- Import commit 4e6e66ea94cf5125f9044f0869939a86801ed2d8
430877e794 pam-systemd: use secure_getenv() rather than getenv() (bsc#1132348 CVE-2019-3842)
3cff2e6514 man: document that if the main process exits after SIGTERM we go directly to SIGKILL
26c4f7191c bus: fix memleak on invalid message
- systemd-coredump: generate a stack trace of all core dumps (bsc#1128832)
This stack trace is logged to the journal.
OBS-URL: https://build.opensuse.org/request/show/693791
OBS-URL: https://build.opensuse.org/package/show/Base:System/systemd?expand=0&rev=1058
- Import commit 01b4746d3c6f6cbf969fa2176c77ac3f616a7eda
7af53e005b sd-bus: if we receive an invalid dbus message, ignore and proceeed
92dcbfdd7f bus: move BUS_DONT_DESTROY calls after asserts
a83e7b3b43 automount: don't pass non-blocking pipe to kernel.
726127ea1d units: make sure initrd-cleanup.service terminates before switching to rootfs (bsc#1123333)
a6347a3cb6 core: Fix use after free case in load_from_path() (bsc#1121563)
22e2550222 strv: rework FOREACH_STRING() macro (bsc#1121563)
2ddd38f41a test,systemctl,nspawn: use "const char*" instead of "char*" as iterator for FOREACH_STRING()
c2c8333e0b strv: add new macro STARTSWITH_SET()
1db243a601 Update systemd-system.conf.xml (bsc#1122000)
OBS-URL: https://build.opensuse.org/request/show/676380
OBS-URL: https://build.opensuse.org/package/show/Base:System/systemd?expand=0&rev=1051
- Import commit ad34cc45f63720ced69960dc66b47bddb146176d
Import a bunch of fixes from stable/v239-stable:
c8293f5af4 Revert "network: set DynamicUser= to systemd-networkd.service"
7f605592e6 Revert "resolve: enable DynamicUser= for systemd-resolved.service"
5a48e92e06 test: Fix networkd test for an already running service
36eae1688b Revert "timesyncd: enable DynamicUser="
3a11f24cf0 Revert "unit: drop After=systemd-sysusers.service from timesyncd"
23cfd15ce9 machinectl: fix verbosity of import-raw or friends
ba037daf29 Make bzip2 an optional dependency for systemd-importd
fb609d2721 pull: initialize libgcrypt before calling any functions provided by libgcrypt
c50857bc6b hwdb: remove stray 'i' in hwdb match string for the HP Spectre (#9571)
9a12fd17f5 man: Mention that paths in unit files must be fully normalized.
76fc2ab4a6 tree-wide: use instead of #ifdef for HAVE_*
fcc699c093 network: update log message
a4f497b2cd Use #if instead of #ifdef for ENABLE_GSHADOW
121c662eb8 man: add missing option for system.conf
564341146e core: add missing option and drop nonexistent option in system.conf
7082a3599f journal: add missing option in journald.conf
3c15efa9c1 basic: add missing comma in raw_clone assembly for sparc
4c210b6dce cryptsetup: Add dependency on loopback setup to generated units
c777fbbe3e journal-gateway: use localStorage["cursor"] only when it has valid value
c5b1bef639 journal-gateway: explicitly declare local variables
2361522ca6 analyze: actually select longest activated-time of services
3e810d92d9 sd-bus: fix implicit downcast of bitfield reported by LGTM
aef660a4cf resolvconf: fixes for the compatibility interface
06b3f54f50 install: fix error handling in is_symlink_with_known_name()
f70ab9a468 portable: fix error handling
d2c40d4e80 resolve: fix return value type of dns_answer_has_dname_for_cname()
6f684e0670 resolve: dns_scope_network_good() does not returns negative errno
15d83e1138 bus-util: fix error handling
OBS-URL: https://build.opensuse.org/request/show/666162
OBS-URL: https://build.opensuse.org/package/show/Base:System/systemd?expand=0&rev=1050
- Import commit 3bece8a25ae11e8ec132cdecc7e72a00ee790994
89a9721a47 Revert "logind: become the controlling terminal process before restoring VT" (bsc#1120836)
c3a8dc821b pam_systemd: reword message about not creating a session
0ba0f5b3ef pam_systemd: suppress LOG_DEBUG log messages if debugging is off
- Import commit a3b059a8c60622e4ec30aabda93c6b41d0953dc4
9dbe9f12ec journal-remote: set a limit on the number of fields in a message (CVE-2018-16865 bsc#1120323)
61d569ab1b journal-remote: verify entry length from header
a08760b26c µhttpd: use a cleanup function to call MHD_destroy_response
43f46a1a3d journal-gateway: use _cleanup_ attribute to stop microhttpd daemon
437b0b2d01 journald: lower the maximum entry size limit to ½ for non-sealed fds
ac9e209710 journald: when processing a native message, bail more quickly on overbig messages
ce103705b9 journald: set a limit on the number of fields (1k) (CVE-2018-16865 bsc#1120323)
35538171c2 coredump: fix message when we fail to save a journald coredump
cfe247b555 basic/process-util: limit command line lengths to _SC_ARG_MAX
9d59e6f6ee journald: do not store the iovec entry for process commandline on stack (CVE-2018-16864 bsc#1120323)
8d650a68d4 journald: remove unnecessary {}
b608f532a4 coredump: remove duplicate MESSAGE= prefix from message
0dbb2dc066 vconsole-setup: fonts copy will fail if the current terminal is in graphical mode (bsc#1114933)
e501d65540 Revert "systemctl: when removing enablement or mask symlinks, cover both /run and /etc"
d3ea69961f fs-util: rename safe_transition() into unsafe_transition()
338470fdc9 tmpfiles: use CHASE_WARN in addition to CHASE_SAFE
d9ae1b30da fs-util: make chase_symlink() returns -ENOLINK when unsafe transitions are met
8b76594d1f fs-util: add new CHASE_WARN flag to chase_symlinks()
OBS-URL: https://build.opensuse.org/request/show/664420
OBS-URL: https://build.opensuse.org/package/show/Base:System/systemd?expand=0&rev=1049
- Import commit 8ae56af7802ef8f91fac64fa244d62a4468fbbd5
4474878178 udev-builtin-kmod: adjust logging
805534aff5 core: use the generic module_load() function
ac7e902530 shared/module-util: fix preexisting mixup with errno sign
415aa40793 udev-builtin-kmod: use the generic module_load() function
8a36b4bac6 Move module-util.h to src/shared/ and load_module() to libshared
999b910752 core/kmod-setup: restore comments
1f2b822a21 logind: stop managing VT switches if no sessions are registered on that VT
5ad8d374c5 terminal-util: introduce vt_release() helper
145d492490 logind: become the controlling terminal process before restoring VT (bsc#1101591)
d4b5dbc033 terminal-util: introduce vt_restore() helper
2e8af185f0 logind: make session_restore_vt() static
ff3048364f udev: downgrade message when we fail to set inotify watch up (bsc#1005023)
- Fix the test for figuring out if /etc/machine-id is writable in %post (bsc#1117063)
"test -w" always returns true for root user even if the writable
mode bits are not set. Fix this by testing the file mode bit value
instead.
- Move systemd-sysv-convert from /usr/sbin to /usr/lib/systemd
This tool is not supposed to be run by users.
- Import commit 8ae56af7802ef8f91fac64fa244d62a4468fbbd5
4474878178 udev-builtin-kmod: adjust logging
805534aff5 core: use the generic module_load() function
ac7e902530 shared/module-util: fix preexisting mixup with errno sign
415aa40793 udev-builtin-kmod: use the generic module_load() function
8a36b4bac6 Move module-util.h to src/shared/ and load_module() to libshared
999b910752 core/kmod-setup: restore comments
1f2b822a21 logind: stop managing VT switches if no sessions are registered on that VT
OBS-URL: https://build.opensuse.org/request/show/653864
OBS-URL: https://build.opensuse.org/package/show/Base:System/systemd?expand=0&rev=1048
- Add 0001-logind-keep-backward-compatibility-with-UserTasksMax.patch
We have to keep support for UserTasksMax= for a while before
dropping it. This patch is supposed to do that and also to make
users aware of this change. It also hints how to configure that
differently.
- Import commit f39674d6d114d999c50672c7bea8cad21e1eaed9
7d1e04e85 units: use =yes rather than =true everywhere
185ce0d34 units: assign user-runtime-dir@.service to user-%i.slice
a051f5e41 units: make sure user-runtime-dir@.service is Type=oneshot
30c6842c3 units: set StopWhenUnneeded= for the user slice units too
e74de046e login: fix typo in log message
OBS-URL: https://build.opensuse.org/request/show/646968
OBS-URL: https://build.opensuse.org/package/show/Base:System/systemd?expand=0&rev=1045
- Own %{_libexecdir}/modules-load.d (again)
This was incorrectly dropped during the split of the SUSE specific
configurations.
- Drop a Conflicts: in systemd-coredump
It not needed anymore since the mini variant of systemd-coredump is
not built anymore.
- Import commit b54f5d7a8b41898ce98f43cd1a6cc92c0071806d
5def29d24 coredump: only install coredump.conf when ENABLED_COREDUMP=true
9133e2d6e dhcp6: make sure we have enough space for the DHCP6 option header (bsc#1113632 CVE-2018-15688)
ebc3fa418 dhcp6: split assert_return() to be more debuggable when hit
51eefb6ac chown-recursive: let's rework the recursive logic to use O_PATH (bsc#1113666 CVE-2018-15687)
e1e1aa237 core: skip unit deserialization and move to the next one when unit_deserialize() fails
1c726c87d core: when deserializing state always use read_line(…, LONG_LINE_MAX, …) (bsc#1113665 CVE-2018-15686)
4cd7d11ac core: don't create Requires for workdir if "missing ok" (bsc#1113083)
- Make systemd-coredump sub-package optional
and don't build the mini variant.
- Drop duplicated %{?mini} suffix for systemd-{container,coredump} subpackages
"-mini" is already part of the name of the main package so there's
no need to append it again for those sub packages. It's only needed
when the name of a subpackage is completely redefined, IOW when '-n'
option is used with the %package directive.
- Dont ship /usr/sbin/resolvconf symlink for now
It conflicts with the bin shipped by openresolv and provides
limited compat only.
OBS-URL: https://build.opensuse.org/request/show/646424
OBS-URL: https://build.opensuse.org/package/show/Base:System/systemd?expand=0&rev=1044
- Ship systemd-sysv-install helper via the main package
This script was part of systemd-sysvinit sub-package but it was
wrong since systemd-sysv-install is a script used to redirect
enable/disable operations to chkconfig when the unit targets are
sysv init scripts. Therefore it's never been a SySV init tool.
While at it, don't ship this script (as well as
systemd-sysv-convert) when sysvcompat is not defined.
- Import commit 19b3868d32af20f1ecc86fe3c997144ff456fd65
06c2284d64 core: introduce systemd.early_core_pattern= kernel cmdline option
479b002083 core: add missing 'continue' statement
c7fbccc62e journald: don't ship systemd-journald-audit.socket (bsc#1109252)
f17a6c790c detect-virt: do not try to read all of /proc/cpuinfo (bsc#1109197)
5a1aa84544 compat-rules: generate more compat by-id symlinks for NVMe devices (bsc#1095096)
OBS-URL: https://build.opensuse.org/request/show/642103
OBS-URL: https://build.opensuse.org/package/show/Base:System/systemd?expand=0&rev=1041
- Import commit a67b516d49115a5be0f2ac27a2874cee6c59a7ae
f8457adf9d emergency: make sure console password agents don't interfere with the emergency shell
b8bbb50634 man: document that 'nofail' also has an effect on ordering
a5410b2229 journald: take leading spaces into account in syslog_parse_identifier
b793c312c7 journal: do not remove multiple spaces after identifier in syslog message
f9595f0481 syslog: fix segfault in syslog_parse_priority()
d464f06934 journal: fix syslog_parse_identifier()
e70422883a socket-util: attempt SO_RCVBUFFORCE/SO_SNDBUFFORCE only if SO_RCVBUF/SO_SNDBUF fails (bsc#991901)
OBS-URL: https://build.opensuse.org/request/show/638970
OBS-URL: https://build.opensuse.org/package/show/Base:System/systemd?expand=0&rev=1040
- Import commit cc55f1ea9e1c1ccab5b9fb97e10e08830d02b282
962b38aaf user@.service: don't kill user manager at runlevel switch (bsc#1091677)
3986c4d82 units: make sure user@.service runs with dbus still up
5e68aa0f2 Revert "udevd: increase maximum number of children" (bsc#1107617)
099138fd9 fix race between daemon-reload and other commands (v237) (bsc#1105031)
OBS-URL: https://build.opensuse.org/request/show/635662
OBS-URL: https://build.opensuse.org/package/show/Base:System/systemd?expand=0&rev=1038
- Import commit 0350f62a8cf7f151951b6b78337fe3c198b8bf6a
fbf43a697 core: don't freeze OnCalendar= timer units when the clock goes back a lot (bsc#1090944)
4134ba8b6 man: SystemMaxUse= clarification in journald.conf(5) (bnc#1101040)
78bb2a0c4 socket-util: fix getpeergroups() assert(fd) (#8080) (bsc#1096516)
1753d0420 systemctl: mask always reports the same unit names when different unknown units are passed (bsc#1095973)
50ebf79d7 scsi_id: Fixup prefix for pre-SPC inquiry reply (bsc#1039099)
570f7655b locale-util: on overlayfs FTW_MOUNT causes nftw(3) to not list *any* files
OBS-URL: https://build.opensuse.org/request/show/625754
OBS-URL: https://build.opensuse.org/package/show/Base:System/systemd?expand=0&rev=1034
- Drop runtime dependency on dracut (bsc#1098569)
Otherwise systemd pulls in tools to generate the initrd even in
container/chroot installations that don't have a kernel anyways.
For environments where initrd matters, dracut should be pulled via a
pattern.
- Drop runtime dependency on dracut (bsc#1098569)
Otherwise systemd pulls in tools to generate the initrd even in
container/chroot installations that don't have a kernel anyways.
For environments where initrd matters, dracut should be pulled via a
pattern.
OBS-URL: https://build.opensuse.org/request/show/618913
OBS-URL: https://build.opensuse.org/package/show/Base:System/systemd?expand=0&rev=1033
- Import commit d8196805089566ecd846b7c627ff2f3c42588c50
621b247f3 device: skip deserialization of device units when udevd is not running
a7da5bdbc device: make sure to always retroactively start device dependencies (bsc#1088052)
303624f6f systemd-udevd: limit children-max by available memory (#8668) (bsc#1086785 bsc#1066422)
76acf3ae9 tmpfiles: fix directory removal with force symlink (#8619)
- Ship 99-sysctl.conf instead of creating it during package installation/update (bsc#1088769)
Previously this symlink was created in /etc/sysctl.d during %post
which made the symlink not owned and more importantly it was created
only if /etc/sysctl.conf is already installed which is not always
the case during the installation process it seems.
So ship the symlink unconditionally and put it in /usr/lib/sysctl.d
instead since it's a distro default behavior that might be overriden
by sysadmin later.
- Be consistent in 60-io-scheduler.rules
And use "?*" when checking for the non empty string (instead of "*?").
OBS-URL: https://build.opensuse.org/request/show/599905
OBS-URL: https://build.opensuse.org/package/show/Base:System/systemd?expand=0&rev=1027
