Hello community, here is the log from the commit of package util-linux.3624 for openSUSE:13.1:Update checked in at 2015-03-23 11:52:58 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:13.1:Update/util-linux.3624 (Old) and /work/SRC/openSUSE:13.1:Update/.util-linux.3624.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "util-linux.3624" Changes: -------- New Changes file: --- /dev/null 2015-03-12 01:14:30.992027505 +0100 +++ /work/SRC/openSUSE:13.1:Update/.util-linux.3624.new/util-linux.changes 2015-03-23 11:53:01.000000000 +0100 @@ -0,0 +1,3449 @@ +------------------------------------------------------------------- +Wed Mar 11 13:47:31 UTC 2015 - [email protected] + +- do not segfault when TERM is not defined or wrong [bnc#903440] + + util-linux-cal-no-terminal.patch + +------------------------------------------------------------------- +Wed Dec 17 22:03:34 CET 2014 - [email protected] + +- libblkid: care about unsafe chars and possible buffer overflow + in cache (CVE-2014-9114, util-linux-libblkid-unsafe-chars.patch, + util-linux-libblkid-overflow.patch, bsc#907434) + +------------------------------------------------------------------- +Sat Oct 18 19:52:23 UTC 2014 - [email protected] + +- Add documentation (bnc#823907) + +------------------------------------------------------------------- +Fri Sep 12 19:28:12 CEST 2014 - [email protected] + +- Enable --socket-activation by --enable-socket-activation + configure option (bnc#896246). + +------------------------------------------------------------------- +Mon Sep 8 21:04:34 CEST 2014 - [email protected] + +- Install runuser and runuser-l PAM file + (runuser.pamd, bnc#892079). + +------------------------------------------------------------------- +Wed Apr 2 10:57:23 UTC 2014 - [email protected] + +- Add Patch_to_make_blkid_identify_bcache_superblocks.diff + blkid needs to be able to identify partitions on which + a bcache is installed to allow bcache-tools to operate + on boot. (bnc#871606) + +------------------------------------------------------------------- +Tue Dec 17 20:10:53 CET 2013 - [email protected] + +- Fix user umount (bnc#855662, util-linux-umount-user.patch). + +------------------------------------------------------------------- +Wed Oct 2 18:55:22 CEST 2013 - [email protected] + +- Safely migrate su config files from coreutils to util-linux + (bnc#814626#c18). + +------------------------------------------------------------------- +Fri Sep 27 21:58:03 UTC 2013 - [email protected] + +- Add more-check-for-buffer-size-when-write-multibyte-char.patch and + more-guarantee-space-for-multibyte.patch -- check for buffer space with + multi-byte chars (BNC#829720). + +------------------------------------------------------------------- +Fri Sep 27 16:58:40 UTC 2013 - [email protected] + +- Add more-fix-buffer-overflow.patch (bnc#829720). + +------------------------------------------------------------------- +Fri Sep 13 07:06:19 UTC 2013 - [email protected] + +- Avoid build require gpg-offline twice + +------------------------------------------------------------------- +Wed Sep 11 20:54:24 CEST 2013 - [email protected] + +- Update to version 2.23.2: + nsenter(1): + * this NEW COMMAND provides command line interface to setns() + Linux syscall and allows to run program with namespaces of + other processes + unshare(1): + * supports new PID and USER namespaces + fdisk(8): + * provides experimental support for GUID Partition Table (GPT), + the implementation is still not complete and some (unimportant) + features are missing. + * ~50% of fdisk code has been refactored, this task is going to + be complete in the next release. The goal is to have libfdisk + shared between all fdisks. + partx(8): + * supports new "update" command (implemented by + BLKPG_RESIZE_PARTITION ioctl) + mount(8): + * supports new userspace mount option x-mount.mkdir[=<mode>] to + create mountpoints on demand + * the support for propagation flags has been improved, now the + flags could be specified in /etc/fstab and used together with + regular mount options. It's also possible to specify more + propagation flags together. This EXPERIMENTAL feature is + implemented by additional mount(2) syscalls, because Linux does + not allow to use propagation flags with another options or more + flags together. + umount(8): + * supports new command line option --recursive to recursively + unmount all sub-mounts for the specified mountpoint * supports + new command line option --all-targets to unmount all + mountpoints in the current namespace for the specified + filesystem * the options --recursive and --all-targets could be + used together + dmesg(1): + * supports new command line options --color, --human and + --nopager, the --human option enables relative times, colors and + pager support. + su(1): + * supports new command line options --group and --supp-group to + specify primary and supplementary groups + chfn(1) and chsh(1): + * the commands could be linked with libuser to support non-local + accounts modification (e.g. LDAP, etc). + kill(1): + * the command has been improved to be compatible with procps + version, the procps version is deprecated now, the util-linux + version is enabled by default. + blkdiscard(8): + * this NEW COMMAND discard sectors on a device (for example on + SSD disks) + sulogin(8): + * provides multi-console feature from SysVinit + findmnt(8): + * provides new columns FREQ, PASSNO, ID, OPT-FIELDS, PROPAGATION + lslocks(8): + * provides new column BLOCKER and detects blocked locks + lsblk(8): + * supports new command line option --scsi and new columns HCTL, + TRANsport VENDOR and REVision + swapon(8) and losetup(8): + * the commands prints basic overview by default if no option + specified + column(1): + * supports new command line option --output-separator to specify + table output delimiter + rename(1): + * supports new command line option --symlink to rename symlink + target + hwclock(8): + * supports new command line option --compare to periodically + compare the Hardware Clock to the System Time (based on + adjtimex -c) + ipcs(1): + * supports new command line options --bytes and --human + wipefs(1): + * supports new command line option --force to force erase on used + devices +- Removed upstreamed patches (mkfs.bfs_cleanup_64bit.patch-Patch, + mkfs.bfs_cleanup_endian.patch) + +------------------------------------------------------------------- +Mon Jul 1 13:43:23 UTC 2013 - [email protected] + +- Correct condition for Conflicts of sysvinit-tools. + +------------------------------------------------------------------- +Mon Jul 1 07:08:46 UTC 2013 - [email protected] + +- Correct version in source URL path. + +------------------------------------------------------------------- +Fri Jun 28 17:42:14 CEST 2013 - [email protected] + +- Fix Provides and Obsoletes of eject. +- Conflict with old coreutils and sysvinit-tools with conflicting + files to guarantee seamless upgrade. +- Remove Provides and Obsoletes of packages that do not exist since + SuSE Linux 8. +- Include upstreamed patch from SUSE eject package: + Check eject host_status and driver_status when using SG_IO + (eject-scsi-check-host_status-and-driver_status.patch, + bnc#358033). + +------------------------------------------------------------------- +Wed Jun 19 10:58:17 UTC 2013 - [email protected] + +- rely on systemd-rpm-macros instead of the full thing + +------------------------------------------------------------------- +Wed Jun 12 21:02:28 UTC 2013 - [email protected] + +- util-linux.spec: remove previously added "moving-su-trickery" again + as a su-less coreutils packet is in Base:Build and Factory now. + +------------------------------------------------------------------- +Fri Jun 7 00:13:25 UTC 2013 - [email protected] + +- util-linux.spec: work around su(1) PAM problems based on su(1) + being provided by both the coreutils and the util-linux package. + Fix macro typo in %post and %verifyscript sections related to su(1): + s/sysvinit_tools/enable_su/ + +------------------------------------------------------------------- +Thu Jun 6 08:27:43 UTC 2013 - [email protected] + +- Add make-sure-sbin-resp-usr-sbin-are-in-PATH.diff, that is include + the old "let `su' handle /sbin and /usr/sbin in path" ++++ 3252 more lines (skipped) ++++ between /dev/null ++++ and /work/SRC/openSUSE:13.1:Update/.util-linux.3624.new/util-linux.changes New: ---- Patch_to_make_blkid_identify_bcache_superblocks.diff README.largedisk README.raw addnote.c baselibs.conf blkid.conf eject-scsi-check-host_status-and-driver_status.patch etc.raw etc_filesystems fdisk-tinfo.patch klogconsole-quiet.patch klogconsole.diff klogconsole.tar.bz2 login.pamd make-sure-sbin-resp-usr-sbin-are-in-PATH.diff mkzimage_cmdline.8 mkzimage_cmdline.c more-check-for-buffer-size-when-write-multibyte-char.patch more-fix-buffer-overflow.patch more-guarantee-space-for-multibyte.patch nologin.8 nologin.c raw.init remote.pamd runuser.pamd setctsid.8 setctsid.c su.default su.pamd util-linux-2.23.1-eject-fpie.patch util-linux-2.23.1-fdisk_remove_bogus_warnings.patch util-linux-2.23.1-noenc-suse.diff util-linux-2.23.2.tar.sign util-linux-2.23.2.tar.xz util-linux-HACK-boot.localfs.diff util-linux-cal-no-terminal.patch util-linux-libblkid-overflow.patch util-linux-libblkid-unsafe-chars.patch util-linux-rpmlintrc util-linux-umount-user.patch util-linux.changes util-linux.keyring util-linux.spec uuidd.rc ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ util-linux.spec ++++++ ++++ 940 lines (skipped) ++++++ Patch_to_make_blkid_identify_bcache_superblocks.diff ++++++ --- util-linux-2.23.2.orig/libblkid/src/Makemodule.am 2013-07-15 10:25:46.281049040 +0200 +++ util-linux-2.23.2.orig/libblkid/src/Makemodule.am 2013-09-01 23:26:23.983351460 +0200 @@ -46,6 +46,7 @@ libblkid/src/partitions/unixware.c \ \ libblkid/src/superblocks/adaptec_raid.c \ + libblkid/src/superblocks/bcache.c \ libblkid/src/superblocks/befs.c \ libblkid/src/superblocks/bfs.c \ libblkid/src/superblocks/btrfs.c \ --- util-linux-2.23.2.orig/libblkid/src/superblocks/bcache.c 1970-01-01 01:00:00.000000000 +0100 +++ util-linux-2.23.2.orig/libblkid/src/superblocks/bcache.c 2013-09-01 23:28:12.188207322 +0200 @@ -0,0 +1,232 @@ +/* + * Copyright (C) 2013 Rolf Fokkens <[email protected]> + * + * This file may be redistributed under the terms of the + * GNU Lesser General Public License. + * + * Based on code fragments from bcache-tools by Kent Overstreet: + * http://evilpiepirate.org/git/bcache-tools.git + */ + +#include <stddef.h> +#include <stdio.h> + +#include "superblocks.h" + +#define SB_LABEL_SIZE 32 +#define SB_JOURNAL_BUCKETS 256U + +#define node(i, j) ((void *) ((i)->d + (j))) +#define end(i) node(i, (i)->keys) +#define csum_set(i) crc64(((void *) (i)) + 8, ((void *) end(i)) - (((void *) (i)) + 8)) + +static const uint64_t crc_table[256] = { + 0x0000000000000000ULL, 0x42F0E1EBA9EA3693ULL, 0x85E1C3D753D46D26ULL, + 0xC711223CFA3E5BB5ULL, 0x493366450E42ECDFULL, 0x0BC387AEA7A8DA4CULL, + 0xCCD2A5925D9681F9ULL, 0x8E224479F47CB76AULL, 0x9266CC8A1C85D9BEULL, + 0xD0962D61B56FEF2DULL, 0x17870F5D4F51B498ULL, 0x5577EEB6E6BB820BULL, + 0xDB55AACF12C73561ULL, 0x99A54B24BB2D03F2ULL, 0x5EB4691841135847ULL, + 0x1C4488F3E8F96ED4ULL, 0x663D78FF90E185EFULL, 0x24CD9914390BB37CULL, + 0xE3DCBB28C335E8C9ULL, 0xA12C5AC36ADFDE5AULL, 0x2F0E1EBA9EA36930ULL, + 0x6DFEFF5137495FA3ULL, 0xAAEFDD6DCD770416ULL, 0xE81F3C86649D3285ULL, + 0xF45BB4758C645C51ULL, 0xB6AB559E258E6AC2ULL, 0x71BA77A2DFB03177ULL, + 0x334A9649765A07E4ULL, 0xBD68D2308226B08EULL, 0xFF9833DB2BCC861DULL, + 0x388911E7D1F2DDA8ULL, 0x7A79F00C7818EB3BULL, 0xCC7AF1FF21C30BDEULL, + 0x8E8A101488293D4DULL, 0x499B3228721766F8ULL, 0x0B6BD3C3DBFD506BULL, + 0x854997BA2F81E701ULL, 0xC7B97651866BD192ULL, 0x00A8546D7C558A27ULL, + 0x4258B586D5BFBCB4ULL, 0x5E1C3D753D46D260ULL, 0x1CECDC9E94ACE4F3ULL, + 0xDBFDFEA26E92BF46ULL, 0x990D1F49C77889D5ULL, 0x172F5B3033043EBFULL, + 0x55DFBADB9AEE082CULL, 0x92CE98E760D05399ULL, 0xD03E790CC93A650AULL, + 0xAA478900B1228E31ULL, 0xE8B768EB18C8B8A2ULL, 0x2FA64AD7E2F6E317ULL, + 0x6D56AB3C4B1CD584ULL, 0xE374EF45BF6062EEULL, 0xA1840EAE168A547DULL, + 0x66952C92ECB40FC8ULL, 0x2465CD79455E395BULL, 0x3821458AADA7578FULL, + 0x7AD1A461044D611CULL, 0xBDC0865DFE733AA9ULL, 0xFF3067B657990C3AULL, + 0x711223CFA3E5BB50ULL, 0x33E2C2240A0F8DC3ULL, 0xF4F3E018F031D676ULL, + 0xB60301F359DBE0E5ULL, 0xDA050215EA6C212FULL, 0x98F5E3FE438617BCULL, + 0x5FE4C1C2B9B84C09ULL, 0x1D14202910527A9AULL, 0x93366450E42ECDF0ULL, + 0xD1C685BB4DC4FB63ULL, 0x16D7A787B7FAA0D6ULL, 0x5427466C1E109645ULL, + 0x4863CE9FF6E9F891ULL, 0x0A932F745F03CE02ULL, 0xCD820D48A53D95B7ULL, + 0x8F72ECA30CD7A324ULL, 0x0150A8DAF8AB144EULL, 0x43A04931514122DDULL, + 0x84B16B0DAB7F7968ULL, 0xC6418AE602954FFBULL, 0xBC387AEA7A8DA4C0ULL, + 0xFEC89B01D3679253ULL, 0x39D9B93D2959C9E6ULL, 0x7B2958D680B3FF75ULL, + 0xF50B1CAF74CF481FULL, 0xB7FBFD44DD257E8CULL, 0x70EADF78271B2539ULL, + 0x321A3E938EF113AAULL, 0x2E5EB66066087D7EULL, 0x6CAE578BCFE24BEDULL, + 0xABBF75B735DC1058ULL, 0xE94F945C9C3626CBULL, 0x676DD025684A91A1ULL, + 0x259D31CEC1A0A732ULL, 0xE28C13F23B9EFC87ULL, 0xA07CF2199274CA14ULL, + 0x167FF3EACBAF2AF1ULL, 0x548F120162451C62ULL, 0x939E303D987B47D7ULL, + 0xD16ED1D631917144ULL, 0x5F4C95AFC5EDC62EULL, 0x1DBC74446C07F0BDULL, + 0xDAAD56789639AB08ULL, 0x985DB7933FD39D9BULL, 0x84193F60D72AF34FULL, + 0xC6E9DE8B7EC0C5DCULL, 0x01F8FCB784FE9E69ULL, 0x43081D5C2D14A8FAULL, + 0xCD2A5925D9681F90ULL, 0x8FDAB8CE70822903ULL, 0x48CB9AF28ABC72B6ULL, + 0x0A3B7B1923564425ULL, 0x70428B155B4EAF1EULL, 0x32B26AFEF2A4998DULL, + 0xF5A348C2089AC238ULL, 0xB753A929A170F4ABULL, 0x3971ED50550C43C1ULL, + 0x7B810CBBFCE67552ULL, 0xBC902E8706D82EE7ULL, 0xFE60CF6CAF321874ULL, + 0xE224479F47CB76A0ULL, 0xA0D4A674EE214033ULL, 0x67C58448141F1B86ULL, + 0x253565A3BDF52D15ULL, 0xAB1721DA49899A7FULL, 0xE9E7C031E063ACECULL, + 0x2EF6E20D1A5DF759ULL, 0x6C0603E6B3B7C1CAULL, 0xF6FAE5C07D3274CDULL, + 0xB40A042BD4D8425EULL, 0x731B26172EE619EBULL, 0x31EBC7FC870C2F78ULL, + 0xBFC9838573709812ULL, 0xFD39626EDA9AAE81ULL, 0x3A28405220A4F534ULL, + 0x78D8A1B9894EC3A7ULL, 0x649C294A61B7AD73ULL, 0x266CC8A1C85D9BE0ULL, + 0xE17DEA9D3263C055ULL, 0xA38D0B769B89F6C6ULL, 0x2DAF4F0F6FF541ACULL, + 0x6F5FAEE4C61F773FULL, 0xA84E8CD83C212C8AULL, 0xEABE6D3395CB1A19ULL, + 0x90C79D3FEDD3F122ULL, 0xD2377CD44439C7B1ULL, 0x15265EE8BE079C04ULL, + 0x57D6BF0317EDAA97ULL, 0xD9F4FB7AE3911DFDULL, 0x9B041A914A7B2B6EULL, + 0x5C1538ADB04570DBULL, 0x1EE5D94619AF4648ULL, 0x02A151B5F156289CULL, + 0x4051B05E58BC1E0FULL, 0x87409262A28245BAULL, 0xC5B073890B687329ULL, + 0x4B9237F0FF14C443ULL, 0x0962D61B56FEF2D0ULL, 0xCE73F427ACC0A965ULL, + 0x8C8315CC052A9FF6ULL, 0x3A80143F5CF17F13ULL, 0x7870F5D4F51B4980ULL, + 0xBF61D7E80F251235ULL, 0xFD913603A6CF24A6ULL, 0x73B3727A52B393CCULL, + 0x31439391FB59A55FULL, 0xF652B1AD0167FEEAULL, 0xB4A25046A88DC879ULL, + 0xA8E6D8B54074A6ADULL, 0xEA16395EE99E903EULL, 0x2D071B6213A0CB8BULL, + 0x6FF7FA89BA4AFD18ULL, 0xE1D5BEF04E364A72ULL, 0xA3255F1BE7DC7CE1ULL, + 0x64347D271DE22754ULL, 0x26C49CCCB40811C7ULL, 0x5CBD6CC0CC10FAFCULL, + 0x1E4D8D2B65FACC6FULL, 0xD95CAF179FC497DAULL, 0x9BAC4EFC362EA149ULL, + 0x158E0A85C2521623ULL, 0x577EEB6E6BB820B0ULL, 0x906FC95291867B05ULL, + 0xD29F28B9386C4D96ULL, 0xCEDBA04AD0952342ULL, 0x8C2B41A1797F15D1ULL, + 0x4B3A639D83414E64ULL, 0x09CA82762AAB78F7ULL, 0x87E8C60FDED7CF9DULL, + 0xC51827E4773DF90EULL, 0x020905D88D03A2BBULL, 0x40F9E43324E99428ULL, + 0x2CFFE7D5975E55E2ULL, 0x6E0F063E3EB46371ULL, 0xA91E2402C48A38C4ULL, + 0xEBEEC5E96D600E57ULL, 0x65CC8190991CB93DULL, 0x273C607B30F68FAEULL, + 0xE02D4247CAC8D41BULL, 0xA2DDA3AC6322E288ULL, 0xBE992B5F8BDB8C5CULL, + 0xFC69CAB42231BACFULL, 0x3B78E888D80FE17AULL, 0x7988096371E5D7E9ULL, + 0xF7AA4D1A85996083ULL, 0xB55AACF12C735610ULL, 0x724B8ECDD64D0DA5ULL, + 0x30BB6F267FA73B36ULL, 0x4AC29F2A07BFD00DULL, 0x08327EC1AE55E69EULL, + 0xCF235CFD546BBD2BULL, 0x8DD3BD16FD818BB8ULL, 0x03F1F96F09FD3CD2ULL, + 0x41011884A0170A41ULL, 0x86103AB85A2951F4ULL, 0xC4E0DB53F3C36767ULL, + 0xD8A453A01B3A09B3ULL, 0x9A54B24BB2D03F20ULL, 0x5D45907748EE6495ULL, + 0x1FB5719CE1045206ULL, 0x919735E51578E56CULL, 0xD367D40EBC92D3FFULL, + 0x1476F63246AC884AULL, 0x568617D9EF46BED9ULL, 0xE085162AB69D5E3CULL, + 0xA275F7C11F7768AFULL, 0x6564D5FDE549331AULL, 0x279434164CA30589ULL, + 0xA9B6706FB8DFB2E3ULL, 0xEB46918411358470ULL, 0x2C57B3B8EB0BDFC5ULL, + 0x6EA7525342E1E956ULL, 0x72E3DAA0AA188782ULL, 0x30133B4B03F2B111ULL, + 0xF7021977F9CCEAA4ULL, 0xB5F2F89C5026DC37ULL, 0x3BD0BCE5A45A6B5DULL, + 0x79205D0E0DB05DCEULL, 0xBE317F32F78E067BULL, 0xFCC19ED95E6430E8ULL, + 0x86B86ED5267CDBD3ULL, 0xC4488F3E8F96ED40ULL, 0x0359AD0275A8B6F5ULL, + 0x41A94CE9DC428066ULL, 0xCF8B0890283E370CULL, 0x8D7BE97B81D4019FULL, + 0x4A6ACB477BEA5A2AULL, 0x089A2AACD2006CB9ULL, 0x14DEA25F3AF9026DULL, + 0x562E43B4931334FEULL, 0x913F6188692D6F4BULL, 0xD3CF8063C0C759D8ULL, + 0x5DEDC41A34BBEEB2ULL, 0x1F1D25F19D51D821ULL, 0xD80C07CD676F8394ULL, + 0x9AFCE626CE85B507ULL +}; + + + +static inline uint64_t crc64(const void *_data, size_t len) +{ + uint64_t crc = 0xFFFFFFFFFFFFFFFFULL; + const unsigned char *data = _data; + + while (len--) { + int i = ((int) (crc >> 56) ^ *data++) & 0xFF; + crc = crc_table[i] ^ (crc << 8); + } + + return crc ^ 0xFFFFFFFFFFFFFFFFULL; +} + +static const char bcache_magic[] = { + 0xc6, 0x85, 0x73, 0xf6, 0x4e, 0x1a, 0x45, 0xca, + 0x82, 0x65, 0xf5, 0x7f, 0x48, 0xba, 0x6d, 0x81 +}; + +struct bcache_super_block { + uint64_t csum; + uint64_t offset; /* sector where this sb was written */ + uint64_t version; + + uint8_t magic[16]; + + uint8_t uuid[16]; + union { + uint8_t set_uuid[16]; + uint64_t set_magic; + }; + uint8_t label[SB_LABEL_SIZE]; + + uint64_t flags; + uint64_t seq; + uint64_t pad[8]; + + union { + struct { + /* Cache devices */ + uint64_t nbuckets; /* device size */ + + uint16_t block_size; /* sectors */ + uint16_t bucket_size; /* sectors */ + + uint16_t nr_in_set; + uint16_t nr_this_dev; + }; + struct { + /* Backing devices */ + uint64_t data_offset; + + /* + * block_size from the cache device section is still used by + * backing devices, so don't add anything here until we fix + * things to not need it for backing devices anymore + */ + }; + }; + + uint32_t last_mount; /* time_t */ + + uint16_t first_bucket; + union { + uint16_t njournal_buckets; + uint16_t keys; + }; + uint64_t d[SB_JOURNAL_BUCKETS]; /* journal buckets */ +}; + +/* magic string */ +#define BCACHE_SB_MAGIC bcache_magic +/* magic string len */ +#define BCACHE_SB_MAGIC_LEN sizeof (bcache_magic) +/* super block offset */ +#define BCACHE_SB_OFF 0x1000 +/* supper block offset in kB */ +#define BCACHE_SB_KBOFF (BCACHE_SB_OFF >> 10) +/* magic string offset within super block */ +#define BCACHE_SB_MAGIC_OFF offsetof (struct bcache_super_block, magic) + +static int probe_bcache (blkid_probe pr, const struct blkid_idmag *mag) +{ + struct bcache_super_block *bcs; + uint64_t expected_csum; + + bcs = blkid_probe_get_sb(pr, mag, struct bcache_super_block); + if (!bcs) + return -1; + + if (bcs->offset != (BCACHE_SB_OFF/512)) + return -1; + + expected_csum = csum_set(bcs); + if (expected_csum != bcs->csum) + return -1; + + if (blkid_probe_set_uuid(pr, bcs->uuid) < 0) + return -1; + + return 0; +}; + +const struct blkid_idinfo bcache_idinfo = +{ + .name = "bcache", + .usage = BLKID_USAGE_RAID, + .probefunc = probe_bcache, + .minsz = 8192, + .magics = + { + { .magic = BCACHE_SB_MAGIC + , .len = BCACHE_SB_MAGIC_LEN + , .kboff = BCACHE_SB_KBOFF + , .sboff = BCACHE_SB_MAGIC_OFF + } , + { NULL } + } +}; + --- util-linux-2.23.2.orig/libblkid/src/superblocks/superblocks.c 2013-07-30 10:39:26.209738269 +0200 +++ util-linux-2.23.2.orig/libblkid/src/superblocks/superblocks.c 2013-09-01 23:26:24.038351386 +0200 @@ -98,6 +98,7 @@ &highpoint37x_idinfo, &adraid_idinfo, &jmraid_idinfo, + &bcache_idinfo, &drbd_idinfo, &drbdproxy_datalog_idinfo, --- util-linux-2.23.2.orig/libblkid/src/superblocks/superblocks.h 2013-06-13 09:46:10.425650665 +0200 +++ util-linux-2.23.2.orig/libblkid/src/superblocks/superblocks.h 2013-09-01 23:26:24.047351374 +0200 @@ -71,6 +71,7 @@ extern const struct blkid_idinfo nilfs2_idinfo; extern const struct blkid_idinfo exfat_idinfo; extern const struct blkid_idinfo f2fs_idinfo; +extern const struct blkid_idinfo bcache_idinfo; /* * superblock functions ++++++ README.largedisk ++++++ Some hints on fdisk and large disks (> 2TB) ------------------------------------------- Note that fdisk only supports legacy partition tables. Legacy partition tables (like DOS) use 32 bit LBA addressing, which means that you can only address partitions with a starting sector and a size with a maximum of 2**32 sectors = 2TB. This means you can not create partitions that are greater than 2TB with fdisk! If you want to use partition sizes above this limit, you need to use GUID Partition Tables (GPT) which use 64 bit LBA addressing. They are supported by parted. ++++++ README.raw ++++++ Raw device driver support on SLS 9 On SLS 9, you will notice that by default, raw devices (nodes) (/dev/rawctl and /dev/raw/rawN (1-15)) no longer exist whereas in SLES 8, the raw nodes were created when the system was initially installed. SLS 9, by default, uses the new dynamic userspace implementation "sysfs" together with "udev" which replaces the previous static "dev" system. Raw devices are moving towards eventual obsolescence with block+O_DIRECT support intended as a replacement. The primary application users of raw character devices have been databases so the database you are using will have to support the O_DIRECT functionality before moving away from raw character devices. Using RAW with kernel 2.6 (SLS 9) --------------------------------- Raw device usage in kernel 2.6 together with udev and sysfs was intended to be quite seamless. Basically, all that is required is to load the raw module after each reboot using the commands "modprobe raw" or "rcraw start". Then use the "raw" command to create the bindings to the block character devices. The raw device nodes are no longer required to exist before the bindings are assigned and used. Using a single script, you can you load the raw module and bind the raw nodes to block devices. #!/usr/bin # load the raw module modprobe raw # can also use "rcraw start" # create the raw bindings raw /dev/raw/raw1 /dev/sdb1 raw /dev/raw/raw2 /dev/sbc1 You can see if the raw driver is available by issuing "rcraw status". If the raw driver is loaded, the command should return a status of "running". A status of "dead" will usually indicate that the driver was not loaded or the /dev/rawctl file does not exist. The /dev/rawctl file is automatically created when the module is loaded. This file and the /dev/raw/rawN nodes can also be viewed under the /sys/class/raw directory. Raw node permissions ---------------------------------- When the raw devices are assigned, permission settings are determined from the /etc/udev/udev.permission file. This file can be modified to assign different owner, group and/or access permissions to the raw nodes. For example, by default, the permission settings for raw nodes are as follows: raw/raw*:root:disk:660 Here, root:disk is the default owner:group with read write access for owner and group. As an example, to create the raw nodes with an owner:group of user1:group1 and read write access for all, change the assignment as follows: raw/raw*:user1:group1:666 ++++++ addnote.c ++++++ /* * Program to hack in a PT_NOTE program header entry in an ELF file. * This is needed for OF on RS/6000s to load an image correctly. * Note that OF needs a program header entry for the note, not an * ELF section. * * Copyright 2000 Paul Mackerras. * * This program is free software; you can redistribute it and/or * modify it under the terms of the GNU General Public License * as published by the Free Software Foundation; either version * 2 of the License, or (at your option) any later version. * * Usage: addnote zImage */ #include <stdio.h> #include <stdlib.h> #include <fcntl.h> #include <unistd.h> #include <string.h> /* CHRP note section */ char arch[] = "PowerPC"; #define N_DESCR 6 unsigned int descr[N_DESCR] = { 0xffffffff, /* real-mode = true */ 0x02000000, /* real-base, i.e. where we expect OF to be */ 0xffffffff, /* real-size */ 0xffffffff, /* virt-base */ 0xffffffff, /* virt-size */ 0x4000, /* load-base */ }; /* RPA note section */ char rpaname[] = "IBM,RPA-Client-Config"; /* * Note: setting ignore_my_client_config *should* mean that OF ignores * all the other fields, but there is a firmware bug which means that * it looks at the splpar field at least. So these values need to be * reasonable. */ #define N_RPA_DESCR 8 unsigned int rpanote[N_RPA_DESCR] = { 0, /* lparaffinity */ 64, /* min_rmo_size */ 0, /* min_rmo_percent */ 40, /* max_pft_size */ 1, /* splpar */ -1, /* min_load */ 0, /* new_mem_def */ 1, /* ignore_my_client_config */ }; #define ROUNDUP(len) (((len) + 3) & ~3) unsigned char buf[512]; #define GET_16BE(off) ((buf[off] << 8) + (buf[(off)+1])) #define GET_32BE(off) ((GET_16BE(off) << 16) + GET_16BE((off)+2)) #define PUT_16BE(off, v) (buf[off] = ((v) >> 8) & 0xff, \ buf[(off) + 1] = (v) & 0xff) #define PUT_32BE(off, v) (PUT_16BE((off), (v) >> 16), \ PUT_16BE((off) + 2, (v))) /* Structure of an ELF file */ #define E_IDENT 0 /* ELF header */ #define E_PHOFF 28 #define E_PHENTSIZE 42 #define E_PHNUM 44 #define E_HSIZE 52 /* size of ELF header */ #define EI_MAGIC 0 /* offsets in E_IDENT area */ #define EI_CLASS 4 #define EI_DATA 5 #define PH_TYPE 0 /* ELF program header */ #define PH_OFFSET 4 #define PH_FILESZ 16 #define PH_HSIZE 32 /* size of program header */ #define PT_NOTE 4 /* Program header type = note */ #define ELFCLASS32 1 #define ELFDATA2MSB 2 unsigned char elf_magic[4] = { 0x7f, 'E', 'L', 'F' }; int main(int ac, char **av) { int fd, n, i; int ph, ps, np; int nnote, nnote2, ns; if (ac != 2) { fprintf(stderr, "Usage: %s elf-file\n", av[0]); exit(1); } fd = open(av[1], O_RDWR); if (fd < 0) { perror(av[1]); exit(1); } nnote = 12 + ROUNDUP(strlen(arch) + 1) + sizeof(descr); nnote2 = 12 + ROUNDUP(strlen(rpaname) + 1) + sizeof(rpanote); n = read(fd, buf, sizeof(buf)); if (n < 0) { perror("read"); exit(1); } if (n < E_HSIZE || memcmp(&buf[E_IDENT+EI_MAGIC], elf_magic, 4) != 0) goto notelf; if (buf[E_IDENT+EI_CLASS] != ELFCLASS32 || buf[E_IDENT+EI_DATA] != ELFDATA2MSB) { fprintf(stderr, "%s is not a big-endian 32-bit ELF image\n", av[1]); exit(1); } ph = GET_32BE(E_PHOFF); ps = GET_16BE(E_PHENTSIZE); np = GET_16BE(E_PHNUM); if (ph < E_HSIZE || ps < PH_HSIZE || np < 1) goto notelf; if (ph + (np + 2) * ps + nnote + nnote2 > n) goto nospace; for (i = 0; i < np; ++i) { if (GET_32BE(ph + PH_TYPE) == PT_NOTE) { fprintf(stderr, "%s already has a note entry\n", av[1]); exit(0); } ph += ps; } /* XXX check that the area we want to use is all zeroes */ for (i = 0; i < 2 * ps + nnote + nnote2; ++i) if (buf[ph + i] != 0) goto nospace; /* fill in the program header entry */ ns = ph + 2 * ps; PUT_32BE(ph + PH_TYPE, PT_NOTE); PUT_32BE(ph + PH_OFFSET, ns); PUT_32BE(ph + PH_FILESZ, nnote); /* fill in the note area we point to */ /* XXX we should probably make this a proper section */ PUT_32BE(ns, strlen(arch) + 1); PUT_32BE(ns + 4, N_DESCR * 4); PUT_32BE(ns + 8, 0x1275); strcpy((char *) &buf[ns + 12], arch); ns += 12 + strlen(arch) + 1; for (i = 0; i < N_DESCR; ++i, ns += 4) PUT_32BE(ns, descr[i]); /* fill in the second program header entry and the RPA note area */ ph += ps; PUT_32BE(ph + PH_TYPE, PT_NOTE); PUT_32BE(ph + PH_OFFSET, ns); PUT_32BE(ph + PH_FILESZ, nnote2); /* fill in the note area we point to */ PUT_32BE(ns, strlen(rpaname) + 1); PUT_32BE(ns + 4, sizeof(rpanote)); PUT_32BE(ns + 8, 0x12759999); strcpy((char *) &buf[ns + 12], rpaname); ns += 12 + ROUNDUP(strlen(rpaname) + 1); for (i = 0; i < N_RPA_DESCR; ++i, ns += 4) PUT_32BE(ns, rpanote[i]); /* Update the number of program headers */ PUT_16BE(E_PHNUM, np + 2); /* write back */ lseek(fd, (long) 0, SEEK_SET); i = write(fd, buf, n); if (i < 0) { perror("write"); exit(1); } if (i < n) { fprintf(stderr, "%s: write truncated\n", av[1]); exit(1); } exit(0); notelf: fprintf(stderr, "%s does not appear to be an ELF file\n", av[1]); exit(1); nospace: fprintf(stderr, "sorry, I can't find space in %s to put the note\n", av[1]); exit(1); } ++++++ baselibs.conf ++++++ libuuid1 libuuid-devel requires -libuuid-<targettype> requires "libuuid1-<targettype> = <version>" libblkid1 libblkid-devel requires -libblkid-<targettype> requires "libblkid1-<targettype> = <version>" libmount1 libmount-devel requires -libmount-<targettype> requires "libmount1-<targettype> = <version>" ++++++ blkid.conf ++++++ # do not keep cache file across reboots CACHE_FILE=/dev/.blkid.tab # never try to sequentially scan all devices in /dev EVALUATE=udev ++++++ eject-scsi-check-host_status-and-driver_status.patch ++++++ >From 90a0e97c7be9da39fd54600228e006b98667ad56 Mon Sep 17 00:00:00 2001 From: Karel Zak <[email protected]> Date: Tue, 18 Jun 2013 12:24:28 +0200 Subject: [PATCH 1/2] eject: Check host_status and driver_status when using SG_IO. Based on Suse patch, originally from Anna Bernathova <[email protected]>, May 2008 SG_IO completion status is weird but still well defined. You'll need to check both host_status, driver_status and status to determine that a command actually succeeded. -- Tejun Heo, May 2008 Note that we also need to check driver_status and sense_buffer to detect situation when there is no medium. It's valid request to call eject(8) for device with no medium. References: https://bugzilla.novell.com/show_bug.cgi?id=358033 Signed-off-by: Anna Bernathova <[email protected]> Signed-off-by: Karel Zak <[email protected]> --- sys-utils/eject.c | 24 +++++++++++++++++++++--- 1 file changed, 21 insertions(+), 3 deletions(-) diff --git a/sys-utils/eject.c b/sys-utils/eject.c index 4ec69e7..f98f227 100644 --- a/sys-utils/eject.c +++ b/sys-utils/eject.c @@ -53,6 +53,14 @@ #include "pathnames.h" #include "sysfs.h" +/* + * sg_io_hdr_t driver_status -- see kernel include/scsi/scsi.h + */ +#ifndef DRIVER_SENSE +# define DRIVER_SENSE 0x08 +#endif + + #define EJECT_DEFAULT_DEVICE "/dev/cdrom" @@ -604,17 +612,27 @@ static int eject_scsi(int fd) io_hdr.cmdp = allowRmBlk; status = ioctl(fd, SG_IO, (void *)&io_hdr); - if (status < 0) + if (status < 0 || io_hdr.host_status || io_hdr.driver_status) return 0; io_hdr.cmdp = startStop1Blk; status = ioctl(fd, SG_IO, (void *)&io_hdr); - if (status < 0) + if (status < 0 || io_hdr.host_status) + return 0; + + /* Ignore errors when there is not medium -- in this case driver sense + * buffer sets MEDIUM NOT PRESENT (3a) bit. For more details see: + * http://www.tldp.org/HOWTO/archived/SCSI-Programming-HOWTO/SCSI-Programming-HOWTO-22.html#sec-sensecodes + * -- kzak Jun 2013 + */ + if (io_hdr.driver_status != 0 && + !(io_hdr.driver_status == DRIVER_SENSE && io_hdr.sbp && + io_hdr.sbp[12] == 0x3a)) return 0; io_hdr.cmdp = startStop2Blk; status = ioctl(fd, SG_IO, (void *)&io_hdr); - if (status < 0) + if (status < 0 || io_hdr.host_status || io_hdr.driver_status) return 0; /* force kernel to reread partition table when new disc inserted */ -- 1.8.1.4 ++++++ etc.raw ++++++ # /etc/raw # # sample configuration to bind raw devices # to block devices # # The format of this file is: # raw<N>:<blockdev> # # example: # --------- # raw1:hdb1 # # this means: bind /dev/raw/raw1 to /dev/hdb1 # # ... ++++++ etc_filesystems ++++++ vfat hfs minix reiserfs * ++++++ fdisk-tinfo.patch ++++++ --- util-linux-2.23.1/fdisks/Makemodule.am +++ util-linux-2.23.1/fdisks/Makemodule.am 2013-06-05 09:58:30.753439465 +0000 @@ -79,6 +79,9 @@ endif if HAVE_SLANG cfdisk_LDADD += -lslang else +if HAVE_TINFO +cfdisk_LDADD += -ltinfo +endif if HAVE_NCURSES cfdisk_LDADD += @NCURSES_LIBS@ endif ++++++ klogconsole-quiet.patch ++++++ --- klogconsole/klogconsole.c +++ klogconsole/klogconsole.c @@ -59,7 +59,7 @@ exit(1); } if( ioctl( vt, TIOCLINUX, &newvt ) ) { - perror("ioctl(TIOCLINUX)"); + /* shut up perror("ioctl(TIOCLINUX)"); */ exit(1); } close(vt); ++++++ klogconsole.diff ++++++ --- klogconsole/Makefile +++ klogconsole/Makefile @@ -15,11 +15,11 @@ all: klogconsole klogconsole: klogconsole.c - $(CC) $(CFLAGS) -s -o $@ $< + $(CC) $(CFLAGS) -o $@ $< clean: $(RM) klogconsole install: klogconsole klogconsole.man - $(INSTALL) -s -m 0700 klogconsole $(DEST)/usr/sbin/ + $(INSTALL) -m 0700 klogconsole $(DEST)/usr/sbin/ $(INSTALL) -c -m 0444 klogconsole.man $(DEST)/usr/share/man/man8/klogconsole.8 --- klogconsole/klogconsole.c +++ klogconsole/klogconsole.c @@ -46,7 +46,7 @@ char newvt[2]; int vt; - if ((new_console < 1) || (new_console > MAX_CONSOLE)) { + if ((new_console < 0) || (new_console > MAX_CONSOLE)) { fprintf(stderr,"wrong console number\n"); exit(1); } ++++++ login.pamd ++++++ #%PAM-1.0 auth requisite pam_nologin.so auth [user_unknown=ignore success=ok ignore=ignore auth_err=die default=bad] pam_securetty.so auth include common-auth account include common-account password include common-password session required pam_loginuid.so session include common-session #session optional pam_lastlog.so nowtmp showfailed session optional pam_mail.so standard ++++++ make-sure-sbin-resp-usr-sbin-are-in-PATH.diff ++++++ --- util-linux-2.23.1/login-utils/su-common.c +++ util-linux-2.23.1/login-utils/su-common.c 2013-06-06 08:46:59.575872090 +0000 @@ -473,6 +473,117 @@ set_path(const struct passwd* pw) err (EXIT_FAILURE, _("failed to set PATH")); } +/* Add or clear /sbin and /usr/sbin for the su command + used without `-'. */ + +/* Set if /sbin is found in path. */ +#define SBIN_MASK 0x01 +/* Set if /usr/sbin is found in path. */ +#define USBIN_MASK 0x02 + +static char * +addsbin (const char *const path) +{ + unsigned char smask = 0; + char *ptr, *tmp, *cur, *ret = NULL; + size_t len; + + if (!path || *path == 0) + return NULL; + + tmp = xstrdup (path); + cur = tmp; + for (ptr = strsep (&cur, ":"); ptr != NULL; ptr = strsep (&cur, ":")) + { + if (!strcmp (ptr, "/sbin")) + smask |= SBIN_MASK; + if (!strcmp (ptr, "/usr/sbin")) + smask |= USBIN_MASK; + } + + if ((smask & (USBIN_MASK|SBIN_MASK)) == (USBIN_MASK|SBIN_MASK)) + { + free (tmp); + return NULL; + } + + len = strlen (path); + if (!(smask & USBIN_MASK)) + len += strlen ("/usr/sbin:"); + + if (!(smask & SBIN_MASK)) + len += strlen (":/sbin"); + + ret = xmalloc (len + 1); + strcpy (tmp, path); + + *ret = 0; + cur = tmp; + for (ptr = strsep (&cur, ":"); ptr; ptr = strsep (&cur, ":")) + { + if (!strcmp (ptr, ".")) + continue; + if (*ret) + strcat (ret, ":"); + if (!(smask & USBIN_MASK) && !strcmp (ptr, "/bin")) + { + strcat (ret, "/usr/sbin:"); + strcat (ret, ptr); + smask |= USBIN_MASK; + continue; + } + if (!(smask & SBIN_MASK) && !strcmp (ptr, "/usr/bin")) + { + strcat (ret, ptr); + strcat (ret, ":/sbin"); + smask |= SBIN_MASK; + continue; + } + strcat (ret, ptr); + } + free (tmp); + + if (!(smask & USBIN_MASK)) + strcat (ret, ":/usr/sbin"); + + if (!(smask & SBIN_MASK)) + strcat (ret, ":/sbin"); + + return ret; +} + +static char * +clearsbin (const char *const path) +{ + char *ptr, *tmp, *cur, *ret = NULL; + + if (!path || *path == 0) + return NULL; + + tmp = strdup (path); + if (!tmp) + return NULL; + + ret = xmalloc (strlen (path) + 1); + *ret = 0; + cur = tmp; + for (ptr = strsep (&cur, ":"); ptr; ptr = strsep (&cur, ":")) + { + if (!strcmp (ptr, "/sbin")) + continue; + if (!strcmp (ptr, "/usr/sbin")) + continue; + if (!strcmp (ptr, "/usr/local/sbin")) + continue; + if (*ret) + strcat (ret, ":"); + strcat (ret, ptr); + } + free (tmp); + + return ret; +} + /* Update `environ' for the new shell based on PW, with SHELL being the value for the SHELL environment variable. */ @@ -508,6 +619,22 @@ modify_environment (const struct passwd xsetenv ("SHELL", shell, 1); if (getlogindefs_bool ("ALWAYS_SET_PATH", 0)) set_path(pw); + else + { + char const *path = getenv ("PATH"); + char *new = NULL; + + if (pw->pw_uid) + new = clearsbin (path); + else + new = addsbin (path); + + if (new) + { + xsetenv ("PATH", new, 1); + free (new); + } + } if (pw->pw_uid) { ++++++ mkzimage_cmdline.8 ++++++ .\" $Id: mkzimage_cmdline.8 590 2006-02-07 14:38:07Z jplack $ .TH mkzimage_cmdline 8 .SH NAME \fBmkzimage_cmdline\fR - edit the built-in kernel cmdline in a PowerPC CHRP zImage .SH SYNOPSIS \fBmkzimage_cmdline [-a 0|1] [-s 'kernel cmdline'] [-c] zImage\fR .SH DESCRIPTION \fBmkzimage_cmdline\fR adds a kernel cmdline to a zImage. This string will be passed to the kernel, the contents in /options/boot-file will be overwritten with the provided cmdline. .SH OPTIONS .TP .B \-a 0|1 activate or deactivate the the cmdline .TP .B \-s 'kernel cmdline' pass this string to the kernel. It can be up to 511 chars long. .TP .B \-c clear cmdline area in zImage .SH AUTHOR Olaf Hering <[email protected]> ++++++ mkzimage_cmdline.c ++++++ /* $Id: mkzimage_cmdline.c 590 2006-02-07 14:38:07Z jplack $ */ /* * a little tool to modify the cmdline inside a zImage * Olaf Hering <[email protected]> Copyright (C) 2003, 2004 */ /* 2003-10-02, version 1 2003-11-15, version 2: fix short reads if the string is at the end of the file 2004-08-07, version 3: use mmap */ /* * This program is free software; you can redistribute it and/or * modify it under the terms of the GNU General Public License * as published by the Free Software Foundation */ #include <stdio.h> #include <string.h> #include <stdlib.h> #include <unistd.h> #include <sys/types.h> #include <sys/stat.h> #include <fcntl.h> #include <sys/mman.h> #define MY_VERSION 3 static int activate; static int clear; static int set; static char *string; static char *filename; static const char cmdline_start[] = "cmd_line_start"; static const char cmdline_end[] = "cmd_line_end"; static void my_version(void) { printf("version: %d\n", MY_VERSION); printf("(C) SuSE Linux AG, Nuernberg, Germany, 2003, 2004\n"); return; } static void my_rtfm(const char *app) { printf("modify the built-in cmdline of a CHRP boot image\n"); printf("%s filename\n", app); printf("work with zImage named 'filename'\n"); printf(" [-h] display this help\n"); printf(" [-v] display version\n"); printf(" [-a 0|1] disable/enable built-in cmdline\n"); printf(" overrides whatever is passed from OpenFirmware\n"); printf(" [-s STRING] store STRING in the boot image\n"); printf(" [-c] clear previous content before update\n"); printf(" no option will show the current settings in 'filename'\n"); return; } int main(int argc, char **argv) { struct stat sb; int fd, found; unsigned char *p, *s, *e, *tmp, *active; if (argc < 2) { my_rtfm(argv[0]); exit(1); } while (1) { int i; i = getopt(argc, argv, "a:hcvs:"); if (i == -1) break; switch (i) { case 'a': if (*optarg == '0') activate = -1; else activate = 1; break; case 'c': clear = 1; break; case 'h': my_rtfm(argv[0]); exit(0); case 's': string = strdup(optarg); if (!string) { fprintf(stderr, "set: no mem\n"); exit(1); } set = 1; if (!activate) activate = 1; break; case 'v': my_version(); exit(0); default: printf("unknown option\n"); my_rtfm(argv[0]); exit(1); } } if (argc <= optind) { fprintf(stderr, "filename required\n"); exit(1); } filename = strdup(argv[optind]); if (!filename) { fprintf(stderr, "no mem\n"); exit(1); } fd = open(filename, (activate || clear || set) ? O_RDWR : O_RDONLY); if (fd == -1) goto error; found = stat(filename, &sb); if (found < 0) goto error; if (!S_ISREG(sb.st_mode)) { fprintf(stderr, "%s is not a file\n", filename); exit(1); } p = mmap(NULL, sb.st_size, ((activate || clear || set) ? PROT_WRITE : 0) | PROT_READ, MAP_SHARED, fd, 0); if (p == MAP_FAILED) goto error; s = p; e = p + sb.st_size - sizeof(cmdline_start) - sizeof(cmdline_end); found = 0; while (s < e) { if (memcmp(++s, cmdline_start, sizeof(cmdline_start) - 1) != 0) continue; found = 1; break; } if (!found) goto no_start; found = 0; active = s - 1; tmp = s = s + sizeof(cmdline_start) - 1; e = p + sb.st_size - sizeof(cmdline_end); while (tmp < e) { if (memcmp(++tmp, cmdline_end, sizeof(cmdline_end)) != 0) continue; found = 1; break; } if (!found) goto no_end; if (activate || clear || set) { if (activate) *active = activate > 0 ? '1' : '0'; if (clear) memset(s, 0x0, tmp - s); if (set) snprintf(s, tmp - s, "%s", string); } else { fprintf(stdout, "cmd_line size:%d\n", tmp - s); fprintf(stdout, "cmd_line: %s\n", s); fprintf(stdout, "active: %c\n", *active); } munmap(p, sb.st_size); close(fd); return 0; error: perror(filename); return 1; no_start: fprintf(stderr, "%s: %s not found.\n", filename, cmdline_start); return 1; no_end: fprintf(stderr, "%s: %s not found.\n", filename, cmdline_end); return 1; } ++++++ more-check-for-buffer-size-when-write-multibyte-char.patch ++++++ >From c36407293d63d428af176097527df89d623bc74f Mon Sep 17 00:00:00 2001 From: Karel Zak <[email protected]> Date: Thu, 1 Aug 2013 16:00:21 +0200 Subject: [PATCH] more: check for buffer size when write multibyte char Signed-off-by: Karel Zak <[email protected]> --- text-utils/more.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/text-utils/more.c b/text-utils/more.c index 3377118..9af15b3 100644 --- a/text-utils/more.c +++ b/text-utils/more.c @@ -912,7 +912,8 @@ int get_line(register FILE *f, int *length) Fseek(f, file_pos_bak); break_flag = 1; } else { - for (i = 0; i < mbc_pos; i++) + for (i = 0; p < &Line[LineLen - 1] && + i < mbc_pos; i++) *p++ = mbc[i]; if (wc_width > 0) column += wc_width; -- 1.8.4 ++++++ more-fix-buffer-overflow.patch ++++++ >From 1ef2db5a5672e09fa1337099b7d9d6ab61c19bdc Mon Sep 17 00:00:00 2001 From: Karel Zak <[email protected]> Date: Thu, 1 Aug 2013 12:58:22 +0200 Subject: [PATCH] more: fix buffer overflow The bug has been probably introduced by commit 1ac300932deab8dea2c43050921bbbdb36d62ff1. Reported-by: "Dr. David Alan Gilbert" <[email protected]> References: https://bugzilla.novell.com/show_bug.cgi?id=829720 Signed-off-by: Karel Zak <[email protected]> --- text-utils/more.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/text-utils/more.c b/text-utils/more.c index 3bbeede..3377118 100644 --- a/text-utils/more.c +++ b/text-utils/more.c @@ -835,7 +835,8 @@ void prepare_line_buffer(void) if (nsz < LINSIZ) nsz = LINSIZ; - nline = xrealloc(Line, nsz); + /* alloc nsz and extra space for \n\0 */ + nline = xrealloc(Line, nsz + 2); Line = nline; LineLen = nsz; } -- 1.8.4 ++++++ more-guarantee-space-for-multibyte.patch ++++++ >From 418cb4b3bb7a61aec62ebe91194f7722ea608842 Mon Sep 17 00:00:00 2001 From: Karel Zak <[email protected]> Date: Thu, 1 Aug 2013 16:41:50 +0200 Subject: [PATCH] more: guarantee space for multibyte .. to make the code more robust. Signed-off-by: Karel Zak <[email protected]> --- text-utils/more.c | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/text-utils/more.c b/text-utils/more.c index 9af15b3..ac35acc 100644 --- a/text-utils/more.c +++ b/text-utils/more.c @@ -1030,6 +1030,12 @@ int get_line(register FILE *f, int *length) if (column >= Mcol && fold_opt) break; +#ifdef HAVE_WIDECHAR + if (use_mbc_buffer_flag == 0 && p >= &Line[LineLen - 1 - 4]) + /* don't read another char if there is no space for + * whole multibyte sequence */ + break; +#endif c = Getc(f); } if (column >= Mcol && Mcol > 0) { -- 1.8.4 ++++++ nologin.8 ++++++ .\" $OpenBSD: nologin.8,v 1.8 1999/06/04 02:45:19 aaron Exp $ .\" $NetBSD: nologin.8,v 1.3 1995/03/18 14:59:09 cgd Exp $ .\" .\" Copyright (c) 1993 .\" The Regents of the University of California. All rights reserved. .\" .\" Redistribution and use in source and binary forms, with or without .\" modification, are permitted provided that the following conditions .\" are met: .\" 1. Redistributions of source code must retain the above copyright .\" notice, this list of conditions and the following disclaimer. .\" 2. Redistributions in binary form must reproduce the above copyright .\" notice, this list of conditions and the following disclaimer in the .\" documentation and/or other materials provided with the distribution. .\" 3. All advertising materials mentioning features or use of this software .\" must display the following acknowledgement: .\" This product includes software developed by the University of .\" California, Berkeley and its contributors. .\" 4. Neither the name of the University nor the names of its contributors .\" may be used to endorse or promote products derived from this software .\" without specific prior written permission. .\" .\" THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND .\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE .\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE .\" ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE .\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL .\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS .\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) .\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT .\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF .\" SUCH DAMAGE. .\" .\" @(#)nologin.8 8.1 (Berkeley) 6/19/93 .\" .Dd February 15, 1997 .Dt NOLOGIN 8 .Os .Sh NAME .Nm nologin .Nd politely refuse a login .Sh SYNOPSIS .Nm nologin .Sh DESCRIPTION .Nm displays a message that an account is not available and exits non-zero. It is intended as a replacement shell field for accounts that have been disabled. .Pp If the file .Pa /etc/nologin.txt exists, .Nm displays its contents to the user instead of the default message. .Sh SEE ALSO .Xr login 1 .Sh HISTORY The .Nm command appeared in .Bx 4.4 . ++++++ nologin.c ++++++ /* $OpenBSD: nologin.c,v 1.2 1997/04/04 16:51:37 millert Exp $ */ /* * Copyright (c) 1997, Jason Downs. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * * THIS SOFTWARE IS PROVIDED BY THE AUTHOR(S) ``AS IS'' AND ANY EXPRESS * OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE * DISCLAIMED. IN NO EVENT SHALL THE AUTHOR(S) BE LIABLE FOR ANY DIRECT, * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER * CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. */ #include <sys/types.h> #include <fcntl.h> #include <string.h> #include <unistd.h> #include <stdlib.h> /* Distinctly different from _PATH_NOLOGIN. */ #define _PATH_NOLOGIN_TXT "/etc/nologin.txt" #define DEFAULT_MESG "This account is currently not available.\n" /*ARGSUSED*/ int main(argc, argv) int argc; char *argv[]; { int nfd, nrd; char nbuf[128]; nfd = open(_PATH_NOLOGIN_TXT, O_RDONLY); if (nfd < 0) { write(STDOUT_FILENO, DEFAULT_MESG, strlen(DEFAULT_MESG)); exit (1); } while ((nrd = read(nfd, nbuf, sizeof(nbuf))) > 0) write(STDOUT_FILENO, nbuf, nrd); close (nfd); exit (1); } ++++++ raw.init ++++++ #! /bin/sh # Copyright (c) 1995-2001 SuSE GmbH Nuernberg, Germany. # # Author: Dirk Lerner <[email protected]> # # /etc/init.d/raw # # and symbolic its link # # /usr/sbin/rcraw # ### BEGIN INIT INFO # Provides: raw # Required-Start: $local_fs $remote_fs # Required-Stop: $local_fs $remote_fs # Default-Start: 2 3 5 # Default-Stop: 0 1 6 # Short-Description: raw devices # Description: raw-devices ### END INIT INFO . /etc/rc.status CONFIG=/etc/raw RAW_BIN=/sbin/raw RAW_MODULE=raw test -x $RAW_BIN || exit 5 if [ ! -f $CONFIG ];then echo "file: $CONFIG not found" exit 6 fi rc_reset case "$1" in start) /sbin/modprobe $RAW_MODULE && sleep 2 line=`grep -v ^# < $CONFIG` for i in $line;do rawdev=`echo $i | cut -f1 -d:` rawbind=`echo $i | cut -f2- -d:` echo -n "bind /dev/raw/$rawdev to /dev/$rawbind..." $RAW_BIN /dev/raw/$rawdev /dev/$rawbind > /dev/null 2>&1 rc_status -v done ;; stop) echo -n "to unbind the rawdevice please perform a system shutdown" rc_failed 3 rc_status -v ;; status) $RAW_BIN -qa 2> /dev/null rc_status -v ;; *) echo "Usage: $0 {start|stop|status}" exit 1 ;; esac rc_exit ++++++ remote.pamd ++++++ #%PAM-1.0 # This file is used by /bin/login in case of remote logins (means where # the -h option is used auth requisite pam_nologin.so auth [user_unknown=ignore success=ok ignore=ignore auth_err=die default=bad] pam_securetty.so auth include common-auth account include common-account password include common-password session required pam_loginuid.so session include common-session session optional pam_lastlog.so nowtmp showfailed session optional pam_mail.so standard ++++++ runuser.pamd ++++++ #%PAM-1.0 # Note that runuser requires only "session" setting (and for example "auth sufficient pam_rootok.so" dummy line). auth sufficient pam_rootok.so session include common-session session optional pam_xauth.so ++++++ setctsid.8 ++++++ .\" Rick Sladkey <[email protected]> .\" In the public domain. .\" Path modifications by [email protected] .TH SETCTSID 8 "12 April 1999" "Linux 2.2" "Linux Programmer's Manual" .SH NAME setctsid \- run a program in a new session and tty .SH SYNOPSIS .B setctsid .RB [ -f ] .I /dev/<tty> .I program .RB [ args... ] .SH DESCRIPTION .B setctsid runs a program in a new session with a new controlling terminal .IR /dev/<tty> . The .B -f option causes .B setctsid to run the program in a new process. .SH "SEE ALSO" .BR setsid (2) .SH AUTHORS Rick Sladkey <[email protected]>, Werner Fink <[email protected]> ++++++ setctsid.c ++++++ /* * setctsid.c -- execute a command in a new session and with * new controlling terminal * * derviated from: setctsid.c of Rick Sladkey <[email protected]> * In the public domain. * * Changed by Werner Fink, <[email protected]> */ #include <stdio.h> #include <unistd.h> #include <stdlib.h> #include <sys/types.h> #include <sys/stat.h> #include <sys/ioctl.h> #include <sys/syslog.h> #include <sys/stat.h> #include <fcntl.h> #include <errno.h> #include <string.h> #define xerror(n) do { int error = errno; \ if (!isatty(fileno(stderr))) \ syslog(LOG_ERR, n ": %s", strerror(error)); \ else \ errno = error, perror(n); \ } while (0) int main(int argc, char *argv[]) { int fd; struct stat buf; int dofork = 0; if (argc > 1 && !strcmp(argv[1], "-f")) { dofork = 1; argc--; argv++; } if (argc < 3) { fprintf(stderr, "usage: setctsid [-f] tty program [arg ...]\n"); exit(1); } if (stat(argv[1], &buf) < 0) { perror(argv[1]); exit(1); } if (!(S_ISCHR(buf.st_mode))) { /* why do we care? */ fprintf(stderr, "%s: not a character device\n", argv[1]); exit(1); } if (dofork) { switch (fork()) { case -1: perror("fork"); exit(1); case 0: break; default: exit(0); } } if (setsid() < 0) { perror("setsid"); exit(1); } if ((fd = open(argv[1], O_RDWR, 0)) < 0) { xerror("open"); exit(1); } dup2(fd, fileno(stdin)); dup2(fd, fileno(stdout)); dup2(fd, fileno(stderr)); if (isatty(fd)) { if (ioctl(fileno(stdin), TIOCSCTTY, argv[1]) < 0) { xerror("ioctl"); exit(1); } } if (fd > fileno(stderr)) close(fd); execvp(argv[2], argv + 2); xerror("execvp"); exit(1); } ++++++ su.default ++++++ # Per default, only "su -" will set a new PATH. # If this variable is changed to "yes" (default is "no"), # every su call will overwrite the PATH variable. ALWAYS_SET_PATH=no # Default path. PATH=/usr/local/bin:/bin:/usr/bin # Default path for a user invoking su to root. SUPATH=/usr/sbin:/bin:/usr/bin:/sbin ++++++ su.pamd ++++++ #%PAM-1.0 auth sufficient pam_rootok.so auth include common-auth account sufficient pam_rootok.so account include common-account password include common-password session include common-session session optional pam_xauth.so ++++++ util-linux-2.23.1-eject-fpie.patch ++++++ --- util-linux-2.23.1/sys-utils/Makemodule.am +++ util-linux-2.23.1/sys-utils/Makemodule.am 2013-06-05 12:55:10.921439066 +0000 @@ -142,8 +142,8 @@ endif # LINUX if BUILD_EJECT usrbin_exec_PROGRAMS += eject eject_SOURCES = sys-utils/eject.c -eject_LDADD = $(LDADD) libmount.la libcommon.la -eject_CFLAGS = $(AM_CFLAGS) -I$(ul_libmount_incdir) +eject_LDADD = $(SUID_LDFLAGS) $(LDADD) libmount.la libcommon.la +eject_CFLAGS = $(SUID_CFLAGS) $(AM_CFLAGS) -I$(ul_libmount_incdir) dist_man_MANS += sys-utils/eject.1 endif ++++++ util-linux-2.23.1-fdisk_remove_bogus_warnings.patch ++++++ --- util-linux-2.23.1/fdisks/fdiskdoslabel.c +++ util-linux-2.23.1/fdisks/fdiskdoslabel.c 2013-06-05 10:11:14.121939007 +0000 @@ -817,7 +817,7 @@ static void check_consistency(struct fdi /* compute logical ending (c, h, s) */ long2chs(cxt, get_start_sect(p) + get_nr_sects(p) - 1, &lec, &leh, &les); - +#if 0 /* Same physical / logical beginning? */ if (cxt->geom.cylinders <= 1024 && (pbc != lbc || pbh != lbh || pbs != lbs)) { printf(_("Partition %zd has different physical/logical " @@ -833,7 +833,7 @@ static void check_consistency(struct fdi printf(_(" phys=(%d, %d, %d) "), pec, peh, pes); printf(_("logical=(%d, %d, %d)\n"),lec, leh, les); } - +#endif /* Ending on cylinder boundary? */ if (peh != (cxt->geom.heads - 1) || pes != cxt->geom.sectors) { printf(_("Partition %zd does not end on cylinder boundary.\n"), ++++++ util-linux-2.23.1-noenc-suse.diff ++++++ --- util-linux-2.23.1/libmount/src/context_loopdev.c +++ util-linux-2.23.1/libmount/src/context_loopdev.c 2013-06-05 09:44:37.081939564 +0000 @@ -213,6 +213,9 @@ int mnt_context_setup_loopdev(struct lib if (rc == 0 && (cxt->user_mountflags & MNT_MS_ENCRYPTION) && mnt_optstr_get_option(optstr, "encryption", &val, &len) == 0) { DBG(CXT, mnt_debug_h(cxt, "encryption no longer supported")); + // XXX: nasty for the lib but there's on better way to give a hint atm + fprintf(stderr, "mount: encryption no longer supported.\n" + " Please use /etc/crypttab instead (man 5 crypttab)\n"); rc = -MNT_ERR_MOUNTOPT; } ++++++ util-linux-HACK-boot.localfs.diff ++++++ >From 89a0fa3ca57be7440500dd207d96ea1e2908959f Mon Sep 17 00:00:00 2001 From: Ludwig Nussel <[email protected]> Date: Wed, 20 Jun 2012 10:56:05 +0200 Subject: [PATCH] UGLY HACK: boot.localfs parses mount ouput and needs source rather than target --- sys-utils/mount.c | 3 +++ 1 files changed, 3 insertions(+), 0 deletions(-) diff --git a/sys-utils/mount.c b/sys-utils/mount.c index 8706716..b28d67a 100644 --- a/sys-utils/mount.c +++ b/sys-utils/mount.c @@ -166,6 +166,9 @@ static int mount_all(struct libmnt_context *cxt) while (mnt_context_next_mount(cxt, itr, &fs, &mntrc, &ignored) == 0) { const char *tgt = mnt_fs_get_target(fs); + if (getenv("MOUNT_PRINT_SOURCE")) { + tgt = mnt_fs_get_srcpath(fs); + } if (ignored) { if (mnt_context_is_verbose(cxt)) -- 1.7.7 ++++++ util-linux-cal-no-terminal.patch ++++++ >From 2a4b073e8b2d34dfadd8306f7d71957687923bdd Mon Sep 17 00:00:00 2001 From: Karel Zak <[email protected]> Date: Thu, 12 Mar 2015 11:50:07 +0100 Subject: [PATCH] cal: care about setuprterm() result References: https://bugzilla.suse.com/show_bug.cgi?id=903440 Signed-off-by: Karel Zak <[email protected]> --- misc-utils/cal.c | 59 ++++++++++++++++++++++++++++++++++++-------------------- 1 file changed, 38 insertions(+), 21 deletions(-) Index: misc-utils/cal.c =================================================================== --- misc-utils/cal.c.orig 2013-07-30 10:39:26.227738447 +0200 +++ misc-utils/cal.c 2015-03-12 14:14:11.716437373 +0100 @@ -72,6 +72,8 @@ #include "mbsalign.h" #include "strutils.h" +static int has_term = 0; + #if defined(HAVE_LIBNCURSES) || defined(HAVE_LIBNCURSESW) #ifdef HAVE_NCURSES_H @@ -82,19 +84,27 @@ #include <term.h> /* include after <curses.h> */ -static void -my_setupterm(const char *term, int fildes, int *errret) { - setupterm((char*)term, fildes, errret); +static int +setup_terminal(const char *term) { + int ret; + if (setupterm((char*)term, STDOUT_FILENO, &ret) != OK || ret != 1) + return -1; + return 0; } static void my_putstring(char *s) { - putp(s); + if (has_term) + putp(s); + else + fputs(s, stdout); } static const char * my_tgetstr(char *s __attribute__ ((__unused__)), char *ss) { - const char* ret = tigetstr(ss); + const char* ret = NULL; + if (has_term) + ret = tigetstr(ss); if (!ret || ret==(char*)-1) return ""; else @@ -109,19 +119,26 @@ char tcbuffer[4096]; char *strbuf = termbuffer; -static void -my_setupterm(const char *term, int fildes, int *errret) { - *errret = tgetent(tcbuffer, term); +static int +setup_terminal(const char *term) { + if (tgetent(tcbuffer, term) < 0) + return -1; + return 0; } static void my_putstring(char *s) { - tputs (s, 1, putchar); + if (has_term) + tputs (s, 1, putchar); + else + fputs(s, stdout); } static const char * my_tgetstr(char *s, char *ss __attribute__ ((__unused__))) { - const char* ret = tgetstr(s, &strbuf); + const char* ret = NULL; + if (has_term) + ret = tgetstr(s, &strbuf); if (!ret) return ""; else @@ -138,7 +155,6 @@ #endif -const char *term=""; const char *Senter="", *Sexit="";/* enter and exit standout mode */ int Slen; /* strlen of Senter+Sexit */ char *Hrow; /* pointer to highlighted row in month */ @@ -282,13 +298,15 @@ atexit(close_stdout); #if defined(HAVE_LIBNCURSES) || defined(HAVE_LIBNCURSESW) || defined(HAVE_LIBTERMCAP) - if ((term = getenv("TERM"))) { - int ret; - my_setupterm(term, 1, &ret); - if (ret > 0) { - Senter = my_tgetstr("so","smso"); - Sexit = my_tgetstr("se","rmso"); - Slen = strlen(Senter) + strlen(Sexit); + { + char *term = getenv("TERM"); + if (term) { + has_term = setup_terminal(term) == 0; + if (has_term) { + Senter = my_tgetstr("so","smso"); + Sexit = my_tgetstr("se","rmso"); + Slen = strlen(Senter) + strlen(Sexit); + } } } #endif ++++++ util-linux-libblkid-overflow.patch ++++++ Index: util-linux-2.23.2/libblkid/src/partitions/gpt.c =================================================================== --- util-linux-2.23.2.orig/libblkid/src/partitions/gpt.c +++ util-linux-2.23.2/libblkid/src/partitions/gpt.c @@ -17,6 +17,7 @@ #include <stdlib.h> #include <stdint.h> #include <stddef.h> +#include <limits.h> #include "partitions.h" #include "crc32.h" @@ -259,14 +260,17 @@ static struct gpt_header *get_gpt_header return NULL; } - /* Size of blocks with GPT entries */ - esz = le32_to_cpu(h->num_partition_entries) * - le32_to_cpu(h->sizeof_partition_entry); - if (!esz) { + if (le32_to_cpu(h->num_partition_entries) == 0 || + le32_to_cpu(h->sizeof_partition_entry) == 0 || + ULONG_MAX/le32_to_cpu(h->num_partition_entries) < le32_to_cpu(h->sizeof_partition_entry)) { DBG(LOWPROBE, blkid_debug("GPT entries undefined")); return NULL; } + /* Size of blocks with GPT entries */ + esz = le32_to_cpu(h->num_partition_entries) * + le32_to_cpu(h->sizeof_partition_entry); + /* The header seems valid, save it * (we don't care about zeros in hdr->reserved2 area) */ memcpy(hdr, h, sizeof(*h)); Index: util-linux-2.23.2/libblkid/src/probe.c =================================================================== --- util-linux-2.23.2.orig/libblkid/src/probe.c +++ util-linux-2.23.2/libblkid/src/probe.c @@ -103,6 +103,7 @@ #include <inttypes.h> #include <stdint.h> #include <stdarg.h> +#include <limits.h> #ifdef HAVE_LIBUUID # include <uuid.h> @@ -562,6 +563,12 @@ unsigned char *blkid_probe_get_buffer(bl if (blkid_llseek(pr->fd, pr->off + off, SEEK_SET) < 0) return NULL; + /* someone trying to overflow some buffers? */ + if (len >= ULONG_MAX - sizeof(struct blkid_bufinfo)) { + errno = ENOMEM; + return NULL; + } + /* allocate info and space for data by why call */ bf = calloc(1, sizeof(struct blkid_bufinfo) + len); if (!bf) Index: util-linux-2.23.2/libblkid/src/superblocks/zfs.c =================================================================== --- util-linux-2.23.2.orig/libblkid/src/superblocks/zfs.c +++ util-linux-2.23.2/libblkid/src/superblocks/zfs.c @@ -12,6 +12,7 @@ #include <errno.h> #include <ctype.h> #include <inttypes.h> +#include <limits.h> #include "superblocks.h" @@ -108,6 +109,8 @@ static void zfs_extract_guid_name(blkid_ nvs->nvs_type = be32_to_cpu(nvs->nvs_type); nvs->nvs_strlen = be32_to_cpu(nvs->nvs_strlen); + if (nvs->nvs_strlen >= UINT_MAX - sizeof(*nvs)) + break; avail -= nvs->nvs_strlen + sizeof(*nvs); nvdebug("nvstring: type %u string %*s\n", nvs->nvs_type, nvs->nvs_strlen, nvs->nvs_string); ++++++ util-linux-libblkid-unsafe-chars.patch ++++++ >From 89e90ae7b2826110ea28c1c0eb8e7c56c3907bdc Mon Sep 17 00:00:00 2001 From: Karel Zak <[email protected]> Date: Thu, 27 Nov 2014 13:39:35 +0100 Subject: [PATCH] libblkid: care about unsafe chars in cache The high-level libblkid API uses /run/blkid/blkid.tab cache to store probing results. The cache format is <device NAME="value" ...>devname</device> and unfortunately the cache code does not escape quotation marks: # mkfs.ext4 -L 'AAA"BBB' # cat /run/blkid/blkid.tab ... <device ... LABEL="AAA"BBB" ...>/dev/sdb1</device> such string is later incorrectly parsed and blkid(8) returns nonsenses. And for use-cases like # eval $(blkid -o export /dev/sdb1) it's also insecure. Note that mount, udevd and blkid -p are based on low-level libblkid API, it bypass the cache and directly read data from the devices. The current udevd upstream does not depend on blkid(8) output at all, it's directly linked with the library and all unsafe chars are encoded by \x<hex> notation. # mkfs.ext4 -L 'X"`/tmp/foo` "' /dev/sdb1 # udevadm info --export-db | grep LABEL ... E: ID_FS_LABEL=X__/tmp/foo___ E: ID_FS_LABEL_ENC=X\x22\x60\x2ftmp\x2ffoo\x60\x20\x22 Signed-off-by: Karel Zak <[email protected]> --- libblkid/src/read.c | 21 ++++++++++++++++++--- libblkid/src/save.c | 22 +++++++++++++++++++++- misc-utils/blkid.8 | 5 ++++- misc-utils/blkid.c | 4 ++-- 4 files changed, 45 insertions(+), 7 deletions(-) Index: util-linux-2.23.2/libblkid/src/read.c =================================================================== --- util-linux-2.23.2.orig/libblkid/src/read.c +++ util-linux-2.23.2/libblkid/src/read.c @@ -252,15 +252,30 @@ static int parse_token(char **name, char *value = skip_over_blank(*value + 1); if (**value == '"') { - end = strchr(*value + 1, '"'); - if (!end) { + char *p = end = *value + 1; + + /* convert 'foo\"bar' to 'foo"bar' */ + while (*p) { + if (*p == '\\') { + p++; + *end = *p; + } else { + *end = *p; + if (*p == '"') + break; + } + p++; + end++; + } + + if (*end != '"') { DBG(READ, blkid_debug("unbalanced quotes at: %s", *value)); *cp = *value; return -BLKID_ERR_CACHE; } (*value)++; *end = '\0'; - end++; + end = ++p; } else { end = skip_over_word(*value); if (*end) { Index: util-linux-2.23.2/libblkid/src/save.c =================================================================== --- util-linux-2.23.2.orig/libblkid/src/save.c +++ util-linux-2.23.2/libblkid/src/save.c @@ -23,6 +23,21 @@ #endif #include "blkidP.h" + +static void save_quoted(const char *data, FILE *file) +{ + const char *p; + + fputc('"', file); + for (p = data; p && *p; p++) { + if ((unsigned char) *p == 0x22 || /* " */ + (unsigned char) *p == 0x5c) /* \ */ + fputc('\\', file); + + fputc(*p, file); + } + fputc('"', file); +} static int save_dev(blkid_dev dev, FILE *file) { struct list_head *p; @@ -40,9 +55,14 @@ static int save_dev(blkid_dev dev, FILE if (dev->bid_pri) fprintf(file, " PRI=\"%d\"", dev->bid_pri); + list_for_each(p, &dev->bid_tags) { blkid_tag tag = list_entry(p, struct blkid_struct_tag, bit_tags); - fprintf(file, " %s=\"%s\"", tag->bit_name,tag->bit_val); + + fputc(' ', file); /* space between tags */ + fputs(tag->bit_name, file); /* tag NAME */ + fputc('=', file); /* separator between NAME and VALUE */ + save_quoted(tag->bit_val, file); /* tag "VALUE" */ } fprintf(file, ">%s</device>\n", dev->bid_name); Index: util-linux-2.23.2/misc-utils/blkid.8 =================================================================== --- util-linux-2.23.2.orig/misc-utils/blkid.8 +++ util-linux-2.23.2/misc-utils/blkid.8 @@ -193,7 +193,10 @@ partitions. This output format is \fBDE .TP .B export print key=value pairs for easy import into the environment; this output format -is automatically enabled when I/O Limits (\fB-i\fR option) are requested +is automatically enabled when I/O Limits (\fB-i\fR option) are requested. + +The non-printing characters are encoded by ^ and M- notation and all +potentially unsafe characters are escaped. .RE .TP .BI \-O " offset" Index: util-linux-2.23.2/misc-utils/blkid.c =================================================================== --- util-linux-2.23.2.orig/misc-utils/blkid.c +++ util-linux-2.23.2/misc-utils/blkid.c @@ -106,8 +106,10 @@ static void usage(int error) /* * This function does "safe" printing. It will convert non-printable * ASCII characters using '^' and M- notation. + * + * If 'esc' is defined then escape all chars from esc by \. */ -static void safe_print(const char *cp, int len) +static void safe_print(const char *cp, int len, const char *esc) { unsigned char ch; @@ -124,7 +126,9 @@ static void safe_print(const char *cp, i if ((ch < 32) || (ch == 0x7f)) { fputc('^', stdout); ch ^= 0x40; /* ^@, ^A, ^B; ^? for DEL */ - } + + } else if (esc && strchr(esc, ch)) + fputc('\\', stdout); } fputc(ch, stdout); } @@ -301,7 +305,7 @@ static void print_value(int output, int printf("DEVNAME=%s\n", devname); fputs(name, stdout); fputs("=", stdout); - safe_print(value, valsz); + safe_print(value, valsz, " \\\"'$`<>"); fputs("\n", stdout); } else { @@ -309,7 +313,7 @@ static void print_value(int output, int printf("%s: ", devname); fputs(name, stdout); fputs("=\"", stdout); - safe_print(value, valsz); + safe_print(value, valsz, "\"\\"); fputs("\" ", stdout); } } ++++++ util-linux-rpmlintrc ++++++ addFilter("init-script-without-%stop_on_removal-preun /etc/init.d/raw") addFilter("init-script-without-%restart_on_update-postun /etc/init.d/raw") addFilter("incoherent-init-script-name raw") addFilter("no-reload-entry /etc/init.d/raw") # There is no egrep(1) used -> False positive addFilter("deprecated-grep") # Both pam configs for su and su-l are marked as noreplace addFilter(".*W:.*files-duplicate.*/pam/su.*/pam.d/su-l.*") # Useless warning as the /usr/bin variants are known addFilter(".*W:.*permissions-symlink.*/bin/su.*") addFilter(".*W:.*permissions-symlink.*/bin/umount.*") addFilter(".*W:.*permissions-symlink.*/bin/mount.*") ++++++ util-linux-umount-user.patch ++++++ commit 4e9f59d1ee293108cd1d577f7b1a182f5b0ac9c0 Author: Dave Reisner <[email protected]> Date: Tue Sep 17 17:05:09 2013 -0400 libmount: use memmove when overlap possible When unmounting some mountpoints as an unprivileged user (via the 'user' option in fstab), the umount fails. Debug output of 'umount /opt' reveals: 17760: libmount: CXT: [0x22890e0]: do umount 17760: libmount: UTILS: moving to /opt parent 17760: libmount: CXT: current directory moved to / [last_component='opt'] 17760: libmount: CXT: [0x22890e0]: umount(2) [target='pt', flags=0x00000000] valgrind shows the problem: ==23544== Source and destination overlap in memcpy(0x58d1370, 0x58d1371, 4) ==23544== at 0x4C2BBC3: memcpy@@GLIBC_2.14 (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so) ==23544== by 0x4E537C3: mnt_chdir_to_parent (utils.c:168) ==23544== by 0x4E45E4C: mnt_context_do_umount (context_umount.c:601) ==23544== by 0x4E46513: mnt_context_umount (context_umount.c:855) ==23544== by 0x403476: umount_one (umount.c:299) ==23544== by 0x402B34: main (umount.c:629) ==23544== ref: https://bugs.archlinux.org/task/36968 Signed-off-by: Dave Reisner <[email protected]> diff --git a/libmount/src/utils.c b/libmount/src/utils.c index 9f99241..3cab936 100644 --- a/libmount/src/utils.c +++ b/libmount/src/utils.c @@ -165,7 +165,7 @@ int mnt_chdir_to_parent(const char *target, char **filename) if (!last || !*last) memcpy(*filename, ".", 2); else - memcpy(*filename, last, strlen(last) + 1); + memmove(*filename, last, strlen(last) + 1); } else free(buf); return 0; ++++++ util-linux.keyring ++++++ pub 4096R/EC39C284 2011-10-10 [expires: 2016-10-08] uid Karel Zak <[email protected]> sub 4096R/7BA16CAC 2011-10-10 [expires: 2016-10-08] -----BEGIN PGP PUBLIC KEY BLOCK----- Version: GnuPG v2.0.20 (GNU/Linux) mQINBE6StA4BEACp9++Y+DgbBloJEuVhsDjDIvAR1n/aHPDyPQQzg/DkKtR3BXHn dGfTL9/DR8y9YzLNwUf2lWsEAvwHZ2XfUTp5S5nVbgpAB0/Q2ebP0TnkNYaRkxq7 VJF+kvUcA6hxYKYcIos2kJyfVytPE6FpFBqlgTmjcCTx4HHwePkVTVRyotOoA2V/ UUwixgkyG7aVfy4QBKHAkATpTPC4l+ISaOHKUiajxRoa99rpmBPl4FhIw3b5rPYA 26q9Pz8q1AwbXA1PXxzwKVqqfwEkl6sxUVKiM8rUuhic2lnDMIXexNMvqznpFqtB v7n+z/5N8RbB1DQjWpy/Z7OW6yyYXW9e33c6IgU5n46rIyTPYyzq3mDfOsJdvoG/ nhF7VUkGDPYWfmx9ejvpKdoNCQ2q+MVp20msntcETcOq1r9SJwNXcsx+I/3ptbtX Q+MQyA1L5FifkpA7+akITF5luOqUb2TToEBLiF/nn8y0sIUa/HGgcUrK2N9E1VNJ tcIt/z0sZJUHYC+EBh/G0UNt9tRwPdnUks5sua1sCquXnkd9IS0Kr3Kq/C6JOKzz UDGdFKVc6wExf70hX5h0g1kkypyjNwipGSdk+qVXO0IF/tKMToa8WZqoK3enzryI Kmdq7IQ0ThdTTTC1ctVk4367/30prpNHF4/642G0OOiQCzWBrb0V217HvQARAQAB tBtLYXJlbCBaYWsgPGt6YWtAcmVkaGF0LmNvbT6JAj4EEwECACgFAk6StA4CGwMF CQlmAYAGCwkIBwMCBhUIAgkKCwQWAgMBAh4BAheAAAoJEOS3HV7sOcKETI8QAI0U StG6dv1l9kqkmFpXPZJ75hf5SJA69+upcKeTg9BXKrEqjZLeyEn1OVPmfVGwWpz8 SRbiYcHh8AhJaggAxKcIgQ/sAUBkmrTP6RyYEQUV6vFW5qv7dcEOs46d+LE/Wkxs ymC2FSXxYOFiw7z27gkXQYq/IkdwfhRLFD6aD5egxcBVl91ZlRyklvPPW7qo046B MWh2LaCVowYg+33GjS4A4JcF+tGkWZc0yqANwov93uhY0VXEdDsT4YWrTVdNDI3/ lZ5u5k9sEUGR03oV336M/j0qNtMfAG5iDt2PFrzhJZcGcQPiGd/DeYuJeLVCd8Nl jAwsnfGqu9VITgaDOreLbpSTNSj8egPqOoUBAGncMSfdiQ2ZEhluPyCTwspDy5Pa dESyk0q2Z6tKG9ae01g/RzfTGCVN4GxkORPxcEHloa4XM3C9FBohM1LTWmsvnNXe cPdbPyCoiFKio/yFZDt1CYDkols4uf/0ztCSH6pI874sCmYJVkYev2W9RCxE4aYK KMb8XCUPec8L4C1mpmBiej0NT/d9GHQUnJUpRD4EG7UBxMwNWflhO4P4Q81uM0Kr RMht0lS0EylZXuQPPG5C1nMsa1+eN0wjSTpy7232PTCxu+bhxA1HzvWXYuueUmp2 QuV8PyA1lsfYI7PEgk2skfAvbP5vJszorklo2hVGuQINBE6StA4BEADG5Hind61Y qoXXHotraJO2ejsPiy3BxSZTQet+IJO5tyURSXVIv+ZuV/MBRS/88fkBL2nHpK5b BtJT11D2ZESmziZWGgMtZRV4va3fh3GaMeVdi5pXpmPZp4fBc60F3iCKfd1V8/1a zwicZtdhTphkc6O7ETCr240OrJoOgvilbpv8WuVwhjfEOL2DwKITK6tzba1VScXi ehDhhTssP14RQiH/OcMFuiHCHJeHQOH9ku4fzqT2/lxxSo4kMWKR2VslW17f3Zr3 Zvrbi/b8UE/3T/RsoaQn2ml9BfDiMgNwT4l2ILlE7HpZMfD2WAP6itGHolcdbhNa jxAMHdP5t64zSdwKmB8AbuIo7nbMKuJMiPdkOS/8x3YHRle4WEEeRWTEcqyzqkMq MCqKLxc4SCuSMv+ingDrHr+d5usuMlQjT8c71PIipl9OpM8Jkl8CI2ToVF20wijY Oof4T/jjObYiZk1KcqqKhQzMXEhKCt9hK5AaKMq5BiublS/Q5EXpzcRgVmG+SMHd hUNLN7gilFx5939Ev+36TNE/f66r9aiF+WbiI1V1JGs0LYVyFzwmFMCgQUsnyqyA RNREnLysdLE98PDSO2ESxu9BO7kTvlP0q5p+MKQiYj/s5wSqXw8EDCSBH9u0/FQi gyV0a+J70WZZNpdi5wq+qVZ16LENQdxtKwARAQABiQIlBBgBAgAPBQJOkrQOAhsM BQkJZgGAAAoJEOS3HV7sOcKEtCYP/3ji7Kt4+M0N6IOkh7wHfWk3HLqBa1XOD1Oz X+rp79L1cDK8J1XUHoW/84bsS8Y3NsXlIej1wLOcaH0HOpEsPzqoqP1JxGilRkAu Yazt3WhqdM2FcOQNEnuk66F8HnN/mD4vLzxdxuPlRtlCruUcDZlZlyzpywk6B7Gi cVfh1CvUJsDA++aOlgYIHB4Z6nSJWYp64z+5QAVToBHzI7ywVyWTJbjO1RCR5QsV fPD07p1deSW96QhqLSb2wQfk93I4YGshaVPwG01ZamxPEbspKqrEIG+5S6E4q/B+ VF0zj5GU7jt/6M4qFzKbaY+vxsaqjgCOCPL5bCz5RFTHdtEmC/cmsvVbYuBD/5UY D3JbyXt7KSG/a5Oel4ynK1pRQbnS6eNcGQqZPUop4PBouRKnUqv8uzljaiL9Wm3G Hv9tn1L6ly86VcLt1ALTVuqwm5ci1fDVbddSliPv5atWNJ+So2MfEg3qbCzEC8Is JNsVd4N6fSctYfFvBxsPjy7fw1iEqKq7SzTlHMO5hiKpS+8HSRVv6djHlj3aWtgy u+BTXT/tRQ6c3TlZadqoyumX1U+Tflb6qMyJaZPsqv3bsOpXwjLAVfT4nPRXqbN6 WWUhdompzuZufyCCL9Tc6lPDgVmuWyycHk4gbdfERodk4SEYJ0cEwFbl+GjL9XFZ VeljfCzq =8wc5 -----END PGP PUBLIC KEY BLOCK----- ++++++ uuidd.rc ++++++ #!/bin/sh ### BEGIN INIT INFO # Provides: uuidd # Required-Start: $time $local_fs $remote_fs # Should-Start: # Required-Stop: $time $local_fs $remote_fs # Should-Stop: # Default-Start: 2 3 5 # Default-Stop: 0 1 2 6 # Short-Description: UUID generating daemon # Description: UUID generating daemon ### END INIT INFO # UUIDD_BIN=/usr/sbin/uuidd UUIDD_PID_PATH=/var/run/uuidd UUIDD_OPTIONS="-q -T 0" test -x $UUIDD_BIN || { echo "$UUIDD_BIN not installed"; if [ "$1" = "stop" ]; then exit 0; else exit 5; fi; } . /etc/rc.status # Reset status of this service rc_reset case "$1" in start) echo -n "Starting uuidd " mkdir -p $UUIDD_PID_PATH chown uuidd:uuidd $UUIDD_PID_PATH /sbin/startproc -u uuidd -g uuidd $UUIDD_BIN $UUIDD_OPTIONS rc_status -v ;; stop) echo -n "Shutting down uuidd " /sbin/killproc -TERM $UUIDD_BIN rc_status -v ;; try-restart|condrestart|force-reload) ## Do a restart only if the service was active before. ## Note: try-restart is now part of LSB (as of 1.9). ## RH has a similar command named condrestart. if test "$1" = "condrestart"; then echo "${attn} Use try-restart ${done}(LSB)${attn} rather than condrestart ${warn}(RH)${norm}" fi $0 status if test $? = 0; then $0 restart else rc_reset # Not running is not a failure. fi # Remember status and be quiet rc_status ;; restart) $0 stop $0 start rc_status ;; reload) rc_failed 3 rc_status -v ;; status) echo -n "Checking for service uuidd " /sbin/checkproc $UUIDD_BIN rc_status -v ;; *) echo "Usage: $0 {start|stop|status|try-restart|restart|force-reload|reload|probe}" exit 1 ;; esac rc_exit -- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
