Update to v243

This commit is contained in:
Zbigniew Jędrzejewski-Szmek 2019-09-03 11:56:59 +02:00
parent 07b358f168
commit 090a9d035f
3 changed files with 11 additions and 204 deletions

View File

@ -1,201 +0,0 @@
From 054d9609e1639a725e9a29af086c1585bacc43ff Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= <zbyszek@in.waw.pl>
Date: Thu, 6 Aug 2015 21:34:15 -0400
Subject: [PATCH] manager: put bin before sbin for user instances
Traditionally, user logins had a $PATH in which /bin was before /sbin, while
root logins had a $PATH with /sbin first. This allows the tricks that
consolehelper is doing to work. But even if we ignore consolehelper, having the
path in this order might have been used by admins for other purposes, and
keeping the order in user sessions will make it easier the adoption of systemd
user sessions a bit easier.
Fixes #733.
https://bugzilla.redhat.com/show_bug.cgi?id=1744059
OOM handling in manager_default_environment wasn't really correct.
Now the (theorertical) malloc failure in strv_new() is handled.
Please note that this has no effect on:
- systems with merged /bin-/sbin (e.g. arch)
- when there are no binaries that differ between the two locations.
E.g. on my F30 laptop there is exactly one program that is affected:
/usr/bin/setup -> consolehelper.
There is less and less stuff that relies on consolehelper, but there's still
some.
So for "clean" systems this makes no difference, but helps with legacy setups.
$ dnf repoquery --releasever=31 --qf %{name} --whatrequires usermode
anaconda-live
audit-viewer
beesu
chkrootkit
driftnet
drobo-utils-gui
hddtemp
mate-system-log
mock
pure-ftpd
setuptool
subscription-manager
system-config-httpd
system-config-rootpassword
system-switch-java
system-switch-mail
usermode-gtk
vpnc-consoleuser
wifi-radar
xawtv
---
man/systemd.exec.xml | 35 +++++++++++++++++++++--------------
src/basic/path-util.h | 8 ++++++++
src/core/manager.c | 23 +++++++++++++++++++----
3 files changed, 48 insertions(+), 18 deletions(-)
diff --git a/man/systemd.exec.xml b/man/systemd.exec.xml
index fbbfd4f5146..5cb83afa578 100644
--- a/man/systemd.exec.xml
+++ b/man/systemd.exec.xml
@@ -2152,16 +2152,17 @@ StandardInputData=SWNrIHNpdHplIGRhIHVuJyBlc3NlIEtsb3BzLAp1ZmYgZWVtYWwga2xvcHAncy
<varlistentry>
<term><varname>LogExtraFields=</varname></term>
- <listitem><para>Configures additional log metadata fields to include in all log records generated by processes
- associated with this unit. This setting takes one or more journal field assignments in the format
- <literal>FIELD=VALUE</literal> separated by whitespace. See
- <citerefentry><refentrytitle>systemd.journal-fields</refentrytitle><manvolnum>7</manvolnum></citerefentry> for
- details on the journal field concept. Even though the underlying journal implementation permits binary field
- values, this setting accepts only valid UTF-8 values. To include space characters in a journal field value,
- enclose the assignment in double quotes ("). The usual specifiers are expanded in all assignments (see
- below). Note that this setting is not only useful for attaching additional metadata to log records of a unit,
- but given that all fields and values are indexed may also be used to implement cross-unit log record
- matching. Assign an empty string to reset the list.</para></listitem>
+ <listitem><para>Configures additional log metadata fields to include in all log records generated by
+ processes associated with this unit. This setting takes one or more journal field assignments in the
+ format <literal>FIELD=VALUE</literal> separated by whitespace. See
+ <citerefentry><refentrytitle>systemd.journal-fields</refentrytitle><manvolnum>7</manvolnum></citerefentry>
+ for details on the journal field concept. Even though the underlying journal implementation permits
+ binary field values, this setting accepts only valid UTF-8 values. To include space characters in a
+ journal field value, enclose the assignment in double quotes ("). <!-- " fake closing quote for emacs-->
+ The usual specifiers are expanded in all assignments (see below). Note that this setting is not only
+ useful for attaching additional metadata to log records of a unit, but given that all fields and
+ values are indexed may also be used to implement cross-unit log record matching. Assign an empty
+ string to reset the list.</para></listitem>
</varlistentry>
<varlistentry>
@@ -2355,10 +2356,16 @@ StandardInputData=SWNrIHNpdHplIGRhIHVuJyBlc3NlIEtsb3BzLAp1ZmYgZWVtYWwga2xvcHAncy
<varlistentry>
<term><varname>$PATH</varname></term>
- <listitem><para>Colon-separated list of directories to use
- when launching executables. systemd uses a fixed value of
- <filename>/usr/local/sbin</filename>:<filename>/usr/local/bin</filename>:<filename>/usr/sbin</filename>:<filename>/usr/bin</filename>:<filename>/sbin</filename>:<filename>/bin</filename>.
- </para></listitem>
+ <listitem><para>Colon-separated list of directories to use when launching
+ executables. <command>systemd</command> uses a fixed value of
+ <literal><filename>/usr/local/sbin</filename>:<filename>/usr/local/bin</filename>:<filename>/usr/sbin</filename>:<filename>/usr/bin</filename></literal>
+ in the system manager. When compiled for systems with "unmerged /usr" (<filename>/bin</filename> is
+ not a symlink to <filename>/usr/bin</filename>),
+ <literal>:<filename>/sbin</filename>:<filename>/bin</filename></literal> is appended. In case of the
+ the user manager, each <filename>bin/</filename> and <filename>sbin/</filename> pair is switched, so
+ that programs from <filename>/usr/bin</filename> have higher priority than programs from
+ <filename>/usr/sbin</filename>, etc. It is recommended to not rely on this in any way, and have only
+ one program with a given name in <varname>$PATH</varname>.</para></listitem>
</varlistentry>
<varlistentry>
diff --git a/src/basic/path-util.h b/src/basic/path-util.h
index 1f46cd65c96..71fb7041a3c 100644
--- a/src/basic/path-util.h
+++ b/src/basic/path-util.h
@@ -11,30 +11,38 @@
#include "time-util.h"
#define PATH_SPLIT_SBIN_BIN(x) x "sbin:" x "bin"
+#define PATH_SPLIT_BIN_SBIN(x) x "bin:" x "sbin"
#define PATH_SPLIT_SBIN_BIN_NULSTR(x) x "sbin\0" x "bin\0"
#define PATH_NORMAL_SBIN_BIN(x) x "bin"
+#define PATH_NORMAL_BIN_SBIN(x) x "bin"
#define PATH_NORMAL_SBIN_BIN_NULSTR(x) x "bin\0"
#if HAVE_SPLIT_BIN
# define PATH_SBIN_BIN(x) PATH_SPLIT_SBIN_BIN(x)
+# define PATH_BIN_SBIN(x) PATH_SPLIT_BIN_SBIN(x)
# define PATH_SBIN_BIN_NULSTR(x) PATH_SPLIT_SBIN_BIN_NULSTR(x)
#else
# define PATH_SBIN_BIN(x) PATH_NORMAL_SBIN_BIN(x)
+# define PATH_BIN_SBIN(x) PATH_NORMAL_BIN_SBIN(x)
# define PATH_SBIN_BIN_NULSTR(x) PATH_NORMAL_SBIN_BIN_NULSTR(x)
#endif
#define DEFAULT_PATH_NORMAL PATH_SBIN_BIN("/usr/local/") ":" PATH_SBIN_BIN("/usr/")
+#define DEFAULT_USER_PATH_NORMAL PATH_BIN_SBIN("/usr/local/") ":" PATH_BIN_SBIN("/usr/")
#define DEFAULT_PATH_NORMAL_NULSTR PATH_SBIN_BIN_NULSTR("/usr/local/") PATH_SBIN_BIN_NULSTR("/usr/")
#define DEFAULT_PATH_SPLIT_USR DEFAULT_PATH_NORMAL ":" PATH_SBIN_BIN("/")
+#define DEFAULT_USER_PATH_SPLIT_USR DEFAULT_PATH_NORMAL ":" PATH_BIN_SBIN("/")
#define DEFAULT_PATH_SPLIT_USR_NULSTR DEFAULT_PATH_NORMAL_NULSTR PATH_SBIN_BIN_NULSTR("/")
#define DEFAULT_PATH_COMPAT PATH_SPLIT_SBIN_BIN("/usr/local/") ":" PATH_SPLIT_SBIN_BIN("/usr/") ":" PATH_SPLIT_SBIN_BIN("/")
#if HAVE_SPLIT_USR
# define DEFAULT_PATH DEFAULT_PATH_SPLIT_USR
+# define DEFAULT_USER_PATH DEFAULT_USER_PATH_SPLIT_USR
# define DEFAULT_PATH_NULSTR DEFAULT_PATH_SPLIT_USR_NULSTR
#else
# define DEFAULT_PATH DEFAULT_PATH_NORMAL
+# define DEFAULT_USER_PATH DEFAULT_USER_PATH_NORMAL
# define DEFAULT_PATH_NULSTR DEFAULT_PATH_NORMAL_NULSTR
#endif
diff --git a/src/core/manager.c b/src/core/manager.c
index 8d691a19c3d..91a601e8fd8 100644
--- a/src/core/manager.c
+++ b/src/core/manager.c
@@ -603,6 +603,8 @@ static char** sanitize_environment(char **l) {
}
int manager_default_environment(Manager *m) {
+ int r;
+
assert(m);
m->transient_environment = strv_free(m->transient_environment);
@@ -616,16 +618,29 @@ int manager_default_environment(Manager *m) {
* /proc/self/environ valid; it is used for tagging
* the init process inside containers. */
m->transient_environment = strv_new("PATH=" DEFAULT_PATH);
+ if (!m->transient_environment)
+ return log_oom();
/* Import locale variables LC_*= from configuration */
(void) locale_setup(&m->transient_environment);
- } else
+ } else {
+ _cleanup_free_ char *k = NULL;
+
/* The user manager passes its own environment
- * along to its children. */
+ * along to its children, except for $PATH. */
m->transient_environment = strv_copy(environ);
+ if (!m->transient_environment)
+ return log_oom();
- if (!m->transient_environment)
- return log_oom();
+ k = strdup("PATH=" DEFAULT_USER_PATH);
+ if (!k)
+ return log_oom();
+
+ r = strv_env_replace(&m->transient_environment, k);
+ if (r < 0)
+ return log_oom();
+ TAKE_PTR(k);
+ }
sanitize_environment(m->transient_environment);

View File

@ -1 +1 @@
SHA512 (systemd-243-rc2.tar.gz) = 7e9b996c1eeb299fb971f2fd4a39fa62c7cc9178bacaaae6c168008dec438f392b949deb72d08f27060b3cde54b46b70f6a18b1bc70725a56ca2a28a1f96b6a1 SHA512 (systemd-243.tar.gz) = 56b52a297aa5ac04d9667eb3afb1598725b197de73ff72baa1aabbc2844e36fba7b7fccdf6d214ae8b5b926616b2b7e15772763aaa80ec938d74333ff9c8673e

View File

@ -14,8 +14,8 @@
Name: systemd Name: systemd
Url: https://www.freedesktop.org/wiki/Software/systemd Url: https://www.freedesktop.org/wiki/Software/systemd
Version: 243~rc2 Version: 243
Release: 2%{?commit:.git%{shortcommit}}%{?dist} Release: 1%{?commit:.git%{shortcommit}}%{?dist}
# For a breakdown of the licensing, see README # For a breakdown of the licensing, see README
License: LGPLv2+ and MIT and GPLv2+ License: LGPLv2+ and MIT and GPLv2+
Summary: System and Service Manager Summary: System and Service Manager
@ -701,6 +701,14 @@ fi
%files tests -f .file-list-tests %files tests -f .file-list-tests
%changelog %changelog
* Tue Sep 3 2019 Zbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl> - 243-1
- Update to latest release
- Emission of Session property-changed notifications from logind is fixed
(this was breaking the switching of sessions to and from gnome).
- Security issue: unprivileged users were allowed to change DNS
servers configured in systemd-resolved. Now proper polkit authorization
is required.
* Mon Aug 26 2019 Adam Williamson <awilliam@redhat.com> - 243~rc2-2 * Mon Aug 26 2019 Adam Williamson <awilliam@redhat.com> - 243~rc2-2
- Backport PR #13406 to solve PATH ordering issue (#1744059) - Backport PR #13406 to solve PATH ordering issue (#1744059)