Gentoo's Portage package manager uses a PID namespace for process
isolation and cleanup. In this namespace, PID 1 has UID=250 (portage).
Bug: https://bugs.gentoo.org/674458
So it's apparently problematic that we use STRV_MAKE() (i.e. a compound
initializer) outside of the {} block we use it in (and that includes
outside of the ({}) block, too). Hence, let's rework the macro to not
need that.
This also makes the macro shorter, which is definitely a good and more
readable. Moreover, it will now complain if the iterator is a "char*"
instead of a "const char*", which is good too.
Fixes: #11394
Resolves RHBZ #1743230 - journalctl dumps core when stack limit is reduced to 256 KB
(cherry picked from commit f5e0b942af1e86993c21f4e5c84342bb10403dac)
(cherry picked from commit 8ca1e561657575a619a071ab0c22f474094ef21d)
(cherry picked from commit b1bbf66174c8e1179bcca8e8ae6f947b01128108)
(cherry picked from commit a4448eb93be23a3c55f648d4185ae845c618ab91)
https://bugzilla.redhat.com/show_bug.cgi?id=1746057
This only affects systemd-resolved. bus_open_system_watch_bind_with_description()
is also used in timesyncd, but it has no methods, only read-only properties, and
in networkd, but it annotates all methods with SD_BUS_VTABLE_UNPRIVILEGED and does
polkit checks.
(cherry picked from commit 35e528018f315798d3bffcb592b32a0d8f5162bd)
(cherry picked from commit f875dced33462641e1fb7875d2f9a8cd8e8c2fcc)
(cherry picked from commit 1e19bcd55e5f218152d094f8223de345e41dc870)
Ld's man page says the following:
-u symbol
--undefined=symbol
Force symbol to be entered in the output file as an undefined symbol. Doing
this may, for example, trigger linking of additional modules from standard
libraries. -u may be repeated with different option arguments to enter
additional undefined symbols. This option is equivalent to the "EXTERN"
linker script command.
If this option is being used to force additional modules to be pulled into
the link, and if it is an error for the symbol to remain undefined, then the
option --require-defined should be used instead.
This would imply that it always requires an argument, which this does not
pass. Thus it will grab the next argument on the command line as its
argument. Before it took one of the many -lrt args (presumably) and now it
grabs something other random linker argument and things break.
[zj: this line was added in the first version of the meson configuration back
in 5c23128daba7236a6080383b2a5649033cfef85c. AFAICT, this was a mistake. No
such flag appeared in Makefile.am at the time.]
https://github.com/mesonbuild/meson/issues/5113
(cherry picked from commit 700805f6c546f2adb79059614f3747f7b5474325)
We use the keyring, so let's make sure it gets properly initialized for
sessions in factory reset mode.
(cherry picked from commit 4c92bf408db4f91928389c49bf06cfe5d7383d9a)
(cherry picked from commit a4fc3c88f122de263bd0a1bd6a86b6e557ee5531)
(cherry picked from commit cf1500b62036fd3f7399e8ce306c641d1623ffbc)
(cherry picked from commit 29d30ae7b6f8d87223d9e9a32fd9d27e218cc7fc)
(cherry picked from commit a453d63315fd1f451bdb2b537eae50c5d6c03c2e)
(cherry picked from commit f11dbd384176cef86f60b6894585a71ff8fc0775)
Apparently PAM reacts differently on different systems (?) and if no
authoritative matching module is found might either succeed/fail,
depending on the system.
Let's lock this down explicitly, by hooking in pam_deny.so.
Of course, these PAM files are just examples, and no distro in its right
mind would ship these unmodified, but let's default to something safe.
Fixes: #12950
(cherry picked from commit ed40cb82f7fe59f6584309553f5619c263f8c64f)
(cherry picked from commit d9a5a70a59cfef563d20e997efb6a029a8f357f0)
(cherry picked from commit 71963cde3ee9355f0f1569208d96d523923da509)
This enables graphical capability for a video adapter of Parallels
virtualization platform (Parallels Desktop for Mac product) which is not
a DRM device at the moment.
This fixes GUI in Fedora 29 guest on Parallels Desktop where gdm now
strictly checks for CanGraphical property of a seat, see [1].
Should be noted that there's no in-kernel driver for Parallels video at
the moment so device matching is done by vid/pid.
[1] https://gitlab.gnome.org/GNOME/gdm/merge_requests/37
(cherry picked from commit 8e3480ebc097a8336633436f412a9c08902962ad)
When the new configuration variables to allow/disallow suspend and
hibernation where introduced, we forgot to initialize them. Without
these values set in logind.conf, the system interpreted this lack
as 0, thus disallowing all actions.
cherry-picked from cb6c225327
Signed-off-by: Sven Eden <sven.eden@prydeworx.com>
dbus-daemon might have a slightly different idea of what a valid msg is
than us (for example regarding valid msg and field sizes). Let's hence
try to proceed if we can and thus drop messages rather than fail the
connection if we fail to validate a message.
Hopefully the differences in what is considered valid are not visible
for real-life usecases, but are specific to exploit attempts only.
(cherry picked from commit 6d586a13717ae057aa1b4127400c3de61cd5b9e7)
Paths are limited to BUS_PATH_SIZE_MAX but the maximum size is anyway too big
to be allocated on the stack, so let's switch to the heap where there is a
clear way to understand if the allocation fails.
(cherry picked from commit f519a19bcd5afe674a9b8fc462cd77d8bad403c1)
(cherry picked from commit a09c170122cf3b37c3e4431bf082f9dbdc07fc70)
Typesafety is nice. And this way we can take benefit of the new size
assert() the previous commit added.
(cherry picked from commit 6e9417f5b4f29938fab1eee2b5edf596cc580452)
I just dropped the conflicting files.
Sven Eden