.
OBS-URL: https://build.opensuse.org/package/show/Base:System/systemd?expand=0&rev=809
This commit is contained in:
parent
79eda68cf7
commit
72d38507ad
@ -0,0 +1,79 @@
|
||||
Based on 4dffec1459f50ac9f8f67ccfcb79836b4ed5a50e Mon Sep 17 00:00:00 2001
|
||||
From: Lennart Poettering <lennart@poettering.net>
|
||||
Date: Fri, 24 Oct 2014 13:44:45 +0200
|
||||
Subject: [PATCH] manager: Linux on hppa has fewer rtsigs, hence avoid using
|
||||
the higher ones there
|
||||
|
||||
https://bugs.freedesktop.org/show_bug.cgi?id=84931
|
||||
---
|
||||
src/core/manager.c | 29 +++++++++++++++++++++++++++--
|
||||
1 file changed, 27 insertions(+), 2 deletions(-)
|
||||
|
||||
--- src/core/manager.c
|
||||
+++ src/core/manager.c 2014-10-29 14:02:28.635837997 +0000
|
||||
@@ -340,11 +340,14 @@ static int manager_setup_signals(Manager
|
||||
|
||||
assert(m);
|
||||
|
||||
- /* We are not interested in SIGSTOP and friends. */
|
||||
assert_se(sigaction(SIGCHLD, &sa, NULL) == 0);
|
||||
|
||||
- assert_se(sigemptyset(&mask) == 0);
|
||||
+ /* We make liberal use of realtime signals here. On
|
||||
+ * Linux/glibc we have 30 of them (with the exception of Linux
|
||||
+ * on hppa, see below), between SIGRTMIN+0 ... SIGRTMIN+30
|
||||
+ * (aka SIGRTMAX). */
|
||||
|
||||
+ assert_se(sigemptyset(&mask) == 0);
|
||||
sigset_add_many(&mask,
|
||||
SIGCHLD, /* Child died */
|
||||
SIGTERM, /* Reexecute daemon */
|
||||
@@ -354,6 +357,7 @@ static int manager_setup_signals(Manager
|
||||
SIGINT, /* Kernel sends us this on control-alt-del */
|
||||
SIGWINCH, /* Kernel sends us this on kbrequest (alt-arrowup) */
|
||||
SIGPWR, /* Some kernel drivers and upsd send us this on power failure */
|
||||
+
|
||||
SIGRTMIN+0, /* systemd: start default.target */
|
||||
SIGRTMIN+1, /* systemd: isolate rescue.target */
|
||||
SIGRTMIN+2, /* systemd: isolate emergency.target */
|
||||
@@ -361,19 +365,40 @@ static int manager_setup_signals(Manager
|
||||
SIGRTMIN+4, /* systemd: start poweroff.target */
|
||||
SIGRTMIN+5, /* systemd: start reboot.target */
|
||||
SIGRTMIN+6, /* systemd: start kexec.target */
|
||||
+
|
||||
+ /* ... space for more special targets ... */
|
||||
+
|
||||
SIGRTMIN+13, /* systemd: Immediate halt */
|
||||
SIGRTMIN+14, /* systemd: Immediate poweroff */
|
||||
SIGRTMIN+15, /* systemd: Immediate reboot */
|
||||
SIGRTMIN+16, /* systemd: Immediate kexec */
|
||||
+
|
||||
+ /* ... space for more immediate system state changes ... */
|
||||
+
|
||||
SIGRTMIN+20, /* systemd: enable status messages */
|
||||
SIGRTMIN+21, /* systemd: disable status messages */
|
||||
SIGRTMIN+22, /* systemd: set log level to LOG_DEBUG */
|
||||
SIGRTMIN+23, /* systemd: set log level to LOG_INFO */
|
||||
SIGRTMIN+24, /* systemd: Immediate exit (--user only) */
|
||||
+
|
||||
+ /* .. one free signal here ... */
|
||||
+
|
||||
+#if !defined(__hppa64__) && !defined(__hppa__)
|
||||
+ /* Apparently Linux on hppa has fewer RT
|
||||
+ * signals (SIGRTMAX is SIGRTMIN+25 there),
|
||||
+ * hence let's not try to make use of them
|
||||
+ * here. Since these commands are accessible
|
||||
+ * by different means and only really a safety
|
||||
+ * net, the missing functionality on hppa
|
||||
+ * shouldn't matter. */
|
||||
+
|
||||
SIGRTMIN+26, /* systemd: set log target to journal-or-kmsg */
|
||||
SIGRTMIN+27, /* systemd: set log target to console */
|
||||
SIGRTMIN+28, /* systemd: set log target to kmsg */
|
||||
SIGRTMIN+29, /* systemd: set log target to syslog-or-kmsg */
|
||||
+
|
||||
+ /* ... one free signal here SIGRTMIN+30 ... */
|
||||
+#endif
|
||||
-1);
|
||||
assert_se(sigprocmask(SIG_SETMASK, &mask, NULL) == 0);
|
||||
|
40
0002-time-also-support-infinity-syntax-in-parse_nsec.patch
Normal file
40
0002-time-also-support-infinity-syntax-in-parse_nsec.patch
Normal file
@ -0,0 +1,40 @@
|
||||
Based on e73c78c27511b03c7abc55aed87896092c0de699 Mon Sep 17 00:00:00 2001
|
||||
From: Lennart Poettering <lennart@poettering.net>
|
||||
Date: Fri, 24 Oct 2014 19:07:26 +0200
|
||||
Subject: [PATCH] time: also support 'infinity' syntax in parse_nsec()
|
||||
|
||||
Let's make parse_usec() and parse_nsec() work similar
|
||||
---
|
||||
src/shared/time-util.c | 14 +++++++++++++-
|
||||
1 file changed, 13 insertions(+), 1 deletion(-)
|
||||
|
||||
--- src/shared/time-util.c
|
||||
+++ src/shared/time-util.c
|
||||
@@ -773,7 +773,7 @@ int parse_nsec(const char *t, nsec_t *nsec) {
|
||||
{ "", 1ULL }, /* default is nsec */
|
||||
};
|
||||
|
||||
- const char *p;
|
||||
+ const char *p, *s;
|
||||
nsec_t r = 0;
|
||||
bool something = false;
|
||||
|
||||
@@ -781,6 +781,18 @@ int parse_nsec(const char *t, nsec_t *nsec) {
|
||||
assert(nsec);
|
||||
|
||||
p = t;
|
||||
+
|
||||
+ p += strspn(p, WHITESPACE);
|
||||
+ s = startswith(p, "infinity");
|
||||
+ if (s) {
|
||||
+ s += strspn(s, WHITESPACE);
|
||||
+ if (!*s != 0)
|
||||
+ return -EINVAL;
|
||||
+
|
||||
+ *nsec = ((nsec_t) -1);
|
||||
+ return 0;
|
||||
+ }
|
||||
+
|
||||
for (;;) {
|
||||
long long l, z = 0;
|
||||
char *e;
|
@ -0,0 +1,25 @@
|
||||
Based on 65de0395ffe1cfb0f9af86504e8588fb31bb0fbc Mon Sep 17 00:00:00 2001
|
||||
From: Lennart Poettering <lennart@poettering.net>
|
||||
Date: Fri, 24 Oct 2014 19:08:22 +0200
|
||||
Subject: [PATCH] time: earlier exit from format_timestamp_relative() on
|
||||
special times
|
||||
|
||||
---
|
||||
src/shared/time-util.c | 3 +--
|
||||
1 file changed, 1 insertion(+), 2 deletions(-)
|
||||
|
||||
--- src/shared/time-util.c
|
||||
+++ src/shared/time-util.c 2014-10-29 14:07:28.479838096 +0000
|
||||
@@ -194,11 +194,10 @@ char *format_timestamp_relative(char *bu
|
||||
const char *s;
|
||||
usec_t n, d;
|
||||
|
||||
- n = now(CLOCK_REALTIME);
|
||||
-
|
||||
if (t <= 0 || (t == (usec_t) -1))
|
||||
return NULL;
|
||||
|
||||
+ n = now(CLOCK_REALTIME);
|
||||
if (n > t) {
|
||||
d = n - t;
|
||||
s = "ago";
|
@ -0,0 +1,43 @@
|
||||
From 455cd8b137b8ef45d04889f2d967c562a097f1e6 Mon Sep 17 00:00:00 2001
|
||||
From: Lennart Poettering <lennart@poettering.net>
|
||||
Date: Fri, 24 Oct 2014 19:24:53 +0200
|
||||
Subject: [PATCH] sd-bus: if we don't manage to properly allocate the error
|
||||
message for an sd_bus_error, just go on
|
||||
|
||||
sd_bus_error_setfv() must initialize the sd_bus_error value to some
|
||||
sensible value and then return a good errno code matching that. If it
|
||||
cannot work at all it should set the error statically to the OOM error.
|
||||
But if it can work half-way (i.e. initialize the name, but not the
|
||||
message) it should do so and still return the correct errno number for
|
||||
it.
|
||||
|
||||
This effectively reverts 8bf13eb1e02b9977ae1cd331ae5dc7305a305a09
|
||||
---
|
||||
src/libsystemd/sd-bus/bus-error.c | 11 ++++-------
|
||||
1 file changed, 4 insertions(+), 7 deletions(-)
|
||||
|
||||
diff --git src/libsystemd/sd-bus/bus-error.c src/libsystemd/sd-bus/bus-error.c
|
||||
index 5ca974a..af83c12 100644
|
||||
--- src/libsystemd/sd-bus/bus-error.c
|
||||
+++ src/libsystemd/sd-bus/bus-error.c
|
||||
@@ -194,13 +194,10 @@ int bus_error_setfv(sd_bus_error *e, const char *name, const char *format, va_li
|
||||
return -ENOMEM;
|
||||
}
|
||||
|
||||
- if (format) {
|
||||
- int r;
|
||||
-
|
||||
- r = vasprintf((char**) &e->message, format, ap);
|
||||
- if (r < 0)
|
||||
- return -ENOMEM;
|
||||
- }
|
||||
+ /* Of we hit OOM on formatting the pretty message, we ignore
|
||||
+ * this, since we at least managed to write the error name */
|
||||
+ if (format)
|
||||
+ (void) vasprintf((char**) &e->message, format, ap);
|
||||
|
||||
e->_need_free = 1;
|
||||
|
||||
--
|
||||
1.7.9.2
|
||||
|
21
0005-journalctl-correct-help-text-for-until.patch
Normal file
21
0005-journalctl-correct-help-text-for-until.patch
Normal file
@ -0,0 +1,21 @@
|
||||
Based on 7558251eef610e71595a0aa48952479906cb899a Mon Sep 17 00:00:00 2001
|
||||
From: Santiago Vila <sanvila@unex.es>
|
||||
Date: Sat, 25 Oct 2014 10:40:30 -0400
|
||||
Subject: [PATCH] journalctl: correct help text for --until
|
||||
|
||||
http://bugs.debian.org/766598
|
||||
---
|
||||
src/journal/journalctl.c | 2 +-
|
||||
1 file changed, 1 insertion(+), 1 deletion(-)
|
||||
|
||||
--- src/journal/journalctl.c
|
||||
+++ src/journal/journalctl.c 2014-10-29 14:10:18.863838313 +0000
|
||||
@@ -171,7 +171,7 @@ static int help(void) {
|
||||
" --user Show only the user journal for the current user\n"
|
||||
" -M --machine=CONTAINER Operate on local container\n"
|
||||
" --since=DATE Start showing entries on or newer than the specified date\n"
|
||||
- " --until=DATE Stop showing entries on or older than the specified date\n"
|
||||
+ " --until=DATE Stop showing entries on or newer than the specified date\n"
|
||||
" -c --cursor=CURSOR Start showing entries from the specified cursor\n"
|
||||
" --after-cursor=CURSOR Start showing entries from after the specified cursor\n"
|
||||
" --show-cursor Print the cursor after all the entries\n"
|
@ -11,15 +11,17 @@ safe_close.
|
||||
|
||||
CID#996223
|
||||
---
|
||||
src/shared/util.c | 1 +
|
||||
1 file changed, 1 insertion(+)
|
||||
src/shared/util.c | 3 ++-
|
||||
1 file changed, 2 insertions(+), 1 deletion(-)
|
||||
|
||||
--- src/shared/util.c
|
||||
+++ src/shared/util.c 2014-10-14 15:42:22.515839157 +0000
|
||||
@@ -1969,6 +1969,7 @@ int acquire_terminal(
|
||||
@@ -1969,7 +1969,8 @@ int acquire_terminal(
|
||||
* ended our handle will be dead. It's important that
|
||||
* we do this after sleeping, so that we don't enter
|
||||
* an endless loop. */
|
||||
close_nointr_nofail(fd);
|
||||
- close_nointr_nofail(fd);
|
||||
+ if (fd >= 0) close_nointr_nofail(fd);
|
||||
+ fd = -1;
|
||||
}
|
||||
|
||||
|
27
0006-calendarspec-fix-typo-in-annually.patch
Normal file
27
0006-calendarspec-fix-typo-in-annually.patch
Normal file
@ -0,0 +1,27 @@
|
||||
From e90efc70900f8e69cfbafd9e9508bdeb4d40dad7 Mon Sep 17 00:00:00 2001
|
||||
From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= <zbyszek@in.waw.pl>
|
||||
Date: Sat, 25 Oct 2014 11:59:36 -0400
|
||||
Subject: [PATCH] calendarspec: fix typo in "annually"
|
||||
|
||||
https://bugs.freedesktop.org/show_bug.cgi?id=85447
|
||||
---
|
||||
src/shared/calendarspec.c | 3 ++-
|
||||
1 file changed, 2 insertions(+), 1 deletion(-)
|
||||
|
||||
diff --git src/shared/calendarspec.c src/shared/calendarspec.c
|
||||
index 4ac74ab..64d0dec 100644
|
||||
--- src/shared/calendarspec.c
|
||||
+++ src/shared/calendarspec.c
|
||||
@@ -688,7 +688,8 @@ int calendar_spec_from_string(const char *p, CalendarSpec **spec) {
|
||||
if (r < 0)
|
||||
goto fail;
|
||||
|
||||
- } else if (strcaseeq(p, "anually") || strcaseeq(p, "yearly")) {
|
||||
+ } else if (strcaseeq(p, "annually") || strcaseeq(p, "yearly")
|
||||
+ || strcaseeq(p, "anually") /* backwards compatibility */ ) {
|
||||
r = const_chain(1, &c->month);
|
||||
if (r < 0)
|
||||
goto fail;
|
||||
--
|
||||
1.7.9.2
|
||||
|
26
0007-systemctl-do-not-ignore-errors-in-symlink-removal.patch
Normal file
26
0007-systemctl-do-not-ignore-errors-in-symlink-removal.patch
Normal file
@ -0,0 +1,26 @@
|
||||
From e95c98378ac2d34df864de4a9b785fd17defb77b Mon Sep 17 00:00:00 2001
|
||||
From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= <zbyszek@in.waw.pl>
|
||||
Date: Sat, 25 Oct 2014 15:15:28 -0400
|
||||
Subject: [PATCH] systemctl: do not ignore errors in symlink removal
|
||||
|
||||
On an ro fs, systemctl disable ... would fail silently.
|
||||
---
|
||||
src/shared/install.c | 2 +-
|
||||
1 file changed, 1 insertion(+), 1 deletion(-)
|
||||
|
||||
diff --git src/shared/install.c src/shared/install.c
|
||||
index 0d7c30e..035b44c 100644
|
||||
--- src/shared/install.c
|
||||
+++ src/shared/install.c
|
||||
@@ -1679,7 +1679,7 @@ int unit_file_disable(
|
||||
r = install_context_mark_for_removal(&c, &paths, &remove_symlinks_to, config_path, root_dir);
|
||||
|
||||
q = remove_marked_symlinks(remove_symlinks_to, config_path, changes, n_changes, files);
|
||||
- if (r == 0)
|
||||
+ if (r >= 0)
|
||||
r = q;
|
||||
|
||||
return r;
|
||||
--
|
||||
1.7.9.2
|
||||
|
85
0008-util-introduce-sethostname_idempotent.patch
Normal file
85
0008-util-introduce-sethostname_idempotent.patch
Normal file
@ -0,0 +1,85 @@
|
||||
Based on 605f81a8968b2df8a28cca2cf11db99ab948a2af Mon Sep 17 00:00:00 2001
|
||||
From: Michal Sekletar <msekleta@redhat.com>
|
||||
Date: Tue, 21 Oct 2014 18:17:54 +0200
|
||||
Subject: [PATCH] util: introduce sethostname_idempotent
|
||||
|
||||
Function queries system hostname and applies changes only when necessary. Also,
|
||||
migrate all client of sethostname to sethostname_idempotent while at it.
|
||||
---
|
||||
src/core/hostname-setup.c | 2 +-
|
||||
src/hostname/hostnamed.c | 2 +-
|
||||
src/nspawn/nspawn.c | 2 +-
|
||||
src/shared/util.c | 20 ++++++++++++++++++++
|
||||
src/shared/util.h | 2 ++
|
||||
5 files changed, 25 insertions(+), 3 deletions(-)
|
||||
|
||||
--- src/core/hostname-setup.c
|
||||
+++ src/core/hostname-setup.c 2014-10-29 00:00:00.000000000 +0000
|
||||
@@ -99,7 +99,7 @@ int hostname_setup(void) {
|
||||
hn = "localhost";
|
||||
}
|
||||
|
||||
- if (sethostname(hn, strlen(hn)) < 0) {
|
||||
+ if (sethostname_idempotent(hn) < 0) {
|
||||
log_warning("Failed to set hostname to <%s>: %m", hn);
|
||||
return -errno;
|
||||
}
|
||||
--- src/hostname/hostnamed.c
|
||||
+++ src/hostname/hostnamed.c 2014-10-29 14:13:26.124337751 +0000
|
||||
@@ -244,7 +244,7 @@ static int context_write_data_hostname(C
|
||||
else
|
||||
hn = c->data[PROP_HOSTNAME];
|
||||
|
||||
- if (sethostname(hn, strlen(hn)) < 0)
|
||||
+ if (sethostname_idempotent(hn) < 0)
|
||||
return -errno;
|
||||
|
||||
return 0;
|
||||
--- src/nspawn/nspawn.c
|
||||
+++ src/nspawn/nspawn.c 2014-10-29 00:00:00.000000000 +0000
|
||||
@@ -981,7 +981,7 @@ static int setup_hostname(void) {
|
||||
if (arg_share_system)
|
||||
return 0;
|
||||
|
||||
- if (sethostname(arg_machine, strlen(arg_machine)) < 0)
|
||||
+ if (sethostname_idempotent(arg_machine) < 0)
|
||||
return -errno;
|
||||
|
||||
return 0;
|
||||
--- src/shared/util.c
|
||||
+++ src/shared/util.c 2014-10-29 00:00:00.000000000 +0000
|
||||
@@ -6451,6 +6451,26 @@ int fd_warn_permissions(const char *path
|
||||
return 0;
|
||||
}
|
||||
|
||||
+int sethostname_idempotent(const char *s) {
|
||||
+ int r;
|
||||
+ char buf[HOST_NAME_MAX + 1] = {};
|
||||
+
|
||||
+ assert(s);
|
||||
+
|
||||
+ r = gethostname(buf, sizeof(buf));
|
||||
+ if (r < 0)
|
||||
+ return -errno;
|
||||
+
|
||||
+ if (streq(buf, s))
|
||||
+ return 0;
|
||||
+
|
||||
+ r = sethostname(buf, strlen(buf));
|
||||
+ if (r < 0)
|
||||
+ return -errno;
|
||||
+
|
||||
+ return 1;
|
||||
+}
|
||||
+
|
||||
unsigned long personality_from_string(const char *p) {
|
||||
|
||||
/* Parse a personality specifier. We introduce our own
|
||||
--- src/shared/util.h
|
||||
+++ src/shared/util.h 2014-10-29 14:14:15.764337717 +0000
|
||||
@@ -899,3 +899,5 @@ union file_handle_union {
|
||||
};
|
||||
|
||||
int umount_recursive(const char *target, int flags);
|
||||
+
|
||||
+int sethostname_idempotent(const char *s);
|
@ -0,0 +1,26 @@
|
||||
From a9169c1c589bf7c7a29e7905d17e350ce7c7c48e Mon Sep 17 00:00:00 2001
|
||||
From: Michal Sekletar <msekleta@redhat.com>
|
||||
Date: Mon, 27 Oct 2014 11:08:26 +0100
|
||||
Subject: [PATCH] util: fix copy-paste error and actually set the new hostname
|
||||
|
||||
Reported-by: sztanpet on irc
|
||||
---
|
||||
src/shared/util.c | 2 +-
|
||||
1 file changed, 1 insertion(+), 1 deletion(-)
|
||||
|
||||
diff --git src/shared/util.c src/shared/util.c
|
||||
index 7d94a28..4143f6d 100644
|
||||
--- src/shared/util.c
|
||||
+++ src/shared/util.c
|
||||
@@ -7189,7 +7189,7 @@ int sethostname_idempotent(const char *s) {
|
||||
if (streq(buf, s))
|
||||
return 0;
|
||||
|
||||
- r = sethostname(buf, strlen(buf));
|
||||
+ r = sethostname(s, strlen(s));
|
||||
if (r < 0)
|
||||
return -errno;
|
||||
|
||||
--
|
||||
1.7.9.2
|
||||
|
@ -0,0 +1,27 @@
|
||||
Based on d89b5fed9ea5d9ec293585cb85bb27b56ea6ac9c Mon Sep 17 00:00:00 2001
|
||||
From: Michal Sekletar <msekleta@redhat.com>
|
||||
Date: Tue, 21 Oct 2014 18:38:42 +0200
|
||||
Subject: [PATCH] shutdown: do final unmounting only if not running inside the
|
||||
container
|
||||
|
||||
If we run in the container then we run in a mount namespace. If namespace dies
|
||||
then kernel should do unmounting for us, hence we skip unmounting in containers.
|
||||
|
||||
Also, it may be the case that we no longer have capability to do umount,
|
||||
because we are running in the unprivileged container.
|
||||
|
||||
See: http://lists.freedesktop.org/archives/systemd-devel/2014-October/023536.html
|
||||
---
|
||||
src/core/shutdown.c | 2 +-
|
||||
1 file changed, 1 insertion(+), 1 deletion(-)
|
||||
|
||||
--- src/core/shutdown.c
|
||||
+++ src/core/shutdown.c 2014-10-29 14:18:38.767837898 +0000
|
||||
@@ -278,6 +278,7 @@ int main(int argc, char *argv[]) {
|
||||
broadcast_signal(SIGKILL, true, false);
|
||||
|
||||
if (in_container) {
|
||||
+ need_umount = false;
|
||||
need_swapoff = false;
|
||||
need_dm_detach = false;
|
||||
need_loop_detach = false;
|
@ -0,0 +1,57 @@
|
||||
Based on dec23413ecc90d4a547aa41f02af0482b4513495 Mon Sep 17 00:00:00 2001
|
||||
From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= <zbyszek@in.waw.pl>
|
||||
Date: Mon, 27 Oct 2014 21:31:29 -0400
|
||||
Subject: [PATCH] selinux: make sure we do not try to print missing fields
|
||||
|
||||
UID or GID of 0 is valid, so we cannot use that to distinguish whether
|
||||
calls to sd_bus_creds_get_* succeeded, and the return value from the
|
||||
function is the only way to know about missing fields. Print "n/a" if
|
||||
the fields are missing.
|
||||
|
||||
CID #1238779
|
||||
---
|
||||
src/core/selinux-access.c | 18 ++++++++++++------
|
||||
1 file changed, 12 insertions(+), 6 deletions(-)
|
||||
|
||||
diff --git src/core/selinux-access.c src/core/selinux-access.c
|
||||
index 08ea6ef..351d48f 100644
|
||||
--- src/core/selinux-access.c
|
||||
+++ src/core/selinux-access.c
|
||||
@@ -53,7 +53,7 @@ struct audit_info {
|
||||
|
||||
/*
|
||||
Any time an access gets denied this callback will be called
|
||||
- with the aduit data. We then need to just copy the audit data into the msgbuf.
|
||||
+ with the audit data. We then need to just copy the audit data into the msgbuf.
|
||||
*/
|
||||
static int audit_callback(
|
||||
void *auditdata,
|
||||
@@ -64,14 +64,20 @@ static int audit_callback(
|
||||
const struct audit_info *audit = auditdata;
|
||||
uid_t uid = 0, login_uid = 0;
|
||||
gid_t gid = 0;
|
||||
+ char login_uid_buf[DECIMAL_STR_MAX(uid_t)] = "n/a";
|
||||
+ char uid_buf[DECIMAL_STR_MAX(uid_t)] = "n/a";
|
||||
+ char gid_buf[DECIMAL_STR_MAX(gid_t)] = "n/a";
|
||||
|
||||
- sd_bus_creds_get_audit_login_uid(audit->creds, &login_uid);
|
||||
- sd_bus_creds_get_uid(audit->creds, &uid);
|
||||
- sd_bus_creds_get_gid(audit->creds, &gid);
|
||||
+ if (sd_bus_creds_get_audit_login_uid(audit->creds, &login_uid) >= 0)
|
||||
+ snprintf(login_uid_buf, sizeof(login_uid_buf), UID_FMT, login_uid);
|
||||
+ if (sd_bus_creds_get_uid(audit->creds, &uid) >= 0)
|
||||
+ snprintf(uid_buf, sizeof(uid_buf), UID_FMT, uid);
|
||||
+ if (sd_bus_creds_get_gid(audit->creds, &gid) >= 0)
|
||||
+ snprintf(gid_buf, sizeof(gid_buf), "%lu", (unsigned long)gid);
|
||||
|
||||
snprintf(msgbuf, msgbufsize,
|
||||
- "auid=%d uid=%d gid=%d%s%s%s%s%s%s",
|
||||
- login_uid, uid, gid,
|
||||
+ "auid=%s uid=%s gid=%s%s%s%s%s%s%s",
|
||||
+ login_uid_buf, uid_buf, gid_buf,
|
||||
audit->path ? " path=\"" : "", strempty(audit->path), audit->path ? "\"" : "",
|
||||
audit->cmdline ? " cmdline=\"" : "", strempty(audit->cmdline), audit->cmdline ? "\"" : "");
|
||||
|
||||
--
|
||||
1.7.9.2
|
||||
|
180
0012-manager-do-not-print-anything-while-passwords-are-be.patch
Normal file
180
0012-manager-do-not-print-anything-while-passwords-are-be.patch
Normal file
@ -0,0 +1,180 @@
|
||||
Based on e46b13c8c7f48f81d4e09912f2265daaa7f6d27e Mon Sep 17 00:00:00 2001
|
||||
From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= <zbyszek@in.waw.pl>
|
||||
Date: Sat, 25 Oct 2014 20:30:51 -0400
|
||||
Subject: [PATCH] manager: do not print anything while passwords are being
|
||||
queried
|
||||
|
||||
https://bugs.freedesktop.org/show_bug.cgi?id=73942
|
||||
---
|
||||
src/core/manager.c | 105 ++++++++++++++++++++++++++++++++++++++++++++++++++++-
|
||||
src/core/manager.h | 5 ++
|
||||
2 files changed, 109 insertions(+), 1 deletion(-)
|
||||
|
||||
--- src/core/manager.c
|
||||
+++ src/core/manager.c 2014-10-29 14:31:18.984212089 +0000
|
||||
@@ -25,6 +25,8 @@
|
||||
#include <signal.h>
|
||||
#include <sys/wait.h>
|
||||
#include <unistd.h>
|
||||
+#include <sys/inotify.h>
|
||||
+#include <sys/epoll.h>
|
||||
#include <sys/poll.h>
|
||||
#include <sys/reboot.h>
|
||||
#include <sys/ioctl.h>
|
||||
@@ -212,6 +214,96 @@ static void manager_print_jobs_in_progre
|
||||
|
||||
}
|
||||
|
||||
+static int have_ask_password(void) {
|
||||
+ _cleanup_closedir_ DIR *dir;
|
||||
+
|
||||
+ dir = opendir("/run/systemd/ask-password");
|
||||
+ if (!dir) {
|
||||
+ if (errno == ENOENT)
|
||||
+ return false;
|
||||
+ else
|
||||
+ return -errno;
|
||||
+ }
|
||||
+
|
||||
+ for (;;) {
|
||||
+ struct dirent *de;
|
||||
+
|
||||
+ errno = 0;
|
||||
+ de = readdir(dir);
|
||||
+ if (!de && errno != 0)
|
||||
+ return -errno;
|
||||
+ if (!de)
|
||||
+ return false;
|
||||
+
|
||||
+ if (startswith(de->d_name, "ask."))
|
||||
+ return true;
|
||||
+ }
|
||||
+}
|
||||
+
|
||||
+static int manager_dispatch_ask_password_fd(sd_event_source *source,
|
||||
+ int fd, uint32_t revents, void *userdata) {
|
||||
+ Manager *m = userdata;
|
||||
+
|
||||
+ assert(m);
|
||||
+
|
||||
+ flush_fd(fd);
|
||||
+
|
||||
+ m->have_ask_password = have_ask_password();
|
||||
+ if (m->have_ask_password < 0)
|
||||
+ /* Log error but continue. Negative have_ask_password
|
||||
+ * is treated as unknown status. */
|
||||
+ log_error("Failed to list /run/systemd/ask-password: %s", strerror(m->have_ask_password));
|
||||
+
|
||||
+ return 0;
|
||||
+}
|
||||
+
|
||||
+static void manager_close_ask_password(Manager *m) {
|
||||
+ assert(m);
|
||||
+ if (m->ask_password_inotify_fd >= 0) close_nointr_nofail(m->ask_password_inotify_fd);
|
||||
+ m->ask_password_inotify_fd = -1;
|
||||
+ m->ask_password_event_source = sd_event_source_unref(m->ask_password_event_source);
|
||||
+ m->have_ask_password = -EINVAL;
|
||||
+}
|
||||
+
|
||||
+static int manager_check_ask_password(Manager *m) {
|
||||
+ int r;
|
||||
+
|
||||
+ assert(m);
|
||||
+
|
||||
+ if (!m->ask_password_event_source) {
|
||||
+ assert(m->ask_password_inotify_fd < 0);
|
||||
+
|
||||
+ mkdir_p_label("/run/systemd/ask-password", 0755);
|
||||
+
|
||||
+ m->ask_password_inotify_fd = inotify_init1(IN_NONBLOCK|IN_CLOEXEC);
|
||||
+ if (m->ask_password_inotify_fd < 0) {
|
||||
+ log_error("inotify_init1() failed: %m");
|
||||
+ return -errno;
|
||||
+ }
|
||||
+
|
||||
+ if (inotify_add_watch(m->ask_password_inotify_fd, "/run/systemd/ask-password", IN_CREATE|IN_DELETE|IN_MOVE) < 0) {
|
||||
+ log_error("Failed to add watch on /run/systemd/ask-password: %m");
|
||||
+ manager_close_ask_password(m);
|
||||
+ return -errno;
|
||||
+ }
|
||||
+
|
||||
+ r = sd_event_add_io(m->event, &m->ask_password_event_source,
|
||||
+ m->ask_password_inotify_fd, EPOLLIN,
|
||||
+ manager_dispatch_ask_password_fd, m);
|
||||
+ if (r < 0) {
|
||||
+ log_error("Failed to add event source for /run/systemd/ask-password: %m");
|
||||
+ manager_close_ask_password(m);
|
||||
+ return -errno;
|
||||
+ }
|
||||
+
|
||||
+ /* Queries might have been added meanwhile... */
|
||||
+ manager_dispatch_ask_password_fd(m->ask_password_event_source,
|
||||
+ m->ask_password_inotify_fd, EPOLLIN, m);
|
||||
+ }
|
||||
+
|
||||
+ return m->have_ask_password;
|
||||
+}
|
||||
+
|
||||
static int manager_watch_idle_pipe(Manager *m) {
|
||||
int r;
|
||||
|
||||
@@ -470,6 +562,9 @@ int manager_new(SystemdRunningAs running
|
||||
m->pin_cgroupfs_fd = m->notify_fd = m->signal_fd = m->time_change_fd = m->dev_autofs_fd = m->private_listen_fd = m->kdbus_fd = -1;
|
||||
m->current_job_id = 1; /* start as id #1, so that we can leave #0 around as "null-like" value */
|
||||
|
||||
+ m->ask_password_inotify_fd = -1;
|
||||
+ m->have_ask_password = -EINVAL; /* we don't know */
|
||||
+
|
||||
r = manager_default_environment(m);
|
||||
if (r < 0)
|
||||
goto fail;
|
||||
@@ -847,6 +942,8 @@ void manager_free(Manager *m) {
|
||||
if (m->kdbus_fd >= 0)
|
||||
close_nointr_nofail(m->kdbus_fd);
|
||||
|
||||
+ manager_close_ask_password(m);
|
||||
+
|
||||
manager_close_idle_pipe(m);
|
||||
|
||||
udev_unref(m->udev);
|
||||
@@ -2526,6 +2623,9 @@ void manager_check_finished(Manager *m)
|
||||
/* Turn off confirm spawn now */
|
||||
m->confirm_spawn = false;
|
||||
|
||||
+ /* No need to update ask password status when we're going non-interactive */
|
||||
+ manager_close_ask_password(m);
|
||||
+
|
||||
if (dual_timestamp_is_set(&m->finish_timestamp))
|
||||
return;
|
||||
|
||||
@@ -2843,12 +2943,15 @@ static bool manager_get_show_status(Mana
|
||||
if (m->no_console_output)
|
||||
return false;
|
||||
|
||||
+ /* If we cannot find out the status properly, just proceed. */
|
||||
+ if (manager_check_ask_password(m) > 0)
|
||||
+ return false;
|
||||
+
|
||||
if (m->show_status > 0)
|
||||
return true;
|
||||
|
||||
/* If Plymouth is running make sure we show the status, so
|
||||
* that there's something nice to see when people press Esc */
|
||||
-
|
||||
return plymouth_running();
|
||||
}
|
||||
|
||||
--- src/core/manager.h
|
||||
+++ src/core/manager.h 2014-10-29 00:00:00.000000000 +0000
|
||||
@@ -231,6 +231,11 @@ struct Manager {
|
||||
unsigned n_on_console;
|
||||
unsigned jobs_in_progress_iteration;
|
||||
|
||||
+ /* Do we have any outstanding password prompts? */
|
||||
+ int have_ask_password;
|
||||
+ int ask_password_inotify_fd;
|
||||
+ sd_event_source *ask_password_event_source;
|
||||
+
|
||||
/* Type=idle pipes */
|
||||
int idle_pipe[4];
|
||||
sd_event_source *idle_pipe_event_source;
|
@ -1,45 +0,0 @@
|
||||
Index: systemd-210/src/core/manager.c
|
||||
===================================================================
|
||||
--- systemd-210.orig/src/core/manager.c
|
||||
+++ systemd-210/src/core/manager.c
|
||||
@@ -152,6 +152,29 @@ void manager_flip_auto_status(Manager *m
|
||||
}
|
||||
}
|
||||
|
||||
+static int check_for_password_prompt(void) {
|
||||
+ DIR *d;
|
||||
+ struct dirent *de;
|
||||
+
|
||||
+ if (!(d = opendir("/run/systemd/ask-password"))) {
|
||||
+
|
||||
+ if (errno == ENOENT)
|
||||
+ return 1;
|
||||
+ log_error("opendir(/run/systemd/ask-password): %m");
|
||||
+
|
||||
+ return -errno;
|
||||
+ }
|
||||
+
|
||||
+ while ((de = readdir(d))) {
|
||||
+ if (startswith(de->d_name, "ask.")) {
|
||||
+ closedir(d);
|
||||
+ return 0;
|
||||
+ }
|
||||
+ }
|
||||
+ closedir(d);
|
||||
+ return 1;
|
||||
+}
|
||||
+
|
||||
static void manager_print_jobs_in_progress(Manager *m) {
|
||||
static int is_ansi_console = -1;
|
||||
_cleanup_free_ char *job_of_n = NULL;
|
||||
@@ -195,6 +218,10 @@ static void manager_print_jobs_in_progre
|
||||
|
||||
m->jobs_in_progress_iteration++;
|
||||
|
||||
+ //don't overwrite the crypt password prompt with job status messages
|
||||
+ if (check_for_password_prompt() == 0)
|
||||
+ return;
|
||||
+
|
||||
if (m->n_running_jobs > 1)
|
||||
if (asprintf(&job_of_n, "(%u of %u) ", counter, m->n_running_jobs) < 0)
|
||||
job_of_n = NULL;
|
@ -1,3 +1,23 @@
|
||||
-------------------------------------------------------------------
|
||||
Thu Oct 30 10:45:01 UTC 2014 - werner@suse.de
|
||||
|
||||
- Add upstream patches
|
||||
0001-manager-Linux-on-hppa-has-fewer-rtsigs-hence-avoid-u.patch
|
||||
0002-time-also-support-infinity-syntax-in-parse_nsec.patch
|
||||
0003-time-earlier-exit-from-format_timestamp_relative-on-.patch
|
||||
0004-sd-bus-if-we-don-t-manage-to-properly-allocate-the-e.patch
|
||||
0005-journalctl-correct-help-text-for-until.patch
|
||||
0006-calendarspec-fix-typo-in-annually.patch
|
||||
0007-systemctl-do-not-ignore-errors-in-symlink-removal.patch
|
||||
0008-util-introduce-sethostname_idempotent.patch
|
||||
0009-util-fix-copy-paste-error-and-actually-set-the-new-h.patch
|
||||
0010-shutdown-do-final-unmounting-only-if-not-running-ins.patch
|
||||
0011-selinux-make-sure-we-do-not-try-to-print-missing-fie.patch
|
||||
- Replace patch
|
||||
keep-crypt-password-prompt.patch as this with
|
||||
upstream patch
|
||||
0012-manager-do-not-print-anything-while-passwords-are-be.patch
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Fri Oct 24 13:02:45 UTC 2014 - werner@suse.de
|
||||
|
||||
|
@ -438,8 +438,6 @@ Patch202: 0004-implement-a-union-to-pad-out-file_handle.patch
|
||||
Patch203: respect-nfs-bg-option.patch
|
||||
# PATCH-FIX-UPSTREAM Stop useless messages on dual_timestamp_is_set is failed.
|
||||
Patch204: shut-up-annoying-assertion-monotonic-clock-message.patch
|
||||
# PATCH-FIX-SUSE Do not override the passphrase prompts due messages of busy jobs
|
||||
Patch205: keep-crypt-password-prompt.patch
|
||||
# PATCH-FIX-UPSTREAM Fix uninitialized memory
|
||||
Patch206: 0001-sd-rtnl-message-append-fix-uninitialized-memory.patch
|
||||
# PATCH-FIX-UPSTREAM Make systemd user journal accessible by users (bnc#876694)
|
||||
@ -978,6 +976,30 @@ Patch473: 0005-cryptsetup-fix-an-OOM-check.patch
|
||||
Patch474: 0002-shutdown-pass-own-argv-to-run-initramfs-shutdown.patch
|
||||
# PATCH-FIX-SUSE added at 2014/10/24
|
||||
Patch475: journald-advice-about-use-of-memory.patch
|
||||
# PATCH-FIX-UPSTREAM added at 2014/10/28
|
||||
Patch476: 0001-manager-Linux-on-hppa-has-fewer-rtsigs-hence-avoid-u.patch
|
||||
# PATCH-FIX-UPSTREAM added at 2014/10/28
|
||||
Patch477: 0002-time-also-support-infinity-syntax-in-parse_nsec.patch
|
||||
# PATCH-FIX-UPSTREAM added at 2014/10/28
|
||||
Patch478: 0003-time-earlier-exit-from-format_timestamp_relative-on-.patch
|
||||
# PATCH-FIX-UPSTREAM added at 2014/10/28
|
||||
Patch479: 0004-sd-bus-if-we-don-t-manage-to-properly-allocate-the-e.patch
|
||||
# PATCH-FIX-UPSTREAM added at 2014/10/28
|
||||
Patch480: 0005-journalctl-correct-help-text-for-until.patch
|
||||
# PATCH-FIX-UPSTREAM added at 2014/10/28
|
||||
Patch481: 0006-calendarspec-fix-typo-in-annually.patch
|
||||
# PATCH-FIX-UPSTREAM added at 2014/10/28
|
||||
Patch482: 0007-systemctl-do-not-ignore-errors-in-symlink-removal.patch
|
||||
# PATCH-FIX-UPSTREAM added at 2014/10/28
|
||||
Patch483: 0008-util-introduce-sethostname_idempotent.patch
|
||||
# PATCH-FIX-UPSTREAM added at 2014/10/28
|
||||
Patch484: 0009-util-fix-copy-paste-error-and-actually-set-the-new-h.patch
|
||||
# PATCH-FIX-UPSTREAM added at 2014/10/28
|
||||
Patch485: 0010-shutdown-do-final-unmounting-only-if-not-running-ins.patch
|
||||
# PATCH-FIX-UPSTREAM added at 2014/10/28
|
||||
Patch486: 0011-selinux-make-sure-we-do-not-try-to-print-missing-fie.patch
|
||||
# PATCH-FIX-UPSTREAM added at 2014/10/28
|
||||
Patch487: 0012-manager-do-not-print-anything-while-passwords-are-be.patch
|
||||
|
||||
# UDEV PATCHES
|
||||
# ============
|
||||
@ -1526,7 +1548,6 @@ cp %{SOURCE7} m4/
|
||||
%patch202 -p0
|
||||
%patch203 -p1
|
||||
%patch204 -p1
|
||||
%patch205 -p1
|
||||
%patch206 -p0
|
||||
%patch207 -p0
|
||||
%patch208 -p1
|
||||
@ -1799,6 +1820,18 @@ cp %{SOURCE7} m4/
|
||||
%patch473 -p0
|
||||
%patch474 -p0
|
||||
%patch475 -p0
|
||||
%patch476 -p0
|
||||
%patch477 -p0
|
||||
%patch478 -p0
|
||||
%patch479 -p0
|
||||
%patch480 -p0
|
||||
%patch481 -p0
|
||||
%patch482 -p0
|
||||
%patch483 -p0
|
||||
%patch484 -p0
|
||||
%patch485 -p0
|
||||
%patch486 -p0
|
||||
%patch487 -p0
|
||||
|
||||
# udev patches
|
||||
%patch1001 -p1
|
||||
|
@ -1,3 +1,23 @@
|
||||
-------------------------------------------------------------------
|
||||
Thu Oct 30 10:45:01 UTC 2014 - werner@suse.de
|
||||
|
||||
- Add upstream patches
|
||||
0001-manager-Linux-on-hppa-has-fewer-rtsigs-hence-avoid-u.patch
|
||||
0002-time-also-support-infinity-syntax-in-parse_nsec.patch
|
||||
0003-time-earlier-exit-from-format_timestamp_relative-on-.patch
|
||||
0004-sd-bus-if-we-don-t-manage-to-properly-allocate-the-e.patch
|
||||
0005-journalctl-correct-help-text-for-until.patch
|
||||
0006-calendarspec-fix-typo-in-annually.patch
|
||||
0007-systemctl-do-not-ignore-errors-in-symlink-removal.patch
|
||||
0008-util-introduce-sethostname_idempotent.patch
|
||||
0009-util-fix-copy-paste-error-and-actually-set-the-new-h.patch
|
||||
0010-shutdown-do-final-unmounting-only-if-not-running-ins.patch
|
||||
0011-selinux-make-sure-we-do-not-try-to-print-missing-fie.patch
|
||||
- Replace patch
|
||||
keep-crypt-password-prompt.patch as this with
|
||||
upstream patch
|
||||
0012-manager-do-not-print-anything-while-passwords-are-be.patch
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Fri Oct 24 13:02:45 UTC 2014 - werner@suse.de
|
||||
|
||||
|
39
systemd.spec
39
systemd.spec
@ -433,8 +433,6 @@ Patch202: 0004-implement-a-union-to-pad-out-file_handle.patch
|
||||
Patch203: respect-nfs-bg-option.patch
|
||||
# PATCH-FIX-UPSTREAM Stop useless messages on dual_timestamp_is_set is failed.
|
||||
Patch204: shut-up-annoying-assertion-monotonic-clock-message.patch
|
||||
# PATCH-FIX-SUSE Do not override the passphrase prompts due messages of busy jobs
|
||||
Patch205: keep-crypt-password-prompt.patch
|
||||
# PATCH-FIX-UPSTREAM Fix uninitialized memory
|
||||
Patch206: 0001-sd-rtnl-message-append-fix-uninitialized-memory.patch
|
||||
# PATCH-FIX-UPSTREAM Make systemd user journal accessible by users (bnc#876694)
|
||||
@ -973,6 +971,30 @@ Patch473: 0005-cryptsetup-fix-an-OOM-check.patch
|
||||
Patch474: 0002-shutdown-pass-own-argv-to-run-initramfs-shutdown.patch
|
||||
# PATCH-FIX-SUSE added at 2014/10/24
|
||||
Patch475: journald-advice-about-use-of-memory.patch
|
||||
# PATCH-FIX-UPSTREAM added at 2014/10/28
|
||||
Patch476: 0001-manager-Linux-on-hppa-has-fewer-rtsigs-hence-avoid-u.patch
|
||||
# PATCH-FIX-UPSTREAM added at 2014/10/28
|
||||
Patch477: 0002-time-also-support-infinity-syntax-in-parse_nsec.patch
|
||||
# PATCH-FIX-UPSTREAM added at 2014/10/28
|
||||
Patch478: 0003-time-earlier-exit-from-format_timestamp_relative-on-.patch
|
||||
# PATCH-FIX-UPSTREAM added at 2014/10/28
|
||||
Patch479: 0004-sd-bus-if-we-don-t-manage-to-properly-allocate-the-e.patch
|
||||
# PATCH-FIX-UPSTREAM added at 2014/10/28
|
||||
Patch480: 0005-journalctl-correct-help-text-for-until.patch
|
||||
# PATCH-FIX-UPSTREAM added at 2014/10/28
|
||||
Patch481: 0006-calendarspec-fix-typo-in-annually.patch
|
||||
# PATCH-FIX-UPSTREAM added at 2014/10/28
|
||||
Patch482: 0007-systemctl-do-not-ignore-errors-in-symlink-removal.patch
|
||||
# PATCH-FIX-UPSTREAM added at 2014/10/28
|
||||
Patch483: 0008-util-introduce-sethostname_idempotent.patch
|
||||
# PATCH-FIX-UPSTREAM added at 2014/10/28
|
||||
Patch484: 0009-util-fix-copy-paste-error-and-actually-set-the-new-h.patch
|
||||
# PATCH-FIX-UPSTREAM added at 2014/10/28
|
||||
Patch485: 0010-shutdown-do-final-unmounting-only-if-not-running-ins.patch
|
||||
# PATCH-FIX-UPSTREAM added at 2014/10/28
|
||||
Patch486: 0011-selinux-make-sure-we-do-not-try-to-print-missing-fie.patch
|
||||
# PATCH-FIX-UPSTREAM added at 2014/10/28
|
||||
Patch487: 0012-manager-do-not-print-anything-while-passwords-are-be.patch
|
||||
|
||||
# UDEV PATCHES
|
||||
# ============
|
||||
@ -1521,7 +1543,6 @@ cp %{SOURCE7} m4/
|
||||
%patch202 -p0
|
||||
%patch203 -p1
|
||||
%patch204 -p1
|
||||
%patch205 -p1
|
||||
%patch206 -p0
|
||||
%patch207 -p0
|
||||
%patch208 -p1
|
||||
@ -1794,6 +1815,18 @@ cp %{SOURCE7} m4/
|
||||
%patch473 -p0
|
||||
%patch474 -p0
|
||||
%patch475 -p0
|
||||
%patch476 -p0
|
||||
%patch477 -p0
|
||||
%patch478 -p0
|
||||
%patch479 -p0
|
||||
%patch480 -p0
|
||||
%patch481 -p0
|
||||
%patch482 -p0
|
||||
%patch483 -p0
|
||||
%patch484 -p0
|
||||
%patch485 -p0
|
||||
%patch486 -p0
|
||||
%patch487 -p0
|
||||
|
||||
# udev patches
|
||||
%patch1001 -p1
|
||||
|
Loading…
Reference in New Issue
Block a user