Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package parkverbot for openSUSE:Factory checked in at 2021-10-21 23:55:12 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/parkverbot (Old) and /work/SRC/openSUSE:Factory/.parkverbot.new.1890 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "parkverbot" Thu Oct 21 23:55:12 2021 rev:12 rq:925880 version:1.4 Changes: -------- --- /work/SRC/openSUSE:Factory/parkverbot/parkverbot.changes 2020-09-06 00:03:23.695283661 +0200 +++ /work/SRC/openSUSE:Factory/.parkverbot.new.1890/parkverbot.changes 2021-10-21 23:55:13.508016190 +0200 @@ -1,0 +2,11 @@ +Sun Oct 17 17:05:44 UTC 2021 - Jan Engelhardt <[email protected]> + +- Drop harden_parkverbot.service.patch (merged upstream) + +------------------------------------------------------------------- +Thu Oct 14 10:40:22 UTC 2021 - Johannes Segitz <[email protected]> + +- Added hardening to systemd service(s) (bsc#1181400). Added patch(es): + * harden_parkverbot.service.patch + +------------------------------------------------------------------- Old: ---- parkverbot-1.3.tar.asc parkverbot-1.3.tar.xz New: ---- parkverbot-1.4.tar.asc parkverbot-1.4.tar.xz ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ parkverbot.spec ++++++ --- /var/tmp/diff_new_pack.lmqp5c/_old 2021-10-21 23:55:14.004016445 +0200 +++ /var/tmp/diff_new_pack.lmqp5c/_new 2021-10-21 23:55:14.008016448 +0200 @@ -1,7 +1,7 @@ # # spec file for package parkverbot # -# Copyright (c) 2020 SUSE LLC +# Copyright (c) 2021 SUSE LLC # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -17,7 +17,7 @@ Name: parkverbot -Version: 1.3 +Version: 1.4 Release: 0 Summary: Daemon to prevent hard disk head parking in rotational media License: GPL-2.0-or-later @@ -31,7 +31,7 @@ BuildRequires: pkg-config >= 0.23 BuildRequires: systemd-rpm-macros BuildRequires: xz -BuildRequires: pkgconfig(libHX) >= 3.12 +BuildRequires: pkgconfig(libHX) >= 4.2 %description Modern rotational hard disks have a misfeature involving the regular ++++++ parkverbot-1.3.tar.xz -> parkverbot-1.4.tar.xz ++++++ ++++ 1695 lines of diff (skipped) ++++ retrying with extended exclude list diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/parkverbot-1.3/build-aux/compile new/parkverbot-1.4/build-aux/compile --- old/parkverbot-1.3/build-aux/compile 2020-09-04 14:58:21.077698330 +0200 +++ new/parkverbot-1.4/build-aux/compile 2021-10-17 19:00:06.858232974 +0200 @@ -1,9 +1,9 @@ #! /bin/sh # Wrapper for compilers which do not understand '-c -o'. -scriptversion=2016-01-11.22; # UTC +scriptversion=2018-03-07.03; # UTC -# Copyright (C) 1999-2017 Free Software Foundation, Inc. +# Copyright (C) 1999-2020 Free Software Foundation, Inc. # Written by Tom Tromey <[email protected]>. # # This program is free software; you can redistribute it and/or modify @@ -17,7 +17,7 @@ # GNU General Public License for more details. # # You should have received a copy of the GNU General Public License -# along with this program. If not, see <http://www.gnu.org/licenses/>. +# along with this program. If not, see <https://www.gnu.org/licenses/>. # As a special exception to the GNU General Public License, if you # distribute this file as part of a program that contains a @@ -53,7 +53,7 @@ MINGW*) file_conv=mingw ;; - CYGWIN*) + CYGWIN* | MSYS*) file_conv=cygwin ;; *) @@ -67,7 +67,7 @@ mingw/*) file=`cmd //C echo "$file " | sed -e 's/"\(.*\) " *$/\1/'` ;; - cygwin/*) + cygwin/* | msys/*) file=`cygpath -m "$file" || echo "$file"` ;; wine/*) @@ -340,7 +340,7 @@ # Local Variables: # mode: shell-script # sh-indentation: 2 -# eval: (add-hook 'write-file-hooks 'time-stamp) +# eval: (add-hook 'before-save-hook 'time-stamp) # time-stamp-start: "scriptversion=" # time-stamp-format: "%:y-%02m-%02d.%02H" # time-stamp-time-zone: "UTC0" diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/parkverbot-1.3/build-aux/missing new/parkverbot-1.4/build-aux/missing --- old/parkverbot-1.3/build-aux/missing 2020-09-04 14:58:21.081698362 +0200 +++ new/parkverbot-1.4/build-aux/missing 2021-10-17 19:00:06.870233009 +0200 @@ -1,9 +1,9 @@ #! /bin/sh # Common wrapper for a few potentially missing GNU programs. -scriptversion=2016-01-11.22; # UTC +scriptversion=2018-03-07.03; # UTC -# Copyright (C) 1996-2017 Free Software Foundation, Inc. +# Copyright (C) 1996-2020 Free Software Foundation, Inc. # Originally written by Fran,cois Pinard <[email protected]>, 1996. # This program is free software; you can redistribute it and/or modify @@ -17,7 +17,7 @@ # GNU General Public License for more details. # You should have received a copy of the GNU General Public License -# along with this program. If not, see <http://www.gnu.org/licenses/>. +# along with this program. If not, see <https://www.gnu.org/licenses/>. # As a special exception to the GNU General Public License, if you # distribute this file as part of a program that contains a @@ -101,9 +101,9 @@ exit $st fi -perl_URL=http://www.perl.org/ -flex_URL=http://flex.sourceforge.net/ -gnu_software_URL=http://www.gnu.org/software +perl_URL=https://www.perl.org/ +flex_URL=https://github.com/westes/flex +gnu_software_URL=https://www.gnu.org/software program_details () { @@ -207,7 +207,7 @@ exit $st # Local variables: -# eval: (add-hook 'write-file-hooks 'time-stamp) +# eval: (add-hook 'before-save-hook 'time-stamp) # time-stamp-start: "scriptversion=" # time-stamp-format: "%:y-%02m-%02d.%02H" # time-stamp-time-zone: "UTC0" diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/parkverbot-1.3/configure.ac new/parkverbot-1.4/configure.ac --- old/parkverbot-1.3/configure.ac 2020-09-04 14:58:14.301645264 +0200 +++ new/parkverbot-1.4/configure.ac 2021-10-17 18:59:00.646039256 +0200 @@ -1,4 +1,4 @@ -AC_INIT([parkverbot], [1.3]) +AC_INIT([parkverbot], [1.4]) AC_CONFIG_AUX_DIR([build-aux]) AC_CONFIG_HEADERS([config.h]) AC_PROG_INSTALL @@ -16,7 +16,7 @@ [unitdir="$withval"], [unitdir='/lib/systemd/system']) AC_SUBST([unitdir]) -PKG_CHECK_MODULES([libHX], [libHX >= 3.12]) +PKG_CHECK_MODULES([libHX], [libHX >= 4.2]) AC_SUBST([regular_CPPFLAGS]) AC_SUBST([regular_CFLAGS]) diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/parkverbot-1.3/src/parkverbot.c new/parkverbot-1.4/src/parkverbot.c --- old/parkverbot-1.3/src/parkverbot.c 2013-01-28 16:01:56.000000000 +0100 +++ new/parkverbot-1.4/src/parkverbot.c 2021-10-17 18:58:59.454035768 +0200 @@ -23,6 +23,7 @@ #include <libHX/list.h> #include <libHX/misc.h> #include <libHX/option.h> +#include <libHX/string.h> /** * @anchor: anchor for linkage with @pv_bdev_lsit @@ -34,7 +35,7 @@ struct pv_bdev_entry { struct HXlist_head anchor; const char *path; - loff_t size, prev_pos; + off_t size, prev_pos; int fd; }; @@ -43,21 +44,6 @@ static unsigned long long pv_disk_window = 16384; static unsigned long long pv_buffer_size = 64; -static const char *pv_readable_size(char *buf, size_t bufsize, loff_t size) -{ - static const char unit_names[][2] = - {"", "K", "M", "G", "T", "P", "E", "Y", "Z"}; - unsigned int unit_idx = 0; - - while (size >= 8192 && unit_idx < ARRAY_SIZE(unit_names) - 1) { - ++unit_idx; - size /= 1024; - } - snprintf(buf, bufsize, "%llu %sB", - static_cast(unsigned long long, size), unit_names[unit_idx]); - return buf; -} - static bool pv_in_window(size_t prev_pos, size_t new_pos, const struct pv_bdev_entry *e) { @@ -73,7 +59,7 @@ static int pv_mainloop(void) { struct pv_bdev_entry *e; - loff_t new_pos; + off_t new_pos; ssize_t read_ret; char *buffer; @@ -140,7 +126,7 @@ e->size = size; e->fd = fd; printf("Added %s (size %s)\n", e->path, - pv_readable_size(buf, sizeof(buf), e->size)); + HX_unit_size(buf, sizeof(buf), e->size, 1024, 0)); HXlist_add_tail(&pv_bdev_list, &e->anchor); return true; } diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/parkverbot-1.3/src/parkverbot.service new/parkverbot-1.4/src/parkverbot.service --- old/parkverbot-1.3/src/parkverbot.service 2013-01-31 01:31:12.000000000 +0100 +++ new/parkverbot-1.4/src/parkverbot.service 2021-10-15 18:58:28.288935719 +0200 @@ -2,6 +2,14 @@ Description=Hard disk head parking inhibitor [Service] +ProtectSystem=full +ProtectHome=true +ProtectHostname=true +ProtectKernelTunables=true +ProtectKernelModules=true +ProtectKernelLogs=true +ProtectControlGroups=true +RestrictRealtime=true EnvironmentFile=/etc/sysconfig/parkverbot ExecStart=/usr/sbin/parkverbot $PARKVERBOT_DISKS Restart=on-abort diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/parkverbot-1.3/src/parkverbot.sysconfig new/parkverbot-1.4/src/parkverbot.sysconfig --- old/parkverbot-1.3/src/parkverbot.sysconfig 2013-01-28 15:55:33.000000000 +0100 +++ new/parkverbot-1.4/src/parkverbot.sysconfig 2021-10-15 19:00:40.289315705 +0200 @@ -1,6 +1,7 @@ # # You can either start one parkverbot instance per disk (through # [email protected]), or one instance for all disks listed below (through -# parkverbot.service). +# parkverbot.service). If you choose the latter, specify the block devices +# here, separated by whitespace. # PARKVERBOT_DISKS="" diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/parkverbot-1.3/src/[email protected] new/parkverbot-1.4/src/[email protected] --- old/parkverbot-1.3/src/[email protected] 2013-01-31 01:31:31.000000000 +0100 +++ new/parkverbot-1.4/src/[email protected] 2021-10-15 18:58:28.136935280 +0200 @@ -3,6 +3,14 @@ BindTo=%i.device [Service] +ProtectSystem=full +ProtectHome=true +ProtectHostname=true +ProtectKernelTunables=true +ProtectKernelModules=true +ProtectKernelLogs=true +ProtectControlGroups=true +RestrictRealtime=true ExecStart=/usr/sbin/parkverbot %f Restart=on-abort RestartSec=3
