Packages changed: Mesa (19.2.6 -> 19.3.4) Mesa-drivers (19.2.6 -> 19.3.4) adobe-sourcecodepro-fonts apache2 (2.4.41 -> 2.4.43) appstream-glib blueberry (1.3.6 -> 1.3.8) desktop-translations (84.87.20190508.853b49d2 -> 84.87.20200514.83985bf7) glib2 (2.62.3 -> 2.62.5) glibc glibc gnome-software gsettings-desktop-schemas hplip (3.18.6 -> 3.19.12) jasper kernel-preempt kernel-source libmspack libxslt mariadb-connector-c (3.1.7 -> 3.1.8) mdadm osinfo-db python-psycopg2 (2.7.4 -> 2.8.5) python-rpm-macros (20200117.8e39013 -> 20200207.5feb6c1) shotwell (0.30.9 -> 0.30.10) systemd tigervnc yast2-configuration-management (4.2.4 -> 4.2.5) zlib === Details === ==== Mesa ==== Version update (19.2.6 -> 19.3.4) Subpackages: Mesa-libEGL1 Mesa-libGL1 Mesa-libglapi0 libgbm1 - cleanup in specfile: get rid of is_opensuse macro, which is no longer needed at all (jira#PM-1623) - use 7G disk constraints also for x86_64 and i586 (bsc#1164488) - only use 'BuildRequires:llvm-devel >= 9.0.0' for TW/factory; for older products still use 'BuildRequires: llvm9-devel'; fixed build on openSUSE Leap 15.2 - Update to version 19.3.4 * changes all over the tree, but aco and anv are leading the way in changes - supersedes u_Revert_gallium_Fix_big-endian_addressing_of_non-bitmask_array_formats.patch - u_Revert_gallium_Fix_big-endian_addressing_of_non-bitmask_array_formats.patch * replaces U_gallium-Fix-big-endian-addressing-of-non-bitmask-arr.patch by an official merge request (bsc#1162252, gitlab issue#2472) - U_gallium-Fix-big-endian-addressing-of-non-bitmask-arr.patch * reverse apply since it caused a regression in rendering on s390x (bsc#1162252) - require and check for llvm-devel >= 9 instead of llvm9-devel on openSUSE - enabled build of gallium based llvmpipe driver for s390x (related to jsc#IBM-369, jsc#SLE-7452) - Update to version 19.3.3 * There's plenty of changes here, but intel, docs, radeonsi, and aco are the biggest sets of changes. - supersedes U_0005-radv-Remove-syncobj_handle-variable-in-header.patch - set optflags also for g++ compiler - require llvm9 (jsc#IBM-369, jsc#SLE-7452) - U_0001-gallium-Fix-a-couple-of-multiple-definition-warnings.patch U_0002-r600-Move-get_pic_param-to-radeon_vce.c.patch U_0003-radeon-Move-si_get_pic_param-to-radeon_vce.c.patch U_0004-radeon-Fix-multiple-definition-error-with-radeon_deb.patch U_0005-radv-Remove-syncobj_handle-variable-in-header.patch U_0006-nouveau-nvc0-add-extern-keyword-to-nvc0_miptree_vtbl.patch * fixes build with gcc10 using -fno-common as default now (boo#1160578) - Enable LLVM support on riscv64 - Update to version 19.3.2 * Intel and AMD drivers make up the bulk of the changes, with a bit of nir and glsl, plus a sprinkling of other stuff in there. ==== Mesa-drivers ==== Version update (19.2.6 -> 19.3.4) Subpackages: Mesa-dri Mesa-dri-nouveau Mesa-gallium Mesa-libva libvdpau_nouveau libvdpau_r300 libvdpau_r600 libvdpau_radeonsi libvulkan_intel libvulkan_radeon libxatracker2 - cleanup in specfile: get rid of is_opensuse macro, which is no longer needed at all (jira#PM-1623) - use 7G disk constraints also for x86_64 and i586 (bsc#1164488) - only use 'BuildRequires:llvm-devel >= 9.0.0' for TW/factory; for older products still use 'BuildRequires: llvm9-devel'; fixed build on openSUSE Leap 15.2 - Update to version 19.3.4 * changes all over the tree, but aco and anv are leading the way in changes - supersedes u_Revert_gallium_Fix_big-endian_addressing_of_non-bitmask_array_formats.patch - u_Revert_gallium_Fix_big-endian_addressing_of_non-bitmask_array_formats.patch * replaces U_gallium-Fix-big-endian-addressing-of-non-bitmask-arr.patch by an official merge request (bsc#1162252, gitlab issue#2472) - U_gallium-Fix-big-endian-addressing-of-non-bitmask-arr.patch * reverse apply since it caused a regression in rendering on s390x (bsc#1162252) - require and check for llvm-devel >= 9 instead of llvm9-devel on openSUSE - enabled build of gallium based llvmpipe driver for s390x (related to jsc#IBM-369, jsc#SLE-7452) - Update to version 19.3.3 * There's plenty of changes here, but intel, docs, radeonsi, and aco are the biggest sets of changes. - supersedes U_0005-radv-Remove-syncobj_handle-variable-in-header.patch - set optflags also for g++ compiler - require llvm9 (jsc#IBM-369, jsc#SLE-7452) - U_0001-gallium-Fix-a-couple-of-multiple-definition-warnings.patch U_0002-r600-Move-get_pic_param-to-radeon_vce.c.patch U_0003-radeon-Move-si_get_pic_param-to-radeon_vce.c.patch U_0004-radeon-Fix-multiple-definition-error-with-radeon_deb.patch U_0005-radv-Remove-syncobj_handle-variable-in-header.patch U_0006-nouveau-nvc0-add-extern-keyword-to-nvc0_miptree_vtbl.patch * fixes build with gcc10 using -fno-common as default now (boo#1160578) - Enable LLVM support on riscv64 - Update to version 19.3.2 * Intel and AMD drivers make up the bulk of the changes, with a bit of nir and glsl, plus a sprinkling of other stuff in there. ==== adobe-sourcecodepro-fonts ==== - Remove TTF files because better OTF files have been installed ==== apache2 ==== Version update (2.4.41 -> 2.4.43) Subpackages: apache2-doc apache2-example-pages apache2-prefork apache2-utils - declare ap_sock_disable_nagle to fix loading mod_proxy_http2 (thanks to mliska@suse.com) - modified patches % httpd-visibility.patch (refreshed) - version update to 2.4.43 * ) mod_ssl: Fix memory leak of OCSP stapling response. [Yann Ylavic] * ) mod_proxy_http: Fix the forwarding of requests with content body when a balancer member is unavailable; the retry on the next member was issued with an empty body (regression introduced in 2.4.41). PR63891. [Yann Ylavic] * ) mod_http2: Fixes issue where mod_unique_id would generate non-unique request identifier under load, see . [Michael Kaufmann, Stefan Eissing] * ) mod_proxy_hcheck: Allow healthcheck expressions to use %{Content-Type}. PR64140. [Renier Velazco ] * ) mod_authz_groupfile: Drop AH01666 from loglevel "error" to "info". PR64172. * ) mod_usertrack: Add CookieSameSite, CookieHTTPOnly, and CookieSecure to allow customization of the usertrack cookie. PR64077. [Prashant Keshvani , Eric Covener] * ) mod_proxy_ajp: Add "secret" parameter to proxy workers to implement legacy AJP13 authentication. PR 53098. [Dmitry A. Bakshaev ] * ) mpm_event: avoid possible KeepAliveTimeout off by -100 ms. [Eric Covener, Yann Ylavic] * ) Add a config layout for OpenWRT. [Graham Leggett] * ) Add support for cross compiling to apxs. If apxs is being executed from somewhere other than its target location, add that prefix to includes and library directories. Without this, apxs would fail to find config_vars.mk and exit. [Graham Leggett] * ) mod_ssl: Disable client verification on ACME ALPN challenges. Fixes github issue mod_md#172 (https://github.com/icing/mod_md/issues/172). [Michael Kaufmann , Stefan Eissing] * ) mod_ssl: use OPENSSL_init_ssl() to initialise OpenSSL on versions 1.1+. [Graham Leggett] * ) mod_ssl: Support use of private keys and certificates from an OpenSSL ENGINE via PKCS#11 URIs in SSLCertificateFile/KeyFile. [Anderson Sasaki , Joe Orton] * ) mod_md: - Prefer MDContactEmail directive to ServerAdmin for registration. New directive thanks to Timothe Litt (@tlhackque). - protocol check for pre-configured "tls-alpn-01" challenge has been improved. It will now check all matching virtual hosts for protocol support. Thanks to @mkauf. - Corrected a check when OCSP stapling was configured for hosts where the responsible MDomain is not clear, by Michal Karm Babacek (@Karm). - Softening the restrictions where mod_md configuration directives may appear. This should allow for use in and sections. If all possible variations lead to the configuration you wanted in the first place, is another matter. [Michael Kaufmann , Timothe Litt (@tlhackque), Michal Karm Babacek (@Karm), Stefan Eissing (@icing)] * ) test: Added continuous testing with Travis CI. This tests various scenarios on Ubuntu with the full test suite. Architectures tested: amd64, s390x, ppc64le, arm64 The tests pass successfully. [Luca Toscano, Joe Orton, Mike Rumph, and others] * ) core: Be stricter in parsing of Transfer-Encoding headers. [ZeddYu , Eric Covener] * ) mod_ssl: negotiate the TLS protocol version per name based vhost configuration, when linked with OpenSSL-1.1.1 or later. The base vhost's SSLProtocol (from the first vhost declared on the IP:port) is now only relevant if no SSLProtocol is declared for the vhost or globally, otherwise the vhost or global value apply. [Yann Ylavic] * ) mod_cgi, mod_cgid: Fix a memory leak in some error cases with large script output. PR 64096. [Joe Orton] * ) config: Speed up graceful restarts by using pre-hashed command table. PR 64066. [Giovanni Bechis , Jim Jagielski] * ) mod_systemd: New module providing integration with systemd. [Jan Kaluza] * ) mod_lua: Add r:headers_in_table, r:headers_out_table, r:err_headers_out_table, r:notes_table, r:subprocess_env_table as read-only native table alternatives that can be iterated over. [Eric Covener] * ) mod_http2: Fixed rare cases where a h2 worker could deadlock the main connection. [Yann Ylavic, Stefan Eissing] * ) mod_lua: Accept nil assignments to the exposed tables (r.subprocess_env, r.headers_out, etc) to remove the key from the table. PR63971. [Eric Covener] * ) mod_http2: Fixed interaction with mod_reqtimeout. A loaded mod_http2 was disabling the ssl handshake timeouts. Also, fixed a mistake of the last version that made `H2Direct` always `on`, regardless of configuration. Found and reported by and . [Stefan Eissing] * ) mod_http2: Multiple field length violations in the same request no longer cause several log entries to be written. [@mkauf] * ) mod_ssl: OCSP does not apply to proxy mode. PR 63679. [Lubos Uhliarik , Yann Ylavic] * ) mod_proxy_html, mod_xml2enc: Fix build issues with macOS due to r1864469 [Jim Jagielski] * ) mod_authn_socache: Increase the maximum length of strings that can be cached by the module from 100 to 256. PR 62149 [] * ) mod_proxy: Fix crash by resolving pool concurrency problems. PR 63503 [Ruediger Pluem, Eric Covener] * ) core: On Windows, fix a start-up crash if is used with a path that is not valid (For example, testing for a file on a flash drive that is not mounted) [Christophe Jaillet] * ) mod_deflate, mod_brotli: honor "Accept-Encoding: foo;q=0" as per RFC 7231; which means 'foo' is "not acceptable". PR 58158 [Chistophe Jaillet] * ) mod_md v2.2.3: - Configuring MDCAChallenges replaces any previous existing challenge configuration. It had been additive before which was not the intended behaviour. [@mkauf] - Fixing order of ACME challenges used when nothing else configured. Code now behaves as documented for `MDCAChallenges`. Fixes #156. Thanks again to @mkauf for finding this. - Fixing a potential, low memory null pointer dereference [thanks to @uhliarik]. - Fixing an incompatibility with a change in libcurl v7.66.0 that added unwanted "transfer-encoding" to POST requests. This failed in directy communication with Let's Encrypt boulder server. Thanks to @mkauf for finding and fixing. [Stefan Eissing] * ) mod_md: Adding the several new features. The module offers an implementation of OCSP Stapling that can replace fully or for a limited set of domains the existing one from mod_ssl. OCSP handling is part of mod_md's monitoring and message notifications. If can be used for sites that do not have ACME certificates. The url for a CTLog Monitor can be configured. It is used in the server-status to link to the external status page of a certicate. The MDMessageCmd is called with argument "installed" when a new certificate has been activated on server restart/reload. This allows for processing of the new certificate, for example to applications that require it in different locations or formats. [Stefan Eissing] * ) mod_proxy_balancer: Fix case-sensitive referer check related to CSRF/XSS protection. PR 63688. [Armin Abfalterer ] - deleted patches - apache2-load-private-keys-from-pkcs11.patch (upstreamed) - httpd-2.4.3-mod_systemd.patch (upstreamed) ==== appstream-glib ==== Subpackages: appstream-glib-lang libappstream-glib8 - Add as-glib-PR359.patch: Fix crash with invalid children of
    . ==== blueberry ==== Version update (1.3.6 -> 1.3.8) Subpackages: blueberry-lang - Update to version 1.3.8 * blueberry.ui: Change the valign of the headerbar switch to center otherwise it wants to expand to fill the entire headerbar height. * Remove Cinnamon applet * Make active tray icon more recognizable * Update transaltions - Changes in 1.3.7 * obex: Remove hard requirement on deprecated hcitool ==== desktop-translations ==== Version update (84.87.20190508.853b49d2 -> 84.87.20200514.83985bf7) - Update to version 84.87.20200514.83985bf7: * Translations for openSUSE Leap 15.2 RC poo#61278 * Translated using Weblate (Portuguese (Brazil)) * Translated using Weblate (Indonesian) * Translated using Weblate (Finnish) * Translated using Weblate (Swedish) * Translated using Weblate (Italian) * Translated using Weblate (Indonesian) * Translated using Weblate (German) * Translated using Weblate (Finnish) * Translated using Weblate (English (United Kingdom)) * Translated using Weblate (Catalan) * Translated using Weblate (Arabic) * Translated using Weblate (Indonesian) - Update to version 84.87.20200312.febbb097: * Add two TODO notes to generate_and_merge_pos.sh * Drop en_US (boo#1139962, bsc#1163437). * README.md: Document the process of update * Translated using Weblate (Belarusian) * Translated using Weblate (Catalan) * Translated using Weblate (Chinese (China)) * Translated using Weblate (Czech) * Translated using Weblate (Danish) * Translated using Weblate (Dutch) * Translated using Weblate (Estonian) * Translated using Weblate (Finnish) * Translated using Weblate (German) * Translated using Weblate (Greek) * Translated using Weblate (Indonesian) * Translated using Weblate (Japanese) * Translated using Weblate (Portuguese (Brazil)) * Translated using Weblate (Slovak) * Translated using Weblate (Spanish) * Translated using Weblate (Turkish) * Translated using Weblate (Vietnamese) * Update strings from Leap 15.2. - Update to version 84.87.20190924.7050555c: * Unfuzzy YaST groups translations * fix typo * Translated using Weblate (Japanese) * Translated using Weblate (Japanese) * Translated using Weblate (Japanese) * Translated using Weblate (German) - The following bug was referenced in SLE 15: * boo#1037823 - Update to version 84.87.20190923.8ea56c56: * Regenerate .po files after some more search-replace for YaST * Run update-po-files.sh after Leap 15.2 update * Update for Leap 15.2 (boo#1145197, bsc#1146886) * Translated using Weblate (Slovak) * Translated using Weblate (German) * Translated using Weblate (Slovak) * Translated using Weblate (Slovak) * Translated using Weblate (German) * Translated using Weblate (Slovak) * Translated using Weblate (German) * Translated using Weblate (German) * Translated using Weblate (Catalan) * Translated using Weblate (Catalan) * Translated using Weblate (German) * Translated using Weblate (Polish) * Translated using Weblate (Polish) * Translated using Weblate (Polish) * Translated using Weblate (Italian) * Translated using Weblate (German) * Translated using Weblate (Portuguese (Brazil)) * Translated using Weblate (Portuguese (Brazil)) * Drop "translation" from English to English * Remove Indonesian from en_US files * Translated using Weblate (German) * Translated using Weblate (Portuguese (Brazil)) * Translated using Weblate (German) * Translated using Weblate (German) * Translated using Weblate (German) * Translated using Weblate (German) * Translated using Weblate (Chinese (China)) * Translated using Weblate (German) * Translated using Weblate (German) * Translated using Weblate (German) * Translated using Weblate (German) * Translated using Weblate (German) * Translated using Weblate (German) * Translated using Weblate (Chinese (China)) * Translated using Weblate (Chinese (China)) * Translated using Weblate (Chinese (China)) * Translated using Weblate (Chinese (China)) * Translated using Weblate (German) * Translated using Weblate (Chinese (China)) * Translated using Weblate (Chinese (China)) * Translated using Weblate (Chinese (China)) * Translated using Weblate (German) * Translated using Weblate (German) * Translated using Weblate (German) * Translated using Weblate (German) * Translated using Weblate (German) * Translated using Weblate (German) * Translated using Weblate (German) * Translated using Weblate (German) * Translated using Weblate (Portuguese) * Translated using Weblate (German) * Translated using Weblate (Catalan) * Translated using Weblate (Catalan) * Translated using Weblate (French) * Translated using Weblate (French) * Translated using Weblate (French) * Translated using Weblate (Portuguese) * Translated using Weblate (Slovak) * Translated using Weblate (Dutch) * Translated using Weblate (Dutch) * Translated using Weblate (Dutch) * Translated using Weblate (Czech) * Translated using Weblate (Czech) * Translated using Weblate (Japanese) * Translated using Weblate (Dutch) * Update all po files * Translated using Weblate (German) * Translated using Weblate (Chinese (China)) * Update update-desktop-files-yast.po * Translated using Weblate (Turkish) * Translated using Weblate (Finnish) * Translated using Weblate (Finnish) * Translated using Weblate (Finnish) * Translated using Weblate (Slovak) * Translated using Weblate (Slovak) * Translated using Weblate (Slovak) * Translated using Weblate (Slovak) * Translated using Weblate (Slovak) * Translated using Weblate (Lao) * Translated using Weblate (Slovak) * Translated using Weblate (Slovak) * Translated using Weblate (Slovak) * Translated using Weblate (Catalan) * Translated using Weblate (Catalan) * Translated using Weblate (Catalan) * Translated using Weblate (Slovak) * Translated using Weblate (Slovak) * Translated using Weblate (Slovak) * Translated using Weblate (Slovak) * Translated using Weblate (Slovak) * Translated using Weblate (Slovak) * Translated using Weblate (Slovak) * Translated using Weblate (Occidental) * Added translation using Weblate (Occidental) * Translated using Weblate (Slovak) * Translated using Weblate (Slovak) * Translated using Weblate (Catalan) * Translated using Weblate (Catalan) * Translated using Weblate (Slovak) * Translated using Weblate (Italian) * Translated using Weblate (Catalan) * Translated using Weblate (Slovak) * Translated using Weblate (Dutch) * Translated using Weblate (Dutch) * Translated using Weblate (Catalan) * Translated using Weblate (Occidental) * Translated using Weblate (Finnish) * Translated using Weblate (Finnish) * Translated using Weblate (Finnish) * Translated using Weblate (Arabic) * Translated using Weblate (Occidental) * Translated using Weblate (Spanish) * Translated using Weblate (Slovak) * Translated using Weblate (Portuguese (Brazil)) * Translated using Weblate (Japanese) * Translated using Weblate (Czech) * Translated using Weblate (Czech) * Translated using Weblate (Catalan) * Translated using Weblate (Portuguese (Brazil)) * Translated using Weblate (Chinese (China)) * Translated using Weblate (Arabic) * Translated using Weblate (Slovak) * Translated using Weblate (Slovak) * Translated using Weblate (Japanese) * Added translation using Weblate (Occidental) * Translated using Weblate (Slovak) * Added translation using Weblate (Occidental) * Translated using Weblate (Slovak) ==== glib2 ==== Version update (2.62.3 -> 2.62.5) Subpackages: glib2-lang glib2-tools libgio-2_0-0 libgio-2_0-0-32bit libglib-2_0-0 libglib-2_0-0-32bit libgmodule-2_0-0 libgmodule-2_0-0-32bit libgobject-2_0-0 libgobject-2_0-0-32bit libgthread-2_0-0 - Update to version 2.62.5: + Fix potential relative read when calling g_printerr(), which could lead to a denial of service from a setuid-root process being used to block access to the TTY for another user. + Fix SOCKS proxy resolver sometimes not being used when resolving addresses via Happy Eyeballs (CVE-2020-6750). + Several other Happy Eyeballs fixes for address resolution. + Fix parsing of full Julian day range from `$TZ` environment variable. + Several race condition/crash fixes. + Bugs fixed: glgo#GNOME/GLib#1919, glgo#GNOME/GLib#1995, glgo#GNOME/GLib#1999, glgo#GNOME/GLib!1323, glgo#GNOME/GLib!1331, glgo#GNOME/GLib!1352, glgo#GNOME/GLib!1361, glgo#GNOME/GLib!1365, glgo#GNOME/GLib!1370, glgo#GNOME/GLib!1371. + Updated translations. - No longer recommend -lang: supplements are in use - Update to version 2.62.4: + Apply recursion depth limits to variants in D-Bus messages. + Bugs fixed: glgo#GNOME/GLib#1938, glgo#GNOME/GLib!1240, glgo#GNOME/GLib!1257, glgo#GNOME/GLib!1266, glgo#GNOME/GLib!1276, glgo#GNOME/GLib!1290. ==== glibc ==== Subpackages: glibc-32bit glibc-locale-base-32bit - nptl-setxid-race.patch: nptl: wait for pending setxid request also in detached thread (bsc#1162930, BZ #25942) ==== glibc ==== Subpackages: glibc-extra glibc-locale glibc-locale-base nscd - nptl-setxid-race.patch: nptl: wait for pending setxid request also in detached thread (bsc#1162930, BZ #25942) ==== gnome-software ==== Subpackages: gnome-software-lang - Re-autostart GNOME Software and re-enable its search extension (bsc#1168861, bsc#1157928). ==== gsettings-desktop-schemas ==== Subpackages: gsettings-desktop-schemas-lang - Add 00_org.gnome.desktop.peripherals.gschema.override: in SLE-15-SP2 and Leap 15.2, revert touchpad click method default value via gsettings vendor overrides, in order to be consistent with earlier service pack (bsc#1171593). ==== hplip ==== Version update (3.18.6 -> 3.19.12) Subpackages: hplip-hpijs hplip-sane - Use /etc/sane.d/dll.d/hpaio to register SANE backend rather than modifying /etc/sane/dll.conf - SANE backend must be configured in hplip-sane package (bsc#1160708) - Revert changes from 3.18.5 that break hp-setup for fax devices (bsc#1107711, lp#1773320) * Added patch: Revert-changes-from-3.18.5-that-break-hp-setup-for-f.patch - Fix crash if python3-reportlab is missing (bsc#1159240, lp#1859179) * Added hp-sendfax-avoid-crash-if-python-reportlab-is-missin.patch * Added recommends on python3-reportlab - updated to 3.19.12 Rendering print jobs with cupsfilter command Added support for the following new Printers: * HP Color LaserJet Pro M256dn * HP Color LaserJet Pro M255dn * HP Color LaserJet Pro M256nw * HP Color LaserJet Pro M255nw * HP Color LaserJet Pro M256dw * HP Color LaserJet Pro M255dw * HP Color LaserJet Pro M155a * HP Color LaserJet Pro M156a * HP Color LaserJet Pro M155nw * HP Color LaserJet Pro M156nw * HP Color LaserJet Pro MFP M282nw * HP Color LaserJet Pro MFP M284nw * HP Color LaserJet Pro MFP M283fdn * HP Color LaserJet Pro MFP M285fdn * HP Color LaserJet Pro MFP M283fdw * HP Color LaserJet Pro MFP M285fdw * HP Color LaserJet Pro MFP M283cdw * HP Color LaserJet Pro MFP M285cdw * HP Color LaserJet Pro MFP M182n * HP Color LaserJet Pro MFP M184n * HP Color LaserJet Pro MFP M182nw * HP Color LaserJet Pro MFP M184nw * HP Color LaserJet Pro MFP M183fw * HP Color LaserJet Pro MFP M185fw - updated to 3.19.11 Added Supported for ?hp-uiscan? to scan only backside of a page Added support for the following new Printers: * HP Color LaserJet MFP M776dn * HP Color LaserJet Flow MFP M776z * HP Color LaserJet Flow MFP M776zs * HP Color LaserJet M856dn * HP Color LaserJet M856x * HP Color LaserJet E85055dn Added Job Accounting Support for the following devices: * HP LaserJet Managed Flow MFP E77822-28-30 Printer * HP LaserJet Managed MFP E77822-28-30 Printer * HP LaserJet Managed Flow MFP E87640-50-60 Printer * HP LaserJet Managed MFP E87640-50-60 Printer * HP LaserJet Managed Flow MFP E82540-50-60 Printer * HP LaserJet Managed MFP E82540-50-60 Printer * HP LaserJet Managed Flow MFP E72525-30-35 Printer * HP LaserJet Managed MFP E72525-30-35 Printer - updated to 3.19.8 hp-uiscan will fetch the paper sizes from the device dynamically for ScanJet devices. hp-uiscan will prompt error message when paper jam occurs for ScanJet devices. Added support for the following new Printers: * HP DesignJet T1530 Postscript * HP DesignJet T1600 Postscript Printer * HP DesignJet T1600dr Postscript Printer * HP DesignJet T2530 Postscript * HP DesignJet T2600 Postscript MFP * HP DesignJet T930 Postscript * HP LaserJet Pro M304a * HP LaserJet Pro M305d * HP LaserJet Pro M305dn * HP LaserJet Pro M305dw * HP LaserJet Pro MFP M329dn * HP LaserJet Pro MFP M329dw - Pass Python includedir in CFLAGS to fix broken lookup of Python.h in configure, fails with Python 3.8 (boo#1159242). - Added missing requirement lsb-release (needed for root password prompt, e.g. hp-plugin). - Changed the pgp server to pool.sks-keyservers.net to avoid timeouts from pgp.mit.edu * New patch: hplip-change-pgp-server.patch - Renamed "hplip-scan" to "hplip-scan-utils" to express the purpose of the package more clearly in the name. "hplip-scan" has never been in public repos. - Added conditional BuildRequires on "cups-rpm-helper". Recently a bug in python-pycups was fixed that had prevented autogeneration of Provides: tags in printer drivers by means of "BuildRequires: python3-cups". See OBS sr#726727. This dependency must be conditional for now, as cups-rpm-helper is not available in every project yet. - Ran spec-cleaner. - Removed compatibility code for SLE12/Leap42 and earlier As we are now using rpm 4.13 (A and B) syntax, we can't support these any more anyway. - Moved hp-scan and hp-uiscan to a separate package "hp-scan". These tools pull in PIL and python3-scikit-image, which causes a rather big dependency list, which is only available in openSUSE. This allows us also to get rid of the non-functional "hp-scan" tool in SLE. - Fixed --with-htmldir so that documentation is packaged - Improved package descriptions and summaries * Clarified the relationship of hplip-hpijs, hplip-sane, and hplip * Shortened the descriptions * Removed reference to HTML documention in package description - Added -devel dependencies as required by post-build-checks - Minor spec file cleanup (macro usage) - Fixed build failures on non-standard architectures by adding BuildIgnore These failures are actually caused by some ports catching up slowly with package updates. But our BuildIgnores are helpful nonetheless, making the build environment leaner. - updated to 3.19.6 Added support for the following new Printers: * HP Color LaserJet Enterprise M751dn * HP Color LaserJet Enterprise M751n * HP Color LaserJet Managed E75245dn * HP Color LaserJet Pro M453cdn * HP Color LaserJet Pro M453cdw * HP Color LaserJet Pro M454cdn * HP Color LaserJet Pro M454cdw * HP Color LaserJet Pro M454dn * HP Color LaserJet Pro M454dw * HP Color LaserJet Pro M454nw * HP Color LaserJet Pro MFP M478fcdn * HP Color LaserJet Pro MFP M478fcdw * HP Color LaserJet Pro MFP M479dw * HP Color LaserJet Pro MFP M479fcdn * HP Color LaserJet Pro MFP M479fcdw * HP Color LaserJet Pro MFP M479fdn * HP Color LaserJet Pro MFP M479fdw * HP Color LaserJet Pro MFP M479fnw * HP DesignJet T2600dr Postscript MFP * HP DesignJet XL 3600 PS MFP * HP Laser NS 1020 * HP Laser NS 1020w * HP Laser NS MFP 1005 * HP Laser NS MFP 1005w * HP LaserJet Enterprise Flow MFP M528c * HP LaserJet Enterprise Flow MFP M528z * HP LaserJet Enterprise M507dn * HP LaserJet Enterprise M507dng * HP LaserJet Enterprise M507n * HP LaserJet Enterprise M507x * HP LaserJet Enterprise MFP M528dn * HP LaserJet Enterprise MFP M528f * HP LaserJet Managed E50145dn * HP LaserJet Managed E50145x * HP LaserJet Managed Flow MFP E52645c * HP LaserJet Managed MFP E52645dn * HP LaserJet Pro M404c1 * HP LaserJet Pro M404c2 * HP LaserJet Pro M404c3 * HP LaserJet Pro M404c4 * HP LaserJet Pro M404d * HP LaserJet Pro M404dn * HP LaserJet Pro M404dw * HP LaserJet Pro M404m * HP LaserJet Pro M404n * HP LaserJet Pro M405d * HP LaserJet Pro M405dn * HP LaserJet Pro M405dw * HP LaserJet Pro M405n * HP LaserJet Pro MFP M428c1 * HP LaserJet Pro MFP M428c2 * HP LaserJet Pro MFP M428c3 * HP LaserJet Pro MFP M428c4 * HP LaserJet Pro MFP M428dw * HP LaserJet Pro MFP M428fdn * HP LaserJet Pro MFP M428fdw * HP LaserJet Pro MFP M428m * HP LaserJet Pro MFP M429dw * HP LaserJet Pro MFP M429fdn * HP LaserJet Pro MFP M429fdw * HP Neverstop Laser 1000a * HP Neverstop Laser 1000w * HP Neverstop Laser MFP 1200a * HP Neverstop Laser MFP 1200w * HP OfficeJet 8010 All * in * One Printer series * HP OfficeJet 8020 All * in * One Printer Series * HP OfficeJet Pro 8020 All * in * One Printer series * HP OfficeJet Pro 8030 All * in * One Printer series * HP PageWide XL 3900PS MFP * HP Smart Tank 500 series * HP Smart Tank 510 * HP Smart Tank 530 series * HP Smart Tank 610 * HP Smart Tank Plus 550 * HP Smart Tank Plus 570 series * HP Smart Tank Plus 650 - Disable -Werror=return-type for now. - Use %make_build for parallel build. - Added hp-uiscan application - Updated URLs and source URLs - Updated/rebased hplip-misc-missing-includes-and-definitions.patch - Added hplip-remove-imageprocessor.diff which fully removes references to the closed source ImageProcessor. Thanks to Didier Raboud from Debian. - Addded hplip-orblite-return-null.diff to let a function return NULL insetad of nothing. - update to 3.19.3 Added support for the following new Printers: * HP Color LaserJet Managed E65150dn * HP Color LaserJet Managed E65160dn * HP Color LaserJet Managed Flow MFP E67660z * HP Color LaserJet Managed MFP E67650dh * HP Color LaserJet Managed MFP E77422a * HP Color LaserJet Managed MFP E77422dn * HP Color LaserJet Managed MFP E77422dv * HP Color LaserJet Managed MFP E77428dn * HP Color LaserJet Managed MFP E87640 du * HP Color LaserJet Managed MFP E87650du * HP Color LaserJet Managed MFP E87660du * HP DesignJet T1708 PostScript * HP DesignJet T1708dr PostScript * HP DesignJet Z6 24in * HP DesignJet Z6 44in * HP DesignJet Z6dr 44in * HP DesignJet Z9 24in * HP DesignJet Z9 44in * HP DesignJet Z9dr 44in * HP Ink Tank 115 * HP Ink Tank 310 * HP Ink Tank Wireless 410 * HP LaserJet Managed E60155dn * HP LaserJet Managed E60165dn * HP LaserJet Managed E60175dn * HP LaserJet Managed Flow MFP E62665h * HP LaserJet Managed Flow MFP E62665z * HP LaserJet Managed Flow MFP E62675z * HP LaserJet Managed MFP E62655dn * HP LaserJet Managed MFP E62665hs * HP LaserJet Managed MFP E82540du * HP LaserJet Managed MFP E82550du * HP LaserJet Managed MFP E82560du * HP LaserJet MFP E72425a * HP LaserJet MFP E72425dn * HP LaserJet MFP E72425dv * HP LaserJet MFP E72430dn * HP LaserJet Pro M118dw * HP LaserJet Pro M118dw * HP LaserJet Pro M119dw * HP LaserJet Pro M119dw * HP LaserJet Pro MFP M148dw * HP LaserJet Pro MFP M148dw * HP LaserJet Pro MFP M148fdw * HP LaserJet Pro MFP M148fdw * HP LaserJet Pro MFP M149dw * HP LaserJet Pro MFP M149dw * HP LaserJet Pro MFP M149fdw * HP LaserJet Pro MFP M149fdw * HP OfficeJet All-in-One 9010 * HP OfficeJet Pro All-in-One 9010 * HP OfficeJet Pro All-in-One 9020 * HP PageWide 755dn * HP PageWide 755dn * HP PageWide MFP 774dn * HP PageWide MFP 774dn * HP PageWide MFP 774dns * HP PageWide MFP 774dns * HP PageWide MFP 779dn * HP PageWide MFP 779dn * HP PageWide MFP 779dns * HP PageWide MFP 779dns * HP PageWide XL 4100 MFP * HP PageWide XL 4100 Printer * HP PageWide XL 4600 Printer * HP PageWide XL 4600PS MFP * HP Scanjet Enterprise 7500 Flatbed Scanner * HP Scanjet Enterprise 7500 Flatbed Scanner * HP Smart Tank 350 * HP Smart Tank Wireless 450 * HP Tango * HP Tango X Added support for the following new ScanJet Device: * HP Scanjet Pro 2000 S1 * HP Scanjet Pro 2500 f1 Support for Phase 1 Scan features for * Digital Sender Flow 8500 fn2 * ScanJet 5000 * ScanJet 7500 * Scanjet Ent flow 7000s3 * Scanjet Ent. Flow N9120 fn2 * Scanjet Pro 3000s3 * Scanjet Pro 3500f1 * Scanjet Pro 4500fn1 User can use ScanJet feature by using hp-uiscan tool. Following features are introduced for ScanJet: * Straighten page content * Auto Orient * Crop to content on page * Misfeed(multipick) detection * Delete blank page * Separate the document based on blank page or barcode * Page merge * Mixed document feed * Document merge * Crushed page scan * Image enhancement * PunchHole Removal * ColorDropOut/ColorRemoval * Background Noise Removal * Background Color Removal * BMP File format Support * Searchable PDF * Smaller file size for PDF and JPEG Basic Booklet Printing Support for the following devices: * HP LaserJet Managed MFP E82540-50-60 dn-du-z * HP Color LaserJet Managed MFP E87640-50-60 dn-du-z * HP Color LaserJet Managed MFP E77422a-dv-dn * HP Color LaserJet Managed MFP E77428dn * HP LaserJet MFP E72425a-dv-dn * HP LaserJet MFP E72430dn Limitations: * HPLIP does not support HP ScanJet Pro 2500 f1 device on OpenSuse Linux distribution. * Multipick feature not supported in below devices: HP Scanjet Pro 2000 S1 HP Scanjet Pro 2500 f1 Fixes: * hp-check crashes with FileNotFoundError using python3.7 ==== jasper ==== - bsc#1092115 CVE-2018-9154: Fix possible denial of service Add jasper-CVE-2018-9154.patch: dont abort in jpc_dec_process_sot() ==== kernel-preempt ==== - series.conf: cleanup - update upstream reference and resort: patches.suse/s390-kexec_file-fix-initrd-location-for-kdump-kernel.patch - update upstream reference and move into sorted section: patches.suse/x86-microcode-amd-increase-microcode-patch_max_size.patch - move into sorted section: patches.suse/signal-avoid-double-atomic-counter-increments-for-user-accounting.patch No effect on expanded tree. - commit 571cf9a - series.conf: cleanup - update upstream references and move into sorted section: patches.suse/cifs-add-SMB2_open-arg-to-return-POSIX-data.patch patches.suse/cifs-add-smb2-POSIX-info-level.patch patches.suse/cifs-call-wake_up-server-response_q-inside-of-cifs_r.patch patches.suse/cifs-do-d_move-in-rename.patch patches.suse/cifs-do-not-ignore-the-SYNC-flags-in-getattr.patch patches.suse/cifs-handle-prefix-paths-in-reconnect.patch patches.suse/cifs-make-use-of-cap_unix-ses-in-cifs_reconnect_tcon.patch patches.suse/cifs-plumb-smb2-POSIX-dir-enumeration.patch patches.suse/cifs-potential-unintitliazed-error-code-in-cifs_geta.patch patches.suse/cifs-rename-posix-create-rsp.patch patches.suse/cifs-use-mod_delayed_work-for-server-reconnect-if-al.patch patches.suse/smb3-fix-performance-regression-with-setting-mtime.patch - update to mainline version, rename and move into sorted section: patches.suse/cifs-print-warning-once-if-mounting-with-vers-1.0.patch -> patches.suse/cifs-print-warning-mounting-with-vers-1-0.patch No relevant effect on expanded tree: diff -urN old/fs/cifs/connect.c new/fs/cifs/connect.c - -- old/fs/cifs/connect.c 2020-05-27 11:46:54.090968292 +0200 +++ new/fs/cifs/connect.c 2020-05-27 11:46:54.990971522 +0200 @@ -1466,8 +1466,8 @@ cifs_dbg(VFS, "vers=1.0 (cifs) not permitted when mounting with smb3\n"); return 1; } - printk_once(KERN_WARNING "Use of the less secure dialect " - "vers=1.0 is not recommended unless required for " + cifs_dbg(VFS, "Use of the less secure dialect vers=1.0 " + "is not recommended unless required for " "access to very old servers\n"); vol->ops = &smb1_operations; vol->vals = &smb1_values; diff -urN old/fs/cifs/smb2ops.c new/fs/cifs/smb2ops.c - -- old/fs/cifs/smb2ops.c 2020-05-27 11:46:54.074968234 +0200 +++ new/fs/cifs/smb2ops.c 2020-05-27 11:46:54.974971463 +0200 @@ -3020,7 +3020,7 @@ oparms.fid = &fid; oparms.reconnect = false; - rc = SMB2_open(xid, &oparms, utf16_path, &oplock, NULL,NULL, NULL, + rc = SMB2_open(xid, &oparms, utf16_path, &oplock, NULL, NULL, NULL, NULL); kfree(utf16_path); if (!rc) { - - - commit f7dacbf - Refresh patches.suse/block-floppy-fix-contended-case-in-floppy_queue_rq.patch: update upstream references (submitted -> applied). - commit fce9354 - block/floppy: fix contended case in floppy_queue_rq() (bsc#1171426). - commit 18ed9ad ==== kernel-source ==== - series.conf: cleanup - update upstream reference and resort: patches.suse/s390-kexec_file-fix-initrd-location-for-kdump-kernel.patch - update upstream reference and move into sorted section: patches.suse/x86-microcode-amd-increase-microcode-patch_max_size.patch - move into sorted section: patches.suse/signal-avoid-double-atomic-counter-increments-for-user-accounting.patch No effect on expanded tree. - commit 571cf9a - series.conf: cleanup - update upstream references and move into sorted section: patches.suse/cifs-add-SMB2_open-arg-to-return-POSIX-data.patch patches.suse/cifs-add-smb2-POSIX-info-level.patch patches.suse/cifs-call-wake_up-server-response_q-inside-of-cifs_r.patch patches.suse/cifs-do-d_move-in-rename.patch patches.suse/cifs-do-not-ignore-the-SYNC-flags-in-getattr.patch patches.suse/cifs-handle-prefix-paths-in-reconnect.patch patches.suse/cifs-make-use-of-cap_unix-ses-in-cifs_reconnect_tcon.patch patches.suse/cifs-plumb-smb2-POSIX-dir-enumeration.patch patches.suse/cifs-potential-unintitliazed-error-code-in-cifs_geta.patch patches.suse/cifs-rename-posix-create-rsp.patch patches.suse/cifs-use-mod_delayed_work-for-server-reconnect-if-al.patch patches.suse/smb3-fix-performance-regression-with-setting-mtime.patch - update to mainline version, rename and move into sorted section: patches.suse/cifs-print-warning-once-if-mounting-with-vers-1.0.patch -> patches.suse/cifs-print-warning-mounting-with-vers-1-0.patch No relevant effect on expanded tree: diff -urN old/fs/cifs/connect.c new/fs/cifs/connect.c - -- old/fs/cifs/connect.c 2020-05-27 11:46:54.090968292 +0200 +++ new/fs/cifs/connect.c 2020-05-27 11:46:54.990971522 +0200 @@ -1466,8 +1466,8 @@ cifs_dbg(VFS, "vers=1.0 (cifs) not permitted when mounting with smb3\n"); return 1; } - printk_once(KERN_WARNING "Use of the less secure dialect " - "vers=1.0 is not recommended unless required for " + cifs_dbg(VFS, "Use of the less secure dialect vers=1.0 " + "is not recommended unless required for " "access to very old servers\n"); vol->ops = &smb1_operations; vol->vals = &smb1_values; diff -urN old/fs/cifs/smb2ops.c new/fs/cifs/smb2ops.c - -- old/fs/cifs/smb2ops.c 2020-05-27 11:46:54.074968234 +0200 +++ new/fs/cifs/smb2ops.c 2020-05-27 11:46:54.974971463 +0200 @@ -3020,7 +3020,7 @@ oparms.fid = &fid; oparms.reconnect = false; - rc = SMB2_open(xid, &oparms, utf16_path, &oplock, NULL,NULL, NULL, + rc = SMB2_open(xid, &oparms, utf16_path, &oplock, NULL, NULL, NULL, NULL); kfree(utf16_path); if (!rc) { - - - commit f7dacbf - Refresh patches.suse/block-floppy-fix-contended-case-in-floppy_queue_rq.patch: update upstream references (submitted -> applied). - commit fce9354 - block/floppy: fix contended case in floppy_queue_rq() (bsc#1171426). - commit 18ed9ad ==== libmspack ==== - add libmspack-0.6alpha-CVE-2019-1010305.patch to fix a buffer overflow in chmd_read_headers(): a CHM file name beginning "::" but shorter than 33 bytes will lead to reading past the freshly-allocated name buffer - checks for specific control filenames didn't take length into account [bsc#1141680] [CVE-2019-1010305] - Enable build-time tests (bsc#1130489) * Added patch libmspack-failing-tests.patch ==== libxslt ==== Subpackages: libxslt-tools libxslt1 - Security fix [bsc#1154609, CVE-2019-18197] * Fix dangling pointer in xsltCopyText * Add libxslt-CVE-2019-18197.patch - Security fix: [bsc#1140101, CVE-2019-13118] * Fix uninitialized read with UTF-8 grouping chars. Read of uninitialized stack data due to too narrow xsl:number instruction and an invalid character * Added libxslt-CVE-2019-13118.patch - Security fix: [bsc#1140095, CVE-2019-13117] * Fix uninitialized read of xsl:number token. An xsl number with certain format strings could lead to a uninitialized read in xsltNumberFormatInsertNumbers * Added libxslt-CVE-2019-13117.patch ==== mariadb-connector-c ==== Version update (3.1.7 -> 3.1.8) - Update to release 3.1.8 [bsc#1171550] * CONC-304: Rename the static library to libmariadb.a and other libmariadb files in a consistent manner * CONC-441: Default user name for C/C is wrong if login user is different from effective user * CONC-449: Check $MARIADB_HOME/my.cnf in addition to $MYSQL_HOME/my.cnf * CONC-457: mysql_list_processes crashes in unpack_fields * CONC-458: mysql_get_timeout_value crashes when used improperly * CONC-464: Fix static build for auth_gssapi_client plugin * Fixes for the following security vulnerabilities: CVE-2020-13249 - refresh absolute_path_fix.patch and private_library.patch ==== mdadm ==== - Update for latest mdadm-4.1+ patches, this is required by jsc#SLE-10078 and jsc#SLE-9348. Mostly the purpose is for latest Intel IMSM raid support. The following patches also include previous patches with new re-ordered prefix numbers. - Makefile: install mdadm_env.sh to /usr/lib/mdadm (bsc#1111960) 0000-Makefile-install-mdadm_env.sh-to-usr-lib-mdadm.patch - Assemble: keep MD_DISK_FAILFAST and MD_DISK_WRITEMOSTLY flag (jsc#SLE-10078, jsc#SLE-9348) 0001-Assemble-keep-MD_DISK_FAILFAST-and-MD_DISK_WRITEMOST.patch - Document PART-POLICY lines (jsc#SLE-10078, jsc#SLE-9348) 0002-Document-PART-POLICY-lines.patc - policy: support devices with multiple paths. (jsc#SLE-10078, jsc#SLE-9348) 0003-policy-support-devices-with-multiple-paths.patch - mdcheck: add systemd unit files to run mdcheck. (bsc#1115407) 0004-mdcheck-add-systemd-unit-files-to-run-mdcheck.patch - Monitor: add system timer to run --oneshot periodically (bsc#1115407) 0005-Monitor-add-system-timer-to-run-oneshot-periodically.patch - imsm: update metadata correctly while raid10 double (jsc#SLE-10078, jsc#SLE-9348) 0006-imsm-update-metadata-correctly-while-raid10-double-d.patch - Assemble: mask FAILFAST and WRITEMOSTLY flags when finding (jsc#SLE-10078, jsc#SLE-9348) 0007-Assemble-mask-FAILFAST-and-WRITEMOSTLY-flags-when-fi.patch - Grow: avoid overflow in compute_backup_blocks() (jsc#SLE-10078, jsc#SLE-9348) 0008-Grow-avoid-overflow-in-compute_backup_blocks.patch - Grow: report correct new chunk size. (jsc#SLE-10078, jsc#SLE-9348) 0009-Grow-report-correct-new-chunk-size.patch - policy.c: prevent NULL pointer referencing (bsc#1106078) 0010-policy.c-prevent-NULL-pointer-referencing.patch - policy.c: Fix for compiler error (jsc#SLE-10078, jsc#SLE-9348) 0012-policy.c-Fix-for-compiler-error.patch - imsm: finish recovery when drive with rebuild fails (bsc#1126975) 0013-imsm-finish-recovery-when-drive-with-rebuild-fails.patch - imsm: fix reshape for >2TB drives (jsc#SLE-10078, jsc#SLE-9348) 0014-imsm-fix-reshape-for-2TB-drives.patch - Fix spelling typos. (jsc#SLE-10078, jsc#SLE-9348) 0015-Fix-spelling-typos.patch - Detail.c: do not skip first character when calling xstrdup in Detail() (bsc#1123814) 0016-Detail.c-do-not-skip-first-character-when-calling-xs.patch - Fix reshape for decreasing data offset (jsc#SLE-10078, jsc#SLE-9348) 0018-Fix-reshape-for-decreasing-data-offset.patch - mdadm/tests: add one test case for failfast of raid1 (jsc#SLE-10078, jsc#SLE-9348) 0019-mdadm-tests-add-one-test-case-for-failfast-of-raid1.patch - mdmon: don't attempt to manage new arrays when terminating (bsc#1127526) 0020-mdmon-don-t-attempt-to-manage-new-arrays-when-termin.patch - mdmon: wait for previous mdmon to exit during takeover (jsc#SLE-10078, jsc#SLE-9348) 0021-mdmon-wait-for-previous-mdmon-to-exit-during-takeove.patch - Assemble: Fix starting array with initial reshape checkpoint (jsc#SLE-10078, jsc#SLE-9348) 0022-Assemble-Fix-starting-array-with-initial-reshape-che.patch - add missing units to --examine (jsc#SLE-10078, jsc#SLE-9348) 0023-add-missing-units-to-examine.patch - imsm: fix spare activation for old matrix arrays (jsc#SLE-10078, jsc#SLE-9348) 0024-imsm-fix-spare-activation-for-old-matrix-arrays.patch - Create: Block rounding size to max (jsc#SLE-10078, jsc#SLE-9348) 0025-Create-Block-rounding-size-to-max.patch - udev: Add udev rules to create by-partuuid for md device (jsc#SLE-10078, jsc#SLE-9348) 0026-udev-Add-udev-rules-to-create-by-partuuid-for-md-dev.patch - mdmon: fix wrong array state when disk fails during mdmon (jsc#SLE-10078, jsc#SLE-9348) 0027-mdmon-fix-wrong-array-state-when-disk-fails-during-m.patch - Enable probe_roms to scan more than 6 roms. (bsc#1156040) 0028-Enable-probe_roms-to-scan-more-than-6-roms.patch - super-intel: Fix issue with abs() being irrelevant (jsc#SLE-10078, jsc#SLE-9348) 0029-super-intel-Fix-issue-with-abs-being-irrelevant.patch - mdadm.h: Introduced unaligned {get,put}_unaligned{16,32}() (jsc#SLE-10078, jsc#SLE-9348) 0030-mdadm.h-Introduced-unaligned-get-put-_unaligned-16-3.patch - super-intel: Use put_unaligned in split_ull (jsc#SLE-10078, jsc#SLE-9348) 0031-super-intel-Use-put_unaligned-in-split_ull.patch - mdadm: load default sysfs attributes after assemblation (jsc#SLE-10078, jsc#SLE-9348) 0032-mdadm-load-default-sysfs-attributes-after-assemblati.patch - mdadm.h: include sysmacros.h unconditionally (jsc#SLE-10078, jsc#SLE-9348) 0033-mdadm.h-include-sysmacros.h-unconditionally.patch - mdadm: add --no-devices to avoid component devices detail (bsc#1139709) 0034-mdadm-add-no-devices-to-avoid-component-devices-deta.patch - udev: add --no-devices option for calling 'mdadm (bsc#1139709) 0035-udev-add-no-devices-option-for-calling-mdadm-detail.patch - imsm: close removed drive fd. (jsc#SLE-10078, jsc#SLE-9348) 0036-imsm-close-removed-drive-fd.patch - mdadm: check value returned by snprintf against errors (jsc#SLE-10078, jsc#SLE-9348) 0037-mdadm-check-value-returned-by-snprintf-against-error.patch - mdadm: Introduce new array state 'broken' for raid0/linear (jsc#SLE-10078, jsc#SLE-9348) 0038-mdadm-Introduce-new-array-state-broken-for-raid0-lin.patch - mdadm: force a uuid swap on big endian (jsc#SLE-10078, jsc#SLE-9348) 0039-mdadm-force-a-uuid-swap-on-big-endian.patch - mdadm/md.4: add the descriptions for bitmap sysfs nodes (jsc#SLE-10078, jsc#SLE-9348) 0040-mdadm-md.4-add-the-descriptions-for-bitmap-sysfs-nod.patch - Init devlist as an array (jsc#SLE-10078, jsc#SLE-9348) 0041-Init-devlist-as-an-array.patch - Don't need to check recovery after re-add when no I/O writes (jsc#SLE-10078, jsc#SLE-9348) 0042-Don-t-need-to-check-recovery-after-re-add-when-no-I-.patch - udev: allow for udev attribute reading bug. (jsc#SLE-10078, jsc#SLE-9348) 0043-udev-allow-for-udev-attribute-reading-bug.patch - imsm: save current_vol number (jsc#SLE-10078, jsc#SLE-9348) 0044-imsm-save-current_vol-number.patch - imsm: allow to specify second volume size (jsc#SLE-10078, jsc#SLE-9348) 0045-imsm-allow-to-specify-second-volume-size.patch - mdcheck: when mdcheck_start is enabled, enable (bsc#1153258) 0046-mdcheck-when-mdcheck_start-is-enabled-enable-mdcheck.patch - mdcheck: use ${} to pass variable to mdcheck (bsc#1153258) 0050-mdcheck-use-to-pass-variable-to-mdcheck.patch - SUSE-mdadm_env.sh: handle MDADM_CHECK_DURATION (bsc#1153258) 0051-SUSE-mdadm_env.sh-handle-MDADM_CHECK_DURATION.patch - super-intel: don't mark structs 'packed' unnecessarily (jsc#SLE-10078, jsc#SLE-9348) 0052-super-intel-don-t-mark-structs-packed-unnecessarily.patch - Manage: Remove the legacy code for md driver prior to 0.90.03 (jsc#SLE-10078, jsc#SLE-9348) 0053-Manage-Remove-the-legacy-code-for-md-driver-prior-to.patch - Remove last traces of HOT_ADD_DISK (jsc#SLE-10078, jsc#SLE-9348) 0054-Remove-last-traces-of-HOT_ADD_DISK.patch - Fix up a few formatting issues (jsc#SLE-10078, jsc#SLE-9348) 0055-Fix-up-a-few-formatting-issues.patch - Remove unused code (jsc#SLE-10078, jsc#SLE-9348) 0056-Remove-unused-code.patch - imsm: return correct uuid for volume in detail (jsc#SLE-10078, jsc#SLE-9348) 0057-imsm-return-correct-uuid-for-volume-in-detail.patch - imsm: Change the way of printing nvme drives in (jsc#SLE-10078, jsc#SLE-9348) 0058-imsm-Change-the-way-of-printing-nvme-drives-in-detai.patch - Create: add support for RAID0 layouts. (bsc#1162479) 0059-Create-add-support-for-RAID0-layouts.patch - Assemble: add support for RAID0 layouts. (bsc#1162479) 0060-Assemble-add-support-for-RAID0-layouts.patch - Respect $(CROSS_COMPILE) when $(CC) is the default (jsc#SLE-10078, jsc#SLE-9348) 0061-Respect-CROSS_COMPILE-when-CC-is-the-default.patch - Change warning message (jsc#SLE-10078, jsc#SLE-9348) 0062-Change-warning-message.patch - mdcheck service can't start succesfully because of syntax (jsc#SLE-10078, jsc#SLE-9348) 0063-mdcheck-service-can-t-start-succesfully-because-of-s.patch - imsm: Update grow manual. (jsc#SLE-10078, jsc#SLE-9348) 0064-imsm-Update-grow-manual.patch - Add support for Tebibytes (jsc#SLE-10078, jsc#SLE-9348) 0065-Add-support-for-Tebibytes.patch - imsm: fill working_disks according to metadata. (jsc#SLE-10078, jsc#SLE-9348) 0066-imsm-fill-working_disks-according-to-metadata.patch - mdadm.8: add note information for raid0 growing operation (bsc#1129900) 0067-mdadm.8-add-note-information-for-raid0-growing-opera.patch - Remove the legacy whitespace (jsc#SLE-10078, jsc#SLE-9348) 0068-Remove-the-legacy-whitespace.patch - imsm: pass subarray id to kill_subarray function (jsc#SLE-10078, jsc#SLE-9348) 0069-imsm-pass-subarray-id-to-kill_subarray-function.patch - imsm: Remove --dump/--restore implementation (jsc#SLE-10078, jsc#SLE-9348) 0070-imsm-Remove-dump-restore-implementation.patch - Rename the following patches, they will be listed with new re-ordered prefix number in following commit, 0001-Document-PART-POLICY-lines.patch 0001-Makefile-install-mdadm_env.sh-to-usr-lib-mdadm.patch 0002-policy-support-devices-with-multiple-paths.patch 0003-mdcheck-add-systemd-unit-files-to-run-mdcheck.patch 0004-Monitor-add-system-timer-to-run-oneshot-periodically.patch 0005-imsm-update-metadata-correctly-while-raid10-double-d.patch 0006-Grow-avoid-overflow-in-compute_backup_blocks.patch 0007-Grow-report-correct-new-chunk-size.patch 0008-policy.c-prevent-NULL-pointer-referencing.patch 0009-Detail.c-do-not-skip-first-character-when-calling-xs.patch 0010-imsm-finish-recovery-when-drive-with-rebuild-fails.patch 0011-mdmon-don-t-attempt-to-manage-new-arrays-when-termin.patch 0012-mdadm-add-no-devices-to-avoid-component-devices-deta.patch 0013-udev-add-no-devices-option-for-calling-mdadm-detail.patch 0021-mdcheck-when-mdcheck_start-is-enabled-enable-mdcheck.patch 0022-mdcheck-use-to-pass-variable-to-mdcheck.patch 0023-SUSE-mdadm_env.sh-handle-MDADM_CHECK_DURATION.patch 0024-Create-add-support-for-RAID0-layouts.patch 0025-Assemble-add-support-for-RAID0-layouts.patch 0026-Enable-probe_roms-to-scan-more-than-6-roms.patch 1002-mdadm.8-add-note-information-for-raid0-growing-opera.patch - Enable probe_roms to scan more than 6 roms. (bsc#1156040) 0026-Enable-probe_roms-to-scan-more-than-6-roms.patch - Create: add support for RAID0 layouts. (bsc#1162479) 0024-Create-add-support-for-RAID0-layouts.patch - Assemble: add support for RAID0 layouts. (bsc#1162479) 0025-Assemble-add-support-for-RAID0-layouts.patch - mdadm.8: add note information for raid0 growing operation (bsc#1129900) 1002-mdadm.8-add-note-information-for-raid0-growing-opera.patch - New patch: 0022-mdcheck-when-mdcheck_start-is-enabled-enable-mdcheck.patch New patch: 0023-mdcheck-use-to-pass-variable-to-mdcheck.patch New patch: 0024-SUSE-mdadm_env.sh-handle-MDADM_CHECK_DURATION.patch Improve systemd units for mdcheck (bsc#1153258) ==== osinfo-db ==== - bsc#1172008 - osinfo-db: Add support for openSUSE Leap 15.2 add-opensuse-leap-15.2-support.patch ==== python-psycopg2 ==== Version update (2.7.4 -> 2.8.5) - Sort out the syntax of the deps bsc#1171213 - update to 2.8.5 - Fixed use of connection_factory and cursor_factory together (ticket #1019). - Added support for logging.LoggerAdapter in LoggingConnection (ticket #1026). - Column objects in cursor.description can be sliced (ticket [#1034]). - Added AIX support (ticket #1061). - Fixed copy() of DictCursor rows (ticket #1073). - fix postgresql build dependency: pg_config is in postgresql-server-devel (bsc#1167541) - update to 2.8.4: - Fixed building with Python 3.8 (:ticket:`#854`). - Don't swallow keyboard interrupts on connect when a password is specified in the connection string (:ticket:`#898`). - Don't advance replication cursor when the message wasn't confirmed (:ticket:`#940`). - Fixed inclusion of ``time.h`` on linux (:ticket:`#951`). - Fixed int overflow for large values in `~psycopg2.extensions.Column.table_oid` and `~psycopg2.extensions.Column.type_code` (:ticket:`#961`). - `~psycopg2.errorcodes` map and `~psycopg2.errors` classes updated to PostgreSQL 12. - Wheel package compiled against OpenSSL 1.1.1d and PostgreSQL at least 11.4. - Replace %fdupes -s with plain %fdupes; hardlinks are better. - Update to 2.8.4 * Added interval_status parameter to start_replication() method and other facilities to send automatic replication keepalives at periodic intervals (ticket #913). * Fixed namedtuples caching introduced in 2.8 (ticket #928). - Update to 2.8.3 * Added interval_status parameter to start_replication() method and other facilities to send automatic replication keepalives at periodic intervals * Fixed RealDictCursor when there are repeated columns * Fixed RealDictRow modifiability * Fixed ?there?s no async cursor? error polling a connection with no cursor 2.8.0 * Added errors module. Every PostgreSQL error is converted into a specific exception class * Added encrypt_password() function * Added BYTES adapter to manage databases with mixed encodings on Python 3 * Added table_oid and table_column attributes on cursor.description items * Added connection.info object to retrieve various PostgreSQL connection information * str() on Range produces a human-readable representation * Fixed async communication blocking if results are returned in different chunks * Fixed adaptation of numeric subclasses such as IntEnum * Dropped support for Python 2.6, 3.2, 3.3. * Dropped deprecated register_tstz_w_secs() * Dropped deprecated PersistentConnectionPool. Use ZPsycopgDA.pool instead. * Binary packages no longer installed by default. The ?psycopg2-binary? package must be used explicitly. * Dropped PSYCOPG_DISPLAY_SIZE build parameter. - Requires postgresql-server-devel on Factory now. - Update to 2.7.7: * Cleanup of the cursor results assignment code, which might have solved double free and inconsistencies in concurrent usage (:tickets:`#346, #384`). * Close named cursors if exist, even if execute() wasn't called (ticket #746). * Fixed building on modern FreeBSD versions with Python 3.7 (ticket #755). * Fixed hang trying to COPY via execute() in asynchronous connections (ticket #781). * Fixed adaptation of arrays of empty arrays (ticket #788). * Fixed segfault accessing the connection.readonly and connection.deferrable attributes repeatedly (ticket #790). * execute_values() accepts sql.Composable objects (ticket #794). * errorcodes map updated to PostgreSQL 11. * Allow non-ascii chars in namedtuple fields (regression introduced fixing ticket #211). * Fixed adaptation of arrays of arrays of nulls (ticket #325). * Fixed building on Solaris 11 and derivatives such as SmartOS and illumos (ticket #677). * Maybe fixed building on MSYS2 (as reported in ticket #658). * Allow string subclasses in connection and other places (ticket #679). * Don't raise an exception closing an unused named cursor (ticket #716). ==== python-rpm-macros ==== Version update (20200117.8e39013 -> 20200207.5feb6c1) Subpackages: python-rpm-generators - Update to version 20200207.5feb6c1 bsc#1171561: * Do not write .pyc files for tests ==== shotwell ==== Version update (0.30.9 -> 0.30.10) Subpackages: shotwell-lang - Update to version 0.30.10: + Modify web publishing authentication to comply with Google's requirements. ==== systemd ==== Subpackages: libsystemd0 libsystemd0-32bit libudev1 libudev1-32bit systemd-32bit systemd-bash-completion systemd-container systemd-sysvinit udev - Import commit ac52edce0f820ffefa5110b6fc4b03e35bf68d61 96a7639970 udev/net-id: Fix check for address to keep interface names stable (#8458) (bsc#1168076) ce5953a877 login: use free_and_replace() and TAKE_PTR() e5190b4b51 logind: remove manager_start_slice() cdeb8d1a48 logind: use free_and_replace in one spot 109aac4b67 logind: drop unnecessary braces 9194610e7e systemd-mount: don't check for non-normalized WHAT for network FS (bsc#1165011) 12b63cb73a systemd-mount: allow to specify an arbitrary string for arg_mount_what when vfs is used (bsc#1165011) - Import commit 7c246f16a6358516a586629091375ee5d45739ec 2205963ee2 manager: fix job mode when signalled to shutdown etc (bsc#1161262) e9b76da147 manager: remove fallback for user/exit.target fa4a1155e7 man: dbus method Manager.Exit() does not start exit.target dc0ec526f2 units: do not install rescue.target for alt-? e3ba383bf8 Add %j/%J unit specifiers - Replace 60-ssd-scheduler.rules with 60-io-scheduler.rules from TW This adds support for I/O scheduler selection with blk-mq (bsc#1165579, bsc#1164717). - Add 60-ssd-scheduler.rules This rules file which select the default IO scheduler for SSDs is being moved out from the git repo since this is not related to systemd or udev at all and is maintained by the kernel team. - Import commit 7e52d0c21a0c895d4f0ae2319f1eb4f2246147ba eedd149d6c core: coldplug possible nop_job (bsc#1139459) 09405f8eee Revert "udev: use 'deadline' IO scheduler for SSD disks" 57cab4a328 Fix typo in function name f846231c1a polkit: when authorizing via PK let's re-resolve callback/userdata instead of caching it (bsc#1162108 CVE-2020-1712) f799fd5371 sd-bus: introduce API for re-enqueuing incoming messages 8a0214f61d polkit: on async pk requests, re-validate action/details - Drop 0001-core-coldplug-possible-nop_job.patch It's been imported in SUSE/v234 branch. - Drop 0001-polkit-on-async-pk-requests-re-validate-action-detai.patch Drop 0002-sd-bus-introduce-API-for-re-enqueuing-incoming-messa.patch Drop 0003-polkit-when-authorizing-via-PK-let-s-re-resolve-call.patch They have been imported in SUSE/v234 branch. - Remove TasksMax limit for both user and system slices (jsc#SLE-10123) - Import commit 4695ebe0b91ec6a23ba9ea238e61a7348474fbc5 Backport support of dash-truncated dropins. The new mechanism is used (since v239) to configure TasksMax limit for user slices and therefore is used to replace UserTasksMax= option in logind.conf as it's more flexible. The old option is still supported thanks to a generator that creates a dash-truncated dropin at boot. It also warns about the use of the old option. This will hopefully allow us to remove the support of UserTasksMax option in the next major version of SLE. ec0bddf1f4 logind: keep backward compatibility with UserTasksMax= in logind.conf 7804fb95bd logind: move two functions to logind_core utility lib fb99d7bc4c login: fix typo in log message 15a8ffa5cc Use a dash-truncated drop-in for user-%j.slice configuration c5bf60565e man: document the new dash truncation drop-in directories 38fb5d11cb test: add test for prefix unit loading 7669c783e8 dropin: when looking for dropins for a unit, also look within "-" prefix unit dirs de1d19b8fb systemctl: fix indentation in output of "systemcl status" if there are multiple drop-in dirs 5da4984f6f unit-name: add new unit_name_build_from_type() helper 278643dc78 tests: skip tests when cg_pid_get_path fails (#7033) a77203d893 shared/dropin: improve error message - Import commit d2826c2ca2eab2b9f6fc08ff2010faafd4c1b9f9 Backport IP filtering feature (jsc#SLE-7743) e6b00a63dc main: when bumping RLIMIT_MEMLOCK, save the previous value to pass to children (bsc#1160595) b7b5a3ba5d main: introduce a define HIGH_RLIMIT_MEMLOCK similar to HIGH_RLIMIT_NOFILE 61d77e2bda def: add a "high" limit for RLIMIT_NOFILE 51a8b7fe9b core: bump mlock ulimit to 64Mb 4a53ff678c Move warning about unsupported BPF firewall right before the firewall would be created f26201d72c core: refactor bpf firewall support into a pseudo-controller 3c6af31da6 core: rename cgroup_queue ? cgroup_realize_queue 12ac94d9d4 cgroup: improve cg_mask_to_string a bit, and add tests for it 6e049a2f46 unit: initialize bpf cgroup realization state properly cfbb2dfb1b cgroup: always invalidate "cpu" and "cpuacct" together 55a0d5a690 main: bump RLIMIT_MEMLOCK for the root user substantially 3c0ec7c460 bpf-firewall: always use log_unit_xyz() insteadof log_xyz() f8e7b8530a core: fix the check if CONFIG_CGROUP_BPF is on a3950086e4 tree-wide: avoid assignment of r just to use in a comparison 92ad831159 Fix three uses of bogus errno value in logs (and returned value in one case) 8f9b4436fa bpf: reset "extra" IP accounting counters when turning off IP accounting for a unit 4edd970f68 bpf: rework how we keep track and attach cgroup bpf programs b6152deaa1 bpf-program: make bpf_program_load_kernel() idempotent 49fa5c4f73 bpf: use BPF_F_ALLOW_MULTI flag if it is available 089bac557e bpf-program: optionally take fd of program to detach aed6959d28 bpf: beef up bpf detection, check if BPF_F_ALLOW_MULTI is supported c548f48cb2 bpf: add new bpf.h header copy from 4.15 kernel 54cc371347 bpf-firewall: fix warning text c08bb273ac ip-address-access: let's exit the loop after invalidating our entry a (#7803) 3dc5591f72 bpf-firewall: actually invoke BPF_PROG_ATTACH to check whether cgroup/bpf is available c5f34b169e cgroup: drop unused parameter from function b519973b49 core: only warn about BPF/cgroup missing once per runtime (#7319) cbeb2f95ac run: also show IP traffic accounting data on "systemd-run --wait" 3ff2299ccb core: improve dbus-cgroup error message 2f0c48782e bpf-firewall: properly handle kernels where BPF cgroup is disabled but TRIE maps are enabled (#7298) 867a8bf0d7 fix compile error on musl 8d3314daf3 bpf: set BPF_F_ALLOW_OVERRIDE when attaching a cgroup program if Delegate=yes is set c6a029bcc0 cgroup: refuse to return accounting data if accounting isn't turned on 33ef892f4b core: when coming back from reload/reexec, reapply all cgroup properties 4bb809e720 core: serialize/deserialize IP accounting across daemon reload/reexec ec63d2a10c core: when creating the socket fds for a socket unit, join socket's cgroup first 5efe9d8b24 socket-label: let's use IN_SET, so that we have to call socket_address_family() only once 35bf6b235f core: warn loudly if IP firewalling is configured but not in effect e62a2ae266 Add test for eBPF firewall code d936dbdb8c ip-address-access: minimize IP address lists df69bcd8d5 core: support IP firewalling to be configured for transient units c03104bf21 cgroup: dump the newly added IP settings in the cgroup context 693934ae53 man: document the new ip accounting and filting directives 7a7b7f97d8 systemctl: report accounted network traffic in "systemctl status" 3079fcd21c manager: hook up IP accounting defaults 44e2578544 cgroup, unit, fragment parser: make use of new firewall functions 61cff5ed0c Add firewall eBPF compiler 3fabe4de90 cgroup: add fields to accommodate eBPF related details 031f1b27f4 Add IP address address ACL representation and parser 7f9545d053 Add abstraction model for BPF programs d44583412a build-sys: add new kernel bpf.h drop-in 80842fbc20 in-addr-util: add new helper call in_addr_prefix_from_string_auto() f5909b1007 in-addr-util: prefix return parameters with ret_ 4de91e22b7 in-addr-util: be more systematic with naming our functions 877cc03ac4 tests: when running a manager object in a test, migrate to private cgroup subroot first (#6576) - Fix bsc#1162108 CVE-2020-1712 Add 0001-polkit-on-async-pk-requests-re-validate-action-detai.patch Add 0002-sd-bus-introduce-API-for-re-enqueuing-incoming-messa.patch Add 0003-polkit-when-authorizing-via-PK-let-s-re-resolve-call.patch - Use suse.pool.ntp.org server pool on SLE distros (jsc#SLE-7683) - Import commit 938b0a2f966d2606cbb20f4bcce7509995aaa7dc 1d7de5e8c2 libblkid: open device in nonblock mode. (bsc#1084671) 87d18b8209 udev/cdrom_id: Do not open CD-rom in exclusive mode. (bsc#1154256) 277ab600b0 bus_open leak sd_event_source when udevadm trigger? (bsc#1161436 CVE-2019-20386) 6558c318fc fileio: introduce read_full_virtual_file() for reading virtual files in sysfs, procfs (bsc#1133495 bsc#1159814) 0c6fb31abb fileio: initialize errno to zero before we do fread() 0baf4768d3 fileio: try to read one byte too much in read_full_stream() 3226d763f7 logind: consider "greeter" sessions suitable as "display" sessions of a user (bsc#1158485) 5aa70da60d logind: never elect a session that is stopping as display - Import commit be5eeb6c7d0bbb8147ff894227140d3d21639aeb 24fc1e1ff6 journal: include kmsg lines from the systemd process which exec()d us (#8078) b213992a3d udevd: don't use monitor after manager_exit() 28998ada7d udevd: capitalize log messages in on_sigchld() 6065eee5f8 udevd: merge conditions to decrease indentation d727a42d46 Revert "udevd: fix crash when workers time out after exit is signal caught" 0e6ff3b3d1 core: fragments of masked units ought not be considered for NeedDaemonReload (#7060) (bsc#1156482) 3523d5a0c8 udevd: fix crash when workers time out after exit is signal caught 787b2f859f udevd: wait for workers to finish when exiting (bsc#1106383) - Import commit 71778a1423b0f599ede9faa96d20add61d24db36 98c082a6ca shell-completion: systemctl: do not list template units in {re,}start 816d6111fc shell-completion: systemctl: pass current word to all list_unit* e8b40b6b10 bash-completion: systemctl: pass current partial unit to list-unit* (bsc#1155207) 7cdab60839 bash-completion: systemctl: use systemctl --no-pager 8844419dc8 bash-completion: also suggest template unit files 6f0e7ca3d1 bash-completion: systemctl: add missing options and verbs 4f4d2d4c1b bash-completion: use the first argument instead of the global variable (#6457) A bunch of commits which improves bash completion support. It only touches the shell completion and hence is pretty safe. - Import commit cff9adac2f06cc0876dc905d5642d271b69e755d 3f5a84b97c networkd: VXLan Make group and remote variable separate (bsc#1156213) 9c4571d6b2 networkd: vxlan require Remote= to be a non multicast address (#8117) (bsc#1156213) 7f1b579fc6 fs-util: let's avoid unnecessary strerror() 49e51f69b5 fs-util: introduce inotify_add_watch_and_warn() helper 454c094294 ask-password: improve log message when inotify limit is reached (bsc#1155574) 012115b8dd shared/install: failing with -ELOOP can be due to the use of an alias in install_error() (bsc#1151377) caa9e284af man: alias names can't be used with enable command (bsc#1151377) - No need to daemon-reexec at package installation time. During package installation PID1 is obviously not being run. - Add 0001-mount-swap-cryptsetup-introduce-an-option-to-prevent.patch (jsc#SLE-7689) - Add 0001-core-coldplug-possible-nop_job.patch This likely fixes bsc#1139459 but it's not been confirmed yet. That's the reason why it's been put in the quarantine area so we can mark this patch as a fix once it will be verified before merging it in our git repo. See https://github.com/systemd/systemd/pull/13124 for a reproducer and the fix. In any cases it fixes a real bug that could be easily reproduced and the fix verified. - Import commit 1b9a7a16f19285e04646b879a7ee932d677a13a6 (jsc#SLE-7687) 2833eac013 man: add a note about _netdev usage 61b562b76f units: replace remote-cryptsetup-pre.target with remote-fs-pre.target 3731059465 units: add [Install] section to remote-cryptsetup.target 06a3b90ac0 cryptsetup: ignore _netdev, since it is used in generator (#7282) 52ff0e4815 cryptsetup-generator: use remote-cryptsetup.target when _netdev is present (jsc#SLE-7687) 1fd79aece7 cryptsetup-generator: add a helper utility to create symlinks 850cfa58c9 units: add remote-cryptsetup.target and remote-cryptsetup-pre.target a17ff04b54 man: add an explicit description of _netdev to systemd.mount(5) 2cf21cc2af man: order fields alphabetically in crypttab(5) 166efe2295 man: make crypttab(5) a bit easier to read 2228e044f9 units: order cryptsetup-pre.target before cryptsetup.target 853d13eb3c Fix reporting of enabled-runtime units - Import commit 76231a9c1f76ab1e2b4b4a60a3333685f0c05793 801458cee2 sd-bus: deal with cookie overruns (bsc#1150595) 39d50c7395 rules: Add by-id symlinks for persistent memory (bsc#1140631) - Allow YaST to select Iranian (Persian, Farsi) keyboard layout (bsc#1092920) - Buildrequire polkit so /usr/share/polkit-1/rules.d subdir can be only owned by polkit (boo#1145023) Otherwise we need to own the directory (or rpmlink checking would complain that the dir has no owners) and make sure that the perms are in sync with the ones defined by polkit. - Import commit 097c4e66dc457e3406fbf914bcf1966da93dcbb9 76e278fe1f conf-parse: remove 4K line length limit (bsc#1137053) 8538cad002 udevd: change the default value of udev.children-max (again) (bsc#1107617) 2bb79d8bb5 meson: stop creating enablement symlinks in /etc during installation (sequel) - Fix build for Leap 15+ - Make sure we don't ship any static enablement symlinks in /etc Those symlinks must only be created by the presets. There are no changes in practice since systemd/udev doesn't ship such symlinks in /etc but let's make sure no future changes will introduce new ones by mistake. It's been done in Factory since a while now. - Import commit 835729c9d137d8c79e575d61b0d1a1c67cc54e59 62bdc40549 units: turn on RestrictSUIDSGID= in most of our long-running daemons 276401ea84 seccomp: rework how the S[UG]ID filter is installed 4b616cb995 test-seccomp: fix compilation on arm64 5a07cdd48a core: fix build failure if seccomp is disabled 0512aa6ea8 core: imply NNP and SUID/SGID restriction for DynamicUser=yes service (bsc#1133506 bsc#1133509 CVE-2019-3843 CVE-2019-3844) d377ee5360 man: document the new RestrictSUIDSGID= setting afcbed619f man: note that `systemctl show` does not overridden value 89982813ca core: expose SUID/SGID restriction as new unit setting RestrictSUIDSGID= 0da1ea2aed test: add test case for restrict_suid_sgid() 898c724e6c seccomp: introduce seccomp_restrict_suid_sgid() for blocking chmod() for suid/sgid files 4b56b9e8d7 meson: stop creating enablement symlinks in /etc during installation d1ee97533e networkd: do not install the socket when networkd is not enabled 972d0a0bdf udevd: notify when max number value of children is reached only once per batch of events (bsc#1132400) 7dd4d8ff02 sd-bus: bump message queue size again (bsc#1132721) - systemd-coredump: generate a stack trace of all core dumps (jsc#SLE-5933) Stack traces are logged into the journal. - Drop "BuildRequires: -post-build-checks" from the specfile (bsc#1130230) The syntax of this directive is obsolete and should be replaced by "#!BuildIgnore: post-build-checks". However there's no reasons to disable these SUSE extra checks especially since the package still builds fine with them turned ON. So simply drop the line from the spec file. - Import commit ecb92848f361fa2b2baebb61a37d861213756ad0 fdafcf8151 pam-systemd: use secure_getenv() rather than getenv() (bsc#1132348 CVE-2019-3842) a9793105c6 bus: fix memleak on invalid message a90e01ef50 logind: fix killing of scopes (bsc#1125604) a9c0babb8b namespace: make MountFlags=shared work again (bsc#1124122) 7a776a1518 man: document the new PrivateMounts= setting ae2abcb517 rules: load drivers only on "add" events (bsc#1126056) a50d2c6c33 Allocate temporary strings to hold dbus paths on the heap (bsc#1125352 CVE-2019-6454) a8d74361ff Refuse dbus message paths longer than BUS_PATH_SIZE_MAX limit. (bsc#1125352 CVE-2019-6454) 78a06c1a87 sysctl: Don't pass null directive argument to '%s' (bsc#1121563) - Drop sg.conf, it's been taking over by suse-module-tools See bsc#1036463 for details. - Do not automagically online memory on s390x (bsc#1127557) On s390 memory that is not online is typically 'reserve' memory that should be only activated by the system administrator. There is no way to detect reserve memory from information provided by the kernel so the state of the art is to not activate memory automagically if the platform is s390. - Drop 0001-systemd-PID1-crash-with-specially-crafted-D-Bus-mess.patch Its upstream counterparts have been imported in SUSE/v234 - Add 0001-systemd-PID1-crash-with-specially-crafted-D-Bus-mess.patch (bsc#1125352 CVE-2019-6454) - Import commit 98de7a2368c96c3914bca239b35d5b1de6bffcc2 434d2010d0 sd-bus: if we receive an invalid dbus message, ignore and proceeed 0cbdb75339 automount: don't pass non-blocking pipe to kernel. - Import commit 7902374f4046d3515973c2292fe764967cfc2309 b808bd8f67 units: make sure initrd-cleanup.service terminates before switching to rootfs (bsc#1123333) 58a5ac4cca logind: fix bad error propagation fb118b996e login: log session state "closing" (as well as New/Removed) e0065eec98 logind: fix borked r check 4a978123cd login: don't remove all devices from PID1 when only one was removed c7af85fa55 login: we only allow opening character devices d21d3f32d1 login: correct comment in session_device_free() a5c15fde73 login: remember that fds received from PID1 need to be removed eventually 12ed3e765a login: fix FDNAME in call to sd_pid_notify_with_fds() d16ea1c77a logind: fd 0 is a valid fd 06546129b3 logind: rework sd_eviocrevoke() 5b40830fcb logind: check file is device node before using .st_rdev 5d69862a26 logind: use the new FDSTOREREMOVE=1 sd_notify() message (bsc#1124153) 6b10a71597 core: add a new sd_notify() message for removing fds from the FD store again 767e6baa0e logind: make sure we don't trip up on half-initialized session devices (bsc#1123727) 95828c00c4 fd-util: accept that kcmp might fail with EPERM/EACCES c1448fc331 core: Fix use after free case in load_from_path() (bsc#1121563) - Import commit 72e2d92e01b6e4686e6ac0b9cea391eb2ad4bc02 fc4e41ca9e core: include Found state in device dumps 8f795776b1 device: fix serialization and deserialization of DeviceFound 2af4971594 fix path in btrfs rule (#6844) f8ac04cffb assemble multidevice btrfs volumes without external tools (#6607) (bsc#1117025) c96249b50c Update systemd-system.conf.xml (bsc#1122000) 37245007a7 units: inform user that the default target is started after exiting from rescue or emergency mode - Import commit 9874ecb0457fd43cdde01085a878acdf2fa5af36 96313ee86a pull: initialize libgcrypt before calling any functions provided by libgcrypt 08870024dc hwdb: remove stray 'i' in hwdb match string for the HP Spectre (#9571) f09d3f3648 cryptsetup: Add dependency on loopback setup to generated units 3dfe6375a9 journal-gateway: use localStorage["cursor"] only when it has valid value 44af6bc697 journal-gateway: explicitly declare local variables a780ac41ce analyze: actually select longest activated-time of services f57d448ff8 sd-bus: fix implicit downcast of bitfield reported by LGTM 02e8443486 install: fix error handling in is_symlink_with_known_name() 5d4d445912 resolve: fix return value type of dns_answer_has_dname_for_cname() 4bfb5d31d5 resolve: dns_scope_network_good() does not returns negative errno c7028bd00a core: free lines after reading them (bsc#1123892) 63b4e1c44b pam_systemd: reword message about not creating a session (boo#1111498) 7811bf8e80 pam_systemd: suppress LOG_DEBUG log messages if debugging is off (boo#1111498) - Import commit b3fe3bed57dbf0a8c280caa4b45323e689f683e2 e3666c6e3e journal-remote: set a limit on the number of fields in a message (CVE-2018-16865 bsc#1120323) a6d9216e7a journal-remote: verify entry length from header 6d319eb61e journald: set a limit on the number of fields (1k) (CVE-2018-16865 bsc#1120323) f9c666991a coredump: fix message when we fail to save a journald coredump 2ad2d953c7 journald: do not store the iovec entry for process commandline on stack (bsc#1120323 CVE-2018-16864) 10f19f0bbf journald: remove unnecessary {} eec4fdb05c coredump: remove duplicate MESSAGE= prefix from message - Import commit 8f7529bfb001e99ebaab8f50d611ab750b96917d (CVE-2018-6954 bsc#1080919) 61043b6fd3 Add macro for checking if some flags are set c15f0a33a2 test: Run qemu/nspawn tests with "set -e" 2c818c539a test: Factorize common integration test functions (#6540) aa07d4eef4 test: Write state and log files into $BUILD_DIR 0207cea661 tmpfiles: fold five lines into two 9b622de3ad tmpfiles: "e" takes globs 2f1f321b26 tmpfiles: don't adjust qgroups on existing subvolumes (bsc#1093753) 32bc657d2b tmpfiles: use fd_get_path() even less excessively c0a4ee798f test: make TEST-22 easier to debug, by outputting to /dev/console 4e6c4d3147 test: don't use "nobody:nogroup" for tests 1c22e03b53 tmpfiles: return correct error variable after fd_reopen() 3147f8b81b tmpfiles: reindent one comment less weirdly 52c5e3dcce tmpfiles: use correct error variable 34395ac640 tmpfiles: clarify that we ignore file attribute setting errors 2e68b99078 tmpfiles: add log message where we previously failed silently 4b4025ebf4 tmpfiles: use fd_get_path() less excessively f004d24b2a tmpfiles: add more tests a516490b24 test: don't send image building output to /dev/null (#8886) d827068b53 tmpfiles: don't follow unsafe transitions in path_set_*() f38c092871 fs-util: add new CHASE_NOFOLLOW flag to chase_symlinks() 0fd2349ec9 tmpfiles: make create_fifo() safe 0c40e5f0fd fs-util: introduce mkfifoat_atomic() helper cfaa792ef9 fileio: make tempfn_random_child() accept empty string as path 842dcb66f7 tmpfiles: introduce create_fifo() 37aac5922d tmpfiles: introduce empty_directory() a3ee4deb69 tmpfiles: introduce create_directory() and create_subvolume() and make them safe c46af42ca2 basic/stat-util: introduce is_dir_fd() 15c9a82bce btrfs-util: unfuck tmpfiles' subvol creation 56728ebf2c btrfs-util: introduce btrfs_subvol_make_fd() 6c125e3be7 basic/label: introduce mkdirat_label()/mkdirat_errno_wrapper() helpers 18fe67c959 selinux: introduce mac_selinux_create_file_prepare_at() 1b711db4b6 path-util: introduce new safe_getcwd() wrapper d770b8db30 smack: introduce mac_smack_fix_at() 0ffb1013bc smack: make mac_smack_fix() deal somewhat sensible with non-absolute paths 55e7a0cd2a Fix compilation w/o smack (#8593) 84e8ac537b label: rework label_fix() implementations (#8583) 3686673f0a tmpfiles: introduce create_directory_or_subvolume() 1a2573fadf tmpfiles: make create_device() safe 5c9a660957 tmpfiles: introduce create_device() c177df34c8 tmpfiles: make copy_files() safe 06a5290c63 tmpfiles: introduce copy_files() routine 6d641c23a8 tmpfiles: make write_one_file() safe 1782e90f3d tmpfiles: make truncate_file() safe 5101dfbff7 tmpfiles: introduce truncate_file() which deals with 'F' exclusively 1886d7636f tmpfiles: introduce create_file() which deals with 'f'/'F' exclusively c7f0d990b5 tmpfiles: make the stat struct parameter in fd_set_*() optional 04ce630755 tmpfiles: stat file in item_do() rather than in its callers 04883c43b7 tmpfiles: set only default acls to folders #9545 (#9599) e6720dda59 tree-wide: some O_NDELAY ? O_NONBLOCK fixes 8f2444bccd tmpfiles: fix up and complain paths referring to /var/run (instead of /run) automatically 92cafeb3ab tmpfiles: 'e' is supposed to accept shell-style globs 0ad95b0f9a tmpfiles: 'e' is supposed to operate on directory only a1ba1e298b fs-util: introduce fchmod_opath() 6774858c3e tmpfiles: remove spurious curly braces in create_item() ff7b2a2149 tmpfiles: create parent directories if they are missing for more line types 4d225f603f fd-util: introduce fd_reopen() helper for reopening an fd bcec6544d6 test: add tests for systemd-tmpfiles 281d06a8fa tmpfiles: don't resolve pathnames when traversing recursively through directory trees 69a3a957d4 tmpfiles: fstat() works with fd opened with O_PATH since Linux 3.6 5e2146a435 tmpfiles: make hardlink_vulnerable() argument constant f871a58fe7 tmpfiles: make "f" lines behaviour match what the documentation says 3583d83776 tmpfiles: shortcut path_set_perms() if there's nothing to do 465416b058 tmpfiles: fix check for figuring out whether to call chmod() baf3ea541c tmpfiles: avoid using wrong type for strlen() result a8d6590e17 basic/fs-util: remove logically dead code 3768f894ed fs-util: add new CHASE_STEP flag to chase_symlinks() cd09a3129d macro: introduce new TAKE_FD() macro 0feee55455 macro: introduce TAKE_PTR() macro 58987f02cb fs-util: add shortcut for chase_symlinks() when it is called like open(O_PATH) 662fe953fb fs-util: chase_symlinks(): support empty root accfcc9d5c fs-util: refuse taking a relative path to chase if "root" is specified and CHASE_PREFIX_ROOT is set 6caab72812 fs-util: extra chase_symlink() safety check on "path" parameter 996c2c2fa6 fs-util: extra safety checks on chase_symlinks() root parameter 1252ee00da fs-util: remove comment about non-existing function b42e2bb5f9 nspawn: make sure we don't leak the fd in chase_symlinks_and_update 41fff37ee3 fs-util: add new chase_symlinks() flag CHASE_OPEN 67f388cc93 user-util: add UID_NOBODY defines that resolve to (uid_t) 65534 4b036c36a1 fs-util: use _cleanup_close_ attribute 0390eb2077 fs-util: chase_symlinks(): prevent double free 4c495215e3 fs-util: add new CHASE_SAFE flag to chase_symlinks() 9242f48c29 fs-util: chase_symlinks(): remove unnecessary slash at the head 17ae72b9b0 Move mkdir_label() to mkdir-label.c 581192d868 Move selinux-related stuff from btrfs-util.c to label.c 008a35deb6 Add mkdir_errno_wrapper() and use instead of mkdir() in various places fa77d89b43 mkdir: introduce follow_symlink flag to mkdir_safe{,_label}() b8c314823d mkdir: chmod_and_chown() returns errors as "return -errno", not in errno itself e9231b19eb tmpfiles: check if not too many symbolic links. (#7423) 48a7365e7f tmpfiles: with "e" don't attempt to set permissions when file doesn't exist (#6682) ad2c7f6a04 basic/macros: add STRLEN() to get length of string literal as constant expression - Import commit c7f08cbe22b95d97a0eea4832991c8390cc86866 c152c950d4 vconsole-setup: fonts copy will fail if the current terminal is in graphical mode (bsc#1114933) 827dc868bd 6647 - use path_startswith("/dev") in cryptsetup (#6732) (bsc#1119971) 5d1e170e05 logind: stop managing VT switches if no sessions are registered on that VT (bsc#1101591) 07fc858f25 terminal-util: introduce vt_release() helper eee33c6e5d terminal-util: introduce vt_restore() helper a133c368a4 terminal: unify code for resetting kbd utf8 mode a bit (#6692) 2a487a79ea terminal reset should honour default_utf8 kernel setting (#6606) a33d12fd73 logind: make session_restore_vt() static ef799fb7ec udev/net-id: check all snprintf return values 46343b3248 core: don't include libmount.h in a header file (#8580) 2763be9d36 udev: downgrade message when we fail to set inotify watch up (bsc#1005023) f66ba2d179 namespace: always use a root directory when setting up namespace (bsc#1045723) 98d173e12e core: ReadWritePaths= and friends assume '+' prefix when BindPaths= or freinds are set 5d581cee2f namespace: properly handle bind mounts from the host 7b0b2e418b namespace: create /dev, /proc, /sys when needed 84736215a4 coredump: only install coredump.conf when ENABLED_COREDUMP=true - Fix the test for figuring out if /etc/machine-id is writable in %post (bsc#1117063) "test -w" always returns true for root user even if the writable mode bits are not set. Fix this by testing the file mode bit value instead. - udev: ignore the exit code of systemd-detect-virt for memory hot-add (bsc#1076696) In 80-hotplug-cpu-mem.rules on SLE12-SP3, there have a memory hot-add rule uses systemd-detect-virt to detect non-zvm environment. The systemd-detect-virt returns exit failure code when it detected _none_ state. The exit failure code causes that the hot-add memory block can not be set to online. See: https://www.spinics.net/lists/systemd-devel/msg00341.html - Import commit ceefdbf8afbc95dc2728999ce0cd7493411357e4 43b790123 dhcp6: make sure we have enough space for the DHCP6 option header (bsc#1113632 CVE-2018-15688) 96eba195c dhcp6: split assert_return() to be more debuggable when hit 38c94b4bf core: skip unit deserialization and move to the next one when unit_deserialize() fails ef058a4f9 core: when deserializing state always use read_line(?, LONG_LINE_MAX, ?) (bsc#1113665 CVE-2018-15686) 5581cd610 core: properly handle deserialization of unknown unit types (#6476) e2933aa92 core: don't create Requires for workdir if "missing ok" (bsc#1113083) 794443b1c logind: use manager_get_user_by_pid() where appropriate 986d63b00 logind: rework manager_get_{user|session}_by_pid() a bit 83d0f831e login: fix user@.service case, so we don't allow nested sessions (#8051) (bsc#1112024) f2a73744c core: be more defensive if we can't determine per-connection socket peer (#7329) fc9172ff8 core: introduce systemd.early_core_pattern= kernel cmdline option cd2ed8f59 core: add missing 'continue' statement c6c6cc19c core/mount: fstype may be NULL 1da4c5dd4 journald: don't ship systemd-journald-audit.socket (bsc#1109252) 7bb6768b3 core: make "tmpfs" dependencies on swapfs a "default" dep, not an "implicit" (bsc#1110445) 5aa2ccd69 mount: make sure we unmount tmpfs mounts before we deactivate swaps (#7076) 57cc22fef detect-virt: do not try to read all of /proc/cpuinfo (bsc#1109197) 3c4503ec6 emergency: make sure console password agents don't interfere with the emergency shell 7a1eb19d7 man: document that 'nofail' also has an effect on ordering e0326fc41 journald: take leading spaces into account in syslog_parse_identifier a09b1acab journal: do not remove multiple spaces after identifier in syslog message e7a85abe6 syslog: fix segfault in syslog_parse_priority() 6d66aca0f journal: fix syslog_parse_identifier() be15909f3 install: drop left-over debug message (#6913) - Ship systemd-sysv-install helper via the main package This script was part of systemd-sysvinit sub-package but it was wrong since systemd-sysv-install is a script used to redirect enable/disable operations to chkconfig when the unit targets are sysv init scripts. Therefore it's never been a SySV init tool. - Import commit 5da416950ebe9c4d834ffb8382b0dcaee1941aa8 9d0d3c2bb tmpfiles: don't adjust qgroups on existing subvolumes (bsc#1093753) 828198433 socket-util: attempt SO_RCVBUFFORCE/SO_SNDBUFFORCE only if SO_RCVBUF/SO_SNDBUF fails (bsc#991901) 043f75c0d user@.service: don't kill user manager at runlevel switch (bsc#1091677) 21eae45f7 units: make sure user@.service runs with dbus still up 27f607ce7 fix race between daemon-reload and other commands (v234) (bsc#1105031) 83126307c nspawn: always use mode 555 for /sys (bsc#1107640) 8a77eed0a cryptsetup: do not define arg_sector_size if libgcrypt is v1.x (#9990) 7ebb0643c cryptsetup: add support for sector-size= option (#9936) (fate#325697) - Enable or disable machines.target according to the presets (bsc#1107941) Enable or disable machines.target according to the distro's presets. - Import commit f26a4b03baf10f479951bdffa0f70eff6b5451c1 5af898dfe core/service: rework the hold-off time over message a4aa80162 systemctl: load unit if needed in "systemctl is-active" (bsc#1102908) 72f8ae153 core: don't freeze OnCalendar= timer units when the clock goes back a lot (bsc#1090944) ed49f225e man: SystemMaxUse= clarification in journald.conf(5) (bnc#1101040) c47c1fd5e core: in --user mode, report READY=1 as soon as basic.target is reached (#7102) ee9d1567c sd-bus: extend D-Bus authentication timeout considerably (#6813) - Add 0002-udev-optionally-disable-the-generation-of-the-partla.patch (bsc#1089761) This patch adds "udev.no-partlabel-links" kernel command-line option that can be used to disable the generation of the by-partlabel symlinks regardless of the name used. This might be useful to prevent the generation of such symlinks on big setups where it could have a bad impact on the performance of the boot process. This will allow user to workaround bsc#1089761 whatever the partlabel used for disks (previous patch was only dealing with "primary" and "logical" names). DISCLAIMER: this new option must be used to workaround the previous bug *only* as it will be dropped as soon as the udev perf issue will be addressed. - Import commit 2bf8d0f79760dd75bc221f9e91d294e4957e6c95 181ae456a udev: use MAC address match only for ibmveth/ibmvnic/mlx4 (bsc#1095096) 5a1aa8454 compat-rules: generate more compat by-id symlinks for NVMe devices (bsc#1095096) - Import commit 455f9b8841be896cb9a46a76f441a68a54187b29 be5d72795 systemctl: mask always reports the same unit names when different unknown units are passed (bsc#1095973) d484e8167 systemctl: check existence of all units, not just the first one b33745be7 scsi_id: Fixup prefix for pre-SPC inquiry reply (bsc#1039099) f141e98a0 device: make sure to always retroactively start device dependencies (take #2) (bsc#1088052) cc7cfdc06 locale-util: on overlayfs FTW_MOUNT causes nftw(3) to not list *any* files c10206dad Fix pattern to detect distribution 7b8f97e93 basic/macros: rename noreturn into _noreturn_ (#8456) f4836f05a install: "user" and "global" scopes are equivalent for user presets (boo#1093851) 8f3fb5638 install: search preset files in /run (#7715) e871d6192 install: consider globally enabled units as "enabled" for the user (bsc#1093851) a25169127 install: consider non-Alias=/non-DefaultInstance= symlinks as "indirect" enablement c4635e551 install: only consider names in Alias= as "enabling" 1b78301a5 install: move and rename to lowercase two functions e79156aee udev: whitelist mlx4_core locally-administered MAC addresses in the persistent rule generator (bsc#1083158) 6c565351b man: updated systemd-analyze blame description for service-units with Type=simple (#8834) (bsc#1091265) 380e80633 fileio.c: fix incorrect mtime 0ae375c66 fileio: support writing atomic files with timestamp - Drop runtime dependency on dracut (bsc#1098569) Otherwise systemd pulls in tools to generate the initrd even in container/chroot installations that don't have a kernel anyways. For environments where initrd matters, dracut should be pulled via a pattern. - Import commit d5dfab21f033c8af518e169a4cc79365a26974e2 e79156aee udev: whitelist mlx4_core locally-administered MAC addresses in the persistent rule generator (bsc#1083158) - Disable user services by default (bsc#1090785) - Add 0001-udev-don-t-create-by-partlabel-primary-and-.-logical.patch (bsc#1089761) - Make sure /etc/machine-id has correct permissions (boo#1092269) This should be only needed for those who keep a Beta/RC installations. - Move 80-container-v[ez].network in systemd-container sub-package - Move 80-container-host0.network from udev to systemd - Import commit d5dfab21f033c8af518e169a4cc79365a26974e2 92bf37b0a device: skip deserialization of device units when udevd is not running 0a8984996 device: make sure to always retroactively start device dependencies (bsc#1088052) 88df88129 cryptsetup-generator: do not bind to the decrypted device unit (#6538) (bsc#1089693) - Ship 99-sysctl.conf instead of creating it during package installation/update (bsc#1088769) Previously this symlink was created in /etc/sysctl.d during %post which made the symlink not owned and more importantly it was created only if /etc/sysctl.conf is already installed which is not always the case during the installation process it seems. So ship the symlink unconditionally and put it in /usr/lib/sysctl.d instead since it's a distro default behavior that might be overriden by sysadmin later. - Import commit 9c35953dd19e90e4bfb03ad41380f3a5f9ae3ce7 a374ad328 Drop busname unit type (bsc#1089376) 85a01da56 shared/dissect-image: adapt to LUKS2 format a0ac1823c dissect: add a bit of debug logging if dm-crypt fails on us 386ae68a0 cryptsetup: support LUKS2 on-disk format (bsc#1083571) 5f3b66fdb systemd-udevd: limit children-max by available memory (#8668) (bsc#1086785 bsc#1066422) 54833e3ab tmpfiles: fix directory removal with force symlink (#8619) 04ef8e535 rules: fix syntax inconsistency in 75-persistent-net-generator.rules spotted by rule syntax checker - Drop dangling symlinks when systemd-container is not installed (bsc#1089376) - /usr/lib/systemd/system/remote-fs.target.wants/var-lib-machines.mount symlink is now part of systemd-container. - Dangling org.freedesktop.*.busname symlinks have been dropped completely and the support of busname has been removed from the git repo since it was dead code (kdbus was rejected). - systemd: add offline environmental condition to 80-acpi-container-hotplug.rules (bsc#1082485) Add the offline event environmental condition to restrict the rule that is can only be triggered when the change event is received with the "offline" environmental data. The 27664c581 "ACPI / scan: Send change uevent with offine environmental data" kernel patch changed the corresponding code in kernel. This change prevents the udev rules for acpi container be triggered by "udevadm trigger" from user space. - Split systemd-coredump sub-package off (bsc#1083849) - Rename the tarball to reflect the exact version used (bsc#1087323) So it's clear that it contains some additional patches on top of the upstream version. Use the commit hash in the name so the exact version can easily be identified. Provide _service file which can be used to retrieve the tarball from the git repo (with "osc service disabledrun"). - Import commit b83c42d5d91a5ace2b4aa7420e83c98292e6f9e3 a59988ee5 sysusers: make sure to reset errno before calling fget*ent() 98ddbf6b3 sysusers: also add support for NIS entries in /etc/shadow 586c08f63 sysusers: do not append entries after the NIS ones (bsc#1085062 bsc#1045092) 3993df26a compat-rules: fix error detected by the rule syntax checker - Don't ship machines.target in systemd-container but in systemd main package machines.target is supposed to be a standard target for starting/stopping all containers. systemd-nspawn is the main user of it but other container managers could also make use of it. - Create systemd-container-mini package So we don't have to manually track and remove all files that should be shipped by systemd-container in the case of a bootstrap build. - Run migrate-sysconfig-i18n.sh also during package installation (bsc#1086164) This is needed when we upgrade from SLE11. - Split systemd-container sub-package off (fate#325469) This split off has been in Factory/TW since a couple of weeks now without any reported problems and I think it makes also sense to have it in SLE. - Import commit 6efb938f152b60c905b8496980697400b13e02a7 06d5d0701 rules: maintain 80-hotplug-cpu-mem.rules in the package 01db63eeb rule-syntax-check: allow commas inside quoted strings 8247f6155 rule-syntax-check: add support for escaped double quotes a6354c05b rule-syntax-check: values can contain escaped double quotes 5c8d9a358 rule-syntax-check: PROGRAM is not supposed to get value assigned 88174ae85 compat-rules: fix syntax errors spotted by test/rule-syntax-check.py f4f94ab2e meson: install rules/80-hotplug-cpu-mem.rules 2901aa9b9 meson: install rules/60-ssd-scheduler.rules db1d8eacd compat-rules: make path_id_compat build with meson - Fix hotplug memory in 80-hotplug-cpu-mem.rules Drop broken script udev-remount-tmpfs. When new memory was hotplugged, the rule was supposed to call the external script (udev-remount-tmpfs) to remount all tmpfs. However the script was broken since its introduction (commit rev=715, 14/07/2014) and had no effects... this makes me wonder if we shouldn't get rid of this... The logic is now embedded in the rule file. - Add basic user space support for suspend to idle (fate#323814) Add 99-wakeup-from-idle.rules Currently this only covers the power button and usb/AT keyboards as wakeup devices. It is planned to make that configurable in the future. - Add dmi conditions to 80-acpi-container-hotplug.rules (bsc#1078358, bsc#1081170, bsc#1075743) Patch sent by Lee, Chun-Yi to @systemd-maintainers. http://mailman.suse.de/mailman/private/systemd-maintainers/2018-February/032177.html Commit message: Add dmi/id conditions to 80-acpi-container-hotplug.rules to restrict the rule that it can only be triggered on Huawei Kunlun 9008, 9016 and 9032 machines. (bsc#1078358, bsc#1081170, bsc#1075743) - Re-enable systemd-firstboot It's used by the installer and also by JeOS. - Import commit 0987985db5a5797db8dc708e67166d329fa74858 1293c0056 core: use id unit when retrieving unit file state (#8038) (bsc#1075801) 596b2b241 Revert "vconsole-setup: add SUSE specific settings for font/keyboard in sysconfig" 0b595da04 Revert "locale-setup: handle locale at boot time well" 2a181fc6f insserv-generator: make it build with meson 7b0401da4 build-sys: don't build networkctl if networkd is disabled b1e0a348d fileio: include sys/mman.h f1fa784cb meson: update header file to detect memfd_create() 8838ba7ec meson: define _GNU_SOURCE to detect copy_file_range() (#7734) - Disable systemd-firstboot I don't think there's any use case for it currently. - Drop unused code dealing with tmp.mount Commit "Don't ship /usr/lib/systemd/system/tmp.mnt at all (bsc#1071224)" forgot to delete this chunk of code which is no more needed. - Make systemd-timesyncd use the openSUSE NTP servers by default Previously systemd-timesyncd used the Google Public NTP servers time{1..4}.google.com - Drop 0001-Revert-locale-setup-handle-locale-at-boot-time-well.patch 0002-Revert-vconsole-setup-add-SUSE-specific-settings-for.patch These 2 patches have been merged in branch "SUSE/v234" - Don't ship /usr/lib/systemd/system/tmp.mnt at all (bsc#1071224) But we still ship a copy in /usr/share/systemd. Users who want to use tmpfs on /tmp are supposed to add a symlink in /etc/ pointing to the copy shipped in /usr/share. To support the update path we automatically create the symlink if tmp.mount in use is located in /usr/lib. - Enable systemd-networkd on Leap distros only (bsc#1071311) - Don't build seccomp support in the mini package - Don't build-require selinux for the mini package - Drop libgcrypt.m4 The mini package builds fine without it so it doesn't seem necessary anymore. - Import commit d5a5df298ccf490eb1da5cd671922dcda5ec17e1 531a00c84 Restore "restore /var/run and /var/lock bind mount if they aren't symlink"" - Import commit fd4e9389d87901c420a5a05dd016a002bc9e85b2 7fb9ea39a Revert "restore /var/run and /var/lock bind mount if they aren't symlink" 23ce1207a meson.build: make docdir configurable (#8068) - Import commit 08eebc34ac22b2175321f3a8814ed0aca3bc88bb 07c6ee3eb compat-rules: get rid of scsi_id when generating compat symlinks for NVMe devices (bsc#1051465) - Drop 0001-compat-rules-get-rid-of-scsi_id-when-generating-comp.patch It's been merged in branch "compats/udev-compat-symlinks" which was merged in branch "SLE15" in its turn. - Import commit b4e4c090b2238e80f4d82b11739bc428d3f0e00f 37da1facb core: disable session keyring per system sevice entirely for now (bnc#1045886) 8a1ae0449 strv: fix buffer size calculation in strv_join_quoted() 2b8971b8a tmpfiles: refuse to chown()/chmod() files which are hardlinked, unless protected_hardlinks sysctl is on (bsc#1077925 CVE-2017-18078) 8c2bcac25 tmpfiles: change ownership of symlinks too - Drop 0001-core-disable-session-keyring-per-system-sevice-entir.patch It's been merged in branch "SUSE/v234". - Import commit b8dab767c4df0fba4766f1e2b9977a2cd329b20e 3d60486f7 core/timer: Prevent timer looping when unit cannot start (bsc#1068588) 54c0add7c logind: store a timestamp when the ACPI power button is pressed (bsc#981830 bsc#888612 bsc#1072933) 460bd0cd6 Revert "handle SYSTEMCTL_OPTIONS environment variable" (fate#323393) - Drop 0001-Revert-handle-SYSTEMCTL_OPTIONS-environment-variable.patch The patch has been merged in SUSE/v234 since its counterpart in YaST has been accepted in Factory and SLE15. - Drop 0001-logind-store-a-timestamp-when-the-ACPI-power-button-.patch The patch has been verified on Beta5 and hence has been merged in "SLE15" branch. - Import commit c2ed2c6dc3aed4b3c22cfcd4b8fd28da01f6471e aa3eba828 delta: don't ignore PREFIX when the given argument is PREFIX/SUFFIX b1ea0173a delta: extend skip logic to work on full directory paths (prefix+suffix) (bsc#1070428) 77c5065f9 delta: check if a prefix needs to be skipped only once db32866d1 Fix parsing of features in detect_vm_xen_dom0 (#7890) (bsc#1048510) 11d40461a sd-bus: use -- when passing arguments to ssh (#6706) - Edit scripts-systemd-fix-machines-btrfs-subvol.sh We shouldn't be creating a /var/lib/machines subvolume if /var is already a seperate partition or subvolume. /var/lib/machines will already be excluded from snapper & similar tooling in this case. - Import commit 290129a57006338211f8c139a52402cb1ccebbf7 1148d99f6 tmpfiles: consider /etc uninitialized also when /etc/machine-id is present but empty (#7849) (bsc#1075179) 3a95f69bf tmpfiles: downgrade warning about duplicate line - Import commit e1f3d0784798d2a31e7492a26ce660fda2b0ddb8 8c7f0c449 service: Don't stop unneeded units needed by restarted service (bsc#1066156) 869be64ce sysctl: use raw file descriptor in sysctl_write (#7753) 0c2400810 sysctl: disable buffer while writing to /proc (bsc#1071558) 9eb1f30b8 Use read_line() and LONG_LINE_MAX to read values configuration files. (bsc#1071558) 4dbea654f def: add new constant LONG_LINE_MAX 48f14cd71 fileio: add new helper call read_line() as bounded getline() replacement - Add 0001-Revert-handle-SYSTEMCTL_OPTIONS-environment-variable.patch Patch has been quarantined. The only user of SYSTEMCTL_OPTIONS was yast2-installation and its usage has been removed in SLE15 (the changes are still pending for Factory). - Import commit d4267fb7c1c6718015309275d303e652155705f8 861e1a222 build-sys: udevadm should have LOG_REALM=LOG_REALM_UDEV 8ed5cf3fb meson: libudev_core and udevadm should have LOG_REALM=LOG_REALM_UDEV (#7666) a9f93f1d0 virt: use XENFEAT_dom0 to detect the hardware domain (#6442, #6662) (#7581) (bsc#1048510) fe56abdf9 seccomp: arm64/x32 do not have _sysctl (bsc#1069239) c9194fe37 seccomp: arm64 does not have mmap2 (bsc#1069239) 31d9b3c32 fs-util: small tweak in chase_symlinks() 9dd0bc7a3 meson: do not include man/meson.build if xsltproc not found 7e29e2b07 analyze: replace --no-man with --man=no in the man page (bsc#1068251) - Add missing /etc/systemd/network directory backported from Factory - Add (back) 0001-logind-store-a-timestamp-when-the-ACPI-power-button-.patch (bsc#1072933) Patch added in the quarantine area. Once tested it could be moved to the SLE15 branch. - Stop importing i18n settings from /etc/sysconfig (fate#319454) Add the 2 following patches in the quarantine area: 0001-Revert-locale-setup-handle-locale-at-boot-time-well.patch 0002-Revert-vconsole-setup-add-SUSE-specific-settings-for.patch - Import commit 00dc7ae09282e074a16b37a7329296371cb9efda 63481b24b firstboot: do not write vconsole.conf when arg_keymap is empty (bsc#1070124) - Add 0001-compat-rules-get-rid-of-scsi_id-when-generating-comp.patch (bsc#1051465) This patch is not yet merged in the 'compats/udev-compat-symlinks' branch: we asked to upstream if it would be possible to introduce a new specifier that wouldn't strip trailing whitespaces , see https://github.com/systemd/systemd/issues/7462 Also this allows to give the patch more testing before merging it in the git repo. - Drop a useless rm(1) from the specfile - Add 80-acpi-container-hotplug.rules (bsc#1040800) A "temporary" rule file that is maintained by the kernel team until a proper solution is found in the kernel. It doesn't belong to udev normally but for convenience purpose we welcome this homeless rule. - Remove requires for pwdutils, we don't need the shadow tools anymore [bsc#1069150] - Drop 0001-systemd-firstboot-add-vconsole-keymap-support.patch It's not needed since it's been merged in the git repo (see commit 86804326f). - Import commit 79ede6be5b01b6031637e3ac95248a9bf392ce7c 22dcb1d04 tmpfiles: when /etc is not fully initialized, some specifiers are expected to be unresolvable (#6860) (bsc#1055664) 216beb768 tmpfiles: Allow create symlink on directories (#6039) baf85eb79 udev: net_setup_link: don't error out when we couldn't apply link config (#7328) 86804326f systemd-firstboot: add vconsole keymap support (#7035) (bsc#1046436) - Remove stderr redirection to /dev/null when calling %tmpfiles_create since it's not needed anymore due to commit 22dcb1d04. Indeed the messages are no more emitted at LOG_WARN but LOG_NOTICE. - Fork Factory and create a dedicated project for SLE15. It will contain all SLE15 dedicated bits: - forward port all SLE dedicated patches - merge compats/persistent-nic-names (bsc#1061883) - update with compats/udev-compat-symlinks - update with SUSE/v234 - disble networkd, resolved, journal-remote - Import commit 0053b83a1d913954f0d2eb22bb2a0df2ef252e19 9b64225e9 (origin/SUSE/v234, SUSE/v234) resolved: fix loop on packets with pseudo dns types (bsc#1065276 CVE-2017-15908) 261a4ef38 (origin/compats/udev-compat-symlinks, compats/udev-compat-symlinks) compat-rules: generate compat by-id symlinks with 'nvme' prefix missing (bsc#1063249) 9707249bc udev: add option to generate old 'buggy' SCSI serials 52cf64d2b journald: turn ForwardToSyslog= on by default (bsc#1065301) e2f3cf5f2 logind: disable RemoveIPC by default 7a2a3b134 (origin/compats/persistent-nic-names, compats/persistent-nic-names) udev: add a persistent rule for ibmvnic devices 74b2d3b88 udev: disable predictable network interface names by default ef9f437a0 udev: Revert the use of -DNET_IFNAME=1 to use persistent name by default e61a078ed udev: move persistent net rule generator to SCRIPTS 9c95cc9ac udev: rework KVM persistent rules generatior (again) 760a6f70d udev: fix persistent netrule generator for KVM 9d173534c udev: better checks in write_net_rules() in persistent net rule generator 5540a0b7c udev: fix duplicated rules with layer3 interfaces in persistent net rule generator d87359c59 udev: re-enable dev_id conditionally in persistent net rule generator 5a0c34683 udev: disable usage of dev_id in persistent net rule generator 73fa44a85 udev: re-add persistent net rule generator a7d25354d Revert "udev: network device renaming - immediately give up if the target name isn't available" - Import commit e44237e76f6e133e62ff6c681d3fd06ebf12f66d a4e02c099 udev-rules: all values can contain escaped double quotes now (#6890) d2b767a76 tmpfiles: remove old ICE and X11 sockets at boot (#6979) - Add 0001-systemd-firstboot-add-vconsole-keymap-support.patch (bsc#1046436) Temporary patch until it's been merged by upstream, see https://github.com/systemd/systemd/pull/7035 - Damn forgot to drop 0001-Revert-core-device-Use-JobRunningTimeoutSec-for-devi.patch in the spec file - Import commit 6dea894131d78b20b9e0482f75afa6ee4dec8627 1cdd944b0 unit: when JobTimeoutSec= is turned off, implicitly turn off JobRunningTimeoutSec= too (bsc#1004995) This make 0001-Revert-core-device-Use-JobRunningTimeoutSec-for-devi.patch not needed anymore. - Import commit 93688f8e53b4e482a55a7d4aba2d927ddedebdde c53522be3 compat-rules: allow to specify the generation number through the kernel cmdline - Import commit c1e8af7d1e8b09c2878a5b17f513bfc41ae46dc6 982754275 build-sys: make sure 61-persitent-storage-compat.rules is installed with meson 9ac2e8b9b udev: proc_cmdline_get_key() FTW! (#6925) - Import commit 9e0985dc330b1cf04bc44049962343bdf4ba851a 4fd7cd041 pam_logind: skip leading /dev/ from PAM_TTY field before passing it on dd6312828 logind: make sure we don't process the same method call twice (#6583) - Update scripts-systemd-upgrade-from-pre-210.sh script - drop dependency on awk - fallback to runlevel #3 if something goes wrong Note: I'm not sure how this is supposed to work as /etc/inittab is likely to be missing in my understanding. Indeed this file is part of the aaa_base package which might be upgraded before systemd is installed... - Drop macros.systemd.upstream as it's not used - Import commit 58ea3c819cca1639ef8c922505c573ba5e262b3d 334945091 shutdown: fix incorrect fscanf() result check (#6806) 027202892 shutdown: don't remount,ro network filesystems. (#6588) (bsc#1035386) bc77b53a5 shutdown: don't be fooled when detaching DM devices with BTRFS (boo#1055641) d9d293847 util: make get_block_device() available 421ce7382 tmpfiles: silently ignore any path that passes through autofs (#6506) (bsc#1045472) ca8f90e62 device: make sure to remove all device units sharing the same sysfs path (#6679) - Make use of "%tmpfiles_create" in %post of the logger subpackage - Add scripts-udev-convert-lib-udev-path.sh (bsc#1050152) This script takes care of converting /lib/udev into a symlink pointing to /usr/lib/udev when upgrading a distro using an old version of udev. - Make use of "%make_build" rpm macro - Renumber scripts to start at index 100 - Introduce scripts-systemd-upgrade-from-pre-210.sh It collects all existing hacks done in %post to fix old/deprecated settings in systemd older than 210. This includes hacks needed to fix system that are migrating from SysV. There shouldn't be any functional changes. - Move scripts for packaging workaround/fixes in /usr/lib/systemd/scripts It also renames fix-machines-subvol-for-rollbacks.sh into scripts-systemd-fix-machines-btrfs-subvol.sh Note that the "scripts-systemd-" prefix is used for those scripts so we can gather them. Why not using a directory instead ? because osc doesn't allow that. - Add 0001-Revert-core-device-Use-JobRunningTimeoutSec-for-devi.patch (bsc#1048605) It's a temporary but urgent fix for a regression discovered in bug 1048605. The fix is still under discussion with upstream but we need to make progress here and limit the number of affected users. Consequently this fix reintroduces bsc#1004995 (the bug report has been re-opened) but this one is far less critical and a workaround was provided. The final solution will fix both bugs. - Import commit 2bed4bf99cf7f24eafda490f778ed5e109f8d7f1 7a4935268 compat-rules: drop the boggus 'import everything' rule (bsc#1046268) - %regenerate_initrd_post is suppsed to be used in %post (not %pre) section - Import commit 6887cc21f23e33ac37801a01d76176e5c16fd8ea 9dcc6c04e pid1: forward port console specificities handling for s390 arch to v234 - Import commit 986e98fd5a75470ba17e21fea12d7d4e966c1ecc 4706ebc62 call chase_symlinks without the /sysroot prefix (#6411) (boo#1051172) - Remove the unneeded hack forcing systemd-crypsetup binary to be linked against the just built libudev I don't remember why it was added but it looks unnecessary: most of all systemd components are linked againt libsystemd-shared.so which includes all the just built symbols. Also I don't see why it was done only for systemd-cryptsetup since all other binaries should have had suffered from the same issue. - Import commit c5705e01800bdadd6a4fa7dc50d47b13eb697211 8ea065d44 compat-rules: don't rely on ID_SERIAL when generating 'by-id' symlinks for NVMe devices (bsc#1048679) - Import commit 06bed720274d9436405a7c27c8238d7d1aefca2b 66fffdf12 build-sys: don't hook var-lib-machined.mount to remote-fs.target when machined is disabled 96c232066 Revert "core: don't load dropin data multiple times for the same unit (#5139)" - Drop support of compression from the mini package Hence remove the relevant build-requires from the mini package. - Upgrade to v234 (commit 78af11131da1b2760778206806c0ebe8616a5284) - package /etc/systemd/system/dbus-org.freedesktop.network1.service - /usr/lib/systemd/resolv.conf is not installed if resolved is disabled - Edit pkgconfig(liblz4) dependency: liblz4 now uses 1.x *again* - Added 0001-core-disable-session-keyring-per-system-sevice-entir.patch (bnc#1045886) Temporary patch to disable the session keyring stuff as it's currently broken and may introduce some security holes. - Import commit 21827ea0875ff197e16e72003b2bfaa1c6e8daad 1ad06735f core: fail when syntactically invalid values for User=/Group= fields are detected (bsc#1047023) d563972e2 timesyncd: don't use compiled-in list if FallbackNTP has been configured explicitly f4e0c16f5 gpt-auto-generator: fix the handling of the value returned by fstab_has_fstype() in add_swap() (#6280) e1345aac5 fix add_esp() in the gpt-auto-generator.c (#6251) c591ece9a automount: don't lstat(2) upon umount request (#6086) (bsc#1040968) 643ab2eea gpt-auto-generator: disable gpt auto logic for swaps if at least one is defined in fstab f07d2022f fstab-util: introduce fstab_has_fstype() helper bf735bb35 fstab-util: don't eat up errors in fstab_is_mount_point() a4b40fbed resolved: simplify alloc size calculation (bsc#1045290 CVE-2017-9445) 8b960bec0 only check signature job error if signature job exists (#6118) (boo#1043758) 1418bfb5b job: Ensure JobRunningTimeoutSec= survives serialization (#6128) (bsc#1004995) 19b6d5f08 udev: turn off -Wformat-nonliteral for one safe case 717ace439 udev: net_id add support for platform bus (ACPI, mostly arm64) devices (#5933) a3bf2e6b5 core/mount: pass "-c" flag to /bin/umount (#6093) - Add minimal support for boot.d/* scripts in systemd-sysv-convert (boo#1046750) While at it, the handling of the symlink priorities is also removed since it doesn't appear to be used at all. - Don't try to restart networkd/resolved if they're disabled (boo#1045521) "systemctl try-restart/preset" wants the unit files exist. - Stop shipping /usr/lib/sysusers.d/basic.conf (bsc#1006978) Ok looks like the previous change was the right thing to do and we continue to follow this path by relying on the new user/group scheme Therefore the basic system user/group are now managed and created by system-sysusers and udev also relies on this for the groups it uses in its rule files. Ideally we should have listed all of the groups in the deps (with "Requires: group(disk)" but the list of the groups is rather long and the risk for those groups to be re-organized is probably low, so currently we simply use "Requires: system-group-hardware" as a shortcut. - Make sure "lock" group is created On SUSE distros, /run/lock must be owned by "lock" group (see boo#733523). This group was previously created by another package but since a recent changes it doesn't seem to be true anymore or at least this package isn't pulled in anymore when building the rescue system. For now make systemd creates the group by adding "Requires: group(lock)". I'm currently not sure why we don't use sysusers.d stuff for that purpose and if the "lock" group on /run/lock is still mandatory. This should be revisited later. - Make sure dracut (if installed) will embed the new compat rule The new compat rule must be embedded in the initramfs so make sure that the installed dracut supports it. - Upgrade to v233 (commit 330b55d5e28d17f361062dba66426e46fb7d7857) - package new systemd-umount binary - package new environment generator stuff - drop /dev/root symlink support - /etc/pam.d/systemd-user is not patched anymore but we ship a dedicated file for SUSE now. - manage compat symlink generation in a dedicated branch (bsc#1040153) - Fix systemd-sysv-convert when a package starts shipping service units (bsc#982303) The database might be missing when upgrading a package which was shipping no sysv init scripts nor unit files (at the time --save was called) but the new version start shipping unit files. - Fix indentation in systemd-sysv-convert While at it, strip trailing whitespaces. No functional changes. - Disable group shadow support (bsc#1029516) The new configure option will be imported during the next tarball update. - Ship /var/log/README Unfortunately it's not possible to also ship /etc/init.d/README because of rpm "sanity" checks that prevent executable in /etc/init.d - Drop systemd-{journalctl,loginctl} legacy symlinks. - Drop %preun section Currently the only use of this section is to remove the symlinks enabling systemd services on package removal. Those symlinks were initially installed by the systemd package installation but could have been overriden by the sysadmin later. If so the symlinks shouldn't be uninstalled. Also in a near futur disabling services will install a symlink to /dev/null. - Import commit 9e33c2ae69fbb705e8ad143536e419a231e93020 04ef0eab8 importd: support SUSE style checksums supplementary (#5800) fb601ad9a importd: support SUSE style checksums (#5206) (fate#322054) b76b27c76 hwdb: fix warning "atkbd serio0: Unknown key pressed" (#5772) (boo#1010220) cb0d991f6 loginctl: fix typo causing ignoring multiple session IDs (#5732) - Make use of %systemd_postun() - Restart a couple of systemd services on package update Those services (most notably journald) should support restarting these days. However logind still doesn't but that should be fixed pretty soon, well I hope :) - Don't buildrequire pam-config, it's not used at this step. Also drop the use of it in %postun as it can't realistically happen... - Don't call /sbin/ldconfig in %post of the main package systemd main package doesn't ship any shared libs so there's no point in calling ldconfig in %post/%postun - Silent %tmpfiles_create in %post (bsc#1034938) Due to bsc#1024740, we stopped generating /etc/machine-id during systemd package installation making the specifier '%m' unavailable in the tmpfiles.d configuration files at this time. Make it simple for now and silent %tmpfiles_create, after all that's how the macro was implemented originally. - Import commit f0325620d23a247682c629d28883a364e4a7a8c4 327814841 core: when a unit's SourcePath points to API VFS pretend we are never out-of-date (#5487) f4b9fb58e units: move Before deps for quota services to remote-fs.target (#5627) (bsc#1028263) 44b9d27f8 udev: net_id - support predictable ifnames on vio buses (#5675) (bnc#1029183) 64f4761c9 units: apply plymouth warning fix to in rescue mode as well (#5615) 77607b887 units: do not throw a warning in emergency mode if plymouth is not installed (#5528) (bsc#1025398) 336d6016c core: downgrade "Time has been changed" to debug (#4906) (bsc#1028610) - Consider chroot updates in fix-machines-subvol-for-rollbacks.sh (bsc#1030290) - Initialize /etc/machine-id during the first boot (bsc#1024740) Previously that was done at package installation but it didn't fit well for appliance builds. - Import commit 68fc0a749a83d16d4cde8471d5030bc6254ffd96 76d4d05fb udev: fix variable assignment 473df8cc4 udev-rules: perform whitespace replacement for symlink subst values (bsc#1025886) d6c3ff647 udev-event: add replace_whitespace param to udev_event_apply_format 30ad15f7c libudev-util: change util_replace_whitespace to return number of chars in dest - Import commit 103259b3226251d06f79ca627f7b0ba0bd49f4bc 0ee7890dd automount: if an automount unit is masked, don't react to activation anymore (#5445) 99865a181 core: make sure to destroy all name watching bus slots when we are kicked off the bus (#5294) (bsc#1006687) f34234c54 build-sys: add check for gperf lookup function signature (#5055) 44e39538f sd-event: "when exiting no signal event are pending" is a wrong assertion (#5271) (boo#995936 bsc#1022014) 471b26807 sd-event: when an event source fails, don't assume the type of it is still set - Don't ship systemd-resolved for now (bsc#1024897) If resolved is enabled , systemd-tmpfiles creates a wrong symlink in /etc/resolv.conf which confuses the network manager actually used. - More indentation cleanup (no functional changes) - Remove obsolete insserv requirements for udev again [bsc#999841] - Import commit cd97d5d5fef79ab9d957bf6504d085c0faca6bfc e587b6ce0 disable RestrictAddressFamilies on all architectures but x86_64 one (bsc#1023460) c8ae05632 journald: don't flush to /var/log/journal before we get asked to (bsc#1004094) 7261eaf3e sd-event: fix sd_event_source_get_priority() (#4712) - Move fix for permission set on /var/lib/systemd/linger/* (no functional changes) Move that part after the fix on timer timestamp files otherwise the comment doesn't make sense. - Import commit 028fd9b60580976dffb09b3576a2b652ee35137c cc2ca55ff build-sys: do not install ctrl-alt-del.target symlink twice ececae77a device: Avoid calling unit_free(NULL) in device setup logic (#4748) - Ship systemd-resolved but it's disabled by default (bsc#1018387) The NSS plugin will also be disabled, users need to enable it manually. - Don't ship ldconfig.service anymore This service was introduced to support stateless systems that support offline /usr updates properly. AFAIK we don't support any such system for now, so disable it. If it's wrong it's easy enough to restore it back. Related to bsc#1019470. - Be more consistent with indentation (*no* functional changes) Indentation should use 8 spaces now (no tabs). - Import commit 2559bc0c076b58f0a649056e79ca90fe5f1d556c 9c4a759ab systemctl: 'show' don't exit with a failure status if the requested property does not exist [SUSE] (bsc#1021062) f9194193b systemctl: remove duplicate entries showed by list-dependencies (#5049) (bsc#1012266) 2a6653335 rule: don't automatically online standby memory on s390x (bsc#997682) - Fix permission set on /var/lib/systemd/linger/* Those files are created by logind which run with umask(0022), so they are not world writable and shouldn't be affected by bsc#1020601. But it's cleaner to not let files forever with their setuid bit set for no good reason. - Fix permissions set on permanent timer timestamp files (bsc#1020601) (CVE-2016-10156) This change makes sure to fix the permissions of the timestamp files which could have been created by an affected version of systemd. Local unprivileged users could have run arbitrary code as root if systemd previously created world writable suid root files such as permanent timer stamp files. - Import commit 3edb876e3b80437a95502aa5d31d454606ea94bd 27b544224 core: make sure to not call device_is_bound_by_mounts() when dev is null (#5033) (bsc#1018399) - Use the %{resolved} build conditional for the nss-resolve subpackage - /usr/bin/systemd-resolve was missing from the filelist - Silent warnings emitted when udev socket units are restarted during package upgrade (bsc#1018214) - Upgrade to v232, commit de62e96da6a62ac61a7dea45cc558f5fa4342032 - a4dff165d nspawn: resolv.conf might not be created initially (#4799) - b543fe907 nspawn: fix condition for mounting resolv.conf (#4622) - 1aed89e55 core: make mount units from /proc/self/mountinfo possibly bind to a device (#4515) (boo#909418 bsc#912715 bsc#945340) - bfb54ecdc coredumpctl: let gdb handle the SIGINT signal (#4901) (bsc#1012591) - Really include legacy kbd maps in kbd-model-map (bsc#1015515) Instead of fix-machines-subvol-for-rollbacks.sh... - Enable lz4 (which becomes the default) It's much faster than xz and thus should be more appropriate to compress journals and coredumps. The LZ4 logic is now officially supported and no longer considered experimental. The new frame api was released in v125. - Good by compatlibs support There's no longer need for enabling/disabling the support for the compatlibs as it's been dropped from the source code. - Drop /usr/lib/systemd/libsystemd-shared-%{version}.so from the 32bit package This shared library is not for public use, and is neither API nor ABI stable, but is likely to change with every new released update. Only systemd binaries are supposed to link against it. This also prevents from the 32bit package to conflit with the 64bit one if this lib was installed by both packages. - Upgrade to v232, commit c5c3445825981e2a5c3ed71214127d5b1b9de802: - Dropped backported commits which has been merged - Forward-port Suse specific patches - Added --disable-lto option to ./configure - Added systemd-mount - Removed in %file /usr/lib/systemd/user/*.socket: since 798c486fbcdce3346cd86 units/systemd-bus-proxyd.socket has been removed. - Removed in %file %{_sysconfdir}/systemd/bootchart.conf since commit 232c84b2d22f2d96982b3c bootchart is not part of systemd anymore. - Backward compat libs have been disabled since it's been dropped from the source code. - Added /usr/bin/systemd-socket-activate in %file - Added --without-kill-user-processes ./configure option - Bump libseccomp build require (>= 2.3.1) as described in README - Specifiy version of libmount as required in the README - libudev-devel 32bit is needed for building 32bit wine now. - specfile: conflict systemd-bash-completion and systemd-mini-bash-completion Otherwise the build system detects that systemd-bash-completion and its mini variant are conflicting at files level even though those packages can't be installed on the same system. - specfile: clean up nss-* plugins descriptions and drop nss-myhostname-config script for now. Currently /etc/nsswitch.conf is supposed to be edited by the sysadmin to enable the modules. However for some reasons only nss-myhostname is removed from the conf file when the corresponding package is uninstalled. This is inconsistent so let's remove it. Actually I'm wondering if we shouldn't make those NSS plugins part of the main package and get rid of all those sub-packages... - specfile: remove old comments and unneeded sed command - specfile: no need to create systemd-update-utmp-runlevel.service symlinks anymore The symlinks in /usr/lib/systemd/system/.target.wants/systemd-update-utmp-runlevel.service are created in Makefile.am since commit d5d8429a12c4b1. 'reboot' and 'poweroff' targets initially had the symlinks but there's not point since the latter conflicts shutdown.target whereas the 2 targets pull it in. See: https://github.com/systemd/systemd/pull/4429 - specfile: remove the following warnings: [ 256s] warning: File listed twice: /usr/lib/systemd/system/dbus.target.wants [ 256s] warning: File listed twice: /usr/lib/systemd/system/default.target.wants - Own a couple of directories even if they don't belong to systemd otherwise the build system will complain. Some directories (owned by others packages) are simply used by systemd to ship some scripts or config files to customize others * optional* components. Since thos components are not build required by systemd those directories are not owned by any packages and the BS complains... - Import commit 15ea716 journal-remote: change owner of /var/log/journal/remote and create /var/lib/systemd/journal-upload (bsc#1006372) - %sysusers_create and %tmpfiles_create must be called in %post Calling %pre is broken since the respective conf files are not yet installed. - %{_libexecdir}/{tmpfiles.d,sysusers.d}/systemd-remote.conf are part of systemd-journal-remote package (only). - systemd-journal-{gatewayd,remote,upload} units are only part of "systemd-journal-remote" package. So exclude them from the main package. - Import commit a1c145e6ad6588555dca64402f9103fb1e02b1a0 7f34037 man: explain that *KeyIgnoreInhibited only apply to a subset of locks df5798b Revert "logind: really handle *KeyIgnoreInhibited options in logind.conf" (bsc#1001790 bsc#1005404) f79fee7 Revert "kbd-model-map: add more mappings offered by Yast" 3760c10 manager: tighten incoming notification message checks d6efd71 core: only warn on short reads on signal fd 6eebd91 manager: be stricter with incomining notifications, warn properly about too large ones fdf2dc3 manager: don't ever busy loop when we get a notification message we can't process - Rename kbd-model-map-extra into kbd-model-map.legacy - Remove tcpd-devel build requirement. tcpwrap support has been removed since v212, see commit 7f8aa67131cfc03ddcbd31c0420754864fc122f0 - remove all dummy "aliases" to /etc/init.d (as it was already done by factory more than 1 year ago). Even if a sysvinit script is still requiring one of those dummy symlinks this should not be an issue since this is requirement is translated into a weak dependency. - specfile: - do not own /usr/share/zsh directory - do not own /etc/dbus-1 and /etc/dbus-1/system.d dirs - do not own /usr/share/dbus-1 dir - specfile: %{_prefix}/lib/systemd/system-preset was mentioned twice in %files section. - Specfile cleanup: - use curly braces with rpm macros - Specfile cleanup: - %ghost files doesn't need (anymore) to be created in %builroot - do not own /etc/X11/xorg.conf.d and /etc/X11/xinit - Specfile cleanup: no need to protect the manpages with %bootstrap condition in nss-myhostname package since the package itself is already protected. - fix nss-resolve sub package: - add a %files section - add a package description - libnss_resolve.so.2 is now part of this subpackage - add %post and %postun sections - Specfile cleanup: - reorganize some files in %files by types - some config files were missing the "noreplace" attribute - Use %config(noreplace) for %{_sysconfdir}/pam.d/systemd-user - Rework systemd-gatewayd package: - some gateway's files were still in the main package - it now includes all progs dealing with remote journals - it can be turned off (SP2 does that currently) - it's been renamed systemd-journal-remote to reflect that - Specfile cleanup: - only specify once %{_prefix}/lib/systemd/system-shutdown in %file - no need to list the content of %{_prefix}/lib/systemd/user-generators in %file - machined is not built when %bootstrap = 1 - Specfile cleanup: - There's no point in listing all generators in %file explicitly. The default is to include all of them and if for some reason one must be excluded then it should be done explicitly. - Specfile cleanup: - remove explicit call to make for building man pages. This is not needed and was maybe useful when generated doc was pre-built and shipped in the tarball. - Specfile cleanup: - break overly long and unreadable line using mkdir - gather directory creations - Stop providing udevd.8 systemd-udevd has replaced udevd for some time already and usage of udevd should be avoided. Therefore don't encourage this and stop documenting it. - Import from factory: - Thu Feb 4 11:05:37 UTC 2016 - lnussel@suse.de - curl also causes building of journal-upload. That one has rather unusal certificate usage, set it's ca root to /etc/pki/systemd instead of the built-in default /etc/ssl as journal-remote and journal-upload think they can put stuff in /etc/ssl/certs then but that directory is managed by p11-kit and doesn't serve the purpose those programs think. - Package rootsymlink-generator helper. It was forgotten when switching to the git repo but re-added back. That said this thing should be removed as it's broken as soon as there's no direct link between the root fs and its backend device node (i.e. BTRFS). - Add kbd-model-map-extra file which contains the additional legacy keymaps needed by yast. This was previously directly patched in the systemd source code. - Imported e251b8d7fb5c801fdfa3a023257ba0e4d514f3b0 - Re-add back /dev/root symlink generation (although this must be deprecated and finally removed). - Migrating to the Suse Systemd git repo: Third step: - Re-enable networkd (disabled by default in SLE12) - Migrating to the Suse Systemd git repo: Second step: - Import the specfile - Import the tarball generated from the git repo - Import lastest changes for the different scripts - Migrating to the Suse Systemd git repo: First step: drop all patches and drop the tar ball. The dropped patches are: fix-support-for-boot-prefixed-initscript-bnc-746506.patch set-and-use-default-logconsole.patch ensure-ask-password-wall-starts-after-getty-tty1.patch 0001-rules-block-add-support-for-pmem-devices-3683.patch Fix-run-lock-directories-permissions-to-follow-openSUSE-po.patch 1007-physical-hotplug-cpu-and-memory.patch 1066-udev-add-compatibility-links-for-truncated-by-id-links.patch watch_resolv.conf_for_become_changed.patch 0019-make-completion-smart-to-be-able-to-redirect.patch systemd-add-user-keep.patch 0001-core-re-sync-bus-name-list-after-deserializing-durin.patch systemd-228-nspawn-make-journal-linking-non-fatal-in-try-and-auto.diff avoid-random-hangs-on-timeouts-due-lost-cwd.patch 1037-udev-exclude-cd-dvd-from-block-device.patch 0001-add-network-device-after-NFS-mount-units.patch journald-advice-about-use-of-memory.patch 1011-64-btrfs.rules-skip-btrfs-check-if-devices-are-not-r.patch 1006-udev-always-rename-network.patch handle-numlock-value-in-etc-sysconfig-keyboard.patch use-rndaddentropy-ioctl-to-load-random-seed.patch 0001-pid1-don-t-return-any-error-in-manager_dispatch_noti.patch 0001-add-hdflush-for-reboot-or-hddown-for-poweroff.patch 0001-pam_systemd_do_override_XDG_RUNTIME_DIR_of_the_original_user.patch 0001-bnc888612-logind-polkit-acpi.patch avoid-divide-by-zero-sigtrap.patch 1035-99-systemd.rules-Ignore-devices-with-SYSTEMD_READY-0.patch suse-sysv-bootd-support.diff ensure-shortname-is-set-as-hostname-bnc-820213.patch parse-crypttab-for-noauto-option.patch tty-ask-password-agent-on-console.patch 0001-pid1-process-zero-length-notification-messages-again.patch handle-root_uses_lang-value-in-etc-sysconfig-language.patch 0001-core-exclude-.slice-units-from-systemctl-isolate.patch vhangup-on-all-consoles.patch 0001-systemctl-pid1-do-not-warn-about-missing-install-inf.patch apply-ACL-for-nvidia-device-nodes.patch make-emergency.service-conflict-with-syslog.socket.patch 0001-journal-warn-when-we-fail-to-append-a-tag-to-a-journ.patch 1096-new-udev-root-symlink-generator.patch 1099-Add-default-rules-for-valve-steam-controller-to-work.patch 0001-journal-set-STATE_ARCHIVED-as-part-of-offlining-2740.patch systemd-install-compat_pkgconfig-always.patch 1012-Skip-persistent-device-link-creation-on-multipath-de.patch 0001-avoid-abort-due-timeout-at-user-service.patch insserv-generator.patch apply-ACL-for-nvidia-uvm-device-node.patch restore-var-run-and-var-lock-bind-mount-if-they-aren-t-sym.patch systemd-pam_config.patch systemd-dbus-system-bus-address.patch let-linker-find-libudev-for-libdevmapper.patch 1098-systemd-networkd-alias-network-service.patch 0001-let-systemctl-completion-ignore-at-names.patch boot-local-start.patch 1095-set-ssd-disk-to-use-deadline-scheduler.patch tomcat6-var-lock-subsys-legacy.patch let-vconsole-setup-get-properties-only-once-to-copy-them.patch plymouth-quit-and-wait-for-emergency-service.patch respect-nfs-bg-option.patch 0001-If-the-notification-message-length-is-0-ignore-the-m.patch 1062-rules-set-default-permissions-for-GenWQE-devices.patch rescue-emergency-target-conflicts.patch Correct_assert_on_unexpected_error_code.patch 1097-udevd-increase-maximum-number-of-children.patch 0001-core-fix-bus-name-synchronization-after-daemon-reloa.patch 1005-create-default-links-for-primary-cd_dvd-drive.patch allow-multiple-sulogin-to-be-started.patch systemd-230-cgroup2-use-new-fstype-for-unified-hierarchy.patch 0010-do-not-install-sulogin-unit-with-poweroff.patch 1003-udev-netlink-null-rules.patch 1002-rules-create-by-id-scsi-links-for-ATA-devices.patch 0001-nss-mymachines-do-not-allow-overlong-machine-names.patch shut-up-rpmlint-on-var-log-journal.patch systemd-tmp-safe-defaults.patch portmap-wants-rpcbind-socket.patch hostname-NULL.patch 0001-pid1-more-informative-error-message-for-ignored-noti.patch 0001-journal-fix-HMAC-calculation-when-appending-a-data-o.patch handle-disable_caplock-and-compose_table-and-kbd_rate.patch kbd-model-map.patch systemctl-set-default-target.patch 0014-journald-with-journaling-FS.patch 0001-On_s390_con3270_disable_ANSI_colour_esc.patch - Import a better fix from upstream for bsc#1001765 - Added: 0001-pid1-more-informative-error-message-for-ignored-noti.patch 0001-pid1-process-zero-length-notification-messages-again.patch - Updated (no code changes, only patch metadata) 0001-If-the-notification-message-length-is-0-ignore-the-m.patch 0001-pid1-don-t-return-any-error-in-manager_dispatch_noti.patch - Re add back "udev: don't require nsserv and fillup" Did this in the wrong project... it was a complicated day today ;) - Added 2 patches to fix bsc#1001765 0001-If-the-notification-message-length-is-0-ignore-the-m.patch 0001-pid1-don-t-return-any-error-in-manager_dispatch_noti.patch - Revert "udev: don't require nsserv and fillup" It's been judged too late for being part of SLE12 final release. Nevertheless it's part of Factory and will be reintroduced after the final release is out (ie through an update). - systemd-sysv-convert: make sure that /var/lib/systemd/sysv-convert/database is always initialized (bsc#982211) If "--save" command was used and the sysv init script wasn't enabled at all the database file wasn't created at all. This makes the subsequent call to "--apply" fail even though this should not considered as an error. - Added patches to fix journal with FSS protection enabled (bsc#1000435) 0001-journal-fix-HMAC-calculation-when-appending-a-data-o.patch 0001-journal-set-STATE_ARCHIVED-as-part-of-offlining-2740.patch 0001-journal-warn-when-we-fail-to-append-a-tag-to-a-journ.patch - udev: don't require nsserv and fillup (bsc#999841) udev has no LSB init scripts nor fillup templates anymore. - Build require python and python-lxml in order to generate systemd.directives man page (bsc#986952) - Add rules: block: add support for pmem devices (#3683) (bsc#988119) 0001-rules-block-add-support-for-pmem-devices-3683.patch - Fix is-enabled check in systemd-sysv-install (bsc#997268) - Only BuildRequire gnu-efi when building the 'real' systemd package. - Add a script to fix /var/lib/machines to make it suitable for rollbacks (bsc#992573) - reverted the systemctl split-off on request of Franck Bui. - Add sysusers to the new split "systemctl" subpackage - Split systemctl and tmpfiles into a separate package - Fix 1099-Add-default-rules-for-valve-steam-controller-to-work.patch to enable missing functionality of Steam Controller - Backport unified_cgroup_hierarchy fix for Linux >= 4.4. boo#989276 + systemd-230-cgroup2-use-new-fstype-for-unified-hierarchy.patch - drop 1060-udev-use-device-mapper-target-name-for-btrfs-device-ready.patch it breaks btrfs on multiple device-mapper devices (boo#984516). The problem it tried to fix is already fixed in rule shipped with btrfsprogs (see boo#912170). - fix warning about missing install info during preset (boo#970293) 0001-systemctl-pid1-do-not-warn-about-missing-install-inf.patch - Avoid bootstrap cycle with sg3_utils - Fix patch patch handle-numlock-value-in-etc-sysconfig-keyboard.patch that is do not close a file descriptor twice (boo#973907) - Add two patches which address logind/networkd disappearing from dbus (and busctl) even while the units and processes continue running. 0001-core-fix-bus-name-synchronization-after-daemon-reloa.patch 0001-core-re-sync-bus-name-list-after-deserializing-durin.patch - drop all compiler/linker option customizations: - -pipe option is used by default since day 0 - get rid of cflags() function which is not needed - --hash-size has no impact specially in runtime IOW, use the default options for the compiler and the linker, there's no point in making systemd different from other package in this regards. - use %make_build instead of 'make %{?_smp_mflags}' - be more strict on own lib version requirements - systemd should require udev with the exact same version - Modify patch handle-numlock-value-in-etc-sysconfig-keyboard.patch to allow that open, seek, and read of /dev/mem may fail e.g. on XEN based virtual guests (bsc#961120) - Add upstream patch 0001-core-exclude-.slice-units-from-systemctl-isolate.patch this fixes forced logouts on isolate target aka changing runlevel (boo#966535) - require curl and bzip2 to build importd - curl also causes building of journal-upload. That one has rather unusal certificate usage, set it's ca root to /etc/pki/systemd instead of the built-in default /etc/ssl as journal-remote and journal-upload think they kan put stuff in /etc/ssl/certs then but that directory is managed by p11-kit and doesn't serve the purpose those programs think. - /var/lib/systemd/random-seed is a file - own /var/lib/machines - add systemd-228-nspawn-make-journal-linking-non-fatal-in-try-and-auto.diff - systemd-sysv-install: Fix chkconfig argument for disable op - Create groups adm,input,tape in fixed order (boo#944660) - Make sure we don't use tmpfs on /tmp by default (bsc#940522) - Avoid enabling readahead services; they have been removed. - In %install, only process kbd-model-map.xkb-generated if it exists. Resolves a build failure in 13.2/42.1. - spec: update minimum kernel version to 3.11 - Update minimum util-linux version to 2.27.1 - Add patch to enable working steam controller: * 1099-Add-default-rules-for-valve-steam-controller-to-work.patch - fix CVE-2015-7510: Stack overflow in nss-mymachines (boo#956712) Add 0001-nss-mymachines-do-not-allow-overlong-machine-names.patch - Update to new upstream release 228 * The various memory-related resource limit settings (such as LimitAS=) now understand the usual K, M, G, ... suffixes to the base of 1024 (IEC). Similar, the time-related settings understand the usual min, h, day, ... suffixes now. * CPUAffinity= now takes CPU index ranges in addition to just individual indexes. * A number of properties previously only settable in unit files are now also available as properties to set when creating transient units programmatically via the bus. - Remove 0001-Make-sure-the-mount-units-pulled-by-RequiresMountsFo.patch (merged upstream) - Update to 227. - Rebase systemd-pam_config.patch, handle-root_uses_lang-value-in-etc-sysconfig-language.patch, 0001-add-hdflush-for-reboot-or-hddown-for-poweroff.patch, 0001-On_s390_con3270_disable_ANSI_colour_esc.patch, 0014-journald-with-journaling-FS.patch, 0019-make-completion-smart-to-be-able-to-redirect.patch, avoid-divide-by-zero-sigtrap.patch, systemd-add-user-keep.patch, set-and-use-default-logconsole.patch, tty-ask-password-agent-on-console.patch, 0001-bnc888612-logind-polkit-acpi.patch, watch_resolv.conf_for_become_changed.patch, 1097-udevd-increase-maximum-number-of-children.patch. - Remove 0002-units-enable-waiting-for-unit-termination-in-certain.patch, 1001-re-enable-by_path-links-for-ata-devices.patch, rules-add-lid-switch-of-ARM-based-Chromebook-as-a-power-sw.patch: fixed upstream. - Modify patch handle-root_uses_lang-value-in-etc-sysconfig-language.patch to handle locale at boot time well (boo#927250) - Be able to use build service environments several times - 1096-new-udev-root-symlink-generator.patch: fix substitution in ExecStart value - enable seccomp for aarch64 (fate#318444) - Fix again UEFI for mini package - Drop one more undesirable Obsoletes/Provides. This should have been a Conflicts. (There was already a Conflicts, and since Conflicts go both ways, we won't need a second one.) - No UEFI for systemd-mini - Add 2 upstream patches to fix boo#949574 and bsc#932284 0001-Make-sure-the-mount-units-pulled-by-RequiresMountsFo.patch 0002-units-enable-waiting-for-unit-termination-in-certain.patch - Disable systemd-boot on aarch64 since it fails to build. Error while compiling src/boot/efi/util.o is: usr/include/efi/aarch64/efibind.h:2:20: fatal error: stdint.h: No such file or directory - Fix UEFI detection logic: basically we let configure.ac figure out if UEFI is supported by the current build environment. No need to clutter the spec file with a new conditionnal %has_efi. - Provide systemd-bootx64.efi (aka gummiboot) - Modify patch tty-ask-password-agent-on-console.patch to reflect the changes done for pull request 1432 - Undo Obsoletes/Provides (from Aug 11), creates too big a cycle. - Provide systemd-sysv-install program/link [bnc#948353] - Fix patch tty-ask-password-agent-on-console.patch not to crash away but enable it to ask on all devices of /dev/console - Avoid "file not found /etc/udev/rules.d/70-persistent-net.rules" waring occurring in %post - Add patch let-vconsole-setup-get-properties-only-once-to-copy-them.patch to avoid broken virtual console mapping due stressed ioctl API for the virtual consoles (boo#904214) - Fix last change that is use the new name for udev packages in %pretrans. - restore usage of LUA in %pretrans. - Try to generate the systemd users and groups always in same order to avoid republish other packages (boo#944660) - cleanup specfile by removing commands that were dealing with systemd pre-generated files: we're now using systemd tarball generated directly from the git repo which doesn't contain any of these files. - there's no point in using LUA in %pretrans - Drop 0009-make-xsltproc-use-correct-ROFF-links.patch This patch was initialy added to workaround bsc#842844. But it appears that man(1) was fixed (included since 13.2 at least) to handle manual pages that consist only of a .so directive such as '.so '. - Change use-rndaddentropy-ioctl-to-load-random-seed.patch to make it work on big endian - Use Obsolete/Provides strategy from windows:mingw:mingw64/mingw64-cross-gcc to do the bootstrap cycle and kick out -mini afterwards. - Update to new upstream release 224 * systemd-networkd gained a number of new configuration options for DHCP, tunnels and bridges * systemd-efi-boot-generator functionality was merged into systemd-gpt-auto-generator. - /usr/share/systemd/kbd-model-map: added entries for xkeyboard-config converted keymaps; mappings, which already exist in original systemd mapping table are being ignored though, i.e. not overwritten; needs kbd in buildrequires (FATE#318426) - hostname-NULL.patch: Work around a crash on XEN hosts in OBS. /etc/hostname is not present and systemd then does strchr(hostname,soemthing) with hostname NULL. - Add Correct_assert_on_unexpected_error_code.patch to work around a problem of an assert on ENODEV for closing fd on an input event device (boo#939571) - Remove udev-generate-rules.sh, apparently not used by anything in the systemd nor udev-persistent-ifnames package. - Systemd v222, bugfix release. - Drop upstream patches 0006-pam_systemd-Properly-check-kdbus-availability.patch 0023-core-fix-reversed-dependency-check-in-unit_check_unn.patch 0031-install-fix-bad-memory-access.patch 1032-ata_id-unbotch-format-specifier.patch - Drop SUSE patch 1013-no-runtime-PM-for-IBM-consoles.patch udev does no longer enable USB HID power management at all. - The udev accelerometer helper was removed, obsoleted by iio-sensor-proxy package. - networkd gained a new configuration option IPv6PrivacyExtensions. - udev does not longer support the WAIT_FOR_SYSFS= key in udev rules. There are no known issues with current sysfs, and udev does not need or should be used to work around such bugs. - Avoid restarting logind [bnc#934901] - Do not suppress errors in any case, even if they are ignored - Fix devel package requires (both mini and real required real libsystemd0) - Rework patch tty-ask-password-agent-on-console.patch to fit the requisition of https://bugs.freedesktop.org/show_bug.cgi?id=82004 - Rework "-mini" package logic to not conflict with itself and then add libsystemd0 to mini. - remove SysVStartPriority= from after-local.service, unsupported since v218. Note that this option was only parsed and that's it. the logic to give "start priority" was never implemented. - change the default fallback ntp servers to the opensuse pool.ntp.org vendor zone. - We still need to run systemd-sysctl.service after local-fs.target otherwise it works only when /boot is in the root filesystem but not when it is a separate partition. - Obsolete pm-utils and suspend (boo#925873). - Remove pm-utils support (remove Forward-suspend-hibernate-calls-to-pm-utils.patch). - remove patch sysctl-handle-boot-sysctl.conf-kernel_release.patch from the filelist. - libpcre, glib2 and libusb are not used by systemd, remove from buildrequires. - 1032-ata_id-unbotch-format-specifier.patch: fix udev ata_id output. - 0023-core-fix-reversed-dependency-check-in-unit_check_unn.patch fix StopWhenUnneeded=true in combination with a Requisite= dependency. - 0031-install-fix-bad-memory-access.patch: Fix Bad memory access - 0006-pam_systemd-Properly-check-kdbus-availability.patch: if kdbus is enabled (i.e boot with kdbus=1) DBUS_SESSION_BUS_ADDRESS must not be exported. - spec: add a min_kernel_version macro to ensure the package conflicts with kernel versions in which systemd cannot run. - sysctl-handle-boot-sysctl.conf-kernel_release.patch dropped, replaced by a tmpfiles.d snippet "current-kernel-sysctl.conf" (feature implemented in v220 just for our usecase) - fix build when resolved is enabled - remove fsck -l test in spec file, systemd requires util-linux 2.26 or later where this feature is already available. - Fix bootstrap build by guarding filelists (man pages don't get built in bootstrap mode) - Drop commented sections from baselibs.conf, allows format_spec_file to have a successful run - Install 50-coredump.conf as coredumpctl is now installed by default and does not use journal anymore as default storage - Update to new upstream release 221 * From 220: * libgudev was moved into a package of its own * Runlevels 2, 3 and 4 are no longer distinct, they all map to multi-user.target. * The EFI System Partition mounted to /boot will be unmounted 2 minutes after boot. * systemd does not support direct live-upgrades (via `systemctl daemon-reexec`) from versions older than v44 anymore. * systemd-nspawn may now be called as part of a shell pipeline. * systemd-shutdownd has been removed. This service was previously responsible for implementing scheduled shutdowns as exposed in /usr/bin/shutdown's time parameter. This functionality has now been moved into systemd-logind and is accessible via a bus interface. * udev will no longer call blkid and create symlinks for all block devices, but merely those from a whitelist (cf. 60-persistent-storage.rules). * /usr/lib/os-release gained a new optional field VARIANT= * Details at http://lists.freedesktop.org/archives/systemd-devel/2015-May/032147.html * From 221: * New sd-bus and sd-event APIs in libsystemd * If there is both a systemd unit and a SysV init script for the same service name, and `systemctl enable` or other operation is run, both will now be enabled (or execute the related operation on both), not just the unit. - Split libsystemd0 to support systemd-less nspawn containers - Redo manpage file lists without %exclude, tends to hide unpackaged files. - hwdb belongs to udev - Resolve memory leak and add missing _cleanup_free_ to 0001-On_s390_con3270_disable_ANSI_colour_esc.patch - Remove systemd-powerd-initctl-support.patch (no longer builds because shutdownd is gone) - Remove quilt-patches/0001-core-rework-device-state-logic.patch, 0001-Let-some-boolean-survive-a-daemon-reload.patch (merged upstream), 0001-Let-some-boolean-survive-a-daemon-reload.patch (obsolete) - Remove libudev0 from baselibs.conf - Drop 1055-let-9719859c07aa13539ed2cd4b31972cd30f678543-apply.patch as now upstream code - Add 0001-Let-some-boolean-survive-a-daemon-reload.patch to fix bsc#933365 and boo#934077 - Add 1098-systemd-networkd-alias-network-service.patch to alias network.service the same way NetworkManager and wicked does. This is needed by yast2 and other parts of the system. boo#933092 - Modify patch 1021-udev-re-add-persistent-net-rules.patch to use the new return values of proc_cmdline() in enable_name_policy() this should fix boo#931165 - Drop 1021-udev-re-add-persistent-net-rules.patch, 1036-rules-disable-usage-of-dev_id-in-persistent-rules.patch, 1040-re-enable-dev_id-conditionally-in-persistent-rules.patch, 1046-fix-duplicated-rules-with-layer3-interfaces.patch, 1050-only-rename-SRIOV-VF-devices-when-name-starts-with-eth.patch, 1051-check-if-NAME-has-a-value.patch, 1053-better-checks-in-write_net_rules.patch, 1088-drop-renaming-of-virtual-interfaces-in-guest.patch. 1021 originally broke parsing of net.ifnames=0 [bnc#931165], and given that neither the kernel command line needs to be touched nor the source be patched to reach the unpredictable naming setup for SLE, all these parts are moved to a separate package. - Add upstream patch 0001-core-don-t-change-removed-devices-to-state-tentative.patch to fix the fix of the last backport (bsc#921898) - Reenable networkd which was silently disabled on Feb 18 - Add 0001-core-rework-device-state-logic.patch to fix spurious automated umount after mount. - mark more subpackages as !bootstrap for systemd-mini usage. - spec : remove --with-firmware-path, firmware loader was removed in v217 - spec: remove --disable-multi-seat-x, gone.(fixed in xorg) - spec: Do not enable systemd-readahead-collect.service and systemd-readahead-replay.service as these do not exist anymore. - spec: drop timedate-add-support-for-openSUSE-version-of-etc-sysconfig.patch Yast was fixed to write all timezone changes exactly how timedated expects things to be done. - spec: remove handle-etc-HOSTNAME.patch, since late 2014 the netcfg package handles the migration from /etc/HOSTNAME to /etc/hostname and owns both files. -spec: remove boot.udev and systemd-journald.init as they currently serve no purpose. - suse-sysv-bootd-support.diff: Remove HAVE_SYSVINIT conditions, we are in sysvcompat-only codepath, also remove the code targetting other distributions, never compiled as the TARGET_$DISTRO macros are never defined. - systemd-powerd-initctl-support.patch guard with HAVE_SYSV_COMPAT - set-and-use-default-logconsole.patch: fix HAVE_SYSV_COMPAT guards - insserv-generator.patch: Only build when sysvcompat is enabled - vhangup-on-all-consoles.patch add a comment indicating this is a workaround for a kernel bug. - spec: Add option to allow disabling sysvinit compat at build time. - spec: Add option to enable resolved at build time. - spec: Remove all %ifs for !factory products, current systemd releases can neither be built nor installed in older products without upgrading several components of the base system. (removed: 1008-add-msft-compability-rules.patch was only for =< 13.1) - spec: remove all dummy "aliases" to /etc/init.d, that made sense only when those init scripts still existed. (dummy localfs.service source: gone) - systemd-sleep-grub: moved to the grub2 package where it belongs as a suspend/resume hook (SR#286533) (drops prepare-suspend-to-disk.patch) - remove LFS_CFLAGS from CFLAGS, never needed in systemd as it force feds config.h everywhere in the preprocessor cmdline. - Update to new upstream release 219 * systemd units can now be "unsupported" (like, for example, .device in a containers), similar to the "skipped" state in SUSE's prior sysvinit scripts. * tmpfiles gained the 'v' type for creating btrfs subvolumes. * tmpfiles gained the 'a' type for setting ACLs. * systemd-nspawn gained new switches: --ephemeral, --template * The /var/lib/containers location is deprecated and replaced by /var/lib/machines. * machinectl gained the copy-from and copy-to commands. * machinectl now knows a "bind" command (for use with nspawn) * new "systemd-importd" daemon to download container images and run them as nspawn containers. * networkd collects LLDP network announcements, if available, and so shown in networkctl. * The fallback terminal type was changed from "vt102" to "vt220", allowing PgUp/PgDn keys to work. * Pressing Ctrl-Alt-Del 7x in 2 seconds forces a umount+reboot now, useful should the regular shutdown hang. * Removing storage will cause systemd to unmount the associated mountpoints so that they don't linger around. - Add suse-sysv-bootd-support.diff (reinstate old Revert-service-drop-support-for-SysV-scripts-for-the-early.patch) - Update to systemd v218-1050-g38ab096 - Remove patches use-usr-sbin-sulogin-for-emergency-service.patch (upstream fixed it) - Reinstate and improve (remove huge indents from) tty-ask-password-agent-on-console.patch, 0014-journald-with-journaling-FS.patch, rootsymlink_generator. - disable systemd-resolved for now as it interacts not well with our methods and security has concerns regarding spoofing. bsc#917781 - Add patch kbd-model-map.patch to add missed keyboard layouts which are offered by YaST2 (bsc#910643 and boo#897803) - Update to new upstream release 218 * New utilities: systemd-timesyncd (SNTP client), systemd-resolved, systemd-networkd, networkctl, systemd-sysusers * machinectl gained a "poweroff" command for clean container shutdown * The udev hwdb now contains DPI information for mice. * Userspace firmware loading support has been removed and the minimum supported kernel version is thus bumped to 3.7. - Remove patches: G=gone locally, is upstream; D=dropped: no longer needed; N=no longer applies to source nor is it deemed needed; K=killed: no longer applicable and too complex to resolve: - --- G 0002-rfkill-rework-how-we-generate-file-names-from-rfkill.patch G avoid-assertion-if-invalid-address-familily-is-passed-to-g.patch K service-flags-sysv-service-with-detected-pid-as-RemainAfte.patch K remain_after_exit-initscript-heuristic-and-add-new-LSB-hea.patch K handle-SYSTEMCTL_OPTIONS-environment-variable.patch K 0018-Make-LSB-Skripts-know-about-Required-and-Should.patch K log-target-null-instead-kmsg.patch K tty-ask-password-agent-on-console.patch K 513-nspawn-veth.patch K 1087-infinit-timeout-for-kmod-loaded-modules.patch D module-load-handle-SUSE-etc-sysconfig-kernel-module-list.patch D avoid-leaking-socket-descriptors.patch D 0001-make-fortify-happy-with-ppoll.patch N fix-owner-of-var-log-btmp.patch N disable-nss-myhostname-warning-bnc-783841.patch N Revert-service-drop-support-for-SysV-scripts-for-the-early.patch N 0001-make-209-working-on-older-dist.patch N 0001-Don-t-snprintf-a-potentially-NULL-pointer.patch N tmpfiles-do-not-clean-for-mandb-index-files.patch G 0001-sd-bus-don-t-look-for-a-64bit-value-when-we-only-hav.patch G avoid-assertion-if-invalid-address-familily-is-passed-to-g.patc G optionally-warn-if-nss-myhostname-is-called.patch G 0001-units-systemd-sysctl.service.in-run-after-load-modul.patch G 0004-getty-generator-properly-escape-instance-names.patch G rules-add-lid-switch-of-ARM-based-Chromebook-as-a-power-sw.patch G 0008-Reset-signal-mask-on-re-exec-to-init.patch G 0001-login-fix-pos-array-allocation.patch G 0002-login-set-pos-slot-to-fallback-on-pos-eviction.patch G 0003-login-Allow-calling-org.freedesktop.login1.Seat.Swit.patch G 0004-fix-typo-in-iDRAC-network-interface-name-irdac-idrac.patch G 0005-Replace-var-run-with-run-in-remaining-places.patch G 0006-Revert-back-to-var-run-at-a-couple-of-problems.patch G 0007-README-document-that-var-run-must-be-a-symlink-run.patch G 0008-Use-var-run-dbus-system_bus_socket-for-the-D-Bus-soc.patch G 0009-mount-don-t-send-out-PropertiesChanged-message-if-ac.patch G 0010-mount-don-t-fire-PropertiesChanged-signals-for-mount.patch G 0011-logs-show-fix-corrupt-output-with-empty-messages.patch G 0012-journalctl-refuse-extra-arguments-with-verify-and-si.patch G 0014-nspawn-fix-detection-of-missing-proc-self-loginuid.patch G 0001-Fix-systemd-stdio-bridge-symlink.patch G 0002-execute-free-directory-path-if-we-fail-to-remove-it-.patch G 0003-Do-not-print-invalid-UTF-8-in-error-messages.patch G 0004-man-document-missing-options-of-systemd-run.patch G 0005-systemd-run-add-some-extra-safety-checks.patch G 0006-journal-assume-that-next-entry-is-after-previous-ent.patch G 0007-journal-forget-file-after-encountering-an-error.patch G 0008-core-correctly-unregister-PIDs-from-PID-hashtables.patch G 0009-logind-fix-reference-to-systemd-user-sessions.servic.patch G 0010-man-update-link-to-LSB.patch G 0011-man-systemd-bootchart-fix-spacing-in-command.patch G 0012-man-add-missing-comma.patch G 0013-units-Do-not-unescape-instance-name-in-systemd-backl.patch G 0001-core-busname-add-lookup-string-for-BUSNAME_FAILURE_S.patch G 0002-manager-flush-memory-stream-before-using-the-buffer.patch G 0003-busname-don-t-drop-service-from-the-result-string.patch G 0004-fix-off-by-one-error-in-array-index-assertion.patch G 0005-logind-fix-policykit-checks.patch G 0006-rules-mark-loop-device-as-SYSTEMD_READY-0-if-no-file.patch G 0008-man-multiple-sleep-modes-are-to-be-separated-by-whit.patch G 0001-gpt-auto-generator-don-t-return-OOM-on-parentless-de.patch G 0002-bus-fix-memory-leak-when-kdbus-is-not-enabled.patch G 0006-Do-not-return-1-EINVAL-on-allocation-error.patch G 0007-networkd-fix-typo.patch G 0008-sd-bus-don-t-access-invalid-memory-if-a-signal-match.patch G 0009-sd-bus-don-t-choke-if-somebody-sends-us-a-message-wi.patch G 0012-journald-remove-stray-reset-of-error-return-value.patch G 0013-core-libsystemd-systemd-timedate-udev-spelling-fixes.patch G 0001-cgroup-it-s-not-OK-to-invoke-alloca-in-loops.patch G 0002-machined-fix-Kill-bus-call-on-machine-objects-when-w.patch G 0003-sd-bus-don-t-use-assert_return-to-check-for-disconne.patch G 0004-core-don-t-try-to-relabel-mounts-before-we-loaded-th.patch G 0005-sd-daemon-fix-incorrect-variable-access.patch G 0006-sd-event-initialization-perturbation-value-right-bef.patch G 0007-sd-event-don-t-accidentally-turn-of-watchdog-timer-e.patch G 0008-systemctl-kill-mode-is-long-long-gone-don-t-mention-.patch G 0009-ask-password-when-the-user-types-a-overly-long-passw.patch G 0001-journal-fix-export-of-messages-containing-newlines.patch G 0002-systemctl-update-NAME-to-PATTERN-in-help.patch G 0003-tty-ask-password-agent-return-negative-errno.patch G 0004-systemd-python-use-.hex-instead-of-.get_hex.patch G 0005-systemd-python-fix-failing-assert.patch G 0007-dbus-suppress-duplicate-and-misleading-messages.patch G 0001-reduce-the-amount-of-messages-logged-to-dev-kmsg-whe.patch G 0001-bash-completion-fix-__get_startable_units.patch G 0002-sysctl-replaces-some-slashes-with-dots.patch G 0003-delta-do-not-use-unicode-chars-in-C-locale.patch G 0004-implement-a-union-to-pad-out-file_handle.patch G shut-up-annoying-assertion-monotonic-clock-message.patch G 0001-sd-rtnl-message-append-fix-uninitialized-memory.patch G 0001-tmpfiles-fix-permissions-on-new-journal-files.patch G 0001-errno-make-sure-to-handle-the-3-errnos-that-are-alia.patch G 0003-analyze-fix-plot-with-bad-y-size.patch G 0004-job-add-waiting-jobs-to-run-queue-in-unit_coldplug.patch G 0005-job-always-add-waiting-jobs-to-run-queue-during-cold.patch G 0001-backlight-Avoid-restoring-brightness-to-an-unreadabl.patch G 0002-backlight-do-nothing-if-max_brightness-is-0.patch G 0003-backlight-unify-error-messages.patch G 0004-backlight-warn-if-kernel-exposes-backlight-device-wi.patch G 0005-backlight-handle-saved-brightness-exceeding-max-brig.patch G 0001-replace-more-dup-by-F_DUPFD_CLOEXEC.patch G 0002-pam_systemd-use-F_DUPFD_CLOEXEC-when-dupping-session.patch G 0001-core-close-socket-fds-asynchronously.patch G 0002-logind-bring-polkit-policy-for-hibernate-in-line-wit.patch G 0003-core-make-sure-to-serialize-jobs-for-all-units.patch G 0001-logind-ignore-lid-switch-if-more-than-1-display-is-c.patch G 0002-logind-fix-printf-format.patch G 0003-logind-ignore-lid-switch-events-for-30s-after-each-s.patch G 0004-logind-Do-not-fail-display-count-if-a-device-has-no-.patch G 0005-logind-move-lid-switch-handling-from-logind-main-to-.patch G 0006-man-clarify-that-the-ExecReload-command-should-be-sy.patch G 0007-man-readahead-fix-cmdline-switch-inconsistency-betwe.patch G 0008-man-update-journald-rate-limit-defaults.patch G 0009-nspawn-properly-format-container_uuid-in-UUID-format.patch G 0010-logind-allow-suspending-if-there-are-no-displays.patch G 0001-hwdb-Update-database-of-Bluetooth-company-identifier.patch G 0002-hwdb-Update-database-of-Bluetooth-company-identifier.patch G 0003-hwdb-Update-database-of-Bluetooth-company-identifier.patch G 0004-hwdb-Update-database-of-Bluetooth-company-identifier.patch G 0005-hwdb-Update-database-of-Bluetooth-company-identifier.patch G 0001-conf-parser-silently-ignore-sections-starting-with-X.patch G 0002-man-note-that-entire-sections-can-now-be-ignored.patch G 0004-machined-make-sure-GetMachineAddresses-is-available-.patch G 0005-core-Filter-by-state-behind-the-D-Bus-API-not-in-the.patch G 0006-login-add-mir-to-the-list-of-session-types.patch G 0007-logind-fix-Display-property-of-user-objects.patch G 0001-hwdb-update.patch G 0002-hwdb-update.patch G 0003-hwdb-PCI-include-primary-model-string-in-subsystem-m.patch G 0004-hwdb-update.patch G 0005-hwdb-update.patch G 0001-journal-cleanup-up-error-handling-in-update_catalog.patch G 0002-journal-properly-detect-language-specified-in-line.patch G 0003-man-mention-XDG_CONFIG_HOME-in-systemd.unit.patch G 0001-keymap-Add-Lenovo-Enhanced-USB-Keyboard.patch G 0002-keymap-Asus-EeePC-touchpad-toggle-key.patch G 0001-nspawn-allow-to-bind-mount-journal-on-top-of-a-non-e.patch G 0002-nspawn-restore-journal-directory-is-empty-check.patch G 0003-core-never-consider-failure-when-reading-drop-ins-fa.patch G 0004-socket-properly-handle-if-our-service-vanished-durin.patch G 0001-Do-not-unescape-unit-names-in-Install-section.patch G 0002-analyze-run-use-bus_open_transport_systemd-instead-o.patch G 0001-virt-rework-container-detection-logic.patch G 0002-fsck-include-device-name-in-the-message-about-missin.patch G 0003-units-use-KillMode-mixed-for-systemd-nspawn-.service.patch G 0004-util-ignore_file-should-not-allow-files-ending-with.patch G 0006-tty-ask-password-agent-Do-tell-what-directory-we-fai.patch G 0007-keyboard-add-Plantronics-.Audio-mute-button.patch G 0001-build-sys-use-glibc-s-xattr-support-instead-of-requi.patch G 0001-hwdb-fix-case-sensitive-match.patch G 0001-sd-event-restore-correct-timeout-behaviour.patch G 0002-bus-make-use-of-sd_bus_try_close-in-exit-on-idle-ser.patch G 0001-umount-modernizations.patch G 0002-namespace-when-setting-up-an-inaccessible-mount-poin.patch G 0003-core-allow-transient-mount-units.patch G 0004-systemd-detect-virt-only-discover-Xen-domU.patch G 0005-backlight-Do-not-clamp-brightness-for-LEDs.patch G 0006-log-honour-the-kernel-s-quiet-cmdline-argument.patch G 0001-core-fix-invalid-free-in-killall.patch G 0003-install-fix-invalid-free-in-unit_file_mask.patch G 0001-systemd-detect-virt-detect-s390-virtualization.patch G 0001-core-sysvcompat-network-should-be-equivalent-to-netw.patch G 0002-units-add-missing-caps-so-that-GetAddresses-can-work.patch G 0003-units-order-systemd-tmpfiles-clean.service-after-tim.patch G 0005-po-add-Greek-translation.patch G 0006-hwdb-Update-database-of-Bluetooth-company-identifier.patch G 0007-po-add-German-translation.patch G 0009-core-clean-up-signal-reset-logic-when-reexec.patch G 0010-util-treat-fuse.sshfs-as-a-network-filesystem.patch G 0011-build-sys-add-pthread-flag-for-libsystemd-shared.patch G 0012-core-transaction-avoid-misleading-error-message-when.patch G 0001-vconsole-also-copy-character-maps-not-just-fonts-fro.patch G 0002-core-make-sure-Environment-fields-passed-in-for-tran.patch G 0003-core-You-can-not-put-the-cached-result-of-use_smack-.patch G 0004-cryptsetup-don-t-add-unit-dependency-on-dev-null-dev.patch G 0005-man-fix-path-in-crypttab-5.patch G 0001-units-order-network-online.target-after-network.targ.patch G 0001-core-use-correct-format-string-for-UIDs.patch G 0002-core-transaction-fix-cycle-break-attempts-outside-tr.patch G 0003-fsck-consider-a-fsck-implementation-linked-to-bin-tr.patch G 0001-main-uid_to_name-might-fail-due-to-OOM-protect-again.patch G 0002-journald-make-MaxFileSec-really-default-to-1month.patch G 0003-units-remove-RefuseManualStart-from-units-which-are-.patch G 0004-util-refuse-considering-UID-0xFFFF-and-0xFFFFFFFF-va.patch G 0005-nspawn-block-open_by_handle_at-and-others-via-seccom.patch G 0006-tmpfiles-don-t-do-automatic-cleanup-in-XDG_RUNTIME_D.patch G 0007-units-skip-mounting-tmp-if-it-is-a-symlink.patch G 0001-parse_uid-return-ENXIO-for-1-uids.patch G 0002-util-when-unescaping-strings-don-t-allow-smuggling-i.patch G 0003-localed-consider-an-unset-model-as-a-wildcard.patch G 0004-sd-bus-when-an-event-loop-terminates-explicitly-clos.patch G 0005-bus-close-a-bus-that-failed-to-connect.patch G 0006-hwdb-update.patch G 0007-hwdb-Update-database-of-Bluetooth-company-identifier.patch G 0001-architecture-Add-tilegx.patch G 0002-architecture-Add-cris.patch G 0003-arch-add-crisv32-to-uname-check.patch G 0004-architecture-remove-cris-from-uname-list.patch G 0003-namespace-make-sure-tmp-var-tmp-and-dev-are-writable.patch G 0002-namespace-fix-uninitialized-memory-access.patch G 0001-machine-don-t-return-uninitialized-variable.patch G 0002-vconsole-setup-run-setfont-before-loadkeys.patch G 0001-util-consider-0x7F-a-control-chracter-which-it-is-DE.patch G 0002-util-don-t-consider-tabs-special-in-string_has_cc-an.patch G 0003-architecture-add-string-table-entries-for-mips-le-ar.patch G 0004-core-Added-support-for-ERRNO-NOTIFY_SOCKET-message-p.patch G 0005-service-don-t-accept-negative-ERRNO-notification-mes.patch G 0006-systemctl-show-StatusErrno-value-in-systemctl-status.patch G 0007-service-flush-status-text-and-errno-values-each-time.patch G 0001-journal-compress-return-early-in-uncompress_startswi.patch G 0002-journal-compress-improve-xz-compression-performance.patch G 0001-logind-allow-switching-to-unused-VTs-via-SwitchTo.patch G 0002-hostnamed-add-a-new-chassis-type-for-watches.patch G 0001-units-make-ExecStopPost-action-part-of-ExecStart.patch G 0001-event-pull-in-sd-event.h-from-event-util.h.patch G 0002-util-fix-has-cc-check-and-add-test.patch G 0003-sd-event-always-call-epoll_ctl-on-mask-updates-if-ed.patch G 0004-fileio-quote-more-shell-characters-in-envfiles.patch G 0001-Clear-up-confusion-wrt.-ENTRY_SIZE_MAX-and-DATA_SIZE.patch G 0002-units-serial-getty-.service-use-the-default-RestartS.patch G 0001-po-add-Ukrainian-translation.patch G 0002-man-document-yearly-and-annually-in-systemd.time-7.patch G 0003-core-nicer-message-when-inotify-watches-are-exhauste.patch G 0001-detect-virt-Fix-Xen-domU-discovery.patch G 0002-Be-more-verbose-when-bind-or-listen-fails.patch G 0003-Add-quotes-to-warning-message.patch G 0004-systemd-return-the-first-error-from-manager_startup.patch G 0001-bash-completion-p-option-for-journalctl.patch G 0002-journalctl-man-allow-only-between-terms.patch G 0003-systemd-use-pager-for-test-and-help.patch G 0001-bus-proxyd-fix-incorrect-comparison.patch G 0002-shell-completion-prevent-mangling-unit-names.patch G 0003-Always-check-asprintf-return-code.patch G 0004-bash-completion-use-list-unit-files-to-get-all-units.patch G 0005-core-only-set-the-kernel-s-timezone-when-the-RTC-run.patch G 0006-parse_boolean-require-exact-matches.patch G 0007-drop_duplicates-copy-full-BindMount-struct.patch G 0008-shell-completion-prevent-mangling-unit-names-bash.patch G 0009-journald-always-add-syslog-facility-for-messages-com.patch G 0001-sysv-order-initscripts-which-provide-network-before-.patch G 0002-keymap-Add-microphone-mute-keymap-for-Dell-Latitude.patch G 0003-keymap-Annotate-all-micmute-workarounds.patch G 0007-hwdb-update.patch G 0001-nspawn-fix-truncation-of-machine-names-in-interface-.patch G 0002-switch-root-umount-the-old-root-correctly.patch G 0003-bootchart-it-s-not-OK-to-return-1-from-a-main-progra.patch G 0004-login-set_controller-should-fail-if-prepare_vt-fails.patch G 0005-sd-resolve-fix-allocation-if-query-ids-never-reuse-t.patch G 0006-login-share-VT-signal-handler-between-sessions.patch G 0007-journald-also-increase-the-SendBuffer-of-dev-log-to-.patch G 0008-mount-setup-fix-counting-of-early-mounts-without-SMA.patch G 0009-journald-Fix-off-by-one-error-in-Missed-X-kernel-mes.patch G 0010-machine_kill-Don-t-kill-the-unit-when-killing-the-le.patch G 0011-units-fix-BindsTo-logic-when-applied-relative-to-ser.patch G 0012-util-try-to-be-a-bit-more-NFS-compatible-when-checki.patch G 0001-hwdb-keymaps-for-Samsung-900X3E-900X3F.patch G 0002-Add-hwdb-entry-for-Samsung-Series-7-Ultra.patch G 0003-keymap-Fix-HP-Pavillon-DV7.patch G 0004-hwdb-update-format-description-and-document-reloadin.patch G 0008-hwdb-update.patch G 0001-systemctl-Correct-error-message-printed-when-bus_pro.patch G 0002-units-order-systemd-fsck-.service-after-local-fs-pre.patch G 0003-keymap-Adjust-for-more-Samsung-900X4-series.patch G 0001-login-fix-memory-leak-on-DropController.patch G 0002-util-fix-minimal-race-where-we-might-miss-SIGTERMs-w.patch G 0003-sd-journal-properly-convert-object-size-on-big-endia.patch G 0004-sd-journal-verify-that-object-start-with-the-field-n.patch G 0001-nspawn-fix-network-interface.patch G 0001-completion-filter-templates-from-restartable-units.patch G 0002-systemd-fix-error-message.patch G 0003-Quote-unit-names-in-suggested-systemctl-commandlines.patch G 0004-config-parser-fix-mem-leak.patch G 0005-login-fix-mem-leak.patch G 0001-login-simplify-controller-handling.patch G 0001-initrd-parse-etc.service-ignore-return-code-of-daemo.patch G 0008-hwdb-Update-database-of-Bluetooth-company-identifier.patch G 0009-hwdb-update.patch G 0001-systemctl-allow-to-change-the-default-target-without.patch G 0001-activate-fix-fd-leak-in-do_accept.patch G 0002-analyze-avoid-a-null-dereference.patch G 0003-analyze-fix-mem-leak.patch G 0004-backlight-Avoid-error-when-state-restore-is-disabled.patch G 0005-bus-avoid-using-m-kdbus-after-freeing-it.patch G 0006-bus-unref-buscreds-on-failure.patch G 0007-core-fix-a-potential-mem-leak.patch G 0008-core-smack-setup-Actually-allow-for-succesfully-load.patch G 0009-journal-do-not-leak-mmaps-on-OOM.patch G 0010-manager-use-correct-cleanup-function.patch G 0001-core-fix-resource-leak-in-manager_environment_add.patch G 0002-util-remove-a-unnecessary-check.patch G 0003-udev-event-explicitly-don-t-read-from-invalid-fd.patch G 0004-shared-conf-parser.patch G 0005-logind-fix-typo.patch G 0006-systemctl-fix-resource-leak-CID-1237747.patch G 0007-libudev-monitor-warn-if-we-fail-to-request-SO_PASSCR.patch G 0008-shared-conf-parser-don-t-leak-memory-on-error-in-DEF.patch G 0009-bus-fix-bus_print_property-to-use-int-for-booleans.patch G 0001-journal-Do-not-count-on-the-compiler-initializing-fo.patch G 0002-include-fcntl.h-rather-than-sys-fcntl.h.patch G 0003-mount-order-options-before-other-arguments-to-mount.patch G 0004-shared-wtmp-utmp-don-t-clear-store_wtmp-in-utmp_put_.patch G 0005-shared-label.h-add-missing-stdio.h-include.patch G 0006-shared-sparse-endian.h-add-missing-byteswap.h-includ.patch G 0001-login-pause-devices-before-acknowledging-VT-switches.patch G 0001-nspawn-don-t-try-to-create-veth-link-with-too-long-i.patch G 0001-socket-introduce-SELinuxContextFromNet-option.patch G 0002-util-avoid-non-portable-__WORDSIZE.patch G 0001-Fix-warning-about-unused-variable-with-SELINUX.patch G 0002-bus-remove-unused-check.patch G 0001-systemd-tmpfiles-Fix-IGNORE_DIRECTORY_PATH-age-handl.patch G 0001-logind-add-support-for-Triton2-Power-Button.patch G 0002-logind-add-support-for-TPS65217-Power-Button.patch G 0001-shutdownd-clean-up-initialization-of-struct.patch G 0003-bootchart-parse-userinput-with-safe_atoi.patch G 0004-bootchart-check-return-of-strftime.patch G 0005-bootchart-Do-not-try-to-access-data-for-non-existing.patch G 0001-journalctl-do-not-output-reboot-markers-when-running.patch G 0002-udev-hwdb-New-Entry-for-Dell-XPS12-9Q33-keyboard.patch G 0001-core-swap-only-make-configured-units-part-of-swap.ta.patch G 0009-hwdb-Update-database-of-Bluetooth-company-identifier.patch G 0001-virt-detect-that-we-are-running-inside-the-docker-co.patch G 0002-bootchart-use-n-a-if-PRETTY_NAME-is-not-found.patch G 0003-fileio-label-return-error-when-writing-fails.patch G 0001-sd-event-don-t-require-a-signal-event-source-to-be-e.patch G 0004-sd-event-check-the-value-of-received-signal.patch G 0005-sd-id128-do-stricter-checking-of-random-boot-id.patch G 0001-keymap-Fix-touchpad-toggle-on-Toshiba-Satellite-P75-.patch G 0001-units-introduce-network-pre.target-as-place-to-hook-.patch G 0002-keymap-Fix-touchpad-toggle-key-on-Asus-laptops.patch G 0003-sd-bus-check-return-value-of-vasprintf.patch G 0004-core-map-the-rescue-argument-to-rescue.target.patch G 0005-util-avoid-double-close-of-fd.patch G 0001-systemctl-when-mangle-unit-names-for-the-isolate-suf.patch G 0001-tmpfiles-compare-return-against-correct-errno.patch G 0001-shell-completion-fix-completion-of-inactive-units.patch G 0002-shell-completion-propose-templates-for-disable-re-en.patch G 0003-man-we-don-t-have-Wanted-dependency.patch G 0004-selinux-fix-potential-double-free-crash-in-child-pro.patch G 0001-systemd-continue-switch-root-even-if-umount-fails.patch G 0002-systemd-try-harder-to-bind-to-notify-socket.patch G 0001-strv-add-an-additional-overflow-check-when-enlarging.patch G 0002-hwdb-Add-mapping-for-special-keys-on-compaq-ku-0133-.patch G 0003-journald-add-CAP_MAC_OVERRIDE-in-journald-for-SMACK-.patch G 0004-journal-do-server_vacuum-for-sigusr1.patch G 0005-cryptsetup-fix-an-OOM-check.patch G 0002-shutdown-pass-own-argv-to-run-initramfs-shutdown.patch G 0001-manager-Linux-on-hppa-has-fewer-rtsigs-hence-avoid-u.patch G 0002-time-also-support-infinity-syntax-in-parse_nsec.patch G 0003-time-earlier-exit-from-format_timestamp_relative-on-.patch G 0004-sd-bus-if-we-don-t-manage-to-properly-allocate-the-e.patch G 0005-journalctl-correct-help-text-for-until.patch G 0006-calendarspec-fix-typo-in-annually.patch G 0007-systemctl-do-not-ignore-errors-in-symlink-removal.patch G 0008-util-introduce-sethostname_idempotent.patch G 0009-util-fix-copy-paste-error-and-actually-set-the-new-h.patch G 0010-shutdown-do-final-unmounting-only-if-not-running-ins.patch G 0011-selinux-make-sure-we-do-not-try-to-print-missing-fie.patch G 0012-manager-do-not-print-anything-while-passwords-are-be.patch G 0001-sd-bus-properly-handle-removals-of-non-existing-matc.patch G 0002-keymap-Ignore-brightness-keys-on-Dell-Inspiron-1520-.patch G 0001-core-don-t-allow-enabling-if-unit-is-masked.patch G 0002-snapshot-return-error-when-snapshot-exists.patch G 0003-shared-install-avoid-prematurely-rejecting-missing-u.patch G 0004-Raise-level-of-Found-dependency.-lines.patch G 0005-units-order-sd-journal-flush-after-sd-remount-fs.patch G 0006-journald-fix-minor-memory-leak.patch G 0007-journald-also-check-journal-file-size-to-deduce-if-i.patch G 0008-journald-fix-memory-leak-on-error-path.patch G 0009-units-make-systemd-journald.service-Type-notify.patch G 0010-hwdb-Update-database-of-Bluetooth-company-identifier.patch G 0001-login-rerun-vconsole-setup-when-switching-from-vgaco.patch G 0002-shutdown-fix-arguments-to-run-initramfs-shutdown.patch G 0003-utf8-when-looking-at-the-next-unichar-honour-the-siz.patch G 0001-keymap-Add-support-for-IBM-ThinkPad-X41-Tablet.patch G 0002-keymap-Fix-special-keys-on-ThinkPad-X60-X61-Tablet.patch G 0001-systemctl-let-list-units-unit-files-honour-type.patch G 0002-systemctl-obey-state-in-list-unit-files.patch G 0002-core-watchdog-bus-properties-cannot-be-both-writable.patch G 0003-sd-bus-refuse-properties-that-claim-to-be-both-writa.patch G 0001-units-make-sure-rfkill-service-is-bount-to-the-actua.patch G 0001-selinux-access-fix-broken-ternary-operator.patch G 0002-systemctl-show-BindsTo-BoundBy-in-list-dependencies.patch G 0003-cryptsetup-default-to-no-hash-when-keyfile-is-specif.patch G 0004-core-fix-transaction-destructiveness-check-once-more.patch G 0001-units-tmpfiles-setup-dev-allow-unsafe-file-creation-.patch G 0002-man-tmpfiles.d-recommend-using-b-and-c.patch G 1009-cdrom_id-use-the-old-MMC-fallback.patch G 1010-udev-increase-result-size-for-programs.patch G 1014-udev-update-net_id-comments.patch G 1015-udev-persistent-naming-we-cannot-use-virtio-numbers-.patch G 1016-udev-warn-when-name_to_handle_at-is-not-implemented.patch G 1017-udev-serialize-synchronize-block-device-event-handli.patch G 1018-udev-do-not-skip-the-execution-of-RUN-when-renaming-.patch G 1019-udev-avoid-use-of-uninitialized-err.patch G 1020-udev-keyboard-also-hook-into-change-events.patch G 1022-udev-remove-seqnum-API-and-all-assumptions-about-seq.patch G 1023-udev-builtin-keyboard-do-tell-on-which-device-EVIOCS.patch G 1024-udev-always-close-lock-file-descriptor.patch G 1025-udev-exclude-device-mapper-from-block-device-ownersh.patch G 1026-udevd-inotify-modernizations.patch G 1027-udev-synthesize-change-events-for-partitions-when-to.patch G 1028-udev-link-config-fix-mem-leak.patch G 1029-udev-try-first-re-reading-the-partition-table.patch G 1030-udev-guard-REREADP-logic-with-open-O_ECXL.patch G 1031-udev-make-sure-we-always-get-change-for-the-disk.patch G 1032-udev-guard-REREADPT-by-exclusive-lock-instead-of-O_E.patch G 1033-udev-really-exclude-device-mapper-from-block-device.patch G 1034-udev-check-the-return-value-from-udev_enumerate_scan.patch G 1038-udev-fix-invalid-free-in-enable_name_policy.patch G 1039-udevadm-settle-fixed-return-code-for-empty-queue.patch G 1041-libudev-fix-udev_queue_get_queue_is_empty-logic.patch G 1042-libudev-queue-provide-file-descriptor-to-watch-busy-.patch G 1043-libudev-queue-watch-entire-directory-to-allow-the-re.patch G 1044-rules-update-qemu-hid-rules.patch G 1045-rules-don-t-enable-usb-pm-for-Avocent-devices.patch G 1047-udev-net_setup_link-builtin-should-print-the-reason-.patch G 1048-udev-net_setup_link-add-a-bit-more-logging.patch G 1049-udev-link_config-ignore-errors-due-to-missing-MAC-ad.patch G 1052-rules-uaccess-add-ID_SOFTWARE_RADIO.patch G 1054-udev-exclude-MD-from-block-device-ownership-event-lo.patch G 1056-udevd-add-event-timeout-commandline-option.patch G 1057-udev-unify-event-timeout-handling.patch G 1058-udev-unify-event-timeout-handling.patch G 1059-udev-fixup-commit-dd5eddd28a74a49607a8fffcaf960040db.patch G 1061-rules-allow-systemd-to-manage-loop-device-partitions.patch G 1063-udev-path_id-suppress-ID_PATH-for-devices-with-an-un.patch G 1064-udev-hwdb-do-not-look-at-usb_device-parents.patch G 1065-udev-bump-event-timeout-to-60-seconds.patch G 1067-udev-always-resolve-correctly-database-names-on-chan.patch G 1068-udev-net_setup_link-export-the-.link-filename-applie.patch G 1069-rules-net-setup-link-preserve-ID_NET_LINK_FILE-and-I.patch G 1070-rules-net-setup-link-remove-stray-linebreak.patch G 1071-udev-import-the-full-db-on-MOVE-events-for-devices-w.patch G 1072-udev-netif_rename-don-t-log-to-kmsg.patch G 1073-udev-drop-print_kmsg.patch G 1074-udev-fix-copy-paste-error-in-log-message.patch G 1075-udev-timeout-increase-timeout.patch G 1076-udev-timeout-warn-after-a-third-of-the-timeout-befor.patch G 1077-udev-timeout-warn-after-a-third-of-the-timeout-befor.patch G 1078-udev-remove-userspace-firmware-loading-support.patch G 1079-udev-remove-userspace-firmware-loading-support.patch G 1080-udevd-parse_argv-warn-if-argumens-are-invalid.patch G 1081-udevd-check-return-of-various-functions.patch G 1082-udevadm-hwdb-check-return-value-of-fseeko.patch G 1083-udev-node-warn-if-chmod-chown-fails.patch G 1084-udev-ctrl-log-if-setting-SO_PASSCRED-fails.patch G 1085-udev-fix-typos.patch G 1086-udevd-don-t-fail-if-run-udev-exists.patch G 1089-fix-cgroup-device-controller.patch G 1090-udev-path_id-set-supported_parent-for-well-known-SCS.patch G 1091-udev-path_id-update-comments.patch G 1092-libudev-do-not-accept-invalid-log-levels.patch G 1093-udev-Fix-parsing-of-udev.event-timeout-kernel-parame.patch G 1094-udev-avoid-magic-constants-in-kernel-cmdline-parsers.patch G 1098-udev-link_setup-respect-kernel-name-assign-policy.patch - update set-and-use-default-logconsole.patch - fix comparison of console log facility that caused journald to skip output to console (boo#912030) - Use Robert's latest patch 1098-udev-link_setup-respect-kernel-name-assign-policy.patch which drops NAMEPOLICY_KERNEL as this breaks all on current systems out there - remove 0022-systemd-tmpfiles-ownerkeep.patch since this is now implemented into the systemd-tmpfiles binary - add user based ignore statements in tmpfiles removal directives (bnc#903009) add systemd-add-user-keep.patch - use --boot option in systemd-tmpfiles-setup-dev.service (bnc#908476) add upstream patches: 0001-units-tmpfiles-setup-dev-allow-unsafe-file-creation-.patch 0002-man-tmpfiles.d-recommend-using-b-and-c.patch (adapted) - Update patch 1098-udev-link_setup-respect-kernel-name-assign-policy.patch to Robert's version - Add upstream patches 0001-selinux-access-fix-broken-ternary-operator.patch 0002-systemctl-show-BindsTo-BoundBy-in-list-dependencies.patch 0003-cryptsetup-default-to-no-hash-when-keyfile-is-specif.patch 0004-core-fix-transaction-destructiveness-check-once-more.patch - Avoid old net devices naming scheme on openSUSE 13.2 and less maybe caused by patch 1098-udev-link_setup-respect-kernel-name-assign-policy.patch - fix systemd-nspawn network-veth support (bnc#906709) add 513-nspawn-veth.patch - Add upstream patch 1098-udev-link_setup-respect-kernel-name-assign-policy.patch which may solve bsc#907318 - Add upstream patches 0001-units-make-sure-rfkill-service-is-bount-to-the-actua.patch 0002-rfkill-rework-how-we-generate-file-names-from-rfkill.patch - Change the maximum number of children from CPU_COUNT * 256 to CPU_COUNT * 64. Update 1097-udevd-increase-maximum-number-of-children.patch - Increase number of children/workers to CPU_COUNT * 256 to avoid 'maximum number of children reached' (bnc#907393). Add 1097-udevd-increase-maximum-number-of-children.patch - Fix error return in rootsymlink_generator.c Update 1096-new-udev-root-symlink-generator.patch - Remove upstream patch 0001-systemd-logind.service-set-Type-notify.patch as systemd-logind.service is already from DBus type, compare with upstream commit eab459bc0639b81b32735f36d3e929e4bfa2cb4b - Add upstream patches 0001-systemd-logind.service-set-Type-notify.patch 0002-core-watchdog-bus-properties-cannot-be-both-writable.patch 0003-sd-bus-refuse-properties-that-claim-to-be-both-writa.patch - Re-add directory /usr/lib/systemd/system/basic.target.wants - remove pm-utils-hooks-compat.sh again, pm-utils built-in hooks partially duplicate hooks run by systemd which may potentially lead to problems, instead temporarily re-enable Forward-suspend-hibernate-calls-to-pm-utils.patch until boo#904828 can be addressed properly - fix bashisms in write_net_rules script - update patches: * 1053-better-checks-in-write_net_rules.patch - Add upstream patches 0001-systemctl-let-list-units-unit-files-honour-type.patch 0002-systemctl-obey-state-in-list-unit-files.patch which allows to use --type in the systemctl command list-units and list-unit-files. - Add upstream patches 0001-keymap-Add-support-for-IBM-ThinkPad-X41-Tablet.patch 0002-keymap-Fix-special-keys-on-ThinkPad-X60-X61-Tablet.patch - New root symlink rule generator Add 1096-new-udev-root-symlink-generator.patch - Remove write_dev_root_rule and systemd-udev-root-symlink - Change patch 0001-add-hdflush-for-reboot-or-hddown-for-poweroff.patch to skip hdflush as well as hddown but only use halt as fallback for poweroff as well as synch in systemctl before any reboot command (compare with commit 4a3ad39957399c4a30fc472a804e72907ecaa4f9) - Create rule to set I/O scheduler to deadline if device attribute 'rotational' equals 0, usually SSDs (bnc#904517). Add 1095-set-ssd-disk-to-use-deadline-scheduler.patch - fix systemd-fstab-generator crypttab parsing (bnc#903963) - Add pm-utils-hooks-compat.sh in order to run pm-utils sleep hooks from systemd (boo#904828) - Add upstream patches 0001-login-rerun-vconsole-setup-when-switching-from-vgaco.patch 0002-shutdown-fix-arguments-to-run-initramfs-shutdown.patch 0003-utf8-when-looking-at-the-next-unichar-honour-the-siz.patch - Add upstream patches 0001-core-don-t-allow-enabling-if-unit-is-masked.patch 0002-snapshot-return-error-when-snapshot-exists.patch 0003-shared-install-avoid-prematurely-rejecting-missing-u.patch 0004-Raise-level-of-Found-dependency.-lines.patch 0005-units-order-sd-journal-flush-after-sd-remount-fs.patch 0006-journald-fix-minor-memory-leak.patch 0007-journald-also-check-journal-file-size-to-deduce-if-i.patch 0008-journald-fix-memory-leak-on-error-path.patch 0009-units-make-systemd-journald.service-Type-notify.patch 0010-hwdb-Update-database-of-Bluetooth-company-identifier.patch - Add upstream patches 1092-libudev-do-not-accept-invalid-log-levels.patch 1093-udev-Fix-parsing-of-udev.event-timeout-kernel-parame.patch 1094-udev-avoid-magic-constants-in-kernel-cmdline-parsers.patch - Add patch watch_resolv.conf_for_become_changed.patch to add an inotify watch on /etc/resolv.conf which enables the reload of a changed resolver configuration on the fly (bsc#902901) - Do not apply patch 0022-systemd-tmpfiles-ownerkeep.patch in case if the script /usr/bin/systemd-tmpfiles-keep is missed - Add upstream patches 0001-sd-bus-properly-handle-removals-of-non-existing-matc.patch 0002-keymap-Ignore-brightness-keys-on-Dell-Inspiron-1520-.patch - Add upstream patches 1090-udev-path_id-set-supported_parent-for-well-known-SCS.patch 1091-udev-path_id-update-comments.patch which will be applied if patch 1090-udev-path_id-set-supported_parent-for-well-known-SCS.patch is applied a this may fix the trouble with iSCSI (bnc#898233) - Add upstream patches 0001-manager-Linux-on-hppa-has-fewer-rtsigs-hence-avoid-u.patch 0002-time-also-support-infinity-syntax-in-parse_nsec.patch 0003-time-earlier-exit-from-format_timestamp_relative-on-.patch 0004-sd-bus-if-we-don-t-manage-to-properly-allocate-the-e.patch 0005-journalctl-correct-help-text-for-until.patch 0006-calendarspec-fix-typo-in-annually.patch 0007-systemctl-do-not-ignore-errors-in-symlink-removal.patch 0008-util-introduce-sethostname_idempotent.patch 0009-util-fix-copy-paste-error-and-actually-set-the-new-h.patch 0010-shutdown-do-final-unmounting-only-if-not-running-ins.patch 0011-selinux-make-sure-we-do-not-try-to-print-missing-fie.patch - Replace patch keep-crypt-password-prompt.patch as this with upstream patch 0012-manager-do-not-print-anything-while-passwords-are-be.patch - Add upstream patch 0002-shutdown-pass-own-argv-to-run-initramfs-shutdown.patch - Add patch journald-advice-about-use-of-memory.patch to use mmap() flags as well as madvise(2) for journal files. - Add upstream patches 0001-strv-add-an-additional-overflow-check-when-enlarging.patch 0002-hwdb-Add-mapping-for-special-keys-on-compaq-ku-0133-.patch 0003-journald-add-CAP_MAC_OVERRIDE-in-journald-for-SMACK-.patch 0004-journal-do-server_vacuum-for-sigusr1.patch 0005-cryptsetup-fix-an-OOM-check.patch - Add upstream patch 1089-fix-cgroup-device-controller.patch to avoid trouble on existing /dev/console with nspawn (bsc#902240) - Modify patch avoid-leaking-socket-descriptors.patch to close file descriptors for incomming connections in pam module in case of short memory. - Add upstream patches 0001-systemd-continue-switch-root-even-if-umount-fails.patch 0002-systemd-try-harder-to-bind-to-notify-socket.patch - Add patch avoid-leaking-socket-descriptors.patch to close file descriptors if an incomming connection can not be handled due e.g. short memory. Could be related to bsc #901481 - Add upstream patches 0001-shell-completion-fix-completion-of-inactive-units.patch 0002-shell-completion-propose-templates-for-disable-re-en.patch 0003-man-we-don-t-have-Wanted-dependency.patch 0004-selinux-fix-potential-double-free-crash-in-child-pro.patch - Adapt patch rules-add-lid-switch-of-ARM-based-Chromebook-as-a-power-sw.patch to make it work even with patch #438 and #439 - Add upstream patches 0001-systemctl-when-mangle-unit-names-for-the-isolate-suf.patch 0001-tmpfiles-compare-return-against-correct-errno.patch - Add upstream patches 0001-keymap-Fix-touchpad-toggle-on-Toshiba-Satellite-P75-.patch 0001-units-introduce-network-pre.target-as-place-to-hook-.patch 0002-keymap-Fix-touchpad-toggle-key-on-Asus-laptops.patch 0003-sd-bus-check-return-value-of-vasprintf.patch 0004-core-map-the-rescue-argument-to-rescue.target.patch 0005-util-avoid-double-close-of-fd.patch - Add upstream patches 0001-virt-detect-that-we-are-running-inside-the-docker-co.patch 0002-bootchart-use-n-a-if-PRETTY_NAME-is-not-found.patch 0003-fileio-label-return-error-when-writing-fails.patch 0001-sd-event-don-t-require-a-signal-event-source-to-be-e.patch 0004-sd-event-check-the-value-of-received-signal.patch 0005-sd-id128-do-stricter-checking-of-random-boot-id.patch - Add upstream patches 0001-core-swap-only-make-configured-units-part-of-swap.ta.patch 0009-hwdb-Update-database-of-Bluetooth-company-identifier.patch - Add upstream patches 0001-journalctl-do-not-output-reboot-markers-when-running.patch 0002-udev-hwdb-New-Entry-for-Dell-XPS12-9Q33-keyboard.patch - Add upstream patches 0001-logind-add-support-for-Triton2-Power-Button.patch 0002-logind-add-support-for-TPS65217-Power-Button.patch - Add upstream patches 0001-shutdownd-clean-up-initialization-of-struct.patch 0003-bootchart-parse-userinput-with-safe_atoi.patch 0004-bootchart-check-return-of-strftime.patch 0005-bootchart-Do-not-try-to-access-data-for-non-existing.patch ==== tigervnc ==== Subpackages: libXvnc1 xorg-x11-Xvnc xorg-x11-Xvnc-module - U_Avoid-potential-crash-when-replacing-buffer-in-Plain.patch * fixes crash in free() when using "-f" option of vncpasswd command (bsc#1171519) ==== yast2-configuration-management ==== Version update (4.2.4 -> 4.2.5) - bsc#1169410: - Add an option to set the log level when running the provisioners. By default, it is set to "info". - By default, do not retry in masterless mode. - Honor the AutoYaST reporting settings. - When not running during autoinstallation, do not automatically close the dialog after finishing. - Allow using several locations to save pillars data. - Do not leak passwords from pillars to the console. - Add the /usr/share/salt-formulas to the list of directories to search for formulas. - Groups and namespaces are presented in the same way due to some UI limitations. - Fixes several problems related to widgets visibility. - Take precedence over existing top.sls files. - 4.2.5 ==== zlib ==== Subpackages: libminizip1 libz1 libz1-32bit - Update 410.patch to contain latest fixes from IBM bsc#1166260 * The build behaviour changed - Update the zlib-no-version-check.patch to be even more forgiving with the versions on the zlib to allow updates without rebuilds - Add SUSE specific patch to fix bsc#1138793, we simply don't want to test if the app was linked with exactly same version of zlib like the one that is present on the runtime: * zlib-no-version-check.patch