-
systemd (239-7ubuntu10.14) cosmic; urgency=medium
* d/p/resolved-rework-how-we-determine-which-scope-to-send.patch
- fix DNS leakage (LP: 1754671)
* d/t/boot-and-services:
- skip test_no_failed if gdm failed to start (LP: #1830484)
* d/p/ask-password-prevent-buffer-overrow-when-reading-fro.patch:
- prevent buffer overflow when reading keyring (LP: #1814373)
* d/t/boot-smoke:
- Fix false negative checking for running jobs after boot
(LP: #1825997)
-- Dan Streetman <email address hidden> Wed, 24 Apr 2019 17:08:26 -0400
-
systemd (239-7ubuntu10.13) cosmic; urgency=medium
[ Ioanna Alifieraki ]
* d/p/backport_network-fix-return-value-of-routing_policy_rule_get.patch,
d/p/backport_network-remove-routing-policy-rule-from-foreign.patch,
d/p/backport_network-do-not-remove-rule-when-requested-by-existing-links.patch:
- Fix RoutingPolicyRule does not apply correctly (LP: #1818282)
[ Dan Streetman ]
* d/p/networkd-Track-address-configuration.patch,
d/p/networkd-Use-only-a-generic-CONFIGURING-state.patch,
d/p/networkd-don-t-remove-route.patch,
d/p/networkd-don-t-remove-ip-address.patch,
d/p/Move-link_check_ready-to-later-in-the-file.patch,
d/p/network-set-_configured-flags-to-false-before-reques.patch,
d/p/Install-routes-after-addresses-are-ready.patch:
- PreferredSource not working in *.network files (LP: #1812760)
* Specify Ubuntu's Vcs-Git
-- Dan Streetman <email address hidden> Thu, 04 Apr 2019 07:29:38 -0400
-
systemd (239-7ubuntu10.12) cosmic-security; urgency=medium
* SECURITY UDPATE: Unsafe environment usage in pam_systemd.so leads to
incorrect Policykit authorization
- debian/patches/CVE-2019-3842.patch: Use secure_getenv() rather than
getenv() in pam_systemd.c
- CVE-2019-3842
-- Chris Coulson <email address hidden> Wed, 03 Apr 2019 11:52:48 +0100
-
systemd (239-7ubuntu10.11) cosmic; urgency=medium
* virt: detect WSL environment as a container (LP: #1816753)
-- Balint Reczey <email address hidden> Mon, 25 Mar 2019 11:30:22 +0100
-
systemd (239-7ubuntu10.10) cosmic; urgency=medium
[ Victor Tapia ]
* d/p/stop-mount-error-propagation.patch:
keep mount errors local to the failing mount point instead of
blocking the processing of all mounts (LP: #1755863)
-- Dan Streetman <email address hidden> Thu, 28 Feb 2019 14:29:48 -0500
-
systemd (239-7ubuntu10.9) cosmic; urgency=medium
[ Victor Tapia ]
* d/p/stop-mount-error-propagation.patch:
keep mount errors local to the failing mount point instead of
blocking the processing of all mounts (LP: #1755863)
[ Daniel Axtens ]
* Fix a bug where IPv6 routes that specified PreferredSource
would not be added - upstream bug #5882. (LP: #1812760)
- debian/patches/networkd-don-t-remove-ip-address.patch,
debian/patches/networkd-don-t-remove-route.patch: don't clear out all
IP addresses and routes when starting, only ones not in the config.
Required for the remaining patches to fully cover the field.
- debian/patches/Move-link_check_ready-to-later-in-the-file.patch,
debian/patches/Install-routes-after-addresses-are-ready.patch: wait
until addresses are ready (not tentative) before installing routes,
allowing routes with IPv6 source addresses to work.
-- Dan Streetman <email address hidden> Thu, 28 Feb 2019 14:29:48 -0500
-
systemd (239-7ubuntu10.8) cosmic-security; urgency=medium
* SECURITY UPDATE: denial of service via crafted dbus message
- debian/patches/CVE-2019-6454.patch: sd-bus: enforce a size limit for
dbus paths, and don't allocate them on the stack
- debian/patches/sd-bus-if-we-receive-an-invalid-dbus-message-ignore-.patch:
sd-bus: if we receive an invalid dbus message, ignore and proceeed
- CVE-2019-6454
* Do not remove multiple spaces after identifier in syslog message
- add debian/patches/journal-do-not-remove-multiple-spaces-after-identifi.patch
-- Chris Coulson <email address hidden> Tue, 12 Feb 2019 00:41:18 +0000
-
systemd (239-7ubuntu10.7) cosmic; urgency=medium
* d/p/resolve-enable-EDNS0-towards-the-127.0.0.53-stub-res.patch
getaddrinfo() failures when fallback to dns tcp queries, so enable
edns0 in resolv.conf (LP: #1811471)
[ Victor Tapia ]
* d/p/resolved-Increase-size-of-TCP-stub-replies.patch
dns failures with edns0 disabled and truncated response (LP: #1804487)
-- Dan Streetman <email address hidden> Tue, 29 Jan 2019 14:19:39 -0500
-
systemd (239-7ubuntu10.6) cosmic-security; urgency=medium
* SECURITY UPDATE: memory corruption in journald via attacker controlled alloca
- debian/patches/CVE-2018-16864.patch: journald: do not store the iovec
entry for process commandline on the stack
- CVE-2018-16864
* SECURITY UPDATE: memory corruption in journald via attacker controlled alloca
- debian/patches/CVE-2018-16865_1.patch: journald: set a limit on the
number of fields (1k)
- debian/patches/CVE-2018-16865_2.patch: journal-remote: set a limit on the
number of fields in a message
- CVE-2018-16865
* SECURITY UPDATE: out-of-bounds read in journald
- debian/patches/CVE-2018-16866.patch: journal: fix syslog_parse_identifier()
- CVE-2018-16866
* Fix LP: #1804603 - btrfs-util: unbreak tmpfiles' subvol creation
- add debian/patches/btrfs-util-unbreak-tmpfiles-subvol-creation.patch
- update debian/patches/series
* Fix LP: #1804864 - test: Set executable bits on TEST-22-TMPFILES shell scripts
- add debian/patches/test-Set-executable-bits-on-TEST-22-TMPFILES-shell-script.patch
- update debian/patches/series
-- Chris Coulson <email address hidden> Wed, 09 Jan 2019 14:37:15 +0000
-
systemd (239-7ubuntu10.5) cosmic; urgency=medium
* hwdb: Revert wlan keycode changes, rely on xkeyboard-config fixes instead.
(LP: #1799364)
Author: seb128
Files:
- debian/patches/hwdb-Fix-wlan-keycode-for-all-Dell-Latitude-and-Precision.patch
- debian/patches/hwdb-revert-airplane-mode-keys-handling-on-Dell.patch
https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=733d60b7506bfede3d1c228450dc37d442d91bfe
* hwdb: Update PNP IDs of Goldstar (now: LG Electronics) (LP: #1804584)
File: debian/patches/hwdb-Update-PNP-IDs-of-Goldstar-now-LG-Electronics-.-1005.patch
https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=8afd6cde7d389dcc8c376a3c25532485206eb8fa
* btrfs-util: unbreak tmpfiles' subvol creation (LP: #1804603)
File: debian/patches/btrfs-util-unbreak-tmpfiles-subvol-creation.patch
https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=8e797663fc6260596a163a9496b6c3d17289258a
* test: Set executable bits on TEST-22-TMPFILES shell scripts. (LP: #1804864)
File: debian/patches/test-Set-executable-bits-on-TEST-22-TMPFILES-shell-script.patch
https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=fb79b16ec0d6e24603bad6a52be793dc34ae77e1
* Stop testing that gdm3 is up.
Ubuntu Desktop is only supported on amd64, and on real hardware. Testing that
gdm3 fails to start (yet continues to be running, with a half broken logind
session) is not useful on dummy xorg video cards in nested VMs.
(LP: #1805358)
File: debian/tests/control
https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=969183a983e22c7f923cc21b6bb1789e2af30746
* core: set /run size to 10%, like initramfs-tools does.
Currently there is a difference between initrd and initrd-less boots,
w.r.t. size= mount option of /run. This yields different runtime journald caps
(1% vs 10%), and on dense deployments of containers may result in OOM kills.
(LP: #1799251)
File: debian/patches/debian/UBUNTU-core-set-run-size-to-10-like-initramfs-tools-does.patch
https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=78445beff750e38b87cee0ca41883a09d613ce51
* resolved: Increase size of TCP stub replies.
DNS_PACKET_PAYLOAD_SIZE_MAX is limiting the size of the stub replies to
512 with EDNS off or 4096 with EDNS on, without checking the protocol
used. This makes TCP replies for clients without EDNS support to be
limited to 512, making the truncate flag useless if the query result is
bigger than 512 bytes.
This commit increases the size of TCP replies to DNS_PACKET_SIZE_MAX
Fixes: #10816
(cherry picked from commit e6eed9445956cfa496e1db933bfd3530db23bfce)
(LP: #1804487)
Author: Victor Tapia
File: debian/patches/resolved-Increase-size-of-TCP-stub-replies.patch
https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=5c939591ebc128be9920e6c05dc72277fdce935e
-- Dimitri John Ledkov <email address hidden> Tue, 04 Dec 2018 10:18:46 +0000
-
systemd (239-7ubuntu10.4) cosmic-security; urgency=medium
[ Chris Coulson ]
* SECURITY UPDATE: symlink mishandling in systemd-tmpfiles
- debian/patches/CVE-2018-6954_2.patch: backport the remaining patches to
resolve this completely
- CVE-2018-6954
[ Balint Reczey ]
* Fix LP: #1803391 - Skip daemon-reexec and try-restarts during shutdown
- update debian/systemd.postinst
-- Chris Coulson <email address hidden> Thu, 15 Nov 2018 20:42:32 +0000
-
systemd (239-7ubuntu10.3) cosmic-security; urgency=medium
* SECURITY UPDATE: reexec state injection
- debian/patches/CVE-2018-15686.patch: when deserializing state always use
read_line(…, LONG_LINE_MAX, …) rather than fgets()
- CVE-2018-15686
* SECURITY UPDATE: chown_one() can dereference symlinks
- debian/patches/CVE-2018-15687.patch: rework recursive logic to use O_PATH
- CVE-2018-15687
-- Chris Coulson <email address hidden> Tue, 06 Nov 2018 20:52:41 +0000
-
systemd (239-7ubuntu10.1) cosmic-security; urgency=medium
* SECURITY UPDATE: buffer overflow in dhcp6 client
- debian/patches/CVE-2018-15688.patch: make sure we have enough space
for the DHCP6 option header in src/libsystemd-network/dhcp6-option.c.
- CVE-2018-15688
-- Marc Deslauriers <email address hidden> Wed, 31 Oct 2018 11:36:32 -0400
-
systemd (239-7ubuntu10) cosmic; urgency=medium
* units: Disable journald Watchdog (LP: #1773148)
* Add conflicts with upstart and systemd-shim. (LP: #1773859)
-- Dimitri John Ledkov <email address hidden> Thu, 04 Oct 2018 15:58:51 +0100
-
systemd (239-7ubuntu9) cosmic; urgency=medium
* core: export environment when running generators.
Ensure that manager's environment (including e.g. PATH) is exported when
running generators. Otherwise, one is at a mercy of running without PATH which
can lead to buggy generator behaviour. (LP: #1771858)
-- Dimitri John Ledkov <email address hidden> Wed, 26 Sep 2018 11:01:58 +0100
-
systemd (239-7ubuntu8) cosmic; urgency=medium
[ Dimitri John Ledkov ]
* Cherrypick many bugfixes from master.
* systemctl: correctly proceed to immediate shutdown if scheduling fails
(LP: #1670291)
[ Julian Andres Klode ]
* Improve networkd states documentation.
-- Dimitri John Ledkov <email address hidden> Wed, 12 Sep 2018 16:03:08 +0100
-
systemd (239-7ubuntu7) cosmic; urgency=medium
* boot-and-services: skip gdm test, when gdm-x-session fails.
Across all architectures, gdm fails to come up reliably since cosmic.
(LP: #1790478)
-- Dimitri John Ledkov <email address hidden> Mon, 03 Sep 2018 16:33:00 +0100
-
systemd (239-7ubuntu6) cosmic; urgency=medium
[ Dimitri John Ledkov ]
* debian/control: strengthen dependencies.
Make systemd-sysv depend on matching version of systemd. Autopkgtests at times
upgrade systemd-sysv without upgrading systemd. However, upgrading systemd-sysv
alone makes little sense.
Make systemd conflict, rather than just break, systemd-shim. As there are
upgrade failures cause by systemd-shim presence whilst upgrading to new
systemd.
* Correct gdm3 exclution on arm64, in boot-and-services test.
[ Christian Ehrhardt ]
* Improve autopkgtest success rate, by bumping up timeouts. (LP: #1789841)
systemd (239-7ubuntu5) cosmic; urgency=medium
[ Michael Biebl ]
* Clean up dbus-org.freedesktop.timesync1.service Alias on purge
(Closes: #904290)
[ Martin Pitt ]
* timedated: Fix wrong PropertyChanged values and refcounting
[ Dimitri John Ledkov ]
* autopkgtest: drop gdm3 on arm64 as well.
The cloud instances are configured without a graphics card, and thus X fails to
start, hence the gdm test fails.
* Revert "Workaround broken meson copying symlinked data files, as dangling symlinks."
This reverts commit 059bfb5349123fabc8c92324e0473193f01fc87c.
* Cherrypick v239-stable patches.
* cryptsetup: add support for sector-size= option (LP: #1776626)
* Cherrypick upstrem patches to fix ftbfs with new glibc.
[ Michael Vogt ]
* Re-add support for /etc/writable for core18. (LP: #1778936)
-- Dimitri John Ledkov <email address hidden> Fri, 31 Aug 2018 14:17:54 +0100
-
systemd (239-7ubuntu5) cosmic; urgency=medium
[ Michael Biebl ]
* Clean up dbus-org.freedesktop.timesync1.service Alias on purge
(Closes: #904290)
[ Martin Pitt ]
* timedated: Fix wrong PropertyChanged values and refcounting
[ Dimitri John Ledkov ]
* autopkgtest: drop gdm3 on arm64 as well.
The cloud instances are configured without a graphics card, and thus X fails to
start, hence the gdm test fails.
* Revert "Workaround broken meson copying symlinked data files, as dangling symlinks."
This reverts commit 059bfb5349123fabc8c92324e0473193f01fc87c.
* Cherrypick v239-stable patches.
* cryptsetup: add support for sector-size= option (LP: #1776626)
* Cherrypick upstrem patches to fix ftbfs with new glibc.
[ Michael Vogt ]
* Re-add support for /etc/writable for core18. (LP: #1778936)
-- Dimitri John Ledkov <email address hidden> Tue, 28 Aug 2018 17:35:51 +0100
-
systemd (239-7ubuntu4) cosmic; urgency=medium
* Workaround broken meson copying symlinked data files, as dangling symlinks.
-- Dimitri John Ledkov <email address hidden> Wed, 22 Aug 2018 14:11:35 +0100
-
systemd (239-7ubuntu3) cosmic; urgency=medium
* Revert "networkd: Unify set MTU"
This reverts commit 44b598a1c9d11c23420a5ef45ff11bcb0ed195eb due to regression
of ignoring LinkLocalAddressing=no.
Bug-Upstream: https://github.com/systemd/systemd/issues/9890
-- Dimitri John Ledkov <email address hidden> Tue, 21 Aug 2018 21:51:31 +0100
-
systemd (239-7ubuntu2) cosmic; urgency=medium
* test-sleep: skip test_fiemap upon inapproriate ioctl for device.
On v4.4 kernels, on top of btrfs ephemeral lxd v3.0 containers generate this
other error code, instead of not supported. Skip the test for both error codes.
-- Dimitri John Ledkov <email address hidden> Fri, 03 Aug 2018 16:49:10 +0100
-
systemd (239-7ubuntu1) cosmic; urgency=medium
Merged from Debian Unstable, remaining changes are:
* Set UseDomains to true, by default, on Ubuntu.
* Enable systemd-resolved by default.
* postinst: Create /etc/resolv.conf at postinst, pointing at the stub
resolver.
* postinst: drop empty/stock /etc/rc.local.
* postinst: enable persistent journal.
* Drop systemd.prerm safety check.
* Ship systemd sysctl settings.
* libnss-resolve: do not disable and stop systemd-resolved.
* boot-smoke: refactor ADT test.
* Fix test-functions failing with Ubuntu units.
* units: set ConditionVirtualization=!private-users on journald audit socket.
* units: drop resolvconf.conf drop-in, resolved integration moved to
resolvconf package.
* debian/tests: Switch to gdm3, enforce udev upgrade.
* Ubuntu/extra: ship dhclient-enter hook.
* Ignore failures to set Nice priority on services in containers.
* systemd-fsckd: Fix ADT tests to work on s390x too.
* Disable LLMNR and MulticastDNS by default.
* Enable qemu tests on most architectures.
* debian/tests/systemd-fsckd: update assertions expectations for v237.
* test/test-fs-util: detect container, in addition to root.
* test/test-functions: launch qemu-system with -vga none.
* Blacklist TEST-16-EXTEND-TIMEOUT.
* tests/boot-smoke: ignore udevd connection timeouts resolving colord group.
* tests/systemd-fsckd: ignore systemd_fsck_with_plymouth_failure.
* tests/control: ensure boot-smoke uses latest systemd & udev.
* wait-online: do not wait, if no links are managed (neither configured, or
failed).
* journald.service: set Nice=-1 to dodge watchdog on soft lockups.
* Workaround captive portals not responding to EDNS0 queries.
* resolved: Listen on both TCP and UDP by default.
* Recommend networkd-dispatcher
* networkd: if RA was implicit, do not await ndisc_configured.
* udev-udeb: ship modprobe.d snippet to force scsi_mod.scan=sync in d-i.
* Skip starting systemd-remount-fs.service in containers.
* Add "AssumedApparmorLabel=unconfined" to timedate1 dbus service file.
* Disable dh_installinit generation of tmpfiles for the systemd package.
Replace with a manual safe call to systemd-tmpfiles which will process any
updates to the tmpfiles shipped by systemd package, taking into account any
overrides shipped by other packages, sysadmin, or specified in the runtime
directories. (LP: #1748147)
* Enable EFI/bootctl on armhf.
* boot-and-services: stderr is ok, for status command on the c1 container.
* Skip systemd-fsckd on arm64, because of broken/lack of clean shutdown.
* adt: boot-and-services: assert any kernel syslog messages.
* debian/extra/start-udev: Set scsi_mod scan=sync even if it's builtin to the
kernel (we previously only set it in modprobe.d) LP: #1779815
* units: conditionalize more units to not start in containers.
* tests: conditionalize more unit tests to pass in LXD container.
systemd (239-7) unstable; urgency=medium
* autopkgtest: Add iputils-ping dependency to root-unittests.
The ping binary is required by test-bpf.
* autopkgtest: Add dbus-user-session and libpam-systemd dependency to
root-unittests.
Without a working D-Bus user session, a lot of the test-bus-* tests are
skipped.
* network/link: Fix logic error in matching devices by MAC (Closes: #904198)
systemd (239-6) unstable; urgency=medium
[ Martin Pitt ]
* autopkgtest: Install libnss-systemd.
Make sure that dynamic users can be resolved. This e. g. prevents a
startup failure for systemd-resolved.
* autopkgtest: Add missing python3 test dependency for udev test
[ Michael Biebl ]
* autopkgtest: Make AppArmor violator test work with merged-usr
* Make /dev/kvm accessible to local users and group kvm.
Re-add the uaccess tag to /dev/kvm to make it accessible to local
users. Access is also granted via group kvm, so create that in
udev.postinst. (Closes: #887852)
* Move a few man pages from systemd to systemd-journal-remote.
The systemd package shipped a few systemd-journal-remote and
systemd-journal-upload related man pages which really belong into the
systemd-journal-remote package. Move those man pages into the correct
package and add a Breaks/Replaces against systemd accordingly.
(Closes: #903557)
* autopkgtest: Drop no-longer needed workaround from upstream test
* Go back to statically allocate system users for timesyncd, networkd and
resolved.
There are currently too many open issues related to D-Bus and the usage
of DynamicUser. (Closes: #902971)
* Change python3-minimal dependency to python3.
While we strictly only need python3-minimal, the usage of
python3-minimal triggers a lintian error: depends-on-python-minimal
* test: Drop SKIP_INITRD for QEMU-based tests.
The Debian Linux kernel ships ext4 support as a module, so we require an
initrd to successfully start the QEMU images.
* debian/tests/localed-x11-keymap: Deal with absence of
/etc/default/keyboard more gracefully
* autopkgtest: Add various dependencies to make upstream test pass on Debian
- netcat-openbsd: Required by TEST-12-ISSUE-3171.
- busybox-static: Required by TEST-13-NSPAWN-SMOKE.
- plymouth: Required by TEST-15-DROPIN and TEST-22-TMPFILES.
* Drop seccomp system call filter for udev.
The seccomp based system call whitelist requires at least systemd 239 to
be the active init and during a dist-upgrade we can't guarantee that
systemd has been fully configured before udev is restarted.
The versioned systemd Breaks that was added to udev for #902185 didn't
really fix this issue, so revert that change again. (Closes: #903224)
systemd (239-5) unstable; urgency=medium
* Add inverse version restriction of the Breaks to the systemd-shim
alternative in libpam-systemd.
Otherwise apt will fail to find an installation path for libpam-systemd
in cases where libpam-systemd is an indirect dependency. (Closes: #902998)
systemd (239-4) unstable; urgency=medium
[ Michael Biebl ]
* Drop outdated section from README.Debian about switching back to SysV init
* sleep: Fix one more printf format of a fiemap field
* basic: Add missing comma in raw_clone assembly for sparc
* bus-util: Make log level lower in request_name_destroy_callback()
* tmpfiles: Specify access mode for /run/systemd/netif
* Add Breaks against python-dbusmock (<< 0.18) to systemd.
The logind and timedated tests in python-dbusmock were broken by the
latest systemd release and had to be adjusted to work with systemd 239.
See #902602
* Drop patches which try to support running systemd services without systemd
as pid 1.
No one is currently actively maintaining systemd-shim, which means that
e.g. running systemd-logind no longer works when systemd is not pid 1.
Thus drop our no longer working patches. Bump the Breaks against
systemd-shim accordingly.
See #895292, #901404, #901405
[ Martin Pitt ]
* test: fix networkd-test.py rate limiting and dynamic user
systemd (239-3) unstable; urgency=medium
* Revert "systemctl: when removing enablement or mask symlinks, cover both
/run and /etc"
We currently have packages in the archive which use
"systemctl --runtime unmask" and are broken by this change.
This is a intermediate step until it is clear whether upstream will
revert this commit or whether we will have to update affected packages
to deal with this changed behaviour.
See #902287 and https://github.com/systemd/systemd/issues/9393
systemd (239-2) unstable; urgency=medium
* sleep: Fix printf format of fiemap fields.
This should fix a FTBFS on ia64.
* timesync: Change type of drift_freq to int64_t.
This should fix a FTBFS on x32.
* Bump systemd Breaks to ensure it is upgraded in lockstep with udev.
The hardening features used by systemd-udevd.service require systemd 239
and udev will fail to start with older versions. (Closes: #902185)
systemd (239-1) unstable; urgency=medium
[ Michael Biebl ]
* New upstream version 239
* Drop alternative iptables-dev Build-Depends.
It is no longer needed as both Ubuntu and Debian now ship libiptc-dev in
their latest stable (LTS) release.
* Drop alternative btrfs-tools Recommends.
It is no longer needed as btrfs-progs is now available in both Debian
and Ubuntu and keeping the alternative around prevents the transitional
package from being autoremoved.
* Disable installation of RPM macros.
This avoids having to remove them manually later on.
* Drop cleanup rules for libtool .la files.
With the switch to Meson, libtool is no longer used.
* Drop fallback for older kernels when running the test suite.
We now assume that we have a kernel newer then 3.13.
* Stop cleaning up .busname units.
Those are gone upstream, so we no longer need to remove them manually.
* Update symbols file for libsystemd0
* Rebase patches
* Install new resolvectl tool.
Don't ship the /sbin/resolvconf compat symlink in the systemd package,
as this would cause a file conflict with the resolvconf and openresolv
package.
* Disable support for "Portable Services"
This is still an experimental feature.
* Disable pristine-tar in gbp.conf.
It is currently not possible to import the systemd v239 tarball using
pristine-tar due to #902115.
* Bump Build-Depends on meson to (>= 0.44)
* Stop setting the path for the kill binary, no longer necessary
* Stop creating systemd-network and systemd-resolve system user
systemd-networkd.service and systemd-resolved.service now use
DynamicUser=yes.
[ Dimitri John Ledkov ]
* Run all upstream tests, and then report all that failed.
-- Dimitri John Ledkov <email address hidden> Thu, 26 Jul 2018 16:26:22 +0100
-
systemd (238-5ubuntu3) cosmic; urgency=medium
* debian/extra/start-udev: Set scsi_mod scan=sync even if it's builtin
to the kernel (we previously only set it in modprobe.d) LP: #1779815
-- Adam Conrad <email address hidden> Fri, 20 Jul 2018 11:13:58 -0600
-
systemd (238-5ubuntu2) cosmic; urgency=medium
* Disable dh_installinit generation of tmpfiles for the systemd package.
Replace with a manual safe call to systemd-tmpfiles which will process any
updates to the tmpfiles shipped by systemd package, taking into account any
overrides shipped by other packages, sysadmin, or specified in the runtime
directories. (LP: #1748147)
* Re-cherrypick keyring setreuid/setregid tricks, as that was merged post-v238.
* Enable EFI/bootctl on armhf.
* boot-and-services: stderr is ok, for status command on the c1 container.
systemctl may print warnings on the stderr when checking the status of
completed units. This should not, overall fail the autopkgtest run.
-- Dimitri John Ledkov 🌈 <email address hidden> Tue, 26 Jun 2018 10:55:51 +0100
-
systemd (238-5ubuntu1) cosmic; urgency=medium
Merged from Debian Unstable, remaining changes are:
* Set UseDomains to true, by default, on Ubuntu.
* Enable systemd-resolved by default.
* postinst: Create /etc/resolv.conf at postinst, pointing at the stub
resolver.
* postinst: drop empty/stock /etc/rc.local.
* postinst: enable persistent journal.
* Drop systemd.prerm safety check.
* Ship systemd sysctl settings.
* libnss-resolve: do not disable and stop systemd-resolved.
* boot-smoke: refactor ADT test.
* Fix test-functions failing with Ubuntu units.
* units: set ConditionVirtualization=!private-users on journald audit socket.
* units: drop resolvconf.conf drop-in, resolved integration moved to
resolvconf package.
* debian/tests: Switch to gdm3, enforce udev upgrade.
* Ubuntu/extra: ship dhclient-enter hook.
* Ignore failures to set Nice priority on services in containers.
* tests: Do not use nested kvm during ADT tests.
* systemd-fsckd: Fix ADT tests to work on s390x too.
* Disable LLMNR and MulticastDNS by default.
* Enable qemu tests on most architectures.
* debian/tests/systemd-fsckd: update assertions expectations for v237.
* test/test-fs-util: detect container, in addition to root.
* test/test-functions: launch qemu-system with -vga none.
* Blacklist TEST-16-EXTEND-TIMEOUT.
* tests/boot-smoke: ignore udevd connection timeouts resolving colord group.
* tests/systemd-fsckd: ignore systemd_fsck_with_plymouth_failure.
* tests/control: ensure boot-smoke uses latest systemd & udev.
* wait-online: do not wait, if no links are managed (neither configured, or
failed).
* journald.service: set Nice=-1 to dodge watchdog on soft lockups.
* Workaround captive portals not responding to EDNS0 queries.
* resolved: Listen on both TCP and UDP by default.
* Recommend networkd-dispatcher
* networkd: if RA was implicit, do not await ndisc_configured.
* udev-udeb: ship modprobe.d snippet to force scsi_mod.scan=sync in d-i.
* Skip starting systemd-remount-fs.service in containers.
* Add "AssumedApparmorLabel=unconfined" to timedate1 dbus service file.
* Apply systemd-stable/v238-stable patches.
* Cherrypick feature to hibernate with disk offsets.
* Remove dropped patches
* Drop merged keyring patch
* Drop write_persistent_net_s390x_virtio, as an LTS release was made.
* Revert debian/tests/upstream to be more like Debian's.
* Do not skip test-execute anymore, should be fixed on armhf now.
systemd (238-5) unstable; urgency=medium
[ Evgeny Vereshchagin ]
* upstream autopkgtest: Copy journal subdirectories.
Otherwise logs are missing on failures.
[ Martin Pitt ]
* debian/tests/boot-and-services: Ignore cpi.service failure.
This is apparently a regression in Ubuntu 18.04, not in systemd, so
ignore it.
[ Michael Biebl ]
* sd-bus: Do not try to close already closed fd (Closes: #896781)
* Use dh_missing to act on uninstalled files.
The usage of dh_install --fail-missing has been deprecated.
* meson: Avoid warning about comparison of bool and string.
The result of this is undefined and will become a hard error in a future
Meson release.
* login: Respect --no-wall when cancelling a shutdown request
(Closes: #897938)
* Add dependencies of libsystemd-shared to Pre-Depends.
This is necessary so systemctl is functional at all times during a
dist-upgrade. (Closes: #897986)
* Drop dh_strip override, the dbgsym migration is done
[ Felipe Sateler ]
* Don't include libmount.h in a header file.
Kernel and glibc headers both use MS_* constants, but are not in sync, so
only one of them can be used at a time. Thus, only import them where
needed. Works around #898743.
systemd (238-4) unstable; urgency=medium
[ Michael Biebl ]
* udev/net-id: Fix check for address to keep interface names stable
* debian/copyright: Move global wildcard section to the top
[ Martin Pitt ]
* Fix daemon reload failures
[ Laurent Bigonville ]
* Fix /sys/fs/cgroup mount when using SELinux.
Since v236, all cgroups except /sys/fs/cgroup/systemd and
/sys/fs/cgroup/unified are not mounted when SELinux is enabled (even in
permissive mode). Disabling SELinux completely restores these cgroups.
This patch fixes that issue by no longer making the assumption that those
cgroups are mounted by initrd/dracut before systemd is started.
systemd (238-3) unstable; urgency=medium
[ Martin Pitt ]
* Enable systemd-sysusers unit and provide correct Debian static u/gids.
Add a helper script debian/extra/make-sysusers-basic which generates a
sysusers.d(5) file from Debian's static master passwd/group files.
systemd 238 now supports specifying different uid and gid and a
non-default login shell, so this is possible now. (Closes: #888126)
* udev README.Debian: Include initrd rebuild and some clarifications in
migration.
While initrd update is already being mentioned in the introductory
section, it is easy to miss when going through the migration steps, so
explicitly mention it again. Also add a warning about keeping a fallback
on misconfigurations, and the possibility to migrate one interface at a
time.
Thanks to Karl O. Pinc for the suggestions! (Closes: #881769)
[ Michael Biebl ]
* basic/macros: Rename noreturn into _noreturn_.
"noreturn" is reserved and can be used in other header files we include.
(Closes: #893426)
* units: Fix SuccessAction that belongs to [Unit] section not [Service]
section (Closes: #893282)
systemd (238-2) unstable; urgency=medium
[ Alf Gaida ]
* core: do not free stack-allocated strings.
Fixes a crash in systemd when the cpuacct cgroup controller is not
available. (Closes: #892360)
systemd (238-1) unstable; urgency=medium
[ Michael Biebl ]
* New upstream version 238
- Fixes systemd-tmpfiles to correctly handle symlinks present in
non-terminal path components. (CVE-2018-6954, Closes: #890779)
* Rebase patches
* Use compat symlinks as provided by upstream.
As the upstream build system now creates those symlinks for us, we no
longer have to create them manually.
* Update symbols file for libsystemd0
* test-cgroup-util: bail out when running under a buildd environment
[ Dimitri John Ledkov ]
* systemd-sysv-install: Fix name initialisation.
Only initialise NAME after --root optional argument has been parsed,
otherwise NAME is initialized to e.g. `enable`, instead of to the
`unit-name`, resulting in failures. (LP: #1752882)
systemd (237-4) unstable; urgency=medium
[ Gunnar Hjalmarsson ]
* Fix PO template creation.
Cherry-pick upstream patches to build a correct systemd.pot including
the polkit policy files even without policykit-1 being installed.
(LP: #1707898)
[ Michael Biebl ]
* Drop mask for fuse SysV init script.
The fuse package has removed its SysV init script a long time ago, so
the mask is no longer needed.
* Replace two Debian specific patches which cherry-picks from upstream
master
-- Dimitri John Ledkov <email address hidden> Wed, 30 May 2018 14:30:45 +0100
-
systemd (237-3ubuntu11) cosmic; urgency=medium
[ Dimitri John Ledkov ]
* hwdb: Fix wlan/rfkill keycode on Dell systems. (LP: #1762385)
* Cherrypick upstream fix for corrected detection of Virtualbox & Xen.
(LP: #1768104)
* Further improve captive portal workarounds.
Retry any NXDOMAIN results with lower feature levels, instead of just those
with 'secure' in the domain name. (LP: #1766969)
* Bump gbp.conf to cosmic
[ Michael Biebl ]
* Add dependencies of libsystemd-shared to Pre-Depends.
This is necessary so systemctl is functional at all times during a
dist-upgrade. (Closes: #897986) (LP: #1771791)
* basic/macros: Rename noreturn into _noreturn_
"noreturn" is reserved and can be used in other header files we include.
(Closes: #893426)
[ Mario Limonciello ]
* Fix hibernate disk offsets.
Configure resume offset via sysfs, to enable resume from a swapfile.
(LP: #1760106)
[ Felipe Sateler ]
* Don't include libmount.h in a header file.
Kernel and glibc headers both use MS_* constants, but are not in sync, so
only one of them can be used at a time. Thus, only import them where needed
Works around #898743
-- Dimitri John Ledkov <email address hidden> Sat, 19 May 2018 00:35:30 +0100
-
systemd (237-3ubuntu10) bionic; urgency=medium
* Create tmpfiles for persistent journal in postinst only when running
systemd (LP: #1748659)
-- Balint Reczey <email address hidden> Fri, 20 Apr 2018 18:55:56 +0200
