packages/systemd
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

sync patches from systemd community

Browse Source
This commit is contained in:
h30032433 2023-12-18 16:36:19 +08:00
parent 7eabe721f8
commit f097b1feb4
10 changed files with 570 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

39
backport-Limit-rlim_max-in-rlimit_nofile_safe-to-nr_open.patch Normal file
View File

@ -0,0 +1,39 @@
From f470dafddcd688c3ea6031d4bbcbf934fd094711 Mon Sep 17 00:00:00 2001
From: Daan De Meyer <daan.j.demeyer@gmail.com>
Date: Fri, 25 Aug 2023 13:55:36 +0200
Subject: [PATCH] Limit rlim_max in rlimit_nofile_safe() to nr_open
We might inherit a max rlim value that's larger than the kernel's
maximum (nr_open). This will cause setrlimit() to fail as the given
maximum is larger than the kernel's maximum. To get around this,
let's limit the max rlim we pass to rlimit() to the value of nr_open.
Should fix #28965
Conflict:NA
Reference:https://github.com/systemd/systemd-stable/commit/f470dafddcd688c3ea6031d4bbcbf934fd094711
---
src/basic/rlimit-util.c | 6 +++++-
1 file changed, 5 insertions(+), 1 deletion(-)
diff --git a/src/basic/rlimit-util.c b/src/basic/rlimit-util.c
index 91424cd3cc..a0ffb24626 100644
--- a/src/basic/rlimit-util.c
+++ b/src/basic/rlimit-util.c
@@ -401,7 +401,11 @@ int rlimit_nofile_safe(void) {
if (rl.rlim_cur <= FD_SETSIZE)
return 0;
- rl.rlim_cur = FD_SETSIZE;
+ /* So we might have inherited a hard limit that's larger than the kernel's maximum limit as stored in
+ * /proc/sys/fs/nr_open. If we pass this hard limit unmodified to setrlimit(), we'll get EPERM. To
+ * make sure that doesn't happen, let's limit our hard limit to the value from nr_open. */
+ rl.rlim_max = MIN(rl.rlim_max, (rlim_t) read_nr_open());
+ rl.rlim_cur = MIN((rlim_t) FD_SETSIZE, rl.rlim_max);
if (setrlimit(RLIMIT_NOFILE, &rl) < 0)
return log_debug_errno(errno, "Failed to lower RLIMIT_NOFILE's soft limit to " RLIM_FMT ": %m", rl.rlim_cur);
--
2.39.1

73
backport-bus-add-some-minimal-bounds-check-on-signatures.patch Normal file
View File

@ -0,0 +1,73 @@
From d80cc39558ec7e596d594d1aadc4df81262611f8 Mon Sep 17 00:00:00 2001
From: Luca Boccassi <bluca@debian.org>
Date: Sun, 16 Jul 2023 01:10:47 +0100
Subject: [PATCH] bus: add some minimal bounds check on signatures
CID#1491292
CID#1491291
CID#1491290
CID#1491289
CID#1491284
CID#1491281
CID#1491280
CID#1491278
Conflict:NA
Reference:https://github.com/systemd/systemd-stable/commit/d80cc39558ec7e596d594d1aadc4df81262611f8
---
src/busctl/busctl.c | 5 ++++-
src/libsystemd/sd-bus/bus-message.c | 6 ++++++
2 files changed, 10 insertions(+), 1 deletion(-)
diff --git a/src/busctl/busctl.c b/src/busctl/busctl.c
index 72eed36335..c1a0479015 100644
--- a/src/busctl/busctl.c
+++ b/src/busctl/busctl.c
@@ -1627,8 +1627,11 @@ static int message_append_cmdline(sd_bus_message *m, const char *signature, char
p--;
r = signature_element_length(signature, &k);
- if (r < 0)
+ if (r < 0 || k < 2) {
+ if (r >= 0 && k < 2)
+ r = -ERANGE;
return log_error_errno(r, "Invalid struct/dict entry signature: %m");
+ }
{
char s[k-1];
diff --git a/src/libsystemd/sd-bus/bus-message.c b/src/libsystemd/sd-bus/bus-message.c
index 3cf1419a14..f1cf6a8cc4 100644
--- a/src/libsystemd/sd-bus/bus-message.c
+++ b/src/libsystemd/sd-bus/bus-message.c
@@ -2027,6 +2027,8 @@ _public_ int sd_bus_message_appendv(
r = signature_element_length(t, &k);
if (r < 0)
return r;
+ if (k < 2)
+ return -ERANGE;
{
char s[k - 1];
@@ -3470,6 +3472,8 @@ _public_ int sd_bus_message_readv(
r = signature_element_length(t, &k);
if (r < 0)
return r;
+ if (k < 2)
+ return -ERANGE;
{
char s[k - 1];
@@ -3650,6 +3654,8 @@ _public_ int sd_bus_message_skip(sd_bus_message *m, const char *types) {
r = signature_element_length(types, &k);
if (r < 0)
return r;
+ if (k < 2)
+ return -ERANGE;
{
char s[k-1];
--
2.39.1

152
backport-core-path-do-not-enqueue-new-job-in-.trigger_notify-.patch Normal file
View File

@ -0,0 +1,152 @@
From bc6377762c210d1bdd7fd2465930731d87dda576 Mon Sep 17 00:00:00 2001
From: Yu Watanabe <watanabe.yu+github@gmail.com>
Date: Sat, 29 Apr 2023 04:31:53 +0900
Subject: [PATCH] core/path: do not enqueue new job in .trigger_notify callback
Otherwise,
1. X.path triggered X.service, and the service has waiting start job,
2. systemctl stop X.service
3. the waiting start job is cancelled to install new stop job,
4. path_trigger_notify() is called, and may reinstall new start job,
5. the stop job cannot be installed, and triggeres assertion.
So, instead, let's add a defer event source, then enqueue the new start
job after the stop (or any other type) job finished.
Fixes https://github.com/systemd/systemd/issues/24577#issuecomment-1522628906.
Conflict:NA
Reference:https://github.com/systemd/systemd-stable/commit/bc6377762c210d1bdd7fd2465930731d87dda576
---
src/core/path.c | 68 +++++++++++++++++++++++++++++++++++++++++++++----
src/core/path.h | 2 ++
2 files changed, 65 insertions(+), 5 deletions(-)
diff --git a/src/core/path.c b/src/core/path.c
index 9f6a246ab0..c95663c3aa 100644
--- a/src/core/path.c
+++ b/src/core/path.c
@@ -10,6 +10,7 @@
#include "dbus-path.h"
#include "dbus-unit.h"
#include "escape.h"
+#include "event-util.h"
#include "fd-util.h"
#include "glob-util.h"
#include "inotify-util.h"
@@ -300,6 +301,7 @@ static void path_done(Unit *u) {
assert(p);
+ p->trigger_notify_event_source = sd_event_source_disable_unref(p->trigger_notify_event_source);
path_free_specs(p);
}
@@ -575,6 +577,9 @@ static void path_enter_waiting(Path *p, bool initial, bool from_trigger_notify)
Unit *trigger;
int r;
+ if (p->trigger_notify_event_source)
+ (void) event_source_disable(p->trigger_notify_event_source);
+
/* If the triggered unit is already running, so are we */
trigger = UNIT_TRIGGER(UNIT(p));
if (trigger && !UNIT_IS_INACTIVE_OR_FAILED(unit_active_state(trigger))) {
@@ -799,8 +804,28 @@ fail:
return 0;
}
-static void path_trigger_notify(Unit *u, Unit *other) {
+static void path_trigger_notify_impl(Unit *u, Unit *other, bool on_defer);
+
+static int path_trigger_notify_on_defer(sd_event_source *s, void *userdata) {
+ Path *p = ASSERT_PTR(userdata);
+ Unit *trigger;
+
+ assert(s);
+
+ trigger = UNIT_TRIGGER(UNIT(p));
+ if (!trigger) {
+ log_unit_error(UNIT(p), "Unit to trigger vanished.");
+ path_enter_dead(p, PATH_FAILURE_RESOURCES);
+ return 0;
+ }
+
+ path_trigger_notify_impl(UNIT(p), trigger, /* on_defer = */ true);
+ return 0;
+}
+
+static void path_trigger_notify_impl(Unit *u, Unit *other, bool on_defer) {
Path *p = PATH(u);
+ int r;
assert(u);
assert(other);
@@ -826,13 +851,46 @@ static void path_trigger_notify(Unit *u, Unit *other) {
if (p->state == PATH_RUNNING &&
UNIT_IS_INACTIVE_OR_FAILED(unit_active_state(other))) {
- log_unit_debug(UNIT(p), "Got notified about unit deactivation.");
- path_enter_waiting(p, false, true);
+ if (!on_defer)
+ log_unit_debug(u, "Got notified about unit deactivation.");
} else if (p->state == PATH_WAITING &&
!UNIT_IS_INACTIVE_OR_FAILED(unit_active_state(other))) {
- log_unit_debug(UNIT(p), "Got notified about unit activation.");
- path_enter_waiting(p, false, true);
+ if (!on_defer)
+ log_unit_debug(u, "Got notified about unit activation.");
+ } else
+ return;
+
+ if (on_defer) {
+ path_enter_waiting(p, /* initial = */ false, /* from_trigger_notify = */ true);
+ return;
}
+
+ /* Do not call path_enter_waiting() directly from path_trigger_notify(), as this may be called by
+ * job_install() -> job_finish_and_invalidate() -> unit_trigger_notify(), and path_enter_waiting()
+ * may install another job and will trigger assertion in job_install().
+ * https://github.com/systemd/systemd/issues/24577#issuecomment-1522628906
+ * Hence, first setup defer event source here, and call path_enter_waiting() slightly later. */
+ if (p->trigger_notify_event_source) {
+ r = sd_event_source_set_enabled(p->trigger_notify_event_source, SD_EVENT_ONESHOT);
+ if (r < 0) {
+ log_unit_warning_errno(u, r, "Failed to enable event source for triggering notify: %m");
+ path_enter_dead(p, PATH_FAILURE_RESOURCES);
+ return;
+ }
+ } else {
+ r = sd_event_add_defer(u->manager->event, &p->trigger_notify_event_source, path_trigger_notify_on_defer, p);
+ if (r < 0) {
+ log_unit_warning_errno(u, r, "Failed to allocate event source for triggering notify: %m");
+ path_enter_dead(p, PATH_FAILURE_RESOURCES);
+ return;
+ }
+
+ (void) sd_event_source_set_description(p->trigger_notify_event_source, "path-trigger-notify");
+ }
+}
+
+static void path_trigger_notify(Unit *u, Unit *other) {
+ path_trigger_notify_impl(u, other, /* on_defer = */ false);
}
static void path_reset_failed(Unit *u) {
diff --git a/src/core/path.h b/src/core/path.h
index c76103cc12..cb5b662911 100644
--- a/src/core/path.h
+++ b/src/core/path.h
@@ -65,6 +65,8 @@ struct Path {
PathResult result;
RateLimit trigger_limit;
+
+ sd_event_source *trigger_notify_event_source;
};
struct ActivationDetailsPath {
--
2.39.1

44
backport-hostname-Make-sure-we-pass-error-to-bus_verify_polki.patch Normal file
View File

@ -0,0 +1,44 @@
From b56ee692334231f0312c2fd142b9f2a84da14ac9 Mon Sep 17 00:00:00 2001
From: Daan De Meyer <daan.j.demeyer@gmail.com>
Date: Thu, 24 Aug 2023 09:00:04 +0200
Subject: [PATCH] hostname: Make sure we pass error to
bus_verify_polkit_async()
Fixes #28943
Conflict:NA
Reference:https://github.com/systemd/systemd-stable/commit/b56ee692334231f0312c2fd142b9f2a84da14ac9
---
src/hostname/hostnamed.c | 2 +-
src/shared/bus-polkit.c | 1 +
2 files changed, 2 insertions(+), 1 deletion(-)
diff --git a/src/hostname/hostnamed.c b/src/hostname/hostnamed.c
index 9ef45f8e75..85904aabe9 100644
--- a/src/hostname/hostnamed.c
+++ b/src/hostname/hostnamed.c
@@ -1318,7 +1318,7 @@ static int method_describe(sd_bus_message *m, void *userdata, sd_bus_error *erro
false,
UID_INVALID,
&c->polkit_registry,
- NULL);
+ error);
if (r == 0)
return 1; /* No authorization for now, but the async polkit stuff will call us again when it has it */
diff --git a/src/shared/bus-polkit.c b/src/shared/bus-polkit.c
index 3ff2726d4a..904b897984 100644
--- a/src/shared/bus-polkit.c
+++ b/src/shared/bus-polkit.c
@@ -480,6 +480,7 @@ int bus_verify_polkit_async(
assert(call);
assert(action);
assert(registry);
+ assert(ret_error);
r = check_good_user(call, good_user);
if (r != 0)
--
2.39.1

66
backport-resolved-fix-use-of-ERRNO_IS_DISCONNECT.patch Normal file
View File

@ -0,0 +1,66 @@
From 0bdea17c0aa37c4cdf586c072a7b35f8d0598cc3 Mon Sep 17 00:00:00 2001
From: "Dmitry V. Levin" <ldv@strace.io>
Date: Fri, 7 Jul 2023 08:00:00 +0000
Subject: [PATCH] resolved: fix use of ERRNO_IS_DISCONNECT()
Given that ERRNO_IS_DISCONNECT() also matches positive values,
make sure this macro is not called with arguments that do not have
errno semantics.
In this case the argument passed to ERRNO_IS_DISCONNECT() is the value
returned by manager_recv() which can legitimately return 1 without errno
semantics, so fix this by moving ERRNO_IS_DISCONNECT() invocation to the
branch where the return value is known to be negative.
Conflict:NA
Reference:https://github.com/systemd/systemd-stable/commit/0bdea17c0aa37c4cdf586c072a7b35f8d0598cc3
---
src/resolve/resolved-dns-transaction.c | 27 ++++++++++++--------------
1 file changed, 12 insertions(+), 15 deletions(-)
diff --git a/src/resolve/resolved-dns-transaction.c b/src/resolve/resolved-dns-transaction.c
index a5293357c0..323786896b 100644
--- a/src/resolve/resolved-dns-transaction.c
+++ b/src/resolve/resolved-dns-transaction.c
@@ -1367,25 +1367,22 @@ static int on_dns_packet(sd_event_source *s, int fd, uint32_t revents, void *use
assert(t->scope);
r = manager_recv(t->scope->manager, fd, DNS_PROTOCOL_DNS, &p);
- if (ERRNO_IS_DISCONNECT(r)) {
- usec_t usec;
-
- /* UDP connection failures get reported via ICMP and then are possibly delivered to us on the
- * next recvmsg(). Treat this like a lost packet. */
+ if (r < 0) {
+ if (ERRNO_IS_DISCONNECT(r)) {
+ usec_t usec;
- log_debug_errno(r, "Connection failure for DNS UDP packet: %m");
- assert_se(sd_event_now(t->scope->manager->event, CLOCK_BOOTTIME, &usec) >= 0);
- dns_server_packet_lost(t->server, IPPROTO_UDP, t->current_feature_level);
+ /* UDP connection failures get reported via ICMP and then are possibly delivered to us on the
+ * next recvmsg(). Treat this like a lost packet. */
- dns_transaction_close_connection(t, /* use_graveyard = */ false);
+ log_debug_errno(r, "Connection failure for DNS UDP packet: %m");
+ assert_se(sd_event_now(t->scope->manager->event, CLOCK_BOOTTIME, &usec) >= 0);
+ dns_server_packet_lost(t->server, IPPROTO_UDP, t->current_feature_level);
- if (dns_transaction_limited_retry(t)) /* Try a different server */
- return 0;
+ dns_transaction_close_connection(t, /* use_graveyard = */ false);
- dns_transaction_complete_errno(t, r);
- return 0;
- }
- if (r < 0) {
+ if (dns_transaction_limited_retry(t)) /* Try a different server */
+ return 0;
+ }
dns_transaction_complete_errno(t, r);
return 0;
}
--
2.39.1

49
backport-sd-bus-fix-use-of-ERRNO_IS_DISCONNECT.patch Normal file
View File

@ -0,0 +1,49 @@
From bb228f0ebc9b691ee2a871bffbf949936568f3ea Mon Sep 17 00:00:00 2001
From: "Dmitry V. Levin" <ldv@strace.io>
Date: Fri, 7 Jul 2023 08:00:00 +0000
Subject: [PATCH] sd-bus: fix use of ERRNO_IS_DISCONNECT()
Given that ERRNO_IS_DISCONNECT() also matches positive values,
make sure this macro is not called with arguments that do not have
errno semantics.
In this case the argument passed to ERRNO_IS_DISCONNECT() is the value
returned by bus_socket_process_watch_bind(), bus_socket_process_opening(),
and bus_socket_process_authenticating() which can legitimately return
positive values without errno semantics, so fix this by moving the
ERRNO_IS_DISCONNECT() invocation to the branch where the return value
is known to be negative.
Conflict:NA
Reference:https://github.com/systemd/systemd-stable/commit/bb228f0ebc9b691ee2a871bffbf949936568f3ea
---
src/libsystemd/sd-bus/sd-bus.c | 12 +++++++-----
1 file changed, 7 insertions(+), 5 deletions(-)
diff --git a/src/libsystemd/sd-bus/sd-bus.c b/src/libsystemd/sd-bus/sd-bus.c
index 2758309ac5..a250e7b81a 100644
--- a/src/libsystemd/sd-bus/sd-bus.c
+++ b/src/libsystemd/sd-bus/sd-bus.c
@@ -3284,11 +3284,13 @@ static int bus_process_internal(sd_bus *bus, sd_bus_message **ret) {
assert_not_reached();
}
- if (ERRNO_IS_DISCONNECT(r)) {
- bus_enter_closing(bus);
- r = 1;
- } else if (r < 0)
- return r;
+ if (r < 0) {
+ if (ERRNO_IS_DISCONNECT(r)) {
+ bus_enter_closing(bus);
+ r = 1;
+ } else
+ return r;
+ }
if (ret)
*ret = NULL;
--
2.39.1

44
backport-socket-fix-use-of-ERRNO_IS_DISCONNECT.patch Normal file
View File

@ -0,0 +1,44 @@
From d5f8890bbf375075c7042b31ff6e79ad491df04c Mon Sep 17 00:00:00 2001
From: "Dmitry V. Levin" <ldv@strace.io>
Date: Fri, 7 Jul 2023 08:00:00 +0000
Subject: [PATCH] socket: fix use of ERRNO_IS_DISCONNECT()
Given that ERRNO_IS_DISCONNECT() also matches positive values,
make sure this macro is not called with arguments that do not have
errno semantics.
In this case the argument passed to ERRNO_IS_DISCONNECT() is the value
returned by socket_acquire_peer() which can legitimately return 1
without errno semantics, so fix this by moving ERRNO_IS_DISCONNECT()
invocation to the branch where the return value is known to be negative.
Conflict:NA
Reference:https://github.com/systemd/systemd-stable/commit/d5f8890bbf375075c7042b31ff6e79ad491df04c
---
src/core/socket.c | 8 +++++---
1 file changed, 5 insertions(+), 3 deletions(-)
diff --git a/src/core/socket.c b/src/core/socket.c
index d72194f20b..03b8cbd164 100644
--- a/src/core/socket.c
+++ b/src/core/socket.c
@@ -2358,10 +2358,12 @@ static void socket_enter_running(Socket *s, int cfd_in) {
if (s->max_connections_per_source > 0) {
r = socket_acquire_peer(s, cfd, &p);
- if (ERRNO_IS_DISCONNECT(r))
- return;
- if (r < 0) /* We didn't have enough resources to acquire peer information, let's fail. */
+ if (r < 0) {
+ if (ERRNO_IS_DISCONNECT(r))
+ return;
+ /* We didn't have enough resources to acquire peer information, let's fail. */
goto fail;
+ }
if (r > 0 && p->n_ref > s->max_connections_per_source) {
_cleanup_free_ char *t = NULL;
--
2.39.1

33
backport-udev-builtin-net_id-fix-potential-buffer-overflow.patch Normal file
View File

@ -0,0 +1,33 @@
From 5660e68d651545b43e13a51b068e64022637a6c6 Mon Sep 17 00:00:00 2001
From: Yu Watanabe <watanabe.yu+github@gmail.com>
Date: Wed, 28 Sep 2022 18:09:29 +0900
Subject: [PATCH] udev-builtin-net_id: fix potential buffer overflow
Conflict:NA
Reference:https://github.com/systemd/systemd-stable/commit/5660e68d651545b43e13a51b068e64022637a6c6
---
src/udev/udev-builtin-net_id.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/src/udev/udev-builtin-net_id.c b/src/udev/udev-builtin-net_id.c
index 4936ba518a..d1f343573d 100644
--- a/src/udev/udev-builtin-net_id.c
+++ b/src/udev/udev-builtin-net_id.c
@@ -948,11 +948,11 @@ static int names_usb(sd_device *dev, NetNames *names) {
/* append USB config number, suppress the common config == 1 */
if (!streq(config, "1"))
- l = strpcpyl(&s, sizeof(names->usb_ports), "c", config, NULL);
+ l = strpcpyl(&s, l, "c", config, NULL);
/* append USB interface number, suppress the interface == 0 */
if (!streq(interf, "0"))
- l = strpcpyl(&s, sizeof(names->usb_ports), "i", interf, NULL);
+ l = strpcpyl(&s, l, "i", interf, NULL);
if (l == 0)
return log_device_debug_errno(dev, SYNTHETIC_ERRNO(ENAMETOOLONG),
"Generated USB name would be too long.");
--
2.39.1

47
backport-udev-raise-RLIMIT_NOFILE-as-high-as-we-can.patch Normal file
View File

@ -0,0 +1,47 @@
From 1617424ce76d797d081dd6cb1082b954c4d2bf38 Mon Sep 17 00:00:00 2001
From: Lennart Poettering <lennart@poettering.net>
Date: Tue, 26 Sep 2023 09:52:05 +0200
Subject: [PATCH] udev: raise RLIMIT_NOFILE as high as we can
We might need a lot of fds on large systems, hence raise RLIMIT_NOFILE
to what the service manager allows us, which is quite a lot these days.
udev already sets FORK_RLIMIT_NOFILE_SAFE when forking of chilren, thus
ensuring that forked off processes get their RLIMIT_NOFILE soft limit
reset to 1K for compat with crappy old select().
Replaces: #29298
Fixes: #28583
Conflict:code context adaptation
Reference:https://github.com/systemd/systemd-stable/commit/1617424ce76d797d081dd6cb1082b954c4d2bf38
---
src/udev/udevd.c | 4 ++++
1 file changed, 4 insertions(+)
diff --git a/src/udev/udevd.c b/src/udev/udevd.c
index 257336aec6..2ed4282253 100644
--- a/src/udev/udevd.c
+++ b/src/udev/udevd.c
@@ -18,6 +18,7 @@
#include "pretty-print.h"
#include "proc-cmdline.h"
#include "process-util.h"
+#include "rlimit-util.h"
#include "selinux-util.h"
#include "signal-util.h"
#include "socket-util.h"
@@ -365,6 +366,9 @@ int run_udevd(int argc, char *argv[]) {
if (r < 0)
return r;
+ /* Make sure we can have plenty fds (for example for pidfds) */
+ (void) rlimit_nofile_bump(-1);
+
r = RET_NERRNO(mkdir("/run/udev", 0755));
if (r < 0 && r != -EEXIST)
return log_error_errno(r, "Failed to create /run/udev: %m");
--
2.39.1

25
systemd.spec
View File

@ -25,7 +25,7 @@
Name: systemd
Url: https://www.freedesktop.org/wiki/Software/systemd
Version: 253
Release: 7
Release: 8
License: MIT and LGPLv2+ and GPLv2+
Summary: System and Service Manager
@ -60,6 +60,15 @@ Patch6006: backport-core-refuse-dbus-activation-if-dbus-is-not-running.patc
Patch6007: backport-core-only-refuse-Type-dbus-service-enqueuing-if-dbus.patch
Patch6008: backport-journalctl-verify-that-old-entries-are-not-sealed-wi.patch
Patch6009: backport-units-modprobe-.service-don-t-unescape-instance-name.patch
Patch6010: backport-core-path-do-not-enqueue-new-job-in-.trigger_notify-.patch
Patch6011: backport-socket-fix-use-of-ERRNO_IS_DISCONNECT.patch
Patch6012: backport-sd-bus-fix-use-of-ERRNO_IS_DISCONNECT.patch
Patch6013: backport-resolved-fix-use-of-ERRNO_IS_DISCONNECT.patch
Patch6014: backport-bus-add-some-minimal-bounds-check-on-signatures.patch
Patch6015: backport-udev-builtin-net_id-fix-potential-buffer-overflow.patch
Patch6016: backport-hostname-Make-sure-we-pass-error-to-bus_verify_polki.patch
Patch6017: backport-Limit-rlim_max-in-rlimit_nofile_safe-to-nr_open.patch
Patch6018: backport-udev-raise-RLIMIT_NOFILE-as-high-as-we-can.patch
Patch9008: update-rtc-with-system-clock-when-shutdown.patch
Patch9009: udev-add-actions-while-rename-netif-failed.patch
@ -1578,7 +1587,19 @@ fi
%{_libdir}/security/pam_systemd.so
%changelog
* Tue Dec 12 2023 hongjinghao <hongjinghao@huawei.com> 253-7
* Mon Dec 18 2023 huyubiao <huyubiao@huawei.com> - 253-8
- backport: sync patches from systemd community
add backport-core-path-do-not-enqueue-new-job-in-.trigger_notify-.patch
backport-socket-fix-use-of-ERRNO_IS_DISCONNECT.patch
backport-sd-bus-fix-use-of-ERRNO_IS_DISCONNECT.patch
backport-resolved-fix-use-of-ERRNO_IS_DISCONNECT.patch
backport-bus-add-some-minimal-bounds-check-on-signatures.patch
backport-udev-builtin-net_id-fix-potential-buffer-overflow.patch
backport-hostname-Make-sure-we-pass-error-to-bus_verify_polki.patch
backport-Limit-rlim_max-in-rlimit_nofile_safe-to-nr_open.patch
backport-udev-raise-RLIMIT_NOFILE-as-high-as-we-can.patch
* Tue Dec 12 2023 hongjinghao <hongjinghao@huawei.com> - 253-7
- backport: sync patches from systemd community
* Thu Nov 30 2023 jiahua.yu <jiahua.yu@shingroup.cn> - 253-6