[ubuntu/eoan-proposed] systemd 242-6ubuntu1 (Accepted)
Balint Reczey
rbalint at ubuntu.com
Mon Sep 23 20:17:14 UTC 2019
systemd (242-6ubuntu1) eoan; urgency=medium
[ Dan Streetman ]
* d/t/control: mark udev test skippable.
The udev test will return 77 (from udev-test.pl) if it can't
setup the test environment; mark it skipped in that case.
Author: Dan Streetman
File: debian/tests/control
https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=c3419bd2a30a78d05cca9c38e50c9726de7e7632
[ Dimitri John Ledkov ]
* debian/extra/wrap_cl.py: add changelog formatter
Author: Dimitri John Ledkov
Files:
- debian/extra/wrap_cl.py
- debian/gbp.conf
https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=26e69bceab9cec8df64cdca18cd71e7c0874f8b3
[ Balint Reczey ]
* debian/test/boot-and-services: Skip AppArmor tests in arm containers.
The test is failing on armhf testbeds using containers
File: debian/tests/boot-and-services
https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=9d3b35df77aa939365563a4edaee54ebb7f559a3
* d/t/control: run udev tests only with isolation-machine.
It fails in Ubuntu CI armhf containers and may fail elsewhere, too.
File: debian/tests/control
https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=b4b4c9bf44f4b8d7f75a4204aff697f549c8aad7
* Merge to Ubuntu from unstable
- Dropped changes:
* Skip starting systemd-remount-fs.service in containers
even when /etc/fstab is present.
File: debian/patches/debian/Skip-starting-systemd-remount-fs.service-in-containers.patch
* resolved: add support for pipelined requests
Files:
- debian/patches/llmnr-add-comment-why-we-install-no-complete-handler-on-s.patch
- debian/patches/resolved-add-comment-to-dns_stream_complete-about-its-err.patch
- debian/patches/resolved-keep-stub-stream-connections-up-for-as-long-as-c.patch
- debian/patches/resolved-only-call-complete-with-zero-argument-in-LLMNR-c.patch
- debian/patches/resolved-restart-stream-timeout-whenever-we-managed-to-re.patch
- debian/patches/stream-follow-coding-style-don-t-use-degrade-to-bool-for-.patch
- debian/patches/stream-track-type-of-DnsStream-object.patch
- debian/patches/transaction-simplify-handling-if-we-get-an-unexpected-DNS.patch
https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=8ad1db08c2135af098a33957ce7cffbe21fb683f
* pam-systemd: use secure_getenv() rather than getenv()
File: debian/patches/pam-systemd-use-secure_getenv-rather-than-getenv.patch
https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=f3291e9e8c3eafd0c8921cb26a0d5ee0fd563b3c
* support PPC64LE qemu based testing.
Files:
- debian/tests/control
https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=483a4daba07f809883883e8e8b9c365cfbf7256e
* tests/storage: make the test more resilient.
File: debian/tests/storage
https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=c08dcb1ffe372acd3a21496758a1984ff78dcdd4
* Wait for cryptsetup unit to start, before stopping.
File: debian/tests/storage
https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=b65aa350be7e61c65927fbc0921a750fcfaa51cd
* Fix typpo in storage test.
File: debian/tests/storage
https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=f28aa5fe4ab175b99b6ea702559c59ca473b4ca8
- Remaining changes:
* Set UseDomains to true, by default, on Ubuntu.
File: debian/patches/debian/Ubuntu-UseDomains-by-default.patch
* Enable systemd-resolved by default
File: debian/systemd.postinst
https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=05adfa0902115f51c1196ad623165a75bb8b4313
* Create /etc/resolv.conf at postinst, pointing at the stub resolver.
File: debian/systemd.postinst
https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=ef4adf46bbbe2d22508b70b889d23da53b85039d
* libnss-resolve: do not disable and stop systemd-resolved
File: debian/libnss-resolve.postrm
https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=95577d14e84e19b614b83b2e24985d89e8c2dac0
* Ignore failures to set Nice priority on services in containers.
File: debian/patches/debian/Ubuntu-core-in-execute-soft-fail-setting-Nice-priority-when.patch
https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=5b8e457f8d883fc6f55d33d46b3474926a495d29
* units: set ConditionVirtualization=!private-users on journald audit socket.
File: debian/patches/debian/Ubuntu-units-set-ConditionVirtualization-private-users-on-j.patch
https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=03ed18a9940731bbf794ad320fabf337488835c6
* debian/tests: Enforce udev upgrade.
Files:
- debian/tests/control
https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=f350b43ccc1aa31c745b4ccebbb4084d5cea41ff
* Always setup /etc/resolv.conf on new installations.
File: debian/systemd.postinst
https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=20bc8a37fa3c9620bed21a56a4eabd71db71d861
* Ubuntu/extra: ship dhclient-enter hook.
Files:
- debian/extra/dhclient-enter-resolved-hook
- debian/rules
https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=f3398a213f80b02bf3db0c1ce9e22d69f6d56764
https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=258893bae8cbb12670e4807636fe8f7e9fb5407a
https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=0725c1169ddde4f41cacba7af3e546704e2206be
* Disable systemd-networkd-wait-online by default.
File: debian/systemd.postinst
https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=694473d812b50d2fefd6494d494ca02b91bc8785
* postinst: drop empty/stock /etc/rc.local
File: debian/systemd.postinst
https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=e7d071a26a79558771303b0b87f007e650eaebbe
* Ship systemd sysctl settings.
Files:
- debian/patches/debian/UBUNTU-drop-kernel.-settings-from-sysctl-defaults-shipped.patch
- debian/rules
https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=7cd041a6d0ef459e4b2a82d8ea5fa1ce05184dfb
* systemd.postinst: enable persistent journal
File: debian/systemd.postinst
https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=f94f18d9dbc085b6a9ff33c141a6e542142f85b5
* Disable LLMNR and MulticastDNS by default
Files:
- debian/patches/debian/UBUNTU-resolved-disable-global-LLMNR-and-MulticastDNS.patch
https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=b4ec428e83696a5cd0405b677a35e97681867629
* Add "AssumedApparmorLabel=unconfined" to timedate1 dbus service file
File: debian/patches/debian/UBUNTU-Add-AssumedApparmorLabel-unconfined-to-timedate1-dbus.patch
https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=5ad0879e10bbe3d641f940260b93c7eb2cf4624c
* debian/tests/systemd-fsckd: update assertions expectations for v237
File: debian/tests/systemd-fsckd
https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=d5becd9a416b55dcdb7b9a7aba60c4e3d304e6a6
* test/test-functions: launch qemu-system with -vga none.
File: debian/patches/debian/UBUNTU-test-test-functions-launch-qemu-with-vga-none.patch
https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=90af1fa893cce5ed49999d16da0b793da6523394
* tests/boot-smoke: ignore udevd connection timeouts resolving colord group.
File: debian/tests/boot-smoke
https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=e1477b764fa9ef23f5181ef3d31a1332191c3e0b
* Drop systemd.prerm safety check.
File: debian/systemd.prerm
https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=0244c4d56556317f14eecc2f51871969ef02ba7b
* wait-online: do not wait, if no links are managed (neither configured, or failed).
File: debian/patches/debian/UBUNTU-wait-online-exit-if-no-links-are-managed.patch
https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=31f04c3fc769dacb3cf2a78240a1710a99a865b8
* journald.service: set Nice=-1 to dodge watchdog on soft lockups.
File: debian/patches/debian/UBUNTU-journald.service-set-Nice-1-to-dodge-watchdog-on-soft-loc.patch
https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=e0a9aeffac556492bf517ce2d23313ff7a277926
* Workaround captive portals not responding to EDNS0 queries (DVE-2018-0001).
File: debian/patches/resolved-Mitigate-DVE-2018-0001-by-retrying-NXDOMAIN-with.patch
https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=87d3fe81b7281687ecf3c0b9a8356e90cc714d0b
* Recommend networkd-dispatcher
File: debian/control
https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=d1e3b2c7e4757119da0d550b0b3c0a6626a176dc
* networkd: if RA was implicit, do not await ndisc_configured.
File: debian/patches/debian/UBUNTU-networkd-if-RA-was-implicit-do-not-await-ndisc_con.patch
https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=2f749ff528d1b788aa4ca778e954c16b213ee629
* udev-udeb: ship modprobe.d snippet to force scsi_mod.scan=sync in d-i.
Files:
- debian/extra/modprobe.d-udeb/scsi-mod-scan-sync.conf
- debian/udev-udeb.install
https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=eb6d8a2b9504917abb7aa2c4035fdbb7b98227f7
* Disable dh_installinit generation of tmpfiles for the systemd package.
Files:
- debian/rules
- debian/systemd.postinst
https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=1fd144cbe31cc7a9383cc76f21f4b84c22a9dd1b
* Enable EFI/bootctl on armhf.
File: debian/control
https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=043122f7d8a1487bfd357e815a6ece1ceea6e7d1
* boot-and-services: stderr is ok, for status command on the c1 container.
File: debian/tests/boot-and-services
https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=da14d34e7cc33c44ad67e64c9fd092f8cc1675f9
* Skip systemd-fsckd on arm64, because of broken/lack of clean shutdown.
File: debian/tests/systemd-fsckd
https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=bf5b501ac934497dbef5f64908ff37643dc7288e
* adt: boot-and-services: assert any kernel syslog messages.
File: debian/tests/boot-and-services
https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=29dc34f7a6e5dc505f6212c17c42e4420b47ed16
* debian/extra/start-udev: Set scsi_mod scan=sync even if it's builtin to the kernel (we previously only set it in modprobe.d)
Files:
- debian/extra/start-udev
https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=6b72628f8de991e2c67ac4289fc74daf3abe7d14
* units: conditionalize more units to not start in containers.
Files:
- debian/patches/debian/UBUNTU-units-block-CAP_SYS_MODULE-units-in-containers-too.patch
https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=3689afa1a782de8c19a757459b6360de1195ad55
* test-sleep: skip test_fiemap upon inapproriate ioctl for device.
File: debian/patches/debian/UBUNTU-test-sleep-skip-test_fiemap-upon-inapproriate-ioctl-.patch
https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=6ebb5b9f6b77760a5470e8a780d69875b1db76f7
* Re-add support for /etc/writable for core18
File: debian/patches/debian/UBUNTU-Support-system-image-read-only-etc.patch
https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=a5b5fca66c1127068e4ce0cc9ab497814211f4f7
* debian/control: strengthen dependencies.
File: debian/control
https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=d1ecf0c372f5212129c85ae60fddf26b2271a1fe
* Improve autopkgtest success rate, by bumping up timeouts
File: debian/patches/debian/UBUNTU-bump-selftest-timeouts.patch
https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=c05586d9da033bbfd6b6a74e10b87520843c7c48
* units: Disable journald Watchdog
File: debian/patches/debian/UBUNTU-units-disable-journald-watchdog.patch
https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=64d2b4f1d0d057073fba585f19823332e2a6eed5
* Add conflicts with upstart and systemd-shim
File: debian/control
https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=83ed7496afc7c27be026014d109855f7d0ad1176
* Specify Ubuntu's Vcs-Git
File: debian/control
https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=fd832930ef280c9a4a9dda2440d5a46a6fdb6232
* debian/systemd.postinst: Skip daemon-reexec and try-restarts during shutdown
File: debian/systemd.postinst
https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=51daab96ae79483b5e5fb62e1e0477c87ee11fd1
* Switch gbp.conf to disco.
File: debian/gbp.conf
https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=fea585b259e3e766d8d3dbc9690e879c054ddc87
* core: set /run size to 10%, like initramfs-tools does.
File: debian/patches/debian/UBUNTU-core-set-run-size-to-10-like-initramfs-tools-does.patch
https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=1fac2568fe716dc1a41bada78293dc6327a6df0d
* core: Revert strict mount namespacing/sandboxing, until LXD allows the needed mounts.
File: debian/patches/Revert-namespace-be-more-careful-when-handling-namespacin.patch
https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=030919ba5e4931d6ee576d0259fae67fe4ed9770
* networkd: [Route] PreferredSource not working in *.network files.
Files:
- debian/patches/debian/UBUNTU-networkd-if-RA-was-implicit-do-not-await-ndisc_con.patch
https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=b4e2ee0b2ac1be2ae78952890a56a2d5398df518
* debian/tests: blacklist upstream test-24-unit-tests on ppc64le.
File: debian/tests/upstream
https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=8062b9a2712c390010d2948eaf764a1b52e68715
* debian/control: Update Vcs-{Browser|Git} to Ubuntu's packaging repository
* debian/gbp.conf: Set tag format to ubuntu/*
* Only test that gdm3 comes up on amd64. Stalls on other arches.
File: debian/tests/control
https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=97cb13685dfb353045c449ec5d6d1df60f661079
* Fix false negative checking for running jobs after boot.
File: debian/tests/boot-smoke
https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=aeb01631efbaf3fe851dee15d496e0b66b5c347f
* Cherrypick ask-password: prevent buffer overrow when reading from keyring.
File: debian/patches/ask-password-prevent-buffer-overrow-when-reading-fro.patch
https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=6d6e9cbd4fc6e018031a4762e88f2c3aa19e24e8
* Wait for systemctl is-system-running state.
File: debian/tests/boot-smoke
https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=776998f1f55c445b6e385cab69a4219c42d00838
* random-util: eat up bad RDRAND values seen on AMD CPUs.
File: debian/patches/+rdrand-workaround-on-amd.patch
https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?h=ubuntu-eoan&id=6ab88231efca4b04b26de6cfb5d671be154aabe0
* Refresh patches
* debian/tests/boot-smoke: Restore exit handling Ubuntu delta lost in 241 merge
File: debian/tests/boot-smoke
https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=3bad1cf23cc91299471542e83c589f2b6237a162
* Skip falling back to device name when net_get_name(device) fails.
This fixes network-manager and netplan.io autopkgtests
File: debian/patches/Skip-falling-back-to-device-name-when-net_get_name-device.patch
https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=c79fe0e2dc29834e0cd236ade6e4e44a6ffb74fa
systemd (242-6) unstable; urgency=medium
[ Dan Streetman ]
* d/t/control: upstream test requires qemu-system-ppc on ppc64el
* d/t/control: install seabios for upstream test.
Some archs (at least arm64) qemu implementation require the vga bios.
[ Michael Biebl ]
* Drop unused lintian override
* network: fix ListenPort= in [WireGuard] section (Closes: #936198)
* d/e/r/73-usb-net-by-mac.rules: import net.ifnames only for network devices
(Closes: #934589)
* d/e/r/73-usb-net-by-mac.rules: skip if iface name was provided by
user-space
* Drop dbus activation stub service.
Since dbus 1.11.0, a dbus-daemon that is run with --systemd-activation
automatically assumes that o.fd.systemd1 is an activatable service.
As a result, with a new enough dbus version,
/usr/share/dbus-1/services/org.freedesktop.systemd1.service and
/usr/share/dbus-1/system-services/org.freedesktop.systemd1.service
become unnecessary and can be removed. (Closes: #914015)
* Revert "core: check start limit on condition checks too"
If a unit was referenced too often, it hit the restart limit and the
unit was marked as failed. Fixes a regression introduced in v242.
(Closes: #935829)
[ Michael Prokop ]
* README.Debian: document KillUserProcesses behavior in Debian
systemd (242-5) unstable; urgency=medium
[ Dan Streetman ]
* d/rules: add CONFFGLAGS_UPSTREAM to dh_auto_configure -- params
[ Michael Biebl ]
* core: never propagate reload failure to service result.
Fixes a regression introduced in v239 where the main process of a
service unit gets killed on reload if ExecReload fails. (Closes: #936032)
* shared/seccomp: add sync_file_range2.
Some architectures need the arguments to be reordered because of alignment
issues. Otherwise, it's the same as sync_file_range.
Fixes sync_file_range failures in nspawn containers on arm, ppc.
(Closes: #935091)
* bash-completion: don't sort syslog priorities.
By default, the available completions are sorted alphabetically, which
is counterproductive in case of syslog priorities. Override the default
behavior using the `nosort` option. (Closes: #913222)
* test-bpf: skip test when run inside containers
systemd (242-4) unstable; urgency=medium
* Upload to unstable
systemd (242-3) experimental; urgency=medium
[ Dan Streetman ]
* d/t/boot-and-services: fix test_failing()
* d/t/boot-and-services: check for any kernel message, not just first kernel
message (Closes: #929730)
* d/t/upstream: add TEST-30, TEST-34 to blacklist
* d/t/timedated: replace systemctl is-active with systemctl show
* d/t/control: root-unittests can break networking, add breaks-testbed
* d/t/control: mark udev test skippable
* d/t/upstream: always cleanup after (and before) each test
* d/t/control: upstream test requires dmeventd
* d/e/checkout-upstream: don't remove .git
* d/e/checkout-upstream: move change to debian/ files above other changes
* d/e/checkout-upstream: add UPSTREAM_KEEP_CHANGELOG param
* d/e/checkout-upstream: create git commits for each change
* d/e/checkout-upstream: switch from 'quilt' to 'native' format
* d/e/checkout-upstream: set user.name, user.email if unset
* d/t/storage: change plaintext_name to include testname
* d/t/storage: increase wait for plaintext_dev from 5 to 30 seconds
* d/t/storage: wait for service to start, only stop if active
* d/t/storage: don't search for 'scsi_debug' in ask_password
* d/t/storage: manage scsi_debug using add_hosts (Closes: #929728)
* d/t/storage: use short timeout waiting for scsi_debug block dev to appear
* d/t/storage: convert password agent into normal Thread
* d/t/storage: fail if socket info not in ask_password contents
* d/t/boot-smoke: pass failure reason to fail() to print instead of separate
echo
* d/t/boot-smoke: in fail() set +e so errors are ignored while gathering
data
* d/t/boot-smoke: gather still running jobs in fail()
* d/t/boot-smoke: wait for is-system-running
* d/t/boot-smoke: call fail if pidof polkitd fails
* d/t/boot-smoke: remove check for running jobs
[ Michael Biebl ]
* d/t/boot-smoke: check for NetworkManager instead of D-Bus activated
polkitd (Closes: #934992)
systemd (242-2) experimental; urgency=medium
[ Michael Biebl ]
* Drop dependency on lsb-base.
It is only needed when booting with sysvinit and initscripts, but
initscripts already Depends on lsb-base (see #864999).
* Stop removing enablement symlinks in /etc/systemd/system.
With v242 this is no longer necessary as `ninja install` will no longer
create those symlinks.
* Replace manual removal of halt-local.service with upstream patch
[ Dimitri John Ledkov ]
* Build manpages in .deb variant.
Upstream snapshots are switching to building manpages off by default.
[ Luca Boccassi ]
* Enable portabled and install related files in systemd-container.
Keep disabled for the udeb profile. (Closes: #918606)
systemd (242-1) experimental; urgency=medium
* New upstream version 242
- Change ownership/mode of the execution directories also for static users
(Closes: #919231)
- A new boolean sandboxing option RestrictSUIDSGID= has been added that is
built on seccomp. When turned on, creation of SUID/SGID files is
prohibited. The NoNewPrivileges= and the new RestrictSUIDSGID= options
are now implied if DynamicUser= is turned on for a service.
(Closes: #928102, CVE-2019-3843, CVE-2019-3844)
* Drop Revert-udev-network-device-renaming-immediately-give.patch.
This patch needs ongoing maintenance work to be adapted to new releases
and fails to apply with v242. Instead of investing more time into it we
are going to drop the patch as it was a hack anyway.
* Rebase patches
* Drop pre-stretch migration code
* Drop /sbin/udevadm compat symlink (Closes: #852580)
* socket-util: Make sure flush_accept() doesn't hang on unexpected
EOPNOTSUPP
* Enable regexp matching support in journalctl using pcre2 (Closes: #898892)
* Switch from libidn to libidn2 (Closes: #928615)
Date: Thu, 12 Sep 2019 10:28:46 +0200
Changed-By: Balint Reczey <rbalint at ubuntu.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/+source/systemd/242-6ubuntu1
-------------- next part --------------
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Thu, 12 Sep 2019 10:28:46 +0200
Source: systemd
Binary: systemd systemd-sysv systemd-container systemd-journal-remote systemd-coredump systemd-tests libpam-systemd libnss-myhostname libnss-mymachines libnss-resolve libnss-systemd libsystemd0 libsystemd-dev udev libudev1 libudev-dev udev-udeb libudev1-udeb
Architecture: source
Version: 242-6ubuntu1
Distribution: eoan
Urgency: medium
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Balint Reczey <rbalint at ubuntu.com>
Description:
libnss-myhostname - nss module providing fallback resolution for the current hostname
libnss-mymachines - nss module to resolve hostnames for local container instances
libnss-resolve - nss module to resolve names via systemd-resolved
libnss-systemd - nss module providing dynamic user and group name resolution
libpam-systemd - system and service manager - PAM module
libsystemd-dev - systemd utility library - development files
libsystemd0 - systemd utility library
libudev-dev - libudev development files
libudev1 - libudev shared library
libudev1-udeb - libudev shared library (udeb)
systemd - system and service manager
systemd-container - systemd container/nspawn tools
systemd-coredump - tools for storing and retrieving coredumps
systemd-journal-remote - tools for sending and receiving remote journal logs
systemd-sysv - system and service manager - SysV links
systemd-tests - tests for systemd
udev - /dev/ and hotplug management daemon
udev-udeb - /dev/ and hotplug management daemon (udeb)
Closes: 852580 898892 913222 914015 918606 919231 928102 928615 929728 929730 934589 934992 935091 935829 936032 936198
Changes:
systemd (242-6ubuntu1) eoan; urgency=medium
.
[ Dan Streetman ]
* d/t/control: mark udev test skippable.
The udev test will return 77 (from udev-test.pl) if it can't
setup the test environment; mark it skipped in that case.
Author: Dan Streetman
File: debian/tests/control
https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=c3419bd2a30a78d05cca9c38e50c9726de7e7632
.
[ Dimitri John Ledkov ]
* debian/extra/wrap_cl.py: add changelog formatter
Author: Dimitri John Ledkov
Files:
- debian/extra/wrap_cl.py
- debian/gbp.conf
https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=26e69bceab9cec8df64cdca18cd71e7c0874f8b3
.
[ Balint Reczey ]
* debian/test/boot-and-services: Skip AppArmor tests in arm containers.
The test is failing on armhf testbeds using containers
File: debian/tests/boot-and-services
https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=9d3b35df77aa939365563a4edaee54ebb7f559a3
* d/t/control: run udev tests only with isolation-machine.
It fails in Ubuntu CI armhf containers and may fail elsewhere, too.
File: debian/tests/control
https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=b4b4c9bf44f4b8d7f75a4204aff697f549c8aad7
* Merge to Ubuntu from unstable
- Dropped changes:
* Skip starting systemd-remount-fs.service in containers
even when /etc/fstab is present.
File: debian/patches/debian/Skip-starting-systemd-remount-fs.service-in-containers.patch
* resolved: add support for pipelined requests
Files:
- debian/patches/llmnr-add-comment-why-we-install-no-complete-handler-on-s.patch
- debian/patches/resolved-add-comment-to-dns_stream_complete-about-its-err.patch
- debian/patches/resolved-keep-stub-stream-connections-up-for-as-long-as-c.patch
- debian/patches/resolved-only-call-complete-with-zero-argument-in-LLMNR-c.patch
- debian/patches/resolved-restart-stream-timeout-whenever-we-managed-to-re.patch
- debian/patches/stream-follow-coding-style-don-t-use-degrade-to-bool-for-.patch
- debian/patches/stream-track-type-of-DnsStream-object.patch
- debian/patches/transaction-simplify-handling-if-we-get-an-unexpected-DNS.patch
https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=8ad1db08c2135af098a33957ce7cffbe21fb683f
* pam-systemd: use secure_getenv() rather than getenv()
File: debian/patches/pam-systemd-use-secure_getenv-rather-than-getenv.patch
https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=f3291e9e8c3eafd0c8921cb26a0d5ee0fd563b3c
* support PPC64LE qemu based testing.
Files:
- debian/tests/control
https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=483a4daba07f809883883e8e8b9c365cfbf7256e
* tests/storage: make the test more resilient.
File: debian/tests/storage
https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=c08dcb1ffe372acd3a21496758a1984ff78dcdd4
* Wait for cryptsetup unit to start, before stopping.
File: debian/tests/storage
https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=b65aa350be7e61c65927fbc0921a750fcfaa51cd
* Fix typpo in storage test.
File: debian/tests/storage
https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=f28aa5fe4ab175b99b6ea702559c59ca473b4ca8
- Remaining changes:
* Set UseDomains to true, by default, on Ubuntu.
File: debian/patches/debian/Ubuntu-UseDomains-by-default.patch
* Enable systemd-resolved by default
File: debian/systemd.postinst
https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=05adfa0902115f51c1196ad623165a75bb8b4313
* Create /etc/resolv.conf at postinst, pointing at the stub resolver.
File: debian/systemd.postinst
https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=ef4adf46bbbe2d22508b70b889d23da53b85039d
* libnss-resolve: do not disable and stop systemd-resolved
File: debian/libnss-resolve.postrm
https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=95577d14e84e19b614b83b2e24985d89e8c2dac0
* Ignore failures to set Nice priority on services in containers.
File: debian/patches/debian/Ubuntu-core-in-execute-soft-fail-setting-Nice-priority-when.patch
https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=5b8e457f8d883fc6f55d33d46b3474926a495d29
* units: set ConditionVirtualization=!private-users on journald audit socket.
File: debian/patches/debian/Ubuntu-units-set-ConditionVirtualization-private-users-on-j.patch
https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=03ed18a9940731bbf794ad320fabf337488835c6
* debian/tests: Enforce udev upgrade.
Files:
- debian/tests/control
https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=f350b43ccc1aa31c745b4ccebbb4084d5cea41ff
* Always setup /etc/resolv.conf on new installations.
File: debian/systemd.postinst
https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=20bc8a37fa3c9620bed21a56a4eabd71db71d861
* Ubuntu/extra: ship dhclient-enter hook.
Files:
- debian/extra/dhclient-enter-resolved-hook
- debian/rules
https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=f3398a213f80b02bf3db0c1ce9e22d69f6d56764
https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=258893bae8cbb12670e4807636fe8f7e9fb5407a
https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=0725c1169ddde4f41cacba7af3e546704e2206be
* Disable systemd-networkd-wait-online by default.
File: debian/systemd.postinst
https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=694473d812b50d2fefd6494d494ca02b91bc8785
* postinst: drop empty/stock /etc/rc.local
File: debian/systemd.postinst
https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=e7d071a26a79558771303b0b87f007e650eaebbe
* Ship systemd sysctl settings.
Files:
- debian/patches/debian/UBUNTU-drop-kernel.-settings-from-sysctl-defaults-shipped.patch
- debian/rules
https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=7cd041a6d0ef459e4b2a82d8ea5fa1ce05184dfb
* systemd.postinst: enable persistent journal
File: debian/systemd.postinst
https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=f94f18d9dbc085b6a9ff33c141a6e542142f85b5
* Disable LLMNR and MulticastDNS by default
Files:
- debian/patches/debian/UBUNTU-resolved-disable-global-LLMNR-and-MulticastDNS.patch
https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=b4ec428e83696a5cd0405b677a35e97681867629
* Add "AssumedApparmorLabel=unconfined" to timedate1 dbus service file
File: debian/patches/debian/UBUNTU-Add-AssumedApparmorLabel-unconfined-to-timedate1-dbus.patch
https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=5ad0879e10bbe3d641f940260b93c7eb2cf4624c
* debian/tests/systemd-fsckd: update assertions expectations for v237
File: debian/tests/systemd-fsckd
https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=d5becd9a416b55dcdb7b9a7aba60c4e3d304e6a6
* test/test-functions: launch qemu-system with -vga none.
File: debian/patches/debian/UBUNTU-test-test-functions-launch-qemu-with-vga-none.patch
https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=90af1fa893cce5ed49999d16da0b793da6523394
* tests/boot-smoke: ignore udevd connection timeouts resolving colord group.
File: debian/tests/boot-smoke
https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=e1477b764fa9ef23f5181ef3d31a1332191c3e0b
* Drop systemd.prerm safety check.
File: debian/systemd.prerm
https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=0244c4d56556317f14eecc2f51871969ef02ba7b
* wait-online: do not wait, if no links are managed (neither configured, or failed).
File: debian/patches/debian/UBUNTU-wait-online-exit-if-no-links-are-managed.patch
https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=31f04c3fc769dacb3cf2a78240a1710a99a865b8
* journald.service: set Nice=-1 to dodge watchdog on soft lockups.
File: debian/patches/debian/UBUNTU-journald.service-set-Nice-1-to-dodge-watchdog-on-soft-loc.patch
https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=e0a9aeffac556492bf517ce2d23313ff7a277926
* Workaround captive portals not responding to EDNS0 queries (DVE-2018-0001).
File: debian/patches/resolved-Mitigate-DVE-2018-0001-by-retrying-NXDOMAIN-with.patch
https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=87d3fe81b7281687ecf3c0b9a8356e90cc714d0b
* Recommend networkd-dispatcher
File: debian/control
https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=d1e3b2c7e4757119da0d550b0b3c0a6626a176dc
* networkd: if RA was implicit, do not await ndisc_configured.
File: debian/patches/debian/UBUNTU-networkd-if-RA-was-implicit-do-not-await-ndisc_con.patch
https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=2f749ff528d1b788aa4ca778e954c16b213ee629
* udev-udeb: ship modprobe.d snippet to force scsi_mod.scan=sync in d-i.
Files:
- debian/extra/modprobe.d-udeb/scsi-mod-scan-sync.conf
- debian/udev-udeb.install
https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=eb6d8a2b9504917abb7aa2c4035fdbb7b98227f7
* Disable dh_installinit generation of tmpfiles for the systemd package.
Files:
- debian/rules
- debian/systemd.postinst
https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=1fd144cbe31cc7a9383cc76f21f4b84c22a9dd1b
* Enable EFI/bootctl on armhf.
File: debian/control
https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=043122f7d8a1487bfd357e815a6ece1ceea6e7d1
* boot-and-services: stderr is ok, for status command on the c1 container.
File: debian/tests/boot-and-services
https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=da14d34e7cc33c44ad67e64c9fd092f8cc1675f9
* Skip systemd-fsckd on arm64, because of broken/lack of clean shutdown.
File: debian/tests/systemd-fsckd
https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=bf5b501ac934497dbef5f64908ff37643dc7288e
* adt: boot-and-services: assert any kernel syslog messages.
File: debian/tests/boot-and-services
https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=29dc34f7a6e5dc505f6212c17c42e4420b47ed16
* debian/extra/start-udev: Set scsi_mod scan=sync even if it's builtin to the kernel (we previously only set it in modprobe.d)
Files:
- debian/extra/start-udev
https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=6b72628f8de991e2c67ac4289fc74daf3abe7d14
* units: conditionalize more units to not start in containers.
Files:
- debian/patches/debian/UBUNTU-units-block-CAP_SYS_MODULE-units-in-containers-too.patch
https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=3689afa1a782de8c19a757459b6360de1195ad55
* test-sleep: skip test_fiemap upon inapproriate ioctl for device.
File: debian/patches/debian/UBUNTU-test-sleep-skip-test_fiemap-upon-inapproriate-ioctl-.patch
https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=6ebb5b9f6b77760a5470e8a780d69875b1db76f7
* Re-add support for /etc/writable for core18
File: debian/patches/debian/UBUNTU-Support-system-image-read-only-etc.patch
https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=a5b5fca66c1127068e4ce0cc9ab497814211f4f7
* debian/control: strengthen dependencies.
File: debian/control
https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=d1ecf0c372f5212129c85ae60fddf26b2271a1fe
* Improve autopkgtest success rate, by bumping up timeouts
File: debian/patches/debian/UBUNTU-bump-selftest-timeouts.patch
https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=c05586d9da033bbfd6b6a74e10b87520843c7c48
* units: Disable journald Watchdog
File: debian/patches/debian/UBUNTU-units-disable-journald-watchdog.patch
https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=64d2b4f1d0d057073fba585f19823332e2a6eed5
* Add conflicts with upstart and systemd-shim
File: debian/control
https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=83ed7496afc7c27be026014d109855f7d0ad1176
* Specify Ubuntu's Vcs-Git
File: debian/control
https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=fd832930ef280c9a4a9dda2440d5a46a6fdb6232
* debian/systemd.postinst: Skip daemon-reexec and try-restarts during shutdown
File: debian/systemd.postinst
https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=51daab96ae79483b5e5fb62e1e0477c87ee11fd1
* Switch gbp.conf to disco.
File: debian/gbp.conf
https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=fea585b259e3e766d8d3dbc9690e879c054ddc87
* core: set /run size to 10%, like initramfs-tools does.
File: debian/patches/debian/UBUNTU-core-set-run-size-to-10-like-initramfs-tools-does.patch
https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=1fac2568fe716dc1a41bada78293dc6327a6df0d
* core: Revert strict mount namespacing/sandboxing, until LXD allows the needed mounts.
File: debian/patches/Revert-namespace-be-more-careful-when-handling-namespacin.patch
https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=030919ba5e4931d6ee576d0259fae67fe4ed9770
* networkd: [Route] PreferredSource not working in *.network files.
Files:
- debian/patches/debian/UBUNTU-networkd-if-RA-was-implicit-do-not-await-ndisc_con.patch
https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=b4e2ee0b2ac1be2ae78952890a56a2d5398df518
* debian/tests: blacklist upstream test-24-unit-tests on ppc64le.
File: debian/tests/upstream
https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=8062b9a2712c390010d2948eaf764a1b52e68715
* debian/control: Update Vcs-{Browser|Git} to Ubuntu's packaging repository
* debian/gbp.conf: Set tag format to ubuntu/*
* Only test that gdm3 comes up on amd64. Stalls on other arches.
File: debian/tests/control
https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=97cb13685dfb353045c449ec5d6d1df60f661079
* Fix false negative checking for running jobs after boot.
File: debian/tests/boot-smoke
https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=aeb01631efbaf3fe851dee15d496e0b66b5c347f
* Cherrypick ask-password: prevent buffer overrow when reading from keyring.
File: debian/patches/ask-password-prevent-buffer-overrow-when-reading-fro.patch
https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=6d6e9cbd4fc6e018031a4762e88f2c3aa19e24e8
* Wait for systemctl is-system-running state.
File: debian/tests/boot-smoke
https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=776998f1f55c445b6e385cab69a4219c42d00838
* random-util: eat up bad RDRAND values seen on AMD CPUs.
File: debian/patches/+rdrand-workaround-on-amd.patch
https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?h=ubuntu-eoan&id=6ab88231efca4b04b26de6cfb5d671be154aabe0
* Refresh patches
* debian/tests/boot-smoke: Restore exit handling Ubuntu delta lost in 241 merge
File: debian/tests/boot-smoke
https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=3bad1cf23cc91299471542e83c589f2b6237a162
* Skip falling back to device name when net_get_name(device) fails.
This fixes network-manager and netplan.io autopkgtests
File: debian/patches/Skip-falling-back-to-device-name-when-net_get_name-device.patch
https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=c79fe0e2dc29834e0cd236ade6e4e44a6ffb74fa
.
systemd (242-6) unstable; urgency=medium
.
[ Dan Streetman ]
* d/t/control: upstream test requires qemu-system-ppc on ppc64el
* d/t/control: install seabios for upstream test.
Some archs (at least arm64) qemu implementation require the vga bios.
.
[ Michael Biebl ]
* Drop unused lintian override
* network: fix ListenPort= in [WireGuard] section (Closes: #936198)
* d/e/r/73-usb-net-by-mac.rules: import net.ifnames only for network devices
(Closes: #934589)
* d/e/r/73-usb-net-by-mac.rules: skip if iface name was provided by
user-space
* Drop dbus activation stub service.
Since dbus 1.11.0, a dbus-daemon that is run with --systemd-activation
automatically assumes that o.fd.systemd1 is an activatable service.
As a result, with a new enough dbus version,
/usr/share/dbus-1/services/org.freedesktop.systemd1.service and
/usr/share/dbus-1/system-services/org.freedesktop.systemd1.service
become unnecessary and can be removed. (Closes: #914015)
* Revert "core: check start limit on condition checks too"
If a unit was referenced too often, it hit the restart limit and the
unit was marked as failed. Fixes a regression introduced in v242.
(Closes: #935829)
.
[ Michael Prokop ]
* README.Debian: document KillUserProcesses behavior in Debian
.
systemd (242-5) unstable; urgency=medium
.
[ Dan Streetman ]
* d/rules: add CONFFGLAGS_UPSTREAM to dh_auto_configure -- params
.
[ Michael Biebl ]
* core: never propagate reload failure to service result.
Fixes a regression introduced in v239 where the main process of a
service unit gets killed on reload if ExecReload fails. (Closes: #936032)
* shared/seccomp: add sync_file_range2.
Some architectures need the arguments to be reordered because of alignment
issues. Otherwise, it's the same as sync_file_range.
Fixes sync_file_range failures in nspawn containers on arm, ppc.
(Closes: #935091)
* bash-completion: don't sort syslog priorities.
By default, the available completions are sorted alphabetically, which
is counterproductive in case of syslog priorities. Override the default
behavior using the `nosort` option. (Closes: #913222)
* test-bpf: skip test when run inside containers
.
systemd (242-4) unstable; urgency=medium
.
* Upload to unstable
.
systemd (242-3) experimental; urgency=medium
.
[ Dan Streetman ]
* d/t/boot-and-services: fix test_failing()
* d/t/boot-and-services: check for any kernel message, not just first kernel
message (Closes: #929730)
* d/t/upstream: add TEST-30, TEST-34 to blacklist
* d/t/timedated: replace systemctl is-active with systemctl show
* d/t/control: root-unittests can break networking, add breaks-testbed
* d/t/control: mark udev test skippable
* d/t/upstream: always cleanup after (and before) each test
* d/t/control: upstream test requires dmeventd
* d/e/checkout-upstream: don't remove .git
* d/e/checkout-upstream: move change to debian/ files above other changes
* d/e/checkout-upstream: add UPSTREAM_KEEP_CHANGELOG param
* d/e/checkout-upstream: create git commits for each change
* d/e/checkout-upstream: switch from 'quilt' to 'native' format
* d/e/checkout-upstream: set user.name, user.email if unset
* d/t/storage: change plaintext_name to include testname
* d/t/storage: increase wait for plaintext_dev from 5 to 30 seconds
* d/t/storage: wait for service to start, only stop if active
* d/t/storage: don't search for 'scsi_debug' in ask_password
* d/t/storage: manage scsi_debug using add_hosts (Closes: #929728)
* d/t/storage: use short timeout waiting for scsi_debug block dev to appear
* d/t/storage: convert password agent into normal Thread
* d/t/storage: fail if socket info not in ask_password contents
* d/t/boot-smoke: pass failure reason to fail() to print instead of separate
echo
* d/t/boot-smoke: in fail() set +e so errors are ignored while gathering
data
* d/t/boot-smoke: gather still running jobs in fail()
* d/t/boot-smoke: wait for is-system-running
* d/t/boot-smoke: call fail if pidof polkitd fails
* d/t/boot-smoke: remove check for running jobs
.
[ Michael Biebl ]
* d/t/boot-smoke: check for NetworkManager instead of D-Bus activated
polkitd (Closes: #934992)
.
systemd (242-2) experimental; urgency=medium
.
[ Michael Biebl ]
* Drop dependency on lsb-base.
It is only needed when booting with sysvinit and initscripts, but
initscripts already Depends on lsb-base (see #864999).
* Stop removing enablement symlinks in /etc/systemd/system.
With v242 this is no longer necessary as `ninja install` will no longer
create those symlinks.
* Replace manual removal of halt-local.service with upstream patch
.
[ Dimitri John Ledkov ]
* Build manpages in .deb variant.
Upstream snapshots are switching to building manpages off by default.
.
[ Luca Boccassi ]
* Enable portabled and install related files in systemd-container.
Keep disabled for the udeb profile. (Closes: #918606)
.
systemd (242-1) experimental; urgency=medium
.
* New upstream version 242
- Change ownership/mode of the execution directories also for static users
(Closes: #919231)
- A new boolean sandboxing option RestrictSUIDSGID= has been added that is
built on seccomp. When turned on, creation of SUID/SGID files is
prohibited. The NoNewPrivileges= and the new RestrictSUIDSGID= options
are now implied if DynamicUser= is turned on for a service.
(Closes: #928102, CVE-2019-3843, CVE-2019-3844)
* Drop Revert-udev-network-device-renaming-immediately-give.patch.
This patch needs ongoing maintenance work to be adapted to new releases
and fails to apply with v242. Instead of investing more time into it we
are going to drop the patch as it was a hack anyway.
* Rebase patches
* Drop pre-stretch migration code
* Drop /sbin/udevadm compat symlink (Closes: #852580)
* socket-util: Make sure flush_accept() doesn't hang on unexpected
EOPNOTSUPP
* Enable regexp matching support in journalctl using pcre2 (Closes: #898892)
* Switch from libidn to libidn2 (Closes: #928615)
Checksums-Sha1:
82113ae66f978580c69a09115a4527b0430e4e20 5122 systemd_242-6ubuntu1.dsc
7a4de314f0a281a1af383eb1daf1aef3edee4579 7831435 systemd_242.orig.tar.gz
f155590639560e781d72155ba2fdacf6858ef843 185260 systemd_242-6ubuntu1.debian.tar.xz
26e0d95e005bd2c8f4e5186bce7a18cf9726ed6d 9836 systemd_242-6ubuntu1_source.buildinfo
Checksums-Sha256:
232d69689f222f65cbe32d3085e34d7c52e3c20ec39cf4333d2995b01b910281 5122 systemd_242-6ubuntu1.dsc
ec22be9a5dd94c9640e6348ed8391d1499af8ca2c2f01109198a414cff6c6cba 7831435 systemd_242.orig.tar.gz
f12fa24c0159c4e33b659263c6a1c81a0e2519b9e27ae9e486c0635d0a035074 185260 systemd_242-6ubuntu1.debian.tar.xz
40b1c1a6499889af22c24c36bc2510d9589792b3a84e2059a79f2c6d9fd9fe67 9836 systemd_242-6ubuntu1_source.buildinfo
Files:
63957df161094bf8a873873f57631eef 5122 admin optional systemd_242-6ubuntu1.dsc
5e004a4007cebbc4c7a06bfd2b9b3d4c 7831435 admin optional systemd_242.orig.tar.gz
848afb992a0a7ab7805f4a9327b6bf6e 185260 admin optional systemd_242-6ubuntu1.debian.tar.xz
fe911cc4e4fd7da3ab702a60ba1bd305 9836 admin optional systemd_242-6ubuntu1_source.buildinfo
Original-Maintainer: Debian systemd Maintainers <pkg-systemd-maintainers at lists.alioth.debian.org>
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEEI/PvTgXX55rLQUfDg6KBkWslS0UFAl2JIDkACgkQg6KBkWsl
S0XJvBAAr+7U01Xjk0y6stA5dsp8qOKbzTUTL4pAH9KsxM7PuOinAqNRD08SF0g8
jjzZkxbKvH9PEqfFza6VRcjo6PqaN/2NdsCagqel0zoRQINmF8yZ4wIp0k0AwI7q
Pw0G86mOg1oYYwI3MbsnLhbe1/msbt0dBrdXYcKfCj2dXw5bGsWikTq/bJoD6Lf1
a2C+KIl9DYNubNjcqvyO2eIC7XimXIHDl7talzoxraiS8WPLUnMez8U7qUUkTc8P
l+c0qiikwQWoYyg63zHs9t2eeurGDjlQYy4pXGFBHiWaj6xClvlXIm7rtUSv0SSo
6QDnLEOjrhT9fqtDpJfaz7WTUKrGvoiKJN0cbF7JwMkctKv8mahXLWIpZqUdnIrR
uL2yoSvaAMIBv8kBpdkAlxzprZPdleOWabIBuaPKbbEBr7yjJUFAMCKbaW9+Y1A+
pni1JaHpoHg/iRwSMGkpWnan+siYWVk+MKP9frNsyj8zI3xdisbsmPYIt9ZNa/PF
yEfq5PQ8ukRBeobQIou6wHYWdE2ATeYr7U18zVn1cToM8su+m2CvmqO8RZgR/Kb0
CcuMGmAK2y3YntClXnLP8fHEAFIMQ4/j5EC8iWTJWPrLmVVE6Q02KNv5i3IAXZDi
nRnwg3xlxcnrGJQN2r+3LJHWeQPw0pig7Tn58wZ/gGecjYRp5lc=
=hvew
-----END PGP SIGNATURE-----
More information about the Eoan-changes
mailing list