.

OBS-URL: https://build.opensuse.org/package/show/Base:System/systemd?expand=0&rev=807
2014-10-23 14:19:30 +00:00 · 2014-10-23 14:19:30 +00:00 · 58cd57f0cb
commit 58cd57f0cb
parent 8227fd8ef6
9 changed files with 223 additions and 0 deletions
--- a/0001-strv-add-an-additional-overflow-check-when-enlarging.patch
+++ b/0001-strv-add-an-additional-overflow-check-when-enlarging.patch
@ -0,0 +1,35 @@
 Based on 97569e154b80541cbad39d78231b7f360d4ff058 Mon Sep 17 00:00:00 2001
 From: Lennart Poettering <lennart@poettering.net>
 Date: Tue, 21 Oct 2014 14:01:28 +0200
 Subject: [PATCH] strv: add an additional overflow check when enlarging
 strv()s
 https://bugs.freedesktop.org/show_bug.cgi?id=76745
 ---
 src/shared/strv.c |   10 ++++++++--
 1 file changed, 8 insertions(+), 2 deletions(-)
 --- src/shared/strv.c
 +++ src/shared/strv.c	2014-10-23 00:00:00.000000000 +0000
@@ -361,13 +361,19 @@ char *strv_join_quoted(char **l) {
 int strv_push(char ***l, char *value) {
         char **c;
 -        unsigned n;
 +        unsigned n, m;
         if (!value)
                 return 0;
         n = strv_length(*l);
 -        c = realloc(*l, sizeof(char*) * (n + 2));
 +
 +        /* increase and check for overflow */
 +        m = n + 2;
 +        if (m < n)
 +                return -ENOMEM;
 +
 +        c = realloc(*l, sizeof(char*) * (size_t) m);
         if (!c)
                 return -ENOMEM;
--- a/0002-hwdb-Add-mapping-for-special-keys-on-compaq-ku-0133-.patch
+++ b/0002-hwdb-Add-mapping-for-special-keys-on-compaq-ku-0133-.patch
@ -0,0 +1,42 @@
 From fc1ae82cae69d8dbbd9e7a31938810a486fac782 Mon Sep 17 00:00:00 2001
 From: Hans de Goede <hdegoede@redhat.com>
 Date: Wed, 22 Oct 2014 14:09:21 +0200
 Subject: [PATCH] hwdb: Add mapping for special keys on compaq ku 0133
 keyboards
 The compaq ku 0133 keyboard has 8 special keys at the top:
 http://lackof.org/taggart/hacking/keyboard/cpqwireless.jpg
 3 of these use standard HID usage codes from the consumer page, the 5
 others use part of the reserved 0x07 - 0x1f range.
 This commit adds mapping for this keyboard for these reserved codes, making
 the other 5 keys work.
 Cc: Hans de Goede <hdegoede@redhat.com>
 Signed-off-by: Hans de Goede <hdegoede@redhat.com>
 ---
 hwdb/60-keyboard.hwdb |    7 +++++++
 1 file changed, 7 insertions(+)
 diff --git hwdb/60-keyboard.hwdb hwdb/60-keyboard.hwdb
 index 59f467b..06caba9 100644
 --- hwdb/60-keyboard.hwdb
 +++ hwdb/60-keyboard.hwdb
@@ -181,6 +181,13 @@ keyboard:dmi:bvn*:bvr*:bd*:svnCompaq*:pn*Evo*N*:pvr*
  KEYBOARD_KEY_9e=email
  KEYBOARD_KEY_9f=homepage
 +keyboard:usb:v049Fp0051d*dc*dsc*dp*ic*isc*ip*in01*
 + KEYBOARD_KEY_0c0011=presentation
 + KEYBOARD_KEY_0c0012=addressbook
 + KEYBOARD_KEY_0c0013=info
 + KEYBOARD_KEY_0c0014=prog1
 + KEYBOARD_KEY_0c0015=messenger
 +
 ###########################################################
 # Dell
 ###########################################################
 -- 
 1.7.9.2
--- a/0003-journald-add-CAP_MAC_OVERRIDE-in-journald-for-SMACK-.patch
+++ b/0003-journald-add-CAP_MAC_OVERRIDE-in-journald-for-SMACK-.patch
@ -0,0 +1,41 @@
 From f2a474aea8f82fa9b695515d4590f4f3398358a7 Mon Sep 17 00:00:00 2001
 From: Juho Son <juho80.son@samsung.com>
 Date: Thu, 11 Sep 2014 16:06:38 +0900
 Subject: [PATCH] journald: add CAP_MAC_OVERRIDE in journald for SMACK issue
 systemd-journald check the cgroup id to support rate limit option for
 every messages. so journald should be available to access cgroup node in
 each process send messages to journald.
 In system using SMACK, cgroup node in proc is assigned execute label
 as each process's execute label.
 so if journald don't want to denied for every process, journald
 should have all of access rule for all process's label.
 It's too heavy. so we could give special smack label for journald te get
 all accesses's permission.
 '^' label.
 When assign '^' execute smack label to systemd-journald,
 systemd-journald need to add  CAP_MAC_OVERRIDE capability to get that smack privilege.
 so I want to notice this information and set default capability to
 journald whether system use SMACK or not.
 because that capability affect to only smack enabled kernel
 ---
 units/systemd-journald.service.in |    2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)
 diff --git units/systemd-journald.service.in units/systemd-journald.service.in
 index 7013979..4de38fa 100644
 --- units/systemd-journald.service.in
 +++ units/systemd-journald.service.in
@@ -20,7 +20,7 @@ Restart=always
 RestartSec=0
 NotifyAccess=all
 StandardOutput=null
 -CapabilityBoundingSet=CAP_SYS_ADMIN CAP_DAC_OVERRIDE CAP_SYS_PTRACE CAP_SYSLOG CAP_AUDIT_CONTROL CAP_CHOWN CAP_DAC_READ_SEARCH CAP_FOWNER CAP_SETUID CAP_SETGID
 +CapabilityBoundingSet=CAP_SYS_ADMIN CAP_DAC_OVERRIDE CAP_SYS_PTRACE CAP_SYSLOG CAP_AUDIT_CONTROL CAP_CHOWN CAP_DAC_READ_SEARCH CAP_FOWNER CAP_SETUID CAP_SETGID CAP_MAC_OVERRIDE
 WatchdogSec=1min
 # Increase the default a bit in order to allow many simultaneous
 -- 
 1.7.9.2
--- a/0004-journal-do-server_vacuum-for-sigusr1.patch
+++ b/0004-journal-do-server_vacuum-for-sigusr1.patch
@ -0,0 +1,30 @@
 From 3bfd4e0c6341b0ef946d2198f089743fa99e0a97 Mon Sep 17 00:00:00 2001
 From: WaLyong Cho <walyong.cho@samsung.com>
 Date: Thu, 28 Aug 2014 21:33:03 +0900
 Subject: [PATCH] journal: do server_vacuum for sigusr1
 runtime journal is migrated to system journal when only
 "/run/systemd/journal/flushed" exist. It's ok but according to this
 the system journal directory size(max use) can be over the config. If
 journal is not rotated during some time the journal directory can be
 remained as over the config(or default) size. To avoid, do
 server_vacuum just after the system journal migration from runtime.
 ---
 src/journal/journald-server.c |    1 +
 1 file changed, 1 insertion(+)
 diff --git src/journal/journald-server.c src/journal/journald-server.c
 index 52111f7..bf9cfcc 100644
 --- src/journal/journald-server.c
 +++ src/journal/journald-server.c
@@ -1224,6 +1224,7 @@ static int dispatch_sigusr1(sd_event_source *es, const struct signalfd_siginfo *
         touch("/run/systemd/journal/flushed");
         server_flush_to_var(s);
         server_sync(s);
 +        server_vacuum(s);
         return 0;
 }
 -- 
 1.7.9.2
--- a/0005-cryptsetup-fix-an-OOM-check.patch
+++ b/0005-cryptsetup-fix-an-OOM-check.patch
@ -0,0 +1,25 @@
 From 0e2f14014c65b4d8b30146e414579154cfa932da Mon Sep 17 00:00:00 2001
 From: Lennart Poettering <lennart@poettering.net>
 Date: Thu, 23 Oct 2014 00:30:04 +0200
 Subject: [PATCH] cryptsetup: fix an OOM check
 ---
 src/cryptsetup/cryptsetup-generator.c |    2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)
 diff --git src/cryptsetup/cryptsetup-generator.c src/cryptsetup/cryptsetup-generator.c
 index 137b787..c7f30f6 100644
 --- src/cryptsetup/cryptsetup-generator.c
 +++ src/cryptsetup/cryptsetup-generator.c
@@ -387,7 +387,7 @@ int main(int argc, char *argv[]) {
                                 if (k == 2 && streq(proc_uuid, device + 5)) {
                                         free(options);
                                         options = strdup(p);
 -                                        if (!proc_options) {
 +                                        if (!options) {
                                                 log_oom();
                                                 goto cleanup;
                                         }
 -- 
 1.7.9.2
--- a/systemd-mini.changes
+++ b/systemd-mini.changes
@ -1,3 +1,13 @@
 -------------------------------------------------------------------
 Thu Oct 23 14:05:08 UTC 2014 - werner@suse.de
 - Add upstream patches
  0001-strv-add-an-additional-overflow-check-when-enlarging.patch
  0002-hwdb-Add-mapping-for-special-keys-on-compaq-ku-0133-.patch
  0003-journald-add-CAP_MAC_OVERRIDE-in-journald-for-SMACK-.patch
  0004-journal-do-server_vacuum-for-sigusr1.patch
  0005-cryptsetup-fix-an-OOM-check.patch
 -------------------------------------------------------------------
 Wed Oct 22 13:56:22 UTC 2014 - werner@suse.de
--- a/systemd-mini.spec
+++ b/systemd-mini.spec
@ -964,6 +964,16 @@ Patch466:       0001-systemd-continue-switch-root-even-if-umount-fails.patch
 Patch467:       0002-systemd-try-harder-to-bind-to-notify-socket.patch
 # PATCH-FIX-SUSE added at 2014/10/15
 Patch468:       avoid-leaking-socket-descriptors.patch
 # PATCH-FIX-UPSTREAM added at 2014/10/23
 Patch469:       0001-strv-add-an-additional-overflow-check-when-enlarging.patch
 # PATCH-FIX-UPSTREAM added at 2014/10/23
 Patch470:       0002-hwdb-Add-mapping-for-special-keys-on-compaq-ku-0133-.patch
 # PATCH-FIX-UPSTREAM added at 2014/10/23
 Patch471:       0003-journald-add-CAP_MAC_OVERRIDE-in-journald-for-SMACK-.patch
 # PATCH-FIX-UPSTREAM added at 2014/10/23
 Patch472:       0004-journal-do-server_vacuum-for-sigusr1.patch
 # PATCH-FIX-UPSTREAM added at 2014/10/23
 Patch473:       0005-cryptsetup-fix-an-OOM-check.patch
 # UDEV PATCHES
 # ============
@ -1778,6 +1788,11 @@ cp %{SOURCE7} m4/
 %patch466 -p0
 %patch467 -p0
 %patch468 -p0
 %patch469 -p0
 %patch470 -p0
 %patch471 -p0
 %patch472 -p0
 %patch473 -p0
 # udev patches
 %patch1001 -p1
--- a/systemd.changes
+++ b/systemd.changes
@ -1,3 +1,13 @@
 -------------------------------------------------------------------
 Thu Oct 23 14:05:08 UTC 2014 - werner@suse.de
 - Add upstream patches
  0001-strv-add-an-additional-overflow-check-when-enlarging.patch
  0002-hwdb-Add-mapping-for-special-keys-on-compaq-ku-0133-.patch
  0003-journald-add-CAP_MAC_OVERRIDE-in-journald-for-SMACK-.patch
  0004-journal-do-server_vacuum-for-sigusr1.patch
  0005-cryptsetup-fix-an-OOM-check.patch
 -------------------------------------------------------------------
 Wed Oct 22 13:56:22 UTC 2014 - werner@suse.de
--- a/systemd.spec
+++ b/systemd.spec
@ -959,6 +959,16 @@ Patch466:       0001-systemd-continue-switch-root-even-if-umount-fails.patch
 Patch467:       0002-systemd-try-harder-to-bind-to-notify-socket.patch
 # PATCH-FIX-SUSE added at 2014/10/15
 Patch468:       avoid-leaking-socket-descriptors.patch
 # PATCH-FIX-UPSTREAM added at 2014/10/23
 Patch469:       0001-strv-add-an-additional-overflow-check-when-enlarging.patch
 # PATCH-FIX-UPSTREAM added at 2014/10/23
 Patch470:       0002-hwdb-Add-mapping-for-special-keys-on-compaq-ku-0133-.patch
 # PATCH-FIX-UPSTREAM added at 2014/10/23
 Patch471:       0003-journald-add-CAP_MAC_OVERRIDE-in-journald-for-SMACK-.patch
 # PATCH-FIX-UPSTREAM added at 2014/10/23
 Patch472:       0004-journal-do-server_vacuum-for-sigusr1.patch
 # PATCH-FIX-UPSTREAM added at 2014/10/23
 Patch473:       0005-cryptsetup-fix-an-OOM-check.patch
 # UDEV PATCHES
 # ============
@ -1773,6 +1783,11 @@ cp %{SOURCE7} m4/
 %patch466 -p0
 %patch467 -p0
 %patch468 -p0
 %patch469 -p0
 %patch470 -p0
 %patch471 -p0
 %patch472 -p0
 %patch473 -p0
 # udev patches
 %patch1001 -p1