import rtkit-0.11-28.el9

This commit is contained in:
CentOS Sources 2021-11-03 13:42:18 -04:00 committed by Stepan Oksanichenko
commit 745a84bf1e
10 changed files with 1505 additions and 0 deletions

1
.gitignore vendored Normal file
View File

@ -0,0 +1 @@
SOURCES/rtkit-0.11.tar.xz

1
.rtkit.metadata Normal file
View File

@ -0,0 +1 @@
dc4bcaa898ef3cadb6fff35dcce752bc9f64e435 SOURCES/rtkit-0.11.tar.xz

View File

@ -0,0 +1,22 @@
From ef090ee5a913f2c68e0fbed2600bfe38dfe55029 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= <zbyszek@in.waw.pl>
Date: Sun, 24 Jan 2021 21:12:22 +0100
Subject: [PATCH 1/2] Fix borked error check
---
rtkit-daemon.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/rtkit-daemon.c b/rtkit-daemon.c
index 3ecc1f7840..a15e84f8f5 100644
--- a/rtkit-daemon.c
+++ b/rtkit-daemon.c
@@ -1463,7 +1463,7 @@ static DBusHandlerResult dbus_handler(DBusConnection *c, DBusMessage *m, void *u
if (strcmp(interface, "org.freedesktop.RealtimeKit1") == 0) {
assert_se(r = dbus_message_new_method_return(m));
- if (!handle_dbus_prop_get(property, r) < 0) {
+ if (handle_dbus_prop_get(property, r) < 0) {
dbus_message_unref(r);
assert_se(r = dbus_message_new_error_printf(
m,

View File

@ -0,0 +1,48 @@
From f44c5776b25ca2abd7569fb8532c6aede9b0c6b0 Mon Sep 17 00:00:00 2001
From: Colin Walters <walters@verbum.org>
Date: Thu, 22 Aug 2013 16:05:22 -0400
Subject: [PATCH] [SECURITY] Pass uid of caller to polkit
Otherwise, we force polkit to look up the uid itself in /proc, which
is racy if they execve() a setuid binary.
---
rtkit-daemon.c | 11 ++++++++++-
1 files changed, 10 insertions(+), 1 deletions(-)
diff --git a/rtkit-daemon.c b/rtkit-daemon.c
index 2ebe673..3ecc1f7 100644
--- a/rtkit-daemon.c
+++ b/rtkit-daemon.c
@@ -1170,12 +1170,14 @@ static int verify_polkit(DBusConnection *c, struct rtkit_user *u, struct process
DBusMessage *m = NULL, *r = NULL;
const char *unix_process = "unix-process";
const char *pid = "pid";
+ const char *uid = "uid";
const char *start_time = "start-time";
const char *cancel_id = "";
uint32_t flags = 0;
uint32_t pid_u32 = p->pid;
- uint64_t start_time_u64 = p->starttime;
+ uint32_t uid_u32 = (uint32_t)u->uid;
DBusMessageIter iter_msg, iter_struct, iter_array, iter_dict, iter_variant;
+ uint64_t start_time_u64 = p->starttime;
int ret;
dbus_bool_t authorized = FALSE;
@@ -1206,6 +1208,13 @@ static int verify_polkit(DBusConnection *c, struct rtkit_user *u, struct process
assert_se(dbus_message_iter_close_container(&iter_dict, &iter_variant));
assert_se(dbus_message_iter_close_container(&iter_array, &iter_dict));
+ assert_se(dbus_message_iter_open_container(&iter_array, DBUS_TYPE_DICT_ENTRY, NULL, &iter_dict));
+ assert_se(dbus_message_iter_append_basic(&iter_dict, DBUS_TYPE_STRING, &uid));
+ assert_se(dbus_message_iter_open_container(&iter_dict, DBUS_TYPE_VARIANT, "u", &iter_variant));
+ assert_se(dbus_message_iter_append_basic(&iter_variant, DBUS_TYPE_UINT32, &uid_u32));
+ assert_se(dbus_message_iter_close_container(&iter_dict, &iter_variant));
+ assert_se(dbus_message_iter_close_container(&iter_array, &iter_dict));
+
assert_se(dbus_message_iter_close_container(&iter_struct, &iter_array));
assert_se(dbus_message_iter_close_container(&iter_msg, &iter_struct));
--
1.7.1

View File

@ -0,0 +1,306 @@
From 8c902327f91616af5e87fd2a6d4b7ea38bb3aa32 Mon Sep 17 00:00:00 2001
From: Lennart Poettering <lennart@poettering.net>
Date: Thu, 26 Sep 2013 21:53:49 +0200
Subject: [PATCH] systemd: update sd-daemon.[ch]
---
sd-daemon.c | 100 +++++++++++++++++++++++-----------------------------
sd-daemon.h | 14 ++++----
2 files changed, 52 insertions(+), 62 deletions(-)
diff --git a/sd-daemon.c b/sd-daemon.c
index 763e079b4e..485b301023 100644
--- a/sd-daemon.c
+++ b/sd-daemon.c
@@ -25,18 +25,14 @@
***/
#ifndef _GNU_SOURCE
-#define _GNU_SOURCE
+# define _GNU_SOURCE
#endif
#include <sys/types.h>
#include <sys/stat.h>
#include <sys/socket.h>
#include <sys/un.h>
-#ifdef __BIONIC__
-#include <linux/fcntl.h>
-#else
-#include <sys/fcntl.h>
-#endif
+#include <fcntl.h>
#include <netinet/in.h>
#include <stdlib.h>
#include <errno.h>
@@ -47,22 +43,22 @@
#include <stddef.h>
#include <limits.h>
-#if defined(__linux__)
-#include <mqueue.h>
+#if defined(__linux__) && !defined(SD_DAEMON_DISABLE_MQ)
+# include <mqueue.h>
#endif
#include "sd-daemon.h"
#if (__GNUC__ >= 4)
-#ifdef SD_EXPORT_SYMBOLS
+# ifdef SD_EXPORT_SYMBOLS
/* Export symbols */
-#define _sd_export_ __attribute__ ((visibility("default")))
-#else
+# define _sd_export_ __attribute__ ((visibility("default")))
+# else
/* Don't export the symbols */
-#define _sd_export_ __attribute__ ((visibility("hidden")))
-#endif
+# define _sd_export_ __attribute__ ((visibility("hidden")))
+# endif
#else
-#define _sd_export_
+# define _sd_export_
#endif
_sd_export_ int sd_listen_fds(int unset_environment) {
@@ -75,7 +71,8 @@ _sd_export_ int sd_listen_fds(int unset_environment) {
char *p = NULL;
unsigned long l;
- if (!(e = getenv("LISTEN_PID"))) {
+ e = getenv("LISTEN_PID");
+ if (!e) {
r = 0;
goto finish;
}
@@ -83,12 +80,12 @@ _sd_export_ int sd_listen_fds(int unset_environment) {
errno = 0;
l = strtoul(e, &p, 10);
- if (errno != 0) {
+ if (errno > 0) {
r = -errno;
goto finish;
}
- if (!p || *p || l <= 0) {
+ if (!p || p == e || *p || l <= 0) {
r = -EINVAL;
goto finish;
}
@@ -99,7 +96,8 @@ _sd_export_ int sd_listen_fds(int unset_environment) {
goto finish;
}
- if (!(e = getenv("LISTEN_FDS"))) {
+ e = getenv("LISTEN_FDS");
+ if (!e) {
r = 0;
goto finish;
}
@@ -107,12 +105,12 @@ _sd_export_ int sd_listen_fds(int unset_environment) {
errno = 0;
l = strtoul(e, &p, 10);
- if (errno != 0) {
+ if (errno > 0) {
r = -errno;
goto finish;
}
- if (!p || *p) {
+ if (!p || p == e || *p) {
r = -EINVAL;
goto finish;
}
@@ -120,7 +118,8 @@ _sd_export_ int sd_listen_fds(int unset_environment) {
for (fd = SD_LISTEN_FDS_START; fd < SD_LISTEN_FDS_START + (int) l; fd ++) {
int flags;
- if ((flags = fcntl(fd, F_GETFD)) < 0) {
+ flags = fcntl(fd, F_GETFD);
+ if (flags < 0) {
r = -errno;
goto finish;
}
@@ -152,7 +151,6 @@ _sd_export_ int sd_is_fifo(int fd, const char *path) {
if (fd < 0)
return -EINVAL;
- memset(&st_fd, 0, sizeof(st_fd));
if (fstat(fd, &st_fd) < 0)
return -errno;
@@ -162,7 +160,6 @@ _sd_export_ int sd_is_fifo(int fd, const char *path) {
if (path) {
struct stat st_path;
- memset(&st_path, 0, sizeof(st_path));
if (stat(path, &st_path) < 0) {
if (errno == ENOENT || errno == ENOTDIR)
@@ -272,15 +269,13 @@ _sd_export_ int sd_is_socket(int fd, int family, int type, int listening) {
if (family < 0)
return -EINVAL;
- if ((r = sd_is_socket_internal(fd, type, listening)) <= 0)
+ r = sd_is_socket_internal(fd, type, listening);
+ if (r <= 0)
return r;
if (family > 0) {
- union sockaddr_union sockaddr;
- socklen_t l;
-
- memset(&sockaddr, 0, sizeof(sockaddr));
- l = sizeof(sockaddr);
+ union sockaddr_union sockaddr = {};
+ socklen_t l = sizeof(sockaddr);
if (getsockname(fd, &sockaddr.sa, &l) < 0)
return -errno;
@@ -295,19 +290,17 @@ _sd_export_ int sd_is_socket(int fd, int family, int type, int listening) {
}
_sd_export_ int sd_is_socket_inet(int fd, int family, int type, int listening, uint16_t port) {
- union sockaddr_union sockaddr;
- socklen_t l;
+ union sockaddr_union sockaddr = {};
+ socklen_t l = sizeof(sockaddr);
int r;
if (family != 0 && family != AF_INET && family != AF_INET6)
return -EINVAL;
- if ((r = sd_is_socket_internal(fd, type, listening)) <= 0)
+ r = sd_is_socket_internal(fd, type, listening);
+ if (r <= 0)
return r;
- memset(&sockaddr, 0, sizeof(sockaddr));
- l = sizeof(sockaddr);
-
if (getsockname(fd, &sockaddr.sa, &l) < 0)
return -errno;
@@ -340,16 +333,14 @@ _sd_export_ int sd_is_socket_inet(int fd, int family, int type, int listening, u
}
_sd_export_ int sd_is_socket_unix(int fd, int type, int listening, const char *path, size_t length) {
- union sockaddr_union sockaddr;
- socklen_t l;
+ union sockaddr_union sockaddr = {};
+ socklen_t l = sizeof(sockaddr);
int r;
- if ((r = sd_is_socket_internal(fd, type, listening)) <= 0)
+ r = sd_is_socket_internal(fd, type, listening);
+ if (r <= 0)
return r;
- memset(&sockaddr, 0, sizeof(sockaddr));
- l = sizeof(sockaddr);
-
if (getsockname(fd, &sockaddr.sa, &l) < 0)
return -errno;
@@ -360,10 +351,10 @@ _sd_export_ int sd_is_socket_unix(int fd, int type, int listening, const char *p
return 0;
if (path) {
- if (length <= 0)
+ if (length == 0)
length = strlen(path);
- if (length <= 0)
+ if (length == 0)
/* Unnamed socket */
return l == offsetof(struct sockaddr_un, sun_path);
@@ -383,7 +374,7 @@ _sd_export_ int sd_is_socket_unix(int fd, int type, int listening, const char *p
}
_sd_export_ int sd_is_mq(int fd, const char *path) {
-#if !defined(__linux__)
+#if !defined(__linux__) || defined(SD_DAEMON_DISABLE_MQ)
return 0;
#else
struct mq_attr attr;
@@ -434,7 +425,8 @@ _sd_export_ int sd_notify(int unset_environment, const char *state) {
goto finish;
}
- if (!(e = getenv("NOTIFY_SOCKET")))
+ e = getenv("NOTIFY_SOCKET");
+ if (!e)
return 0;
/* Must be an abstract socket, or an absolute path */
@@ -443,7 +435,8 @@ _sd_export_ int sd_notify(int unset_environment, const char *state) {
goto finish;
}
- if ((fd = socket(AF_UNIX, SOCK_DGRAM|SOCK_CLOEXEC, 0)) < 0) {
+ fd = socket(AF_UNIX, SOCK_DGRAM|SOCK_CLOEXEC, 0);
+ if (fd < 0) {
r = -errno;
goto finish;
}
@@ -513,18 +506,15 @@ _sd_export_ int sd_booted(void) {
#if defined(DISABLE_SYSTEMD) || !defined(__linux__)
return 0;
#else
+ struct stat st;
- struct stat a, b;
+ /* We test whether the runtime unit file directory has been
+ * created. This takes place in mount-setup.c, so is
+ * guaranteed to happen very early during boot. */
- /* We simply test whether the systemd cgroup hierarchy is
- * mounted */
-
- if (lstat("/sys/fs/cgroup", &a) < 0)
- return 0;
-
- if (lstat("/sys/fs/cgroup/systemd", &b) < 0)
+ if (lstat("/run/systemd/system/", &st) < 0)
return 0;
- return a.st_dev != b.st_dev;
+ return !!S_ISDIR(st.st_mode);
#endif
}
diff --git a/sd-daemon.h b/sd-daemon.h
index fe51159ee6..daa3f4c857 100644
--- a/sd-daemon.h
+++ b/sd-daemon.h
@@ -59,20 +59,20 @@ extern "C" {
You may find an up-to-date version of these source files online:
http://cgit.freedesktop.org/systemd/systemd/plain/src/systemd/sd-daemon.h
- http://cgit.freedesktop.org/systemd/systemd/plain/src/sd-daemon.c
+ http://cgit.freedesktop.org/systemd/systemd/plain/src/libsystemd-daemon/sd-daemon.c
This should compile on non-Linux systems, too, but with the
exception of the sd_is_xxx() calls all functions will become NOPs.
- See sd-daemon(7) for more information.
+ See sd-daemon(3) for more information.
*/
#ifndef _sd_printf_attr_
-#if __GNUC__ >= 4
-#define _sd_printf_attr_(a,b) __attribute__ ((format (printf, a, b)))
-#else
-#define _sd_printf_attr_(a,b)
-#endif
+# if __GNUC__ >= 4
+# define _sd_printf_attr_(a,b) __attribute__ ((format (printf, a, b)))
+# else
+# define _sd_printf_attr_(a,b)
+# endif
#endif
/*

View File

@ -0,0 +1,870 @@
From f5c88312c3fc5b7dc944eb36c2b8c62a44b78798 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= <zbyszek@in.waw.pl>
Date: Sun, 24 Jan 2021 21:19:51 +0100
Subject: [PATCH 2/2] Remove bundled copy of sd-daemon.[ch]
Let's just use the system version.
---
Makefile.am | 10 +-
rtkit-daemon.c | 2 +-
sd-daemon.c | 520 -------------------------------------------------
sd-daemon.h | 282 ---------------------------
4 files changed, 4 insertions(+), 810 deletions(-)
delete mode 100644 sd-daemon.c
delete mode 100644 sd-daemon.h
diff --git a/Makefile.am b/Makefile.am
index febc35535d..2217a80b3c 100644
--- a/Makefile.am
+++ b/Makefile.am
@@ -56,10 +56,10 @@ systemdsystemunit_DATA = \
endif
rtkit_daemon_SOURCES = \
- rtkit-daemon.c rtkit.h \
- sd-daemon.c sd-daemon.h
+ rtkit-daemon.c rtkit.h
rtkit_daemon_LDADD = \
- $(DBUS_LIBS)
+ $(DBUS_LIBS) \
+ -lsystemd
rtkit_daemon_CFLAGS = \
$(AM_CFLAGS) \
$(DBUS_CFLAGS)
@@ -93,7 +93,3 @@ EXTRA_DIST += \
DISTCHECK_CONFIGURE_FLAGS = \
--with-systemdsystemunitdir=$$dc_install_base/$(systemdsystemunitdir)
-
-update-systemd:
- curl http://cgit.freedesktop.org/systemd/systemd/plain/src/libsystemd-daemon/sd-daemon.c > sd-daemon.c
- curl http://cgit.freedesktop.org/systemd/systemd/plain/src/systemd/sd-daemon.h > sd-daemon.h
diff --git a/rtkit-daemon.c b/rtkit-daemon.c
index a15e84f8f5..fdff7f63dc 100644
--- a/rtkit-daemon.c
+++ b/rtkit-daemon.c
@@ -50,9 +50,9 @@
#include <dirent.h>
#include <syslog.h>
#include <grp.h>
+#include <systemd/sd-daemon.h>
#include "rtkit.h"
-#include "sd-daemon.h"
#ifndef __linux__
#error "This stuff only works on Linux!"
diff --git a/sd-daemon.c b/sd-daemon.c
deleted file mode 100644
index 485b301023..0000000000
--- a/sd-daemon.c
+++ /dev/null
@@ -1,520 +0,0 @@
-/*-*- Mode: C; c-basic-offset: 8; indent-tabs-mode: nil -*-*/
-
-/***
- Copyright 2010 Lennart Poettering
-
- Permission is hereby granted, free of charge, to any person
- obtaining a copy of this software and associated documentation files
- (the "Software"), to deal in the Software without restriction,
- including without limitation the rights to use, copy, modify, merge,
- publish, distribute, sublicense, and/or sell copies of the Software,
- and to permit persons to whom the Software is furnished to do so,
- subject to the following conditions:
-
- The above copyright notice and this permission notice shall be
- included in all copies or substantial portions of the Software.
-
- THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
- EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
- MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
- NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS
- BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN
- ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
- CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
- SOFTWARE.
-***/
-
-#ifndef _GNU_SOURCE
-# define _GNU_SOURCE
-#endif
-
-#include <sys/types.h>
-#include <sys/stat.h>
-#include <sys/socket.h>
-#include <sys/un.h>
-#include <fcntl.h>
-#include <netinet/in.h>
-#include <stdlib.h>
-#include <errno.h>
-#include <unistd.h>
-#include <string.h>
-#include <stdarg.h>
-#include <stdio.h>
-#include <stddef.h>
-#include <limits.h>
-
-#if defined(__linux__) && !defined(SD_DAEMON_DISABLE_MQ)
-# include <mqueue.h>
-#endif
-
-#include "sd-daemon.h"
-
-#if (__GNUC__ >= 4)
-# ifdef SD_EXPORT_SYMBOLS
-/* Export symbols */
-# define _sd_export_ __attribute__ ((visibility("default")))
-# else
-/* Don't export the symbols */
-# define _sd_export_ __attribute__ ((visibility("hidden")))
-# endif
-#else
-# define _sd_export_
-#endif
-
-_sd_export_ int sd_listen_fds(int unset_environment) {
-
-#if defined(DISABLE_SYSTEMD) || !defined(__linux__)
- return 0;
-#else
- int r, fd;
- const char *e;
- char *p = NULL;
- unsigned long l;
-
- e = getenv("LISTEN_PID");
- if (!e) {
- r = 0;
- goto finish;
- }
-
- errno = 0;
- l = strtoul(e, &p, 10);
-
- if (errno > 0) {
- r = -errno;
- goto finish;
- }
-
- if (!p || p == e || *p || l <= 0) {
- r = -EINVAL;
- goto finish;
- }
-
- /* Is this for us? */
- if (getpid() != (pid_t) l) {
- r = 0;
- goto finish;
- }
-
- e = getenv("LISTEN_FDS");
- if (!e) {
- r = 0;
- goto finish;
- }
-
- errno = 0;
- l = strtoul(e, &p, 10);
-
- if (errno > 0) {
- r = -errno;
- goto finish;
- }
-
- if (!p || p == e || *p) {
- r = -EINVAL;
- goto finish;
- }
-
- for (fd = SD_LISTEN_FDS_START; fd < SD_LISTEN_FDS_START + (int) l; fd ++) {
- int flags;
-
- flags = fcntl(fd, F_GETFD);
- if (flags < 0) {
- r = -errno;
- goto finish;
- }
-
- if (flags & FD_CLOEXEC)
- continue;
-
- if (fcntl(fd, F_SETFD, flags | FD_CLOEXEC) < 0) {
- r = -errno;
- goto finish;
- }
- }
-
- r = (int) l;
-
-finish:
- if (unset_environment) {
- unsetenv("LISTEN_PID");
- unsetenv("LISTEN_FDS");
- }
-
- return r;
-#endif
-}
-
-_sd_export_ int sd_is_fifo(int fd, const char *path) {
- struct stat st_fd;
-
- if (fd < 0)
- return -EINVAL;
-
- if (fstat(fd, &st_fd) < 0)
- return -errno;
-
- if (!S_ISFIFO(st_fd.st_mode))
- return 0;
-
- if (path) {
- struct stat st_path;
-
- if (stat(path, &st_path) < 0) {
-
- if (errno == ENOENT || errno == ENOTDIR)
- return 0;
-
- return -errno;
- }
-
- return
- st_path.st_dev == st_fd.st_dev &&
- st_path.st_ino == st_fd.st_ino;
- }
-
- return 1;
-}
-
-_sd_export_ int sd_is_special(int fd, const char *path) {
- struct stat st_fd;
-
- if (fd < 0)
- return -EINVAL;
-
- if (fstat(fd, &st_fd) < 0)
- return -errno;
-
- if (!S_ISREG(st_fd.st_mode) && !S_ISCHR(st_fd.st_mode))
- return 0;
-
- if (path) {
- struct stat st_path;
-
- if (stat(path, &st_path) < 0) {
-
- if (errno == ENOENT || errno == ENOTDIR)
- return 0;
-
- return -errno;
- }
-
- if (S_ISREG(st_fd.st_mode) && S_ISREG(st_path.st_mode))
- return
- st_path.st_dev == st_fd.st_dev &&
- st_path.st_ino == st_fd.st_ino;
- else if (S_ISCHR(st_fd.st_mode) && S_ISCHR(st_path.st_mode))
- return st_path.st_rdev == st_fd.st_rdev;
- else
- return 0;
- }
-
- return 1;
-}
-
-static int sd_is_socket_internal(int fd, int type, int listening) {
- struct stat st_fd;
-
- if (fd < 0 || type < 0)
- return -EINVAL;
-
- if (fstat(fd, &st_fd) < 0)
- return -errno;
-
- if (!S_ISSOCK(st_fd.st_mode))
- return 0;
-
- if (type != 0) {
- int other_type = 0;
- socklen_t l = sizeof(other_type);
-
- if (getsockopt(fd, SOL_SOCKET, SO_TYPE, &other_type, &l) < 0)
- return -errno;
-
- if (l != sizeof(other_type))
- return -EINVAL;
-
- if (other_type != type)
- return 0;
- }
-
- if (listening >= 0) {
- int accepting = 0;
- socklen_t l = sizeof(accepting);
-
- if (getsockopt(fd, SOL_SOCKET, SO_ACCEPTCONN, &accepting, &l) < 0)
- return -errno;
-
- if (l != sizeof(accepting))
- return -EINVAL;
-
- if (!accepting != !listening)
- return 0;
- }
-
- return 1;
-}
-
-union sockaddr_union {
- struct sockaddr sa;
- struct sockaddr_in in4;
- struct sockaddr_in6 in6;
- struct sockaddr_un un;
- struct sockaddr_storage storage;
-};
-
-_sd_export_ int sd_is_socket(int fd, int family, int type, int listening) {
- int r;
-
- if (family < 0)
- return -EINVAL;
-
- r = sd_is_socket_internal(fd, type, listening);
- if (r <= 0)
- return r;
-
- if (family > 0) {
- union sockaddr_union sockaddr = {};
- socklen_t l = sizeof(sockaddr);
-
- if (getsockname(fd, &sockaddr.sa, &l) < 0)
- return -errno;
-
- if (l < sizeof(sa_family_t))
- return -EINVAL;
-
- return sockaddr.sa.sa_family == family;
- }
-
- return 1;
-}
-
-_sd_export_ int sd_is_socket_inet(int fd, int family, int type, int listening, uint16_t port) {
- union sockaddr_union sockaddr = {};
- socklen_t l = sizeof(sockaddr);
- int r;
-
- if (family != 0 && family != AF_INET && family != AF_INET6)
- return -EINVAL;
-
- r = sd_is_socket_internal(fd, type, listening);
- if (r <= 0)
- return r;
-
- if (getsockname(fd, &sockaddr.sa, &l) < 0)
- return -errno;
-
- if (l < sizeof(sa_family_t))
- return -EINVAL;
-
- if (sockaddr.sa.sa_family != AF_INET &&
- sockaddr.sa.sa_family != AF_INET6)
- return 0;
-
- if (family > 0)
- if (sockaddr.sa.sa_family != family)
- return 0;
-
- if (port > 0) {
- if (sockaddr.sa.sa_family == AF_INET) {
- if (l < sizeof(struct sockaddr_in))
- return -EINVAL;
-
- return htons(port) == sockaddr.in4.sin_port;
- } else {
- if (l < sizeof(struct sockaddr_in6))
- return -EINVAL;
-
- return htons(port) == sockaddr.in6.sin6_port;
- }
- }
-
- return 1;
-}
-
-_sd_export_ int sd_is_socket_unix(int fd, int type, int listening, const char *path, size_t length) {
- union sockaddr_union sockaddr = {};
- socklen_t l = sizeof(sockaddr);
- int r;
-
- r = sd_is_socket_internal(fd, type, listening);
- if (r <= 0)
- return r;
-
- if (getsockname(fd, &sockaddr.sa, &l) < 0)
- return -errno;
-
- if (l < sizeof(sa_family_t))
- return -EINVAL;
-
- if (sockaddr.sa.sa_family != AF_UNIX)
- return 0;
-
- if (path) {
- if (length == 0)
- length = strlen(path);
-
- if (length == 0)
- /* Unnamed socket */
- return l == offsetof(struct sockaddr_un, sun_path);
-
- if (path[0])
- /* Normal path socket */
- return
- (l >= offsetof(struct sockaddr_un, sun_path) + length + 1) &&
- memcmp(path, sockaddr.un.sun_path, length+1) == 0;
- else
- /* Abstract namespace socket */
- return
- (l == offsetof(struct sockaddr_un, sun_path) + length) &&
- memcmp(path, sockaddr.un.sun_path, length) == 0;
- }
-
- return 1;
-}
-
-_sd_export_ int sd_is_mq(int fd, const char *path) {
-#if !defined(__linux__) || defined(SD_DAEMON_DISABLE_MQ)
- return 0;
-#else
- struct mq_attr attr;
-
- if (fd < 0)
- return -EINVAL;
-
- if (mq_getattr(fd, &attr) < 0)
- return -errno;
-
- if (path) {
- char fpath[PATH_MAX];
- struct stat a, b;
-
- if (path[0] != '/')
- return -EINVAL;
-
- if (fstat(fd, &a) < 0)
- return -errno;
-
- strncpy(stpcpy(fpath, "/dev/mqueue"), path, sizeof(fpath) - 12);
- fpath[sizeof(fpath)-1] = 0;
-
- if (stat(fpath, &b) < 0)
- return -errno;
-
- if (a.st_dev != b.st_dev ||
- a.st_ino != b.st_ino)
- return 0;
- }
-
- return 1;
-#endif
-}
-
-_sd_export_ int sd_notify(int unset_environment, const char *state) {
-#if defined(DISABLE_SYSTEMD) || !defined(__linux__) || !defined(SOCK_CLOEXEC)
- return 0;
-#else
- int fd = -1, r;
- struct msghdr msghdr;
- struct iovec iovec;
- union sockaddr_union sockaddr;
- const char *e;
-
- if (!state) {
- r = -EINVAL;
- goto finish;
- }
-
- e = getenv("NOTIFY_SOCKET");
- if (!e)
- return 0;
-
- /* Must be an abstract socket, or an absolute path */
- if ((e[0] != '@' && e[0] != '/') || e[1] == 0) {
- r = -EINVAL;
- goto finish;
- }
-
- fd = socket(AF_UNIX, SOCK_DGRAM|SOCK_CLOEXEC, 0);
- if (fd < 0) {
- r = -errno;
- goto finish;
- }
-
- memset(&sockaddr, 0, sizeof(sockaddr));
- sockaddr.sa.sa_family = AF_UNIX;
- strncpy(sockaddr.un.sun_path, e, sizeof(sockaddr.un.sun_path));
-
- if (sockaddr.un.sun_path[0] == '@')
- sockaddr.un.sun_path[0] = 0;
-
- memset(&iovec, 0, sizeof(iovec));
- iovec.iov_base = (char*) state;
- iovec.iov_len = strlen(state);
-
- memset(&msghdr, 0, sizeof(msghdr));
- msghdr.msg_name = &sockaddr;
- msghdr.msg_namelen = offsetof(struct sockaddr_un, sun_path) + strlen(e);
-
- if (msghdr.msg_namelen > sizeof(struct sockaddr_un))
- msghdr.msg_namelen = sizeof(struct sockaddr_un);
-
- msghdr.msg_iov = &iovec;
- msghdr.msg_iovlen = 1;
-
- if (sendmsg(fd, &msghdr, MSG_NOSIGNAL) < 0) {
- r = -errno;
- goto finish;
- }
-
- r = 1;
-
-finish:
- if (unset_environment)
- unsetenv("NOTIFY_SOCKET");
-
- if (fd >= 0)
- close(fd);
-
- return r;
-#endif
-}
-
-_sd_export_ int sd_notifyf(int unset_environment, const char *format, ...) {
-#if defined(DISABLE_SYSTEMD) || !defined(__linux__)
- return 0;
-#else
- va_list ap;
- char *p = NULL;
- int r;
-
- va_start(ap, format);
- r = vasprintf(&p, format, ap);
- va_end(ap);
-
- if (r < 0 || !p)
- return -ENOMEM;
-
- r = sd_notify(unset_environment, p);
- free(p);
-
- return r;
-#endif
-}
-
-_sd_export_ int sd_booted(void) {
-#if defined(DISABLE_SYSTEMD) || !defined(__linux__)
- return 0;
-#else
- struct stat st;
-
- /* We test whether the runtime unit file directory has been
- * created. This takes place in mount-setup.c, so is
- * guaranteed to happen very early during boot. */
-
- if (lstat("/run/systemd/system/", &st) < 0)
- return 0;
-
- return !!S_ISDIR(st.st_mode);
-#endif
-}
diff --git a/sd-daemon.h b/sd-daemon.h
deleted file mode 100644
index daa3f4c857..0000000000
--- a/sd-daemon.h
+++ /dev/null
@@ -1,282 +0,0 @@
-/*-*- Mode: C; c-basic-offset: 8; indent-tabs-mode: nil -*-*/
-
-#ifndef foosddaemonhfoo
-#define foosddaemonhfoo
-
-/***
- Copyright 2010 Lennart Poettering
-
- Permission is hereby granted, free of charge, to any person
- obtaining a copy of this software and associated documentation files
- (the "Software"), to deal in the Software without restriction,
- including without limitation the rights to use, copy, modify, merge,
- publish, distribute, sublicense, and/or sell copies of the Software,
- and to permit persons to whom the Software is furnished to do so,
- subject to the following conditions:
-
- The above copyright notice and this permission notice shall be
- included in all copies or substantial portions of the Software.
-
- THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
- EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
- MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
- NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS
- BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN
- ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
- CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
- SOFTWARE.
-***/
-
-#include <sys/types.h>
-#include <inttypes.h>
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-/*
- Reference implementation of a few systemd related interfaces for
- writing daemons. These interfaces are trivial to implement. To
- simplify porting we provide this reference implementation.
- Applications are welcome to reimplement the algorithms described
- here if they do not want to include these two source files.
-
- The following functionality is provided:
-
- - Support for logging with log levels on stderr
- - File descriptor passing for socket-based activation
- - Daemon startup and status notification
- - Detection of systemd boots
-
- You may compile this with -DDISABLE_SYSTEMD to disable systemd
- support. This makes all those calls NOPs that are directly related to
- systemd (i.e. only sd_is_xxx() will stay useful).
-
- Since this is drop-in code we don't want any of our symbols to be
- exported in any case. Hence we declare hidden visibility for all of
- them.
-
- You may find an up-to-date version of these source files online:
-
- http://cgit.freedesktop.org/systemd/systemd/plain/src/systemd/sd-daemon.h
- http://cgit.freedesktop.org/systemd/systemd/plain/src/libsystemd-daemon/sd-daemon.c
-
- This should compile on non-Linux systems, too, but with the
- exception of the sd_is_xxx() calls all functions will become NOPs.
-
- See sd-daemon(3) for more information.
-*/
-
-#ifndef _sd_printf_attr_
-# if __GNUC__ >= 4
-# define _sd_printf_attr_(a,b) __attribute__ ((format (printf, a, b)))
-# else
-# define _sd_printf_attr_(a,b)
-# endif
-#endif
-
-/*
- Log levels for usage on stderr:
-
- fprintf(stderr, SD_NOTICE "Hello World!\n");
-
- This is similar to printk() usage in the kernel.
-*/
-#define SD_EMERG "<0>" /* system is unusable */
-#define SD_ALERT "<1>" /* action must be taken immediately */
-#define SD_CRIT "<2>" /* critical conditions */
-#define SD_ERR "<3>" /* error conditions */
-#define SD_WARNING "<4>" /* warning conditions */
-#define SD_NOTICE "<5>" /* normal but significant condition */
-#define SD_INFO "<6>" /* informational */
-#define SD_DEBUG "<7>" /* debug-level messages */
-
-/* The first passed file descriptor is fd 3 */
-#define SD_LISTEN_FDS_START 3
-
-/*
- Returns how many file descriptors have been passed, or a negative
- errno code on failure. Optionally, removes the $LISTEN_FDS and
- $LISTEN_PID file descriptors from the environment (recommended, but
- problematic in threaded environments). If r is the return value of
- this function you'll find the file descriptors passed as fds
- SD_LISTEN_FDS_START to SD_LISTEN_FDS_START+r-1. Returns a negative
- errno style error code on failure. This function call ensures that
- the FD_CLOEXEC flag is set for the passed file descriptors, to make
- sure they are not passed on to child processes. If FD_CLOEXEC shall
- not be set, the caller needs to unset it after this call for all file
- descriptors that are used.
-
- See sd_listen_fds(3) for more information.
-*/
-int sd_listen_fds(int unset_environment);
-
-/*
- Helper call for identifying a passed file descriptor. Returns 1 if
- the file descriptor is a FIFO in the file system stored under the
- specified path, 0 otherwise. If path is NULL a path name check will
- not be done and the call only verifies if the file descriptor
- refers to a FIFO. Returns a negative errno style error code on
- failure.
-
- See sd_is_fifo(3) for more information.
-*/
-int sd_is_fifo(int fd, const char *path);
-
-/*
- Helper call for identifying a passed file descriptor. Returns 1 if
- the file descriptor is a special character device on the file
- system stored under the specified path, 0 otherwise.
- If path is NULL a path name check will not be done and the call
- only verifies if the file descriptor refers to a special character.
- Returns a negative errno style error code on failure.
-
- See sd_is_special(3) for more information.
-*/
-int sd_is_special(int fd, const char *path);
-
-/*
- Helper call for identifying a passed file descriptor. Returns 1 if
- the file descriptor is a socket of the specified family (AF_INET,
- ...) and type (SOCK_DGRAM, SOCK_STREAM, ...), 0 otherwise. If
- family is 0 a socket family check will not be done. If type is 0 a
- socket type check will not be done and the call only verifies if
- the file descriptor refers to a socket. If listening is > 0 it is
- verified that the socket is in listening mode. (i.e. listen() has
- been called) If listening is == 0 it is verified that the socket is
- not in listening mode. If listening is < 0 no listening mode check
- is done. Returns a negative errno style error code on failure.
-
- See sd_is_socket(3) for more information.
-*/
-int sd_is_socket(int fd, int family, int type, int listening);
-
-/*
- Helper call for identifying a passed file descriptor. Returns 1 if
- the file descriptor is an Internet socket, of the specified family
- (either AF_INET or AF_INET6) and the specified type (SOCK_DGRAM,
- SOCK_STREAM, ...), 0 otherwise. If version is 0 a protocol version
- check is not done. If type is 0 a socket type check will not be
- done. If port is 0 a socket port check will not be done. The
- listening flag is used the same way as in sd_is_socket(). Returns a
- negative errno style error code on failure.
-
- See sd_is_socket_inet(3) for more information.
-*/
-int sd_is_socket_inet(int fd, int family, int type, int listening, uint16_t port);
-
-/*
- Helper call for identifying a passed file descriptor. Returns 1 if
- the file descriptor is an AF_UNIX socket of the specified type
- (SOCK_DGRAM, SOCK_STREAM, ...) and path, 0 otherwise. If type is 0
- a socket type check will not be done. If path is NULL a socket path
- check will not be done. For normal AF_UNIX sockets set length to
- 0. For abstract namespace sockets set length to the length of the
- socket name (including the initial 0 byte), and pass the full
- socket path in path (including the initial 0 byte). The listening
- flag is used the same way as in sd_is_socket(). Returns a negative
- errno style error code on failure.
-
- See sd_is_socket_unix(3) for more information.
-*/
-int sd_is_socket_unix(int fd, int type, int listening, const char *path, size_t length);
-
-/*
- Helper call for identifying a passed file descriptor. Returns 1 if
- the file descriptor is a POSIX Message Queue of the specified name,
- 0 otherwise. If path is NULL a message queue name check is not
- done. Returns a negative errno style error code on failure.
-*/
-int sd_is_mq(int fd, const char *path);
-
-/*
- Informs systemd about changed daemon state. This takes a number of
- newline separated environment-style variable assignments in a
- string. The following variables are known:
-
- READY=1 Tells systemd that daemon startup is finished (only
- relevant for services of Type=notify). The passed
- argument is a boolean "1" or "0". Since there is
- little value in signaling non-readiness the only
- value daemons should send is "READY=1".
-
- STATUS=... Passes a single-line status string back to systemd
- that describes the daemon state. This is free-from
- and can be used for various purposes: general state
- feedback, fsck-like programs could pass completion
- percentages and failing programs could pass a human
- readable error message. Example: "STATUS=Completed
- 66% of file system check..."
-
- ERRNO=... If a daemon fails, the errno-style error code,
- formatted as string. Example: "ERRNO=2" for ENOENT.
-
- BUSERROR=... If a daemon fails, the D-Bus error-style error
- code. Example: "BUSERROR=org.freedesktop.DBus.Error.TimedOut"
-
- MAINPID=... The main pid of a daemon, in case systemd did not
- fork off the process itself. Example: "MAINPID=4711"
-
- WATCHDOG=1 Tells systemd to update the watchdog timestamp.
- Services using this feature should do this in
- regular intervals. A watchdog framework can use the
- timestamps to detect failed services.
-
- Daemons can choose to send additional variables. However, it is
- recommended to prefix variable names not listed above with X_.
-
- Returns a negative errno-style error code on failure. Returns > 0
- if systemd could be notified, 0 if it couldn't possibly because
- systemd is not running.
-
- Example: When a daemon finished starting up, it could issue this
- call to notify systemd about it:
-
- sd_notify(0, "READY=1");
-
- See sd_notifyf() for more complete examples.
-
- See sd_notify(3) for more information.
-*/
-int sd_notify(int unset_environment, const char *state);
-
-/*
- Similar to sd_notify() but takes a format string.
-
- Example 1: A daemon could send the following after initialization:
-
- sd_notifyf(0, "READY=1\n"
- "STATUS=Processing requests...\n"
- "MAINPID=%lu",
- (unsigned long) getpid());
-
- Example 2: A daemon could send the following shortly before
- exiting, on failure:
-
- sd_notifyf(0, "STATUS=Failed to start up: %s\n"
- "ERRNO=%i",
- strerror(errno),
- errno);
-
- See sd_notifyf(3) for more information.
-*/
-int sd_notifyf(int unset_environment, const char *format, ...) _sd_printf_attr_(2,3);
-
-/*
- Returns > 0 if the system was booted with systemd. Returns < 0 on
- error. Returns 0 if the system was not booted with systemd. Note
- that all of the functions above handle non-systemd boots just
- fine. You should NOT protect them with a call to this function. Also
- note that this function checks whether the system, not the user
- session is controlled by systemd. However the functions above work
- for both user and system services.
-
- See sd_booted(3) for more information.
-*/
-int sd_booted(void);
-
-#ifdef __cplusplus
-}
-#endif
-
-#endif

View File

@ -0,0 +1,13 @@
diff -ruN rtkit-0.11.orig/Makefile.am rtkit-0.11/Makefile.am
--- rtkit-0.11.orig/Makefile.am 2017-05-12 12:56:52.245623657 -0400
+++ rtkit-0.11/Makefile.am 2017-05-12 13:24:27.206304970 -0400
@@ -18,6 +18,8 @@
AM_CFLAGS = $(WARNINGFLAGS) $(PTHREAD_CFLAGS)
AM_LDFLAGS = $(GCLDFLAGS)
+CFLAGS += -Wno-error=format-security
+
ACLOCAL_AMFLAGS = -I m4
policykitdir = $(datadir)/polkit-1/actions/
Binary files rtkit-0.11.orig/.Makefile.am.swp and rtkit-0.11/.Makefile.am.swp differ

View File

@ -0,0 +1,14 @@
diff --git rtkit-0.11/rtkit-daemon.service.in~ rtkit-0.11/rtkit-daemon.service.in
index 3dfefa6..d0dc786 100644
--- rtkit-0.11/rtkit-daemon.service.in~
+++ rtkit-0.11/rtkit-daemon.service.in
@@ -27,9 +27,5 @@ CapabilityBoundingSet=CAP_SYS_NICE CAP_DAC_READ_SEARCH CAP_SYS_PTRACE CAP_SYS_CH
PrivateTmp=yes
PrivateNetwork=yes
-# Work around the fact that the Linux currently doesn't assign any RT
-# budget to CPU control groups that have none configured explicitly
-ControlGroup=cpu:/
-
[Install]
WantedBy=graphical.target

View File

@ -0,0 +1,12 @@
diff --git a/configure.ac b/configure.ac
index 5a77363..45721a5 100644
--- a/configure.ac
+++ b/configure.ac
@@ -112,6 +112,7 @@ CC="$PTHREAD_CC"
AC_SEARCH_LIBS([sched_setscheduler], [rt])
AC_SEARCH_LIBS([clock_gettime], [rt])
+AC_SEARCH_LIBS([mq_getattr], [rt])
AC_SEARCH_LIBS([cap_init], [cap])
PKG_CHECK_MODULES(DBUS, dbus-1)

218
SPECS/rtkit.spec Normal file
View File

@ -0,0 +1,218 @@
Name: rtkit
Version: 0.11
Release: 28%{?dist}
Summary: Realtime Policy and Watchdog Daemon
# The daemon itself is GPLv3+, the reference implementation for the client BSD
License: GPLv3+ and BSD
URL: http://git.0pointer.net/rtkit.git/
Requires: dbus
Requires: polkit
BuildRequires: make
BuildRequires: systemd-devel
BuildRequires: dbus-devel >= 1.2
BuildRequires: libcap-devel
BuildRequires: polkit-devel
BuildRequires: autoconf automake libtool
Source0: http://0pointer.de/public/%{name}-%{version}.tar.xz
Patch1: rtkit-mq_getattr.patch
Patch2: 0001-SECURITY-Pass-uid-of-caller-to-polkit.patch
Patch3: rtkit-controlgroup.patch
# Temporarily disable -Werror=format-security since it breaks the build
Patch4: format-security.patch
Patch5: 0001-Fix-borked-error-check.patch
Patch6: 0001-systemd-update-sd-daemon.-ch.patch
Patch7: 0002-Remove-bundled-copy-of-sd-daemon.-ch.patch
%description
RealtimeKit is a D-Bus system service that changes the
scheduling policy of user processes/threads to SCHED_RR (i.e. realtime
scheduling mode) on request. It is intended to be used as a secure
mechanism to allow real-time scheduling to be used by normal user
processes.
%prep
%autosetup -p1
%build
autoreconf -fvi
%configure --with-systemdsystemunitdir=%{_unitdir}
%make_build
./rtkit-daemon --introspect > org.freedesktop.RealtimeKit1.xml
%install
%make_install
install -Dm0644 org.freedesktop.RealtimeKit1.xml %{buildroot}%{_datadir}/dbus-1/interfaces/org.freedesktop.RealtimeKit1.xml
%pre
getent group rtkit >/dev/null 2>&1 || groupadd \
-r \
-g 172 \
rtkit
getent passwd rtkit >/dev/null 2>&1 || useradd \
-r -l \
-u 172 \
-g rtkit \
-d /proc \
-s /sbin/nologin \
-c "RealtimeKit" \
rtkit
:;
%post
%systemd_post rtkit-daemon.service
dbus-send --system --type=method_call --dest=org.freedesktop.DBus / org.freedesktop.DBus.ReloadConfig >/dev/null 2>&1 || :
%preun
%systemd_preun rtkit-daemon.service
%postun
%systemd_postun_with_restart rtkit-daemon.service
%files
%doc README GPL LICENSE rtkit.c rtkit.h
%attr(0755,root,root) %{_sbindir}/rtkitctl
%attr(0755,root,root) %{_libexecdir}/rtkit-daemon
%{_datadir}/dbus-1/system-services/org.freedesktop.RealtimeKit1.service
%{_datadir}/dbus-1/interfaces/org.freedesktop.RealtimeKit1.xml
%{_datadir}/polkit-1/actions/org.freedesktop.RealtimeKit1.policy
%config(noreplace) %{_sysconfdir}/dbus-1/system.d/org.freedesktop.RealtimeKit1.conf
%{_prefix}/lib/systemd/system/rtkit-daemon.service
%{_mandir}/man8/*
%changelog
* Tue Aug 10 2021 Mohan Boddu <mboddu@redhat.com> - 0.11-28
- Rebuilt for IMA sigs, glibc 2.34, aarch64 flags
Related: rhbz#1991688
* Fri Apr 16 2021 Mohan Boddu <mboddu@redhat.com> - 0.11-27
- Rebuilt for RHEL 9 BETA on Apr 15th 2021. Related: rhbz#1947937
* Wed Jan 27 2021 Fedora Release Engineering <releng@fedoraproject.org> - 0.11-26
- Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild
* Sun Jan 24 2021 Zbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl> - 0.11-22
- Stop using a bundled subset of libsystemd (#1907730)
* Sat Aug 01 2020 Fedora Release Engineering <releng@fedoraproject.org> - 0.11-25
- Second attempt - Rebuilt for
https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild
* Wed Jul 29 2020 Fedora Release Engineering <releng@fedoraproject.org> - 0.11-24
- Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild
* Thu Jan 30 2020 Fedora Release Engineering <releng@fedoraproject.org> - 0.11-23
- Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild
* Fri Aug 2 2019 Zbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl> - 0.11-22
- Fix %%systemd_postun macro use (#1736594)
* Fri Jul 26 2019 Fedora Release Engineering <releng@fedoraproject.org> - 0.11-22
- Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild
* Sat Feb 02 2019 Fedora Release Engineering <releng@fedoraproject.org> - 0.11-21
- Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild
* Tue Oct 9 2018 Zbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl> - 0.11-20
- Modernize a bit and fix BuildRequires (#1637496)
* Sat Jul 14 2018 Fedora Release Engineering <releng@fedoraproject.org> - 0.11-19
- Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild
* Fri Feb 09 2018 Fedora Release Engineering <releng@fedoraproject.org> - 0.11-18
- Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild
* Thu Aug 03 2017 Fedora Release Engineering <releng@fedoraproject.org> - 0.11-17
- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Binutils_Mass_Rebuild
* Thu Jul 27 2017 Fedora Release Engineering <releng@fedoraproject.org> - 0.11-16
- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild
* Fri May 12 2017 Stephen Gallagher <sgallagh@redhat.com> - 0.11-15
- Temporarily disable -Werror=format-security to unbreak the build
- Build with verbose command-line visible in the logs
- Resolves: rhbz#1424270
* Sat Feb 11 2017 Fedora Release Engineering <releng@fedoraproject.org> - 0.11-14
- Rebuilt for https://fedoraproject.org/wiki/Fedora_26_Mass_Rebuild
* Thu Feb 04 2016 Fedora Release Engineering <releng@fedoraproject.org> - 0.11-13
- Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild
* Wed Nov 4 2015 Zbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl> - 0.11-12
- Make dbus interface file non-executable (#1245938)
* Thu Jun 18 2015 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 0.11-11
- Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild
* Mon Aug 18 2014 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 0.11-10
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild
* Sun Jun 08 2014 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 0.11-9
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild
* Sat Nov 16 2013 Zbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl> - 0.11-8
- Use a simpler patch for -lrt.
- Remove ControlGroup setting from the service file
Resolves: #1010534
- Turn on hardening flags
Resolves: #996735, #1008399
* Mon Sep 23 2013 Colin Walters <walters@verbum.org> - 0.11-7
- CVE-2013-4326
Resolves: #1009543
* Thu Aug 22 2013 Colin Walters <walters@verbum.org> - 0.11-6
- Add patch to make this build again
* Sun Aug 04 2013 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 0.11-5
- Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild
* Thu Feb 14 2013 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 0.11-4
- Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild
* Fri Sep 14 2012 Lennart Poettering <lpoetter@redhat.com> - 0.11-3
- Make use of the new systemd macros
* Sat Jul 21 2012 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 0.11-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild
* Tue May 15 2012 Lennart Poettering <lpoetter@redhat.com> - 0.11-1
- New upstream release
* Sat Jan 14 2012 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 0.10-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild
* Thu Feb 17 2011 Lennart Poettering <lpoetter@redhat.com> - 0.10-1
- new upstream release
* Wed Feb 09 2011 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 0.9-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild
* Wed Aug 4 2010 Lennart Poettering <lpoetter@redhat.com> - 0.9-2
- Convert systemd-install to systemctl
* Tue Jul 13 2010 Lennart Poettering <lpoetter@redhat.com> - 0.9-1
- New upstream release
* Tue Jun 29 2010 Lennart Poettering <lpoetter@redhat.com> - 0.8-1
- New upstream release
* Fri Dec 18 2009 Lennart Poettering <lpoetter@redhat.com> - 0.5-1
- New release
- By default don't demote unknown threads
- Make messages less cute
- Fixes 530582
* Wed Aug 5 2009 Lennart Poettering <lpoetter@redhat.com> - 0.4-1
- New release
* Sun Jul 26 2009 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 0.3-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild
* Thu Jul 2 2009 Lennart Poettering <lpoetter@redhat.com> - 0.3-1
- New release
* Wed Jun 17 2009 Lennart Poettering <lpoetter@redhat.com> - 0.2-1
- Initial packaging