.
OBS-URL: https://build.opensuse.org/package/show/Base:System/systemd?expand=0&rev=807
This commit is contained in:
parent
8227fd8ef6
commit
58cd57f0cb
@ -0,0 +1,35 @@
|
|||||||
|
Based on 97569e154b80541cbad39d78231b7f360d4ff058 Mon Sep 17 00:00:00 2001
|
||||||
|
From: Lennart Poettering <lennart@poettering.net>
|
||||||
|
Date: Tue, 21 Oct 2014 14:01:28 +0200
|
||||||
|
Subject: [PATCH] strv: add an additional overflow check when enlarging
|
||||||
|
strv()s
|
||||||
|
|
||||||
|
https://bugs.freedesktop.org/show_bug.cgi?id=76745
|
||||||
|
---
|
||||||
|
src/shared/strv.c | 10 ++++++++--
|
||||||
|
1 file changed, 8 insertions(+), 2 deletions(-)
|
||||||
|
|
||||||
|
--- src/shared/strv.c
|
||||||
|
+++ src/shared/strv.c 2014-10-23 00:00:00.000000000 +0000
|
||||||
|
@@ -361,13 +361,19 @@ char *strv_join_quoted(char **l) {
|
||||||
|
|
||||||
|
int strv_push(char ***l, char *value) {
|
||||||
|
char **c;
|
||||||
|
- unsigned n;
|
||||||
|
+ unsigned n, m;
|
||||||
|
|
||||||
|
if (!value)
|
||||||
|
return 0;
|
||||||
|
|
||||||
|
n = strv_length(*l);
|
||||||
|
- c = realloc(*l, sizeof(char*) * (n + 2));
|
||||||
|
+
|
||||||
|
+ /* increase and check for overflow */
|
||||||
|
+ m = n + 2;
|
||||||
|
+ if (m < n)
|
||||||
|
+ return -ENOMEM;
|
||||||
|
+
|
||||||
|
+ c = realloc(*l, sizeof(char*) * (size_t) m);
|
||||||
|
if (!c)
|
||||||
|
return -ENOMEM;
|
||||||
|
|
@ -0,0 +1,42 @@
|
|||||||
|
From fc1ae82cae69d8dbbd9e7a31938810a486fac782 Mon Sep 17 00:00:00 2001
|
||||||
|
From: Hans de Goede <hdegoede@redhat.com>
|
||||||
|
Date: Wed, 22 Oct 2014 14:09:21 +0200
|
||||||
|
Subject: [PATCH] hwdb: Add mapping for special keys on compaq ku 0133
|
||||||
|
keyboards
|
||||||
|
|
||||||
|
The compaq ku 0133 keyboard has 8 special keys at the top:
|
||||||
|
http://lackof.org/taggart/hacking/keyboard/cpqwireless.jpg
|
||||||
|
|
||||||
|
3 of these use standard HID usage codes from the consumer page, the 5
|
||||||
|
others use part of the reserved 0x07 - 0x1f range.
|
||||||
|
|
||||||
|
This commit adds mapping for this keyboard for these reserved codes, making
|
||||||
|
the other 5 keys work.
|
||||||
|
|
||||||
|
Cc: Hans de Goede <hdegoede@redhat.com>
|
||||||
|
Signed-off-by: Hans de Goede <hdegoede@redhat.com>
|
||||||
|
---
|
||||||
|
hwdb/60-keyboard.hwdb | 7 +++++++
|
||||||
|
1 file changed, 7 insertions(+)
|
||||||
|
|
||||||
|
diff --git hwdb/60-keyboard.hwdb hwdb/60-keyboard.hwdb
|
||||||
|
index 59f467b..06caba9 100644
|
||||||
|
--- hwdb/60-keyboard.hwdb
|
||||||
|
+++ hwdb/60-keyboard.hwdb
|
||||||
|
@@ -181,6 +181,13 @@ keyboard:dmi:bvn*:bvr*:bd*:svnCompaq*:pn*Evo*N*:pvr*
|
||||||
|
KEYBOARD_KEY_9e=email
|
||||||
|
KEYBOARD_KEY_9f=homepage
|
||||||
|
|
||||||
|
+keyboard:usb:v049Fp0051d*dc*dsc*dp*ic*isc*ip*in01*
|
||||||
|
+ KEYBOARD_KEY_0c0011=presentation
|
||||||
|
+ KEYBOARD_KEY_0c0012=addressbook
|
||||||
|
+ KEYBOARD_KEY_0c0013=info
|
||||||
|
+ KEYBOARD_KEY_0c0014=prog1
|
||||||
|
+ KEYBOARD_KEY_0c0015=messenger
|
||||||
|
+
|
||||||
|
###########################################################
|
||||||
|
# Dell
|
||||||
|
###########################################################
|
||||||
|
--
|
||||||
|
1.7.9.2
|
||||||
|
|
@ -0,0 +1,41 @@
|
|||||||
|
From f2a474aea8f82fa9b695515d4590f4f3398358a7 Mon Sep 17 00:00:00 2001
|
||||||
|
From: Juho Son <juho80.son@samsung.com>
|
||||||
|
Date: Thu, 11 Sep 2014 16:06:38 +0900
|
||||||
|
Subject: [PATCH] journald: add CAP_MAC_OVERRIDE in journald for SMACK issue
|
||||||
|
|
||||||
|
systemd-journald check the cgroup id to support rate limit option for
|
||||||
|
every messages. so journald should be available to access cgroup node in
|
||||||
|
each process send messages to journald.
|
||||||
|
In system using SMACK, cgroup node in proc is assigned execute label
|
||||||
|
as each process's execute label.
|
||||||
|
so if journald don't want to denied for every process, journald
|
||||||
|
should have all of access rule for all process's label.
|
||||||
|
It's too heavy. so we could give special smack label for journald te get
|
||||||
|
all accesses's permission.
|
||||||
|
'^' label.
|
||||||
|
When assign '^' execute smack label to systemd-journald,
|
||||||
|
systemd-journald need to add CAP_MAC_OVERRIDE capability to get that smack privilege.
|
||||||
|
|
||||||
|
so I want to notice this information and set default capability to
|
||||||
|
journald whether system use SMACK or not.
|
||||||
|
because that capability affect to only smack enabled kernel
|
||||||
|
---
|
||||||
|
units/systemd-journald.service.in | 2 +-
|
||||||
|
1 file changed, 1 insertion(+), 1 deletion(-)
|
||||||
|
|
||||||
|
diff --git units/systemd-journald.service.in units/systemd-journald.service.in
|
||||||
|
index 7013979..4de38fa 100644
|
||||||
|
--- units/systemd-journald.service.in
|
||||||
|
+++ units/systemd-journald.service.in
|
||||||
|
@@ -20,7 +20,7 @@ Restart=always
|
||||||
|
RestartSec=0
|
||||||
|
NotifyAccess=all
|
||||||
|
StandardOutput=null
|
||||||
|
-CapabilityBoundingSet=CAP_SYS_ADMIN CAP_DAC_OVERRIDE CAP_SYS_PTRACE CAP_SYSLOG CAP_AUDIT_CONTROL CAP_CHOWN CAP_DAC_READ_SEARCH CAP_FOWNER CAP_SETUID CAP_SETGID
|
||||||
|
+CapabilityBoundingSet=CAP_SYS_ADMIN CAP_DAC_OVERRIDE CAP_SYS_PTRACE CAP_SYSLOG CAP_AUDIT_CONTROL CAP_CHOWN CAP_DAC_READ_SEARCH CAP_FOWNER CAP_SETUID CAP_SETGID CAP_MAC_OVERRIDE
|
||||||
|
WatchdogSec=1min
|
||||||
|
|
||||||
|
# Increase the default a bit in order to allow many simultaneous
|
||||||
|
--
|
||||||
|
1.7.9.2
|
||||||
|
|
30
0004-journal-do-server_vacuum-for-sigusr1.patch
Normal file
30
0004-journal-do-server_vacuum-for-sigusr1.patch
Normal file
@ -0,0 +1,30 @@
|
|||||||
|
From 3bfd4e0c6341b0ef946d2198f089743fa99e0a97 Mon Sep 17 00:00:00 2001
|
||||||
|
From: WaLyong Cho <walyong.cho@samsung.com>
|
||||||
|
Date: Thu, 28 Aug 2014 21:33:03 +0900
|
||||||
|
Subject: [PATCH] journal: do server_vacuum for sigusr1
|
||||||
|
|
||||||
|
runtime journal is migrated to system journal when only
|
||||||
|
"/run/systemd/journal/flushed" exist. It's ok but according to this
|
||||||
|
the system journal directory size(max use) can be over the config. If
|
||||||
|
journal is not rotated during some time the journal directory can be
|
||||||
|
remained as over the config(or default) size. To avoid, do
|
||||||
|
server_vacuum just after the system journal migration from runtime.
|
||||||
|
---
|
||||||
|
src/journal/journald-server.c | 1 +
|
||||||
|
1 file changed, 1 insertion(+)
|
||||||
|
|
||||||
|
diff --git src/journal/journald-server.c src/journal/journald-server.c
|
||||||
|
index 52111f7..bf9cfcc 100644
|
||||||
|
--- src/journal/journald-server.c
|
||||||
|
+++ src/journal/journald-server.c
|
||||||
|
@@ -1224,6 +1224,7 @@ static int dispatch_sigusr1(sd_event_source *es, const struct signalfd_siginfo *
|
||||||
|
touch("/run/systemd/journal/flushed");
|
||||||
|
server_flush_to_var(s);
|
||||||
|
server_sync(s);
|
||||||
|
+ server_vacuum(s);
|
||||||
|
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
|
--
|
||||||
|
1.7.9.2
|
||||||
|
|
25
0005-cryptsetup-fix-an-OOM-check.patch
Normal file
25
0005-cryptsetup-fix-an-OOM-check.patch
Normal file
@ -0,0 +1,25 @@
|
|||||||
|
From 0e2f14014c65b4d8b30146e414579154cfa932da Mon Sep 17 00:00:00 2001
|
||||||
|
From: Lennart Poettering <lennart@poettering.net>
|
||||||
|
Date: Thu, 23 Oct 2014 00:30:04 +0200
|
||||||
|
Subject: [PATCH] cryptsetup: fix an OOM check
|
||||||
|
|
||||||
|
---
|
||||||
|
src/cryptsetup/cryptsetup-generator.c | 2 +-
|
||||||
|
1 file changed, 1 insertion(+), 1 deletion(-)
|
||||||
|
|
||||||
|
diff --git src/cryptsetup/cryptsetup-generator.c src/cryptsetup/cryptsetup-generator.c
|
||||||
|
index 137b787..c7f30f6 100644
|
||||||
|
--- src/cryptsetup/cryptsetup-generator.c
|
||||||
|
+++ src/cryptsetup/cryptsetup-generator.c
|
||||||
|
@@ -387,7 +387,7 @@ int main(int argc, char *argv[]) {
|
||||||
|
if (k == 2 && streq(proc_uuid, device + 5)) {
|
||||||
|
free(options);
|
||||||
|
options = strdup(p);
|
||||||
|
- if (!proc_options) {
|
||||||
|
+ if (!options) {
|
||||||
|
log_oom();
|
||||||
|
goto cleanup;
|
||||||
|
}
|
||||||
|
--
|
||||||
|
1.7.9.2
|
||||||
|
|
@ -1,3 +1,13 @@
|
|||||||
|
-------------------------------------------------------------------
|
||||||
|
Thu Oct 23 14:05:08 UTC 2014 - werner@suse.de
|
||||||
|
|
||||||
|
- Add upstream patches
|
||||||
|
0001-strv-add-an-additional-overflow-check-when-enlarging.patch
|
||||||
|
0002-hwdb-Add-mapping-for-special-keys-on-compaq-ku-0133-.patch
|
||||||
|
0003-journald-add-CAP_MAC_OVERRIDE-in-journald-for-SMACK-.patch
|
||||||
|
0004-journal-do-server_vacuum-for-sigusr1.patch
|
||||||
|
0005-cryptsetup-fix-an-OOM-check.patch
|
||||||
|
|
||||||
-------------------------------------------------------------------
|
-------------------------------------------------------------------
|
||||||
Wed Oct 22 13:56:22 UTC 2014 - werner@suse.de
|
Wed Oct 22 13:56:22 UTC 2014 - werner@suse.de
|
||||||
|
|
||||||
|
@ -964,6 +964,16 @@ Patch466: 0001-systemd-continue-switch-root-even-if-umount-fails.patch
|
|||||||
Patch467: 0002-systemd-try-harder-to-bind-to-notify-socket.patch
|
Patch467: 0002-systemd-try-harder-to-bind-to-notify-socket.patch
|
||||||
# PATCH-FIX-SUSE added at 2014/10/15
|
# PATCH-FIX-SUSE added at 2014/10/15
|
||||||
Patch468: avoid-leaking-socket-descriptors.patch
|
Patch468: avoid-leaking-socket-descriptors.patch
|
||||||
|
# PATCH-FIX-UPSTREAM added at 2014/10/23
|
||||||
|
Patch469: 0001-strv-add-an-additional-overflow-check-when-enlarging.patch
|
||||||
|
# PATCH-FIX-UPSTREAM added at 2014/10/23
|
||||||
|
Patch470: 0002-hwdb-Add-mapping-for-special-keys-on-compaq-ku-0133-.patch
|
||||||
|
# PATCH-FIX-UPSTREAM added at 2014/10/23
|
||||||
|
Patch471: 0003-journald-add-CAP_MAC_OVERRIDE-in-journald-for-SMACK-.patch
|
||||||
|
# PATCH-FIX-UPSTREAM added at 2014/10/23
|
||||||
|
Patch472: 0004-journal-do-server_vacuum-for-sigusr1.patch
|
||||||
|
# PATCH-FIX-UPSTREAM added at 2014/10/23
|
||||||
|
Patch473: 0005-cryptsetup-fix-an-OOM-check.patch
|
||||||
|
|
||||||
# UDEV PATCHES
|
# UDEV PATCHES
|
||||||
# ============
|
# ============
|
||||||
@ -1778,6 +1788,11 @@ cp %{SOURCE7} m4/
|
|||||||
%patch466 -p0
|
%patch466 -p0
|
||||||
%patch467 -p0
|
%patch467 -p0
|
||||||
%patch468 -p0
|
%patch468 -p0
|
||||||
|
%patch469 -p0
|
||||||
|
%patch470 -p0
|
||||||
|
%patch471 -p0
|
||||||
|
%patch472 -p0
|
||||||
|
%patch473 -p0
|
||||||
|
|
||||||
# udev patches
|
# udev patches
|
||||||
%patch1001 -p1
|
%patch1001 -p1
|
||||||
|
@ -1,3 +1,13 @@
|
|||||||
|
-------------------------------------------------------------------
|
||||||
|
Thu Oct 23 14:05:08 UTC 2014 - werner@suse.de
|
||||||
|
|
||||||
|
- Add upstream patches
|
||||||
|
0001-strv-add-an-additional-overflow-check-when-enlarging.patch
|
||||||
|
0002-hwdb-Add-mapping-for-special-keys-on-compaq-ku-0133-.patch
|
||||||
|
0003-journald-add-CAP_MAC_OVERRIDE-in-journald-for-SMACK-.patch
|
||||||
|
0004-journal-do-server_vacuum-for-sigusr1.patch
|
||||||
|
0005-cryptsetup-fix-an-OOM-check.patch
|
||||||
|
|
||||||
-------------------------------------------------------------------
|
-------------------------------------------------------------------
|
||||||
Wed Oct 22 13:56:22 UTC 2014 - werner@suse.de
|
Wed Oct 22 13:56:22 UTC 2014 - werner@suse.de
|
||||||
|
|
||||||
|
15
systemd.spec
15
systemd.spec
@ -959,6 +959,16 @@ Patch466: 0001-systemd-continue-switch-root-even-if-umount-fails.patch
|
|||||||
Patch467: 0002-systemd-try-harder-to-bind-to-notify-socket.patch
|
Patch467: 0002-systemd-try-harder-to-bind-to-notify-socket.patch
|
||||||
# PATCH-FIX-SUSE added at 2014/10/15
|
# PATCH-FIX-SUSE added at 2014/10/15
|
||||||
Patch468: avoid-leaking-socket-descriptors.patch
|
Patch468: avoid-leaking-socket-descriptors.patch
|
||||||
|
# PATCH-FIX-UPSTREAM added at 2014/10/23
|
||||||
|
Patch469: 0001-strv-add-an-additional-overflow-check-when-enlarging.patch
|
||||||
|
# PATCH-FIX-UPSTREAM added at 2014/10/23
|
||||||
|
Patch470: 0002-hwdb-Add-mapping-for-special-keys-on-compaq-ku-0133-.patch
|
||||||
|
# PATCH-FIX-UPSTREAM added at 2014/10/23
|
||||||
|
Patch471: 0003-journald-add-CAP_MAC_OVERRIDE-in-journald-for-SMACK-.patch
|
||||||
|
# PATCH-FIX-UPSTREAM added at 2014/10/23
|
||||||
|
Patch472: 0004-journal-do-server_vacuum-for-sigusr1.patch
|
||||||
|
# PATCH-FIX-UPSTREAM added at 2014/10/23
|
||||||
|
Patch473: 0005-cryptsetup-fix-an-OOM-check.patch
|
||||||
|
|
||||||
# UDEV PATCHES
|
# UDEV PATCHES
|
||||||
# ============
|
# ============
|
||||||
@ -1773,6 +1783,11 @@ cp %{SOURCE7} m4/
|
|||||||
%patch466 -p0
|
%patch466 -p0
|
||||||
%patch467 -p0
|
%patch467 -p0
|
||||||
%patch468 -p0
|
%patch468 -p0
|
||||||
|
%patch469 -p0
|
||||||
|
%patch470 -p0
|
||||||
|
%patch471 -p0
|
||||||
|
%patch472 -p0
|
||||||
|
%patch473 -p0
|
||||||
|
|
||||||
# udev patches
|
# udev patches
|
||||||
%patch1001 -p1
|
%patch1001 -p1
|
||||||
|
Loading…
Reference in New Issue
Block a user