commit systemd for openSUSE:Factory

Fri, 11 May 2018 02:28:46 -0700 

Hello community,

here is the log from the commit of package systemd for openSUSE:Factory checked 
in at 2018-05-11 11:28:32
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/systemd (Old)
 and      /work/SRC/openSUSE:Factory/.systemd.new (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Package is "systemd"

Fri May 11 11:28:32 2018 rev:278 rq:605360 version:237

Changes:
--------
--- /work/SRC/openSUSE:Factory/systemd/systemd-mini.changes     2018-04-25 
09:58:46.484515069 +0200
+++ /work/SRC/openSUSE:Factory/.systemd.new/systemd-mini.changes        
2018-05-11 11:28:33.983743807 +0200
@@ -1,0 +2,6 @@
+Tue May  8 10:33:10 UTC 2018 - thomas.bl...@suse.com
+
+- align permissions of /etc/machine-id to upstream code (bsc#1092269)
+  world writeable machine-id is a security issue
+
+-------------------------------------------------------------------
systemd.changes: same change

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Other differences:
------------------
++++++ systemd-mini.spec ++++++
--- /var/tmp/diff_new_pack.tv6NT3/_old  2018-05-11 11:28:35.207699203 +0200
+++ /var/tmp/diff_new_pack.tv6NT3/_new  2018-05-11 11:28:35.219698766 +0200
@@ -687,9 +687,11 @@
 # machine ID in all images.
 if [ $1 -eq 1 ]; then
         touch     %{_sysconfdir}/machine-id
-        chmod 666 %{_sysconfdir}/machine-id
 fi
 
+# check if /etc/machine-id is writeable and change it to readonly 
+[ ! -w %{_sysconfdir}/machine-id ] || chmod 444 %{_sysconfdir}/machine-id
+
 %if ! 0%{?bootstrap}
 pam-config --add --systemd || :
 %endif

++++++ systemd.spec ++++++
--- /var/tmp/diff_new_pack.tv6NT3/_old  2018-05-11 11:28:35.275696725 +0200
+++ /var/tmp/diff_new_pack.tv6NT3/_new  2018-05-11 11:28:35.279696580 +0200
@@ -685,9 +685,11 @@
 # machine ID in all images.
 if [ $1 -eq 1 ]; then
         touch     %{_sysconfdir}/machine-id
-        chmod 666 %{_sysconfdir}/machine-id
 fi
 
+# check if /etc/machine-id is writeable and change it to readonly 
+[ ! -w %{_sysconfdir}/machine-id ] || chmod 444 %{_sysconfdir}/machine-id
+
 %if ! 0%{?bootstrap}
 pam-config --add --systemd || :
 %endif

Reply via email to