[arch-general] systemd latest upgrade

LoneVVolf lonewolf at xs4all.nl
Wed Feb 1 09:58:29 UTC 2017


On 01-02-17 10:12, Jelle van der Waa wrote:
> On 01/31/17 at 04:18pm, Jude DaShiell wrote:
>> However any package install now finishes with the
>> message:
>> Arming ConditionNeedsUpdate ....
>
> That's just a pacman hook to touch /var, for the recent CVE issue in
> systemd  [1] [2]
>
> [1] https://git.archlinux.org/svntogit/packages.git/commit/trunk?h=packages/systemd&id=59541b72a7ec32b30343a2a388b40ea1365f6308
> [2] http://www.openwall.com/lists/oss-security/2017/01/24/4
>

The new hook checks for changes in and touches /usr, not /var or /run .

A search for systemd ConditionNeedsUpdate gives [*] .

that condition appears to be used for determining whether a change in 
/usr requires changes in /etc or /var.

There are some archlinux systemd services that use 
ConditionNeedsUpdate=/etc , but i can find none that use it with /var .

looks to me like this hook either fails defending fromn that CVE or has 
some other purpose.

LW





[*] 
https://www.freedesktop.org/software/systemd/man/systemd.unit.html#ConditionNeedsUpdate=


More information about the arch-general mailing list