From 55245ce83db71f0dfced4872a7e885cafe9fe9a6 Mon Sep 17 00:00:00 2001 From: eabdullin Date: Mon, 3 Feb 2025 12:27:52 +0300 Subject: [PATCH] add config --- config.yaml | 26 +++++++++ ...-reorder-systemd-arguments-on-reexec.patch | 57 +++++++++++++++++++ 2 files changed, 83 insertions(+) create mode 100644 config.yaml create mode 100644 files/9000-core-reorder-systemd-arguments-on-reexec.patch diff --git a/config.yaml b/config.yaml new file mode 100644 index 0000000..8322ed3 --- /dev/null +++ b/config.yaml @@ -0,0 +1,26 @@ +actions: + - replace: + - target: "spec" + find: "https://access.redhat.com/support" + replace: "https://wiki.almalinux.org/Help-and-Support" + count: 1 + - target: "spec" + find: "mailto:secalert@redhat.com" + replace: "mailto:security@almalinux.org" + count: 1 + + - add_files: + - type: "patch" + name: "9000-core-reorder-systemd-arguments-on-reexec.patch" + number: 9000 + + - modify_release: + - suffix: ".alma.1" + enabled: true + + - changelog_entry: + - name: "Andrew Lukoshko" + email: "alukoshko@almalinux.org" + line: + - "core: reorder systemd arguments on reexe" + - "Debrand for AlmaLinux" diff --git a/files/9000-core-reorder-systemd-arguments-on-reexec.patch b/files/9000-core-reorder-systemd-arguments-on-reexec.patch new file mode 100644 index 0000000..8db7c01 --- /dev/null +++ b/files/9000-core-reorder-systemd-arguments-on-reexec.patch @@ -0,0 +1,57 @@ +From dcc55e1b0930c6db277e87b8a521e82f3d0f74c3 Mon Sep 17 00:00:00 2001 +From: Andrew Lukoshko +Date: Thu, 17 Oct 2024 10:19:25 +0000 +Subject: [PATCH] core: reorder systemd arguments on reexec + +When reexecuting system let's put our arguments carrying deserialization +info first followed by any existing arguments to make sure they get +parsed in case we get weird stuff from the kernel cmdline (like --). + +See: https://github.com/systemd/systemd/issues/28184 +--- + src/core/main.c | 6 +++++- + test/TEST-01-BASIC/test.sh | 5 +++++ + 2 files changed, 10 insertions(+), 1 deletion(-) + +diff --git a/src/core/main.c b/src/core/main.c +index e7b8e98..6df29f3 100644 +--- a/src/core/main.c ++++ b/src/core/main.c +@@ -1813,13 +1813,17 @@ static int do_reexecute( + xsprintf(sfd, "%i", fileno(arg_serialization)); + + i = 1; /* Leave args[0] empty for now. */ +- filter_args(args, &i, argv, argc); + ++ /* Put our stuff first to make sure it always gets parsed in case ++ * we get weird stuff from the kernel cmdline (like --) */ + if (switch_root_dir) + args[i++] = "--switched-root"; + args[i++] = arg_system ? "--system" : "--user"; + args[i++] = "--deserialize"; + args[i++] = sfd; ++ ++ filter_args(args, &i, argv, argc); ++ + args[i++] = NULL; + + assert(i <= args_size); +diff --git a/test/TEST-01-BASIC/test.sh b/test/TEST-01-BASIC/test.sh +index cc6d065..d0e714a 100755 +--- a/test/TEST-01-BASIC/test.sh ++++ b/test/TEST-01-BASIC/test.sh +@@ -8,6 +8,11 @@ RUN_IN_UNPRIVILEGED_CONTAINER=${RUN_IN_UNPRIVILEGED_CONTAINER:-yes} + TEST_REQUIRE_INSTALL_TESTS=0 + TEST_SUPPORTING_SERVICES_SHOULD_BE_MASKED=0 + ++# Check if we can correctly deserialize if the kernel cmdline contains "weird" stuff ++# like an invalid argument, "end of arguments" separator, or a sysvinit argument (-z) ++# See: https://github.com/systemd/systemd/issues/28184 ++KERNEL_APPEND="foo -- -z bar --- baz $KERNEL_APPEND" ++ + # shellcheck source=test/test-functions + . "${TEST_BASE_DIR:?}/test-functions" + +-- +2.43.5 +