diff --git a/systemd-mini.changes b/systemd-mini.changes index adc89a3..86dc393 100644 --- a/systemd-mini.changes +++ b/systemd-mini.changes @@ -1,3 +1,75 @@ +------------------------------------------------------------------- +Mon Jul 22 15:29:51 UTC 2019 - Franck Bui + +- Import commit 0f9271c1336c5c9055e75389732a44745d796851 (changes from v242-stable) + + 07f0549ffe network: do not send ipv6 token to kernel + 9d34e79ae8 systemd-mount: don't check for non-normalized WHAT for network FS + 5af677680c core: set fs.file-max sysctl to LONG_MAX rather than ULONG_MAX (bsc#1142099) + 29dda7597a random-util: eat up bad RDRAND values seen on AMD CPUs + eb6c17c178 util-lib: fix a typo in rdrand + 829c20dc8e random-util: rename "err" to "success" + 5442366fbf man: rework the description of Aliases and .wants/.requires directories + ae71c6f634 docs: typo in arg name replace-irreversible -> replace-irreversibly + 09774a5fcb meson: make nologin path build time configurable + 69ffeeb0b1 man: add note about systemctl stop return value + 4cf14b5513 shared/conf-parser: say "key name" not "lvalue", add dot + 4481ca7f86 shared/conf-parser: emit a nicer warning for something like "======" + 46f3db894b shared/conf-parser: be nice and ignore lines without "=" + 7d928995f7 nspawn: fix memleak in argument parsing + 7727e6c0ae resolve: fix memleak + 7f32a81976 journal: properly read unaligned le64 integers + fa419099e5 activate: move array allocation to heap + 815a9fef2a systemctl: print non-elapsing timers as "n/a" not "(null)" + a4fc3c88f1 factory: include pam_keyinit.so in PAM factory configuration + a453d63315 factory: add comment to PAM file, explaining that the defaults are not useful + d9a5a70a59 factory: tighten PAM configuration + 5e2d3bf80b test: make sure colors don't confuse our test + 5fe3be1334 wait-online: change log level + c49b6959d5 systemctl: emit warning when we get an invalid process entry from pid1 and continue + 3c9f43eb03 systemctl: do not suggest passing --all if the user passed --state= + 5964d1474e man: offline-updates: make dependence on system-update.target explicit + a04dd26e03 alloc-util: drop _alloc_ decorator from memdup_suffix0() + 7c46a694ca man: add example for setting multiple properties at once + 1d72789271 man: CPUShares= is so 2015 + 45da304673 man: document that WakeSystem= requires privs + bed58a06e4 man: document that "systemd-analyze blame/critical-chain" is not useful to track down job latency + c5461f31b3 man: be more explicit that Type=oneshot services are not "active" after starting + 455ee07abe man: document that the supplementary groups list is initialized from User='s database entry + 5f0cb2616a alloc-util: drop _alloc_(2, 3) decorator from memdup_suffix0_multiply() + 7bc336794d generator: downgrade Requires= → Wants= of fsck from /usr mount unit + 66465c4381 systemctl: allow "cat" on units with bad settings + ca937b49da pid1: fix serialization/deserialization of commmands with spaces + 4bb3113023 growfs: call crypt_set_debug_level() correctly, skip if not needed + 0db716771e cryptsetup: enable libcryptsetup debug logging if we want it + c8b9b3956f cryptsetup: set libcryptsetup global log callback too + 679b3f6b7f basic/log: fix SYSTEMD_LOG_* parsing error messages + 8d6b5158aa units: add SystemCallErrorNumber=EPERM to systemd-portabled.service + 6681fcd445 network: fix the initial value of the counter for brvlan + 853ec5f458 man: Add some notes about variable $prefix for StateDirectory= + e6d23358e9 sd-netlink: fix inverted log message + 6feb862407 blockdev: filter out invalid block devices early + 9f7c0dbc75 blockdev-util: propagate actual error + 3f5355bcb9 man: document tmpfiles.d/ user/group resolvability needs + c15b92cd98 man: fix wrong udev property name + 9768a900d6 meson: drop duplicated source + 15194f22ed cryptsetup-generator: fix luks-* entry parsing from crypttab + c2475390b4 core: skip whitespace after "|" and "!" in the condition parser + fdc754aeb7 shared/condition: fix printing of ConditionNull= + 572385e135 test: add testcase for issue #12883 + 9aa1edddb0 conf-parser: fix continuation handling + 8fbc72f45f networkd: fix link_up() (#12505) + +------------------------------------------------------------------- +Mon Jul 1 15:14:58 UTC 2019 - Franck Bui + +- State directory of systemd-timesync might become inaccessible after upgrading to v240+ (bsc#1137341) + + This happens for users who had previously used systemd-timesync with + DynamicUser=true, ie the ones who upgraded from a systemd version + between v235 and v239 to systemd v240 and later (v240 was the + version where DynamicUser was switched back to OFF). + ------------------------------------------------------------------- Tue May 28 11:53:30 UTC 2019 - Franck Bui diff --git a/systemd-mini.spec b/systemd-mini.spec index bb101f9..2870893 100644 --- a/systemd-mini.spec +++ b/systemd-mini.spec @@ -26,7 +26,7 @@ ##### WARNING: please do not edit this auto generated spec file. Use the systemd.spec! ##### %define mini -mini %define min_kernel_version 4.5 -%define suse_version +suse.77.geaa7b8b148 +%define suse_version +suse.135.g0f9271c133 %bcond_with gnuefi %if 0%{?bootstrap} @@ -763,6 +763,17 @@ for username in $(ls /var/lib/systemd/linger/* 2>/dev/null); do chmod 0644 $username done +# Due to the fact that DynamicUser= was turned ON during v235 and then +# switched back to off in v240, /var/lib/systemd/timesync might be a +# symlink pointing to /var/lib/private/systemd/timesync, which is +# inaccessible for systemd-timesync user as /var/lib/private is 0700 +# root:root, see https://github.com/systemd/systemd/issues/11329 for +# details. Note: only TW users might be affected by this bug. +if [ -L %{_localstatedir}/lib/systemd/timesync ]; then + rm %{_localstatedir}/lib/systemd/timesync + mv %{_localstatedir}/lib/private/systemd/timesync %{_localstatedir}/lib/systemd/timesync +fi + # This includes all hacks needed when upgrading from SysV. %{_prefix}/lib/systemd/scripts/upgrade-from-pre-210.sh || : diff --git a/systemd-v242+suse.135.g0f9271c133.tar.xz b/systemd-v242+suse.135.g0f9271c133.tar.xz new file mode 100644 index 0000000..eadc9ec --- /dev/null +++ b/systemd-v242+suse.135.g0f9271c133.tar.xz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:383bf8d4d50df8d334449ce7135d4de33e5c386109791914c6e6c4474bd2f5db +size 5325036 diff --git a/systemd-v242+suse.77.geaa7b8b148.tar.xz b/systemd-v242+suse.77.geaa7b8b148.tar.xz deleted file mode 100644 index a33f98d..0000000 --- a/systemd-v242+suse.77.geaa7b8b148.tar.xz +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:2dbfb5d5a7c25807a420b63449cb2e275f610c31c3bdcdd84264c17797617a3d -size 5322904 diff --git a/systemd.changes b/systemd.changes index adc89a3..86dc393 100644 --- a/systemd.changes +++ b/systemd.changes @@ -1,3 +1,75 @@ +------------------------------------------------------------------- +Mon Jul 22 15:29:51 UTC 2019 - Franck Bui + +- Import commit 0f9271c1336c5c9055e75389732a44745d796851 (changes from v242-stable) + + 07f0549ffe network: do not send ipv6 token to kernel + 9d34e79ae8 systemd-mount: don't check for non-normalized WHAT for network FS + 5af677680c core: set fs.file-max sysctl to LONG_MAX rather than ULONG_MAX (bsc#1142099) + 29dda7597a random-util: eat up bad RDRAND values seen on AMD CPUs + eb6c17c178 util-lib: fix a typo in rdrand + 829c20dc8e random-util: rename "err" to "success" + 5442366fbf man: rework the description of Aliases and .wants/.requires directories + ae71c6f634 docs: typo in arg name replace-irreversible -> replace-irreversibly + 09774a5fcb meson: make nologin path build time configurable + 69ffeeb0b1 man: add note about systemctl stop return value + 4cf14b5513 shared/conf-parser: say "key name" not "lvalue", add dot + 4481ca7f86 shared/conf-parser: emit a nicer warning for something like "======" + 46f3db894b shared/conf-parser: be nice and ignore lines without "=" + 7d928995f7 nspawn: fix memleak in argument parsing + 7727e6c0ae resolve: fix memleak + 7f32a81976 journal: properly read unaligned le64 integers + fa419099e5 activate: move array allocation to heap + 815a9fef2a systemctl: print non-elapsing timers as "n/a" not "(null)" + a4fc3c88f1 factory: include pam_keyinit.so in PAM factory configuration + a453d63315 factory: add comment to PAM file, explaining that the defaults are not useful + d9a5a70a59 factory: tighten PAM configuration + 5e2d3bf80b test: make sure colors don't confuse our test + 5fe3be1334 wait-online: change log level + c49b6959d5 systemctl: emit warning when we get an invalid process entry from pid1 and continue + 3c9f43eb03 systemctl: do not suggest passing --all if the user passed --state= + 5964d1474e man: offline-updates: make dependence on system-update.target explicit + a04dd26e03 alloc-util: drop _alloc_ decorator from memdup_suffix0() + 7c46a694ca man: add example for setting multiple properties at once + 1d72789271 man: CPUShares= is so 2015 + 45da304673 man: document that WakeSystem= requires privs + bed58a06e4 man: document that "systemd-analyze blame/critical-chain" is not useful to track down job latency + c5461f31b3 man: be more explicit that Type=oneshot services are not "active" after starting + 455ee07abe man: document that the supplementary groups list is initialized from User='s database entry + 5f0cb2616a alloc-util: drop _alloc_(2, 3) decorator from memdup_suffix0_multiply() + 7bc336794d generator: downgrade Requires= → Wants= of fsck from /usr mount unit + 66465c4381 systemctl: allow "cat" on units with bad settings + ca937b49da pid1: fix serialization/deserialization of commmands with spaces + 4bb3113023 growfs: call crypt_set_debug_level() correctly, skip if not needed + 0db716771e cryptsetup: enable libcryptsetup debug logging if we want it + c8b9b3956f cryptsetup: set libcryptsetup global log callback too + 679b3f6b7f basic/log: fix SYSTEMD_LOG_* parsing error messages + 8d6b5158aa units: add SystemCallErrorNumber=EPERM to systemd-portabled.service + 6681fcd445 network: fix the initial value of the counter for brvlan + 853ec5f458 man: Add some notes about variable $prefix for StateDirectory= + e6d23358e9 sd-netlink: fix inverted log message + 6feb862407 blockdev: filter out invalid block devices early + 9f7c0dbc75 blockdev-util: propagate actual error + 3f5355bcb9 man: document tmpfiles.d/ user/group resolvability needs + c15b92cd98 man: fix wrong udev property name + 9768a900d6 meson: drop duplicated source + 15194f22ed cryptsetup-generator: fix luks-* entry parsing from crypttab + c2475390b4 core: skip whitespace after "|" and "!" in the condition parser + fdc754aeb7 shared/condition: fix printing of ConditionNull= + 572385e135 test: add testcase for issue #12883 + 9aa1edddb0 conf-parser: fix continuation handling + 8fbc72f45f networkd: fix link_up() (#12505) + +------------------------------------------------------------------- +Mon Jul 1 15:14:58 UTC 2019 - Franck Bui + +- State directory of systemd-timesync might become inaccessible after upgrading to v240+ (bsc#1137341) + + This happens for users who had previously used systemd-timesync with + DynamicUser=true, ie the ones who upgraded from a systemd version + between v235 and v239 to systemd v240 and later (v240 was the + version where DynamicUser was switched back to OFF). + ------------------------------------------------------------------- Tue May 28 11:53:30 UTC 2019 - Franck Bui diff --git a/systemd.spec b/systemd.spec index 4559a52..352e67a 100644 --- a/systemd.spec +++ b/systemd.spec @@ -24,7 +24,7 @@ %define bootstrap 0 %define mini %nil %define min_kernel_version 4.5 -%define suse_version +suse.77.geaa7b8b148 +%define suse_version +suse.135.g0f9271c133 %bcond_with gnuefi %if 0%{?bootstrap} @@ -761,6 +761,17 @@ for username in $(ls /var/lib/systemd/linger/* 2>/dev/null); do chmod 0644 $username done +# Due to the fact that DynamicUser= was turned ON during v235 and then +# switched back to off in v240, /var/lib/systemd/timesync might be a +# symlink pointing to /var/lib/private/systemd/timesync, which is +# inaccessible for systemd-timesync user as /var/lib/private is 0700 +# root:root, see https://github.com/systemd/systemd/issues/11329 for +# details. Note: only TW users might be affected by this bug. +if [ -L %{_localstatedir}/lib/systemd/timesync ]; then + rm %{_localstatedir}/lib/systemd/timesync + mv %{_localstatedir}/lib/private/systemd/timesync %{_localstatedir}/lib/systemd/timesync +fi + # This includes all hacks needed when upgrading from SysV. %{_prefix}/lib/systemd/scripts/upgrade-from-pre-210.sh || :