Hello community,
here is the log from the commit of package systemd for openSUSE:Factory checked in at 2014-05-17 21:46:37
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/systemd (Old)
and /work/SRC/openSUSE:Factory/.systemd.new (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "systemd"
Changes:
--------
--- /work/SRC/openSUSE:Factory/systemd/systemd-mini.changes 2014-05-13 20:46:26.000000000 +0200
+++ /work/SRC/openSUSE:Factory/.systemd.new/systemd-mini.changes 2014-05-17 21:46:47.000000000 +0200
@@ -1,0 +2,22 @@
+Fri May 16 12:00:12 UTC 2014 - werner@suse.de
+
+- Make baselibs.conf aware to use the appropiate %post and %postun
+ scriptlets which includes pam-config (bnc#877674)
+
+-------------------------------------------------------------------
+Fri May 16 11:47:06 UTC 2014 - werner@suse.de
+
+- Add upstram patches
+ 0001-core-close-socket-fds-asynchronously.patch
+ 0002-logind-bring-polkit-policy-for-hibernate-in-line-wit.patch
+ 0003-core-make-sure-to-serialize-jobs-for-all-units.patch
+
+-------------------------------------------------------------------
+Wed May 14 07:37:08 UTC 2014 - werner@suse.de
+
+- Add upstram patches
+ 0001-replace-more-dup-by-F_DUPFD_CLOEXEC.patch
+ 0002-pam_systemd-use-F_DUPFD_CLOEXEC-when-dupping-session.patch
+ to avoid that in pam session unwanted file descriptors are inherited
+
+-------------------------------------------------------------------
systemd.changes: same change
New:
----
0001-core-close-socket-fds-asynchronously.patch
0001-replace-more-dup-by-F_DUPFD_CLOEXEC.patch
0002-logind-bring-polkit-policy-for-hibernate-in-line-wit.patch
0002-pam_systemd-use-F_DUPFD_CLOEXEC-when-dupping-session.patch
0003-core-make-sure-to-serialize-jobs-for-all-units.patch
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ systemd-mini.spec ++++++
--- /var/tmp/diff_new_pack.jmQuKq/_old 2014-05-17 21:46:50.000000000 +0200
+++ /var/tmp/diff_new_pack.jmQuKq/_new 2014-05-17 21:46:50.000000000 +0200
@@ -429,6 +429,16 @@
Patch218: 0005-backlight-handle-saved-brightness-exceeding-max-brig.patch
# PATCH-FIX-SUSE Do not poison kmsg ring buffer with systemd/udev messages (bnc#877021)
Patch219: log-target-null-instead-kmsg.patch
+# PATCH-FIX-UPSTREAM added at 2014/05/14
+Patch220: 0001-replace-more-dup-by-F_DUPFD_CLOEXEC.patch
+# PATCH-FIX-UPSTREAM added at 2014/05/14
+Patch221: 0002-pam_systemd-use-F_DUPFD_CLOEXEC-when-dupping-session.patch
+# PATCH-FIX-UPSTREAM added at 2014/05/16
+Patch222: 0001-core-close-socket-fds-asynchronously.patch
+# PATCH-FIX-UPSTREAM added at 2014/05/16
+Patch223: 0002-logind-bring-polkit-policy-for-hibernate-in-line-wit.patch
+# PATCH-FIX-UPSTREAM added at 2014/05/16
+Patch224: 0003-core-make-sure-to-serialize-jobs-for-all-units.patch
# UDEV PATCHES
# ============
@@ -833,6 +843,11 @@
%patch217 -p0
%patch218 -p0
%patch219 -p1
+%patch220 -p0
+%patch221 -p0
+%patch222 -p0
+%patch223 -p0
+%patch224 -p0
# udev patches
%patch1001 -p1
++++++ systemd.spec ++++++
--- /var/tmp/diff_new_pack.jmQuKq/_old 2014-05-17 21:46:50.000000000 +0200
+++ /var/tmp/diff_new_pack.jmQuKq/_new 2014-05-17 21:46:50.000000000 +0200
@@ -424,6 +424,16 @@
Patch218: 0005-backlight-handle-saved-brightness-exceeding-max-brig.patch
# PATCH-FIX-SUSE Do not poison kmsg ring buffer with systemd/udev messages (bnc#877021)
Patch219: log-target-null-instead-kmsg.patch
+# PATCH-FIX-UPSTREAM added at 2014/05/14
+Patch220: 0001-replace-more-dup-by-F_DUPFD_CLOEXEC.patch
+# PATCH-FIX-UPSTREAM added at 2014/05/14
+Patch221: 0002-pam_systemd-use-F_DUPFD_CLOEXEC-when-dupping-session.patch
+# PATCH-FIX-UPSTREAM added at 2014/05/16
+Patch222: 0001-core-close-socket-fds-asynchronously.patch
+# PATCH-FIX-UPSTREAM added at 2014/05/16
+Patch223: 0002-logind-bring-polkit-policy-for-hibernate-in-line-wit.patch
+# PATCH-FIX-UPSTREAM added at 2014/05/16
+Patch224: 0003-core-make-sure-to-serialize-jobs-for-all-units.patch
# UDEV PATCHES
# ============
@@ -828,6 +838,11 @@
%patch217 -p0
%patch218 -p0
%patch219 -p1
+%patch220 -p0
+%patch221 -p0
+%patch222 -p0
+%patch223 -p0
+%patch224 -p0
# udev patches
%patch1001 -p1
++++++ 0001-core-close-socket-fds-asynchronously.patch ++++++
Based on 574634bcacb01efe15ca2742effd461a5b7afb5f Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?=
From ead349509e325aad720bb0349521a9e56e2ac7c0 Mon Sep 17 00:00:00 2001 From: Lennart Poettering
Date: Tue, 13 May 2014 16:40:53 +0200 Subject: [PATCH] replace more dup() by F_DUPFD_CLOEXEC
--- src/login/inhibit.c | 2 +- src/shared/install.c | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git src/login/inhibit.c src/login/inhibit.c index 48c2ec4..ae3afdf 100644 --- src/login/inhibit.c +++ src/login/inhibit.c @@ -64,7 +64,7 @@ static int inhibit(sd_bus *bus, sd_bus_error *error) { if (r < 0) return r; - r = dup(fd); + r = fcntl(fd, F_DUPFD_CLOEXEC, 3); if (r < 0) return -errno; diff --git src/shared/install.c src/shared/install.c index acfba25..9ce9403 100644 --- src/shared/install.c +++ src/shared/install.c @@ -332,7 +332,7 @@ static int remove_marked_symlinks( int q, cfd; deleted = false; - cfd = dup(fd); + cfd = fcntl(fd, F_DUPFD_CLOEXEC, 3); if (cfd < 0) { r = -errno; break; -- 1.7.9.2 ++++++ 0002-logind-bring-polkit-policy-for-hibernate-in-line-wit.patch ++++++
From 301f9684e6465df5d0590f6c571fe3229ded966d Mon Sep 17 00:00:00 2001 From: Lennart Poettering
Date: Thu, 15 May 2014 18:30:07 +0200 Subject: [PATCH] logind: bring polkit policy for hibernate in line with suspend/poweroff/reboot
THere's no reason why hibernate should be better protected then
suspendor poweroff, so sync the policies.
---
src/login/org.freedesktop.login1.policy.in | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git src/login/org.freedesktop.login1.policy.in src/login/org.freedesktop.login1.policy.in
index b96d32d..b8e90f1 100644
--- src/login/org.freedesktop.login1.policy.in
+++ src/login/org.freedesktop.login1.policy.in
@@ -254,7 +254,7 @@
<defaults>
From 85c08dc013f9f99b58bc9b79284af0b35304237b Mon Sep 17 00:00:00 2001 From: Lennart Poettering
Date: Tue, 13 May 2014 16:35:34 +0200 Subject: [PATCH] pam_systemd: use F_DUPFD_CLOEXEC when dupping session fds
http://lists.freedesktop.org/archives/systemd-devel/2014-May/019034.html --- src/login/pam-module.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git src/login/pam-module.c src/login/pam-module.c index 9873dd5..1259457 100644 --- src/login/pam-module.c +++ src/login/pam-module.c @@ -475,7 +475,7 @@ _public_ PAM_EXTERN int pam_sm_open_session( } if (session_fd >= 0) { - session_fd = dup(session_fd); + session_fd = fcntl(session_fd, F_DUPFD_CLOEXEC, 3); if (session_fd < 0) { pam_syslog(handle, LOG_ERR, "Failed to dup session fd: %m"); return PAM_SESSION_ERR; -- 1.7.9.2 ++++++ 0003-core-make-sure-to-serialize-jobs-for-all-units.patch ++++++
From 9bdb98c59451ed090f8d35d470a54710f389ce71 Mon Sep 17 00:00:00 2001 From: Lennart Poettering
Date: Fri, 16 May 2014 01:15:03 +0200 Subject: [PATCH] core: make sure to serialize jobs for all units
Previously we wouldn't serialize jobs for units that themselves have nothing to serialize. http://lists.freedesktop.org/archives/systemd-devel/2014-May/019051.html --- src/core/manager.c | 3 --- src/core/unit.c | 43 +++++++++++++++++++++---------------------- 2 files changed, 21 insertions(+), 25 deletions(-) diff --git src/core/manager.c src/core/manager.c index 1e3e127..d0af674 100644 --- src/core/manager.c +++ src/core/manager.c @@ -2131,9 +2131,6 @@ int manager_serialize(Manager *m, FILE *f, FDSet *fds, bool switching_root) { if (u->id != t) continue; - if (!unit_can_serialize(u)) - continue; - /* Start marker */ fputs(u->id, f); fputc('\n', f); diff --git src/core/unit.c src/core/unit.c index c4ed923..41651ba 100644 --- src/core/unit.c +++ src/core/unit.c @@ -2288,25 +2288,25 @@ bool unit_can_serialize(Unit *u) { } int unit_serialize(Unit *u, FILE *f, FDSet *fds, bool serialize_jobs) { - ExecRuntime *rt; int r; assert(u); assert(f); assert(fds); - if (!unit_can_serialize(u)) - return 0; - - r = UNIT_VTABLE(u)->serialize(u, f, fds); - if (r < 0) - return r; + if (unit_can_serialize(u)) { + ExecRuntime *rt; - rt = unit_get_exec_runtime(u); - if (rt) { - r = exec_runtime_serialize(rt, u, f, fds); + r = UNIT_VTABLE(u)->serialize(u, f, fds); if (r < 0) return r; + + rt = unit_get_exec_runtime(u); + if (rt) { + r = exec_runtime_serialize(rt, u, f, fds); + if (r < 0) + return r; + } } dual_timestamp_serialize(f, "inactive-exit-timestamp", &u->inactive_exit_timestamp); @@ -2368,17 +2368,14 @@ void unit_serialize_item(Unit *u, FILE *f, const char *key, const char *value) { } int unit_deserialize(Unit *u, FILE *f, FDSet *fds) { - size_t offset; ExecRuntime **rt = NULL; + size_t offset; int r; assert(u); assert(f); assert(fds); - if (!unit_can_serialize(u)) - return 0; - offset = UNIT_VTABLE(u)->exec_runtime_offset; if (offset > 0) rt = (ExecRuntime**) ((uint8_t*) u + offset); @@ -2503,17 +2500,19 @@ int unit_deserialize(Unit *u, FILE *f, FDSet *fds) { continue; } - if (rt) { - r = exec_runtime_deserialize_item(rt, u, l, v, fds); + if (unit_can_serialize(u)) { + if (rt) { + r = exec_runtime_deserialize_item(rt, u, l, v, fds); + if (r < 0) + return r; + if (r > 0) + continue; + } + + r = UNIT_VTABLE(u)->deserialize_item(u, l, v, fds); if (r < 0) return r; - if (r > 0) - continue; } - - r = UNIT_VTABLE(u)->deserialize_item(u, l, v, fds); - if (r < 0) - return r; } } -- 1.7.9.2 ++++++ baselibs.conf ++++++ --- /var/tmp/diff_new_pack.jmQuKq/_old 2014-05-17 21:46:50.000000000 +0200 +++ /var/tmp/diff_new_pack.jmQuKq/_new 2014-05-17 21:46:50.000000000 +0200 @@ -1,6 +1,10 @@ systemd supplements "packageand(systemd:pam-<targettype>)" -/lib/systemd/system/ + post "<prefix>%{_sbindir}/pam-config -a --systemd || :" +# postun "if [ "$1" == "0" ]; then" +# postun "<prefix>%{_sbindir}/pam-config -d --systemd || :" +# postun "fi" libudev0 libgudev-1_0-0 libudev1 -- To unsubscribe, e-mail: opensuse-commit+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-commit+help@opensuse.org