Blob Blame History Raw
%global dbus_user_id 81

Name:                 dbus-broker
Version:              28
Release:              7%{?dist}
Summary:              Linux D-Bus Message Broker
License:              ASL 2.0
URL:                  https://github.com/bus1/dbus-broker
Source0:              https://github.com/bus1/dbus-broker/releases/download/v%{version}/dbus-broker-%{version}.tar.xz
Patch0000:            https://github.com/bus1/dbus-broker/commit/1add8a7d60e46806e0ef87994d3024245db0d84a.patch
Patch0001:            https://github.com/bus1/dbus-broker/commit/b82b670bfec6600d0144bcb9ca635fb07c80118f.patch
Patch0002:            cve-2022-31212.patch
Patch0003:            cve-2022-31213.patch
Patch0004:            https://github.com/bus1/dbus-broker/commit/33e0595b1c7cf8fa0e7ca3a353f4380c1307dc25.patch
%{?systemd_requires}
BuildRequires:        pkgconfig(audit)
BuildRequires:        pkgconfig(expat)
BuildRequires:        pkgconfig(dbus-1)
BuildRequires:        pkgconfig(libcap-ng)
BuildRequires:        pkgconfig(libselinux)
BuildRequires:        pkgconfig(libsystemd)
BuildRequires:        pkgconfig(systemd)
BuildRequires:        gcc
BuildRequires:        glibc-devel
BuildRequires:        meson
BuildRequires:        python3-docutils
Requires:             dbus-common
Requires(pre):        shadow-utils
Requires(post):       /usr/bin/systemctl
# for triggerpostun
Requires:             /usr/bin/systemctl

%description
dbus-broker is an implementation of a message bus as defined by the D-Bus
specification. Its aim is to provide high performance and reliability, while
keeping compatibility to the D-Bus reference implementation. It is exclusively
written for Linux systems, and makes use of many modern features provided by
recent Linux kernel releases.

%prep
%autosetup -p1

%build
%meson -Dselinux=true -Daudit=true -Ddocs=true -Dsystem-console-users=gdm -Dlinux-4-17=true
%meson_build

%install
%meson_install

%check
%meson_test

%pre
# create dbus user and group
getent group dbus >/dev/null || groupadd -f -g %{dbus_user_id} -r dbus
if ! getent passwd dbus >/dev/null ; then
    if ! getent passwd %{dbus_user_id} >/dev/null ; then
      useradd -r -u %{dbus_user_id} -g %{dbus_user_id} -d '/' -s /sbin/nologin -c "System message bus" dbus
    else
      useradd -r -g %{dbus_user_id} -d '/' -s /sbin/nologin -c "System message bus" dbus
    fi
fi
exit 0

%post
%systemd_post dbus-broker.service
%systemd_user_post dbus-broker.service
%journal_catalog_update

%preun
%systemd_preun dbus-broker.service
%systemd_user_preun dbus-broker.service

%postun
%systemd_postun dbus-broker.service
%systemd_user_postun dbus-broker.service

%triggerpostun -- dbus-daemon
if [ $2 -eq 0 ] ; then
        # The `dbus-daemon` package used to provide the default D-Bus
        # implementation. We continue to make sure that if you uninstall it, we
        # re-evaluate whether to enable dbus-broker to replace it. If we didnt,
        # you might end up without any bus implementation active.
        systemctl --no-reload          preset dbus-broker.service || :
        systemctl --no-reload --global preset dbus-broker.service || :
fi

%files
%license AUTHORS
%license LICENSE
%{_bindir}/dbus-broker
%{_bindir}/dbus-broker-launch
%{_journalcatalogdir}/dbus-broker.catalog
%{_journalcatalogdir}/dbus-broker-launch.catalog
%{_mandir}/man1/dbus-broker.1*
%{_mandir}/man1/dbus-broker-launch.1*
%{_unitdir}/dbus-broker.service
%{_userunitdir}/dbus-broker.service

%changelog
* Mon Aug 22 2022 Frantisek Sumsal <fsumsal@redhat.com> - 28-7
- Add coverage for CVE-2022-31213 and other config-file-related issues
Related: CVE-2022-31213

* Tue Aug 02 2022 Jakub Martisko <jamartis@redhat.com> - 28-6
- Fix a stack buffer over-read in the c-shquote library
- Fix null pointer reference when supplying a malformed XML config file
Resolves: CVE-2022-31212
Resolves: CVE-2022-31213

* Mon Aug 09 2021 Mohan Boddu <mboddu@redhat.com> - 28-5
- Rebuilt for IMA sigs, glibc 2.34, aarch64 flags
  Related: rhbz#1991688

* Thu Apr 15 2021 Mohan Boddu <mboddu@redhat.com> - 28-4
- Rebuilt for RHEL 9 BETA on Apr 15th 2021. Related: rhbz#1947937

* Thu Mar 18 2021 David Rheinsberg <david.rheinsberg@gmail.com> - 28-3
- Apply another fix for incorrect at_console range assertion.

* Thu Mar 18 2021 David Rheinsberg <david.rheinsberg@gmail.com> - 28-2
- Apply fix for incorrect at_console range assertion.

* Thu Mar 18 2021 David Rheinsberg <david.rheinsberg@gmail.com> - 28-1
- Update to upstream v28.
- Drop unused c-util based bundling annotations.

* Wed Feb 17 2021 David Rheinsberg <david.rheinsberg@gmail.com> - 27-2
- Apply activation-tracking bugfixes from upstream.

* Mon Feb 15 2021 David Rheinsberg <david.rheinsberg@gmail.com> - 27-1
- Update to upstream v27.

* Tue Jan 26 2021 Fedora Release Engineering <releng@fedoraproject.org> - 26-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild

* Wed Jan 20 2021 David Rheinsberg <david.rheinsberg@gmail.com> - 26-1
- Update to upstream v26.

* Wed Jan  6 2021 Jeff Law <law@redhat.com> - 24-2
- Bump NVR to force rebuild with gcc-11

* Fri Sep  4 2020 David Rheinsberg <david.rheinsberg@gmail.com> - 24-1
- Update to upstream v24. Only minor changes to the diagnostic messages as
  well as audit-events.

* Mon Jul 27 2020 Fedora Release Engineering <releng@fedoraproject.org> - 23-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild

* Mon May 11 2020 Adam Williamson <awilliam@redhat.com> - 23-2
- Fix missing % in macro invocations in %post

* Mon May 11 2020 David Rheinsberg <david.rheinsberg@gmail.com> - 23-1
- Update to upstream v23.

* Mon May  4 2020 David Rheinsberg <david.rheinsberg@gmail.com> - 22-3
- Drop dbus-daemon -> dbus-broker live system conversion. New setups will
  automatically pick up dbus-broker as default implementation. If you upgrade
  from pre-F30, you will not get any auto upgrade anymore. Deinstalling the
  dbus-daemon package will, however, automatically pick up dbus-broker.

* Tue Jan 28 2020 Fedora Release Engineering <releng@fedoraproject.org> - 21-7
- Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild

* Wed Jul 24 2019 Fedora Release Engineering <releng@fedoraproject.org> - 21-6
- Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild

* Sun Jul 14 2019 Neal Gompa <ngompa13@gmail.com> - 21-5
- Fix reference to dbus_user_id macro in scriptlet

* Wed Jul 10 2019 Jonathan Brielmaier <jbrielmaier@suse.de> - 21-4
- Make creation of dbus user/group more robust, fixes #1717925

* Thu May  9 2019 Tom Gundersen <teg@jklm.no> - 21-2
- Gracefully handle missing FDs in received messages, #1706883
- Minor bugfixes

* Fri May  3 2019 Tom Gundersen <teg@jklm.no> - 21-1
- Don't fail on EACCESS when reading config, fixes #1704920

* Thu May  2 2019 Tom Gundersen <teg@jklm.no> - 21-1
- Minor bugfixes related to config reload for #1704488

* Wed Apr 17 2019 Tom Gundersen <teg@jklm.no> - 20-4
- Fix assert due to failing reload #1700514

* Tue Apr 16 2019 Adam Williamson <awilliam@redhat.com> - 20-3
- Rebuild with Meson fix for #1699099

* Thu Apr 11 2019 Tom Gundersen <teg@jklm.no> - 20-2
- Fix the c_assert macro

* Wed Apr 10 2019 Tom Gundersen <teg@jklm.no> - 20-1
- Improve handling of broken or deprecated configuration
- Avoid at_console workaround if possible

* Tue Apr  9 2019 Zbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl> - 19-2
- Add a temporary generator to fix switching from dbus-daemon to
  dbus-broker (#1674045)

* Thu Mar 28 2019 Tom Gundersen <teg@jklm.no> - 19-1
- Minor bug fixes

* Thu Feb 21 2019 Tom Gundersen <teg@jklm.no> - 18-1
- Minor bug fixes

* Thu Jan 31 2019 Fedora Release Engineering <releng@fedoraproject.org> - 17-4
- Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild

* Mon Jan 14 2019 Tom Gundersen <teg@jklm.no> - 17-3
- run in the root network namespace

* Sat Jan 12 2019 Tom Gundersen <teg@jklm.no> - 17-2
- ignore config files that cannot be opened (fix rhbz #1665450)

* Wed Jan 2 2019 Tom Gundersen <teg@jklm.no> - 17-1
- apply more sandboxing through systemd
- improve logging on disconnect
- don't send FDs to clients who don't declare support

* Wed Nov 28 2018 Tom Gundersen <teg@jklm.no> - 16-8
- don't apply presets on updates to dbus-daemon

* Mon Nov 26 2018 Tom Gundersen <teg@jklm.no> - 16-7
- enable service file correctly at install

* Mon Nov 26 2018 Tom Gundersen <teg@jklm.no> - 16-5
- use full paths when calling binaries from rpm scripts

* Sun Nov 25 2018 Tom Gundersen <teg@jklm.no> - 16-4
- fix SELinux bug

* Tue Oct 30 2018 Tom Gundersen <teg@jklm.no> - 16-3
- add explicit systemctl dependency

* Tue Oct 23 2018 David Herrmann <dh.herrmann@gmail.com> - 16-2
- create dbus user and group if non-existant
- add explicit %%postlets to switch over to the broker as default

* Fri Oct 12 2018 Tom Gundersen <teg@jklm.no> - 16-1
- make resource limits configurable
- rerun presets in case dbus-daemon is disabled

* Thu Aug 30 2018 Tom Gundersen <teg@jklm.no> - 15-4
- depend on dbus-common rather than dbus

* Wed Aug 29 2018 Tom Gundersen <teg@jklm.no> - 15-3
- run %%systemd_user rpm macros

* Mon Aug 27 2018 Tom Gundersen <teg@jklm.no> - 15-2
- add back --verbose switch for backwards compatibility

* Wed Aug 08 2018 Tom Gundersen <teg@jklm.no> - 15-1
- fix audit support
- make logging about invalid config less verbose

* Thu Jul 12 2018 Fedora Release Engineering <releng@fedoraproject.org> - 14-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild

* Tue Jul 03 2018 Tom Gundersen <teg@jklm.no> - 14-1
- use inotify to reload config automatically
- run as the right user
- new compatibility features, bugfixes and performance enhancements

* Mon Apr 23 2018 Tom Gundersen <teg@jklm.no> - 13-1
- Namespace transient systemd units per launcher instance
- Reduce reliance on NSS
- Fix deadlock with nss-systemd

* Wed Feb 21 2018 Tom Gundersen <teg@jklm.no> - 11-1
- The 'gdm' user is now considered at_console=true
- Bugfixes and performance enhancements

* Wed Feb 07 2018 Tom Gundersen <teg@jklm.no> - 10-1
- Bugfixes and performance enhancements

* Wed Feb 07 2018 Fedora Release Engineering <releng@fedoraproject.org> - 9-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild

* Thu Nov 30 2017 Tom Gundersen <teg@jklm.no> - 9-1
- Avoid nss deadlock at start-up
- Support ExecReload
- Respect User= in service files

* Tue Oct 17 2017 Tom Gundersen <teg@jklm.no> - 8-1
- Dont clean-up children of activated services by default
- Dont use audit from the user instance
- Support the ReloadConfig() API

* Tue Oct 17 2017 Tom Gundersen <teg@jklm.no> - 7-1
- Upstream bugfix release

* Mon Oct 16 2017 Tom Gundersen <teg@jklm.no> - 6-1
- Upstream bugfix release

* Tue Oct 10 2017 Tom Gundersen <teg@jklm.no> - 5-1
- Drop downstream SELinux module
- Support (in a limited way) at_console= policies
- Order dbus-broker before basic.target

* Fri Sep 08 2017 Tom Gundersen <teg@jklm.no> - 4-1
- Use audit for SELinux logging
- Support full search-paths for service files
- Log policy failures

* Fri Aug 18 2017 Tom Gundersen <teg@jklm.no> - 3-1
- Add manpages

* Wed Aug 16 2017 Tom Gundersen <teg@jklm.no> - 2-2
- Add license to package

* Wed Aug 16 2017 Tom Gundersen <teg@jklm.no> - 2-1
- Add SELinux support

* Sun Aug 13 2017 Tom Gundersen <teg@jklm.no> - 1-1
- Initial RPM release