.
OBS-URL: https://build.opensuse.org/package/show/Base:System/systemd?expand=0&rev=651
This commit is contained in:
parent
6005e19735
commit
2c74e752b5
159
0001-virt-rework-container-detection-logic.patch
Normal file
159
0001-virt-rework-container-detection-logic.patch
Normal file
@ -0,0 +1,159 @@
|
||||
Based on fdd25311706bd32580ec4d43211cdf4665d2f9de Mon Sep 17 00:00:00 2001
|
||||
From: Lennart Poettering <lennart@poettering.net>
|
||||
Date: Wed, 28 May 2014 18:37:11 +0800
|
||||
Subject: [PATCH] virt: rework container detection logic
|
||||
|
||||
Instead of accessing /proc/1/environ directly, trying to read the
|
||||
$container variable from it, let's make PID 1 save the contents of that
|
||||
variable to /run/systemd/container. This allows us to detect containers
|
||||
without the need for CAP_SYS_PTRACE, which allows us to drop it from a
|
||||
number of daemons and from the file capabilities of systemd-detect-virt.
|
||||
|
||||
Also, don't consider chroot a container technology anymore. After all,
|
||||
we don't consider file system namespaces container technology anymore,
|
||||
and hence chroot() should be considered a container even less.
|
||||
---
|
||||
Makefile.am | 3 ---
|
||||
configure.ac | 2 --
|
||||
src/core/main.c | 12 ++++++++++++
|
||||
src/shared/virt.c | 48 ++++++++++++++++++++++++++++++------------------
|
||||
4 files changed, 42 insertions(+), 23 deletions(-)
|
||||
|
||||
diff --git Makefile.am Makefile.am
|
||||
index 5b26bc3..f66ef42 100644
|
||||
--- Makefile.am
|
||||
+++ Makefile.am
|
||||
@@ -1798,9 +1798,6 @@ systemd_detect_virt_SOURCES = \
|
||||
systemd_detect_virt_LDADD = \
|
||||
libsystemd-shared.la
|
||||
|
||||
-systemd-detect-virt-install-hook:
|
||||
- -$(SETCAP) cap_dac_override,cap_sys_ptrace=ep $(DESTDIR)$(bindir)/systemd-detect-virt
|
||||
-
|
||||
INSTALL_EXEC_HOOKS += \
|
||||
systemd-detect-virt-install-hook
|
||||
|
||||
--- configure.ac
|
||||
+++ configure.ac 2014-06-03 14:16:45.046237826 +0000
|
||||
@@ -68,8 +68,6 @@ AC_PATH_PROG([XSLTPROC], [xsltproc])
|
||||
AC_PATH_PROG([QUOTAON], [quotaon], [/usr/sbin/quotaon])
|
||||
AC_PATH_PROG([QUOTACHECK], [quotacheck], [/usr/sbin/quotacheck])
|
||||
|
||||
-AC_PATH_PROG([SETCAP], [setcap], [/usr/sbin/setcap])
|
||||
-
|
||||
AC_PATH_PROG([KILL], [kill], [/usr/bin/kill])
|
||||
|
||||
AC_PATH_PROG([KMOD], [kmod], [/usr/bin/kmod])
|
||||
diff --git src/core/main.c src/core/main.c
|
||||
index 77cc2fb..d5d1ee2 100644
|
||||
--- src/core/main.c
|
||||
+++ src/core/main.c
|
||||
@@ -1261,6 +1261,16 @@ static int status_welcome(void) {
|
||||
isempty(pretty_name) ? "Linux" : pretty_name);
|
||||
}
|
||||
|
||||
+static int write_container_id(void) {
|
||||
+ const char *c;
|
||||
+
|
||||
+ c = getenv("container");
|
||||
+ if (isempty(c))
|
||||
+ return 0;
|
||||
+
|
||||
+ return write_string_file("/run/systemd/container", c);
|
||||
+}
|
||||
+
|
||||
int main(int argc, char *argv[]) {
|
||||
Manager *m = NULL;
|
||||
int r, retval = EXIT_FAILURE;
|
||||
@@ -1544,6 +1554,8 @@ int main(int argc, char *argv[]) {
|
||||
if (virtualization)
|
||||
log_info("Detected virtualization '%s'.", virtualization);
|
||||
|
||||
+ write_container_id();
|
||||
+
|
||||
log_info("Detected architecture '%s'.", architecture_to_string(uname_architecture()));
|
||||
|
||||
if (in_initrd())
|
||||
diff --git src/shared/virt.c src/shared/virt.c
|
||||
index 0db0514..1e227c5 100644
|
||||
--- src/shared/virt.c
|
||||
+++ src/shared/virt.c
|
||||
@@ -217,8 +217,8 @@ int detect_container(const char **id) {
|
||||
static thread_local int cached_found = -1;
|
||||
static thread_local const char *cached_id = NULL;
|
||||
|
||||
- _cleanup_free_ char *e = NULL;
|
||||
- const char *_id = NULL;
|
||||
+ _cleanup_free_ char *m = NULL;
|
||||
+ const char *_id = NULL, *e = NULL;
|
||||
int r;
|
||||
|
||||
if (_likely_(cached_found >= 0)) {
|
||||
@@ -229,17 +229,6 @@ int detect_container(const char **id) {
|
||||
return cached_found;
|
||||
}
|
||||
|
||||
- /* Unfortunately many of these operations require root access
|
||||
- * in one way or another */
|
||||
-
|
||||
- r = running_in_chroot();
|
||||
- if (r < 0)
|
||||
- return r;
|
||||
- if (r > 0) {
|
||||
- _id = "chroot";
|
||||
- goto finish;
|
||||
- }
|
||||
-
|
||||
/* /proc/vz exists in container and outside of the container,
|
||||
* /proc/bc only outside of the container. */
|
||||
if (access("/proc/vz", F_OK) >= 0 &&
|
||||
@@ -249,11 +238,32 @@ int detect_container(const char **id) {
|
||||
goto finish;
|
||||
}
|
||||
|
||||
- r = getenv_for_pid(1, "container", &e);
|
||||
- if (r < 0)
|
||||
- return r;
|
||||
- if (r == 0)
|
||||
- goto finish;
|
||||
+ if (getpid() == 1) {
|
||||
+ /* If we are PID 1 we can just check our own
|
||||
+ * environment variable */
|
||||
+
|
||||
+ e = getenv("container");
|
||||
+ if (isempty(e)) {
|
||||
+ r = 0;
|
||||
+ goto finish;
|
||||
+ }
|
||||
+ } else {
|
||||
+
|
||||
+ /* Otherwise, PID 1 dropped this information into a
|
||||
+ * file in /run. This is better than accessing
|
||||
+ * /proc/1/environ, since we don't need CAP_SYS_PTRACE
|
||||
+ * for that. */
|
||||
+
|
||||
+ r = read_one_line_file("/run/systemd/container", &m);
|
||||
+ if (r == -ENOENT) {
|
||||
+ r = 0;
|
||||
+ goto finish;
|
||||
+ }
|
||||
+ if (r < 0)
|
||||
+ return r;
|
||||
+
|
||||
+ e = m;
|
||||
+ }
|
||||
|
||||
/* We only recognize a selected few here, since we want to
|
||||
* enforce a redacted namespace */
|
||||
@@ -266,6 +276,8 @@ int detect_container(const char **id) {
|
||||
else
|
||||
_id = "other";
|
||||
|
||||
+ r = 1;
|
||||
+
|
||||
finish:
|
||||
cached_found = r;
|
||||
|
||||
--
|
||||
1.7.9.2
|
||||
|
@ -0,0 +1,26 @@
|
||||
Based on 8d2a6145334257c8a9ceabc9dd52dff06cca818e Mon Sep 17 00:00:00 2001
|
||||
From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= <zbyszek@in.waw.pl>
|
||||
Date: Mon, 26 May 2014 23:03:11 -0400
|
||||
Subject: [PATCH] fsck: include device name in the message about missing fsck
|
||||
|
||||
---
|
||||
src/fsck/fsck.c | 6 ++++--
|
||||
1 file changed, 4 insertions(+), 2 deletions(-)
|
||||
|
||||
--- src/fsck/fsck.c
|
||||
+++ src/fsck/fsck.c 2014-06-03 14:15:15.746235301 +0000
|
||||
@@ -284,10 +284,12 @@ int main(int argc, char *argv[]) {
|
||||
r = access(checker, X_OK);
|
||||
if (r < 0) {
|
||||
if (errno == ENOENT) {
|
||||
- log_info("%s doesn't exist, not checking file system.", checker);
|
||||
+ log_info("%s doesn't exist, not checking file system on %s",
|
||||
+ checker, device);
|
||||
return EXIT_SUCCESS;
|
||||
} else
|
||||
- log_warning("%s cannot be used: %m", checker);
|
||||
+ log_warning("%s cannot be used for %s: %m",
|
||||
+ checker, device);
|
||||
}
|
||||
}
|
||||
|
@ -0,0 +1,26 @@
|
||||
From d8e40d62ab871a87fde421c4b246bb45bc3cbe2d Mon Sep 17 00:00:00 2001
|
||||
From: Jonathan Liu <net147@gmail.com>
|
||||
Date: Thu, 29 May 2014 01:17:25 +1000
|
||||
Subject: [PATCH] units: use KillMode=mixed for systemd-nspawn@.service
|
||||
|
||||
This causes the container to shut down cleanly when the service is
|
||||
stopped.
|
||||
---
|
||||
units/systemd-nspawn@.service.in | 1 +
|
||||
1 file changed, 1 insertion(+)
|
||||
|
||||
diff --git units/systemd-nspawn@.service.in units/systemd-nspawn@.service.in
|
||||
index ff36e90..e373628 100644
|
||||
--- units/systemd-nspawn@.service.in
|
||||
+++ units/systemd-nspawn@.service.in
|
||||
@@ -11,6 +11,7 @@ Documentation=man:systemd-nspawn(1)
|
||||
|
||||
[Service]
|
||||
ExecStart=@bindir@/systemd-nspawn --quiet --keep-unit --boot --link-journal=guest --directory=/var/lib/container/%i
|
||||
+KillMode=mixed
|
||||
Type=notify
|
||||
|
||||
[Install]
|
||||
--
|
||||
1.7.9.2
|
||||
|
@ -0,0 +1,28 @@
|
||||
From 93f1a06374e335e8508d89e1bdaadf45be6ab777 Mon Sep 17 00:00:00 2001
|
||||
From: Thomas Hindoe Paaboel Andersen <phomes@gmail.com>
|
||||
Date: Sat, 31 May 2014 21:36:23 +0200
|
||||
Subject: [PATCH] util: ignore_file should not allow files ending with '~'
|
||||
|
||||
ignore_file currently allows any file ending with '~' while it
|
||||
seems that the opposite was intended:
|
||||
a228a22fda4faa9ecb7c5a5e499980c8ae5d2a08
|
||||
---
|
||||
src/shared/util.c | 2 +-
|
||||
1 file changed, 1 insertion(+), 1 deletion(-)
|
||||
|
||||
diff --git src/shared/util.c src/shared/util.c
|
||||
index 0c27394..17b0ae1 100644
|
||||
--- src/shared/util.c
|
||||
+++ src/shared/util.c
|
||||
@@ -1371,7 +1371,7 @@ bool ignore_file(const char *filename) {
|
||||
assert(filename);
|
||||
|
||||
if (endswith(filename, "~"))
|
||||
- return false;
|
||||
+ return true;
|
||||
|
||||
return ignore_file_allow_backup(filename);
|
||||
}
|
||||
--
|
||||
1.7.9.2
|
||||
|
@ -0,0 +1,26 @@
|
||||
From 267b3e41df5a2181f2911433539f81de2fa1511a Mon Sep 17 00:00:00 2001
|
||||
From: =?UTF-8?q?Cristian=20Rodr=C3=ADguez?= <crrodriguez@opensuse.org>
|
||||
Date: Thu, 29 May 2014 14:17:37 -0400
|
||||
Subject: [PATCH] tty-ask-password-agent: Do tell what directory we failed to
|
||||
open
|
||||
|
||||
---
|
||||
.../tty-ask-password-agent.c | 2 +-
|
||||
1 file changed, 1 insertion(+), 1 deletion(-)
|
||||
|
||||
diff --git src/tty-ask-password-agent/tty-ask-password-agent.c src/tty-ask-password-agent/tty-ask-password-agent.c
|
||||
index 3203474..55a2215 100644
|
||||
--- src/tty-ask-password-agent/tty-ask-password-agent.c
|
||||
+++ src/tty-ask-password-agent/tty-ask-password-agent.c
|
||||
@@ -501,7 +501,7 @@ static int show_passwords(void) {
|
||||
if (errno == ENOENT)
|
||||
return 0;
|
||||
|
||||
- log_error("opendir(): %m");
|
||||
+ log_error("opendir(/run/systemd/ask-password): %m");
|
||||
return -errno;
|
||||
}
|
||||
|
||||
--
|
||||
1.7.9.2
|
||||
|
32
0007-keyboard-add-Plantronics-.Audio-mute-button.patch
Normal file
32
0007-keyboard-add-Plantronics-.Audio-mute-button.patch
Normal file
@ -0,0 +1,32 @@
|
||||
From 9e3dbf6b2b99d0e16989d9cedb458729db5a60c3 Mon Sep 17 00:00:00 2001
|
||||
From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= <zbyszek@in.waw.pl>
|
||||
Date: Sun, 1 Jun 2014 14:01:23 -0400
|
||||
Subject: [PATCH] keyboard: add Plantronics .Audio mute button
|
||||
|
||||
https://bugs.freedesktop.org/show_bug.cgi?id=79495
|
||||
---
|
||||
hwdb/60-keyboard.hwdb | 8 ++++++++
|
||||
1 file changed, 8 insertions(+)
|
||||
|
||||
diff --git hwdb/60-keyboard.hwdb hwdb/60-keyboard.hwdb
|
||||
index 05e6a04..d053766 100644
|
||||
--- hwdb/60-keyboard.hwdb
|
||||
+++ hwdb/60-keyboard.hwdb
|
||||
@@ -866,6 +866,14 @@ keyboard:dmi:bvn*:bvr*:bd*:svnOQO*Inc.*:pnOQO*Model*2*:pvr*
|
||||
KEYBOARD_KEY_f3=volumeup
|
||||
|
||||
###########################################################
|
||||
+# Plantronics
|
||||
+###########################################################
|
||||
+
|
||||
+# Plantronics .Audio 626 DSP
|
||||
+keyboard:usb:v047fpC006*
|
||||
+ KEYBOARD_KEY_b002f=f20 # Microphone mute button; should be micmute
|
||||
+
|
||||
+###########################################################
|
||||
# Quanta
|
||||
###########################################################
|
||||
|
||||
--
|
||||
1.7.9.2
|
||||
|
@ -0,0 +1,31 @@
|
||||
From a52ec8ed881537627869afa8f0486db7e20ce2db Mon Sep 17 00:00:00 2001
|
||||
From: =?UTF-8?q?Cristian=20Rodr=C3=ADguez?= <crrodriguez@opensuse.org>
|
||||
Date: Fri, 30 May 2014 13:16:56 -0400
|
||||
Subject: [PATCH] udev-builtin-keyboard: do tell on which device EVIOCSKEYCODE
|
||||
failed.
|
||||
|
||||
I am getting
|
||||
|
||||
"Error calling EVIOCSKEYCODE (scan code 0xc022d, key code 418): Invalid
|
||||
argument", the error message does not tell on which specific device the
|
||||
problem is, add that info.
|
||||
---
|
||||
src/udev/udev-builtin-keyboard.c | 2 +-
|
||||
1 file changed, 1 insertion(+), 1 deletion(-)
|
||||
|
||||
diff --git src/udev/udev-builtin-keyboard.c src/udev/udev-builtin-keyboard.c
|
||||
index 614e44e..9b66bfd 100644
|
||||
--- src/udev/udev-builtin-keyboard.c
|
||||
+++ src/udev/udev-builtin-keyboard.c
|
||||
@@ -143,7 +143,7 @@ static int builtin_keyboard(struct udev_device *dev, int argc, char *argv[], boo
|
||||
log_debug("keyboard: mapping scan code %d (0x%x) to key code %d (0x%x)",
|
||||
map[i].scan, map[i].scan, map[i].key, map[i].key);
|
||||
if (ioctl(fd, EVIOCSKEYCODE, &map[i]) < 0)
|
||||
- log_error("Error calling EVIOCSKEYCODE (scan code 0x%x, key code %d): %m", map[i].scan, map[i].key);
|
||||
+ log_error("Error calling EVIOCSKEYCODE on device node '%s' (scan code 0x%x, key code %d): %m", node, map[i].scan, map[i].key);
|
||||
}
|
||||
|
||||
/* install list of force-release codes */
|
||||
--
|
||||
1.7.9.2
|
||||
|
48
1024-udev-always-close-lock-file-descriptor.patch
Normal file
48
1024-udev-always-close-lock-file-descriptor.patch
Normal file
@ -0,0 +1,48 @@
|
||||
From 3d06f4183470d42361303086ed9dedd29c0ffc1b Mon Sep 17 00:00:00 2001
|
||||
From: Kay Sievers <kay@vrfy.org>
|
||||
Date: Tue, 3 Jun 2014 10:46:51 +0200
|
||||
Subject: [PATCH] udev: always close lock file descriptor
|
||||
|
||||
https://bugs.freedesktop.org/show_bug.cgi?id=79576
|
||||
---
|
||||
src/udev/udevd.c | 10 ++++------
|
||||
1 file changed, 4 insertions(+), 6 deletions(-)
|
||||
|
||||
diff --git src/udev/udevd.c src/udev/udevd.c
|
||||
index 1c9488e..819ea3b 100644
|
||||
--- src/udev/udevd.c
|
||||
+++ src/udev/udevd.c
|
||||
@@ -301,6 +301,7 @@ static void worker_new(struct event *event)
|
||||
if (fd_lock >= 0 && flock(fd_lock, LOCK_SH|LOCK_NB) < 0) {
|
||||
log_debug("Unable to flock(%s), skipping event handling: %m", udev_device_get_devnode(d));
|
||||
err = -EWOULDBLOCK;
|
||||
+ fd_lock = safe_close(fd_lock);
|
||||
goto skip;
|
||||
}
|
||||
}
|
||||
@@ -317,8 +318,7 @@ static void worker_new(struct event *event)
|
||||
udev_device_update_db(dev);
|
||||
}
|
||||
|
||||
- if (fd_lock >= 0)
|
||||
- close(fd_lock);
|
||||
+ safe_close(fd_lock);
|
||||
|
||||
/* send processed event back to libudev listeners */
|
||||
udev_monitor_send_device(worker_monitor, NULL, dev);
|
||||
@@ -377,10 +377,8 @@ skip:
|
||||
}
|
||||
out:
|
||||
udev_device_unref(dev);
|
||||
- if (fd_signal >= 0)
|
||||
- close(fd_signal);
|
||||
- if (fd_ep >= 0)
|
||||
- close(fd_ep);
|
||||
+ safe_close(fd_signal);
|
||||
+ safe_close(fd_ep);
|
||||
close(fd_inotify);
|
||||
close(worker_watch[WRITE_END]);
|
||||
udev_rules_unref(rules);
|
||||
--
|
||||
1.7.9.2
|
||||
|
@ -1,3 +1,18 @@
|
||||
-------------------------------------------------------------------
|
||||
Tue Jun 3 14:23:40 UTC 2014 - werner@suse.de
|
||||
|
||||
- Add upstream patches
|
||||
0001-virt-rework-container-detection-logic.patch
|
||||
0002-fsck-include-device-name-in-the-message-about-missin.patch
|
||||
0003-units-use-KillMode-mixed-for-systemd-nspawn-.service.patch
|
||||
0004-util-ignore_file-should-not-allow-files-ending-with.patch
|
||||
0006-tty-ask-password-agent-Do-tell-what-directory-we-fai.patch
|
||||
- Add upstream patches to update keyboard data base
|
||||
0007-keyboard-add-Plantronics-.Audio-mute-button.patch
|
||||
- Add upstream patches for udev
|
||||
1023-udev-builtin-keyboard-do-tell-on-which-device-EVIOCS.patch
|
||||
1024-udev-always-close-lock-file-descriptor.patch
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Fri May 30 07:35:07 UTC 2014 - rmilasan@suse.com
|
||||
|
||||
|
25
systemd.spec
25
systemd.spec
@ -33,6 +33,7 @@ Summary: A System and Session Manager
|
||||
License: LGPL-2.1+
|
||||
Group: System/Base
|
||||
BuildRoot: %{_tmppath}/%{name}-%{version}-build
|
||||
BuildRequires: acl
|
||||
BuildRequires: audit-devel
|
||||
%if %{with compat_libs}
|
||||
# See gold_archs in binutils.spec
|
||||
@ -506,6 +507,18 @@ Patch259: 0004-socket-properly-handle-if-our-service-vanished-durin.patch
|
||||
Patch260: 0001-Do-not-unescape-unit-names-in-Install-section.patch
|
||||
# PATCHFIX-UPSTREAM added at 2014/05/27
|
||||
Patch261: 0002-analyze-run-use-bus_open_transport_systemd-instead-o.patch
|
||||
# PATCHFIX-UPSTREAM added at 2014/06/03
|
||||
Patch262: 0001-virt-rework-container-detection-logic.patch
|
||||
# PATCHFIX-UPSTREAM added at 2014/06/03
|
||||
Patch263: 0002-fsck-include-device-name-in-the-message-about-missin.patch
|
||||
# PATCHFIX-UPSTREAM added at 2014/06/03
|
||||
Patch264: 0003-units-use-KillMode-mixed-for-systemd-nspawn-.service.patch
|
||||
# PATCHFIX-UPSTREAM added at 2014/06/03
|
||||
Patch265: 0004-util-ignore_file-should-not-allow-files-ending-with.patch
|
||||
# PATCHFIX-UPSTREAM added at 2014/06/03
|
||||
Patch266: 0006-tty-ask-password-agent-Do-tell-what-directory-we-fai.patch
|
||||
# PATCHFIX-UPSTREAM added at 2014/06/03
|
||||
Patch267: 0007-keyboard-add-Plantronics-.Audio-mute-button.patch
|
||||
|
||||
# UDEV PATCHES
|
||||
# ============
|
||||
@ -557,6 +570,10 @@ Patch1020: 1020-udev-keyboard-also-hook-into-change-events.patch
|
||||
Patch1021: 1021-udev-re-add-persistent-net-rules.patch
|
||||
# PATCHFIX-UPSTREAM 1022-udev-remove-seqnum-API-and-all-assumptions-about-seq.patch
|
||||
Patch1022: 1022-udev-remove-seqnum-API-and-all-assumptions-about-seq.patch
|
||||
# PATCHFIX-UPSTREAM added at 2014/06/03
|
||||
Patch1023: 1023-udev-builtin-keyboard-do-tell-on-which-device-EVIOCS.patch
|
||||
# PATCHFIX-UPSTREAM added at 2014/06/03
|
||||
Patch1024: 1024-udev-always-close-lock-file-descriptor.patch
|
||||
|
||||
%description
|
||||
Systemd is a system and service manager, compatible with SysV and LSB
|
||||
@ -965,6 +982,12 @@ cp %{SOURCE7} m4/
|
||||
%patch259 -p0
|
||||
%patch260 -p0
|
||||
%patch261 -p0
|
||||
%patch262 -p0
|
||||
%patch263 -p0
|
||||
%patch264 -p0
|
||||
%patch265 -p0
|
||||
%patch266 -p0
|
||||
%patch267 -p0
|
||||
|
||||
# udev patches
|
||||
%patch1001 -p1
|
||||
@ -990,6 +1013,8 @@ cp %{SOURCE7} m4/
|
||||
%patch1020 -p0
|
||||
%patch1021 -p1
|
||||
%patch1022 -p1
|
||||
%patch1023 -p0
|
||||
%patch1024 -p0
|
||||
|
||||
# ensure generate files are removed
|
||||
rm -f units/emergency.service
|
||||
|
Loading…
Reference in New Issue
Block a user