From 72d38507adea12df7ee42cc8a26256ff8233f8301ae061a72bd4d96885054a07 Mon Sep 17 00:00:00 2001 From: "Dr. Werner Fink" Date: Thu, 30 Oct 2014 14:13:42 +0000 Subject: [PATCH] . OBS-URL: https://build.opensuse.org/package/show/Base:System/systemd?expand=0&rev=809 --- ...-hppa-has-fewer-rtsigs-hence-avoid-u.patch | 79 ++++++++ ...upport-infinity-syntax-in-parse_nsec.patch | 40 ++++ ...t-from-format_timestamp_relative-on-.patch | 25 +++ ...-t-manage-to-properly-allocate-the-e.patch | 43 +++++ ...urnalctl-correct-help-text-for-until.patch | 21 ++ 0005-util-avoid-double-close-of-fd.patch | 10 +- 0006-calendarspec-fix-typo-in-annually.patch | 27 +++ ...not-ignore-errors-in-symlink-removal.patch | 26 +++ ...til-introduce-sethostname_idempotent.patch | 85 +++++++++ ...ste-error-and-actually-set-the-new-h.patch | 26 +++ ...l-unmounting-only-if-not-running-ins.patch | 27 +++ ...e-we-do-not-try-to-print-missing-fie.patch | 57 ++++++ ...rint-anything-while-passwords-are-be.patch | 180 ++++++++++++++++++ keep-crypt-password-prompt.patch | 45 ----- systemd-mini.changes | 20 ++ systemd-mini.spec | 39 +++- systemd.changes | 20 ++ systemd.spec | 39 +++- 18 files changed, 754 insertions(+), 55 deletions(-) create mode 100644 0001-manager-Linux-on-hppa-has-fewer-rtsigs-hence-avoid-u.patch create mode 100644 0002-time-also-support-infinity-syntax-in-parse_nsec.patch create mode 100644 0003-time-earlier-exit-from-format_timestamp_relative-on-.patch create mode 100644 0004-sd-bus-if-we-don-t-manage-to-properly-allocate-the-e.patch create mode 100644 0005-journalctl-correct-help-text-for-until.patch create mode 100644 0006-calendarspec-fix-typo-in-annually.patch create mode 100644 0007-systemctl-do-not-ignore-errors-in-symlink-removal.patch create mode 100644 0008-util-introduce-sethostname_idempotent.patch create mode 100644 0009-util-fix-copy-paste-error-and-actually-set-the-new-h.patch create mode 100644 0010-shutdown-do-final-unmounting-only-if-not-running-ins.patch create mode 100644 0011-selinux-make-sure-we-do-not-try-to-print-missing-fie.patch create mode 100644 0012-manager-do-not-print-anything-while-passwords-are-be.patch delete mode 100644 keep-crypt-password-prompt.patch diff --git a/0001-manager-Linux-on-hppa-has-fewer-rtsigs-hence-avoid-u.patch b/0001-manager-Linux-on-hppa-has-fewer-rtsigs-hence-avoid-u.patch new file mode 100644 index 0000000..f71e16b --- /dev/null +++ b/0001-manager-Linux-on-hppa-has-fewer-rtsigs-hence-avoid-u.patch @@ -0,0 +1,79 @@ +Based on 4dffec1459f50ac9f8f67ccfcb79836b4ed5a50e Mon Sep 17 00:00:00 2001 +From: Lennart Poettering +Date: Fri, 24 Oct 2014 13:44:45 +0200 +Subject: [PATCH] manager: Linux on hppa has fewer rtsigs, hence avoid using + the higher ones there + +https://bugs.freedesktop.org/show_bug.cgi?id=84931 +--- + src/core/manager.c | 29 +++++++++++++++++++++++++++-- + 1 file changed, 27 insertions(+), 2 deletions(-) + +--- src/core/manager.c ++++ src/core/manager.c 2014-10-29 14:02:28.635837997 +0000 +@@ -340,11 +340,14 @@ static int manager_setup_signals(Manager + + assert(m); + +- /* We are not interested in SIGSTOP and friends. */ + assert_se(sigaction(SIGCHLD, &sa, NULL) == 0); + +- assert_se(sigemptyset(&mask) == 0); ++ /* We make liberal use of realtime signals here. On ++ * Linux/glibc we have 30 of them (with the exception of Linux ++ * on hppa, see below), between SIGRTMIN+0 ... SIGRTMIN+30 ++ * (aka SIGRTMAX). */ + ++ assert_se(sigemptyset(&mask) == 0); + sigset_add_many(&mask, + SIGCHLD, /* Child died */ + SIGTERM, /* Reexecute daemon */ +@@ -354,6 +357,7 @@ static int manager_setup_signals(Manager + SIGINT, /* Kernel sends us this on control-alt-del */ + SIGWINCH, /* Kernel sends us this on kbrequest (alt-arrowup) */ + SIGPWR, /* Some kernel drivers and upsd send us this on power failure */ ++ + SIGRTMIN+0, /* systemd: start default.target */ + SIGRTMIN+1, /* systemd: isolate rescue.target */ + SIGRTMIN+2, /* systemd: isolate emergency.target */ +@@ -361,19 +365,40 @@ static int manager_setup_signals(Manager + SIGRTMIN+4, /* systemd: start poweroff.target */ + SIGRTMIN+5, /* systemd: start reboot.target */ + SIGRTMIN+6, /* systemd: start kexec.target */ ++ ++ /* ... space for more special targets ... */ ++ + SIGRTMIN+13, /* systemd: Immediate halt */ + SIGRTMIN+14, /* systemd: Immediate poweroff */ + SIGRTMIN+15, /* systemd: Immediate reboot */ + SIGRTMIN+16, /* systemd: Immediate kexec */ ++ ++ /* ... space for more immediate system state changes ... */ ++ + SIGRTMIN+20, /* systemd: enable status messages */ + SIGRTMIN+21, /* systemd: disable status messages */ + SIGRTMIN+22, /* systemd: set log level to LOG_DEBUG */ + SIGRTMIN+23, /* systemd: set log level to LOG_INFO */ + SIGRTMIN+24, /* systemd: Immediate exit (--user only) */ ++ ++ /* .. one free signal here ... */ ++ ++#if !defined(__hppa64__) && !defined(__hppa__) ++ /* Apparently Linux on hppa has fewer RT ++ * signals (SIGRTMAX is SIGRTMIN+25 there), ++ * hence let's not try to make use of them ++ * here. Since these commands are accessible ++ * by different means and only really a safety ++ * net, the missing functionality on hppa ++ * shouldn't matter. */ ++ + SIGRTMIN+26, /* systemd: set log target to journal-or-kmsg */ + SIGRTMIN+27, /* systemd: set log target to console */ + SIGRTMIN+28, /* systemd: set log target to kmsg */ + SIGRTMIN+29, /* systemd: set log target to syslog-or-kmsg */ ++ ++ /* ... one free signal here SIGRTMIN+30 ... */ ++#endif + -1); + assert_se(sigprocmask(SIG_SETMASK, &mask, NULL) == 0); + diff --git a/0002-time-also-support-infinity-syntax-in-parse_nsec.patch b/0002-time-also-support-infinity-syntax-in-parse_nsec.patch new file mode 100644 index 0000000..c1f4884 --- /dev/null +++ b/0002-time-also-support-infinity-syntax-in-parse_nsec.patch @@ -0,0 +1,40 @@ +Based on e73c78c27511b03c7abc55aed87896092c0de699 Mon Sep 17 00:00:00 2001 +From: Lennart Poettering +Date: Fri, 24 Oct 2014 19:07:26 +0200 +Subject: [PATCH] time: also support 'infinity' syntax in parse_nsec() + +Let's make parse_usec() and parse_nsec() work similar +--- + src/shared/time-util.c | 14 +++++++++++++- + 1 file changed, 13 insertions(+), 1 deletion(-) + +--- src/shared/time-util.c ++++ src/shared/time-util.c +@@ -773,7 +773,7 @@ int parse_nsec(const char *t, nsec_t *nsec) { + { "", 1ULL }, /* default is nsec */ + }; + +- const char *p; ++ const char *p, *s; + nsec_t r = 0; + bool something = false; + +@@ -781,6 +781,18 @@ int parse_nsec(const char *t, nsec_t *nsec) { + assert(nsec); + + p = t; ++ ++ p += strspn(p, WHITESPACE); ++ s = startswith(p, "infinity"); ++ if (s) { ++ s += strspn(s, WHITESPACE); ++ if (!*s != 0) ++ return -EINVAL; ++ ++ *nsec = ((nsec_t) -1); ++ return 0; ++ } ++ + for (;;) { + long long l, z = 0; + char *e; diff --git a/0003-time-earlier-exit-from-format_timestamp_relative-on-.patch b/0003-time-earlier-exit-from-format_timestamp_relative-on-.patch new file mode 100644 index 0000000..17cd7d1 --- /dev/null +++ b/0003-time-earlier-exit-from-format_timestamp_relative-on-.patch @@ -0,0 +1,25 @@ +Based on 65de0395ffe1cfb0f9af86504e8588fb31bb0fbc Mon Sep 17 00:00:00 2001 +From: Lennart Poettering +Date: Fri, 24 Oct 2014 19:08:22 +0200 +Subject: [PATCH] time: earlier exit from format_timestamp_relative() on + special times + +--- + src/shared/time-util.c | 3 +-- + 1 file changed, 1 insertion(+), 2 deletions(-) + +--- src/shared/time-util.c ++++ src/shared/time-util.c 2014-10-29 14:07:28.479838096 +0000 +@@ -194,11 +194,10 @@ char *format_timestamp_relative(char *bu + const char *s; + usec_t n, d; + +- n = now(CLOCK_REALTIME); +- + if (t <= 0 || (t == (usec_t) -1)) + return NULL; + ++ n = now(CLOCK_REALTIME); + if (n > t) { + d = n - t; + s = "ago"; diff --git a/0004-sd-bus-if-we-don-t-manage-to-properly-allocate-the-e.patch b/0004-sd-bus-if-we-don-t-manage-to-properly-allocate-the-e.patch new file mode 100644 index 0000000..9ab7a2d --- /dev/null +++ b/0004-sd-bus-if-we-don-t-manage-to-properly-allocate-the-e.patch @@ -0,0 +1,43 @@ +From 455cd8b137b8ef45d04889f2d967c562a097f1e6 Mon Sep 17 00:00:00 2001 +From: Lennart Poettering +Date: Fri, 24 Oct 2014 19:24:53 +0200 +Subject: [PATCH] sd-bus: if we don't manage to properly allocate the error + message for an sd_bus_error, just go on + +sd_bus_error_setfv() must initialize the sd_bus_error value to some +sensible value and then return a good errno code matching that. If it +cannot work at all it should set the error statically to the OOM error. +But if it can work half-way (i.e. initialize the name, but not the +message) it should do so and still return the correct errno number for +it. + +This effectively reverts 8bf13eb1e02b9977ae1cd331ae5dc7305a305a09 +--- + src/libsystemd/sd-bus/bus-error.c | 11 ++++------- + 1 file changed, 4 insertions(+), 7 deletions(-) + +diff --git src/libsystemd/sd-bus/bus-error.c src/libsystemd/sd-bus/bus-error.c +index 5ca974a..af83c12 100644 +--- src/libsystemd/sd-bus/bus-error.c ++++ src/libsystemd/sd-bus/bus-error.c +@@ -194,13 +194,10 @@ int bus_error_setfv(sd_bus_error *e, const char *name, const char *format, va_li + return -ENOMEM; + } + +- if (format) { +- int r; +- +- r = vasprintf((char**) &e->message, format, ap); +- if (r < 0) +- return -ENOMEM; +- } ++ /* Of we hit OOM on formatting the pretty message, we ignore ++ * this, since we at least managed to write the error name */ ++ if (format) ++ (void) vasprintf((char**) &e->message, format, ap); + + e->_need_free = 1; + +-- +1.7.9.2 + diff --git a/0005-journalctl-correct-help-text-for-until.patch b/0005-journalctl-correct-help-text-for-until.patch new file mode 100644 index 0000000..77563fa --- /dev/null +++ b/0005-journalctl-correct-help-text-for-until.patch @@ -0,0 +1,21 @@ +Based on 7558251eef610e71595a0aa48952479906cb899a Mon Sep 17 00:00:00 2001 +From: Santiago Vila +Date: Sat, 25 Oct 2014 10:40:30 -0400 +Subject: [PATCH] journalctl: correct help text for --until + +http://bugs.debian.org/766598 +--- + src/journal/journalctl.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +--- src/journal/journalctl.c ++++ src/journal/journalctl.c 2014-10-29 14:10:18.863838313 +0000 +@@ -171,7 +171,7 @@ static int help(void) { + " --user Show only the user journal for the current user\n" + " -M --machine=CONTAINER Operate on local container\n" + " --since=DATE Start showing entries on or newer than the specified date\n" +- " --until=DATE Stop showing entries on or older than the specified date\n" ++ " --until=DATE Stop showing entries on or newer than the specified date\n" + " -c --cursor=CURSOR Start showing entries from the specified cursor\n" + " --after-cursor=CURSOR Start showing entries from after the specified cursor\n" + " --show-cursor Print the cursor after all the entries\n" diff --git a/0005-util-avoid-double-close-of-fd.patch b/0005-util-avoid-double-close-of-fd.patch index 85953be..e1b5dac 100644 --- a/0005-util-avoid-double-close-of-fd.patch +++ b/0005-util-avoid-double-close-of-fd.patch @@ -11,15 +11,17 @@ safe_close. CID#996223 --- - src/shared/util.c | 1 + - 1 file changed, 1 insertion(+) + src/shared/util.c | 3 ++- + 1 file changed, 2 insertions(+), 1 deletion(-) --- src/shared/util.c +++ src/shared/util.c 2014-10-14 15:42:22.515839157 +0000 -@@ -1969,6 +1969,7 @@ int acquire_terminal( +@@ -1969,7 +1969,8 @@ int acquire_terminal( + * ended our handle will be dead. It's important that * we do this after sleeping, so that we don't enter * an endless loop. */ - close_nointr_nofail(fd); +- close_nointr_nofail(fd); ++ if (fd >= 0) close_nointr_nofail(fd); + fd = -1; } diff --git a/0006-calendarspec-fix-typo-in-annually.patch b/0006-calendarspec-fix-typo-in-annually.patch new file mode 100644 index 0000000..7e69596 --- /dev/null +++ b/0006-calendarspec-fix-typo-in-annually.patch @@ -0,0 +1,27 @@ +From e90efc70900f8e69cfbafd9e9508bdeb4d40dad7 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= +Date: Sat, 25 Oct 2014 11:59:36 -0400 +Subject: [PATCH] calendarspec: fix typo in "annually" + +https://bugs.freedesktop.org/show_bug.cgi?id=85447 +--- + src/shared/calendarspec.c | 3 ++- + 1 file changed, 2 insertions(+), 1 deletion(-) + +diff --git src/shared/calendarspec.c src/shared/calendarspec.c +index 4ac74ab..64d0dec 100644 +--- src/shared/calendarspec.c ++++ src/shared/calendarspec.c +@@ -688,7 +688,8 @@ int calendar_spec_from_string(const char *p, CalendarSpec **spec) { + if (r < 0) + goto fail; + +- } else if (strcaseeq(p, "anually") || strcaseeq(p, "yearly")) { ++ } else if (strcaseeq(p, "annually") || strcaseeq(p, "yearly") ++ || strcaseeq(p, "anually") /* backwards compatibility */ ) { + r = const_chain(1, &c->month); + if (r < 0) + goto fail; +-- +1.7.9.2 + diff --git a/0007-systemctl-do-not-ignore-errors-in-symlink-removal.patch b/0007-systemctl-do-not-ignore-errors-in-symlink-removal.patch new file mode 100644 index 0000000..a161a1c --- /dev/null +++ b/0007-systemctl-do-not-ignore-errors-in-symlink-removal.patch @@ -0,0 +1,26 @@ +From e95c98378ac2d34df864de4a9b785fd17defb77b Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= +Date: Sat, 25 Oct 2014 15:15:28 -0400 +Subject: [PATCH] systemctl: do not ignore errors in symlink removal + +On an ro fs, systemctl disable ... would fail silently. +--- + src/shared/install.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git src/shared/install.c src/shared/install.c +index 0d7c30e..035b44c 100644 +--- src/shared/install.c ++++ src/shared/install.c +@@ -1679,7 +1679,7 @@ int unit_file_disable( + r = install_context_mark_for_removal(&c, &paths, &remove_symlinks_to, config_path, root_dir); + + q = remove_marked_symlinks(remove_symlinks_to, config_path, changes, n_changes, files); +- if (r == 0) ++ if (r >= 0) + r = q; + + return r; +-- +1.7.9.2 + diff --git a/0008-util-introduce-sethostname_idempotent.patch b/0008-util-introduce-sethostname_idempotent.patch new file mode 100644 index 0000000..5b42ce1 --- /dev/null +++ b/0008-util-introduce-sethostname_idempotent.patch @@ -0,0 +1,85 @@ +Based on 605f81a8968b2df8a28cca2cf11db99ab948a2af Mon Sep 17 00:00:00 2001 +From: Michal Sekletar +Date: Tue, 21 Oct 2014 18:17:54 +0200 +Subject: [PATCH] util: introduce sethostname_idempotent + +Function queries system hostname and applies changes only when necessary. Also, +migrate all client of sethostname to sethostname_idempotent while at it. +--- + src/core/hostname-setup.c | 2 +- + src/hostname/hostnamed.c | 2 +- + src/nspawn/nspawn.c | 2 +- + src/shared/util.c | 20 ++++++++++++++++++++ + src/shared/util.h | 2 ++ + 5 files changed, 25 insertions(+), 3 deletions(-) + +--- src/core/hostname-setup.c ++++ src/core/hostname-setup.c 2014-10-29 00:00:00.000000000 +0000 +@@ -99,7 +99,7 @@ int hostname_setup(void) { + hn = "localhost"; + } + +- if (sethostname(hn, strlen(hn)) < 0) { ++ if (sethostname_idempotent(hn) < 0) { + log_warning("Failed to set hostname to <%s>: %m", hn); + return -errno; + } +--- src/hostname/hostnamed.c ++++ src/hostname/hostnamed.c 2014-10-29 14:13:26.124337751 +0000 +@@ -244,7 +244,7 @@ static int context_write_data_hostname(C + else + hn = c->data[PROP_HOSTNAME]; + +- if (sethostname(hn, strlen(hn)) < 0) ++ if (sethostname_idempotent(hn) < 0) + return -errno; + + return 0; +--- src/nspawn/nspawn.c ++++ src/nspawn/nspawn.c 2014-10-29 00:00:00.000000000 +0000 +@@ -981,7 +981,7 @@ static int setup_hostname(void) { + if (arg_share_system) + return 0; + +- if (sethostname(arg_machine, strlen(arg_machine)) < 0) ++ if (sethostname_idempotent(arg_machine) < 0) + return -errno; + + return 0; +--- src/shared/util.c ++++ src/shared/util.c 2014-10-29 00:00:00.000000000 +0000 +@@ -6451,6 +6451,26 @@ int fd_warn_permissions(const char *path + return 0; + } + ++int sethostname_idempotent(const char *s) { ++ int r; ++ char buf[HOST_NAME_MAX + 1] = {}; ++ ++ assert(s); ++ ++ r = gethostname(buf, sizeof(buf)); ++ if (r < 0) ++ return -errno; ++ ++ if (streq(buf, s)) ++ return 0; ++ ++ r = sethostname(buf, strlen(buf)); ++ if (r < 0) ++ return -errno; ++ ++ return 1; ++} ++ + unsigned long personality_from_string(const char *p) { + + /* Parse a personality specifier. We introduce our own +--- src/shared/util.h ++++ src/shared/util.h 2014-10-29 14:14:15.764337717 +0000 +@@ -899,3 +899,5 @@ union file_handle_union { + }; + + int umount_recursive(const char *target, int flags); ++ ++int sethostname_idempotent(const char *s); diff --git a/0009-util-fix-copy-paste-error-and-actually-set-the-new-h.patch b/0009-util-fix-copy-paste-error-and-actually-set-the-new-h.patch new file mode 100644 index 0000000..0e7fdba --- /dev/null +++ b/0009-util-fix-copy-paste-error-and-actually-set-the-new-h.patch @@ -0,0 +1,26 @@ +From a9169c1c589bf7c7a29e7905d17e350ce7c7c48e Mon Sep 17 00:00:00 2001 +From: Michal Sekletar +Date: Mon, 27 Oct 2014 11:08:26 +0100 +Subject: [PATCH] util: fix copy-paste error and actually set the new hostname + +Reported-by: sztanpet on irc +--- + src/shared/util.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git src/shared/util.c src/shared/util.c +index 7d94a28..4143f6d 100644 +--- src/shared/util.c ++++ src/shared/util.c +@@ -7189,7 +7189,7 @@ int sethostname_idempotent(const char *s) { + if (streq(buf, s)) + return 0; + +- r = sethostname(buf, strlen(buf)); ++ r = sethostname(s, strlen(s)); + if (r < 0) + return -errno; + +-- +1.7.9.2 + diff --git a/0010-shutdown-do-final-unmounting-only-if-not-running-ins.patch b/0010-shutdown-do-final-unmounting-only-if-not-running-ins.patch new file mode 100644 index 0000000..cafa532 --- /dev/null +++ b/0010-shutdown-do-final-unmounting-only-if-not-running-ins.patch @@ -0,0 +1,27 @@ +Based on d89b5fed9ea5d9ec293585cb85bb27b56ea6ac9c Mon Sep 17 00:00:00 2001 +From: Michal Sekletar +Date: Tue, 21 Oct 2014 18:38:42 +0200 +Subject: [PATCH] shutdown: do final unmounting only if not running inside the + container + +If we run in the container then we run in a mount namespace. If namespace dies +then kernel should do unmounting for us, hence we skip unmounting in containers. + +Also, it may be the case that we no longer have capability to do umount, +because we are running in the unprivileged container. + +See: http://lists.freedesktop.org/archives/systemd-devel/2014-October/023536.html +--- + src/core/shutdown.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +--- src/core/shutdown.c ++++ src/core/shutdown.c 2014-10-29 14:18:38.767837898 +0000 +@@ -278,6 +278,7 @@ int main(int argc, char *argv[]) { + broadcast_signal(SIGKILL, true, false); + + if (in_container) { ++ need_umount = false; + need_swapoff = false; + need_dm_detach = false; + need_loop_detach = false; diff --git a/0011-selinux-make-sure-we-do-not-try-to-print-missing-fie.patch b/0011-selinux-make-sure-we-do-not-try-to-print-missing-fie.patch new file mode 100644 index 0000000..1592a5a --- /dev/null +++ b/0011-selinux-make-sure-we-do-not-try-to-print-missing-fie.patch @@ -0,0 +1,57 @@ +Based on dec23413ecc90d4a547aa41f02af0482b4513495 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= +Date: Mon, 27 Oct 2014 21:31:29 -0400 +Subject: [PATCH] selinux: make sure we do not try to print missing fields + +UID or GID of 0 is valid, so we cannot use that to distinguish whether +calls to sd_bus_creds_get_* succeeded, and the return value from the +function is the only way to know about missing fields. Print "n/a" if +the fields are missing. + +CID #1238779 +--- + src/core/selinux-access.c | 18 ++++++++++++------ + 1 file changed, 12 insertions(+), 6 deletions(-) + +diff --git src/core/selinux-access.c src/core/selinux-access.c +index 08ea6ef..351d48f 100644 +--- src/core/selinux-access.c ++++ src/core/selinux-access.c +@@ -53,7 +53,7 @@ struct audit_info { + + /* + Any time an access gets denied this callback will be called +- with the aduit data. We then need to just copy the audit data into the msgbuf. ++ with the audit data. We then need to just copy the audit data into the msgbuf. + */ + static int audit_callback( + void *auditdata, +@@ -64,14 +64,20 @@ static int audit_callback( + const struct audit_info *audit = auditdata; + uid_t uid = 0, login_uid = 0; + gid_t gid = 0; ++ char login_uid_buf[DECIMAL_STR_MAX(uid_t)] = "n/a"; ++ char uid_buf[DECIMAL_STR_MAX(uid_t)] = "n/a"; ++ char gid_buf[DECIMAL_STR_MAX(gid_t)] = "n/a"; + +- sd_bus_creds_get_audit_login_uid(audit->creds, &login_uid); +- sd_bus_creds_get_uid(audit->creds, &uid); +- sd_bus_creds_get_gid(audit->creds, &gid); ++ if (sd_bus_creds_get_audit_login_uid(audit->creds, &login_uid) >= 0) ++ snprintf(login_uid_buf, sizeof(login_uid_buf), UID_FMT, login_uid); ++ if (sd_bus_creds_get_uid(audit->creds, &uid) >= 0) ++ snprintf(uid_buf, sizeof(uid_buf), UID_FMT, uid); ++ if (sd_bus_creds_get_gid(audit->creds, &gid) >= 0) ++ snprintf(gid_buf, sizeof(gid_buf), "%lu", (unsigned long)gid); + + snprintf(msgbuf, msgbufsize, +- "auid=%d uid=%d gid=%d%s%s%s%s%s%s", +- login_uid, uid, gid, ++ "auid=%s uid=%s gid=%s%s%s%s%s%s%s", ++ login_uid_buf, uid_buf, gid_buf, + audit->path ? " path=\"" : "", strempty(audit->path), audit->path ? "\"" : "", + audit->cmdline ? " cmdline=\"" : "", strempty(audit->cmdline), audit->cmdline ? "\"" : ""); + +-- +1.7.9.2 + diff --git a/0012-manager-do-not-print-anything-while-passwords-are-be.patch b/0012-manager-do-not-print-anything-while-passwords-are-be.patch new file mode 100644 index 0000000..88c30ea --- /dev/null +++ b/0012-manager-do-not-print-anything-while-passwords-are-be.patch @@ -0,0 +1,180 @@ +Based on e46b13c8c7f48f81d4e09912f2265daaa7f6d27e Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= +Date: Sat, 25 Oct 2014 20:30:51 -0400 +Subject: [PATCH] manager: do not print anything while passwords are being + queried + +https://bugs.freedesktop.org/show_bug.cgi?id=73942 +--- + src/core/manager.c | 105 ++++++++++++++++++++++++++++++++++++++++++++++++++++- + src/core/manager.h | 5 ++ + 2 files changed, 109 insertions(+), 1 deletion(-) + +--- src/core/manager.c ++++ src/core/manager.c 2014-10-29 14:31:18.984212089 +0000 +@@ -25,6 +25,8 @@ + #include + #include + #include ++#include ++#include + #include + #include + #include +@@ -212,6 +214,96 @@ static void manager_print_jobs_in_progre + + } + ++static int have_ask_password(void) { ++ _cleanup_closedir_ DIR *dir; ++ ++ dir = opendir("/run/systemd/ask-password"); ++ if (!dir) { ++ if (errno == ENOENT) ++ return false; ++ else ++ return -errno; ++ } ++ ++ for (;;) { ++ struct dirent *de; ++ ++ errno = 0; ++ de = readdir(dir); ++ if (!de && errno != 0) ++ return -errno; ++ if (!de) ++ return false; ++ ++ if (startswith(de->d_name, "ask.")) ++ return true; ++ } ++} ++ ++static int manager_dispatch_ask_password_fd(sd_event_source *source, ++ int fd, uint32_t revents, void *userdata) { ++ Manager *m = userdata; ++ ++ assert(m); ++ ++ flush_fd(fd); ++ ++ m->have_ask_password = have_ask_password(); ++ if (m->have_ask_password < 0) ++ /* Log error but continue. Negative have_ask_password ++ * is treated as unknown status. */ ++ log_error("Failed to list /run/systemd/ask-password: %s", strerror(m->have_ask_password)); ++ ++ return 0; ++} ++ ++static void manager_close_ask_password(Manager *m) { ++ assert(m); ++ if (m->ask_password_inotify_fd >= 0) close_nointr_nofail(m->ask_password_inotify_fd); ++ m->ask_password_inotify_fd = -1; ++ m->ask_password_event_source = sd_event_source_unref(m->ask_password_event_source); ++ m->have_ask_password = -EINVAL; ++} ++ ++static int manager_check_ask_password(Manager *m) { ++ int r; ++ ++ assert(m); ++ ++ if (!m->ask_password_event_source) { ++ assert(m->ask_password_inotify_fd < 0); ++ ++ mkdir_p_label("/run/systemd/ask-password", 0755); ++ ++ m->ask_password_inotify_fd = inotify_init1(IN_NONBLOCK|IN_CLOEXEC); ++ if (m->ask_password_inotify_fd < 0) { ++ log_error("inotify_init1() failed: %m"); ++ return -errno; ++ } ++ ++ if (inotify_add_watch(m->ask_password_inotify_fd, "/run/systemd/ask-password", IN_CREATE|IN_DELETE|IN_MOVE) < 0) { ++ log_error("Failed to add watch on /run/systemd/ask-password: %m"); ++ manager_close_ask_password(m); ++ return -errno; ++ } ++ ++ r = sd_event_add_io(m->event, &m->ask_password_event_source, ++ m->ask_password_inotify_fd, EPOLLIN, ++ manager_dispatch_ask_password_fd, m); ++ if (r < 0) { ++ log_error("Failed to add event source for /run/systemd/ask-password: %m"); ++ manager_close_ask_password(m); ++ return -errno; ++ } ++ ++ /* Queries might have been added meanwhile... */ ++ manager_dispatch_ask_password_fd(m->ask_password_event_source, ++ m->ask_password_inotify_fd, EPOLLIN, m); ++ } ++ ++ return m->have_ask_password; ++} ++ + static int manager_watch_idle_pipe(Manager *m) { + int r; + +@@ -470,6 +562,9 @@ int manager_new(SystemdRunningAs running + m->pin_cgroupfs_fd = m->notify_fd = m->signal_fd = m->time_change_fd = m->dev_autofs_fd = m->private_listen_fd = m->kdbus_fd = -1; + m->current_job_id = 1; /* start as id #1, so that we can leave #0 around as "null-like" value */ + ++ m->ask_password_inotify_fd = -1; ++ m->have_ask_password = -EINVAL; /* we don't know */ ++ + r = manager_default_environment(m); + if (r < 0) + goto fail; +@@ -847,6 +942,8 @@ void manager_free(Manager *m) { + if (m->kdbus_fd >= 0) + close_nointr_nofail(m->kdbus_fd); + ++ manager_close_ask_password(m); ++ + manager_close_idle_pipe(m); + + udev_unref(m->udev); +@@ -2526,6 +2623,9 @@ void manager_check_finished(Manager *m) + /* Turn off confirm spawn now */ + m->confirm_spawn = false; + ++ /* No need to update ask password status when we're going non-interactive */ ++ manager_close_ask_password(m); ++ + if (dual_timestamp_is_set(&m->finish_timestamp)) + return; + +@@ -2843,12 +2943,15 @@ static bool manager_get_show_status(Mana + if (m->no_console_output) + return false; + ++ /* If we cannot find out the status properly, just proceed. */ ++ if (manager_check_ask_password(m) > 0) ++ return false; ++ + if (m->show_status > 0) + return true; + + /* If Plymouth is running make sure we show the status, so + * that there's something nice to see when people press Esc */ +- + return plymouth_running(); + } + +--- src/core/manager.h ++++ src/core/manager.h 2014-10-29 00:00:00.000000000 +0000 +@@ -231,6 +231,11 @@ struct Manager { + unsigned n_on_console; + unsigned jobs_in_progress_iteration; + ++ /* Do we have any outstanding password prompts? */ ++ int have_ask_password; ++ int ask_password_inotify_fd; ++ sd_event_source *ask_password_event_source; ++ + /* Type=idle pipes */ + int idle_pipe[4]; + sd_event_source *idle_pipe_event_source; diff --git a/keep-crypt-password-prompt.patch b/keep-crypt-password-prompt.patch deleted file mode 100644 index ba356b5..0000000 --- a/keep-crypt-password-prompt.patch +++ /dev/null @@ -1,45 +0,0 @@ -Index: systemd-210/src/core/manager.c -=================================================================== ---- systemd-210.orig/src/core/manager.c -+++ systemd-210/src/core/manager.c -@@ -152,6 +152,29 @@ void manager_flip_auto_status(Manager *m - } - } - -+static int check_for_password_prompt(void) { -+ DIR *d; -+ struct dirent *de; -+ -+ if (!(d = opendir("/run/systemd/ask-password"))) { -+ -+ if (errno == ENOENT) -+ return 1; -+ log_error("opendir(/run/systemd/ask-password): %m"); -+ -+ return -errno; -+ } -+ -+ while ((de = readdir(d))) { -+ if (startswith(de->d_name, "ask.")) { -+ closedir(d); -+ return 0; -+ } -+ } -+ closedir(d); -+ return 1; -+} -+ - static void manager_print_jobs_in_progress(Manager *m) { - static int is_ansi_console = -1; - _cleanup_free_ char *job_of_n = NULL; -@@ -195,6 +218,10 @@ static void manager_print_jobs_in_progre - - m->jobs_in_progress_iteration++; - -+ //don't overwrite the crypt password prompt with job status messages -+ if (check_for_password_prompt() == 0) -+ return; -+ - if (m->n_running_jobs > 1) - if (asprintf(&job_of_n, "(%u of %u) ", counter, m->n_running_jobs) < 0) - job_of_n = NULL; diff --git a/systemd-mini.changes b/systemd-mini.changes index 9cc8fc5..1b48b77 100644 --- a/systemd-mini.changes +++ b/systemd-mini.changes @@ -1,3 +1,23 @@ +------------------------------------------------------------------- +Thu Oct 30 10:45:01 UTC 2014 - werner@suse.de + +- Add upstream patches + 0001-manager-Linux-on-hppa-has-fewer-rtsigs-hence-avoid-u.patch + 0002-time-also-support-infinity-syntax-in-parse_nsec.patch + 0003-time-earlier-exit-from-format_timestamp_relative-on-.patch + 0004-sd-bus-if-we-don-t-manage-to-properly-allocate-the-e.patch + 0005-journalctl-correct-help-text-for-until.patch + 0006-calendarspec-fix-typo-in-annually.patch + 0007-systemctl-do-not-ignore-errors-in-symlink-removal.patch + 0008-util-introduce-sethostname_idempotent.patch + 0009-util-fix-copy-paste-error-and-actually-set-the-new-h.patch + 0010-shutdown-do-final-unmounting-only-if-not-running-ins.patch + 0011-selinux-make-sure-we-do-not-try-to-print-missing-fie.patch +- Replace patch + keep-crypt-password-prompt.patch as this with + upstream patch + 0012-manager-do-not-print-anything-while-passwords-are-be.patch + ------------------------------------------------------------------- Fri Oct 24 13:02:45 UTC 2014 - werner@suse.de diff --git a/systemd-mini.spec b/systemd-mini.spec index ebf35cc..291c2fd 100644 --- a/systemd-mini.spec +++ b/systemd-mini.spec @@ -438,8 +438,6 @@ Patch202: 0004-implement-a-union-to-pad-out-file_handle.patch Patch203: respect-nfs-bg-option.patch # PATCH-FIX-UPSTREAM Stop useless messages on dual_timestamp_is_set is failed. Patch204: shut-up-annoying-assertion-monotonic-clock-message.patch -# PATCH-FIX-SUSE Do not override the passphrase prompts due messages of busy jobs -Patch205: keep-crypt-password-prompt.patch # PATCH-FIX-UPSTREAM Fix uninitialized memory Patch206: 0001-sd-rtnl-message-append-fix-uninitialized-memory.patch # PATCH-FIX-UPSTREAM Make systemd user journal accessible by users (bnc#876694) @@ -978,6 +976,30 @@ Patch473: 0005-cryptsetup-fix-an-OOM-check.patch Patch474: 0002-shutdown-pass-own-argv-to-run-initramfs-shutdown.patch # PATCH-FIX-SUSE added at 2014/10/24 Patch475: journald-advice-about-use-of-memory.patch +# PATCH-FIX-UPSTREAM added at 2014/10/28 +Patch476: 0001-manager-Linux-on-hppa-has-fewer-rtsigs-hence-avoid-u.patch +# PATCH-FIX-UPSTREAM added at 2014/10/28 +Patch477: 0002-time-also-support-infinity-syntax-in-parse_nsec.patch +# PATCH-FIX-UPSTREAM added at 2014/10/28 +Patch478: 0003-time-earlier-exit-from-format_timestamp_relative-on-.patch +# PATCH-FIX-UPSTREAM added at 2014/10/28 +Patch479: 0004-sd-bus-if-we-don-t-manage-to-properly-allocate-the-e.patch +# PATCH-FIX-UPSTREAM added at 2014/10/28 +Patch480: 0005-journalctl-correct-help-text-for-until.patch +# PATCH-FIX-UPSTREAM added at 2014/10/28 +Patch481: 0006-calendarspec-fix-typo-in-annually.patch +# PATCH-FIX-UPSTREAM added at 2014/10/28 +Patch482: 0007-systemctl-do-not-ignore-errors-in-symlink-removal.patch +# PATCH-FIX-UPSTREAM added at 2014/10/28 +Patch483: 0008-util-introduce-sethostname_idempotent.patch +# PATCH-FIX-UPSTREAM added at 2014/10/28 +Patch484: 0009-util-fix-copy-paste-error-and-actually-set-the-new-h.patch +# PATCH-FIX-UPSTREAM added at 2014/10/28 +Patch485: 0010-shutdown-do-final-unmounting-only-if-not-running-ins.patch +# PATCH-FIX-UPSTREAM added at 2014/10/28 +Patch486: 0011-selinux-make-sure-we-do-not-try-to-print-missing-fie.patch +# PATCH-FIX-UPSTREAM added at 2014/10/28 +Patch487: 0012-manager-do-not-print-anything-while-passwords-are-be.patch # UDEV PATCHES # ============ @@ -1526,7 +1548,6 @@ cp %{SOURCE7} m4/ %patch202 -p0 %patch203 -p1 %patch204 -p1 -%patch205 -p1 %patch206 -p0 %patch207 -p0 %patch208 -p1 @@ -1799,6 +1820,18 @@ cp %{SOURCE7} m4/ %patch473 -p0 %patch474 -p0 %patch475 -p0 +%patch476 -p0 +%patch477 -p0 +%patch478 -p0 +%patch479 -p0 +%patch480 -p0 +%patch481 -p0 +%patch482 -p0 +%patch483 -p0 +%patch484 -p0 +%patch485 -p0 +%patch486 -p0 +%patch487 -p0 # udev patches %patch1001 -p1 diff --git a/systemd.changes b/systemd.changes index 9cc8fc5..1b48b77 100644 --- a/systemd.changes +++ b/systemd.changes @@ -1,3 +1,23 @@ +------------------------------------------------------------------- +Thu Oct 30 10:45:01 UTC 2014 - werner@suse.de + +- Add upstream patches + 0001-manager-Linux-on-hppa-has-fewer-rtsigs-hence-avoid-u.patch + 0002-time-also-support-infinity-syntax-in-parse_nsec.patch + 0003-time-earlier-exit-from-format_timestamp_relative-on-.patch + 0004-sd-bus-if-we-don-t-manage-to-properly-allocate-the-e.patch + 0005-journalctl-correct-help-text-for-until.patch + 0006-calendarspec-fix-typo-in-annually.patch + 0007-systemctl-do-not-ignore-errors-in-symlink-removal.patch + 0008-util-introduce-sethostname_idempotent.patch + 0009-util-fix-copy-paste-error-and-actually-set-the-new-h.patch + 0010-shutdown-do-final-unmounting-only-if-not-running-ins.patch + 0011-selinux-make-sure-we-do-not-try-to-print-missing-fie.patch +- Replace patch + keep-crypt-password-prompt.patch as this with + upstream patch + 0012-manager-do-not-print-anything-while-passwords-are-be.patch + ------------------------------------------------------------------- Fri Oct 24 13:02:45 UTC 2014 - werner@suse.de diff --git a/systemd.spec b/systemd.spec index 84c08e2..1f60d3c 100644 --- a/systemd.spec +++ b/systemd.spec @@ -433,8 +433,6 @@ Patch202: 0004-implement-a-union-to-pad-out-file_handle.patch Patch203: respect-nfs-bg-option.patch # PATCH-FIX-UPSTREAM Stop useless messages on dual_timestamp_is_set is failed. Patch204: shut-up-annoying-assertion-monotonic-clock-message.patch -# PATCH-FIX-SUSE Do not override the passphrase prompts due messages of busy jobs -Patch205: keep-crypt-password-prompt.patch # PATCH-FIX-UPSTREAM Fix uninitialized memory Patch206: 0001-sd-rtnl-message-append-fix-uninitialized-memory.patch # PATCH-FIX-UPSTREAM Make systemd user journal accessible by users (bnc#876694) @@ -973,6 +971,30 @@ Patch473: 0005-cryptsetup-fix-an-OOM-check.patch Patch474: 0002-shutdown-pass-own-argv-to-run-initramfs-shutdown.patch # PATCH-FIX-SUSE added at 2014/10/24 Patch475: journald-advice-about-use-of-memory.patch +# PATCH-FIX-UPSTREAM added at 2014/10/28 +Patch476: 0001-manager-Linux-on-hppa-has-fewer-rtsigs-hence-avoid-u.patch +# PATCH-FIX-UPSTREAM added at 2014/10/28 +Patch477: 0002-time-also-support-infinity-syntax-in-parse_nsec.patch +# PATCH-FIX-UPSTREAM added at 2014/10/28 +Patch478: 0003-time-earlier-exit-from-format_timestamp_relative-on-.patch +# PATCH-FIX-UPSTREAM added at 2014/10/28 +Patch479: 0004-sd-bus-if-we-don-t-manage-to-properly-allocate-the-e.patch +# PATCH-FIX-UPSTREAM added at 2014/10/28 +Patch480: 0005-journalctl-correct-help-text-for-until.patch +# PATCH-FIX-UPSTREAM added at 2014/10/28 +Patch481: 0006-calendarspec-fix-typo-in-annually.patch +# PATCH-FIX-UPSTREAM added at 2014/10/28 +Patch482: 0007-systemctl-do-not-ignore-errors-in-symlink-removal.patch +# PATCH-FIX-UPSTREAM added at 2014/10/28 +Patch483: 0008-util-introduce-sethostname_idempotent.patch +# PATCH-FIX-UPSTREAM added at 2014/10/28 +Patch484: 0009-util-fix-copy-paste-error-and-actually-set-the-new-h.patch +# PATCH-FIX-UPSTREAM added at 2014/10/28 +Patch485: 0010-shutdown-do-final-unmounting-only-if-not-running-ins.patch +# PATCH-FIX-UPSTREAM added at 2014/10/28 +Patch486: 0011-selinux-make-sure-we-do-not-try-to-print-missing-fie.patch +# PATCH-FIX-UPSTREAM added at 2014/10/28 +Patch487: 0012-manager-do-not-print-anything-while-passwords-are-be.patch # UDEV PATCHES # ============ @@ -1521,7 +1543,6 @@ cp %{SOURCE7} m4/ %patch202 -p0 %patch203 -p1 %patch204 -p1 -%patch205 -p1 %patch206 -p0 %patch207 -p0 %patch208 -p1 @@ -1794,6 +1815,18 @@ cp %{SOURCE7} m4/ %patch473 -p0 %patch474 -p0 %patch475 -p0 +%patch476 -p0 +%patch477 -p0 +%patch478 -p0 +%patch479 -p0 +%patch480 -p0 +%patch481 -p0 +%patch482 -p0 +%patch483 -p0 +%patch484 -p0 +%patch485 -p0 +%patch486 -p0 +%patch487 -p0 # udev patches %patch1001 -p1