Update to v238
This commit is contained in:
parent
fd0679e1ff
commit
98ea23b9ac
@ -1,33 +0,0 @@
|
||||
From cc3fa810197881a48c3fa8a1e6a1f97f5c251581 Mon Sep 17 00:00:00 2001
|
||||
From: Javier Martinez Canillas <javierm@redhat.com>
|
||||
Date: Tue, 27 Feb 2018 21:18:55 +0100
|
||||
Subject: [PATCH 1/1] kernel-install: Don't install BLS kernel images if dest
|
||||
dir doesn't exist
|
||||
|
||||
The script shouldn't rely on a previous script exiting with a status code
|
||||
that prevents it to be executed. Instead, should check if the destination
|
||||
directory for the BLS kernel image exists and exit otherwise.
|
||||
|
||||
Signed-off-by: Javier Martinez Canillas <javierm@redhat.com>
|
||||
---
|
||||
src/kernel-install/90-loaderentry.install | 4 ++++
|
||||
1 file changed, 4 insertions(+)
|
||||
|
||||
diff --git a/src/kernel-install/90-loaderentry.install b/src/kernel-install/90-loaderentry.install
|
||||
index 305ea8f5c97f..a271cdb8a03e 100644
|
||||
--- a/src/kernel-install/90-loaderentry.install
|
||||
+++ b/src/kernel-install/90-loaderentry.install
|
||||
@@ -11,6 +11,10 @@ if ! [[ $KERNEL_INSTALL_MACHINE_ID ]]; then
|
||||
exit 0
|
||||
fi
|
||||
|
||||
+if ! [[ -d "$BOOT_DIR_ABS" ]]; then
|
||||
+ exit 0
|
||||
+fi
|
||||
+
|
||||
MACHINE_ID=$KERNEL_INSTALL_MACHINE_ID
|
||||
|
||||
BOOT_DIR="/$MACHINE_ID/$KERNEL_VERSION"
|
||||
--
|
||||
2.14.3
|
||||
|
2
sources
2
sources
@ -1 +1 @@
|
||||
SHA512 (systemd-84c8da5.tar.gz) = 0d46bde746afb2678dfe2ce803091f7c30517db35532256e18a960996689cfcbf3e5391a16752093e2fb3594313771056d7cc16ee0f0c0ab4d170c28466dbb3c
|
||||
SHA512 (systemd-238.tar.gz) = c0f272b022308d3bd94679184e102a8dc85de55310bda205a458ea33c77c7733e5c8c8e5b15f786ba3e0ce59e7c6a9bf0d5a0950517c6b91e0f345950129b9c8
|
||||
|
@ -1,26 +0,0 @@
|
||||
From 68b2813a0b6dcf8ff8f8eb36aa225ae90661e67e Mon Sep 17 00:00:00 2001
|
||||
From: Fedora systemd team <systemd-maint@redhat.com>
|
||||
Date: Thu, 22 Feb 2018 12:45:31 +0100
|
||||
Subject: [PATCH] Typecast USB IDs
|
||||
|
||||
Signed-off-by: Fedora systemd team <systemd-maint@redhat.com>
|
||||
---
|
||||
src/udev/udev-builtin-hwdb.c | 2 +-
|
||||
1 file changed, 1 insertion(+), 1 deletion(-)
|
||||
|
||||
diff --git a/src/udev/udev-builtin-hwdb.c b/src/udev/udev-builtin-hwdb.c
|
||||
index ca7f7c2..d3556e4 100644
|
||||
--- a/src/udev/udev-builtin-hwdb.c
|
||||
+++ b/src/udev/udev-builtin-hwdb.c
|
||||
@@ -77,7 +77,7 @@ static const char *modalias_usb(struct udev_device *dev, char *s, size_t size) {
|
||||
pn = strtol(p, NULL, 16);
|
||||
if (pn <= 0)
|
||||
return NULL;
|
||||
- snprintf(s, size, "usb:v%04Xp%04X*", vn, pn);
|
||||
+ snprintf(s, size, "usb:v%04Xp%04X*", (uint16_t)vn, (uint16_t)pn);
|
||||
return s;
|
||||
}
|
||||
|
||||
--
|
||||
2.16.2
|
||||
|
27
systemd.spec
27
systemd.spec
@ -1,4 +1,4 @@
|
||||
%global gitcommit 84c8da5ed92282f8ef51d5d4f8e1630c37fef3e9
|
||||
#global gitcommit 10e465b5321bd53c1fc59ffab27e724535c6bc0f
|
||||
%{?gitcommit:%global gitcommitshort %(c=%{gitcommit}; echo ${c:0:7})}
|
||||
|
||||
# We ship a .pc file but don't want to have a dep on pkg-config. We
|
||||
@ -12,8 +12,8 @@
|
||||
|
||||
Name: systemd
|
||||
Url: http://www.freedesktop.org/wiki/Software/systemd
|
||||
Version: 237
|
||||
Release: 7%{?gitcommit:.git%{gitcommitshort}}%{?dist}
|
||||
Version: 238
|
||||
Release: 1%{?gitcommit:.git%{gitcommitshort}}%{?dist}
|
||||
# For a breakdown of the licensing, see README
|
||||
License: LGPLv2+ and MIT and GPLv2+
|
||||
Summary: System and Service Manager
|
||||
@ -48,10 +48,7 @@ i=1; for j in 00*patch; do printf "Patch%04d: %s\n" $i $j; i=$((i+1));done|
|
||||
GIT_DIR=../../src/systemd/.git git diffab -M v233..master@{2017-06-15} -- hwdb/[67]* hwdb/parse_hwdb.py > hwdb.patch
|
||||
%endif
|
||||
|
||||
Patch1: systemd-typecast-usbids.patch
|
||||
|
||||
Patch0998: 0998-resolved-create-etc-resolv.conf-symlink-at-runtime.patch
|
||||
Patch0999: 0999-kernel-install-Don-t-install-BLS-kernel-images-if-de.patch
|
||||
|
||||
%global num_patches %{lua: c=0; for i,p in ipairs(patches) do c=c+1; end; print(c);}
|
||||
|
||||
@ -324,6 +321,8 @@ CONFIGURE_OPTS=(
|
||||
-Dusers-gid=100
|
||||
-Dnobody-user=nobody
|
||||
-Dnobody-group=nobody
|
||||
-Dsplit-usr=false
|
||||
-Dsplit-bin=true
|
||||
-Db_lto=false
|
||||
)
|
||||
|
||||
@ -342,16 +341,6 @@ fi
|
||||
mkdir -p %{buildroot}/%{_sbindir}
|
||||
ln -sf ../bin/udevadm %{buildroot}%{_sbindir}/udevadm
|
||||
|
||||
# Create SysV compatibility symlinks. systemctl/systemd are smart
|
||||
# enough to detect in which way they are called.
|
||||
ln -s ../lib/systemd/systemd %{buildroot}%{_sbindir}/init
|
||||
ln -s ../bin/systemctl %{buildroot}%{_sbindir}/reboot
|
||||
ln -s ../bin/systemctl %{buildroot}%{_sbindir}/halt
|
||||
ln -s ../bin/systemctl %{buildroot}%{_sbindir}/poweroff
|
||||
ln -s ../bin/systemctl %{buildroot}%{_sbindir}/shutdown
|
||||
ln -s ../bin/systemctl %{buildroot}%{_sbindir}/telinit
|
||||
ln -s ../bin/systemctl %{buildroot}%{_sbindir}/runlevel
|
||||
|
||||
# Compatiblity and documentation files
|
||||
touch %{buildroot}/etc/crypttab
|
||||
chmod 600 %{buildroot}/etc/crypttab
|
||||
@ -712,6 +701,12 @@ fi
|
||||
%files tests -f .file-list-tests
|
||||
|
||||
%changelog
|
||||
* Mon Mar 5 2018 Zbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl> - 238-1
|
||||
- Update to latest version
|
||||
- This fixes a hard-to-trigger potential vulnerability (CVE-2018-6954)
|
||||
- New transfiletriggers are installed for udev hwdb and rules, the journal
|
||||
catalog, sysctl.d, binfmt.d, sysusers.d, tmpfiles.d.
|
||||
|
||||
* Tue Feb 27 2018 Javier Martinez Canillas <javierm@redhat.com> - 234-7.git84c8da5
|
||||
- Add patch to install kernel images for GRUB BootLoaderSpec support
|
||||
|
||||
|
112
triggers.systemd
112
triggers.systemd
@ -1,8 +1,10 @@
|
||||
# -*- Mode: rpm-spec; indent-tabs-mode: nil -*- */
|
||||
# SPDX-License-Identifier: LGPL-2.1+
|
||||
#
|
||||
# This file is part of systemd.
|
||||
#
|
||||
# Copyright 2015 Zbigniew Jędrzejewski-Szmek
|
||||
# Copyright 2018 Neal Gompa
|
||||
#
|
||||
# systemd is free software; you can redistribute it and/or modify it
|
||||
# under the terms of the GNU Lesser General Public License as published by
|
||||
@ -18,6 +20,8 @@
|
||||
# along with systemd; If not, see <http://www.gnu.org/licenses/>.
|
||||
|
||||
# The contents of this are an example to be copied into systemd.spec.
|
||||
#
|
||||
# Minimum rpm version supported: 4.13.0
|
||||
|
||||
%transfiletriggerin -P 900900 -p <lua> -- /usr/lib/systemd/system /etc/systemd/system
|
||||
-- This script will run after any package is initially installed or
|
||||
@ -25,11 +29,13 @@
|
||||
-- installed, because other cases are covered by the *un scriptlets,
|
||||
-- so sometimes we will reload needlessly.
|
||||
|
||||
pid = posix.fork()
|
||||
if pid == 0 then
|
||||
assert(posix.exec("%{_bindir}/systemctl", "daemon-reload"))
|
||||
elseif pid > 0 then
|
||||
posix.wait(pid)
|
||||
if posix.access("/run/systemd/system") then
|
||||
pid = posix.fork()
|
||||
if pid == 0 then
|
||||
assert(posix.exec("%{_bindir}/systemctl", "daemon-reload"))
|
||||
elseif pid > 0 then
|
||||
posix.wait(pid)
|
||||
end
|
||||
end
|
||||
|
||||
%transfiletriggerun -p <lua> -- /usr/lib/systemd/system /etc/systemd/system
|
||||
@ -46,10 +52,12 @@ end
|
||||
-- file in %transfiletriggerun and execute the daemon-reload in
|
||||
-- the first %filetriggerpostun.
|
||||
|
||||
posix.mkdir("%{_localstatedir}/lib")
|
||||
posix.mkdir("%{_localstatedir}/lib/rpm-state")
|
||||
posix.mkdir("%{_localstatedir}/lib/rpm-state/systemd")
|
||||
io.open("%{_localstatedir}/lib/rpm-state/systemd/needs-reload", "w")
|
||||
if posix.access("/run/systemd/system") then
|
||||
posix.mkdir("%{_localstatedir}/lib")
|
||||
posix.mkdir("%{_localstatedir}/lib/rpm-state")
|
||||
posix.mkdir("%{_localstatedir}/lib/rpm-state/systemd")
|
||||
io.open("%{_localstatedir}/lib/rpm-state/systemd/needs-reload", "w")
|
||||
end
|
||||
|
||||
%filetriggerpostun -P 1000100 -p <lua> -- /usr/lib/systemd/system /etc/systemd/system
|
||||
if posix.access("%{_localstatedir}/lib/rpm-state/systemd/needs-reload") then
|
||||
@ -62,3 +70,89 @@ if posix.access("%{_localstatedir}/lib/rpm-state/systemd/needs-reload") then
|
||||
posix.wait(pid)
|
||||
end
|
||||
end
|
||||
|
||||
%transfiletriggerin -P 100700 -p <lua> -- /usr/lib/sysusers.d
|
||||
-- This script will process files installed in /usr/lib/sysusers.d to create
|
||||
-- specified users automatically. The priority is set such that it
|
||||
-- will run before the tmpfiles file trigger.
|
||||
if posix.access("/run/systemd/system") then
|
||||
pid = posix.fork()
|
||||
if pid == 0 then
|
||||
assert(posix.exec("%{_bindir}/systemd-sysusers"))
|
||||
elseif pid > 0 then
|
||||
posix.wait(pid)
|
||||
end
|
||||
end
|
||||
|
||||
%transfiletriggerin -P 100500 -- /usr/lib/tmpfiles.d
|
||||
-- This script will process files installed in /usr/lib/tmpfiles.d to create
|
||||
-- tmpfiles automatically. The priority is set such that it will run
|
||||
-- after the sysusers file trigger, but before any other triggers.
|
||||
if posix.access("/run/systemd/system") then
|
||||
pid = posix.fork()
|
||||
if pid == 0 then
|
||||
assert(posix.exec("%{_bindir}/systemd-tmpfiles", "--create"))
|
||||
elseif pid > 0 then
|
||||
posix.wait(pid)
|
||||
end
|
||||
end
|
||||
|
||||
%transfiletriggerin -- /usr/lib/udev/hwdb.d
|
||||
-- This script will automatically invoke hwdb update if files have been
|
||||
-- installed or updated in /usr/lib/udev/hwdb.d.
|
||||
if posix.access("/run/systemd/system") then
|
||||
pid = posix.fork()
|
||||
if pid == 0 then
|
||||
assert(posix.exec("%{_bindir}/systemd-hwdb", "update"))
|
||||
elseif pid > 0 then
|
||||
posix.wait(pid)
|
||||
end
|
||||
end
|
||||
|
||||
%transfiletriggerin -- /usr/lib/systemd/catalog
|
||||
-- This script will automatically invoke journal catalog update if files
|
||||
-- have been installed or updated in /usr/lib/systemd/catalog.
|
||||
if posix.access("/run/systemd/system") then
|
||||
pid = posix.fork()
|
||||
if pid == 0 then
|
||||
assert(posix.exec("%{_bindir}/journalctl", "--update-catalog"))
|
||||
elseif pid > 0 then
|
||||
posix.wait(pid)
|
||||
end
|
||||
end
|
||||
|
||||
%transfiletriggerin -- /usr/lib/udev/rules.d
|
||||
-- This script will automatically update udev with new rules if files
|
||||
-- have been installed or updated in /usr/lib/udev/rules.d.
|
||||
if posix.access("/run/systemd/system") then
|
||||
pid = posix.fork()
|
||||
if pid == 0 then
|
||||
assert(posix.exec("%{_bindir}/udevadm", "control", "--reload"))
|
||||
elseif pid > 0 then
|
||||
posix.wait(pid)
|
||||
end
|
||||
end
|
||||
|
||||
%transfiletriggerin -- /usr/lib/sysctl.d
|
||||
-- This script will automatically apply sysctl rules if files have been
|
||||
-- installed or updated in /usr/lib/sysctl.d.
|
||||
if posix.access("/run/systemd/system") then
|
||||
pid = posix.fork()
|
||||
if pid == 0 then
|
||||
assert(posix.exec("/usr/lib/systemd/systemd-sysctl"))
|
||||
elseif pid > 0 then
|
||||
posix.wait(pid)
|
||||
end
|
||||
end
|
||||
|
||||
%transfiletriggerin -- /usr/lib/binfmt.d
|
||||
-- This script will automatically apply binfmt rules if files have been
|
||||
-- installed or updated in /usr/lib/binfmt.d.
|
||||
if posix.access("/run/systemd/system") then
|
||||
pid = posix.fork()
|
||||
if pid == 0 then
|
||||
assert(posix.exec("/usr/lib/systemd/systemd-binfmt"))
|
||||
elseif pid > 0 then
|
||||
posix.wait(pid)
|
||||
end
|
||||
end
|
||||
|
Loading…
Reference in New Issue
Block a user