diff --git a/0001-bnc888612-logind-polkit-acpi.patch b/0001-bnc888612-logind-polkit-acpi.patch new file mode 100644 index 00000000..ba3a1b52 --- /dev/null +++ b/0001-bnc888612-logind-polkit-acpi.patch @@ -0,0 +1,75 @@ +--- + src/login/logind-action.c | 5 +++++ + src/login/logind-dbus.c | 20 ++++++++++++++++---- + 2 files changed, 21 insertions(+), 4 deletions(-) + +Index: systemd-210/src/login/logind-action.c +=================================================================== +--- systemd-210/src/login/logind-action.c ++++ systemd-210/src/login/logind-action.c +@@ -101,6 +101,11 @@ int manager_handle_action( + + /* If the key handling is inhibited, don't do anything */ + if (inhibit_key > 0) { ++ if (inhibit_key == INHIBIT_HANDLE_POWER_KEY) { ++ int fd; ++ fd = open("/run/systemd/acpi-shutdown", O_CREAT|O_WRONLY|O_TRUNC, S_IRUSR); ++ close(fd); ++ } + if (manager_is_inhibited(m, inhibit_key, INHIBIT_BLOCK, NULL, true, false, 0, NULL)) { + log_debug("Refusing operation, %s is inhibited.", inhibit_what_to_string(inhibit_key)); + return 0; +Index: systemd-210/src/login/logind-dbus.c +=================================================================== +--- systemd-210/src/login/logind-dbus.c ++++ systemd-210/src/login/logind-dbus.c +@@ -1469,9 +1469,11 @@ static int method_do_shutdown_or_sleep( + sd_bus_error *error) { + + _cleanup_bus_creds_unref_ sd_bus_creds *creds = NULL; +- bool multiple_sessions, blocked; ++ bool multiple_sessions, blocked, shutdown_through_acpi; + int interactive, r; + uid_t uid; ++ int fd; ++ struct stat buf; + + assert(m); + assert(message); +@@ -1515,7 +1517,17 @@ static int method_do_shutdown_or_sleep( + multiple_sessions = r > 0; + blocked = manager_is_inhibited(m, w, INHIBIT_BLOCK, NULL, false, true, uid, NULL); + +- if (multiple_sessions) { ++ fd = open ("/run/systemd/acpi-shutdown", O_NOFOLLOW|O_PATH|O_CLOEXEC); ++ if (fd >= 0) { ++ shutdown_through_acpi = ((fstat(fd,&buf) == 0) && (time(NULL) - buf.st_mtime <= 65)); ++ close(fd); ++ unlink ("/run/systemd/acpi-shutdown"); ++ } ++ else ++ shutdown_through_acpi = false; ++ ++ ++ if (multiple_sessions && !shutdown_through_acpi) { + r = bus_verify_polkit_async(m->bus, &m->polkit_registry, message, + action_multiple_sessions, interactive, error, method, m); + if (r < 0) +@@ -1524,7 +1536,7 @@ static int method_do_shutdown_or_sleep( + return 1; /* No authorization for now, but the async polkit stuff will call us again when it has it */ + } + +- if (blocked) { ++ if (blocked && !shutdown_through_acpi) { + r = bus_verify_polkit_async(m->bus, &m->polkit_registry, message, + action_ignore_inhibit, interactive, error, method, m); + if (r < 0) +@@ -1533,7 +1545,7 @@ static int method_do_shutdown_or_sleep( + return 1; /* No authorization for now, but the async polkit stuff will call us again when it has it */ + } + +- if (!multiple_sessions && !blocked) { ++ if (!multiple_sessions && !blocked && !shutdown_through_acpi) { + r = bus_verify_polkit_async(m->bus, &m->polkit_registry, message, + action, interactive, error, method, m); + if (r < 0) diff --git a/0001-core-fix-resource-leak-in-manager_environment_add.patch b/0001-core-fix-resource-leak-in-manager_environment_add.patch new file mode 100644 index 00000000..7991b3be --- /dev/null +++ b/0001-core-fix-resource-leak-in-manager_environment_add.patch @@ -0,0 +1,32 @@ +From aa9f8a30fd7dc7aa3aa2575b75b3f9a0ab3f02db Mon Sep 17 00:00:00 2001 +From: Andreas Henriksson +Date: Tue, 16 Sep 2014 21:11:02 +0200 +Subject: [PATCH] core: fix resource leak in manager_environment_add + +Second error path must free the (potentially) allocated memory in the +first code chunk before returning. + +Found by coverity. Fixes: CID#1237750 +--- + src/core/manager.c | 4 +++- + 1 file changed, 3 insertions(+), 1 deletion(-) + +diff --git src/core/manager.c src/core/manager.c +index 0770727..e0c1cd1 100644 +--- src/core/manager.c ++++ src/core/manager.c +@@ -2751,8 +2751,10 @@ int manager_environment_add(Manager *m, char **minus, char **plus) { + + if (!strv_isempty(plus)) { + b = strv_env_merge(2, l, plus); +- if (!b) ++ if (!b) { ++ strv_free(a); + return -ENOMEM; ++ } + + l = b; + } +-- +1.7.9.2 + diff --git a/0001-journal-Do-not-count-on-the-compiler-initializing-fo.patch b/0001-journal-Do-not-count-on-the-compiler-initializing-fo.patch new file mode 100644 index 00000000..1cf00ff0 --- /dev/null +++ b/0001-journal-Do-not-count-on-the-compiler-initializing-fo.patch @@ -0,0 +1,30 @@ +From e8c108ca9f11a382742f212f5b42a02536b3d40f Mon Sep 17 00:00:00 2001 +From: Philippe De Swert +Date: Wed, 17 Sep 2014 00:27:16 +0300 +Subject: [PATCH] journal: Do not count on the compiler initializing + found_last to false + +There is a very unlikely case where this can happen since gcc usually +does the sane thing. But let's make sure found_last is initialized anyway. + +Fixes: CID#996386 +--- + src/journal/journal-verify.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git src/journal/journal-verify.c src/journal/journal-verify.c +index 6c8ca8c..b4e8f73 100644 +--- src/journal/journal-verify.c ++++ src/journal/journal-verify.c +@@ -804,7 +804,7 @@ int journal_file_verify( + usec_t last_usec = 0; + int data_fd = -1, entry_fd = -1, entry_array_fd = -1; + unsigned i; +- bool found_last; ++ bool found_last = false; + #ifdef HAVE_GCRYPT + uint64_t last_tag = 0; + #endif +-- +1.7.9.2 + diff --git a/0002-include-fcntl.h-rather-than-sys-fcntl.h.patch b/0002-include-fcntl.h-rather-than-sys-fcntl.h.patch new file mode 100644 index 00000000..17cd4197 --- /dev/null +++ b/0002-include-fcntl.h-rather-than-sys-fcntl.h.patch @@ -0,0 +1,25 @@ +From fdb8bd0fe7244b72ddc1c08e401ebddefdaf4f46 Mon Sep 17 00:00:00 2001 +From: Emil Renner Berthing +Date: Thu, 18 Sep 2014 15:24:38 +0200 +Subject: [PATCH] include fcntl.h rather than sys/fcntl.h + +--- + src/socket-proxy/socket-proxyd.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git src/socket-proxy/socket-proxyd.c src/socket-proxy/socket-proxyd.c +index 81d8457..ff2b24f 100644 +--- src/socket-proxy/socket-proxyd.c ++++ src/socket-proxy/socket-proxyd.c +@@ -26,7 +26,7 @@ + #include + #include + #include +-#include ++#include + #include + #include + #include +-- +1.7.9.2 + diff --git a/0002-util-remove-a-unnecessary-check.patch b/0002-util-remove-a-unnecessary-check.patch new file mode 100644 index 00000000..ac7cdfb8 --- /dev/null +++ b/0002-util-remove-a-unnecessary-check.patch @@ -0,0 +1,25 @@ +Based on 42646a8bf24be2c9280554c9d8540c67c835b3c4 Mon Sep 17 00:00:00 2001 +From: Thomas Hindoe Paaboel Andersen +Date: Tue, 16 Sep 2014 22:58:35 +0200 +Subject: [PATCH] util: remove a unnecessary check + +We only break out of the previous loop if fd >= 0 so there is no +use in checking it again. + +Found by coverity. Fixes: CID#1237577 +--- + src/shared/util.c | 3 --- + 1 file changed, 3 deletions(-) + +--- src/shared/util.c ++++ src/shared/util.c 2014-09-18 13:05:08.218236754 +0000 +@@ -1772,9 +1772,6 @@ int open_terminal(const char *name, int + c++; + } + +- if (fd < 0) +- return -errno; +- + r = isatty(fd); + if (r < 0) { + close_nointr_nofail(fd); diff --git a/0003-mount-order-options-before-other-arguments-to-mount.patch b/0003-mount-order-options-before-other-arguments-to-mount.patch new file mode 100644 index 00000000..79c0b3ce --- /dev/null +++ b/0003-mount-order-options-before-other-arguments-to-mount.patch @@ -0,0 +1,39 @@ +Based on 141a1ceaa62578f1ed14f04cae2113dd0f49fd7f Mon Sep 17 00:00:00 2001 +From: Emil Renner Berthing +Date: Thu, 18 Sep 2014 15:24:59 +0200 +Subject: [PATCH] mount: order options before other arguments to mount + +--- + src/core/mount.c | 10 ++++++---- + 1 file changed, 6 insertions(+), 4 deletions(-) + +--- src/core/mount.c ++++ src/core/mount.c 2014-09-19 10:13:51.638238597 +0000 +@@ -947,10 +947,11 @@ static void mount_enter_mounting(Mount * + r = exec_command_set( + m->control_command, + "/bin/mount", +- m->parameters_fragment.what, +- m->where, ++ "-n", + "-t", m->parameters_fragment.fstype ? m->parameters_fragment.fstype : "auto", + m->parameters_fragment.options ? "-o" : NULL, m->parameters_fragment.options, ++ m->parameters_fragment.what, ++ m->where, + NULL); + else + r = -ENOENT; +@@ -994,10 +995,11 @@ static void mount_enter_remounting(Mount + r = exec_command_set( + m->control_command, + "/bin/mount", +- m->parameters_fragment.what, +- m->where, ++ "-n", + "-t", m->parameters_fragment.fstype ? m->parameters_fragment.fstype : "auto", + "-o", o, ++ m->parameters_fragment.what, ++ m->where, + NULL); + } else + r = -ENOENT; diff --git a/0003-udev-event-explicitly-don-t-read-from-invalid-fd.patch b/0003-udev-event-explicitly-don-t-read-from-invalid-fd.patch new file mode 100644 index 00000000..bad29c52 --- /dev/null +++ b/0003-udev-event-explicitly-don-t-read-from-invalid-fd.patch @@ -0,0 +1,27 @@ +From 3f796750b192e62701e91a95f85389f876d1059b Mon Sep 17 00:00:00 2001 +From: Tom Gundersen +Date: Wed, 17 Sep 2014 21:44:56 +0200 +Subject: [PATCH] udev: event - explicitly don't read() from invalid fd + +This fixes CID #1237641. +--- + src/udev/udev-event.c | 3 +++ + 1 file changed, 3 insertions(+) + +diff --git src/udev/udev-event.c src/udev/udev-event.c +index 6b8b5a8..c8b1420 100644 +--- src/udev/udev-event.c ++++ src/udev/udev-event.c +@@ -494,6 +494,9 @@ static void spawn_read(struct udev_event *event, + for (i = 0; i < fdcount; i++) { + int *fd = (int *)ev[i].data.ptr; + ++ if (*fd < 0) ++ continue; ++ + if (ev[i].events & EPOLLIN) { + ssize_t count; + char buf[4096]; +-- +1.7.9.2 + diff --git a/0004-shared-conf-parser.patch b/0004-shared-conf-parser.patch new file mode 100644 index 00000000..8a03d9d5 --- /dev/null +++ b/0004-shared-conf-parser.patch @@ -0,0 +1,31 @@ +Based on 83e341a637b75f7f592a5dc717c34d8b67ed4ffa Mon Sep 17 00:00:00 2001 +From: Tom Gundersen +Date: Wed, 17 Sep 2014 22:17:53 +0200 +Subject: [PATCH] shared: conf-parser + +Check memory allocation. Found by Coverity. + +Fixes CID #1237644. +--- + src/shared/conf-parser.h | 4 ++++ + 1 file changed, 4 insertions(+) + +--- src/shared/conf-parser.h ++++ src/shared/conf-parser.h 2014-09-18 13:07:07.314735514 +0000 +@@ -181,6 +181,8 @@ int log_syntax_internal(const char *unit + assert(data); \ + \ + xs = new0(type, 1); \ ++ if(!xs) \ ++ return -ENOMEM; \ + *xs = invalid; \ + \ + FOREACH_WORD(w, l, rvalue, state) { \ +@@ -213,6 +215,7 @@ int log_syntax_internal(const char *unit + xs = realloc(xs, (++i + 1) * sizeof(type)); \ + if (!xs) \ + return -ENOMEM; \ ++ \ + *(xs + i) = invalid; \ + } \ + \ diff --git a/0004-shared-wtmp-utmp-don-t-clear-store_wtmp-in-utmp_put_.patch b/0004-shared-wtmp-utmp-don-t-clear-store_wtmp-in-utmp_put_.patch new file mode 100644 index 00000000..596aa557 --- /dev/null +++ b/0004-shared-wtmp-utmp-don-t-clear-store_wtmp-in-utmp_put_.patch @@ -0,0 +1,106 @@ +From 863f3ce0d050f005839f6aa41fe7bac5478a7b5e Mon Sep 17 00:00:00 2001 +From: Tom Gundersen +Date: Fri, 19 Sep 2014 08:03:31 +0200 +Subject: [PATCH] shared: wtmp-utmp - don't clear store_wtmp in + utmp_put_dead_process() + +Also modernize a few other things and add comments to explain CID #1237503 +and CID #1237504. +--- + src/shared/utmp-wtmp.c | 28 ++++++++++++++-------------- + 1 file changed, 14 insertions(+), 14 deletions(-) + +diff --git src/shared/utmp-wtmp.c src/shared/utmp-wtmp.c +index 30a0c03..31f13ec 100644 +--- src/shared/utmp-wtmp.c ++++ src/shared/utmp-wtmp.c +@@ -92,8 +92,6 @@ int utmp_get_runlevel(int *runlevel, int *previous) { + static void init_timestamp(struct utmpx *store, usec_t t) { + assert(store); + +- zero(*store); +- + if (t <= 0) + t = now(CLOCK_REALTIME); + +@@ -143,7 +141,7 @@ static int write_entry_wtmp(const struct utmpx *store) { + assert(store); + + /* wtmp is a simple append-only file where each entry is +- simply appended to * the end; i.e. basically a log. */ ++ simply appended to the end; i.e. basically a log. */ + + errno = 0; + updwtmpx(_PATH_WTMPX, store); +@@ -172,7 +170,7 @@ static int write_entry_both(const struct utmpx *store) { + } + + int utmp_put_shutdown(void) { +- struct utmpx store; ++ struct utmpx store = {}; + + init_entry(&store, 0); + +@@ -183,7 +181,7 @@ int utmp_put_shutdown(void) { + } + + int utmp_put_reboot(usec_t t) { +- struct utmpx store; ++ struct utmpx store = {}; + + init_entry(&store, t); + +@@ -206,16 +204,17 @@ _pure_ static const char *sanitize_id(const char *id) { + } + + int utmp_put_init_process(const char *id, pid_t pid, pid_t sid, const char *line) { +- struct utmpx store; ++ struct utmpx store = { ++ .ut_type = INIT_PROCESS, ++ .ut_pid = pid, ++ .ut_session = sid, ++ }; + + assert(id); + + init_timestamp(&store, 0); + +- store.ut_type = INIT_PROCESS; +- store.ut_pid = pid; +- store.ut_session = sid; +- ++ /* ut_id needs only be nul-terminated if it is shorter than sizeof(ut_id) */ + strncpy(store.ut_id, sanitize_id(id), sizeof(store.ut_id)); + + if (line) +@@ -225,14 +224,15 @@ int utmp_put_init_process(const char *id, pid_t pid, pid_t sid, const char *line + } + + int utmp_put_dead_process(const char *id, pid_t pid, int code, int status) { +- struct utmpx lookup, store, store_wtmp, *found; ++ struct utmpx lookup = { ++ .ut_type = INIT_PROCESS /* looks for DEAD_PROCESS, LOGIN_PROCESS, USER_PROCESS, too */ ++ }, store, store_wtmp, *found; + + assert(id); + + setutxent(); + +- zero(lookup); +- lookup.ut_type = INIT_PROCESS; /* looks for DEAD_PROCESS, LOGIN_PROCESS, USER_PROCESS, too */ ++ /* ut_id needs only be nul-terminated if it is shorter than sizeof(ut_id) */ + strncpy(lookup.ut_id, sanitize_id(id), sizeof(lookup.ut_id)); + + found = getutxid(&lookup); +@@ -260,7 +260,7 @@ int utmp_put_dead_process(const char *id, pid_t pid, int code, int status) { + + + int utmp_put_runlevel(int runlevel, int previous) { +- struct utmpx store; ++ struct utmpx store = {}; + int r; + + assert(runlevel > 0); +-- +1.7.9.2 + diff --git a/0005-logind-fix-typo.patch b/0005-logind-fix-typo.patch new file mode 100644 index 00000000..79916e75 --- /dev/null +++ b/0005-logind-fix-typo.patch @@ -0,0 +1,25 @@ +From 2b2332856bafe25c4aa17db2a90bdcddef1fec1a Mon Sep 17 00:00:00 2001 +From: Ronny Chevalier +Date: Wed, 17 Sep 2014 20:10:44 +0200 +Subject: [PATCH] logind: fix typo + +--- + src/login/logind-session-dbus.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git src/login/logind-session-dbus.c src/login/logind-session-dbus.c +index 7d81500..58836fc 100644 +--- src/login/logind-session-dbus.c ++++ src/login/logind-session-dbus.c +@@ -249,7 +249,7 @@ static int method_set_idle_hint(sd_bus *bus, sd_bus_message *message, void *user + return r; + + if (uid != 0 && uid != s->user->uid) +- return sd_bus_error_setf(error, SD_BUS_ERROR_ACCESS_DENIED, "Only owner of session my set idle hint"); ++ return sd_bus_error_setf(error, SD_BUS_ERROR_ACCESS_DENIED, "Only owner of session may set idle hint"); + + session_set_idle_hint(s, b); + +-- +1.7.9.2 + diff --git a/0005-shared-label.h-add-missing-stdio.h-include.patch b/0005-shared-label.h-add-missing-stdio.h-include.patch new file mode 100644 index 00000000..1c75aacc --- /dev/null +++ b/0005-shared-label.h-add-missing-stdio.h-include.patch @@ -0,0 +1,24 @@ +From 45f15021e3524b04d574b9ff4e801cb3219daf3f Mon Sep 17 00:00:00 2001 +From: Emil Renner Berthing +Date: Thu, 18 Sep 2014 15:24:42 +0200 +Subject: [PATCH] shared/label.h: add missing stdio.h include + +--- + src/shared/label.h | 1 + + 1 file changed, 1 insertion(+) + +diff --git src/shared/label.h src/shared/label.h +index 7294820..cb2ec79 100644 +--- src/shared/label.h ++++ src/shared/label.h +@@ -24,6 +24,7 @@ + #include + #include + #include ++#include + + int label_init(const char *prefix); + void label_finish(void); +-- +1.7.9.2 + diff --git a/0006-shared-sparse-endian.h-add-missing-byteswap.h-includ.patch b/0006-shared-sparse-endian.h-add-missing-byteswap.h-includ.patch new file mode 100644 index 00000000..0dec2f61 --- /dev/null +++ b/0006-shared-sparse-endian.h-add-missing-byteswap.h-includ.patch @@ -0,0 +1,24 @@ +From 8e8af4cfc7fa373504a22e58966909161acfb72f Mon Sep 17 00:00:00 2001 +From: Emil Renner Berthing +Date: Thu, 18 Sep 2014 15:24:43 +0200 +Subject: [PATCH] shared/sparse-endian.h: add missing byteswap.h include + +--- + src/shared/sparse-endian.h | 1 + + 1 file changed, 1 insertion(+) + +diff --git src/shared/sparse-endian.h src/shared/sparse-endian.h +index eb4dbf3..c913fda 100644 +--- src/shared/sparse-endian.h ++++ src/shared/sparse-endian.h +@@ -21,6 +21,7 @@ + #ifndef SPARSE_ENDIAN_H + #define SPARSE_ENDIAN_H + ++#include + #include + #include + +-- +1.7.9.2 + diff --git a/0006-systemctl-fix-resource-leak-CID-1237747.patch b/0006-systemctl-fix-resource-leak-CID-1237747.patch new file mode 100644 index 00000000..f8ec6af1 --- /dev/null +++ b/0006-systemctl-fix-resource-leak-CID-1237747.patch @@ -0,0 +1,35 @@ +From 48a2900c6612052149a1d0dd88aeacb99b49ce4d Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Cristian=20Rodr=C3=ADguez?= +Date: Wed, 17 Sep 2014 21:56:25 -0300 +Subject: [PATCH] systemctl: fix resource leak CID #1237747 + +..by simply moving the declaration of "unit" into the STRV_FOREACH +loop as suggested by Andreas. +--- + src/systemctl/systemctl.c | 3 ++- + 1 file changed, 2 insertions(+), 1 deletion(-) + +diff --git src/systemctl/systemctl.c src/systemctl/systemctl.c +index 88be871..9012128 100644 +--- src/systemctl/systemctl.c ++++ src/systemctl/systemctl.c +@@ -4449,7 +4449,6 @@ static int show(sd_bus *bus, char **args) { + } + + static int cat(sd_bus *bus, char **args) { +- _cleanup_free_ char *unit = NULL; + _cleanup_strv_free_ char **names = NULL; + char **name; + bool first = true; +@@ -4468,6 +4467,8 @@ static int cat(sd_bus *bus, char **args) { + _cleanup_bus_error_free_ sd_bus_error error = SD_BUS_ERROR_NULL; + _cleanup_strv_free_ char **dropin_paths = NULL; + _cleanup_free_ char *fragment_path = NULL; ++ _cleanup_free_ char *unit = NULL; ++ + char **path; + + unit = unit_dbus_path_from_name(*name); +-- +1.7.9.2 + diff --git a/0007-libudev-monitor-warn-if-we-fail-to-request-SO_PASSCR.patch b/0007-libudev-monitor-warn-if-we-fail-to-request-SO_PASSCR.patch new file mode 100644 index 00000000..15857575 --- /dev/null +++ b/0007-libudev-monitor-warn-if-we-fail-to-request-SO_PASSCR.patch @@ -0,0 +1,29 @@ +From 9dedfe7f667a8cb22ba85d0223556c69c4fd0e9a Mon Sep 17 00:00:00 2001 +From: Tom Gundersen +Date: Thu, 18 Sep 2014 09:20:46 +0200 +Subject: [PATCH] libudev: monitor - warn if we fail to request SO_PASSCRED + +The function still succeeds, so there is no functional change. This fixes CID #996288. +--- + src/libudev/libudev-monitor.c | 5 ++++- + 1 file changed, 4 insertions(+), 1 deletion(-) + +diff --git src/libudev/libudev-monitor.c src/libudev/libudev-monitor.c +index 186e5e1..59698b8 100644 +--- src/libudev/libudev-monitor.c ++++ src/libudev/libudev-monitor.c +@@ -412,7 +412,10 @@ _public_ int udev_monitor_enable_receiving(struct udev_monitor *udev_monitor) + } + + /* enable receiving of sender credentials */ +- setsockopt(udev_monitor->sock, SOL_SOCKET, SO_PASSCRED, &on, sizeof(on)); ++ err = setsockopt(udev_monitor->sock, SOL_SOCKET, SO_PASSCRED, &on, sizeof(on)); ++ if (err < 0) ++ udev_err(udev_monitor->udev, "setting SO_PASSCRED failed: %m\n"); ++ + return 0; + } + +-- +1.7.9.2 + diff --git a/0008-shared-conf-parser-don-t-leak-memory-on-error-in-DEF.patch b/0008-shared-conf-parser-don-t-leak-memory-on-error-in-DEF.patch new file mode 100644 index 00000000..3e5d0c03 --- /dev/null +++ b/0008-shared-conf-parser-don-t-leak-memory-on-error-in-DEF.patch @@ -0,0 +1,52 @@ +Based on 77c10205bb337585c320e91af4b416f2dcc6faba Mon Sep 17 00:00:00 2001 +From: Tom Gundersen +Date: Thu, 18 Sep 2014 13:47:00 +0200 +Subject: [PATCH] shared: conf-parser - don't leak memory on error in + DEFINE_CONFIG_PARSE_ENUMV + +Found by Coverity. Fixes CID #1237746. +--- + src/shared/conf-parser.h | 12 +++++++++--- + 1 file changed, 9 insertions(+), 3 deletions(-) + +--- src/shared/conf-parser.h ++++ src/shared/conf-parser.h 2014-09-18 13:14:43.730234764 +0000 +@@ -171,7 +171,8 @@ int log_syntax_internal(const char *unit + void *data, \ + void *userdata) { \ + \ +- type **enums = data, *xs, x, *ys; \ ++ type **enums = data, x, *ys; \ ++ _cleanup_free_ type *xs = NULL; \ + char *w, *state; \ + size_t l, i = 0; \ + \ +@@ -187,6 +188,7 @@ int log_syntax_internal(const char *unit + \ + FOREACH_WORD(w, l, rvalue, state) { \ + _cleanup_free_ char *en = NULL; \ ++ type *new_xs; \ + \ + en = strndup(w, l); \ + if (!en) \ +@@ -212,8 +214,10 @@ int log_syntax_internal(const char *unit + continue; \ + \ + *(xs + i) = x; \ +- xs = realloc(xs, (++i + 1) * sizeof(type)); \ +- if (!xs) \ ++ new_xs = realloc(xs, (++i + 1) * sizeof(type)); \ ++ if (new_xs) \ ++ xs = new_xs; \ ++ else \ + return -ENOMEM; \ + \ + *(xs + i) = invalid; \ +@@ -221,5 +225,7 @@ int log_syntax_internal(const char *unit + \ + free(*enums); \ + *enums = xs; \ ++ xs = NULL; \ ++ \ + return 0; \ + } diff --git a/0009-bus-fix-bus_print_property-to-use-int-for-booleans.patch b/0009-bus-fix-bus_print_property-to-use-int-for-booleans.patch new file mode 100644 index 00000000..381d0732 --- /dev/null +++ b/0009-bus-fix-bus_print_property-to-use-int-for-booleans.patch @@ -0,0 +1,29 @@ +From c2fa048c4a70c8386c6d8fe939e5ea9edecf1e98 Mon Sep 17 00:00:00 2001 +From: David Herrmann +Date: Thu, 18 Sep 2014 13:28:28 +0200 +Subject: [PATCH] bus: fix bus_print_property() to use "int" for booleans + +We always use "int" if we retrieve boolean values from sd-bus, as "bool" +is only a single byte, but full int on va-args. + +Thanks to Werner Fink for the report! +--- + src/libsystemd/sd-bus/bus-util.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git src/libsystemd/sd-bus/bus-util.c src/libsystemd/sd-bus/bus-util.c +index 7c6da60..9018bce 100644 +--- src/libsystemd/sd-bus/bus-util.c ++++ src/libsystemd/sd-bus/bus-util.c +@@ -631,7 +631,7 @@ int bus_print_property(const char *name, sd_bus_message *property, bool all) { + } + + case SD_BUS_TYPE_BOOLEAN: { +- bool b; ++ int b; + + r = sd_bus_message_read_basic(property, type, &b); + if (r < 0) +-- +1.7.9.2 + diff --git a/1080-udevd-parse_argv-warn-if-argumens-are-invalid.patch b/1080-udevd-parse_argv-warn-if-argumens-are-invalid.patch new file mode 100644 index 00000000..a623b566 --- /dev/null +++ b/1080-udevd-parse_argv-warn-if-argumens-are-invalid.patch @@ -0,0 +1,73 @@ +Based on 6f5cf8a8b1de763383f7382821147e538b7dbd6d Mon Sep 17 00:00:00 2001 +From: Tom Gundersen +Date: Thu, 18 Sep 2014 19:02:03 +0200 +Subject: [PATCH] udevd: parse_argv - warn if argumens are invalid + +Found by Coverity. Fixes CID #1238780. +--- + src/udev/udevd.c | 34 ++++++++++++++++++++++++++-------- + 1 file changed, 26 insertions(+), 8 deletions(-) + +--- src/udev/udevd.c ++++ src/udev/udevd.c 2014-09-19 10:36:25.602735652 +0000 +@@ -1002,11 +1002,20 @@ static void kernel_cmdline_options(struc + log_set_max_level(prio); + udev_set_log_priority(udev, prio); + } else if (startswith(opt, "udev.children-max=")) { +- children_max = strtoul(opt + 18, NULL, 0); ++ r = safe_atoi(opt + 18, &children_max); ++ if (r < 0) ++ log_warning("Invalid udev.children-max ignored: %s", opt + 18); + } else if (startswith(opt, "udev.exec-delay=")) { +- exec_delay = strtoul(opt + 16, NULL, 0); ++ r = safe_atoi(opt + 16, &exec_delay); ++ if (r < 0) ++ log_warning("Invalid udev.exec-delay ignored: %s", opt + 16); + } else if (startswith(opt, "udev.event-timeout=")) { +- event_timeout_usec = strtoul(opt + 16, NULL, 0) * USEC_PER_SEC; ++ r = safe_atou64(opt + 16, &event_timeout_usec); ++ if (r < 0) { ++ log_warning("Invalid udev.event-timeout ignored: %s", opt + 16); ++ break; ++ } ++ event_timeout_usec *= USEC_PER_SEC; + event_timeout_warn_usec = (event_timeout_usec / 3) ? : 1; + } + +@@ -1052,7 +1061,7 @@ int main(int argc, char *argv[]) { + label_init("/dev"); + + for (;;) { +- int option; ++ int option, r; + + option = getopt_long(argc, argv, "c:de:DtN:hV", options, NULL); + if (option == -1) +@@ -1063,14 +1072,23 @@ int main(int argc, char *argv[]) { + daemonize = true; + break; + case 'c': +- children_max = strtoul(optarg, NULL, 0); ++ r = safe_atoi(optarg, &children_max); ++ if (r < 0) ++ log_warning("Invalid --children-max ignored: %s", optarg); + break; + case 'e': +- exec_delay = strtoul(optarg, NULL, 0); ++ r = safe_atoi(optarg, &exec_delay); ++ if (r < 0) ++ log_warning("Invalid --exec-delay ignored: %s", optarg); + break; + case 't': +- event_timeout_usec = strtoul(optarg, NULL, 0) * USEC_PER_SEC; +- event_timeout_warn_usec = (event_timeout_usec / 3) ? : 1; ++ r = safe_atou64(optarg, &event_timeout_usec); ++ if (r < 0) ++ log_warning("Invalig --event-timeout ignored: %s", optarg); ++ else { ++ event_timeout_usec *= USEC_PER_SEC; ++ event_timeout_warn_usec = (event_timeout_usec / 3) ? : 1; ++ } + break; + case 'D': + debug = true; diff --git a/1081-udevd-check-return-of-various-functions.patch b/1081-udevd-check-return-of-various-functions.patch new file mode 100644 index 00000000..819e4499 --- /dev/null +++ b/1081-udevd-check-return-of-various-functions.patch @@ -0,0 +1,55 @@ +Based on d457ff8319b1e7c522c146f75e272f1226f4720c Mon Sep 17 00:00:00 2001 +From: Tom Gundersen +Date: Thu, 18 Sep 2014 19:07:02 +0200 +Subject: [PATCH] udevd: check return of various functions + +One reported by Coverity. Fixes CID #996252. +--- + src/udev/udevd.c | 20 ++++++++++++++++---- + 1 file changed, 16 insertions(+), 4 deletions(-) + +--- src/udev/udevd.c ++++ src/udev/udevd.c 2014-09-19 11:33:21.566236309 +0000 +@@ -1044,7 +1044,7 @@ int main(int argc, char *argv[]) { + int fd_worker = -1; + struct epoll_event ep_ctrl, ep_inotify, ep_signal, ep_netlink, ep_worker; + struct udev_ctrl_connection *ctrl_conn = NULL; +- int rc = 1; ++ int rc = 1, r; + + udev = udev_new(); + if (udev == NULL) +@@ -1058,7 +1058,11 @@ int main(int argc, char *argv[]) { + log_set_max_level(udev_get_log_priority(udev)); + + log_debug("version %s", VERSION); +- label_init("/dev"); ++ r = label_init("/dev"); ++ if (r < 0) { ++ log_error("could not initialize labelling: %s", strerror(-r)); ++ goto exit; ++ } + + for (;;) { + int option, r; +@@ -1137,10 +1141,18 @@ int main(int argc, char *argv[]) { + } + + /* set umask before creating any file/directory */ +- chdir("/"); ++ r = chdir("/"); ++ if (r < 0) { ++ log_error("could not change dir to /: %m"); ++ goto exit; ++ } + umask(022); + +- mkdir("/run/udev", 0755); ++ r = mkdir("/run/udev", 0755); ++ if (r < 0) { ++ log_error("could not create /run/udev: %m"); ++ goto exit; ++ } + + dev_setup(NULL); + diff --git a/1082-udevadm-hwdb-check-return-value-of-fseeko.patch b/1082-udevadm-hwdb-check-return-value-of-fseeko.patch new file mode 100644 index 00000000..27e6dc45 --- /dev/null +++ b/1082-udevadm-hwdb-check-return-value-of-fseeko.patch @@ -0,0 +1,45 @@ +From f901aaadd68050bc575c1c15b84f8f31fd4d494d Mon Sep 17 00:00:00 2001 +From: Tom Gundersen +Date: Thu, 18 Sep 2014 19:16:54 +0200 +Subject: [PATCH] udevadm: hwdb - check return value of fseeko() + +Fonud by Coverity. Fixes CID #996255. +--- + src/udev/udevadm-hwdb.c | 14 ++++++++++++-- + 1 file changed, 12 insertions(+), 2 deletions(-) + +diff --git src/udev/udevadm-hwdb.c src/udev/udevadm-hwdb.c +index 65cbf61..64273fb 100644 +--- src/udev/udevadm-hwdb.c ++++ src/udev/udevadm-hwdb.c +@@ -365,7 +365,12 @@ static int trie_store(struct trie *trie, const char *filename) { + fchmod(fileno(t.f), 0444); + + /* write nodes */ +- fseeko(t.f, sizeof(struct trie_header_f), SEEK_SET); ++ err = fseeko(t.f, sizeof(struct trie_header_f), SEEK_SET); ++ if (err < 0) { ++ fclose(t.f); ++ unlink_noerrno(filename_tmp); ++ return -errno; ++ } + root_off = trie_store_nodes(&t, trie->root); + h.nodes_root_off = htole64(root_off); + pos = ftello(t.f); +@@ -378,7 +383,12 @@ static int trie_store(struct trie *trie, const char *filename) { + /* write header */ + size = ftello(t.f); + h.file_size = htole64(size); +- fseeko(t.f, 0, SEEK_SET); ++ err = fseeko(t.f, 0, SEEK_SET); ++ if (err < 0) { ++ fclose(t.f); ++ unlink_noerrno(filename_tmp); ++ return -errno; ++ } + fwrite(&h, sizeof(struct trie_header_f), 1, t.f); + err = ferror(t.f); + if (err) +-- +1.7.9.2 + diff --git a/1083-udev-node-warn-if-chmod-chown-fails.patch b/1083-udev-node-warn-if-chmod-chown-fails.patch new file mode 100644 index 00000000..0b78f626 --- /dev/null +++ b/1083-udev-node-warn-if-chmod-chown-fails.patch @@ -0,0 +1,34 @@ +From 543afdc63c02a5af3cf6bd2a264162f23474346a Mon Sep 17 00:00:00 2001 +From: Tom Gundersen +Date: Thu, 18 Sep 2014 19:22:09 +0200 +Subject: [PATCH] udev: node - warn if chmod/chown fails + +No functional change, just log the warning. + +Fonud by Coverity. Fixes CID #1237544. +--- + src/udev/udev-node.c | 8 ++++++-- + 1 file changed, 6 insertions(+), 2 deletions(-) + +diff --git src/udev/udev-node.c src/udev/udev-node.c +index c164603..8ef7889 100644 +--- src/udev/udev-node.c ++++ src/udev/udev-node.c +@@ -281,8 +281,12 @@ static int node_permissions_apply(struct udev_device *dev, bool apply, + + if ((stats.st_mode & 0777) != (mode & 0777) || stats.st_uid != uid || stats.st_gid != gid) { + log_debug("set permissions %s, %#o, uid=%u, gid=%u", devnode, mode, uid, gid); +- chmod(devnode, mode); +- chown(devnode, uid, gid); ++ err = chmod(devnode, mode); ++ if (err < 0) ++ log_warning("setting mode of %s to %#o failed: %m", devnode, mode); ++ err = chown(devnode, uid, gid); ++ if (err < 0) ++ log_warning("setting owner of %s to uid=%u, gid=%u failed: %m", devnode, uid, gid); + } else { + log_debug("preserve permissions %s, %#o, uid=%u, gid=%u", devnode, mode, uid, gid); + } +-- +1.7.9.2 + diff --git a/1084-udev-ctrl-log-if-setting-SO_PASSCRED-fails.patch b/1084-udev-ctrl-log-if-setting-SO_PASSCRED-fails.patch new file mode 100644 index 00000000..1e8f4fcf --- /dev/null +++ b/1084-udev-ctrl-log-if-setting-SO_PASSCRED-fails.patch @@ -0,0 +1,45 @@ +Based on 4bbdff757ed4e718a3348b93439a03055cc5e3bc Mon Sep 17 00:00:00 2001 +From: Tom Gundersen +Date: Thu, 18 Sep 2014 19:26:11 +0200 +Subject: [PATCH] udev: ctrl - log if setting SO_PASSCRED fails + +No functional change. + +Found by Coverity. Fixes CID #1237533. +--- + src/udev/udev-ctrl.c | 10 ++++++++-- + 1 file changed, 8 insertions(+), 2 deletions(-) + +--- src/udev/udev-ctrl.c ++++ src/udev/udev-ctrl.c 2014-09-19 10:45:55.494236229 +0000 +@@ -74,6 +74,7 @@ struct udev_ctrl *udev_ctrl_new_from_fd( + { + struct udev_ctrl *uctrl; + const int on = 1; ++ int r; + + uctrl = new0(struct udev_ctrl, 1); + if (uctrl == NULL) +@@ -92,7 +93,9 @@ struct udev_ctrl *udev_ctrl_new_from_fd( + uctrl->bound = true; + uctrl->sock = fd; + } +- setsockopt(uctrl->sock, SOL_SOCKET, SO_PASSCRED, &on, sizeof(on)); ++ r = setsockopt(uctrl->sock, SOL_SOCKET, SO_PASSCRED, &on, sizeof(on)); ++ if (r < 0) ++ log_warning("could not set SO_PASSCRED: %m"); + + uctrl->saddr.sun_family = AF_LOCAL; + strscpy(uctrl->saddr.sun_path, sizeof(uctrl->saddr.sun_path), "/run/udev/control"); +@@ -209,7 +212,10 @@ struct udev_ctrl_connection *udev_ctrl_g + } + + /* enable receiving of the sender credentials in the messages */ +- setsockopt(conn->sock, SOL_SOCKET, SO_PASSCRED, &on, sizeof(on)); ++ r = setsockopt(conn->sock, SOL_SOCKET, SO_PASSCRED, &on, sizeof(on)); ++ if (r < 0) ++ log_warning("colud not set SO_PASSCRED: %m"); ++ + udev_ctrl_ref(uctrl); + return conn; + err: diff --git a/1085-udev-fix-typos.patch b/1085-udev-fix-typos.patch new file mode 100644 index 00000000..f6476200 --- /dev/null +++ b/1085-udev-fix-typos.patch @@ -0,0 +1,33 @@ +Based on 65fea570f03df51dadc06a3e0d261a71fe62aa01 Mon Sep 17 00:00:00 2001 +From: Tom Gundersen +Date: Thu, 18 Sep 2014 20:25:33 +0200 +Subject: [PATCH] udev: fix typos + +Spotted by Andreas Henriksson. +--- + src/udev/udev-ctrl.c | 2 +- + src/udev/udevd.c | 2 +- + 2 files changed, 2 insertions(+), 2 deletions(-) + +--- src/udev/udev-ctrl.c ++++ src/udev/udev-ctrl.c 2014-09-19 00:00:00.000000000 +0000 +@@ -214,7 +214,7 @@ struct udev_ctrl_connection *udev_ctrl_g + /* enable receiving of the sender credentials in the messages */ + r = setsockopt(conn->sock, SOL_SOCKET, SO_PASSCRED, &on, sizeof(on)); + if (r < 0) +- log_warning("colud not set SO_PASSCRED: %m"); ++ log_warning("could not set SO_PASSCRED: %m"); + + udev_ctrl_ref(uctrl); + return conn; +--- src/udev/udevd.c ++++ src/udev/udevd.c 2014-09-19 10:47:36.306235720 +0000 +@@ -1088,7 +1088,7 @@ int main(int argc, char *argv[]) { + case 't': + r = safe_atou64(optarg, &event_timeout_usec); + if (r < 0) +- log_warning("Invalig --event-timeout ignored: %s", optarg); ++ log_warning("Invalid --event-timeout ignored: %s", optarg); + else { + event_timeout_usec *= USEC_PER_SEC; + event_timeout_warn_usec = (event_timeout_usec / 3) ? : 1; diff --git a/1086-udevd-don-t-fail-if-run-udev-exists.patch b/1086-udevd-don-t-fail-if-run-udev-exists.patch new file mode 100644 index 00000000..7f574d6a --- /dev/null +++ b/1086-udevd-don-t-fail-if-run-udev-exists.patch @@ -0,0 +1,25 @@ +From 25773e7fc59b4ce53d67da4e18bfe4d13ab0b14b Mon Sep 17 00:00:00 2001 +From: Tom Gundersen +Date: Thu, 18 Sep 2014 21:57:49 +0200 +Subject: [PATCH] udevd: don't fail if /run/udev exists + +--- + src/udev/udevd.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git src/udev/udevd.c src/udev/udevd.c +index 37db81c..29ccb51 100644 +--- src/udev/udevd.c ++++ src/udev/udevd.c +@@ -1155,7 +1155,7 @@ int main(int argc, char *argv[]) { + umask(022); + + r = mkdir("/run/udev", 0755); +- if (r < 0) { ++ if (r < 0 && errno != EEXIST) { + log_error("could not create /run/udev: %m"); + goto exit; + } +-- +1.7.9.2 + diff --git a/systemd-mini.changes b/systemd-mini.changes index 6299a5c6..d2bbba4a 100644 --- a/systemd-mini.changes +++ b/systemd-mini.changes @@ -1,3 +1,54 @@ +------------------------------------------------------------------- +Fri Sep 19 13:08:14 UTC 2014 - werner@suse.de + +- Add patch 0001-bnc888612-logind-polkit-acpi.patch from Frederic + to solve bnc#888612 - AUDIT-0: Power button press at gdm login + should not prompt for credentials + +------------------------------------------------------------------- +Fri Sep 19 11:36:48 UTC 2014 - werner@suse.de + +- Add upstream bugfix patches + 0001-journal-Do-not-count-on-the-compiler-initializing-fo.patch + 0002-include-fcntl.h-rather-than-sys-fcntl.h.patch + 0003-mount-order-options-before-other-arguments-to-mount.patch + 0004-shared-wtmp-utmp-don-t-clear-store_wtmp-in-utmp_put_.patch + 0005-shared-label.h-add-missing-stdio.h-include.patch + 0006-shared-sparse-endian.h-add-missing-byteswap.h-includ.patch + 0007-libudev-monitor-warn-if-we-fail-to-request-SO_PASSCR.patch + 0008-shared-conf-parser-don-t-leak-memory-on-error-in-DEF.patch + 1080-udevd-parse_argv-warn-if-argumens-are-invalid.patch + 1081-udevd-check-return-of-various-functions.patch + 1082-udevadm-hwdb-check-return-value-of-fseeko.patch + 1083-udev-node-warn-if-chmod-chown-fails.patch + 1084-udev-ctrl-log-if-setting-SO_PASSCRED-fails.patch + 1085-udev-fix-typos.patch + 1086-udevd-don-t-fail-if-run-udev-exists.patch + +------------------------------------------------------------------- +Thu Sep 18 13:21:45 UTC 2014 - werner@suse.de + +- Add upstream bugfix patches + 0001-core-fix-resource-leak-in-manager_environment_add.patch + 0002-util-remove-a-unnecessary-check.patch + 0003-udev-event-explicitly-don-t-read-from-invalid-fd.patch + 0004-shared-conf-parser.patch + 0005-logind-fix-typo.patch + 0006-systemctl-fix-resource-leak-CID-1237747.patch + 0007-libudev-monitor-warn-if-we-fail-to-request-SO_PASSCR.patch + 0008-shared-conf-parser-don-t-leak-memory-on-error-in-DEF.patc + 0009-bus-fix-bus_print_property-to-use-int-for-booleans.patch +- Remove 0001-sizeof-bool-used-by-gcc-depends-on-arch.patch as + 0009-bus-fix-bus_print_property-to-use-int-for-booleans.patch + is the upstream solution + +------------------------------------------------------------------- +Wed Sep 17 16:02:33 UTC 2014 - werner@suse.de + +- Add patch 0001-sizeof-bool-used-by-gcc-depends-on-arch.patch to + fix for the size of the gcc builtin type bool also known as _Bool + from the include header stdbool.h. + ------------------------------------------------------------------- Tue Sep 16 10:45:33 UTC 2014 - werner@suse.de diff --git a/systemd-mini.spec b/systemd-mini.spec index 09ccb39c..01e97923 100644 --- a/systemd-mini.spec +++ b/systemd-mini.spec @@ -856,6 +856,38 @@ Patch412: 0008-core-smack-setup-Actually-allow-for-succesfully-load.patch Patch413: 0009-journal-do-not-leak-mmaps-on-OOM.patch # PATCH-FIX-UPSTREAM added at 2014/09/16 Patch414: 0010-manager-use-correct-cleanup-function.patch +# PATCH-FIX-UPSTREAM added at 2014/09/18 +Patch415: 0001-core-fix-resource-leak-in-manager_environment_add.patch +# PATCH-FIX-UPSTREAM added at 2014/09/18 +Patch416: 0002-util-remove-a-unnecessary-check.patch +# PATCH-FIX-UPSTREAM added at 2014/09/18 +Patch417: 0003-udev-event-explicitly-don-t-read-from-invalid-fd.patch +# PATCH-FIX-UPSTREAM added at 2014/09/18 +Patch418: 0004-shared-conf-parser.patch +# PATCH-FIX-UPSTREAM added at 2014/09/18 +Patch419: 0005-logind-fix-typo.patch +# PATCH-FIX-UPSTREAM added at 2014/09/18 +Patch420: 0006-systemctl-fix-resource-leak-CID-1237747.patch +# PATCH-FIX-UPSTREAM added at 2014/09/16 +Patch421: 0007-libudev-monitor-warn-if-we-fail-to-request-SO_PASSCR.patch +# PATCH-FIX-UPSTREAM added at 2014/09/18 +Patch422: 0008-shared-conf-parser-don-t-leak-memory-on-error-in-DEF.patch +# PATCH-FIX-UPSTREAM added at 2014/09/18 -- Be aware that the size of the type bool may vary +Patch423: 0009-bus-fix-bus_print_property-to-use-int-for-booleans.patch +# PATCH-FIX-UPSTREAM added at 2014/09/19 +Patch424: 0001-journal-Do-not-count-on-the-compiler-initializing-fo.patch +# PATCH-FIX-UPSTREAM added at 2014/09/19 +Patch425: 0002-include-fcntl.h-rather-than-sys-fcntl.h.patch +# PATCH-FIX-UPSTREAM added at 2014/09/19 +Patch426: 0003-mount-order-options-before-other-arguments-to-mount.patch +# PATCH-FIX-UPSTREAM added at 2014/09/19 +Patch427: 0004-shared-wtmp-utmp-don-t-clear-store_wtmp-in-utmp_put_.patch +# PATCH-FIX-UPSTREAM added at 2014/09/19 +Patch428: 0005-shared-label.h-add-missing-stdio.h-include.patch +# PATCH-FIX-UPSTREAM added at 2014/09/19 +Patch429: 0006-shared-sparse-endian.h-add-missing-byteswap.h-includ.patch +# PATCH-FIX-SUSE AUDIT-0: Power button press at gdm login should not prompt for credentials (bnc#888612) +Patch430: 0001-bnc888612-logind-polkit-acpi.patch # UDEV PATCHES # ============ @@ -1021,6 +1053,20 @@ Patch1077: 1077-udev-timeout-warn-after-a-third-of-the-timeout-befor.patch Patch1078: 1078-udev-remove-userspace-firmware-loading-support.patch # PATCH-FIX-UPSTREAM 1079-udev-remove-userspace-firmware-loading-support.patch Patch1079: 1079-udev-remove-userspace-firmware-loading-support.patch +# PATCH-FIX-UPSTREAM 1080-udevd-parse_argv-warn-if-argumens-are-invalid.patch +Patch1080: 1080-udevd-parse_argv-warn-if-argumens-are-invalid.patch +# PATCH-FIX-UPSTREAM 1081-udevd-check-return-of-various-functions.patch +Patch1081: 1081-udevd-check-return-of-various-functions.patch +# PATCH-FIX-UPSTREAM 1082-udevadm-hwdb-check-return-value-of-fseeko.patch +Patch1082: 1082-udevadm-hwdb-check-return-value-of-fseeko.patch +# PATCH-FIX-UPSTREAM 1083-udev-node-warn-if-chmod-chown-fails.patch +Patch1083: 1083-udev-node-warn-if-chmod-chown-fails.patch +# PATCH-FIX-UPSTREAM 1084-udev-ctrl-log-if-setting-SO_PASSCRED-fails.patch +Patch1084: 1084-udev-ctrl-log-if-setting-SO_PASSCRED-fails.patch +# PATCH-FIX-UPSTREAM 1085-udev-fix-typos.patch +Patch1085: 1085-udev-fix-typos.patch +# PATCH-FIX-UPSTREAM 1085-udevd-don-t-fail-if-run-udev-exists.patch +Patch1086: 1086-udevd-don-t-fail-if-run-udev-exists.patch %description Systemd is a system and service manager, compatible with SysV and LSB @@ -1596,6 +1642,22 @@ cp %{SOURCE7} m4/ %patch412 -p0 %patch413 -p0 %patch414 -p0 +%patch415 -p0 +%patch416 -p0 +%patch417 -p0 +%patch418 -p0 +%patch419 -p0 +%patch420 -p0 +%patch421 -p0 +%patch422 -p0 +%patch423 -p0 +%patch424 -p0 +%patch425 -p0 +%patch426 -p0 +%patch427 -p0 +%patch428 -p0 +%patch429 -p0 +%patch430 -p1 # udev patches %patch1001 -p1 @@ -1706,6 +1768,13 @@ cp %{SOURCE7} m4/ %patch1078 -p1 %endif %endif +%patch1080 -p0 +%patch1081 -p0 +%patch1082 -p0 +%patch1083 -p0 +%patch1084 -p0 +%patch1085 -p0 +%patch1086 -p0 # remove patch backups find -name '*.orig' -exec rm -f '{}' \+ diff --git a/systemd.changes b/systemd.changes index 6299a5c6..d2bbba4a 100644 --- a/systemd.changes +++ b/systemd.changes @@ -1,3 +1,54 @@ +------------------------------------------------------------------- +Fri Sep 19 13:08:14 UTC 2014 - werner@suse.de + +- Add patch 0001-bnc888612-logind-polkit-acpi.patch from Frederic + to solve bnc#888612 - AUDIT-0: Power button press at gdm login + should not prompt for credentials + +------------------------------------------------------------------- +Fri Sep 19 11:36:48 UTC 2014 - werner@suse.de + +- Add upstream bugfix patches + 0001-journal-Do-not-count-on-the-compiler-initializing-fo.patch + 0002-include-fcntl.h-rather-than-sys-fcntl.h.patch + 0003-mount-order-options-before-other-arguments-to-mount.patch + 0004-shared-wtmp-utmp-don-t-clear-store_wtmp-in-utmp_put_.patch + 0005-shared-label.h-add-missing-stdio.h-include.patch + 0006-shared-sparse-endian.h-add-missing-byteswap.h-includ.patch + 0007-libudev-monitor-warn-if-we-fail-to-request-SO_PASSCR.patch + 0008-shared-conf-parser-don-t-leak-memory-on-error-in-DEF.patch + 1080-udevd-parse_argv-warn-if-argumens-are-invalid.patch + 1081-udevd-check-return-of-various-functions.patch + 1082-udevadm-hwdb-check-return-value-of-fseeko.patch + 1083-udev-node-warn-if-chmod-chown-fails.patch + 1084-udev-ctrl-log-if-setting-SO_PASSCRED-fails.patch + 1085-udev-fix-typos.patch + 1086-udevd-don-t-fail-if-run-udev-exists.patch + +------------------------------------------------------------------- +Thu Sep 18 13:21:45 UTC 2014 - werner@suse.de + +- Add upstream bugfix patches + 0001-core-fix-resource-leak-in-manager_environment_add.patch + 0002-util-remove-a-unnecessary-check.patch + 0003-udev-event-explicitly-don-t-read-from-invalid-fd.patch + 0004-shared-conf-parser.patch + 0005-logind-fix-typo.patch + 0006-systemctl-fix-resource-leak-CID-1237747.patch + 0007-libudev-monitor-warn-if-we-fail-to-request-SO_PASSCR.patch + 0008-shared-conf-parser-don-t-leak-memory-on-error-in-DEF.patc + 0009-bus-fix-bus_print_property-to-use-int-for-booleans.patch +- Remove 0001-sizeof-bool-used-by-gcc-depends-on-arch.patch as + 0009-bus-fix-bus_print_property-to-use-int-for-booleans.patch + is the upstream solution + +------------------------------------------------------------------- +Wed Sep 17 16:02:33 UTC 2014 - werner@suse.de + +- Add patch 0001-sizeof-bool-used-by-gcc-depends-on-arch.patch to + fix for the size of the gcc builtin type bool also known as _Bool + from the include header stdbool.h. + ------------------------------------------------------------------- Tue Sep 16 10:45:33 UTC 2014 - werner@suse.de diff --git a/systemd.spec b/systemd.spec index 17b43729..7f58d45c 100644 --- a/systemd.spec +++ b/systemd.spec @@ -851,6 +851,38 @@ Patch412: 0008-core-smack-setup-Actually-allow-for-succesfully-load.patch Patch413: 0009-journal-do-not-leak-mmaps-on-OOM.patch # PATCH-FIX-UPSTREAM added at 2014/09/16 Patch414: 0010-manager-use-correct-cleanup-function.patch +# PATCH-FIX-UPSTREAM added at 2014/09/18 +Patch415: 0001-core-fix-resource-leak-in-manager_environment_add.patch +# PATCH-FIX-UPSTREAM added at 2014/09/18 +Patch416: 0002-util-remove-a-unnecessary-check.patch +# PATCH-FIX-UPSTREAM added at 2014/09/18 +Patch417: 0003-udev-event-explicitly-don-t-read-from-invalid-fd.patch +# PATCH-FIX-UPSTREAM added at 2014/09/18 +Patch418: 0004-shared-conf-parser.patch +# PATCH-FIX-UPSTREAM added at 2014/09/18 +Patch419: 0005-logind-fix-typo.patch +# PATCH-FIX-UPSTREAM added at 2014/09/18 +Patch420: 0006-systemctl-fix-resource-leak-CID-1237747.patch +# PATCH-FIX-UPSTREAM added at 2014/09/16 +Patch421: 0007-libudev-monitor-warn-if-we-fail-to-request-SO_PASSCR.patch +# PATCH-FIX-UPSTREAM added at 2014/09/18 +Patch422: 0008-shared-conf-parser-don-t-leak-memory-on-error-in-DEF.patch +# PATCH-FIX-UPSTREAM added at 2014/09/18 -- Be aware that the size of the type bool may vary +Patch423: 0009-bus-fix-bus_print_property-to-use-int-for-booleans.patch +# PATCH-FIX-UPSTREAM added at 2014/09/19 +Patch424: 0001-journal-Do-not-count-on-the-compiler-initializing-fo.patch +# PATCH-FIX-UPSTREAM added at 2014/09/19 +Patch425: 0002-include-fcntl.h-rather-than-sys-fcntl.h.patch +# PATCH-FIX-UPSTREAM added at 2014/09/19 +Patch426: 0003-mount-order-options-before-other-arguments-to-mount.patch +# PATCH-FIX-UPSTREAM added at 2014/09/19 +Patch427: 0004-shared-wtmp-utmp-don-t-clear-store_wtmp-in-utmp_put_.patch +# PATCH-FIX-UPSTREAM added at 2014/09/19 +Patch428: 0005-shared-label.h-add-missing-stdio.h-include.patch +# PATCH-FIX-UPSTREAM added at 2014/09/19 +Patch429: 0006-shared-sparse-endian.h-add-missing-byteswap.h-includ.patch +# PATCH-FIX-SUSE AUDIT-0: Power button press at gdm login should not prompt for credentials (bnc#888612) +Patch430: 0001-bnc888612-logind-polkit-acpi.patch # UDEV PATCHES # ============ @@ -1016,6 +1048,20 @@ Patch1077: 1077-udev-timeout-warn-after-a-third-of-the-timeout-befor.patch Patch1078: 1078-udev-remove-userspace-firmware-loading-support.patch # PATCH-FIX-UPSTREAM 1079-udev-remove-userspace-firmware-loading-support.patch Patch1079: 1079-udev-remove-userspace-firmware-loading-support.patch +# PATCH-FIX-UPSTREAM 1080-udevd-parse_argv-warn-if-argumens-are-invalid.patch +Patch1080: 1080-udevd-parse_argv-warn-if-argumens-are-invalid.patch +# PATCH-FIX-UPSTREAM 1081-udevd-check-return-of-various-functions.patch +Patch1081: 1081-udevd-check-return-of-various-functions.patch +# PATCH-FIX-UPSTREAM 1082-udevadm-hwdb-check-return-value-of-fseeko.patch +Patch1082: 1082-udevadm-hwdb-check-return-value-of-fseeko.patch +# PATCH-FIX-UPSTREAM 1083-udev-node-warn-if-chmod-chown-fails.patch +Patch1083: 1083-udev-node-warn-if-chmod-chown-fails.patch +# PATCH-FIX-UPSTREAM 1084-udev-ctrl-log-if-setting-SO_PASSCRED-fails.patch +Patch1084: 1084-udev-ctrl-log-if-setting-SO_PASSCRED-fails.patch +# PATCH-FIX-UPSTREAM 1085-udev-fix-typos.patch +Patch1085: 1085-udev-fix-typos.patch +# PATCH-FIX-UPSTREAM 1085-udevd-don-t-fail-if-run-udev-exists.patch +Patch1086: 1086-udevd-don-t-fail-if-run-udev-exists.patch %description Systemd is a system and service manager, compatible with SysV and LSB @@ -1591,6 +1637,22 @@ cp %{SOURCE7} m4/ %patch412 -p0 %patch413 -p0 %patch414 -p0 +%patch415 -p0 +%patch416 -p0 +%patch417 -p0 +%patch418 -p0 +%patch419 -p0 +%patch420 -p0 +%patch421 -p0 +%patch422 -p0 +%patch423 -p0 +%patch424 -p0 +%patch425 -p0 +%patch426 -p0 +%patch427 -p0 +%patch428 -p0 +%patch429 -p0 +%patch430 -p1 # udev patches %patch1001 -p1 @@ -1701,6 +1763,13 @@ cp %{SOURCE7} m4/ %patch1078 -p1 %endif %endif +%patch1080 -p0 +%patch1081 -p0 +%patch1082 -p0 +%patch1083 -p0 +%patch1084 -p0 +%patch1085 -p0 +%patch1086 -p0 # remove patch backups find -name '*.orig' -exec rm -f '{}' \+