Discussion:
systemd latest upgrade
(too old to reply)
Jude DaShiell
2017-01-31 21:18:55 UTC
Permalink
Raw Message
For the last several systemd upgrades an error complaining about a missing
uefi directory has come out when those upgrades were being installed.
Today that happened too. However any package install now finishes with
the message:
Arming ConditionNeedsUpdate ....

This system is an old x86-64 system with bios on it not uefi so I'm
curious to know if there is anything I can do or anything I really ought
to do about this message.



--
Jelle van der Waa
2017-02-01 09:12:52 UTC
Permalink
Raw Message
Post by Jude DaShiell
For the last several systemd upgrades an error complaining about a missing
uefi directory has come out when those upgrades were being installed. Today
that happened too.
No clue
Post by Jude DaShiell
However any package install now finishes with the
Arming ConditionNeedsUpdate ....
That's just a pacman hook to touch /var, for the recent CVE issue in
systemd [1] [2]

[1] https://git.archlinux.org/svntogit/packages.git/commit/trunk?h=packages/systemd&id=59541b72a7ec32b30343a2a388b40ea1365f6308
[2] http://www.openwall.com/lists/oss-security/2017/01/24/4
--
Jelle van der Waa
LoneVVolf
2017-02-01 09:58:29 UTC
Permalink
Raw Message
Post by Jelle van der Waa
Post by Jude DaShiell
However any package install now finishes with the
Arming ConditionNeedsUpdate ....
That's just a pacman hook to touch /var, for the recent CVE issue in
systemd [1] [2]
[1] https://git.archlinux.org/svntogit/packages.git/commit/trunk?h=packages/systemd&id=59541b72a7ec32b30343a2a388b40ea1365f6308
[2] http://www.openwall.com/lists/oss-security/2017/01/24/4
The new hook checks for changes in and touches /usr, not /var or /run .

A search for systemd ConditionNeedsUpdate gives [*] .

that condition appears to be used for determining whether a change in
/usr requires changes in /etc or /var.

There are some archlinux systemd services that use
ConditionNeedsUpdate=/etc , but i can find none that use it with /var .

looks to me like this hook either fails defending fromn that CVE or has
some other purpose.

LW





[*]
https://www.freedesktop.org/software/systemd/man/systemd.unit.html#ConditionNeedsUpdate=
Jude DaShiell
2017-02-01 12:44:59 UTC
Permalink
Raw Message
Thanks for this information, the last update I did this morning didn't
have the Arming message show up so I think maybe an update closed this
vulnerability.
Date: Wed, 1 Feb 2017 04:12:52
Subject: Re: [arch-general] systemd latest upgrade
Post by Jude DaShiell
For the last several systemd upgrades an error complaining about a missing
uefi directory has come out when those upgrades were being installed. Today
that happened too.
No clue
Post by Jude DaShiell
However any package install now finishes with the
Arming ConditionNeedsUpdate ....
That's just a pacman hook to touch /var, for the recent CVE issue in
systemd [1] [2]
[1] https://git.archlinux.org/svntogit/packages.git/commit/trunk?h=packages/systemd&id=59541b72a7ec32b30343a2a388b40ea1365f6308
[2] http://www.openwall.com/lists/oss-security/2017/01/24/4
--

Loading...