diff --git a/SOURCES/0258-run-synchronously-wait-until-the-scope-unit-we-creat.patch b/SOURCES/0258-run-synchronously-wait-until-the-scope-unit-we-creat.patch new file mode 100644 index 0000000..125a175 --- /dev/null +++ b/SOURCES/0258-run-synchronously-wait-until-the-scope-unit-we-creat.patch @@ -0,0 +1,154 @@ +From 18d515aeb3a2007fa0a762b9b9658f489d4b403d Mon Sep 17 00:00:00 2001 +From: Lennart Poettering +Date: Tue, 28 Apr 2015 12:21:31 +0200 +Subject: [PATCH] run: synchronously wait until the scope unit we create is + started + +Otherwise it might happen that by the time PID 1 adds our process to the +scope unit the process might already have died, if the process is +short-running (such as an invocation to /bin/true). + +https://bugs.freedesktop.org/show_bug.cgi?id=86520 + +Cherry-picked from: de158ed22db60e3a6654557fa4aa72f7248550af +Resolves: #1283192 +--- + src/libsystemd/sd-bus/bus-util.c | 10 ++++++++++ + src/libsystemd/sd-bus/bus-util.h | 1 + + src/run/run.c | 42 +++++++++++++++++++++++++++++++++------- + 3 files changed, 46 insertions(+), 7 deletions(-) + +diff --git a/src/libsystemd/sd-bus/bus-util.c b/src/libsystemd/sd-bus/bus-util.c +index e48abf5..6d56150 100644 +--- a/src/libsystemd/sd-bus/bus-util.c ++++ b/src/libsystemd/sd-bus/bus-util.c +@@ -1854,6 +1854,16 @@ int bus_wait_for_jobs_add(BusWaitForJobs *d, const char *path) { + return set_put_strdup(d->jobs, path); + } + ++int bus_wait_for_jobs_one(BusWaitForJobs *d, const char *path, bool quiet) { ++ int r; ++ ++ r = bus_wait_for_jobs_add(d, path); ++ if (r < 0) ++ return log_oom(); ++ ++ return bus_wait_for_jobs(d, quiet); ++} ++ + int bus_deserialize_and_dump_unit_file_changes(sd_bus_message *m, bool quiet, UnitFileChange **changes, unsigned *n_changes) { + const char *type, *path, *source; + int r; +diff --git a/src/libsystemd/sd-bus/bus-util.h b/src/libsystemd/sd-bus/bus-util.h +index 21db982..8c8846c 100644 +--- a/src/libsystemd/sd-bus/bus-util.h ++++ b/src/libsystemd/sd-bus/bus-util.h +@@ -209,6 +209,7 @@ int bus_wait_for_jobs_new(sd_bus *bus, BusWaitForJobs **ret); + void bus_wait_for_jobs_free(BusWaitForJobs *d); + int bus_wait_for_jobs_add(BusWaitForJobs *d, const char *path); + int bus_wait_for_jobs(BusWaitForJobs *d, bool quiet); ++int bus_wait_for_jobs_one(BusWaitForJobs *d, const char *path, bool quiet); + + DEFINE_TRIVIAL_CLEANUP_FUNC(BusWaitForJobs*, bus_wait_for_jobs_free); + +diff --git a/src/run/run.c b/src/run/run.c +index 0e5bde2..dd1338f 100644 +--- a/src/run/run.c ++++ b/src/run/run.c +@@ -806,14 +806,20 @@ static int start_transient_scope( + char **argv) { + + _cleanup_bus_error_free_ sd_bus_error error = SD_BUS_ERROR_NULL; ++ _cleanup_bus_message_unref_ sd_bus_message *m = NULL, *reply = NULL; ++ _cleanup_(bus_wait_for_jobs_freep) BusWaitForJobs *w = NULL; + _cleanup_strv_free_ char **env = NULL, **user_env = NULL; +- _cleanup_bus_message_unref_ sd_bus_message *m = NULL; + _cleanup_free_ char *scope = NULL; ++ const char *object = NULL; + int r; + + assert(bus); + assert(argv); + ++ r = bus_wait_for_jobs_new(bus, &w); ++ if (r < 0) ++ return log_oom(); ++ + if (arg_unit) { + scope = unit_name_mangle_with_suffix(arg_unit, MANGLE_NOGLOB, ".scope"); + if (!scope) +@@ -854,7 +860,7 @@ static int start_transient_scope( + if (r < 0) + return bus_log_create_error(r); + +- r = sd_bus_call(bus, m, 0, &error, NULL); ++ r = sd_bus_call(bus, m, 0, &error, &reply); + if (r < 0) { + log_error("Failed to start transient scope unit: %s", bus_error_message(&error, -r)); + return r; +@@ -914,8 +920,16 @@ static int start_transient_scope( + if (!env) + return log_oom(); + ++ r = sd_bus_message_read(reply, "o", &object); ++ if (r < 0) ++ return bus_log_parse_error(r); ++ ++ r = bus_wait_for_jobs_one(w, object, arg_quiet); ++ if (r < 0) ++ return r; ++ + if (!arg_quiet) +- log_info("Running as unit %s.", scope); ++ log_info("Running scope as unit %s.", scope); + + execvpe(argv[0], argv, env); + +@@ -927,13 +941,19 @@ static int start_transient_timer( + char **argv) { + + _cleanup_bus_error_free_ sd_bus_error error = SD_BUS_ERROR_NULL; +- _cleanup_bus_message_unref_ sd_bus_message *m = NULL; ++ _cleanup_bus_message_unref_ sd_bus_message *m = NULL, *reply = NULL; ++ _cleanup_(bus_wait_for_jobs_freep) BusWaitForJobs *w = NULL; + _cleanup_free_ char *timer = NULL, *service = NULL; ++ const char *object = NULL; + int r; + + assert(bus); + assert(argv); + ++ r = bus_wait_for_jobs_new(bus, &w); ++ if (r < 0) ++ return log_oom(); ++ + if (arg_unit) { + switch(unit_name_to_type(arg_unit)) { + +@@ -1034,15 +1054,23 @@ static int start_transient_timer( + if (r < 0) + return bus_log_create_error(r); + +- r = sd_bus_call(bus, m, 0, &error, NULL); ++ r = sd_bus_call(bus, m, 0, &error, &reply); + if (r < 0) { + log_error("Failed to start transient timer unit: %s", bus_error_message(&error, -r)); + return r; + } + +- log_info("Running as unit %s.", timer); ++ r = sd_bus_message_read(reply, "o", &object); ++ if (r < 0) ++ return bus_log_parse_error(r); ++ ++ r = bus_wait_for_jobs_one(w, object, arg_quiet); ++ if (r < 0) ++ return r; ++ ++ log_info("Running timer as unit %s.", timer); + if (argv[0]) +- log_info("Will run as unit %s.", service); ++ log_info("Will run service as unit %s.", service); + + return 0; + } diff --git a/SOURCES/0259-device-rework-how-we-enter-tentative-state.patch b/SOURCES/0259-device-rework-how-we-enter-tentative-state.patch new file mode 100644 index 0000000..5d3e8d6 --- /dev/null +++ b/SOURCES/0259-device-rework-how-we-enter-tentative-state.patch @@ -0,0 +1,158 @@ +From 960ea6ae7a9e2aca3594318ab893f7d5383e46b6 Mon Sep 17 00:00:00 2001 +From: Lennart Poettering +Date: Fri, 24 Apr 2015 12:29:05 +0200 +Subject: [PATCH] device: rework how we enter tentative state + +This reworks how we enter tentative state and does so only when a device +was previously not announced via udev. The previous check actually just +checked whether a new state bit was set, which is not correct. + +Also, to be able to reliably maintain the tentative state across daemon +reloads, we need to serialize and deserialize it. + +Cherry-picked from: f62009410 +Resolves: #1283579 +--- + src/core/device.c | 79 +++++++++++++++++++++++++++++++++++++++++++++++-------- + src/core/device.h | 2 +- + 2 files changed, 69 insertions(+), 12 deletions(-) + +diff --git a/src/core/device.c b/src/core/device.c +index cc4ebd2..8a6855d 100644 +--- a/src/core/device.c ++++ b/src/core/device.c +@@ -151,14 +151,47 @@ static int device_coldplug(Unit *u, Hashmap *deferred_work) { + if (d->found & DEVICE_FOUND_UDEV) + /* If udev says the device is around, it's around */ + device_set_state(d, DEVICE_PLUGGED); +- else if (d->found != DEVICE_NOT_FOUND) ++ else if (d->found != DEVICE_NOT_FOUND && d->deserialized_state != DEVICE_PLUGGED) + /* If a device is found in /proc/self/mountinfo or +- * /proc/swaps, it's "tentatively" around. */ ++ * /proc/swaps, and was not yet announced via udev, ++ * it's "tentatively" around. */ + device_set_state(d, DEVICE_TENTATIVE); + + return 0; + } + ++static int device_serialize(Unit *u, FILE *f, FDSet *fds) { ++ Device *d = DEVICE(u); ++ ++ assert(u); ++ assert(f); ++ assert(fds); ++ ++ unit_serialize_item(u, f, "state", device_state_to_string(d->state)); ++} ++ ++static int device_deserialize_item(Unit *u, const char *key, const char *value, FDSet *fds) { ++ Device *d = DEVICE(u); ++ ++ assert(u); ++ assert(key); ++ assert(value); ++ assert(fds); ++ ++ if (streq(key, "state")) { ++ DeviceState state; ++ ++ state = device_state_from_string(value); ++ if (state < 0) ++ log_unit_debug(u->id, "Failed to parse state value %s", value); ++ else ++ d->deserialized_state = state; ++ } else ++ log_unit_debug(u->id, "Unknown serialization key '%s'", key); ++ ++ return 0; ++} ++ + static void device_dump(Unit *u, FILE *f, const char *prefix) { + Device *d = DEVICE(u); + +@@ -408,7 +441,7 @@ static int device_process_new(Manager *m, struct udev_device *dev) { + } + + static void device_update_found_one(Device *d, bool add, DeviceFound found, bool now) { +- DeviceFound n; ++ DeviceFound n, previous; + + assert(d); + +@@ -416,16 +449,27 @@ static void device_update_found_one(Device *d, bool add, DeviceFound found, bool + if (n == d->found) + return; + ++ previous = d->found; + d->found = n; + +- if (now) { +- if (d->found & DEVICE_FOUND_UDEV) +- device_set_state(d, DEVICE_PLUGGED); +- else if (add && d->found != DEVICE_NOT_FOUND) +- device_set_state(d, DEVICE_TENTATIVE); +- else +- device_set_state(d, DEVICE_DEAD); +- } ++ if (!now) ++ return; ++ ++ if (d->found & DEVICE_FOUND_UDEV) ++ /* When the device is known to udev we consider it ++ * plugged. */ ++ device_set_state(d, DEVICE_PLUGGED); ++ else if (d->found != DEVICE_NOT_FOUND && (previous & DEVICE_FOUND_UDEV) == 0) ++ /* If the device has not been seen by udev yet, but is ++ * now referenced by the kernel, then we assume the ++ * kernel knows it now, and udev might soon too. */ ++ device_set_state(d, DEVICE_TENTATIVE); ++ else ++ /* If nobody sees the device, or if the device was ++ * previously seen by udev and now is only referenced ++ * from the kernel, then we consider the device is ++ * gone, the kernel just hasn't noticed it yet. */ ++ device_set_state(d, DEVICE_DEAD); + } + + static int device_update_found_by_sysfs(Manager *m, const char *sysfs, bool add, DeviceFound found, bool now) { +@@ -735,6 +779,16 @@ int device_found_node(Manager *m, const char *node, bool add, DeviceFound found, + if (!path_startswith(node, "/dev")) + return 0; + ++ /* We make an extra check here, if the device node ++ * actually exists. If it's missing, then this is an ++ * indication that device was unplugged but is still ++ * referenced in /proc/swaps or ++ * /proc/self/mountinfo. Note that this check doesn't ++ * really cover all cases where a device might be gone ++ * away, since drives that can have a medium inserted ++ * will still have a device node even when the medium ++ * is not there... */ ++ + if (stat(node, &st) < 0) { + if (errno == ENOENT) + return 0; +@@ -788,6 +842,9 @@ const UnitVTable device_vtable = { + + .coldplug = device_coldplug, + ++ .serialize = device_serialize, ++ .deserialize_item = device_deserialize_item, ++ + .dump = device_dump, + + .active_state = device_active_state, +diff --git a/src/core/device.h b/src/core/device.h +index 0609b20..6724ab2 100644 +--- a/src/core/device.h ++++ b/src/core/device.h +@@ -53,7 +53,7 @@ struct Device { + devices for the same sysfs path. We chain them up here. */ + LIST_FIELDS(struct Device, same_sysfs); + +- DeviceState state; ++ DeviceState state, deserialized_state; + }; + + extern const UnitVTable device_vtable; diff --git a/SOURCES/0260-core-Do-not-bind-a-mount-unit-to-a-device-if-it-was-.patch b/SOURCES/0260-core-Do-not-bind-a-mount-unit-to-a-device-if-it-was-.patch new file mode 100644 index 0000000..ac334ba --- /dev/null +++ b/SOURCES/0260-core-Do-not-bind-a-mount-unit-to-a-device-if-it-was-.patch @@ -0,0 +1,127 @@ +From c81de449d57bc563be7b4d4d53d07de28adcaa9b Mon Sep 17 00:00:00 2001 +From: Harald Hoyer +Date: Tue, 24 Nov 2015 09:41:26 +0100 +Subject: [PATCH] core: Do not bind a mount unit to a device, if it was from + mountinfo + +If a mount unit is bound to a device, systemd tries to umount the +mount point, if it thinks the device has gone away. + +Due to the uevent queue and inotify of /proc/self/mountinfo being two +different sources, systemd can never get the ordering reliably correct. + +It can happen, that in the uevent queue ADD,REMOVE,ADD is queued +and an inotify of mountinfo (or libmount event) happend with the +device in question. + +systemd cannot know, at which point of time the mount happend in the +ADD,REMOVE,ADD sequence. + +The real ordering might have been ADD,REMOVE,ADD,mount +and systemd might think ADD,mount,REMOVE,ADD and would umount the +mountpoint. + +A test script which triggered this behaviour is: +rm -f test-efi-disk.img +dd if=/dev/null of=test-efi-disk.img bs=1M seek=512 count=1 +parted --script test-efi-disk.img \ + "mklabel gpt" \ + "mkpart ESP fat32 1MiB 511MiB" \ + "set 1 boot on" +LOOP=$(losetup --show -f -P test-efi-disk.img) +udevadm settle +mkfs.vfat -F32 ${LOOP}p1 +mkdir -p mnt +mount ${LOOP}p1 mnt +... + +Without the "udevadm settle" systemd unmounted mnt while the script was +operating on mnt. + +Of course the question is, why there was a REMOVE in the first place, +but this is not part of this patch. + +Cherry-picked from: 9d06297e262966de71095debd1537fc223f940a3 +Resolves: #1283579 +--- + src/core/mount.c | 2 +- + src/core/socket.c | 2 +- + src/core/swap.c | 2 +- + src/core/unit.c | 4 ++-- + src/core/unit.h | 2 +- + 5 files changed, 6 insertions(+), 6 deletions(-) + +diff --git a/src/core/mount.c b/src/core/mount.c +index 1f1a41a..23f63ce 100644 +--- a/src/core/mount.c ++++ b/src/core/mount.c +@@ -321,7 +321,7 @@ static int mount_add_device_links(Mount *m) { + if (mount_is_auto(p) && UNIT(m)->manager->running_as == SYSTEMD_SYSTEM) + device_wants_mount = true; + +- r = unit_add_node_link(UNIT(m), p->what, device_wants_mount); ++ r = unit_add_node_link(UNIT(m), p->what, device_wants_mount, m->from_fragment ? UNIT_BINDS_TO : UNIT_REQUIRES); + if (r < 0) + return r; + +diff --git a/src/core/socket.c b/src/core/socket.c +index 7022e77..bc677a2 100644 +--- a/src/core/socket.c ++++ b/src/core/socket.c +@@ -267,7 +267,7 @@ static int socket_add_device_link(Socket *s) { + return 0; + + t = strjoina("/sys/subsystem/net/devices/", s->bind_to_device); +- return unit_add_node_link(UNIT(s), t, false); ++ return unit_add_node_link(UNIT(s), t, false, UNIT_BINDS_TO); + } + + static int socket_add_default_dependencies(Socket *s) { +diff --git a/src/core/swap.c b/src/core/swap.c +index 369abf0..34a2c40 100644 +--- a/src/core/swap.c ++++ b/src/core/swap.c +@@ -201,7 +201,7 @@ static int swap_add_device_links(Swap *s) { + return 0; + + if (is_device_path(s->what)) +- return unit_add_node_link(UNIT(s), s->what, UNIT(s)->manager->running_as == SYSTEMD_SYSTEM); ++ return unit_add_node_link(UNIT(s), s->what, UNIT(s)->manager->running_as == SYSTEMD_SYSTEM, UNIT_BINDS_TO); + else + /* File based swap devices need to be ordered after + * systemd-remount-fs.service, since they might need a +diff --git a/src/core/unit.c b/src/core/unit.c +index fa17567..ae47a28 100644 +--- a/src/core/unit.c ++++ b/src/core/unit.c +@@ -2823,7 +2823,7 @@ int unit_deserialize(Unit *u, FILE *f, FDSet *fds) { + } + } + +-int unit_add_node_link(Unit *u, const char *what, bool wants) { ++int unit_add_node_link(Unit *u, const char *what, bool wants, UnitDependency dep) { + Unit *device; + _cleanup_free_ char *e = NULL; + int r; +@@ -2850,7 +2850,7 @@ int unit_add_node_link(Unit *u, const char *what, bool wants) { + if (r < 0) + return r; + +- r = unit_add_two_dependencies(u, UNIT_AFTER, u->manager->running_as == SYSTEMD_SYSTEM ? UNIT_BINDS_TO : UNIT_WANTS, device, true); ++ r = unit_add_two_dependencies(u, UNIT_AFTER, u->manager->running_as == SYSTEMD_SYSTEM ? dep : UNIT_WANTS, device, true); + if (r < 0) + return r; + +diff --git a/src/core/unit.h b/src/core/unit.h +index 7ebc489..0eebc0b 100644 +--- a/src/core/unit.h ++++ b/src/core/unit.h +@@ -548,7 +548,7 @@ void unit_serialize_item_format(Unit *u, FILE *f, const char *key, const char *v + void unit_serialize_item(Unit *u, FILE *f, const char *key, const char *value); + int unit_deserialize(Unit *u, FILE *f, FDSet *fds); + +-int unit_add_node_link(Unit *u, const char *what, bool wants); ++int unit_add_node_link(Unit *u, const char *what, bool wants, UnitDependency d); + + int unit_coldplug(Unit *u, Hashmap *deferred_work); + diff --git a/SOURCES/0261-logind-set-RemoveIPC-no-by-default.patch b/SOURCES/0261-logind-set-RemoveIPC-no-by-default.patch new file mode 100644 index 0000000..1094ebd --- /dev/null +++ b/SOURCES/0261-logind-set-RemoveIPC-no-by-default.patch @@ -0,0 +1,36 @@ +From b4d12e023a1418e850ec96616739e7be1d71c4f5 Mon Sep 17 00:00:00 2001 +From: Lukas Nykryn +Date: Thu, 26 Nov 2015 14:14:55 +0100 +Subject: [PATCH] logind: set RemoveIPC=no by default + +RHEL-only + +Resolves: #1284588 +--- + src/login/logind.c | 2 +- + src/login/logind.conf | 2 +- + 2 files changed, 2 insertions(+), 2 deletions(-) + +diff --git a/src/login/logind.c b/src/login/logind.c +index b44f376..3afbf34 100644 +--- a/src/login/logind.c ++++ b/src/login/logind.c +@@ -49,7 +49,7 @@ Manager *manager_new(void) { + + m->n_autovts = 6; + m->reserve_vt = 6; +- m->remove_ipc = true; ++ m->remove_ipc = false; + m->inhibit_delay_max = 5 * USEC_PER_SEC; + m->handle_power_key = HANDLE_POWEROFF; + m->handle_suspend_key = HANDLE_SUSPEND; +diff --git a/src/login/logind.conf b/src/login/logind.conf +index 834c4c2..be8d7df 100644 +--- a/src/login/logind.conf ++++ b/src/login/logind.conf +@@ -30,4 +30,4 @@ + #IdleAction=ignore + #IdleActionSec=30min + #RuntimeDirectorySize=10% +-#RemoveIPC=yes ++#RemoveIPC=no diff --git a/SOURCES/0262-sysv-generator-follow-symlinks-in-etc-rc.d-init.d.patch b/SOURCES/0262-sysv-generator-follow-symlinks-in-etc-rc.d-init.d.patch new file mode 100644 index 0000000..b048273 --- /dev/null +++ b/SOURCES/0262-sysv-generator-follow-symlinks-in-etc-rc.d-init.d.patch @@ -0,0 +1,31 @@ +From 25dc202140f4daa18faeae11e26e9e16e8dae84e Mon Sep 17 00:00:00 2001 +From: Lukas Nykryn +Date: Fri, 11 Sep 2015 16:23:07 +0200 +Subject: [PATCH] sysv-generator: follow symlinks in /etc/rc.d/init.d + +Some java packages puts a symlink to init.d and its content is pointing +to latest java installation (because you can have multiple javas on you +machine). + +On rhel-based distributions you can use alternatives --initscript +instread of symlink, but this is not usable for other distributions. + +Cherry-picked from: 7b729f8686a83b24f3d9a891cde1c +Resolves: #1288005 +--- + src/sysv-generator/sysv-generator.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/src/sysv-generator/sysv-generator.c b/src/sysv-generator/sysv-generator.c +index 3c6cb8f..0a8a528 100644 +--- a/src/sysv-generator/sysv-generator.c ++++ b/src/sysv-generator/sysv-generator.c +@@ -753,7 +753,7 @@ static int enumerate_sysv(const LookupPaths *lp, Hashmap *all_services) { + if (hidden_file(de->d_name)) + continue; + +- if (fstatat(dirfd(d), de->d_name, &st, AT_SYMLINK_NOFOLLOW) < 0) { ++ if (fstatat(dirfd(d), de->d_name, &st, 0) < 0) { + log_warning_errno(errno, "stat() failed on %s/%s: %m", *path, de->d_name); + continue; + } diff --git a/SOURCES/0263-man-RemoveIPC-is-set-to-no-on-rhel.patch b/SOURCES/0263-man-RemoveIPC-is-set-to-no-on-rhel.patch new file mode 100644 index 0000000..32b3385 --- /dev/null +++ b/SOURCES/0263-man-RemoveIPC-is-set-to-no-on-rhel.patch @@ -0,0 +1,25 @@ +From 931ad3c2c253b40cb2c8eef8876b962e8f2d1072 Mon Sep 17 00:00:00 2001 +From: Lukas Nykryn +Date: Thu, 10 Dec 2015 09:34:34 +0100 +Subject: [PATCH] man: RemoveIPC is set to no on rhel + +RHEL-only + +Related: #1284588 +--- + man/logind.conf.xml | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/man/logind.conf.xml b/man/logind.conf.xml +index d02d573..54651f0 100644 +--- a/man/logind.conf.xml ++++ b/man/logind.conf.xml +@@ -276,7 +276,7 @@ + memory and message queues, as well as POSIX shared memory and + message queues. Note that IPC objects of the root user are + excluded from the effect of this setting. Defaults to +- yes. ++ no. + + + diff --git a/SOURCES/0264-makefile-disable-udev-tests.patch b/SOURCES/0264-makefile-disable-udev-tests.patch new file mode 100644 index 0000000..dcf9d8e --- /dev/null +++ b/SOURCES/0264-makefile-disable-udev-tests.patch @@ -0,0 +1,27 @@ +From c79d960c9cf769e913c6824363c0f2f7f257762e Mon Sep 17 00:00:00 2001 +From: Lukas Nykryn +Date: Thu, 10 Dec 2015 11:08:19 +0100 +Subject: [PATCH] makefile: disable udev tests + +RHEL-only +--- + Makefile.am | 6 +++--- + 1 file changed, 3 insertions(+), 3 deletions(-) + +diff --git a/Makefile.am b/Makefile.am +index 887e70a..2645f66 100644 +--- a/Makefile.am ++++ b/Makefile.am +@@ -3785,9 +3785,9 @@ hwdb-remove-hook: + endif + + # ------------------------------------------------------------------------------ +-TESTS += \ +- test/udev-test.pl \ +- $(NULL) ++#TESTS += \ ++# test/udev-test.pl \ ++# $(NULL) + + if HAVE_PYTHON + TESTS += \ diff --git a/SOURCES/0265-sysv-generator-test-always-log-to-console.patch b/SOURCES/0265-sysv-generator-test-always-log-to-console.patch new file mode 100644 index 0000000..b882f6a --- /dev/null +++ b/SOURCES/0265-sysv-generator-test-always-log-to-console.patch @@ -0,0 +1,27 @@ +From dff573ed5425cad26370ce5f4dc95c859d58ee72 Mon Sep 17 00:00:00 2001 +From: Martin Pitt +Date: Mon, 15 Jun 2015 08:59:44 +0200 +Subject: [PATCH] sysv-generator test: always log to console + +Set $SYSTEMD_LOG_TARGET so that the output always goes to stdout/stderr. This +fixes running the test as root, as that logged to the journal previously. + +https://github.com/systemd/systemd/issues/195 + +Cherry-picked from: 6b7d32add4733a83f86e18bb86f914037a6688b7 +--- + test/sysv-generator-test.py | 1 + + 1 file changed, 1 insertion(+) + +diff --git a/test/sysv-generator-test.py b/test/sysv-generator-test.py +index e716d70..1537864 100644 +--- a/test/sysv-generator-test.py ++++ b/test/sysv-generator-test.py +@@ -60,6 +60,7 @@ class SysvGeneratorTest(unittest.TestCase): + ''' + env = os.environ.copy() + env['SYSTEMD_LOG_LEVEL'] = 'debug' ++ env['SYSTEMD_LOG_TARGET'] = 'console' + env['SYSTEMD_SYSVINIT_PATH'] = self.init_d_dir + env['SYSTEMD_SYSVRCND_PATH'] = self.rcnd_dir + env['SYSTEMD_UNIT_PATH'] = self.unit_dir diff --git a/SOURCES/0266-test-sysv-generator-Check-for-network-online.target.patch b/SOURCES/0266-test-sysv-generator-Check-for-network-online.target.patch new file mode 100644 index 0000000..678699e --- /dev/null +++ b/SOURCES/0266-test-sysv-generator-Check-for-network-online.target.patch @@ -0,0 +1,56 @@ +From dc923c37bf23c035e510c241ff228e3e2f92c1ef Mon Sep 17 00:00:00 2001 +From: Branislav Blaskovic +Date: Sat, 7 Nov 2015 11:32:49 +0100 +Subject: [PATCH] test sysv-generator: Check for network-online.target. + +--- + test/sysv-generator-test.py | 18 ++++++++++++------ + 1 file changed, 12 insertions(+), 6 deletions(-) + +diff --git a/test/sysv-generator-test.py b/test/sysv-generator-test.py +index 1537864..2060ad7 100644 +--- a/test/sysv-generator-test.py ++++ b/test/sysv-generator-test.py +@@ -225,21 +225,27 @@ class SysvGeneratorTest(unittest.TestCase): + 'Should-Start': 'may1 ne_may2'}, + enable=True, prio=40) + self.add_sysv('must1', {}, enable=True, prio=10) ++ self.add_sysv('prio10', {}, enable=True, prio=10) ++ self.add_sysv('prio11', {}, enable=True, prio=11) + self.add_sysv('must2', {}, enable=True, prio=15) + self.add_sysv('may1', {}, enable=True, prio=20) + # do not create ne_may2 + err, results = self.run_generator() + self.assertEqual(sorted(results), +- ['foo.service', 'may1.service', 'must1.service', 'must2.service']) ++ ['foo.service', 'may1.service', 'must1.service', 'must2.service', 'prio10.service', 'prio11.service']) + + # foo should depend on all of them ++ print results['foo.service'].get('Unit', 'After') + self.assertEqual(sorted(results['foo.service'].get('Unit', 'After').split()), +- ['may1.service', 'must1.service', 'must2.service', 'ne_may2.service']) ++ ['may1.service', 'must1.service', 'must2.service', 'ne_may2.service', 'network-online.target']) + ++ # from prio 10 network-online.target is default dependency (src/sysv-generator/sysv-generator.c) ++ self.assertEqual(sorted(results['must2.service'].get('Unit', 'After').split()), ['network-online.target']) ++ self.assertEqual(sorted(results['may1.service'].get('Unit', 'After').split()), ['network-online.target']) ++ self.assertEqual(sorted(results['prio11.service'].get('Unit', 'After').split()), ['network-online.target']) + # other services should not depend on each other + self.assertFalse(results['must1.service'].has_option('Unit', 'After')) +- self.assertFalse(results['must2.service'].has_option('Unit', 'After')) +- self.assertFalse(results['may1.service'].has_option('Unit', 'After')) ++ self.assertFalse(results['prio10.service'].has_option('Unit', 'After')) + + def test_symlink_prio_deps(self): + '''script without LSB headers use rcN.d priority''' +@@ -259,8 +265,8 @@ class SysvGeneratorTest(unittest.TestCase): + err, results = self.run_generator() + self.assertEqual(sorted(results), ['consumer.service', 'provider.service']) + self.assertFalse(results['provider.service'].has_option('Unit', 'After')) +- self.assertEqual(results['consumer.service'].get('Unit', 'After'), +- 'provider.service') ++ self.assertEqual(results['consumer.service'].get('Unit', 'After').split(), ++ ['network-online.target', 'provider.service']) + + def test_multiple_provides(self): + '''multiple Provides: names''' diff --git a/SOURCES/0267-Avoid-tmp-being-mounted-as-tmpfs-without-the-user-s-.patch b/SOURCES/0267-Avoid-tmp-being-mounted-as-tmpfs-without-the-user-s-.patch new file mode 100644 index 0000000..4f06b24 --- /dev/null +++ b/SOURCES/0267-Avoid-tmp-being-mounted-as-tmpfs-without-the-user-s-.patch @@ -0,0 +1,28 @@ +From 73d33e8e1b310c292dc92d26ca0cd7bfefa31852 Mon Sep 17 00:00:00 2001 +From: Didier Roche +Date: Wed, 13 Jan 2016 12:49:57 +0100 +Subject: [PATCH] Avoid /tmp being mounted as tmpfs without the user's will + +Ensure PrivateTmp doesn't require tmpfs through tmp.mount, but rather +adds an After relationship. + +rhel-only + +Resolves: #1298109 +--- + src/core/unit.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/src/core/unit.c b/src/core/unit.c +index ae47a28..4fb2fd3 100644 +--- a/src/core/unit.c ++++ b/src/core/unit.c +@@ -807,7 +807,7 @@ int unit_add_exec_dependencies(Unit *u, ExecContext *c) { + return 0; + + if (c->private_tmp) { +- r = unit_require_mounts_for(u, "/tmp"); ++ r = unit_add_dependency_by_name(u, UNIT_AFTER, "tmp.mount", NULL, true); + if (r < 0) + return r; + diff --git a/SPECS/systemd.spec b/SPECS/systemd.spec index 28af519..63b8857 100644 --- a/SPECS/systemd.spec +++ b/SPECS/systemd.spec @@ -7,7 +7,7 @@ Name: systemd Url: http://www.freedesktop.org/wiki/Software/systemd Version: 219 -Release: 19%{?dist} +Release: 19%{?dist}.4 # For a breakdown of the licensing, see README License: LGPLv2+ and MIT and GPLv2+ Summary: A System and Service Manager @@ -285,6 +285,16 @@ Patch0254: 0254-selinux-fix-regression-of-systemctl-subcommands-when.patch Patch0255: 0255-tmpfiles.d-don-t-clean-SAP-lockfiles-and-logs.patch Patch0256: 0256-udev-make-naming-for-virtio-devices-opt-in.patch Patch0257: 0257-tmpfiles.d-don-t-clean-SAP-sockets-either.patch +Patch0258: 0258-run-synchronously-wait-until-the-scope-unit-we-creat.patch +Patch0259: 0259-device-rework-how-we-enter-tentative-state.patch +Patch0260: 0260-core-Do-not-bind-a-mount-unit-to-a-device-if-it-was-.patch +Patch0261: 0261-logind-set-RemoveIPC-no-by-default.patch +Patch0262: 0262-sysv-generator-follow-symlinks-in-etc-rc.d-init.d.patch +Patch0263: 0263-man-RemoveIPC-is-set-to-no-on-rhel.patch +Patch0264: 0264-makefile-disable-udev-tests.patch +Patch0265: 0265-sysv-generator-test-always-log-to-console.patch +Patch0266: 0266-test-sysv-generator-Check-for-network-online.target.patch +Patch0267: 0267-Avoid-tmp-being-mounted-as-tmpfs-without-the-user-s-.patch %global num_patches %{lua: c=0; for i,p in ipairs(patches) do c=c+1; end; print(c);} @@ -327,6 +337,7 @@ BuildRequires: autoconf BuildRequires: libtool BuildRequires: git BuildRequires: libmount-devel +BuildRequires: tree Requires(post): coreutils Requires(post): gawk @@ -1243,6 +1254,21 @@ getent passwd systemd-resolve >/dev/null 2>&1 || useradd -r -l -g systemd-resolv %{_mandir}/man8/systemd-resolved.* %changelog +* Wed Jan 13 2016 Lukas Nykryn - 219-19.4 +- Avoid /tmp being mounted as tmpfs without the user's will (#1298109) + +* Thu Dec 10 2015 Lukas Nykryn - 219-19.3 +- sysv-generator: follow symlinks in /etc/rc.d/init.d (#1288005) +- man: RemoveIPC is set to no on rhel (#1284588) + +* Fri Nov 27 2015 Lukas Nykryn - 219-19.2 +- device: rework how we enter tentative state (#1283579) +- core: Do not bind a mount unit to a device, if it was from mountinfo (#1283579) +- logind: set RemoveIPC=no by default (#1284588) + +* Wed Nov 18 2015 Lukas Nykryn - 219-19.1 +- run: synchronously wait until the scope unit we create is started (#1283192) + * Mon Oct 12 2015 Lukas Nykryn - 219-19 - udev: make naming for virtio devices opt-in (#1269216) - tmpfiles.d: don't clean SAP sockets either (#1186044)