From 090a9d035fee8f266843a2468d2cc66205fd1fc2 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= Date: Tue, 3 Sep 2019 11:56:59 +0200 Subject: [PATCH] Update to v243 --- 13406.patch | 201 --------------------------------------------------- sources | 2 +- systemd.spec | 12 ++- 3 files changed, 11 insertions(+), 204 deletions(-) delete mode 100644 13406.patch diff --git a/13406.patch b/13406.patch deleted file mode 100644 index dce5cd3..0000000 --- a/13406.patch +++ /dev/null @@ -1,201 +0,0 @@ -From 054d9609e1639a725e9a29af086c1585bacc43ff Mon Sep 17 00:00:00 2001 -From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= -Date: Thu, 6 Aug 2015 21:34:15 -0400 -Subject: [PATCH] manager: put bin before sbin for user instances - -Traditionally, user logins had a $PATH in which /bin was before /sbin, while -root logins had a $PATH with /sbin first. This allows the tricks that -consolehelper is doing to work. But even if we ignore consolehelper, having the -path in this order might have been used by admins for other purposes, and -keeping the order in user sessions will make it easier the adoption of systemd -user sessions a bit easier. - -Fixes #733. -https://bugzilla.redhat.com/show_bug.cgi?id=1744059 - -OOM handling in manager_default_environment wasn't really correct. -Now the (theorertical) malloc failure in strv_new() is handled. - -Please note that this has no effect on: -- systems with merged /bin-/sbin (e.g. arch) - -- when there are no binaries that differ between the two locations. - - E.g. on my F30 laptop there is exactly one program that is affected: - /usr/bin/setup -> consolehelper. - - There is less and less stuff that relies on consolehelper, but there's still - some. - -So for "clean" systems this makes no difference, but helps with legacy setups. - -$ dnf repoquery --releasever=31 --qf %{name} --whatrequires usermode -anaconda-live -audit-viewer -beesu -chkrootkit -driftnet -drobo-utils-gui -hddtemp -mate-system-log -mock -pure-ftpd -setuptool -subscription-manager -system-config-httpd -system-config-rootpassword -system-switch-java -system-switch-mail -usermode-gtk -vpnc-consoleuser -wifi-radar -xawtv ---- - man/systemd.exec.xml | 35 +++++++++++++++++++++-------------- - src/basic/path-util.h | 8 ++++++++ - src/core/manager.c | 23 +++++++++++++++++++---- - 3 files changed, 48 insertions(+), 18 deletions(-) - -diff --git a/man/systemd.exec.xml b/man/systemd.exec.xml -index fbbfd4f5146..5cb83afa578 100644 ---- a/man/systemd.exec.xml -+++ b/man/systemd.exec.xml -@@ -2152,16 +2152,17 @@ StandardInputData=SWNrIHNpdHplIGRhIHVuJyBlc3NlIEtsb3BzLAp1ZmYgZWVtYWwga2xvcHAncy - - LogExtraFields= - -- Configures additional log metadata fields to include in all log records generated by processes -- associated with this unit. This setting takes one or more journal field assignments in the format -- FIELD=VALUE separated by whitespace. See -- systemd.journal-fields7 for -- details on the journal field concept. Even though the underlying journal implementation permits binary field -- values, this setting accepts only valid UTF-8 values. To include space characters in a journal field value, -- enclose the assignment in double quotes ("). The usual specifiers are expanded in all assignments (see -- below). Note that this setting is not only useful for attaching additional metadata to log records of a unit, -- but given that all fields and values are indexed may also be used to implement cross-unit log record -- matching. Assign an empty string to reset the list. -+ Configures additional log metadata fields to include in all log records generated by -+ processes associated with this unit. This setting takes one or more journal field assignments in the -+ format FIELD=VALUE separated by whitespace. See -+ systemd.journal-fields7 -+ for details on the journal field concept. Even though the underlying journal implementation permits -+ binary field values, this setting accepts only valid UTF-8 values. To include space characters in a -+ journal field value, enclose the assignment in double quotes ("). -+ The usual specifiers are expanded in all assignments (see below). Note that this setting is not only -+ useful for attaching additional metadata to log records of a unit, but given that all fields and -+ values are indexed may also be used to implement cross-unit log record matching. Assign an empty -+ string to reset the list. - - - -@@ -2355,10 +2356,16 @@ StandardInputData=SWNrIHNpdHplIGRhIHVuJyBlc3NlIEtsb3BzLAp1ZmYgZWVtYWwga2xvcHAncy - - $PATH - -- Colon-separated list of directories to use -- when launching executables. systemd uses a fixed value of -- /usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin. -- -+ Colon-separated list of directories to use when launching -+ executables. systemd uses a fixed value of -+ /usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin -+ in the system manager. When compiled for systems with "unmerged /usr" (/bin is -+ not a symlink to /usr/bin), -+ :/sbin:/bin is appended. In case of the -+ the user manager, each bin/ and sbin/ pair is switched, so -+ that programs from /usr/bin have higher priority than programs from -+ /usr/sbin, etc. It is recommended to not rely on this in any way, and have only -+ one program with a given name in $PATH. - - - -diff --git a/src/basic/path-util.h b/src/basic/path-util.h -index 1f46cd65c96..71fb7041a3c 100644 ---- a/src/basic/path-util.h -+++ b/src/basic/path-util.h -@@ -11,30 +11,38 @@ - #include "time-util.h" - - #define PATH_SPLIT_SBIN_BIN(x) x "sbin:" x "bin" -+#define PATH_SPLIT_BIN_SBIN(x) x "bin:" x "sbin" - #define PATH_SPLIT_SBIN_BIN_NULSTR(x) x "sbin\0" x "bin\0" - - #define PATH_NORMAL_SBIN_BIN(x) x "bin" -+#define PATH_NORMAL_BIN_SBIN(x) x "bin" - #define PATH_NORMAL_SBIN_BIN_NULSTR(x) x "bin\0" - - #if HAVE_SPLIT_BIN - # define PATH_SBIN_BIN(x) PATH_SPLIT_SBIN_BIN(x) -+# define PATH_BIN_SBIN(x) PATH_SPLIT_BIN_SBIN(x) - # define PATH_SBIN_BIN_NULSTR(x) PATH_SPLIT_SBIN_BIN_NULSTR(x) - #else - # define PATH_SBIN_BIN(x) PATH_NORMAL_SBIN_BIN(x) -+# define PATH_BIN_SBIN(x) PATH_NORMAL_BIN_SBIN(x) - # define PATH_SBIN_BIN_NULSTR(x) PATH_NORMAL_SBIN_BIN_NULSTR(x) - #endif - - #define DEFAULT_PATH_NORMAL PATH_SBIN_BIN("/usr/local/") ":" PATH_SBIN_BIN("/usr/") -+#define DEFAULT_USER_PATH_NORMAL PATH_BIN_SBIN("/usr/local/") ":" PATH_BIN_SBIN("/usr/") - #define DEFAULT_PATH_NORMAL_NULSTR PATH_SBIN_BIN_NULSTR("/usr/local/") PATH_SBIN_BIN_NULSTR("/usr/") - #define DEFAULT_PATH_SPLIT_USR DEFAULT_PATH_NORMAL ":" PATH_SBIN_BIN("/") -+#define DEFAULT_USER_PATH_SPLIT_USR DEFAULT_PATH_NORMAL ":" PATH_BIN_SBIN("/") - #define DEFAULT_PATH_SPLIT_USR_NULSTR DEFAULT_PATH_NORMAL_NULSTR PATH_SBIN_BIN_NULSTR("/") - #define DEFAULT_PATH_COMPAT PATH_SPLIT_SBIN_BIN("/usr/local/") ":" PATH_SPLIT_SBIN_BIN("/usr/") ":" PATH_SPLIT_SBIN_BIN("/") - - #if HAVE_SPLIT_USR - # define DEFAULT_PATH DEFAULT_PATH_SPLIT_USR -+# define DEFAULT_USER_PATH DEFAULT_USER_PATH_SPLIT_USR - # define DEFAULT_PATH_NULSTR DEFAULT_PATH_SPLIT_USR_NULSTR - #else - # define DEFAULT_PATH DEFAULT_PATH_NORMAL -+# define DEFAULT_USER_PATH DEFAULT_USER_PATH_NORMAL - # define DEFAULT_PATH_NULSTR DEFAULT_PATH_NORMAL_NULSTR - #endif - -diff --git a/src/core/manager.c b/src/core/manager.c -index 8d691a19c3d..91a601e8fd8 100644 ---- a/src/core/manager.c -+++ b/src/core/manager.c -@@ -603,6 +603,8 @@ static char** sanitize_environment(char **l) { - } - - int manager_default_environment(Manager *m) { -+ int r; -+ - assert(m); - - m->transient_environment = strv_free(m->transient_environment); -@@ -616,16 +618,29 @@ int manager_default_environment(Manager *m) { - * /proc/self/environ valid; it is used for tagging - * the init process inside containers. */ - m->transient_environment = strv_new("PATH=" DEFAULT_PATH); -+ if (!m->transient_environment) -+ return log_oom(); - - /* Import locale variables LC_*= from configuration */ - (void) locale_setup(&m->transient_environment); -- } else -+ } else { -+ _cleanup_free_ char *k = NULL; -+ - /* The user manager passes its own environment -- * along to its children. */ -+ * along to its children, except for $PATH. */ - m->transient_environment = strv_copy(environ); -+ if (!m->transient_environment) -+ return log_oom(); - -- if (!m->transient_environment) -- return log_oom(); -+ k = strdup("PATH=" DEFAULT_USER_PATH); -+ if (!k) -+ return log_oom(); -+ -+ r = strv_env_replace(&m->transient_environment, k); -+ if (r < 0) -+ return log_oom(); -+ TAKE_PTR(k); -+ } - - sanitize_environment(m->transient_environment); - diff --git a/sources b/sources index 141ae4d..cd4c170 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -SHA512 (systemd-243-rc2.tar.gz) = 7e9b996c1eeb299fb971f2fd4a39fa62c7cc9178bacaaae6c168008dec438f392b949deb72d08f27060b3cde54b46b70f6a18b1bc70725a56ca2a28a1f96b6a1 +SHA512 (systemd-243.tar.gz) = 56b52a297aa5ac04d9667eb3afb1598725b197de73ff72baa1aabbc2844e36fba7b7fccdf6d214ae8b5b926616b2b7e15772763aaa80ec938d74333ff9c8673e diff --git a/systemd.spec b/systemd.spec index 0f26a7c..66d4c13 100644 --- a/systemd.spec +++ b/systemd.spec @@ -14,8 +14,8 @@ Name: systemd Url: https://www.freedesktop.org/wiki/Software/systemd -Version: 243~rc2 -Release: 2%{?commit:.git%{shortcommit}}%{?dist} +Version: 243 +Release: 1%{?commit:.git%{shortcommit}}%{?dist} # For a breakdown of the licensing, see README License: LGPLv2+ and MIT and GPLv2+ Summary: System and Service Manager @@ -701,6 +701,14 @@ fi %files tests -f .file-list-tests %changelog +* Tue Sep 3 2019 Zbigniew Jędrzejewski-Szmek - 243-1 +- Update to latest release +- Emission of Session property-changed notifications from logind is fixed + (this was breaking the switching of sessions to and from gnome). +- Security issue: unprivileged users were allowed to change DNS + servers configured in systemd-resolved. Now proper polkit authorization + is required. + * Mon Aug 26 2019 Adam Williamson - 243~rc2-2 - Backport PR #13406 to solve PATH ordering issue (#1744059)