From d2bdca710c147458aa87a2895ddabe947b445ecd Mon Sep 17 00:00:00 2001 From: CentOS Sources Date: Nov 19 2015 16:03:29 +0000 Subject: import util-linux-2.23.2-26.el7 --- diff --git a/SOURCES/2.25-blockdev-geom.patch b/SOURCES/2.25-blockdev-geom.patch new file mode 100644 index 0000000..4bf6b61 --- /dev/null +++ b/SOURCES/2.25-blockdev-geom.patch @@ -0,0 +1,95 @@ +diff -up util-linux-2.23.2/disk-utils/blockdev.c.kzak util-linux-2.23.2/disk-utils/blockdev.c +--- util-linux-2.23.2/disk-utils/blockdev.c.kzak 2015-06-23 11:29:27.818001654 +0200 ++++ util-linux-2.23.2/disk-utils/blockdev.c 2015-06-23 11:29:43.752884860 +0200 +@@ -16,6 +16,7 @@ + #include "blkdev.h" + #include "pathnames.h" + #include "closestream.h" ++#include "sysfs.h" + + struct bdc { + long ioc; /* ioctl code */ +@@ -364,7 +365,7 @@ static void do_commands(int fd, char **a + } + + if (res == -1) { +- perror(bdcms[j].iocname); ++ warn(_("ioctl error on %s"), bdcms[j].iocname); + if (verbose) + printf(_("%s failed.\n"), _(bdcms[j].help)); + exit(EXIT_FAILURE); +@@ -436,7 +437,8 @@ static void report_device(char *device, + int ro, ssz, bsz; + long ra; + unsigned long long bytes; +- struct hd_geometry g; ++ uint64_t start = 0; ++ struct stat st; + + fd = open(device, O_RDONLY | O_NONBLOCK); + if (fd < 0) { +@@ -446,15 +448,27 @@ static void report_device(char *device, + } + + ro = ssz = bsz = 0; +- g.start = ra = 0; ++ ra = 0; ++ if (fstat(fd, &st) == 0 && !sysfs_devno_is_wholedisk(st.st_rdev)) { ++ struct sysfs_cxt cxt; ++ ++ if (sysfs_init(&cxt, st.st_rdev, NULL)) ++ err(EXIT_FAILURE, ++ _("%s: failed to initialize sysfs handler"), ++ device); ++ if (sysfs_read_u64(&cxt, "start", &start)) ++ err(EXIT_FAILURE, ++ _("%s: failed to read partition start from sysfs"), ++ device); ++ sysfs_deinit(&cxt); ++ } + if (ioctl(fd, BLKROGET, &ro) == 0 && + ioctl(fd, BLKRAGET, &ra) == 0 && + ioctl(fd, BLKSSZGET, &ssz) == 0 && + ioctl(fd, BLKBSZGET, &bsz) == 0 && +- ioctl(fd, HDIO_GETGEO, &g) == 0 && + blkdev_get_size(fd, &bytes) == 0) { +- printf("%s %5ld %5d %5d %10ld %15lld %s\n", +- ro ? "ro" : "rw", ra, ssz, bsz, g.start, bytes, device); ++ printf("%s %5ld %5d %5d %10ju %15lld %s\n", ++ ro ? "ro" : "rw", ra, ssz, bsz, start, bytes, device); + } else { + if (!quiet) + warnx(_("ioctl error on %s"), device); +diff -up util-linux-2.23.2/include/sysfs.h.kzak util-linux-2.23.2/include/sysfs.h +--- util-linux-2.23.2/include/sysfs.h.kzak 2015-06-23 11:32:12.709793086 +0200 ++++ util-linux-2.23.2/include/sysfs.h 2015-06-23 11:32:31.909652361 +0200 +@@ -72,6 +72,7 @@ extern int sysfs_is_partition_dirent(DIR + + extern int sysfs_devno_to_wholedisk(dev_t dev, char *diskname, + size_t len, dev_t *diskdevno); ++extern int sysfs_devno_is_wholedisk(dev_t devno); + + extern int sysfs_scsi_get_hctl(struct sysfs_cxt *cxt, int *h, + int *c, int *t, int *l); +diff -up util-linux-2.23.2/lib/sysfs.c.kzak util-linux-2.23.2/lib/sysfs.c +--- util-linux-2.23.2/lib/sysfs.c.kzak 2015-06-23 11:31:32.166090250 +0200 ++++ util-linux-2.23.2/lib/sysfs.c 2015-06-23 11:31:59.684888551 +0200 +@@ -638,6 +638,18 @@ err: + return -1; + } + ++/* ++ * Return 0 or 1, or < 0 in case of error ++ */ ++int sysfs_devno_is_wholedisk(dev_t devno) ++{ ++ dev_t disk; ++ ++ if (sysfs_devno_to_wholedisk(devno, NULL, 0, &disk) != 0) ++ return -1; ++ ++ return devno == disk; ++} + + int sysfs_scsi_get_hctl(struct sysfs_cxt *cxt, int *h, int *c, int *t, int *l) + { diff --git a/SOURCES/2.25-fstrim-all.patch b/SOURCES/2.25-fstrim-all.patch new file mode 100644 index 0000000..233e2ec --- /dev/null +++ b/SOURCES/2.25-fstrim-all.patch @@ -0,0 +1,496 @@ +diff -up util-linux-2.23.2/libmount/src/libmount.h.in.kzak util-linux-2.23.2/libmount/src/libmount.h.in +--- util-linux-2.23.2/libmount/src/libmount.h.in.kzak 2015-06-23 11:54:00.510210784 +0200 ++++ util-linux-2.23.2/libmount/src/libmount.h.in 2015-06-23 11:54:58.592785482 +0200 +@@ -420,6 +420,15 @@ extern int mnt_table_get_root_fs(struct + extern int mnt_table_set_iter(struct libmnt_table *tb, struct libmnt_iter *itr, + struct libmnt_fs *fs); + ++enum { ++ MNT_UNIQ_FORWARD = (1 << 1), /* default is backward */ ++ MNT_UNIQ_KEEPTREE = (1 << 2) ++}; ++extern int mnt_table_uniq_fs(struct libmnt_table *tb, int flags, ++ int (*cmp)(struct libmnt_table *, ++ struct libmnt_fs *, ++ struct libmnt_fs *)); ++ + extern struct libmnt_fs *mnt_table_find_mountpoint(struct libmnt_table *tb, + const char *path, int direction); + extern struct libmnt_fs *mnt_table_find_target(struct libmnt_table *tb, +diff -up util-linux-2.23.2/libmount/src/libmount.sym.kzak util-linux-2.23.2/libmount/src/libmount.sym +--- util-linux-2.23.2/libmount/src/libmount.sym.kzak 2015-06-23 11:56:47.259989779 +0200 ++++ util-linux-2.23.2/libmount/src/libmount.sym 2015-06-23 11:56:17.681206366 +0200 +@@ -256,3 +256,9 @@ global: + mnt_context_find_umount_fs; + mnt_table_find_mountpoint; + } MOUNT_2.22; ++ ++/* backport from v2.25 to RHEL7 */ ++MOUNT_2.25 { ++ mnt_table_uniq_fs; ++} MOUNT_2.23; ++ +diff -up util-linux-2.23.2/libmount/src/tab.c.kzak util-linux-2.23.2/libmount/src/tab.c +--- util-linux-2.23.2/libmount/src/tab.c.kzak 2015-06-23 11:52:04.750058424 +0200 ++++ util-linux-2.23.2/libmount/src/tab.c 2015-06-23 11:53:26.109462680 +0200 +@@ -398,6 +398,93 @@ int mnt_table_find_next_fs(struct libmnt + return 1; + } + ++static int mnt_table_move_parent(struct libmnt_table *tb, int oldid, int newid) ++{ ++ struct libmnt_iter itr; ++ struct libmnt_fs *fs; ++ ++ if (!tb) ++ return -EINVAL; ++ if (list_empty(&tb->ents)) ++ return 0; ++ ++ ++ mnt_reset_iter(&itr, MNT_ITER_FORWARD); ++ ++ while (mnt_table_next_fs(tb, &itr, &fs) == 0) { ++ if (fs->parent == oldid) ++ fs->parent = newid; ++ } ++ return 0; ++} ++ ++/** ++ * mnt_table_uniq_fs: ++ * @tb: table ++ * @flags: MNT_UNIQ_* ++ * @cmp: function to compare filesystems ++ * ++ * This function de-duplicate the @tb, but does not change order of the ++ * filesystems. The @cmp function has to return 0 if the filesystems are ++ * equal, otherwise non-zero. ++ * ++ * The default is to keep in the table later mounted filesystems (function uses ++ * backward mode iterator). ++ * ++ * @MNT_UNIQ_FORWARD: remove later mounted filesystems ++ * @MNT_UNIQ_KEEPTREE: keep parent->id relation ship stil valid ++ * ++ * Returns: negative number in case of error, or 0 o success. ++ */ ++int mnt_table_uniq_fs(struct libmnt_table *tb, int flags, ++ int (*cmp)(struct libmnt_table *, ++ struct libmnt_fs *, ++ struct libmnt_fs *)) ++{ ++ struct libmnt_iter itr; ++ struct libmnt_fs *fs; ++ int direction = MNT_ITER_BACKWARD; ++ ++ if (!tb || !cmp) ++ return -EINVAL; ++ if (list_empty(&tb->ents)) ++ return 0; ++ ++ if (flags & MNT_UNIQ_FORWARD) ++ direction = MNT_ITER_FORWARD; ++ ++ ++ mnt_reset_iter(&itr, direction); ++ ++ if ((flags & MNT_UNIQ_KEEPTREE) && !is_mountinfo(tb)) ++ flags &= ~MNT_UNIQ_KEEPTREE; ++ ++ while (mnt_table_next_fs(tb, &itr, &fs) == 0) { ++ int want = 1; ++ struct libmnt_iter xtr; ++ struct libmnt_fs *x; ++ ++ mnt_reset_iter(&xtr, direction); ++ while (want && mnt_table_next_fs(tb, &xtr, &x) == 0) { ++ if (fs == x) ++ break; ++ want = cmp(tb, x, fs) != 0; ++ } ++ ++ if (!want) { ++ if (flags & MNT_UNIQ_KEEPTREE) ++ mnt_table_move_parent(tb, mnt_fs_get_id(fs), ++ mnt_fs_get_parent_id(fs)); ++ ++ ++ ++ mnt_table_remove_fs(tb, fs); ++ } ++ } ++ ++ return 0; ++} ++ + /** + * mnt_table_set_iter: + * @tb: tab pointer +diff -up util-linux-2.23.2/sys-utils/fstrim.c.kzak util-linux-2.23.2/sys-utils/fstrim.c +--- util-linux-2.23.2/sys-utils/fstrim.c.kzak 2013-06-13 09:46:10.535651605 +0200 ++++ util-linux-2.23.2/sys-utils/fstrim.c 2015-06-23 11:57:59.435461283 +0200 +@@ -41,6 +41,11 @@ + #include "strutils.h" + #include "c.h" + #include "closestream.h" ++#include "pathnames.h" ++#include "sysfs.h" ++#include "exitcodes.h" ++ ++#include + + #ifndef FITRIM + struct fstrim_range { +@@ -51,16 +56,216 @@ struct fstrim_range { + #define FITRIM _IOWR('X', 121, struct fstrim_range) + #endif + ++/* returns: 0 = success, 1 = unsupported, < 0 = error */ ++static int fstrim_filesystem(const char *path, struct fstrim_range *rangetpl, ++ int verbose) ++{ ++ int fd; ++ struct stat sb; ++ struct fstrim_range range; ++ ++ /* kernel modifies the range */ ++ memcpy(&range, rangetpl, sizeof(range)); ++ ++ fd = open(path, O_RDONLY); ++ if (fd < 0) { ++ warn(_("cannot open %s"), path); ++ return -1; ++ } ++ if (fstat(fd, &sb) == -1) { ++ warn(_("stat of %s failed"), path); ++ return -1; ++ } ++ if (!S_ISDIR(sb.st_mode)) { ++ warnx(_("%s: not a directory"), path); ++ return -1; ++ } ++ errno = 0; ++ if (ioctl(fd, FITRIM, &range)) { ++ int rc = errno == EOPNOTSUPP || errno == ENOTTY ? 1 : -1; ++ ++ if (rc != 1) ++ warn(_("%s: FITRIM ioctl failed"), path); ++ close(fd); ++ return rc; ++ } ++ ++ if (verbose) { ++ char *str = size_to_human_string( ++ SIZE_SUFFIX_3LETTER | SIZE_SUFFIX_SPACE, ++ (uint64_t) range.len); ++ /* TRANSLATORS: The standard value here is a very large number. */ ++ printf(_("%s: %s (%" PRIu64 " bytes) trimmed\n"), ++ path, str, (uint64_t) range.len); ++ free(str); ++ } ++ close(fd); ++ return 0; ++} ++ ++static int has_discard(const char *devname, struct sysfs_cxt *wholedisk) ++{ ++ struct sysfs_cxt cxt, *parent = NULL; ++ uint64_t dg = 0; ++ dev_t disk = 0, dev; ++ int rc; ++ ++ dev = sysfs_devname_to_devno(devname, NULL); ++ if (!dev) ++ return 1; ++ /* ++ * This is tricky to read the info from sys/, because the queue ++ * atrributes are provided for whole devices (disk) only. We're trying ++ * to reuse the whole-disk sysfs context to optimize this stuff (as ++ * system usually have just one disk only). ++ */ ++ if (sysfs_devno_to_wholedisk(dev, NULL, 0, &disk) || !disk) ++ return 1; ++ if (dev != disk) { ++ if (wholedisk->devno != disk) { ++ sysfs_deinit(wholedisk); ++ if (sysfs_init(wholedisk, disk, NULL)) ++ return 1; ++ } ++ parent = wholedisk; ++ } ++ ++ rc = sysfs_init(&cxt, dev, parent); ++ if (!rc) ++ rc = sysfs_read_u64(&cxt, "queue/discard_granularity", &dg); ++ ++ sysfs_deinit(&cxt); ++ return rc == 0 && dg > 0; ++} ++ ++ ++static int uniq_fs_target_cmp( ++ struct libmnt_table *tb __attribute__((__unused__)), ++ struct libmnt_fs *a, ++ struct libmnt_fs *b) ++{ ++ return !mnt_fs_streq_target(a, mnt_fs_get_target(b)); ++} ++ ++static int uniq_fs_source_cmp( ++ struct libmnt_table *tb __attribute__((__unused__)), ++ struct libmnt_fs *a, ++ struct libmnt_fs *b) ++{ ++ int eq; ++ ++ if (mnt_fs_is_pseudofs(a) || mnt_fs_is_netfs(a) || ++ mnt_fs_is_pseudofs(b) || mnt_fs_is_netfs(b)) ++ return 1; ++ ++ eq = mnt_fs_streq_srcpath(a, mnt_fs_get_srcpath(b)); ++ if (eq) { ++ const char *aroot = mnt_fs_get_root(a), ++ *broot = mnt_fs_get_root(b); ++ if (!aroot || !broot) ++ eq = 0; ++ else if (strcmp(aroot, broot) != 0) ++ eq = 0; ++ } ++ ++ return !eq; ++} ++ ++/* ++ * fstrim --all follows "mount -a" return codes: ++ * ++ * 0 = all success ++ * 32 = all failed ++ * 64 = some failed, some success ++ */ ++static int fstrim_all(struct fstrim_range *rangetpl, int verbose) ++{ ++ struct libmnt_fs *fs; ++ struct libmnt_iter *itr; ++ struct libmnt_table *tab; ++ struct sysfs_cxt wholedisk = UL_SYSFSCXT_EMPTY; ++ int cnt = 0, cnt_err = 0; ++ ++ mnt_init_debug(0); ++ ++ itr = mnt_new_iter(MNT_ITER_BACKWARD); ++ if (!itr) ++ err(MOUNT_EX_FAIL, _("failed to initialize libmount iterator")); ++ ++ tab = mnt_new_table_from_file(_PATH_PROC_MOUNTINFO); ++ if (!tab) ++ err(MOUNT_EX_FAIL, _("failed to parse %s"), _PATH_PROC_MOUNTINFO); ++ ++ /* de-duplicate by mountpoints */ ++ mnt_table_uniq_fs(tab, 0, uniq_fs_target_cmp); ++ ++ /* de-duplicate by source and root */ ++ mnt_table_uniq_fs(tab, 0, uniq_fs_source_cmp); ++ ++ while (mnt_table_next_fs(tab, itr, &fs) == 0) { ++ const char *src = mnt_fs_get_srcpath(fs), ++ *tgt = mnt_fs_get_target(fs); ++ char *path; ++ int rc = 1; ++ ++ if (!src || !tgt || *src != '/' || ++ mnt_fs_is_pseudofs(fs) || ++ mnt_fs_is_netfs(fs)) ++ continue; ++ ++ /* Is it really accessible mountpoint? Not all mountpoints are ++ * accessible (maybe over mounted by another fylesystem) */ ++ path = mnt_get_mountpoint(tgt); ++ if (path && strcmp(path, tgt) == 0) ++ rc = 0; ++ free(path); ++ if (rc) ++ continue; /* overlaying mount */ ++ ++ if (!has_discard(src, &wholedisk)) ++ continue; ++ cnt++; ++ ++ /* ++ * We're able to detect that the device supports discard, but ++ * things also depend on filesystem or device mapping, for ++ * example vfat or LUKS (by default) does not support FSTRIM. ++ * ++ * This is reason why we ignore EOPNOTSUPP and ENOTTY errors ++ * from discard ioctl. ++ */ ++ if (fstrim_filesystem(tgt, rangetpl, verbose) < 0) ++ cnt_err++; ++ } ++ ++ sysfs_deinit(&wholedisk); ++ mnt_free_table(tab); ++ mnt_free_iter(itr); ++ ++ if (cnt && cnt == cnt_err) ++ return MOUNT_EX_FAIL; /* all failed */ ++ if (cnt && cnt_err) ++ return MOUNT_EX_SOMEOK; /* some ok */ ++ ++ return EXIT_SUCCESS; ++} ++ + static void __attribute__((__noreturn__)) usage(FILE *out) + { + fputs(USAGE_HEADER, out); + fprintf(out, + _(" %s [options] \n"), program_invocation_short_name); ++ ++ fputs(USAGE_SEPARATOR, out); ++ fputs(_("Discard unused blocks on a mounted filesystem.\n"), out); ++ + fputs(USAGE_OPTIONS, out); +- fputs(_(" -o, --offset offset in bytes to discard from\n" +- " -l, --length length of bytes to discard from the offset\n" +- " -m, --minimum minimum extent length to discard\n" +- " -v, --verbose print number of discarded bytes\n"), out); ++ fputs(_(" -a, --all trim all mounted filesystems that are supported\n"), out); ++ fputs(_(" -o, --offset the offset in bytes to start discarding from\n"), out); ++ fputs(_(" -l, --length the number of bytes to discard\n"), out); ++ fputs(_(" -m, --minimum the minimum extent length to discard\n"), out); ++ fputs(_(" -v, --verbose print number of discarded bytes\n"), out); ++ + fputs(USAGE_SEPARATOR, out); + fputs(USAGE_HELP, out); + fputs(USAGE_VERSION, out); +@@ -70,12 +275,12 @@ static void __attribute__((__noreturn__) + + int main(int argc, char **argv) + { +- char *path; +- int c, fd, verbose = 0; ++ char *path = NULL; ++ int c, rc, verbose = 0, all = 0; + struct fstrim_range range; +- struct stat sb; + + static const struct option longopts[] = { ++ { "all", 0, 0, 'a' }, + { "help", 0, 0, 'h' }, + { "version", 0, 0, 'V' }, + { "offset", 1, 0, 'o' }, +@@ -93,8 +298,11 @@ int main(int argc, char **argv) + memset(&range, 0, sizeof(range)); + range.len = ULLONG_MAX; + +- while ((c = getopt_long(argc, argv, "hVo:l:m:v", longopts, NULL)) != -1) { ++ while ((c = getopt_long(argc, argv, "ahVo:l:m:v", longopts, NULL)) != -1) { + switch(c) { ++ case 'a': ++ all = 1; ++ break; + case 'h': + usage(stdout); + break; +@@ -122,38 +330,26 @@ int main(int argc, char **argv) + } + } + +- if (optind == argc) +- errx(EXIT_FAILURE, _("no mountpoint specified")); +- +- path = argv[optind++]; ++ if (!all) { ++ if (optind == argc) ++ errx(EXIT_FAILURE, _("no mountpoint specified")); ++ path = argv[optind++]; ++ } + + if (optind != argc) { + warnx(_("unexpected number of arguments")); + usage(stderr); + } + +- if (stat(path, &sb) == -1) +- err(EXIT_FAILURE, _("stat failed %s"), path); +- if (!S_ISDIR(sb.st_mode)) +- errx(EXIT_FAILURE, _("%s: not a directory"), path); +- +- fd = open(path, O_RDONLY); +- if (fd < 0) +- err(EXIT_FAILURE, _("cannot open %s"), path); +- +- if (ioctl(fd, FITRIM, &range)) +- err(EXIT_FAILURE, _("%s: FITRIM ioctl failed"), path); +- +- if (verbose) { +- char *str = size_to_human_string(SIZE_SUFFIX_3LETTER | +- SIZE_SUFFIX_SPACE, +- (uint64_t) range.len); +- /* TRANSLATORS: The standard value here is a very large number. */ +- printf(_("%s: %s (%" PRIu64 " bytes) trimmed\n"), +- path, str, +- (uint64_t) range.len); +- free(str); ++ if (all) ++ rc = fstrim_all(&range, verbose); ++ else { ++ rc = fstrim_filesystem(path, &range, verbose); ++ if (rc == 1) { ++ warnx(_("%s: the discard operation is not supported"), path); ++ rc = EXIT_FAILURE; ++ } + } +- close(fd); +- return EXIT_SUCCESS; ++ ++ return rc; + } +diff -up util-linux-2.23.2/sys-utils/fstrim.service.in.kzak util-linux-2.23.2/sys-utils/fstrim.service +--- util-linux-2.23.2/sys-utils/fstrim.service.in.kzak 2015-06-23 12:02:18.505564273 +0200 ++++ util-linux-2.23.2/sys-utils/fstrim.service.in 2015-06-23 12:02:05.049662802 +0200 +@@ -0,0 +1,6 @@ ++[Unit] ++Description=Discard unused blocks ++ ++[Service] ++Type=oneshot ++ExecStart=@sbindir@/fstrim -a +diff -up util-linux-2.23.2/sys-utils/fstrim.timer.kzak util-linux-2.23.2/sys-utils/fstrim.timer +--- util-linux-2.23.2/sys-utils/fstrim.timer.kzak 2015-06-23 12:02:18.505564273 +0200 ++++ util-linux-2.23.2/sys-utils/fstrim.timer 2015-06-23 12:02:05.049662802 +0200 +@@ -0,0 +1,11 @@ ++[Unit] ++Description=Discard unused blocks once a week ++Documentation=man:fstrim ++ ++[Timer] ++OnCalendar=weekly ++AccuracySec=1h ++Persistent=true ++ ++[Install] ++WantedBy=multi-user.target +diff -up util-linux-2.23.2/sys-utils/Makemodule.am.kzak util-linux-2.23.2/sys-utils/Makemodule.am +--- util-linux-2.23.2/sys-utils/Makemodule.am.kzak 2015-06-23 11:59:05.803975307 +0200 ++++ util-linux-2.23.2/sys-utils/Makemodule.am 2015-06-23 12:01:18.682002323 +0200 +@@ -68,7 +68,18 @@ fsfreeze_SOURCES = sys-utils/fsfreeze.c + sbin_PROGRAMS += fstrim + dist_man_MANS += sys-utils/fstrim.8 + fstrim_SOURCES = sys-utils/fstrim.c +-fstrim_LDADD = $(LDADD) libcommon.la ++fstrim_LDADD = $(LDADD) libcommon.la libmount.la ++fstrim_CFLAGS = $(AM_CFLAGS) -I$(ul_libmount_incdir) ++ ++if HAVE_SYSTEMD ++systemdsystemunit_DATA += \ ++ sys-utils/fstrim.service \ ++ sys-utils/fstrim.timer ++endif ++ ++PATHFILES += sys-utils/fstrim.service ++EXTRA_DIST += sys-utils/fstrim.timer ++ + + sbin_PROGRAMS += blkdiscard + dist_man_MANS += sys-utils/blkdiscard.8 diff --git a/SOURCES/2.25-libblkid-return-codes.patch b/SOURCES/2.25-libblkid-return-codes.patch new file mode 100644 index 0000000..6462359 --- /dev/null +++ b/SOURCES/2.25-libblkid-return-codes.patch @@ -0,0 +1,204 @@ +diff -up util-linux-2.23.2/libblkid/src/partitions/partitions.c.kzak util-linux-2.23.2/libblkid/src/partitions/partitions.c +--- util-linux-2.23.2/libblkid/src/partitions/partitions.c.kzak 2015-08-11 14:00:27.930573965 +0200 ++++ util-linux-2.23.2/libblkid/src/partitions/partitions.c 2015-08-11 14:13:11.213087814 +0200 +@@ -533,7 +533,7 @@ static int idinfo_probe(blkid_probe pr, + { + const struct blkid_idmag *mag = NULL; + blkid_loff_t off; +- int rc = BLKID_PROBE_NONE; /* = nothing detected */ ++ int rc = BLKID_PROBE_NONE; /* default is nothing */ + + if (pr->size <= 0 || (id->minsz && id->minsz > pr->size)) + goto nothing; /* the device is too small */ +@@ -564,8 +564,10 @@ static int idinfo_probe(blkid_probe pr, + DBG(LOWPROBE, blkid_debug("%s: <--- (rc = %d)", id->name, rc)); + } + +-nothing: + return rc; ++ ++nothing: ++ return BLKID_PROBE_NONE; + } + + /* +@@ -620,7 +622,7 @@ static int partitions_probe(blkid_probe + strlen(name) + 1); + DBG(LOWPROBE, blkid_debug("<-- leaving probing loop (type=%s) [PARTS idx=%d]", + name, chn->idx)); +- rc = 0; ++ rc = BLKID_PROBE_OK; + break; + } + +@@ -637,10 +639,16 @@ details_only: + (blkid_partitions_get_flags(pr) & BLKID_PARTS_ENTRY_DETAILS)) { + + int xrc = blkid_partitions_probe_partition(pr); ++ ++ /* partition entry probing is optional, and "not-found" from ++ * this sub-probing must not to overwrite previous success. */ + if (xrc < 0) +- rc = xrc; /* optional, care about errors only */ ++ rc = xrc; /* always propagate errors */ ++ else if (rc == BLKID_PROBE_NONE) ++ rc = xrc; + } + ++ DBG(LOWPROBE, blkid_debug("partitions probe done [rc=%d]", rc)); + return rc; + } + +@@ -709,7 +717,6 @@ int blkid_partitions_do_subprobe(blkid_p + + static int blkid_partitions_probe_partition(blkid_probe pr) + { +- int rc = BLKID_PROBE_NONE; + blkid_probe disk_pr = NULL; + blkid_partlist ls; + blkid_partition par; +@@ -732,7 +739,9 @@ static int blkid_partitions_probe_partit + goto nothing; + + par = blkid_partlist_devno_to_partition(ls, devno); +- if (par) { ++ if (!par) ++ goto nothing; ++ else { + const char *v; + blkid_parttable tab = blkid_partition_get_table(par); + dev_t disk = blkid_probe_get_devno(disk_pr); +@@ -778,9 +787,13 @@ static int blkid_partitions_probe_partit + blkid_probe_sprintf_value(pr, "PART_ENTRY_DISK", "%u:%u", + major(disk), minor(disk)); + } +- rc = BLKID_PROBE_OK; ++ ++ DBG(LOWPROBE, blkid_debug("parts: end probing for partition entry [success]")); ++ return BLKID_PROBE_OK; ++ + nothing: +- return rc; ++ DBG(LOWPROBE, blkid_debug("parts: end probing for partition entry [nothing]")); ++ return BLKID_PROBE_NONE; + } + + /* +diff -up util-linux-2.23.2/libblkid/src/superblocks/superblocks.c.kzak util-linux-2.23.2/libblkid/src/superblocks/superblocks.c +--- util-linux-2.23.2/libblkid/src/superblocks/superblocks.c.kzak 2015-07-03 10:35:05.456153560 +0200 ++++ util-linux-2.23.2/libblkid/src/superblocks/superblocks.c 2015-08-11 14:08:42.572674469 +0200 +@@ -335,19 +335,24 @@ static int superblocks_probe(blkid_probe + + if (!pr || chn->idx < -1) + return -EINVAL; +- if (pr->flags & BLKID_FL_NOSCAN_DEV) +- goto nothing; + + blkid_probe_chain_reset_vals(pr, chn); + + DBG(LOWPROBE, blkid_debug("--> starting probing loop [SUBLKS idx=%d]", + chn->idx)); + ++ if (pr->flags & BLKID_FL_NOSCAN_DEV) ++ return BLKID_PROBE_NONE; ++ + if (pr->size <= 0 || (pr->size <= 1024 && !S_ISCHR(pr->mode))) + /* Ignore very very small block devices or regular files (e.g. + * extended partitions). Note that size of the UBI char devices + * is 1 byte */ +- goto nothing; ++ return BLKID_PROBE_NONE; ++ ++ ++ DBG(LOWPROBE, blkid_debug("--> starting probing loop [SUBLKS idx=%d]", ++ chn->idx)); + + i = chn->idx < 0 ? 0 : chn->idx + 1U; + +@@ -417,7 +422,7 @@ static int superblocks_probe(blkid_probe + (unsigned char *) mag->magic); + if (rc) { + blkid_probe_chain_reset_vals(pr, chn); +- DBG(LOWPROBE, blkid_debug("failed to set result -- ingnore")); ++ DBG(LOWPROBE, blkid_debug("failed to set result -- ignore")); + continue; + } + +@@ -426,7 +431,6 @@ static int superblocks_probe(blkid_probe + return BLKID_PROBE_OK; + } + +-nothing: + DBG(LOWPROBE, blkid_debug("<-- leaving probing loop (failed=%d) [SUBLKS idx=%d]", + rc, chn->idx)); + return rc; +@@ -454,13 +458,12 @@ static int superblocks_safeprobe(blkid_p + int rc; + + if (pr->flags & BLKID_FL_NOSCAN_DEV) +- return 1; /* nothing */ ++ return BLKID_PROBE_NONE; + + while ((rc = superblocks_probe(pr, chn)) == 0) { + + if (blkid_probe_is_tiny(pr) && !count) +- /* floppy or so -- returns the first result. */ +- return 0; ++ return BLKID_PROBE_OK; /* floppy or so -- returns the first result. */ + + count++; + +@@ -489,7 +492,7 @@ static int superblocks_safeprobe(blkid_p + return -2; /* error, ambivalent result (more FS) */ + } + if (!count) +- return 1; /* nothing detected */ ++ return BLKID_PROBE_NONE; + + if (idx != -1) { + /* restore the first result */ +@@ -506,7 +509,7 @@ static int superblocks_safeprobe(blkid_p + if (chn->idx >= 0 && idinfos[chn->idx]->usage & BLKID_USAGE_RAID) + pr->prob_flags |= BLKID_PROBE_FL_IGNORE_PT; + +- return 0; ++ return BLKID_PROBE_OK; + } + + int blkid_probe_set_version(blkid_probe pr, const char *version) +diff -up util-linux-2.23.2/libblkid/src/topology/topology.c.kzak util-linux-2.23.2/libblkid/src/topology/topology.c +--- util-linux-2.23.2/libblkid/src/topology/topology.c.kzak 2013-06-13 09:46:10.429650699 +0200 ++++ util-linux-2.23.2/libblkid/src/topology/topology.c 2015-08-11 14:09:35.623361499 +0200 +@@ -150,7 +150,7 @@ static int topology_probe(blkid_probe pr + return -1; + + if (!S_ISBLK(pr->mode)) +- return -1; /* nothing, works with block devices only */ ++ return -EINVAL; /* nothing, works with block devices only */ + + if (chn->binary) { + DBG(LOWPROBE, blkid_debug("initialize topology binary data")); +@@ -163,7 +163,7 @@ static int topology_probe(blkid_probe pr + chn->data = calloc(1, + sizeof(struct blkid_struct_topology)); + if (!chn->data) +- return -1; ++ return -ENOMEM; + } + } + +@@ -193,12 +193,12 @@ static int topology_probe(blkid_probe pr + + DBG(LOWPROBE, blkid_debug("<-- leaving probing loop (type=%s) [TOPOLOGY idx=%d]", + id->name, chn->idx)); +- return 0; ++ return BLKID_PROBE_OK; + } + + DBG(LOWPROBE, blkid_debug("<-- leaving probing loop (failed) [TOPOLOGY idx=%d]", + chn->idx)); +- return 1; ++ return BLKID_PROBE_NONE; + } + + static void topology_free(blkid_probe pr __attribute__((__unused__)), diff --git a/SOURCES/2.25-libblkid-thinpool.patch b/SOURCES/2.25-libblkid-thinpool.patch index 0e5e565..b17b98c 100644 --- a/SOURCES/2.25-libblkid-thinpool.patch +++ b/SOURCES/2.25-libblkid-thinpool.patch @@ -1,6 +1,6 @@ diff -up util-linux-2.23.2/fdisks/fdisk.c.kzak util-linux-2.23.2/fdisks/fdisk.c ---- util-linux-2.23.2/fdisks/fdisk.c.kzak 2013-07-30 10:39:26.195738131 +0200 -+++ util-linux-2.23.2/fdisks/fdisk.c 2015-07-03 10:30:50.378965526 +0200 +--- util-linux-2.23.2/fdisks/fdisk.c.kzak 2015-07-02 12:37:24.465906322 +0200 ++++ util-linux-2.23.2/fdisks/fdisk.c 2015-07-02 12:37:57.870673753 +0200 @@ -34,6 +34,7 @@ #include "canonicalize.h" #include "strutils.h" @@ -10,11 +10,11 @@ diff -up util-linux-2.23.2/fdisks/fdisk.c.kzak util-linux-2.23.2/fdisks/fdisk.c #include "fdisksunlabel.h" #include "fdisksgilabel.h" diff -up util-linux-2.23.2/include/sysfs.h.kzak util-linux-2.23.2/include/sysfs.h ---- util-linux-2.23.2/include/sysfs.h.kzak 2013-06-13 09:46:10.400650451 +0200 -+++ util-linux-2.23.2/include/sysfs.h 2015-07-03 10:30:50.378965526 +0200 -@@ -73,6 +73,8 @@ extern int sysfs_is_partition_dirent(DIR - extern int sysfs_devno_to_wholedisk(dev_t dev, char *diskname, +--- util-linux-2.23.2/include/sysfs.h.kzak 2015-07-02 12:12:50.408196320 +0200 ++++ util-linux-2.23.2/include/sysfs.h 2015-07-02 12:13:09.708061372 +0200 +@@ -74,6 +74,8 @@ extern int sysfs_devno_to_wholedisk(dev_ size_t len, dev_t *diskdevno); + extern int sysfs_devno_is_wholedisk(dev_t devno); +extern int sysfs_devno_is_lvm_private(dev_t devno); + @@ -22,8 +22,8 @@ diff -up util-linux-2.23.2/include/sysfs.h.kzak util-linux-2.23.2/include/sysfs. int *c, int *t, int *l); extern char *sysfs_scsi_host_strdup_attribute(struct sysfs_cxt *cxt, diff -up util-linux-2.23.2/libblkid/src/blkidP.h.kzak util-linux-2.23.2/libblkid/src/blkidP.h ---- util-linux-2.23.2/libblkid/src/blkidP.h.kzak 2015-07-03 10:29:08.582688645 +0200 -+++ util-linux-2.23.2/libblkid/src/blkidP.h 2015-07-03 10:30:50.378965526 +0200 +--- util-linux-2.23.2/libblkid/src/blkidP.h.kzak 2015-07-02 12:18:27.349840375 +0200 ++++ util-linux-2.23.2/libblkid/src/blkidP.h 2015-07-02 12:19:07.797557558 +0200 @@ -221,6 +221,7 @@ struct blkid_struct_probe #define BLKID_FL_PRIVATE_FD (1 << 1) /* see blkid_new_probe_from_filename() */ #define BLKID_FL_TINY_DEV (1 << 2) /* <= 1.47MiB (floppy or so) */ @@ -33,8 +33,8 @@ diff -up util-linux-2.23.2/libblkid/src/blkidP.h.kzak util-linux-2.23.2/libblkid /* private per-probing flags */ #define BLKID_PROBE_FL_IGNORE_PT (1 << 1) /* ignore partition table */ diff -up util-linux-2.23.2/libblkid/src/partitions/partitions.c.kzak util-linux-2.23.2/libblkid/src/partitions/partitions.c ---- util-linux-2.23.2/libblkid/src/partitions/partitions.c.kzak 2015-07-03 10:29:08.582688645 +0200 -+++ util-linux-2.23.2/libblkid/src/partitions/partitions.c 2015-07-03 10:30:50.378965526 +0200 +--- util-linux-2.23.2/libblkid/src/partitions/partitions.c.kzak 2015-07-02 12:19:11.669530485 +0200 ++++ util-linux-2.23.2/libblkid/src/partitions/partitions.c 2015-07-02 12:28:24.166667964 +0200 @@ -537,6 +537,8 @@ static int idinfo_probe(blkid_probe pr, if (pr->size <= 0 || (id->minsz && id->minsz > pr->size)) @@ -96,8 +96,8 @@ diff -up util-linux-2.23.2/libblkid/src/partitions/partitions.c.kzak util-linux- if (!prc) goto done; diff -up util-linux-2.23.2/libblkid/src/probe.c.kzak util-linux-2.23.2/libblkid/src/probe.c ---- util-linux-2.23.2/libblkid/src/probe.c.kzak 2015-07-03 10:29:08.583688638 +0200 -+++ util-linux-2.23.2/libblkid/src/probe.c 2015-07-03 10:30:50.378965526 +0200 +--- util-linux-2.23.2/libblkid/src/probe.c.kzak 2015-07-02 12:13:48.823787869 +0200 ++++ util-linux-2.23.2/libblkid/src/probe.c 2015-07-02 12:38:20.110518915 +0200 @@ -110,6 +110,7 @@ #include "blkidP.h" @@ -150,9 +150,9 @@ diff -up util-linux-2.23.2/libblkid/src/probe.c.kzak util-linux-2.23.2/libblkid/ blkid_probe_start(pr); diff -up util-linux-2.23.2/libblkid/src/superblocks/superblocks.c.kzak util-linux-2.23.2/libblkid/src/superblocks/superblocks.c ---- util-linux-2.23.2/libblkid/src/superblocks/superblocks.c.kzak 2015-07-03 10:29:08.586688617 +0200 -+++ util-linux-2.23.2/libblkid/src/superblocks/superblocks.c 2015-07-03 10:30:50.378965526 +0200 -@@ -335,6 +335,9 @@ static int superblocks_probe(blkid_probe +--- util-linux-2.23.2/libblkid/src/superblocks/superblocks.c.kzak 2015-07-02 12:29:32.370193121 +0200 ++++ util-linux-2.23.2/libblkid/src/superblocks/superblocks.c 2015-07-02 12:31:06.897535008 +0200 +@@ -338,6 +338,9 @@ static int superblocks_probe(blkid_probe if (!pr || chn->idx < -1) return -EINVAL; @@ -162,7 +162,7 @@ diff -up util-linux-2.23.2/libblkid/src/superblocks/superblocks.c.kzak util-linu blkid_probe_chain_reset_vals(pr, chn); DBG(LOWPROBE, blkid_debug("--> starting probing loop [SUBLKS idx=%d]", -@@ -450,6 +453,9 @@ static int superblocks_safeprobe(blkid_p +@@ -453,6 +456,9 @@ static int superblocks_safeprobe(blkid_p int intol = 0; int rc; @@ -173,8 +173,8 @@ diff -up util-linux-2.23.2/libblkid/src/superblocks/superblocks.c.kzak util-linu if (blkid_probe_is_tiny(pr) && !count) diff -up util-linux-2.23.2/libblkid/src/verify.c.kzak util-linux-2.23.2/libblkid/src/verify.c ---- util-linux-2.23.2/libblkid/src/verify.c.kzak 2013-06-13 09:46:10.429650699 +0200 -+++ util-linux-2.23.2/libblkid/src/verify.c 2015-07-03 10:30:50.378965526 +0200 +--- util-linux-2.23.2/libblkid/src/verify.c.kzak 2015-07-02 12:15:51.782928121 +0200 ++++ util-linux-2.23.2/libblkid/src/verify.c 2015-07-02 12:16:45.078555470 +0200 @@ -112,6 +112,10 @@ blkid_dev blkid_verify(blkid_cache cache (unsigned long)diff)); #endif @@ -187,13 +187,12 @@ diff -up util-linux-2.23.2/libblkid/src/verify.c.kzak util-linux-2.23.2/libblkid cache->probe = blkid_new_probe(); if (!cache->probe) { diff -up util-linux-2.23.2/lib/sysfs.c.kzak util-linux-2.23.2/lib/sysfs.c ---- util-linux-2.23.2/lib/sysfs.c.kzak 2013-06-13 09:46:10.410650536 +0200 -+++ util-linux-2.23.2/lib/sysfs.c 2015-07-03 10:32:32.953236879 +0200 -@@ -638,6 +638,35 @@ err: - return -1; +--- util-linux-2.23.2/lib/sysfs.c.kzak 2015-07-02 12:12:29.193344657 +0200 ++++ util-linux-2.23.2/lib/sysfs.c 2015-07-02 12:12:13.565453930 +0200 +@@ -639,6 +639,35 @@ err: } -+/* + /* + * Returns 1 if the device is private LVM device. + */ +int sysfs_devno_is_lvm_private(dev_t devno) @@ -222,6 +221,17 @@ diff -up util-linux-2.23.2/lib/sysfs.c.kzak util-linux-2.23.2/lib/sysfs.c + return rc; +} + ++/* + * Return 0 or 1, or < 0 in case of error + */ + int sysfs_devno_is_wholedisk(dev_t devno) +@@ -651,6 +680,9 @@ int sysfs_devno_is_wholedisk(dev_t devno + return devno == disk; + } ++ ++ ++ int sysfs_scsi_get_hctl(struct sysfs_cxt *cxt, int *h, int *c, int *t, int *l) { + char buf[PATH_MAX], *hctl; diff --git a/SOURCES/2.25-libblkid-xfs-log.patch b/SOURCES/2.25-libblkid-xfs-log.patch new file mode 100644 index 0000000..41f1ec8 --- /dev/null +++ b/SOURCES/2.25-libblkid-xfs-log.patch @@ -0,0 +1,133 @@ +diff -up util-linux-2.23.2/libblkid/src/superblocks/superblocks.c.kzak util-linux-2.23.2/libblkid/src/superblocks/superblocks.c +--- util-linux-2.23.2/libblkid/src/superblocks/superblocks.c.kzak 2015-06-24 12:58:20.790115492 +0200 ++++ util-linux-2.23.2/libblkid/src/superblocks/superblocks.c 2015-06-24 12:57:57.961286166 +0200 +@@ -49,6 +49,8 @@ + * + * @UUID_SUB: subvolume uuid (e.g. btrfs) + * ++ * @LOGUUID: external log UUID (e.g. xfs) ++ * + * @UUID_RAW: raw UUID from FS superblock + * + * @EXT_JOURNAL: external journal UUID +@@ -113,6 +115,7 @@ static const struct blkid_idinfo *idinfo + &swsuspend_idinfo, + &swap_idinfo, + &xfs_idinfo, ++ &xfs_log_idinfo, + &ext4dev_idinfo, + &ext4_idinfo, + &ext3_idinfo, +diff -up util-linux-2.23.2/libblkid/src/superblocks/superblocks.h.kzak util-linux-2.23.2/libblkid/src/superblocks/superblocks.h +--- util-linux-2.23.2/libblkid/src/superblocks/superblocks.h.kzak 2015-06-24 12:58:48.533908071 +0200 ++++ util-linux-2.23.2/libblkid/src/superblocks/superblocks.h 2015-06-24 12:59:00.098821476 +0200 +@@ -29,6 +29,7 @@ extern const struct blkid_idinfo ext2_id + extern const struct blkid_idinfo jbd_idinfo; + extern const struct blkid_idinfo jfs_idinfo; + extern const struct blkid_idinfo xfs_idinfo; ++extern const struct blkid_idinfo xfs_log_idinfo; + extern const struct blkid_idinfo gfs_idinfo; + extern const struct blkid_idinfo gfs2_idinfo; + extern const struct blkid_idinfo romfs_idinfo; +diff -up util-linux-2.23.2/libblkid/src/superblocks/xfs.c.kzak util-linux-2.23.2/libblkid/src/superblocks/xfs.c +--- util-linux-2.23.2/libblkid/src/superblocks/xfs.c.kzak 2015-06-24 12:39:34.300507071 +0200 ++++ util-linux-2.23.2/libblkid/src/superblocks/xfs.c 2015-06-24 12:39:45.389427015 +0200 +@@ -4,6 +4,7 @@ + * Copyright (C) 2001 by Andreas Dilger + * Copyright (C) 2004 Kay Sievers + * Copyright (C) 2008 Karel Zak ++ * Copyright (C) 2013 Eric Sandeen + * + * This file may be redistributed under the terms of the + * GNU Lesser General Public License. +@@ -187,3 +188,90 @@ const struct blkid_idinfo xfs_idinfo = + } + }; + ++struct xlog_rec_header { ++ uint32_t h_magicno; ++ uint32_t h_dummy1[1]; ++ uint32_t h_version; ++ uint32_t h_len; ++ uint32_t h_dummy2[71]; ++ uint32_t h_fmt; ++ unsigned char h_uuid[16]; ++} __attribute__((packed)); ++ ++#define XLOG_HEADER_MAGIC_NUM 0xFEEDbabe ++ ++/* ++ * For very small filesystems, the minimum log size ++ * can be smaller, but that seems vanishingly unlikely ++ * when used with an external log (which is used for ++ * performance reasons; tiny conflicts with that goal). ++ */ ++#define XFS_MIN_LOG_BYTES (10 * 1024 * 1024) ++ ++#define XLOG_FMT_LINUX_LE 1 ++#define XLOG_FMT_LINUX_BE 2 ++#define XLOG_FMT_IRIX_BE 3 ++ ++#define XLOG_VERSION_1 1 ++#define XLOG_VERSION_2 2 /* Large IClogs, Log sunit */ ++#define XLOG_VERSION_OKBITS (XLOG_VERSION_1 | XLOG_VERSION_2) ++ ++static int xlog_valid_rec_header(struct xlog_rec_header *rhead) ++{ ++ uint32_t hlen; ++ ++ if (rhead->h_magicno != cpu_to_be32(XLOG_HEADER_MAGIC_NUM)) ++ return 0; ++ ++ if (!rhead->h_version || ++ (be32_to_cpu(rhead->h_version) & (~XLOG_VERSION_OKBITS))) ++ return 0; ++ ++ /* LR body must have data or it wouldn't have been written */ ++ hlen = be32_to_cpu(rhead->h_len); ++ if (hlen <= 0 || hlen > INT_MAX) ++ return 0; ++ ++ if (rhead->h_fmt != cpu_to_be32(XLOG_FMT_LINUX_LE) && ++ rhead->h_fmt != cpu_to_be32(XLOG_FMT_LINUX_BE) && ++ rhead->h_fmt != cpu_to_be32(XLOG_FMT_IRIX_BE)) ++ return 0; ++ ++ return 1; ++} ++ ++/* xlog record header will be in some sector in the first 256k */ ++static int probe_xfs_log(blkid_probe pr, const struct blkid_idmag *mag) ++{ ++ int i; ++ struct xlog_rec_header *rhead; ++ unsigned char *buf; ++ ++ buf = blkid_probe_get_buffer(pr, 0, 256*1024); ++ if (!buf) ++ return errno ? -errno : 1; ++ ++ if (memcmp(buf, "XFSB", 4) == 0) ++ return 1; /* this is regular XFS, ignore */ ++ ++ /* check the first 512 512-byte sectors */ ++ for (i = 0; i < 512; i++) { ++ rhead = (struct xlog_rec_header *)&buf[i*512]; ++ ++ if (xlog_valid_rec_header(rhead)) { ++ blkid_probe_set_uuid_as(pr, rhead->h_uuid, "LOGUUID"); ++ return 0; ++ } ++ } ++ ++ return 1; ++} ++ ++const struct blkid_idinfo xfs_log_idinfo = ++{ ++ .name = "xfs_external_log", ++ .usage = BLKID_USAGE_OTHER, ++ .probefunc = probe_xfs_log, ++ .magics = BLKID_NONE_MAGIC, ++ .minsz = XFS_MIN_LOG_BYTES, ++}; diff --git a/SOURCES/2.25-mount-man-default.patch b/SOURCES/2.25-mount-man-default.patch new file mode 100644 index 0000000..f137025 --- /dev/null +++ b/SOURCES/2.25-mount-man-default.patch @@ -0,0 +1,27 @@ +diff -up util-linux-2.23.2/sys-utils/mount.8.kzak util-linux-2.23.2/sys-utils/mount.8 +--- util-linux-2.23.2/sys-utils/mount.8.kzak 2015-06-24 10:44:54.888929869 +0200 ++++ util-linux-2.23.2/sys-utils/mount.8 2015-06-24 10:48:10.022436703 +0200 +@@ -865,9 +865,10 @@ Some of these options are only useful wh + .I /etc/fstab + file. + +-Some of these options could be enabled or disabled by default +-in the system kernel. To check the current setting see the options +-in /proc/mounts. ++Some of these options could be enabled or disabled by default in the system ++kernel. To check the current setting see the options in /proc/mounts. Note ++that filesystems also have per-filesystem specific default mount options (see ++for example tune2fs -l output for extN filesystems). + + The following options apply to any filesystem that is being + mounted (but not every filesystem actually honors them - e.g., the +@@ -973,6 +974,9 @@ For more details, see + .B defaults + Use default options: + .BR rw ", " suid ", " dev ", " exec ", " auto ", " nouser ", and " async. ++ ++Note that the real set of the all default mount options depends on kernel ++and filesystem type. See the begin of this section for more details. + .TP + .B dev + Interpret character or block special devices on the filesystem. diff --git a/SOURCES/2.26-libblkid-fat.patch b/SOURCES/2.26-libblkid-fat.patch new file mode 100644 index 0000000..f6f87ad --- /dev/null +++ b/SOURCES/2.26-libblkid-fat.patch @@ -0,0 +1,113 @@ +diff -up util-linux-2.23.2/libblkid/src/partitions/dos.c.kzak util-linux-2.23.2/libblkid/src/partitions/dos.c +--- util-linux-2.23.2/libblkid/src/partitions/dos.c.kzak 2015-08-21 10:16:45.244332027 +0200 ++++ util-linux-2.23.2/libblkid/src/partitions/dos.c 2015-08-21 10:22:07.181340367 +0200 +@@ -151,16 +151,6 @@ static int probe_dos_pt(blkid_probe pr, + if (memcmp(data, BLKID_AIX_MAGIC_STRING, BLKID_AIX_MAGIC_STRLEN) == 0) + goto nothing; + +- /* +- * Now that the 55aa signature is present, this is probably +- * either the boot sector of a FAT filesystem or a DOS-type +- * partition table. +- */ +- if (blkid_probe_is_vfat(pr) == 1) { +- DBG(LOWPROBE, blkid_debug("probably FAT -- ignore")); +- goto nothing; +- } +- + p0 = (struct dos_partition *) (data + BLKID_MSDOS_PT_OFFSET); + + /* +@@ -182,6 +172,16 @@ static int probe_dos_pt(blkid_probe pr, + } + } + ++ /* ++ * Now that the 55aa signature is present, this is probably ++ * either the boot sector of a FAT filesystem or a DOS-type ++ * partition table. ++ */ ++ if (blkid_probe_is_vfat(pr) == 1) { ++ DBG(LOWPROBE, blkid_debug("probably FAT -- ignore")); ++ goto nothing; ++ } ++ + blkid_probe_use_wiper(pr, BLKID_MSDOS_PT_OFFSET, + 512 - BLKID_MSDOS_PT_OFFSET); + +diff -up util-linux-2.23.2/libblkid/src/partitions/dos.h.kzak util-linux-2.23.2/libblkid/src/partitions/dos.h +--- util-linux-2.23.2/libblkid/src/partitions/dos.h.kzak 2015-08-21 10:34:14.919380422 +0200 ++++ util-linux-2.23.2/libblkid/src/partitions/dos.h 2015-08-21 10:35:45.221807669 +0200 +@@ -12,6 +12,12 @@ struct dos_partition { + + #define BLKID_MSDOS_PT_OFFSET 0x1be + ++static inline struct dos_partition *mbr_get_partition(unsigned char *mbr, int i) ++{ ++ return (struct dos_partition *) ++ (mbr + BLKID_MSDOS_PT_OFFSET + (i * sizeof(struct dos_partition))); ++} ++ + /* assemble badly aligned little endian integer */ + static inline unsigned int assemble4le(const unsigned char *p) + { +diff -up util-linux-2.23.2/libblkid/src/superblocks/vfat.c.kzak util-linux-2.23.2/libblkid/src/superblocks/vfat.c +--- util-linux-2.23.2/libblkid/src/superblocks/vfat.c.kzak 2015-08-21 10:10:12.111906711 +0200 ++++ util-linux-2.23.2/libblkid/src/superblocks/vfat.c 2015-08-21 10:35:07.733045452 +0200 +@@ -16,6 +16,7 @@ + #include + #include + ++#include "partitions/dos.h" + #include "superblocks.h" + + /* Yucky misaligned values */ +@@ -169,7 +170,8 @@ static unsigned char *search_fat_label(b + return NULL; + } + +-static int fat_valid_superblock(const struct blkid_idmag *mag, ++static int fat_valid_superblock(blkid_probe pr, ++ const struct blkid_idmag *mag, + struct msdos_super_block *ms, + struct vfat_super_block *vs, + uint32_t *cluster_count, uint32_t *fat_size) +@@ -243,6 +245,20 @@ static int fat_valid_superblock(const st + if (cluster_count) + *cluster_count = __cluster_count; + ++ if (blkid_probe_is_wholedisk(pr)) { ++ /* OK, seems like FAT, but it's possible that we found boot ++ * sector with crazy FAT-like stuff (magic strings, media, ++ * etc..) before MBR. Let's make sure that there is no MBR with ++ * usable partition. */ ++ unsigned char *buf = (unsigned char *) ms; ++ if (is_valid_mbr_signature(buf)) { ++ struct dos_partition *p0 = mbr_get_partition(buf, 0); ++ if (dos_partition_size(p0) != 0 && ++ (p0->boot_ind == 0 || p0->boot_ind == 0x80)) ++ return 0; ++ } ++ } ++ + return 1; /* valid */ + } + +@@ -270,7 +286,7 @@ int blkid_probe_is_vfat(blkid_probe pr) + if (!vs) + return errno ? -errno : 0; + +- return fat_valid_superblock(mag, ms, vs, NULL, NULL); ++ return fat_valid_superblock(pr, mag, ms, vs, NULL, NULL); + } + + /* FAT label extraction from the root directory taken from Kay +@@ -293,7 +309,7 @@ static int probe_vfat(blkid_probe pr, co + if (!vs) + return errno ? -errno : 1; + +- if (!fat_valid_superblock(mag, ms, vs, &cluster_count, &fat_size)) ++ if (!fat_valid_superblock(pr, mag, ms, vs, &cluster_count, &fat_size)) + return 1; + + sector_size = unaligned_le16(&ms->ms_sector_size); diff --git a/SOURCES/2.26-logger-man-kern.patch b/SOURCES/2.26-logger-man-kern.patch new file mode 100644 index 0000000..b7b9434 --- /dev/null +++ b/SOURCES/2.26-logger-man-kern.patch @@ -0,0 +1,72 @@ +diff -up util-linux-2.23.2/misc-utils/logger.1.kzak util-linux-2.23.2/misc-utils/logger.1 +--- util-linux-2.23.2/misc-utils/logger.1.kzak 2015-06-24 12:18:23.938735038 +0200 ++++ util-linux-2.23.2/misc-utils/logger.1 2015-06-24 12:18:33.154667053 +0200 +@@ -125,28 +125,49 @@ flag is not provided, standard input is + The + .B logger + utility exits 0 on success, and >0 if an error occurs. +-.PP ++.SH FACILITIES AND LEVELS + Valid facility names are: +-.IR auth , \ authpriv +-(for security information of a sensitive nature), +-.IR cron , \ daemon , \ ftp , \ kern +-(can't be generated from user process), +-.IR lpr , \ mail , \ news , \ security +-(deprecated synonym for +-.IR auth ), \ syslog , \ user , \ uucp , +-and +-.IR local0 \ to \ local7 , +-inclusive. ++.IP ++.TS ++tab(:); ++left l l. ++\fBauth ++\fBauthpriv\fR:for security information of a sensitive nature ++\fBcron ++\fBdaemon ++\fBftp ++\fBkern\fR:cannot be generated from userspace process, automatically converted to \fBuser ++\fBlpr ++\fBmail ++\fBnews ++\fBsyslog ++\fBuser ++\fBuucp ++\fBlocal0 ++ to: ++\fBlocal7 ++\fBsecurity\fR:deprecated synonym for \fBauth ++.TE + .PP + Valid level names are: +-.IR alert , \ crit , \ debug , \ emerg , \ err , \ error +-(deprecated synonym for +-.IR err ), \ info , \ notice , \ panic +-(deprecated synonym for +-.IR emerg ), \ warning , \ warn +-(deprecated synonym for +-.IR warning ). +-For the priority order and intended purposes of these levels, see ++.IP ++.TS ++tab(:); ++left l l. ++\fBemerg ++\fBalert ++\fBcrit ++\fBerr ++\fBwarning ++\fBnotice ++\fBinfo ++\fBdebug ++\fBpanic\fR:deprecated synonym for \fBemerg ++\fBerror\fR:deprecated synonym for \fBerr ++\fBwarn\fR:deprecated synonym for \fBwarning ++.TE ++.PP ++For the priority order and intended purposes of these facilities and levels, see + .BR syslog (3). + .SH EXAMPLES + logger System rebooted diff --git a/SOURCES/2.26-login-SIGXFSZ.patch b/SOURCES/2.26-login-SIGXFSZ.patch new file mode 100644 index 0000000..0f49c9a --- /dev/null +++ b/SOURCES/2.26-login-SIGXFSZ.patch @@ -0,0 +1,39 @@ +diff -up util-linux-2.23.2/login-utils/login.c.kzak util-linux-2.23.2/login-utils/login.c +--- util-linux-2.23.2/login-utils/login.c.kzak 2015-06-24 11:03:45.123285155 +0200 ++++ util-linux-2.23.2/login-utils/login.c 2015-06-24 11:46:19.168114438 +0200 +@@ -495,6 +495,7 @@ static void log_audit(struct login_conte + + static void log_lastlog(struct login_context *cxt) + { ++ struct sigaction sa, oldsa_xfsz; + struct lastlog ll; + time_t t; + int fd; +@@ -502,9 +503,14 @@ static void log_lastlog(struct login_con + if (!cxt->pwd) + return; + ++ /* lastlog is huge on systems with large UIDs, ignore SIGXFSZ */ ++ memset(&sa, 0, sizeof(sa)); ++ sa.sa_handler = SIG_IGN; ++ sigaction(SIGXFSZ, &sa, &oldsa_xfsz); ++ + fd = open(_PATH_LASTLOG, O_RDWR | O_CREAT, 0); + if (fd < 0) +- return; ++ goto done; + + if (lseek(fd, (off_t) cxt->pwd->pw_uid * sizeof(ll), SEEK_SET) == -1) + goto done; +@@ -542,7 +548,10 @@ static void log_lastlog(struct login_con + if (write_all(fd, (char *)&ll, sizeof(ll))) + warn(_("write lastlog failed")); + done: +- close(fd); ++ if (fd >= 0) ++ close(fd); ++ ++ sigaction(SIGXFSZ, &oldsa_xfsz, NULL); /* restore original setting */ + } + + /* diff --git a/SOURCES/2.26-lsblk-mpath.patch b/SOURCES/2.26-lsblk-mpath.patch new file mode 100644 index 0000000..1e7fae2 --- /dev/null +++ b/SOURCES/2.26-lsblk-mpath.patch @@ -0,0 +1,64 @@ +diff -up util-linux-2.23.2/misc-utils/lsblk.c.kzak util-linux-2.23.2/misc-utils/lsblk.c +--- util-linux-2.23.2/misc-utils/lsblk.c.kzak 2015-06-25 11:01:10.543344225 +0200 ++++ util-linux-2.23.2/misc-utils/lsblk.c 2015-06-25 11:14:17.085404974 +0200 +@@ -953,11 +953,13 @@ static void set_tt_data(struct blkdev_cx + }; + } + +-static void print_device(struct blkdev_cxt *cxt, struct tt_line *tt_parent) ++static void fill_table_line(struct blkdev_cxt *cxt, struct tt_line *tt_parent) + { + int i; + + cxt->tt_line = tt_add_line(lsblk->tt, tt_parent); ++ if (!cxt->tt_line) ++ return; + + for (i = 0; i < ncolumns; i++) + set_tt_data(cxt, i, get_column_id(i), cxt->tt_line); +@@ -1084,7 +1086,7 @@ static int list_partitions(struct blkdev + goto next; + + wholedisk_cxt->parent = &part_cxt; +- print_device(&part_cxt, parent_cxt ? parent_cxt->tt_line : NULL); ++ fill_table_line(&part_cxt, parent_cxt ? parent_cxt->tt_line : NULL); + if (!lsblk->nodeps) + process_blkdev(wholedisk_cxt, &part_cxt, 0, NULL); + } else { +@@ -1098,7 +1100,7 @@ static int list_partitions(struct blkdev + + /* Print whole disk only once */ + if (r) +- print_device(wholedisk_cxt, parent_cxt ? parent_cxt->tt_line : NULL); ++ fill_table_line(wholedisk_cxt, parent_cxt ? parent_cxt->tt_line : NULL); + if (ps == 0 && !lsblk->nodeps) + process_blkdev(&part_cxt, wholedisk_cxt, 0, NULL); + } +@@ -1171,9 +1173,11 @@ static int list_deps(struct blkdev_cxt * + process_blkdev(&dep, cxt, 1, d->d_name); + } + /* The dependency is a whole device. */ +- else if (!set_cxt(&dep, cxt, NULL, d->d_name)) +- process_blkdev(&dep, cxt, 1, NULL); +- ++ else if (!set_cxt(&dep, cxt, NULL, d->d_name)) { ++ /* For inverse tree we don't want to show partitions ++ * if the dependence is pn whle-disk */ ++ process_blkdev(&dep, cxt, lsblk->inverse ? 0 : 1, NULL); ++ } + reset_blkdev_cxt(&dep); + } + closedir(dir); +@@ -1185,9 +1189,10 @@ static int process_blkdev(struct blkdev_ + int do_partitions, const char *part_name) + { + if (do_partitions && cxt->npartitions) +- return list_partitions(cxt, parent, part_name); ++ list_partitions(cxt, parent, part_name); /* partitoins + whole-disk */ ++ else ++ fill_table_line(cxt, parent ? parent->tt_line : NULL); /* whole-disk only */ + +- print_device(cxt, parent ? parent->tt_line : NULL); + return list_deps(cxt); + } + diff --git a/SOURCES/2.26-su-coredump-message.patch b/SOURCES/2.26-su-coredump-message.patch new file mode 100644 index 0000000..8d2b9ba --- /dev/null +++ b/SOURCES/2.26-su-coredump-message.patch @@ -0,0 +1,17 @@ +diff -up util-linux-2.23.2/login-utils/su-common.c.kzak util-linux-2.23.2/login-utils/su-common.c +--- util-linux-2.23.2/login-utils/su-common.c.kzak 2015-06-24 11:14:25.102395082 +0200 ++++ util-linux-2.23.2/login-utils/su-common.c 2015-06-24 11:22:20.472859684 +0200 +@@ -359,10 +359,9 @@ create_watching_parent (void) + if (pid != (pid_t)-1) + if (WIFSIGNALED (status)) + { +- status = WTERMSIG (status) + 128; +- if (WCOREDUMP (status)) +- fprintf (stderr, _("%s (core dumped)\n"), +- strsignal (WTERMSIG (status))); ++ fprintf (stderr, "%s%s\n", strsignal (WTERMSIG (status)), ++ WCOREDUMP (status) ? _(" (core dumped)") : ""); ++ status = WTERMSIG (status) + 128; + } + else + status = WEXITSTATUS (status); diff --git a/SOURCES/2.26-unshare-rebase.patch b/SOURCES/2.26-unshare-rebase.patch new file mode 100644 index 0000000..672ff36 --- /dev/null +++ b/SOURCES/2.26-unshare-rebase.patch @@ -0,0 +1,757 @@ +diff -up util-linux-2.23.2/include/pathnames.h.kzak util-linux-2.23.2/include/pathnames.h +--- util-linux-2.23.2/include/pathnames.h.kzak 2015-06-26 10:00:19.111877564 +0200 ++++ util-linux-2.23.2/include/pathnames.h 2015-06-26 10:00:51.623630869 +0200 +@@ -85,6 +85,10 @@ + #define _PATH_PROC_LOCKS "/proc/locks" + #define _PATH_PROC_CDROMINFO "/proc/sys/dev/cdrom/info" + ++#define _PATH_PROC_UIDMAP "/proc/self/uid_map" ++#define _PATH_PROC_GIDMAP "/proc/self/gid_map" ++#define _PATH_PROC_SETGROUPS "/proc/self/setgroups" ++ + #define _PATH_PROC_ATTR_CURRENT "/proc/self/attr/current" + #define _PATH_PROC_ATTR_EXEC "/proc/self/attr/exec" + #define _PATH_PROC_CAPLASTCAP "/proc/sys/kernel/cap_last_cap" +diff -up util-linux-2.23.2/sys-utils/Makemodule.am.kzak util-linux-2.23.2/sys-utils/Makemodule.am +diff -up util-linux-2.23.2/sys-utils/nsenter.1.kzak util-linux-2.23.2/sys-utils/nsenter.1 +--- util-linux-2.23.2/sys-utils/nsenter.1.kzak 2015-06-26 09:58:39.468633643 +0200 ++++ util-linux-2.23.2/sys-utils/nsenter.1 2015-06-26 09:58:51.672541041 +0200 +@@ -1,44 +1,45 @@ +-.TH NSENTER 1 "January 2013" "util-linux" "User Commands" ++.TH NSENTER 1 "June 2013" "util-linux" "User Commands" + .SH NAME + nsenter \- run program with namespaces of other processes + .SH SYNOPSIS + .B nsenter +-.RI [ options ] +-.RI [ program ] +-.RI [ arguments ] ++[options] ++.RI [ program ++.RI [ arguments ]] + .SH DESCRIPTION + Enters the namespaces of one or more other processes and then executes the specified + program. Enterable namespaces are: + .TP + .B mount namespace +-mounting and unmounting filesystems will not affect rest of the system ++Mounting and unmounting filesystems will not affect the rest of the system + .RB ( CLONE_\:NEWNS +-flag), except for filesystems which are explicitly marked as shared (by mount +---make-\:shared). See /proc\:/self\:/mountinfo for the shared flag. ++flag), except for filesystems which are explicitly marked as shared (with ++\fBmount --make-\:shared\fP; see \fI/proc\:/self\:/mountinfo\fP for the ++\fBshared\fP flag). + .TP + .B UTS namespace +-setting hostname, domainname will not affect rest of the system ++Setting hostname or domainname will not affect the rest of the system. + .RB ( CLONE_\:NEWUTS +-flag). ++flag) + .TP + .B IPC namespace +-process will have independent namespace for System V message queues, semaphore +-sets and shared memory segments ++The process will have an independent namespace for System V message queues, ++semaphore sets and shared memory segments. + .RB ( CLONE_\:NEWIPC +-flag). ++flag) + .TP + .B network namespace +-process will have independent IPv4 and IPv6 stacks, IP routing tables, firewall +-rules, the ++The process will have independent IPv4 and IPv6 stacks, IP routing tables, ++firewall rules, the + .I /proc\:/net + and + .I /sys\:/class\:/net +-directory trees, sockets etc. ++directory trees, sockets, etc. + .RB ( CLONE_\:NEWNET +-flag). ++flag) + .TP + .B PID namespace +-children will have a set of PID to process mappings separate from the ++Children will have a set of PID to process mappings separate from the + .B nsenter + process + .RB ( CLONE_\:NEWPID +@@ -46,18 +47,18 @@ flag). + .B nsenter + will fork by default if changing the PID namespace, so that the new program + and its children share the same PID namespace and are visible to each other. +-If \-\-no\-fork is used, the new program will be exec'ed without forking. +-.PP +-See the +-.BR clone (2) +-for exact semantics of the flags. ++If \fB\-\-no\-fork\fP is used, the new program will be exec'ed without forking. + .TP +-If program is not given, run ``${SHELL}'' (default: /bin\:/sh). ++.B user namespace ++The process will have a distinct set of UIDs, GIDs and capabilities. ++.RB ( CLONE_\:NEWUSER ++flag) ++.TP ++See \fBclone\fP(2) for the exact semantics of the flags. ++.TP ++If \fIprogram\fP is not given, then ``${SHELL}'' is run (default: /bin\:/sh). + + .SH OPTIONS +-Argument with square brakets, such as [\fIfile\fR], means optional argument. +-Command line syntax to specify optional argument \-\-mount=/path\:/to\:/file. +-Please notice the equals sign. + .TP + \fB\-t\fR, \fB\-\-target\fR \fIpid\fP + Specify a target process to get contexts from. The paths to the contexts +@@ -83,6 +84,9 @@ the network namespace + /proc/\fIpid\fR/ns/pid + the PID namespace + .TP ++/proc/\fIpid\fR/ns/user ++the user namespace ++.TP + /proc/\fIpid\fR/root + the root directory + .TP +@@ -91,51 +95,71 @@ the working directory respectively + .PD + .RE + .TP +-\fB\-m\fR, \fB\-\-mount\fR [\fIfile\fR] +-Enter the mount namespace. If no file is specified enter the mount namespace +-of the target process. If file is specified enter the mount namespace ++\fB\-m\fR, \fB\-\-mount\fR[=\fIfile\fR] ++Enter the mount namespace. If no file is specified, enter the mount namespace ++of the target process. If file is specified, enter the mount namespace + specified by file. + .TP +-\fB\-u\fR, \fB\-\-uts\fR [\fIfile\fR] +-Enter the UTS namespace. If no file is specified enter the UTS namespace of +-the target process. If file is specified enter the UTS namespace specified by ++\fB\-u\fR, \fB\-\-uts\fR[=\fIfile\fR] ++Enter the UTS namespace. If no file is specified, enter the UTS namespace of ++the target process. If file is specified, enter the UTS namespace specified by + file. + .TP +-\fB\-i\fR, \fB\-\-ipc\fR [\fIfile\fR] +-Enter the IPC namespace. If no file is specified enter the IPC namespace of +-the target process. If file is specified enter the IPC namespace specified by ++\fB\-i\fR, \fB\-\-ipc\fR[=\fIfile\fR] ++Enter the IPC namespace. If no file is specified, enter the IPC namespace of ++the target process. If file is specified, enter the IPC namespace specified by + file. + .TP +-\fB\-n\fR, \fB\-\-net\fR [\fIfile\fR] +-Enter the network namespace. If no file is specified enter the network +-namespace of the target process. If file is specified enter the network ++\fB\-n\fR, \fB\-\-net\fR[=\fIfile\fR] ++Enter the network namespace. If no file is specified, enter the network ++namespace of the target process. If file is specified, enter the network + namespace specified by file. + .TP +-\fB\-p\fR, \fB\-\-pid\fR [\fIfile\fR] +-Enter the PID namespace. If no file is specified enter the PID namespace of +-the target process. If file is specified enter the PID namespace specified by ++\fB\-p\fR, \fB\-\-pid\fR[=\fIfile\fR] ++Enter the PID namespace. If no file is specified, enter the PID namespace of ++the target process. If file is specified, enter the PID namespace specified by + file. + .TP +-\fB\-r\fR, \fB\-\-root\fR [\fIdirectory\fR] +-Set the root directory. If no directory is specified set the root directory to +-the root directory of the target process. If directory is specified set the ++\fB\-U\fR, \fB\-\-user\fR[=\fIfile\fR] ++Enter the user namespace. If no file is specified, enter the user namespace of ++the target process. If file is specified, enter the user namespace specified by ++file. See also the \fB\-\-setuid\fR and \fB\-\-setgid\fR options. ++.TP ++\fB\-G\fR, \fB\-\-setgid\fR \fIgid\fR ++Set the group ID which will be used in the entered namespace and drop ++supplementary groups. ++.BR nsenter (1) ++always sets GID for user namespaces, the default is 0. ++.TP ++\fB\-S\fR, \fB\-\-setuid\fR \fIuid\fR ++Set the user ID which will be used in the entered namespace. ++.BR nsenter (1) ++always sets UID for user namespaces, the default is 0. ++.TP ++\fB\-\-preserve\-credentials\fR ++Don't modify UID and GID when enter user namespace. The default is to ++drops supplementary groups and sets GID and UID to 0. ++.TP ++\fB\-r\fR, \fB\-\-root\fR[=\fIdirectory\fR] ++Set the root directory. If no directory is specified, set the root directory to ++the root directory of the target process. If directory is specified, set the + root directory to the specified directory. + .TP +-\fB\-w\fR, \fB\-\-wd\fR [\fIdirectory\fR] +-Set the working directory. If no directory is specified set the working ++\fB\-w\fR, \fB\-\-wd\fR[=\fIdirectory\fR] ++Set the working directory. If no directory is specified, set the working + directory to the working directory of the target process. If directory is +-specified set the working directory to the specified directory. ++specified, set the working directory to the specified directory. + .TP +-\fB\-F\fR, \fB\-\-no-fork\fR +-Do not fork before exec'ing the specified program. By default when entering a +-pid namespace enter calls fork before calling exec so that the children will be +-in the newly entered pid namespace. ++\fB\-F\fR, \fB\-\-no\-fork\fR ++Do not fork before exec'ing the specified program. By default, when entering a ++PID namespace, \fBnsenter\fP calls \fBfork\fP before calling \fBexec\fP so that ++any children will also be in the newly entered PID namespace. + .TP + \fB\-V\fR, \fB\-\-version\fR + Display version information and exit. + .TP + \fB\-h\fR, \fB\-\-help\fR +-Print a help message. ++Display help text and exit. + .SH SEE ALSO + .BR setns (2), + .BR clone (2) +diff -up util-linux-2.23.2/sys-utils/nsenter.c.kzak util-linux-2.23.2/sys-utils/nsenter.c +--- util-linux-2.23.2/sys-utils/nsenter.c.kzak 2015-06-26 09:58:39.468633643 +0200 ++++ util-linux-2.23.2/sys-utils/nsenter.c 2015-06-26 09:58:51.673541033 +0200 +@@ -28,6 +28,7 @@ + #include + #include + #include ++#include + + #include "strutils.h" + #include "nls.h" +@@ -42,7 +43,12 @@ static struct namespace_file { + int fd; + } namespace_files[] = { + /* Careful the order is significant in this array. ++ * ++ * The user namespace comes first, so that it is entered ++ * first. This gives an unprivileged user the potential to ++ * enter the other namespaces. + */ ++ { .nstype = CLONE_NEWUSER, .name = "ns/user", .fd = -1 }, + { .nstype = CLONE_NEWIPC, .name = "ns/ipc", .fd = -1 }, + { .nstype = CLONE_NEWUTS, .name = "ns/uts", .fd = -1 }, + { .nstype = CLONE_NEWNET, .name = "ns/net", .fd = -1 }, +@@ -56,18 +62,25 @@ static void usage(int status) + FILE *out = status == EXIT_SUCCESS ? stdout : stderr; + + fputs(USAGE_HEADER, out); +- fprintf(out, _(" %s [options] [args...]\n"), ++ fprintf(out, _(" %s [options] [...]\n"), + program_invocation_short_name); + ++ fputs(USAGE_SEPARATOR, out); ++ fputs(_("Run a program with namespaces of other processes.\n"), out); ++ + fputs(USAGE_OPTIONS, out); + fputs(_(" -t, --target target process to get namespaces from\n"), out); +- fputs(_(" -m, --mount [=] enter mount namespace\n"), out); +- fputs(_(" -u, --uts [=] enter UTS namespace (hostname etc)\n"), out); +- fputs(_(" -i, --ipc [=] enter System V IPC namespace\n"), out); +- fputs(_(" -n, --net [=] enter network namespace\n"), out); +- fputs(_(" -p, --pid [=] enter pid namespace\n"), out); +- fputs(_(" -r, --root [=] set the root directory\n"), out); +- fputs(_(" -w, --wd [=] set the working directory\n"), out); ++ fputs(_(" -m, --mount[=] enter mount namespace\n"), out); ++ fputs(_(" -u, --uts[=] enter UTS namespace (hostname etc)\n"), out); ++ fputs(_(" -i, --ipc[=] enter System V IPC namespace\n"), out); ++ fputs(_(" -n, --net[=] enter network namespace\n"), out); ++ fputs(_(" -p, --pid[=] enter pid namespace\n"), out); ++ fputs(_(" -U, --user[=] enter user namespace\n"), out); ++ fputs(_(" -S, --setuid set uid in entered namespace\n"), out); ++ fputs(_(" -G, --setgid set gid in entered namespace\n"), out); ++ fputs(_(" --preserve-credentials do not touch uids or gids\n"), out); ++ fputs(_(" -r, --root[=] set the root directory\n"), out); ++ fputs(_(" -w, --wd[=] set the working directory\n"), out); + fputs(_(" -F, --no-fork do not fork before exec'ing \n"), out); + + fputs(USAGE_SEPARATOR, out); +@@ -153,6 +166,9 @@ static void continue_as_child(void) + + int main(int argc, char *argv[]) + { ++ enum { ++ OPT_PRESERVE_CRED = CHAR_MAX + 1 ++ }; + static const struct option longopts[] = { + { "help", no_argument, NULL, 'h' }, + { "version", no_argument, NULL, 'V'}, +@@ -162,24 +178,30 @@ int main(int argc, char *argv[]) + { "ipc", optional_argument, NULL, 'i' }, + { "net", optional_argument, NULL, 'n' }, + { "pid", optional_argument, NULL, 'p' }, ++ { "user", optional_argument, NULL, 'U' }, ++ { "setuid", required_argument, NULL, 'S' }, ++ { "setgid", required_argument, NULL, 'G' }, + { "root", optional_argument, NULL, 'r' }, + { "wd", optional_argument, NULL, 'w' }, + { "no-fork", no_argument, NULL, 'F' }, ++ { "preserve-credentials", no_argument, NULL, OPT_PRESERVE_CRED }, + { NULL, 0, NULL, 0 } + }; + + struct namespace_file *nsfile; +- int c, namespaces = 0; +- bool do_rd = false, do_wd = false; ++ int c, namespaces = 0, setgroups_nerrs = 0, preserve_cred = 0; ++ bool do_rd = false, do_wd = false, force_uid = false, force_gid = false; + int do_fork = -1; /* unknown yet */ ++ uid_t uid = 0; ++ gid_t gid = 0; + +- setlocale(LC_MESSAGES, ""); ++ setlocale(LC_ALL, ""); + bindtextdomain(PACKAGE, LOCALEDIR); + textdomain(PACKAGE); + atexit(close_stdout); + + while ((c = +- getopt_long(argc, argv, "hVt:m::u::i::n::p::r::w::F", ++ getopt_long(argc, argv, "+hVt:m::u::i::n::p::U::S:G:r::w::F", + longopts, NULL)) != -1) { + switch (c) { + case 'h': +@@ -221,6 +243,20 @@ int main(int argc, char *argv[]) + else + namespaces |= CLONE_NEWPID; + break; ++ case 'U': ++ if (optarg) ++ open_namespace_fd(CLONE_NEWUSER, optarg); ++ else ++ namespaces |= CLONE_NEWUSER; ++ break; ++ case 'S': ++ uid = strtoul_or_err(optarg, _("failed to parse uid")); ++ force_uid = true; ++ break; ++ case 'G': ++ gid = strtoul_or_err(optarg, _("failed to parse gid")); ++ force_gid = true; ++ break; + case 'F': + do_fork = 0; + break; +@@ -236,6 +272,9 @@ int main(int argc, char *argv[]) + else + do_wd = true; + break; ++ case OPT_PRESERVE_CRED: ++ preserve_cred = 1; ++ break; + default: + usage(EXIT_FAILURE); + } +@@ -253,6 +292,26 @@ int main(int argc, char *argv[]) + open_target_fd(&wd_fd, "cwd", NULL); + + /* ++ * Update namespaces variable to contain all requested namespaces ++ */ ++ for (nsfile = namespace_files; nsfile->nstype; nsfile++) { ++ if (nsfile->fd < 0) ++ continue; ++ namespaces |= nsfile->nstype; ++ } ++ ++ /* for user namespaces we always set UID and GID (default is 0) ++ * and clear root's groups if --preserve-credentials is no specified */ ++ if ((namespaces & CLONE_NEWUSER) && !preserve_cred) { ++ force_uid = true, force_gid = true; ++ ++ /* We call setgroups() before and after we enter user namespace, ++ * let's complain only if both fail */ ++ if (setgroups(0, NULL) != 0) ++ setgroups_nerrs++; ++ } ++ ++ /* + * Now that we know which namespaces we want to enter, enter them. + */ + for (nsfile = namespace_files; nsfile->nstype; nsfile++) { +@@ -302,6 +361,15 @@ int main(int argc, char *argv[]) + if (do_fork == 1) + continue_as_child(); + ++ if (force_uid || force_gid) { ++ if (force_gid && setgroups(0, NULL) != 0 && setgroups_nerrs) /* drop supplementary groups */ ++ err(EXIT_FAILURE, _("setgroups failed")); ++ if (force_gid && setgid(gid) < 0) /* change GID */ ++ err(EXIT_FAILURE, _("setgid failed")); ++ if (force_uid && setuid(uid) < 0) /* change UID */ ++ err(EXIT_FAILURE, _("setuid failed")); ++ } ++ + if (optind < argc) { + execvp(argv[optind], argv + optind); + err(EXIT_FAILURE, _("failed to execute %s"), argv[optind]); +diff -up util-linux-2.23.2/sys-utils/unshare.1.kzak util-linux-2.23.2/sys-utils/unshare.1 +--- util-linux-2.23.2/sys-utils/unshare.1.kzak 2015-06-26 09:58:39.484633521 +0200 ++++ util-linux-2.23.2/sys-utils/unshare.1 2015-06-26 09:58:51.673541033 +0200 +@@ -1,28 +1,27 @@ +-.\" Process this file with +-.\" groff -man -Tascii lscpu.1 +-.\" +-.TH UNSHARE 1 "July 2013" "util-linux" "User Commands" ++.TH UNSHARE 1 "July 2014" "util-linux" "User Commands" + .SH NAME + unshare \- run program with some namespaces unshared from parent + .SH SYNOPSIS + .B unshare +-.RI [ options ] ++[options] + .I program + .RI [ arguments ] + .SH DESCRIPTION + Unshares the indicated namespaces from the parent process and then executes +-the specified program. The namespaces to be unshared are indicated via ++the specified \fIprogram\fR. The namespaces to be unshared are indicated via + options. Unshareable namespaces are: + .TP + .BR "mount namespace" + Mounting and unmounting filesystems will not affect the rest of the system + (\fBCLONE_NEWNS\fP flag), except for filesystems which are explicitly marked as +-shared (with \fBmount --make-shared\fP; see \fI/proc/self/mountinfo\fP for the +-\fBshared\fP flags). +- +-It's recommended to use \fBmount --make-rprivate\fP or \fBmount --make-rslave\fP +-after \fBunshare --mount\fP to make sure that mountpoints in the new namespace +-are really unshared from parental namespace. ++shared (with \fBmount --make-shared\fP; see \fI/proc/self/mountinfo\fP or ++\fBfindmnt -o+PROPAGATION\fP for the \fBshared\fP flags). ++.sp ++.B unshare ++automatically sets propagation to \fBprivate\fP ++in the new mount namespace to make sure that the new namespace is really ++unshared. This feature is possible to disable by option \fB\-\-propagation unchanged\fP. ++Note that \fBprivate\fP is the kernel default. + .TP + .BR "UTS namespace" + Setting hostname or domainname will not affect the rest of the system. +@@ -40,13 +39,14 @@ sockets, etc. (\fBCLONE_NEWNET\fP flag) + .BR "pid namespace" + Children will have a distinct set of PID to process mappings from their parent. + (\fBCLONE_NEWPID\fP flag) ++.TP ++.BR "user namespace" ++The process will have a distinct set of UIDs, GIDs and capabilities. ++(\fBCLONE_NEWUSER\fP flag) + .PP + See \fBclone\fR(2) for the exact semantics of the flags. + .SH OPTIONS + .TP +-.BR \-h , " \-\-help" +-Display help text and exit. +-.TP + .BR \-i , " \-\-ipc" + Unshare the IPC namespace. + .TP +@@ -63,16 +63,68 @@ See also the \fB--fork\fP and \fB--mount + .BR \-u , " \-\-uts" + Unshare the UTS namespace. + .TP ++.BR \-U , " \-\-user" ++Unshare the user namespace. ++.TP + .BR \-f , " \-\-fork" + Fork the specified \fIprogram\fR as a child process of \fBunshare\fR rather than + running it directly. This is useful when creating a new pid namespace. + .TP +-.BR \-\-mount-proc "[=\fImountpoint\fP]" +-Just before running the program, mount the proc filesystem at the \fImountpoint\fP ++.BR \-\-mount\-proc "[=\fImountpoint\fP]" ++Just before running the program, mount the proc filesystem at \fImountpoint\fP + (default is /proc). This is useful when creating a new pid namespace. It also + implies creating a new mount namespace since the /proc mount would otherwise +-mess up existing programs on the system. The new proc filesystem is explicitly ++mess up existing programs on the system. The new proc filesystem is explicitly + mounted as private (by MS_PRIVATE|MS_REC). ++.TP ++.BR \-r , " \-\-map\-root\-user" ++Run the program only after the current effective user and group IDs have been mapped to ++the superuser UID and GID in the newly created user namespace. This makes it possible to ++conveniently gain capabilities needed to manage various aspects of the newly created ++namespaces (such as configuring interfaces in the network namespace or mounting filesystems in ++the mount namespace) even when run unprivileged. As a mere convenience feature, it does not support ++more sophisticated use cases, such as mapping multiple ranges of UIDs and GIDs. ++This option implies --setgroups=deny. ++.TP ++.BR "\-\-propagation \fIprivate|shared|slave|unchanged\fP" ++Recursively sets mount propagation flag in the new mount namespace. The default ++is to set the propagation to \fIprivate\fP, this feature is possible to disable ++by \fIunchanged\fP argument. The options is silently ignored when mount namespace (\fB\-\-mount\fP) ++is not requested. ++.TP ++.BR "\-\-setgroups \fIallow|deny\fP" ++Allow or deny ++.BR setgroups (2) ++syscall in user namespaces. ++ ++.BR setgroups(2) ++is only callable with CAP_SETGID and CAP_SETGID in a user ++namespace (since Linux 3.19) does not give you permission to call setgroups(2) ++until after GID map has been set. The GID map is writable by root when ++.BR setgroups(2) ++is enabled and GID map becomes writable by unprivileged processes when ++.BR setgroups(2) ++is permanently disabled. ++.TP ++.BR \-V , " \-\-version" ++Display version information and exit. ++.TP ++.BR \-h , " \-\-help" ++Display help text and exit. ++.SH EXAMPLES ++.TP ++.B # unshare --fork --pid --mount-proc readlink /proc/self ++.TQ ++1 ++.br ++Establish a PID namespace, ensure we're PID 1 in it against newly mounted ++procfs instance. ++.TP ++.B $ unshare --map-root-user --user sh -c whoami ++.TQ ++root ++.br ++Establish a user namespace as an unprivileged user with a root user within it. + .SH SEE ALSO + .BR unshare (2), + .BR clone (2), +diff -up util-linux-2.23.2/sys-utils/unshare.c.kzak util-linux-2.23.2/sys-utils/unshare.c +--- util-linux-2.23.2/sys-utils/unshare.c.kzak 2015-06-26 09:58:39.484633521 +0200 ++++ util-linux-2.23.2/sys-utils/unshare.c 2015-06-26 09:58:51.673541033 +0200 +@@ -32,19 +32,117 @@ + + #include "nls.h" + #include "c.h" ++#include "closestream.h" + #include "namespace.h" + #include "exec_shell.h" + #include "xalloc.h" + #include "pathnames.h" ++#include "all-io.h" + ++/* 'private' is kernel default */ ++#define UNSHARE_PROPAGATION_DEFAULT (MS_REC | MS_PRIVATE) ++ ++enum { ++ SETGROUPS_NONE = -1, ++ SETGROUPS_DENY = 0, ++ SETGROUPS_ALLOW = 1, ++}; ++ ++static const char *setgroups_strings[] = ++{ ++ [SETGROUPS_DENY] = "deny", ++ [SETGROUPS_ALLOW] = "allow" ++}; ++ ++static int setgroups_str2id(const char *str) ++{ ++ size_t i; ++ ++ for (i = 0; i < ARRAY_SIZE(setgroups_strings); i++) ++ if (strcmp(str, setgroups_strings[i]) == 0) ++ return i; ++ ++ errx(EXIT_FAILURE, _("unsupported --setgroups argument '%s'"), str); ++} ++ ++static void setgroups_control(int action) ++{ ++ const char *file = _PATH_PROC_SETGROUPS; ++ const char *cmd; ++ int fd; ++ ++ if (action < 0 || (size_t) action >= ARRAY_SIZE(setgroups_strings)) ++ return; ++ cmd = setgroups_strings[action]; ++ ++ fd = open(file, O_WRONLY); ++ if (fd < 0) { ++ if (errno == ENOENT) ++ return; ++ err(EXIT_FAILURE, _("cannot open %s"), file); ++ } ++ ++ if (write_all(fd, cmd, strlen(cmd))) ++ err(EXIT_FAILURE, _("write failed %s"), file); ++ close(fd); ++} ++ ++static void map_id(const char *file, uint32_t from, uint32_t to) ++{ ++ char *buf; ++ int fd; ++ ++ fd = open(file, O_WRONLY); ++ if (fd < 0) ++ err(EXIT_FAILURE, _("cannot open %s"), file); ++ ++ xasprintf(&buf, "%u %u 1", from, to); ++ if (write_all(fd, buf, strlen(buf))) ++ err(EXIT_FAILURE, _("write failed %s"), file); ++ free(buf); ++ close(fd); ++} ++ ++static unsigned long parse_propagation(const char *str) ++{ ++ size_t i; ++ static const struct prop_opts { ++ const char *name; ++ unsigned long flag; ++ } opts[] = { ++ { "slave", MS_REC | MS_SLAVE }, ++ { "private", MS_REC | MS_PRIVATE }, ++ { "shared", MS_REC | MS_SHARED }, ++ { "unchanged", 0 } ++ }; ++ ++ for (i = 0; i < ARRAY_SIZE(opts); i++) { ++ if (strcmp(opts[i].name, str) == 0) ++ return opts[i].flag; ++ } ++ ++ errx(EXIT_FAILURE, _("unsupported propagation mode: %s"), str); ++} ++ ++static void set_propagation(unsigned long flags) ++{ ++ if (flags == 0) ++ return; ++ ++ if (mount("none", "/", NULL, flags, NULL) != 0) ++ err(EXIT_FAILURE, _("cannot change root filesystem propagation")); ++} + + static void usage(int status) + { + FILE *out = status == EXIT_SUCCESS ? stdout : stderr; + + fputs(USAGE_HEADER, out); +- fprintf(out, +- _(" %s [options] [args...]\n"), program_invocation_short_name); ++ fprintf(out, _(" %s [options] [...]\n"), ++ program_invocation_short_name); ++ ++ fputs(USAGE_SEPARATOR, out); ++ fputs(_("Run a program with some namespaces unshared from the parent.\n"), out); + + fputs(USAGE_OPTIONS, out); + fputs(_(" -m, --mount unshare mounts namespace\n"), out); +@@ -52,8 +150,13 @@ static void usage(int status) + fputs(_(" -i, --ipc unshare System V IPC namespace\n"), out); + fputs(_(" -n, --net unshare network namespace\n"), out); + fputs(_(" -p, --pid unshare pid namespace\n"), out); ++ fputs(_(" -U, --user unshare user namespace\n"), out); + fputs(_(" -f, --fork fork before launching \n"), out); + fputs(_(" --mount-proc[=] mount proc filesystem first (implies --mount)\n"), out); ++ fputs(_(" -r, --map-root-user map current user to root (implies --user)\n"), out); ++ fputs(_(" --propagation \n" ++ " modify mount propagation in mount namespace\n"), out); ++ fputs(_(" -s, --setgroups allow|deny control the setgroups syscall in user namespaces\n"), out); + + fputs(USAGE_SEPARATOR, out); + fputs(USAGE_HELP, out); +@@ -66,7 +169,9 @@ static void usage(int status) + int main(int argc, char *argv[]) + { + enum { +- OPT_MOUNTPROC = CHAR_MAX + 1 ++ OPT_MOUNTPROC = CHAR_MAX + 1, ++ OPT_PROPAGATION, ++ OPT_SETGROUPS + }; + static const struct option longopts[] = { + { "help", no_argument, 0, 'h' }, +@@ -76,20 +181,29 @@ int main(int argc, char *argv[]) + { "ipc", no_argument, 0, 'i' }, + { "net", no_argument, 0, 'n' }, + { "pid", no_argument, 0, 'p' }, ++ { "user", no_argument, 0, 'U' }, + { "fork", no_argument, 0, 'f' }, + { "mount-proc", optional_argument, 0, OPT_MOUNTPROC }, ++ { "map-root-user", no_argument, 0, 'r' }, ++ { "propagation", required_argument, 0, OPT_PROPAGATION }, ++ { "setgroups", required_argument, 0, OPT_SETGROUPS }, + { NULL, 0, 0, 0 } + }; + ++ int setgrpcmd = SETGROUPS_NONE; + int unshare_flags = 0; +- int c, forkit = 0; ++ int c, forkit = 0, maproot = 0; + const char *procmnt = NULL; ++ unsigned long propagation = UNSHARE_PROPAGATION_DEFAULT; ++ uid_t real_euid = geteuid(); ++ gid_t real_egid = getegid();; + + setlocale(LC_ALL, ""); + bindtextdomain(PACKAGE, LOCALEDIR); + textdomain(PACKAGE); ++ atexit(close_stdout); + +- while ((c = getopt_long(argc, argv, "+fhVmuinp", longopts, NULL)) != -1) { ++ while ((c = getopt_long(argc, argv, "+fhVmuinpUr", longopts, NULL)) != -1) { + switch (c) { + case 'f': + forkit = 1; +@@ -114,10 +228,23 @@ int main(int argc, char *argv[]) + case 'p': + unshare_flags |= CLONE_NEWPID; + break; ++ case 'U': ++ unshare_flags |= CLONE_NEWUSER; ++ break; + case OPT_MOUNTPROC: + unshare_flags |= CLONE_NEWNS; + procmnt = optarg ? optarg : "/proc"; + break; ++ case 'r': ++ unshare_flags |= CLONE_NEWUSER; ++ maproot = 1; ++ break; ++ case OPT_SETGROUPS: ++ setgrpcmd = setgroups_str2id(optarg); ++ break; ++ case OPT_PROPAGATION: ++ propagation = parse_propagation(optarg); ++ break; + default: + usage(EXIT_FAILURE); + } +@@ -146,6 +273,25 @@ int main(int argc, char *argv[]) + } + } + ++ if (maproot) { ++ if (setgrpcmd == SETGROUPS_ALLOW) ++ errx(EXIT_FAILURE, _("options --setgroups=allow and " ++ "--map-root-user are mutually exclusive")); ++ ++ /* since Linux 3.19 unprivileged writing of /proc/self/gid_map ++ * has s been disabled unless /proc/self/setgroups is written ++ * first to permanently disable the ability to call setgroups ++ * in that user namespace. */ ++ setgroups_control(SETGROUPS_DENY); ++ map_id(_PATH_PROC_UIDMAP, 0, real_euid); ++ map_id(_PATH_PROC_GIDMAP, 0, real_egid); ++ ++ } else if (setgrpcmd != SETGROUPS_NONE) ++ setgroups_control(setgrpcmd); ++ ++ if ((unshare_flags & CLONE_NEWNS) && propagation) ++ set_propagation(propagation); ++ + if (procmnt && + (mount("none", procmnt, NULL, MS_PRIVATE|MS_REC, NULL) != 0 || + mount("proc", procmnt, "proc", MS_NOSUID|MS_NOEXEC|MS_NODEV, NULL) != 0)) diff --git a/SOURCES/v2.26-nsenter-selinux.patch b/SOURCES/v2.26-nsenter-selinux.patch new file mode 100644 index 0000000..0676127 --- /dev/null +++ b/SOURCES/v2.26-nsenter-selinux.patch @@ -0,0 +1,129 @@ +diff -up util-linux-2.23.2/sys-utils/Makemodule.am.kzak util-linux-2.23.2/sys-utils/Makemodule.am +--- util-linux-2.23.2/sys-utils/Makemodule.am.kzak 2015-06-26 10:21:34.337221288 +0200 ++++ util-linux-2.23.2/sys-utils/Makemodule.am 2015-06-26 10:22:18.719885983 +0200 +@@ -308,7 +308,7 @@ if BUILD_NSENTER + usrbin_exec_PROGRAMS += nsenter + dist_man_MANS += sys-utils/nsenter.1 + nsenter_SOURCES = sys-utils/nsenter.c +-nsenter_LDADD = $(LDADD) libcommon.la ++nsenter_LDADD = $(LDADD) libcommon.la $(SELINUX_LIBS) + endif + + if BUILD_HWCLOCK +diff -up util-linux-2.23.2/sys-utils/nsenter.1.kzak util-linux-2.23.2/sys-utils/nsenter.1 +--- util-linux-2.23.2/sys-utils/nsenter.1.kzak 2015-06-26 10:14:00.947646586 +0200 ++++ util-linux-2.23.2/sys-utils/nsenter.1 2015-06-26 10:21:34.337221288 +0200 +@@ -155,6 +155,11 @@ Do not fork before exec'ing the specifie + PID namespace, \fBnsenter\fP calls \fBfork\fP before calling \fBexec\fP so that + any children will also be in the newly entered PID namespace. + .TP ++\fB\-Z\fR, \fB\-\-follow\-context\fR ++Set the SELinux security context used for executing a new process according to ++already running process specified by \fB\-\-target\fR PID. (The util-linux has ++to be compiled with SELinux support otherwise the option is unavailable.) ++.TP + \fB\-V\fR, \fB\-\-version\fR + Display version information and exit. + .TP +@@ -163,10 +168,14 @@ Display help text and exit. + .SH SEE ALSO + .BR setns (2), + .BR clone (2) +-.SH AUTHOR +-.MT ebiederm@xmission.com ++.SH AUTHORS ++.UR biederm@xmission.com + Eric Biederman +-.ME ++.UE ++.br ++.UR kzak@redhat.com ++Karel Zak ++.UE + .SH AVAILABILITY + The nsenter command is part of the util-linux package and is available from + .UR ftp://\:ftp.kernel.org\:/pub\:/linux\:/utils\:/util-linux/ +diff -up util-linux-2.23.2/sys-utils/nsenter.c.kzak util-linux-2.23.2/sys-utils/nsenter.c +--- util-linux-2.23.2/sys-utils/nsenter.c.kzak 2015-06-26 10:14:00.947646586 +0200 ++++ util-linux-2.23.2/sys-utils/nsenter.c 2015-06-26 10:21:34.337221288 +0200 +@@ -30,6 +30,10 @@ + #include + #include + ++#ifdef HAVE_LIBSELINUX ++# include ++#endif ++ + #include "strutils.h" + #include "nls.h" + #include "c.h" +@@ -82,6 +86,9 @@ static void usage(int status) + fputs(_(" -r, --root[=] set the root directory\n"), out); + fputs(_(" -w, --wd[=] set the working directory\n"), out); + fputs(_(" -F, --no-fork do not fork before exec'ing \n"), out); ++#ifdef HAVE_LIBSELINUX ++ fputs(_(" -Z, --follow-context set SELinux context according to --target PID\n"), out); ++#endif + + fputs(USAGE_SEPARATOR, out); + fputs(USAGE_HELP, out); +@@ -185,6 +192,9 @@ int main(int argc, char *argv[]) + { "wd", optional_argument, NULL, 'w' }, + { "no-fork", no_argument, NULL, 'F' }, + { "preserve-credentials", no_argument, NULL, OPT_PRESERVE_CRED }, ++#ifdef HAVE_LIBSELINUX ++ { "follow-context", no_argument, NULL, 'Z' }, ++#endif + { NULL, 0, NULL, 0 } + }; + +@@ -194,6 +204,9 @@ int main(int argc, char *argv[]) + int do_fork = -1; /* unknown yet */ + uid_t uid = 0; + gid_t gid = 0; ++#ifdef HAVE_LIBSELINUX ++ bool selinux = 0; ++#endif + + setlocale(LC_ALL, ""); + bindtextdomain(PACKAGE, LOCALEDIR); +@@ -201,7 +214,7 @@ int main(int argc, char *argv[]) + atexit(close_stdout); + + while ((c = +- getopt_long(argc, argv, "+hVt:m::u::i::n::p::U::S:G:r::w::F", ++ getopt_long(argc, argv, "+hVt:m::u::i::n::p::U::S:G:r::w::FZ", + longopts, NULL)) != -1) { + switch (c) { + case 'h': +@@ -275,11 +288,30 @@ int main(int argc, char *argv[]) + case OPT_PRESERVE_CRED: + preserve_cred = 1; + break; ++#ifdef HAVE_LIBSELINUX ++ case 'Z': ++ selinux = 1; ++ break; ++#endif + default: + usage(EXIT_FAILURE); + } + } + ++#ifdef HAVE_LIBSELINUX ++ if (selinux && is_selinux_enabled() > 0) { ++ char *scon = NULL; ++ ++ if (!namespace_target_pid) ++ errx(EXIT_FAILURE, _("no target PID specified for --follow-context")); ++ if (getpidcon(namespace_target_pid, &scon) < 0) ++ errx(EXIT_FAILURE, _("failed to get %d SELinux context"), ++ (int) namespace_target_pid); ++ if (setexeccon(scon) < 0) ++ errx(EXIT_FAILURE, _("failed to set exec context to '%s'"), scon); ++ freecon(scon); ++ } ++#endif + /* + * Open remaining namespace and directory descriptors. + */ diff --git a/SPECS/util-linux.spec b/SPECS/util-linux.spec index ee7c34d..c90240c 100644 --- a/SPECS/util-linux.spec +++ b/SPECS/util-linux.spec @@ -2,7 +2,7 @@ Summary: A collection of basic system utilities Name: util-linux Version: 2.23.2 -Release: 22%{?dist}.1 +Release: 26%{?dist} License: GPLv2 and GPLv2+ and LGPLv2+ and BSD with advertising and Public Domain Group: System Environment/Base URL: http://en.wikipedia.org/wiki/Util-linux @@ -167,12 +167,36 @@ Patch42: 2.26-blkdiscard.patch Patch43: 2.26-raw-stat.patch # -# RHEL 7.1.Z +# RHEL 7.2 # Patch44: 2.25-uuidd-timeout.patch -# 1238678 - os-prober attempts to mount thin pool devices -Patch45: 2.25-libblkid-thinpool.patch - +# 1225235 - blockdev --report fails on loop and pmem devices +Patch45: 2.25-blockdev-geom.patch +# 1225053 - [RFE] backport fstrim -a and unit file +Patch46: 2.25-fstrim-all.patch +# 1131523 - mount does not appear to be correctly documented for default mount options +Patch47: 2.25-mount-man-default.patch +# 1147526 - Incorrect message printed when su is killed +Patch48: 2.26-su-coredump-message.patch +# 1165702 - make login(1) insensitive to SIGXFSZ and huge lastlog +Patch49: 2.26-login-SIGXFSZ.patch +# 1184558 - logger silently changes facility from kern to user +Patch50: 2.26-logger-man-kern.patch +# 1198243 - blkid does not recognize xfs external log device +Patch51: 2.25-libblkid-xfs-log.patch +# 1208081 - lsblk does not list dm-multipath and partitioned devices +Patch52: 2.26-lsblk-mpath.patch +# 1209594 - RHEL7: unshare: add --propagation, use MS_PRIVATE by default +# 1229436 - Remove patch that disables User Namespaces +Patch53: 2.26-unshare-rebase.patch +# 1116100 - Add -Z SELInux option to nsenter +Patch54: v2.26-nsenter-selinux.patch +# 1199619 - os-prober attempts to mount thin pool devices +Patch55: 2.25-libblkid-thinpool.patch +# 1251250 - blkid outputs nothing for some partitions (e.g. sun label) +Patch56: 2.25-libblkid-return-codes.patch +# 1182831 - blkid incorrectly detects boot sec + MBR as FAT +Patch57: 2.26-libblkid-fat.patch %description The util-linux package contains a large variety of low-level system @@ -540,6 +564,8 @@ fi %ghost %attr(0644,root,root) %verify(not md5 size mtime) /var/log/lastlog %ghost %verify(not md5 size mtime) %config(noreplace,missingok) /etc/mtab +%{_unitdir}/fstrim.* + %{_bindir}/cal %{_bindir}/chrt %{_bindir}/col @@ -832,7 +858,7 @@ fi %doc Documentation/licenses/COPYING.GPLv2 %{_mandir}/man8/uuidd.8* %{_sbindir}/uuidd -%{_unitdir}/* +%{_unitdir}/uuidd.* %dir %attr(2775, uuidd, uuidd) /var/lib/libuuid %dir %attr(2775, uuidd, uuidd) /run/uuidd %{compldir}/uuidd @@ -890,8 +916,27 @@ fi %{_libdir}/pkgconfig/uuid.pc %changelog -* Fri Jul 3 2015 Karel Zak 2.23.2-22.el7_1.1 -- fix #1238678 - os-prober attempts to mount thin pool devices +* Fri Aug 21 2015 Karel Zak 2.23.2-26 +- fix #1182831 - blkid incorrectly detects boot sec + MBR as FAT + +* Wed Aug 12 2015 Karel Zak 2.23.2-25 +- fix #1251250 - blkid outputs nothing for some partitions (e.g. sun label) + +* Thu Jul 2 2015 Karel Zak 2.23.2-24 +- fix #1199619 - os-prober attempts to mount thin pool devices + +* Tue Jun 23 2015 Karel Zak 2.23.2-23 +- fix #1225235 - blockdev --report fails on loop and pmem devices +- fix #1225053 - [RFE] backport fstrim -a and unit file +- fix #1131523 - mount does not appear to be correctly documented for default mount options +- fix #1147526 - Incorrect message printed when su is killed +- fix #1165702 - make login(1) insensitive to SIGXFSZ and huge lastlog +- fix #1184558 - logger silently changes facility from kern to user +- fix #1198243 - blkid does not recognize xfs external log device +- fix #1208081 - lsblk does not list dm-multipath and partitioned devices +- fix #1209594 - RHEL7: unshare: add --propagation, use MS_PRIVATE by default +- fix #1229436 - Remove patch that disables User Namespaces +- fix #1116100 - Add -Z SELInux option to nsenter * Mon Apr 20 2015 Karel Zak 2.23.2-22 - fix #1092039 - uuidd not configured to run permanently