From 09be98a9f6fe29c9ebddd9d67c3a8714b7d5abf1 Mon Sep 17 00:00:00 2001 From: Michal Schmidt Date: Jun 15 2011 20:47:49 +0000 Subject: Bugfixes from v29 development systemctl: fix 'is-enabled' for native units under /lib (BZ#699027) dbus: fix name of capability property pam-module: add debug= parameter (BZ#705427) --- diff --git a/0001-dbus-fix-name-of-capability-property.patch b/0001-dbus-fix-name-of-capability-property.patch new file mode 100644 index 0000000..5fc3994 --- /dev/null +++ b/0001-dbus-fix-name-of-capability-property.patch @@ -0,0 +1,39 @@ +From 7c3d67eff3e165b50084bf9c3269ec582d90c403 Mon Sep 17 00:00:00 2001 +From: Lennart Poettering +Date: Wed, 15 Jun 2011 10:16:49 +0200 +Subject: [PATCH] dbus: fix name of capability property + +--- + src/dbus-execute.c | 2 +- + src/dbus-execute.h | 2 +- + 2 files changed, 2 insertions(+), 2 deletions(-) + +diff --git a/src/dbus-execute.c b/src/dbus-execute.c +index 3f8fafe..6ceffc5 100644 +--- a/src/dbus-execute.c ++++ b/src/dbus-execute.c +@@ -235,7 +235,7 @@ int bus_execute_append_capability_bs(DBusMessageIter *i, const char *property, v + assert(property); + assert(c); + +- /* We store this negated internally, to match the kernel, bu ++ /* We store this negated internally, to match the kernel, but + * we expose it normalized. */ + + normal = *(uint64_t*) data; +diff --git a/src/dbus-execute.h b/src/dbus-execute.h +index 42df5aa..56c5bcd 100644 +--- a/src/dbus-execute.h ++++ b/src/dbus-execute.h +@@ -77,7 +77,7 @@ + " \n" \ + " \n" \ + " \n" \ +- " \n" \ ++ " \n" \ + " \n" \ + " \n" \ + " \n" \ +-- +1.7.4.4 + diff --git a/0001-pam-module-add-debug-parameter.patch b/0001-pam-module-add-debug-parameter.patch new file mode 100644 index 0000000..d1d75ae --- /dev/null +++ b/0001-pam-module-add-debug-parameter.patch @@ -0,0 +1,135 @@ +From 0e318cad06d483624076777c105bdcdd6aca3596 Mon Sep 17 00:00:00 2001 +From: Michal Schmidt +Date: Fri, 27 May 2011 01:29:34 +0200 +Subject: [PATCH] pam-module: add debug= parameter + +It is customary that pam modules do not log debugging information by default. +Usually they offer a 'debug' option. + +Add a boolean debug= option to pam_systemd.so. + +This will solve bug +https://bugzilla.redhat.com/show_bug.cgi?id=705427 + +Commit 53d5582fa006b0eb528f5dc3f4ba978abd8ac5a3 was not sufficient to fix it, +because in Fedora rsyslog is configured to write even LOG_DEBUG messages to +/var/log/secure by default. +--- + man/pam_systemd.xml | 8 ++++++++ + src/pam-module.c | 27 +++++++++++++++++++++------ + 2 files changed, 29 insertions(+), 6 deletions(-) + +diff --git a/man/pam_systemd.xml b/man/pam_systemd.xml +index 11852eb..208c7da 100644 +--- a/man/pam_systemd.xml ++++ b/man/pam_systemd.xml +@@ -273,6 +273,14 @@ + be reset for the processes of the + logged in user. + ++ ++ ++ ++ ++ Takes a boolean ++ argument. If true, logs debugging ++ information. ++ + + + Note that setting kill-user=1 +diff --git a/src/pam-module.c b/src/pam-module.c +index 03864fe..bdf6133 100644 +--- a/src/pam-module.c ++++ b/src/pam-module.c +@@ -46,7 +46,8 @@ static int parse_argv(pam_handle_t *handle, + char ***controllers, + char ***reset_controllers, + char ***kill_only_users, +- char ***kill_exclude_users) { ++ char ***kill_exclude_users, ++ bool *debug) { + + unsigned i; + bool reset_controller_set = false; +@@ -145,6 +146,15 @@ static int parse_argv(pam_handle_t *handle, + + kill_exclude_users_set = true; + ++ } else if (startswith(argv[i], "debug=")) { ++ if ((k = parse_boolean(argv[i] + 6)) < 0) { ++ pam_syslog(handle, LOG_ERR, "Failed to parse debug= argument."); ++ return k; ++ } ++ ++ if (debug) ++ *debug = k; ++ + } else { + pam_syslog(handle, LOG_ERR, "Unknown parameter '%s'.", argv[i]); + return -EINVAL; +@@ -406,6 +416,7 @@ _public_ PAM_EXTERN int pam_sm_open_session( + char *buf = NULL; + int lock_fd = -1; + bool create_session = true; ++ bool debug = false; + char **controllers = NULL, **reset_controllers = NULL, **c; + char *cgroup_user_tree = NULL; + +@@ -421,7 +432,7 @@ _public_ PAM_EXTERN int pam_sm_open_session( + argc, argv, + &create_session, NULL, NULL, + &controllers, &reset_controllers, +- NULL, NULL) < 0) ++ NULL, NULL, &debug) < 0) + return PAM_SESSION_ERR; + + if ((r = get_user_data(handle, &username, &pw)) != PAM_SUCCESS) +@@ -505,7 +516,8 @@ _public_ PAM_EXTERN int pam_sm_open_session( + goto finish; + } + +- pam_syslog(handle, LOG_DEBUG, "Moving new user session for %s into control group %s.", username, buf); ++ if (debug) ++ pam_syslog(handle, LOG_DEBUG, "Moving new user session for %s into control group %s.", username, buf); + + if ((r = create_user_group(handle, SYSTEMD_CGROUP_CONTROLLER, buf, pw, true, true)) != PAM_SUCCESS) + goto finish; +@@ -616,6 +628,7 @@ _public_ PAM_EXTERN int pam_sm_close_session( + const char *username = NULL; + bool kill_session = false; + bool kill_user = false; ++ bool debug = false; + int lock_fd = -1, r; + char *session_path = NULL, *nosession_path = NULL, *user_path = NULL; + const char *id; +@@ -634,7 +647,7 @@ _public_ PAM_EXTERN int pam_sm_close_session( + argc, argv, + NULL, &kill_session, &kill_user, + &controllers, NULL, +- &kill_only_users, &kill_exclude_users) < 0) ++ &kill_only_users, &kill_exclude_users, &debug) < 0) + return PAM_SESSION_ERR; + + if ((r = get_user_data(handle, &username, &pw)) != PAM_SUCCESS) +@@ -676,13 +689,15 @@ _public_ PAM_EXTERN int pam_sm_close_session( + } + + if (kill_session && check_user_lists(handle, pw->pw_uid, kill_only_users, kill_exclude_users)) { +- pam_syslog(handle, LOG_DEBUG, "Killing remaining processes of user session %s of %s.", id, username); ++ if (debug) ++ pam_syslog(handle, LOG_DEBUG, "Killing remaining processes of user session %s of %s.", id, username); + + /* Kill processes in session cgroup, and delete it */ + if ((r = cg_kill_recursive_and_wait(SYSTEMD_CGROUP_CONTROLLER, session_path, true)) < 0) + pam_syslog(handle, LOG_ERR, "Failed to kill session cgroup: %s", strerror(-r)); + } else { +- pam_syslog(handle, LOG_DEBUG, "Moving remaining processes of user session %s of %s into control group %s.", id, username, nosession_path); ++ if (debug) ++ pam_syslog(handle, LOG_DEBUG, "Moving remaining processes of user session %s of %s into control group %s.", id, username, nosession_path); + + /* Migrate processes from session to user + * cgroup. First, try to create the user group +-- +1.7.4.4 + diff --git a/0001-systemctl-fix-is-enabled-for-native-units-under-lib.patch b/0001-systemctl-fix-is-enabled-for-native-units-under-lib.patch new file mode 100644 index 0000000..7e6653a --- /dev/null +++ b/0001-systemctl-fix-is-enabled-for-native-units-under-lib.patch @@ -0,0 +1,50 @@ +From b77398f7a05aa313cebcea81e9381833bede2d61 Mon Sep 17 00:00:00 2001 +From: Michal Schmidt +Date: Mon, 13 Jun 2011 14:19:47 +0200 +Subject: [PATCH] systemctl: fix 'is-enabled' for native units under /lib + +The units always showed up as enabled. + +The config file has to be parsed before we can check what's in +the [Install] section. + +https://bugzilla.redhat.com/show_bug.cgi?id=699027 +--- + src/systemctl.c | 14 +++++++------- + 1 files changed, 7 insertions(+), 7 deletions(-) + +diff --git a/src/systemctl.c b/src/systemctl.c +index faca797..889e3ee 100644 +--- a/src/systemctl.c ++++ b/src/systemctl.c +@@ -4160,6 +4160,13 @@ static int install_info_apply(const char *verb, LookupPaths *paths, InstallInfo + return -ENOENT; + } + ++ i->path = filename; ++ ++ if ((r = config_parse(filename, f, NULL, items, true, i)) < 0) { ++ fclose(f); ++ return r; ++ } ++ + /* Consider unit files stored in /lib and /usr always enabled + * if they have no [Install] data. */ + if (streq(verb, "is-enabled") && +@@ -4168,13 +4175,6 @@ static int install_info_apply(const char *verb, LookupPaths *paths, InstallInfo + !path_startswith(filename, "/etc")) + return 1; + +- i->path = filename; +- +- if ((r = config_parse(filename, f, NULL, items, true, i)) < 0) { +- fclose(f); +- return r; +- } +- + n_symlinks += strv_length(i->aliases); + n_symlinks += strv_length(i->wanted_by); + +-- +1.7.4.4 + diff --git a/systemd.spec b/systemd.spec index 892ed6c..70a9bf1 100644 --- a/systemd.spec +++ b/systemd.spec @@ -2,7 +2,7 @@ Name: systemd Url: http://www.freedesktop.org/wiki/Software/systemd BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n) Version: 26 -Release: 3%{?dist} +Release: 4%{?dist} License: GPLv2+ Group: System Environment/Base Summary: A System and Service Manager @@ -43,6 +43,9 @@ Patch3: 0001-pam-downgrade-a-few-log-msgs.patch Patch4: 0001-systemctl-fix-double-unref-of-a-dbus-message.patch Patch5: 0001-cryptsetup-generator-fix-etc-cryptsetup-options.patch Patch6: 0001-readahead-common-fix-total-memory-size-detection.patch +Patch7: 0001-systemctl-fix-is-enabled-for-native-units-under-lib.patch +Patch8: 0001-dbus-fix-name-of-capability-property.patch +Patch9: 0001-pam-module-add-debug-parameter.patch # For sysvinit tools Obsoletes: SysVinit < 2.86-24, sysvinit < 2.86-24 @@ -103,6 +106,9 @@ SysV compatibility tools for systemd %patch4 -p1 %patch5 -p1 %patch6 -p1 +%patch7 -p1 +%patch8 -p1 +%patch9 -p1 %build %configure --with-rootdir= --with-distro=fedora @@ -305,6 +311,12 @@ fi %{_bindir}/systemd-sysv-convert %changelog +* Wed Jun 15 2011 Michal Schmidt - 26-4 +- Pick bugfixes from upstream: +- systemctl: fix 'is-enabled' for native units under /lib (BZ#699027) +- dbus: fix name of capability property +- pam-module: add debug= parameter (BZ#705427) + * Sun Jun 12 2011 Michal Schmidt - 26-3 - Pick bugfixes from upstream: - systemctl: fix double unref of a dbus message (BZ#709909)