.
OBS-URL: https://build.opensuse.org/package/show/Base:System/systemd?expand=0&rev=833
This commit is contained in:
parent
80f1feed79
commit
659f45d6b9
23
0001-selinux-access-fix-broken-ternary-operator.patch
Normal file
23
0001-selinux-access-fix-broken-ternary-operator.patch
Normal file
@ -0,0 +1,23 @@
|
|||||||
|
Based on 1e648011b20c8126412d3cf2699d575d9ba9e0fe Mon Sep 17 00:00:00 2001
|
||||||
|
From: Lukas Nykryn <lnykryn@redhat.com>
|
||||||
|
Date: Fri, 21 Nov 2014 17:02:15 +0100
|
||||||
|
Subject: [PATCH] selinux-access: fix broken ternary operator
|
||||||
|
|
||||||
|
it seems to be a typo introduced by ebcf1f97de4f6b1580ae55eb56b1a3939fe6b602
|
||||||
|
- _r = selinux_access_check(_b, _m, _u->source_path ?:_u->fragment_path, (permission), &_error); \
|
||||||
|
+ ({ Unit *_unit = (unit); selinux_generic_access_check(bus,message, _unit->fragment_path ?: _unit->fragment_path, permission,error); })
|
||||||
|
---
|
||||||
|
src/core/selinux-access.h | 2 +-
|
||||||
|
1 file changed, 1 insertion(+), 1 deletion(-)
|
||||||
|
|
||||||
|
--- src/core/selinux-access.h
|
||||||
|
+++ src/core/selinux-access.h 2014-12-15 11:49:54.521518349 +0000
|
||||||
|
@@ -34,7 +34,7 @@ int selinux_generic_access_check(sd_bus
|
||||||
|
#define selinux_access_check(bus, message, permission, error) \
|
||||||
|
selinux_generic_access_check(bus, message, NULL, permission, error)
|
||||||
|
#define selinux_unit_access_check(unit, bus, message, permission, error) \
|
||||||
|
- ({ Unit *_unit = (unit); selinux_generic_access_check(bus, message, _unit->fragment_path ?: _unit->fragment_path, permission, error); })
|
||||||
|
+ ({ Unit *_unit = (unit); selinux_generic_access_check(bus, message, _unit->source_path ?: _unit->fragment_path, permission, error); })
|
||||||
|
|
||||||
|
#else
|
||||||
|
|
@ -0,0 +1,35 @@
|
|||||||
|
From c469089cf647ac740c7dcf09c463d2907b6d00eb Mon Sep 17 00:00:00 2001
|
||||||
|
From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= <zbyszek@in.waw.pl>
|
||||||
|
Date: Sat, 22 Nov 2014 20:21:56 -0500
|
||||||
|
Subject: [PATCH] systemctl: show BindsTo/BoundBy in list-dependencies
|
||||||
|
|
||||||
|
Suggested-by: Peter Mattern <matternp@arcor.de>
|
||||||
|
|
||||||
|
http://lists.freedesktop.org/archives/systemd-devel/2014-November/025437.html
|
||||||
|
---
|
||||||
|
src/systemctl/systemctl.c | 6 ++++--
|
||||||
|
1 file changed, 4 insertions(+), 2 deletions(-)
|
||||||
|
|
||||||
|
diff --git src/systemctl/systemctl.c src/systemctl/systemctl.c
|
||||||
|
index 78b7c96..fd69c69 100644
|
||||||
|
--- src/systemctl/systemctl.c
|
||||||
|
+++ src/systemctl/systemctl.c
|
||||||
|
@@ -1480,11 +1480,13 @@ static int list_dependencies_get_dependencies(sd_bus *bus, const char *name, cha
|
||||||
|
"RequiresOverridable\0"
|
||||||
|
"Requisite\0"
|
||||||
|
"RequisiteOverridable\0"
|
||||||
|
- "Wants\0",
|
||||||
|
+ "Wants\0"
|
||||||
|
+ "BindsTo\0",
|
||||||
|
[DEPENDENCY_REVERSE] = "RequiredBy\0"
|
||||||
|
"RequiredByOverridable\0"
|
||||||
|
"WantedBy\0"
|
||||||
|
- "PartOf\0",
|
||||||
|
+ "PartOf\0"
|
||||||
|
+ "BoundBy\0",
|
||||||
|
[DEPENDENCY_AFTER] = "After\0",
|
||||||
|
[DEPENDENCY_BEFORE] = "Before\0",
|
||||||
|
};
|
||||||
|
--
|
||||||
|
1.7.9.2
|
||||||
|
|
@ -0,0 +1,28 @@
|
|||||||
|
Based on 8a52210c9392887a31fdb2845f65b4c5869e8e66 Mon Sep 17 00:00:00 2001
|
||||||
|
From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= <zbyszek@in.waw.pl>
|
||||||
|
Date: Mon, 24 Nov 2014 09:11:12 -0500
|
||||||
|
Subject: [PATCH] cryptsetup: default to no hash when keyfile is specified
|
||||||
|
|
||||||
|
For plain dm-crypt devices, the behavior of cryptsetup package is to
|
||||||
|
ignore the hash algorithm when a key file is provided. It seems wrong
|
||||||
|
to ignore a hash when it is explicitly specified, but we should default
|
||||||
|
to no hash if the keyfile is specified.
|
||||||
|
|
||||||
|
https://bugs.freedesktop.org/show_bug.cgi?id=52630
|
||||||
|
---
|
||||||
|
src/cryptsetup/cryptsetup.c | 4 +++-
|
||||||
|
1 file changed, 3 insertions(+), 1 deletion(-)
|
||||||
|
|
||||||
|
--- src/cryptsetup/cryptsetup.c
|
||||||
|
+++ src/cryptsetup/cryptsetup.c 2014-12-15 12:00:17.554019752 +0000
|
||||||
|
@@ -386,7 +386,9 @@ static int attach_luks_or_plain(struct c
|
||||||
|
/* plain isn't a real hash type. it just means "use no hash" */
|
||||||
|
if (!streq(opt_hash, "plain"))
|
||||||
|
params.hash = opt_hash;
|
||||||
|
- } else
|
||||||
|
+ } else if (!key_file)
|
||||||
|
+ /* for CRYPT_PLAIN, the behaviour of cryptsetup
|
||||||
|
+ * package is to not hash when a key file is provided */
|
||||||
|
params.hash = "ripemd160";
|
||||||
|
|
||||||
|
if (opt_cipher) {
|
@ -0,0 +1,32 @@
|
|||||||
|
Based on e0312f4db08c7100bd00299614e87bedc759b366 Mon Sep 17 00:00:00 2001
|
||||||
|
Based on c21b92ffe7ef939dd32502ac912cf8ad1c5638fd Mon Sep 17 00:00:00 2001
|
||||||
|
From: Michal Schmidt <mschmidt@redhat.com>
|
||||||
|
Date: Thu, 27 Nov 2014 15:23:58 +0100
|
||||||
|
Subject: [PATCH] core: fix transaction destructiveness check once more
|
||||||
|
|
||||||
|
The previous fix e0312f4db "core: fix check for transaction
|
||||||
|
destructiveness" broke test-engine (noticed by Zbyszek).
|
||||||
|
Apparently I had a wrong idea of the intended semantics of --fail.
|
||||||
|
|
||||||
|
The manpage says the operation should fail if it "conflicts with a
|
||||||
|
pending job (more specifically: causes an already pending start job to
|
||||||
|
be reversed into a stop job or vice versa)".
|
||||||
|
|
||||||
|
So let's check job_type_is_conflicting, instead of !is_superset.
|
||||||
|
|
||||||
|
This makes both test-engine and TEST-03-JOBS pass again.
|
||||||
|
---
|
||||||
|
src/core/transaction.c | 2 +-
|
||||||
|
1 file changed, 1 insertion(+), 1 deletion(-)
|
||||||
|
|
||||||
|
--- src/core/transaction.c
|
||||||
|
+++ src/core/transaction.c 2014-12-15 12:06:11.721518136 +0000
|
||||||
|
@@ -510,7 +510,7 @@ static int transaction_is_destructive(Tr
|
||||||
|
assert(!j->transaction_next);
|
||||||
|
|
||||||
|
if (j->unit->job && (mode == JOB_FAIL || j->unit->job->irreversible) &&
|
||||||
|
- !job_type_is_superset(j->type, j->unit->job->type)) {
|
||||||
|
+ job_type_is_conflicting(j->unit->job->type, j->type)) {
|
||||||
|
|
||||||
|
sd_bus_error_setf(e, BUS_ERROR_TRANSACTION_IS_DESTRUCTIVE, "Transaction is destructive.");
|
||||||
|
return -EEXIST;
|
@ -1,3 +1,15 @@
|
|||||||
|
-------------------------------------------------------------------
|
||||||
|
Mon Dec 15 15:02:22 UTC 2014 - werner@suse.de
|
||||||
|
|
||||||
|
- Add upstream patches
|
||||||
|
0001-selinux-access-fix-broken-ternary-operator.patch
|
||||||
|
0002-systemctl-show-BindsTo-BoundBy-in-list-dependencies.patch
|
||||||
|
0003-cryptsetup-default-to-no-hash-when-keyfile-is-specif.patch
|
||||||
|
0004-core-fix-transaction-destructiveness-check-once-more.patch
|
||||||
|
- Avoid old net devices naming scheme on openSUSE 13.2 and less
|
||||||
|
maybe caused by patch
|
||||||
|
1098-udev-link_setup-respect-kernel-name-assign-policy.patch
|
||||||
|
|
||||||
-------------------------------------------------------------------
|
-------------------------------------------------------------------
|
||||||
Thu Dec 11 09:32:31 UTC 2014 - thomas.blume@suse.com
|
Thu Dec 11 09:32:31 UTC 2014 - thomas.blume@suse.com
|
||||||
|
|
||||||
@ -17,7 +29,6 @@ Fri Dec 5 12:13:02 UTC 2014 - werner@suse.de
|
|||||||
- Add upstream patches
|
- Add upstream patches
|
||||||
0001-units-make-sure-rfkill-service-is-bount-to-the-actua.patch
|
0001-units-make-sure-rfkill-service-is-bount-to-the-actua.patch
|
||||||
0002-rfkill-rework-how-we-generate-file-names-from-rfkill.patch
|
0002-rfkill-rework-how-we-generate-file-names-from-rfkill.patch
|
||||||
1097-udev-link_setup-respect-kernel-name-assign-policy.patch
|
|
||||||
|
|
||||||
-------------------------------------------------------------------
|
-------------------------------------------------------------------
|
||||||
Fri Nov 28 13:26:21 UTC 2014 - rmilasan@suse.com
|
Fri Nov 28 13:26:21 UTC 2014 - rmilasan@suse.com
|
||||||
|
@ -1050,6 +1050,14 @@ Patch511: 0001-units-make-sure-rfkill-service-is-bount-to-the-actua.patch
|
|||||||
Patch512: 0002-rfkill-rework-how-we-generate-file-names-from-rfkill.patch
|
Patch512: 0002-rfkill-rework-how-we-generate-file-names-from-rfkill.patch
|
||||||
# PATCH-FIX-SUSE 513-nspawn-veth.patch (bnc#906709)
|
# PATCH-FIX-SUSE 513-nspawn-veth.patch (bnc#906709)
|
||||||
Patch513: 513-nspawn-veth.patch
|
Patch513: 513-nspawn-veth.patch
|
||||||
|
# PATCH-FIX-UPSTREAM added at 2014/12/15
|
||||||
|
Patch514: 0001-selinux-access-fix-broken-ternary-operator.patch
|
||||||
|
# PATCH-FIX-UPSTREAM added at 2014/12/15
|
||||||
|
Patch515: 0002-systemctl-show-BindsTo-BoundBy-in-list-dependencies.patch
|
||||||
|
# PATCH-FIX-UPSTREAM added at 2014/12/15
|
||||||
|
Patch516: 0003-cryptsetup-default-to-no-hash-when-keyfile-is-specif.patch
|
||||||
|
# PATCH-FIX-UPSTREAM added at 2014/12/15
|
||||||
|
Patch517: 0004-core-fix-transaction-destructiveness-check-once-more.patch
|
||||||
|
|
||||||
# UDEV PATCHES
|
# UDEV PATCHES
|
||||||
# ============
|
# ============
|
||||||
@ -1925,6 +1933,10 @@ cp %{SOURCE7} m4/
|
|||||||
%patch511 -p0
|
%patch511 -p0
|
||||||
%patch512 -p0
|
%patch512 -p0
|
||||||
%patch513 -p1
|
%patch513 -p1
|
||||||
|
%patch514 -p0
|
||||||
|
%patch515 -p0
|
||||||
|
%patch516 -p0
|
||||||
|
%patch517 -p0
|
||||||
|
|
||||||
# udev patches
|
# udev patches
|
||||||
%patch1001 -p1
|
%patch1001 -p1
|
||||||
@ -2142,6 +2154,12 @@ export LDFLAGS
|
|||||||
do
|
do
|
||||||
sed -ri '/^ENV\{net.ifnames\}=="1", GOTO="[^"]*"$/{ s/=="1"/!="0"/ }' src/udev/rule_generator/${rules}.rules
|
sed -ri '/^ENV\{net.ifnames\}=="1", GOTO="[^"]*"$/{ s/=="1"/!="0"/ }' src/udev/rule_generator/${rules}.rules
|
||||||
done
|
done
|
||||||
|
%if 0%{?suse_version} <= 1320
|
||||||
|
for link in 99-default
|
||||||
|
do
|
||||||
|
sed -ri '/^NamePolicy=/{ s/kernel[[:blank:]]+// }' network/${link}.link
|
||||||
|
done
|
||||||
|
%endif
|
||||||
%endif
|
%endif
|
||||||
cflags -pipe CFLAGS
|
cflags -pipe CFLAGS
|
||||||
cflags -Wl,-O2 LDFLAGS
|
cflags -Wl,-O2 LDFLAGS
|
||||||
|
@ -1,3 +1,15 @@
|
|||||||
|
-------------------------------------------------------------------
|
||||||
|
Mon Dec 15 15:02:22 UTC 2014 - werner@suse.de
|
||||||
|
|
||||||
|
- Add upstream patches
|
||||||
|
0001-selinux-access-fix-broken-ternary-operator.patch
|
||||||
|
0002-systemctl-show-BindsTo-BoundBy-in-list-dependencies.patch
|
||||||
|
0003-cryptsetup-default-to-no-hash-when-keyfile-is-specif.patch
|
||||||
|
0004-core-fix-transaction-destructiveness-check-once-more.patch
|
||||||
|
- Avoid old net devices naming scheme on openSUSE 13.2 and less
|
||||||
|
maybe caused by patch
|
||||||
|
1098-udev-link_setup-respect-kernel-name-assign-policy.patch
|
||||||
|
|
||||||
-------------------------------------------------------------------
|
-------------------------------------------------------------------
|
||||||
Thu Dec 11 09:32:31 UTC 2014 - thomas.blume@suse.com
|
Thu Dec 11 09:32:31 UTC 2014 - thomas.blume@suse.com
|
||||||
|
|
||||||
@ -17,7 +29,6 @@ Fri Dec 5 12:13:02 UTC 2014 - werner@suse.de
|
|||||||
- Add upstream patches
|
- Add upstream patches
|
||||||
0001-units-make-sure-rfkill-service-is-bount-to-the-actua.patch
|
0001-units-make-sure-rfkill-service-is-bount-to-the-actua.patch
|
||||||
0002-rfkill-rework-how-we-generate-file-names-from-rfkill.patch
|
0002-rfkill-rework-how-we-generate-file-names-from-rfkill.patch
|
||||||
1097-udev-link_setup-respect-kernel-name-assign-policy.patch
|
|
||||||
|
|
||||||
-------------------------------------------------------------------
|
-------------------------------------------------------------------
|
||||||
Fri Nov 28 13:26:21 UTC 2014 - rmilasan@suse.com
|
Fri Nov 28 13:26:21 UTC 2014 - rmilasan@suse.com
|
||||||
|
18
systemd.spec
18
systemd.spec
@ -1045,6 +1045,14 @@ Patch511: 0001-units-make-sure-rfkill-service-is-bount-to-the-actua.patch
|
|||||||
Patch512: 0002-rfkill-rework-how-we-generate-file-names-from-rfkill.patch
|
Patch512: 0002-rfkill-rework-how-we-generate-file-names-from-rfkill.patch
|
||||||
# PATCH-FIX-SUSE 513-nspawn-veth.patch (bnc#906709)
|
# PATCH-FIX-SUSE 513-nspawn-veth.patch (bnc#906709)
|
||||||
Patch513: 513-nspawn-veth.patch
|
Patch513: 513-nspawn-veth.patch
|
||||||
|
# PATCH-FIX-UPSTREAM added at 2014/12/15
|
||||||
|
Patch514: 0001-selinux-access-fix-broken-ternary-operator.patch
|
||||||
|
# PATCH-FIX-UPSTREAM added at 2014/12/15
|
||||||
|
Patch515: 0002-systemctl-show-BindsTo-BoundBy-in-list-dependencies.patch
|
||||||
|
# PATCH-FIX-UPSTREAM added at 2014/12/15
|
||||||
|
Patch516: 0003-cryptsetup-default-to-no-hash-when-keyfile-is-specif.patch
|
||||||
|
# PATCH-FIX-UPSTREAM added at 2014/12/15
|
||||||
|
Patch517: 0004-core-fix-transaction-destructiveness-check-once-more.patch
|
||||||
|
|
||||||
# UDEV PATCHES
|
# UDEV PATCHES
|
||||||
# ============
|
# ============
|
||||||
@ -1920,6 +1928,10 @@ cp %{SOURCE7} m4/
|
|||||||
%patch511 -p0
|
%patch511 -p0
|
||||||
%patch512 -p0
|
%patch512 -p0
|
||||||
%patch513 -p1
|
%patch513 -p1
|
||||||
|
%patch514 -p0
|
||||||
|
%patch515 -p0
|
||||||
|
%patch516 -p0
|
||||||
|
%patch517 -p0
|
||||||
|
|
||||||
# udev patches
|
# udev patches
|
||||||
%patch1001 -p1
|
%patch1001 -p1
|
||||||
@ -2137,6 +2149,12 @@ export LDFLAGS
|
|||||||
do
|
do
|
||||||
sed -ri '/^ENV\{net.ifnames\}=="1", GOTO="[^"]*"$/{ s/=="1"/!="0"/ }' src/udev/rule_generator/${rules}.rules
|
sed -ri '/^ENV\{net.ifnames\}=="1", GOTO="[^"]*"$/{ s/=="1"/!="0"/ }' src/udev/rule_generator/${rules}.rules
|
||||||
done
|
done
|
||||||
|
%if 0%{?suse_version} <= 1320
|
||||||
|
for link in 99-default
|
||||||
|
do
|
||||||
|
sed -ri '/^NamePolicy=/{ s/kernel[[:blank:]]+// }' network/${link}.link
|
||||||
|
done
|
||||||
|
%endif
|
||||||
%endif
|
%endif
|
||||||
cflags -pipe CFLAGS
|
cflags -pipe CFLAGS
|
||||||
cflags -Wl,-O2 LDFLAGS
|
cflags -Wl,-O2 LDFLAGS
|
||||||
|
Loading…
Reference in New Issue
Block a user