forked from pool/systemd
.
OBS-URL: https://build.opensuse.org/package/show/Base:System/systemd?expand=0&rev=807
This commit is contained in:
parent
98edd20469
commit
864d12612c
@ -0,0 +1,35 @@
|
||||
Based on 97569e154b80541cbad39d78231b7f360d4ff058 Mon Sep 17 00:00:00 2001
|
||||
From: Lennart Poettering <lennart@poettering.net>
|
||||
Date: Tue, 21 Oct 2014 14:01:28 +0200
|
||||
Subject: [PATCH] strv: add an additional overflow check when enlarging
|
||||
strv()s
|
||||
|
||||
https://bugs.freedesktop.org/show_bug.cgi?id=76745
|
||||
---
|
||||
src/shared/strv.c | 10 ++++++++--
|
||||
1 file changed, 8 insertions(+), 2 deletions(-)
|
||||
|
||||
--- src/shared/strv.c
|
||||
+++ src/shared/strv.c 2014-10-23 00:00:00.000000000 +0000
|
||||
@@ -361,13 +361,19 @@ char *strv_join_quoted(char **l) {
|
||||
|
||||
int strv_push(char ***l, char *value) {
|
||||
char **c;
|
||||
- unsigned n;
|
||||
+ unsigned n, m;
|
||||
|
||||
if (!value)
|
||||
return 0;
|
||||
|
||||
n = strv_length(*l);
|
||||
- c = realloc(*l, sizeof(char*) * (n + 2));
|
||||
+
|
||||
+ /* increase and check for overflow */
|
||||
+ m = n + 2;
|
||||
+ if (m < n)
|
||||
+ return -ENOMEM;
|
||||
+
|
||||
+ c = realloc(*l, sizeof(char*) * (size_t) m);
|
||||
if (!c)
|
||||
return -ENOMEM;
|
||||
|
@ -0,0 +1,42 @@
|
||||
From fc1ae82cae69d8dbbd9e7a31938810a486fac782 Mon Sep 17 00:00:00 2001
|
||||
From: Hans de Goede <hdegoede@redhat.com>
|
||||
Date: Wed, 22 Oct 2014 14:09:21 +0200
|
||||
Subject: [PATCH] hwdb: Add mapping for special keys on compaq ku 0133
|
||||
keyboards
|
||||
|
||||
The compaq ku 0133 keyboard has 8 special keys at the top:
|
||||
http://lackof.org/taggart/hacking/keyboard/cpqwireless.jpg
|
||||
|
||||
3 of these use standard HID usage codes from the consumer page, the 5
|
||||
others use part of the reserved 0x07 - 0x1f range.
|
||||
|
||||
This commit adds mapping for this keyboard for these reserved codes, making
|
||||
the other 5 keys work.
|
||||
|
||||
Cc: Hans de Goede <hdegoede@redhat.com>
|
||||
Signed-off-by: Hans de Goede <hdegoede@redhat.com>
|
||||
---
|
||||
hwdb/60-keyboard.hwdb | 7 +++++++
|
||||
1 file changed, 7 insertions(+)
|
||||
|
||||
diff --git hwdb/60-keyboard.hwdb hwdb/60-keyboard.hwdb
|
||||
index 59f467b..06caba9 100644
|
||||
--- hwdb/60-keyboard.hwdb
|
||||
+++ hwdb/60-keyboard.hwdb
|
||||
@@ -181,6 +181,13 @@ keyboard:dmi:bvn*:bvr*:bd*:svnCompaq*:pn*Evo*N*:pvr*
|
||||
KEYBOARD_KEY_9e=email
|
||||
KEYBOARD_KEY_9f=homepage
|
||||
|
||||
+keyboard:usb:v049Fp0051d*dc*dsc*dp*ic*isc*ip*in01*
|
||||
+ KEYBOARD_KEY_0c0011=presentation
|
||||
+ KEYBOARD_KEY_0c0012=addressbook
|
||||
+ KEYBOARD_KEY_0c0013=info
|
||||
+ KEYBOARD_KEY_0c0014=prog1
|
||||
+ KEYBOARD_KEY_0c0015=messenger
|
||||
+
|
||||
###########################################################
|
||||
# Dell
|
||||
###########################################################
|
||||
--
|
||||
1.7.9.2
|
||||
|
@ -0,0 +1,41 @@
|
||||
From f2a474aea8f82fa9b695515d4590f4f3398358a7 Mon Sep 17 00:00:00 2001
|
||||
From: Juho Son <juho80.son@samsung.com>
|
||||
Date: Thu, 11 Sep 2014 16:06:38 +0900
|
||||
Subject: [PATCH] journald: add CAP_MAC_OVERRIDE in journald for SMACK issue
|
||||
|
||||
systemd-journald check the cgroup id to support rate limit option for
|
||||
every messages. so journald should be available to access cgroup node in
|
||||
each process send messages to journald.
|
||||
In system using SMACK, cgroup node in proc is assigned execute label
|
||||
as each process's execute label.
|
||||
so if journald don't want to denied for every process, journald
|
||||
should have all of access rule for all process's label.
|
||||
It's too heavy. so we could give special smack label for journald te get
|
||||
all accesses's permission.
|
||||
'^' label.
|
||||
When assign '^' execute smack label to systemd-journald,
|
||||
systemd-journald need to add CAP_MAC_OVERRIDE capability to get that smack privilege.
|
||||
|
||||
so I want to notice this information and set default capability to
|
||||
journald whether system use SMACK or not.
|
||||
because that capability affect to only smack enabled kernel
|
||||
---
|
||||
units/systemd-journald.service.in | 2 +-
|
||||
1 file changed, 1 insertion(+), 1 deletion(-)
|
||||
|
||||
diff --git units/systemd-journald.service.in units/systemd-journald.service.in
|
||||
index 7013979..4de38fa 100644
|
||||
--- units/systemd-journald.service.in
|
||||
+++ units/systemd-journald.service.in
|
||||
@@ -20,7 +20,7 @@ Restart=always
|
||||
RestartSec=0
|
||||
NotifyAccess=all
|
||||
StandardOutput=null
|
||||
-CapabilityBoundingSet=CAP_SYS_ADMIN CAP_DAC_OVERRIDE CAP_SYS_PTRACE CAP_SYSLOG CAP_AUDIT_CONTROL CAP_CHOWN CAP_DAC_READ_SEARCH CAP_FOWNER CAP_SETUID CAP_SETGID
|
||||
+CapabilityBoundingSet=CAP_SYS_ADMIN CAP_DAC_OVERRIDE CAP_SYS_PTRACE CAP_SYSLOG CAP_AUDIT_CONTROL CAP_CHOWN CAP_DAC_READ_SEARCH CAP_FOWNER CAP_SETUID CAP_SETGID CAP_MAC_OVERRIDE
|
||||
WatchdogSec=1min
|
||||
|
||||
# Increase the default a bit in order to allow many simultaneous
|
||||
--
|
||||
1.7.9.2
|
||||
|
30
0004-journal-do-server_vacuum-for-sigusr1.patch
Normal file
30
0004-journal-do-server_vacuum-for-sigusr1.patch
Normal file
@ -0,0 +1,30 @@
|
||||
From 3bfd4e0c6341b0ef946d2198f089743fa99e0a97 Mon Sep 17 00:00:00 2001
|
||||
From: WaLyong Cho <walyong.cho@samsung.com>
|
||||
Date: Thu, 28 Aug 2014 21:33:03 +0900
|
||||
Subject: [PATCH] journal: do server_vacuum for sigusr1
|
||||
|
||||
runtime journal is migrated to system journal when only
|
||||
"/run/systemd/journal/flushed" exist. It's ok but according to this
|
||||
the system journal directory size(max use) can be over the config. If
|
||||
journal is not rotated during some time the journal directory can be
|
||||
remained as over the config(or default) size. To avoid, do
|
||||
server_vacuum just after the system journal migration from runtime.
|
||||
---
|
||||
src/journal/journald-server.c | 1 +
|
||||
1 file changed, 1 insertion(+)
|
||||
|
||||
diff --git src/journal/journald-server.c src/journal/journald-server.c
|
||||
index 52111f7..bf9cfcc 100644
|
||||
--- src/journal/journald-server.c
|
||||
+++ src/journal/journald-server.c
|
||||
@@ -1224,6 +1224,7 @@ static int dispatch_sigusr1(sd_event_source *es, const struct signalfd_siginfo *
|
||||
touch("/run/systemd/journal/flushed");
|
||||
server_flush_to_var(s);
|
||||
server_sync(s);
|
||||
+ server_vacuum(s);
|
||||
|
||||
return 0;
|
||||
}
|
||||
--
|
||||
1.7.9.2
|
||||
|
25
0005-cryptsetup-fix-an-OOM-check.patch
Normal file
25
0005-cryptsetup-fix-an-OOM-check.patch
Normal file
@ -0,0 +1,25 @@
|
||||
From 0e2f14014c65b4d8b30146e414579154cfa932da Mon Sep 17 00:00:00 2001
|
||||
From: Lennart Poettering <lennart@poettering.net>
|
||||
Date: Thu, 23 Oct 2014 00:30:04 +0200
|
||||
Subject: [PATCH] cryptsetup: fix an OOM check
|
||||
|
||||
---
|
||||
src/cryptsetup/cryptsetup-generator.c | 2 +-
|
||||
1 file changed, 1 insertion(+), 1 deletion(-)
|
||||
|
||||
diff --git src/cryptsetup/cryptsetup-generator.c src/cryptsetup/cryptsetup-generator.c
|
||||
index 137b787..c7f30f6 100644
|
||||
--- src/cryptsetup/cryptsetup-generator.c
|
||||
+++ src/cryptsetup/cryptsetup-generator.c
|
||||
@@ -387,7 +387,7 @@ int main(int argc, char *argv[]) {
|
||||
if (k == 2 && streq(proc_uuid, device + 5)) {
|
||||
free(options);
|
||||
options = strdup(p);
|
||||
- if (!proc_options) {
|
||||
+ if (!options) {
|
||||
log_oom();
|
||||
goto cleanup;
|
||||
}
|
||||
--
|
||||
1.7.9.2
|
||||
|
@ -1,3 +1,13 @@
|
||||
-------------------------------------------------------------------
|
||||
Thu Oct 23 14:05:08 UTC 2014 - werner@suse.de
|
||||
|
||||
- Add upstream patches
|
||||
0001-strv-add-an-additional-overflow-check-when-enlarging.patch
|
||||
0002-hwdb-Add-mapping-for-special-keys-on-compaq-ku-0133-.patch
|
||||
0003-journald-add-CAP_MAC_OVERRIDE-in-journald-for-SMACK-.patch
|
||||
0004-journal-do-server_vacuum-for-sigusr1.patch
|
||||
0005-cryptsetup-fix-an-OOM-check.patch
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Wed Oct 22 13:56:22 UTC 2014 - werner@suse.de
|
||||
|
||||
|
@ -964,6 +964,16 @@ Patch466: 0001-systemd-continue-switch-root-even-if-umount-fails.patch
|
||||
Patch467: 0002-systemd-try-harder-to-bind-to-notify-socket.patch
|
||||
# PATCH-FIX-SUSE added at 2014/10/15
|
||||
Patch468: avoid-leaking-socket-descriptors.patch
|
||||
# PATCH-FIX-UPSTREAM added at 2014/10/23
|
||||
Patch469: 0001-strv-add-an-additional-overflow-check-when-enlarging.patch
|
||||
# PATCH-FIX-UPSTREAM added at 2014/10/23
|
||||
Patch470: 0002-hwdb-Add-mapping-for-special-keys-on-compaq-ku-0133-.patch
|
||||
# PATCH-FIX-UPSTREAM added at 2014/10/23
|
||||
Patch471: 0003-journald-add-CAP_MAC_OVERRIDE-in-journald-for-SMACK-.patch
|
||||
# PATCH-FIX-UPSTREAM added at 2014/10/23
|
||||
Patch472: 0004-journal-do-server_vacuum-for-sigusr1.patch
|
||||
# PATCH-FIX-UPSTREAM added at 2014/10/23
|
||||
Patch473: 0005-cryptsetup-fix-an-OOM-check.patch
|
||||
|
||||
# UDEV PATCHES
|
||||
# ============
|
||||
@ -1778,6 +1788,11 @@ cp %{SOURCE7} m4/
|
||||
%patch466 -p0
|
||||
%patch467 -p0
|
||||
%patch468 -p0
|
||||
%patch469 -p0
|
||||
%patch470 -p0
|
||||
%patch471 -p0
|
||||
%patch472 -p0
|
||||
%patch473 -p0
|
||||
|
||||
# udev patches
|
||||
%patch1001 -p1
|
||||
|
@ -1,3 +1,13 @@
|
||||
-------------------------------------------------------------------
|
||||
Thu Oct 23 14:05:08 UTC 2014 - werner@suse.de
|
||||
|
||||
- Add upstream patches
|
||||
0001-strv-add-an-additional-overflow-check-when-enlarging.patch
|
||||
0002-hwdb-Add-mapping-for-special-keys-on-compaq-ku-0133-.patch
|
||||
0003-journald-add-CAP_MAC_OVERRIDE-in-journald-for-SMACK-.patch
|
||||
0004-journal-do-server_vacuum-for-sigusr1.patch
|
||||
0005-cryptsetup-fix-an-OOM-check.patch
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Wed Oct 22 13:56:22 UTC 2014 - werner@suse.de
|
||||
|
||||
|
15
systemd.spec
15
systemd.spec
@ -959,6 +959,16 @@ Patch466: 0001-systemd-continue-switch-root-even-if-umount-fails.patch
|
||||
Patch467: 0002-systemd-try-harder-to-bind-to-notify-socket.patch
|
||||
# PATCH-FIX-SUSE added at 2014/10/15
|
||||
Patch468: avoid-leaking-socket-descriptors.patch
|
||||
# PATCH-FIX-UPSTREAM added at 2014/10/23
|
||||
Patch469: 0001-strv-add-an-additional-overflow-check-when-enlarging.patch
|
||||
# PATCH-FIX-UPSTREAM added at 2014/10/23
|
||||
Patch470: 0002-hwdb-Add-mapping-for-special-keys-on-compaq-ku-0133-.patch
|
||||
# PATCH-FIX-UPSTREAM added at 2014/10/23
|
||||
Patch471: 0003-journald-add-CAP_MAC_OVERRIDE-in-journald-for-SMACK-.patch
|
||||
# PATCH-FIX-UPSTREAM added at 2014/10/23
|
||||
Patch472: 0004-journal-do-server_vacuum-for-sigusr1.patch
|
||||
# PATCH-FIX-UPSTREAM added at 2014/10/23
|
||||
Patch473: 0005-cryptsetup-fix-an-OOM-check.patch
|
||||
|
||||
# UDEV PATCHES
|
||||
# ============
|
||||
@ -1773,6 +1783,11 @@ cp %{SOURCE7} m4/
|
||||
%patch466 -p0
|
||||
%patch467 -p0
|
||||
%patch468 -p0
|
||||
%patch469 -p0
|
||||
%patch470 -p0
|
||||
%patch471 -p0
|
||||
%patch472 -p0
|
||||
%patch473 -p0
|
||||
|
||||
# udev patches
|
||||
%patch1001 -p1
|
||||
|
Loading…
Reference in New Issue
Block a user