%global dbus_user_id 81 Name: dbus-broker Version: 28 Release: 5.1%{?dist} Summary: Linux D-Bus Message Broker License: ASL 2.0 URL: https://github.com/bus1/dbus-broker Source0: https://github.com/bus1/dbus-broker/releases/download/v%{version}/dbus-broker-%{version}.tar.xz Patch0000: https://github.com/bus1/dbus-broker/commit/1add8a7d60e46806e0ef87994d3024245db0d84a.patch Patch0001: https://github.com/bus1/dbus-broker/commit/b82b670bfec6600d0144bcb9ca635fb07c80118f.patch Patch0002: cve-2022-31212.patch Patch0003: cve-2022-31213.patch %{?systemd_requires} BuildRequires: pkgconfig(audit) BuildRequires: pkgconfig(expat) BuildRequires: pkgconfig(dbus-1) BuildRequires: pkgconfig(libcap-ng) BuildRequires: pkgconfig(libselinux) BuildRequires: pkgconfig(libsystemd) BuildRequires: pkgconfig(systemd) BuildRequires: gcc BuildRequires: glibc-devel BuildRequires: meson BuildRequires: python3-docutils Requires: dbus-common Requires(pre): shadow-utils Requires(post): /usr/bin/systemctl # for triggerpostun Requires: /usr/bin/systemctl %description dbus-broker is an implementation of a message bus as defined by the D-Bus specification. Its aim is to provide high performance and reliability, while keeping compatibility to the D-Bus reference implementation. It is exclusively written for Linux systems, and makes use of many modern features provided by recent Linux kernel releases. %prep %autosetup -p1 %build %meson -Dselinux=true -Daudit=true -Ddocs=true -Dsystem-console-users=gdm -Dlinux-4-17=true %meson_build %install %meson_install %check %meson_test %pre # create dbus user and group getent group dbus >/dev/null || groupadd -f -g %{dbus_user_id} -r dbus if ! getent passwd dbus >/dev/null ; then if ! getent passwd %{dbus_user_id} >/dev/null ; then useradd -r -u %{dbus_user_id} -g %{dbus_user_id} -d '/' -s /sbin/nologin -c "System message bus" dbus else useradd -r -g %{dbus_user_id} -d '/' -s /sbin/nologin -c "System message bus" dbus fi fi exit 0 %post %systemd_post dbus-broker.service %systemd_user_post dbus-broker.service %journal_catalog_update %preun %systemd_preun dbus-broker.service %systemd_user_preun dbus-broker.service %postun %systemd_postun dbus-broker.service %systemd_user_postun dbus-broker.service %triggerpostun -- dbus-daemon if [ $2 -eq 0 ] ; then # The `dbus-daemon` package used to provide the default D-Bus # implementation. We continue to make sure that if you uninstall it, we # re-evaluate whether to enable dbus-broker to replace it. If we didnt, # you might end up without any bus implementation active. systemctl --no-reload preset dbus-broker.service || : systemctl --no-reload --global preset dbus-broker.service || : fi %files %license AUTHORS %license LICENSE %{_bindir}/dbus-broker %{_bindir}/dbus-broker-launch %{_journalcatalogdir}/dbus-broker.catalog %{_journalcatalogdir}/dbus-broker-launch.catalog %{_mandir}/man1/dbus-broker.1* %{_mandir}/man1/dbus-broker-launch.1* %{_unitdir}/dbus-broker.service %{_userunitdir}/dbus-broker.service %changelog * Tue Aug 02 2022 Jakub Martisko - 28-5.1 - Fix a stack buffer over-read in the c-shquote library - Fix null pointer reference when supplying a malformed XML config file - Add gating.yaml Resolves: CVE-2022-31212 Resolves: CVE-2022-31213 * Mon Aug 09 2021 Mohan Boddu - 28-5 - Rebuilt for IMA sigs, glibc 2.34, aarch64 flags Related: rhbz#1991688 * Thu Apr 15 2021 Mohan Boddu - 28-4 - Rebuilt for RHEL 9 BETA on Apr 15th 2021. Related: rhbz#1947937 * Thu Mar 18 2021 David Rheinsberg - 28-3 - Apply another fix for incorrect at_console range assertion. * Thu Mar 18 2021 David Rheinsberg - 28-2 - Apply fix for incorrect at_console range assertion. * Thu Mar 18 2021 David Rheinsberg - 28-1 - Update to upstream v28. - Drop unused c-util based bundling annotations. * Wed Feb 17 2021 David Rheinsberg - 27-2 - Apply activation-tracking bugfixes from upstream. * Mon Feb 15 2021 David Rheinsberg - 27-1 - Update to upstream v27. * Tue Jan 26 2021 Fedora Release Engineering - 26-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild * Wed Jan 20 2021 David Rheinsberg - 26-1 - Update to upstream v26. * Wed Jan 6 2021 Jeff Law - 24-2 - Bump NVR to force rebuild with gcc-11 * Fri Sep 4 2020 David Rheinsberg - 24-1 - Update to upstream v24. Only minor changes to the diagnostic messages as well as audit-events. * Mon Jul 27 2020 Fedora Release Engineering - 23-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild * Mon May 11 2020 Adam Williamson - 23-2 - Fix missing % in macro invocations in %post * Mon May 11 2020 David Rheinsberg - 23-1 - Update to upstream v23. * Mon May 4 2020 David Rheinsberg - 22-3 - Drop dbus-daemon -> dbus-broker live system conversion. New setups will automatically pick up dbus-broker as default implementation. If you upgrade from pre-F30, you will not get any auto upgrade anymore. Deinstalling the dbus-daemon package will, however, automatically pick up dbus-broker. * Tue Jan 28 2020 Fedora Release Engineering - 21-7 - Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild * Wed Jul 24 2019 Fedora Release Engineering - 21-6 - Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild * Sun Jul 14 2019 Neal Gompa - 21-5 - Fix reference to dbus_user_id macro in scriptlet * Wed Jul 10 2019 Jonathan Brielmaier - 21-4 - Make creation of dbus user/group more robust, fixes #1717925 * Thu May 9 2019 Tom Gundersen - 21-2 - Gracefully handle missing FDs in received messages, #1706883 - Minor bugfixes * Fri May 3 2019 Tom Gundersen - 21-1 - Don't fail on EACCESS when reading config, fixes #1704920 * Thu May 2 2019 Tom Gundersen - 21-1 - Minor bugfixes related to config reload for #1704488 * Wed Apr 17 2019 Tom Gundersen - 20-4 - Fix assert due to failing reload #1700514 * Tue Apr 16 2019 Adam Williamson - 20-3 - Rebuild with Meson fix for #1699099 * Thu Apr 11 2019 Tom Gundersen - 20-2 - Fix the c_assert macro * Wed Apr 10 2019 Tom Gundersen - 20-1 - Improve handling of broken or deprecated configuration - Avoid at_console workaround if possible * Tue Apr 9 2019 Zbigniew Jędrzejewski-Szmek - 19-2 - Add a temporary generator to fix switching from dbus-daemon to dbus-broker (#1674045) * Thu Mar 28 2019 Tom Gundersen - 19-1 - Minor bug fixes * Thu Feb 21 2019 Tom Gundersen - 18-1 - Minor bug fixes * Thu Jan 31 2019 Fedora Release Engineering - 17-4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild * Mon Jan 14 2019 Tom Gundersen - 17-3 - run in the root network namespace * Sat Jan 12 2019 Tom Gundersen - 17-2 - ignore config files that cannot be opened (fix rhbz #1665450) * Wed Jan 2 2019 Tom Gundersen - 17-1 - apply more sandboxing through systemd - improve logging on disconnect - don't send FDs to clients who don't declare support * Wed Nov 28 2018 Tom Gundersen - 16-8 - don't apply presets on updates to dbus-daemon * Mon Nov 26 2018 Tom Gundersen - 16-7 - enable service file correctly at install * Mon Nov 26 2018 Tom Gundersen - 16-5 - use full paths when calling binaries from rpm scripts * Sun Nov 25 2018 Tom Gundersen - 16-4 - fix SELinux bug * Tue Oct 30 2018 Tom Gundersen - 16-3 - add explicit systemctl dependency * Tue Oct 23 2018 David Herrmann - 16-2 - create dbus user and group if non-existant - add explicit %%postlets to switch over to the broker as default * Fri Oct 12 2018 Tom Gundersen - 16-1 - make resource limits configurable - rerun presets in case dbus-daemon is disabled * Thu Aug 30 2018 Tom Gundersen - 15-4 - depend on dbus-common rather than dbus * Wed Aug 29 2018 Tom Gundersen - 15-3 - run %%systemd_user rpm macros * Mon Aug 27 2018 Tom Gundersen - 15-2 - add back --verbose switch for backwards compatibility * Wed Aug 08 2018 Tom Gundersen - 15-1 - fix audit support - make logging about invalid config less verbose * Thu Jul 12 2018 Fedora Release Engineering - 14-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild * Tue Jul 03 2018 Tom Gundersen - 14-1 - use inotify to reload config automatically - run as the right user - new compatibility features, bugfixes and performance enhancements * Mon Apr 23 2018 Tom Gundersen - 13-1 - Namespace transient systemd units per launcher instance - Reduce reliance on NSS - Fix deadlock with nss-systemd * Wed Feb 21 2018 Tom Gundersen - 11-1 - The 'gdm' user is now considered at_console=true - Bugfixes and performance enhancements * Wed Feb 07 2018 Tom Gundersen - 10-1 - Bugfixes and performance enhancements * Wed Feb 07 2018 Fedora Release Engineering - 9-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild * Thu Nov 30 2017 Tom Gundersen - 9-1 - Avoid nss deadlock at start-up - Support ExecReload - Respect User= in service files * Tue Oct 17 2017 Tom Gundersen - 8-1 - Dont clean-up children of activated services by default - Dont use audit from the user instance - Support the ReloadConfig() API * Tue Oct 17 2017 Tom Gundersen - 7-1 - Upstream bugfix release * Mon Oct 16 2017 Tom Gundersen - 6-1 - Upstream bugfix release * Tue Oct 10 2017 Tom Gundersen - 5-1 - Drop downstream SELinux module - Support (in a limited way) at_console= policies - Order dbus-broker before basic.target * Fri Sep 08 2017 Tom Gundersen - 4-1 - Use audit for SELinux logging - Support full search-paths for service files - Log policy failures * Fri Aug 18 2017 Tom Gundersen - 3-1 - Add manpages * Wed Aug 16 2017 Tom Gundersen - 2-2 - Add license to package * Wed Aug 16 2017 Tom Gundersen - 2-1 - Add SELinux support * Sun Aug 13 2017 Tom Gundersen - 1-1 - Initial RPM release