dbus-broker/dbus-broker.changes

174 lines
7.2 KiB
Plaintext
Raw Normal View History

-------------------------------------------------------------------
Tue May 10 11:10:02 UTC 2022 - Jan Engelhardt <jengelh@inai.de>
- Update to release 30
* Failed service activations now report more detailed information
on the activation failure back through the activating client.
* The broker now runs in `session.slice` if applicable.
* The `GetStats()` call on `org.freedeskop.DBus.Debug` now
properly returns reply-owner statistics. Before, those were
always set to 0.
-------------------------------------------------------------------
Wed Jun 2 13:23:40 UTC 2021 - Jan Engelhardt <jengelh@inai.de>
- Update to release 29
* Improve SELinux audit messages.
* Linux >=4.17 is now a hard requirement.
* Fix startup failures when at-console users have
consecutive UIDs.
-------------------------------------------------------------------
Wed Mar 17 15:10:16 UTC 2021 - Jan Engelhardt <jengelh@inai.de>
- Update to release 28
* Further improvements to the service activation tracking. This
better tracks units in systemd and closes some races where a
repeated activation would incorrectly fail.
* Fix a crash where duplicate monitor matches would be
incorrectly installed in the broker.
-------------------------------------------------------------------
Mon Feb 15 10:47:52 UTC 2021 - Jan Engelhardt <jengelh@inai.de>
- Update to release 27
* Fix several bugs with the new service-activation tracking,
including a race-condition when restarting activatable
services.
* Be more verbose about denied configuration access and print
the file-path for better diagnostics.
-------------------------------------------------------------------
Thu Jan 21 13:28:09 UTC 2021 - Jan Engelhardt <jengelh@inai.de>
- Update to release 26
* Improve the service activation tracking of the compatibility
launcher. We now track spawned systemd units for their entire
lifetime, so we can properly detect when activations fail.
* Work around a kernel off-by-one error in the socket queue
accounting to fix a race-condition where dbus clients might
not be dispatched.
* Support running without `shmem` configured in the kernel.
This will make the broker run better on limited embedded
devices.
-------------------------------------------------------------------
Thu Dec 3 11:34:56 UTC 2020 - Jan Engelhardt <jengelh@inai.de>
- Update to release 25
* Fix an assertion failure when disconnecting monitors with active
unique-name matches.
* Fix the selinux error-handling to no longer mark all errors as
auditable by default.
-------------------------------------------------------------------
Fri Sep 4 08:09:00 UTC 2020 - Jan Engelhardt <jengelh@inai.de>
- Update to release 24
* Make audit-events properly typed and prevent non-auditable
events from being forwarded to the linux audit system.
-------------------------------------------------------------------
Tue May 12 15:27:29 UTC 2020 - Jan Engelhardt <jengelh@inai.de>
- Update to release 23
* Expose supplementary groups as `UnixGroupIDs` as defined by
the dbus specification in 0.53.
* The broker now uses the peer-pid from `SO_PEERCRED` on the
controller socket, rather than relying on `getppid()`. This
allows creating the broker from intermediate processes
without having any credentials of the intermediate leak into
the broker.
-------------------------------------------------------------------
Mon Feb 24 17:52:17 UTC 2020 - Jan Engelhardt <jengelh@inai.de>
- Update to release 22
* Implement org.freedesktop.DBus.Debug.Stats in the driver.
* Support no-op activation files.
* The new configuration option `linux-4-17`, if set to true
(default is false), makes dbus-broker assume it runs on
linux-v4.17 or newer. It will make use of features introduced
up to linux-v4.17. This allows to forcibly disable
workarounds for old kernels.
-------------------------------------------------------------------
Tue Jun 11 12:06:26 UTC 2019 - Jan Engelhardt <jengelh@inai.de>
- Update to new upstream release 21
* Previously, resource limits were incorrectly calculated,
leading too limits that were higher than intended.
* Messages are now directly forwarded to the journal and
amended with additional fields. The journal-catalog now
contains entries with background information on runtime log
messages.
-------------------------------------------------------------------
Thu Feb 21 13:09:08 UTC 2019 - Jan Engelhardt <jengelh@inai.de>
- Update to new upstream release 18
* The compatibility launcher is no longer isolated in its own
network namespace, since the SELinux APIs require access to
the root network namespace.
-------------------------------------------------------------------
Mon Jan 28 11:06:43 UTC 2019 - Jan Engelhardt <jengelh@inai.de>
- Update RPM group.
-------------------------------------------------------------------
Wed Jan 2 00:38:38 UTC 2019 - Jan Engelhardt <jengelh@inai.de>
- Update to new upstream release 17
* The compatibility launcher now namespaces transient systemd
units based on its own name on the scope-bus.
* The launcher now respects the `<user>NAME</user>'
configuration and correctly drops privileges of the broker
and itself after startup.
* Messages with file-descriptors will now be refused if the
client did not negotiate file-descriptor passing before.
- Drop use-system-deps.diff
-------------------------------------------------------------------
Mon Mar 5 20:16:26 UTC 2018 - jengelh@inai.de
- Update to new upstream release 11
* The policy-type of the dbus-broker API has been simplified.
It is now reduced to a policy-batch indexed by uids, in
combination with a policy-batch indexed either by gid or
uid-range.
* The launcher now supports a `--config-file PATH` commandline
option to override the root configuration file, which is
still deduced based on the passed scope parameter.
-------------------------------------------------------------------
Tue Feb 6 00:37:19 UTC 2018 - jengelh@inai.de
- Update to new upstream release 9
* AddListener() on org.bus1.DBus.Broker now supports UID ranges.
* dbus-broker.service unit is now ordered before basic.target.
* The launcher now uses instantiated systemd template units
when activating a service that has no associated systemd
service file.
* The launcher now supports configuration reloading.
* Activated units now inherit their user from the actual D-Bus
service, if provided.
-------------------------------------------------------------------
Sun Sep 10 23:30:34 UTC 2017 - jengelh@inai.de
- Update to new upstream release 4
* Support for sending SELinux AVC violations to audit rather
than syslog.
* Units will now be activated via explicit calls to StartUnit()
rather than faking a ActivationRequest directed signal. This
allows to catch startup failures (or rejections) and allows
to reject all pending activation requests right away.
* The broker now logs policy violations to the system log.
- Add use-system-deps.diff
-------------------------------------------------------------------
Fri Aug 25 10:54:00 UTC 2017 - jengelh@inai.de
- Initial package (version 3) for build.opensuse.org