From: Sjoerd Simons <sjoerd@luon.net>
Date: Mon, 1 Dec 2014 21:43:42 +0000 (+0100)
Subject: Make unix socket binding a tad more robust
X-Git-Tag: debian/247.3-7+deb11u1~1646^2~85
X-Git-Url: https://git.proxmox.com/?a=commitdiff_plain;h=87b516cef5065fd307ecb9d88afd61b23da1696b;p=systemd.git

Make unix socket binding a tad more robust

* d/p/core-Fix-bind-error-message.patch:
  + Added. Fix error message on bind failure to print the full path
* d/p/core-Make-binding-notify-private-dbus-socket-more-ro.patch:
  + Added. Be more robust when binding private unix sockets (Based on current
  upstream logic) (Closes: #761306)
---

diff --git a/debian/changelog b/debian/changelog
index 946a1fee1..f9e3f3e99 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,5 +1,6 @@
 systemd (215-8) UNRELEASED; urgency=medium
 
+  [ Didier Roche ]
   * Cherry-pick shared-add-readlink_value.patch, we will use that function in
     the generator.
   * Cherry-pick util-allow-strappenda-to-take-any-number-of-args.patch, we
@@ -13,7 +14,15 @@ systemd (215-8) UNRELEASED; urgency=medium
       boot.
     - (Closes: #771287)
 
- -- Didier Roche <didrocks@ubuntu.com>  Fri, 28 Nov 2014 08:50:35 +0100
+  [ Sjoerd Simons ]
+  * d/p/core-Fix-bind-error-message.patch:
+    + Added. Fix error message on bind failure to print the full path
+  * d/p/core-Make-binding-notify-private-dbus-socket-more-ro.patch:
+    + Added. Be more robust when binding private unix sockets (Based on current
+    upstream logic) (Closes: #761306)
+
+
+ -- Sjoerd Simons <sjoerd@debian.org>  Mon, 01 Dec 2014 22:44:48 +0100
 
 systemd (215-7) unstable; urgency=medium
 
diff --git a/debian/patches/core-Fix-bind-error-message.patch b/debian/patches/core-Fix-bind-error-message.patch
new file mode 100644
index 000000000..e3e859569
--- /dev/null
+++ b/debian/patches/core-Fix-bind-error-message.patch
@@ -0,0 +1,25 @@
+From: Sjoerd Simons <sjoerd@luon.net>
+Date: Mon, 1 Dec 2014 22:32:39 +0100
+Subject: core: Fix bind error message
+
+The notify socket is no longer an abstract socket, so the full path
+should be printed instead of skipping the first character.
+
+Upstream has the same change as a side-effect in commit 70af4d17da
+---
+ src/core/manager.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/src/core/manager.c b/src/core/manager.c
+index 454ae47..9c96750 100644
+--- a/src/core/manager.c
++++ b/src/core/manager.c
+@@ -554,7 +554,7 @@ static int manager_setup_notify(Manager *m) {
+                 strncpy(sa.un.sun_path, m->notify_socket, sizeof(sa.un.sun_path)-1);
+                 r = bind(fd, &sa.sa, offsetof(struct sockaddr_un, sun_path) + strlen(sa.un.sun_path));
+                 if (r < 0) {
+-                        log_error("bind(@%s) failed: %m", sa.un.sun_path+1);
++                        log_error("bind(%s) failed: %m", sa.un.sun_path);
+                         return -errno;
+                 }
+ 
diff --git a/debian/patches/core-Make-binding-notify-private-dbus-socket-more-ro.patch b/debian/patches/core-Make-binding-notify-private-dbus-socket-more-ro.patch
new file mode 100644
index 000000000..6e5787861
--- /dev/null
+++ b/debian/patches/core-Make-binding-notify-private-dbus-socket-more-ro.patch
@@ -0,0 +1,50 @@
+From: Sjoerd Simons <sjoerd@luon.net>
+Date: Mon, 1 Dec 2014 22:34:34 +0100
+Subject: core: Make binding notify & private dbus socket more robust
+
+Use mkdir + unlink right before calling bind on private unix sockets to
+prevent issues with stray sockets. This patch is based on a serie of
+upstream commits with the net code change in this patch as a result
+  0c3f25e0c1f028d4da9cc5253abf0322230e6835
+  e7bc519620cb7bcdbe2166fc2a446453769d827e
+  498e87d6b7ef025fef2e089931f355b5cd3c7dad
+  f0e62e89970b8c38eb07a9beebd277ce13a5fcc2
+
+Bug-Debian: https://bugs.debian.org/761306
+---
+ src/core/dbus.c    | 5 ++---
+ src/core/manager.c | 3 +++
+ 2 files changed, 5 insertions(+), 3 deletions(-)
+
+diff --git a/src/core/dbus.c b/src/core/dbus.c
+index fb8e496..1c9c0aa 100644
+--- a/src/core/dbus.c
++++ b/src/core/dbus.c
+@@ -974,11 +974,10 @@ static int bus_init_private(Manager *m) {
+                 left = strpcpy(&p, left, "/systemd/private");
+ 
+                 salen = sizeof(sa.un) - left;
+-
+-                mkdir_parents_label(sa.un.sun_path, 0755);
+         }
+ 
+-        unlink(sa.un.sun_path);
++        (void) mkdir_parents_label(sa.un.sun_path, 0755);
++        (void) unlink(sa.un.sun_path);
+ 
+         fd = socket(AF_UNIX, SOCK_STREAM|SOCK_CLOEXEC|SOCK_NONBLOCK, 0);
+         if (fd < 0) {
+diff --git a/src/core/manager.c b/src/core/manager.c
+index 9c96750..c99f6ec 100644
+--- a/src/core/manager.c
++++ b/src/core/manager.c
+@@ -551,6 +551,9 @@ static int manager_setup_notify(Manager *m) {
+                 if (!m->notify_socket)
+                         return log_oom();
+ 
++                (void) mkdir_parents_label(m->notify_socket, 0755);
++                (void) unlink(m->notify_socket);
++
+                 strncpy(sa.un.sun_path, m->notify_socket, sizeof(sa.un.sun_path)-1);
+                 r = bind(fd, &sa.sa, offsetof(struct sockaddr_un, sun_path) + strlen(sa.un.sun_path));
+                 if (r < 0) {
diff --git a/debian/patches/series b/debian/patches/series
index 791724819..e4b1c6cbe 100644
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -169,3 +169,5 @@ udev-re-enable-mount-propagation-for-udevd.patch
 Add-env-variable-for-machine-ID-path.patch
 sysv-generator-Avoid-wrong-dependencies-for-failing-.patch
 Prefer-etc-X11-default-display-manager-if-present.patch
+core-Fix-bind-error-message.patch
+core-Make-binding-notify-private-dbus-socket-more-ro.patch