rpms/systemd
6
0
Fork 0
Code Issues Pull Requests Releases Activity

core: reorder systemd arguments on reexe

Browse Source 
coredump: use %d in kernel core pattern - CVE-2025-4598

Debrand for AlmaLinux
This commit is contained in:
Andrew Lukoshko 2025-11-04 11:29:13 +00:00 committed by root
commit 028b1e4f3e
13 changed files with 1022 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

33
SOURCES/1117-meson-etc-systemd-network-is-also-used-by-udevd.patch Normal file
View File

@ -0,0 +1,33 @@
From 2a66d0407ed5f5f3b48449c2c9197e0b77693d03 Mon Sep 17 00:00:00 2001
From: Yu Watanabe <watanabe.yu+github@gmail.com>
Date: Thu, 2 Nov 2023 14:20:11 +0900
Subject: [PATCH] meson: /etc/systemd/network is also used by udevd
(cherry picked from commit 6256c65aad2a719ac9054961561bb26e497208ce)
Resolves: RHEL-111610
---
network/meson.build | 9 +++++----
1 file changed, 5 insertions(+), 4 deletions(-)
diff --git a/network/meson.build b/network/meson.build
index 4c6de20515..499ea61086 100644
--- a/network/meson.build
+++ b/network/meson.build
@@ -12,11 +12,12 @@ if conf.get('ENABLE_NETWORKD') == 1
'80-wifi-station.network.example',
install_dir : networkdir)
- if install_sysconfdir
- meson.add_install_script('sh', '-c',
- mkdir_p.format(sysconfdir / 'systemd/network'))
- endif
endif
install_data('99-default.link',
install_dir : networkdir)
+
+if install_sysconfdir
+ meson.add_install_script('sh', '-c',
+ mkdir_p.format(sysconfdir / 'systemd/network'))
+endif

207
SOURCES/1118-sd-bus-make-bus_add_match_full-accept-timeout.patch Normal file
View File

@ -0,0 +1,207 @@
From 77d0e22296ac39f8e9036fd838dcea287db21015 Mon Sep 17 00:00:00 2001
From: licunlong <licunlong1@huawei.com>
Date: Thu, 15 Jun 2023 16:28:28 +0800
Subject: [PATCH] sd-bus: make bus_add_match_full accept timeout
(cherry picked from commit bb30e58f644689feaa87d8136d1686b6c3a6f42a)
Related: RHEL-111629
---
src/libsystemd/sd-bus/bus-control.c | 48 +++++++++++++++++++++-------
src/libsystemd/sd-bus/bus-control.h | 4 +--
src/libsystemd/sd-bus/bus-internal.h | 10 ++++++
src/libsystemd/sd-bus/sd-bus.c | 17 ++++++----
4 files changed, 59 insertions(+), 20 deletions(-)
diff --git a/src/libsystemd/sd-bus/bus-control.c b/src/libsystemd/sd-bus/bus-control.c
index d96b7256a1..762656fa74 100644
--- a/src/libsystemd/sd-bus/bus-control.c
+++ b/src/libsystemd/sd-bus/bus-control.c
@@ -803,9 +803,10 @@ _public_ int sd_bus_get_owner_creds(sd_bus *bus, uint64_t mask, sd_bus_creds **r
int bus_add_match_internal(
sd_bus *bus,
const char *match,
+ uint64_t timeout_usec,
uint64_t *ret_counter) {
- _cleanup_(sd_bus_message_unrefp) sd_bus_message *reply = NULL;
+ _cleanup_(sd_bus_message_unrefp) sd_bus_message *m = NULL, *reply = NULL;
const char *e;
int r;
@@ -816,16 +817,26 @@ int bus_add_match_internal(
e = append_eavesdrop(bus, match);
- r = sd_bus_call_method(
+ r = sd_bus_message_new_method_call(
bus,
+ &m,
"org.freedesktop.DBus",
"/org/freedesktop/DBus",
"org.freedesktop.DBus",
- "AddMatch",
+ "AddMatch");
+ if (r < 0)
+ return r;
+
+ r = sd_bus_message_append(m, "s", e);
+ if (r < 0)
+ return r;
+
+ r = sd_bus_call(
+ bus,
+ m,
+ timeout_usec,
NULL,
- &reply,
- "s",
- e);
+ &reply);
if (r < 0)
return r;
@@ -841,9 +852,12 @@ int bus_add_match_internal_async(
sd_bus_slot **ret_slot,
const char *match,
sd_bus_message_handler_t callback,
- void *userdata) {
+ void *userdata,
+ uint64_t timeout_usec) {
+ _cleanup_(sd_bus_message_unrefp) sd_bus_message *m = NULL;
const char *e;
+ int r;
assert(bus);
@@ -852,17 +866,27 @@ int bus_add_match_internal_async(
e = append_eavesdrop(bus, match);
- return sd_bus_call_method_async(
+ r = sd_bus_message_new_method_call(
bus,
- ret_slot,
+ &m,
"org.freedesktop.DBus",
"/org/freedesktop/DBus",
"org.freedesktop.DBus",
- "AddMatch",
+ "AddMatch");
+ if (r < 0)
+ return r;
+
+ r = sd_bus_message_append(m, "s", e);
+ if (r < 0)
+ return r;
+
+ return sd_bus_call_async(
+ bus,
+ ret_slot,
+ m,
callback,
userdata,
- "s",
- e);
+ timeout_usec);
}
int bus_remove_match_internal(
diff --git a/src/libsystemd/sd-bus/bus-control.h b/src/libsystemd/sd-bus/bus-control.h
index 8182b9cd63..1cd4fb88d9 100644
--- a/src/libsystemd/sd-bus/bus-control.h
+++ b/src/libsystemd/sd-bus/bus-control.h
@@ -3,7 +3,7 @@
#include "sd-bus.h"
-int bus_add_match_internal(sd_bus *bus, const char *match, uint64_t *ret_counter);
-int bus_add_match_internal_async(sd_bus *bus, sd_bus_slot **ret, const char *match, sd_bus_message_handler_t callback, void *userdata);
+int bus_add_match_internal(sd_bus *bus, const char *match, uint64_t timeout_usec, uint64_t *ret_counter);
+int bus_add_match_internal_async(sd_bus *bus, sd_bus_slot **ret, const char *match, sd_bus_message_handler_t callback, void *userdata, uint64_t timeout_usec);
int bus_remove_match_internal(sd_bus *bus, const char *match);
diff --git a/src/libsystemd/sd-bus/bus-internal.h b/src/libsystemd/sd-bus/bus-internal.h
index 51673ad1c5..603a53fb10 100644
--- a/src/libsystemd/sd-bus/bus-internal.h
+++ b/src/libsystemd/sd-bus/bus-internal.h
@@ -386,6 +386,16 @@ int bus_attach_inotify_event(sd_bus *b);
void bus_close_inotify_fd(sd_bus *b);
void bus_close_io_fds(sd_bus *b);
+int bus_add_match_full(
+ sd_bus *bus,
+ sd_bus_slot **slot,
+ bool asynchronous,
+ const char *match,
+ sd_bus_message_handler_t callback,
+ sd_bus_message_handler_t install_callback,
+ void *userdata,
+ uint64_t timeout_usec);
+
#define OBJECT_PATH_FOREACH_PREFIX(prefix, path) \
for (char *_slash = ({ strcpy((prefix), (path)); streq((prefix), "/") ? NULL : strrchr((prefix), '/'); }) ; \
_slash && ((_slash[(_slash) == (prefix)] = 0), true); \
diff --git a/src/libsystemd/sd-bus/sd-bus.c b/src/libsystemd/sd-bus/sd-bus.c
index 10efe53a25..b8406f154b 100644
--- a/src/libsystemd/sd-bus/sd-bus.c
+++ b/src/libsystemd/sd-bus/sd-bus.c
@@ -3486,14 +3486,15 @@ static int add_match_callback(
return r;
}
-static int bus_add_match_full(
+int bus_add_match_full(
sd_bus *bus,
sd_bus_slot **slot,
bool asynchronous,
const char *match,
sd_bus_message_handler_t callback,
sd_bus_message_handler_t install_callback,
- void *userdata) {
+ void *userdata,
+ uint64_t timeout_usec) {
struct bus_match_component *components = NULL;
unsigned n_components = 0;
@@ -3539,7 +3540,8 @@ static int bus_add_match_full(
&s->match_callback.install_slot,
s->match_callback.match_string,
add_match_callback,
- s);
+ s,
+ timeout_usec);
if (r < 0)
goto finish;
@@ -3549,7 +3551,10 @@ static int bus_add_match_full(
* then make it floating. */
r = sd_bus_slot_set_floating(s->match_callback.install_slot, true);
} else
- r = bus_add_match_internal(bus, s->match_callback.match_string, &s->match_callback.after);
+ r = bus_add_match_internal(bus,
+ s->match_callback.match_string,
+ timeout_usec,
+ &s->match_callback.after);
if (r < 0)
goto finish;
@@ -3580,7 +3585,7 @@ _public_ int sd_bus_add_match(
sd_bus_message_handler_t callback,
void *userdata) {
- return bus_add_match_full(bus, slot, false, match, callback, NULL, userdata);
+ return bus_add_match_full(bus, slot, false, match, callback, NULL, userdata, 0);
}
_public_ int sd_bus_add_match_async(
@@ -3591,7 +3596,7 @@ _public_ int sd_bus_add_match_async(
sd_bus_message_handler_t install_callback,
void *userdata) {
- return bus_add_match_full(bus, slot, true, match, callback, install_callback, userdata);
+ return bus_add_match_full(bus, slot, true, match, callback, install_callback, userdata, 0);
}
bool bus_pid_changed(sd_bus *bus) {

52
SOURCES/1119-core-unit-add-get_timeout_start_usec-in-UnitVTable-a.patch Normal file
View File

@ -0,0 +1,52 @@
From 2711221e0edaf8294c88034d4598e8f00c5ab2a0 Mon Sep 17 00:00:00 2001
From: licunlong <licunlong1@huawei.com>
Date: Thu, 15 Jun 2023 10:47:32 +0800
Subject: [PATCH] core/unit: add get_timeout_start_usec in UnitVTable and
define it for service
(cherry picked from commit f5a9d2ee2a849aca1f2d15485d020142ff33cc30)
Related: RHEL-111629
---
src/core/service.c | 6 ++++++
src/core/unit.h | 3 +++
2 files changed, 9 insertions(+)
diff --git a/src/core/service.c b/src/core/service.c
index 433df0afe3..305f3b7170 100644
--- a/src/core/service.c
+++ b/src/core/service.c
@@ -4383,6 +4383,11 @@ static int service_get_timeout(Unit *u, usec_t *timeout) {
return 1;
}
+static usec_t service_get_timeout_start_usec(Unit *u) {
+ Service *s = SERVICE(ASSERT_PTR(u));
+ return s->timeout_start_usec;
+}
+
static bool pick_up_pid_from_bus_name(Service *s) {
assert(s);
@@ -4870,6 +4875,7 @@ const UnitVTable service_vtable = {
.bus_commit_properties = bus_service_commit_properties,
.get_timeout = service_get_timeout,
+ .get_timeout_start_usec = service_get_timeout_start_usec,
.needs_console = service_needs_console,
.exit_status = service_exit_status,
.status_text = service_status_text,
diff --git a/src/core/unit.h b/src/core/unit.h
index e79b5322b4..95e4926f70 100644
--- a/src/core/unit.h
+++ b/src/core/unit.h
@@ -710,6 +710,9 @@ typedef struct UnitVTable {
/* Returns the next timeout of a unit */
int (*get_timeout)(Unit *u, usec_t *timeout);
+ /* Returns the start timeout of a unit */
+ usec_t (*get_timeout_start_usec)(Unit *u);
+
/* Returns the main PID if there is any defined, or 0. */
pid_t (*main_pid)(Unit *u);

99
SOURCES/1120-core-unit-increase-the-NameOwnerChanged-GetNameOwner.patch Normal file
View File

@ -0,0 +1,99 @@
From d027b6a74262c7278a3af8dd5c56b71da256daf4 Mon Sep 17 00:00:00 2001
From: licunlong <licunlong1@huawei.com>
Date: Wed, 24 May 2023 11:45:31 +0800
Subject: [PATCH] core/unit: increase the NameOwnerChanged/GetNameOwner timeout
to the unit's start timeout
When dbus is overloaded, these messages are easily timedout,
systemd may kill dbus-type service by mistake. This PR
mitigates this problem by increasing the timeout to the
unit's start timeout.
(cherry picked from commit 8df433d7cd268ae96cfe795feaa59f4d3e87b85c)
Related: RHEL-111629
---
src/core/unit.c | 39 ++++++++++++++++++++++++++++++++++-----
1 file changed, 34 insertions(+), 5 deletions(-)
diff --git a/src/core/unit.c b/src/core/unit.c
index d98ecf4367..6bf7296154 100644
--- a/src/core/unit.c
+++ b/src/core/unit.c
@@ -14,6 +14,7 @@
#include "bpf-foreign.h"
#include "bpf-socket-bind.h"
#include "bus-common-errors.h"
+#include "bus-internal.h"
#include "bus-util.h"
#include "cgroup-setup.h"
#include "cgroup-util.h"
@@ -3518,7 +3519,9 @@ static int get_name_owner_handler(sd_bus_message *message, void *userdata, sd_bu
}
int unit_install_bus_match(Unit *u, sd_bus *bus, const char *name) {
+ _cleanup_(sd_bus_message_unrefp) sd_bus_message *m = NULL;
const char *match;
+ usec_t timeout_usec = 0;
int r;
assert(u);
@@ -3528,6 +3531,12 @@ int unit_install_bus_match(Unit *u, sd_bus *bus, const char *name) {
if (u->match_bus_slot || u->get_name_owner_slot)
return -EBUSY;
+ /* NameOwnerChanged and GetNameOwner is used to detect when a service finished starting up. The dbus
+ * call timeout shouldn't be earlier than that. If we couldn't get the start timeout, use the default
+ * value defined above. */
+ if (UNIT_VTABLE(u)->get_timeout_start_usec)
+ timeout_usec = UNIT_VTABLE(u)->get_timeout_start_usec(u);
+
match = strjoina("type='signal',"
"sender='org.freedesktop.DBus',"
"path='/org/freedesktop/DBus',"
@@ -3535,20 +3544,40 @@ int unit_install_bus_match(Unit *u, sd_bus *bus, const char *name) {
"member='NameOwnerChanged',"
"arg0='", name, "'");
- r = sd_bus_add_match_async(bus, &u->match_bus_slot, match, signal_name_owner_changed, NULL, u);
+ r = bus_add_match_full(
+ bus,
+ &u->match_bus_slot,
+ true,
+ match,
+ signal_name_owner_changed,
+ NULL,
+ u,
+ timeout_usec);
if (r < 0)
return r;
- r = sd_bus_call_method_async(
+ r = sd_bus_message_new_method_call(
bus,
- &u->get_name_owner_slot,
+ &m,
"org.freedesktop.DBus",
"/org/freedesktop/DBus",
"org.freedesktop.DBus",
- "GetNameOwner",
+ "GetNameOwner");
+ if (r < 0)
+ return r;
+
+ r = sd_bus_message_append(m, "s", name);
+ if (r < 0)
+ return r;
+
+ r = sd_bus_call_async(
+ bus,
+ &u->get_name_owner_slot,
+ m,
get_name_owner_handler,
u,
- "s", name);
+ timeout_usec);
+
if (r < 0) {
u->match_bus_slot = sd_bus_slot_unref(u->match_bus_slot);
return r;

38
SOURCES/1121-core-sd-bus-drop-empty-lines-between-function-call-a.patch Normal file
View File

@ -0,0 +1,38 @@
From 62020408df888f9b2da50f7b7231eef514c5e062 Mon Sep 17 00:00:00 2001
From: Yu Watanabe <watanabe.yu+github@gmail.com>
Date: Sun, 29 Dec 2024 15:10:53 +0900
Subject: [PATCH] core,sd-bus: drop empty lines between function call and error
check
(cherry picked from commit 7baf4d234a70f136014f9e92f00c078a55c7adba)
Related: RHEL-111629
---
src/core/unit.c | 1 -
src/libsystemd/sd-bus/sd-bus.c | 1 -
2 files changed, 2 deletions(-)
diff --git a/src/core/unit.c b/src/core/unit.c
index 6bf7296154..83da6c2c09 100644
--- a/src/core/unit.c
+++ b/src/core/unit.c
@@ -3577,7 +3577,6 @@ int unit_install_bus_match(Unit *u, sd_bus *bus, const char *name) {
get_name_owner_handler,
u,
timeout_usec);
-
if (r < 0) {
u->match_bus_slot = sd_bus_slot_unref(u->match_bus_slot);
return r;
diff --git a/src/libsystemd/sd-bus/sd-bus.c b/src/libsystemd/sd-bus/sd-bus.c
index b8406f154b..c2dded43ad 100644
--- a/src/libsystemd/sd-bus/sd-bus.c
+++ b/src/libsystemd/sd-bus/sd-bus.c
@@ -3542,7 +3542,6 @@ int bus_add_match_full(
add_match_callback,
s,
timeout_usec);
-
if (r < 0)
goto finish;

71
SOURCES/1122-core-do-not-disconnect-from-bus-when-failed-to-insta.patch Normal file
View File

@ -0,0 +1,71 @@
From b32080ea0df4bef0b7cd1c0af8e988e2c6abe41d Mon Sep 17 00:00:00 2001
From: Yu Watanabe <watanabe.yu+github@gmail.com>
Date: Sun, 29 Dec 2024 15:50:43 +0900
Subject: [PATCH] core: do not disconnect from bus when failed to install
signal match
If bus_add_match_full() is called without install callback and we failed
to install the signal match e.g. by timeout, then add_match_callback()
will disconnect from the bus.
Let's use a custom install handler and handle failures gracefully.
This does not *solve* the root cause of issue #30573, but should improve
the situation when the issue is triggered.
(cherry picked from commit db6b214f95aa42f9a9fa3d94a3c6492cc57b58fb)
Related: RHEL-111629
---
src/core/unit.c | 30 ++++++++++++++++++++++++++++--
1 file changed, 28 insertions(+), 2 deletions(-)
diff --git a/src/core/unit.c b/src/core/unit.c
index 83da6c2c09..2f9cea6179 100644
--- a/src/core/unit.c
+++ b/src/core/unit.c
@@ -3465,6 +3465,32 @@ int unit_load_related_unit(Unit *u, const char *type, Unit **_found) {
return r;
}
+static int signal_name_owner_changed_install_handler(sd_bus_message *message, void *userdata, sd_bus_error *error) {
+ Unit *u = ASSERT_PTR(userdata);
+ const sd_bus_error *e;
+ int r;
+
+ e = sd_bus_message_get_error(message);
+ if (!e) {
+ log_unit_trace(u, "Successfully installed NameOwnerChanged signal match.");
+ return 0;
+ }
+
+ r = sd_bus_error_get_errno(e);
+ log_unit_error_errno(u, r,
+ "Unexpected error response on installing NameOwnerChanged signal match: %s",
+ bus_error_message(e, r));
+
+ /* If we failed to install NameOwnerChanged signal, also unref the bus slot of GetNameOwner(). */
+ u->match_bus_slot = sd_bus_slot_unref(u->match_bus_slot);
+ u->get_name_owner_slot = sd_bus_slot_unref(u->get_name_owner_slot);
+
+ if (UNIT_VTABLE(u)->bus_name_owner_change)
+ UNIT_VTABLE(u)->bus_name_owner_change(u, NULL);
+
+ return 0;
+}
+
static int signal_name_owner_changed(sd_bus_message *message, void *userdata, sd_bus_error *error) {
const char *new_owner;
Unit *u = ASSERT_PTR(userdata);
@@ -3547,10 +3573,10 @@ int unit_install_bus_match(Unit *u, sd_bus *bus, const char *name) {
r = bus_add_match_full(
bus,
&u->match_bus_slot,
- true,
+ /* asynchronous = */ true,
match,
signal_name_owner_changed,
- NULL,
+ signal_name_owner_changed_install_handler,
u,
timeout_usec);
if (r < 0)

180
SOURCES/1123-dbus-stash-the-subscriber-list-when-we-disconenct-fr.patch Normal file
View File

@ -0,0 +1,180 @@
From 1cbaa08036631f3e633700134cd57d994a4b234c Mon Sep 17 00:00:00 2001
From: Ronan Pigott <ronan@rjp.ie>
Date: Thu, 28 Nov 2024 12:53:32 -0700
Subject: [PATCH] dbus: stash the subscriber list when we disconenct from the
bus
If we unexpectly disconnect from the bus, systemd would end up dropping
the list of subscribers, which breaks the ability of clients like logind
to monitor the state of units.
Stash the list of subscribers into the deserialized state in the event
of a disconnect so that when we recover we can renew the broken
subscriptions.
(cherry picked from commit 8402ca04d1a063c3d8a9e3d5c16df8bb8778ae98)
Related: RHEL-111629
---
src/core/dbus.c | 21 +++++++++++++++------
src/core/dbus.h | 2 +-
src/core/manager.c | 8 ++++----
src/shared/bus-util.c | 22 ++++++++++++++++++++++
src/shared/bus-util.h | 1 +
5 files changed, 43 insertions(+), 11 deletions(-)
diff --git a/src/core/dbus.c b/src/core/dbus.c
index 1431e079c2..12a6f2fa27 100644
--- a/src/core/dbus.c
+++ b/src/core/dbus.c
@@ -834,6 +834,8 @@ int bus_init_api(Manager *m) {
if (r < 0)
return log_error_errno(r, "Failed to set up API bus: %m");
+ (void) bus_track_coldplug(bus, &m->subscribed, /* recursive= */ false, m->deserialized_subscribed);
+ m->deserialized_subscribed = strv_free(m->deserialized_subscribed);
m->api_bus = TAKE_PTR(bus);
return 0;
@@ -986,8 +988,17 @@ static void destroy_bus(Manager *m, sd_bus **bus) {
}
/* Get rid of tracked clients on this bus */
- if (m->subscribed && sd_bus_track_get_bus(m->subscribed) == *bus)
+ if (m->subscribed && sd_bus_track_get_bus(m->subscribed) == *bus) {
+ _cleanup_strv_free_ char **subscribed = NULL;
+ int r;
+
+ r = bus_track_to_strv(m->subscribed, &subscribed);
+ if (r < 0)
+ log_warning_errno(r, "Failed to serialize api subscribers, ignoring: %m");
+ strv_free_and_replace(m->deserialized_subscribed, subscribed);
+
m->subscribed = sd_bus_track_unref(m->subscribed);
+ }
HASHMAP_FOREACH(j, m->jobs)
if (j->bus_track && sd_bus_track_get_bus(j->bus_track) == *bus)
@@ -1046,7 +1057,6 @@ void bus_done(Manager *m) {
assert(!m->subscribed);
- m->deserialized_subscribed = strv_free(m->deserialized_subscribed);
bus_verify_polkit_async_registry_free(m->polkit_registry);
}
@@ -1137,20 +1147,19 @@ void bus_track_serialize(sd_bus_track *t, FILE *f, const char *prefix) {
}
}
-int bus_track_coldplug(Manager *m, sd_bus_track **t, bool recursive, char **l) {
+int bus_track_coldplug(sd_bus *bus, sd_bus_track **t, bool recursive, char **l) {
int r;
- assert(m);
assert(t);
if (strv_isempty(l))
return 0;
- if (!m->api_bus)
+ if (!bus)
return 0;
if (!*t) {
- r = sd_bus_track_new(m->api_bus, t, NULL, NULL);
+ r = sd_bus_track_new(bus, t, NULL, NULL);
if (r < 0)
return r;
}
diff --git a/src/core/dbus.h b/src/core/dbus.h
index 50e7bb400e..3f0d902c89 100644
--- a/src/core/dbus.h
+++ b/src/core/dbus.h
@@ -19,7 +19,7 @@ void bus_done(Manager *m);
int bus_fdset_add_all(Manager *m, FDSet *fds);
void bus_track_serialize(sd_bus_track *t, FILE *f, const char *prefix);
-int bus_track_coldplug(Manager *m, sd_bus_track **t, bool recursive, char **l);
+int bus_track_coldplug(sd_bus *bus, sd_bus_track **t, bool recursive, char **l);
int bus_foreach_bus(Manager *m, sd_bus_track *subscribed2, int (*send_message)(sd_bus *bus, void *userdata), void *userdata);
diff --git a/src/core/manager.c b/src/core/manager.c
index daeaa641d7..6c67780c99 100644
--- a/src/core/manager.c
+++ b/src/core/manager.c
@@ -1560,6 +1560,9 @@ Manager* manager_free(Manager *m) {
free(m->switch_root);
free(m->switch_root_init);
+ sd_bus_track_unref(m->subscribed);
+ strv_free(m->deserialized_subscribed);
+
free(m->default_smack_process_label);
rlimit_free_all(m->rlimit);
@@ -1862,7 +1865,7 @@ int manager_startup(Manager *m, FILE *serialization, FDSet *fds, const char *roo
manager_setup_bus(m);
/* Now that we are connected to all possible buses, let's deserialize who is tracking us. */
- r = bus_track_coldplug(m, &m->subscribed, false, m->deserialized_subscribed);
+ r = bus_track_coldplug(m->api_bus, &m->subscribed, false, m->deserialized_subscribed);
if (r < 0)
log_warning_errno(r, "Failed to deserialized tracked clients, ignoring: %m");
m->deserialized_subscribed = strv_free(m->deserialized_subscribed);
@@ -3412,9 +3415,6 @@ int manager_reload(Manager *m) {
/* Clean up runtime objects no longer referenced */
manager_vacuum(m);
- /* Clean up deserialized tracked clients */
- m->deserialized_subscribed = strv_free(m->deserialized_subscribed);
-
/* Consider the reload process complete now. */
assert(m->n_reloading > 0);
m->n_reloading--;
diff --git a/src/shared/bus-util.c b/src/shared/bus-util.c
index d09ec5148d..9293f10fdc 100644
--- a/src/shared/bus-util.c
+++ b/src/shared/bus-util.c
@@ -495,6 +495,28 @@ int bus_track_add_name_many(sd_bus_track *t, char **l) {
return r;
}
+int bus_track_to_strv(sd_bus_track *t, char ***ret) {
+ _cleanup_strv_free_ char **subscribed = NULL;
+ int r = 0;
+
+ assert(ret);
+
+ for (const char *n = sd_bus_track_first(t); n; n = sd_bus_track_next(t)) {
+ r = sd_bus_track_count_name(t, n);
+ if (r < 0)
+ return r;
+
+ for (int j = 0; j < r; j++) {
+ r = strv_extend(&subscribed, n);
+ if (r < 0)
+ return r;
+ }
+ }
+
+ *ret = TAKE_PTR(subscribed);
+ return r;
+}
+
int bus_open_system_watch_bind_with_description(sd_bus **ret, const char *description) {
_cleanup_(sd_bus_close_unrefp) sd_bus *bus = NULL;
const char *e;
diff --git a/src/shared/bus-util.h b/src/shared/bus-util.h
index 955cdcb57c..e1fdf2ef48 100644
--- a/src/shared/bus-util.h
+++ b/src/shared/bus-util.h
@@ -52,6 +52,7 @@ int bus_path_encode_unique(sd_bus *b, const char *prefix, const char *sender_id,
int bus_path_decode_unique(const char *path, const char *prefix, char **ret_sender, char **ret_external);
int bus_track_add_name_many(sd_bus_track *t, char **l);
+int bus_track_to_strv(sd_bus_track *t, char ***ret);
int bus_open_system_watch_bind_with_description(sd_bus **ret, const char *description);
static inline int bus_open_system_watch_bind(sd_bus **ret) {

94
SOURCES/1124-manager-s-deserialized_subscribed-subscribed_as_strv.patch Normal file
View File

@ -0,0 +1,94 @@
From a4d51cc912b028bb89bada9d158d1ae1172ecd08 Mon Sep 17 00:00:00 2001
From: Ronan Pigott <ronan@rjp.ie>
Date: Wed, 11 Dec 2024 12:47:10 -0700
Subject: [PATCH] manager: s/deserialized_subscribed/subscribed_as_strv
Now that this field may get populated at runtime, the deserialized name
is misleading. Change the name to reflect its updated purpose.
(cherry picked from commit e1315a621ae26473fcc9cd0d6013836f5f498d40)
Related: RHEL-111629
---
src/core/dbus.c | 6 +++---
src/core/manager-serialize.c | 2 +-
src/core/manager.c | 6 +++---
src/core/manager.h | 2 +-
4 files changed, 8 insertions(+), 8 deletions(-)
diff --git a/src/core/dbus.c b/src/core/dbus.c
index 12a6f2fa27..7655427f38 100644
--- a/src/core/dbus.c
+++ b/src/core/dbus.c
@@ -834,8 +834,8 @@ int bus_init_api(Manager *m) {
if (r < 0)
return log_error_errno(r, "Failed to set up API bus: %m");
- (void) bus_track_coldplug(bus, &m->subscribed, /* recursive= */ false, m->deserialized_subscribed);
- m->deserialized_subscribed = strv_free(m->deserialized_subscribed);
+ (void) bus_track_coldplug(bus, &m->subscribed, /* recursive= */ false, m->subscribed_as_strv);
+ m->subscribed_as_strv = strv_free(m->subscribed_as_strv);
m->api_bus = TAKE_PTR(bus);
return 0;
@@ -995,7 +995,7 @@ static void destroy_bus(Manager *m, sd_bus **bus) {
r = bus_track_to_strv(m->subscribed, &subscribed);
if (r < 0)
log_warning_errno(r, "Failed to serialize api subscribers, ignoring: %m");
- strv_free_and_replace(m->deserialized_subscribed, subscribed);
+ strv_free_and_replace(m->subscribed_as_strv, subscribed);
m->subscribed = sd_bus_track_unref(m->subscribed);
}
diff --git a/src/core/manager-serialize.c b/src/core/manager-serialize.c
index f3b2d7ee16..a87d490219 100644
--- a/src/core/manager-serialize.c
+++ b/src/core/manager-serialize.c
@@ -529,7 +529,7 @@ int manager_deserialize(Manager *m, FILE *f, FDSet *fds) {
(void) exec_runtime_deserialize_one(m, val, fds);
else if ((val = startswith(l, "subscribed="))) {
- if (strv_extend(&m->deserialized_subscribed, val) < 0)
+ if (strv_extend(&m->subscribed_as_strv, val) < 0)
return -ENOMEM;
} else if ((val = startswith(l, "varlink-server-socket-address="))) {
if (!m->varlink_server && MANAGER_IS_SYSTEM(m)) {
diff --git a/src/core/manager.c b/src/core/manager.c
index 6c67780c99..45676d3def 100644
--- a/src/core/manager.c
+++ b/src/core/manager.c
@@ -1561,7 +1561,7 @@ Manager* manager_free(Manager *m) {
free(m->switch_root_init);
sd_bus_track_unref(m->subscribed);
- strv_free(m->deserialized_subscribed);
+ strv_free(m->subscribed_as_strv);
free(m->default_smack_process_label);
@@ -1865,10 +1865,10 @@ int manager_startup(Manager *m, FILE *serialization, FDSet *fds, const char *roo
manager_setup_bus(m);
/* Now that we are connected to all possible buses, let's deserialize who is tracking us. */
- r = bus_track_coldplug(m->api_bus, &m->subscribed, false, m->deserialized_subscribed);
+ r = bus_track_coldplug(m->api_bus, &m->subscribed, false, m->subscribed_as_strv);
if (r < 0)
log_warning_errno(r, "Failed to deserialized tracked clients, ignoring: %m");
- m->deserialized_subscribed = strv_free(m->deserialized_subscribed);
+ m->subscribed_as_strv = strv_free(m->subscribed_as_strv);
r = manager_varlink_init(m);
if (r < 0)
diff --git a/src/core/manager.h b/src/core/manager.h
index 86e7e40989..a96ba7bf9d 100644
--- a/src/core/manager.h
+++ b/src/core/manager.h
@@ -276,7 +276,7 @@ struct Manager {
considered subscribes, since they last for very short only,
and it is much simpler that way. */
sd_bus_track *subscribed;
- char **deserialized_subscribed;
+ char **subscribed_as_strv;
/* This is used during reloading: before the reload we queue
* the reply message here, and afterwards we send it */

55
SOURCES/1125-bus-util-do-not-reset-the-count-returned-by-sd_bus_t.patch Normal file
View File

@ -0,0 +1,55 @@
From aacdac482bda0395372432aa921a215d4921425d Mon Sep 17 00:00:00 2001
From: Mike Yuan <me@yhndnzj.com>
Date: Sat, 11 Jan 2025 16:26:55 +0100
Subject: [PATCH] bus-util: do not reset the count returned by
sd_bus_track_count_name()
Follow-up for 8402ca04d1a063c3d8a9e3d5c16df8bb8778ae98
While at it, turn the retval check for sd_bus_track_count_name()
into assertion, given we're working with already established tracks
(service_name_is_valid() should never yield false in this case).
Addresses https://github.com/systemd/systemd/pull/35406#discussion_r1912066774
(cherry picked from commit 33eeea4128f31df7ab4bd8866b582062d70114ae)
Related: RHEL-111629
---
src/shared/bus-util.c | 11 +++++------
1 file changed, 5 insertions(+), 6 deletions(-)
diff --git a/src/shared/bus-util.c b/src/shared/bus-util.c
index 9293f10fdc..5e6d17d201 100644
--- a/src/shared/bus-util.c
+++ b/src/shared/bus-util.c
@@ -497,16 +497,15 @@ int bus_track_add_name_many(sd_bus_track *t, char **l) {
int bus_track_to_strv(sd_bus_track *t, char ***ret) {
_cleanup_strv_free_ char **subscribed = NULL;
- int r = 0;
+ int r;
assert(ret);
for (const char *n = sd_bus_track_first(t); n; n = sd_bus_track_next(t)) {
- r = sd_bus_track_count_name(t, n);
- if (r < 0)
- return r;
+ int c = sd_bus_track_count_name(t, n);
+ assert(c >= 0);
- for (int j = 0; j < r; j++) {
+ for (int j = 0; j < c; j++) {
r = strv_extend(&subscribed, n);
if (r < 0)
return r;
@@ -514,7 +513,7 @@ int bus_track_to_strv(sd_bus_track *t, char ***ret) {
}
*ret = TAKE_PTR(subscribed);
- return r;
+ return 0;
}
int bus_open_system_watch_bind_with_description(sd_bus **ret, const char *description) {

31
SOURCES/1126-core-manager-restore-bus-track-deserialization-clean.patch Normal file
View File

@ -0,0 +1,31 @@
From 66113d690c8a8f4245ce9789f362359668e23a86 Mon Sep 17 00:00:00 2001
From: Mike Yuan <me@yhndnzj.com>
Date: Mon, 13 Jan 2025 17:30:51 +0100
Subject: [PATCH] core/manager: restore bus track deserialization cleanup in
manager_reload()
There's zero explanation why it got (spuriously) removed in
8402ca04d1a063c3d8a9e3d5c16df8bb8778ae98...
(cherry picked from commit 34f4b817f67b002eae7e2c09b19bf4b66c4791b6)
Related: RHEL-111629
---
src/core/manager.c | 4 ++++
1 file changed, 4 insertions(+)
diff --git a/src/core/manager.c b/src/core/manager.c
index 45676d3def..92f283d33d 100644
--- a/src/core/manager.c
+++ b/src/core/manager.c
@@ -3409,6 +3409,10 @@ int manager_reload(Manager *m) {
(void) manager_setup_cgroups_agent(m);
(void) manager_setup_user_lookup_fd(m);
+ /* Clean up deserialized bus track information. They're never consumed during reload (as opposed to
+ * reexec) since we do not disconnect from the bus. */
+ m->subscribed_as_strv = strv_free(m->subscribed_as_strv);
+
/* Third, fire things up! */
manager_coldplug(m);

32
SOURCES/1127-core-manager-drop-duplicate-bus-track-deserializatio.patch Normal file
View File

@ -0,0 +1,32 @@
From 0690554623c7e8740862a05506add29264446760 Mon Sep 17 00:00:00 2001
From: Mike Yuan <me@yhndnzj.com>
Date: Sat, 11 Jan 2025 18:38:49 +0100
Subject: [PATCH] core/manager: drop duplicate bus track deserialization
bus_init_api() now does this internally
(after 8402ca04d1a063c3d8a9e3d5c16df8bb8778ae98).
(cherry picked from commit af0e10354e567bfd0b9521376b2aad55f12a4e3d)
Related: RHEL-111629
---
src/core/manager.c | 6 ------
1 file changed, 6 deletions(-)
diff --git a/src/core/manager.c b/src/core/manager.c
index 92f283d33d..653b0c2d22 100644
--- a/src/core/manager.c
+++ b/src/core/manager.c
@@ -1864,12 +1864,6 @@ int manager_startup(Manager *m, FILE *serialization, FDSet *fds, const char *roo
/* Connect to the bus if we are good for it */
manager_setup_bus(m);
- /* Now that we are connected to all possible buses, let's deserialize who is tracking us. */
- r = bus_track_coldplug(m->api_bus, &m->subscribed, false, m->subscribed_as_strv);
- if (r < 0)
- log_warning_errno(r, "Failed to deserialized tracked clients, ignoring: %m");
- m->subscribed_as_strv = strv_free(m->subscribed_as_strv);
-
r = manager_varlink_init(m);
if (r < 0)
log_warning_errno(r, "Failed to set up Varlink, ignoring: %m");

102
SOURCES/1128-sd-bus-bus-track-use-install_callback-in-sd_bus_trac.patch Normal file
View File

@ -0,0 +1,102 @@
From 52c9f6533199cc32d7925bf0eb79eb2e28ad160a Mon Sep 17 00:00:00 2001
From: Michal Sekletar <msekleta@redhat.com>
Date: Thu, 31 Jul 2025 18:26:09 +0200
Subject: [PATCH] sd-bus/bus-track: use install_callback in
sd_bus_track_add_name()
Previously we didn't provide any install_callback to
sd_bus_add_match_async() so in case AddMatch() method call timed out we
destroyed the bus connection. This seems overly aggressive and simply
updating the sd_bus_track object accordingly should be enough.
Follow-up for 37ce3fd2b7dd8f81f6f4bca2003961a92b2963dc.
Fixes #32381
(cherry picked from commit dcf42d1ee21222ee698e5e0ab3ecf3411b63da40)
Related: RHEL-111629
---
src/libsystemd/sd-bus/bus-track.c | 32 +++++++++++++++++++++++++++----
1 file changed, 28 insertions(+), 4 deletions(-)
diff --git a/src/libsystemd/sd-bus/bus-track.c b/src/libsystemd/sd-bus/bus-track.c
index f9c59a1007..276e177d2b 100644
--- a/src/libsystemd/sd-bus/bus-track.c
+++ b/src/libsystemd/sd-bus/bus-track.c
@@ -3,6 +3,7 @@
#include "sd-bus.h"
#include "alloc-util.h"
+#include "bus-error.h"
#include "bus-internal.h"
#include "bus-track.h"
#include "string-util.h"
@@ -11,6 +12,7 @@ struct track_item {
unsigned n_ref;
char *name;
sd_bus_slot *slot;
+ sd_bus_track *track;
};
struct sd_bus_track {
@@ -163,18 +165,39 @@ static sd_bus_track *track_free(sd_bus_track *track) {
DEFINE_PUBLIC_TRIVIAL_REF_UNREF_FUNC(sd_bus_track, sd_bus_track, track_free);
-static int on_name_owner_changed(sd_bus_message *message, void *userdata, sd_bus_error *error) {
- sd_bus_track *track = ASSERT_PTR(userdata);
+static int on_name_owner_changed(sd_bus_message *message, void *userdata, sd_bus_error *reterr_error) {
+ struct track_item *item = ASSERT_PTR(userdata);
const char *name;
int r;
assert(message);
+ assert(item->track);
r = sd_bus_message_read(message, "sss", &name, NULL, NULL);
if (r < 0)
return 0;
- bus_track_remove_name_fully(track, name);
+ bus_track_remove_name_fully(item->track, name);
+ return 0;
+}
+
+static int name_owner_changed_install_callback(sd_bus_message *message, void *userdata, sd_bus_error *reterr_error) {
+ struct track_item *item = ASSERT_PTR(userdata);
+ const sd_bus_error *e;
+ int r;
+
+ assert(message);
+ assert(item->track);
+ assert(item->name);
+
+ e = sd_bus_message_get_error(message);
+ if (!e)
+ return 0;
+
+ r = sd_bus_error_get_errno(e);
+ log_debug_errno(r, "Failed to install match for tracking name '%s': %s", item->name, bus_error_message(e, r));
+
+ bus_track_remove_name_fully(item->track, item->name);
return 0;
}
@@ -216,6 +239,7 @@ _public_ int sd_bus_track_add_name(sd_bus_track *track, const char *name) {
*n = (struct track_item) {
.n_ref = 1,
+ .track = track,
};
n->name = strdup(name);
@@ -227,7 +251,7 @@ _public_ int sd_bus_track_add_name(sd_bus_track *track, const char *name) {
bus_track_remove_from_queue(track); /* don't dispatch this while we work in it */
- r = sd_bus_add_match_async(track->bus, &n->slot, match, on_name_owner_changed, NULL, track);
+ r = sd_bus_add_match_async(track->bus, &n->slot, match, on_name_owner_changed, name_owner_changed_install_callback, n);
if (r < 0) {
bus_track_add_to_queue(track);
return r;

30
SPECS/systemd.spec
View File

@ -21,7 +21,7 @@
Name: systemd
Url: https://systemd.io
Version: 252
Release: 51%{?dist}.2.alma.2
Release: 51%{?dist}.3.alma.2
# For a breakdown of the licensing, see README
License: LGPLv2+ and MIT and GPLv2+
Summary: System and Service Manager
@ -1199,6 +1199,18 @@ Patch1113: 1113-Follow-up-with-the-PR-31819.patch
Patch1114: 1114-Added-more-ASSERT-macro-and-also-make-some-test-file.patch
Patch1115: 1115-sd-event-drop-inotify-event-from-buffer-when-no-even.patch
Patch1116: 1116-test-add-test-case-for-issue-38265.patch
Patch1117: 1117-meson-etc-systemd-network-is-also-used-by-udevd.patch
Patch1118: 1118-sd-bus-make-bus_add_match_full-accept-timeout.patch
Patch1119: 1119-core-unit-add-get_timeout_start_usec-in-UnitVTable-a.patch
Patch1120: 1120-core-unit-increase-the-NameOwnerChanged-GetNameOwner.patch
Patch1121: 1121-core-sd-bus-drop-empty-lines-between-function-call-a.patch
Patch1122: 1122-core-do-not-disconnect-from-bus-when-failed-to-insta.patch
Patch1123: 1123-dbus-stash-the-subscriber-list-when-we-disconenct-fr.patch
Patch1124: 1124-manager-s-deserialized_subscribed-subscribed_as_strv.patch
Patch1125: 1125-bus-util-do-not-reset-the-count-returned-by-sd_bus_t.patch
Patch1126: 1126-core-manager-restore-bus-track-deserialization-clean.patch
Patch1127: 1127-core-manager-drop-duplicate-bus-track-deserializatio.patch
Patch1128: 1128-sd-bus-bus-track-use-install_callback-in-sd_bus_trac.patch
# AlmaLinux Patch
Patch9000: 9000-core-reorder-systemd-arguments-on-reexec.patch
@ -2082,11 +2094,25 @@ systemd-hwdb update &>/dev/null || :
%{_prefix}/lib/dracut/modules.d/70rhel-net-naming-sysattrs/*
%changelog
* Tue Sep 16 2025 Andrew Lukoshko <alukoshko@almalinux.org> - 252-51.2.alma.2
* Tue Nov 04 2025 Andrew Lukoshko <alukoshko@almalinux.org> - 252-51.3.alma.2
- core: reorder systemd arguments on reexe
- coredump: use %d in kernel core pattern - CVE-2025-4598
- Debrand for AlmaLinux
* Fri Sep 12 2025 systemd maintenance team <systemd-maint@redhat.com> - 252-51.3
- meson: /etc/systemd/network is also used by udevd (RHEL-111610)
- sd-bus: make bus_add_match_full accept timeout (RHEL-111629)
- core/unit: add get_timeout_start_usec in UnitVTable and define it for service (RHEL-111629)
- core/unit: increase the NameOwnerChanged/GetNameOwner timeout to the unit's start timeout (RHEL-111629)
- core,sd-bus: drop empty lines between function call and error check (RHEL-111629)
- core: do not disconnect from bus when failed to install signal match (RHEL-111629)
- dbus: stash the subscriber list when we disconenct from the bus (RHEL-111629)
- manager: s/deserialized_subscribed/subscribed_as_strv (RHEL-111629)
- bus-util: do not reset the count returned by sd_bus_track_count_name() (RHEL-111629)
- core/manager: restore bus track deserialization cleanup in manager_reload() (RHEL-111629)
- core/manager: drop duplicate bus track deserialization (RHEL-111629)
- sd-bus/bus-track: use install_callback in sd_bus_track_add_name() (RHEL-111629)
* Mon Aug 11 2025 systemd maintenance team <systemd-maint@redhat.com> - 252-51.2
- Add a set of assertion macros to tests.h (ASSERT_OK(), ASSERT_EQ(), ASSERT_GE(), ASSERT_LE()) that log the failed condition before crashing and convert test-gpt.c test file to use them (RHEL-108481)
- Follow up with the PR #31819 (RHEL-108481)