packages/systemd
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

!468 同步上游社区补丁

Browse Source 
From: @huyubiao 
Reviewed-by: @openeuler-basic 
Signed-off-by: @openeuler-basic
This commit is contained in:
openeuler-ci-bot 2023-12-07 13:34:00 +00:00 committed by Gitee
commit 0ce6c37731
No known key found for this signature in database
GPG Key ID: 173E9B9CA92EEF8F
14 changed files with 960 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

41
backport-errno-ETIMEDOUT-is-also-a-connection-error.patch Normal file
View File

@ -0,0 +1,41 @@
From 8d50c14252031c5f5d0d222f6d21acdc396035b0 Mon Sep 17 00:00:00 2001
From: Lennart Poettering <lennart@poettering.net>
Date: Fri, 6 Nov 2020 14:30:25 +0100
Subject: [PATCH] errno: ETIMEDOUT is also a connection error
Conflict: NA
Reference:https://github.com/systemd/systemd/commit/8d50c14252031c5f5d0d222f6d21acdc396035b0
---
src/basic/errno-util.h | 8 ++++++--
1 file changed, 6 insertions(+), 2 deletions(-)
diff --git a/src/basic/errno-util.h b/src/basic/errno-util.h
index 0ca650f48f..383615c288 100644
--- a/src/basic/errno-util.h
+++ b/src/basic/errno-util.h
@@ -50,7 +50,10 @@ static inline int errno_or_else(int fallback) {
/* Hint #1: ENETUNREACH happens if we try to connect to "non-existing" special IP addresses, such as ::5.
*
* Hint #2: The kernel sends e.g., EHOSTUNREACH or ENONET to userspace in some ICMP error cases. See the
- * icmp_err_convert[] in net/ipv4/icmp.c in the kernel sources */
+ * icmp_err_convert[] in net/ipv4/icmp.c in the kernel sources.
+ *
+ * Hint #3: When asynchronous connect() on TCP fails because the host never acknowledges a single packet,
+ * kernel tells us that with ETIMEDOUT, see tcp(7). */
static inline bool ERRNO_IS_DISCONNECT(int r) {
return IN_SET(abs(r),
ECONNABORTED,
@@ -66,7 +69,8 @@ static inline bool ERRNO_IS_DISCONNECT(int r) {
ENOTCONN,
EPIPE,
EPROTO,
- ESHUTDOWN);
+ ESHUTDOWN,
+ ETIMEDOUT);
}
/* Transient errors we might get on accept() that we should ignore. As per error handling comment in
--
2.23.0

36
backport-fix-journal-regression.patch Normal file
View File

@ -0,0 +1,36 @@
From f9281a6e9b80c63512e38304b6ec2e05c4f2acba Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Georg=20M=C3=BCller?= <georgmueller@gmx.net>
Date: Thu, 12 Mar 2020 20:02:21 +0100
Subject: [PATCH] fix journalctl regression (#15099)
This regression was introduced in #14913.
The current_file variable can be NULL, as, for example, with the
following commands:
* journalctl --list-boots
* journalctl -b -1 --no-pager
Since current_file is only checked for pointer equality with f, removing
the assertion is safe here.
Reference: https://github.com/systemd/systemd/commit/f9281a6e9b80c63512e38304b6ec2e05c4f2acba
Conflict: NA
---
src/journal/sd-journal.c | 1 -
1 file changed, 1 deletion(-)
diff --git a/src/journal/sd-journal.c b/src/journal/sd-journal.c
index 72b7613..42056b5 100644
--- a/src/journal/sd-journal.c
+++ b/src/journal/sd-journal.c
@@ -443,7 +443,6 @@ _pure_ static int compare_with_location(const JournalFile *f, const Location *l,
assert(f);
assert(l);
- assert(current_file);
assert(f->location_type == LOCATION_SEEK);
assert(IN_SET(l->type, LOCATION_DISCRETE, LOCATION_SEEK));
--
2.23.0

75
backport-fs-util-make-sure-we-output-normalized-paths-in-chas.patch Normal file
View File

@ -0,0 +1,75 @@
From 47d7ab727cf5bd0697b17854a948971101b4e725 Mon Sep 17 00:00:00 2001
From: Lennart Poettering <lennart@poettering.net>
Date: Tue, 28 Jan 2020 21:56:10 +0100
Subject: [PATCH 1479/1760] fs-util: make sure we output normalized paths in
chase_symlinks()
Let's eat up multiple slashes.
Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=1787089
Replaces: #14687
Reference: https://github.com/systemd/systemd/commit/47d7ab727cf5bd0697b17854a948971101b4e725
Conflict: NA
---
src/basic/fs-util.c | 21 +++++++++++++++++----
1 file changed, 17 insertions(+), 4 deletions(-)
diff --git a/src/basic/fs-util.c b/src/basic/fs-util.c
index 2e74917..6b14abd 100644
--- a/src/basic/fs-util.c
+++ b/src/basic/fs-util.c
@@ -787,6 +787,14 @@ int chase_symlinks(const char *path, const char *original_root, unsigned flags,
if (r < 0)
return r;
+ /* Simplify the root directory, so that it has no duplicate slashes and nothing at the
+ * end. While we won't resolve the root path we still simplify it. Note that dropping the
+ * trailing slash should not change behaviour, since when opening it we specify O_DIRECTORY
+ * anyway. Moreover at the end of this function after processing everything we'll always turn
+ * the empty string back to "/". */
+ delete_trailing_chars(root, "/");
+ path_simplify(root, true);
+
if (flags & CHASE_PREFIX_ROOT) {
/* We don't support relative paths in combination with a root directory */
@@ -823,11 +831,9 @@ int chase_symlinks(const char *path, const char *original_root, unsigned flags,
"Specified path '%s' is outside of specified root directory '%s', refusing to resolve.",
path, root);
- /* Make sure "done" ends without a slash */
done = strdup(root);
if (!done)
return -ENOMEM;
- delete_trailing_chars(done, "/");
/* Make sure "todo" starts with a slash */
absolute = strjoin("/", e);
@@ -846,6 +852,15 @@ int chase_symlinks(const char *path, const char *original_root, unsigned flags,
/* Determine length of first component in the path */
n = strspn(todo, "/"); /* The slashes */
+
+ if (n > 1) {
+ /* If we are looking at more than a single slash then skip all but one, so that when
+ * we are done with everything we have a normalized path with only single slashes
+ * separating the path components. */
+ todo += n - 1;
+ n = 1;
+ }
+
m = n + strcspn(todo + n, "/"); /* The entire length of the component */
/* Extract the first component. */
@@ -1002,8 +1017,6 @@ int chase_symlinks(const char *path, const char *original_root, unsigned flags,
done = strdup(root);
if (!done)
return -ENOMEM;
-
- delete_trailing_chars(done, "/");
}
/* Prefix what's left to do with what we just read, and start the loop again, but
--
2.23.0

99
backport-fs-util-when-calling-chase_symlinks-with-root-path-l.patch Normal file
View File

@ -0,0 +1,99 @@
From c2595d3b02849b7baa94483f03cbc888e0c63ebd Mon Sep 17 00:00:00 2001
From: Lennart Poettering <lennart@poettering.net>
Date: Tue, 28 Jan 2020 21:02:29 +0100
Subject: [PATCH 1477/1760] fs-util: when calling chase_symlinks() with root
path, leave root part unresolved
Previously there was a weird asymmetry: initially we'd resolve the
specified prefix path when chasing symlinks together with the actual
path we were supposed to cover, except when we hit an absolute symlink
where we'd use the root as it was. Let's unify handling here: the prefix
path is never resolved, and always left as it is.
This in particular fixes issues with symlinks in the prefix path, as
that confused the check that made sure we never left the root directory.
Fixes: #14634
Replaces: #14635
Reference: https://github.com/systemd/systemd/commit/c2595d3b02849b7baa94483f03cbc888e0c63ebd
Conflict: NA
---
src/basic/fs-util.c | 34 +++++++++++++++++++++++++++++++---
1 file changed, 31 insertions(+), 3 deletions(-)
diff --git a/src/basic/fs-util.c b/src/basic/fs-util.c
index 5723c84..5ec3285 100644
--- a/src/basic/fs-util.c
+++ b/src/basic/fs-util.c
@@ -810,7 +810,7 @@ int chase_symlinks(const char *path, const char *original_root, unsigned flags,
if (r < 0)
return r;
- fd = open("/", O_CLOEXEC|O_NOFOLLOW|O_PATH);
+ fd = open(root ?: "/", O_CLOEXEC|O_DIRECTORY|O_PATH);
if (fd < 0)
return -errno;
@@ -819,6 +819,33 @@ int chase_symlinks(const char *path, const char *original_root, unsigned flags,
return -errno;
}
+ if (root) {
+ _cleanup_free_ char *absolute = NULL;
+ const char *e;
+
+ /* If we are operating on a root directory, let's take the root directory as it is. */
+
+ e = path_startswith(buffer, root);
+ if (!e)
+ return log_full_errno(flags & CHASE_WARN ? LOG_WARNING : LOG_DEBUG,
+ SYNTHETIC_ERRNO(ECHRNG),
+ "Specified path '%s' is outside of specified root directory '%s', refusing to resolve.",
+ path, root);
+
+ /* Make sure "done" ends without a slash */
+ done = strdup(root);
+ if (!done)
+ return -ENOMEM;
+ delete_trailing_chars(done, "/");
+
+ /* Make sure "todo" starts with a slash */
+ absolute = strjoin("/", e);
+ if (!absolute)
+ return -ENOMEM;
+
+ free_and_replace(buffer, absolute);
+ }
+
todo = buffer;
for (;;) {
_cleanup_free_ char *first = NULL;
@@ -930,7 +957,6 @@ int chase_symlinks(const char *path, const char *original_root, unsigned flags,
if (fstat(child, &st) < 0)
return -errno;
if ((flags & CHASE_SAFE) &&
- (empty_or_root(root) || (size_t)(todo - buffer) > strlen(root)) &&
unsafe_transition(&previous_stat, &st))
return log_unsafe_transition(fd, child, path, flags);
@@ -961,7 +987,7 @@ int chase_symlinks(const char *path, const char *original_root, unsigned flags,
* directory as base. */
safe_close(fd);
- fd = open(root ?: "/", O_CLOEXEC|O_NOFOLLOW|O_PATH);
+ fd = open(root ?: "/", O_CLOEXEC|O_DIRECTORY|O_PATH);
if (fd < 0)
return -errno;
@@ -984,6 +1010,8 @@ int chase_symlinks(const char *path, const char *original_root, unsigned flags,
done = strdup(root);
if (!done)
return -ENOMEM;
+
+ delete_trailing_chars(done, "/");
}
/* Prefix what's left to do with what we just read, and start the loop again, but
--
1.8.3.1

39
backport-journalctl-allow-running-vacuum-on-remote-journals-t.patch Normal file
View File

@ -0,0 +1,39 @@
From c488660e6edb3c1375ab62514a8df035c3d712bf Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Jan=20Kundr=C3=A1t?= <jan.kundrat@cesnet.cz>
Date: Sat, 2 Nov 2019 16:42:01 +0100
Subject: [PATCH 0497/1760] journalctl: allow running vacuum on remote
journals, too
Right now the `systemd-journal-remote` service does not constrain its
resource usage (I just run out of space on my 100GB partition, for
example). This patch does not change that, but it at least makes it
possible to run something like:
journalctl --directory /var/log/journal/remote --rotate --vacuum-size=90G
fixes #2376
Co-authored-by: Mike Auty <ikelos@gentoo.org>
Reference: https://github.com/systemd/systemd/commit/c488660e6edb3c1375ab62514a8df035c3d712bf
Conflict: NA
---
src/journal/journalctl.c | 3 ---
1 file changed, 3 deletions(-)
diff --git a/src/journal/journalctl.c b/src/journal/journalctl.c
index 771c5c1..e5a2f6e 100644
--- a/src/journal/journalctl.c
+++ b/src/journal/journalctl.c
@@ -2240,9 +2240,6 @@ int main(int argc, char *argv[]) {
HASHMAP_FOREACH(d, j->directories_by_path, i) {
int q;
- if (d->is_root)
- continue;
-
q = journal_directory_vacuum(d->path, arg_vacuum_size, arg_vacuum_n_files, arg_vacuum_time, NULL, !arg_quiet);
if (q < 0) {
log_error_errno(q, "Failed to vacuum %s: %m", d->path);
--
1.8.3.1

189
backport-journalctl-implement-facility-foo.patch Normal file
View File

@ -0,0 +1,189 @@
From 196dedd50300e600a0b053af46fdcde6cb2c3034 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= <zbyszek@in.waw.pl>
Date: Thu, 27 Feb 2020 21:36:42 +0100
Subject: [PATCH 1736/1760] journalctl: implement --facility=foo
Fixes #9716.
Reference: https://github.com/systemd/systemd/commit/196dedd50300e600a0b053af46fdcde6cb2c3034
Conflict: NA
---
man/journalctl.xml | 10 +++++++
src/journal/journalctl.c | 78 ++++++++++++++++++++++++++++++++++++++++++++++++
2 files changed, 88 insertions(+)
diff --git a/man/journalctl.xml b/man/journalctl.xml
index 46b22be..2a685d1 100644
--- a/man/journalctl.xml
+++ b/man/journalctl.xml
@@ -598,6 +598,16 @@
</varlistentry>
<varlistentry>
+ <term><option>--facility=</option></term>
+
+ <listitem><para>Filter output by syslog facility. Takes a comma-separated list of numbers or facility
+ names. The names are the usual syslog facilities as documented in
+ <citerefentry project='man-pages'><refentrytitle>syslog</refentrytitle><manvolnum>3</manvolnum></citerefentry>.
+ <option>--facility=help</option> may be used to display a list of known facility names and exit.
+ </para></listitem>
+ </varlistentry>
+
+ <varlistentry>
<term><option>-g</option></term>
<term><option>--grep=</option></term>
diff --git a/src/journal/journalctl.c b/src/journal/journalctl.c
index 4e2a8f6..e5feec8 100644
--- a/src/journal/journalctl.c
+++ b/src/journal/journalctl.c
@@ -62,6 +62,7 @@
#include "sigbus.h"
#include "string-table.h"
#include "strv.h"
+#include "stdio-util.h"
#include "syslog-util.h"
#include "terminal-util.h"
#include "tmpfile-util.h"
@@ -101,6 +102,7 @@ static const char *arg_directory = NULL;
static char **arg_file = NULL;
static bool arg_file_stdin = false;
static int arg_priorities = 0xFF;
+static Set *arg_facilities = NULL;
static char *arg_verify_key = NULL;
#if HAVE_GCRYPT
static usec_t arg_interval = DEFAULT_FSS_INTERVAL_USEC;
@@ -303,6 +305,21 @@ static int parse_boot_descriptor(const char *x, sd_id128_t *boot_id, int *offset
return 1;
}
+static int help_facilities(void) {
+ if (!arg_quiet)
+ puts("Available facilities:");
+
+ for (int i = 0; i < LOG_NFACILITIES; i++) {
+ _cleanup_free_ char *t = NULL;
+
+ if (log_facility_unshifted_to_string_alloc(i, &t))
+ return log_oom();
+ puts(t);
+ }
+
+ return 0;
+}
+
static int help(void) {
_cleanup_free_ char *link = NULL;
int r;
@@ -332,6 +349,7 @@ static int help(void) {
" --user-unit=UNIT Show logs from the specified user unit\n"
" -t --identifier=STRING Show entries with the specified syslog identifier\n"
" -p --priority=RANGE Show entries with the specified priority\n"
+ " --facility=FACILITY... Show entries with the specified facilities\n"
" -g --grep=PATTERN Show entries with MESSAGE matching PATTERN\n"
" --case-sensitive[=BOOL] Force case sensitive or insenstive matching\n"
" -e --pager-end Immediately jump to the end in the pager\n"
@@ -404,6 +422,7 @@ static int parse_argv(int argc, char *argv[]) {
ARG_SYSTEM,
ARG_ROOT,
ARG_HEADER,
+ ARG_FACILITY,
ARG_SETUP_KEYS,
ARG_FILE,
ARG_INTERVAL,
@@ -461,6 +480,7 @@ static int parse_argv(int argc, char *argv[]) {
{ "header", no_argument, NULL, ARG_HEADER },
{ "identifier", required_argument, NULL, 't' },
{ "priority", required_argument, NULL, 'p' },
+ { "facility", required_argument, NULL, ARG_FACILITY },
{ "grep", required_argument, NULL, 'g' },
{ "case-sensitive", optional_argument, NULL, ARG_CASE_SENSITIVE },
{ "setup-keys", no_argument, NULL, ARG_SETUP_KEYS },
@@ -832,6 +852,41 @@ static int parse_argv(int argc, char *argv[]) {
break;
}
+ case ARG_FACILITY: {
+ const char *p;
+
+ for (p = optarg;;) {
+ _cleanup_free_ char *fac = NULL;
+ int num;
+
+ r = extract_first_word(&p, &fac, ",", 0);
+ if (r < 0)
+ return log_error_errno(r, "Failed to parse facilities: %s", optarg);
+ if (r == 0)
+ break;
+
+ if (streq(fac, "help")) {
+ help_facilities();
+ return 0;
+ }
+
+ num = log_facility_unshifted_from_string(fac);
+ if (num < 0)
+ return log_error_errno(SYNTHETIC_ERRNO(EINVAL),
+ "Bad --facility= argument \"%s\".", fac);
+
+ r = set_ensure_allocated(&arg_facilities, NULL);
+ if (r < 0)
+ return log_oom();
+
+ r = set_put(arg_facilities, INT_TO_PTR(num));
+ if (r < 0)
+ return log_oom();
+ }
+
+ break;
+ }
+
#if HAVE_PCRE2
case 'g':
arg_pattern = optarg;
@@ -1676,6 +1731,24 @@ static int add_priorities(sd_journal *j) {
return 0;
}
+static int add_facilities(sd_journal *j) {
+ void *p;
+ Iterator it;
+ int r;
+
+ SET_FOREACH(p, arg_facilities, it) {
+ char match[STRLEN("SYSLOG_FACILITY=") + DECIMAL_STR_MAX(int)];
+
+ xsprintf(match, "SYSLOG_FACILITY=%d", PTR_TO_INT(p));
+
+ r = sd_journal_add_match(j, match, strlen(match));
+ if (r < 0)
+ return log_error_errno(r, "Failed to add match: %m");
+ }
+
+ return 0;
+}
+
static int add_syslog_identifier(sd_journal *j) {
int r;
char **i;
@@ -2314,6 +2387,10 @@ int main(int argc, char *argv[]) {
if (r < 0)
goto finish;
+ r = add_facilities(j);
+ if (r < 0)
+ goto finish;
+
r = add_matches(j, argv + optind);
if (r < 0)
goto finish;
@@ -2681,6 +2758,7 @@ finish:
strv_free(arg_file);
+ set_free(arg_facilities);
strv_free(arg_syslog_identifier);
strv_free(arg_system_units);
strv_free(arg_user_units);
--
1.8.3.1

59
backport-journalctl-show-duplicate-entries-if-they-are-from-t.patch Normal file
View File

@ -0,0 +1,59 @@
From b6849042d610da90d5821a03967d648d424f7864 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Georg=20M=C3=BCller?= <georgmueller@gmx.net>
Date: Thu, 20 Feb 2020 19:19:41 +0100
Subject: [PATCH] journalctl: show duplicate entries if they are from the same
file (#14898)
When having a service which intentionally outputs multiple equal lines,
all these messages might be inserted with the same timestamp.
journalctl has a mechanism to avoid duplicate lines, which might be in
different journal files.
This patch allows duplicate lines, if they are from the same file.
Reference: https://github.com/systemd/systemd/commit/b6849042d610da90d5821a03967d648d424f7864
Conflict: NA
---
src/journal/sd-journal.c | 8 +++++---
1 file changed, 5 insertions(+), 3 deletions(-)
diff --git a/src/journal/sd-journal.c b/src/journal/sd-journal.c
index 3fa98dfda2..17998090f4 100644
--- a/src/journal/sd-journal.c
+++ b/src/journal/sd-journal.c
@@ -435,11 +435,12 @@ _public_ void sd_journal_flush_matches(sd_journal *j) {
detach_location(j);
}
-_pure_ static int compare_with_location(JournalFile *f, Location *l) {
+_pure_ static int compare_with_location(const JournalFile *f, const Location *l, const JournalFile *current_file) {
int r;
assert(f);
assert(l);
+ assert(current_file);
assert(f->location_type == LOCATION_SEEK);
assert(IN_SET(l->type, LOCATION_DISCRETE, LOCATION_SEEK));
@@ -448,7 +449,8 @@ _pure_ static int compare_with_location(JournalFile *f, Location *l) {
l->realtime_set &&
f->current_realtime == l->realtime &&
l->xor_hash_set &&
- f->current_xor_hash == l->xor_hash)
+ f->current_xor_hash == l->xor_hash &&
+ f != current_file)
return 0;
if (l->seqnum_set &&
@@ -787,7 +789,7 @@ static int next_beyond_location(sd_journal *j, JournalFile *f, direction_t direc
if (j->current_location.type == LOCATION_DISCRETE) {
int k;
- k = compare_with_location(f, &j->current_location);
+ k = compare_with_location(f, &j->current_location, j->current_file);
found = direction == DIRECTION_DOWN ? k > 0 : k < 0;
} else
--
2.19.1

188
backport-logind-check-PolicyKit-before-allowing-VT-switch.patch Normal file
View File

@ -0,0 +1,188 @@
From 4acf0cfd2f92edb94ad48d04f1ce6c9ab4e19d55 Mon Sep 17 00:00:00 2001
From: Lennart Poettering <lennart@poettering.net>
Date: Wed, 22 Jan 2020 12:04:38 +0100
Subject: [PATCH] logind: check PolicyKit before allowing VT switch
Let's lock this down a bit. Effectively nothing much changes, since the
default PK policy will allow users on the VT to change VT. Only users
with no local VT session won't be able to switch VTs.
Reference: https://github.com/systemd/systemd/commit/4acf0cfd2f92edb94ad48d04f1ce6c9ab4e19d55
Conflict: NA
---
src/login/logind-dbus.c | 16 +++++++
src/login/logind-seat-dbus.c | 58 ++++++++++++++++++++++++-
src/login/logind-session-dbus.c | 14 ++++++
src/login/org.freedesktop.login1.policy | 10 +++++
4 files changed, 97 insertions(+), 1 deletion(-)
diff --git a/src/login/logind-dbus.c b/src/login/logind-dbus.c
index 8017aa5c3c..52a7ea3c77 100644
--- a/src/login/logind-dbus.c
+++ b/src/login/logind-dbus.c
@@ -1016,6 +1016,8 @@ static int method_activate_session(sd_bus_message *message, void *userdata, sd_b
if (r < 0)
return r;
+ /* PolicyKit is done by bus_session_method_activate() */
+
return bus_session_method_activate(message, session, error);
}
@@ -1047,6 +1049,20 @@ static int method_activate_session_on_seat(sd_bus_message *message, void *userda
return sd_bus_error_setf(error, BUS_ERROR_SESSION_NOT_ON_SEAT,
"Session %s not on seat %s", session_name, seat_name);
+ r = bus_verify_polkit_async(
+ message,
+ CAP_SYS_ADMIN,
+ "org.freedesktop.login1.chvt",
+ NULL,
+ false,
+ UID_INVALID,
+ &m->polkit_registry,
+ error);
+ if (r < 0)
+ return r;
+ if (r == 0)
+ return 1; /* Will call us back */
+
r = session_activate(session);
if (r < 0)
return r;
diff --git a/src/login/logind-seat-dbus.c b/src/login/logind-seat-dbus.c
index 5b41e60fd6..0a5df937cc 100644
--- a/src/login/logind-seat-dbus.c
+++ b/src/login/logind-seat-dbus.c
@@ -178,6 +178,20 @@ static int method_activate_session(sd_bus_message *message, void *userdata, sd_b
if (session->seat != s)
return sd_bus_error_setf(error, BUS_ERROR_SESSION_NOT_ON_SEAT, "Session %s not on seat %s", name, s->id);
+ r = bus_verify_polkit_async(
+ message,
+ CAP_SYS_ADMIN,
+ "org.freedesktop.login1.chvt",
+ NULL,
+ false,
+ UID_INVALID,
+ &s->manager->polkit_registry,
+ error);
+ if (r < 0)
+ return r;
+ if (r == 0)
+ return 1; /* Will call us back */
+
r = session_activate(session);
if (r < 0)
return r;
@@ -198,7 +212,21 @@ static int method_switch_to(sd_bus_message *message, void *userdata, sd_bus_erro
return r;
if (to <= 0)
- return -EINVAL;
+ return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "Invalid virtual terminal");
+
+ r = bus_verify_polkit_async(
+ message,
+ CAP_SYS_ADMIN,
+ "org.freedesktop.login1.chvt",
+ NULL,
+ false,
+ UID_INVALID,
+ &s->manager->polkit_registry,
+ error);
+ if (r < 0)
+ return r;
+ if (r == 0)
+ return 1; /* Will call us back */
r = seat_switch_to(s, to);
if (r < 0)
@@ -214,6 +242,20 @@ static int method_switch_to_next(sd_bus_message *message, void *userdata, sd_bus
assert(message);
assert(s);
+ r = bus_verify_polkit_async(
+ message,
+ CAP_SYS_ADMIN,
+ "org.freedesktop.login1.chvt",
+ NULL,
+ false,
+ UID_INVALID,
+ &s->manager->polkit_registry,
+ error);
+ if (r < 0)
+ return r;
+ if (r == 0)
+ return 1; /* Will call us back */
+
r = seat_switch_to_next(s);
if (r < 0)
return r;
@@ -228,6 +270,20 @@ static int method_switch_to_previous(sd_bus_message *message, void *userdata, sd
assert(message);
assert(s);
+ r = bus_verify_polkit_async(
+ message,
+ CAP_SYS_ADMIN,
+ "org.freedesktop.login1.chvt",
+ NULL,
+ false,
+ UID_INVALID,
+ &s->manager->polkit_registry,
+ error);
+ if (r < 0)
+ return r;
+ if (r == 0)
+ return 1; /* Will call us back */
+
r = seat_switch_to_previous(s);
if (r < 0)
return r;
diff --git a/src/login/logind-session-dbus.c b/src/login/logind-session-dbus.c
index 3738514282..80ec89ba0a 100644
--- a/src/login/logind-session-dbus.c
+++ b/src/login/logind-session-dbus.c
@@ -191,6 +191,20 @@ int bus_session_method_activate(sd_bus_message *message, void *userdata, sd_bus_
assert(message);
assert(s);
+ r = bus_verify_polkit_async(
+ message,
+ CAP_SYS_ADMIN,
+ "org.freedesktop.login1.chvt",
+ NULL,
+ false,
+ UID_INVALID,
+ &s->manager->polkit_registry,
+ error);
+ if (r < 0)
+ return r;
+ if (r == 0)
+ return 1; /* Will call us back */
+
r = session_activate(s);
if (r < 0)
return r;
diff --git a/src/login/org.freedesktop.login1.policy b/src/login/org.freedesktop.login1.policy
index 6dc79aa32a..a269c8e313 100644
--- a/src/login/org.freedesktop.login1.policy
+++ b/src/login/org.freedesktop.login1.policy
@@ -391,4 +391,14 @@
</defaults>
</action>
+ <action id="org.freedesktop.login1.chvt">
+ <description gettext-domain="systemd">Change Session</description>
+ <message gettext-domain="systemd">Authentication is required for changing the virtual terminal.</message>
+ <defaults>
+ <allow_any>auth_admin_keep</allow_any>
+ <allow_inactive>auth_admin_keep</allow_inactive>
+ <allow_active>yes</allow_active>
+ </defaults>
+ </action>
+
</policyconfig>
--
2.23.0

47
backport-sd-bus-break-the-loop-in-bus_ensure_running-if-the-b.patch Normal file
View File

@ -0,0 +1,47 @@
From 93a59b1ae5d3bcb0ec1488ebc13d0d1ff4d1729a Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= <zbyszek@in.waw.pl>
Date: Wed, 14 Oct 2020 14:03:13 +0200
Subject: [PATCH] sd-bus: break the loop in bus_ensure_running() if the bus is
not connecting
This might fix #17025:
> the call trace is
> bus_ensure_running -> sd_bus_process -> bus_process_internal -> process_closeing --> sd_bus_close
> |
> \-> process_match
We ended doing callouts to the Disconnected matches from bus_ensure_running()
and shouldn't. bus_ensure_running() should never do callouts. This change
should fix this however: once we notice that the connection is going down we
will now fail instantly with ENOTOCONN instead of calling any callbacks.
URL: https://github.com/systemd/systemd/commit/93a59b1ae5d3bcb0ec1488ebc13d0d1ff4d1729a
Reference: https://github.com/systemd/systemd/commit/93a59b1ae5d3bcb0ec1488ebc13d0d1ff4d1729a
Conflict: NA
---
src/libsystemd/sd-bus/sd-bus.c | 5 +++--
1 file changed, 3 insertions(+), 2 deletions(-)
diff --git a/src/libsystemd/sd-bus/sd-bus.c b/src/libsystemd/sd-bus/sd-bus.c
index 015a215c42..f9d426f4f2 100644
--- a/src/libsystemd/sd-bus/sd-bus.c
+++ b/src/libsystemd/sd-bus/sd-bus.c
@@ -2120,12 +2120,13 @@ int bus_ensure_running(sd_bus *bus) {
assert(bus);
- if (IN_SET(bus->state, BUS_UNSET, BUS_CLOSED, BUS_CLOSING))
- return -ENOTCONN;
if (bus->state == BUS_RUNNING)
return 1;
for (;;) {
+ if (IN_SET(bus->state, BUS_UNSET, BUS_CLOSED, BUS_CLOSING))
+ return -ENOTCONN;
+
r = sd_bus_process(bus, NULL);
if (r < 0)
return r;
--
2.23.0

58
backport-systemctl-skip-non-existent-units-in-the-cat-verb.patch Normal file
View File

@ -0,0 +1,58 @@
From a25457f5b7689265bd2235c4da218896e7c5c1d0 Mon Sep 17 00:00:00 2001
From: Frantisek Sumsal <frantisek@sumsal.cz>
Date: Sat, 28 Dec 2019 12:29:19 +0100
Subject: [PATCH 1110/1760] systemctl: skip non-existent units in the 'cat'
verb
When processing list of units (either provided manually or as a
wildcard), let's skip units for which we don't have an on-disk
counterpart, but note the -ENOENT error code and propagate it back to
the user.
Fixes: #14082
Reference: https://github.com/systemd/systemd/commit/a25457f5b7689265bd2235c4da218896e7c5c1d0
Conflict: NA
---
src/systemctl/systemctl.c | 12 ++++++++----
1 file changed, 8 insertions(+), 4 deletions(-)
diff --git a/src/systemctl/systemctl.c b/src/systemctl/systemctl.c
index 20e0d45..3e4fc46 100644
--- a/src/systemctl/systemctl.c
+++ b/src/systemctl/systemctl.c
@@ -5937,7 +5937,7 @@ static int cat(int argc, char *argv[], void *userdata) {
char **name;
sd_bus *bus;
bool first = true;
- int r;
+ int r, rc = 0;
/* Include all units by default — i.e. continue as if the --all
* option was used */
@@ -5982,8 +5982,12 @@ static int cat(int argc, char *argv[], void *userdata) {
}
if (r < 0)
return r;
- if (r == 0)
- return -ENOENT;
+ if (r == 0) {
+ /* Skip units which have no on-disk counterpart, but
+ * propagate the error to the user */
+ rc = -ENOENT;
+ continue;
+ }
if (first)
first = false;
@@ -6009,7 +6013,7 @@ static int cat(int argc, char *argv[], void *userdata) {
return r;
}
- return 0;
+ return rc;
}
static int set_property(int argc, char *argv[], void *userdata) {
--
1.8.3.1

35
backport-test-add-test-for-the-non-resolving-of-chase_symlink.patch Normal file
View File

@ -0,0 +1,35 @@
From 6efb1257d10cd1ecdae6208d083af36f15e4c05f Mon Sep 17 00:00:00 2001
From: Lennart Poettering <lennart@poettering.net>
Date: Tue, 28 Jan 2020 21:40:58 +0100
Subject: [PATCH 1478/1760] test: add test for the non-resolving of
chase_symlink() root prefix
Reference: https://github.com/systemd/systemd/commit/6efb1257d10cd1ecdae6208d083af36f15e4c05f
Conflict: NA
---
src/test/test-fs-util.c | 9 +++++++++
1 file changed, 9 insertions(+)
diff --git a/src/test/test-fs-util.c b/src/test/test-fs-util.c
index ac8b95a..d5492d9 100644
--- a/src/test/test-fs-util.c
+++ b/src/test/test-fs-util.c
@@ -371,6 +371,15 @@ static void test_chase_symlinks(void) {
assert_se(streq("/usr", result));
result = mfree(result);
+ /* Make sure that symlinks in the "root" path are not resolved, but those below are */
+ p = strjoina("/etc/..", temp, "/self");
+ assert_se(symlink(".", p) >= 0);
+ q = strjoina(p, "/top/dot/dotdota");
+ r = chase_symlinks(q, p, 0, &result);
+ assert_se(r > 0);
+ assert_se(path_equal(path_startswith(result, p), "usr"));
+ result = mfree(result);
+
cleanup:
assert_se(rm_rf(temp, REMOVE_ROOT|REMOVE_PHYSICAL) >= 0);
}
--
1.8.3.1

38
backport-test-fix-rename_noreplace-test.patch Normal file
View File

@ -0,0 +1,38 @@
From bcb1eadc0cf8053d219c0b2cab1c46235506981d Mon Sep 17 00:00:00 2001
From: Lennart Poettering <lennart@poettering.net>
Date: Tue, 28 Jan 2020 21:40:03 +0100
Subject: [PATCH 1481/1760] test: fix rename_noreplace() test
This corrects the fix b81b9d406de, making the test operate like it was
originally.
Reference: https://github.com/systemd/systemd/commit/bcb1eadc0cf8053d219c0b2cab1c46235506981d
Conflict: NA
---
src/test/test-fs-util.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/src/test/test-fs-util.c b/src/test/test-fs-util.c
index 1a5fd56..d0c6fb8 100644
--- a/src/test/test-fs-util.c
+++ b/src/test/test-fs-util.c
@@ -739,7 +739,7 @@ static void test_rename_noreplace(void) {
STRV_FOREACH(b, (char**) table) {
_cleanup_free_ char *w = NULL;
- w = strjoin(w, *b);
+ w = strjoin(z, *b);
assert_se(w);
if (access(w, F_OK) < 0) {
@@ -747,7 +747,7 @@ static void test_rename_noreplace(void) {
continue;
}
- assert_se(rename_noreplace(AT_FDCWD, w, AT_FDCWD, y) == -EEXIST);
+ assert_se(rename_noreplace(AT_FDCWD, x, AT_FDCWD, w) == -EEXIST);
}
y = strjoin(z, "/somethingelse");
--
1.8.3.1

27
backport-test-make-sure-chase_symlink-returns-normalized-path.patch Normal file
View File

@ -0,0 +1,27 @@
From 3c7b4ebf94d167df835c4a5a21b813f803c23b05 Mon Sep 17 00:00:00 2001
From: Lennart Poettering <lennart@poettering.net>
Date: Tue, 28 Jan 2020 22:00:02 +0100
Subject: [PATCH 1480/1760] test: make sure chase_symlink() returns normalized
paths
Reference: https://github.com/systemd/systemd/commit/3c7b4ebf94d167df835c4a5a21b813f803c23b05
Conflict: NA
---
src/test/test-fs-util.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/src/test/test-fs-util.c b/src/test/test-fs-util.c
index 8207beb..670a278 100644
--- a/src/test/test-fs-util.c
+++ b/src/test/test-fs-util.c
@@ -148,6 +148,7 @@ static void test_chase_symlinks(void) {
r = chase_symlinks(p, NULL, 0, &result);
assert_se(r > 0);
assert_se(path_equal(result, "/usr"));
+ assert_se(streq(result, "/usr")); /* we guarantee that we drop redundant slashes */
result = mfree(result);
r = chase_symlinks(p, temp, 0, &result);
--
2.23.0

30
systemd.spec
View File

@ -16,7 +16,7 @@
Name: systemd
Url: https://www.freedesktop.org/wiki/Software/systemd
Version: 243
Release: 65
Release: 66
License: MIT and LGPLv2+ and GPLv2+
Summary: System and Service Manager
@ -247,6 +247,19 @@ Patch0199: backport-Fix-generator-name-in-hibernate-resume-generator-s-d.pa
Patch0200: backport-udevadm-show-more-error-message-during-exporting-dat.patch
Patch0201: backport-udevd-don-t-kill-worker-in-manager_kill_workers-when.patch
Patch0202: backport-execute-Make-exec-prefix-ignore-PrivateTmp-yes.patch
Patch0203: backport-journalctl-allow-running-vacuum-on-remote-journals-t.patch
Patch0204: backport-systemctl-skip-non-existent-units-in-the-cat-verb.patch
Patch0205: backport-journalctl-implement-facility-foo.patch
Patch0206: backport-journalctl-show-duplicate-entries-if-they-are-from-t.patch
Patch0207: backport-fix-journal-regression.patch
Patch0208: backport-fs-util-when-calling-chase_symlinks-with-root-path-l.patch
Patch0209: backport-test-add-test-for-the-non-resolving-of-chase_symlink.patch
Patch0210: backport-fs-util-make-sure-we-output-normalized-paths-in-chas.patch
Patch0211: backport-test-make-sure-chase_symlink-returns-normalized-path.patch
Patch0212: backport-test-fix-rename_noreplace-test.patch
Patch0213: backport-logind-check-PolicyKit-before-allowing-VT-switch.patch
Patch0214: backport-errno-ETIMEDOUT-is-also-a-connection-error.patch
Patch0215: backport-sd-bus-break-the-loop-in-bus_ensure_running-if-the-b.patch
#openEuler
Patch9002: 1509-fix-journal-file-descriptors-leak-problems.patch
@ -1654,6 +1667,21 @@ fi
%exclude /usr/share/man/man3/*
%changelog
* Thu Dec 7 2023 huyubiao <huyubiao@huawei.com> - 243-66
- add backport-journalctl-allow-running-vacuum-on-remote-journals-t.patch
backport-systemctl-skip-non-existent-units-in-the-cat-verb.patch
backport-journalctl-implement-facility-foo.patch
backport-journalctl-show-duplicate-entries-if-they-are-from-t.patch
backport-fix-journal-regression.patch
backport-fs-util-when-calling-chase_symlinks-with-root-path-l.patch
backport-test-add-test-for-the-non-resolving-of-chase_symlink.patch
backport-fs-util-make-sure-we-output-normalized-paths-in-chas.patch
backport-test-make-sure-chase_symlink-returns-normalized-path.patch
backport-test-fix-rename_noreplace-test.patch
backport-logind-check-PolicyKit-before-allowing-VT-switch.patch
backport-errno-ETIMEDOUT-is-also-a-connection-error.patch
backport-sd-bus-break-the-loop-in-bus_ensure_running-if-the-b.patch
* Thu Dec 7 2023 huyubiao <huyubiao@huawei.com> - 243-65
- add backport-execute-Make-exec-prefix-ignore-PrivateTmp-yes.patch