Sami Kerola [Sun, 15 May 2016 09:25:48 +0000 (10:25 +0100)]
utmpdump: use iso-8601 timestamp format with subsecond accuracy
Newer 'struct utmp' is using 'struct timeval' to represent login and logout
times, so include the maximum accuracy to textual utmp format. Notice that
this change does not remove support of converting earlier textual formats
back to binary. But conversions from binary to former format will no longer
be available.
Sami Kerola [Sun, 15 May 2016 08:50:40 +0000 (09:50 +0100)]
utmpdump: use always UTC-0 timezone in textual output
Converting a time structure from text format that has timezone markup is
practically impossible. See reference links for more information. This
leads to situation where multiple utmpdump(1) conversions from binary to
text and back make timestamps to shift amount of timezone offset to UTC-0.
The easiest way to make multiple conversions to work without timeshifts is
to always use UTC-0 timezone. Downside of this approach is that the textual
format is less human readable than local timestamps would be.
Reference: http://www.catb.org/esr/time-programming/#_strptime_3_and_getdate_3
Reference: http://man7.org/linux/man-pages/man3/strptime.3.html Signed-off-by: Sami Kerola <kerolasa@iki.fi>
Torsten Hilbrich [Mon, 20 Jun 2016 05:09:10 +0000 (07:09 +0200)]
liblkid: Add length check in probe_nilfs2 before crc32
The bytes variable is read from the file system to probe and must be
checked before used as length parameter in the crc32 call.
The following problems may occur here:
- bytes smaller than sumoff + 4: underflow in length calculation
- bytes larger than remaining space in sb: overflow of buffer
This fixes a problem where an encrypted volume had the correct magic
values 0x3434 at offset 0x406 and the following uint16_t (which is
read into the nilfs_super_block.s_bytes struct) was parsed as 1.
Then crc32 was called with the length value 18446744073709551597
causing a segmentation fault.
Heiko Carstens [Wed, 22 Jun 2016 07:26:01 +0000 (09:26 +0200)]
lscpu: fix MMHZ column entry within man page
The indentation for the MMHZ column within the man page is wrong. Also
there doesn't exist any column with the name MMHZ. The correct names
would be MAXMHZ and MINMHZ.
Therefore rename MMHZ to MAXMHZ and add the missong MINMHZ entry.
Heiko Carstens [Wed, 22 Jun 2016 07:26:00 +0000 (09:26 +0200)]
lscpu: update s390-lpar-drawer testcase
I noticed that the "cpu" line within /proc/cpuinfo has a different
meaning on powerpc and sparc than on s390.
On s390 it represents the cpu number while on powerpc and sparc it
represent the model name. Given that the s390 kernel patch which adds
the "cpu" line to /proc/cpuinfo hasn't been merged into the kernel
yet, I changed that line to "cpu number" to avoid the unnecessary
conflict.
Therefore this patch updates the testcase, which mainly changes the
contents of /proc/cpuinfo.
Heiko Carstens [Wed, 22 Jun 2016 07:25:59 +0000 (09:25 +0200)]
lscpu: show additional caches (s390)
The Linux kernel exposes the cache topology via sysfs. However on
virtualized machines like s390 the cache topology contains only cpu
private caches.
For shared caches it is not known which cpus share them. The
hypervisor would have to update this information whenever a virtual
cpu would be scheduled on a different physical cpu and make the guest
aware of that change. Given that there is hardly any benefit, if it
all, this isn't done.
However it is still of interest to know about the non-private
caches. Therefore this information is available via /proc/cpuinfo at
least on s390.
This patch adds additional lines to the summary output for all shared
caches for which information can be found in /proc/cpuinfo, since we
know these aren't exposed via sysfs.
Heiko Carstens [Wed, 22 Jun 2016 07:25:57 +0000 (09:25 +0200)]
lscpu: show static and dynamic MHz (s390)
s390 machines provide static and dynamic cpu mhz information via
/proc/cpuinfo. The static cpu mhz is the normal cpu frequency a cpu is
supposed to run with.
The dynamic cpu mhz is the actual frequency a cpu is running
with. This is usually the same as the static cpu mhz. Note that this
values are different to the min/max mhz values available on other
architecutes. The min/max values are unknown.
This patch adds two new fields to the summary output which display
these two values.
Karel Zak [Tue, 14 Jun 2016 11:15:44 +0000 (13:15 +0200)]
chfn: chsh: use selinux_check_passwd_access()
* selinux/av_permissions.h and magic constants are deprecated, the
recommended solution is to use string_to_security_class() and
string_to_av_perm() to get access vector
* it also seems that selinux_check_passwd_access() does exactly the
same as our checkAccess(), let's use it.
Karel Zak [Thu, 9 Jun 2016 10:39:44 +0000 (12:39 +0200)]
build-sys: remove global dependence between widechar and ncursesw
It seems that globally defined dependence between ncursesw and
wide-char support is overkill, because in some cases (e.g. cal(1)) we
can use ncurses independently on wide-char support.
It would be better to care about relation between wide-char and
ncurses individually (per util).
Daniel Shahaf [Fri, 3 Jun 2016 21:27:49 +0000 (21:27 +0000)]
ionice: clarify description of --classdata
Before this patch, it wasn't clear whether '0' or '7' should be used to
specify "highest priority". (The answer could have been inferred from
the 'Examples' section of the man page.)
Signed-off-by: Daniel Shahaf <danielsh@apache.org>
uClibc-ng tries to be compatible with GNU libc and defines
__GLIBC__ and pretend to be version 2.2.
We once changed it to 2.10, but then some hard to fix problems
in different software packages (gcc) occured.
It would be better if we disable the special GNU libc checks
for uClibc-ng here. uClibc-ng implements the required scanf
functionality.
Karel Zak [Fri, 3 Jun 2016 12:51:01 +0000 (14:51 +0200)]
more: don't include ncurses.h, fix for non-widechar
It seems our crazy widechar.h is in conflict with ncurses, but it
seems that nothing in more.c requires anything from ncurses. All we
need is probably <term.h>.
Karel Zak [Fri, 3 Jun 2016 11:42:40 +0000 (13:42 +0200)]
build-sys: use UL_DEFAULT_ENABLE() only for programs
The UL_DEFAULT_ENABLE modifies $enable_<name> according to the global
--enable-all-programs. This makes sense only for programs, but not for
any built-in code.
Karel Zak [Thu, 2 Jun 2016 10:31:45 +0000 (12:31 +0200)]
lib/ttyutils: use stdout for get_terminal_width()
We use the function to be sure with *output* width. Note that the
current code (with STDIN) is broken because in some situations
libsmartcols is not able to detect terminal width and fall back to
default 80.
Karel Zak [Wed, 1 Jun 2016 12:55:15 +0000 (14:55 +0200)]
fsck.minix: fix endless loop and out of stack
It seems there is no elegant way how to recovery if a directory i_zone
(and i_size) is out of reality. Let's require human interaction to
avoid endless loop when executed with --auto, etc.
Addresses: https://github.com/karelzak/util-linux/issues/228 Signed-off-by: Karel Zak <kzak@redhat.com>
This typo fix is backwards compatible in that fdisk will accept both
the GPT attribute RequiredPartition and RequiredPartiton with the typo.
Update documentation and tests to all use the new attribute name.
Signed-off-by: Sebastian Rasmussen <sebras@gmail.com>
The field s_ninodes in super-block is used for memory allocation and
division without verifications. The memory allocation increments the
unchecked value by 1, making it vulnerable to an integer overflow
on 32 bit systems with minix 3 file systems. I did not find a (good)
way to exploit this by crafting a malicious file system, so I consider
it as a reliability issue. If it's 0, a division by zero occurs when
"-v" has been used. A filesystem without any inodes is definitely
wrong, because it means that there's not even the root inode, which is
accessed unchecked later on.
The field s_firstdatazone has to be checked against s_(n)zones. If it
is larger than the highest allowed index, the file system is definitely
corrupted -- hard to say which value is wrong though, therefore I
decided to simply call die(). A maliciously created file system could
do more harm in this way: single bits inside the memory area could be
flipped because range checks would fail. Hard to consider it as a
security issue though, because these addresses are not arbitrarily
accessible without very careful crafting (if at all possible).
next time if you ask for LABEL=HOME the answer will be /dev/block/8:3
rather than /dev/sda3.
It seems better to canonicalize the paths we store to the cache.
Unfortunately if you ask for /dev/block/8:3 then you probably expect
that blkid_dev_devname() returns the same path. This patch introduces
dev->bid_xname, this is the path used by application (and never stored
in the cache).
Addresses: https://bugzilla.redhat.com/show_bug.cgi?id=1332779 Signed-off-by: Karel Zak <kzak@redhat.com>
Karel Zak [Wed, 25 May 2016 13:59:15 +0000 (15:59 +0200)]
build-sys: add tools/Makemodule.am
We have "make" targets which depends on tools/check*.sh scripts. It's
ugly to exclude these scripts from the release tar balls (as generated
by "make distcheck").
Karel Zak [Tue, 24 May 2016 09:07:08 +0000 (11:07 +0200)]
last: cleanup time formatting code
- describe difference between login and logout time formats in struct last_timefmt
- use strtime_iso()
- rename LAST_TIMEFTM_SHORT_CTIME to LAST_TIMEFTM_SHORT
- rename LAST_TIMEFTM_FULL_CTIME to LAST_TIMEFTM_CTIME
- add LAST_TIMEFTM_HHMM for internal purpose (logout format for "--time-format short")
Karel Zak [Tue, 24 May 2016 08:58:52 +0000 (10:58 +0200)]
include/timeutils: rewrite iso formatting functions
- use buffers rather than allocate memory
- support .usec and ,usec convention
- use strftime for timezone (we need to care about daylight
saving time)
Werner Fink [Fri, 22 Apr 2016 10:16:04 +0000 (12:16 +0200)]
sulogin: agetty: use the plymouth local protocol instead the plymouth binary
for stopping plymouthd. That do not depend on the existence of
the plymouth binary if it e.g. becomes uninstalled or an other
service is providing plymouthd facilities.
[kzak@redhat.com: - fix compiler warnings [-Wpointer-sign]
- use sizeof() for write_all()
- cast to char* for read_all]
Signed-off-by: Werner Fink <werner@suse.de> Signed-off-by: Karel Zak <kzak@redhat.com>
2. The partition table must be restricted in size, such as when a system
expects to find a bootloader at a location that would otherwise overlap the
partition table.
The gdisk partitioner supports this feature.
libfdisk is already capable of reading and writing partition tables of any
size, but previously could only create ones of 128 entries and could not
resize.
This change should be fairly safe, as it has no effect unless explicitly
activated.
Karel Zak [Tue, 10 May 2016 08:52:31 +0000 (10:52 +0200)]
libfdisk: use fdisk_add_partition() for unused partno
For example:
sfdisk -N <parno>
may address unused partition. In this case we need to redirect from
fdisk_set_partition() to fdisk_add_partition() and follow default
setting (used all free space).
Wayne Pollock [Wed, 4 May 2016 16:15:14 +0000 (17:15 +0100)]
write: fix setuid related regression
The write(1) is commonly a setuid binary, because common users cannot by
default write to each others terminals. Since the commit in reference, that
is part of releases v2.24 to v2.28, the write(1) has used access(2) to check
capability to write to a destination terminal. The catch is that access(2)
uses real UID and GID to when performing the accessibility. The obvious
correction is to avoid access(2) when in context of setuid binaries.
As a smaller fix, but equally important fix, ensure the 'msgsok' variable is
initialized to indicate no access. Uninitialized variable will almost
certainly do wrong thing at the time of check.
Breaking-commit: 0233a8ea18bec17dd59cfe1fec8281 Signed-off-by: Sami Kerola <kerolasa@iki.fi> Signed-off-by: Karel Zak <kzak@redhat.com> Signed-off-by: Wayne Pollock <profwaynepollock@gmail.com>
Karel Zak [Wed, 4 May 2016 10:43:35 +0000 (12:43 +0200)]
sfdisk: add --wipe-partitions=auto|never|default
The option allows to remove filesystes/RAIDs from newly created
partitions before the partition table is updated (and partition
device created).
The default is "auto" in this case wipe is enabled in interactive mode
only and user's confirmation (yes/no dialog) is required. Note that
keep filesystem signature on partition is pretty valid use-case, so we
don't erase anything by default.
Karel Zak [Wed, 4 May 2016 10:43:35 +0000 (12:43 +0200)]
fdisk: add --wipe-partitions=auto|never|default
The option allows to remove filesystes/RAIDs from newly created
partitions before the partition table is updated (and partition
device created).
The default is "auto" in this case wipe is enabled in interactive mode
only and user's confirmation (yes/no dialog) is required. Note that
keep filesystem signature on partition is pretty valid use-case, so we
don't erase anything by default.
Karel Zak [Wed, 4 May 2016 10:32:52 +0000 (12:32 +0200)]
libfdisk: add fdisk_wipe_partition()
Now libfdisk provides functionality wipe disk device only ([s]fdisk
option --wipe).
This patch allows to probe for filesystems/RAIDs on newly created
partitions. It means we can remove signatures before the partition
node (device) is created. This reduces udev events and it's
unnecessary to call wipefs for all partitions. For example
Karel Zak [Thu, 28 Apr 2016 11:54:01 +0000 (13:54 +0200)]
libblkid: make I/O errors on CDROMs non-fatal
It seems too tricky to get a real size of the data track on hybrid
disks with audio+data. It seems overkill to analyze all header in
libblkid and on some disks it's probably possible to get I/O error
almost everywhere due to crazy copy protection etc.
Karel Zak [Wed, 27 Apr 2016 12:18:41 +0000 (14:18 +0200)]
libblkid: check for multi-session CDROMs
.. and read last session if probing offset is not specified.
udev uses cdrom_id to get last session offset, so people don't see a
problem with hybrid media (audio+data), but if you execute blkid on
command line (without -O <offset>) then you get I/O errors.
It seems that we can use the same way as kernel filesystem iso9960
driver when session= mount option is not specified ... just use
CDROMMULTISESSION ioctl to get last session offset and probe this last
session rather than all medium.
projects / thirdparty / util-linux.git / log
