Bug#696116: unblock: systemd/44-6
Package: release.debian.org
Severity: normal
User: release.debian.org@packages.debian.org
Usertags: unblock
Please unblock package systemd
It contains a small set of targetted fixes.
The most important one is probably the fix for #635131 which prevents a
possible user DoS.
The full changelog is
systemd (44-6) unstable; urgency=low
[ Michael Biebl ]
* No longer ship the /sys directory in the systemd package since it is
provided by base-files nowadays.
* Don't run udev rules if systemd is not active.
* Converting /var/run, /var/lock and /etc/mtab to symlinks is a one-time
migration so don't run the debian-fixup script on every boot.
[ Tollef Fog Heen ]
* Prevent the systemd package from being removed if it's the active init
system, since that doesn't work.
[ Michael Biebl ]
* Use a separate tmpfs for /run/lock (size 5M) and /run/user (size 100M).
Those directories are user-writable which could lead to DoS by filling up
/run. Closes: #635131
-- Michael Biebl <biebl@debian.org> Sun, 16 Dec 2012 21:58:37 +0100
Complete debdiff is attached.
Thanks for considering,
Michael
unblock systemd/44-6
-- System Information:
Debian Release: 7.0
APT prefers unstable
APT policy: (500, 'unstable'), (200, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386
Kernel: Linux 3.6-trunk-amd64 (SMP w/4 CPU cores)
Locale: LANG=de_DE.utf8, LC_CTYPE=de_DE.utf8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
diff --git a/debian/changelog b/debian/changelog
index 4912043..52505af 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,23 @@
+systemd (44-6) unstable; urgency=low
+
+ [ Michael Biebl ]
+ * No longer ship the /sys directory in the systemd package since it is
+ provided by base-files nowadays.
+ * Don't run udev rules if systemd is not active.
+ * Converting /var/run, /var/lock and /etc/mtab to symlinks is a one-time
+ migration so don't run the debian-fixup script on every boot.
+
+ [ Tollef Fog Heen ]
+ * Prevent the systemd package from being removed if it's the active init
+ system, since that doesn't work.
+
+ [ Michael Biebl ]
+ * Use a separate tmpfs for /run/lock (size 5M) and /run/user (size 100M).
+ Those directories are user-writable which could lead to DoS by filling up
+ /run. Closes: #635131
+
+ -- Michael Biebl <biebl@debian.org> Sun, 16 Dec 2012 21:58:37 +0100
+
systemd (44-5) unstable; urgency=low
* Team upload.
@@ -8,7 +28,7 @@ systemd (44-5) unstable; urgency=low
when restarting libvirtd. Closes: #688635.
* Avoid reloading services when shutting down, since that won't work and
makes no sense. Thanks to Michael Stapelberg for the patch.
- Closes: #624599.
+ Closes: #635777.
* Try to determine which init scripts support the reload action
heuristically. Closes: #686115, #650382.
diff --git a/debian/debian-fixup.service b/debian/debian-fixup.service
index 70840ae..2fa4f97 100644
--- a/debian/debian-fixup.service
+++ b/debian/debian-fixup.service
@@ -3,6 +3,9 @@ Description=Various fixups to make systemd work better on Debian
Before=var-run.mount var-lock.mount sysinit.target
After=remount-rootfs.service
DefaultDependencies=no
+ConditionPathIsSymbolicLink=|!/etc/mtab
+ConditionPathIsSymbolicLink=|!/var/run
+ConditionPathIsSymbolicLink=|!/var/lock
[Service]
ExecStart=/lib/systemd/debian-fixup
diff --git a/debian/systemd.dirs b/debian/systemd.dirs
index b85b0b6..e2358f6 100644
--- a/debian/systemd.dirs
+++ b/debian/systemd.dirs
@@ -1,3 +1,2 @@
var/lib/systemd
var/log/journal
-sys
diff --git a/debian/systemd.install b/debian/systemd.install
index 102e3f2..4d2e7b4 100644
--- a/debian/systemd.install
+++ b/debian/systemd.install
@@ -46,3 +46,5 @@ debian/debian-fixup lib/systemd/
debian/debian-fixup.service lib/systemd/system
debian/tmpfiles.d/debian.conf usr/lib/tmpfiles.d
debian/ifup@.service lib/systemd/system
+debian/units/run-lock.mount lib/systemd/system/
+debian/units/run-user.mount lib/systemd/system/
diff --git a/debian/systemd.links b/debian/systemd.links
index 55a7306..c8999b2 100644
--- a/debian/systemd.links
+++ b/debian/systemd.links
@@ -59,3 +59,7 @@
/lib/systemd/system/debian-fixup.service /lib/systemd/system/sysinit.target.wants/debian-fixup.service
# Compat symlink
/lib/systemd/systemd /bin/systemd
+
+# Mount separate tmpfs file systems for /run/user and /run/lock
+/lib/systemd/system/run-user.mount /lib/systemd/system/local-fs.target.wants/run-user.mount
+/lib/systemd/system/run-lock.mount /lib/systemd/system/local-fs.target.wants/run-lock.mount
diff --git a/debian/systemd.prerm b/debian/systemd.prerm
new file mode 100644
index 0000000..e067387
--- /dev/null
+++ b/debian/systemd.prerm
@@ -0,0 +1,16 @@
+#! /bin/sh
+
+set -e
+
+#
+# Prevent systemd from being removed if it's the active init. That
+# will not work.
+#
+
+if [ "$1" = "remove" ] && [ -e /sys/fs/cgroup/systemd ]; then
+ echo "systemd is the active init system, please switch to another before removing systemd."
+ exit 1
+fi
+
+
+#DEBHELPER#
diff --git a/debian/units/run-lock.mount b/debian/units/run-lock.mount
new file mode 100644
index 0000000..1c133e4
--- /dev/null
+++ b/debian/units/run-lock.mount
@@ -0,0 +1,9 @@
+[Unit]
+Description=Lock Directory
+Before=local-fs.target
+
+[Mount]
+What=tmpfs
+Where=/run/lock
+Type=tmpfs
+Options=nodev,noexec,nosuid,size=5242880
diff --git a/debian/units/run-user.mount b/debian/units/run-user.mount
new file mode 100644
index 0000000..1b04c99
--- /dev/null
+++ b/debian/units/run-user.mount
@@ -0,0 +1,9 @@
+[Unit]
+Description=User Runtime Directory
+Before=local-fs.target
+
+[Mount]
+What=tmpfs
+Where=/run/user
+Type=tmpfs
+Options=nodev,noexec,nosuid,size=104857600,mode=0755
diff --git a/src/99-systemd.rules.in b/src/99-systemd.rules.in
index d306f71..55c00c0 100644
--- a/src/99-systemd.rules.in
+++ b/src/99-systemd.rules.in
@@ -6,6 +6,7 @@
# (at your option) any later version.
ACTION=="remove", GOTO="systemd_end"
+TEST!="/sys/fs/cgroup/systemd", GOTO="systemd_end"
SUBSYSTEM=="tty", KERNEL=="tty[0-9]|tty1[0-2]", TAG+="systemd"
SUBSYSTEM=="tty", KERNEL=="tty[a-zA-Z]*|hvc*|xvc*|hvsi*", TAG+="systemd"
diff --git a/src/login/70-uaccess.rules b/src/login/70-uaccess.rules
index 6932492..62f91d4 100644
--- a/src/login/70-uaccess.rules
+++ b/src/login/70-uaccess.rules
@@ -7,6 +7,7 @@
ACTION=="remove", GOTO="uaccess_end"
ENV{MAJOR}=="", GOTO="uaccess_end"
+TEST!="/sys/fs/cgroup/systemd", GOTO="uaccess_end"
# PTP/MTP protocol devices, cameras, portable media players
SUBSYSTEM=="usb", ENV{ID_USB_INTERFACES}=="", ENV{DEVTYPE}=="usb_device", IMPORT{program}="usb_id --export %p"
diff --git a/src/login/71-seat.rules b/src/login/71-seat.rules
index 04ccac7..9ae0089 100644
--- a/src/login/71-seat.rules
+++ b/src/login/71-seat.rules
@@ -6,6 +6,7 @@
# (at your option) any later version.
ACTION=="remove", GOTO="seat_end"
+TEST!="/sys/fs/cgroup/systemd", GOTO="seat_end"
TAG=="uaccess", SUBSYSTEM!="sound", TAG+="seat"
SUBSYSTEM=="sound", KERNEL=="card*", TAG+="seat"
diff --git a/src/login/73-seat-late.rules.in b/src/login/73-seat-late.rules.in
index 0847932..3796495 100644
--- a/src/login/73-seat-late.rules.in
+++ b/src/login/73-seat-late.rules.in
@@ -6,6 +6,7 @@
# (at your option) any later version.
ACTION=="remove", GOTO="seat_late_end"
+TEST!="/sys/fs/cgroup/systemd", GOTO="seat_late_end"
ENV{ID_SEAT}=="", ENV{ID_AUTOSEAT}=="1", ENV{ID_FOR_SEAT}!="", ENV{ID_SEAT}="seat-$env{ID_FOR_SEAT}"
ENV{ID_SEAT}=="", IMPORT{parent}="ID_SEAT"
Reply to: