From 3740353f8aab6c7c3a855f5db2b048015dd5d5736dbea89e376a8f2f1f98c3ac Mon Sep 17 00:00:00 2001 From: Simon Lees Date: Fri, 6 Dec 2019 04:01:33 +0000 Subject: [PATCH] Accepting request 754216 from home:simotek:branches:Base:System - Verify signatures * dbus-1.keyring - Key for Simon McVittie (smcv) from the Debian developer keyring. - Drop dbus_at_console.ck not needed - Clean up sources * Source2 dbus-1.desktop now Source4 * baselib.conf now source 3 - Update to 1.12.16 * CVE-2019-12749: Do not attempt to carry out DBUS_COOKIE_SHA1 authentication for identities that differ from the user running the DBusServer. Previously, a local attacker could manipulate symbolic links in their own home directory to bypass authentication and connect to a DBusServer with elevated privileges. The standard system and session dbus-daemons in their default configuration were immune to this attack because they did not allow DBUS_COOKIE_SHA1, but third-party users of DBusServer such as Upstart could be vulnerable. Thanks to Joe Vennix of Apple Information Security. (bsc#1137832, dbus#269, Simon McVittie) - From 1.12.14 * Raise soft fd limit to match hard limit, even if unprivileged. This makes session buses with many clients, or with clients that make heavy use of fd-passing, less likely to suffer from fd exhaustion. (dbus!103, Simon McVittie) * If a privileged dbus-daemon has a hard fd limit greater than 64K, don't reduce it to 64K, ensuring that we can put back the original fd limits when carrying out traditional (non-systemd) activation. This fixes a regression with systemd >= 240 in which system services inherited dbus-daemon's hard and soft limit of 64K fds, instead of the intended soft limit of 1K and hard limit of 512K or 1M. (dbus!103, Debian#928877; Simon McVittie) * Fix build failures caused by an AX_CODE_COVERAGE API change in newer autoconf-archive versions (dbus#249, dbus!88; Simon McVittie) * Fix build failures with newer autoconf-archive versions that include AX_-prefixed shell variable names (dbus#249, dbus!86; Simon McVittie) * Parse section/group names in .service files according to the syntax from the Desktop Entry Specification, rejecting control characters and non-ASCII in section/group names (dbus#208, David King) * Fix various -Wlogical-op issues that cause build failure with newer gcc versions (dbus#225, dbus!109; David King) * Don't assume we can set permissions on a directory, for the benefit of MSYS and Cygwin builds (dbus#216, dbus!110; Simon McVittie) * Don't overwrite PKG_CONFIG_PATH and related environment variables when the pkg-config-based version of DBus1Config is used in a CMake project (dbus#267, dbus!96; Clemens Lang) - Drop now upstream Patches * dbus-no-ax-check.patch * dbus-new-autoconf-archive.patch - Fix two inconsistencies with _libexecdir, sysusers.d and tmpfiles.d are always in %{_prefix}/lib/. - Drop update-desktop-files BuildRequires, once added for mimetypes.prov which is no longer part of update-desktop-files, and dbus-1.desktop does not even handles a single mimetype. - Replace DISABLE_RESTART_ON_UPDATE with %service_del_postun_without_restart - Remove version specific code to block all updates on restart as hopefully no tumbleweed versions still have code causing those issues (was only present for a few snapshots) - Remove the Leap42 conditionals that cause file conflict with filesystem package - Drop use of $FIRST_ARG in .spec The use of $FIRST_ARG was probably required because of the %service_* rpm macros were playing tricks with the shell positional parameters. This is bad practice and error prones so let's assume that no macros should do that anymore and hence it's safe to assume that positional parameters remains unchanged after any rpm macro call. OBS-URL: https://build.opensuse.org/request/show/754216 OBS-URL: https://build.opensuse.org/package/show/Base:System/dbus-1?expand=0&rev=287 --- dbus-1-x11.changes | 119 +++++++++++++++++-------- dbus-1-x11.spec | 11 +-- dbus-1.12.12.tar.gz | 3 - dbus-1.12.16.tar.gz | 3 + dbus-1.12.16.tar.gz.asc | 16 ++++ dbus-1.changes | 119 +++++++++++++++++-------- dbus-1.keyring | 150 ++++++++++++++++++++++++++++++++ dbus-1.spec | 24 ++--- dbus-new-autoconf-archive.patch | 43 --------- dbus-no-ax-check.patch | 45 ---------- dbus_at_console.ck | 27 ------ 11 files changed, 353 insertions(+), 207 deletions(-) delete mode 100644 dbus-1.12.12.tar.gz create mode 100644 dbus-1.12.16.tar.gz create mode 100644 dbus-1.12.16.tar.gz.asc create mode 100644 dbus-1.keyring delete mode 100644 dbus-new-autoconf-archive.patch delete mode 100644 dbus-no-ax-check.patch delete mode 100644 dbus_at_console.ck diff --git a/dbus-1-x11.changes b/dbus-1-x11.changes index 69e9b26..501fdcd 100644 --- a/dbus-1-x11.changes +++ b/dbus-1-x11.changes @@ -1,3 +1,54 @@ +------------------------------------------------------------------- +Tue Dec 3 01:16:18 UTC 2019 - Simon Lees + +- Verify signatures + * dbus-1.keyring - Key for Simon McVittie (smcv) from the Debian + developer keyring. +- Drop dbus_at_console.ck not needed +- Clean up sources + * Source2 dbus-1.desktop now Source4 + * baselib.conf now source 3 +- Update to 1.12.16 + * CVE-2019-12749: Do not attempt to carry out DBUS_COOKIE_SHA1 + authentication for identities that differ from the user running the + DBusServer. Previously, a local attacker could manipulate symbolic + links in their own home directory to bypass authentication and connect + to a DBusServer with elevated privileges. The standard system and + session dbus-daemons in their default configuration were immune to this + attack because they did not allow DBUS_COOKIE_SHA1, but third-party + users of DBusServer such as Upstart could be vulnerable. + Thanks to Joe Vennix of Apple Information Security. + (bsc#1137832, dbus#269, Simon McVittie) +- From 1.12.14 + * Raise soft fd limit to match hard limit, even if unprivileged. + This makes session buses with many clients, or with clients that make + heavy use of fd-passing, less likely to suffer from fd exhaustion. + (dbus!103, Simon McVittie) + * If a privileged dbus-daemon has a hard fd limit greater than 64K, don't + reduce it to 64K, ensuring that we can put back the original fd limits + when carrying out traditional (non-systemd) activation. This fixes a + regression with systemd >= 240 in which system services inherited + dbus-daemon's hard and soft limit of 64K fds, instead of the intended + soft limit of 1K and hard limit of 512K or 1M. + (dbus!103, Debian#928877; Simon McVittie) + * Fix build failures caused by an AX_CODE_COVERAGE API change in newer + autoconf-archive versions (dbus#249, dbus!88; Simon McVittie) + * Fix build failures with newer autoconf-archive versions that include + AX_-prefixed shell variable names (dbus#249, dbus!86; Simon McVittie) + * Parse section/group names in .service files according to the syntax + from the Desktop Entry Specification, rejecting control characters + and non-ASCII in section/group names (dbus#208, David King) + * Fix various -Wlogical-op issues that cause build failure with newer + gcc versions (dbus#225, dbus!109; David King) + * Don't assume we can set permissions on a directory, for the benefit of + MSYS and Cygwin builds (dbus#216, dbus!110; Simon McVittie) + * Don't overwrite PKG_CONFIG_PATH and related environment variables when + the pkg-config-based version of DBus1Config is used in a CMake project + (dbus#267, dbus!96; Clemens Lang) +- Drop now upstream Patches + * dbus-no-ax-check.patch + * dbus-new-autoconf-archive.patch + ------------------------------------------------------------------- Wed Nov 20 20:09:53 UTC 2019 - Stefan Brüns @@ -10,10 +61,10 @@ Wed Nov 20 20:09:53 UTC 2019 - Stefan Brüns ------------------------------------------------------------------- Wed May 29 13:25:43 UTC 2019 - Simon Lees -- Replace DISABLE_RESTART_ON_UPDATE with +- Replace DISABLE_RESTART_ON_UPDATE with %service_del_postun_without_restart - Remove version specific code to block all updates on restart as - hopefully no tumbleweed versions still have code causing those + hopefully no tumbleweed versions still have code causing those issues (was only present for a few snapshots) ------------------------------------------------------------------- @@ -94,32 +145,32 @@ Tue Nov 20 23:37:09 UTC 2018 - eich@suse.com Wed Aug 22 10:40:43 UTC 2018 - sflees@suse.de - Update to 1.12.10 * Changelog for 1.12.10 - • Prevent reading up to 3 bytes beyond the end of a truncated message. + * Prevent reading up to 3 bytes beyond the end of a truncated message. This could in principle be an information leak or denial of service on the system bus, but is not believed to be exploitable to crash the system bus or leak interesting information in practice. (fd.o #107332, Simon McVittie) - • Fix build with gcc 8 -Werror=cast-function-type + * Fix build with gcc 8 -Werror=cast-function-type (fd.o #107349, Simon McVittie) - • Fix warning from gcc 8 about suspicious use of strncpy() when + * Fix warning from gcc 8 about suspicious use of strncpy() when populating struct sockaddr_un (fd.o #107350, Simon McVittie) - • Fix a minor memory leak when a DBusServer listens on a new address + * Fix a minor memory leak when a DBusServer listens on a new address (fd.o #107194, Simon McVittie) - • Fix an invalid NULL argument to rmdir() if a nonce-tcp DBusServer + * Fix an invalid NULL argument to rmdir() if a nonce-tcp DBusServer runs out of memory (fd.o #107194, Simon McVittie) - • Don't use misleading errno-derived error names if getaddrinfo() or + * Don't use misleading errno-derived error names if getaddrinfo() or getnameinfo() fails with a code other than EAI_SYSTEM (fd.o #106395, Simon McVittie) - • Skip tests that require working TCP if we are in a container environment + * Skip tests that require working TCP if we are in a container environment where 127.0.0.1 cannot be resolved (fd.o #106812, Simon McVittie) * Changelog for 1.12.8 - • The Devhelp documentation index is now in version 2 format + * The Devhelp documentation index is now in version 2 format (fd.o #106186, Simon McVittie) - • Give the dbus-daemon man page some scarier warnings about + * Give the dbus-daemon man page some scarier warnings about and non-local TCP, which are insecure and should not be used, particularly for the standard system and session buses (fd.o #106004, Simon McVittie) - • Fix installation of Ducktype documentation with newer yelp-build + * Fix installation of Ducktype documentation with newer yelp-build versions (fd.o #106171, Simon McVittie) ------------------------------------------------------------------- @@ -127,29 +178,29 @@ Fri Mar 23 10:40:43 UTC 2018 - sflees@suse.de - Update to 1.12.6 * Changelog for 1.12.6 - • Increase system dbus-daemon's RLIMIT_NOFILE rlimit before it drops + * Increase system dbus-daemon's RLIMIT_NOFILE rlimit before it drops privileges, because it won't have permission afterwards. This fixes a regression in dbus 1.10.18 and 1.11.0 which made the standard system bus more susceptible to deliberate or accidental denial of service. (fdo#105165, David King) * Changelog for 1.12.4 - • When iterating the DBusConnection while blocking on a pending call, + * When iterating the DBusConnection while blocking on a pending call, don't wait for I/O if that pending call already has a result; and make sure that whether it has a result is propagated in a thread-safe way. This prevents certain multi-threaded calling patterns from blocking until their timeout even when they should have succeeded sooner. (fdo#102839; Manish Narang, Michael Searle) - • Report the correct error if OOM is reached while trying to listen + * Report the correct error if OOM is reached while trying to listen on a TCP socket (fdo#89104, Simon McVittie) - • Fix assertion failures in recovery from OOM while setting up a + * Fix assertion failures in recovery from OOM while setting up a DBusServer (fdo#89104, Simon McVittie) - • Add a missing space to a warning message (fdo#103729, Thomas Zajic) - • Expand ${bindir} correctly when pkg-config is asked for dbus_daemondir + * Add a missing space to a warning message (fdo#103729, Thomas Zajic) + * Expand ${bindir} correctly when pkg-config is asked for dbus_daemondir (fdo#104265, Benedikt Heine) - • On Linux systems with systemd < 237, if ${localstatedir}/dbus doesn't + * On Linux systems with systemd < 237, if ${localstatedir}/dbus doesn't exist, create it before trying to create ${localstatedir}/dbus/machine-id (fdo#104577, Chris Lesiak) - • Fix escaping in dbus-api-design document (fdo#104925, Philip Withnall) + * Fix escaping in dbus-api-design document (fdo#104925, Philip Withnall) ------------------------------------------------------------------- Thu Mar 8 15:24:54 UTC 2018 - dimstar@opensuse.org @@ -182,36 +233,36 @@ Thu Nov 16 02:21:08 UTC 2017 - sflees@suse.de - Update to 1.12.2 Deprecations: -• Eavesdropping is officially deprecated in favour of BecomeMonitor. +* Eavesdropping is officially deprecated in favour of BecomeMonitor. See the release notes for spec version 0.31 (in dbus 1.11.14). -• [Unix] Flag files in /var/run/console/${username} are deprecated. +* [Unix] Flag files in /var/run/console/${username} are deprecated. See the release notes for 1.11.18. New APIs: -• and rules in dbus-daemon configuration can now +* and rules in dbus-daemon configuration can now include send_broadcast="true", send_broadcast="false", max_unix_fds="N", min_unix_fds="N" (for some integer N). See the release notes for 1.11.18. -• dbus_try_get_local_machine_id() is like +* dbus_try_get_local_machine_id() is like dbus_get_local_machine_id(), but returns a DBusError. -• New APIs around DBusMessageIter to simplify cleanup. +* New APIs around DBusMessageIter to simplify cleanup. See the release notes for 1.11.16. -• The message bus daemon now implements the standard Introspectable, +* The message bus daemon now implements the standard Introspectable, Peer and Properties interfaces. See the release notes for dbus 1.11.14 and spec version 0.31. -• DTDs for introspection XML and bus configuration are installed. -• [Unix] A new unix:dir=… address family resembles unix:tmpdir=… but +* DTDs for introspection XML and bus configuration are installed. +* [Unix] A new unix:dir=… address family resembles unix:tmpdir=… but never uses Linux abstract sockets, which is advantageous for containers. On non-Linux it is equivalent to unix:tmpdir=…. See the release notes for dbus 1.11.14 and spec version 0.31. -• [Unix] New option "dbus-launch --exit-with-x11". -• [Unix] Session managers can create transient .service files in +* [Unix] New option "dbus-launch --exit-with-x11". +* [Unix] Session managers can create transient .service files in $XDG_RUNTIME_DIR/dbus-1/services. See the release notes for 1.11.12. -• [Unix] A sysusers.d snippet can create the messagebus user on-demand. +* [Unix] A sysusers.d snippet can create the messagebus user on-demand. Miscellaneous behaviour changes: -• [Unix] The session bus now logs to syslog if it was started by +* [Unix] The session bus now logs to syslog if it was started by dbus-launch. -• [Unix] Internal warnings are logged to syslog if configured. -• [Unix] Exceeding an anti-DoS limit is logged to syslog if configured, +* [Unix] Internal warnings are logged to syslog if configured. +* [Unix] Exceeding an anti-DoS limit is logged to syslog if configured, or to stderr. - Enabled "make check test suite" - Patches removed, fixed upstream diff --git a/dbus-1-x11.spec b/dbus-1-x11.spec index be8b8e1..4be9287 100644 --- a/dbus-1-x11.spec +++ b/dbus-1-x11.spec @@ -1,7 +1,7 @@ # # spec file for package dbus-1-x11 # -# Copyright (c) 2019 SUSE LLC. +# Copyright (c) 2019 SUSE LLC # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -23,16 +23,17 @@ %endif %bcond_without selinux Name: dbus-1-x11 -Version: 1.12.12 +Version: 1.12.16 Release: 0 Summary: D-Bus Message Bus System License: GPL-2.0-or-later OR AFL-2.1 Group: System/Daemons URL: http://dbus.freedesktop.org/ Source0: http://dbus.freedesktop.org/releases/dbus/%{_name}-%{version}.tar.gz -Source2: dbus-1.desktop -Source3: dbus_at_console.ck -Source4: baselibs.conf +Source1: http://dbus.freedesktop.org/releases/dbus/%{_name}-%{version}.tar.gz.asc +Source2: dbus-1.keyring +Source3: baselibs.conf +Source4: dbus-1.desktop Patch0: feature-suse-log-deny.patch # PATCH-FIX-OPENSUSE coolo@suse.de -- force a feature configure won't accept without x11 in buildrequires Patch1: feature-suse-do-autolaunch.patch diff --git a/dbus-1.12.12.tar.gz b/dbus-1.12.12.tar.gz deleted file mode 100644 index b5ba688..0000000 --- a/dbus-1.12.12.tar.gz +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:9546f226011a1e5d9d77245fe5549ef25af4694053189d624d0d6ac127ecf5f8 -size 2077301 diff --git a/dbus-1.12.16.tar.gz b/dbus-1.12.16.tar.gz new file mode 100644 index 0000000..c18067f --- /dev/null +++ b/dbus-1.12.16.tar.gz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:54a22d2fa42f2eb2a871f32811c6005b531b9613b1b93a0d269b05e7549fec80 +size 2093296 diff --git a/dbus-1.12.16.tar.gz.asc b/dbus-1.12.16.tar.gz.asc new file mode 100644 index 0000000..4d8d1a9 --- /dev/null +++ b/dbus-1.12.16.tar.gz.asc @@ -0,0 +1,16 @@ +-----BEGIN PGP SIGNATURE----- + +iQIzBAABCAAdFiEENuxaZEik9e95vv6Y4FrhR4+BTE8FAlz9bG4ACgkQ4FrhR4+B +TE/zjxAAs6AUPEMcTg8SWwOo+VJIcYRfqDZUVvBOGR7oWSwIWGs7w16k4NjGa5WA +yKE/vjaUuezXwBW54ebCBLdi2MSRszIjS1O2FcRSF4M1A6kn3q0eK0SZdi7Tc63O +8n197f7usZOLXFSx5onpm5ToHuXmj2+F6jwwpX5qNmyyRgJkEozzzxTQkiEp+xwX +TSITwhBxJu1VAfnaq/Z+puIqQpkK8gTJ+Rg9by+OVqqN5AVaKxDDGHEjw2q+oTyH +EPJH17BXevk7t8p4iHW6qU82tsnEw4EuxBA8GLQKAAhisrL9BOpcFpAmQpbClNlR +Cy+vdebE1/snIwpbPrDVT3iYd4xUWcd/RYKNEtoX6m9+bvs4jqnxuepVZj6HNbf8 +0NKIdc0zI4GrDcUVkVvcfGmpU05/30RGZP1xDXml8s2EwXJBJX+yUKvGEnKado8K +poB0Qi9I3mlfY5eWzwW8m0vdkjccEt0Q6qgbgNYpXMLWUxTKICBud4Y37T26twYy +2+LpD/Pstlrge/vlv8zK7VSpS+b2CZhrualZ74+IcYVEndhgdRXf5PCyOWxf93kw +xME+ijt9QG0eTUTiFcC3hNJ2IW5hrWdNBTaVj8eIPxR7MWghLpzPjZU8M6dfZ/Wn +FuIbR/Q5XazqDUQWokSCi2sf4HktO0t28xV200ZtxgL8YbrOQzM= +=Olzi +-----END PGP SIGNATURE----- diff --git a/dbus-1.changes b/dbus-1.changes index 69e9b26..501fdcd 100644 --- a/dbus-1.changes +++ b/dbus-1.changes @@ -1,3 +1,54 @@ +------------------------------------------------------------------- +Tue Dec 3 01:16:18 UTC 2019 - Simon Lees + +- Verify signatures + * dbus-1.keyring - Key for Simon McVittie (smcv) from the Debian + developer keyring. +- Drop dbus_at_console.ck not needed +- Clean up sources + * Source2 dbus-1.desktop now Source4 + * baselib.conf now source 3 +- Update to 1.12.16 + * CVE-2019-12749: Do not attempt to carry out DBUS_COOKIE_SHA1 + authentication for identities that differ from the user running the + DBusServer. Previously, a local attacker could manipulate symbolic + links in their own home directory to bypass authentication and connect + to a DBusServer with elevated privileges. The standard system and + session dbus-daemons in their default configuration were immune to this + attack because they did not allow DBUS_COOKIE_SHA1, but third-party + users of DBusServer such as Upstart could be vulnerable. + Thanks to Joe Vennix of Apple Information Security. + (bsc#1137832, dbus#269, Simon McVittie) +- From 1.12.14 + * Raise soft fd limit to match hard limit, even if unprivileged. + This makes session buses with many clients, or with clients that make + heavy use of fd-passing, less likely to suffer from fd exhaustion. + (dbus!103, Simon McVittie) + * If a privileged dbus-daemon has a hard fd limit greater than 64K, don't + reduce it to 64K, ensuring that we can put back the original fd limits + when carrying out traditional (non-systemd) activation. This fixes a + regression with systemd >= 240 in which system services inherited + dbus-daemon's hard and soft limit of 64K fds, instead of the intended + soft limit of 1K and hard limit of 512K or 1M. + (dbus!103, Debian#928877; Simon McVittie) + * Fix build failures caused by an AX_CODE_COVERAGE API change in newer + autoconf-archive versions (dbus#249, dbus!88; Simon McVittie) + * Fix build failures with newer autoconf-archive versions that include + AX_-prefixed shell variable names (dbus#249, dbus!86; Simon McVittie) + * Parse section/group names in .service files according to the syntax + from the Desktop Entry Specification, rejecting control characters + and non-ASCII in section/group names (dbus#208, David King) + * Fix various -Wlogical-op issues that cause build failure with newer + gcc versions (dbus#225, dbus!109; David King) + * Don't assume we can set permissions on a directory, for the benefit of + MSYS and Cygwin builds (dbus#216, dbus!110; Simon McVittie) + * Don't overwrite PKG_CONFIG_PATH and related environment variables when + the pkg-config-based version of DBus1Config is used in a CMake project + (dbus#267, dbus!96; Clemens Lang) +- Drop now upstream Patches + * dbus-no-ax-check.patch + * dbus-new-autoconf-archive.patch + ------------------------------------------------------------------- Wed Nov 20 20:09:53 UTC 2019 - Stefan Brüns @@ -10,10 +61,10 @@ Wed Nov 20 20:09:53 UTC 2019 - Stefan Brüns ------------------------------------------------------------------- Wed May 29 13:25:43 UTC 2019 - Simon Lees -- Replace DISABLE_RESTART_ON_UPDATE with +- Replace DISABLE_RESTART_ON_UPDATE with %service_del_postun_without_restart - Remove version specific code to block all updates on restart as - hopefully no tumbleweed versions still have code causing those + hopefully no tumbleweed versions still have code causing those issues (was only present for a few snapshots) ------------------------------------------------------------------- @@ -94,32 +145,32 @@ Tue Nov 20 23:37:09 UTC 2018 - eich@suse.com Wed Aug 22 10:40:43 UTC 2018 - sflees@suse.de - Update to 1.12.10 * Changelog for 1.12.10 - • Prevent reading up to 3 bytes beyond the end of a truncated message. + * Prevent reading up to 3 bytes beyond the end of a truncated message. This could in principle be an information leak or denial of service on the system bus, but is not believed to be exploitable to crash the system bus or leak interesting information in practice. (fd.o #107332, Simon McVittie) - • Fix build with gcc 8 -Werror=cast-function-type + * Fix build with gcc 8 -Werror=cast-function-type (fd.o #107349, Simon McVittie) - • Fix warning from gcc 8 about suspicious use of strncpy() when + * Fix warning from gcc 8 about suspicious use of strncpy() when populating struct sockaddr_un (fd.o #107350, Simon McVittie) - • Fix a minor memory leak when a DBusServer listens on a new address + * Fix a minor memory leak when a DBusServer listens on a new address (fd.o #107194, Simon McVittie) - • Fix an invalid NULL argument to rmdir() if a nonce-tcp DBusServer + * Fix an invalid NULL argument to rmdir() if a nonce-tcp DBusServer runs out of memory (fd.o #107194, Simon McVittie) - • Don't use misleading errno-derived error names if getaddrinfo() or + * Don't use misleading errno-derived error names if getaddrinfo() or getnameinfo() fails with a code other than EAI_SYSTEM (fd.o #106395, Simon McVittie) - • Skip tests that require working TCP if we are in a container environment + * Skip tests that require working TCP if we are in a container environment where 127.0.0.1 cannot be resolved (fd.o #106812, Simon McVittie) * Changelog for 1.12.8 - • The Devhelp documentation index is now in version 2 format + * The Devhelp documentation index is now in version 2 format (fd.o #106186, Simon McVittie) - • Give the dbus-daemon man page some scarier warnings about + * Give the dbus-daemon man page some scarier warnings about and non-local TCP, which are insecure and should not be used, particularly for the standard system and session buses (fd.o #106004, Simon McVittie) - • Fix installation of Ducktype documentation with newer yelp-build + * Fix installation of Ducktype documentation with newer yelp-build versions (fd.o #106171, Simon McVittie) ------------------------------------------------------------------- @@ -127,29 +178,29 @@ Fri Mar 23 10:40:43 UTC 2018 - sflees@suse.de - Update to 1.12.6 * Changelog for 1.12.6 - • Increase system dbus-daemon's RLIMIT_NOFILE rlimit before it drops + * Increase system dbus-daemon's RLIMIT_NOFILE rlimit before it drops privileges, because it won't have permission afterwards. This fixes a regression in dbus 1.10.18 and 1.11.0 which made the standard system bus more susceptible to deliberate or accidental denial of service. (fdo#105165, David King) * Changelog for 1.12.4 - • When iterating the DBusConnection while blocking on a pending call, + * When iterating the DBusConnection while blocking on a pending call, don't wait for I/O if that pending call already has a result; and make sure that whether it has a result is propagated in a thread-safe way. This prevents certain multi-threaded calling patterns from blocking until their timeout even when they should have succeeded sooner. (fdo#102839; Manish Narang, Michael Searle) - • Report the correct error if OOM is reached while trying to listen + * Report the correct error if OOM is reached while trying to listen on a TCP socket (fdo#89104, Simon McVittie) - • Fix assertion failures in recovery from OOM while setting up a + * Fix assertion failures in recovery from OOM while setting up a DBusServer (fdo#89104, Simon McVittie) - • Add a missing space to a warning message (fdo#103729, Thomas Zajic) - • Expand ${bindir} correctly when pkg-config is asked for dbus_daemondir + * Add a missing space to a warning message (fdo#103729, Thomas Zajic) + * Expand ${bindir} correctly when pkg-config is asked for dbus_daemondir (fdo#104265, Benedikt Heine) - • On Linux systems with systemd < 237, if ${localstatedir}/dbus doesn't + * On Linux systems with systemd < 237, if ${localstatedir}/dbus doesn't exist, create it before trying to create ${localstatedir}/dbus/machine-id (fdo#104577, Chris Lesiak) - • Fix escaping in dbus-api-design document (fdo#104925, Philip Withnall) + * Fix escaping in dbus-api-design document (fdo#104925, Philip Withnall) ------------------------------------------------------------------- Thu Mar 8 15:24:54 UTC 2018 - dimstar@opensuse.org @@ -182,36 +233,36 @@ Thu Nov 16 02:21:08 UTC 2017 - sflees@suse.de - Update to 1.12.2 Deprecations: -• Eavesdropping is officially deprecated in favour of BecomeMonitor. +* Eavesdropping is officially deprecated in favour of BecomeMonitor. See the release notes for spec version 0.31 (in dbus 1.11.14). -• [Unix] Flag files in /var/run/console/${username} are deprecated. +* [Unix] Flag files in /var/run/console/${username} are deprecated. See the release notes for 1.11.18. New APIs: -• and rules in dbus-daemon configuration can now +* and rules in dbus-daemon configuration can now include send_broadcast="true", send_broadcast="false", max_unix_fds="N", min_unix_fds="N" (for some integer N). See the release notes for 1.11.18. -• dbus_try_get_local_machine_id() is like +* dbus_try_get_local_machine_id() is like dbus_get_local_machine_id(), but returns a DBusError. -• New APIs around DBusMessageIter to simplify cleanup. +* New APIs around DBusMessageIter to simplify cleanup. See the release notes for 1.11.16. -• The message bus daemon now implements the standard Introspectable, +* The message bus daemon now implements the standard Introspectable, Peer and Properties interfaces. See the release notes for dbus 1.11.14 and spec version 0.31. -• DTDs for introspection XML and bus configuration are installed. -• [Unix] A new unix:dir=… address family resembles unix:tmpdir=… but +* DTDs for introspection XML and bus configuration are installed. +* [Unix] A new unix:dir=… address family resembles unix:tmpdir=… but never uses Linux abstract sockets, which is advantageous for containers. On non-Linux it is equivalent to unix:tmpdir=…. See the release notes for dbus 1.11.14 and spec version 0.31. -• [Unix] New option "dbus-launch --exit-with-x11". -• [Unix] Session managers can create transient .service files in +* [Unix] New option "dbus-launch --exit-with-x11". +* [Unix] Session managers can create transient .service files in $XDG_RUNTIME_DIR/dbus-1/services. See the release notes for 1.11.12. -• [Unix] A sysusers.d snippet can create the messagebus user on-demand. +* [Unix] A sysusers.d snippet can create the messagebus user on-demand. Miscellaneous behaviour changes: -• [Unix] The session bus now logs to syslog if it was started by +* [Unix] The session bus now logs to syslog if it was started by dbus-launch. -• [Unix] Internal warnings are logged to syslog if configured. -• [Unix] Exceeding an anti-DoS limit is logged to syslog if configured, +* [Unix] Internal warnings are logged to syslog if configured. +* [Unix] Exceeding an anti-DoS limit is logged to syslog if configured, or to stderr. - Enabled "make check test suite" - Patches removed, fixed upstream diff --git a/dbus-1.keyring b/dbus-1.keyring new file mode 100644 index 0000000..3649162 --- /dev/null +++ b/dbus-1.keyring @@ -0,0 +1,150 @@ +-----BEGIN PGP PUBLIC KEY BLOCK----- + +mQINBEoEbMcBEACg2ByFTN0inbeNg5aBs2H49AtW/eGqbiWMML3RwlfPqu+I2MGC +PeOHBWjtSWyPDixrL1DGDA4Cs0uoxk98sRZE8peAhGpFEdiAcGuQU/JcJ0gDTsfj +1WKMcWi6yI5eu8NinkW2pJuMgLpxNtD2j8wfegoBttB4omXinOpCHuz7lGYenbZk +6/DCgzVeq+ssOdfjPLSJJPIyIIwhdDorXX0pvzAou168LFlDJaWx7OytYfKz1zV/ +f+bwnzbMRriAClJYgNl+UT+XnHO3zMIy1mSk4uffaDXeRPPO/R6lM/u7a5w9wHi/ +oKIPHJ9BmsgA5vBImuNNRa2pnOHwpBnphnpvqLm/98JAJJfMkoefy2Oc2J6PxJla +pP090sXzt6T7YpR9epwZCO5+OU6sIbK/vjy1pi0hxx847H4hrKzW67kr9o5btjxm +FybqLTT+o01n7x9/A6SBE/vVAfZ1OYm0/DoSNdKpaQtvNeQ1h5gw7gY/uT8VCQB+ +ZQVRQkInAqYSzO4oYPS9ynud5d3qNllpZs77EaEN5yVKZk/36QUGoRdbmpZoMTjB +aaM6G0MUO+1FikvBT+aDmomgD+JkDOZf1bIJaSg/QtIIjq5ALExbk1XDkL++XVDJ +9Ag7U467kinjcKWuVIr2aOMMSlXFuDFlsZbeJGCqkdkc2Ucdy1p0fZPWWQARAQAB +tCBTaW1vbiBNY1ZpdHRpZSA8c21jdkBkZWJpYW4ub3JnPokCVAQTAQoAPgIbAwIe +AQIXgAULCQgHAwUVCgkICwUWAgMBABYhBNqY8lwIccSaWer/LE3o/ypjx8yQBQJc +0TRABQklmMpXAAoJEE3o/ypjx8yQE5MQAIBglLXCvT4/WfjUU9l7gTdMV5wdTI9f +A3SHP2MjgrN3WDi9nhAIT9Ik7JbgNKwJosio0EIqQjSet5GwtNVywD9/eexxyZNh +GCF2JZqqD6C5NIhY96lzEI5Rps79vz6XBFtXO2M9vP9ehQkpTYZOCE2CdESqNGCA +GYVeSC9KVqp0K3dl50MIRo/6s6iT9mJnlO0iUlK7uG5iCxiETyWyp24AFxOXZfBS +Yfa39gIvnyWGXR2ibHJzFPdVvbR9pA4+tga9R/CoBYINTgaWkxTrT/fKZ0WkW0R+ +R3EU2aT9Vh55ep5sHDVS/MxPfzF8q6smGhl9W2mtoCkpLvQigTlGt/RI6S7LBYkf +pPo2hL0Ikf5gAuYN6Wwm+hqBM6NG3syLhzSN80HwkZF5F4Bl/CS9OGjw/V5JzKaO +27aC2mDewvXBOcXmW1kG0AV94lU6pMGlJb7KZYwYH71XBHVjhzswwBckRnD1yT8I +a7sNUAA5Y2j1EcVg5cezrJ2xMdl5ElvgAk4bFCtcngP0P4M2PPncGWoO6/HYv/OT +c5rAdxC/iNlsey7h/B6BebEo1u5HEEN761tLBnNhcIY2hTC6u0EF7B5Kgsr/hHVs +dcTLrex6MfqvlGxakQtiXNOz2vJqJK98+JcBXZJtNCP/r/LK4KnIQ+uhWP0xtW57 +zUEPZPqk5PbRtCZTaW1vbiBKYW1lcyBNY1ZpdHRpZSAoYm9ybiAxOTgzLTA4LTI1 +KYkCVAQTAQoAPgIbAwIeAQIXgAULCQgHAwUVCgkICwUWAgMBABYhBNqY8lwIccSa +Wer/LE3o/ypjx8yQBQJc0TQzBQklmMpXAAoJEE3o/ypjx8yQMlsP/1LeI21CDaF3 +ss71qsHXIXYV5IpcK/NuOBs5fY87Afc8JJT5u7HYGRhidknioNGf1hLUmba8ZvCG +7S8DoEbdTE1oNjTPdlAaxUjhDjc3rzy8tvZ5U47S1FPt7nGPsbbUa01gzPh/GLOE +B05pQ7fmNHkTWoMR++aCxWkb06SMD41++F3gkoGr4KzlY+PIvVrHXGLTaP6UDutV +Ifwtqhbi2J9ySWW5WNstny3vzgwVsv92by7a9B0im6X5IYBooXkMLQgnji2fU1w+ +WrqT+KNTTjN3iLT7kkwWseuEyQhNhuuVD9mc7Yo7LuwRM6M08XeIucunRQ5zUkVO +255UQoydchCcrx9VNh+42g9g8AhGv9RQOWWRy9BSB26lD/CLR1t+kP4dC17lTX0r +DA9v9yrHgKCzhvt4dQFNrtfVOOcnS5tq/oYXEe2Ut8/mL/u8P06RexO/ooKoB1Oi +RXLNgE0B2BwMUVKMwURe1LbwnrhZnGXutBC9BCsPaC3qh7264Yi5v94BWYOn7629 +L8bctqgVRdSTrnGoiMyIDBVBXVM1s5fLePWVV58ydhVQ9x/dXKS7pMxi25xqucJ0 +3XwhuUw82Utmx56L8nBxqnUYfbI/UYqliqFxDW/hNGiqWtjPS02AWnitwZBW/zop +Y02y5wXbt1TsLwGwj77nNAigt9ZvJxjstChTaW1vbiBNY1ZpdHRpZSA8c21jdkBw +c2V1ZG9yYW5kb20uY28udWs+iQJXBBMBCgBBAhsDAh4BAheAAhkBBQsJCAcDBRUK +CQgLBRYCAwEAFiEE2pjyXAhxxJpZ6v8sTej/KmPHzJAFAlzRNB4FCSWYylcACgkQ +Tej/KmPHzJDakQ//Xno2NW+ug05xfASOjr25FzPvX+uWrTfaCPBVPlEsMlGwFsrJ +8JwJCsOJkPyQDcUAzYC+cyjVAWPaT8kelDExrFJlXeMNBa0xsQE4uLEF8UxrlUDk +sh9KdYSyepotETZIVrnmj9bY2q4Fr5a3TOF6CFwWkC3lRNe/v+PLTuA7aencN3NF +QHuBsNij/irapmA8N423auu1/TVgbBURl5BWQZF1y1Gh9WNJxnaeJaYHmoFg9oUt +sV/C98pREBrmEsUn4V6VP5oJhaVwJQL4Qp4lth/8srDd+i2211jcL0whv8PfndFz +EOcnGKVyCVY8FgkV67Sy++GH+BrOCS4RNTeCU7YPae9Ub+LUU+kVG1EQky3BFZdr +d0CjWP6UTRfEHFn8vEt3Q/A/WClpL1AdDlmdhmdOSxrai3xgZPVF7lOZsmNM0fXu +YTcy3OaS+j+Xbt1pTmHLBD1jq3BmkWNU42oAtGVcDyU2HdUK6lpCZnSgHAuiWwa3 +sN9jVmHCqekvl3PYE0Bw9hrUMymcFGDIgHnC7LdFkUWCgdpQdLt6SxDNRzrA1OFk +69O5FOKdHY8tK6sPuRp1IhkP72+O1QsTRShnrHtAH3gPoRP7wrLXL76ON2cdjITT +52Xu79ZjVKcqR6JU778IPedPUv7NBUptQ8i+3OWh3rc9KERYMx+jLoliRMC0L1Np +bW9uIE1jVml0dGllIDxzaW1vbi5tY3ZpdHRpZUBjb2xsYWJvcmEuY28udWs+iQJs +BDABCgBWFiEE2pjyXAhxxJpZ6v8sTej/KmPHzJAFAljO8AI4HQBzdXBlcnNlZGVk +IGJ5IDNDODY3MkEwRjQ5NjM3RkUwNjRBQzMwRjUyQTQzQTFFNEI3N0IwNTkACgkQ +Tej/KmPHzJClKw/+J/7A5uvxfAbJ5Lz/mg4K3owJw79Az67E+J+onM1vYBS+hJxw +6cxgzx6LjWVMp+Qnj3lolJ9Xb8X6a3HVSc/sN52FxDqI7M1UrhsvbreRu2quE8im +o9EhtKP6GqrLlVDuq/59WGgUmwN5DZOGkJ0DQ5Sv1H92RvcGKJkVabIAKUadehg4 +9hAyrn2OhCqo99a/I2vujAsudOJC8Z7JG+xy1eOZccmb9AEmim9hs9CigR2GwbIy +PrRHMmehbxGVFqot1rkOZh8ztrYskuHQdZvlO/CvIh3oFW3TwUiJss4eGbl8CLiP +54Rh7IRggMKlmtWr6BmCSGRsxRQ/ccvjn/NUFynlGxIRh/7UzatMNriuo+j12VQ0 +QGsHmut6GKfi9ih6nCXEEtGCUDKaQ1llD8zZIuq6+ITIojrc0tRidATYitU68H2Y +SEIgEGGqFPrjmj0Kife12hDT0tLq2GrxO7K3UAWi8F43o+Rs/RkOnBVAuW5oEUX9 +1Vom7WaSyoBnYFiGMjtFl1tiTUN3Gj0nDOaHJl4eGvO25Tq/y+mTp55EdIKUJUW1 +vsqJneXU92vziw45Od5T9EfW2XlfUn7TiKgLvCq2twMF7vdfc4B4TkNJUZKIOf7/ +7A+uG2Jmv1aSioqIWG4KZlx7r46C3Zh4aasvqvZqFeRTgaIYwpam4sLiy2G5Ag0E +SgRt1wEQAMSwM5piHmJxjWe4SaekBldmZ7kbq7b03mtqGOL0SsSr1AE4DDzqWEeo +6DQhQJvkKLmAnSchmjVvNQ4zID5VP3pGTR5D2akPt1ouX1SyBoCfDdu9SNzYvWnr +gAc1MfVN4Su1lG7yi3RU+m7dAwITcN+BUE4JNWXudees9yfNq/18TC24z3xZbfYp +w1oCWeey03hl5U1PrPl7Dw9xrBnjaqWm215lUhOcjUTHQdf6C0xePH3oS+696A+j +Si8VPCG7z6AJNlmCJvaV3aeFjvNtiWpl1ZL3vVzhIKxulOy+p7bK/ZF9OPhT5f6s +XS2e/ZRuGt+62s5q+n1r7X28BuoYTgJ/5wCs/oU4IX9zmtK/v8lO2/pMpE9iCwd3 +hFt1tPAckD81uVycinxZ+qn+mT6OBH/5G9YEw7BUyaNy/aq14H4cZ1TsZ0nAlwNa +bvyyQIo1NcG825A4uZ+ZLztvXE8obbOOLDWSFbWB4NUQBqAtxIKloIvMUFE0WIqC +gIs/zIIcoUJRn8vk02jm/zaO82myoGzRvivZdztZlCGtsJjsLdbm4dzP0oywdOXe +S0YqWjiDuNNLbye0I9fVRvKojr0ban/vx42cUy91CloBtjoNuCWqpmqzTdFB7xc7 +PWMNxQ6VpSjcsKH83O7pw5/pLLXdY4sl/SdRHFUHjhS+uGfceL4jABEBAAGJAjwE +GAEKACYCGwwWIQTamPJcCHHEmlnq/yxN6P8qY8fMkAUCXNE0dQUJFtkBngAKCRBN +6P8qY8fMkCrfD/oCaCuTARr0n9HrBXvMFjQ/FQbzoebbgAa7mjsfptGsxd33rhS0 +lhkKvm7+HnE63BCKlJjaXu5BoxrGrgJRXqrKT6hGr87cUcrSfOgGRDO0NMS2LNZR +2HaWheu8290pjhP7TH1KgjbNaV3V7sZJBsSAzdK7xW7NM2CUAzWK4/j7HvDhT+WU +WL8wSdWW6EKgzu5X6reH4DtHOI+zcYqGTjXa4VW4ljfsJsOrCpy8o/1CouUWF1xF +iYHpwkY4eikaE5WwMOmjRYU3JZ89e4njC928YLB3BPsrgWMsP2cbESpgRUdBCsuO +MVaZ0W65xRrZs1lpH7GaCDTAcuUwHjcU4iycHuj1NuZF2h+eyv1/5zswpl6uAIf7 +FAULCDRwd/fMmetG4gpY0WR4Y8GUjRmA+ElHwCqiHoLNx6UT81SQKCJyMKIYbudy +svUh+qESQoPa1TYBY6Pd2A5zN1qwptnHiWzwEQDmSitRxC5AjcnJZgM3hLxkjH5B +EU8UG8xMCoy0movEjfY14Ru/VlsLr2EZzCvJLH1mVuiMnblBlIwoZuEUyn4NMG+l +jPml4ZmSAgYfnsbvqZWcNDt7VrbY8uawyNPNw1SV0O3yU6PG+TdYTWt3rgpObVJ5 +/UIXZm+BJ7N0pIOk8J0bGnXTTlT0cyrcjGSz21aUeWfNjHOwK+2BlN8BLrkCDQRZ +V7fvARAAuV306m6wIvrmFrigBgWEMMYG7LQhPbFOj4c8iz0/h86At7Sayn2a5PVc +HB6cth+65PPvusHyXX3V4FRIuoMGD9lwPg8o0CkQYxINj3gg1TnyhSM+W9Bvpbkj +ZDmj8vwkLjGN7JRhsRJXcpqwBdsWlT0bNYbc6FumI8a02+9jVLNw6xbXBTX0ZJKg +bUWPZiI7fUyYedq2TE0fHzq8o+aNeZ2pIjCJSvxuSc4eKKNjANBSK7+srB+hqK0X +aABQlxNT8BnoGcA5qwQc8q/G3Wh6nwkdAYtUESHDvletKONrYq92prr+D16iVmKx +ZLyD2dxAPuExuCPwgQ0evUgJOSWFstVRLWsL6PKbVf0VwcSj3Dxe9qmcBHOi7xuV +8QrxTY7bapgYo04lgKJO4dN1CtFnh6rjmg1S42pZ1EjAWQ9y0nMjYf8SaQO2N2tO +LIP3VfyP88vb6hokiv9SUFWm2xfM17iUPj19o2h9tck0bCr5Rym3a+bV6IFxEqSr +eawxZ8DxTYBV+xmJ5RvWYNtT9/XKwfmYr073Igq7cTyfM59rKFYQERIwsHDoxMWd +0RRtGaHoH8+t+hUuNj+VbXteHWTSDAXEZXFgnMUJxI8b7vPgetsi95bzDI4+zq3V +oq0K3qq1SpiLVw926UOJTcU5jJasnAgkflqTFvcCb5LCfoBiomEAEQEAAYkEcgQY +AQoAJgIbAhYhBNqY8lwIccSaWer/LE3o/ypjx8yQBQJc0TSCBQkHhbeGAkDBdCAE +GQEKAB0WIQQ27FpkSKT173m+/pjgWuFHj4FMTwUCWVe37wAKCRDgWuFHj4FMT17C +D/9LJ2PFZcA6YA9mYpgiPbAQ7TWKPNCdMITp+pbPB2tbtQ/E/ST0QS4YTzD/xbbu +XFYZwb4xR4TAYp24wXVpx0LnWvTDMX290hiuEv4CfAmyAv36j9BgtJF7z7JRZGC0 +dYXn9p5Y+Kg3dKLQlUjTgdXZnnielYTznH6X8jr6/2wwr0WCiNlzOGi6lNWFIxWb +uF71JL/8x4uaIQu5GjNFshMFIeUV2YcTGA26J6HHTJx5CALdEhVgXlEqXEGEIO9B +cNefsUhSmAIaYzt6/BaBWkey6d8hYB2X+JFZWtlw6nzdtN50TmFH/VfJTsJGmjma +8RVBb1xgNxJEKZ/Zl6Luer6uj6ByEjzkThRPnkqwiV5UJKcQRjuI0Kbm+OXslhyL +VeHyHuMzhcIxMdKVYjCYLdSIm9OYgz+3EorYXZZQu+zlUc4DZmBnneQ5BKf2I0Jl +K96IQrkgmSM+gs+vo77SyxuP0VoIJGepLSuNxA9vdwf2MXHnkK+IH5b563ZxitQ+ +DK1xOg9tfgmiBam9NLbjBhgiewgcdrrzOxgHIXuob+krwpsdUOlrXnybFPT0EMbv +0lpBypDyZYGQoGb1KhiPcbpKhtA4ElEf0lyMgHI2hqvVBNsyrnpHgIoRlrHbsK+H +Ak3tfLD9xxhGBxC9A+YV9Cke/K8ghrezUe8ekFqxcBJSvgkQTej/KmPHzJC8Gw/8 +CS3IhmEcj+BnswYvZCHiKGAb0lDontgXYtmEX3lMuhqIb7LQkjmqO3CsLgsTaztl +wwsuPyfWBPfEW4jBoT+fXKw7iqFgWYqpj3TYfNuO1EBT3uxWM2DMWwHDO9zNq2D5 +6EDSJrKPH/DHqS7Hzsax4w6KmAsiNzPm3xxd4llDIMJZMupnCMsOIfF3iNPbazlv +cVvfkqPdMiM4Q76tZDlaO0pJgI69qmvignJFIF4CbAsfCVMMzHLelcDwSUyMaUsq +DlxrT/vRsdhWLWx3M15rHWL6fsGSef4QT71Yln38J7xnJrflZrvxcaRdOJQdJUqS +Fx1dUVGxsSQ15kR4y4Xvbs9G//W+uVuxZwHrdMtS7Cw82xVBeMUBZ/boS9t2/iUw +Wfjltz0L7Y5LjroNPT13A/uq2h3YRYQDcJfFIRJG6DvHzABRS3AGo7XMQ8FS9unM +u344fTl97/rObwYQnGFJQgzUJq4IGGyKIwbBBQXbO17nMVRvmHPyFH+I6HB6v+jM +2+rTDXKBQd4qkJHVwETbj3fXpaeNR+AUlZows4htGf3vnLi1kHIU6GVKTzIM/AFz +UZSXqFED2X1mK3JGn5o/AFxa4xF3BosoMk7qyk6EAVZEouFUSGfu4m0Ip3b2BtVl +z9tOauaOOc5uxPYBbTZUO+W8GKzWejuxJeayRBddmOm5Ag0EWVe8rgEQALNrdXGM +iDDvloRKiqitjOicwRQT+oYlM8viznwiuM0NpAUTPERNrYdn9MGbUI7IdvYRSdmP +0BxHBqjxbSNLgu3wAdRvc3BCHZaa6/jxIBoN4vnbn3sDSGEz5gkN3JDp4cbnlGMH +YEgy9HpteVEzdkX0EgbA2u0IYcwNamt2wqljB3pcWq8FQMmS0NfDVMfFuFphE7qK +j5/uF/ynqEmwYQ278W23JxNa711Gr6/50xvSuxUqoqSN+O+GjGWvvAAV3Oh76ehg +F7zn/H3TPhNn0cgFhAV997bSDJ8wkGdC17tE5TPeKNKOjYLB0QtPoMPMXWJbsY3b ++rF0tmf2jGyOu2RvXhEVxUZ3JWGAghy5h13GUoINhkKYvhB1tlraXqw2+ggp5mhr +jD/YlobUk+KeY7LfALGp7B8kZgqprqs2o9U3/f04UbZuCTRX4EpqgQHo6CtMFDzT +kaT2KuzeyRdAU/GNtvkMaiWMpHXyBAY+X7Yc02Wh8cVcLlnfGZMgA/k9EPNa4mf1 +EbgWdwb3G4j54W6WY8kemOQuG33VoTxVu8rhzbBiMPvAWKTH80j8mNepqNIMMgqe +RRskFiJiKgPgh5U0WXCclTk7Oc0xWUrHX85cQ2DuJSBavDd952vztRnxQ2h+EkoT +MAKnNWuACQ9yzk5WbruKRbeTzL7MMsqsl8NHABEBAAGJAjwEGAEKACYCGyAWIQTa +mPJcCHHEmlnq/yxN6P8qY8fMkAUCXNE0jAUJB4WyxwAKCRBN6P8qY8fMkFnnD/9L +F7gZDXMuqkc3id/JZvjb+2v66kEdcfZrhWcgoJkRw5zeww6vJbUVAlht5D/Lew9L +SanXG7ie6RwTh9ptdO4W04AiytfINNe53eYvH6DASvd/IVRY536ihPy3Oc5oEBkg +K2Sa32cvclvncB4ebtDT/Sihcp1bc3f8gLZgSwanAf9xPEYveGvPWUN0eplWaPYS +xtcHSkwL9CbOhKRGmDsheJ8WPCWPdpkqvgYHEwHH6gerOI25Jgaq+BaSFfLGcbfM +pFI/hxeUNOFJ5jfZgot8o2iqS2yAj598MXTKgluckK3lPhHrB5ZAHksE6dERAN4U +7QvimQYsjRoSrdmxmvP7gFdjjWOVDFyqV0OAJwZW8C6hZOr39C5lnr/nMlOisHaP +viCZq0WvL5I0Qx81DD/yIm0wcj9svLnvDZycyXYVAtwhCC4RKYeuxMECTl9QgGbl +sQcrvoEp+h+Fkfs8ZUcbqx7AXr1mBPUbta1wEh2GnRbb1sSplKlG5aW2waJWOyaT +Ct6cUcm6xQGS96xwxVsPZqE2Bv2/PPbHJDobtFdTmYV2M5P/dz1IjEgKi+llLDW1 +WpiI+PljFkr1DoZet2nlqz+Q5QWny9MHVumphvy5ZeGORN9bYmC/A/FzE8SeCIC/ +h/BXwJv8c3iFwybaIvqeghJVEeG1BXaP+3ECgNs3xg== +=ypqa +-----END PGP PUBLIC KEY BLOCK----- diff --git a/dbus-1.spec b/dbus-1.spec index 04f61da..2ab62eb 100644 --- a/dbus-1.spec +++ b/dbus-1.spec @@ -1,7 +1,7 @@ # # spec file for package dbus-1 # -# Copyright (c) 2019 SUSE LLC. +# Copyright (c) 2019 SUSE LLC # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -21,30 +21,25 @@ %define _libname libdbus-1-3 # Temporary code to disable service restart on update sflees@suse.de boo#1020301 %global _backup %{_sysconfdir}/sysconfig/services.rpmbak.%{name}-%{version}-%{release} -%if 0%{?suse_version} <= 1320 -%define _userunitdir %{_prefix}/lib/systemd/user -%endif + %bcond_without selinux Name: dbus-1 -Version: 1.12.12 +Version: 1.12.16 Release: 0 Summary: D-Bus Message Bus System License: GPL-2.0-or-later OR AFL-2.1 Group: System/Daemons URL: http://dbus.freedesktop.org/ Source0: http://dbus.freedesktop.org/releases/dbus/%{_name}-%{version}.tar.gz -Source2: dbus-1.desktop -Source3: dbus_at_console.ck -Source4: baselibs.conf +Source1: http://dbus.freedesktop.org/releases/dbus/%{_name}-%{version}.tar.gz.asc +Source2: dbus-1.keyring +Source3: baselibs.conf +Source4: dbus-1.desktop Patch0: feature-suse-log-deny.patch # PATCH-FIX-OPENSUSE coolo@suse.de -- force a feature configure won't accept without x11 in buildrequires Patch1: feature-suse-do-autolaunch.patch # Patch-Feature-opensuse sflees@suse.de, users shouldn't be allowed to start / stop the dbus service. Patch2: feature-suse-refuse-manual-start-stop.patch -# PATCH-FIX-UPSTREAM -Patch3: dbus-no-ax-check.patch -# PATCH-FIX-UPSTREAM tchvatal@suse.com -- work with new autoconf-archive -Patch4: dbus-new-autoconf-archive.patch BuildRequires: audit-devel BuildRequires: autoconf-archive BuildRequires: doxygen @@ -162,7 +157,7 @@ mkdir -p %{buildroot}%{_sbindir} ln -sf %{_sbindir}/service %{buildroot}/%{_sbindir}/rcdbus install -d %{buildroot}/run/dbus mkdir -p %{buildroot}/%{_datadir}/susehelp/meta/Development/Libraries/ -install -m 0644 %{SOURCE2} \ +install -m 0644 %{SOURCE4} \ %{buildroot}/%{_datadir}/susehelp/meta/Development/Libraries/dbus-1.desktop mkdir -p %{buildroot}/%{_libdir}/pkgconfig mkdir -p %{buildroot}/lib/dbus-1/system-services @@ -173,8 +168,6 @@ for i in %{_sysconfdir}/dbus-1/session.d %{_sysconfdir}/dbus-1/system.d \ mkdir -p %{buildroot}$i done -install -d %{buildroot}%{_sysconfdir}/ConsoleKit/run-session.d -install -m 755 %{SOURCE3} %{buildroot}%{_sysconfdir}/ConsoleKit/run-session.d mkdir -p %{buildroot}%{_localstatedir}/lib/dbus # don't ship executables in doc @@ -255,7 +248,6 @@ fi %config(noreplace) %{_sysconfdir}/dbus-1/system.conf %{_datadir}/dbus-1/session.conf %{_datadir}/dbus-1/system.conf -%{_sysconfdir}/ConsoleKit %{_bindir}/dbus-cleanup-sockets %{_bindir}/dbus-daemon %{_bindir}/dbus-monitor diff --git a/dbus-new-autoconf-archive.patch b/dbus-new-autoconf-archive.patch deleted file mode 100644 index 9d0f4db..0000000 --- a/dbus-new-autoconf-archive.patch +++ /dev/null @@ -1,43 +0,0 @@ -Index: dbus-1.12.12/Makefile.am -=================================================================== ---- dbus-1.12.12.orig/Makefile.am -+++ dbus-1.12.12/Makefile.am -@@ -51,4 +51,4 @@ DISTCHECK_CONFIGURE_FLAGS = \ - ACLOCAL_AMFLAGS = -I m4 ${ACLOCAL_FLAGS} - - # Add rules for code-coverage testing, as defined by AX_CODE_COVERAGE --@CODE_COVERAGE_RULES@ -+include $(top_srcdir)/aminclude_static.am -Index: dbus-1.12.12/bus/Makefile.am -=================================================================== ---- dbus-1.12.12.orig/bus/Makefile.am -+++ dbus-1.12.12/bus/Makefile.am -@@ -306,4 +306,4 @@ systemduserunit_DATA = \ - endif - - # Add rules for code-coverage testing, as defined by AX_CODE_COVERAGE --@CODE_COVERAGE_RULES@ -+include $(top_srcdir)/aminclude_static.am -Index: dbus-1.12.12/dbus/Makefile.am -=================================================================== ---- dbus-1.12.12.orig/dbus/Makefile.am -+++ dbus-1.12.12/dbus/Makefile.am -@@ -329,7 +329,7 @@ test_dbus_SOURCES= \ - test_dbus_LDADD = libdbus-internal.la - - # Add rules for code-coverage testing, as defined by AX_CODE_COVERAGE --@CODE_COVERAGE_RULES@ -+include $(top_srcdir)/aminclude_static.am - - clean-local: - $(AM_V_at)rm -fr ./.dbus-keyrings -Index: dbus-1.12.12/test/Makefile.am -=================================================================== ---- dbus-1.12.12.orig/test/Makefile.am -+++ dbus-1.12.12/test/Makefile.am -@@ -672,4 +672,4 @@ $(installable_test_meta_with_config): %_ - ) > $@.tmp && mv $@.tmp $@ - - # Add rules for code-coverage testing, as defined by AX_CODE_COVERAGE --@CODE_COVERAGE_RULES@ -+include $(top_srcdir)/aminclude_static.am diff --git a/dbus-no-ax-check.patch b/dbus-no-ax-check.patch deleted file mode 100644 index 724ddee..0000000 --- a/dbus-no-ax-check.patch +++ /dev/null @@ -1,45 +0,0 @@ -From ee09cc0acdc1c34e8ae999adf9922f3d0d66f407 Mon Sep 17 00:00:00 2001 -From: Simon McVittie -Date: Mon, 21 Jan 2019 14:28:24 +0000 -Subject: configure.ac: Forbid AX_-prefixed patterns more selectively - -We want to make autoconf fail early and with a user-comprehensible -message if autoconf-archive isn't installed, rather than generating -a configure script with syntax errors, or a configure script that runs -successfully but doesn't do what we intended. - -However, autoconf-archive doesn't actually guarantee not to use -AX_-prefixed shell variable names without m4_pattern_allow'ing them -(unlike Autoconf, Automake, Libtool and pkg-config, which explicitly use -m4_pattern_allow for variables with AC_, AM_, LT_ and PKG_ prefixes), so -it isn't safe to assume that they won't be used. In particular, recent -versions of AX_CHECK_GNU_MAKE appear to be using -$AX_CHECK_GNU_MAKE_HEADLINE as a shell variable. - -Instead, specifically forbid the names of the finite list of macros -that we actually use. - -Signed-off-by: Simon McVittie -Resolves: dbus#249 ---- - configure.ac | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -(limited to 'configure.ac') - -diff --git a/configure.ac b/configure.ac -index a5a7fd3..83d8b47 100644 ---- a/configure.ac -+++ b/configure.ac -@@ -10,7 +10,7 @@ AC_INIT([dbus], [dbus_version], [https://gitlab.freedesktop.org/dbus/dbus/issues - - AC_CONFIG_AUX_DIR([build-aux]) - --m4_pattern_forbid([^AX_], -+m4_pattern_forbid([^AX_(CHECK_ENABLE_DEBUG|CODE_COVERAGE|COMPILER_FLAGS|COMPILER_FLAGS_(CFLAGS|CXXFLAGS|LDFLAGS))\b], - [Unexpanded AX_ macro found. Please install GNU autoconf-archive]) - - AC_CANONICAL_HOST --- -cgit v1.1 - diff --git a/dbus_at_console.ck b/dbus_at_console.ck deleted file mode 100644 index 70850e5..0000000 --- a/dbus_at_console.ck +++ /dev/null @@ -1,27 +0,0 @@ -#!/bin/bash -# -# use consolekit to support legacy at_console setting -# -reason="$1" - -dir=/var/run/dbus/at_console - -# for at_console we are only interested in local sessions -test "$CK_SESSION_IS_LOCAL" = true || exit 0 -test "$reason" = "session_added" -o "$reason" = "session_removed" || exit 0 - -sessid=${CK_SESSION_ID##*/} -sessid=${sessid//[^A-Za-z0-9]/_} -test -n "$sessid" || exit 1 - -name=`getent passwd "$CK_SESSION_USER_UID" 2>/dev/null | awk -F: '{print $1}'` - -test -n "$name" || exit 1 - -if test "$reason" = "session_added"; then - mkdir -p "$dir/$name" - touch "$dir/$name/$sessid" -else - rm "$dir/$name/$sessid" - rmdir "$dir/$name" -fi