Dr. Werner Fink 2014-05-14 07:40:46 +00:00 committed by Git OBS Bridge
parent 001a4720dd
commit 494283f42f
6 changed files with 93 additions and 0 deletions

View File

@ -0,0 +1,39 @@
From ead349509e325aad720bb0349521a9e56e2ac7c0 Mon Sep 17 00:00:00 2001
From: Lennart Poettering <lennart@poettering.net>
Date: Tue, 13 May 2014 16:40:53 +0200
Subject: [PATCH] replace more dup() by F_DUPFD_CLOEXEC
---
src/login/inhibit.c | 2 +-
src/shared/install.c | 2 +-
2 files changed, 2 insertions(+), 2 deletions(-)
diff --git src/login/inhibit.c src/login/inhibit.c
index 48c2ec4..ae3afdf 100644
--- src/login/inhibit.c
+++ src/login/inhibit.c
@@ -64,7 +64,7 @@ static int inhibit(sd_bus *bus, sd_bus_error *error) {
if (r < 0)
return r;
- r = dup(fd);
+ r = fcntl(fd, F_DUPFD_CLOEXEC, 3);
if (r < 0)
return -errno;
diff --git src/shared/install.c src/shared/install.c
index acfba25..9ce9403 100644
--- src/shared/install.c
+++ src/shared/install.c
@@ -332,7 +332,7 @@ static int remove_marked_symlinks(
int q, cfd;
deleted = false;
- cfd = dup(fd);
+ cfd = fcntl(fd, F_DUPFD_CLOEXEC, 3);
if (cfd < 0) {
r = -errno;
break;
--
1.7.9.2

View File

@ -0,0 +1,26 @@
From 85c08dc013f9f99b58bc9b79284af0b35304237b Mon Sep 17 00:00:00 2001
From: Lennart Poettering <lennart@poettering.net>
Date: Tue, 13 May 2014 16:35:34 +0200
Subject: [PATCH] pam_systemd: use F_DUPFD_CLOEXEC when dupping session fds
http://lists.freedesktop.org/archives/systemd-devel/2014-May/019034.html
---
src/login/pam-module.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git src/login/pam-module.c src/login/pam-module.c
index 9873dd5..1259457 100644
--- src/login/pam-module.c
+++ src/login/pam-module.c
@@ -475,7 +475,7 @@ _public_ PAM_EXTERN int pam_sm_open_session(
}
if (session_fd >= 0) {
- session_fd = dup(session_fd);
+ session_fd = fcntl(session_fd, F_DUPFD_CLOEXEC, 3);
if (session_fd < 0) {
pam_syslog(handle, LOG_ERR, "Failed to dup session fd: %m");
return PAM_SESSION_ERR;
--
1.7.9.2

View File

@ -1,3 +1,11 @@
-------------------------------------------------------------------
Wed May 14 07:37:08 UTC 2014 - werner@suse.de
- Add upstram patches
0001-replace-more-dup-by-F_DUPFD_CLOEXEC.patch
0002-pam_systemd-use-F_DUPFD_CLOEXEC-when-dupping-session.patch
to avoid that in pam session unwanted file descriptors are inherited
-------------------------------------------------------------------
Tue May 13 08:28:05 UTC 2014 - werner@suse.de

View File

@ -429,6 +429,10 @@ Patch217: 0004-backlight-warn-if-kernel-exposes-backlight-device-wi.patch
Patch218: 0005-backlight-handle-saved-brightness-exceeding-max-brig.patch
# PATCH-FIX-SUSE Do not poison kmsg ring buffer with systemd/udev messages (bnc#877021)
Patch219: log-target-null-instead-kmsg.patch
# PATCH-FIX-UPSTREAM added at 2014/05/14
Patch220: 0001-replace-more-dup-by-F_DUPFD_CLOEXEC.patch
# PATCH-FIX-UPSTREAM added at 2014/05/14
Patch221: 0002-pam_systemd-use-F_DUPFD_CLOEXEC-when-dupping-session.patch
# UDEV PATCHES
# ============
@ -833,6 +837,8 @@ cp %{SOURCE7} m4/
%patch217 -p0
%patch218 -p0
%patch219 -p1
%patch220 -p0
%patch221 -p0
# udev patches
%patch1001 -p1

View File

@ -1,3 +1,11 @@
-------------------------------------------------------------------
Wed May 14 07:37:08 UTC 2014 - werner@suse.de
- Add upstram patches
0001-replace-more-dup-by-F_DUPFD_CLOEXEC.patch
0002-pam_systemd-use-F_DUPFD_CLOEXEC-when-dupping-session.patch
to avoid that in pam session unwanted file descriptors are inherited
-------------------------------------------------------------------
Tue May 13 08:28:05 UTC 2014 - werner@suse.de

View File

@ -424,6 +424,10 @@ Patch217: 0004-backlight-warn-if-kernel-exposes-backlight-device-wi.patch
Patch218: 0005-backlight-handle-saved-brightness-exceeding-max-brig.patch
# PATCH-FIX-SUSE Do not poison kmsg ring buffer with systemd/udev messages (bnc#877021)
Patch219: log-target-null-instead-kmsg.patch
# PATCH-FIX-UPSTREAM added at 2014/05/14
Patch220: 0001-replace-more-dup-by-F_DUPFD_CLOEXEC.patch
# PATCH-FIX-UPSTREAM added at 2014/05/14
Patch221: 0002-pam_systemd-use-F_DUPFD_CLOEXEC-when-dupping-session.patch
# UDEV PATCHES
# ============
@ -828,6 +832,8 @@ cp %{SOURCE7} m4/
%patch217 -p0
%patch218 -p0
%patch219 -p1
%patch220 -p0
%patch221 -p0
# udev patches
%patch1001 -p1