Backport PR #13406 to solve PATH ordering issue (#1744059)

2019-08-26 11:44:02 -07:00 · 2019-08-26 11:44:02 -07:00 · 07b358f168
commit 07b358f168
parent 37d9de1fcf
2 changed files with 209 additions and 1 deletions
--- a/13406.patch
+++ b/13406.patch
@ -0,0 +1,201 @@
 From 054d9609e1639a725e9a29af086c1585bacc43ff Mon Sep 17 00:00:00 2001
 From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= <zbyszek@in.waw.pl>
 Date: Thu, 6 Aug 2015 21:34:15 -0400
 Subject: [PATCH] manager: put bin before sbin for user instances
 Traditionally, user logins had a $PATH in which /bin was before /sbin, while
 root logins had a $PATH with /sbin first. This allows the tricks that
 consolehelper is doing to work. But even if we ignore consolehelper, having the
 path in this order might have been used by admins for other purposes, and
 keeping the order in user sessions will make it easier the adoption of systemd
 user sessions a bit easier.
 Fixes #733.
 https://bugzilla.redhat.com/show_bug.cgi?id=1744059
 OOM handling in manager_default_environment wasn't really correct.
 Now the (theorertical) malloc failure in strv_new() is handled.
 Please note that this has no effect on:
 - systems with merged /bin-/sbin (e.g. arch)
 - when there are no binaries that differ between the two locations.
  E.g. on my F30 laptop there is exactly one program that is affected:
  /usr/bin/setup -> consolehelper.
  There is less and less stuff that relies on consolehelper, but there's still
  some.
 So for "clean" systems this makes no difference, but helps with legacy setups.
 $ dnf repoquery --releasever=31 --qf %{name} --whatrequires usermode
 anaconda-live
 audit-viewer
 beesu
 chkrootkit
 driftnet
 drobo-utils-gui
 hddtemp
 mate-system-log
 mock
 pure-ftpd
 setuptool
 subscription-manager
 system-config-httpd
 system-config-rootpassword
 system-switch-java
 system-switch-mail
 usermode-gtk
 vpnc-consoleuser
 wifi-radar
 xawtv
 ---
 man/systemd.exec.xml  | 35 +++++++++++++++++++++--------------
 src/basic/path-util.h |  8 ++++++++
 src/core/manager.c    | 23 +++++++++++++++++++----
 3 files changed, 48 insertions(+), 18 deletions(-)
 diff --git a/man/systemd.exec.xml b/man/systemd.exec.xml
 index fbbfd4f5146..5cb83afa578 100644
 --- a/man/systemd.exec.xml
 +++ b/man/systemd.exec.xml
@@ -2152,16 +2152,17 @@ StandardInputData=SWNrIHNpdHplIGRhIHVuJyBlc3NlIEtsb3BzLAp1ZmYgZWVtYWwga2xvcHAncy
       <varlistentry>
         <term><varname>LogExtraFields=</varname></term>
 -        <listitem><para>Configures additional log metadata fields to include in all log records generated by processes
 -        associated with this unit. This setting takes one or more journal field assignments in the format
 -        <literal>FIELD=VALUE</literal> separated by whitespace. See
 -        <citerefentry><refentrytitle>systemd.journal-fields</refentrytitle><manvolnum>7</manvolnum></citerefentry> for
 -        details on the journal field concept. Even though the underlying journal implementation permits binary field
 -        values, this setting accepts only valid UTF-8 values. To include space characters in a journal field value,
 -        enclose the assignment in double quotes ("). The usual specifiers are expanded in all assignments (see
 -        below). Note that this setting is not only useful for attaching additional metadata to log records of a unit,
 -        but given that all fields and values are indexed may also be used to implement cross-unit log record
 -        matching. Assign an empty string to reset the list.</para></listitem>
 +        <listitem><para>Configures additional log metadata fields to include in all log records generated by
 +        processes associated with this unit. This setting takes one or more journal field assignments in the
 +        format <literal>FIELD=VALUE</literal> separated by whitespace. See
 +        <citerefentry><refentrytitle>systemd.journal-fields</refentrytitle><manvolnum>7</manvolnum></citerefentry>
 +        for details on the journal field concept. Even though the underlying journal implementation permits
 +        binary field values, this setting accepts only valid UTF-8 values. To include space characters in a
 +        journal field value, enclose the assignment in double quotes ("). <!-- " fake closing quote for emacs-->
 +        The usual specifiers are expanded in all assignments (see below). Note that this setting is not only
 +        useful for attaching additional metadata to log records of a unit, but given that all fields and
 +        values are indexed may also be used to implement cross-unit log record matching. Assign an empty
 +        string to reset the list.</para></listitem>
       </varlistentry>
       <varlistentry>
@@ -2355,10 +2356,16 @@ StandardInputData=SWNrIHNpdHplIGRhIHVuJyBlc3NlIEtsb3BzLAp1ZmYgZWVtYWwga2xvcHAncy
       <varlistentry>
         <term><varname>$PATH</varname></term>
 -        <listitem><para>Colon-separated list of directories to use
 -        when launching executables. systemd uses a fixed value of
 -        <filename>/usr/local/sbin</filename>:<filename>/usr/local/bin</filename>:<filename>/usr/sbin</filename>:<filename>/usr/bin</filename>:<filename>/sbin</filename>:<filename>/bin</filename>.
 -        </para></listitem>
 +        <listitem><para>Colon-separated list of directories to use when launching
 +        executables. <command>systemd</command> uses a fixed value of
 +        <literal><filename>/usr/local/sbin</filename>:<filename>/usr/local/bin</filename>:<filename>/usr/sbin</filename>:<filename>/usr/bin</filename></literal>
 +        in the system manager. When compiled for systems with "unmerged /usr" (<filename>/bin</filename> is
 +        not a symlink to <filename>/usr/bin</filename>),
 +        <literal>:<filename>/sbin</filename>:<filename>/bin</filename></literal> is appended. In case of the
 +        the user manager, each <filename>bin/</filename> and <filename>sbin/</filename> pair is switched, so
 +        that programs from <filename>/usr/bin</filename> have higher priority than programs from
 +        <filename>/usr/sbin</filename>, etc. It is recommended to not rely on this in any way, and have only
 +        one program with a given name in <varname>$PATH</varname>.</para></listitem>
       </varlistentry>
       <varlistentry>
 diff --git a/src/basic/path-util.h b/src/basic/path-util.h
 index 1f46cd65c96..71fb7041a3c 100644
 --- a/src/basic/path-util.h
 +++ b/src/basic/path-util.h
@@ -11,30 +11,38 @@
 #include "time-util.h"
 #define PATH_SPLIT_SBIN_BIN(x) x "sbin:" x "bin"
 +#define PATH_SPLIT_BIN_SBIN(x) x "bin:" x "sbin"
 #define PATH_SPLIT_SBIN_BIN_NULSTR(x) x "sbin\0" x "bin\0"
 #define PATH_NORMAL_SBIN_BIN(x) x "bin"
 +#define PATH_NORMAL_BIN_SBIN(x) x "bin"
 #define PATH_NORMAL_SBIN_BIN_NULSTR(x) x "bin\0"
 #if HAVE_SPLIT_BIN
 #  define PATH_SBIN_BIN(x) PATH_SPLIT_SBIN_BIN(x)
 +#  define PATH_BIN_SBIN(x) PATH_SPLIT_BIN_SBIN(x)
 #  define PATH_SBIN_BIN_NULSTR(x) PATH_SPLIT_SBIN_BIN_NULSTR(x)
 #else
 #  define PATH_SBIN_BIN(x) PATH_NORMAL_SBIN_BIN(x)
 +#  define PATH_BIN_SBIN(x) PATH_NORMAL_BIN_SBIN(x)
 #  define PATH_SBIN_BIN_NULSTR(x) PATH_NORMAL_SBIN_BIN_NULSTR(x)
 #endif
 #define DEFAULT_PATH_NORMAL PATH_SBIN_BIN("/usr/local/") ":" PATH_SBIN_BIN("/usr/")
 +#define DEFAULT_USER_PATH_NORMAL PATH_BIN_SBIN("/usr/local/") ":" PATH_BIN_SBIN("/usr/")
 #define DEFAULT_PATH_NORMAL_NULSTR PATH_SBIN_BIN_NULSTR("/usr/local/") PATH_SBIN_BIN_NULSTR("/usr/")
 #define DEFAULT_PATH_SPLIT_USR DEFAULT_PATH_NORMAL ":" PATH_SBIN_BIN("/")
 +#define DEFAULT_USER_PATH_SPLIT_USR DEFAULT_PATH_NORMAL ":" PATH_BIN_SBIN("/")
 #define DEFAULT_PATH_SPLIT_USR_NULSTR DEFAULT_PATH_NORMAL_NULSTR PATH_SBIN_BIN_NULSTR("/")
 #define DEFAULT_PATH_COMPAT PATH_SPLIT_SBIN_BIN("/usr/local/") ":" PATH_SPLIT_SBIN_BIN("/usr/") ":" PATH_SPLIT_SBIN_BIN("/")
 #if HAVE_SPLIT_USR
 #  define DEFAULT_PATH DEFAULT_PATH_SPLIT_USR
 +#  define DEFAULT_USER_PATH DEFAULT_USER_PATH_SPLIT_USR
 #  define DEFAULT_PATH_NULSTR DEFAULT_PATH_SPLIT_USR_NULSTR
 #else
 #  define DEFAULT_PATH DEFAULT_PATH_NORMAL
 +#  define DEFAULT_USER_PATH DEFAULT_USER_PATH_NORMAL
 #  define DEFAULT_PATH_NULSTR DEFAULT_PATH_NORMAL_NULSTR
 #endif
 diff --git a/src/core/manager.c b/src/core/manager.c
 index 8d691a19c3d..91a601e8fd8 100644
 --- a/src/core/manager.c
 +++ b/src/core/manager.c
@@ -603,6 +603,8 @@ static char** sanitize_environment(char **l) {
 }
 int manager_default_environment(Manager *m) {
 +        int r;
 +
         assert(m);
         m->transient_environment = strv_free(m->transient_environment);
@@ -616,16 +618,29 @@ int manager_default_environment(Manager *m) {
                  * /proc/self/environ valid; it is used for tagging
                  * the init process inside containers. */
                 m->transient_environment = strv_new("PATH=" DEFAULT_PATH);
 +                if (!m->transient_environment)
 +                        return log_oom();
                 /* Import locale variables LC_*= from configuration */
                 (void) locale_setup(&m->transient_environment);
 -        } else
 +        } else {
 +                _cleanup_free_ char *k = NULL;
 +
                 /* The user manager passes its own environment
 -                 * along to its children. */
 +                 * along to its children, except for $PATH. */
                 m->transient_environment = strv_copy(environ);
 +                if (!m->transient_environment)
 +                        return log_oom();
 -        if (!m->transient_environment)
 -                return log_oom();
 +                k = strdup("PATH=" DEFAULT_USER_PATH);
 +                if (!k)
 +                        return log_oom();
 +
 +                r = strv_env_replace(&m->transient_environment, k);
 +                if (r < 0)
 +                        return log_oom();
 +                TAKE_PTR(k);
 +        }
         sanitize_environment(m->transient_environment);
--- a/systemd.spec
+++ b/systemd.spec
@ -15,7 +15,7 @@
 Name:           systemd
 Url:            https://www.freedesktop.org/wiki/Software/systemd
 Version:        243~rc2
-Release:        1%{?commit:.git%{shortcommit}}%{?dist}
+Release:        2%{?commit:.git%{shortcommit}}%{?dist}
 # For a breakdown of the licensing, see README
 License:        LGPLv2+ and MIT and GPLv2+
 Summary:        System and Service Manager
@ -57,6 +57,10 @@ Patch0001:      https://github.com/keszybz/systemd/commit/464a73411c13596a130a7a
 Patch0002:      0002-Revert-units-set-NoNewPrivileges-for-all-long-runnin.patch
 # https://github.com/systemd/systemd/pull/13406
 # Fixes problems with consolehelper binaries in systemd-launched user sessions
 Patch0003:      13406.patch
 Patch0998:      0998-resolved-create-etc-resolv.conf-symlink-at-runtime.patch
 %ifarch %{ix86} x86_64 aarch64
@ -697,6 +701,9 @@ fi
 %files tests -f .file-list-tests
 %changelog
 * Mon Aug 26 2019 Adam Williamson <awilliam@redhat.com> - 243~rc2-2
 - Backport PR #13406 to solve PATH ordering issue (#1744059)
 * Thu Aug 22 2019 Zbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl> - 243~rc2-1
 - Update to latest pre-release. Fixes #1740113, #1717712.
 - The default scheduler for disks is set to BFQ (1738828)