Update to v242-rc2

2019-04-03 10:49:58 +02:00 · 2019-04-03 10:49:58 +02:00 · 2379dd06da
commit 2379dd06da
parent 836fcf414a
3 changed files with 41 additions and 65 deletions
--- a/0002-Revert-units-set-NoNewPrivileges-for-all-long-runnin.patch
+++ b/0002-Revert-units-set-NoNewPrivileges-for-all-long-runnin.patch
@ -1,30 +1,28 @@
-From 2cce22a4279d4f304e75b87b56b9eeb5cd313566 Mon Sep 17 00:00:00 2001
+From 224a4eaf6701431af907179e313138213b60ce6c Mon Sep 17 00:00:00 2001
 From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= <zbyszek@in.waw.pl>
-Date: Sat, 22 Dec 2018 11:11:04 +0100
+Date: Wed, 3 Apr 2019 10:56:14 +0200
 Subject: [PATCH] Revert "units: set NoNewPrivileges= for all long-running
 services"
 This reverts commit 64d7f7b4a15f1534fb19fda6b601fec50783bee4.
 ---
- units/systemd-coredump@.service.in        | 1 -
+ units/systemd-coredump@.service.in      | 1 -
- units/systemd-hostnamed.service.in        | 1 -
+ units/systemd-hostnamed.service.in      | 1 -
- units/systemd-initctl.service.in          | 1 -
+ units/systemd-initctl.service.in        | 1 -
- units/systemd-journal-gatewayd.service.in | 1 -
+ units/systemd-journal-remote.service.in | 1 -
- units/systemd-journal-remote.service.in   | 1 -
+ units/systemd-journald.service.in       | 1 -
- units/systemd-journal-upload.service.in   | 1 -
+ units/systemd-localed.service.in        | 1 -
- units/systemd-journald.service.in         | 1 -
+ units/systemd-logind.service.in         | 1 -
- units/systemd-localed.service.in          | 1 -
+ units/systemd-machined.service.in       | 1 -
- units/systemd-logind.service.in           | 1 -
+ units/systemd-networkd.service.in       | 1 -
- units/systemd-machined.service.in         | 1 -
+ units/systemd-resolved.service.in       | 1 -
- units/systemd-networkd.service.in         | 1 -
+ units/systemd-rfkill.service.in         | 1 -
- units/systemd-resolved.service.in         | 1 -
+ units/systemd-timedated.service.in      | 1 -
- units/systemd-rfkill.service.in           | 1 -
+ units/systemd-timesyncd.service.in      | 1 -
- units/systemd-timedated.service.in        | 1 -
+ 13 files changed, 13 deletions(-)
 units/systemd-timesyncd.service.in        | 1 -
 15 files changed, 15 deletions(-)
 diff --git a/units/systemd-coredump@.service.in b/units/systemd-coredump@.service.in
-index ffcb5f36ca..74dcf7fe06 100644
+index afb2ab9d17..5babc11e4c 100644
 --- a/units/systemd-coredump@.service.in
 +++ b/units/systemd-coredump@.service.in
@@ -22,7 +22,6 @@ IPAddressDeny=any
@ -36,7 +34,7 @@ index ffcb5f36ca..74dcf7fe06 100644
 PrivateDevices=yes
 PrivateNetwork=yes
 diff --git a/units/systemd-hostnamed.service.in b/units/systemd-hostnamed.service.in
-index 9c925e80d9..696d4e2e60 100644
+index b4f606cf78..f7977e1504 100644
 --- a/units/systemd-hostnamed.service.in
 +++ b/units/systemd-hostnamed.service.in
@@ -19,7 +19,6 @@ ExecStart=@rootlibexecdir@/systemd-hostnamed
@ -58,20 +56,8 @@ index c276283908..f48d673d58 100644
 -NoNewPrivileges=yes
 NotifyAccess=all
 SystemCallArchitectures=native
 diff --git a/units/systemd-journal-gatewayd.service.in b/units/systemd-journal-gatewayd.service.in
 index ebc8bf9a25..5ef4ee0058 100644
 --- a/units/systemd-journal-gatewayd.service.in
 +++ b/units/systemd-journal-gatewayd.service.in
@@ -17,7 +17,6 @@ DynamicUser=yes
 ExecStart=@rootlibexecdir@/systemd-journal-gatewayd
 LockPersonality=yes
 MemoryDenyWriteExecute=yes
 -NoNewPrivileges=yes
 PrivateDevices=yes
 PrivateNetwork=yes
 ProtectControlGroups=yes
 diff --git a/units/systemd-journal-remote.service.in b/units/systemd-journal-remote.service.in
-index 29a99aaec1..ec1311da88 100644
+index dd6322e62c..c867aca104 100644
 --- a/units/systemd-journal-remote.service.in
 +++ b/units/systemd-journal-remote.service.in
@@ -17,7 +17,6 @@ ExecStart=@rootlibexecdir@/systemd-journal-remote --listen-https=-3 --output=/va
@ -82,20 +68,8 @@ index 29a99aaec1..ec1311da88 100644
 PrivateDevices=yes
 PrivateNetwork=yes
 PrivateTmp=yes
 diff --git a/units/systemd-journal-upload.service.in b/units/systemd-journal-upload.service.in
 index 92cd4e5259..a15744e1e8 100644
 --- a/units/systemd-journal-upload.service.in
 +++ b/units/systemd-journal-upload.service.in
@@ -18,7 +18,6 @@ DynamicUser=yes
 ExecStart=@rootlibexecdir@/systemd-journal-upload --save-state
 LockPersonality=yes
 MemoryDenyWriteExecute=yes
 -NoNewPrivileges=yes
 PrivateDevices=yes
 ProtectControlGroups=yes
 ProtectHome=yes
 diff --git a/units/systemd-journald.service.in b/units/systemd-journald.service.in
-index 4684f095c0..7b659d4b03 100644
+index fab405502a..308622e9b3 100644
 --- a/units/systemd-journald.service.in
 +++ b/units/systemd-journald.service.in
@@ -22,7 +22,6 @@ FileDescriptorStoreMax=4224
@ -107,7 +81,7 @@ index 4684f095c0..7b659d4b03 100644
 RestartSec=0
 RestrictAddressFamilies=AF_UNIX AF_NETLINK
 diff --git a/units/systemd-localed.service.in b/units/systemd-localed.service.in
-index 01e0703d0e..7d40fb4897 100644
+index 7bca34409a..05fb4f0c80 100644
 --- a/units/systemd-localed.service.in
 +++ b/units/systemd-localed.service.in
@@ -19,7 +19,6 @@ ExecStart=@rootlibexecdir@/systemd-localed
@ -119,7 +93,7 @@ index 01e0703d0e..7d40fb4897 100644
 PrivateNetwork=yes
 PrivateTmp=yes
 diff --git a/units/systemd-logind.service.in b/units/systemd-logind.service.in
-index 38a7f269ac..6b362ccdca 100644
+index 3eef95c661..53af530aea 100644
 --- a/units/systemd-logind.service.in
 +++ b/units/systemd-logind.service.in
@@ -27,7 +27,6 @@ FileDescriptorStoreMax=512
@ -127,11 +101,11 @@ index 38a7f269ac..6b362ccdca 100644
 LockPersonality=yes
 MemoryDenyWriteExecute=yes
 -NoNewPrivileges=yes
- Restart=always
+ PrivateTmp=yes
- RestartSec=0
+ ProtectControlGroups=yes
- RestrictAddressFamilies=AF_UNIX AF_NETLINK
+ ProtectHome=yes
 diff --git a/units/systemd-machined.service.in b/units/systemd-machined.service.in
-index 9f1476814d..d90e71ae67 100644
+index d6deefea08..092abc128f 100644
 --- a/units/systemd-machined.service.in
 +++ b/units/systemd-machined.service.in
@@ -22,7 +22,6 @@ ExecStart=@rootlibexecdir@/systemd-machined
@ -139,11 +113,11 @@ index 9f1476814d..d90e71ae67 100644
 LockPersonality=yes
 MemoryDenyWriteExecute=yes
 -NoNewPrivileges=yes
 ProtectHostname=yes
 RestrictAddressFamilies=AF_UNIX AF_NETLINK AF_INET AF_INET6
 RestrictRealtime=yes
 SystemCallArchitectures=native
 diff --git a/units/systemd-networkd.service.in b/units/systemd-networkd.service.in
-index 472ef045de..f23bf227fb 100644
+index 2c74da6f1e..eaabcb9941 100644
 --- a/units/systemd-networkd.service.in
 +++ b/units/systemd-networkd.service.in
@@ -24,7 +24,6 @@ CapabilityBoundingSet=CAP_NET_ADMIN CAP_NET_BIND_SERVICE CAP_NET_BROADCAST CAP_N
@ -155,7 +129,7 @@ index 472ef045de..f23bf227fb 100644
 ProtectHome=yes
 ProtectKernelModules=yes
 diff --git a/units/systemd-resolved.service.in b/units/systemd-resolved.service.in
-index 3144b70063..d08842f0d4 100644
+index eee5d5ea8f..a8f442ef6f 100644
 --- a/units/systemd-resolved.service.in
 +++ b/units/systemd-resolved.service.in
@@ -25,7 +25,6 @@ CapabilityBoundingSet=CAP_SETPCAP CAP_NET_RAW CAP_NET_BIND_SERVICE
@ -179,7 +153,7 @@ index 3abb958310..7447ed5b5b 100644
 TimeoutSec=30s
 Type=notify
 diff --git a/units/systemd-timedated.service.in b/units/systemd-timedated.service.in
-index 6d53024195..1105f1a980 100644
+index df546f471f..4d50999a22 100644
 --- a/units/systemd-timedated.service.in
 +++ b/units/systemd-timedated.service.in
@@ -19,7 +19,6 @@ ExecStart=@rootlibexecdir@/systemd-timedated
@ -191,7 +165,7 @@ index 6d53024195..1105f1a980 100644
 ProtectControlGroups=yes
 ProtectHome=yes
 diff --git a/units/systemd-timesyncd.service.in b/units/systemd-timesyncd.service.in
-index 03ade45d08..8b99e92e01 100644
+index 6512531e1c..2b2e1d73d2 100644
 --- a/units/systemd-timesyncd.service.in
 +++ b/units/systemd-timesyncd.service.in
@@ -24,7 +24,6 @@ CapabilityBoundingSet=CAP_SYS_TIME
@ -202,6 +176,3 @@ index 03ade45d08..8b99e92e01 100644
 PrivateDevices=yes
 PrivateTmp=yes
 ProtectControlGroups=yes
 -- 
 2.19.2
--- a/2
+++ b/2
@ -1 +1 @@
-SHA512 (systemd-cbf14c9.tar.gz) = b708db5db65c8fc7ef030c18f97d97b4cbfb03d32bb8952ac69adef0301f879db0ada3932845f4e29fe58374e82f5aa83599a6871bf5d0d0860acb71c0f9722b
+SHA512 (systemd-242-rc2.tar.gz) = 0864999fae72613902665d7c3feccf17bb6b5c505267c124278ac7f742201d4858a15801c90021735c7c137cce9b82da4f36a59a012889a7eabff44fad984dc2
--- a/systemd.spec
+++ b/systemd.spec
@ -1,7 +1,7 @@
-%global commit cbf14c9500d5e6820fd7d96166ca0bf75c6850df
+#global commit cbf14c9500d5e6820fd7d96166ca0bf75c6850df
 %{?commit:%global shortcommit %(c=%{commit}; echo ${c:0:7})}
-%global stable 1
+#global stable 1
 # We ship a .pc file but don't want to have a dep on pkg-config. We
 # strip the automatically generated dep here and instead co-own the
@ -14,8 +14,8 @@
 Name:           systemd
 Url:            https://www.freedesktop.org/wiki/Software/systemd
-Version:        241
+Version:        242~rc2
-Release:        4%{?commit:.git%{shortcommit}}%{?dist}
+Release:        1%{?commit:.git%{shortcommit}}%{?dist}
 # For a breakdown of the licensing, see README
 License:        LGPLv2+ and MIT and GPLv2+
 Summary:        System and Service Manager
@ -694,6 +694,11 @@ fi
 %files tests -f .file-list-tests
 %changelog
 * Wed Apr  3 2019 Zbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl> - 242~rc2-1
 - Update to the latest prerelease.
 - The bug reported on latest update that systemd-resolved and systemd-networkd are
  re-enabled after upgrade is fixed.
 * Fri Mar 29 2019 Zbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl> - 241-4.gitcbf14c9
 - Backport various patches from the v241..v242 range:
  kernel-install will not create the boot loader entry automatically (#1648907),
`@ -1 +1 @@`
	`SHA512 (systemd-cbf14c9.tar.gz) = b708db5db65c8fc7ef030c18f97d97b4cbfb03d32bb8952ac69adef0301f879db0ada3932845f4e29fe58374e82f5aa83599a6871bf5d0d0860acb71c0f9722b`	`SHA512 (systemd-242-rc2.tar.gz) = 0864999fae72613902665d7c3feccf17bb6b5c505267c124278ac7f742201d4858a15801c90021735c7c137cce9b82da4f36a59a012889a7eabff44fad984dc2`