Name: | systemd |
---|---|
Version: | 239 |
Release: | 18.0.1.el8 |
Architecture: | x86_64 |
Group: | Unspecified |
Size: | 16773046 |
License: | LGPLv2+ and MIT and GPLv2+ |
RPM: | systemd-239-18.0.1.el8.x86_64.rpm |
Source RPM: | systemd-239-18.0.1.el8.src.rpm |
Build Date: | Sun Nov 10 2019 |
Build Host: | jenkins-10-147-72-125-78f0649f-0d81-4ed9-8a5f-f87f52bdc01d.appad1iad.osdevelopmeniad.oraclevcn.com |
Vendor: | Oracle America |
URL: | http://www.freedesktop.org/wiki/Software/systemd |
Summary: | System and Service Manager |
Description: | systemd is a system and service manager that runs as PID 1 and starts the rest of the system. It provides aggressive parallelization capabilities, uses socket and D-Bus activation for starting services, offers on-demand starting of daemons, keeps track of processes using Linux control groups, maintains mount and automount points, and implements an elaborate transactional dependency-based service control logic. systemd supports SysV and LSB init scripts and works as a replacement for sysvinit. Other parts of this package are a logging daemon, utilities to control basic system configuration like the hostname, date, locale, maintain a list of logged-in users, system accounts, runtime directories and settings, and daemons to manage simple network configuration, network time synchronization, log forwarding, and name resolution. |
- fix _netdev is missing for iscsi entry in /etc/fstab (tony.l.lam@oracle.com) [Orabug: 25897792] - set "RemoveIPC=no" in logind.conf as default for OL7.2 [Orabug: 22224874] - allow dm remove ioctl to co-operate with UEK3 (Vaughan Cao) [Orabug: 18467469] - add hv dynamic memory support (Jerry Snitselaar) [Orabug: 18621475] - Backport upstream patches for the new systemd-pstore tool (Eric DeVolder) [OraBug: 30230056]
- shared/but-util: drop trusted annotation from bus_open_system_watch_bind_with_description() (#1746857) - sd-bus: adjust indentation of comments (#1746857) - resolved: do not run loop twice (#1746857) - resolved: allow access to Set*Link and Revert methods through polkit (#1746857) - resolved: query polkit only after parsing the data (#1746857)
- mount: simplify /proc/self/mountinfo handler (#1696178) - mount: rescan /proc/self/mountinfo before processing waitid() results (#1696178) - swap: scan /proc/swaps before processing waitid() results (#1696178) - analyze-security: fix potential division by zero (#1734400)
- sd-bus: deal with cookie overruns (#1694999) - journal-remote: do not request Content-Length if Transfer-Encoding is chunked (#1708849) - journal: do not remove multiple spaces after identifier in syslog message (#1691817) - cryptsetup: Do not fallback to PLAIN mapping if LUKS data device set fails. (#1719153) - cryptsetup: call crypt_load() for LUKS only once (#1719153) - cryptsetup: Add LUKS2 token support. (#1719153) - udev/scsi_id: fix incorrect page length when get device identification VPD page (#1713227) - Change job mode of manager triggered restarts to JOB_REPLACE (#11456 - bash-completion: analyze: support 'security' (#1733395) - man: note that journal does not validate syslog fields (#1707175) - rules: skip memory hotplug on ppc64 (#1713159)
- tree-wide: shorten error logging a bit (#1697893) - nspawn: simplify machine terminate bus call (#1697893) - nspawn: merge two variable declaration lines (#1697893) - nspawn: rework how we allocate/kill scopes (#1697893) - unit: enqueue cgroup empty check event if the last ref on a unit is dropped (#1697893) - Revert "journal: remove journal audit socket" (#1699287) - journal: don't enable systemd-journald-audit.socket by default (#1699287) - logs-show: use grey color for de-emphasizing journal log output (#1695601) - units: add [Install] section to tmp.mount (#1667065) - nss: do not modify errno when NSS_STATUS_NOTFOUND or NSS_STATUS_SUCCESS (#1691691) - util.h: add new UNPROTECT_ERRNO macro (#1691691) - nss: unportect errno before writing to NSS' *errnop (#1691691) - seccomp: reduce logging about failure to add syscall to seccomp (#1658691) - format-table: when duplicating a cell, also copy the color (#1689832) - format-table: optionally make specific cells clickable links (#1689832) - format-table: before outputting a color, check if colors are available (#1689832) - format-table: add option to store/format percent and uint64_t values in cells (#1689832) - format-table: optionally allow reversing the sort order for a column (#1689832) - format-table: add table_update() to update existing entries (#1689832) - format-table: add an API for getting the cell at a specific row/column (#1689832) - format-table: always underline header line (#1689832) - format-table: add calls to query the data in a specific cell (#1689832) - format-table: make sure we never call memcmp() with NULL parameters (#1689832) - format-table: use right field for display (#1689832) - format-table: add option to uppercase cells on display (#1689832) - format-table: never try to reuse cells that have color/url/uppercase set (#1689832) - locale-util: add logic to output smiley emojis at various happiness levels (#1689832) - analyze: add new security verb (#1689832) - tests: add a rudimentary fuzzer for server_process_syslog_message (#9979) (#1696224) - journald: make it clear that dev_kmsg_record modifies the string passed to it (#1696224) - journald: free the allocated memory before returning from dev_kmsg_record (#1696224) - tests: rework the code fuzzing journald (#1696224) - journald: make server_process_native_message compatible with fuzz_journald_processing_function (#1696224) - tests: add a fuzzer for server_process_native_message (#1696224) - tests: add a fuzzer for sd-ndisc (#1696224) - ndisc: fix two infinite loops (#1696224) - tests: add reproducers for several issues uncovered with fuzz-journald-syslog (#1696224) - tests: add a reproducer for an infinite loop in ndisc_handle_datagram (#1696224) - tests: add a reproducer for another infinite loop in ndisc_handle_datagram (#1696224) - fuzz: rename "fuzz-corpus" directory to just "fuzz" (#1696224) - test: add testcase for issue 10007 by oss-fuzz (#1696224) - fuzz: unify the "fuzz-regressions" directory with the main corpus (#1696224) - test-bus-marshal: use cescaping instead of hexmem (#1696224) - meson: add -Dlog-trace to set LOG_TRACE (#1696224) - meson: allow building resolved and machined without nss modules (#1696224) - meson: drop duplicated condition (#1696224) - meson: use .source_root() in more places (#1696224) - meson: treat all fuzz cases as unit tests (#1696224) - fuzz-bus-message: add fuzzer for message parsing (#1696224) - bus-message: use structured initialization to avoid use of unitialized memory (#1696224) - bus-message: avoid an infinite loop on empty structures (#1696224) - bus-message: let's always use -EBADMSG when the message is bad (#1696224) - bus-message: rename function for clarity (#1696224) - bus-message: use define (#1696224) - bus: do not print (null) if the message has unknown type (#1696224) - bus-message: fix calculation of offsets table (#1696224) - bus-message: remove duplicate assignment (#1696224) - bus-message: fix calculation of offsets table for arrays (#1696224) - bus-message: drop asserts in functions which are wrappers for varargs version (#1696224) - bus-message: output debug information about offset troubles (#1696224) - bus-message: fix skipping of array fields in !gvariant messages (#1696224) - bus-message: also properly copy struct signature when skipping (#1696224) - fuzz-bus-message: add two test cases that pass now (#1696224) - bus-message: return -EBADMSG not -EINVAL on invalid !gvariant messages (#1696224) - bus-message: avoid wrap-around when using length read from message (#1696224) - util: do not use stack frame for parsing arbitrary inputs (#1696224) - travis: enable ASan and UBSan on RHEL8 (#1683319) - tests: keep SYS_PTRACE when running under ASan (#1683319) - tree-wide: various ubsan zero size memory fixes (#1683319) - util: introduce memcmp_safe() (#1683319) - test-socket-util: avoid "memleak" reported by valgrind (#1683319) - sd-journal: escape binary data in match_make_string() (#1683319) - capability: introduce CAP_TO_MASK_CORRECTED() macro replacing CAP_TO_MASK() (#1683319) - sd-bus: use size_t when dealing with memory offsets (#1683319) - sd-bus: call cap_last_cap() only once in has_cap() (#1683319) - mount-point: honour AT_SYMLINK_FOLLOW correctly (#1683319) - travis: switch from trusty to xenial (#1683319) - test-socket-util: Add tests for receive_fd_iov() and friends. (#1683319) - socket-util: Introduce send_one_fd_iov() and receive_one_fd_iov() (#1683319) - core: swap order of "n_storage_fds" and "n_socket_fds" parameters (#1683334) - execute: use our usual syntax for defining bit masks (#1683334) - core: introduce new Type=exec service type (#1683334) - man: document the new Type=exec type (#1683334) - sd-bus: allow connecting to the pseudo-container ".host" (#1683334) - sd-login: let's also make sd-login understand ".host" (#1683334) - test: add test for Type=exec (#1683334) - journal-gateway: explicitly declare local variables (#1705971) - tools: drop unused variable (#1705971) - journal-gateway: use localStorage["cursor"] only when it has valid value (#1705971)
- rules: implement new memory hotplug policy (#1670728) - rules: add the rule that adds elevator= kernel command line parameter (#1670126) - bus-socket: Fix line_begins() to accept word matching full string (#1692991) - Refuse dbus message paths longer than BUS_PATH_SIZE_MAX limit. (#1678641) - Allocate temporary strings to hold dbus paths on the heap (#1678641) - sd-bus: if we receive an invalid dbus message, ignore and proceeed (#1678641) - Revert "core: one step back again, for nspawn we actually can't wait for cgroups running empty since systemd will get exactly zero notifications about it" (#1703485)
- rules: add the rule that adds elevator= kernel command line parameter (#1670126)
- core: when deserializing state always use read_line(…, LONG_LINE_MAX, …) (CVE-2018-15686) - coredump: remove duplicate MESSAGE= prefix from message (#1664976) - journald: remove unnecessary {} (#1664976) - journald: do not store the iovec entry for process commandline on stack (#1664976) - basic/process-util: limit command line lengths to _SC_ARG_MAX (#1664976) - coredump: fix message when we fail to save a journald coredump (#1664976) - procfs-util: expose functionality to query total memory (#1664976) - basic/prioq: add prioq_peek_item() (#1664976) - journal: limit the number of entries in the cache based on available memory (#1664976) - journald: periodically drop cache for all dead PIDs (#1664976) - process-util: don't use overly large buffer to store process command line (#1664976) - Revert "sysctl.d: switch net.ipv4.conf.all.rp_filter from 1 to 2" (#1653824) - journal: fix syslog_parse_identifier() (#1664978) - journald: set a limit on the number of fields (1k) (#1664977) - journald: when processing a native message, bail more quickly on overbig messages (#1664977) - journald: lower the maximum entry size limit to ½ for non-sealed fds (#1664977) - µhttpd: use a cleanup function to call MHD_destroy_response (#1664977) - journal-remote: verify entry length from header (#1664977) - journal-remote: set a limit on the number of fields in a message (#1664977) - journald: correctly attribute log messages also with cgroupsv1 (#1658115) - rules: add elevator= kernel command line parameter (#1670126)
- unit: don't add Requires for tmp.mount (#1619292) - remove bootchart dependency (#1660119)
- cryptsetup-generator: introduce basic keydev support (#1656869) - cryptsetup: don't use %m if there's no error to show (#1656869) - cryptsetup-generator: don't return error if target directory already exists (#1656869) - cryptsetup-generator: allow whitespace characters in keydev specification (#1656869) - rules: watch metadata changes on DASD devices (#1638676) - sysctl.d: switch net.ipv4.conf.all.rp_filter from 1 to 2 (#1653824)