Accepting request 571964 from Base:System

OBS-URL: https://build.opensuse.org/request/show/571964
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/systemd?expand=0&rev=270
This commit is contained in:
Dominique Leuenberger 2018-02-05 09:50:36 +00:00 committed by Git OBS Bridge
parent 765c4c9e8a
commit b5decf8c13
7 changed files with 86 additions and 116 deletions

View File

@ -1,77 +0,0 @@
From 17be35b017aa39fad8aec98c81d4fade917096ec Mon Sep 17 00:00:00 2001
From: Franck Bui <fbui@suse.com>
Date: Mon, 27 Nov 2017 11:46:40 +0100
Subject: [PATCH 1/1] compat-rules: get rid of scsi_id when generating compat
symlinks for NVMe devices
The SCSI translation layer for NVMe devices has been removed from the
kernel since 4.13 (commit 3f7f25a910ed8988b2a87c1ca2bfee6b4fb83ac7),
so drop scsi_id in favor of the sysfs interface to generate the
name of the compat symlinks.
Unfortunately we have to retrieve manually the model attribute
because %s{} strips trailing whitespaces otherwise. Indeed scsi_id
replaced them with a single '_' char due to the use of the
'--replace-whitespace' option.
[tblume: fixes bsc#1051465]
---
rules/61-persistent-storage-compat.rules | 34 ++++++++++++++++++++++++++++----
1 file changed, 30 insertions(+), 4 deletions(-)
diff --git a/rules/61-persistent-storage-compat.rules b/rules/61-persistent-storage-compat.rules
index 82a38fac7..639dc1ee1 100644
--- a/rules/61-persistent-storage-compat.rules
+++ b/rules/61-persistent-storage-compat.rules
@@ -16,6 +16,10 @@
# doesn't rely on them and they could be disabled permanently.
#
# Thanks !
+#
+# Note: this rules file can rely on all ID_* variables (set by
+# 60-persistent-storage.rule) but should not overwrite them, see
+# bsc#1048679 for details.
ACTION=="remove", GOTO="persistent_storage_end"
@@ -49,11 +53,33 @@ ENV{COMPAT_SYMLINK_GENERATION}!="?*", ENV{COMPAT_SYMLINK_GENERATION}="1"
#
ENV{COMPAT_SYMLINK_GENERATION}!="1", GOTO="generation_2"
-# NVMe links were introduced first via a SUSE specific commit
+# NVMe symlinks were introduced first via a SUSE specific commit
# (bsc#944132) and upstream gained support later but of course using a
-# different scheme. Also note that ID_SERIAL is already used by the
-# contemporary rules, see bsc#1048679 for details.
-KERNEL=="nvme*", ENV{DEVTYPE}=="disk", ENV{ID_NVME_SERIAL_COMPAT}!="?*", PROGRAM="scsi_id --whitelisted --replace-whitespace -d $devnode", RESULT=="?*", ENV{ID_NVME_SERIAL_COMPAT}="$result"
+# different scheme.
+
+# The SCSI translation layer for NVMe devices has been removed from
+# the kernel since 4.13, therefore we switched from scsi_id to the
+# sysfs interface to generate the name of the compat symlinks.
+# Unfortunately we can't use %s{model} to retrieve the model string
+# because udev strips any trailing whitespaces and some plateforms
+# (QEMU does that) might append such chars. In those cases scsi_id was
+# replacing them with a single trailing '_'. Therefore the currently
+# code retrieves the model string manually making sure to preserve all
+# characters so trailing whitespaces are still converted when the
+# symlink is created.
+
+# KERNEL=="nvme*", ENV{DEVTYPE}=="disk", ENV{ID_NVME_SERIAL_COMPAT}!="?*", ATTRS{model}=="?*", ATTRS{serial}=="?*" \
+# PROGRAM=="/bin/sh -c 'MODEL=\"%s{model}\"; echo \"${MODEL:0:16}\"'", ENV{ID_NVME_SERIAL_COMPAT}="SNVMe_%c%s{serial}"
+
+KERNEL=="nvme*", ENV{DEVTYPE}=="disk", ENV{ID_NVME_SERIAL_COMPAT}!="?*", ATTRS{model}=="?*", ATTRS{serial}=="?*" \
+ PROGRAM=="/bin/sh -c ' \
+ cd /sys/%p; \
+ while ! [ -f model ]; do \
+ cd ..; \
+ [ $(pwd) = %S ] && exit 1; \
+ done; \
+ cut -c 1-16 model'", ENV{ID_NVME_SERIAL_COMPAT}="SNVMe_%c%s{serial}"
+
KERNEL=="nvme*", ENV{DEVTYPE}=="disk", ENV{ID_NVME_SERIAL_COMPAT}=="?*", SYMLINK+="disk/by-id/nvme-$env{ID_NVME_SERIAL_COMPAT}"
KERNEL=="nvme*", ENV{DEVTYPE}=="partition", ENV{ID_NVME_SERIAL_COMPAT}=="?*", SYMLINK+="disk/by-id/nvme-$env{ID_NVME_SERIAL_COMPAT}-part%n"
--
2.14.2

View File

@ -1,31 +0,0 @@
From 30cceac444bcc67896611154b051669225abaa93 Mon Sep 17 00:00:00 2001
From: Franck Bui <fbui@suse.com>
Date: Thu, 6 Jul 2017 15:48:10 +0200
Subject: [PATCH] core: disable session keyring per system sevice entirely
for now
It seems that this stuff needs more thoughts...
See also:
https://github.com/systemd/systemd/pull/6286
[fbui: fixes bnc#1045886]
---
src/core/service.c | 1 -
1 file changed, 1 deletion(-)
diff --git a/src/core/service.c b/src/core/service.c
index 74054887b..874f2be93 100644
--- a/src/core/service.c
+++ b/src/core/service.c
@@ -1341,7 +1341,6 @@ static int service_spawn(
} else
path = UNIT(s)->cgroup_path;
- exec_params.flags |= MANAGER_IS_SYSTEM(UNIT(s)->manager) ? EXEC_NEW_KEYRING : 0;
exec_params.argv = c->argv;
exec_params.environment = final_env;
exec_params.fds = fds;
--
2.13.1

View File

@ -1,3 +1,3 @@
version https://git-lfs.github.com/spec/v1
oid sha256:3092b5ba37ed35a9fc7dd0f9554a8a047d60bbff45c72fb991adabfc566efde3
size 3353980
oid sha256:99fb2aa924449a90db2431507c82cb778a7563e22de08f1ac8e9e77c30c06fc3
size 3353804

View File

@ -1,3 +1,42 @@
-------------------------------------------------------------------
Fri Feb 2 08:56:04 UTC 2018 - fbui@suse.com
- Import commit 8ec9f58d334c76e736957812d9e57151502a6f63
07c6ee3eb compat-rules: get rid of scsi_id when generating compat symlinks for NVMe devices (bsc#1051465)
261a4ef38 compat-rules: generate compat by-id symlinks with 'nvme' prefix missing (bsc#1063249)
-------------------------------------------------------------------
Fri Feb 2 08:44:57 UTC 2018 - fbui@suse.com
- Drop 0001-compat-rules-get-rid-of-scsi_id-when-generating-comp.patch
It's been imported in branch "compats/udev-compat-symlinks" which
has been merged in branch "openSUSE-Factory" in its turn.
-------------------------------------------------------------------
Fri Feb 2 08:17:41 UTC 2018 - fbui@suse.com
- Import commit c516268845b0fd0683cef2e491b84077371e8f01
37da1facb core: disable session keyring per system sevice entirely for now (bnc#1045886)
8a1ae0449 strv: fix buffer size calculation in strv_join_quoted()
-------------------------------------------------------------------
Fri Feb 2 08:14:03 UTC 2018 - fbui@suse.com
- Drop 0001-core-disable-session-keyring-per-system-sevice-entir.patch
It's been merged in branch "SUSE/v234".
-------------------------------------------------------------------
Wed Jan 31 15:14:55 UTC 2018 - fbui@suse.com
- Import commit 2087a80d56bb6f8c7fb74a19172259bc9d9af866
2b8971b8a tmpfiles: refuse to chown()/chmod() files which are hardlinked, unless protected_hardlinks sysctl is on (bsc#1077925 CVE-2017-18078)
8c2bcac25 tmpfiles: change ownership of symlinks too
-------------------------------------------------------------------
Mon Jan 29 09:52:50 UTC 2018 - fbui@suse.com

View File

@ -162,8 +162,8 @@ Source1065: udev-remount-tmpfs
# broken in upstream and need an urgent fix. Even in this case, the
# patches are temporary and should be removed as soon as a fix is
# merged by upstream.
Patch1: 0001-core-disable-session-keyring-per-system-sevice-entir.patch
Patch2: 0001-compat-rules-get-rid-of-scsi_id-when-generating-comp.patch
# Empty
%description
Systemd is a system and service manager, compatible with SysV and LSB
@ -408,7 +408,7 @@ Some systemd commands offer bash completion, but it is an optional dependency.
%prep
%setup -q -n systemd-%{version}
%autopatch -p1
# %autopatch -p1
# only needed for bootstrap
%if 0%{?bootstrap}

View File

@ -1,3 +1,42 @@
-------------------------------------------------------------------
Fri Feb 2 08:56:04 UTC 2018 - fbui@suse.com
- Import commit 8ec9f58d334c76e736957812d9e57151502a6f63
07c6ee3eb compat-rules: get rid of scsi_id when generating compat symlinks for NVMe devices (bsc#1051465)
261a4ef38 compat-rules: generate compat by-id symlinks with 'nvme' prefix missing (bsc#1063249)
-------------------------------------------------------------------
Fri Feb 2 08:44:57 UTC 2018 - fbui@suse.com
- Drop 0001-compat-rules-get-rid-of-scsi_id-when-generating-comp.patch
It's been imported in branch "compats/udev-compat-symlinks" which
has been merged in branch "openSUSE-Factory" in its turn.
-------------------------------------------------------------------
Fri Feb 2 08:17:41 UTC 2018 - fbui@suse.com
- Import commit c516268845b0fd0683cef2e491b84077371e8f01
37da1facb core: disable session keyring per system sevice entirely for now (bnc#1045886)
8a1ae0449 strv: fix buffer size calculation in strv_join_quoted()
-------------------------------------------------------------------
Fri Feb 2 08:14:03 UTC 2018 - fbui@suse.com
- Drop 0001-core-disable-session-keyring-per-system-sevice-entir.patch
It's been merged in branch "SUSE/v234".
-------------------------------------------------------------------
Wed Jan 31 15:14:55 UTC 2018 - fbui@suse.com
- Import commit 2087a80d56bb6f8c7fb74a19172259bc9d9af866
2b8971b8a tmpfiles: refuse to chown()/chmod() files which are hardlinked, unless protected_hardlinks sysctl is on (bsc#1077925 CVE-2017-18078)
8c2bcac25 tmpfiles: change ownership of symlinks too
-------------------------------------------------------------------
Mon Jan 29 09:52:50 UTC 2018 - fbui@suse.com

View File

@ -160,8 +160,8 @@ Source1065: udev-remount-tmpfs
# broken in upstream and need an urgent fix. Even in this case, the
# patches are temporary and should be removed as soon as a fix is
# merged by upstream.
Patch1: 0001-core-disable-session-keyring-per-system-sevice-entir.patch
Patch2: 0001-compat-rules-get-rid-of-scsi_id-when-generating-comp.patch
# Empty
%description
Systemd is a system and service manager, compatible with SysV and LSB
@ -406,7 +406,7 @@ Some systemd commands offer bash completion, but it is an optional dependency.
%prep
%setup -q -n systemd-%{version}
%autopatch -p1
# %autopatch -p1
# only needed for bootstrap
%if 0%{?bootstrap}