Dr. Werner Fink 2014-12-15 15:05:09 +00:00 committed by Git OBS Bridge
parent 80f1feed79
commit 659f45d6b9
8 changed files with 182 additions and 6 deletions

View File

@ -0,0 +1,23 @@
Based on 1e648011b20c8126412d3cf2699d575d9ba9e0fe Mon Sep 17 00:00:00 2001
From: Lukas Nykryn <lnykryn@redhat.com>
Date: Fri, 21 Nov 2014 17:02:15 +0100
Subject: [PATCH] selinux-access: fix broken ternary operator
it seems to be a typo introduced by ebcf1f97de4f6b1580ae55eb56b1a3939fe6b602
- _r = selinux_access_check(_b, _m, _u->source_path ?:_u->fragment_path, (permission), &_error); \
+ ({ Unit *_unit = (unit); selinux_generic_access_check(bus,message, _unit->fragment_path ?: _unit->fragment_path, permission,error); })
---
src/core/selinux-access.h | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
--- src/core/selinux-access.h
+++ src/core/selinux-access.h 2014-12-15 11:49:54.521518349 +0000
@@ -34,7 +34,7 @@ int selinux_generic_access_check(sd_bus
#define selinux_access_check(bus, message, permission, error) \
selinux_generic_access_check(bus, message, NULL, permission, error)
#define selinux_unit_access_check(unit, bus, message, permission, error) \
- ({ Unit *_unit = (unit); selinux_generic_access_check(bus, message, _unit->fragment_path ?: _unit->fragment_path, permission, error); })
+ ({ Unit *_unit = (unit); selinux_generic_access_check(bus, message, _unit->source_path ?: _unit->fragment_path, permission, error); })
#else

View File

@ -0,0 +1,35 @@
From c469089cf647ac740c7dcf09c463d2907b6d00eb Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= <zbyszek@in.waw.pl>
Date: Sat, 22 Nov 2014 20:21:56 -0500
Subject: [PATCH] systemctl: show BindsTo/BoundBy in list-dependencies
Suggested-by: Peter Mattern <matternp@arcor.de>
http://lists.freedesktop.org/archives/systemd-devel/2014-November/025437.html
---
src/systemctl/systemctl.c | 6 ++++--
1 file changed, 4 insertions(+), 2 deletions(-)
diff --git src/systemctl/systemctl.c src/systemctl/systemctl.c
index 78b7c96..fd69c69 100644
--- src/systemctl/systemctl.c
+++ src/systemctl/systemctl.c
@@ -1480,11 +1480,13 @@ static int list_dependencies_get_dependencies(sd_bus *bus, const char *name, cha
"RequiresOverridable\0"
"Requisite\0"
"RequisiteOverridable\0"
- "Wants\0",
+ "Wants\0"
+ "BindsTo\0",
[DEPENDENCY_REVERSE] = "RequiredBy\0"
"RequiredByOverridable\0"
"WantedBy\0"
- "PartOf\0",
+ "PartOf\0"
+ "BoundBy\0",
[DEPENDENCY_AFTER] = "After\0",
[DEPENDENCY_BEFORE] = "Before\0",
};
--
1.7.9.2

View File

@ -0,0 +1,28 @@
Based on 8a52210c9392887a31fdb2845f65b4c5869e8e66 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= <zbyszek@in.waw.pl>
Date: Mon, 24 Nov 2014 09:11:12 -0500
Subject: [PATCH] cryptsetup: default to no hash when keyfile is specified
For plain dm-crypt devices, the behavior of cryptsetup package is to
ignore the hash algorithm when a key file is provided. It seems wrong
to ignore a hash when it is explicitly specified, but we should default
to no hash if the keyfile is specified.
https://bugs.freedesktop.org/show_bug.cgi?id=52630
---
src/cryptsetup/cryptsetup.c | 4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)
--- src/cryptsetup/cryptsetup.c
+++ src/cryptsetup/cryptsetup.c 2014-12-15 12:00:17.554019752 +0000
@@ -386,7 +386,9 @@ static int attach_luks_or_plain(struct c
/* plain isn't a real hash type. it just means "use no hash" */
if (!streq(opt_hash, "plain"))
params.hash = opt_hash;
- } else
+ } else if (!key_file)
+ /* for CRYPT_PLAIN, the behaviour of cryptsetup
+ * package is to not hash when a key file is provided */
params.hash = "ripemd160";
if (opt_cipher) {

View File

@ -0,0 +1,32 @@
Based on e0312f4db08c7100bd00299614e87bedc759b366 Mon Sep 17 00:00:00 2001
Based on c21b92ffe7ef939dd32502ac912cf8ad1c5638fd Mon Sep 17 00:00:00 2001
From: Michal Schmidt <mschmidt@redhat.com>
Date: Thu, 27 Nov 2014 15:23:58 +0100
Subject: [PATCH] core: fix transaction destructiveness check once more
The previous fix e0312f4db "core: fix check for transaction
destructiveness" broke test-engine (noticed by Zbyszek).
Apparently I had a wrong idea of the intended semantics of --fail.
The manpage says the operation should fail if it "conflicts with a
pending job (more specifically: causes an already pending start job to
be reversed into a stop job or vice versa)".
So let's check job_type_is_conflicting, instead of !is_superset.
This makes both test-engine and TEST-03-JOBS pass again.
---
src/core/transaction.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
--- src/core/transaction.c
+++ src/core/transaction.c 2014-12-15 12:06:11.721518136 +0000
@@ -510,7 +510,7 @@ static int transaction_is_destructive(Tr
assert(!j->transaction_next);
if (j->unit->job && (mode == JOB_FAIL || j->unit->job->irreversible) &&
- !job_type_is_superset(j->type, j->unit->job->type)) {
+ job_type_is_conflicting(j->unit->job->type, j->type)) {
sd_bus_error_setf(e, BUS_ERROR_TRANSACTION_IS_DESTRUCTIVE, "Transaction is destructive.");
return -EEXIST;

View File

@ -1,3 +1,15 @@
-------------------------------------------------------------------
Mon Dec 15 15:02:22 UTC 2014 - werner@suse.de
- Add upstream patches
0001-selinux-access-fix-broken-ternary-operator.patch
0002-systemctl-show-BindsTo-BoundBy-in-list-dependencies.patch
0003-cryptsetup-default-to-no-hash-when-keyfile-is-specif.patch
0004-core-fix-transaction-destructiveness-check-once-more.patch
- Avoid old net devices naming scheme on openSUSE 13.2 and less
maybe caused by patch
1098-udev-link_setup-respect-kernel-name-assign-policy.patch
------------------------------------------------------------------- -------------------------------------------------------------------
Thu Dec 11 09:32:31 UTC 2014 - thomas.blume@suse.com Thu Dec 11 09:32:31 UTC 2014 - thomas.blume@suse.com
@ -8,8 +20,8 @@ Thu Dec 11 09:32:31 UTC 2014 - thomas.blume@suse.com
Fri Dec 5 12:51:15 UTC 2014 - werner@suse.de Fri Dec 5 12:51:15 UTC 2014 - werner@suse.de
- Add upstream patch - Add upstream patch
1098-udev-link_setup-respect-kernel-name-assign-policy.patch 1098-udev-link_setup-respect-kernel-name-assign-policy.patch
which may solve bsc#907318 which may solve bsc#907318
------------------------------------------------------------------- -------------------------------------------------------------------
Fri Dec 5 12:13:02 UTC 2014 - werner@suse.de Fri Dec 5 12:13:02 UTC 2014 - werner@suse.de
@ -17,7 +29,6 @@ Fri Dec 5 12:13:02 UTC 2014 - werner@suse.de
- Add upstream patches - Add upstream patches
0001-units-make-sure-rfkill-service-is-bount-to-the-actua.patch 0001-units-make-sure-rfkill-service-is-bount-to-the-actua.patch
0002-rfkill-rework-how-we-generate-file-names-from-rfkill.patch 0002-rfkill-rework-how-we-generate-file-names-from-rfkill.patch
1097-udev-link_setup-respect-kernel-name-assign-policy.patch
------------------------------------------------------------------- -------------------------------------------------------------------
Fri Nov 28 13:26:21 UTC 2014 - rmilasan@suse.com Fri Nov 28 13:26:21 UTC 2014 - rmilasan@suse.com

View File

@ -1050,6 +1050,14 @@ Patch511: 0001-units-make-sure-rfkill-service-is-bount-to-the-actua.patch
Patch512: 0002-rfkill-rework-how-we-generate-file-names-from-rfkill.patch Patch512: 0002-rfkill-rework-how-we-generate-file-names-from-rfkill.patch
# PATCH-FIX-SUSE 513-nspawn-veth.patch (bnc#906709) # PATCH-FIX-SUSE 513-nspawn-veth.patch (bnc#906709)
Patch513: 513-nspawn-veth.patch Patch513: 513-nspawn-veth.patch
# PATCH-FIX-UPSTREAM added at 2014/12/15
Patch514: 0001-selinux-access-fix-broken-ternary-operator.patch
# PATCH-FIX-UPSTREAM added at 2014/12/15
Patch515: 0002-systemctl-show-BindsTo-BoundBy-in-list-dependencies.patch
# PATCH-FIX-UPSTREAM added at 2014/12/15
Patch516: 0003-cryptsetup-default-to-no-hash-when-keyfile-is-specif.patch
# PATCH-FIX-UPSTREAM added at 2014/12/15
Patch517: 0004-core-fix-transaction-destructiveness-check-once-more.patch
# UDEV PATCHES # UDEV PATCHES
# ============ # ============
@ -1925,6 +1933,10 @@ cp %{SOURCE7} m4/
%patch511 -p0 %patch511 -p0
%patch512 -p0 %patch512 -p0
%patch513 -p1 %patch513 -p1
%patch514 -p0
%patch515 -p0
%patch516 -p0
%patch517 -p0
# udev patches # udev patches
%patch1001 -p1 %patch1001 -p1
@ -2142,6 +2154,12 @@ export LDFLAGS
do do
sed -ri '/^ENV\{net.ifnames\}=="1", GOTO="[^"]*"$/{ s/=="1"/!="0"/ }' src/udev/rule_generator/${rules}.rules sed -ri '/^ENV\{net.ifnames\}=="1", GOTO="[^"]*"$/{ s/=="1"/!="0"/ }' src/udev/rule_generator/${rules}.rules
done done
%if 0%{?suse_version} <= 1320
for link in 99-default
do
sed -ri '/^NamePolicy=/{ s/kernel[[:blank:]]+// }' network/${link}.link
done
%endif
%endif %endif
cflags -pipe CFLAGS cflags -pipe CFLAGS
cflags -Wl,-O2 LDFLAGS cflags -Wl,-O2 LDFLAGS

View File

@ -1,3 +1,15 @@
-------------------------------------------------------------------
Mon Dec 15 15:02:22 UTC 2014 - werner@suse.de
- Add upstream patches
0001-selinux-access-fix-broken-ternary-operator.patch
0002-systemctl-show-BindsTo-BoundBy-in-list-dependencies.patch
0003-cryptsetup-default-to-no-hash-when-keyfile-is-specif.patch
0004-core-fix-transaction-destructiveness-check-once-more.patch
- Avoid old net devices naming scheme on openSUSE 13.2 and less
maybe caused by patch
1098-udev-link_setup-respect-kernel-name-assign-policy.patch
------------------------------------------------------------------- -------------------------------------------------------------------
Thu Dec 11 09:32:31 UTC 2014 - thomas.blume@suse.com Thu Dec 11 09:32:31 UTC 2014 - thomas.blume@suse.com
@ -8,8 +20,8 @@ Thu Dec 11 09:32:31 UTC 2014 - thomas.blume@suse.com
Fri Dec 5 12:51:15 UTC 2014 - werner@suse.de Fri Dec 5 12:51:15 UTC 2014 - werner@suse.de
- Add upstream patch - Add upstream patch
1098-udev-link_setup-respect-kernel-name-assign-policy.patch 1098-udev-link_setup-respect-kernel-name-assign-policy.patch
which may solve bsc#907318 which may solve bsc#907318
------------------------------------------------------------------- -------------------------------------------------------------------
Fri Dec 5 12:13:02 UTC 2014 - werner@suse.de Fri Dec 5 12:13:02 UTC 2014 - werner@suse.de
@ -17,7 +29,6 @@ Fri Dec 5 12:13:02 UTC 2014 - werner@suse.de
- Add upstream patches - Add upstream patches
0001-units-make-sure-rfkill-service-is-bount-to-the-actua.patch 0001-units-make-sure-rfkill-service-is-bount-to-the-actua.patch
0002-rfkill-rework-how-we-generate-file-names-from-rfkill.patch 0002-rfkill-rework-how-we-generate-file-names-from-rfkill.patch
1097-udev-link_setup-respect-kernel-name-assign-policy.patch
------------------------------------------------------------------- -------------------------------------------------------------------
Fri Nov 28 13:26:21 UTC 2014 - rmilasan@suse.com Fri Nov 28 13:26:21 UTC 2014 - rmilasan@suse.com

View File

@ -1045,6 +1045,14 @@ Patch511: 0001-units-make-sure-rfkill-service-is-bount-to-the-actua.patch
Patch512: 0002-rfkill-rework-how-we-generate-file-names-from-rfkill.patch Patch512: 0002-rfkill-rework-how-we-generate-file-names-from-rfkill.patch
# PATCH-FIX-SUSE 513-nspawn-veth.patch (bnc#906709) # PATCH-FIX-SUSE 513-nspawn-veth.patch (bnc#906709)
Patch513: 513-nspawn-veth.patch Patch513: 513-nspawn-veth.patch
# PATCH-FIX-UPSTREAM added at 2014/12/15
Patch514: 0001-selinux-access-fix-broken-ternary-operator.patch
# PATCH-FIX-UPSTREAM added at 2014/12/15
Patch515: 0002-systemctl-show-BindsTo-BoundBy-in-list-dependencies.patch
# PATCH-FIX-UPSTREAM added at 2014/12/15
Patch516: 0003-cryptsetup-default-to-no-hash-when-keyfile-is-specif.patch
# PATCH-FIX-UPSTREAM added at 2014/12/15
Patch517: 0004-core-fix-transaction-destructiveness-check-once-more.patch
# UDEV PATCHES # UDEV PATCHES
# ============ # ============
@ -1920,6 +1928,10 @@ cp %{SOURCE7} m4/
%patch511 -p0 %patch511 -p0
%patch512 -p0 %patch512 -p0
%patch513 -p1 %patch513 -p1
%patch514 -p0
%patch515 -p0
%patch516 -p0
%patch517 -p0
# udev patches # udev patches
%patch1001 -p1 %patch1001 -p1
@ -2137,6 +2149,12 @@ export LDFLAGS
do do
sed -ri '/^ENV\{net.ifnames\}=="1", GOTO="[^"]*"$/{ s/=="1"/!="0"/ }' src/udev/rule_generator/${rules}.rules sed -ri '/^ENV\{net.ifnames\}=="1", GOTO="[^"]*"$/{ s/=="1"/!="0"/ }' src/udev/rule_generator/${rules}.rules
done done
%if 0%{?suse_version} <= 1320
for link in 99-default
do
sed -ri '/^NamePolicy=/{ s/kernel[[:blank:]]+// }' network/${link}.link
done
%endif
%endif %endif
cflags -pipe CFLAGS cflags -pipe CFLAGS
cflags -Wl,-O2 LDFLAGS cflags -Wl,-O2 LDFLAGS