' \
-e 's/GROUP="sgx", //' rules.d/50-udev-default.rules.in
Rebuild systemd by running the
following commands:
mkdir build &&
cd build &&
meson --prefix=/usr \
--buildtype=release \
-Dblkid=true \
-Ddefault-dnssec=no \
-Dfirstboot=false \
-Dinstall-tests=false \
-Dldconfig=false \
-Dman=auto \
-Dsysusers=false \
-Drpmmacrosdir=no \
-Db_lto=false \
-Dhomed=false \
-Duserdb=false \
-Dmode=release \
-Dpamconfdir=/etc/pam.d \
-Ddocdir=/usr/share/doc/systemd-250 \
.. &&
ninja
Note
For the best test results, make sure you run the testsuite from a
system that is booted by the same systemd version you are rebuilding.
To test the results, issue: PATH+=:/usr/sbin ninja test.
Now, as the root
user:
ninja install
Command Explanations
--buildtype=release
:
Specify a buildtype suitable for stable releases of the package, as
the default may produce unoptimized binaries.
-Dpamconfdir=/etc/pam.d
:
Forces the PAM files to be installed in /etc/pam.d rather than
/usr/lib/pam.d.
-Duserdb=false
: Removes a
daemon that does not offer any use under a BLFS configuration. If
you wish to enable the userdbd
daemon, replace "false" with "true" in the above meson command.
-Dhomed=false
: Removes a
daemon that does not offer any use under a traditional BLFS
configuration, especially using accounts created with useradd. To
enable systemd-homed, first ensure that you have cryptsetup-2.4.3 and libpwquality-1.4.4 installed, and then
change "false" to "true" in the above meson command.
Configuring systemd
The /etc/pam.d/system-session
file
needs to be modified and a new file needs to be created in order
for systemd-logind to
work correctly. Run the following commands as the root
user:
grep 'pam_systemd' /etc/pam.d/system-session ||
cat >> /etc/pam.d/system-session << "EOF"
# Begin Systemd addition
session required pam_loginuid.so
session optional pam_systemd.so
# End Systemd addition
EOF
cat > /etc/pam.d/systemd-user << "EOF"
# Begin /etc/pam.d/systemd-user
account required pam_access.so
account include system-account
session required pam_env.so
session required pam_limits.so
session required pam_unix.so
session required pam_loginuid.so
session optional pam_keyinit.so force revoke
session optional pam_systemd.so
auth required pam_deny.so
password required pam_deny.so
# End /etc/pam.d/systemd-user
EOF
Warning
If upgrading from a previous version of systemd and an initrd is
used for system boot, you should generate a new initrd before
rebooting the system.
Contents
A list of the installed files, along with their short descriptions
can be found at
../../../../lfs/view/11.1-systemd/chapter08/systemd.html#contents-systemd.
Listed below are the newly installed programs along with short
descriptions.
Short Descriptions
homectl
|
is a tool to create, remove, change, or inspect a home
directory managed by systemd-homed; note
that it's useless for the classic UNIX users and home
directories which we are using in LFS/BLFS book
|
systemd-cryptenroll
|
Is used to enroll or remove a system from full disk
encryption, as well as set and query private keys and
recovery keys
|
userdbctl
|
inspects users, groups, and group memberships
|
pam_systemd.so
|
is a PAM module used to register user sessions with the
systemd login manager,
systemd-logind
|
Last updated on