rpms
/
systemd
2
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Version 249-rc1

This commit is contained in:
Zbigniew Jędrzejewski-Szmek 2021-05-23 22:05:07 +02:00
parent 535a8b5b98
commit 33320dcf58
3 changed files with 282 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

273
19950.patch Normal file
View File

@ -0,0 +1,273 @@
From 420ae742ef584fbe5b98780c3cdada528a45ad67 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= <zbyszek@in.waw.pl>
Date: Sun, 23 May 2021 22:00:22 +0200
Subject: [PATCH] meson: allow "soft-static" allocations for uids and gids in
the initrd
The general idea with users and groups created through sysusers is that an
appropriate number is picked when the allocation is made. The number that is
selected will be different on each system based on the order of creation of
users, installed packages, etc. Since system users and groups are not shared
between installations, this generally is not an issue. But it becomes a problem
for initrd: some file systems are shared between the initrd and the host (/run
and /dev are probably the only ones that matter). If the allocations are
different in the host and the initrd, and files survive switch-root, they will
have wrong ownership.
This makes the gids build-time-configurable for all groups and users where
state may survive the switch from initrd to the host.
In particular, all "hardware access" groups are like this: files in /dev will
be owned by them. Eventually the new udev would change ownership, but there
would be a momemnt where the files were owned by the wrong group. The
allocations are "soft-static" in the language of Fedora packaging guidelines:
the uid/gid will be used if possible, but we'll fall back to a different
one. TTY_GID is the exception, because the number is used directly.
Similarly, the possibility to configure "soft-static" uids is added for daemons
which may usefully run in the initramfs: systemd-network (lease information and
interface state is serialized to /run), systemd-resolve (stub files and
interface state), systemd-timesync (/run/systemd/timesync).
Journal files are owned by the group systemd-journal, and acls are granted
for wheel and adm.
systemd-oom and systemd-coredump are excluded from this patch: I assume that
oomd is not useful in the initrd, and coredump leaves no state (it only creates
a pipe in /run?).
The defaults are not changed: if nothing is configured, dynamic allocation will
be used. I looked at a Debian system, and the numbers are all different than
on Fedora.
For Fedora, see the list of uids and gids at https://pagure.io/setup/blob/master/f/uidgid.
In particular, systemd-network and systemd-resolve got soft-static numbers to
make it easy to transition from a non-host-specific initrd to a host system
already a few years back (https://bugzilla.redhat.com/show_bug.cgi?id=1102002).
I also requested static allocations for sgx, input, render in
https://pagure.io/packaging-committee/issue/1078,
https://pagure.io/setup/pull-request/27.
---
meson.build | 40 ++++++++++++++++++++++++-------
meson_options.txt | 48 ++++++++++++++++++++++++++++++++++----
sysusers.d/basic.conf.in | 38 +++++++++++++++---------------
sysusers.d/systemd.conf.in | 8 +++----
4 files changed, 99 insertions(+), 35 deletions(-)
diff --git a/meson.build b/meson.build
index 0b136529e3a1..3634ce0a3cb0 100644
--- a/meson.build
+++ b/meson.build
@@ -793,12 +793,37 @@ endif
conf.set_quoted('NOBODY_USER_NAME', nobody_user)
conf.set_quoted('NOBODY_GROUP_NAME', nobody_group)
-tty_gid = get_option('tty-gid')
-conf.set('TTY_GID', tty_gid)
-
-# Ensure provided GID argument is numeric, otherwise fall back to default assignment
-users_gid = get_option('users-gid')
-conf.set('USERS_GID', users_gid < 0 ? '-' : users_gid)
+static_ugids = []
+foreach option : ['adm-gid',
+ 'audio-gid',
+ 'cdrom-gid',
+ 'dialout-gid',
+ 'disk-gid',
+ 'input-gid',
+ 'kmem-gid',
+ 'kvm-gid',
+ 'lp-gid',
+ 'render-gid',
+ 'sgx-gid',
+ 'tape-gid',
+ 'tty-gid',
+ 'users-gid',
+ 'utmp-gid',
+ 'video-gid',
+ 'wheel-gid',
+ 'systemd-journal-gid',
+ 'systemd-network-uid',
+ 'systemd-resolve-uid',
+ 'systemd-timesync-uid']
+ name = option.underscorify().to_upper()
+ val = get_option(option)
+
+ # Ensure provided GID argument is numeric, otherwise fall back to default assignment
+ conf.set(name, val >= 0 ? val : '-')
+ if val >= 0
+ static_ugids += '@0@:@1@'.format(option, val)
+ endif
+endforeach
conf.set10('ENABLE_ADM_GROUP', get_option('adm-group'))
conf.set10('ENABLE_WHEEL_GROUP', get_option('wheel-group'))
@@ -3713,14 +3738,13 @@ status = [
'extra start script: @0@'.format(get_option('rc-local')),
'debug shell: @0@ @ @1@'.format(get_option('debug-shell'),
get_option('debug-tty')),
- 'TTY GID: @0@'.format(tty_gid),
- 'users GID: @0@'.format(conf.get('USERS_GID')),
'system UIDs: <=@0@ (alloc >=@1@)'.format(conf.get('SYSTEM_UID_MAX'),
conf.get('SYSTEM_ALLOC_UID_MIN')),
'system GIDs: <=@0@ (alloc >=@1@)'.format(conf.get('SYSTEM_GID_MAX'),
conf.get('SYSTEM_ALLOC_GID_MIN')),
'dynamic UIDs: @0@…@1@'.format(dynamic_uid_min, dynamic_uid_max),
'container UID bases: @0@…@1@'.format(container_uid_base_min, container_uid_base_max),
+ 'static UID/GID allocations: @0@'.format(' '.join(static_ugids)),
'/dev/kvm access mode: @0@'.format(get_option('dev-kvm-mode')),
'render group access mode: @0@'.format(get_option('group-render-mode')),
'certificate root directory: @0@'.format(get_option('certificate-root')),
diff --git a/meson_options.txt b/meson_options.txt
index fc58e888d939..5048de755d91 100644
--- a/meson_options.txt
+++ b/meson_options.txt
@@ -204,6 +204,7 @@ option('status-unit-format-default', type : 'combo',
description : 'use unit name or description in messages by default')
option('time-epoch', type : 'integer', value : '-1',
description : 'time epoch for time clients')
+
option('system-alloc-uid-min', type : 'integer', value : '-1',
description : 'minimum system UID used when allocating')
option('system-alloc-gid-min', type : 'integer', value : '-1',
@@ -220,10 +221,6 @@ option('container-uid-base-min', type : 'integer', value : 0x00080000,
description : 'minimum container UID base')
option('container-uid-base-max', type : 'integer', value : 0x6FFF0000,
description : 'maximum container UID base')
-option('tty-gid', type : 'integer', value : 5,
- description : 'the numeric GID of the "tty" group')
-option('users-gid', type : 'integer', value : '-1',
- description : 'the numeric GID of the "users" group')
option('adm-group', type : 'boolean',
description : 'the ACL for adm group should be added')
option('wheel-group', type : 'boolean',
@@ -234,6 +231,49 @@ option('nobody-user', type : 'string',
option('nobody-group', type : 'string',
description : 'The name of the nobody group (the one with GID 65534)',
value : 'nobody')
+option('adm-gid', type : 'integer', value : '-1',
+ description : 'soft-static allocation for the "adm" group')
+option('audio-gid', type : 'integer', value : '-1',
+ description : 'soft-static allocation for the "audio" group')
+option('cdrom-gid', type : 'integer', value : '-1',
+ description : 'soft-static allocation for the "cdrom" group')
+option('dialout-gid', type : 'integer', value : '-1',
+ description : 'soft-static allocation for the "dialout" group')
+option('disk-gid', type : 'integer', value : '-1',
+ description : 'soft-static allocation for the "disk" group')
+option('input-gid', type : 'integer', value : '-1',
+ description : 'soft-static allocation for the "input" group')
+option('kmem-gid', type : 'integer', value : '-1',
+ description : 'soft-static allocation for the "kmem" group')
+option('kvm-gid', type : 'integer', value : '-1',
+ description : 'soft-static allocation for the "kvm" group')
+option('lp-gid', type : 'integer', value : '-1',
+ description : 'soft-static allocation for the "lp" group')
+option('render-gid', type : 'integer', value : '-1',
+ description : 'soft-static allocation for the "render" group')
+option('sgx-gid', type : 'integer', value : '-1',
+ description : 'soft-static allocation for the "sgx" group')
+option('tape-gid', type : 'integer', value : '-1',
+ description : 'soft-static allocation for the "tape" group')
+option('tty-gid', type : 'integer', value : 5,
+ description : 'the numeric GID of the "tty" group')
+option('users-gid', type : 'integer', value : '-1',
+ description : 'soft-static allocation for the "users" group')
+option('utmp-gid', type : 'integer', value : '-1',
+ description : 'soft-static allocation for the "utmp" group')
+option('video-gid', type : 'integer', value : '-1',
+ description : 'soft-static allocation for the "video" group')
+option('wheel-gid', type : 'integer', value : '-1',
+ description : 'soft-static allocation for the "wheel" group')
+option('systemd-journal-gid', type : 'integer', value : '-1',
+ description : 'soft-static allocation for the systemd-journal group')
+option('systemd-network-uid', type : 'integer', value : '-1',
+ description : 'soft-static allocation for the systemd-network user')
+option('systemd-resolve-uid', type : 'integer', value : '-1',
+ description : 'soft-static allocation for the systemd-resolve user')
+option('systemd-timesync-uid', type : 'integer', value : '-1',
+ description : 'soft-static allocation for the systemd-timesync user')
+
option('dev-kvm-mode', type : 'string', value : '0666',
description : '/dev/kvm access mode')
option('group-render-mode', type : 'string', value : '0666',
diff --git a/sysusers.d/basic.conf.in b/sysusers.d/basic.conf.in
index 9da02514216d..8cc1a7cad218 100644
--- a/sysusers.d/basic.conf.in
+++ b/sysusers.d/basic.conf.in
@@ -12,28 +12,28 @@ u root 0 "Super User" /root
u {{NOBODY_USER_NAME}} 65534 "Nobody" -
# Administrator group: can *see* more than normal users
-g adm - - -
+g adm {{ADM_GID }} - -
# Administrator group: can *do* more than normal users
-g wheel - - -
+g wheel {{WHEEL_GID }} - -
-# Access to certain kernel and userspace facilities
-g kmem - - -
-g tty {{TTY_GID}} - -
-g utmp - - -
+# Access to shared database of users on the system
+g utmp {{UTMP_GID }} - -
-# Hardware access groups
-g audio - - -
-g cdrom - - -
-g dialout - - -
-g disk - - -
-g input - - -
-g kvm - - -
-g lp - - -
-g render - - -
-g sgx - - -
-g tape - - -
-g video - - -
+# Physical and virtual hardware access groups
+g audio {{AUDIO_GID }} - -
+g cdrom {{CDROM_GID }} - -
+g dialout {{DIALOUT_GID}} - -
+g disk {{DISK_GID }} - -
+g input {{INPUT_GID }} - -
+g kmem {{KMEM_GID }} - -
+g kvm {{KVM_GID }} - -
+g lp {{LP_GID }} - -
+g render {{RENDER_GID }} - -
+g sgx {{SGX_GID }} - -
+g tape {{TAPE_GID }} - -
+g tty {{TTY_GID }} - -
+g video {{VIDEO_GID }} - -
# Default group for normal users
-g users {{USERS_GID}} - -
+g users {{USERS_GID }} - -
diff --git a/sysusers.d/systemd.conf.in b/sysusers.d/systemd.conf.in
index 9905eb596c61..9941ef8ef4f7 100644
--- a/sysusers.d/systemd.conf.in
+++ b/sysusers.d/systemd.conf.in
@@ -5,18 +5,18 @@
# the Free Software Foundation; either version 2.1 of the License, or
# (at your option) any later version.
-g systemd-journal - -
+g systemd-journal {{SYSTEMD_JOURNAL_GID}} -
{% if ENABLE_NETWORKD %}
-u systemd-network - "systemd Network Management"
+u systemd-network {{SYSTEMD_NETWORK_UID}} "systemd Network Management"
{% endif %}
{% if ENABLE_OOMD %}
u systemd-oom - "systemd Userspace OOM Killer"
{% endif %}
{% if ENABLE_RESOLVE %}
-u systemd-resolve - "systemd Resolver"
+u systemd-resolve {{SYSTEMD_RESOLVE_UID}} "systemd Resolver"
{% endif %}
{% if ENABLE_TIMESYNCD %}
-u systemd-timesync - "systemd Time Synchronization"
+u systemd-timesync {{SYSTEMD_TIMESYNC_UID}} "systemd Time Synchronization"
{% endif %}
{% if ENABLE_COREDUMP %}
u systemd-coredump - "systemd Core Dumper"

2
sources
View File

@ -1 +1 @@
SHA512 (systemd-248.3.tar.gz) = 8e7ff0d5e63cc933e4dc23f7e0bef9707fde90396605eb8822d34de90d7abe8fd37e5739e33b657868218aa7281147cc944c096c007324c3e6fb54d833a83485
SHA512 (systemd-249-rc1.tar.gz) = dd75fd6a2f63ce296973c7052ebd199619c99805935e9e04a65b58b0de6053f51157233070f32a4731c43cb65e8d232051a0b5c26508256218ae63f11cd24f1b

10
systemd.spec
View File

@ -1,7 +1,7 @@
#global commit c4b843473a75fb38ed5bf54e9d3cfb1cb3719efa
%{?commit:%global shortcommit %(c=%{commit}; echo ${c:0:7})}
%global stable 1
#global stable 1
# We ship a .pc file but don't want to have a dep on pkg-config. We
# strip the automatically generated dep here and instead co-own the
@ -30,7 +30,7 @@
Name: systemd
Url: https://www.freedesktop.org/wiki/Software/systemd
%if %{without inplace}
Version: 248.3
Version: 249~rc1
Release: 1%{?dist}
%else
# determine the build information from local checkout
@ -145,6 +145,7 @@ BuildRequires: pkgconfig(libfido2)
BuildRequires: pkgconfig(tss2-esys)
BuildRequires: pkgconfig(tss2-rc)
BuildRequires: pkgconfig(tss2-mu)
BuildRequires: systemtap-sdt-devel
BuildRequires: libxslt
BuildRequires: docbook-style-xsl
BuildRequires: pkgconfig
@ -993,6 +994,11 @@ fi
%files standalone-sysusers -f .file-list-standalone-sysusers
%changelog
* Wed Jun 16 2021 Zbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl> - 249~rc1-1
- Latest upstream prerelease, see
https://github.com/systemd/systemd/blob/v248-rc4/NEWS.
Fixes #1963428.
* Sat May 15 2021 Zbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl> - 248.3-1
- A fix for resolved crashes (#1946386, #1960227, #1950241)
- Some minor fixes for documentation, systemd-networkd, systemd-run, bootctl.