From 89a24807206ecb9c81350164d7ee6223bfa1f3c6 Mon Sep 17 00:00:00 2001
From: Michael Biebl <biebl@debian.org>
Date: Wed, 29 Jan 2020 19:07:53 +0100
Subject: [PATCH] Import Debian changes 241-7~deb10u3
systemd (241-7~deb10u3) buster; urgency=medium
* core: set fs.file-max sysctl to LONG_MAX rather than ULONG_MAX.
Since kernel 5.2 (but also stable kernels like 4.19.53) the kernel
thankfully returns proper errors when we write a value out of range to
the sysctl. Which however breaks writing ULONG_MAX to request the
maximum value. Hence let's write the new maximum value instead,
LONG_MAX. (Closes: #945018)
* core: change ownership/mode of the execution directories also for static
users.
This ensures that execution directories like CacheDirectory and
StateDirectory are properly chowned to the user specified in User= before
launching the service. (Closes: #919231)
---
debian/changelog | 16 ++++
debian/gbp.conf | 3 +-
...-mode-of-the-execution-directories-a.patch | 85 +++++++++++++++++++
...sysctl-to-LONG_MAX-rather-than-ULONG.patch | 34 ++++++++
...-RLIMIT_CORE-to-unlimited-by-default.patch | 2 +-
...emove-one-redundant-comparison-check.patch | 29 +++++++
debian/patches/series | 3 +
7 files changed, 170 insertions(+), 2 deletions(-)
create mode 100644 debian/patches/core-change-ownership-mode-of-the-execution-directories-a.patch
create mode 100644 debian/patches/core-set-fs.file-max-sysctl-to-LONG_MAX-rather-than-ULONG.patch
create mode 100644 debian/patches/execute-remove-one-redundant-comparison-check.patch
diff --git a/debian/changelog b/debian/changelog
index f63e21d3..1d263f7a 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,19 @@
+systemd (241-7~deb10u3) buster; urgency=medium
+
+ * core: set fs.file-max sysctl to LONG_MAX rather than ULONG_MAX.
+ Since kernel 5.2 (but also stable kernels like 4.19.53) the kernel
+ thankfully returns proper errors when we write a value out of range to
+ the sysctl. Which however breaks writing ULONG_MAX to request the
+ maximum value. Hence let's write the new maximum value instead,
+ LONG_MAX. (Closes: #945018)
+ * core: change ownership/mode of the execution directories also for static
+ users.
+ This ensures that execution directories like CacheDirectory and
+ StateDirectory are properly chowned to the user specified in User= before
+ launching the service. (Closes: #919231)
+
+ -- Michael Biebl <biebl@debian.org> Wed, 29 Jan 2020 19:07:53 +0100
+
systemd (241-7~deb10u2) buster; urgency=medium
* core: never propagate reload failure to service result.
diff --git a/debian/gbp.conf b/debian/gbp.conf
index b0e00012..9591e256 100644
--- a/debian/gbp.conf
+++ b/debian/gbp.conf
@@ -1,7 +1,8 @@
[DEFAULT]
pristine-tar = True
patch-numbers = False
-debian-branch = buster
+debian-branch = debian/buster
+upstream-branch = upstream/latest
[dch]
full = True
diff --git a/debian/patches/core-change-ownership-mode-of-the-execution-directories-a.patch b/debian/patches/core-change-ownership-mode-of-the-execution-directories-a.patch
new file mode 100644
index 00000000..6f8b0fc1
--- /dev/null
+++ b/debian/patches/core-change-ownership-mode-of-the-execution-directories-a.patch
@@ -0,0 +1,85 @@
+From: Lennart Poettering <lennart@poettering.net>
+Date: Thu, 14 Mar 2019 17:19:30 +0100
+Subject: core: change ownership/mode of the execution directories also for
+ static users
+
+It's probably unexpected if we do a recursive chown() when dynamic users
+are used but not on static users.
+
+hence, let's tweak the logic slightly, and recursively chown in both
+cases, except when operating on the configuration directory.
+
+Fixes: #11842
+(cherry picked from commit 206e9864de460dd79d9edd7bedb47dee168765e1)
+---
+ src/core/execute.c | 47 ++++++++++++++++++++++++++---------------------
+ 1 file changed, 26 insertions(+), 21 deletions(-)
+
+diff --git a/src/core/execute.c b/src/core/execute.c
+index 5486e37..5c3930e 100644
+--- a/src/core/execute.c
++++ b/src/core/execute.c
+@@ -2151,37 +2151,42 @@ static int setup_exec_directory(
+ if (r < 0)
+ goto fail;
+
+- /* Lock down the access mode */
+- if (chmod(pp, context->directories[type].mode) < 0) {
+- r = -errno;
+- goto fail;
+- }
+ } else {
+ r = mkdir_label(p, context->directories[type].mode);
+ if (r < 0) {
+- struct stat st;
+-
+ if (r != -EEXIST)
+ goto fail;
+
+- if (stat(p, &st) < 0) {
+- r = -errno;
+- goto fail;
+- }
+- if (((st.st_mode ^ context->directories[type].mode) & 07777) != 0)
+- log_warning("%s \'%s\' already exists but the mode is different. "
+- "(filesystem: %o %sMode: %o)",
+- exec_directory_type_to_string(type), *rt,
+- st.st_mode & 07777, exec_directory_type_to_string(type), context->directories[type].mode & 07777);
+- if (!context->dynamic_user)
++ if (type == EXEC_DIRECTORY_CONFIGURATION) {
++ struct stat st;
++
++ /* Don't change the owner/access mode of the configuration directory,
++ * as in the common case it is not written to by a service, and shall
++ * not be writable. */
++
++ if (stat(p, &st) < 0) {
++ r = -errno;
++ goto fail;
++ }
++
++ /* Still complain if the access mode doesn't match */
++ if (((st.st_mode ^ context->directories[type].mode) & 07777) != 0)
++ log_warning("%s \'%s\' already exists but the mode is different. "
++ "(File system: %o %sMode: %o)",
++ exec_directory_type_to_string(type), *rt,
++ st.st_mode & 07777, exec_directory_type_to_string(type), context->directories[type].mode & 07777);
++
+ continue;
++ }
+ }
+ }
+
+- /* Don't change the owner of the configuration directory, as in the common case it is not written to by
+- * a service, and shall not be writable. */
+- if (type == EXEC_DIRECTORY_CONFIGURATION)
+- continue;
++ /* Lock down the access mode (we use chmod_and_chown() to make this idempotent. We don't
++ * specifiy UID/GID here, so that path_chown_recursive() can optimize things depending on the
++ * current UID/GID ownership.) */
++ r = chmod_and_chown(pp ?: p, context->directories[type].mode, UID_INVALID, GID_INVALID);
++ if (r < 0)
++ goto fail;
+
+ /* Then, change the ownership of the whole tree, if necessary */
+ r = path_chown_recursive(pp ?: p, uid, gid);
diff --git a/debian/patches/core-set-fs.file-max-sysctl-to-LONG_MAX-rather-than-ULONG.patch b/debian/patches/core-set-fs.file-max-sysctl-to-LONG_MAX-rather-than-ULONG.patch
new file mode 100644
index 00000000..6465a1f4
--- /dev/null
+++ b/debian/patches/core-set-fs.file-max-sysctl-to-LONG_MAX-rather-than-ULONG.patch
@@ -0,0 +1,34 @@
+From: Lennart Poettering <lennart@poettering.net>
+Date: Mon, 17 Jun 2019 10:51:25 +0200
+Subject: core: set fs.file-max sysctl to LONG_MAX rather than ULONG_MAX
+
+Since kernel 5.2 the kernel thankfully returns proper errors when we
+write a value out of range to the sysctl. Which however breaks writing
+ULONG_MAX to request the maximum value. Hence let's write the new
+maximum value instead, LONG_MAX.
+
+/cc @brauner
+
+Fixes: #12803
+(cherry picked from commit 6e2f78948403a4cce45b9e34311c9577c624f066)
+---
+ src/core/main.c | 6 +++---
+ 1 file changed, 3 insertions(+), 3 deletions(-)
+
+diff --git a/src/core/main.c b/src/core/main.c
+index bc7fcc6..255e204 100644
+--- a/src/core/main.c
++++ b/src/core/main.c
+@@ -1200,9 +1200,9 @@ static void bump_file_max_and_nr_open(void) {
+ #endif
+
+ #if BUMP_PROC_SYS_FS_FILE_MAX
+- /* I so wanted to use STRINGIFY(ULONG_MAX) here, but alas we can't as glibc/gcc define that as
+- * "(0x7fffffffffffffffL * 2UL + 1UL)". Seriously. 😢 */
+- if (asprintf(&t, "%lu\n", ULONG_MAX) < 0) {
++ /* The maximum the kernel allows for this since 5.2 is LONG_MAX, use that. (Previously thing where
++ * different but the operation would fail silently.) */
++ if (asprintf(&t, "%li\n", LONG_MAX) < 0) {
+ log_oom();
+ return;
+ }
diff --git a/debian/patches/debian/Revert-core-set-RLIMIT_CORE-to-unlimited-by-default.patch b/debian/patches/debian/Revert-core-set-RLIMIT_CORE-to-unlimited-by-default.patch
index f48d8415..9e1ab132 100644
--- a/debian/patches/debian/Revert-core-set-RLIMIT_CORE-to-unlimited-by-default.patch
+++ b/debian/patches/debian/Revert-core-set-RLIMIT_CORE-to-unlimited-by-default.patch
@@ -19,7 +19,7 @@ Bug-Debian: https://bugs.debian.org/815020
2 files changed, 1 insertion(+), 3 deletions(-)
diff --git a/src/core/main.c b/src/core/main.c
-index bc7fcc6..87bee9f 100644
+index 255e204..7f8dfe4 100644
--- a/src/core/main.c
+++ b/src/core/main.c
@@ -2459,8 +2459,6 @@ int main(int argc, char *argv[]) {
diff --git a/debian/patches/execute-remove-one-redundant-comparison-check.patch b/debian/patches/execute-remove-one-redundant-comparison-check.patch
new file mode 100644
index 00000000..d29ece39
--- /dev/null
+++ b/debian/patches/execute-remove-one-redundant-comparison-check.patch
@@ -0,0 +1,29 @@
+From: Lennart Poettering <lennart@poettering.net>
+Date: Thu, 14 Mar 2019 17:01:46 +0100
+Subject: execute: remove one redundant comparison check
+
+(cherry picked from commit d484580ca6f0e79abe6f3f5c677323a22d9e22d7)
+---
+ src/core/execute.c | 7 ++++---
+ 1 file changed, 4 insertions(+), 3 deletions(-)
+
+diff --git a/src/core/execute.c b/src/core/execute.c
+index f2a4c54..5486e37 100644
+--- a/src/core/execute.c
++++ b/src/core/execute.c
+@@ -2158,11 +2158,12 @@ static int setup_exec_directory(
+ }
+ } else {
+ r = mkdir_label(p, context->directories[type].mode);
+- if (r < 0 && r != -EEXIST)
+- goto fail;
+- if (r == -EEXIST) {
++ if (r < 0) {
+ struct stat st;
+
++ if (r != -EEXIST)
++ goto fail;
++
+ if (stat(p, &st) < 0) {
+ r = -errno;
+ goto fail;
diff --git a/debian/patches/series b/debian/patches/series
index 5e8940a9..d1a5bd2d 100644
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -39,6 +39,9 @@ login-add-a-missing-error-check-for-session_set_leader.patch
namespace-make-MountFlags-shared-work-again.patch
mount-generators-do-not-make-unit-wanted-by-its-device-un.patch
mount-remove-unused-mount_is_auto-and-mount_is_automount.patch
+core-set-fs.file-max-sysctl-to-LONG_MAX-rather-than-ULONG.patch
+execute-remove-one-redundant-comparison-check.patch
+core-change-ownership-mode-of-the-execution-directories-a.patch
debian/Use-Debian-specific-config-files.patch
debian/Bring-tmpfiles.d-tmp.conf-in-line-with-Debian-defaul.patch
debian/Make-run-lock-tmpfs-an-API-fs.patch
--
GitLab