Import Debian changes 241-7~deb10u3

systemd (241-7~deb10u3) buster; urgency=medium

  * core: set fs.file-max sysctl to LONG_MAX rather than ULONG_MAX.
    Since kernel 5.2 (but also stable kernels like 4.19.53) the kernel
    thankfully returns proper errors when we write a value out of range to
    the sysctl. Which however breaks writing ULONG_MAX to request the
    maximum value. Hence let's write the new maximum value instead,
    LONG_MAX. (Closes: #945018)
  * core: change ownership/mode of the execution directories also for static
    users.
    This ensures that execution directories like CacheDirectory and
    StateDirectory are properly chowned to the user specified in User= before
    launching the service. (Closes: #919231)

debian/changelog

+systemd (241-7~deb10u3) buster; urgency=medium
+
+  * core: set fs.file-max sysctl to LONG_MAX rather than ULONG_MAX.
+    Since kernel 5.2 (but also stable kernels like 4.19.53) the kernel
+    thankfully returns proper errors when we write a value out of range to
+    the sysctl. Which however breaks writing ULONG_MAX to request the
+    maximum value. Hence let's write the new maximum value instead,
+    LONG_MAX. (Closes: #945018)
+  * core: change ownership/mode of the execution directories also for static
+    users.
+    This ensures that execution directories like CacheDirectory and
+    StateDirectory are properly chowned to the user specified in User= before
+    launching the service. (Closes: #919231)
+
+ -- Michael Biebl <biebl@debian.org>  Wed, 29 Jan 2020 19:07:53 +0100
+
 systemd (241-7~deb10u2) buster; urgency=medium
 
   * core: never propagate reload failure to service result.

debian/gbp.conf

 [DEFAULT]
 pristine-tar = True
 patch-numbers = False
-debian-branch = buster
+debian-branch = debian/buster
+upstream-branch = upstream/latest
 
 [dch]
 full = True

debian/patches/core-change-ownership-mode-of-the-execution-directories-a.patch

+From: Lennart Poettering <lennart@poettering.net>
+Date: Thu, 14 Mar 2019 17:19:30 +0100
+Subject: core: change ownership/mode of the execution directories also for
+ static users
+
+It's probably unexpected if we do a recursive chown() when dynamic users
+are used but not on static users.
+
+hence, let's tweak the logic slightly, and recursively chown in both
+cases, except when operating on the configuration directory.
+
+Fixes: #11842
+(cherry picked from commit 206e9864de460dd79d9edd7bedb47dee168765e1)
+---
+ src/core/execute.c | 47 ++++++++++++++++++++++++++---------------------
+ 1 file changed, 26 insertions(+), 21 deletions(-)
+
+diff --git a/src/core/execute.c b/src/core/execute.c
+index 5486e37..5c3930e 100644
+--- a/src/core/execute.c
++++ b/src/core/execute.c
+@@ -2151,37 +2151,42 @@ static int setup_exec_directory(
+                         if (r < 0)
+                                 goto fail;
+ 
+-                        /* Lock down the access mode */
+-                        if (chmod(pp, context->directories[type].mode) < 0) {
+-                                r = -errno;
+-                                goto fail;
+-                        }
+                 } else {
+                         r = mkdir_label(p, context->directories[type].mode);
+                         if (r < 0) {
+-                                struct stat st;
+-
+                                 if (r != -EEXIST)
+                                         goto fail;
+ 
+-                                if (stat(p, &st) < 0) {
+-                                        r = -errno;
+-                                        goto fail;
+-                                }
+-                                if (((st.st_mode ^ context->directories[type].mode) & 07777) != 0)
+-                                        log_warning("%s \'%s\' already exists but the mode is different. "
+-                                                    "(filesystem: %o %sMode: %o)",
+-                                                    exec_directory_type_to_string(type), *rt,
+-                                                    st.st_mode & 07777, exec_directory_type_to_string(type), context->directories[type].mode & 07777);
+-                                if (!context->dynamic_user)
++                                if (type == EXEC_DIRECTORY_CONFIGURATION) {
++                                        struct stat st;
++
++                                        /* Don't change the owner/access mode of the configuration directory,
++                                         * as in the common case it is not written to by a service, and shall
++                                         * not be writable. */
++
++                                        if (stat(p, &st) < 0) {
++                                                r = -errno;
++                                                goto fail;
++                                        }
++
++                                        /* Still complain if the access mode doesn't match */
++                                        if (((st.st_mode ^ context->directories[type].mode) & 07777) != 0)
++                                                log_warning("%s \'%s\' already exists but the mode is different. "
++                                                            "(File system: %o %sMode: %o)",
++                                                            exec_directory_type_to_string(type), *rt,
++                                                            st.st_mode & 07777, exec_directory_type_to_string(type), context->directories[type].mode & 07777);
++
+                                         continue;
++                                }
+                         }
+                 }
+ 
+-                /* Don't change the owner of the configuration directory, as in the common case it is not written to by
+-                 * a service, and shall not be writable. */
+-                if (type == EXEC_DIRECTORY_CONFIGURATION)
+-                        continue;
++                /* Lock down the access mode (we use chmod_and_chown() to make this idempotent. We don't
++                 * specifiy UID/GID here, so that path_chown_recursive() can optimize things depending on the
++                 * current UID/GID ownership.) */
++                r = chmod_and_chown(pp ?: p, context->directories[type].mode, UID_INVALID, GID_INVALID);
++                if (r < 0)
++                        goto fail;
+ 
+                 /* Then, change the ownership of the whole tree, if necessary */
+                 r = path_chown_recursive(pp ?: p, uid, gid);

debian/patches/core-set-fs.file-max-sysctl-to-LONG_MAX-rather-than-ULONG.patch

+From: Lennart Poettering <lennart@poettering.net>
+Date: Mon, 17 Jun 2019 10:51:25 +0200
+Subject: core: set fs.file-max sysctl to LONG_MAX rather than ULONG_MAX
+
+Since kernel 5.2 the kernel thankfully returns proper errors when we
+write a value out of range to the sysctl. Which however breaks writing
+ULONG_MAX to request the maximum value. Hence let's write the new
+maximum value instead, LONG_MAX.
+
+/cc @brauner
+
+Fixes: #12803
+(cherry picked from commit 6e2f78948403a4cce45b9e34311c9577c624f066)
+---
+ src/core/main.c | 6 +++---
+ 1 file changed, 3 insertions(+), 3 deletions(-)
+
+diff --git a/src/core/main.c b/src/core/main.c
+index bc7fcc6..255e204 100644
+--- a/src/core/main.c
++++ b/src/core/main.c
+@@ -1200,9 +1200,9 @@ static void bump_file_max_and_nr_open(void) {
+ #endif
+ 
+ #if BUMP_PROC_SYS_FS_FILE_MAX
+-        /* I so wanted to use STRINGIFY(ULONG_MAX) here, but alas we can't as glibc/gcc define that as
+-         * "(0x7fffffffffffffffL * 2UL + 1UL)". Seriously. 😢 */
+-        if (asprintf(&t, "%lu\n", ULONG_MAX) < 0) {
++        /* The maximum the kernel allows for this since 5.2 is LONG_MAX, use that. (Previously thing where
++         * different but the operation would fail silently.) */
++        if (asprintf(&t, "%li\n", LONG_MAX) < 0) {
+                 log_oom();
+                 return;
+         }

debian/patches/debian/Revert-core-set-RLIMIT_CORE-to-unlimited-by-default.patch

@@ -19,7 +19,7 @@ Bug-Debian: https://bugs.debian.org/815020
  2 files changed, 1 insertion(+), 3 deletions(-)
 
 diff --git a/src/core/main.c b/src/core/main.c
-index bc7fcc6..87bee9f 100644
+index 255e204..7f8dfe4 100644
 --- a/src/core/main.c
 +++ b/src/core/main.c
 @@ -2459,8 +2459,6 @@ int main(int argc, char *argv[]) {

debian/patches/execute-remove-one-redundant-comparison-check.patch

+From: Lennart Poettering <lennart@poettering.net>
+Date: Thu, 14 Mar 2019 17:01:46 +0100
+Subject: execute: remove one redundant comparison check
+
+(cherry picked from commit d484580ca6f0e79abe6f3f5c677323a22d9e22d7)
+---
+ src/core/execute.c | 7 ++++---
+ 1 file changed, 4 insertions(+), 3 deletions(-)
+
+diff --git a/src/core/execute.c b/src/core/execute.c
+index f2a4c54..5486e37 100644
+--- a/src/core/execute.c
++++ b/src/core/execute.c
+@@ -2158,11 +2158,12 @@ static int setup_exec_directory(
+                         }
+                 } else {
+                         r = mkdir_label(p, context->directories[type].mode);
+-                        if (r < 0 && r != -EEXIST)
+-                                goto fail;
+-                        if (r == -EEXIST) {
++                        if (r < 0) {
+                                 struct stat st;
+ 
++                                if (r != -EEXIST)
++                                        goto fail;
++
+                                 if (stat(p, &st) < 0) {
+                                         r = -errno;
+                                         goto fail;

debian/patches/series

@@ -39,6 +39,9 @@ login-add-a-missing-error-check-for-session_set_leader.patch
 namespace-make-MountFlags-shared-work-again.patch
 mount-generators-do-not-make-unit-wanted-by-its-device-un.patch
 mount-remove-unused-mount_is_auto-and-mount_is_automount.patch
+core-set-fs.file-max-sysctl-to-LONG_MAX-rather-than-ULONG.patch
+execute-remove-one-redundant-comparison-check.patch
+core-change-ownership-mode-of-the-execution-directories-a.patch
 debian/Use-Debian-specific-config-files.patch
 debian/Bring-tmpfiles.d-tmp.conf-in-line-with-Debian-defaul.patch
 debian/Make-run-lock-tmpfs-an-API-fs.patch