From b98737cec484f1c8dcb839e97192809b99f77c89 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= Date: Sun, 13 Sep 2020 11:03:33 +0200 Subject: [PATCH 01/27] Force creation of /etc/resolv.conf symlink during installation https://bugzilla.redhat.com/show_bug.cgi?id=1873856#c14 --- systemd.spec | 14 +++++++++----- 1 file changed, 9 insertions(+), 5 deletions(-) diff --git a/systemd.spec b/systemd.spec index fb657e4..c3e29f1 100644 --- a/systemd.spec +++ b/systemd.spec @@ -20,7 +20,7 @@ Name: systemd Url: https://www.freedesktop.org/wiki/Software/systemd Version: 246.4 -Release: 1%{?dist} +Release: 2%{?dist} # For a breakdown of the licensing, see README License: LGPLv2+ and MIT and GPLv2+ Summary: System and Service Manager @@ -602,12 +602,12 @@ setfacl -Rnm g:wheel:rx,d:g:wheel:rx,g:adm:rx,d:g:adm:rx /var/log/journal/ &>/de [ $1 -eq 1 ] || exit 0 -# Create /etc/resolv.conf symlink -# We would also create it using tmpfiles, but let's do this here too -# before NetworkManager gets a chance. (systemd-tmpfiles invocation above +# Create /etc/resolv.conf symlink. +# We would also create it using tmpfiles, but let's do this here unconditionally +# too before NetworkManager gets a chance. (systemd-tmpfiles invocation above # does not do this, because it's marked with ! and we don't specify --boot.) # https://bugzilla.redhat.com/show_bug.cgi?id=1873856 -ln -sv ../run/systemd/resolve/stub-resolv.conf /etc/resolv.conf +ln -fsv ../run/systemd/resolve/stub-resolv.conf /etc/resolv.conf # We reset the enablement of all services upon initial installation # https://bugzilla.redhat.com/show_bug.cgi?id=1118740#c23 @@ -804,6 +804,10 @@ fi %files tests -f .file-list-tests %changelog +* Sun Sep 13 2020 Zbigniew Jędrzejewski-Szmek - 246.4-2 +- Also remove existing file when creating /etc/resolv.conf symlink + upon installation (#1873856 again) + * Wed Sep 2 2020 Zbigniew Jędrzejewski-Szmek - 246.4-1 - Update to latest stable version: a rework of how the unit cache mtime works (hopefully #1872068, #1871327, #1867930), plus various fixes to From a896a747c3468e448b08c21cb0c57cb4b7b94f65 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= Date: Mon, 14 Sep 2020 09:19:02 +0200 Subject: [PATCH 02/27] Apply patches to make test-path pass --- 0001-Revert-test-path-increase-timeout.patch | 2 +- ...-fail-the-test-if-we-fail-to-start-s.patch | 53 ---- ...test-path-more-debugging-information.patch | 78 ++++++ ...-fail-the-test-if-we-fail-to-start-s.patch | 245 ++++++++++++++++++ 0004-test-path-use-Type-exec.patch | 94 +++++++ systemd.spec | 8 +- 6 files changed, 423 insertions(+), 57 deletions(-) delete mode 100644 0002-test-path-do-not-fail-the-test-if-we-fail-to-start-s.patch create mode 100644 0002-test-path-more-debugging-information.patch create mode 100644 0003-test-path-do-not-fail-the-test-if-we-fail-to-start-s.patch create mode 100644 0004-test-path-use-Type-exec.patch diff --git a/0001-Revert-test-path-increase-timeout.patch b/0001-Revert-test-path-increase-timeout.patch index a9c226f..74684f2 100644 --- a/0001-Revert-test-path-increase-timeout.patch +++ b/0001-Revert-test-path-increase-timeout.patch @@ -1,7 +1,7 @@ From a73d30081a13eaeffce87f997726a179ec44d817 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= Date: Fri, 31 Jul 2020 10:50:37 +0200 -Subject: [PATCH 1/2] Revert "test-path: increase timeout" +Subject: [PATCH 1/4] Revert "test-path: increase timeout" This partially reverts commit 500727c220354b81b68ed6667d9a6f0fafe3ba19. diff --git a/0002-test-path-do-not-fail-the-test-if-we-fail-to-start-s.patch b/0002-test-path-do-not-fail-the-test-if-we-fail-to-start-s.patch deleted file mode 100644 index c285891..0000000 --- a/0002-test-path-do-not-fail-the-test-if-we-fail-to-start-s.patch +++ /dev/null @@ -1,53 +0,0 @@ -From a2deeaeaa90d493ef8a2b20656745cd0531a1b30 Mon Sep 17 00:00:00 2001 -From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= -Date: Fri, 31 Jul 2020 10:36:57 +0200 -Subject: [PATCH 2/2] test-path: do not fail the test if we fail to start some - service - -The test was failing because it couldn't start the service: - -path-modified.service: state = failed; result = exit-code -path-modified.path: state = waiting; result = success -path-modified.service: state = failed; result = exit-code -path-modified.path: state = waiting; result = success -path-modified.service: state = failed; result = exit-code -path-modified.path: state = waiting; result = success -path-modified.service: state = failed; result = exit-code -path-modified.path: state = waiting; result = success -path-modified.service: state = failed; result = exit-code -path-modified.path: state = waiting; result = success -path-modified.service: state = failed; result = exit-code -Failed to connect to system bus: No such file or directory --.slice: Failed to enable/disable controllers on cgroup /system.slice/kojid.service, ignoring: Permission denied -path-modified.service: Failed to create cgroup /system.slice/kojid.service/path-modified.service: Permission denied -path-modified.service: Failed to attach to cgroup /system.slice/kojid.service/path-modified.service: No such file or directory -path-modified.service: Failed at step CGROUP spawning /bin/true: No such file or directory -path-modified.service: Main process exited, code=exited, status=219/CGROUP -path-modified.service: Failed with result 'exit-code'. -Test timeout when testing path-modified.path - -Let's just ignore the failure here. Services can occasionally fail to start, -there's not much we can do in that case. ---- - src/test/test-path.c | 8 ++++++++ - 1 file changed, 8 insertions(+) - -diff --git a/src/test/test-path.c b/src/test/test-path.c -index 63b709c8da..6c0db53f10 100644 ---- a/src/test/test-path.c -+++ b/src/test/test-path.c -@@ -98,6 +98,14 @@ static void check_states(Manager *m, Path *path, Service *service, PathState pat - service_state_to_string(service->state), - service_result_to_string(service->result)); - -+ if (service->state == SERVICE_FAILED) { -+ log_warning("Failed to start service %s, ignoring: %s/%s", -+ UNIT(service)->id, -+ service_state_to_string(service->state), -+ service_result_to_string(service->result)); -+ break; -+ } -+ - if (now(CLOCK_MONOTONIC) >= end) { - log_error("Test timeout when testing %s", UNIT(path)->id); - exit(EXIT_FAILURE); diff --git a/0002-test-path-more-debugging-information.patch b/0002-test-path-more-debugging-information.patch new file mode 100644 index 0000000..6aef2dd --- /dev/null +++ b/0002-test-path-more-debugging-information.patch @@ -0,0 +1,78 @@ +From 4c38dcdc8d8f22dddc521faedad6a4f45fa81d63 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= +Date: Mon, 14 Sep 2020 08:56:28 +0200 +Subject: [PATCH 2/4] test-path: more debugging information +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +Just to make it easier to grok what happens when test-path fails. +Change printf→log_info so that output is interleaved and not split in two +independent parts in log files. +--- + src/test/test-path.c | 31 ++++++++++++++++++------------- + 1 file changed, 18 insertions(+), 13 deletions(-) + +diff --git a/src/test/test-path.c b/src/test/test-path.c +index 63b709c8da..84dcf5e37d 100644 +--- a/src/test/test-path.c ++++ b/src/test/test-path.c +@@ -1,7 +1,6 @@ + /* SPDX-License-Identifier: LGPL-2.1+ */ + + #include +-#include + #include + #include + +@@ -78,32 +77,38 @@ static Service *service_for_path(Manager *m, Path *path, const char *service_nam + return SERVICE(service_unit); + } + +-static void check_states(Manager *m, Path *path, Service *service, PathState path_state, ServiceState service_state) { ++static void _check_states(unsigned line, ++ Manager *m, Path *path, Service *service, PathState path_state, ServiceState service_state) { + assert_se(m); + assert_se(service); + + usec_t end = now(CLOCK_MONOTONIC) + 2 * USEC_PER_SEC; + +- while (path->result != PATH_SUCCESS || service->result != SERVICE_SUCCESS || +- path->state != path_state || service->state != service_state) { ++ while (path->state != path_state || service->state != service_state || ++ path->result != PATH_SUCCESS || service->result != SERVICE_SUCCESS) { + + assert_se(sd_event_run(m->event, 100 * USEC_PER_MSEC) >= 0); + +- printf("%s: state = %s; result = %s \n", +- UNIT(path)->id, +- path_state_to_string(path->state), +- path_result_to_string(path->result)); +- printf("%s: state = %s; result = %s \n", +- UNIT(service)->id, +- service_state_to_string(service->state), +- service_result_to_string(service->result)); ++ usec_t n = now(CLOCK_MONOTONIC); ++ log_info("line %d: %s: state = %s; result = %s (left: %" PRIi64 ")", ++ line, ++ UNIT(path)->id, ++ path_state_to_string(path->state), ++ path_result_to_string(path->result), ++ end - n); ++ log_info("line %d: %s: state = %s; result = %s", ++ line, ++ UNIT(service)->id, ++ service_state_to_string(service->state), ++ service_result_to_string(service->result)); + +- if (now(CLOCK_MONOTONIC) >= end) { ++ if (n >= end) { + log_error("Test timeout when testing %s", UNIT(path)->id); + exit(EXIT_FAILURE); + } + } + } ++#define check_states(...) _check_states(__LINE__, __VA_ARGS__) + + static void test_path_exists(Manager *m) { + const char *test_path = "/tmp/test-path_exists"; diff --git a/0003-test-path-do-not-fail-the-test-if-we-fail-to-start-s.patch b/0003-test-path-do-not-fail-the-test-if-we-fail-to-start-s.patch new file mode 100644 index 0000000..571d85c --- /dev/null +++ b/0003-test-path-do-not-fail-the-test-if-we-fail-to-start-s.patch @@ -0,0 +1,245 @@ +From 67c6ff720796bc97f262ba93c6ea87da93b04a1a Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= +Date: Fri, 31 Jul 2020 10:36:57 +0200 +Subject: [PATCH 3/4] test-path: do not fail the test if we fail to start some + service + +The test was failing because it couldn't start the service: + +path-modified.service: state = failed; result = exit-code +path-modified.path: state = waiting; result = success +path-modified.service: state = failed; result = exit-code +path-modified.path: state = waiting; result = success +path-modified.service: state = failed; result = exit-code +path-modified.path: state = waiting; result = success +path-modified.service: state = failed; result = exit-code +path-modified.path: state = waiting; result = success +path-modified.service: state = failed; result = exit-code +path-modified.path: state = waiting; result = success +path-modified.service: state = failed; result = exit-code +Failed to connect to system bus: No such file or directory +-.slice: Failed to enable/disable controllers on cgroup /system.slice/kojid.service, ignoring: Permission denied +path-modified.service: Failed to create cgroup /system.slice/kojid.service/path-modified.service: Permission denied +path-modified.service: Failed to attach to cgroup /system.slice/kojid.service/path-modified.service: No such file or directory +path-modified.service: Failed at step CGROUP spawning /bin/true: No such file or directory +path-modified.service: Main process exited, code=exited, status=219/CGROUP +path-modified.service: Failed with result 'exit-code'. +Test timeout when testing path-modified.path + +In fact any of the services that we try to start may fail, especially +considering that we're doing some rogue cgroup operations. See +https://github.com/systemd/systemd/pull/16603#issuecomment-679133641. +--- + src/test/test-path.c | 88 ++++++++++++++++++++++++++++++-------------- + 1 file changed, 61 insertions(+), 27 deletions(-) + +diff --git a/src/test/test-path.c b/src/test/test-path.c +index 84dcf5e37d..d6c37b77e6 100644 +--- a/src/test/test-path.c ++++ b/src/test/test-path.c +@@ -77,8 +77,8 @@ static Service *service_for_path(Manager *m, Path *path, const char *service_nam + return SERVICE(service_unit); + } + +-static void _check_states(unsigned line, +- Manager *m, Path *path, Service *service, PathState path_state, ServiceState service_state) { ++static int _check_states(unsigned line, ++ Manager *m, Path *path, Service *service, PathState path_state, ServiceState service_state) { + assert_se(m); + assert_se(service); + +@@ -102,11 +102,20 @@ static void _check_states(unsigned line, + service_state_to_string(service->state), + service_result_to_string(service->result)); + ++ if (service->state == SERVICE_FAILED) ++ return log_notice_errno(SYNTHETIC_ERRNO(ECANCELED), ++ "Failed to start service %s, aborting test: %s/%s", ++ UNIT(service)->id, ++ service_state_to_string(service->state), ++ service_result_to_string(service->result)); ++ + if (n >= end) { + log_error("Test timeout when testing %s", UNIT(path)->id); + exit(EXIT_FAILURE); + } + } ++ ++ return 0; + } + #define check_states(...) _check_states(__LINE__, __VA_ARGS__) + +@@ -124,18 +133,22 @@ static void test_path_exists(Manager *m) { + service = service_for_path(m, path, NULL); + + assert_se(unit_start(unit) >= 0); +- check_states(m, path, service, PATH_WAITING, SERVICE_DEAD); ++ if (check_states(m, path, service, PATH_WAITING, SERVICE_DEAD) < 0) ++ return; + + assert_se(touch(test_path) >= 0); +- check_states(m, path, service, PATH_RUNNING, SERVICE_RUNNING); ++ if (check_states(m, path, service, PATH_RUNNING, SERVICE_RUNNING) < 0) ++ return; + + /* Service restarts if file still exists */ + assert_se(unit_stop(UNIT(service)) >= 0); +- check_states(m, path, service, PATH_RUNNING, SERVICE_RUNNING); ++ if (check_states(m, path, service, PATH_RUNNING, SERVICE_RUNNING) < 0) ++ return; + + assert_se(rm_rf(test_path, REMOVE_ROOT|REMOVE_PHYSICAL) == 0); + assert_se(unit_stop(UNIT(service)) >= 0); +- check_states(m, path, service, PATH_WAITING, SERVICE_DEAD); ++ if (check_states(m, path, service, PATH_WAITING, SERVICE_DEAD) < 0) ++ return; + + assert_se(unit_stop(unit) >= 0); + } +@@ -154,18 +167,22 @@ static void test_path_existsglob(Manager *m) { + service = service_for_path(m, path, NULL); + + assert_se(unit_start(unit) >= 0); +- check_states(m, path, service, PATH_WAITING, SERVICE_DEAD); ++ if (check_states(m, path, service, PATH_WAITING, SERVICE_DEAD) < 0) ++ return; + + assert_se(touch(test_path) >= 0); +- check_states(m, path, service, PATH_RUNNING, SERVICE_RUNNING); ++ if (check_states(m, path, service, PATH_RUNNING, SERVICE_RUNNING) < 0) ++ return; + + /* Service restarts if file still exists */ + assert_se(unit_stop(UNIT(service)) >= 0); +- check_states(m, path, service, PATH_RUNNING, SERVICE_RUNNING); ++ if (check_states(m, path, service, PATH_RUNNING, SERVICE_RUNNING) < 0) ++ return; + + assert_se(rm_rf(test_path, REMOVE_ROOT|REMOVE_PHYSICAL) == 0); + assert_se(unit_stop(UNIT(service)) >= 0); +- check_states(m, path, service, PATH_WAITING, SERVICE_DEAD); ++ if (check_states(m, path, service, PATH_WAITING, SERVICE_DEAD) < 0) ++ return; + + assert_se(unit_stop(unit) >= 0); + } +@@ -185,23 +202,28 @@ static void test_path_changed(Manager *m) { + service = service_for_path(m, path, NULL); + + assert_se(unit_start(unit) >= 0); +- check_states(m, path, service, PATH_WAITING, SERVICE_DEAD); ++ if (check_states(m, path, service, PATH_WAITING, SERVICE_DEAD) < 0) ++ return; + + assert_se(touch(test_path) >= 0); +- check_states(m, path, service, PATH_RUNNING, SERVICE_RUNNING); ++ if (check_states(m, path, service, PATH_RUNNING, SERVICE_RUNNING) < 0) ++ return; + + /* Service does not restart if file still exists */ + assert_se(unit_stop(UNIT(service)) >= 0); +- check_states(m, path, service, PATH_WAITING, SERVICE_DEAD); ++ if (check_states(m, path, service, PATH_WAITING, SERVICE_DEAD) < 0) ++ return; + + f = fopen(test_path, "w"); + assert_se(f); + fclose(f); + +- check_states(m, path, service, PATH_RUNNING, SERVICE_RUNNING); ++ if (check_states(m, path, service, PATH_RUNNING, SERVICE_RUNNING) < 0) ++ return; + + assert_se(unit_stop(UNIT(service)) >= 0); +- check_states(m, path, service, PATH_WAITING, SERVICE_DEAD); ++ if (check_states(m, path, service, PATH_WAITING, SERVICE_DEAD) < 0) ++ return; + + (void) rm_rf(test_path, REMOVE_ROOT|REMOVE_PHYSICAL); + assert_se(unit_stop(unit) >= 0); +@@ -222,23 +244,28 @@ static void test_path_modified(Manager *m) { + service = service_for_path(m, path, NULL); + + assert_se(unit_start(unit) >= 0); +- check_states(m, path, service, PATH_WAITING, SERVICE_DEAD); ++ if (check_states(m, path, service, PATH_WAITING, SERVICE_DEAD) < 0) ++ return; + + assert_se(touch(test_path) >= 0); +- check_states(m, path, service, PATH_RUNNING, SERVICE_RUNNING); ++ if (check_states(m, path, service, PATH_RUNNING, SERVICE_RUNNING) < 0) ++ return; + + /* Service does not restart if file still exists */ + assert_se(unit_stop(UNIT(service)) >= 0); +- check_states(m, path, service, PATH_WAITING, SERVICE_DEAD); ++ if (check_states(m, path, service, PATH_WAITING, SERVICE_DEAD) < 0) ++ return; + + f = fopen(test_path, "w"); + assert_se(f); + fputs("test", f); + +- check_states(m, path, service, PATH_RUNNING, SERVICE_RUNNING); ++ if (check_states(m, path, service, PATH_RUNNING, SERVICE_RUNNING) < 0) ++ return; + + assert_se(unit_stop(UNIT(service)) >= 0); +- check_states(m, path, service, PATH_WAITING, SERVICE_DEAD); ++ if (check_states(m, path, service, PATH_WAITING, SERVICE_DEAD) < 0) ++ return; + + (void) rm_rf(test_path, REMOVE_ROOT|REMOVE_PHYSICAL); + assert_se(unit_stop(unit) >= 0); +@@ -258,14 +285,17 @@ static void test_path_unit(Manager *m) { + service = service_for_path(m, path, "path-mycustomunit.service"); + + assert_se(unit_start(unit) >= 0); +- check_states(m, path, service, PATH_WAITING, SERVICE_DEAD); ++ if (check_states(m, path, service, PATH_WAITING, SERVICE_DEAD) < 0) ++ return; + + assert_se(touch(test_path) >= 0); +- check_states(m, path, service, PATH_RUNNING, SERVICE_RUNNING); ++ if (check_states(m, path, service, PATH_RUNNING, SERVICE_RUNNING) < 0) ++ return; + + assert_se(rm_rf(test_path, REMOVE_ROOT|REMOVE_PHYSICAL) == 0); + assert_se(unit_stop(UNIT(service)) >= 0); +- check_states(m, path, service, PATH_WAITING, SERVICE_DEAD); ++ if (check_states(m, path, service, PATH_WAITING, SERVICE_DEAD) < 0) ++ return; + + assert_se(unit_stop(unit) >= 0); + } +@@ -286,22 +316,26 @@ static void test_path_directorynotempty(Manager *m) { + assert_se(access(test_path, F_OK) < 0); + + assert_se(unit_start(unit) >= 0); +- check_states(m, path, service, PATH_WAITING, SERVICE_DEAD); ++ if (check_states(m, path, service, PATH_WAITING, SERVICE_DEAD) < 0) ++ return; + + /* MakeDirectory default to no */ + assert_se(access(test_path, F_OK) < 0); + + assert_se(mkdir_p(test_path, 0755) >= 0); + assert_se(touch(strjoina(test_path, "test_file")) >= 0); +- check_states(m, path, service, PATH_RUNNING, SERVICE_RUNNING); ++ if (check_states(m, path, service, PATH_RUNNING, SERVICE_RUNNING) < 0) ++ return; + + /* Service restarts if directory is still not empty */ + assert_se(unit_stop(UNIT(service)) >= 0); +- check_states(m, path, service, PATH_RUNNING, SERVICE_RUNNING); ++ if (check_states(m, path, service, PATH_RUNNING, SERVICE_RUNNING) < 0) ++ return; + + assert_se(rm_rf(test_path, REMOVE_ROOT|REMOVE_PHYSICAL) == 0); + assert_se(unit_stop(UNIT(service)) >= 0); +- check_states(m, path, service, PATH_WAITING, SERVICE_DEAD); ++ if (check_states(m, path, service, PATH_WAITING, SERVICE_DEAD) < 0) ++ return; + + assert_se(unit_stop(unit) >= 0); + } diff --git a/0004-test-path-use-Type-exec.patch b/0004-test-path-use-Type-exec.patch new file mode 100644 index 0000000..3734dc6 --- /dev/null +++ b/0004-test-path-use-Type-exec.patch @@ -0,0 +1,94 @@ +From 1a83d7234e374e991235f4ef21c56998f93cb875 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= +Date: Mon, 14 Sep 2020 08:58:54 +0200 +Subject: [PATCH 4/4] test-path: use Type=exec + +In general, Type=exec is superior to Type=simple. Let's not assume that +the service is started before it was really started. +--- + test/test-path/path-changed.service | 2 +- + test/test-path/path-directorynotempty.service | 2 +- + test/test-path/path-exists.service | 2 +- + test/test-path/path-existsglob.service | 2 +- + test/test-path/path-makedirectory.service | 2 +- + test/test-path/path-modified.service | 2 +- + test/test-path/path-mycustomunit.service | 2 +- + 7 files changed, 7 insertions(+), 7 deletions(-) + +diff --git a/test/test-path/path-changed.service b/test/test-path/path-changed.service +index fb465d76bb..b75552df4f 100644 +--- a/test/test-path/path-changed.service ++++ b/test/test-path/path-changed.service +@@ -3,5 +3,5 @@ Description=Service Test for Path units + + [Service] + ExecStart=/bin/true +-Type=simple ++Type=exec + RemainAfterExit=true +diff --git a/test/test-path/path-directorynotempty.service b/test/test-path/path-directorynotempty.service +index fb465d76bb..b75552df4f 100644 +--- a/test/test-path/path-directorynotempty.service ++++ b/test/test-path/path-directorynotempty.service +@@ -3,5 +3,5 @@ Description=Service Test for Path units + + [Service] + ExecStart=/bin/true +-Type=simple ++Type=exec + RemainAfterExit=true +diff --git a/test/test-path/path-exists.service b/test/test-path/path-exists.service +index fb465d76bb..b75552df4f 100644 +--- a/test/test-path/path-exists.service ++++ b/test/test-path/path-exists.service +@@ -3,5 +3,5 @@ Description=Service Test for Path units + + [Service] + ExecStart=/bin/true +-Type=simple ++Type=exec + RemainAfterExit=true +diff --git a/test/test-path/path-existsglob.service b/test/test-path/path-existsglob.service +index fb465d76bb..b75552df4f 100644 +--- a/test/test-path/path-existsglob.service ++++ b/test/test-path/path-existsglob.service +@@ -3,5 +3,5 @@ Description=Service Test for Path units + + [Service] + ExecStart=/bin/true +-Type=simple ++Type=exec + RemainAfterExit=true +diff --git a/test/test-path/path-makedirectory.service b/test/test-path/path-makedirectory.service +index fb465d76bb..b75552df4f 100644 +--- a/test/test-path/path-makedirectory.service ++++ b/test/test-path/path-makedirectory.service +@@ -3,5 +3,5 @@ Description=Service Test for Path units + + [Service] + ExecStart=/bin/true +-Type=simple ++Type=exec + RemainAfterExit=true +diff --git a/test/test-path/path-modified.service b/test/test-path/path-modified.service +index fb465d76bb..b75552df4f 100644 +--- a/test/test-path/path-modified.service ++++ b/test/test-path/path-modified.service +@@ -3,5 +3,5 @@ Description=Service Test for Path units + + [Service] + ExecStart=/bin/true +-Type=simple ++Type=exec + RemainAfterExit=true +diff --git a/test/test-path/path-mycustomunit.service b/test/test-path/path-mycustomunit.service +index bcdafe4f30..8fbc40d13f 100644 +--- a/test/test-path/path-mycustomunit.service ++++ b/test/test-path/path-mycustomunit.service +@@ -3,5 +3,5 @@ Description=Service Test Path Unit + + [Service] + ExecStart=/bin/true +-Type=simple ++Type=exec + RemainAfterExit=true diff --git a/systemd.spec b/systemd.spec index c3e29f1..9b156a4 100644 --- a/systemd.spec +++ b/systemd.spec @@ -71,10 +71,12 @@ GIT_DIR=../../src/systemd/.git git diffab -M v233..master@{2017-06-15} -- hwdb/[ Patch0001: use-bfq-scheduler.patch Patch0002: 0001-Revert-test-path-increase-timeout.patch -Patch0003: 0002-test-path-do-not-fail-the-test-if-we-fail-to-start-s.patch +Patch0003: 0002-test-path-more-debugging-information.patch +Patch0004: 0003-test-path-do-not-fail-the-test-if-we-fail-to-start-s.patch +Patch0005: 0004-test-path-use-Type-exec.patch -Patch0004: 0001-test-acl-util-output-more-debug-info.patch -Patch0005: 0001-Do-not-assert-in-test_add_acls_for_user.patch +Patch0006: 0001-test-acl-util-output-more-debug-info.patch +Patch0007: 0001-Do-not-assert-in-test_add_acls_for_user.patch %ifarch %{ix86} x86_64 aarch64 %global have_gnu_efi 1 From 3417440344fbd1c8ce7d544345df8a1a6721f242 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= Date: Mon, 14 Sep 2020 21:16:32 +0200 Subject: [PATCH 03/27] New version of patch --- ...-fail-the-test-if-we-fail-to-start-s.patch | 43 +++++++++++++------ 1 file changed, 29 insertions(+), 14 deletions(-) diff --git a/0003-test-path-do-not-fail-the-test-if-we-fail-to-start-s.patch b/0003-test-path-do-not-fail-the-test-if-we-fail-to-start-s.patch index 571d85c..63903fb 100644 --- a/0003-test-path-do-not-fail-the-test-if-we-fail-to-start-s.patch +++ b/0003-test-path-do-not-fail-the-test-if-we-fail-to-start-s.patch @@ -1,8 +1,8 @@ -From 67c6ff720796bc97f262ba93c6ea87da93b04a1a Mon Sep 17 00:00:00 2001 +From c491e46a741ad8603aeb7ec518fefc6a307b251d Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= Date: Fri, 31 Jul 2020 10:36:57 +0200 -Subject: [PATCH 3/4] test-path: do not fail the test if we fail to start some - service +Subject: [PATCH] test-path: do not fail the test if we fail to start a service + because of cgroup setup The test was failing because it couldn't start the service: @@ -30,11 +30,25 @@ In fact any of the services that we try to start may fail, especially considering that we're doing some rogue cgroup operations. See https://github.com/systemd/systemd/pull/16603#issuecomment-679133641. --- - src/test/test-path.c | 88 ++++++++++++++++++++++++++++++-------------- - 1 file changed, 61 insertions(+), 27 deletions(-) + src/core/execute.h | 2 +- + src/test/test-path.c | 89 ++++++++++++++++++++++++++++++-------------- + 2 files changed, 63 insertions(+), 28 deletions(-) +diff --git a/src/core/execute.h b/src/core/execute.h +index fc7bc5c24b..b5653451fd 100644 +--- a/src/core/execute.h ++++ b/src/core/execute.h +@@ -86,7 +86,7 @@ struct ExecStatus { + dual_timestamp exit_timestamp; + pid_t pid; + int code; /* as in siginfo_t::si_code */ +- int status; /* as in sigingo_t::si_status */ ++ int status; /* as in siginfo_t::si_status */ + }; + + /* Stores information about commands we execute. Covers both configuration settings as well as runtime data. */ diff --git a/src/test/test-path.c b/src/test/test-path.c -index 84dcf5e37d..d6c37b77e6 100644 +index 7d3e35e299..a89503ccea 100644 --- a/src/test/test-path.c +++ b/src/test/test-path.c @@ -77,8 +77,8 @@ static Service *service_for_path(Manager *m, Path *path, const char *service_nam @@ -48,11 +62,12 @@ index 84dcf5e37d..d6c37b77e6 100644 assert_se(m); assert_se(service); -@@ -102,11 +102,20 @@ static void _check_states(unsigned line, +@@ -102,11 +102,21 @@ static void _check_states(unsigned line, service_state_to_string(service->state), service_result_to_string(service->result)); -+ if (service->state == SERVICE_FAILED) ++ if (service->state == SERVICE_FAILED && ++ service->main_exec_status.status == EXIT_CGROUP) + return log_notice_errno(SYNTHETIC_ERRNO(ECANCELED), + "Failed to start service %s, aborting test: %s/%s", + UNIT(service)->id, @@ -69,7 +84,7 @@ index 84dcf5e37d..d6c37b77e6 100644 } #define check_states(...) _check_states(__LINE__, __VA_ARGS__) -@@ -124,18 +133,22 @@ static void test_path_exists(Manager *m) { +@@ -124,18 +134,22 @@ static void test_path_exists(Manager *m) { service = service_for_path(m, path, NULL); assert_se(unit_start(unit) >= 0); @@ -96,7 +111,7 @@ index 84dcf5e37d..d6c37b77e6 100644 assert_se(unit_stop(unit) >= 0); } -@@ -154,18 +167,22 @@ static void test_path_existsglob(Manager *m) { +@@ -154,18 +168,22 @@ static void test_path_existsglob(Manager *m) { service = service_for_path(m, path, NULL); assert_se(unit_start(unit) >= 0); @@ -123,7 +138,7 @@ index 84dcf5e37d..d6c37b77e6 100644 assert_se(unit_stop(unit) >= 0); } -@@ -185,23 +202,28 @@ static void test_path_changed(Manager *m) { +@@ -185,23 +203,28 @@ static void test_path_changed(Manager *m) { service = service_for_path(m, path, NULL); assert_se(unit_start(unit) >= 0); @@ -157,7 +172,7 @@ index 84dcf5e37d..d6c37b77e6 100644 (void) rm_rf(test_path, REMOVE_ROOT|REMOVE_PHYSICAL); assert_se(unit_stop(unit) >= 0); -@@ -222,23 +244,28 @@ static void test_path_modified(Manager *m) { +@@ -222,23 +245,28 @@ static void test_path_modified(Manager *m) { service = service_for_path(m, path, NULL); assert_se(unit_start(unit) >= 0); @@ -191,7 +206,7 @@ index 84dcf5e37d..d6c37b77e6 100644 (void) rm_rf(test_path, REMOVE_ROOT|REMOVE_PHYSICAL); assert_se(unit_stop(unit) >= 0); -@@ -258,14 +285,17 @@ static void test_path_unit(Manager *m) { +@@ -258,14 +286,17 @@ static void test_path_unit(Manager *m) { service = service_for_path(m, path, "path-mycustomunit.service"); assert_se(unit_start(unit) >= 0); @@ -212,7 +227,7 @@ index 84dcf5e37d..d6c37b77e6 100644 assert_se(unit_stop(unit) >= 0); } -@@ -286,22 +316,26 @@ static void test_path_directorynotempty(Manager *m) { +@@ -286,22 +317,26 @@ static void test_path_directorynotempty(Manager *m) { assert_se(access(test_path, F_OK) < 0); assert_se(unit_start(unit) >= 0); From f3f602da25b51caaa188e02003f3db94a0dfadec Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= Date: Tue, 29 Sep 2020 18:30:47 +0200 Subject: [PATCH 04/27] Upgrades: only replace NM /etc/resolv.conf if NM is enabled --- systemd.spec | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/systemd.spec b/systemd.spec index 9b156a4..2b0d9c9 100644 --- a/systemd.spec +++ b/systemd.spec @@ -640,7 +640,9 @@ fi # This is for upgrades from previous versions before systemd-resolved became the default. systemctl --no-reload preset systemd-resolved.service &>/dev/null || : -if systemctl is-enabled systemd-resolved.service &>/dev/null; then +if systemctl -q is-enabled systemd-resolved.service &>/dev/null; then + systemctl -q is-enabled NetworkManager.service 2>/dev/null && \ + ! test -L /etc/resolv.conf 2>/dev/null && \ grep -q 'Generated by NetworkManager' /etc/resolv.conf 2>/dev/null && \ echo -e '/etc/resolv.conf was generated by NetworkManager.\nRemoving it to let systemd-resolved manage this file.' && \ mv -v /etc/resolv.conf /etc/resolv.conf.orig-with-nm && \ From d3d43af8adf70974f5e52d31df0b46935ff2ded2 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= Date: Wed, 30 Sep 2020 23:12:12 +0200 Subject: [PATCH 05/27] Only create resolv.conf symlink if sd-resolved.service is enabled This way, if one wants to opt-out of resolved, installing a preset that disables the service is enough. Previously that would only disable the service, but a dangling symlink would be created. --- systemd.spec | 16 +++++++++------- 1 file changed, 9 insertions(+), 7 deletions(-) diff --git a/systemd.spec b/systemd.spec index 2b0d9c9..de4cbb3 100644 --- a/systemd.spec +++ b/systemd.spec @@ -604,13 +604,6 @@ setfacl -Rnm g:wheel:rx,d:g:wheel:rx,g:adm:rx,d:g:adm:rx /var/log/journal/ &>/de [ $1 -eq 1 ] || exit 0 -# Create /etc/resolv.conf symlink. -# We would also create it using tmpfiles, but let's do this here unconditionally -# too before NetworkManager gets a chance. (systemd-tmpfiles invocation above -# does not do this, because it's marked with ! and we don't specify --boot.) -# https://bugzilla.redhat.com/show_bug.cgi?id=1873856 -ln -fsv ../run/systemd/resolve/stub-resolv.conf /etc/resolv.conf - # We reset the enablement of all services upon initial installation # https://bugzilla.redhat.com/show_bug.cgi?id=1118740#c23 # This will fix up enablement of any preset services that got installed @@ -621,6 +614,15 @@ ln -fsv ../run/systemd/resolve/stub-resolv.conf /etc/resolv.conf systemctl preset-all &>/dev/null || : systemctl --global preset-all &>/dev/null || : +# Create /etc/resolv.conf symlink. +# We would also create it using tmpfiles, but let's do this here +# too before NetworkManager gets a chance. (systemd-tmpfiles invocation above +# does not do this, because it's marked with ! and we don't specify --boot.) +# https://bugzilla.redhat.com/show_bug.cgi?id=1873856 +if systemctl -q is-enabled systemd-resolved.service &>/dev/null; then + ln -fsv ../run/systemd/resolve/stub-resolv.conf /etc/resolv.conf +fi + %preun if [ $1 -eq 0 ] ; then systemctl disable --quiet \ From ed795fb1fc9a2c20ebcac34bdf7e7c7ae17322a2 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= Date: Tue, 6 Oct 2020 13:19:04 +0200 Subject: [PATCH 06/27] resolve: remove the fallback dns server list DNS questions (which necessarilly include IP addresses) are personally indentifying information in the sense of GDPR (https://gdpr.eu/eu-gdpr-personal-data/ explicitly lists IP address as PII). Sending those packets to Google or Cloudflare is "forwarding" this PII to them. GDPR says that information which is not enough to identify individuals still needs to be protected because it may be combined with other information or processed with improved technology later. So even though the information in DNS alone it not very big, it may be interpreted as protected information in various scenarios. When Fedora is installed by an end-user, they must have the reasonable expectation that Fedora will contant Fedora servers for updates and status checks and such. But the case of DNS packets is different, because the dns servers are not under our control. While most of the time the information leak through DNS is negligible, we can't rule out scenarios where it could be considered more important. Another thing to consider is that ISP and other local internet access mechanisms are probably worse overall for privacy compared to google and cloudflare dns servers. Nevertheless, they are more obvious to users and fit better in the regulatory framework, because there are local laws that govern them and implicitic or explicit agreements for their use. Whereas US-based servers are foreign and are covered by different rules. The fallback DNS servers don't matter most of the time because NetworkManager will include the servers from a DHCP lease. So hopefully users will not see any effect from the change done in this patch. Right now I think it is better to avoid the legal and privacy risk. If it turns out this change causes noticable problems, we might want to reconsider. In particular we could use the fallback servers only in containers and such which are not "personal" machines and there is no particular person attached to them. https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org/message/3C4KESHIMZDB6XCFO4EOBEDV4Q2AVVQ5/ I think we could provide a default dns server list more reasonably if there was some kind of privacy policy published by Fedora and users could at least learn about those defaults. Sadly, we don't have any relevant privacy policy (https://pagure.io/Fedora-Council/tickets/issue/53). (cherry picked from commit 14b2fafb3688a4170a9c15235d1c3feb7ddeaf9d) --- ...asonable-DNS-servers-in-the-example-.patch | 34 +++++++++++++++++++ systemd.spec | 2 ++ 2 files changed, 36 insertions(+) create mode 100644 0001-Document-some-reasonable-DNS-servers-in-the-example-.patch diff --git a/0001-Document-some-reasonable-DNS-servers-in-the-example-.patch b/0001-Document-some-reasonable-DNS-servers-in-the-example-.patch new file mode 100644 index 0000000..535fdfc --- /dev/null +++ b/0001-Document-some-reasonable-DNS-servers-in-the-example-.patch @@ -0,0 +1,34 @@ +From b6c05e03c2e6e98e2f0f129ff5256780bb65bdb2 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= +Date: Tue, 6 Oct 2020 13:59:25 +0200 +Subject: [PATCH] Document some reasonable DNS servers in the example config + file + +We have an option to set the fallback list, so we don't know what the contents +are. It may in fact be empty. Let's add some examples to make it easy for a user +stranded without any DNS to fill in something that would work. As a bonus, this +also gives names to the entries we provide by default. +(I added google and cloudflare because that's what we have currently, and quad9 +because it seems to be a good privacy-concious and fast choice and was requested +in #12499. As a minimum, things we should include should be well-known global +services with a documented privacy policy and both IPv4 and IPv6 support and +decent response times.) +--- + src/resolve/resolved.conf.in | 4 ++++ + 1 file changed, 4 insertions(+) + +diff --git a/src/resolve/resolved.conf.in b/src/resolve/resolved.conf.in +index 082ad71626..514021792f 100644 +--- a/src/resolve/resolved.conf.in ++++ b/src/resolve/resolved.conf.in +@@ -12,6 +12,10 @@ + # See resolved.conf(5) for details + + [Resolve] ++# Some examples of DNS servers which may be used for DNS= and FallbackDNS=: ++# Cloudflare: 1.1.1.1 1.0.0.1 2606:4700:4700::1111 2606:4700:4700::1001 ++# Google: 8.8.8.8 8.8.4.4 2001:4860:4860::8888 2001:4860:4860::8844 ++# Quad9: 9.9.9.9 2620:fe::fe + #DNS= + #FallbackDNS=@DNS_SERVERS@ + #Domains= diff --git a/systemd.spec b/systemd.spec index e11aea1..06f8adb 100644 --- a/systemd.spec +++ b/systemd.spec @@ -78,6 +78,7 @@ Patch0005: 0004-test-path-use-Type-exec.patch Patch0006: 0001-test-acl-util-output-more-debug-info.patch Patch0007: 0001-Do-not-assert-in-test_add_acls_for_user.patch +Patch0008: 0001-Document-some-reasonable-DNS-servers-in-the-example-.patch Patch0009: https://github.com/systemd/systemd/pull/17050/commits/f58b96d3e8d1cb0dd3666bc74fa673918b586612.patch @@ -369,6 +370,7 @@ CONFIGURE_OPTS=( -Dsysvinit-path=/etc/rc.d/init.d -Drc-local=/etc/rc.d/rc.local -Dntp-servers='0.%{ntpvendor}.pool.ntp.org 1.%{ntpvendor}.pool.ntp.org 2.%{ntpvendor}.pool.ntp.org 3.%{ntpvendor}.pool.ntp.org' + -Ddns-servers= -Duser-path=/usr/local/bin:/usr/local/sbin:/usr/bin:/usr/sbin -Dservice-watchdog= -Ddev-kvm-mode=0666 From 12233f37693387577e3d0b6274efd5e98380ca51 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= Date: Thu, 8 Oct 2020 11:52:07 +0200 Subject: [PATCH 07/27] Do not touch resolv.conf if it is a mountpoint https://bugzilla.redhat.com/show_bug.cgi?id=1885101 (cherry picked from commit 96b7895b99f9a1b6cda068799763ea842d8d741f) --- systemd.spec | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/systemd.spec b/systemd.spec index 06f8adb..4755b62 100644 --- a/systemd.spec +++ b/systemd.spec @@ -667,7 +667,8 @@ systemctl --global preset-all &>/dev/null || : # too before NetworkManager gets a chance. (systemd-tmpfiles invocation above # does not do this, because it's marked with ! and we don't specify --boot.) # https://bugzilla.redhat.com/show_bug.cgi?id=1873856 -if systemctl -q is-enabled systemd-resolved.service &>/dev/null; then +if systemctl -q is-enabled systemd-resolved.service &>/dev/null && + ! mountpoint /etc/resolv.conf &>/dev/null; then ln -fsv ../run/systemd/resolve/stub-resolv.conf /etc/resolv.conf fi @@ -691,6 +692,7 @@ systemctl --no-reload preset systemd-resolved.service &>/dev/null || : if systemctl -q is-enabled systemd-resolved.service &>/dev/null; then systemctl -q is-enabled NetworkManager.service 2>/dev/null && \ ! test -L /etc/resolv.conf 2>/dev/null && \ + ! mountpoint /etc/resolv.conf &>/dev/null && \ grep -q 'Generated by NetworkManager' /etc/resolv.conf 2>/dev/null && \ echo -e '/etc/resolv.conf was generated by NetworkManager.\nRemoving it to let systemd-resolved manage this file.' && \ mv -v /etc/resolv.conf /etc/resolv.conf.orig-with-nm && \ From 3dbcab83bf905d722ad17cfbf8ada97f06a010b6 Mon Sep 17 00:00:00 2001 From: Robert Scheck Date: Sun, 11 Oct 2020 13:24:55 +0000 Subject: [PATCH 08/27] Harmonize networkd description/summary with other sub-packages (cherry picked from commit 5acb5c4c08f7fb8668f797b2b9a689a7be2b63c2) --- systemd.spec | 9 ++++----- 1 file changed, 4 insertions(+), 5 deletions(-) diff --git a/systemd.spec b/systemd.spec index 4755b62..e934964 100644 --- a/systemd.spec +++ b/systemd.spec @@ -320,17 +320,16 @@ This package contains systemd-journal-gatewayd, systemd-journal-remote, and systemd-journal-upload. %package networkd -Summary: A system service that manages network configurations +Summary: System daemon that manages network configurations Requires: %{name}%{?_isa} = %{version}-%{release} License: LGPLv2+ # https://src.fedoraproject.org/rpms/systemd/pull-request/34 Obsoletes: systemd < 246.6-2 %description networkd -%{summary}. - -It detects and configures network devices as they appear, -as well as creating virtual network devices. +systemd-networkd is a system service that manages networks. It detects +and configures network devices as they appear, as well as creating virtual +network devices. %package tests Summary: Internal unit tests for systemd From ede219f77bb0cebbac2e4a1bd14f35c3ae8dfb47 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= Date: Mon, 26 Oct 2020 21:44:48 +0100 Subject: [PATCH 09/27] Use normal scriptlets for systemd-networkd (cherry picked from commit b6a8363c432c352c335330c0fe48fb36991f9adf) --- systemd.spec | 17 ++++++++--------- 1 file changed, 8 insertions(+), 9 deletions(-) diff --git a/systemd.spec b/systemd.spec index e934964..22e8df5 100644 --- a/systemd.spec +++ b/systemd.spec @@ -603,9 +603,6 @@ getent group systemd-journal &>/dev/null || groupadd -r -g 190 systemd-journal 2 getent group systemd-coredump &>/dev/null || groupadd -r systemd-coredump 2>&1 || : getent passwd systemd-coredump &>/dev/null || useradd -r -l -g systemd-coredump -d / -s /sbin/nologin -c "systemd Core Dumper" systemd-coredump &>/dev/null || : -getent group systemd-network &>/dev/null || groupadd -r -g 192 systemd-network 2>&1 || : -getent passwd systemd-network &>/dev/null || useradd -r -u 192 -l -g systemd-network -d / -s /sbin/nologin -c "systemd Network Management" systemd-network &>/dev/null || : - getent group systemd-resolve &>/dev/null || groupadd -r -g 193 systemd-resolve 2>&1 || : getent passwd systemd-resolve &>/dev/null || useradd -r -u 193 -l -g systemd-resolve -d / -s /sbin/nologin -c "systemd Resolver" systemd-resolve &>/dev/null || : @@ -816,13 +813,15 @@ fi %systemd_postun_with_restart systemd-journal-upload.service %firewalld_reload +%pre networkd +getent group systemd-network &>/dev/null || groupadd -r -g 192 systemd-network 2>&1 || : +getent passwd systemd-network &>/dev/null || useradd -r -u 192 -l -g systemd-network -d / -s /sbin/nologin -c "systemd Network Management" systemd-network &>/dev/null || : + +%post networkd +%systemd_post systemd-networkd.service systemd-networkd-wait-online.service + %preun networkd -if [ $1 -eq 0 ] ; then - systemctl disable --quiet \ - systemd-networkd.service \ - systemd-networkd-wait-online.service \ - >/dev/null || : -fi +%systemd_preun systemd-networkd.service systemd-networkd-wait-online.service %global _docdir_fmt %{name} From 0e4b90f1130a3da0989e9251b96090f21ddde878 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= Date: Tue, 27 Oct 2020 20:05:22 +0100 Subject: [PATCH 10/27] Stop creating resolv.conf symlink in more circumstances (cherry picked from commit 5bf2aac8b4bb179028387ce383ac55d79b46e4b5) --- systemd.spec | 13 +++++++++++-- 1 file changed, 11 insertions(+), 2 deletions(-) diff --git a/systemd.spec b/systemd.spec index 22e8df5..89e42d8 100644 --- a/systemd.spec +++ b/systemd.spec @@ -663,8 +663,17 @@ systemctl --global preset-all &>/dev/null || : # too before NetworkManager gets a chance. (systemd-tmpfiles invocation above # does not do this, because it's marked with ! and we don't specify --boot.) # https://bugzilla.redhat.com/show_bug.cgi?id=1873856 -if systemctl -q is-enabled systemd-resolved.service &>/dev/null && - ! mountpoint /etc/resolv.conf &>/dev/null; then +# +# If systemd is not running, don't overwrite the symlink because that +# will immediately break DNS resolution, since systemd-resolved is +# also not running (https://bugzilla.redhat.com/show_bug.cgi?id=1891847). +# +# Also don't creat the symlink to the stub when the stub is disabled (#1891847 again). +if test -d /run/systemd/system/ && + systemctl -q is-enabled systemd-resolved.service &>/dev/null && + ! mountpoint /etc/resolv.conf &>/dev/null && + ! systemd-analyze cat-config systemd/resolved.conf 2>/dev/null | \ + grep -qE '^DNSStubListener\s*=\s*([nN][oO]?|[fF]|[fF][aA][lL][sS][eE]|0|[oO][fF][fF])$'; then ln -fsv ../run/systemd/resolve/stub-resolv.conf /etc/resolv.conf fi From 22dd1114202096ab838595e1a4709e69b5c4a05f Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= Date: Thu, 12 Nov 2020 12:22:25 +0100 Subject: [PATCH 11/27] Pull in perl for tests (cherry picked from commit 39bdda8d199fb60e8731f977cc6210d38d538fca) --- systemd.spec | 2 ++ 1 file changed, 2 insertions(+) diff --git a/systemd.spec b/systemd.spec index 89e42d8..f8eb608 100644 --- a/systemd.spec +++ b/systemd.spec @@ -143,6 +143,8 @@ BuildRequires: gettext # We use RUNNING_ON_VALGRIND in tests, so the headers need to be available BuildRequires: valgrind-devel BuildRequires: pkgconfig(bash-completion) +BuildRequires: perl +BuildRequires: perl(IPC::SysV) Requires(post): coreutils Requires(post): sed From bb07b579b9ac328f340c780553768a04f8319d1a Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= Date: Mon, 30 Nov 2020 12:46:17 +0100 Subject: [PATCH 12/27] Move container networkd config to -networkd subpackage -container subpackage is for container *management*. Those files are used *in* the container. (cherry picked from commit 9bf9a317b60ca7969ad1a4c1baaa4e582ef8d46f) --- split-files.py | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/split-files.py b/split-files.py index e1b2124..ffa18f5 100644 --- a/split-files.py +++ b/split-files.py @@ -72,12 +72,10 @@ for file in files(buildroot): /machine.slice| /machines.target| var-lib-machines.mount| - network/80-container| - network/80-vm| org.freedesktop.(import|machine)1 ''', n, re.X): o = o_container - elif re.search(r'''/usr/lib/systemd/network/..-wifi| + elif re.search(r'''/usr/lib/systemd/network/80-| networkd| networkctl| org.freedesktop.network1 From 0c781e3fb38208bde5e7d17a7787581587f28da1 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= Date: Tue, 8 Dec 2020 18:46:48 +0100 Subject: [PATCH 13/27] Version 246.7 --- ...asonable-DNS-servers-in-the-example-.patch | 34 ------- 0004-test-path-use-Type-exec.patch | 94 ------------------- sources | 2 +- systemd.spec | 11 ++- 4 files changed, 8 insertions(+), 133 deletions(-) delete mode 100644 0001-Document-some-reasonable-DNS-servers-in-the-example-.patch delete mode 100644 0004-test-path-use-Type-exec.patch diff --git a/0001-Document-some-reasonable-DNS-servers-in-the-example-.patch b/0001-Document-some-reasonable-DNS-servers-in-the-example-.patch deleted file mode 100644 index 535fdfc..0000000 --- a/0001-Document-some-reasonable-DNS-servers-in-the-example-.patch +++ /dev/null @@ -1,34 +0,0 @@ -From b6c05e03c2e6e98e2f0f129ff5256780bb65bdb2 Mon Sep 17 00:00:00 2001 -From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= -Date: Tue, 6 Oct 2020 13:59:25 +0200 -Subject: [PATCH] Document some reasonable DNS servers in the example config - file - -We have an option to set the fallback list, so we don't know what the contents -are. It may in fact be empty. Let's add some examples to make it easy for a user -stranded without any DNS to fill in something that would work. As a bonus, this -also gives names to the entries we provide by default. -(I added google and cloudflare because that's what we have currently, and quad9 -because it seems to be a good privacy-concious and fast choice and was requested -in #12499. As a minimum, things we should include should be well-known global -services with a documented privacy policy and both IPv4 and IPv6 support and -decent response times.) ---- - src/resolve/resolved.conf.in | 4 ++++ - 1 file changed, 4 insertions(+) - -diff --git a/src/resolve/resolved.conf.in b/src/resolve/resolved.conf.in -index 082ad71626..514021792f 100644 ---- a/src/resolve/resolved.conf.in -+++ b/src/resolve/resolved.conf.in -@@ -12,6 +12,10 @@ - # See resolved.conf(5) for details - - [Resolve] -+# Some examples of DNS servers which may be used for DNS= and FallbackDNS=: -+# Cloudflare: 1.1.1.1 1.0.0.1 2606:4700:4700::1111 2606:4700:4700::1001 -+# Google: 8.8.8.8 8.8.4.4 2001:4860:4860::8888 2001:4860:4860::8844 -+# Quad9: 9.9.9.9 2620:fe::fe - #DNS= - #FallbackDNS=@DNS_SERVERS@ - #Domains= diff --git a/0004-test-path-use-Type-exec.patch b/0004-test-path-use-Type-exec.patch deleted file mode 100644 index 3734dc6..0000000 --- a/0004-test-path-use-Type-exec.patch +++ /dev/null @@ -1,94 +0,0 @@ -From 1a83d7234e374e991235f4ef21c56998f93cb875 Mon Sep 17 00:00:00 2001 -From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= -Date: Mon, 14 Sep 2020 08:58:54 +0200 -Subject: [PATCH 4/4] test-path: use Type=exec - -In general, Type=exec is superior to Type=simple. Let's not assume that -the service is started before it was really started. ---- - test/test-path/path-changed.service | 2 +- - test/test-path/path-directorynotempty.service | 2 +- - test/test-path/path-exists.service | 2 +- - test/test-path/path-existsglob.service | 2 +- - test/test-path/path-makedirectory.service | 2 +- - test/test-path/path-modified.service | 2 +- - test/test-path/path-mycustomunit.service | 2 +- - 7 files changed, 7 insertions(+), 7 deletions(-) - -diff --git a/test/test-path/path-changed.service b/test/test-path/path-changed.service -index fb465d76bb..b75552df4f 100644 ---- a/test/test-path/path-changed.service -+++ b/test/test-path/path-changed.service -@@ -3,5 +3,5 @@ Description=Service Test for Path units - - [Service] - ExecStart=/bin/true --Type=simple -+Type=exec - RemainAfterExit=true -diff --git a/test/test-path/path-directorynotempty.service b/test/test-path/path-directorynotempty.service -index fb465d76bb..b75552df4f 100644 ---- a/test/test-path/path-directorynotempty.service -+++ b/test/test-path/path-directorynotempty.service -@@ -3,5 +3,5 @@ Description=Service Test for Path units - - [Service] - ExecStart=/bin/true --Type=simple -+Type=exec - RemainAfterExit=true -diff --git a/test/test-path/path-exists.service b/test/test-path/path-exists.service -index fb465d76bb..b75552df4f 100644 ---- a/test/test-path/path-exists.service -+++ b/test/test-path/path-exists.service -@@ -3,5 +3,5 @@ Description=Service Test for Path units - - [Service] - ExecStart=/bin/true --Type=simple -+Type=exec - RemainAfterExit=true -diff --git a/test/test-path/path-existsglob.service b/test/test-path/path-existsglob.service -index fb465d76bb..b75552df4f 100644 ---- a/test/test-path/path-existsglob.service -+++ b/test/test-path/path-existsglob.service -@@ -3,5 +3,5 @@ Description=Service Test for Path units - - [Service] - ExecStart=/bin/true --Type=simple -+Type=exec - RemainAfterExit=true -diff --git a/test/test-path/path-makedirectory.service b/test/test-path/path-makedirectory.service -index fb465d76bb..b75552df4f 100644 ---- a/test/test-path/path-makedirectory.service -+++ b/test/test-path/path-makedirectory.service -@@ -3,5 +3,5 @@ Description=Service Test for Path units - - [Service] - ExecStart=/bin/true --Type=simple -+Type=exec - RemainAfterExit=true -diff --git a/test/test-path/path-modified.service b/test/test-path/path-modified.service -index fb465d76bb..b75552df4f 100644 ---- a/test/test-path/path-modified.service -+++ b/test/test-path/path-modified.service -@@ -3,5 +3,5 @@ Description=Service Test for Path units - - [Service] - ExecStart=/bin/true --Type=simple -+Type=exec - RemainAfterExit=true -diff --git a/test/test-path/path-mycustomunit.service b/test/test-path/path-mycustomunit.service -index bcdafe4f30..8fbc40d13f 100644 ---- a/test/test-path/path-mycustomunit.service -+++ b/test/test-path/path-mycustomunit.service -@@ -3,5 +3,5 @@ Description=Service Test Path Unit - - [Service] - ExecStart=/bin/true --Type=simple -+Type=exec - RemainAfterExit=true diff --git a/sources b/sources index e2e7b3b..d8a8b13 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -SHA512 (systemd-246.6.tar.gz) = 1936b291d9831cf61f800fe718a4c2c2fe9b2a11fd817fe32bd48da2087a675dfc91013209a3478ea52e8ada593300ed906e248b8081dcf9141bf1cc17483ea9 +SHA512 (systemd-246.7.tar.gz) = 3578623a23eb7eab9777c466bea7cf07de570dbd932ba8739a8dcad2c1a4f2e1c15646f170e7b5d646d7b608ca65343d37a44b402e1fb2a97509c91fc9a03ced diff --git a/systemd.spec b/systemd.spec index f8eb608..a24ff47 100644 --- a/systemd.spec +++ b/systemd.spec @@ -20,8 +20,8 @@ Name: systemd Url: https://www.freedesktop.org/wiki/Software/systemd -Version: 246.6 -Release: 3%{?dist} +Version: 246.7 +Release: 1%{?dist} # For a breakdown of the licensing, see README License: LGPLv2+ and MIT and GPLv2+ Summary: System and Service Manager @@ -74,11 +74,9 @@ Patch0001: use-bfq-scheduler.patch Patch0002: 0001-Revert-test-path-increase-timeout.patch Patch0003: 0002-test-path-more-debugging-information.patch Patch0004: 0003-test-path-do-not-fail-the-test-if-we-fail-to-start-s.patch -Patch0005: 0004-test-path-use-Type-exec.patch Patch0006: 0001-test-acl-util-output-more-debug-info.patch Patch0007: 0001-Do-not-assert-in-test_add_acls_for_user.patch -Patch0008: 0001-Document-some-reasonable-DNS-servers-in-the-example-.patch Patch0009: https://github.com/systemd/systemd/pull/17050/commits/f58b96d3e8d1cb0dd3666bc74fa673918b586612.patch @@ -881,6 +879,11 @@ getent passwd systemd-network &>/dev/null || useradd -r -u 192 -l -g systemd-net %files standalone-sysusers -f .file-list-standalone-sysusers %changelog +* Tue Dec 8 2020 Zbigniew Jędrzejewski-Szmek - 246.7-1 +- Update to latest stable release. Unfortunately this contains + a fairly large number of patches for a stable release (180+). + Fixes rhbz#1879216, rhbz#1890632, rhbz#1891847, rhbz#1885101. + * Wed Sep 30 2020 Dusty Mabe - 246.6-3 - Try to make files in subpackages (especially the networkd subpackage) more appropriate. From 0734f6bacd9128f4a393e526e4581844c68510cf Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= Date: Tue, 8 Dec 2020 18:54:58 +0100 Subject: [PATCH 14/27] Restore "localhost" as the fallback hostname --- systemd.spec | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/systemd.spec b/systemd.spec index a24ff47..a3097c8 100644 --- a/systemd.spec +++ b/systemd.spec @@ -432,7 +432,6 @@ CONFIGURE_OPTS=( -Db_ndebug=false -Dman=true -Dversion-tag=v%{version}-%{release} - -Dfallback-hostname=fedora -Ddefault-dnssec=no # https://bugzilla.redhat.com/show_bug.cgi?id=1867830 -Ddefault-mdns=no @@ -883,6 +882,8 @@ getent passwd systemd-network &>/dev/null || useradd -r -u 192 -l -g systemd-net - Update to latest stable release. Unfortunately this contains a fairly large number of patches for a stable release (180+). Fixes rhbz#1879216, rhbz#1890632, rhbz#1891847, rhbz#1885101. +- Unset fallback-hostname as plenty of applications expected localhost + to mean "default hostname" without ever standardising it (#1892235) * Wed Sep 30 2020 Dusty Mabe - 246.6-3 - Try to make files in subpackages (especially the networkd subpackage) From 8d0eb549dfd74bbca7fe495f1cba98381b725a3c Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= Date: Tue, 8 Dec 2020 20:09:31 +0100 Subject: [PATCH 15/27] Revert the fallback hostname revert Sadly, this does not work. It seems NM queries resolved for the local IP address and gets "linux" and sets that as the transient hostname. Resolved has a "fallback hostname" (that will now again be "fedora"), but it also has a fallback fallback hostname that is "linux" that it used in reverse dns queries and such. NM gets the "linux" name and tells hostnamed to use that as the transient hostname. I don't think this is an improvement, since "linux" is a problematic as "fedora". So let's revert this for now to avoid pointless churn, until we figure out a real solution. --- systemd.spec | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/systemd.spec b/systemd.spec index a3097c8..eef3147 100644 --- a/systemd.spec +++ b/systemd.spec @@ -21,7 +21,7 @@ Name: systemd Url: https://www.freedesktop.org/wiki/Software/systemd Version: 246.7 -Release: 1%{?dist} +Release: 2%{?dist} # For a breakdown of the licensing, see README License: LGPLv2+ and MIT and GPLv2+ Summary: System and Service Manager @@ -432,6 +432,7 @@ CONFIGURE_OPTS=( -Db_ndebug=false -Dman=true -Dversion-tag=v%{version}-%{release} + -Dfallback-hostname=fedora -Ddefault-dnssec=no # https://bugzilla.redhat.com/show_bug.cgi?id=1867830 -Ddefault-mdns=no @@ -878,6 +879,9 @@ getent passwd systemd-network &>/dev/null || useradd -r -u 192 -l -g systemd-net %files standalone-sysusers -f .file-list-standalone-sysusers %changelog +* Tue Dec 8 2020 Zbigniew Jędrzejewski-Szmek - 246.7-2 +- Rebuild with fallback hostname change reverted. + * Tue Dec 8 2020 Zbigniew Jędrzejewski-Szmek - 246.7-1 - Update to latest stable release. Unfortunately this contains a fairly large number of patches for a stable release (180+). From b0eed6b09493ab2296cb70fa17e232df0567b775 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= Date: Wed, 16 Dec 2020 15:22:01 +0100 Subject: [PATCH 16/27] Version 246.8 --- ...consistency-checks-when-logind-is-no.patch | 171 ++++++++++++++++++ sources | 2 +- systemd.spec | 8 +- 3 files changed, 178 insertions(+), 3 deletions(-) create mode 100644 0001-test-login-skip-consistency-checks-when-logind-is-no.patch diff --git a/0001-test-login-skip-consistency-checks-when-logind-is-no.patch b/0001-test-login-skip-consistency-checks-when-logind-is-no.patch new file mode 100644 index 0000000..ef644b2 --- /dev/null +++ b/0001-test-login-skip-consistency-checks-when-logind-is-no.patch @@ -0,0 +1,171 @@ +From 91958038c2ca639a301521c992d3ae3aa7881c63 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= +Date: Wed, 16 Dec 2020 15:56:44 +0100 +Subject: [PATCH] test-login: skip consistency checks when logind is not active +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +There are two ways in swich sd_login_* functions acquire data: +some are derived from the cgroup path, but others use the data serialized +by logind. + +When the tests are executed under Fedora's mock, without systemd-spawn +but instead in a traditional chroot, test-login gets confused: +the "outside" cgroup path is visible, so sd_pid_get_unit() and +sd_pid_get_session() work, but sd_session_is_active() and other functions +that need logind data fail. + +Such a buildroot setup is fairly bad, but it can be encountered in the wild, so +let's just skip the tests in that case. + +/* Information printed is from the live system */ +sd_pid_get_unit(0, …) → "session-237.scope" +sd_pid_get_user_unit(0, …) → "n/a" +sd_pid_get_slice(0, …) → "user-1000.slice" +sd_pid_get_session(0, …) → "237" +sd_pid_get_owner_uid(0, …) → 1000 +sd_pid_get_cgroup(0, …) → "/user.slice/user-1000.slice/session-237.scope" +sd_uid_get_display(1000, …) → "(null)" +sd_uid_get_sessions(1000, …) → [0] "" +sd_uid_get_seats(1000, …) → [0] "" +Assertion 'r >= 0' failed at src/libsystemd/sd-login/test-login.c:104, function test_login(). Aborting. +--- + src/libsystemd/sd-login/test-login.c | 100 ++++++++++++++------------- + 1 file changed, 53 insertions(+), 47 deletions(-) + +diff --git a/src/libsystemd/sd-login/test-login.c b/src/libsystemd/sd-login/test-login.c +index c0c77e0471..f007c9966b 100644 +--- a/src/libsystemd/sd-login/test-login.c ++++ b/src/libsystemd/sd-login/test-login.c +@@ -101,68 +101,74 @@ static void test_login(void) { + + if (session) { + r = sd_session_is_active(session); +- assert_se(r >= 0); +- log_info("sd_session_is_active(\"%s\") → %s", session, yes_no(r)); ++ if (r == -ENXIO) ++ log_notice("sd_session_is_active failed with ENXIO, it seems logind is not running."); ++ else { ++ /* All those tests will fail with ENXIO, so let's skip them. */ + +- r = sd_session_is_remote(session); +- assert_se(r >= 0); +- log_info("sd_session_is_remote(\"%s\") → %s", session, yes_no(r)); ++ assert_se(r >= 0); ++ log_info("sd_session_is_active(\"%s\") → %s", session, yes_no(r)); + +- r = sd_session_get_state(session, &state); +- assert_se(r >= 0); +- log_info("sd_session_get_state(\"%s\") → \"%s\"", session, state); ++ r = sd_session_is_remote(session); ++ assert_se(r >= 0); ++ log_info("sd_session_is_remote(\"%s\") → %s", session, yes_no(r)); + +- assert_se(sd_session_get_uid(session, &u) >= 0); +- log_info("sd_session_get_uid(\"%s\") → "UID_FMT, session, u); +- assert_se(u == u2); ++ r = sd_session_get_state(session, &state); ++ assert_se(r >= 0); ++ log_info("sd_session_get_state(\"%s\") → \"%s\"", session, state); + +- assert_se(sd_session_get_type(session, &type) >= 0); +- log_info("sd_session_get_type(\"%s\") → \"%s\"", session, type); ++ assert_se(sd_session_get_uid(session, &u) >= 0); ++ log_info("sd_session_get_uid(\"%s\") → "UID_FMT, session, u); ++ assert_se(u == u2); + +- assert_se(sd_session_get_class(session, &class) >= 0); +- log_info("sd_session_get_class(\"%s\") → \"%s\"", session, class); ++ assert_se(sd_session_get_type(session, &type) >= 0); ++ log_info("sd_session_get_type(\"%s\") → \"%s\"", session, type); + +- r = sd_session_get_display(session, &display); +- assert_se(r >= 0 || r == -ENODATA); +- log_info("sd_session_get_display(\"%s\") → \"%s\"", session, strna(display)); ++ assert_se(sd_session_get_class(session, &class) >= 0); ++ log_info("sd_session_get_class(\"%s\") → \"%s\"", session, class); + +- r = sd_session_get_remote_user(session, &remote_user); +- assert_se(r >= 0 || r == -ENODATA); +- log_info("sd_session_get_remote_user(\"%s\") → \"%s\"", +- session, strna(remote_user)); ++ r = sd_session_get_display(session, &display); ++ assert_se(r >= 0 || r == -ENODATA); ++ log_info("sd_session_get_display(\"%s\") → \"%s\"", session, strna(display)); + +- r = sd_session_get_remote_host(session, &remote_host); +- assert_se(r >= 0 || r == -ENODATA); +- log_info("sd_session_get_remote_host(\"%s\") → \"%s\"", +- session, strna(remote_host)); ++ r = sd_session_get_remote_user(session, &remote_user); ++ assert_se(r >= 0 || r == -ENODATA); ++ log_info("sd_session_get_remote_user(\"%s\") → \"%s\"", ++ session, strna(remote_user)); + +- r = sd_session_get_seat(session, &seat); +- if (r >= 0) { +- assert_se(seat); ++ r = sd_session_get_remote_host(session, &remote_host); ++ assert_se(r >= 0 || r == -ENODATA); ++ log_info("sd_session_get_remote_host(\"%s\") → \"%s\"", ++ session, strna(remote_host)); + +- log_info("sd_session_get_seat(\"%s\") → \"%s\"", session, seat); ++ r = sd_session_get_seat(session, &seat); ++ if (r >= 0) { ++ assert_se(seat); ++ ++ log_info("sd_session_get_seat(\"%s\") → \"%s\"", session, seat); + + #pragma GCC diagnostic push + #pragma GCC diagnostic ignored "-Wdeprecated-declarations" +- r = sd_seat_can_multi_session(seat); ++ r = sd_seat_can_multi_session(seat); + #pragma GCC diagnostic pop +- assert_se(r == 1); +- log_info("sd_session_can_multi_seat(\"%s\") → %s", seat, yes_no(r)); ++ assert_se(r == 1); ++ log_info("sd_session_can_multi_seat(\"%s\") → %s", seat, yes_no(r)); + +- r = sd_seat_can_tty(seat); +- assert_se(r >= 0); +- log_info("sd_session_can_tty(\"%s\") → %s", seat, yes_no(r)); ++ r = sd_seat_can_tty(seat); ++ assert_se(r >= 0); ++ log_info("sd_session_can_tty(\"%s\") → %s", seat, yes_no(r)); + +- r = sd_seat_can_graphical(seat); +- assert_se(r >= 0); +- log_info("sd_session_can_graphical(\"%s\") → %s", seat, yes_no(r)); +- } else { +- log_info_errno(r, "sd_session_get_seat(\"%s\"): %m", session); +- assert_se(r == -ENODATA); ++ r = sd_seat_can_graphical(seat); ++ assert_se(r >= 0); ++ log_info("sd_session_can_graphical(\"%s\") → %s", seat, yes_no(r)); ++ } else { ++ log_info_errno(r, "sd_session_get_seat(\"%s\"): %m", session); ++ assert_se(r == -ENODATA); ++ } ++ ++ assert_se(sd_uid_get_state(u, &state2) >= 0); ++ log_info("sd_uid_get_state("UID_FMT", …) → %s", u, state2); + } +- +- assert_se(sd_uid_get_state(u, &state2) >= 0); +- log_info("sd_uid_get_state("UID_FMT", …) → %s", u, state2); + } + + if (seat) { +@@ -203,8 +209,8 @@ static void test_login(void) { + assert_se(sd_get_seats(NULL) == r); + + r = sd_seat_get_active(NULL, &t, NULL); +- assert_se(IN_SET(r, 0, -ENODATA)); +- log_info("sd_seat_get_active(NULL, …) (active session on current seat) → %s", strnull(t)); ++ log_info_errno(r, "sd_seat_get_active(NULL, …) (active session on current seat) → %s: %m", strnull(t)); ++ assert_se(IN_SET(r, 0, -ENODATA, -ENXIO)); + free(t); + + r = sd_get_sessions(&sessions); diff --git a/sources b/sources index d8a8b13..780894d 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -SHA512 (systemd-246.7.tar.gz) = 3578623a23eb7eab9777c466bea7cf07de570dbd932ba8739a8dcad2c1a4f2e1c15646f170e7b5d646d7b608ca65343d37a44b402e1fb2a97509c91fc9a03ced +SHA512 (systemd-246.9.tar.gz) = d4a9160e0fe219015de2bdfeb829ddf4fc3ae99e613f4b04f23860f1c803dc2f59ddf3ffa6e4df6a24127944cd1f335b4bc4f71074d1f7914052498ff25cd2a0 diff --git a/systemd.spec b/systemd.spec index eef3147..c1ba764 100644 --- a/systemd.spec +++ b/systemd.spec @@ -20,8 +20,8 @@ Name: systemd Url: https://www.freedesktop.org/wiki/Software/systemd -Version: 246.7 -Release: 2%{?dist} +Version: 246.9 +Release: 1%{?dist} # For a breakdown of the licensing, see README License: LGPLv2+ and MIT and GPLv2+ Summary: System and Service Manager @@ -74,6 +74,7 @@ Patch0001: use-bfq-scheduler.patch Patch0002: 0001-Revert-test-path-increase-timeout.patch Patch0003: 0002-test-path-more-debugging-information.patch Patch0004: 0003-test-path-do-not-fail-the-test-if-we-fail-to-start-s.patch +Patch0005: 0001-test-login-skip-consistency-checks-when-logind-is-no.patch Patch0006: 0001-test-acl-util-output-more-debug-info.patch Patch0007: 0001-Do-not-assert-in-test_add_acls_for_user.patch @@ -879,6 +880,9 @@ getent passwd systemd-network &>/dev/null || useradd -r -u 192 -l -g systemd-net %files standalone-sysusers -f .file-list-standalone-sysusers %changelog +* Wed Dec 16 2020 Zbigniew Jędrzejewski-Szmek - 246.9-1 +- Minor stable release + * Tue Dec 8 2020 Zbigniew Jędrzejewski-Szmek - 246.7-2 - Rebuild with fallback hostname change reverted. From b24ba6cad7c9a91cbdc3c0b2eebb45ae9c321288 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= Date: Sat, 2 Jan 2021 15:09:48 +0100 Subject: [PATCH 17/27] Fix bfq patch again https://bugzilla.redhat.com/show_bug.cgi?id=1813219#c3 --- systemd.spec | 5 ++++- use-bfq-scheduler.patch | 3 ++- 2 files changed, 6 insertions(+), 2 deletions(-) diff --git a/systemd.spec b/systemd.spec index c1ba764..62b5aab 100644 --- a/systemd.spec +++ b/systemd.spec @@ -21,7 +21,7 @@ Name: systemd Url: https://www.freedesktop.org/wiki/Software/systemd Version: 246.9 -Release: 1%{?dist} +Release: 2%{?dist} # For a breakdown of the licensing, see README License: LGPLv2+ and MIT and GPLv2+ Summary: System and Service Manager @@ -880,6 +880,9 @@ getent passwd systemd-network &>/dev/null || useradd -r -u 192 -l -g systemd-net %files standalone-sysusers -f .file-list-standalone-sysusers %changelog +* Sat Jan 2 2021 Zbigniew Jędrzejewski-Szmek - 246.9-2 +- Fix bfq patch again (#1813219) + * Wed Dec 16 2020 Zbigniew Jędrzejewski-Szmek - 246.9-1 - Minor stable release diff --git a/use-bfq-scheduler.patch b/use-bfq-scheduler.patch index be3905f..d0e6762 100644 --- a/use-bfq-scheduler.patch +++ b/use-bfq-scheduler.patch @@ -20,11 +20,12 @@ new file mode 100644 index 0000000000..480b941761 --- /dev/null +++ b/rules.d/60-block-scheduler.rules -@@ -0,0 +1,5 @@ +@@ -0,0 +1,6 @@ +# do not edit this file, it will be overwritten on update + +ACTION=="add", SUBSYSTEM=="block", \ + KERNEL=="mmcblk*[0-9]|msblk*[0-9]|mspblk*[0-9]|sd*[!0-9]|sr*", \ ++ ENV{DEVTYPE}=="disk", \ + ATTR{queue/scheduler}="bfq" diff --git a/rules.d/meson.build b/rules.d/meson.build index ca4445d774..38d6aa6970 100644 From 779685bf4b1cdb74f6f20a6153299178a565e506 Mon Sep 17 00:00:00 2001 From: "Owen W. Taylor" Date: Mon, 4 Jan 2021 15:50:45 -0500 Subject: [PATCH 18/27] Fix nss-resolve to properly fallback in a Flatpak sandbox For unknown reasons, sd-bus has trouble connecting to the filtered D-Bus system proxy exported by Flatpak and the connection to the bus is closed during authentication. Don't mistake this for a remote error - that was causing a hard failure rather than a fallback. --- systemd-246-nss-resolve-fallback.patch | 13 +++++++++++++ systemd.spec | 7 ++++++- 2 files changed, 19 insertions(+), 1 deletion(-) create mode 100644 systemd-246-nss-resolve-fallback.patch diff --git a/systemd-246-nss-resolve-fallback.patch b/systemd-246-nss-resolve-fallback.patch new file mode 100644 index 0000000..636696a --- /dev/null +++ b/systemd-246-nss-resolve-fallback.patch @@ -0,0 +1,13 @@ +diff -up systemd-stable-246.9/src/nss-resolve/nss-resolve.c.fallback systemd-stable-246.9/src/nss-resolve/nss-resolve.c +--- systemd-stable-246.9/src/nss-resolve/nss-resolve.c.fallback 2021-01-04 15:48:33.668757361 -0500 ++++ systemd-stable-246.9/src/nss-resolve/nss-resolve.c 2021-01-04 15:49:00.111891935 -0500 +@@ -23,7 +23,8 @@ NSS_GETHOSTBYNAME_PROTOTYPES(resolve); + NSS_GETHOSTBYADDR_PROTOTYPES(resolve); + + static bool bus_error_shall_fallback(sd_bus_error *e) { +- return sd_bus_error_has_name(e, SD_BUS_ERROR_SERVICE_UNKNOWN) || ++ return sd_bus_error_get_errno(e) == ENOTCONN || ++ sd_bus_error_has_name(e, SD_BUS_ERROR_SERVICE_UNKNOWN) || + sd_bus_error_has_name(e, SD_BUS_ERROR_NAME_HAS_NO_OWNER) || + sd_bus_error_has_name(e, SD_BUS_ERROR_NO_REPLY) || + sd_bus_error_has_name(e, SD_BUS_ERROR_ACCESS_DENIED) || diff --git a/systemd.spec b/systemd.spec index 62b5aab..61c3d08 100644 --- a/systemd.spec +++ b/systemd.spec @@ -21,7 +21,7 @@ Name: systemd Url: https://www.freedesktop.org/wiki/Software/systemd Version: 246.9 -Release: 2%{?dist} +Release: 3%{?dist} # For a breakdown of the licensing, see README License: LGPLv2+ and MIT and GPLv2+ Summary: System and Service Manager @@ -81,6 +81,8 @@ Patch0007: 0001-Do-not-assert-in-test_add_acls_for_user.patch Patch0009: https://github.com/systemd/systemd/pull/17050/commits/f58b96d3e8d1cb0dd3666bc74fa673918b586612.patch +Patch0010: systemd-246-nss-resolve-fallback.patch + %ifarch %{ix86} x86_64 aarch64 %global have_gnu_efi 1 %endif @@ -880,6 +882,9 @@ getent passwd systemd-network &>/dev/null || useradd -r -u 192 -l -g systemd-net %files standalone-sysusers -f .file-list-standalone-sysusers %changelog +* Mon Jan 4 2021 Owen Taylor - 246.9-3 +- Fix nss-resolve to properly fallback in a Flatpak sandbox + * Sat Jan 2 2021 Zbigniew Jędrzejewski-Szmek - 246.9-2 - Fix bfq patch again (#1813219) From 30c6162c54a3595b024abb38284fc5f6df91d17b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= Date: Tue, 2 Feb 2021 18:37:21 +0100 Subject: [PATCH 19/27] Version 246.10 --- ...consistency-checks-when-logind-is-no.patch | 171 ------------------ sources | 2 +- systemd-246-nss-resolve-fallback.patch | 13 -- systemd.spec | 11 +- 4 files changed, 7 insertions(+), 190 deletions(-) delete mode 100644 0001-test-login-skip-consistency-checks-when-logind-is-no.patch delete mode 100644 systemd-246-nss-resolve-fallback.patch diff --git a/0001-test-login-skip-consistency-checks-when-logind-is-no.patch b/0001-test-login-skip-consistency-checks-when-logind-is-no.patch deleted file mode 100644 index ef644b2..0000000 --- a/0001-test-login-skip-consistency-checks-when-logind-is-no.patch +++ /dev/null @@ -1,171 +0,0 @@ -From 91958038c2ca639a301521c992d3ae3aa7881c63 Mon Sep 17 00:00:00 2001 -From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= -Date: Wed, 16 Dec 2020 15:56:44 +0100 -Subject: [PATCH] test-login: skip consistency checks when logind is not active -MIME-Version: 1.0 -Content-Type: text/plain; charset=UTF-8 -Content-Transfer-Encoding: 8bit - -There are two ways in swich sd_login_* functions acquire data: -some are derived from the cgroup path, but others use the data serialized -by logind. - -When the tests are executed under Fedora's mock, without systemd-spawn -but instead in a traditional chroot, test-login gets confused: -the "outside" cgroup path is visible, so sd_pid_get_unit() and -sd_pid_get_session() work, but sd_session_is_active() and other functions -that need logind data fail. - -Such a buildroot setup is fairly bad, but it can be encountered in the wild, so -let's just skip the tests in that case. - -/* Information printed is from the live system */ -sd_pid_get_unit(0, …) → "session-237.scope" -sd_pid_get_user_unit(0, …) → "n/a" -sd_pid_get_slice(0, …) → "user-1000.slice" -sd_pid_get_session(0, …) → "237" -sd_pid_get_owner_uid(0, …) → 1000 -sd_pid_get_cgroup(0, …) → "/user.slice/user-1000.slice/session-237.scope" -sd_uid_get_display(1000, …) → "(null)" -sd_uid_get_sessions(1000, …) → [0] "" -sd_uid_get_seats(1000, …) → [0] "" -Assertion 'r >= 0' failed at src/libsystemd/sd-login/test-login.c:104, function test_login(). Aborting. ---- - src/libsystemd/sd-login/test-login.c | 100 ++++++++++++++------------- - 1 file changed, 53 insertions(+), 47 deletions(-) - -diff --git a/src/libsystemd/sd-login/test-login.c b/src/libsystemd/sd-login/test-login.c -index c0c77e0471..f007c9966b 100644 ---- a/src/libsystemd/sd-login/test-login.c -+++ b/src/libsystemd/sd-login/test-login.c -@@ -101,68 +101,74 @@ static void test_login(void) { - - if (session) { - r = sd_session_is_active(session); -- assert_se(r >= 0); -- log_info("sd_session_is_active(\"%s\") → %s", session, yes_no(r)); -+ if (r == -ENXIO) -+ log_notice("sd_session_is_active failed with ENXIO, it seems logind is not running."); -+ else { -+ /* All those tests will fail with ENXIO, so let's skip them. */ - -- r = sd_session_is_remote(session); -- assert_se(r >= 0); -- log_info("sd_session_is_remote(\"%s\") → %s", session, yes_no(r)); -+ assert_se(r >= 0); -+ log_info("sd_session_is_active(\"%s\") → %s", session, yes_no(r)); - -- r = sd_session_get_state(session, &state); -- assert_se(r >= 0); -- log_info("sd_session_get_state(\"%s\") → \"%s\"", session, state); -+ r = sd_session_is_remote(session); -+ assert_se(r >= 0); -+ log_info("sd_session_is_remote(\"%s\") → %s", session, yes_no(r)); - -- assert_se(sd_session_get_uid(session, &u) >= 0); -- log_info("sd_session_get_uid(\"%s\") → "UID_FMT, session, u); -- assert_se(u == u2); -+ r = sd_session_get_state(session, &state); -+ assert_se(r >= 0); -+ log_info("sd_session_get_state(\"%s\") → \"%s\"", session, state); - -- assert_se(sd_session_get_type(session, &type) >= 0); -- log_info("sd_session_get_type(\"%s\") → \"%s\"", session, type); -+ assert_se(sd_session_get_uid(session, &u) >= 0); -+ log_info("sd_session_get_uid(\"%s\") → "UID_FMT, session, u); -+ assert_se(u == u2); - -- assert_se(sd_session_get_class(session, &class) >= 0); -- log_info("sd_session_get_class(\"%s\") → \"%s\"", session, class); -+ assert_se(sd_session_get_type(session, &type) >= 0); -+ log_info("sd_session_get_type(\"%s\") → \"%s\"", session, type); - -- r = sd_session_get_display(session, &display); -- assert_se(r >= 0 || r == -ENODATA); -- log_info("sd_session_get_display(\"%s\") → \"%s\"", session, strna(display)); -+ assert_se(sd_session_get_class(session, &class) >= 0); -+ log_info("sd_session_get_class(\"%s\") → \"%s\"", session, class); - -- r = sd_session_get_remote_user(session, &remote_user); -- assert_se(r >= 0 || r == -ENODATA); -- log_info("sd_session_get_remote_user(\"%s\") → \"%s\"", -- session, strna(remote_user)); -+ r = sd_session_get_display(session, &display); -+ assert_se(r >= 0 || r == -ENODATA); -+ log_info("sd_session_get_display(\"%s\") → \"%s\"", session, strna(display)); - -- r = sd_session_get_remote_host(session, &remote_host); -- assert_se(r >= 0 || r == -ENODATA); -- log_info("sd_session_get_remote_host(\"%s\") → \"%s\"", -- session, strna(remote_host)); -+ r = sd_session_get_remote_user(session, &remote_user); -+ assert_se(r >= 0 || r == -ENODATA); -+ log_info("sd_session_get_remote_user(\"%s\") → \"%s\"", -+ session, strna(remote_user)); - -- r = sd_session_get_seat(session, &seat); -- if (r >= 0) { -- assert_se(seat); -+ r = sd_session_get_remote_host(session, &remote_host); -+ assert_se(r >= 0 || r == -ENODATA); -+ log_info("sd_session_get_remote_host(\"%s\") → \"%s\"", -+ session, strna(remote_host)); - -- log_info("sd_session_get_seat(\"%s\") → \"%s\"", session, seat); -+ r = sd_session_get_seat(session, &seat); -+ if (r >= 0) { -+ assert_se(seat); -+ -+ log_info("sd_session_get_seat(\"%s\") → \"%s\"", session, seat); - - #pragma GCC diagnostic push - #pragma GCC diagnostic ignored "-Wdeprecated-declarations" -- r = sd_seat_can_multi_session(seat); -+ r = sd_seat_can_multi_session(seat); - #pragma GCC diagnostic pop -- assert_se(r == 1); -- log_info("sd_session_can_multi_seat(\"%s\") → %s", seat, yes_no(r)); -+ assert_se(r == 1); -+ log_info("sd_session_can_multi_seat(\"%s\") → %s", seat, yes_no(r)); - -- r = sd_seat_can_tty(seat); -- assert_se(r >= 0); -- log_info("sd_session_can_tty(\"%s\") → %s", seat, yes_no(r)); -+ r = sd_seat_can_tty(seat); -+ assert_se(r >= 0); -+ log_info("sd_session_can_tty(\"%s\") → %s", seat, yes_no(r)); - -- r = sd_seat_can_graphical(seat); -- assert_se(r >= 0); -- log_info("sd_session_can_graphical(\"%s\") → %s", seat, yes_no(r)); -- } else { -- log_info_errno(r, "sd_session_get_seat(\"%s\"): %m", session); -- assert_se(r == -ENODATA); -+ r = sd_seat_can_graphical(seat); -+ assert_se(r >= 0); -+ log_info("sd_session_can_graphical(\"%s\") → %s", seat, yes_no(r)); -+ } else { -+ log_info_errno(r, "sd_session_get_seat(\"%s\"): %m", session); -+ assert_se(r == -ENODATA); -+ } -+ -+ assert_se(sd_uid_get_state(u, &state2) >= 0); -+ log_info("sd_uid_get_state("UID_FMT", …) → %s", u, state2); - } -- -- assert_se(sd_uid_get_state(u, &state2) >= 0); -- log_info("sd_uid_get_state("UID_FMT", …) → %s", u, state2); - } - - if (seat) { -@@ -203,8 +209,8 @@ static void test_login(void) { - assert_se(sd_get_seats(NULL) == r); - - r = sd_seat_get_active(NULL, &t, NULL); -- assert_se(IN_SET(r, 0, -ENODATA)); -- log_info("sd_seat_get_active(NULL, …) (active session on current seat) → %s", strnull(t)); -+ log_info_errno(r, "sd_seat_get_active(NULL, …) (active session on current seat) → %s: %m", strnull(t)); -+ assert_se(IN_SET(r, 0, -ENODATA, -ENXIO)); - free(t); - - r = sd_get_sessions(&sessions); diff --git a/sources b/sources index 780894d..6954ee4 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -SHA512 (systemd-246.9.tar.gz) = d4a9160e0fe219015de2bdfeb829ddf4fc3ae99e613f4b04f23860f1c803dc2f59ddf3ffa6e4df6a24127944cd1f335b4bc4f71074d1f7914052498ff25cd2a0 +SHA512 (systemd-246.10.tar.gz) = 8acaba4a4b66938ea2f740714c66628262f623d1e04a5750c4e3d111d0025cd6101507ae913e85fde769ac095249aceecd67aea8e64991f7b6addc6662d6a267 diff --git a/systemd-246-nss-resolve-fallback.patch b/systemd-246-nss-resolve-fallback.patch deleted file mode 100644 index 636696a..0000000 --- a/systemd-246-nss-resolve-fallback.patch +++ /dev/null @@ -1,13 +0,0 @@ -diff -up systemd-stable-246.9/src/nss-resolve/nss-resolve.c.fallback systemd-stable-246.9/src/nss-resolve/nss-resolve.c ---- systemd-stable-246.9/src/nss-resolve/nss-resolve.c.fallback 2021-01-04 15:48:33.668757361 -0500 -+++ systemd-stable-246.9/src/nss-resolve/nss-resolve.c 2021-01-04 15:49:00.111891935 -0500 -@@ -23,7 +23,8 @@ NSS_GETHOSTBYNAME_PROTOTYPES(resolve); - NSS_GETHOSTBYADDR_PROTOTYPES(resolve); - - static bool bus_error_shall_fallback(sd_bus_error *e) { -- return sd_bus_error_has_name(e, SD_BUS_ERROR_SERVICE_UNKNOWN) || -+ return sd_bus_error_get_errno(e) == ENOTCONN || -+ sd_bus_error_has_name(e, SD_BUS_ERROR_SERVICE_UNKNOWN) || - sd_bus_error_has_name(e, SD_BUS_ERROR_NAME_HAS_NO_OWNER) || - sd_bus_error_has_name(e, SD_BUS_ERROR_NO_REPLY) || - sd_bus_error_has_name(e, SD_BUS_ERROR_ACCESS_DENIED) || diff --git a/systemd.spec b/systemd.spec index 61c3d08..cadd299 100644 --- a/systemd.spec +++ b/systemd.spec @@ -20,8 +20,8 @@ Name: systemd Url: https://www.freedesktop.org/wiki/Software/systemd -Version: 246.9 -Release: 3%{?dist} +Version: 246.10 +Release: 1%{?dist} # For a breakdown of the licensing, see README License: LGPLv2+ and MIT and GPLv2+ Summary: System and Service Manager @@ -74,15 +74,12 @@ Patch0001: use-bfq-scheduler.patch Patch0002: 0001-Revert-test-path-increase-timeout.patch Patch0003: 0002-test-path-more-debugging-information.patch Patch0004: 0003-test-path-do-not-fail-the-test-if-we-fail-to-start-s.patch -Patch0005: 0001-test-login-skip-consistency-checks-when-logind-is-no.patch Patch0006: 0001-test-acl-util-output-more-debug-info.patch Patch0007: 0001-Do-not-assert-in-test_add_acls_for_user.patch Patch0009: https://github.com/systemd/systemd/pull/17050/commits/f58b96d3e8d1cb0dd3666bc74fa673918b586612.patch -Patch0010: systemd-246-nss-resolve-fallback.patch - %ifarch %{ix86} x86_64 aarch64 %global have_gnu_efi 1 %endif @@ -882,6 +879,10 @@ getent passwd systemd-network &>/dev/null || useradd -r -u 192 -l -g systemd-net %files standalone-sysusers -f .file-list-standalone-sysusers %changelog +* Tue Feb 2 2021 Zbigniew Jędrzejewski-Szmek - 246.10-1 +- Latest bugfix release (#1903106, #1895937). +- Fixes #1813219. + * Mon Jan 4 2021 Owen Taylor - 246.9-3 - Fix nss-resolve to properly fallback in a Flatpak sandbox From c546bbbc2d095c44854b82862d39b2c5c9b0a756 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= Date: Fri, 12 Mar 2021 18:42:39 +0100 Subject: [PATCH 20/27] Version 246.11 --- systemd.spec | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/systemd.spec b/systemd.spec index cadd299..6ca420a 100644 --- a/systemd.spec +++ b/systemd.spec @@ -20,7 +20,7 @@ Name: systemd Url: https://www.freedesktop.org/wiki/Software/systemd -Version: 246.10 +Version: 246.11 Release: 1%{?dist} # For a breakdown of the licensing, see README License: LGPLv2+ and MIT and GPLv2+ @@ -879,6 +879,9 @@ getent passwd systemd-network &>/dev/null || useradd -r -u 192 -l -g systemd-net %files standalone-sysusers -f .file-list-standalone-sysusers %changelog +* Fri Mar 12 2021 Zbigniew Jędrzejewski-Szmek - 246.11-1 +- Latest bugfix release (#1933137, #1935084). + * Tue Feb 2 2021 Zbigniew Jędrzejewski-Szmek - 246.10-1 - Latest bugfix release (#1903106, #1895937). - Fixes #1813219. From e6a21d20523067deb4f692cc4f8a956bccfa508c Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= Date: Fri, 12 Mar 2021 19:46:39 +0100 Subject: [PATCH 21/27] Upload sources --- sources | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/sources b/sources index 6954ee4..08c2d3f 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -SHA512 (systemd-246.10.tar.gz) = 8acaba4a4b66938ea2f740714c66628262f623d1e04a5750c4e3d111d0025cd6101507ae913e85fde769ac095249aceecd67aea8e64991f7b6addc6662d6a267 +SHA512 (systemd-246.11.tar.gz) = fbacbec1c85063f189dc462f108eebfc3e26928986f0c4fabf275138bd2e88e2b0052d33e58608f7806f6ce6d2d79e0b75491c6b0343cf5b5813a460a6e34395 From 90382542b5a488ee1430eeb1a137ddb37a563c97 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= Date: Tue, 23 Mar 2021 10:19:26 +0100 Subject: [PATCH 22/27] Version 246.12 --- sources | 2 +- systemd.spec | 6 +++++- 2 files changed, 6 insertions(+), 2 deletions(-) diff --git a/sources b/sources index 08c2d3f..2dcfabf 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -SHA512 (systemd-246.11.tar.gz) = fbacbec1c85063f189dc462f108eebfc3e26928986f0c4fabf275138bd2e88e2b0052d33e58608f7806f6ce6d2d79e0b75491c6b0343cf5b5813a460a6e34395 +SHA512 (systemd-246.12.tar.gz) = 01a6ead367007b35b12ee337b61957c8e753cf85206c1569b348bb6a9289077d41f14705f80f4ec6a217303f6bdfe09b7ccea3e8e4417ada3ba129c8f4040660 diff --git a/systemd.spec b/systemd.spec index 6ca420a..a4b29db 100644 --- a/systemd.spec +++ b/systemd.spec @@ -20,7 +20,7 @@ Name: systemd Url: https://www.freedesktop.org/wiki/Software/systemd -Version: 246.11 +Version: 246.12 Release: 1%{?dist} # For a breakdown of the licensing, see README License: LGPLv2+ and MIT and GPLv2+ @@ -879,6 +879,10 @@ getent passwd systemd-network &>/dev/null || useradd -r -u 192 -l -g systemd-net %files standalone-sysusers -f .file-list-standalone-sysusers %changelog +* Tue Mar 23 2021 Zbigniew Jędrzejewski-Szmek - 246.12-1 +- Latest bugfix release (#1941335, some documentation and + minor memory-access-correctness fixes). + * Fri Mar 12 2021 Zbigniew Jędrzejewski-Szmek - 246.11-1 - Latest bugfix release (#1933137, #1935084). From 6aa7553053d5d36a1ec61b6b98589d475fb1fd33 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= Date: Wed, 24 Mar 2021 08:51:01 +0100 Subject: [PATCH 23/27] Add forgotten entry in changelog --- systemd.spec | 1 + 1 file changed, 1 insertion(+) diff --git a/systemd.spec b/systemd.spec index a4b29db..7f32c22 100644 --- a/systemd.spec +++ b/systemd.spec @@ -882,6 +882,7 @@ getent passwd systemd-network &>/dev/null || useradd -r -u 192 -l -g systemd-net * Tue Mar 23 2021 Zbigniew Jędrzejewski-Szmek - 246.12-1 - Latest bugfix release (#1941335, some documentation and minor memory-access-correctness fixes). +- Fix hang when processing timers during DST switch in Europe/Dublin timezone (#1941335) * Fri Mar 12 2021 Zbigniew Jędrzejewski-Szmek - 246.11-1 - Latest bugfix release (#1933137, #1935084). From 2299ee202aea9f525bbe2c2f760294921418ec6c Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= Date: Wed, 24 Mar 2021 12:04:37 +0100 Subject: [PATCH 24/27] Version 246.13 --- sources | 2 +- systemd.spec | 6 +++++- 2 files changed, 6 insertions(+), 2 deletions(-) diff --git a/sources b/sources index 2dcfabf..6144ab3 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -SHA512 (systemd-246.12.tar.gz) = 01a6ead367007b35b12ee337b61957c8e753cf85206c1569b348bb6a9289077d41f14705f80f4ec6a217303f6bdfe09b7ccea3e8e4417ada3ba129c8f4040660 +SHA512 (systemd-246.13.tar.gz) = b8bf10d6201b3505f20f9b113d7dccae457163317349f2fe8c062bf44c5ebcb6c93f0f87110a4cbefa74ee7ea2b1b0476c362acba4739027397957ca1ccfb528 diff --git a/systemd.spec b/systemd.spec index 7f32c22..ce3467b 100644 --- a/systemd.spec +++ b/systemd.spec @@ -20,7 +20,7 @@ Name: systemd Url: https://www.freedesktop.org/wiki/Software/systemd -Version: 246.12 +Version: 246.13 Release: 1%{?dist} # For a breakdown of the licensing, see README License: LGPLv2+ and MIT and GPLv2+ @@ -879,6 +879,10 @@ getent passwd systemd-network &>/dev/null || useradd -r -u 192 -l -g systemd-net %files standalone-sysusers -f .file-list-standalone-sysusers %changelog +* Wed Mar 24 2021 Zbigniew Jędrzejewski-Szmek - 246.13-1 +- Revert patch that seems to cause problems with dns resolution +- A few minor fixes + * Tue Mar 23 2021 Zbigniew Jędrzejewski-Szmek - 246.12-1 - Latest bugfix release (#1941335, some documentation and minor memory-access-correctness fixes). From f5c76bb6641fc67a78c2ee5641d4f24676b67b30 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= Date: Fri, 26 Mar 2021 16:31:37 +0100 Subject: [PATCH 25/27] Make sure not to lose systemd-networkd enablement when upgrading from F32 --- systemd.spec | 19 ++++++++++++++++++- 1 file changed, 18 insertions(+), 1 deletion(-) diff --git a/systemd.spec b/systemd.spec index ce3467b..03e7b52 100644 --- a/systemd.spec +++ b/systemd.spec @@ -827,7 +827,20 @@ getent group systemd-network &>/dev/null || groupadd -r -g 192 systemd-network 2 getent passwd systemd-network &>/dev/null || useradd -r -u 192 -l -g systemd-network -d / -s /sbin/nologin -c "systemd Network Management" systemd-network &>/dev/null || : %post networkd -%systemd_post systemd-networkd.service systemd-networkd-wait-online.service +# systemd-networkd was split out in systemd-246.6-2. +# Ideally, we would have a trigger scriptlet to record enablement +# state when upgrading from systemd <= systemd-246.6-1. But, AFAICS, +# rpm doesn't allow us to trigger on another package, short of +# querying the rpm database ourselves, which seems risky. For rpm, +# systemd and systemd-networkd are completely unrelated. So let's use +# a hack to detect if an old systemd version is currently present in +# the file system. +# https://bugzilla.redhat.com/show_bug.cgi?id=1943263 +if [ $1 -eq 1 ] && ls /usr/lib/systemd/libsystemd-shared-24[0-6].so &>/dev/null; then + echo "Skipping presets for systemd-networkd.service, seems we are upgrading from old systemd." +else + %systemd_post systemd-networkd.service systemd-networkd-wait-online.service +fi %preun networkd %systemd_preun systemd-networkd.service systemd-networkd-wait-online.service @@ -879,6 +892,10 @@ getent passwd systemd-network &>/dev/null || useradd -r -u 192 -l -g systemd-net %files standalone-sysusers -f .file-list-standalone-sysusers %changelog +* Sat May 15 2021 Zbigniew Jędrzejewski-Szmek - 246.13-1 +- Do not preset systemd-networkd.service and systemd-networkd-wait-online.service + on upgrades from before systemd-networkd was split out (#1943263) + * Wed Mar 24 2021 Zbigniew Jędrzejewski-Szmek - 246.13-1 - Revert patch that seems to cause problems with dns resolution - A few minor fixes From 823c295af0586968bd3c8ea874abba8fd7e21a3c Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= Date: Sat, 15 May 2021 22:28:21 +0200 Subject: [PATCH 26/27] Version 246.14 --- sources | 2 +- systemd.spec | 9 +++++++-- 2 files changed, 8 insertions(+), 3 deletions(-) diff --git a/sources b/sources index 6144ab3..32efee1 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -SHA512 (systemd-246.13.tar.gz) = b8bf10d6201b3505f20f9b113d7dccae457163317349f2fe8c062bf44c5ebcb6c93f0f87110a4cbefa74ee7ea2b1b0476c362acba4739027397957ca1ccfb528 +SHA512 (systemd-246.14.tar.gz) = 201431e46561f8df1f995a3e518edc631d5d80d8c60fe8b00e089afe17e9633d18e5e598fee9693d447c1bb0ec7b167c15936cde5e63ae1d9f808d6dac72aadc diff --git a/systemd.spec b/systemd.spec index 03e7b52..b41d1a4 100644 --- a/systemd.spec +++ b/systemd.spec @@ -20,7 +20,7 @@ Name: systemd Url: https://www.freedesktop.org/wiki/Software/systemd -Version: 246.13 +Version: 246.14 Release: 1%{?dist} # For a breakdown of the licensing, see README License: LGPLv2+ and MIT and GPLv2+ @@ -892,9 +892,14 @@ fi %files standalone-sysusers -f .file-list-standalone-sysusers %changelog -* Sat May 15 2021 Zbigniew Jędrzejewski-Szmek - 246.13-1 +* Sat May 15 2021 Zbigniew Jędrzejewski-Szmek - 246.14-1 - Do not preset systemd-networkd.service and systemd-networkd-wait-online.service on upgrades from before systemd-networkd was split out (#1943263) +- A bunch of patches for systemd-resolved (#1944171, #1949670) +- Fix for systemd-tmpfiles (#1944468) +- Various fixes for systemd, systemd-run, systemd-networkd, bootctl, + the shutdown sequence, documentation, logging, libsystemd, and shell + completions. * Wed Mar 24 2021 Zbigniew Jędrzejewski-Szmek - 246.13-1 - Revert patch that seems to cause problems with dns resolution From 1bcc94fae9d6dae12771f80c33b7fc508fcf1c27 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= Date: Tue, 20 Jul 2021 18:41:32 +0200 Subject: [PATCH 27/27] Version 246.15 --- sources | 2 +- systemd.spec | 17 ++++++++++++++++- 2 files changed, 17 insertions(+), 2 deletions(-) diff --git a/sources b/sources index 32efee1..d472119 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -SHA512 (systemd-246.14.tar.gz) = 201431e46561f8df1f995a3e518edc631d5d80d8c60fe8b00e089afe17e9633d18e5e598fee9693d447c1bb0ec7b167c15936cde5e63ae1d9f808d6dac72aadc +SHA512 (systemd-246.15.tar.gz) = 71c8afb9de149b9f4b2f63c7a84e2ce2d897e90570692eaa75d8c99c345ad6cfc9717f93844ff1f582f65b7bdbb1166de1d4574cf6f4329edda8920a6c6bf536 diff --git a/systemd.spec b/systemd.spec index b41d1a4..0ffb624 100644 --- a/systemd.spec +++ b/systemd.spec @@ -20,7 +20,7 @@ Name: systemd Url: https://www.freedesktop.org/wiki/Software/systemd -Version: 246.14 +Version: 246.15 Release: 1%{?dist} # For a breakdown of the licensing, see README License: LGPLv2+ and MIT and GPLv2+ @@ -892,6 +892,21 @@ fi %files standalone-sysusers -f .file-list-standalone-sysusers %changelog +* Tue Jul 20 2021 Zbigniew Jędrzejewski-Szmek - 246.15-1 +- Various correctness and potential crash fixes (systemd-journald, + udev, systemctl, systemd, systemd-tmpfiles, systemd-resolved) +- Better handling of very long sysfs paths +- Compilation fixes for updated glibc and kernel headers +- Addition of new syscalls to seccomp filters +- Latvian and Spanish/Dvorak keyboard mappings +- Shell completion fixes +- Ignore FORCERENEW DHCP messages in systemd-networkd (TALOS-2020-1142, + CVE-2020-13529, #1959398) +- by-uuid symlinks for ubifs volumes are now created +- CVE-2021-33910, #1984020: an unchecked stack allocation could be used to + crash systemd and cause the system to reboot by creating a very long + fuse mountpoint path. + * Sat May 15 2021 Zbigniew Jędrzejewski-Szmek - 246.14-1 - Do not preset systemd-networkd.service and systemd-networkd-wait-online.service on upgrades from before systemd-networkd was split out (#1943263)