From e1d2ae1aadc39e2daf9dfdc5fc20b6c6d0993ea8de3ffac8f97661d9a3c9815c Mon Sep 17 00:00:00 2001 From: Stephan Kulow Date: Sun, 21 Dec 2014 11:03:25 +0000 Subject: [PATCH] Accepting request 265880 from Base:System use --boot option in systemd-tmpfiles-setup-dev.service (bnc#908476) OBS-URL: https://build.opensuse.org/request/show/265880 OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/systemd?expand=0&rev=212 --- ...x-access-fix-broken-ternary-operator.patch | 23 +++ ...etup-dev-allow-unsafe-file-creation-.patch | 24 ++++ ...n-tmpfiles.d-recommend-using-b-and-c.patch | 24 ++++ ...BindsTo-BoundBy-in-list-dependencies.patch | 35 +++++ ...lt-to-no-hash-when-keyfile-is-specif.patch | 28 ++++ ...tion-destructiveness-check-once-more.patch | 32 +++++ 0022-systemd-tmpfiles-ownerkeep.patch | 10 -- ...up-respect-kernel-name-assign-policy.patch | 131 +++++++----------- systemd-add-user-keep.patch | 78 +++++++++++ systemd-mini.changes | 49 ++++++- systemd-mini.spec | 30 +++- systemd.changes | 49 ++++++- systemd.spec | 30 +++- 13 files changed, 430 insertions(+), 113 deletions(-) create mode 100644 0001-selinux-access-fix-broken-ternary-operator.patch create mode 100644 0001-units-tmpfiles-setup-dev-allow-unsafe-file-creation-.patch create mode 100644 0002-man-tmpfiles.d-recommend-using-b-and-c.patch create mode 100644 0002-systemctl-show-BindsTo-BoundBy-in-list-dependencies.patch create mode 100644 0003-cryptsetup-default-to-no-hash-when-keyfile-is-specif.patch create mode 100644 0004-core-fix-transaction-destructiveness-check-once-more.patch delete mode 100644 0022-systemd-tmpfiles-ownerkeep.patch create mode 100644 systemd-add-user-keep.patch diff --git a/0001-selinux-access-fix-broken-ternary-operator.patch b/0001-selinux-access-fix-broken-ternary-operator.patch new file mode 100644 index 00000000..b94de819 --- /dev/null +++ b/0001-selinux-access-fix-broken-ternary-operator.patch @@ -0,0 +1,23 @@ +Based on 1e648011b20c8126412d3cf2699d575d9ba9e0fe Mon Sep 17 00:00:00 2001 +From: Lukas Nykryn +Date: Fri, 21 Nov 2014 17:02:15 +0100 +Subject: [PATCH] selinux-access: fix broken ternary operator + +it seems to be a typo introduced by ebcf1f97de4f6b1580ae55eb56b1a3939fe6b602 +- _r = selinux_access_check(_b, _m, _u->source_path ?:_u->fragment_path, (permission), &_error); \ ++ ({ Unit *_unit = (unit); selinux_generic_access_check(bus,message, _unit->fragment_path ?: _unit->fragment_path, permission,error); }) +--- + src/core/selinux-access.h | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +--- src/core/selinux-access.h ++++ src/core/selinux-access.h 2014-12-15 11:49:54.521518349 +0000 +@@ -34,7 +34,7 @@ int selinux_generic_access_check(sd_bus + #define selinux_access_check(bus, message, permission, error) \ + selinux_generic_access_check(bus, message, NULL, permission, error) + #define selinux_unit_access_check(unit, bus, message, permission, error) \ +- ({ Unit *_unit = (unit); selinux_generic_access_check(bus, message, _unit->fragment_path ?: _unit->fragment_path, permission, error); }) ++ ({ Unit *_unit = (unit); selinux_generic_access_check(bus, message, _unit->source_path ?: _unit->fragment_path, permission, error); }) + + #else + diff --git a/0001-units-tmpfiles-setup-dev-allow-unsafe-file-creation-.patch b/0001-units-tmpfiles-setup-dev-allow-unsafe-file-creation-.patch new file mode 100644 index 00000000..8aa6da5f --- /dev/null +++ b/0001-units-tmpfiles-setup-dev-allow-unsafe-file-creation-.patch @@ -0,0 +1,24 @@ +From 8c94052ee543c3598a3c7b0c46688150aa2c6168 Mon Sep 17 00:00:00 2001 +From: Tom Gundersen +Date: Mon, 27 Oct 2014 17:15:42 +0100 +Subject: [PATCH 1/2] units: tmpfiles-setup-dev - allow unsafe file creation to + happen in /dev at boot + +This will allow us to mark static device nodes with '!' to indicate that they should only be created at early boot. +--- + units/systemd-tmpfiles-setup-dev.service.in | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/units/systemd-tmpfiles-setup-dev.service.in b/units/systemd-tmpfiles-setup-dev.service.in +index f3833fd..0123a03 100644 +--- a/units/systemd-tmpfiles-setup-dev.service.in ++++ b/units/systemd-tmpfiles-setup-dev.service.in +@@ -17,4 +17,4 @@ ConditionCapability=CAP_SYS_MODULE + [Service] + Type=oneshot + RemainAfterExit=yes +-ExecStart=@rootbindir@/systemd-tmpfiles --prefix=/dev --create ++ExecStart=@rootbindir@/systemd-tmpfiles --prefix=/dev --create --boot +-- +2.1.2 + diff --git a/0002-man-tmpfiles.d-recommend-using-b-and-c.patch b/0002-man-tmpfiles.d-recommend-using-b-and-c.patch new file mode 100644 index 00000000..bb6c70d2 --- /dev/null +++ b/0002-man-tmpfiles.d-recommend-using-b-and-c.patch @@ -0,0 +1,24 @@ +diff -Naur systemd-210/man/tmpfiles.d.xml systemd-210-mod/man/tmpfiles.d.xml +--- systemd-210/man/tmpfiles.d.xml 2014-12-16 10:16:51.269189374 +0100 ++++ systemd-210-mod/man/tmpfiles.d.xml 2014-12-16 10:39:49.937552189 +0100 +@@ -158,12 +158,18 @@ + + + c +- Create a character device node if it does not exist yet. ++ Create a character device node if it does not exist yet. ++ It is recommended to suffix this entry with an exclamation mark to only ++ create static device nodes at boot, as udev will not manage static device ++ nodes that are created at runtime. + + + + b +- Create a block device node if it does not exist yet. ++ Create a block device node if it does not exist yet. ++ It is recommended to suffix this entry with an exclamation mark to only ++ create static device nodes at boot, as udev will not manage static device ++ nodes that re created at runtime. + + + diff --git a/0002-systemctl-show-BindsTo-BoundBy-in-list-dependencies.patch b/0002-systemctl-show-BindsTo-BoundBy-in-list-dependencies.patch new file mode 100644 index 00000000..6a9cd2ac --- /dev/null +++ b/0002-systemctl-show-BindsTo-BoundBy-in-list-dependencies.patch @@ -0,0 +1,35 @@ +From c469089cf647ac740c7dcf09c463d2907b6d00eb Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= +Date: Sat, 22 Nov 2014 20:21:56 -0500 +Subject: [PATCH] systemctl: show BindsTo/BoundBy in list-dependencies + +Suggested-by: Peter Mattern + +http://lists.freedesktop.org/archives/systemd-devel/2014-November/025437.html +--- + src/systemctl/systemctl.c | 6 ++++-- + 1 file changed, 4 insertions(+), 2 deletions(-) + +diff --git src/systemctl/systemctl.c src/systemctl/systemctl.c +index 78b7c96..fd69c69 100644 +--- src/systemctl/systemctl.c ++++ src/systemctl/systemctl.c +@@ -1480,11 +1480,13 @@ static int list_dependencies_get_dependencies(sd_bus *bus, const char *name, cha + "RequiresOverridable\0" + "Requisite\0" + "RequisiteOverridable\0" +- "Wants\0", ++ "Wants\0" ++ "BindsTo\0", + [DEPENDENCY_REVERSE] = "RequiredBy\0" + "RequiredByOverridable\0" + "WantedBy\0" +- "PartOf\0", ++ "PartOf\0" ++ "BoundBy\0", + [DEPENDENCY_AFTER] = "After\0", + [DEPENDENCY_BEFORE] = "Before\0", + }; +-- +1.7.9.2 + diff --git a/0003-cryptsetup-default-to-no-hash-when-keyfile-is-specif.patch b/0003-cryptsetup-default-to-no-hash-when-keyfile-is-specif.patch new file mode 100644 index 00000000..5424ff1c --- /dev/null +++ b/0003-cryptsetup-default-to-no-hash-when-keyfile-is-specif.patch @@ -0,0 +1,28 @@ +Based on 8a52210c9392887a31fdb2845f65b4c5869e8e66 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= +Date: Mon, 24 Nov 2014 09:11:12 -0500 +Subject: [PATCH] cryptsetup: default to no hash when keyfile is specified + +For plain dm-crypt devices, the behavior of cryptsetup package is to +ignore the hash algorithm when a key file is provided. It seems wrong +to ignore a hash when it is explicitly specified, but we should default +to no hash if the keyfile is specified. + +https://bugs.freedesktop.org/show_bug.cgi?id=52630 +--- + src/cryptsetup/cryptsetup.c | 4 +++- + 1 file changed, 3 insertions(+), 1 deletion(-) + +--- src/cryptsetup/cryptsetup.c ++++ src/cryptsetup/cryptsetup.c 2014-12-15 12:00:17.554019752 +0000 +@@ -386,7 +386,9 @@ static int attach_luks_or_plain(struct c + /* plain isn't a real hash type. it just means "use no hash" */ + if (!streq(opt_hash, "plain")) + params.hash = opt_hash; +- } else ++ } else if (!key_file) ++ /* for CRYPT_PLAIN, the behaviour of cryptsetup ++ * package is to not hash when a key file is provided */ + params.hash = "ripemd160"; + + if (opt_cipher) { diff --git a/0004-core-fix-transaction-destructiveness-check-once-more.patch b/0004-core-fix-transaction-destructiveness-check-once-more.patch new file mode 100644 index 00000000..843200c5 --- /dev/null +++ b/0004-core-fix-transaction-destructiveness-check-once-more.patch @@ -0,0 +1,32 @@ +Based on e0312f4db08c7100bd00299614e87bedc759b366 Mon Sep 17 00:00:00 2001 +Based on c21b92ffe7ef939dd32502ac912cf8ad1c5638fd Mon Sep 17 00:00:00 2001 +From: Michal Schmidt +Date: Thu, 27 Nov 2014 15:23:58 +0100 +Subject: [PATCH] core: fix transaction destructiveness check once more + +The previous fix e0312f4db "core: fix check for transaction +destructiveness" broke test-engine (noticed by Zbyszek). +Apparently I had a wrong idea of the intended semantics of --fail. + +The manpage says the operation should fail if it "conflicts with a +pending job (more specifically: causes an already pending start job to +be reversed into a stop job or vice versa)". + +So let's check job_type_is_conflicting, instead of !is_superset. + +This makes both test-engine and TEST-03-JOBS pass again. +--- + src/core/transaction.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +--- src/core/transaction.c ++++ src/core/transaction.c 2014-12-15 12:06:11.721518136 +0000 +@@ -510,7 +510,7 @@ static int transaction_is_destructive(Tr + assert(!j->transaction_next); + + if (j->unit->job && (mode == JOB_FAIL || j->unit->job->irreversible) && +- !job_type_is_superset(j->type, j->unit->job->type)) { ++ job_type_is_conflicting(j->unit->job->type, j->type)) { + + sd_bus_error_setf(e, BUS_ERROR_TRANSACTION_IS_DESTRUCTIVE, "Transaction is destructive."); + return -EEXIST; diff --git a/0022-systemd-tmpfiles-ownerkeep.patch b/0022-systemd-tmpfiles-ownerkeep.patch deleted file mode 100644 index c7f3589b..00000000 --- a/0022-systemd-tmpfiles-ownerkeep.patch +++ /dev/null @@ -1,10 +0,0 @@ -diff -Naur systemd-208/units/systemd-tmpfiles-clean.service.in systemd-208-mod/units/systemd-tmpfiles-clean.service.in ---- systemd-208/units/systemd-tmpfiles-clean.service.in 2013-08-13 20:02:52.826756410 +0000 -+++ systemd-208-mod/units/systemd-tmpfiles-clean.service.in 2014-02-21 13:34:56.456511025 +0000 -@@ -19,5 +19,6 @@ - - [Service] - Type=oneshot -+ExecStart=-@rootbindir@/systemd-tmpfiles-keep - ExecStart=@rootbindir@/systemd-tmpfiles --clean - IOSchedulingClass=idle diff --git a/1098-udev-link_setup-respect-kernel-name-assign-policy.patch b/1098-udev-link_setup-respect-kernel-name-assign-policy.patch index 622cf745..6772f650 100644 --- a/1098-udev-link_setup-respect-kernel-name-assign-policy.patch +++ b/1098-udev-link_setup-respect-kernel-name-assign-policy.patch @@ -17,9 +17,11 @@ claims to have named in a predictable way. src/udev/net/link-config.h | 1 5 files changed, 79 insertions(+), 11 deletions(-) ---- man/udev.xml -+++ man/udev.xml 2014-12-05 11:43:18.670867575 +0000 -@@ -914,10 +914,21 @@ +Index: man/udev.xml +=================================================================== +--- man/udev.xml.orig ++++ man/udev.xml +@@ -914,10 +914,12 @@ successful one is used. The name is not set directly, but is exported to udev as the property ID_NET_NAME, which is, by default, used by a udev rule to set @@ -29,28 +31,15 @@ claims to have named in a predictable way. + The available policies are: - -+ kernel -+ -+ If the kernel claims that the name it -+ has set for a device is predictable, then -+ no renaming is performed. -+ -+ -+ -+ +- ++ database The name is set based on entries in the Hardware ---- network/99-default.link -+++ network/99-default.link 2014-12-05 00:00:00.000000000 +0000 -@@ -1,3 +1,3 @@ - [Link] --NamePolicy=database onboard slot path -+NamePolicy=kernel database onboard slot path - MACAddressPolicy=persistent ---- src/shared/missing.h -+++ src/shared/missing.h 2014-12-05 11:33:06.120057836 +0000 +Index: src/shared/missing.h +=================================================================== +--- src/shared/missing.h.orig ++++ src/shared/missing.h @@ -362,3 +362,24 @@ static inline int setns(int fd, int nsty return syscall(__NR_setns, fd, nstype); } @@ -76,8 +65,10 @@ claims to have named in a predictable way. +# define NET_NAME_RENAMED 4 +#endif + ---- src/udev/net/link-config.c -+++ src/udev/net/link-config.c 2014-12-05 11:36:51.658018542 +0000 +Index: src/udev/net/link-config.c +=================================================================== +--- src/udev/net/link-config.c.orig ++++ src/udev/net/link-config.c @@ -20,10 +20,11 @@ ***/ @@ -91,64 +82,44 @@ claims to have named in a predictable way. #include "link-config.h" #include "ethtool-util.h" -@@ -297,7 +298,33 @@ static bool mac_is_random(struct udev_de +@@ -297,23 +298,30 @@ static bool mac_is_random(struct udev_de return false; /* check for NET_ADDR_RANDOM */ - return type == 1; + return type == NET_ADDR_RANDOM; -+} -+ -+static bool should_rename(struct udev_device *device, bool respect_predictable) { -+ const char *s; -+ unsigned type; -+ int r; -+ + } + +-static bool mac_is_permanent(struct udev_device *device) { ++static bool should_rename(struct udev_device *device) { + const char *s; + unsigned type; + int r; + +- s = udev_device_get_sysattr_value(device, "addr_assign_type"); + s = udev_device_get_sysattr_value(device, "name_assign_type"); -+ if (!s) + if (!s) +- return true; /* if we don't know, assume it is permanent */ + return true; /* if we don't know, assume we should rename */ -+ r = safe_atou(s, &type); -+ if (r < 0) -+ return true; -+ + r = safe_atou(s, &type); + if (r < 0) + return true; + +- /* check for NET_ADDR_PERM */ +- return type == 0; + switch (type) { + case NET_NAME_USER: + case NET_NAME_RENAMED: + return false; /* these were already named by userspace, do not touch again */ + case NET_NAME_PREDICTABLE: -+ if (respect_predictable) -+ return false; /* the kernel claims to have given a predictable name */ -+ /* fall through */ + case NET_NAME_ENUM: + default: + return true; /* the name is known to be bad, or of an unknown type */ + } } - static bool mac_is_permanent(struct udev_device *device) { -@@ -371,6 +398,7 @@ int link_config_apply(link_config_ctx *c - const char *new_name = NULL; - struct ether_addr generated_mac; - struct ether_addr *mac = NULL; -+ bool respect_predictable = false; - int r, ifindex; - - assert(ctx); -@@ -406,8 +434,12 @@ int link_config_apply(link_config_ctx *c - if (ctx->enable_name_policy && config->name_policy) { - NamePolicy *policy; - -- for (policy = config->name_policy; !new_name && *policy != _NAMEPOLICY_INVALID; policy++) { -+ for (policy = config->name_policy; !respect_predictable && !new_name && -+ *policy != _NAMEPOLICY_INVALID; policy++) { - switch (*policy) { -+ case NAMEPOLICY_KERNEL: -+ respect_predictable = true; -+ break; - case NAMEPOLICY_DATABASE: - new_name = udev_device_get_property_value(device, "ID_NET_NAME_FROM_DATABASE"); - break; -@@ -429,12 +461,14 @@ int link_config_apply(link_config_ctx *c + #define HASH_KEY SD_ID128_MAKE(d3,1e,48,fa,90,fe,4b,4c,9d,af,d5,d7,a1,b1,2e,8a) +@@ -429,16 +437,16 @@ int link_config_apply(link_config_ctx *c } } @@ -158,32 +129,26 @@ claims to have named in a predictable way. - *name = config->name; /* a name was set manually in the config */ - else - *name = NULL; -+ if (should_rename(device, respect_predictable)) { ++ if (should_rename(device)) { + if (!new_name) + /* if not set by policy, fall back manually set name */ + new_name = config->name; + } else + new_name = NULL; -+ -+ *name = new_name; switch (config->mac_policy) { case MACPOLICY_PERSISTENT: -@@ -500,6 +534,7 @@ DEFINE_STRING_TABLE_LOOKUP(mac_policy, M - DEFINE_CONFIG_PARSE_ENUM(config_parse_mac_policy, mac_policy, MACPolicy, "Failed to parse MAC address policy"); +- if (!mac_is_permanent(device)) { ++ if (mac_is_random(device)) { + r = get_mac(device, false, &generated_mac); + if (r == -ENOENT) + break; +@@ -467,6 +475,8 @@ int link_config_apply(link_config_ctx *c + return r; + } - static const char* const name_policy_table[] = { -+ [NAMEPOLICY_KERNEL] = "kernel", - [NAMEPOLICY_DATABASE] = "database", - [NAMEPOLICY_ONBOARD] = "onboard", - [NAMEPOLICY_SLOT] = "slot", ---- src/udev/net/link-config.h -+++ src/udev/net/link-config.h 2014-12-05 00:00:00.000000000 +0000 -@@ -39,6 +39,7 @@ typedef enum MACPolicy { - } MACPolicy; ++ *name = new_name; ++ + return 0; + } - typedef enum NamePolicy { -+ NAMEPOLICY_KERNEL, - NAMEPOLICY_DATABASE, - NAMEPOLICY_ONBOARD, - NAMEPOLICY_SLOT, diff --git a/systemd-add-user-keep.patch b/systemd-add-user-keep.patch new file mode 100644 index 00000000..c1c06ba5 --- /dev/null +++ b/systemd-add-user-keep.patch @@ -0,0 +1,78 @@ +diff -Naur systemd-210/man/tmpfiles.d.xml systemd-210.mod/man/tmpfiles.d.xml +--- systemd-210/man/tmpfiles.d.xml 2014-12-18 09:40:29.403629407 +0100 ++++ systemd-210.mod/man/tmpfiles.d.xml 2014-12-18 10:34:06.274130934 +0100 +@@ -435,8 +435,12 @@ + f, F, + and w may be used to + specify a short string that is written to the +- file, suffixed by a newline. Ignored for all +- other lines. ++ file, suffixed by a newline. ++ For x, X ++ a comma separated list of usernames. If given, ++ only paths belonging to these users will be ++ excluded during directory cleanup. ++ Ignored for all other lines. + + + +diff -Naur systemd-210/src/tmpfiles/tmpfiles.c systemd-210.mod/src/tmpfiles/tmpfiles.c +--- systemd-210/src/tmpfiles/tmpfiles.c 2014-12-18 09:40:29.342629177 +0100 ++++ systemd-210.mod/src/tmpfiles/tmpfiles.c 2014-12-18 11:58:16.686576974 +0100 +@@ -263,6 +263,7 @@ + struct timespec times[2]; + bool deleted = false; + int r = 0; ++ Item *found = NULL; + + while ((dent = readdir(d))) { + struct stat s; +@@ -306,11 +307,43 @@ + } + + /* Is there an item configured for this path? */ +- if (hashmap_get(items, sub_path)) +- continue; +- +- if (find_glob(globs, sub_path)) +- continue; ++ found = hashmap_get(items, sub_path); ++ ++ if (!found) ++ found = find_glob(globs, sub_path); ++ ++ if (found) { ++ /* evaluate username arguments in ignore statements */ ++ if (found->type == IGNORE_PATH || found->type == IGNORE_DIRECTORY_PATH) { ++ if (!found->argument) ++ continue; ++ else { ++ struct passwd *pw; ++ char *userfound = NULL, *args = strdup(found->argument); ++ bool match = false; ++ int uid = -1; ++ ++ while ((userfound = strsep(&args, ","))) { ++ pw = getpwnam(userfound); ++ ++ if (!pw) ++ log_error("Unknown user '%s' in ignore statement.", userfound); ++ else { ++ uid = pw->pw_uid; ++ if (s.st_uid == uid) { ++ match = true; ++ break; ++ } ++ } ++ } ++ if (match) { ++ found = NULL; ++ continue; ++ } ++ } ++ } else ++ continue; ++ } + + if (S_ISDIR(s.st_mode)) { + diff --git a/systemd-mini.changes b/systemd-mini.changes index 500446d3..f3cc341f 100644 --- a/systemd-mini.changes +++ b/systemd-mini.changes @@ -1,3 +1,47 @@ +------------------------------------------------------------------- +Thu Dec 18 13:47:36 UTC 2014 - werner@suse.de + +- Use Robert's latest patch + 1098-udev-link_setup-respect-kernel-name-assign-policy.patch + which drops NAMEPOLICY_KERNEL as this breaks all on current + systems out there + +------------------------------------------------------------------- +Wed Dec 17 14:57:42 UTC 2014 - thomas.blume@suse.com + +- remove 0022-systemd-tmpfiles-ownerkeep.patch since this is now + implemented into the systemd-tmpfiles binary +- add user based ignore statements in tmpfiles removal directives + (bnc#903009) + add systemd-add-user-keep.patch + +------------------------------------------------------------------- +Tue Dec 16 09:45:38 UTC 2014 - thomas.blume@suse.com + +- use --boot option in systemd-tmpfiles-setup-dev.service (bnc#908476) + add upstream patches: + 0001-units-tmpfiles-setup-dev-allow-unsafe-file-creation-.patch + 0002-man-tmpfiles.d-recommend-using-b-and-c.patch (adapted) + +------------------------------------------------------------------- +Tue Dec 16 08:59:08 UTC 2014 - werner@suse.de + +- Update patch + 1098-udev-link_setup-respect-kernel-name-assign-policy.patch + to Robert's version + +------------------------------------------------------------------- +Mon Dec 15 15:02:22 UTC 2014 - werner@suse.de + +- Add upstream patches + 0001-selinux-access-fix-broken-ternary-operator.patch + 0002-systemctl-show-BindsTo-BoundBy-in-list-dependencies.patch + 0003-cryptsetup-default-to-no-hash-when-keyfile-is-specif.patch + 0004-core-fix-transaction-destructiveness-check-once-more.patch +- Avoid old net devices naming scheme on openSUSE 13.2 and less + maybe caused by patch + 1098-udev-link_setup-respect-kernel-name-assign-policy.patch + ------------------------------------------------------------------- Thu Dec 11 09:32:31 UTC 2014 - thomas.blume@suse.com @@ -8,8 +52,8 @@ Thu Dec 11 09:32:31 UTC 2014 - thomas.blume@suse.com Fri Dec 5 12:51:15 UTC 2014 - werner@suse.de - Add upstream patch - 1098-udev-link_setup-respect-kernel-name-assign-policy.patch - which may solve bsc#907318 + 1098-udev-link_setup-respect-kernel-name-assign-policy.patch + which may solve bsc#907318 ------------------------------------------------------------------- Fri Dec 5 12:13:02 UTC 2014 - werner@suse.de @@ -17,7 +61,6 @@ Fri Dec 5 12:13:02 UTC 2014 - werner@suse.de - Add upstream patches 0001-units-make-sure-rfkill-service-is-bount-to-the-actua.patch 0002-rfkill-rework-how-we-generate-file-names-from-rfkill.patch - 1097-udev-link_setup-respect-kernel-name-assign-policy.patch ------------------------------------------------------------------- Fri Nov 28 13:26:21 UTC 2014 - rmilasan@suse.com diff --git a/systemd-mini.spec b/systemd-mini.spec index 865c9716..3bfaeabf 100644 --- a/systemd-mini.spec +++ b/systemd-mini.spec @@ -42,7 +42,6 @@ %bcond_with udevsettle %endif %bcond_with systemgrps -%{expand: %%global has_tmpkeep %(type -p systemd-tmpfiles-keep &>/dev/null && echo 1 || echo 0)} Name: systemd-mini Url: http://www.freedesktop.org/wiki/Software/systemd @@ -169,7 +168,7 @@ Requires(pre): /usr/bin/getent Requires(pre): /usr/sbin/groupadd Requires(post): /usr/bin/awk Requires(post): /usr/bin/getent -Requires(post): /usr/bin/setfacl +Requires(post): /usr/bin/setfacl Conflicts: filesystem < 11.5 Conflicts: mkinitrd < 2.7.0 Obsoletes: systemd-analyze < 201 @@ -396,8 +395,6 @@ Patch181: 0018-Make-LSB-Skripts-know-about-Required-and-Should.patch Patch182: 0019-make-completion-smart-to-be-able-to-redirect.patch # PATCH-FIX-SUSE 0001-add-network-device-after-NFS-mount-units.patch werner@suse.com Patch183: 0001-add-network-device-after-NFS-mount-units.patch -# PATCH-FIX-SUSE 0022-systemd-tmpfiles-ownerkeep.patch -Patch184: 0022-systemd-tmpfiles-ownerkeep.patch # PATCH-FIX-SUSE systemd-powerd-initctl-support.patch Patch185: systemd-powerd-initctl-support.patch # PATCH-FIX-SUSE systemctl-set-default-target.patch @@ -1050,6 +1047,21 @@ Patch511: 0001-units-make-sure-rfkill-service-is-bount-to-the-actua.patch Patch512: 0002-rfkill-rework-how-we-generate-file-names-from-rfkill.patch # PATCH-FIX-SUSE 513-nspawn-veth.patch (bnc#906709) Patch513: 513-nspawn-veth.patch +# PATCH-FIX-UPSTREAM added at 2014/12/15 +Patch514: 0001-selinux-access-fix-broken-ternary-operator.patch +# PATCH-FIX-UPSTREAM added at 2014/12/15 +Patch515: 0002-systemctl-show-BindsTo-BoundBy-in-list-dependencies.patch +# PATCH-FIX-UPSTREAM added at 2014/12/15 +Patch516: 0003-cryptsetup-default-to-no-hash-when-keyfile-is-specif.patch +# PATCH-FIX-UPSTREAM added at 2014/12/15 +Patch517: 0004-core-fix-transaction-destructiveness-check-once-more.patch +# PATCH-FIX-UPSTREAM added at 2014/12/16 +Patch518: 0001-units-tmpfiles-setup-dev-allow-unsafe-file-creation-.patch +# PATCH-FIX-UPSTREAM added at 2014/12/16 +Patch519: 0002-man-tmpfiles.d-recommend-using-b-and-c.patch +# PATCH-FIX-SUSE systemd-add-user-keep.patch (bnc#903009) +Patch520: systemd-add-user-keep.patch +# # UDEV PATCHES # ============ @@ -1593,9 +1605,6 @@ cp %{SOURCE7} m4/ %patch181 -p1 %patch182 -p1 %patch183 -p1 -%if 0%{?has_tmpkeep} -%patch184 -p1 -%endif %patch185 -p1 %patch186 -p1 %patch187 -p1 @@ -1925,6 +1934,13 @@ cp %{SOURCE7} m4/ %patch511 -p0 %patch512 -p0 %patch513 -p1 +%patch514 -p0 +%patch515 -p0 +%patch516 -p0 +%patch517 -p0 +%patch518 -p1 +%patch519 -p1 +%patch520 -p1 # udev patches %patch1001 -p1 diff --git a/systemd.changes b/systemd.changes index 500446d3..f3cc341f 100644 --- a/systemd.changes +++ b/systemd.changes @@ -1,3 +1,47 @@ +------------------------------------------------------------------- +Thu Dec 18 13:47:36 UTC 2014 - werner@suse.de + +- Use Robert's latest patch + 1098-udev-link_setup-respect-kernel-name-assign-policy.patch + which drops NAMEPOLICY_KERNEL as this breaks all on current + systems out there + +------------------------------------------------------------------- +Wed Dec 17 14:57:42 UTC 2014 - thomas.blume@suse.com + +- remove 0022-systemd-tmpfiles-ownerkeep.patch since this is now + implemented into the systemd-tmpfiles binary +- add user based ignore statements in tmpfiles removal directives + (bnc#903009) + add systemd-add-user-keep.patch + +------------------------------------------------------------------- +Tue Dec 16 09:45:38 UTC 2014 - thomas.blume@suse.com + +- use --boot option in systemd-tmpfiles-setup-dev.service (bnc#908476) + add upstream patches: + 0001-units-tmpfiles-setup-dev-allow-unsafe-file-creation-.patch + 0002-man-tmpfiles.d-recommend-using-b-and-c.patch (adapted) + +------------------------------------------------------------------- +Tue Dec 16 08:59:08 UTC 2014 - werner@suse.de + +- Update patch + 1098-udev-link_setup-respect-kernel-name-assign-policy.patch + to Robert's version + +------------------------------------------------------------------- +Mon Dec 15 15:02:22 UTC 2014 - werner@suse.de + +- Add upstream patches + 0001-selinux-access-fix-broken-ternary-operator.patch + 0002-systemctl-show-BindsTo-BoundBy-in-list-dependencies.patch + 0003-cryptsetup-default-to-no-hash-when-keyfile-is-specif.patch + 0004-core-fix-transaction-destructiveness-check-once-more.patch +- Avoid old net devices naming scheme on openSUSE 13.2 and less + maybe caused by patch + 1098-udev-link_setup-respect-kernel-name-assign-policy.patch + ------------------------------------------------------------------- Thu Dec 11 09:32:31 UTC 2014 - thomas.blume@suse.com @@ -8,8 +52,8 @@ Thu Dec 11 09:32:31 UTC 2014 - thomas.blume@suse.com Fri Dec 5 12:51:15 UTC 2014 - werner@suse.de - Add upstream patch - 1098-udev-link_setup-respect-kernel-name-assign-policy.patch - which may solve bsc#907318 + 1098-udev-link_setup-respect-kernel-name-assign-policy.patch + which may solve bsc#907318 ------------------------------------------------------------------- Fri Dec 5 12:13:02 UTC 2014 - werner@suse.de @@ -17,7 +61,6 @@ Fri Dec 5 12:13:02 UTC 2014 - werner@suse.de - Add upstream patches 0001-units-make-sure-rfkill-service-is-bount-to-the-actua.patch 0002-rfkill-rework-how-we-generate-file-names-from-rfkill.patch - 1097-udev-link_setup-respect-kernel-name-assign-policy.patch ------------------------------------------------------------------- Fri Nov 28 13:26:21 UTC 2014 - rmilasan@suse.com diff --git a/systemd.spec b/systemd.spec index 09e739dc..2107f0e3 100644 --- a/systemd.spec +++ b/systemd.spec @@ -40,7 +40,6 @@ %bcond_with udevsettle %endif %bcond_with systemgrps -%{expand: %%global has_tmpkeep %(type -p systemd-tmpfiles-keep &>/dev/null && echo 1 || echo 0)} Name: systemd Url: http://www.freedesktop.org/wiki/Software/systemd @@ -164,7 +163,7 @@ Requires(pre): /usr/bin/getent Requires(pre): /usr/sbin/groupadd Requires(post): /usr/bin/awk Requires(post): /usr/bin/getent -Requires(post): /usr/bin/setfacl +Requires(post): /usr/bin/setfacl Conflicts: filesystem < 11.5 Conflicts: mkinitrd < 2.7.0 Obsoletes: systemd-analyze < 201 @@ -391,8 +390,6 @@ Patch181: 0018-Make-LSB-Skripts-know-about-Required-and-Should.patch Patch182: 0019-make-completion-smart-to-be-able-to-redirect.patch # PATCH-FIX-SUSE 0001-add-network-device-after-NFS-mount-units.patch werner@suse.com Patch183: 0001-add-network-device-after-NFS-mount-units.patch -# PATCH-FIX-SUSE 0022-systemd-tmpfiles-ownerkeep.patch -Patch184: 0022-systemd-tmpfiles-ownerkeep.patch # PATCH-FIX-SUSE systemd-powerd-initctl-support.patch Patch185: systemd-powerd-initctl-support.patch # PATCH-FIX-SUSE systemctl-set-default-target.patch @@ -1045,6 +1042,21 @@ Patch511: 0001-units-make-sure-rfkill-service-is-bount-to-the-actua.patch Patch512: 0002-rfkill-rework-how-we-generate-file-names-from-rfkill.patch # PATCH-FIX-SUSE 513-nspawn-veth.patch (bnc#906709) Patch513: 513-nspawn-veth.patch +# PATCH-FIX-UPSTREAM added at 2014/12/15 +Patch514: 0001-selinux-access-fix-broken-ternary-operator.patch +# PATCH-FIX-UPSTREAM added at 2014/12/15 +Patch515: 0002-systemctl-show-BindsTo-BoundBy-in-list-dependencies.patch +# PATCH-FIX-UPSTREAM added at 2014/12/15 +Patch516: 0003-cryptsetup-default-to-no-hash-when-keyfile-is-specif.patch +# PATCH-FIX-UPSTREAM added at 2014/12/15 +Patch517: 0004-core-fix-transaction-destructiveness-check-once-more.patch +# PATCH-FIX-UPSTREAM added at 2014/12/16 +Patch518: 0001-units-tmpfiles-setup-dev-allow-unsafe-file-creation-.patch +# PATCH-FIX-UPSTREAM added at 2014/12/16 +Patch519: 0002-man-tmpfiles.d-recommend-using-b-and-c.patch +# PATCH-FIX-SUSE systemd-add-user-keep.patch (bnc#903009) +Patch520: systemd-add-user-keep.patch +# # UDEV PATCHES # ============ @@ -1588,9 +1600,6 @@ cp %{SOURCE7} m4/ %patch181 -p1 %patch182 -p1 %patch183 -p1 -%if 0%{?has_tmpkeep} -%patch184 -p1 -%endif %patch185 -p1 %patch186 -p1 %patch187 -p1 @@ -1920,6 +1929,13 @@ cp %{SOURCE7} m4/ %patch511 -p0 %patch512 -p0 %patch513 -p1 +%patch514 -p0 +%patch515 -p0 +%patch516 -p0 +%patch517 -p0 +%patch518 -p1 +%patch519 -p1 +%patch520 -p1 # udev patches %patch1001 -p1