Hello community, here is the log from the commit of package systemd for openSUSE:Factory checked in at 2019-11-03 11:58:18 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/systemd (Old) and /work/SRC/openSUSE:Factory/.systemd.new.2990 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "systemd" Sun Nov 3 11:58:18 2019 rev:300 rq:744384 version:243 Changes: -------- --- /work/SRC/openSUSE:Factory/systemd/systemd-mini.changes 2019-10-23 15:45:57.318377129 +0200 +++ /work/SRC/openSUSE:Factory/.systemd.new.2990/systemd-mini.changes 2019-11-03 11:58:21.615434088 +0100 @@ -1,0 +2,59 @@ +Thu Oct 31 07:38:55 UTC 2019 - Franck Bui <[email protected]> + +- Drop 0001-compat-rules-escape-when-used-for-shell-expansion.patch + + It's part of the previous import. + +------------------------------------------------------------------- +Thu Oct 31 07:32:47 UTC 2019 - Franck Bui <[email protected]> + +- Import commit b7467b7b553d6d0d6f92758d966b69f1a88b6b42 + + 441f44f371 fileio: introduce read_full_virtual_file() for reading virtual files in sysfs, procfs (bsc#1133495) + 8a1bb5c66b swap: do not make swap units wanted by its device unit anymore + +------------------------------------------------------------------- +Tue Oct 29 10:35:03 UTC 2019 - Franck Bui <[email protected]> + +- Import commit 5df9000899ef7d45ddbcacd0fdf73afa07a40f6b + + f0ed7237e4 udev/cdrom_id: Do not open CD-rom in exclusive mode. (bsc#1154256) + b37054aa5a compat-rules: escape '$' when used for shell expansion + + Changes from the v243-stable: + + ef677436aa test: Pass personality test even when i686 userland runs on x86_64 kernel + 3f6398c450 docs: fix inadvertent change in uid range + 25bb377a73 cgroup: fix typo in BPF firewall support warning message + 6d97aca0d5 fix build with compilers with default stack-protector enabled + fbad077cec nspawn: surrender controlling terminal to PID2 when using the PID1 stub + 0553c3c668 pid1: fix DefaultTasksMax initialization + f406a691a7 src/core/automount: use DirectoryMode when calling mkdir -p + 20438f96c3 udevadm trigger: do not propagate EACCES and ENODEV + 6480630bc3 hwdb: Correct WWWW Pattern In Documentation Comment + 9d8e889810 nspawn: consistenly fail if parsing the environment fails + 40e169b304 nspawn: default to unified hierarchy if --as-pid2 is used + b5df1037a0 cgroup: Mark memory protections as explicitly set in transient units + f14e3e02cc cgroup: Respect DefaultMemoryMin when setting memory.min + ea248e53bf cgroup: Check ancestor memory min for unified memory config + de1d25a506 cgroup: docs: memory.high doc fixups + 2ab45f38d8 cgroup: docs: Mention unbounded protection for memory.{low,min} + 19a43dc38a Consider smb3 as remote filesystem + 5c0224c7bf Handle d_type == DT_UNKNOWN correctly + 8282bc61df util-lib: Don't propagate EACCES from find_binary PATH lookup to caller + 9d0ae987a6 network: drop noisy log message + f67f0e4ec4 Updated log message when the timesync happens for the first time (#13624) + e151bf4674 units: make systemd-binfmt.service easier to work with no autofs + 2b8e574d82 Corect man page reference in systemd-nologin.conf comments + a0577353f1 man: Add a missing space in machinectl(1) + 693e983988 log: Add missing "%" in "%m" log format strings + ea7151b8c4 pid1: do not warn if /run/systemd/relabel-extra.d/ doesn't exist + b90549290e man: fix typo + +------------------------------------------------------------------- +Tue Oct 22 22:25:34 UTC 2019 - Stefan Brüns <[email protected]> + +- Remove intltool BuildRequires, not needed since v237 +- Use python3-base BuildRequires instead of full python3 + +------------------------------------------------------------------- systemd.changes: same change Old: ---- 0001-compat-rules-escape-when-used-for-shell-expansion.patch systemd-v243+suse.91.g428b937f91.tar.xz New: ---- systemd-v243+suse.126.gb7467b7b55.tar.xz ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ systemd-mini.spec ++++++ --- /var/tmp/diff_new_pack.M2mKf9/_old 2019-11-03 11:58:23.995437071 +0100 +++ /var/tmp/diff_new_pack.M2mKf9/_new 2019-11-03 11:58:23.999437076 +0100 @@ -26,7 +26,7 @@ ##### WARNING: please do not edit this auto generated spec file. Use the systemd.spec! ##### %define mini -mini %define min_kernel_version 4.5 -%define suse_version +suse.91.g428b937f91 +%define suse_version +suse.126.gb7467b7b55 %bcond_with gnuefi %if 0%{?bootstrap} @@ -69,7 +69,7 @@ BuildRequires: libxslt-tools BuildRequires: polkit # python is only required for generating systemd.directives.xml -BuildRequires: python3 +BuildRequires: python3-base BuildRequires: python3-lxml BuildRequires: pkgconfig(libcryptsetup) >= 1.6.0 BuildRequires: pkgconfig(libdw) @@ -84,7 +84,6 @@ %endif BuildRequires: fdupes BuildRequires: gperf -BuildRequires: intltool BuildRequires: libacl-devel BuildRequires: libcap-devel BuildRequires: libmount-devel >= 2.27.1 @@ -167,7 +166,6 @@ # broken in upstream and need an urgent fix. Even in this case, the # patches are temporary and should be removed as soon as a fix is # merged by upstream. -Patch1: 0001-compat-rules-escape-when-used-for-shell-expansion.patch Patch2: 0001-logind-keep-backward-compatibility-with-UserTasksMax.patch %description ++++++ systemd.spec ++++++ --- /var/tmp/diff_new_pack.M2mKf9/_old 2019-11-03 11:58:24.023437106 +0100 +++ /var/tmp/diff_new_pack.M2mKf9/_new 2019-11-03 11:58:24.027437111 +0100 @@ -24,7 +24,7 @@ %define bootstrap 0 %define mini %nil %define min_kernel_version 4.5 -%define suse_version +suse.91.g428b937f91 +%define suse_version +suse.126.gb7467b7b55 %bcond_with gnuefi %if 0%{?bootstrap} @@ -67,7 +67,7 @@ BuildRequires: libxslt-tools BuildRequires: polkit # python is only required for generating systemd.directives.xml -BuildRequires: python3 +BuildRequires: python3-base BuildRequires: python3-lxml BuildRequires: pkgconfig(libcryptsetup) >= 1.6.0 BuildRequires: pkgconfig(libdw) @@ -82,7 +82,6 @@ %endif BuildRequires: fdupes BuildRequires: gperf -BuildRequires: intltool BuildRequires: libacl-devel BuildRequires: libcap-devel BuildRequires: libmount-devel >= 2.27.1 @@ -165,7 +164,6 @@ # broken in upstream and need an urgent fix. Even in this case, the # patches are temporary and should be removed as soon as a fix is # merged by upstream. -Patch1: 0001-compat-rules-escape-when-used-for-shell-expansion.patch Patch2: 0001-logind-keep-backward-compatibility-with-UserTasksMax.patch %description ++++++ systemd-v243+suse.91.g428b937f91.tar.xz -> systemd-v243+suse.126.gb7467b7b55.tar.xz ++++++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/systemd-v243+suse.91.g428b937f91/docs/UIDS-GIDS.md new/systemd-v243+suse.126.gb7467b7b55/docs/UIDS-GIDS.md --- old/systemd-v243+suse.91.g428b937f91/docs/UIDS-GIDS.md 2019-10-04 16:25:57.000000000 +0200 +++ new/systemd-v243+suse.126.gb7467b7b55/docs/UIDS-GIDS.md 2019-10-31 08:31:53.000000000 +0100 @@ -237,7 +237,7 @@ | 65535 | 16bit `(uid_t) -1` | Linux | | | 65536…524287 | Unused | | | | 524288…1879048191 | Container UID ranges | `systemd` | `nss-mymachines` | -| 1879048191…2147483647 | Unused | | | +| 1879048192…2147483647 | Unused | | | | 2147483648…4294967294 | HIC SVNT LEONES | | | | 4294967295 | 32bit `(uid_t) -1` | Linux | | diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/systemd-v243+suse.91.g428b937f91/hwdb/60-keyboard.hwdb new/systemd-v243+suse.126.gb7467b7b55/hwdb/60-keyboard.hwdb --- old/systemd-v243+suse.91.g428b937f91/hwdb/60-keyboard.hwdb 2019-10-04 16:25:57.000000000 +0200 +++ new/systemd-v243+suse.126.gb7467b7b55/hwdb/60-keyboard.hwdb 2019-10-31 08:31:53.000000000 +0100 @@ -23,7 +23,7 @@ # evdev:input:bZZZZvYYYYpXXXXeWWWW-VVVV # This matches on the kernel modalias of the input-device, mainly: # ZZZZ is the bus-id (see /usr/include/linux/input.h BUS_*), YYYY, XXXX and -# WWW are the 4-digit hex uppercase vendor, product and version ID and VVVV +# WWWW are the 4-digit hex uppercase vendor, product and version ID and VVVV # is an arbitrary length input-modalias describing the device capabilities. # The vendor, product and version ID for a device node "eventX" is listed # in /sys/class/input/eventX/device/id. diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/systemd-v243+suse.91.g428b937f91/man/machinectl.xml new/systemd-v243+suse.126.gb7467b7b55/man/machinectl.xml --- old/systemd-v243+suse.91.g428b937f91/man/machinectl.xml 2019-10-04 16:25:57.000000000 +0200 +++ new/systemd-v243+suse.126.gb7467b7b55/man/machinectl.xml 2019-10-31 08:31:53.000000000 +0100 @@ -695,7 +695,7 @@ server, under the same URL as the <filename>.tar</filename> file. With <option>--verify=checksum</option>, only the SHA256 checksum for the file is verified, based on the <filename>.sha256</filename> - suffixed file or the<filename>SHA256SUMS</filename> file. + suffixed file or the <filename>SHA256SUMS</filename> file. With <option>--verify=signature</option>, the sha checksum file is first verified with the inline signature in the <filename>.sha256</filename> file or the detached GPG signature file diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/systemd-v243+suse.91.g428b937f91/man/systemd-time-wait-sync.service.xml new/systemd-v243+suse.126.gb7467b7b55/man/systemd-time-wait-sync.service.xml --- old/systemd-v243+suse.91.g428b937f91/man/systemd-time-wait-sync.service.xml 2019-10-04 16:25:57.000000000 +0200 +++ new/systemd-v243+suse.126.gb7467b7b55/man/systemd-time-wait-sync.service.xml 2019-10-31 08:31:53.000000000 +0100 @@ -35,7 +35,7 @@ <para><filename>systemd-timesyncd.service</filename> notifies on successful synchronization. <filename>systemd-time-wait-sync</filename> also tries to detect when the kernel marks the time as synchronized, - but this detection is not reliable and is intended only as a fallback for other servies that can be used to + but this detection is not reliable and is intended only as a fallback for other services that can be used to synchronize time (e.g., ntpd, chronyd).</para> </refsect1> diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/systemd-v243+suse.91.g428b937f91/man/systemd.resource-control.xml new/systemd-v243+suse.126.gb7467b7b55/man/systemd.resource-control.xml --- old/systemd-v243+suse.91.g428b937f91/man/systemd.resource-control.xml 2019-10-04 16:25:57.000000000 +0200 +++ new/systemd-v243+suse.126.gb7467b7b55/man/systemd.resource-control.xml 2019-10-31 08:31:53.000000000 +0100 @@ -239,7 +239,9 @@ <para>Takes a memory size in bytes. If the value is suffixed with K, M, G or T, the specified memory size is parsed as Kilobytes, Megabytes, Gigabytes, or Terabytes (with the base 1024), respectively. Alternatively, a percentage value may be specified, which is taken relative to the installed physical memory on the - system. This controls the <literal>memory.min</literal> control group attribute. For details about this + system. If assigned the special value <literal>infinity</literal>, all available memory is protected, which may be + useful in order to always inherit all of the protection afforded by ancestors. + This controls the <literal>memory.min</literal> control group attribute. For details about this control group attribute, see <ulink url="https://www.kernel.org/doc/Documentation/cgroup-v2.txt";>cgroup-v2.txt</ulink>.</para> @@ -263,7 +265,9 @@ <para>Takes a memory size in bytes. If the value is suffixed with K, M, G or T, the specified memory size is parsed as Kilobytes, Megabytes, Gigabytes, or Terabytes (with the base 1024), respectively. Alternatively, a percentage value may be specified, which is taken relative to the installed physical memory on the - system. This controls the <literal>memory.low</literal> control group attribute. For details about this + system. If assigned the special value <literal>infinity</literal>, all available memory is protected, which may be + useful in order to always inherit all of the protection afforded by ancestors. + This controls the <literal>memory.low</literal> control group attribute. For details about this control group attribute, see <ulink url="https://www.kernel.org/doc/Documentation/cgroup-v2.txt";>cgroup-v2.txt</ulink>.</para> @@ -280,7 +284,7 @@ <term><varname>MemoryHigh=<replaceable>bytes</replaceable></varname></term> <listitem> - <para>Specify the high limit on memory usage of the executed processes in this unit. Memory usage may go + <para>Specify the throttling limit on memory usage of the executed processes in this unit. Memory usage may go above the limit if unavoidable, but the processes are heavily slowed down and memory is taken away aggressively in such cases. This is the main mechanism to control memory usage of a unit.</para> @@ -288,7 +292,7 @@ parsed as Kilobytes, Megabytes, Gigabytes, or Terabytes (with the base 1024), respectively. Alternatively, a percentage value may be specified, which is taken relative to the installed physical memory on the system. If assigned the - special value <literal>infinity</literal>, no memory limit is applied. This controls the + special value <literal>infinity</literal>, no memory throttling is applied. This controls the <literal>memory.high</literal> control group attribute. For details about this control group attribute, see <ulink url="https://www.kernel.org/doc/Documentation/cgroup-v2.txt";>cgroup-v2.txt</ulink>.</para> diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/systemd-v243+suse.91.g428b937f91/meson.build new/systemd-v243+suse.126.gb7467b7b55/meson.build --- old/systemd-v243+suse.91.g428b937f91/meson.build 2019-10-04 16:25:57.000000000 +0200 +++ new/systemd-v243+suse.126.gb7467b7b55/meson.build 2019-10-31 08:31:53.000000000 +0100 @@ -382,6 +382,7 @@ possible_link_flags = [ '-Wl,-z,relro', '-Wl,-z,now', + '-fstack-protector', ] if cc.get_id() == 'clang' diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/systemd-v243+suse.91.g428b937f91/rules/61-persistent-storage-compat.rules new/systemd-v243+suse.126.gb7467b7b55/rules/61-persistent-storage-compat.rules --- old/systemd-v243+suse.91.g428b937f91/rules/61-persistent-storage-compat.rules 2019-10-04 16:25:57.000000000 +0200 +++ new/systemd-v243+suse.126.gb7467b7b55/rules/61-persistent-storage-compat.rules 2019-10-31 08:31:53.000000000 +0100 @@ -80,17 +80,17 @@ # symlink is created. KERNEL=="nvme*", ENV{DEVTYPE}=="disk", ENV{ID_NVME_EUI_COMPAT}!="?*", ATTRS{eui}=="?*", ATTRS{eui}!="0000000000000000", \ - PROGRAM=="/bin/sh -c 'eui=\"%s{eui}\"; echo ${eui// /}", ENV{ID_NVME_EUI_COMPAT}="2%c" + PROGRAM=="/bin/sh -c 'eui=\"%s{eui}\"; echo $${eui// /}", ENV{ID_NVME_EUI_COMPAT}="2%c" KERNEL=="nvme*", ENV{DEVTYPE}=="disk", ENV{ID_NVME_NGUID_COMPAT}!="?*", ATTRS{nguid}=="?*", \ - PROGRAM=="/bin/sh -c 'nguid=\"%s{nguid}\"; echo ${nguid//-/}", ENV{ID_NVME_NGUID_COMPAT}="%c" + PROGRAM=="/bin/sh -c 'nguid=\"%s{nguid}\"; echo $${nguid//-/}", ENV{ID_NVME_NGUID_COMPAT}="%c" KERNEL=="nvme*", ENV{DEVTYPE}=="disk", ENV{ID_NVME_SERIAL_COMPAT}!="?*", ATTRS{model}=="?*", ATTRS{serial}=="?*", \ PROGRAM=="/bin/sh -c ' \ cd /sys/%p; \ while ! [ -f model ]; do \ cd ..; \ - [ $(pwd) = %S ] && exit 1; \ + [ $$(pwd) = %S ] && exit 1; \ done; \ cut -c 1-16 model'", ENV{ID_NVME_SERIAL_COMPAT}="SNVMe_%c%s{serial}" diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/systemd-v243+suse.91.g428b937f91/src/basic/fileio.c new/systemd-v243+suse.126.gb7467b7b55/src/basic/fileio.c --- old/systemd-v243+suse.91.g428b937f91/src/basic/fileio.c 2019-10-04 16:25:57.000000000 +0200 +++ new/systemd-v243+suse.126.gb7467b7b55/src/basic/fileio.c 2019-10-31 08:31:53.000000000 +0100 @@ -310,6 +310,113 @@ return 1; } +int read_full_virtual_file(const char *filename, char **ret_contents, size_t *ret_size) { + _cleanup_free_ char *buf = NULL; + _cleanup_close_ int fd = -1; + struct stat st; + size_t n, size; + int n_retries; + char *p; + + assert(ret_contents); + + /* Virtual filesystems such as sysfs or procfs use kernfs, and kernfs can work + * with two sorts of virtual files. One sort uses "seq_file", and the results of + * the first read are buffered for the second read. The other sort uses "raw" + * reads which always go direct to the device. In the latter case, the content of + * the virtual file must be retrieved with a single read otherwise a second read + * might get the new value instead of finding EOF immediately. That's the reason + * why the usage of fread(3) is prohibited in this case as it always performs a + * second call to read(2) looking for EOF. See issue 13585. */ + + fd = open(filename, O_RDONLY|O_CLOEXEC); + if (fd < 0) + return -errno; + + /* Start size for files in /proc which usually report a file size of 0. */ + size = LINE_MAX / 2; + + /* Limit the number of attempts to read the number of bytes returned by fstat(). */ + n_retries = 3; + + for (;;) { + if (n_retries <= 0) + return -EIO; + + if (fstat(fd, &st) < 0) + return -errno; + + if (!S_ISREG(st.st_mode)) + return -EBADF; + + /* Be prepared for files from /proc which generally report a file size of 0. */ + if (st.st_size > 0) { + size = st.st_size; + n_retries--; + } else + size = size * 2; + + if (size > READ_FULL_BYTES_MAX) + return -E2BIG; + + p = realloc(buf, size + 1); + if (!p) + return -ENOMEM; + buf = TAKE_PTR(p); + + for (;;) { + ssize_t k; + + /* Read one more byte so we can detect whether the content of the + * file has already changed or the guessed size for files from /proc + * wasn't large enough . */ + k = read(fd, buf, size + 1); + if (k >= 0) { + n = k; + break; + } + + if (errno != -EINTR) + return -errno; + } + + /* Consider a short read as EOF */ + if (n <= size) + break; + + /* Hmm... either we read too few bytes from /proc or less likely the content + * of the file might have been changed (and is now bigger) while we were + * processing, let's try again either with a bigger guessed size or the new + * file size. */ + + if (lseek(fd, 0, SEEK_SET) < 0) + return -errno; + } + + if (n < size) { + p = realloc(buf, n + 1); + if (!p) + return -ENOMEM; + buf = TAKE_PTR(p); + } + + if (!ret_size) { + /* Safety check: if the caller doesn't want to know the size of what we + * just read it will rely on the trailing NUL byte. But if there's an + * embedded NUL byte, then we should refuse operation as otherwise + * there'd be ambiguity about what we just read. */ + + if (memchr(buf, 0, n)) + return -EBADMSG; + } else + *ret_size = n; + + buf[n] = 0; + *ret_contents = TAKE_PTR(buf); + + return 0; +} + int read_full_stream_full( FILE *f, const char *filename, @@ -342,9 +449,9 @@ if (st.st_size > READ_FULL_BYTES_MAX) return -E2BIG; - /* Start with the right file size, but be prepared for files from /proc which generally report a file - * size of 0. Note that we increase the size to read here by one, so that the first read attempt - * already makes us notice the EOF. */ + /* Start with the right file size. Note that we increase the size + * to read here by one, so that the first read attempt already + * makes us notice the EOF. */ if (st.st_size > 0) n_next = st.st_size + 1; @@ -502,7 +609,7 @@ assert(pattern); assert(field); - r = read_full_file(filename, &status, NULL); + r = read_full_virtual_file(filename, &status, NULL); if (r < 0) return r; diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/systemd-v243+suse.91.g428b937f91/src/basic/fileio.h new/systemd-v243+suse.126.gb7467b7b55/src/basic/fileio.h --- old/systemd-v243+suse.91.g428b937f91/src/basic/fileio.h 2019-10-04 16:25:57.000000000 +0200 +++ new/systemd-v243+suse.126.gb7467b7b55/src/basic/fileio.h 2019-10-31 08:31:53.000000000 +0100 @@ -56,6 +56,7 @@ static inline int read_full_file(const char *filename, char **contents, size_t *size) { return read_full_file_full(filename, 0, contents, size); } +int read_full_virtual_file(const char *filename, char **ret_contents, size_t *ret_size); int read_full_stream_full(FILE *f, const char *filename, ReadFullFileFlags flags, char **contents, size_t *size); static inline int read_full_stream(FILE *f, char **contents, size_t *size) { return read_full_stream_full(f, NULL, 0, contents, size); diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/systemd-v243+suse.91.g428b937f91/src/basic/mountpoint-util.c new/systemd-v243+suse.126.gb7467b7b55/src/basic/mountpoint-util.c --- old/systemd-v243+suse.91.g428b937f91/src/basic/mountpoint-util.c 2019-10-04 16:25:57.000000000 +0200 +++ new/systemd-v243+suse.126.gb7467b7b55/src/basic/mountpoint-util.c 2019-10-31 08:31:53.000000000 +0100 @@ -298,6 +298,7 @@ return STR_IN_SET(fstype, "afs", "cifs", + "smb3", "smbfs", "sshfs", "ncpfs", diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/systemd-v243+suse.91.g428b937f91/src/basic/path-util.c new/systemd-v243+suse.126.gb7467b7b55/src/basic/path-util.c --- old/systemd-v243+suse.91.g428b937f91/src/basic/path-util.c 2019-10-04 16:25:57.000000000 +0200 +++ new/systemd-v243+suse.126.gb7467b7b55/src/basic/path-util.c 2019-10-31 08:31:53.000000000 +0100 @@ -651,7 +651,9 @@ return 0; } - last_error = -errno; + /* PATH entries which we don't have access to are ignored, as per tradition. */ + if (errno != EACCES) + last_error = -errno; } return last_error; diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/systemd-v243+suse.91.g428b937f91/src/core/automount.c new/systemd-v243+suse.126.gb7467b7b55/src/core/automount.c --- old/systemd-v243+suse.91.g428b937f91/src/core/automount.c 2019-10-04 16:25:57.000000000 +0200 +++ new/systemd-v243+suse.126.gb7467b7b55/src/core/automount.c 2019-10-31 08:31:53.000000000 +0100 @@ -568,7 +568,7 @@ if (r < 0) goto fail; - (void) mkdir_p_label(a->where, 0555); + (void) mkdir_p_label(a->where, a->directory_mode); unit_warn_if_dir_nonempty(UNIT(a), a->where); diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/systemd-v243+suse.91.g428b937f91/src/core/cgroup.c new/systemd-v243+suse.126.gb7467b7b55/src/core/cgroup.c --- old/systemd-v243+suse.91.g428b937f91/src/core/cgroup.c 2019-10-04 16:25:57.000000000 +0200 +++ new/systemd-v243+suse.126.gb7467b7b55/src/core/cgroup.c 2019-10-31 08:31:53.000000000 +0100 @@ -933,7 +933,7 @@ c = unit_get_cgroup_context(u); assert(c); - return c->memory_min > 0 || unit_get_ancestor_memory_low(u) > 0 || + return unit_get_ancestor_memory_min(u) > 0 || unit_get_ancestor_memory_low(u) > 0 || c->memory_high != CGROUP_LIMIT_MAX || c->memory_max != CGROUP_LIMIT_MAX || c->memory_swap_max != CGROUP_LIMIT_MAX; } @@ -1200,7 +1200,7 @@ log_cgroup_compat(u, "Applying MemoryLimit=%" PRIu64 " as MemoryMax=", max); } - cgroup_apply_unified_memory_limit(u, "memory.min", c->memory_min); + cgroup_apply_unified_memory_limit(u, "memory.min", unit_get_ancestor_memory_min(u)); cgroup_apply_unified_memory_limit(u, "memory.low", unit_get_ancestor_memory_low(u)); cgroup_apply_unified_memory_limit(u, "memory.high", c->memory_high); cgroup_apply_unified_memory_limit(u, "memory.max", max); diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/systemd-v243+suse.91.g428b937f91/src/core/dbus-cgroup.c new/systemd-v243+suse.126.gb7467b7b55/src/core/dbus-cgroup.c --- old/systemd-v243+suse.91.g428b937f91/src/core/dbus-cgroup.c 2019-10-04 16:25:57.000000000 +0200 +++ new/systemd-v243+suse.126.gb7467b7b55/src/core/dbus-cgroup.c 2019-10-31 08:31:53.000000000 +0100 @@ -531,7 +531,7 @@ static bool warned = false; log_full(warned ? LOG_DEBUG : LOG_WARNING, - "Transient unit %s configures an IP firewall with BPF, but the local system does not support BPF/cgroup firewalling with mulitiple filters.\n" + "Transient unit %s configures an IP firewall with BPF, but the local system does not support BPF/cgroup firewalling with multiple filters.\n" "Starting this unit will fail! (This warning is only shown for the first started transient unit using IP firewalling.)", u->id); warned = true; } @@ -749,17 +749,33 @@ if (streq(name, "MemoryAccounting")) return bus_cgroup_set_boolean(u, name, &c->memory_accounting, CGROUP_MASK_MEMORY, message, flags, error); - if (streq(name, "MemoryMin")) - return bus_cgroup_set_memory_protection(u, name, &c->memory_min, message, flags, error); + if (streq(name, "MemoryMin")) { + r = bus_cgroup_set_memory_protection(u, name, &c->memory_min, message, flags, error); + if (r > 0) + c->memory_min_set = true; + return r; + } - if (streq(name, "MemoryLow")) - return bus_cgroup_set_memory_protection(u, name, &c->memory_low, message, flags, error); + if (streq(name, "MemoryLow")) { + r = bus_cgroup_set_memory_protection(u, name, &c->memory_low, message, flags, error); + if (r > 0) + c->memory_low_set = true; + return r; + } - if (streq(name, "DefaultMemoryMin")) - return bus_cgroup_set_memory_protection(u, name, &c->default_memory_min, message, flags, error); + if (streq(name, "DefaultMemoryMin")) { + r = bus_cgroup_set_memory_protection(u, name, &c->default_memory_min, message, flags, error); + if (r > 0) + c->default_memory_min_set = true; + return r; + } - if (streq(name, "DefaultMemoryLow")) - return bus_cgroup_set_memory_protection(u, name, &c->default_memory_low, message, flags, error); + if (streq(name, "DefaultMemoryLow")) { + r = bus_cgroup_set_memory_protection(u, name, &c->default_memory_low, message, flags, error); + if (r > 0) + c->default_memory_low_set = true; + return r; + } if (streq(name, "MemoryHigh")) return bus_cgroup_set_memory(u, name, &c->memory_high, message, flags, error); @@ -773,17 +789,33 @@ if (streq(name, "MemoryLimit")) return bus_cgroup_set_memory(u, name, &c->memory_limit, message, flags, error); - if (streq(name, "MemoryMinScale")) - return bus_cgroup_set_memory_protection_scale(u, name, &c->memory_min, message, flags, error); + if (streq(name, "MemoryMinScale")) { + r = bus_cgroup_set_memory_protection_scale(u, name, &c->memory_min, message, flags, error); + if (r > 0) + c->memory_min_set = true; + return r; + } - if (streq(name, "MemoryLowScale")) - return bus_cgroup_set_memory_protection_scale(u, name, &c->memory_low, message, flags, error); + if (streq(name, "MemoryLowScale")) { + r = bus_cgroup_set_memory_protection_scale(u, name, &c->memory_low, message, flags, error); + if (r > 0) + c->memory_low_set = true; + return r; + } - if (streq(name, "DefaultMemoryMinScale")) - return bus_cgroup_set_memory_protection_scale(u, name, &c->default_memory_min, message, flags, error); + if (streq(name, "DefaultMemoryMinScale")) { + r = bus_cgroup_set_memory_protection_scale(u, name, &c->default_memory_min, message, flags, error); + if (r > 0) + c->default_memory_min_set = true; + return r; + } - if (streq(name, "DefaultMemoryLowScale")) - return bus_cgroup_set_memory_protection_scale(u, name, &c->default_memory_low, message, flags, error); + if (streq(name, "DefaultMemoryLowScale")) { + r = bus_cgroup_set_memory_protection_scale(u, name, &c->default_memory_low, message, flags, error); + if (r > 0) + c->default_memory_low_set = true; + return r; + } if (streq(name, "MemoryHighScale")) return bus_cgroup_set_memory_scale(u, name, &c->memory_high, message, flags, error); diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/systemd-v243+suse.91.g428b937f91/src/core/mount-setup.c new/systemd-v243+suse.126.gb7467b7b55/src/core/mount-setup.c --- old/systemd-v243+suse.91.g428b937f91/src/core/mount-setup.c 2019-10-04 16:25:57.000000000 +0200 +++ new/systemd-v243+suse.126.gb7467b7b55/src/core/mount-setup.c 2019-10-31 08:31:53.000000000 +0100 @@ -495,8 +495,9 @@ log_warning_errno(errno, "Failed to remove /run/systemd/relabel-extra.d/%s, ignoring: %m", de->d_name); } - /* Remove when we completing things. */ - if (rmdir("/run/systemd/relabel-extra.d") < 0) + /* Remove when we complete things. */ + if (rmdir("/run/systemd/relabel-extra.d") < 0 && + errno != ENOENT) log_warning_errno(errno, "Failed to remove /run/systemd/relabel-extra.d/ directory: %m"); return c; diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/systemd-v243+suse.91.g428b937f91/src/core/smack-setup.c new/systemd-v243+suse.126.gb7467b7b55/src/core/smack-setup.c --- old/systemd-v243+suse.91.g428b937f91/src/core/smack-setup.c 2019-10-04 16:25:57.000000000 +0200 +++ new/systemd-v243+suse.126.gb7467b7b55/src/core/smack-setup.c 2019-10-31 08:31:53.000000000 +0100 @@ -84,6 +84,7 @@ FOREACH_DIRENT(entry, dir, return 0) { _cleanup_fclose_ FILE *policy = NULL; + dirent_ensure_type(dir, entry); if (!dirent_is_file(entry)) continue; @@ -150,6 +151,7 @@ FOREACH_DIRENT(entry, dir, return 0) { _cleanup_fclose_ FILE *policy = NULL; + dirent_ensure_type(dir, entry); if (!dirent_is_file(entry)) continue; diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/systemd-v243+suse.91.g428b937f91/src/core/swap.c new/systemd-v243+suse.126.gb7467b7b55/src/core/swap.c --- old/systemd-v243+suse.91.g428b937f91/src/core/swap.c 2019-10-04 16:25:57.000000000 +0200 +++ new/systemd-v243+suse.126.gb7467b7b55/src/core/swap.c 2019-10-31 08:31:53.000000000 +0100 @@ -195,12 +195,11 @@ return 0; if (is_device_path(s->what)) - return unit_add_node_dependency(UNIT(s), s->what, MANAGER_IS_SYSTEM(UNIT(s)->manager), UNIT_BINDS_TO, UNIT_DEPENDENCY_FILE); - else - /* File based swap devices need to be ordered after - * systemd-remount-fs.service, since they might need a - * writable file system. */ - return unit_add_dependency_by_name(UNIT(s), UNIT_AFTER, SPECIAL_REMOUNT_FS_SERVICE, true, UNIT_DEPENDENCY_FILE); + return unit_add_node_dependency(UNIT(s), s->what, false, UNIT_BINDS_TO, UNIT_DEPENDENCY_FILE); + + /* File based swap devices need to be ordered after systemd-remount-fs.service, + * since they might need a writable file system. */ + return unit_add_dependency_by_name(UNIT(s), UNIT_AFTER, SPECIAL_REMOUNT_FS_SERVICE, true, UNIT_DEPENDENCY_FILE); } static int swap_add_default_dependencies(Swap *s) { diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/systemd-v243+suse.91.g428b937f91/src/core/unit.c new/systemd-v243+suse.126.gb7467b7b55/src/core/unit.c --- old/systemd-v243+suse.91.g428b937f91/src/core/unit.c 2019-10-04 16:25:57.000000000 +0200 +++ new/systemd-v243+suse.126.gb7467b7b55/src/core/unit.c 2019-10-31 08:31:53.000000000 +0100 @@ -2788,7 +2788,7 @@ r = sd_event_source_set_priority(s, SD_EVENT_PRIORITY_IDLE); if (r < 0) - return log_error_errno(r, "Failed to adjust priority of event source for tidying watched PIDs: m"); + return log_error_errno(r, "Failed to adjust priority of event source for tidying watched PIDs: %m"); (void) sd_event_source_set_description(s, "tidy-watch-pids"); diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/systemd-v243+suse.91.g428b937f91/src/libsystemd/sd-device/sd-device.c new/systemd-v243+suse.126.gb7467b7b55/src/libsystemd/sd-device/sd-device.c --- old/systemd-v243+suse.91.g428b937f91/src/libsystemd/sd-device/sd-device.c 2019-10-04 16:25:57.000000000 +0200 +++ new/systemd-v243+suse.126.gb7467b7b55/src/libsystemd/sd-device/sd-device.c 2019-10-31 08:31:53.000000000 +0100 @@ -1786,7 +1786,7 @@ size_t size; /* read attribute value */ - r = read_full_file(path, &value, &size); + r = read_full_virtual_file(path, &value, &size); if (r < 0) return r; diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/systemd-v243+suse.91.g428b937f91/src/login/logind-dbus.c new/systemd-v243+suse.126.gb7467b7b55/src/login/logind-dbus.c --- old/systemd-v243+suse.91.g428b937f91/src/login/logind-dbus.c 2019-10-04 16:25:57.000000000 +0200 +++ new/systemd-v243+suse.126.gb7467b7b55/src/login/logind-dbus.c 2019-10-31 08:31:53.000000000 +0100 @@ -1378,6 +1378,7 @@ struct dirent *de; FOREACH_DIRENT_ALL(de, d, break) { + dirent_ensure_type(d, de); if (!dirent_is_file(de)) continue; diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/systemd-v243+suse.91.g428b937f91/src/login/logind.c new/systemd-v243+suse.126.gb7467b7b55/src/login/logind.c --- old/systemd-v243+suse.91.g428b937f91/src/login/logind.c 2019-10-04 16:25:57.000000000 +0200 +++ new/systemd-v243+suse.126.gb7467b7b55/src/login/logind.c 2019-10-31 08:31:53.000000000 +0100 @@ -291,6 +291,7 @@ FOREACH_DIRENT(de, d, return -errno) { int k; + dirent_ensure_type(d, de); if (!dirent_is_file(de)) continue; diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/systemd-v243+suse.91.g428b937f91/src/network/networkd-link.c new/systemd-v243+suse.126.gb7467b7b55/src/network/networkd-link.c --- old/systemd-v243+suse.91.g428b937f91/src/network/networkd-link.c 2019-10-04 16:25:57.000000000 +0200 +++ new/systemd-v243+suse.126.gb7467b7b55/src/network/networkd-link.c 2019-10-31 08:31:53.000000000 +0100 @@ -856,8 +856,6 @@ if (link->state != LINK_STATE_CONFIGURING) return; - log_link_info(link, "Configured"); - link_set_state(link, LINK_STATE_CONFIGURED); (void) link_join_netdevs_after_configured(link); diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/systemd-v243+suse.91.g428b937f91/src/nspawn/nspawn-stub-pid1.c new/systemd-v243+suse.126.gb7467b7b55/src/nspawn/nspawn-stub-pid1.c --- old/systemd-v243+suse.91.g428b937f91/src/nspawn/nspawn-stub-pid1.c 2019-10-04 16:25:57.000000000 +0200 +++ new/systemd-v243+suse.126.gb7467b7b55/src/nspawn/nspawn-stub-pid1.c 2019-10-31 08:31:53.000000000 +0100 @@ -53,6 +53,12 @@ assert_se(sigfillset(&fullmask) >= 0); assert_se(sigprocmask(SIG_BLOCK, &fullmask, &oldmask) >= 0); + /* Surrender the terminal this stub may control so that child processes can have a controlling terminal + * without resorting to setsid hacks. */ + r = ioctl(STDIN_FILENO, TIOCNOTTY); + if (r < 0 && errno != ENOTTY) + return log_error_errno(errno, "Failed to surrender controlling terminal: %m"); + pid = fork(); if (pid < 0) return log_error_errno(errno, "Failed to fork child pid: %m"); diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/systemd-v243+suse.91.g428b937f91/src/nspawn/nspawn.c new/systemd-v243+suse.126.gb7467b7b55/src/nspawn/nspawn.c --- old/systemd-v243+suse.91.g428b937f91/src/nspawn/nspawn.c 2019-10-04 16:25:57.000000000 +0200 +++ new/systemd-v243+suse.126.gb7467b7b55/src/nspawn/nspawn.c 2019-10-31 08:31:53.000000000 +0100 @@ -433,8 +433,8 @@ static int detect_unified_cgroup_hierarchy_from_image(const char *directory) { int r; - /* Let's inherit the mode to use from the host system, but let's take into consideration what systemd in the - * image actually supports. */ + /* Let's inherit the mode to use from the host system, but let's take into consideration what systemd + * in the image actually supports. */ r = cg_all_unified(); if (r < 0) return log_error_errno(r, "Failed to determine whether we are in all unified mode."); @@ -467,58 +467,66 @@ return 0; } -static void parse_share_ns_env(const char *name, unsigned long ns_flag) { +static int parse_share_ns_env(const char *name, unsigned long ns_flag) { int r; r = getenv_bool(name); if (r == -ENXIO) - return; + return 0; if (r < 0) - log_warning_errno(r, "Failed to parse %s from environment, defaulting to false.", name); + return log_error_errno(r, "Failed to parse $%s: %m", name); arg_clone_ns_flags = (arg_clone_ns_flags & ~ns_flag) | (r > 0 ? 0 : ns_flag); arg_settings_mask |= SETTING_CLONE_NS_FLAGS; + return 0; } -static void parse_mount_settings_env(void) { +static int parse_mount_settings_env(void) { const char *e; int r; r = getenv_bool("SYSTEMD_NSPAWN_TMPFS_TMP"); + if (r < 0 && r != -ENXIO) + return log_error_errno(r, "Failed to parse $SYSTEMD_NSPAWN_TMPFS_TMP: %m"); if (r >= 0) SET_FLAG(arg_mount_settings, MOUNT_APPLY_TMPFS_TMP, r > 0); - else if (r != -ENXIO) - log_warning_errno(r, "Failed to parse $SYSTEMD_NSPAWN_TMPFS_TMP, ignoring: %m"); e = getenv("SYSTEMD_NSPAWN_API_VFS_WRITABLE"); - if (!e) - return; - - if (streq(e, "network")) { + if (streq_ptr(e, "network")) arg_mount_settings |= MOUNT_APPLY_APIVFS_RO|MOUNT_APPLY_APIVFS_NETNS; - return; - } - r = parse_boolean(e); - if (r < 0) { - log_warning_errno(r, "Failed to parse SYSTEMD_NSPAWN_API_VFS_WRITABLE from environment, ignoring."); - return; + else if (e) { + r = parse_boolean(e); + if (r < 0) + return log_error_errno(r, "Failed to parse $SYSTEMD_NSPAWN_API_VFS_WRITABLE: %m"); + + SET_FLAG(arg_mount_settings, MOUNT_APPLY_APIVFS_RO, r == 0); + SET_FLAG(arg_mount_settings, MOUNT_APPLY_APIVFS_NETNS, false); } - SET_FLAG(arg_mount_settings, MOUNT_APPLY_APIVFS_RO, r == 0); - SET_FLAG(arg_mount_settings, MOUNT_APPLY_APIVFS_NETNS, false); + return 0; } -static void parse_environment(void) { +static int parse_environment(void) { const char *e; int r; - parse_share_ns_env("SYSTEMD_NSPAWN_SHARE_NS_IPC", CLONE_NEWIPC); - parse_share_ns_env("SYSTEMD_NSPAWN_SHARE_NS_PID", CLONE_NEWPID); - parse_share_ns_env("SYSTEMD_NSPAWN_SHARE_NS_UTS", CLONE_NEWUTS); - parse_share_ns_env("SYSTEMD_NSPAWN_SHARE_SYSTEM", CLONE_NEWIPC|CLONE_NEWPID|CLONE_NEWUTS); + r = parse_share_ns_env("SYSTEMD_NSPAWN_SHARE_NS_IPC", CLONE_NEWIPC); + if (r < 0) + return r; + r = parse_share_ns_env("SYSTEMD_NSPAWN_SHARE_NS_PID", CLONE_NEWPID); + if (r < 0) + return r; + r = parse_share_ns_env("SYSTEMD_NSPAWN_SHARE_NS_UTS", CLONE_NEWUTS); + if (r < 0) + return r; + r = parse_share_ns_env("SYSTEMD_NSPAWN_SHARE_SYSTEM", CLONE_NEWIPC|CLONE_NEWPID|CLONE_NEWUTS); + if (r < 0) + return r; - parse_mount_settings_env(); + r = parse_mount_settings_env(); + if (r < 0) + return r; /* SYSTEMD_NSPAWN_USE_CGNS=0 can be used to disable CLONE_NEWCGROUP use, * even if it is supported. If not supported, it has no effect. */ @@ -528,7 +536,7 @@ r = getenv_bool("SYSTEMD_NSPAWN_USE_CGNS"); if (r < 0) { if (r != -ENXIO) - log_warning_errno(r, "Failed to parse $SYSTEMD_NSPAWN_USE_CGNS, ignoring: %m"); + return log_error_errno(r, "Failed to parse $SYSTEMD_NSPAWN_USE_CGNS: %m"); arg_use_cgns = true; } else { @@ -541,7 +549,7 @@ if (e) arg_container_service_name = e; - detect_unified_cgroup_hierarchy_from_environment(); + return detect_unified_cgroup_hierarchy_from_environment(); } static int parse_argv(int argc, char *argv[]) { @@ -1424,7 +1432,9 @@ arg_caps_retain = (arg_caps_retain | plus | (arg_private_network ? UINT64_C(1) << CAP_NET_ADMIN : 0)) & ~minus; /* Make sure to parse environment before we reset the settings mask below */ - parse_environment(); + r = parse_environment(); + if (r < 0) + return r; /* Load all settings from .nspawn files */ if (mask_no_settings) @@ -1440,6 +1450,25 @@ static int verify_arguments(void) { int r; + if (arg_start_mode == START_PID2 && arg_unified_cgroup_hierarchy == CGROUP_UNIFIED_UNKNOWN) { + /* If we are running the stub init in the container, we don't need to look at what the init + * in the container supports, because we are not using it. Let's immediately pick the right + * setting based on the host system configuration. + * + * We only do this, if the user didn't use an environment variable to override the detection. + */ + + r = cg_all_unified(); + if (r < 0) + return log_error_errno(r, "Failed to determine whether we are in all unified mode."); + if (r > 0) + arg_unified_cgroup_hierarchy = CGROUP_UNIFIED_ALL; + else if (cg_unified_controller(SYSTEMD_CGROUP_CONTROLLER) > 0) + arg_unified_cgroup_hierarchy = CGROUP_UNIFIED_SYSTEMD; + else + arg_unified_cgroup_hierarchy = CGROUP_UNIFIED_NONE; + } + if (arg_userns_mode != USER_NAMESPACE_NO) arg_mount_settings |= MOUNT_USE_USERNS; @@ -4730,9 +4759,8 @@ if (r < 0) goto finish; - r = detect_unified_cgroup_hierarchy_from_environment(); - if (r < 0) - goto finish; + /* Reapply environment settings. */ + (void) detect_unified_cgroup_hierarchy_from_environment(); /* Ignore SIGPIPE here, because we use splice() on the ptyfwd stuff and that will generate SIGPIPE if * the result is closed. Note that the container payload child will reset signal mask+handler anyway, diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/systemd-v243+suse.91.g428b937f91/src/shared/bootspec.c new/systemd-v243+suse.126.gb7467b7b55/src/shared/bootspec.c --- old/systemd-v243+suse.91.g428b937f91/src/shared/bootspec.c 2019-10-04 16:25:57.000000000 +0200 +++ new/systemd-v243+suse.126.gb7467b7b55/src/shared/bootspec.c 2019-10-31 08:31:53.000000000 +0100 @@ -475,6 +475,7 @@ _cleanup_free_ char *j = NULL, *osrelease = NULL, *cmdline = NULL; _cleanup_close_ int fd = -1; + dirent_ensure_type(d, de); if (!dirent_is_file(de)) continue; @@ -876,7 +877,7 @@ errno = 0; r = blkid_probe_lookup_value(b, "PART_ENTRY_NUMBER", &v, NULL); if (r != 0) - return log_error_errno(errno ?: SYNTHETIC_ERRNO(EIO), "Failed to probe partition number of \"%s\": m", node); + return log_error_errno(errno ?: SYNTHETIC_ERRNO(EIO), "Failed to probe partition number of \"%s\": %m", node); r = safe_atou32(v, &part); if (r < 0) return log_error_errno(r, "Failed to parse PART_ENTRY_NUMBER field."); diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/systemd-v243+suse.91.g428b937f91/src/shared/unit-file.c new/systemd-v243+suse.126.gb7467b7b55/src/shared/unit-file.c --- old/systemd-v243+suse.91.g428b937f91/src/shared/unit-file.c 2019-10-04 16:25:57.000000000 +0200 +++ new/systemd-v243+suse.126.gb7467b7b55/src/shared/unit-file.c 2019-10-31 08:31:53.000000000 +0100 @@ -279,6 +279,7 @@ if (hashmap_contains(ids, de->d_name)) continue; + dirent_ensure_type(d, de); if (de->d_type == DT_LNK) { /* We don't explicitly check for alias loops here. unit_ids_map_get() which * limits the number of hops should be used to access the map. */ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/systemd-v243+suse.91.g428b937f91/src/timesync/timesyncd-manager.c new/systemd-v243+suse.126.gb7467b7b55/src/timesync/timesyncd-manager.c --- old/systemd-v243+suse.91.g428b937f91/src/timesync/timesyncd-manager.c 2019-10-04 16:25:57.000000000 +0200 +++ new/systemd-v243+suse.126.gb7467b7b55/src/timesync/timesyncd-manager.c 2019-10-31 08:31:53.000000000 +0100 @@ -617,9 +617,9 @@ m->good = true; server_address_pretty(m->current_server_address, &pretty); - /* "for the first time", as further successful syncs will not be logged. */ - log_info("Synchronized to time server for the first time %s (%s).", strna(pretty), m->current_server_name->string); - sd_notifyf(false, "STATUS=Synchronized to time server for the first time %s (%s).", strna(pretty), m->current_server_name->string); + /* "Initial", as further successful syncs will not be logged. */ + log_info("Initial synchronization to time server %s (%s).", strna(pretty), m->current_server_name->string); + sd_notifyf(false, "STATUS=Initial synchronization to time server %s (%s).", strna(pretty), m->current_server_name->string); } r = manager_arm_timer(m, m->poll_interval_usec); diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/systemd-v243+suse.91.g428b937f91/src/udev/cdrom_id/cdrom_id.c new/systemd-v243+suse.126.gb7467b7b55/src/udev/cdrom_id/cdrom_id.c --- old/systemd-v243+suse.91.g428b937f91/src/udev/cdrom_id/cdrom_id.c 2019-10-04 16:25:57.000000000 +0200 +++ new/systemd-v243+suse.126.gb7467b7b55/src/udev/cdrom_id/cdrom_id.c 2019-10-31 08:31:53.000000000 +0100 @@ -85,28 +85,6 @@ #define ASC(errcode) (((errcode) >> 8) & 0xFF) #define ASCQ(errcode) ((errcode) & 0xFF) -static bool is_mounted(const char *device) { - struct stat statbuf; - FILE *fp; - int maj, min; - bool mounted = false; - - if (stat(device, &statbuf) < 0) - return false; - - fp = fopen("/proc/self/mountinfo", "re"); - if (!fp) - return false; - while (fscanf(fp, "%*s %*s %i:%i %*[^\n]", &maj, &min) == 2) { - if (makedev(maj, min) == statbuf.st_rdev) { - mounted = true; - break; - } - } - fclose(fp); - return mounted; -} - static void info_scsi_cmd_err(const char *cmd, int err) { if (err == -1) log_debug("%s failed", cmd); @@ -873,7 +851,7 @@ for (cnt = 20; cnt > 0; cnt--) { struct timespec duration; - fd = open(node, O_RDONLY|O_NONBLOCK|O_CLOEXEC|(is_mounted(node) ? 0 : O_EXCL)); + fd = open(node, O_RDONLY|O_NONBLOCK|O_CLOEXEC); if (fd >= 0 || errno != EBUSY) break; duration.tv_sec = 0; diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/systemd-v243+suse.91.g428b937f91/src/udev/udevadm-trigger.c new/systemd-v243+suse.126.gb7467b7b55/src/udev/udevadm-trigger.c --- old/systemd-v243+suse.91.g428b937f91/src/udev/udevadm-trigger.c 2019-10-04 16:25:57.000000000 +0200 +++ new/systemd-v243+suse.126.gb7467b7b55/src/udev/udevadm-trigger.c 2019-10-31 08:31:53.000000000 +0100 @@ -45,9 +45,11 @@ r = write_string_file(filename, action, WRITE_STRING_FILE_DISABLE_BUFFER); if (r < 0) { - log_full_errno(r == -ENOENT ? LOG_DEBUG : LOG_ERR, r, + bool ignore = IN_SET(r, -ENOENT, -EACCES, -ENODEV); + + log_full_errno(ignore ? LOG_DEBUG : LOG_ERR, r, "Failed to write '%s' to '%s': %m", action, filename); - if (ret == 0 && r != -ENOENT) + if (ret == 0 && !ignore) ret = r; continue; } diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/systemd-v243+suse.91.g428b937f91/test/test-execute/exec-personality-x86.service new/systemd-v243+suse.126.gb7467b7b55/test/test-execute/exec-personality-x86.service --- old/systemd-v243+suse.91.g428b937f91/test/test-execute/exec-personality-x86.service 2019-10-04 16:25:57.000000000 +0200 +++ new/systemd-v243+suse.126.gb7467b7b55/test/test-execute/exec-personality-x86.service 2019-10-31 08:31:53.000000000 +0100 @@ -2,6 +2,6 @@ Description=Test for Personality=x86 [Service] -ExecStart=/bin/sh -x -c 'c=$$(uname -m); test "$$c" = "i686"' +ExecStart=/bin/sh -x -c 'c=$$(uname -m); test "$$c" = "i686" -o "$$c" = "x86_64"' Type=oneshot Personality=x86 diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/systemd-v243+suse.91.g428b937f91/tmpfiles.d/systemd-nologin.conf new/systemd-v243+suse.126.gb7467b7b55/tmpfiles.d/systemd-nologin.conf --- old/systemd-v243+suse.91.g428b937f91/tmpfiles.d/systemd-nologin.conf 2019-10-04 16:25:57.000000000 +0200 +++ new/systemd-v243+suse.126.gb7467b7b55/tmpfiles.d/systemd-nologin.conf 2019-10-31 08:31:53.000000000 +0100 @@ -5,7 +5,7 @@ # the Free Software Foundation; either version 2.1 of the License, or # (at your option) any later version. -# See tmpfiles.d(5), systemd-user-session.service(5) and pam_nologin(8). +# See tmpfiles.d(5), systemd-user-sessions.service(8) and pam_nologin(8). # This file has special suffix so it is not run by mistake. F! /run/nologin 0644 - - - "System is booting up. Unprivileged users are not permitted to log in yet. Please come back later. For technical details, see pam_nologin(8)." diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/systemd-v243+suse.91.g428b937f91/units/proc-sys-fs-binfmt_misc.mount new/systemd-v243+suse.126.gb7467b7b55/units/proc-sys-fs-binfmt_misc.mount --- old/systemd-v243+suse.91.g428b937f91/units/proc-sys-fs-binfmt_misc.mount 2019-10-04 16:25:57.000000000 +0200 +++ new/systemd-v243+suse.126.gb7467b7b55/units/proc-sys-fs-binfmt_misc.mount 2019-10-31 08:31:53.000000000 +0100 @@ -18,3 +18,6 @@ Where=/proc/sys/fs/binfmt_misc Type=binfmt_misc Options=nosuid,nodev,noexec + +[Install] +WantedBy=sysinit.target diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/systemd-v243+suse.91.g428b937f91/units/systemd-binfmt.service.in new/systemd-v243+suse.126.gb7467b7b55/units/systemd-binfmt.service.in --- old/systemd-v243+suse.91.g428b937f91/units/systemd-binfmt.service.in 2019-10-04 16:25:57.000000000 +0200 +++ new/systemd-v243+suse.126.gb7467b7b55/units/systemd-binfmt.service.in 2019-10-31 08:31:53.000000000 +0100 @@ -15,6 +15,7 @@ DefaultDependencies=no Conflicts=shutdown.target After=proc-sys-fs-binfmt_misc.automount +After=proc-sys-fs-binfmt_misc.mount Before=sysinit.target shutdown.target ConditionPathIsReadWrite=/proc/sys/ ConditionDirectoryNotEmpty=|/lib/binfmt.d
