diff --git a/0040-test-don-t-install-test-network-generator-conversion.patch b/0040-test-don-t-install-test-network-generator-conversion.patch new file mode 100644 index 0000000..953145b --- /dev/null +++ b/0040-test-don-t-install-test-network-generator-conversion.patch @@ -0,0 +1,60 @@ +From 8efa0b5f989d977eca51617a314ec4fdc32fb3d1 Mon Sep 17 00:00:00 2001 +From: Frantisek Sumsal +Date: Wed, 20 Oct 2021 19:43:34 +0200 +Subject: [PATCH] test: don't install test-network-generator-conversion.sh w/o + networkd + +otherwise TEST-02 will fail: + +``` +=== Failed test log === +--- test-network-generator-conversion.sh begin --- ++ [[ -n '' ]] ++ [[ -x /usr/lib/systemd/systemd-network-generator ]] ++ [[ -x /lib/systemd/systemd-network-generator ]] ++ exit 1 +--- test-network-generator-conversion.sh end --- +``` + +Before: +``` +$ meson build -Dnetworkd=false -Dinstall-tests=true +$ ninja -C build +$ DESTDIR=$PWD/test-install ninja -C build install +$ find test-install/ -name test-network-generator-conversion.sh +test-install/usr/lib/systemd/tests/test-network-generator-conversion.sh +``` + +After: +``` +$ find test-install/ -name test-network-generator-conversion.sh + +``` + +(cherry picked from commit 140557021ad1a3946319fff1a87831eb02d6a1a0) + +Related: #2017035 +--- + test/meson.build | 9 ++++++--- + 1 file changed, 6 insertions(+), 3 deletions(-) + +diff --git a/test/meson.build b/test/meson.build +index 47c7f4d49a..27b37a9ae7 100644 +--- a/test/meson.build ++++ b/test/meson.build +@@ -98,9 +98,12 @@ if install_tests + install_data('run-unit-tests.py', + install_mode : 'rwxr-xr-x', + install_dir : testsdir) +- install_data('test-network-generator-conversion.sh', +- install_mode : 'rwxr-xr-x', +- install_dir : testsdir) ++ ++ if conf.get('ENABLE_NETWORKD') == 1 ++ install_data('test-network-generator-conversion.sh', ++ install_mode : 'rwxr-xr-x', ++ install_dir : testsdir) ++ endif + endif + + ############################################################ diff --git a/0041-meson.build-change-operator-combining-bools-from-to-.patch b/0041-meson.build-change-operator-combining-bools-from-to-.patch new file mode 100644 index 0000000..aa7e374 --- /dev/null +++ b/0041-meson.build-change-operator-combining-bools-from-to-.patch @@ -0,0 +1,32 @@ +From 7d7562db194f6b521d93ef370176922d0ac68331 Mon Sep 17 00:00:00 2001 +From: Dan Streetman +Date: Fri, 3 Sep 2021 12:43:33 -0400 +Subject: [PATCH] meson.build: change operator combining bools from + to and + +upstream meson stopped allowing combining boolean with the plus +operator, and now requires using the logical and operator + +reference: +https://github.com/mesonbuild/meson/commit/43302d3296baff6aeaf8e03f5d701b0402e37a6c + +Fixes: #20632 +(cherry picked from commit c29537f39e4f413a6cbfe9669fa121bdd6d8b36f) + +Related: #2017035 +--- + meson.build | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/meson.build b/meson.build +index d28f04607a..f21ec5bb94 100644 +--- a/meson.build ++++ b/meson.build +@@ -35,7 +35,7 @@ conf.set10('BUILD_MODE_DEVELOPER', get_option('mode') == 'developer', + + want_ossfuzz = get_option('oss-fuzz') + want_libfuzzer = get_option('llvm-fuzz') +-if want_ossfuzz + want_libfuzzer > 1 ++if want_ossfuzz and want_libfuzzer + error('only one of oss-fuzz or llvm-fuzz can be specified') + endif + diff --git a/0042-openssl-util-use-EVP-API-to-get-RSA-bits.patch b/0042-openssl-util-use-EVP-API-to-get-RSA-bits.patch new file mode 100644 index 0000000..76d7d54 --- /dev/null +++ b/0042-openssl-util-use-EVP-API-to-get-RSA-bits.patch @@ -0,0 +1,37 @@ +From 387ba3f36092f2072ee6a05abeac27deaca177bd Mon Sep 17 00:00:00 2001 +From: Lennart Poettering +Date: Wed, 29 Sep 2021 15:03:44 +0200 +Subject: [PATCH] openssl-util: use EVP API to get RSA bits + +(cherry picked from commit 7f12adc3000c08a370f74bd16c654506c8a99e92) + +Resolves: #2016042 +--- + src/shared/openssl-util.c | 7 +------ + 1 file changed, 1 insertion(+), 6 deletions(-) + +diff --git a/src/shared/openssl-util.c b/src/shared/openssl-util.c +index bb47ae5e87..bd728e6c7c 100644 +--- a/src/shared/openssl-util.c ++++ b/src/shared/openssl-util.c +@@ -46,7 +46,6 @@ int rsa_pkey_to_suitable_key_size( + size_t *ret_suitable_key_size) { + + size_t suitable_key_size; +- const RSA *rsa; + int bits; + + assert_se(pkey); +@@ -58,11 +57,7 @@ int rsa_pkey_to_suitable_key_size( + if (EVP_PKEY_base_id(pkey) != EVP_PKEY_RSA) + return log_debug_errno(SYNTHETIC_ERRNO(EBADMSG), "X.509 certificate does not refer to RSA key."); + +- rsa = EVP_PKEY_get0_RSA(pkey); +- if (!rsa) +- return log_debug_errno(SYNTHETIC_ERRNO(EIO), "Failed to acquire RSA public key from X.509 certificate."); +- +- bits = RSA_bits(rsa); ++ bits = EVP_PKEY_bits(pkey); + log_debug("Bits in RSA key: %i", bits); + + /* We use PKCS#1 padding for the RSA cleartext, hence let's leave some extra space for it, hence only diff --git a/0043-procfs-util-fix-confusion-wrt.-quantity-limit-and-ma.patch b/0043-procfs-util-fix-confusion-wrt.-quantity-limit-and-ma.patch new file mode 100644 index 0000000..048eb49 --- /dev/null +++ b/0043-procfs-util-fix-confusion-wrt.-quantity-limit-and-ma.patch @@ -0,0 +1,315 @@ +From 862ded47343a782d70f7d4421a6a2e4e33684e5e Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= +Date: Tue, 2 Nov 2021 18:18:21 +0100 +Subject: [PATCH] procfs-util: fix confusion wrt. quantity limit and maximum + value +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +From packit/rawhide-arm64 logs: +Assertion 'limit >= INT_MAX || get_process_ppid(limit+1, NULL) == -ESRCH' failed at src/test/test-process-util.c:855, function test_get_process_ppid(). Aborting. +―――――――――――――――――――――――――――――――――――――――――――――――――――――――――――――――――――――――――――――― + +The kernel has a few different limits. In particular kernel.threads-max can be +set to some lower value, and kernel.pid_max can be set to a higher value. This +is nice because it reduces PID reuse, even if the number of threads that is +allowed is limited. But the tests assumed that we cannot have a thread with +PID above MIN(kernel.threads-max, kernel.pid_max-1), which is not valid. + +So let's rework the whole thing: let's expose the helpers to read +kernel.threads-max and kernel.pid_max, and print what they return in tests. +procfs_tasks_get_limit() was something that is only used in tests, and wasn't +very well defined, so let's drop it. + +Fixes #21193. + +(cherry picked from commit c3dead53d50e334f2d072a2248256983d6dc9f8c) + +Related: #2017035 +--- + src/basic/limits-util.c | 50 ++++++++++++++++++++++++---------- + src/basic/procfs-util.c | 53 +++++++++--------------------------- + src/basic/procfs-util.h | 4 ++- + src/test/test-process-util.c | 10 +++++-- + src/test/test-procfs-util.c | 34 ++++++++++++++++------- + 5 files changed, 84 insertions(+), 67 deletions(-) + +diff --git a/src/basic/limits-util.c b/src/basic/limits-util.c +index 9f8e26d46a..435a2a0efe 100644 +--- a/src/basic/limits-util.c ++++ b/src/basic/limits-util.c +@@ -109,35 +109,57 @@ uint64_t physical_memory_scale(uint64_t v, uint64_t max) { + } + + uint64_t system_tasks_max(void) { +- uint64_t a = TASKS_MAX, b = TASKS_MAX; ++ uint64_t a = TASKS_MAX, b = TASKS_MAX, c = TASKS_MAX; + _cleanup_free_ char *root = NULL; + int r; + +- /* Determine the maximum number of tasks that may run on this system. We check three sources to determine this +- * limit: ++ /* Determine the maximum number of tasks that may run on this system. We check three sources to ++ * determine this limit: + * +- * a) the maximum tasks value the kernel allows on this architecture +- * b) the cgroups pids_max attribute for the system +- * c) the kernel's configured maximum PID value ++ * a) kernel.threads-max sysctl: the maximum number of tasks (threads) the kernel allows. + * +- * And then pick the smallest of the three */ ++ * This puts a direct limit on the number of concurrent tasks. ++ * ++ * b) kernel.pid_max sysctl: the maximum PID value. ++ * ++ * This limits the numeric range PIDs can take, and thus indirectly also limits the number of ++ * concurrent threads. It's primarily a compatibility concept: some crappy old code used a signed ++ * 16bit type for PIDs, hence the kernel provides a way to ensure the PIDs never go beyond ++ * INT16_MAX by default. ++ * ++ * Also note the weird definition: PIDs assigned will be kept below this value, which means ++ * the number of tasks that can be created is one lower, as PID 0 is not a valid process ID. ++ * ++ * c) pids.max on the root cgroup: the kernel's configured maximum number of tasks. ++ * ++ * and then pick the smallest of the three. ++ * ++ * By default pid_max is set to much lower values than threads-max, hence the limit people come into ++ * contact with first, as it's the lowest boundary they need to bump when they want higher number of ++ * processes. ++ */ ++ ++ r = procfs_get_threads_max(&a); ++ if (r < 0) ++ log_debug_errno(r, "Failed to read kernel.threads-max, ignoring: %m"); + +- r = procfs_tasks_get_limit(&a); ++ r = procfs_get_pid_max(&b); + if (r < 0) +- log_debug_errno(r, "Failed to read maximum number of tasks from /proc, ignoring: %m"); ++ log_debug_errno(r, "Failed to read kernel.pid_max, ignoring: %m"); ++ else if (b > 0) ++ /* Subtract one from pid_max, since PID 0 is not a valid PID */ ++ b--; + + r = cg_get_root_path(&root); + if (r < 0) + log_debug_errno(r, "Failed to determine cgroup root path, ignoring: %m"); + else { +- r = cg_get_attribute_as_uint64("pids", root, "pids.max", &b); ++ r = cg_get_attribute_as_uint64("pids", root, "pids.max", &c); + if (r < 0) +- log_debug_errno(r, "Failed to read pids.max attribute of cgroup root, ignoring: %m"); ++ log_debug_errno(r, "Failed to read pids.max attribute of root cgroup, ignoring: %m"); + } + +- return MIN3(TASKS_MAX, +- a <= 0 ? TASKS_MAX : a, +- b <= 0 ? TASKS_MAX : b); ++ return MIN3(a, b, c); + } + + uint64_t system_tasks_max_scale(uint64_t v, uint64_t max) { +diff --git a/src/basic/procfs-util.c b/src/basic/procfs-util.c +index 9234ccaf85..a29e776a3a 100644 +--- a/src/basic/procfs-util.c ++++ b/src/basic/procfs-util.c +@@ -12,54 +12,34 @@ + #include "stdio-util.h" + #include "string-util.h" + +-int procfs_tasks_get_limit(uint64_t *ret) { ++int procfs_get_pid_max(uint64_t *ret) { + _cleanup_free_ char *value = NULL; +- uint64_t pid_max, threads_max; + int r; + + assert(ret); + +- /* So there are two sysctl files that control the system limit of processes: +- * +- * 1. kernel.threads-max: this is probably the sysctl that makes more sense, as it directly puts a limit on +- * concurrent tasks. +- * +- * 2. kernel.pid_max: this limits the numeric range PIDs can take, and thus indirectly also limits the number +- * of concurrent threads. AFAICS it's primarily a compatibility concept: some crappy old code used a signed +- * 16bit type for PIDs, hence the kernel provides a way to ensure the PIDs never go beyond INT16_MAX by +- * default. +- * +- * By default #2 is set to much lower values than #1, hence the limit people come into contact with first, as +- * it's the lowest boundary they need to bump when they want higher number of processes. +- * +- * Also note the weird definition of #2: PIDs assigned will be kept below this value, which means the number of +- * tasks that can be created is one lower, as PID 0 is not a valid process ID. */ +- + r = read_one_line_file("/proc/sys/kernel/pid_max", &value); + if (r < 0) + return r; + +- r = safe_atou64(value, &pid_max); +- if (r < 0) +- return r; ++ return safe_atou64(value, ret); ++} + +- value = mfree(value); +- r = read_one_line_file("/proc/sys/kernel/threads-max", &value); +- if (r < 0) +- return r; ++int procfs_get_threads_max(uint64_t *ret) { ++ _cleanup_free_ char *value = NULL; ++ int r; + +- r = safe_atou64(value, &threads_max); ++ assert(ret); ++ ++ r = read_one_line_file("/proc/sys/kernel/threads-max", &value); + if (r < 0) + return r; + +- /* Subtract one from pid_max, since PID 0 is not a valid PID */ +- *ret = MIN(pid_max-1, threads_max); +- return 0; ++ return safe_atou64(value, ret); + } + + int procfs_tasks_set_limit(uint64_t limit) { + char buffer[DECIMAL_STR_MAX(uint64_t)+1]; +- _cleanup_free_ char *value = NULL; + uint64_t pid_max; + int r; + +@@ -74,10 +54,7 @@ int procfs_tasks_set_limit(uint64_t limit) { + * set it to the maximum. */ + limit = CLAMP(limit, 20U, TASKS_MAX); + +- r = read_one_line_file("/proc/sys/kernel/pid_max", &value); +- if (r < 0) +- return r; +- r = safe_atou64(value, &pid_max); ++ r = procfs_get_pid_max(&pid_max); + if (r < 0) + return r; + +@@ -98,14 +75,10 @@ int procfs_tasks_set_limit(uint64_t limit) { + /* Hmm, we couldn't write this? If so, maybe it was already set properly? In that case let's not + * generate an error */ + +- value = mfree(value); +- if (read_one_line_file("/proc/sys/kernel/threads-max", &value) < 0) +- return r; /* return original error */ +- +- if (safe_atou64(value, &threads_max) < 0) ++ if (procfs_get_threads_max(&threads_max) < 0) + return r; /* return original error */ + +- if (MIN(pid_max-1, threads_max) != limit) ++ if (MIN(pid_max - 1, threads_max) != limit) + return r; /* return original error */ + + /* Yay! Value set already matches what we were trying to set, hence consider this a success. */ +diff --git a/src/basic/procfs-util.h b/src/basic/procfs-util.h +index 61fa71d479..eb8c7738b1 100644 +--- a/src/basic/procfs-util.h ++++ b/src/basic/procfs-util.h +@@ -5,7 +5,9 @@ + + #include "time-util.h" + +-int procfs_tasks_get_limit(uint64_t *ret); ++int procfs_get_pid_max(uint64_t *ret); ++int procfs_get_threads_max(uint64_t *ret); ++ + int procfs_tasks_set_limit(uint64_t limit); + int procfs_tasks_get_current(uint64_t *ret); + +diff --git a/src/test/test-process-util.c b/src/test/test-process-util.c +index 8c76392ae9..d89ce6e2db 100644 +--- a/src/test/test-process-util.c ++++ b/src/test/test-process-util.c +@@ -850,8 +850,14 @@ static void test_get_process_ppid(void) { + assert_se(get_process_ppid(1, NULL) == -EADDRNOTAVAIL); + + /* the process with the PID above the global limit definitely doesn't exist. Verify that */ +- assert_se(procfs_tasks_get_limit(&limit) >= 0); +- assert_se(limit >= INT_MAX || get_process_ppid(limit+1, NULL) == -ESRCH); ++ assert_se(procfs_get_pid_max(&limit) >= 0); ++ log_debug("kernel.pid_max = %"PRIu64, limit); ++ ++ if (limit < INT_MAX) { ++ r = get_process_ppid(limit + 1, NULL); ++ log_debug_errno(r, "get_process_limit(%"PRIu64") → %d/%m", limit + 1, r); ++ assert(r == -ESRCH); ++ } + + for (pid_t pid = 0;;) { + _cleanup_free_ char *c1 = NULL, *c2 = NULL; +diff --git a/src/test/test-procfs-util.c b/src/test/test-procfs-util.c +index b2679e30fb..876ef40dfd 100644 +--- a/src/test/test-procfs-util.c ++++ b/src/test/test-procfs-util.c +@@ -6,12 +6,13 @@ + #include "format-util.h" + #include "log.h" + #include "procfs-util.h" ++#include "process-util.h" + #include "tests.h" + + int main(int argc, char *argv[]) { + char buf[CONST_MAX(FORMAT_TIMESPAN_MAX, FORMAT_BYTES_MAX)]; + nsec_t nsec; +- uint64_t v; ++ uint64_t v, w; + int r; + + log_parse_environment(); +@@ -26,26 +27,39 @@ int main(int argc, char *argv[]) { + assert_se(procfs_tasks_get_current(&v) >= 0); + log_info("Current number of tasks: %" PRIu64, v); + +- r = procfs_tasks_get_limit(&v); +- if (r == -ENOENT || ERRNO_IS_PRIVILEGE(r)) +- return log_tests_skipped("can't read /proc/sys/kernel/pid_max"); ++ v = TASKS_MAX; ++ r = procfs_get_pid_max(&v); ++ assert(r >= 0 || r == -ENOENT || ERRNO_IS_PRIVILEGE(r)); ++ log_info("kernel.pid_max: %"PRIu64, v); ++ ++ w = TASKS_MAX; ++ r = procfs_get_threads_max(&w); ++ assert(r >= 0 || r == -ENOENT || ERRNO_IS_PRIVILEGE(r)); ++ log_info("kernel.threads-max: %"PRIu64, w); ++ ++ v = MIN(v - (v > 0), w); + + assert_se(r >= 0); + log_info("Limit of tasks: %" PRIu64, v); + assert_se(v > 0); +- assert_se(procfs_tasks_set_limit(v) >= 0); ++ r = procfs_tasks_set_limit(v); ++ if (r == -ENOENT || ERRNO_IS_PRIVILEGE(r)) ++ return log_tests_skipped("can't set task limits"); ++ assert(r >= 0); + + if (v > 100) { +- uint64_t w; ++ log_info("Reducing limit by one to %"PRIu64"…", v-1); ++ + r = procfs_tasks_set_limit(v-1); +- assert_se(IN_SET(r, 0, -EPERM, -EACCES, -EROFS)); ++ log_info_errno(r, "procfs_tasks_set_limit: %m"); ++ assert_se(r >= 0 || ERRNO_IS_PRIVILEGE(r)); + +- assert_se(procfs_tasks_get_limit(&w) >= 0); +- assert_se((r == 0 && w == v - 1) || (r < 0 && w == v)); ++ assert_se(procfs_get_threads_max(&w) >= 0); ++ assert_se(r >= 0 ? w == v - 1 : w == v); + + assert_se(procfs_tasks_set_limit(v) >= 0); + +- assert_se(procfs_tasks_get_limit(&w) >= 0); ++ assert_se(procfs_get_threads_max(&w) >= 0); + assert_se(v == w); + } + diff --git a/0044-test-process-util-also-add-EROFS-to-the-list-of-good.patch b/0044-test-process-util-also-add-EROFS-to-the-list-of-good.patch new file mode 100644 index 0000000..ae93bc0 --- /dev/null +++ b/0044-test-process-util-also-add-EROFS-to-the-list-of-good.patch @@ -0,0 +1,31 @@ +From e43e8caf2f2699de7da1f072bcc7c25e125313e4 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= +Date: Wed, 3 Nov 2021 09:39:16 +0100 +Subject: [PATCH] test-process-util: also add EROFS to the list of "good" + errors + +It is only added in the one place where we actually try to set the +setting to a new value. Before we were testing if we can set to it the +existing value, which was a noop. We could still get a permission error, +but this is the first place where we would propagate EROFS. + +(cherry picked from commit 6434a83d01d96e9f9a17ed9ce1f04a7d64859950) + +Related: #2017035 +--- + src/test/test-procfs-util.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/src/test/test-procfs-util.c b/src/test/test-procfs-util.c +index 876ef40dfd..f19a41475d 100644 +--- a/src/test/test-procfs-util.c ++++ b/src/test/test-procfs-util.c +@@ -52,7 +52,7 @@ int main(int argc, char *argv[]) { + + r = procfs_tasks_set_limit(v-1); + log_info_errno(r, "procfs_tasks_set_limit: %m"); +- assert_se(r >= 0 || ERRNO_IS_PRIVILEGE(r)); ++ assert_se(r >= 0 || ERRNO_IS_PRIVILEGE(r) || r == -EROFS); + + assert_se(procfs_get_threads_max(&w) >= 0); + assert_se(r >= 0 ? w == v - 1 : w == v); diff --git a/0045-ci-use-C9S-chroots-in-Packit.patch b/0045-ci-use-C9S-chroots-in-Packit.patch new file mode 100644 index 0000000..8b3991a --- /dev/null +++ b/0045-ci-use-C9S-chroots-in-Packit.patch @@ -0,0 +1,27 @@ +From 5c8d698f3905c860eff17b84a32bb7acfb98d931 Mon Sep 17 00:00:00 2001 +From: Frantisek Sumsal +Date: Thu, 4 Nov 2021 12:31:32 +0100 +Subject: [PATCH] ci: use C9S chroots in Packit + +rhel-only +Related: #2017035 +--- + .packit.yml | 5 ++--- + 1 file changed, 2 insertions(+), 3 deletions(-) + +diff --git a/.packit.yml b/.packit.yml +index 3461bccbc5..ce8782aae2 100644 +--- a/.packit.yml ++++ b/.packit.yml +@@ -37,9 +37,8 @@ jobs: + trigger: pull_request + metadata: + targets: +- # FIXME: change to CentOS 9 once it's available +- - fedora-34-x86_64 +- - fedora-34-aarch64 ++ - centos-stream-9-x86_64 ++ - centos-stream-9-aarch64 + + # TODO: can't use TFT yet due to https://pagure.io/fedora-ci/general/issue/184 + # Run tests (via testing farm) diff --git a/f58b96d3e8d1cb0dd3666bc74fa673918b586612.patch b/0046-test-mountpointutil-util-do-not-assert-in-test_mnt_i.patch similarity index 96% rename from f58b96d3e8d1cb0dd3666bc74fa673918b586612.patch rename to 0046-test-mountpointutil-util-do-not-assert-in-test_mnt_i.patch index 84497ad..1fa73eb 100644 --- a/f58b96d3e8d1cb0dd3666bc74fa673918b586612.patch +++ b/0046-test-mountpointutil-util-do-not-assert-in-test_mnt_i.patch @@ -1,4 +1,4 @@ -From f58b96d3e8d1cb0dd3666bc74fa673918b586612 Mon Sep 17 00:00:00 2001 +From 5a86b79c5f79215a17f6617ae925dc76b25396a6 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= Date: Mon, 14 Sep 2020 17:58:03 +0200 Subject: [PATCH] test-mountpointutil-util: do not assert in test_mnt_id() @@ -102,17 +102,24 @@ getpid() = 20 gettid() = 20 tgkill(20, 20, SIGABRT) = 0 rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 ---- SIGABRT {si_signo=SIGABRT, si_code=SI_TKILL, si_pid=20, si_uid=0} --- -+++ killed by SIGABRT (core dumped) +++ + +RHEL notes: af918c4 should mitigate this issue, but in some build +systems (Copr, brew, etc.) we don't have enough privileges to create a +new mount namespace + +Cherry-picked manually from https://github.com/systemd/systemd/pull/17050. + +rhel-only +Related: #2017035 --- src/test/test-mountpoint-util.c | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/src/test/test-mountpoint-util.c b/src/test/test-mountpoint-util.c -index 30b00ae4d8b..ffe5144b04a 100644 +index 983e1842d6..66d476d06d 100644 --- a/src/test/test-mountpoint-util.c +++ b/src/test/test-mountpoint-util.c -@@ -89,8 +89,12 @@ static void test_mnt_id(void) { +@@ -91,8 +91,12 @@ static void test_mnt_id(void) { /* The ids don't match? If so, then there are two mounts on the same path, let's check if * that's really the case */ char *t = hashmap_get(h, INT_TO_PTR(mnt_id2)); diff --git a/0047-core-mount-add-implicit-unit-dependencies-even-if-wh.patch b/0047-core-mount-add-implicit-unit-dependencies-even-if-wh.patch new file mode 100644 index 0000000..7b1650d --- /dev/null +++ b/0047-core-mount-add-implicit-unit-dependencies-even-if-wh.patch @@ -0,0 +1,30 @@ +From ea4ebf86d25fb9c489d1cf1ca42371b7e2e782aa Mon Sep 17 00:00:00 2001 +From: Yu Watanabe +Date: Sun, 29 Aug 2021 21:20:43 +0900 +Subject: [PATCH] core/mount: add implicit unit dependencies even if when mount + unit is generated from /proc/self/mountinfo + +Hopefully fixes #20566. + +(cherry picked from commit aebff2e7ce209fc2d75b894a3ae8b80f6f36ec11) + +Resolves: #2019468 +--- + src/core/mount.c | 4 ++++ + 1 file changed, 4 insertions(+) + +diff --git a/src/core/mount.c b/src/core/mount.c +index 1fd3102ad3..f2c85e0e5d 100644 +--- a/src/core/mount.c ++++ b/src/core/mount.c +@@ -1582,6 +1582,10 @@ static int mount_setup_new_unit( + if (r < 0) + return r; + ++ r = mount_add_non_exec_dependencies(MOUNT(u)); ++ if (r < 0) ++ return r; ++ + /* This unit was generated because /proc/self/mountinfo reported it. Remember this, so that by the time we load + * the unit file for it (and thus add in extra deps right after) we know what source to attributes the deps + * to. */ diff --git a/systemd.spec b/systemd.spec index c923347..811d033 100644 --- a/systemd.spec +++ b/systemd.spec @@ -21,7 +21,7 @@ Name: systemd Url: https://www.freedesktop.org/wiki/Software/systemd Version: 249 -Release: 8%{?dist} +Release: 9%{?dist} # For a breakdown of the licensing, see README License: LGPLv2+ and MIT and GPLv2+ Summary: System and Service Manager @@ -117,10 +117,16 @@ Patch0036: 0036-udev-node-do-not-ignore-unexpected-errors-on-removin.patch Patch0037: 0037-basic-time-util-introduce-FORMAT_TIMESPAN.patch Patch0038: 0038-udev-net-setup-link-change-the-default-MACAddressPol.patch Patch0039: 0039-set-core-ulimit-to-0-like-on-RHEL-7.patch +Patch0040: 0040-test-don-t-install-test-network-generator-conversion.patch +Patch0041: 0041-meson.build-change-operator-combining-bools-from-to-.patch +Patch0042: 0042-openssl-util-use-EVP-API-to-get-RSA-bits.patch +Patch0043: 0043-procfs-util-fix-confusion-wrt.-quantity-limit-and-ma.patch +Patch0044: 0044-test-process-util-also-add-EROFS-to-the-list-of-good.patch +Patch0045: 0045-ci-use-C9S-chroots-in-Packit.patch +Patch0046: 0046-test-mountpointutil-util-do-not-assert-in-test_mnt_i.patch +Patch0047: 0047-core-mount-add-implicit-unit-dependencies-even-if-wh.patch # Downstream-only patches (9000–9999) -# https://github.com/systemd/systemd/pull/17050 -Patch9001: https://github.com/systemd/systemd/pull/17050/commits/f58b96d3e8d1cb0dd3666bc74fa673918b586612.patch BuildRequires: gcc BuildRequires: gcc-c++ @@ -887,6 +893,17 @@ getent passwd systemd-oom &>/dev/null || useradd -r -l -g systemd-oom -d / -s /s %files standalone-sysusers -f .file-list-standalone-sysusers %changelog +* Thu Nov 18 2021 systemd maintenance team - 249-9 +- test: don't install test-network-generator-conversion.sh w/o networkd (#2017035) +- meson.build: change operator combining bools from + to and (#2017035) +- openssl-util: use EVP API to get RSA bits (#2016042) +- procfs-util: fix confusion wrt. quantity limit and maximum value (#2017035) +- test-process-util: also add EROFS to the list of "good" errors (#2017035) +- ci: use C9S chroots in Packit (#2017035) +- test-mountpointutil-util: do not assert in test_mnt_id() (#2017035) +- core/mount: add implicit unit dependencies even if when mount unit is generated from /proc/self/mountinfo (#2019468) +- Drop Patch9001 - https://github.com/systemd/systemd/pull/17050 - Replaced by Patch0046 + * Tue Oct 12 2021 systemd maintenance team - 249-8 - Really don't enable systemd-journald-audit.socket (#1973856) - rules: add elevator= kernel command line parameter (#2003002)