Accepting request 335612 from security

- modules-setup.sh should be module-setup.sh in dracut, also 755
- add dependency on systemd-journald.socket to make haveged
  really start before journald in the initrd. bsc#898669 (forwarded request 335611 from msmeissn)

OBS-URL: https://build.opensuse.org/request/show/335612
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/haveged?expand=0&rev=44

fix-enforced-clock-gettime.patch

@@ -0,0 +1,11 @@
+--- configure.ac
++++ configure.ac
+@@ -173,7 +173,7 @@
+  ;;
+ 
+  *)
+-    if test "x$enable_clock_gettime" = "xx"; then
++    if test "x$enable_clock_gettime" = "xx" -o "x$enable_clock_gettime" = "xyes"; then
+       enable_clock_gettime="yes"
+     else
+       AC_MSG_ERROR([no timer source for host :"$host".])

haveged-dracut.module

@@ -16,4 +16,6 @@ install() {
     inst_multiple -o \
         /usr/sbin/haveged \
         $systemdsystemunitdir/haveged.service
+    mkdir "$initdir/$systemdsystemunitdir/systemd-journald.service.wants"
+    ln_r "$systemdsystemunitdir/haveged.service" "$systemdsystemunitdir/systemd-journald.service.wants/haveged.service"
 }

haveged.changes

@@ -1,11 +1,25 @@
+-------------------------------------------------------------------
+Wed Sep 30 12:15:14 UTC 2015 - meissner@suse.com
+
+- modules-setup.sh should be module-setup.sh in dracut, also 755
+- add dependency on systemd-journald.socket to make haveged
+  really start before journald in the initrd. bsc#898669
+
+-------------------------------------------------------------------
+Tue Sep 29 12:30:21 UTC 2015 - dmueller@suse.com
+
+- add fix-enforced-clock-gettime.patch to fix build on generic
+  platforms like e.g. aarch64, which is only needed due to
+  our (non-recommended choice) of using gettime (fate#318370)
+
 -------------------------------------------------------------------
 Tue Feb 17 12:53:42 UTC 2015 - meissner@suse.com
 
 - haveged-dracut.module: include haveged into the initrd for
-  randomness generation.
+  randomness generation. bsc#898669
 - haveged.service: adjust so it is started before journald
-  and also make sure it is shutdown quite late.
-- regenerate initrd on installation.
+  and also make sure it is shutdown quite late. bsc#898669
+- regenerate initrd on installation. bsc#898669
 
 -------------------------------------------------------------------
 Fri Aug 29 07:23:34 UTC 2014 - tchvatal@suse.com

haveged.service

@@ -5,7 +5,7 @@ DefaultDependencies=no
 ConditionVirtualization=!container
 #Conflicts=shutdown.target
 After=systemd-random-seed.service
-Before=sysinit.target shutdown.target systemd-journald.service
+Before=sysinit.target shutdown.target systemd-journald.service systemd-journald.socket
 
 [Service]
 ExecStart=/usr/sbin/haveged -w 1024 -v 0 -F

haveged.spec

@@ -30,6 +30,8 @@ Source4:        haveged-dracut.module
 Patch0:         ppc64le.patch
 # PATCH-FIX-UPSTREAM: ent tests randomly fail so make them conditional tchvatal@suse.cz bnc#876674
 Patch1:         haveged-conditional-enttest.patch
+# PATCH-FIX-OPENSUSE: ignore clock-gettime enablement on generic architectures
+Patch2:         fix-enforced-clock-gettime.patch
 BuildRequires:  autoconf
 BuildRequires:  automake
 BuildRequires:  libtool
@@ -76,6 +78,7 @@ algorithm and supporting features.
 %setup -q
 %patch0 -p1
 %patch1 -p1
+%patch2
 
 %build
 autoreconf -fvi
@@ -108,7 +111,7 @@ rm -f %{buildroot}%{_libdir}/libhavege.*a
 ln -s %{_sbindir}/service %{buildroot}%{_sbindir}/rc%{name}
 
 install -d -m0755 %{buildroot}/usr/lib/dracut/modules.d/98haveged
-install -m0644 %{SOURCE4} %{buildroot}/usr/lib/dracut/modules.d/98haveged/modules-setup.sh
+install -m0755 %{SOURCE4} %{buildroot}/usr/lib/dracut/modules.d/98haveged/module-setup.sh
 
 %post
 %{?udev_rules_update:%udev_rules_update}
@@ -143,7 +146,7 @@ install -m0644 %{SOURCE4} %{buildroot}/usr/lib/dracut/modules.d/98haveged/module
 %dir /usr/lib/dracut
 %dir /usr/lib/dracut/modules.d
 %dir /usr/lib/dracut/modules.d/98haveged
-/usr/lib/dracut/modules.d/98haveged/modules-setup.sh
+/usr/lib/dracut/modules.d/98haveged/module-setup.sh
 
 %files devel
 %defattr(-,root,root)