rpms/systemd
3
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Version 253.1

Browse Source 
- Fixes rhbz#2148464
This commit is contained in:
Zbigniew Jędrzejewski-Szmek 2023-03-03 18:17:58 +01:00
parent 7a81930dd2
commit 68db5d4680
3 changed files with 5 additions and 55 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

46
26478.patch
View File

@ -1,46 +0,0 @@
From e7662d18a14588740c245d10027e2c42a0a21c0e Mon Sep 17 00:00:00 2001
From: Yu Watanabe <watanabe.yu+github@gmail.com>
Date: Sun, 19 Feb 2023 02:42:52 +0900
Subject: [PATCH] core/manager: falling back to execute generators without
sandboxing
When running in a container, like podman, docker or so, creating new mount
namespace may be disabled.
Fixes #26474.
Fixes RHBZ#2165004 (https://bugzilla.redhat.com/show_bug.cgi?id=2165004).
---
src/core/manager.c | 15 ++++++++++++++-
1 file changed, 14 insertions(+), 1 deletion(-)
diff --git a/src/core/manager.c b/src/core/manager.c
index 7b394794b0d4..380a4e30d7af 100644
--- a/src/core/manager.c
+++ b/src/core/manager.c
@@ -3829,12 +3829,25 @@ static int manager_run_generators(Manager *m) {
}
r = safe_fork("(sd-gens)",
- FORK_RESET_SIGNALS | FORK_LOG | FORK_WAIT | FORK_NEW_MOUNTNS | FORK_MOUNTNS_SLAVE | FORK_PRIVATE_TMP,
+ FORK_RESET_SIGNALS | FORK_WAIT | FORK_NEW_MOUNTNS | FORK_MOUNTNS_SLAVE | FORK_PRIVATE_TMP,
NULL);
if (r == 0) {
r = manager_execute_generators(m, paths, /* remount_ro= */ true);
_exit(r >= 0 ? EXIT_SUCCESS : EXIT_FAILURE);
}
+ if (r < 0) {
+ if (!ERRNO_IS_PRIVILEGE(r)) {
+ log_error_errno(r, "Failed to fork off sandboxing environment for executing generators: %m");
+ goto finish;
+ }
+
+ /* Failed to fork with new mount namespace? Maybe, running in a container environment with
+ * seccomp or without capability. */
+ log_debug_errno(r,
+ "Failed to fork off sandboxing environment for executing generators. "
+ "Falling back to execute generators without sandboxing: %m");
+ r = manager_execute_generators(m, paths, /* remount_ro= */ false);
+ }
finish:
lookup_paths_trim_generator(&m->lookup_paths);

2
sources
View File

@ -1 +1 @@
SHA512 (systemd-253.tar.gz) = 3bbc431a292ab590b70d3b490a528f71d30ccf478ddfa66d1c210f40c260ef49ac30651c19f2d073acf38d68398a4a6fbf95391f0e3ea0333d94b9d4e81d514f SHA512 (systemd-253.1.tar.gz) = 4ac7607e0fcedd8612b525ab1fb05e3f5f569d8c1e609577377a54ea8f2aedd07def4012dad70b68a9c449ec7b8d70c6b96cbdafc11c35eb4408e43fc7bb401c

12
systemd.spec
View File

@ -1,8 +1,6 @@
#global commit c4b843473a75fb38ed5bf54e9d3cfb1cb3719efa #global commit c4b843473a75fb38ed5bf54e9d3cfb1cb3719efa
%{?commit:%global shortcommit %(c=%{commit}; echo ${c:0:7})} %{?commit:%global shortcommit %(c=%{commit}; echo ${c:0:7})}
#global stable 1
# We ship a .pc file but don't want to have a dep on pkg-config. We # We ship a .pc file but don't want to have a dep on pkg-config. We
# strip the automatically generated dep here and instead co-own the # strip the automatically generated dep here and instead co-own the
# directory. # directory.
@ -30,13 +28,15 @@
Name: systemd Name: systemd
Url: https://systemd.io Url: https://systemd.io
%if %{without inplace} %if %{without inplace}
Version: 253 Version: 253.1
%else %else
# determine the build information from local checkout # determine the build information from local checkout
Version: %(tools/meson-vcs-tag.sh . error | sed -r 's/-([0-9])/.^\1/; s/-g/_g/') Version: %(tools/meson-vcs-tag.sh . error | sed -r 's/-([0-9])/.^\1/; s/-g/_g/')
%endif %endif
Release: %autorelease Release: %autorelease
%global stable %(c="%version"; [ "$c" = "${c#*.*}" ]; echo $?)
# For a breakdown of the licensing, see README # For a breakdown of the licensing, see README
License: LGPL-2.1-or-later AND MIT AND GPL-2.0-or-later License: LGPL-2.1-or-later AND MIT AND GPL-2.0-or-later
Summary: System and Service Manager Summary: System and Service Manager
@ -95,10 +95,6 @@ GIT_DIR=../../src/systemd/.git git diffab -M v233..master@{2017-06-15} -- hwdb/[
# https://bugzilla.redhat.com/show_bug.cgi?id=2164404 # https://bugzilla.redhat.com/show_bug.cgi?id=2164404
Patch0001: https://patch-diff.githubusercontent.com/raw/systemd/systemd/pull/26494.patch Patch0001: https://patch-diff.githubusercontent.com/raw/systemd/systemd/pull/26494.patch
# https://github.com/systemd/systemd/issues/26474
# https://bugzilla.redhat.com/show_bug.cgi?id=2165004
Patch0002: https://patch-diff.githubusercontent.com/raw/systemd/systemd/pull/26478.patch
# Those are downstream-only patches, but we don't want them in packit builds: # Those are downstream-only patches, but we don't want them in packit builds:
# https://bugzilla.redhat.com/show_bug.cgi?id=1738828 # https://bugzilla.redhat.com/show_bug.cgi?id=1738828
Patch0490: use-bfq-scheduler.patch Patch0490: use-bfq-scheduler.patch
@ -262,7 +258,7 @@ utilities to control basic system configuration like the hostname, date, locale,
maintain a list of logged-in users, system accounts, runtime directories and maintain a list of logged-in users, system accounts, runtime directories and
settings, and a logging daemons. settings, and a logging daemons.
%if 0%{?stable} %if 0%{?stable}
This package was built from the %{version}-stable branch of systemd. This package was built from the %(c=%version; echo "v${c%.*}-stable") branch of systemd.
%endif %endif
%package libs %package libs