Hello community, here is the log from the commit of package systemd for openSUSE:Factory checked in at 2014-07-12 17:14:24 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/systemd (Old) and /work/SRC/openSUSE:Factory/.systemd.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Package is "systemd" Changes: -------- --- /work/SRC/openSUSE:Factory/systemd/systemd-mini.changes 2014-06-30 21:50:27.000000000 +0200 +++ /work/SRC/openSUSE:Factory/.systemd.new/systemd-mini.changes 2014-07-12 17:14:39.000000000 +0200 @@ -1,0 +2,94 @@ +Mon Jul 7 13:06:35 UTC 2014 - werner@suse.de + +- Add upstream patch + 0001-machine-don-t-return-uninitialized-variable.patch +- Port and add upstream patch + 0002-vconsole-setup-run-setfont-before-loadkeys.patch + +------------------------------------------------------------------- +Mon Jul 7 13:04:00 UTC 2014 - rmilasan@suse.com + +- Rename + 0001-udev-net_setup_link-add-a-bit-more-logging.patch + to + 1048-udev-net_setup_link-add-a-bit-more-logging.patch + +------------------------------------------------------------------- +Fri Jul 4 10:01:07 UTC 2014 - werner@suse.de + +- Port and add upstream patches + 0001-udev-net_setup_link-add-a-bit-more-logging.patch + 0003-namespace-make-sure-tmp-var-tmp-and-dev-are-writable.patch + 0002-namespace-fix-uninitialized-memory-access.patch + +------------------------------------------------------------------- +Fri Jul 4 09:43:12 UTC 2014 - werner@suse.de + +- Add upstream patches + 0001-architecture-Add-tilegx.patch + 0002-architecture-Add-cris.patch + 0003-arch-add-crisv32-to-uname-check.patch + 0004-architecture-remove-cris-from-uname-list.patch + +------------------------------------------------------------------- +Fri Jul 4 09:32:47 UTC 2014 - werner@suse.de + +- Add upstream patches + 0006-hwdb-update.patch + 0007-hwdb-Update-database-of-Bluetooth-company-identifier.patch + +------------------------------------------------------------------- +Thu Jul 3 12:48:27 UTC 2014 - werner@suse.de + +- Add upstream patches + 0001-parse_uid-return-ENXIO-for-1-uids.patch + 0002-util-when-unescaping-strings-don-t-allow-smuggling-i.patch + 0003-localed-consider-an-unset-model-as-a-wildcard.patch + 0004-sd-bus-when-an-event-loop-terminates-explicitly-clos.patch + 0005-bus-close-a-bus-that-failed-to-connect.patch + 1047-udev-net_setup_link-builtin-should-print-the-reason-.patch + +------------------------------------------------------------------- +Wed Jul 2 18:06:32 UTC 2014 - rmilasan@suse.com + +- Fix duplicated rules when having layer3 interfaces (bnc#882714). + Add 1046-fix-duplicated-rules-with-layer3-interfaces.patch + +------------------------------------------------------------------- +Tue Jul 1 14:53:44 UTC 2014 - werner@suse.de + +- Require correct pam-config version overall even for scriptlets (bnc#885288) + +------------------------------------------------------------------- +Tue Jul 1 12:19:27 UTC 2014 - werner@suse.de + +- Add upstream patches + 0001-main-uid_to_name-might-fail-due-to-OOM-protect-again.patch + 0002-journald-make-MaxFileSec-really-default-to-1month.patch + 0003-units-remove-RefuseManualStart-from-units-which-are-.patch + 0004-util-refuse-considering-UID-0xFFFF-and-0xFFFFFFFF-va.patch + 0005-nspawn-block-open_by_handle_at-and-others-via-seccom.patch + 0006-tmpfiles-don-t-do-automatic-cleanup-in-XDG_RUNTIME_D.patch + 0007-units-skip-mounting-tmp-if-it-is-a-symlink.patch + +------------------------------------------------------------------- +Tue Jul 1 09:58:04 UTC 2014 - werner@suse.de + +- Be aware that close_nointr_nofail() may fail whereas safe_close() not + +------------------------------------------------------------------- +Tue Jul 1 08:56:48 UTC 2014 - werner@suse.de + +- Add upstream patches + 1042-libudev-queue-provide-file-descriptor-to-watch-busy-.patch + 1043-libudev-queue-watch-entire-directory-to-allow-the-re.patch + 1044-rules-update-qemu-hid-rules.patch + 1045-rules-don-t-enable-usb-pm-for-Avocent-devices.patch + +------------------------------------------------------------------- +Fri Jun 27 12:46:12 UTC 2014 - werner@suse.de + +- Add upstream bug fix patch + 1041-libudev-fix-udev_queue_get_queue_is_empty-logic.patch (bnc#882714) + +------------------------------------------------------------------- systemd.changes: same change New: ---- 0001-architecture-Add-tilegx.patch 0001-machine-don-t-return-uninitialized-variable.patch 0001-main-uid_to_name-might-fail-due-to-OOM-protect-again.patch 0001-parse_uid-return-ENXIO-for-1-uids.patch 0002-architecture-Add-cris.patch 0002-journald-make-MaxFileSec-really-default-to-1month.patch 0002-namespace-fix-uninitialized-memory-access.patch 0002-util-when-unescaping-strings-don-t-allow-smuggling-i.patch 0002-vconsole-setup-run-setfont-before-loadkeys.patch 0003-arch-add-crisv32-to-uname-check.patch 0003-localed-consider-an-unset-model-as-a-wildcard.patch 0003-namespace-make-sure-tmp-var-tmp-and-dev-are-writable.patch 0003-units-remove-RefuseManualStart-from-units-which-are-.patch 0004-architecture-remove-cris-from-uname-list.patch 0004-sd-bus-when-an-event-loop-terminates-explicitly-clos.patch 0004-util-refuse-considering-UID-0xFFFF-and-0xFFFFFFFF-va.patch 0005-bus-close-a-bus-that-failed-to-connect.patch 0005-nspawn-block-open_by_handle_at-and-others-via-seccom.patch 0006-hwdb-update.patch 0006-tmpfiles-don-t-do-automatic-cleanup-in-XDG_RUNTIME_D.patch 0007-hwdb-Update-database-of-Bluetooth-company-identifier.patch 0007-units-skip-mounting-tmp-if-it-is-a-symlink.patch 1041-libudev-fix-udev_queue_get_queue_is_empty-logic.patch 1042-libudev-queue-provide-file-descriptor-to-watch-busy-.patch 1043-libudev-queue-watch-entire-directory-to-allow-the-re.patch 1044-rules-update-qemu-hid-rules.patch 1045-rules-don-t-enable-usb-pm-for-Avocent-devices.patch 1046-fix-duplicated-rules-with-layer3-interfaces.patch 1047-udev-net_setup_link-builtin-should-print-the-reason-.patch 1048-udev-net_setup_link-add-a-bit-more-logging.patch ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ systemd-mini.spec ++++++ --- /var/tmp/diff_new_pack.vZcHVx/_old 2014-07-12 17:14:43.000000000 +0200 +++ /var/tmp/diff_new_pack.vZcHVx/_new 2014-07-12 17:14:43.000000000 +0200 @@ -145,7 +145,7 @@ Requires(post): findutils %endif %if ! 0%{?bootstrap} -Requires(post): pam-config +Requires(post): pam-config >= 0.79-5 %endif Requires(pre): /usr/bin/getent Requires(pre): /usr/sbin/groupadd @@ -609,6 +609,50 @@ Patch298: 0002-core-transaction-fix-cycle-break-attempts-outside-tr.patch # PATCH-FIX-UPSTREAM added at 2014/06/26 Patch299: 0003-fsck-consider-a-fsck-implementation-linked-to-bin-tr.patch +# PATCH-FIX-UPSTREAM added at 2014/07/01 +Patch300: 0001-main-uid_to_name-might-fail-due-to-OOM-protect-again.patch +# PATCH-FIX-UPSTREAM added at 2014/07/01 +Patch301: 0002-journald-make-MaxFileSec-really-default-to-1month.patch +# PATCH-FIX-UPSTREAM added at 2014/07/01 +Patch302: 0003-units-remove-RefuseManualStart-from-units-which-are-.patch +# PATCH-FIX-UPSTREAM added at 2014/07/01 +Patch303: 0004-util-refuse-considering-UID-0xFFFF-and-0xFFFFFFFF-va.patch +# PATCH-FIX-UPSTREAM added at 2014/07/01 +Patch304: 0005-nspawn-block-open_by_handle_at-and-others-via-seccom.patch +# PATCH-FIX-UPSTREAM added at 2014/07/01 +Patch305: 0006-tmpfiles-don-t-do-automatic-cleanup-in-XDG_RUNTIME_D.patch +# PATCH-FIX-UPSTREAM added at 2014/07/01 +Patch306: 0007-units-skip-mounting-tmp-if-it-is-a-symlink.patch +# PATCH-FIX-UPSTREAM added at 2014/07/03 +Patch307: 0001-parse_uid-return-ENXIO-for-1-uids.patch +# PATCH-FIX-UPSTREAM added at 2014/07/03 +Patch308: 0002-util-when-unescaping-strings-don-t-allow-smuggling-i.patch +# PATCH-FIX-UPSTREAM added at 2014/07/03 +Patch309: 0003-localed-consider-an-unset-model-as-a-wildcard.patch +# PATCH-FIX-UPSTREAM added at 2014/07/03 +Patch310: 0004-sd-bus-when-an-event-loop-terminates-explicitly-clos.patch +# PATCH-FIX-UPSTREAM added at 2014/07/03 +Patch311: 0005-bus-close-a-bus-that-failed-to-connect.patch +# PATCH-FIX-UPSTREAM added at 2014/07/04 +Patch312: 0006-hwdb-update.patch +# PATCH-FIX-UPSTREAM added at 2014/07/04 +Patch313: 0007-hwdb-Update-database-of-Bluetooth-company-identifier.patch +# PATCH-FIX-UPSTREAM added at 2014/07/04 +Patch314: 0001-architecture-Add-tilegx.patch +# PATCH-FIX-UPSTREAM added at 2014/07/04 +Patch315: 0002-architecture-Add-cris.patch +# PATCH-FIX-UPSTREAM added at 2014/07/04 +Patch316: 0003-arch-add-crisv32-to-uname-check.patch +# PATCH-FIX-UPSTREAM added at 2014/07/04 +Patch317: 0004-architecture-remove-cris-from-uname-list.patch +# PATCH-FIX-UPSTREAM added at 2014/07/04 +Patch318: 0003-namespace-make-sure-tmp-var-tmp-and-dev-are-writable.patch +# PATCH-FIX-UPSTREAM added at 2014/07/04 +Patch319: 0002-namespace-fix-uninitialized-memory-access.patch +# PATCH-FIX-UPSTREAM added at 2014/07/07 +Patch320: 0001-machine-don-t-return-uninitialized-variable.patch +# PATCH-FIX-UPSTREAM added at 2014/07/07 +Patch321: 0002-vconsole-setup-run-setfont-before-loadkeys.patch # UDEV PATCHES # ============ @@ -696,6 +740,22 @@ Patch1039: 1039-udevadm-settle-fixed-return-code-for-empty-queue.patch # PATCH-FIX-SUSE 1040-re-enable-dev_id-conditionally-in-persistent-rules.patch (bnc#884403 and bnc#882714) Patch1040: 1040-re-enable-dev_id-conditionally-in-persistent-rules.patch +# PATCH-FIX-UPSTREAM 1041-libudev-fix-udev_queue_get_queue_is_empty-logic.patch +Patch1041: 1041-libudev-fix-udev_queue_get_queue_is_empty-logic.patch +# PATCH-FIX-UPSTREAM 1042-libudev-queue-provide-file-descriptor-to-watch-busy-.patch +Patch1042: 1042-libudev-queue-provide-file-descriptor-to-watch-busy-.patch +# PATCH-FIX-UPSTREAM 1043-libudev-queue-watch-entire-directory-to-allow-the-re.patch +Patch1043: 1043-libudev-queue-watch-entire-directory-to-allow-the-re.patch +# PATCH-FIX-UPSTREAM 1044-rules-update-qemu-hid-rules.patch +Patch1044: 1044-rules-update-qemu-hid-rules.patch +# PATCH-FIX-UPSTREAM 1045-rules-don-t-enable-usb-pm-for-Avocent-devices.patch +Patch1045: 1045-rules-don-t-enable-usb-pm-for-Avocent-devices.patch +# PATCH-FIX-SUSE 1046-fix-duplicated-rules-with-layer3-interfaces.patch (bnc#882714) +Patch1046: 1046-fix-duplicated-rules-with-layer3-interfaces.patch +# PATCH-FIX-UPSTREAM added at 2014/07/03 +Patch1047: 1047-udev-net_setup_link-builtin-should-print-the-reason-.patch +# PATCH-FIX-UPSTREAM 1048-udev-net_setup_link-add-a-bit-more-logging.patch +Patch1048: 1048-udev-net_setup_link-add-a-bit-more-logging.patch %description Systemd is a system and service manager, compatible with SysV and LSB @@ -1153,6 +1213,28 @@ %patch297 -p0 %patch298 -p0 %patch299 -p0 +%patch300 -p0 +%patch301 -p0 +%patch302 -p0 +%patch303 -p0 +%patch304 -p0 +%patch305 -p0 +%patch306 -p0 +%patch307 -p0 +%patch308 -p0 +%patch309 -p0 +%patch310 -p0 +%patch311 -p0 +%patch312 -p0 +%patch313 -p0 +%patch314 -p0 +%patch315 -p0 +%patch316 -p0 +%patch317 -p0 +%patch318 -p0 +%patch319 -p0 +%patch320 -p0 +%patch321 -p0 # udev patches %patch1001 -p1 @@ -1177,11 +1259,9 @@ %patch1019 -p0 %patch1020 -p0 %patch1021 -p1 -%if 0%{?suse_version} > 1310 %if %{with udevsettle} %patch1022 -p1 %endif -%endif %patch1023 -p0 %patch1024 -p0 %patch1025 -p1 @@ -1198,12 +1278,20 @@ %patch1036 -p1 %patch1037 -p1 %patch1038 -p0 -%if 0%{?suse_version} > 1310 %if %{with udevsettle} %patch1039 -p0 %endif -%endif %patch1040 -p1 +%if %{with udevsettle} +%patch1041 -p0 +%patch1042 -p0 +%patch1043 -p0 +%endif +%patch1044 -p0 +%patch1045 -p0 +%patch1046 -p1 +%patch1047 -p0 +%patch1048 -p0 # ensure generate files are removed rm -f units/emergency.service systemd.spec: same change ++++++ 0001-architecture-Add-tilegx.patch ++++++
From 46eea341c36f0caf0bdd5b2274a1ef7cb4e83e97 Mon Sep 17 00:00:00 2001 From: Henrik Grindal Bakken
Date: Thu, 27 Feb 2014 21:19:13 +0100 Subject: [PATCH] architecture: Add tilegx
Add Tilera's TILE-GX processor family support. --- src/shared/architecture.c | 3 +++ src/shared/architecture.h | 3 +++ 2 files changed, 6 insertions(+) diff --git src/shared/architecture.c src/shared/architecture.c index ceba492..fcdb3d5 100644 --- src/shared/architecture.c +++ src/shared/architecture.c @@ -112,6 +112,8 @@ Architecture uname_architecture(void) { { "sh", ARCHITECTURE_SH }, #elif defined(__m68k__) { "m68k", ARCHITECTURE_M68K }, +#elif defined(__tilegx__) + { "tilegx", ARCHITECTURE_TILEGX }, #else #error "Please register your architecture here!" #endif @@ -158,6 +160,7 @@ static const char *const architecture_table[_ARCHITECTURE_MAX] = { [ARCHITECTURE_SH] = "sh", [ARCHITECTURE_SH64] = "sh64", [ARCHITECTURE_M68K] = "m68k", + [ARCHITECTURE_TILEGX] = "tilegx", }; DEFINE_STRING_TABLE_LOOKUP(architecture, Architecture); diff --git src/shared/architecture.h src/shared/architecture.h index 3183645..e589a91 100644 --- src/shared/architecture.h +++ src/shared/architecture.h @@ -47,6 +47,7 @@ typedef enum Architecture { ARCHITECTURE_SH, ARCHITECTURE_SH64, ARCHITECTURE_M68K, + ARCHITECTURE_TILEGX, _ARCHITECTURE_MAX, _ARCHITECTURE_INVALID = -1 } Architecture; @@ -107,6 +108,8 @@ Architecture uname_architecture(void); # define native_architecture() ARCHITECTURE_SH #elif defined(__m68k__) # define native_architecture() ARCHITECTURE_M68K +#elif defined(__tilegx__) +# define native_architecture() ARCHITECTURE_TILEGX #else #error "Please register your architecture here!" #endif -- 1.7.9.2 ++++++ 0001-core-close-socket-fds-asynchronously.patch ++++++ --- /var/tmp/diff_new_pack.vZcHVx/_old 2014-07-12 17:14:43.000000000 +0200 +++ /var/tmp/diff_new_pack.vZcHVx/_new 2014-07-12 17:14:43.000000000 +0200 @@ -5,9 +5,9 @@ http://lists.freedesktop.org/archives/systemd-devel/2014-April/018928.html --- - src/core/async.c | 22 ++++++++++++++++++++++ + src/core/async.c | 24 ++++++++++++++++++++++++ src/core/service.c | 5 +++-- - 2 files changed, 25 insertions(+), 2 deletions(-) + 2 files changed, 27 insertions(+), 2 deletions(-) --- src/core/service.c +++ src/core/service.c 2014-05-16 11:41:50.150735247 +0000 @@ -47,13 +47,15 @@ int asynchronous_job(void* (*func)(void *p), void *arg) { pthread_attr_t a; -@@ -70,3 +71,24 @@ int asynchronous_sync(void) { +@@ -70,3 +71,26 @@ int asynchronous_sync(void) { return asynchronous_job(sync_thread, NULL); } + +static void *close_thread(void *p) { -+ close_nointr_nofail(PTR_TO_INT(p)); ++ int fd = PTR_TO_INT(p); ++ if (fd >= 0) ++ close_nointr_nofail(fd); + return NULL; +} + @@ -67,7 +69,7 @@ + * far away as we can. */ + + r = asynchronous_job(close_thread, INT_TO_PTR(fd)); -+ if (r < 0) ++ if (r < 0 && fd >= 0) + close_nointr_nofail(fd); + + return -1; ++++++ 0001-machine-don-t-return-uninitialized-variable.patch ++++++
From f14aa1f1b2e4e99ee20393871b5f64f1378ed6c3 Mon Sep 17 00:00:00 2001 From: Tom Gundersen
Date: Sun, 6 Jul 2014 14:12:28 +0200 Subject: [PATCH] machine: don't return uninitialized variable
Repotred by Ronny Chevalier
---
src/machine/machine.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git src/machine/machine.c src/machine/machine.c
index c0fa1b2..cf38e3f 100644
--- src/machine/machine.c
+++ src/machine/machine.c
@@ -371,7 +371,7 @@ static int machine_stop_scope(Machine *m) {
free(m->scope_job);
m->scope_job = job;
- return r;
+ return 0;
}
int machine_stop(Machine *m) {
--
1.7.9.2
++++++ 0001-main-uid_to_name-might-fail-due-to-OOM-protect-again.patch ++++++
Based on 1f97091d3cb0887c264176b47b0a86c269acf0b5 Mon Sep 17 00:00:00 2001
From: Lennart Poettering
From f841a154efbb3162d2a732936f031ac7a6b0d4cf Mon Sep 17 00:00:00 2001 From: Kay Sievers
Date: Tue, 1 Jul 2014 16:00:05 +0200 Subject: [PATCH] parse_uid: return -ENXIO for -1 uids
--- src/shared/audit.c | 3 --- src/shared/util.c | 4 ++-- 2 files changed, 2 insertions(+), 5 deletions(-) diff --git src/shared/audit.c src/shared/audit.c index 5466447..f101050 100644 --- src/shared/audit.c +++ src/shared/audit.c @@ -77,9 +77,6 @@ int audit_loginuid_from_pid(pid_t pid, uid_t *uid) { if (r < 0) return r; - if (u == (uid_t) -1) - return -ENXIO; - *uid = (uid_t) u; return 0; } diff --git src/shared/util.c src/shared/util.c index e75f6c9..9b5a47a 100644 --- src/shared/util.c +++ src/shared/util.c @@ -282,11 +282,11 @@ int parse_uid(const char *s, uid_t* ret_uid) { /* Some libc APIs use (uid_t) -1 as special placeholder */ if (uid == (uid_t) 0xFFFFFFFF) - return -EINVAL; + return -ENXIO; /* A long time ago UIDs where 16bit, hence explicitly avoid the 16bit -1 too */ if (uid == (uid_t) 0xFFFF) - return -EINVAL; + return -ENXIO; *ret_uid = uid; return 0; -- 1.7.9.2 ++++++ 0002-architecture-Add-cris.patch ++++++
From 86bafac9540ba9e111ccba2fdf4161fe3a67cd3b Mon Sep 17 00:00:00 2001 From: Umut Tezduyar Lindskog
Date: Tue, 4 Mar 2014 13:58:35 +0100 Subject: [PATCH] architecture: Add cris
---
src/shared/architecture.c | 3 +++
src/shared/architecture.h | 3 +++
2 files changed, 6 insertions(+)
diff --git src/shared/architecture.c src/shared/architecture.c
index fcdb3d5..9e0c3ef 100644
--- src/shared/architecture.c
+++ src/shared/architecture.c
@@ -114,6 +114,8 @@ Architecture uname_architecture(void) {
{ "m68k", ARCHITECTURE_M68K },
#elif defined(__tilegx__)
{ "tilegx", ARCHITECTURE_TILEGX },
+#elif defined(__cris__)
+ { "cris", ARCHITECTURE_CRIS },
#else
#error "Please register your architecture here!"
#endif
@@ -161,6 +163,7 @@ static const char *const architecture_table[_ARCHITECTURE_MAX] = {
[ARCHITECTURE_SH64] = "sh64",
[ARCHITECTURE_M68K] = "m68k",
[ARCHITECTURE_TILEGX] = "tilegx",
+ [ARCHITECTURE_CRIS] = "cris",
};
DEFINE_STRING_TABLE_LOOKUP(architecture, Architecture);
diff --git src/shared/architecture.h src/shared/architecture.h
index e589a91..20e848b 100644
--- src/shared/architecture.h
+++ src/shared/architecture.h
@@ -48,6 +48,7 @@ typedef enum Architecture {
ARCHITECTURE_SH64,
ARCHITECTURE_M68K,
ARCHITECTURE_TILEGX,
+ ARCHITECTURE_CRIS,
_ARCHITECTURE_MAX,
_ARCHITECTURE_INVALID = -1
} Architecture;
@@ -110,6 +111,8 @@ Architecture uname_architecture(void);
# define native_architecture() ARCHITECTURE_M68K
#elif defined(__tilegx__)
# define native_architecture() ARCHITECTURE_TILEGX
+#elif defined(__cris__)
+# define native_architecture() ARCHITECTURE_CRIS
#else
#error "Please register your architecture here!"
#endif
--
1.7.9.2
++++++ 0002-journald-make-MaxFileSec-really-default-to-1month.patch ++++++
Based on e150e82097211f09b911c7784a89ef9efed713ca Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Micha=C5=82=20Bartoszkiewicz?=
From 9b3a0ba3e9e28382a1072bf0e2c07a3661432743 Mon Sep 17 00:00:00 2001 From: Umut Tezduyar Lindskog
Date: Thu, 3 Jul 2014 09:54:45 +0200 Subject: [PATCH] arch: add crisv32 to uname check
--- src/shared/architecture.c | 1 + 1 file changed, 1 insertion(+) diff --git src/shared/architecture.c src/shared/architecture.c index 9e0c3ef..7dd049a 100644 --- src/shared/architecture.c +++ src/shared/architecture.c @@ -116,6 +116,7 @@ Architecture uname_architecture(void) { { "tilegx", ARCHITECTURE_TILEGX }, #elif defined(__cris__) { "cris", ARCHITECTURE_CRIS }, + { "crisv32", ARCHITECTURE_CRIS }, #else #error "Please register your architecture here!" #endif -- 1.7.9.2 ++++++ 0003-localed-consider-an-unset-model-as-a-wildcard.patch ++++++
From 387066c2e5bda159201896b194711965b52f34a9 Mon Sep 17 00:00:00 2001 From: Michal Sekletar
Date: Fri, 30 May 2014 18:20:16 +0200 Subject: [PATCH] localed: consider an unset model as a wildcard
---
src/locale/localed.c | 13 +++++++------
1 file changed, 7 insertions(+), 6 deletions(-)
diff --git src/locale/localed.c src/locale/localed.c
index e3061c8..358f6c2 100644
--- src/locale/localed.c
+++ src/locale/localed.c
@@ -712,15 +712,16 @@ static int find_legacy_keymap(Context *c, char **new_keymap) {
}
}
- if (matching > 0 &&
- streq_ptr(c->x11_model, a[2])) {
- matching++;
-
- if (streq_ptr(c->x11_variant, a[3])) {
+ if (matching > 0) {
+ if (isempty(c->x11_model) || streq_ptr(c->x11_model, a[2])) {
matching++;
- if (streq_ptr(c->x11_options, a[4]))
+ if (streq_ptr(c->x11_variant, a[3])) {
matching++;
+
+ if (streq_ptr(c->x11_options, a[4]))
+ matching++;
+ }
}
}
--
1.7.9.2
++++++ 0003-namespace-make-sure-tmp-var-tmp-and-dev-are-writable.patch ++++++
Based on 664064d60c36e1f62c7e9177e4c7498035467e07 Mon Sep 17 00:00:00 2001
From: Lennart Poettering
From bc4bc52bc3de56405045b0437e145a7067fb085d Mon Sep 17 00:00:00 2001 From: Lennart Poettering
Date: Thu, 3 Jul 2014 22:52:44 +0200 Subject: [PATCH] architecture: remove "cris" from uname list
the only correct name appears to be "crisv32"... http://lists.freedesktop.org/archives/systemd-devel/2014-July/020899.html --- src/shared/architecture.c | 1 - 1 file changed, 1 deletion(-) diff --git src/shared/architecture.c src/shared/architecture.c index 7dd049a..6cdca4e 100644 --- src/shared/architecture.c +++ src/shared/architecture.c @@ -115,7 +115,6 @@ Architecture uname_architecture(void) { #elif defined(__tilegx__) { "tilegx", ARCHITECTURE_TILEGX }, #elif defined(__cris__) - { "cris", ARCHITECTURE_CRIS }, { "crisv32", ARCHITECTURE_CRIS }, #else #error "Please register your architecture here!" -- 1.7.9.2 ++++++ 0004-sd-bus-when-an-event-loop-terminates-explicitly-clos.patch ++++++
From 7bb4d371af5ec6b8c50b71d2a80c2866d8134d9a Mon Sep 17 00:00:00 2001 From: Lennart Poettering
Date: Wed, 2 Jul 2014 17:36:47 +0200 Subject: [PATCH] sd-bus: when an event loop terminates, explicitly close the bus
This makes sure we actually release the bus and all the messages it references. --- src/libsystemd/sd-bus/sd-bus.c | 1 + 1 file changed, 1 insertion(+) diff --git src/libsystemd/sd-bus/sd-bus.c src/libsystemd/sd-bus/sd-bus.c index d52afe8..eb267d4 100644 --- src/libsystemd/sd-bus/sd-bus.c +++ src/libsystemd/sd-bus/sd-bus.c @@ -2940,6 +2940,7 @@ static int quit_callback(sd_event_source *event, void *userdata) { assert(event); sd_bus_flush(bus); + sd_bus_close(bus); return 1; } -- 1.7.9.2 ++++++ 0004-util-refuse-considering-UID-0xFFFF-and-0xFFFFFFFF-va.patch ++++++
From 306a55c86360a7ae7b2509771d5ea6ab0d166d85 Mon Sep 17 00:00:00 2001 From: Lennart Poettering
Date: Sun, 29 Jun 2014 22:15:33 +0200 Subject: [PATCH] util: refuse considering UID 0xFFFF and 0xFFFFFFFF valid
--- src/shared/util.c | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git src/shared/util.c src/shared/util.c index e7ff0f8..1709bb7 100644 --- src/shared/util.c +++ src/shared/util.c @@ -280,6 +280,14 @@ int parse_uid(const char *s, uid_t* ret_uid) { if ((unsigned long) uid != ul) return -ERANGE; + /* Some libc APIs use (uid_t) -1 as special placeholder */ + if (uid == (uid_t) 0xFFFFFFFF) + return -EINVAL; + + /* A long time ago UIDs where 16bit, hence explicitly avoid the 16bit -1 too */ + if (uid == (uid_t) 0xFFFF) + return -EINVAL; + *ret_uid = uid; return 0; } -- 1.7.9.2 ++++++ 0005-bus-close-a-bus-that-failed-to-connect.patch ++++++
From db9bb83fa5ec72da38eb5bd0c259ef8c76a71858 Mon Sep 17 00:00:00 2001 From: Lennart Poettering
Date: Thu, 3 Jul 2014 01:19:21 +0200 Subject: [PATCH] bus: close a bus that failed to connect
--- src/libsystemd/sd-bus/sd-bus.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git src/libsystemd/sd-bus/sd-bus.c src/libsystemd/sd-bus/sd-bus.c index c25375c..28fc19e 100644 --- src/libsystemd/sd-bus/sd-bus.c +++ src/libsystemd/sd-bus/sd-bus.c @@ -1033,8 +1033,10 @@ _public_ int sd_bus_start(sd_bus *bus) { else return -EINVAL; - if (r < 0) + if (r < 0) { + sd_bus_close(bus); return r; + } return bus_send_hello(bus); } -- 1.7.9.2 ++++++ 0005-nspawn-block-open_by_handle_at-and-others-via-seccom.patch ++++++
From 28650077f36466d9c5ee27ef2006fae3171a2430 Mon Sep 17 00:00:00 2001 From: Lennart Poettering
Date: Mon, 30 Jun 2014 16:22:12 +0200 Subject: [PATCH] nspawn: block open_by_handle_at() and others via seccomp
Let's protect ourselves against the recently reported docker security
issue. Our man page makes clear that we do not make any security
promises anyway, but well, this one is easy to mitigate, so let's do it.
While we are at it block a couple of more syscalls that are no good in
containers, too.
---
src/nspawn/nspawn.c | 47 +++++++++++++++++++++++++++++++++++------------
1 file changed, 35 insertions(+), 12 deletions(-)
diff --git src/nspawn/nspawn.c src/nspawn/nspawn.c
index fd61d07..656c1bf 100644
--- src/nspawn/nspawn.c
+++ src/nspawn/nspawn.c
@@ -1864,22 +1864,25 @@ static int setup_macvlan(pid_t pid) {
return 0;
}
-static int audit_still_doesnt_work_in_containers(void) {
+static int setup_seccomp(void) {
#ifdef HAVE_SECCOMP
+ static const int blacklist[] = {
+ SCMP_SYS(kexec_load),
+ SCMP_SYS(open_by_handle_at),
+ SCMP_SYS(init_module),
+ SCMP_SYS(finit_module),
+ SCMP_SYS(delete_module),
+ SCMP_SYS(iopl),
+ SCMP_SYS(ioperm),
+ SCMP_SYS(swapon),
+ SCMP_SYS(swapoff),
+ };
+
scmp_filter_ctx seccomp;
+ unsigned i;
int r;
- /*
- Audit is broken in containers, much of the userspace audit
- hookup will fail if running inside a container. We don't
- care and just turn off creation of audit sockets.
-
- This will make socket(AF_NETLINK, *, NETLINK_AUDIT) fail
- with EAFNOSUPPORT which audit userspace uses as indication
- that audit is disabled in the kernel.
- */
-
seccomp = seccomp_init(SCMP_ACT_ALLOW);
if (!seccomp)
return log_oom();
@@ -1890,6 +1893,26 @@ static int audit_still_doesnt_work_in_containers(void) {
goto finish;
}
+ for (i = 0; i < ELEMENTSOF(blacklist); i++) {
+ r = seccomp_rule_add(seccomp, SCMP_ACT_ERRNO(EPERM), blacklist[i], 0);
+ if (r == -EFAULT)
+ continue; /* unknown syscall */
+ if (r < 0) {
+ log_error("Failed to block syscall: %s", strerror(-r));
+ goto finish;
+ }
+ }
+
+ /*
+ Audit is broken in containers, much of the userspace audit
+ hookup will fail if running inside a container. We don't
+ care and just turn off creation of audit sockets.
+
+ This will make socket(AF_NETLINK, *, NETLINK_AUDIT) fail
+ with EAFNOSUPPORT which audit userspace uses as indication
+ that audit is disabled in the kernel.
+ */
+
r = seccomp_rule_add(
seccomp,
SCMP_ACT_ERRNO(EAFNOSUPPORT),
@@ -3050,7 +3073,7 @@ int main(int argc, char *argv[]) {
dev_setup(arg_directory);
- if (audit_still_doesnt_work_in_containers() < 0)
+ if (setup_seccomp() < 0)
goto child_fail;
if (setup_dev_console(arg_directory, console) < 0)
--
1.7.9.2
++++++ 0006-hwdb-update.patch ++++++
++++ 4392 lines (skipped)
++++++ 0006-tmpfiles-don-t-do-automatic-cleanup-in-XDG_RUNTIME_D.patch ++++++
Based on 6fc27667950fe153033f0f49cb5b57e8954c3e54 Mon Sep 17 00:00:00 2001
From: Lennart Poettering
From 063e36db8aed7b54100b33089deb6d2e86d516b9 Mon Sep 17 00:00:00 2001 From: Marcel Holtmann
Date: Thu, 3 Jul 2014 16:13:48 +0200 Subject: [PATCH] hwdb: Update database of Bluetooth company identifiers
--- hwdb/20-bluetooth-vendor-product.hwdb | 26 +++++++++++++++++++++++++- 1 file changed, 25 insertions(+), 1 deletion(-) diff --git hwdb/20-bluetooth-vendor-product.hwdb hwdb/20-bluetooth-vendor-product.hwdb index 377748a..9f3136a 100644 --- hwdb/20-bluetooth-vendor-product.hwdb +++ hwdb/20-bluetooth-vendor-product.hwdb @@ -1045,7 +1045,31 @@ bluetooth:v0159* ID_VENDOR_FROM_DATABASE=ChefSteps, Inc. bluetooth:v015A* - ID_VENDOR_FROM_DATABASE=micus AG + ID_VENDOR_FROM_DATABASE=micas AG bluetooth:v015B* ID_VENDOR_FROM_DATABASE=Biomedical Research Ltd. + +bluetooth:v015C* + ID_VENDOR_FROM_DATABASE=Pitius Tec S.L. + +bluetooth:v015D* + ID_VENDOR_FROM_DATABASE=Estimote, Inc. + +bluetooth:v015E* + ID_VENDOR_FROM_DATABASE=Unikey Technologies, Inc. + +bluetooth:v015F* + ID_VENDOR_FROM_DATABASE=Timer Cap Co. + +bluetooth:v0160* + ID_VENDOR_FROM_DATABASE=AwoX + +bluetooth:v0161* + ID_VENDOR_FROM_DATABASE=yikes + +bluetooth:v0162* + ID_VENDOR_FROM_DATABASE=MADSGlobal NZ Ltd. + +bluetooth:v0163* + ID_VENDOR_FROM_DATABASE=PCH International -- 1.7.9.2 ++++++ 0007-units-skip-mounting-tmp-if-it-is-a-symlink.patch ++++++
From 8ebf02d6f382ce1ac7e0d44a713b8795a07b08cd Mon Sep 17 00:00:00 2001 From: Lennart Poettering
Date: Mon, 30 Jun 2014 21:44:05 +0200 Subject: [PATCH] units: skip mounting /tmp if it is a symlink
We shouldn't get confused if people have symlinked /tmp somewhere, so let's simply skip the mount then. --- units/tmp.mount | 1 + 1 file changed, 1 insertion(+) diff --git units/tmp.mount units/tmp.mount index 99a3ba3..00a0d28 100644 --- units/tmp.mount +++ units/tmp.mount @@ -9,6 +9,7 @@ Description=Temporary Directory Documentation=man:hier(7) Documentation=http://www.freedesktop.org/wiki/Software/systemd/APIFileSystems +ConditionPathIsSymbolicLink=!/tmp DefaultDependencies=no Conflicts=umount.target Before=local-fs.target umount.target -- 1.7.9.2 ++++++ 1041-libudev-fix-udev_queue_get_queue_is_empty-logic.patch ++++++
From 45e60962b7965f32755a76b79a28126299aac149 Mon Sep 17 00:00:00 2001 From: Kay Sievers
Date: Fri, 27 Jun 2014 14:20:17 +0200 Subject: [PATCH] libudev: fix udev_queue_get_queue_is_empty() logic
---
src/libudev/libudev-queue.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git src/libudev/libudev-queue.c src/libudev/libudev-queue.c
index eb0e096..c32a7ef 100644
--- src/libudev/libudev-queue.c
+++ src/libudev/libudev-queue.c
@@ -175,7 +175,7 @@ _public_ int udev_queue_get_udev_is_active(struct udev_queue *udev_queue)
**/
_public_ int udev_queue_get_queue_is_empty(struct udev_queue *udev_queue)
{
- return access("/run/udev/queue", F_OK) >= 0;
+ return access("/run/udev/queue", F_OK) < 0;
}
/**
--
1.7.9.2
++++++ 1042-libudev-queue-provide-file-descriptor-to-watch-busy-.patch ++++++
Based on 14cb733684d3c3f50d088a3a370ddf8e8894dfa4 Mon Sep 17 00:00:00 2001
From: Kay Sievers
From 8a7a0c19edd2d971d4aa9d635f7978af841e8278 Mon Sep 17 00:00:00 2001 From: Kay Sievers
Date: Fri, 27 Jun 2014 19:54:45 +0200 Subject: [PATCH] libudev: queue - watch entire directory to allow the re-use of the watch descriptor
--- src/libudev/libudev-queue.c | 2 +- src/udev/udevadm-settle.c | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git src/libudev/libudev-queue.c src/libudev/libudev-queue.c index d4334b4..8ef1f3d 100644 --- src/libudev/libudev-queue.c +++ src/libudev/libudev-queue.c @@ -245,7 +245,7 @@ _public_ int udev_queue_get_fd(struct udev_queue *udev_queue) { if (fd < 0) return -errno; - r = inotify_add_watch(fd, "/run/udev/queue" , IN_DELETE); + r = inotify_add_watch(fd, "/run/udev" , IN_DELETE); if (r < 0) { r = -errno; close(fd); diff --git src/udev/udevadm-settle.c src/udev/udevadm-settle.c index 79e8b59..fa5b0c2 100644 --- src/udev/udevadm-settle.c +++ src/udev/udevadm-settle.c @@ -135,7 +135,7 @@ static int adm_settle(struct udev *udev, int argc, char *argv[]) } /* wake up when queue is empty */ - if (poll(pfd, 1, 100) > 0 && pfd[0].revents & POLLIN) + if (poll(pfd, 1, MSEC_PER_SEC) > 0 && pfd[0].revents & POLLIN) udev_queue_flush(queue); } -- 1.7.9.2 ++++++ 1044-rules-update-qemu-hid-rules.patch ++++++
From cd31d1884f1ecf38e11bc6268f446d75dfafbc25 Mon Sep 17 00:00:00 2001 From: Gerd Hoffmann
Date: Mon, 24 Mar 2014 12:07:41 +0100 Subject: [PATCH] rules: update qemu hid rules
Update comment to be a bit more specific.
Change match to blacklist the serial number of the broken devices
instead of whitelisting the serial number of the fixed devices.
This allows to do something useful with the serial number in the
future.
---
rules/42-usb-hid-pm.rules | 15 ++++++++-------
1 file changed, 8 insertions(+), 7 deletions(-)
diff --git rules/42-usb-hid-pm.rules rules/42-usb-hid-pm.rules
index 3fd6e8a..c675b5b 100644
--- rules/42-usb-hid-pm.rules
+++ rules/42-usb-hid-pm.rules
@@ -2,14 +2,15 @@
#
# Enable autosuspend for qemu emulated usb hid devices
-# Note that there are buggy qemu versions which advertise remote
-# wakeup support but don't actually implement it correctly. This
-# is the reason why we need a match for the serial number here.
-# The serial number "42" is used to tag the implementations where
+# Note that there are buggy qemu versions (0.13 & older) which
+# advertise remote wakeup support but don't actually implement
+# it correctly. This is the reason why we need a match for the
+# serial number here. Old, broken versions have serial "1".
+# It has been changed to "42" after fixing the bug to indicate
# remote wakeup is working.
-ACTION=="add", SUBSYSTEM=="usb", ATTR{product}=="QEMU USB Mouse", ATTR{serial}=="42", TEST=="power/control", ATTR{power/control}="auto"
-ACTION=="add", SUBSYSTEM=="usb", ATTR{product}=="QEMU USB Tablet", ATTR{serial}=="42", TEST=="power/control", ATTR{power/control}="auto"
-ACTION=="add", SUBSYSTEM=="usb", ATTR{product}=="QEMU USB Keyboard", ATTR{serial}=="42", TEST=="power/control", ATTR{power/control}="auto"
+ACTION=="add", SUBSYSTEM=="usb", ATTR{product}=="QEMU USB Mouse", ATTR{serial}!="1", TEST=="power/control", ATTR{power/control}="auto"
+ACTION=="add", SUBSYSTEM=="usb", ATTR{product}=="QEMU USB Tablet", ATTR{serial}!="1", TEST=="power/control", ATTR{power/control}="auto"
+ACTION=="add", SUBSYSTEM=="usb", ATTR{product}=="QEMU USB Keyboard", ATTR{serial}!="1", TEST=="power/control", ATTR{power/control}="auto"
# Catch-all for Avocent HID devices. Keyed off interface in order to only
# trigger on HID class devices.
--
1.7.9.2
++++++ 1045-rules-don-t-enable-usb-pm-for-Avocent-devices.patch ++++++
Based on 52fb538361053f8c4abce0e40cd0bae3d28ceb16 Mon Sep 17 00:00:00 2001
From: Tom Hirst
From 01d4590b775661ebc71c7b81b0c62ccd69395268 Mon Sep 17 00:00:00 2001 From: Lennart Poettering
Date: Wed, 2 Jul 2014 15:13:29 +0200 Subject: [PATCH] udev: net_setup_link builtin should print the reason why something fails
Let's tell users what is going wrong. --- src/udev/udev-builtin-net_setup_link.c | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git src/udev/udev-builtin-net_setup_link.c src/udev/udev-builtin-net_setup_link.c index 3cd384e..6207269 100644 --- src/udev/udev-builtin-net_setup_link.c +++ src/udev/udev-builtin-net_setup_link.c @@ -43,17 +43,17 @@ static int builtin_net_setup_link(struct udev_device *dev, int argc, char **argv r = link_config_get(ctx, dev, &link); if (r < 0) { if (r == -ENOENT) { - log_debug("No matching link configuration found"); + log_debug("No matching link configuration found."); return EXIT_SUCCESS; } else { - log_error("Could not get link config"); + log_error("Could not get link config: %s", strerror(-r)); return EXIT_FAILURE; } } r = link_config_apply(ctx, link, dev, &name); if (r < 0) { - log_error("Could not apply link config to %s", udev_device_get_sysname(dev)); + log_error("Could not apply link config to %s: %s", udev_device_get_sysname(dev), strerror(-r)); return EXIT_FAILURE; } @@ -77,18 +77,18 @@ static int builtin_net_setup_link_init(struct udev *udev) { if (r < 0) return r; - log_debug("Created link configuration context"); + log_debug("Created link configuration context."); return 0; } static void builtin_net_setup_link_exit(struct udev *udev) { link_config_ctx_free(ctx); ctx = NULL; - log_debug("Unloaded link configuration context"); + log_debug("Unloaded link configuration context."); } static bool builtin_net_setup_link_validate(struct udev *udev) { - log_debug("Check if link configuration needs reloading"); + log_debug("Check if link configuration needs reloading."); if (!ctx) return false; -- 1.7.9.2 ++++++ 1048-udev-net_setup_link-add-a-bit-more-logging.patch ++++++
From 866ee3682213789f85b877700457fdca05695a0e Mon Sep 17 00:00:00 2001 From: Tom Gundersen
Date: Thu, 3 Jul 2014 09:57:27 +0200 Subject: [PATCH] udev: net_setup_link - add a bit more logging
--- src/udev/net/link-config.c | 10 ++++++++-- 1 file changed, 8 insertions(+), 2 deletions(-) diff --git src/udev/net/link-config.c src/udev/net/link-config.c index 7a9d01b..b8650a6 100644 --- src/udev/net/link-config.c +++ src/udev/net/link-config.c @@ -92,14 +92,20 @@ static int link_config_ctx_connect(link_config_ctx *ctx) { if (ctx->ethtool_fd == -1) { r = ethtool_connect(&ctx->ethtool_fd); - if (r < 0) + if (r < 0) { + log_warning("link_config: could not connect to ethtool: %s", + strerror(-r)); return r; + } } if (!ctx->rtnl) { r = sd_rtnl_open(&ctx->rtnl, 0); - if (r < 0) + if (r < 0) { + log_warning("link_config: could not connect to rtnl: %s", + strerror(-r)); return r; + } } return 0; -- 1.7.9.2 -- To unsubscribe, e-mail: opensuse-commit+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-commit+help@opensuse.org