diff options
author | V3n3RiX <venerix@redcorelinux.org> | 2018-04-07 13:16:39 +0100 |
---|---|---|
committer | V3n3RiX <venerix@redcorelinux.org> | 2018-04-07 13:16:39 +0100 |
commit | e91a1aaa5ec8fab37f0fd082ac6024d41c6651e2 (patch) | |
tree | ee7587dfd365faadd9b297d595c31368bf94f9ca /sys-apps/systemd | |
parent | 2d446203bcf1a0db08e99abca43513d246dfa73d (diff) |
gentoo resync : 07.04.2018
Diffstat (limited to 'sys-apps/systemd')
-rw-r--r-- | sys-apps/systemd/Manifest | 3 | ||||
-rw-r--r-- | sys-apps/systemd/files/238-nspawn-wait.patch | 83 | ||||
-rw-r--r-- | sys-apps/systemd/systemd-238-r4.ebuild (renamed from sys-apps/systemd/systemd-238-r3.ebuild) | 1 |
3 files changed, 86 insertions, 1 deletions
diff --git a/sys-apps/systemd/Manifest b/sys-apps/systemd/Manifest index d4778aa44920..7cb4aa17824e 100644 --- a/sys-apps/systemd/Manifest +++ b/sys-apps/systemd/Manifest @@ -3,6 +3,7 @@ AUX 238-0002-core-do-not-free-heap-allocated-strings-8391.patch 1664 BLAKE2B 6a3 AUX 238-0003-udev-net-id-Fix-check-for-address-to-keep-interface-8458.patch 1688 BLAKE2B 19faeab810419669a6743ebc6a3051b2f5060f6de793a3f7c9c21fce26d395dcad95f6b8aee58fe133d11e2b02e8847d1df4cde30a5dc237f615a8656f823f30 SHA512 075f7d6f20f33f5e0b07ae993853e969e0d54d0a0683302ab1ab7c4047185397f39aaa894cbe4104e75ae65f8944fb5af47e9f8adb1e66c28b152c6d6e863eff AUX 238-initctl.patch 1497 BLAKE2B 7f916414a8bb92e5d8a2b47fc9adf90da73c9fb27bd32eb2a89c5d0b56215bac1ac8c7e9e011268b2f3126fa272c0a118f5e2916f6eca48f60e359a056cf6d92 SHA512 1963c653321fd69a66f75dc441e36d47d7eb15c193066845e43a6f62d436d9a7fefd98c6418cdb08fca823720fa62887c93e67de427e599ee19b1f72301cfe62 AUX 238-libmount-include.patch 2164 BLAKE2B d9d86e8affb6a6d5cc8cb42b4f1744936b0773318d466a7f76b43a382ffc6aca7d863cbfef7ea8a114615db35d1a6f57b22a2fd451a82b71cfac3383bb019870 SHA512 4f1d82195623a213b6439aec6a2ff17b027f4ed079e6917957635503125a0917d4069c8055b5b9d1be235c47d62235f4c7baa0cfb9184d48f06bac356b69706a +AUX 238-nspawn-wait.patch 3415 BLAKE2B db43b0128709bba3bd50199645e2e819d0b86eb6839f3bff34b21ce989f5e9301d541265fdb0dbaa76cae00df492581a624e9ca694d4d6d1f2d1cabf5a02612c SHA512 8f1c940da604d72948aa14e735f31ce6b349d274f18836233f15bdec7605e7a52a9ac1016cbd98fdd57d547e31ff882f3244029fba58ac4a408aad41f378a0a0 AUX gentoo-Dont-enable-audit-by-default.patch 1027 BLAKE2B 9193a409db4e5c1dec6f6b66ee6e0a4cc1ada49d41ab758c788cf12534fffb67bd7370b8558a6af56572d7f2b73cf47db255fef105e56362c15f0a426f80b256 SHA512 44e512d8bbadbc5714192896a3ba262e460af034846e4e9b9832b4143fff772e2734e655316fd88d1ef386509bd234c195dce2087348f220836b3bf4f26790e0 AUX gentoo-generator-path.patch 1046 BLAKE2B 648d1fff6874135267647ff6ffb52ddd9e991af64fb2b41909246c173e55709c49edd6e47245d566457ba9f55bf6d758ed837ff740f58004f2790b5565f8e462 SHA512 e9999afbf4d2d8a9e828d81dd0b54e2c2ba556e9778a4954dac3da885a15bc6dcc718f7e119c352eb2efd090e410735395ec20ce2eb3c84a481570bc8b5f66b3 AUX gentoo-systemd-user-pam.patch 443 BLAKE2B fad5c24f35666313efbf1e33640320058022fe17acff869a80104ed87ce0ad7ebaa1498915f8e933985e9c2d66d77172eb21ab480fc4fa857e0e5b985735831a SHA512 0a47368b1b38995a4193492e3add5c716c063366a9bc53dec03b7cb59b524da644033e095344da6e15e01dc84d8f5b335e7510442eeaba26e06918403fed0e5c @@ -14,6 +15,6 @@ DIST systemd-238-patches-0.tar.gz 30019 BLAKE2B 0f393865cd6bcd815c1a6e932c0e5a25 DIST systemd-238.tar.gz 6954022 BLAKE2B 9b5cc36a7234c0d037a2656ee1e5ed54186a394b8be41771ebc29c903d3efcecf7f13f004a6d1695c022923bd0d540a243e897852f07e810f73fd3163f688dde SHA512 c0f272b022308d3bd94679184e102a8dc85de55310bda205a458ea33c77c7733e5c8c8e5b15f786ba3e0ce59e7c6a9bf0d5a0950517c6b91e0f345950129b9c8 EBUILD systemd-236-r5.ebuild 13049 BLAKE2B e06a3d3d52778f00c7ad935ea674e76c19185adff4fcabfb08ad4ab77866256358d17a0c359d8d69d083f5c0a0adfb457d9abcd52bef71c9019c5cd005f51edc SHA512 d17627d55e3006fbcd2c6c91a51482c599788a3d96ba10bd5d4fc369fbb6ab7dbb2daf0f432402f422df21fb8bb1fa9416366853dde90710c51f23505be732c6 EBUILD systemd-238-r2.ebuild 13272 BLAKE2B 1f24a5fb90f29640fd52b1c37d67180c733a5fea1a66ae855daaee797b9458bbf42db3fe915b10e0fd90ebfcbfe9cb415fec7d6d4c83cc529e284725b3463cc7 SHA512 537f5053ce876c4b57677768e249be492e1f8b238d96230ddca780ca1ca3785aeda5b61a805703f3efffa7c8e08196fb3022334d2efbb407178440cfae96b451 -EBUILD systemd-238-r3.ebuild 13136 BLAKE2B 6b020f91bd932475f372a372fbc1a20975117dd62ee170252b5056b518a2cfa19a7f8182716c64a63c807de82abaaea2bb8a7aba887fd08f207296eaf497f17c SHA512 866e86d1fb97c0f97a7738374633ba8300e287860554d08702f578a7f516505672f638fdd929757425350a2579670d103ab0ec64f2c3246abde25d1c2e6c468b +EBUILD systemd-238-r4.ebuild 13174 BLAKE2B 712d300426c0463939f6684a0458aad3abbbbc473fbf830c1ecc2b8d75163cb25b1b97a712c39d4b4fa635863f0fb646a4993e164d8cd9f02abe56a55f6bef90 SHA512 a5894928bc22d1a420d56345dac8f8baaff11b3c308245f90585f6596ef6cc93ba64139c8ab94d6613ca7923bedf85a8bf44638302236fe46b45b14bc40645dc EBUILD systemd-9999.ebuild 13186 BLAKE2B 8de75e0c231da02f48ac6a886abc6014ede50b1761ad65e6fcdd3ade2f2cb38bef73bfd4b49f1e35f9b651057b18be886e39ce7d9c09ddbcaea52b7456ff84a4 SHA512 7d2d65b6c37479ebf5997540a35b39125fbb2a050021090c588acd1a38a3b1b09822c59887883b2cdffd518c5a3d4f980193fad23ac5baa6beb736317ea2fbda MISC metadata.xml 2036 BLAKE2B c2f3d74c0cdcf1a5d850c31d43085ab441523e025369c9ad07d9e518d01c7c585c2019c4365892dd6b395c1b4eebc3c7f31c8948c13cab78acf6a2f9528f614c SHA512 72d9f1db3a9cf681a7971d9ded4d73b8b56bf7c467e453f7599293bf3761c66daa7e80716b5c70adcd18a181521f6710267b92df78e8e9a3430a340f8d33fd47 diff --git a/sys-apps/systemd/files/238-nspawn-wait.patch b/sys-apps/systemd/files/238-nspawn-wait.patch new file mode 100644 index 000000000000..a740e8933453 --- /dev/null +++ b/sys-apps/systemd/files/238-nspawn-wait.patch @@ -0,0 +1,83 @@ +From 7511655807e90aa33ea7b71991401a79ec36bb41 Mon Sep 17 00:00:00 2001 +From: Philip Sequeira <phsequei@gmail.com> +Date: Thu, 5 Apr 2018 14:04:27 +0000 +Subject: [PATCH] nspawn: wait for network namespace creation before interface + setup (#8633) + +Otherwise, network interfaces can be "moved" into the container's +namespace while it's still the same as the host namespace, in which case +e.g. host0 for a veth ends up on the host side instead of inside the +container. + +Regression introduced in 0441378080489e4ab6704cd0a2d78cb1ceaca899. + +Fixes #8599. +--- + src/nspawn/nspawn.c | 19 +++++++++++++++---- + 1 file changed, 15 insertions(+), 4 deletions(-) + +diff --git a/src/nspawn/nspawn.c b/src/nspawn/nspawn.c +index 810f1247ea2..a5bc50c1f4c 100644 +--- a/src/nspawn/nspawn.c ++++ b/src/nspawn/nspawn.c +@@ -2329,6 +2329,9 @@ static int inner_child( + r = unshare(CLONE_NEWNET); + if (r < 0) + return log_error_errno(errno, "Failed to unshare network namespace: %m"); ++ ++ /* Tell the parent that it can setup network interfaces. */ ++ (void) barrier_place(barrier); /* #3 */ + } + + r = mount_sysfs(NULL, arg_mount_settings); +@@ -2337,7 +2340,7 @@ static int inner_child( + + /* Wait until we are cgroup-ified, so that we + * can mount the right cgroup path writable */ +- if (!barrier_place_and_sync(barrier)) { /* #3 */ ++ if (!barrier_place_and_sync(barrier)) { /* #4 */ + log_error("Parent died too early"); + return -ESRCH; + } +@@ -2448,7 +2451,7 @@ static int inner_child( + /* Let the parent know that we are ready and + * wait until the parent is ready with the + * setup, too... */ +- if (!barrier_place_and_sync(barrier)) { /* #4 */ ++ if (!barrier_place_and_sync(barrier)) { /* #5 */ + log_error("Parent died too early"); + return -ESRCH; + } +@@ -3533,6 +3536,14 @@ static int run(int master, + + if (arg_private_network) { + ++ if (!arg_network_namespace_path) { ++ /* Wait until the child has unshared its network namespace. */ ++ if (!barrier_place_and_sync(&barrier)) { /* #3 */ ++ log_error("Child died too early"); ++ return -ESRCH; ++ } ++ } ++ + r = move_network_interfaces(*pid, arg_network_interfaces); + if (r < 0) + return r; +@@ -3656,7 +3667,7 @@ static int run(int master, + * its setup (including cgroup-ification), and that + * the child can now hand over control to the code to + * run inside the container. */ +- (void) barrier_place(&barrier); /* #3 */ ++ (void) barrier_place(&barrier); /* #4 */ + + /* Block SIGCHLD here, before notifying child. + * process_pty() will handle it with the other signals. */ +@@ -3684,7 +3695,7 @@ static int run(int master, + return r; + + /* Let the child know that we are ready and wait that the child is completely ready now. */ +- if (!barrier_place_and_sync(&barrier)) { /* #4 */ ++ if (!barrier_place_and_sync(&barrier)) { /* #5 */ + log_error("Child died too early."); + return -ESRCH; + } diff --git a/sys-apps/systemd/systemd-238-r3.ebuild b/sys-apps/systemd/systemd-238-r4.ebuild index b68ed0bf92ab..0aca5fbb3029 100644 --- a/sys-apps/systemd/systemd-238-r3.ebuild +++ b/sys-apps/systemd/systemd-238-r4.ebuild @@ -155,6 +155,7 @@ src_prepare() { PATCHES+=( "${FILESDIR}/238-libmount-include.patch" "${FILESDIR}/238-initctl.patch" + "${FILESDIR}/238-nspawn-wait.patch" ) if ! use vanilla; then |