From 3db684b40fcb7984a8878877edc9faa93af48e22 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= <zbyszek@in.waw.pl>
Date: Fri, 4 Nov 2022 16:19:01 +0100
Subject: [PATCH] Version 249.13

---
 ...y-the-full-path-for-systemctl-and-ot.patch | 91 +++++++++----------
 ...-script-to-actually-invoke-systemctl.patch | 14 +--
 0003-rpm-call-needs-restart-in-parallel.patch |  4 +-
 ...-services-at-the-end-of-the-transact.patch | 12 +--
 ...ate-helper-also-add-user-reexec-verb.patch |  4 +-
 ...per-add-missing-loop-over-user-units.patch |  8 +-
 sources                                       |  2 +-
 systemd.spec                                  |  8 +-
 8 files changed, 71 insertions(+), 72 deletions(-)

diff --git a/0001-rpm-don-t-specify-the-full-path-for-systemctl-and-ot.patch b/0001-rpm-don-t-specify-the-full-path-for-systemctl-and-ot.patch
index 00a012c..eace24f 100644
--- a/0001-rpm-don-t-specify-the-full-path-for-systemctl-and-ot.patch
+++ b/0001-rpm-don-t-specify-the-full-path-for-systemctl-and-ot.patch
@@ -1,7 +1,7 @@
-From 7d9ee15d0fc2af87481ee371b278dbe7e68165ef Mon Sep 17 00:00:00 2001
+From aa56d0bbcef9c2f32845203b50df92492717fea6 Mon Sep 17 00:00:00 2001
 From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= <zbyszek@in.waw.pl>
 Date: Wed, 7 Jul 2021 14:02:36 +0200
-Subject: [PATCH] rpm: don't specify the full path for systemctl and other
+Subject: [PATCH 1/6] rpm: don't specify the full path for systemctl and other
  commands
 
 We can make things a bit simpler and more readable by not specifying the path.
@@ -94,7 +94,7 @@ index 3a0169a85f..3129ab2d61 100644
  SYSTEMD_INLINE_EOF\
  %{nil}
 diff --git a/src/rpm/triggers.systemd.in b/src/rpm/triggers.systemd.in
-index b33d2212e8..247358008a 100644
+index c10112fe54..483207e58c 100644
 --- a/src/rpm/triggers.systemd.in
 +++ b/src/rpm/triggers.systemd.in
 @@ -16,14 +16,14 @@
@@ -132,34 +132,34 @@ index b33d2212e8..247358008a 100644
      elseif pid > 0 then
          posix.wait(pid)
      end
-@@ -62,7 +62,7 @@ end
- if posix.access("/run/systemd/system") then
-     pid = posix.fork()
-     if pid == 0 then
--        assert(posix.exec("%{_bindir}/systemd-sysusers"))
-+        assert(posix.execp("systemd-sysusers"))
-     elseif pid > 0 then
-         posix.wait(pid)
-     end
-@@ -74,7 +74,7 @@ end
- if posix.access("/run/systemd/system") then
-     pid = posix.fork()
-     if pid == 0 then
--        assert(posix.exec("%{_bindir}/systemd-hwdb", "update"))
-+        assert(posix.execp("systemd-hwdb", "update"))
-     elseif pid > 0 then
-         posix.wait(pid)
-     end
-@@ -86,7 +86,7 @@ end
- if posix.access("/run/systemd/system") then
-     pid = posix.fork()
-     if pid == 0 then
--        assert(posix.exec("%{_bindir}/journalctl", "--update-catalog"))
-+        assert(posix.execp("journalctl", "--update-catalog"))
-     elseif pid > 0 then
-         posix.wait(pid)
-     end
-@@ -111,7 +111,7 @@ end
+@@ -61,7 +61,7 @@ end
+ -- will run before the tmpfiles file trigger.
+ pid = posix.fork()
+ if pid == 0 then
+-    assert(posix.exec("%{_bindir}/systemd-sysusers"))
++    assert(posix.execp("systemd-sysusers"))
+ elseif pid > 0 then
+     posix.wait(pid)
+ end
+@@ -71,7 +71,7 @@ end
+ -- installed or updated in {{UDEV_HWDB_DIR}}.
+ pid = posix.fork()
+ if pid == 0 then
+-    assert(posix.exec("%{_bindir}/systemd-hwdb", "update"))
++    assert(posix.execp("systemd-hwdb", "update"))
+ elseif pid > 0 then
+     posix.wait(pid)
+ end
+@@ -81,7 +81,7 @@ end
+ -- have been installed or updated in {{SYSTEMD_CATALOG_DIR}}.
+ pid = posix.fork()
+ if pid == 0 then
+-    assert(posix.exec("%{_bindir}/journalctl", "--update-catalog"))
++    assert(posix.execp("journalctl", "--update-catalog"))
+ elseif pid > 0 then
+     posix.wait(pid)
+ end
+@@ -105,7 +105,7 @@ end
  if posix.access("/run/systemd/system") then
      pid = posix.fork()
      if pid == 0 then
@@ -168,7 +168,7 @@ index b33d2212e8..247358008a 100644
      elseif pid > 0 then
          posix.wait(pid)
      end
-@@ -123,7 +123,7 @@ end
+@@ -117,7 +117,7 @@ end
  if posix.access("/run/systemd/system") then
      pid = posix.fork()
      if pid == 0 then
@@ -178,7 +178,7 @@ index b33d2212e8..247358008a 100644
          posix.wait(pid)
      end
 diff --git a/src/rpm/triggers.systemd.sh.in b/src/rpm/triggers.systemd.sh.in
-index 22abad9812..1631be18c9 100644
+index e746c316d3..f8c4514313 100644
 --- a/src/rpm/triggers.systemd.sh.in
 +++ b/src/rpm/triggers.systemd.sh.in
 @@ -15,8 +15,8 @@
@@ -192,7 +192,7 @@ index 22abad9812..1631be18c9 100644
  fi
  
  %transfiletriggerpostun -P 1000100 -- {{SYSTEM_DATA_UNIT_DIR}} /etc/systemd/system
-@@ -26,13 +26,13 @@ fi
+@@ -26,30 +26,30 @@ fi
  # have been installed, but before %postun scripts in packages get
  # executed.
  if test -d "/run/systemd/system"; then
@@ -208,32 +208,27 @@ index 22abad9812..1631be18c9 100644
  fi
  
  %transfiletriggerin -P 1000700 -- {{SYSUSERS_DIR}}
-@@ -40,21 +40,21 @@ fi
+ # This script will process files installed in {{SYSUSERS_DIR}} to create
  # specified users automatically. The priority is set such that it
  # will run before the tmpfiles file trigger.
- if test -d "/run/systemd/system"; then
--  %{_bindir}/systemd-sysusers || :
-+  systemd-sysusers || :
- fi
+-%{_bindir}/systemd-sysusers || :
++systemd-sysusers || :
  
  %transfiletriggerin -P 1000700 udev -- {{UDEV_HWDB_DIR}}
  # This script will automatically invoke hwdb update if files have been
  # installed or updated in {{UDEV_HWDB_DIR}}.
- if test -d "/run/systemd/system"; then
--  %{_bindir}/systemd-hwdb update || :
-+  systemd-hwdb update || :
- fi
+-%{_bindir}/systemd-hwdb update || :
++systemd-hwdb update || :
  
  %transfiletriggerin -P 1000700 -- {{SYSTEMD_CATALOG_DIR}}
  # This script will automatically invoke journal catalog update if files
  # have been installed or updated in {{SYSTEMD_CATALOG_DIR}}.
- if test -d "/run/systemd/system"; then
--  %{_bindir}/journalctl --update-catalog || :
-+  journalctl --update-catalog || :
- fi
+-%{_bindir}/journalctl --update-catalog || :
++journalctl --update-catalog || :
  
  %transfiletriggerin -P 1000700 -- {{BINFMT_DIR}}
-@@ -71,14 +71,14 @@ fi
+ # This script will automatically apply binfmt rules if files have been
+@@ -65,14 +65,14 @@ fi
  # tmpfiles automatically. The priority is set such that it will run
  # after the sysusers file trigger, but before any other triggers.
  if test -d "/run/systemd/system"; then
diff --git a/0002-rpm-use-a-helper-script-to-actually-invoke-systemctl.patch b/0002-rpm-use-a-helper-script-to-actually-invoke-systemctl.patch
index 212a58d..beab891 100644
--- a/0002-rpm-use-a-helper-script-to-actually-invoke-systemctl.patch
+++ b/0002-rpm-use-a-helper-script-to-actually-invoke-systemctl.patch
@@ -1,7 +1,7 @@
-From 6d825ab2d42d3219e49a192bf99f9c09134a0df4 Mon Sep 17 00:00:00 2001
+From bbfbe1c31046d53640ebb4ef4e4820614fd0864e Mon Sep 17 00:00:00 2001
 From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= <zbyszek@in.waw.pl>
 Date: Thu, 22 Jul 2021 11:22:33 +0200
-Subject: [PATCH] rpm: use a helper script to actually invoke systemctl
+Subject: [PATCH 2/6] rpm: use a helper script to actually invoke systemctl
  commands
 MIME-Version: 1.0
 Content-Type: text/plain; charset=UTF-8
@@ -39,10 +39,10 @@ We were planning to raise the required version anyway…
  create mode 100755 src/rpm/systemd-update-helper.in
 
 diff --git a/README b/README
-index 0e5c326deb..a8f23a0d5b 100644
+index 9e5bcab830..2b759e7f5a 100644
 --- a/README
 +++ b/README
-@@ -193,7 +193,7 @@ REQUIREMENTS:
+@@ -195,7 +195,7 @@ REQUIREMENTS:
          python-jinja2
          python-lxml (optional, required to build the indices)
          python >= 3.5
@@ -52,7 +52,7 @@ index 0e5c326deb..a8f23a0d5b 100644
          gcc, awk, sed, grep, and similar tools
          clang >= 10.0, llvm >= 10.0 (optional, required to build BPF programs
 diff --git a/meson.build b/meson.build
-index a2ee15bf32..c6b3e72d23 100644
+index ece21fbd10..5962371e49 100644
 --- a/meson.build
 +++ b/meson.build
 @@ -10,7 +10,7 @@ project('systemd', 'c',
@@ -232,7 +232,7 @@ index 0000000000..9fa49fa131
 +        ;;
 +esac
 diff --git a/src/rpm/triggers.systemd.in b/src/rpm/triggers.systemd.in
-index 247358008a..d29cc33dfd 100644
+index 483207e58c..f56c80c7ca 100644
 --- a/src/rpm/triggers.systemd.in
 +++ b/src/rpm/triggers.systemd.in
 @@ -13,20 +13,11 @@
@@ -297,7 +297,7 @@ index 247358008a..d29cc33dfd 100644
  
  %transfiletriggerin -P 100700 -p <lua> -- {{SYSUSERS_DIR}}
 diff --git a/src/rpm/triggers.systemd.sh.in b/src/rpm/triggers.systemd.sh.in
-index 1631be18c9..83cd7617f8 100644
+index f8c4514313..3b35a4b5c6 100644
 --- a/src/rpm/triggers.systemd.sh.in
 +++ b/src/rpm/triggers.systemd.sh.in
 @@ -14,10 +14,7 @@
diff --git a/0003-rpm-call-needs-restart-in-parallel.patch b/0003-rpm-call-needs-restart-in-parallel.patch
index b1efa37..2a4bf36 100644
--- a/0003-rpm-call-needs-restart-in-parallel.patch
+++ b/0003-rpm-call-needs-restart-in-parallel.patch
@@ -1,7 +1,7 @@
-From 3598aff4d963b2e51ac74d206161da47bfde785c Mon Sep 17 00:00:00 2001
+From bc587d08416e3517b82b764798866154caa11085 Mon Sep 17 00:00:00 2001
 From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= <zbyszek@in.waw.pl>
 Date: Thu, 22 Jul 2021 11:28:36 +0200
-Subject: [PATCH] rpm: call +needs-restart in parallel
+Subject: [PATCH 3/6] rpm: call +needs-restart in parallel
 MIME-Version: 1.0
 Content-Type: text/plain; charset=UTF-8
 Content-Transfer-Encoding: 8bit
diff --git a/0004-rpm-restart-user-services-at-the-end-of-the-transact.patch b/0004-rpm-restart-user-services-at-the-end-of-the-transact.patch
index 94eca7b..d4cbf7f 100644
--- a/0004-rpm-restart-user-services-at-the-end-of-the-transact.patch
+++ b/0004-rpm-restart-user-services-at-the-end-of-the-transact.patch
@@ -1,7 +1,7 @@
-From 36d55958ccc75fa3c91bdd7354d74c910f2f6cc7 Mon Sep 17 00:00:00 2001
+From eb458aa5f37496059540e1db47f8b4f1c69ef206 Mon Sep 17 00:00:00 2001
 From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= <zbyszek@in.waw.pl>
 Date: Wed, 7 Jul 2021 14:37:57 +0200
-Subject: [PATCH] rpm: restart user services at the end of the transaction
+Subject: [PATCH 4/6] rpm: restart user services at the end of the transaction
 
 This closes an important gap: so far we would reexecute the system manager and
 restart system services that were configured to do so, but we wouldn't do the
@@ -51,7 +51,7 @@ fa97d2fcf64e0558054bee673f734f523373b146.
  6 files changed, 94 insertions(+), 3 deletions(-)
 
 diff --git a/meson.build b/meson.build
-index c6b3e72d23..cafce977c2 100644
+index 5962371e49..e185c27750 100644
 --- a/meson.build
 +++ b/meson.build
 @@ -270,6 +270,7 @@ conf.set_quoted('TMPFILES_DIR',                               tmpfilesdir)
@@ -63,7 +63,7 @@ index c6b3e72d23..cafce977c2 100644
  conf.set_quoted('USER_DATA_UNIT_DIR',                         userunitdir)
  conf.set_quoted('USER_ENV_GENERATOR_DIR',                     userenvgeneratordir)
 diff --git a/meson_options.txt b/meson_options.txt
-index b60261ac24..50f2b7b5e9 100644
+index 2f0f4e7b8f..43b815e433 100644
 --- a/meson_options.txt
 +++ b/meson_options.txt
 @@ -182,6 +182,8 @@ option('xinitrcdir', type : 'string', value : '',
@@ -165,7 +165,7 @@ index f3c75b75fa..f3466ab3c0 100755
          echo "Unknown verb '$command'"
          exit 3
 diff --git a/src/rpm/triggers.systemd.in b/src/rpm/triggers.systemd.in
-index d29cc33dfd..8aeb2049c1 100644
+index f56c80c7ca..4755cdafe8 100644
 --- a/src/rpm/triggers.systemd.in
 +++ b/src/rpm/triggers.systemd.in
 @@ -20,6 +20,14 @@ elseif pid > 0 then
@@ -219,7 +219,7 @@ index d29cc33dfd..8aeb2049c1 100644
  -- This script will process files installed in {{SYSUSERS_DIR}} to create
  -- specified users automatically. The priority is set such that it
 diff --git a/src/rpm/triggers.systemd.sh.in b/src/rpm/triggers.systemd.sh.in
-index 83cd7617f8..694cd94e8d 100644
+index 3b35a4b5c6..8c301f5ed9 100644
 --- a/src/rpm/triggers.systemd.sh.in
 +++ b/src/rpm/triggers.systemd.sh.in
 @@ -16,6 +16,9 @@
diff --git a/0005-update-helper-also-add-user-reexec-verb.patch b/0005-update-helper-also-add-user-reexec-verb.patch
index f5f407e..04d374c 100644
--- a/0005-update-helper-also-add-user-reexec-verb.patch
+++ b/0005-update-helper-also-add-user-reexec-verb.patch
@@ -1,7 +1,7 @@
-From 1262e824a4d638e347ae0d39c973f1f750962533 Mon Sep 17 00:00:00 2001
+From 50336a7d0c584c1731c656e991a317029ed45f84 Mon Sep 17 00:00:00 2001
 From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= <zbyszek@in.waw.pl>
 Date: Fri, 23 Jul 2021 15:35:23 +0200
-Subject: [PATCH] update-helper: also add "user-reexec" verb
+Subject: [PATCH 5/6] update-helper: also add "user-reexec" verb
 
 This is not called from the systemd.triggers or systemd.macros files. Instead,
 it would be called from the scriptlets in systemd rpm package itself, at the
diff --git a/0006-update-helper-add-missing-loop-over-user-units.patch b/0006-update-helper-add-missing-loop-over-user-units.patch
index 308c4c2..3fc1317 100644
--- a/0006-update-helper-add-missing-loop-over-user-units.patch
+++ b/0006-update-helper-add-missing-loop-over-user-units.patch
@@ -1,7 +1,7 @@
-From a4eba5d8cfaabbd87687c651fcdd06df9e267931 Mon Sep 17 00:00:00 2001
+From 107f3e397937eb6a45054e22bd79c142fae19cd4 Mon Sep 17 00:00:00 2001
 From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= <zbyszek@in.waw.pl>
 Date: Thu, 4 Nov 2021 09:49:18 +0100
-Subject: [PATCH] update-helper: add missing loop over user units
+Subject: [PATCH 6/6] update-helper: add missing loop over user units
 
 Noticed by Luca.
 
@@ -12,10 +12,10 @@ and testing ;(
  1 file changed, 4 insertions(+), 2 deletions(-)
 
 diff --git a/src/rpm/systemd-update-helper.in b/src/rpm/systemd-update-helper.in
-index fa35e7ba90..7e007d4806 100755
+index 0c6675a9db..47d6663e07 100755
 --- a/src/rpm/systemd-update-helper.in
 +++ b/src/rpm/systemd-update-helper.in
-@@ -52,8 +52,10 @@ case "$command" in
+@@ -51,8 +51,10 @@ case "$command" in
  
          users=$(systemctl list-units 'user@*' --legend=no | sed -n -r 's/.*user@([0-9]+).service.*/\1/p')
          for user in $users; do
diff --git a/sources b/sources
index f9e5098..194dcc1 100644
--- a/sources
+++ b/sources
@@ -1 +1 @@
-SHA512 (systemd-249.12.tar.gz) = 7a565418b13e2e6d0cd6bcdaca9987ea626449c8f28266a514b20d19e63e0779e31acbef9d5e14139a94bc72cdd652f86694509ed21158c45b106585058272d1
+SHA512 (systemd-249.13.tar.gz) = eca374a66cc6a3439e83495e11d96f885c68508f340332cd750558f9fde3e6f31775e98caf085be53c7ef1ac8cf01ba7f84641112e5c978c4670e053cca305b0
diff --git a/systemd.spec b/systemd.spec
index fb8c25e..cc9690c 100644
--- a/systemd.spec
+++ b/systemd.spec
@@ -30,8 +30,8 @@
 Name:           systemd
 Url:            https://www.freedesktop.org/wiki/Software/systemd
 %if %{without inplace}
-Version:        249.12
-Release:        5%{?dist}
+Version:        249.13
+Release:        6%{?dist}
 %else
 # determine the build information from local checkout
 Version:        %(tools/meson-vcs-tag.sh . error | sed -r 's/-([0-9])/.^\1/; s/-g/_g/')
@@ -1039,6 +1039,10 @@ exit 0
 %files standalone-sysusers -f .file-list-standalone-sysusers
 
 %changelog
+* Fri Nov  4 2022 Zbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl> - 249.13-6
+- Latest stable release (various small fixes all over: #2085481, #2086166)
+- #2139355, CVE-2022-3821
+
 * Thu Jun 16 2022 Adam Williamson <awilliam@redhat.com> - 249.12-5
 - Change dynamic stub target to make name resolution work in install %post (#2074083)