Change log for systemd package in Ubuntu
| 1 → 75 of 328 results | First • Previous • Next • Last |
systemd (235-3ubuntu3) bionic; urgency=medium * netwokrd: add support for RequiredForOnline stanza. (LP: #1737570) * resolved.service: set DefaultDependencies=no (LP: #1734167) * systemd.postinst: enable persistent journal. (LP: #1618188) * core: add support for non-writable unified cgroup hierarchy for container support. (LP: #1734410) -- Dimitri John Ledkov <email address hidden> Tue, 12 Dec 2017 13:25:32 +0000
Available diffs
| Published in artful-proposed on 2017-11-30 |
systemd (234-2ubuntu12.2) artful; urgency=medium
* systemd-rfkill service times out when a new rfkill device is added
(LP: #1734908)
- debian/patches/rfkill-fix-erroneous-behavior-when-polling-the-
udev-.patch: Comparing udev_device_get_sysname(device) and
sysname will always return true. We need to check the device
received from udev monitor instead.
- debian/patches/rfkill-fix-typo.patch: Fix typo in rfkill log
message.
-- Kleber Sacilotto de Souza <email address hidden> Tue, 28 Nov 2017 17:52:58 +0100
Available diffs
| Superseded in bionic-release on 2018-01-03 |
| Deleted in bionic-proposed on 2018-01-05 (Reason: moved to release) |
systemd (235-3ubuntu2) bionic; urgency=medium * systemd-fsckd: Fix ADT tests to work on s390x too.
Available diffs
| Superseded in bionic-proposed on 2017-11-21 |
systemd (235-3ubuntu1) bionic; urgency=medium
* Merge 235-3 from debian:
- Drop UBUNTU-CVE-2017-15908 included in Debian.
* Remaining delta from Debian:
- ship dhclient enter hook for dhclient integration with resolved
- ship resolvconf integration via stub-resolv.conf
- ship s390x virtio interface names migration
- do not disable systemd-resolved upon libnss-resolve removal
- do not remote fs in containers, for non-degrated boot
- CVE-2017-15908 in resolved fix loop on packets with pseudo dns types
- Unlink invocation id key, upon chown failure in containers
- Change default to UseDomains by default
- Do not treat failure to set Nice= setting as error in containers
- Add a condition to systemd-journald-audit.socet to not start in
containers (fails)
- Build without any built-in/fallback DNS server setting
- Enable resolved by default
- Update autopkgtests for reliability/raciness, and testing for typical
defaults
- Always upgrade udev, when running adt tests
- Skip test-execute on armhf
- Cherry-pick a few testsuite fixes
* UBUNTU Do not use nested kvm during ADT tests.
Available diffs
- diff from 235-2ubuntu3 to 235-3ubuntu1 (11.8 KiB)
| Superseded in bionic-release on 2017-11-29 |
| Deleted in bionic-proposed on 2017-12-01 (Reason: moved to release) |
systemd (235-2ubuntu3) bionic; urgency=medium
* Revert "Skip test-bpf in autopkgtest, currently is failing."
This reverts commit 75cf986e450e062a3d5780d1976e9efef41e6c4c.
* Fix test-bpf test case on ubuntu.
* Skip rename tests in containers, crude fix for now.
-- Dimitri John Ledkov <email address hidden> Mon, 13 Nov 2017 00:06:42 +0000
Available diffs
| Superseded in bionic-proposed on 2017-11-13 |
systemd (235-2ubuntu2) bionic; urgency=medium * Fix test-functions failing with Ubuntu units. * tests: switch to using ext4 by default, instead of ext3. * Skip test-bpf in autopkgtest, currently is failing. -- Dimitri John Ledkov <email address hidden> Mon, 06 Nov 2017 18:33:39 +0000
Available diffs
| Superseded in bionic-proposed on 2017-11-07 |
systemd (235-2ubuntu1) bionic; urgency=medium
[ Dimitri John Ledkov ]
* Merge 235-2 from debian:
- Drop all upstream cherry-picks
- Drop test-copy dh_strip size override, fixed upstream
* Remaining delta from Debian:
- ship dhclient enter hook for dhclient integration with resolved
- ship resolvconf integration via stub-resolv.conf
- ship s390x virtio interface names migration
- do not disable systemd-resolved upon libnss-resolve removal
- do not remote fs in containers, for non-degrated boot
- CVE-2017-15908 in resolved fix loop on packets with pseudo dns types
- Unlink invocation id key, upon chown failure in containers
- Change default to UseDomains by default
- Do not treat failure to set Nice= setting as error in containers
- Add a condition to systemd-journald-audit.socet to not start in
containers (fails)
- Build without any built-in/fallback DNS server setting
- Enable resolved by default
- Update autopkgtests for reliability/raciness, and testing for typical
defaults
- Always upgrade udev, when running adt tests
- Skip test-execute on armhf
* Fix up write_persistent_net_s390x for nullglob
* Ship systemd sysctl settings.
Patch systemd's default sysctl settings to drop things that are set
elsewhere already. The promote secondary IP addresses is required for
networkd to successfully renew DHCP leases with a change of an IP address.
Set default package scheduler to Fair Queue CoDel. (LP: #1721223)
[ Michael Biebl ]
* Install modprobe configuration file to /lib/modprobe.d.
Otherwise it is not read by kmod. (Closes: #879191)
Available diffs
- diff from 234-2ubuntu13 to 235-2ubuntu1 (3.0 MiB)
| Superseded in bionic-proposed on 2017-10-31 |
systemd (234-2ubuntu13) bionic; urgency=medium * SECURITY UPDATE: remote DoS in resolve (LP: #1725351) - debian/patches/CVE-2017-15908.patch: fix loop on packets with pseudo dns types in src/resolve/resolved-dns-packet.c. - CVE-2017-15908 -- Marc Deslauriers <email address hidden> Mon, 30 Oct 2017 07:49:56 -0400
Available diffs
- diff from 234-2ubuntu12 to 234-2ubuntu13 (1.2 KiB)
systemd (229-4ubuntu21) xenial; urgency=medium * networkd: do not uncoditionally apply NOARP. * networkd: fix size of MTUBytes so that it does not overwrites ARP. * Fixes regression-updates LP: #1727301 -- Dimitri John Ledkov <email address hidden> Fri, 27 Oct 2017 09:21:18 +0100
Available diffs
- diff from 229-4ubuntu20 to 229-4ubuntu21 (1.4 KiB)
systemd (232-21ubuntu7.1) zesty-security; urgency=medium * SECURITY UPDATE: remote DoS in resolve (LP: #1725351) - debian/patches/CVE-2017-15908.patch: fix loop on packets with pseudo dns types in src/resolve/resolved-dns-packet.c. - CVE-2017-15908 -- Marc Deslauriers <email address hidden> Thu, 26 Oct 2017 07:59:03 -0400
Available diffs
systemd (234-2ubuntu12.1) artful-security; urgency=medium * SECURITY UPDATE: remote DoS in resolve (LP: #1725351) - debian/patches/CVE-2017-15908.patch: fix loop on packets with pseudo dns types in src/resolve/resolved-dns-packet.c. - CVE-2017-15908 -- Marc Deslauriers <email address hidden> Thu, 26 Oct 2017 07:56:42 -0400
Available diffs
| Superseded in zesty-updates on 2017-10-26 |
| Deleted in zesty-proposed on 2017-10-31 (Reason: moved to -updates) |
systemd (232-21ubuntu7) zesty; urgency=medium * networkd: accept `:' in ifnames in systemd/networkd. (LP: #1714933) * networkd: add support for ActiveSlave and PrimarySlave netdev options. (LP: #1709135) * Cherrypick upstream fix for a race between .mount and .automount units, which currently may result in automounts hanging. (LP: #1709649) * systemd.postinst: Fix-up version number check in the previous sru. The version check in the postinst was too tight, thus the SRU fix failed validation. (LP: #1710410)
Available diffs
| Superseded in bionic-release on 2017-11-18 |
| Published in artful-release on 2017-10-06 |
| Deleted in artful-proposed (Reason: moved to release) |
systemd (234-2ubuntu12) artful; urgency=medium
[ Dimitri John Ledkov ]
* debian/rules: do not strip test-copy.
This insures test-copy is large enough for test-copy tests to pass.
(LP: #1721203)
[ Michael Biebl ]
* Drop systemd-timesyncd.service.d/disable-with-time-daemon.conf.
All major NTP implementations ship a native service file nowadays with a
Conflicts=systemd-timesyncd.service so this drop-in is no longer
necessary. (Closes: #873185) (LP: #1721204)
-- Dimitri John Ledkov <email address hidden> Wed, 04 Oct 2017 13:28:34 +0100
Available diffs
- diff from 234-2ubuntu10 to 234-2ubuntu12 (6.5 KiB)
- diff from 234-2ubuntu11 to 234-2ubuntu12 (924 bytes)
systemd (204-5ubuntu20.25) trusty; urgency=medium * rules: introduce fsck@.service for snappy (LP: #1718966) -- Rafael David Tinoco <email address hidden> Mon, 02 Oct 2017 21:39:38 +0000
Available diffs
- diff from 204-5ubuntu20.24 to 204-5ubuntu20.25 (838 bytes)
| Superseded in artful-proposed on 2017-10-05 |
systemd (234-2ubuntu11) artful; urgency=medium
* Ubuntu/extra: ship dhclient-enter hook.
This allows isc-dhcp dhclient to set search domains and nameservers via
resolved.
* Disable systemd-networkd-wait-online by default.
Currently it is not fit for purpose, as it leads to long boot times when
networking is unplugged or not yet configured on boot. (LP: #1714301)
* networkd: change UseMTU default to true.
Cherry-pick upstream change. (LP: #1717471)
* postinst: drop empty/stock /etc/rc.local (LP: #1716979)
* Imporve resolvconf integration.
Make the .path|.service unit that feed resolved data into resolvconf not
generate failures if resolvconf is not installed.
Add a check to make sure that resolved does not read /etc/resolv.conf when that
is symlinked to stub-resolv.conf. (LP: #1717995)
* core: gracefully bail out keyring operations when chown fails (LP: #1691096)
-- Dimitri John Ledkov <email address hidden> Tue, 26 Sep 2017 11:38:02 -0400
Available diffs
- diff from 234-2ubuntu10 to 234-2ubuntu11 (6.0 KiB)
| Superseded in xenial-updates on 2017-10-28 |
| Deleted in xenial-proposed on 2017-10-29 (Reason: moved to -updates) |
systemd (229-4ubuntu20) xenial; urgency=medium
* resolved: recognize DNS names with more than one trailing dot as invalid
(LP: #1600000)
* Ignore failures to set Nice priority on services in containers.
(LP: #1709536)
* networkd: accept `:' in ifnames in systemd/networkd. (LP: #1714933)
* initramfs-tools: trigger udevadm add actions with subsystems first.
(LP: #1713536)
* networkd: Add support to set STP value on a bridge. (LP: #1665088)
* networkd: add support for AgeingTImeSec, Priority and DefaultPVID settings.
(LP: #1715131)
- Drop cherrypick of uint16 config parser, superseeded by above commit.
* networkd: add support to set ActiveSlave and PrimarySlave. (LP: #1709135)
- networkd: add support to configure ARP, depedency of Primary/ActiveSlave.
-- Dimitri John Ledkov <email address hidden> Tue, 05 Sep 2017 14:01:51 +0100
Available diffs
- diff from 229-4ubuntu19 to 229-4ubuntu20 (9.3 KiB)
| Superseded in zesty-proposed on 2017-10-05 |
systemd (232-21ubuntu6) zesty; urgency=medium
* link: Fix offload features initialization.
This fixes a regression introduced in v232 which caused TCP
segmentation offloads being disabled by default, resulting in
significant performance issues under certain conditions. (Closes: #864073)
(LP: #1703393)
* loginctl: Fix loginctl ignoring user given session IDs at command-line
(LP: #1682154)
* Disable fallback DNS servers.
This causes resolved to call-home to google, attempt to access network when
none is available, and spams logs. (LP: #1449001)
* initramfs-tools: trigger udevadm add actions with subsystems first.
This updates the initramfs-tools init-top udev script to trigger udevadm
actions with type specified. This mimicks the
systemd-udev-trigger.service. Without type specified only devices are
triggered, but triggering subsystems may also be required and should happen
before triggering the devices. This is the case for example on s390x with zdev
generated udev rules. (LP: #1713536)
* Enable systemd-resolved by default. (LP: #1710410)
* core: fix systemd failing to serialize tasks correctly on daemon-reload.
(LP: #1702823)
-- Dimitri John Ledkov <email address hidden> Thu, 31 Aug 2017 13:27:39 +0100
Available diffs
- diff from 232-21ubuntu4 to 232-21ubuntu6 (7.2 KiB)
| Superseded in artful-release on 2017-10-06 |
| Deleted in artful-proposed on 2017-10-08 (Reason: moved to release) |
systemd (234-2ubuntu10) artful; urgency=medium * Do not fail debootstrap if /etc/resolv.conf is immutable. (LP: #1713212) * Revert "Create /etc/resolv.conf on resolved start, if it is an empty file." As it is ineffective, and correct creation of /etc/resolv.conf has been fixed. This reverts commit ccba42504f216f6ffbc54eb2c9af347355f8d86b. * initramfs-tools: trigger udevadm add actions with subsystems first. This updates the initramfs-tools init-top udev script to trigger udevadm actions with type specified. This mimicks the systemd-udev-trigger.service. Without type specified only devices are triggered, but triggering subsystems may also be required and should happen before triggering the devices. This is the case for example on s390x with zdev generated udev rules. (LP: #1713536) -- Dimitri John Ledkov <email address hidden> Wed, 30 Aug 2017 11:22:41 +0100
Available diffs
- diff from 234-2ubuntu9 to 234-2ubuntu10 (1.7 KiB)
| Superseded in artful-release on 2017-09-14 |
| Deleted in artful-proposed on 2017-09-15 (Reason: moved to release) |
systemd (234-2ubuntu9) artful; urgency=medium * boot-and-services: skip gdm3 tests when absent, as it is on s390x. -- Dimitri John Ledkov <email address hidden> Wed, 23 Aug 2017 11:58:57 +0100
Available diffs
- diff from 234-2ubuntu6 to 234-2ubuntu9 (1.9 KiB)
- diff from 234-2ubuntu8 to 234-2ubuntu9 (769 bytes)
| Superseded in artful-proposed on 2017-08-23 |
systemd (234-2ubuntu8) artful; urgency=medium * Enable systemd-networkd by default. -- Dimitri John Ledkov <email address hidden> Tue, 22 Aug 2017 17:50:59 +0100
Available diffs
- diff from 234-2ubuntu7 to 234-2ubuntu8 (536 bytes)
| Superseded in artful-proposed on 2017-08-22 |
systemd (234-2ubuntu7) artful; urgency=medium
* Always setup /etc/resolv.conf on new installations.
On new installations, /etc/resolv.conf will always exist. Move it to /run
and replace it with the desired final symlink. (LP: #1712283)
* Create /etc/resolv.conf on resolved start, if it is an empty file.
-- Dimitri John Ledkov <email address hidden> Tue, 22 Aug 2017 16:13:35 +0100
Available diffs
- diff from 234-2ubuntu6 to 234-2ubuntu7 (1.3 KiB)
| Superseded in artful-release on 2017-08-25 |
| Deleted in artful-proposed on 2017-08-26 (Reason: moved to release) |
systemd (234-2ubuntu6) artful; urgency=medium * Disable KillUserProcesses, yet again, with meson this time. * Re-enable reboot tests. -- Dimitri John Ledkov <email address hidden> Thu, 17 Aug 2017 15:22:35 +0100
Available diffs
- diff from 233-8ubuntu3 to 234-2ubuntu6 (481.4 KiB)
- diff from 234-2ubuntu5 to 234-2ubuntu6 (1.4 KiB)
| Superseded in artful-proposed on 2017-08-17 |
systemd (234-2ubuntu5) artful; urgency=medium
* debian/tests: disable i386 & amd64 systemd-fsck test, and add environment
overrides to allow force execution of those tests locally. LP: #1708051.
-- Dimitri John Ledkov <email address hidden> Wed, 16 Aug 2017 13:04:48 +0100
Available diffs
- diff from 234-2ubuntu4 to 234-2ubuntu5 (974 bytes)
| Superseded in artful-proposed on 2017-08-16 |
systemd (234-2ubuntu4) artful; urgency=medium
* debian/tests: disable i386 & amd64 boot-smoke, passes locally. LP:
#1708051.
-- Dimitri John Ledkov <email address hidden> Tue, 15 Aug 2017 14:20:12 +0100
Available diffs
- diff from 234-2ubuntu3 to 234-2ubuntu4 (613 bytes)
| Superseded in artful-proposed on 2017-08-15 |
systemd (234-2ubuntu3) artful; urgency=medium * debian/tests: Switch to gdm, enforce udev upgrade. -- Dimitri John Ledkov <email address hidden> Mon, 14 Aug 2017 12:02:37 +0100
Available diffs
| Superseded in artful-proposed on 2017-08-14 |
systemd (234-2ubuntu2) artful; urgency=medium
* Ignore failures to set Nice priority on services in containers.
* Disable execute test on armhf.
* units: set ConditionVirtualization=!private-users on journald audit socket.
It fails to start in unprivileged containers.
* boot-smoke: refactor ADT test.
Wait for system to settle down and get to either running or degraded state,
then collect all metrics, and exit with an error if any of the tests failed.
-- Dimitri John Ledkov <email address hidden> Wed, 02 Aug 2017 03:02:03 +0100
Available diffs
| Superseded in artful-proposed on 2017-08-02 |
systemd (234-2ubuntu1) artful; urgency=medium
[ Dimitri John Ledkov ]
* ubuntu: udev.postinst preserve virtio interfaces names on upgrades, on s390x.
New udev generates stable interface names on s390x kvm instances, however, upon
upgrades existing ethX names should be preserved to prevent breaking networking
and software configurations.
This patch only affects Ubuntu systems. (Closes: #860246) (LP: #1682437)
* Set UseDomains to true, by default, on Ubuntu.
On Ubuntu, fallback DNS servers are disabled, therefore we do not leak queries
to a preset 3rd party by default. In resolved, dnssec is also disabled by
default, as too much of the internet is broken and using Ubuntu users to debug
the internet is not very productive - most of the time the end-user cannot fix
or know how to notify the site owners about the dnssec mistakes. Inherintally
the DHCP acquired DNS servers are therefore trusted, and are free to spoof
records. Not trusting DNS search domains, in such scenario, provides limited
security or privacy benefits. From user point of view, this also appears to be
a regression from previous Ubuntu releases which do trust DHCP acquired search
domains by default.
Therefore we are enabling UseDomains by default on Ubuntu.
Users may override this setting in the .network files by specifying
[DHCP|IPv6AcceptRA] UseDomains=no|route options.
* resolved: create private stub resolve file for integration with resolvconf.
The stub-resolve.conf file points at resolved stub resolver, but also lists the
available search domains. This is required to correctly resolve domains without
using resolve nss module.
* Enable systemd-resolved by default
* Create /etc/resolv.conf at postinst, pointing at the stub resolver.
The stub resolver file is dynamically managed by systemd-resolved. It points at
the stub resolver as the nameserver, however it also dynamically updates the
search stanza, thus non-nss dns tools work correctly with unqualified names and
correctly use the DHCP acquired search domains.
* libnss-resolve: do not disable and stop systemd-resolved
resolved is always used by default on ubuntu via stub resolver, therefore it
should continue to operate without libnss-resolve module installed.
* modprobe.d: set max_bonds=0 for bonding module to prevent bond0 creation.
This prevents confusing networkd, and allows networkd to manage bond0.
* Cherrypick upstream networkd-test.py assertion/check fixes.
This resolves ADT test suite failures, when running tests under lxc/lxd
providers.
* Cherrypick arm* seccomp fixes.
This should resolve ADT test failures, on arm64, when running as root.
* Re-enable seccomp and execute tests on arm.
[ Balint Reczey ]
* Skip starting systemd-remount-fs.service in containers
even when /etc/fstab is present.
This allows entering fully running state even when /etc/fstab
lists / to be mounted from a device which is not present in the
container. (LP: #1576341)
[ Michael Biebl ]
* selinux: Enable labeling and access checks for unprivileged users.
Revert commit that inadvertently broke a lot of SELinux related
functionality for both unprivileged users and systemd instances running
as MANAGER_USER and instead deal with the auditd issue by checking for
the CAP_AUDIT_WRITE capability before opening an audit netlink socket.
(Closes: #863800)
-- Dimitri John Ledkov <email address hidden> Tue, 25 Jul 2017 13:30:58 +0100
Available diffs
| Superseded in artful-proposed on 2017-07-27 |
systemd (234-1ubuntu2) artful; urgency=medium
* Set UseDomains to true, by default, on Ubuntu.
On Ubuntu, fallback DNS servers are disabled, therefore we do not leak queries
to a preset 3rd party by default. In resolved, dnssec is also disabled by
default, as too much of the internet is broken and using Ubuntu users to debug
the internet is not very productive - most of the time the end-user cannot fix
or know how to notify the site owners about the dnssec mistakes. Inherintally
the DHCP acquired DNS servers are therefore trusted, and are free to spoof
records. Not trusting DNS search domains, in such scenario, provides limited
security or privacy benefits. From user point of view, this also appears to be
a regression from previous Ubuntu releases which do trust DHCP acquired search
domains by default.
Therefore we are enabling UseDomains by default on Ubuntu.
Users may override this setting in the .network files by specifying
[DHCP|IPv6AcceptRA] UseDomains=no|route options.
* resolved: create private stub resolve file for integration with resolvconf.
The stub-resolve.conf file points at resolved stub resolver, but also lists the
available search domains. This is required to correctly resolve domains without
using resolve nss module.
* Enable systemd-resolved by default
* Create /etc/resolv.conf at postinst, pointing at the stub resolver.
The stub resolver file is dynamically managed by systemd-resolved. It points at
the stub resolver as the nameserver, however it also dynamically updates the
search stanza, thus non-nss dns tools work correctly with unqualified names and
correctly use the DHCP acquired search domains.
* libnss-resolve: do not disable and stop systemd-resolved
resolved is always used by default on ubuntu via stub resolver, therefore it
should continue to operate without libnss-resolve module installed.
-- Dimitri John Ledkov <email address hidden> Fri, 21 Jul 2017 17:07:17 +0100
Available diffs
| Superseded in xenial-updates on 2017-10-23 |
| Deleted in xenial-proposed on 2017-10-24 (Reason: moved to -updates) |
systemd (229-4ubuntu19) xenial; urgency=medium
* debian/extra/units/systemd-resolved.service.d/resolvconf.conf: partially
revert, by removing ExecStart|StopPost lines, as these are not needed on
xenial and generate warnings in the journal. (LP: #1704677)
Available diffs
- diff from 229-4ubuntu17 to 229-4ubuntu19 (11.5 KiB)
- diff from 229-4ubuntu18 to 229-4ubuntu19 (720 bytes)
| Superseded in artful-proposed on 2017-07-24 |
systemd (234-1ubuntu1) artful; urgency=medium
[ Dimitri John Ledkov ]
* Merge with debian, outstanding delta below.
* ubuntu: udev.postinst preserve virtio interfaces names on upgrades, on s390x.
New udev generates stable interface names on s390x kvm instances, however, upon
upgrades existing ethX names should be preserved to prevent breaking networking
and software configurations.
This patch only affects Ubuntu systems. (Closes: #860246) (LP: #1682437)
* debian/tests/root-unittests: disable execute and seccomp tests on arm
test-seccomp and test-execute fail on arm64 kernels. Marking both tests as
expected failures. An upstream bug report is filed to resolve these.
(LP: #1672499)
* Disable fallback DNS servers.
This causes resolved to call-home to google, attempt to access network when
none is available, and spams logs. (LP: #1449001, #1698734)
[ Balint Reczey ]
* Skip starting systemd-remount-fs.service in containers
even when /etc/fstab is present.
This allows entering fully running state even when /etc/fstab
lists / to be mounted from a device which is not present in the
container. (LP: #1576341)
Available diffs
| Superseded in artful-release on 2017-08-18 |
| Deleted in artful-proposed on 2017-08-20 (Reason: moved to release) |
systemd (233-8ubuntu3) artful; urgency=medium * No-change rebuild against latest libmicrohttpd -- Jeremy Bicha <email address hidden> Sun, 09 Jul 2017 14:04:28 -0400
Available diffs
- diff from 233-8ubuntu2 to 233-8ubuntu3 (315 bytes)
| Superseded in xenial-proposed on 2017-07-18 |
systemd (229-4ubuntu18) xenial; urgency=medium
* debian/extra/units/systemd-resolved.service.d/resolvconf.conf: if resolved
is going to be started, make sure this blocks network-online.target.
(LP: #1673860)
* networkd: cherry-pick support for setting bridge port's priority
(LP: #1668347)
* Cherrypick upstream commit to enable system use kernel maximum limit for
RLIMIT_NOFILE isntead of hard-coded (low) limit of 65536. (LP: #1686361)
* Cherrypick upstream patch for platform predictable interface names.
(LP: #1686784)
* resolved: fix null pointer dereference crash (LP: #1621396)
* Cherrypick core/timer downgrade message about random time addition
(LP: #1692136)
* SECURITY UPDATE: Out-of-bounds write in systemd-resolved (LP: #1695546)
- CVE-2017-9445
* Cherry-pick subset of patches to introduce infinity value in logind.conf
for UserTasksMax (LP: #1651518)
-- Dimitri John Ledkov <email address hidden> Wed, 05 Jul 2017 13:45:48 +0100
Available diffs
- diff from 229-4ubuntu17 to 229-4ubuntu18 (11.6 KiB)
| Superseded in artful-release on 2017-07-15 |
| Deleted in artful-proposed on 2017-07-16 (Reason: moved to release) |
systemd (233-8ubuntu2) artful; urgency=medium
* Disable fallback DNS servers.
This causes resolved to call-home to google, attempt to access network when
none is available, and spams logs. (LP: #1449001, #1698734)
* SECURITY UPDATE: Out-of-bounds write in systemd-resolved.
CVE-2017-9445 (LP: #1695546)
-- Dimitri John Ledkov <email address hidden> Wed, 28 Jun 2017 13:27:28 +0100
Available diffs
- diff from 233-8ubuntu1 to 233-8ubuntu2 (4.2 KiB)
systemd (231-9ubuntu5) yakkety-security; urgency=medium * SECURITY UPDATE: Out-of-bounds write in systemd-resolved (LP: #1695546) - debian/patches/test-resolved-packet-add-a-simple-test-for-our-alloc.patch: Add a simple allocation test - debian/patches/resolved-simplify-alloc-size-calculation.patch: Simply allocation size calculation - CVE-2017-9445 -- Chris Coulson <email address hidden> Wed, 21 Jun 2017 16:35:26 +0100
Available diffs
systemd (232-21ubuntu5) zesty-security; urgency=medium * SECURITY UPDATE: Out-of-bounds write in systemd-resolved (LP: #1695546) - debian/patches/test-resolved-packet-add-a-simple-test-for-our-alloc.patch: Add a simple allocation test - debian/patches/resolved-simplify-alloc-size-calculation.patch: Simply allocation size calculation - CVE-2017-9445 -- Chris Coulson <email address hidden> Wed, 21 Jun 2017 16:33:22 +0100
Available diffs
| Superseded in artful-release on 2017-07-02 |
| Deleted in artful-proposed on 2017-07-04 (Reason: moved to release) |
systemd (233-8ubuntu1) artful; urgency=medium
Merge from experimental. Existing Ubuntu cherry-picks:
* TEST-12: cherry-pick upstream fix for compat with new netcat-openbsd.
* networkd: cherry-pick support for setting bridge port's priority.
This is a useful feature/bugfix to improve feature parity of networkd with
ifupdown. This matches netplan's expectations to be able to set bridge port's
priorities via networked. This featue is to be used by netplan/MAAS/OpenStack.
* Cherrypick upstream commit to enable system use kernel maximum limit for RLIMIT_NOFILE isntead of hard-coded (low) limit of 65536.
* debian/tests/root-unittests: disable execute and seccomp tests on arm
test-seccomp and test-execute fail on arm64 kernels. Marking both tests as
expected failures. An upstream bug report is filed to resolve these.
* Cherrypick upstream patch for vio predictable interface names.
* Cherrypick upstream patch for platform predictable interface names.
Ubuntu cherry-picks, now also applied in Debian:
* resolved: fix null pointer dereference crash
Remaining Ubuntu delta:
* ubuntu: udev.postinst preserve virtio interfaces names on upgrades, on s390x.
New udev generates stable interface names on s390x kvm instances, however, upon
upgrades existing ethX names should be preserved to prevent breaking networking
and software configurations.
This patch only affects Ubuntu systems.
* Skip starting systemd-remount-fs.service in containers
even when /etc/fstab is present.
This allows entering fully running state even when /etc/fstab
lists / to be mounted from a device which is not present in the
container.
New Ubuntu cherry-picks:
* loginctl: Chrerry-pick upstream fix to not ignore multiple session ids.
(LP: #1682154)
-- Dimitri John Ledkov <email address hidden> Mon, 19 Jun 2017 15:24:30 +0100
Available diffs
- diff from 233-6ubuntu3 to 233-8ubuntu1 (12.5 KiB)
| Superseded in zesty-updates on 2017-06-27 |
| Deleted in zesty-proposed on 2017-06-28 (Reason: moved to -updates) |
systemd (232-21ubuntu4) zesty; urgency=medium
* Cherrypick upstream commit to enable system use kernel maximum limit for
RLIMIT_NOFILE isntead of hard-coded (low) limit of 65536. (LP: #1686361)
* debian/tests/root-unittests: disable execute and seccomp tests on arm
test-seccomp and test-execute fail on arm64 kernels. Marking both tests as
expected failures. An upstream bug report is filed to resolve these.
(LP: #1672499)
* Cherrypick upstream patch for platform predictable interface names.
(LP: #1686784)
* resolved: fix null pointer dereference crash (LP: #1621396)
* Cherrypick core/timer downgrade message about random time addition
(LP: #1692136)
-- Dimitri John Ledkov <email address hidden> Wed, 24 May 2017 16:26:16 +0100
Available diffs
| Superseded in artful-release on 2017-06-22 |
| Deleted in artful-proposed on 2017-06-23 (Reason: moved to release) |
systemd (233-6ubuntu3) artful; urgency=medium * resolved: fix null pointer dereference crash (LP: #1621396) -- Dimitri John Ledkov <email address hidden> Mon, 22 May 2017 09:29:22 +0100
Available diffs
- diff from 233-6ubuntu2 to 233-6ubuntu3 (992 bytes)
| Superseded in artful-release on 2017-05-22 |
| Deleted in artful-proposed on 2017-05-24 (Reason: moved to release) |
systemd (233-6ubuntu2) artful; urgency=medium
[ Michael Biebl ]
* basic/journal-importer: Fix unaligned access in get_data_size()
(Closes: #862062)
[ Dimitri John Ledkov ]
* ubuntu: disable dnssec on any ubuntu releases (LP: #1690605)
* Cherrypick upstream patch for vio predictable interface names.
* Cherrypick upstream patch for platform predictable interface names.
(LP: #1686784)
[ Balint Reczey ]
* Skip starting systemd-remount-fs.service in containers
even when /etc/fstab is present.
This allows entering fully running state even when /etc/fstab
lists / to be mounted from a device which is not present in the
container. (LP: #1576341)
-- Dimitri John Ledkov <email address hidden> Wed, 17 May 2017 19:24:03 +0100
Available diffs
- diff from 233-6ubuntu1 to 233-6ubuntu2 (4.6 KiB)
| Superseded in artful-release on 2017-05-21 |
| Deleted in artful-proposed on 2017-05-22 (Reason: moved to release) |
systemd (233-6ubuntu1) artful; urgency=medium
Merge from Debian, existing changes:
* ubuntu: udev.postinst preserve virtio interfaces names on upgrades, on s390x.
New udev generates stable interface names on s390x kvm instances, however, upon
upgrades existing ethX names should be preserved to prevent breaking networking
and software configurations.
This patch only affects Ubuntu systems. (Closes: #860246) (LP: #1682437)
* TEST-12: cherry-pick upstream fix for compat with new netcat-openbsd.
* networkd: cherry-pick support for setting bridge port's priority.
This is a useful feature/bugfix to improve feature parity of networkd with
ifupdown. This matches netplan's expectations to be able to set bridge port's
priorities via networked. This featue is to be used by netplan/MAAS/OpenStack.
New changes:
* Cherrypick upstream commit to enable system use kernel maximum limit for
RLIMIT_NOFILE isntead of hard-coded (low) limit of 65536. (LP: #1686361)
* debian/tests/root-unittests: disable execute and seccomp tests on arm
test-seccomp and test-execute fail on arm64 kernels. Marking both tests as
expected failures. An upstream bug report is filed to resolve these.
(LP: #1672499)
Available diffs
- diff from 232-21ubuntu3 (in Ubuntu) to 233-6ubuntu1 (882.8 KiB)
- diff from 233-5ubuntu1 to 233-6ubuntu1 (3.9 KiB)
| Superseded in artful-proposed on 2017-05-02 |
systemd (233-5ubuntu1) artful; urgency=medium
[ Felipe Sateler ]
* Backport upstream PR #5531.
This delays opening the mdns and llmnr sockets until a network has enabled them.
This silences annoying messages when networkd receives such packets without
expecting them:
Got mDNS UDP packet on unknown scope.
[ Martin Pitt ]
* resolved: Disable DNSSEC by default on stretch and zesty.
Both Debian stretch and Ubuntu zesty are close to releasing, switch to
DNSSEC=off by default for those. Users can still turn it back on with
DNSSEC=allow-downgrade (or even "yes").
[ Michael Biebl ]
* Add Conflicts against hal.
Since v183, udev no longer supports RUN+="socket:". This feature is
still used by hal, but now generates vast amounts of errors in the
journal. Thus force the removal of hal by adding a Conflicts to the udev
package. This is safe, as hal is long dead and no longer useful.
* Drop systemd-ui Suggests
systemd-ui is unmaintained upstream and not particularly useful anymore.
* journal: fix up syslog facility when forwarding native messages.
Native journal messages (_TRANSPORT=journal) typically don't have a
syslog facility attached to it. As a result when forwarding the
messages to syslog they ended up with facility 0 (LOG_KERN).
Apply syslog_fixup_facility() so we use LOG_USER instead. (Closes: #837893)
* Split upstream tests into systemd-tests binary package (Closes: #859152)
* Get PACKAGE_VERSION from config.h.
This also works with meson and is not autotools specific.
[ Dimitri John Ledkov ]
* ubuntu: udev.postinst preserve virtio interfaces names on upgrades, on s390x.
New udev generates stable interface names on s390x kvm instances, however, upon
upgrades existing ethX names should be preserved to prevent breaking networking
and software configurations.
This patch only affects Ubuntu systems. (Closes: #860246) (LP: #1682437)
* TEST-12: cherry-pick upstream fix for compat with new netcat-openbsd.
* networkd: cherry-pick support for setting bridge port's priority.
This is a useful feature/bugfix to improve feature parity of networkd with
ifupdown. This matches netplan's expectations to be able to set bridge port's
priorities via networked. This featue is to be used by netplan/MAAS/OpenStack.
Available diffs
| Superseded in artful-release on 2017-05-11 |
| Deleted in artful-proposed on 2017-06-24 (Reason: moved to release) |
| Superseded in zesty-updates on 2017-06-23 |
| Deleted in zesty-proposed on 2017-06-24 (Reason: moved to -updates) |
systemd (232-21ubuntu3) zesty; urgency=medium
[ Martin Pitt ]
* resolved: Disable DNSSEC by default on stretch and zesty.
Both Debian stretch and Ubuntu zesty are close to releasing, switch to
DNSSEC=off by default for those. Users can still turn it back on with
DNSSEC=allow-downgrade (or even "yes"). (LP: #1682499)
[ Michael Biebl ]
* journal: fix up syslog facility when forwarding native messages.
Native journal messages (_TRANSPORT=journal) typically don't have a
syslog facility attached to it. As a result when forwarding the
messages to syslog they ended up with facility 0 (LOG_KERN).
Apply syslog_fixup_facility() so we use LOG_USER instead. (Closes: #837893)
(LP: #1682484)
[ Dimitri John Ledkov ]
* networkd: cherry-pick support for setting bridge port's priority.
This is a useful feature/bugfix to improve feature parity of networkd with
ifupdown. This matches netplan's expectations to be able to set bridge port's
priorities via networked. This featue is to be used by netplan/MAAS/OpenStack.
(LP: #1668347)
* TEST-12: cherry-pick upstream fix for compat with new netcat-openbsd.
(LP: #1672542)
* udev.postinst: preserve virtio interfaces names on upgrades, on s390x.
New udev generates stable interface names on s390x kvm instances, however, upon
upgrades existing ethX names should be preserved to prevent breaking networking
and software configurations. (Closes: #860246) (LP: #1682437)
-- Dimitri John Ledkov <email address hidden> Thu, 13 Apr 2017 18:10:33 +0100
Available diffs
| Superseded in artful-release on 2017-04-22 |
| Published in zesty-release on 2017-04-08 |
| Deleted in zesty-proposed (Reason: moved to release) |
systemd (232-21ubuntu2) zesty; urgency=medium
* pkgconfig: Cherrypick upstream fix to libdir locations in .pc files
(LP: #1674201)
-- Dimitri John Ledkov <email address hidden> Tue, 28 Mar 2017 16:59:14 +0100
Available diffs
- diff from 232-19 (in Debian) to 232-21ubuntu2 (14.1 KiB)
- diff from 232-21ubuntu1 to 232-21ubuntu2 (1.2 KiB)
| Superseded in zesty-proposed on 2017-03-28 |
systemd (232-21ubuntu1) zesty; urgency=medium
* Merge from Debian unstable, remaining changes:
* debian/extra/units/systemd-resolved.service.d/resolvconf.conf: if
resolved is going to be started, make sure this blocks
network-online.target. LP: #1673860.
-- Gianfranco Costamagna <email address hidden> Thu, 23 Mar 2017 10:02:35 +0100
Available diffs
- diff from 232-20ubuntu1 to 232-21ubuntu1 (2.4 KiB)
| Superseded in yakkety-updates on 2017-06-27 |
| Deleted in yakkety-proposed on 2017-06-28 (Reason: moved to -updates) |
systemd (231-9ubuntu4) yakkety; urgency=medium
* debian/extra/units/systemd-resolved.service.d/resolvconf.conf: if
resolved is going to be started, make sure this blocks
network-online.target. LP: #1673860.
* debian/patches/resolved-follow-CNAMES-for-DNS-stub-replies.patch:
Cherry-pick upstream fix for resolved failing to follow CNAMES for DNS
stub replies. LP: #1647031.
* debian/patches/logind-update-empty-and-infinity-handling-for-User-T.patch:
Cherry-pick upstream fix to handle empty and "infinity" values for
[User]TasksMax. Closes LP: #1651518.
-- Steve Langasek <email address hidden> Mon, 20 Mar 2017 22:14:14 -0700
Available diffs
- diff from 231-9ubuntu3 to 231-9ubuntu4 (5.5 KiB)
| Superseded in zesty-proposed on 2017-03-23 |
systemd (232-20ubuntu1) zesty; urgency=medium
* debian/extra/units/systemd-resolved.service.d/resolvconf.conf: if
resolved is going to be started, make sure this blocks
network-online.target. LP: #1673860.
-- Steve Langasek <email address hidden> Fri, 17 Mar 2017 17:18:46 -0700
Available diffs
- diff from 232-20 (in Debian) to 232-20ubuntu1 (857 bytes)
systemd (232-20) unstable; urgency=medium
[ Martin Pitt ]
* debian/gbp.conf: Switch to "stretch" branch
* udev: Fix /dev/disk/by-path aliases for virtio disks. (Closes: #856558)
* udev: Create persistent net names for virtio CCW devices.
This only affects s390x as only this has CCW devices. This provides
stable network interface names for those and avoids changing the names
on updating Stretch to Buster. (Closes: #856559)
* Move systemd.link(5) to udev package.
.link files are being handled by udev, so it should ship the
corresponding manpage. Bump Breaks/Replaces accordingly. (Closes: #857270)
[ Michael Biebl ]
* Avoid strict DM API versioning.
Compiling against the dm-ioctl.h header as provided by the Linux kernel
will embed the DM interface version number. Running an older kernel can
lead to errors on shutdown when trying to detach DM devices.
As a workaround, build against a local copy of dm-ioctl.h based on 3.13,
which is the minimum required version to support DM_DEFERRED_REMOVE.
(Closes: #856337)
* cryptsetup-generator: Run cryptsetup service before swap unit.
Otherwise if the cryptsetup service unit and swap unit for a swap
device are not strictly ordered, it might happen that the swap unit
activates/mounts the swap device before its cryptsetup service unit has
a chance to run the 'mkswap' command. (Closes: #787028)
* Override package-name-doesnt-match-sonames lintian warning for libnss-*
* networkd: Fix size of MTUBytes so that it does not overwrite ARP
[ Felipe Sateler ]
* git-cherry-pick: Actually use cherry-pick for picking.
Use git cherry-pick for picking instead of rebase.
This allows using -x flag and thus record the upstream commit that is
being picked.
-- Michael Biebl <email address hidden> Thu, 16 Mar 2017 17:38:24 +0100
Available diffs
- diff from 232-19 to 232-20 (11.5 KiB)
| Superseded in zesty-release on 2017-04-08 |
| Deleted in zesty-proposed on 2017-04-09 (Reason: moved to release) |
systemd (232-19) unstable; urgency=medium
[ Martin Pitt ]
* debian/README.source: Update patch and changelog handling to current
reality.
* root-unittests autopkgtest: Blacklist test-journal-importer.
This got added in a recent PR, but running this requires using "make
install-tests" which hasn't landed yet.
* fsckd: Fix format specifiers on 32 bit architectures.
* resolved: Fix NSEC proofs for missing TLDs (Closes: #855479)
* boot-and-services autopkgtest: Skip CgroupsTest on unified hierarchy.
* boot-smoke autopkgtest: Run in containers, too.
* logind autopkgtest: Adjust to work in containers.
[ Dimitri John Ledkov ]
* Fix resolved failing to follow CNAMES for DNS stub replies (LP: #1647031)
* Fix emitting change signals with a sessions property in logind
(LP: #1661568)
[ Michael Biebl ]
* If an automount unit is masked, don't react to activation anymore.
Otherwise we'll hit an assert sooner or later. (Closes: #856035)
[ Felipe Sateler ]
* resolved: add the new KSK to the built-in resolved trust anchor.
The old root key will be discarded in early 2018, so get this into
stretch.
* Backport some zsh completion fixes from upstream (Closes: #847203)
-- Martin Pitt <email address hidden> Thu, 02 Mar 2017 09:21:12 +0100
Available diffs
| Superseded in zesty-release on 2017-03-18 |
| Deleted in zesty-proposed on 2017-04-07 (Reason: moved to release) |
systemd (232-18ubuntu1) zesty; urgency=medium
[ Martin Pitt ]
* debian/README.source: Update patch and changelog handling to current reality.
We've used gbp dch for a fair while now, let's document it as official
policy.
Update documentation about patch handling: using quilt directly is
not really "welcome" any more as it creates a lot of noise in pq, so
only document pq now. Also document the usage of topic branches, and our
shiny debian/git-cherry-pick tool.
[ Dimitri John Ledkov ]
* Fix resolved failing to follow CNAMES for DNS stub replies (LP: #1647031)
* Fix emitting change signals with a sessions property in logind.
(LP: #1661568)
Available diffs
- diff from 232-17ubuntu1 to 232-18ubuntu1 (11.4 KiB)
| Superseded in xenial-updates on 2017-07-20 |
| Deleted in xenial-proposed on 2017-07-22 (Reason: moved to -updates) |
systemd (229-4ubuntu17) xenial; urgency=medium
* Make systemd-networkd-resolvconf-update.{service,path} run earlier
to ensure DNS is configured prior to reaching network-online.target.
(LP: #1649931)
-- Ryan Harper <email address hidden> Thu, 02 Feb 2017 15:41:48 -0600
Available diffs
- diff from 229-4ubuntu16 to 229-4ubuntu17 (701 bytes)
| Superseded in zesty-release on 2017-02-21 |
| Deleted in zesty-proposed on 2017-02-22 (Reason: moved to release) |
systemd (232-17ubuntu1) zesty; urgency=medium
* debian/patches/0001-resolved-follow-CNAMES-for-DNS-stub-
replies.patch: cherry-pick upstream fix for following CNAMEs in DNS
stub replies. Closes LP: #1647031.
-- Steve Langasek <email address hidden> Sun, 12 Feb 2017 22:54:55 -0800
Available diffs
systemd (232-17) unstable; urgency=medium
* Add libcap2-bin build dependency for tests. This will make
test_exec_capabilityboundingset() actually run. (Closes: #854394)
* Add iproute2 build dependency for tests. This will make
test_exec_privatenetwork() actually run; it skips if "ip" is not present.
(Closes: #854396)
* autopkgtest: Run all upstream unit tests as root.
Ship all upstream unit tests in libsystemd-dev, and run them all as root
in autopkgtest. (Closes: #854392) This also fixes the FTBFS on non-seccomp
architectures.
* systemd-resolved.service.d/resolvconf.conf: Allow writing to
/run/resolvconf. Upstream PR #5283 will introduce permission restrictions
for systemd-resolved.service, including the lockdown to writing
/run/systemd/. This will then cause the resolvconf call in our drop-in to
fail as that needs to write to /run/resolvconf/. Add this to
ReadWritePaths=. (This is a no-op with the current unrestricted unit).
-- Martin Pitt <email address hidden> Fri, 10 Feb 2017 11:52:46 +0100
Available diffs
| Superseded in trusty-updates on 2017-10-16 |
| Deleted in trusty-proposed on 2017-10-17 (Reason: moved to -updates) |
systemd (204-5ubuntu20.24) trusty; urgency=medium
[ Thomas Voß ]
* Do not create /run/nologin, and thus make sure deputy systemd does not
prevent system logins. LP: #1660573.
Available diffs
| Superseded in xenial-updates on 2017-04-27 |
| Deleted in xenial-proposed on 2017-04-29 (Reason: moved to -updates) |
systemd (229-4ubuntu16) xenial; urgency=medium
* d/p/0001-libudev-util-change-util_replace_whitespace-to-retur.patch,
d/p/0002-udev-event-add-replace_whitespace-param-to-udev_even.patch,
d/p/0003-udev-rules-perform-whitespace-replacement-for-symlin.patch:
Cherry-pick upstream fixes from Dan Streetman <email address hidden> to
fix by-id symlinks for devices whose IDs contain whitespace.
LP: #1647485.
-- Steve Langasek <email address hidden> Wed, 18 Jan 2017 13:37:19 -0800
Available diffs
- diff from 229-4ubuntu13 to 229-4ubuntu16 (4.5 KiB)
- diff from 229-4ubuntu15 to 229-4ubuntu16 (720 bytes)
| Superseded in trusty-updates on 2017-02-08 |
| Deleted in trusty-proposed on 2017-02-10 (Reason: moved to -updates) |
systemd (204-5ubuntu20.22) trusty; urgency=medium
* Add support for installing deputy systemd for snapd on Ubuntu
Desktop 14.04.5 (LP: #1656280)
[ Dimitri John Ledkov ]
* debian/patches/deputy_shutdown.patch: Use system poweroff, halt,
reboot, pm-suspend, pm-hibernate commands in the systemd units for
power management via systemd/systemctl. Use /bin/false for kexec.
* debian/systemd.postinst: Drop restaring systemd-initctl.socket and
systemd-logind.service, as neither are supposed to be managed by
deputy systemd.
* debian/patches/deputy_cgroup.patch: Make deputy systemd use
alternative dsystemd cgroups path and nonpid1 systemd should setup
these mountpoints.
* debian/patches/private-bus-for-nonpid1.patch: Make deputy systemd not
connect to system D-Bus, to avoid conflict with systemd-shim.
* debian/control: remove conflicts with systemd-shim
[ Thomas Voß ]
* debian/patches/add-cgmanager-support: Only free result if != NULL,
preventing crash in the error handling code-path.
-- Dimitri John Ledkov <email address hidden> Tue, 17 Jan 2017 10:43:30 +0000
Available diffs
| Superseded in zesty-proposed on 2017-02-11 |
systemd (232-10ubuntu1) zesty; urgency=medium
* d/p/0001-libudev-util-change-util_replace_whitespace-to-retur.patch,
d/p/0002-udev-event-add-replace_whitespace-param-to-udev_even.patch,
d/p/0003-udev-rules-perform-whitespace-replacement-for-symlin.patch:
Cherry-pick upstream fixes from Dan Streetman <email address hidden> to
fix by-id symlinks for devices whose IDs contain whitespace.
LP: #1647485.
-- Steve Langasek <email address hidden> Fri, 13 Jan 2017 18:08:34 +0200
Available diffs
| Superseded in yakkety-updates on 2017-04-21 |
| Deleted in yakkety-proposed on 2017-04-22 (Reason: moved to -updates) |
systemd (231-9ubuntu3) yakkety; urgency=medium
* d/p/0001-libudev-util-change-util_replace_whitespace-to-retur.patch,
d/p/0002-udev-event-add-replace_whitespace-param-to-udev_even.patch,
d/p/0003-udev-rules-perform-whitespace-replacement-for-symlin.patch:
Cherry-pick upstream fixes from Dan Streetman <email address hidden> to
fix by-id symlinks for devices whose IDs contain whitespace.
LP: #1647485.
-- Steve Langasek <email address hidden> Fri, 13 Jan 2017 16:22:48 +0200
Available diffs
- diff from 231-9ubuntu2 to 231-9ubuntu3 (4.4 KiB)
| Superseded in xenial-proposed on 2017-01-18 |
systemd (229-4ubuntu15) xenial; urgency=medium
* d/p/0001-libudev-util-change-util_replace_whitespace-to-retur.patch,
d/p/0002-udev-event-add-replace_whitespace-param-to-udev_even.patch,
d/p/0003-udev-rules-perform-whitespace-replacement-for-symlin.patch:
Cherry-pick upstream fixes from Dan Streetman <email address hidden> to
fix by-id symlinks for devices whose IDs contain whitespace.
LP: #1647485.
-- Steve Langasek <email address hidden> Fri, 13 Jan 2017 13:41:23 +0200
Available diffs
- diff from 229-4ubuntu13 to 229-4ubuntu15 (4.7 KiB)
- diff from 229-4ubuntu14 to 229-4ubuntu15 (4.5 KiB)
systemd (232-10) unstable; urgency=medium
* Add NULL sentinel to strjoin.
We haven't cherry-picked upstream commit 605405c6c which introduced a
strjoin macro that adds the NULL sentinel automatically so we need to do
it manually. (Closes: #851210)
-- Michael Biebl <email address hidden> Fri, 13 Jan 2017 05:08:55 +0100
Available diffs
- diff from 232-9 to 232-10 (1.1 KiB)
systemd (232-9) unstable; urgency=medium
* Use --disable-wheel-group configure switch.
Instead of mangling the tmpfiles via sed to remove the wheel group, use
the configure switch which was added upstream in v230.
See https://github.com/systemd/systemd/issues/2492
* Update debian/copyright.
Bob Jenkins released the lookup3.[ch] files as public domain which means
there is no copyright holder.
* Drop fallback for older reportbug versions when attaching files
* debian/extra/init-functions.d/40-systemd: Stop checking for init env var.
This env variable is no longer set when systemd executes a service so
it's pointless to check for it.
* debian/extra/init-functions.d/40-systemd: Stop setting _SYSTEMCTL_SKIP_REDIRECT=true.
It seems we don't actually need it to detect recursive loops (PPID is
sufficient) and by exporting it we leak _SYSTEMCTL_SKIP_REDIRECT into
the runtime environment of the service. (Closes: #802018)
* debian/extra/init-functions.d/40-systemd: Rename _SYSTEMCTL_SKIP_REDIRECT.
Rename _SYSTEMCTL_SKIP_REDIRECT to SYSTEMCTL_SKIP_REDIRECT to be more
consistent with other environment variables which are used internally by
systemd, like SYSTEMCTL_SKIP_SYSV.
* Various specifier resolution fixes.
Turn on specifier expansion for more unit file settings.
See https://github.com/systemd/systemd/pull/4835 (Closes: #781730)
-- Michael Biebl <email address hidden> Thu, 12 Jan 2017 16:59:22 +0100
Available diffs
- diff from 232-8 to 232-9 (11.7 KiB)
systemd (204-5ubuntu20.21) trusty; urgency=medium
[ Dan Streetman ]
* rules: introduce disk/by-id (wwid and model_serial) symlinks
for NVMe drives (LP: #1642903)
[ Yu Ning ]
* keymap: Some HP refactoring, add Probook 440 G3 keys (LP: #1562344)
-- Steve Langasek <email address hidden> Thu, 15 Dec 2016 19:46:52 -0800
Available diffs
| Superseded in zesty-release on 2017-02-16 |
| Deleted in zesty-proposed on 2017-02-18 (Reason: moved to release) |
systemd (232-8) unstable; urgency=medium
[ Martin Pitt ]
* Drop systemd dependency from libnss-myhostname again.
This NSS module is completely independent from systemd, unlike the other
three.
* Install 71-seat.rules into the initrd.
This helps plymouth to detect applicable devices. (Closes: #756109)
* networkd: Fix crash when setting routes.
* resolved: Drop removal of resolvconf entry on stop.
This leads to timeouts on shutdown via the resolvconf hooks and does not
actually help much -- /etc/resolv.conf would then just be empty instead of
having a nonexisting 127.0.0.53 nameserver, so manually stopping resolved
in a running system is broken either way. (LP: #1648068)
* Keep RestrictAddressFamilies on amd64.
This option and libseccomp currently work on amd64 at least, so let's make
sure it does not break there as well, and benefit from the additional
protection at least on this architecture.
* Explicitly set D-Bus policy dir.
This is about to change upstream in
https://github.com/systemd/systemd/pull/4892, but as explained in commit
2edb1e16fb12f4 we need to keep the policies in /etc/ until stretch+1.
[ Michael Biebl ]
* doc: Clarify NoNewPrivileges in systemd.exec(5). (Closes: #756604)
* core: Rework logic to determine when we decide to add automatic deps for
mounts. This adds a concept of "extrinsic" mounts. If mounts are
extrinsic we consider them managed by something else and do not add
automatic ordering against umount.target, local-fs.target,
remote-fs.target. (Closes: #818978)
* rules: Add persistent links for nbd devices. (Closes: #837999)
-- Michael Biebl <email address hidden> Sat, 17 Dec 2016 01:54:18 +0100
Available diffs
- diff from 232-7 to 232-8 (6.2 KiB)
| Superseded in xenial-proposed on 2017-01-13 |
systemd (229-4ubuntu14) xenial; urgency=medium
* Make systemd-networkd-resolvconf-update.service run earlier
to ensure DNS is up prior to reaching network-online.target
(LP: #1649931)
-- Ryan Harper <email address hidden> Thu, 15 Dec 2016 13:44:08 -0600
Available diffs
- diff from 229-4ubuntu13 to 229-4ubuntu14 (514 bytes)
| Superseded in zesty-release on 2017-01-11 |
| Deleted in zesty-proposed on 2017-01-12 (Reason: moved to release) |
systemd (232-7) unstable; urgency=medium
[ Michael Biebl ]
* Mark liblz4-tool build dependency as <!nocheck>
* udev: Try mount -n -o move first
initramfs-tools is not actually using util-linux mount (yet), so making
mount -n --move the first alternative would trigger an error message if
users have built their initramfs without busybox support.
[ Alexander Kurtz ]
* debian/extra/kernel-install.d/85-initrd.install: Remove an unnecessary
variable. (Closes: #845977)
[ Martin Pitt ]
* Drop systemd-networkd's "After=dbus.service" ordering, so that it can
start during early boot (for cloud-init.service). It will auto-connect to
D-Bus once it becomes available later, and transient (from DHCP) hostname
and timezone setting do not currently work anyway. (LP: #1636912)
* Run hwdb/parse_hwdb.py during package build.
* Package libnss-systemd
* Make libnss-* depend on the same systemd package version.
-- Martin Pitt <email address hidden> Wed, 30 Nov 2016 14:38:36 +0100
Available diffs
- diff from 232-6 to 232-7 (5.4 KiB)
| Superseded in yakkety-updates on 2017-02-24 |
| Deleted in yakkety-proposed on 2017-02-25 (Reason: moved to -updates) |
systemd (231-9ubuntu2) yakkety; urgency=medium
[ Dan Streetman ]
* rules: introduce disk/by-id (model_serial) symlinks for NVMe drives
(LP: #1642903)
[ Martin Pitt ]
* Drop systemd-networkd's "After=dbus.service" ordering, so that it can
start during early boot (for cloud-init.service). It will auto-connect to
D-Bus once it becomes available later, and transient (from DHCP) hostname
and timezone setting do not work in 16.10 anyway. (LP: #1636912)
-- Martin Pitt <email address hidden> Thu, 24 Nov 2016 13:21:05 +0100
Available diffs
- diff from 231-9ubuntu1 to 231-9ubuntu2 (2.0 KiB)
| Superseded in xenial-updates on 2017-01-20 |
| Deleted in xenial-proposed on 2017-01-22 (Reason: moved to -updates) |
systemd (229-4ubuntu13) xenial; urgency=medium
[ Martin Pitt ]
* Backport graphical-session{,-pre}.target user units, for future usage from
snaps. (LP: #1640293)
* debian/rules: Clean up *.busname units. They are useless in 16.04 as they
will always be "condition failed" as kdbus has never existed. But they add
ordering constraints which make it impossible to start
systemd-networkd.service during early boot, which is an upcoming
requirement for cloud-init. (Part of LP: #1636912)
* Drop systemd-networkd's "After=dbus.service" ordering so that it can start
during early boot (for cloud-init.service). It will auto-connect to D-Bus
once it becomes available later, and transient (from DHCP) hostname and
timezone setting do not work in 16.04 anyway. (LP: #1636912)
[ Dan Streetman ]
* rules: introduce disk/by-id (wwid and model_serial) symlinks
for NVMe drives (LP: #1642903)
-- Martin Pitt <email address hidden> Thu, 24 Nov 2016 12:41:23 +0100
Available diffs
- diff from 229-4ubuntu12 to 229-4ubuntu13 (5.5 KiB)
| Superseded in zesty-release on 2016-12-02 |
| Deleted in zesty-proposed on 2016-12-03 (Reason: moved to release) |
systemd (232-6) unstable; urgency=medium
* Add policykit-1 test dependency for networkd-test.py.
* debian/rules: Don't destroy unit symlinks with sed -i.
Commit 21711e74 introduced a "sed -i" to remove RestrictAddressFamilies= from
units. This also caused unit symlinks to get turned into real files, causing
D-BBus activated services like timedated to fail ("two units with the same
D-Bus name").
* Fall back to "mount -o move" in udev initramfs script
klibc's mount does not understand --move, so for the time being we need to
support both variants. (Closes: #845161)
* debian/README.Debian: Document how to generate a shutdown log.
Thanks 積丹尼 Dan Jacobson. (Closes: #826297)
-- Martin Pitt <email address hidden> Mon, 21 Nov 2016 10:39:57 +0100
Available diffs
- diff from 232-3 to 232-6 (11.4 KiB)
- diff from 232-5 to 232-6 (1.6 KiB)
systemd (232-5) unstable; urgency=medium
* Add missing liblz4-tool build dependency.
Fixes test-compress failure during package build.
* systemd: Ship /var/lib.
This will soon contain a polkit pkla file.
-- Martin Pitt <email address hidden> Sun, 20 Nov 2016 12:22:52 +0100
Available diffs
- diff from 232-4 to 232-5 (594 bytes)
systemd (232-4) unstable; urgency=medium
[ Martin Pitt ]
* debian/tests/unit-config: Query pkg-config for system unit dir.
This fixes confusion on merged-/usr systems where both /usr/lib/systemd and
/lib/systemd exist. It's actually useful to verify that systemd.pc says the
truth.
* debian/tests/upstream: Fix clobbering of merged-/usr symlinks
* debian/tests/systemd-fsckd: Create /etc/default/grub.d if necessary
* debian/rules: Drop check for linking to libs in /usr.
This was just an approximation, as booting without an initrd could still be
broken by library updates (e. g. #828991). With merged /usr now being the
default this is now completely moot.
* Move kernel-install initrd script to a later prefix.
60- does not leave much room for scripts that want to run before initrd
building (which is usually one of the latest things to do), so bump to 85.
Thanks to Sjoerd Simons for the suggestion.
* Disable 99-default.link instead of the udev rule for disabling persistent interface names.
Disabling 80-net-setup-link.rules will also cause ID_NET_DRIVER to not be set
any more, which breaks 80-container-ve.network and matching on driver name in
general. So disable the actual default link policy instead.
Still keep testing for 80-net-setup-link.rules in the upgrade fix and
73-usb-net-by-mac.rules to keep the desired behaviour on systems which already
disabled ifnames via that udev rule.
See https://lists.freedesktop.org/archives/systemd-devel/2016-November/037805.html
* debian/tests/boot-and-services: Always run seccomp test
seccomp is now available on all architectures on which Debian and Ubuntu run
tests, so stop making this test silently skip if seccomp is disabled.
* Bump libseccomp build dependency as per configure.ac.
* Replace "Drop RestrictAddressFamilies=" patch with sed call.
With that it will also apply to upstream builds/CI, and it is structurally
simpler.
* Rebuild against libseccomp with fixed shlibs. (Closes: #844497)
[ Michael Biebl ]
* fstab-generator: add x-systemd.mount-timeout option. (Closes: #843989)
* build-sys: do not install ctrl-alt-del.target symlink twice.
(Closes: #844039)
* Enable lz4 support.
While the compression rate is not as good as XZ, it is much faster, so a
better default for the journal and especially systemd-coredump.
(Closes: #832010)
[ Felipe Sateler ]
* Enable machines.target by default. (Closes: #806787)
[ Evgeny Vereshchagin ]
* debian/tests/upstream: Print all journal files.
We don't print all journal files. This is misleading a bit:
https://github.com/systemd/systemd/pull/4331#issuecomment-252830790
https://github.com/systemd/systemd/pull/4395#discussion_r87948836
[ Luca Boccassi ]
* Use mount --move in initramfs-tools udev script.
Due to recent changes in busybox and initramfs-tools the mount
utility is no longer the one from busybox but from util-linux.
The latter does not support mount -o move.
The former supports both -o move and --move, so use it instead to be
compatible with both.
See this discussion for more details:
https://bugs.debian.org/823856 (Closes: #844775)
-- Michael Biebl <email address hidden> Sun, 20 Nov 2016 03:34:58 +0100
Available diffs
- diff from 232-3 to 232-4 (10.5 KiB)
| Superseded in trusty-updates on 2017-01-26 |
| Deleted in trusty-proposed on 2017-01-27 (Reason: moved to -updates) |
systemd (204-5ubuntu20.20) trusty-proposed; urgency=medium
* Build systemd binary package.
Drop installation of /etc/* aside from systemd's own config files. This
avoids a package conflict with systemd-services and we don't want to
support the full feature set anyway. (LP: #1616422)
* Disable SysV init support.
This just gets in the way when running systemd as a "deputy init".
* systemd: Add Conflicts: to systemd-shim
* Create/use private D-Bus socket also for systemd --system.
Without this we cannot use systemctl as root or when D-Bus is not running.
* Do not read units from /lib/systemd/system, but from /lib/systemd/upstart/
In Ubuntu 14.04 there are a lot of packages which ship a systemd system unit,
but almost all of these must not run for running systemd's service manager as a
"deputy" init alongside upstart. We do need some of them though, so read units
from /lib/systemd/upstart.
Only install the system units that we actually need for a deputy init (journal
and all targets).
* Add Breaks: to init-system-helpers that does not yet have a disabled
deb-systemd-invoke, to complete the previous change.
* Add upstart job for deputy systemd init.
We also need to clean up /run/systemd/system after stop, so that things which
check if systemd is running don't get confused.
* Add dummy D-Bus units.
These are built in for exposing systemd itself onto the system bus.
* Drop LSB init hook.
We must not redirect SysV init scripts to systemd when running as deputy init.
* Stop systemd deputy upstart job on dist-upgrades.
Also drop the removal guard as we do want to be able to remove the systemd
package while it's only running the deputy init.
* Update Vcs-Git: for new trusty git branch.
-- Martin Pitt <email address hidden> Thu, 10 Nov 2016 15:14:54 +0100
Available diffs
| Superseded in zesty-release on 2016-11-22 |
| Deleted in zesty-proposed on 2016-11-23 (Reason: moved to release) |
systemd (232-3) unstable; urgency=medium
[ Felipe Sateler ]
* Make systemd-delta less confused on merged-usr systems. (Closes: #843070)
* Fix wrong paths for /bin/mount when compiled on merged-usr system.
Then the build system finds /usr/bin/mount which won't exist on a
split-/usr system. Set the paths explicitly in debian/rules and drop
Use-different-default-paths-for-various-binaries.patch. (Closes: #843433)
[ Martin Pitt ]
* debian/tests/logind: Split out "pid in logind session" test
* debian/tests/logind: Adjust "in logind session" test for unified cgroup
hierarchy
* debian/tests/boot-and-services: Check common properties of CLI programs.
Verify that CLI programs have a sane behaviour and exit code when being
called with --help, --version, or an invalid option.
* nspawn: Fix exit code for --help and --version (Closes: #843544)
* core: Revert using the unified hierarchy for the systemd cgroup.
Too many things don't get along with it yet, like docker, LXC, or runc.
(Closes: #843509)
-- Martin Pitt <email address hidden> Wed, 09 Nov 2016 09:34:45 +0100
Available diffs
- diff from 232-2git1 (in Ubuntu) to 232-3 (3.9 KiB)
| Superseded in zesty-release on 2016-11-10 |
| Deleted in zesty-proposed on 2016-11-11 (Reason: moved to release) |
systemd (232-2git1) zesty; urgency=medium Upload current packaging git head to fix autopkgtest. [ Felipe Sateler ] * Make systemd-delta less confused on merged-usr systems. (Closes: #843070) [ Martin Pitt ] * debian/tests/logind: Split out "pid in logind session" test * debian/tests/logind: Adjust "in logind session" test for unified cgroup hierarchy -- Felipe Sateler <email address hidden> Mon, 07 Nov 2016 13:09:01 +0100
Available diffs
- diff from 231-10 (in Debian) to 232-2git1 (585.8 KiB)
- diff from 232-2 (in Debian) to 232-2git1 (1.8 KiB)
systemd (232-2) unstable; urgency=medium
* Drop RestrictAddressFamilies from service files.
RestrictAddressFamilies= is broken on 32bit architectures and causes
various services to fail with a timeout, including
systemd-udevd.service.
While this might actually be a libseccomp issue, remove this option for
now until a proper solution is found. (Closes: #843160)
-- Michael Biebl <email address hidden> Sat, 05 Nov 2016 22:43:27 +0100
Available diffs
- diff from 232-1 to 232-2 (2.1 KiB)
systemd (232-1) unstable; urgency=medium
[ Martin Pitt ]
* New upstream release 232:
- Fix "systemctl start" when ReadWriteDirectories is a symlink
(Closes: ##792187)
- Fix "journalctl --setup-keys" output (Closes: #839097)
- Run run sysctl service if /proc/sys/net is writable, for containers
(Closes: #840529)
- resolved: Add d.f.ip6.arpa to the DNSSEC default negative trust anchors
(Closes: #834453)
* debian/tests/logind: Copy the current on-disk unit instead of the
on-memory one.
* Build sd-boot on arm64. gnu-efi is available on arm64 now.
(Closes: #842617)
* Link test-seccomp against seccomp libs to fix FTBFS
* debian/rules: Remove nss-systemd (until we package it)
* Install new systemd-mount
[ Michael Biebl ]
* Install new journal-upload.conf man pages in systemd-journal-remote
-- Martin Pitt <email address hidden> Fri, 04 Nov 2016 07:18:10 +0200
Available diffs
- diff from 231-10 to 232-1 (582.7 KiB)
| Superseded in zesty-release on 2016-11-07 |
| Deleted in zesty-proposed on 2016-11-09 (Reason: moved to release) |
systemd (231-10) unstable; urgency=medium
[ Martin Pitt ]
* systemctl: Add --wait option to wait until started units terminate again.
* nss-resolve: return NOTFOUND instead of UNAVAIL on resolution errors.
This makes it possible to configure a fallback to "dns" without breaking
DNSSEC, with "resolve [!UNAVAIL=return] dns".
* libnss-resolve.postinst: Skip dns fallback if resolve is present.
Only fall back to "dns" if nss-resolve is not installed (for the
architecture of the calling program). Once it is, we never want to fall
back to "dns" as that breaks enforcing DNSSEC verification and also
pointlessly retries NXDOMAIN failures. (LP: #1624071)
* unit: sent change signal before removing the unit if necessary
(LP: #1632964)
* networkd: Fix assertion crash on adding VTI with IPv6 addresses
(LP: #1633274)
* debian/tests/upstream: Stop specifying initrd, it is autodetected now.
* debian/tests/upstream: Add gcc/libc-dev/make test dependencies,
so that the tests can build helper binaries.
[ Felipe Sateler ]
* Explicitly disable installing the upstream-provided PAM configuration.
* Register interest in the status of dracut and initramfs-tools in reportbug
template
[ Michael Biebl ]
* Stop creating systemd-update-utmp-runlevel.service symlinks manually
-- Martin Pitt <email address hidden> Wed, 26 Oct 2016 13:24:37 +0200
Available diffs
| 1 → 75 of 328 results | First • Previous • Next • Last |
