forked from pool/systemd
.
OBS-URL: https://build.opensuse.org/package/show/Base:System/systemd?expand=0&rev=833
This commit is contained in:
parent
9e677f8103
commit
dcb2a6c851
23
0001-selinux-access-fix-broken-ternary-operator.patch
Normal file
23
0001-selinux-access-fix-broken-ternary-operator.patch
Normal file
@ -0,0 +1,23 @@
|
||||
Based on 1e648011b20c8126412d3cf2699d575d9ba9e0fe Mon Sep 17 00:00:00 2001
|
||||
From: Lukas Nykryn <lnykryn@redhat.com>
|
||||
Date: Fri, 21 Nov 2014 17:02:15 +0100
|
||||
Subject: [PATCH] selinux-access: fix broken ternary operator
|
||||
|
||||
it seems to be a typo introduced by ebcf1f97de4f6b1580ae55eb56b1a3939fe6b602
|
||||
- _r = selinux_access_check(_b, _m, _u->source_path ?:_u->fragment_path, (permission), &_error); \
|
||||
+ ({ Unit *_unit = (unit); selinux_generic_access_check(bus,message, _unit->fragment_path ?: _unit->fragment_path, permission,error); })
|
||||
---
|
||||
src/core/selinux-access.h | 2 +-
|
||||
1 file changed, 1 insertion(+), 1 deletion(-)
|
||||
|
||||
--- src/core/selinux-access.h
|
||||
+++ src/core/selinux-access.h 2014-12-15 11:49:54.521518349 +0000
|
||||
@@ -34,7 +34,7 @@ int selinux_generic_access_check(sd_bus
|
||||
#define selinux_access_check(bus, message, permission, error) \
|
||||
selinux_generic_access_check(bus, message, NULL, permission, error)
|
||||
#define selinux_unit_access_check(unit, bus, message, permission, error) \
|
||||
- ({ Unit *_unit = (unit); selinux_generic_access_check(bus, message, _unit->fragment_path ?: _unit->fragment_path, permission, error); })
|
||||
+ ({ Unit *_unit = (unit); selinux_generic_access_check(bus, message, _unit->source_path ?: _unit->fragment_path, permission, error); })
|
||||
|
||||
#else
|
||||
|
@ -0,0 +1,35 @@
|
||||
From c469089cf647ac740c7dcf09c463d2907b6d00eb Mon Sep 17 00:00:00 2001
|
||||
From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= <zbyszek@in.waw.pl>
|
||||
Date: Sat, 22 Nov 2014 20:21:56 -0500
|
||||
Subject: [PATCH] systemctl: show BindsTo/BoundBy in list-dependencies
|
||||
|
||||
Suggested-by: Peter Mattern <matternp@arcor.de>
|
||||
|
||||
http://lists.freedesktop.org/archives/systemd-devel/2014-November/025437.html
|
||||
---
|
||||
src/systemctl/systemctl.c | 6 ++++--
|
||||
1 file changed, 4 insertions(+), 2 deletions(-)
|
||||
|
||||
diff --git src/systemctl/systemctl.c src/systemctl/systemctl.c
|
||||
index 78b7c96..fd69c69 100644
|
||||
--- src/systemctl/systemctl.c
|
||||
+++ src/systemctl/systemctl.c
|
||||
@@ -1480,11 +1480,13 @@ static int list_dependencies_get_dependencies(sd_bus *bus, const char *name, cha
|
||||
"RequiresOverridable\0"
|
||||
"Requisite\0"
|
||||
"RequisiteOverridable\0"
|
||||
- "Wants\0",
|
||||
+ "Wants\0"
|
||||
+ "BindsTo\0",
|
||||
[DEPENDENCY_REVERSE] = "RequiredBy\0"
|
||||
"RequiredByOverridable\0"
|
||||
"WantedBy\0"
|
||||
- "PartOf\0",
|
||||
+ "PartOf\0"
|
||||
+ "BoundBy\0",
|
||||
[DEPENDENCY_AFTER] = "After\0",
|
||||
[DEPENDENCY_BEFORE] = "Before\0",
|
||||
};
|
||||
--
|
||||
1.7.9.2
|
||||
|
@ -0,0 +1,28 @@
|
||||
Based on 8a52210c9392887a31fdb2845f65b4c5869e8e66 Mon Sep 17 00:00:00 2001
|
||||
From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= <zbyszek@in.waw.pl>
|
||||
Date: Mon, 24 Nov 2014 09:11:12 -0500
|
||||
Subject: [PATCH] cryptsetup: default to no hash when keyfile is specified
|
||||
|
||||
For plain dm-crypt devices, the behavior of cryptsetup package is to
|
||||
ignore the hash algorithm when a key file is provided. It seems wrong
|
||||
to ignore a hash when it is explicitly specified, but we should default
|
||||
to no hash if the keyfile is specified.
|
||||
|
||||
https://bugs.freedesktop.org/show_bug.cgi?id=52630
|
||||
---
|
||||
src/cryptsetup/cryptsetup.c | 4 +++-
|
||||
1 file changed, 3 insertions(+), 1 deletion(-)
|
||||
|
||||
--- src/cryptsetup/cryptsetup.c
|
||||
+++ src/cryptsetup/cryptsetup.c 2014-12-15 12:00:17.554019752 +0000
|
||||
@@ -386,7 +386,9 @@ static int attach_luks_or_plain(struct c
|
||||
/* plain isn't a real hash type. it just means "use no hash" */
|
||||
if (!streq(opt_hash, "plain"))
|
||||
params.hash = opt_hash;
|
||||
- } else
|
||||
+ } else if (!key_file)
|
||||
+ /* for CRYPT_PLAIN, the behaviour of cryptsetup
|
||||
+ * package is to not hash when a key file is provided */
|
||||
params.hash = "ripemd160";
|
||||
|
||||
if (opt_cipher) {
|
@ -0,0 +1,32 @@
|
||||
Based on e0312f4db08c7100bd00299614e87bedc759b366 Mon Sep 17 00:00:00 2001
|
||||
Based on c21b92ffe7ef939dd32502ac912cf8ad1c5638fd Mon Sep 17 00:00:00 2001
|
||||
From: Michal Schmidt <mschmidt@redhat.com>
|
||||
Date: Thu, 27 Nov 2014 15:23:58 +0100
|
||||
Subject: [PATCH] core: fix transaction destructiveness check once more
|
||||
|
||||
The previous fix e0312f4db "core: fix check for transaction
|
||||
destructiveness" broke test-engine (noticed by Zbyszek).
|
||||
Apparently I had a wrong idea of the intended semantics of --fail.
|
||||
|
||||
The manpage says the operation should fail if it "conflicts with a
|
||||
pending job (more specifically: causes an already pending start job to
|
||||
be reversed into a stop job or vice versa)".
|
||||
|
||||
So let's check job_type_is_conflicting, instead of !is_superset.
|
||||
|
||||
This makes both test-engine and TEST-03-JOBS pass again.
|
||||
---
|
||||
src/core/transaction.c | 2 +-
|
||||
1 file changed, 1 insertion(+), 1 deletion(-)
|
||||
|
||||
--- src/core/transaction.c
|
||||
+++ src/core/transaction.c 2014-12-15 12:06:11.721518136 +0000
|
||||
@@ -510,7 +510,7 @@ static int transaction_is_destructive(Tr
|
||||
assert(!j->transaction_next);
|
||||
|
||||
if (j->unit->job && (mode == JOB_FAIL || j->unit->job->irreversible) &&
|
||||
- !job_type_is_superset(j->type, j->unit->job->type)) {
|
||||
+ job_type_is_conflicting(j->unit->job->type, j->type)) {
|
||||
|
||||
sd_bus_error_setf(e, BUS_ERROR_TRANSACTION_IS_DESTRUCTIVE, "Transaction is destructive.");
|
||||
return -EEXIST;
|
@ -1,3 +1,15 @@
|
||||
-------------------------------------------------------------------
|
||||
Mon Dec 15 15:02:22 UTC 2014 - werner@suse.de
|
||||
|
||||
- Add upstream patches
|
||||
0001-selinux-access-fix-broken-ternary-operator.patch
|
||||
0002-systemctl-show-BindsTo-BoundBy-in-list-dependencies.patch
|
||||
0003-cryptsetup-default-to-no-hash-when-keyfile-is-specif.patch
|
||||
0004-core-fix-transaction-destructiveness-check-once-more.patch
|
||||
- Avoid old net devices naming scheme on openSUSE 13.2 and less
|
||||
maybe caused by patch
|
||||
1098-udev-link_setup-respect-kernel-name-assign-policy.patch
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Thu Dec 11 09:32:31 UTC 2014 - thomas.blume@suse.com
|
||||
|
||||
@ -8,8 +20,8 @@ Thu Dec 11 09:32:31 UTC 2014 - thomas.blume@suse.com
|
||||
Fri Dec 5 12:51:15 UTC 2014 - werner@suse.de
|
||||
|
||||
- Add upstream patch
|
||||
1098-udev-link_setup-respect-kernel-name-assign-policy.patch
|
||||
which may solve bsc#907318
|
||||
1098-udev-link_setup-respect-kernel-name-assign-policy.patch
|
||||
which may solve bsc#907318
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Fri Dec 5 12:13:02 UTC 2014 - werner@suse.de
|
||||
@ -17,7 +29,6 @@ Fri Dec 5 12:13:02 UTC 2014 - werner@suse.de
|
||||
- Add upstream patches
|
||||
0001-units-make-sure-rfkill-service-is-bount-to-the-actua.patch
|
||||
0002-rfkill-rework-how-we-generate-file-names-from-rfkill.patch
|
||||
1097-udev-link_setup-respect-kernel-name-assign-policy.patch
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Fri Nov 28 13:26:21 UTC 2014 - rmilasan@suse.com
|
||||
|
@ -1050,6 +1050,14 @@ Patch511: 0001-units-make-sure-rfkill-service-is-bount-to-the-actua.patch
|
||||
Patch512: 0002-rfkill-rework-how-we-generate-file-names-from-rfkill.patch
|
||||
# PATCH-FIX-SUSE 513-nspawn-veth.patch (bnc#906709)
|
||||
Patch513: 513-nspawn-veth.patch
|
||||
# PATCH-FIX-UPSTREAM added at 2014/12/15
|
||||
Patch514: 0001-selinux-access-fix-broken-ternary-operator.patch
|
||||
# PATCH-FIX-UPSTREAM added at 2014/12/15
|
||||
Patch515: 0002-systemctl-show-BindsTo-BoundBy-in-list-dependencies.patch
|
||||
# PATCH-FIX-UPSTREAM added at 2014/12/15
|
||||
Patch516: 0003-cryptsetup-default-to-no-hash-when-keyfile-is-specif.patch
|
||||
# PATCH-FIX-UPSTREAM added at 2014/12/15
|
||||
Patch517: 0004-core-fix-transaction-destructiveness-check-once-more.patch
|
||||
|
||||
# UDEV PATCHES
|
||||
# ============
|
||||
@ -1925,6 +1933,10 @@ cp %{SOURCE7} m4/
|
||||
%patch511 -p0
|
||||
%patch512 -p0
|
||||
%patch513 -p1
|
||||
%patch514 -p0
|
||||
%patch515 -p0
|
||||
%patch516 -p0
|
||||
%patch517 -p0
|
||||
|
||||
# udev patches
|
||||
%patch1001 -p1
|
||||
@ -2142,6 +2154,12 @@ export LDFLAGS
|
||||
do
|
||||
sed -ri '/^ENV\{net.ifnames\}=="1", GOTO="[^"]*"$/{ s/=="1"/!="0"/ }' src/udev/rule_generator/${rules}.rules
|
||||
done
|
||||
%if 0%{?suse_version} <= 1320
|
||||
for link in 99-default
|
||||
do
|
||||
sed -ri '/^NamePolicy=/{ s/kernel[[:blank:]]+// }' network/${link}.link
|
||||
done
|
||||
%endif
|
||||
%endif
|
||||
cflags -pipe CFLAGS
|
||||
cflags -Wl,-O2 LDFLAGS
|
||||
|
@ -1,3 +1,15 @@
|
||||
-------------------------------------------------------------------
|
||||
Mon Dec 15 15:02:22 UTC 2014 - werner@suse.de
|
||||
|
||||
- Add upstream patches
|
||||
0001-selinux-access-fix-broken-ternary-operator.patch
|
||||
0002-systemctl-show-BindsTo-BoundBy-in-list-dependencies.patch
|
||||
0003-cryptsetup-default-to-no-hash-when-keyfile-is-specif.patch
|
||||
0004-core-fix-transaction-destructiveness-check-once-more.patch
|
||||
- Avoid old net devices naming scheme on openSUSE 13.2 and less
|
||||
maybe caused by patch
|
||||
1098-udev-link_setup-respect-kernel-name-assign-policy.patch
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Thu Dec 11 09:32:31 UTC 2014 - thomas.blume@suse.com
|
||||
|
||||
@ -8,8 +20,8 @@ Thu Dec 11 09:32:31 UTC 2014 - thomas.blume@suse.com
|
||||
Fri Dec 5 12:51:15 UTC 2014 - werner@suse.de
|
||||
|
||||
- Add upstream patch
|
||||
1098-udev-link_setup-respect-kernel-name-assign-policy.patch
|
||||
which may solve bsc#907318
|
||||
1098-udev-link_setup-respect-kernel-name-assign-policy.patch
|
||||
which may solve bsc#907318
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Fri Dec 5 12:13:02 UTC 2014 - werner@suse.de
|
||||
@ -17,7 +29,6 @@ Fri Dec 5 12:13:02 UTC 2014 - werner@suse.de
|
||||
- Add upstream patches
|
||||
0001-units-make-sure-rfkill-service-is-bount-to-the-actua.patch
|
||||
0002-rfkill-rework-how-we-generate-file-names-from-rfkill.patch
|
||||
1097-udev-link_setup-respect-kernel-name-assign-policy.patch
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Fri Nov 28 13:26:21 UTC 2014 - rmilasan@suse.com
|
||||
|
18
systemd.spec
18
systemd.spec
@ -1045,6 +1045,14 @@ Patch511: 0001-units-make-sure-rfkill-service-is-bount-to-the-actua.patch
|
||||
Patch512: 0002-rfkill-rework-how-we-generate-file-names-from-rfkill.patch
|
||||
# PATCH-FIX-SUSE 513-nspawn-veth.patch (bnc#906709)
|
||||
Patch513: 513-nspawn-veth.patch
|
||||
# PATCH-FIX-UPSTREAM added at 2014/12/15
|
||||
Patch514: 0001-selinux-access-fix-broken-ternary-operator.patch
|
||||
# PATCH-FIX-UPSTREAM added at 2014/12/15
|
||||
Patch515: 0002-systemctl-show-BindsTo-BoundBy-in-list-dependencies.patch
|
||||
# PATCH-FIX-UPSTREAM added at 2014/12/15
|
||||
Patch516: 0003-cryptsetup-default-to-no-hash-when-keyfile-is-specif.patch
|
||||
# PATCH-FIX-UPSTREAM added at 2014/12/15
|
||||
Patch517: 0004-core-fix-transaction-destructiveness-check-once-more.patch
|
||||
|
||||
# UDEV PATCHES
|
||||
# ============
|
||||
@ -1920,6 +1928,10 @@ cp %{SOURCE7} m4/
|
||||
%patch511 -p0
|
||||
%patch512 -p0
|
||||
%patch513 -p1
|
||||
%patch514 -p0
|
||||
%patch515 -p0
|
||||
%patch516 -p0
|
||||
%patch517 -p0
|
||||
|
||||
# udev patches
|
||||
%patch1001 -p1
|
||||
@ -2137,6 +2149,12 @@ export LDFLAGS
|
||||
do
|
||||
sed -ri '/^ENV\{net.ifnames\}=="1", GOTO="[^"]*"$/{ s/=="1"/!="0"/ }' src/udev/rule_generator/${rules}.rules
|
||||
done
|
||||
%if 0%{?suse_version} <= 1320
|
||||
for link in 99-default
|
||||
do
|
||||
sed -ri '/^NamePolicy=/{ s/kernel[[:blank:]]+// }' network/${link}.link
|
||||
done
|
||||
%endif
|
||||
%endif
|
||||
cflags -pipe CFLAGS
|
||||
cflags -Wl,-O2 LDFLAGS
|
||||
|
Loading…
Reference in New Issue
Block a user