Uprev systemd to version 219-67.el7

This solves:
systemd: line splitting via fgets() allows for state injection
during daemon-reexec (CVE-2018-15686)

along with some other less critical issues.  See the security
announcement link:

https://lists.centos.org/pipermail/centos-cr-announce/2019-August/006149.html

for more details.

Here we rebase the patches, and fix the atrocious crime of
"name of patch file doesn't match what git format-patch generates".
We also squash down the meta patches which add the patches to the
spec file as part of good housekeeping.

We also change the systemd-config spec file to align with the
new version of systemd.

(cherry-pick of commit 0231aba5cd
 with additional changes to systemd-config included)

Change-Id: I950dde536c6c63ab7c3de6ccb9f4d07c7c08d202
Closes-Bug: 1849200
Depends-On: https://review.opendev.org/#/c/699875
Signed-off-by: Jim Somerville <Jim.Somerville@windriver.com>
This commit is contained in:
Jim Somerville 2019-11-21 15:54:15 -05:00
parent 1392120be3
commit c0ef6401bf
14 changed files with 87 additions and 117 deletions

View File

@ -1,2 +1,2 @@
SRC_DIR="files"
TIS_PATCH_VER=0
TIS_PATCH_VER=1

View File

@ -14,7 +14,7 @@ URL: unknown
Source: %name-%version.tar.gz
BuildArch: noarch
BuildRequires: systemd = 219-62.el7_6.5
BuildRequires: systemd = 219-67.el7
Requires: systemd
%define debug_package %{nil}

View File

@ -1,2 +1,2 @@
TIS_PATCH_VER=11
TIS_PATCH_VER=1
BUILD_IS_SLOW=7

View File

@ -0,0 +1,32 @@
From 3c0e59a677c921f60f27002a27eb5f4776475e44 Mon Sep 17 00:00:00 2001
Message-Id: <3c0e59a677c921f60f27002a27eb5f4776475e44.1574265913.git.Jim.Somerville@windriver.com>
In-Reply-To: <eeb3e979288cb8c14d8546d12a27da4c88fbb0e4.1574265913.git.Jim.Somerville@windriver.com>
References: <eeb3e979288cb8c14d8546d12a27da4c88fbb0e4.1574265913.git.Jim.Somerville@windriver.com>
From: Jim Somerville <Jim.Somerville@windriver.com>
Date: Wed, 20 Nov 2019 10:59:45 -0500
Subject: [PATCH 3/3] Add STX patches
Signed-off-by: Jim Somerville <Jim.Somerville@windriver.com>
---
SPECS/systemd.spec | 5 +++++
1 file changed, 5 insertions(+)
diff --git a/SPECS/systemd.spec b/SPECS/systemd.spec
index 4c83150..e1e98bb 100644
--- a/SPECS/systemd.spec
+++ b/SPECS/systemd.spec
@@ -786,6 +786,11 @@ Patch0744: 0744-selinux-don-t-log-SELINUX_INFO-and-SELINUX_WARNING-m.patch
Patch0745: 0745-fix-mis-merge.patch
Patch0746: 0746-fs-util-chase_symlinks-prevent-double-free.patch
+# STX Patches
+Patch0801: 801-inject-millisec-in-syslog-date.patch
+Patch0802: 802-fix-build-error-for-unused-variable.patch
+Patch0803: 803-Fix-compile-failure-due-to-deprecated-value.patch
+
Patch9999: 9999-Update-kernel-install-script-by-backporting-fedora-p.patch
%global num_patches %{lua: c=0; for i,p in ipairs(patches) do c=c+1; end; print(c);}
--
1.8.3.1

View File

@ -1,5 +1,3 @@
update-package-versioning-for-TIS-format.patch
update-package-versioning-for-STX.patch
Protect-sections-of-systemd-post-from-running-on-pat.patch
spec-millisec-in-syslog-date.patch
fix-build-error-for-unused-variable.patch
fix-build-error-for-CentOS76.patch
Add-STX-patches.patch

View File

@ -1,18 +1,21 @@
From e54be64fa16349c94826b17a4dc206a7513f0d9c Mon Sep 17 00:00:00 2001
From eece9585b5f9258c7180247b1664e92b5ef83efe Mon Sep 17 00:00:00 2001
Message-Id: <eece9585b5f9258c7180247b1664e92b5ef83efe.1574265913.git.Jim.Somerville@windriver.com>
In-Reply-To: <eeb3e979288cb8c14d8546d12a27da4c88fbb0e4.1574265913.git.Jim.Somerville@windriver.com>
References: <eeb3e979288cb8c14d8546d12a27da4c88fbb0e4.1574265913.git.Jim.Somerville@windriver.com>
From: Scott Little <scott.little@windriver.com>
Date: Mon, 2 Oct 2017 17:53:00 -0400
Subject: [PATCH] WRS:
0004-Protect-sections-of-systemd-post-from-running-on-pat.patch
Subject: [PATCH 2/3] Protect sections of systemd post from running on patch
Signed-off-by: Jim Somerville <Jim.Somerville@windriver.com>
---
SPECS/systemd.spec | 4 ++++
1 file changed, 4 insertions(+)
diff --git a/SPECS/systemd.spec b/SPECS/systemd.spec
index 6e1d7e1..6a04c16 100644
index 16262fb..4c83150 100644
--- a/SPECS/systemd.spec
+++ b/SPECS/systemd.spec
@@ -1221,6 +1221,7 @@ fi
@@ -1297,6 +1297,7 @@ fi
rm -f /etc/sysconfig/i18n >/dev/null 2>&1 || :
rm -f /etc/sysconfig/keyboard >/dev/null 2>&1 || :
@ -20,7 +23,7 @@ index 6e1d7e1..6a04c16 100644
# Migrate HOSTNAME= from /etc/sysconfig/network
if [ -e /etc/sysconfig/network -a ! -e /etc/hostname ]; then
unset HOSTNAME
@@ -1228,6 +1229,7 @@ if [ -e /etc/sysconfig/network -a ! -e /etc/hostname ]; then
@@ -1304,6 +1305,7 @@ if [ -e /etc/sysconfig/network -a ! -e /etc/hostname ]; then
[ -n "$HOSTNAME" ] && echo $HOSTNAME > /etc/hostname 2>&1 || :
fi
sed -i '/^HOSTNAME=/d' /etc/sysconfig/network >/dev/null 2>&1 || :
@ -28,7 +31,7 @@ index 6e1d7e1..6a04c16 100644
# Migrate the old systemd-setup-keyboard X11 configuration fragment
if [ ! -e /etc/X11/xorg.conf.d/00-keyboard.conf ] ; then
@@ -1236,6 +1238,7 @@ else
@@ -1312,6 +1314,7 @@ else
rm -f /etc/X11/xorg.conf.d/00-system-setup-keyboard.conf >/dev/null 2>&1 || :
fi
@ -36,7 +39,7 @@ index 6e1d7e1..6a04c16 100644
# sed-fu to add myhostname to the hosts line of /etc/nsswitch.conf
# Only do that when installing, not when updating.
if [ $1 -eq 1 -a -f /etc/nsswitch.conf ] ; then
@@ -1245,6 +1248,7 @@ if [ $1 -eq 1 -a -f /etc/nsswitch.conf ] ; then
@@ -1321,6 +1324,7 @@ if [ $1 -eq 1 -a -f /etc/nsswitch.conf ] ; then
s/[[:blank:]]*$/ myhostname/
' /etc/nsswitch.conf >/dev/null 2>&1 || :
fi
@ -45,5 +48,5 @@ index 6e1d7e1..6a04c16 100644
%posttrans
# Convert old /etc/sysconfig/desktop settings
--
2.7.4
1.8.3.1

View File

@ -1,25 +0,0 @@
From 0816ac70222fec2609ed893c30d55f8c37fba632 Mon Sep 17 00:00:00 2001
From: Shuicheng Lin <shuicheng.lin@intel.com>
Date: Tue, 8 Jan 2019 21:06:06 +0800
Subject: [PATCH] Add patch to fix build failure in CentOS 7.6
Signed-off-by: Shuicheng Lin <shuicheng.lin@intel.com>
---
SPECS/systemd.spec | 1 +
1 file changed, 1 insertion(+)
diff --git a/SPECS/systemd.spec b/SPECS/systemd.spec
index f794c3b..8e3715b 100644
--- a/SPECS/systemd.spec
+++ b/SPECS/systemd.spec
@@ -715,6 +715,7 @@ Patch0672: 0672-sd-bus-if-we-receive-an-invalid-dbus-message-ignore-.patch
#WRS Patches
Patch0701: 0701-inject-millisec-in-syslog-date.patch
Patch0702: 0702-fix-build-error-for-unused-variable.patch
+Patch0703: 0703-fix-build-error-for-CentOS7.6.patch
%global num_patches %{lua: c=0; for i,p in ipairs(patches) do c=c+1; end; print(c);}
--
2.7.4

View File

@ -1,25 +0,0 @@
From 6aead74fb56ae75cc16be507165d3fc75c38fac0 Mon Sep 17 00:00:00 2001
From: slin14 <shuicheng.lin@intel.com>
Date: Thu, 9 Aug 2018 18:40:36 +0800
Subject: [PATCH] Add 0702-fix-build-error-for-unused-variable.patch
Signed-off-by: slin14 <shuicheng.lin@intel.com>
---
SPECS/systemd.spec | 1 +
1 file changed, 1 insertion(+)
diff --git a/SPECS/systemd.spec b/SPECS/systemd.spec
index ffd0770..3f7cc10 100644
--- a/SPECS/systemd.spec
+++ b/SPECS/systemd.spec
@@ -714,6 +714,7 @@ Patch0672: 0672-sd-bus-if-we-receive-an-invalid-dbus-message-ignore-.patch
#WRS Patches
Patch0701: 0701-inject-millisec-in-syslog-date.patch
+Patch0702: 0702-fix-build-error-for-unused-variable.patch
%global num_patches %{lua: c=0; for i,p in ipairs(patches) do c=c+1; end; print(c);}
--
2.7.4

View File

@ -1,26 +0,0 @@
From 6f9a8e792bad1f4bb8d9dad4f2430d89a1058d0c Mon Sep 17 00:00:00 2001
From: Scott Little <scott.little@windriver.com>
Date: Mon, 2 Oct 2017 17:53:00 -0400
Subject: [PATCH] WRS: 0005-spec-millisec-in-syslog-date.patch
---
SPECS/systemd.spec | 3 +++
1 file changed, 3 insertions(+)
diff --git a/SPECS/systemd.spec b/SPECS/systemd.spec
index 6a04c16..845d1dd 100644
--- a/SPECS/systemd.spec
+++ b/SPECS/systemd.spec
@@ -712,6 +712,9 @@ Patch0670: 0670-Refuse-dbus-message-paths-longer-than-BUS_PATH_SIZE_.patch
Patch0671: 0671-Allocate-temporary-strings-to-hold-dbus-paths-on-the.patch
Patch0672: 0672-sd-bus-if-we-receive-an-invalid-dbus-message-ignore-.patch
+#WRS Patches
+Patch0701: 0701-inject-millisec-in-syslog-date.patch
+
%global num_patches %{lua: c=0; for i,p in ipairs(patches) do c=c+1; end; print(c);}
BuildRequires: libcap-devel
--
2.7.4

View File

@ -1,25 +1,27 @@
From e1b3591beb36a45f7cc4bf9340dd640b359955b7 Mon Sep 17 00:00:00 2001
From eeb3e979288cb8c14d8546d12a27da4c88fbb0e4 Mon Sep 17 00:00:00 2001
Message-Id: <eeb3e979288cb8c14d8546d12a27da4c88fbb0e4.1574265913.git.Jim.Somerville@windriver.com>
From: Scott Little <scott.little@windriver.com>
Date: Mon, 2 Oct 2017 17:53:00 -0400
Subject: [PATCH] WRS: 0001-update-package-versioning-for-TIS-format.patch
Subject: [PATCH 1/3] update package versioning for STX
Signed-off-by: Jim Somerville <Jim.Somerville@windriver.com>
---
SPECS/systemd.spec | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/SPECS/systemd.spec b/SPECS/systemd.spec
index 6bdbb74..3b2aa7f 100644
index b1ffe88..16262fb 100644
--- a/SPECS/systemd.spec
+++ b/SPECS/systemd.spec
@@ -7,7 +7,7 @@
Name: systemd
Url: http://www.freedesktop.org/wiki/Software/systemd
Version: 219
-Release: 62%{?dist}.5
+Release: 62.el7_6.5%{?_tis_dist}.%{tis_patch_ver}
-Release: 67%{?dist}
+Release: 67.el7%{?_tis_dist}.%{tis_patch_ver}
# For a breakdown of the licensing, see README
License: LGPLv2+ and MIT and GPLv2+
Summary: A System and Service Manager
--
2.7.4
--
1.8.3.1

View File

@ -1,14 +1,16 @@
From 08353c7cc596d2d09fd7f22a9bfde4d83bd9ebda Mon Sep 17 00:00:00 2001
From 8b63ddb68a39d48ebb621d76a2b1f07f5ff67ac7 Mon Sep 17 00:00:00 2001
Message-Id: <8b63ddb68a39d48ebb621d76a2b1f07f5ff67ac7.1574264572.git.Jim.Somerville@windriver.com>
From: systemd team <systemd-maint@redhat.com>
Date: Tue, 8 Nov 2016 17:06:01 -0500
Subject: [PATCH 1/1] inject millisec in syslog date
Subject: [PATCH 1/3] inject millisec in syslog date
Signed-off-by: Jim Somerville <Jim.Somerville@windriver.com>
---
src/journal/journald-syslog.c | 48 +++++++++++++++++++++++++++++++++++++------
1 file changed, 42 insertions(+), 6 deletions(-)
diff --git a/src/journal/journald-syslog.c b/src/journal/journald-syslog.c
index 4e118aa..85cdeb9 100644
index 1a9db59..36288cb 100644
--- a/src/journal/journald-syslog.c
+++ b/src/journal/journald-syslog.c
@@ -35,6 +35,44 @@
@ -75,5 +77,5 @@ index 4e118aa..85cdeb9 100644
/* Third: identifier and PID */
--
1.9.1
1.8.3.1

View File

@ -1,15 +1,19 @@
From 193fcf879dbee168238227e2123d63f5bf8a135d Mon Sep 17 00:00:00 2001
From 7cc3363381f83bb060e8e686eb64b5425f2d4409 Mon Sep 17 00:00:00 2001
Message-Id: <7cc3363381f83bb060e8e686eb64b5425f2d4409.1574264572.git.Jim.Somerville@windriver.com>
In-Reply-To: <8b63ddb68a39d48ebb621d76a2b1f07f5ff67ac7.1574264572.git.Jim.Somerville@windriver.com>
References: <8b63ddb68a39d48ebb621d76a2b1f07f5ff67ac7.1574264572.git.Jim.Somerville@windriver.com>
From: slin14 <shuicheng.lin@intel.com>
Date: Thu, 9 Aug 2018 18:38:18 +0800
Subject: [PATCH] fix build error for unused variable
Subject: [PATCH 2/3] fix build error for unused variable
Signed-off-by: slin14 <shuicheng.lin@intel.com>
Signed-off-by: Jim Somerville <Jim.Somerville@windriver.com>
---
src/journal/journald-syslog.c | 2 --
1 file changed, 2 deletions(-)
diff --git a/src/journal/journald-syslog.c b/src/journal/journald-syslog.c
index 33062ea..fd4e070 100644
index 36288cb..2e49b4c 100644
--- a/src/journal/journald-syslog.c
+++ b/src/journal/journald-syslog.c
@@ -167,8 +167,6 @@ void server_forward_syslog(Server *s, int priority, const char *identifier, cons
@ -19,8 +23,8 @@ index 33062ea..fd4e070 100644
- time_t t;
- struct tm *tm;
char *ident_buf = NULL;
assert(s);
--
2.7.4
--
1.8.3.1

View File

@ -1,7 +1,10 @@
From bcfe2b0e50fed2a445f4e0dd43f33aee45d9ac5f Mon Sep 17 00:00:00 2001
From 339ea8b005c037eaad217dfd3cc10b2b110bdd28 Mon Sep 17 00:00:00 2001
Message-Id: <339ea8b005c037eaad217dfd3cc10b2b110bdd28.1574264572.git.Jim.Somerville@windriver.com>
In-Reply-To: <8b63ddb68a39d48ebb621d76a2b1f07f5ff67ac7.1574264572.git.Jim.Somerville@windriver.com>
References: <8b63ddb68a39d48ebb621d76a2b1f07f5ff67ac7.1574264572.git.Jim.Somerville@windriver.com>
From: Shuicheng Lin <shuicheng.lin@intel.com>
Date: Tue, 2 Apr 2019 16:43:03 +0000
Subject: [PATCH] Fix compile failure due to deprecated value
Subject: [PATCH 3/3] Fix compile failure due to deprecated value
Issue occur after upgrade build tool chain. Fix it per tool chain's
suggestion.
@ -15,10 +18,11 @@ use MHD_HTTP_NOT_ACCEPTABLE [-Werror]
Signed-off-by: Shuicheng Lin <shuicheng.lin@intel.com>
Signed-off-by: Mawrer Ramirez <mawrer.a.ramirez.martinez@intel.com>
Signed-off-by: Jim Somerville <Jim.Somerville@windriver.com>
---
src/journal-remote/journal-gatewayd.c | 4 ++--
src/journal-remote/journal-remote.c | 4 ++--
2 files changed, 4 insertions(+), 4 deletions(-)
src/journal-remote/journal-remote.c | 6 +++---
2 files changed, 5 insertions(+), 5 deletions(-)
diff --git a/src/journal-remote/journal-gatewayd.c b/src/journal-remote/journal-gatewayd.c
index d1f0ce3..8364044 100644
@ -43,7 +47,7 @@ index d1f0ce3..8364044 100644
diff --git a/src/journal-remote/journal-remote.c b/src/journal-remote/journal-remote.c
index e65daf6..9780ecb 100644
index 431e283..476c826 100644
--- a/src/journal-remote/journal-remote.c
+++ b/src/journal-remote/journal-remote.c
@@ -526,13 +526,13 @@ static int process_http_upload(
@ -54,14 +58,14 @@ index e65daf6..9780ecb 100644
+ MHD_HTTP_PAYLOAD_TOO_LARGE,
"Entry is too large, maximum is %u bytes.\n",
DATA_SIZE_MAX);
else if (r == -E2BIG)
return mhd_respondf(connection,
- MHD_HTTP_REQUEST_ENTITY_TOO_LARGE,
+ MHD_HTTP_PAYLOAD_TOO_LARGE,
"Entry with more fields than the maximum of %u\n",
ENTRY_FIELD_COUNT_MAX);
@@ -586,7 +586,7 @@ static int request_handler(
*connection_cls);
@ -73,3 +77,4 @@ index e65daf6..9780ecb 100644
if (!streq(url, "/upload"))
--
1.8.3.1

View File

@ -1 +1 @@
mirror:Source/systemd-219-62.el7_6.5.src.rpm
mirror:Source/systemd-219-67.el7.src.rpm