summary |
shortlog | log |
commit |
commitdiff |
tree
first ⋅ prev ⋅ next
Zbigniew Jędrzejewski-Szmek [Tue, 23 Nov 2021 14:55:45 +0000 (15:55 +0100)]
shared/rm_rf: refactor rm_rf_children_inner() to shorten code a bit
(cherry picked from commit
3bac86abfa1b1720180840ffb9d06b3d54841c11)
(cherry picked from commit
47741ff9eae6311a03e4d3d837128191826a4a3a)
(cherry picked from commit
89395b63f04f1acc0db533c32637ea20379f97c0)
(cherry picked from commit
3976f244990aa1210ebe018647f32ab060e1c3d3)
(cherry picked from commit
988e43630bb7592947c75fe530a6f7dfebc00c4f)
Gbp-Pq: Name shared-rm_rf-refactor-rm_rf_children_inner-to-shorten-cod.patch
Zbigniew Jędrzejewski-Szmek [Tue, 23 Nov 2021 14:05:58 +0000 (15:05 +0100)]
tmpfiles: 'st' may have been used uninitialized
(cherry picked from commit
160dadc0350c77d612aa9d5569f57d9bc84c3dca)
(cherry picked from commit
7563de501246dccf5a9ea229933481aa1e7bd5c9)
(cherry picked from commit
f54b97b1d05052bfee824ecc03ae9f07f6c37be8)
(cherry picked from commit
ab927db9a7698ee1eceae14ecef7ab43ee3f104e)
Gbp-Pq: Name tmpfiles-st-may-have-been-used-uninitialized.patch
Lennart Poettering [Tue, 5 Oct 2021 08:32:56 +0000 (10:32 +0200)]
rm-rf: optionally fsync() after removing directory tree
(cherry picked from commit
bdfe7ada0d4d66e6d6e65f2822acbb1ec230f9c2)
(cherry picked from commit
2426beacca09d84091759be45b25c88116302184)
(cherry picked from commit
0e180f8e9c25c707b0465ad1b9447a4360f785f1)
(cherry picked from commit
9a9c2220cd3cb61c2de9c482f8ed7fa60807b14a)
Gbp-Pq: Name rm-rf-optionally-fsync-after-removing-directory-tree.patch
Lennart Poettering [Tue, 26 Jan 2021 15:30:06 +0000 (16:30 +0100)]
rm-rf: refactor rm_rf_children(), split out body of directory iteration loop
This splits out rm_rf_children_inner() as body of the loop. We can use
that to implement rm_rf_child() for deleting one specific entry in a
directory.
(cherry picked from commit
1f0fb7d544711248cba34615e43c5a76bc902d74)
(cherry picked from commit
ca4a0e7d41f0b2a1fe2f99dbc3763187c16cf7ab)
(cherry picked from commit
85ccac3393e78d4bf2776ffb8c3a1d8a2a909a2a)
(cherry picked from commit
a87d7ff1a60fe359978e12eb34224255a8f33e27)
Gbp-Pq: Name rm-rf-refactor-rm_rf_children-split-out-body-of-directory.patch
Lennart Poettering [Tue, 26 Jan 2021 15:47:07 +0000 (16:47 +0100)]
rm-rf: fstatat() might fail if containing dir has limited access mode, patch that too
(cherry picked from commit
1b55621dabf741dd963f59ac706ea62cd6e3e95c)
(cherry picked from commit
ce53b81a600e2162ee86e2f4d202e7f28eceb2c6)
Gbp-Pq: Name rm-rf-fstatat-might-fail-if-containing-dir-has-limited-ac.patch
Lennart Poettering [Fri, 26 Feb 2021 16:39:55 +0000 (17:39 +0100)]
btrfs-util: add helper that abstracts "might be btrfs subvol?" check
Let#s not hardcode inode nr 256 everywhere, but abstract this check
slightly.
(cherry picked from commit
674b04ff1b6deab17f5d36c036c0275ba94e1ebc)
(cherry picked from commit
190c6bcfc3518bec964ab740085ac88ccc86dcc7)
Gbp-Pq: Name btrfs-util-add-helper-that-abstracts-might-be-btrfs-subvo.patch
Yu Watanabe [Sat, 20 Feb 2021 07:30:23 +0000 (16:30 +0900)]
udevadm-trigger: do not return immediately on EACCES
Prompted by https://github.com/systemd/systemd/pull/18559.
(cherry picked from commit
0e789e6d48046d43c50dd949a71ac56f1127bb96)
Gbp-Pq: Name udevadm-trigger-do-not-return-immediately-on-EACCES.patch
Zbigniew Jędrzejewski-Szmek [Wed, 23 Jun 2021 09:52:56 +0000 (11:52 +0200)]
basic/unit-name: adjust comments
We already checked for "too long" right above…
(cherry picked from commit
4e2544c30bfb95e7cb4d1551ba066b1a56520ad6)
Gbp-Pq: Name basic-unit-name-adjust-comments.patch
Zbigniew Jędrzejewski-Szmek [Wed, 23 Jun 2021 09:46:41 +0000 (11:46 +0200)]
basic/unit-name: do not use strdupa() on a path
The path may have unbounded length, for example through a fuse mount.
CVE-2021-33910: attacked controlled alloca() leads to crash in systemd and
ultimately a kernel panic. Systemd parses the content of /proc/self/mountinfo
and each mountpoint is passed to mount_setup_unit(), which calls
unit_name_path_escape() underneath. A local attacker who is able to mount a
filesystem with a very long path can crash systemd and the whole system.
https://bugzilla.redhat.com/show_bug.cgi?id=
1970887
The resulting string length is bounded by UNIT_NAME_MAX, which is 256. But we
can't easily check the length after simplification before doing the
simplification, which in turns uses a copy of the string we can write to.
So we can't reject paths that are too long before doing the duplication.
Hence the most obvious solution is to switch back to strdup(), as before
7410616cd9dbbec97cf98d75324da5cda2b2f7a2.
(cherry picked from commit
441e0115646d54f080e5c3bb0ba477c892861ab9)
(cherry picked from commit
764b74113e36ac5219a4b82a05f311b5a92136ce)
(cherry picked from commit
4a1c5f34bd3e1daed4490e9d97918e504d19733b)
(cherry picked from commit
b00674347337b7531c92fdb65590ab253bb57538)
Gbp-Pq: Name basic-unit-name-do-not-use-strdupa-on-a-path.patch
Lennart Poettering [Tue, 1 Jun 2021 17:43:55 +0000 (19:43 +0200)]
unit-name: generate a clear error code when converting an overly long fs path to a unit name
(cherry picked from commit
9d5acfab20c5f1177d877d0bec18063c0a6c5929)
(cherry picked from commit
1579dce2c2a162bb09afb9a8a46fd4f7e8fbf1d5)
(cherry picked from commit
0488b743e9c6ab1e885933eebda4ba9232003a2a)
Gbp-Pq: Name unit-name-generate-a-clear-error-code-when-convertin.patch
Kevin P. Fleming [Sat, 6 Feb 2021 15:58:43 +0000 (10:58 -0500)]
network: Delay addition of IPv6 Proxy NDP addresses
Setting of IPv6 Proxy NDP addresses must be done at the same
time as static addresses, static routes, and other link attributes
that must be configured when the link is up. Doing this ensures
that they are reconfigured on the link if the link goes down
and returns to service.
(cherry picked from commit
12f7469bbe0142d7f360a29ca2b407ce7f5ff096)
Fixes https://github.com/systemd/systemd-stable/issues/89
(cherry picked from commit
d5ea028e46673ef627843e90c3d01ebac8fe0e62)
Gbp-Pq: Name network-Delay-addition-of-IPv6-Proxy-NDP-addresses.patch
Luca Boccassi [Thu, 1 Apr 2021 21:18:29 +0000 (22:18 +0100)]
LoadCredentials: do not assert on invalid syntax
LoadCredentials=foo causes an assertion to be triggered, as we
are not checking that the rvalue's right hand side part is non-empty
before using it in unit_full_printf.
Fixes #19178
# printf [Service]nLoadCredential=passwd.hashed-password.rootn > hello.service
# systemd-analyze verify ./hello.service
...
Assertion 'format' failed at src/core/unit-printf.c:232, function unit_full_printf(). Aborting.
Aborted (core dumped)
(cherry picked from commit
f7a6f1226e800f7695c2073675523062ea697aa4)
Gbp-Pq: Name LoadCredentials-do-not-assert-on-invalid-syntax.patch
Jan Tojnar [Sat, 2 Jan 2021 01:46:33 +0000 (02:46 +0100)]
pkg-config: make prefix overridable again
While we don't support prefix being != /usr, and this is hardcoded
all over the place, variables in pkg-config file are expected
to have overridable base directory.
This is important for at least the following two use cases:
- Installing projects to non-FHS package-specific prefixes for Nix-style
package managers. Of course, it is then their responsibility
to ensure systemd can find the service files.
- Installing to local path for development purposes.
This is a compromise between running a program from a build directory,
and running it fully installed to system prefix.
You will not want to write to system prefix in either case.
For more information, see also
https://www.bassi.io/articles/2018/03/15/pkg-config-and-paths/
Fixes https://github.com/systemd/systemd/issues/18082
Partially reverts
6e65df89c348242dbd10036abc7dd5e8181cf733
(cherry picked from commit
60bce7c6d9606185114df1bdcd5ea100407688b8)
Gbp-Pq: Name pkg-config-make-prefix-overridable-again.patch
Yu Watanabe [Mon, 1 Feb 2021 16:47:58 +0000 (01:47 +0900)]
table: drop trailing white spaces of the last cell in row
Fixes #18415.
(cherry picked from commit
71894e18313e41a72cecdc77fea5037f95d6903f)
Gbp-Pq: Name table-drop-trailing-white-spaces-of-the-last-cell-in-row.patch
Vincent Pelletier [Sat, 27 Feb 2021 00:17:06 +0000 (00:17 +0000)]
rules: Move ID_SMARTCARD_READER definition to a <70 configuration.
70-uaccess.rules sets the uaccess tag on devices with ID_SMARTCARD_READER
set, but it is set in 99-systemd.rules .
Move this to a 60-*.rules which already matches USB CCID class, factorising
the matching, so 70-uaccess.rules sets up these devices as expected.
(cherry picked from commit
dbdcd51f78bde5e9033d98d61bbb750c868bde9d)
Gbp-Pq: Name rules-Move-ID_SMARTCARD_READER-definition-to-a-70-configu.patch
Lennart Poettering [Wed, 10 Feb 2021 09:50:23 +0000 (10:50 +0100)]
analyze: slightly reword PrivateTmp= message
Apparently there way confusion about "does not apply". Let's say "is not
appropriate".
Fixes: #13095
(cherry picked from commit
77552b9520ba0d47cbf33cdbe1ddedb9ce9b5bf3)
Gbp-Pq: Name analyze-slightly-reword-PrivateTmp-message.patch
Zbigniew Jędrzejewski-Szmek [Wed, 3 Mar 2021 23:36:24 +0000 (00:36 +0100)]
core: fix mtime calculation of dropin files
Nominally, the bug was in unit_load_dropin(), which just took the last mtime
instead of calculating the maximum. But instead of adding code to wrap the
loop, this patch goes in the other direction.
All (correct) callers of config_parse() followed a very similar pattern to
calculate the maximum mtime. So let's simplify things by making config_parse()
assume that mtime is initialized and update it to the maximum. This makes all
the callers that care about mtime simpler and also fixes the issue in
unit_load_dropin().
config_parse_many_nulstr() and config_parse_many() are different, because it
makes sense to call them just once, and current ret_mtime behaviour make sense.
Fixes #17730, https://bugzilla.redhat.com/show_bug.cgi?id=
1933137.
(cherry picked from commit
da46a1bc3cd28ac36114002c216196dae004b05c)
Gbp-Pq: Name core-fix-mtime-calculation-of-dropin-files.patch
Matthias Klumpp [Fri, 8 Jan 2021 22:59:38 +0000 (23:59 +0100)]
localed: Run locale-gen if available to generate missing locale
This change improves integration with distributions using locale-gen to
generate missing locale on-demand, like Debian-based distributions
(Debian/Ubuntu/PureOS/Tanglu/...) and Arch Linux.
We only ever enable new locales for generation, and never disable them.
Furthermore, we only generate UTF-8 locale.
This feature is only used if explicitly enabled at compile-time, and
will also be inert at runtime if the locale-gen binary is missing.
(cherry picked from commit
8f20232fcb52dbe6255f3df6101fc057af90bcfa)
Gbp-Pq: Name localed-Run-locale-gen-if-available-to-generate-missing-l.patch
Matthias Klumpp [Sat, 10 Oct 2020 02:40:23 +0000 (04:40 +0200)]
Add helper for case-independent string equality checks
(cherry picked from commit
bd47b0dac4a1ff6e686c99b9958693e86d44007b)
Gbp-Pq: Name Add-helper-for-case-independent-string-equality-checks.patch
Carlos Henrique Lima Melara [Thu, 26 Jun 2025 00:44:53 +0000 (21:44 -0300)]
systemd (247.3-7+deb11u7) bullseye-security; urgency=medium
* Non-maintainer upload by the LTS Team.
* debian/patches/:
- CVE-2025-4598-{0,1,2,3,4}.patch: import and backport patches
from upstream to fix CVE-2025-4598.
- fix-stack-overflow-in-coredump-filter-{0,1,2}.patch: import and
backport patches from upstream to fix CoredumpFilter=all overflow.
* debian/salsa-ci.yml: add (E)LTS pipeline for bullseye.
[dgit import unpatched systemd 247.3-7+deb11u7]
Carlos Henrique Lima Melara [Thu, 26 Jun 2025 00:44:53 +0000 (21:44 -0300)]
Import systemd_247.3-7+deb11u7.debian.tar.xz
[dgit import tarball systemd 247.3-7+deb11u7 systemd_247.3-7+deb11u7.debian.tar.xz]
Michael Biebl [Wed, 3 Feb 2021 16:11:39 +0000 (17:11 +0100)]
Import systemd_247.3.orig.tar.gz
[dgit import orig systemd_247.3.orig.tar.gz]
projects / systemd.git / log