diff --git a/.libcgroup.metadata b/.libcgroup.metadata index ea470e4..7e93276 100644 --- a/.libcgroup.metadata +++ b/.libcgroup.metadata @@ -1 +1 @@ -963fe7ff632317d5d4373b0748af31ab9ce43718 SOURCES/libcgroup-0.40.rc1.tar.bz2 +9b7537bf2204f6b78d63a9f77e3c75443d28a6d5 SOURCES/libcgroup-0.41.tar.bz2 diff --git a/SOURCES/cgred.service b/SOURCES/cgred.service new file mode 100644 index 0000000..7a77194 --- /dev/null +++ b/SOURCES/cgred.service @@ -0,0 +1,12 @@ +[Unit] +Description=CGroups Rules Engine Daemon +After=syslog.target + +[Service] +Type=forking +EnvironmentFile=-/etc/sysconfig/cgred +ExecStart=/usr/sbin/cgrulesengd $OPTIONS + +[Install] +WantedBy=multi-user.target + diff --git a/SOURCES/cgred.sysconfig b/SOURCES/cgred.sysconfig new file mode 100644 index 0000000..43f4ce4 --- /dev/null +++ b/SOURCES/cgred.sysconfig @@ -0,0 +1,3 @@ +# cgrulesengd command line options. See cgrulesengd(8). +OPTIONS="-s -g cgred" + diff --git a/SOURCES/libcgroup-0.37-cgred-empty-config.patch b/SOURCES/libcgroup-0.37-cgred-empty-config.patch deleted file mode 100644 index b1b7fd2..0000000 --- a/SOURCES/libcgroup-0.37-cgred-empty-config.patch +++ /dev/null @@ -1,51 +0,0 @@ -diff -up libcgroup-0.40.rc1/scripts/init.d/cgred.in.empty-config libcgroup-0.40.rc1/scripts/init.d/cgred.in ---- libcgroup-0.40.rc1/scripts/init.d/cgred.in.empty-config 2013-08-26 14:24:16.070531165 +0200 -+++ libcgroup-0.40.rc1/scripts/init.d/cgred.in 2013-08-26 14:24:16.072531149 +0200 -@@ -81,10 +81,6 @@ start() - log_failure_msg "$servicename is already running with PID `cat ${pidfile}`" - return 0 - fi -- if [ ! -s $CGRED_CONF ]; then -- log_failure_msg "not configured" -- return 6 -- fi - if ! grep "^cgroup" /proc/mounts &>/dev/null; then - echo - log_failure_msg $"Cannot find cgroups, is cgconfig service running?" -diff -up libcgroup-0.40.rc1/src/api.c.empty-config libcgroup-0.40.rc1/src/api.c ---- libcgroup-0.40.rc1/src/api.c.empty-config 2013-05-21 15:36:04.000000000 +0200 -+++ libcgroup-0.40.rc1/src/api.c 2013-08-26 14:24:16.073531142 +0200 -@@ -541,17 +541,6 @@ static int cgroup_parse_rules(bool cache - /* Loop variable. */ - int i = 0; - -- /* Open the configuration file. */ -- pthread_rwlock_wrlock(&rl_lock); -- fp = fopen(CGRULES_CONF_FILE, "re"); -- if (!fp) { -- cgroup_err("Error: failed to open configuration file %s: %s\n", -- CGRULES_CONF_FILE, strerror(errno)); -- last_errno = errno; -- ret = ECGOTHER; -- goto unlock; -- } -- - /* Determine which list we're using. */ - if (cache) - lst = &rl; -@@ -562,6 +551,15 @@ static int cgroup_parse_rules(bool cache - if (lst->head) - cgroup_free_rule_list(lst); - -+ /* Open the configuration file. */ -+ pthread_rwlock_wrlock(&rl_lock); -+ fp = fopen(CGRULES_CONF_FILE, "re"); -+ if (!fp) { -+ cgroup_warn("Warning: failed to open configuration file %s: %s\n", -+ CGRULES_CONF_FILE, strerror(errno)); -+ goto unlock; -+ } -+ - /* Now, parse the configuration file one line at a time. */ - cgroup_dbg("Parsing configuration file.\n"); - while (fgets(buff, sizeof(buff), fp) != NULL) { diff --git a/SOURCES/libcgroup-0.37-chmod.patch b/SOURCES/libcgroup-0.37-chmod.patch index a7aad8c..bca595f 100644 --- a/SOURCES/libcgroup-0.37-chmod.patch +++ b/SOURCES/libcgroup-0.37-chmod.patch @@ -1,7 +1,7 @@ -diff -up libcgroup-0.40.rc1/src/api.c.chmod libcgroup-0.40.rc1/src/api.c ---- libcgroup-0.40.rc1/src/api.c.chmod 2013-08-26 17:30:03.588276405 +0200 -+++ libcgroup-0.40.rc1/src/api.c 2013-08-26 17:30:23.104126917 +0200 -@@ -156,6 +156,10 @@ static int cg_chown_file(FTS *fts, FTSEN +diff -up libcgroup-0.41/src/api.c.chmod libcgroup-0.41/src/api.c +--- libcgroup-0.41/src/api.c.chmod 2014-01-13 15:05:56.000000000 +0100 ++++ libcgroup-0.41/src/api.c 2014-01-13 20:41:55.255577622 +0100 +@@ -153,6 +153,10 @@ static int cg_chown_file(FTS *fts, FTSEN return ret; } @@ -12,7 +12,7 @@ diff -up libcgroup-0.40.rc1/src/api.c.chmod libcgroup-0.40.rc1/src/api.c /* * TODO: Need to decide a better place to put this function. */ -@@ -163,6 +167,8 @@ static int cg_chown_recursive(char **pat +@@ -160,6 +164,8 @@ static int cg_chown_recursive(char **pat { int ret = 0; FTS *fts; @@ -21,7 +21,7 @@ diff -up libcgroup-0.40.rc1/src/api.c.chmod libcgroup-0.40.rc1/src/api.c cgroup_dbg("chown: path is %s\n", *path); fts = fts_open(path, FTS_PHYSICAL | FTS_NOCHDIR | -@@ -180,6 +186,7 @@ static int cg_chown_recursive(char **pat +@@ -177,6 +183,7 @@ static int cg_chown_recursive(char **pat cgroup_warn("Warning: fts_read failed\n"); break; } diff --git a/SOURCES/libcgroup-0.37-pam_cgroup.patch b/SOURCES/libcgroup-0.37-pam_cgroup.patch deleted file mode 100644 index 2ca7f1d..0000000 --- a/SOURCES/libcgroup-0.37-pam_cgroup.patch +++ /dev/null @@ -1,12 +0,0 @@ -diff -up ./libcgroup-0.37/src/pam/pam_cgroup.c.old ./libcgroup-0.37/src/pam/pam_cgroup.c ---- a/src/pam/pam_cgroup.c.old 2010-10-20 15:59:13.000000000 +0200 -+++ b/src/pam/pam_cgroup.c 2013-06-13 17:50:56.000000000 +0200 -@@ -137,7 +137,7 @@ PAM_EXTERN int pam_sm_open_session(pam_h - /* Note: We are using default gid here. Is there a way to determine - * under what egid service will be provided? - */ -- ret = cgroup_change_cgroup_uid_gid(pwd->pw_uid, pwd->pw_gid, pid); -+ ret = cgroup_change_cgroup_uid_gid_flags(pwd->pw_uid, pwd->pw_gid, pid, CGFLAG_USECACHE); - if (ret) { - if (ctrl & PAM_DEBUG_ARG) - pam_syslog(pamh, LOG_ERR, "Change of cgroup for process" diff --git a/SOURCES/libcgroup-0.40.rc1-cast-and-typo.patch b/SOURCES/libcgroup-0.40.rc1-cast-and-typo.patch deleted file mode 100644 index 770b546..0000000 --- a/SOURCES/libcgroup-0.40.rc1-cast-and-typo.patch +++ /dev/null @@ -1,24 +0,0 @@ -diff -upr libcgroup-0.40.rc1.orig/src/tools/cgclassify.c libcgroup-0.40.rc1/src/tools/cgclassify.c ---- libcgroup-0.40.rc1.orig/src/tools/cgclassify.c 2013-05-21 15:36:04.000000000 +0200 -+++ libcgroup-0.40.rc1/src/tools/cgclassify.c 2013-09-12 14:56:17.008741770 +0200 -@@ -175,7 +175,7 @@ int main(int argc, char *argv[]) - } - - for (i = optind; i < argc; i++) { -- pid = (uid_t) strtol(argv[i], &endptr, 10); -+ pid = (pid_t) strtol(argv[i], &endptr, 10); - if (endptr[0] != '\0') { - /* the input argument was not a number */ - fprintf(stderr, "Error: %s is not valid pid.\n", -diff -upr libcgroup-0.40.rc1.orig/src/tools/cgexec.c libcgroup-0.40.rc1/src/tools/cgexec.c ---- libcgroup-0.40.rc1.orig/src/tools/cgexec.c 2013-05-21 15:36:04.000000000 +0200 -+++ libcgroup-0.40.rc1/src/tools/cgexec.c 2013-09-12 14:57:17.203086321 +0200 -@@ -113,7 +113,7 @@ int main(int argc, char *argv[]) - /* Just for debugging purposes. */ - uid = geteuid(); - gid = getegid(); -- cgroup_dbg("My euid and eguid is: %d,%d\n", (int) uid, (int) gid); -+ cgroup_dbg("My euid and egid is: %d,%d\n", (int) uid, (int) gid); - - uid = getuid(); - gid = getgid(); diff --git a/SOURCES/libcgroup-0.40.rc1-cgred-order.patch b/SOURCES/libcgroup-0.40.rc1-cgred-order.patch deleted file mode 100644 index 8858ae9..0000000 --- a/SOURCES/libcgroup-0.40.rc1-cgred-order.patch +++ /dev/null @@ -1,12 +0,0 @@ -diff -ur libcgroup-0.37.orig/scripts/init.d/cgred.in libcgroup-0.37/scripts/init.d/cgred.in ---- libcgroup-0.37.orig/scripts/init.d/cgred.in 2013-08-15 13:47:27.408910000 +0200 -+++ libcgroup-0.37/scripts/init.d/cgred.in 2013-08-15 13:48:12.939568065 +0200 -@@ -14,7 +14,7 @@ - # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. - # - # cgred CGroups Rules Engine Daemon --# chkconfig: - 14 86 -+# chkconfig: - 30 86 - # description: This is a daemon for automatically classifying processes \ - # into cgroups based on UID/GID. - # diff --git a/SOURCES/libcgroup-0.40.rc1-change-all-cgroups-cache.patch b/SOURCES/libcgroup-0.40.rc1-change-all-cgroups-cache.patch deleted file mode 100644 index 3ed6fa4..0000000 --- a/SOURCES/libcgroup-0.40.rc1-change-all-cgroups-cache.patch +++ /dev/null @@ -1,13 +0,0 @@ -diff -upr libcgroup-0.40.rc1.orig/src/api.c libcgroup-0.40.rc1/src/api.c ---- libcgroup-0.40.rc1.orig/src/api.c 2013-09-26 10:28:26.150422000 +0200 -+++ libcgroup-0.40.rc1/src/api.c 2013-09-26 13:33:20.439405038 +0200 -@@ -3140,7 +3140,8 @@ int cgroup_change_all_cgroups(void) - if (err) - continue; - -- err = cgroup_change_cgroup_flags(euid, egid, procname, pid, 0); -+ err = cgroup_change_cgroup_flags(euid, egid, -+ procname, pid, CGFLAG_USECACHE); - if (err) - cgroup_dbg("cgroup change pid %i failed\n", pid); - } diff --git a/SOURCES/libcgroup-0.40.rc1-config-table.patch b/SOURCES/libcgroup-0.40.rc1-config-table.patch deleted file mode 100644 index cdf61d8..0000000 --- a/SOURCES/libcgroup-0.40.rc1-config-table.patch +++ /dev/null @@ -1,31 +0,0 @@ -diff -upr libcgroup-0.40.rc1.orig/src/config.c libcgroup-0.40.rc1/src/config.c ---- libcgroup-0.40.rc1.orig/src/config.c 2013-09-12 16:40:32.552179000 +0200 -+++ libcgroup-0.40.rc1/src/config.c 2013-09-12 17:12:30.218979633 +0200 -@@ -130,7 +130,7 @@ int config_insert_cgroup(char *cg_name, - break; - default: - return 0; -- } -+ } - - if (*table_index >= *max - 1) { - struct cgroup *newblk; -@@ -151,7 +151,17 @@ int config_insert_cgroup(char *cg_name, - memset(newblk + oldlen, 0, (*max - oldlen) * - sizeof(struct cgroup)); - init_cgroup_table(newblk + oldlen, *max - oldlen); -- config_cgroup_table = newblk; -+ config_table = newblk; -+ switch (flag) { -+ case CGROUP: -+ config_cgroup_table = config_table; -+ break; -+ case TEMPLATE: -+ config_template_table = config_table; -+ break; -+ default: -+ return 0; -+ } - cgroup_dbg("maximum %d\n", *max); - cgroup_dbg("reallocated config_table to %p\n", - config_table); diff --git a/SOURCES/libcgroup-0.40.rc1-coverity.patch b/SOURCES/libcgroup-0.40.rc1-coverity.patch index 0d4d059..439abf1 100644 --- a/SOURCES/libcgroup-0.40.rc1-coverity.patch +++ b/SOURCES/libcgroup-0.40.rc1-coverity.patch @@ -1,31 +1,7 @@ -diff -upr libcgroup-0.40.rc1.orig/src/api.c libcgroup-0.40.rc1/src/api.c ---- libcgroup-0.40.rc1.orig/src/api.c 2013-08-27 18:20:40.399333000 +0200 -+++ libcgroup-0.40.rc1/src/api.c 2013-08-27 19:34:07.569670729 +0200 -@@ -1003,6 +1003,10 @@ int cgroup_init(void) - - if (mntopt) { - mntopt = strtok_r(mntopt, ",", &strtok_buffer); -+ if (!mntopt) { -+ continue; -+ } -+ - /* - * Check if it is a duplicate - */ -@@ -2719,10 +2723,10 @@ char *cgroup_copy_with_slash(char *input - int len = strlen(input); - - /* if input does not end with '/', allocate one more space for it */ -- if ((input[len-2]) != '/') -+ if ((input[len-1]) != '/') - len = len+1; - -- output = (char *)malloc(sizeof(char)*(len)); -+ output = (char *)malloc(sizeof(char)*(len + 1)); - if (output == NULL) - return NULL; - -@@ -2796,7 +2800,6 @@ static int cgroup_create_template_group( +diff -up libcgroup-0.41/src/api.c.coverity libcgroup-0.41/src/api.c +--- libcgroup-0.41/src/api.c.coverity 2014-01-13 20:52:49.853838149 +0100 ++++ libcgroup-0.41/src/api.c 2014-01-13 20:52:49.854838142 +0100 +@@ -2791,7 +2791,6 @@ static int cgroup_create_template_group( if (group_name == NULL) { ret = ECGOTHER; last_errno = errno; @@ -33,28 +9,10 @@ diff -upr libcgroup-0.40.rc1.orig/src/api.c libcgroup-0.40.rc1/src/api.c goto end; } -@@ -3318,7 +3321,7 @@ int cgroup_get_current_controller_path(p - } - - token = strtok_r(controllers, ",", &savedptr); -- do { -+ while (token) { - if (strncmp(controller, token, strlen(controller) + 1) - == 0) { - *current_path = strdup(cgroup_path); -@@ -3331,7 +3334,7 @@ int cgroup_get_current_controller_path(p - goto done; - } - token = strtok_r(NULL, ",", &savedptr); -- } while (token); -+ } - } - - done: -diff -upr libcgroup-0.40.rc1.orig/src/config.c libcgroup-0.40.rc1/src/config.c ---- libcgroup-0.40.rc1.orig/src/config.c 2013-05-21 15:36:04.000000000 +0200 -+++ libcgroup-0.40.rc1/src/config.c 2013-08-27 19:31:54.193828164 +0200 -@@ -313,7 +313,7 @@ int config_group_task_perm(char *perm_ty +diff -up libcgroup-0.41/src/config.c.coverity libcgroup-0.41/src/config.c +--- libcgroup-0.41/src/config.c.coverity 2014-01-13 15:05:56.000000000 +0100 ++++ libcgroup-0.41/src/config.c 2014-01-13 20:52:49.854838142 +0100 +@@ -323,7 +323,7 @@ int config_group_task_perm(char *perm_ty long val = atoi(value); char buffer[CGROUP_BUFFER_LEN]; struct cgroup *config_cgroup; @@ -63,7 +21,7 @@ diff -upr libcgroup-0.40.rc1.orig/src/config.c libcgroup-0.40.rc1/src/config.c switch (flag) { case CGROUP: -@@ -357,10 +357,10 @@ int config_group_task_perm(char *perm_ty +@@ -367,10 +367,10 @@ int config_group_task_perm(char *perm_ty if (!group) goto group_task_error; @@ -76,7 +34,7 @@ diff -upr libcgroup-0.40.rc1.orig/src/config.c libcgroup-0.40.rc1/src/config.c free(group); goto group_task_error; } -@@ -426,7 +426,7 @@ int config_group_admin_perm(char *perm_t +@@ -436,7 +436,7 @@ int config_group_admin_perm(char *perm_t struct cgroup *config_cgroup; long val = atoi(value); char buffer[CGROUP_BUFFER_LEN]; @@ -85,7 +43,7 @@ diff -upr libcgroup-0.40.rc1.orig/src/config.c libcgroup-0.40.rc1/src/config.c switch (flag) { case CGROUP: -@@ -469,10 +469,10 @@ int config_group_admin_perm(char *perm_t +@@ -479,10 +479,10 @@ int config_group_admin_perm(char *perm_t if (!group) goto admin_error; @@ -98,36 +56,9 @@ diff -upr libcgroup-0.40.rc1.orig/src/config.c libcgroup-0.40.rc1/src/config.c free(group); goto admin_error; } -@@ -1576,14 +1576,14 @@ int cgroup_config_create_template_group( - /* name and controller match template found */ - /* variables substituted in template */ - strncpy(buffer, t_cgroup->name, -- FILENAME_MAX); -+ FILENAME_MAX - 1); - strncpy(t_cgroup->name, cgroup->name, -- FILENAME_MAX); -+ FILENAME_MAX - 1); - - ret = cgroup_create_cgroup(t_cgroup, flags); - - strncpy(t_cgroup->name, buffer, -- FILENAME_MAX); -+ FILENAME_MAX - 1); - if (ret) { - cgroup_dbg("creating group %s, error %d\n", - cgroup->name, ret); -@@ -1600,7 +1600,7 @@ int cgroup_config_create_template_group( - /* no template is present for given name x controller pair - * add controller to result cgroup */ - aux_cgroup = cgroup_new_cgroup(cgroup->name); -- if (ret) { -+ if (!aux_cgroup) { - ret = ECGINVAL; - fprintf(stderr, "cgroup %s can't be created\n", - cgroup->name); -diff -upr libcgroup-0.40.rc1.orig/src/daemon/cgrulesengd.c libcgroup-0.40.rc1/src/daemon/cgrulesengd.c ---- libcgroup-0.40.rc1.orig/src/daemon/cgrulesengd.c 2013-05-21 15:36:04.000000000 +0200 -+++ libcgroup-0.40.rc1/src/daemon/cgrulesengd.c 2013-08-27 18:56:41.000674181 +0200 +diff -up libcgroup-0.41/src/daemon/cgrulesengd.c.coverity libcgroup-0.41/src/daemon/cgrulesengd.c +--- libcgroup-0.41/src/daemon/cgrulesengd.c.coverity 2014-01-13 15:05:56.000000000 +0100 ++++ libcgroup-0.41/src/daemon/cgrulesengd.c 2014-01-13 20:52:49.854838142 +0100 @@ -646,7 +646,7 @@ close: static int cgre_create_netlink_socket_process_msg(void) @@ -149,3 +80,20 @@ diff -upr libcgroup-0.40.rc1.orig/src/daemon/cgrulesengd.c libcgroup-0.40.rc1/sr close(sk_unix); return rc; } +diff -upr libcgroup-0.40.rc1.orig/src/tools/lscgroup.c libcgroup-0.40.rc1/src/tools/lscgroup.c +--- libcgroup-0.40.rc1.orig/src/tools/lscgroup.c 2013-05-21 15:36:04.000000000 +0200 ++++ libcgroup-0.40.rc1/src/tools/lscgroup.c 2013-11-04 14:26:53.400473523 +0100 +@@ -97,11 +97,11 @@ static int display_controller_data(char + if (ret != 0) + return ret; + +- strncpy(cgroup_dir_path, info.full_path, FILENAME_MAX); ++ strncpy(cgroup_dir_path, info.full_path, FILENAME_MAX - 1); + /* remove problematic '/' characters from cgroup directory path*/ + trim_filepath(cgroup_dir_path); + +- strncpy(input_dir_path, input_path, FILENAME_MAX); ++ strncpy(input_dir_path, input_path, FILENAME_MAX - 1); + + /* remove problematic '/' characters from input directory path*/ + trim_filepath(input_dir_path); diff --git a/SOURCES/libcgroup-0.40.rc1-coverity2.patch b/SOURCES/libcgroup-0.40.rc1-coverity2.patch deleted file mode 100644 index 07ba52c..0000000 --- a/SOURCES/libcgroup-0.40.rc1-coverity2.patch +++ /dev/null @@ -1,17 +0,0 @@ -diff -upr libcgroup-0.40.rc1.orig/src/tools/lscgroup.c libcgroup-0.40.rc1/src/tools/lscgroup.c ---- libcgroup-0.40.rc1.orig/src/tools/lscgroup.c 2013-05-21 15:36:04.000000000 +0200 -+++ libcgroup-0.40.rc1/src/tools/lscgroup.c 2013-11-04 14:26:53.400473523 +0100 -@@ -97,11 +97,11 @@ static int display_controller_data(char - if (ret != 0) - return ret; - -- strncpy(cgroup_dir_path, info.full_path, FILENAME_MAX); -+ strncpy(cgroup_dir_path, info.full_path, FILENAME_MAX - 1); - /* remove problematic '/' characters from cgroup directory path*/ - trim_filepath(cgroup_dir_path); - -- strncpy(input_dir_path, input_path, FILENAME_MAX); -+ strncpy(input_dir_path, input_path, FILENAME_MAX - 1); - - /* remove problematic '/' characters from input directory path*/ - trim_filepath(input_dir_path); diff --git a/SOURCES/libcgroup-0.40.rc1-fread.patch b/SOURCES/libcgroup-0.40.rc1-fread.patch index 681c664..acc7eba 100644 --- a/SOURCES/libcgroup-0.40.rc1-fread.patch +++ b/SOURCES/libcgroup-0.40.rc1-fread.patch @@ -1,7 +1,7 @@ -diff -upr libcgroup-0.40.rc1.orig/src/api.c libcgroup-0.40.rc1/src/api.c ---- libcgroup-0.40.rc1.orig/src/api.c 2013-09-16 10:34:32.542272000 +0200 -+++ libcgroup-0.40.rc1/src/api.c 2013-09-13 16:07:10.000000000 +0200 -@@ -2237,29 +2237,29 @@ static int cg_rd_ctrl_file(const char *s +diff -up libcgroup-0.41/src/api.c.fread libcgroup-0.41/src/api.c +--- libcgroup-0.41/src/api.c.fread 2014-01-13 21:01:32.067067615 +0100 ++++ libcgroup-0.41/src/api.c 2014-01-13 21:01:32.070067594 +0100 +@@ -2232,29 +2232,29 @@ static int cg_rd_ctrl_file(const char *s const char *file, char **value) { char path[FILENAME_MAX]; @@ -38,7 +38,7 @@ diff -upr libcgroup-0.40.rc1.orig/src/api.c libcgroup-0.40.rc1/src/api.c if (ret < 0) { free(*value); *value = NULL; -@@ -2269,7 +2269,7 @@ static int cg_rd_ctrl_file(const char *s +@@ -2264,7 +2264,7 @@ static int cg_rd_ctrl_file(const char *s (*value)[ret-1] = '\0'; } diff --git a/SOURCES/libcgroup-0.40.rc1-restorecon.patch b/SOURCES/libcgroup-0.40.rc1-restorecon.patch deleted file mode 100644 index 7f9f079..0000000 --- a/SOURCES/libcgroup-0.40.rc1-restorecon.patch +++ /dev/null @@ -1,11 +0,0 @@ -diff -upr libcgroup-0.40.rc1.orig/scripts/init.d/cgred.in libcgroup-0.40.rc1/scripts/init.d/cgred.in ---- libcgroup-0.40.rc1.orig/scripts/init.d/cgred.in 2013-08-27 19:52:21.205846000 +0200 -+++ libcgroup-0.40.rc1/scripts/init.d/cgred.in 2013-08-27 19:55:12.713484281 +0200 -@@ -97,6 +97,7 @@ start() - return 1 - fi - echo "`pidof $processname`" > $pidfile -+ [[ -x /sbin/restorecon ]] && /sbin/restorecon $pidfile - return 0 - } - diff --git a/SOURCES/libcgroup-0.40.rc1-templates-fix.patch b/SOURCES/libcgroup-0.40.rc1-templates-fix.patch index 2199cf6..50e9aea 100644 --- a/SOURCES/libcgroup-0.40.rc1-templates-fix.patch +++ b/SOURCES/libcgroup-0.40.rc1-templates-fix.patch @@ -1,46 +1,11 @@ -diff -upr libcgroup-0.40.rc1.orig/src/api.c libcgroup-0.40.rc1/src/api.c ---- libcgroup-0.40.rc1.orig/src/api.c 2013-09-26 17:48:57.997535000 +0200 -+++ libcgroup-0.40.rc1/src/api.c 2013-09-27 13:36:41.617642596 +0200 -@@ -2948,11 +2948,11 @@ int cgroup_change_cgroup_flags(uid_t uid - available = FILENAME_MAX - j - 2; - /* Substitution */ - switch(tmp->destination[++i]) { -- case 'u': -+ case 'U': - written = snprintf(newdest+j, available, - "%d", uid); - break; -- case 'U': -+ case 'u': - user_info = getpwuid(uid); - if(user_info) { - written = snprintf(newdest + j, -@@ -2963,11 +2963,11 @@ int cgroup_change_cgroup_flags(uid_t uid - available, "%d", uid); - } - break; -- case 'g': -+ case 'G': - written = snprintf(newdest + j, - available, "%d", gid); - break; -- case 'G': -+ case 'g': - group_info = getgrgid(gid); - if(group_info) { - written = snprintf(newdest + j, -@@ -2978,15 +2978,15 @@ int cgroup_change_cgroup_flags(uid_t uid - available, "%d", gid); - } - break; -- case 'p': -+ case 'P': - written = snprintf(newdest + j, +diff -up libcgroup-0.41/src/api.c.templates-fix libcgroup-0.41/src/api.c +--- libcgroup-0.41/src/api.c.templates-fix 2014-01-13 21:04:36.933747000 +0100 ++++ libcgroup-0.41/src/api.c 2014-01-13 21:16:44.478580105 +0100 +@@ -2974,10 +2974,10 @@ int cgroup_change_cgroup_flags(uid_t uid available, "%d", pid); break; -- case 'P': + case 'p': - if(procname) { -+ case 'p': + if(procname && strlen(basename(procname))) { written = snprintf(newdest + j, available, "%s", diff --git a/SOURCES/libcgroup-0.40.rc1-valgrind.patch b/SOURCES/libcgroup-0.40.rc1-valgrind.patch deleted file mode 100644 index a46ca0c..0000000 --- a/SOURCES/libcgroup-0.40.rc1-valgrind.patch +++ /dev/null @@ -1,42 +0,0 @@ -diff -up libcgroup-0.40.rc1/src/api.c.valgrind libcgroup-0.40.rc1/src/api.c ---- libcgroup-0.40.rc1/src/api.c.valgrind 2013-10-17 15:47:31.474927679 +0200 -+++ libcgroup-0.40.rc1/src/api.c 2013-10-17 15:47:31.475927672 +0200 -@@ -3144,6 +3144,8 @@ int cgroup_change_all_cgroups(void) - procname, pid, CGFLAG_USECACHE); - if (err) - cgroup_dbg("cgroup change pid %i failed\n", pid); -+ -+ free(procname); - } - - closedir(dir); -diff -up libcgroup-0.40.rc1/src/config.c.valgrind libcgroup-0.40.rc1/src/config.c ---- libcgroup-0.40.rc1/src/config.c.valgrind 2013-10-17 15:47:31.470927000 +0200 -+++ libcgroup-0.40.rc1/src/config.c 2013-10-25 14:12:37.604648251 +0200 -@@ -1460,7 +1460,7 @@ int cgroup_reload_cached_templates(char - } - template_table_index = 0; - -- if (config_template_table_index != 0) { -+ if ((config_template_table_index != 0) || (config_table_index != 0)) { - /* config template structures have to be free as well*/ - cgroup_free_config(); - } -@@ -1498,7 +1498,16 @@ int cgroup_init_templates_cache(char *pa - int ret = 0; - int i; - -- if (config_template_table_index != 0) { -+ if (template_table) { -+ /* template structures have to be free */ -+ for (i = 0; i < template_table_index; i++) -+ cgroup_free_controllers(&template_table[i]); -+ free(template_table); -+ template_table = NULL; -+ } -+ template_table_index = 0; -+ -+ if ((config_template_table_index != 0) || (config_table_index != 0)) { - /* config structures have to be clean */ - cgroup_free_config(); - } diff --git a/SOURCES/libcgroup-0.41-runlibcgrouptest-systemd-fix.patch b/SOURCES/libcgroup-0.41-runlibcgrouptest-systemd-fix.patch new file mode 100644 index 0000000..be93749 --- /dev/null +++ b/SOURCES/libcgroup-0.41-runlibcgrouptest-systemd-fix.patch @@ -0,0 +1,39 @@ +From 92597b479aeb46c6dc630353de16328c365ff083 Mon Sep 17 00:00:00 2001 +From: jchaloup +Date: Fri, 14 Feb 2014 10:29:33 +0100 +Subject: [PATCH] runlibcgrouptest script updated to ignore systemd + +--- + tests/runlibcgrouptest.sh | 2 +- + tests/runlibcgrouptest.sh.in | 2 +- + 2 files changed, 2 insertions(+), 2 deletions(-) + +diff --git a/tests/runlibcgrouptest.sh b/tests/runlibcgrouptest.sh +index 221729c..605f045 100644 +--- a/tests/runlibcgrouptest.sh ++++ b/tests/runlibcgrouptest.sh +@@ -48,7 +48,7 @@ debug() + check_mount_fs () + { + local NUM_MOUNT=0; +- CGROUP=`cat /proc/mounts|grep -w ^cgroup|tr -s [:space:]|cut -d" " -f3`; ++ CGROUP=`cat /proc/mounts|grep -w ^cgroup|grep -v systemd|tr -s [:space:]|cut -d" " -f3`; + + # get first word in case of multiple mounts + CGROUP=`echo $CGROUP|cut -d" " -f1`; +diff --git a/tests/runlibcgrouptest.sh.in b/tests/runlibcgrouptest.sh.in +index 119addd..8a57881 100755 +--- a/tests/runlibcgrouptest.sh.in ++++ b/tests/runlibcgrouptest.sh.in +@@ -48,7 +48,7 @@ debug() + check_mount_fs () + { + local NUM_MOUNT=0; +- CGROUP=`cat /proc/mounts|grep -w ^cgroup|tr -s [:space:]|cut -d" " -f3`; ++ CGROUP=`cat /proc/mounts|grep -w ^cgroup|grep -v systemd|tr -s [:space:]|cut -d" " -f3`; + + # get first word in case of multiple mounts + CGROUP=`echo $CGROUP|cut -d" " -f1`; +-- +1.8.5.3 + diff --git a/SPECS/libcgroup.spec b/SPECS/libcgroup.spec index 89e242e..c0f8c1b 100644 --- a/SPECS/libcgroup.spec +++ b/SPECS/libcgroup.spec @@ -1,31 +1,25 @@ %global soversion_major 1 -%global soversion 1.0.40 +%global soversion 1.0.41 %global _hardened_build 1 Summary: Library to control and monitor control groups Name: libcgroup -Version: 0.40 -Release: 0.rc1.3%{?dist} +Version: 0.41 +Release: 6%{?dist} License: LGPLv2+ Group: Development/Libraries URL: http://libcg.sourceforge.net/ -Source0: http://downloads.sourceforge.net/libcg/%{name}-%{version}.rc1.tar.bz2 +Source0: http://downloads.sourceforge.net/libcg/%{name}-%{version}.tar.bz2 Source1: cgconfig.service +Source2: cgred.service +Source3: cgred.sysconfig -Patch0: fedora-config.patch -Patch1: libcgroup-0.37-pam_cgroup.patch -Patch2: libcgroup-0.37-cgred-empty-config.patch -Patch3: libcgroup-0.37-chmod.patch -Patch4: libcgroup-0.40.rc1-coverity.patch -Patch5: libcgroup-0.40.rc1-restorecon.patch -Patch6: libcgroup-0.40.rc1-cgred-order.patch -Patch7: libcgroup-0.40.rc1-cast-and-typo.patch -Patch8: libcgroup-0.40.rc1-config-table.patch -Patch9: libcgroup-0.40.rc1-fread.patch -Patch10: libcgroup-0.40.rc1-change-all-cgroups-cache.patch -Patch11: libcgroup-0.40.rc1-templates-fix.patch -Patch12: libcgroup-0.40.rc1-valgrind.patch -Patch13: libcgroup-0.40.rc1-coverity2.patch +Patch0: fedora-config.patch +Patch1: libcgroup-0.37-chmod.patch +Patch2: libcgroup-0.40.rc1-coverity.patch +Patch3: libcgroup-0.40.rc1-fread.patch +Patch4: libcgroup-0.40.rc1-templates-fix.patch +Patch5: libcgroup-0.41-runlibcgrouptest-systemd-fix.patch BuildRequires: byacc, coreutils, flex, pam-devel, systemd Requires(pre): shadow-utils @@ -66,26 +60,18 @@ future allow creation of persistent configuration for control groups and provide scripts to manage that configuration. %prep -%setup -q -n %{name}-%{version}.rc1 -%patch0 -p1 -b .config-patch -%patch1 -p1 -b .flags -%patch2 -p1 -b .empty-config -%patch3 -p1 -b .chmod -%patch4 -p1 -b .coverity -%patch5 -p1 -b .restorecon -%patch6 -p1 -b .cgred-order -%patch7 -p1 -b .cast-and-typo -%patch8 -p1 -b .config-table -%patch9 -p1 -b .fread -%patch10 -p1 -b .change-all-cache -%patch11 -p1 -b .templates-fix -%patch12 -p1 -b .valgrind -%patch13 -p1 -b .coverity2 +%setup -q -n %{name}-%{version} +%patch0 -p1 -b .config-patch +%patch1 -p1 -b .chmod +%patch2 -p1 -b .coverity +%patch3 -p1 -b .fread +%patch4 -p1 -b .templates-fix +%patch5 -p1 -b .runlibcgrouptest-systemd-fix %build %configure --enable-pam-module-dir=%{_libdir}/security \ - --enable-opaque-hierarchy="name=systemd" \ - --disable-daemon + --enable-opaque-hierarchy="name=systemd" +# --disable-daemon make %{?_smp_mflags} %install @@ -94,6 +80,7 @@ make DESTDIR=$RPM_BUILD_ROOT install # install config files install -d ${RPM_BUILD_ROOT}%{_sysconfdir} install -m 644 samples/cgconfig.conf $RPM_BUILD_ROOT/%{_sysconfdir}/cgconfig.conf +install -m 644 samples/cgrules.conf $RPM_BUILD_ROOT/%{_sysconfdir}/cgrules.conf install -m 644 samples/cgsnapshot_blacklist.conf $RPM_BUILD_ROOT/%{_sysconfdir}/cgsnapshot_blacklist.conf # sanitize pam module, we need only pam_cgroup.so @@ -102,14 +89,12 @@ rm -f $RPM_BUILD_ROOT%{_libdir}/security/pam_cgroup.la $RPM_BUILD_ROOT/%{_libdir rm -f $RPM_BUILD_ROOT/%{_libdir}/*.la -rm -f $RPM_BUILD_ROOT/%{_mandir}/man5/cgred.conf.5* -rm -f $RPM_BUILD_ROOT/%{_mandir}/man5/cgrules.conf.5* -rm -f $RPM_BUILD_ROOT/%{_mandir}/man8/cgrulesengd.8* - # install unit and sysconfig files install -d ${RPM_BUILD_ROOT}%{_unitdir} install -m 644 %SOURCE1 ${RPM_BUILD_ROOT}%{_unitdir}/ +install -m 644 %SOURCE2 ${RPM_BUILD_ROOT}%{_unitdir}/ install -d ${RPM_BUILD_ROOT}%{_sysconfdir}/sysconfig +install -m 644 %SOURCE3 ${RPM_BUILD_ROOT}%{_sysconfdir}/sysconfig/cgred %pre getent group cgred >/dev/null || groupadd -r cgred @@ -118,24 +103,47 @@ getent group cgred >/dev/null || groupadd -r cgred %postun -p /sbin/ldconfig +%pre tools +getent group cgred >/dev/null || groupadd -r cgred + %post tools -%systemd_post cgconfig.service +if [ $1 -eq 1 ] ; then + # Initial installation + /bin/systemctl daemon-reload >/dev/null 2>&1 || : +fi +%systemd_post cgconfig.service cgred.service %preun tools -%systemd_preun cgconfig.service +if [ $1 -eq 0 ] ; then + # Package removal, not upgrade + /bin/systemctl --no-reload disable cgconfig.service > /dev/null 2>&1 || : + /bin/systemctl stop cgconfig.service > /dev/null 2>&1 || : + /bin/systemctl --no-reload disable cgred.service > /dev/null 2>&1 || : + /bin/systemctl stop cgred.service > /dev/null 2>&1 || : +fi +%systemd_preun cgconfig.service cgred.service %postun tools -%systemd_postun_with_restart cgconfig.service +/bin/systemctl daemon-reload >/dev/null 2>&1 || : +if [ $1 -ge 1 ] ; then + # Package upgrade, not uninstall + /bin/systemctl try-restart cgconfig.service >/dev/null 2>&1 || : + /bin/systemctl try-restart cgred.service >/dev/null 2>&1 || : +fi +%systemd_postun_with_restart cgconfig.service cgred.service %triggerun -- libcgroup < 0.38 # Save the current service runlevel info -# User must manually run systemd-sysv-convert --apply cgconfig +# User must manually run systemd-sysv-convert --apply cgconfig/cgred # to migrate them to systemd targets /usr/bin/systemd-sysv-convert --save cgconfig >/dev/null 2>&1 ||: +/usr/bin/systemd-sysv-convert --save cgred >/dev/null 2>&1 ||: # Run these because the SysV package being removed won't do them /sbin/chkconfig --del cgconfig >/dev/null 2>&1 || : /bin/systemctl try-restart cgconfig.service >/dev/null 2>&1 || : +/sbin/chkconfig --del cgred >/dev/null 2>&1 || : +/bin/systemctl try-restart cgred.service >/dev/null 2>&1 || : %files %doc COPYING README @@ -144,7 +152,9 @@ getent group cgred >/dev/null || groupadd -r cgred %files tools %doc COPYING README README_systemd %config(noreplace) %{_sysconfdir}/cgconfig.conf +%config(noreplace) %{_sysconfdir}/cgrules.conf %config(noreplace) %{_sysconfdir}/cgsnapshot_blacklist.conf +%config(noreplace) %{_sysconfdir}/sysconfig/cgred /usr/bin/cgcreate /usr/bin/cgget /usr/bin/cgset @@ -152,6 +162,7 @@ getent group cgred >/dev/null || groupadd -r cgred /usr/bin/lscgroup /usr/bin/lssubsys /usr/sbin/cgconfigparser +/usr/sbin/cgrulesengd /usr/sbin/cgclear /usr/bin/cgsnapshot %attr(2755, root, cgred) /usr/bin/cgexec @@ -160,6 +171,7 @@ getent group cgred >/dev/null || groupadd -r cgred %attr(0644, root, root) %{_mandir}/man5/* %attr(0644, root, root) %{_mandir}/man8/* %{_unitdir}/cgconfig.service +%{_unitdir}/cgred.service %files pam %doc COPYING README @@ -173,6 +185,32 @@ getent group cgred >/dev/null || groupadd -r cgred %{_libdir}/pkgconfig/libcgroup.pc %changelog +* Tue Mar 04 2014 jchaloup - 0.41-6 +- related: #1016810 + specfile corrected, make was not fired + +* Tue Feb 25 2014 jchaloup - 0.41-5 +- related: #1016810 + missing man pages for cgrulesengd, cgred.conf, cgrule.conf added + +* Mon Feb 24 2014 jchaloup - 0.41-4 +- related: #1016810 + cgrulesengd returned + +* Fri Feb 14 2014 jchaloup - 0.41-3 +- related: #1052471 + runlibcgrouptest fix, ignore systemd mount + +* Fri Jan 24 2014 Daniel Mach - 0.41-2 +- Mass rebuild 2014-01-24 + +* Tue Jan 14 2014 Peter Schiffer 0.41-1 +- resolves: #1052471 + updated to 0.41 + +* Fri Dec 27 2013 Daniel Mach - 0.40-1.rc1.3 +- Mass rebuild 2013-12-27 + * Mon Nov 4 2013 Peter Schiffer 0.40-0.rc1.3 - related: #819568 fixed some coverity findings