[arch-general] systemd latest upgrade
LoneVVolf
lonewolf at xs4all.nl
Wed Feb 1 09:58:29 UTC 2017
On 01-02-17 10:12, Jelle van der Waa wrote:
> On 01/31/17 at 04:18pm, Jude DaShiell wrote:
>> However any package install now finishes with the
>> message:
>> Arming ConditionNeedsUpdate ....
>
> That's just a pacman hook to touch /var, for the recent CVE issue in
> systemd [1] [2]
>
> [1] https://git.archlinux.org/svntogit/packages.git/commit/trunk?h=packages/systemd&id=59541b72a7ec32b30343a2a388b40ea1365f6308
> [2] http://www.openwall.com/lists/oss-security/2017/01/24/4
>
The new hook checks for changes in and touches /usr, not /var or /run .
A search for systemd ConditionNeedsUpdate gives [*] .
that condition appears to be used for determining whether a change in
/usr requires changes in /etc or /var.
There are some archlinux systemd services that use
ConditionNeedsUpdate=/etc , but i can find none that use it with /var .
looks to me like this hook either fails defending fromn that CVE or has
some other purpose.
LW
[*]
https://www.freedesktop.org/software/systemd/man/systemd.unit.html#ConditionNeedsUpdate=
More information about the arch-general
mailing list