From 02cc91671386398b63119e1f181d5deab7a03d98 Mon Sep 17 00:00:00 2001 From: CentOS Sources Date: Thu, 16 Dec 2021 14:33:16 -0500 Subject: [PATCH] import systemd-239-51.el8_5.3 --- ...f-on-event-loop-object-before-dispat.patch | 32 +++++++++++ ...-uninitialized-pointer-in-unit_fail_.patch | 28 ++++++++++ SOURCES/0661-Disable-iptables-for-CI.patch | 24 +++++++++ ...comp-accept-ENOSYS-from-sysctl-2-too.patch | 27 ++++++++++ ...able-libpitc-to-fix-CentOS-Stream-CI.patch | 28 ++++++++++ ...-char-device-0-0-can-now-be-created-.patch | 52 ++++++++++++++++++ ...turn-true-from-cg_is_empty-on-ENOENT.patch | 43 +++++++++++++++ ...l-if-the-same-alt.-name-is-set-again.patch | 27 ++++++++++ ...0667-meson-avoid-bogus-meson-warning.patch | 38 +++++++++++++ ...l-if-rsync-is-not-installed-with-mes.patch | 54 +++++++++++++++++++ SPECS/systemd.spec | 28 +++++++++- 11 files changed, 380 insertions(+), 1 deletion(-) create mode 100644 SOURCES/0659-sd-event-take-ref-on-event-loop-object-before-dispat.patch create mode 100644 SOURCES/0660-pid1-fix-free-of-uninitialized-pointer-in-unit_fail_.patch create mode 100644 SOURCES/0661-Disable-iptables-for-CI.patch create mode 100644 SOURCES/0662-test-seccomp-accept-ENOSYS-from-sysctl-2-too.patch create mode 100644 SOURCES/0663-Disable-libpitc-to-fix-CentOS-Stream-CI.patch create mode 100644 SOURCES/0664-test-accept-that-char-device-0-0-can-now-be-created-.patch create mode 100644 SOURCES/0665-core-return-true-from-cg_is_empty-on-ENOENT.patch create mode 100644 SOURCES/0666-Do-not-fail-if-the-same-alt.-name-is-set-again.patch create mode 100644 SOURCES/0667-meson-avoid-bogus-meson-warning.patch create mode 100644 SOURCES/0668-meson-do-not-fail-if-rsync-is-not-installed-with-mes.patch diff --git a/SOURCES/0659-sd-event-take-ref-on-event-loop-object-before-dispat.patch b/SOURCES/0659-sd-event-take-ref-on-event-loop-object-before-dispat.patch new file mode 100644 index 0000000..d726221 --- /dev/null +++ b/SOURCES/0659-sd-event-take-ref-on-event-loop-object-before-dispat.patch @@ -0,0 +1,32 @@ +From 814da05c68d9e892c1f89585cc07c6a0330f3e37 Mon Sep 17 00:00:00 2001 +From: Michal Sekletar +Date: Wed, 8 Sep 2021 15:42:11 +0200 +Subject: [PATCH] sd-event: take ref on event loop object before dispatching + event sources + +Idea is that all public APIs should take reference on objects that get +exposed to user-provided callbacks. We take the reference as a +protection from callbacks dropping it. We used to do this also here in +sd_event_loop(). However, in cleanup portion of f814c871e6 this was +accidentally dropped. + +(cherry picked from commit 9f6ef467818f902fe5369c8e37a39a3901bdcf4f) + +Resolves: #2024903 +--- + src/libsystemd/sd-event/sd-event.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/src/libsystemd/sd-event/sd-event.c b/src/libsystemd/sd-event/sd-event.c +index f78da00c3a..47cf93b3f4 100644 +--- a/src/libsystemd/sd-event/sd-event.c ++++ b/src/libsystemd/sd-event/sd-event.c +@@ -3838,7 +3838,7 @@ _public_ int sd_event_loop(sd_event *e) { + assert_return(!event_pid_changed(e), -ECHILD); + assert_return(e->state == SD_EVENT_INITIAL, -EBUSY); + +- _unused_ _cleanup_(sd_event_unrefp) sd_event *ref = NULL; ++ _unused_ _cleanup_(sd_event_unrefp) sd_event *ref = sd_event_ref(e); + + while (e->state != SD_EVENT_FINISHED) { + r = sd_event_run(e, (uint64_t) -1); diff --git a/SOURCES/0660-pid1-fix-free-of-uninitialized-pointer-in-unit_fail_.patch b/SOURCES/0660-pid1-fix-free-of-uninitialized-pointer-in-unit_fail_.patch new file mode 100644 index 0000000..9566337 --- /dev/null +++ b/SOURCES/0660-pid1-fix-free-of-uninitialized-pointer-in-unit_fail_.patch @@ -0,0 +1,28 @@ +From b526b7636961ca3d303a6965879b3575e4cc293b Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= +Date: Fri, 14 Dec 2018 08:16:31 +0100 +Subject: [PATCH] pid1: fix free of uninitialized pointer in + unit_fail_if_noncanonical() + +https://bugzilla.redhat.com/show_bug.cgi?id=1653068 + +(cherry picked from commit 58d9d89b4b41189bdcea86c2ad5cf708b7d54aca) + +Related: #2024903 +--- + src/core/unit.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/src/core/unit.c b/src/core/unit.c +index 93c13e58d9..152a860d08 100644 +--- a/src/core/unit.c ++++ b/src/core/unit.c +@@ -4785,7 +4785,7 @@ void unit_warn_if_dir_nonempty(Unit *u, const char* where) { + } + + int unit_fail_if_noncanonical(Unit *u, const char* where) { +- _cleanup_free_ char *canonical_where; ++ _cleanup_free_ char *canonical_where = NULL; + int r; + + assert(u); diff --git a/SOURCES/0661-Disable-iptables-for-CI.patch b/SOURCES/0661-Disable-iptables-for-CI.patch new file mode 100644 index 0000000..be22077 --- /dev/null +++ b/SOURCES/0661-Disable-iptables-for-CI.patch @@ -0,0 +1,24 @@ +From 5e081bdfe3711a812c0f2448a14909b0c518d808 Mon Sep 17 00:00:00 2001 +From: David Tardon +Date: Wed, 13 Oct 2021 10:01:59 +0200 +Subject: [PATCH] Disable iptables for CI + +(cherry picked from commit ffd20a699280a4732d0fe4cddafe12ee8010ddb6) + +Related: #2024903 +--- + .github/workflows/unit_tests.sh | 1 - + 1 file changed, 1 deletion(-) + +diff --git a/.github/workflows/unit_tests.sh b/.github/workflows/unit_tests.sh +index ad4584ec1d..36363603db 100755 +--- a/.github/workflows/unit_tests.sh ++++ b/.github/workflows/unit_tests.sh +@@ -92,7 +92,6 @@ SYSTEMD_BUILD_DEPS=( + gnutls-devel + gobject-introspection-devel + gperf +- iptables-devel + kmod-devel + libacl-devel + libblkid-devel diff --git a/SOURCES/0662-test-seccomp-accept-ENOSYS-from-sysctl-2-too.patch b/SOURCES/0662-test-seccomp-accept-ENOSYS-from-sysctl-2-too.patch new file mode 100644 index 0000000..138bc42 --- /dev/null +++ b/SOURCES/0662-test-seccomp-accept-ENOSYS-from-sysctl-2-too.patch @@ -0,0 +1,27 @@ +From 307930f1c7e7588e6cfdc413147c5fc615ae73de Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= +Date: Tue, 22 Sep 2020 19:05:17 +0200 +Subject: [PATCH] test-seccomp: accept ENOSYS from sysctl(2) too + +It seems that kernel 5.9 started returning that. + +(cherry picked from commit 0af05e485a3a88f454c714901eb6109307dc893e) + +Related: #2024903 +--- + src/test/test-seccomp.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/src/test/test-seccomp.c b/src/test/test-seccomp.c +index 5eb1c78b8b..6ec04c4c55 100644 +--- a/src/test/test-seccomp.c ++++ b/src/test/test-seccomp.c +@@ -239,7 +239,7 @@ static void test_protect_sysctl(void) { + if (pid == 0) { + #if defined __NR__sysctl && __NR__sysctl >= 0 + assert_se(syscall(__NR__sysctl, NULL) < 0); +- assert_se(errno == EFAULT); ++ assert_se(IN_SET(errno, EFAULT, ENOSYS)); + #endif + + assert_se(seccomp_protect_sysctl() >= 0); diff --git a/SOURCES/0663-Disable-libpitc-to-fix-CentOS-Stream-CI.patch b/SOURCES/0663-Disable-libpitc-to-fix-CentOS-Stream-CI.patch new file mode 100644 index 0000000..fd6f0ec --- /dev/null +++ b/SOURCES/0663-Disable-libpitc-to-fix-CentOS-Stream-CI.patch @@ -0,0 +1,28 @@ +From 26a1c41e771eb3b36f6f9b95ae35ce4803766e3c Mon Sep 17 00:00:00 2001 +From: David Tardon +Date: Mon, 25 Oct 2021 15:27:27 +0200 +Subject: [PATCH] Disable libpitc to fix CentOS Stream CI + +We have disabled it in our spec starting with 8.5.0, so let's follow +suit here. + +(cherry picked from commit b029865ef6d8b23ecdbfda4e277a3f75cb59ee94) + +Related: #2024903 +--- + .github/workflows/unit_tests.sh | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/.github/workflows/unit_tests.sh b/.github/workflows/unit_tests.sh +index 36363603db..814870e7a0 100755 +--- a/.github/workflows/unit_tests.sh ++++ b/.github/workflows/unit_tests.sh +@@ -50,7 +50,7 @@ CONFIGURE_OPTS=( + -Dgnutls=true + -Dmicrohttpd=true + -Dlibidn2=true +- -Dlibiptc=true ++ -Dlibiptc=false + -Dlibcurl=true + -Defi=true + -Dtpm=true diff --git a/SOURCES/0664-test-accept-that-char-device-0-0-can-now-be-created-.patch b/SOURCES/0664-test-accept-that-char-device-0-0-can-now-be-created-.patch new file mode 100644 index 0000000..3645a71 --- /dev/null +++ b/SOURCES/0664-test-accept-that-char-device-0-0-can-now-be-created-.patch @@ -0,0 +1,52 @@ +From 5763844219e88a993d1b93653585bc68e909353c Mon Sep 17 00:00:00 2001 +From: Lennart Poettering +Date: Fri, 14 Aug 2020 21:50:55 +0200 +Subject: [PATCH] test: accept that char device 0/0 can now be created witout + privileges + +Fixes: #16721 + +(cherry picked from commit 5b5ce6298e5a1c09beacd5c963e2350979cbf94a) + +Related: #2024903 +--- + src/test/test-fs-util.c | 12 ++++++------ + 1 file changed, 6 insertions(+), 6 deletions(-) + +diff --git a/src/test/test-fs-util.c b/src/test/test-fs-util.c +index e3338ea440..aa32629f62 100644 +--- a/src/test/test-fs-util.c ++++ b/src/test/test-fs-util.c +@@ -518,8 +518,8 @@ static void test_touch_file(void) { + assert_se(timespec_load(&st.st_mtim) == test_mtime); + + if (geteuid() == 0) { +- a = strjoina(p, "/cdev"); +- r = mknod(a, 0775 | S_IFCHR, makedev(0, 0)); ++ a = strjoina(p, "/bdev"); ++ r = mknod(a, 0775 | S_IFBLK, makedev(0, 0)); + if (r < 0 && errno == EPERM && detect_container() > 0) { + log_notice("Running in unprivileged container? Skipping remaining tests in %s", __func__); + return; +@@ -529,17 +529,17 @@ static void test_touch_file(void) { + assert_se(lstat(a, &st) >= 0); + assert_se(st.st_uid == test_uid); + assert_se(st.st_gid == test_gid); +- assert_se(S_ISCHR(st.st_mode)); ++ assert_se(S_ISBLK(st.st_mode)); + assert_se((st.st_mode & 0777) == 0640); + assert_se(timespec_load(&st.st_mtim) == test_mtime); + +- a = strjoina(p, "/bdev"); +- assert_se(mknod(a, 0775 | S_IFBLK, makedev(0, 0)) >= 0); ++ a = strjoina(p, "/cdev"); ++ assert_se(mknod(a, 0775 | S_IFCHR, makedev(0, 0)) >= 0); + assert_se(touch_file(a, false, test_mtime, test_uid, test_gid, 0640) >= 0); + assert_se(lstat(a, &st) >= 0); + assert_se(st.st_uid == test_uid); + assert_se(st.st_gid == test_gid); +- assert_se(S_ISBLK(st.st_mode)); ++ assert_se(S_ISCHR(st.st_mode)); + assert_se((st.st_mode & 0777) == 0640); + assert_se(timespec_load(&st.st_mtim) == test_mtime); + } diff --git a/SOURCES/0665-core-return-true-from-cg_is_empty-on-ENOENT.patch b/SOURCES/0665-core-return-true-from-cg_is_empty-on-ENOENT.patch new file mode 100644 index 0000000..5d22a15 --- /dev/null +++ b/SOURCES/0665-core-return-true-from-cg_is_empty-on-ENOENT.patch @@ -0,0 +1,43 @@ +From bfc6e3c33b49b4f2e611e2ff151d3088055df07d Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= +Date: Wed, 17 Oct 2018 17:48:35 +0200 +Subject: [PATCH] core: return true from cg_is_empty* on ENOENT + +(cherry picked from commit 1bcf3fc6c57d92927b96cad8c739099b4ceae236) + +Related: #2024903 +--- + src/basic/cgroup-util.c | 6 ++++-- + 1 file changed, 4 insertions(+), 2 deletions(-) + +diff --git a/src/basic/cgroup-util.c b/src/basic/cgroup-util.c +index 992b12811a..14abe6e014 100644 +--- a/src/basic/cgroup-util.c ++++ b/src/basic/cgroup-util.c +@@ -1177,7 +1177,7 @@ int cg_is_empty(const char *controller, const char *path) { + + r = cg_enumerate_processes(controller, path, &f); + if (r == -ENOENT) +- return 1; ++ return true; + if (r < 0) + return r; + +@@ -1207,6 +1207,8 @@ int cg_is_empty_recursive(const char *controller, const char *path) { + * via the "populated" attribute of "cgroup.events". */ + + r = cg_read_event(controller, path, "populated", &t); ++ if (r == -ENOENT) ++ return true; + if (r < 0) + return r; + +@@ -1221,7 +1223,7 @@ int cg_is_empty_recursive(const char *controller, const char *path) { + + r = cg_enumerate_subgroups(controller, path, &d); + if (r == -ENOENT) +- return 1; ++ return true; + if (r < 0) + return r; + diff --git a/SOURCES/0666-Do-not-fail-if-the-same-alt.-name-is-set-again.patch b/SOURCES/0666-Do-not-fail-if-the-same-alt.-name-is-set-again.patch new file mode 100644 index 0000000..ffafa82 --- /dev/null +++ b/SOURCES/0666-Do-not-fail-if-the-same-alt.-name-is-set-again.patch @@ -0,0 +1,27 @@ +From 21c071fbd05d112ccd92b7a49e53bf8d38cdbd06 Mon Sep 17 00:00:00 2001 +From: David Tardon +Date: Wed, 8 Dec 2021 09:49:24 +0100 +Subject: [PATCH] Do not fail if the same alt. name is set again + +This is a workaround for a kernel bug. + +RHEL-only + +Resolves: #2030027 +--- + src/udev/net/link-config.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/src/udev/net/link-config.c b/src/udev/net/link-config.c +index 5220f247f0..9046c5bd2a 100644 +--- a/src/udev/net/link-config.c ++++ b/src/udev/net/link-config.c +@@ -526,7 +526,7 @@ int link_config_apply(link_config_ctx *ctx, link_config *config, + strv_uniq(altnames); + strv_sort(altnames); + r = rtnl_set_link_alternative_names(&ctx->rtnl, ifindex, altnames); +- if (r == -EOPNOTSUPP) ++ if (IN_SET(r, -EOPNOTSUPP, -EEXIST)) + log_debug_errno(r, "Could not set AlternativeName= or apply AlternativeNamesPolicy= on %s, ignoring: %m", old_name); + else if (r < 0) + return log_warning_errno(r, "Could not set AlternativeName= or apply AlternativeNamesPolicy= on %s: %m", old_name); diff --git a/SOURCES/0667-meson-avoid-bogus-meson-warning.patch b/SOURCES/0667-meson-avoid-bogus-meson-warning.patch new file mode 100644 index 0000000..4bdfec5 --- /dev/null +++ b/SOURCES/0667-meson-avoid-bogus-meson-warning.patch @@ -0,0 +1,38 @@ +From 0e03f2192cd80e6a4a1bf83f0238cc6d133b8475 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= +Date: Thu, 7 Nov 2019 11:32:26 +0100 +Subject: [PATCH] meson: avoid bogus meson warning + +With meson-0.52.0-1.module_f31+6771+f5d842eb.noarch I get: +src/test/meson.build:19: WARNING: Overriding previous value of environment variable 'PATH' with a new one + +When we're using *prepend*, the whole point is to modify an existing variable, +so meson shouldn't warn. But let's set avoid the warning and shorten things by +setting the final value immediately. + +(cherry picked from commit cbe804947482998cc767bfb0c169e6263a6ef097) + +Related: #2030027 +--- + src/test/meson.build | 5 ++--- + 1 file changed, 2 insertions(+), 3 deletions(-) + +diff --git a/src/test/meson.build b/src/test/meson.build +index 7b310d4ec7..4bbc67d367 100644 +--- a/src/test/meson.build ++++ b/src/test/meson.build +@@ -10,12 +10,11 @@ test_hashmap_ordered_c = custom_target( + + test_include_dir = include_directories('.') + +-path = run_command('sh', ['-c', 'echo "$PATH"']).stdout() ++path = run_command('sh', ['-c', 'echo "$PATH"']).stdout().strip() + test_env = environment() + test_env.set('SYSTEMD_KBD_MODEL_MAP', kbd_model_map) + test_env.set('SYSTEMD_LANGUAGE_FALLBACK_MAP', language_fallback_map) +-test_env.set('PATH', path) +-test_env.prepend('PATH', meson.build_root()) ++test_env.set('PATH', '@0@:@1@'.format(meson.build_root(), path)) + + ############################################################ + diff --git a/SOURCES/0668-meson-do-not-fail-if-rsync-is-not-installed-with-mes.patch b/SOURCES/0668-meson-do-not-fail-if-rsync-is-not-installed-with-mes.patch new file mode 100644 index 0000000..9dc08d1 --- /dev/null +++ b/SOURCES/0668-meson-do-not-fail-if-rsync-is-not-installed-with-mes.patch @@ -0,0 +1,54 @@ +From 112de8e094470d2a8df4f7c9b8ca62bd68c96a70 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= +Date: Mon, 12 Apr 2021 14:03:32 +0200 +Subject: [PATCH] meson: do not fail if rsync is not installed with meson + 0.57.2 + +https://github.com/mesonbuild/meson/issues/8641 + +Our CI started to fail. Even if the change is reverted in meson, +we need a quick workaround here. + +(cherry picked from commit 7c5fd25119a495009ea62f79e5daec34cc464628) + +Related: #2030027 +--- + man/meson.build | 25 ++++++++++++++----------- + 1 file changed, 14 insertions(+), 11 deletions(-) + +diff --git a/man/meson.build b/man/meson.build +index a953d34098..efc8836d0c 100644 +--- a/man/meson.build ++++ b/man/meson.build +@@ -178,17 +178,20 @@ html = custom_target( + depends : html_pages, + command : ['echo']) + +-run_target( +- 'doc-sync', +- depends : man_pages + html_pages, +- command : ['rsync', '-rlv', +- '--delete-excluded', +- '--include=man', +- '--include=*.html', +- '--exclude=*', +- '--omit-dir-times', +- meson.current_build_dir(), +- get_option('www-target')]) ++rsync = find_program('rsync', required : false) ++if rsync.found() ++ run_target( ++ 'doc-sync', ++ depends : man_pages + html_pages, ++ command : [rsync, '-rlv', ++ '--delete-excluded', ++ '--include=man', ++ '--include=*.html', ++ '--exclude=*', ++ '--omit-dir-times', ++ meson.current_build_dir(), ++ get_option('www-target')]) ++endif + + ############################################################ + diff --git a/SPECS/systemd.spec b/SPECS/systemd.spec index 580ef82..1ad8a84 100644 --- a/SPECS/systemd.spec +++ b/SPECS/systemd.spec @@ -13,7 +13,7 @@ Name: systemd Url: http://www.freedesktop.org/wiki/Software/systemd Version: 239 -Release: 51%{?dist} +Release: 51%{?dist}.3 # For a breakdown of the licensing, see README License: LGPLv2+ and MIT and GPLv2+ Summary: System and Service Manager @@ -708,6 +708,16 @@ Patch0655: 0655-udev-do-not-try-to-reassign-alternative-names.patch Patch0656: 0656-Fix-LGTM-build.patch Patch0657: 0657-sd-hwdb-allow-empty-properties.patch Patch0658: 0658-Update-hwdb.patch +Patch0659: 0659-sd-event-take-ref-on-event-loop-object-before-dispat.patch +Patch0660: 0660-pid1-fix-free-of-uninitialized-pointer-in-unit_fail_.patch +Patch0661: 0661-Disable-iptables-for-CI.patch +Patch0662: 0662-test-seccomp-accept-ENOSYS-from-sysctl-2-too.patch +Patch0663: 0663-Disable-libpitc-to-fix-CentOS-Stream-CI.patch +Patch0664: 0664-test-accept-that-char-device-0-0-can-now-be-created-.patch +Patch0665: 0665-core-return-true-from-cg_is_empty-on-ENOENT.patch +Patch0666: 0666-Do-not-fail-if-the-same-alt.-name-is-set-again.patch +Patch0667: 0667-meson-avoid-bogus-meson-warning.patch +Patch0668: 0668-meson-do-not-fail-if-rsync-is-not-installed-with-mes.patch %ifarch %{ix86} x86_64 aarch64 @@ -1335,6 +1345,22 @@ fi %files tests -f .file-list-tests %changelog +* Fri Dec 10 2021 systemd maintenance team - 239-51.3 +- Do not fail if the same alt. name is set again (#2030027) +- meson: avoid bogus meson warning (#2030027) +- meson: do not fail if rsync is not installed with meson 0.57.2 (#2030027) + +* Fri Dec 03 2021 systemd maintenance team - 239-51.2 +- core: return true from cg_is_empty* on ENOENT (#2024903) + +* Wed Dec 01 2021 systemd maintenance team - 239-51.1 +- sd-event: take ref on event loop object before dispatching event sources (#2024903) +- pid1: fix free of uninitialized pointer in unit_fail_if_noncanonical() (#2024903) +- Disable iptables for CI (#2024903) +- test-seccomp: accept ENOSYS from sysctl(2) too (#2024903) +- Disable libpitc to fix CentOS Stream CI (#2024903) +- test: accept that char device 0/0 can now be created witout privileges (#2024903) + * Thu Sep 23 2021 systemd maintenance team - 239-51 - define newly needed constants (#1850986) - sd-netlink: support IFLA_PROP_LIST and IFLA_ALT_IFNAME attributes (#1850986)