From 07b358f168318ccf41c7f632ef70a3dd0493ba00 Mon Sep 17 00:00:00 2001 From: Adam Williamson Date: Aug 26 2019 18:44:02 +0000 Subject: Backport PR #13406 to solve PATH ordering issue (#1744059) --- diff --git a/13406.patch b/13406.patch new file mode 100644 index 0000000..dce5cd3 --- /dev/null +++ b/13406.patch @@ -0,0 +1,201 @@ +From 054d9609e1639a725e9a29af086c1585bacc43ff Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= +Date: Thu, 6 Aug 2015 21:34:15 -0400 +Subject: [PATCH] manager: put bin before sbin for user instances + +Traditionally, user logins had a $PATH in which /bin was before /sbin, while +root logins had a $PATH with /sbin first. This allows the tricks that +consolehelper is doing to work. But even if we ignore consolehelper, having the +path in this order might have been used by admins for other purposes, and +keeping the order in user sessions will make it easier the adoption of systemd +user sessions a bit easier. + +Fixes #733. +https://bugzilla.redhat.com/show_bug.cgi?id=1744059 + +OOM handling in manager_default_environment wasn't really correct. +Now the (theorertical) malloc failure in strv_new() is handled. + +Please note that this has no effect on: +- systems with merged /bin-/sbin (e.g. arch) + +- when there are no binaries that differ between the two locations. + + E.g. on my F30 laptop there is exactly one program that is affected: + /usr/bin/setup -> consolehelper. + + There is less and less stuff that relies on consolehelper, but there's still + some. + +So for "clean" systems this makes no difference, but helps with legacy setups. + +$ dnf repoquery --releasever=31 --qf %{name} --whatrequires usermode +anaconda-live +audit-viewer +beesu +chkrootkit +driftnet +drobo-utils-gui +hddtemp +mate-system-log +mock +pure-ftpd +setuptool +subscription-manager +system-config-httpd +system-config-rootpassword +system-switch-java +system-switch-mail +usermode-gtk +vpnc-consoleuser +wifi-radar +xawtv +--- + man/systemd.exec.xml | 35 +++++++++++++++++++++-------------- + src/basic/path-util.h | 8 ++++++++ + src/core/manager.c | 23 +++++++++++++++++++---- + 3 files changed, 48 insertions(+), 18 deletions(-) + +diff --git a/man/systemd.exec.xml b/man/systemd.exec.xml +index fbbfd4f5146..5cb83afa578 100644 +--- a/man/systemd.exec.xml ++++ b/man/systemd.exec.xml +@@ -2152,16 +2152,17 @@ StandardInputData=SWNrIHNpdHplIGRhIHVuJyBlc3NlIEtsb3BzLAp1ZmYgZWVtYWwga2xvcHAncy + + LogExtraFields= + +- Configures additional log metadata fields to include in all log records generated by processes +- associated with this unit. This setting takes one or more journal field assignments in the format +- FIELD=VALUE separated by whitespace. See +- systemd.journal-fields7 for +- details on the journal field concept. Even though the underlying journal implementation permits binary field +- values, this setting accepts only valid UTF-8 values. To include space characters in a journal field value, +- enclose the assignment in double quotes ("). The usual specifiers are expanded in all assignments (see +- below). Note that this setting is not only useful for attaching additional metadata to log records of a unit, +- but given that all fields and values are indexed may also be used to implement cross-unit log record +- matching. Assign an empty string to reset the list. ++ Configures additional log metadata fields to include in all log records generated by ++ processes associated with this unit. This setting takes one or more journal field assignments in the ++ format FIELD=VALUE separated by whitespace. See ++ systemd.journal-fields7 ++ for details on the journal field concept. Even though the underlying journal implementation permits ++ binary field values, this setting accepts only valid UTF-8 values. To include space characters in a ++ journal field value, enclose the assignment in double quotes ("). ++ The usual specifiers are expanded in all assignments (see below). Note that this setting is not only ++ useful for attaching additional metadata to log records of a unit, but given that all fields and ++ values are indexed may also be used to implement cross-unit log record matching. Assign an empty ++ string to reset the list. + + + +@@ -2355,10 +2356,16 @@ StandardInputData=SWNrIHNpdHplIGRhIHVuJyBlc3NlIEtsb3BzLAp1ZmYgZWVtYWwga2xvcHAncy + + $PATH + +- Colon-separated list of directories to use +- when launching executables. systemd uses a fixed value of +- /usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin. +- ++ Colon-separated list of directories to use when launching ++ executables. systemd uses a fixed value of ++ /usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin ++ in the system manager. When compiled for systems with "unmerged /usr" (/bin is ++ not a symlink to /usr/bin), ++ :/sbin:/bin is appended. In case of the ++ the user manager, each bin/ and sbin/ pair is switched, so ++ that programs from /usr/bin have higher priority than programs from ++ /usr/sbin, etc. It is recommended to not rely on this in any way, and have only ++ one program with a given name in $PATH. + + + +diff --git a/src/basic/path-util.h b/src/basic/path-util.h +index 1f46cd65c96..71fb7041a3c 100644 +--- a/src/basic/path-util.h ++++ b/src/basic/path-util.h +@@ -11,30 +11,38 @@ + #include "time-util.h" + + #define PATH_SPLIT_SBIN_BIN(x) x "sbin:" x "bin" ++#define PATH_SPLIT_BIN_SBIN(x) x "bin:" x "sbin" + #define PATH_SPLIT_SBIN_BIN_NULSTR(x) x "sbin\0" x "bin\0" + + #define PATH_NORMAL_SBIN_BIN(x) x "bin" ++#define PATH_NORMAL_BIN_SBIN(x) x "bin" + #define PATH_NORMAL_SBIN_BIN_NULSTR(x) x "bin\0" + + #if HAVE_SPLIT_BIN + # define PATH_SBIN_BIN(x) PATH_SPLIT_SBIN_BIN(x) ++# define PATH_BIN_SBIN(x) PATH_SPLIT_BIN_SBIN(x) + # define PATH_SBIN_BIN_NULSTR(x) PATH_SPLIT_SBIN_BIN_NULSTR(x) + #else + # define PATH_SBIN_BIN(x) PATH_NORMAL_SBIN_BIN(x) ++# define PATH_BIN_SBIN(x) PATH_NORMAL_BIN_SBIN(x) + # define PATH_SBIN_BIN_NULSTR(x) PATH_NORMAL_SBIN_BIN_NULSTR(x) + #endif + + #define DEFAULT_PATH_NORMAL PATH_SBIN_BIN("/usr/local/") ":" PATH_SBIN_BIN("/usr/") ++#define DEFAULT_USER_PATH_NORMAL PATH_BIN_SBIN("/usr/local/") ":" PATH_BIN_SBIN("/usr/") + #define DEFAULT_PATH_NORMAL_NULSTR PATH_SBIN_BIN_NULSTR("/usr/local/") PATH_SBIN_BIN_NULSTR("/usr/") + #define DEFAULT_PATH_SPLIT_USR DEFAULT_PATH_NORMAL ":" PATH_SBIN_BIN("/") ++#define DEFAULT_USER_PATH_SPLIT_USR DEFAULT_PATH_NORMAL ":" PATH_BIN_SBIN("/") + #define DEFAULT_PATH_SPLIT_USR_NULSTR DEFAULT_PATH_NORMAL_NULSTR PATH_SBIN_BIN_NULSTR("/") + #define DEFAULT_PATH_COMPAT PATH_SPLIT_SBIN_BIN("/usr/local/") ":" PATH_SPLIT_SBIN_BIN("/usr/") ":" PATH_SPLIT_SBIN_BIN("/") + + #if HAVE_SPLIT_USR + # define DEFAULT_PATH DEFAULT_PATH_SPLIT_USR ++# define DEFAULT_USER_PATH DEFAULT_USER_PATH_SPLIT_USR + # define DEFAULT_PATH_NULSTR DEFAULT_PATH_SPLIT_USR_NULSTR + #else + # define DEFAULT_PATH DEFAULT_PATH_NORMAL ++# define DEFAULT_USER_PATH DEFAULT_USER_PATH_NORMAL + # define DEFAULT_PATH_NULSTR DEFAULT_PATH_NORMAL_NULSTR + #endif + +diff --git a/src/core/manager.c b/src/core/manager.c +index 8d691a19c3d..91a601e8fd8 100644 +--- a/src/core/manager.c ++++ b/src/core/manager.c +@@ -603,6 +603,8 @@ static char** sanitize_environment(char **l) { + } + + int manager_default_environment(Manager *m) { ++ int r; ++ + assert(m); + + m->transient_environment = strv_free(m->transient_environment); +@@ -616,16 +618,29 @@ int manager_default_environment(Manager *m) { + * /proc/self/environ valid; it is used for tagging + * the init process inside containers. */ + m->transient_environment = strv_new("PATH=" DEFAULT_PATH); ++ if (!m->transient_environment) ++ return log_oom(); + + /* Import locale variables LC_*= from configuration */ + (void) locale_setup(&m->transient_environment); +- } else ++ } else { ++ _cleanup_free_ char *k = NULL; ++ + /* The user manager passes its own environment +- * along to its children. */ ++ * along to its children, except for $PATH. */ + m->transient_environment = strv_copy(environ); ++ if (!m->transient_environment) ++ return log_oom(); + +- if (!m->transient_environment) +- return log_oom(); ++ k = strdup("PATH=" DEFAULT_USER_PATH); ++ if (!k) ++ return log_oom(); ++ ++ r = strv_env_replace(&m->transient_environment, k); ++ if (r < 0) ++ return log_oom(); ++ TAKE_PTR(k); ++ } + + sanitize_environment(m->transient_environment); + diff --git a/systemd.spec b/systemd.spec index 1502643..0f26a7c 100644 --- a/systemd.spec +++ b/systemd.spec @@ -15,7 +15,7 @@ Name: systemd Url: https://www.freedesktop.org/wiki/Software/systemd Version: 243~rc2 -Release: 1%{?commit:.git%{shortcommit}}%{?dist} +Release: 2%{?commit:.git%{shortcommit}}%{?dist} # For a breakdown of the licensing, see README License: LGPLv2+ and MIT and GPLv2+ Summary: System and Service Manager @@ -57,6 +57,10 @@ Patch0001: https://github.com/keszybz/systemd/commit/464a73411c13596a130a7a Patch0002: 0002-Revert-units-set-NoNewPrivileges-for-all-long-runnin.patch +# https://github.com/systemd/systemd/pull/13406 +# Fixes problems with consolehelper binaries in systemd-launched user sessions +Patch0003: 13406.patch + Patch0998: 0998-resolved-create-etc-resolv.conf-symlink-at-runtime.patch %ifarch %{ix86} x86_64 aarch64 @@ -697,6 +701,9 @@ fi %files tests -f .file-list-tests %changelog +* Mon Aug 26 2019 Adam Williamson - 243~rc2-2 +- Backport PR #13406 to solve PATH ordering issue (#1744059) + * Thu Aug 22 2019 Zbigniew Jędrzejewski-Szmek - 243~rc2-1 - Update to latest pre-release. Fixes #1740113, #1717712. - The default scheduler for disks is set to BFQ (1738828)