Bug#942446: buster-pu: package systemd/241-7~deb10u2
Michael Biebl
biebl at debian.org
Wed Oct 16 16:18:18 BST 2019
Package: release.debian.org
Severity: normal
Tags: buster
User: release.debian.org at packages.debian.org
Usertags: pu
Hi,
I'd like to make a stable upload for systemd, fixing various issues,
including a CVE.
A full debdiff is attached, an annotated changelog follows.
I've also CC d-i/kibi, as we build a udeb.
I don't think we have any changes that affect the installer, that said,
a test run/review by kibi would be very much appreciated.
systemd (241-7~deb10u2) buster; urgency=medium
* core: never propagate reload failure to service result.
Fixes a regression introduced in v239 where the main process of a
service unit gets killed on reload if ExecReload fails. (Closes: #936032)
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=936032
https://salsa.debian.org/systemd-team/systemd/commit/3802da815587058dedc75e7fec7e1de993a6c549
* shared/seccomp: add sync_file_range2.
Some architectures need the arguments to be reordered because of alignment
issues. Otherwise, it's the same as sync_file_range.
Fixes sync_file_range failures in nspawn containers on arm, ppc.
(Closes: #935091)
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=935091
https://salsa.debian.org/systemd-team/systemd/commit/e050f84ccbf3f6c689c706fdf7a5d759b8a49d60
* core: factor root_directory application out of apply_working_directory.
Fixes RootDirectory not working when used in combination with User.
(Closes: #939408)
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=939408
https://salsa.debian.org/systemd-team/systemd/commit/0686cb963a02990f5b9c3e04c3da6a7c44a1e96c
* shared/bus-util: drop trusted annotation from
bus_open_system_watch_bind_with_description().
This ensures that access controls on systemd-resolved's D-Bus interface
are enforced properly.
(CVE-2019-15718, Closes: #939353)
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=939353
https://salsa.debian.org/systemd-team/systemd/commit/d1cd6601c96c8b00e35ab84142a628f5838b5473
* login: add a missing error check for session_set_leader()
Fixes assertion due to insufficient function return check.
(Closes: #939998)
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=939998
https://salsa.debian.org/systemd-team/systemd/commit/6ffdf1f33fc11aeafdcd5b62e3083d40fd43b36e
* d/e/r/73-usb-net-by-mac.rules: import net.ifnames only for network devices
(Closes: #934589)
* d/e/r/73-usb-net-by-mac.rules: skip if iface name was provided by user-space
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=934589
https://salsa.debian.org/systemd-team/systemd/commit/933b0b9c546bcc0c1ff5cdfec8b528ac80926622
https://salsa.debian.org/systemd-team/systemd/commit/93da42a3ecfee7731ddb843aec307f84f3843788
* namespace: make MountFlags=shared work again (Closes: #939551)
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=939551
https://salsa.debian.org/systemd-team/systemd/commit/ee6f86d86cb791a09b9de6b43f8fa5f832c757e2
* mount/generators: do not make unit wanted by its device unit.
Among other things, this fixes StopWhenUnneeded=true being broken for
mount units. (Closes: #941758)
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=941758
https://salsa.debian.org/systemd-team/systemd/commit/e1be83ad48df9743cabc0c23c086f6f53e8eb46d
-- Michael Biebl <biebl at debian.org> Wed, 16 Oct 2019 15:24:54 +0200
All patches are cherry-picks from upstream, all bugs have been fixed
in sid/bullseye, so have seem some wider testing without any reported
regressions so far.
Regards,
Michael
-- System Information:
Debian Release: bullseye/sid
APT prefers unstable
APT policy: (500, 'unstable'), (200, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386
Kernel: Linux 5.2.0-3-amd64 (SMP w/4 CPU cores)
Kernel taint flags: TAINT_WARN
Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8), LANGUAGE=de_DE.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled
-------------- next part --------------
diff --git a/debian/changelog b/debian/changelog
index 498f68a..f63e21d 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,34 @@
+systemd (241-7~deb10u2) buster; urgency=medium
+
+ * core: never propagate reload failure to service result.
+ Fixes a regression introduced in v239 where the main process of a
+ service unit gets killed on reload if ExecReload fails. (Closes: #936032)
+ * shared/seccomp: add sync_file_range2.
+ Some architectures need the arguments to be reordered because of alignment
+ issues. Otherwise, it's the same as sync_file_range.
+ Fixes sync_file_range failures in nspawn containers on arm, ppc.
+ (Closes: #935091)
+ * core: factor root_directory application out of apply_working_directory.
+ Fixes RootDirectory not working when used in combination with User.
+ (Closes: #939408)
+ * shared/bus-util: drop trusted annotation from
+ bus_open_system_watch_bind_with_description().
+ This ensures that access controls on systemd-resolved's D-Bus interface
+ are enforced properly.
+ (CVE-2019-15718, Closes: #939353)
+ * login: add a missing error check for session_set_leader()
+ Fixes assertion due to insufficient function return check.
+ (Closes: #939998)
+ * d/e/r/73-usb-net-by-mac.rules: import net.ifnames only for network devices
+ (Closes: #934589)
+ * d/e/r/73-usb-net-by-mac.rules: skip if iface name was provided by user-space
+ * namespace: make MountFlags=shared work again (Closes: #939551)
+ * mount/generators: do not make unit wanted by its device unit.
+ Among other things, this fixes StopWhenUnneeded=true being broken for
+ mount units. (Closes: #941758)
+
+ -- Michael Biebl <biebl at debian.org> Wed, 16 Oct 2019 15:24:54 +0200
+
systemd (241-7~deb10u1) buster; urgency=medium
* Rebuild for buster
diff --git a/debian/extra/rules/73-usb-net-by-mac.rules b/debian/extra/rules/73-usb-net-by-mac.rules
index 8969f59..20c3e84 100644
--- a/debian/extra/rules/73-usb-net-by-mac.rules
+++ b/debian/extra/rules/73-usb-net-by-mac.rules
@@ -1,12 +1,17 @@
# Use MAC based names for network interfaces which are directly or indirectly
# on USB and have an universally administered (stable) MAC address (second bit
# is 0). Don't do this when ifnames is disabled via kernel command line or
-# customizing/disabling 99-default.link (or previously 80-net-setup-link.rules).
+# customizing/disabling 99-default.link (or previously 80-net-setup-link.rules)
+# or if the interface name was provided by user-space.
+
+ACTION=="remove", GOTO="usb_net_by_mac_end"
+SUBSYSTEM!="net", GOTO="usb_net_by_mac_end"
+ATTR{name_assign_type}=="3", GOTO="usb_net_by_mac_end"
IMPORT{cmdline}="net.ifnames"
ENV{net.ifnames}=="0", GOTO="usb_net_by_mac_end"
-ACTION=="add", SUBSYSTEM=="net", SUBSYSTEMS=="usb", NAME=="", \
+SUBSYSTEMS=="usb", NAME=="", \
ATTR{address}=="?[014589cd]:*", \
TEST!="/etc/udev/rules.d/80-net-setup-link.rules", \
TEST!="/etc/systemd/network/99-default.link", \
diff --git a/debian/patches/core-factor-root_directory-application-out-of-apply_worki.patch b/debian/patches/core-factor-root_directory-application-out-of-apply_worki.patch
new file mode 100644
index 0000000..3ee945a
--- /dev/null
+++ b/debian/patches/core-factor-root_directory-application-out-of-apply_worki.patch
@@ -0,0 +1,89 @@
+From: Joerg Behrmann <behrmann at physik.fu-berlin.de>
+Date: Fri, 21 Jun 2019 13:51:53 +0200
+Subject: core: factor root_directory application out of
+ apply_working_directory
+
+Fixes: #12498
+(cherry picked from commit fa97f63067a05b4e793fd4e0a2b54797459b4812)
+---
+ src/core/execute.c | 38 ++++++++++++++++++++++++++++----------
+ 1 file changed, 28 insertions(+), 10 deletions(-)
+
+diff --git a/src/core/execute.c b/src/core/execute.c
+index a708231..47518f4 100644
+--- a/src/core/execute.c
++++ b/src/core/execute.c
+@@ -2480,7 +2480,6 @@ static int apply_working_directory(
+ const ExecContext *context,
+ const ExecParameters *params,
+ const char *home,
+- const bool needs_mount_ns,
+ int *exit_status) {
+
+ const char *d, *wd;
+@@ -2502,15 +2501,9 @@ static int apply_working_directory(
+ else
+ wd = "/";
+
+- if (params->flags & EXEC_APPLY_CHROOT) {
+- if (!needs_mount_ns && context->root_directory)
+- if (chroot(context->root_directory) < 0) {
+- *exit_status = EXIT_CHROOT;
+- return -errno;
+- }
+-
++ if (params->flags & EXEC_APPLY_CHROOT)
+ d = wd;
+- } else
++ else
+ d = prefix_roota(context->root_directory, wd);
+
+ if (chdir(d) < 0 && !context->working_directory_missing_ok) {
+@@ -2521,6 +2514,26 @@ static int apply_working_directory(
+ return 0;
+ }
+
++static int apply_root_directory(
++ const ExecContext *context,
++ const ExecParameters *params,
++ const bool needs_mount_ns,
++ int *exit_status) {
++
++ assert(context);
++ assert(exit_status);
++
++ if (params->flags & EXEC_APPLY_CHROOT) {
++ if (!needs_mount_ns && context->root_directory)
++ if (chroot(context->root_directory) < 0) {
++ *exit_status = EXIT_CHROOT;
++ return -errno;
++ }
++ }
++
++ return 0;
++}
++
+ static int setup_keyring(
+ const Unit *u,
+ const ExecContext *context,
+@@ -3425,6 +3438,11 @@ static int exec_child(
+ }
+ }
+
++ /* chroot to root directory first, before we lose the ability to chroot */
++ r = apply_root_directory(context, params, needs_mount_namespace, exit_status);
++ if (r < 0)
++ return log_unit_error_errno(unit, r, "Chrooting to the requested root directory failed: %m");
++
+ if (needs_setuid) {
+ if (context->user) {
+ r = enforce_user(context, uid);
+@@ -3457,7 +3475,7 @@ static int exec_child(
+
+ /* Apply working directory here, because the working directory might be on NFS and only the user running
+ * this service might have the correct privilege to change to the working directory */
+- r = apply_working_directory(context, params, home, needs_mount_namespace, exit_status);
++ r = apply_working_directory(context, params, home, exit_status);
+ if (r < 0)
+ return log_unit_error_errno(unit, r, "Changing to the requested working directory failed: %m");
+
diff --git a/debian/patches/core-never-propagate-reload-failure-to-service-result.patch b/debian/patches/core-never-propagate-reload-failure-to-service-result.patch
new file mode 100644
index 0000000..062434d
--- /dev/null
+++ b/debian/patches/core-never-propagate-reload-failure-to-service-result.patch
@@ -0,0 +1,23 @@
+From: Lennart Poettering <lennart at poettering.net>
+Date: Wed, 17 Jul 2019 19:16:33 +0200
+Subject: core: never propagate reload failure to service result
+
+Fixes: #11238
+(cherry picked from commit d611cfa748aaf600832160132774074e808c82c7)
+---
+ src/core/service.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/src/core/service.c b/src/core/service.c
+index 324dcf2..5f5bcb3 100644
+--- a/src/core/service.c
++++ b/src/core/service.c
+@@ -3335,7 +3335,7 @@ static void service_sigchld_event(Unit *u, pid_t pid, int code, int status) {
+ service_exec_command_to_string(s->control_command_id),
+ code, status);
+
+- if (s->result == SERVICE_SUCCESS)
++ if (s->state != SERVICE_RELOAD && s->result == SERVICE_SUCCESS)
+ s->result = f;
+
+ if (s->control_command &&
diff --git a/debian/patches/login-add-a-missing-error-check-for-session_set_leader.patch b/debian/patches/login-add-a-missing-error-check-for-session_set_leader.patch
new file mode 100644
index 0000000..ba8bfa9
--- /dev/null
+++ b/debian/patches/login-add-a-missing-error-check-for-session_set_leader.patch
@@ -0,0 +1,29 @@
+From: Yu Watanabe <watanabe.yu+github at gmail.com>
+Date: Thu, 14 Feb 2019 10:59:13 +0900
+Subject: login: add a missing error check for session_set_leader()
+
+session_set_leader() may fail. If it fails, then manager_start_scope()
+will trigger assertion.
+
+This may be related to RHBZ#1663704.
+
+(cherry picked from commit fe3ab8458b9c0ead4b3e14ac25b342d8c34376fe)
+---
+ src/login/logind-dbus.c | 4 +++-
+ 1 file changed, 3 insertions(+), 1 deletion(-)
+
+diff --git a/src/login/logind-dbus.c b/src/login/logind-dbus.c
+index 8ab498f..b9ea370 100644
+--- a/src/login/logind-dbus.c
++++ b/src/login/logind-dbus.c
+@@ -790,7 +790,9 @@ static int method_create_session(sd_bus_message *message, void *userdata, sd_bus
+ goto fail;
+
+ session_set_user(session, user);
+- session_set_leader(session, leader);
++ r = session_set_leader(session, leader);
++ if (r < 0)
++ goto fail;
+
+ session->type = t;
+ session->class = c;
diff --git a/debian/patches/mount-generators-do-not-make-unit-wanted-by-its-device-un.patch b/debian/patches/mount-generators-do-not-make-unit-wanted-by-its-device-un.patch
new file mode 100644
index 0000000..d38962f
--- /dev/null
+++ b/debian/patches/mount-generators-do-not-make-unit-wanted-by-its-device-un.patch
@@ -0,0 +1,58 @@
+From: Tom Yan <tom.ty89 at gmail.com>
+Date: Wed, 9 Jan 2019 23:35:24 +0800
+Subject: mount/generators: do not make unit wanted by its device unit
+
+As device units will be reloaded by systemd whenever the corresponding device generates a "changed" event, if the mount unit / cryptsetup service is wanted by its device unit, the former can be restarted by systemd unexpectedly after the user stopped them explicitly. It is not sensible at all and can be considered dangerous. Neither is the behaviour conventional (as `auto` in fstab should only affect behaviour on boot and `mount -a`) or ever documented at all (not even in systemd, see systemd.mount(5) and crypttab(5)).
+
+(cherry picked from commit 142b8142d7bb84f07ac33fc00527a4d48ac8ef9f)
+---
+ src/core/mount.c | 6 +-----
+ src/cryptsetup/cryptsetup-generator.c | 4 ----
+ 2 files changed, 1 insertion(+), 9 deletions(-)
+
+diff --git a/src/core/mount.c b/src/core/mount.c
+index c31cad6..7064fa1 100644
+--- a/src/core/mount.c
++++ b/src/core/mount.c
+@@ -338,7 +338,6 @@ static int mount_add_mount_dependencies(Mount *m) {
+ }
+
+ static int mount_add_device_dependencies(Mount *m) {
+- bool device_wants_mount;
+ UnitDependencyMask mask;
+ MountParameters *p;
+ UnitDependency dep;
+@@ -368,9 +367,6 @@ static int mount_add_device_dependencies(Mount *m) {
+ if (path_equal(m->where, "/"))
+ return 0;
+
+- device_wants_mount =
+- mount_is_auto(p) && !mount_is_automount(p) && MANAGER_IS_SYSTEM(UNIT(m)->manager);
+-
+ /* Mount units from /proc/self/mountinfo are not bound to devices
+ * by default since they're subject to races when devices are
+ * unplugged. But the user can still force this dep with an
+@@ -381,7 +377,7 @@ static int mount_add_device_dependencies(Mount *m) {
+ /* We always use 'what' from /proc/self/mountinfo if mounted */
+ mask = m->from_proc_self_mountinfo ? UNIT_DEPENDENCY_MOUNTINFO_IMPLICIT : UNIT_DEPENDENCY_FILE;
+
+- r = unit_add_node_dependency(UNIT(m), p->what, device_wants_mount, dep, mask);
++ r = unit_add_node_dependency(UNIT(m), p->what, false, dep, mask);
+ if (r < 0)
+ return r;
+
+diff --git a/src/cryptsetup/cryptsetup-generator.c b/src/cryptsetup/cryptsetup-generator.c
+index 8759a26..ea18e84 100644
+--- a/src/cryptsetup/cryptsetup-generator.c
++++ b/src/cryptsetup/cryptsetup-generator.c
+@@ -287,10 +287,6 @@ static int create_disk(
+ return log_error_errno(r, "Failed to write unit file %s: %m", n);
+
+ if (!noauto) {
+- r = generator_add_symlink(arg_dest, d, "wants", n);
+- if (r < 0)
+- return r;
+-
+ r = generator_add_symlink(arg_dest,
+ netdev ? "remote-cryptsetup.target" : "cryptsetup.target",
+ nofail ? "wants" : "requires", n);
diff --git a/debian/patches/mount-remove-unused-mount_is_auto-and-mount_is_automount.patch b/debian/patches/mount-remove-unused-mount_is_auto-and-mount_is_automount.patch
new file mode 100644
index 0000000..58acfc8
--- /dev/null
+++ b/debian/patches/mount-remove-unused-mount_is_auto-and-mount_is_automount.patch
@@ -0,0 +1,34 @@
+From: Tom Yan <tom.ty89 at gmail.com>
+Date: Thu, 10 Jan 2019 00:19:43 +0800
+Subject: mount: remove unused mount_is_auto and mount_is_automount
+
+(cherry picked from commit d0fe45cb151774827a3aca4ea5a19856dec9f600)
+---
+ src/core/mount.c | 14 --------------
+ 1 file changed, 14 deletions(-)
+
+diff --git a/src/core/mount.c b/src/core/mount.c
+index 7064fa1..8da818b 100644
+--- a/src/core/mount.c
++++ b/src/core/mount.c
+@@ -101,20 +101,6 @@ static bool mount_is_bind(const MountParameters *p) {
+ return false;
+ }
+
+-static bool mount_is_auto(const MountParameters *p) {
+- assert(p);
+-
+- return !fstab_test_option(p->options, "noauto\0");
+-}
+-
+-static bool mount_is_automount(const MountParameters *p) {
+- assert(p);
+-
+- return fstab_test_option(p->options,
+- "comment=systemd.automount\0"
+- "x-systemd.automount\0");
+-}
+-
+ static bool mount_is_bound_to_device(const Mount *m) {
+ const MountParameters *p;
+
diff --git a/debian/patches/namespace-make-MountFlags-shared-work-again.patch b/debian/patches/namespace-make-MountFlags-shared-work-again.patch
new file mode 100644
index 0000000..2954e67
--- /dev/null
+++ b/debian/patches/namespace-make-MountFlags-shared-work-again.patch
@@ -0,0 +1,58 @@
+From: Franck Bui <fbui at suse.com>
+Date: Wed, 13 Feb 2019 18:45:36 +0100
+Subject: namespace: make MountFlags=shared work again
+
+Since commit 0722b359342d2a9f9e0d453875624387a0ba1be2, the root mountpoint is
+unconditionnally turned to slave which breaks units that are using explicitly
+MountFlags=shared (and no other options that would implicitly require a slave
+root mountpoint).
+
+Here is a test case:
+
+ $ systemctl cat test-shared-mount-flag.service
+ # /etc/systemd/system/test-shared-mount-flag.service
+ [Service]
+ Type=simple
+ ExecStartPre=/usr/bin/mkdir -p /mnt/tmp
+ ExecStart=/bin/sh -c "/usr/bin/mount -t tmpfs -o size=10M none /mnt/tmp && sleep infinity"
+ ExecStop=-/bin/sh -c "/usr/bin/umount /mnt/tmp"
+ MountFlags=shared
+
+ $ systemctl start test-shared-mount-flag.service
+ $ findmnt /mnt/tmp
+ $
+
+Mount on /mnt/tmp is not visible from the host although MountFlags=shared was
+used.
+
+This patch fixes that and turns the root mountpoint to slave when it's really
+required.
+
+(cherry picked from commit 37ed15d7edaf59a1fc7c9e3552cd93a83f3814ef)
+---
+ src/core/execute.c | 5 ++++-
+ 1 file changed, 4 insertions(+), 1 deletion(-)
+
+diff --git a/src/core/execute.c b/src/core/execute.c
+index 47518f4..f2a4c54 100644
+--- a/src/core/execute.c
++++ b/src/core/execute.c
+@@ -1839,7 +1839,7 @@ static bool exec_needs_mount_namespace(
+ if (context->n_temporary_filesystems > 0)
+ return true;
+
+- if (context->mount_flags != 0)
++ if (!IN_SET(context->mount_flags, 0, MS_SHARED))
+ return true;
+
+ if (context->private_tmp && runtime && (runtime->tmp_dir || runtime->var_tmp_dir))
+@@ -2435,6 +2435,9 @@ static int apply_mount_namespace(
+ else
+ ns_info = (NamespaceInfo) {};
+
++ if (context->mount_flags == MS_SHARED)
++ log_unit_debug(u, "shared mount propagation hidden by other fs namespacing unit settings: ignoring");
++
+ r = setup_namespace(root_dir, root_image,
+ &ns_info, context->read_write_paths,
+ needs_sandboxing ? context->read_only_paths : NULL,
diff --git a/debian/patches/series b/debian/patches/series
index 165795f..5e8940a 100644
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -31,6 +31,14 @@ network-read-link-specific-sysctl-value.patch
networkd-fix-link_up-12505.patch
network-do-not-send-ipv6-token-to-kernel.patch
meson-make-nologin-path-build-time-configurable.patch
+core-never-propagate-reload-failure-to-service-result.patch
+shared-seccomp-add-sync_file_range2.patch
+core-factor-root_directory-application-out-of-apply_worki.patch
+shared-bus-util-drop-trusted-annotation-from-bus_open_sys.patch
+login-add-a-missing-error-check-for-session_set_leader.patch
+namespace-make-MountFlags-shared-work-again.patch
+mount-generators-do-not-make-unit-wanted-by-its-device-un.patch
+mount-remove-unused-mount_is_auto-and-mount_is_automount.patch
debian/Use-Debian-specific-config-files.patch
debian/Bring-tmpfiles.d-tmp.conf-in-line-with-Debian-defaul.patch
debian/Make-run-lock-tmpfs-an-API-fs.patch
diff --git a/debian/patches/shared-bus-util-drop-trusted-annotation-from-bus_open_sys.patch b/debian/patches/shared-bus-util-drop-trusted-annotation-from-bus_open_sys.patch
new file mode 100644
index 0000000..bd736b6
--- /dev/null
+++ b/debian/patches/shared-bus-util-drop-trusted-annotation-from-bus_open_sys.patch
@@ -0,0 +1,32 @@
+From: =?utf-8?q?Zbigniew_J=C4=99drzejewski-Szmek?= <zbyszek at in.waw.pl>
+Date: Tue, 27 Aug 2019 19:00:34 +0200
+Subject: shared/bus-util: drop trusted annotation from
+ bus_open_system_watch_bind_with_description()
+
+https://bugzilla.redhat.com/show_bug.cgi?id=1746057
+
+This only affects systemd-resolved. bus_open_system_watch_bind_with_description()
+is also used in timesyncd, but it has no methods, only read-only properties, and
+in networkd, but it annotates all methods with SD_BUS_VTABLE_UNPRIVILEGED and does
+polkit checks.
+
+(cherry picked from commit 35e528018f315798d3bffcb592b32a0d8f5162bd)
+---
+ src/shared/bus-util.c | 4 ----
+ 1 file changed, 4 deletions(-)
+
+diff --git a/src/shared/bus-util.c b/src/shared/bus-util.c
+index cbcf698..9d31fba 100644
+--- a/src/shared/bus-util.c
++++ b/src/shared/bus-util.c
+@@ -1696,10 +1696,6 @@ int bus_open_system_watch_bind_with_description(sd_bus **ret, const char *descri
+ if (r < 0)
+ return r;
+
+- r = sd_bus_set_trusted(bus, true);
+- if (r < 0)
+- return r;
+-
+ r = sd_bus_negotiate_creds(bus, true, SD_BUS_CREDS_UID|SD_BUS_CREDS_EUID|SD_BUS_CREDS_EFFECTIVE_CAPS);
+ if (r < 0)
+ return r;
diff --git a/debian/patches/shared-seccomp-add-sync_file_range2.patch b/debian/patches/shared-seccomp-add-sync_file_range2.patch
new file mode 100644
index 0000000..eb4f839
--- /dev/null
+++ b/debian/patches/shared-seccomp-add-sync_file_range2.patch
@@ -0,0 +1,24 @@
+From: =?utf-8?q?Zbigniew_J=C4=99drzejewski-Szmek?= <zbyszek at in.waw.pl>
+Date: Mon, 19 Aug 2019 08:51:39 +0200
+Subject: shared/seccomp: add sync_file_range2
+
+Some architectures need the arguments to be reordered because of alignment
+issues. Otherwise, it's the same as sync_file_range.
+
+(cherry picked from commit a8fb09f57395613d472d7b555db6e0ce802a8c84)
+---
+ src/shared/seccomp-util.c | 1 +
+ 1 file changed, 1 insertion(+)
+
+diff --git a/src/shared/seccomp-util.c b/src/shared/seccomp-util.c
+index cc58b3c..958128c 100644
+--- a/src/shared/seccomp-util.c
++++ b/src/shared/seccomp-util.c
+@@ -756,6 +756,7 @@ const SyscallFilterSet syscall_filter_sets[_SYSCALL_FILTER_SET_MAX] = {
+ "msync\0"
+ "sync\0"
+ "sync_file_range\0"
++ "sync_file_range2\0"
+ "syncfs\0"
+ },
+ [SYSCALL_FILTER_SET_SYSTEM_SERVICE] = {
More information about the Pkg-systemd-maintainers
mailing list