commit dbus-1.1001 for openSUSE:11.4:Update
Hello community,
here is the log from the commit of package dbus-1.1001 for openSUSE:11.4:Update checked in at 2012-10-31 16:00:50
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:11.4:Update/dbus-1.1001 (Old)
and /work/SRC/openSUSE:11.4:Update/.dbus-1.1001.new (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "dbus-1.1001", Maintainer is ""
Changes:
--------
New Changes file:
--- /dev/null 2012-10-22 00:44:18.403455820 +0200
+++ /work/SRC/openSUSE:11.4:Update/.dbus-1.1001.new/dbus-1-x11.changes 2012-10-31 16:00:51.000000000 +0100
@@ -0,0 +1,1335 @@
+-------------------------------------------------------------------
+Wed Oct 10 13:14:55 CEST 2012 - thoenig@suse.de
+
+- Replace patches for CVE-2012-3524 with upstream patches
+ (bnc#697105).
+ 23fe78ceefb6cefcd58a49c77d1154b68478c8d2
+ 4b351918b9f70eaedbdb3ab39208bc1f131efae0
+ 57ae3670508bbf4ec57049de47c9cae727a64802
+ f68dbdc3e6f895012ce33939fb524accf31bcca5
+
+-------------------------------------------------------------------
+Wed Sep 19 17:31:18 CEST 2012 - thoenig@suse.de
+
+- Add patch for CVE-2012-3524 to fix getenv() vulnerability in
+ suids (bnc#697105)
+
+-------------------------------------------------------------------
+Fri Jul 13 08:06:38 UTC 2012 - lnussel@suse.de
+
+- add patch: dbus-1.2.10-fd-limit-backport.patch
+ - Raise file descriptor limit to match configuration. The default
+ configuration has hardcoded 2048 complete connections, and 64
+ incomplete. We need at least that number of file descriptors,
+ plus some for internal use. In the bus, attempt to call
+ setrlimit() before we drop privileges. Practically speaking
+ for this means the system bus gets it, the session bus doesn't.
+ Upstream: bugs.freedesktop.org/show_bug.cgi?id=33474 . Fixes
+ bnc#739743).
+
+-------------------------------------------------------------------
+Fri Aug 5 15:45:34 CEST 2011 - thoenig@suse.de
+
+- add patch: dbus-1.4.1-byteorder.patch
+ - Byte-swap foreign-endian messages correctly, preventing a
+ long-standing local DoS if foreign-endian messages are relayed
+ through the dbus-daemon (bnc#699712)
+
+
+-------------------------------------------------------------------
+Sun Jan 2 12:54:14 UTC 2011 - javier@opensuse.org
+
+- Update to 1.4.1
+ + Fix for CVE-2010-4352: sending messages with excessively-nested
+ variants can crash the bus. The existing restriction to 64-levels
+ of nesting previously only applied to the static type signature;
+ now it also applies to dynamic nesting using variants. Thanks to
+ Rémi Denis-Courmont for discoving this issue.
+ + Various bug fixes.
+ + For details, see
+ http://lists.freedesktop.org/archives/dbus/2010-December/013861.html
+
+-------------------------------------------------------------------
+Mon Nov 8 14:52:11 UTC 2010 - aj@suse.de
+
+- Fix package list, own /lib/systemd directories.
+
+-------------------------------------------------------------------
+Tue Oct 12 14:35:53 UTC 2010 - cristian.rodriguez@opensuse.org
+
+- ConsoleKit may not be installed on the system, so kill
+ the process at "stop" only if it is running
+
+-------------------------------------------------------------------
+Fri Sep 24 18:21:46 UTC 2010 - cristian.rodriguez@opensuse.org
+
+- add missimg BuildRequires on libcap-ng-devel so dbus can
+ drop capabilities when needed.
+
+-------------------------------------------------------------------
+Mon Sep 6 18:41:50 CEST 2010 - kay.sievers@novell.com
+
+- version 1.4.0
+ - make dbus-uuidgen atomic
+ - fix socket descriptor leak in _dbus_connect_tcp_socket_with_nonce
+ - unconditionally enable D-Bus on systemd boots
+
+-------------------------------------------------------------------
+Sat Jul 24 10:15:42 CEST 2010 - kay.sievers@novell.com
+
+- update systemd service installation
+
+-------------------------------------------------------------------
+Wed Jul 14 00:58:42 CEST 2010 - kay.sievers@novell.com
+
+- drop systemd-units
+
+-------------------------------------------------------------------
+Sun Jul 11 00:39:51 CEST 2010 - kay.sievers@novell.com
+
+- update to 1.3.2 snapshot
+ - New standardized PropertiesChanged signal in the properties interface
+ - Support forking bus services, for compatibility
+- install systemd service files
+
+-------------------------------------------------------------------
+Mon Jun 28 06:38:35 UTC 2010 - jengelh@medozas.de
+
+- use %_smp_mflags
+
+-------------------------------------------------------------------
+Thu Mar 25 15:44:39 CET 2010 - vuntz@opensuse.org
+
+- Update to version 1.2.24:
+ + For details, see
+ http://lists.freedesktop.org/archives/dbus/2010-March/012436.html
+ + Highlights:
+ - Fix a critical crasher bug in the syslog code
+ + [bus] While creating a syslog, correctly get pointer data from
+ DBusString
+ + [bus] Don't install a SIGTERM handler
+ + [64 bit printf] Update to use DBUS_PID_FORMAT, print (omitted)
+ + Move dispatching to destination to bus_dispatch_matches()
+ + Dispatch post-activation messages to anyone interested
+ + Build changes.
+- Changes from version 1.2.22:
+ + For details, see
+ http://lists.freedesktop.org/archives/dbus/2010-March/012395.html
+ + Highlights:
+ - Fix to avoid UI freezes in newer Evolution versions (and any
+ other program that makes synchronous DBus calls from a
+ non-main thread).
+ - Monitor service directories for changes
+ + When handling a watch, return if another thread is doing I/O
+ + Monitor service directories for changes
+ + Sync up UNICODE_VALID with glib, add documentation
+ + Support inotify on older kernels
+ + Handle OOM in reload watch
+ + Refactor _dbus_log_info, _dbus_log_security into
+ _dbus_log_system
+ + Add DBUS_SYSTEM_LOG_FATAL severity
+ + Add _dbus_credentials_to_string_append
+ + Add a prefix to our syslog messages
+ + Make SELinux initialization failure fatal
+ + Don't send an reply for driver messages if one isn't requested
+ + Fix double-free in error case.
+ + Other simple fixes, build fixes.
+ + Explicitly specify in the spec lower-case hex must be used
+ + Use AM_SILENT_RULES if available
+- Changes from version 1.2.20:
+ + For details, see
+ http://lists.freedesktop.org/archives/dbus/2010-February/012156.html
+ + Fix inotify shutdown
+ + Fix compilation in --disable-selinux case
+- Changes from version 1.2.18:
+ + For details, see
+ http://lists.freedesktop.org/archives/dbus/2010-February/012150.html
+ + Ignore exit code zero from activated services
+ + Switch to libcap-ng, avoid linking libdbus against libcap[-ng]
+ + Don't drop pending activations when reloading configuration
+ + Update messagebus.in init script to start earlier
+ + Clean up inotify watch handling
+ + Don't crash when reloading if we haven't loaded user database
+ yet
+ + fdo#23502 - corrected wrong verbose-output
+ + Correct timeout handling
+ + dbus-monitor: use unbuffered stdout instead of handling SIGINT
+ + fdo#25697 - Fix memory leak in policy reload
+ + fdo#23977 - dbus-launch --exit-with-session not killing
+ dbus-daemon on SIGINT
+ + Use monotonic clock for _dbus_get_current_time() if it's
+ available.
+ + Make array-printing code easier to follow
+ + Forbid zero serial numbers
+ + Include reason when reporting corrupt messages
+ + Add an accessor for the loader's corruption reason
+ + Print byte arrays as nicely-formatted hex.
+ + Print all-printable-ASCII byte arrays as strings
+ + Build fixes, including fdo#19432, fdo#22788, fdo#22805
+
+-------------------------------------------------------------------
+Mon Dec 14 20:43:34 CET 2009 - jengelh@medozas.de
+
+- add baselibs.conf as a source
+- package documentation as noarch
+
+-------------------------------------------------------------------
+Wed Sep 2 16:46:50 CEST 2009 - mvidner@suse.cz
+
+- Implemented /etc/init.d/dbus reload (bnc#503074).
+
+-------------------------------------------------------------------
+Thu Jul 23 15:50:57 CEST 2009 - kay.sievers@novell.com
+
+- fix %changelog
+
+-------------------------------------------------------------------
+Fri Jul 17 17:50:00 CEST 2009 - meissner@suse.de
+
+- added dbus-1-devel to baselibs.conf
+
+-------------------------------------------------------------------
+Fri Jul 17 17:18:57 CEST 2009 - kay.sievers@novell.com
+
+- fix --libexecdir to be the proper /lib/dbus-1/ directory
+
+-------------------------------------------------------------------
+Wed Jul 15 12:41:36 CEST 2009 - kay.sievers@novell.com
++++ 1138 more lines (skipped)
++++ between /dev/null
++++ and /work/SRC/openSUSE:11.4:Update/.dbus-1.1001.new/dbus-1-x11.changes
New Changes file:
--- /dev/null 2012-10-22 00:44:18.403455820 +0200
+++ /work/SRC/openSUSE:11.4:Update/.dbus-1.1001.new/dbus-1.changes 2012-10-31 16:00:51.000000000 +0100
@@ -0,0 +1,1335 @@
+-------------------------------------------------------------------
+Wed Oct 10 13:14:55 CEST 2012 - thoenig@suse.de
+
+- Replace patches for CVE-2012-3524 with upstream patches
+ (bnc#697105).
+ 23fe78ceefb6cefcd58a49c77d1154b68478c8d2
+ 4b351918b9f70eaedbdb3ab39208bc1f131efae0
+ 57ae3670508bbf4ec57049de47c9cae727a64802
+ f68dbdc3e6f895012ce33939fb524accf31bcca5
+
+-------------------------------------------------------------------
+Wed Sep 19 17:31:06 CEST 2012 - thoenig@suse.de
+
+- Add patch for CVE-2012-3524 to fix getenv() vulnerability in
+ suids (bnc#697105)
+
+-------------------------------------------------------------------
+Fri Jul 13 08:06:38 UTC 2012 - lnussel@suse.de
+
+- add patch: dbus-1.2.10-fd-limit-backport.patch
+ - Raise file descriptor limit to match configuration. The default
+ configuration has hardcoded 2048 complete connections, and 64
+ incomplete. We need at least that number of file descriptors,
+ plus some for internal use. In the bus, attempt to call
+ setrlimit() before we drop privileges. Practically speaking
+ for this means the system bus gets it, the session bus doesn't.
+ Upstream: bugs.freedesktop.org/show_bug.cgi?id=33474 . Fixes
+ bnc#739743).
+
+-------------------------------------------------------------------
+Fri Aug 5 15:45:34 CEST 2011 - thoenig@suse.de
+
+- add patch: dbus-1.4.1-byteorder.patch
+ - Byte-swap foreign-endian messages correctly, preventing a
+ long-standing local DoS if foreign-endian messages are relayed
+ through the dbus-daemon (bnc#699712)
+
+
+-------------------------------------------------------------------
+Sun Jan 2 12:54:14 UTC 2011 - javier@opensuse.org
+
+- Update to 1.4.1
+ + Fix for CVE-2010-4352: sending messages with excessively-nested
+ variants can crash the bus. The existing restriction to 64-levels
+ of nesting previously only applied to the static type signature;
+ now it also applies to dynamic nesting using variants. Thanks to
+ Rémi Denis-Courmont for discoving this issue.
+ + Various bug fixes.
+ + For details, see
+ http://lists.freedesktop.org/archives/dbus/2010-December/013861.html
+
+-------------------------------------------------------------------
+Mon Nov 8 14:52:11 UTC 2010 - aj@suse.de
+
+- Fix package list, own /lib/systemd directories.
+
+-------------------------------------------------------------------
+Tue Oct 12 14:35:53 UTC 2010 - cristian.rodriguez@opensuse.org
+
+- ConsoleKit may not be installed on the system, so kill
+ the process at "stop" only if it is running
+
+-------------------------------------------------------------------
+Fri Sep 24 18:21:46 UTC 2010 - cristian.rodriguez@opensuse.org
+
+- add missimg BuildRequires on libcap-ng-devel so dbus can
+ drop capabilities when needed.
+
+-------------------------------------------------------------------
+Mon Sep 6 18:41:50 CEST 2010 - kay.sievers@novell.com
+
+- version 1.4.0
+ - make dbus-uuidgen atomic
+ - fix socket descriptor leak in _dbus_connect_tcp_socket_with_nonce
+ - unconditionally enable D-Bus on systemd boots
+
+-------------------------------------------------------------------
+Sat Jul 24 10:15:42 CEST 2010 - kay.sievers@novell.com
+
+- update systemd service installation
+
+-------------------------------------------------------------------
+Wed Jul 14 00:58:42 CEST 2010 - kay.sievers@novell.com
+
+- drop systemd-units
+
+-------------------------------------------------------------------
+Sun Jul 11 00:39:51 CEST 2010 - kay.sievers@novell.com
+
+- update to 1.3.2 snapshot
+ - New standardized PropertiesChanged signal in the properties interface
+ - Support forking bus services, for compatibility
+- install systemd service files
+
+-------------------------------------------------------------------
+Mon Jun 28 06:38:35 UTC 2010 - jengelh@medozas.de
+
+- use %_smp_mflags
+
+-------------------------------------------------------------------
+Thu Mar 25 15:44:39 CET 2010 - vuntz@opensuse.org
+
+- Update to version 1.2.24:
+ + For details, see
+ http://lists.freedesktop.org/archives/dbus/2010-March/012436.html
+ + Highlights:
+ - Fix a critical crasher bug in the syslog code
+ + [bus] While creating a syslog, correctly get pointer data from
+ DBusString
+ + [bus] Don't install a SIGTERM handler
+ + [64 bit printf] Update to use DBUS_PID_FORMAT, print (omitted)
+ + Move dispatching to destination to bus_dispatch_matches()
+ + Dispatch post-activation messages to anyone interested
+ + Build changes.
+- Changes from version 1.2.22:
+ + For details, see
+ http://lists.freedesktop.org/archives/dbus/2010-March/012395.html
+ + Highlights:
+ - Fix to avoid UI freezes in newer Evolution versions (and any
+ other program that makes synchronous DBus calls from a
+ non-main thread).
+ - Monitor service directories for changes
+ + When handling a watch, return if another thread is doing I/O
+ + Monitor service directories for changes
+ + Sync up UNICODE_VALID with glib, add documentation
+ + Support inotify on older kernels
+ + Handle OOM in reload watch
+ + Refactor _dbus_log_info, _dbus_log_security into
+ _dbus_log_system
+ + Add DBUS_SYSTEM_LOG_FATAL severity
+ + Add _dbus_credentials_to_string_append
+ + Add a prefix to our syslog messages
+ + Make SELinux initialization failure fatal
+ + Don't send an reply for driver messages if one isn't requested
+ + Fix double-free in error case.
+ + Other simple fixes, build fixes.
+ + Explicitly specify in the spec lower-case hex must be used
+ + Use AM_SILENT_RULES if available
+- Changes from version 1.2.20:
+ + For details, see
+ http://lists.freedesktop.org/archives/dbus/2010-February/012156.html
+ + Fix inotify shutdown
+ + Fix compilation in --disable-selinux case
+- Changes from version 1.2.18:
+ + For details, see
+ http://lists.freedesktop.org/archives/dbus/2010-February/012150.html
+ + Ignore exit code zero from activated services
+ + Switch to libcap-ng, avoid linking libdbus against libcap[-ng]
+ + Don't drop pending activations when reloading configuration
+ + Update messagebus.in init script to start earlier
+ + Clean up inotify watch handling
+ + Don't crash when reloading if we haven't loaded user database
+ yet
+ + fdo#23502 - corrected wrong verbose-output
+ + Correct timeout handling
+ + dbus-monitor: use unbuffered stdout instead of handling SIGINT
+ + fdo#25697 - Fix memory leak in policy reload
+ + fdo#23977 - dbus-launch --exit-with-session not killing
+ dbus-daemon on SIGINT
+ + Use monotonic clock for _dbus_get_current_time() if it's
+ available.
+ + Make array-printing code easier to follow
+ + Forbid zero serial numbers
+ + Include reason when reporting corrupt messages
+ + Add an accessor for the loader's corruption reason
+ + Print byte arrays as nicely-formatted hex.
+ + Print all-printable-ASCII byte arrays as strings
+ + Build fixes, including fdo#19432, fdo#22788, fdo#22805
+
+-------------------------------------------------------------------
+Mon Dec 14 20:43:34 CET 2009 - jengelh@medozas.de
+
+- add baselibs.conf as a source
+- package documentation as noarch
+
+-------------------------------------------------------------------
+Wed Sep 2 16:46:50 CEST 2009 - mvidner@suse.cz
+
+- Implemented /etc/init.d/dbus reload (bnc#503074).
+
+-------------------------------------------------------------------
+Thu Jul 23 15:50:57 CEST 2009 - kay.sievers@novell.com
+
+- fix %changelog
+
+-------------------------------------------------------------------
+Fri Jul 17 17:50:00 CEST 2009 - meissner@suse.de
+
+- added dbus-1-devel to baselibs.conf
+
+-------------------------------------------------------------------
+Fri Jul 17 17:18:57 CEST 2009 - kay.sievers@novell.com
+
+- fix --libexecdir to be the proper /lib/dbus-1/ directory
+
+-------------------------------------------------------------------
+Wed Jul 15 12:41:36 CEST 2009 - kay.sievers@novell.com
++++ 1138 more lines (skipped)
++++ between /dev/null
++++ and /work/SRC/openSUSE:11.4:Update/.dbus-1.1001.new/dbus-1.changes
New:
----
baselibs.conf
dbus-1-x11.changes
dbus-1-x11.spec
dbus-1-x11.spec.in
dbus-1.2.10-fd-limit-backport.patch
dbus-1.4.1-byteorder.patch
dbus-1.4.1.tar.bz2
dbus-1.changes
dbus-1.desktop
dbus-1.spec
dbus-cve-2012-3524-1.patch
dbus-cve-2012-3524-2.patch
dbus-cve-2012-3524-3.patch
dbus-cve-2012-3524-4.patch
dbus-log-deny.patch
dbus_at_console.ck
pre_checkin.sh
rc.boot.dbus
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ dbus-1-x11.spec ++++++
#
# spec file for package dbus-1-x11
#
# Copyright (c) 2012 SUSE LINUX Products GmbH, Nuernberg, Germany.
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
# upon. The license for this file, and modifications and additions to the
# file, is the same license as for the pristine package itself (unless the
# license for the pristine package is not an Open Source License, in which
# case the license is the MIT License). An "Open Source License" is a
# license that conforms to the Open Source Definition (Version 1.9)
# published by the Open Source Initiative.
# Please submit bugfixes or comments via http://bugs.opensuse.org/
#
Name: dbus-1-x11
BuildRequires: xorg-x11-devel
Url: http://dbus.freedesktop.org/
Summary: D-Bus Message Bus System
License: GNU General Public License (GPL), Other License(s), see package
Group: System/Daemons
# COMMON1-BEGIN
# COMMON1-BEGIN
BuildRequires: audit-devel
BuildRequires: doxygen
BuildRequires: libexpat-devel
BuildRequires: libzio
BuildRequires: pkgconfig
Version: 1.4.1
Release: 7.<RELEASE8>
# bug437293
%ifarch ppc64
Obsoletes: dbus-1-64bit
%endif
#
Source0: dbus-%{version}.tar.bz2
Source1: rc.boot.dbus
Source2: dbus-1.desktop
Source3: dbus_at_console.ck
Source4: baselibs.conf
Patch0: dbus-log-deny.patch
Patch1: dbus-1.4.1-byteorder.patch
Patch2: dbus-1.2.10-fd-limit-backport.patch
Patch3: dbus-cve-2012-3524-1.patch
Patch4: dbus-cve-2012-3524-2.patch
Patch5: dbus-cve-2012-3524-3.patch
Patch6: dbus-cve-2012-3524-4.patch
%if 0%{?suse_version} > 1100
%bcond_without selinux
%else
%bcond_with selinux
%endif
%if %{with selinux}
BuildRequires: libselinux-devel
%endif
BuildRequires: libcap-ng-devel
BuildRoot: %{_tmppath}/%{name}-%{version}-build
# COMMON1-END
# COMMON1-END
%description
D-Bus contains some tools that require Xlib to be installed, those are
in this separate package so server systems need not install X.
%prep
# COMMON2-BEGIN
# COMMON2-BEGIN
%setup -n dbus-%{version} -q
%patch0 -p1
%patch1 -p1
%patch2 -p1
%patch3 -p1
%patch4 -p1
%patch5 -p1
%patch6 -p1
%build
autoreconf -fi
export CFLAGS="${RPM_OPT_FLAGS} -fno-strict-aliasing -fPIC"
export CXXFLAGS="${RPM_OPT_FLAGS} -fno-strict-aliasing"
%if 0%{?suse_version} > 1000
export CFLAGS="$CFLAGS -fstack-protector"
export CXXFLAGS="$CXXFLAGS -fstack-protector"
export V=1
%endif
%configure \
--disable-static \
--with-pic \
--bindir=/bin \
--libexecdir=/lib/%{name} \
--libdir=/%{_lib} \
--with-init-scripts=suse \
--enable-inotify \
--enable-doxygen-docs \
%if %{with selinux}
--enable-selinux \
%endif
--enable-libaudit \
--with-console-auth-dir=/var/run/dbus/at_console/ \
--with-systemdsystemunitdir=/lib/systemd/system
make %{?_smp_mflags}
doxygen -u && doxygen
./cleanup-man-pages.sh
%install
# COMMON2-END
# COMMON2-END
tdir=$(mktemp -d)
make DESTDIR=$tdir install
mkdir -p %{buildroot}/%{_bindir}
mkdir -p %{buildroot}/%{_mandir}/man1
mv $tdir/bin/dbus-launch %{buildroot}/%{_bindir}
mv $tdir/%{_mandir}/man1/dbus-launch.1* %{buildroot}/%{_mandir}/man1
rm -rf $tdir
%clean
%{__rm} -rf %{buildroot}
%files
%defattr(-,root,root)
%{_bindir}/dbus-launch
%{_mandir}/man1/dbus-launch.1*
%changelog
++++++ dbus-1.spec ++++++
#
# spec file for package dbus-1
#
# Copyright (c) 2012 SUSE LINUX Products GmbH, Nuernberg, Germany.
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
# upon. The license for this file, and modifications and additions to the
# file, is the same license as for the pristine package itself (unless the
# license for the pristine package is not an Open Source License, in which
# case the license is the MIT License). An "Open Source License" is a
# license that conforms to the Open Source Definition (Version 1.9)
# published by the Open Source Initiative.
# Please submit bugfixes or comments via http://bugs.opensuse.org/
#
Name: dbus-1
Url: http://dbus.freedesktop.org/
Summary: D-Bus Message Bus System
License: Other uncritical OpenSource License
Group: System/Daemons
# COMMON1-BEGIN
BuildRequires: audit-devel
BuildRequires: doxygen
BuildRequires: libexpat-devel
BuildRequires: libzio
BuildRequires: pkgconfig
Version: 1.4.1
Release: 7.<RELEASE8>
# bug437293
%ifarch ppc64
Obsoletes: dbus-1-64bit
%endif
#
Source0: dbus-%{version}.tar.bz2
Source1: rc.boot.dbus
Source2: dbus-1.desktop
Source3: dbus_at_console.ck
Source4: baselibs.conf
Patch0: dbus-log-deny.patch
Patch1: dbus-1.4.1-byteorder.patch
Patch2: dbus-1.2.10-fd-limit-backport.patch
Patch3: dbus-cve-2012-3524-1.patch
Patch4: dbus-cve-2012-3524-2.patch
Patch5: dbus-cve-2012-3524-3.patch
Patch6: dbus-cve-2012-3524-4.patch
%if 0%{?suse_version} > 1100
%bcond_without selinux
%else
%bcond_with selinux
%endif
%if %{with selinux}
BuildRequires: libselinux-devel
%endif
BuildRequires: libcap-ng-devel
BuildRoot: %{_tmppath}/%{name}-%{version}-build
# COMMON1-END
PreReq: permissions /usr/sbin/groupadd /usr/sbin/useradd /sbin/insserv /etc/init.d/boot.localfs
%package -n dbus-1-devel
Summary: Developer package for D-Bus
Group: Development/Libraries/Other
Requires: %{name} = %{version}
Requires: glibc-devel
%package -n dbus-1-devel-doc
Summary: Developer documentation package for D-Bus
Group: Development/Libraries/Other
Requires: %{name} = %{version}
%if 0%{?suse_version} >= 1120
BuildArch: noarch
%endif
%description
D-Bus is a message bus system, a simple way for applications to talk to
one another. D-Bus supplies both a system daemon and a
per-user-login-session daemon. Also, the message bus is built on top of
a general one-to-one message passing framework, which can be used by
any two apps to communicate directly (without going through the message
bus daemon).
%description -n dbus-1-devel
D-Bus is a message bus system, a simple way for applications to talk to
one another. D-Bus supplies both a system daemon and a
per-user-login-session daemon. Also, the message bus is built on top of
a general one-to-one message passing framework, which can be used by
any two apps to communicate directly (without going through the message
bus daemon).
%description -n dbus-1-devel-doc
D-Bus is a message bus system, a simple way for applications to talk to
one another. D-BUS supplies both a system daemon and a
per-user-login-session daemon. Also, the message bus is built on top of
a general one-to-one message passing framework, which can be used by
any two apps to communicate directly (without going through the message
bus daemon).
%prep
# COMMON2-BEGIN
%setup -n dbus-%{version} -q
%patch0 -p1
%patch1 -p1
%patch2 -p1
%patch3 -p1
%patch4 -p1
%patch5 -p1
%patch6 -p1
%build
autoreconf -fi
export CFLAGS="${RPM_OPT_FLAGS} -fno-strict-aliasing -fPIC"
export CXXFLAGS="${RPM_OPT_FLAGS} -fno-strict-aliasing"
%if 0%{?suse_version} > 1000
export CFLAGS="$CFLAGS -fstack-protector"
export CXXFLAGS="$CXXFLAGS -fstack-protector"
export V=1
%endif
%configure \
--disable-static \
--with-pic \
--bindir=/bin \
--libexecdir=/lib/%{name} \
--libdir=/%{_lib} \
--with-init-scripts=suse \
--enable-inotify \
--enable-doxygen-docs \
%if %{with selinux}
--enable-selinux \
%endif
--enable-libaudit \
--with-console-auth-dir=/var/run/dbus/at_console/ \
--with-systemdsystemunitdir=/lib/systemd/system
make %{?_smp_mflags}
doxygen -u && doxygen
./cleanup-man-pages.sh
%install
# COMMON2-END
make DESTDIR=%{buildroot} install
mkdir -p %{buildroot}/etc/init.d
mkdir -p %{buildroot}/usr/sbin
install -m 755 %{SOURCE1} %{buildroot}/%{_sysconfdir}/init.d/dbus
ln -sf %{_sysconfdir}/init.d/dbus %{buildroot}/%{_sbindir}/rcdbus
install -d %{buildroot}/%{_localstatedir}/run/dbus
mkdir -p %{buildroot}/%{_datadir}/susehelp/meta/Development/Libraries/
install -m 0644 %SOURCE2 \
%{buildroot}/%{_datadir}/susehelp/meta/Development/Libraries/dbus-1.desktop
mkdir -p %{buildroot}/%{_libdir}/pkgconfig
mkdir -p %{buildroot}/%{_datadir}/dbus-1/system-services
mkdir -p %{buildroot}/%{_datadir}/dbus-1/interfaces
mkdir -p %{buildroot}/%{_libdir}/dbus-1.0/include/
mv -f %{buildroot}/%{_lib}/dbus-1.0/include/* %{buildroot}/%{_libdir}/dbus-1.0/include/
rm -f %{buildroot}/%{_lib}/*.la
# devel stuff must not be in /lib
%{__ln_s} -v /%{_lib}/$(readlink %{buildroot}/%{_lib}/lib%{name}.so) %{buildroot}%{_libdir}/lib%{name}.so
%{__rm} -v %{buildroot}/%{_lib}/lib%{name}.so
# fix up pkgconfig file
sed -e 's@^\(libdir=\).*@\1%{_libdir}@' %{buildroot}/%{_lib}/pkgconfig/dbus-1.pc > %{buildroot}/%{_libdir}/pkgconfig/dbus-1.pc
rm -f %{buildroot}/%{_lib}/pkgconfig/dbus-1.pc
#
rm -f %{buildroot}/bin/dbus-launch
rm -f %{buildroot}/%{_mandir}/man1/dbus-launch.1*
chmod a-x AUTHORS COPYING HACKING NEWS README doc/*.txt doc/file-boilerplate.c doc/TODO
#
install -d %{buildroot}%{_sysconfdir}/ConsoleKit/run-session.d
install -m 755 %{SOURCE3} %{buildroot}%{_sysconfdir}/ConsoleKit/run-session.d
mkdir -p %{buildroot}%{_localstatedir}/lib/dbus
touch %{buildroot}/%{_localstatedir}/lib/dbus/machine-id
%clean
%{__rm} -rf %{buildroot}
%pre
/usr/sbin/groupadd -r messagebus 2> /dev/null || :
/usr/sbin/useradd -r -o -s /bin/false -c "User for D-Bus" -d /var/run/dbus -g messagebus messagebus 2> /dev/null || :
%if 0%{?suse_version:1}
%preun
%{stop_on_removal dbus}
%post
/bin/dbus-uuidgen --ensure
%{insserv_force_if_yast dbus}
/sbin/ldconfig
%{run_permissions}
%verifyscript
%verify_permissions -e /lib/dbus-1/dbus-daemon-launch-helper
%postun
%{insserv_cleanup}
/sbin/ldconfig
%endif
%files
%defattr(-, root, root)
%dir %{_datadir}/dbus-1
%dir %{_datadir}/dbus-1/services
%dir %{_datadir}/dbus-1/system-services
%dir %{_datadir}/dbus-1/interfaces
%dir %{_localstatedir}/lib/dbus
%dir /lib/dbus-1
%doc AUTHORS COPYING HACKING NEWS README
%dir %{_sysconfdir}/dbus-1
%dir %{_sysconfdir}/dbus-1/session.d
%dir %{_sysconfdir}/dbus-1/system.d
%config(noreplace) %{_sysconfdir}/dbus-1/session.conf
%config(noreplace) %{_sysconfdir}/dbus-1/system.conf
%{_sysconfdir}/init.d/dbus
%{_sysconfdir}/ConsoleKit
/bin/dbus-cleanup-sockets
/bin/dbus-daemon
/bin/dbus-monitor
/bin/dbus-send
/bin/dbus-uuidgen
/%{_lib}/libdbus-1.so.*
%{_mandir}/man1/dbus-cleanup-sockets.1.*
%{_mandir}/man1/dbus-daemon.1.*
%{_mandir}/man1/dbus-monitor.1.*
%{_mandir}/man1/dbus-send.1.*
%{_mandir}/man1/dbus-uuidgen.1.*
%{_sbindir}/rcdbus
# See doc/system-activation.txt in source tarball for the rationale
# behind these permissions
%attr(4750,root,messagebus) /lib/%{name}/dbus-daemon-launch-helper
%verify(not mode) /lib/%{name}/dbus-daemon-launch-helper
%ghost %{_localstatedir}/run/dbus
%ghost %{_localstatedir}/lib/dbus/machine-id
%dir /lib/systemd
%dir /lib/systemd/system
/lib/systemd/system/dbus.service
/lib/systemd/system/dbus.socket
%dir /lib/systemd/system/dbus.target.wants
/lib/systemd/system/dbus.target.wants/dbus.socket
%dir /lib/systemd/system/multi-user.target.wants
/lib/systemd/system/multi-user.target.wants/dbus.service
%dir /lib/systemd/system/sockets.target.wants
/lib/systemd/system/sockets.target.wants/dbus.socket
%files -n dbus-1-devel
%defattr(-,root,root)
%{_includedir}/*
%{_libdir}/libdbus-1.so
%dir %{_libdir}/dbus-1.0
%{_libdir}/dbus-1.0/include
%{_libdir}/pkgconfig/dbus-1.pc
%files -n dbus-1-devel-doc
%defattr(-,root,root)
%doc doc/api/html
%doc doc/*.txt doc/file-boilerplate.c doc/TODO
%{_datadir}/susehelp
%changelog
++++++ baselibs.conf ++++++
dbus-1
dbus-1-devel
++++++ dbus-1-x11.spec.in ++++++
#
# spec file for package dbus-1-x11 (Version 1.4.1)
#
# Copyright (c) 2011 SUSE LINUX Products GmbH, Nuernberg, Germany.
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
# upon. The license for this file, and modifications and additions to the
# file, is the same license as for the pristine package itself (unless the
# license for the pristine package is not an Open Source License, in which
# case the license is the MIT License). An "Open Source License" is a
# license that conforms to the Open Source Definition (Version 1.9)
# published by the Open Source Initiative.
# Please submit bugfixes or comments via http://bugs.opensuse.org/
#
# norootforbuild
Name: dbus-1-x11
BuildRequires: xorg-x11-devel
Url: http://dbus.freedesktop.org/
License: GNU General Public License (GPL), Other License(s), see package
Group: System/Daemons
Summary: D-Bus Message Bus System
# COMMON1-BEGIN
# COMMON1-END
%description
D-Bus contains some tools that require Xlib to be installed, those are
in this separate package so server systems need not install X.
%prep
# COMMON2-BEGIN
# COMMON2-END
tdir=$(mktemp -d)
make DESTDIR=$tdir install
mkdir -p %{buildroot}/%{_bindir}
mkdir -p %{buildroot}/%{_mandir}/man1
mv $tdir/bin/dbus-launch %{buildroot}/%{_bindir}
mv $tdir/%{_mandir}/man1/dbus-launch.1* %{buildroot}/%{_mandir}/man1
rm -rf $tdir
%clean
%{__rm} -rf %{buildroot}
%files
%defattr(-,root,root)
%{_bindir}/dbus-launch
%{_mandir}/man1/dbus-launch.1*
%changelog
++++++ dbus-1.2.10-fd-limit-backport.patch ++++++
Index: dbus-1.4.1/bus/bus.c
===================================================================
--- dbus-1.4.1.orig/bus/bus.c
+++ dbus-1.4.1/bus/bus.c
@@ -636,6 +636,24 @@ oom:
return FALSE;
}
+static void
+raise_file_descriptor_limit (BusContext *context)
+{
+
+ /* I just picked this out of thin air; we need some extra
+ * descriptors for things like any internal pipes we create,
+ * inotify, connections to SELinux, etc.
+ */
+ unsigned int arbitrary_extra_fds = 32;
+ unsigned int limit;
+
+ limit = context->limits.max_completed_connections +
+ context->limits.max_incomplete_connections
+ + arbitrary_extra_fds;
+
+ _dbus_request_file_descriptor_limit (limit);
+}
+
static dbus_bool_t
process_config_postinit (BusContext *context,
BusConfigParser *parser,
@@ -644,6 +662,8 @@ process_config_postinit (BusContext
DBusHashTable *service_context_table;
DBusList *watched_dirs = NULL;
+ raise_file_descriptor_limit (context);
+
service_context_table = bus_config_parser_steal_service_context_table (parser);
if (!bus_registry_set_service_context_table (context->registry,
service_context_table))
Index: dbus-1.4.1/configure.in
===================================================================
--- dbus-1.4.1.orig/configure.in
+++ dbus-1.4.1/configure.in
@@ -534,6 +534,8 @@ fi
AC_CHECK_HEADERS(dirent.h)
+AC_CHECK_HEADERS(sys/resource.h)
+
AC_CHECK_HEADERS(execinfo.h, [AC_CHECK_FUNCS(backtrace)])
AC_CHECK_HEADERS(errno.h)
Index: dbus-1.4.1/dbus/dbus-sysdeps.h
===================================================================
--- dbus-1.4.1.orig/dbus/dbus-sysdeps.h
+++ dbus-1.4.1/dbus/dbus-sysdeps.h
@@ -527,6 +527,8 @@ void _dbus_flush_caches (void);
const char *
_dbus_replace_install_prefix (const char *configure_time_path);
+void _dbus_request_file_descriptor_limit (unsigned int limit);
+
/** @} */
DBUS_END_DECLS
Index: dbus-1.4.1/dbus/dbus-sysdeps-util-unix.c
===================================================================
--- dbus-1.4.1.orig/dbus/dbus-sysdeps-util-unix.c
+++ dbus-1.4.1/dbus/dbus-sysdeps-util-unix.c
@@ -42,6 +42,9 @@
#include
From 4b351918b9f70eaedbdb3ab39208bc1f131efae0 Mon Sep 17 00:00:00 2001 From: Colin Walters
Date: Fri, 28 Sep 2012 01:35:22 +0000 Subject: hardening: Ensure _dbus_check_setuid() is initialized threadsafe manner
This is a highly theoretical concern, but we might as well.
https://bugs.freedesktop.org/show_bug.cgi?id=52202
---
diff --git a/dbus/dbus-sysdeps-pthread.c b/dbus/dbus-sysdeps-pthread.c
index c9ec9e5..c60457b 100644
--- a/dbus/dbus-sysdeps-pthread.c
+++ b/dbus/dbus-sysdeps-pthread.c
@@ -359,6 +359,11 @@ check_monotonic_clock (void)
dbus_bool_t
_dbus_threads_init_platform_specific (void)
{
+ /* These have static variables, and we need to handle both the case
+ * where dbus_threads_init() has been called and when it hasn't;
+ * so initialize them before any threads are allowed to enter.
+ */
check_monotonic_clock ();
+ (void) _dbus_check_setuid ();
return dbus_threads_init (&pthread_functions);
}
--
cgit v0.9.0.2-2-gbebe
++++++ dbus-cve-2012-3524-3.patch ++++++
--- a/bus/activation-helper.c 2012-10-10 15:30:26.858788089 +0200
+++ b/bus/activation-helper.c 2012-10-10 15:38:40.708201466 +0200
@@ -140,18 +140,13 @@
return desktop_file;
}
-/* Cleares the environment, except for DBUS_VERBOSE and DBUS_STARTER_x */
+/* Clears the environment, except for DBUS_STARTER_x */
static dbus_bool_t
clear_environment (DBusError *error)
{
const char *debug_env = NULL;
const char *starter_env = NULL;
-#ifdef DBUS_ENABLE_VERBOSE_MODE
- /* are we debugging */
- debug_env = _dbus_getenv ("DBUS_VERBOSE");
-#endif
-
/* we save the starter */
starter_env = _dbus_getenv ("DBUS_STARTER_ADDRESS");
@@ -165,12 +160,6 @@
}
#endif
-#ifdef DBUS_ENABLE_VERBOSE_MODE
- /* restore the debugging environment setting if set */
- if (debug_env)
- _dbus_setenv ("DBUS_VERBOSE", debug_env);
-#endif
-
/* restore the starter */
if (starter_env)
_dbus_setenv ("DBUS_STARTER_ADDRESS", starter_env);
++++++ dbus-cve-2012-3524-4.patch ++++++
--- a/bus/activation-helper.c 2012-10-10 15:41:47.706771251 +0200
+++ b/bus/activation-helper.c 2012-10-10 15:43:52.196814743 +0200
@@ -140,16 +140,12 @@
return desktop_file;
}
-/* Clears the environment, except for DBUS_STARTER_x */
+/* Clears the environment, except for DBUS_STARTER_x,
+ * which we hardcode to the system bus.
+ */
static dbus_bool_t
clear_environment (DBusError *error)
{
- const char *debug_env = NULL;
- const char *starter_env = NULL;
-
- /* we save the starter */
- starter_env = _dbus_getenv ("DBUS_STARTER_ADDRESS");
-
#ifndef ACTIVATION_LAUNCHER_TEST
/* totally clear the environment */
if (!_dbus_clearenv ())
@@ -160,11 +156,8 @@
}
#endif
- /* restore the starter */
- if (starter_env)
- _dbus_setenv ("DBUS_STARTER_ADDRESS", starter_env);
-
- /* set the type, which must be system if we got this far */
+ /* Ensure the bus is set to system */
+ _dbus_setenv ("DBUS_STARTER_ADDRESS", DBUS_SYSTEM_BUS_DEFAULT_ADDRESS);
_dbus_setenv ("DBUS_STARTER_BUS_TYPE", "system");
return TRUE;
++++++ dbus-log-deny.patch ++++++
--- a/bus/system.conf.in
+++ b/bus/system.conf.in
@@ -48,7 +48,7 @@
<!-- Holes must be punched in service configuration files for
name ownership and sending method calls -->
<deny own="*"/>
- <deny send_type="method_call"/>
+ <deny send_type="method_call" log="true"/>
<!-- Signals and reply messages (method returns, errors) are allowed
by default -->
++++++ dbus_at_console.ck ++++++
#!/bin/bash
#
# use consolekit to support legacy at_console setting
#
reason="$1"
dir=/var/run/dbus/at_console
# for at_console we are only interested in local sessions
test "$CK_SESSION_IS_LOCAL" = true || exit 0
test "$reason" = "session_added" -o "$reason" = "session_removed" || exit 0
sessid=${CK_SESSION_ID##*/}
sessid=${sessid//[^A-Za-z0-9]/_}
test -n "$sessid" || exit 1
name=`getent passwd "$CK_SESSION_USER_UID" 2>/dev/null | awk -F: '{print $1}'`
test -n "$name" || exit 1
if test "$reason" = "session_added"; then
mkdir -p "$dir/$name"
touch "$dir/$name/$sessid"
else
rm "$dir/$name/$sessid"
rmdir "$dir/$name"
fi
++++++ pre_checkin.sh ++++++
#!/bin/bash
# vim:sw=4 et
# This script is called automatically during autobuild checkin.
cp -lf dbus-1.changes dbus-1-x11.changes
for spec in dbus-1-x11.spec; do
cp -f $spec.in $spec
for n in $(seq 1 10); do
grep -q "COMMON$n-BEGIN" dbus-1.spec || continue
{ sed -n -e "1,/COMMON$n-BEGIN/p" $spec
sed -n -e "/COMMON$n-BEGIN/,/COMMON$n-END/p" dbus-1.spec
sed -n -e "/COMMON$n-END/,\$p" $spec.in; } > $spec.tmp && mv $spec.tmp $spec
done
# assuming hilbert has no such dir
#if test -x /mounts/work/src/bin/tools/prepare_spec; then
# /mounts/work/src/bin/tools/prepare_spec $spec > $spec.tmp && mv $spec.tmp $spec
#fi
done
++++++ rc.boot.dbus ++++++
#!/bin/sh
# Author: Timo Hoenig
participants (1)
-
root@hilbert.suse.de