.
OBS-URL: https://build.opensuse.org/package/show/Base:System/systemd?expand=0&rev=700
This commit is contained in:
parent
1e3eb528eb
commit
5d469dc93d
@ -0,0 +1,26 @@
|
|||||||
|
Based on 1f97091d3cb0887c264176b47b0a86c269acf0b5 Mon Sep 17 00:00:00 2001
|
||||||
|
From: Lennart Poettering <lennart@poettering.net>
|
||||||
|
Date: Fri, 27 Jun 2014 18:34:37 +0200
|
||||||
|
Subject: [PATCH] main: uid_to_name() might fail due to OOM, protect against
|
||||||
|
that
|
||||||
|
|
||||||
|
---
|
||||||
|
src/core/main.c | 7 ++++---
|
||||||
|
1 file changed, 4 insertions(+), 3 deletions(-)
|
||||||
|
|
||||||
|
--- src/core/main.c
|
||||||
|
+++ src/core/main.c 2014-07-01 12:25:17.906235000 +0000
|
||||||
|
@@ -1525,9 +1525,10 @@ int main(int argc, char *argv[]) {
|
||||||
|
log_info("Running in initial RAM disk.");
|
||||||
|
|
||||||
|
} else {
|
||||||
|
- _cleanup_free_ char *t = uid_to_name(getuid());
|
||||||
|
- log_debug(PACKAGE_STRING " running in user mode for user "UID_FMT"/%s. (" SYSTEMD_FEATURES ")",
|
||||||
|
- getuid(), t);
|
||||||
|
+ _cleanup_free_ char *t;
|
||||||
|
+
|
||||||
|
+ t = uid_to_name(getuid());
|
||||||
|
+ log_debug(PACKAGE_STRING " running in user mode for user "UID_FMT"/%s. (" SYSTEMD_FEATURES ")", getuid(), strna(t));
|
||||||
|
}
|
||||||
|
|
||||||
|
if (arg_running_as == SYSTEMD_SYSTEM && !skip_setup) {
|
30
0002-journald-make-MaxFileSec-really-default-to-1month.patch
Normal file
30
0002-journald-make-MaxFileSec-really-default-to-1month.patch
Normal file
@ -0,0 +1,30 @@
|
|||||||
|
Based on e150e82097211f09b911c7784a89ef9efed713ca Mon Sep 17 00:00:00 2001
|
||||||
|
From: =?UTF-8?q?Micha=C5=82=20Bartoszkiewicz?= <mbartoszkiewicz@gmail.com>
|
||||||
|
Date: Thu, 26 Jun 2014 22:11:35 +0200
|
||||||
|
Subject: [PATCH] journald: make MaxFileSec really default to 1month
|
||||||
|
|
||||||
|
journald.conf(5) states that the default for MaxFileSec is one month,
|
||||||
|
but the code didn't respect that.
|
||||||
|
---
|
||||||
|
src/journal/journald-server.c | 3 +++
|
||||||
|
1 file changed, 3 insertions(+)
|
||||||
|
|
||||||
|
--- src/journal/journald-server.c
|
||||||
|
+++ src/journal/journald-server.c 2014-07-01 12:28:25.506735287 +0000
|
||||||
|
@@ -68,6 +68,7 @@
|
||||||
|
#define DEFAULT_SYNC_INTERVAL_USEC (5*USEC_PER_MINUTE)
|
||||||
|
#define DEFAULT_RATE_LIMIT_INTERVAL (30*USEC_PER_SEC)
|
||||||
|
#define DEFAULT_RATE_LIMIT_BURST 1000
|
||||||
|
+#define DEFAULT_MAX_FILE_USEC USEC_PER_MONTH
|
||||||
|
|
||||||
|
#define RECHECK_AVAILABLE_SPACE_USEC (30*USEC_PER_SEC)
|
||||||
|
|
||||||
|
@@ -1496,6 +1497,8 @@ int server_init(Server *s) {
|
||||||
|
|
||||||
|
s->forward_to_syslog = true;
|
||||||
|
|
||||||
|
+ s->max_file_usec = DEFAULT_MAX_FILE_USEC;
|
||||||
|
+
|
||||||
|
s->max_level_store = LOG_DEBUG;
|
||||||
|
s->max_level_syslog = LOG_DEBUG;
|
||||||
|
s->max_level_kmsg = LOG_NOTICE;
|
@ -0,0 +1,65 @@
|
|||||||
|
Based on 0fdeb6e011dfdb17636c81e2d7e0d632186359ce Mon Sep 17 00:00:00 2001
|
||||||
|
From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= <zbyszek@in.waw.pl>
|
||||||
|
Date: Sat, 28 Jun 2014 00:06:30 -0400
|
||||||
|
Subject: [PATCH] units: remove RefuseManualStart from units which are always
|
||||||
|
around
|
||||||
|
|
||||||
|
In a normal running system, non-passive targets and units used during
|
||||||
|
early bootup are always started. So refusing "manual start" for them
|
||||||
|
doesn't make any difference, because a "start" command doesn't cause
|
||||||
|
any action.
|
||||||
|
|
||||||
|
In early boot however, the administrator might want to start on
|
||||||
|
of those targets or services by hand. We shouldn't interfere with that.
|
||||||
|
|
||||||
|
Note: in case of systemd-tmpfiles-setup.service, really running the
|
||||||
|
unit after system is up would break the system. So e.g. restarting
|
||||||
|
should not be allowed. The unit has "RefuseManualStop=yes", which
|
||||||
|
prevents restart too.
|
||||||
|
---
|
||||||
|
units/basic.target | 1 -
|
||||||
|
units/sysinit.target | 1 -
|
||||||
|
units/systemd-tmpfiles-setup.service.in | 1 -
|
||||||
|
units/user/basic.target | 1 -
|
||||||
|
4 files changed, 4 deletions(-)
|
||||||
|
|
||||||
|
diff --git units/basic.target units/basic.target
|
||||||
|
index d7c68f4..b890d48 100644
|
||||||
|
--- units/basic.target
|
||||||
|
+++ units/basic.target
|
||||||
|
@@ -11,4 +11,3 @@ Documentation=man:systemd.special(7)
|
||||||
|
Requires=sysinit.target
|
||||||
|
Wants=sockets.target timers.target paths.target slices.target
|
||||||
|
After=sysinit.target sockets.target timers.target paths.target slices.target
|
||||||
|
-RefuseManualStart=yes
|
||||||
|
diff --git units/sysinit.target units/sysinit.target
|
||||||
|
index 8f4fb8f..ec33503 100644
|
||||||
|
--- units/sysinit.target
|
||||||
|
+++ units/sysinit.target
|
||||||
|
@@ -11,4 +11,3 @@ Documentation=man:systemd.special(7)
|
||||||
|
Conflicts=emergency.service emergency.target
|
||||||
|
Wants=local-fs.target swap.target
|
||||||
|
After=local-fs.target swap.target emergency.service emergency.target
|
||||||
|
-RefuseManualStart=yes
|
||||||
|
--- units/systemd-tmpfiles-setup.service.in
|
||||||
|
+++ units/systemd-tmpfiles-setup.service.in 2014-07-01 12:17:48.154235348 +0000
|
||||||
|
@@ -18,7 +18,6 @@ ConditionDirectoryNotEmpty=|/lib/tmpfile
|
||||||
|
ConditionDirectoryNotEmpty=|/usr/local/lib/tmpfiles.d
|
||||||
|
ConditionDirectoryNotEmpty=|/etc/tmpfiles.d
|
||||||
|
ConditionDirectoryNotEmpty=|/run/tmpfiles.d
|
||||||
|
-RefuseManualStart=yes
|
||||||
|
RefuseManualStop=yes
|
||||||
|
|
||||||
|
[Service]
|
||||||
|
diff --git units/user/basic.target units/user/basic.target
|
||||||
|
index b74d13c..afc6e93 100644
|
||||||
|
--- units/user/basic.target
|
||||||
|
+++ units/user/basic.target
|
||||||
|
@@ -10,4 +10,3 @@ Description=Basic System
|
||||||
|
Documentation=man:systemd.special(7)
|
||||||
|
Wants=sockets.target timers.target paths.target
|
||||||
|
After=sockets.target timers.target paths.target
|
||||||
|
-RefuseManualStart=yes
|
||||||
|
--
|
||||||
|
1.7.9.2
|
||||||
|
|
@ -0,0 +1,31 @@
|
|||||||
|
From 306a55c86360a7ae7b2509771d5ea6ab0d166d85 Mon Sep 17 00:00:00 2001
|
||||||
|
From: Lennart Poettering <lennart@poettering.net>
|
||||||
|
Date: Sun, 29 Jun 2014 22:15:33 +0200
|
||||||
|
Subject: [PATCH] util: refuse considering UID 0xFFFF and 0xFFFFFFFF valid
|
||||||
|
|
||||||
|
---
|
||||||
|
src/shared/util.c | 8 ++++++++
|
||||||
|
1 file changed, 8 insertions(+)
|
||||||
|
|
||||||
|
diff --git src/shared/util.c src/shared/util.c
|
||||||
|
index e7ff0f8..1709bb7 100644
|
||||||
|
--- src/shared/util.c
|
||||||
|
+++ src/shared/util.c
|
||||||
|
@@ -280,6 +280,14 @@ int parse_uid(const char *s, uid_t* ret_uid) {
|
||||||
|
if ((unsigned long) uid != ul)
|
||||||
|
return -ERANGE;
|
||||||
|
|
||||||
|
+ /* Some libc APIs use (uid_t) -1 as special placeholder */
|
||||||
|
+ if (uid == (uid_t) 0xFFFFFFFF)
|
||||||
|
+ return -EINVAL;
|
||||||
|
+
|
||||||
|
+ /* A long time ago UIDs where 16bit, hence explicitly avoid the 32bit -1 too */
|
||||||
|
+ if (uid == (uid_t) 0xFFFF)
|
||||||
|
+ return -EINVAL;
|
||||||
|
+
|
||||||
|
*ret_uid = uid;
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
|
--
|
||||||
|
1.7.9.2
|
||||||
|
|
@ -0,0 +1,94 @@
|
|||||||
|
From 28650077f36466d9c5ee27ef2006fae3171a2430 Mon Sep 17 00:00:00 2001
|
||||||
|
From: Lennart Poettering <lennart@poettering.net>
|
||||||
|
Date: Mon, 30 Jun 2014 16:22:12 +0200
|
||||||
|
Subject: [PATCH] nspawn: block open_by_handle_at() and others via seccomp
|
||||||
|
|
||||||
|
Let's protect ourselves against the recently reported docker security
|
||||||
|
issue. Our man page makes clear that we do not make any security
|
||||||
|
promises anyway, but well, this one is easy to mitigate, so let's do it.
|
||||||
|
While we are at it block a couple of more syscalls that are no good in
|
||||||
|
containers, too.
|
||||||
|
---
|
||||||
|
src/nspawn/nspawn.c | 47 +++++++++++++++++++++++++++++++++++------------
|
||||||
|
1 file changed, 35 insertions(+), 12 deletions(-)
|
||||||
|
|
||||||
|
diff --git src/nspawn/nspawn.c src/nspawn/nspawn.c
|
||||||
|
index fd61d07..656c1bf 100644
|
||||||
|
--- src/nspawn/nspawn.c
|
||||||
|
+++ src/nspawn/nspawn.c
|
||||||
|
@@ -1864,22 +1864,25 @@ static int setup_macvlan(pid_t pid) {
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
|
|
||||||
|
-static int audit_still_doesnt_work_in_containers(void) {
|
||||||
|
+static int setup_seccomp(void) {
|
||||||
|
|
||||||
|
#ifdef HAVE_SECCOMP
|
||||||
|
+ static const int blacklist[] = {
|
||||||
|
+ SCMP_SYS(kexec_load),
|
||||||
|
+ SCMP_SYS(open_by_handle_at),
|
||||||
|
+ SCMP_SYS(init_module),
|
||||||
|
+ SCMP_SYS(finit_module),
|
||||||
|
+ SCMP_SYS(delete_module),
|
||||||
|
+ SCMP_SYS(iopl),
|
||||||
|
+ SCMP_SYS(ioperm),
|
||||||
|
+ SCMP_SYS(swapon),
|
||||||
|
+ SCMP_SYS(swapoff),
|
||||||
|
+ };
|
||||||
|
+
|
||||||
|
scmp_filter_ctx seccomp;
|
||||||
|
+ unsigned i;
|
||||||
|
int r;
|
||||||
|
|
||||||
|
- /*
|
||||||
|
- Audit is broken in containers, much of the userspace audit
|
||||||
|
- hookup will fail if running inside a container. We don't
|
||||||
|
- care and just turn off creation of audit sockets.
|
||||||
|
-
|
||||||
|
- This will make socket(AF_NETLINK, *, NETLINK_AUDIT) fail
|
||||||
|
- with EAFNOSUPPORT which audit userspace uses as indication
|
||||||
|
- that audit is disabled in the kernel.
|
||||||
|
- */
|
||||||
|
-
|
||||||
|
seccomp = seccomp_init(SCMP_ACT_ALLOW);
|
||||||
|
if (!seccomp)
|
||||||
|
return log_oom();
|
||||||
|
@@ -1890,6 +1893,26 @@ static int audit_still_doesnt_work_in_containers(void) {
|
||||||
|
goto finish;
|
||||||
|
}
|
||||||
|
|
||||||
|
+ for (i = 0; i < ELEMENTSOF(blacklist); i++) {
|
||||||
|
+ r = seccomp_rule_add(seccomp, SCMP_ACT_ERRNO(EPERM), blacklist[i], 0);
|
||||||
|
+ if (r == -EFAULT)
|
||||||
|
+ continue; /* unknown syscall */
|
||||||
|
+ if (r < 0) {
|
||||||
|
+ log_error("Failed to block syscall: %s", strerror(-r));
|
||||||
|
+ goto finish;
|
||||||
|
+ }
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
+ /*
|
||||||
|
+ Audit is broken in containers, much of the userspace audit
|
||||||
|
+ hookup will fail if running inside a container. We don't
|
||||||
|
+ care and just turn off creation of audit sockets.
|
||||||
|
+
|
||||||
|
+ This will make socket(AF_NETLINK, *, NETLINK_AUDIT) fail
|
||||||
|
+ with EAFNOSUPPORT which audit userspace uses as indication
|
||||||
|
+ that audit is disabled in the kernel.
|
||||||
|
+ */
|
||||||
|
+
|
||||||
|
r = seccomp_rule_add(
|
||||||
|
seccomp,
|
||||||
|
SCMP_ACT_ERRNO(EAFNOSUPPORT),
|
||||||
|
@@ -3050,7 +3073,7 @@ int main(int argc, char *argv[]) {
|
||||||
|
|
||||||
|
dev_setup(arg_directory);
|
||||||
|
|
||||||
|
- if (audit_still_doesnt_work_in_containers() < 0)
|
||||||
|
+ if (setup_seccomp() < 0)
|
||||||
|
goto child_fail;
|
||||||
|
|
||||||
|
if (setup_dev_console(arg_directory, console) < 0)
|
||||||
|
--
|
||||||
|
1.7.9.2
|
||||||
|
|
@ -0,0 +1,26 @@
|
|||||||
|
Based on 6fc27667950fe153033f0f49cb5b57e8954c3e54 Mon Sep 17 00:00:00 2001
|
||||||
|
From: Lennart Poettering <lennart@poettering.net>
|
||||||
|
Date: Mon, 30 Jun 2014 19:06:18 +0200
|
||||||
|
Subject: [PATCH] tmpfiles: don't do automatic cleanup in $XDG_RUNTIME_DIR
|
||||||
|
|
||||||
|
Now that logind will clean up all IPC resources of a user we should
|
||||||
|
really consider $XDG_RUNTIME_DIR as just another kind of IPC with the
|
||||||
|
same life-cycle logic as the other IPC resources. This should be safe
|
||||||
|
now to do since every user gets his own $XDG_RUNTIME_DIR tmpfs instance
|
||||||
|
with a fixed size limit, so that flooding of it will more effectively be
|
||||||
|
averted.
|
||||||
|
---
|
||||||
|
tmpfiles.d/systemd.conf | 2 +-
|
||||||
|
1 file changed, 1 insertion(+), 1 deletion(-)
|
||||||
|
|
||||||
|
--- tmpfiles.d/systemd.conf
|
||||||
|
+++ tmpfiles.d/systemd.conf 2014-07-01 12:31:01.858735866 +0000
|
||||||
|
@@ -7,7 +7,7 @@
|
||||||
|
|
||||||
|
# See tmpfiles.d(5) for details
|
||||||
|
|
||||||
|
-d /run/user 0755 root root ~10d
|
||||||
|
+d /run/user 0755 root root -
|
||||||
|
F! /run/utmp 0664 root utmp -
|
||||||
|
|
||||||
|
f /var/log/wtmp 0664 root utmp -
|
26
0007-units-skip-mounting-tmp-if-it-is-a-symlink.patch
Normal file
26
0007-units-skip-mounting-tmp-if-it-is-a-symlink.patch
Normal file
@ -0,0 +1,26 @@
|
|||||||
|
From 8ebf02d6f382ce1ac7e0d44a713b8795a07b08cd Mon Sep 17 00:00:00 2001
|
||||||
|
From: Lennart Poettering <lennart@poettering.net>
|
||||||
|
Date: Mon, 30 Jun 2014 21:44:05 +0200
|
||||||
|
Subject: [PATCH] units: skip mounting /tmp if it is a symlink
|
||||||
|
|
||||||
|
We shouldn't get confused if people have symlinked /tmp somewhere, so
|
||||||
|
let's simply skip the mount then.
|
||||||
|
---
|
||||||
|
units/tmp.mount | 1 +
|
||||||
|
1 file changed, 1 insertion(+)
|
||||||
|
|
||||||
|
diff --git units/tmp.mount units/tmp.mount
|
||||||
|
index 99a3ba3..00a0d28 100644
|
||||||
|
--- units/tmp.mount
|
||||||
|
+++ units/tmp.mount
|
||||||
|
@@ -9,6 +9,7 @@
|
||||||
|
Description=Temporary Directory
|
||||||
|
Documentation=man:hier(7)
|
||||||
|
Documentation=http://www.freedesktop.org/wiki/Software/systemd/APIFileSystems
|
||||||
|
+ConditionPathIsSymbolicLink=!/tmp
|
||||||
|
DefaultDependencies=no
|
||||||
|
Conflicts=umount.target
|
||||||
|
Before=local-fs.target umount.target
|
||||||
|
--
|
||||||
|
1.7.9.2
|
||||||
|
|
45
1044-rules-update-qemu-hid-rules.patch
Normal file
45
1044-rules-update-qemu-hid-rules.patch
Normal file
@ -0,0 +1,45 @@
|
|||||||
|
From cd31d1884f1ecf38e11bc6268f446d75dfafbc25 Mon Sep 17 00:00:00 2001
|
||||||
|
From: Gerd Hoffmann <kraxel@redhat.com>
|
||||||
|
Date: Mon, 24 Mar 2014 12:07:41 +0100
|
||||||
|
Subject: [PATCH] rules: update qemu hid rules
|
||||||
|
|
||||||
|
Update comment to be a bit more specific.
|
||||||
|
|
||||||
|
Change match to blacklist the serial number of the broken devices
|
||||||
|
instead of whitelisting the serial number of the fixed devices.
|
||||||
|
This allows to do something useful with the serial number in the
|
||||||
|
future.
|
||||||
|
---
|
||||||
|
rules/42-usb-hid-pm.rules | 15 ++++++++-------
|
||||||
|
1 file changed, 8 insertions(+), 7 deletions(-)
|
||||||
|
|
||||||
|
diff --git rules/42-usb-hid-pm.rules rules/42-usb-hid-pm.rules
|
||||||
|
index 3fd6e8a..c675b5b 100644
|
||||||
|
--- rules/42-usb-hid-pm.rules
|
||||||
|
+++ rules/42-usb-hid-pm.rules
|
||||||
|
@@ -2,14 +2,15 @@
|
||||||
|
#
|
||||||
|
# Enable autosuspend for qemu emulated usb hid devices
|
||||||
|
|
||||||
|
-# Note that there are buggy qemu versions which advertise remote
|
||||||
|
-# wakeup support but don't actually implement it correctly. This
|
||||||
|
-# is the reason why we need a match for the serial number here.
|
||||||
|
-# The serial number "42" is used to tag the implementations where
|
||||||
|
+# Note that there are buggy qemu versions (0.13 & older) which
|
||||||
|
+# advertise remote wakeup support but don't actually implement
|
||||||
|
+# it correctly. This is the reason why we need a match for the
|
||||||
|
+# serial number here. Old, broken versions have serial "1".
|
||||||
|
+# It has been changed to "42" after fixing the bug to indicate
|
||||||
|
# remote wakeup is working.
|
||||||
|
-ACTION=="add", SUBSYSTEM=="usb", ATTR{product}=="QEMU USB Mouse", ATTR{serial}=="42", TEST=="power/control", ATTR{power/control}="auto"
|
||||||
|
-ACTION=="add", SUBSYSTEM=="usb", ATTR{product}=="QEMU USB Tablet", ATTR{serial}=="42", TEST=="power/control", ATTR{power/control}="auto"
|
||||||
|
-ACTION=="add", SUBSYSTEM=="usb", ATTR{product}=="QEMU USB Keyboard", ATTR{serial}=="42", TEST=="power/control", ATTR{power/control}="auto"
|
||||||
|
+ACTION=="add", SUBSYSTEM=="usb", ATTR{product}=="QEMU USB Mouse", ATTR{serial}!="1", TEST=="power/control", ATTR{power/control}="auto"
|
||||||
|
+ACTION=="add", SUBSYSTEM=="usb", ATTR{product}=="QEMU USB Tablet", ATTR{serial}!="1", TEST=="power/control", ATTR{power/control}="auto"
|
||||||
|
+ACTION=="add", SUBSYSTEM=="usb", ATTR{product}=="QEMU USB Keyboard", ATTR{serial}!="1", TEST=="power/control", ATTR{power/control}="auto"
|
||||||
|
|
||||||
|
# Catch-all for Avocent HID devices. Keyed off interface in order to only
|
||||||
|
# trigger on HID class devices.
|
||||||
|
--
|
||||||
|
1.7.9.2
|
||||||
|
|
29
1045-rules-don-t-enable-usb-pm-for-Avocent-devices.patch
Normal file
29
1045-rules-don-t-enable-usb-pm-for-Avocent-devices.patch
Normal file
@ -0,0 +1,29 @@
|
|||||||
|
Based on 52fb538361053f8c4abce0e40cd0bae3d28ceb16 Mon Sep 17 00:00:00 2001
|
||||||
|
From: Tom Hirst <tom.hirst@ipe-systems.co.uk>
|
||||||
|
Date: Wed, 25 Jun 2014 11:57:11 +0000
|
||||||
|
Subject: [PATCH] rules: don't enable usb pm for Avocent devices
|
||||||
|
|
||||||
|
The Avocent KVM over IP devices doesn't work correctly with USB power
|
||||||
|
management enabled.
|
||||||
|
---
|
||||||
|
rules/42-usb-hid-pm.rules | 4 ----
|
||||||
|
1 file changed, 4 deletions(-)
|
||||||
|
|
||||||
|
diff --git rules/42-usb-hid-pm.rules rules/42-usb-hid-pm.rules
|
||||||
|
index c675b5b..4c300da 100644
|
||||||
|
--- rules/42-usb-hid-pm.rules
|
||||||
|
+++ rules/42-usb-hid-pm.rules
|
||||||
|
@@ -12,10 +12,6 @@ ACTION=="add", SUBSYSTEM=="usb", ATTR{product}=="QEMU USB Mouse", ATTR{serial}!=
|
||||||
|
ACTION=="add", SUBSYSTEM=="usb", ATTR{product}=="QEMU USB Tablet", ATTR{serial}!="1", TEST=="power/control", ATTR{power/control}="auto"
|
||||||
|
ACTION=="add", SUBSYSTEM=="usb", ATTR{product}=="QEMU USB Keyboard", ATTR{serial}!="1", TEST=="power/control", ATTR{power/control}="auto"
|
||||||
|
|
||||||
|
-# Catch-all for Avocent HID devices. Keyed off interface in order to only
|
||||||
|
-# trigger on HID class devices.
|
||||||
|
-ACTION=="add", SUBSYSTEM=="usb", ATTRS{idVendor}=="0624", ATTR{bInterfaceClass}=="03", TEST=="../power/control", ATTR{../power/control}="auto"
|
||||||
|
-
|
||||||
|
# Dell DRAC 4
|
||||||
|
ACTION=="add", SUBSYSTEM=="usb", ATTR{idVendor}=="413c", ATTR{idProduct}=="2500", TEST=="power/control", ATTR{power/control}="auto"
|
||||||
|
|
||||||
|
--
|
||||||
|
1.7.9.2
|
||||||
|
|
@ -1,3 +1,15 @@
|
|||||||
|
-------------------------------------------------------------------
|
||||||
|
Tue Jul 1 12:19:27 UTC 2014 - werner@suse.de
|
||||||
|
|
||||||
|
- Add upstream patches
|
||||||
|
0001-main-uid_to_name-might-fail-due-to-OOM-protect-again.patch
|
||||||
|
0002-journald-make-MaxFileSec-really-default-to-1month.patch
|
||||||
|
0003-units-remove-RefuseManualStart-from-units-which-are-.patch
|
||||||
|
0004-util-refuse-considering-UID-0xFFFF-and-0xFFFFFFFF-va.patch
|
||||||
|
0005-nspawn-block-open_by_handle_at-and-others-via-seccom.patch
|
||||||
|
0006-tmpfiles-don-t-do-automatic-cleanup-in-XDG_RUNTIME_D.patch
|
||||||
|
0007-units-skip-mounting-tmp-if-it-is-a-symlink.patch
|
||||||
|
|
||||||
-------------------------------------------------------------------
|
-------------------------------------------------------------------
|
||||||
Tue Jul 1 09:58:04 UTC 2014 - werner@suse.de
|
Tue Jul 1 09:58:04 UTC 2014 - werner@suse.de
|
||||||
|
|
||||||
@ -9,6 +21,8 @@ Tue Jul 1 08:56:48 UTC 2014 - werner@suse.de
|
|||||||
- Add upstream patches
|
- Add upstream patches
|
||||||
1042-libudev-queue-provide-file-descriptor-to-watch-busy-.patch
|
1042-libudev-queue-provide-file-descriptor-to-watch-busy-.patch
|
||||||
1043-libudev-queue-watch-entire-directory-to-allow-the-re.patch
|
1043-libudev-queue-watch-entire-directory-to-allow-the-re.patch
|
||||||
|
1044-rules-update-qemu-hid-rules.patch
|
||||||
|
1045-rules-don-t-enable-usb-pm-for-Avocent-devices.patch
|
||||||
|
|
||||||
-------------------------------------------------------------------
|
-------------------------------------------------------------------
|
||||||
Fri Jun 27 12:46:12 UTC 2014 - werner@suse.de
|
Fri Jun 27 12:46:12 UTC 2014 - werner@suse.de
|
||||||
|
@ -609,6 +609,19 @@ Patch297: 0001-core-use-correct-format-string-for-UIDs.patch
|
|||||||
Patch298: 0002-core-transaction-fix-cycle-break-attempts-outside-tr.patch
|
Patch298: 0002-core-transaction-fix-cycle-break-attempts-outside-tr.patch
|
||||||
# PATCH-FIX-UPSTREAM added at 2014/06/26
|
# PATCH-FIX-UPSTREAM added at 2014/06/26
|
||||||
Patch299: 0003-fsck-consider-a-fsck-implementation-linked-to-bin-tr.patch
|
Patch299: 0003-fsck-consider-a-fsck-implementation-linked-to-bin-tr.patch
|
||||||
|
# PATCH-FIX-UPSTREAM added at 2014/07/01
|
||||||
|
Patch300: 0001-main-uid_to_name-might-fail-due-to-OOM-protect-again.patch
|
||||||
|
# PATCH-FIX-UPSTREAM added at 2014/07/01
|
||||||
|
Patch301: 0002-journald-make-MaxFileSec-really-default-to-1month.patch
|
||||||
|
# PATCH-FIX-UPSTREAM added at 2014/07/01
|
||||||
|
Patch302: 0003-units-remove-RefuseManualStart-from-units-which-are-.patch
|
||||||
|
Patch303: 0004-util-refuse-considering-UID-0xFFFF-and-0xFFFFFFFF-va.patch
|
||||||
|
# PATCH-FIX-UPSTREAM added at 2014/07/01
|
||||||
|
Patch304: 0005-nspawn-block-open_by_handle_at-and-others-via-seccom.patch
|
||||||
|
# PATCH-FIX-UPSTREAM added at 2014/07/01
|
||||||
|
Patch305: 0006-tmpfiles-don-t-do-automatic-cleanup-in-XDG_RUNTIME_D.patch
|
||||||
|
# PATCH-FIX-UPSTREAM added at 2014/07/01
|
||||||
|
Patch306: 0007-units-skip-mounting-tmp-if-it-is-a-symlink.patch
|
||||||
|
|
||||||
# UDEV PATCHES
|
# UDEV PATCHES
|
||||||
# ============
|
# ============
|
||||||
@ -702,6 +715,10 @@ Patch1041: 1041-libudev-fix-udev_queue_get_queue_is_empty-logic.patch
|
|||||||
Patch1042: 1042-libudev-queue-provide-file-descriptor-to-watch-busy-.patch
|
Patch1042: 1042-libudev-queue-provide-file-descriptor-to-watch-busy-.patch
|
||||||
# PATCH-FIX-UPSTREAM 1043-libudev-queue-watch-entire-directory-to-allow-the-re.patch
|
# PATCH-FIX-UPSTREAM 1043-libudev-queue-watch-entire-directory-to-allow-the-re.patch
|
||||||
Patch1043: 1043-libudev-queue-watch-entire-directory-to-allow-the-re.patch
|
Patch1043: 1043-libudev-queue-watch-entire-directory-to-allow-the-re.patch
|
||||||
|
# PATCH-FIX-UPSTREAM 1044-rules-update-qemu-hid-rules.patch
|
||||||
|
Patch1044: 1044-rules-update-qemu-hid-rules.patch
|
||||||
|
# PATCH-FIX-UPSTREAM 1045-rules-don-t-enable-usb-pm-for-Avocent-devices.patch
|
||||||
|
Patch1045: 1045-rules-don-t-enable-usb-pm-for-Avocent-devices.patch
|
||||||
|
|
||||||
%description
|
%description
|
||||||
Systemd is a system and service manager, compatible with SysV and LSB
|
Systemd is a system and service manager, compatible with SysV and LSB
|
||||||
@ -1159,6 +1176,13 @@ cp %{SOURCE7} m4/
|
|||||||
%patch297 -p0
|
%patch297 -p0
|
||||||
%patch298 -p0
|
%patch298 -p0
|
||||||
%patch299 -p0
|
%patch299 -p0
|
||||||
|
%patch300 -p0
|
||||||
|
%patch301 -p0
|
||||||
|
%patch302 -p0
|
||||||
|
%patch303 -p0
|
||||||
|
%patch304 -p0
|
||||||
|
%patch305 -p0
|
||||||
|
%patch306 -p0
|
||||||
|
|
||||||
# udev patches
|
# udev patches
|
||||||
%patch1001 -p1
|
%patch1001 -p1
|
||||||
@ -1211,6 +1235,8 @@ cp %{SOURCE7} m4/
|
|||||||
%patch1042 -p0
|
%patch1042 -p0
|
||||||
%patch1043 -p0
|
%patch1043 -p0
|
||||||
%endif
|
%endif
|
||||||
|
%patch1044 -p0
|
||||||
|
%patch1045 -p0
|
||||||
|
|
||||||
# ensure generate files are removed
|
# ensure generate files are removed
|
||||||
rm -f units/emergency.service
|
rm -f units/emergency.service
|
||||||
|
@ -1,3 +1,15 @@
|
|||||||
|
-------------------------------------------------------------------
|
||||||
|
Tue Jul 1 12:19:27 UTC 2014 - werner@suse.de
|
||||||
|
|
||||||
|
- Add upstream patches
|
||||||
|
0001-main-uid_to_name-might-fail-due-to-OOM-protect-again.patch
|
||||||
|
0002-journald-make-MaxFileSec-really-default-to-1month.patch
|
||||||
|
0003-units-remove-RefuseManualStart-from-units-which-are-.patch
|
||||||
|
0004-util-refuse-considering-UID-0xFFFF-and-0xFFFFFFFF-va.patch
|
||||||
|
0005-nspawn-block-open_by_handle_at-and-others-via-seccom.patch
|
||||||
|
0006-tmpfiles-don-t-do-automatic-cleanup-in-XDG_RUNTIME_D.patch
|
||||||
|
0007-units-skip-mounting-tmp-if-it-is-a-symlink.patch
|
||||||
|
|
||||||
-------------------------------------------------------------------
|
-------------------------------------------------------------------
|
||||||
Tue Jul 1 09:58:04 UTC 2014 - werner@suse.de
|
Tue Jul 1 09:58:04 UTC 2014 - werner@suse.de
|
||||||
|
|
||||||
@ -9,6 +21,8 @@ Tue Jul 1 08:56:48 UTC 2014 - werner@suse.de
|
|||||||
- Add upstream patches
|
- Add upstream patches
|
||||||
1042-libudev-queue-provide-file-descriptor-to-watch-busy-.patch
|
1042-libudev-queue-provide-file-descriptor-to-watch-busy-.patch
|
||||||
1043-libudev-queue-watch-entire-directory-to-allow-the-re.patch
|
1043-libudev-queue-watch-entire-directory-to-allow-the-re.patch
|
||||||
|
1044-rules-update-qemu-hid-rules.patch
|
||||||
|
1045-rules-don-t-enable-usb-pm-for-Avocent-devices.patch
|
||||||
|
|
||||||
-------------------------------------------------------------------
|
-------------------------------------------------------------------
|
||||||
Fri Jun 27 12:46:12 UTC 2014 - werner@suse.de
|
Fri Jun 27 12:46:12 UTC 2014 - werner@suse.de
|
||||||
|
26
systemd.spec
26
systemd.spec
@ -604,6 +604,19 @@ Patch297: 0001-core-use-correct-format-string-for-UIDs.patch
|
|||||||
Patch298: 0002-core-transaction-fix-cycle-break-attempts-outside-tr.patch
|
Patch298: 0002-core-transaction-fix-cycle-break-attempts-outside-tr.patch
|
||||||
# PATCH-FIX-UPSTREAM added at 2014/06/26
|
# PATCH-FIX-UPSTREAM added at 2014/06/26
|
||||||
Patch299: 0003-fsck-consider-a-fsck-implementation-linked-to-bin-tr.patch
|
Patch299: 0003-fsck-consider-a-fsck-implementation-linked-to-bin-tr.patch
|
||||||
|
# PATCH-FIX-UPSTREAM added at 2014/07/01
|
||||||
|
Patch300: 0001-main-uid_to_name-might-fail-due-to-OOM-protect-again.patch
|
||||||
|
# PATCH-FIX-UPSTREAM added at 2014/07/01
|
||||||
|
Patch301: 0002-journald-make-MaxFileSec-really-default-to-1month.patch
|
||||||
|
# PATCH-FIX-UPSTREAM added at 2014/07/01
|
||||||
|
Patch302: 0003-units-remove-RefuseManualStart-from-units-which-are-.patch
|
||||||
|
Patch303: 0004-util-refuse-considering-UID-0xFFFF-and-0xFFFFFFFF-va.patch
|
||||||
|
# PATCH-FIX-UPSTREAM added at 2014/07/01
|
||||||
|
Patch304: 0005-nspawn-block-open_by_handle_at-and-others-via-seccom.patch
|
||||||
|
# PATCH-FIX-UPSTREAM added at 2014/07/01
|
||||||
|
Patch305: 0006-tmpfiles-don-t-do-automatic-cleanup-in-XDG_RUNTIME_D.patch
|
||||||
|
# PATCH-FIX-UPSTREAM added at 2014/07/01
|
||||||
|
Patch306: 0007-units-skip-mounting-tmp-if-it-is-a-symlink.patch
|
||||||
|
|
||||||
# UDEV PATCHES
|
# UDEV PATCHES
|
||||||
# ============
|
# ============
|
||||||
@ -697,6 +710,10 @@ Patch1041: 1041-libudev-fix-udev_queue_get_queue_is_empty-logic.patch
|
|||||||
Patch1042: 1042-libudev-queue-provide-file-descriptor-to-watch-busy-.patch
|
Patch1042: 1042-libudev-queue-provide-file-descriptor-to-watch-busy-.patch
|
||||||
# PATCH-FIX-UPSTREAM 1043-libudev-queue-watch-entire-directory-to-allow-the-re.patch
|
# PATCH-FIX-UPSTREAM 1043-libudev-queue-watch-entire-directory-to-allow-the-re.patch
|
||||||
Patch1043: 1043-libudev-queue-watch-entire-directory-to-allow-the-re.patch
|
Patch1043: 1043-libudev-queue-watch-entire-directory-to-allow-the-re.patch
|
||||||
|
# PATCH-FIX-UPSTREAM 1044-rules-update-qemu-hid-rules.patch
|
||||||
|
Patch1044: 1044-rules-update-qemu-hid-rules.patch
|
||||||
|
# PATCH-FIX-UPSTREAM 1045-rules-don-t-enable-usb-pm-for-Avocent-devices.patch
|
||||||
|
Patch1045: 1045-rules-don-t-enable-usb-pm-for-Avocent-devices.patch
|
||||||
|
|
||||||
%description
|
%description
|
||||||
Systemd is a system and service manager, compatible with SysV and LSB
|
Systemd is a system and service manager, compatible with SysV and LSB
|
||||||
@ -1154,6 +1171,13 @@ cp %{SOURCE7} m4/
|
|||||||
%patch297 -p0
|
%patch297 -p0
|
||||||
%patch298 -p0
|
%patch298 -p0
|
||||||
%patch299 -p0
|
%patch299 -p0
|
||||||
|
%patch300 -p0
|
||||||
|
%patch301 -p0
|
||||||
|
%patch302 -p0
|
||||||
|
%patch303 -p0
|
||||||
|
%patch304 -p0
|
||||||
|
%patch305 -p0
|
||||||
|
%patch306 -p0
|
||||||
|
|
||||||
# udev patches
|
# udev patches
|
||||||
%patch1001 -p1
|
%patch1001 -p1
|
||||||
@ -1206,6 +1230,8 @@ cp %{SOURCE7} m4/
|
|||||||
%patch1042 -p0
|
%patch1042 -p0
|
||||||
%patch1043 -p0
|
%patch1043 -p0
|
||||||
%endif
|
%endif
|
||||||
|
%patch1044 -p0
|
||||||
|
%patch1045 -p0
|
||||||
|
|
||||||
# ensure generate files are removed
|
# ensure generate files are removed
|
||||||
rm -f units/emergency.service
|
rm -f units/emergency.service
|
||||||
|
Loading…
Reference in New Issue
Block a user