[PATCH 0/7] systemd patches

[PATCH 0/7] systemd patches

[Jonas Bonn]

These patches make some modifications to systemd with the long-term goal
of being able to run OE in systemd's "stateless" configuration.
"Stateless" boils down to building an image with empty /etc and /var
directories so that volatile (tmpfs) filesystems can be mounted there;
this requires that the system subsequently be able to populate these
directories dynamically, which systemd mostly takes care of if things
are done right.

In these patches:
i)    Don't include machine-id in writable images so that systemd can run
its first-boot machinery
ii)   Move systemd configuration files out of /etc
iii)  Allow systemd to dynamically enable services and populate
/etc/systemd/system via the presets mechanism

There's a long way to go to get to a working "stateless" configuration.
Getting to a "volatile" system (just empty /var) should be easier and
I'll post patches moving things in that direction shortly.

/Jonas

Jonas Bonn (7):
  systemd: do not create machine-id
  systemd-conf: simplify creation of configuration
  systemd: move additional conffiles to systemd-conf
  systemd: create preset files instead of installing in image
  systemd-systemctl-native: simplify and support preset-all
  rootfs-postcommands: call preset-all for read-only-rootfs
  systemd: do not pre-enable services, rely on presets

 meta/classes/rootfs-postcommands.bbclass      |  8 ++++
 meta/classes/systemd.bbclass                  | 33 +++++++-------
 meta/recipes-core/systemd/systemd-conf.bb     | 45 +++++++------------
 .../systemd/systemd-systemctl/systemctl       | 36 +++------------
 meta/recipes-core/systemd/systemd_239.bb      |  4 ++
 5 files changed, 52 insertions(+), 74 deletions(-)

-- 
2.19.1

[PATCH 1/7] systemd: do not create machine-id

[Jonas Bonn]

There is no reason to have an emtpy machine-id as part of the systemd
package.  Either:

i)  the filesystem is writable and the file will be created
automatically; or
ii) the filesystem is read-only, in which case the empty machine-id file
should be created as part of the read-only-rootfs tweaks.
---
 meta/classes/rootfs-postcommands.bbclass  | 6 ++++++
 meta/recipes-core/systemd/systemd-conf.bb | 9 ++-------
 2 files changed, 8 insertions(+), 7 deletions(-)

diff --git a/meta/classes/rootfs-postcommands.bbclass b/meta/classes/rootfs-postcommands.bbclass
index bde58ad6cd..89f8efd323 100644
--- a/meta/classes/rootfs-postcommands.bbclass
+++ b/meta/classes/rootfs-postcommands.bbclass
@@ -126,6 +126,12 @@ read_only_rootfs_hook () {
 			${IMAGE_ROOTFS}/etc/init.d/populate-volatile.sh
 		fi
 	fi
+
+	if ${@bb.utils.contains("DISTRO_FEATURES", "systemd", "true", "false", d)}; then
+	# Create machine-id
+	# 20:12 < mezcalero> koen: you have three options: a) run systemd-machine-id-setup at install time, b) have / read-only and an empty file there (for stateless) and c) boot with / writable
+		touch ${IMAGE_ROOTFS}${sysconfdir}/machine-id
+	fi
 }
 
 #
diff --git a/meta/recipes-core/systemd/systemd-conf.bb b/meta/recipes-core/systemd/systemd-conf.bb
index 9bb27fd96d..7fe2e1105b 100644
--- a/meta/recipes-core/systemd/systemd-conf.bb
+++ b/meta/recipes-core/systemd/systemd-conf.bb
@@ -7,14 +7,13 @@ DefaultTimeoutStartSec setting."
 
 PACKAGE_ARCH = "${MACHINE_ARCH}"
 
-CONFFILES_${PN} = "${sysconfdir}/machine-id \
-${sysconfdir}/systemd/coredump.conf \
+CONFFILES_${PN} = "${sysconfdir}/systemd/coredump.conf \
 ${sysconfdir}/systemd/journald.conf \
 ${sysconfdir}/systemd/logind.conf \
 ${sysconfdir}/systemd/system.conf \
 ${sysconfdir}/systemd/user.conf"
 
-FILES_${PN} = "${sysconfdir}/machine-id ${sysconfdir}/systemd"
+FILES_${PN} = "${sysconfdir}/systemd"
 
 do_configure[noexec] = '1'
 do_compile[noexec] = '1'
@@ -23,10 +22,6 @@ do_install() {
 	rm -rf ${D}/${sysconfdir}/systemd
 	install -d ${D}/${sysconfdir}/systemd
 
-	# Create machine-id
-	# 20:12 < mezcalero> koen: you have three options: a) run systemd-machine-id-setup at install time, b) have / read-only and an empty file there (for stateless) and c) boot with / writable
-	touch ${D}${sysconfdir}/machine-id
-
 	install -m 0644 ${S}/src/coredump/coredump.conf ${D}${sysconfdir}/systemd/coredump.conf
 
 	install -m 0644 ${S}/src/journal/journald.conf ${D}${sysconfdir}/systemd/journald.conf
-- 
2.19.1

[PATCH 2/7] systemd-conf: simplify creation of configuration

[Jonas Bonn]

The configuration files that systemd installs are just skeletons
detailing the available options and their default values.  The
recommended means of changing the configuration is to provide snippets
in configuration directories.  For example, journald.conf settings are
best set in /usr/lib/journald.conf.d/ and can be overridden by the user
by providing overriding snippets in /etc/systemd/journald.conf.d/.

The base configuration files have the lowest priority; they will always
be overridden by any snippets.  As such, it's probably best to not
provide them at all.  This also moves us a step closer to an empty /etc
which is should be a long term goal in order to allow running OE as a
"stateless system".

This patch moves the systemd configuration to snippets in
/usr/lib/*.conf.d.  This simplifies the recipe considerably since it now
just sets up a couple of text files and doesn't even need access to the
systemd source anymore.
---
 meta/recipes-core/systemd/systemd-conf.bb | 34 +++++++++--------------
 1 file changed, 13 insertions(+), 21 deletions(-)

diff --git a/meta/recipes-core/systemd/systemd-conf.bb b/meta/recipes-core/systemd/systemd-conf.bb
index 7fe2e1105b..a504afe3e7 100644
--- a/meta/recipes-core/systemd/systemd-conf.bb
+++ b/meta/recipes-core/systemd/systemd-conf.bb
@@ -1,9 +1,8 @@
-require systemd.inc
-
 SUMMARY = "Systemd system configuration"
 DESCRIPTION = "Systemd may require slightly different configuration for \
 different machines.  For example, qemu machines require a longer \
 DefaultTimeoutStartSec setting."
+LICENSE = "GPLv2"
 
 PACKAGE_ARCH = "${MACHINE_ARCH}"
 
@@ -13,36 +12,29 @@ ${sysconfdir}/systemd/logind.conf \
 ${sysconfdir}/systemd/system.conf \
 ${sysconfdir}/systemd/user.conf"
 
-FILES_${PN} = "${sysconfdir}/systemd"
-
-do_configure[noexec] = '1'
-do_compile[noexec] = '1'
+FILES_${PN} = "/usr/lib/journald.conf.d/* \
+/usr/lib/logind.conf.d/* \
+/usr/lib/system.conf.d/* \
+"
 
 do_install() {
-	rm -rf ${D}/${sysconfdir}/systemd
-	install -d ${D}/${sysconfdir}/systemd
-
-	install -m 0644 ${S}/src/coredump/coredump.conf ${D}${sysconfdir}/systemd/coredump.conf
-
-	install -m 0644 ${S}/src/journal/journald.conf ${D}${sysconfdir}/systemd/journald.conf
+	install -d ${D}/usr/lib/journald.conf.d
 	# Enable journal to forward message to syslog daemon
-	sed -i -e 's/.*ForwardToSyslog.*/ForwardToSyslog=yes/' ${D}${sysconfdir}/systemd/journald.conf
+	echo "ForwardToSyslog=yes" >> ${D}/usr/lib/journald.conf.d/${PN}.conf
 	# Set the maximium size of runtime journal to 64M as default
-	sed -i -e 's/.*RuntimeMaxUse.*/RuntimeMaxUse=64M/' ${D}${sysconfdir}/systemd/journald.conf
+	echo "RuntimeMaxUse=64M" >> ${D}/usr/lib/journald.conf.d/${PN}.conf
 
-	install -m 0644 ${S}/src/login/logind.conf.in ${D}${sysconfdir}/systemd/logind.conf
+	install -d ${D}/usr/lib/logind.conf.d
 	# Set KILL_USER_PROCESSES to yes
-	sed -i -e 's/@KILL_USER_PROCESSES@/yes/' ${D}${sysconfdir}/systemd/logind.conf
+	echo "KillUserProcesses=yes" >> ${D}/usr/lib/logind.conf.d/${PN}.conf
 
-	install -m 0644 ${S}/src/core/system.conf.in ${D}${sysconfdir}/systemd/system.conf
+	install -d ${D}/usr/lib/system.conf.d
 	# Set MEMORY_ACCOUNTING_DEFAULT to yes
-	sed -i -e 's/@MEMORY_ACCOUNTING_DEFAULT@/yes/' ${D}${sysconfdir}/systemd/system.conf
-
-	install -m 0644 ${S}/src/core/user.conf ${D}${sysconfdir}/systemd/user.conf
+	echo "DefaultMemoryAccounting=yes" >> ${D}/usr/lib/system.conf.d/${PN}.conf
 }
 
 # Based on change from YP bug 8141, OE commit 5196d7bacaef1076c361adaa2867be31759c1b52
 do_install_append_qemuall() {
 	# Change DefaultTimeoutStartSec from 90s to 240s
-	echo "DefaultTimeoutStartSec = 240s" >> ${D}${sysconfdir}/systemd/system.conf
+	echo "DefaultTimeoutStartSec = 240s" >> ${D}/usr/lib/system.conf.d/${PN}.conf
 }
-- 
2.19.1

[PATCH 3/7] systemd: move additional conffiles to systemd-conf

[Jonas Bonn]

---
 meta/recipes-core/systemd/systemd-conf.bb | 4 +++-
 meta/recipes-core/systemd/systemd_239.bb  | 2 ++
 2 files changed, 5 insertions(+), 1 deletion(-)

diff --git a/meta/recipes-core/systemd/systemd-conf.bb b/meta/recipes-core/systemd/systemd-conf.bb
index a504afe3e7..ea99166a2e 100644
--- a/meta/recipes-core/systemd/systemd-conf.bb
+++ b/meta/recipes-core/systemd/systemd-conf.bb
@@ -10,7 +10,9 @@ CONFFILES_${PN} = "${sysconfdir}/systemd/coredump.conf \
 ${sysconfdir}/systemd/journald.conf \
 ${sysconfdir}/systemd/logind.conf \
 ${sysconfdir}/systemd/system.conf \
-${sysconfdir}/systemd/user.conf"
+${sysconfdir}/systemd/user.conf \
+${sysconfdir}/systemd/resolved.conf \
+${sysconfdir}/systemd/timesyncd.conf"
 
 FILES_${PN} = "/usr/lib/journald.conf.d/* \
 /usr/lib/logind.conf.d/* \
diff --git a/meta/recipes-core/systemd/systemd_239.bb b/meta/recipes-core/systemd/systemd_239.bb
index 03acce25b7..70e687c92e 100644
--- a/meta/recipes-core/systemd/systemd_239.bb
+++ b/meta/recipes-core/systemd/systemd_239.bb
@@ -292,6 +292,8 @@ do_install() {
 	rm -f ${D}${sysconfdir}/systemd/logind.conf
 	rm -f ${D}${sysconfdir}/systemd/system.conf
 	rm -f ${D}${sysconfdir}/systemd/user.conf
+	rm -f ${D}${sysconfdir}/systemd/resolved.conf
+	rm -f ${D}${sysconfdir}/systemd/timesyncd.conf
 
 	# duplicate udevadm for postinst script
 	install -d ${D}${libexecdir}
-- 
2.19.1

[PATCH 4/7] systemd: create preset files instead of installing in image

[Jonas Bonn]

At first boot, systemd will create the /etc/systemd/system directory
from service preset files.  As such, for a normal, writable /etc
(writable rootfs), there is no need to set up this directory at image
creation time.

This patch changes the systemd machinery to create preset files and to
rely on systemd to do the service enablement.

This breaks the read-only-rootfs case; there's a fix for this in a
follow-up patch.
---
 meta/classes/systemd.bbclass | 33 ++++++++++++++++-----------------
 1 file changed, 16 insertions(+), 17 deletions(-)

diff --git a/meta/classes/systemd.bbclass b/meta/classes/systemd.bbclass
index c7b784dea8..cf3b5de4a1 100644
--- a/meta/classes/systemd.bbclass
+++ b/meta/classes/systemd.bbclass
@@ -16,43 +16,32 @@ python __anonymous() {
     # from doing any work so that pure-systemd images don't have redundant init
     # files.
     if bb.utils.contains('DISTRO_FEATURES', 'systemd', True, False, d):
-        d.appendVar("DEPENDS", " systemd-systemctl-native")
-        d.appendVar("PACKAGE_WRITE_DEPS", " systemd-systemctl-native")
         if not bb.utils.contains('DISTRO_FEATURES', 'sysvinit', True, False, d):
             d.setVar("INHIBIT_UPDATERCD_BBCLASS", "1")
 }
 
 systemd_postinst() {
-OPTS=""
-
 if [ -n "$D" ]; then
-    OPTS="--root=$D"
+	exit 0
 fi
 
 if type systemctl >/dev/null 2>/dev/null; then
-	if [ -z "$D" ]; then
-		systemctl daemon-reload
-	fi
-
-	systemctl $OPTS ${SYSTEMD_AUTO_ENABLE} ${SYSTEMD_SERVICE_ESCAPED}
+	systemctl daemon-reload
+	systemctl preset ${SYSTEMD_SERVICE_ESCAPED}
 
-	if [ -z "$D" -a "${SYSTEMD_AUTO_ENABLE}" = "enable" ]; then
+	if [ "${SYSTEMD_AUTO_ENABLE}" = "enable" ]; then
 		systemctl --no-block restart ${SYSTEMD_SERVICE_ESCAPED}
 	fi
 fi
 }
 
 systemd_prerm() {
-OPTS=""
-
 if [ -n "$D" ]; then
-    OPTS="--root=$D"
+	exit 0
 fi
 
 if type systemctl >/dev/null 2>/dev/null; then
-	if [ -z "$D" ]; then
-		systemctl stop ${SYSTEMD_SERVICE_ESCAPED}
-	fi
+	systemctl stop ${SYSTEMD_SERVICE_ESCAPED}
 
 	systemctl $OPTS disable ${SYSTEMD_SERVICE_ESCAPED}
 fi
@@ -177,12 +166,22 @@ python systemd_populate_packages() {
                 else:
                     bb.fatal("SYSTEMD_SERVICE_%s value %s does not exist" % (pkg_systemd, service))
 
+    def systemd_create_presets(pkg):
+        action = get_package_var(d, 'SYSTEMD_AUTO_ENABLE', pkg)
+        presetf = oe.path.join(d.getVar("PKGD"), "/lib/systemd/system-preset/98-%s.preset" % pkg)
+        bb.utils.mkdirhier(os.path.dirname(presetf))
+        with open(presetf, 'a') as fd:
+            for service in d.getVar('SYSTEMD_SERVICE_%s' % pkg).split():
+                fd.write("%s %s\n" % (action,service))
+        d.appendVar("FILES_%s" % pkg, " /lib/systemd/system-preset/98-%s.preset" % pkg)
+
     # Run all modifications once when creating package
     if os.path.exists(d.getVar("D")):
         for pkg in d.getVar('SYSTEMD_PACKAGES').split():
             systemd_check_package(pkg)
             if d.getVar('SYSTEMD_SERVICE_' + pkg):
                 systemd_generate_package_scripts(pkg)
+                systemd_create_presets(pkg)
         systemd_check_services()
 }
 
-- 
2.19.1

[PATCH 5/7] systemd-systemctl-native: simplify and support preset-all

[Jonas Bonn]

Now that the systemd class sets up service presets instead of actively
enabling services, the 'enable' and 'disable' subcommands for systemctl
are not actually used anywhere.  As such, we can remove these to make
sure that nobody inadvertently introduces new uses of them.

We do, however, one case where the enable/disable machinery is still
required; that is for the read-only-rootfs case where the 'preset-all'
command can not be called at runtime but needs to be called when creatng
the image.  For this case, we implement 'preset-all' here.

There was also a previous implement of 'preset'... not sure that this
ever worked as the implementation looks bogus and there aren't any users
anyway.  This patch removes the 'preset' subcommand, as well.
---
 .../systemd/systemd-systemctl/systemctl       | 36 ++++---------------
 1 file changed, 7 insertions(+), 29 deletions(-)

diff --git a/meta/recipes-core/systemd/systemd-systemctl/systemctl b/meta/recipes-core/systemd/systemd-systemctl/systemctl
index 2bc6489617..ce50352018 100755
--- a/meta/recipes-core/systemd/systemd-systemctl/systemctl
+++ b/meta/recipes-core/systemd/systemd-systemctl/systemctl
@@ -9,22 +9,6 @@ while [ $# != 0 ]; do
 	opt="$1"
 
 	case "$opt" in
-		enable)
-			shift
-
-			action="$opt"
-			services="$1"
-			cmd_args="1"
-			shift
-			;;
-		disable)
-			shift
-
-			action="$opt"
-			services="$1"
-			cmd_args="1"
-			shift
-			;;
 		mask)
 			shift
 
@@ -33,13 +17,11 @@ while [ $# != 0 ]; do
 			cmd_args="1"
 			shift
 			;;
-		preset)
+		preset-all)
 			shift
 
 			action="$opt"
-			services="$1"
-			cmd_args="1"
-			shift
+			cmd_args="0"
 			;;
 		--root=*)
 			ROOT=${opt##--root=}
@@ -57,16 +39,12 @@ while [ $# != 0 ]; do
 			;;
 	esac
 done
-if [ "$action" = "preset" -a "$service_file" = "" ]; then
+
+if [ "$action" = "preset-all" ]; then
 	services=$(for f in `find $ROOT/etc/systemd/system $ROOT/lib/systemd/system $ROOT/usr/lib/systemd/system -type f 2>1`; do basename $f; done)
-	services="$services $opt"
-	presetall=1
 fi
 
 for service in $services; do
-	if [ "$presetall" = "1" ]; then
-		action="preset"
-	fi
 	if [ "$action" = "mask" ]; then
 		if [ ! -d $ROOT/etc/systemd/system/ ]; then
 			mkdir -p $ROOT/etc/systemd/system/
@@ -105,10 +83,10 @@ for service in $services; do
 	# If any new unit types are added to systemd they should be added
 	# to this regular expression.
 	unit_types_re='\.\(service\|socket\|device\|mount\|automount\|swap\|target\|target\.wants\|path\|timer\|snapshot\)\s*$'
-	if [ "$action" = "preset" ]; then
-		action=`egrep -sh  $service $ROOT/etc/systemd/user-preset/*.preset | cut -f1 -d' '`
+	if [ "$action" = "preset-all" ]; then
+		action=`egrep -sh  $service $ROOT/usr/lib/systemd/system-preset/*.preset | cut -f1 -d' '`
 		if [ -z "$action" ]; then
-			globalpreset=`egrep -sh  '\*'  $ROOT/etc/systemd/user-preset/*.preset | cut -f1 -d' '`
+			globalpreset=`egrep -sh  '\*'  $ROOT/usr/lib/systemd/system-preset/*.preset | cut -f1 -d' '`
 			if [ -n "$globalpreset" ]; then
 				action="$globalpreset"
 			else
-- 
2.19.1

[PATCH 6/7] rootfs-postcommands: call preset-all for read-only-rootfs

[Jonas Bonn]

When the rootfs is read-only, we cannot rely on systemd's default
invocation of preset-all at runtime in order to enable services.  As
such, we need to do it at image creation time.
---
 meta/classes/rootfs-postcommands.bbclass | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/meta/classes/rootfs-postcommands.bbclass b/meta/classes/rootfs-postcommands.bbclass
index 89f8efd323..5fcd53c4ca 100644
--- a/meta/classes/rootfs-postcommands.bbclass
+++ b/meta/classes/rootfs-postcommands.bbclass
@@ -16,6 +16,7 @@ ROOTFS_POSTPROCESS_COMMAND += "rootfs_update_timestamp ; "
 
 # Tweak the mount options for rootfs in /etc/fstab if read-only-rootfs is enabled
 ROOTFS_POSTPROCESS_COMMAND += '${@bb.utils.contains("IMAGE_FEATURES", "read-only-rootfs", "read_only_rootfs_hook; ", "",d)}'
+IMAGE_EXTRADEPENDS += '${@bb.utils.contains("IMAGE_FEATURES", "read-only-rootfs", "systemd-systemctl-native", "", d)}'
 
 # We also need to do the same for the kernel boot parameters,
 # otherwise kernel or initramfs end up mounting the rootfs read/write
@@ -131,6 +132,7 @@ read_only_rootfs_hook () {
 	# Create machine-id
 	# 20:12 < mezcalero> koen: you have three options: a) run systemd-machine-id-setup at install time, b) have / read-only and an empty file there (for stateless) and c) boot with / writable
 		touch ${IMAGE_ROOTFS}${sysconfdir}/machine-id
+		systemctl --root=${IMAGE_ROOTFS} preset-all
 	fi
 }
 
-- 
2.19.1

[PATCH 7/7] systemd: do not pre-enable services, rely on presets

[Jonas Bonn]

At installation, systemd _both_ installs preset files for its services
and enables the services accordingly (effectively, calling 'systemctl
preset-all' on its own services).  As we now rely on systemd calling
preset-all at first boot, there's no need to carry the pre-populated
/etc/systemd/system directory in the package.

This gets us a step closer to en empty /etc which is a requirement for
running a "stateless system".
---
 meta/recipes-core/systemd/systemd_239.bb | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/meta/recipes-core/systemd/systemd_239.bb b/meta/recipes-core/systemd/systemd_239.bb
index 70e687c92e..7b4c5c56aa 100644
--- a/meta/recipes-core/systemd/systemd_239.bb
+++ b/meta/recipes-core/systemd/systemd_239.bb
@@ -298,6 +298,8 @@ do_install() {
 	# duplicate udevadm for postinst script
 	install -d ${D}${libexecdir}
 	ln ${D}${base_bindir}/udevadm ${D}${libexecdir}/${MLPREFIX}udevadm
+
+	rm -rf ${D}${sysconfdir}/systemd/system
 }
 
 
-- 
2.19.1

✗ patchtest: failure for systemd patches

[Patchwork]

== Series Details ==

Series: systemd patches
Revision: 1
URL   : https://patchwork.openembedded.org/series/15497/
State : failure

== Summary ==


Thank you for submitting this patch series to OpenEmbedded Core. This is
an automated response. Several tests have been executed on the proposed
series by patchtest resulting in the following failures:



* Patch            [1/7] systemd: do not create machine-id
 Issue             Patch is missing Signed-off-by [test_signed_off_by_presence] 
  Suggested fix    Sign off the patch (either manually or with "git commit --amend -s")

* Issue             LIC_FILES_CHKSUM changed on target systemd-conf but there is no "License-Update" tag in commit message [test_lic_files_chksum_modified_not_mentioned] 
  Suggested fix    Include "License-Update: <description>" into the commit message with a brief description
  Current checksum file://LICENSE.GPL2;md5=751419260aa954499f7abaabaa882bbe                     file://LICENSE.LGPL2.1;md5=4fbd65380cdd255951079008b364516c
  New checksum     None



If you believe any of these test results are incorrect, please reply to the
mailing list (openembedded-core@lists.openembedded.org) raising your concerns.
Otherwise we would appreciate you correcting the issues and submitting a new
version of the patchset if applicable. Please ensure you add/increment the
version number when sending the new version (i.e. [PATCH] -> [PATCH v2] ->
[PATCH v3] -> ...).

---
Guidelines:     https://www.openembedded.org/wiki/Commit_Patch_Message_Guidelines
Test framework: http://git.yoctoproject.org/cgit/cgit.cgi/patchtest
Test suite:     http://git.yoctoproject.org/cgit/cgit.cgi/patchtest-oe

Re: [PATCH 2/7] systemd-conf: simplify creation of configuration

[Randy MacLeod]

On 12/31/18 7:05 AM, Jonas Bonn wrote:
> The configuration files that systemd installs are just skeletons
> detailing the available options and their default values.  The
> recommended means of changing the configuration is to provide snippets
> in configuration directories.  For example, journald.conf settings are
> best set in /usr/lib/journald.conf.d/ and can be overridden by the user
> by providing overriding snippets in /etc/systemd/journald.conf.d/.
> 
> The base configuration files have the lowest priority; they will always
> be overridden by any snippets.  As such, it's probably best to not
> provide them at all.  This also moves us a step closer to an empty /etc
> which is should be a long term goal in order to allow running OE as a
> "stateless system".
> 
> This patch moves the systemd configuration to snippets in
> /usr/lib/*.conf.d.  This simplifies the recipe considerably since it now
> just sets up a couple of text files and doesn't even need access to the
> systemd source anymore.
> ---
>   meta/recipes-core/systemd/systemd-conf.bb | 34 +++++++++--------------
>   1 file changed, 13 insertions(+), 21 deletions(-)
> 
> diff --git a/meta/recipes-core/systemd/systemd-conf.bb b/meta/recipes-core/systemd/systemd-conf.bb
> index 7fe2e1105b..a504afe3e7 100644
> --- a/meta/recipes-core/systemd/systemd-conf.bb
> +++ b/meta/recipes-core/systemd/systemd-conf.bb
> @@ -1,9 +1,8 @@
> -require systemd.inc
> -
>   SUMMARY = "Systemd system configuration"
>   DESCRIPTION = "Systemd may require slightly different configuration for \
>   different machines.  For example, qemu machines require a longer \
>   DefaultTimeoutStartSec setting."
> +LICENSE = "GPLv2"

Systemd claims that these conf files are: LGPLv2.1+ licensed.

https://github.com/systemd/systemd/blob/master/sysusers.d/systemd.conf.m4

https://github.com/systemd/systemd/blob/master/modprobe.d/systemd.conf

>   
>   PACKAGE_ARCH = "${MACHINE_ARCH}"
>   
> @@ -13,36 +12,29 @@ ${sysconfdir}/systemd/logind.conf \
>   ${sysconfdir}/systemd/system.conf \
>   ${sysconfdir}/systemd/user.conf"
>   
> -FILES_${PN} = "${sysconfdir}/systemd"
> -
> -do_configure[noexec] = '1'
> -do_compile[noexec] = '1'
> +FILES_${PN} = "/usr/lib/journald.conf.d/* \
> +/usr/lib/logind.conf.d/* \
> +/usr/lib/system.conf.d/* \
> +"
>   
>   do_install() {
> -	rm -rf ${D}/${sysconfdir}/systemd
> -	install -d ${D}/${sysconfdir}/systemd
> -
> -	install -m 0644 ${S}/src/coredump/coredump.conf ${D}${sysconfdir}/systemd/coredump.conf
> -
> -	install -m 0644 ${S}/src/journal/journald.conf ${D}${sysconfdir}/systemd/journald.conf
> +	install -d ${D}/usr/lib/journald.conf.d

Should the recipe use /usr/lib or is / should there be a
'systemdconfdir' var?

Otherwise, LGTM.
../Randy

>   	# Enable journal to forward message to syslog daemon
> -	sed -i -e 's/.*ForwardToSyslog.*/ForwardToSyslog=yes/' ${D}${sysconfdir}/systemd/journald.conf
> +	echo "ForwardToSyslog=yes" >> ${D}/usr/lib/journald.conf.d/${PN}.conf
>   	# Set the maximium size of runtime journal to 64M as default
> -	sed -i -e 's/.*RuntimeMaxUse.*/RuntimeMaxUse=64M/' ${D}${sysconfdir}/systemd/journald.conf
> +	echo "RuntimeMaxUse=64M" >> ${D}/usr/lib/journald.conf.d/${PN}.conf
>   
> -	install -m 0644 ${S}/src/login/logind.conf.in ${D}${sysconfdir}/systemd/logind.conf
> +	install -d ${D}/usr/lib/logind.conf.d
>   	# Set KILL_USER_PROCESSES to yes
> -	sed -i -e 's/@KILL_USER_PROCESSES@/yes/' ${D}${sysconfdir}/systemd/logind.conf
> +	echo "KillUserProcesses=yes" >> ${D}/usr/lib/logind.conf.d/${PN}.conf
>   
> -	install -m 0644 ${S}/src/core/system.conf.in ${D}${sysconfdir}/systemd/system.conf
> +	install -d ${D}/usr/lib/system.conf.d
>   	# Set MEMORY_ACCOUNTING_DEFAULT to yes
> -	sed -i -e 's/@MEMORY_ACCOUNTING_DEFAULT@/yes/' ${D}${sysconfdir}/systemd/system.conf
> -
> -	install -m 0644 ${S}/src/core/user.conf ${D}${sysconfdir}/systemd/user.conf
> +	echo "DefaultMemoryAccounting=yes" >> ${D}/usr/lib/system.conf.d/${PN}.conf
>   }
>   
>   # Based on change from YP bug 8141, OE commit 5196d7bacaef1076c361adaa2867be31759c1b52
>   do_install_append_qemuall() {
>   	# Change DefaultTimeoutStartSec from 90s to 240s
> -	echo "DefaultTimeoutStartSec = 240s" >> ${D}${sysconfdir}/systemd/system.conf
> +	echo "DefaultTimeoutStartSec = 240s" >> ${D}/usr/lib/system.conf.d/${PN}.conf
>   }
> 


-- 
# Randy MacLeod
# Wind River Linux

Re: [PATCH 2/7] systemd-conf: simplify creation of configuration

[Jonas Bonn]

Hi Randy,

Thanks for looking at this.

On 01/01/2019 16:29, Randy MacLeod wrote:
> On 12/31/18 7:05 AM, Jonas Bonn wrote:
>> The configuration files that systemd installs are just skeletons
>> detailing the available options and their default values.  The
>> recommended means of changing the configuration is to provide snippets
>> in configuration directories.  For example, journald.conf settings are
>> best set in /usr/lib/journald.conf.d/ and can be overridden by the user
>> by providing overriding snippets in /etc/systemd/journald.conf.d/.
>>
>> The base configuration files have the lowest priority; they will always
>> be overridden by any snippets.  As such, it's probably best to not
>> provide them at all.  This also moves us a step closer to an empty /etc
>> which is should be a long term goal in order to allow running OE as a
>> "stateless system".
>>
>> This patch moves the systemd configuration to snippets in
>> /usr/lib/*.conf.d.  This simplifies the recipe considerably since it now
>> just sets up a couple of text files and doesn't even need access to the
>> systemd source anymore.
>> ---
>>   meta/recipes-core/systemd/systemd-conf.bb | 34 +++++++++--------------
>>   1 file changed, 13 insertions(+), 21 deletions(-)
>>
>> diff --git a/meta/recipes-core/systemd/systemd-conf.bb 
>> b/meta/recipes-core/systemd/systemd-conf.bb
>> index 7fe2e1105b..a504afe3e7 100644
>> --- a/meta/recipes-core/systemd/systemd-conf.bb
>> +++ b/meta/recipes-core/systemd/systemd-conf.bb
>> @@ -1,9 +1,8 @@
>> -require systemd.inc
>> -
>>   SUMMARY = "Systemd system configuration"
>>   DESCRIPTION = "Systemd may require slightly different configuration 
>> for \
>>   different machines.  For example, qemu machines require a longer \
>>   DefaultTimeoutStartSec setting."
>> +LICENSE = "GPLv2"
> 
> Systemd claims that these conf files are: LGPLv2.1+ licensed.

The configuration files from systemd may be LGPLv2 licensed, but this 
package now only creates some configuration snippets which are 
independent of systemd (it's just data, now).  As such, one could 
certainly put whatever license one wanted on this.  Honestly, GPLv2 is 
probably a stretch... I can hardly see that any license applies to this, 
to be honest.  Consider that:

/usr/lib/journald.conf.d/systemd-conf.conf

contains

ForwardToSyslog=yes
RuntimeMaxUse=64M

Just configuration data that the package creates dynamically.

> 
> https://github.com/systemd/systemd/blob/master/sysusers.d/systemd.conf.m4
> 
> https://github.com/systemd/systemd/blob/master/modprobe.d/systemd.conf
> 
>>   PACKAGE_ARCH = "${MACHINE_ARCH}"
>> @@ -13,36 +12,29 @@ ${sysconfdir}/systemd/logind.conf \
>>   ${sysconfdir}/systemd/system.conf \
>>   ${sysconfdir}/systemd/user.conf"
>> -FILES_${PN} = "${sysconfdir}/systemd"
>> -
>> -do_configure[noexec] = '1'
>> -do_compile[noexec] = '1'
>> +FILES_${PN} = "/usr/lib/journald.conf.d/* \
>> +/usr/lib/logind.conf.d/* \
>> +/usr/lib/system.conf.d/* \
>> +"
>>   do_install() {
>> -    rm -rf ${D}/${sysconfdir}/systemd
>> -    install -d ${D}/${sysconfdir}/systemd
>> -
>> -    install -m 0644 ${S}/src/coredump/coredump.conf 
>> ${D}${sysconfdir}/systemd/coredump.conf
>> -
>> -    install -m 0644 ${S}/src/journal/journald.conf 
>> ${D}${sysconfdir}/systemd/journald.conf
>> +    install -d ${D}/usr/lib/journald.conf.d
> 
> Should the recipe use /usr/lib or is / should there be a
> 'systemdconfdir' var?

So, I looked into the systemd source and, as far as I can see, it seems 
that systemd hardcodes the paths to configuration files, tmpfiles, 
presets, etc.  It's all really /usr/lib/... with no method of specifying 
any other location.  For this reason, I've used these explicit paths 
above, strange though it may appear...

/Jonas

Re: [PATCH 2/7] systemd-conf: simplify creation of configuration

[Randy MacLeod]

On 1/1/19 12:03 PM, Jonas Bonn wrote:
> Hi Randy,
> 
> Thanks for looking at this.
> 
> On 01/01/2019 16:29, Randy MacLeod wrote:
>> On 12/31/18 7:05 AM, Jonas Bonn wrote:
>>> The configuration files that systemd installs are just skeletons
>>> detailing the available options and their default values.  The
>>> recommended means of changing the configuration is to provide snippets
>>> in configuration directories.  For example, journald.conf settings are
>>> best set in /usr/lib/journald.conf.d/ and can be overridden by the user
>>> by providing overriding snippets in /etc/systemd/journald.conf.d/.
>>>
>>> The base configuration files have the lowest priority; they will always
>>> be overridden by any snippets.  As such, it's probably best to not
>>> provide them at all.  This also moves us a step closer to an empty /etc
>>> which is should be a long term goal in order to allow running OE as a
>>> "stateless system".
>>>
>>> This patch moves the systemd configuration to snippets in
>>> /usr/lib/*.conf.d.  This simplifies the recipe considerably since it now
>>> just sets up a couple of text files and doesn't even need access to the
>>> systemd source anymore.
>>> ---
>>>   meta/recipes-core/systemd/systemd-conf.bb | 34 +++++++++--------------
>>>   1 file changed, 13 insertions(+), 21 deletions(-)
>>>
>>> diff --git a/meta/recipes-core/systemd/systemd-conf.bb 
>>> b/meta/recipes-core/systemd/systemd-conf.bb
>>> index 7fe2e1105b..a504afe3e7 100644
>>> --- a/meta/recipes-core/systemd/systemd-conf.bb
>>> +++ b/meta/recipes-core/systemd/systemd-conf.bb
>>> @@ -1,9 +1,8 @@
>>> -require systemd.inc
>>> -
>>>   SUMMARY = "Systemd system configuration"
>>>   DESCRIPTION = "Systemd may require slightly different configuration 
>>> for \
>>>   different machines.  For example, qemu machines require a longer \
>>>   DefaultTimeoutStartSec setting."
>>> +LICENSE = "GPLv2"
>>
>> Systemd claims that these conf files are: LGPLv2.1+ licensed.
> 
> The configuration files from systemd may be LGPLv2 licensed, but this 
> package now only creates some configuration snippets which are 
> independent of systemd (it's just data, now).  As such, one could 
> certainly put whatever license one wanted on this.  Honestly, GPLv2 is 
> probably a stretch... I can hardly see that any license applies to this, 
> to be honest.  Consider that:
> 
> /usr/lib/journald.conf.d/systemd-conf.conf
> 
> contains
> 
> ForwardToSyslog=yes
> RuntimeMaxUse=64M
> 
> Just configuration data that the package creates dynamically.

I agree, maybe it's best to just use:
LICENSE = "MIT"
or as you say, no license tag at all.

> 
>>
>> https://github.com/systemd/systemd/blob/master/sysusers.d/systemd.conf.m4
>>
>> https://github.com/systemd/systemd/blob/master/modprobe.d/systemd.conf
>>
>>>   PACKAGE_ARCH = "${MACHINE_ARCH}"
>>> @@ -13,36 +12,29 @@ ${sysconfdir}/systemd/logind.conf \
>>>   ${sysconfdir}/systemd/system.conf \
>>>   ${sysconfdir}/systemd/user.conf"
>>> -FILES_${PN} = "${sysconfdir}/systemd"
>>> -
>>> -do_configure[noexec] = '1'
>>> -do_compile[noexec] = '1'
>>> +FILES_${PN} = "/usr/lib/journald.conf.d/* \
>>> +/usr/lib/logind.conf.d/* \
>>> +/usr/lib/system.conf.d/* \
>>> +"
>>>   do_install() {
>>> -    rm -rf ${D}/${sysconfdir}/systemd
>>> -    install -d ${D}/${sysconfdir}/systemd
>>> -
>>> -    install -m 0644 ${S}/src/coredump/coredump.conf 
>>> ${D}${sysconfdir}/systemd/coredump.conf
>>> -
>>> -    install -m 0644 ${S}/src/journal/journald.conf 
>>> ${D}${sysconfdir}/systemd/journald.conf
>>> +    install -d ${D}/usr/lib/journald.conf.d
>>
>> Should the recipe use /usr/lib or is / should there be a
>> 'systemdconfdir' var?
> 
> So, I looked into the systemd source and, as far as I can see, it seems 
> that systemd hardcodes the paths to configuration files, tmpfiles, 
> presets, etc.  It's all really /usr/lib/... with no method of specifying 
> any other location.  For this reason, I've used these explicit paths 
> above, strange though it may appear...

I thought that might be the case. Thanks for looking into it.

Some people might want to use a variable name for the path so
that it's uniquely identified should they want to patch systemd's
definition but I don't think that's required.

../Randy

> 
> /Jonas


-- 
# Randy MacLeod
# Wind River Linux

Re: [PATCH 0/7] systemd patches

[ChenQi]

Hi Jonas,

I'd like to talk about this patchset from a non-technical view.
And to be brief, my conclusion is suggesting using some switch, e.g. 
DISTRO_FEATURE, to control this 'stateless' behavior.
Please see details below.

This patchset is based on two assumptions:
1) Users would generally want 'stateless' system. Or in other words, 
they would prefer 'stateless' more than 'stateful'.
2) Other softwares/upstreams are also working against this 'stateless' goal.

 From the current situation, both are not that true. As your [PATCH 7/7] 
points out, even systemd defaults to install things under /etc.

Cleaning up systemd's /etc files while leaving other softwares requiring 
/etc files is not that pleasant. At a minimum, systemd users who are not 
aware of this 'stateless' concept would be confused. "Where's my 
/etc/systemd/system.conf file?!" They would ask.
So I'd suggest using something like 'stateless' DISTRO_FEATURE (just 
like 'usrmerge') to control each recipe's behavior.

Best Regards,
Chen Qi

On 12/31/2018 08:05 PM, Jonas Bonn wrote:
> These patches make some modifications to systemd with the long-term goal
> of being able to run OE in systemd's "stateless" configuration.
> "Stateless" boils down to building an image with empty /etc and /var
> directories so that volatile (tmpfs) filesystems can be mounted there;
> this requires that the system subsequently be able to populate these
> directories dynamically, which systemd mostly takes care of if things
> are done right.
>
> In these patches:
> i)    Don't include machine-id in writable images so that systemd can run
> its first-boot machinery
> ii)   Move systemd configuration files out of /etc
> iii)  Allow systemd to dynamically enable services and populate
> /etc/systemd/system via the presets mechanism
>
> There's a long way to go to get to a working "stateless" configuration.
> Getting to a "volatile" system (just empty /var) should be easier and
> I'll post patches moving things in that direction shortly.
>
> /Jonas
>
> Jonas Bonn (7):
>    systemd: do not create machine-id
>    systemd-conf: simplify creation of configuration
>    systemd: move additional conffiles to systemd-conf
>    systemd: create preset files instead of installing in image
>    systemd-systemctl-native: simplify and support preset-all
>    rootfs-postcommands: call preset-all for read-only-rootfs
>    systemd: do not pre-enable services, rely on presets
>
>   meta/classes/rootfs-postcommands.bbclass      |  8 ++++
>   meta/classes/systemd.bbclass                  | 33 +++++++-------
>   meta/recipes-core/systemd/systemd-conf.bb     | 45 +++++++------------
>   .../systemd/systemd-systemctl/systemctl       | 36 +++------------
>   meta/recipes-core/systemd/systemd_239.bb      |  4 ++
>   5 files changed, 52 insertions(+), 74 deletions(-)
>

Re: [PATCH 0/7] systemd patches

[Jonas Bonn]

Hi Chen,

Thanks for looking at this.

On 02/01/2019 08:58, ChenQi wrote:
> Hi Jonas,
> 
> I'd like to talk about this patchset from a non-technical view.
> And to be brief, my conclusion is suggesting using some switch, e.g. 
> DISTRO_FEATURE, to control this 'stateless' behavior.
> Please see details below.

OK, I agree, and this is part of the plan.  The patches in this set, 
however, are independent of whether or not the user wants a "stateless" 
system or not.  (My primary requirement is actually a "volatile" system, 
with just an empty /var, but the two go hand in hand so working towards 
"stateless" at the same time as "volatile" seems reasonable).

> 
> This patchset is based on two assumptions:
> 1) Users would generally want 'stateless' system. Or in other words, 
> they would prefer 'stateless' more than 'stateful'.
> 2) Other softwares/upstreams are also working against this 'stateless' 
> goal.
> 
>  From the current situation, both are not that true. As your [PATCH 7/7] 
> points out, even systemd defaults to install things under /etc.
> 
> Cleaning up systemd's /etc files while leaving other softwares requiring 
> /etc files is not that pleasant. At a minimum, systemd users who are not 
> aware of this 'stateless' concept would be confused. "Where's my 
> /etc/systemd/system.conf file?!" They would ask.

If providing the "example" configuration file that systemd installs is 
necessary, then I think it would be better to provide it at:

/etc/systemd/system.conf.d/00-systemd-conf.conf

If the user edits that file, it at least overrides the "system" version 
at /usr/lib/system.conf.d/.  The toplevel file at 
/etc/systemd/system.conf has the lowest priority so editing it does not 
actually override the systemd settings under /usr.

But this is all unrelated to "stateless".  This is mostly a matter of 
getting "distro" configuration out of /etc which _allows for_ stateless 
down the road, if we want.


> So I'd suggest using something like 'stateless' DISTRO_FEATURE (just 
> like 'usrmerge') to control each recipe's behavior.

So, just to outline how "volatile" and "stateless" should work:

i)  The user selects "volatile"
ii)  There may then not be any directories, links, or files under /var
iii)  For directories and links, we need to create entries in 
tmpfiles.d/ so that they get created at boot
iv)  For files under /var, we need to move them to 
/usr/share/factory/var and create entries under tmpfiles.d/

v)  The same applies, roughly, to "stateless", replacing /var by /etc

I've got all this working with some fixups to the packaging and image 
classes and "volatile" works fine if one does the above.  The proper 
cleanup that OE needs to do, however, is to actually minimize the 
content installed in the /var and /etc by the packages in favour of 
tmpfiles and volatiles where possible.

"stateless" is trickier due to needing to handle users, etc., but we'll 
get there.

But please don't get hung up on the "stateless" aspect of things when 
looking at this patch series.  These systemd patches are independent of 
whether or not that is the goal.

/Jonas


> 
> Best Regards,
> Chen Qi
> 
> On 12/31/2018 08:05 PM, Jonas Bonn wrote:
>> These patches make some modifications to systemd with the long-term goal
>> of being able to run OE in systemd's "stateless" configuration.
>> "Stateless" boils down to building an image with empty /etc and /var
>> directories so that volatile (tmpfs) filesystems can be mounted there;
>> this requires that the system subsequently be able to populate these
>> directories dynamically, which systemd mostly takes care of if things
>> are done right.
>>
>> In these patches:
>> i)    Don't include machine-id in writable images so that systemd can run
>> its first-boot machinery
>> ii)   Move systemd configuration files out of /etc
>> iii)  Allow systemd to dynamically enable services and populate
>> /etc/systemd/system via the presets mechanism
>>
>> There's a long way to go to get to a working "stateless" configuration.
>> Getting to a "volatile" system (just empty /var) should be easier and
>> I'll post patches moving things in that direction shortly.
>>
>> /Jonas
>>
>> Jonas Bonn (7):
>>    systemd: do not create machine-id
>>    systemd-conf: simplify creation of configuration
>>    systemd: move additional conffiles to systemd-conf
>>    systemd: create preset files instead of installing in image
>>    systemd-systemctl-native: simplify and support preset-all
>>    rootfs-postcommands: call preset-all for read-only-rootfs
>>    systemd: do not pre-enable services, rely on presets
>>
>>   meta/classes/rootfs-postcommands.bbclass      |  8 ++++
>>   meta/classes/systemd.bbclass                  | 33 +++++++-------
>>   meta/recipes-core/systemd/systemd-conf.bb     | 45 +++++++------------
>>   .../systemd/systemd-systemctl/systemctl       | 36 +++------------
>>   meta/recipes-core/systemd/systemd_239.bb      |  4 ++
>>   5 files changed, 52 insertions(+), 74 deletions(-)
>>
> 

Re: [PATCH 7/7] systemd: do not pre-enable services, rely on presets

[Alexander Kanavin]

On Mon, 31 Dec 2018 at 13:07, Jonas Bonn <jonas@norrbonn.se> wrote:
> diff --git a/meta/recipes-core/systemd/systemd_239.bb b/meta/recipes-core/systemd/systemd_239.bb
> index 70e687c92e..7b4c5c56aa 100644
> --- a/meta/recipes-core/systemd/systemd_239.bb
> +++ b/meta/recipes-core/systemd/systemd_239.bb
> @@ -298,6 +298,8 @@ do_install() {
>         # duplicate udevadm for postinst script
>         install -d ${D}${libexecdir}
>         ln ${D}${base_bindir}/udevadm ${D}${libexecdir}/${MLPREFIX}udevadm
> +
> +       rm -rf ${D}${sysconfdir}/systemd/system
>  }

Apologies, but this is a hack. You need to tell systemd to not install
the files in the first place, if they are unneeded, instead of
removing them after the fact, which is a maintainability issue
(specifically, anyone looking at the recipe would be totally puzzled
by this removal).

If systemd always installs the files, you should add a configure
option, and send the patch upstream *first*.

Alex

Re: [PATCH 7/7] systemd: do not pre-enable services, rely on presets

[Jonas Bonn]

Hi Alex,

On 02/01/2019 13:06, Alexander Kanavin wrote:
> On Mon, 31 Dec 2018 at 13:07, Jonas Bonn <jonas@norrbonn.se> wrote:
>> diff --git a/meta/recipes-core/systemd/systemd_239.bb b/meta/recipes-core/systemd/systemd_239.bb
>> index 70e687c92e..7b4c5c56aa 100644
>> --- a/meta/recipes-core/systemd/systemd_239.bb
>> +++ b/meta/recipes-core/systemd/systemd_239.bb
>> @@ -298,6 +298,8 @@ do_install() {
>>          # duplicate udevadm for postinst script
>>          install -d ${D}${libexecdir}
>>          ln ${D}${base_bindir}/udevadm ${D}${libexecdir}/${MLPREFIX}udevadm
>> +
>> +       rm -rf ${D}${sysconfdir}/systemd/system
>>   }
> 
> Apologies, but this is a hack. You need to tell systemd to not install
> the files in the first place, if they are unneeded, instead of
> removing them after the fact, which is a maintainability issue
> (specifically, anyone looking at the recipe would be totally puzzled
> by this removal).
> 
> If systemd always installs the files, you should add a configure
> option, and send the patch upstream *first*.

Leaving these installed is not a big deal, either.  It's just inelegant 
to leave them there if one is over-mounting /etc with a tmpfs at runtime.

I think this patch is wrong for other reasons, however.  Since there are 
no SYSTEMD_SERVICE_ entries for these .service files in the recipe, they 
probably won't be handled correctly if the systemd package is 
upgraded... the implications are a bit fuzzy, whether or not it matters.

Thanks for looking at this.

/Jonas


> 
> Alex
> 

Re: [PATCH 0/7] systemd patches

[Jonas Bonn]

On 02/01/2019 08:58, ChenQi wrote:
> Hi Jonas,
> 
> 
> Cleaning up systemd's /etc files while leaving other softwares requiring 
> /etc files is not that pleasant. At a minimum, systemd users who are not 
> aware of this 'stateless' concept would be confused. "Where's my 
> /etc/systemd/system.conf file?!" They would ask.

How about this:

In order to support both the "stateless" variant where /etc/systemd does 
not exist and the current situation where we have only the 
(low-priority) top-level configuration files, we could do this:

i)  Let systemd install its unmodified config files into /etc/systemd
ii)  Provide configuration snippets in /usr/lib/*.conf.d
iii)  Provide the overriding configuration snippet directories in /etc 
with symlinks back up to the toplevel file, making the toplevel file 
relevant again in case somebody is modifying it directly.  i.e.:

/etc/systemd/journald.conf
/etc/systemd/journald.conf.d/00-systemd-conf.conf -> ../journald.conf

The important thing to get right here is to give the user an indication 
that he should actually be putting stuff into the conf.d/ directory... 
if they see that the directory exists they may go read the man page and 
understand how these files are stacked.

Thoughts?

/Jonas


> So I'd suggest using something like 'stateless' DISTRO_FEATURE (just 
> like 'usrmerge') to control each recipe's behavior.
> 
> Best Regards,
> Chen Qi