| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
| |
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
|
| |
|
|
|
| |
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
|
| |
|
|
|
|
|
|
| |
Fixes:
- http://autobuild.buildroot.org/results/699c078aa078240c6741da4dbd0871450ceeca92
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
|
| |
|
|
|
|
|
|
| |
This is a backport from upstream.
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Acked-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
In addition:
- Remove unused option -Dkill-path.
(See commit 9a85778412fa3e3f8d4561064131ba69f3259b28)
- Change option -Dmyhostname to -Dnss-myhostname.
- Remove patches from upstream.
- Update hash of README file. The changes are unrelated to licensing.
Signed-off-by: Adam Duskett <Aduskett@gmail.com>
Tested-by: Jérémy Rosen <jeremy.rosen@smile.fr>
[Thomas: update the hash of the README file.]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Pass -Werror=shadow in args of cc.compiles in meson.build otherwise test
will always succeed, causing -Werror=shadow to be passed, even on older gcc versions.
GCC 4.8 changed the behaviour of -Werror=shadow to no longer complain about
local variable declariations shadowing functions, which systemd has. From
the changelog:
The option -Wshadow no longer warns if a declaration shadows a function
declaration, unless the former declares a function or pointer to function,
because this is a common and valid case in real-world code.
https://www.gnu.org/software/gcc/gcc-4.8/changes.html
Fixes:
- http://autobuild.buildroot.org/results/ffd71c473d3b29618c18cd2e04705370266696f2
[Peter: extend commit message, add gcc 4.8 link]
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Since version v239, systemd-nspawn unconditioanlly uses prlimit(2),
which is not implemented in uClibc-ng. systemd-nspawn can not be
disabled.
This makes systemd glibc-only again.
After a bit of discussion with upstream (om IRC), it looks very
improbable that they accept a patch making systemd-nspawn optional.
They would probably consider a patch that provides that syscall wrapper
if it is missing, though, but that's less trivial...
Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Cc: Waldemar Brodkorb <wbx@openadk.org>
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Cc: Peter Korsgaard <peter@korsgaard.com>
Reviewed-by: Matt Weber <matthew.weber@rockwellcollins.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
meson-based build of systemd runs a couple of checks on the structure
of the *host* system which will incorrectly configure systemd if build
host configuration doesn't match Buildroot target.
One can also find the following in the NEWS file:
* A new -Dsplit-bin= build configuration switch may be used to specify
whether bin and sbin directories are merged, or if they should be
included separately in $PATH and various listings of executable
directories. The build configuration scripts will try to autodetect
the proper values of -Dsplit-usr= and -Dsplit-bin= based on build
system, but distributions are encouraged to configure this
explicitly.
Signed-off-by: Alexander Sverdlin <alexander.sverdlin@gmail.com>
Acked-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Systemd-networkd is vulnerable to an out out-of-bounds heap write in the
DHCPv6 client when handling options sent by network adjacent DHCP servers.
A attacker could exploit this via malicious DHCP server to corrupt heap
memory on client machines, resulting in a denial of service or potential
code execution.
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
[Peter: add description]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
|
| |\
| |
| |
| | |
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
|
| | |
| |
| |
| |
| |
| |
| |
| | |
ARC port was merged in v234, see
https://github.com/systemd/systemd/commit/27b09f1f1ed29edb9c52ad8414c2344974a07a23
Signed-off-by: Alexey Brodkin <abrodkin@synopsys.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Backport 2 patches fixing statx redefinition:
In file included from ../src/basic/missing.h:18,
from ../src/basic/util.h:28,
from ../src/basic/hashmap.h:10,
from ../src/shared/bus-util.h:12,
from ../src/libsystemd/sd-bus/bus-creds.c:11:
/usr/include/linux/stat.h:99:8: error: redefinition of ‘struct statx’
Signed-off-by: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
|
| |/
|
|
|
|
|
|
| |
systemd can use elfutils when available, so this commit adds the
detection of this library.
Signed-off-by: Keith Mok <ek9852@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The recent bump of polkit introduced a version that now unconditionally
uses glibc-specific functions from the getnetgrent() familly, which are
not available on musl or uClibc-ng.
Hide away polkit when the C library is not glibc.
Propagate the dependency to packages that select polkit: udisks and
systemd. For systemd, add a comment.
Fixes:
http://autobuild.buildroot.org/results/d78/d783e6db60b187aa591f4b0150c590ab3aa5252f/ (musl)
http://autobuild.buildroot.org/results/ba5/ba5da960c70c765bee753a79b9ad2c10967d05d6/ (uclibc)
[...]
Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Cc: Marek Belisko <marek.belisko@open-nandra.com>
Cc: Maxime Hadjinlian <maxime.hadjinlian@gmail.com>
Cc: Artem Panfilov <apanfilov@spectracom.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
|
| |
|
|
|
| |
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
|
| |
|
|
|
|
|
|
|
|
|
| |
We need to install polkit before systemd if we want to enable
polkit integration, because systemd will not install polkit
policy files unless it finds polkit-gobject-1.
Signed-off-by: Asgeir Bjarni Ingvarsson <asgeir@appdynamic.com>
Acked-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
|
| |
|
|
|
|
|
|
|
| |
The special 65534 group is named nogroup (not nobody) in buildroot
tell systemd about that
Signed-off-by: Jérémy Rosen <jeremy.rosen@smile.fr>
Reviewed-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
|
| |
|
|
|
|
|
|
| |
systemd can use libpcre2 when available, so this commit adds the
detection of this library.
Signed-off-by: Jérémy Rosen <jeremy.rosen@smile.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
|
| |
|
|
|
|
|
|
|
|
| |
Since commit db860d7837ca8665524f4046030beaf3d7f5e932 ("systemd: bump
to 236, convert to meson"), we're no longer using the autotools build
system, and have switched to meson. Therefore, patching m4 files is no
longer useful.
Suggested-by: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
* remove upstreamed patches
* refresh patch 0002 which didn't apply cleanly
* update patch 0001 to catch more uses of agetty
* the README file hash has changed because some parts of this file
were modified between v237 and v239, but the modifications are not
related to licensing aspects
Signed-off-by: Jérémy Rosen <jeremy.rosen@smile.fr>
[Thomas: regenerate patches with less "noise", update README file
hash.]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
|
| |
|
|
|
| |
Signed-off-by: Eric Le Bihan <eric.le.bihan.dev@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
|
| |
|
|
|
|
|
|
|
|
| |
Commit 4ded5d6af4f0198036183f00de190569d7578bc3 ("systemd: add
optional dependency on libidn2") contained a mistake: -Dlibidn2=true
was passed even when neither libidn nor libidn2 are
available. Obviously it should be -Dlibidn2=false.
Reported-by: Arnout Vandecappelle <arnout@mind.be>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
|
| |
|
|
|
|
| |
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
[Thomas: simplify ifeq/else/endif sequence.]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
|
| |
|
|
|
|
|
|
|
| |
In addition to the 'halt', 'poweroff', 'reboot' symlinks pointing to
systemctl, add 'shutdown'.
Signed-off-by: Anssi Hannula <anssi.hannula@bitwise.fi>
Acked-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
|
| |
|
|
|
|
| |
Signed-off-by: Stefan Becker <chemobejk@gmail.com>
Tested-by: Joseph Kogut <joseph.kogut@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
|
| |
|
|
|
|
|
| |
... to follow the convention: type, default, depends on, select, help.
Signed-off-by: Ricardo Martincoski <ricardo.martincoski@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
|
| |
|
|
|
|
|
|
|
|
|
| |
Fixes:
http://autobuild.buildroot.org/results/4c439ee000354f90b4e59ee4006530f77263db47/
Signed-off-by: Stefan Becker <chemobejk@gmail.com>
Tested-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Reviewed-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
systemd meson.build uses values from host /etc/login.defs if
system-uid-max and system-gid-max build options are not explicitly
specified.
Avoid that by setting system-uid-max and system-gid-max to 999 which is
the systemd default if SYSTEM_UID_MAX and SYSTEM_GID_MAX are not set in
/etc/login.defs.
Signed-off-by: Anssi Hannula <anssi.hannula@bitwise.fi>
Acked-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
|
| |\
| |
| |
| | |
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
We need to disable any systemd parts using either IDN, NSS or gshadow.
IDN is only disabled in C library function call to getnameinfo(),
it does not effect libidn/libidn2 usage in systemd.
Tested with qemu-system-arm.
Signed-off-by: Waldemar Brodkorb <wbx@openadk.org>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Not all distributions have the language-agnostic C.UTF-8 locale (Gentoo,
I'm frowning at you!).
Instead, use any UTF-8 locale provided by the system.
Reported-by: Christian Stewart <kidovate@gmail.com>
Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Cc: Maxime Hadjinlian <maxime.hadjinlian@gmail.com>
Cc: Julius Kriukas <julius@kriukas.lt>
Cc: Christian Stewart <kidovate@gmail.com>
Cc: Trent Piepho <tpiepho@impinj.com>
Cc: Adam Duskett <aduskett@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
udevd needs extra groups for its bundled rules:
Mar 03 12:21:30 buildroot systemd-udevd[732]: Specified group 'render' unknown
Mar 03 12:21:30 buildroot systemd-udevd[732]: Specified group 'kvm' unknown
Add those missing groups.
Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Cc: Maxime Hadjinlian <maxime.hadjinlian@gmail.com>
Cc: Julius Kriukas <julius@kriukas.lt>
Cc: Trent Piepho <tpiepho@impinj.com>
Cc: Adam Duskett <aduskett@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
When BR2_REPRODUCIBLE is enabled or host uses non UTF-8 capable locale
building systemd fails with an error:
[1/1080] Generating systemd.bg.catalog with a meson_exe.py custom command.
FAILED: catalog/systemd.bg.catalog
/buildroot/output/host/bin/python3 /buildroot/output/host/bin/meson --internal exe /buildroot/output/build/systemd-236/build/meson-private/meson_exe_sed_232a0623cc7ce2cd67ec72ed784b76307102ed76.dat
Warning: You are using 'ANSI_X3.4-1968' which is not a Unicode-compatible locale.
You might see errors if you use UTF-8 strings as filenames, as strings, or as file contents.
Please switch to a UTF-8 locale for your platform.
...
UnicodeDecodeError: 'ascii' codec can't decode byte 0xd0 in position 1079: ordinal not in range(128)
package/pkg-generic.mk:247: recipe for target '/buildroot/output/build/systemd-236/.stamp_built' failed
make: *** [/buildroot/output/build/systemd-236/.stamp_built] Error 1
This patch changes default host system locale from C to C.UTF-8 when
building systemd package to fix this issue. It also introduces
BR2_NEEDS_HOST_C_UTF8_LOCALE flag that checks if this locale is available on
the host system. If locale is not available error message is show and build
process is stopped.
Signed-off-by: Julius Kriukas <julius@kriukas.lt>
[Thomas: use C.UTF-8 instead of en_US.UTF-8.]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
|
| | |
| |
| |
| |
| |
| |
| | |
systemd-237 slightly changed the README, but the hash was not updated
leading to legal-info failing. Fix it.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
The patch to allow systemd to work with old "ln" versions that don't
support --relative didn't work properly in the the meson-add-wants.sh
script.
This results in all the links in systemd's "*.wants" directories being
broken, e.g.
/usr/lib/systemd/system/multi-user.target.wants/getty.target ->
../../../../usr/lib/systemd/system/getty.target
There is one too few ".." in that relative link.
The problem is that the script is called with the link name being either a
file or an existing directory. In the latter case, ln creates the link in
the directory using the name of the target. This means the link is one
level deeper than the relative link making code thinks.
The solution used is to only dirname the link, moving up a level, if it's
not a directory, to mimic ln's logic in how it creates links.
Signed-off-by: Trent Piepho <tpiepho@impinj.com>
Tested-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
|
| |/
|
|
|
|
|
|
| |
While the conversion to meson, this seems to be missed.
Found while trying to build systemd with uClibc toolchain.
Signed-off-by: Waldemar Brodkorb <wbx@openadk.org>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
|
| |
|
|
|
|
|
|
| |
Also refresh patches and remove 0004-add-false-option-for-tests.patch as it has
been added upstream.
Signed-off-by: Adam Duskett <Adamduskett@outlook.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
|
| |
|
|
|
|
|
|
|
|
| |
Commit aebabb2780da4c5f85fec00b56f4690feb646073 used an automoake
configuration option. Replace it with the meson version.
Fixes #10716
Signed-off-by: Stefan Becker <chemobejk@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
|
| |
|
|
|
|
|
|
|
|
| |
When BR2_TARGET_GENERIC_HOSTNAME is set, use the config option
--with-fallback-hostname to specify the fallback hostname to use
if none is configured in /etc/hostname. This is useful in a
pristine installation with an empty /etc.
Signed-off-by: Chris Lesiak <chris.lesiak@licor.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
systemd is no longer an autotools package, as such, it has now been converted
over to meson.
Even though systemd234 has meson support, it is broken with gcc7, as such
the revision bump and conversion to meson must be in a single patch.
Changes include:
- Change systemd from an autotools package to a generic package
- Changing all the options from --enable/disable to -Doption=true/false
- Remove --without-python (no longer an option)
- Remove all of the ac_cv_path_ variables, and move them into CONF_OPTS
with the prefix -Doption-path=/path.
- Add sha256sum's for the license files.
- Remove 0002-build-check-for-ln-relative.patch and add
0002-install-dont-use-ln-relative.patch in its place, the old patch relied on autotools and is no longer relevant.
- Add 0004-add-false-option-for-tests.patch. With the conversion to meson,
systemd no longer has the option to disable unit tests from being built.
This patch re-adds the functionality. This prevents 381 files from being
built, and prevents gcrypt from becoming a dependency.
Signed-off-by: Adam Duskett <Adamduskett@outlook.com>
Tested-by: Jérémy Rosen <jeremy.rosen@smile.fr>
Reviewed-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Tested-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Tested-by: gitlab-ci https://gitlab.com/ymorin/buildroot-ci/pipelines/15857672/builds
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
This commit fixes the warnings reported by check-package on the help
text of all package Config.in files, related to the formatting of the
help text: should start with a tab, then 2 spaces, then at most 62
characters.
The vast majority of warnings fixed were caused by too long lines. A
few warnings were related to spaces being used instead of a tab to
indent the help text.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Other changes:
- Removed the following patches due to being merged upstream:
- resolved-bugfix-of-null-pointer-p-question-dereferencing.patch
- resolved-simplify-alloc-size-calculation.patch
- resolved-do-not-allocate-packets-with-minimum-size.patch
- Updated the following patches to work with 234:
- fix-getty-unit.patch
- build-check-for-ln-relative.patch
- fix-am-path-libgcrypt-no-found.patch
- Updated ordering of remaining patches.
- Reformatted remaining patches as git style patches.
- Updated Upstream-Status comment in "build-check-for-ln-relative.patch" to
"Denied [No desire to support building on old distributions]"
Signed-off-by: Adam Duskett <aduskett@gmail.com>
Tested-by: Marcus Hoffmann <m.hoffmann@caretelsol.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
|
| |
|
|
|
|
|
|
|
|
|
| |
Since things are no longer installed in $(HOST_DIR)/usr, the callers
should also not refer to it.
This is a mechanical change with
git grep -l '$(HOST_DIR)/usr/bin' | xargs sed -i 's%$(HOST_DIR)/usr/bin%$(HOST_DIR)/bin%g'
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The ifupdown scripts can be used independently of the init system, be it
sysv, busybox or systemd; they could even be used when there is no init
system (i.e. the user is providing his own).
Currently, those ifupdown scripts are bundled in the skeleton.
But we soon will have a skeleton specific to systemd, so we would be
missing those scripts (when systemd-networkd is not enabled).
So, move those scripts to their own package.
To keep the current behaviour (before it is changed in future commits),
we make that package default to y, but depend on the default skeleton.
Instead of being a target-finalize hook, the scripts are installed as
any other package are, with a package install-target command.
Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Cc: Arnout Vandecappelle <arnout@mind.be>
Cc: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Cc: Maxime Hadjinlian <maxime.hadjinlian@gmail.com>
Reviewed-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
[Thomas: drop empty IFUPDOWN_SCRIPTS_SOURCE]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
|
| |
|
|
|
|
|
|
|
|
| |
systemd does not like being booted without any timezone info (especially
on a R/O filesystem), so we forcibly enable that.
Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Cc: Maxime Hadjinlian <maxime.hadjinlian@gmail.com>
[Thomas: fix alphabetic ordering.]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
|
| |
|
|
|
|
|
|
| |
Patches downloaded from Github are not stable, so bring them in the
tree.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Add a fix for CVE-2017-9445: In systemd through 233, certain sizes passed to
dns_packet_new in systemd-resolved can cause it to allocate a buffer that's
too small. A malicious DNS server can exploit this via a response with a
specially crafted TCP payload to trick systemd-resolved into allocating a
buffer that's too small, and subsequently write arbitrary data beyond the
end of it.
The other patch fixes an issue with the security fix.
[Peter: use CVE description from MITRE]
Cc: Maxime Hadjinlian <maxime.hadjinlian@gmail.com>
Cc: Yann E. MORIN <yann.morin.1998@free.fr>
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
systemd's configure is looking in $PATH to find utilities that will be
needed at runtime.
Usually, those utilties, when installed on the host, will be found in
the same path they would be present on the target. For example,
/usr/bin/mount on the host would also be /usr/bin/mount on the target,
and all is find.
Except when we need to install a host variant of util-linux, which will
install mount in $(HOST_DIR), in which case systemd's configure would
find that one.
Of course, it is also very well possible that those utilities are not
installed on the host in the same location they would be on the target,
in case a user has manually installed some of those (e.g. in /usr/local/
or in /opt/)
Forcibly set the path to those utilities, as they are expected to be on
the target.
For kexec, we can set it even though we do not depend on it (yet).
systemd will appropriately test it at runtime.
For quota, we point to non-existing files, so as to catch errors at
runtime. It is to be noted that quotacheck is optional, while quotaon
does not seem to be (a service file is always installed, that uses it).
Note: utilties listed in the order they appear in configure.ac
Reported-by: Adam Duskett <aduskett@gmail.com>
Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Cc: Maxime Hadjinlian <maxime.hadjinlian@gmail.com>
Cc: Adam Duskett <aduskett@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
|
| |
|
|
|
|
|
|
|
| |
Fixes CVE-2017-9217: remote DoS (daemon crash) via a crafted DNS response with
an empty question section.
Cc: Maxime Hadjinlian <maxime.hadjinlian@gmail.com>
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
|
| |
|
|
|
|
|
|
|
|
| |
The check-package script when ran gave warnings on only using
one space before backslashes on all of these makefiles.
This patch cleans up all warnings related to the one space before
backslashes rule in the make files in the package directory.
Signed-off-by: Adam Duskett <aduskett@codeblue.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
|
