add config

This commit is contained in:
eabdullin 2025-02-03 12:27:52 +03:00
commit 55245ce83d
2 changed files with 83 additions and 0 deletions

26
config.yaml Normal file
View File

@ -0,0 +1,26 @@
actions:
- replace:
- target: "spec"
find: "https://access.redhat.com/support"
replace: "https://wiki.almalinux.org/Help-and-Support"
count: 1
- target: "spec"
find: "mailto:secalert@redhat.com"
replace: "mailto:security@almalinux.org"
count: 1
- add_files:
- type: "patch"
name: "9000-core-reorder-systemd-arguments-on-reexec.patch"
number: 9000
- modify_release:
- suffix: ".alma.1"
enabled: true
- changelog_entry:
- name: "Andrew Lukoshko"
email: "alukoshko@almalinux.org"
line:
- "core: reorder systemd arguments on reexe"
- "Debrand for AlmaLinux"

View File

@ -0,0 +1,57 @@
From dcc55e1b0930c6db277e87b8a521e82f3d0f74c3 Mon Sep 17 00:00:00 2001
From: Andrew Lukoshko <alukoshko@almalinux.org>
Date: Thu, 17 Oct 2024 10:19:25 +0000
Subject: [PATCH] core: reorder systemd arguments on reexec
When reexecuting system let's put our arguments carrying deserialization
info first followed by any existing arguments to make sure they get
parsed in case we get weird stuff from the kernel cmdline (like --).
See: https://github.com/systemd/systemd/issues/28184
---
src/core/main.c | 6 +++++-
test/TEST-01-BASIC/test.sh | 5 +++++
2 files changed, 10 insertions(+), 1 deletion(-)
diff --git a/src/core/main.c b/src/core/main.c
index e7b8e98..6df29f3 100644
--- a/src/core/main.c
+++ b/src/core/main.c
@@ -1813,13 +1813,17 @@ static int do_reexecute(
xsprintf(sfd, "%i", fileno(arg_serialization));
i = 1; /* Leave args[0] empty for now. */
- filter_args(args, &i, argv, argc);
+ /* Put our stuff first to make sure it always gets parsed in case
+ * we get weird stuff from the kernel cmdline (like --) */
if (switch_root_dir)
args[i++] = "--switched-root";
args[i++] = arg_system ? "--system" : "--user";
args[i++] = "--deserialize";
args[i++] = sfd;
+
+ filter_args(args, &i, argv, argc);
+
args[i++] = NULL;
assert(i <= args_size);
diff --git a/test/TEST-01-BASIC/test.sh b/test/TEST-01-BASIC/test.sh
index cc6d065..d0e714a 100755
--- a/test/TEST-01-BASIC/test.sh
+++ b/test/TEST-01-BASIC/test.sh
@@ -8,6 +8,11 @@ RUN_IN_UNPRIVILEGED_CONTAINER=${RUN_IN_UNPRIVILEGED_CONTAINER:-yes}
TEST_REQUIRE_INSTALL_TESTS=0
TEST_SUPPORTING_SERVICES_SHOULD_BE_MASKED=0
+# Check if we can correctly deserialize if the kernel cmdline contains "weird" stuff
+# like an invalid argument, "end of arguments" separator, or a sysvinit argument (-z)
+# See: https://github.com/systemd/systemd/issues/28184
+KERNEL_APPEND="foo -- -z bar --- baz $KERNEL_APPEND"
+
# shellcheck source=test/test-functions
. "${TEST_BASE_DIR:?}/test-functions"
--
2.43.5