From e377cc87e00be23eab6df2f4e0d5505f980633de Mon Sep 17 00:00:00 2001 From: CentOS Sources Date: Jan 31 2022 14:54:43 +0000 Subject: import util-linux-2.32.1-32.el8 --- diff --git a/SOURCES/0064-script-be-sensitive-to-another-SIGCHLD-ssi_codes.patch b/SOURCES/0064-script-be-sensitive-to-another-SIGCHLD-ssi_codes.patch new file mode 100644 index 0000000..943384e --- /dev/null +++ b/SOURCES/0064-script-be-sensitive-to-another-SIGCHLD-ssi_codes.patch @@ -0,0 +1,49 @@ +From 84009d2236c73efe7dc4b74372734d5b3306670b Mon Sep 17 00:00:00 2001 +From: Karel Zak +Date: Wed, 5 Sep 2018 11:51:22 +0200 +Subject: [PATCH 64/72] script: be sensitive to another SIGCHLD ssi_codes + +The current signalfd handler cares on CLD_EXITED only. It's pretty +insufficient as there is more situations (and codes) when child no +more running. + +Addresses: https://github.com/karelzak/util-linux/issues/686 +Upstream: http://github.com/util-linux/util-linux/commit/27afe5016842c22d256ea9f88b598d637ca0df84 +Signed-off-by: Karel Zak +--- + term-utils/script.c | 10 ++++++++-- + 1 file changed, 8 insertions(+), 2 deletions(-) + +diff --git a/term-utils/script.c b/term-utils/script.c +index d5ffa27f1..ff5f808de 100644 +--- a/term-utils/script.c ++++ b/term-utils/script.c +@@ -402,10 +402,15 @@ static void handle_signal(struct script_control *ctl, int fd) + + switch (info.ssi_signo) { + case SIGCHLD: +- DBG(SIGNAL, ul_debug(" get signal SIGCHLD")); +- if (info.ssi_code == CLD_EXITED) { ++ DBG(SIGNAL, ul_debug(" get signal SIGCHLD [ssi_code=%d, ssi_status=%d]", ++ info.ssi_code, info.ssi_status)); ++ if (info.ssi_code == CLD_EXITED ++ || info.ssi_code == CLD_KILLED ++ || info.ssi_code == CLD_DUMPED) { + wait_for_child(ctl, 0); + ctl->poll_timeout = 10; ++ ++ /* In case of ssi_code is CLD_TRAPPED, CLD_STOPPED, or CLD_CONTINUED */ + } else if (info.ssi_status == SIGSTOP && ctl->child) { + DBG(SIGNAL, ul_debug(" child stop by SIGSTOP -- stop parent too")); + kill(getpid(), SIGSTOP); +@@ -433,6 +438,7 @@ static void handle_signal(struct script_control *ctl, int fd) + default: + abort(); + } ++ DBG(SIGNAL, ul_debug("signal handle on FD %d done", fd)); + } + + static void do_io(struct script_control *ctl) +-- +2.31.1 + diff --git a/SOURCES/0065-libfdisk-fix-partition-calculation-for-BLKPG_-ioctls.patch b/SOURCES/0065-libfdisk-fix-partition-calculation-for-BLKPG_-ioctls.patch new file mode 100644 index 0000000..bcf806c --- /dev/null +++ b/SOURCES/0065-libfdisk-fix-partition-calculation-for-BLKPG_-ioctls.patch @@ -0,0 +1,60 @@ +From be29de8b5dfe15972455d25e15068dc31d4376ac Mon Sep 17 00:00:00 2001 +From: Karel Zak +Date: Wed, 6 May 2020 13:32:46 +0200 +Subject: [PATCH 65/72] libfdisk: fix partition calculation for BLKPG_* ioctls + +The include/partx.h interface we use in util-linux uses 512-byte +sectors, but libfdisk uses real sector sizes. + +Addresses: https://bugzilla.redhat.com/show_bug.cgi?id=2016229 +Upstream: http://github.com/util-linux/util-linux/commit/6a4d53ce6466fc97c0ee13846cd1bf7bdd7bfef0 +Signed-off-by: Karel Zak +--- + libfdisk/src/context.c | 10 ++++++++-- + 1 file changed, 8 insertions(+), 2 deletions(-) + +diff --git a/libfdisk/src/context.c b/libfdisk/src/context.c +index 779a9a889..fe7eb9e7e 100644 +--- a/libfdisk/src/context.c ++++ b/libfdisk/src/context.c +@@ -813,6 +813,7 @@ int fdisk_reread_changes(struct fdisk_context *cxt, struct fdisk_table *org) + struct fdisk_partition **rem = NULL, **add = NULL, **upd = NULL; + int change, rc = 0, err = 0; + size_t nparts, i, nadds = 0, nupds = 0, nrems = 0; ++ unsigned int ssf; + + DBG(CXT, ul_debugobj(cxt, "rereading changes")); + +@@ -845,6 +846,9 @@ int fdisk_reread_changes(struct fdisk_context *cxt, struct fdisk_table *org) + goto done; + } + ++ /* sector size factor -- used to recount from real to 512-byte sectors */ ++ ssf = cxt->sector_size / 512; ++ + for (i = 0; i < nrems; i++) { + pa = rem[i]; + DBG(PART, ul_debugobj(pa, "#%zu calling BLKPG_DEL_PARTITION", pa->partno)); +@@ -856,7 +860,8 @@ int fdisk_reread_changes(struct fdisk_context *cxt, struct fdisk_table *org) + for (i = 0; i < nupds; i++) { + pa = upd[i]; + DBG(PART, ul_debugobj(pa, "#%zu calling BLKPG_RESIZE_PARTITION", pa->partno)); +- if (partx_resize_partition(cxt->dev_fd, pa->partno + 1, pa->start, pa->size) != 0) { ++ if (partx_resize_partition(cxt->dev_fd, pa->partno + 1, ++ pa->start * ssf, pa->size * ssf) != 0) { + fdisk_warn(cxt, _("Failed to update system information about partition %zu"), pa->partno + 1); + err++; + } +@@ -864,7 +869,8 @@ int fdisk_reread_changes(struct fdisk_context *cxt, struct fdisk_table *org) + for (i = 0; i < nadds; i++) { + pa = add[i]; + DBG(PART, ul_debugobj(pa, "#%zu calling BLKPG_ADD_PARTITION", pa->partno)); +- if (partx_add_partition(cxt->dev_fd, pa->partno + 1, pa->start, pa->size) != 0) { ++ if (partx_add_partition(cxt->dev_fd, pa->partno + 1, ++ pa->start * ssf, pa->size * ssf) != 0) { + fdisk_warn(cxt, _("Failed to add partition %zu to system"), pa->partno + 1); + err++; + } +-- +2.31.1 + diff --git a/SOURCES/0066-libfdisk-fix-fdisk_reread_changes-for-extended-parti.patch b/SOURCES/0066-libfdisk-fix-fdisk_reread_changes-for-extended-parti.patch new file mode 100644 index 0000000..da0b864 --- /dev/null +++ b/SOURCES/0066-libfdisk-fix-fdisk_reread_changes-for-extended-parti.patch @@ -0,0 +1,48 @@ +From aecaffc55dd763c34f61937b2047f0aaaeb4e6fc Mon Sep 17 00:00:00 2001 +From: Karel Zak +Date: Thu, 6 Aug 2020 11:32:33 +0200 +Subject: [PATCH 66/74] libfdisk: fix fdisk_reread_changes() for extended + partitions + +Linux kernel assumes only 1KiB extended partition to avoid overlapping +with nested logical partitions. We need to follow this rule for +BLKPG_ADD_PARTITION. + +Addresses: https://github.com/karelzak/util-linux/issues/1112 +Addresses: https://bugzilla.redhat.com/show_bug.cgi?id=2041498 +Upstream: http://github.com/util-linux/util-linux/commit/33f50706fd7c1c5e53f8f355f12b685c6935f5a4 +Signed-off-by: Karel Zak +--- + libfdisk/src/context.c | 13 ++++++++++++- + 1 file changed, 12 insertions(+), 1 deletion(-) + +diff --git a/libfdisk/src/context.c b/libfdisk/src/context.c +index fe7eb9e7e..114101980 100644 +--- a/libfdisk/src/context.c ++++ b/libfdisk/src/context.c +@@ -867,10 +867,21 @@ int fdisk_reread_changes(struct fdisk_context *cxt, struct fdisk_table *org) + } + } + for (i = 0; i < nadds; i++) { ++ uint64_t sz; ++ + pa = add[i]; ++ sz = pa->size * ssf; ++ + DBG(PART, ul_debugobj(pa, "#%zu calling BLKPG_ADD_PARTITION", pa->partno)); ++ ++ if (fdisk_is_label(cxt, DOS) && fdisk_partition_is_container(pa)) ++ /* Let's follow the Linux kernel and reduce ++ * DOS extended partition to 1 or 2 sectors. ++ */ ++ sz = min(sz, (uint64_t) 2); ++ + if (partx_add_partition(cxt->dev_fd, pa->partno + 1, +- pa->start * ssf, pa->size * ssf) != 0) { ++ pa->start * ssf, sz) != 0) { + fdisk_warn(cxt, _("Failed to add partition %zu to system"), pa->partno + 1); + err++; + } +-- +2.31.1 + diff --git a/SOURCES/0067-logger-fix-size-use-for-stdin.patch b/SOURCES/0067-logger-fix-size-use-for-stdin.patch new file mode 100644 index 0000000..987a4f9 --- /dev/null +++ b/SOURCES/0067-logger-fix-size-use-for-stdin.patch @@ -0,0 +1,76 @@ +From 7cc5bcfcb2340266a6b42370c9c4c02d8a325d5f Mon Sep 17 00:00:00 2001 +From: Karel Zak +Date: Thu, 21 Oct 2021 18:47:40 +0200 +Subject: [PATCH 67/74] logger: fix --size use for stdin +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +The stdin version counts log header into the message size, but +for example when it reads message from argv[] it counts only message +itself. + + $ logger --stderr --size 3 "abcd" + <13>Oct 21 18:48:29 kzak: abc + + $ echo "abcd" | logger --stderr --size 3 + logger: cannot allocate 18446744073709551597 bytes: Cannot allocate memory + +Addresses: https://bugzilla.redhat.com/show_bug.cgi?id=2011602 +Upstream: http://github.com/util-linux/util-linux/commit/58e4ee082bca100034791a4a74481f263bb30a25 +Signed-off-by: Karel Zak +--- + misc-utils/logger.c | 16 ++++------------ + 1 file changed, 4 insertions(+), 12 deletions(-) + +diff --git a/misc-utils/logger.c b/misc-utils/logger.c +index ebdc56ec2..c20ef05f1 100644 +--- a/misc-utils/logger.c ++++ b/misc-utils/logger.c +@@ -957,11 +957,9 @@ static void logger_stdin(struct logger_ctl *ctl) + * update header timestamps and to reflect possible priority changes. + * The initial header is generated by logger_open(). + */ +- int has_header = 1; + int default_priority = ctl->pri; + int last_pri = default_priority; +- size_t max_usrmsg_size = ctl->max_message_size - strlen(ctl->hdr); +- char *const buf = xmalloc(max_usrmsg_size + 2 + 2); ++ char *buf = xmalloc(ctl->max_message_size + 2 + 2); + int pri; + int c; + size_t i; +@@ -988,27 +986,21 @@ static void logger_stdin(struct logger_ctl *ctl) + ctl->pri = default_priority; + + if (ctl->pri != last_pri) { +- has_header = 0; +- max_usrmsg_size = +- ctl->max_message_size - strlen(ctl->hdr); ++ generate_syslog_header(ctl); + last_pri = ctl->pri; + } + if (c != EOF && c != '\n') + c = getchar(); + } + +- while (c != EOF && c != '\n' && i < max_usrmsg_size) { ++ while (c != EOF && c != '\n' && i < ctl->max_message_size) { + buf[i++] = c; + c = getchar(); + } + buf[i] = '\0'; + +- if (i > 0 || !ctl->skip_empty_lines) { +- if (!has_header) +- generate_syslog_header(ctl); ++ if (i > 0 || !ctl->skip_empty_lines) + write_output(ctl, buf); +- has_header = 0; +- } + + if (c == '\n') /* discard line terminator */ + c = getchar(); +-- +2.31.1 + diff --git a/SOURCES/0068-fstrim-improve-timer-setting.patch b/SOURCES/0068-fstrim-improve-timer-setting.patch new file mode 100644 index 0000000..0c4e534 --- /dev/null +++ b/SOURCES/0068-fstrim-improve-timer-setting.patch @@ -0,0 +1,32 @@ +From ebb628f8b6e9564c036fce152f67512e5755dcfc Mon Sep 17 00:00:00 2001 +From: Karel Zak +Date: Mon, 6 Dec 2021 13:20:37 +0100 +Subject: [PATCH 68/74] fstrim: improve timer setting + +Addresses: https://bugzilla.redhat.com/show_bug.cgi?id=1916151 +Signed-off-by: Karel Zak +--- + sys-utils/fstrim.timer | 2 ++ + 1 file changed, 2 insertions(+) + +diff --git a/sys-utils/fstrim.timer b/sys-utils/fstrim.timer +index 3a3762d5c..54b3c18f5 100644 +--- a/sys-utils/fstrim.timer ++++ b/sys-utils/fstrim.timer +@@ -1,11 +1,13 @@ + [Unit] + Description=Discard unused blocks once a week + Documentation=man:fstrim ++ConditionVirtualization=!container + + [Timer] + OnCalendar=weekly + AccuracySec=1h + Persistent=true ++RandomizedDelaySec=6000 + + [Install] + WantedBy=timers.target +-- +2.31.1 + diff --git a/SOURCES/0069-setpriv-implement-option-to-set-parent-death-signal.patch b/SOURCES/0069-setpriv-implement-option-to-set-parent-death-signal.patch new file mode 100644 index 0000000..a4806c2 --- /dev/null +++ b/SOURCES/0069-setpriv-implement-option-to-set-parent-death-signal.patch @@ -0,0 +1,185 @@ +From 0b421290e05862e1abbb5a82654bd2de9829dd58 Mon Sep 17 00:00:00 2001 +From: Patrick Steinhardt +Date: Tue, 10 Apr 2018 12:08:21 +0100 +Subject: [PATCH 69/74] setpriv: implement option to set parent death signal + +When a process uses the syscall `prctl(PR_SET_PDEATHSIG, ...)`, it will +get notified with a process-defined signal as soon as its parent process +dies. This is for example being used by unshare(1)'s recently added +"--kill-child" option, causing the forked child to be killed as soon as +unshare itself dies. + +Unfortunately, some LSMs will cause the parent death signal to be reset +when a process changes credentials, with the most important ones being +SELinux and AppArmor. The following command will thus not work as +expected: + + unshare --fork --kill-child setpriv --reuid user + +As soon as setpriv changes UID, the parent death signal is cleared and +the child will never get signalled when unshare gets killed. + +Add a new option "--pdeathsig keep|clear|". Setting this flag +will cause us to either + +- restore the previously active parent death signal as soon as the + setpriv has applied all credential changes +- clear the parent death signal +- set the parent death signal to "" + +Furthermore, print out the currently set signal when dumping process +state. + +[kzak@redhat.com: - small changes in codding style] + +Addresses: https://bugzilla.redhat.com/show_bug.cgi?id=1894192 +Signed-off-by: Patrick Steinhardt +Signed-off-by: Karel Zak +--- + sys-utils/setpriv.1 | 6 ++++++ + sys-utils/setpriv.c | 49 +++++++++++++++++++++++++++++++++++++++++++++ + 2 files changed, 55 insertions(+) + +diff --git a/sys-utils/setpriv.1 b/sys-utils/setpriv.1 +index b900f6e08..f989bf33c 100644 +--- a/sys-utils/setpriv.1 ++++ b/sys-utils/setpriv.1 +@@ -139,6 +139,12 @@ is cleared by + .BR execve (2) + and is therefore not allowed. + .TP ++.BR "\-\-pdeathsig keep" | clear | ++Keep, clear or set the parent death signal. Some LSMs, most notably SELinux and ++AppArmor, clear the signal when the process' credentials change. Using ++\fB--pdeathsig keep\fR will restore the parent death signal after changing ++credentials to remedy that situation. ++.TP + .BI \-\-selinux\-label " label" + Request a particular SELinux transition (using a transition on exec, not + dyntrans). This will fail and cause +diff --git a/sys-utils/setpriv.c b/sys-utils/setpriv.c +index 4147978cc..0d3a3b3c9 100644 +--- a/sys-utils/setpriv.c ++++ b/sys-utils/setpriv.c +@@ -38,6 +38,7 @@ + #include "strutils.h" + #include "xalloc.h" + #include "pathnames.h" ++#include "signames.h" + + #ifndef PR_SET_NO_NEW_PRIVS + # define PR_SET_NO_NEW_PRIVS 38 +@@ -102,6 +103,8 @@ struct privctx { + + /* securebits */ + int securebits; ++ /* parent death signal (<0 clear, 0 nothing, >0 signal) */ ++ int pdeathsig; + + /* LSMs */ + const char *selinux_label; +@@ -135,6 +138,8 @@ static void __attribute__((__noreturn__)) usage(void) + fputs(_(" --init-groups initialize supplementary groups\n"), out); + fputs(_(" --groups set supplementary groups\n"), out); + fputs(_(" --securebits set securebits\n"), out); ++ fputs(_(" --pdeathsig keep|clear|\n" ++ " set or clear parent death signal\n"), out); + fputs(_(" --selinux-label