rpms/systemd
5
0
Fork 0
Code Issues Pull Requests Releases Activity

Backport bugfixes from upstream

Browse Source 
Most notably this commit fixes #1419501 that caused mock traceback when
running with --new-chroot.

Resolves: #1419501
This commit is contained in:
Michal Sekletar 2017-03-16 09:16:18 +01:00
parent 2809df176d
commit f5f0737829
13 changed files with 442 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

38
0001-dhcp-server-add-two-missing-OOM-checks.patch Normal file
View File

@ -0,0 +1,38 @@
From 0c65886b122a26636ad049cf12b560865ffc62a6 Mon Sep 17 00:00:00 2001
From: Lennart Poettering <lennart@poettering.net>
Date: Thu, 9 Feb 2017 10:16:52 +0100
Subject: [PATCH] dhcp-server: add two missing OOM checks
(cherry picked from commit 357e1b17b901b48714fa5301c745ae5389661798)
---
src/libsystemd-network/sd-dhcp-server.c | 6 ++++++
1 file changed, 6 insertions(+)
diff --git a/src/libsystemd-network/sd-dhcp-server.c b/src/libsystemd-network/sd-dhcp-server.c
index 2890681..315cbf1 100644
--- a/src/libsystemd-network/sd-dhcp-server.c
+++ b/src/libsystemd-network/sd-dhcp-server.c
@@ -197,7 +197,11 @@ int sd_dhcp_server_new(sd_dhcp_server **ret, int ifindex) {
server->address = htobe32(INADDR_ANY);
server->netmask = htobe32(INADDR_ANY);
server->ifindex = ifindex;
+
server->leases_by_client_id = hashmap_new(&client_id_hash_ops);
+ if (!server->leases_by_client_id)
+ return -ENOMEM;
+
server->default_lease_time = DIV_ROUND_UP(DHCP_DEFAULT_LEASE_TIME_USEC, USEC_PER_SEC);
server->max_lease_time = DIV_ROUND_UP(DHCP_MAX_LEASE_TIME_USEC, USEC_PER_SEC);
@@ -857,6 +861,8 @@ int dhcp_server_handle_message(sd_dhcp_server *server, DHCPMessage *message,
if (!existing_lease) {
lease = new0(DHCPLease, 1);
+ if (!lease)
+ return -ENOMEM;
lease->address = address;
lease->client_id.data = memdup(req->client_id.data,
req->client_id.length);
--
2.9.3

28
0002-import-bump-image-size-safety-limit-for-machinectl-p.patch Normal file
View File

@ -0,0 +1,28 @@
From bd9bb2324adf9e16cdf4e6c3588ddc7778530fd8 Mon Sep 17 00:00:00 2001
From: Dax Kelson <dkelson@gurulabs.com>
Date: Sun, 5 Mar 2017 05:03:53 -0700
Subject: [PATCH] import: bump image size safety limit for machinectl pull
(#5535)
We currenly use 40GB images in our environment
(cherry picked from commit 055c521ad4e9d2f923e9373ac12e214a1e896cc7)
---
src/import/pull-job.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/import/pull-job.c b/src/import/pull-job.c
index e550df2..70aaa5c 100644
--- a/src/import/pull-job.c
+++ b/src/import/pull-job.c
@@ -527,7 +527,7 @@ int pull_job_new(PullJob **ret, const char *url, CurlGlue *glue, void *userdata)
j->glue = glue;
j->content_length = (uint64_t) -1;
j->start_usec = now(CLOCK_MONOTONIC);
- j->compressed_max = j->uncompressed_max = 8LLU * 1024LLU * 1024LLU * 1024LLU; /* 8GB */
+ j->compressed_max = j->uncompressed_max = 64LLU * 1024LLU * 1024LLU * 1024LLU; /* 64GB safety limit */
j->url = strdup(url);
if (!j->url)
--
2.9.3

44
0003-coredump-fix-handling-of-premature-eof-data-for-back.patch Normal file
View File

@ -0,0 +1,44 @@
From 5b21af2bf21f57e9b7ae30217ed01545029256e8 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= <zbyszek@in.waw.pl>
Date: Sun, 5 Mar 2017 10:35:44 -0500
Subject: [PATCH] coredump: fix handling of premature-eof data for --backtrace
We'd fail with an assert in journal_importer_process_data(),
because that function requires the caller to handle EOF themselves.
(cherry picked from commit d74dc4f2d00644c04ad9dc900ef43050fcadaa8b)
---
src/basic/journal-importer.c | 2 +-
src/coredump/coredump.c | 3 ++-
2 files changed, 3 insertions(+), 2 deletions(-)
diff --git a/src/basic/journal-importer.c b/src/basic/journal-importer.c
index 4c13e46..d25fd35 100644
--- a/src/basic/journal-importer.c
+++ b/src/basic/journal-importer.c
@@ -314,7 +314,7 @@ int journal_importer_process_data(JournalImporter *imp) {
return r;
if (r == 0) {
imp->state = IMPORTER_STATE_EOF;
- return r;
+ return 0;
}
assert(n > 0);
assert(line[n-1] == '\n');
diff --git a/src/coredump/coredump.c b/src/coredump/coredump.c
index 4c4f36a..5828e94 100644
--- a/src/coredump/coredump.c
+++ b/src/coredump/coredump.c
@@ -1326,7 +1326,8 @@ static int process_backtrace(int argc, char *argv[]) {
log_error_errno(r, "Failed to parse journal entry on stdin: %m");
goto finish;
}
- if (r == 1)
+ if (r == 1 || /* complete entry */
+ journal_importer_eof(&importer)) /* end of data */
break;
}
--
2.9.3

28
0004-cgtop-use-PRIu64-to-print-uint64_t-5544.patch Normal file
View File

@ -0,0 +1,28 @@
From fe9d0ba1f8e60fbea433f75319d0487e5b58c79b Mon Sep 17 00:00:00 2001
From: "Thomas H. P. Andersen" <phomes@gmail.com>
Date: Tue, 7 Mar 2017 07:47:18 +0100
Subject: [PATCH] cgtop: use PRIu64 to print uint64_t (#5544)
Commit 59f448cf replaced usage of off_t with uint64_t. Change the
format string to use PRIu64 to match it.
(cherry picked from commit 557e36934d21b08acafbe2baf6ebfde761fbae25)
---
src/cgtop/cgtop.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/cgtop/cgtop.c b/src/cgtop/cgtop.c
index a1c0f48..67f3a99 100644
--- a/src/cgtop/cgtop.c
+++ b/src/cgtop/cgtop.c
@@ -118,7 +118,7 @@ static const char *maybe_format_bytes(char *buf, size_t l, bool is_valid, uint64
if (!is_valid)
return "-";
if (arg_raw) {
- snprintf(buf, l, "%jd", t);
+ snprintf(buf, l, "%" PRIu64, t);
return buf;
}
return format_bytes(buf, l, t);
--
2.9.3

26
0005-man-fix-typo-5556.patch Normal file
View File

@ -0,0 +1,26 @@
From 9283e138a2a9347d9df9bc1d0371cff74d09d43f Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Torstein=20Huseb=C3=B8?= <torstein@huseboe.net>
Date: Wed, 8 Mar 2017 13:54:22 +0100
Subject: [PATCH] man: fix typo (#5556)
(cherry picked from commit 6cf5a9648928be1e2b8fcdbf2903761000f6e803)
---
man/systemd.exec.xml | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/man/systemd.exec.xml b/man/systemd.exec.xml
index 5d4986b..fb64cd6 100644
--- a/man/systemd.exec.xml
+++ b/man/systemd.exec.xml
@@ -138,7 +138,7 @@
<varlistentry>
<term><varname>RootImage=</varname></term>
<listitem><para>Takes a path to a block device node or regular file as argument. This call is similar to
- <varname>RootDirectory=</varname> however mounts a file system hierarchy from a block device node or loopack
+ <varname>RootDirectory=</varname> however mounts a file system hierarchy from a block device node or loopback
file instead of a directory. The device node or file system image file needs to contain a file system without a
partition table, or a file system within an MBR/MS-DOS or GPT partition table with only a single
Linux-compatible partition, or a set of file systems within a GPT partition table that follows the <ulink
--
2.9.3

49
0006-Fix-typo-in-function-name-5565.patch Normal file
View File

@ -0,0 +1,49 @@
From e05b13d4d4d5f076b9741e446640d75370bbf878 Mon Sep 17 00:00:00 2001
From: Michal Sekletar <msekletar@users.noreply.github.com>
Date: Fri, 10 Mar 2017 15:16:24 +0100
Subject: [PATCH] Fix typo in function name (#5565)
(cherry picked from commit 8feabc46263079cffba8a39c4082563320aeffc0)
---
man/sd_journal_get_fd.xml | 4 ++--
man/sd_login_monitor_new.xml | 2 +-
2 files changed, 3 insertions(+), 3 deletions(-)
diff --git a/man/sd_journal_get_fd.xml b/man/sd_journal_get_fd.xml
index 61293f7..2e686ca 100644
--- a/man/sd_journal_get_fd.xml
+++ b/man/sd_journal_get_fd.xml
@@ -146,7 +146,7 @@ if (t == (uint64_t) -1)
else {
struct timespec ts;
uint64_t n;
- clock_getttime(CLOCK_MONOTONIC, &amp;ts);
+ clock_gettime(CLOCK_MONOTONIC, &amp;ts);
n = (uint64_t) ts.tv_sec * 1000000 + ts.tv_nsec / 1000;
msec = t > n ? (int) ((t - n + 999) / 1000) : 0;
}</programlisting>
@@ -304,7 +304,7 @@ int wait_for_changes(sd_journal *j) {
else {
struct timespec ts;
uint64_t n;
- clock_getttime(CLOCK_MONOTONIC, &amp;ts);
+ clock_gettime(CLOCK_MONOTONIC, &amp;ts);
n = (uint64_t) ts.tv_sec * 1000000 + ts.tv_nsec / 1000;
msec = t > n ? (int) ((t - n + 999) / 1000) : 0;
}
diff --git a/man/sd_login_monitor_new.xml b/man/sd_login_monitor_new.xml
index 5625ab9..129c99f 100644
--- a/man/sd_login_monitor_new.xml
+++ b/man/sd_login_monitor_new.xml
@@ -203,7 +203,7 @@ if (t == (uint64_t) -1)
else {
struct timespec ts;
uint64_t n;
- clock_getttime(CLOCK_MONOTONIC, &amp;ts);
+ clock_gettime(CLOCK_MONOTONIC, &amp;ts);
n = (uint64_t) ts.tv_sec * 1000000 + ts.tv_nsec / 1000;
msec = t > n ? (int) ((t - n + 999) / 1000) : 0;
}</programlisting>
--
2.9.3

28
0007-resolve-add-missing-space-in-output-message-5574.patch Normal file
View File

@ -0,0 +1,28 @@
From fd46fb0d1606468232c6c74aa6a02c77c8d5934c Mon Sep 17 00:00:00 2001
From: Yu Watanabe <watanabe.yu+github@gmail.com>
Date: Mon, 13 Mar 2017 09:12:03 +0900
Subject: [PATCH] resolve: add missing space in output message (#5574)
(cherry picked from commit 44ccb3d72315f68d0b4b07217c99bad35b055ec3)
---
src/resolve/resolve-tool.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/src/resolve/resolve-tool.c b/src/resolve/resolve-tool.c
index 32537ce..c620589 100644
--- a/src/resolve/resolve-tool.c
+++ b/src/resolve/resolve-tool.c
@@ -114,8 +114,8 @@ static void print_source(uint64_t flags, usec_t rtt) {
flags & SD_RESOLVED_DNS ? " DNS" :"",
flags & SD_RESOLVED_LLMNR_IPV4 ? " LLMNR/IPv4" : "",
flags & SD_RESOLVED_LLMNR_IPV6 ? " LLMNR/IPv6" : "",
- flags & SD_RESOLVED_MDNS_IPV4 ? "mDNS/IPv4" : "",
- flags & SD_RESOLVED_MDNS_IPV6 ? "mDNS/IPv6" : "");
+ flags & SD_RESOLVED_MDNS_IPV4 ? " mDNS/IPv4" : "",
+ flags & SD_RESOLVED_MDNS_IPV6 ? " mDNS/IPv6" : "");
assert_se(format_timespan(rtt_str, sizeof(rtt_str), rtt, 100));
--
2.9.3

31
0008-headers-check-that-__INCLUDE_LEVEL__-is-defined-befo.patch Normal file
View File

@ -0,0 +1,31 @@
From c1e4a9e5f7839fa35661069e2aaf600a915f0c6b Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= <zbyszek@in.waw.pl>
Date: Mon, 13 Mar 2017 03:11:24 -0400
Subject: [PATCH] headers: check that __INCLUDE_LEVEL__ is defined before using
it (#5575)
That macro is a gcc extension, and while widely supported, not ubiquitous.
In particular the coverity scanner is having trouble with it.
(cherry picked from commit 1070d271fa8fa553d57dd5f74dd1e3f60732d0b9)
---
src/systemd/_sd-common.h | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/src/systemd/_sd-common.h b/src/systemd/_sd-common.h
index 3bb886b..97c3943 100644
--- a/src/systemd/_sd-common.h
+++ b/src/systemd/_sd-common.h
@@ -22,8 +22,8 @@
/* This is a private header; never even think of including this directly! */
-#if __INCLUDE_LEVEL__ <= 1
-#error "Do not include _sd-common.h directly; it is a private header."
+#if defined(__INCLUDE_LEVEL__) && __INCLUDE_LEVEL__ <= 1
+# error "Do not include _sd-common.h directly; it is a private header."
#endif
#ifndef _sd_printf_
--
2.9.3

58
0009-journal-prevent-integer-overflow-while-validating-he.patch Normal file
View File

@ -0,0 +1,58 @@
From 112d963a0542b1280667e2eb2727a8946d9bcf8d Mon Sep 17 00:00:00 2001
From: Tobias Stoeckmann <stoeckmann@users.noreply.github.com>
Date: Mon, 13 Mar 2017 08:14:42 +0100
Subject: [PATCH] journal: prevent integer overflow while validating header
(#5569)
It is possible to overflow uint64_t while validating the header of
a journal file. To prevent this, the addition itself is checked to
be within the limits of UINT64_MAX first.
To keep this readable, I have introduced two stack variables which
hold the converted values during validation.
(cherry picked from commit 6f94e420e8355421fc31713a0df760d6b20473ac)
---
src/journal/journal-file.c | 12 +++++++++---
1 file changed, 9 insertions(+), 3 deletions(-)
diff --git a/src/journal/journal-file.c b/src/journal/journal-file.c
index a6ccb67..14cb01a 100644
--- a/src/journal/journal-file.c
+++ b/src/journal/journal-file.c
@@ -546,6 +546,8 @@ static bool warn_wrong_flags(const JournalFile *f, bool compatible) {
}
static int journal_file_verify_header(JournalFile *f) {
+ uint64_t arena_size, header_size;
+
assert(f);
assert(f->header);
@@ -564,17 +566,21 @@ static int journal_file_verify_header(JournalFile *f) {
if (f->header->state >= _STATE_MAX)
return -EBADMSG;
+ header_size = le64toh(f->header->header_size);
+
/* The first addition was n_data, so check that we are at least this large */
- if (le64toh(f->header->header_size) < HEADER_SIZE_MIN)
+ if (header_size < HEADER_SIZE_MIN)
return -EBADMSG;
if (JOURNAL_HEADER_SEALED(f->header) && !JOURNAL_HEADER_CONTAINS(f->header, n_entry_arrays))
return -EBADMSG;
- if ((le64toh(f->header->header_size) + le64toh(f->header->arena_size)) > (uint64_t) f->last_stat.st_size)
+ arena_size = le64toh(f->header->arena_size);
+
+ if (UINT64_MAX - header_size < arena_size || header_size + arena_size > (uint64_t) f->last_stat.st_size)
return -ENODATA;
- if (le64toh(f->header->tail_object_offset) > (le64toh(f->header->header_size) + le64toh(f->header->arena_size)))
+ if (le64toh(f->header->tail_object_offset) > header_size + arena_size)
return -ENODATA;
if (!VALID64(le64toh(f->header->data_hash_table_offset)) ||
--
2.9.3

30
0010-machinectl-don-t-return-1-in-case-we-couldn-t-figure.patch Normal file
View File

@ -0,0 +1,30 @@
From 51ad3c9829dfee2051fc97bd904d9ac6b191970c Mon Sep 17 00:00:00 2001
From: Michal Sekletar <msekletar@users.noreply.github.com>
Date: Tue, 14 Mar 2017 22:38:19 +0100
Subject: [PATCH] machinectl: don't return 1 in case we couldn't figure out
container IP addresses (#5587)
This is in spirit very similar to commit
4b2419165ce409ee55ce96a926302f89685f2293.
Fixes: #5581
(cherry picked from commit 3c302cddfb2e921578d1238ebcc0cb5ff34fbebe)
---
src/machine/machinectl.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/src/machine/machinectl.c b/src/machine/machinectl.c
index 2838428..3031ed5 100644
--- a/src/machine/machinectl.c
+++ b/src/machine/machinectl.c
@@ -340,6 +340,7 @@ static int list_machines(int argc, char *argv[], void *userdata) {
printf("No machines.\n");
}
+ r = 0;
out:
clean_machine_info(machines, n_machines);
return r;
--
2.9.3

37
0011-man-Document-when-pam_systemd-sets-XDG_RUNTIME_DIR-5.patch Normal file
View File

@ -0,0 +1,37 @@
From 6c03191c817094b67352a8553b5df9850eaecd88 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Adrian=20Heine=20n=C3=A9=20Lang?= <mail@adrianheine.de>
Date: Tue, 14 Mar 2017 22:42:18 +0100
Subject: [PATCH] man: Document when pam_systemd sets XDG_RUNTIME_DIR (#5570)
https://github.com/systemd/systemd/blob/f97b34a6/src/login/pam_systemd.c#L439
(cherry picked from commit 5c50321ca9c660dac39976ab29ed2f28f872628d)
---
man/pam_systemd.xml | 5 +++--
1 file changed, 3 insertions(+), 2 deletions(-)
diff --git a/man/pam_systemd.xml b/man/pam_systemd.xml
index 6e1aa0d..cef5445c 100644
--- a/man/pam_systemd.xml
+++ b/man/pam_systemd.xml
@@ -88,7 +88,7 @@
and so will the user's slice unit.</para></listitem>
<listitem><para>If the last concurrent session of a user ends,
- the <varname>$XDG_RUNTIME_DIR</varname> directory and all its
+ the user runtime directory <filename>/run/user/$UID</filename> and all its
contents are removed, too.</para></listitem>
</orderedlist>
@@ -192,7 +192,8 @@
offers the greatest possible file system feature set the
operating system provides. For further details, see the <ulink
url="http://standards.freedesktop.org/basedir-spec/basedir-spec-latest.html">XDG
- Base Directory Specification</ulink>.</para></listitem>
+ Base Directory Specification</ulink>. <varname>$XDG_RUNTIME_DIR</varname>
+ is not set if the current user is not the original user of the session.</para></listitem>
</varlistentry>
</variablelist>
--
2.9.3

27
0012-man-Fix-a-simple-grammar-error-in-systemd.service.xm.patch Normal file
View File

@ -0,0 +1,27 @@
From dd8b6fa3f53ff9912f3ffdfeaedf79612e5f8395 Mon Sep 17 00:00:00 2001
From: AlexanderKurtz <alexander@kurtz.be>
Date: Thu, 16 Mar 2017 01:33:56 +0100
Subject: [PATCH] man: Fix a simple grammar error in systemd.service.xml
(#5594)
(cherry picked from commit bda99fab3104095420d3ee03593d07469153f6c4)
---
man/systemd.service.xml | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/man/systemd.service.xml b/man/systemd.service.xml
index 52eb2bb..a452e3a 100644
--- a/man/systemd.service.xml
+++ b/man/systemd.service.xml
@@ -184,7 +184,7 @@
process has to exit before systemd starts follow-up units.
<varname>RemainAfterExit=</varname> is particularly useful for
this type of service. This is the implied default if neither
- <varname>Type=</varname> or <varname>ExecStart=</varname> are
+ <varname>Type=</varname> nor <varname>ExecStart=</varname> are
specified.</para>
<para>Behavior of <option>dbus</option> is similar to
--
2.9.3

19
systemd.spec
View File

@ -13,7 +13,7 @@
Name: systemd
Url: http://www.freedesktop.org/wiki/Software/systemd
Version: 233
Release: 2%{?gitcommit:.git%{gitcommitshort}}%{?dist}
Release: 3%{?gitcommit:.git%{gitcommitshort}}%{?dist}
# For a breakdown of the licensing, see README
License: LGPLv2+ and MIT and GPLv2+
Summary: System and Service Manager
@ -45,6 +45,19 @@ Source12: https://raw.githubusercontent.com/systemd/systemd/1000522a60cead
# GIT_DIR=../../src/systemd/.git git diffab -M v233..master@{2017-01-30} hwdb/[67]* > hwdb.patch
Patch0001: 0001-dhcp-server-add-two-missing-OOM-checks.patch
Patch0002: 0002-import-bump-image-size-safety-limit-for-machinectl-p.patch
Patch0003: 0003-coredump-fix-handling-of-premature-eof-data-for-back.patch
Patch0004: 0004-cgtop-use-PRIu64-to-print-uint64_t-5544.patch
Patch0005: 0005-man-fix-typo-5556.patch
Patch0006: 0006-Fix-typo-in-function-name-5565.patch
Patch0007: 0007-resolve-add-missing-space-in-output-message-5574.patch
Patch0008: 0008-headers-check-that-__INCLUDE_LEVEL__-is-defined-befo.patch
Patch0009: 0009-journal-prevent-integer-overflow-while-validating-he.patch
Patch0010: 0010-machinectl-don-t-return-1-in-case-we-couldn-t-figure.patch
Patch0011: 0011-man-Document-when-pam_systemd-sets-XDG_RUNTIME_DIR-5.patch
Patch0012: 0012-man-Fix-a-simple-grammar-error-in-systemd.service.xm.patch
Patch0998: 0998-resolved-create-etc-resolv.conf-symlink-at-runtime.patch
%global num_patches %{lua: c=0; for i,p in ipairs(patches) do c=c+1; end; print(c);}
@ -1037,6 +1050,10 @@ getent passwd systemd-journal-upload &>/dev/null || useradd -r -l -g systemd-jou
%{pkgdir}/tests
%changelog
* Thu Mar 16 2017 Michal Sekletar <msekleta@redhat.com> - 233-3
- Backport bugfixes from upstream
- Don't return error when machinectl couldn't figure out container IP addresses (#1419501)
* Thu Mar 2 2017 Zbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl> - 233-2
- Fix installation conflict with polkit