[systemd/f15] Bugfixes from v29 development
Michal Schmidt
michich at fedoraproject.org
Wed Jun 15 21:08:35 UTC 2011
commit 09be98a9f6fe29c9ebddd9d67c3a8714b7d5abf1
Author: Michal Schmidt <mschmidt at redhat.com>
Date: Wed Jun 15 22:47:49 2011 +0200
Bugfixes from v29 development
systemctl: fix 'is-enabled' for native units under /lib (BZ#699027)
dbus: fix name of capability property
pam-module: add debug= parameter (BZ#705427)
0001-dbus-fix-name-of-capability-property.patch | 39 ++++++
0001-pam-module-add-debug-parameter.patch | 135 ++++++++++++++++++++
...fix-is-enabled-for-native-units-under-lib.patch | 50 +++++++
systemd.spec | 14 ++-
4 files changed, 237 insertions(+), 1 deletions(-)
---
diff --git a/0001-dbus-fix-name-of-capability-property.patch b/0001-dbus-fix-name-of-capability-property.patch
new file mode 100644
index 0000000..5fc3994
--- /dev/null
+++ b/0001-dbus-fix-name-of-capability-property.patch
@@ -0,0 +1,39 @@
+From 7c3d67eff3e165b50084bf9c3269ec582d90c403 Mon Sep 17 00:00:00 2001
+From: Lennart Poettering <lennart at poettering.net>
+Date: Wed, 15 Jun 2011 10:16:49 +0200
+Subject: [PATCH] dbus: fix name of capability property
+
+---
+ src/dbus-execute.c | 2 +-
+ src/dbus-execute.h | 2 +-
+ 2 files changed, 2 insertions(+), 2 deletions(-)
+
+diff --git a/src/dbus-execute.c b/src/dbus-execute.c
+index 3f8fafe..6ceffc5 100644
+--- a/src/dbus-execute.c
++++ b/src/dbus-execute.c
+@@ -235,7 +235,7 @@ int bus_execute_append_capability_bs(DBusMessageIter *i, const char *property, v
+ assert(property);
+ assert(c);
+
+- /* We store this negated internally, to match the kernel, bu
++ /* We store this negated internally, to match the kernel, but
+ * we expose it normalized. */
+
+ normal = *(uint64_t*) data;
+diff --git a/src/dbus-execute.h b/src/dbus-execute.h
+index 42df5aa..56c5bcd 100644
+--- a/src/dbus-execute.h
++++ b/src/dbus-execute.h
+@@ -77,7 +77,7 @@
+ " <property name=\"SyslogLevelPrefix\" type=\"b\" access=\"read\"/>\n" \
+ " <property name=\"Capabilities\" type=\"s\" access=\"read\"/>\n" \
+ " <property name=\"SecureBits\" type=\"i\" access=\"read\"/>\n" \
+- " <property name=\"CapabilityBoundingSetDrop\" type=\"t\" access=\"read\"/>\n" \
++ " <property name=\"CapabilityBoundingSet\" type=\"t\" access=\"read\"/>\n" \
+ " <property name=\"User\" type=\"s\" access=\"read\"/>\n" \
+ " <property name=\"Group\" type=\"s\" access=\"read\"/>\n" \
+ " <property name=\"SupplementaryGroups\" type=\"as\" access=\"read\"/>\n" \
+--
+1.7.4.4
+
diff --git a/0001-pam-module-add-debug-parameter.patch b/0001-pam-module-add-debug-parameter.patch
new file mode 100644
index 0000000..d1d75ae
--- /dev/null
+++ b/0001-pam-module-add-debug-parameter.patch
@@ -0,0 +1,135 @@
+From 0e318cad06d483624076777c105bdcdd6aca3596 Mon Sep 17 00:00:00 2001
+From: Michal Schmidt <mschmidt at redhat.com>
+Date: Fri, 27 May 2011 01:29:34 +0200
+Subject: [PATCH] pam-module: add debug= parameter
+
+It is customary that pam modules do not log debugging information by default.
+Usually they offer a 'debug' option.
+
+Add a boolean debug= option to pam_systemd.so.
+
+This will solve bug
+https://bugzilla.redhat.com/show_bug.cgi?id=705427
+
+Commit 53d5582fa006b0eb528f5dc3f4ba978abd8ac5a3 was not sufficient to fix it,
+because in Fedora rsyslog is configured to write even LOG_DEBUG messages to
+/var/log/secure by default.
+---
+ man/pam_systemd.xml | 8 ++++++++
+ src/pam-module.c | 27 +++++++++++++++++++++------
+ 2 files changed, 29 insertions(+), 6 deletions(-)
+
+diff --git a/man/pam_systemd.xml b/man/pam_systemd.xml
+index 11852eb..208c7da 100644
+--- a/man/pam_systemd.xml
++++ b/man/pam_systemd.xml
+@@ -273,6 +273,14 @@
+ be reset for the processes of the
+ logged in user.</para></listitem>
+ </varlistentry>
++
++ <varlistentry>
++ <term><option>debug=</option></term>
++
++ <listitem><para>Takes a boolean
++ argument. If true, logs debugging
++ information.</para></listitem>
++ </varlistentry>
+ </variablelist>
+
+ <para>Note that setting <varname>kill-user=1</varname>
+diff --git a/src/pam-module.c b/src/pam-module.c
+index 03864fe..bdf6133 100644
+--- a/src/pam-module.c
++++ b/src/pam-module.c
+@@ -46,7 +46,8 @@ static int parse_argv(pam_handle_t *handle,
+ char ***controllers,
+ char ***reset_controllers,
+ char ***kill_only_users,
+- char ***kill_exclude_users) {
++ char ***kill_exclude_users,
++ bool *debug) {
+
+ unsigned i;
+ bool reset_controller_set = false;
+@@ -145,6 +146,15 @@ static int parse_argv(pam_handle_t *handle,
+
+ kill_exclude_users_set = true;
+
++ } else if (startswith(argv[i], "debug=")) {
++ if ((k = parse_boolean(argv[i] + 6)) < 0) {
++ pam_syslog(handle, LOG_ERR, "Failed to parse debug= argument.");
++ return k;
++ }
++
++ if (debug)
++ *debug = k;
++
+ } else {
+ pam_syslog(handle, LOG_ERR, "Unknown parameter '%s'.", argv[i]);
+ return -EINVAL;
+@@ -406,6 +416,7 @@ _public_ PAM_EXTERN int pam_sm_open_session(
+ char *buf = NULL;
+ int lock_fd = -1;
+ bool create_session = true;
++ bool debug = false;
+ char **controllers = NULL, **reset_controllers = NULL, **c;
+ char *cgroup_user_tree = NULL;
+
+@@ -421,7 +432,7 @@ _public_ PAM_EXTERN int pam_sm_open_session(
+ argc, argv,
+ &create_session, NULL, NULL,
+ &controllers, &reset_controllers,
+- NULL, NULL) < 0)
++ NULL, NULL, &debug) < 0)
+ return PAM_SESSION_ERR;
+
+ if ((r = get_user_data(handle, &username, &pw)) != PAM_SUCCESS)
+@@ -505,7 +516,8 @@ _public_ PAM_EXTERN int pam_sm_open_session(
+ goto finish;
+ }
+
+- pam_syslog(handle, LOG_DEBUG, "Moving new user session for %s into control group %s.", username, buf);
++ if (debug)
++ pam_syslog(handle, LOG_DEBUG, "Moving new user session for %s into control group %s.", username, buf);
+
+ if ((r = create_user_group(handle, SYSTEMD_CGROUP_CONTROLLER, buf, pw, true, true)) != PAM_SUCCESS)
+ goto finish;
+@@ -616,6 +628,7 @@ _public_ PAM_EXTERN int pam_sm_close_session(
+ const char *username = NULL;
+ bool kill_session = false;
+ bool kill_user = false;
++ bool debug = false;
+ int lock_fd = -1, r;
+ char *session_path = NULL, *nosession_path = NULL, *user_path = NULL;
+ const char *id;
+@@ -634,7 +647,7 @@ _public_ PAM_EXTERN int pam_sm_close_session(
+ argc, argv,
+ NULL, &kill_session, &kill_user,
+ &controllers, NULL,
+- &kill_only_users, &kill_exclude_users) < 0)
++ &kill_only_users, &kill_exclude_users, &debug) < 0)
+ return PAM_SESSION_ERR;
+
+ if ((r = get_user_data(handle, &username, &pw)) != PAM_SUCCESS)
+@@ -676,13 +689,15 @@ _public_ PAM_EXTERN int pam_sm_close_session(
+ }
+
+ if (kill_session && check_user_lists(handle, pw->pw_uid, kill_only_users, kill_exclude_users)) {
+- pam_syslog(handle, LOG_DEBUG, "Killing remaining processes of user session %s of %s.", id, username);
++ if (debug)
++ pam_syslog(handle, LOG_DEBUG, "Killing remaining processes of user session %s of %s.", id, username);
+
+ /* Kill processes in session cgroup, and delete it */
+ if ((r = cg_kill_recursive_and_wait(SYSTEMD_CGROUP_CONTROLLER, session_path, true)) < 0)
+ pam_syslog(handle, LOG_ERR, "Failed to kill session cgroup: %s", strerror(-r));
+ } else {
+- pam_syslog(handle, LOG_DEBUG, "Moving remaining processes of user session %s of %s into control group %s.", id, username, nosession_path);
++ if (debug)
++ pam_syslog(handle, LOG_DEBUG, "Moving remaining processes of user session %s of %s into control group %s.", id, username, nosession_path);
+
+ /* Migrate processes from session to user
+ * cgroup. First, try to create the user group
+--
+1.7.4.4
+
diff --git a/0001-systemctl-fix-is-enabled-for-native-units-under-lib.patch b/0001-systemctl-fix-is-enabled-for-native-units-under-lib.patch
new file mode 100644
index 0000000..7e6653a
--- /dev/null
+++ b/0001-systemctl-fix-is-enabled-for-native-units-under-lib.patch
@@ -0,0 +1,50 @@
+From b77398f7a05aa313cebcea81e9381833bede2d61 Mon Sep 17 00:00:00 2001
+From: Michal Schmidt <mschmidt at redhat.com>
+Date: Mon, 13 Jun 2011 14:19:47 +0200
+Subject: [PATCH] systemctl: fix 'is-enabled' for native units under /lib
+
+The units always showed up as enabled.
+
+The config file has to be parsed before we can check what's in
+the [Install] section.
+
+https://bugzilla.redhat.com/show_bug.cgi?id=699027
+---
+ src/systemctl.c | 14 +++++++-------
+ 1 files changed, 7 insertions(+), 7 deletions(-)
+
+diff --git a/src/systemctl.c b/src/systemctl.c
+index faca797..889e3ee 100644
+--- a/src/systemctl.c
++++ b/src/systemctl.c
+@@ -4160,6 +4160,13 @@ static int install_info_apply(const char *verb, LookupPaths *paths, InstallInfo
+ return -ENOENT;
+ }
+
++ i->path = filename;
++
++ if ((r = config_parse(filename, f, NULL, items, true, i)) < 0) {
++ fclose(f);
++ return r;
++ }
++
+ /* Consider unit files stored in /lib and /usr always enabled
+ * if they have no [Install] data. */
+ if (streq(verb, "is-enabled") &&
+@@ -4168,13 +4175,6 @@ static int install_info_apply(const char *verb, LookupPaths *paths, InstallInfo
+ !path_startswith(filename, "/etc"))
+ return 1;
+
+- i->path = filename;
+-
+- if ((r = config_parse(filename, f, NULL, items, true, i)) < 0) {
+- fclose(f);
+- return r;
+- }
+-
+ n_symlinks += strv_length(i->aliases);
+ n_symlinks += strv_length(i->wanted_by);
+
+--
+1.7.4.4
+
diff --git a/systemd.spec b/systemd.spec
index 892ed6c..70a9bf1 100644
--- a/systemd.spec
+++ b/systemd.spec
@@ -2,7 +2,7 @@ Name: systemd
Url: http://www.freedesktop.org/wiki/Software/systemd
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
Version: 26
-Release: 3%{?dist}
+Release: 4%{?dist}
License: GPLv2+
Group: System Environment/Base
Summary: A System and Service Manager
@@ -43,6 +43,9 @@ Patch3: 0001-pam-downgrade-a-few-log-msgs.patch
Patch4: 0001-systemctl-fix-double-unref-of-a-dbus-message.patch
Patch5: 0001-cryptsetup-generator-fix-etc-cryptsetup-options.patch
Patch6: 0001-readahead-common-fix-total-memory-size-detection.patch
+Patch7: 0001-systemctl-fix-is-enabled-for-native-units-under-lib.patch
+Patch8: 0001-dbus-fix-name-of-capability-property.patch
+Patch9: 0001-pam-module-add-debug-parameter.patch
# For sysvinit tools
Obsoletes: SysVinit < 2.86-24, sysvinit < 2.86-24
@@ -103,6 +106,9 @@ SysV compatibility tools for systemd
%patch4 -p1
%patch5 -p1
%patch6 -p1
+%patch7 -p1
+%patch8 -p1
+%patch9 -p1
%build
%configure --with-rootdir= --with-distro=fedora
@@ -305,6 +311,12 @@ fi
%{_bindir}/systemd-sysv-convert
%changelog
+* Wed Jun 15 2011 Michal Schmidt <mschmidt at redhat.com> - 26-4
+- Pick bugfixes from upstream:
+- systemctl: fix 'is-enabled' for native units under /lib (BZ#699027)
+- dbus: fix name of capability property
+- pam-module: add debug= parameter (BZ#705427)
+
* Sun Jun 12 2011 Michal Schmidt <mschmidt at redhat.com> - 26-3
- Pick bugfixes from upstream:
- systemctl: fix double unref of a dbus message (BZ#709909)
More information about the scm-commits
mailing list