* udevadm: ignore EROFS and return earlier.
Fixes failures of "udevadm trigger" in containers with a readonly /sys.
(Closes: #944860)
* udev: silence warning about PROGRAM+= or IMPORT+= rules (Closes: #944917)
* man: add entry about SpeedMeter= (Closes: #944597)
* udev: drop SystemCallArchitectures=native from systemd-udevd.service.
We can't really control what helper programs are run from other udev
rules. E.g. running i386 binaries under amd64 is a valid use case and
should not trigger a SIGSYS failure. (Closes: #869719)
[dgit import unpatched systemd 243-8]
--- /dev/null
--- /dev/null
++Enabling persistent logging in journald
++=======================================
++
++To enable persistent logging, create /var/log/journal:
++
++ mkdir -p /var/log/journal
++ systemd-tmpfiles --create --prefix /var/log/journal
++
++systemd will make the journal files owned by the "systemd-journal" group and
++add an ACL for read permissions for users in the "adm" group.
++To grant a user read access to the system journal, add them to one of the two
++groups.
++
++This will allow you to look at previous boot logs with e. g.
++"journalctl -b -1".
++
++If you enable persistent logging, consider uninstalling rsyslog or any other
++system-log-daemon, to avoid logging everything twice.
++
++Debugging boot/shutdown problems
++================================
++
++The "debug-shell" service starts a root shell on VT 9 which is available very
++early during boot and very late during shutdown. You can temporarily enable
++this when booting the system does not get sufficiently far to get a desktop or
++even the text console logins (getty), or when shutdown hangs eternally.
++
++For boot problems the recommended way is to append "systemd.debug-shell" to the
++kernel command line in the bootloader.
++For shutdown problems, run "systemctl start debug-shell" as root, then shut
++down.
++
++WARNING: Please avoid "systemctl enable debug-shell" as this will start the
++debug shell permanently which is a SECURITY HOLE as it allows unauthenticated
++and unrestricted root access to your computer if you forget to disable it!
++Please only enable it if you cannot pass "systemd.debug-shell" to the boot
++loader for some reason, and then immediately run "systemctl disable debug-shell"
++after booting.
++
++Once the boot/shutdown problem happened, switch to VT9 (Ctrl+Alt+F9). There you
++can use the usual systemctl or journalctl commands, or any other Linux shell
++command to list or kill processes. For example, run "systemctl list-jobs" to
++see what's currently being run, or "systemctl" to find units which are not in
++the expected state (e. g. "failed" for boot or still "active" during shutdown),
++and then get more detailed information with "systemctl status -l foo.service"
++to get a service "foo"'s status and recent logging.
++
++In situations where the debug shell is not available, you can generate a
++/shutdown-log.txt file instead:
++1. Boot with these kernel command line options:
++ systemd.log_level=debug systemd.log_target=kmsg log_buf_len=1M
++2. Save the following script as /lib/systemd/system-shutdown/debug.sh and make it executable:
++ #!/bin/sh
++ mount -o remount,rw /
++ dmesg > /shutdown-log.txt
++ mount -o remount,ro /
++3. Reboot
++
++Enable and use networkd
++=======================
++networkd is a small and lean service to configure network interfaces, designed
++mostly for server use cases in a world with hotplugged and virtualized
++networking. Its configuration is similar in spirit and abstraction level to
++ifupdown, but you don't need any extra packages to configure bridges, bonds,
++vlan etc. It is not very suitable for managing WLANs yet; NetworkManager is
++still much more appropriate for such Desktop use cases.
++
++networkd is not enabled by default; run
++
++ systemctl enable systemd-networkd
++
++if you want to use it. After that you need to create some *.network
++configuration files. In the simplest case you just want to run DHCP on all
++available Ethernet interfaces:
++
++--- /etc/systemd/network/all-eth.network ---
++[Match]
++Name=e*
++[Network]
++DHCP=yes
++
++This will match on both the kernel "ethN" as well as the predictable interface
++names "en*". Please see man systemd.network(5) for all available configuration
++options and examples.
++
++You need to make sure that interfaces handled by networkd are not handled by
++ifupdown (/etc/network/interfaces) and NetworkManager.
++
++Note that interfaces brought up/down will *not* run hooks in
++/etc/network/if-*.d/.
++
++It is recommended to use networkd together with systemd-resolved(8) to
++dynamically manage /etc/resolv.conf:
++
++ systemctl enable systemd-resolved
++ ln -sf /run/systemd/resolve/resolv.conf /etc/resolv.conf
++
++Debian's networkd has been modified to also work with the resolvconf package.
++
++KillUserProcesses behavior in Debian
++====================================
++
++If KillUserProcesses=yes is configured in logind.conf(5), the session scope
++will be terminated when the user logs out of that session.
++
++See logind.conf(5):
++
++| Note that setting KillUserProcesses=yes will break tools like screen(1) and
++| tmux(1), unless they are moved out of the session scope.
++
++The default for KillUserProcesses in /etc/systemd/logind.conf is set
++to "yes" in upstream systemd, though Debian defaults to "no" (see #825394).
--- /dev/null
--- /dev/null
++Building from source
++--------------------
++Install “git-buildpackage” and run the following steps:
++
++ gbp clone git+ssh://git.debian.org/git/pkg-systemd/systemd.git
++ cd systemd
++ gbp buildpackage
++
++We recommend you use pbuilder to make sure you build in a clean environment:
++
++ gbp buildpackage --git-pbuilder
++
++Changelog
++---------
++The systemd package uses gbp dch for automatically generating
++debian/changelog entries from the corresponding git commits. This makes
++cherry-picking, merging, and rebasing much simpler.
++
++Thus, for any packaging change *don't* modify debian/changelog, just write a
++meaningful git commit log with proper bug references (such as "Closes: #12345"
++on the last line). For doing a release, run
++
++ gbp dch --auto
++
++then beautify the generated debian/changelog, then run the usual "dch -r" and
++"debcommit -ar --sign-tags".
++
++Patch handling
++--------------
++The systemd package uses gbp pq for maintaining patches with a git-like
++workflow in a "patch-queue/<branch>" local branch and then exporting them as
++quilt series. For working on patches you run
++
++ gbp pq import --force
++
++Then you are in the patch-queue branch and can git log, commit, cherry-pick
++upstream commits, rebase, etc. there. After you are done, run
++
++ gbp pq export
++
++which will put you back into master and update debian/patches/ (including
++series). You need to git add etc. new patches, possibly other
++packaging changes, and then git commit as usual.
++
++systemd uses gbp pq's "topic" branches for organizing patches; for simplicity
++(as this is the most common operation), upstream cherry-picks go into the
++"empty" topic (i. e. directly into debian/patches/), while Debian specific
++patches go into "Gbp-Pq: Topic debian" (i. e. debian/patches/debian/).
++
++Rebasing patches to a new upstream version
++------------------------------------------
++gbp pq's "rebase" command does not work very conveniently as it fails on merge
++conflicts. First, ensure you are in the master branch:
++
++ git checkout master # in case you aren't already
++
++Now, do one of
++
++ (1) To import a new upstream release into the existing master branch for unstable,
++do:
++
++ gbp pq import --force
++ gbp pq switch # switch back to master from patch-queue/master
++ gbp import-orig [...]
++ gbp pq switch # switch to patch-queue/master
++ git rebase master
++
++ (2) To import a new upstream release into a new branch for Debian experimental, do:
++
++ git branch experimental
++ git checkout experimental
++ editor debian/gbp.conf # set "debian-branch=experimental"
++ gbp import-orig [...]
++ git branch patch-queue/experimental patch-queue/master
++ git checkout patch-queue/experimental
++ git rebase experimental
++
++Now resolve all the conflicts, skip obsolete patches, etc. When you are done, run
++
++ gbp pq export
++
++Note that our debian/gbp.conf disables patch numbers.
++
++Cherry-picking upstream patches
++-------------------------------
++You can add the systemd upstream branch as an additional remote to the Debian
++packaging branch. Call it "github" or similar to avoid confusing it with the
++already existing "upstream" branch from git-buildpackage:
++
++ git remote add github https://github.com/systemd/systemd.git
++ git fetch github -n
++
++Now you can look at the upstream log and cherry-pick patches into the
++patch-queue branch:
++
++ gbp pq import --force
++ git log github/master
++ git cherry-pick 123DEADBEEF
++
++debian/git-cherry-pick is a nice tool to automate all that:
++
++ debian/git-cherry-pick 123DEADBEEF 987654 AFFE99
++ git checkout master # switch back from patch-queue branch
--- /dev/null
--- /dev/null
++systemd (243-8) unstable; urgency=medium
++
++ * udevadm: ignore EROFS and return earlier.
++ Fixes failures of "udevadm trigger" in containers with a readonly /sys.
++ (Closes: #944860)
++ * udev: silence warning about PROGRAM+= or IMPORT+= rules (Closes: #944917)
++ * man: add entry about SpeedMeter= (Closes: #944597)
++ * udev: drop SystemCallArchitectures=native from systemd-udevd.service.
++ We can't really control what helper programs are run from other udev
++ rules. E.g. running i386 binaries under amd64 is a valid use case and
++ should not trigger a SIGSYS failure. (Closes: #869719)
++
++ -- Michael Biebl <biebl@debian.org> Tue, 19 Nov 2019 09:17:12 +0100
++
++systemd (243-7) unstable; urgency=medium
++
++ * Fix build failure on arm64 with libseccomp >= 2.4.2
++
++ -- Michael Biebl <biebl@debian.org> Fri, 15 Nov 2019 22:01:17 +0100
++
++systemd (243-6) unstable; urgency=medium
++
++ * Revert "sysusers: properly mark generated accounts as locked"
++ We shouldn't lock the accounts because people actually need to use them, and
++ if they are locked, various tools will refuse.
++ * udev: ignore error caused by device disconnection.
++ During an add or change event, the device may be disconnected.
++ (Closes: #944586)
++ * udev: do not append newline when writing attributes
++
++ -- Michael Biebl <biebl@debian.org> Thu, 14 Nov 2019 14:09:49 +0100
++
++systemd (243-5) unstable; urgency=medium
++
++ * Switch default hierarchy (back) to hybrid.
++ Since v243, the new upstream default is unified, but this still causes
++ regressions in important packages, like LXC or Docker, so switch the
++ default back to hybrid for now.
++ * Drop masks for SysV init scripts that have been dropped
++ * Drop masks for SysV init scripts provided by initscripts and bootlogd
++ * logind: fix emission of PropertiesChanged signal for users and seats
++ * Bump Standards Version to 4.4.1
++ * Upload to unstable
++
++ -- Michael Biebl <biebl@debian.org> Mon, 11 Nov 2019 00:58:41 +0100
++
++systemd (243-4) experimental; urgency=medium
++
++ * Merge changes from unstable branch
++
++ -- Michael Biebl <biebl@debian.org> Sat, 09 Nov 2019 01:15:08 +0100
++
++systemd (243-3) experimental; urgency=medium
++
++ * Import patches from v243-stable branch (up to ef677436aa)
++
++ -- Michael Biebl <biebl@debian.org> Mon, 14 Oct 2019 15:26:01 +0200
++
++systemd (243-2) experimental; urgency=medium
++
++ * Import patches from v243-stable branch (up to fab6f010ac)
++
++ -- Michael Biebl <biebl@debian.org> Sun, 22 Sep 2019 12:46:02 +0200
++
++systemd (243-1) experimental; urgency=medium
++
++ * New upstream version 243
++ * Merge changes from unstable branch
++
++ -- Michael Biebl <biebl@debian.org> Thu, 05 Sep 2019 01:21:49 +0200
++
++systemd (243~rc2-1) experimental; urgency=medium
++
++ * New upstream version 243~rc2
++ - man: document that "systemd-analyze blame/critical-chain" is not useful
++ to track down job latency. (Closes: #920234)
++ - systemctl: process all units matched by a glob in the cat verb by
++ default. (Closes: #904913)
++ - units: automatically revert to /run logging on shutdown if necessary.
++ Prevents /var staying busy on shutdown due to journald.
++ (Closes: #851402)
++ - bash-completion: don't sort syslog priorities. (Closes: #913222)
++ - man: add example for setting multiple properties at once.
++ (Closes: #807464)
++ * Rebase patches
++ * Update symbols file for libsystemd0
++ * core: stop removing non-existent and duplicate lookup paths
++ * Install static-nodes-permissions.conf tmpfile in udev
++
++ -- Michael Biebl <biebl@debian.org> Sat, 31 Aug 2019 00:20:41 +0200
++
++systemd (242-8) unstable; urgency=medium
++
++ [ Dan Streetman ]
++ * d/extra/rules/73-special-net-names.rules: use $$ instead of $ in PROGRAM=
++ value.
++ Fixes incorrect variable substitution.
++ * Rework and improve blacklist handling in debian/tests/upstream
++
++ [ Balint Reczey ]
++ * Various improvements to debian/extra/checkout-upstream making it more
++ straightforward to override the default behaviour
++ * Use package version as systemd's reported version (LP: #1849158)
++
++ [ Michael Biebl]
++ * debiant/tests/udev: replace deprecated ADTTMP with AUTOPKGTEST_TMP
++
++ -- Michael Biebl <biebl@debian.org> Fri, 08 Nov 2019 23:18:00 +0100
++
++systemd (242-7) unstable; urgency=medium
++
++ * sleep: properly pass verb to sleep script
++ * core: factor root_directory application out of apply_working_directory.
++ Fixes RootDirectory not working when used in combination with User.
++ (Closes: #939408)
++ * shared/bus-util: drop trusted annotation from
++ bus_open_system_watch_bind_with_description().
++ This ensures that access controls on systemd-resolved's D-Bus interface
++ are enforced properly.
++ (CVE-2019-15718, Closes: #939353)
++
++ -- Michael Biebl <biebl@debian.org> Wed, 04 Sep 2019 19:34:17 +0200
++
++systemd (242-6) unstable; urgency=medium
++
++ [ Dan Streetman ]
++ * d/t/control: upstream test requires qemu-system-ppc on ppc64el
++ * d/t/control: install seabios for upstream test.
++ Some archs (at least arm64) qemu implementation require the vga bios.
++
++ [ Michael Biebl ]
++ * Drop unused lintian override
++ * network: fix ListenPort= in [WireGuard] section (Closes: #936198)
++ * d/e/r/73-usb-net-by-mac.rules: import net.ifnames only for network devices
++ (Closes: #934589)
++ * d/e/r/73-usb-net-by-mac.rules: skip if iface name was provided by
++ user-space
++ * Drop dbus activation stub service.
++ Since dbus 1.11.0, a dbus-daemon that is run with --systemd-activation
++ automatically assumes that o.fd.systemd1 is an activatable service.
++ As a result, with a new enough dbus version,
++ /usr/share/dbus-1/services/org.freedesktop.systemd1.service and
++ /usr/share/dbus-1/system-services/org.freedesktop.systemd1.service
++ become unnecessary and can be removed. (Closes: #914015)
++ * Revert "core: check start limit on condition checks too"
++ If a unit was referenced too often, it hit the restart limit and the
++ unit was marked as failed. Fixes a regression introduced in v242.
++ (Closes: #935829)
++
++ [ Michael Prokop ]
++ * README.Debian: document KillUserProcesses behavior in Debian
++
++ -- Michael Biebl <biebl@debian.org> Tue, 03 Sep 2019 11:09:07 +0200
++
++systemd (242-5) unstable; urgency=medium
++
++ [ Dan Streetman ]
++ * d/rules: add CONFFGLAGS_UPSTREAM to dh_auto_configure -- params
++
++ [ Michael Biebl ]
++ * core: never propagate reload failure to service result.
++ Fixes a regression introduced in v239 where the main process of a
++ service unit gets killed on reload if ExecReload fails. (Closes: #936032)
++ * shared/seccomp: add sync_file_range2.
++ Some architectures need the arguments to be reordered because of alignment
++ issues. Otherwise, it's the same as sync_file_range.
++ Fixes sync_file_range failures in nspawn containers on arm, ppc.
++ (Closes: #935091)
++ * bash-completion: don't sort syslog priorities.
++ By default, the available completions are sorted alphabetically, which
++ is counterproductive in case of syslog priorities. Override the default
++ behavior using the `nosort` option. (Closes: #913222)
++ * test-bpf: skip test when run inside containers
++
++ -- Michael Biebl <biebl@debian.org> Thu, 29 Aug 2019 16:18:18 +0200
++
++systemd (242-4) unstable; urgency=medium
++
++ * Upload to unstable
++
++ -- Michael Biebl <biebl@debian.org> Wed, 21 Aug 2019 22:09:13 +0200
++
++systemd (242-3) experimental; urgency=medium
++
++ [ Dan Streetman ]
++ * d/t/boot-and-services: fix test_failing()
++ * d/t/boot-and-services: check for any kernel message, not just first kernel
++ message (Closes: #929730)
++ * d/t/upstream: add TEST-30, TEST-34 to blacklist
++ * d/t/timedated: replace systemctl is-active with systemctl show
++ * d/t/control: root-unittests can break networking, add breaks-testbed
++ * d/t/control: mark udev test skippable
++ * d/t/upstream: always cleanup after (and before) each test
++ * d/t/control: upstream test requires dmeventd
++ * d/e/checkout-upstream: don't remove .git
++ * d/e/checkout-upstream: move change to debian/ files above other changes
++ * d/e/checkout-upstream: add UPSTREAM_KEEP_CHANGELOG param
++ * d/e/checkout-upstream: create git commits for each change
++ * d/e/checkout-upstream: switch from 'quilt' to 'native' format
++ * d/e/checkout-upstream: set user.name, user.email if unset
++ * d/t/storage: change plaintext_name to include testname
++ * d/t/storage: increase wait for plaintext_dev from 5 to 30 seconds
++ * d/t/storage: wait for service to start, only stop if active
++ * d/t/storage: don't search for 'scsi_debug' in ask_password
++ * d/t/storage: manage scsi_debug using add_hosts (Closes: #929728)
++ * d/t/storage: use short timeout waiting for scsi_debug block dev to appear
++ * d/t/storage: convert password agent into normal Thread
++ * d/t/storage: fail if socket info not in ask_password contents
++ * d/t/boot-smoke: pass failure reason to fail() to print instead of separate
++ echo
++ * d/t/boot-smoke: in fail() set +e so errors are ignored while gathering
++ data
++ * d/t/boot-smoke: gather still running jobs in fail()
++ * d/t/boot-smoke: wait for is-system-running
++ * d/t/boot-smoke: call fail if pidof polkitd fails
++ * d/t/boot-smoke: remove check for running jobs
++
++ [ Michael Biebl ]
++ * d/t/boot-smoke: check for NetworkManager instead of D-Bus activated
++ polkitd (Closes: #934992)
++
++ -- Michael Biebl <biebl@debian.org> Wed, 21 Aug 2019 00:12:22 +0200
++
++systemd (242-2) experimental; urgency=medium
++
++ [ Michael Biebl ]
++ * Drop dependency on lsb-base.
++ It is only needed when booting with sysvinit and initscripts, but
++ initscripts already Depends on lsb-base (see #864999).
++ * Stop removing enablement symlinks in /etc/systemd/system.
++ With v242 this is no longer necessary as `ninja install` will no longer
++ create those symlinks.
++ * Replace manual removal of halt-local.service with upstream patch
++
++ [ Dimitri John Ledkov ]
++ * Build manpages in .deb variant.
++ Upstream snapshots are switching to building manpages off by default.
++
++ [ Luca Boccassi ]
++ * Enable portabled and install related files in systemd-container.
++ Keep disabled for the udeb profile. (Closes: #918606)
++
++ -- Michael Biebl <biebl@debian.org> Fri, 07 Jun 2019 22:41:50 +0200
++
++systemd (242-1) experimental; urgency=medium
++
++ * New upstream version 242
++ - Change ownership/mode of the execution directories also for static users
++ (Closes: #919231)
++ - A new boolean sandboxing option RestrictSUIDSGID= has been added that is
++ built on seccomp. When turned on, creation of SUID/SGID files is
++ prohibited. The NoNewPrivileges= and the new RestrictSUIDSGID= options
++ are now implied if DynamicUser= is turned on for a service.
++ (Closes: #928102, CVE-2019-3843, CVE-2019-3844)
++ * Drop Revert-udev-network-device-renaming-immediately-give.patch.
++ This patch needs ongoing maintenance work to be adapted to new releases
++ and fails to apply with v242. Instead of investing more time into it we
++ are going to drop the patch as it was a hack anyway.
++ * Rebase patches
++ * Drop pre-stretch migration code
++ * Drop /sbin/udevadm compat symlink (Closes: #852580)
++ * socket-util: Make sure flush_accept() doesn't hang on unexpected
++ EOPNOTSUPP
++ * Enable regexp matching support in journalctl using pcre2 (Closes: #898892)
++ * Switch from libidn to libidn2 (Closes: #928615)
++
++ -- Michael Biebl <biebl@debian.org> Wed, 08 May 2019 01:33:56 +0200
++
++systemd (241-7) unstable; urgency=medium
++
++ [ Michael Biebl ]
++ * network: Fix failure to bring up interface with Linux kernel 5.2.
++ Backport two patches from systemd master in order to fix a bug with 5.2
++ kernels where the network interface fails to come up with the following
++ error: "enp3s0: Could not bring up interface: Invalid argument"
++ (Closes: #931636)
++ * Use /usr/sbin/nologin as nologin shell.
++ In Debian the nologin shell is installed in /usr/sbin, not /sbin.
++ (Closes: #931850)
++
++ [ Mert Dirik ]
++ * 40-systemd: Don't fail if SysV init script uses set -u and $1 is unset
++ (Closes: #931719)
++
++ -- Michael Biebl <biebl@debian.org> Thu, 18 Jul 2019 19:38:23 +0200
++
++systemd (241-6) unstable; urgency=medium
++
++ * ask-password: Prevent buffer overflow when reading from keyring.
++ Fixes a possible memory corruption that causes systemd-cryptsetup to
++ crash either when a single large password is used or when multiple
++ passwords have already been pushed to the keyring. (Closes: #929726)
++ * Clarify documentation regarding %h/%u/%U specifiers.
++ Make it clear, that setting "User=" has no effect on those specifiers.
++ Also ensure that "%h" is actually resolved to "/root" for the system
++ manager instance as documented in the systemd.unit man page.
++ (Closes: #927911)
++ * network: Behave more gracefully when IPv6 has been disabled.
++ Ignore any configured IPv6 settings when IPv6 has been disabled in the
++ kernel via sysctl. Instead of failing completely, continue and log a
++ warning instead. (Closes: #929469)
++
++ -- Michael Biebl <biebl@debian.org> Mon, 08 Jul 2019 11:27:51 +0200
++
++systemd (241-5) unstable; urgency=medium
++
++ * Revert "Add check to switch VTs only between K_XLATE or K_UNICODE"
++ This change left the keyboard in an unusable state when exiting an X
++ session. (Closes: #929229)
++
++ -- Michael Biebl <biebl@debian.org> Fri, 24 May 2019 22:58:59 +0200
++
++systemd (241-4) unstable; urgency=medium
++
++ * journal-remote: Do not request Content-Length if Transfer-Encoding is
++ chunked (Closes: #927008)
++ * systemctl: Restore "systemctl reboot ARG" functionality.
++ Fixes a regression introduced in v240. (Closes: #928659)
++ * random-util: Eat up bad RDRAND values seen on AMD CPUs.
++ Some AMD CPUs return bogus data via RDRAND after a suspend/resume cycle
++ while still reporting success via the carry flag.
++ Filter out invalid data like -1 (and also 0, just to be sure).
++ (Closes: #921267)
++ * Add check to switch VTs only between K_XLATE or K_UNICODE.
++ Switching to K_UNICODE from other than L_XLATE can make the keyboard
++ unusable and possibly leak keypresses from X.
++ (CVE-2018-20839, Closes: #929116)
++ * Document that DRM render nodes are now owned by group "render"
++ (Closes: #926886)
++
++ -- Michael Biebl <biebl@debian.org> Fri, 17 May 2019 21:16:33 +0200
++
++systemd (241-3) unstable; urgency=high
++
++ [ Michael Biebl ]
++ * Drop systemd-shim alternative from libpam-systemd.
++ A fixed systemd-shim package which works with newer versions of systemd
++ is unlikely to happen given that the systemd-shim package has been
++ removed from the archive. Drop the alternative dependency from
++ libpam-systemd accordingly.
++ * Properly remove duplicate directories from systemd package.
++ When removing duplicate directories from the systemd package, sort the
++ list of directories in reverse order so we properly delete nested
++ directories.
++ * udev: Run programs in the specified order (Closes: #925190)
++ * bash-completion: Use default completion for redirect operators
++ (Closes: #924541)
++ * networkd: Clarify that IPv6 RA uses our own stack, no the kernel's
++ (Closes: #815582)
++ * Revert "Drop systemd-timesyncd.service.d/disable-with-time-daemon.conf"
++ Apparently Conflicts= are not a reliable mechanism to ensure alternative
++ NTP implementations take precedence over systemd-timesyncd.
++ (Closes: #902026)
++ * network: Fix routing policy rule issue.
++ When multiple links request a routing policy, make sure they are all
++ applied correctly. (Closes: #924406)
++ * pam-systemd: Use secure_getenv() rather than getenv()
++ Fixes a vulnerability in the systemd PAM module which insecurely uses
++ the environment and lacks seat verification permitting spoofing an
++ active session to PolicyKit. (CVE-2019-3842)
++
++ [ Martin Pitt ]
++ * Enable udev autopkgtest in containers.
++ This test doesn't actually need udev.service (which is disabled in
++ containers) and works fine in LXC.
++ * Enable boot-and-service autopkgtest in containers
++ - Skip tests which can't work in containers.
++ - Add missing rsyslog test dependency.
++ - e2scrub_reap.service fails in containers, ignore (filed as #926138)
++ - Relax pgrep pattern for gdm, as there's no wayland session in
++ containers.
++
++ -- Michael Biebl <biebl@debian.org> Mon, 08 Apr 2019 12:59:32 +0200
++
++systemd (241-2) unstable; urgency=medium
++
++ [ Martin Pitt ]
++ * debian/tests/boot-smoke: Create journal and udevdb artifacts on all
++ failures
++ * autopkgtests: Replace obsolete $ADT_* variables
++ * networkd-test: Ignore failures of test_route_only_dns* in containers.
++ This test exposes a race condition when running in LXC, see issue #11848
++ for details. Until that is understood and fixed, skip the test as it's
++ not a recent regression. (Closes: #924539)
++ * Bump Standards-Version to 4.3.0.
++ No changes necessary.
++ * debian/tests/boot-smoke: Only check current boot for connection timeouts.
++ Otherwise we'll catch some
++ Failed to resolve group 'render': Connection timed out
++ messages that happen in earlier boots during VM setup, before the
++ "render" group is created.
++ Fixes https://github.com/systemd/systemd/issues/11875
++ * timedated: Fix emitted value when ntp client is enabled/disabled.
++ Fixes a regression introduced in 241.
++ * debian/tests/timedated: Check enabling/disabling NTP.
++ Assert that `timedatectl set-ntp` correctly controls the service, sets
++ the `org.freedesktop.timedate1 NTP` property, and sends the right
++ `PropertiesChanged` signal.
++ This reproduces <https://github.com/systemd/systemd/issues/11944> and
++ also the earlier <https://github.com/systemd/systemd/issues/9672>.
++
++ [ Michael Biebl ]
++ * Disable fallback DNS servers in resolved (Closes: #923081)
++ * cgtop: Fix processing of controllers other than CPU (Closes: #921280)
++ * udev: Restore debug level when logging a failure in the external prog
++ called by IMPORT{program} (Closes: #924199)
++ * core: Remove "." path components from required mount paths.
++ Fixes mount related failures when a user's home directory contains "/./"
++ (Closes: #923881)
++ * udev.init: Use new s-s-d --notify-await to start udev daemon.
++ Fixes a race condition during startup under SysV init.
++ Add versioned dependency on dpkg (>= 1.19.3) to ensure that a version
++ of start-stop-daemon which supports --notify-await is installed.
++ (Closes: #908796)
++ * Make /dev/dri/renderD* accessible to group "render"
++ Follow upstream and make render nodes available to a dedicated system
++ group "render" instead of "video". Keep the uaccess tag for local,
++ active users.
++
++ -- Michael Biebl <biebl@debian.org> Fri, 15 Mar 2019 18:33:54 +0100
++
++systemd (241-1) unstable; urgency=medium
++
++ [ Adam Borowski ]
++ * Make libpam-systemd Provide: logind, default-logind.
++ This allows alternate logind implementations such as elogind, without
++ having to recompile every dependent package -- as long as the client API
++ remains compatible.
++ These new virtual packages got policy-approved in #917431. (Closes: #915407)
++
++ [ Felipe Sateler ]
++ * New upstream version 241
++ - Refresh patches
++ - Backport upstream fix for Driver= matches in .network files
++
++ [ Martin Pitt ]
++ * debian/libsystemd0.symbols: Add new symbol from release 241
++ * Fix various bugs and races in networkd tests.
++ This should get the autopkgtest back to green, which regressed with
++ dnsmasq 2.80.
++
++ -- Felipe Sateler <fsateler@debian.org> Thu, 21 Feb 2019 20:10:15 -0300
++
++systemd (240-6) unstable; urgency=high
++
++ * High urgency as this fixes a vulnerability.
++
++ [ Felipe Sateler ]
++ * Reenable pristine-tar in gbp.conf.
++ The pristine-tar bug has been fixed, so we can use it again.
++ This reverts commit 9fcfbbf6fea15eacfa3fad74240431c5f2c3300e.
++ * d/watch: add version mangle to transform -rc to ~rc.
++ Upstream has started releasing rcs, so let's account for that
++ * Fix comment about why we disable hwclock.service.
++ Systemd nowadays doesn't do it itself because the kernel does it on its
++ own when necessary, and when not, it is not safe to save the hwclock (eg,
++ there is no certainty the system clock
++ is correct)
++ * udev: Backport upstream preventing mass killings when not running under
++ systemd (Closes: #918764)
++
++ [ Dimitri John Ledkov ]
++ * debian/tests/storage: improve cleanups.
++ On fast ppc64el machines, cryptsetup start job may not complete by the
++ time tearDown is executed. In that case stop, causes to simply cancel the
++ start job without actually cleaning up the dmsetup node. This leads to
++ failing subsequent test as it no longer starts with a clean device. Thus
++ ensure the systemd-cryptsetup unit is started, before stopping it.
++ Also rmmod scsi_debug module at the end, to allow re-running the test in a
++ loop.
++ * debian/tests/upstream: Mark TEST-13-NSPAWN-SMOKE as flakey.
++ * debian/tests/control: add socat to upstream tests for pull #11591
++ * Blacklist TEST-10-ISSUE-2467 #11706
++ * debian/tests/storage: fix for LUKS2 and avoid interactive password
++ prompts.
++
++ [ Martin Pitt ]
++ * udevadm: Fix segfault with subsystem-match containing '/'
++ (Closes: #919206)
++ * sd-bus: if we receive an invalid dbus message, ignore and proceed
++ * sd-bus: enforce a size limit on D-Bus object paths.
++ This avoids accessing/modifying memory outside of the allocated stack
++ region by sending specially crafted D-Bus messages with very large object
++ paths.
++ Vulnerability discovered by Chris Coulson <chris.coulson@canonical.com>,
++ patch provided by Riccardo Schirone <rschiron@redhat.com>.
++ (CVE-2019-6454)
++
++ -- Martin Pitt <mpitt@debian.org> Mon, 18 Feb 2019 13:54:04 +0000
++
++systemd (240-5) unstable; urgency=medium
++
++ [ Felipe Sateler ]
++ * Revert interface renaming changes. (Closes: #919390)
++
++ [ Martin Pitt ]
++ * process-util: Fix memory leak (Closes: #920018)
++
++ -- Martin Pitt <mpitt@debian.org> Sun, 27 Jan 2019 21:33:07 +0000
++
++systemd (240-4) unstable; urgency=medium
++
++ [ Benjamin Drung ]
++ * Fix shellcheck issues in initramfs-tools scripts
++
++ [ Michael Biebl ]
++ * Import patches from v240-stable branch (up to f02b5472c6)
++ - Fixes a problem in logind closing the controlling terminal when using
++ startx. (Closes: #918927)
++ - Fixes various journald vulnerabilities via attacker controlled alloca.
++ (CVE-2018-16864, CVE-2018-16865, Closes: #918841, Closes: #918848)
++ * sd-device-monitor: Fix ordering of setting buffer size.
++ Fixes an issue with uevents not being processed properly during coldplug
++ stage and some kernel modules not being loaded via "udevadm trigger".
++ (Closes: #917607)
++ * meson: Stop setting -fPIE globally.
++ Setting -fPIE globally can lead to miscompilations on certain
++ architectures. Instead use the b_pie=true build option, which was
++ introduced in meson 0.49. Bump the Build-Depends accordingly.
++ (Closes: #909396)
++
++ -- Michael Biebl <biebl@debian.org> Sat, 12 Jan 2019 21:49:44 +0100
++
++systemd (240-3) unstable; urgency=medium
++
++ * udev.init: Trigger add events for subsystems.
++ Update the SysV init script and mimic the behaviour of the initramfs and
++ systemd-udev-trigger.service which first trigger subsystems and then
++ devices during the coldplug stage.
++ * udevadm: Refuse to run trigger, control, settle and monitor commands in
++ chroot (Closes: #917633)
++ * network: Set link state configuring before setting addresses.
++ Fixes a crash in systemd-networkd caused by an assertion failure.
++ (Closes: #918658)
++ * libudev-util: Make util_replace_whitespace() read only len characters.
++ Fixes a regression where /dev/disk/by-id/ names had additional
++ underscores.
++ * man: Update color of journal logs in DEBUG level (Closes: #917948)
++ * Remove old state directory of systemd-timesyncd on upgrades.
++ Otherwise timesyncd will fail to update the clock file if it was created
++ as /var/lib/private/systemd/timesync/clock.
++ This was the case when the service was using DynamicUser=yes which it no
++ longer does in v240. (Closes: #918190)
++
++ -- Michael Biebl <biebl@debian.org> Wed, 09 Jan 2019 18:40:57 +0100
++
++systemd (240-2) unstable; urgency=medium
++
++ * Pass separate dev_t var to device_path_parse_major_minor.
++ Fixes FTBFS on mips/mipsel (MIPS/O32). (Closes: #917195)
++ * test-json: Check absolute and relative difference in floating point test.
++ Fixes FTBFS due to test-suite failures on armel, armhf and hppa.
++ (Closes: #917215)
++ * sd-device: Fix segfault when error occurs in device_new_from_{nulstr,strv}()
++ Fixes a segfault in systemd-udevd when debug logging is enabled.
++ * udev-event: Do not read stdout or stderr if the pipefd is not created.
++ This fixes problems with device-mapper symlinks no longer being created
++ or certain devices not being marked as ready. (Closes: #917124)
++ * Don't bump fs.nr_open in PID 1.
++ In v240, systemd bumped fs.nr_open in PID 1 to the highest possible
++ value. Processes that are spawned directly by systemd, will have
++ RLIMIT_NOFILE be set to 512K (hard).
++ pam_limits in Debian defaults to "set_all", i.e. for limits which are
++ not explicitly configured in /etc/security/limits.conf, the value from
++ PID 1 is taken, which means for login sessions, RLIMIT_NOFILE is set to
++ the highest possible value instead of 512K. Not every software is able
++ to deal with such an RLIMIT_NOFILE properly.
++ While this is arguably a questionable default in Debian's pam_limit,
++ work around this problem by not bumping fs.nr_open in PID 1.
++ (Closes: #917167)
++
++ -- Michael Biebl <biebl@debian.org> Thu, 27 Dec 2018 14:03:57 +0100
++
++systemd (240-1) unstable; urgency=medium
++
++ [ Michael Biebl ]
++ * New upstream version 240
++ - core: Skip cgroup_subtree_mask_valid update if UNIT_STUB
++ (Closes: #903011)
++ - machined: Rework referencing of machine scopes from machined
++ (Closes: #903288)
++ - timesync: Fix serialization of IP address
++ (Closes: #916516)
++ - core: Don't track jobs-finishing-during-reload explicitly
++ (Closes: #916678)
++ * Rebase patches
++ * Install new systemd-id128 binary
++ * Update symbols file for libsystemd0
++ * Update nss build options
++
++ [ Martin Pitt ]
++ * tests: Disable some flaky upstream tests.
++ See https://github.com/systemd/systemd/issues/11195
++ * tests: Disable flaky TEST-17-UDEV-WANTS upstream test.
++ See https://github.com/systemd/systemd/issues/11195
++
++ -- Michael Biebl <biebl@debian.org> Sat, 22 Dec 2018 16:01:43 +0100
++
++systemd (239-15) unstable; urgency=medium
++
++ [ Felipe Sateler ]
++ * Fix container check in udev init script.
++ Udev needs writable /sys, so the init script tried to check before
++ starting. Unfortunately, the check was inverted. Let's add the missing
++ '!' to negate the check.
++ (Closes: #915261)
++ * Add myself to uploaders
++
++ [ Michael Biebl ]
++ * Remove obsolete systemd-shim conffile on upgrades.
++ The D-Bus policy file was dropped from the systemd-shim package in
++ version 8-4, but apparently there are cases where users removed the
++ package before that cleanup happened. The D-Bus policy file that was
++ shipped by systemd-shim was much more restrictive and now prevents
++ calling GetDynamicUsers() and other recent APIs on systemd Manager.
++ (Closes: #914285)
++
++ -- Felipe Sateler <fsateler@debian.org> Wed, 05 Dec 2018 21:03:34 -0300
++
++systemd (239-14) unstable; urgency=medium
++
++ [ Michael Biebl ]
++ * autopkgtest: Drop test_custom_cgroup_cleanup from boot-and-services
++ * resolved: Increase size of TCP stub replies (Closes: #915049)
++ * meson: Unify linux/stat.h check with other checks and use _GNU_SOURCE.
++ Fixes a build failure with glibc 2.28.
++ * Drop procps dependency from systemd.
++ The systemd-exit.service user service no longer uses the "kill" binary.
++ * Simplify container check in udev SysV init script.
++ Instead of using "ps" to detect a container environment, simply test if
++ /sys is writable. This matches what's used in systemd-udevd.service via
++ ConditionPathIsReadWrite=/sys and follows
++ https://www.freedesktop.org/wiki/Software/systemd/ContainerInterface/
++ This means we no longer need procps, so drop that dependency from the
++ udev package. (Closes: #915095)
++
++ [ Mert Dirik ]
++ * 40-systemd: Honour __init_d_script_name.
++ Make /lib/lsb/init-functions.d/40-systemd use __init_d_script_name
++ (if available) to figure out real script name. (Closes: #826214)
++ * 40-systemd: Improve heuristics for init-d-script.
++ Improve heuristics for scripts run via init-d-script so that the
++ redirection works even for older init-d-script versions without the
++ __init_d_script_name variable.
++
++ -- Michael Biebl <biebl@debian.org> Sun, 02 Dec 2018 01:00:01 +0100
++
++systemd (239-13) unstable; urgency=medium
++
++ * autopktest: Add e2fsprogs dependency to upstream test.
++ Some of the upstream tests require mkfs.ext4. (Closes: #887250)
++ * systemctl: Tell update-rc.d to skip creating any systemd symlinks.
++ When calling update-rc.d via systemd-sysv-install, tell it to skip
++ creating any systemd symlinks as we want to handle those directly in
++ systemctl. Older update-rc.d versions will ignore that request, but
++ that's ok. This means we don't need a versioned dependency against
++ init-system-helpers. (Closes: #743217)
++ * pam_systemd: Suppress LOG_DEBUG log messages if debugging is off
++ (Closes: #825949)
++ * Drop cgroup-don-t-trim-cgroup-trees-created-by-someone-el.patch.
++ The patch is no longer necessary as lxc.service now uses Delegate=yes.
++ * Remove obsolete Replaces from pre-jessie
++
++ -- Michael Biebl <biebl@debian.org> Tue, 20 Nov 2018 19:44:39 +0100
++
++systemd (239-12) unstable; urgency=high
++
++ [ Martin Pitt ]
++ * Enable QEMU on more architectures in "upstream" autopkgtest.
++ Taken from the Ubuntu package, so apparently QEMU works well enough on
++ these architectures now.
++ * autopkgtest: Avoid test bed reset for boot-smoke.
++ Make "boot-smoke"'s dependencies a strict superset of "upstream"'s, so
++ that autopkgtest doesn't have to provide a new testbed.
++ * Fix wrong "nobody" group from sysusers.d.
++ Fix our make-sysusers-basic sysusers.d generator to special-case the
++ nobody group. "nobody" user and "nogroup" group both have the same ID
++ 65534, which is the only special case for Debian's static users/groups.
++ So specify the gid explicitly, to avoid systemd-sysusers creating a
++ dynamic system group for "nobody".
++ Also clean up the group on upgrades.
++ Thanks to Keh-Ming Luoh for the original patch! (Closes: #912525)
++
++ [ Michael Biebl ]
++ * autopkgtest: Use shutil.which() which is provided by Python 3
++ * Drop non-existing gnuefi=false build option.
++ This was mistakenly added when converting from autotools to meson.
++ * core: When deserializing state always use read_line(…, LONG_LINE_MAX, …)
++ Fixes a vulnerability in unit_deserialize which allows an attacker to
++ supply arbitrary state across systemd re-execution via NotifyAccess.
++ (CVE-2018-15686, Closes: #912005)
++ * meson: Use the host architecture compiler/linker for src/boot/efi.
++ Fixes cross build failure for arm64. (Closes: #905381)
++ * systemd: Do not pass .wants fragment path to manager_load_unit.
++ Fixes an issue with overridden units in /etc not being used due to a
++ .wants/ symlink pointing to /lib. (Closes: #907054)
++ * machined: When reading os-release file, join PID namespace too.
++ This ensures that we properly acquire the os-release file from containers.
++ (Closes: #911231)
++
++ -- Michael Biebl <biebl@debian.org> Sat, 17 Nov 2018 18:39:21 +0100
++
++systemd (239-11) unstable; urgency=high
++
++ [ Michael Biebl ]
++ * debian/tests/upstream: Clean up after each test run.
++ Otherwise the loopback images used by qemu are not properly released and
++ we might run out of disk space.
++ * dhcp6: Make sure we have enough space for the DHCP6 option header.
++ Fixes out-of-bounds heap write in systemd-networkd dhcpv6 option
++ handling.
++ (CVE-2018-15688, LP: #1795921, Closes: #912008)
++ * chown-recursive: Rework the recursive logic to use O_PATH.
++ Fixes a race condition in chown_one() which allows an attacker to cause
++ systemd to set arbitrary permissions on arbitrary files.
++ (CVE-2018-15687, LP: #1796692, Closes: #912007)
++
++ [ Martin Pitt ]
++ * debian/tests/boot-and-services: Use gdm instead of lightdm.
++ This seems to work more reliably, on Ubuntu CI's i386 instances lightdm
++ fails.
++
++ [ Manuel A. Fernandez Montecelo ]
++ * Run "meson test" instead of "ninja test"
++ Upstream developers of meson recommend to run it in this way, because
++ "ninja test" just calls "meson test", and by using meson directly and
++ using extra command line arguments it is possible to control aspects of
++ how the tests are run.
++ * Increase timeout for test in riscv64.
++ The buildds for the riscv64 arch used at the moment are slow, so increase
++ the timeouts for this arch by a factor of 10, for good measure.
++ (Closes: #906429)
++
++ -- Michael Biebl <biebl@debian.org> Sun, 28 Oct 2018 13:02:18 +0100
++
++systemd (239-10) unstable; urgency=medium
++
++ [ Michael Biebl ]
++ * meson: Rename -Ddebug to -Ddebug-extra.
++ Meson added -Doptimization and -Ddebug options, which obviously causes
++ a conflict with our -Ddebug options. Let's rename it.
++ (Closes: #909455)
++ * Add conflicts against consolekit.
++ Letting both ConsoleKit and logind manage dynamic device permissions
++ will only lead to inconsistent and unexpected results.
++
++ [ Felipe Sateler ]
++ * Link systemctl binary statically against libshared.
++ This reduces the Pre-Depends list considerably, and is more resilient
++ against borked installs.
++
++ -- Michael Biebl <biebl@debian.org> Tue, 25 Sep 2018 16:11:12 +0200
++
++systemd (239-9) unstable; urgency=medium
++
++ * autopkgtest: Remove needs-recommends runtime restriction.
++ This restriction has been deprecated and there are plans to remove it
++ altogether. The tests pass withouth needs-recommends, so it seems safe
++ to remove.
++ * test: Use installed catalogs when test-catalog is not located at build
++ dir.
++ This makes it possible to run test-catalog as installed test, so we no
++ longer need to mark it as EXFAIL in our root-unittests autopkgtest.
++ * test: Use "systemd-runtest.env" to set $SYSTEMD_TEST_DATA and
++ $SYSTEMD_CATALOG_DIR.
++ This avoids embedding ABS_{SRC,BUILD}_DIR into libsystemd-shared.so and
++ the test binaries and should make the build reproducible.
++ (Closes: #908365)
++
++ -- Michael Biebl <biebl@debian.org> Wed, 12 Sep 2018 19:07:38 +0200
++
++systemd (239-8) unstable; urgency=medium
++
++ [ Michael Biebl ]
++ * Clean up dbus-org.freedesktop.timesync1.service Alias on purge
++ (Closes: #904290)
++ * user-runtime-dir: Fix wrong SELinux context (Closes: #908026)
++ * core: Fix gid when DynamicUser=yes with static user (Closes: #904335)
++ * Remove udev control socket on shutdown under sysvinit.
++ The udev control socket is no longer removed automatically when the
++ daemon is stopped. As this can confuse other software, update the SysV
++ init script to remove the control socket manually and make sure the init
++ script is executed on shutdown (runlevel 0) and reboot (runlevel 6).
++ (Closes: #791944)
++ * Bump Standards-Version to 4.2.1
++
++ [ Martin Pitt ]
++ * timedated: Fix wrong PropertyChanged values and refcounting
++
++ -- Michael Biebl <biebl@debian.org> Fri, 07 Sep 2018 08:41:12 +0200
++
++systemd (239-7) unstable; urgency=medium
++
++ * autopkgtest: Add iputils-ping dependency to root-unittests.
++ The ping binary is required by test-bpf.
++ * autopkgtest: Add dbus-user-session and libpam-systemd dependency to
++ root-unittests.
++ Without a working D-Bus user session, a lot of the test-bus-* tests are
++ skipped.
++ * network/link: Fix logic error in matching devices by MAC (Closes: #904198)
++
++ -- Michael Biebl <biebl@debian.org> Sun, 22 Jul 2018 13:40:15 +0200
++
++systemd (239-6) unstable; urgency=medium
++
++ [ Martin Pitt ]
++ * autopkgtest: Install libnss-systemd.
++ Make sure that dynamic users can be resolved. This e. g. prevents a
++ startup failure for systemd-resolved.
++ * autopkgtest: Add missing python3 test dependency for udev test
++
++ [ Michael Biebl ]
++ * autopkgtest: Make AppArmor violator test work with merged-usr
++ * Make /dev/kvm accessible to local users and group kvm.
++ Re-add the uaccess tag to /dev/kvm to make it accessible to local
++ users. Access is also granted via group kvm, so create that in
++ udev.postinst. (Closes: #887852)
++ * Move a few man pages from systemd to systemd-journal-remote.
++ The systemd package shipped a few systemd-journal-remote and
++ systemd-journal-upload related man pages which really belong into the
++ systemd-journal-remote package. Move those man pages into the correct
++ package and add a Breaks/Replaces against systemd accordingly.
++ (Closes: #903557)
++ * autopkgtest: Drop no-longer needed workaround from upstream test
++ * Go back to statically allocate system users for timesyncd, networkd and
++ resolved.
++ There are currently too many open issues related to D-Bus and the usage
++ of DynamicUser. (Closes: #902971)
++ * Change python3-minimal dependency to python3.
++ While we strictly only need python3-minimal, the usage of
++ python3-minimal triggers a lintian error: depends-on-python-minimal
++ * test: Drop SKIP_INITRD for QEMU-based tests.
++ The Debian Linux kernel ships ext4 support as a module, so we require an
++ initrd to successfully start the QEMU images.
++ * debian/tests/localed-x11-keymap: Deal with absence of
++ /etc/default/keyboard more gracefully
++ * autopkgtest: Add various dependencies to make upstream test pass on Debian
++ - netcat-openbsd: Required by TEST-12-ISSUE-3171.
++ - busybox-static: Required by TEST-13-NSPAWN-SMOKE.
++ - plymouth: Required by TEST-15-DROPIN and TEST-22-TMPFILES.
++ * Drop seccomp system call filter for udev.
++ The seccomp based system call whitelist requires at least systemd 239 to
++ be the active init and during a dist-upgrade we can't guarantee that
++ systemd has been fully configured before udev is restarted.
++ The versioned systemd Breaks that was added to udev for #902185 didn't
++ really fix this issue, so revert that change again. (Closes: #903224)
++
++ -- Michael Biebl <biebl@debian.org> Thu, 19 Jul 2018 00:04:54 +0200
++
++systemd (239-5) unstable; urgency=medium
++
++ * Add inverse version restriction of the Breaks to the systemd-shim
++ alternative in libpam-systemd.
++ Otherwise apt will fail to find an installation path for libpam-systemd
++ in cases where libpam-systemd is an indirect dependency. (Closes: #902998)
++
++ -- Michael Biebl <biebl@debian.org> Thu, 05 Jul 2018 11:50:10 +0200
++
++systemd (239-4) unstable; urgency=medium
++
++ [ Michael Biebl ]
++ * Drop outdated section from README.Debian about switching back to SysV init
++ * sleep: Fix one more printf format of a fiemap field
++ * basic: Add missing comma in raw_clone assembly for sparc
++ * bus-util: Make log level lower in request_name_destroy_callback()
++ * tmpfiles: Specify access mode for /run/systemd/netif
++ * Add Breaks against python-dbusmock (<< 0.18) to systemd.
++ The logind and timedated tests in python-dbusmock were broken by the
++ latest systemd release and had to be adjusted to work with systemd 239.
++ See #902602
++ * Drop patches which try to support running systemd services without systemd
++ as pid 1.
++ No one is currently actively maintaining systemd-shim, which means that
++ e.g. running systemd-logind no longer works when systemd is not pid 1.
++ Thus drop our no longer working patches. Bump the Breaks against
++ systemd-shim accordingly.
++ See #895292, #901404, #901405
++
++ [ Martin Pitt ]
++ * test: fix networkd-test.py rate limiting and dynamic user
++
++ -- Michael Biebl <biebl@debian.org> Tue, 03 Jul 2018 23:36:28 +0200
++
++systemd (239-3) unstable; urgency=medium
++
++ * Revert "systemctl: when removing enablement or mask symlinks, cover both
++ /run and /etc"
++ We currently have packages in the archive which use
++ "systemctl --runtime unmask" and are broken by this change.
++ This is a intermediate step until it is clear whether upstream will
++ revert this commit or whether we will have to update affected packages
++ to deal with this changed behaviour.
++ See #902287 and https://github.com/systemd/systemd/issues/9393
++
++ -- Michael Biebl <biebl@debian.org> Wed, 27 Jun 2018 14:46:06 +0200
++
++systemd (239-2) unstable; urgency=medium
++
++ * sleep: Fix printf format of fiemap fields.
++ This should fix a FTBFS on ia64.
++ * timesync: Change type of drift_freq to int64_t.
++ This should fix a FTBFS on x32.
++ * Bump systemd Breaks to ensure it is upgraded in lockstep with udev.
++ The hardening features used by systemd-udevd.service require systemd 239
++ and udev will fail to start with older versions. (Closes: #902185)
++
++ -- Michael Biebl <biebl@debian.org> Wed, 27 Jun 2018 13:59:24 +0200
++
++systemd (239-1) unstable; urgency=medium
++
++ [ Michael Biebl ]
++ * New upstream version 239
++ * Drop alternative iptables-dev Build-Depends.
++ It is no longer needed as both Ubuntu and Debian now ship libiptc-dev in
++ their latest stable (LTS) release.
++ * Drop alternative btrfs-tools Recommends.
++ It is no longer needed as btrfs-progs is now available in both Debian
++ and Ubuntu and keeping the alternative around prevents the transitional
++ package from being autoremoved.
++ * Disable installation of RPM macros.
++ This avoids having to remove them manually later on.
++ * Drop cleanup rules for libtool .la files.
++ With the switch to Meson, libtool is no longer used.
++ * Drop fallback for older kernels when running the test suite.
++ We now assume that we have a kernel newer then 3.13.
++ * Stop cleaning up .busname units.
++ Those are gone upstream, so we no longer need to remove them manually.
++ * Update symbols file for libsystemd0
++ * Rebase patches
++ * Install new resolvectl tool.
++ Don't ship the /sbin/resolvconf compat symlink in the systemd package,
++ as this would cause a file conflict with the resolvconf and openresolv
++ package.
++ * Disable support for "Portable Services"
++ This is still an experimental feature.
++ * Disable pristine-tar in gbp.conf.
++ It is currently not possible to import the systemd v239 tarball using
++ pristine-tar due to #902115.
++ * Bump Build-Depends on meson to (>= 0.44)
++ * Stop setting the path for the kill binary, no longer necessary
++ * Stop creating systemd-network and systemd-resolve system user
++ systemd-networkd.service and systemd-resolved.service now use
++ DynamicUser=yes.
++
++ [ Dimitri John Ledkov ]
++ * Run all upstream tests, and then report all that failed.
++
++ -- Michael Biebl <biebl@debian.org> Sat, 23 Jun 2018 00:18:08 +0200
++
++systemd (238-5) unstable; urgency=medium
++
++ [ Evgeny Vereshchagin ]
++ * upstream autopkgtest: Copy journal subdirectories.
++ Otherwise logs are missing on failures.
++
++ [ Martin Pitt ]
++ * debian/tests/boot-and-services: Ignore cpi.service failure.
++ This is apparently a regression in Ubuntu 18.04, not in systemd, so
++ ignore it.
++
++ [ Michael Biebl ]
++ * sd-bus: Do not try to close already closed fd (Closes: #896781)
++ * Use dh_missing to act on uninstalled files.
++ The usage of dh_install --fail-missing has been deprecated.
++ * meson: Avoid warning about comparison of bool and string.
++ The result of this is undefined and will become a hard error in a future
++ Meson release.
++ * login: Respect --no-wall when cancelling a shutdown request
++ (Closes: #897938)
++ * Add dependencies of libsystemd-shared to Pre-Depends.
++ This is necessary so systemctl is functional at all times during a
++ dist-upgrade. (Closes: #897986)
++ * Drop dh_strip override, the dbgsym migration is done
++
++ [ Felipe Sateler ]
++ * Don't include libmount.h in a header file.
++ Kernel and glibc headers both use MS_* constants, but are not in sync, so
++ only one of them can be used at a time. Thus, only import them where
++ needed. Works around #898743.
++
++ -- Michael Biebl <biebl@debian.org> Sat, 26 May 2018 10:31:29 +0200
++
++systemd (238-4) unstable; urgency=medium
++
++ [ Michael Biebl ]
++ * udev/net-id: Fix check for address to keep interface names stable
++ * debian/copyright: Move global wildcard section to the top
++
++ [ Martin Pitt ]
++ * Fix daemon reload failures
++
++ [ Laurent Bigonville ]
++ * Fix /sys/fs/cgroup mount when using SELinux.
++ Since v236, all cgroups except /sys/fs/cgroup/systemd and
++ /sys/fs/cgroup/unified are not mounted when SELinux is enabled (even in
++ permissive mode). Disabling SELinux completely restores these cgroups.
++ This patch fixes that issue by no longer making the assumption that those
++ cgroups are mounted by initrd/dracut before systemd is started.
++
++ -- Michael Biebl <biebl@debian.org> Sun, 01 Apr 2018 13:02:57 +0200
++
++systemd (238-3) unstable; urgency=medium
++
++ [ Martin Pitt ]
++ * Enable systemd-sysusers unit and provide correct Debian static u/gids.
++ Add a helper script debian/extra/make-sysusers-basic which generates a
++ sysusers.d(5) file from Debian's static master passwd/group files.
++ systemd 238 now supports specifying different uid and gid and a
++ non-default login shell, so this is possible now. (Closes: #888126)
++ * udev README.Debian: Include initrd rebuild and some clarifications in
++ migration.
++ While initrd update is already being mentioned in the introductory
++ section, it is easy to miss when going through the migration steps, so
++ explicitly mention it again. Also add a warning about keeping a fallback
++ on misconfigurations, and the possibility to migrate one interface at a
++ time.
++ Thanks to Karl O. Pinc for the suggestions! (Closes: #881769)
++
++ [ Michael Biebl ]
++ * basic/macros: Rename noreturn into _noreturn_.
++ "noreturn" is reserved and can be used in other header files we include.
++ (Closes: #893426)
++ * units: Fix SuccessAction that belongs to [Unit] section not [Service]
++ section (Closes: #893282)
++
++ -- Michael Biebl <biebl@debian.org> Tue, 20 Mar 2018 23:22:57 +0100
++
++systemd (238-2) unstable; urgency=medium
++
++ [ Alf Gaida ]
++ * core: do not free stack-allocated strings.
++ Fixes a crash in systemd when the cpuacct cgroup controller is not
++ available. (Closes: #892360)
++
++ -- Michael Biebl <biebl@debian.org> Sat, 10 Mar 2018 01:12:47 +0100
++
++systemd (238-1) unstable; urgency=medium
++
++ [ Michael Biebl ]
++ * New upstream version 238
++ - Fixes systemd-tmpfiles to correctly handle symlinks present in
++ non-terminal path components. (CVE-2018-6954, Closes: #890779)
++ * Rebase patches
++ * Use compat symlinks as provided by upstream.
++ As the upstream build system now creates those symlinks for us, we no
++ longer have to create them manually.
++ * Update symbols file for libsystemd0
++ * test-cgroup-util: bail out when running under a buildd environment
++
++ [ Dimitri John Ledkov ]
++ * systemd-sysv-install: Fix name initialisation.
++ Only initialise NAME after --root optional argument has been parsed,
++ otherwise NAME is initialized to e.g. `enable`, instead of to the
++ `unit-name`, resulting in failures. (LP: #1752882)
++
++ -- Michael Biebl <biebl@debian.org> Wed, 07 Mar 2018 23:21:53 +0100
++
++systemd (237-4) unstable; urgency=medium
++
++ [ Gunnar Hjalmarsson ]
++ * Fix PO template creation.
++ Cherry-pick upstream patches to build a correct systemd.pot including
++ the polkit policy files even without policykit-1 being installed.
++ (LP: #1707898)
++
++ [ Michael Biebl ]
++ * Drop mask for fuse SysV init script.
++ The fuse package has removed its SysV init script a long time ago, so
++ the mask is no longer needed.
++ * Replace two Debian specific patches which cherry-picks from upstream
++ master
++
++ -- Michael Biebl <biebl@debian.org> Wed, 28 Feb 2018 19:18:34 +0100
++
++systemd (237-3) unstable; urgency=medium
++
++ [ Martin Pitt ]
++ * debian/tests/boot-smoke: More robust journal checking.
++ Also fail the test if calling journalctl fails, and avoid calling it
++ twice. See https://github.com/systemd/systemd/pull/8032
++ * Simplify PO template creation.
++ Use the existing upstream build system instead of a manual call to
++ `intltool-update` and `xgettext` to build systemd.pot. Remove the now
++ obsolete intltool build dependency, but still explicitly keep gettext.
++ (LP: #1707898)
++ * Make systemd-sysv-install robust against existing $ROOT.
++ Always initialize `$ROOT`, to avoid the script getting confused by an
++ existing outside env variable. Also fix the `--root` option to actually
++ work, the previous approach was conceptually broken due to how shell
++ quoting works. Make the work with `set -u`. (Closes: #890436)
++
++ [ Felipe Sateler ]
++ * Backport upstream patch fixing a wrong assert() call (Closes: #890423)
++
++ -- Michael Biebl <biebl@debian.org> Wed, 14 Feb 2018 23:07:17 +0100
++
++systemd (237-2) unstable; urgency=medium
++
++ * Drop debian/extra/rules/70-debian-uaccess.rules.
++ Up-to-date udev rules for U2F devices are shipped in libu2f-udev nowadays.
++ (Closes: #889665)
++ * service: relax PID file symlink chain checks a bit.
++ Let's read the PID file after all if there's a potentially unsafe symlink
++ chain in place. But if we do, then refuse taking the PID if its outside of
++ the cgroup. (Closes: #889144)
++
++ -- Michael Biebl <biebl@debian.org> Fri, 09 Feb 2018 23:35:31 +0100
++
++systemd (237-1) unstable; urgency=medium
++
++ * New upstream version 237
++ * Rebase patches
++ * Update symbols file for libsystemd0
++ * Update Vcs-* to point to https://salsa.debian.org
++ * Bump Standards-Version to 4.1.3
++ * Set Rules-Requires-Root to no
++
++ -- Michael Biebl <biebl@debian.org> Tue, 30 Jan 2018 01:55:24 +0100
++
++systemd (236-4) unstable; urgency=medium
++
++ [ Felipe Sateler ]
++ * Allow systemd-timesyncd to start when libnss-systemd is not installed.
++ Pick upstream patch requiring the existence of the systemd-timesync user
++ only when running as root, which is not the case for the system unit.
++ (Closes: #887343)
++
++ [ Nicolas Braud-Santoni ]
++ * debian/copyright: Refer to the CC0 license file (Closes: #882629)
++
++ [ Michael Biebl ]
++ * Add Build-Depends on python3-evdev <!nocheck>
++ This is used by hwdb/parse_hwdb.py to perform additional validation on
++ hwdb files.
++
++ -- Michael Biebl <biebl@debian.org> Sun, 28 Jan 2018 22:29:32 +0100
++
++systemd (236-3) unstable; urgency=medium
++
++ * Revert "core/execute: RuntimeDirectory= or friends requires mount
++ namespace"
++ This was making mounts from SSH sessions invisible to the system.
++ (Closes: #885325)
++
++ -- Michael Biebl <biebl@debian.org> Thu, 11 Jan 2018 16:46:04 +0100
++
++systemd (236-2) unstable; urgency=medium
++
++ * Downgrade priority of libudev1 to optional.
++ This makes it compliant with recent versions of debian-policy which
++ recommends to use priority optional for library packages.
++ * Clarify NEWS entry about removal of system users.
++ Mention in the recent NEWS entry that the associated system groups
++ should be removed as well. (Closes: #885061)
++ * cryptsetup-generator: Don't mistake NULL input as OOM.
++ Fixes systemd-cryptsetup-generator failing to run during boot.
++ (Closes: #885201)
++ * analyze: Use normal bus connection for "plot" verb.
++ Fixes "systemd-analyze plot" failing to run as root. (Closes: #884506)
++ * Stop re-enabling systemd services on every upgrade.
++ This was done so changes to the [Install] section would be applied on
++ upgrades. Forcefully re-enabling a service might overwrite local
++ modifications though and thus far, none of the affected services did
++ actually change its [Install] section. So remove this code from the
++ maintainer scripts as it was apparently doing more harm then good.
++ (Closes: #869354)
++
++ -- Michael Biebl <biebl@debian.org> Tue, 02 Jan 2018 00:35:14 +0100
++
++systemd (236-1) unstable; urgency=medium
++
++ [ Martin Pitt ]
++ * debian/tests/upstream: Only show ≥ warning in journal dumps.
++ Showing the entire debug log is too hard to scan visually, and most of
++ the time the warnings and errors are sufficient to explain a failure.
++ Put the journal files into the artifacts though, in case the debug
++ information is necessary.
++
++ [ Michael Biebl ]
++ * New upstream version 236
++ - nspawn: Adjust path to static resolv.conf to support split usr.
++ (Closes: #881310)
++ - networkd: Don't stop networkd if CONFIG_FIB_RULES=n in kernel.
++ (Closes: #881823)
++ - core: Fix segfault in compile_bind_mounts() when BindPaths= or
++ BindReadOnlyPaths= is set. (Closes: #883380)
++ - meson: Link NSS modules with -z nodelete to fix memory leak in
++ nss-systemd. (Closes: #883407)
++ - logind: Make sure we don't acces m->action_what if it's not initialized.
++ (Closes: #882270)
++ - systemctl: Ignore shutdown's "-t" argument. (Closes: #882245)
++ - core: Be more defensive if we can't determine per-connection socket
++ peer. (Closes: #879603)
++ - bpf-firewall: Actually invoke BPF_PROG_ATTACH to check whether
++ cgroup/bpf is available. (Closes: #878965)
++ * Rebase patches
++ * Update symbols file for libsystemd0
++ * Bump Standards-Version to 4.1.2
++ * Clean up old /var/lib/systemd/clock on upgrade.
++ The clock file used by systemd-timesyncd is now stored in
++ StateDirectory=systemd/timesync. (Closes: #883605)
++ * Stop creating systemd-timesync system user.
++ DynamicUser=yes has been enabled for systemd-timesyncd.service so
++ allocating a system user statically is no longer necessary.
++ * Document removal of systemd-{timesync,journal-gateway,journal-upload} user.
++ We no longer create those system users as the corresponding services now
++ use DynamicUser=yes. Removing those system users automatically is tricky,
++ as the relevant services might be running during upgrade. Add a NEWS
++ entry instead which documents this change.
++ * Revert "udev-rules: Permission changes for /dev/dri/renderD*"
++ This would introduce a new system group "render". As the name is rather
++ generic, this needs further discussion first, so revert this change for
++ now.
++
++ -- Michael Biebl <biebl@debian.org> Sun, 17 Dec 2017 21:45:51 +0100
++
++systemd (235-3) unstable; urgency=medium
++
++ [ Michael Biebl ]
++ * Switch from XC-Package-Type to Package-Type. As of dpkg-dev 1.15.7
++ Package-Type is recognized as an official field name.
++ * Install modprobe configuration file to /lib/modprobe.d.
++ Otherwise it is not read by kmod. (Closes: #879191)
++
++ [ Felipe Sateler ]
++ * Backport upstream (partial) fix for combined DynamicUser= + User=
++ UID was not allowed to be different to GID, which is normally the case in
++ debian, due to the group users being allocated the GID 100 without an
++ equivalent UID 100 being allocated.
++ * Backport upstream patches to fully make DynamicUser=yes + static,
++ pre-existing User= work.
++
++ [ Martin Pitt ]
++ * Add missing python3-minimal dependency to systemd-tests
++ * Drop long-obsolete systemd-bus-proxy system user
++ systemd-bus-proxy hasn't been shipped since before stretch and never
++ created any files. Thus clean up the obsolete system user on upgrades.
++ (Closes: #878182)
++ * Drop static systemd-journal-gateway system user
++ systemd-journal-gatewayd.service now uses DynamicUser=, so we don't need
++ to create this statically any more. Don't remove the user on upgrades
++ though, as there is likely still be a running process. (Closes: #878183)
++ * Use DynamicUser= for systemd-journal-upload.service.
++ * Add Recommends: libnss-systemd to systemd-sysv.
++ This is useful to actually be able to resolve dynamically created system
++ users with DynamicUser=true. This concept is going to be used much more
++ in future versions and (hopefully) third-party .services, so pulling it
++ into the default installation seems prudent now.
++ * resolved: Fix loop on packets with pseudo dns types.
++ (CVE-2017-15908, Closes: #880026, LP: #1725351)
++ * bpf-firewall: Properly handle kernels without BPF cgroup but with TRIE maps.
++ Fixes "Detaching egress BPF: Invalid argument" log spam. (Closes: #878965)
++ * Fix MemoryDenyWriteExecution= bypass with pkey_mprotect() (LP: #1725348)
++
++ -- Martin Pitt <mpitt@debian.org> Wed, 15 Nov 2017 09:34:00 +0100
++
++systemd (235-2) unstable; urgency=medium
++
++ * Revert "tests: when running a manager object in a test, migrate to private
++ cgroup subroot first"
++ This was causing test suite failures when running inside a chroot.
++
++ -- Michael Biebl <biebl@debian.org> Wed, 11 Oct 2017 00:46:07 +0200
++
++systemd (235-1) unstable; urgency=medium
++
++ [ Michael Biebl ]
++ * New upstream version 235
++ - cryptsetup-generator: use remote-cryptsetup.target when _netdev is
++ present (Closes: #852534)
++ - tmpfiles: change btmp mode 0600 → 0660 (Closes: #870638)
++ - networkd: For IPv6 addresses do not treat IFA_F_DEPRECATED as not ready
++ (Closes: #869995)
++ - exec-util,conf-files: skip non-executable files in execute_directories()
++ (Closes: #867902)
++ - man: update udevadm -y/--sysname-match documentation (Closes: #865081)
++ - tmpfiles: silently ignore any path that passes through autofs
++ (Closes: #805553)
++ - shared: end string with % if one was found at the end of a expandible
++ string (Closes: #865450)
++ * Refresh patches
++ * Bump Build-Depends on libmount-dev to (>= 2.30)
++ * Install new modprobe.d config file
++ * Bump Standards-Version to 4.1.1
++
++ [ Martin Pitt ]
++ * Merge logind-kill-off autopkgtest into logind test.
++ This was horribly inefficient as a separate test (from commit
++ 6bd0dab41e), as that cost two VM resets plus accompanying boots; and
++ this does not change any state thus does not require this kind of
++ isolation.
++
++ -- Michael Biebl <biebl@debian.org> Tue, 10 Oct 2017 18:29:28 +0200
++
++systemd (234-3) unstable; urgency=medium
++
++ [ Martin Pitt ]
++ * Various fixes for the upstream autopkgtest.
++
++ [ Felipe Sateler ]
++ * Add fdisk to the dependencies of the upstream autopkgtest.
++ The upstream autopkgtest uses sfdisk, which is now in the non-essential
++ fdisk package. (Closes: #872119)
++ * Disable nss-systemd on udeb builds
++ * Correctly disable resolved on udeb builds
++ * Help fix collisions in libsystemd-shared symbols by versioning them.
++ Backport upstream patch to version the symbols provided in the private
++ library, so that they cannot confuse unversioned pam modules or libraries
++ linked into them. (Closes: #873708)
++
++ [ Dimitri John Ledkov ]
++ * Cherrypick upstream networkd-test.py assertion/check fixes.
++ This resolves ADT test suite failures, when running tests under lxc/lxd
++ providers.
++ * Cherrypick arm* seccomp fixes.
++ This should resolve ADT test failures, on arm64, when running as root.
++ * Disable KillUserProcesses, yet again, with meson this time.
++ * initramfs-tools: trigger udevadm add actions with subsystems first.
++ This updates the initramfs-tools init-top udev script to trigger udevadm
++ actions with type specified. This mimics the systemd-udev-trigger.service.
++ Without type specified only devices are triggered, but triggering
++ subsystems may also be required and should happen before triggering the
++ devices. This is the case for example on s390x with zdev generated udev
++ rules. (LP: #1713536)
++
++ [ Michael Biebl ]
++ * (Re)add --quiet flag to addgroup calls.
++ This is now safe with adduser having been fixed to no longer suppress
++ fatal error messages if --quiet is used. (Closes: #837871)
++ * Switch back to default GCC (Closes: #873661)
++ * Drop systemd-timesyncd.service.d/disable-with-time-daemon.conf.
++ All major NTP implementations ship a native service file nowadays with a
++ Conflicts=systemd-timesyncd.service so this drop-in is no longer
++ necessary. (Closes: #873185)
++
++ -- Michael Biebl <biebl@debian.org> Mon, 04 Sep 2017 00:17:00 +0200
++
++systemd (234-2.3) unstable; urgency=high
++
++ * Non-maintainer upload.
++ * Also switch to g++-6 temporarily (needed for some tests):
++ - Add g++-6 to Build-Depends
++ - Export CXX = g++-6
++
++ -- Cyril Brulebois <kibi@debian.org> Thu, 24 Aug 2017 02:40:53 +0200
++
++systemd (234-2.2) unstable; urgency=high
++
++ * Non-maintainer upload.
++ * Switch to gcc-6 on all architectures, working around an FTBFS on mips64el,
++ apparently due to a gcc-7 bug (See: #871514):
++ - Add gcc-6 to Build-Depends in debian/control
++ - Export CC = gcc-6 in debian/rules
++
++ -- Cyril Brulebois <kibi@debian.org> Wed, 23 Aug 2017 22:53:09 +0000
++
++systemd (234-2.1) unstable; urgency=high
++
++ * Non-maintainer upload.
++ * Fix missing 60-input-id.rules in udev-udeb, which breaks the graphical
++ version of the Debian Installer, as no key presses or mouse events get
++ processed (Closes: #872598).
++
++ -- Cyril Brulebois <kibi@debian.org> Wed, 23 Aug 2017 20:41:33 +0200
++
++systemd (234-2) unstable; urgency=medium
++
++ [ Martin Pitt ]
++ * udev README.Debian: Fix name of example *.link file
++
++ [ Felipe Sateler ]
++ * test-condition: Don't assume that all non-root users are normal users.
++ Automated builders may run under a dedicated system user, and this test
++ would fail that.
++
++ [ Michael Biebl ]
++ * Revert "units: Tell login to preserve environment"
++ Environment=LANG= LANGUAGE= LC_CTYPE= ... as used in the getty units is
++ not unsetting the variables but instead sets it to an empty var. Passing
++ that environment to login messes up the system locale settings and
++ breaks programs like gpg-agent.
++ (Closes: #868695)
++
++ -- Michael Biebl <biebl@debian.org> Thu, 20 Jul 2017 15:13:42 +0200
++
++systemd (234-1) unstable; urgency=medium
++
++ [ Michael Biebl ]
++ * New upstream version 234
++ - tmpfiles: Create /var/log/lastlog if it does not exist.
++ (Closes: #866313)
++ - network: Bridge vlan without PVID. (Closes: #859941)
++ * Rebase patches
++ * Switch build system from autotools to meson.
++ Update the Build-Depends accordingly.
++ * Update fsckd patch for meson
++ * udev autopkgtest: no longer install test-udev binary manually.
++ This is now done by the upstream build system.
++ * Update symbols file for libsystemd0
++ * Update lintian override for systemd-tests.
++ Upstream now installs manual and unsafe tests in subdirectories of
++ /usr/lib/systemd/tests/, so ignore those as well.
++ * Bump Standards-Version to 4.0.0
++ * Change priority of libnss-* packages from extra to optional.
++ * Use UTF-8 locale when building the package.
++ Otherwise meson will be pretty unhappy when trying to process files with
++ unicode characters. Use C.UTF-8 as this locale is pretty much guaranteed
++ to be available everywhere.
++ * Mark test-timesync as manual.
++ The test tries to setup inotify watches for /run/systemd/netif/links
++ which fails in a buildd environment where systemd is not active.
++ * Do not link udev against libsystemd-shared.
++ We ship udev in a separate binary package, so can't use
++ libsystemd-shared, which is part of the systemd binary package.
++ * Avoid requiring a "kvm" system group.
++ This group is not universally available and as a result generates a
++ warning during boot. As kvm is only really useful if the qemu package is
++ installed and this package already takes care of setting up the proper
++ permissions for /dev/kvm, drop this rule from 50-udev-default.rules.
++
++ [ Martin Pitt ]
++ * udev README.Debian: Update transitional rules and mention *.link files.
++ - 01-mac-for-usb.link got replaced with 73-usb-net-by-mac.rules
++ - /etc/systemd/network/50-virtio-kernel-names.link is an upgrade
++ transition for VMs with virtio
++ - Describe *.link files as a simpler/less error prone (but also less
++ flexible) way of customizing interface names. (Closes: #868002)
++
++ -- Michael Biebl <biebl@debian.org> Thu, 13 Jul 2017 17:38:28 +0200
++
++systemd (233-10) unstable; urgency=medium
++
++ [ Martin Pitt ]
++ * Adjust var-lib-machines.mount target.
++ Upstream PR #6095 changed the location to
++ {remote-fs,machines}.target.wants, so just install all available ones.
++
++ [ Dimitri John Ledkov ]
++ * Fix out-of-bounds write in systemd-resolved.
++ CVE-2017-9445 (Closes: #866147, LP: #1695546)
++
++ [ Michael Biebl ]
++ * Be truly quiet in systemctl -q is-enabled (Closes: #866579)
++ * Improve RLIMIT_NOFILE handling.
++ Use /proc/sys/fs/nr_open to find the current limit of open files
++ compiled into the kernel instead of using a hard-coded value of 65536
++ for RLIMIT_NOFILE. (Closes: #865449)
++
++ [ Nicolas Braud-Santoni ]
++ * debian/extra/rules: Use updated U2F ruleset.
++ This ruleset comes from Yubico's libu2f-host. (Closes: #824532)
++
++ -- Michael Biebl <biebl@debian.org> Mon, 03 Jul 2017 18:51:58 +0200
++
++systemd (233-9) unstable; urgency=medium
++
++ * hwdb: Use path_join() to generate the hwdb_bin path.
++ This ensures /lib/udev/hwdb.bin gets the correct SELinux context. Having
++ double slashes in the path makes selabel_lookup_raw() return the wrong
++ context. (Closes: #851933)
++ * Drop no longer needed Breaks against usb-modeswitch
++ * Drop Breaks for packages shipping rcS init scripts.
++ This transition was completed in stretch.
++
++ -- Michael Biebl <biebl@debian.org> Mon, 19 Jun 2017 15:10:14 +0200
++
++systemd (233-8) experimental; urgency=medium
++
++ * Bump debhelper compatibility level to 10
++ * Drop versioned Build-Depends on dpkg-dev.
++ It's no longer necessary as even Jessie ships a new enough version.
++ * timesyncd: don't use compiled-in list if FallbackNTP has been configured
++ explicitly (Closes: #861769)
++ * resolved: fix null pointer p->question dereferencing.
++ This fixes a bug which allowed a remote DoS (daemon crash) via a crafted
++ DNS response with an empty question section.
++ Fixes: CVE-2017-9217 (Closes: #863277)
++
++ -- Michael Biebl <biebl@debian.org> Mon, 29 May 2017 14:12:08 +0200
++
++systemd (233-7) experimental; urgency=medium
++
++ [ Michael Biebl ]
++ * basic/journal-importer: Fix unaligned access in get_data_size()
++ (Closes: #862062)
++ * ima: Ensure policy exists before asking the kernel to load it
++ (Closes: #863111)
++ * Add Depends: procps to systemd.
++ It's required by /usr/lib/systemd/user/systemd-exit.service which calls
++ /bin/kill to stop the systemd --user instance. (Closes: #862292)
++ * service: Serialize information about currently executing command
++ (Closes: #861157)
++ * seccomp: Add clone syscall definitions for mips (Closes: #861171)
++
++ [ Dimitri John Ledkov ]
++ * ubuntu: disable dnssec on any ubuntu releases (LP: #1690605)
++
++ [ Felipe Sateler ]
++ * Specify nobody user and group.
++ Otherwise nss-systemd will translate to group 'nobody', which doesn't
++ exist on debian systems.
++
++ -- Michael Biebl <biebl@debian.org> Wed, 24 May 2017 12:26:18 +0200
++
++systemd (233-6) experimental; urgency=medium
++
++ [ Felipe Sateler ]
++ * Backport upstream PR #5531.
++ This delays opening the mdns and llmnr sockets until a network has enabled
++ them. This silences annoying messages when networkd receives such packets
++ without expecting them: Got mDNS UDP packet on unknown scope.
++
++ [ Martin Pitt ]
++ * resolved: Disable DNSSEC by default on stretch and zesty.
++ Both Debian stretch and Ubuntu zesty are close to releasing, switch to
++ DNSSEC=off by default for those. Users can still turn it back on with
++ DNSSEC=allow-downgrade (or even "yes").
++
++ [ Michael Biebl ]
++ * Add Conflicts against hal.
++ Since v183, udev no longer supports RUN+="socket:". This feature is
++ still used by hal, but now generates vast amounts of errors in the
++ journal. Thus force the removal of hal by adding a Conflicts to the udev
++ package. This is safe, as hal is long dead and no longer useful.
++ * Drop systemd-ui Suggests
++ systemd-ui is unmaintained upstream and not particularly useful anymore.
++ * journal: fix up syslog facility when forwarding native messages.
++ Native journal messages (_TRANSPORT=journal) typically don't have a
++ syslog facility attached to it. As a result when forwarding the
++ messages to syslog they ended up with facility 0 (LOG_KERN).
++ Apply syslog_fixup_facility() so we use LOG_USER instead.
++ (Closes: #837893)
++ * Split upstream tests into systemd-tests binary package (Closes: #859152)
++ * Get PACKAGE_VERSION from config.h.
++ This also works with meson and is not autotools specific.
++
++ [ Sjoerd Simons ]
++ * init-functions Only call daemon-reload when planning to redirect
++ systemctl daemon-reload is a quite a heavy operation, it will re-parse
++ all configuration and re-run all generators. This should only be done
++ when strictly needed. (Closes: #861158)
++
++ -- Michael Biebl <biebl@debian.org> Fri, 28 Apr 2017 21:47:14 +0200
++
++systemd (233-5) experimental; urgency=medium
++
++ * Do not throw a warning in emergency and rescue mode if plymouth is not
++ installed.
++ Ideally, plymouth should only be referenced via dependencies, not
++ ExecStartPre. This at least avoids the confusing error message on
++ minimal installations that do not carry plymouth.
++ * rules: Allow SPARC vdisk devices when identifying CD drives
++ (Closes: #858014)
++
++ -- Michael Biebl <biebl@debian.org> Tue, 21 Mar 2017 21:00:08 +0100
++
++systemd (233-4) experimental; urgency=medium
++
++ [ Martin Pitt ]
++ * udev autopkgtest: Drop obsolete sys.tar.xz fallback.
++ This was only necessary for supporting 232 as well.
++ * root-unittest: Drop obsolete FIXME comment.
++ * Add libpolkit-gobject-1-dev build dep for polkit version detection.
++ * Move systemd.link(5) to udev package.
++ .link files are being handled by udev, so it should ship the
++ corresponding manpage. Bump Breaks/Replaces accordingly. (Closes: #857270)
++
++ [ Michael Biebl ]
++ * Restart journald on upgrades (Closes: #851438)
++ * Avoid strict DM API versioning.
++ Compiling against the dm-ioctl.h header as provided by the Linux kernel
++ will embed the DM interface version number. Running an older kernel can
++ lead to errors on shutdown when trying to detach DM devices.
++ As a workaround, build against a local copy of dm-ioctl.h based on 3.13,
++ which is the minimum required version to support DM_DEFERRED_REMOVE.
++ (Closes: #856337)
++
++ -- Michael Biebl <biebl@debian.org> Thu, 16 Mar 2017 18:40:16 +0100
++
++systemd (233-3) experimental; urgency=medium
++
++ [ Michael Biebl ]
++ * Install D-Bus policy files in /usr
++ * Drop no longer needed maintainer scripts migration code and simplify
++ various version checks
++ * Fix location of installed tests
++ * Override package-name-doesnt-match-sonames lintian warning for libnss-*
++ * Don't ship any symlinks in /etc/systemd/system.
++ Those should be created dynamically via "systemctl enable".
++
++ [ Martin Pitt ]
++ * root-unittests autopkgtest: Skip test-udev.
++ It has its own autopkgtest and needs some special preparation. At some
++ point that should be merged into root-unittests, but let's quickfix this
++ to unbreak upstream CI.
++
++ -- Michael Biebl <biebl@debian.org> Fri, 03 Mar 2017 19:49:44 +0100
++
++systemd (233-2) experimental; urgency=medium
++
++ * test: skip instead of fail if crypto kmods are not available.
++ The Debian buildds have module loading disabled, thus AF_ALG sockets are
++ not available during build. Skip the tests that cover those (khash and
++ id128) instead of failing them in this case.
++ https://github.com/systemd/systemd/issues/5524
++
++ -- Martin Pitt <mpitt@debian.org> Fri, 03 Mar 2017 11:51:25 +0100
++
++systemd (233-1) experimental; urgency=medium
++
++ [ Martin Pitt ]
++ * New upstream release 233:
++ - udev: Remove /run/udev/control on stop to avoid sendsigs to kill
++ udevd. (Closes: #791944)
++ - nspawn: Handle container directory symlinks. (Closes: #805785)
++ - Fix mount units to not become "active" when NFS mounts time out.
++ (Closes: #835810)
++ - hwdb: Rework path/priority comparison when loading files from /etc/
++ vs. /lib. (Closes: #845442)
++ - machinectl: Fix "list" command when failing to determine OS version.
++ (Closes: #849316)
++ - Support tilegx architecture. (Closes: #856306)
++ - systemd-sleep(8): Point out inhibitor interface as better alternative
++ for suspend integration. (Closes: #758279)
++ - journalctl: Improve error message wording when specifying boot
++ offset with ephemeral journal. (Closes: #839291)
++ * Install new systemd-umount and /usr/lib/environment.d/
++ * Use "make install-tests" for shipped unit tests
++ * Switch back to gold linker on mips*
++ Bug #851736 got fixed now.
++ * debian/rules: Drop obsolete SETCAP path
++
++ [ Michael Biebl ]
++ * Drop upstart jobs for udev
++ * Drop /sbin/udevadm compat symlink from udev-udeb and initramfs
++ * Drop Breaks and Replaces from pre-jessie
++
++ -- Martin Pitt <mpitt@debian.org> Thu, 02 Mar 2017 17:10:09 +0100
++
++systemd (232-19) unstable; urgency=medium
++
++ [ Martin Pitt ]
++ * debian/README.source: Update patch and changelog handling to current
++ reality.
++ * root-unittests autopkgtest: Blacklist test-journal-importer.
++ This got added in a recent PR, but running this requires using "make
++ install-tests" which hasn't landed yet.
++ * fsckd: Fix format specifiers on 32 bit architectures.
++ * resolved: Fix NSEC proofs for missing TLDs (Closes: #855479)
++ * boot-and-services autopkgtest: Skip CgroupsTest on unified hierarchy.
++ * boot-smoke autopkgtest: Run in containers, too.
++ * logind autopkgtest: Adjust to work in containers.
++
++ [ Dimitri John Ledkov ]
++ * Fix resolved failing to follow CNAMES for DNS stub replies (LP: #1647031)
++ * Fix emitting change signals with a sessions property in logind
++ (LP: #1661568)
++
++ [ Michael Biebl ]
++ * If an automount unit is masked, don't react to activation anymore.
++ Otherwise we'll hit an assert sooner or later. (Closes: #856035)
++
++ [ Felipe Sateler ]
++ * resolved: add the new KSK to the built-in resolved trust anchor.
++ The old root key will be discarded in early 2018, so get this into
++ stretch.
++ * Backport some zsh completion fixes from upstream (Closes: #847203)
++
++ -- Martin Pitt <mpitt@debian.org> Thu, 02 Mar 2017 09:21:12 +0100
++
++systemd (232-18) unstable; urgency=medium
++
++ * udev autopkgtest: Adjust to script-based test /sys creation.
++ PR #5250 changes from the static sys.tar.xz to creating the test /sys
++ directory with a script. Get along with both cases until 233 gets
++ released and packaged.
++ * systemd-resolved.service.d/resolvconf.conf: Don't fail if resolvconf is
++ not installed. ReadWritePaths= fails by default if the referenced
++ directory does not exist. This happens if resolvconf is not installed, so
++ use '-' to ignore the absence. (Closes: #854814)
++ * Fix two more seccomp issues.
++ * Permit seeing process list of units whose unit files are missing.
++ * Fix systemctl --user enable/disable without $XDG_RUNTIME_DIR being set.
++ (Closes: #855050)
++
++ -- Martin Pitt <mpitt@debian.org> Mon, 13 Feb 2017 17:36:12 +0100
++
++systemd (232-17) unstable; urgency=medium
++
++ * Add libcap2-bin build dependency for tests. This will make
++ test_exec_capabilityboundingset() actually run. (Closes: #854394)
++ * Add iproute2 build dependency for tests. This will make
++ test_exec_privatenetwork() actually run; it skips if "ip" is not present.
++ (Closes: #854396)
++ * autopkgtest: Run all upstream unit tests as root.
++ Ship all upstream unit tests in libsystemd-dev, and run them all as root
++ in autopkgtest. (Closes: #854392) This also fixes the FTBFS on non-seccomp
++ architectures.
++ * systemd-resolved.service.d/resolvconf.conf: Allow writing to
++ /run/resolvconf. Upstream PR #5283 will introduce permission restrictions
++ for systemd-resolved.service, including the lockdown to writing
++ /run/systemd/. This will then cause the resolvconf call in our drop-in to
++ fail as that needs to write to /run/resolvconf/. Add this to
++ ReadWritePaths=. (This is a no-op with the current unrestricted unit).
++
++ -- Martin Pitt <mpitt@debian.org> Fri, 10 Feb 2017 11:52:46 +0100
++
++systemd (232-16) unstable; urgency=medium
++
++ [ Martin Pitt ]
++ * Add autopkgtest for test-seccomp
++ * udev: Fix by-id symlinks for devices whose IDs contain whitespace
++ (Closes: #851164, LP: #1647485)
++ * Add lintian overrides for binary-or-shlib-defines-rpath on shipped test
++ programs. This is apparently a new lintian warning on which uploads get
++ rejected. These are only test programs, not in $PATH, and they need to
++ link against systemd's internal library.
++
++ [ Michael Biebl ]
++ * Fix seccomp filtering. (Closes: #852811)
++ * Do not crash on daemon-reexec when /run is full (Closes: #850074)
++
++ -- Martin Pitt <mpitt@debian.org> Thu, 09 Feb 2017 16:22:43 +0100
++
++systemd (232-15) unstable; urgency=medium
++
++ * Add missing Build-Depends on tzdata.
++ It is required to successfully run the test suite. (Closes: #852883)
++ * Bump systemd Breaks to ensure it is upgraded in lockstep with udev.
++ The sandboxing features used by systemd-udevd.service require systemd
++ (>= 232-11). (Closes: #853078)
++ * Bump priority of libpam-systemd to standard.
++ This reflects the changes that have been made in the archive a while
++ ago. See #803184
++
++ -- Michael Biebl <biebl@debian.org> Wed, 01 Feb 2017 22:45:35 +0100
++
++systemd (232-14) unstable; urgency=medium
++
++ * Deal with NULL pointers more gracefully in unit_free() (Closes: #852202)
++ * Fix issues in journald during startup
++
++ -- Michael Biebl <biebl@debian.org> Mon, 23 Jan 2017 14:52:46 +0100
++
++systemd (232-13) unstable; urgency=medium
++
++ * Re-add versioned Conflicts/Replaces against upstart.
++ In Debian the upstart package was never split into upstart and
++ upstart-sysv, so we need to keep that for switching from upstart to
++ systemd-sysv. (Closes: #852156)
++ * Update Vcs-* according to the latest recommendation
++ * Update Homepage and the URLs in debian/copyright to use https
++
++ -- Michael Biebl <biebl@debian.org> Sun, 22 Jan 2017 08:19:28 +0100
++
++systemd (232-12) unstable; urgency=medium
++
++ * Fix build if seccomp support is disabled
++ * Enable seccomp support on ppc64
++
++ -- Michael Biebl <biebl@debian.org> Wed, 18 Jan 2017 19:43:51 +0100
++
++systemd (232-11) unstable; urgency=medium
++
++ [ Martin Pitt ]
++ * Fix RestrictAddressFamilies=
++ Backport upstream fix for setting up seccomp filters to fix
++ RestrictAddressFamilies= on non-amd64 architectures. Drop the hack from
++ debian/rules to remove this property from unit files.
++ See #843160
++ * Use local machine-id for running tests during package build.
++ Since "init" and thus "systemd" are not part of debootstrap any more,
++ some buildd chroots don't have an /etc/machine-id any more. Port the old
++ Add-env-variable-for-machine-ID-path.patch to the current code, use a
++ local machine-id again, and always make test suite failures fatal.
++ (Closes: #851445)
++
++ [ Michael Biebl ]
++ * gpt-auto-generator: support LUKS encrypted root partitions
++ (Closes: #851475)
++ * Switch to bfd linker on mips*
++ The gold linker is currently producing broken libraries on mips*
++ resulting in segfaults for users of libsystemd. Switch to bfd until
++ binutils has been fixed. (Closes: #851412)
++ * Revert "core: turn on specifier expansion for more unit file settings"
++ The expansion of the % character broke the fstab-generator and
++ specifying the tmpfs size as percentage of physical RAM resulted in the
++ size being set to 4k. (Closes: #851492)
++ * Drop obsolete Conflicts, Breaks and Replaces
++ * Require systemd-shim version which supports v232.
++ See #844785
++
++ [ Ondřej Nový ]
++ * Redirect try-restart in init-functions hook (Closes: #851688)
++
++ -- Michael Biebl <biebl@debian.org> Wed, 18 Jan 2017 12:38:54 +0100
++
++systemd (232-10) unstable; urgency=medium
++
++ * Add NULL sentinel to strjoin.
++ We haven't cherry-picked upstream commit 605405c6c which introduced a
++ strjoin macro that adds the NULL sentinel automatically so we need to do
++ it manually. (Closes: #851210)
++
++ -- Michael Biebl <biebl@debian.org> Fri, 13 Jan 2017 05:08:55 +0100
++
++systemd (232-9) unstable; urgency=medium
++
++ * Use --disable-wheel-group configure switch.
++ Instead of mangling the tmpfiles via sed to remove the wheel group, use
++ the configure switch which was added upstream in v230.
++ See https://github.com/systemd/systemd/issues/2492
++ * Update debian/copyright.
++ Bob Jenkins released the lookup3.[ch] files as public domain which means
++ there is no copyright holder.
++ * Drop fallback for older reportbug versions when attaching files
++ * debian/extra/init-functions.d/40-systemd: Stop checking for init env var.
++ This env variable is no longer set when systemd executes a service so
++ it's pointless to check for it.
++ * debian/extra/init-functions.d/40-systemd: Stop setting
++ _SYSTEMCTL_SKIP_REDIRECT=true.
++ It seems we don't actually need it to detect recursive loops (PPID is
++ sufficient) and by exporting it we leak _SYSTEMCTL_SKIP_REDIRECT into
++ the runtime environment of the service. (Closes: #802018)
++ * debian/extra/init-functions.d/40-systemd: Rename _SYSTEMCTL_SKIP_REDIRECT.
++ Rename _SYSTEMCTL_SKIP_REDIRECT to SYSTEMCTL_SKIP_REDIRECT to be more
++ consistent with other environment variables which are used internally by
++ systemd, like SYSTEMCTL_SKIP_SYSV.
++ * Various specifier resolution fixes.
++ Turn on specifier expansion for more unit file settings.
++ See https://github.com/systemd/systemd/pull/4835 (Closes: #781730)
++
++ -- Michael Biebl <biebl@debian.org> Thu, 12 Jan 2017 16:59:22 +0100
++
++systemd (232-8) unstable; urgency=medium
++
++ [ Martin Pitt ]
++ * Drop systemd dependency from libnss-myhostname again.
++ This NSS module is completely independent from systemd, unlike the other
++ three.
++ * Install 71-seat.rules into the initrd.
++ This helps plymouth to detect applicable devices. (Closes: #756109)
++ * networkd: Fix crash when setting routes.
++ * resolved: Drop removal of resolvconf entry on stop.
++ This leads to timeouts on shutdown via the resolvconf hooks and does not
++ actually help much -- /etc/resolv.conf would then just be empty instead of
++ having a nonexisting 127.0.0.53 nameserver, so manually stopping resolved
++ in a running system is broken either way. (LP: #1648068)
++ * Keep RestrictAddressFamilies on amd64.
++ This option and libseccomp currently work on amd64 at least, so let's make
++ sure it does not break there as well, and benefit from the additional
++ protection at least on this architecture.
++ * Explicitly set D-Bus policy dir.
++ This is about to change upstream in
++ https://github.com/systemd/systemd/pull/4892, but as explained in commit
++ 2edb1e16fb12f4 we need to keep the policies in /etc/ until stretch+1.
++
++ [ Michael Biebl ]
++ * doc: Clarify NoNewPrivileges in systemd.exec(5). (Closes: #756604)
++ * core: Rework logic to determine when we decide to add automatic deps for
++ mounts. This adds a concept of "extrinsic" mounts. If mounts are
++ extrinsic we consider them managed by something else and do not add
++ automatic ordering against umount.target, local-fs.target,
++ remote-fs.target. (Closes: #818978)
++ * rules: Add persistent links for nbd devices. (Closes: #837999)
++
++ -- Michael Biebl <biebl@debian.org> Sat, 17 Dec 2016 01:54:18 +0100
++
++systemd (232-7) unstable; urgency=medium
++
++ [ Michael Biebl ]
++ * Mark liblz4-tool build dependency as <!nocheck>
++ * udev: Try mount -n -o move first
++ initramfs-tools is not actually using util-linux mount (yet), so making
++ mount -n --move the first alternative would trigger an error message if
++ users have built their initramfs without busybox support.
++
++ [ Alexander Kurtz ]
++ * debian/extra/kernel-install.d/85-initrd.install: Remove an unnecessary
++ variable. (Closes: #845977)
++
++ [ Martin Pitt ]
++ * Drop systemd-networkd's "After=dbus.service" ordering, so that it can
++ start during early boot (for cloud-init.service). It will auto-connect to
++ D-Bus once it becomes available later, and transient (from DHCP) hostname
++ and timezone setting do not currently work anyway. (LP: #1636912)
++ * Run hwdb/parse_hwdb.py during package build.
++ * Package libnss-systemd
++ * Make libnss-* depend on the same systemd package version.
++
++ -- Martin Pitt <mpitt@debian.org> Wed, 30 Nov 2016 14:38:36 +0100
++
++systemd (232-6) unstable; urgency=medium
++
++ * Add policykit-1 test dependency for networkd-test.py.
++ * debian/rules: Don't destroy unit symlinks with sed -i.
++ Commit 21711e74 introduced a "sed -i" to remove RestrictAddressFamilies=
++ from units. This also caused unit symlinks to get turned into real files,
++ causing D-Bus activated services like timedated to fail ("two units with
++ the same D-Bus name").
++ * Fall back to "mount -o move" in udev initramfs script
++ klibc's mount does not understand --move, so for the time being we need to
++ support both variants. (Closes: #845161)
++ * debian/README.Debian: Document how to generate a shutdown log.
++ Thanks 積丹尼 Dan Jacobson. (Closes: #826297)
++
++ -- Martin Pitt <mpitt@debian.org> Mon, 21 Nov 2016 10:39:57 +0100
++
++systemd (232-5) unstable; urgency=medium
++
++ * Add missing liblz4-tool build dependency.
++ Fixes test-compress failure during package build.
++ * systemd: Ship /var/lib.
++ This will soon contain a polkit pkla file.
++
++ -- Martin Pitt <mpitt@debian.org> Sun, 20 Nov 2016 12:22:52 +0100
++
++systemd (232-4) unstable; urgency=medium
++
++ [ Martin Pitt ]
++ * debian/tests/unit-config: Query pkg-config for system unit dir.
++ This fixes confusion on merged-/usr systems where both /usr/lib/systemd and
++ /lib/systemd exist. It's actually useful to verify that systemd.pc says the
++ truth.
++ * debian/tests/upstream: Fix clobbering of merged-/usr symlinks
++ * debian/tests/systemd-fsckd: Create /etc/default/grub.d if necessary
++ * debian/rules: Drop check for linking to libs in /usr.
++ This was just an approximation, as booting without an initrd could still be
++ broken by library updates (e. g. #828991). With merged /usr now being the
++ default this is now completely moot.
++ * Move kernel-install initrd script to a later prefix.
++ 60- does not leave much room for scripts that want to run before initrd
++ building (which is usually one of the latest things to do), so bump to 85.
++ Thanks to Sjoerd Simons for the suggestion.
++ * Disable 99-default.link instead of the udev rule for disabling persistent
++ interface names.
++ Disabling 80-net-setup-link.rules will also cause ID_NET_DRIVER to not be
++ set any more, which breaks 80-container-ve.network and matching on driver
++ name in general. So disable the actual default link policy instead. Still
++ keep testing for 80-net-setup-link.rules in the upgrade fix and
++ 73-usb-net-by-mac.rules to keep the desired behaviour on systems which
++ already disabled ifnames via that udev rule.
++ See https://lists.freedesktop.org/archives/systemd-devel/2016-November/037805.html
++ * debian/tests/boot-and-services: Always run seccomp test
++ seccomp is now available on all architectures on which Debian and Ubuntu
++ run tests, so stop making this test silently skip if seccomp is disabled.
++ * Bump libseccomp build dependency as per configure.ac.
++ * Replace "Drop RestrictAddressFamilies=" patch with sed call.
++ With that it will also apply to upstream builds/CI, and it is structurally
++ simpler.
++ * Rebuild against libseccomp with fixed shlibs. (Closes: #844497)
++
++ [ Michael Biebl ]
++ * fstab-generator: add x-systemd.mount-timeout option. (Closes: #843989)
++ * build-sys: do not install ctrl-alt-del.target symlink twice.
++ (Closes: #844039)
++ * Enable lz4 support.
++ While the compression rate is not as good as XZ, it is much faster, so a
++ better default for the journal and especially systemd-coredump.
++ (Closes: #832010)
++
++ [ Felipe Sateler ]
++ * Enable machines.target by default. (Closes: #806787)
++
++ [ Evgeny Vereshchagin ]
++ * debian/tests/upstream: Print all journal files.
++ We don't print all journal files. This is misleading a bit:
++ https://github.com/systemd/systemd/pull/4331#issuecomment-252830790
++ https://github.com/systemd/systemd/pull/4395#discussion_r87948836
++
++ [ Luca Boccassi ]
++ * Use mount --move in initramfs-tools udev script.
++ Due to recent changes in busybox and initramfs-tools the mount
++ utility is no longer the one from busybox but from util-linux.
++ The latter does not support mount -o move.
++ The former supports both -o move and --move, so use it instead to be
++ compatible with both.
++ See this discussion for more details:
++ https://bugs.debian.org/823856 (Closes: #844775)
++
++ -- Michael Biebl <biebl@debian.org> Sun, 20 Nov 2016 03:34:58 +0100
++
++systemd (232-3) unstable; urgency=medium
++
++ [ Felipe Sateler ]
++ * Make systemd-delta less confused on merged-usr systems. (Closes: #843070)
++ * Fix wrong paths for /bin/mount when compiled on merged-usr system.
++ Then the build system finds /usr/bin/mount which won't exist on a
++ split-/usr system. Set the paths explicitly in debian/rules and drop
++ Use-different-default-paths-for-various-binaries.patch. (Closes: #843433)
++
++ [ Martin Pitt ]
++ * debian/tests/logind: Split out "pid in logind session" test
++ * debian/tests/logind: Adjust "in logind session" test for unified cgroup
++ hierarchy
++ * debian/tests/boot-and-services: Check common properties of CLI programs.
++ Verify that CLI programs have a sane behaviour and exit code when being
++ called with --help, --version, or an invalid option.
++ * nspawn: Fix exit code for --help and --version (Closes: #843544)
++ * core: Revert using the unified hierarchy for the systemd cgroup.
++ Too many things don't get along with it yet, like docker, LXC, or runc.
++ (Closes: #843509)
++
++ -- Martin Pitt <mpitt@debian.org> Wed, 09 Nov 2016 09:34:45 +0100
++
++systemd (232-2) unstable; urgency=medium
++
++ * Drop RestrictAddressFamilies from service files.
++ RestrictAddressFamilies= is broken on 32bit architectures and causes
++ various services to fail with a timeout, including
++ systemd-udevd.service.
++ While this might actually be a libseccomp issue, remove this option for
++ now until a proper solution is found. (Closes: #843160)
++
++ -- Michael Biebl <biebl@debian.org> Sat, 05 Nov 2016 22:43:27 +0100
++
++systemd (232-1) unstable; urgency=medium
++
++ [ Martin Pitt ]
++ * New upstream release 232:
++ - Fix "systemctl start" when ReadWriteDirectories is a symlink
++ (Closes: ##792187)
++ - Fix "journalctl --setup-keys" output (Closes: #839097)
++ - Run run sysctl service if /proc/sys/net is writable, for containers
++ (Closes: #840529)
++ - resolved: Add d.f.ip6.arpa to the DNSSEC default negative trust anchors
++ (Closes: #834453)
++ * debian/tests/logind: Copy the current on-disk unit instead of the
++ on-memory one.
++ * Build sd-boot on arm64. gnu-efi is available on arm64 now.
++ (Closes: #842617)
++ * Link test-seccomp against seccomp libs to fix FTBFS
++ * debian/rules: Remove nss-systemd (until we package it)
++ * Install new systemd-mount
++
++ [ Michael Biebl ]
++ * Install new journal-upload.conf man pages in systemd-journal-remote
++
++ -- Martin Pitt <mpitt@debian.org> Fri, 04 Nov 2016 07:18:10 +0200
++
++systemd (231-10) unstable; urgency=medium
++
++ [ Martin Pitt ]
++ * systemctl: Add --wait option to wait until started units terminate again.
++ * nss-resolve: return NOTFOUND instead of UNAVAIL on resolution errors.
++ This makes it possible to configure a fallback to "dns" without breaking
++ DNSSEC, with "resolve [!UNAVAIL=return] dns".
++ * libnss-resolve.postinst: Skip dns fallback if resolve is present.
++ Only fall back to "dns" if nss-resolve is not installed (for the
++ architecture of the calling program). Once it is, we never want to fall
++ back to "dns" as that breaks enforcing DNSSEC verification and also
++ pointlessly retries NXDOMAIN failures. (LP: #1624071)
++ * unit: sent change signal before removing the unit if necessary
++ (LP: #1632964)
++ * networkd: Fix assertion crash on adding VTI with IPv6 addresses
++ (LP: #1633274)
++ * debian/tests/upstream: Stop specifying initrd, it is autodetected now.
++ * debian/tests/upstream: Add gcc/libc-dev/make test dependencies,
++ so that the tests can build helper binaries.
++
++ [ Felipe Sateler ]
++ * Explicitly disable installing the upstream-provided PAM configuration.
++ * Register interest in the status of dracut and initramfs-tools in reportbug
++ template
++
++ [ Michael Biebl ]
++ * Stop creating systemd-update-utmp-runlevel.service symlinks manually
++
++ -- Martin Pitt <mpitt@debian.org> Wed, 26 Oct 2016 13:24:37 +0200
++
++systemd (231-9) unstable; urgency=medium
++
++ * pid1: process zero-length notification messages again.
++ Just remove the assertion, the "n" value was not used anyway. This fixes
++ a local DoS due to unprocessed/unclosed fds which got introduced by the
++ previous fix. (Closes: #839171) (LP: #1628687)
++ * pid1: Robustify manager_dispatch_notify_fd()
++ * test/networkd-test.py: Add missing writeConfig() helper function.
++
++ -- Martin Pitt <mpitt@debian.org> Thu, 29 Sep 2016 23:39:24 +0200
++
++systemd (231-8) unstable; urgency=medium
++
++ [ Martin Pitt ]
++ * Replace remaining systemctl --failed with --state=failed
++ "--failed" is deprecated in favor of --state.
++ * debian/shlibs.local.in: More precisely define version of internal shared
++ lib.
++ * debian/tests/upstream: Drop blacklisting
++ These tests now work fine without qemu.
++ * debian/tests/storage: Avoid rmmod scsi_debug (LP: #1626737)
++ * upstream build system: Install libudev, libsystemd, and nss modules to
++ ${rootlibdir}. Drop downstream workaround from debian/rules.
++ * Ubuntu: Disable resolved's DNSSEC for the final 16.10 release.
++ Resolved's DNSSEC support is still not mature enough, and upstream
++ recommends to disable it in stable distro releases still.
++ * Fix abort/DoS on zero-length notify message triggers (LP: #1628687)
++ * resolved: don't query domain-limited DNS servers for other domains
++ (LP: #1588230)
++
++ [ Antonio Ospite ]
++ * Update systemd-user pam config to require pam_limits.so.
++ (Closes: #838191)
++
++ -- Martin Pitt <mpitt@debian.org> Thu, 29 Sep 2016 13:40:21 +0200
++
++systemd (231-7) unstable; urgency=medium
++
++ [ Michael Biebl ]
++ * fsckd: Do not exit on idle timeout if there are still clients connected
++ (Closes: #788050, LP: #1547844)
++
++ [ Martin Pitt ]
++ * 73-usb-net-by-mac.rules: Split kernel command line import line.
++ Reportedly this makes the rule actually work on some platforms. Thanks Alp
++ Toker! (LP: #1593379)
++ * debian/tests/boot-smoke: Only run 5 iterations
++ * systemd.postinst: Drop obsolete setcap call for systemd-detect-virt.
++ Drop corresponding libcap2-bin dependency.
++ * debian/tests/systemd-fsckd: Robustify check for "unit was running"
++ (LP: #1624406)
++ * debian/extra/set-cpufreq: Use powersave with intel_pstate.
++ This is what we did on xenial, and apparently powersave is still actually
++ better than performance. Thanks to Doug Smythies for the measurements!
++ (LP: #1579278)
++ * Ubuntu: Move ondemand.service from static to runtime enablement.
++ This makes it easier to keep performance, by disabling ondemand.service.
++ Side issue in LP: #1579278
++ * Revert "networkd: remove route if carrier is lost"
++ This causes networkd to drop addresses from unmanaged interfaces in some
++ cases. (Closes: #837759)
++ * debian/tests/storage: Avoid stderr output of stopping systemd-cryptsetup@.service
++ * libnss-*.prerm: Remove possible [key=value] options from NSS modules as well.
++ (LP: #1625584)
++
++ -- Martin Pitt <mpitt@debian.org> Tue, 20 Sep 2016 15:03:06 +0200
++
++systemd (231-6) unstable; urgency=medium
++
++ [ Martin Pitt ]
++ * Add alternative iptables-dev build dependencies
++ libiptc-dev is very new and not yet present in stable Debian/Ubuntu releases.
++ Add it as a fallback build dependency for backports and upstream tests.
++ * Detect if seccomp is enabled but seccomp filtering is disabled
++ (Closes: #832713)
++ * resolved: recognize DNS names with more than one trailing dot as invalid
++ (LP: #1600000)
++ * debian/tests/smoke: Store udev db dump artifact on failure
++ * networkd: limit the number of routes to the kernel limit
++ * systemctl: consider service running only when it is in active or reloading state
++ * networkd: remove route if carrier is lost
++ * Add Ref()/Unref() bus calls for units
++
++ [ Felipe Sateler ]
++ * git-cherry-pick: always recreate the patch-queue branch.
++
++ [ Dimitri John Ledkov ]
++ * Use idiomatic variables from dpkg include.
++
++ -- Martin Pitt <mpitt@debian.org> Sun, 11 Sep 2016 15:00:55 +0200
++
++systemd (231-5) unstable; urgency=medium
++
++ [ Iain Lane ]
++ * Let graphical-session-pre.target be manually started (LP: #1615341)
++
++ [ Felipe Sateler ]
++ * Add basic version of git-cherry-pick
++ * Replace Revert-units-add-a-basic-SystemCallFilter-3471.patch with upstream
++ patch
++ * sysv-generator: better error reporting. (Closes: #830257)
++
++ [ Martin Pitt ]
++ * 73-usb-net-by-mac.rules: Test for disabling 80-net-setup-link.rules more
++ efficiently. Stop calling readlink at all and just test if
++ /etc/udev/rules.d/80-net-setup-link.rules exists -- a common way to
++ disable an udev rule is to just "touch" it in /etc/udev/rule.d/ (i. e.
++ empty file), and if the rule is customized we cannot really predict anyway
++ if the user wants MAC-based USB net names or not. (LP: #1615021)
++ * Ship kernel-install (Closes: #744301)
++ * Add debian/extra/kernel-install.d/60-initrd.install.
++ This kernel-install drop-in copies the initrd of the selected kernel to
++ the EFI partition.
++ * bootctl: Automatically detect ESP partition.
++ This makes bootctl work with Debian's /boot/efi/ mountpoint without having
++ to explicitly specify --path.
++ Patches cherry-picked from upstream master.
++ * systemd.NEWS: Point out that alternatively rcS scripts can be moved to
++ rc[2-5]. Thanks to Petter Reinholdtsen for the suggestion!
++
++ [ Michael Biebl ]
++ * Enable iptables support (Closes: #787480)
++ * Revert "logind: really handle *KeyIgnoreInhibited options in logind.conf"
++ The special 'key handling' inhibitors should always work regardless of
++ any *IgnoreInhibited settings – otherwise they're nearly useless.
++ Update man pages to clarify that *KeyIgnoreInhibited only apply to a
++ subset of locks (Closes: #834148)
++
++ -- Martin Pitt <mpitt@debian.org> Fri, 26 Aug 2016 10:58:07 +0200
++
++systemd (231-4) unstable; urgency=medium
++
++ * Revert "pid1: reconnect to the console before being re-executed"
++ This unbreaks consoles after "daemon-reexec". (Closes: #834367)
++
++ -- Martin Pitt <mpitt@debian.org> Thu, 18 Aug 2016 07:03:13 +0200
++
++systemd (231-3) unstable; urgency=medium
++
++ * resolved resolvconf integration: Run resolvconf without privilege
++ restrictions. On some architectures (at least ppc64el), running resolvconf
++ does not work with MemoryDenyWriteExecute=yes. (LP: #1609740)
++ * Revert unit usage of MemoryDenyWriteExecute=yes. This is implemented
++ through seccomp as well. (Closes: #832713)
++
++ -- Martin Pitt <mpitt@debian.org> Mon, 15 Aug 2016 09:58:09 +0200
++
++systemd (231-2) unstable; urgency=medium
++
++ [ Martin Pitt ]
++ * debian/rules: Fix UPSTREAM_VERSION for upstream master builds
++ * Limit "link against /usr" check to some critical binaries only and add
++ generators
++ * debian/rules: Put back cleanup of *.busname (Closes: #833487)
++ * debian/tests/localed-x11-keymap: Robustify cleanup
++ * debian/tests/localed-x11-keymap: Check that localed works without
++ /etc/default/keyboard. This reproduces #833849.
++ * Revert "units: add a basic SystemCallFilter (#3471)"
++ This causes fatal failures on kernels that don't have seccomp enabled.
++ This can be reactivated once
++ https://github.com/systemd/systemd/issues/3882 is fixed.
++ (Closes: #832713, #832893)
++
++ [ Simon McVittie ]
++ * localed: tolerate absence of /etc/default/keyboard.
++ The debian-specific patch to read Debian config files was not tolerating
++ the absence of /etc/default/keyboard. This causes systemd-localed to
++ fail to start on systems where that file isn't populated (like embedded
++ systems without keyboards). (Closes: #833849)
++
++ -- Martin Pitt <mpitt@debian.org> Sun, 14 Aug 2016 10:54:57 +0200
++
++systemd (231-1) unstable; urgency=low
++
++ [ Martin Pitt ]
++ * New upstream release 231:
++ - Fix "Failed to create directory /str/sys/fs/selinux: Read-only file
++ system" warning. (Closes: #830693)
++ * systemd.postinst: Remove systemd-networkd-resolvconf-update.path removal
++ leftover. (Closes: #830778)
++ * Drop support for rcS.d SysV init scripts.
++ These are prone to cause dependency loops, and almost all packages with
++ rcS scripts now ship a native systemd service.
++ * networkd: Handle router advertisements in userspace again.
++ Drop Revert-Revert-networkd-ndisc-revert-to-letting-the-k.patch.
++ Bug #814566/#815586 got fixed in 230, and #815884 and #815884 and #815793
++ are unreproducible and need more reporter feedback.
++ * debian/gbp.conf: Enable dch options "full" and "multimaint-merge"
++ * systemd-sysv: Add Conflicts: systemd-shim.
++ To avoid shim trying to claim the D-Bus interfaces.
++ * Add graphical-session.target user unit.
++ * Add graphical-session-pre.target user unit
++ * Add debian/extra/units-ubuntu/user@.service.d/timeout.conf.
++ This avoids long hangs during shutdown if user services fail/hang due to
++ X.org going away too early. This is mostly a workaround, so only install
++ for Ubuntu for now.
++ * Dynamically add upstream version to debian/shlibs.local
++ * Set Debian/Ubuntu downstream support URL in journal catalogs
++ (Closes: #769187)
++
++ [ Michael Biebl ]
++ * Restrict Conflicts: openrc to << 0.20.4-2.1.
++ Newer versions of openrc no longer ship conflicting implementations of
++ update-rc.d/invoke-rc.d.
++ * Add Depends: dbus to systemd-container.
++ This is required for systemd-machined and systemd-nspawn to work
++ properly. (Closes: #830575)
++ * Drop insserv.conf generator.
++ We no longer parse /etc/insserv.conf and /etc/insserv.conf.d/* and
++ augment services with that dependency information via runtime drop-in
++ files. Services which want to provide certain system facilities need to
++ pull in the corresponding targets themselves. Either directly in the
++ native service unit or by shipping a drop-in snippet for SysV init
++ scripts. (Closes: #825858)
++ * getty-static.service: Only start if we have a working VC subsystem.
++ Use ConditionPathExists=/dev/tty0, the same check as in getty@.service,
++ to determine whether we have a functional VC subsystem and we should
++ start any gettys. (Closes: #824779)
++ * Stop mentioning snapshot and restore in the package description.
++ Support for the .snapshot unit type has been removed upstream.
++ * Drop sigpwr-container-shutdown.service.
++ This is no longer necessary as lxc-stop has been fixed to use SIGRTMIN+3
++ to shut down systemd based LXC containers.
++ https://github.com/lxc/lxc/pull/1086
++ https://www.freedesktop.org/wiki/Software/systemd/ContainerInterface/
++
++ [ Felipe Sateler ]
++ * Add versioned breaks for packages shipping rcS init scripts
++
++ -- Martin Pitt <mpitt@debian.org> Tue, 26 Jul 2016 12:17:14 +0200
++
++systemd (230-7) unstable; urgency=medium
++
++ * Tell dh_shlibdeps to look in the systemd package for libraries. Otherwise
++ dpkg-shlibdeps fails to find libsystemd-shared as we no longer create a
++ shlibs file for it.
++ * Add Build-Depends-Package to libudev1.symbols and libsystemd0.symbols.
++ This ensures proper dependencies when a package has a Build-Depends on a
++ higher version of libudev-dev or libsystemd-dev then what it gets from the
++ used symbols.
++
++ -- Michael Biebl <biebl@debian.org> Fri, 08 Jul 2016 13:04:33 +0200
++
++systemd (230-6) unstable; urgency=medium
++
++ [ Martin Pitt ]
++ * debian/tests/boot-smoke: Stop running in containers again, too unreliable
++ on Ubuntu s390x right now.
++
++ [ Michael Biebl ]
++ * Bump Build-Depends on debhelper to (>= 9.20160114), required for
++ --dbgsym-migration support.
++ * Install test-udev binary into $libdir/udev/ not $libdir. Only libraries
++ should be installed directly into $libdir.
++ * Exclude libsystemd-shared from dh_makeshlibs.
++
++ [ Felipe Sateler ]
++ * Do not install libsystemd-shared.so symlink
++ * {machine,system}ctl: always pass &changes and &n_changes (Closes: #830144)
++
++ [ Michael Prokop ]
++ * debian/tests/logind: Ensure correct version of logind is running.
++
++ -- Michael Biebl <biebl@debian.org> Thu, 07 Jul 2016 15:22:16 +0200
++
++systemd (230-5) unstable; urgency=medium
++
++ [ Martin Pitt ]
++ * Sync test/networkd-test.py with current upstream master, and remove our
++ debian/tests/networkd copy. Directly run test/networkd-test.py in
++ autopkgtest.
++ * debian/extra/rules/73-usb-net-by-mac.rules: Disable when
++ /etc/udev/rules.d/80-net-setup-link.rules is a symlink to /dev/null, to be
++ consistent with the documented way to disable ifnames. (Closes: #824491,
++ LP: #1593379)
++ * debian/rules: Ignore libcap-ng.so in the "does anything link against /usr"
++ check, to work around libaudit1 recently gaining a new dependency against
++ that library (#828991). We have no influence on that ourselves. This fixes
++ the FTBFS in the meantime.
++
++ [ Felipe Sateler ]
++ * Convert common code into a private shared library. This saves about 9 MB
++ of installed size in the systemd package, and some more in systemd-*.
++
++ -- Martin Pitt <mpitt@debian.org> Fri, 01 Jul 2016 09:15:12 +0200
++
++systemd (230-4) unstable; urgency=medium
++
++ [ Martin Pitt ]
++ * tmp.mount: Add nosuid and nodev mount options. This restores compatibility
++ with the original SysV int RAMTMP defaults. (Closes: #826377)
++ * debian/tests/upstream: Some tests fail on platforms without QEMU at the
++ moment due to upstream PR#3587; blacklist these for now if QEMU is not
++ available.
++ * debian/rules: Don't run the "anything links against /usr" check for
++ upstream tests, as those run on Ubuntu 16.04 LTS which does not yet have
++ libidn moved to /lib.
++ * debian/tests/upstream: Clean up old journals before running a test, to
++ avoid printing a wrong one on failure.
++ * debian/tests/upstream: Do not run the QEMU tests on i386. Nested QEMU on
++ i386 causes testbed hangs on Ubuntu's cloud infrastructure, which is the
++ only place where these actually run.
++ * resolved: Fix SERVFAIL handling and introduce a new "Cache=" option to
++ disable local caching.
++ * resolved: Support IPv6 zone indices in resolv.conf. (LP: #1587489)
++ * resolved: Update resolv.conf when calling SetLinkDNS().
++ * debian/tests/storage: Sync and settle udev after luksFormat, to reduce the
++ chance of seeing some half-written signatures.
++ * debian/tests/networkd: Stop skipping the two DHCP6 tests, this regression
++ seems to have been fixed now.
++ * resolved: respond to local resolver requests on 127.0.0.53:53. This
++ provides compatibility with clients that don't use NSS but do DNS queries
++ directly, such as Chrome.
++ * resolved: Don't add route-only domains to /etc/resolv.conf.
++ * systemd-resolve: Add --flush-caches and --status commands.
++ * Add debian/extra/units/systemd-resolved.service.d/resolvconf.conf to tell
++ resolvconf about resolved's builtin DNS server on 127.0.0.53. With that,
++ DNS servers picked up via networkd are respected when using resolvconf,
++ and software like Chrome that does not do NSS (libnss-resolve) still gets
++ proper DNS resolution. Drop the brittle and ugly
++ systemd-networkd-resolvconf-update.{path,service} hack instead.
++ * debian/tests/boot-smoke: Run in containers as well.
++
++ [ Laurent Bigonville ]
++ * Build with IDN support. (Closes: #814528)
++
++ -- Martin Pitt <mpitt@debian.org> Wed, 29 Jun 2016 15:23:32 +0200
++
++systemd (230-3) unstable; urgency=medium
++
++ [ Martin Pitt ]
++ * debian/tests/boot-and-services: Adjust test_tmp_mount() for fixed
++ systemctl exit code for "unit not found" in upstream commit ca473d57.
++ * debian/tests/boot-and-services, test_no_failed(): Show journal of failed
++ units.
++ * debian/extra/init-functions.d/40-systemd: Adjust to changed systemctl
++ show behaviour in 231: now this fails for nonexisting units instead of
++ succeeding with "not-found". Make the code compatible to both for now.
++ * Fix networkd integration with resolvconf for domain-limited DNS servers,
++ so that these don't appear as global nameservers in resolv.conf. Thanks
++ Andy Whitcroft for the initial fix! Add corresponding test case to
++ debian/tests/networkd. (LP: #1587762)
++ * resolved: Fix comments in resolve.conf for search domain overflows.
++ (LP: #1588229)
++ * On Ubuntu, provide an "ondemand.service" that replaces
++ /etc/init.d/ondemand. The latter does not exist any more when
++ "initscripts" falls out of the default installation. (LP: #1584124) This
++ now does not do a fixed one-minute wait but uses "Type=idle" instead. This
++ also becomes a no-op when the CPU supports "intel_pstate" (≤ 5 years old),
++ as on these the ondemand/powersave schedulers are actually detrimental.
++ (LP: #1579278)
++ * debian/systemd-container.install: Drop *.busname installation, they are
++ going away upstream.
++ * debian/extra/init-functions.d/40-systemd: Do not call systemctl
++ daemon-reload if the script is called as user (like reportbug does). Also
++ make sure that daemon-reload will not invoke polkit.
++ * Install test-udeb from .libs, to avoid installing the automake shell
++ wrapper.
++ * Fix transaction restarting in resolved to avoid async processing of
++ free'd transactions.
++ (Closes: #817210, LP: #1587727, #1587740, #1587762, #1587740)
++ * Add "upstream" autopkgtest that runs the test/TEST* upstream integration
++ tests in QEMU and nspawn.
++ * Build systemd-sysusers binary, for using in rkt. Do not ship the
++ corresponding unit and sysusers.d/ files yet, as these need some
++ Debianization and an autopkgtest. (Closes: #823322)
++ * debian/tests/systemd-fsckd: Adjust was_running() to also work for version
++ 230.
++
++ [ Michael Biebl ]
++ * Add "systemctl daemon-reload" to lsb init-functions hook if the LoadState
++ of a service is "not-found". This will run systemd-sysv-generator, so SysV
++ init scripts that aren't installed by the package manager should be picked
++ up automatically. (Closes: #825913)
++ * automount: handle expire_tokens when the mount unit changes its state.
++ (Closes: #826512)
++ * debian/systemd.preinst: Correctly determine whether a service is enabled.
++ Testing for the return code alone is not sufficient as we need to
++ differentiate between "generated" and "enabled" services.
++ (Closes: #825981)
++
++ [ Felipe Sateler ]
++ * Drop configure option --disable-compat-libs. It no longer exists.
++ * Add policykit-1 to Suggests. It is used to allow unprivileged users to
++ execute certain commands. (Closes: #827756)
++
++ -- Martin Pitt <mpitt@debian.org> Tue, 21 Jun 2016 23:51:07 +0200
++
++systemd (230-2) unstable; urgency=medium
++
++ [ Martin Pitt ]
++ * Don't add a Breaks: against usb-modeswitch when building on Ubuntu; there
++ it does not use hotplug.functions and is a lower version.
++ * boot-and-services autopkgtest: Add missing xserver-xorg and
++ lightdm-greeter test dependencies, so that lightdm can start.
++ (See LP #1581106)
++ * Re-disable logind's KillUserProcesses option by default. (Closes: #825394)
++
++ [ Michael Biebl ]
++ * Drop --disable-silent-rules from debian/rules. This is now handled by dh
++ directly depending on whether the DH_QUIET environment variable is set.
++
++ -- Martin Pitt <mpitt@debian.org> Tue, 31 May 2016 12:02:14 +0200
++
++systemd (230-1) unstable; urgency=medium
++
++ [ Martin Pitt ]
++ * New upstream release 230.
++ - Fix rare assertion failure in hashmaps. (Closes: #816612)
++ - Fix leaking scope units. (Closes: #805477)
++ - Fix wrong socket ownership after daemon-reload. (LP: #1577001)
++ - udev: Fix touch screen detection. (LP: #1530384)
++ * Drop cmdline-upstart-boot autopkgtest. It was still needed up to Ubuntu
++ 16.04 LTS, but upstart-sysv is not supported any more in Debian and Ubuntu
++ now.
++ * udev: Drop hotplug.functions, now that the last remaining user of this got
++ fixed. Add appropriate versioned Breaks:.
++ * debian/extra/rules/70-debian-uaccess.rules: Add some more FIDO u2f devices
++ from different vendors. Thanks Atoyama Tokanawa.
++ * Remove "bootchart" autopkgtest, this upstream version does not ship
++ bootchart any more. It will be packaged separately.
++
++ [ Michael Biebl ]
++ * Drop obsolete --disable-bootchart configure switch from udeb build.
++ * Remove obsolete /etc/systemd/bootchart.conf conffile on upgrades.
++
++ -- Martin Pitt <mpitt@debian.org> Mon, 23 May 2016 09:42:51 +0200
++
++systemd (229-6) unstable; urgency=medium
++
++ * systemd-container: Prefer renamed "btrfs-progs" package name over
++ "btrfs-tools". (Closes: #822629)
++ * systemd-container: Recommend libnss-mymachines. (Closes: #822615)
++ * Drop systemd-dbg, in favor of debhelpers' automatic -dbgsym packages.
++ * Drop Add-targets-for-compatibility-with-Debian-insserv-sy.patch; we don't
++ need $x-display-manager any more as most/all DMs ship native services, and
++ $mail-transport-agent is not widely used (not even by our default MTA
++ exim4).
++ * Unify our two patches for Debian specific configuration files.
++ * Drop udev-re-enable-mount-propagation-for-udevd.patch, i. e. run udevd in
++ its own slave mount name space again. laptop-mode-tools 1.68 fixed the
++ original bug (#762018), thus add a Breaks: to earlier versions.
++ * Ship fbdev-blacklist.conf in /lib/modprobe.d/ instead of /etc/modprobe.d/;
++ remove the conffile on upgrades.
++ * Replace util-Add-hidden-suffixes-for-ucf.patch with patch that got
++ committed upstream.
++ * Replace Stop-syslog.socket-when-entering-emergency-mode.patch with patch
++ that got committed upstream.
++ * debian/udev.README.Debian: Adjust documentation of MAC based naming for
++ USB network cards to the udev rule, where this was moved to in 229-5.
++ * debian/extra/init-functions.d/40-systemd: Invoke status command with
++ --no-pager, to avoid blocking scripts that call an init.d script with
++ "status" with an unexpected pager process. (Closes: #765175, LP: #1576409)
++ * Add debian/extra/rules/70-debian-uaccess.rules: Make FIDO U2F dongles
++ accessible to the user session. This avoids having to install libu2f-host0
++ (which isn't discoverable at all) to make those devices work.
++ (LP: #1387908)
++ * libnss-resolve: Enable systemd-resolved.service on package installation,
++ as this package makes little sense without resolved.
++ * Add a DHCP exit hook for pushing received NTP servers into timesyncd.
++ (LP: #1578663)
++ * debian/udev.postinst: Fix migration check from the old persistent-net
++ generator to not apply to chroots. (Closes: #813141)
++ * Revert "enable TasksMax= for all services by default, and set it to 512".
++ Introducing a default limit on number of threads broke a lot of software
++ which regularly needs more, such as MySQL and RabbitMQ, or services that
++ spawn off an indefinite number of subtasks that are not in a scope, like
++ LXC or cron. 512 is way too much for most "simple" services, and it's way
++ too little for the ones mentioned above. Effective (and much stricter)
++ limits should instead be put into units individually.
++ (Closes: #823530, LP: #1578080)
++ * Split out udev rule to name USB network interfaces by MAC address into
++ 73-usb-net-by-mac.rules, so that it's easier to disable. (Closes: #824025)
++ * 73-usb-net-by-mac.rules: Disable when net.ifnames=0 is specified on the
++ kernel command line, to be consistent with disabling the *.link files.
++ * 73-special-net-names.rule: Name the IBM integrated management module
++ virtual USB network card "ibmimm". Thanks Marco d'Itri!
++
++ -- Martin Pitt <mpitt@debian.org> Thu, 12 May 2016 09:40:19 +0200
++
++systemd (229-5) unstable; urgency=medium
++
++ * debian/tests/unit-config: Call "daemon-reload" to clean up generated units
++ in between tests.
++ * debian/tests/unit-config: Check that enable/disable commands are
++ idempotent.
++ * debian/tests/unit-config: Detect if system units are in /usr/, so that the
++ test works on systems with merged /usr.
++ * debian/tests/unit-config: Use systemd-sysv-install instead of update-rc.d
++ directly, so that the test works under Fedora too.
++ * debian/tests/unit-config: Check disabling of a "systemctl link"ed unit,
++ and check "systemctl enable" on a unit with full path which is not in the
++ standard directories.
++ * Rename debian/extra/rules/73-idrac.rules to 73-special-net-names.rules, as
++ it is going to get rules for other devices. Also install it into the
++ initramfs.
++ * debian/extra/rules/73-special-net-names.rules: Add DEVPATH number based
++ naming schema for ibmveth devices. (LP: #1561096)
++ * Don't set SYSTEMD_READY=0 on DM_UDEV_DISABLE_OTHER_RULES_FLAG=1 devmapper
++ devices with "change" events, as this causes spurious unmounting with
++ multipath devices. (LP: #1565969)
++ * Fix bogus "No [Install] section" warning when enabling a unit with full
++ path. (LP: #1563590)
++ * debian/tests/cmdline-upstart-boot: In test_rsyslog(), check for messages
++ from dbus instead of NetworkManager. NM 1.2 does not seem to log to syslog
++ by default any more.
++ * Bump Standards-Version to 3.9.8 (no changes necessary).
++ * debian/tests/boot-smoke: Add some extra debugging if there are pending
++ jobs after 10s, to figure out why lightdm is sometimes "restarting".
++ (for LP #1571673)
++ * debian/tests/boot-smoke: Configure dummy X.org driver (like in the
++ boot-and-services test), to avoid lightdm randomly fail. (LP: #1571673)
++ * Move Debian specific patches into debian/patches/debian (which translates
++ to "Gbp-Pq: Topic debian" with pq). This keeps upstream vs. Debian
++ patches separated without the comments in debian/patches/series (which
++ always get removed by "pq export").
++ * Don't ship an empty /etc/X11/xinit/xinitrc.d/ directory, this isn't
++ supported in Debian. (Closes: #822198)
++ * udev: Mark nbd as inactive until connected. (Closes: #812485)
++ * On shutdown, unmount /tmp before disabling swap. (Closes: #788303)
++ * debian/systemd-coredump.postinst: Do daemon-reload before starting
++ systemd-coredump, as the unit file may have changed on upgrades.
++ (Closes: #820325)
++ * Set MAC based name for USB network interfaces only for universally
++ administered (i. e. stable) MACs, not for locally administered (i. e.
++ randomly generated) ones. Drop /lib/systemd/network/90-mac-for-usb.link
++ (as link files don't currently support globs for MACAddress=) and replace
++ with an udev rule in /lib/udev/rules.d/73-special-net-names.rules.
++ (Closes: #812575, LP: #1574483)
++
++ -- Martin Pitt <mpitt@debian.org> Mon, 25 Apr 2016 11:08:11 +0200
++
++systemd (229-4) unstable; urgency=medium
++
++ * Fix assertion crash when processing a (broken) device without a sysfs
++ path. (Closes: #819290, LP: #1560695)
++ * Fix crash when shutdown is issued from a non-tty. (LP: #1553040)
++ * networkd: Stay running while any non-loopback interface is up.
++ (Closes: #819414)
++ * Fix reading uint32 D-Bus properties on big-endian.
++ * Fix crash if an udev device has many tags or devlinks. (LP: #1564976)
++ * systemctl, loginctl, etc.: Don't start polkit agent when running as root.
++ (LP: #1565617)
++ * keymap: Add Add HP ZBook (LP: #1535219) and HP ProBook 440 G3.
++ * systemd.resource-control.5: Fix links to cgroup documentation on
++ kernel.org. (Closes: #819970)
++ * Install test-udev into libudev-dev, so that we have it available for
++ autopkgtests.
++ * Add "udev" autopkgtest for running the upstream test/udev-test.pl.
++
++ -- Martin Pitt <mpitt@debian.org> Thu, 07 Apr 2016 08:11:10 +0200
++
++systemd (229-3) unstable; urgency=medium
++
++ [ Martin Pitt ]
++ * debian/tests/timedated: Add tests for "timedatectl set-local-rtc".
++ * Be more tolerant in parsing /etc/adjtime.
++ * debian/systemd.postinst: Don't fail package installation if systemctl
++ daemon-reload trigger fails. This does not fix the root cause of the
++ reload failures, but at least causes fewer packages to be in a broken
++ state after upgrade, so that a reboot or apt-get -f install have a much
++ higher chance in succeeding. (For bugs like LP #1502097 or LP #1447654)
++ * debian/tests/networkd: Skip test_hogplug_dhcp_ip6 when running against
++ upstream as well.
++ * debian/tests/boot-and-services: Wait for units to stop with a "systemctl
++ is-active" loop instead of static sleeps.
++ * debian/tests/networkd: Skip DHCPv6 tests for downstream packages too. This
++ is an actual regression in networkd-229, to be investigated. But this
++ shouldn't hold up reverse dependencies.
++ * Fix assertion in add_random(). (LP: #1554861)
++ * debian/tests/boot-and-services: Don't assert on "Stopped Container c1"
++ message in NspawnTests.test_service(), this is sometimes not present. Just
++ check that the unit did not fail.
++ * Add "adduser" dependency to systemd-coredump, to quiesce lintian.
++ * Bump Standards-Version to 3.9.7 (no changes necessary).
++ * Fix timespec parsing by correctly initializing microseconds.
++ (Closes: #818698, LP: #1559038)
++ * networkd: Add fallback if FIONREAD is not supported. (Closes: #818488)
++ * Cherry-pick various fixes from upstream master.
++ - Fixes logout when changing the current target. (Closes: #805442)
++
++ [ Evgeny Vereshchagin ]
++ * debian/tests/boot-and-services: Search systemd-coredump's output by
++ SYSLOG_IDENTIFIER.
++ * Add missing "Recommends: btrfs-tools" to systemd-container.
++ * Add systemd-coredump postinst/prerm to start/stop systemd-coredump.socket
++ without a reboot. (Closes: #816767)
++
++ [ Felipe Sateler ]
++ * Set the paths of loadkeys and setfont via configure arguments, not a patch
++
++ -- Martin Pitt <mpitt@debian.org> Mon, 21 Mar 2016 14:11:44 +0100
++
++systemd (229-2) unstable; urgency=medium
++
++ * time-util: map ALARM clockids to non-ALARM clockids in now(), to work on
++ architectures which don't support CLOCK_BOOTTIME_ALARM. Fixes FTBFS on
++ many architectures.
++ * debian/systemd.postinst: Add missing newline to /etc/adjtime migration.
++ (See #699554)
++ * debian/systemd.postinst: Only try to enable tmp.mount if we actually
++ copied it to /etc. Don't try to enable a generated unit. (LP: #1545707)
++ * debian/tests/boot-and-services: Increase timeouts of test_bash_crash from
++ 5 to 10 seconds, and sync the journal after every iteration.
++ * debian/extra/checkout-upstream: Try again after one minute if git checkout
++ fails, to avoid failures from transient network errors.
++ * debian/tests/systemd-fsckd: Use grub.d/50-cloudimg-settings.cfg as a
++ template for generating our custom one instead of 90-autopkgtest.cfg. The
++ latter does not exist on non-x86 architectures and is not relevant for
++ this test.
++ * debian/tests/boot-and-services: Skip journal test for test_bash_crash when
++ running against upstream, as this currently fails most of the time. To be
++ investigated.
++ * debian/tests/networkd: Skip test_coldplug_dhcp_ip6 when running against
++ upstream, as this is brittle there. To be investigated.
++ * debian/tests/bootchart: Skip test if bootchart is not available or
++ testing in upstream mode. bootchart got removed from master and will be
++ moved to a separate repository.
++ * debian/tests/boot-and-services: Show verbose journal output on failure in
++ nspawn test, and sync journal before.
++ * Move systemd-coredump socket and service into systemd-coredump binary
++ package.
++ * Revert changing the default core dump ulimit and core_pattern. This
++ completely breaks core dumps without systemd-coredump. It's also
++ contradicting core(8). (Closes: #815020)
++ * Fix addresses for type "sit" tunnels. (Closes: #816132)
++ * networkd: Go back to letting the kernel handle IPv6 router advertisements,
++ as networkd's own currently has too many regressions. Thanks to Stefan
++ Lippers-Hollmann for investigating this! (Closes: #814566,
++ #814667, #815586, #815884, #815793)
++
++ -- Martin Pitt <mpitt@debian.org> Sun, 28 Feb 2016 22:16:12 +0100
++
++systemd (229-1) unstable; urgency=medium
++
++ * New upstream release 229.
++ - Fix systemctl behaviour in chroots. (Closes: #802780)
++ - Fix SELinux context of /run/user/$UID. (Closes: #775651)
++ - Add option to optionally turn of color output. (Closes: #783692)
++ - Don't git-ignore src/journal-remote/browse.html. (Closes: #805514)
++ - Do not warn about Wants depencencies on masked units. (LP: #1543282)
++ * debian/systemd.install: Ship the new systemd-resolve.
++ * libsystemd0.symbols: Add new symbols from this release.
++ * systemd-coredump.postinst: Create systemd-coredump system user.
++ * debian/tests/systemd-fsckd: Tame overly strict test for failed plymouth
++ unit, which is a race condition with plymouthd auto-stopping.
++ (LP: #1543144)
++ * Drop timedated-don-t-rely-on-usr-being-mounted-in-the-ini.patch.
++ initramfs-tools has mounted /usr since Jessie, and tzdata now creates
++ /etc/localtime as a symlink too (see #803144).
++ * Use-different-default-paths-for-various-binaries.patch: Drop path changes
++ for setcap (which is already a build dep and not used at all) and sulogin
++ (which is now in util-linux).
++ * Remove obsolete udev maintainer script checks:
++ - Drop check for kernel >= 2.6.32, which released in 2009.
++ - Drop restarting of some daemons due to the devtmpfs migration, which
++ happened before the above kernel even.
++ - Drop support for forcing upgrades on kernels known not to work via
++ /etc/udev/kernel-upgrade. Don't pretend that this would help, as users
++ could end up with a non-bootable system. Always fail early in preinst
++ when it's still possible to install a working kernel.
++ - Drop postinst test for "running in containers" -- it's actually possible
++ to run udev in containers if you mount /sys r/w and you know what you
++ are doing. Also, the init.d script and systemd service do that check
++ again.
++ - Keep the kernel feature and chroot checks, as these are still useful.
++ Simplify check_kernel_features() by eliminating some variables.
++ - Drop debconf templates. Two of them are obsolete, and having
++ CONFIG_SYSFS_DEPRECATED is now so implausible that this doesn't warrant
++ the overhead and translator efforts.
++ * Drop debian/tests/ifupdown-hotplug. The units moved into ifupdown, so the
++ test should go there too (see #814312).
++ * debian/tests/control: Reorder tests and add a comment which ones should
++ not be run for an upstream build.
++ * debian/tests/control: Rearrange tests and avoid removing test dependencies
++ to minimize testbed resets.
++ * Add debian/extra/checkout-upstream: Script to replace the current
++ source with a checkout of an upstream pull request, branch, or commit,
++ and remove debian/patches/. Call from debian/rules if $TEST_UPSTREAM is
++ set. This will be used for upstream CI.
++ * Enable seccomp support on powerpc, ppc64el, and s390x.
++
++ -- Martin Pitt <mpitt@debian.org> Thu, 11 Feb 2016 21:02:39 +0100
++
++systemd (228-6) unstable; urgency=medium
++
++ * Make-run-lock-tmpfs-an-API-fs.patch: Drop /run/lock from
++ tmpfiles.d/legacy.conf to avoid the latter clobbering the permissions of
++ /run/lock. Fixes fallout from cleanup in -5 that resulted /run/lock to
++ have 0755 permissions instead of 1777. (LP: #1541775)
++
++ -- Martin Pitt <mpitt@debian.org> Thu, 04 Feb 2016 11:46:54 +0100
++
++systemd (228-5) unstable; urgency=medium
++
++ [ Martin Pitt ]
++ * Drop systemd-vconsole-setup.service: It has never been installed/used in
++ Debian and is not necessary for Ubuntu any more.
++ * Drop halt-local.service. This has never been documented/used in Debian.
++ (LP: #1532553)
++ * debian/extra/initramfs-tools/scripts/init-bottom/udev: Prefer "nuke"
++ again, it comes from klibc-utils. But fall back to "rm" if it does not
++ exist.
++ * systemd-timesyncd.service.d/disable-with-time-daemon.conf: Also don't run
++ if /usr/sbin/VBoxService exists, as virtualbox-guest-utils already
++ provides time synchronization with the host. (Closes: #812522)
++ * Drop Michael Stapelberg from Uploaders:, he stopped maintenance long ago.
++ Thanks Michael for your great work in the past!
++ * Replace "sysv-rc" dependency with Conflicts: openrc, file-rc. The
++ rationale from #739679 still applies, but with the moving of
++ {invoke,update}-rc.d to init-system-helpers we don't actually need
++ anything from sysv-rc any more other than the assumption that SysV init
++ scripts are enabled in /etc/rc?.d/ for the SysV generator to work (and
++ file-rc and openrc don't do that).
++ * debian/tests/timedated: Verify /etc/localtime symlink. Skip verifying the
++ /etc/timezone file (which is Debian specific) if $TEST_UPSTREAM is set.
++ * debian/tests/localed-locale: Check /etc/locale.conf if $TEST_UPSTREAM is
++ set.
++ * debian/tests/localed-x11-keymap: Test /etc/X11/xorg.conf.d/00-keyboard.conf
++ if $TEST_UPSTREAM is set.
++ * debian/tests/boot-and-services: Check for reaching graphical.target
++ instead of default.target, as the latter is a session systemd state only.
++ * debian/tests/boot-and-services: Skip tests which are known to fail/not
++ applicable with testing upstream builds.
++ * Drop Fix-up-tmpfiles.d-permissions-properly.patch:
++ - /run/lock is already created differently by
++ Make-run-lock-tmpfs-an-API-fs.patch, and contradicts to that.
++ - /run/lock/lockdev/ isn't being used anywhere and got dropped
++ upstream; backport the patch (tmpfiles-drop-run-lock-lockdev.patch).
++ - Move dropping of "group:wheel" (which has never existed in Debian) into
++ debian/rules, to also catch occurrences in other parts of the file which
++ the static patch would overlook.
++ * Shorten persistent identifier for CCW network interfaces (on s390x only).
++ (LP: #1526808)
++ * debian/rules: If $TEST_UPSTREAM is set (when building/testing upstream
++ master instead of distro packages), don't fail on non-installed new files
++ or new library symbols.
++ * Add systemd-sysv conflict to upstart-sysv, and version the upstart
++ conflict. This works with both Debian's and Ubuntu's upstart packages.
++
++ [ Michael Biebl ]
++ * Drop support for the /etc/udev/disabled flag file. This was a workaround
++ for udev failing to install with debootstrap because it didn't use
++ invoke-rc.d and therefor was not compliant with policy-rc.d. See #520742
++ for further details. This is no longer the case, so supporting that file
++ only leads to confusion about its purpose.
++ * Retrigger cleanup of org.freedesktop.machine1.conf and
++ hwclock-save.service now that dpkg has been fixed to correctly pass the
++ old version to postinst on upgrade. (Closes: #802545)
++ * Only ship *.link files as part of the udev package. The *.network files
++ are solely used by systemd-networkd and should therefor be shipped by the
++ systemd package. (Closes: #808237)
++ * Cherry-pick a few fixes from upstream:
++ - Fix unaligned access in initialize_srand(). (Closes: #812928)
++ - Don't run kmod-static-nodes.service if module list is empty. This
++ requires kmod v23. (Closes: #810367)
++ - Fix typo in systemctl(1). (Closes: #807462)
++ - Fix systemd-nspawn --link-journal=host to not fail if the directory
++ already exists. (Closes: #808222)
++ - Fix a typo in logind-dbus.c. The polkit action is named
++ org.freedesktop.login1.power-off, not org.freedesktop.login1.poweroff.
++ - Don't log an EIO error in gpt-auto-generator if blkid finds something
++ which is not a partition table. (Closes: #765586)
++ - Apply ACLs to /var/log/journal and also set them explicitly for
++ system.journal.
++ * Only skip the filesystem check for /usr if the /run/initramfs/fsck-usr
++ flag file exists. Otherwise we break booting with dracut which uses
++ systemd inside the initramfs. (Closes: #810748)
++ * Update the instructions in README.Debian for creating /var/log/journal.
++ They are now in line with the documentation in the systemd-journald(8) man
++ page and ensure that ACLs and group permissions are properly set.
++ (Closes: #800947, #805617)
++ * Drop "systemctl daemon-reload" from lsb init-functions hook. This is no
++ longer necessary as invoke-rc.d and init-system-helpers take care of this
++ nowadays.
++
++ -- Martin Pitt <mpitt@debian.org> Wed, 03 Feb 2016 10:09:46 +0100
++
++systemd (228-4) unstable; urgency=medium
++
++ * debian/udev.README.Debian: Add alternative way of disabling ifnames.
++ (Closes: #809339)
++ * Put back /lib/udev/hotplug.functions, until the three remaining packages
++ that use it stop doing so. (Closes: #810114)
++ * debian/udev.README.Debian: Point out that any change to interface naming
++ rules requires an initrd update.
++
++ -- Martin Pitt <mpitt@debian.org> Mon, 11 Jan 2016 07:12:40 +0100
++
++systemd (228-3) unstable; urgency=medium
++
++ [ Martin Pitt ]
++ * debian/rules: Remove temporary debug output from test failures again. All
++ Debian buildd kernels are recent enough now, but add a check for kernels
++ older than 3.13 and ignore test failures for those.
++ * debian/tests/networkd: Factor out dnsmasq specific test "router" setup, so
++ that we can test against other implementations.
++ * debian/tests/networkd: Add router setup using an (isolated) networkd
++ process for configuring the veths and DHCP server.
++ * debian/tests/networkd: On failure, only show journal for current test.
++ * systemd-networkd-resolvconf-update.service: Wait for getting a name
++ server, not just for getting online.
++ * debian/tests/boot-and-services: Wait until bash crash stack trace is in
++ the journal before asserting on it. Also relax RE to work on non-x86
++ architectures.
++ * debian/tests/networkd: If /etc/resolv.conf already has three nameservers,
++ accept that too (as then the additional test one can't be added any more).
++ * Fix FTBFS on x32. Thanks Helmut Grohne! (Closes: #805910)
++ * debian/tests/networkd: For IPv6 tests, also wait for IPv4 address to
++ arrive; s-n-wait-online already exits after getting an IPv6 address, but
++ we verify both.
++ * debian/tests/boot-and-services: Don't check for "Requesting system
++ poweroff" log message in nspawn test, current upstream master does not
++ write that any more. Instead check for "Stopped Container c1".
++ * Add "storage" autopkgtest. Initially this covers some basic use cases with
++ LUKS cryptsetup devices.
++ * Add acl build dependency (for <!nocheck>). Current upstream master now
++ needs it for some test cases.
++ * debian/extra/initramfs-tools/scripts/init-bottom/udev: Use "rm -rf"
++ instead of "nuke". The latter does not exist any more in current
++ initramfs-tools.
++ * Ignore test failures during "make check" if /etc/machine-id is missing
++ (like in ancient local schroots). (Closes: #807884)
++ * debian/extra/rules/80-debian-compat.rules: Remember which device got the
++ "cdrw", "dvd", or "dvdrw" symlink to avoid changing links on device
++ events. (Closes: #774080). Drop the rule for the "cdrom" symlink as that
++ is already created in 60-cdrom_id.rules.
++ * Eliminate "hotplug.functions" udev helper and put the logging functions
++ directly into net.agent. This simplifies the migration of the latter to
++ ifupdown.
++ * Adjust manpages to keep /usr/lib/systemd/{user*,boot,ntp-units.d,modules*}
++ paths, only keep /lib/systemd/{system*,network}. (Closes: #808997)
++ * debian/udev.README.Debian: Fix typo and slight wording improvement.
++ (Closes: #809513)
++ * Drop net.agent, 80-networking.rules, and ifup@.service. These moved to
++ ifupdown 0.8.5 now. Add Breaks: to earlier versions.
++
++ [ Michael Biebl ]
++ * Bump Build-Depends on libdw-dev to (>= 0.158) as per configure.ac.
++ (Closes: #805631)
++ * Make sure all swap units are ordered before the swap target. This avoids
++ that swap devices are being stopped prematurely during shutdown.
++ (Closes: #805133)
++ * Drop unneeded /etc/X11/xinit/xinitrc.d/50-systemd-user.sh from the package
++ and clean up the conffile on upgrades. We have the dbus-user-session
++ package in Debian to properly enable the D-Bus user-session mode which
++ also takes care of updating the systemd --user environment.
++ (Closes: #795761)
++ * Stop testing for unknown arguments in udev maintainer scripts.
++ * Drop networking.service.d/systemd.conf. The ifupdown package now ships a
++ proper service file so this drop-in file is no longer necessary.
++
++ [ Andreas Henriksson ]
++ * Fix LSB init hook to not reload masked services. (Closes: #804882)
++
++ -- Martin Pitt <mpitt@debian.org> Sat, 02 Jan 2016 17:42:56 +0100
++
++systemd (228-2) unstable; urgency=medium
++
++ * Remove wrong endianness conversion in test-siphash24 to fix FTBFS on
++ big-endian machines.
++ * Bump libseccomp-dev build dependency to indicate required versions for
++ backporting to jessie. (Closes: #805497)
++
++ -- Martin Pitt <mpitt@debian.org> Thu, 19 Nov 2015 11:37:45 +0100
++
++systemd (228-1) unstable; urgency=medium
++
++ [ Martin Pitt ]
++ * New upstream release:
++ - Fix journald killing by watchdog. (Closes: #805042)
++ - Drop check for /etc/mtab. (Closes: #802025)
++ - Follow unit file symlinks in /usr, but not /etc when looking for
++ [Install] data, to avoid getting confused by Aliases. (Closes: #719695)
++ - journalctl: introduce short options for --since and --until.
++ (Closes: #801390)
++ - journald: Never accept fds from file systems with mandatory locking.
++ (LP: #1514141)
++ - Put nspawn containers in correct slice. (LP: #1455828)
++ * Cherry-pick some networkd fixes from trunk to fix regressions from 228.
++ * debian/rules: Configure with --as-needed to avoid unnecessary binary
++ dependencies.
++ * systemd-networkd-resolvconf-update.service: Increase StartLimitBurst, as
++ this might be legitimately called several times in quick succession. If
++ that part of the "networkd" autopkgtest fails, show the journal log for
++ that service for easier debugging.
++ * debian/tests/boot-and-services: Add test case for systemd-coredump.
++ * Add systemd-coredump postinst/prerm to enable/disable this without a
++ reboot.
++ * debian/tests/networkd: Check for systemd-networkd-wait-online in /usr as
++ well, for usage in other distros.
++ * debian/tests/logind: Skip suspend test if the kernel does not support
++ suspend.
++ * debian/tests/logind: Split tests into functions.
++ * debian/tests/boot-and-services: Ignore failures of console-setup.service,
++ to work around LP: #1516591.
++ * debian/tests/control: Restrict boot-smoke test to isolation-machine, it
++ does not currently work well in LXC.
++ * debian/tests/networkd: Add new test cases for "DHCP=all, IPv4 only,
++ disabling RA" (which should always be fast), "DHCP=all, IPv4 only" (which
++ will require a longer timeout due to waiting 12s for a potential IPv6 RA
++ reply), and "DHCP=ipv4" (with and without RA).
++ * debian/tests/networkd: Fix UnicodeDecodeError under 'C' locale.
++ * debian/tests/networkd: Show networkctl and journal output on failure.
++ * debian/tests/networkd: Fix bytes vs. string TypeError in the IPv6 polling.
++ (LP: #1516009)
++ * debian/tests/networkd: Show contents of test .network file on failure.
++ * debian/tests/networkd: Skip if networkd is already running (safer when
++ running on real systems), and add copyright header.
++ * Bump util-linux dependencies to >= 2.27.1 to ensure that the mount monitor
++ ignores /etc/mtab.
++
++ [ Felipe Sateler ]
++ * Enable elfutils support for getting stack traces for systemd-coredump.
++ * libnss-my{machines,hostname}.postrm: do not remove entries from
++ nsswitch.conf if there are packages from other architectures remaining.
++
++ [ Michael Biebl ]
++ * Drop systemd-setup-dgram-qlen.service. This has been made obsolete by
++ upstream commit 1985486 which bumps net.unix.max_dgram_qlen to 512 early
++ during boot.
++ * Various cleanups to the udev maintainer scripts:
++ - Remove unused tempdir() function.
++ - Properly stop udev daemon on remove.
++ - Stop killing udev daemon on failed upgrades and drop the corresponding
++ starts from preinst.
++ - Stop masking systemd-udevd.service and udev.service during upgrades. We
++ restart the udev daemon in postinst, so those masks seem unnecessary.
++
++ -- Martin Pitt <mpitt@debian.org> Wed, 18 Nov 2015 16:11:59 +0100
++
++systemd (227-3) unstable; urgency=medium
++
++ [ Martin Pitt ]
++ * debian/tests/logind: Add tests for scheduled shutdown with and without
++ wall message.
++ * Import upstream fix for not unmounting system mounts (#801361) and drop
++ our revert patch.
++ * debian/tests/boot-smoke: Apply check for failed unmounts only to user
++ systemd processes, i. e. not to pid 1.
++ * Drop Fix-usr-remount-failure-for-split-usr.patch. Jessie has a new enough
++ initramfs-tools already, and this was just an error message, not breaking
++ the boot.
++ * Drop debian-fixup.service in favor of using a tmpfiles.d clause, which is
++ faster.
++ * Drop Order-remote-fs.target-after-local-fs.target.patch. It's mostly
++ academic and only applies to the already known-broken situation that rcS
++ init.d scripts depend on $remote_fs.
++ * Replace reversion of sd_pid_notify_with_fds() msg_controllen fix with
++ proper upstream fix to never block on sending messages on NOTIFY_SOCKET
++ socket.
++ * Drop check for missing /etc/machine-id on "make check" failure; this isn't
++ happening on current buildds any more.
++ * Drop Disable-tests-which-fail-on-buildds.patch, to re-evaluate what still
++ fails and needs fixing. On failure, show kernel version and /etc/hosts
++ to be able to debug them better. The next upload will make the necessary
++ adjustments to fix package builds again.
++
++ [ Michael Biebl ]
++ * Drop dependency on udev from the systemd package. We don't need udev
++ within a container, so this allows us to trim down the footprint by not
++ installing the udev package. As the udev package has Priority: important,
++ it is still installed by default though.
++ * Include the status of the udev package when filing a bug report against
++ systemd, and vice versa.
++ * Use filter instead of findstring, since findstring also matches
++ substrings and we only want direct matches.
++ * systemd.bug-script: Fix typo. (Closes: #804512)
++ * Re-add bits which call SELinux in systemd-user pam service.
++ (Closes: #804565)
++
++ [ Felipe Sateler ]
++ * Add libnss-resolve package. (Closes: #798905)
++ * Add systemd-coredump package. This Conflicts/Replaces/Provides a new
++ "core-dump-handler" virtual package. (Closes: #744964)
++
++ -- Martin Pitt <mpitt@debian.org> Wed, 11 Nov 2015 15:04:26 +0100
++
++systemd (227-2) unstable; urgency=medium
++
++ * Revert "sd_pid_notify_with_fds: fix computing msg_controllen", it causes
++ connection errors from various services on boot. (Closes: #801354)
++ * debian/tests/boot-smoke: Check for failed unmounts. This reproduces
++ #801361 (but not in a minimal VM, just in a desktop one).
++ * Revert "core: add a "Requires=" dependency between units and the
++ slices they are located in". This causes user systemd instances to try and
++ unmount system mounts (and succeed if you login as root).
++ (Closes: #801361)
++
++ -- Martin Pitt <mpitt@debian.org> Fri, 09 Oct 2015 12:34:27 +0200
++
++systemd (227-1) unstable; urgency=medium
++
++ * New upstream release.
++ - Bump watchdog timeout for shipped units to 3 min. (Closes: #776460)
++ - gpt-auto-generator: Check fstab for /boot entries. (Closes: #797326)
++ - Fix group of RuntimeDirectory dirs. (Closes: #798391)
++ - Support %i (and other macros) in RuntimeDirectory. (Closes: #799324)
++ - Bump util-linux/libmount-dev dependencies to >= 2.27.
++ * debian/libsystemd0.symbols: Add new symbols for this release.
++ * debian/extra/initramfs-tools/hooks/udev: Copy all
++ /etc/udev/rules.d/*.rules rules which are not merely overriding the one in
++ /lib/, not just 70-persistent-net.rules. They might contain network names
++ or other bits which are relevant for the initramfs. (Closes: #795494)
++ * ifup@.service: Drop PartOf=network.target; we don't want to stop these
++ units during shutdown. Stopping networking.service already shuts down the
++ interfaces, but contains the safeguard for NFS or other network file
++ systems. Isolating emergency.target still keeps working as before as well,
++ as this also stops networking.service. (Closes: #761909, LP: #1492546)
++
++ -- Martin Pitt <mpitt@debian.org> Thu, 08 Oct 2015 11:34:35 +0200
++
++systemd (226-4) unstable; urgency=medium
++
++ * debian/tests/logind: Be more verbose on failures.
++ * Revert networkd calling if-{up,post-down}.d/ scripts. About half of the
++ existing hooks are not relevant or even actively detrimental when running
++ with networkd. For the relevant ones, a lot of them should be fixed in the
++ projects themselves (using IP_FREEBIND etc.). (Closes: #798625)
++ * Add systemd-networkd-resolvconf-update.{path,service} units to send DNS
++ server updates from networkd to resolvconf, if installed and enabled.
++ * Don't restart logind on upgrades any more. This kills X.org (#798097)
++ while logind doesn't save/restore its open fds (issue #1163), and also
++ gets confused about being idle in between (LP: #1473800)
++
++ -- Martin Pitt <mpitt@debian.org> Fri, 02 Oct 2015 13:44:28 +0200
++
++systemd (226-3) unstable; urgency=medium
++
++ [ Martin Pitt ]
++ * README.Debian: Fix "other" typo. Thanks Salvatore Bonaccorso.
++ (Closes: #798737)
++
++ [ Michael Biebl ]
++ * Stop building the compat library packages and drop them for good.
++ * Update debian/copyright.
++
++ -- Michael Biebl <biebl@debian.org> Sat, 19 Sep 2015 19:06:51 +0200
++
++systemd (226-2) unstable; urgency=medium
++
++ * debian/udev.init: Mount /dev file system with nosuid. (LP: #1450960)
++ * udev.postinst: udev 226 introduced predictable interface names for virtio.
++ Create /etc/systemd/network/50-virtio-kernel-names.link on upgrade to
++ disable this, to avoid changing e. g. "eth0" to "ens3" in QEMU instances
++ and similar environments. (Closes: #799034)
++
++ -- Martin Pitt <mpitt@debian.org> Tue, 15 Sep 2015 15:21:09 +0200
++
++systemd (226-1) unstable; urgency=medium
++
++ [ Martin Pitt ]
++ * New upstream release:
++ - Fix scheduled shutdown to not shut down immediately. (Closes: #797763)
++ - Fix description of CPE_NAME in os-release(5). (Closes: #797768)
++ * debian/libsystemd0.symbols: Add new symbols from this release.
++ * Enable libseccomp support for mips64, mips64el, and x32. (Closes: #797403)
++ * debian/tests/networkd: Add hotplug tests.
++ * Make networkd call if-up.d/ scripts when it brings up interfaces, to
++ become compatible with ifupdown and NetworkManager for packages shipping
++ hooks. (LP: #1492129)
++ - Add debian/extra/systemd-networkd-dispatcher.c: suid root wrapper for
++ calling if-up.d/ or if-post-down.d/ hook scripts. Install it as
++ root:systemd-networkd 4754 so that only networkd can run it.
++ - Add networkd-call-systemd-networkd-dispatcher-when-links.patch: Call the
++ above wrapper when links go up/down.
++ - debian/tests/networkd: Verify that if-up.d/ and if-post-down.d/ scripts
++ get run for a networkd managed interface.
++ - Note that if-pre-up.d/ and if-down.d/ scripts are *not* being called, as
++ they are often not applicable for networkd (if-pre-up.d) and unreliable
++ (if-down.d).
++ * Drop udev-finish. We needed this for the autogenerated CD and network
++ interface names, but both are gone now.
++ * Drop debian/udev.udev-fallback-graphics.upstart. The vesafb module has
++ been compiled into the kernel in both Debian and Ubuntu for a fair while,
++ this never had a systemd equivalent, and Debian never shipped the
++ accompanying rules for determining $PRIMARY_DEVICE_FOR_DISPLAY.
++ * debian/control: Remove some boilerplate from the long descriptions, to
++ more easily get to the point what a specific package actually does.
++ * debian/README.Debian: As systemd is the default init now, replace the
++ documentation how to switch to systemd with how to switch back
++ (temporarily or permanently) to SysV init. Also move that paragraph to the
++ bottom as it's now less important.
++ * debian/README.Debian: Add a hint why you may want to enable persistent
++ journal, and suggest to uninstall system-log-daemon to avoid duplicate
++ logging.
++ * debian/README.Debian: Add documentation about networkd integration.
++ * Rename 01-mac-for-usb.link to 90-mac-for-usb.link so that it becomes
++ easier to override.
++ * debian-fixup.service just has one purpose now (make /etc/mtab a symlink),
++ so drop the debian/extra/debian-fixup shell script and put the ln command
++ directly into debian-fixup.service. Update the description.
++ * debian/tests/networkd: Check that /etc/resolv.conf gets the DHCP's
++ nameserver in case it is a symlink (i. e. dynamically managed by
++ systemd-resolved or resolvconf).
++ * systemd-networkd-dispatcher: Also pass on the DNS server list to if-up.d/
++ as $IF_DNS_NAMESERVERS, so that resolvconf or similar programs work as
++ expected.
++ * Drop debian/systemd-journal-remote.postrm: Removing system users is
++ potentially dangerous (there might be a leftover process after purging).
++
++ [ Michael Biebl ]
++ * Drop libsystemd-login-dev. All reverse dependencies have been updated to
++ use libsystemd-dev directly.
++ * Update build instructions to use "gbp clone" instead of "gbp-clone" as all
++ gbp-* commands have been removed from git-buildpackage.
++
++ -- Martin Pitt <mpitt@debian.org> Thu, 10 Sep 2015 16:53:53 +0200
++
++systemd (225-1) unstable; urgency=medium
++
++ [ Martin Pitt ]
++ * New upstream release.
++ - Fixes FTBFS on alpha. (Closes: #792551)
++ - Fixes machined state tracking logic. (Closes: #788269)
++ * Add better fix for "systemctl link/enable" breakage with full paths.
++ (LP: #1480310)
++ * debian/rules: Add missing $(dh_options) in overridden debhelper targets.
++
++ [ Felipe Sateler ]
++ * Move conffile from systemd to systemd-container package (Closes: #797048)
++
++ [ Michael Biebl ]
++ * Drop unnecessary Conflicts/Replaces from systemd-journal-remote.
++ None of the files in this package were previously shipped by systemd.
++ * Create system users for systemd-journal-{gateway,remote,upload} when
++ installing the systemd-journal-remote package.
++ * Explicitly turn off the features we don't want in a stage1 build.
++ Otherwise ./configure might enable them automatically if the build
++ dependencies are installed and "dh_install --fail-missing" will then fail
++ due to uninstalled files.
++ * Enable GnuTLS support as systemd-journal-remote makes sense mostly with
++ encryption enabled.
++ * Rely on build profiles to determine which packages should be skipped
++ during build and no longer specify that manually.
++ * Drop our patch which removes rc-local-generator.
++ rc-local.service acts as an ordering barrier even if its condition is
++ false, because conditions are evaluated when the service is about to be
++ started, not when it is enqueued. We don't want this ordering barrier on
++ systems that don't need/use /etc/rc.local.
++
++ -- Michael Biebl <biebl@debian.org> Sun, 30 Aug 2015 21:18:59 +0200
++
++systemd (224-2) unstable; urgency=medium
++
++ [ Martin Pitt ]
++ * Skip systemd-fsckd autopkgtest if /run/initramfs/fsck-root exists, i. e.
++ the initramfs already ran fsck.
++ * Fix broken ACL in tmpfiles.d/systemd.conf. (Closes: #794645, LP: #1480552)
++ * Add debian/tests/unit-config: Test "systemctl link"; reproduces LP#1480310.
++ * Add a hack to unbreak "systemctl link". (LP: #1480310)
++ * debian/extra/rules-ubuntu/40-hyperv-hotadd.rules: Also apply to Xen, and
++ rename to 40-vm-hotadd.rules.
++ * Fix networkd crash. (Closes: #796358)
++ * debian/rules: Remove all files/empty dirs in systemd which are already
++ shipped by systemd-* or udev, instead of an explicit list.
++ * Bump "mount" dependency to >= 2.26, to ensure "swapon -o" availability.
++ (Closes: #796389)
++ * Install /lib/systemd/network/* into udev instead of systemd, as it's
++ really udev which is evaluating these.
++ * Split out "systemd-container" package with machined and nspawn and enable
++ importd. Add new libbz2-dev, zlib1g-dev, and libcurl-dev build deps.
++ (LP: #1448900)
++ * Move transitional libgcrypt11-dev build dep to libgcrypt20-dev.
++ * debian/rules: Limit check for libraries in /usr to systemd and udev
++ packages, as other packages like systemd-containers can (and do) link to
++ /usr.
++ * Build-depend on dpkg-dev (>= 1.17.14) and bump debhelper version for build
++ profiles support.
++ * Drop "display-managers" autopkgtest, obsolete with dropped
++ default-display-manager-generator.
++ * boot-and-services autopkgtest: Add systemd-container test dependency for
++ the nspawn tests.
++ * Don't enable audit support when building with "stage1" profile, to avoid
++ circular build dep.
++
++ [ Helmut Grohne ]
++ * Improve support for cross-building and bootstrapping.
++
++ [ Michael Biebl ]
++ * Drop default-display-manager-generator. All major desktops now use a
++ display manager which support the new scheme and setup the
++ /etc/systemd/system/display-manager.service symlink correctly.
++ * Add new binary package "systemd-journal-remote" with tools for
++ sending/receiving remote journal logs:
++ systemd-journal-{remote,upload,gatewayd}. (Closes: #742802, LP: #1480952)
++
++ -- Martin Pitt <mpitt@debian.org> Tue, 25 Aug 2015 12:40:35 +0200
++
++systemd (224-1) unstable; urgency=medium
++
++ * New upstream release.
++ * boot-and-services autopkgtest: Ignore thermald. Since 1.4.3-2 it starts by
++ default, but fails in most virtual envs.
++
++ -- Martin Pitt <mpitt@debian.org> Sat, 01 Aug 2015 13:38:57 +0200
++
++systemd (223-2) unstable; urgency=medium
++
++ * Don't enable gnu-efi on ARM. It FTBFSes and cannot really be tested now as
++ there is no available hardware.
++ * debian/extra/initramfs-tools/hooks/udev: Don't fail if
++ /etc/systemd/network/ does not exist. (Closes: #794050)
++
++ -- Martin Pitt <mpitt@debian.org> Thu, 30 Jul 2015 08:25:51 +0200
++
++systemd (223-1) unstable; urgency=medium
++
++ * New upstream release:
++ - Fix systemd-bootchart crash. (Closes: #792403)
++ - Trim list of files in /usr/share/doc/systemd/. (Closes: #791839)
++ - Fix "Invalid argument" failure with some journal files.
++ (Closes: #792090)
++ - tmpfiles: Don't recursively descend into journal directories in /var.
++ (Closes: #791897)
++ - Don't frequently wake up on disabled TimeoutIdleSec=, in particular in
++ automount timers. (LP: #1470845)
++ - tmpfiles: Don't delete lost+found/. (Closes: #788193)
++
++ [ Michael Biebl ]
++ * udev: Remove obsolete rm_conffile/mv_conffile functions from udev.preinst.
++ The udev package is using dpkg-maintscripts-helper now to remove obsolete
++ conffiles.
++ * systemd: Remove obsolete conffile clean up from pre-wheezy.
++ * udev-udeb: Remove scsi_wait_scan hack from the start-udev script as well.
++
++ [ Martin Pitt ]
++ * Enable GNU EFI support and add gnu-efi build dep. This enables/ships the
++ systemd EFI boot loader. (Closes: #787720, LP: #1472283)
++ * networkd autopkgtest: More robust/forceful killing of dnsmasq.
++ * ifup@.service: Drop "oneshot" to run ifup in the background during boot.
++ This avoids blocking network.target on boot with unavailable hotplug
++ interfaces in /etc/network/interfaces. (Closes: #790669, LP: #1425376)
++ * systemd.postinst: Avoid confusing error message about
++ /run/systemd/was-enabled not existing on reconfiguring.
++ * debian/extra/initramfs-tools/hooks/udev: Drop some redundant code.
++ * Fix networkd-wait-online -i to properly wait for the given interfaces
++ only.
++ * Drop debian/extra/base-installer.d/05udev: We use net.ifnames by default
++ now, thus we don't need to copy 70-persistent-*.rules any more.
++ * debian/extra/start-udev: Run d-i's udevd with "notice" log level, just
++ like we did in the initramfs in 219-10.
++ * Fix size explosion of networkd (post-223 patch from trunk).
++
++ [ Julian Wollrath ]
++ * Copy all .link interface naming definitions to initramfs. (Closes: #793374)
++
++ [ Felipe Sateler ]
++ * nss-my*.postinst: configure at the end of the hosts line, not before
++ files. (Closes: #789006)
++
++ -- Martin Pitt <mpitt@debian.org> Thu, 30 Jul 2015 00:02:26 +0200
++
++systemd (222-2) unstable; urgency=medium
++
++ [ Adam Conrad ]
++ * debian/udev-udeb.install: Install new bits for net.ifnames (LP: #1473542)
++ * debian/extra/initramfs-tools/hooks/udev: Do the same for initramfs-tools.
++
++ [ Martin Pitt ]
++ * emergency.service: Wait for plymouth to shut down. Fixes invisible
++ emergency shell with plymouth running endlessly. (LP: #1471258)
++ * Add "networkd" autopkgtest. Covers basic DHCP on IPv4 and IPv4+6 on a veth
++ device.
++
++ [ Michael Biebl ]
++ * Bump package priorities of systemd and systemd-sysv to important to match
++ what has been used in the Debian archive since Jessie.
++ * Drop scsi_wait_scan hack from the udev initramfs-tools script. This Linux
++ kernel module has been broken since 2.6.30 and as a result was removed in
++ 3.5. The Debian Jessie kernel no longer ships this module.
++ (Closes: #752775)
++ * Drop libsystemd-journald-dev and libsystemd-id128-dev. There are no
++ reverse dependencies left and we want to avoid new packages picking up
++ a build dependency on those obsolete transitional packages.
++
++ -- Michael Biebl <biebl@debian.org> Wed, 15 Jul 2015 23:51:15 +0200
++
++systemd (222-1) unstable; urgency=medium
++
++ [ Martin Pitt ]
++ * New upstream release:
++ - Fix reload killing BusName= units. (Closes: #746151)
++ - sysv-generator: detect invalid names and escape them. (Closes: #677075)
++ - Document removal of PIDFile on daemon shutdown. (Closes: #734006)
++ - Drop Revert-rules-fix-tests-for-removable-state.patch, the auto-suspend
++ rules now got dropped entirely.
++ * Add Revert-VT-reuse-patches.patch: Revert a couple of logind VT reuse
++ patches which alternately broke lightdm and gdm.
++ * debian/libsystemd0.symbols: Add new symbols from this release.
++ * Disable test-netlink during package build, fails on some buildds.
++ * udev.postinst: Don't call addgroup with --quiet, so that if the "input"
++ group already exists as a non-system group you get a sensible error
++ message. Some broken tutorials forget the --system option.
++ (Closes: #769948, LP: #1455956)
++ * systemd.postinst: Drop the --quiet from the addgroup calls as well, same
++ reason as above. (Closes: #762275)
++ * udev: Drop doc dir symlinking. It has caused too much trouble and only
++ marginally helps to avoid duplication. Such duplication should be dealt
++ with at the distro, not package level.
++ * debian/rules: Entirely ignore $LD_PRELOAD instead of just libfakeroot in
++ the link check, to also avoid libeatmydata. (Closes: #790546)
++ * boot-and-services, display-managers autopkgtests: Install and configure
++ dummy X.org driver, so that these work in headless machines/VMs.
++ * systemd-fsckd autopkgtest: Stop using/asserting on lightdm, just check
++ that default.target is active. lightdm is prone to fail in test
++ environments, and fiddling with it in two other autopkgtests is
++ sufficient.
++ * debian/watch: Adjust to new upstream release model of only providing the
++ github tag tarballs.
++ * Drop dsl-modem.agent. It hasn't been maintained/tested for many years, few
++ if any people actually use this, and this doesn't belong into udev.
++
++ [ Michael Biebl ]
++ * Stop building the Python 3 bindings. They were split into a separate
++ source package upstream and are now built from src:python-systemd. See
++ http://lists.freedesktop.org/archives/systemd-devel/2015-July/033443.html
++ * Remove obsolete --disable-chkconfig configure option.
++ * Move the man pages for libnss-myhostname, libnss-mymachines and udev.conf
++ from systemd into the correct package. Move the zsh completion file for
++ udevadm into the udev package as well. Add Breaks/Replaces accordingly.
++ (Closes: #790879)
++ * Drop rules which remove pre-generated files before build. The upstream
++ tarball no longer ships any pre-generated files so this is no longer
++ necessary.
++ * Fix cleanup rule for Python byte code files.
++
++ -- Michael Biebl <biebl@debian.org> Wed, 08 Jul 2015 18:56:07 +0200
++
++systemd (221-1) unstable; urgency=medium
++
++ * New upstream release 221:
++ - Fix persistent storage links for Xen devices. (LP: #1467151)
++ - Drop all backported patches and port the others to new upstream release.
++ - debian/rules: Drop workarounds for broken 220 tarball, 221 is fine.
++
++ [ Michael Biebl ]
++ * initramfs hook: Stop installing 55-dm.rules, 64-md-raid.rules,
++ 60-persistent-storage-lvm.rules and 60-persistent-storage-dm.rules.
++ The mdadm, lvm2 and dmsetup package provide their own udev hooks nowadays
++ to make sure their udev rules files are installed into the initramfs.
++ Having the copy rules at two places is confusing and makes debugging
++ harder.
++ * Make it possible to skip building udeb packages via
++ DEB_BUILD_OPTIONS="noudeb". This allows quicker builds for local testing
++ and is benefical for derivatives that don't use d-i.
++ * Install API documentation for libudev and libsystemd in their respective
++ packages. Both libraries use man pages now, so we need to be explicit
++ about what is installed where.
++
++ [ Martin Pitt ]
++ * ifupdown-hotplug autopkgtest: Different cloud/desktop environments have
++ different ways of including /etc/network/interfaces.d/, try to get along
++ wit either and skip the test if interfaces.d/ does not get included at
++ all.
++ * Drop obsolete gtk-doc-tools build dependency, gtkdocize autoreconfig, and
++ ./configure options.
++ * libudev-dev.install: Drop gtk-doc files, not built by upstream any more
++ and replaced with manpages.
++ * libsystemd0.symbols: Add new symbols for this release.
++ * debian/rules: Fix paths in manpages as we don't currently have a merged
++ /usr in Debian but have most systemd things in /lib. This replaces the
++ previous huge and maintenance-intense patch.
++ * Drop Accept-mountall-specific-fstab-options.patch. Replaced with
++ systemd.postinst migration code in Ubuntu.
++ * Revert overly aggressive USB autosuspend udev rules change which broke
++ various USB keyboards. (Closes: #789723)
++ * Have rc-local.service output also go to the console. /etc/rc.local often
++ contains status messages which users expect to see during boot.
++ (LP: #1468102)
++ * debian/rules: Install udev.NEWS into libudev1, to get along with Debian's
++ udev -> libudev1 doc dir symlinking. (Closes: #790042)
++
++ -- Martin Pitt <mpitt@debian.org> Sun, 28 Jun 2015 12:05:36 +0200
++
++systemd (220-7) unstable; urgency=medium
++
++ [ Michael Biebl ]
++ * Enable seccomp support on arm64 as well.
++ * Replace the remainder of Fix-paths-in-man-pages.patch with an upstream
++ provided patch.
++
++ [ Martin Pitt ]
++ * Switch to net.ifnames persistent network interfaces (on new
++ installations/for new hardware), and deprecate the old
++ 75-persistent-net-generator.rules. See the ML discussion for details:
++ https://lists.debian.org/debian-devel/2015/05/msg00170.html
++ https://lists.debian.org/debian-devel/2015/06/msg00018.html
++ - Drop Make-net.ifnames-opt-in-instead-of-opt-out.patch, to use
++ net.ifnames by default.
++ - Revert-udev-network-device-renaming-immediately-give.patch: Adjust
++ patch comment.
++ - Drop 75-persistent-net-generator.rules, write_net_rules helper and
++ rule_generator.functions.
++ - Adjust udev's README.Debian accordingly, and describe the migration.
++ This needs to happen manually as there is no robust way of doing this
++ automatically.
++ - Add udev NEWS file for announcing this change and pointing to udev's
++ README.
++ - udev.postinst: Drop write_interfaces_rules().
++ - udev.postinst: Disable net.ifnames on systems which did not support
++ 75-persistent-net-generator.rules (most importantly, virtualized guests)
++ to avoid changing network interface names on upgrade.
++ - LP: #1454254
++ * fsckd-daemon-for-inter-fsckd-communication.patch: Add fsckd.c to
++ POTFILES.in.
++ * ifupdown-hotplug autopkgtest: Fix config name in interfaces.d/, it must
++ not have a suffix in Debian. Also clean up the file after the test.
++ * net.agent: When running under systemd, run everything in the foreground.
++ This avoids killing the forked child in the middle of its operation under
++ systemd when the parent exits.
++ * Check during build that systemd and systemd-journald don't link against
++ anything in /usr, to prevent bugs like #771652 and #788913 in the future.
++ * Drop Skip-99-systemd.rules-when-not-running-systemd-as-in.patch. The rules
++ mostly just attach tags systemd specific properties which are harmless
++ under other init systems, and systemd-sysctl also works there.
++ * 80-networking.rules: Only call agents for add|remove, as they don't handle
++ other events.
++ * Restore udev watches on block device changes. (Closes: #789060,
++ LP: #1466081)
++
++ -- Martin Pitt <mpitt@debian.org> Wed, 17 Jun 2015 22:48:53 +0200
++
++systemd (220-6) unstable; urgency=medium
++
++ * Enable seccomp support on the architectures that provide libseccomp.
++ (Closes: #760299)
++ * boot-and-services autopkgtest: Add SeccompTest for the above.
++ * boot-and-services autopkgtest: Check that we don't get an unwanted
++ tmp.mount unless /etc/fstab explicitly specifies it.
++ * Bump libcap-dev build dep to the version that provides libcap2-udeb.
++ (Closes: #787542)
++ * Stop installing tmp.mount by default; there are still situations where it
++ becomes active through dependencies from other units, which is surprising,
++ hides existing data in /tmp during runtime, and it isn't safe to have a
++ tmpfs /tmp on every install scenario. (Closes: #783509)
++ - d/rules: Ship tmp.mount in /usr/share/systemd/ instead of
++ /lib/systemd/systemd.
++ - systemd.postinst: When tmp.mount already was enabled, install tmp.mount
++ into /etc and keep it enabled.
++ - systemd.postinst: When enabling tmp.mount because of RAMTMP=yes, copy it
++ from /usr/share.
++ - Drop Don-t-mount-tmp-as-tmpfs-by-default.patch and
++ PrivateTmp-shouldn-t-require-tmpfs.patch, not necessary any more.
++
++ -- Martin Pitt <mpitt@debian.org> Thu, 11 Jun 2015 09:25:49 +0200
++
++systemd (220-5) unstable; urgency=medium
++
++ * debian/README.source: Upstream repository moved to github, adjust
++ cherry-picking instructions accordingly.
++ * debian/control: Replace obsolete Python2 version header with
++ X-Python3-Version.
++ * dracut: Fix path to systemd-fsck. (Closes: #787553)
++ * Ignore test failures during build if /etc/machine-id is missing (which is
++ the case in a few buildd chroots still). (Closes: #787258)
++ * debian/udev.README.Debian: Move network interface hotplug documentation
++ into separate section. Point out that "lo" does not need to be configured
++ in ifupdown under systemd.
++ * debian/udev.README.Debian: Document net.ifnames, and how to write udev
++ rules for custom network names.
++ * Add debian/extra/01-mac-for-usb.link: Use MAC based names for network
++ interfaces which are (directly or indirectly) on USB. Path based names
++ are inadequate for dynamic buses like USB.
++ * Fix another escape parsing regression in Exec*= lines. (Closes: #787256)
++ * Disable EFI support for udeb build.
++ * Refine detection of touch screen devices.
++
++ -- Martin Pitt <mpitt@debian.org> Sun, 07 Jun 2015 16:52:33 +0200
++
++systemd (220-4) unstable; urgency=medium
++
++ [ Martin Pitt ]
++ * debian/extra/initramfs-tools/scripts/init-top/udev: Drop $ROOTDELAY wait.
++ This does not concern udev in particular, but is handled by
++ initramfs-tools itself (scripts/local). The intention of this parameter is
++ not to statically wait for the given time, but wait *up to* that time for
++ the root device to appear.
++ * Add debian/extra/units/rc-local.service.d/wait-online.conf: Make
++ rc-local.service wait for network-online.target (if it gets started). This
++ not specified by LSB, but has been behaving that way in Debian under SysV
++ init and upstart. (LP: #1451797)
++ * Fix parsing of escape characters in Exec*= lines. (Closes: #787256)
++ * Drop path_is_mount_point-handle-false-positive-on-some-fs.patch (it was
++ already not applied in 220-1). This needs to be re-thought and re-done
++ against the current code, and overlayfs in general. On overlayfs this
++ still reports false positives for files that changed in the upperdir, but
++ this does not break systemd-machine-id-commit any more.
++ * Add debian/extra/rules/80-debian-compat.rules, replacing three of our
++ patches. These are independent udev rules to change device permissions and
++ add CD/DVD symlinks for compatibility with earlier Debian releases.
++
++ [ Michael Biebl ]
++ * Bump Depends on util-linux to make sure we have a sulogin implementation
++ which properly cleans up its children when emergency.service is restarted.
++ (Closes: #784238)
++ * Stop using /sbin/udevd and drop the compat symlink.
++ * Remove any vestiges of /dev/.udev/. This directory has been replaced by
++ /run/udev/ since wheezy.
++ * Drop udev migration code from pre-wheezy.
++
++ -- Martin Pitt <mpitt@debian.org> Tue, 02 Jun 2015 08:16:36 +0200
++
++systemd (220-3) unstable; urgency=medium
++
++ * Fix ProtectSystem=yes to actually protect /usr, not /home.
++ (Closes: #787343)
++ * sd-device: fix device_get_properties_strv(). Fixes environment for
++ processes spawned by udev, in particular "allow-hoplug" ifupdown
++ interfaces via ifup@.service. (Closes: #787263)
++ * Ignore test failures on mipsel; the three failures are not reproducible on
++ the porter box (different kernel?). (See #787258)
++ * Add ifupdown-hotplug autopkgtest. Reproduces #787263.
++ * udev: Bring back persistent storage symlinks for bcache. Thanks David
++ Mohr! (Closes: #787367)
++ * sd-device: Fix invalid property strv pointers. This unbreaks the
++ environment of udev callouts.
++
++ -- Martin Pitt <mpitt@debian.org> Mon, 01 Jun 2015 12:58:20 +0200
++
++systemd (220-2) unstable; urgency=low
++
++ * 220-1 was meant to go to experimental, but was accidentally uploaded to
++ unstable. This was planned for next week anyway, just not on a Friday;
++ we don't revert, but keep an RC bug open for a few days to get broader
++ testing. Reupload 220-1 with its changelog actually pointing to unstable
++ and with all versions in the .changes.
++
++ -- Martin Pitt <mpitt@debian.org> Fri, 29 May 2015 18:54:09 +0200
++
++systemd (220-1) unstable; urgency=medium
++
++ [ Martin Pitt ]
++ * New upstream release:
++ - Ship sdio.ids and ids-update.pl in upstream tarball. (Closes: #780650)
++ - Drop non-working "journalctl /dev/sda" example from manpage
++ (Closes: #781604)
++ - man systemd.network: Explain UseDomains a bit more (not used by
++ default). (Closes: #766413)
++ - Ignore comments in /etc/hostname (LP: #1053048)
++ - Drop all backported patches and port the others to new upstream release.
++ * Cherry-pick patch to fix udevd --daemon assertion regression.
++ * Cherry-pick patch to fix udevd worker hang.
++ * systemd.install: systemd.pc moved back into /usr/share/pkgconfig/.
++ * libsystemd0.symbols: Add new symbols from this release.
++ * Drop debian/extra/60-keyboard.hwdb for now. Upstream has a newer version,
++ and it's not nearly as often updated any more as it used to be.
++ * debian/rules: Remove shipped audit_type-to-name.h and
++ keyboard-keys-from-name.gperf and regenerate them during build (bug in
++ upstream 220 tarball).
++ * autopkgtest: Ship/use mock fsck from debian/tests, as it's missing in the
++ 220 tarball.
++ * Add libnss-mymachines binary package. (Closes: #784858)
++ * Add libnss-myhostname binary package, taking over from the very old and
++ unmaintained standalone source package as per its maintainer's request.
++ (Closes: #760514)
++ * Drop buildsys-Don-t-default-to-gold-as-the-linker.patch and set LD in
++ debian/rules on sparc only. This can be dropped entirely once we build
++ GUdev from a separate source.
++ * bootchart autopkgtest: Skip test if /proc/schedstat does not exist, i. e.
++ the kernel is missing CONFIG_SCHEDSTAT. Bootchart requires this.
++ * systemd-fsckd autopkgtest: On Debian plymouth-start stays running, adjust
++ was_running() for that.
++ * systemd-fsckd autopkgtest: In test_systemd_fsck_with_plymouth_failure(),
++ fix plymouthd status check to work under both Debian and Ubuntu.
++ * Replace almost all of Fix-paths-in-man-pages.patch with upstreamed
++ patches. (The remainder is planned to get fixed upstream as well.)
++ * Remove our update-rc.d patches, replace them with upstream patches for
++ /lib/systemd/systemd-sysv-install abstraction, and provide one for
++ update-rc.d. Also implement "is-enabled" command by directly checking for
++ the presence of rcS or rc5 symlinks. (Closes: #760616)
++ * Fix path_is_mount_point for files (regression in 220).
++ * debian/control: Drop obsolete XS-Testsuite:, dpkg adds it automatically.
++ * Use Ubuntu's default NTP server for timesyncd when building on Ubuntu.
++
++ [ Michael Biebl ]
++ * Remove /var/run and /var/lock migration code from debian-fixup. The /run
++ migration was completed in wheezy so this is no longer necessary.
++ * Drop our versioned Depends on initscripts. This was initially added for
++ the /run migration and later to ensure we have a mountnfs hook which
++ doesn't cause a deadlock under systemd. The /run migration was completed
++ in wheezy and jessie ships a fixed mountnfs hook. In addition we now use
++ the ignore-dependencies job mode in our lsb init-functions hook, so it's
++ safe to drop this dependency.
++ * Stop building gudev packages. Upstream has moved the gudev code into a
++ separate repository which is now managed on gnome.org. The gudev packages
++ will be built from src:libgudev from now on. See also
++ http://lists.freedesktop.org/archives/systemd-devel/2015-May/032070.html
++
++ -- Martin Pitt <mpitt@debian.org> Fri, 29 May 2015 10:37:40 +0200
++
++systemd (219-10) experimental; urgency=medium
++
++ * Fix assertion crash with empty Exec*= paths. (LP: #1454173)
++ * Drop Avoid-reload-and-re-start-requests-during-early-boot.patch
++ and Avoid-reloading-services-when-shutting-down.patch: This was fixed more
++ robustly in invoke-rc.d and service now, see #777113.
++ * debian/tests/boot-smoke: Allow 10 seconds for systemd jobs to settle down.
++ * Fix "tentative" state of devices which are not in /dev (mostly in
++ containers), and avoid overzealous cleanup unmounting of mounts from them.
++ (LP: #1444402)
++ * debian/extra/udev-helpers/net.agent: Eliminate cat and most grep calls.
++ * Drop Set-default-polling-interval-on-removable-devices-as.patch; it's long
++ obsolete, CD ejection with the hardware button works properly without it.
++ * Re-enable-journal-forwarding-to-syslog.patch: Update patch description,
++ journal.conf.d/ exists now.
++ * journal: Gracefully handle failure to bind to audit socket, which is known
++ to fail in namespaces (containers) with current kernels. Also
++ conditionalize systemd-journald-audit.socket on CAP_AUDIT_READ.
++ (LP: #1457054)
++ * Put back *.agent scripts and use net.agent in Ubuntu. This fixes escaping
++ of unit names, reduces the delta, and will make it easier to get a common
++ solution for integrating ifup.d/ scripts with networkd.
++ * When booting with "quiet", run the initramfs' udevd with "notice" log
++ level. (LP: #1432171)
++ * Add sigpwr-container-shutdown.service: Power off when receiving SIGPWR in
++ a container. This makes lxc-stop work for systemd containers.
++ (LP: #1457321)
++ * write_net_rules: Escape '{' and '}' characters as well, to make this work
++ with busybox grep. Thanks Faidon Liambotis! (Closes: #765577)
++
++ -- Martin Pitt <mpitt@debian.org> Thu, 21 May 2015 09:43:52 +0200
++
++systemd (219-9) experimental; urgency=medium
++
++ * 75-persistent-net-generator.rules: Fix rules for ibmveth (it's a driver,
++ not a subsystem). (LP: #1437375)
++ * debian/tests/unit-config: Add tests for systemctl enable/disable on a
++ SysV-only unit. Reproduces LP #1447807.
++ * Fix systemctl enable for SysV scripts without a native unit. We must not
++ try and enable the nonexisting unit then. (LP: #1447807)
++ * Drop Add-env-variable-for-machine-ID-path.patch. systemd should always
++ be installed via the essential "init" in buildd schroots now.
++ * debian/README.source: Update git-buildpackage commands for the renames in
++ 0.6.24.
++ * Make apparmor run before networking, to ensure that profiles apply to
++ e. g. dhclient (LP: #1438249):
++ - Rename networking.service.d/network-pre.conf to systemd.conf, and add
++ After=apparmor.service.
++ - ifup@.service: Add After=apparmor.service.
++ - Add Breaks: on apparmor << 2.9.2-1, which dropped its dependency to
++ $remote_fs.
++ * Drop login-don-t-overmount-run-user-UID-on-upgrades.patch and
++ login-don-t-overmount-run-user-UID-on-upgrades.patch, these were only
++ needed for upgrades from wheezy to jessie.
++ * systemd.{pre,post}inst: Clean up obsolete (pre-wheezy/jessie) upgrade
++ fixes.
++ * systemd-fsckd autopkgtest: Stop assuming that
++ /etc/default/grub.d/90-autopkgtest.cfg exists.
++ * systemd-fsckd autopkgtest: Add missing plymouth test dependency.
++ * Drop core-mount-ensure-that-we-parse-proc-self-mountinfo.patch, and bump
++ util-linux dependency to the version which enables
++ --enable-libmount-force-mountinfo.
++
++ -- Martin Pitt <mpitt@debian.org> Wed, 13 May 2015 12:27:21 +0200
++
++systemd (219-8) experimental; urgency=medium
++
++ [ Michael Biebl ]
++ * Skip filesystem check if already done by the initramfs. (Closes: #782522)
++ * Drop hard-coded versioned dependency on libapparmor1. Bump the
++ Build-Depends on libapparmor-dev instead. This ensures a proper versioned
++ dependency via Build-Depends-Package.
++ * Revert "Make apparmor run before networking". This causes dependency
++ cycles while apparmor still depends on $remote_fs.
++ * Cleanup hwclock-save.service symlinks when upgrading from the jessie
++ version.
++
++ [ Martin Pitt ]
++ * cryptsetup: Implement offset and skip options. (Closes: #751707,
++ LP: #953875)
++ * logind autopkgtest: Add test for suspending on lid switch close.
++ This reproduces LP #1444166 (lid switch not working in the first few
++ minutes after boot).
++ * Reduce the initial suspend supression time from 3 minutes to 30 seconds,
++ and make it configurable. (LP: #1444166)
++ * Fix double free crash in "systemctl enable" when calling update-rc.d and
++ the latter fails. (Closes: #764613, LP: #1426588)
++ * hwdb: Fix wireless switch on Dell Latitude (LP: #1441849)
++ * Fix assertion crash when reading a service file with missing ' and
++ trailing space. (LP: #1447243)
++ * ifup@.service: Set IgnoreOnIsolate, so that "systemctl default" does not
++ shut down network interfaces. (Closes: #762953, LP: #1449380).
++ Add PartOf=network.target, so that stopping network.target also stops
++ network interfaces (so that isolating emergency.target and similar work as
++ before).
++ * Revert upstream commit 743970d which immediately SIGKILLs units during
++ shutdown. This leads to problems like bash not being able to write its
++ history, mosh not saving its state, and similar failed cleanup actions.
++ (Closes: #784720, LP: #1448259)
++ * Drop the reversion of "journald: allow restarting journald without losing
++ stream connections", and replace with proper upstream fix for
++ sd_pid_notify_with_fds(). (See Debian #778970, LP #1423811; LP: #1437896)
++
++ -- Martin Pitt <mpitt@debian.org> Wed, 29 Apr 2015 17:13:41 +0200
++
++systemd (219-7) experimental; urgency=medium
++
++ [ Martin Pitt ]
++ * Make systemd-sysv's dependency to systemd unversioned. The package just
++ contains 6 symlinks and thus isn't sensitive at all against version
++ mismatches. This avoids running into circular dependencies when testing
++ local debs.
++ * Revert "udev: Drop hwdb-update dependency" and replace with upstream patch
++ which moves it to systemd-udev-trigger.service.
++ * display-managers autopkgtest: Properly wait until all jobs are finished.
++ * display-managers autopkgtest: Reset failed units between tests, to avoid
++ running into restart limits and for better test isolation.
++ * Enable timesyncd in virtual machines. (Closes: #762343)
++
++ [ Adam Conrad ]
++ * debian/systemd.{triggers,postinst}: Trigger a systemctl daemon-reload
++ when init scripts are installed or removed (Closes: #766429)
++
++ [ Didier Roche ]
++ * Squash all fsckd patches in one (as fsckd and such will be removed
++ soon upstream), containing various fixes from upstream git and refactor
++ the connection flow to upstream's suggestion. Modify the man pages to match
++ those modifications as well. Amongst others, this suppresses "Couldn't
++ connect to plymouth" errors if plymouth is not running.
++ (Closes: #782265, LP: #1429171)
++ * Keep plymouth localized messages in a separate patch for easier updates in
++ the future and refresh to latest upstream.
++ * display-managers autopkgtest: Use ExecStart=sleep instead of the actual
++ lightdm binary, to avoid errors from lightdm startup. Drop the now
++ unnecessary "needs-recommends" to speed up the test.
++
++ -- Martin Pitt <mpitt@debian.org> Fri, 10 Apr 2015 11:08:33 +0200
++
++systemd (219-6) experimental; urgency=medium
++
++ [ Martin Pitt ]
++ * Import patches from v219-stable branch (up to 85a6fab).
++ * boot-and-services autopkgtest: Add missing python3 test dependency.
++ * Make apparmor run before networking, to ensure that profiles apply to
++ e. g. dhclient (LP: #1438249):
++ - Rename networking.service.d/network-pre.conf to systemd.conf, and add
++ After=apparmor.service.
++ - ifup@.service: Add After=apparmor.service.
++ * udev: Drop hwdb-update dependency, which got introduced by the above
++ v219-stable branch. This causes udev and plymouth to start too late and
++ isn't really needed in Debian yet as we don't support stateless systems
++ yet and handle hwdb.bin updates through dpkg triggers. (LP: #1439301)
++
++ [ Didier Roche ]
++ * Fix mount point detection on overlayfs and similar file systems without
++ name_to_handle_at() and st_dev support. (LP: #1411140)
++
++ [ Christian Seiler ]
++ * Make the journald to syslog forwarding more robust by increasing the
++ maximum datagram queue length from 10 to 512. (Closes: #762700)
++
++ [ Marco d'Itri ]
++ * Avoid writing duplicate entries in 70-persistent-net.rules by double
++ checking if the new udev rule has already been written for the given
++ interface. This happens if multiple add events are generated before the
++ write_net_rules script returns and udevd renames the interface.
++ (Closes: #765577)
++
++ -- Martin Pitt <mpitt@debian.org> Thu, 02 Apr 2015 09:14:48 +0200
++
++systemd (219-5) experimental; urgency=medium
++
++ [ Didier Roche ]
++ * Add "systemd-fsckd" autopkgtest. (LP: #1427312)
++ * cmdline-upstart-boot autopkgtest: Update to Ubuntu's upstart-sysv split
++ (test gets skipped on Debian while upstart-sysv does not yet exist there).
++ * Cherry-pick a couple of upstream commits for adding transient state,
++ fixing a race where mounts become available before the device being
++ available.
++ * Ensure PrivateTmp doesn't require tmpfs through tmp.mount, but rather adds
++ an After relationship. (Closes: #779902)
++
++ [ Martin Pitt ]
++ * journald: Suppress expected cases of "Failed to set file attributes"
++ errors. (LP: #1427899)
++ * Add systemd-sysv.postinst: Update grub on first installation, so that the
++ alternative init system boot entries get updated.
++ * debian/tests: Call /tmp/autopkgtest-reboot, to work with autopkgtest >=
++ 3.11.1.
++ * Check for correct architecture identifiers for SuperH. (Closes: #779710)
++ * Fix tmpfiles.d to only apply the first match again (regression in 219).
++ (LP: #1428540)
++ * /lib/lsb/init-functions.d/40-systemd: Don't ignore systemd unit
++ dependencies in "degraded" mode. (LP: #1429734)
++
++ [ Michael Biebl ]
++ * debian/udev.init: Recognize '!' flag with static device lists, to work
++ with kmod 20. (Closes: #780263)
++
++ [ Craig Magina ]
++ * rules-ubuntu/71-power-switch-proliant.rules: Add support for HP ProLiant
++ m400 Server Cartridge soft powerdown on Linux 3.16. (LP: #1428811)
++
++ [ Scott Wakeling ]
++ * Rework package description to be more accurate. (Closes: #740372)
++
++ -- Martin Pitt <mpitt@debian.org> Thu, 26 Mar 2015 16:31:04 +0100
++
++systemd (219-4) experimental; urgency=medium
++
++ * tmpfiles: Avoid creating duplicate ACL entries. Add postinst code to clean
++ them up on upgrade. (Closes: #778656)
++ * bootchart: Fix path to default init. (LP: #1423867)
++ * Add "bootchart" autopkgtest, to spot regressions like the above.
++ * autopkgtests: Factorize out "assert.sh" utility functions, and use them in
++ the tests for useful failure messages.
++ * Downgrade requirement for timedated, hostnamed, localed-locale, and
++ logind autopkgtests from machine to container isolation.
++ * boot-and-services and display-manager autopkgtest: Add systemd-sysv as
++ proper test dependency instead of apt-get installing it. This works now
++ also under Ubuntu 15.04.
++ * boot-and-services autopkgtest: Check cleanup of temporary files during
++ boot. Reproduces #779169.
++ * Clean up /tmp/ directory again. (Closes: #779169, LP: #1424992)
++
++ -- Martin Pitt <mpitt@debian.org> Fri, 27 Feb 2015 07:02:09 +0100
++
++systemd (219-3) experimental; urgency=medium
++
++ * sysv-generator: fix wrong "Overwriting existing symlink" warnings.
++ (Closes: #778700)
++ * Add systemd-fsckd multiplexer and feed its output to plymouth. This
++ provides an aggregate progress report of running file system checks and
++ also allows cancelling them with ^C, in both text mode and Plymouth.
++ (Closes: #775093, #758902; LP: #1316796)
++ * Revert "journald: allow restarting journald without losing stream
++ connections". This was a new feature in 219, but currently causes boot
++ failures due to logind and other services not starting up properly.
++ (Closes: #778970; LP: #1423811)
++ * Add "boot-smoke" autopkgtest: Test 20 successful reboots in a row, and
++ that there are no connection timeouts or stalled jobs. This reproduces the
++ above regression.
++ * debian/tests/localed-locale: Set up locale and keyboard default files on a
++ minimal unconfigured testbed.
++ * Add missing python3 test dependency to cmdline-upstart-boot and
++ display-managers autopkgtests.
++ * debian/tests/boot-and-services: Skip AppArmor test if AppArmor is not
++ enabled.
++ * debian/tests/boot-and-services: Reboot also if lightdm was just installed
++ but isn't running yet.
++
++ -- Martin Pitt <mpitt@debian.org> Mon, 23 Feb 2015 09:52:12 +0100
++
++systemd (219-2) experimental; urgency=medium
++
++ * Fix UTF-16 to UTF-8 conversion on big-endian machines. (Closes: #778654)
++ * Disable new new test-sigbus, it fails on some buildds due to too old
++ kernels. (part of #778654)
++ * debian/README.Debian, debian/systemd.postinst: Drop setfacl call for
++ /var/log/journal, this is now done automatically by tmpfiles.d/systemd.conf.
++ * Drop "acl" dependency, not necessary any more with the above.
++ * debian/tests/boot-and-services: Move to using /var/lib/machines/,
++ /var/lib/containers is deprecated.
++
++ -- Martin Pitt <mpitt@debian.org> Wed, 18 Feb 2015 15:29:42 +0100
++
++systemd (219-1) experimental; urgency=medium
++
++ [ Martin Pitt ]
++ * New upstream release:
++ - Fix spelling mistake in systemd.unit(5). (Closes: #773302)
++ - Fix timeouts with D-Bus, leading to SIGFPE. (Closes: #774012)
++ - Fix load/save of multiple rfkill states. (Closes: #759489)
++ - Non-persistent journal (/run/log/journal) is now readable by group adm.
++ (Closes: #771980)
++ - Read netdev user mount option to correctly order network mounts after
++ network.target. (Closes: #769186)
++ - Fix 60-keyboard.hwdb documentation and whitespace handling.
++ (Closes: #757367)
++ - Fix ThinkPad X1 Carbon 20BT trackpad buttons (LP: #1414930)
++ - Drop all backported patches and port the others to new upstream release.
++ * Bump libblkid-dev build dependency as per upstream configure.ac.
++ * debian/systemd.install: Add new language-fallback-map file.
++ * debian/udev.install: Add new systemd-hwdb tool.
++ * debian/libsystemd0.symbols: Add new symbols from this release.
++ * tmpfiles.d/systemd.conf: Drop "wheel" ACL (that group does not exist in
++ Debian) to make the ACL for "adm" actually work.
++ * debian/rules: Explicitly disable importd for now; it should still mature a
++ bit. Explicitly enable hwdb support.
++ * /lib/lsb/init-functions.d/40-systemd: Call systemctl is-system-running
++ with --quiet. (LP: #1421058)
++ * debian/systemd.postrm: Clean getty@tty1.service and remote-fs.target
++ enablement symlinks on purge. (Closes: #778499)
++ * Move all Debian specific units in the systemd package into
++ debian/extra/units/ and simplify debian/systemd.install.
++ * Enable timesyncd by default. Add a config drop-in to not start if ntp,
++ openntpd, or chrony is installed. (Closes: #755722)
++ * debian/systemd.links: Drop obsolete hwclockfirst.service mask link, this
++ was dropped in wheezy's util-linux already.
++ * debian/udev.postinst: Call systemd-hwdb instead of udevadm hwdb.
++
++ [ Michael Biebl ]
++ * Stop removing firstboot man pages. They are now installed conditionally.
++
++ -- Martin Pitt <mpitt@debian.org> Tue, 17 Feb 2015 15:51:38 +0100
++
++systemd (218-10) experimental; urgency=medium
++
++ * Pull latest keymaps from upstream git. (LP: #1334968, #1409721)
++ * rules: Fix by-path of mmc RPMB partitions and don't blkid them. Avoids
++ kernel buffer I/O errors and timeouts. (LP: #1333140)
++ * Clean up stale mounts when ejecting CD drives with the hardware eject
++ button. (LP: #1168742)
++ * Document systemctl --failed option. (Closes: #767267)
++ * Quiesce confusing and irrelevant "failed to reset devices.list" warning.
++ (LP: #1413193)
++ * When booting with systemd-bootchart, default to run systemd rather than
++ /sbin/init (which might not be systemd). (LP: #1417059)
++ * boot-and-services autopkgtest: Add CgroupsTest to check cgroup
++ creation/cleanup behaviour. This reproduces #777601 and verifies the fix
++ for it.
++
++ -- Martin Pitt <mpitt@debian.org> Fri, 13 Feb 2015 12:25:06 +0100
++
++systemd (218-9) experimental; urgency=medium
++
++ [ Martin Pitt ]
++ * debian/tests/logind: With dropped systemd-logind-launch we don't have a
++ visible /sys/fs/cgroup/systemd/ any more under cgmanager. So adjust the
++ test to check /proc/self/cgroup instead.
++ * Add unit-config autopkgtest to check systemd unit/sysv init enabling and
++ disabling via systemctl. This also reproduces #777613.
++ * systemctl: Always install/enable/disable native units, even if there is a
++ corresponding SysV script and we call update-rc.d; while the latter
++ handles WantedBy=, it does not handle Alias=. (Closes: #777613)
++ * cgroup: Don't trim cgroup trees created by someone else, just the ones
++ that systemd itself created. This avoids cleaning up empty cgroups from
++ e.g. LXC. (Closes: #777601)
++ * Don't parse /etc/mtab for current mounts, but /proc/self/mountinfo. If the
++ former is a file, it's most likely outdated on boot, leading to race
++ conditions and unmounts during boot. (LP: #1419623)
++
++ [ Michael Biebl ]
++ * Explicitly disable the features we don't want to build for those with
++ autodetection. This ensures reliable build results in dirty build
++ environments.
++ * Disable AppArmor support in the udeb build.
++ * core: Don't fail to run services in --user instances if $HOME is missing.
++ (Closes: #759320)
++
++ [ Didier Roche ]
++ * default-display-manager-generator: Avoid unnecessary /dev/null symlink and
++ warning if there is no display-manager.service unit.
++
++ -- Michael Biebl <biebl@debian.org> Thu, 12 Feb 2015 18:45:12 +0100
++
++systemd (218-8) experimental; urgency=medium
++
++ [ Martin Pitt ]
++ * boot-and-services autopkgtest: Ensure that there are no failed units,
++ except possibly systemd-modules-load.service (as that notoriously fails
++ with cruft in /etc/modules).
++ * Revert "input" system group creation in systemd.postinst from 218-7. It's
++ already done in udev.postinst.
++ * ifup@.service: Revert checking for existance of ifupdown config for that
++ interface, net.agent already does that.
++ * Drop Also-redirect-to-update-rc.d-when-not-using-.service.patch; not
++ necessary any more with the current version (mangle_names() already takes
++ care of this).
++ * Merge into Add-support-for-rcS.d-init-scripts-to-the-sysv-gener.patch:
++ - Do-not-order-rcS.d-services-after-local-fs.target-if.patch, as it
++ partially reverts the above, and is just fixing it.
++ - Map-rcS.d-init-script-dependencies-to-their-systemd-.patch as it's just
++ adding some missing functionality for the same purpose.
++ * Merge Run-update-rc.d-defaults-before-update-rc.d-enable-d.patch into
++ Make-systemctl-enable-disable-call-update-rc.d-for-s.patch as the former
++ is fixing the latter and is not an independent change.
++ * Drop Launch-logind-via-a-shell-wrapper.patch and systemd-logind-launch
++ wrapper. The only remaining thing that we need from it is to create
++ /run/systemd/, move that into the D-BUS service file directly.
++ * /lib/lsb/init-functions.d/40-systemd: Avoid deadlocks during bootup and
++ shutdown. DHCP/ifupdown and similar hooks which call "/etc/init.d/foo
++ reload" can easily cause deadlocks, since the synchronous wait plus
++ systemd's normal behaviour of transactionally processing all dependencies
++ first easily causes dependency loops. Thus during boot/shutdown operate
++ only on the unit and not on its dependencies, just like SysV behaves.
++ (Closes: #777115, LP: #1417010)
++ * Only start logind if dbus is installed. This fixes the noisy startup
++ failure in environments without dbus, such as LXC containers or servers.
++ (part of #772700)
++ * Add getty-static.service unit which starts getty@.service on tty 2 to 6 if
++ dbus is not installed, and hence logind cannot auto-start them on demand.
++ (Closes: #772700)
++
++ [ Michael Biebl ]
++ * Update insserv-generator and map $x-display-manager to
++ display-manager.service, following the recent change in sysv-generator.
++ This avoids creating references to a no longer existing
++ x-display-manager.target unit.
++
++ -- Martin Pitt <mpitt@debian.org> Mon, 09 Feb 2015 18:07:22 +0100
++
++systemd (218-7) experimental; urgency=medium
++
++ [ Martin Pitt ]
++ * Don't attempt to mount the same swap partition twice through different
++ device node aliases. (Closes: #772182, LP: #1399595)
++ * logind: handle closing sessions over daemon restarts. (Closes: #759515,
++ LP: #1415104)
++ * logind: Fix sd_eviocrevoke ioctl call, to make forced input device release
++ after log out actually work.
++ * debian/rules: Drop obsolete --disable-multi-seat-x and
++ --with-firmware-path configure options.
++ * debian/udev.README.Debian: Trim the parts which are obsolete, wrong, or
++ described in manpages. Only keep the Debian specific bits.
++ (Part of #776546)
++ * Actually install udev's README.Debian when building for Debian.
++ (Closes: #776546)
++ * Create system group "input" which was introduced in 215. (LP: #1414409)
++ * ifup@.service: Don't fail if the interface is not configured in
++ /etc/network/interfaces at all. (LP: #1414426)
++
++ [ Michael Biebl ]
++ * Update Vcs-Browser URL to use cgit and https.
++ * Map $x-display-manager LSB facility to display-manager.service instead of
++ making it a target. Using a target had the downside that multiple display
++ managers could hook into it at the same time which could lead to several
++ failed start attempts for the non-default display manager.
++
++ -- Martin Pitt <mpitt@debian.org> Sun, 01 Feb 2015 20:48:49 +0100
++
++systemd (218-6) experimental; urgency=medium
++
++ [ Martin Pitt ]
++ * initramfs hook: Install 61-persistent-storage-android.rules if it exists.
++ * Generate POT file during package build, for translators.
++ * Pull latest keymaps from upstream git.
++ * Order ifup@.service and networking.service after network-pre.target.
++ (Closes: #766938)
++ * Tone down "Network interface NamePolicy= disabled on kernel commandline,
++ ignoring" info message to debug, as we expect this while we disable
++ net.ifnames by default. (Closes: #762101, LP: #1411992)
++
++ [ Michael Biebl ]
++ * Ship bash-completion for udevadm. (Closes: #776166)
++ * Drop rc-local generator in favor of statically enabling rc-local.service,
++ and drop halt-local.service which is unnecessary on Debian.
++ (Closes: #776170)
++ * Drop the obsolete libsystemd-* libraries, there are no reverse
++ dependencies left.
++
++ -- Martin Pitt <mpitt@debian.org> Mon, 26 Jan 2015 15:45:45 +0100
++
++systemd (218-5) experimental; urgency=medium
++
++ * Drop logger.agent. It hasn't been called from any udev rule for a long
++ time, and looks obsolete.
++ * debian/rules: Configure with --disable-firstboot to replace some manual
++ file removals.
++ * debian/rules: Remove manual file installation, move them to
++ debian/*.install. Move all Debian specific installed files to
++ debian/extra/.
++ * Merge some changes from the Ubuntu package to reduce the delta; these only
++ apply when building on/for Ubuntu:
++ - Add 40-hyperv-hotadd.rules: Workaround for LP: #1233466.
++ - Add 61-persistent-storage-android.rules to create persistent symlinks
++ for partitions with PARTNAME. By Ricardo Salveti.
++ - Add 71-power-switch-proliant.rules for supporting the power switches of
++ ProLiant Server Cartridges. By Dann Frazier.
++ - Add 78-graphics-card.rules: Mark KMS capable graphics devices as
++ PRIMARY_DEVICE_FOR_DISPLAY so that we can wait for those in plymouth.
++ By Scott James Remnant.
++ - Don't install the Debian *.agent scripts. Instead, have Ubuntu's
++ 80-networking.rules directly pull in ifup@.service, which is much easier
++ and more efficient.
++ * Make EPERM/EACCESS when applying OOM adjustment for forked processes
++ non-fatal. This happens in user namespaces like unprivileged LXC
++ containers.
++ * Fix assertion failure due to /dev/urandom being unmounted when shutting
++ down unprivileged containers. Thanks Stéphane Graber.
++ * Enable EFI support. This mostly auto-mounts /sys/firmware/efi/efivars, but
++ also provides a generator for auto-detecting the root and the /boot/efi
++ partition if they aren't in /etc/fstab. (Closes: #773533)
++
++ -- Martin Pitt <mpitt@debian.org> Thu, 22 Jan 2015 16:13:46 +0100
++
++systemd (218-4) experimental; urgency=medium
++
++ [ Michael Biebl ]
++ * sysv-generator: handle Provides: for non-virtual facility names.
++ (Closes: #774335)
++ * Fix systemd-remount-fs.service to not fail on remounting /usr if /usr
++ isn't mounted yet. This happens with initramfs-tools < 0.118 which we
++ might not get into Jessie any more. (Closes: #742048)
++
++ [ Martin Pitt ]
++ * fstab-generator: Handle mountall's non-standard "nobootwait" and
++ "optional" options. ("bootwait" is already the systemd default behaviour,
++ and "showthrough" is irrelevant here, so both can be ignored).
++ * Add autopkgtest for one-time boot with upstart when systemd-sysv is
++ installed. This test only works under Ubuntu which has a split out
++ upstart-bin package, and will be skipped under Debian.
++ * debian/ifup@.service: Check if ifup succeeds by calling ifquery, to
++ work around ifup not failing on invalid interfaces (see #773539)
++ * debian/ifup@.service: Set proper service type (oneshot).
++ * sysv-generator: Handle .sh suffixes when translating Provides:.
++ (Closes: #775889)
++ * sysv-generator: Make real units overwrite symlinks generated by Provides:
++ from other units. Fixes failures due to presence of backup or old init.d
++ scripts. (Closes: #775404)
++ * Fix journal forwarding to syslog in containers without CAP_SYS_ADMIN.
++ (Closes: #775067)
++ * Re-enable AppArmor support, now that libapparmor1 moved to /lib. Add
++ versioned dependency as long as this is still only in experimental.
++ (Closes: #775331)
++ * Add some missing dpkg and ucf temp files to the "hidden file" filter, to
++ e. g. avoid creating units for them through the sysv-generator.
++ (Closes: #775903)
++ * Silence useless warning about /etc/localtime not being a symlink. This is
++ deliberate in Debian with /usr (possibly) being on a separate partition.
++ (LP: #1409594)
++
++ [ Christian Kastner ]
++ * Use common-session-noninteractive in systemd-user's PAM config, instead of
++ common-session. The latter can include PAM modules like libpam-mount which
++ expect to be called just once and/or interactively, which already happens
++ for login, ssh, or the display-manager. Add pam_systemd.so explicitly, as
++ it's not included in -noninteractive, but is always required (and
++ idempotent). There is no net change on systemd which don't use manually
++ installed PAM modules. (Closes: #739676)
++
++ [ Michael Biebl ]
++ * Make sure we run debian-fixup.service after /var has been mounted if /var
++ is on a separate partition. Otherwise we might end up creating the
++ /var/lock and /var/run symlink in the underlying root filesystem.
++ (Closes: #768644)
++
++ -- Martin Pitt <mpitt@debian.org> Wed, 21 Jan 2015 15:57:50 +0100
++
++systemd (218-3) experimental; urgency=medium
++
++ * build-logind autopkgtest: Re-enforce that sd_login_monitor_new() succeeds,
++ and restrict this test to isolation-container. (Reproduces LP #1400203)
++ * Bring back patch to make sd_login_monitor_new() work under other init
++ systems where /sys/fs/cgroup/systemd/machine does not exist.
++ (LP: #1400203)
++ * build-login autopkgtest: Build against libsystemd, not libsystemd-login
++ any more.
++ * Add debian/extra/systemd-vconsole-setup.service dependency shim for
++ the console-setup init script, to avoid breaking dependencies of
++ third-party packages. Install it for Ubuntu only for now, as in Debian
++ plymouth's unit got adjusted. (LP: #1392970, Debian #755194)
++ * Mark systemd{,-sysv} as M-A: foreign (thanks lintian).
++ * Quiesce maintainer-script-calls-systemctl lintian warning.
++ * Quiesce possibly-insecure-handling-of-tmp-files lintian warning, it's
++ wrong there (we are handling tmpfiles.d/ files which are not in a temp
++ dir).
++ * Use dh_installinit's --noscript instead of --no-start for the upstart
++ jobs without sysvinit scripts (thanks lintian).
++ * Put systemd.pc into arch specific pkgconfig dir, as it contains the arch
++ specific libdir value.
++ * Don't enable audit by default. It causes flooding of dmesg and syslog,
++ suppressing actually important messages. (Closes: #773528)
++ * Cherrypick various bug fixes in loopback device setup and netlink socket
++ communication. Fixes massive CPU usage due to tight retry loops in user
++ LXC containers.
++
++ -- Martin Pitt <mpitt@debian.org> Mon, 29 Dec 2014 14:55:35 +0100
++
++systemd (218-2) experimental; urgency=medium
++
++ * boot-and-services AppArmor autopkgtest: Stop checking the dmesg log; it is
++ racy as sometimes message bursts are suppressed.
++ * Fix crash in timedatectl with Etc/UTC.
++ * Prefer-etc-X11-default-display-manager-if-present.patch: Drop wrong
++ copy&paste'd comment, fix log strings. Thanks Adam D. Barratt.
++ * boot-and-services: Robustify Nspawn tests, and show systemd-nspawn output
++ on failure.
++ * Disable tests which fail on buildds, presumably due to too old kernels,
++ misconfigured /etc/hosts, and similar problems. Make failures of the test
++ suite fatal now.
++
++ -- Martin Pitt <mpitt@debian.org> Tue, 16 Dec 2014 08:24:38 +0100
++
++systemd (218-1) experimental; urgency=medium
++
++ * New upstream release. Drop all cherry-picked patches and port the Debian
++ specific ones.
++ - Create /etc/machine-id on boot if missing. (LP: #1387090)
++ * Add new libmount-dev build dependency.
++ * Configure with --enable-split-usr.
++ * Merge some permanent Ubuntu changes, using dpkg-vendor:
++ - Don't symlink udev doc directories.
++ - Add epoch to gudev packages; Ubuntu packaged the standalone gudev before
++ it got merged into udev.
++ - Add Apport hooks for udev and systemd.
++ * udev-fallback-graphics upstart job: Guard the modprobe with || true to
++ avoid a failure when vesafb is compiled in. (LP: #1367241)
++
++ -- Martin Pitt <mpitt@debian.org> Sun, 14 Dec 2014 13:58:39 +0100
++
++systemd (217-4) experimental; urgency=medium
++
++ [ Martin Pitt ]
++ * Reinstate a debian/extra/rules/50-firmware.rules which immediately tells
++ the kernel that userspace firmware loading failed. Otherwise it tries for a
++ minute to call the userspace helper (if CONFIG_FW_LOADER_USER_HELPER is
++ enabled) in vain, which causes long delays with devices which have a range
++ of possible firmware versions. (LP: #1398458)
++ * debian/systemd.postinst: Don't always restart journald, as this currently
++ can't be done without losing the current journal and breaking attached
++ processes. So only restart it from upgrades < 215-3 (where the socket
++ location got moved) as an one-time upgrade path from wheezy.
++ (Closes: #771122)
++ * Revert "Modify insserv generator to mask sysvinit-only display managers".
++ This is still under dispute, a bit risky, and might get a different
++ implementation. Also, nodm really needs to be fixed properly, working
++ around it is both too risky and also too hard to get right.
++
++ [ Didier Roche ]
++ * Add display managers autopkgtests.
++ * Reset display-manager symlink to match /e/X/d-d-m even if
++ display-manager.service was removed. Adapt the autopkgtests for it.
++ (LP: #1400680)
++
++ -- Martin Pitt <mpitt@debian.org> Thu, 11 Dec 2014 18:06:54 +0200
++
++systemd (217-3) experimental; urgency=medium
++
++ [ Martin Pitt ]
++ * systemd.bug-script: Really capture stderr of systemd-delta.
++ (Closes: #771498)
++ * boot-and-services autopkgtest: Give test apparmor job some time to
++ actually finish.
++
++ [ Didier Roche ]
++ * updated debian/patches/insserv.conf-generator.patch:
++ - if /etc/X11/default-display-manager doesn't match a systemd unit
++ (or doesn't exist), be less agressive about what to mask: we let
++ all sysvinit-only display-manager units enabled to fallback to previous
++ behavior and let them starting. (Closes: #771739)
++
++ -- Martin Pitt <mpitt@debian.org> Tue, 02 Dec 2014 16:53:36 +0100
++
++systemd (217-2) experimental; urgency=medium
++
++ * Re-enable journal forwarding to syslog, until Debian's sysloggers
++ can/do all read from the journal directly.
++ * Fix hostnamectl exit code on success.
++ * Fix "diff failed with error code 1" spew with systemd-delta.
++ (Closes: #771397)
++ * Re-enable systemd-resolved. This wasn't meant to break the entire
++ networkd, just disable the new NSS module. Remove that one manually
++ instead. (Closes: #771423, LP: #1397361)
++ * Import v217-stable patches (up to commit bfb4c47 from 2014-11-07).
++ * Disable AppArmor again. This first requires moving libapparmor to /lib
++ (see #771667). (Closes: #771652)
++ * systemd.bug-script: Capture stderr of systemd-{delta,analyze}.
++ (Closes: #771498)
++
++ -- Martin Pitt <mpitt@debian.org> Mon, 01 Dec 2014 15:09:09 +0100
++
++systemd (217-1) experimental; urgency=medium
++
++ [ Martin Pitt ]
++ * New upstream release. Drop all cherry-picked patches and port the Debian
++ specific ones.
++ * Disable systemd-resolved for now. It still needs to mature, and
++ integration into Debian should be discussed first.
++ * Bump util-linux dependency to >= 2.25 as per NEWS.
++ * Drop installation of 50-firmware.rules, not shipped upstream any more.
++ Firmware loading is now exclusively done by the kernel.
++ * Drop installation of readahead related services and code, readahead got
++ dropped in this version.
++ * Ship new networkctl CLI tool.
++ * debian/libsystemd0.symbols: Add new symbols from this release.
++ * debian/rules: Call dpkg-gensymbols with -c4 to immediately spot
++ changed/missing symbols during build.
++ * boot-and-services autopkgtest: Test AppArmor confined units (LP #1396270)
++ * Create new "systemd-journal-remote" system group, for
++ systemd-tmpfiles-setup.service.
++
++ [ Marc Deslauriers ]
++ * Build-depend on libapparmor-dev to enable AppArmor support. (LP: #1396270)
++
++ [ Didier Roche ]
++ * Handle display-manager transitions: (Closes: #748668)
++ - Add a generator to ensure /etc/X11/default-display-manager is controlling
++ which display-manager is started.
++ - Modify insserv generator to mask of sysvinit-only dms with insserv
++ $x-display-manager tag if they don't match
++ /etc/X11/default-display-manager. This avoids starting multiple dms at
++ boot.
++ * Cherry-pick Shared-add-readlink_value.patch as using that function in the
++ generator.
++
++ -- Martin Pitt <mpitt@debian.org> Fri, 28 Nov 2014 10:53:58 +0100
++
++systemd (215-18) unstable; urgency=medium
++
++ [ Michael Biebl ]
++ * manager: Pass correct errno to strerror(), have_ask_password contains
++ negative error values which have to be negated when being passed to
++ strerror().
++
++ [ Martin Pitt ]
++ * Revert upstream commit 743970d which immediately SIGKILLs units during
++ shutdown. This leads to problems like bash not being able to write its
++ history, mosh not saving its state, and similar failed cleanup actions.
++ (Closes: #784720, LP: #1448259)
++ * write_net_rules: Escape '{' and '}' characters as well, to make this work
++ with busybox grep. Thanks Faidon Liambotis! (Closes: #765577)
++
++ -- Martin Pitt <mpitt@debian.org> Thu, 21 May 2015 15:49:30 +0200
++
++systemd (215-17) unstable; urgency=high
++
++ * cryptsetup: Implement offset and skip options. (Closes: #751707,
++ LP: #953875)
++
++ -- Martin Pitt <mpitt@debian.org> Thu, 16 Apr 2015 10:26:46 -0500
++
++systemd (215-16) unstable; urgency=medium
++
++ [ Christian Seiler ]
++ * Don't run hwclock-save.service in containers. (Closes: #782377)
++
++ [ Michael Biebl ]
++ * Do not print anything while passwords are being queried. This should make
++ password prompts without plymouth more usable. (Closes: #765013)
++ * Skip filesystem check if already done by the initramfs. (Closes: #782522)
++
++ -- Michael Biebl <biebl@debian.org> Mon, 13 Apr 2015 19:42:32 +0200
++
++systemd (215-15) unstable; urgency=medium
++
++ [ Adam Conrad ]
++ * debian/systemd.{triggers,postinst}: Trigger a systemctl daemon-reload
++ when init scripts are installed or removed (Closes: #766429)
++
++ [ Martin Pitt ]
++ * Fix getty restart loop when PTS device is gone. (Closes: #780711)
++ * Run timesyncd in virtual machines. (Closes: #762343)
++ * Make logind work in environments without CAP_SYS_ADMIN (mostly
++ containers). Thanks Christian Seiler for the backporting!
++ (Closes: #778608)
++ * Check for correct signatures when setting properties. Fixes systemd
++ getting stuck on trying to set invalid property types. (Closes: #781602)
++
++ -- Martin Pitt <mpitt@debian.org> Thu, 09 Apr 2015 10:12:37 +0200
++
++systemd (215-14) unstable; urgency=medium
++
++ [ Michael Biebl ]
++ * Map $x-display-manager LSB facility to display-manager.service instead of
++ making it a target. Using a target had the downside that multiple display
++ managers could hook into it at the same time which could lead to several
++ failed start attempts for the non-default display manager.
++ * Update insserv-generator and map $x-display-manager to
++ display-manager.service, following the recent change in sysv-generator.
++ This avoids creating references to a no longer existing
++ x-display-manager.target unit.
++ * Cherry-pick upstream fix to increase the SendBuffer of /dev/log to 8M.
++
++ [ Martin Pitt ]
++ * scope: Make attachment of initial PIDs more robust. Fixes crash with
++ processes that get started by an init.d script with a different (aliased)
++ name when the cgroup becomes empty. (Closes: #781210)
++ * boot-and-services, display-managers autopkgtests: Add missing python3 test
++ dependency.
++ * Don't attempt to mount the same swap partition twice through different
++ device node aliases. (Closes: #772182, LP: #1399595)
++
++ [ Christian Seiler ]
++ * Make the journald to syslog forwarding more robust by increasing the
++ maximum datagram queue length from 10 to 512. (Closes: #762700)
++
++ [ Marco d'Itri ]
++ * Avoid writing duplicate entries in 70-persistent-net.rules by double
++ checking if the new udev rule has already been written for the given
++ interface. This happens if multiple add events are generated before the
++ write_net_rules script returns and udevd renames the interface.
++ (Closes: #765577)
++
++ -- Michael Biebl <biebl@debian.org> Mon, 30 Mar 2015 13:26:52 +0200
++
++systemd (215-13) unstable; urgency=medium
++
++ [ Martin Pitt ]
++ * Add hwclock-save.service to sync the system clock to the hardware clock on
++ shutdown, to provide monotonic time for reboots. (Note: this is a hack for
++ jessie; the next Debian release will enable timesyncd by default).
++ (Closes: #755722)
++ * Check for correct architecture identifiers for SuperH. (Closes: #779710)
++ * networkd: Fix stopping v4 dhcpclient when the carrier is lost. Thanks
++ Christos Trochalakis! (Closes: #779571)
++ * Fix segfault with units that depend on themselves. (Closes: #780675)
++ * tmpfiles-setup-dev: Call tmpfiles with --boot to allow unsafe device
++ creation. Fixes creation of static device nodes with kmod 20.
++ (Closes: #780263)
++
++ [ Christian Seiler ]
++ * core: Don't migrate PIDs for units that may contain subcgroups.
++ This stops messing up lxc/libvirt/other custom cgroup layouts after
++ daemon-reload. (Closes: #777164)
++ * sysv-generator: add support for /etc/insserv/overrides. (Closes: #759001)
++
++ [ Michael Biebl ]
++ * debian/udev.init: Recognize '!' flag with static device lists, to work
++ with kmod 20. (Closes: #780263)
++
++ [ Didier Roche ]
++ * Ensure PrivateTmp doesn't require tmpfs through tmp.mount, but rather adds
++ an After relationship. (Closes: #779902)
++
++ -- Martin Pitt <mpitt@debian.org> Thu, 26 Mar 2015 14:23:35 +0100
++
++systemd (215-12) unstable; urgency=medium
++
++ [ Martin Pitt ]
++ * debian/udev.README.Debian: Trim the parts which are obsolete, wrong, or
++ described in manpages. Only keep the Debian specific bits.
++ (Part of #776546)
++ * Actually install udev's README.Debian when building for Debian.
++ (Closes: #776546)
++ * Only start logind if dbus is installed. This fixes the noisy startup
++ failure in environments without dbus such as LXC containers or servers.
++ (part of #772700)
++ * Add getty-static.service unit which starts getty@.service on tty 2 to 6 if
++ dbus is not installed, and hence logind cannot auto-start them on demand.
++ (Closes: #772700)
++ * Add unit-config autopkgtest to check systemd unit/sysv init enabling and
++ disabling via systemctl. This avoids bugs like #777613 (did not affect
++ unstable).
++ * cgroup: Don't trim cgroup trees created by someone else, just the ones
++ that systemd itself created. This avoids cleaning up empty cgroups from
++ e.g. LXC. (Closes: #777601)
++ * boot-and-services autopkgtest: Add CgroupsTest to check cgroup
++ creation/cleanup behaviour. This reproduces #777601 and verifies the fix
++ for it.
++ * rules: Fix by-path of mmc RPMB partitions and don't blkid them. Avoids
++ kernel buffer I/O errors and timeouts. (LP: #1333140)
++ * Document systemctl --failed option. (Closes: #767267)
++
++ [ Michael Biebl ]
++ * core: Don't fail to run services in --user instances if $HOME is missing.
++ (Closes: #759320)
++
++ [ Didier Roche ]
++ * default-display-manager-generator: Avoid unnecessary /dev/null symlink and
++ warning if there is no display-manager.service unit.
++
++ -- Martin Pitt <mpitt@debian.org> Fri, 13 Feb 2015 12:08:31 +0100
++
++systemd (215-11) unstable; urgency=medium
++
++ [ Martin Pitt ]
++ * escape-beef-up-new-systemd-escape-tool.patch: Avoid creating a dangling
++ symlink, to work around regression in recent patch (see #776257).
++ * Order ifup@.service and networking.service after network-pre.target.
++ (Closes: #766938)
++ * Tone down "Network interface NamePolicy= disabled on kernel commandline,
++ ignoring" info message to debug, as we expect this while we disable
++ net.ifnames by default. (Closes: #762101, LP: #1411992)
++ * logind: handle closing sessions over daemon restarts. (Closes: #759515,
++ LP: #1415104)
++ * logind: Fix sd_eviocrevoke ioctl call, to make forced input device release
++ after log out actually work.
++ * debian/patches/series: Move upstreamed patches into the appropriate
++ section.
++
++ [ Michael Biebl ]
++ * Make sure we run debian-fixup.service after /var has been mounted if /var
++ is on a separate partition. Otherwise we might end up creating the
++ /var/lock and /var/run symlink in the underlying root filesystem.
++ (Closes: #768644)
++
++ -- Martin Pitt <mpitt@debian.org> Thu, 29 Jan 2015 09:01:54 +0100
++
++systemd (215-10) unstable; urgency=medium
++
++ [ Martin Pitt ]
++ * sysv-generator: Handle .sh suffixes when translating Provides:.
++ (Closes: #775889)
++ * sysv-generator: Make real units overwrite symlinks generated by Provides:
++ from other units. Fixes failures due to presence of backup or old init.d
++ scripts. (Closes: #775404)
++ * Fix journal forwarding to syslog in containers without CAP_SYS_ADMIN.
++ (Closes: #775067)
++
++ [ Christian Kastner ]
++ * Use common-session-noninteractive in systemd-user's PAM config, instead of
++ common-session. The latter can include PAM modules like libpam-mount which
++ expect to be called just once and/or interactively, which already happens
++ for login, ssh, or the display-manager. Add pam_systemd.so explicitly, as
++ it's not included in -noninteractive, but is always required (and
++ idempotent). There is no net change on systemd which don't use manually
++ installed PAM modules. (Closes: #739676)
++
++ -- Martin Pitt <mpitt@debian.org> Wed, 21 Jan 2015 13:18:05 +0100
++
++systemd (215-9) unstable; urgency=medium
++
++ [ Didier Roche ]
++ * Add display managers autopkgtests.
++ * Reset display-manager symlink to match /e/X/d-d-m even if
++ display-manager.service was removed. Adapt the autopkgtests for it.
++
++ [ Martin Pitt ]
++ * Prefer-etc-X11-default-display-manager-if-present.patch: Drop wrong
++ copy&paste'd comment, fix log strings. Thanks Adam D. Barratt.
++ * Log all members of cyclic dependencies (loops) even with quiet on the
++ kernel cmdline. (Closes: #770504)
++ * Don't auto-clean PrivateTmp dir in /var/tmp; in Debian we don't want to
++ clean /var/tmp/ automatically. (Closes: #773313)
++
++ [ Michael Biebl ]
++ * sysv-generator: handle Provides: for non-virtual facility names.
++ (Closes: #774335)
++ * Fix systemd-remount-fs.service to not fail on remounting /usr if /usr
++ isn't mounted yet. This happens with initramfs-tools < 0.118 which we
++ might not get into Jessie any more. (Closes: #742048)
++
++ -- Martin Pitt <mpitt@debian.org> Tue, 13 Jan 2015 11:24:43 +0100
++
++systemd (215-8) unstable; urgency=medium
++
++ [ Didier Roche ]
++ * Cherry-pick shared-add-readlink_value.patch, we will use that function in
++ the generator.
++ * Cherry-pick util-allow-strappenda-to-take-any-number-of-args.patch, we
++ will use that function in the generator.
++ * Handle multiple display managers which don't ship a systemd unit or the
++ corresponding postinst logic for updating display-manager.service: Add a
++ generator to ensure /etc/X11/default-display-manager is controlling which
++ display-manager is started. (Closes: #771287)
++
++ [ Sjoerd Simons ]
++ * d/p/core-Fix-bind-error-message.patch:
++ + Added. Fix error message on bind failure to print the full path
++ * d/p/core-Make-binding-notify-private-dbus-socket-more-ro.patch:
++ + Added. Be more robust when binding private unix sockets (Based on current
++ upstream logic) (Closes: #761306)
++
++ [ Martin Pitt ]
++ * Clean up ...journal~ files from unclean shutdowns. (Closes: #771707)
++ * debian/systemd.postinst: Don't always restart journald, as this currently
++ can't be done without losing the current journal and breaking attached
++ processes. So only restart it from upgrades < 215-3 (where the socket
++ location got moved) as an one-time upgrade path from wheezy.
++ (Closes: #771122)
++ * journalctl: Fix help text for --until. (Closes: #766598)
++ * Bump systemd's udev dependency to >= 208-8, so that on partial upgrades we
++ make sure that the udev package has appropriate Breaks:. In particular,
++ this avoids installing current udev with kmod << 14. (Closes: #771726)
++
++ [ Michael Biebl ]
++ * systemd.postinst: Move unit enablement after restarting systemd, so that
++ we don't fail to enable units with keywords that wheezy's systemd does not
++ understand yet. Fixes enabling getty units on wheezy upgrades with
++ systemd. (Closes: #771204)
++
++ -- Martin Pitt <mpitt@debian.org> Fri, 05 Dec 2014 10:01:24 +0100
++
++systemd (215-7) unstable; urgency=medium
++
++ [ Martin Pitt ]
++ * Add myself to Uploaders.
++ * Add boot-and-services autopkgtest: Check booting with systemd-sysv and
++ that the most crucial services behave as expected.
++ * logind autopkgtest: Fix stderr output in waiting loop for scsi_debug.
++ * Add nspawn test to boot-and-services autopkgtest.
++ * Make systemd-nspawn@.service work out of the box: (Closes: #770275)
++ - Pre-create /var/lib/container with a secure mode (0700) via tmpfiles.d.
++ - Add new try-{guest,host} modes for --link-journal to silently skip
++ setting up the guest journal if the host has no persistent journal.
++ - Extend boot-and-services autopkgtest to cover systemd-nspawn@.service.
++ * Cherry-pick upstream patch to fix SELinux unit access check (regression
++ in 215).
++ * sysv-generator: Avoid wrong dependencies for failing units. Thanks to
++ Michael Biebl for the patch! (Closes: #771118)
++ * Cherry-pick patches to recognize and respect the "discard" mount option
++ for swap devices. Thanks to Aurelien Jarno for finding and testing!
++ (Closes: #769734)
++
++ [ Jon Severinsson]
++ * Add /run/shm -> /dev/shm symlink in debian/tmpfiles.d/debian.conf. This
++ avoids breakage in Jessie for packages which still refer to /run/shm, and
++ while https://wiki.debian.org/ReleaseGoals/RunDirectory is still official.
++ (LP: #1320534, Closes: #674755).
++
++ -- Martin Pitt <mpitt@debian.org> Fri, 28 Nov 2014 06:43:15 +0100
++
++systemd (215-6) unstable; urgency=medium
++
++ [ Martin Pitt ]
++ * Cherry-pick upstream patch to fix udev crash in link_config_get().
++ * Cherry-pick upstream patch to fix tests in limited schroot environments.
++ * Add d/p/Add-env-variable-for-machine-ID-path.patch: Allow specifying an
++ alternate /etc/machine-id location. This is necessary for running tests
++ as long as it isn't in our base images (see Debian #745876)
++ * Run tests during package build. For the first round don't make them fatal
++ for now (that will happen once we see results from all the architectures).
++ * Drop our Check-for-kmod-binary.patch as the upstream patch
++ units-conditionalize-static-device-node-logic-on-CAP.patch supersedes it.
++ * Drop Use-comment-systemd.-syntax-in-systemd.mount-man-pag.patch, as
++ our util-linux is now recent enough. Bump dependency to >= 2.21.
++ * Adjust timedated and hostnamed autopkgtests to current upstream version.
++ * Replace our Debian hwdb.bin location patch with what got committed
++ upstream. Run hwdb update with the new --usr option to keep current
++ behaviour.
++ * debian/README.Debian: Document how to debug boot or shutdown problems with
++ the debug shell. (Closes: #766039)
++ * Skip-99-systemd.rules-when-not-running-systemd-as-in.patch: Call path_id
++ under all init systems, to get consistent ID_PATH attributes. This is
++ required so that tools like systemd-rfkill can be used with SysVinit or
++ upstart scripts, too. (LP: #1387282)
++ * Switch libpam-systemd dependencies to prefer systemd-shim over
++ systemd-sysv, to implement the CTTE decision #746578. This is a no-op on
++ systems which already have systemd-sysv installed, but will prevent
++ installing that on upgrades. (Closes: #769747)
++ * Remove Tollef from Uploaders: as per his request. Thanks Tollef for all
++ you work!
++ * net.agent: Properly close stdout/err FDs, to avoid long hangs during udev
++ settle. Thanks to Ben Hutchings! (Closes: #754987)
++ * Bump Standards-Version to 3.9.6 (no changes necessary).
++
++ [ Didier Roche ]
++ * debian/ifup@.service: add a ConditionPath on /run/network, to avoid
++ failing the unit if /etc/init.d/networking is disabled. (Closes: #769528)
++
++ -- Martin Pitt <mpitt@debian.org> Tue, 18 Nov 2014 12:37:22 +0100
++
++systemd (215-5) unstable; urgency=medium
++
++ [ Martin Pitt ]
++ * Unblacklist hyperv_fb again, it is needed for graphical support on Hyper-V
++ platforms. Thanks Andy Whitcroft! (LP: #1359933)
++ * Bump systemd-shim Depends/Breaks to 8-2 to ensure a lockstep upgrade.
++ (Closes: #761947)
++
++ [ Sjoerd Simons ]
++ * d/p/sd-bus-Accept-no-sender-as-the-destination-field.patch
++ + Fix compatibility between systemctl v215 and v208. Resolves issue when
++ reloads of services is requested before systemd is re-execed
++ (Closes: #762146)
++
++ [ Michael Biebl ]
++ * Don't overmount existing /run/user/<UID> directories with a per-user tmpfs
++ on upgrades. (Closes: #762041)
++ * Re-enable mount propagation for udevd. This avoids that broken software
++ like laptop-mode-tools, which runs mount from within udev rules, causes
++ the root file system to end up read-only. (Closes: #762018)
++
++ -- Michael Biebl <biebl@debian.org> Sat, 27 Sep 2014 17:49:47 +0200
++
++systemd (215-4) unstable; urgency=medium
++
++ * Upload to unstable.
++
++ -- Michael Biebl <biebl@debian.org> Mon, 15 Sep 2014 17:38:30 +0200
++
++systemd (215-3) experimental; urgency=medium
++
++ [ Ben Howard ]
++ * 75-persistent-net-generator.rules: Fix matches of HyperV. (LP: #1361272)
++
++ [ Martin Pitt ]
++ * 75-persistent-net-generator.rules: Add new MS Azure MAC prefix 00:25:ae.
++ (LP: #1367883)
++
++ [ Michael Biebl ]
++ * Update upstream v215-stable patch series.
++ * The /dev/log socket and /dev/initctl FIFO have been moved to /run and
++ replaced by symlinks. Create the symlinks manually on upgrades as well.
++ (Closes: #761340)
++ * Fix incorrect paths in man pages. (LP: #1357782, Closes: #717491)
++ * Make systemd recommend dbus so it is installed on upgrades. The dbus
++ system bus is required to run systemd-logind and the autovt feature relies
++ on logind. (Closes: #758111)
++ * Bump dependency on systemd-shim to (>= 7-2) to ensure we have a version
++ which supports systemd >= 209.
++ * Rework bug-script to be more upfront about what kind of data is gathered
++ and ask the user for permission before attaching the information to the
++ bug report. (Closes: #756248)
++
++ [ Sjoerd Simons ]
++ * d/p/buildsys-Don-t-default-to-gold-as-the-linker.patch
++ + Don't explicitly pick gold as the default linker. Fixes FTBFS on sparc
++ (Closes: #760879)
++
++ -- Sjoerd Simons <sjoerd@debian.org> Sun, 14 Sep 2014 20:14:49 +0200
++
++systemd (215-2) experimental; urgency=medium
++
++ * debian/patches/always-check-for-__BYTE_ORDER-__BIG_ENDIAN-when-chec.patch
++ + Added. Fix checking of system endianness. Fixes FTBFS on powerpc
++ * debian/patches/timesyncd-when-we-don-t-know-anything-about-the-netw.patch:
++ + Let timesyncd go online even if networkd isn't running (from upstream
++ git) (Closes: #760087)
++ * debian/rules: add systemd-update-utmp-runlevel.service to
++ {poweroff, rescue, multi-user, graphical, reboot}.target.wants to trigger
++ the runlevel target to be loaded
++
++ -- Sjoerd Simons <sjoerd@debian.org> Sun, 07 Sep 2014 23:46:02 +0200
++
++systemd (215-1) experimental; urgency=medium
++
++ * New upstream release.
++ * Import upstream v215-stable patch series.
++ * Rebase remaining Debian patches on top of v215-stable.
++ * Drop our Debian-specific run-user.mount unit as upstream now creates a
++ per-user tmpfs via logind.
++ * Don't rely on new mount from experimental for now and re-add the patch
++ which updates the documentation accordingly.
++ * Cherry-pick upstream fix to use correct versions for the new symbols that
++ were introduced in libudev.
++ * Update symbols files
++ - Add two new symbols for libudev1.
++ - Remove private symbol from libgudev-1.0-0. This symbol was never part of
++ the public API and not used anywhere so we don't need a soname bump.
++ * Cherry-pick upstream commit to not install busname units if kdbus support
++ is disabled.
++ * Make /run/lock tmpfs an API fs so it is available during early boot.
++ (Closes: #751392)
++ * Install new systemd-path and systemd-escape binaries.
++ * Cherry-pick upstream commit which fixes the references to the systemctl
++ man page. (Closes: #760613)
++ * Use the new systemd-escape utility to properly escape the network
++ interface name when starting an ifup@.service instance for hotplugged
++ network interfaces. Make sure a recent enough systemd version is installed
++ by bumping the versioned Breaks accordingly. (Closes: #747044)
++ * Order ifup@.service after networking.service so we don't need to setup the
++ runtime directory ourselves and we have a defined point during boot when
++ hotplugged network interfaces are started.
++ * Disable factory-reset feature and remove files associated with it. This
++ feature needs more integration work first before it can be enabled in
++ Debian.
++ * Cherry-pick upstream commit to fix ProtectSystem=full and make the
++ ProtectSystem= option consider /bin, /sbin, /lib and /lib64 (if it exists)
++ on Debian systems. (Closes: #759689)
++ * Use adduser in quiet mode when creating the system users/groups to avoid
++ warning messages about the missing home directories. Those are created
++ dynamically during runtime. (Closes: #759175)
++ * Set the gecos field when creating the system users.
++ * Add systemd-bus-proxy system user so systemd-bus-proxyd can properly drop
++ its privileges.
++ * Re-exec systemd and restart services at the end of postinst.
++ * Cherry-pick upstream commit for sd-journal to properly convert
++ object->size on big endian which fixes a crash in journalctl --list-boots.
++ (Closes: #758392)
++
++ -- Michael Biebl <biebl@debian.org> Sun, 07 Sep 2014 09:58:48 +0200
++
++systemd (214-1) experimental; urgency=medium
++
++ * New upstream release v214.
++ (Closes: #750793, #749268, #747939)
++
++ [ Jon Severinsson ]
++ * Import upstream v214-stable patch series.
++ - Rebase remaining Debian patches on top of v214-stable.
++ - Drop modifications to the now-removed built-in sysvinit support.
++ * Install the new combined libsystemd0 library, this library combines all
++ functionality of the various libsystemd-* libraries.
++ - Deprecate the old libsystemd-* libraries as they've been bundled into
++ libsystemd0. The old -dev files now just carry a transitional .pc file.
++ - Add new symbols file for libsystemd0.
++ * Update symbols file for libgudev-1.0-0.
++ * Remove pre-generated rules and unit files in debian/rules clean target.
++ * Add new systemd service users in systemd postinst (systemd-timesync,
++ systemd-network, systemd-resolve)
++ * Add new system group "input" used by udev rules in udev postinst.
++ * Try-restart networkd, resolved, and timesyncd after an upgrade.
++ * Do not force-enable default-on services on every upgrade.
++ * Add support for rcS.d init scripts to the sysv-generator.
++ - Do not order rcS.d services after local-fs.target if they do not
++ explicitly depend on $local_fs.
++ - Map rcS.d init script dependencies to their systemd equivalent.
++ - Special-case some dependencies for sysv init scripts for better
++ backwards compatibility. (Closes: #726027, #738965).
++ * Add systemd depends on new mount. (Closes: #754411)
++ * Update /run/initctl symlink target in debian/tmpfiles.d/debian.conf.
++ * Remove stored backlog state, rfkill state, random-seed and clock
++ information from /var/lib/systemd on systemd purge.
++
++ [ Sjoerd Simons ]
++ * debian/patches/shared-include-stdbool.h-in-mkdir.h.patch
++ + Added. Include stdbool before using bool in function prototypes. Fixes
++ build of the insserv generator
++ * Add python-lxml to build-depends for python-systemd
++ * Turn on parallel build support
++ * Install the new busctl binary and translations
++ * Explicitly disable microhttp so the package build doesn't fail if the
++ required dependencies for it happen to be installed.
++ * debian/control: Make udev break plymouth (<< 0.9.0-7) as older plymouths
++ assume udev implementation details that have changed slightly since v213
++ * debian/control: Remove b-d on librwap0-dev
++ * debian/control: Bump libkmod-dev b-d to >= 15
++ * debian/rules: Drop outdated --enable-tcpwrap
++ * debian/rules: Explicitly turn off rfkill, networkd, timesyncd and resolved
++ for the udeb build
++ * debian/rules: Use the debian ntp pool as default ntp servers
++ * debian/rules: explicitely configure the maximum system uid/gids instead of
++ relying on autodetection
++
++ -- Sjoerd Simons <sjoerd@debian.org> Sun, 24 Aug 2014 14:54:27 +0200
++
++systemd (208-8) unstable; urgency=medium
++
++ [ Martin Pitt ]
++ * Fix duplicate line in copyright. (Closes: #756899)
++ * Drop --disable-xattr configure option for udeb, does not exist any more.
++ * Add Turkish debconf translations. Thanks Mert Dirik! (Closes: #757498)
++ * Backport fix for lazy session-activation on non-seat0 seats.
++ (LP: #1355331)
++
++ [ Michael Biebl ]
++ * Use "kmod static-nodes --output=/proc/self/fd/1" in make_static_nodes() as
++ we can't rely on /dev/stdout to exist at this point during boot.
++ (Closes: #757830)
++ * Fix udev SysV init script and d-i start script to not write to
++ /sys/kernel/uevent_helper unconditionally to not fail on a kernel with
++ CONFIG_UEVENT_HELPER unset. (Closes: #756312)
++ * Add Breaks: kmod (<< 14) to udev to make sure we have a kmod version
++ supporting the static-nodes command.
++ * Add Breaks: systemd (<< 208) to udev to avoid partial upgrades. Newer udev
++ versions rely on kmod-static-nodes.service being provided by systemd.
++ (Closes: #757777)
++ * Updated upstream v208-stable patch series to 53b1b6c.
++ * Cherry-pick upstream fix to ignore temporary dpkg files. (Closes: #757302)
++ * Make emergency.service conflict with rescue.service.
++ Otherwise if rescue mode is selected during boot and the emergency mode
++ is triggered (e.g. via a broken fstab entry), we have two sulogin
++ processes fighting over the tty. (Closes: #757072)
++ * Stop syslog.socket when entering emergency mode as otherwise every log
++ message triggers the start of the syslog service and its dependencies
++ which conflicts with emergency.target. (Closes: #755581)
++
++ -- Michael Biebl <biebl@debian.org> Thu, 21 Aug 2014 00:14:21 +0200
++
++systemd (208-7) unstable; urgency=medium
++
++ [ Michael Biebl ]
++ * Mask remaining services provided by the initscripts package and document
++ in more detail why certain services have been masked. (Closes: #659264)
++ * Install zsh completions to the correct place. (Closes: #717540)
++
++ [ Jon Severinsson ]
++ * Cherry-pick upstream fix for journal file permissions. (Closes: #755062)
++ * Map some rcS.d init script dependencies to their systemd equivalent.
++ * Update Depends on initscripts to the version with a systemd-compatible
++ mountnfs ifup hook. (Closes: #746358)
++ * Add Breaks on lvm2 versions without native systemd support.
++ (Closes: #678438, #692120)
++ * Do not fail udev upgrades if the udev service is already runtime-masked
++ when the preinst script is run. (Closes: #755746)
++ * Add Pre-Depends on systemd to systemd-sysv, to avoid risking that the
++ sysv-compatible symlinks become dangling on a partial install.
++ * Ensure that systemctl is usable right after being unpacked, by adding the
++ required Pre-Depends to systemd and libsystemd-daemon0. (Closes: #753589)
++ * Add support for TuxOnIce hibernation. (Closes: #746463)
++
++ [ Martin Pitt ]
++ * Rename "api" autopkgtest to "build-login", and stop requiring that
++ sd_login_monitor_new() succeeds. It doesn't in many environments like
++ schroot or after upgrades from < 204, and the main point of the test is
++ to check that libsystemd-login-dev has correct contents and dependencies.
++ Drop "isolation-machine" requirement.
++ * Use glibc's xattr support instead of requiring libattr. Fixes FTBFS with
++ latest glibc and libattr. Cherrypicked from trunk. Drop libattr1-dev build
++ dependency. (Closes: #756097)
++ * Build python3-systemd for Python 3 bindings. Drop python-systemd; it does
++ not have any reverse dependencies, and we want to encourage moving to
++ Python 3. (LP: #1258089)
++ * Add simple autopkgtest for python3-systemd.
++ * Add dbus dependency to libpam-systemd. (Closes: #755968)
++ * Fix /dev/cdrom symlink to appear for all types of drives, not just for
++ pure CD-ROM ones. Also, fix the symlinks to stay after change events.
++ (LP: #1323777)
++ * 75-persistent-net-generator.rules: Adjust Ravello interfaces; they don't
++ violate the assignment schema, they should just not be persistent.
++ Thanks to Boris Figovsky. (Closes: #747475, LP: #1317776)
++ * Reinstate patches to make logind D-BUS activatable.
++ * Re-add systemd-shim alternative dependency to libpam-systemd. Version it
++ to ensure cgmanager support. (Closes: #754984, LP: #1343802)
++ * Convert udev-finish.upstart from a task to a job, to avoid hangs with
++ startpar. (Closes: #756631)
++ * Add debian/extra/60-keyboard.hwdb: Latest keymaps from upstream git.
++ This makes it trivial to backport keymap fixes to stable releases.
++ (Closes: #657809; LP: #1322770, #1339998)
++ * udev.init: Create static device nodes, as this moved out of udevd.
++ Thanks to Michael Biebl for the script! (Closes: #749021)
++
++ -- Martin Pitt <mpitt@debian.org> Wed, 06 Aug 2014 13:33:22 +0200
++
++systemd (208-6) unstable; urgency=medium
++
++ [ Jon Severinsson ]
++ * Add v208-stable patch series.
++ - Update Debian patches to apply on top of v208-stable.
++ - Move new manpages to libsystemd-*-dev as appropriate.
++
++ [ Michael Biebl ]
++ * Upload to unstable.
++
++ -- Michael Biebl <biebl@debian.org> Wed, 16 Jul 2014 00:44:15 +0200
++
++systemd (208-5) experimental; urgency=medium
++
++ * Merge changes from unstable branch.
++
++ -- Michael Biebl <biebl@debian.org> Sat, 28 Jun 2014 13:41:32 +0200
++
++systemd (208-4) experimental; urgency=medium
++
++ * Merge changes from unstable branch.
++ * Drop alternative dependency on systemd-shim in libpam-systemd. The
++ systemd-shim package no longer provides an environment to run
++ systemd-logind standalone. See #752939 for further details.
++
++ -- Michael Biebl <biebl@debian.org> Sat, 28 Jun 2014 01:22:11 +0200
++
++systemd (208-3) experimental; urgency=medium
++
++ * Merge changes from unstable branch.
++
++ -- Michael Biebl <biebl@debian.org> Wed, 25 Jun 2014 11:29:07 +0200
++
++systemd (208-2) experimental; urgency=medium
++
++ [ Sjoerd Simons ]
++ * Don't stop a running user manager from garbage collecting the users. Fixes
++ long shutdown times when using a systemd user session
++
++ [ Michael Stapelberg ]
++ * Fix bug-script: “systemctl dump” is now “systemd-analyze dump”
++ (Closes: #748311)
++
++ [ Michael Biebl ]
++ * Merge changes from unstable branch.
++ * Cherry-pick upstream fixes to make sd_session_get_vt() actually work.
++
++ -- Michael Biebl <biebl@debian.org> Tue, 24 Jun 2014 17:45:26 +0200
++
++systemd (208-1) experimental; urgency=medium
++
++ [ Michael Biebl ]
++ * New upstream release. (Closes: #729566)
++ * Update patches.
++ * Update symbols files for libsystemd-journal and libsystemd-login.
++ * Install new files and remove the ones we don't use.
++ * Install zsh completion files. (Closes: #717540)
++ * Create a compat symlink /etc/sysctl.d/99-sysctl.conf as systemd-sysctl no
++ longer reads /etc/sysctl.conf.
++ * Bump Build-Depends on kmod to (>= 14).
++ * Bump Build-Depends on libcryptsetup-dev to (>= 2:1.6.0) for tcrypt
++ support.
++ * Make kmod-static-nodes.service check for the kmod binary since we don't
++ want a hard dependency on kmod e.g. for container installations.
++ * Disable various features which aren't required for the udeb build.
++ * Move new sd_pid_get_slice and sd_session_get_vt man pages into
++ libsystemd-login-dev.
++ * Make no-patch-numbers the default for gbp-pq.
++ * Adjust systemd-user pam config file for Debian.
++ This pam config file is used by libpam-systemd/systemd-logind when
++ launching systemd user instances.
++ * Drop patches to make logind D-Bus activatable. The cgroup handling has
++ been reworked in v205 and logind no longer creates cgroup hierarchies on
++ its own. That means that the standalone logind is no longer functional
++ without support from systemd (or an equivalent cgroup manager).
++
++ [ Martin Pitt ]
++ * Explain patch management in debian/README.source.
++
++ -- Michael Biebl <biebl@debian.org> Mon, 28 Apr 2014 00:22:57 +0200
++
++systemd (204-14) unstable; urgency=medium
++
++ * Fix SIGABRT in insserv generator caused by incorrect usage of strcat().
++ (Closes: #752992)
++ * Mark -dev packages as Multi-Arch: same. (Closes: #720017)
++
++ -- Michael Biebl <biebl@debian.org> Sat, 28 Jun 2014 13:22:43 +0200
++
++systemd (204-13) unstable; urgency=medium
++
++ * Switch back to load the sg module via the kmod builtin. The problem was
++ not that the kmod builtin is faster then modprobe but rather the incorrect
++ usage of the "=" assignment operator. We need to use "+=" here, so the sg
++ module is loaded in addition to other scsi modules, which are loaded via
++ the modalias rule. Thanks to Tommaso Colombo for the analysis.
++ * Cherry-pick upstream fix which prevents systemd from entering an infinite
++ loop when trying to break an ordering cycle. (Closes: #752259)
++ * Update insserv generator to not create any drop-in files for services
++ where the corresponding SysV init script does not exist.
++ * Drop the check for /sys/kernel/uevent_helper from postinst and the SysV
++ init script and do not unconditionally overwrite it in the initramfs hook.
++ Since a long time now udev has been using the netlink interface to
++ communicate with the kernel and with Linux 3.16 it is possible to disable
++ CONFIG_UEVENT_HELPER completely. (Closes: #752742)
++
++ -- Michael Biebl <biebl@debian.org> Sat, 28 Jun 2014 00:01:16 +0200
++
++systemd (204-12) unstable; urgency=medium
++
++ [ Martin Pitt ]
++ * Change the sg loading rule (for Debian #657948) back to using modprobe.
++ kmod is too fast and then sg races with sd, causing the latter to not see
++ SCSI disks. (Closes: #752591, #752605)
++
++ [ Michael Biebl ]
++ * Update udev bug-script to attach instead of paste extra info if a new
++ enough reportbug version is available.
++
++ -- Michael Biebl <biebl@debian.org> Wed, 25 Jun 2014 10:55:12 +0200
++
++systemd (204-11) unstable; urgency=medium
++
++ [ Martin Pitt ]
++ * Explain patch management in debian/README.source. (Closes: #739113)
++ * Replace "Always probe cpu support drivers" patch with cherry-picked
++ upstream fix which is more general.
++ * Advertise hibernation only if there's enough free swap. Patches backported
++ from current upstream. (LP: #1313522)
++ * Fix typo in sg loading rule to make it actually work.
++
++ [ Michael Biebl ]
++ * Make no-patch-numbers the default for gbp-pq.
++ * Cherry-pick upstream fix to properly handle multiline syslog messages.
++ (Closes: #746351)
++ * Cherry-pick upstream fix for libudev which fixes a memleak in
++ parent_add_child().
++ * Drop "-b debian" from Vcs-Git since we use the master branch for
++ packaging now.
++ * Drop Conflicts: sysvinit (<< 2.88dsf-44~) from systemd-sysv since this
++ breaks dist-upgrades from wheezy when switching from sysvinit to
++ systemd-sysv as default init. While downgrading the Pre-Depends in
++ sysvinit would have been an alternative, dropping the Conflicts and only
++ keeping the Replaces was deemed the lesser evil. (Closes: #748355)
++ * Use Conflicts instead of Breaks against sysvinit-core. This avoids
++ /sbin/init going missing when switching from systemd-sysv to sysvinit.
++ While at it, add a Replaces: upstart. (Closes: #751589)
++ * Make the SysV compat tools try both /run/initctl and /dev/initctl. This
++ makes them usable under sysvinit as PID 1 without requiring any symlinks.
++ * Various ifupdown integration fixes
++ - Use DefaultDependencies=no in ifup@.service so the service can be
++ started as early as possible.
++ - Create the ifupdown runtime directory in ifup@.service as we can no
++ longer rely on the networking service to do that for us.
++ - Don't stop ifup@.service on shutdown but let the networking service take
++ care of stopping all hotplugged interfaces.
++ - Only start ifup@.service for interfaces configured as allow-hotplug.
++
++ [ Michael Stapelberg ]
++ * Clarify that “systemd” does not influence init whereas “systemd-sysv” does
++ (Closes: #747741)
++
++ [ Ansgar Burchardt ]
++ * Don't use "set +e; set +u" unconditionally in the lsb init-functions hook
++ as this might change the behaviour of existing SysV init scripts.
++ (Closes: #751472)
++
++ -- Michael Biebl <biebl@debian.org> Tue, 24 Jun 2014 17:03:43 +0200
++
++systemd (204-10) unstable; urgency=medium
++
++ * In the udeb's udev.startup, make sure that /dev/pts exists.
++ * systemd-logind-launch: Set the #files ulimit, for unprivileged LXC
++ containers.
++ * Drop udev.NEWS, it only applies to pre-squeeze.
++ * Remove /var/log/udev on purge.
++ * Always probe cpu support drivers. (LP #1207705)
++ * On Dell PowerEdge systems, the iDRAC7 and later support a USB Virtual NIC
++ for management. Name this interface "idrac" to avoid confusion with "real"
++ network interfaces.
++ * Drop numerical prefixes from patches, to avoid future diff noise when
++ removing, cherry-picking, and merging patches. From now on, always use
++ "gbp-pq export --no-patch-numbers" to update them.
++
++ -- Martin Pitt <mpitt@debian.org> Sun, 27 Apr 2014 11:53:52 +0200
++
++systemd (204-9) unstable; urgency=medium
++
++ * The "Flemish Beef and Beer Stew" release.
++
++ [ Steve Langasek ]
++ * Do proper refcounting of the PAM module package on prerm, so that we
++ don't drop the module from the PAM config when uninstalling a
++ foreign-arch package. Related to Ubuntu bug #1295521.
++
++ [ Martin Pitt ]
++ * debian/udev.udev-finish.upstart: Fix path to tmp-rules,
++ debian/extra/rule_generator.functions creates them in /run/udev/.
++ * rules: Remove the kernel-install bits; we don't want that in Debian and
++ thus it shouldn't appear in dh_install --list-missing output.
++ * Ship sd-shutdown.h in libsystemd-daemon-dev.
++ * Run dh_install with --fail-missing, to avoid forgetting files when we move
++ to new versions.
++ * Mount /dev/pts with the correct permissions in the udev, to avoid needing
++ pt_chown (not available on all architectures). Thanks Adam Conrad.
++ * Add new block of Windows Azure ethernet hardware address to
++ 75-persistent-net-generator.rules. (LP: #1274348, Closes: #739018)
++ * Drop our Debian specific 60-persistent-storage{,-tape}.rules and use the
++ upstream rules. They are compatible and do a superset of the
++ functionality. (Closes: #645466)
++ * Drop our Debian specific 80-drivers.rules and use the upstream rules with
++ a patch for the sg module (see #657948). These now stop calling modprobe
++ and use the kmod builtin, giving some nice boot speed improvement.
++ (Closes: #717404)
++ * Drop our Debian specific 50-udev-default.rules and 91-permissions.rules
++ and use the upstream rules with a patch for the remaining Debian specific
++ default device permissions. Many thanks to Marco d'Itri for researching
++ which Debian-specific rules are obsolete! Amongst other things, this now
++ also reads the hwdb info for USB devices (Closes: #717405) and gets rid of
++ some syntax errors (Closes: #706221)
++ * Set default polling interval on removable devices as well, for kernels
++ which have "block" built in instead of being a module. (Closes: #713877)
++ * Make sd_login_monitor_new() work for logind without systemd.
++ * Cherry-pick upstream fix for polkit permissions for rebooting with
++ multiple sessions.
++ * Kill /etc/udev/links.conf, create_static_nodes, and associated code. It's
++ obsolete with devtmpfs (which is required now), and doesn't run with
++ systemd or upstart anyway.
++ * Drop unnecessary udev.dirs.
++ * Add autopkgtests for smoke-testing logind, hostnamed, timedated, localed,
++ and a compile/link/run test against libsystemd-login-dev.
++
++ [ Marco d'Itri ]
++ * preinst: check for all the system calls required by modern releases
++ of udev. (Closes: #648325)
++ * Updated fbdev-blacklist.conf for recent kernels.
++ * Do not blacklist viafb because it is required on the OLPC XO-1.5.
++ (Closes: #705792)
++ * Remove write_cd_rules and the associated rules which create "persistent"
++ symlinks for CD/DVD devices and replace them with more rules in
++ 60-cdrom_id, which will create symlinks for one at random among the
++ devices installed. Since the common case is having a single device
++ then everything will work out just fine most of the times...
++ (Closes: #655924)
++ * Fix write_net_rules for systemd and sysvinit users by copying the
++ temporary rules from /run/udev/ to /etc/udev/. (Closes: #735563)
++ * Do not install sysctl.d/50-default.conf because the systemd package
++ should not change kernel policies, at least until it will become
++ the only supported init system.
++
++ [ Michael Stapelberg ]
++ * Add systemd-dbg package, thanks Daniel Schaal (Closes: #742724).
++ * Switch from gitpkg to git-buildpackage. Update README.source accordingly.
++ * Make libpam-systemd depend on systemd-sysv | systemd-shim. Packages that
++ need logind functionality should depend on libpam-systemd.
++
++ [ Michael Biebl ]
++ * Do not send potentially private fstab information without prior user
++ confirmation. (Closes: #743158)
++ * Add support for LSB facilities defined by insserv.
++ Parse /etc/insserv.conf.d content and /etc/insserv.conf and generate
++ systemd unit drop-in files to add corresponding dependencies. Also ship
++ targets for the Debian specific $x-display-manager and
++ $mail-transport-agent system facilities. (Closes: #690892)
++ * Do not accidentally re-enable /var/tmp cleaning when migrating the TMPTIME
++ setting from /etc/default/rcS. Fix up existing broken configurations.
++ (Closes: #738862)
++
++ -- Michael Biebl <biebl@debian.org> Sat, 26 Apr 2014 21:37:29 +0200
++
++systemd (204-8) unstable; urgency=low
++
++ [ Michael Stapelberg ]
++ * move manpages from systemd to libsystemd-*-dev as appropriate
++ (Closes: #738723)
++ * fix systemctl enable/disable/… error message “Failed to issue method call:
++ No such file or directory” (the previous upload did actually not contain
++ this fix due to a merge conflict) (Closes: #738843)
++ * add explicit “Depends: sysv-rc” so that initscript’s “Depends: sysv-rc |
++ file-rc” will not be satisfied with file-rc. We need the invoke-rc.d and
++ update-rc.d from sysv-rc, file-rc’s doesn’t have support for systemd.
++ (Closes: #739679)
++ * set capabilities cap_dac_override,cap_sys_ptrace=ep for
++ systemd-detect-virt, so that it works for unprivileged users.
++ (Closes: #739699)
++ * pam: Check $XDG_RUNTIME_DIR owner (Closes: #731300)
++ * Ignore chkconfig headers entirely, they are often broken in Debian
++ (Closes: #634472)
++
++ [ Michael Biebl ]
++ * do a one-time migration of RAMTMP= from /etc/default/rcS and
++ /etc/default/tmpfs, i.e. enable tmp.mount (Closes: #738687)
++ * Bump Standards-Version to 3.9.5.
++
++ -- Michael Biebl <biebl@debian.org> Wed, 19 Mar 2014 18:57:35 +0100
++
++systemd (204-7) unstable; urgency=low
++
++ * fix systemctl enable/disable/… error message “Failed to issue method call:
++ No such file or directory” (Closes: #734809)
++ * bug-script: attach instead of paste extra info with reportbug ≥ 6.5.0
++ (Closes: #722530)
++ * add stage1 bootstrap support to avoid Build-Depends cycles (Thanks Daniel
++ Schepler)
++ * cherry-pick:
++ order remote mounts from mountinfo before remote-fs.target (77009452cfd)
++ (Closes: #719945)
++ Fix CPUShares configuration option (ccd90a976dba) (Closes: #737156)
++ fix reference in systemd-inhibit(1) (07b4b9b) (Closes: #738316)
++
++ -- Michael Stapelberg <stapelberg@debian.org> Tue, 11 Feb 2014 23:34:42 +0100
++
++systemd (204-6) unstable; urgency=low
++
++ [ Michael Stapelberg ]
++ * Run update-rc.d defaults before update-rc.d <enable|disable>
++ (Closes: #722523)
++ * preinst: preserve var-{lock,run}.mount when upgrading from 44 to 204
++ (Closes: #723936)
++ * fstab-generator: don’t rely on /usr being mounted in the initrd
++ (Closes: #724797)
++ * systemctl: mangle names when avoiding dbus (Closes: #723855)
++ * allow group adm read access on /var/log/journal (Closes: #717386)
++ * add systemd-journal group (Thanks Guido Günther) (Closes: #724668)
++ * copy /etc/localtime instead of symlinking (Closes: #726256)
++ * don’t try to start autovt units when not running with systemd as pid 1
++ (Closes: #726466)
++ * Add breaks/replaces for the new sysvinit-core package (Thanks Alf Gaida)
++ (Closes: #733240)
++ * Add myself to uploaders
++
++ [ Tollef Fog Heen ]
++ * Make 99-systemd.rules check for /run/systemd/systemd instead of the
++ ill-named cgroups directory.
++
++ [ Martin Pitt ]
++ * debian/udev.upstart: Fix path to udevd, the /sbin/udevd compat symlink
++ should go away at some point.
++ * debian/udev-udeb.install: Add 64-btrfs.rules and 75-probe_mtd.rules, they
++ are potentially useful in a d-i environment.
++ * debian/shlibs.local: Drop libudev; this unnecessarily generates overly
++ strict dependencies, the libudev ABI is stable.
++ * debian/extra/rules/75-persistent-net-generator.rules: Add Ravello systems
++ (LP: #1099278)
++
++ -- Michael Stapelberg <stapelberg@debian.org> Tue, 31 Dec 2013 14:39:44 +0100
++
++systemd (204-5) unstable; urgency=high
++
++ * Cherry-pick 72fd713 from upstream which fixes insecure calling of polkit
++ by avoiding a race condition in scraping /proc (CVE-2013-4327).
++ Closes: #723713
++
++ -- Michael Biebl <biebl@debian.org> Mon, 23 Sep 2013 11:59:53 +0200
++
++systemd (204-4) unstable; urgency=low
++
++ * Add preinst check to abort udev upgrade if the currently running kernel
++ lacks devtmpfs support. Since udev 176, devtmpfs is mandatory as udev no
++ longer creates any device nodes itself. This only affects self-compiled
++ kernels which now need CONFIG_DEVTMPFS=y. Closes: #722580
++ * Fix SysV init script to correctly mount a devtmpfs instead of tmpfs. This
++ only affects users without an initramfs, which usually is responsible for
++ mounting the devtmpfs. Closes: #722604
++ * Drop pre-squeeze upgrade code from maintainer scripts and simplify the
++ various upgrade checks.
++ * Suppress errors about unknown hwdb builtin. udev 196 introduced a new
++ "hwdb" builtin which is not understood by the old udev daemon.
++ * Add missing udeb line to shlibs.local. This ensures that udev-udeb gets a
++ proper dependency on libudev1-udeb and not libudev1. Closes: #722939
++ * Remove udev-udeb dependency from libudev1-udeb to avoid a circular
++ dependency between the two packages. This dependency was copied over from
++ the old udev-gtk-udeb package and no longer makes any sense since
++ libudev1-udeb only contains a library nowadays.
++
++ -- Michael Biebl <biebl@debian.org> Wed, 18 Sep 2013 00:05:21 +0200
++
++systemd (204-3) unstable; urgency=low
++
++ [ Michael Biebl ]
++ * Upload to unstable.
++ * Use /bin/bash in debug-shell.service as Debian doesn't have /sbin/sushell.
++ * Only import net.ifaces cmdline property for network devices.
++ * Generate strict dependencies between the binary packages using a
++ shlibs.local file and add an explicit versioned dependency on
++ libsystemd-login0 to systemd to ensure packages are upgraded in sync.
++ Closes: #719444
++ * Drop obsolete Replaces: libudev0 from udev package.
++ * Use correct paths for various binaries, like /sbin/quotaon, which are
++ installed in / and not /usr in Debian. Closes: #721347
++ * Don't install kernel-install(8) man page since we don't install the
++ corresponding binary either. Closes: #722180
++ * Cherry-pick upstream fixes to make switching runlevels and starting
++ reboot via ctrl-alt-del more robust.
++ * Cherry-pick upstream fix to properly apply ACLs to Journal files.
++ Closes: #717863
++
++ [ Michael Stapelberg ]
++ * Make systemctl enable|disable call update-rc.d for SysV init scripts.
++ Closes: #709780
++ * Don't mount /tmp as tmpfs by default and make it possible to enable this
++ feature via "systemctl enable tmp.mount". Closes: #718906
++
++ [ Daniel Schaal ]
++ * Add bug-script to systemd and udev. Closes: #711245
++
++ [ Ondrej Balaz ]
++ * Recognize discard option in /etc/crypttab. Closes: #719167
++
++ -- Michael Biebl <biebl@debian.org> Thu, 12 Sep 2013 00:13:11 +0200
++
++systemd (204-2) experimental; urgency=low
++
++ [ Daniel Schaal ]
++ * Enable verbose build logs. Closes: #717465
++ * Add handling of Message Catalog files to provide additional information
++ for log entries. Closes: #717427
++ * Remove leftover symlink to debian-enable-units.service. Closes: #717349
++
++ [ Michael Stapelberg ]
++ * Install 50-firmware.rules in the initramfs and udeb. Closes: #717635
++
++ [ Michael Biebl ]
++ * Don't pass static start priorities to dh_installinit anymore.
++ * Switch the hwdb trigger to interest-noawait.
++ * Remove obsolete support for configurable udev root from initramfs.
++ * Bind ifup@.service to the network device. This ensures that ifdown is run
++ when the device is removed and the service is stopped.
++ Closes: #660861, #703033
++ * Bump Standards-Version to 3.9.4. No further changes.
++ * Add Breaks against consolekit (<< 0.4.6-1) for udev-acl. Closes: #717385
++ * Make all packages Priority: optional, with the exception of udev and
++ libudev1, which remain Priority: important, and systemd-sysv, which
++ remains Priority: extra due to the conflict with sysvinit.
++ Closes: #717365
++ * Restart systemd-logind.service on upgrades due to changes in the
++ CreateSession D-Bus API between v44 and v204. Closes: #717403
++
++ -- Michael Biebl <biebl@debian.org> Wed, 24 Jul 2013 23:47:59 +0200
++
++systemd (204-1) experimental; urgency=low
++
++ * New upstream release. Closes: #675175, #675177
++ - In v183 the udev sources have been merged into the systemd source tree.
++ As a result, the udev binary packages will now be built from the systemd
++ source package. To align the version numbers 139 releases were skipped.
++ - For a complete list of changes, please refer to the NEWS file.
++ * Add Marco to Uploaders.
++ * Drop Suggests on the various python packages from systemd. The
++ systemd-analyze tool has been reimplemented in C.
++ * Add binary packages as found in the udev 175-7.2 source package.
++ * Wrap dependencies for better readability.
++ * Drop hard-coded Depends on libglib2.0-0 from gir1.2-gudev-1.0.
++ * Drop old Conflicts, Replaces and Breaks, which are no longer necessary.
++ * Make libgudev-1.0-dev depend on gir1.2-gudev-1.0 as per GObject
++ introspection mini-policy. Closes: #691313
++ * The hwdb builtin has replaced pci-db and usb-db in udev. Drop the
++ Recommends on pciutils and usbutils accordingly.
++ * Drop our faketime hack. Upstream uses a custom xsl style sheet now to
++ generate the man pages which no longer embeds the build date.
++ * Add Depends on libpam-runtime (>= 1.0.1-6) to libpam-systemd as we are
++ using pam-auth-update.
++ * Explicitly set Section and Priority for the udev binary package.
++ * Update Build-Depends:
++ - Drop libudev-dev, no longer required.
++ - Add gtk-doc-tools and libglib2.0-doc for the API documentation in
++ libudev and libgudev.
++ - Add libgirepository1.0-dev and gobject-introspection for GObject
++ introspection support in libgudev.
++ - Add libgcrypt11-dev for encryption support in the journal.
++ - Add libblkid-dev for the blkid udev builtin.
++ * Use gir dh addon to ensure ${gir:Depends} is properly set.
++ * Rename libudev0 → libudev1 for the SONAME bump.
++ * Update symbols files. libudev now uses symbols versioning as the other
++ libsystemd libraries. The libgudev-1.0-0 symbols file has been copied from
++ the old udev package.
++ * Run gtkdocize on autoreconf.
++ * Enable python bindings for the systemd libraries and ship them in a new
++ package named python-systemd.
++ * Tighten Depends on libsystemd-id128-dev for libsystemd-journal-dev as per
++ libsystemd-journal.pc.
++ * Remove obsolete bash-completion scripts on upgrades. Nowadays they are
++ installed in /usr/share/bash-completion/completions.
++ * Rename conffiles for logind and journald.
++ * Rename udev-gtk-udeb → libudev1-udeb to better reflect its actual contents.
++ * Build two flavours: a regular build and one for the udev udebs with
++ reduced features/dependencies.
++ * Create a few compat symlinks for the udev package, most notably
++ /sbin/udevadm and /sbin/udevd.
++ * Remove the dpkg-triggered debian-enable-units script. This was a temporary
++ workaround for wheezy. Packages should use dh-systemd now to properly
++ integrate service files with systemd.
++ * Update debian/copyright using the machine-readable copyright format 1.0.
++ * Integrate changes from udev 175-7 and acknowledge the 175-7.1 and 175-7.2
++ non-maintainer uploads.
++ * Keep the old persistent network interface naming scheme for now and make
++ the new one opt-in via net.ifnames=1 on the kernel command line.
++ * Drop the obsolete udev-mtab SysV init script and properly clean up on
++ upgrades.
++ * Simplify the udev SysV init script and remove experimental and obsolete
++ features.
++ * Revert upstream commits which dropped support for distro specific
++ features and config files.
++ * Make logind, hostnamed, localed and timedated D-Bus activatable and
++ usable when systemd is not running.
++ * Store hwdb binary database in /lib/udev, not /etc/udev. Create the file on
++ install and upgrades.
++ * Provide a dpkg file trigger for hwdb, so the database is automatically
++ updated when packages install files into /lib/udev/hwdb.d.
++
++ -- Michael Biebl <biebl@debian.org> Fri, 19 Jul 2013 00:32:36 +0200
++
++systemd (44-12) unstable; urgency=low
++
++ * Cherry-pick e17187 from upstream to fix build failures with newer glibc
++ where the clock_* symbols have been moved from librt to libc.
++ Closes: #701364
++ * If the new init-system-helpers package is installed, make the
++ debian-enable-units script a no-op. The auto-enabler was meant as a
++ temporary workaround and will be removed once all packages use the new
++ helper.
++ * Update the checks which test if systemd is the active init. The
++ recommended check is [ -d /run/systemd/system ] as this will also work
++ with a standalone systemd-logind.
++ * Set Maintainer to pkg-systemd-maintainers@lists.alioth.debian.org. Add
++ Tollef and myself as Uploaders.
++ * Stop building the GUI bits. They have been split into a separate source
++ package called systemd-ui.
++
++ -- Michael Biebl <biebl@debian.org> Thu, 20 Jun 2013 01:32:16 +0200
++
++systemd (44-11) unstable; urgency=low
++
++ * Team upload.
++ * Run debian-enable-units.service after sysinit.target to ensure our tmp
++ files aren't nuked by systemd-tmpfiles.
++ * The mountoverflowtmp SysV init script no longer exists so remove that
++ from remount-rootfs.service to avoid an unnecessary diff to upstream.
++ * Do not fail on purge if /var/lib/systemd is empty and has been removed
++ by dpkg.
++
++ -- Michael Biebl <biebl@debian.org> Wed, 13 Mar 2013 08:03:06 +0100
++
++systemd (44-10) unstable; urgency=low
++
++ * Team upload.
++ * Using the return code of "systemctl is-enabled" to determine whether we
++ enable a service or not is unreliable since it also returns a non-zero
++ exit code for masked services. As we don't want to enable masked services,
++ grep for the string "disabled" instead.
++
++ -- Michael Biebl <biebl@debian.org> Fri, 15 Feb 2013 17:01:24 +0100
++
++systemd (44-9) unstable; urgency=low
++
++ * Team upload.
++ * Fix typo in systemd.socket man page. Closes: #700038
++ * Use color specification in "systemctl dot" which is actually
++ understood by dot. Closes: #643689
++ * Fix mounting of remote filesystems like NFS. Closes: #673309
++ * Use a file trigger to automatically enable service and socket units. A lot
++ of packages simply install systemd units but do not enable them. As a
++ result they will be inactive after the next boot. This is a workaround for
++ wheezy which will be removed again in jessie. Closes: #692150
++
++ -- Michael Biebl <biebl@debian.org> Fri, 15 Feb 2013 13:35:39 +0100
++
++systemd (44-8) unstable; urgency=low
++
++ * Team upload.
++ * Use comment=systemd.* syntax in systemd.mount man page. The
++ mount/util-linux version in wheezy is not recent enough to support the new
++ x-systemd* syntax. Closes: #697141
++ * Don't enable persistent storage of journal log files. The journal in v44
++ is not yet mature enough.
++
++ -- Michael Biebl <biebl@debian.org> Sat, 19 Jan 2013 20:05:05 +0100
++
++systemd (44-7) unstable; urgency=low
++
++ * Fix a regression in the init-functions hook wrt reload handling that was
++ introduced when dropping the X-Interactive hack. Closes: #696355
++
++ -- Michael Biebl <biebl@debian.org> Fri, 21 Dec 2012 00:00:12 +0100
++
++systemd (44-6) unstable; urgency=low
++
++ [ Michael Biebl ]
++ * No longer ship the /sys directory in the systemd package since it is
++ provided by base-files nowadays.
++ * Don't run udev rules if systemd is not active.
++ * Converting /var/run, /var/lock and /etc/mtab to symlinks is a one-time
++ migration so don't run the debian-fixup script on every boot.
++
++ [ Tollef Fog Heen ]
++ * Prevent the systemd package from being removed if it's the active init
++ system, since that doesn't work.
++
++ [ Michael Biebl ]
++ * Use a separate tmpfs for /run/lock (size 5M) and /run/user (size 100M).
++ Those directories are user-writable which could lead to DoS by filling up
++ /run. Closes: #635131
++
++ -- Michael Biebl <biebl@debian.org> Sun, 16 Dec 2012 21:58:37 +0100
++
++systemd (44-5) unstable; urgency=low
++
++ * Team upload.
++
++ [ Tollef Fog Heen ]
++ * disable killing on entering START_PRE, START, thanks to Michael
++ Stapelberg for patch. This avoids killing VMs run through libvirt
++ when restarting libvirtd. Closes: #688635.
++ * Avoid reloading services when shutting down, since that won't work and
++ makes no sense. Thanks to Michael Stapelberg for the patch.
++ Closes: #635777.
++ * Try to determine which init scripts support the reload action
++ heuristically. Closes: #686115, #650382.
++
++ [ Michael Biebl ]
++ * Update Vcs-* fields, the Git repository is hosted on alioth now. Set the
++ default branch to "debian".
++ * Avoid reload and (re)start requests during early boot which can lead to
++ deadlocks. Closes: #624599
++ * Make systemd-cgroup work even if not all cgroup mounts are available on
++ startup. Closes: #690916
++ * Fix typos in the systemd.path and systemd.unit man page. Closes: #668344
++ * Add watch file to track new upstream releases.
++
++ -- Michael Biebl <biebl@debian.org> Thu, 25 Oct 2012 21:41:23 +0200
++
++systemd (44-4) unstable; urgency=low
++
++ [ Michael Biebl ]
++ * Override timestamp for man page building, thereby avoiding skew
++ between architectures which caused problems for multi-arch.
++ Closes: #680011
++
++ [ Tollef Fog Heen ]
++ * Move diversion removal from postinst to preinst. Closes: #679728
++ * Prevent the journal from crashing when running out of disk space.
++ This is 499fb21 from upstream. Closes: #668047.
++ * Stop mounting a tmpfs on /media. Closes: #665943
++
++ -- Tollef Fog Heen <tfheen@debian.org> Sun, 01 Jul 2012 08:17:50 +0200
++
++systemd (44-3) unstable; urgency=low
++
++ [ Michael Biebl ]
++ * Bump to debhelper 9.
++ * Convert to Multi-Arch: same where possible. Closes: #676615
++
++ [ Tollef Fog Heen ]
++ * Cherry-pick d384c7 from upstream to stop journald from leaking
++ memory. Thanks to Andreas Henriksson for testing. Closes: #677701
++ * Ship lsb init script override/integration in /lib/lsb/init-functions.d
++ rather than diverting /lib/lsb/init-functions itself. Add appropriate
++ Breaks to ensure upgrades happen.
++
++ -- Tollef Fog Heen <tfheen@debian.org> Fri, 29 Jun 2012 22:34:16 +0200
++
++systemd (44-2) unstable; urgency=low
++
++ [ Michael Biebl ]
++ * Tighten the versions in the maintscript file
++ * Ship the /sys directory in the package
++ * Re-add workaround for non-interactive PAM sessions
++ * Mask checkroot-bootclean (Closes: #670591)
++ * Don't ignore errores in systemd-sysv postinst
++
++ [ Tollef Fog Heen ]
++ * Bring tmpfiles.d/tmp.conf in line with Debian defaults. Closes: #675422
++ * Make sure /run/sensigs.omit.d exists.
++ * Add python-dbus and python-cairo to Suggests, for systemd-analyze.
++ Closes: #672965
++
++ -- Tollef Fog Heen <tfheen@debian.org> Tue, 08 May 2012 18:04:22 +0200
++
++systemd (44-1) unstable; urgency=low
++
++ [ Tollef Fog Heen ]
++ * New upstream version.
++ - Backport 3492207: journal: PAGE_SIZE is not known on ppc and other
++ archs
++ - Backport 5a2a2a1: journal: react with immediate rotation to a couple
++ of more errors
++ - Backport 693ce21: util: never follow symlinks in rm_rf_children()
++ Fixes CVE-2012-1174, closes: #664364
++ * Drop output message from init-functions hook, it's pointless.
++ * Only rmdir /lib/init/rw if it exists.
++ * Explicitly order debian-fixup before sysinit.target to prevent a
++ possible race condition with the creation of sockets. Thanks to
++ Michael Biebl for debugging this.
++ * Always restart the initctl socket on upgrades, to mask sysvinit
++ removing it.
++
++ [ Michael Biebl ]
++ * Remove workaround for non-interactive sessions from pam config again.
++ * Create compat /dev/initctl symlink in case we are upgrading from a system
++ running a newer version of sysvinit (using /run/initctl) and sysvinit is
++ replaced with systemd-sysv during the upgrade. Closes: #663219
++ * Install new man pages.
++ * Build-Depend on valac (>= 0.12) instead of valac-0.12. Closes: #663323
++
++ -- Tollef Fog Heen <tfheen@debian.org> Tue, 03 Apr 2012 19:59:17 +0200
++
++systemd (43-1) experimental; urgency=low
++
++ [ Tollef Fog Heen ]
++ * Target upload at experimental due to libkmod dependency
++ * New upstream release
++ - Update bash-completion for new verbs and arguments. Closes: #650739
++ - Fixes local DoS (CVE-2012-1101). Closes: #662029
++ - No longer complains if the kernel lacks audit support. Closes: #642503
++ * Fix up git-to-source package conversion script which makes gitpkg
++ happier.
++ * Add libkmod-dev to build-depends
++ * Add symlink from /bin/systemd to /lib/systemd/systemd.
++ * Add --with-distro=debian to configure flags, due to no /etc/os-release
++ yet.
++ * Add new symbols for libsystemd-login0 to symbols file.
++ * Install a tmpfiles.d file for the /dev/initctl → /run/initctl
++ migration. Closes: #657979
++ * Disable coredump handling, it's not ready yet.
++ * If /run is a symlink, don't try to do the /var/run → /run migration.
++ Ditto for /var/lock → /run/lock. Closes: #647495
++
++ [ Michael Biebl ]
++ * Add Build-Depends on liblzma-dev for journal log compression.
++ * Add Build-Depends on libgee-dev, required to build systemadm.
++ * Bump Standards-Version to 3.9.2. No further changes.
++ * Add versioned Build-Depends on automake and autoconf to ensure we have
++ recent enough versions. Closes: #657284
++ * Add packages for libsystemd-journal and libsystemd-id128.
++ * Update symbols file for libsystemd-login.
++ * Update configure flags, use rootprefix instead of rootdir.
++ * Copy intltool files instead of symlinking them.
++ * Re-indent init-functions script.
++ * Remove workarounds for services using X-Interactive. The LSB X-Interactive
++ support turned out to be broken and has been removed upstream so we no
++ longer need any special handling for those type of services.
++ * Install new systemd-journalctl, systemd-cat and systemd-cgtop binaries.
++ * Install /var/lib/systemd directory.
++ * Install /var/log/journal directory where the journal files are stored
++ persistently.
++ * Setup systemd-journald to not read from /proc/kmsg (ImportKernel=no).
++ * Avoid error messages from systemctl in postinst if systemd is not running
++ by checking for /sys/fs/cgroup/systemd before executing systemctl.
++ Closes: #642749
++ * Stop installing lib-init-rw (auto)mount units and try to cleanup
++ /lib/init/rw in postinst. Bump dependency on initscripts accordingly.
++ Closes: #643699
++ * Disable pam_systemd for non-interactive sessions to work around an issue
++ with sudo.
++ * Use new dh_installdeb maintscript facility to handle obsolete conffiles.
++ Bump Build-Depends on debhelper accordingly.
++ * Rename bash completion file systemctl-bash-completion.sh →
++ systemd-bash-completion.sh.
++ * Update /sbin/init symlink. The systemd binary was moved to $pkglibdir.
++
++ -- Tollef Fog Heen <tfheen@debian.org> Tue, 07 Feb 2012 21:36:34 +0100
++
++systemd (37-1.1) unstable; urgency=low
++
++ * Non-maintainer upload with Tollef's consent.
++ * Remove --parallel to workaround a bug in automake 1.11.3 which doesn't
++ generate parallel-safe build rules. Closes: #661842
++ * Create a compat symlink /run/initctl → /dev/initctl to work with newer
++ versions of sysvinit. Closes: #657979
++
++ -- Michael Biebl <biebl@debian.org> Sat, 03 Mar 2012 17:42:10 +0100
++
++systemd (37-1) unstable; urgency=low
++
++ [ Tollef Fog Heen ]
++ * New upstream version
++ * Change the type of the debian-fixup service to oneshot.
++ Closes: #642961
++ * Add ConditionPathIsDirectory to lib-init-rw.automount and
++ lib-init-rw.mount so we only activate the unit if the directory
++ exists. Closes: #633059
++ * If a sysv service exists in both rcS and rcN.d runlevels, drop the
++ rcN.d ones to avoid loops. Closes: #637037
++ * Blacklist fuse init script, we do the same work already internally.
++ Closes: #643700
++ * Update README.Debian slightly for /run rather than /lib/init/rw
++
++ [ Josh Triplett ]
++ * Do a one-time migration of the $TMPTIME setting from /etc/default/rcS to
++ /etc/tmpfiles.d/tmp.conf. If /etc/default/rcS has a TMPTIME setting of
++ "infinite" or equivalent, migrate it to an /etc/tmpfiles.d/tmp.conf that
++ overrides the default /usr/lib/tmpfiles.d/tmp.conf and avoids clearing
++ /tmp. Closes: #643698
++
++ -- Tollef Fog Heen <tfheen@debian.org> Wed, 28 Sep 2011 20:04:13 +0200
++
++systemd (36-1) unstable; urgency=low
++
++ [ Tollef Fog Heen ]
++ * New upstream release. Closes: #634618
++ - Various man page fixes. Closes: #623521
++ * Add debian-fixup service that symlinks mtab to /proc/mounts and
++ migrates /var/run and /var/lock to symlinks to /run
++
++ [ Michael Biebl ]
++ * Build for libnotify 0.7.
++ * Bump Build-Depends on libudev to (>= 172).
++ * Add Build-Depends on libacl1-dev. Required for building systemd-logind
++ with ACL support.
++ * Split libsystemd-login and libsystemd-daemon into separate binary
++ packages.
++ * As autoreconf doesn't like intltool, override dh_autoreconf and call
++ intltoolize and autoreconf ourselves.
++ * Add Build-Depends on intltool.
++ * Do a one-time migration of the hwclock configuration. If UTC is set to
++ "no" in /etc/default/rcS, create /etc/adjtime and add the "LOCAL" setting.
++ * Remove /cgroup cleanup code from postinst.
++ * Add Build-Depends on gperf.
++
++ -- Tollef Fog Heen <tfheen@debian.org> Wed, 14 Sep 2011 08:25:17 +0200
++
++systemd (29-1) unstable; urgency=low
++
++ [ Tollef Fog Heen ]
++ * New upstream version, Closes: #630510
++ - Includes typo fixes in documentation. Closes: #623520
++ * Fall back to the init script reload function if a native .service file
++ doesn't know how to reload. Closes: #628186
++ * Add hard dependency on udev. Closes: #627921
++
++ [ Michael Biebl ]
++ * hwclock-load.service is no longer installed, so we don't need to remove it
++ anymore in debian/rules.
++ * Install /usr/lib directory for binfmt.d, modules-load.d, tmpfiles.d and
++ sysctl.d.
++ * Remove obsolete conffiles from /etc/tmpfiles.d on upgrades. Those files
++ are installed in /usr/lib/tmpfiles.d now.
++ * Depend on util-linux (>= 2.19.1-2) which provides whole-disk locking
++ support in fsck and remove our revert patch.
++ * Don't choke when systemd was compiled with a different CAP_LAST_CAP then
++ what it is run with. Patch cherry-picked from upstream Git.
++ Closes: #628081
++ * Enable dev-hugepages.automount and dev-mqueue.automount only when enabled
++ in kernel. Patch cherry-picked from upstream Git. Closes: #624522
++
++ -- Tollef Fog Heen <tfheen@debian.org> Wed, 08 Jun 2011 16:14:31 +0200
++
++systemd (25-2) experimental; urgency=low
++
++ * Handle downgrades more gracefully by removing diversion of
++ /lib/lsb/init-functions on downgrades to << 25-1.
++ * Cherry-pick a133bf10d09f788079b82f63faa7058a27ba310b from upstream,
++ avoids assert when dumping properties. Closes: #624094
++ * Remove "local" in non-function context in init-functions wrapper.
++
++ -- Tollef Fog Heen <tfheen@debian.org> Wed, 27 Apr 2011 22:20:04 +0200
++
++systemd (25-1) experimental; urgency=low
++
++ * New upstream release, target experimental due to initscripts
++ dependency.
++ - Fixes where to look for locale config. Closes: #619166
++ * Depend on initscripts >= 2.88dsf-13.4 for /run transition.
++ * Add Conflicts on klogd, since it doesn't work correctly with the
++ kmg→/dev/log bridge. Closes: #622555
++ * Add suggests on Python for systemd-analyze.
++ * Divert /lib/lsb/init-functions instead of (ab)using
++ /etc/lsb-base-logging.sh for diverting calls to /etc/init.d/*
++ * Remove obsolete conffile /etc/lsb-base-logging.sh. Closes: #619093
++ * Backport 3a90ae048233021833ae828c1fc6bf0eeab46197 from master:
++ mkdir /run/systemd/system when starting up
++
++ -- Tollef Fog Heen <tfheen@debian.org> Sun, 24 Apr 2011 09:02:04 +0200
++
++systemd (20-1) unstable; urgency=low
++
++ * New upstream version
++ * Install systemd-machine-id-setup
++ * Call systemd-machine-id-setup in postinst
++ * Cherry-pick b8a021c9e276adc9bed5ebfa39c3cab0077113c6 from upstream to
++ prevent dbus assert error.
++ * Enable TCP wrapper support. Closes: #618409
++ * Enable SELinux support. Closes: #618412
++ * Make getty start after Apache2 and OpenVPN (which are the only two
++ known users of X-Interactive: yes). Closes: #618419
++
++ -- Tollef Fog Heen <tfheen@debian.org> Fri, 11 Mar 2011 19:14:21 +0100
++
++systemd (19-1) experimental; urgency=low
++
++ * New upstream release
++ * Add systemd-tmpfiles to systemd package.
++ * Add ifup@.service for handling hotplugged interfaces from
++ udev. Closes: #610871
++ * Mask mtab.service and udev-mtab.service as they are pointless when
++ /etc/mtab is a symlink to /proc/mounts
++ * Add breaks on lvm2 (<< 2.02.84-1) since older versions have udev rules
++ that don't work well with systemd causing delays on bootup.
++
++ -- Tollef Fog Heen <tfheen@debian.org> Thu, 17 Feb 2011 07:36:22 +0100
++
++systemd (17-1) experimental; urgency=low
++
++ [ Tollef Fog Heen ]
++ * New upstream release
++ * Clarify ifupdown instructions in README.Debian somewhat.
++ Closes: #613320
++ * Silently skip masked services in lsb-base-logging.sh instead of
++ failing. Initial implementation by Michael Biebl. Closes: #612551
++ * Disable systemd-vconsole-setup.service for now.
++
++ [ Michael Biebl ]
++ * Bump build dependency on valac-0.10 to (>= 0.10.3).
++ * Improve regex in lsb-base-logging.sh for X-Interactive scripts.
++ Closes: #613325
++
++ -- Tollef Fog Heen <tfheen@debian.org> Wed, 16 Feb 2011 21:06:16 +0100
++
++systemd (16-1) experimental; urgency=low
++
++ [ Tollef Fog Heen ]
++ * New upstream release. Closes: #609611
++ * Get rid of now obsolete patches that are upstream.
++ * Use the built-in cryptsetup support in systemd, build-depend on
++ libcryptsetup-dev (>= 2:1.2.0-1) to get a libcryptsetup in /lib.
++ * Don't use systemctl redirect for init scripts with X-Interactive: true
++
++ [ Michael Biebl ]
++ * Update package description
++ * Use v8 debhelper syntax
++ * Make single-user mode work
++ * Run hwclock-save.service on shutdown
++ * Remove dependencies on legacy sysv mount scripts, as we use native
++ mounting.
++
++ -- Tollef Fog Heen <tfheen@debian.org> Sun, 16 Jan 2011 11:04:13 +0100
++
++systemd (15-1) UNRELEASED; urgency=low
++
++ [ Tollef Fog Heen ]
++ * New upstream version, thanks a lot to Michael Biebl for help with
++ preparing this version.
++ - This version handles cycle breaking better. Closes: #609225
++ * Add libaudit-dev to build-depends
++ * /usr/share/systemd/session has been renamed to /usr/share/systemd/user
++ upstream, adjust build system accordingly.
++ * Remove -s from getty serial console invocation.
++ * Add dependency on new util-linux to make sure /sbin/agetty exists
++ * Don't mount /var/lock with gid=lock (Debian has no such group).
++ * Document problem with ifupdown's /etc/network/run being a normal
++ directory.
++
++ [ Michael Biebl ]
++ * Revert upstream change which requires libnotify 0.7 (not yet available in
++ Debian).
++ * Use dh-autoreconf for updating the build system.
++ * Revert upstream commit which uses fsck -l (needs a newer version of
++ util-linux).
++ * Explicitly disable cryptsetup support to not accidentally pick up a
++ libcryptsetup dependency in a tainted build environment, as the library
++ is currently installed in /usr/lib.
++ * Remove autogenerated man pages and vala C sources, so they are rebuilt.
++ * Use native systemd mount support:
++ - Use MountAuto=yes and SwapAuto=yes (default) in system.conf
++ - Mask SysV init mount, check and cleanup scripts.
++ - Create an alias (symlink) for checkroot (→ remount-rootfs.service) as
++ synchronization point for SysV init scripts.
++ * Mask x11-common, rmnologin, hostname, bootmisc and bootlogd.
++ * Create an alias for procps (→ systemd-sysctl.service) and
++ urandom (→ systemd-random-seed-load.service).
++ * Create an alias for module-init-tools (→ systemd-modules-load.service) and
++ a symlink from /etc/modules-load.d/modules.conf → /etc/modules.
++ * Install lsb-base hook which redirects calls to SysV init scripts to
++ systemctl: /etc/init.d/<foo> <action> → systemctl <action> <foo.service>
++ * Install a (auto)mount unit to mount /lib/init/rw early during boot.
++
++ -- Tollef Fog Heen <tfheen@debian.org> Sat, 20 Nov 2010 09:28:01 +0100
++
++systemd (11-2) UNRELEASED; urgency=low
++
++ * Tighten depends from systemd-* on systemd to ensure they're upgraded
++ in lockstep. Thanks to Michael Biebl for the patch.
++ * Add missing #DEBHELPER# token to libpam-systemd
++ * Stop messing with runlevel5/multi-user.target symlink, this is handled
++ correctly upstream.
++ * Stop shipping /cgroup in the package.
++ * Remove tmpwatch services, Debian doesn't have or use tmpwatch.
++ * Make sure to enable GTK bits.
++ * Ship password agent
++ * Clean up cgroups properly on upgrades, thanks to Michael Biebl for the
++ patch. Closes: #599577
++
++ -- Tollef Fog Heen <tfheen@debian.org> Tue, 02 Nov 2010 21:47:10 +0100
++
++systemd (11-1) experimental; urgency=low
++
++ * New upstream version. Closes: #597284
++ * Add pam-auth-update calls to libpam-systemd's postinst and prerm
++ * Make systemd-sysv depend on systemd
++ * Now mounts the cgroup fs in /sys/fs/cgroup. Closes: #595966
++ * Add libnotify-dev to build-depends (needed for systemadm)
++
++ -- Tollef Fog Heen <tfheen@debian.org> Thu, 07 Oct 2010 22:01:19 +0200
++
++systemd (8-2) experimental; urgency=low
++
++ * Hardcode udev rules dir in configure call.
++ * Remove README.source as it's no longer accurate.
++
++ -- Tollef Fog Heen <tfheen@debian.org> Mon, 30 Aug 2010 21:10:26 +0200
++
++systemd (8-1) experimental; urgency=low
++
++ * New upstream release
++ * Only ship the top /cgroup
++ * Pass --with-rootdir= to configure, to make it think / is / rather
++ than //
++ * Add PAM module package
++ * Fix up dependencies in local-fs.target. Closes: #594420
++ * Move systemadm to its own package. Closes: #588451
++ * Update standards-version (no changes needed)
++ * Update README.Debian to explain how to use systemd.
++ * Add systemd-sysv package that provides /sbin/init and friends.
++
++ -- Tollef Fog Heen <tfheen@debian.org> Sat, 07 Aug 2010 07:31:38 +0200
++
++systemd (0~git+20100605+dfd8ee-1) experimental; urgency=low
++
++ * Initial release, upload to experimental. Closes: #580814
++
++ -- Tollef Fog Heen <tfheen@debian.org> Fri, 30 Apr 2010 21:02:25 +0200
--- /dev/null
--- /dev/null
++10
--- /dev/null
--- /dev/null
++Source: systemd
++Section: admin
++Priority: optional
++Maintainer: Debian systemd Maintainers <pkg-systemd-maintainers@lists.alioth.debian.org>
++Uploaders: Michael Biebl <biebl@debian.org>,
++ Marco d'Itri <md@linux.it>,
++ Sjoerd Simons <sjoerd@debian.org>,
++ Martin Pitt <mpitt@debian.org>,
++ Felipe Sateler <fsateler@debian.org>
++Standards-Version: 4.4.1
++Rules-Requires-Root: no
++Vcs-Git: https://salsa.debian.org/systemd-team/systemd.git
++Vcs-Browser: https://salsa.debian.org/systemd-team/systemd
++Homepage: https://www.freedesktop.org/wiki/Software/systemd
++Build-Depends: debhelper (>= 10.4~),
++ pkg-config,
++ xsltproc,
++ docbook-xsl,
++ docbook-xml,
++ m4,
++ meson (>= 0.49),
++ gettext,
++ gperf,
++ gnu-efi [amd64 i386 arm64],
++ libcap-dev (>= 1:2.24-9~),
++ libpam0g-dev,
++ libapparmor-dev (>= 2.9.0-3+exp2) <!stage1>,
++ libidn2-dev <!stage1>,
++ libiptc-dev <!stage1>,
++ libaudit-dev <!stage1>,
++ libdbus-1-dev (>= 1.3.2) <!nocheck>,
++ libcryptsetup-dev (>= 2:1.6.0) <!stage1>,
++ libselinux1-dev (>= 2.1.9),
++ libacl1-dev,
++ liblzma-dev,
++ liblz4-dev (>= 0.0~r125),
++ liblz4-tool <!nocheck>,
++ libbz2-dev <!stage1>,
++ zlib1g-dev <!stage1> | libz-dev <!stage1>,
++ libcurl4-gnutls-dev <!stage1> | libcurl-dev <!stage1>,
++ libmicrohttpd-dev <!stage1>,
++ libgnutls28-dev <!stage1>,
++ libpcre2-dev <!stage1>,
++ libgcrypt20-dev,
++ libkmod-dev (>= 15),
++ libblkid-dev (>= 2.24),
++ libmount-dev (>= 2.30),
++ libseccomp-dev (>= 2.3.1) [amd64 arm64 armel armhf i386 mips mipsel mips64 mips64el x32 powerpc ppc64 ppc64el s390x],
++ libdw-dev (>= 0.158) <!stage1>,
++ libpolkit-gobject-1-dev <!stage1>,
++ linux-base <!nocheck>,
++ acl <!nocheck>,
++ python3:native,
++ python3-lxml:native,
++ python3-pyparsing <!nocheck>,
++ python3-evdev <!nocheck>,
++ tzdata <!nocheck>,
++ libcap2-bin <!nocheck>,
++ iproute2 <!nocheck>,
++
++Package: systemd
++Architecture: linux-any
++Multi-Arch: foreign
++Section: admin
++Priority: important
++Recommends: libpam-systemd,
++ dbus
++Suggests: systemd-container,
++ policykit-1
++Pre-Depends: ${shlibs:Pre-Depends},
++ ${misc:Pre-Depends}
++Depends: ${shlibs:Depends},
++ ${misc:Depends},
++ libsystemd0 (= ${binary:Version}),
++ util-linux (>= 2.27.1),
++ mount (>= 2.26),
++ adduser,
++Conflicts: consolekit,
++ libpam-ck-connector,
++Breaks: systemd-shim (<< 10-4~),
++ python-dbusmock (<< 0.18),
++ python3-dbusmock (<< 0.18),
++Description: system and service manager
++ systemd is a system and service manager for Linux. It provides aggressive
++ parallelization capabilities, uses socket and D-Bus activation for starting
++ services, offers on-demand starting of daemons, keeps track of processes using
++ Linux control groups, maintains mount and automount points and implements an
++ elaborate transactional dependency-based service control logic.
++ .
++ systemd is compatible with SysV and LSB init scripts and can work as a
++ drop-in replacement for sysvinit.
++ .
++ Installing the systemd package will not switch your init system unless you
++ boot with init=/bin/systemd or install systemd-sysv in addition.
++
++Package: systemd-sysv
++Architecture: linux-any
++Multi-Arch: foreign
++Section: admin
++Priority: important
++Conflicts: sysvinit-core,
++ upstart (<< 1.13.2-0ubuntu10~),
++ file-rc,
++ systemd-shim,
++Replaces: sysvinit-core,
++ upstart (<< 1.13.2-0ubuntu10~),
++Pre-Depends: systemd
++Depends: ${shlibs:Depends},
++ ${misc:Depends}
++Recommends: libnss-systemd
++Description: system and service manager - SysV links
++ systemd is a system and service manager for Linux. It provides aggressive
++ parallelization capabilities, uses socket and D-Bus activation for starting
++ services, offers on-demand starting of daemons, keeps track of processes using
++ Linux control groups, maintains mount and automount points and implements an
++ elaborate transactional dependency-based service control logic.
++ .
++ systemd is compatible with SysV and LSB init scripts and can work as a
++ drop-in replacement for sysvinit.
++ .
++ This package provides the manual pages and links needed for systemd
++ to replace sysvinit. Installing systemd-sysv will overwrite /sbin/init with a
++ link to systemd.
++
++Package: systemd-container
++Build-Profiles: <!stage1>
++Architecture: linux-any
++Multi-Arch: foreign
++Section: admin
++Priority: optional
++Depends: ${shlibs:Depends},
++ ${misc:Depends},
++ systemd,
++ dbus
++Recommends: btrfs-progs,
++ libnss-mymachines,
++Description: systemd container/nspawn tools
++ This package provides systemd's tools for nspawn and container/VM management:
++ * systemd-nspawn
++ * systemd-machined and machinectl
++ * systemd-importd
++ * systemd-portabled and portablectl
++
++Package: systemd-journal-remote
++Build-Profiles: <!stage1>
++Architecture: linux-any
++Multi-Arch: foreign
++Section: admin
++Priority: optional
++Depends: ${shlibs:Depends},
++ ${misc:Depends},
++ systemd,
++ adduser
++Breaks: systemd (<< 239-6)
++Replaces: systemd (<< 239-6)
++Description: tools for sending and receiving remote journal logs
++ This package provides tools for sending and receiving remote journal logs:
++ * systemd-journal-remote
++ * systemd-journal-upload
++ * systemd-journal-gatewayd
++
++Package: systemd-coredump
++Build-Profiles: <!stage1>
++Architecture: linux-any
++Multi-Arch: foreign
++Section: admin
++Priority: optional
++Depends: ${shlibs:Depends},
++ ${misc:Depends},
++ adduser,
++ systemd
++Conflicts: core-dump-handler
++Replaces: core-dump-handler
++Provides: core-dump-handler
++Description: tools for storing and retrieving coredumps
++ This package provides systemd tools for storing and retrieving coredumps:
++ * systemd-coredump
++ * coredumpctl
++
++Package: systemd-tests
++Architecture: linux-any
++Section: admin
++Priority: optional
++Depends: ${shlibs:Depends},
++ ${misc:Depends},
++ systemd (= ${binary:Version}),
++ python3,
++Description: tests for systemd
++ This package contains the test binaries. Those binaries are primarily used
++ for autopkgtest and not meant to be installed on regular user systems.
++
++Package: libpam-systemd
++Architecture: linux-any
++Multi-Arch: same
++Section: admin
++Priority: standard
++Pre-Depends: ${misc:Pre-Depends}
++Depends: ${shlibs:Depends},
++ ${misc:Depends},
++ systemd (= ${binary:Version}),
++ libpam-runtime (>= 1.0.1-6),
++ dbus,
++ systemd-sysv
++Provides: logind (= ${binary:Version}), default-logind (= ${binary:Version})
++Description: system and service manager - PAM module
++ This package contains the PAM module which registers user sessions in
++ the systemd control group hierarchy for logind.
++ .
++ If in doubt, do install this package.
++ .
++ Packages that depend on logind functionality need to depend on libpam-systemd.
++
++Package: libnss-myhostname
++Architecture: linux-any
++Multi-Arch: same
++Section: admin
++Priority: optional
++Pre-Depends: ${misc:Pre-Depends}
++Depends: ${shlibs:Depends},
++ ${misc:Depends},
++Description: nss module providing fallback resolution for the current hostname
++ This package contains a plugin for the Name Service Switch, providing host
++ name resolution for the locally configured system hostname as returned by
++ gethostname(2). It returns all locally configured public IP addresses or -- if
++ none are configured, the IPv4 address 127.0.1.1 (which is on the local
++ loopback) and the IPv6 address ::1 (which is the local host).
++ .
++ A lot of software relies on that the local host name is resolvable. This
++ package provides an alternative to the fragile and error-prone manual editing
++ of /etc/hosts.
++ .
++ Installing this package automatically adds myhostname to /etc/nsswitch.conf.
++
++Package: libnss-mymachines
++Architecture: linux-any
++Multi-Arch: same
++Section: admin
++Priority: optional
++Pre-Depends: ${misc:Pre-Depends}
++Depends: ${shlibs:Depends},
++ ${misc:Depends},
++ systemd-container (= ${binary:Version}),
++Description: nss module to resolve hostnames for local container instances
++ nss-mymachines is a plugin for the GNU Name Service Switch (NSS) functionality
++ of the GNU C Library (glibc) providing hostname resolution for local containers
++ that are registered with systemd-machined.service(8). The container names are
++ resolved to IP addresses of the specific container, ordered by their scope.
++ .
++ Installing this package automatically adds mymachines to /etc/nsswitch.conf.
++
++Package: libnss-resolve
++Architecture: linux-any
++Multi-Arch: same
++Section: admin
++Priority: optional
++Pre-Depends: ${misc:Pre-Depends}
++Depends: ${shlibs:Depends},
++ ${misc:Depends},
++ systemd (= ${binary:Version}),
++Description: nss module to resolve names via systemd-resolved
++ nss-resolve is a plugin for the GNU Name Service Switch (NSS) functionality
++ of the GNU C Library (glibc) providing DNS and LLMNR resolution to programs via
++ the systemd-resolved daemon (provided in the systemd package).
++ .
++ Installing this package automatically adds resolve to /etc/nsswitch.conf.
++
++Package: libnss-systemd
++Architecture: linux-any
++Multi-Arch: same
++Section: admin
++Priority: optional
++Pre-Depends: ${misc:Pre-Depends}
++Depends: ${shlibs:Depends},
++ ${misc:Depends},
++ systemd (= ${binary:Version}),
++Description: nss module providing dynamic user and group name resolution
++ nss-systemd is a plug-in module for the GNU Name Service Switch (NSS)
++ functionality of the GNU C Library (glibc), providing UNIX user and group name
++ resolution for dynamic users and groups allocated through the DynamicUser=
++ option in systemd unit files. See systemd.exec(5) for details on this
++ option.
++ .
++ Installing this package automatically adds the module to /etc/nsswitch.conf.
++
++Package: libsystemd0
++Architecture: linux-any
++Multi-Arch: same
++Section: libs
++Priority: optional
++Pre-Depends: ${shlibs:Depends},
++ ${misc:Pre-Depends}
++Depends: ${misc:Depends}
++Description: systemd utility library
++ The libsystemd0 library provides interfaces to various systemd components.
++
++Package: libsystemd-dev
++Architecture: linux-any
++Multi-Arch: same
++Section: libdevel
++Priority: optional
++Depends: ${shlibs:Depends},
++ ${misc:Depends},
++ libsystemd0 (= ${binary:Version})
++Description: systemd utility library - development files
++ The libsystemd0 library provides interfaces to various systemd components.
++ .
++ This package contains the development files.
++
++Package: udev
++Section: admin
++Priority: important
++Architecture: linux-any
++Multi-Arch: foreign
++Pre-Depends: ${misc:Pre-Depends}
++Depends: ${shlibs:Depends},
++ ${misc:Depends},
++ adduser,
++ dpkg (>= 1.19.3) | systemd-sysv,
++ libudev1 (= ${binary:Version}),
++ util-linux (>= 2.27.1),
++ s390-tools (>> 1.6.2) [s390],
++Conflicts: hal
++Breaks: systemd (<< 233-4),
++Replaces: systemd (<< 233-4)
++Description: /dev/ and hotplug management daemon
++ udev is a daemon which dynamically creates and removes device nodes from
++ /dev/, handles hotplug events and loads drivers at boot time.
++
++Package: libudev1
++Section: libs
++Priority: optional
++Architecture: linux-any
++Multi-Arch: same
++Pre-Depends: ${misc:Pre-Depends}
++Depends: ${shlibs:Depends},
++ ${misc:Depends}
++Description: libudev shared library
++ This library provides access to udev device information.
++
++Package: libudev-dev
++Section: libdevel
++Priority: optional
++Architecture: linux-any
++Multi-Arch: same
++Pre-Depends: ${misc:Pre-Depends}
++Depends: ${shlibs:Depends},
++ ${misc:Depends},
++ libudev1 (= ${binary:Version})
++Description: libudev development files
++ This package contains the files needed for developing applications that
++ use libudev.
++
++Package: udev-udeb
++Build-Profiles: <!noudeb>
++Package-Type: udeb
++Section: debian-installer
++Priority: optional
++Architecture: linux-any
++Depends: ${shlibs:Depends},
++ ${misc:Depends},
++ util-linux-udeb
++Description: /dev/ and hotplug management daemon
++ udev is a daemon which dynamically creates and removes device nodes from
++ /dev/, handles hotplug events and loads drivers at boot time.
++ .
++ This is a minimal version, only for use in the installation system.
++
++Package: libudev1-udeb
++Build-Profiles: <!noudeb>
++Package-Type: udeb
++Section: debian-installer
++Priority: optional
++Architecture: linux-any
++Depends: ${shlibs:Depends},
++ ${misc:Depends}
++Description: libudev shared library
++ This library provides access to udev device information.
++ .
++ This is a minimal version, only for use in the installation system.
--- /dev/null
--- /dev/null
++Format: https://www.debian.org/doc/packaging-manuals/copyright-format/1.0/
++Upstream-Name: systemd
++Upstream-Contact: systemd-devel@lists.freedesktop.org
++Source: https://www.freedesktop.org/wiki/Software/systemd/
++
++Files: *
++Copyright: 2008-2015 Kay Sievers <kay@vrfy.org>
++ 2010-2015 Lennart Poettering
++ 2012-2015 Zbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl>
++ 2013-2015 Tom Gundersen <teg@jklm.no>
++ 2013-2015 Daniel Mack
++ 2010-2015 Harald Hoyer
++ 2013-2015 David Herrmann
++ 2013, 2014 Thomas H.P. Andersen
++ 2013, 2014 Daniel Buch
++ 2014 Susant Sahani
++ 2009-2015 Intel Corporation
++ 2000, 2005 Red Hat, Inc.
++ 2009 Alan Jenkins <alan-jenkins@tuffmail.co.uk>
++ 2010 ProFUSION embedded systems
++ 2010 Maarten Lankhorst
++ 1995-2004 Miquel van Smoorenburg
++ 1999 Tom Tromey
++ 2011 Michal Schmidt
++ 2012 B. Poettering
++ 2012 Holger Hans Peter Freyther
++ 2012 Dan Walsh
++ 2012 Roberto Sassu
++ 2013 David Strauss
++ 2013 Marius Vollmer
++ 2013 Jan Janssen
++ 2013 Simon Peeters
++License: LGPL-2.1+
++
++Files: src/basic/siphash24.h
++ src/basic/siphash24.c
++Copyright: 2012 Jean-Philippe Aumasson <jeanphilippe.aumasson@gmail.com>
++ 2012 Daniel J. Bernstein <djb@cr.yp.to>
++License: CC0-1.0
++
++Files: src/basic/securebits.h
++Copyright: Linus Torvalds <torvalds@athlon.transmeta.com>
++License: GPL-2
++
++Files: src/basic/ioprio.h
++Copyright: Jens Axboe <axboe@suse.de>
++License: GPL-2
++
++Files: src/shared/linux/auto_dev-ioctl.h
++Copyright: 2008 Red Hat, Inc.
++ 2008 Ian Kent <raven@themaw.net>
++License: GPL-2+
++
++Files: src/basic/sparse-endian.h
++Copyright: 2012 Josh Triplett <josh@joshtriplett.org>
++License: Expat
++
++Files: src/journal/lookup3.c
++ src/journal/lookup3.h
++Copyright: none
++License: public-domain
++ You can use this free for any purpose. It's in the public domain. It has no
++ warranty.
++
++Files: src/udev/*
++Copyright: 2003-2012 Kay Sievers <kay@vrfy.org>
++ 2003-2004 Greg Kroah-Hartman <greg@kroah.com>
++ 2004 Chris Friesen <chris_friesen@sympatico.ca>
++ 2004, 2009, 2010 David Zeuthen <david@fubar.dk>
++ 2005, 2006 SUSE Linux Products GmbH
++ 2003 IBM Corp.
++ 2007 Hannes Reinecke <hare@suse.de>
++ 2009 Canonical Ltd.
++ 2009 Scott James Remnant <scott@netsplit.com>
++ 2009 Martin Pitt <martin.pitt@ubuntu.com>
++ 2009 Piter Punk <piterpunk@slackware.com>
++ 2009, 2010 Lennart Poettering
++ 2009 Filippo Argiolas <filippo.argiolas@gmail.com>
++ 2010 Maxim Levitsky
++ 2011 ProFUSION embedded systems
++ 2011 Karel Zak <kzak@redhat.com>
++ 2014 Zbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl>
++ 2014 David Herrmann <dh.herrmann@gmail.com>
++ 2014 Carlos Garnacho <carlosg@gnome.org>
++License: GPL-2+
++
++Files: src/udev/udev-ctrl.c
++ src/udev/udevadm-hwdb.c
++ src/udev/udev-builtin.c
++ src/udev/udev-builtin-net_id.c
++ src/udev/udev-builtin-net_setup_link.c
++ src/udev/udev-builtin-hwdb.c
++ src/udev/udev-builtin-btrfs.c
++ src/udev/udev-builtin-keyboard.c
++ src/udev/net/link-config.h
++ src/udev/net/link-config.c
++ src/udev/net/ethtool-util.c
++ src/udev/net/ethtool-util.h
++Copyright: 2007-2013 Kay Sievers <kay@vrfy.org>
++ 2013 Tom Gundersen <teg@jklm.no>
++License: LGPL-2.1+
++
++Files: src/udev/scsi_id/scsi.h
++Copyright: 2003 IBM Corp.
++License: GPL-2
++
++Files: debian/*
++Copyright: 2010-2013 Tollef Fog Heen <tfheen@debian.org>
++ 2013-2018 Michael Biebl <biebl@debian.org>
++ 2013 Michael Stapelberg <stapelberg@debian.org>
++License: LGPL-2.1+
++
++License: Expat
++ Permission is hereby granted, free of charge, to any person obtaining a copy
++ of this software and associated documentation files (the "Software"), to
++ deal in the Software without restriction, including without limitation the
++ rights to use, copy, modify, merge, publish, distribute, sublicense, and/or
++ sell copies of the Software, and to permit persons to whom the Software is
++ furnished to do so, subject to the following conditions:
++ .
++ The above copyright notice and this permission notice shall be included in
++ all copies or substantial portions of the Software.
++ .
++ THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
++ IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
++ FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
++ AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
++ LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
++ FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS
++ IN THE SOFTWARE.
++
++License: GPL-2
++ This program is free software; you can redistribute it and/or modify
++ it under the terms of the GNU General Public License as published by
++ the Free Software Foundation; version 2 of the License.
++ .
++ This program is distributed in the hope that it will be useful,
++ but WITHOUT ANY WARRANTY; without even the implied warranty of
++ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
++ GNU General Public License for more details.
++ .
++ You should have received a copy of the GNU General Public License
++ along with this program; if not, write to the Free Software Foundation, Inc.,
++ 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA.
++ .
++ On Debian and systems the full text of the GNU General Public
++ License version 2 can be found in the file
++ `/usr/share/common-licenses/GPL-2`
++
++License: GPL-2+
++ This program is free software; you can redistribute it and/or modify
++ it under the terms of the GNU General Public License as published by
++ the Free Software Foundation; either version 2, or (at your option)
++ any later version.
++ .
++ This program is distributed in the hope that it will be useful,
++ but WITHOUT ANY WARRANTY; without even the implied warranty of
++ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
++ GNU General Public License for more details.
++ .
++ You should have received a copy of the GNU General Public License along
++ with this program; if not, write to the Free Software Foundation,
++ Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
++ .
++ On Debian systems, the complete text of the GNU General Public License
++ version 2 can be found in ‘/usr/share/common-licenses/GPL-2’.
++
++License: LGPL-2.1+
++ This program is free software; you can redistribute it and/or modify
++ it under the terms of the GNU Lesser General Public License as published by
++ the Free Software Foundation; either version 2.1, or (at your option)
++ any later version.
++ .
++ This program is distributed in the hope that it will be useful,
++ but WITHOUT ANY WARRANTY; without even the implied warranty of
++ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
++ GNU Lesser General Public License for more details.
++ .
++ You should have received a copy of the GNU Lesser General Public License along
++ with this program; if not, write to the Free Software Foundation,
++ Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
++ .
++ On Debian systems, the complete text of the GNU Lesser General Public
++ License version 2.1 can be found in ‘/usr/share/common-licenses/LGPL-2.1’.
++
++License: CC0-1.0
++ To the extent possible under law, the author(s) have dedicated all copyright
++ and related and neighboring rights to this software to the public domain
++ worldwide. This software is distributed without any warranty.
++ .
++ You should have received a copy of the CC0 Public Domain Dedication along with
++ this software. If not, see <http://creativecommons.org/publicdomain/zero/1.0/>.
++ .
++ On Debian systems, the complete text of the CC0 1.0 Universal license can be
++ found in ‘/usr/share/common-licenses/CC0-1.0’.
--- /dev/null
--- /dev/null
++#!/bin/sh
++# Prepare systemd source package in current directory for testing an upstream
++# commit, branch, or PR, without Debian patches. This replaces everything
++# except the debian/ directory with an upstream checkout.
++# NEVER run this in your actual packaging work directory! This is only meant
++# for upstream CI.
++#
++# Author: Martin Pitt <martin.pitt@ubuntu.com>
++
++set -eu
++test -x debian/rules
++if [ -z "${TEST_UPSTREAM:-}" ]; then
++ echo "Not in upstream testing mode. Do *not* run this script unless you know what you are doing." >&2
++ exit 1
++fi
++if [ -n "${UPSTREAM_PULL_REQUEST:-}" ]; then
++ FETCH="git fetch -fu origin refs/pull/$UPSTREAM_PULL_REQUEST/head:pr"
++ CO='git checkout pr'
++ DESC="PR #$UPSTREAM_PULL_REQUEST"
++elif [ -n "${UPSTREAM_HEAD:-}" ]; then
++ FETCH=''
++ CO="git checkout $UPSTREAM_HEAD"
++ DESC="$UPSTREAM_HEAD"
++else
++ echo "WARNING: $0: Neither UPSTREAM_PULL_REQUEST nor UPSTREAM_HEAD set, ignoring" >&2
++ exit 0
++fi
++
++DUMMY_USER_NAME="Merge dummy user"
++DUMMY_USER_EMAIL="invalid@example.com"
++
++UPSTREAM_REPO="${UPSTREAM_REPO:-https://github.com/systemd/systemd.git}"
++BRANCH_NAME=$(git rev-parse --abbrev-ref HEAD)
++
++# Use git, if in a git repo
++if [ -d .git ]; then
++ # make sure user.name/user.email are set, git commit wants them
++ git config --get user.name || git config user.name "$DUMMY_USER_NAME"
++ git config --get user.email || git config user.email "$DUMMY_USER_EMAIL"
++fi
++
++if [ -n "${KEEP_DEBIAN_PATCHES:-}" ]; then
++ # set up pq branch if it does not exist
++ if [ "$BRANCH_NAME" = HEAD ]; then
++ echo "ERROR: $0 must be started from a branch when using KEEP_DEBIAN_PATCHES" >&2
++ exit 1
++ fi
++ gbp pq import 2> /dev/null && gbp pq switch || true
++ if ! git branch --contains "$BRANCH_NAME" | grep -q patch-queue/"$BRANCH_NAME"; then
++ echo "ERROR: patch-queue/$BRANCH_NAME exists but it is not rebased, please rebase it." >&2
++ exit 1
++ fi
++fi
++
++# switch to native instead of quilt
++echo '3.0 (native)' > debian/source/format
++
++# drop our patches
++rm -rf debian/patches
++
++# disable tests which are not for upstream
++[ -n "${KEEP_DEBIAN_TESTS:-}" ] || sed -i '/# NOUPSTREAM/ q' debian/tests/control
++
++# create new git commit with debian/ changes
++if [ -d .git -a -n "$(git status --short debian)" ]; then
++ git add debian
++ git commit -n -m "checkout-upstream: edit debian/ files for upstream testing"
++fi
++
++########
++# Everything below this changes only code outside debian/
++# besides temporary use of debian/tmp/
++# and the update to debian/changelog
++########
++
++mkdir -p debian/tmp
++(cd debian/tmp
++ git clone "${UPSTREAM_REPO}" upstream || (rm -rf upstream; sleep 60; git clone "${UPSTREAM_REPO}" upstream)
++ cd upstream
++ $FETCH
++ $CO
++ git config user.email "$DUMMY_USER_EMAIL"
++ git config user.name "$DUMMY_USER_NAME"
++ if [ -n "${UPSTREAM_PULL_REQUEST:-}" ]; then
++ git rebase master
++ fi
++ git submodule update --init --recursive)
++UPSTREAM_VER=$(cd debian/tmp/upstream; git describe | sed 's/^v//;s/-/./g')
++
++# clean out original upstream sources
++find -mindepth 1 -maxdepth 1 -name debian -o -name .git -prune -o -print0 | xargs -0n1 rm -rf
++
++# replace with checkout
++mv debian/tmp/upstream/* .
++rm -rf debian/tmp
++
++# create new git commit with upstream code
++if [ -d .git -a -n "$(git status --short)" ] ; then
++ git add .
++ git commit -n -m "checkout-upstream: replace with upstream code at version ${UPSTREAM_VER}"
++fi
++
++# import Debian patches which apply cleanly
++if [ -n "${KEEP_DEBIAN_PATCHES:-}" ]; then
++ for c in $(git log "$BRANCH_NAME"..patch-queue/"$BRANCH_NAME" --format='%H' --reverse); do
++ if ! git cherry-pick $c; then
++ git cherry-pick --abort
++ git reset --hard
++ git clean -dxf
++ fi
++ done
++fi
++
++if [ -z "${UPSTREAM_KEEP_CHANGELOG:-}" ] ; then
++ # craft changelog
++ cat << EOF > debian/changelog.new
++systemd (${UPSTREAM_VER}.0) UNRELEASED; urgency=low
++
++ * Automatic build from upstream $DESC
++
++ -- systemd test <pkg-systemd-maintainers@lists.alioth.debian.org> $(date -R)
++
++EOF
++ cat debian/changelog >> debian/changelog.new
++ mv debian/changelog.new debian/changelog
++
++ # create new git commit with changelog entry
++ if [ -d .git ] ; then
++ git add debian
++ git commit -n -m "checkout-upstream: update changelog to version ${UPSTREAM_VER}.0"
++ fi
++fi
--- /dev/null
--- /dev/null
++TIMESYNCD_CONF=/run/systemd/timesyncd.conf.d/01-dhclient.conf
++
++timesyncd_servers_setup_remove() {
++ if [ -e $TIMESYNCD_CONF ]; then
++ rm -f $TIMESYNCD_CONF
++ systemctl try-restart systemd-timesyncd.service || true
++ fi
++}
++
++timesyncd_servers_setup_add() {
++ if [ ! -d /run/systemd/system ]; then
++ return
++ fi
++
++ if [ -e $TIMESYNCD_CONF ] && [ "$new_ntp_servers" = "$old_ntp_servers" ]; then
++ return
++ fi
++
++ if [ -z "$new_ntp_servers" ]; then
++ timesyncd_servers_setup_remove
++ return
++ fi
++
++ mkdir -p $(dirname $TIMESYNCD_CONF)
++ cat <<EOF > ${TIMESYNCD_CONF}.new
++# NTP server entries received from DHCP server
++[Time]
++NTP=$new_ntp_servers
++EOF
++ mv ${TIMESYNCD_CONF}.new ${TIMESYNCD_CONF}
++ systemctl try-restart systemd-timesyncd.service || true
++}
++
++
++case $reason in
++ BOUND|RENEW|REBIND|REBOOT)
++ timesyncd_servers_setup_add
++ ;;
++ EXPIRE|FAIL|RELEASE|STOP)
++ timesyncd_servers_setup_remove
++ ;;
++esac
--- /dev/null
--- /dev/null
++# This file blacklists most old-style PCI framebuffer drivers.
++
++blacklist arkfb
++blacklist aty128fb
++blacklist atyfb
++blacklist radeonfb
++blacklist cirrusfb
++blacklist cyber2000fb
++blacklist kyrofb
++blacklist matroxfb_base
++blacklist mb862xxfb
++blacklist neofb
++blacklist pm2fb
++blacklist pm3fb
++blacklist s3fb
++blacklist savagefb
++blacklist sisfb
++blacklist tdfxfb
++blacklist tridentfb
++blacklist vt8623fb
--- /dev/null
--- /dev/null
++# -*-Shell-script-*-
++# /lib/lsb/init-functions
++
++_use_systemctl=0
++if [ -d /run/systemd/system ]; then
++
++ if [ -n "${__init_d_script_name:-}" ]; then # scripts run with new init-d-script
++ executable="$__init_d_script_name"
++ argument="$1"
++ elif [ "${0##*/}" = "init-d-script" ] ||
++ [ "${0##*/}" = "${1:-}" ]; then # scripts run with old init-d-script
++ executable="$1"
++ argument="$2"
++ else # plain old scripts
++ executable="$0"
++ argument="${1:-}"
++ fi
++
++ prog=${executable##*/}
++ service="${prog%.sh}.service"
++
++ # Don't try to run masked services. systemctl <= 230 always succeeds here,
++ # but later systemctls fail on nonexisting units; be compatible with both
++ state=$(systemctl -p LoadState --value show $service 2>/dev/null) || state="not-found"
++ [ "$state" = "masked" ] && exit 0
++
++ # Redirect SysV init scripts when executed by the user
++ if [ $PPID -ne 1 ] && [ -z "${SYSTEMCTL_SKIP_REDIRECT:-}" ]; then
++ case $(readlink -f "$executable") in
++ /etc/init.d/*)
++ # If the state is not-found, this might be a newly installed SysV init
++ # script where systemd-sysv-generator has not been run yet.
++ [ "$state" != "not-found" ] || [ "$(id -u)" != 0 ] || systemctl --no-ask-password daemon-reload
++
++ _use_systemctl=1
++ # Some services can't reload through the .service file,
++ # but can through the init script.
++ if [ "$(systemctl -p CanReload --value show $service 2>/dev/null)" = "no" ] && [ "${argument:-}" = "reload" ]; then
++ _use_systemctl=0
++ fi
++ ;;
++ esac
++ fi
++fi
++
++systemctl_redirect () {
++ local s
++ local rc
++ local prog=${1##*/}
++ local command=$2
++
++ case "$command" in
++ start)
++ s="Starting $prog (via systemctl)"
++ ;;
++ stop)
++ s="Stopping $prog (via systemctl)"
++ ;;
++ reload|force-reload)
++ s="Reloading $prog configuration (via systemctl)"
++ ;;
++ try-restart)
++ s="Restarting $prog if running (via systemctl)"
++ ;;
++ restart)
++ s="Restarting $prog (via systemctl)"
++ ;;
++ esac
++
++ service="${prog%.sh}.service"
++
++ # avoid deadlocks during bootup and shutdown from units/hooks
++ # which call "invoke-rc.d service reload" and similar, since
++ # the synchronous wait plus systemd's normal behaviour of
++ # transactionally processing all dependencies first easily
++ # causes dependency loops
++ if ! OUT=$(systemctl is-system-running 2>/dev/null) && [ "$OUT" != "degraded" ]; then
++ sctl_args="--job-mode=ignore-dependencies"
++ fi
++
++ [ "$command" = status ] || log_daemon_msg "$s" "$service"
++ /bin/systemctl --no-pager $sctl_args $command "$service"
++ rc=$?
++ [ "$command" = status ] || log_end_msg $rc
++
++ return $rc
++}
++
++if [ "$_use_systemctl" = "1" ]; then
++ # Some init scripts use "set -e" and "set -u", we don't want that
++ # here
++ set +e
++ set +u
++
++ case "$argument" in
++ start|stop|restart|reload|force-reload|try-restart|status)
++ systemctl_redirect $executable $argument
++ exit $?
++ ;;
++ esac
++fi
--- /dev/null
--- /dev/null
++#!/bin/sh -e
++
++PREREQS=""
++
++prereqs() { echo "$PREREQS"; }
++
++case "$1" in
++ prereqs)
++ prereqs
++ exit 0
++ ;;
++esac
++
++. /usr/share/initramfs-tools/hook-functions
++
++mkdir -p "$DESTDIR/lib/systemd"
++copy_exec /lib/systemd/systemd-udevd /lib/systemd
++copy_exec /bin/udevadm /bin
++
++mkdir -p "$DESTDIR/etc/udev"
++cp -p /etc/udev/udev.conf "$DESTDIR/etc/udev/"
++
++# copy .link files containing interface naming definitions
++mkdir -p "$DESTDIR/lib/systemd/network/"
++find /lib/systemd/network -name '*.link' -execdir cp -pt "$DESTDIR/lib/systemd/network/" '{}' +
++if [ -d /etc/systemd/network ]; then
++ find /etc/systemd/network -name '*.link' -execdir cp -pt "$DESTDIR/lib/systemd/network/" '{}' +
++fi
++
++mkdir -p "$DESTDIR/lib/udev/rules.d/"
++for rules in 50-firmware.rules 50-udev-default.rules 60-persistent-storage.rules \
++ 61-persistent-storage-android.rules 71-seat.rules 73-special-net-names.rules \
++ 73-usb-net-by-mac.rules 75-net-description.rules \
++ 80-net-setup-link.rules 80-drivers.rules; do
++ if [ -e /etc/udev/rules.d/$rules ]; then
++ cp -p /etc/udev/rules.d/$rules "$DESTDIR/lib/udev/rules.d/"
++ elif [ -e /lib/udev/rules.d/$rules ]; then
++ cp -p /lib/udev/rules.d/$rules "$DESTDIR/lib/udev/rules.d/"
++ fi
++done
++
++# now copy all custom udev rules which don't have an equivalent in /lib (e. g.
++# 70-persistent-net.rules or similar); They might contain network names or
++# other bits which are relevant for the initramfs.
++for rules in /etc/udev/rules.d/*.rules; do
++ if [ -e "$rules" ] && [ ! -e "/lib/${rules#/etc/}" ]; then
++ cp -p "$rules" "$DESTDIR/lib/udev/rules.d/"
++ fi
++done
++
++for program in ata_id scsi_id; do
++ copy_exec /lib/udev/$program /lib/udev
++done
++copy_exec /sbin/blkid /sbin
--- /dev/null
--- /dev/null
++#!/bin/sh -e
++
++PREREQS=""
++
++prereqs() { echo "$PREREQS"; }
++
++case "$1" in
++ prereqs)
++ prereqs
++ exit 0
++ ;;
++esac
++
++# Stop udevd, we'll miss a few events while we run init, but we catch up
++udevadm control --exit
++
++# move the /dev tmpfs to the rootfs; fall back to util-linux mount that does
++# not understand -o move
++mount -n -o move /dev "${rootmnt:?}/dev" || mount -n --move /dev "${rootmnt}/dev"
++
++# create a temporary symlink to the final /dev for other initramfs scripts
++if command -v nuke >/dev/null; then
++ nuke /dev
++else
++ # shellcheck disable=SC2114
++ rm -rf /dev
++fi
++ln -s "${rootmnt}/dev" /dev
++
--- /dev/null
--- /dev/null
++#!/bin/sh -e
++
++PREREQS=""
++
++prereqs() { echo "$PREREQS"; }
++
++case "$1" in
++ prereqs)
++ prereqs
++ exit 0
++ ;;
++esac
++
++if [ -w /sys/kernel/uevent_helper ]; then
++ echo > /sys/kernel/uevent_helper
++fi
++
++if [ "${quiet:-n}" = "y" ]; then
++ log_level=notice
++else
++ log_level=info
++fi
++
++SYSTEMD_LOG_LEVEL=$log_level /lib/systemd/systemd-udevd --daemon --resolve-names=never
++
++udevadm trigger --type=subsystems --action=add
++udevadm trigger --type=devices --action=add
++udevadm settle || true
++
++# Leave udev running to process events that come in out-of-band (like USB
++# connections)
--- /dev/null
--- /dev/null
++#!/bin/sh
++set -eu
++# -*- mode: shell-script; indent-tabs-mode: nil; sh-basic-offset: 4; -*-
++# ex: ts=8 sw=4 sts=4 et filetype=sh
++
++COMMAND="$1"
++KERNEL_VERSION="$2"
++BOOT_DIR_ABS="$3"
++
++INITRD_SRC="/boot/initrd.img-$KERNEL_VERSION"
++INITRD_DEST="$BOOT_DIR_ABS/initrd"
++
++if [ "$COMMAND" = remove ]; then
++ rm -f "$INITRD_DEST"
++ exit 0
++fi
++
++if [ "$COMMAND" != add ]; then
++ echo "Invalid command $COMMAND" >&2
++ exit 1
++fi
++
++if [ -e "$INITRD_SRC" ];then
++ cp "$INITRD_SRC" "$INITRD_DEST"
++else
++ echo "$INITRD_SRC does not exist, not installing an initrd"
++fi
++
++exit 0
--- /dev/null
--- /dev/null
++#!/bin/sh
++# This script should be run before building the package every time a new
++# kernel is released.
++#
++# You should pass the name of the modules directory for a 486 flavour
++# kernel, as that has the most framebuffer modules.
++#
++# Also, obsolete modules should not be removed from the list until after
++# at least one stable release.
++
++set -e
++
++if [ $# = 0 ]; then
++ MODULES_DIR=/lib/modules/$(uname -r)
++else
++ MODULES_DIR="$1"
++fi
++
++BL='fbdev-blacklist.conf'
++
++if [ -e extra/$BL ]; then cd extra; fi
++
++{
++printf "# This file blacklists most old-style PCI framebuffer drivers.\n\n"
++
++find "$MODULES_DIR"/kernel/drivers/video -type f | sort | \
++while read file; do
++ name="$(basename $file .ko)"
++ case $name in
++ lxfb)
++ # This is needed for text consoles on OLPC XO-1, and it used to be
++ # built-in anyway.
++ ;;
++ viafb) ;; # Needed by OLPC XO-1.5
++ *)
++ /sbin/modinfo $file | grep -q '^alias: *pci:' \
++ && echo blacklist $name || true
++ ;;
++ esac
++done
++} > $BL.tmp
++
++if diff --unified=0 $BL $BL.tmp; then
++ rm $BL.tmp
++else
++ printf "\n\n\n$BL.tmp has changes!\n\n\n\n"
++fi
++
--- /dev/null
--- /dev/null
++#!/bin/sh
++# generate a sysusers.d(5) file from Debian's static master passwd/group files
++set -eu
++
++echo '# generated from /usr/share/base-passwd/{passwd,group}.master'
++
++# only take groups whose name+gid != the corresponding user in passwd.master
++export IFS=:
++while read name _ id _; do
++ if ! grep -q "^$name:\*:$id:$id:" /usr/share/base-passwd/passwd.master; then
++ printf "g %-10s %-5s -\n" $name $id
++ fi
++done < /usr/share/base-passwd/group.master
++
++echo
++
++# treat "nobody:nogroup" specially: same ID, but different name, so prevent creating a "nobody" group
++awk -F: '{ i = ($3 == $4 && $4 != 65534) ? $3 : $3":"$4; printf("u %-10s %-7s - %-20s %s\n", $1,i,$6,$7) }' < /usr/share/base-passwd/passwd.master
--- /dev/null
--- /dev/null
++Name: Register user sessions in the systemd control group hierarchy
++Default: yes
++Priority: 0
++Session-Interactive-Only: yes
++Session-Type: Additional
++Session:
++ optional pam_systemd.so
--- /dev/null
--- /dev/null
++# This file is part of systemd.
++#
++# Used by systemd --user instances.
++
++@include common-account
++
++session required pam_selinux.so close
++session required pam_selinux.so nottys open
++session required pam_loginuid.so
++session required pam_limits.so
++@include common-session-noninteractive
++session optional pam_systemd.so
--- /dev/null
--- /dev/null
++# On Hyper-V and Xen Virtual Machines we want to add memory and cpus as soon as they appear
++ATTR{[dmi/id]sys_vendor}=="Microsoft Corporation", ATTR{[dmi/id]product_name}=="Virtual Machine", GOTO="vm_hotadd_apply"
++ATTR{[dmi/id]sys_vendor}=="Xen", GOTO="vm_hotadd_apply"
++GOTO="vm_hotadd_end"
++
++LABEL="vm_hotadd_apply"
++
++# Memory hotadd request
++SUBSYSTEM=="memory", ACTION=="add", DEVPATH=="/devices/system/memory/memory[0-9]*", TEST=="state", ATTR{state}="online"
++
++# CPU hotadd request
++SUBSYSTEM=="cpu", ACTION=="add", DEVPATH=="/devices/system/cpu/cpu[0-9]*", TEST=="online", ATTR{online}="1"
++
++LABEL="vm_hotadd_end"
--- /dev/null
--- /dev/null
++# Android based kernel exports the uevent property PARTNAME, which can be
++# used to find out at run time the named partitions (e.g. boot) for the
++# device. This is specially useful for the Touch based images and flash-kernel,
++# to automatically update the kernel by writing at the correct partition
++# (independently of the hardware revision).
++ACTION!="remove", KERNEL=="mmcblk[0-9]p[0-9]", ENV{PARTNAME}=="?*", SYMLINK+="disk/by-partlabel/$env{PARTNAME}"
++
--- /dev/null
--- /dev/null
++ACTION!="remove", SUBSYSTEM=="input", KERNEL=="event*", SUBSYSTEMS=="platform", KERNELS=="gpio_keys.6|soc:gpio_keys", PROGRAM="/bin/cat /proc/device-tree/model", RESULT=="HP ProLiant m400 Server Cartridge", TAG+="power-switch"
++ACTION!="remove", SUBSYSTEM=="input", KERNEL=="event*", SUBSYSTEMS=="platform", KERNELS=="gpio_keys.12", ATTRS{keys}=="116", PROGRAM="/bin/cat /proc/device-tree/model", RESULT=="HP ProLiant m800 Server Cartridge", TAG+="power-switch"
--- /dev/null
--- /dev/null
++# do not edit this file, it will be overwritten on update
++
++ACTION!="add", GOTO="graphics_end"
++
++# Tag the drm device for KMS-supporting drivers as the primary device for
++# the display; for non-KMS drivers tag the framebuffer device instead.
++
++SUBSYSTEM!="drm", GOTO="drm_end"
++KERNEL!="card[0-9]*", GOTO="drm_end"
++ENV{DEVTYPE}!="drm_minor", GOTO="drm_end"
++
++DRIVERS=="i915", ENV{PRIMARY_DEVICE_FOR_DISPLAY}="1"
++DRIVERS=="radeon", ENV{PRIMARY_DEVICE_FOR_DISPLAY}="1"
++DRIVERS=="nouveau", ENV{PRIMARY_DEVICE_FOR_DISPLAY}="1"
++DRIVERS=="vmwgfx", ENV{PRIMARY_DEVICE_FOR_DISPLAY}="1"
++
++LABEL="drm_end"
++
++SUBSYSTEM!="graphics", GOTO="graphics_end"
++
++DRIVERS=="i915", GOTO="graphics_end"
++DRIVERS=="radeon", GOTO="graphics_end"
++DRIVERS=="nouveau", GOTO="graphics_end"
++DRIVERS=="efifb", GOTO="graphics_end"
++DRIVERS=="efi-framebuffer", GOTO="graphics_end"
++DRIVERS=="vesa-framebuffer", GOTO="graphics_end"
++
++KERNEL=="fb[0-9]*", ENV{PRIMARY_DEVICE_FOR_DISPLAY}="1"
++
++LABEL="graphics_end"
--- /dev/null
--- /dev/null
++# stub for immediately telling the kernel that userspace firmware loading
++# failed; necessary to avoid long timeouts with CONFIG_FW_LOADER_USER_HELPER=y
++SUBSYSTEM=="firmware", ACTION=="add", ATTR{loading}="-1"
--- /dev/null
--- /dev/null
++# On Dell PowerEdge systems, the iDRAC7 and later support a USB Virtual NIC
++# which terminates in the iDRAC. Help identify this with 'idrac'
++ACTION=="add", SUBSYSTEM=="net", SUBSYSTEMS=="usb", ATTRS{idVendor}=="413c", ATTRS{idProduct}=="a102", NAME="idrac"
++
++# On IBM systems the Integrated Management Module is reachable using a
++# # USB Virtual NIC.
++ACTION=="add", SUBSYSTEM=="net", SUBSYSTEMS=="usb", \
++ ATTRS{idVendor}=="04b3", ATTRS{idProduct}=="0325", NAME="ibmimm"
++
++# ibmveth devices' $DEVPATH number is tied to (virtual) hardware (slot id
++# selected in the HMC), thus this provides a reliable naming (e. g.
++# "/devices/vio/30000002/net/eth1"); we ignore the bus number, as
++# there should only ever be one bus, and then remove leading zeros
++ACTION=="add", SUBSYSTEM=="net", NAME=="", DRIVERS=="ibmveth", PROGRAM="/bin/sh -ec 'D=$${DEVPATH#*/vio/}; D=$${D%%%%/*}; D=$${D#????}; D=$${D#0}; D=$${D#0}; D=$${D#0}; D=$${D#0}; echo $${D:-0}'", NAME="ibmveth$result"
--- /dev/null
--- /dev/null
++# Use MAC based names for network interfaces which are directly or indirectly
++# on USB and have an universally administered (stable) MAC address (second bit
++# is 0). Don't do this when ifnames is disabled via kernel command line or
++# customizing/disabling 99-default.link (or previously 80-net-setup-link.rules)
++# or if the interface name was provided by user-space.
++
++ACTION=="remove", GOTO="usb_net_by_mac_end"
++SUBSYSTEM!="net", GOTO="usb_net_by_mac_end"
++ATTR{name_assign_type}=="3", GOTO="usb_net_by_mac_end"
++
++IMPORT{cmdline}="net.ifnames"
++ENV{net.ifnames}=="0", GOTO="usb_net_by_mac_end"
++
++SUBSYSTEMS=="usb", NAME=="", \
++ ATTR{address}=="?[014589cd]:*", \
++ TEST!="/etc/udev/rules.d/80-net-setup-link.rules", \
++ TEST!="/etc/systemd/network/99-default.link", \
++ IMPORT{builtin}="net_id", NAME="$env{ID_NET_NAME_MAC}"
++
++LABEL="usb_net_by_mac_end"
--- /dev/null
--- /dev/null
++# Debian specific udev rules for backwards compatibility
++
++# needed for old tape drivers, http://bugs.debian.org/657948
++SUBSYSTEM=="scsi", ENV{DEVTYPE}=="scsi_device", TEST!="[module/sg]", RUN{builtin}+="kmod load sg"
++
++# device permissions
++KERNEL=="mISDNtimer", GROUP="dialout"
++KERNEL=="mwave", GROUP="dialout"
++KERNEL=="nvram", GROUP="kmem", MODE="0640"
++KERNEL=="pktcdvd", GROUP="cdrom", MODE="0644"
++KERNEL=="lirc[0-9]*", GROUP="video"
++KERNEL=="legousbtower*", MODE="0666"
++KERNEL=="sonypi", MODE="0666"
++KERNEL=="mmtimer", MODE="0644"
++KERNEL=="sgi_*", MODE="0666"
++KERNEL=="z90crypt", MODE="0666"
++
++# These rules will create symlinks for CD/DVD drives, to help old
++# programs which are unable to automatically discover the devices.
++# The first detected device gets the symlink, but this is not stable across
++# reboots.
++ENV{ID_CDROM_CD_RW}=="?*", \
++ PROGRAM="/bin/sh -c 'ln -s %k /run/udev/link.cdrw 2>/dev/null; [ `readlink /run/udev/link.cdrw` = %k ]", \
++ SYMLINK+="cdrw", OPTIONS+="link_priority=-100"
++ENV{ID_CDROM_DVD}=="?*", \
++ PROGRAM="/bin/sh -c 'ln -s %k /run/udev/link.dvd 2>/dev/null; [ `readlink /run/udev/link.dvd` = %k ]", \
++ SYMLINK+="dvd", OPTIONS+="link_priority=-100"
++ENV{ID_CDROM_DVD_RW}=="?*", \
++ PROGRAM="/bin/sh -c 'ln -s %k /run/udev/link.dvdrw 2>/dev/null; [ `readlink /run/udev/link.dvdrw` = %k ]", \
++ SYMLINK+="dvdrw", OPTIONS+="link_priority=-100"
--- /dev/null
--- /dev/null
++#! /bin/sh
++# Set the CPU Frequency Scaling governor to "ondemand"/"powersave" where available
++set -eu
++
++FIRSTCPU=`cut -f1 -d- /sys/devices/system/cpu/online`
++AVAILABLE="/sys/devices/system/cpu/cpu$FIRSTCPU/cpufreq/scaling_available_governors"
++DOWN_FACTOR="/sys/devices/system/cpu/cpufreq/ondemand/sampling_down_factor"
++
++[ -f $AVAILABLE ] || exit 0
++
++read governors < $AVAILABLE
++case $governors in
++ *interactive*)
++ GOVERNOR="interactive"
++ break
++ ;;
++ *ondemand*)
++ GOVERNOR="ondemand"
++ case $(uname -m) in
++ ppc64*)
++ SAMPLING=100
++ ;;
++ esac
++ break
++ ;;
++ *powersave*)
++ GOVERNOR="powersave"
++ break
++ ;;
++ *)
++ exit 0
++ ;;
++esac
++
++[ -n "${GOVERNOR:-}" ] || exit 0
++
++echo "Setting $GOVERNOR scheduler for all CPUs"
++
++for CPUFREQ in /sys/devices/system/cpu/cpu*/cpufreq/scaling_governor
++do
++ [ -f $CPUFREQ ] || continue
++ echo -n $GOVERNOR > $CPUFREQ
++done
++if [ -n "${SAMPLING:-}" ] && [ -f $DOWN_FACTOR ]; then
++ echo -n $SAMPLING > $DOWN_FACTOR
++fi
--- /dev/null
--- /dev/null
++#!/bin/sh -e
++
++if [ -w /sys/kernel/uevent_helper ]; then
++ echo > /sys/kernel/uevent_helper
++fi
++
++if ! grep -E -q "^[^[:space:]]+ /dev devtmpfs" /proc/mounts; then
++ mount -n -o mode=0755 -t devtmpfs devtmpfs /dev
++fi
++
++SYSTEMD_LOG_LEVEL=notice /lib/systemd/systemd-udevd --daemon --resolve-names=never
++
++udevadm trigger --action=add
++
++mkdir -p /dev/pts
++mount -t devpts -o noexec,nosuid,gid=5,mode=0620 devpts /dev/pts
++
++udevadm settle || true
--- /dev/null
--- /dev/null
++#!/bin/sh
++# This script is called by "systemctl enable/disable" when the given unit is a
++# SysV init.d script. It needs to call the distribution's mechanism for
++# enabling/disabling those, such as chkconfig, update-rc.d, or similar. This
++# can optionally take a --root argument for enabling a SysV init script
++# in a chroot or similar.
++set -eu
++
++usage() {
++ echo "Usage: $0 [--root=path] enable|disable|is-enabled <sysv script name>" >&2
++ exit 1
++}
++
++ROOT=
++
++# parse options
++eval set -- "$(getopt -o r: --long root: -- "$@")"
++while true; do
++ case "$1" in
++ -r|--root)
++ ROOT="$2"
++ shift 2 ;;
++ --) shift ; break ;;
++ *) usage ;;
++ esac
++done
++
++NAME="${2:-}"
++
++run() {
++ if [ -n "$ROOT" ] && [ "$ROOT" != "/" ]; then
++ _SKIP_SYSTEMD_NATIVE=1 chroot "$ROOT" /usr/sbin/update-rc.d "$@"
++ else
++ _SKIP_SYSTEMD_NATIVE=1 /usr/sbin/update-rc.d "$@"
++ fi
++}
++
++[ -n "$NAME" ] || usage
++
++case "$1" in
++ enable)
++ # call the command to enable SysV init script $NAME here..
++ run "$NAME" defaults
++ run "$NAME" enable
++ ;;
++ disable)
++ run "$NAME" defaults
++ run "$NAME" disable
++ ;;
++ is-enabled)
++ # exit with 0 if $NAME is enabled, non-zero if it is disabled
++ ls "$ROOT"/etc/rc[S5].d/S??"$NAME" >/dev/null 2>&1
++ ;;
++ *)
++ usage ;;
++esac
--- /dev/null
--- /dev/null
++'''apport package hook for systemd
++
++(c) 2014 Canonical Ltd.
++Author: Martin Pitt <martin.pitt@ubuntu.com>
++'''
++
++import os.path
++import apport.hookutils
++
++def add_info(report):
++ apport.hookutils.attach_hardware(report)
++
++ report['SystemdDelta'] = apport.hookutils.command_output(['systemd-delta'])
++
++ if not os.path.exists('/run/systemd/system'):
++ return
++
++ # Add details about all failed units, if any
++ out = apport.hookutils.command_output(['systemctl', '--state=failed', '--full',
++ '--no-legend']).strip()
++ if out:
++ failed = ''
++ for line in out.splitlines():
++ unit = line.split()[0]
++ if failed:
++ failed += '------\n'
++ failed += apport.hookutils.command_output(['systemctl', 'status', '--full', unit])
++ report['SystemdFailedUnits'] = failed
++
--- /dev/null
--- /dev/null
++# This file is part of the debianisation of systemd.
++#
++# systemd is free software; you can redistribute it and/or modify it
++# under the terms of the GNU General Public License as published by
++# the Free Software Foundation; either version 2 of the License, or
++# (at your option) any later version.
++
++# See tmpfiles.d(5) for details
++
++# Type Path Mode UID GID Age Argument
++L /run/shm - - - - /dev/shm
++d /run/sendsigs.omit.d 0755 root root -
++
++L+ /etc/mtab - - - - ../proc/self/mounts
--- /dev/null
--- /dev/null
++'''apport package hook for udev
++
++(c) 2009 Canonical Ltd.
++Author: Martin Pitt <martin.pitt@ubuntu.com>
++'''
++
++import os
++import apport.hookutils
++
++def add_info(report):
++ apport.hookutils.attach_hardware(report)
++
++ user_rules = []
++ for f in os.listdir('/etc/udev/rules.d'):
++ if not f.startswith('70-persistent-') and f != 'README':
++ user_rules.append(f)
++
++ if user_rules:
++ report['CustomUdevRuleFiles'] = ' '.join(user_rules)
--- /dev/null
--- /dev/null
++[Unit]
++Description=Set the CPU Frequency Scaling governor
++ConditionVirtualization=no
++ConditionPathExists=/sys/devices/system/cpu/online
++# Don't run if we're going to start an Android LXC container on Ubuntu Touch
++ConditionPathExists=!/etc/init/lxc-android-config.conf
++
++[Service]
++Type=idle
++ExecStart=/lib/systemd/set-cpufreq
++
++[Install]
++WantedBy=multi-user.target
--- /dev/null
--- /dev/null
++# Avoid long hangs during shutdown if user services fail/hang due to X.org
++# going away too early
++[Service]
++TimeoutStopSec=5
--- /dev/null
--- /dev/null
++[Unit]
++Description=getty on tty2-tty6 if dbus and logind are not available
++ConditionPathExists=/dev/tty0
++ConditionPathExists=!/lib/systemd/system/dbus.service
++
++[Service]
++Type=oneshot
++ExecStart=/bin/systemctl --no-block start getty@tty2.service getty@tty3.service getty@tty4.service getty@tty5.service getty@tty6.service
++RemainAfterExit=true
++
--- /dev/null
--- /dev/null
++[Unit]
++# not specified by LSB, but has been behaving that way in Debian under SysV
++# init and upstart
++After=network-online.target
++
++# Often contains status messages which users expect to see on the console
++# during boot
++[Service]
++StandardOutput=journal+console
++StandardError=journal+console
--- /dev/null
--- /dev/null
++# tell resolvconf about resolved's builtin DNS server, so that DNS servers
++# picked up via networkd are respected when using resolvconf, and that software
++# like Chrome that does not do NSS (libnss-resolve) still gets proper DNS
++# resolution; do not remove the entry after stop though, as that leads to
++# timeouts on shutdown via the resolvconf hooks (see LP: #1648068)
++[Service]
++ExecStartPost=+/bin/sh -c '[ ! -e /run/resolvconf/enable-updates ] || echo "nameserver 127.0.0.53" | /sbin/resolvconf -a systemd-resolved'
++ReadWritePaths=-/run/resolvconf
--- /dev/null
--- /dev/null
++[Unit]
++# don't run timesyncd if we have another NTP daemon installed
++ConditionFileIsExecutable=!/usr/sbin/ntpd
++ConditionFileIsExecutable=!/usr/sbin/openntpd
++ConditionFileIsExecutable=!/usr/sbin/chronyd
++ConditionFileIsExecutable=!/usr/sbin/VBoxService
--- /dev/null
--- /dev/null
++[DEFAULT]
++pristine-tar = True
++patch-numbers = False
++debian-branch = debian/master
++upstream-branch = upstream/latest
++
++[dch]
++full = True
++multimaint-merge = True
--- /dev/null
--- /dev/null
++#!/bin/bash
++
++set -e
++
++if [ -z "$*" ] ; then
++ echo "Usage: $0 [commit [commit ..]]"
++ exit 1
++fi
++
++
++curbranch=$(git rev-parse --abbrev-ref HEAD)
++
++# assert we got a branch
++[ -n "$curbranch" ]
++
++if [ $curbranch = HEAD ] ; then
++ echo "You are not currently on a branch, cannot cherry-pick"
++ exit 1
++fi
++
++case $curbranch in
++ patch-queue/*)
++ debbranch=${curbranch/patch-queue\/}
++ pqbranch=$curbranch
++ ;;
++ *)
++ debbranch=$curbranch
++ pqbranch=patch-queue/$curbranch
++ ;;
++esac
++
++commits=$(git rev-parse "$@")
++
++if git rev-parse $pqbranch &>/dev/null ; then
++ echo
++ echo "Will recreate patch-queue branch $pqbranch"
++ echo "It was pointing to" $(git rev-parse $pqbranch)
++ echo
++fi
++
++gbp pq import --force
++
++echo "Cherry-picking the following commits:"
++echo "$commits"
++
++picks=$(echo "$commits" | xargs echo exec git cherry-pick -x --no-edit --commit)
++
++# find the first debian commit
++firstdebian=$(git log -i --grep "topic.*debian" --pretty=%h --reverse $debbranch..$pqbranch | head -1)
++
++sedexpr="/$firstdebian/i$picks"
++
++GIT_EDITOR="sed -i -e '$sedexpr'" git rebase --interactive --no-autosquash $debbranch
++
++
--- /dev/null
--- /dev/null
++lib/*/libnss_myhostname*.so.*
++usr/share/man/man8/libnss_myhostname.so.2.8
++usr/share/man/man8/nss-myhostname.8
--- /dev/null
--- /dev/null
++# package is a NSS module, not a system library
++libnss-myhostname: package-name-doesnt-match-sonames
--- /dev/null
--- /dev/null
++#!/bin/sh
++set -e
++
++# This code was taken from libnss-myhostname
++
++# try to insert myhostname entries to the "hosts" line in /etc/nsswitch.conf to
++# automatically enable libnss-myhostname support; do not change the
++# configuration if the "hosts" line already references some myhostname lookups
++insert_nss_entry() {
++ echo "Checking NSS setup..."
++ # abort if /etc/nsswitch.conf does not exist
++ if ! [ -e /etc/nsswitch.conf ]; then
++ echo "Could not find /etc/nsswitch.conf."
++ return
++ fi
++ perl -i -pe '
++ sub insert {
++ my $line = shift;
++ # this also splits on tab
++ my @bits=split(" ", $line);
++ # do not break configuration if the "hosts" line already references
++ # myhostname
++ if (grep { $_ eq "myhostname"} @bits) {
++ return $line;
++ }
++ # add myhostname at the end
++ return $line . " myhostname";
++ }
++ s/^(hosts:\s+)(.*)/$1.insert($2)/e;
++ ' /etc/nsswitch.conf
++}
++
++if [ "$1" = configure ] && [ -z "$2" ]; then
++ echo "First installation detected..."
++ # first install: setup the recommended configuration (unless
++ # nsswitch.conf already contains myhostname entries)
++ insert_nss_entry
++fi
++
++#DEBHELPER#
--- /dev/null
--- /dev/null
++#!/bin/sh
++set -e
++
++remove_nss_entry() {
++ local file=$1
++ local pkg=$2
++ local module=$3
++ refcount=$(dpkg-query -f '${db:Status-Abbrev} ${binary:Package}\n' \
++ -W $pkg | grep '^i' | wc -l)
++ if [ "$refcount" -gt 0 ] ; then
++ # package is installed for other architectures still, do nothing
++ return
++ fi
++ echo "Checking NSS setup..."
++ # abort if file does not exist
++ if ! [ -e $file ]; then
++ echo "Could not find ${file}."
++ return
++ fi
++ # we must remove possible [foo=bar] options as well
++ sed -i -r "/hosts:/ s/[[:space:]]+$module\b([[:space:]]*\[[^]]*\])*//" $file
++}
++
++if [ "$1" = remove ]; then
++ remove_nss_entry /etc/nsswitch.conf libnss-myhostname myhostname
++fi
++
++#DEBHELPER#
--- /dev/null
--- /dev/null
++lib/*/libnss_mymachines*.so.*
++usr/share/man/man8/libnss_mymachines.so.2.8
++usr/share/man/man8/nss-mymachines.8
--- /dev/null
--- /dev/null
++# package is a NSS module, not a system library
++libnss-mymachines: package-name-doesnt-match-sonames
--- /dev/null
--- /dev/null
++#!/bin/sh
++set -e
++
++# This code was taken from libnss-myhostname
++
++# try to insert mymachines entries to the "hosts" line in /etc/nsswitch.conf to
++# automatically enable libnss-mymachines support; do not change the
++# configuration if the "hosts" line already references some mymachines lookups
++insert_nss_entry() {
++ echo "Checking NSS setup..."
++ # abort if /etc/nsswitch.conf does not exist
++ if ! [ -e /etc/nsswitch.conf ]; then
++ echo "Could not find /etc/nsswitch.conf."
++ return
++ fi
++ perl -i -pe '
++ sub insert {
++ my $line = shift;
++ # this also splits on tab
++ my @bits=split(" ", $line);
++ # do not break configuration if the "hosts" line already references
++ # mymachines
++ if (grep { $_ eq "mymachines"} @bits) {
++ return $line;
++ }
++ # add mymachines at the end
++ return $line . " mymachines";
++ }
++ s/^(hosts:\s+)(.*)/$1.insert($2)/e;
++ ' /etc/nsswitch.conf
++}
++
++if [ "$1" = configure ] && [ -z "$2" ]; then
++ echo "First installation detected..."
++ # first install: setup the recommended configuration (unless
++ # nsswitch.conf already contains mymachines entries)
++ insert_nss_entry
++fi
++
++#DEBHELPER#
--- /dev/null
--- /dev/null
++#!/bin/sh
++set -e
++
++remove_nss_entry() {
++ local file=$1
++ local pkg=$2
++ local module=$3
++ refcount=$(dpkg-query -f '${db:Status-Abbrev} ${binary:Package}\n' \
++ -W $pkg | grep '^i' | wc -l)
++ if [ "$refcount" -gt 0 ] ; then
++ # package is installed for other architectures still, do nothing
++ return
++ fi
++ echo "Checking NSS setup..."
++ # abort if file does not exist
++ if ! [ -e $file ]; then
++ echo "Could not find ${file}."
++ return
++ fi
++ # we must remove possible [foo=bar] options as well
++ sed -i -r "/hosts:/ s/[[:space:]]+$module\b([[:space:]]*\[[^]]*\])*//" $file
++}
++
++if [ "$1" = remove ]; then
++ remove_nss_entry /etc/nsswitch.conf libnss-mymachines mymachines
++fi
++
++#DEBHELPER#
--- /dev/null
--- /dev/null
++lib/*/libnss_resolve*.so.*
++usr/share/man/man8/libnss_resolve.so.2.8
++usr/share/man/man8/nss-resolve.8
--- /dev/null
--- /dev/null
++# package is a NSS module, not a system library
++libnss-resolve: package-name-doesnt-match-sonames
--- /dev/null
--- /dev/null
++#!/bin/sh
++set -e
++
++# This code was taken from libnss-myhostname
++
++# try to insert resolve entries to the "hosts" line in /etc/nsswitch.conf to
++# automatically enable libnss-resolve support; do not change the
++# configuration if the "hosts" line already references some resolve lookups
++insert_nss_entry() {
++ echo "Checking NSS setup..."
++ # abort if /etc/nsswitch.conf does not exist
++ if ! [ -e /etc/nsswitch.conf ]; then
++ echo "Could not find /etc/nsswitch.conf."
++ return
++ fi
++ perl -i -pe '
++ sub insert {
++ my $line = shift;
++ # this also splits on tab
++ my @bits=split(" ", $line);
++ # do not break configuration if the "hosts" line already references
++ # resolve
++ if (grep { $_ eq "resolve"} @bits) {
++ return $line;
++ }
++ # add resolve before dns
++ return join " ", map {
++ $_ eq "dns" ? ("resolve [!UNAVAIL=return]", "$_") : $_
++ } @bits;
++ }
++ s/^(hosts:\s+)(.*)/$1.insert($2)/e;
++ ' /etc/nsswitch.conf
++}
++
++if [ "$1" = configure ] && [ -z "$2" ]; then
++ echo "First installation detected..."
++ # first install: setup the recommended configuration (unless
++ # nsswitch.conf already contains resolve entries)
++ insert_nss_entry
++ # ... and enable resolved
++ systemctl enable systemd-resolved.service
++ if [ -d /run/systemd/system ]; then
++ deb-systemd-invoke start systemd-resolved.service || true
++ fi
++fi
++
++#DEBHELPER#
--- /dev/null
--- /dev/null
++#!/bin/sh
++set -e
++
++remove_nss_entry() {
++ local file=$1
++ local pkg=$2
++ local module=$3
++ refcount=$(dpkg-query -f '${db:Status-Abbrev} ${binary:Package}\n' \
++ -W $pkg | grep '^i' | wc -l)
++ if [ "$refcount" -gt 0 ] ; then
++ # package is installed for other architectures still, do nothing
++ return
++ fi
++ echo "Checking NSS setup..."
++ # abort if file does not exist
++ if ! [ -e $file ]; then
++ echo "Could not find ${file}."
++ return
++ fi
++ # we must remove possible [foo=bar] options as well
++ sed -i -r "/hosts:/ s/[[:space:]]+$module\b([[:space:]]*\[[^]]*\])*//" $file
++}
++
++if [ "$1" = remove ]; then
++ remove_nss_entry /etc/nsswitch.conf libnss-resolve resolve
++ systemctl disable systemd-resolved.service
++ if [ -d /run/systemd/system ]; then
++ deb-systemd-invoke stop systemd-resolved.service || true
++ fi
++fi
++
++#DEBHELPER#
--- /dev/null
--- /dev/null
++lib/*/libnss_systemd*.so.*
++usr/share/man/man8/libnss_systemd*
++usr/share/man/man8/nss-systemd*
--- /dev/null
--- /dev/null
++# package is a NSS module, not a system library
++libnss-systemd: package-name-doesnt-match-sonames
--- /dev/null
--- /dev/null
++#!/bin/sh
++set -e
++
++# try to insert the systemd entry to the "passwd" and "group" lines in
++# /etc/nsswitch.conf to automatically enable libnss-systemd support; do not
++# change the configuration if the lines already contain "systemd"
++insert_nss_entry() {
++ echo "Checking NSS setup..."
++ # abort if /etc/nsswitch.conf does not exist
++ if ! [ -e /etc/nsswitch.conf ]; then
++ echo "Could not find /etc/nsswitch.conf."
++ return
++ fi
++ perl -i -pe '
++ sub insert {
++ my $line = shift;
++ # this also splits on tab
++ my @bits=split(" ", $line);
++ # do not break configuration if the line already references
++ # systemd
++ if (grep { $_ eq "systemd"} @bits) {
++ return $line;
++ }
++ # add systemd at the end
++ return $line . " systemd";
++ }
++ s/^(passwd:\s+)(.*)/$1.insert($2)/e;
++ s/^(group:\s+)(.*)/$1.insert($2)/e;
++ ' /etc/nsswitch.conf
++}
++
++if [ "$1" = configure ] && [ -z "$2" ]; then
++ echo "First installation detected..."
++ # first install: setup the recommended configuration
++ insert_nss_entry
++fi
++
++#DEBHELPER#
--- /dev/null
--- /dev/null
++#!/bin/sh
++set -e
++
++remove_nss_entry() {
++ local file=$1
++ local pkg=$2
++ local module=$3
++ refcount=$(dpkg-query -f '${db:Status-Abbrev} ${binary:Package}\n' \
++ -W $pkg | grep '^i' | wc -l)
++ if [ "$refcount" -gt 0 ] ; then
++ # package is installed for other architectures still, do nothing
++ return
++ fi
++ echo "Checking NSS setup..."
++ # abort if file does not exist
++ if ! [ -e $file ]; then
++ echo "Could not find ${file}."
++ return
++ fi
++ # we must remove possible [foo=bar] options as well
++ sed -i -r "/(passwd|group):/ s/[[:space:]]+$module\b([[:space:]]*\[[^]]*\])*//" $file
++}
++
++if [ "$1" = remove ]; then
++ remove_nss_entry /etc/nsswitch.conf libnss-systemd systemd
++fi
++
++#DEBHELPER#
--- /dev/null
--- /dev/null
++lib/*/security/pam_systemd.so
++usr/share/man/man8/pam_systemd.8
++../../extra/pam-configs usr/share/
--- /dev/null
--- /dev/null
++#! /bin/sh
++
++set -e
++
++pam-auth-update --package
++
++#DEBHELPER#
--- /dev/null
--- /dev/null
++#! /bin/sh
++
++set -e
++
++# pam-auth-update --remove removes the named profile from the active config.
++# It arguably should be called during deconfigure as well, but deconfigure
++# can happen in some cases during a dist-upgrade and we don't want to
++# deconfigure all PAM modules in the middle of a dist-upgrade by accident.
++#
++# More importantly, with the current implementation, --remove also removes
++# all local preferences for the named config (such as whether it's enabled
++# or disabled), which we don't want to do on deconfigure.
++#
++# This may need to change later as pam-auth-update evolves.
++
++if [ "$1" = remove ] && [ "${DPKG_MAINTSCRIPT_PACKAGE_REFCOUNT:-1}" = 1 ]; then
++ pam-auth-update --package --remove systemd
++fi
++
++#DEBHELPER#
--- /dev/null
--- /dev/null
++lib/*/libsystemd.so
++usr/lib/*/pkgconfig/libsystemd.pc
++usr/include/systemd/
++usr/share/man/man3/sd*
++usr/share/man/man3/SD*
--- /dev/null
--- /dev/null
++lib/*/libsystemd.so.*
--- /dev/null
--- /dev/null
++libsystemd.so.0 libsystemd0 #MINVER#
++* Build-Depends-Package: libsystemd-dev
++ LIBSYSTEMD_209@LIBSYSTEMD_209 0
++ LIBSYSTEMD_211@LIBSYSTEMD_211 211
++ LIBSYSTEMD_213@LIBSYSTEMD_213 213
++ LIBSYSTEMD_214@LIBSYSTEMD_214 214
++ LIBSYSTEMD_216@LIBSYSTEMD_216 217
++ LIBSYSTEMD_217@LIBSYSTEMD_217 217
++ LIBSYSTEMD_219@LIBSYSTEMD_219 219
++ LIBSYSTEMD_220@LIBSYSTEMD_220 220
++ LIBSYSTEMD_221@LIBSYSTEMD_221 221
++ LIBSYSTEMD_222@LIBSYSTEMD_222 222
++ LIBSYSTEMD_226@LIBSYSTEMD_226 226
++ LIBSYSTEMD_227@LIBSYSTEMD_227 227
++ LIBSYSTEMD_229@LIBSYSTEMD_229 229
++ LIBSYSTEMD_230@LIBSYSTEMD_230 230
++ LIBSYSTEMD_231@LIBSYSTEMD_231 231
++ LIBSYSTEMD_232@LIBSYSTEMD_232 232
++ LIBSYSTEMD_233@LIBSYSTEMD_233 233
++ LIBSYSTEMD_234@LIBSYSTEMD_234 234
++ LIBSYSTEMD_236@LIBSYSTEMD_236 236
++ LIBSYSTEMD_237@LIBSYSTEMD_237 237
++ LIBSYSTEMD_238@LIBSYSTEMD_238 238
++ LIBSYSTEMD_239@LIBSYSTEMD_239 239
++ LIBSYSTEMD_240@LIBSYSTEMD_240 240
++ LIBSYSTEMD_241@LIBSYSTEMD_241 241
++ LIBSYSTEMD_243@LIBSYSTEMD_243 243
++ sd_booted@LIBSYSTEMD_209 0
++ sd_bus_add_fallback@LIBSYSTEMD_221 221
++ sd_bus_add_fallback_vtable@LIBSYSTEMD_221 221
++ sd_bus_add_filter@LIBSYSTEMD_221 221
++ sd_bus_add_match@LIBSYSTEMD_221 221
++ sd_bus_add_match_async@LIBSYSTEMD_237 237
++ sd_bus_add_node_enumerator@LIBSYSTEMD_221 221
++ sd_bus_add_object@LIBSYSTEMD_221 221
++ sd_bus_add_object_manager@LIBSYSTEMD_221 221
++ sd_bus_add_object_vtable@LIBSYSTEMD_221 221
++ sd_bus_attach_event@LIBSYSTEMD_221 221
++ sd_bus_call@LIBSYSTEMD_221 221
++ sd_bus_call_async@LIBSYSTEMD_221 221
++ sd_bus_call_method@LIBSYSTEMD_221 221
++ sd_bus_call_method_async@LIBSYSTEMD_221 221
++ sd_bus_can_send@LIBSYSTEMD_221 221
++ sd_bus_close@LIBSYSTEMD_221 221
++ sd_bus_close_unref@LIBSYSTEMD_241 241
++ sd_bus_creds_get_audit_login_uid@LIBSYSTEMD_221 221
++ sd_bus_creds_get_audit_session_id@LIBSYSTEMD_221 221
++ sd_bus_creds_get_augmented_mask@LIBSYSTEMD_221 221
++ sd_bus_creds_get_cgroup@LIBSYSTEMD_221 221
++ sd_bus_creds_get_cmdline@LIBSYSTEMD_221 221
++ sd_bus_creds_get_comm@LIBSYSTEMD_221 221
++ sd_bus_creds_get_description@LIBSYSTEMD_221 221
++ sd_bus_creds_get_egid@LIBSYSTEMD_221 221
++ sd_bus_creds_get_euid@LIBSYSTEMD_221 221
++ sd_bus_creds_get_exe@LIBSYSTEMD_221 221
++ sd_bus_creds_get_fsgid@LIBSYSTEMD_221 221
++ sd_bus_creds_get_fsuid@LIBSYSTEMD_221 221
++ sd_bus_creds_get_gid@LIBSYSTEMD_221 221
++ sd_bus_creds_get_mask@LIBSYSTEMD_221 221
++ sd_bus_creds_get_owner_uid@LIBSYSTEMD_221 221
++ sd_bus_creds_get_pid@LIBSYSTEMD_221 221
++ sd_bus_creds_get_ppid@LIBSYSTEMD_221 221
++ sd_bus_creds_get_selinux_context@LIBSYSTEMD_221 221
++ sd_bus_creds_get_session@LIBSYSTEMD_221 221
++ sd_bus_creds_get_sgid@LIBSYSTEMD_221 221
++ sd_bus_creds_get_slice@LIBSYSTEMD_221 221
++ sd_bus_creds_get_suid@LIBSYSTEMD_221 221
++ sd_bus_creds_get_supplementary_gids@LIBSYSTEMD_221 221
++ sd_bus_creds_get_tid@LIBSYSTEMD_221 221
++ sd_bus_creds_get_tid_comm@LIBSYSTEMD_221 221
++ sd_bus_creds_get_tty@LIBSYSTEMD_221 221
++ sd_bus_creds_get_uid@LIBSYSTEMD_221 221
++ sd_bus_creds_get_unique_name@LIBSYSTEMD_221 221
++ sd_bus_creds_get_unit@LIBSYSTEMD_221 221
++ sd_bus_creds_get_user_slice@LIBSYSTEMD_221 221
++ sd_bus_creds_get_user_unit@LIBSYSTEMD_221 221
++ sd_bus_creds_get_well_known_names@LIBSYSTEMD_221 221
++ sd_bus_creds_has_bounding_cap@LIBSYSTEMD_221 221
++ sd_bus_creds_has_effective_cap@LIBSYSTEMD_221 221
++ sd_bus_creds_has_inheritable_cap@LIBSYSTEMD_221 221
++ sd_bus_creds_has_permitted_cap@LIBSYSTEMD_221 221
++ sd_bus_creds_new_from_pid@LIBSYSTEMD_221 221
++ sd_bus_creds_ref@LIBSYSTEMD_221 221
++ sd_bus_creds_unref@LIBSYSTEMD_221 221
++ sd_bus_default@LIBSYSTEMD_221 221
++ sd_bus_default_flush_close@LIBSYSTEMD_227 227
++ sd_bus_default_system@LIBSYSTEMD_221 221
++ sd_bus_default_user@LIBSYSTEMD_221 221
++ sd_bus_detach_event@LIBSYSTEMD_221 221
++ sd_bus_emit_interfaces_added@LIBSYSTEMD_221 221
++ sd_bus_emit_interfaces_added_strv@LIBSYSTEMD_221 221
++ sd_bus_emit_interfaces_removed@LIBSYSTEMD_221 221
++ sd_bus_emit_interfaces_removed_strv@LIBSYSTEMD_221 221
++ sd_bus_emit_object_added@LIBSYSTEMD_222 222
++ sd_bus_emit_object_removed@LIBSYSTEMD_222 222
++ sd_bus_emit_properties_changed@LIBSYSTEMD_221 221
++ sd_bus_emit_properties_changed_strv@LIBSYSTEMD_221 221
++ sd_bus_emit_signal@LIBSYSTEMD_221 221
++ sd_bus_error_add_map@LIBSYSTEMD_221 221
++ sd_bus_error_copy@LIBSYSTEMD_221 221
++ sd_bus_error_free@LIBSYSTEMD_221 221
++ sd_bus_error_get_errno@LIBSYSTEMD_221 221
++ sd_bus_error_has_name@LIBSYSTEMD_221 221
++ sd_bus_error_is_set@LIBSYSTEMD_221 221
++ sd_bus_error_move@LIBSYSTEMD_240 240
++ sd_bus_error_set@LIBSYSTEMD_221 221
++ sd_bus_error_set_const@LIBSYSTEMD_221 221
++ sd_bus_error_set_errno@LIBSYSTEMD_221 221
++ sd_bus_error_set_errnof@LIBSYSTEMD_221 221
++ sd_bus_error_set_errnofv@LIBSYSTEMD_221 221
++ sd_bus_error_setf@LIBSYSTEMD_221 221
++ sd_bus_flush@LIBSYSTEMD_221 221
++ sd_bus_flush_close_unref@LIBSYSTEMD_222 222
++ sd_bus_get_address@LIBSYSTEMD_221 221
++ sd_bus_get_allow_interactive_authorization@LIBSYSTEMD_221 221
++ sd_bus_get_bus_id@LIBSYSTEMD_221 221
++ sd_bus_get_close_on_exit@LIBSYSTEMD_240 240
++ sd_bus_get_connected_signal@LIBSYSTEMD_237 237
++ sd_bus_get_creds_mask@LIBSYSTEMD_221 221
++ sd_bus_get_current_handler@LIBSYSTEMD_221 221
++ sd_bus_get_current_message@LIBSYSTEMD_221 221
++ sd_bus_get_current_slot@LIBSYSTEMD_221 221
++ sd_bus_get_current_userdata@LIBSYSTEMD_221 221
++ sd_bus_get_description@LIBSYSTEMD_221 221
++ sd_bus_get_event@LIBSYSTEMD_221 221
++ sd_bus_get_events@LIBSYSTEMD_221 221
++ sd_bus_get_exit_on_disconnect@LIBSYSTEMD_232 232
++ sd_bus_get_fd@LIBSYSTEMD_221 221
++ sd_bus_get_method_call_timeout@LIBSYSTEMD_240 240
++ sd_bus_get_n_queued_read@LIBSYSTEMD_238 238
++ sd_bus_get_n_queued_write@LIBSYSTEMD_238 238
++ sd_bus_get_name_creds@LIBSYSTEMD_221 221
++ sd_bus_get_name_machine_id@LIBSYSTEMD_221 221
++ sd_bus_get_owner_creds@LIBSYSTEMD_221 221
++ sd_bus_get_property@LIBSYSTEMD_221 221
++ sd_bus_get_property_string@LIBSYSTEMD_221 221
++ sd_bus_get_property_strv@LIBSYSTEMD_221 221
++ sd_bus_get_property_trivial@LIBSYSTEMD_221 221
++ sd_bus_get_scope@LIBSYSTEMD_221 221
++ sd_bus_get_sender@LIBSYSTEMD_237 237
++ sd_bus_get_tid@LIBSYSTEMD_221 221
++ sd_bus_get_timeout@LIBSYSTEMD_221 221
++ sd_bus_get_unique_name@LIBSYSTEMD_221 221
++ sd_bus_get_watch_bind@LIBSYSTEMD_237 237
++ sd_bus_is_anonymous@LIBSYSTEMD_221 221
++ sd_bus_is_bus_client@LIBSYSTEMD_221 221
++ sd_bus_is_monitor@LIBSYSTEMD_221 221
++ sd_bus_is_open@LIBSYSTEMD_221 221
++ sd_bus_is_ready@LIBSYSTEMD_237 237
++ sd_bus_is_server@LIBSYSTEMD_221 221
++ sd_bus_is_trusted@LIBSYSTEMD_221 221
++ sd_bus_list_names@LIBSYSTEMD_221 221
++ sd_bus_match_signal@LIBSYSTEMD_237 237
++ sd_bus_match_signal_async@LIBSYSTEMD_237 237
++ sd_bus_message_append@LIBSYSTEMD_221 221
++ sd_bus_message_append_array@LIBSYSTEMD_221 221
++ sd_bus_message_append_array_iovec@LIBSYSTEMD_221 221
++ sd_bus_message_append_array_memfd@LIBSYSTEMD_221 221
++ sd_bus_message_append_array_space@LIBSYSTEMD_221 221
++ sd_bus_message_append_basic@LIBSYSTEMD_221 221
++ sd_bus_message_append_string_iovec@LIBSYSTEMD_221 221
++ sd_bus_message_append_string_memfd@LIBSYSTEMD_221 221
++ sd_bus_message_append_string_space@LIBSYSTEMD_221 221
++ sd_bus_message_append_strv@LIBSYSTEMD_221 221
++ sd_bus_message_appendv@LIBSYSTEMD_234 234
++ sd_bus_message_at_end@LIBSYSTEMD_221 221
++ sd_bus_message_close_container@LIBSYSTEMD_221 221
++ sd_bus_message_copy@LIBSYSTEMD_221 221
++ sd_bus_message_enter_container@LIBSYSTEMD_221 221
++ sd_bus_message_exit_container@LIBSYSTEMD_221 221
++ sd_bus_message_get_allow_interactive_authorization@LIBSYSTEMD_221 221
++ sd_bus_message_get_auto_start@LIBSYSTEMD_221 221
++ sd_bus_message_get_bus@LIBSYSTEMD_221 221
++ sd_bus_message_get_cookie@LIBSYSTEMD_221 221
++ sd_bus_message_get_creds@LIBSYSTEMD_221 221
++ sd_bus_message_get_destination@LIBSYSTEMD_221 221
++ sd_bus_message_get_errno@LIBSYSTEMD_221 221
++ sd_bus_message_get_error@LIBSYSTEMD_221 221
++ sd_bus_message_get_expect_reply@LIBSYSTEMD_221 221
++ sd_bus_message_get_interface@LIBSYSTEMD_221 221
++ sd_bus_message_get_member@LIBSYSTEMD_221 221
++ sd_bus_message_get_monotonic_usec@LIBSYSTEMD_221 221
++ sd_bus_message_get_path@LIBSYSTEMD_221 221
++ sd_bus_message_get_priority@LIBSYSTEMD_221 221
++ sd_bus_message_get_realtime_usec@LIBSYSTEMD_221 221
++ sd_bus_message_get_reply_cookie@LIBSYSTEMD_221 221
++ sd_bus_message_get_sender@LIBSYSTEMD_221 221
++ sd_bus_message_get_seqnum@LIBSYSTEMD_221 221
++ sd_bus_message_get_signature@LIBSYSTEMD_221 221
++ sd_bus_message_get_type@LIBSYSTEMD_221 221
++ sd_bus_message_has_signature@LIBSYSTEMD_221 221
++ sd_bus_message_is_empty@LIBSYSTEMD_221 221
++ sd_bus_message_is_method_call@LIBSYSTEMD_221 221
++ sd_bus_message_is_method_error@LIBSYSTEMD_221 221
++ sd_bus_message_is_signal@LIBSYSTEMD_221 221
++ sd_bus_message_new@LIBSYSTEMD_236 236
++ sd_bus_message_new_method_call@LIBSYSTEMD_221 221
++ sd_bus_message_new_method_errno@LIBSYSTEMD_221 221
++ sd_bus_message_new_method_errnof@LIBSYSTEMD_221 221
++ sd_bus_message_new_method_error@LIBSYSTEMD_221 221
++ sd_bus_message_new_method_errorf@LIBSYSTEMD_221 221
++ sd_bus_message_new_method_return@LIBSYSTEMD_221 221
++ sd_bus_message_new_signal@LIBSYSTEMD_221 221
++ sd_bus_message_open_container@LIBSYSTEMD_221 221
++ sd_bus_message_peek_type@LIBSYSTEMD_221 221
++ sd_bus_message_read@LIBSYSTEMD_221 221
++ sd_bus_message_read_array@LIBSYSTEMD_221 221
++ sd_bus_message_read_basic@LIBSYSTEMD_221 221
++ sd_bus_message_read_strv@LIBSYSTEMD_221 221
++ sd_bus_message_readv@LIBSYSTEMD_240 240
++ sd_bus_message_ref@LIBSYSTEMD_221 221
++ sd_bus_message_rewind@LIBSYSTEMD_221 221
++ sd_bus_message_seal@LIBSYSTEMD_236 236
++ sd_bus_message_set_allow_interactive_authorization@LIBSYSTEMD_221 221
++ sd_bus_message_set_auto_start@LIBSYSTEMD_221 221
++ sd_bus_message_set_destination@LIBSYSTEMD_221 221
++ sd_bus_message_set_expect_reply@LIBSYSTEMD_221 221
++ sd_bus_message_set_priority@LIBSYSTEMD_221 221
++ sd_bus_message_set_sender@LIBSYSTEMD_237 237
++ sd_bus_message_skip@LIBSYSTEMD_221 221
++ sd_bus_message_unref@LIBSYSTEMD_221 221
++ sd_bus_message_verify_type@LIBSYSTEMD_221 221
++ sd_bus_negotiate_creds@LIBSYSTEMD_221 221
++ sd_bus_negotiate_fds@LIBSYSTEMD_221 221
++ sd_bus_negotiate_timestamp@LIBSYSTEMD_221 221
++ sd_bus_new@LIBSYSTEMD_221 221
++ sd_bus_object_vtable_format@LIBSYSTEMD_243 243
++ sd_bus_open@LIBSYSTEMD_221 221
++ sd_bus_open_system@LIBSYSTEMD_221 221
++ sd_bus_open_system_machine@LIBSYSTEMD_221 221
++ sd_bus_open_system_remote@LIBSYSTEMD_221 221
++ sd_bus_open_system_with_description@LIBSYSTEMD_239 239
++ sd_bus_open_user@LIBSYSTEMD_221 221
++ sd_bus_open_user_with_description@LIBSYSTEMD_239 239
++ sd_bus_open_with_description@LIBSYSTEMD_239 239
++ sd_bus_path_decode@LIBSYSTEMD_221 221
++ sd_bus_path_decode_many@LIBSYSTEMD_227 227
++ sd_bus_path_encode@LIBSYSTEMD_221 221
++ sd_bus_path_encode_many@LIBSYSTEMD_227 227
++ sd_bus_process@LIBSYSTEMD_221 221
++ sd_bus_process_priority@LIBSYSTEMD_221 221
++ sd_bus_query_sender_creds@LIBSYSTEMD_221 221
++ sd_bus_query_sender_privilege@LIBSYSTEMD_221 221
++ sd_bus_ref@LIBSYSTEMD_221 221
++ sd_bus_release_name@LIBSYSTEMD_221 221
++ sd_bus_release_name_async@LIBSYSTEMD_237 237
++ sd_bus_reply_method_errno@LIBSYSTEMD_221 221
++ sd_bus_reply_method_errnof@LIBSYSTEMD_221 221
++ sd_bus_reply_method_error@LIBSYSTEMD_221 221
++ sd_bus_reply_method_errorf@LIBSYSTEMD_221 221
++ sd_bus_reply_method_return@LIBSYSTEMD_221 221
++ sd_bus_request_name@LIBSYSTEMD_221 221
++ sd_bus_request_name_async@LIBSYSTEMD_237 237
++ sd_bus_send@LIBSYSTEMD_221 221
++ sd_bus_send_to@LIBSYSTEMD_221 221
++ sd_bus_set_address@LIBSYSTEMD_221 221
++ sd_bus_set_allow_interactive_authorization@LIBSYSTEMD_221 221
++ sd_bus_set_anonymous@LIBSYSTEMD_221 221
++ sd_bus_set_bus_client@LIBSYSTEMD_221 221
++ sd_bus_set_close_on_exit@LIBSYSTEMD_240 240
++ sd_bus_set_connected_signal@LIBSYSTEMD_237 237
++ sd_bus_set_description@LIBSYSTEMD_221 221
++ sd_bus_set_exec@LIBSYSTEMD_221 221
++ sd_bus_set_exit_on_disconnect@LIBSYSTEMD_232 232
++ sd_bus_set_fd@LIBSYSTEMD_221 221
++ sd_bus_set_method_call_timeout@LIBSYSTEMD_240 240
++ sd_bus_set_monitor@LIBSYSTEMD_221 221
++ sd_bus_set_property@LIBSYSTEMD_221 221
++ sd_bus_set_sender@LIBSYSTEMD_237 237
++ sd_bus_set_server@LIBSYSTEMD_221 221
++ sd_bus_set_trusted@LIBSYSTEMD_221 221
++ sd_bus_set_watch_bind@LIBSYSTEMD_237 237
++ sd_bus_slot_get_bus@LIBSYSTEMD_221 221
++ sd_bus_slot_get_current_handler@LIBSYSTEMD_221 221
++ sd_bus_slot_get_current_message@LIBSYSTEMD_221 221
++ sd_bus_slot_get_current_userdata@LIBSYSTEMD_221 221
++ sd_bus_slot_get_description@LIBSYSTEMD_221 221
++ sd_bus_slot_get_destroy_callback@LIBSYSTEMD_239 239
++ sd_bus_slot_get_floating@LIBSYSTEMD_239 239
++ sd_bus_slot_get_userdata@LIBSYSTEMD_221 221
++ sd_bus_slot_ref@LIBSYSTEMD_221 221
++ sd_bus_slot_set_description@LIBSYSTEMD_221 221
++ sd_bus_slot_set_destroy_callback@LIBSYSTEMD_239 239
++ sd_bus_slot_set_floating@LIBSYSTEMD_239 239
++ sd_bus_slot_set_userdata@LIBSYSTEMD_221 221
++ sd_bus_slot_unref@LIBSYSTEMD_221 221
++ sd_bus_start@LIBSYSTEMD_221 221
++ sd_bus_track_add_name@LIBSYSTEMD_221 221
++ sd_bus_track_add_sender@LIBSYSTEMD_221 221
++ sd_bus_track_contains@LIBSYSTEMD_221 221
++ sd_bus_track_count@LIBSYSTEMD_221 221
++ sd_bus_track_count_name@LIBSYSTEMD_232 232
++ sd_bus_track_count_sender@LIBSYSTEMD_232 232
++ sd_bus_track_first@LIBSYSTEMD_221 221
++ sd_bus_track_get_bus@LIBSYSTEMD_221 221
++ sd_bus_track_get_destroy_callback@LIBSYSTEMD_239 239
++ sd_bus_track_get_recursive@LIBSYSTEMD_232 232
++ sd_bus_track_get_userdata@LIBSYSTEMD_221 221
++ sd_bus_track_new@LIBSYSTEMD_221 221
++ sd_bus_track_next@LIBSYSTEMD_221 221
++ sd_bus_track_ref@LIBSYSTEMD_221 221
++ sd_bus_track_remove_name@LIBSYSTEMD_221 221
++ sd_bus_track_remove_sender@LIBSYSTEMD_221 221
++ sd_bus_track_set_destroy_callback@LIBSYSTEMD_239 239
++ sd_bus_track_set_recursive@LIBSYSTEMD_232 232
++ sd_bus_track_set_userdata@LIBSYSTEMD_221 221
++ sd_bus_track_unref@LIBSYSTEMD_221 221
++ sd_bus_try_close@LIBSYSTEMD_221 221
++ sd_bus_unref@LIBSYSTEMD_221 221
++ sd_bus_wait@LIBSYSTEMD_221 221
++ sd_device_enumerator_add_match_parent@LIBSYSTEMD_240 240
++ sd_device_enumerator_add_match_property@LIBSYSTEMD_240 240
++ sd_device_enumerator_add_match_subsystem@LIBSYSTEMD_240 240
++ sd_device_enumerator_add_match_sysattr@LIBSYSTEMD_240 240
++ sd_device_enumerator_add_match_sysname@LIBSYSTEMD_240 240
++ sd_device_enumerator_add_match_tag@LIBSYSTEMD_240 240
++ sd_device_enumerator_allow_uninitialized@LIBSYSTEMD_240 240
++ sd_device_enumerator_get_device_first@LIBSYSTEMD_240 240
++ sd_device_enumerator_get_device_next@LIBSYSTEMD_240 240
++ sd_device_enumerator_get_subsystem_first@LIBSYSTEMD_240 240
++ sd_device_enumerator_get_subsystem_next@LIBSYSTEMD_240 240
++ sd_device_enumerator_new@LIBSYSTEMD_240 240
++ sd_device_enumerator_ref@LIBSYSTEMD_240 240
++ sd_device_enumerator_unref@LIBSYSTEMD_240 240
++ sd_device_get_devlink_first@LIBSYSTEMD_240 240
++ sd_device_get_devlink_next@LIBSYSTEMD_240 240
++ sd_device_get_devname@LIBSYSTEMD_240 240
++ sd_device_get_devnum@LIBSYSTEMD_240 240
++ sd_device_get_devpath@LIBSYSTEMD_240 240
++ sd_device_get_devtype@LIBSYSTEMD_240 240
++ sd_device_get_driver@LIBSYSTEMD_240 240
++ sd_device_get_ifindex@LIBSYSTEMD_240 240
++ sd_device_get_is_initialized@LIBSYSTEMD_240 240
++ sd_device_get_parent@LIBSYSTEMD_240 240
++ sd_device_get_parent_with_subsystem_devtype@LIBSYSTEMD_240 240
++ sd_device_get_property_first@LIBSYSTEMD_240 240
++ sd_device_get_property_next@LIBSYSTEMD_240 240
++ sd_device_get_property_value@LIBSYSTEMD_240 240
++ sd_device_get_subsystem@LIBSYSTEMD_240 240
++ sd_device_get_sysattr_first@LIBSYSTEMD_240 240
++ sd_device_get_sysattr_next@LIBSYSTEMD_240 240
++ sd_device_get_sysattr_value@LIBSYSTEMD_240 240
++ sd_device_get_sysname@LIBSYSTEMD_240 240
++ sd_device_get_sysnum@LIBSYSTEMD_240 240
++ sd_device_get_syspath@LIBSYSTEMD_240 240
++ sd_device_get_tag_first@LIBSYSTEMD_240 240
++ sd_device_get_tag_next@LIBSYSTEMD_240 240
++ sd_device_get_usec_since_initialized@LIBSYSTEMD_240 240
++ sd_device_has_tag@LIBSYSTEMD_240 240
++ sd_device_monitor_attach_event@LIBSYSTEMD_240 240
++ sd_device_monitor_detach_event@LIBSYSTEMD_240 240
++ sd_device_monitor_filter_add_match_subsystem_devtype@LIBSYSTEMD_240 240
++ sd_device_monitor_filter_add_match_tag@LIBSYSTEMD_240 240
++ sd_device_monitor_filter_remove@LIBSYSTEMD_240 240
++ sd_device_monitor_filter_update@LIBSYSTEMD_240 240
++ sd_device_monitor_get_event@LIBSYSTEMD_240 240
++ sd_device_monitor_get_event_source@LIBSYSTEMD_240 240
++ sd_device_monitor_new@LIBSYSTEMD_240 240
++ sd_device_monitor_ref@LIBSYSTEMD_240 240
++ sd_device_monitor_set_receive_buffer_size@LIBSYSTEMD_240 240
++ sd_device_monitor_start@LIBSYSTEMD_240 240
++ sd_device_monitor_stop@LIBSYSTEMD_240 240
++ sd_device_monitor_unref@LIBSYSTEMD_240 240
++ sd_device_new_from_device_id@LIBSYSTEMD_240 240
++ sd_device_new_from_devnum@LIBSYSTEMD_240 240
++ sd_device_new_from_subsystem_sysname@LIBSYSTEMD_240 240
++ sd_device_new_from_syspath@LIBSYSTEMD_240 240
++ sd_device_ref@LIBSYSTEMD_240 240
++ sd_device_set_sysattr_value@LIBSYSTEMD_240 240
++ sd_device_unref@LIBSYSTEMD_240 240
++ sd_event_add_child@LIBSYSTEMD_221 221
++ sd_event_add_defer@LIBSYSTEMD_221 221
++ sd_event_add_exit@LIBSYSTEMD_221 221
++ sd_event_add_inotify@LIBSYSTEMD_239 239
++ sd_event_add_io@LIBSYSTEMD_221 221
++ sd_event_add_post@LIBSYSTEMD_221 221
++ sd_event_add_signal@LIBSYSTEMD_221 221
++ sd_event_add_time@LIBSYSTEMD_221 221
++ sd_event_default@LIBSYSTEMD_221 221
++ sd_event_dispatch@LIBSYSTEMD_221 221
++ sd_event_exit@LIBSYSTEMD_221 221
++ sd_event_get_exit_code@LIBSYSTEMD_221 221
++ sd_event_get_fd@LIBSYSTEMD_221 221
++ sd_event_get_iteration@LIBSYSTEMD_231 231
++ sd_event_get_state@LIBSYSTEMD_221 221
++ sd_event_get_tid@LIBSYSTEMD_221 221
++ sd_event_get_watchdog@LIBSYSTEMD_221 221
++ sd_event_loop@LIBSYSTEMD_221 221
++ sd_event_new@LIBSYSTEMD_221 221
++ sd_event_now@LIBSYSTEMD_221 221
++ sd_event_prepare@LIBSYSTEMD_221 221
++ sd_event_ref@LIBSYSTEMD_221 221
++ sd_event_run@LIBSYSTEMD_221 221
++ sd_event_set_watchdog@LIBSYSTEMD_221 221
++ sd_event_source_disable_unref@LIBSYSTEMD_243 243
++ sd_event_source_get_child_pid@LIBSYSTEMD_221 221
++ sd_event_source_get_description@LIBSYSTEMD_221 221
++ sd_event_source_get_destroy_callback@LIBSYSTEMD_239 239
++ sd_event_source_get_enabled@LIBSYSTEMD_221 221
++ sd_event_source_get_event@LIBSYSTEMD_221 221
++ sd_event_source_get_floating@LIBSYSTEMD_240 240
++ sd_event_source_get_inotify_mask@LIBSYSTEMD_239 239
++ sd_event_source_get_io_events@LIBSYSTEMD_221 221
++ sd_event_source_get_io_fd@LIBSYSTEMD_221 221
++ sd_event_source_get_io_fd_own@LIBSYSTEMD_237 237
++ sd_event_source_get_io_revents@LIBSYSTEMD_221 221
++ sd_event_source_get_pending@LIBSYSTEMD_221 221
++ sd_event_source_get_priority@LIBSYSTEMD_221 221
++ sd_event_source_get_signal@LIBSYSTEMD_221 221
++ sd_event_source_get_time@LIBSYSTEMD_221 221
++ sd_event_source_get_time_accuracy@LIBSYSTEMD_221 221
++ sd_event_source_get_time_clock@LIBSYSTEMD_221 221
++ sd_event_source_get_userdata@LIBSYSTEMD_221 221
++ sd_event_source_ref@LIBSYSTEMD_221 221
++ sd_event_source_set_description@LIBSYSTEMD_221 221
++ sd_event_source_set_destroy_callback@LIBSYSTEMD_239 239
++ sd_event_source_set_enabled@LIBSYSTEMD_221 221
++ sd_event_source_set_floating@LIBSYSTEMD_240 240
++ sd_event_source_set_io_events@LIBSYSTEMD_221 221
++ sd_event_source_set_io_fd@LIBSYSTEMD_221 221
++ sd_event_source_set_io_fd_own@LIBSYSTEMD_237 237
++ sd_event_source_set_prepare@LIBSYSTEMD_221 221
++ sd_event_source_set_priority@LIBSYSTEMD_221 221
++ sd_event_source_set_time@LIBSYSTEMD_221 221
++ sd_event_source_set_time_accuracy@LIBSYSTEMD_221 221
++ sd_event_source_set_userdata@LIBSYSTEMD_221 221
++ sd_event_source_unref@LIBSYSTEMD_221 221
++ sd_event_unref@LIBSYSTEMD_221 221
++ sd_event_wait@LIBSYSTEMD_221 221
++ sd_get_machine_names@LIBSYSTEMD_209 0
++ sd_get_seats@LIBSYSTEMD_209 0
++ sd_get_sessions@LIBSYSTEMD_209 0
++ sd_get_uids@LIBSYSTEMD_209 0
++ sd_hwdb_enumerate@LIBSYSTEMD_240 240
++ sd_hwdb_get@LIBSYSTEMD_240 240
++ sd_hwdb_new@LIBSYSTEMD_240 240
++ sd_hwdb_ref@LIBSYSTEMD_240 240
++ sd_hwdb_seek@LIBSYSTEMD_240 240
++ sd_hwdb_unref@LIBSYSTEMD_240 240
++ sd_id128_from_string@LIBSYSTEMD_209 0
++ sd_id128_get_boot@LIBSYSTEMD_209 0
++ sd_id128_get_boot_app_specific@LIBSYSTEMD_240 240
++ sd_id128_get_invocation@LIBSYSTEMD_232 232
++ sd_id128_get_machine@LIBSYSTEMD_209 0
++ sd_id128_get_machine_app_specific@LIBSYSTEMD_233 233
++ sd_id128_randomize@LIBSYSTEMD_209 0
++ sd_id128_to_string@LIBSYSTEMD_209 0
++ sd_is_fifo@LIBSYSTEMD_209 0
++ sd_is_mq@LIBSYSTEMD_209 0
++ sd_is_socket@LIBSYSTEMD_209 0
++ sd_is_socket_inet@LIBSYSTEMD_209 0
++ sd_is_socket_sockaddr@LIBSYSTEMD_233 233
++ sd_is_socket_unix@LIBSYSTEMD_209 0
++ sd_is_special@LIBSYSTEMD_209 0
++ sd_journal_add_conjunction@LIBSYSTEMD_209 0
++ sd_journal_add_disjunction@LIBSYSTEMD_209 0
++ sd_journal_add_match@LIBSYSTEMD_209 0
++ sd_journal_close@LIBSYSTEMD_209 0
++ sd_journal_enumerate_data@LIBSYSTEMD_209 0
++ sd_journal_enumerate_fields@LIBSYSTEMD_229 229
++ sd_journal_enumerate_unique@LIBSYSTEMD_209 0
++ sd_journal_flush_matches@LIBSYSTEMD_209 0
++ sd_journal_get_catalog@LIBSYSTEMD_209 0
++ sd_journal_get_catalog_for_message_id@LIBSYSTEMD_209 0
++ sd_journal_get_cursor@LIBSYSTEMD_209 0
++ sd_journal_get_cutoff_monotonic_usec@LIBSYSTEMD_209 0
++ sd_journal_get_cutoff_realtime_usec@LIBSYSTEMD_209 0
++ sd_journal_get_data@LIBSYSTEMD_209 0
++ sd_journal_get_data_threshold@LIBSYSTEMD_209 0
++ sd_journal_get_events@LIBSYSTEMD_209 0
++ sd_journal_get_fd@LIBSYSTEMD_209 0
++ sd_journal_get_monotonic_usec@LIBSYSTEMD_209 0
++ sd_journal_get_realtime_usec@LIBSYSTEMD_209 0
++ sd_journal_get_timeout@LIBSYSTEMD_209 0
++ sd_journal_get_usage@LIBSYSTEMD_209 0
++ sd_journal_has_persistent_files@LIBSYSTEMD_229 229
++ sd_journal_has_runtime_files@LIBSYSTEMD_229 229
++ sd_journal_next@LIBSYSTEMD_209 0
++ sd_journal_next_skip@LIBSYSTEMD_209 0
++ sd_journal_open@LIBSYSTEMD_209 0
++ sd_journal_open_container@LIBSYSTEMD_209 0
++ sd_journal_open_directory@LIBSYSTEMD_209 0
++ sd_journal_open_directory_fd@LIBSYSTEMD_230 230
++ sd_journal_open_files@LIBSYSTEMD_209 0
++ sd_journal_open_files_fd@LIBSYSTEMD_230 230
++ sd_journal_perror@LIBSYSTEMD_209 0
++ sd_journal_perror_with_location@LIBSYSTEMD_209 0
++ sd_journal_previous@LIBSYSTEMD_209 0
++ sd_journal_previous_skip@LIBSYSTEMD_209 0
++ sd_journal_print@LIBSYSTEMD_209 0
++ sd_journal_print_with_location@LIBSYSTEMD_209 0
++ sd_journal_printv@LIBSYSTEMD_209 0
++ sd_journal_printv_with_location@LIBSYSTEMD_209 0
++ sd_journal_process@LIBSYSTEMD_209 0
++ sd_journal_query_unique@LIBSYSTEMD_209 0
++ sd_journal_reliable_fd@LIBSYSTEMD_209 0
++ sd_journal_restart_data@LIBSYSTEMD_209 0
++ sd_journal_restart_fields@LIBSYSTEMD_229 229
++ sd_journal_restart_unique@LIBSYSTEMD_209 0
++ sd_journal_seek_cursor@LIBSYSTEMD_209 0
++ sd_journal_seek_head@LIBSYSTEMD_209 0
++ sd_journal_seek_monotonic_usec@LIBSYSTEMD_209 0
++ sd_journal_seek_realtime_usec@LIBSYSTEMD_209 0
++ sd_journal_seek_tail@LIBSYSTEMD_209 0
++ sd_journal_send@LIBSYSTEMD_209 0
++ sd_journal_send_with_location@LIBSYSTEMD_209 0
++ sd_journal_sendv@LIBSYSTEMD_209 0
++ sd_journal_sendv_with_location@LIBSYSTEMD_209 0
++ sd_journal_set_data_threshold@LIBSYSTEMD_209 0
++ sd_journal_stream_fd@LIBSYSTEMD_209 0
++ sd_journal_test_cursor@LIBSYSTEMD_209 0
++ sd_journal_wait@LIBSYSTEMD_209 0
++ sd_listen_fds@LIBSYSTEMD_209 0
++ sd_listen_fds_with_names@LIBSYSTEMD_227 227
++ sd_login_monitor_flush@LIBSYSTEMD_209 0
++ sd_login_monitor_get_events@LIBSYSTEMD_209 0
++ sd_login_monitor_get_fd@LIBSYSTEMD_209 0
++ sd_login_monitor_get_timeout@LIBSYSTEMD_209 0
++ sd_login_monitor_new@LIBSYSTEMD_209 0
++ sd_login_monitor_unref@LIBSYSTEMD_209 0
++ sd_machine_get_class@LIBSYSTEMD_211 211
++ sd_machine_get_ifindices@LIBSYSTEMD_216 217
++ sd_notify@LIBSYSTEMD_209 0
++ sd_notifyf@LIBSYSTEMD_209 0
++ sd_peer_get_cgroup@LIBSYSTEMD_226 226
++ sd_peer_get_machine_name@LIBSYSTEMD_211 211
++ sd_peer_get_owner_uid@LIBSYSTEMD_211 211
++ sd_peer_get_session@LIBSYSTEMD_211 211
++ sd_peer_get_slice@LIBSYSTEMD_211 211
++ sd_peer_get_unit@LIBSYSTEMD_211 211
++ sd_peer_get_user_slice@LIBSYSTEMD_220 220
++ sd_peer_get_user_unit@LIBSYSTEMD_211 211
++ sd_pid_get_cgroup@LIBSYSTEMD_226 226
++ sd_pid_get_machine_name@LIBSYSTEMD_209 0
++ sd_pid_get_owner_uid@LIBSYSTEMD_209 0
++ sd_pid_get_session@LIBSYSTEMD_209 0
++ sd_pid_get_slice@LIBSYSTEMD_209 0
++ sd_pid_get_unit@LIBSYSTEMD_209 0
++ sd_pid_get_user_slice@LIBSYSTEMD_220 220
++ sd_pid_get_user_unit@LIBSYSTEMD_209 0
++ sd_pid_notify@LIBSYSTEMD_214 214
++ sd_pid_notify_with_fds@LIBSYSTEMD_219 219
++ sd_pid_notifyf@LIBSYSTEMD_214 214
++ sd_seat_can_graphical@LIBSYSTEMD_209 0
++ sd_seat_can_multi_session@LIBSYSTEMD_209 0
++ sd_seat_can_tty@LIBSYSTEMD_209 0
++ sd_seat_get_active@LIBSYSTEMD_209 0
++ sd_seat_get_sessions@LIBSYSTEMD_209 0
++ sd_session_get_class@LIBSYSTEMD_209 0
++ sd_session_get_desktop@LIBSYSTEMD_217 217
++ sd_session_get_display@LIBSYSTEMD_209 0
++ sd_session_get_remote_host@LIBSYSTEMD_209 0
++ sd_session_get_remote_user@LIBSYSTEMD_209 0
++ sd_session_get_seat@LIBSYSTEMD_209 0
++ sd_session_get_service@LIBSYSTEMD_209 0
++ sd_session_get_state@LIBSYSTEMD_209 0
++ sd_session_get_tty@LIBSYSTEMD_209 0
++ sd_session_get_type@LIBSYSTEMD_209 0
++ sd_session_get_uid@LIBSYSTEMD_209 0
++ sd_session_get_vt@LIBSYSTEMD_209 0
++ sd_session_is_active@LIBSYSTEMD_209 0
++ sd_session_is_remote@LIBSYSTEMD_209 0
++ sd_uid_get_display@LIBSYSTEMD_213 213
++ sd_uid_get_seats@LIBSYSTEMD_209 0
++ sd_uid_get_sessions@LIBSYSTEMD_209 0
++ sd_uid_get_state@LIBSYSTEMD_209 0
++ sd_uid_is_on_seat@LIBSYSTEMD_209 0
++ sd_watchdog_enabled@LIBSYSTEMD_209 0
--- /dev/null
--- /dev/null
++lib/*/libudev.so
++usr/include/libudev.h
++usr/lib/*/pkgconfig/libudev.pc
++usr/share/man/man3/udev*
++usr/share/man/man3/libudev*
--- /dev/null
--- /dev/null
++lib/*/libudev.so.*
--- /dev/null
--- /dev/null
++lib/*/libudev.so.*
--- /dev/null
--- /dev/null
++libudev.so.1 libudev1 #MINVER#
++* Build-Depends-Package: libudev-dev
++ LIBUDEV_183@LIBUDEV_183 183
++ LIBUDEV_189@LIBUDEV_189 189
++ LIBUDEV_196@LIBUDEV_196 196
++ LIBUDEV_199@LIBUDEV_199 199
++ LIBUDEV_215@LIBUDEV_215 215
++ udev_device_get_action@LIBUDEV_183 183
++ udev_device_get_devlinks_list_entry@LIBUDEV_183 183
++ udev_device_get_devnode@LIBUDEV_183 183
++ udev_device_get_devnum@LIBUDEV_183 183
++ udev_device_get_devpath@LIBUDEV_183 183
++ udev_device_get_devtype@LIBUDEV_183 183
++ udev_device_get_driver@LIBUDEV_183 183
++ udev_device_get_is_initialized@LIBUDEV_183 183
++ udev_device_get_parent@LIBUDEV_183 183
++ udev_device_get_parent_with_subsystem_devtype@LIBUDEV_183 183
++ udev_device_get_properties_list_entry@LIBUDEV_183 183
++ udev_device_get_property_value@LIBUDEV_183 183
++ udev_device_get_seqnum@LIBUDEV_183 183
++ udev_device_get_subsystem@LIBUDEV_183 183
++ udev_device_get_sysattr_list_entry@LIBUDEV_183 183
++ udev_device_get_sysattr_value@LIBUDEV_183 183
++ udev_device_get_sysname@LIBUDEV_183 183
++ udev_device_get_sysnum@LIBUDEV_183 183
++ udev_device_get_syspath@LIBUDEV_183 183
++ udev_device_get_tags_list_entry@LIBUDEV_183 183
++ udev_device_get_udev@LIBUDEV_183 183
++ udev_device_get_usec_since_initialized@LIBUDEV_183 183
++ udev_device_has_tag@LIBUDEV_183 183
++ udev_device_new_from_device_id@LIBUDEV_189 189
++ udev_device_new_from_devnum@LIBUDEV_183 183
++ udev_device_new_from_environment@LIBUDEV_183 183
++ udev_device_new_from_subsystem_sysname@LIBUDEV_183 183
++ udev_device_new_from_syspath@LIBUDEV_183 183
++ udev_device_ref@LIBUDEV_183 183
++ udev_device_set_sysattr_value@LIBUDEV_199 199
++ udev_device_unref@LIBUDEV_183 183
++ udev_enumerate_add_match_is_initialized@LIBUDEV_183 183
++ udev_enumerate_add_match_parent@LIBUDEV_183 183
++ udev_enumerate_add_match_property@LIBUDEV_183 183
++ udev_enumerate_add_match_subsystem@LIBUDEV_183 183
++ udev_enumerate_add_match_sysattr@LIBUDEV_183 183
++ udev_enumerate_add_match_sysname@LIBUDEV_183 183
++ udev_enumerate_add_match_tag@LIBUDEV_183 183
++ udev_enumerate_add_nomatch_subsystem@LIBUDEV_183 183
++ udev_enumerate_add_nomatch_sysattr@LIBUDEV_183 183
++ udev_enumerate_add_syspath@LIBUDEV_183 183
++ udev_enumerate_get_list_entry@LIBUDEV_183 183
++ udev_enumerate_get_udev@LIBUDEV_183 183
++ udev_enumerate_new@LIBUDEV_183 183
++ udev_enumerate_ref@LIBUDEV_183 183
++ udev_enumerate_scan_devices@LIBUDEV_183 183
++ udev_enumerate_scan_subsystems@LIBUDEV_183 183
++ udev_enumerate_unref@LIBUDEV_183 183
++ udev_get_log_priority@LIBUDEV_183 183
++ udev_get_userdata@LIBUDEV_183 183
++ udev_hwdb_get_properties_list_entry@LIBUDEV_196 196
++ udev_hwdb_new@LIBUDEV_196 196
++ udev_hwdb_ref@LIBUDEV_196 196
++ udev_hwdb_unref@LIBUDEV_196 196
++ udev_list_entry_get_by_name@LIBUDEV_183 183
++ udev_list_entry_get_name@LIBUDEV_183 183
++ udev_list_entry_get_next@LIBUDEV_183 183
++ udev_list_entry_get_value@LIBUDEV_183 183
++ udev_monitor_enable_receiving@LIBUDEV_183 183
++ udev_monitor_filter_add_match_subsystem_devtype@LIBUDEV_183 183
++ udev_monitor_filter_add_match_tag@LIBUDEV_183 183
++ udev_monitor_filter_remove@LIBUDEV_183 183
++ udev_monitor_filter_update@LIBUDEV_183 183
++ udev_monitor_get_fd@LIBUDEV_183 183
++ udev_monitor_get_udev@LIBUDEV_183 183
++ udev_monitor_new_from_netlink@LIBUDEV_183 183
++ udev_monitor_receive_device@LIBUDEV_183 183
++ udev_monitor_ref@LIBUDEV_183 183
++ udev_monitor_set_receive_buffer_size@LIBUDEV_183 183
++ udev_monitor_unref@LIBUDEV_183 183
++ udev_new@LIBUDEV_183 183
++ udev_queue_flush@LIBUDEV_215 215
++ udev_queue_get_fd@LIBUDEV_215 215
++ udev_queue_get_kernel_seqnum@LIBUDEV_183 183
++ udev_queue_get_queue_is_empty@LIBUDEV_183 183
++ udev_queue_get_queued_list_entry@LIBUDEV_183 183
++ udev_queue_get_seqnum_is_finished@LIBUDEV_183 183
++ udev_queue_get_seqnum_sequence_is_finished@LIBUDEV_183 183
++ udev_queue_get_udev@LIBUDEV_183 183
++ udev_queue_get_udev_is_active@LIBUDEV_183 183
++ udev_queue_get_udev_seqnum@LIBUDEV_183 183
++ udev_queue_new@LIBUDEV_183 183
++ udev_queue_ref@LIBUDEV_183 183
++ udev_queue_unref@LIBUDEV_183 183
++ udev_ref@LIBUDEV_183 183
++ udev_set_log_fn@LIBUDEV_183 183
++ udev_set_log_priority@LIBUDEV_183 183
++ udev_set_userdata@LIBUDEV_183 183
++ udev_unref@LIBUDEV_183 183
++ udev_util_encode_string@LIBUDEV_183 183
--- /dev/null
--- /dev/null
++From: =?utf-8?q?Renaud_M=C3=A9trich?= <rmetrich@redhat.com>
++Date: Fri, 13 Sep 2019 11:18:18 +0200
++Subject: Call getgroups() to know size of supplementary groups array to
++ allocate
++
++Resolves RHBZ #1743230 - journalctl dumps core when stack limit is reduced to 256 KB
++
++(cherry picked from commit f5e0b942af1e86993c21f4e5c84342bb10403dac)
++(cherry picked from commit 8ca1e561657575a619a071ab0c22f474094ef21d)
++---
++ src/basic/user-util.c | 14 ++++++++------
++ 1 file changed, 8 insertions(+), 6 deletions(-)
++
++diff --git a/src/basic/user-util.c b/src/basic/user-util.c
++index 3b253bc..957285c 100644
++--- a/src/basic/user-util.c
+++++ b/src/basic/user-util.c
++@@ -410,9 +410,8 @@ char* gid_to_name(gid_t gid) {
++ }
++
++ int in_gid(gid_t gid) {
++- long ngroups_max;
++ gid_t *gids;
++- int r, i;
+++ int ngroups, r, i;
++
++ if (getgid() == gid)
++ return 1;
++@@ -423,12 +422,15 @@ int in_gid(gid_t gid) {
++ if (!gid_is_valid(gid))
++ return -EINVAL;
++
++- ngroups_max = sysconf(_SC_NGROUPS_MAX);
++- assert(ngroups_max > 0);
+++ ngroups = getgroups(0, NULL);
+++ if (ngroups < 0)
+++ return -errno;
+++ if (ngroups == 0)
+++ return 0;
++
++- gids = newa(gid_t, ngroups_max);
+++ gids = newa(gid_t, ngroups);
++
++- r = getgroups(ngroups_max, gids);
+++ r = getgroups(ngroups, gids);
++ if (r < 0)
++ return -errno;
++
--- /dev/null
--- /dev/null
++From: Kenneth D'souza <kdsouza@redhat.com>
++Date: Mon, 30 Sep 2019 16:01:21 +0530
++Subject: Consider smb3 as remote filesystem
++
++Currently systemd will treat smb3 as local filesystem and cause
++can't boot failures. Add smb3 to the list of remote filesystems
++to fix this issue.
++
++Signed-off-by: Kenneth D'souza <kdsouza@redhat.com>
++(cherry picked from commit ff7d6a740b0c6fa3be63d3908a0858730a0837c5)
++(cherry picked from commit 19a43dc38a136d2e95ae79ee1cd28335557216b9)
++---
++ src/basic/mountpoint-util.c | 1 +
++ 1 file changed, 1 insertion(+)
++
++diff --git a/src/basic/mountpoint-util.c b/src/basic/mountpoint-util.c
++index cb8ddcc..74cf139 100644
++--- a/src/basic/mountpoint-util.c
+++++ b/src/basic/mountpoint-util.c
++@@ -298,6 +298,7 @@ bool fstype_is_network(const char *fstype) {
++ return STR_IN_SET(fstype,
++ "afs",
++ "cifs",
+++ "smb3",
++ "smbfs",
++ "sshfs",
++ "ncpfs",
--- /dev/null
--- /dev/null
++From: Steve Traylen <steve.traylen@cern.ch>
++Date: Tue, 24 Sep 2019 09:48:03 +0200
++Subject: Corect man page reference in systemd-nologin.conf comments
++
++The reference to the man page of `systemd-user-sessions.service`
++in the comments of `tmpfiles.d/systemd-nologin.conf` is corrected.
++
++(cherry picked from commit 7a72a95741970fa4919f137f6844fe11b951efd3)
++(cherry picked from commit 2b8e574d8242e5d878252e5fc8f26a993a9c794f)
++---
++ tmpfiles.d/systemd-nologin.conf | 2 +-
++ 1 file changed, 1 insertion(+), 1 deletion(-)
++
++diff --git a/tmpfiles.d/systemd-nologin.conf b/tmpfiles.d/systemd-nologin.conf
++index df4dd63..39cfd06 100644
++--- a/tmpfiles.d/systemd-nologin.conf
+++++ b/tmpfiles.d/systemd-nologin.conf
++@@ -5,7 +5,7 @@
++ # the Free Software Foundation; either version 2.1 of the License, or
++ # (at your option) any later version.
++
++-# See tmpfiles.d(5), systemd-user-session.service(5) and pam_nologin(8).
+++# See tmpfiles.d(5), systemd-user-sessions.service(8) and pam_nologin(8).
++ # This file has special suffix so it is not run by mistake.
++
++ F! /run/nologin 0644 - - - "System is booting up. Unprivileged users are not permitted to log in yet. Please come back later. For technical details, see pam_nologin(8)."
--- /dev/null
--- /dev/null
++From: nikolas <nikolas@gnu.org>
++Date: Wed, 4 Sep 2019 12:03:56 -0400
++Subject: Fix typo in comment: overide -> override
++
++(cherry picked from commit f7f9c69ac58748e37629015ab288d40b1966ac88)
++---
++ src/login/logind-brightness.c | 2 +-
++ 1 file changed, 1 insertion(+), 1 deletion(-)
++
++diff --git a/src/login/logind-brightness.c b/src/login/logind-brightness.c
++index 8dfa97d..3f4b65e 100644
++--- a/src/login/logind-brightness.c
+++++ b/src/login/logind-brightness.c
++@@ -213,7 +213,7 @@ int manager_write_brightness(
++ if (r < 0)
++ return log_error_errno(r, "Failed to add message to set: %m");
++
++- /* We overide any previously requested brightness here: we coalesce writes, and the newest
+++ /* We override any previously requested brightness here: we coalesce writes, and the newest
++ * requested brightness is the one we'll put into effect. */
++ existing->brightness = brightness;
++ existing->again = true; /* request another iteration of the writer when the current one is
--- /dev/null
--- /dev/null
++From: Michael Olbrich <m.olbrich@pengutronix.de>
++Date: Sun, 29 Sep 2019 13:43:00 +0200
++Subject: Handle d_type == DT_UNKNOWN correctly
++
++As documented in the man-page, readdir() may return a directory entry with
++d_type == DT_UNKNOWN. This must be handled for regular filesystems.
++
++dirent_ensure_type() is available to set d_type if necessary. Use it in
++some more places.
++
++Without this systemd will fail to boot correctly with nfsroot and some
++other filesystems.
++
++Closes #13609
++
++(cherry picked from commit 28e68bb23547cbc11cd3f62a1a38dbe2b387b370)
++(cherry picked from commit 5c0224c7bf3c4b0f18d44ee9da7e058833b1d8e2)
++---
++ src/core/smack-setup.c | 2 ++
++ src/login/logind-dbus.c | 1 +
++ src/login/logind.c | 1 +
++ src/shared/bootspec.c | 1 +
++ src/shared/unit-file.c | 1 +
++ 5 files changed, 6 insertions(+)
++
++diff --git a/src/core/smack-setup.c b/src/core/smack-setup.c
++index b95e623..e2d4c0d 100644
++--- a/src/core/smack-setup.c
+++++ b/src/core/smack-setup.c
++@@ -84,6 +84,7 @@ static int write_access2_rules(const char *srcdir) {
++ FOREACH_DIRENT(entry, dir, return 0) {
++ _cleanup_fclose_ FILE *policy = NULL;
++
+++ dirent_ensure_type(dir, entry);
++ if (!dirent_is_file(entry))
++ continue;
++
++@@ -150,6 +151,7 @@ static int write_cipso2_rules(const char *srcdir) {
++ FOREACH_DIRENT(entry, dir, return 0) {
++ _cleanup_fclose_ FILE *policy = NULL;
++
+++ dirent_ensure_type(dir, entry);
++ if (!dirent_is_file(entry))
++ continue;
++
++diff --git a/src/login/logind-dbus.c b/src/login/logind-dbus.c
++index 30b9a66..679eb6a 100644
++--- a/src/login/logind-dbus.c
+++++ b/src/login/logind-dbus.c
++@@ -1378,6 +1378,7 @@ static int flush_devices(Manager *m) {
++ struct dirent *de;
++
++ FOREACH_DIRENT_ALL(de, d, break) {
+++ dirent_ensure_type(d, de);
++ if (!dirent_is_file(de))
++ continue;
++
++diff --git a/src/login/logind.c b/src/login/logind.c
++index 3a16e6c..d889d7b 100644
++--- a/src/login/logind.c
+++++ b/src/login/logind.c
++@@ -291,6 +291,7 @@ static int manager_enumerate_linger_users(Manager *m) {
++ FOREACH_DIRENT(de, d, return -errno) {
++ int k;
++
+++ dirent_ensure_type(d, de);
++ if (!dirent_is_file(de))
++ continue;
++
++diff --git a/src/shared/bootspec.c b/src/shared/bootspec.c
++index aa3b773..ef9d972 100644
++--- a/src/shared/bootspec.c
+++++ b/src/shared/bootspec.c
++@@ -475,6 +475,7 @@ static int boot_entries_find_unified(
++ _cleanup_free_ char *j = NULL, *osrelease = NULL, *cmdline = NULL;
++ _cleanup_close_ int fd = -1;
++
+++ dirent_ensure_type(d, de);
++ if (!dirent_is_file(de))
++ continue;
++
++diff --git a/src/shared/unit-file.c b/src/shared/unit-file.c
++index 4a5f23e..c7a6d67 100644
++--- a/src/shared/unit-file.c
+++++ b/src/shared/unit-file.c
++@@ -279,6 +279,7 @@ int unit_file_build_name_map(
++ if (hashmap_contains(ids, de->d_name))
++ continue;
++
+++ dirent_ensure_type(d, de);
++ if (de->d_type == DT_LNK) {
++ /* We don't explicitly check for alias loops here. unit_ids_map_get() which
++ * limits the number of hops should be used to access the map. */
--- /dev/null
--- /dev/null
++From: =?utf-8?q?Zbigniew_J=C4=99drzejewski-Szmek?= <zbyszek@in.waw.pl>
++Date: Mon, 21 Oct 2019 16:26:42 +0200
++Subject: Revert "sysusers: properly mark generated accounts as locked"
++
++This reverts the gist of commit 636e72bce63e7e99b76357f7d524d16f61558775.
++The comment and the tiny cleanup are left alone.
++
++We shouldn't lock the accounts because people actually need to use them, and
++if they are locked, various tools will refuse.
++See https://github.com/systemd/systemd/pull/13277#issuecomment-529964578
++and follow-up comments.
++
++(cherry picked from commit 12c829376a95ee0a734b8dbd347042062516f0a9)
++---
++ src/sysusers/sysusers.c | 2 +-
++ 1 file changed, 1 insertion(+), 1 deletion(-)
++
++diff --git a/src/sysusers/sysusers.c b/src/sysusers/sysusers.c
++index 1fc1b0a..08a2df7 100644
++--- a/src/sysusers/sysusers.c
+++++ b/src/sysusers/sysusers.c
++@@ -528,7 +528,7 @@ static int write_temporary_shadow(const char *shadow_path, FILE **tmpfile, char
++ .sp_max = -1,
++ .sp_warn = -1,
++ .sp_inact = -1,
++- .sp_expire = i->uid == 0 ? -1 : 1, /* lock account as a whole, unless this is root */
+++ .sp_expire = -1,
++ .sp_flag = (unsigned long) -1, /* this appears to be what everybody does ... */
++ };
++
--- /dev/null
--- /dev/null
++From: "Donald A. Cupp Jr" <doncuppjr@yahoo.com>
++Date: Thu, 5 Sep 2019 15:03:54 -0700
++Subject: Update m4 for selective utmp support. modified:
++ tmpfiles.d/systemd.conf.m4
++
++(cherry picked from commit d34a58222de4c2ee93c68411b4f9042f08e5132f)
++(cherry picked from commit 6af590838b17e9ca38cde05ecfe6da3faa51704f)
++---
++ tmpfiles.d/systemd.conf.m4 | 2 ++
++ 1 file changed, 2 insertions(+)
++
++diff --git a/tmpfiles.d/systemd.conf.m4 b/tmpfiles.d/systemd.conf.m4
++index d39c9cb..9c57d3b 100644
++--- a/tmpfiles.d/systemd.conf.m4
+++++ b/tmpfiles.d/systemd.conf.m4
++@@ -8,7 +8,9 @@
++ # See tmpfiles.d(5) for details
++
++ d /run/user 0755 root root -
+++m4_ifdef(`ENABLE_UTMP',
++ F! /run/utmp 0664 root utmp -
+++)m4_dnl
++
++ d /run/systemd/ask-password 0755 root root -
++ d /run/systemd/seats 0755 root root -
--- /dev/null
--- /dev/null
++From: cbzxt <38526218+cbzxt@users.noreply.github.com>
++Date: Wed, 25 Sep 2019 20:32:46 +0530
++Subject: Updated log message when the timesync happens for the first time
++ (#13624)
++
++(cherry picked from commit 37afb0ac787783a1635165b8a4e3ba5fbd007dfd)
++(cherry picked from commit f67f0e4ec45a7aef177cf19c689dbd76460e8540)
++---
++ src/timesync/timesyncd-manager.c | 6 +++---
++ 1 file changed, 3 insertions(+), 3 deletions(-)
++
++diff --git a/src/timesync/timesyncd-manager.c b/src/timesync/timesyncd-manager.c
++index 3c3a7fe..e76f1b9 100644
++--- a/src/timesync/timesyncd-manager.c
+++++ b/src/timesync/timesyncd-manager.c
++@@ -617,9 +617,9 @@ static int manager_receive_response(sd_event_source *source, int fd, uint32_t re
++ m->good = true;
++
++ server_address_pretty(m->current_server_address, &pretty);
++- /* "for the first time", as further successful syncs will not be logged. */
++- log_info("Synchronized to time server for the first time %s (%s).", strna(pretty), m->current_server_name->string);
++- sd_notifyf(false, "STATUS=Synchronized to time server for the first time %s (%s).", strna(pretty), m->current_server_name->string);
+++ /* "Initial", as further successful syncs will not be logged. */
+++ log_info("Initial synchronization to time server %s (%s).", strna(pretty), m->current_server_name->string);
+++ sd_notifyf(false, "STATUS=Initial synchronization to time server %s (%s).", strna(pretty), m->current_server_name->string);
++ }
++
++ r = manager_arm_timer(m, m->poll_interval_usec);
--- /dev/null
--- /dev/null
++From: Chris Down <chris@chrisdown.name>
++Date: Mon, 30 Sep 2019 18:24:26 +0100
++Subject: cgroup: Check ancestor memory min for unified memory config
++
++Otherwise we might not enable it when we should, ie. DefaultMemoryMin is
++set in a parent, but not MemoryMin in the current unit.
++
++(cherry picked from commit 7c9d2b79935d413389a603918a711df75acd3f48)
++(cherry picked from commit ea248e53bf763c16fcc26bd1212f2d094db10e15)
++---
++ src/core/cgroup.c | 2 +-
++ 1 file changed, 1 insertion(+), 1 deletion(-)
++
++diff --git a/src/core/cgroup.c b/src/core/cgroup.c
++index 60a7799..4ff88fb 100644
++--- a/src/core/cgroup.c
+++++ b/src/core/cgroup.c
++@@ -933,7 +933,7 @@ static bool unit_has_unified_memory_config(Unit *u) {
++ c = unit_get_cgroup_context(u);
++ assert(c);
++
++- return c->memory_min > 0 || unit_get_ancestor_memory_low(u) > 0 ||
+++ return unit_get_ancestor_memory_min(u) > 0 || unit_get_ancestor_memory_low(u) > 0 ||
++ c->memory_high != CGROUP_LIMIT_MAX || c->memory_max != CGROUP_LIMIT_MAX ||
++ c->memory_swap_max != CGROUP_LIMIT_MAX;
++ }
--- /dev/null
--- /dev/null
++From: Chris Down <chris@chrisdown.name>
++Date: Mon, 30 Sep 2019 18:36:13 +0100
++Subject: cgroup: Mark memory protections as explicitly set in transient units
++
++A later version of the DefaultMemory{Low,Min} patch changed these to
++require explicitly setting memory_foo_set, but we only set that in
++load-fragment, not dbus-cgroup.
++
++Without these, we may fall back to either DefaultMemoryFoo or
++CGROUP_LIMIT_MIN when we really shouldn't.
++
++(cherry picked from commit 184e989d7da4648bd36511ffa28a9f2b469589d1)
++(cherry picked from commit b5df1037a0c02ff04886fda7c11868be65c54bd6)
++---
++ src/core/dbus-cgroup.c | 64 +++++++++++++++++++++++++++++++++++++-------------
++ 1 file changed, 48 insertions(+), 16 deletions(-)
++
++diff --git a/src/core/dbus-cgroup.c b/src/core/dbus-cgroup.c
++index 2f2313c..accd831 100644
++--- a/src/core/dbus-cgroup.c
+++++ b/src/core/dbus-cgroup.c
++@@ -749,17 +749,33 @@ int bus_cgroup_set_property(
++ if (streq(name, "MemoryAccounting"))
++ return bus_cgroup_set_boolean(u, name, &c->memory_accounting, CGROUP_MASK_MEMORY, message, flags, error);
++
++- if (streq(name, "MemoryMin"))
++- return bus_cgroup_set_memory_protection(u, name, &c->memory_min, message, flags, error);
+++ if (streq(name, "MemoryMin")) {
+++ r = bus_cgroup_set_memory_protection(u, name, &c->memory_min, message, flags, error);
+++ if (r > 0)
+++ c->memory_min_set = true;
+++ return r;
+++ }
++
++- if (streq(name, "MemoryLow"))
++- return bus_cgroup_set_memory_protection(u, name, &c->memory_low, message, flags, error);
+++ if (streq(name, "MemoryLow")) {
+++ r = bus_cgroup_set_memory_protection(u, name, &c->memory_low, message, flags, error);
+++ if (r > 0)
+++ c->memory_low_set = true;
+++ return r;
+++ }
++
++- if (streq(name, "DefaultMemoryMin"))
++- return bus_cgroup_set_memory_protection(u, name, &c->default_memory_min, message, flags, error);
+++ if (streq(name, "DefaultMemoryMin")) {
+++ r = bus_cgroup_set_memory_protection(u, name, &c->default_memory_min, message, flags, error);
+++ if (r > 0)
+++ c->default_memory_min_set = true;
+++ return r;
+++ }
++
++- if (streq(name, "DefaultMemoryLow"))
++- return bus_cgroup_set_memory_protection(u, name, &c->default_memory_low, message, flags, error);
+++ if (streq(name, "DefaultMemoryLow")) {
+++ r = bus_cgroup_set_memory_protection(u, name, &c->default_memory_low, message, flags, error);
+++ if (r > 0)
+++ c->default_memory_low_set = true;
+++ return r;
+++ }
++
++ if (streq(name, "MemoryHigh"))
++ return bus_cgroup_set_memory(u, name, &c->memory_high, message, flags, error);
++@@ -773,17 +789,33 @@ int bus_cgroup_set_property(
++ if (streq(name, "MemoryLimit"))
++ return bus_cgroup_set_memory(u, name, &c->memory_limit, message, flags, error);
++
++- if (streq(name, "MemoryMinScale"))
++- return bus_cgroup_set_memory_protection_scale(u, name, &c->memory_min, message, flags, error);
+++ if (streq(name, "MemoryMinScale")) {
+++ r = bus_cgroup_set_memory_protection_scale(u, name, &c->memory_min, message, flags, error);
+++ if (r > 0)
+++ c->memory_min_set = true;
+++ return r;
+++ }
++
++- if (streq(name, "MemoryLowScale"))
++- return bus_cgroup_set_memory_protection_scale(u, name, &c->memory_low, message, flags, error);
+++ if (streq(name, "MemoryLowScale")) {
+++ r = bus_cgroup_set_memory_protection_scale(u, name, &c->memory_low, message, flags, error);
+++ if (r > 0)
+++ c->memory_low_set = true;
+++ return r;
+++ }
++
++- if (streq(name, "DefaultMemoryMinScale"))
++- return bus_cgroup_set_memory_protection_scale(u, name, &c->default_memory_min, message, flags, error);
+++ if (streq(name, "DefaultMemoryMinScale")) {
+++ r = bus_cgroup_set_memory_protection_scale(u, name, &c->default_memory_min, message, flags, error);
+++ if (r > 0)
+++ c->default_memory_min_set = true;
+++ return r;
+++ }
++
++- if (streq(name, "DefaultMemoryLowScale"))
++- return bus_cgroup_set_memory_protection_scale(u, name, &c->default_memory_low, message, flags, error);
+++ if (streq(name, "DefaultMemoryLowScale")) {
+++ r = bus_cgroup_set_memory_protection_scale(u, name, &c->default_memory_low, message, flags, error);
+++ if (r > 0)
+++ c->default_memory_low_set = true;
+++ return r;
+++ }
++
++ if (streq(name, "MemoryHighScale"))
++ return bus_cgroup_set_memory_scale(u, name, &c->memory_high, message, flags, error);
--- /dev/null
--- /dev/null
++From: Chris Down <chris@chrisdown.name>
++Date: Mon, 30 Sep 2019 18:25:09 +0100
++Subject: cgroup: Respect DefaultMemoryMin when setting memory.min
++
++This is an oversight from https://github.com/systemd/systemd/pull/12332.
++
++Sadly the tests didn't catch it since it requires a real cgroup
++hierarchy to see, and it wasn't seen in prod since we're only currently
++using DefaultMemoryLow, not DefaultMemoryMin. :-(
++
++(cherry picked from commit 64fe532e90b3e99bf7821ded8a1107c239099e40)
++(cherry picked from commit f14e3e02cca759dc92c87328e257acc6abe91cbc)
++---
++ src/core/cgroup.c | 2 +-
++ 1 file changed, 1 insertion(+), 1 deletion(-)
++
++diff --git a/src/core/cgroup.c b/src/core/cgroup.c
++index 4ff88fb..94a83e0 100644
++--- a/src/core/cgroup.c
+++++ b/src/core/cgroup.c
++@@ -1200,7 +1200,7 @@ static void cgroup_context_apply(
++ log_cgroup_compat(u, "Applying MemoryLimit=%" PRIu64 " as MemoryMax=", max);
++ }
++
++- cgroup_apply_unified_memory_limit(u, "memory.min", c->memory_min);
+++ cgroup_apply_unified_memory_limit(u, "memory.min", unit_get_ancestor_memory_min(u));
++ cgroup_apply_unified_memory_limit(u, "memory.low", unit_get_ancestor_memory_low(u));
++ cgroup_apply_unified_memory_limit(u, "memory.high", c->memory_high);
++ cgroup_apply_unified_memory_limit(u, "memory.max", max);
--- /dev/null
--- /dev/null
++From: Chris Down <chris@chrisdown.name>
++Date: Mon, 30 Sep 2019 14:23:32 +0100
++Subject: cgroup: docs: Mention unbounded protection for memory.{low,min}
++
++I got asked why Memory{Low,Min} don't allow "infinity". They do, but the
++docs don't say that like they already do for Memory{High,Max}.
++
++(cherry picked from commit b62087d4d06777ccde9eb9e7a97abc7b8945d5f5)
++(cherry picked from commit 2ab45f38d8c4d694f483478c4c055f2d6577c805)
++---
++ man/systemd.resource-control.xml | 8 ++++++--
++ 1 file changed, 6 insertions(+), 2 deletions(-)
++
++diff --git a/man/systemd.resource-control.xml b/man/systemd.resource-control.xml
++index d8fa247..b48704a 100644
++--- a/man/systemd.resource-control.xml
+++++ b/man/systemd.resource-control.xml
++@@ -239,7 +239,9 @@
++ <para>Takes a memory size in bytes. If the value is suffixed with K, M, G or T, the specified memory size is
++ parsed as Kilobytes, Megabytes, Gigabytes, or Terabytes (with the base 1024), respectively. Alternatively, a
++ percentage value may be specified, which is taken relative to the installed physical memory on the
++- system. This controls the <literal>memory.min</literal> control group attribute. For details about this
+++ system. If assigned the special value <literal>infinity</literal>, all available memory is protected, which may be
+++ useful in order to always inherit all of the protection afforded by ancestors.
+++ This controls the <literal>memory.min</literal> control group attribute. For details about this
++ control group attribute, see <ulink
++ url="https://www.kernel.org/doc/Documentation/cgroup-v2.txt">cgroup-v2.txt</ulink>.</para>
++
++@@ -263,7 +265,9 @@
++ <para>Takes a memory size in bytes. If the value is suffixed with K, M, G or T, the specified memory size is
++ parsed as Kilobytes, Megabytes, Gigabytes, or Terabytes (with the base 1024), respectively. Alternatively, a
++ percentage value may be specified, which is taken relative to the installed physical memory on the
++- system. This controls the <literal>memory.low</literal> control group attribute. For details about this
+++ system. If assigned the special value <literal>infinity</literal>, all available memory is protected, which may be
+++ useful in order to always inherit all of the protection afforded by ancestors.
+++ This controls the <literal>memory.low</literal> control group attribute. For details about this
++ control group attribute, see <ulink
++ url="https://www.kernel.org/doc/Documentation/cgroup-v2.txt">cgroup-v2.txt</ulink>.</para>
++
--- /dev/null
--- /dev/null
++From: Chris Down <chris@chrisdown.name>
++Date: Mon, 30 Sep 2019 14:25:14 +0100
++Subject: cgroup: docs: memory.high doc fixups
++
++The docs just tautologically call this the "high limit". Just call it
++throttling as we do in cgroup-v2.rst.
++
++(cherry picked from commit ba79e19cb299623c9c0dd4c6a1ae80f795409b04)
++(cherry picked from commit de1d25a506db17119065447f8d0225d9ae00fafc)
++---
++ man/systemd.resource-control.xml | 4 ++--
++ 1 file changed, 2 insertions(+), 2 deletions(-)
++
++diff --git a/man/systemd.resource-control.xml b/man/systemd.resource-control.xml
++index b48704a..98d711b 100644
++--- a/man/systemd.resource-control.xml
+++++ b/man/systemd.resource-control.xml
++@@ -284,7 +284,7 @@
++ <term><varname>MemoryHigh=<replaceable>bytes</replaceable></varname></term>
++
++ <listitem>
++- <para>Specify the high limit on memory usage of the executed processes in this unit. Memory usage may go
+++ <para>Specify the throttling limit on memory usage of the executed processes in this unit. Memory usage may go
++ above the limit if unavoidable, but the processes are heavily slowed down and memory is taken away
++ aggressively in such cases. This is the main mechanism to control memory usage of a unit.</para>
++
++@@ -292,7 +292,7 @@
++ parsed as Kilobytes, Megabytes, Gigabytes, or Terabytes (with the base 1024), respectively. Alternatively, a
++ percentage value may be specified, which is taken relative to the installed physical memory on the
++ system. If assigned the
++- special value <literal>infinity</literal>, no memory limit is applied. This controls the
+++ special value <literal>infinity</literal>, no memory throttling is applied. This controls the
++ <literal>memory.high</literal> control group attribute. For details about this control group attribute, see
++ <ulink url="https://www.kernel.org/doc/Documentation/cgroup-v2.txt">cgroup-v2.txt</ulink>.</para>
++
--- /dev/null
--- /dev/null
++From: Mike Kazantsev <mk.fraggod@gmail.com>
++Date: Thu, 3 Oct 2019 18:11:41 +0500
++Subject: cgroup: fix typo in BPF firewall support warning message
++
++(cherry picked from commit fc103b3e342429637527d3042bf7bdf15c12624d)
++(cherry picked from commit 25bb377a73e72ef1443d5de87b7a801b12a3839c)
++---
++ src/core/dbus-cgroup.c | 2 +-
++ 1 file changed, 1 insertion(+), 1 deletion(-)
++
++diff --git a/src/core/dbus-cgroup.c b/src/core/dbus-cgroup.c
++index accd831..58be888 100644
++--- a/src/core/dbus-cgroup.c
+++++ b/src/core/dbus-cgroup.c
++@@ -531,7 +531,7 @@ static int bus_cgroup_set_transient_property(
++ static bool warned = false;
++
++ log_full(warned ? LOG_DEBUG : LOG_WARNING,
++- "Transient unit %s configures an IP firewall with BPF, but the local system does not support BPF/cgroup firewalling with mulitiple filters.\n"
+++ "Transient unit %s configures an IP firewall with BPF, but the local system does not support BPF/cgroup firewalling with multiple filters.\n"
++ "Starting this unit will fail! (This warning is only shown for the first started transient unit using IP firewalling.)", u->id);
++ warned = true;
++ }
--- /dev/null
--- /dev/null
++From: Maciej Stanczew <maciej.stanczew@gmail.com>
++Date: Mon, 16 Sep 2019 02:09:35 +0200
++Subject: core: Fix setting StatusUnitFormat from config files
++
++(cherry picked from commit 6327aa9f6c5701e44541e685c6bf44d3a8c40f50)
++(cherry picked from commit 1a3c53c06c878d44d8d0a87244261df55dfbb837)
++---
++ src/core/load-fragment.c | 1 +
++ src/core/load-fragment.h | 1 +
++ src/core/main.c | 1 -
++ 3 files changed, 2 insertions(+), 1 deletion(-)
++
++diff --git a/src/core/load-fragment.c b/src/core/load-fragment.c
++index a7951a5..56cad2f 100644
++--- a/src/core/load-fragment.c
+++++ b/src/core/load-fragment.c
++@@ -133,6 +133,7 @@ DEFINE_CONFIG_PARSE_PTR(config_parse_cg_weight, cg_weight_parse, uint64_t, "Inva
++ DEFINE_CONFIG_PARSE_PTR(config_parse_cpu_shares, cg_cpu_shares_parse, uint64_t, "Invalid CPU shares");
++ DEFINE_CONFIG_PARSE_PTR(config_parse_exec_mount_flags, mount_propagation_flags_from_string, unsigned long, "Failed to parse mount flag");
++ DEFINE_CONFIG_PARSE_ENUM_WITH_DEFAULT(config_parse_numa_policy, mpol, int, -1, "Invalid NUMA policy type");
+++DEFINE_CONFIG_PARSE_ENUM(config_parse_status_unit_format, status_unit_format, StatusUnitFormat, "Failed to parse status unit format");
++
++ int config_parse_unit_deps(
++ const char *unit,
++diff --git a/src/core/load-fragment.h b/src/core/load-fragment.h
++index 664643f..1183987 100644
++--- a/src/core/load-fragment.h
+++++ b/src/core/load-fragment.h
++@@ -117,6 +117,7 @@ CONFIG_PARSER_PROTOTYPE(config_parse_numa_mask);
++ CONFIG_PARSER_PROTOTYPE(config_parse_ip_filter_bpf_progs);
++ CONFIG_PARSER_PROTOTYPE(config_parse_cpu_affinity2);
++ CONFIG_PARSER_PROTOTYPE(config_parse_show_status);
+++CONFIG_PARSER_PROTOTYPE(config_parse_status_unit_format);
++ CONFIG_PARSER_PROTOTYPE(config_parse_output_restricted);
++ CONFIG_PARSER_PROTOTYPE(config_parse_crash_chvt);
++ CONFIG_PARSER_PROTOTYPE(config_parse_timeout_abort);
++diff --git a/src/core/main.c b/src/core/main.c
++index bcce717..4633184 100644
++--- a/src/core/main.c
+++++ b/src/core/main.c
++@@ -538,7 +538,6 @@ DEFINE_SETTER(config_parse_level2, log_set_max_level_from_string, "log level");
++ DEFINE_SETTER(config_parse_target, log_set_target_from_string, "target");
++ DEFINE_SETTER(config_parse_color, log_show_color_from_string, "color" );
++ DEFINE_SETTER(config_parse_location, log_show_location_from_string, "location");
++-DEFINE_SETTER(config_parse_status_unit_format, status_unit_format_from_string, "value");
++
++ static int parse_config_file(void) {
++
--- /dev/null
--- /dev/null
++From: ypf791 <ypf791@gmail.com>
++Date: Fri, 19 Jul 2019 18:28:04 +0800
++Subject: core: coldplug possible nop_job
++
++(cherry picked from commit b49e14d5f3081dfcd363d8199a14c0924ae9152f)
++(cherry picked from commit a20a2157a85dd277c5dc1398fd75f565ca941933)
++---
++ src/core/unit.c | 6 ++++--
++ 1 file changed, 4 insertions(+), 2 deletions(-)
++
++diff --git a/src/core/unit.c b/src/core/unit.c
++index 64eb127..cedcb3f 100644
++--- a/src/core/unit.c
+++++ b/src/core/unit.c
++@@ -3900,6 +3900,7 @@ int unit_add_node_dependency(Unit *u, const char *what, bool wants, UnitDependen
++ int unit_coldplug(Unit *u) {
++ int r = 0, q;
++ char **i;
+++ Job *uj;
++
++ assert(u);
++
++@@ -3922,8 +3923,9 @@ int unit_coldplug(Unit *u) {
++ r = q;
++ }
++
++- if (u->job) {
++- q = job_coldplug(u->job);
+++ uj = u->job ?: u->nop_job;
+++ if (uj) {
+++ q = job_coldplug(uj);
++ if (q < 0 && r >= 0)
++ r = q;
++ }
--- /dev/null
--- /dev/null
++From: Franck Bui <fbui@suse.com>
++Date: Thu, 5 Sep 2019 16:53:50 +0200
++Subject: core: restore initialization of u->source_mtime
++
++During the rework of unit file loading, commit e8630e695232bdfc dropped the
++initialization u->source_mtime. This had the bad side effect that generated
++units always needed daemon reloading.
++
++(cherry picked from commit 5a1c1b534fe13e60ef9bce0dc680ad6f2a0c577f)
++(cherry picked from commit 6823c907cfda84958fe223ba1a14a48fcd829458)
++---
++ src/core/load-fragment.c | 9 ++++++++-
++ 1 file changed, 8 insertions(+), 1 deletion(-)
++
++diff --git a/src/core/load-fragment.c b/src/core/load-fragment.c
++index 8eaf8b3..a7951a5 100644
++--- a/src/core/load-fragment.c
+++++ b/src/core/load-fragment.c
++@@ -4594,6 +4594,7 @@ static int merge_by_names(Unit **u, Set *names, const char *id) {
++ int unit_load_fragment(Unit *u) {
++ const char *fragment;
++ _cleanup_set_free_free_ Set *names = NULL;
+++ struct stat st;
++ int r;
++
++ assert(u);
++@@ -4625,7 +4626,6 @@ int unit_load_fragment(Unit *u) {
++ if (fragment) {
++ /* Open the file, check if this is a mask, otherwise read. */
++ _cleanup_fclose_ FILE *f = NULL;
++- struct stat st;
++
++ /* Try to open the file name. A symlink is OK, for example for linked files or masks. We
++ * expect that all symlinks within the lookup paths have been already resolved, but we don't
++@@ -4660,6 +4660,13 @@ int unit_load_fragment(Unit *u) {
++ }
++ }
++
+++ if (u->source_path) {
+++ if (stat(u->source_path, &st) >= 0)
+++ u->source_mtime = timespec_load(&st.st_mtim);
+++ else
+++ u->source_mtime = 0;
+++ }
+++
++ /* We do the merge dance here because for some unit types, the unit might have aliases which are not
++ * declared in the file system. In particular, this is true (and frequent) for device and swap units.
++ */
--- /dev/null
--- /dev/null
++From: Martin Pitt <mpitt@debian.org>
++Date: Wed, 18 Jan 2017 11:21:35 +0100
++Subject: Add env variable for machine ID path
++
++During package build, in minimal chroots, or other systems which do not already
++have an /etc/machine-id we get six test failures. Introduce a
++$SYSTEMD_MACHINE_ID_PATH environment variable which can specify a location
++other than /etc/machine-id, so that the unit tests are independent from the
++environment.
++
++Also adjust test-fs-util to not assume that /etc/machine-id exists. Use
++/etc/passwd instead which is created by base-files.
++
++Closes: #851445
++
++Bug: https://bugs.freedesktop.org/show_bug.cgi?id=62344
++---
++ src/libsystemd/sd-id128/sd-id128.c | 2 +-
++ src/test/test-fs-util.c | 11 +++++++----
++ 2 files changed, 8 insertions(+), 5 deletions(-)
++
++diff --git a/src/libsystemd/sd-id128/sd-id128.c b/src/libsystemd/sd-id128/sd-id128.c
++index e5f82b8..4483f09 100644
++--- a/src/libsystemd/sd-id128/sd-id128.c
+++++ b/src/libsystemd/sd-id128/sd-id128.c
++@@ -88,7 +88,7 @@ _public_ int sd_id128_get_machine(sd_id128_t *ret) {
++ assert_return(ret, -EINVAL);
++
++ if (sd_id128_is_null(saved_machine_id)) {
++- r = id128_read("/etc/machine-id", ID128_PLAIN, &saved_machine_id);
+++ r = id128_read(getenv("SYSTEMD_MACHINE_ID_PATH") ?: "/etc/machine-id", ID128_PLAIN, &saved_machine_id);
++ if (r < 0)
++ return r;
++
++diff --git a/src/test/test-fs-util.c b/src/test/test-fs-util.c
++index 7cf4f49..0df6d6e 100644
++--- a/src/test/test-fs-util.c
+++++ b/src/test/test-fs-util.c
++@@ -210,7 +210,7 @@ static void test_chase_symlinks(void) {
++ assert_se(streq(result, "/test-chase.fsldajfl"));
++ result = mfree(result);
++
++- r = chase_symlinks("/etc/machine-id/foo", NULL, 0, &result);
+++ r = chase_symlinks("/etc/passwd/foo", NULL, 0, &result);
++ assert_se(r == -ENOTDIR);
++ result = mfree(result);
++
++@@ -283,23 +283,26 @@ static void test_chase_symlinks(void) {
++ assert_se(chase_symlinks(q, NULL, CHASE_SAFE, NULL) >= 0);
++ }
++
++- p = strjoina(temp, "/machine-id-test");
++- assert_se(symlink("/usr/../etc/./machine-id", p) >= 0);
+++ p = strjoina(temp, "/passwd-test");
+++ assert_se(symlink("/usr/../etc/./passwd", p) >= 0);
++
++ pfd = chase_symlinks(p, NULL, CHASE_OPEN, NULL);
++ if (pfd != -ENOENT) {
++ _cleanup_close_ int fd = -1;
+++/*
++ sd_id128_t a, b;
+++*/
++
++ assert_se(pfd >= 0);
++
++ fd = fd_reopen(pfd, O_RDONLY|O_CLOEXEC);
++ assert_se(fd >= 0);
++ safe_close(pfd);
++-
+++/*
++ assert_se(id128_read_fd(fd, ID128_PLAIN, &a) >= 0);
++ assert_se(sd_id128_get_machine(&b) >= 0);
++ assert_se(sd_id128_equal(a, b));
+++*/
++ }
++
++ /* Test CHASE_NOFOLLOW */
--- /dev/null
--- /dev/null
++From: Julien Muchembled <jm@jmuchemb.eu>
++Date: Tue, 29 Apr 2014 11:40:50 +0200
++Subject: Add support for TuxOnIce hibernation
++
++systemd does not support non-mainline kernel features so upstream rejected this
++patch.
++It is however required for systemd integration by tuxonice-userui package.
++
++Forwarded: http://lists.freedesktop.org/archives/systemd-devel/2014-April/018960.html
++---
++ src/shared/sleep-config.c | 6 ++++++
++ 1 file changed, 6 insertions(+)
++
++diff --git a/src/shared/sleep-config.c b/src/shared/sleep-config.c
++index 26ed477..824777a 100644
++--- a/src/shared/sleep-config.c
+++++ b/src/shared/sleep-config.c
++@@ -275,6 +275,12 @@ static bool enough_swap_for_hibernation(void) {
++ if (getenv_bool("SYSTEMD_BYPASS_HIBERNATION_MEMORY_CHECK") > 0)
++ return true;
++
+++ /* TuxOnIce is an alternate implementation for hibernation.
+++ * It can be configured to compress the image to a file or an inactive
+++ * swap partition, so there's nothing more we can do here. */
+++ if (access("/sys/power/tuxonice", F_OK) == 0)
+++ return true;
+++
++ r = find_hibernate_location(NULL, NULL, &size, &used);
++ if (r < 0)
++ return false;
--- /dev/null
--- /dev/null
++From: Tollef Fog Heen <tfheen@err.no>
++Date: Tue, 5 Jun 2012 20:59:36 +0200
++Subject: Bring tmpfiles.d/tmp.conf in line with Debian defaults
++
++Closes: #675422
++---
++ tmpfiles.d/tmp.conf | 4 ++--
++ 1 file changed, 2 insertions(+), 2 deletions(-)
++
++diff --git a/tmpfiles.d/tmp.conf b/tmpfiles.d/tmp.conf
++index fe5225d..39cb5cc 100644
++--- a/tmpfiles.d/tmp.conf
+++++ b/tmpfiles.d/tmp.conf
++@@ -8,5 +8,5 @@
++ # See tmpfiles.d(5) for details
++
++ # Clear tmp directories separately, to make them easier to override
++-q /tmp 1777 root root 10d
++-q /var/tmp 1777 root root 30d
+++D /tmp 1777 root root -
+++#q /var/tmp 1777 root root 30d
--- /dev/null
--- /dev/null
++From: Martin Pitt <martin.pitt@ubuntu.com>
++Date: Sun, 28 Dec 2014 12:49:35 +0100
++Subject: Don't enable audit by default
++
++It causes flooding of dmesg and syslog, suppressing actually important
++messages.
++
++Don't enable it for now, until a better solution is found:
++http://lists.freedesktop.org/archives/systemd-devel/2014-December/026591.html
++
++Bug-Debian: https://bugs.debian.org/773528
++---
++ src/journal/journald-audit.c | 5 -----
++ 1 file changed, 5 deletions(-)
++
++diff --git a/src/journal/journald-audit.c b/src/journal/journald-audit.c
++index fae9138..3e032e1 100644
++--- a/src/journal/journald-audit.c
+++++ b/src/journal/journald-audit.c
++@@ -539,10 +539,5 @@ int server_open_audit(Server *s) {
++ if (r < 0)
++ return log_error_errno(r, "Failed to add audit fd to event loop: %m");
++
++- /* We are listening now, try to enable audit */
++- r = enable_audit(s->audit_fd, true);
++- if (r < 0)
++- log_warning_errno(r, "Failed to issue audit enable call: %m");
++-
++ return 0;
++ }
--- /dev/null
--- /dev/null
++From: Michael Biebl <biebl@debian.org>
++Date: Wed, 18 Jul 2018 23:49:16 +0200
++Subject: Drop seccomp system call filter for udev
++
++The seccomp based system call whitelist requires at least systemd 239 to
++be the active init and during a dist-upgrade we can't guarantee that
++systemd has been fully configured before udev is restarted.
++
++This partially reverts upstream commit
++ee8f26180d01e3ddd4e5f20b03b81e5e737657ae.
++
++Once buster is released, this patch can be dropped.
++
++Closes: #903224
++---
++ units/systemd-udevd.service.in | 2 --
++ 1 file changed, 2 deletions(-)
++
++diff --git a/units/systemd-udevd.service.in b/units/systemd-udevd.service.in
++index dbb678a..62931f0 100644
++--- a/units/systemd-udevd.service.in
+++++ b/units/systemd-udevd.service.in
++@@ -32,8 +32,6 @@ MemoryDenyWriteExecute=yes
++ RestrictAddressFamilies=AF_UNIX AF_NETLINK AF_INET AF_INET6
++ RestrictRealtime=yes
++ RestrictSUIDSGID=yes
++-SystemCallFilter=@system-service @module @raw-io
++-SystemCallErrorNumber=EPERM
++ SystemCallArchitectures=native
++ LockPersonality=yes
++ IPAddressDeny=any
--- /dev/null
--- /dev/null
++From: Iain Lane <iain@orangesquash.org.uk>
++Date: Mon, 22 Aug 2016 07:03:27 +0200
++Subject: Let graphical-session-pre.target be manually started
++
++This is needed until https://github.com/systemd/systemd/issues/3750 is fixed.
++
++Forwarded: not-needed
++Bug-Ubuntu: https://launchpad.net/bugs/1615341
++---
++ units/user/graphical-session-pre.target | 1 -
++ 1 file changed, 1 deletion(-)
++
++diff --git a/units/user/graphical-session-pre.target b/units/user/graphical-session-pre.target
++index 3adfc5a..c4e1001 100644
++--- a/units/user/graphical-session-pre.target
+++++ b/units/user/graphical-session-pre.target
++@@ -12,5 +12,4 @@ Description=Session services which should run early before the graphical session
++ Documentation=man:systemd.special(7)
++ Requires=basic.target
++ Before=graphical-session.target
++-RefuseManualStart=yes
++ StopWhenUnneeded=yes
--- /dev/null
--- /dev/null
++From: Michael Biebl <biebl@debian.org>
++Date: Fri, 5 Sep 2014 01:15:16 +0200
++Subject: Make /run/lock tmpfs an API fs
++
++The /run/lock directory is world-writable in Debian due to historic
++reasons. To avoid user processes filling up /run, we mount a separate
++tmpfs for /run/lock. As this directory needs to be available during
++early boot, we make it an API fs.
++
++Drop it from tmpfiles.d/legacy.conf to not clobber the permissions.
++
++Closes: #751392
++---
++ src/core/mount-setup.c | 2 ++
++ tmpfiles.d/legacy.conf | 1 -
++ 2 files changed, 2 insertions(+), 1 deletion(-)
++
++diff --git a/src/core/mount-setup.c b/src/core/mount-setup.c
++index 3ac01ff..31e8f7a 100644
++--- a/src/core/mount-setup.c
+++++ b/src/core/mount-setup.c
++@@ -83,6 +83,8 @@ static const MountPoint mount_table[] = {
++ #endif
++ { "tmpfs", "/run", "tmpfs", "mode=755", MS_NOSUID|MS_NODEV|MS_STRICTATIME,
++ NULL, MNT_FATAL|MNT_IN_CONTAINER },
+++ { "tmpfs", "/run/lock", "tmpfs", "mode=1777,size=5242880", MS_NOSUID|MS_NODEV|MS_NOEXEC,
+++ NULL, MNT_FATAL|MNT_IN_CONTAINER },
++ { "cgroup2", "/sys/fs/cgroup", "cgroup2", "nsdelegate", MS_NOSUID|MS_NOEXEC|MS_NODEV,
++ cg_is_unified_wanted, MNT_IN_CONTAINER|MNT_CHECK_WRITABLE },
++ { "cgroup2", "/sys/fs/cgroup", "cgroup2", NULL, MS_NOSUID|MS_NOEXEC|MS_NODEV,
++diff --git a/tmpfiles.d/legacy.conf b/tmpfiles.d/legacy.conf
++index 62e2ae0..ea5e735 100644
++--- a/tmpfiles.d/legacy.conf
+++++ b/tmpfiles.d/legacy.conf
++@@ -10,7 +10,6 @@
++ # These files are considered legacy and are unnecessary on legacy-free
++ # systems.
++
++-d /run/lock 0755 root root -
++ L /var/lock - - - - ../run/lock
++
++ # /run/lock/subsys is used for serializing SysV service execution, and
--- /dev/null
--- /dev/null
++From: Martin Pitt <martin.pitt@ubuntu.com>
++Date: Mon, 9 Feb 2015 10:53:43 +0100
++Subject: Only start logind if dbus is installed
++
++logind fails to start in environments without dbus, such as LXC containers or
++servers. Add a startup condition to avoid the very noisy startup failure.
++
++Part of #772700
++---
++ units/systemd-logind.service.in | 1 +
++ 1 file changed, 1 insertion(+)
++
++diff --git a/units/systemd-logind.service.in b/units/systemd-logind.service.in
++index c6f5b81..705873d 100644
++--- a/units/systemd-logind.service.in
+++++ b/units/systemd-logind.service.in
++@@ -14,6 +14,7 @@ Documentation=https://www.freedesktop.org/wiki/Software/systemd/logind
++ Documentation=https://www.freedesktop.org/wiki/Software/systemd/multiseat
++ Wants=user.slice
++ After=nss-user-lookup.target user.slice
+++ConditionPathExists=/lib/systemd/system/dbus.service
++
++ # Ask for the dbus socket.
++ Wants=dbus.socket
--- /dev/null
--- /dev/null
++From: Martin Pitt <martin.pitt@ubuntu.com>
++Date: Fri, 28 Nov 2014 14:43:25 +0100
++Subject: Re-enable journal forwarding to syslog
++
++Revert upstream commit 46b131574fdd7d77 for now, until Debian's sysloggers
++can/do all read from the journal directly. See
++
++ http://lists.freedesktop.org/archives/systemd-devel/2014-November/025550.html
++
++for details. Once we grow a journal.conf.d/ directory, sysloggers can be moved
++to pulling from the journal one by one and disable forwarding again in such a
++conf.d snippet.
++---
++ man/journald.conf.xml | 2 +-
++ src/journal/journald-server.c | 1 +
++ src/journal/journald.conf | 2 +-
++ 3 files changed, 3 insertions(+), 2 deletions(-)
++
++diff --git a/man/journald.conf.xml b/man/journald.conf.xml
++index 44fd0d2..a6fdced 100644
++--- a/man/journald.conf.xml
+++++ b/man/journald.conf.xml
++@@ -292,7 +292,7 @@
++ traditional syslog daemon, to the kernel log buffer (kmsg), to the system console, or sent as wall
++ messages to all logged-in users. These options take boolean arguments. If forwarding to syslog is
++ enabled but nothing reads messages from the socket, forwarding to syslog has no effect. By default,
++- only forwarding to wall is enabled. These settings may be overridden at boot time with the kernel
+++ only forwarding to syslog and wall is enabled. These settings may be overridden at boot time with the kernel
++ command line options <literal>systemd.journald.forward_to_syslog</literal>,
++ <literal>systemd.journald.forward_to_kmsg</literal>,
++ <literal>systemd.journald.forward_to_console</literal>, and
++diff --git a/src/journal/journald-server.c b/src/journal/journald-server.c
++index a0c2dcd..cdee6f9 100644
++--- a/src/journal/journald-server.c
+++++ b/src/journal/journald-server.c
++@@ -2023,6 +2023,7 @@ int server_init(Server *s) {
++ .rate_limit_interval = DEFAULT_RATE_LIMIT_INTERVAL,
++ .rate_limit_burst = DEFAULT_RATE_LIMIT_BURST,
++
+++ .forward_to_syslog = true,
++ .forward_to_wall = true,
++
++ .max_file_usec = DEFAULT_MAX_FILE_USEC,
++diff --git a/src/journal/journald.conf b/src/journal/journald.conf
++index 2f1c661..8951d9e 100644
++--- a/src/journal/journald.conf
+++++ b/src/journal/journald.conf
++@@ -29,7 +29,7 @@
++ #RuntimeMaxFiles=100
++ #MaxRetentionSec=
++ #MaxFileSec=1month
++-#ForwardToSyslog=no
+++#ForwardToSyslog=yes
++ #ForwardToKMsg=no
++ #ForwardToConsole=no
++ #ForwardToWall=yes
--- /dev/null
--- /dev/null
++From: Martin Pitt <martin.pitt@ubuntu.com>
++Date: Mon, 9 May 2016 21:24:38 +0200
++Subject: Revert "core: enable TasksMax= for all services by default,
++ and set it to 512"
++
++This reverts commit 9ded9cd14cc03c67291b10a5c42ce5094ba0912f.
++
++Introducing a default limit on number of threads broke a lot of software which
++regularly needs more, such as MySQL and RabbitMQ, or services that spawn off an
++indefinite number of subtasks that are not in a scope, like LXC or cron.
++
++15% is way too much for most "simple" services, and it's too little for others
++such as the ones mentioned above. There is also no particular rationale about
++any particular global limit, so even if we'd bump it higher we'd just make the
++limit even less useful while still breaking software.
++
++It is both much safer and also much more effective in terms of guarding against
++berserk programs/bugs/unintended fork bombs etc. to set limits in units
++individually. Once someone looks at one, this is then a great time to also flip
++on the other resource and privilege limitations that systemd offers.
++
++Bug: https://github.com/systemd/systemd/issues/3211
++Bug-Debian: https://bugs.debian.org/823530
++Bug-Ubuntu: https://launchpad.net/bugs/1578080
++---
++ man/systemd-system.conf.xml | 3 +--
++ src/core/system.conf.in | 2 +-
++ 2 files changed, 2 insertions(+), 3 deletions(-)
++
++diff --git a/man/systemd-system.conf.xml b/man/systemd-system.conf.xml
++index e403fa5..d743af8 100644
++--- a/man/systemd-system.conf.xml
+++++ b/man/systemd-system.conf.xml
++@@ -360,8 +360,7 @@
++ <listitem><para>Configure the default value for the per-unit <varname>TasksMax=</varname> setting. See
++ <citerefentry><refentrytitle>systemd.resource-control</refentrytitle><manvolnum>5</manvolnum></citerefentry>
++ for details. This setting applies to all unit types that support resource control settings, with the exception
++- of slice units. Defaults to 15%, which equals 4915 with the kernel's defaults on the host, but might be smaller
++- in OS containers.</para></listitem>
+++ of slice units.</para></listitem>
++ </varlistentry>
++
++ <varlistentry>
++diff --git a/src/core/system.conf.in b/src/core/system.conf.in
++index 8112125..6d05a3c 100644
++--- a/src/core/system.conf.in
+++++ b/src/core/system.conf.in
++@@ -51,7 +51,7 @@
++ #DefaultBlockIOAccounting=no
++ #DefaultMemoryAccounting=@MEMORY_ACCOUNTING_DEFAULT@
++ #DefaultTasksAccounting=yes
++-#DefaultTasksMax=15%
+++#DefaultTasksMax=
++ #DefaultLimitCPU=
++ #DefaultLimitFSIZE=
++ #DefaultLimitDATA=
--- /dev/null
--- /dev/null
++From: Martin Pitt <martin.pitt@ubuntu.com>
++Date: Mon, 27 Apr 2015 15:29:13 +0200
++Subject: Revert "core: one step back again,
++ for nspawn we actually can't wait for cgroups running empty since systemd
++ will get exactly zero notifications about it"
++
++This reverts commit 743970d2ea6d08aa7c7bff8220f6b7702f2b1db7.
++
++Bug-Debian: https://bugs.debian.org/784720
++Bug-Ubuntu: https://launchpad.net/bugs/1448259
++Bug-Fedora: https://bugzilla.redhat.com/show_bug.cgi?id=1141137
++---
++ src/core/unit.c | 11 +----------
++ 1 file changed, 1 insertion(+), 10 deletions(-)
++
++diff --git a/src/core/unit.c b/src/core/unit.c
++index a1dc76a..b11b871 100644
++--- a/src/core/unit.c
+++++ b/src/core/unit.c
++@@ -4798,16 +4798,7 @@ int unit_kill_context(
++
++ } else if (r > 0) {
++
++- /* FIXME: For now, on the legacy hierarchy, we will not wait for the cgroup members to die if
++- * we are running in a container or if this is a delegation unit, simply because cgroup
++- * notification is unreliable in these cases. It doesn't work at all in containers, and outside
++- * of containers it can be confused easily by left-over directories in the cgroup — which
++- * however should not exist in non-delegated units. On the unified hierarchy that's different,
++- * there we get proper events. Hence rely on them. */
++-
++- if (cg_unified_controller(SYSTEMD_CGROUP_CONTROLLER) > 0 ||
++- (detect_container() == 0 && !unit_cgroup_delegate(u)))
++- wait_for_exit = true;
+++ wait_for_exit = true;
++
++ if (send_sighup) {
++ set_free(pid_set);
--- /dev/null
--- /dev/null
++From: Martin Pitt <martin.pitt@ubuntu.com>
++Date: Sat, 27 Feb 2016 12:27:06 +0100
++Subject: Revert "core: set RLIMIT_CORE to unlimited by default"
++
++Partially revert commit 15a900327ab as this completely breaks core dumps
++without systemd-coredump. It's also contradicting core(8), and it's not
++systemd's place to redefine the kernel definitions of core files.
++
++Commit bdfd7b2c now honours the process' RLIMIT_CORE for systemd-coredump. This
++isn't what RLIMIT_CORE is supposed to do (it limits the size of the core
++*file*, but the kernel deliberately ignores it for piping), so set a static
++2^63 core size limit for systemd-coredump to go back to the previous behaviour
++(otherwise the change above would break systemd-coredump).
++
++Bug-Debian: https://bugs.debian.org/815020
++---
++ src/core/main.c | 2 --
++ sysctl.d/50-coredump.conf.in | 2 +-
++ 2 files changed, 1 insertion(+), 3 deletions(-)
++
++diff --git a/src/core/main.c b/src/core/main.c
++index 6ee9135..6a75f96 100644
++--- a/src/core/main.c
+++++ b/src/core/main.c
++@@ -2469,8 +2469,6 @@ int main(int argc, char *argv[]) {
++ kernel_timestamp = DUAL_TIMESTAMP_NULL;
++ }
++
++- initialize_coredump(skip_setup);
++-
++ r = fixup_environment();
++ if (r < 0) {
++ log_emergency_errno(r, "Failed to fix up PID 1 environment: %m");
++diff --git a/sysctl.d/50-coredump.conf.in b/sysctl.d/50-coredump.conf.in
++index 47bf847..1ab6a33 100644
++--- a/sysctl.d/50-coredump.conf.in
+++++ b/sysctl.d/50-coredump.conf.in
++@@ -9,4 +9,4 @@
++ # and systemd-coredump(8) and core(5) for the explanation of the
++ # setting below.
++
++-kernel.core_pattern=|@rootlibexecdir@/systemd-coredump %P %u %g %s %t %c %h
+++kernel.core_pattern=|@rootlibexecdir@/systemd-coredump %P %u %g %s %t 9223372036854775808 %h
--- /dev/null
--- /dev/null
++From: Nis Martensen <nis.martensen@web.de>
++Date: Tue, 19 Jan 2016 22:01:43 +0100
++Subject: Skip filesystem check if already done by the initramfs
++
++Newer versions of initramfs-tools already fsck and mount / and /usr in
++the initramfs. Skip the filesystem check in this case.
++
++Based on a previous patch by Michael Biebl <biebl@debian.org>.
++
++Closes: #782522
++Closes: #810748
++---
++ src/fstab-generator/fstab-generator.c | 11 ++++++++---
++ units/systemd-fsck-root.service.in | 1 +
++ 2 files changed, 9 insertions(+), 3 deletions(-)
++
++diff --git a/src/fstab-generator/fstab-generator.c b/src/fstab-generator/fstab-generator.c
++index 76270ae..b9969d2 100644
++--- a/src/fstab-generator/fstab-generator.c
+++++ b/src/fstab-generator/fstab-generator.c
++@@ -308,6 +308,7 @@ static int add_mount(
++ *where_escaped = NULL;
++ _cleanup_fclose_ FILE *f = NULL;
++ int r;
+++ struct stat sb;
++
++ assert(what);
++ assert(where);
++@@ -391,9 +392,13 @@ static int add_mount(
++ }
++
++ if (passno != 0) {
++- r = generator_write_fsck_deps(f, dest, what, where, fstype);
++- if (r < 0)
++- return r;
+++ if (streq(where, "/usr") && stat("/run/initramfs/fsck-usr", &sb) == 0)
+++ ; /* skip /usr fsck if it has already been checked in the initramfs */
+++ else {
+++ r = generator_write_fsck_deps(f, dest, what, where, fstype);
+++ if (r < 0)
+++ return r;
+++ }
++ }
++
++ fprintf(f, "\n[Mount]\n");
++diff --git a/units/systemd-fsck-root.service.in b/units/systemd-fsck-root.service.in
++index bea6c16..49df031 100644
++--- a/units/systemd-fsck-root.service.in
+++++ b/units/systemd-fsck-root.service.in
++@@ -16,6 +16,7 @@ Before=local-fs.target shutdown.target
++ Wants=systemd-fsckd.socket
++ After=systemd-fsckd.socket
++ ConditionPathIsReadWrite=!/
+++ConditionPathExists=!/run/initramfs/fsck-root
++
++ [Service]
++ Type=oneshot
--- /dev/null
--- /dev/null
++From: Michael Biebl <biebl@debian.org>
++Date: Thu, 18 Jul 2013 20:11:02 +0200
++Subject: Use Debian specific config files
++
++Use /etc/default/locale instead of /etc/locale.conf for locale settings.
++
++Use /etc/default/keyboard instead of /etc/X11/xorg.conf.d/00-keyboard.conf for
++keyboard configuration.
++
++Read/write /etc/timezone if /etc/localtime does not exist.
++---
++ src/basic/time-util.c | 21 ++++-
++ src/core/locale-setup.c | 21 +++++
++ src/locale/keymap-util.c | 209 ++++++++++++++++++++++++-----------------------
++ src/timedate/timedated.c | 22 ++++-
++ 4 files changed, 164 insertions(+), 109 deletions(-)
++
++diff --git a/src/basic/time-util.c b/src/basic/time-util.c
++index 3018e81..1d74246 100644
++--- a/src/basic/time-util.c
+++++ b/src/basic/time-util.c
++@@ -1391,8 +1391,25 @@ int get_timezone(char **tz) {
++ int r;
++
++ r = readlink_malloc("/etc/localtime", &t);
++- if (r < 0)
++- return r; /* returns EINVAL if not a symlink */
+++ if (r < 0) {
+++ if (r != -EINVAL)
+++ return r; /* returns EINVAL if not a symlink */
+++
+++ r = read_one_line_file("/etc/timezone", &t);
+++ if (r < 0) {
+++ if (r != -ENOENT)
+++ log_warning_errno(r, "Failed to read /etc/timezone: %m");
+++ return -EINVAL;
+++ }
+++
+++ if (!timezone_is_valid(t, LOG_DEBUG))
+++ return -EINVAL;
+++ z = strdup(t);
+++ if (!z)
+++ return -ENOMEM;
+++ *tz = z;
+++ return 0;
+++ }
++
++ e = PATH_STARTSWITH_SET(t, "/usr/share/zoneinfo/", "../usr/share/zoneinfo/");
++ if (!e)
++diff --git a/src/core/locale-setup.c b/src/core/locale-setup.c
++index aa4a89c..8f36bbe 100644
++--- a/src/core/locale-setup.c
+++++ b/src/core/locale-setup.c
++@@ -59,6 +59,27 @@ int locale_setup(char ***environment) {
++ log_warning_errno(r, "Failed to read /etc/locale.conf: %m");
++ }
++
+++ if (r <= 0) {
+++ r = parse_env_file(NULL, "/etc/default/locale",
+++ "LANG", &variables[VARIABLE_LANG],
+++ "LANGUAGE", &variables[VARIABLE_LANGUAGE],
+++ "LC_CTYPE", &variables[VARIABLE_LC_CTYPE],
+++ "LC_NUMERIC", &variables[VARIABLE_LC_NUMERIC],
+++ "LC_TIME", &variables[VARIABLE_LC_TIME],
+++ "LC_COLLATE", &variables[VARIABLE_LC_COLLATE],
+++ "LC_MONETARY", &variables[VARIABLE_LC_MONETARY],
+++ "LC_MESSAGES", &variables[VARIABLE_LC_MESSAGES],
+++ "LC_PAPER", &variables[VARIABLE_LC_PAPER],
+++ "LC_NAME", &variables[VARIABLE_LC_NAME],
+++ "LC_ADDRESS", &variables[VARIABLE_LC_ADDRESS],
+++ "LC_TELEPHONE", &variables[VARIABLE_LC_TELEPHONE],
+++ "LC_MEASUREMENT", &variables[VARIABLE_LC_MEASUREMENT],
+++ "LC_IDENTIFICATION", &variables[VARIABLE_LC_IDENTIFICATION]);
+++
+++ if (r < 0 && r != -ENOENT)
+++ log_warning_errno(r, "Failed to read /etc/default/locale: %m");
+++ }
+++
++ for (i = 0; i < _VARIABLE_LC_MAX; i++) {
++ char *s;
++
++diff --git a/src/locale/keymap-util.c b/src/locale/keymap-util.c
++index f8c36c9..beaa40b 100644
++--- a/src/locale/keymap-util.c
+++++ b/src/locale/keymap-util.c
++@@ -93,6 +93,7 @@ void locale_simplify(char *locale[_VARIABLE_LC_MAX]) {
++ int locale_read_data(Context *c, sd_bus_message *m) {
++ struct stat st;
++ int r;
+++ const char *path = "/etc/locale.conf";
++
++ /* Do not try to re-read the file within single bus operation. */
++ if (m) {
++@@ -103,7 +104,11 @@ int locale_read_data(Context *c, sd_bus_message *m) {
++ c->locale_cache = sd_bus_message_ref(m);
++ }
++
++- r = stat("/etc/locale.conf", &st);
+++ r = stat(path, &st);
+++ if (r < 0 && errno == ENOENT) {
+++ path = "/etc/default/locale";
+++ r = stat(path, &st);
+++ }
++ if (r < 0 && errno != ENOENT)
++ return -errno;
++
++@@ -118,7 +123,7 @@ int locale_read_data(Context *c, sd_bus_message *m) {
++ c->locale_mtime = t;
++ context_free_locale(c);
++
++- r = parse_env_file(NULL, "/etc/locale.conf",
+++ r = parse_env_file(NULL, path,
++ "LANG", &c->locale[VARIABLE_LANG],
++ "LANGUAGE", &c->locale[VARIABLE_LANGUAGE],
++ "LC_CTYPE", &c->locale[VARIABLE_LC_CTYPE],
++@@ -199,8 +204,6 @@ int vconsole_read_data(Context *c, sd_bus_message *m) {
++ }
++
++ int x11_read_data(Context *c, sd_bus_message *m) {
++- _cleanup_fclose_ FILE *f = NULL;
++- bool in_section = false;
++ struct stat st;
++ usec_t t;
++ int r;
++@@ -214,7 +217,7 @@ int x11_read_data(Context *c, sd_bus_message *m) {
++ c->x11_cache = sd_bus_message_ref(m);
++ }
++
++- if (stat("/etc/X11/xorg.conf.d/00-keyboard.conf", &st) < 0) {
+++ if (stat("/etc/default/keyboard", &st) < 0) {
++ if (errno != ENOENT)
++ return -errno;
++
++@@ -231,61 +234,14 @@ int x11_read_data(Context *c, sd_bus_message *m) {
++ c->x11_mtime = t;
++ context_free_x11(c);
++
++- f = fopen("/etc/X11/xorg.conf.d/00-keyboard.conf", "re");
++- if (!f)
++- return -errno;
++-
++- for (;;) {
++- _cleanup_free_ char *line = NULL;
++- char *l;
++-
++- r = read_line(f, LONG_LINE_MAX, &line);
++- if (r < 0)
++- return r;
++- if (r == 0)
++- break;
++-
++- l = strstrip(line);
++- if (IN_SET(l[0], 0, '#'))
++- continue;
++-
++- if (in_section && first_word(l, "Option")) {
++- _cleanup_strv_free_ char **a = NULL;
++-
++- r = strv_split_extract(&a, l, WHITESPACE, EXTRACT_UNQUOTE);
++- if (r < 0)
++- return r;
++-
++- if (strv_length(a) == 3) {
++- char **p = NULL;
+++ r = parse_env_file(NULL, "/etc/default/keyboard",
+++ "XKBMODEL", &c->x11_model,
+++ "XKBLAYOUT", &c->x11_layout,
+++ "XKBVARIANT", &c->x11_variant,
+++ "XKBOPTIONS", &c->x11_options);
++
++- if (streq(a[1], "XkbLayout"))
++- p = &c->x11_layout;
++- else if (streq(a[1], "XkbModel"))
++- p = &c->x11_model;
++- else if (streq(a[1], "XkbVariant"))
++- p = &c->x11_variant;
++- else if (streq(a[1], "XkbOptions"))
++- p = &c->x11_options;
++-
++- if (p) {
++- free_and_replace(*p, a[2]);
++- }
++- }
++-
++- } else if (!in_section && first_word(l, "Section")) {
++- _cleanup_strv_free_ char **a = NULL;
++-
++- r = strv_split_extract(&a, l, WHITESPACE, EXTRACT_UNQUOTE);
++- if (r < 0)
++- return -ENOMEM;
++-
++- if (strv_length(a) == 2 && streq(a[1], "InputClass"))
++- in_section = true;
++-
++- } else if (in_section && first_word(l, "EndSection"))
++- in_section = false;
++- }
+++ if (r < 0)
+++ return r;
++
++ return 0;
++ }
++@@ -294,9 +250,18 @@ int locale_write_data(Context *c, char ***settings) {
++ _cleanup_strv_free_ char **l = NULL;
++ struct stat st;
++ int r, p;
+++ const char *path = "/etc/locale.conf";
++
++ /* Set values will be returned as strv in *settings on success. */
++
+++ r = load_env_file(NULL, path, &l);
+++ if (r < 0 && r == -ENOENT) {
+++ path = "/etc/default/locale";
+++ r = load_env_file(NULL, path, &l);
+++ }
+++ if (r < 0 && r != -ENOENT)
+++ return r;
+++
++ for (p = 0; p < _VARIABLE_LC_MAX; p++) {
++ _cleanup_free_ char *t = NULL;
++ char **u;
++@@ -319,20 +284,20 @@ int locale_write_data(Context *c, char ***settings) {
++ }
++
++ if (strv_isempty(l)) {
++- if (unlink("/etc/locale.conf") < 0)
+++ if (unlink(path) < 0)
++ return errno == ENOENT ? 0 : -errno;
++
++ c->locale_mtime = USEC_INFINITY;
++ return 0;
++ }
++
++- r = write_env_file_label("/etc/locale.conf", l);
+++ r = write_env_file_label(path, l);
++ if (r < 0)
++ return r;
++
++ *settings = TAKE_PTR(l);
++
++- if (stat("/etc/locale.conf", &st) >= 0)
+++ if (stat(path, &st) >= 0)
++ c->locale_mtime = timespec_load(&st.st_mtim);
++
++ return 0;
++@@ -400,68 +365,104 @@ int vconsole_write_data(Context *c) {
++ }
++
++ int x11_write_data(Context *c) {
++- _cleanup_fclose_ FILE *f = NULL;
++- _cleanup_free_ char *temp_path = NULL;
++ struct stat st;
++ int r;
+++ char *t, **u, **l = NULL;
++
++- if (isempty(c->x11_layout) &&
++- isempty(c->x11_model) &&
++- isempty(c->x11_variant) &&
++- isempty(c->x11_options)) {
+++ r = load_env_file(NULL, "/etc/default/keyboard", &l);
+++ if (r < 0 && r != -ENOENT)
+++ return r;
++
++- if (unlink("/etc/X11/xorg.conf.d/00-keyboard.conf") < 0)
++- return errno == ENOENT ? 0 : -errno;
+++ /* This could perhaps be done more elegantly using an array
+++ * like we do for the locale, instead of struct
+++ */
+++ if (isempty(c->x11_layout)) {
+++ l = strv_env_unset(l, "XKBLAYOUT");
+++ } else {
+++ if (asprintf(&t, "XKBLAYOUT=%s", c->x11_layout) < 0) {
+++ strv_free(l);
+++ return -ENOMEM;
+++ }
++
++- c->vc_mtime = USEC_INFINITY;
++- return 0;
+++ u = strv_env_set(l, t);
+++ free(t);
+++ strv_free(l);
+++
+++ if (!u)
+++ return -ENOMEM;
+++
+++ l = u;
++ }
++
++- (void) mkdir_p_label("/etc/X11/xorg.conf.d", 0755);
++- r = fopen_temporary("/etc/X11/xorg.conf.d/00-keyboard.conf", &f, &temp_path);
++- if (r < 0)
++- return r;
+++ if (isempty(c->x11_model)) {
+++ l = strv_env_unset(l, "XKBMODEL");
+++ } else {
+++ if (asprintf(&t, "XKBMODEL=%s", c->x11_model) < 0) {
+++ strv_free(l);
+++ return -ENOMEM;
+++ }
++
++- (void) fchmod(fileno(f), 0644);
+++ u = strv_env_set(l, t);
+++ free(t);
+++ strv_free(l);
++
++- fputs("# Written by systemd-localed(8), read by systemd-localed and Xorg. It's\n"
++- "# probably wise not to edit this file manually. Use localectl(1) to\n"
++- "# instruct systemd-localed to update it.\n"
++- "Section \"InputClass\"\n"
++- " Identifier \"system-keyboard\"\n"
++- " MatchIsKeyboard \"on\"\n", f);
+++ if (!u)
+++ return -ENOMEM;
+++
+++ l = u;
+++ }
+++
+++ if (isempty(c->x11_variant)) {
+++ l = strv_env_unset(l, "XKBVARIANT");
+++ } else {
+++ if (asprintf(&t, "XKBVARIANT=%s", c->x11_variant) < 0) {
+++ strv_free(l);
+++ return -ENOMEM;
+++ }
++
++- if (!isempty(c->x11_layout))
++- fprintf(f, " Option \"XkbLayout\" \"%s\"\n", c->x11_layout);
+++ u = strv_env_set(l, t);
+++ free(t);
+++ strv_free(l);
++
++- if (!isempty(c->x11_model))
++- fprintf(f, " Option \"XkbModel\" \"%s\"\n", c->x11_model);
+++ if (!u)
+++ return -ENOMEM;
++
++- if (!isempty(c->x11_variant))
++- fprintf(f, " Option \"XkbVariant\" \"%s\"\n", c->x11_variant);
+++ l = u;
+++ }
++
++- if (!isempty(c->x11_options))
++- fprintf(f, " Option \"XkbOptions\" \"%s\"\n", c->x11_options);
+++ if (isempty(c->x11_options)) {
+++ l = strv_env_unset(l, "XKBOPTIONS");
+++ } else {
+++ if (asprintf(&t, "XKBOPTIONS=%s", c->x11_options) < 0) {
+++ strv_free(l);
+++ return -ENOMEM;
+++ }
++
++- fputs("EndSection\n", f);
+++ u = strv_env_set(l, t);
+++ free(t);
+++ strv_free(l);
++
++- r = fflush_sync_and_check(f);
++- if (r < 0)
++- goto fail;
+++ if (!u)
+++ return -ENOMEM;
++
++- if (rename(temp_path, "/etc/X11/xorg.conf.d/00-keyboard.conf") < 0) {
++- r = -errno;
++- goto fail;
+++ l = u;
++ }
++
++- if (stat("/etc/X11/xorg.conf.d/00-keyboard.conf", &st) >= 0)
++- c->x11_mtime = timespec_load(&st.st_mtim);
+++ if (strv_isempty(l)) {
+++ strv_free(l);
++
++- return 0;
+++ if (unlink("/etc/default/keyboard") < 0)
+++ return errno == ENOENT ? 0 : -errno;
++
++-fail:
++- if (temp_path)
++- (void) unlink(temp_path);
+++ c->vc_mtime = USEC_INFINITY;
+++ return 0;
+++ }
+++
+++ r = write_env_file("/etc/default/keyboard", l);
+++ strv_free(l);
+++
+++ if (r >= 0 && stat("/etc/default/keyboard", &st) >= 0)
+++ c->x11_mtime = timespec_load(&st.st_mtim);
++
++ return r;
++ }
++diff --git a/src/timedate/timedated.c b/src/timedate/timedated.c
++index 4f15a40..807f505 100644
++--- a/src/timedate/timedated.c
+++++ b/src/timedate/timedated.c
++@@ -278,20 +278,36 @@ static int context_read_data(Context *c) {
++
++ static int context_write_data_timezone(Context *c) {
++ _cleanup_free_ char *p = NULL;
+++ int r = 0;
+++ struct stat st;
++
++ assert(c);
++
++ if (isempty(c->zone)) {
++ if (unlink("/etc/localtime") < 0 && errno != ENOENT)
++- return -errno;
++- return 0;
+++ r = -errno;
+++
+++ if (unlink("/etc/timezone") < 0 && errno != ENOENT)
+++ r = -errno;
+++
+++ return r;
++ }
++
++ p = path_join("../usr/share/zoneinfo", c->zone);
++ if (!p)
++ return log_oom();
++
++- return symlink_atomic(p, "/etc/localtime");
+++ r = symlink_atomic(p, "/etc/localtime");
+++ if (r < 0)
+++ return r;
+++
+++ if (stat("/etc/timezone", &st) == 0 && S_ISREG(st.st_mode)) {
+++ r = write_string_file("/etc/timezone", c->zone, WRITE_STRING_FILE_CREATE|WRITE_STRING_FILE_ATOMIC);
+++ if (r < 0)
+++ return r;
+++ }
+++
+++ return 0;
++ }
++
++ static int context_write_data_local_rtc(Context *c) {
--- /dev/null
--- /dev/null
++From: Dan Streetman <ddstreet@canonical.com>
++Date: Wed, 6 Nov 2019 09:14:54 -0500
++Subject: blacklist-upstream-test-24-ppc64el
++
++Bug: https://github.com/systemd/systemd/issues/11612
++---
++ test/TEST-24-UNIT-TESTS/blacklist-upstream-ci-ppc64el | 1 +
++ 1 file changed, 1 insertion(+)
++ create mode 100644 test/TEST-24-UNIT-TESTS/blacklist-upstream-ci-ppc64el
++
++diff --git a/test/TEST-24-UNIT-TESTS/blacklist-upstream-ci-ppc64el b/test/TEST-24-UNIT-TESTS/blacklist-upstream-ci-ppc64el
++new file mode 100644
++index 0000000..52877fc
++--- /dev/null
+++++ b/test/TEST-24-UNIT-TESTS/blacklist-upstream-ci-ppc64el
++@@ -0,0 +1 @@
+++# unknown reason for failing, tracked in https://github.com/systemd/systemd/issues/11612
--- /dev/null
--- /dev/null
++From: Dan Streetman <ddstreet@canonical.com>
++Date: Wed, 6 Nov 2019 09:14:50 -0500
++Subject: blacklist-upstream-test-25
++
++Bug: https://github.com/systemd/systemd/issues/13973
++---
++ test/TEST-25-IMPORT/blacklist-upstream-ci | 1 +
++ 1 file changed, 1 insertion(+)
++ create mode 100644 test/TEST-25-IMPORT/blacklist-upstream-ci
++
++diff --git a/test/TEST-25-IMPORT/blacklist-upstream-ci b/test/TEST-25-IMPORT/blacklist-upstream-ci
++new file mode 100644
++index 0000000..47a5f15
++--- /dev/null
+++++ b/test/TEST-25-IMPORT/blacklist-upstream-ci
++@@ -0,0 +1 @@
+++# unknown failure; tracked in https://github.com/systemd/systemd/issues/13973
--- /dev/null
--- /dev/null
++From: Didier Roche <didrocks@ubuntu.com>
++Date: Fri, 22 May 2015 13:04:38 +0200
++Subject: fsckd daemon for inter-fsckd communication
++
++Global logic:
++Add systemd-fsckd multiplexer which accepts multiple (via systemd-fsck's
++/run/systemd/fsck.progress socket) fsck instances to connect to it and sends
++progress report. systemd-fsckd then computes and writes to /dev/console the
++number of devices currently being checked and the minimum fsck progress.
++
++Plymouth and user interaction:
++Forward the progress to plymouth and support canellation of in progress fsck.
++Try to connect and send to plymouth (if running) some checked report progress,
++using direct plymouth protocole.
++
++Update message is the following:
++fsckd:<num_devices>:<progress>:<string>
++* num_devices corresponds to the current number of devices being checked (int)
++* progress corresponds to the current minimum percentage of all devices being
++ checked (float, from 0 to 100)
++* string is a translated message ready to be displayed by the plymouth theme
++ displaying the information above. It can be overridden by plymouth themes
++ supporting i18n.
++
++Grab in fsckd plymouth watch key Control+C, and propagate this cancel request
++to systemd-fsck which will terminate fsck.
++
++Send a message to signal to user what key we are grabbing for fsck cancel.
++
++Message is: fsckd-cancel-msg:<string>
++Where string is a translated string ready to be displayed by the plymouth theme
++indicating that Control+C can be used to cancel current checks. It can be
++overridden (matching only fsckd-cancel-msg prefix) for themes supporting i18n.
++
++Misc:
++systemd-fsckd stops on idle when no fsck is connected.
++Add man page explaining the plymouth theme protocol, usage of the daemon
++as well as the socket activation part. Adapt existing fsck man page.
++
++Note that fsckd had lived in the upstream tree for a while, but was removed.
++More information at
++http://lists.freedesktop.org/archives/systemd-devel/2015-April/030175.html
++-
++---
++ man/rules/meson.build | 1 +
++ man/systemd-fsckd.service.xml | 162 +++++++++
++ meson.build | 8 +
++ po/POTFILES.in | 1 +
++ src/fsckd/fsckd.c | 690 +++++++++++++++++++++++++++++++++++++
++ units/meson.build | 2 +
++ units/systemd-fsck-root.service.in | 2 +
++ units/systemd-fsck@.service.in | 3 +-
++ units/systemd-fsckd.service.in | 17 +
++ units/systemd-fsckd.socket | 15 +
++ 10 files changed, 900 insertions(+), 1 deletion(-)
++ create mode 100644 man/systemd-fsckd.service.xml
++ create mode 100644 src/fsckd/fsckd.c
++ create mode 100644 units/systemd-fsckd.service.in
++ create mode 100644 units/systemd-fsckd.socket
++
++diff --git a/man/rules/meson.build b/man/rules/meson.build
++index 3b63311..890f109 100644
++--- a/man/rules/meson.build
+++++ b/man/rules/meson.build
++@@ -682,6 +682,7 @@ manpages = [
++ '8',
++ ['systemd-fsck', 'systemd-fsck-root.service'],
++ ''],
+++ ['systemd-fsckd.service', '8', ['systemd-fsckd.socket', 'systemd-fsckd'], ''],
++ ['systemd-fstab-generator', '8', [], ''],
++ ['systemd-getty-generator', '8', [], ''],
++ ['systemd-gpt-auto-generator', '8', [], ''],
++diff --git a/man/systemd-fsckd.service.xml b/man/systemd-fsckd.service.xml
++new file mode 100644
++index 0000000..b7ad58d
++--- /dev/null
+++++ b/man/systemd-fsckd.service.xml
++@@ -0,0 +1,162 @@
+++<?xml version="1.0"?>
+++<!--*-nxml-*-->
+++<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.2//EN" "http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd">
+++<!--
+++ This file is part of systemd.
+++
+++ Copyright 2015 Canonical
+++
+++ systemd is free software; you can redistribute it and/or modify it
+++ under the terms of the GNU Lesser General Public License as published by
+++ the Free Software Foundation; either version 2.1 of the License, or
+++ (at your option) any later version.
+++
+++ systemd is distributed in the hope that it will be useful, but
+++ WITHOUT ANY WARRANTY; without even the implied warranty of
+++ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+++ Lesser General Public License for more details.
+++
+++ You should have received a copy of the GNU Lesser General Public License
+++ along with systemd; If not, see <http://www.gnu.org/licenses/>.
+++-->
+++<refentry id="systemd-fsckd.service" xmlns:xi="http://www.w3.org/2001/XInclude">
+++
+++ <refentryinfo>
+++ <title>systemd-fsckd.service</title>
+++ <productname>systemd</productname>
+++
+++ <authorgroup>
+++ <author>
+++ <contrib>Developer</contrib>
+++ <firstname>Didier</firstname>
+++ <surname>Roche</surname>
+++ <email>didrocks@ubuntu.com</email>
+++ </author>
+++ </authorgroup>
+++ </refentryinfo>
+++
+++ <refmeta>
+++ <refentrytitle>systemd-fsckd.service</refentrytitle>
+++ <manvolnum>8</manvolnum>
+++ </refmeta>
+++
+++ <refnamediv>
+++ <refname>systemd-fsckd.service</refname>
+++ <refname>systemd-fsckd.socket</refname>
+++ <refname>systemd-fsckd</refname>
+++ <refpurpose>File system check progress reporting</refpurpose>
+++ </refnamediv>
+++
+++ <refsynopsisdiv>
+++ <para><filename>systemd-fsckd.service</filename></para>
+++ <para><filename>systemd-fsckd.socket</filename></para>
+++ <para><filename>/usr/lib/systemd/systemd-fsckd</filename></para>
+++ </refsynopsisdiv>
+++
+++ <refsect1>
+++ <title>Description</title>
+++
+++ <para><filename>systemd-fsckd.service</filename> is a service responsible
+++ for receiving file system check progress, and communicating some
+++ consolidated data to console and plymouth (if running). It also handles
+++ possible check cancellations.</para>
+++
+++ <para><command>systemd-fsckd</command> receives messages about file
+++ system check progress from <command>fsck</command> through an
+++ UNIX domain socket. It can display the progress of the least advanced
+++ fsck as well as the total number of devices being checked in parallel
+++ to the console. It will also send progress messages to plymouth.
+++ Both the raw data and translated messages are sent, so compiled
+++ plymouth themes can use the raw data to display custom messages, and
+++ scripted themes, not supporting i18n, can display the translated
+++ versions.</para>
+++
+++ <para><command>systemd-fsckd</command> will instruct plymouth to grab
+++ Control+C keypresses. When the key is pressed, running checks will be
+++ terminated. It will also cancel any newly connected fsck instances for
+++ the lifetime of <filename>systemd-fsckd</filename>.</para>
+++ </refsect1>
+++
+++ <refsect1>
+++ <title>Protocol for communication with plymouth</title>
+++
+++ <para><filename>systemd-fsckd</filename> passes the
+++ following messages to the theme:</para>
+++
+++ <para>Progress update, sent as a plymouth update message:
+++ <literal>fsckd:<num_devices>:<progress>:<string></literal>
+++ <variablelist>
+++ <varlistentry>
+++ <term><literal><num_devices></literal></term>
+++ <listitem><para>the current number of devices
+++ being checked (int)</para></listitem>
+++ </varlistentry>
+++ <varlistentry>
+++ <term><literal><progress></literal></term>
+++ <listitem><para>the current minimum percentage of
+++ all devices being checking (float, from 0 to 100)</para></listitem>
+++ </varlistentry>
+++ <varlistentry>
+++ <term><literal><string></literal></term>
+++ <listitem><para>a translated message ready to be displayed
+++ by the plymouth theme displaying the data above. It can be overridden
+++ by themes supporting i18n.</para></listitem>
+++ </varlistentry>
+++ </variablelist>
+++ </para>
+++
+++ <para>Cancel message, sent as a traditional plymouth message:
+++ <literal>fsckd-cancel-msg:<string></literal>
+++ <variablelist>
+++ <varlistentry>
+++ <term><literal><strings></literal></term>
+++ <listitem><para>a translated string ready to be displayed
+++ by the plymouth theme indicating that Control+C can be used to cancel
+++ current checks. It can be overridden (matching only
+++ <literal>fsckd-cancel-msg</literal> prefix)
+++ by themes supporting i18n.</para></listitem>
+++ </varlistentry>
+++ </variablelist>
+++ </para>
+++ </refsect1>
+++
+++ <refsect1>
+++ <title>Options</title>
+++
+++ <para>The following options are understood:</para>
+++
+++ <variablelist>
+++ <xi:include href="standard-options.xml" xpointer="help" />
+++ <xi:include href="standard-options.xml" xpointer="version" />
+++ </variablelist>
+++
+++ </refsect1>
+++
+++ <refsect1>
+++ <title>Exit status</title>
+++
+++ <para>On success, 0 is returned, a non-zero failure
+++ code otherwise. Note that the daemon stays idle for
+++ a while to accept new <filename>fsck</filename>
+++ connections before exiting.</para>
+++ </refsect1>
+++
+++ <refsect1>
+++ <title>See Also</title>
+++ <para>
+++ <citerefentry><refentrytitle>systemd</refentrytitle><manvolnum>1</manvolnum></citerefentry>,
+++ <citerefentry><refentrytitle>systemd-fsck</refentrytitle><manvolnum>8</manvolnum></citerefentry>,
+++ <citerefentry project='man-pages'><refentrytitle>fsck</refentrytitle><manvolnum>8</manvolnum></citerefentry>,
+++ <citerefentry><refentrytitle>systemd-quotacheck.service</refentrytitle><manvolnum>8</manvolnum></citerefentry>,
+++ <citerefentry project='man-pages'><refentrytitle>fsck.btrfs</refentrytitle><manvolnum>8</manvolnum></citerefentry>,
+++ <citerefentry project='man-pages'><refentrytitle>fsck.cramfs</refentrytitle><manvolnum>8</manvolnum></citerefentry>,
+++ <citerefentry project='man-pages'><refentrytitle>fsck.ext4</refentrytitle><manvolnum>8</manvolnum></citerefentry>,
+++ <citerefentry project='man-pages'><refentrytitle>fsck.fat</refentrytitle><manvolnum>8</manvolnum></citerefentry>,
+++ <citerefentry project='man-pages'><refentrytitle>fsck.hfsplus</refentrytitle><manvolnum>8</manvolnum></citerefentry>,
+++ <citerefentry project='man-pages'><refentrytitle>fsck.minix</refentrytitle><manvolnum>8</manvolnum></citerefentry>,
+++ <citerefentry project='man-pages'><refentrytitle>fsck.ntfs</refentrytitle><manvolnum>8</manvolnum></citerefentry>,
+++ <citerefentry project='man-pages'><refentrytitle>fsck.xfs</refentrytitle><manvolnum>8</manvolnum></citerefentry>
+++ </para>
+++ </refsect1>
+++
+++</refentry>
++diff --git a/meson.build b/meson.build
++index 4fc7dfa..1254559 100644
++--- a/meson.build
+++++ b/meson.build
++@@ -2364,6 +2364,14 @@ executable('systemd-makefs',
++ install : true,
++ install_dir : rootlibexecdir)
++
+++executable('systemd-fsckd',
+++ 'src/fsckd/fsckd.c',
+++ include_directories : includes,
+++ link_with : [libshared],
+++ install_rpath : rootlibexecdir,
+++ install : true,
+++ install_dir : rootlibexecdir)
+++
++ executable('systemd-sleep',
++ 'src/sleep/sleep.c',
++ include_directories : includes,
++diff --git a/po/POTFILES.in b/po/POTFILES.in
++index 983f346..1e60287 100644
++--- a/po/POTFILES.in
+++++ b/po/POTFILES.in
++@@ -9,3 +9,4 @@ src/portable/org.freedesktop.portable1.policy
++ src/resolve/org.freedesktop.resolve1.policy
++ src/timedate/org.freedesktop.timedate1.policy
++ src/core/dbus-unit.c
+++src/fsckd/fsckd.c
++diff --git a/src/fsckd/fsckd.c b/src/fsckd/fsckd.c
++new file mode 100644
++index 0000000..4c1fe88
++--- /dev/null
+++++ b/src/fsckd/fsckd.c
++@@ -0,0 +1,690 @@
+++/*-*- Mode: C; c-basic-offset: 8; indent-tabs-mode: nil -*-*/
+++
+++/***
+++ This file is part of systemd.
+++
+++ Copyright 2015 Canonical
+++
+++ Author:
+++ Didier Roche <didrocks@ubuntu.com>
+++
+++ systemd is free software; you can redistribute it and/or modify it
+++ under the terms of the GNU Lesser General Public License as published by
+++ the Free Software Foundation; either version 2.1 of the License, or
+++ (at your option) any later version.
+++
+++ systemd is distributed in the hope that it will be useful, but
+++ WITHOUT ANY WARRANTY; without even the implied warranty of
+++ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+++ Lesser General Public License for more details.
+++
+++ You should have received a copy of the GNU Lesser General Public License
+++ along with systemd; If not, see <http://www.gnu.org/licenses/>.
+++***/
+++
+++#include <getopt.h>
+++#include <errno.h>
+++#include <libintl.h>
+++#include <math.h>
+++#include <stdbool.h>
+++#include <stdlib.h>
+++#include <stdio.h>
+++#include <sys/socket.h>
+++#include <sys/types.h>
+++#include <sys/un.h>
+++#include <unistd.h>
+++
+++#include "sd-daemon.h"
+++#include "build.h"
+++#include "def.h"
+++#include "sd-event.h"
+++#include "log.h"
+++#include "list.h"
+++#include "macro.h"
+++#include "socket-util.h"
+++#include "fd-util.h"
+++#include "string-util.h"
+++#include "io-util.h"
+++#include "util.h"
+++#include "alloc-util.h"
+++#include "locale-util.h"
+++#include "plymouth-util.h"
+++
+++#define FSCKD_SOCKET_PATH "/run/systemd/fsck.progress"
+++#define IDLE_TIME_SECONDS 30
+++#define PLYMOUTH_REQUEST_KEY "K\2\2\3"
+++#define CLIENTS_MAX 128
+++
+++struct Manager;
+++
+++typedef struct Client {
+++ struct Manager *manager;
+++ char *device_name;
+++ /* device id refers to "fd <fd>" until it gets a name as "device_name" */
+++ char *device_id;
+++
+++ pid_t fsck_pid;
+++ FILE *fsck_f;
+++
+++ size_t cur;
+++ size_t max;
+++ int pass;
+++
+++ double percent;
+++
+++ bool cancelled;
+++ bool bad_input;
+++
+++ sd_event_source *event_source;
+++
+++ LIST_FIELDS(struct Client, clients);
+++} Client;
+++
+++typedef struct Manager {
+++ sd_event *event;
+++
+++ LIST_HEAD(Client, clients);
+++ unsigned n_clients;
+++
+++ size_t clear;
+++
+++ int connection_fd;
+++ sd_event_source *connection_event_source;
+++
+++ bool show_status_console;
+++
+++ double percent;
+++ int numdevices;
+++
+++ int plymouth_fd;
+++ sd_event_source *plymouth_event_source;
+++ bool plymouth_cancel_sent;
+++
+++ bool cancel_requested;
+++} Manager;
+++
+++static void client_free(Client *c);
+++static void manager_free(Manager *m);
+++
+++DEFINE_TRIVIAL_CLEANUP_FUNC(Client*, client_free);
+++DEFINE_TRIVIAL_CLEANUP_FUNC(Manager*, manager_free);
+++
+++static int manager_write_console(Manager *m, const char *message) {
+++ _cleanup_fclose_ FILE *console = NULL;
+++ int l;
+++ size_t j;
+++
+++ assert(m);
+++
+++ if (!m->show_status_console)
+++ return 0;
+++
+++ /* Reduce the SAK window by opening and closing console on every request */
+++ console = fopen("/dev/console", "we");
+++ if (!console)
+++ return -errno;
+++
+++ if (message) {
+++ fprintf(console, "\r%s\r%n", message, &l);
+++ if (m->clear < (size_t)l)
+++ m->clear = (size_t)l;
+++ } else {
+++ fputc('\r', console);
+++ for (j = 0; j < m->clear; j++)
+++ fputc(' ', console);
+++ fputc('\r', console);
+++ }
+++ fflush(console);
+++
+++ return 0;
+++}
+++
+++static double compute_percent(int pass, size_t cur, size_t max) {
+++ /* Values stolen from e2fsck */
+++
+++ static const double pass_table[] = {
+++ 0, 70, 90, 92, 95, 100
+++ };
+++
+++ if (pass <= 0)
+++ return 0.0;
+++
+++ if ((unsigned) pass >= ELEMENTSOF(pass_table) || max == 0)
+++ return 100.0;
+++
+++ return pass_table[pass-1] +
+++ (pass_table[pass] - pass_table[pass-1]) *
+++ (double) cur / max;
+++}
+++
+++static int client_request_cancel(Client *c) {
+++ assert(c);
+++
+++ if (c->cancelled)
+++ return 0;
+++
+++ log_info("Request to cancel fsck for %s from fsckd", c->device_id);
+++ if (kill(c->fsck_pid, SIGTERM) < 0) {
+++ /* ignore the error and consider that cancel was sent if fsck just exited */
+++ if (errno != ESRCH)
+++ return log_error_errno(errno, "Cannot send cancel to fsck for %s: %m", c->device_id);
+++ }
+++
+++ c->cancelled = true;
+++ return 1;
+++}
+++
+++static void client_free(Client *c) {
+++ assert(c);
+++
+++ if (c->manager) {
+++ LIST_REMOVE(clients, c->manager->clients, c);
+++ c->manager->n_clients--;
+++ }
+++
+++ sd_event_source_unref(c->event_source);
+++ fclose(c->fsck_f);
+++ if (c->device_name)
+++ free(c->device_name);
+++ if (c->device_id)
+++ free(c->device_id);
+++ free(c);
+++}
+++
+++static void manager_disconnect_plymouth(Manager *m) {
+++ assert(m);
+++
+++ m->plymouth_event_source = sd_event_source_unref(m->plymouth_event_source);
+++ m->plymouth_fd = safe_close(m->plymouth_fd);
+++ m->plymouth_cancel_sent = false;
+++}
+++
+++static int manager_plymouth_feedback_handler(sd_event_source *s, int fd, uint32_t revents, void *userdata) {
+++ Manager *m = userdata;
+++ Client *current;
+++ char buffer[6];
+++ ssize_t l;
+++
+++ assert(m);
+++
+++ l = read(m->plymouth_fd, buffer, sizeof(buffer));
+++ if (l < 0) {
+++ log_warning_errno(errno, "Got error while reading from plymouth: %m");
+++ manager_disconnect_plymouth(m);
+++ return -errno;
+++ }
+++ if (l == 0) {
+++ manager_disconnect_plymouth(m);
+++ return 0;
+++ }
+++
+++ if (l > 1 && buffer[0] == '\15')
+++ log_error("Message update to plymouth wasn't delivered successfully");
+++
+++ /* the only answer support type we requested is a key interruption */
+++ if (l > 2 && buffer[0] == '\2' && buffer[5] == '\3') {
+++ m->cancel_requested = true;
+++
+++ /* cancel all connected clients */
+++ LIST_FOREACH(clients, current, m->clients)
+++ client_request_cancel(current);
+++ }
+++
+++ return 0;
+++}
+++
+++static int manager_connect_plymouth(Manager *m) {
+++ union sockaddr_union sa = PLYMOUTH_SOCKET;
+++ int r;
+++
+++ if (!plymouth_running())
+++ return 0;
+++
+++ /* try to connect or reconnect if sending a message */
+++ if (m->plymouth_fd >= 0)
+++ return 1;
+++
+++ m->plymouth_fd = socket(AF_UNIX, SOCK_STREAM|SOCK_CLOEXEC, 0);
+++ if (m->plymouth_fd < 0)
+++ return log_warning_errno(errno, "Connection to plymouth socket failed: %m");
+++
+++ if (connect(m->plymouth_fd, &sa.sa, offsetof(struct sockaddr_un, sun_path) + 1 + strlen(sa.un.sun_path+1)) < 0) {
+++ r = log_warning_errno(errno, "Couldn't connect to plymouth: %m");
+++ goto fail;
+++ }
+++
+++ r = sd_event_add_io(m->event, &m->plymouth_event_source, m->plymouth_fd, EPOLLIN, manager_plymouth_feedback_handler, m);
+++ if (r < 0) {
+++ log_warning_errno(r, "Can't listen to plymouth socket: %m");
+++ goto fail;
+++ }
+++
+++ return 1;
+++
+++fail:
+++ manager_disconnect_plymouth(m);
+++ return r;
+++}
+++
+++static int plymouth_send_message(int plymouth_fd, const char *message, bool update) {
+++ _cleanup_free_ char *packet = NULL;
+++ int n;
+++ char mode = 'M';
+++
+++ if (update)
+++ mode = 'U';
+++
+++ if (asprintf(&packet, "%c\002%c%s%n", mode, (int) (strlen(message) + 1), message, &n) < 0)
+++ return log_oom();
+++
+++ return loop_write(plymouth_fd, packet, n + 1, true);
+++}
+++
+++static int manager_send_plymouth_message(Manager *m, const char *message) {
+++ const char *plymouth_cancel_message = NULL, *l10n_cancel_message = NULL;
+++ int r;
+++
+++ r = manager_connect_plymouth(m);
+++ if (r < 0)
+++ return r;
+++ /* 0 means that plymouth isn't running, do not send any message yet */
+++ else if (r == 0)
+++ return 0;
+++
+++ if (!m->plymouth_cancel_sent) {
+++
+++ /* Indicate to plymouth that we listen to Ctrl+C */
+++ r = loop_write(m->plymouth_fd, PLYMOUTH_REQUEST_KEY, sizeof(PLYMOUTH_REQUEST_KEY), true);
+++ if (r < 0)
+++ return log_warning_errno(r, "Can't send to plymouth cancel key: %m");
+++
+++ m->plymouth_cancel_sent = true;
+++
+++ l10n_cancel_message = _("Press Ctrl+C to cancel all filesystem checks in progress");
+++ plymouth_cancel_message = strjoina("fsckd-cancel-msg:", l10n_cancel_message);
+++
+++ r = plymouth_send_message(m->plymouth_fd, plymouth_cancel_message, false);
+++ if (r < 0)
+++ log_warning_errno(r, "Can't send filesystem cancel message to plymouth: %m");
+++
+++ } else if (m->numdevices == 0) {
+++
+++ m->plymouth_cancel_sent = false;
+++
+++ r = plymouth_send_message(m->plymouth_fd, "", false);
+++ if (r < 0)
+++ log_warning_errno(r, "Can't clear plymouth filesystem cancel message: %m");
+++ }
+++
+++ r = plymouth_send_message(m->plymouth_fd, message, true);
+++ if (r < 0)
+++ return log_warning_errno(r, "Couldn't send \"%s\" to plymouth: %m", message);
+++
+++ return 0;
+++}
+++
+++static int manager_update_global_progress(Manager *m) {
+++ Client *current = NULL;
+++ _cleanup_free_ char *console_message = NULL;
+++ _cleanup_free_ char *fsck_message = NULL;
+++ int current_numdevices = 0, r;
+++ double current_percent = 100;
+++
+++ /* get the overall percentage */
+++ LIST_FOREACH(clients, current, m->clients) {
+++ current_numdevices++;
+++
+++ /* right now, we only keep the minimum % of all fsckd processes. We could in the future trying to be
+++ linear, but max changes and corresponds to the pass. We have all the informations into fsckd
+++ already if we can treat that in a smarter way. */
+++ current_percent = MIN(current_percent, current->percent);
+++ }
+++
+++ /* update if there is anything user-visible to update */
+++ if (fabs(current_percent - m->percent) > 0.001 || current_numdevices != m->numdevices) {
+++ m->numdevices = current_numdevices;
+++ m->percent = current_percent;
+++
+++ if (asprintf(&console_message,
+++ ngettext("Checking in progress on %d disk (%3.1f%% complete)",
+++ "Checking in progress on %d disks (%3.1f%% complete)", m->numdevices),
+++ m->numdevices, m->percent) < 0)
+++ return -ENOMEM;
+++
+++ if (asprintf(&fsck_message, "fsckd:%d:%3.1f:%s", m->numdevices, m->percent, console_message) < 0)
+++ return -ENOMEM;
+++
+++ r = manager_write_console(m, console_message);
+++ if (r < 0)
+++ return r;
+++
+++ /* try to connect to plymouth and send message */
+++ r = manager_send_plymouth_message(m, fsck_message);
+++ if (r < 0)
+++ return r;
+++ }
+++ return 0;
+++}
+++
+++static int client_progress_handler(sd_event_source *s, int fd, uint32_t revents, void *userdata) {
+++ Client *client = userdata;
+++ char line[LINE_MAX];
+++ Manager *m;
+++
+++ assert(client);
+++ m = client->manager;
+++
+++ /* check first if we need to cancel this client */
+++ if (m->cancel_requested)
+++ client_request_cancel(client);
+++
+++ while (fgets(line, sizeof(line), client->fsck_f) != NULL) {
+++ int pass;
+++ size_t cur, max;
+++ _cleanup_free_ char *device = NULL, *old_device_id = NULL;
+++
+++ if (sscanf(line, "%i %zu %zu %ms", &pass, &cur, &max, &device) == 4) {
+++ if (!client->device_name) {
+++ client->device_name = strdup(device);
+++ if (!client->device_name) {
+++ log_oom();
+++ continue;
+++ }
+++ old_device_id = client->device_id;
+++ client->device_id = strdup(device);
+++ if (!client->device_id) {
+++ log_oom();
+++ client->device_id = old_device_id;
+++ old_device_id = NULL;
+++ continue;
+++ }
+++ }
+++ client->pass = pass;
+++ client->cur = cur;
+++ client->max = max;
+++ client->bad_input = false;
+++ client->percent = compute_percent(client->pass, client->cur, client->max);
+++ log_debug("Getting progress for %s (%zu, %zu, %d) : %3.1f%%", client->device_id,
+++ client->cur, client->max, client->pass, client->percent);
+++ } else {
+++ if (errno == ENOMEM) {
+++ log_oom();
+++ continue;
+++ }
+++
+++ /* if previous input was already garbage, kick it off from progress report */
+++ if (client->bad_input) {
+++ log_warning("Closing connection on incorrect input of fsck connection for %s", client->device_id);
+++ client_free(client);
+++ manager_update_global_progress(m);
+++ return 0;
+++ }
+++ client->bad_input = true;
+++ }
+++
+++ }
+++
+++ if (feof(client->fsck_f)) {
+++ log_debug("Fsck client %s disconnected", client->device_id);
+++ client_free(client);
+++ }
+++
+++ manager_update_global_progress(m);
+++ return 0;
+++}
+++
+++static int manager_new_connection_handler(sd_event_source *s, int fd, uint32_t revents, void *userdata) {
+++ _cleanup_(client_freep) Client *c = NULL;
+++ _cleanup_close_ int new_fsck_fd = -1;
+++ _cleanup_fclose_ FILE *new_fsck_f = NULL;
+++ struct ucred ucred = {};
+++ Manager *m = userdata;
+++ int r;
+++
+++ assert(m);
+++
+++ /* Initialize and list new clients */
+++ new_fsck_fd = accept4(m->connection_fd, NULL, NULL, SOCK_CLOEXEC|SOCK_NONBLOCK);
+++ if (new_fsck_fd < 0) {
+++ log_error_errno(errno, "Couldn't accept a new connection: %m");
+++ return 0;
+++ }
+++
+++ if (m->n_clients >= CLIENTS_MAX) {
+++ log_error("Too many clients, refusing connection.");
+++ return 0;
+++ }
+++
+++
+++ new_fsck_f = fdopen(new_fsck_fd, "r");
+++ if (!new_fsck_f) {
+++ log_error_errno(errno, "Couldn't fdopen new connection for fd %d: %m", new_fsck_fd);
+++ return 0;
+++ }
+++ new_fsck_fd = -1;
+++
+++ r = getpeercred(fileno(new_fsck_f), &ucred);
+++ if (r < 0) {
+++ log_error_errno(r, "Couldn't get credentials for fsck: %m");
+++ return 0;
+++ }
+++
+++ c = new0(Client, 1);
+++ if (!c) {
+++ log_oom();
+++ return 0;
+++ }
+++
+++ c->fsck_pid = ucred.pid;
+++ c->fsck_f = new_fsck_f;
+++ new_fsck_f = NULL;
+++
+++ if (asprintf(&(c->device_id), "fd %d", fileno(c->fsck_f)) < 0) {
+++ log_oom();
+++ return 0;
+++ }
+++
+++ r = sd_event_add_io(m->event, &c->event_source, fileno(c->fsck_f), EPOLLIN, client_progress_handler, c);
+++ if (r < 0) {
+++ log_oom();
+++ return 0;
+++ }
+++
+++ LIST_PREPEND(clients, m->clients, c);
+++ m->n_clients++;
+++ c->manager = m;
+++
+++ log_debug("New fsck client connected: %s", c->device_id);
+++
+++ /* only request the client to cancel now in case the request is dropped by the client (chance to recancel) */
+++ if (m->cancel_requested)
+++ client_request_cancel(c);
+++
+++ c = NULL;
+++ return 0;
+++}
+++
+++static void manager_free(Manager *m) {
+++ if (!m)
+++ return;
+++
+++ /* clear last line */
+++ manager_write_console(m, NULL);
+++
+++ sd_event_source_unref(m->connection_event_source);
+++ safe_close(m->connection_fd);
+++
+++ while (m->clients)
+++ client_free(m->clients);
+++
+++ manager_disconnect_plymouth(m);
+++
+++ sd_event_unref(m->event);
+++
+++ free(m);
+++}
+++
+++static int manager_new(Manager **ret, int fd) {
+++ _cleanup_(manager_freep) Manager *m = NULL;
+++ int r;
+++
+++ assert(ret);
+++
+++ m = new0(Manager, 1);
+++ if (!m)
+++ return -ENOMEM;
+++
+++ m->plymouth_fd = -1;
+++ m->connection_fd = fd;
+++ m->percent = 100;
+++
+++ r = sd_event_default(&m->event);
+++ if (r < 0)
+++ return r;
+++
+++ if (access("/run/systemd/show-status", F_OK) >= 0)
+++ m->show_status_console = true;
+++
+++ r = sd_event_add_io(m->event, &m->connection_event_source, fd, EPOLLIN, manager_new_connection_handler, m);
+++ if (r < 0)
+++ return r;
+++
+++ *ret = m;
+++ m = NULL;
+++
+++ return 0;
+++}
+++
+++static int run_event_loop_with_timeout(Manager *m, usec_t timeout) {
+++ int r, code;
+++ sd_event *e = m->event;
+++
+++ assert(e);
+++
+++ for (;;) {
+++ r = sd_event_get_state(e);
+++ if (r < 0)
+++ return r;
+++ if (r == SD_EVENT_FINISHED)
+++ break;
+++
+++ r = sd_event_run(e, timeout);
+++ if (r < 0)
+++ return r;
+++
+++ /* Exit if we reached the idle timeout and no more clients are
+++ connected. If there is still an fsck process running but
+++ simply slow to send us progress updates, exiting would mean
+++ that this fsck process receives SIGPIPE resulting in an
+++ aborted file system check. */
+++ if (r == 0 && m->n_clients == 0) {
+++ sd_event_exit(e, 0);
+++ break;
+++ }
+++ }
+++
+++ r = sd_event_get_exit_code(e, &code);
+++ if (r < 0)
+++ return r;
+++
+++ return code;
+++}
+++
+++static void help(void) {
+++ printf("%s [OPTIONS...]\n\n"
+++ "Capture fsck progress and forward one stream to plymouth\n\n"
+++ " -h --help Show this help\n"
+++ " --version Show package version\n",
+++ program_invocation_short_name);
+++}
+++
+++static int parse_argv(int argc, char *argv[]) {
+++
+++ enum {
+++ ARG_VERSION = 0x100,
+++ ARG_ROOT,
+++ };
+++
+++ static const struct option options[] = {
+++ { "help", no_argument, NULL, 'h' },
+++ { "version", no_argument, NULL, ARG_VERSION },
+++ {}
+++ };
+++
+++ int c;
+++
+++ assert(argc >= 0);
+++ assert(argv);
+++
+++ while ((c = getopt_long(argc, argv, "hv", options, NULL)) >= 0)
+++ switch (c) {
+++
+++ case 'h':
+++ help();
+++ return 0;
+++
+++ case ARG_VERSION:
+++ version();
+++ return 0;
+++
+++ case '?':
+++ return -EINVAL;
+++
+++ default:
+++ assert_not_reached("Unhandled option");
+++ }
+++
+++ if (optind < argc) {
+++ log_error("Extraneous arguments");
+++ return -EINVAL;
+++ }
+++
+++ return 1;
+++}
+++
+++int main(int argc, char *argv[]) {
+++ _cleanup_(manager_freep) Manager *m = NULL;
+++ int fd = -1;
+++ int r, n;
+++
+++ log_set_target(LOG_TARGET_AUTO);
+++ log_parse_environment();
+++ log_open();
+++ init_gettext();
+++
+++ r = parse_argv(argc, argv);
+++ if (r <= 0)
+++ goto finish;
+++
+++ n = sd_listen_fds(0);
+++ if (n > 1) {
+++ log_error("Too many file descriptors received.");
+++ r = -EINVAL;
+++ goto finish;
+++ } else if (n == 1)
+++ fd = SD_LISTEN_FDS_START + 0;
+++ else {
+++ fd = make_socket_fd(LOG_DEBUG, FSCKD_SOCKET_PATH, SOCK_STREAM, SOCK_CLOEXEC);
+++ if (fd < 0) {
+++ r = log_error_errno(fd, "Couldn't create listening socket fd on %s: %m", FSCKD_SOCKET_PATH);
+++ goto finish;
+++ }
+++ }
+++
+++ r = manager_new(&m, fd);
+++ if (r < 0) {
+++ log_error_errno(r, "Failed to allocate manager: %m");
+++ goto finish;
+++ }
+++
+++ r = run_event_loop_with_timeout(m, IDLE_TIME_SECONDS * USEC_PER_SEC);
+++ if (r < 0) {
+++ log_error_errno(r, "Failed to run event loop: %m");
+++ goto finish;
+++ }
+++
+++ sd_event_get_exit_code(m->event, &r);
+++
+++finish:
+++ return r < 0 ? EXIT_FAILURE : EXIT_SUCCESS;
+++}
++diff --git a/units/meson.build b/units/meson.build
++index e1ee9f8..d0947a0 100644
++--- a/units/meson.build
+++++ b/units/meson.build
++@@ -84,6 +84,7 @@ units = [
++ ['systemd-coredump.socket', 'ENABLE_COREDUMP',
++ 'sockets.target.wants/'],
++ ['systemd-exit.service', ''],
+++ ['systemd-fsckd.socket', ''],
++ ['systemd-initctl.socket', '',
++ 'sockets.target.wants/'],
++ ['systemd-journal-gatewayd.socket', 'ENABLE_REMOTE HAVE_MICROHTTPD'],
++@@ -142,6 +143,7 @@ in_units = [
++ 'sysinit.target.wants/'],
++ ['systemd-fsck-root.service', ''],
++ ['systemd-fsck@.service', ''],
+++ ['systemd-fsckd.service', ''],
++ ['systemd-halt.service', ''],
++ ['systemd-hibernate-resume@.service', 'ENABLE_HIBERNATE'],
++ ['systemd-hibernate.service', 'ENABLE_HIBERNATE'],
++diff --git a/units/systemd-fsck-root.service.in b/units/systemd-fsck-root.service.in
++index 042081c..bea6c16 100644
++--- a/units/systemd-fsck-root.service.in
+++++ b/units/systemd-fsck-root.service.in
++@@ -13,6 +13,8 @@ Documentation=man:systemd-fsck-root.service(8)
++ DefaultDependencies=no
++ Conflicts=shutdown.target
++ Before=local-fs.target shutdown.target
+++Wants=systemd-fsckd.socket
+++After=systemd-fsckd.socket
++ ConditionPathIsReadWrite=!/
++
++ [Service]
++diff --git a/units/systemd-fsck@.service.in b/units/systemd-fsck@.service.in
++index 3322083..bfa565b 100644
++--- a/units/systemd-fsck@.service.in
+++++ b/units/systemd-fsck@.service.in
++@@ -13,7 +13,8 @@ Documentation=man:systemd-fsck@.service(8)
++ DefaultDependencies=no
++ BindsTo=%i.device
++ Conflicts=shutdown.target
++-After=%i.device systemd-fsck-root.service local-fs-pre.target
+++Wants=systemd-fsckd.socket
+++After=%i.device systemd-fsck-root.service local-fs-pre.target systemd-fsckd.socket
++ Before=systemd-quotacheck.service shutdown.target
++
++ [Service]
++diff --git a/units/systemd-fsckd.service.in b/units/systemd-fsckd.service.in
++new file mode 100644
++index 0000000..9c7ed51
++--- /dev/null
+++++ b/units/systemd-fsckd.service.in
++@@ -0,0 +1,17 @@
+++# This file is part of systemd.
+++#
+++# systemd is free software; you can redistribute it and/or modify it
+++# under the terms of the GNU Lesser General Public License as published by
+++# the Free Software Foundation; either version 2.1 of the License, or
+++# (at your option) any later version.
+++
+++[Unit]
+++Description=File System Check Daemon to report status
+++Documentation=man:systemd-fsckd.service(8)
+++DefaultDependencies=no
+++Requires=systemd-fsckd.socket
+++Before=shutdown.target
+++
+++[Service]
+++ExecStart=@rootlibexecdir@/systemd-fsckd
+++StandardOutput=journal+console
++diff --git a/units/systemd-fsckd.socket b/units/systemd-fsckd.socket
++new file mode 100644
++index 0000000..61fec97
++--- /dev/null
+++++ b/units/systemd-fsckd.socket
++@@ -0,0 +1,15 @@
+++# This file is part of systemd.
+++#
+++# systemd is free software; you can redistribute it and/or modify it
+++# under the terms of the GNU Lesser General Public License as published by
+++# the Free Software Foundation; either version 2.1 of the License, or
+++# (at your option) any later version.
+++
+++[Unit]
+++Description=fsck to fsckd communication Socket
+++Documentation=man:systemd-fsckd.service(8) man:systemd-fsck@.service(8) man:systemd-fsck-root.service(8)
+++DefaultDependencies=no
+++
+++[Socket]
+++ListenStream=/run/systemd/fsck.progress
+++SocketMode=0600
--- /dev/null
--- /dev/null
++From: Yu Watanabe <watanabe.yu+github@gmail.com>
++Date: Tue, 17 Sep 2019 22:18:49 +0900
++Subject: dhcp6: add missing option length check
++
++Closes #13578.
++
++(cherry picked from commit 6ffe71d0e22326f8ea5775c188ae0e13573cd123)
++(cherry picked from commit f2d9af4322f74832d93e101abfcc1b3adf0e05c6)
++---
++ src/libsystemd-network/sd-dhcp6-client.c | 7 +++++--
++ 1 file changed, 5 insertions(+), 2 deletions(-)
++
++diff --git a/src/libsystemd-network/sd-dhcp6-client.c b/src/libsystemd-network/sd-dhcp6-client.c
++index 7dab776..5a3b0a6 100644
++--- a/src/libsystemd-network/sd-dhcp6-client.c
+++++ b/src/libsystemd-network/sd-dhcp6-client.c
++@@ -29,8 +29,8 @@
++
++ #define MAX_MAC_ADDR_LEN INFINIBAND_ALEN
++
++-#define IRT_DEFAULT 1 * USEC_PER_DAY
++-#define IRT_MINIMUM 600 * USEC_PER_SEC
+++#define IRT_DEFAULT (1 * USEC_PER_DAY)
+++#define IRT_MINIMUM (600 * USEC_PER_SEC)
++
++ /* what to request from the server, addresses (IA_NA) and/or prefixes (IA_PD) */
++ enum {
++@@ -1002,6 +1002,9 @@ static int client_parse_message(
++ break;
++
++ case SD_DHCP6_OPTION_INFORMATION_REFRESH_TIME:
+++ if (optlen != 4)
+++ return -EINVAL;
+++
++ irt = be32toh(*(be32_t *) optval) * USEC_PER_SEC;
++ break;
++ }
--- /dev/null
--- /dev/null
++From: Yu Watanabe <watanabe.yu+github@gmail.com>
++Date: Sat, 7 Sep 2019 03:29:46 +0900
++Subject: dhcp6: read OPTION_INFORMATION_REFRESH_TIME option
++
++Fixes #13460.
++
++(cherry picked from commit fcb51238e0523d64a698b8738a15bbc1aea9febe)
++(cherry picked from commit f2275b6e123f4f11878c8e989d28de3157ffdc9a)
++---
++ src/libsystemd-network/sd-dhcp6-client.c | 21 ++++++++++++++++++++-
++ src/systemd/sd-dhcp6-client.h | 1 +
++ 2 files changed, 21 insertions(+), 1 deletion(-)
++
++diff --git a/src/libsystemd-network/sd-dhcp6-client.c b/src/libsystemd-network/sd-dhcp6-client.c
++index d7a5349..7dab776 100644
++--- a/src/libsystemd-network/sd-dhcp6-client.c
+++++ b/src/libsystemd-network/sd-dhcp6-client.c
++@@ -29,6 +29,9 @@
++
++ #define MAX_MAC_ADDR_LEN INFINIBAND_ALEN
++
+++#define IRT_DEFAULT 1 * USEC_PER_DAY
+++#define IRT_MINIMUM 600 * USEC_PER_SEC
+++
++ /* what to request from the server, addresses (IA_NA) and/or prefixes (IA_PD) */
++ enum {
++ DHCP6_REQUEST_IA_NA = 1,
++@@ -71,6 +74,8 @@ struct sd_dhcp6_client {
++ void *userdata;
++ struct duid duid;
++ size_t duid_len;
+++ usec_t information_request_time_usec;
+++ usec_t information_refresh_time_usec;
++ };
++
++ static const uint16_t default_req_opts[] = {
++@@ -820,6 +825,7 @@ static int client_parse_message(
++ uint32_t lt_t1 = ~0, lt_t2 = ~0;
++ bool clientid = false;
++ size_t pos = 0;
+++ usec_t irt = IRT_DEFAULT;
++ int r;
++
++ assert(client);
++@@ -994,6 +1000,10 @@ static int client_parse_message(
++ return r;
++
++ break;
+++
+++ case SD_DHCP6_OPTION_INFORMATION_REFRESH_TIME:
+++ irt = be32toh(*(be32_t *) optval) * USEC_PER_SEC;
+++ break;
++ }
++
++ pos += offsetof(DHCP6Option, data) + optlen;
++@@ -1025,6 +1035,8 @@ static int client_parse_message(
++ }
++ }
++
+++ client->information_refresh_time_usec = MAX(irt, IRT_MINIMUM);
+++
++ return 0;
++ }
++
++@@ -1425,8 +1437,15 @@ int sd_dhcp6_client_start(sd_dhcp6_client *client) {
++ client->fd = r;
++ }
++
++- if (client->information_request)
+++ if (client->information_request) {
+++ usec_t t = now(CLOCK_MONOTONIC);
+++
+++ if (t < usec_add(client->information_request_time_usec, client->information_refresh_time_usec))
+++ return 0;
+++
+++ client->information_request_time_usec = t;
++ state = DHCP6_STATE_INFORMATION_REQUEST;
+++ }
++
++ log_dhcp6_client(client, "Started in %s mode",
++ client->information_request? "Information request":
++diff --git a/src/systemd/sd-dhcp6-client.h b/src/systemd/sd-dhcp6-client.h
++index 43d38f5..3aac3f1 100644
++--- a/src/systemd/sd-dhcp6-client.h
+++++ b/src/systemd/sd-dhcp6-client.h
++@@ -66,6 +66,7 @@ enum {
++ SD_DHCP6_OPTION_IA_PD_PREFIX = 26, /* RFC 3633, prefix delegation */
++
++ SD_DHCP6_OPTION_SNTP_SERVERS = 31, /* RFC 4075, deprecated */
+++ SD_DHCP6_OPTION_INFORMATION_REFRESH_TIME = 32, /* RFC 8415, sec. 21.23 */
++
++ /* option code 35 is unassigned */
++
--- /dev/null
--- /dev/null
++From: Yu Watanabe <watanabe.yu+github@gmail.com>
++Date: Wed, 18 Sep 2019 22:14:45 +0900
++Subject: dhcp6: use unaligned_read_be32()
++
++Closes #13591.
++
++(cherry picked from commit 0eb5e6d3f08c6b3a41cfa7ac02bcc6302259ed4a)
++(cherry picked from commit fab6f010ac6c3bc93a10868de722d7c8c3622eb9)
++---
++ src/libsystemd-network/sd-dhcp6-client.c | 2 +-
++ 1 file changed, 1 insertion(+), 1 deletion(-)
++
++diff --git a/src/libsystemd-network/sd-dhcp6-client.c b/src/libsystemd-network/sd-dhcp6-client.c
++index 5a3b0a6..9773a06 100644
++--- a/src/libsystemd-network/sd-dhcp6-client.c
+++++ b/src/libsystemd-network/sd-dhcp6-client.c
++@@ -1005,7 +1005,7 @@ static int client_parse_message(
++ if (optlen != 4)
++ return -EINVAL;
++
++- irt = be32toh(*(be32_t *) optval) * USEC_PER_SEC;
+++ irt = unaligned_read_be32((be32_t *) optval) * USEC_PER_SEC;
++ break;
++ }
++
--- /dev/null
--- /dev/null
++From: =?utf-8?q?Zbigniew_J=C4=99drzejewski-Szmek?= <zbyszek@in.waw.pl>
++Date: Sun, 6 Oct 2019 19:05:57 +0200
++Subject: docs: fix inadvertent change in uid range
++
++https://github.com/systemd/systemd/commit/a305eda35f18fbacc771cc1582b688d60890a9d2#r35378755
++(cherry picked from commit 581004bd336567d936e94e616d35679da8ce32a0)
++(cherry picked from commit 3f6398c450b8451e4e002f478be29db3b6aa4621)
++---
++ docs/UIDS-GIDS.md | 2 +-
++ 1 file changed, 1 insertion(+), 1 deletion(-)
++
++diff --git a/docs/UIDS-GIDS.md b/docs/UIDS-GIDS.md
++index 480ee23..1f3966f 100644
++--- a/docs/UIDS-GIDS.md
+++++ b/docs/UIDS-GIDS.md
++@@ -237,7 +237,7 @@ the artifacts the container manager persistently leaves in the system.
++ | 65535 | 16bit `(uid_t) -1` | Linux | |
++ | 65536…524287 | Unused | | |
++ | 524288…1879048191 | Container UID ranges | `systemd` | `nss-mymachines` |
++-| 1879048191…2147483647 | Unused | | |
+++| 1879048192…2147483647 | Unused | | |
++ | 2147483648…4294967294 | HIC SVNT LEONES | | |
++ | 4294967295 | 32bit `(uid_t) -1` | Linux | |
++
--- /dev/null
--- /dev/null
++From: =?utf-8?q?Zbigniew_J=C4=99drzejewski-Szmek?= <zbyszek@in.waw.pl>
++Date: Tue, 3 Sep 2019 11:34:09 +0200
++Subject: docs: fix push recipe in RELEASE.md
++
++(cherry picked from commit 31e1bbd1cab7f27c60493938a0fd5d9f51ce7cd8)
++---
++ docs/RELEASE.md | 2 +-
++ 1 file changed, 1 insertion(+), 1 deletion(-)
++
++diff --git a/docs/RELEASE.md b/docs/RELEASE.md
++index d842afc..56debd6 100644
++--- a/docs/RELEASE.md
+++++ b/docs/RELEASE.md
++@@ -16,4 +16,4 @@ title: Steps to a Successful Release
++ 10. "Draft" a new release on github (https://github.com/systemd/systemd/releases/new), mark "This is a pre-release" if appropriate.
++ 11. Check that announcement to systemd-devel, with a copy&paste from NEWS, was sent. This should happen automatically.
++ 12. Update IRC topic (`/msg chanserv TOPIC #systemd Version NNN released`)
++-13. [After final release] Also push commits to stable, create an empty -stable branch: `git push systemd-stable origin/master:master origin/master:v${version}-stable`, and change the default branch to latest release (https://github.com/systemd/systemd-stable/settings/branches).
+++13. [After final release] Also push commits to stable, create an empty -stable branch: `git push systemd-stable origin/master:master origin/master:refs/heads/${version}-stable`, and change the default branch to latest release (https://github.com/systemd/systemd-stable/settings/branches).
--- /dev/null
--- /dev/null
++From: nikolas <nikolas@gnu.org>
++Date: Wed, 4 Sep 2019 12:21:14 -0400
++Subject: docs: fix typo in boot loader doc
++
++(cherry picked from commit 22aba2b96970972e1eaccb91c3e041fdfa6cae87)
++---
++ docs/BOOT_LOADER_INTERFACE.md | 2 +-
++ 1 file changed, 1 insertion(+), 1 deletion(-)
++
++diff --git a/docs/BOOT_LOADER_INTERFACE.md b/docs/BOOT_LOADER_INTERFACE.md
++index cbd6687..c0ed099 100644
++--- a/docs/BOOT_LOADER_INTERFACE.md
+++++ b/docs/BOOT_LOADER_INTERFACE.md
++@@ -71,7 +71,7 @@ variables. All EFI variables use the vendor UUID
++ * `1 << 3` → The boot loader honours `LoaderEntryOneShot` when set.
++ * `1 << 4` → The boot loader supports boot counting as described in [Automatic Boot Assessment](https://systemd.io/AUTOMATIC_BOOT_ASSESSMENT).
++ * `1 << 5` → The boot loader supports looking for boot menu entries in the Extended Boot Loader Partition.
++- * `1 << 6` → The boot loader spports passing a random seed to the OS.
+++ * `1 << 6` → The boot loader supports passing a random seed to the OS.
++
++ * The EFI variable `LoaderRandomSeed` contains a binary random seed if set. It
++ is set by the boot loader to pass an entropy seed read from the ESP partition
--- /dev/null
--- /dev/null
++From: Yu Watanabe <watanabe.yu+github@gmail.com>
++Date: Wed, 11 Sep 2019 18:11:19 +0900
++Subject: fileio: update warning message
++
++(cherry picked from commit 0f93577647cef5f683d83e89cc63f6124885e708)
++(cherry picked from commit 3e1267cf50716ce4f737e6c07294b571a634a512)
++---
++ src/basic/fileio.c | 4 ++--
++ 1 file changed, 2 insertions(+), 2 deletions(-)
++
++diff --git a/src/basic/fileio.c b/src/basic/fileio.c
++index 623e43e..a9c0fd2 100644
++--- a/src/basic/fileio.c
+++++ b/src/basic/fileio.c
++@@ -930,10 +930,10 @@ int warn_file_is_world_accessible(const char *filename, struct stat *st, const c
++
++ if (unit)
++ log_syntax(unit, LOG_WARNING, filename, line, 0,
++- "%s has %04o mode that is too permissive, please adjust the access mode.",
+++ "%s has %04o mode that is too permissive, please adjust the ownership and access mode.",
++ filename, st->st_mode & 07777);
++ else
++- log_warning("%s has %04o mode that is too permissive, please adjust the access mode.",
+++ log_warning("%s has %04o mode that is too permissive, please adjust the ownership and access mode.",
++ filename, st->st_mode & 07777);
++ return 0;
++ }
--- /dev/null
--- /dev/null
++From: Norbert Lange <norbert.lange@andritz.com>
++Date: Thu, 19 Sep 2019 17:49:20 +0200
++Subject: fix build with compilers with default stack-protector enabled
++
++building systemd fails with a compiler that supports
++-fstack-protector but does not enable it by default.
++(will miss several __stack_chk_* symbols).
++
++fix this by also adding the switch during linking.
++
++Signed-off-by: Norbert Lange <nolange79@gmail.com>
++(cherry picked from commit 68e70ac2b27dcb5007fc4009553472f0b9700e66)
++(cherry picked from commit 6d97aca0d50343d46cad79af3cabb46dcd56b82f)
++---
++ meson.build | 1 +
++ 1 file changed, 1 insertion(+)
++
++diff --git a/meson.build b/meson.build
++index e5ceb1e..4fc7dfa 100644
++--- a/meson.build
+++++ b/meson.build
++@@ -382,6 +382,7 @@ possible_cc_flags = [
++ possible_link_flags = [
++ '-Wl,-z,relro',
++ '-Wl,-z,now',
+++ '-fstack-protector',
++ ]
++
++ if cc.get_id() == 'clang'
--- /dev/null
--- /dev/null
++From: Bastien Nocera <hadess@hadess.net>
++Date: Thu, 12 Sep 2019 19:02:35 +0200
++Subject: hwdb: Also mark lis3lv02d sensors in "HP" laptops as being in the
++ base
++
++We matched "*Hewlett-Packard*" laptops but not "*HP*" laptops, which
++caused a regression for the HP Elite Book 850 G3.
++
++Fixes: 4247938ee13e23eae1afcecbe646de5283b7afc2
++
++Closes: #13543
++(cherry picked from commit d7cf4984b0e3255ef9d6872c96a210271b0c949a)
++(cherry picked from commit be3be29347817b5f8dfd4f6741a49b07acf630ea)
++---
++ hwdb/60-sensor.hwdb | 1 +
++ 1 file changed, 1 insertion(+)
++
++diff --git a/hwdb/60-sensor.hwdb b/hwdb/60-sensor.hwdb
++index 1fe3c57..82f37e4 100644
++--- a/hwdb/60-sensor.hwdb
+++++ b/hwdb/60-sensor.hwdb
++@@ -285,6 +285,7 @@ sensor:modalias:acpi:KIOX000A*:dmi:bvnAmericanMegatrendsInc.:bvr5.11:bd05/25/201
++ # Most HP Laptop using the lis3lv02d device have it in the base,
++ # mark these sensors as such.
++ sensor:modalias:platform:lis3lv02d:dmi:*svn*Hewlett-Packard*:*
+++sensor:modalias:platform:lis3lv02d:dmi:*svn*HP*:*
++ ACCEL_LOCATION=base
++
++ sensor:modalias:acpi:SMO8500*:dmi:*:svnHewlett-Packard:pnHPStream7Tablet:*
--- /dev/null
--- /dev/null
++From: Jonas Thelemann <e-mail@jonas-thelemann.de>
++Date: Wed, 2 Oct 2019 02:42:58 +0200
++Subject: hwdb: Correct WWWW Pattern In Documentation Comment
++
++(cherry picked from commit 56783ddf228c406522af5e53910d095fa2572540)
++(cherry picked from commit 6480630bc397f13713f956ae02ab7877d3aa6ad9)
++---
++ hwdb/60-keyboard.hwdb | 2 +-
++ 1 file changed, 1 insertion(+), 1 deletion(-)
++
++diff --git a/hwdb/60-keyboard.hwdb b/hwdb/60-keyboard.hwdb
++index ee40e12..8c79785 100644
++--- a/hwdb/60-keyboard.hwdb
+++++ b/hwdb/60-keyboard.hwdb
++@@ -23,7 +23,7 @@
++ # evdev:input:bZZZZvYYYYpXXXXeWWWW-VVVV
++ # This matches on the kernel modalias of the input-device, mainly:
++ # ZZZZ is the bus-id (see /usr/include/linux/input.h BUS_*), YYYY, XXXX and
++-# WWW are the 4-digit hex uppercase vendor, product and version ID and VVVV
+++# WWWW are the 4-digit hex uppercase vendor, product and version ID and VVVV
++ # is an arbitrary length input-modalias describing the device capabilities.
++ # The vendor, product and version ID for a device node "eventX" is listed
++ # in /sys/class/input/eventX/device/id.
--- /dev/null
--- /dev/null
++From: Hans de Goede <hdegoede@redhat.com>
++Date: Thu, 5 Sep 2019 14:16:12 +0200
++Subject: hwdb: Mark lis3lv02d sensors in HP laptops as being in the base
++
++The lis3lv02d sensor used in many HP laptops is (almost) always intented
++primarily for freefall detection / HDD protection and (almost) always
++is located in the base of a classic clamshell laptop
++
++Before we had the ACCEL_LOCATION udev property the issues this caused
++with screen-rotation were fixed by applying a mount-matrix which
++translates base-coordinates to display-coordinates assuming the display
++is at an angle of exact 90 degrees to the base (swap Y and Z axis).
++
++The comment calls this translate "from "can play neverball" to
++"matches Windows 8 orientation"" but what it really does is translate
++base accel-axis to display accel-axis. Thus allows rotating the screen
++if you put the laptop on its side, but no-one normally does that with
++a 2Kg clamshell laptop.
++
++The obviously correct thing to do on classic clamshell laptops (not 2-in-1s)
++is to disable automatic screen rotation. This commit marks the accelerometer
++in these laptops as being part of the base, which will make iio-sensor-proxy
++disable automatic screen rotation.
++
++This commit also removes the orientation-matrix since the unmodified coordinates
++coming from the sensor are oriented correctly for a sensor in the base.
++
++Also see the "Bad accelerometer values cause incorrect screen rotation"
++systemd-devel mail-thread from September 2019.
++
++(cherry picked from commit 4247938ee13e23eae1afcecbe646de5283b7afc2)
++---
++ hwdb/60-sensor.hwdb | 17 ++---------------
++ 1 file changed, 2 insertions(+), 15 deletions(-)
++
++diff --git a/hwdb/60-sensor.hwdb b/hwdb/60-sensor.hwdb
++index 72989a7..1fe3c57 100644
++--- a/hwdb/60-sensor.hwdb
+++++ b/hwdb/60-sensor.hwdb
++@@ -282,22 +282,9 @@ sensor:modalias:acpi:KIOX000A*:dmi:bvnAmericanMegatrendsInc.:bvr5.11:bd05/25/201
++ # HP
++ #########################################
++
++-# Laptops using the lis3lv02d device should have a first quirk applied
++-# to them in the drivers/platform/x86/hp_accel.c in the kernel. The
++-# quirk from "can play neverball" to "matches Windows 8 orientation"
++-# is then applied below.
+++# Most HP Laptop using the lis3lv02d device have it in the base,
+++# mark these sensors as such.
++ sensor:modalias:platform:lis3lv02d:dmi:*svn*Hewlett-Packard*:*
++- ACCEL_MOUNT_MATRIX=1, 0, 0; 0, 0, -1; 0, 1, 0
++-
++-# HP laptops which have the lis3lv02d device in the base, tell iio-sensor-proxy
++-# about this so that the sensor is not used for display orientation
++-sensor:modalias:platform:lis3lv02d:dmi:*svn*Hewlett-Packard*:*pnHPProBook4535s*
++- ACCEL_LOCATION=base
++-
++-sensor:modalias:platform:lis3lv02d:dmi:*:svnHewlett-Packard:pnHPENVY17NotebookPC:*
++- ACCEL_LOCATION=base
++-
++-sensor:modalias:platform:lis3lv02d:dmi:*svnHP:pnHPEliteBook850G3*
++ ACCEL_LOCATION=base
++
++ sensor:modalias:acpi:SMO8500*:dmi:*:svnHewlett-Packard:pnHPStream7Tablet:*
--- /dev/null
--- /dev/null
++From: matthiasroos <40145019+matthiasroos@users.noreply.github.com>
++Date: Mon, 16 Sep 2019 21:10:15 +0200
++Subject: hwdb: add Medion Akoya E2292 (#13498)
++
++Fixes #13480.
++
++(cherry picked from commit 358e50fa7fab98509f2ef96cd8d6d7d1af6ed59a)
++(cherry picked from commit 2cd636c437965b4a2d86aa3b6c74d4117a719f7f)
++---
++ hwdb/60-sensor.hwdb | 4 ++++
++ 1 file changed, 4 insertions(+)
++
++diff --git a/hwdb/60-sensor.hwdb b/hwdb/60-sensor.hwdb
++index 82f37e4..97e8dc8 100644
++--- a/hwdb/60-sensor.hwdb
+++++ b/hwdb/60-sensor.hwdb
++@@ -417,6 +417,10 @@ sensor:modalias:acpi:KIOX010A*:dmi:*:svnMEDION:pnE3221MD61237:*
++ sensor:modalias:acpi:KIOX010A*:dmi:*:svnMEDION*:pnE3222*:*
++ ACCEL_MOUNT_MATRIX=0, -1, 0; -1, 0, 0; 0, 0, 1
++
+++# Medion Akoya E2292 MD63390
+++sensor:modalias:acpi:KIOX010A*:dmi:*:svnMEDION:pnE2292MD63390:*
+++ ACCEL_MOUNT_MATRIX=0, -1, 0; -1, 0, 0; 0, 0, 1
+++
++ # Medion Akoya E2293 MD61130
++ sensor:modalias:acpi:KIOX010A*:dmi:*:svnMEDION:pnE2293MD61130:*
++ ACCEL_MOUNT_MATRIX=0, -1, 0; -1, 0, 0; 0, 0, 1
--- /dev/null
--- /dev/null
++From: baybal <nikulinpi@gmail.com>
++Date: Wed, 11 Sep 2019 08:08:59 +0600
++Subject: hwdb: axis override for Dell 9360 touchpad
++
++and possibly other XPS models sharing the touchpad (#13472)
++
++(cherry picked from commit 26fe3af8ae7d52847eb3f2267eaa3df3af90d811)
++(cherry picked from commit 5412cc54a12129d53a56d4f95fdd2456302ccc9d)
++---
++ hwdb/60-evdev.hwdb | 7 +++++++
++ 1 file changed, 7 insertions(+)
++
++diff --git a/hwdb/60-evdev.hwdb b/hwdb/60-evdev.hwdb
++index 569b4cb..5142ef1 100644
++--- a/hwdb/60-evdev.hwdb
+++++ b/hwdb/60-evdev.hwdb
++@@ -267,6 +267,13 @@ evdev:name:AlpsPS/2 ALPS DualPoint TouchPad:dmi:*svnDellInc.:pnPrecisionM4700*
++ EVDEV_ABS_35=0:1960:24
++ EVDEV_ABS_36=113:1436:30
++
+++# Dell XPS13 9360
+++evdev:name:SynPS/2 Synaptics TouchPad:dmi:*svnDellInc.:pnXPS139360:cvr:*
+++ EVDEV_ABS_00=::42
+++ EVDEV_ABS_01=::60
+++ EVDEV_ABS_35=::42
+++ EVDEV_ABS_36=::60
+++
++ # Dell XPS15 9550
++ evdev:name:SynPS/2 Synaptics TouchPad:dmi:bvn*:bvr*:bd*:svnDellInc.:pnXPS159550*
++ EVDEV_ABS_00=::41
--- /dev/null
--- /dev/null
++From: Daniel Edgecumbe <git@esotericnonsense.com>
++Date: Thu, 5 Sep 2019 15:34:52 +0100
++Subject: journal: Make the output of --update-catalog deterministic
++
++The use of an unordered hashmap means that the output of
++'journalctl --update-catalog' differs between runs despite there being no
++changes in the input files.
++
++By changing all instances of Hashmap to OrderedHashmap we fix this, and now
++the catalog is reproducible.
++
++Motivation: https://reproducible-builds.org
++
++Signed-off-by: Daniel Edgecumbe <git@esotericnonsense.com>
++(cherry picked from commit a95686bb5d615a73a14d451a25225a566f9af570)
++(cherry picked from commit f500d2fa81292046e5360b49b38a46f34ca1f397)
++---
++ src/fuzz/fuzz-catalog.c | 4 ++--
++ src/journal/catalog.c | 24 ++++++++++++------------
++ src/journal/catalog.h | 2 +-
++ src/journal/test-catalog.c | 30 +++++++++++++++---------------
++ 4 files changed, 30 insertions(+), 30 deletions(-)
++
++diff --git a/src/fuzz/fuzz-catalog.c b/src/fuzz/fuzz-catalog.c
++index 7ee9750..ecf25b1 100644
++--- a/src/fuzz/fuzz-catalog.c
+++++ b/src/fuzz/fuzz-catalog.c
++@@ -9,12 +9,12 @@
++ int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) {
++ _cleanup_(unlink_tempfilep) char name[] = "/tmp/fuzz-catalog.XXXXXX";
++ _cleanup_close_ int fd = -1;
++- _cleanup_hashmap_free_free_free_ Hashmap *h = NULL;
+++ _cleanup_ordered_hashmap_free_free_free_ OrderedHashmap *h = NULL;
++
++ if (!getenv("SYSTEMD_LOG_LEVEL"))
++ log_set_max_level(LOG_CRIT);
++
++- assert_se(h = hashmap_new(&catalog_hash_ops));
+++ assert_se(h = ordered_hashmap_new(&catalog_hash_ops));
++
++ fd = mkostemp_safe(name);
++ assert_se(fd >= 0);
++diff --git a/src/journal/catalog.c b/src/journal/catalog.c
++index 7beffc1..060193d 100644
++--- a/src/journal/catalog.c
+++++ b/src/journal/catalog.c
++@@ -143,7 +143,7 @@ static char *combine_entries(const char *one, const char *two) {
++ }
++
++ static int finish_item(
++- Hashmap *h,
+++ OrderedHashmap *h,
++ sd_id128_t id,
++ const char *language,
++ char *payload, size_t payload_size) {
++@@ -165,14 +165,14 @@ static int finish_item(
++ strcpy(i->language, language);
++ }
++
++- prev = hashmap_get(h, i);
+++ prev = ordered_hashmap_get(h, i);
++ if (prev) {
++ /* Already have such an item, combine them */
++ combined = combine_entries(payload, prev);
++ if (!combined)
++ return log_oom();
++
++- if (hashmap_update(h, i, combined) < 0)
+++ if (ordered_hashmap_update(h, i, combined) < 0)
++ return log_oom();
++ combined = NULL;
++ } else {
++@@ -181,7 +181,7 @@ static int finish_item(
++ if (!combined)
++ return log_oom();
++
++- if (hashmap_put(h, i, combined) < 0)
+++ if (ordered_hashmap_put(h, i, combined) < 0)
++ return log_oom();
++ i = NULL;
++ combined = NULL;
++@@ -247,7 +247,7 @@ static int catalog_entry_lang(
++ return 0;
++ }
++
++-int catalog_import_file(Hashmap *h, const char *path) {
+++int catalog_import_file(OrderedHashmap *h, const char *path) {
++ _cleanup_fclose_ FILE *f = NULL;
++ _cleanup_free_ char *payload = NULL;
++ size_t payload_size = 0, payload_allocated = 0;
++@@ -446,7 +446,7 @@ int catalog_update(const char* database, const char* root, const char* const* di
++ _cleanup_strv_free_ char **files = NULL;
++ char **f;
++ _cleanup_(strbuf_cleanupp) struct strbuf *sb = NULL;
++- _cleanup_hashmap_free_free_free_ Hashmap *h = NULL;
+++ _cleanup_ordered_hashmap_free_free_free_ OrderedHashmap *h = NULL;
++ _cleanup_free_ CatalogItem *items = NULL;
++ ssize_t offset;
++ char *payload;
++@@ -456,7 +456,7 @@ int catalog_update(const char* database, const char* root, const char* const* di
++ int r;
++ int64_t sz;
++
++- h = hashmap_new(&catalog_hash_ops);
+++ h = ordered_hashmap_new(&catalog_hash_ops);
++ sb = strbuf_new();
++ if (!h || !sb)
++ return log_oom();
++@@ -472,18 +472,18 @@ int catalog_update(const char* database, const char* root, const char* const* di
++ return log_error_errno(r, "Failed to import file '%s': %m", *f);
++ }
++
++- if (hashmap_size(h) <= 0) {
+++ if (ordered_hashmap_size(h) <= 0) {
++ log_info("No items in catalog.");
++ return 0;
++ } else
++- log_debug("Found %u items in catalog.", hashmap_size(h));
+++ log_debug("Found %u items in catalog.", ordered_hashmap_size(h));
++
++- items = new(CatalogItem, hashmap_size(h));
+++ items = new(CatalogItem, ordered_hashmap_size(h));
++ if (!items)
++ return log_oom();
++
++ n = 0;
++- HASHMAP_FOREACH_KEY(payload, i, h, j) {
+++ ORDERED_HASHMAP_FOREACH_KEY(payload, i, h, j) {
++ log_debug("Found " SD_ID128_FORMAT_STR ", language %s",
++ SD_ID128_FORMAT_VAL(i->id),
++ isempty(i->language) ? "C" : i->language);
++@@ -496,7 +496,7 @@ int catalog_update(const char* database, const char* root, const char* const* di
++ items[n++] = *i;
++ }
++
++- assert(n == hashmap_size(h));
+++ assert(n == ordered_hashmap_size(h));
++ typesafe_qsort(items, n, catalog_compare_func);
++
++ strbuf_complete(sb);
++diff --git a/src/journal/catalog.h b/src/journal/catalog.h
++index 20497d1..092a014 100644
++--- a/src/journal/catalog.h
+++++ b/src/journal/catalog.h
++@@ -9,7 +9,7 @@
++ #include "hashmap.h"
++ #include "strbuf.h"
++
++-int catalog_import_file(Hashmap *h, const char *path);
+++int catalog_import_file(OrderedHashmap *h, const char *path);
++ int catalog_update(const char* database, const char* root, const char* const* dirs);
++ int catalog_get(const char* database, sd_id128_t id, char **data);
++ int catalog_list(FILE *f, const char* database, bool oneline);
++diff --git a/src/journal/test-catalog.c b/src/journal/test-catalog.c
++index 192bb0c..ba14d92 100644
++--- a/src/journal/test-catalog.c
+++++ b/src/journal/test-catalog.c
++@@ -26,15 +26,15 @@ static const char *no_catalog_dirs[] = {
++ NULL
++ };
++
++-static Hashmap* test_import(const char* contents, ssize_t size, int code) {
+++static OrderedHashmap* test_import(const char* contents, ssize_t size, int code) {
++ _cleanup_(unlink_tempfilep) char name[] = "/tmp/test-catalog.XXXXXX";
++ _cleanup_close_ int fd;
++- Hashmap *h;
+++ OrderedHashmap *h;
++
++ if (size < 0)
++ size = strlen(contents);
++
++- assert_se(h = hashmap_new(&catalog_hash_ops));
+++ assert_se(h = ordered_hashmap_new(&catalog_hash_ops));
++
++ fd = mkostemp_safe(name);
++ assert_se(fd >= 0);
++@@ -46,14 +46,14 @@ static Hashmap* test_import(const char* contents, ssize_t size, int code) {
++ }
++
++ static void test_catalog_import_invalid(void) {
++- _cleanup_hashmap_free_free_free_ Hashmap *h = NULL;
+++ _cleanup_ordered_hashmap_free_free_free_ OrderedHashmap *h = NULL;
++
++ h = test_import("xxx", -1, -EINVAL);
++- assert_se(hashmap_isempty(h));
+++ assert_se(ordered_hashmap_isempty(h));
++ }
++
++ static void test_catalog_import_badid(void) {
++- _cleanup_hashmap_free_free_free_ Hashmap *h = NULL;
+++ _cleanup_ordered_hashmap_free_free_free_ OrderedHashmap *h = NULL;
++ const char *input =
++ "-- 0027229ca0644181a76c4e92458afaff dededededededededededededededede\n" \
++ "Subject: message\n" \
++@@ -63,7 +63,7 @@ static void test_catalog_import_badid(void) {
++ }
++
++ static void test_catalog_import_one(void) {
++- _cleanup_hashmap_free_free_free_ Hashmap *h = NULL;
+++ _cleanup_ordered_hashmap_free_free_free_ OrderedHashmap *h = NULL;
++ char *payload;
++ Iterator j;
++
++@@ -78,9 +78,9 @@ static void test_catalog_import_one(void) {
++ "payload\n";
++
++ h = test_import(input, -1, 0);
++- assert_se(hashmap_size(h) == 1);
+++ assert_se(ordered_hashmap_size(h) == 1);
++
++- HASHMAP_FOREACH(payload, h, j) {
+++ ORDERED_HASHMAP_FOREACH(payload, h, j) {
++ printf("expect: %s\n", expect);
++ printf("actual: %s\n", payload);
++ assert_se(streq(expect, payload));
++@@ -88,7 +88,7 @@ static void test_catalog_import_one(void) {
++ }
++
++ static void test_catalog_import_merge(void) {
++- _cleanup_hashmap_free_free_free_ Hashmap *h = NULL;
+++ _cleanup_ordered_hashmap_free_free_free_ OrderedHashmap *h = NULL;
++ char *payload;
++ Iterator j;
++
++@@ -114,15 +114,15 @@ static void test_catalog_import_merge(void) {
++ "override payload\n";
++
++ h = test_import(input, -1, 0);
++- assert_se(hashmap_size(h) == 1);
+++ assert_se(ordered_hashmap_size(h) == 1);
++
++- HASHMAP_FOREACH(payload, h, j) {
+++ ORDERED_HASHMAP_FOREACH(payload, h, j) {
++ assert_se(streq(combined, payload));
++ }
++ }
++
++ static void test_catalog_import_merge_no_body(void) {
++- _cleanup_hashmap_free_free_free_ Hashmap *h = NULL;
+++ _cleanup_ordered_hashmap_free_free_free_ OrderedHashmap *h = NULL;
++ char *payload;
++ Iterator j;
++
++@@ -147,9 +147,9 @@ static void test_catalog_import_merge_no_body(void) {
++ "payload\n";
++
++ h = test_import(input, -1, 0);
++- assert_se(hashmap_size(h) == 1);
+++ assert_se(ordered_hashmap_size(h) == 1);
++
++- HASHMAP_FOREACH(payload, h, j) {
+++ ORDERED_HASHMAP_FOREACH(payload, h, j) {
++ assert_se(streq(combined, payload));
++ }
++ }
--- /dev/null
--- /dev/null
++From: AsciiWolf <mail@asciiwolf.com>
++Date: Thu, 19 Sep 2019 15:36:42 +0200
++Subject: l10n: update Czech Translation
++
++(cherry picked from commit 1697a28567628ba0c2cb69ab36a7c80e66c01aa0)
++(cherry picked from commit 6dfbe58ee7dd6a002f310bc65a451ea6785e7f77)
++---
++ po/cs.po | 180 +++++++++++++++++++++++++++++++++++++++++++++++++++++++++------
++ 1 file changed, 165 insertions(+), 15 deletions(-)
++
++diff --git a/po/cs.po b/po/cs.po
++index 8306cdc..985be30 100644
++--- a/po/cs.po
+++++ b/po/cs.po
++@@ -7,8 +7,8 @@ msgid ""
++ msgstr ""
++ "Project-Id-Version: systemd master\n"
++ "Report-Msgid-Bugs-To: https://github.com/systemd/systemd/issues\n"
++-"POT-Creation-Date: 2018-11-26 03:25+0000\n"
++-"PO-Revision-Date: 2018-12-03 15:52+0100\n"
+++"POT-Creation-Date: 2019-09-17 14:31+0000\n"
+++"PO-Revision-Date: 2019-09-19 15:48+0200\n"
++ "Last-Translator: Daniel Rusek <mail@asciiwolf.com>\n"
++ "Language-Team: Czech\n"
++ "Language: cs\n"
++@@ -17,7 +17,7 @@ msgstr ""
++ "Content-Transfer-Encoding: 8bit\n"
++ "Plural-Forms: nplurals=3; plural=(n==1 ? 0 : n%10>=2 && n%10<=4 && (n%100<10 "
++ "|| n%100>=20) ? 1 : 2);\n"
++-"X-Generator: Poedit 2.2\n"
+++"X-Generator: Poedit 2.2.3\n"
++
++ #: src/core/org.freedesktop.systemd1.policy.in:22
++ msgid "Send passphrase back to system"
++@@ -456,22 +456,52 @@ msgid "Authentication is required to lock or unlock active sessions."
++ msgstr "Pro zamčení nebo odemčení aktivních sezení je vyžadováno ověření."
++
++ #: src/login/org.freedesktop.login1.policy:341
++-msgid "Allow indication to the firmware to boot to setup interface"
++-msgstr "Povolit indikaci firmwaru bootovat instalační prostředí"
+++msgid "Set the reboot \"reason\" in the kernel"
+++msgstr "Nastavit \"důvod\" rebootu v jádře"
++
++ #: src/login/org.freedesktop.login1.policy:342
+++msgid "Authentication is required to set the reboot \"reason\" in the kernel."
+++msgstr "Pro nastavení \"důvodu\" rebootu v jádře je vyžadováno ověření."
+++
+++#: src/login/org.freedesktop.login1.policy:352
+++msgid "Indicate to the firmware to boot to setup interface"
+++msgstr "Indikovat firmwaru, aby bootoval do instalačního prostředí"
+++
+++#: src/login/org.freedesktop.login1.policy:353
++ msgid ""
++ "Authentication is required to indicate to the firmware to boot to setup "
++ "interface."
++ msgstr ""
++-"K povolení indikace firmwaru bootovat instalační prostředí je vyžadováno "
+++"K indikaci firmwaru, aby bootoval do instalačního prostředí je vyžadováno "
++ "ověření."
++
++-#: src/login/org.freedesktop.login1.policy:352
+++#: src/login/org.freedesktop.login1.policy:363
+++msgid "Indicate to the boot loader to boot to the boot loader menu"
+++msgstr "Indikovat zavaděči, aby bootoval do menu zavaděče"
+++
+++#: src/login/org.freedesktop.login1.policy:364
+++msgid ""
+++"Authentication is required to indicate to the boot loader to boot to the "
+++"boot loader menu."
+++msgstr ""
+++"K indikaci zavaděči, aby bootoval do menu zavaděče je vyžadováno ověření."
+++
+++#: src/login/org.freedesktop.login1.policy:374
+++msgid "Indicate to the boot loader to boot a specific entry"
+++msgstr "Indikovat zavaděči, aby bootoval specifickou položku"
+++
+++#: src/login/org.freedesktop.login1.policy:375
+++msgid ""
+++"Authentication is required to indicate to the boot loader to boot into a "
+++"specific boot loader entry."
+++msgstr ""
+++"K indikaci zavaděči, aby bootoval specifickou položku je vyžadováno ověření."
+++
+++#: src/login/org.freedesktop.login1.policy:385
++ msgid "Set a wall message"
++ msgstr "Nastavit zprávu všem uživatelům"
++
++-#: src/login/org.freedesktop.login1.policy:353
+++#: src/login/org.freedesktop.login1.policy:386
++ msgid "Authentication is required to set a wall message"
++ msgstr "K nastavení zprávy všem uživatelům je vyžadováno ověření"
++
++@@ -546,6 +576,110 @@ msgstr ""
++ "Pro správu obrazů lokálních virtuálních strojů a kontejnerů je vyžadováno "
++ "ověření."
++
+++#: src/network/org.freedesktop.network1.policy:22
+++msgid "Set NTP servers"
+++msgstr "Nastavit NTP servery"
+++
+++#: src/network/org.freedesktop.network1.policy:23
+++msgid "Authentication is required to set NTP servers."
+++msgstr "Pro nastavení NTP serverů je vyžadováno ověření."
+++
+++#: src/network/org.freedesktop.network1.policy:33
+++#: src/resolve/org.freedesktop.resolve1.policy:44
+++msgid "Set DNS servers"
+++msgstr "Nastavit DNS servery"
+++
+++#: src/network/org.freedesktop.network1.policy:34
+++#: src/resolve/org.freedesktop.resolve1.policy:45
+++msgid "Authentication is required to set DNS servers."
+++msgstr "Pro nastavení DNS serverů je vyžadováno ověření."
+++
+++#: src/network/org.freedesktop.network1.policy:44
+++#: src/resolve/org.freedesktop.resolve1.policy:55
+++msgid "Set domains"
+++msgstr "Nastavit domény"
+++
+++#: src/network/org.freedesktop.network1.policy:45
+++#: src/resolve/org.freedesktop.resolve1.policy:56
+++msgid "Authentication is required to set domains."
+++msgstr "Pro nastavení domén je vyžadováno ověření."
+++
+++#: src/network/org.freedesktop.network1.policy:55
+++#: src/resolve/org.freedesktop.resolve1.policy:66
+++msgid "Set default route"
+++msgstr "Nastavit implicitní směrování"
+++
+++#: src/network/org.freedesktop.network1.policy:56
+++#: src/resolve/org.freedesktop.resolve1.policy:67
+++msgid "Authentication is required to set default route."
+++msgstr "Pro nastavení implicitního směrování je vyžadováno ověření."
+++
+++#: src/network/org.freedesktop.network1.policy:66
+++#: src/resolve/org.freedesktop.resolve1.policy:77
+++msgid "Enable/disable LLMNR"
+++msgstr "Povolit/zakázat LLMNR"
+++
+++#: src/network/org.freedesktop.network1.policy:67
+++#: src/resolve/org.freedesktop.resolve1.policy:78
+++msgid "Authentication is required to enable or disable LLMNR."
+++msgstr "Pro povolení nebo zakázání LLMNR je vyžadováno ověření."
+++
+++#: src/network/org.freedesktop.network1.policy:77
+++#: src/resolve/org.freedesktop.resolve1.policy:88
+++msgid "Enable/disable multicast DNS"
+++msgstr "Povolit/zakázat multicast DNS"
+++
+++#: src/network/org.freedesktop.network1.policy:78
+++#: src/resolve/org.freedesktop.resolve1.policy:89
+++msgid "Authentication is required to enable or disable multicast DNS."
+++msgstr "Pro povolení nebo zakázání multicast DNS je vyžadováno ověření."
+++
+++#: src/network/org.freedesktop.network1.policy:88
+++#: src/resolve/org.freedesktop.resolve1.policy:99
+++msgid "Enable/disable DNS over TLS"
+++msgstr "Povolit/zakázat DNS over TLS"
+++
+++#: src/network/org.freedesktop.network1.policy:89
+++#: src/resolve/org.freedesktop.resolve1.policy:100
+++msgid "Authentication is required to enable or disable DNS over TLS."
+++msgstr "Pro povolení nebo zakázání DNS over TLS vyžadováno ověření."
+++
+++#: src/network/org.freedesktop.network1.policy:99
+++#: src/resolve/org.freedesktop.resolve1.policy:110
+++msgid "Enable/disable DNSSEC"
+++msgstr "Povolit/zakázat DNSSEC"
+++
+++#: src/network/org.freedesktop.network1.policy:100
+++#: src/resolve/org.freedesktop.resolve1.policy:111
+++msgid "Authentication is required to enable or disable DNSSEC."
+++msgstr "Pro povolení nebo zakázání DNSSEC je vyžadováno ověření."
+++
+++#: src/network/org.freedesktop.network1.policy:110
+++#: src/resolve/org.freedesktop.resolve1.policy:121
+++msgid "Set DNSSEC Negative Trust Anchors"
+++msgstr "Nastavit DNSSEC Negative Trust Anchors"
+++
+++#: src/network/org.freedesktop.network1.policy:111
+++#: src/resolve/org.freedesktop.resolve1.policy:122
+++msgid "Authentication is required to set DNSSEC Negative Trust Anchors."
+++msgstr "Pro nastavení DNSSEC Negative Trust Anchors je vyžadováno ověření."
+++
+++#: src/network/org.freedesktop.network1.policy:121
+++msgid "Revert NTP settings"
+++msgstr "Vrátit změny nastavení NTP"
+++
+++#: src/network/org.freedesktop.network1.policy:122
+++msgid "Authentication is required to reset NTP settings."
+++msgstr "Pro resetování nastavení NTP je vyžadováno ověření."
+++
+++#: src/network/org.freedesktop.network1.policy:132
+++msgid "Revert DNS settings"
+++msgstr "Vrátit změny nastavení DNS"
+++
+++#: src/network/org.freedesktop.network1.policy:133
+++msgid "Authentication is required to reset DNS settings."
+++msgstr "Pro resetování nastavení DNS je vyžadováno ověření."
+++
++ #: src/portable/org.freedesktop.portable1.policy:13
++ msgid "Inspect a portable service image"
++ msgstr "Prohlédnout obraz přenosné služby"
++@@ -590,6 +724,14 @@ msgstr "Zrušit registraci služby DNS-SD"
++ msgid "Authentication is required to unregister a DNS-SD service"
++ msgstr "Pro zrušení registrace služby DNS-SD je vyžadováno ověření"
++
+++#: src/resolve/org.freedesktop.resolve1.policy:132
+++msgid "Revert name resolution settings"
+++msgstr "Vrátit změny nastavení překladu jmen"
+++
+++#: src/resolve/org.freedesktop.resolve1.policy:133
+++msgid "Authentication is required to reset name resolution settings."
+++msgstr "Pro resetování nastavení překladu jmen je vyžadováno ověření."
+++
++ #: src/timedate/org.freedesktop.timedate1.policy:22
++ msgid "Set system time"
++ msgstr "Nastavit systémový čas"
++@@ -628,35 +770,43 @@ msgid ""
++ "shall be enabled."
++ msgstr "Pro kontrolu synchronizace času ze sítě je vyžadováno ověření."
++
++-#: src/core/dbus-unit.c:326
+++#: src/core/dbus-unit.c:354
++ msgid "Authentication is required to start '$(unit)'."
++ msgstr "Pro spuštění „$(unit)” je vyžadováno ověření."
++
++-#: src/core/dbus-unit.c:327
+++#: src/core/dbus-unit.c:355
++ msgid "Authentication is required to stop '$(unit)'."
++ msgstr "Pro vypnutí „$(unit)” je vyžadováno ověření."
++
++-#: src/core/dbus-unit.c:328
+++#: src/core/dbus-unit.c:356
++ msgid "Authentication is required to reload '$(unit)'."
++ msgstr "Pro znovu načtení „$(unit)” je vyžadováno ověření."
++
++-#: src/core/dbus-unit.c:329 src/core/dbus-unit.c:330
+++#: src/core/dbus-unit.c:357 src/core/dbus-unit.c:358
++ msgid "Authentication is required to restart '$(unit)'."
++ msgstr "Pro restart „$(unit)” je vyžadováno ověření."
++
++-#: src/core/dbus-unit.c:437
+++#: src/core/dbus-unit.c:530
++ msgid ""
++ "Authentication is required to send a UNIX signal to the processes of "
++ "'$(unit)'."
++ msgstr "Pro odeslání UNIX signálu procesům „$(unit)” je vyžadováno ověření."
++
++-#: src/core/dbus-unit.c:468
+++#: src/core/dbus-unit.c:561
++ msgid "Authentication is required to reset the \"failed\" state of '$(unit)'."
++ msgstr "Pro resetování chybného stavu „$(unit)” je vyžadováno ověření."
++
++-#: src/core/dbus-unit.c:501
+++#: src/core/dbus-unit.c:594
++ msgid "Authentication is required to set properties on '$(unit)'."
++ msgstr "Pro nastavení vlastností na „$(unit)” je vyžadováno ověření."
++
+++#: src/core/dbus-unit.c:703
+++msgid ""
+++"Authentication is required to delete files and directories associated with "
+++"'$(unit)'."
+++msgstr ""
+++"Pro odstranění souborů nebo adresářů souvisejících s „$(unit)” je vyžadováno "
+++"ověření."
+++
++ #~ msgid "Authentication is required to kill '$(unit)'."
++ #~ msgstr "Pro ukončení „$(unit)” je vyžadováno ověření."
--- /dev/null
--- /dev/null
++From: Filipe Brandenburger <filbranden@gmail.com>
++Date: Tue, 24 Sep 2019 15:31:27 -0700
++Subject: log: Add missing "%" in "%m" log format strings
++
++These were clearly intended to be "%m" to display the human readable version
++of the error stored in errno.
++
++(cherry picked from commit 28b77ab246b88d05076080bbd69ca3c353fa0f27)
++(cherry picked from commit 693e983988691df9ce701f44f0dd936744aa8d34)
++---
++ src/core/unit.c | 2 +-
++ src/shared/bootspec.c | 2 +-
++ 2 files changed, 2 insertions(+), 2 deletions(-)
++
++diff --git a/src/core/unit.c b/src/core/unit.c
++index cedcb3f..a1dc76a 100644
++--- a/src/core/unit.c
+++++ b/src/core/unit.c
++@@ -2788,7 +2788,7 @@ int unit_enqueue_rewatch_pids(Unit *u) {
++
++ r = sd_event_source_set_priority(s, SD_EVENT_PRIORITY_IDLE);
++ if (r < 0)
++- return log_error_errno(r, "Failed to adjust priority of event source for tidying watched PIDs: m");
+++ return log_error_errno(r, "Failed to adjust priority of event source for tidying watched PIDs: %m");
++
++ (void) sd_event_source_set_description(s, "tidy-watch-pids");
++
++diff --git a/src/shared/bootspec.c b/src/shared/bootspec.c
++index b0c6e48..aa3b773 100644
++--- a/src/shared/bootspec.c
+++++ b/src/shared/bootspec.c
++@@ -876,7 +876,7 @@ static int verify_esp_blkid(
++ errno = 0;
++ r = blkid_probe_lookup_value(b, "PART_ENTRY_NUMBER", &v, NULL);
++ if (r != 0)
++- return log_error_errno(errno ?: SYNTHETIC_ERRNO(EIO), "Failed to probe partition number of \"%s\": m", node);
+++ return log_error_errno(errno ?: SYNTHETIC_ERRNO(EIO), "Failed to probe partition number of \"%s\": %m", node);
++ r = safe_atou32(v, &part);
++ if (r < 0)
++ return log_error_errno(r, "Failed to parse PART_ENTRY_NUMBER field.");
--- /dev/null
--- /dev/null
++From: =?utf-8?q?Zbigniew_J=C4=99drzejewski-Szmek?= <zbyszek@in.waw.pl>
++Date: Mon, 21 Oct 2019 09:33:19 +0200
++Subject: logind: drop {}
++
++(cherry picked from commit 4b9e5848e31cb2efb606a5292a2d2abb6ba35040)
++---
++ src/login/logind-device.c | 3 +--
++ 1 file changed, 1 insertion(+), 2 deletions(-)
++
++diff --git a/src/login/logind-device.c b/src/login/logind-device.c
++index 2010854..9a62217 100644
++--- a/src/login/logind-device.c
+++++ b/src/login/logind-device.c
++@@ -91,14 +91,13 @@ void device_attach(Device *d, Seat *s) {
++
++ if (d->master || !s->devices)
++ LIST_PREPEND(devices, s->devices, d);
++- else {
+++ else
++ LIST_FOREACH(devices, i, s->devices) {
++ if (!i->devices_next || !i->master) {
++ LIST_INSERT_AFTER(devices, s->devices, i, d);
++ break;
++ }
++ }
++- }
++
++ if (!had_master && d->master && s->started) {
++ seat_save(s);
--- /dev/null
--- /dev/null
++From: =?utf-8?q?Zbigniew_J=C4=99drzejewski-Szmek?= <zbyszek@in.waw.pl>
++Date: Mon, 21 Oct 2019 15:07:36 +0200
++Subject: logind: fix emission of PropertiesChanged for users
++
++The same as parent commit, but users. This is the third and last
++foo_object_find() function in logind, so I think that this particular
++family of bugs is finally squashed.
++
++(cherry picked from commit 8163b9f90079af298031dcbffee057fc344470a3)
++---
++ src/login/logind-dbus.c | 1 -
++ src/login/logind-user-dbus.c | 2 --
++ 2 files changed, 3 deletions(-)
++
++diff --git a/src/login/logind-dbus.c b/src/login/logind-dbus.c
++index e994b1f..e32e59c 100644
++--- a/src/login/logind-dbus.c
+++++ b/src/login/logind-dbus.c
++@@ -162,7 +162,6 @@ int manager_get_user_from_creds(Manager *m, sd_bus_message *message, uid_t uid,
++ User *user;
++
++ assert(m);
++- assert(message);
++ assert(ret);
++
++ if (!uid_is_valid(uid))
++diff --git a/src/login/logind-user-dbus.c b/src/login/logind-user-dbus.c
++index beb9736..a6e2d49 100644
++--- a/src/login/logind-user-dbus.c
+++++ b/src/login/logind-user-dbus.c
++@@ -244,8 +244,6 @@ int user_object_find(sd_bus *bus, const char *path, const char *interface, void
++ sd_bus_message *message;
++
++ message = sd_bus_get_current_message(bus);
++- if (!message)
++- return 0;
++
++ r = manager_get_user_from_creds(m, message, UID_INVALID, error, &user);
++ if (r == -ENXIO) {
--- /dev/null
--- /dev/null
++From: =?utf-8?q?Zbigniew_J=C4=99drzejewski-Szmek?= <zbyszek@in.waw.pl>
++Date: Mon, 21 Oct 2019 15:05:58 +0200
++Subject: logind: fix emission of PropertiesChanged on seats
++MIME-Version: 1.0
++Content-Type: text/plain; charset="utf-8"
++Content-Transfer-Encoding: 8bit
++
++The story is the same as in 471cffcfb0e005b7c4044b3b52cc4f25d217efac:
++device_attach() → seat_send_changed() → sd_bus_emit_properties_changed_strv()
++→ emit_properties_changed_on_interface() → node_vtable_get_userdata()
++→ seat_object_find(), which returns 0 because message == NULL.
++But when we are emitting a signal, message is always NULL. Removing the
++overeager check and assert in the called function allow the signal to be
++emitted.
++
++Fixes #13769.
++
++(cherry picked from commit 8cc64c2a3640121745fdfaccc6eae896ac25a911)
++---
++ src/login/logind-dbus.c | 1 -
++ src/login/logind-seat-dbus.c | 2 --
++ 2 files changed, 3 deletions(-)
++
++diff --git a/src/login/logind-dbus.c b/src/login/logind-dbus.c
++index 679eb6a..e994b1f 100644
++--- a/src/login/logind-dbus.c
+++++ b/src/login/logind-dbus.c
++@@ -188,7 +188,6 @@ int manager_get_seat_from_creds(
++ int r;
++
++ assert(m);
++- assert(message);
++ assert(ret);
++
++ if (SEAT_IS_SELF(name) || SEAT_IS_AUTO(name)) {
++diff --git a/src/login/logind-seat-dbus.c b/src/login/logind-seat-dbus.c
++index 3c58929..9958490 100644
++--- a/src/login/logind-seat-dbus.c
+++++ b/src/login/logind-seat-dbus.c
++@@ -280,8 +280,6 @@ int seat_object_find(sd_bus *bus, const char *path, const char *interface, void
++ return -ENOMEM;
++
++ message = sd_bus_get_current_message(bus);
++- if (!message)
++- return 0;
++
++ r = manager_get_seat_from_creds(m, message, e, error, &seat);
++ if (r == -ENXIO) {
--- /dev/null
--- /dev/null
++From: Philip Withnall <withnall@endlessm.com>
++Date: Tue, 24 Sep 2019 16:07:23 +0100
++Subject: man: Add a missing space in machinectl(1)
++
++Signed-off-by: Philip Withnall <withnall@endlessm.com>
++(cherry picked from commit abdc57dfe149bfba79af094fd623eb9929eff5e3)
++(cherry picked from commit a0577353f191affac1273bf68f4de4483a1d0a6a)
++---
++ man/machinectl.xml | 2 +-
++ 1 file changed, 1 insertion(+), 1 deletion(-)
++
++diff --git a/man/machinectl.xml b/man/machinectl.xml
++index 357574f..ebec723 100644
++--- a/man/machinectl.xml
+++++ b/man/machinectl.xml
++@@ -695,7 +695,7 @@
++ server, under the same URL as the <filename>.tar</filename> file.
++ With <option>--verify=checksum</option>, only the SHA256 checksum
++ for the file is verified, based on the <filename>.sha256</filename>
++- suffixed file or the<filename>SHA256SUMS</filename> file.
+++ suffixed file or the <filename>SHA256SUMS</filename> file.
++ With <option>--verify=signature</option>, the sha checksum file is
++ first verified with the inline signature in the
++ <filename>.sha256</filename> file or the detached GPG signature file
--- /dev/null
--- /dev/null
++From: Yu Watanabe <watanabe.yu+github@gmail.com>
++Date: Tue, 19 Nov 2019 00:03:35 +0900
++Subject: man: add entry about SpeedMeter=
++
++Closes #14002.
++
++(cherry picked from commit c9fdaed079524942445a1bbbb975766768ad9b04)
++---
++ man/networkd.conf.xml | 22 ++++++++++++++++++++++
++ 1 file changed, 22 insertions(+)
++
++diff --git a/man/networkd.conf.xml b/man/networkd.conf.xml
++index 5164554..2041ddd 100644
++--- a/man/networkd.conf.xml
+++++ b/man/networkd.conf.xml
++@@ -42,6 +42,28 @@
++
++ <xi:include href="standard-conf.xml" xpointer="main-conf" />
++
+++ <refsect1>
+++ <title>[Network] Section Options</title>
+++
+++ <para>The following options are available in the <literal>[Network]</literal> section:</para>
+++
+++ <variablelist class='network-directives'>
+++ <varlistentry>
+++ <term><varname>SpeedMeter=</varname></term>
+++ <listitem><para>Takes a boolean. If set to yes, then <command>systemd-networkd</command>
+++ measures the traffic of each interface, and
+++ <command>networkctl status <replaceable>INTERFACE</replaceable> shows the measured speed.
+++ </command>Defaults to no.</para></listitem>
+++ </varlistentry>
+++
+++ <varlistentry>
+++ <term><varname>SpeedMeterIntervalSec=</varname></term>
+++ <listitem><para>Specifies the time interval to calculate the traffic speed of each interface.
+++ If <varname>SpeedMeter=no</varname>, the value is ignored. Defaults to 10sec.</para></listitem>
+++ </varlistentry>
+++ </variablelist>
+++ </refsect1>
+++
++ <refsect1>
++ <title>[DHCP] Section Options</title>
++
--- /dev/null
--- /dev/null
++From: =?utf-8?q?Zbigniew_J=C4=99drzejewski-Szmek?= <zbyszek@in.waw.pl>
++Date: Thu, 12 Sep 2019 11:15:35 +0200
++Subject: man: fix description of ARPIntervalSec= units
++
++https://bugzilla.redhat.com/show_bug.cgi?id=1751363
++(cherry picked from commit 06c52cc2b7c6cf2729e130f2a23c5a7ce62e27b9)
++(cherry picked from commit 73e0f372d8100e635b95b0af39d4546e069c38e0)
++---
++ man/systemd.netdev.xml | 4 ++--
++ 1 file changed, 2 insertions(+), 2 deletions(-)
++
++diff --git a/man/systemd.netdev.xml b/man/systemd.netdev.xml
++index 0775e00..4313355 100644
++--- a/man/systemd.netdev.xml
+++++ b/man/systemd.netdev.xml
++@@ -1742,8 +1742,8 @@
++ <varlistentry>
++ <term><varname>ARPIntervalSec=</varname></term>
++ <listitem>
++- <para>Specifies the ARP link monitoring frequency in milliseconds.
++- A value of 0 disables ARP monitoring. The default value is 0.
+++ <para>Specifies the ARP link monitoring frequency. A value of 0 disables ARP monitoring. The
+++ default value is 0, and the default unit seconds.
++ </para>
++ </listitem>
++ </varlistentry>
--- /dev/null
--- /dev/null
++From: Michael Biebl <biebl@debian.org>
++Date: Sat, 21 Sep 2019 17:06:25 +0200
++Subject: man: fix typo
++
++(cherry picked from commit decef551afaff9fb72f3cde499c9c1bcd23e5874)
++(cherry picked from commit b90549290e33dd09fb2677d4236228e1f3f2a4b1)
++---
++ man/systemd-time-wait-sync.service.xml | 2 +-
++ 1 file changed, 1 insertion(+), 1 deletion(-)
++
++diff --git a/man/systemd-time-wait-sync.service.xml b/man/systemd-time-wait-sync.service.xml
++index d51b272..c8a92f9 100644
++--- a/man/systemd-time-wait-sync.service.xml
+++++ b/man/systemd-time-wait-sync.service.xml
++@@ -35,7 +35,7 @@
++
++ <para><filename>systemd-timesyncd.service</filename> notifies on successful synchronization.
++ <filename>systemd-time-wait-sync</filename> also tries to detect when the kernel marks the time as synchronized,
++- but this detection is not reliable and is intended only as a fallback for other servies that can be used to
+++ but this detection is not reliable and is intended only as a fallback for other services that can be used to
++ synchronize time (e.g., ntpd, chronyd).</para>
++
++ </refsect1>
--- /dev/null
--- /dev/null
++From: Yu Watanabe <watanabe.yu+github@gmail.com>
++Date: Fri, 13 Sep 2019 17:12:59 +0900
++Subject: man: move TimeoutCleanSec= entry from .service to .exec
++
++Follow-up for 12213aed128456af33ff6131a14b637318227346.
++
++Closes #13546.
++
++(cherry picked from commit bd9014c360f86aefcf4d417d50372a5fc29af7ce)
++(cherry picked from commit 3ccafef0ad693d991212b6cc934e6aa1ddae37f7)
++---
++ man/systemd.exec.xml | 10 ++++++++++
++ man/systemd.service.xml | 10 ----------
++ 2 files changed, 10 insertions(+), 10 deletions(-)
++
++diff --git a/man/systemd.exec.xml b/man/systemd.exec.xml
++index 5cb83af..6dcccc3 100644
++--- a/man/systemd.exec.xml
+++++ b/man/systemd.exec.xml
++@@ -1035,6 +1035,16 @@ StateDirectory=aaa/bbb ccc</programlisting>
++ <varname>RuntimeDirectory=</varname> are removed when the system is rebooted.</para></listitem>
++ </varlistentry>
++
+++ <varlistentry>
+++ <term><varname>TimeoutCleanSec=</varname></term>
+++ <listitem><para>Configures a timeout on the clean-up operation requested through <command>systemctl
+++ clean …</command>, see
+++ <citerefentry><refentrytitle>systemctl</refentrytitle><manvolnum>1</manvolnum></citerefentry> for
+++ details. Takes the usual time values and defaults to <constant>infinity</constant>, i.e. by default
+++ no time-out is applied. If a time-out is configured the clean operation will be aborted forcibly when
+++ the time-out is reached, potentially leaving resources on disk.</para></listitem>
+++ </varlistentry>
+++
++ <varlistentry>
++ <term><varname>ReadWritePaths=</varname></term>
++ <term><varname>ReadOnlyPaths=</varname></term>
++diff --git a/man/systemd.service.xml b/man/systemd.service.xml
++index 40ac052..14840c2 100644
++--- a/man/systemd.service.xml
+++++ b/man/systemd.service.xml
++@@ -636,16 +636,6 @@
++ </para></listitem>
++ </varlistentry>
++
++- <varlistentry>
++- <term><varname>TimeoutCleanSec=</varname></term>
++- <listitem><para>Configures a timeout on the clean-up operation requested through <command>systemctl
++- clean …</command>, see
++- <citerefentry><refentrytitle>systemctl</refentrytitle><manvolnum>1</manvolnum></citerefentry> for
++- details. Takes the usual time values and defaults to <constant>infinity</constant>, i.e. by default
++- no time-out is applied. If a time-out is configured the clean operation will be aborted forcibly when
++- the time-out is reached, potentially leaving resources on disk.</para></listitem>
++- </varlistentry>
++-
++ <varlistentry>
++ <term><varname>RuntimeMaxSec=</varname></term>
++
--- /dev/null
--- /dev/null
++From: =?utf-8?q?Zbigniew_J=C4=99drzejewski-Szmek?= <zbyszek@in.waw.pl>
++Date: Sat, 7 Sep 2019 15:16:35 +0200
++Subject: man: remove repeated words
++
++https://github.com/systemd/systemd/commit/b5328434c91b10ad49647e2352e62b1fbdce329d#commitcomment-34989175
++(cherry picked from commit ff7cfff0c446ce8ba901f8fc531171fb727a9a5d)
++(cherry picked from commit 9a25d7552094a0233ea4745ac127926887bbd906)
++---
++ man/systemd.unit.xml | 2 +-
++ 1 file changed, 1 insertion(+), 1 deletion(-)
++
++diff --git a/man/systemd.unit.xml b/man/systemd.unit.xml
++index acb09d0..d812108 100644
++--- a/man/systemd.unit.xml
+++++ b/man/systemd.unit.xml
++@@ -163,7 +163,7 @@
++ <varname>Wants=</varname>, see below. The preferred way to create symlinks in the
++ <filename>.wants/</filename> or <filename>.requires/</filename> directory of a unit file is by embedding
++ the dependency in [Install] section of the target unit, and creating the symlink in the file system with
++- the with the <command>enable</command> or <command>preset</command> commands of
+++ the <command>enable</command> or <command>preset</command> commands of
++ <citerefentry><refentrytitle>systemctl</refentrytitle><manvolnum>1</manvolnum></citerefentry>.</para>
++
++ <para>Along with a unit file <filename>foo.service</filename>, a "drop-in" directory
--- /dev/null
--- /dev/null
++From: Carlo Teubner <435950+c4rlo@users.noreply.github.com>
++Date: Wed, 4 Sep 2019 18:58:56 +0100
++Subject: man/systemctl.xml: fix missing "not"
++
++(cherry picked from commit f06530d86ba7688067fc2758b5e54599bda1e4a0)
++---
++ man/systemctl.xml | 2 +-
++ 1 file changed, 1 insertion(+), 1 deletion(-)
++
++diff --git a/man/systemctl.xml b/man/systemctl.xml
++index 0f06a88..9abbb85 100644
++--- a/man/systemctl.xml
+++++ b/man/systemctl.xml
++@@ -818,7 +818,7 @@ Sun 2017-02-26 20:57:49 EST 2h 3min left Sun 2017-02-26 11:56:36 EST 6h ago
++ <listitem>
++ <para>Stop (deactivate) one or more units specified on the command line.</para>
++
++- <para>This command will fail if the unit does exist or if stopping of the unit is prohibited (see
+++ <para>This command will fail if the unit does not exist or if stopping of the unit is prohibited (see
++ <varname>RefuseManualStop=</varname> in
++ <citerefentry><refentrytitle>systemd.unit</refentrytitle><manvolnum>5</manvolnum></citerefentry>).
++ It will <emphasis>not</emphasis> fail if any of the commands configured to stop the unit
--- /dev/null
--- /dev/null
++From: Benjamin Gilbert <bgilbert@redhat.com>
++Date: Tue, 10 Sep 2019 23:23:59 -0400
++Subject: mount-setup: relabel items mentioned directly in relabel-extra.d
++
++relabel_extra() relabels the descendants of directories listed in
++relabel-extra.d, but doesn't relabel the files or directories
++explicitly named there. This makes it impossible to use
++relabel-extra.d to relabel the root of a filesystem. Fix by
++relabeling the named items too.
++
++(cherry picked from commit 71de68476c1897b8624538ce32218891251fa5f6)
++(cherry picked from commit 29308bcc1326521081f4d7369945d325c2d41faa)
++---
++ src/core/mount-setup.c | 1 +
++ 1 file changed, 1 insertion(+)
++
++diff --git a/src/core/mount-setup.c b/src/core/mount-setup.c
++index ea7b0a8..fc6c5f6 100644
++--- a/src/core/mount-setup.c
+++++ b/src/core/mount-setup.c
++@@ -486,6 +486,7 @@ static int relabel_extra(void) {
++ }
++
++ log_debug("Relabelling additional file/directory '%s'.", line);
+++ (void) label_fix(line, 0);
++ (void) nftw(line, nftw_cb, 64, FTW_MOUNT|FTW_PHYS|FTW_ACTIONRETVAL);
++ c++;
++ }
--- /dev/null
--- /dev/null
++From: Yu Watanabe <watanabe.yu+github@gmail.com>
++Date: Sat, 7 Sep 2019 03:36:19 +0900
++Subject: ndisc: make first solicit delayed randomly
++
++Closes #13460.
++
++(cherry picked from commit 9973e6c43abb9d3d73fcfee83c886dbd32e700ca)
++(cherry picked from commit ccf797511e0af237d67a6a5511e760bd41de1732)
++---
++ src/libsystemd-network/sd-ndisc.c | 2 +-
++ 1 file changed, 1 insertion(+), 1 deletion(-)
++
++diff --git a/src/libsystemd-network/sd-ndisc.c b/src/libsystemd-network/sd-ndisc.c
++index 5e71171..9922203 100644
++--- a/src/libsystemd-network/sd-ndisc.c
+++++ b/src/libsystemd-network/sd-ndisc.c
++@@ -365,7 +365,7 @@ _public_ int sd_ndisc_start(sd_ndisc *nd) {
++
++ r = event_reset_time(nd->event, &nd->timeout_event_source,
++ clock_boottime_or_monotonic(),
++- 0, 0,
+++ time_now + USEC_PER_SEC / 2, 1 * USEC_PER_SEC, /* See RFC 8415 sec. 18.2.1 */
++ ndisc_timeout, nd,
++ nd->event_priority, "ndisc-timeout", true);
++ if (r < 0)
--- /dev/null
--- /dev/null
++From: Susant Sahani <ssahani@vmware.com>
++Date: Mon, 16 Sep 2019 20:46:39 +0200
++Subject: network DHCP4: Don't mislead the logs.
++
++The debug log making sense to the end user as an error.
++
++(cherry picked from commit 61cda4d7964ff00dfa6260f84219720d9b97671a)
++(cherry picked from commit 91db81e4dda8d322a4a771fc4f173ce2f147dc88)
++---
++ src/network/networkd-dhcp4.c | 2 +-
++ 1 file changed, 1 insertion(+), 1 deletion(-)
++
++diff --git a/src/network/networkd-dhcp4.c b/src/network/networkd-dhcp4.c
++index 662770b..c5644f8 100644
++--- a/src/network/networkd-dhcp4.c
+++++ b/src/network/networkd-dhcp4.c
++@@ -198,7 +198,7 @@ static int link_set_dhcp_routes(Link *link) {
++ if (n == -ENODATA)
++ log_link_debug_errno(link, n, "DHCP: No routes received from DHCP server: %m");
++ else if (n < 0)
++- log_link_debug_errno(link, n, "DHCP error: could not get routes: %m");
+++ log_link_debug_errno(link, n, "DHCP: could not get routes: %m");
++
++ for (i = 0; i < n; i++) {
++ switch (sd_dhcp_route_get_option(static_routes[i])) {
--- /dev/null
--- /dev/null
++From: Yu Watanabe <watanabe.yu+github@gmail.com>
++Date: Tue, 17 Sep 2019 21:29:23 +0900
++Subject: network: add missing link->network checks
++
++When the function is called, no network file may be assigned to the
++link.
++
++(cherry picked from commit b1b0b42e48303134731e017a108c6c334ef5f4c8)
++(cherry picked from commit dd83d5879661d46f85457d139f683c920875eb44)
++---
++ src/network/networkd-link.c | 8 ++++----
++ 1 file changed, 4 insertions(+), 4 deletions(-)
++
++diff --git a/src/network/networkd-link.c b/src/network/networkd-link.c
++index f5bb788..77df151 100644
++--- a/src/network/networkd-link.c
+++++ b/src/network/networkd-link.c
++@@ -2393,9 +2393,9 @@ static int link_drop_foreign_config(Link *link) {
++ continue;
++
++ if (link_address_is_dynamic(link, address)) {
++- if (FLAGS_SET(link->network->keep_configuration, KEEP_CONFIGURATION_DHCP))
+++ if (link->network && FLAGS_SET(link->network->keep_configuration, KEEP_CONFIGURATION_DHCP))
++ continue;
++- } else if (FLAGS_SET(link->network->keep_configuration, KEEP_CONFIGURATION_STATIC))
+++ } else if (link->network && FLAGS_SET(link->network->keep_configuration, KEEP_CONFIGURATION_STATIC))
++ continue;
++
++ if (link_is_static_address_configured(link, address)) {
++@@ -2435,11 +2435,11 @@ static int link_drop_foreign_config(Link *link) {
++ in_addr_equal(AF_INET6, &route->dst, &(union in_addr_union) { .in6 = {{{ 0xff,0,0,0, 0,0,0,0, 0,0,0,0, 0,0,0,0 }}} }))
++ continue;
++
++- if (route->protocol == RTPROT_STATIC &&
+++ if (route->protocol == RTPROT_STATIC && link->network &&
++ FLAGS_SET(link->network->keep_configuration, KEEP_CONFIGURATION_STATIC))
++ continue;
++
++- if (route->protocol == RTPROT_DHCP &&
+++ if (route->protocol == RTPROT_DHCP && link->network &&
++ FLAGS_SET(link->network->keep_configuration, KEEP_CONFIGURATION_DHCP))
++ continue;
++
--- /dev/null
--- /dev/null
++From: Yu Watanabe <watanabe.yu+github@gmail.com>
++Date: Wed, 11 Sep 2019 18:24:41 +0900
++Subject: network: do not abort execution when a config file cannot be loaded
++
++Closes #13516.
++
++(cherry picked from commit be7110826eb4d7d0fafee4790562e0dedb9d817b)
++(cherry picked from commit 19e9fc4262f9063f4986d7336e3921095d6e51ed)
++---
++ src/network/netdev/netdev.c | 2 +-
++ src/network/networkd-network.c | 2 +-
++ 2 files changed, 2 insertions(+), 2 deletions(-)
++
++diff --git a/src/network/netdev/netdev.c b/src/network/netdev/netdev.c
++index 7735b45..7853e19 100644
++--- a/src/network/netdev/netdev.c
+++++ b/src/network/netdev/netdev.c
++@@ -844,7 +844,7 @@ int netdev_load(Manager *manager) {
++ STRV_FOREACH(f, files) {
++ r = netdev_load_one(manager, *f);
++ if (r < 0)
++- return r;
+++ log_error_errno(r, "Failed to load %s, ignoring: %m", *f);
++ }
++
++ return 0;
++diff --git a/src/network/networkd-network.c b/src/network/networkd-network.c
++index 2b8d0eb..fe81f1b 100644
++--- a/src/network/networkd-network.c
+++++ b/src/network/networkd-network.c
++@@ -506,7 +506,7 @@ int network_load(Manager *manager) {
++ STRV_FOREACH(f, files) {
++ r = network_load_one(manager, *f);
++ if (r < 0)
++- return r;
+++ log_error_errno(r, "Failed to load %s, ignoring: %m", *f);
++ }
++
++ return 0;
--- /dev/null
--- /dev/null
++From: Yu Watanabe <watanabe.yu+github@gmail.com>
++Date: Tue, 17 Sep 2019 21:34:06 +0900
++Subject: network: do not enter failed state if device's sysfs entry does not
++ exist yet
++
++(cherry picked from commit 4d59e14f321d50cbdec1a2ef702e2d258e377356)
++(cherry picked from commit 45dca7fe864d88edd366f15322c7a7d6bff32897)
++---
++ src/network/networkd-link.c | 4 ++--
++ 1 file changed, 2 insertions(+), 2 deletions(-)
++
++diff --git a/src/network/networkd-link.c b/src/network/networkd-link.c
++index 77df151..f296e5c 100644
++--- a/src/network/networkd-link.c
+++++ b/src/network/networkd-link.c
++@@ -3116,8 +3116,8 @@ int link_add(Manager *m, sd_netlink_message *message, Link **ret) {
++ sprintf(ifindex_str, "n%d", link->ifindex);
++ r = sd_device_new_from_device_id(&device, ifindex_str);
++ if (r < 0) {
++- log_link_warning_errno(link, r, "Could not find device: %m");
++- goto failed;
+++ log_link_warning_errno(link, r, "Could not find device, waiting for device initialization: %m");
+++ return 0;
++ }
++
++ r = sd_device_get_is_initialized(device);
--- /dev/null
--- /dev/null
++From: Yu Watanabe <watanabe.yu+github@gmail.com>
++Date: Thu, 26 Sep 2019 00:21:00 +0900
++Subject: network: drop noisy log message
++
++Closes #13595.
++
++(cherry picked from commit 55a1729fd095f2e0733247e7b4911cf41bf6b2ed)
++(cherry picked from commit 9d0ae987a6345ad62ab8f4b89c8ab76637396b46)
++---
++ src/network/networkd-link.c | 2 --
++ 1 file changed, 2 deletions(-)
++
++diff --git a/src/network/networkd-link.c b/src/network/networkd-link.c
++index f296e5c..10f0ce0 100644
++--- a/src/network/networkd-link.c
+++++ b/src/network/networkd-link.c
++@@ -856,8 +856,6 @@ static void link_enter_configured(Link *link) {
++ if (link->state != LINK_STATE_CONFIGURING)
++ return;
++
++- log_link_info(link, "Configured");
++-
++ link_set_state(link, LINK_STATE_CONFIGURED);
++
++ (void) link_join_netdevs_after_configured(link);
--- /dev/null
--- /dev/null
++From: =?utf-8?q?Zbigniew_J=C4=99drzejewski-Szmek?= <zbyszek@in.waw.pl>
++Date: Tue, 17 Sep 2019 19:27:58 +0200
++Subject: networkd: unbreak routing_policy_rule_compare_func()
++
++!r is the same r == 0, so this was short-circuiting the comparison when
++streq(a->iff, b->iff) or streq(a->off, b->off). Before the parent commit which
++moved those comparisons to the end, this was short-circuiting quite a bit
++of the comparison function.
++
++(cherry picked from commit 314ed4f9948bb73300862935546a63294bba1d5c)
++(cherry picked from commit 19ac31c989d9facbd90c497f3708ee4d88686de8)
++---
++ src/network/networkd-routing-policy-rule.c | 4 ++--
++ 1 file changed, 2 insertions(+), 2 deletions(-)
++
++diff --git a/src/network/networkd-routing-policy-rule.c b/src/network/networkd-routing-policy-rule.c
++index f032169..40ac3f0 100644
++--- a/src/network/networkd-routing-policy-rule.c
+++++ b/src/network/networkd-routing-policy-rule.c
++@@ -180,11 +180,11 @@ static int routing_policy_rule_compare_func(const RoutingPolicyRule *a, const Ro
++ return r;
++
++ r = strcmp_ptr(a->iif, b->iif);
++- if (!r)
+++ if (r != 0)
++ return r;
++
++ r = strcmp_ptr(a->oif, b->oif);
++- if (!r)
+++ if (r != 0)
++ return r;
++
++ r = CMP(a->protocol, b->protocol);
--- /dev/null
--- /dev/null
++From: =?utf-8?q?Zbigniew_J=C4=99drzejewski-Szmek?= <zbyszek@in.waw.pl>
++Date: Fri, 27 Sep 2019 13:58:06 +0200
++Subject: nspawn: consistently fail if parsing the environment fails
++
++We would parse the environment twice (to re-apply settings after reading
++config from disk), but we would not check the return code first time.
++This means that for some settings we would ignore invalid values, while
++for others, we'd fail at some point.
++
++Let's just consistently fail. Those environment variables define important
++aspects of behaviour, and it is better for the user if we ignore invalid
++values. (Unknown settings are still ignored, so forward compatibility is
++maintained.)
++
++(cherry picked from commit 490486842b6521104b594c511ca912504f61a8f3)
++(cherry picked from commit 9d8e889810b50b5be6eeecec637e4a8bdda30977)
++---
++ src/nspawn/nspawn.c | 69 ++++++++++++++++++++++++++++++-----------------------
++ 1 file changed, 39 insertions(+), 30 deletions(-)
++
++diff --git a/src/nspawn/nspawn.c b/src/nspawn/nspawn.c
++index ff6983e..f16a195 100644
++--- a/src/nspawn/nspawn.c
+++++ b/src/nspawn/nspawn.c
++@@ -467,58 +467,66 @@ static int detect_unified_cgroup_hierarchy_from_image(const char *directory) {
++ return 0;
++ }
++
++-static void parse_share_ns_env(const char *name, unsigned long ns_flag) {
+++static int parse_share_ns_env(const char *name, unsigned long ns_flag) {
++ int r;
++
++ r = getenv_bool(name);
++ if (r == -ENXIO)
++- return;
+++ return 0;
++ if (r < 0)
++- log_warning_errno(r, "Failed to parse %s from environment, defaulting to false.", name);
+++ return log_error_errno(r, "Failed to parse $%s: %m", name);
++
++ arg_clone_ns_flags = (arg_clone_ns_flags & ~ns_flag) | (r > 0 ? 0 : ns_flag);
++ arg_settings_mask |= SETTING_CLONE_NS_FLAGS;
+++ return 0;
++ }
++
++-static void parse_mount_settings_env(void) {
+++static int parse_mount_settings_env(void) {
++ const char *e;
++ int r;
++
++ r = getenv_bool("SYSTEMD_NSPAWN_TMPFS_TMP");
+++ if (r < 0 && r != -ENXIO)
+++ return log_error_errno(r, "Failed to parse $SYSTEMD_NSPAWN_TMPFS_TMP: %m");
++ if (r >= 0)
++ SET_FLAG(arg_mount_settings, MOUNT_APPLY_TMPFS_TMP, r > 0);
++- else if (r != -ENXIO)
++- log_warning_errno(r, "Failed to parse $SYSTEMD_NSPAWN_TMPFS_TMP, ignoring: %m");
++
++ e = getenv("SYSTEMD_NSPAWN_API_VFS_WRITABLE");
++- if (!e)
++- return;
++-
++- if (streq(e, "network")) {
+++ if (streq_ptr(e, "network"))
++ arg_mount_settings |= MOUNT_APPLY_APIVFS_RO|MOUNT_APPLY_APIVFS_NETNS;
++- return;
++- }
++
++- r = parse_boolean(e);
++- if (r < 0) {
++- log_warning_errno(r, "Failed to parse SYSTEMD_NSPAWN_API_VFS_WRITABLE from environment, ignoring.");
++- return;
+++ else if (e) {
+++ r = parse_boolean(e);
+++ if (r < 0)
+++ return log_error_errno(r, "Failed to parse $SYSTEMD_NSPAWN_API_VFS_WRITABLE: %m");
+++
+++ SET_FLAG(arg_mount_settings, MOUNT_APPLY_APIVFS_RO, r == 0);
+++ SET_FLAG(arg_mount_settings, MOUNT_APPLY_APIVFS_NETNS, false);
++ }
++
++- SET_FLAG(arg_mount_settings, MOUNT_APPLY_APIVFS_RO, r == 0);
++- SET_FLAG(arg_mount_settings, MOUNT_APPLY_APIVFS_NETNS, false);
+++ return 0;
++ }
++
++-static void parse_environment(void) {
+++static int parse_environment(void) {
++ const char *e;
++ int r;
++
++- parse_share_ns_env("SYSTEMD_NSPAWN_SHARE_NS_IPC", CLONE_NEWIPC);
++- parse_share_ns_env("SYSTEMD_NSPAWN_SHARE_NS_PID", CLONE_NEWPID);
++- parse_share_ns_env("SYSTEMD_NSPAWN_SHARE_NS_UTS", CLONE_NEWUTS);
++- parse_share_ns_env("SYSTEMD_NSPAWN_SHARE_SYSTEM", CLONE_NEWIPC|CLONE_NEWPID|CLONE_NEWUTS);
+++ r = parse_share_ns_env("SYSTEMD_NSPAWN_SHARE_NS_IPC", CLONE_NEWIPC);
+++ if (r < 0)
+++ return r;
+++ r = parse_share_ns_env("SYSTEMD_NSPAWN_SHARE_NS_PID", CLONE_NEWPID);
+++ if (r < 0)
+++ return r;
+++ r = parse_share_ns_env("SYSTEMD_NSPAWN_SHARE_NS_UTS", CLONE_NEWUTS);
+++ if (r < 0)
+++ return r;
+++ r = parse_share_ns_env("SYSTEMD_NSPAWN_SHARE_SYSTEM", CLONE_NEWIPC|CLONE_NEWPID|CLONE_NEWUTS);
+++ if (r < 0)
+++ return r;
++
++- parse_mount_settings_env();
+++ r = parse_mount_settings_env();
+++ if (r < 0)
+++ return r;
++
++ /* SYSTEMD_NSPAWN_USE_CGNS=0 can be used to disable CLONE_NEWCGROUP use,
++ * even if it is supported. If not supported, it has no effect. */
++@@ -528,7 +536,7 @@ static void parse_environment(void) {
++ r = getenv_bool("SYSTEMD_NSPAWN_USE_CGNS");
++ if (r < 0) {
++ if (r != -ENXIO)
++- log_warning_errno(r, "Failed to parse $SYSTEMD_NSPAWN_USE_CGNS, ignoring: %m");
+++ return log_error_errno(r, "Failed to parse $SYSTEMD_NSPAWN_USE_CGNS: %m");
++
++ arg_use_cgns = true;
++ } else {
++@@ -541,7 +549,7 @@ static void parse_environment(void) {
++ if (e)
++ arg_container_service_name = e;
++
++- detect_unified_cgroup_hierarchy_from_environment();
+++ return detect_unified_cgroup_hierarchy_from_environment();
++ }
++
++ static int parse_argv(int argc, char *argv[]) {
++@@ -1424,7 +1432,9 @@ static int parse_argv(int argc, char *argv[]) {
++ arg_caps_retain = (arg_caps_retain | plus | (arg_private_network ? UINT64_C(1) << CAP_NET_ADMIN : 0)) & ~minus;
++
++ /* Make sure to parse environment before we reset the settings mask below */
++- parse_environment();
+++ r = parse_environment();
+++ if (r < 0)
+++ return r;
++
++ /* Load all settings from .nspawn files */
++ if (mask_no_settings)
++@@ -4749,9 +4759,8 @@ static int run(int argc, char *argv[]) {
++ if (r < 0)
++ goto finish;
++
++- r = detect_unified_cgroup_hierarchy_from_environment();
++- if (r < 0)
++- goto finish;
+++ /* Reapply environment settings. */
+++ (void) detect_unified_cgroup_hierarchy_from_environment();
++
++ /* Ignore SIGPIPE here, because we use splice() on the ptyfwd stuff and that will generate SIGPIPE if
++ * the result is closed. Note that the container payload child will reset signal mask+handler anyway,
--- /dev/null
--- /dev/null
++From: =?utf-8?q?Zbigniew_J=C4=99drzejewski-Szmek?= <zbyszek@in.waw.pl>
++Date: Fri, 27 Sep 2019 14:51:53 +0200
++Subject: nspawn: default to unified hierarchy if --as-pid2 is used
++
++See comment added in the patch.
++
++Fixes https://bugzilla.redhat.com/show_bug.cgi?id=1756143.
++
++(cherry picked from commit 75b0d8b89d6e86319e75eaead3f4b0d187a66729)
++(cherry picked from commit 40e169b304231d02de387a8dd2c5f0f075973227)
++---
++ src/nspawn/nspawn.c | 23 +++++++++++++++++++++--
++ 1 file changed, 21 insertions(+), 2 deletions(-)
++
++diff --git a/src/nspawn/nspawn.c b/src/nspawn/nspawn.c
++index 2aec804..ff6983e 100644
++--- a/src/nspawn/nspawn.c
+++++ b/src/nspawn/nspawn.c
++@@ -433,8 +433,8 @@ static int detect_unified_cgroup_hierarchy_from_environment(void) {
++ static int detect_unified_cgroup_hierarchy_from_image(const char *directory) {
++ int r;
++
++- /* Let's inherit the mode to use from the host system, but let's take into consideration what systemd in the
++- * image actually supports. */
+++ /* Let's inherit the mode to use from the host system, but let's take into consideration what systemd
+++ * in the image actually supports. */
++ r = cg_all_unified();
++ if (r < 0)
++ return log_error_errno(r, "Failed to determine whether we are in all unified mode.");
++@@ -1440,6 +1440,25 @@ static int parse_argv(int argc, char *argv[]) {
++ static int verify_arguments(void) {
++ int r;
++
+++ if (arg_start_mode == START_PID2 && arg_unified_cgroup_hierarchy == CGROUP_UNIFIED_UNKNOWN) {
+++ /* If we are running the stub init in the container, we don't need to look at what the init
+++ * in the container supports, because we are not using it. Let's immediately pick the right
+++ * setting based on the host system configuration.
+++ *
+++ * We only do this, if the user didn't use an environment variable to override the detection.
+++ */
+++
+++ r = cg_all_unified();
+++ if (r < 0)
+++ return log_error_errno(r, "Failed to determine whether we are in all unified mode.");
+++ if (r > 0)
+++ arg_unified_cgroup_hierarchy = CGROUP_UNIFIED_ALL;
+++ else if (cg_unified_controller(SYSTEMD_CGROUP_CONTROLLER) > 0)
+++ arg_unified_cgroup_hierarchy = CGROUP_UNIFIED_SYSTEMD;
+++ else
+++ arg_unified_cgroup_hierarchy = CGROUP_UNIFIED_NONE;
+++ }
+++
++ if (arg_userns_mode != USER_NAMESPACE_NO)
++ arg_mount_settings |= MOUNT_USE_USERNS;
++
--- /dev/null
--- /dev/null
++From: Nicolas Douma <nicolas@serveur.io>
++Date: Tue, 17 Sep 2019 05:07:00 +0200
++Subject: nspawn: surrender controlling terminal to PID2 when using the PID1
++ stub
++
++(cherry picked from commit de1b29f375b13b0566814517bf81e3cdbdd9a610)
++(cherry picked from commit fbad077cec34c922a985d894d8181ceefc852ec8)
++---
++ src/nspawn/nspawn-stub-pid1.c | 6 ++++++
++ 1 file changed, 6 insertions(+)
++
++diff --git a/src/nspawn/nspawn-stub-pid1.c b/src/nspawn/nspawn-stub-pid1.c
++index ebf4f0f..0589685 100644
++--- a/src/nspawn/nspawn-stub-pid1.c
+++++ b/src/nspawn/nspawn-stub-pid1.c
++@@ -53,6 +53,12 @@ int stub_pid1(sd_id128_t uuid) {
++ assert_se(sigfillset(&fullmask) >= 0);
++ assert_se(sigprocmask(SIG_BLOCK, &fullmask, &oldmask) >= 0);
++
+++ /* Surrender the terminal this stub may control so that child processes can have a controlling terminal
+++ * without resorting to setsid hacks. */
+++ r = ioctl(STDIN_FILENO, TIOCNOTTY);
+++ if (r < 0 && errno != ENOTTY)
+++ return log_error_errno(errno, "Failed to surrender controlling terminal: %m");
+++
++ pid = fork();
++ if (pid < 0)
++ return log_error_errno(errno, "Failed to fork child pid: %m");
--- /dev/null
--- /dev/null
++From: Michal Sekletar <msekleta@redhat.com>
++Date: Mon, 9 Sep 2019 14:38:35 +0200
++Subject: path: stop watching path specs once we triggered the target unit
++
++We start watching them again once we get a notification that triggered
++unit entered inactive or failed state.
++
++Fixes: #10503
++(cherry picked from commit 8fca6944c2ee20c63d62154c8badddc77170b176)
++(cherry picked from commit b294305888da171f393bbb4c3dc0be332e8d50c1)
++---
++ src/core/path.c | 6 ++----
++ 1 file changed, 2 insertions(+), 4 deletions(-)
++
++diff --git a/src/core/path.c b/src/core/path.c
++index 562cd35..ac1289a 100644
++--- a/src/core/path.c
+++++ b/src/core/path.c
++@@ -480,11 +480,9 @@ static void path_enter_running(Path *p) {
++
++ p->inotify_triggered = false;
++
++- r = path_watch(p);
++- if (r < 0)
++- goto fail;
++-
++ path_set_state(p, PATH_RUNNING);
+++ path_unwatch(p);
+++
++ return;
++
++ fail:
--- /dev/null
--- /dev/null
++From: =?utf-8?q?Zbigniew_J=C4=99drzejewski-Szmek?= <zbyszek@in.waw.pl>
++Date: Wed, 18 Sep 2019 17:52:30 +0200
++Subject: pid1: do not warn if /run/systemd/relabel-extra.d/ doesn't exist
++
++After all, that is the expected state.
++
++(cherry picked from commit 90b059b608d6c53c8efb23b8791190dffadd1a17)
++(cherry picked from commit ea7151b8c4355f12d4be56f7b41e0a6ec5db7001)
++---
++ src/core/mount-setup.c | 5 +++--
++ 1 file changed, 3 insertions(+), 2 deletions(-)
++
++diff --git a/src/core/mount-setup.c b/src/core/mount-setup.c
++index fc6c5f6..3ac01ff 100644
++--- a/src/core/mount-setup.c
+++++ b/src/core/mount-setup.c
++@@ -495,8 +495,9 @@ static int relabel_extra(void) {
++ log_warning_errno(errno, "Failed to remove /run/systemd/relabel-extra.d/%s, ignoring: %m", de->d_name);
++ }
++
++- /* Remove when we completing things. */
++- if (rmdir("/run/systemd/relabel-extra.d") < 0)
+++ /* Remove when we complete things. */
+++ if (rmdir("/run/systemd/relabel-extra.d") < 0 &&
+++ errno != ENOENT)
++ log_warning_errno(errno, "Failed to remove /run/systemd/relabel-extra.d/ directory: %m");
++
++ return c;
--- /dev/null
--- /dev/null
++From: Franck Bui <fbui@suse.com>
++Date: Wed, 2 Oct 2019 11:58:16 +0200
++Subject: pid1: fix DefaultTasksMax initialization
++
++Otherwise DefaultTasksMax is always set to "inifinity".
++
++This was broken by fb39af4ce42.
++
++(cherry picked from commit c0000de87d2c7934cb1f4ba66a533a85277600ff)
++(cherry picked from commit 0553c3c6688999d960aa31f9f5e94e3daa5d522d)
++---
++ src/core/main.c | 4 +---
++ 1 file changed, 1 insertion(+), 3 deletions(-)
++
++diff --git a/src/core/main.c b/src/core/main.c
++index 4633184..6ee9135 100644
++--- a/src/core/main.c
+++++ b/src/core/main.c
++@@ -2133,7 +2133,7 @@ static void reset_arguments(void) {
++ arg_default_blockio_accounting = false;
++ arg_default_memory_accounting = MEMORY_ACCOUNTING_DEFAULT;
++ arg_default_tasks_accounting = true;
++- arg_default_tasks_max = UINT64_MAX;
+++ arg_default_tasks_max = system_tasks_max_scale(DEFAULT_TASKS_MAX_PERCENTAGE, 100U);
++ arg_machine_id = (sd_id128_t) {};
++ arg_cad_burst_action = EMERGENCY_ACTION_REBOOT_FORCE;
++ arg_default_oom_policy = OOM_STOP;
++@@ -2149,8 +2149,6 @@ static int parse_configuration(const struct rlimit *saved_rlimit_nofile,
++ assert(saved_rlimit_nofile);
++ assert(saved_rlimit_memlock);
++
++- arg_default_tasks_max = system_tasks_max_scale(DEFAULT_TASKS_MAX_PERCENTAGE, 100U);
++-
++ /* Assign configuration defaults */
++ reset_arguments();
++
--- /dev/null
--- /dev/null
++From: Rafael Fontenelle <rffontenelle@users.noreply.github.com>
++Date: Sun, 8 Sep 2019 19:08:14 -0300
++Subject: po: update Brazilian Portuguese translation
++
++(cherry picked from commit bf55a2df4da0234932c0949801579a9a9dca72bc)
++(cherry picked from commit d133bdd1fa3de98b261314d0bf5fe117d54a6648)
++---
++ po/pt_BR.po | 140 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++----
++ 1 file changed, 131 insertions(+), 9 deletions(-)
++
++diff --git a/po/pt_BR.po b/po/pt_BR.po
++index 4f37f99..09779f7 100644
++--- a/po/pt_BR.po
+++++ b/po/pt_BR.po
++@@ -9,8 +9,8 @@ msgid ""
++ msgstr ""
++ "Project-Id-Version: systemd\n"
++ "Report-Msgid-Bugs-To: https://github.com/systemd/systemd/issues\n"
++-"POT-Creation-Date: 2019-05-04 03:28+0000\n"
++-"PO-Revision-Date: 2019-05-04 11:12-0300\n"
+++"POT-Creation-Date: 2019-09-08 15:28+0000\n"
+++"PO-Revision-Date: 2019-09-08 19:00-0300\n"
++ "Last-Translator: Rafael Fontenelle <rafaelff@gnome.org>\n"
++ "Language-Team: Brazilian Portuguese <gnome-pt_br-list@gnome.org>\n"
++ "Language: pt_BR\n"
++@@ -608,6 +608,110 @@ msgstr ""
++ "É necessária autenticação para gerenciar máquinas virtuais locais e imagens "
++ "contêineres."
++
+++#: src/network/org.freedesktop.network1.policy:22
+++msgid "Set NTP servers"
+++msgstr "Definir servidores NTP"
+++
+++#: src/network/org.freedesktop.network1.policy:23
+++msgid "Authentication is required to set NTP servers."
+++msgstr "É necessária autenticação para definir os servidores NTP."
+++
+++#: src/network/org.freedesktop.network1.policy:33
+++#: src/resolve/org.freedesktop.resolve1.policy:44
+++msgid "Set DNS servers"
+++msgstr "Definir servidores DNS"
+++
+++#: src/network/org.freedesktop.network1.policy:34
+++#: src/resolve/org.freedesktop.resolve1.policy:45
+++msgid "Authentication is required to set DNS servers."
+++msgstr "É necessária autenticação para definir os servidores DNS."
+++
+++#: src/network/org.freedesktop.network1.policy:44
+++#: src/resolve/org.freedesktop.resolve1.policy:55
+++msgid "Set domains"
+++msgstr "Definir domínios"
+++
+++#: src/network/org.freedesktop.network1.policy:45
+++#: src/resolve/org.freedesktop.resolve1.policy:56
+++msgid "Authentication is required to set domains."
+++msgstr "É necessária autenticação para definir domínios."
+++
+++#: src/network/org.freedesktop.network1.policy:55
+++#: src/resolve/org.freedesktop.resolve1.policy:66
+++msgid "Set default route"
+++msgstr "Definir rota padrão"
+++
+++#: src/network/org.freedesktop.network1.policy:56
+++#: src/resolve/org.freedesktop.resolve1.policy:67
+++msgid "Authentication is required to set default route."
+++msgstr "É necessária autenticação para definir a rota padrão."
+++
+++#: src/network/org.freedesktop.network1.policy:66
+++#: src/resolve/org.freedesktop.resolve1.policy:77
+++msgid "Enable/disable LLMNR"
+++msgstr "Habilitar/desabilitar LLMNR"
+++
+++#: src/network/org.freedesktop.network1.policy:67
+++#: src/resolve/org.freedesktop.resolve1.policy:78
+++msgid "Authentication is required to enable or disable LLMNR."
+++msgstr "É necessária autenticação para definir habilitar ou desabilitar LLMNR."
+++
+++#: src/network/org.freedesktop.network1.policy:77
+++#: src/resolve/org.freedesktop.resolve1.policy:88
+++msgid "Enable/disable multicast DNS"
+++msgstr "Habilitar/desabilitar DNS multicast"
+++
+++#: src/network/org.freedesktop.network1.policy:78
+++#: src/resolve/org.freedesktop.resolve1.policy:89
+++msgid "Authentication is required to enable or disable multicast DNS."
+++msgstr "É necessária autenticação para habilitar ou desabilitar DNS multicast."
+++
+++#: src/network/org.freedesktop.network1.policy:88
+++#: src/resolve/org.freedesktop.resolve1.policy:99
+++msgid "Enable/disable DNS over TLS"
+++msgstr "Habilitar/desabilitar DNS por TLS"
+++
+++#: src/network/org.freedesktop.network1.policy:89
+++#: src/resolve/org.freedesktop.resolve1.policy:100
+++msgid "Authentication is required to enable or disable DNS over TLS."
+++msgstr "É necessária autenticação para habilitar ou desabilitar DNS por TLS."
+++
+++#: src/network/org.freedesktop.network1.policy:99
+++#: src/resolve/org.freedesktop.resolve1.policy:110
+++msgid "Enable/disable DNSSEC"
+++msgstr "Habilitar/desabilitar DNSSEC"
+++
+++#: src/network/org.freedesktop.network1.policy:100
+++#: src/resolve/org.freedesktop.resolve1.policy:111
+++msgid "Authentication is required to enable or disable DNSSEC."
+++msgstr "É necessária autenticação para habilitar ou desabilitar DNSSEC."
+++
+++#: src/network/org.freedesktop.network1.policy:110
+++#: src/resolve/org.freedesktop.resolve1.policy:121
+++msgid "Set DNSSEC Negative Trust Anchors"
+++msgstr "Definir DNSSEC Negative Trust Anchors"
+++
+++#: src/network/org.freedesktop.network1.policy:111
+++#: src/resolve/org.freedesktop.resolve1.policy:122
+++msgid "Authentication is required to set DNSSEC Negative Trust Anchros."
+++msgstr "É necessária autenticação para definir DNSSEC Negative Trust Anchros."
+++
+++#: src/network/org.freedesktop.network1.policy:121
+++msgid "Revert NTP settings"
+++msgstr "Reverter configurações de NTP"
+++
+++#: src/network/org.freedesktop.network1.policy:122
+++msgid "Authentication is required to revert NTP settings."
+++msgstr "É necessária autenticação para reverter as configurações de NTP."
+++
+++#: src/network/org.freedesktop.network1.policy:132
+++msgid "Revert DNS settings"
+++msgstr "Reverter configurações de DNS"
+++
+++#: src/network/org.freedesktop.network1.policy:133
+++msgid "Authentication is required to revert DNS settings."
+++msgstr "É necessária autenticação para reverter as configurações de DNS."
+++
++ #: src/portable/org.freedesktop.portable1.policy:13
++ msgid "Inspect a portable service image"
++ msgstr "Inspecionar uma imagem de serviço portável"
++@@ -655,6 +759,16 @@ msgstr "Remover um serviço DNS-SD"
++ msgid "Authentication is required to unregister a DNS-SD service"
++ msgstr "É necessária autenticação para remover um serviço DNS-SD"
++
+++#: src/resolve/org.freedesktop.resolve1.policy:132
+++msgid "Revert name resolution settings"
+++msgstr "Reverter configurações de resolução de nome"
+++
+++#: src/resolve/org.freedesktop.resolve1.policy:133
+++msgid "Authentication is required to revert name resolution settings."
+++msgstr ""
+++"É necessária autenticação para reverter as configurações de resolução de "
+++"nome."
+++
++ #: src/timedate/org.freedesktop.timedate1.policy:22
++ msgid "Set system time"
++ msgstr "Definir horário do sistema"
++@@ -695,23 +809,23 @@ msgstr ""
++ "É necessária autenticação para controlar se deve ser habilitada, ou não, a "
++ "sincronização de horário através de rede."
++
++-#: src/core/dbus-unit.c:317
+++#: src/core/dbus-unit.c:354
++ msgid "Authentication is required to start '$(unit)'."
++ msgstr "É necessária autenticação para iniciar “$(unit)”."
++
++-#: src/core/dbus-unit.c:318
+++#: src/core/dbus-unit.c:355
++ msgid "Authentication is required to stop '$(unit)'."
++ msgstr "É necessária autenticação para parar “$(unit)”."
++
++-#: src/core/dbus-unit.c:319
+++#: src/core/dbus-unit.c:356
++ msgid "Authentication is required to reload '$(unit)'."
++ msgstr "É necessária autenticação para recarregar “$(unit)”."
++
++-#: src/core/dbus-unit.c:320 src/core/dbus-unit.c:321
+++#: src/core/dbus-unit.c:357 src/core/dbus-unit.c:358
++ msgid "Authentication is required to restart '$(unit)'."
++ msgstr "É necessária autenticação para reiniciar “$(unit)”."
++
++-#: src/core/dbus-unit.c:493
+++#: src/core/dbus-unit.c:530
++ msgid ""
++ "Authentication is required to send a UNIX signal to the processes of "
++ "'$(unit)'."
++@@ -719,14 +833,22 @@ msgstr ""
++ "É necessária autenticação para enviar um sinal UNIX para os processos de "
++ "“$(unit)”."
++
++-#: src/core/dbus-unit.c:524
+++#: src/core/dbus-unit.c:561
++ msgid "Authentication is required to reset the \"failed\" state of '$(unit)'."
++ msgstr ""
++ "É necessária autenticação para reiniciar o estado “failed” de “$(unit)”."
++
++-#: src/core/dbus-unit.c:557
+++#: src/core/dbus-unit.c:594
++ msgid "Authentication is required to set properties on '$(unit)'."
++ msgstr "É necessária autenticação para definir propriedades em “$(unit)”."
++
+++#: src/core/dbus-unit.c:703
+++msgid ""
+++"Authentication is required to delete files and directories associated with "
+++"'$(unit)'."
+++msgstr ""
+++"É necessária autenticação para excluir arquivos e diretórios associados com "
+++"“$(unit)”."
+++
++ #~ msgid "Authentication is required to kill '$(unit)'."
++ #~ msgstr "É necessária autenticação para matar “$(unit)”."
--- /dev/null
--- /dev/null
++From: Yu Watanabe <watanabe.yu+github@gmail.com>
++Date: Wed, 4 Sep 2019 09:16:40 +0900
++Subject: po: update Japanese translation
++
++(cherry picked from commit 379158684abd981cc760342aad61b1c813b71eb2)
++---
++ po/ja.po | 26 +++++++++++++++++++++++++-
++ 1 file changed, 25 insertions(+), 1 deletion(-)
++
++diff --git a/po/ja.po b/po/ja.po
++index e74cf65..db493bb 100644
++--- a/po/ja.po
+++++ b/po/ja.po
++@@ -6,7 +6,7 @@ msgid ""
++ msgstr ""
++ "Project-Id-Version: systemd\n"
++ "Report-Msgid-Bugs-To: \n"
++-"POT-Creation-Date: 2019-07-28 22:13+0900\n"
+++"POT-Creation-Date: 2019-09-04 09:15+0900\n"
++ "PO-Revision-Date: 2018-10-27 07:41+0900\n"
++ "Last-Translator: Yu Watanabe <watanabe.yu+github@gmail.com>\n"
++ "Language-Team: \n"
++@@ -558,66 +558,82 @@ msgid "Authentication is required to set NTP servers."
++ msgstr "NTPサーバを設定するには認証が必要です。"
++
++ #: src/network/org.freedesktop.network1.policy:33
+++#: src/resolve/org.freedesktop.resolve1.policy:44
++ msgid "Set DNS servers"
++ msgstr "DNSサーバの設定"
++
++ #: src/network/org.freedesktop.network1.policy:34
+++#: src/resolve/org.freedesktop.resolve1.policy:45
++ msgid "Authentication is required to set DNS servers."
++ msgstr "DNSサーバを設定するには認証が必要です。"
++
++ #: src/network/org.freedesktop.network1.policy:44
+++#: src/resolve/org.freedesktop.resolve1.policy:55
++ msgid "Set domains"
++ msgstr "ドメインの設定"
++
++ #: src/network/org.freedesktop.network1.policy:45
+++#: src/resolve/org.freedesktop.resolve1.policy:56
++ msgid "Authentication is required to set domains."
++ msgstr "ドメインを設定するには認証が必要です。"
++
++ #: src/network/org.freedesktop.network1.policy:55
+++#: src/resolve/org.freedesktop.resolve1.policy:66
++ msgid "Set default route"
++ msgstr "デフォルトルートの設定"
++
++ #: src/network/org.freedesktop.network1.policy:56
+++#: src/resolve/org.freedesktop.resolve1.policy:67
++ msgid "Authentication is required to set default route."
++ msgstr "デフォルトルートを設定するには認証が必要です。"
++
++ #: src/network/org.freedesktop.network1.policy:66
+++#: src/resolve/org.freedesktop.resolve1.policy:77
++ msgid "Enable/disable LLMNR"
++ msgstr "LLMNRの有効化/無効化"
++
++ #: src/network/org.freedesktop.network1.policy:67
+++#: src/resolve/org.freedesktop.resolve1.policy:78
++ msgid "Authentication is required to enable or disable LLMNR."
++ msgstr "LLMNRを有効化もしくは無効化するには認証が必要です。"
++
++ #: src/network/org.freedesktop.network1.policy:77
+++#: src/resolve/org.freedesktop.resolve1.policy:88
++ msgid "Enable/disable multicast DNS"
++ msgstr "マルチキャストDNSの有効化/無効化"
++
++ #: src/network/org.freedesktop.network1.policy:78
+++#: src/resolve/org.freedesktop.resolve1.policy:89
++ msgid "Authentication is required to enable or disable multicast DNS."
++ msgstr "マルチキャストDNSを有効化もしくは無効化するには認証が必要です。"
++
++ #: src/network/org.freedesktop.network1.policy:88
+++#: src/resolve/org.freedesktop.resolve1.policy:99
++ msgid "Enable/disable DNS over TLS"
++ msgstr "DNS over TLSの有効化/無効化"
++
++ #: src/network/org.freedesktop.network1.policy:89
+++#: src/resolve/org.freedesktop.resolve1.policy:100
++ msgid "Authentication is required to enable or disable DNS over TLS."
++ msgstr "DNS over TLSを有効化もしくは無効化するには認証が必要です。"
++
++ #: src/network/org.freedesktop.network1.policy:99
+++#: src/resolve/org.freedesktop.resolve1.policy:110
++ msgid "Enable/disable DNSSEC"
++ msgstr "DNSSECの有効化/無効化"
++
++ #: src/network/org.freedesktop.network1.policy:100
+++#: src/resolve/org.freedesktop.resolve1.policy:111
++ msgid "Authentication is required to enable or disable DNSSEC."
++ msgstr "DNSSECを有効化もしくは無効化するには認証が必要です。"
++
++ #: src/network/org.freedesktop.network1.policy:110
+++#: src/resolve/org.freedesktop.resolve1.policy:121
++ msgid "Set DNSSEC Negative Trust Anchors"
++ msgstr "DNSSEC Negative Trust Anchorsの設定"
++
++ #: src/network/org.freedesktop.network1.policy:111
+++#: src/resolve/org.freedesktop.resolve1.policy:122
++ msgid "Authentication is required to set DNSSEC Negative Trust Anchros."
++ msgstr "DNSSEC Negative Trust Anchrosを設定するには認証が必要です。"
++
++@@ -679,6 +695,14 @@ msgstr "DNS-SDサービスへの登録を解除"
++ msgid "Authentication is required to unregister a DNS-SD service"
++ msgstr "DNS-SDサービスへの登録を解除するには認証が必要です。"
++
+++#: src/resolve/org.freedesktop.resolve1.policy:132
+++msgid "Revert name resolution settings"
+++msgstr "名前解決の設定の破棄"
+++
+++#: src/resolve/org.freedesktop.resolve1.policy:133
+++msgid "Authentication is required to revert name resolution settings."
+++msgstr "名前解決の設定を破棄するには認証が必要です。"
+++
++ #: src/timedate/org.freedesktop.timedate1.policy:22
++ msgid "Set system time"
++ msgstr "システムの時刻設定"
--- /dev/null
--- /dev/null
++From: =?utf-8?q?Piotr_Dr=C4=85g?= <piotrdrag@gmail.com>
++Date: Sat, 14 Sep 2019 12:44:57 +0200
++Subject: po: update Polish translation
++
++(cherry picked from commit 9870c55ef5df8f079cd972b409ec59414869a256)
++(cherry picked from commit 530e09b59450181269558fc0cdc7344888638485)
++---
++ po/pl.po | 8 ++++----
++ 1 file changed, 4 insertions(+), 4 deletions(-)
++
++diff --git a/po/pl.po b/po/pl.po
++index 1d0622f..514625a 100644
++--- a/po/pl.po
+++++ b/po/pl.po
++@@ -6,8 +6,8 @@ msgid ""
++ msgstr ""
++ "Project-Id-Version: systemd\n"
++ "Report-Msgid-Bugs-To: https://github.com/systemd/systemd/issues\n"
++-"POT-Creation-Date: 2019-09-03 15:30+0000\n"
++-"PO-Revision-Date: 2019-09-03 19:04+0200\n"
+++"POT-Creation-Date: 2019-09-13 15:30+0000\n"
+++"PO-Revision-Date: 2019-09-14 12:44+0200\n"
++ "Last-Translator: Piotr Drąg <piotrdrag@gmail.com>\n"
++ "Language-Team: Polish <trans-pl@lists.fedoraproject.org>\n"
++ "Language: pl\n"
++@@ -698,7 +698,7 @@ msgid "Revert NTP settings"
++ msgstr "Przywrócenie ustawień NTP"
++
++ #: src/network/org.freedesktop.network1.policy:122
++-msgid "Authentication is required to revert NTP settings."
+++msgid "Authentication is required to reset NTP settings."
++ msgstr "Wymagane jest uwierzytelnienie, aby przywrócić ustawienia NTP."
++
++ #: src/network/org.freedesktop.network1.policy:132
++@@ -706,7 +706,7 @@ msgid "Revert DNS settings"
++ msgstr "Przywrócenie ustawień DNS"
++
++ #: src/network/org.freedesktop.network1.policy:133
++-msgid "Authentication is required to revert DNS settings."
+++msgid "Authentication is required to reset DNS settings."
++ msgstr "Wymagane jest uwierzytelnienie, aby przywrócić ustawienia DNS."
++
++ #: src/portable/org.freedesktop.portable1.policy:13
--- /dev/null
--- /dev/null
++From: =?utf-8?q?Piotr_Dr=C4=85g?= <piotrdrag@gmail.com>
++Date: Tue, 3 Sep 2019 19:05:27 +0200
++Subject: po: update Polish translation
++
++(cherry picked from commit ca8ba8f8c066a47f5c9d033b291f0d6720c658cd)
++---
++ po/pl.po | 29 +++++++++++++++++++++++++++--
++ 1 file changed, 27 insertions(+), 2 deletions(-)
++
++diff --git a/po/pl.po b/po/pl.po
++index df5538c..7d095ba 100644
++--- a/po/pl.po
+++++ b/po/pl.po
++@@ -6,8 +6,8 @@ msgid ""
++ msgstr ""
++ "Project-Id-Version: systemd\n"
++ "Report-Msgid-Bugs-To: https://github.com/systemd/systemd/issues\n"
++-"POT-Creation-Date: 2019-07-29 15:34+0000\n"
++-"PO-Revision-Date: 2019-07-30 20:24+0200\n"
+++"POT-Creation-Date: 2019-09-03 15:30+0000\n"
+++"PO-Revision-Date: 2019-09-03 19:04+0200\n"
++ "Last-Translator: Piotr Drąg <piotrdrag@gmail.com>\n"
++ "Language-Team: Polish <trans-pl@lists.fedoraproject.org>\n"
++ "Language: pl\n"
++@@ -610,68 +610,84 @@ msgid "Authentication is required to set NTP servers."
++ msgstr "Wymagane jest uwierzytelnienie, aby ustawić serwery NTP."
++
++ #: src/network/org.freedesktop.network1.policy:33
+++#: src/resolve/org.freedesktop.resolve1.policy:44
++ msgid "Set DNS servers"
++ msgstr "Ustawienie serwerów DNS"
++
++ #: src/network/org.freedesktop.network1.policy:34
+++#: src/resolve/org.freedesktop.resolve1.policy:45
++ msgid "Authentication is required to set DNS servers."
++ msgstr "Wymagane jest uwierzytelnienie, aby ustawić serwery DNS."
++
++ #: src/network/org.freedesktop.network1.policy:44
+++#: src/resolve/org.freedesktop.resolve1.policy:55
++ msgid "Set domains"
++ msgstr "Ustawienie domen"
++
++ #: src/network/org.freedesktop.network1.policy:45
+++#: src/resolve/org.freedesktop.resolve1.policy:56
++ msgid "Authentication is required to set domains."
++ msgstr "Wymagane jest uwierzytelnienie, aby ustawić domeny."
++
++ #: src/network/org.freedesktop.network1.policy:55
+++#: src/resolve/org.freedesktop.resolve1.policy:66
++ msgid "Set default route"
++ msgstr "Ustawienie domyślnej trasy"
++
++ #: src/network/org.freedesktop.network1.policy:56
+++#: src/resolve/org.freedesktop.resolve1.policy:67
++ msgid "Authentication is required to set default route."
++ msgstr "Wymagane jest uwierzytelnienie, aby ustawić domyślną trasę."
++
++ #: src/network/org.freedesktop.network1.policy:66
+++#: src/resolve/org.freedesktop.resolve1.policy:77
++ msgid "Enable/disable LLMNR"
++ msgstr "Włączenie/wyłączenie LLMNR"
++
++ #: src/network/org.freedesktop.network1.policy:67
+++#: src/resolve/org.freedesktop.resolve1.policy:78
++ msgid "Authentication is required to enable or disable LLMNR."
++ msgstr "Wymagane jest uwierzytelnienie, aby włączyć lub wyłączyć LLMNR."
++
++ #: src/network/org.freedesktop.network1.policy:77
+++#: src/resolve/org.freedesktop.resolve1.policy:88
++ msgid "Enable/disable multicast DNS"
++ msgstr "Włączenie/wyłączenie multikastowego DNS"
++
++ #: src/network/org.freedesktop.network1.policy:78
+++#: src/resolve/org.freedesktop.resolve1.policy:89
++ msgid "Authentication is required to enable or disable multicast DNS."
++ msgstr ""
++ "Wymagane jest uwierzytelnienie, aby włączyć lub wyłączyć multikastowe DNS."
++
++ #: src/network/org.freedesktop.network1.policy:88
+++#: src/resolve/org.freedesktop.resolve1.policy:99
++ msgid "Enable/disable DNS over TLS"
++ msgstr "Włączenie/wyłączenie DNS przez TLS"
++
++ #: src/network/org.freedesktop.network1.policy:89
+++#: src/resolve/org.freedesktop.resolve1.policy:100
++ msgid "Authentication is required to enable or disable DNS over TLS."
++ msgstr ""
++ "Wymagane jest uwierzytelnienie, aby włączyć lub wyłączyć DNS przez TLS."
++
++ #: src/network/org.freedesktop.network1.policy:99
+++#: src/resolve/org.freedesktop.resolve1.policy:110
++ msgid "Enable/disable DNSSEC"
++ msgstr "Włączenie/wyłączenie DNSSEC"
++
++ #: src/network/org.freedesktop.network1.policy:100
+++#: src/resolve/org.freedesktop.resolve1.policy:111
++ msgid "Authentication is required to enable or disable DNSSEC."
++ msgstr "Wymagane jest uwierzytelnienie, aby włączyć lub wyłączyć DNSSEC."
++
++ #: src/network/org.freedesktop.network1.policy:110
+++#: src/resolve/org.freedesktop.resolve1.policy:121
++ msgid "Set DNSSEC Negative Trust Anchors"
++ msgstr "Ustawienie negatywnych kotwic zaufania DNSSEC"
++
++ #: src/network/org.freedesktop.network1.policy:111
+++#: src/resolve/org.freedesktop.resolve1.policy:122
++ msgid "Authentication is required to set DNSSEC Negative Trust Anchros."
++ msgstr ""
++ "Wymagane jest uwierzytelnienie, aby ustawić negatywne kotwice zaufania "
++@@ -739,6 +755,15 @@ msgstr "Wyrejestrowanie usługi DNS-SD"
++ msgid "Authentication is required to unregister a DNS-SD service"
++ msgstr "Wymagane jest uwierzytelnienie, aby wyrejestrować usługę DNS-SD"
++
+++#: src/resolve/org.freedesktop.resolve1.policy:132
+++msgid "Revert name resolution settings"
+++msgstr "Przywrócenie ustawień rozwiązywania nazw"
+++
+++#: src/resolve/org.freedesktop.resolve1.policy:133
+++msgid "Authentication is required to revert name resolution settings."
+++msgstr ""
+++"Wymagane jest uwierzytelnienie, aby przywrócić ustawienia rozwiązywania nazw."
+++
++ #: src/timedate/org.freedesktop.timedate1.policy:22
++ msgid "Set system time"
++ msgstr "Ustawienie czasu systemu"
--- /dev/null
--- /dev/null
++From: =?utf-8?q?Zbigniew_J=C4=99drzejewski-Szmek?= <zbyszek@in.waw.pl>
++Date: Sun, 8 Sep 2019 16:13:15 +0200
++Subject: polkit: change "revert settings" to "reset settings"
++
++"reset" is more understandable. The verb is "revert", but it might actually be
++better to have a description which uses different words instead of duplicating
++the name of the command.
++
++https://github.com/systemd/systemd/commit/379158684abd981cc760342aad61b1c813b71eb2#commitcomment-34992552
++(cherry picked from commit ea2552639b22004c89df26f2374e3d3f1d2acace)
++(cherry picked from commit 0c5c3e34c128588b11129bb4d53686574eb7d076)
++---
++ po/ja.po | 2 +-
++ po/pl.po | 2 +-
++ src/network/org.freedesktop.network1.policy | 4 ++--
++ src/resolve/org.freedesktop.resolve1.policy | 2 +-
++ 4 files changed, 5 insertions(+), 5 deletions(-)
++
++diff --git a/po/ja.po b/po/ja.po
++index db493bb..6b550b1 100644
++--- a/po/ja.po
+++++ b/po/ja.po
++@@ -700,7 +700,7 @@ msgid "Revert name resolution settings"
++ msgstr "名前解決の設定の破棄"
++
++ #: src/resolve/org.freedesktop.resolve1.policy:133
++-msgid "Authentication is required to revert name resolution settings."
+++msgid "Authentication is required to reset name resolution settings."
++ msgstr "名前解決の設定を破棄するには認証が必要です。"
++
++ #: src/timedate/org.freedesktop.timedate1.policy:22
++diff --git a/po/pl.po b/po/pl.po
++index 7d095ba..1d0622f 100644
++--- a/po/pl.po
+++++ b/po/pl.po
++@@ -760,7 +760,7 @@ msgid "Revert name resolution settings"
++ msgstr "Przywrócenie ustawień rozwiązywania nazw"
++
++ #: src/resolve/org.freedesktop.resolve1.policy:133
++-msgid "Authentication is required to revert name resolution settings."
+++msgid "Authentication is required to reset name resolution settings."
++ msgstr ""
++ "Wymagane jest uwierzytelnienie, aby przywrócić ustawienia rozwiązywania nazw."
++
++diff --git a/src/network/org.freedesktop.network1.policy b/src/network/org.freedesktop.network1.policy
++index 07091bf..9babae8 100644
++--- a/src/network/org.freedesktop.network1.policy
+++++ b/src/network/org.freedesktop.network1.policy
++@@ -119,7 +119,7 @@
++
++ <action id="org.freedesktop.network1.revert-ntp">
++ <description gettext-domain="systemd">Revert NTP settings</description>
++- <message gettext-domain="systemd">Authentication is required to revert NTP settings.</message>
+++ <message gettext-domain="systemd">Authentication is required to reset NTP settings.</message>
++ <defaults>
++ <allow_any>auth_admin</allow_any>
++ <allow_inactive>auth_admin</allow_inactive>
++@@ -130,7 +130,7 @@
++
++ <action id="org.freedesktop.network1.revert-dns">
++ <description gettext-domain="systemd">Revert DNS settings</description>
++- <message gettext-domain="systemd">Authentication is required to revert DNS settings.</message>
+++ <message gettext-domain="systemd">Authentication is required to reset DNS settings.</message>
++ <defaults>
++ <allow_any>auth_admin</allow_any>
++ <allow_inactive>auth_admin</allow_inactive>
++diff --git a/src/resolve/org.freedesktop.resolve1.policy b/src/resolve/org.freedesktop.resolve1.policy
++index 592c4eb..dc46987 100644
++--- a/src/resolve/org.freedesktop.resolve1.policy
+++++ b/src/resolve/org.freedesktop.resolve1.policy
++@@ -130,7 +130,7 @@
++
++ <action id="org.freedesktop.resolve1.revert">
++ <description gettext-domain="systemd">Revert name resolution settings</description>
++- <message gettext-domain="systemd">Authentication is required to revert name resolution settings.</message>
+++ <message gettext-domain="systemd">Authentication is required to reset name resolution settings.</message>
++ <defaults>
++ <allow_any>auth_admin</allow_any>
++ <allow_inactive>auth_admin</allow_inactive>
--- /dev/null
--- /dev/null
++From: AsciiWolf <mail@asciiwolf.com>
++Date: Thu, 19 Sep 2019 14:34:31 +0200
++Subject: polkit: fix typo
++
++(cherry picked from commit 984b96aa7a793f74747b0349f0ed68e992ae17b2)
++(cherry picked from commit dbefe592596fd31581958fb2a556989c8c2621cf)
++---
++ po/ja.po | 4 ++--
++ po/pl.po | 2 +-
++ po/pt_BR.po | 4 ++--
++ po/uk.po | 2 +-
++ src/network/org.freedesktop.network1.policy | 2 +-
++ src/resolve/org.freedesktop.resolve1.policy | 2 +-
++ 6 files changed, 8 insertions(+), 8 deletions(-)
++
++diff --git a/po/ja.po b/po/ja.po
++index 6b550b1..cd1afe8 100644
++--- a/po/ja.po
+++++ b/po/ja.po
++@@ -634,8 +634,8 @@ msgstr "DNSSEC Negative Trust Anchorsの設定"
++
++ #: src/network/org.freedesktop.network1.policy:111
++ #: src/resolve/org.freedesktop.resolve1.policy:122
++-msgid "Authentication is required to set DNSSEC Negative Trust Anchros."
++-msgstr "DNSSEC Negative Trust Anchrosを設定するには認証が必要です。"
+++msgid "Authentication is required to set DNSSEC Negative Trust Anchors."
+++msgstr "DNSSEC Negative Trust Anchorsを設定するには認証が必要です。"
++
++ #: src/network/org.freedesktop.network1.policy:121
++ msgid "Revert NTP settings"
++diff --git a/po/pl.po b/po/pl.po
++index 514625a..5c1588b 100644
++--- a/po/pl.po
+++++ b/po/pl.po
++@@ -688,7 +688,7 @@ msgstr "Ustawienie negatywnych kotwic zaufania DNSSEC"
++
++ #: src/network/org.freedesktop.network1.policy:111
++ #: src/resolve/org.freedesktop.resolve1.policy:122
++-msgid "Authentication is required to set DNSSEC Negative Trust Anchros."
+++msgid "Authentication is required to set DNSSEC Negative Trust Anchors."
++ msgstr ""
++ "Wymagane jest uwierzytelnienie, aby ustawić negatywne kotwice zaufania "
++ "DNSSEC."
++diff --git a/po/pt_BR.po b/po/pt_BR.po
++index 09779f7..70c1881 100644
++--- a/po/pt_BR.po
+++++ b/po/pt_BR.po
++@@ -693,8 +693,8 @@ msgstr "Definir DNSSEC Negative Trust Anchors"
++
++ #: src/network/org.freedesktop.network1.policy:111
++ #: src/resolve/org.freedesktop.resolve1.policy:122
++-msgid "Authentication is required to set DNSSEC Negative Trust Anchros."
++-msgstr "É necessária autenticação para definir DNSSEC Negative Trust Anchros."
+++msgid "Authentication is required to set DNSSEC Negative Trust Anchors."
+++msgstr "É necessária autenticação para definir DNSSEC Negative Trust Anchors."
++
++ #: src/network/org.freedesktop.network1.policy:121
++ msgid "Revert NTP settings"
++diff --git a/po/uk.po b/po/uk.po
++index 9289360..96c0c55 100644
++--- a/po/uk.po
+++++ b/po/uk.po
++@@ -668,7 +668,7 @@ msgid "Set DNSSEC Negative Trust Anchors"
++ msgstr "Встановлення прив'язок від'ємної довіри DNSSEC"
++
++ #: src/network/org.freedesktop.network1.policy:111
++-msgid "Authentication is required to set DNSSEC Negative Trust Anchros."
+++msgid "Authentication is required to set DNSSEC Negative Trust Anchors."
++ msgstr ""
++ "Потрібна автентифікація, щоб встановити прив'язки від'ємної довіри DNSSEC."
++
++diff --git a/src/network/org.freedesktop.network1.policy b/src/network/org.freedesktop.network1.policy
++index 9babae8..d6b8dd9 100644
++--- a/src/network/org.freedesktop.network1.policy
+++++ b/src/network/org.freedesktop.network1.policy
++@@ -108,7 +108,7 @@
++
++ <action id="org.freedesktop.network1.set-dnssec-negative-trust-anchors">
++ <description gettext-domain="systemd">Set DNSSEC Negative Trust Anchors</description>
++- <message gettext-domain="systemd">Authentication is required to set DNSSEC Negative Trust Anchros.</message>
+++ <message gettext-domain="systemd">Authentication is required to set DNSSEC Negative Trust Anchors.</message>
++ <defaults>
++ <allow_any>auth_admin</allow_any>
++ <allow_inactive>auth_admin</allow_inactive>
++diff --git a/src/resolve/org.freedesktop.resolve1.policy b/src/resolve/org.freedesktop.resolve1.policy
++index dc46987..fd27327 100644
++--- a/src/resolve/org.freedesktop.resolve1.policy
+++++ b/src/resolve/org.freedesktop.resolve1.policy
++@@ -119,7 +119,7 @@
++
++ <action id="org.freedesktop.resolve1.set-dnssec-negative-trust-anchors">
++ <description gettext-domain="systemd">Set DNSSEC Negative Trust Anchors</description>
++- <message gettext-domain="systemd">Authentication is required to set DNSSEC Negative Trust Anchros.</message>
+++ <message gettext-domain="systemd">Authentication is required to set DNSSEC Negative Trust Anchors.</message>
++ <defaults>
++ <allow_any>auth_admin</allow_any>
++ <allow_inactive>auth_admin</allow_inactive>
--- /dev/null
--- /dev/null
++From: nikolas <nikolas@gnu.org>
++Date: Wed, 4 Sep 2019 12:07:06 -0400
++Subject: pstore: fix typo in error message - directoy -> directory
++
++(cherry picked from commit 000e08ca70da3f05b6e71f4ef3a1c3373e1d1b0e)
++---
++ src/pstore/pstore.c | 2 +-
++ 1 file changed, 1 insertion(+), 1 deletion(-)
++
++diff --git a/src/pstore/pstore.c b/src/pstore/pstore.c
++index df3efb3..c760b3e 100644
++--- a/src/pstore/pstore.c
+++++ b/src/pstore/pstore.c
++@@ -157,7 +157,7 @@ static int move_file(PStoreEntry *pe, const char *subdir) {
++ /* Move file from pstore to external storage */
++ r = mkdir_parents(ofd_path, 0755);
++ if (r < 0)
++- return log_error_errno(r, "Failed to create directoy %s: %m", ofd_path);
+++ return log_error_errno(r, "Failed to create directory %s: %m", ofd_path);
++ r = copy_file_atomic(ifd_path, ofd_path, 0600, 0, 0, COPY_REPLACE);
++ if (r < 0)
++ return log_error_errno(r, "Failed to copy_file_atomic: %s to %s", ifd_path, ofd_path);
--- /dev/null
--- /dev/null
++From: Michael Olbrich <m.olbrich@pengutronix.de>
++Date: Fri, 6 Sep 2019 15:04:01 +0200
++Subject: pstore: fix use after free
++
++The memory is still needed in the sd_journal_sendv() after the 'if' block.
++
++(cherry picked from commit 1e19f5ac0d680a63eccae7ef1fc6ce225dca0bbf)
++(cherry picked from commit 1b3156edd291e0882d80a695d035dd30521345d1)
++---
++ src/pstore/pstore.c | 2 +-
++ 1 file changed, 1 insertion(+), 1 deletion(-)
++
++diff --git a/src/pstore/pstore.c b/src/pstore/pstore.c
++index c760b3e..8ffe523 100644
++--- a/src/pstore/pstore.c
+++++ b/src/pstore/pstore.c
++@@ -117,6 +117,7 @@ static int compare_pstore_entries(const void *_a, const void *_b) {
++
++ static int move_file(PStoreEntry *pe, const char *subdir) {
++ _cleanup_free_ char *ifd_path = NULL, *ofd_path = NULL;
+++ _cleanup_free_ void *field = NULL;
++ const char *suffix, *message;
++ struct iovec iovec[2];
++ int n_iovec = 0, r;
++@@ -138,7 +139,6 @@ static int move_file(PStoreEntry *pe, const char *subdir) {
++ iovec[n_iovec++] = IOVEC_MAKE_STRING(message);
++
++ if (pe->content_size > 0) {
++- _cleanup_free_ void *field = NULL;
++ size_t field_size;
++
++ field_size = strlen("FILE=") + pe->content_size;
--- /dev/null
--- /dev/null
++From: =?utf-8?q?Zbigniew_J=C4=99drzejewski-Szmek?= <zbyszek@in.waw.pl>
++Date: Thu, 12 Sep 2019 14:52:08 +0200
++Subject: resolved: fix abort when recv() returns 0
++
++https://bugzilla.redhat.com/show_bug.cgi?id=1703598
++(cherry picked from commit f731fd5be61858b724e0f13b3ff1131c1977654a)
++(cherry picked from commit 0556c247a24027f10b23445741e75ca913e29f06)
++---
++ src/resolve/resolved-dns-transaction.c | 7 +++++--
++ 1 file changed, 5 insertions(+), 2 deletions(-)
++
++diff --git a/src/resolve/resolved-dns-transaction.c b/src/resolve/resolved-dns-transaction.c
++index 262f63c..fb54d16 100644
++--- a/src/resolve/resolved-dns-transaction.c
+++++ b/src/resolve/resolved-dns-transaction.c
++@@ -1183,8 +1183,8 @@ static int on_dns_packet(sd_event_source *s, int fd, uint32_t revents, void *use
++ if (ERRNO_IS_DISCONNECT(-r)) {
++ usec_t usec;
++
++- /* UDP connection failure get reported via ICMP and then are possible delivered to us on the next
++- * recvmsg(). Treat this like a lost packet. */
+++ /* UDP connection failures get reported via ICMP and then are possibly delivered to us on the
+++ * next recvmsg(). Treat this like a lost packet. */
++
++ log_debug_errno(r, "Connection failure for DNS UDP packet: %m");
++ assert_se(sd_event_now(t->scope->manager->event, clock_boottime_or_monotonic(), &usec) >= 0);
++@@ -1198,6 +1198,9 @@ static int on_dns_packet(sd_event_source *s, int fd, uint32_t revents, void *use
++ t->answer_errno = -r;
++ return 0;
++ }
+++ if (r == 0)
+++ /* Spurious wakeup without any data */
+++ return 0;
++
++ r = dns_packet_validate_reply(p);
++ if (r < 0) {
--- /dev/null
--- /dev/null
++From: Yu Watanabe <watanabe.yu+github@gmail.com>
++Date: Sun, 15 Sep 2019 22:50:36 +0900
++Subject: sd-netlink: fix invalid assertion
++
++It is natural that n_attiributes is less than type. But in that case,
++the message does not contain any message about the type. So, we should
++not abort execution with assertion, but just return -ENODATA.
++
++(cherry picked from commit 48fb0d1301c78112360df943f2b6ebeb545b8510)
++(cherry picked from commit a321507476af07b9ce743608a15156f2bc43da1d)
++---
++ src/libsystemd/sd-netlink/netlink-message.c | 4 +++-
++ 1 file changed, 3 insertions(+), 1 deletion(-)
++
++diff --git a/src/libsystemd/sd-netlink/netlink-message.c b/src/libsystemd/sd-netlink/netlink-message.c
++index ddfb3ae..1696471 100644
++--- a/src/libsystemd/sd-netlink/netlink-message.c
+++++ b/src/libsystemd/sd-netlink/netlink-message.c
++@@ -577,7 +577,9 @@ static int netlink_message_read_internal(sd_netlink_message *m, unsigned short t
++
++ assert(m->n_containers < RTNL_CONTAINER_DEPTH);
++ assert(m->containers[m->n_containers].attributes);
++- assert(type < m->containers[m->n_containers].n_attributes);
+++
+++ if (type >= m->containers[m->n_containers].n_attributes)
+++ return -ENODATA;
++
++ attribute = &m->containers[m->n_containers].attributes[type];
++
--- /dev/null
--- /dev/null
++From: =?utf-8?q?Georg_M=C3=BCller?= <georgmueller@gmx.net>
++Date: Fri, 20 Sep 2019 10:23:45 +0200
++Subject: sd-radv: if lifetime < SD_RADV_DEFAULT_MAX_TIMEOUT_USEC,
++ adjust timeout (#13491)
++
++The RFC states that lifetime (AdvDefaultLifetime) must be at least
++MaxRtrAdvInterval (which more or less corresponds to SD_RADV_DEFAULT_MAX_TIMEOUT_USEC
++in systemd).
++
++To fulfill this limit, virtually lower MaxRtrAdvInterval and MinRtrAdvInterval
++accordingly.
++
++Also check that min is not lower than 3s and max is not lower than 4s.
++
++(cherry picked from commit ef90b6a4fb9509f61b9b917bbe4db7343afe1853)
++(cherry picked from commit d4cd0e9d3242f85141d835dd5a78d880b47a0817)
++---
++ src/libsystemd-network/sd-radv.c | 11 +++++++++++
++ 1 file changed, 11 insertions(+)
++
++diff --git a/src/libsystemd-network/sd-radv.c b/src/libsystemd-network/sd-radv.c
++index 185b55e..0844462 100644
++--- a/src/libsystemd-network/sd-radv.c
+++++ b/src/libsystemd-network/sd-radv.c
++@@ -269,6 +269,10 @@ static int radv_recv(sd_event_source *s, int fd, uint32_t revents, void *userdat
++ static usec_t radv_compute_timeout(usec_t min, usec_t max) {
++ assert_return(min <= max, SD_RADV_DEFAULT_MIN_TIMEOUT_USEC);
++
+++ /* RFC 4861: min must be no less than 3s, max must be no less than 4s */
+++ min = MAX(min, 3*USEC_PER_SEC);
+++ max = MAX(max, 4*USEC_PER_SEC);
+++
++ return min + (random_u32() % (max - min));
++ }
++
++@@ -298,6 +302,13 @@ static int radv_timeout(sd_event_source *s, uint64_t usec, void *userdata) {
++ min_timeout = SD_RADV_MAX_INITIAL_RTR_ADVERT_INTERVAL_USEC / 3;
++ }
++
+++ /* RFC 4861, Section 6.2.1, lifetime must be at least MaxRtrAdvInterval,
+++ so lower the interval here */
+++ if (ra->lifetime > 0 && (ra->lifetime * USEC_PER_SEC) < max_timeout) {
+++ max_timeout = ra->lifetime * USEC_PER_SEC;
+++ min_timeout = max_timeout / 3;
+++ }
+++
++ timeout = radv_compute_timeout(min_timeout, max_timeout);
++
++ log_radv("Next Router Advertisement in %s",
--- /dev/null
--- /dev/null
++From: Lennart Poettering <lennart@poettering.net>
++Date: Thu, 14 Nov 2019 17:51:30 +0100
++Subject: seccomp: more comprehensive protection against libseccomp's __NR_xyz
++ namespace invasion
++
++A follow-up for 59b657296a2fe104f112b91bbf9301724067cc81, adding the
++same conditioning for all cases of our __NR_xyz use.
++
++Fixes: #14031
++(cherry picked from commit 4df8fe8415eaf4abd5b93c3447452547c6ea9e5f)
++---
++ src/basic/missing_syscall.h | 10 +++++-----
++ src/test/test-seccomp.c | 19 ++++++++++---------
++ 2 files changed, 15 insertions(+), 14 deletions(-)
++
++diff --git a/src/basic/missing_syscall.h b/src/basic/missing_syscall.h
++index 6d9b125..1255d8b 100644
++--- a/src/basic/missing_syscall.h
+++++ b/src/basic/missing_syscall.h
++@@ -274,7 +274,7 @@ static inline int missing_renameat2(int oldfd, const char *oldname, int newfd, c
++
++ #if !HAVE_KCMP
++ static inline int missing_kcmp(pid_t pid1, pid_t pid2, int type, unsigned long idx1, unsigned long idx2) {
++-# ifdef __NR_kcmp
+++# if defined __NR_kcmp && __NR_kcmp > 0
++ return syscall(__NR_kcmp, pid1, pid2, type, idx1, idx2);
++ # else
++ errno = ENOSYS;
++@@ -289,7 +289,7 @@ static inline int missing_kcmp(pid_t pid1, pid_t pid2, int type, unsigned long i
++
++ #if !HAVE_KEYCTL
++ static inline long missing_keyctl(int cmd, unsigned long arg2, unsigned long arg3, unsigned long arg4, unsigned long arg5) {
++-# ifdef __NR_keyctl
+++# if defined __NR_keyctl && __NR_keyctl > 0
++ return syscall(__NR_keyctl, cmd, arg2, arg3, arg4, arg5);
++ # else
++ errno = ENOSYS;
++@@ -300,7 +300,7 @@ static inline long missing_keyctl(int cmd, unsigned long arg2, unsigned long arg
++ }
++
++ static inline key_serial_t missing_add_key(const char *type, const char *description, const void *payload, size_t plen, key_serial_t ringid) {
++-# ifdef __NR_add_key
+++# if defined __NR_add_key && __NR_add_key > 0
++ return syscall(__NR_add_key, type, description, payload, plen, ringid);
++ # else
++ errno = ENOSYS;
++@@ -311,7 +311,7 @@ static inline key_serial_t missing_add_key(const char *type, const char *descrip
++ }
++
++ static inline key_serial_t missing_request_key(const char *type, const char *description, const char * callout_info, key_serial_t destringid) {
++-# ifdef __NR_request_key
+++# if defined __NR_request_key && __NR_request_key > 0
++ return syscall(__NR_request_key, type, description, callout_info, destringid);
++ # else
++ errno = ENOSYS;
++@@ -496,7 +496,7 @@ enum {
++ static inline long missing_set_mempolicy(int mode, const unsigned long *nodemask,
++ unsigned long maxnode) {
++ long i;
++-# ifdef __NR_set_mempolicy
+++# if defined __NR_set_mempolicy && __NR_set_mempolicy > 0
++ i = syscall(__NR_set_mempolicy, mode, nodemask, maxnode);
++ # else
++ errno = ENOSYS;
++diff --git a/src/test/test-seccomp.c b/src/test/test-seccomp.c
++index a906070..6dd9867 100644
++--- a/src/test/test-seccomp.c
+++++ b/src/test/test-seccomp.c
++@@ -28,7 +28,8 @@
++ #include "tmpfile-util.h"
++ #include "virt.h"
++
++-#if SCMP_SYS(socket) < 0 || defined(__i386__) || defined(__s390x__) || defined(__s390__)
+++/* __NR_socket may be invalid due to libseccomp */
+++#if !defined(__NR_socket) || __NR_socket <= 0 || defined(__i386__) || defined(__s390x__) || defined(__s390__)
++ /* On these archs, socket() is implemented via the socketcall() syscall multiplexer,
++ * and we can't restrict it hence via seccomp. */
++ # define SECCOMP_RESTRICT_ADDRESS_FAMILIES_BROKEN 1
++@@ -304,14 +305,14 @@ static void test_protect_sysctl(void) {
++ assert_se(pid >= 0);
++
++ if (pid == 0) {
++-#if __NR__sysctl > 0
+++#if defined __NR__sysctl && __NR__sysctl > 0
++ assert_se(syscall(__NR__sysctl, NULL) < 0);
++ assert_se(errno == EFAULT);
++ #endif
++
++ assert_se(seccomp_protect_sysctl() >= 0);
++
++-#if __NR__sysctl > 0
+++#if defined __NR__sysctl && __NR__sysctl > 0
++ assert_se(syscall(__NR__sysctl, 0, 0, 0) < 0);
++ assert_se(errno == EPERM);
++ #endif
++@@ -640,7 +641,7 @@ static void test_load_syscall_filter_set_raw(void) {
++ assert_se(poll(NULL, 0, 0) == 0);
++
++ assert_se(s = hashmap_new(NULL));
++-#if SCMP_SYS(access) >= 0
+++#if defined __NR_access && __NR_access > 0
++ assert_se(hashmap_put(s, UINT32_TO_PTR(__NR_access + 1), INT_TO_PTR(-1)) >= 0);
++ #else
++ assert_se(hashmap_put(s, UINT32_TO_PTR(__NR_faccessat + 1), INT_TO_PTR(-1)) >= 0);
++@@ -656,7 +657,7 @@ static void test_load_syscall_filter_set_raw(void) {
++ s = hashmap_free(s);
++
++ assert_se(s = hashmap_new(NULL));
++-#if SCMP_SYS(access) >= 0
+++#if defined __NR_access && __NR_access > 0
++ assert_se(hashmap_put(s, UINT32_TO_PTR(__NR_access + 1), INT_TO_PTR(EILSEQ)) >= 0);
++ #else
++ assert_se(hashmap_put(s, UINT32_TO_PTR(__NR_faccessat + 1), INT_TO_PTR(EILSEQ)) >= 0);
++@@ -672,7 +673,7 @@ static void test_load_syscall_filter_set_raw(void) {
++ s = hashmap_free(s);
++
++ assert_se(s = hashmap_new(NULL));
++-#if SCMP_SYS(poll) >= 0
+++#if defined __NR_poll && __NR_poll > 0
++ assert_se(hashmap_put(s, UINT32_TO_PTR(__NR_poll + 1), INT_TO_PTR(-1)) >= 0);
++ #else
++ assert_se(hashmap_put(s, UINT32_TO_PTR(__NR_ppoll + 1), INT_TO_PTR(-1)) >= 0);
++@@ -689,7 +690,7 @@ static void test_load_syscall_filter_set_raw(void) {
++ s = hashmap_free(s);
++
++ assert_se(s = hashmap_new(NULL));
++-#if SCMP_SYS(poll) >= 0
+++#if defined __NR_poll && __NR_poll > 0
++ assert_se(hashmap_put(s, UINT32_TO_PTR(__NR_poll + 1), INT_TO_PTR(EILSEQ)) >= 0);
++ #else
++ assert_se(hashmap_put(s, UINT32_TO_PTR(__NR_ppoll + 1), INT_TO_PTR(EILSEQ)) >= 0);
++@@ -767,8 +768,8 @@ static int real_open(const char *path, int flags, mode_t mode) {
++ * testing purposes that calls the real syscall, on architectures where SYS_open is defined. On
++ * other architectures, let's just fall back to the glibc call. */
++
++-#ifdef SYS_open
++- return (int) syscall(SYS_open, path, flags, mode);
+++#if defined __NR_open && __NR_open > 0
+++ return (int) syscall(__NR_open, path, flags, mode);
++ #else
++ return open(path, flags, mode);
++ #endif
--- /dev/null
--- /dev/null
++po-update-Polish-translation.patch
++Fix-typo-in-comment-overide-override.patch
++pstore-fix-typo-in-error-message-directoy-directory.patch
++docs-fix-typo-in-boot-loader-doc.patch
++man-systemctl.xml-fix-missing-not.patch
++docs-fix-push-recipe-in-RELEASE.md.patch
++po-update-Japanese-translation.patch
++hwdb-Mark-lis3lv02d-sensors-in-HP-laptops-as-being-in-the.patch
++travis-protect-the-systemd-organization-on-Fuzzit-from-fo.patch
++journal-Make-the-output-of-update-catalog-deterministic.patch
++pstore-fix-use-after-free.patch
++fileio-update-warning-message.patch
++network-do-not-abort-execution-when-a-config-file-cannot-.patch
++udev-add-missing-flag-for-OPTIONS-static_node.patch
++udev-also-logs-file-permission.patch
++hwdb-Also-mark-lis3lv02d-sensors-in-HP-laptops-as-being-i.patch
++man-remove-repeated-words.patch
++resolved-fix-abort-when-recv-returns-0.patch
++zsh-update-bootctl-completions.patch
++man-move-TimeoutCleanSec-entry-from-.service-to-.exec.patch
++udev-fix-multi-match.patch
++test-add-test-cases-for-empty-string-match.patch
++Call-getgroups-to-know-size-of-supplementary-groups-array.patch
++mount-setup-relabel-items-mentioned-directly-in-relabel-e.patch
++core-restore-initialization-of-u-source_mtime.patch
++Update-m4-for-selective-utmp-support.patch
++network-DHCP4-Dont-mislead-the-logs.patch
++core-Fix-setting-StatusUnitFormat-from-config-files.patch
++tty-ask-pwd-agent-fix-message-forwarded-to-wall-1.patch
++core-coldplug-possible-nop_job.patch
++networkd-unbreak-routing_policy_rule_compare_func.patch
++udevadm-missing-initialization-of-descriptor.patch
++udevadm-use-usec_add.patch
++test-drop-the-missed-exit-1-expression.patch
++hwdb-axis-override-for-Dell-9360-touchpad.patch
++man-fix-description-of-ARPIntervalSec-units.patch
++polkit-change-revert-settings-to-reset-settings.patch
++po-update-Polish-translation-1.patch
++po-update-Brazilian-Portuguese-translation.patch
++hwdb-add-Medion-Akoya-E2292-13498.patch
++path-stop-watching-path-specs-once-we-triggered-the-targe.patch
++network-add-missing-link-network-checks.patch
++network-do-not-enter-failed-state-if-device-s-sysfs-entry.patch
++sd-netlink-fix-invalid-assertion.patch
++polkit-fix-typo.patch
++sd-radv-if-lifetime-SD_RADV_DEFAULT_MAX_TIMEOUT_USEC-adju.patch
++l10n-update-Czech-Translation.patch
++dhcp6-read-OPTION_INFORMATION_REFRESH_TIME-option.patch
++ndisc-make-first-solicit-delayed-randomly.patch
++dhcp6-add-missing-option-length-check.patch
++dhcp6-use-unaligned_read_be32.patch
++man-fix-typo.patch
++pid1-do-not-warn-if-run-systemd-relabel-extra.d-doesn-t-e.patch
++log-Add-missing-in-m-log-format-strings.patch
++man-Add-a-missing-space-in-machinectl-1.patch
++Corect-man-page-reference-in-systemd-nologin.conf-comment.patch
++units-make-systemd-binfmt.service-easier-to-work-with-no-.patch
++Updated-log-message-when-the-timesync-happens-for-the-fir.patch
++network-drop-noisy-log-message.patch
++util-lib-Don-t-propagate-EACCES-from-find_binary-PATH-loo.patch
++Handle-d_type-DT_UNKNOWN-correctly.patch
++Consider-smb3-as-remote-filesystem.patch
++cgroup-docs-Mention-unbounded-protection-for-memory.-low-.patch
++cgroup-docs-memory.high-doc-fixups.patch
++cgroup-Check-ancestor-memory-min-for-unified-memory-confi.patch
++cgroup-Respect-DefaultMemoryMin-when-setting-memory.min.patch
++cgroup-Mark-memory-protections-as-explicitly-set-in-trans.patch
++nspawn-default-to-unified-hierarchy-if-as-pid2-is-used.patch
++nspawn-consistently-fail-if-parsing-the-environment-fails.patch
++hwdb-Correct-WWWW-Pattern-In-Documentation-Comment.patch
++udevadm-trigger-do-not-propagate-EACCES-and-ENODEV.patch
++src-core-automount-use-DirectoryMode-when-calling-mkdir-p.patch
++pid1-fix-DefaultTasksMax-initialization.patch
++nspawn-surrender-controlling-terminal-to-PID2-when-using-.patch
++fix-build-with-compilers-with-default-stack-protector-ena.patch
++cgroup-fix-typo-in-BPF-firewall-support-warning-message.patch
++docs-fix-inadvertent-change-in-uid-range.patch
++test-Pass-personality-test-even-when-i686-userland-runs-o.patch
++logind-drop.patch
++logind-fix-emission-of-PropertiesChanged-on-seats.patch
++logind-fix-emission-of-PropertiesChanged-for-users.patch
++Revert-sysusers-properly-mark-generated-accounts-as-locke.patch
++udev-ignore-ENOENT-when-chmod_and_chown-device-node.patch
++udev-fix-error-code-in-the-log-message.patch
++udev-ignore-error-caused-by-device-disconnection.patch
++udev-do-not-append-newline-when-write-attributes.patch
++seccomp-more-comprehensive-protection-against-libseccomp-.patch
++udevadm-ignore-EROFS-and-return-earlier.patch
++udev-silence-warning-about-PROGRAM-or-IMPORT-rules.patch
++man-add-entry-about-SpeedMeter.patch
++debian/Use-Debian-specific-config-files.patch
++debian/Bring-tmpfiles.d-tmp.conf-in-line-with-Debian-defaul.patch
++debian/Make-run-lock-tmpfs-an-API-fs.patch
++debian/Add-support-for-TuxOnIce-hibernation.patch
++debian/Re-enable-journal-forwarding-to-syslog.patch
++debian/Don-t-enable-audit-by-default.patch
++debian/Only-start-logind-if-dbus-is-installed.patch
++debian/fsckd-daemon-for-inter-fsckd-communication.patch
++debian/Skip-filesystem-check-if-already-done-by-the-initram.patch
++debian/Revert-core-one-step-back-again-for-nspawn-we-actual.patch
++debian/Revert-core-set-RLIMIT_CORE-to-unlimited-by-default.patch
++debian/Revert-core-enable-TasksMax-for-all-services-by-default-a.patch
++debian/Let-graphical-session-pre.target-be-manually-started.patch
++debian/Add-env-variable-for-machine-ID-path.patch
++debian/Drop-seccomp-system-call-filter-for-udev.patch
++debian/blacklist-upstream-test-25.patch
++debian/blacklist-upstream-test-24-ppc64el.patch
++udev-drop-SystemCallArchitectures-native-from-systemd-ude.patch
--- /dev/null
--- /dev/null
++From: Dan Streetman <ddstreet@canonical.com>
++Date: Sun, 29 Sep 2019 17:16:55 -0400
++Subject: src/core/automount: use DirectoryMode when calling mkdir -p
++
++mkdir -p is called both when setting up the autofs mount, as well
++as after being notified that the real mount unit should be called.
++However the first mkdir -p is hardcoded with 0555, while the second
++uses the value specified to DirectoryMode in the automount unit; the
++second mkdir -p is only needed when called from coldplug, so under
++normal operation the dirs are incorrectly created with mode 0555.
++
++This replaces the hardcoded 0555 mode with the value of DirectoryMode.
++
++Closes #13683.
++
++(cherry picked from commit 8084dcb9d759e93669127f200bf5ca755432b96e)
++(cherry picked from commit f406a691a7229628781686dfce4c8e276e1d46e3)
++---
++ src/core/automount.c | 2 +-
++ 1 file changed, 1 insertion(+), 1 deletion(-)
++
++diff --git a/src/core/automount.c b/src/core/automount.c
++index bcdd7e1..a54e56c 100644
++--- a/src/core/automount.c
+++++ b/src/core/automount.c
++@@ -568,7 +568,7 @@ static void automount_enter_waiting(Automount *a) {
++ if (r < 0)
++ goto fail;
++
++- (void) mkdir_p_label(a->where, 0555);
+++ (void) mkdir_p_label(a->where, a->directory_mode);
++
++ unit_warn_if_dir_nonempty(UNIT(a), a->where);
++
--- /dev/null
--- /dev/null
++From: Balint Reczey <balint.reczey@canonical.com>
++Date: Tue, 8 Oct 2019 16:41:24 +0200
++Subject: test: Pass personality test even when i686 userland runs on x86_64
++ kernel
++
++(cherry picked from commit bd89d03544d2b8ea53af7af0a97d4d121ef048c4)
++(cherry picked from commit ef677436aa203c24816021dd698b57f219f0ff64)
++---
++ test/test-execute/exec-personality-x86.service | 2 +-
++ 1 file changed, 1 insertion(+), 1 deletion(-)
++
++diff --git a/test/test-execute/exec-personality-x86.service b/test/test-execute/exec-personality-x86.service
++index a623a08..4ece7de 100644
++--- a/test/test-execute/exec-personality-x86.service
+++++ b/test/test-execute/exec-personality-x86.service
++@@ -2,6 +2,6 @@
++ Description=Test for Personality=x86
++
++ [Service]
++-ExecStart=/bin/sh -x -c 'c=$$(uname -m); test "$$c" = "i686"'
+++ExecStart=/bin/sh -x -c 'c=$$(uname -m); test "$$c" = "i686" -o "$$c" = "x86_64"'
++ Type=oneshot
++ Personality=x86
--- /dev/null
--- /dev/null
++From: Yu Watanabe <watanabe.yu+github@gmail.com>
++Date: Wed, 11 Sep 2019 09:06:15 +0900
++Subject: test: add test cases for empty string match
++
++(cherry picked from commit 48d26c90852c22ec94be961f5fbdcf462bb9a6e8)
++(cherry picked from commit 5d84a7ad1c2d8d96a3ffb5c275e8704de361b7fc)
++---
++ test/udev-test.pl | 66 +++++++++++++++++++++++++++++++++++++++++++++++++++++++
++ 1 file changed, 66 insertions(+)
++
++diff --git a/test/udev-test.pl b/test/udev-test.pl
++index 85ec41b..9501327 100755
++--- a/test/udev-test.pl
+++++ b/test/udev-test.pl
++@@ -1256,6 +1256,72 @@ KERNEL=="dontknow|ttyACM0a|nothing|attyACM0", SYMLINK+="wrong1"
++ KERNEL=="X|attyACM0|dontknow|ttyACM0a|nothing|attyACM0", SYMLINK+="wrong2"
++ KERNEL=="all|dontknow|ttyACM0", SYMLINK+="right"
++ KERNEL=="ttyACM0a|nothing", SYMLINK+="wrong3"
+++EOF
+++ },
+++ {
+++ desc => "test multi matches 5",
+++ devpath => "/devices/pci0000:00/0000:00:1f.2/host0/target0:0:0/0:0:0:0/block/sda",
+++ exp_name => "found",
+++ not_exp_name => "bad",
+++ rules => <<EOF
+++KERNEL=="sda", TAG="foo"
+++TAGS=="|foo", SYMLINK+="found"
+++TAGS=="|aaa", SYMLINK+="bad"
+++EOF
+++ },
+++ {
+++ desc => "test multi matches 6",
+++ devpath => "/devices/pci0000:00/0000:00:1f.2/host0/target0:0:0/0:0:0:0/block/sda",
+++ exp_name => "found",
+++ not_exp_name => "bad",
+++ rules => <<EOF
+++KERNEL=="sda", TAG=""
+++TAGS=="|foo", SYMLINK+="found"
+++TAGS=="aaa|bbb", SYMLINK+="bad"
+++EOF
+++ },
+++ {
+++ desc => "test multi matches 7",
+++ devpath => "/devices/pci0000:00/0000:00:1f.2/host0/target0:0:0/0:0:0:0/block/sda",
+++ exp_name => "found",
+++ not_exp_name => "bad",
+++ rules => <<EOF
+++KERNEL=="sda", TAG="foo"
+++TAGS=="foo||bar", SYMLINK+="found"
+++TAGS=="aaa||bbb", SYMLINK+="bad"
+++EOF
+++ },
+++ {
+++ desc => "test multi matches 8",
+++ devpath => "/devices/pci0000:00/0000:00:1f.2/host0/target0:0:0/0:0:0:0/block/sda",
+++ exp_name => "found",
+++ not_exp_name => "bad",
+++ rules => <<EOF
+++KERNEL=="sda", TAG=""
+++TAGS=="foo||bar", SYMLINK+="found"
+++TAGS=="aaa|bbb", SYMLINK+="bad"
+++EOF
+++ },
+++ {
+++ desc => "test multi matches 9",
+++ devpath => "/devices/pci0000:00/0000:00:1f.2/host0/target0:0:0/0:0:0:0/block/sda",
+++ exp_name => "found",
+++ not_exp_name => "bad",
+++ rules => <<EOF
+++KERNEL=="sda", TAG="foo"
+++TAGS=="foo|", SYMLINK+="found"
+++TAGS=="aaa|", SYMLINK+="bad"
+++EOF
+++ },
+++ {
+++ desc => "test multi matches 10",
+++ devpath => "/devices/pci0000:00/0000:00:1f.2/host0/target0:0:0/0:0:0:0/block/sda",
+++ exp_name => "found",
+++ not_exp_name => "bad",
+++ rules => <<EOF
+++KERNEL=="sda", TAG=""
+++TAGS=="foo|", SYMLINK+="found"
+++TAGS=="aaa|bbb", SYMLINK+="bad"
++ EOF
++ },
++ {
--- /dev/null
--- /dev/null
++From: Frantisek Sumsal <frantisek@sumsal.cz>
++Date: Sat, 10 Aug 2019 16:05:07 +0200
++Subject: test: drop the missed || exit 1 expression
++
++...as we've already done in the rest of the testsuite, see
++cc469c3dfc398210f38f819d367e68646c71d8da
++
++(cherry picked from commit 67c434b03f8a24f5350f017dfb4b2464406046db)
++(cherry picked from commit 9d4e65852998cf5ba0e0a273e3c67cee0c2df3c4)
++---
++ test/TEST-36-NUMAPOLICY/test.sh | 3 ++-
++ 1 file changed, 2 insertions(+), 1 deletion(-)
++
++diff --git a/test/TEST-36-NUMAPOLICY/test.sh b/test/TEST-36-NUMAPOLICY/test.sh
++index 5e775b2..a586f9d 100755
++--- a/test/TEST-36-NUMAPOLICY/test.sh
+++++ b/test/TEST-36-NUMAPOLICY/test.sh
++@@ -1,5 +1,6 @@
++ #!/bin/bash
++ set -e
+++
++ TEST_DESCRIPTION="test MUMAPolicy= and NUMAMask= options"
++ TEST_NO_NSPAWN=1
++ QEMU_OPTIONS="-numa node,nodeid=0"
++@@ -39,7 +40,7 @@ EOF
++ cp testsuite.sh $initdir/
++
++ setup_testsuite
++- ) || return 1
+++ )
++ setup_nspawn_root
++ }
++
--- /dev/null
--- /dev/null
++From: Evgeny Vereshchagin <evvers@ya.ru>
++Date: Fri, 6 Sep 2019 01:44:52 +0000
++Subject: travis: protect the systemd organization on Fuzzit from forks
++
++Now that v243 is out, the script has been pulled by forks that are
++activated on Travis CI. As a result, all those forks have started to send
++their fuzzers to Fuzzit inadvertently consuming our CPUs along the way.
++Let's prevent this by bailing out early if the script is run outside of
++the systemd repository.
++
++(cherry picked from commit 64d0f7042dfbaa306e16996d2fbb331ee7d59dc8)
++---
++ travis-ci/managers/fuzzit.sh | 6 +++++-
++ 1 file changed, 5 insertions(+), 1 deletion(-)
++
++diff --git a/travis-ci/managers/fuzzit.sh b/travis-ci/managers/fuzzit.sh
++index db2657b..fef663f 100755
++--- a/travis-ci/managers/fuzzit.sh
+++++ b/travis-ci/managers/fuzzit.sh
++@@ -4,6 +4,10 @@ set -e
++ set -x
++ set -u
++
+++# This should help to protect the systemd organization on Fuzzit from forks
+++# that are activated on Travis CI.
+++[[ "$TRAVIS_REPO_SLUG" = "systemd/systemd" ]] || exit 0
+++
++ REPO_ROOT=${REPO_ROOT:-$(pwd)}
++
++ sudo bash -c "echo 'deb-src http://archive.ubuntu.com/ubuntu/ xenial main restricted universe multiverse' >>/etc/apt/sources.list"
++@@ -32,7 +36,7 @@ fi
++
++ # Because we want Fuzzit to run on every pull-request and Travis/Azure doesnt support encrypted keys
++ # on pull-request we use a write-only key which is ok for now. maybe there will be a better solution in the future
++-FUZZIT_API_KEY=6a8445a23c4a8ef6743ddecf8ab368300976dae9313bbe54f1cbf30801773b2a3095d4c34daab8d308b6f2e8b254c90e
+++FUZZIT_API_KEY=af6992074353998676713818cc6435ef4a750439932dab58b51e9354d6742c54d740a3cd9fc1fc001db82f51734a24bc
++ FUZZIT_ADDITIONAL_FILES="./out/src/shared/libsystemd-shared-*.so"
++
++ # ASan options are borrowed almost verbatim from OSS-Fuzz
--- /dev/null
--- /dev/null
++From: Franck Bui <fbui@suse.com>
++Date: Mon, 16 Sep 2019 22:03:43 +0200
++Subject: tty-ask-pwd-agent: fix message forwarded to wall(1)
++
++Commit a1c111c2d12429d2 wrongly replaced '!' with ':' when the message is
++forwarded to wall(1).
++
++Indeed in this case we are not requesting the user for providing a password but
++instead we are simply displaying a message to suggest starting
++tty-ask-password-agent for providing the password.
++
++(cherry picked from commit 65943cc3507bf54390d598e06df60771e913fb72)
++(cherry picked from commit eb552417420fa9680b508519e926b140d5a0be25)
++---
++ src/tty-ask-password-agent/tty-ask-password-agent.c | 2 +-
++ 1 file changed, 1 insertion(+), 1 deletion(-)
++
++diff --git a/src/tty-ask-password-agent/tty-ask-password-agent.c b/src/tty-ask-password-agent/tty-ask-password-agent.c
++index 5f5245e..d0c070d 100644
++--- a/src/tty-ask-password-agent/tty-ask-password-agent.c
+++++ b/src/tty-ask-password-agent/tty-ask-password-agent.c
++@@ -322,7 +322,7 @@ static int parse_password(const char *filename, char **wall) {
++
++ if (asprintf(&_wall,
++ "%s%sPassword entry required for \'%s\' (PID %u).\r\n"
++- "Please enter password with the systemd-tty-ask-password-agent tool:",
+++ "Please enter password with the systemd-tty-ask-password-agent tool.",
++ strempty(*wall),
++ *wall ? "\r\n\r\n" : "",
++ message,
--- /dev/null
--- /dev/null
++From: Yu Watanabe <watanabe.yu+github@gmail.com>
++Date: Mon, 9 Sep 2019 01:27:56 +0900
++Subject: udev: add missing flag for OPTIONS=static_node
++
++Fixes RHBZ#1740664.
++
++(cherry picked from commit 5abba26e2f9eb9336e701228220f0ef62c95f316)
++(cherry picked from commit 75a2845e5a193aeb120dbccd0da0f174230b6d71)
++---
++ src/udev/udev-rules.c | 3 +++
++ 1 file changed, 3 insertions(+)
++
++diff --git a/src/udev/udev-rules.c b/src/udev/udev-rules.c
++index 1642f10..21f84b2 100644
++--- a/src/udev/udev-rules.c
+++++ b/src/udev/udev-rules.c
++@@ -499,6 +499,9 @@ static int rule_line_add_token(UdevRuleLine *rule_line, UdevRuleTokenType type,
++ TK_A_OWNER_ID, TK_A_GROUP_ID, TK_A_MODE_ID))
++ SET_FLAG(rule_line->type, LINE_HAS_DEVLINK, true);
++
+++ else if (token->type == TK_A_OPTIONS_STATIC_NODE)
+++ SET_FLAG(rule_line->type, LINE_HAS_STATIC_NODE, true);
+++
++ else if (token->type >= _TK_A_MIN ||
++ IN_SET(token->type, TK_M_PROGRAM,
++ TK_M_IMPORT_FILE, TK_M_IMPORT_PROGRAM, TK_M_IMPORT_BUILTIN,
--- /dev/null
--- /dev/null
++From: Yu Watanabe <watanabe.yu+github@gmail.com>
++Date: Mon, 9 Sep 2019 01:29:27 +0900
++Subject: udev: also logs file permission
++
++(cherry picked from commit 20eef7c55cfdd83f953c6a332aaad0caba4fb60f)
++(cherry picked from commit 4b92ffccaa865382f18d0e98cecec1ab1085759e)
++---
++ src/udev/udev-rules.c | 2 +-
++ 1 file changed, 1 insertion(+), 1 deletion(-)
++
++diff --git a/src/udev/udev-rules.c b/src/udev/udev-rules.c
++index 21f84b2..8631a26 100644
++--- a/src/udev/udev-rules.c
+++++ b/src/udev/udev-rules.c
++@@ -2304,7 +2304,7 @@ static int apply_static_dev_perms(const char *devnode, uid_t uid, gid_t gid, mod
++ return log_error_errno(errno, "Failed to chown '%s' %u %u: %m",
++ device_node, uid, gid);
++ else
++- log_debug("chown '%s' %u:%u", device_node, uid, gid);
+++ log_debug("chown '%s' %u:%u with mode %#o", device_node, uid, gid, mode);
++
++ (void) utimensat(AT_FDCWD, device_node, NULL, 0);
++ return 0;
--- /dev/null
--- /dev/null
++From: Yu Watanabe <watanabe.yu+github@gmail.com>
++Date: Sun, 10 Nov 2019 14:42:55 +0900
++Subject: udev: do not append newline when write attributes
++
++Before 25de7aa7b90c23d33ea50ada1e50c5834a414237, the content is written
++by `fprintf()` without new line. So WRITE_STRING_FILE_AVOID_NEWLINE flag
++is necessary.
++
++Fixes #13985.
++
++(cherry picked from commit a566ed2c82d81cc6416fe0da0a14f6d5fe5d83b4)
++---
++ src/udev/udev-rules.c | 2 +-
++ 1 file changed, 1 insertion(+), 1 deletion(-)
++
++diff --git a/src/udev/udev-rules.c b/src/udev/udev-rules.c
++index 71288e9..312bdfc 100644
++--- a/src/udev/udev-rules.c
+++++ b/src/udev/udev-rules.c
++@@ -2082,7 +2082,7 @@ static int udev_rule_apply_token_to_event(
++ (void) udev_event_apply_format(event, token->value, value, sizeof(value), false);
++
++ log_rule_debug(dev, rules, "ATTR '%s' writing '%s'", buf, value);
++- r = write_string_file(buf, value, WRITE_STRING_FILE_VERIFY_ON_FAILURE | WRITE_STRING_FILE_DISABLE_BUFFER);
+++ r = write_string_file(buf, value, WRITE_STRING_FILE_VERIFY_ON_FAILURE | WRITE_STRING_FILE_DISABLE_BUFFER | WRITE_STRING_FILE_AVOID_NEWLINE);
++ if (r < 0)
++ log_rule_error_errno(dev, rules, r, "Failed to write ATTR{%s}, ignoring: %m", buf);
++ break;
--- /dev/null
--- /dev/null
++From: Michael Biebl <biebl@debian.org>
++Date: Tue, 19 Nov 2019 09:10:23 +0100
++Subject: udev: drop SystemCallArchitectures=native from systemd-udevd.service
++
++We can't really control what helper programs are run from other udev
++rules. E.g. running i386 binaries under amd64 is a valid use case and
++should not trigger a SIGSYS failure.
++
++Closes: #869719
++---
++ units/systemd-udevd.service.in | 1 -
++ 1 file changed, 1 deletion(-)
++
++diff --git a/units/systemd-udevd.service.in b/units/systemd-udevd.service.in
++index 62931f0..6eec925 100644
++--- a/units/systemd-udevd.service.in
+++++ b/units/systemd-udevd.service.in
++@@ -32,6 +32,5 @@ MemoryDenyWriteExecute=yes
++ RestrictAddressFamilies=AF_UNIX AF_NETLINK AF_INET AF_INET6
++ RestrictRealtime=yes
++ RestrictSUIDSGID=yes
++-SystemCallArchitectures=native
++ LockPersonality=yes
++ IPAddressDeny=any
--- /dev/null
--- /dev/null
++From: Yu Watanabe <watanabe.yu+github@gmail.com>
++Date: Tue, 12 Nov 2019 14:58:19 +0900
++Subject: udev: fix error code in the log message
++
++(cherry picked from commit ffdc9c891f00f79aa7df3ac25ad141db74686fbe)
++---
++ src/udev/udev-rules.c | 3 +--
++ 1 file changed, 1 insertion(+), 2 deletions(-)
++
++diff --git a/src/udev/udev-rules.c b/src/udev/udev-rules.c
++index 39d7af8..71288e9 100644
++--- a/src/udev/udev-rules.c
+++++ b/src/udev/udev-rules.c
++@@ -2316,8 +2316,7 @@ static int apply_static_dev_perms(const char *devnode, uid_t uid, gid_t gid, mod
++ if (r == -ENOENT)
++ return 0;
++ if (r < 0)
++- return log_error_errno(errno, "Failed to chown '%s' %u %u: %m",
++- device_node, uid, gid);
+++ return log_error_errno(r, "Failed to chown '%s' %u %u: %m", device_node, uid, gid);
++ else
++ log_debug("chown '%s' %u:%u with mode %#o", device_node, uid, gid, mode);
++
--- /dev/null
--- /dev/null
++From: Yu Watanabe <watanabe.yu+github@gmail.com>
++Date: Wed, 11 Sep 2019 08:50:21 +0900
++Subject: udev: fix multi match
++
++Fixes #13518.
++
++(cherry picked from commit 067cc51f2e6eb94305556597f0254f115857ff49)
++(cherry picked from commit 1536348cc863f12312d8f7e7ea1826e54561c18f)
++---
++ src/udev/udev-rules.c | 81 ++++++++++++++++++++++++++++++---------------------
++ 1 file changed, 47 insertions(+), 34 deletions(-)
++
++diff --git a/src/udev/udev-rules.c b/src/udev/udev-rules.c
++index 8631a26..efea16e 100644
++--- a/src/udev/udev-rules.c
+++++ b/src/udev/udev-rules.c
++@@ -43,10 +43,12 @@ typedef enum {
++ } UdevRuleOperatorType;
++
++ typedef enum {
++- MATCH_TYPE_EMPTY, /* empty string */
++- MATCH_TYPE_PLAIN, /* no special characters */
++- MATCH_TYPE_GLOB, /* shell globs ?,*,[] */
++- MATCH_TYPE_SUBSYSTEM, /* "subsystem", "bus", or "class" */
+++ MATCH_TYPE_EMPTY, /* empty string */
+++ MATCH_TYPE_PLAIN, /* no special characters */
+++ MATCH_TYPE_PLAIN_WITH_EMPTY, /* no special characters with empty string, e.g., "|foo" */
+++ MATCH_TYPE_GLOB, /* shell globs ?,*,[] */
+++ MATCH_TYPE_GLOB_WITH_EMPTY, /* shell globs ?,*,[] with empty string, e.g., "|foo*" */
+++ MATCH_TYPE_SUBSYSTEM, /* "subsystem", "bus", or "class" */
++ _MATCH_TYPE_MAX,
++ _MATCH_TYPE_INVALID = -1
++ } UdevRuleMatchType;
++@@ -431,35 +433,30 @@ static int rule_line_add_token(UdevRuleLine *rule_line, UdevRuleTokenType type,
++
++ if (type < TK_M_TEST || type == TK_M_RESULT) {
++ /* Convert value string to nulstr. */
++- len = strlen(value);
++- if (len > 1 && (value[len - 1] == '|' || strstr(value, "||"))) {
++- /* In this case, just replacing '|' -> '\0' does not work... */
++- _cleanup_free_ char *tmp = NULL;
++- char *i, *j;
++- bool v = true;
++-
++- tmp = strdup(value);
++- if (!tmp)
++- return log_oom();
++-
++- for (i = tmp, j = value; *i != '\0'; i++)
++- if (*i == '|')
++- v = true;
++- else {
++- if (v) {
++- *j++ = '\0';
++- v = false;
++- }
++- *j++ = *i;
++- }
++- j[0] = j[1] = '\0';
++- } else {
++- /* Simple conversion. */
++- char *i;
++-
++- for (i = value; *i != '\0'; i++)
++- if (*i == '|')
++- *i = '\0';
+++ bool bar = true, empty = false;
+++ char *a, *b;
+++
+++ for (a = b = value; *a != '\0'; a++) {
+++ if (*a != '|') {
+++ *b++ = *a;
+++ bar = false;
+++ } else {
+++ if (bar)
+++ empty = true;
+++ else
+++ *b++ = '\0';
+++ bar = true;
+++ }
+++ }
+++ *b = '\0';
+++ if (bar)
+++ empty = true;
+++
+++ if (empty) {
+++ if (match_type == MATCH_TYPE_GLOB)
+++ match_type = MATCH_TYPE_GLOB_WITH_EMPTY;
+++ if (match_type == MATCH_TYPE_PLAIN)
+++ match_type = MATCH_TYPE_PLAIN_WITH_EMPTY;
++ }
++ }
++ }
++@@ -1328,7 +1325,17 @@ static bool token_match_string(UdevRuleToken *token, const char *str) {
++ match = isempty(str);
++ break;
++ case MATCH_TYPE_SUBSYSTEM:
++- value = "subsystem\0class\0bus\0";
+++ NULSTR_FOREACH(i, "subsystem\0class\0bus\0")
+++ if (streq(i, str)) {
+++ match = true;
+++ break;
+++ }
+++ break;
+++ case MATCH_TYPE_PLAIN_WITH_EMPTY:
+++ if (isempty(str)) {
+++ match = true;
+++ break;
+++ }
++ _fallthrough_;
++ case MATCH_TYPE_PLAIN:
++ NULSTR_FOREACH(i, value)
++@@ -1337,6 +1344,12 @@ static bool token_match_string(UdevRuleToken *token, const char *str) {
++ break;
++ }
++ break;
+++ case MATCH_TYPE_GLOB_WITH_EMPTY:
+++ if (isempty(str)) {
+++ match = true;
+++ break;
+++ }
+++ _fallthrough_;
++ case MATCH_TYPE_GLOB:
++ NULSTR_FOREACH(i, value)
++ if ((fnmatch(i, str, 0) == 0)) {
--- /dev/null
--- /dev/null
++From: Yu Watanabe <watanabe.yu+github@gmail.com>
++Date: Tue, 12 Nov 2019 14:57:48 +0900
++Subject: udev: ignore ENOENT when chmod_and_chown() device node
++
++(cherry picked from commit 4b613ec212bfd06fd9d9487bd37b0791fa6dff9e)
++---
++ src/udev/udev-rules.c | 2 ++
++ 1 file changed, 2 insertions(+)
++
++diff --git a/src/udev/udev-rules.c b/src/udev/udev-rules.c
++index efea16e..39d7af8 100644
++--- a/src/udev/udev-rules.c
+++++ b/src/udev/udev-rules.c
++@@ -2313,6 +2313,8 @@ static int apply_static_dev_perms(const char *devnode, uid_t uid, gid_t gid, mod
++ gid = 0;
++
++ r = chmod_and_chown(device_node, mode, uid, gid);
+++ if (r == -ENOENT)
+++ return 0;
++ if (r < 0)
++ return log_error_errno(errno, "Failed to chown '%s' %u %u: %m",
++ device_node, uid, gid);
--- /dev/null
--- /dev/null
++From: Yu Watanabe <watanabe.yu+github@gmail.com>
++Date: Tue, 12 Nov 2019 14:58:25 +0900
++Subject: udev: ignore error caused by device disconnection
++
++During an add or change event, the device may be disconnected.
++
++Fixes #13976.
++
++(cherry picked from commit b64b83d13eedfdfc616c16c4a108ef28bf6d3b33)
++---
++ src/udev/udev-node.c | 23 +++++++++++++++--------
++ 1 file changed, 15 insertions(+), 8 deletions(-)
++
++diff --git a/src/udev/udev-node.c b/src/udev/udev-node.c
++index f161402..ce95e20 100644
++--- a/src/udev/udev-node.c
+++++ b/src/udev/udev-node.c
++@@ -298,8 +298,11 @@ static int node_permissions_apply(sd_device *dev, bool apply_mac,
++ else
++ mode |= S_IFCHR;
++
++- if (lstat(devnode, &stats) < 0)
+++ if (lstat(devnode, &stats) < 0) {
+++ if (errno == ENOENT)
+++ return 0; /* this is necessarily racey, so ignore missing the device */
++ return log_device_debug_errno(dev, errno, "cannot stat() node %s: %m", devnode);
+++ }
++
++ if ((mode != MODE_INVALID && (stats.st_mode & S_IFMT) != (mode & S_IFMT)) || stats.st_rdev != devnum)
++ return log_device_debug_errno(dev, SYNTHETIC_ERRNO(EEXIST),
++@@ -324,11 +327,13 @@ static int node_permissions_apply(sd_device *dev, bool apply_mac,
++
++ r = chmod_and_chown(devnode, mode, uid, gid);
++ if (r < 0)
++- log_device_warning_errno(dev, r, "Failed to set owner/mode of %s to uid=" UID_FMT ", gid=" GID_FMT ", mode=%#o: %m",
++- devnode,
++- uid_is_valid(uid) ? uid : stats.st_uid,
++- gid_is_valid(gid) ? gid : stats.st_gid,
++- mode != MODE_INVALID ? mode & 0777 : stats.st_mode & 0777);
+++ log_device_full(dev, r == -ENOENT ? LOG_DEBUG : LOG_ERR, r,
+++ "Failed to set owner/mode of %s to uid=" UID_FMT
+++ ", gid=" GID_FMT ", mode=%#o: %m",
+++ devnode,
+++ uid_is_valid(uid) ? uid : stats.st_uid,
+++ gid_is_valid(gid) ? gid : stats.st_gid,
+++ mode != MODE_INVALID ? mode & 0777 : stats.st_mode & 0777);
++ } else
++ log_device_debug(dev, "Preserve permissions of %s, uid=" UID_FMT ", gid=" GID_FMT ", mode=%#o",
++ devnode,
++@@ -345,7 +350,8 @@ static int node_permissions_apply(sd_device *dev, bool apply_mac,
++
++ q = mac_selinux_apply(devnode, label);
++ if (q < 0)
++- log_device_error_errno(dev, q, "SECLABEL: failed to set SELinux label '%s': %m", label);
+++ log_device_full(dev, q == -ENOENT ? LOG_DEBUG : LOG_ERR, q,
+++ "SECLABEL: failed to set SELinux label '%s': %m", label);
++ else
++ log_device_debug(dev, "SECLABEL: set SELinux label '%s'", label);
++
++@@ -354,7 +360,8 @@ static int node_permissions_apply(sd_device *dev, bool apply_mac,
++
++ q = mac_smack_apply(devnode, SMACK_ATTR_ACCESS, label);
++ if (q < 0)
++- log_device_error_errno(dev, q, "SECLABEL: failed to set SMACK label '%s': %m", label);
+++ log_device_full(dev, q == -ENOENT ? LOG_DEBUG : LOG_ERR, q,
+++ "SECLABEL: failed to set SMACK label '%s': %m", label);
++ else
++ log_device_debug(dev, "SECLABEL: set SMACK label '%s'", label);
++
--- /dev/null
--- /dev/null
++From: Yu Watanabe <watanabe.yu+github@gmail.com>
++Date: Mon, 18 Nov 2019 19:28:11 +0900
++Subject: udev: silence warning about PROGRAM+= or IMPORT+= rules
++
++Closes #14062.
++
++(cherry picked from commit f0beb6f816035e438d684cc52ae76fc4a44fc197)
++---
++ src/udev/udev-rules.c | 10 ++--------
++ 1 file changed, 2 insertions(+), 8 deletions(-)
++
++diff --git a/src/udev/udev-rules.c b/src/udev/udev-rules.c
++index 312bdfc..db0df22 100644
++--- a/src/udev/udev-rules.c
+++++ b/src/udev/udev-rules.c
++@@ -742,10 +742,7 @@ static int parse_token(UdevRules *rules, const char *key, char *attr, UdevRuleOp
++ if (op == OP_REMOVE)
++ return log_token_invalid_op(rules, key);
++ if (!is_match) {
++- if (op == OP_ASSIGN)
++- log_token_debug(rules, "Operator '=' is specified to %s key, assuming '=='.", key);
++- else
++- log_token_warning(rules, "%s key takes '==' or '!=' operator, assuming '==', but please fix it.", key);
+++ log_token_debug(rules, "%s key takes '==' or '!=' operator, assuming '=='.", key);
++ op = OP_MATCH;
++ }
++
++@@ -757,10 +754,7 @@ static int parse_token(UdevRules *rules, const char *key, char *attr, UdevRuleOp
++ if (op == OP_REMOVE)
++ return log_token_invalid_op(rules, key);
++ if (!is_match) {
++- if (op == OP_ASSIGN)
++- log_token_debug(rules, "Operator '=' is specified to %s key, assuming '=='.", key);
++- else
++- log_token_warning(rules, "%s key takes '==' or '!=' operator, assuming '==', but please fix it.", key);
+++ log_token_debug(rules, "%s key takes '==' or '!=' operator, assuming '=='.", key);
++ op = OP_MATCH;
++ }
++
--- /dev/null
--- /dev/null
++From: Yu Watanabe <watanabe.yu+github@gmail.com>
++Date: Mon, 18 Nov 2019 18:47:16 +0900
++Subject: udevadm: ignore EROFS and return earlier
++
++Fixes #14060.
++
++(cherry picked from commit dc11d2bf6602558770e61f772d925ba8dcc71233)
++---
++ src/udev/udevadm-trigger.c | 7 +++++--
++ 1 file changed, 5 insertions(+), 2 deletions(-)
++
++diff --git a/src/udev/udevadm-trigger.c b/src/udev/udevadm-trigger.c
++index 11f2f1c..60c68b5 100644
++--- a/src/udev/udevadm-trigger.c
+++++ b/src/udev/udevadm-trigger.c
++@@ -45,10 +45,13 @@ static int exec_list(sd_device_enumerator *e, const char *action, Set *settle_se
++
++ r = write_string_file(filename, action, WRITE_STRING_FILE_DISABLE_BUFFER);
++ if (r < 0) {
++- bool ignore = IN_SET(r, -ENOENT, -EACCES, -ENODEV);
+++ bool ignore = IN_SET(r, -ENOENT, -EACCES, -ENODEV, -EROFS);
++
++ log_full_errno(ignore ? LOG_DEBUG : LOG_ERR, r,
++- "Failed to write '%s' to '%s': %m", action, filename);
+++ "Failed to write '%s' to '%s'%s: %m",
+++ action, filename, ignore ? ", ignoring" : "");
+++ if (r == -EROFS)
+++ return 0; /* Read only filesystem. Return earlier. */
++ if (ret == 0 && !ignore)
++ ret = r;
++ continue;
--- /dev/null
--- /dev/null
++From: Yu Watanabe <watanabe.yu+github@gmail.com>
++Date: Wed, 18 Sep 2019 00:52:07 +0900
++Subject: udevadm: missing initialization of descriptor
++
++(cherry picked from commit 2f5b282aab78bd2378df428c57c5fd1cc09e9f4f)
++(cherry picked from commit 477bf86c911a9fdc57341cbf2acf70ae1965edfd)
++---
++ src/udev/udev-ctrl.c | 1 +
++ 1 file changed, 1 insertion(+)
++
++diff --git a/src/udev/udev-ctrl.c b/src/udev/udev-ctrl.c
++index b383708..751e034 100644
++--- a/src/udev/udev-ctrl.c
+++++ b/src/udev/udev-ctrl.c
++@@ -76,6 +76,7 @@ int udev_ctrl_new_from_fd(struct udev_ctrl **ret, int fd) {
++ *uctrl = (struct udev_ctrl) {
++ .n_ref = 1,
++ .sock = fd >= 0 ? fd : TAKE_FD(sock),
+++ .sock_connect = -1,
++ .bound = fd >= 0,
++ };
++
--- /dev/null
--- /dev/null
++From: Yu Watanabe <watanabe.yu+github@gmail.com>
++Date: Thu, 26 Sep 2019 21:33:59 +0900
++Subject: udevadm trigger: do not propagate EACCES and ENODEV
++
++Inside container, writing file returns EACCESS. Moreover, some devices
++return ENODEV rather than EACCES. So, let's also ignore these two
++error causes.
++
++Closes #13652.
++
++(cherry picked from commit 67acde4869a9505f9721e31fa5167c82445e0e12)
++(cherry picked from commit 20438f96c3261e55fabf44c892225efe79dd49d5)
++---
++ src/udev/udevadm-trigger.c | 6 ++++--
++ 1 file changed, 4 insertions(+), 2 deletions(-)
++
++diff --git a/src/udev/udevadm-trigger.c b/src/udev/udevadm-trigger.c
++index 77d95e5..11f2f1c 100644
++--- a/src/udev/udevadm-trigger.c
+++++ b/src/udev/udevadm-trigger.c
++@@ -45,9 +45,11 @@ static int exec_list(sd_device_enumerator *e, const char *action, Set *settle_se
++
++ r = write_string_file(filename, action, WRITE_STRING_FILE_DISABLE_BUFFER);
++ if (r < 0) {
++- log_full_errno(r == -ENOENT ? LOG_DEBUG : LOG_ERR, r,
+++ bool ignore = IN_SET(r, -ENOENT, -EACCES, -ENODEV);
+++
+++ log_full_errno(ignore ? LOG_DEBUG : LOG_ERR, r,
++ "Failed to write '%s' to '%s': %m", action, filename);
++- if (ret == 0 && r != -ENOENT)
+++ if (ret == 0 && !ignore)
++ ret = r;
++ continue;
++ }
--- /dev/null
--- /dev/null
++From: Yu Watanabe <watanabe.yu+github@gmail.com>
++Date: Wed, 18 Sep 2019 01:28:23 +0900
++Subject: udevadm: use usec_add()
++
++Also fixes description of event source.
++
++(cherry picked from commit f6e8ba816577a1a26037a8aeae23fda36d74f0ac)
++(cherry picked from commit 7ed7ea82f6a8387893f4741ccaeb0111770854c8)
++---
++ src/udev/udev-ctrl.c | 9 ++++-----
++ 1 file changed, 4 insertions(+), 5 deletions(-)
++
++diff --git a/src/udev/udev-ctrl.c b/src/udev/udev-ctrl.c
++index 751e034..f1befc7 100644
++--- a/src/udev/udev-ctrl.c
+++++ b/src/udev/udev-ctrl.c
++@@ -395,14 +395,13 @@ int udev_ctrl_wait(struct udev_ctrl *uctrl, usec_t timeout) {
++ (void) sd_event_source_set_description(source_io, "udev-ctrl-wait-io");
++
++ if (timeout != USEC_INFINITY) {
++- usec_t usec;
++-
++- usec = now(clock_boottime_or_monotonic()) + timeout;
++- r = sd_event_add_time(uctrl->event, &source_timeout, clock_boottime_or_monotonic(), usec, 0, NULL, INT_TO_PTR(-ETIMEDOUT));
+++ r = sd_event_add_time(uctrl->event, &source_timeout, clock_boottime_or_monotonic(),
+++ usec_add(now(clock_boottime_or_monotonic()), timeout),
+++ 0, NULL, INT_TO_PTR(-ETIMEDOUT));
++ if (r < 0)
++ return r;
++
++- (void) sd_event_source_set_description(source_timeout, "udev-ctrl-wait-io");
+++ (void) sd_event_source_set_description(source_timeout, "udev-ctrl-wait-timeout");
++ }
++
++ return sd_event_loop(uctrl->event);
--- /dev/null
--- /dev/null
++From: =?utf-8?q?Zbigniew_J=C4=99drzejewski-Szmek?= <zbyszek@in.waw.pl>
++Date: Wed, 18 Sep 2019 12:01:41 +0200
++Subject: units: make systemd-binfmt.service easier to work with no autofs
++
++See https://bugzilla.redhat.com/show_bug.cgi?id=1731772:
++when autofs4 is disabled in the kernel,
++proc-sys-fs-binfmt_misc.automount is not started, so the binfmt_misc module is
++never loaded. If we added a dependency on proc-sys-fs-binfmt_misc.mount
++to systemd-binfmt.service, things would work even if autofs4 was disabled, but
++we would unconditionally pull in the module and mount, which we don't want to do.
++(Right now we ony load the module if some binfmt is configured.)
++But let's make it easier to handle this case by doing two changes:
++1. order systemd-binfmt.service after the .mount unit (so that the .service
++ can count on the mount if both units are pulled in, even if .automount
++ is skipped)
++2. add [Install] section to the service unit. This way the user can do
++ 'systemctl enable proc-sys-fs-binfmt_misc.mount' to get the appropriate behaviour.
++
++(cherry picked from commit 508133917d9628f8c0adc5db34d595196b72b1c8)
++(cherry picked from commit e151bf467494c042bbfd3a4c47ad83ac8e9df2fd)
++---
++ units/proc-sys-fs-binfmt_misc.mount | 3 +++
++ units/systemd-binfmt.service.in | 1 +
++ 2 files changed, 4 insertions(+)
++
++diff --git a/units/proc-sys-fs-binfmt_misc.mount b/units/proc-sys-fs-binfmt_misc.mount
++index 66229ec..1587853 100644
++--- a/units/proc-sys-fs-binfmt_misc.mount
+++++ b/units/proc-sys-fs-binfmt_misc.mount
++@@ -18,3 +18,6 @@ What=binfmt_misc
++ Where=/proc/sys/fs/binfmt_misc
++ Type=binfmt_misc
++ Options=nosuid,nodev,noexec
+++
+++[Install]
+++WantedBy=sysinit.target
++diff --git a/units/systemd-binfmt.service.in b/units/systemd-binfmt.service.in
++index e940c7c..0c0f264 100644
++--- a/units/systemd-binfmt.service.in
+++++ b/units/systemd-binfmt.service.in
++@@ -15,6 +15,7 @@ Documentation=https://www.freedesktop.org/wiki/Software/systemd/APIFileSystems
++ DefaultDependencies=no
++ Conflicts=shutdown.target
++ After=proc-sys-fs-binfmt_misc.automount
+++After=proc-sys-fs-binfmt_misc.mount
++ Before=sysinit.target shutdown.target
++ ConditionPathIsReadWrite=/proc/sys/
++ ConditionDirectoryNotEmpty=|/lib/binfmt.d
--- /dev/null
--- /dev/null
++From: Chris Down <chris@chrisdown.name>
++Date: Wed, 25 Sep 2019 17:09:38 +0100
++Subject: util-lib: Don't propagate EACCES from find_binary PATH lookup to
++ caller
++
++On one of my test machines, test-path-util was failing because the
++find_binary("xxxx-xxxx") was returning -EACCES instead of -ENOENT. This
++happens because the PATH entry on that host contains a directory which
++the user in question doesn't have access to. Typically applications
++ignore permission errors when searching through PATH, for example in
++bash:
++
++ $ whoami
++ cdown
++ $ PATH=/root:/bin type sh
++ sh is /bin/sh
++
++This behaviour is present on zsh and other shells as well, though. This
++patch brings our PATH search behaviour closer to other major Unix tools.
++
++(cherry picked from commit 4e1ddb661272ddb2f03d6046369c973657dfdd62)
++(cherry picked from commit 8282bc61df10dc1f2290c9c351d5ff6fdb157c24)
++---
++ src/basic/path-util.c | 4 +++-
++ 1 file changed, 3 insertions(+), 1 deletion(-)
++
++diff --git a/src/basic/path-util.c b/src/basic/path-util.c
++index 18c7dab..b9544b4 100644
++--- a/src/basic/path-util.c
+++++ b/src/basic/path-util.c
++@@ -651,7 +651,9 @@ int find_binary(const char *name, char **ret) {
++ return 0;
++ }
++
++- last_error = -errno;
+++ /* PATH entries which we don't have access to are ignored, as per tradition. */
+++ if (errno != EACCES)
+++ last_error = -errno;
++ }
++
++ return last_error;
--- /dev/null
--- /dev/null
++From: Ronan Pigott <rpigott@berkeley.edu>
++Date: Thu, 12 Sep 2019 10:13:13 -0700
++Subject: zsh: update bootctl completions
++
++(cherry picked from commit 4f6c7276372a458e81402ba38bfae2e3ba3f1154)
++(cherry picked from commit 8c0c30a820fa90fcbf4deeb283ffaffbf136a142)
++---
++ shell-completion/zsh/_bootctl | 33 ++++++++++++++++++++++++++++++++-
++ 1 file changed, 32 insertions(+), 1 deletion(-)
++
++diff --git a/shell-completion/zsh/_bootctl b/shell-completion/zsh/_bootctl
++index f0ac892..a84601a 100644
++--- a/shell-completion/zsh/_bootctl
+++++ b/shell-completion/zsh/_bootctl
++@@ -1,6 +1,29 @@
++ #compdef bootctl -*- shell-script -*-
++ # SPDX-License-Identifier: LGPL-2.1+
++
+++__bootctl() {
+++ bootctl --no-pager $@ 2>/dev/null
+++}
+++
+++_bootctl_comp_ids() {
+++ local expl
+++ local -a ids
+++ __bootctl list | while read a b; do
+++ if [[ "$a" == "id:" ]]; then
+++ ids+="$b"
+++ fi
+++ done
+++ _wanted id expl 'boot id' compadd "$@" -a ids
+++}
+++
+++_bootctl_set-default() {
+++ _bootctl_comp_ids
+++}
+++
+++_bootctl_set-oneshot() {
+++ _bootctl_comp_ids
+++}
+++
++ (( $+functions[_bootctl_commands] )) || _bootctl_commands()
++ {
++ local -a _bootctl_cmds
++@@ -9,6 +32,10 @@
++ "install:Install systemd-boot to the ESP and EFI variables"
++ "update:Update systemd-boot in the ESP and EFI variables"
++ "remove:Remove systemd-boot from the ESP and EFI variables"
+++ "random-seed:Initialize random seed in ESP and EFI variables"
+++ "is-installed:Test whether systemd-boot is installed in the ESP"
+++ "set-default:Set the default boot loader entry"
+++ "set-oneshot:Set the default boot loader entry only for the next boot"
++ )
++ if (( CURRENT == 1 )); then
++ _describe -t commands 'bootctl command' _bootctl_cmds || compadd "$@"
++@@ -26,6 +53,10 @@
++ _arguments \
++ {-h,--help}'[Prints a short help text and exits.]' \
++ '--version[Prints a short version string and exits.]' \
++- '--path=[Path to the EFI System Partition (ESP)]:path:_directories' \
+++ '--esp-path=[Path to the EFI System Partition (ESP)]:path:_directories' \
+++ '--boot-path=[Path to the $BOOT partition]:path:_directories' \
+++ {-p,--print-esp-path}'[Print path to the EFI system partition]' \
+++ {-x,--print-boot-path}'[Print path to the $BOOT partition]' \
++ '--no-variables[Do not touch EFI variables]' \
+++ '--no-pager[Do not pipe output into a pager]' \
++ '*::bootctl command:_bootctl_commands'
--- /dev/null
--- /dev/null
++#! /usr/bin/make -f
++
++#export DH_VERBOSE = 1
++#export DEB_BUILD_OPTIONS = nostrip
++
++export LC_ALL = C.UTF-8
++
++include /usr/share/dpkg/default.mk
++
++ifeq ($(DEB_VENDOR),Ubuntu)
++ DEFAULT_NTP_SERVERS = ntp.ubuntu.com
++ SUPPORT_URL = http://www.ubuntu.com/support
++ CONFFLAGS_DISTRO =
++else
++ DEFAULT_NTP_SERVERS = 0.debian.pool.ntp.org 1.debian.pool.ntp.org 2.debian.pool.ntp.org 3.debian.pool.ntp.org
++ SUPPORT_URL = https://www.debian.org/support
++ CONFFLAGS_DISTRO =
++endif
++
++ifneq (, $(filter $(DEB_BUILD_ARCH), riscv64))
++ TEST_TIMEOUT_MULTIPLIER = "-t 10"
++endif
++
++# fail on missing files and symbols changes on distro builds, but not if we
++# build/test upstream master
++ifeq ($(TEST_UPSTREAM),)
++ DH_MISSING = --fail-missing
++ GENSYMBOLS_LEVEL = 4
++else
++ DH_MISSING = --list-missing
++ GENSYMBOLS_LEVEL = 1
++endif
++
++ifneq (, $(filter noudeb, $(DEB_BUILD_OPTIONS)))
++export DEB_BUILD_PROFILES += noudeb
++endif
++
++CONFFLAGS = \
++ -Db_lto=true \
++ -Db_pie=true \
++ -Drootlibdir=/lib/$(DEB_HOST_MULTIARCH) \
++ -Dsplit-usr=true \
++ -Dversion-tag="$(DEB_VERSION)" \
++ -Dquotaon-path=/sbin/quotaon \
++ -Dquotacheck-path=/sbin/quotacheck \
++ -Dkmod-path=/bin/kmod \
++ -Dkexec-path=/sbin/kexec \
++ -Dsulogin-path=/sbin/sulogin \
++ -Dmount-path=/bin/mount \
++ -Dumount-path=/bin/umount \
++ -Dloadkeys-path=/bin/loadkeys \
++ -Dsetfont-path=/bin/setfont \
++ -Dnologin-path=/usr/sbin/nologin \
++ -Dtelinit-path=/lib/sysvinit/telinit \
++ -Dsysvinit-path=/etc/init.d \
++ -Dsysvrcnd-path=/etc \
++ -Ddebug-shell=/bin/bash \
++ -Dzshcompletiondir=/usr/share/zsh/vendor-completions \
++ -Ddbuspolicydir=/usr/share/dbus-1/system.d/ \
++ -Dsupport-url=$(SUPPORT_URL) \
++ -Ddefault-kill-user-processes=false \
++ -Ddefault-hierarchy=hybrid \
++ -Dpamconfdir=no \
++ -Drpmmacrosdir=no \
++ -Dqrencode=false \
++ -Dvconsole=false \
++ -Dfirstboot=false \
++ -Dxkbcommon=false \
++ -Dwheel-group=false \
++ -Dntp-servers="$(DEFAULT_NTP_SERVERS)" \
++ -Ddns-servers='' \
++ -Dlink-udev-shared=false \
++ -Dsystem-uid-max=999 \
++ -Dsystem-gid-max=999 \
++ -Dnobody-user=nobody \
++ -Dnobody-group=nogroup \
++ -Dbump-proc-sys-fs-nr-open=false \
++ -Ddev-kvm-mode=0660 \
++ -Dgroup-render-mode=0660
++
++# resolved's DNSSEC support is still not mature enough, don't enable it by
++# default on stable Debian or any Ubuntu releases
++CONFFLAGS += $(shell grep -qE 'stretch|ubuntu' /etc/os-release && echo -Ddefault-dnssec=no)
++
++CONFFLAGS_deb = \
++ -Dselinux=true \
++ -Dhwdb=true \
++ -Dsysusers=true \
++ -Dinstall-tests=true \
++ -Defi=true \
++ -Dman=true \
++ -Dnss-myhostname=true \
++ -Dnss-mymachines=true \
++ -Dnss-resolve=true \
++ -Dnss-systemd=true \
++ -Dresolve=true \
++ -Dlink-systemctl-shared=false
++
++ifeq (, $(filter stage1, $(DEB_BUILD_PROFILES)))
++CONFFLAGS_deb += \
++ -Daudit=true \
++ -Dlibcryptsetup=true \
++ -Dcoredump=true \
++ -Delfutils=true \
++ -Dapparmor=true \
++ -Dlibidn2=true \
++ -Dlibiptc=true \
++ -Dlibcurl=true \
++ -Dimportd=true \
++ -Dmicrohttpd=true \
++ -Dgnutls=true \
++ -Dpcre2=true
++else
++CONFFLAGS_deb += \
++ -Daudit=false \
++ -Dlibcryptsetup=false \
++ -Dcoredump=false \
++ -Delfutils=false \
++ -Dapparmor=false \
++ -Dlibidn2=false \
++ -Dlibiptc=false \
++ -Dlibcurl=false \
++ -Dimportd=false \
++ -Dmicrohttpd=false \
++ -Dgnutls=false \
++ -Dpcre2=false
++endif
++
++CONFFLAGS_udeb = \
++ -Dlibcryptsetup=false \
++ -Dcoredump=false \
++ -Delfutils=false \
++ -Dpam=false \
++ -Daudit=false \
++ -Dselinux=false\
++ -Dapparmor=false \
++ -Dlibidn2=false \
++ -Dlibiptc=false \
++ -Dsmack=false \
++ -Dima=false \
++ -Dbinfmt=false \
++ -Dquotacheck=false \
++ -Dtmpfiles=false \
++ -Drandomseed=false \
++ -Dbacklight=false \
++ -Dlogind=false \
++ -Dmachined=false \
++ -Dlibcurl=false \
++ -Dimportd=false \
++ -Dmicrohttpd=false \
++ -Dgnutls=false \
++ -Dhostnamed=false \
++ -Dtimedated=false \
++ -Dnetworkd=false \
++ -Dtimesyncd=false \
++ -Dlocaled=false \
++ -Dnss-myhostname=false \
++ -Dnss-mymachines=false \
++ -Dnss-resolve=false \
++ -Dnss-systemd=false \
++ -Dresolve=false \
++ -Dportabled=false \
++ -Dpolkit=false \
++ -Dacl=false \
++ -Dgcrypt=false \
++ -Drfkill=false \
++ -Dhwdb=false \
++ -Dman=false \
++ -Defi=false \
++ -Dseccomp=false \
++ -Dsysusers=false \
++ -Dpcre2=false
++
++override_dh_auto_configure:
++ dh_auto_configure --builddirectory=build-deb \
++ -- $(CONFFLAGS) $(CONFFLAGS_DISTRO) $(CONFFLAGS_deb) $(CONFFLAGS_UPSTREAM)
++ifeq (, $(filter noudeb, $(DEB_BUILD_PROFILES)))
++ dh_auto_configure --builddirectory=build-udeb \
++ -- $(CONFFLAGS) $(CONFFLAGS_DISTRO) $(CONFFLAGS_udeb) $(CONFFLAGS_UPSTREAM)
++endif
++
++override_dh_auto_build:
++ dh_auto_build --builddirectory=build-deb
++ifeq (, $(filter noudeb, $(DEB_BUILD_PROFILES)))
++ dh_auto_build --builddirectory=build-udeb
++endif
++ # generate POT file for translators
++ ninja -C build-deb/ systemd-pot
++
++override_dh_auto_install:
++ dh_auto_install --builddirectory=build-deb \
++ --destdir=debian/install/deb
++ifeq (, $(filter noudeb, $(DEB_BUILD_PROFILES)))
++ dh_auto_install --builddirectory=build-udeb \
++ --destdir=debian/install/udeb
++endif
++ # fix paths in manpages; manually check the remaining /usr occurrences
++ # occasionally, with filtering out paths which are known to be in /usr:
++ # grep -r /usr debian/install/deb/usr/share/man/|egrep -v '/usr/local|os.*release|factory|zoneinfo|tmpfiles|kernel|foo|machines|sysctl|dbus|include|binfmt'
++ find debian/install/deb/usr/share/man/ -type f | xargs sed -ri 's_/usr(/lib/systemd/system|/lib/systemd/network|/lib/udev|/lib[^/]|/lib/[^a-z])_\1_g'
++
++override_dh_auto_clean:
++ifneq (, $(TEST_UPSTREAM))
++ debian/extra/checkout-upstream
++endif
++ dh_auto_clean --builddirectory=build-deb
++ifeq (, $(filter noudeb, $(DEB_BUILD_PROFILES)))
++ dh_auto_clean --builddirectory=build-udeb
++endif
++ rm -rf debian/install/ debian/shlibs.local
++ # remove Python byte code files
++ rm -rf tools/__pycache__/
++ rm -f po/systemd.pot
++
++override_dh_install:
++ # remove unnecessary / unused files
++ rm -f debian/install/*/usr/share/doc/systemd/LICENSE.*
++ rm -f debian/install/*/var/log/README
++ rm -f debian/install/*/etc/init.d/README
++ rm -f debian/install/*/usr/lib/sysctl.d/50-default.conf
++ rm -f debian/install/*/etc/X11/xinit/xinitrc.d/50-systemd-user.sh
++ rmdir -p --ignore-fail-on-non-empty debian/install/*/etc/X11/xinit/xinitrc.d/
++ # remove files related to factory-reset feature
++ find debian/install/ \( -name 'systemd-update-done*' -o \
++ -name systemd-journal-catalog-update.service -o \
++ -name systemd-udev-hwdb-update.service -o \
++ -name ldconfig.service -o \
++ -name etc.conf \) -delete
++ rm -rf debian/install/*/usr/share/factory/
++ # replace upstream sysusers.d/basic.conf with proper users for Debian
++ debian/extra/make-sysusers-basic > debian/install/deb/usr/lib/sysusers.d/basic.conf
++ # remove resolvconf compat symlink
++ rm -f debian/install/*/sbin/resolvconf
++ifeq (, $(filter noudeb, $(DEB_BUILD_PROFILES)))
++ dh_install -pudev-udeb -plibudev1-udeb --sourcedir=debian/install/udeb
++endif
++
++ dh_install --remaining-packages --sourcedir=debian/install/deb
++
++ # we don't want /tmp to be a tmpfs by default
++ mv debian/systemd/lib/systemd/system/tmp.mount debian/systemd/usr/share/systemd/
++ printf '\n[Install]\nWantedBy=local-fs.target\n' >> debian/systemd/usr/share/systemd/tmp.mount
++ rm debian/systemd/lib/systemd/system/local-fs.target.wants/tmp.mount
++
++ # files shipped by cryptsetup
++ifeq (, $(filter stage1, $(DEB_BUILD_PROFILES)))
++ rm debian/systemd/usr/share/man/man5/crypttab.5
++endif
++
++ # files shipped by systemd
++ rm debian/udev/lib/udev/rules.d/70-uaccess.rules
++ rm debian/udev/lib/udev/rules.d/73-seat-late.rules
++ rm debian/udev/lib/udev/rules.d/71-seat.rules
++ rm debian/udev/lib/udev/rules.d/99-systemd.rules
++
++ # remove duplicate files shipped by systemd-*/udev
++ echo "Removing duplicate files in systemd package:"
++ set -e; for pkg in $(shell dh_listpackages -Nudev-udeb -Nlibudev1-udeb -Nsystemd); do \
++ echo "... from $$pkg..."; \
++ (cd debian/$$pkg; find -type f -o -type l) | (cd debian/systemd; xargs rm -f --verbose); \
++ (cd debian/$$pkg; find -mindepth 1 -type d | sort -r) | (cd debian/systemd; xargs rmdir --ignore-fail-on-non-empty --verbose || true); \
++ done
++
++ # Ubuntu specific files
++ifeq ($(DEB_VENDOR),Ubuntu)
++ install -D --mode=644 debian/extra/udev.py debian/udev/usr/share/apport/package-hooks/udev.py
++ install -D --mode=644 debian/extra/systemd.py debian/systemd/usr/share/apport/package-hooks/systemd.py
++ install --mode=644 debian/extra/rules-ubuntu/*.rules debian/udev/lib/udev/rules.d/
++ cp -a debian/extra/units-ubuntu/* debian/systemd/lib/systemd/system/
++ install --mode=755 debian/extra/set-cpufreq debian/systemd/lib/systemd/
++endif
++
++override_dh_missing:
++ dh_missing --sourcedir debian/install/deb $(DH_MISSING)
++
++override_dh_installinit:
++ dh_installinit --no-start
++
++PROJECT_VERSION ?= $(shell awk '/(PROJECT|PACKAGE)_VERSION/ {print $$3}' build-deb/config.h | tr -d \")
++
++# The SysV compat tools (which are symlinks to systemctl) are
++# quasi-essential, so add their dependencies to Pre-Depends
++# https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=753589
++override_dh_shlibdeps:
++ dh_shlibdeps -psystemd -- -dPre-Depends \
++ -edebian/systemd/bin/systemctl \
++ -dDepends
++ dh_shlibdeps --remaining-packages -Lsystemd
++
++override_dh_makeshlibs:
++ sed 's/SHARED_LIB_VERSION/$(PROJECT_VERSION)/' debian/shlibs.local.in > debian/shlibs.local
++ dh_makeshlibs -plibudev1 --add-udeb=libudev1-udeb -- -c$(GENSYMBOLS_LEVEL)
++ dh_makeshlibs -psystemd -Xlibsystemd-shared -- -c$(GENSYMBOLS_LEVEL)
++ dh_makeshlibs --remaining-packages -- -c$(GENSYMBOLS_LEVEL)
++
++override_dh_auto_test:
++ifeq (, $(filter nocheck, $(DEB_BUILD_OPTIONS)))
++ echo "01234567890123456789012345678901" > build-deb/machine-id
++ # some tests hang under fakeroot, so disable fakeroot
++ env -u LD_PRELOAD SYSTEMD_MACHINE_ID_PATH=$(CURDIR)/build-deb/machine-id meson test -C build-deb $(TEST_TIMEOUT_MULTIPLIER) || ( \
++ cat build-deb/meson-logs/testlog.txt; \
++ exit 1)
++endif
++
++%:
++ dh $@ --without autoreconf,systemd --buildsystem=meson
--- /dev/null
--- /dev/null
++udeb: libudev 1 libudev1-udeb
++libsystemd 0 libsystemd0 (= ${binary:Version})
++libsystemd-shared SHARED_LIB_VERSION systemd (= ${binary:Version})
--- /dev/null
--- /dev/null
++3.0 (quilt)
--- /dev/null
--- /dev/null
++bin/machinectl
++bin/portablectl
++lib/systemd/import-pubring.gpg
++lib/systemd/portable
++lib/systemd/systemd-machined
++lib/systemd/systemd-export
++lib/systemd/systemd-import*
++lib/systemd/systemd-portabled
++lib/systemd/systemd-pull
++lib/systemd/system/systemd-nspawn@.service
++lib/systemd/system/systemd-importd.service
++lib/systemd/system/systemd-machined.service
++lib/systemd/system/systemd-portabled.service
++lib/systemd/system/var-lib-machines.mount
++lib/systemd/system/machines.target
++lib/systemd/system/*.target.wants/var-lib-machines.mount
++lib/systemd/system/dbus-org.freedesktop.import1.service
++lib/systemd/system/dbus-org.freedesktop.machine1.service
++lib/systemd/system/dbus-org.freedesktop.portable1.service
++usr/bin/systemd-nspawn
++usr/lib/tmpfiles.d/portables.conf
++usr/lib/tmpfiles.d/systemd-nspawn.conf
++usr/share/dbus-1/system.d/org.freedesktop.import1.conf
++usr/share/dbus-1/system.d/org.freedesktop.machine1.conf
++usr/share/dbus-1/system.d/org.freedesktop.portable1.conf
++usr/share/dbus-1/system-services/org.freedesktop.import1.service
++usr/share/dbus-1/system-services/org.freedesktop.machine1.service
++usr/share/dbus-1/system-services/org.freedesktop.portable1.service
++usr/share/man/man*/*nspawn*
++usr/share/man/man*/machinectl*
++usr/share/man/man*/portablectl*
++usr/share/man/man*/systemd-machined*
++usr/share/man/man*/systemd-portabled*
++usr/share/polkit-1/actions/org.freedesktop.import1.policy
++usr/share/polkit-1/actions/org.freedesktop.machine1.policy
++usr/share/polkit-1/actions/org.freedesktop.portable1.policy
++usr/share/zsh/vendor-completions/_systemd-nspawn
++usr/share/zsh/vendor-completions/_sd_machines
++usr/share/zsh/vendor-completions/_machinectl
++usr/share/bash-completion/completions/machinectl
++usr/share/bash-completion/completions/portablectl
++usr/share/bash-completion/completions/systemd-nspawn
--- /dev/null
--- /dev/null
++rm_conffile /etc/dbus-1/system.d/org.freedesktop.import1.conf 233-3~
++rm_conffile /etc/dbus-1/system.d/org.freedesktop.machine1.conf 233-3~
--- /dev/null
--- /dev/null
++#!/bin/sh
++
++set -e
++
++# Enable machines.target by default on new installs
++if [ -z "$2" ]; then
++ systemctl enable machines.target || true
++fi
++
++#DEBHELPER#
--- /dev/null
--- /dev/null
++#!/bin/sh
++
++set -e
++
++case "$1" in
++ purge)
++ # clean up after manually enabled units in postinst
++ rm -f /etc/systemd/system/multi-user.target.wants/machines.target
++ ;;
++esac
++
++#DEBHELPER#
--- /dev/null
--- /dev/null
++usr/bin/coredumpctl
++lib/systemd/systemd-coredump
++lib/systemd/system/systemd-coredump*
++lib/systemd/system/*/systemd-coredump*
++usr/share/man/man1/coredumpctl*
++usr/share/man/man5/coredump.conf*
++usr/share/man/man8/systemd-coredump*
++usr/share/bash-completion/completions/coredumpctl
++usr/share/zsh/vendor-completions/_coredumpctl
++usr/lib/sysctl.d/50-coredump.conf
++etc/systemd/coredump.conf
--- /dev/null
--- /dev/null
++#!/bin/sh
++set -e
++
++if [ "$1" = configure ]; then
++ adduser --quiet --system --group --no-create-home --home /run/systemd \
++ --gecos "systemd core dump processing" systemd-coredump
++
++ # enable systemd-coredump right after package installation
++ if [ -d /run/systemd/system ]; then
++ systemctl daemon-reload && systemctl start systemd-coredump.socket || true
++ fi
++ /lib/systemd/systemd-sysctl /usr/lib/sysctl.d/50-coredump.conf || true
++fi
++
++#DEBHELPER#
--- /dev/null
--- /dev/null
++#!/bin/sh
++set -e
++
++if [ "$1" = remove ]; then
++ # disable systemd-coredump on removal
++ if [ -w /proc/sys/kernel/core_pattern ] && grep -q '^|.*systemd-coredump' /proc/sys/kernel/core_pattern; then
++ echo core > /proc/sys/kernel/core_pattern
++ fi
++ if [ -d /run/systemd/system ]; then
++ systemctl stop systemd-coredump.socket || true
++ fi
++fi
++
++#DEBHELPER#
--- /dev/null
--- /dev/null
++# systemd-journal-upload
++etc/systemd/journal-upload.conf
++lib/systemd/systemd-journal-upload
++lib/systemd/system/systemd-journal-upload.service
++usr/share/man/man5/journal-upload.conf.d.5
++usr/share/man/man5/journal-upload.conf.5
++usr/share/man/man8/systemd-journal-upload.8
++usr/share/man/man8/systemd-journal-upload.service.8
++
++# systemd-journal-remote
++etc/systemd/journal-remote.conf
++lib/systemd/systemd-journal-remote
++lib/systemd/system/systemd-journal-remote.service
++lib/systemd/system/systemd-journal-remote.socket
++usr/lib/sysusers.d/systemd-remote.conf
++usr/share/man/man5/journal-remote.conf.d.5
++usr/share/man/man5/journal-remote.conf.5
++usr/share/man/man8/systemd-journal-remote.service.8
++usr/share/man/man8/systemd-journal-remote.socket.8
++usr/share/man/man8/systemd-journal-remote.8
++
++# systemd-journal-gatewayd
++lib/systemd/systemd-journal-gatewayd
++lib/systemd/system/systemd-journal-gatewayd.service
++lib/systemd/system/systemd-journal-gatewayd.socket
++usr/share/systemd/gatewayd/
++usr/share/man/man8/systemd-journal-gatewayd.service.8
++usr/share/man/man8/systemd-journal-gatewayd.socket.8
++usr/share/man/man8/systemd-journal-gatewayd.8
--- /dev/null
--- /dev/null
++#!/bin/sh
++
++set -e
++
++adduser --quiet --system \
++ --home /run/systemd --no-create-home \
++ --gecos "systemd Journal Remote" \
++ --group systemd-journal-remote
++
++#DEBHELPER#
--- /dev/null
--- /dev/null
++usr/share/man/man1/init.1
++usr/share/man/man8/telinit.8
++usr/share/man/man8/runlevel.8
++usr/share/man/man8/shutdown.8
++usr/share/man/man8/poweroff.8
++usr/share/man/man8/reboot.8
++usr/share/man/man8/halt.8
++sbin/init
++sbin/telinit
++sbin/runlevel
++sbin/shutdown
++sbin/poweroff
++sbin/reboot
++sbin/halt
--- /dev/null
--- /dev/null
++#!/bin/sh
++set -e
++
++# update grub on first install, so that the alternative init system boot
++# entries get updated
++if [ "$1" = configure ] && [ -z "$2" ] && [ -e /boot/grub/grub.cfg ] && which update-grub >/dev/null 2>&1; then
++ update-grub || true
++fi
++
++#DEBHELPER#
--- /dev/null
--- /dev/null
++usr/lib/systemd/tests
--- /dev/null
--- /dev/null
++# test programs only, need to link against internal library
++systemd-tests: binary-or-shlib-defines-rpath usr/lib/systemd/tests/*
--- /dev/null
--- /dev/null
++systemd (236-1) unstable; urgency=medium
++
++ DynamicUser=yes has been enabled for systemd-journal-upload.service and
++ systemd-journal-gatewayd.service.
++ This means we no longer need to statically allocate a systemd-journal-upload
++ and systemd-journal-gateway user and you can now safely remove those system
++ users along with their associated groups.
++
++ -- Michael Biebl <biebl@debian.org> Sun, 17 Dec 2017 21:17:32 +0100
++
++systemd (231-1) unstable; urgency=low
++
++ This version drops support for running /etc/rcS.d SysV init scripts.
++ These are prone to cause dependency loops, and almost all Debian packages
++ with rcS scripts now ship a native systemd service. If you have custom or
++ third-party rcS scripts you need to convert them or change them to run
++ in rc2.d/ - rc5.d/; see this page for details:
++ <https://wiki.debian.org/Teams/pkg-systemd/rcSMigration>.
++
++ -- Martin Pitt <mpitt@debian.org> Thu, 14 Jul 2016 12:54:34 +0200
++
++systemd (224-2) unstable; urgency=medium
++
++ This version splits out systemd-nspawn, systemd-machined, and machinectl
++ into the new "systemd-container" package. That now also enables
++ systemd-importd.
++
++ -- Martin Pitt <mpitt@debian.org> Sat, 22 Aug 2015 15:58:43 +0200
--- /dev/null
--- /dev/null
++package-status: udev dracut initramfs-tools
--- /dev/null
--- /dev/null
++#!/bin/bash
++
++cat <<EOF
++
++Providing additional information can help diagnose problems with systemd.
++Specifically, this would include:
++- fstab configuration (copy of /etc/fstab).
++- local modifications of unit files (output of systemd-delta).
++- state of running services and units (output of systemd-analyze dump).
++- enabled/disabled state of installed services.
++If this information is not relevant for your bug report or you have privacy
++concerns, please choose no.
++
++EOF
++
++yesno "Do you want to provide additional information [Y|n]? " yep
++[ "$REPLY" = yep ] || exit 0
++
++# We don’t clean up this directory because there is no way to know when
++# reportbug finished running, and reportbug needs the files around.
++# Given that those are just a couple of kilobytes in size and people
++# generally don’t file a lot of bugs, I don’t think it’s a big deal.
++DIR=$(mktemp -d)
++
++echo "-- BEGIN ATTACHMENTS --" >&3
++
++# remove highlighting escape codes from systemd-delta output
++systemd-delta --no-pager 2>&1 |sed "s%\x1b[^m]*m%%g" >$DIR/systemd-delta.txt
++echo "$DIR/systemd-delta.txt" >&3
++
++if [ -d /run/systemd/system ]; then
++ systemd-analyze --no-pager dump >$DIR/systemd-analyze-dump.txt 2>&1
++ echo "$DIR/systemd-analyze-dump.txt" >&3
++fi
++
++if [ -d /var/lib/systemd/deb-systemd-helper-enabled ]; then
++ head -n100 $(find /var/lib/systemd/deb-systemd-helper-enabled -type f | tr '\n' ' ') >$DIR/dsh-enabled.txt
++ echo "$DIR/dsh-enabled.txt" >&3
++fi
++
++echo "/etc/fstab" >&3
++
++echo "-- END ATTACHMENTS --" >&3
--- /dev/null
--- /dev/null
++var/lib/systemd
--- /dev/null
--- /dev/null
++etc/
++bin/systemctl
++bin/journalctl
++bin/loginctl
++bin/machinectl
++bin/networkctl
++bin/systemd-notify
++bin/systemd-tty-ask-password-agent
++bin/systemd-ask-password
++bin/systemd-machine-id-setup
++bin/systemd-tmpfiles
++bin/systemd-inhibit
++bin/systemd-escape
++bin/systemd-sysusers
++lib/modprobe.d/
++lib/systemd/
++lib/udev/rules.d/70-uaccess.rules
++lib/udev/rules.d/73-seat-late.rules
++lib/udev/rules.d/71-seat.rules
++lib/udev/rules.d/99-systemd.rules
++usr/bin/systemd-cgls
++usr/bin/systemd-cgtop
++usr/bin/systemd-nspawn
++usr/bin/systemd-stdio-bridge
++usr/bin/systemd-analyze
++usr/bin/systemd-cat
++usr/bin/systemd-detect-virt
++usr/bin/systemd-delta
++usr/bin/systemd-run
++usr/bin/systemd-path
++usr/bin/systemd-socket-activate
++usr/bin/systemd-mount
++usr/bin/systemd-umount
++usr/bin/systemd-id128
++usr/bin/kernel-install
++usr/bin/bootctl
++usr/bin/busctl
++usr/bin/timedatectl
++usr/bin/localectl
++usr/bin/hostnamectl
++usr/bin/resolvectl
++usr/bin/systemd-resolve
++usr/share/man/man1/
++usr/share/man/man5/
++usr/share/man/man7/
++usr/share/man/man8/
++usr/share/bash-completion/
++usr/share/zsh/vendor-completions/
++usr/share/dbus-1/
++usr/share/doc/
++usr/share/pkgconfig/systemd.pc
++usr/share/polkit-1/
++usr/share/systemd/kbd-model-map
++usr/share/systemd/language-fallback-map
++usr/lib/binfmt.d/
++usr/lib/environment.d/
++usr/lib/modules-load.d/
++usr/lib/sysctl.d/
++usr/lib/sysusers.d/basic.conf
++usr/lib/sysusers.d/systemd.conf
++usr/lib/systemd/
++usr/lib/tmpfiles.d/
++usr/lib/kernel
++usr/share/locale/
++var/lib
++../../extra/init-functions.d lib/lsb/
++../../extra/tmpfiles.d/*.conf usr/lib/tmpfiles.d/
++../../extra/systemd-sysv-install lib/systemd/
++../../extra/units/* lib/systemd/system/
++../../extra/dhclient-exit-hooks.d/ etc/dhcp/
++../../extra/kernel-install.d/* usr/lib/kernel/install.d
++../../extra/pam.d etc/
--- /dev/null
--- /dev/null
++# These are all services which have native implementations
++# So we mask them by linking against /dev/null or create an alias
++/lib/systemd/system/systemd-sysctl.service /lib/systemd/system/procps.service
++
++/lib/systemd/system/systemd-modules-load.service /lib/systemd/system/kmod.service
++/etc/modules /etc/modules-load.d/modules.conf
++
++# X server and ICE socket directories are created by /usr/lib/tmpfiles.d/x11.conf
++/dev/null /lib/systemd/system/x11-common.service
++
++# Don't set the hwclock, as the kernel does that on its own when using NTP
++# Without NTP, we shouldn't store the time either
++# https://github.com/systemd/systemd/commit/da2617378523e007ec0c6efe99d0cebb2be994e1
++/dev/null /lib/systemd/system/hwclock.service
++
++# We use the built-in cryptsetup support
++/dev/null /lib/systemd/system/cryptdisks.service
++/dev/null /lib/systemd/system/cryptdisks-early.service
++
++# Those services are useless under systemd. Mask them so they can't
++# be run manually by accident.
++/dev/null /lib/systemd/system/rc.service
++/dev/null /lib/systemd/system/rcS.service
++
++# Enable Debian specific units
++/lib/systemd/system/getty-static.service /lib/systemd/system/getty.target.wants/getty-static.service
++
++# Compat symlink
++/lib/systemd/systemd /bin/systemd
++
++# Create a compat symlink as systemd-sysctl no longer reads /etc/sysctl.conf
++/etc/sysctl.conf /etc/sysctl.d/99-sysctl.conf
--- /dev/null
--- /dev/null
++systemd: maintainer-script-calls-systemctl
--- /dev/null
--- /dev/null
++rm_conffile /etc/dbus-1/system.d/org.freedesktop.hostname1.conf 233-3~
++rm_conffile /etc/dbus-1/system.d/org.freedesktop.locale1.conf 233-3~
++rm_conffile /etc/dbus-1/system.d/org.freedesktop.login1.conf 233-3~
++rm_conffile /etc/dbus-1/system.d/org.freedesktop.machine1.conf 228-5~
++rm_conffile /etc/dbus-1/system.d/org.freedesktop.network1.conf 233-3~
++rm_conffile /etc/dbus-1/system.d/org.freedesktop.resolve1.conf 233-3~
++rm_conffile /etc/dbus-1/system.d/org.freedesktop.systemd1.conf 233-3~
++rm_conffile /etc/dbus-1/system.d/org.freedesktop.timedate1.conf 233-3~
++rm_conffile /etc/dbus-1/system.d/org.freedesktop.systemd-shim.conf 239-15~ systemd-shim
--- /dev/null
--- /dev/null
++#! /bin/sh
++
++set -e
++
++_systemctl() {
++ if [ -d /run/systemd/system ]; then
++ systemctl "$@"
++ fi
++}
++
++_update_catalog() {
++ journalctl --update-catalog || true
++}
++
++# Update Message Catalogs database and reload in response to dpkg triggers
++if [ "$1" = "triggered" ]; then
++ shift
++ for trigger in "$@"; do
++ case $trigger in
++ /usr/lib/systemd/catalog)
++ _update_catalog
++ ;;
++ /etc/init.d)
++ _systemctl daemon-reload || true
++ ;;
++ esac
++ done
++ exit 0
++fi
++
++# Enable getty, remote-fs.target and timesyncd by default on new installs
++if [ -z "$2" ]; then
++ systemctl enable getty@tty1.service || true
++ systemctl enable remote-fs.target || true
++ systemctl enable systemd-timesyncd.service || true
++fi
++
++# Enable ondemand by default on new installs
++if [ -e /lib/systemd/system/ondemand.service ] && [ -z "$2" ]; then
++ systemctl enable ondemand.service || true
++fi
++
++# Do a one-time migration of the local time setting
++if [ -z "$2" ]; then
++ if [ -f /etc/default/rcS ]; then
++ . /etc/default/rcS
++ fi
++ if [ "$UTC" = "no" ] && [ ! -e /etc/adjtime ]; then
++ printf "0.0 0 0.0\n0\nLOCAL\n" > /etc/adjtime
++ fi
++fi
++
++# Do a one-time migration of the TMPTIME setting
++if [ -z "$2" ]; then
++ if [ -f /etc/default/rcS ]; then
++ . /etc/default/rcS
++ fi
++ if [ ! -e /etc/tmpfiles.d/tmp.conf ]; then
++ case "$TMPTIME" in
++ -*|infinite|infinity)
++ cat > /etc/tmpfiles.d/tmp.conf <<EOF
++# Avoid clearing /tmp by shipping an empty /etc/tmpfiles.d/tmp.conf file
++# which overrides /usr/lib/tmpfiles.d/tmp.conf.
++# This file was automatically created because of local modifications in
++# /etc/default/rcS where TMPTIME was set to infinite.
++EOF
++ ;;
++ esac
++ fi
++fi
++
++# Do a one-time migration of the RAMTMP setting
++if [ -z "$2" ]; then
++ if [ -f /etc/default/rcS ]; then
++ . /etc/default/rcS
++ fi
++ if [ -f /etc/default/tmpfs ]; then
++ . /etc/default/tmpfs
++ fi
++ if [ "$RAMTMP" = "yes" ]; then
++ # systemctl enable will work even when systemd is not the active PID 1.
++ if [ ! -e /etc/systemd/system/tmp.mount ]; then
++ cp /usr/share/systemd/tmp.mount /etc/systemd/system/tmp.mount
++ systemctl enable tmp.mount || true
++ fi
++ fi
++fi
++
++# Create /etc/machine-id
++systemd-machine-id-setup
++
++# Setup system users and groups
++addgroup --quiet --system systemd-journal
++
++# We need to stop running services before we call adduser
++RESTART=""
++if dpkg --compare-versions "$2" lt-nl "239-6"; then
++ for s in systemd-networkd systemd-timesyncd systemd-resolved ; do
++ if _systemctl -q is-active $s; then
++ _systemctl stop $s
++ RESTART="$s $RESTART"
++ fi
++ done
++fi
++
++adduser --quiet --system --group --no-create-home --home /run/systemd \
++ --gecos "systemd Time Synchronization" systemd-timesync
++adduser --quiet --system --group --no-create-home --home /run/systemd \
++ --gecos "systemd Network Management" systemd-network
++adduser --quiet --system --group --no-create-home --home /run/systemd \
++ --gecos "systemd Resolver" systemd-resolve
++
++# Remove old state directory of systemd-timesyncd
++if dpkg --compare-versions "$2" lt-nl "240-3~"; then
++ if [ -L /var/lib/systemd/timesync ] ; then
++ rm /var/lib/systemd/timesync
++ rm -rf /var/lib/private/systemd/timesync
++ fi
++fi
++
++# Initial update of the Message Catalogs database
++_update_catalog
++
++if [ -n "$2" ]; then
++ _systemctl daemon-reexec || true
++ # don't restart logind; this can be done again once this gets implemented:
++ # https://github.com/systemd/systemd/issues/1163
++ _systemctl try-restart systemd-networkd.service || true
++ _systemctl try-restart systemd-resolved.service || true
++ _systemctl try-restart systemd-timesyncd.service || true
++ _systemctl try-restart systemd-journald.service || true
++fi
++
++# Restart services which we stopped earlier
++# This needs to run after daemon-rexec
++if dpkg --compare-versions "$2" lt-nl "239-6"; then
++ for s in $RESTART ; do
++ _systemctl start $s
++ done
++fi
++
++if dpkg --compare-versions "$2" lt-nl "235-3~"; then
++ # systemd-bus-proxyd got dropped before stretch, and never created any file
++ deluser --system systemd-bus-proxy || true
++fi
++
++if dpkg --compare-versions "$2" lt-nl "236-1~"; then
++ # Clean up old /var/lib/systemd/clock on upgrade.
++ # The clock file used by systemd-timesyncd is now stored in
++ # StateDirectory=systemd/timesync.
++ rm -f /var/lib/systemd/clock
++fi
++
++if dpkg --compare-versions "$2" lt-nl "239-12~"; then
++ # clean up bogus "nobody" group from #912525; ensure that it's a system group
++ if getent group nobody >/dev/null; then
++ delgroup --system nobody || true
++ fi
++fi
++
++#DEBHELPER#
--- /dev/null
--- /dev/null
++#!/bin/sh
++
++set -e
++
++case "$1" in
++ purge)
++ # clean up after manually enabled units in postinst
++ rm -f /etc/systemd/system/getty.target.wants/getty@tty1.service
++ rm -f /etc/systemd/system/multi-user.target.wants/remote-fs.target
++ rm -f /etc/systemd/system/sysinit.target.wants/systemd-timesyncd.service
++ rm -f /etc/systemd/system/dbus-org.freedesktop.timesync1.service
++ rmdir --ignore-fail-on-non-empty /etc/systemd/system/getty.target.wants 2> /dev/null || true
++ rmdir --ignore-fail-on-non-empty /etc/systemd/system/multi-user.target.wants 2> /dev/null || true
++ rmdir --ignore-fail-on-non-empty /etc/systemd/system/sysinit.target.wants 2> /dev/null || true
++
++ rm -f /var/lib/systemd/catalog/database
++ rmdir --ignore-fail-on-non-empty /var/lib/systemd/catalog 2> /dev/null || true
++
++ rm -rf /var/lib/systemd/backlight/
++ rm -rf /var/lib/systemd/rfkill/
++
++ rm -f /var/lib/systemd/clock
++ rm -f /var/lib/systemd/random-seed
++ ;;
++esac
++
++#DEBHELPER#
--- /dev/null
--- /dev/null
++#! /bin/sh
++
++set -e
++
++#
++# Prevent systemd from being removed if it's the active init. That
++# will not work.
++#
++
++if [ "$1" = "remove" ] && [ -d /run/systemd/system ]; then
++ echo "systemd is the active init system, please switch to another before removing systemd."
++ exit 1
++fi
++
++#DEBHELPER#
--- /dev/null
--- /dev/null
++interest-noawait /usr/lib/systemd/catalog
++interest-noawait /etc/init.d
--- /dev/null
--- /dev/null
++# utility functions for shell tests
++
++assert_true() {
++ if ! $1; then
++ echo "FAIL: command '$1' failed with exit code $?" >&2
++ exit 1
++ fi
++}
++
++
++assert_eq() {
++ if [ "$1" != "$2" ]; then
++ echo "FAIL: expected: '$2' actual: '$1'" >&2
++ exit 1
++ fi
++}
++
++assert_in() {
++ if ! echo "$2" | grep -q "$1"; then
++ echo "FAIL: '$1' not found in:" >&2
++ echo "$2" >&2
++ exit 1
++ fi
++}
++
++assert_rc() {
++ local exp=$1
++ shift
++ set +e
++ $@
++ RC=$?
++ set -e
++ assert_eq $RC $exp
++}
--- /dev/null
--- /dev/null
++#!/usr/bin/python3
++# autopkgtest check: Boot with systemd and check critical desktop services
++# (C) 2014 Canonical Ltd.
++# Author: Martin Pitt <martin.pitt@ubuntu.com>
++
++import sys
++import os
++import unittest
++import subprocess
++import tempfile
++import shutil
++import time
++import re
++from glob import glob
++
++is_container = subprocess.call(['systemd-detect-virt', '--container']) == 0
++
++
++def wait_unit_stop(unit, timeout=10):
++ '''Wait until given unit is not running any more
++
++ Raise RuntimeError on timeout.
++ '''
++ for i in range(timeout):
++ if subprocess.call(['systemctl', 'is-active', '--quiet', unit]) != 0:
++ return
++ time.sleep(1)
++
++ raise RuntimeError('Timed out waiting for %s to stop' % unit)
++
++
++class ServicesTest(unittest.TestCase):
++ '''Check that expected services are running'''
++
++ def test_0_init(self):
++ '''Verify that init is systemd'''
++
++ self.assertIn('systemd', os.readlink('/proc/1/exe'))
++
++ def test_no_failed(self):
++ '''No failed units'''
++
++ out = subprocess.check_output(['systemctl', '--state=failed', '--no-legend'],
++ universal_newlines=True)
++ failed = out.splitlines()
++ # ignore /etc/modules failure as stuff that we put there by default
++ # often fails
++ failed = [f for f in failed if 'systemd-modules-load' not in f]
++ # apparmor fails if not enabled in the kernel
++ if not os.path.exists('/sys/kernel/security/apparmor'):
++ failed = [f for f in failed if 'apparmor.service' not in f]
++ # ignore thermald as it doesn't start in most virtual envs
++ failed = [f for f in failed if 'thermald' not in f]
++ # console-setup.service fails on devices without keyboard (LP: #1516591)
++ failed = [f for f in failed if 'console-setup' not in f]
++ # cpi.service fails on s390x
++ failed = [f for f in failed if 'cpi.service' not in f]
++ # https://bugs.debian.org/926138
++ if is_container:
++ failed = [f for f in failed if 'e2scrub_reap.service' not in f]
++ if failed:
++ for f in failed:
++ f = f.split()[0]
++ print('-------- journal for failed service %s -----------' % f)
++ sys.stdout.flush()
++ subprocess.call(['journalctl', '-b', '-u', f])
++ self.assertEqual(failed, [])
++
++ @unittest.skipUnless(shutil.which('gdm3') is not None, 'gdm3 not found')
++ def test_gdm3(self):
++ subprocess.check_call(['pgrep', '-af', '/gdm[-3]'])
++ self.active_unit('gdm')
++
++ def test_dbus(self):
++ out = subprocess.check_output(
++ ['dbus-send', '--print-reply', '--system',
++ '--dest=org.freedesktop.DBus', '/', 'org.freedesktop.DBus.GetId'])
++ self.assertIn(b'string "', out)
++ self.active_unit('dbus')
++
++ def test_network_manager(self):
++ # 0.9.10 changed the command name
++ _help = subprocess.check_output(['nmcli', '--help'],
++ stderr=subprocess.STDOUT)
++ if b' g[eneral]' in _help:
++ out = subprocess.check_output(['nmcli', 'general'])
++ else:
++ out = subprocess.check_output(['nmcli', 'nm'])
++ self.assertIn(b'enabled', out)
++ self.active_unit('network-manager')
++
++ def test_cron(self):
++ out = subprocess.check_output(['ps', 'u', '-C', 'cron'])
++ self.assertIn(b'root', out)
++ self.active_unit('cron')
++
++ def test_logind(self):
++ out = subprocess.check_output(['loginctl'])
++ self.assertNotEqual(b'', out)
++ self.active_unit('systemd-logind')
++
++ @unittest.skipIf('TEST_UPSTREAM' in os.environ,
++ 'Forwarding to rsyslog is a Debian patch')
++ def test_rsyslog(self):
++ out = subprocess.check_output(['ps', 'u', '-C', 'rsyslogd'])
++ self.assertIn(b'bin/rsyslogd', out)
++ self.active_unit('rsyslog')
++ with open('/var/log/syslog') as f:
++ log = f.read()
++ if not is_container:
++ # has kernel messages
++ self.assertRegex(log, 'kernel:.*')
++ # has init messages
++ self.assertRegex(log, 'systemd.*Reached target Graphical Interface')
++ # has other services
++ self.assertRegex(log, 'NetworkManager.*:')
++
++ @unittest.skipIf(is_container, 'udev does not work in containers')
++ def test_udev(self):
++ out = subprocess.check_output(['udevadm', 'info', '--export-db'])
++ self.assertIn(b'\nP: /devices/', out)
++ self.active_unit('systemd-udevd')
++
++ def test_tmp_mount(self):
++ # check if we want to mount /tmp in fstab
++ want_tmp_mount = False
++ with open('/etc/fstab') as f:
++ for l in f:
++ try:
++ if not l.startswith('#') and l.split()[1] in ('/tmp', '/tmp/'):
++ want_tmp_mount = True
++ break
++ except IndexError:
++ pass
++
++ # ensure that we actually do/don't have a /tmp mount
++ (status, status_out) = subprocess.getstatusoutput('systemctl status tmp.mount')
++ findmnt = subprocess.call(['findmnt', '-n', '/tmp'], stdout=subprocess.PIPE)
++ if want_tmp_mount:
++ self.assertEqual(status, 0, status_out)
++ self.assertEqual(findmnt, 0)
++ else:
++ # 4 is correct (since upstream commit ca473d57), accept 3 for systemd <= 230
++ self.assertIn(status, [3, 4], status_out)
++ self.assertNotEqual(findmnt, 0)
++
++ @unittest.skipIf('TEST_UPSTREAM' in os.environ,
++ 'Debian specific configuration, N/A for upstream')
++ def test_tmp_cleanup(self):
++ # systemd-tmpfiles-clean.timer only runs 15 mins after boot, shortcut
++ # it
++ self.assertEqual(subprocess.call(
++ ['systemctl', 'status', 'systemd-tmpfiles-clean.timer'],
++ stdout=subprocess.PIPE), 0)
++ subprocess.check_call(['systemctl', 'start', 'systemd-tmpfiles-clean'])
++ if not is_container:
++ # all files in /tmp/ should get cleaned up on boot
++ self.assertFalse(os.path.exists('/tmp/oldfile.test'))
++ self.assertFalse(os.path.exists('/tmp/newfile.test'))
++ # files in /var/tmp/ older than 30d should get cleaned up
++ # XXX FIXME: /var/tmp/ cleanup was disabled in #675422
++ # if not is_container:
++ # self.assertFalse(os.path.exists('/var/tmp/oldfile.test'))
++ self.assertTrue(os.path.exists('/var/tmp/newfile.test'))
++
++ # next run should leave the recent ones
++ os.close(os.open('/tmp/newfile.test',
++ os.O_CREAT | os.O_EXCL | os.O_WRONLY))
++ subprocess.check_call(['systemctl', 'start', 'systemd-tmpfiles-clean'])
++ wait_unit_stop('systemd-tmpfiles-clean')
++ self.assertTrue(os.path.exists('/tmp/newfile.test'))
++
++ # Helper methods
++
++ def active_unit(self, unit):
++ '''Check that given unit is active'''
++
++ out = subprocess.check_output(['systemctl', 'status', unit])
++ self.assertIn(b'active (running)', out)
++
++
++class JournalTest(unittest.TestCase):
++ '''Check journal functionality'''
++
++ def test_no_options(self):
++ out = subprocess.check_output(['journalctl'])
++ if not is_container:
++ # has kernel messages
++ self.assertRegex(out, b'kernel:.*')
++ # has init messages
++ self.assertRegex(out, b'systemd.*Reached target Graphical Interface')
++ # has other services
++ self.assertRegex(out, b'NetworkManager.*:.*starting')
++
++ def test_log_for_service(self):
++ out = subprocess.check_output(
++ ['journalctl', '_SYSTEMD_UNIT=NetworkManager.service'])
++ self.assertRegex(out, b'NetworkManager.*:.*starting')
++ self.assertNotIn(b'kernel:', out)
++ self.assertNotIn(b'systemd:', out)
++
++
++@unittest.skipIf(is_container, 'nspawn does not work in most containers')
++class NspawnTest(unittest.TestCase):
++ '''Check nspawn'''
++
++ @classmethod
++ def setUpClass(kls):
++ '''Build a bootable busybox mini-container'''
++
++ kls.td_c_busybox = tempfile.TemporaryDirectory(prefix='c_busybox.')
++ kls.c_busybox = kls.td_c_busybox.name
++ for d in ['etc/init.d', 'bin', 'sbin']:
++ os.makedirs(os.path.join(kls.c_busybox, d))
++ shutil.copy('/bin/busybox', os.path.join(kls.c_busybox, 'bin'))
++ shutil.copy('/etc/os-release', os.path.join(kls.c_busybox, 'etc'))
++ os.symlink('busybox', os.path.join(kls.c_busybox, 'bin', 'sh'))
++ os.symlink('../bin/busybox', os.path.join(kls.c_busybox, 'sbin/init'))
++ with open(os.path.join(kls.c_busybox, 'etc/init.d/rcS'), 'w') as f:
++ f.write('''#!/bin/sh
++echo fake container started
++ps aux
++poweroff\n''')
++ os.fchmod(f.fileno(), 0o755)
++ subprocess.check_call(['systemd-machine-id-setup', '--root',
++ kls.c_busybox], stderr=subprocess.PIPE)
++
++ def setUp(self):
++ self.workdir = tempfile.TemporaryDirectory()
++
++ def test_boot(self):
++ cont = os.path.join(self.workdir.name, 'c1')
++ shutil.copytree(self.c_busybox, cont, symlinks=True)
++ os.sync()
++ nspawn = subprocess.Popen(['systemd-nspawn', '-D', cont, '-b'],
++ stdout=subprocess.PIPE, stderr=subprocess.STDOUT)
++ out = nspawn.communicate(timeout=60)[0]
++ self.assertIn(b'Spawning container c1', out)
++ self.assertIn(b'fake container started', out)
++ self.assertRegex(out, b'\n\s+1\s+0\s+init[\r\n]')
++ self.assertRegex(out, b'\n\s+2+\s+0\s.*rcS[\r\n]')
++ self.assertRegex(out, b'Container c1.*shut down')
++ self.assertEqual(nspawn.returncode, 0)
++
++ def test_service(self):
++ self.assertTrue(os.path.isdir('/var/lib/machines'))
++ cont = '/var/lib/machines/c1'
++ shutil.copytree(self.c_busybox, cont, symlinks=True)
++ self.addCleanup(shutil.rmtree, cont)
++ os.sync()
++ subprocess.check_call(['systemctl', 'start', 'systemd-nspawn@c1'])
++ wait_unit_stop('systemd-nspawn@c1')
++
++ subprocess.call(['journalctl', '--sync'])
++ systemctl = subprocess.Popen(
++ ['systemctl', 'status', '-overbose', '-l', 'systemd-nspawn@c1'],
++ stdout=subprocess.PIPE)
++ out = systemctl.communicate()[0].decode('UTF-8', 'replace')
++ self.assertEqual(systemctl.returncode, 3, out)
++ self.assertNotIn('failed', out)
++
++
++@unittest.skipUnless(os.path.exists('/sys/kernel/security/apparmor'),
++ 'AppArmor not enabled')
++class AppArmorTest(unittest.TestCase):
++ def test_profile(self):
++ '''AppArmor confined unit'''
++
++ # create AppArmor profile
++ aa_profile = tempfile.NamedTemporaryFile(prefix='aa_violator.')
++ aa_profile.write(b'''#include <tunables/global>
++
++profile "violator-test" {
++ #include <abstractions/base>
++
++ /{usr/,}bin/** rix,
++ /etc/machine-id r,
++}
++''')
++ aa_profile.flush()
++ subprocess.check_call(['apparmor_parser', '-r', '-v', aa_profile.name])
++
++ # create confined unit
++ with open('/run/systemd/system/violator.service', 'w') as f:
++ f.write('''[Unit]
++Description=AppArmor test
++
++[Service]
++ExecStart=/bin/sh -euc 'echo CP1; cat /etc/machine-id; echo CP2; if cat /etc/passwd; then exit 1; fi; echo CP3'
++AppArmorProfile=violator-test
++''')
++ self.addCleanup(os.unlink, '/run/systemd/system/violator.service')
++
++ # launch
++ subprocess.check_call(['systemctl', 'daemon-reload'])
++ subprocess.check_call(['systemctl', 'start', 'violator.service'])
++ wait_unit_stop('violator.service')
++
++ # check status
++ st = subprocess.Popen(['systemctl', 'status', '-l',
++ 'violator.service'], stdout=subprocess.PIPE,
++ universal_newlines=True)
++ out = st.communicate()[0]
++ # unit should be stopped
++ self.assertEqual(st.returncode, 3)
++
++ self.assertIn('inactive', out)
++ self.assertIn('CP1', out)
++ self.assertIn('CP2', out)
++ self.assertIn('CP3', out)
++ with open('/etc/machine-id') as f:
++ self.assertIn(f.read().strip(), out)
++ self.assertNotIn('root:x', out, 'unit can read /etc/passwd')
++
++
++@unittest.skipIf(os.path.exists('/sys/fs/cgroup/cgroup.controllers'),
++ 'test needs to be reworked on unified cgroup hierarchy')
++class CgroupsTest(unittest.TestCase):
++ '''Check cgroup setup'''
++
++ @classmethod
++ def setUpClass(kls):
++ kls.controllers = []
++ for controller in glob('/sys/fs/cgroup/*'):
++ if not os.path.islink(controller):
++ kls.controllers.append(controller)
++
++ def setUp(self):
++ self.service = 'testsrv.service'
++ self.service_file = '/run/systemd/system/' + self.service
++
++ def tearDown(self):
++ subprocess.call(['systemctl', 'stop', self.service],
++ stderr=subprocess.PIPE)
++ try:
++ os.unlink(self.service_file)
++ except OSError:
++ pass
++ subprocess.check_call(['systemctl', 'daemon-reload'])
++
++ def create_service(self, extra_service=''):
++ '''Create test service unit'''
++
++ with open(self.service_file, 'w') as f:
++ f.write('''[Unit]
++Description=test service
++[Service]
++ExecStart=/bin/sleep 500
++%s
++''' % extra_service)
++ subprocess.check_call(['systemctl', 'daemon-reload'])
++
++ def assertNoControllers(self):
++ '''Assert that no cgroup controllers exist for test service'''
++
++ cs = glob('/sys/fs/cgroup/*/system.slice/%s' % self.service)
++ self.assertEqual(cs, [])
++
++ def assertController(self, name):
++ '''Assert that cgroup controller exists for test service'''
++
++ c = '/sys/fs/cgroup/%s/system.slice/%s' % (name, self.service)
++ self.assertTrue(os.path.isdir(c))
++
++ def assertNoController(self, name):
++ '''Assert that cgroup controller does not exist for test service'''
++
++ c = '/sys/fs/cgroup/%s/system.slice/%s' % (name, self.service)
++ self.assertFalse(os.path.isdir(c))
++
++ def test_simple(self):
++ '''simple service'''
++
++ self.create_service()
++ self.assertNoControllers()
++ subprocess.check_call(['systemctl', 'start', self.service])
++ self.assertController('systemd')
++ subprocess.check_call(['systemctl', 'stop', self.service])
++ self.assertNoControllers()
++
++ def test_cpushares(self):
++ '''service with CPUShares'''
++
++ self.create_service('CPUShares=1000')
++ self.assertNoControllers()
++ subprocess.check_call(['systemctl', 'start', self.service])
++ self.assertController('systemd')
++ self.assertController('cpu,cpuacct')
++ subprocess.check_call(['systemctl', 'stop', self.service])
++ self.assertNoControllers()
++
++
++class SeccompTest(unittest.TestCase):
++ '''Check seccomp syscall filtering'''
++
++ def test_failing(self):
++ with open('/run/systemd/system/scfail.service', 'w') as f:
++ f.write('''[Unit]
++Description=seccomp test
++[Service]
++ExecStart=/bin/cat /etc/machine-id
++SystemCallFilter=access
++''')
++ self.addCleanup(os.unlink, '/run/systemd/system/scfail.service')
++
++ # launch
++ subprocess.check_call(['systemctl', 'daemon-reload'])
++ subprocess.check_call(['systemctl', 'start', 'scfail.service'])
++ wait_unit_stop('scfail.service')
++
++ # check status
++ st = subprocess.Popen(['systemctl', 'status', '-l',
++ 'scfail.service'], stdout=subprocess.PIPE)
++ out = st.communicate()[0]
++ # unit should be stopped
++ self.assertEqual(st.returncode, 3)
++
++ subprocess.check_call(['systemctl', 'reset-failed', 'scfail.service'])
++
++ self.assertIn(b'failed', out)
++ self.assertRegex(out, b'code=(killed|dumped), signal=SYS')
++ with open('/etc/machine-id') as f:
++ self.assertNotIn(f.read().strip().encode('ASCII'), out)
++
++
++@unittest.skipIf(is_container, 'systemd-coredump does not work in containers')
++class CoredumpTest(unittest.TestCase):
++ '''Check systemd-coredump'''
++
++ def test_bash_crash(self):
++ subprocess.call("ulimit -c unlimited; bash -c 'kill -SEGV $$'", shell=True,
++ cwd='/tmp', stderr=subprocess.DEVNULL)
++
++ # with systemd-coredump installed we should get the core dumps in
++ # systemd's dir
++ for timeout in range(50):
++ cores = glob('/var/lib/systemd/coredump/core.bash.*')
++ if cores:
++ break
++ time.sleep(1)
++ self.assertNotEqual(cores, [])
++ self.assertEqual(glob('/tmp/core*'), [])
++
++ # we should also get a message and stack trace in journal
++ for timeout in range(10):
++ subprocess.call(['journalctl', '--sync'])
++ journal = subprocess.check_output(['journalctl', '-t', 'systemd-coredump'])
++ if re.search(b'Process.*bash.*dumped core', journal) and \
++ re.search(b'#[0-9] .*bash', journal):
++ break
++ time.sleep(1)
++ self.assertRegex(journal, b'Process.*bash.*dumped core')
++ self.assertIn(b'Stack trace', journal)
++ self.assertRegex(journal, b'#[0-9] .*bash')
++
++
++class CLITest(unittest.TestCase):
++ def setUp(self):
++ self.programs = []
++ for line in subprocess.check_output(['dpkg', '-L', 'systemd', 'systemd-container', 'systemd-coredump', 'udev'],
++ universal_newlines=True).splitlines():
++ if '/bin/' in line:
++ self.programs.append(line.strip())
++
++ def test_help(self):
++ '--help works and succeeds'''
++
++ for program in self.programs:
++ p = subprocess.Popen([program, '--help'], stdout=subprocess.PIPE, stderr=subprocess.PIPE, universal_newlines=True)
++ (out, err) = p.communicate()
++ try:
++ self.assertEqual(err, '')
++ self.assertEqual(p.returncode, 0)
++ self.assertIn(os.path.basename(program), out)
++ self.assertTrue('--help' in out or 'Usage' in out, out)
++ except AssertionError:
++ print('Failed program: %s' % program)
++ raise
++
++ def test_version(self):
++ '--version works and succeeds'''
++
++ version = subprocess.check_output(['pkg-config', '--modversion', 'systemd'],
++ universal_newlines=True).strip()
++
++ for program in self.programs:
++ # known to not respond to --version
++ if os.path.basename(program) in ['kernel-install', 'systemd-ask-password', 'systemd-stdio-bridge']:
++ continue
++ p = subprocess.Popen([program, '--version'], stdout=subprocess.PIPE, stderr=subprocess.PIPE, universal_newlines=True)
++ (out, err) = p.communicate()
++ try:
++ self.assertEqual(err, '')
++ self.assertEqual(p.returncode, 0)
++ self.assertIn(version, out)
++ except AssertionError:
++ print('Failed program: %s' % program)
++ raise
++
++ def test_invalid_option(self):
++ '''Calling with invalid option fails'''
++
++ for program in self.programs:
++ p = subprocess.Popen([program, '--invalid-option'], stdout=subprocess.PIPE, stderr=subprocess.PIPE, universal_newlines=True)
++ (out, err) = p.communicate()
++ try:
++ # kernel-install is an unique snowflake
++ if not program.endswith('/kernel-install'):
++ self.assertIn('--invalid-option', err)
++ self.assertNotEqual(p.returncode, 0)
++ except AssertionError:
++ print('Failed program: %s' % program)
++ raise
++
++
++def pre_boot_setup():
++ '''Test setup before rebooting testbed'''
++
++ subprocess.check_call(['systemctl', 'set-default', 'graphical.target'],
++ stderr=subprocess.STDOUT)
++
++ # create a few temporary files to ensure that they get cleaned up on boot
++ os.close(os.open('/tmp/newfile.test',
++ os.O_CREAT | os.O_EXCL | os.O_WRONLY))
++ os.close(os.open('/var/tmp/newfile.test',
++ os.O_CREAT | os.O_EXCL | os.O_WRONLY))
++ # we can't use utime() here, as systemd looks for ctime
++ if not is_container:
++ cur_time = time.clock_gettime(time.CLOCK_REALTIME)
++ time.clock_settime(time.CLOCK_REALTIME, cur_time - 2 * 30 * 86400)
++ try:
++ os.close(os.open('/tmp/oldfile.test',
++ os.O_CREAT | os.O_EXCL | os.O_WRONLY))
++ os.close(os.open('/var/tmp/oldfile.test',
++ os.O_CREAT | os.O_EXCL | os.O_WRONLY))
++ finally:
++ time.clock_settime(time.CLOCK_REALTIME, cur_time)
++
++ # allow X to start even on headless machines
++ os.makedirs('/etc/X11/xorg.conf.d/', exist_ok=True)
++ with open('/etc/X11/xorg.conf.d/dummy.conf', 'w') as f:
++ f.write('''Section "Device"
++ Identifier "test"
++ Driver "dummy"
++EndSection''')
++
++
++if __name__ == '__main__':
++ if not os.getenv('AUTOPKGTEST_REBOOT_MARK'):
++ pre_boot_setup()
++ print('Rebooting...')
++ subprocess.check_call(['/tmp/autopkgtest-reboot', 'boot1'])
++
++ unittest.main(testRunner=unittest.TextTestRunner(stream=sys.stdout,
++ verbosity=2))
--- /dev/null
--- /dev/null
++#!/bin/sh
++# test 20 successful reboots in a row
++# Author: Martin Pitt <martin.pitt@ubuntu.com>
++# For bisecting/testing you can replace individual binaries in /lib/systemd
++# with --copy /host/path/systemd-foo:/tmp/systemd-replace/systemd-foo
++set -e
++
++. `dirname $0`/assert.sh
++
++fail() {
++ [ -n "$1" ] && echo "$1"
++ set +e
++ journalctl --sync
++ journalctl -a > "$AUTOPKGTEST_ARTIFACTS/boot-smoke-journal.txt"
++ systemctl --no-pager --no-legend list-jobs > "$AUTOPKGTEST_ARTIFACTS/boot-smoke-running-jobs.txt"
++ udevadm info --export-db > "$AUTOPKGTEST_ARTIFACTS/boot-smoke-udevdb.txt"
++ exit 1
++}
++
++if [ -z "$AUTOPKGTEST_REBOOT_MARK" ]; then
++ # enable persistent journal
++ mkdir -p /var/log/journal
++ # allow X to start even on headless machines
++ mkdir -p /etc/X11/xorg.conf.d/
++ cat << EOF > /etc/X11/xorg.conf.d/dummy.conf
++Section "Device"
++ Identifier "test"
++ Driver "dummy"
++EndSection
++EOF
++
++
++ AUTOPKGTEST_REBOOT_MARK=0
++ if [ -d /tmp/systemd-replace/ ]; then
++ for f in /tmp/systemd-replace/*; do
++ echo "Installing $f..."
++ rm -f /lib/systemd/$(basename $f)
++ cp $f /lib/systemd/
++ done
++ fi
++else
++ echo "waiting to boot..."
++ TIMEOUT=35
++ while [ $TIMEOUT -ge 0 ]; do
++ state="$(systemctl is-system-running || true)"
++ case $state in
++ running|degraded)
++ break
++ ;;
++ *)
++ sleep 1
++ TIMEOUT=$((TIMEOUT - 1))
++ ;;
++ esac
++ done
++
++ echo "checking for running system"
++ if [ "$state" = "degraded" ]; then
++ systemctl --no-pager --no-legend --failed list-units > "$AUTOPKGTEST_ARTIFACTS/boot-smoke-failed-units.txt" || true
++ echo "systemctl is-system-running: degraded (non-fatal)"
++ elif [ "$state" != "running" ]; then
++ fail "system not running after timeout $RUNNING_TIMEOUT, state: $state"
++ fi
++
++ echo "checking for failed unmounts for user systemd"
++ # grep complete journal to catch shutdown messages
++ if journalctl | grep -E "systemd\[([2-9]|[1-9][0-9]+)\].*Failed unmounting"; then
++ fail "found failed unmount in journal"
++ fi
++
++ # grep only this boot's journal, earlier ones complain about missing "render" group
++ echo "checking for connection timeouts"
++ if journalctl -b | grep "Connection timed out"; then
++ fail "found connection timeout in journal for this boot"
++ fi
++
++ echo "checking that NetworkManager runs"
++ pidof NetworkManager || fail "NetworkManager was not running"
++fi
++
++if [ "$AUTOPKGTEST_REBOOT_MARK" -ge 5 ]; then
++ exit 0
++fi
++
++echo "reboot #$AUTOPKGTEST_REBOOT_MARK"
++/tmp/autopkgtest-reboot $(($AUTOPKGTEST_REBOOT_MARK + 1))
--- /dev/null
--- /dev/null
++#!/bin/sh
++# autopkgtest check: Test build against libsystemd-login-dev
++# (C) 2014 Canonical Ltd.
++# Author: Martin Pitt <martin.pitt@ubuntu.com>
++
++set -e
++
++WORKDIR=$(mktemp -d)
++trap "rm -rf $WORKDIR" 0 INT QUIT ABRT PIPE TERM
++cd $WORKDIR
++cat <<EOF > loginmonitor.c
++#include <assert.h>
++#include <stdio.h>
++#include <systemd/sd-login.h>
++
++int main(int argc, char **argv)
++{
++ sd_login_monitor* mon = NULL;
++ int res;
++
++ res = sd_login_monitor_new(NULL, &mon);
++ if (res < 0) {
++ fprintf(stderr, "sd_login_monitor_new failed with value %i\n", res);
++ return 1;
++ }
++
++ assert(sd_login_monitor_get_fd(mon) > 0);
++ sd_login_monitor_unref(mon);
++
++ return 0;
++}
++EOF
++
++gcc -Wall -Werror -o loginmonitor loginmonitor.c `pkg-config --cflags --libs libsystemd`
++echo "build: OK"
++[ -x loginmonitor ]
++./loginmonitor
++echo "run: OK"
--- /dev/null
--- /dev/null
++Tests: timedated, hostnamed, localed-locale, localed-x11-keymap
++Depends: systemd,
++ libpam-systemd,
++ libnss-systemd,
++ acl,
++ locales,
++Restrictions: needs-root, isolation-container
++
++Tests: logind
++Depends: systemd,
++ libpam-systemd,
++ libnss-systemd,
++ acl,
++ locales,
++ evemu-tools,
++Restrictions: needs-root, isolation-container
++
++Tests: unit-config
++Depends: systemd,
++ libpam-systemd,
++ libnss-systemd,
++ acl,
++ locales,
++ evemu-tools,
++ python3,
++ pkg-config,
++Restrictions: needs-root, allow-stderr
++
++Tests: storage
++Depends: systemd,
++ libpam-systemd,
++ libnss-systemd,
++ acl,
++ locales,
++ evemu-tools,
++ python3,
++ pkg-config,
++ cryptsetup-bin,
++Restrictions: needs-root, isolation-machine
++
++Tests: networkd-test.py
++Tests-Directory: test
++Depends: systemd,
++ libpam-systemd,
++ libnss-systemd,
++ acl,
++ locales,
++ evemu-tools,
++ python3,
++ pkg-config,
++ cryptsetup-bin,
++ systemd-sysv,
++ policykit-1,
++ dnsmasq-base
++Restrictions: needs-root, isolation-container
++
++Tests: build-login
++Depends: systemd,
++ libpam-systemd,
++ libnss-systemd,
++ acl,
++ locales,
++ evemu-tools,
++ python3,
++ pkg-config,
++ cryptsetup-bin,
++ systemd-sysv,
++ policykit-1,
++ dnsmasq-base,
++ build-essential,
++ libsystemd-dev,
++Restrictions: isolation-container
++
++Tests: boot-and-services
++Depends: systemd-sysv,
++ systemd-container,
++ systemd-coredump,
++ libpam-systemd,
++ xserver-xorg-video-dummy,
++ xserver-xorg,
++ gdm3 [!s390x],
++ cron,
++ network-manager,
++ busybox-static,
++ rsyslog,
++ apparmor,
++ pkg-config,
++ python3
++Restrictions: needs-root, isolation-container, breaks-testbed
++
++Tests: udev
++Depends: systemd-tests,
++ python3,
++ tree,
++ perl,
++ xz-utils,
++Restrictions: needs-root, allow-stderr, isolation-container, skippable
++
++Tests: root-unittests
++Depends: systemd-tests,
++ libpam-systemd,
++ tree,
++ perl,
++ xz-utils,
++ libcap2-bin,
++ iproute2,
++ liblz4-tool,
++ acl,
++ iputils-ping,
++ dbus-user-session,
++Restrictions: needs-root, allow-stderr, isolation-container, breaks-testbed
++
++Tests: upstream
++Depends: libsystemd-dev,
++ tree,
++ perl,
++ xz-utils,
++ libcap2-bin,
++ iproute2,
++ liblz4-tool,
++ acl,
++ dmeventd,
++ kbd,
++ cryptsetup-bin,
++ net-tools,
++ isc-dhcp-client,
++ iputils-ping,
++ strace,
++ qemu-system-x86 [amd64 i386],
++ qemu-system-arm [arm64 armhf],
++ qemu-system-ppc [ppc64el],
++ qemu-system-s390x [s390x],
++ seabios,
++ less,
++ pkg-config,
++ gcc,
++ libc6-dev | libc-dev,
++ make,
++ quota,
++ systemd-journal-remote,
++ systemd-container,
++ systemd-coredump,
++ fdisk | util-linux (<< 2.29.2-3~),
++ netcat-openbsd,
++ socat,
++ busybox-static,
++ plymouth,
++ e2fsprogs,
++Restrictions: needs-root, allow-stderr, isolation-machine
++
++Tests: boot-smoke
++Depends: libsystemd-dev,
++ tree,
++ perl,
++ xz-utils,
++ libcap2-bin,
++ iproute2,
++ liblz4-tool,
++ acl,
++ kbd,
++ cryptsetup-bin,
++ net-tools,
++ isc-dhcp-client,
++ iputils-ping,
++ strace,
++ qemu-system-x86 [amd64 i386],
++ qemu-system-arm [arm64 armhf],
++ qemu-system-s390x [s390x],
++ less,
++ pkg-config,
++ gcc,
++ libc6-dev | libc-dev,
++ make,
++ quota,
++ systemd-journal-remote,
++ systemd-container,
++ systemd-coredump,
++ systemd-sysv,
++ fdisk | util-linux (<< 2.29.2-3~),
++ netcat-openbsd,
++ busybox-static,
++ plymouth,
++ network-manager,
++ policykit-1,
++ gdm3 [!s390x],
++ xserver-xorg-video-dummy,
++Restrictions: needs-root, isolation-container, allow-stderr, breaks-testbed
++
++# NOUPSTREAM: Do not run these tests for upstream builds
++
++Tests: systemd-fsckd
++Depends: systemd-sysv,
++ python3,
++ plymouth
++Restrictions: needs-root, isolation-machine, breaks-testbed
--- /dev/null
--- /dev/null
++#!/bin/bash
++fd=0
++
++OPTIND=1
++while getopts "C:aTlM" opt; do
++ case "$opt" in
++ C)
++ fd=$OPTARG
++ ;;
++ \?);;
++ esac
++done
++
++shift "$((OPTIND-1))"
++device=$1
++
++echo "Running fake fsck on $device"
++
++declare -a maxpass=(30 5 2 30 60)
++
++for pass in {1..5}; do
++ maxprogress=${maxpass[$((pass-1))]}
++ for (( current=0; current<=${maxprogress}; current++)); do
++ echo "$pass $current $maxprogress $device">&$fd
++ sleep 0.1
++ done
++done
--- /dev/null
--- /dev/null
++#!/bin/sh
++set -e
++
++. `dirname $0`/assert.sh
++
++ORIG_HOST=`cat /etc/hostname`
++echo "original hostname: $ORIG_HOST"
++
++# should activate daemon and work
++STATUS="`hostnamectl`"
++assert_in "Static hostname: $ORIG_HOST" "$STATUS"
++assert_in "Kernel:.* `uname -r`" "$STATUS"
++
++# change hostname
++assert_eq "`hostnamectl set-hostname testhost 2>&1`" ""
++assert_eq "`cat /etc/hostname`" "testhost"
++assert_in "Static hostname: testhost" "`hostnamectl`"
++
++# reset to original
++assert_eq "`hostnamectl set-hostname $ORIG_HOST 2>&1`" ""
++assert_eq "`cat /etc/hostname`" "$ORIG_HOST"
++assert_in "Static hostname: $ORIG_HOST" "`hostnamectl`"
--- /dev/null
--- /dev/null
++# EVEMU 1.2
++# Input device name: "Lid Switch"
++# Input device ID: bus 0x19 vendor 0000 product 0x05 version 0000
++# Supported events:
++# Event type 0 (EV_SYN)
++# Event code 0 (SYN_REPORT)
++# Event code 5 (FF_STATUS_MAX)
++# Event type 5 (EV_SW)
++# Event code 0 (SW_LID)
++# Properties:
++N: Fake Lid Switch
++I: 0019 0000 0005 0000
++P: 00 00 00 00 00 00 00 00
++B: 00 21 00 00 00 00 00 00 00
++B: 01 00 00 00 00 00 00 00 00
++B: 01 00 00 00 00 00 00 00 00
++B: 01 00 00 00 00 00 00 00 00
++B: 01 00 00 00 00 00 00 00 00
++B: 01 00 00 00 00 00 00 00 00
++B: 01 00 00 00 00 00 00 00 00
++B: 01 00 00 00 00 00 00 00 00
++B: 01 00 00 00 00 00 00 00 00
++B: 01 00 00 00 00 00 00 00 00
++B: 01 00 00 00 00 00 00 00 00
++B: 01 00 00 00 00 00 00 00 00
++B: 01 00 00 00 00 00 00 00 00
++B: 02 00 00 00 00 00 00 00 00
++B: 03 00 00 00 00 00 00 00 00
++B: 04 00 00 00 00 00 00 00 00
++B: 05 01 00 00 00 00 00 00 00
++B: 11 00 00 00 00 00 00 00 00
++B: 12 00 00 00 00 00 00 00 00
++B: 15 00 00 00 00 00 00 00 00
++B: 15 00 00 00 00 00 00 00 00
--- /dev/null
--- /dev/null
++#!/bin/sh
++set -e
++
++. `dirname $0`/assert.sh
++
++if [ -n "$TEST_UPSTREAM" ]; then
++ LOCALE_CONF=/etc/locale.conf
++else
++ LOCALE_CONF=/etc/default/locale
++fi
++
++if ! ORIG_LOC=`grep -v '^#' $LOCALE_CONF 2>/dev/null`; then
++ # set up for a minimal unconfigured system
++ if [ -e /etc/locale.gen ]; then
++ echo "en_US.UTF-8 UTF-8" >> /etc/locale.gen
++ fi
++ locale-gen en_US.UTF-8
++ ORIG_LOC='LANG="en_US.UTF-8"'
++ echo "$ORIG_LOC" > $LOCALE_CONF
++fi
++
++if ! [ -e /etc/default/keyboard ]; then
++ /bin/echo -e 'XKBMODEL=us\nXKBLAYOUT=pc105' > /etc/default/keyboard
++fi
++
++# should activate daemon and work
++assert_in "System Locale:" "`localectl --no-pager`"
++
++# change locale
++assert_eq "`localectl --no-pager set-locale LANG=C LC_CTYPE=en_US.UTF-8 2>&1`" ""
++sync
++assert_eq "`cat $LOCALE_CONF`" "LANG=C
++LC_CTYPE=en_US.UTF-8"
++
++! [ -f /etc/locale.conf ]
++
++STATUS=`localectl`
++assert_in "System Locale: LANG=C" "$STATUS"
++assert_in "LC_CTYPE=en_US.UTF-8" "$STATUS"
++
++# reset locale to original
++echo "$ORIG_LOC" > $LOCALE_CONF
--- /dev/null
--- /dev/null
++#!/bin/sh
++set -e
++
++. `dirname $0`/assert.sh
++
++if [ -f /etc/default/keyboard ]; then
++ ORIG_KBD=`cat /etc/default/keyboard`
++else
++ ORIG_KBD=""
++fi
++
++cleanup() {
++ # reset locale to original
++ if [ -n "ORIG_KBD" ]; then
++ echo "$ORIG_KBD" > /etc/default/keyboard
++ else
++ rm -f /etc/default/keyboard
++ fi
++ rm -f /etc/X11/xorg.conf.d/00-keyboard.conf
++}
++trap cleanup EXIT INT QUIT PIPE
++
++# should activate daemon and work
++STATUS=`localectl`
++assert_in "X11 Layout:" "`localectl --no-pager`"
++
++# change layout
++assert_eq "`localectl --no-pager set-x11-keymap et pc101 2>&1`" ""
++sync
++
++if [ -n "$TEST_UPSTREAM" ]; then
++ # Upstream writes xorg.conf.d file
++ assert_in 'Option "XkbLayout" "et' "`cat /etc/X11/xorg.conf.d/00-keyboard.conf`"
++ assert_in 'Option "XkbModel" "pc101"' "`cat /etc/X11/xorg.conf.d/00-keyboard.conf`"
++else
++ # Debian console-setup config file
++ assert_in 'XKBLAYOUT="\?et"\?' "`cat /etc/default/keyboard`"
++ assert_in 'XKBMODEL="\?pc101"\?' "`cat /etc/default/keyboard`"
++
++ ! [ -f /etc/X11/xorg.conf.d/00-keyboard.conf ]
++fi
++
++STATUS=`localectl --no-pager`
++assert_in "X11 Layout: et" "$STATUS"
++assert_in "X11 Model: pc101" "$STATUS"
++
++# gets along without config file
++if [ -z "$TEST_UPSTREAM" ]; then
++ rm /etc/default/keyboard
++ systemctl stop systemd-localed
++ assert_in "X11 Layout: n/a" "`localectl --no-pager`"
++fi
--- /dev/null
--- /dev/null
++#!/bin/sh
++set -e
++
++test_started() {
++ # ensure the *old* logind from before the upgrade isn't running
++ echo " * try-restarting systemd-logind"
++ systemctl try-restart systemd-logind
++
++ echo " * daemon is started"
++ # should start at boot, not with D-BUS activation
++ LOGINDPID=$(pidof systemd-logind)
++
++ # loginctl should succeed
++ echo " * loginctl succeeds"
++ LOGINCTL_OUT=`loginctl`
++}
++
++test_properties() {
++ # Default KillUserProcesses should be off for debian/ubuntu builds
++ r=$(busctl get-property org.freedesktop.login1 /org/freedesktop/login1 org.freedesktop.login1.Manager KillUserProcesses)
++ [ "$r" = "b false" ]
++}
++
++# args: <timeout>
++wait_suspend() {
++ timeout=$1
++ while [ $timeout -gt 0 ] && [ ! -e /run/suspend.flag ]; do
++ sleep 1
++ timeout=$((timeout - 1))
++ [ $(($timeout % 5)) -ne 0 ] || echo " waiting for suspend, ${timeout}s remaining..."
++ done
++ if [ ! -e /run/suspend.flag ]; then
++ echo "closing lid did not cause suspend" >&2
++ exit 1
++ fi
++ rm /run/suspend.flag
++ echo " * closing lid caused suspend"
++}
++
++test_suspend_on_lid() {
++ if systemd-detect-virt --quiet --container; then
++ echo " * Skipping suspend test in container"
++ return
++ fi
++ if ! grep -q mem /sys/power/state; then
++ echo " * suspend not supported on this testbed, skipping"
++ return
++ fi
++
++ # cleanup handler
++ trap 'rm -f /run/udev/rules.d/70-logindtest-*.rules; udevadm control --reload;
++ kill $KILL_PID;
++ rm /run/systemd/system/systemd-suspend.service;
++ if [ -d /sys/module/scsi_debug ]; then rmmod scsi_debug 2>/dev/null || (sleep 2; rmmod scsi_debug ) || true; fi' \
++ EXIT INT QUIT TERM PIPE
++
++ # watch what's going on
++ journalctl -f -u systemd-logind.service &
++ KILL_PID="$KILL_PID $!"
++
++ # create fake suspend
++ UNIT=$(systemctl show -pFragmentPath --value systemd-suspend.service)
++ sed '/^ExecStart=/ s_=.*$_=/bin/touch /run/suspend.flag_' $UNIT > /run/systemd/system/systemd-suspend.service
++ sync
++ systemctl daemon-reload
++
++ # create fake lid switch
++ mkdir -p /run/udev/rules.d
++ echo 'SUBSYSTEM=="input", KERNEL=="event*", ATTRS{name}=="Fake Lid Switch", TAG+="power-switch"' \
++ > /run/udev/rules.d/70-logindtest-lid.rules
++ sync
++ udevadm control --reload
++ evemu-device $(dirname $0)/lidswitch.evemu &
++ KILL_PID="$KILL_PID $!"
++ while [ -z "$O" ]; do
++ sleep 0.1
++ O=$(grep -l '^Fake Lid Switch' /sys/class/input/*/device/name)
++ done
++ O=${O%/device/name}
++ LID_DEV=/dev/${O#/sys/class/}
++
++ # close lid
++ evemu-event $LID_DEV --sync --type 5 --code 0 --value 1
++ # need to wait for 30s suspend inhibition after boot
++ wait_suspend 31
++ # open lid again
++ evemu-event $LID_DEV --sync --type 5 --code 0 --value 0
++
++ echo " * waiting for 30s inhibition time between suspends"
++ sleep 30
++
++ # now closing lid should cause instant suspend
++ evemu-event $LID_DEV --sync --type 5 --code 0 --value 1
++ wait_suspend 2
++ evemu-event $LID_DEV --sync --type 5 --code 0 --value 0
++
++ P=$(pidof systemd-logind)
++ [ "$P" = "$LOGINDPID" ] || { echo "logind crashed" >&2; exit 1; }
++}
++
++test_shutdown() {
++ echo " * scheduled shutdown with wall message"
++ shutdown 2>&1
++ sleep 5
++ shutdown -c || true
++ # logind should still be running
++ P=$(pidof systemd-logind)
++ [ "$P" = "$LOGINDPID" ] || { echo "logind crashed" >&2; exit 1; }
++
++ echo " * scheduled shutdown without wall message"
++ shutdown --no-wall 2>&1
++ sleep 5
++ shutdown -c --no-wall || true
++ P=$(pidof systemd-logind)
++ [ "$P" = "$LOGINDPID" ] || { echo "logind crashed" >&2; exit 1; }
++}
++
++test_in_logind_session() {
++ echo " * XDG_SESSION_ID=$XDG_SESSION_ID"
++ # cgroup v1: "1:name=systemd:/user.slice/..."; unified hierarchy: "0::/user.slice"
++ if grep -E '(name=systemd|^0:):.*session.*scope' /proc/self/cgroup; then
++ echo " * process is in session cgroup"
++ else
++ echo "FAIL: process is not in session cgroup"
++ echo "/proc/self/cgroup:"
++ cat /proc/self/cgroup
++ loginctl
++ loginctl show-session "$XDG_SESSION_ID"
++ exit 1
++ fi
++}
++
++test_acl() {
++ # ACL tests
++ if ! echo "$LOGINCTL_OUT" | grep -q "seat0"; then
++ echo " * Skipping ACL tests, as there is no seat"
++ return
++ fi
++ if systemd-detect-virt --quiet --container; then
++ echo " * Skipping ACL tests in container"
++ return
++ fi
++
++ # determine user
++ USER=`echo "$OUT" | grep seat0 | awk '{print $3}'`
++ echo "seat user: $USER"
++
++ # scsi_debug should not be loaded yet
++ ! test -d /sys/bus/pseudo/drivers/scsi_debug/adapter*/host*/target*/*:*/block
++
++ # we use scsi_debug to create new devices which we can put ACLs on
++ # tell udev about the tagging, so that logind can pick it up
++ cat <<EOF > /run/udev/rules.d/70-logindtest-scsi_debug-user.rules
++SUBSYSTEM=="block", ATTRS{model}=="scsi_debug*", TAG+="uaccess"
++EOF
++ sync
++ udevadm control --reload
++
++ echo " * coldplug: logind started with existing device"
++ killall systemd-logind
++ modprobe scsi_debug
++ while ! dev=/dev/`ls /sys/bus/pseudo/drivers/scsi_debug/adapter*/host*/target*/*:*/block 2>/dev/null`; do sleep 0.1; done
++ test -b $dev
++ echo "got block device $dev"
++ udevadm settle
++ # trigger logind
++ loginctl > /dev/null
++ sleep 1
++ if getfacl -p $dev | grep -q "user:$USER:rw-"; then
++ echo "$dev has ACL for user $USER"
++ else
++ echo "$dev has no ACL for user $USER:" >&2
++ getfacl -p $dev >&2
++ exit 1
++ fi
++
++ rmmod scsi_debug
++
++ echo " * hotplug: new device appears while logind is running"
++ modprobe scsi_debug
++ while ! dev=/dev/`ls /sys/bus/pseudo/drivers/scsi_debug/adapter*/host*/target*/*:*/block`; do sleep 0.1; done
++ test -b $dev
++ echo "got block device $dev"
++ udevadm settle
++ sleep 1
++ if getfacl -p $dev | grep -q "user:$USER:rw-"; then
++ echo "$dev has ACL for user $USER"
++ else
++ echo "$dev has no ACL for user $USER:" >&2
++ getfacl -p $dev >&2
++ exit 1
++ fi
++}
++
++#
++# main
++#
++
++test_started
++test_properties
++test_in_logind_session
++test_suspend_on_lid
++test_shutdown
++test_acl
--- /dev/null
--- /dev/null
++#!/bin/sh
++# loop until we can kill the process given in arg
++
++while :
++do
++ /usr/bin/pkill -x $*
++ [ $? -eq 0 ] && break
++ sleep 1
++done
--- /dev/null
--- /dev/null
++#!/bin/sh
++set -eu
++
++EXFAIL=""
++
++res=0
++for t in /usr/lib/systemd/tests/test-*; do
++ tname=$(basename $t)
++ # test-udev needs special prep and has its own test
++ [ "$tname" != test-udev ] || continue
++ echo "====== $tname ======="
++ # exit code 77 means "skip"
++ rc=0
++ $t || rc=$?
++ if [ "$rc" = 0 ]; then
++ echo "PASS: $tname"
++ elif [ "$rc" = 77 ]; then
++ echo "SKIP: $tname"
++ elif [ "${EXFAIL%$tname*}" != "$EXFAIL" ]; then
++ echo "EXFAIL: $tname"
++ else
++ echo "FAIL: $tname (code: $rc)"
++ res=$rc
++ fi
++done
++exit $res
--- /dev/null
--- /dev/null
++#!/usr/bin/env python3
++# systemd integration test: Handling of storage devices
++# (C) 2015 Canonical Ltd.
++# Author: Martin Pitt <martin.pitt@ubuntu.com>
++
++import os
++import random
++import subprocess
++import sys
++import time
++import unittest
++
++from glob import glob
++from threading import Thread
++
++
++TIMEOUT_SERVICE_START = 10
++TIMEOUT_PASSWORD_AGENT_STOP = 10
++TIMEOUT_PLAINTEXT_DEV = 30
++TIMEOUT_SCSI_DEBUG_ADD_HOST = 5
++
++SCSI_DEBUG_DIR = '/sys/bus/pseudo/drivers/scsi_debug'
++
++class FakeDriveTestBase(unittest.TestCase):
++ @classmethod
++ def setUpClass(cls):
++ if os.path.isdir(SCSI_DEBUG_DIR):
++ return
++
++ # Consider missing scsi_debug module a test failure
++ subprocess.check_call(['modprobe', 'scsi_debug', 'dev_size_mb=32'])
++ assert os.path.isdir(SCSI_DEBUG_DIR)
++
++ def setUp(self):
++ existing_adapters = set(glob(os.path.join(SCSI_DEBUG_DIR, 'adapter*')))
++ with open(os.path.join(SCSI_DEBUG_DIR, 'add_host'), 'w') as f:
++ f.write('1')
++ new_adapters = set(glob(os.path.join(SCSI_DEBUG_DIR, 'adapter*'))) - existing_adapters
++ self.assertEqual(len(new_adapters), 1)
++ self.adapter = new_adapters.pop()
++ for timeout in range(TIMEOUT_SCSI_DEBUG_ADD_HOST):
++ devices = set(glob(os.path.join(self.adapter, 'host*/target*/*:*/block/*')))
++ if len(devices) > 0:
++ break
++ time.sleep(1)
++ else:
++ self.fail('Timed out waiting for scsi_debug block device name')
++ self.assertEqual(len(devices), 1)
++ self.device = os.path.join('/dev/', os.path.basename(devices.pop()))
++
++ def tearDown(self):
++ existing_adapters = set(glob(os.path.join(SCSI_DEBUG_DIR, 'adapter*')))
++ with open(os.path.join(SCSI_DEBUG_DIR, 'add_host'), 'w') as f:
++ f.write('-1')
++ removed_adapters = existing_adapters - set(glob(os.path.join(SCSI_DEBUG_DIR, 'adapter*')))
++ self.assertEqual(len(removed_adapters), 1)
++ adapter = removed_adapters.pop()
++ self.assertEqual(self.adapter, adapter)
++ self.adapter = None
++ self.device = None
++
++
++class CryptsetupTest(FakeDriveTestBase):
++ def setUp(self):
++ testname = self.id().split('.')[-1]
++ self.plaintext_name = 'testcrypt_%s' % testname
++ self.plaintext_dev = '/dev/mapper/' + self.plaintext_name
++ self.service_name = 'systemd-cryptsetup@%s.service' % self.plaintext_name
++ if os.path.exists(self.plaintext_dev):
++ self.fail('%s exists already' % self.plaintext_dev)
++
++ super().setUp()
++
++ if os.path.exists('/etc/crypttab'):
++ os.rename('/etc/crypttab', '/etc/crypttab.systemdtest')
++ self.password = 'pwd%i' % random.randint(1000, 10000)
++ self.password_agent = None
++ self.password_agent_stop = False
++
++ def tearDown(self):
++ if self.password_agent:
++ self.password_agent_stop = True
++ self.password_agent.join(timeout=TIMEOUT_PASSWORD_AGENT_STOP)
++ self.assertFalse(self.password_agent.is_alive())
++ self.password_agent = None
++ for timeout in range(TIMEOUT_SERVICE_START):
++ state = subprocess.run(['systemctl', 'show', '--no-pager', self.service_name, '--property', 'ActiveState'],
++ stdout=subprocess.PIPE, universal_newlines=True).stdout
++ state = state.strip().replace('ActiveState=', '', 1)
++ if state in ['active', 'failed']:
++ break
++ time.sleep(1)
++ else:
++ self.fail('Timed out waiting for %s to start (or fail)' % self.service_name)
++ subprocess.call(['umount', self.plaintext_dev], stderr=subprocess.DEVNULL)
++ if state == 'active':
++ subprocess.call(['systemctl', 'stop', self.service_name], stderr=subprocess.STDOUT)
++ if os.path.exists('/etc/crypttab'):
++ os.unlink('/etc/crypttab')
++ if os.path.exists('/etc/crypttab.systemdtest'):
++ os.rename('/etc/crypttab.systemdtest', '/etc/crypttab')
++ if os.path.exists(self.plaintext_dev):
++ subprocess.call(['dmsetup', 'remove', self.plaintext_dev],
++ stderr=subprocess.STDOUT)
++ subprocess.check_call(['systemctl', 'daemon-reload'])
++
++ super().tearDown()
++
++ def format_luks(self):
++ '''Format test device with LUKS'''
++
++ p = subprocess.Popen(['cryptsetup', '--batch-mode', 'luksFormat', self.device, '-'],
++ stdin=subprocess.PIPE)
++ p.communicate(self.password.encode())
++ self.assertEqual(p.returncode, 0)
++ os.sync()
++ subprocess.check_call(['udevadm', 'settle'])
++
++ def start_password_agent(self):
++ '''Run password agent to answer passphrase request for crypt device'''
++
++ # wait for incoming request
++ found = False
++ while not found:
++ for ask in glob('/run/systemd/ask-password/ask.*'):
++ with open(ask) as f:
++ contents = f.read()
++ if self.plaintext_name in contents:
++ found = True
++ break
++ if not found:
++ if self.password_agent_stop:
++ return
++ time.sleep(0.5)
++
++ # parse Socket=
++ for line in contents.splitlines():
++ if line.startswith('Socket='):
++ socket = line.split('=', 1)[1]
++ break
++ else:
++ self.fail('Could not find socket')
++
++ # send reply
++ p = subprocess.Popen(['/lib/systemd/systemd-reply-password', '1', socket],
++ stdin=subprocess.PIPE)
++ p.communicate(self.password.encode())
++ self.assertEqual(p.returncode, 0)
++
++ def apply(self, target):
++ '''Tell systemd to generate and run the cryptsetup units'''
++
++ subprocess.check_call(['systemctl', 'daemon-reload'])
++
++ self.password_agent = Thread(target=self.start_password_agent);
++ self.password_agent.start()
++ subprocess.check_call(['systemctl', '--no-ask-password', 'restart', target])
++ for timeout in range(TIMEOUT_PLAINTEXT_DEV):
++ if os.path.exists(self.plaintext_dev):
++ break
++ time.sleep(1)
++ else:
++ self.fail('Timed out waiting for %s to appear' % self.plaintext_dev)
++
++ def test_luks_by_devname(self):
++ '''LUKS device by plain device name, empty'''
++
++ self.format_luks()
++ with open('/etc/crypttab', 'w') as f:
++ f.write('%s %s none luks\n' % (self.plaintext_name, self.device))
++ self.apply('cryptsetup.target')
++
++ # should not be mounted
++ with open('/proc/mounts') as f:
++ self.assertNotIn(self.plaintext_name, f.read())
++
++ # device should not have anything on it
++ p = subprocess.Popen(['blkid', self.plaintext_dev], stdout=subprocess.PIPE)
++ out = p.communicate()[0]
++ self.assertEqual(out, b'')
++ self.assertNotEqual(p.returncode, 0)
++
++ def test_luks_by_uuid(self):
++ '''LUKS device by UUID, empty'''
++
++ self.format_luks()
++ uuid = subprocess.check_output(['blkid', '-ovalue', '-sUUID', self.device],
++ universal_newlines=True).strip()
++ with open('/etc/crypttab', 'w') as f:
++ f.write('%s UUID=%s none luks\n' % (self.plaintext_name, uuid))
++ self.apply('cryptsetup.target')
++
++ # should not be mounted
++ with open('/proc/mounts') as f:
++ self.assertNotIn(self.plaintext_name, f.read())
++
++ # device should not have anything on it
++ p = subprocess.Popen(['blkid', self.plaintext_dev], stdout=subprocess.PIPE)
++ out = p.communicate()[0]
++ self.assertEqual(out, b'')
++ self.assertNotEqual(p.returncode, 0)
++
++ def test_luks_swap(self):
++ '''LUKS device with "swap" option'''
++
++ self.format_luks()
++ with open('/etc/crypttab', 'w') as f:
++ f.write('%s %s none luks,swap\n' % (self.plaintext_name, self.device))
++ self.apply('cryptsetup.target')
++
++ # should not be mounted
++ with open('/proc/mounts') as f:
++ self.assertNotIn(self.plaintext_name, f.read())
++
++ # device should be formatted with swap
++ out = subprocess.check_output(['blkid', '-ovalue', '-sTYPE', self.plaintext_dev])
++ self.assertEqual(out, b'swap\n')
++
++ def test_luks_tmp(self):
++ '''LUKS device with "tmp" option'''
++
++ self.format_luks()
++ with open('/etc/crypttab', 'w') as f:
++ f.write('%s %s none luks,tmp\n' % (self.plaintext_name, self.device))
++ self.apply('cryptsetup.target')
++
++ # should not be mounted
++ with open('/proc/mounts') as f:
++ self.assertNotIn(self.plaintext_name, f.read())
++
++ # device should be formatted with ext2
++ out = subprocess.check_output(['blkid', '-ovalue', '-sTYPE', self.plaintext_dev])
++ self.assertEqual(out, b'ext2\n')
++
++ def test_luks_fstab(self):
++ '''LUKS device in /etc/fstab'''
++
++ self.format_luks()
++ with open('/etc/crypttab', 'w') as f:
++ f.write('%s %s none luks,tmp\n' % (self.plaintext_name, self.device))
++
++ mountpoint = '/run/crypt1.systemdtest'
++ os.mkdir(mountpoint)
++ self.addCleanup(os.rmdir, mountpoint)
++ os.rename('/etc/fstab', '/etc/fstab.systemdtest')
++ self.addCleanup(os.rename, '/etc/fstab.systemdtest', '/etc/fstab')
++ with open('/etc/fstab', 'a') as f:
++ with open('/etc/fstab.systemdtest') as forig:
++ f.write(forig.read())
++ f.write('%s %s ext2 defaults 0 0\n' % (self.plaintext_dev, mountpoint))
++
++ # this should now be a requirement of local-fs.target
++ self.apply('local-fs.target')
++
++ # should be mounted
++ found = False
++ with open('/proc/mounts') as f:
++ for line in f:
++ fields = line.split()
++ if fields[0] == self.plaintext_dev:
++ self.assertEqual(fields[1], mountpoint)
++ self.assertEqual(fields[2], 'ext2')
++ found = True
++ break
++ if not found:
++ self.fail('%s is not mounted' % self.plaintext_dev)
++
++
++if __name__ == '__main__':
++ unittest.main(testRunner=unittest.TextTestRunner(stream=sys.stdout,
++ verbosity=2))
--- /dev/null
--- /dev/null
++#!/usr/bin/python3
++# autopkgtest check: Ensure that systemd-fsckd can report progress and cancel
++# (C) 2015 Canonical Ltd.
++# Author: Didier Roche <didrocks@ubuntu.com>
++
++from contextlib import suppress
++import inspect
++import fileinput
++import os
++import subprocess
++import shutil
++import stat
++import sys
++import unittest
++from time import sleep, time
++
++GRUB_AUTOPKGTEST_CONFIG_PATH = "/etc/default/grub.d/50-cloudimg-settings.cfg"
++TEST_AUTOPKGTEST_CONFIG_PATH = "/etc/default/grub.d/99-fsckdtest.cfg"
++
++SYSTEMD_ETC_SYSTEM_UNIT_DIR = "/etc/systemd/system/"
++SYSTEMD_PROCESS_KILLER_PATH = os.path.join(SYSTEMD_ETC_SYSTEM_UNIT_DIR, "process-killer.service")
++
++SYSTEMD_FSCK_ROOT_PATH = "/lib/systemd/system/systemd-fsck-root.service"
++SYSTEMD_FSCK_ROOT_ENABLE_PATH = os.path.join(SYSTEMD_ETC_SYSTEM_UNIT_DIR, 'local-fs.target.wants/systemd-fsck-root.service')
++
++SYSTEM_FSCK_PATH = '/sbin/fsck'
++PROCESS_KILLER_PATH = '/sbin/process-killer'
++SAVED_FSCK_PATH = "{}.real".format(SYSTEM_FSCK_PATH)
++
++FSCKD_TIMEOUT = 30
++
++
++class FsckdTest(unittest.TestCase):
++ '''Check that we run, report and can cancel fsck'''
++
++ def __init__(self, test_name, after_reboot, return_code):
++ super().__init__(test_name)
++ self._test_name = test_name
++ self._after_reboot = after_reboot
++ self._return_code = return_code
++
++ def setUp(self):
++ super().setUp()
++ # ensure we have our root fsck enabled by default (it detects it runs in a vm and doesn't pull the target)
++ # note that it can already exists in case of a reboot (as there was no tearDown as we wanted)
++ os.makedirs(os.path.dirname(SYSTEMD_FSCK_ROOT_ENABLE_PATH), exist_ok=True)
++ with suppress(FileExistsError):
++ os.symlink(SYSTEMD_FSCK_ROOT_PATH, SYSTEMD_FSCK_ROOT_ENABLE_PATH)
++ enable_plymouth()
++
++ # note that the saved real fsck can still exists in case of a reboot (as there was no tearDown as we wanted)
++ if not os.path.isfile(SAVED_FSCK_PATH):
++ os.rename(SYSTEM_FSCK_PATH, SAVED_FSCK_PATH)
++
++ # install mock fsck and killer
++ self.install_bin(os.path.join(os.path.dirname(os.path.realpath(__file__)), 'fsck'),
++ SYSTEM_FSCK_PATH)
++ self.install_bin(os.path.join(os.path.dirname(os.path.realpath(__file__)), 'process-killer'),
++ PROCESS_KILLER_PATH)
++
++ self.files_to_clean = [SYSTEMD_FSCK_ROOT_ENABLE_PATH, SYSTEM_FSCK_PATH, SYSTEMD_PROCESS_KILLER_PATH, PROCESS_KILLER_PATH]
++
++ def tearDown(self):
++ # tearDown is only called once the test really ended (not while rebooting during tests)
++ for f in self.files_to_clean:
++ with suppress(FileNotFoundError):
++ os.remove(f)
++ os.rename(SAVED_FSCK_PATH, SYSTEM_FSCK_PATH)
++ super().tearDown()
++
++ def test_fsckd_run(self):
++ '''Ensure we can reboot after a fsck was processed'''
++ if not self._after_reboot:
++ self.reboot()
++ else:
++ self.assertFsckdStop()
++ self.assertFsckProceeded()
++ self.assertSystemRunning()
++
++ def test_fsckd_run_without_plymouth(self):
++ '''Ensure we can reboot without plymouth after a fsck was processed'''
++ if not self._after_reboot:
++ enable_plymouth(enable=False)
++ self.reboot()
++ else:
++ self.assertFsckdStop()
++ self.assertFsckProceeded(with_plymouth=False)
++ self.assertSystemRunning()
++
++ def test_fsck_with_failure(self):
++ '''Ensure that a failing fsck doesn't prevent fsckd to stop'''
++ if not self._after_reboot:
++ self.install_process_killer_unit('fsck')
++ self.reboot()
++ else:
++ self.assertFsckdStop()
++ self.assertWasRunning('process-killer')
++ self.assertFalse(self.is_failed_unit('process-killer'))
++ self.assertFsckProceeded()
++ self.assertSystemRunning()
++
++ def test_systemd_fsck_with_failure(self):
++ '''Ensure that a failing systemd-fsck doesn't prevent fsckd to stop'''
++ if not self._after_reboot:
++ self.install_process_killer_unit('systemd-fsck', kill=True)
++ self.reboot()
++ else:
++ self.assertFsckdStop()
++ self.assertProcessKilled()
++ self.assertTrue(self.is_failed_unit('systemd-fsck-root'))
++ self.assertWasRunning('systemd-fsckd')
++ self.assertWasRunning('plymouth-start')
++ self.assertSystemRunning()
++
++ def test_systemd_fsckd_with_failure(self):
++ '''Ensure that a failing systemd-fsckd doesn't prevent system to boot'''
++ if not self._after_reboot:
++ self.install_process_killer_unit('systemd-fsckd', kill=True)
++ self.reboot()
++ else:
++ self.assertFsckdStop()
++ self.assertProcessKilled()
++ self.assertFalse(self.is_failed_unit('systemd-fsck-root'))
++ self.assertTrue(self.is_failed_unit('systemd-fsckd'))
++ self.assertWasRunning('plymouth-start')
++ self.assertSystemRunning()
++
++ def test_systemd_fsck_with_plymouth_failure(self):
++ '''Ensure that a failing plymouth doesn't prevent fsckd to reconnect/exit'''
++ if not self._after_reboot:
++ self.install_process_killer_unit('plymouthd', kill=True)
++ self.reboot()
++ else:
++ self.assertFsckdStop()
++ self.assertWasRunning('process-killer')
++ self.assertFsckProceeded()
++ self.assertFalse(self.is_active_unit('plymouth-start'))
++ self.assertSystemRunning()
++
++ def install_bin(self, source, dest):
++ '''install mock fsck'''
++ shutil.copy2(source, dest)
++ st = os.stat(dest)
++ os.chmod(dest, st.st_mode | stat.S_IEXEC)
++
++ def is_active_unit(self, unit):
++ '''Check that given unit is active'''
++
++ return subprocess.call(['systemctl', 'status', unit],
++ stdout=subprocess.PIPE) == 0
++
++ def is_failed_unit(self, unit):
++ '''Check that given unit failed'''
++
++ p = subprocess.Popen(['systemctl', 'is-active', unit], stdout=subprocess.PIPE)
++ out, err = p.communicate()
++ if b'failed' in out:
++ return True
++ return False
++
++ def assertWasRunning(self, unit, expect_running=True):
++ '''Assert that a given unit has been running'''
++ p = subprocess.Popen(['systemctl', 'status', '--no-pager', unit],
++ stdout=subprocess.PIPE, universal_newlines=True)
++ out = p.communicate()[0].strip()
++ if expect_running:
++ self.assertRegex(out, 'Active:.*since')
++ else:
++ self.assertNotRegex(out, 'Active:.*since')
++ self.assertIn(p.returncode, (0, 3))
++
++ def assertFsckdStop(self):
++ '''Ensure systemd-fsckd stops, which indicates no more fsck activity'''
++ timeout = time() + FSCKD_TIMEOUT
++ while time() < timeout:
++ if not self.is_active_unit('systemd-fsckd'):
++ return
++ sleep(1)
++ raise Exception("systemd-fsckd still active after {}s".format(FSCKD_TIMEOUT))
++
++ def assertFsckProceeded(self, with_plymouth=True):
++ '''Assert we executed most of the fsck-related services successfully'''
++ self.assertWasRunning('systemd-fsckd')
++ self.assertFalse(self.is_failed_unit('systemd-fsckd'))
++ self.assertTrue(self.is_active_unit('systemd-fsck-root')) # remains active after exit
++ if with_plymouth:
++ self.assertWasRunning('plymouth-start')
++ else:
++ self.assertWasRunning('plymouth-start', expect_running=False)
++
++ def assertSystemRunning(self):
++ '''Assert that the system is running'''
++
++ self.assertTrue(self.is_active_unit('default.target'))
++
++ def assertProcessKilled(self):
++ '''Assert the targeted process was killed successfully'''
++ self.assertWasRunning('process-killer')
++ self.assertFalse(self.is_failed_unit('process-killer'))
++
++ def reboot(self):
++ '''Reboot the system with the current test marker'''
++ subprocess.check_call(['/tmp/autopkgtest-reboot', "{}:{}".format(self._test_name, self._return_code)])
++
++ def install_process_killer_unit(self, process_name, kill=False):
++ '''Create a systemd unit which will kill process_name'''
++ with open(SYSTEMD_PROCESS_KILLER_PATH, 'w') as f:
++ f.write('''[Unit]
++DefaultDependencies=no
++
++[Service]
++Type=simple
++ExecStart=/usr/bin/timeout 10 {} {}
++
++[Install]
++WantedBy=systemd-fsck-root.service'''.format(PROCESS_KILLER_PATH,
++ '--signal SIGKILL {}'.format(process_name) if kill else process_name))
++ subprocess.check_call(['systemctl', 'daemon-reload'])
++ subprocess.check_call(['systemctl', 'enable', 'process-killer'], stderr=subprocess.DEVNULL)
++
++
++def enable_plymouth(enable=True):
++ '''ensure plymouth is enabled in grub config (doesn't reboot)'''
++ plymouth_enabled = 'splash' in open('/boot/grub/grub.cfg').read()
++ if enable and not plymouth_enabled:
++ if os.path.exists(GRUB_AUTOPKGTEST_CONFIG_PATH):
++ shutil.copy2(GRUB_AUTOPKGTEST_CONFIG_PATH, TEST_AUTOPKGTEST_CONFIG_PATH)
++ for line in fileinput.input([TEST_AUTOPKGTEST_CONFIG_PATH], inplace=True):
++ if line.startswith("GRUB_CMDLINE_LINUX_DEFAULT"):
++ print(line[:line.rfind('"')] + ' splash quiet"\n')
++ else:
++ os.makedirs(os.path.dirname(TEST_AUTOPKGTEST_CONFIG_PATH), exist_ok=True)
++ with open(TEST_AUTOPKGTEST_CONFIG_PATH, 'w') as f:
++ f.write('GRUB_CMDLINE_LINUX_DEFAULT="console=ttyS0 splash quiet"\n')
++ elif not enable and plymouth_enabled:
++ with suppress(FileNotFoundError):
++ os.remove(TEST_AUTOPKGTEST_CONFIG_PATH)
++ subprocess.check_call(['update-grub'], stderr=subprocess.DEVNULL)
++
++
++def boot_with_systemd_distro():
++ '''Reboot with systemd as init and distro setup for grub'''
++ enable_plymouth()
++ subprocess.check_call(['/tmp/autopkgtest-reboot', 'systemd-started'])
++
++
++def getAllTests(unitTestClass):
++ '''get all test names in predictable sorted order from unitTestClass'''
++ return sorted([test[0] for test in inspect.getmembers(unitTestClass, predicate=inspect.isfunction)
++ if test[0].startswith('test_')])
++
++
++# AUTOPKGTEST_REBOOT_MARK contains the test name to pursue after reboot
++# (to check results and states after reboot, mostly).
++# we append the previous global return code (0 or 1) to it.
++# Example: AUTOPKGTEST_REBOOT_MARK=test_foo:0
++if __name__ == '__main__':
++ if os.path.exists('/run/initramfs/fsck-root'):
++ print('SKIP: root file system is being checked by initramfs already')
++ sys.exit(0)
++
++ all_tests = getAllTests(FsckdTest)
++ reboot_marker = os.getenv('AUTOPKGTEST_REBOOT_MARK')
++
++ current_test_after_reboot = ""
++ if not reboot_marker:
++ boot_with_systemd_distro()
++
++ # first test
++ if reboot_marker == "systemd-started":
++ current_test = all_tests[0]
++ return_code = 0
++ else:
++ (current_test_after_reboot, return_code) = reboot_marker.split(':')
++ current_test = current_test_after_reboot
++ return_code = int(return_code)
++
++ # loop on remaining tests to run
++ try:
++ remaining_tests = all_tests[all_tests.index(current_test):]
++ except ValueError:
++ print("Invalid value for AUTOPKGTEST_REBOOT_MARK, {} is not a valid test name".format(reboot_marker))
++ sys.exit(2)
++
++ # run all remaining tests
++ for test_name in remaining_tests:
++ after_reboot = False
++ # if this tests needed a reboot (and it has been performed), executes second part of it
++ if test_name == current_test_after_reboot:
++ after_reboot = True
++ suite = unittest.TestSuite()
++ suite.addTest(FsckdTest(test_name, after_reboot, return_code))
++ result = unittest.TextTestRunner(stream=sys.stdout, verbosity=2).run(suite)
++ if len(result.failures) != 0 or len(result.errors) != 0:
++ return_code = 1
++
++ sys.exit(return_code)
--- /dev/null
--- /dev/null
++#!/bin/sh
++set -e
++
++. `dirname $0`/assert.sh
++
++ORIG_TZ=`grep -v '^#' /etc/timezone`
++echo "original tz: $ORIG_TZ"
++
++echo 'timedatectl works'
++assert_in "Local time:" "`timedatectl --no-pager`"
++
++echo 'change timezone'
++assert_eq "`timedatectl --no-pager set-timezone Europe/Moscow 2>&1`" ""
++assert_eq "`readlink /etc/localtime | sed 's#^.*zoneinfo/##'`" "Europe/Moscow"
++[ -n "$TEST_UPSTREAM" ] || assert_eq "`cat /etc/timezone`" "Europe/Moscow"
++assert_in "Time.*zone: Europe/Moscow (MSK, +" "`timedatectl --no-pager`"
++
++echo 'reset timezone to original'
++assert_eq "`timedatectl --no-pager set-timezone $ORIG_TZ 2>&1`" ""
++assert_eq "`readlink /etc/localtime | sed 's#^.*zoneinfo/##'`" "$ORIG_TZ"
++[ -n "$TEST_UPSTREAM" ] || assert_eq "`cat /etc/timezone`" "$ORIG_TZ"
++
++# test setting UTC vs. LOCAL in /etc/adjtime
++if [ -e /etc/adjtime ]; then
++ ORIG_ADJTIME=`cat /etc/adjtime`
++ trap "echo '$ORIG_ADJTIME' > /etc/adjtime" EXIT INT QUIT PIPE
++else
++ trap "rm -f /etc/adjtime" EXIT INT QUIT PIPE
++fi
++
++echo 'no adjtime file'
++rm -f /etc/adjtime
++timedatectl set-local-rtc 0
++assert_true '[ ! -e /etc/adjtime ]'
++timedatectl set-local-rtc 1
++assert_eq "`cat /etc/adjtime`" "0.0 0 0
++0
++LOCAL"
++timedatectl set-local-rtc 0
++assert_true '[ ! -e /etc/adjtime ]'
++
++echo 'UTC set in adjtime file'
++printf '0.0 0 0\n0\nUTC\n' > /etc/adjtime
++timedatectl set-local-rtc 0
++assert_eq "`cat /etc/adjtime`" "0.0 0 0
++0
++UTC"
++timedatectl set-local-rtc 1
++assert_eq "`cat /etc/adjtime`" "0.0 0 0
++0
++LOCAL"
++
++echo 'non-zero values in adjtime file'
++printf '0.1 123 0\n0\nLOCAL\n' > /etc/adjtime
++timedatectl set-local-rtc 0
++assert_eq "`cat /etc/adjtime`" "0.1 123 0
++0
++UTC"
++timedatectl set-local-rtc 1
++assert_eq "`cat /etc/adjtime`" "0.1 123 0
++0
++LOCAL"
++
++echo 'fourth line adjtime file'
++printf '0.0 0 0\n0\nLOCAL\nsomethingelse\n' > /etc/adjtime
++timedatectl set-local-rtc 0
++assert_eq "`cat /etc/adjtime`" "0.0 0 0
++0
++UTC
++somethingelse"
++timedatectl set-local-rtc 1
++assert_eq "`cat /etc/adjtime`" "0.0 0 0
++0
++LOCAL
++somethingelse"
++
++echo 'no final newline in adjtime file'
++printf '0.0 0 0\n0\nUTC' > /etc/adjtime
++timedatectl set-local-rtc 0
++assert_true '[ ! -e /etc/adjtime ]'
++printf '0.0 0 0\n0\nUTC' > /etc/adjtime
++timedatectl set-local-rtc 1
++assert_eq "`cat /etc/adjtime`" "0.0 0 0
++0
++LOCAL"
++
++echo 'only one line in adjtime file'
++printf '0.0 0 0\n' > /etc/adjtime
++timedatectl set-local-rtc 0
++assert_true '[ ! -e /etc/adjtime ]'
++printf '0.0 0 0\n' > /etc/adjtime
++timedatectl set-local-rtc 1
++assert_eq "`cat /etc/adjtime`" "0.0 0 0
++0
++LOCAL"
++
++echo 'only one line in adjtime file, no final newline'
++printf '0.0 0 0' > /etc/adjtime
++timedatectl set-local-rtc 0
++assert_true '[ ! -e /etc/adjtime ]'
++printf '0.0 0 0' > /etc/adjtime
++timedatectl set-local-rtc 1
++assert_eq "`cat /etc/adjtime`" "0.0 0 0
++0
++LOCAL"
++
++echo 'only two lines in adjtime file'
++printf '0.0 0 0\n0\n' > /etc/adjtime
++timedatectl set-local-rtc 0
++assert_true '[ ! -e /etc/adjtime ]'
++printf '0.0 0 0\n0\n' > /etc/adjtime
++timedatectl set-local-rtc 1
++assert_eq "`cat /etc/adjtime`" "0.0 0 0
++0
++LOCAL"
++
++
++echo 'only two lines in adjtime file, no final newline'
++printf '0.0 0 0\n0' > /etc/adjtime
++timedatectl set-local-rtc 0
++assert_true '[ ! -e /etc/adjtime ]'
++printf '0.0 0 0\n0' > /etc/adjtime
++timedatectl set-local-rtc 1
++assert_eq "`cat /etc/adjtime`" "0.0 0 0
++0
++LOCAL"
++
++echo 'unknown value in 3rd line of adjtime file'
++printf '0.0 0 0\n0\nFOO\n' > /etc/adjtime
++timedatectl set-local-rtc 0
++assert_true '[ ! -e /etc/adjtime ]'
++printf '0.0 0 0\n0\nFOO\n' > /etc/adjtime
++timedatectl set-local-rtc 1
++assert_eq "`cat /etc/adjtime`" "0.0 0 0
++0
++LOCAL"
++
++# timesyncd has ConditionVirtualization=!container by default; drop/mock that for testing
++if systemd-detect-virt --container --quiet; then
++ systemctl disable --quiet --now systemd-timesyncd
++ mkdir -p /run/systemd/system/systemd-timesyncd.service.d
++ printf '[Unit]\nConditionVirtualization=\n[Service]\nType=simple\nAmbientCapabilities=\nExecStart=\nExecStart=/bin/sleep infinity' > /run/systemd/system/systemd-timesyncd.service.d/container.conf
++ systemctl daemon-reload
++fi
++
++mon=$(mktemp -t dbusmon.XXXXXX)
++trap "rm -f $mon" EXIT INT QUIT PIPE
++
++assert_ntp() {
++ V=$(busctl get-property org.freedesktop.timedate1 /org/freedesktop/timedate1 org.freedesktop.timedate1 NTP)
++ assert_eq "$V" "b $1"
++}
++
++start_mon() {
++ dbus-monitor --system "type='signal', member='PropertiesChanged', path='/org/freedesktop/timedate1'" > $mon &
++ MONPID=$!
++}
++
++wait_mon() {
++ for retry in $(seq 10); do
++ grep -q "$1" $mon && break
++ sleep 1
++ done
++ assert_in "$2" "$(cat $mon)"
++ kill $MONPID
++ wait
++}
++
++echo 'disable NTP'
++timedatectl set-ntp false
++while [ "$(systemctl --no-pager show systemd-timesyncd --property ActiveState)" != "ActiveState=inactive" ]; do sleep 1; done
++assert_ntp false
++assert_rc 3 systemctl is-active --quiet systemd-timesyncd
++
++echo 'enable NTP'
++start_mon
++timedatectl set-ntp true
++wait_mon "NTP" "boolean true"
++assert_ntp true
++while [ "$(systemctl --no-pager show systemd-timesyncd --property ActiveState)" != "ActiveState=active" ]; do sleep 1; done
++assert_rc 0 systemctl is-active --quiet systemd-timesyncd
++
++echo 're-disable NTP'
++start_mon
++timedatectl set-ntp false
++wait_mon "NTP" "boolean false"
++assert_ntp false
++assert_rc 3 systemctl is-active --quiet systemd-timesyncd
--- /dev/null
--- /dev/null
++#!/bin/sh
++# autopkgtest check: Run upstream udev test script
++# (C) 2016 Canonical Ltd.
++# Author: Martin Pitt <martin.pitt@ubuntu.com>
++set -euC
++
++TEST_DIR=${AUTOPKGTEST_TMP:=$(mktemp -d)}
++mkdir -p $TEST_DIR/test
++test/sys-script.py $TEST_DIR/test
++cp test/udev-test.pl $TEST_DIR
++cp /usr/lib/systemd/tests/manual/test-udev $TEST_DIR
++cd $TEST_DIR
++./udev-test.pl
--- /dev/null
--- /dev/null
++#!/usr/bin/python3
++# autopkgtest check: enable/disable/configure units
++# (C) 2015 Canonical Ltd.
++# Author: Martin Pitt <martin.pitt@ubuntu.com>
++
++import unittest
++import subprocess
++import os
++import sys
++import tempfile
++from glob import glob
++
++system_unit_dir = subprocess.check_output(
++ ['pkg-config', '--variable=systemdsystemunitdir', 'systemd'],
++ universal_newlines=True).strip()
++systemd_sysv_install = os.path.join(os.path.dirname(system_unit_dir),
++ 'systemd-sysv-install')
++
++
++class EnableTests(unittest.TestCase):
++ def tearDown(self):
++ # remove all traces from our test unit
++ f = glob(system_unit_dir + '/test_enable*.service')
++ f += glob(system_unit_dir + '/*/test_enable*.service')
++ f += glob('/etc/systemd/system/test_enable*.service')
++ f += glob('/etc/systemd/system/*/test_enable*.service')
++ f += glob('/etc/init.d/test_enable*')
++ f += glob('/etc/rc?.d/???test_enable*')
++ [os.unlink(i) for i in f]
++ subprocess.check_call(['systemctl', 'daemon-reload'])
++
++ def create_unit(self, suffix='', enable=False):
++ '''Create a test unit'''
++
++ unit = os.path.join(system_unit_dir,
++ 'test_enable%s.service' % suffix)
++ with open(unit, 'w') as f:
++ f.write('''[Unit]
++Description=Testsuite unit %s
++[Service]
++ExecStart=/bin/echo hello
++[Install]
++WantedBy=multi-user.target
++''' % suffix)
++
++ if enable:
++ os.symlink(unit, '/etc/systemd/system/multi-user.target.wants/' +
++ os.path.basename(unit))
++
++ return unit
++
++ def create_sysv(self, suffix='', enable=False):
++ '''Create a test SysV script'''
++
++ script = '/etc/init.d/test_enable%s' % suffix
++ with open(script, 'w') as f:
++ f.write('''/bin/sh
++### BEGIN INIT INFO
++# Provides: test_enable%s
++# Required-Start: $remote_fs $syslog
++# Required-Stop: $remote_fs $syslog
++# Default-Start: 2 3 4 5
++# Default-Stop: 0 1 6
++# Short-Description: Testsuite script%s
++### END INIT INFO
++
++echo hello
++''' % (suffix, suffix))
++ os.chmod(script, 0o755)
++
++ if enable:
++ subprocess.check_call(
++ [systemd_sysv_install, 'enable', os.path.basename(script)])
++
++ def assertEnabled(self, enabled, unit='test_enable.service'):
++ '''assert that given unit has expected state'''
++
++ systemctl = subprocess.Popen(['systemctl', 'is-enabled', unit],
++ stdout=subprocess.PIPE,
++ universal_newlines=True)
++ out = systemctl.communicate()[0].strip()
++ if enabled:
++ self.assertEqual(systemctl.returncode, 0)
++ self.assertEqual(out, 'enabled')
++ else:
++ self.assertEqual(systemctl.returncode, 1)
++ self.assertEqual(out, 'disabled')
++
++ def test_unit_enable(self):
++ '''no sysv: enable unit'''
++
++ self.create_unit()
++ self.assertEnabled(False)
++ # also works without .service suffix
++ self.assertEnabled(False, unit='test_enable')
++
++ subprocess.check_call(['systemctl', 'enable', 'test_enable'])
++
++ self.assertEnabled(True)
++ # also works without .service suffix
++ self.assertEnabled(True, unit='test_enable')
++
++ l = '/etc/systemd/system/multi-user.target.wants/test_enable.service'
++ self.assertTrue(os.path.islink(l))
++ self.assertEqual(os.readlink(l),
++ system_unit_dir + '/test_enable.service')
++
++ # enable should be idempotent
++ subprocess.check_call(['systemctl', 'enable', 'test_enable.service'])
++ self.assertEnabled(True)
++
++ def test_unit_disable(self):
++ '''no sysv: disable unit'''
++
++ self.create_unit(enable=True)
++ self.assertEnabled(True)
++ # also works without .service suffix
++ self.assertEnabled(True, unit='test_enable')
++
++ subprocess.check_call(['systemctl', 'disable', 'test_enable'])
++
++ self.assertEnabled(False)
++ # also works without .service suffix
++ self.assertEnabled(False, unit='test_enable')
++
++ l = '/etc/systemd/system/multi-user.target.wants/test_enable.service'
++ self.assertFalse(os.path.islink(l))
++
++ # disable should be idempotent
++ subprocess.check_call(['systemctl', 'disable', 'test_enable.service'])
++ self.assertEnabled(False)
++
++ def test_unit_sysv_enable(self):
++ '''with sysv: enable unit'''
++
++ self.create_unit()
++ self.create_sysv()
++ self.assertEnabled(False)
++ # also works without .service suffix
++ self.assertEnabled(False, unit='test_enable')
++
++ subprocess.check_call(['systemctl', 'enable', 'test_enable'])
++
++ self.assertEnabled(True)
++ # also works without .service suffix
++ self.assertEnabled(True, unit='test_enable')
++
++ l = '/etc/systemd/system/multi-user.target.wants/test_enable.service'
++ self.assertTrue(os.path.islink(l))
++ self.assertEqual(os.readlink(l),
++ system_unit_dir + '/test_enable.service')
++
++ # enabled the sysv script
++ l = glob('/etc/rc2.d/S??test_enable')
++ self.assertEqual(len(l), 1, 'expect one symlink in %s' % repr(l))
++ self.assertEqual(os.readlink(l[0]), '../init.d/test_enable')
++
++ # enable should be idempotent
++ subprocess.check_call(['systemctl', 'enable', 'test_enable.service'])
++ self.assertEnabled(True)
++
++ def test_unit_sysv_disable(self):
++ '''with sysv: disable unit'''
++
++ self.create_unit(enable=True)
++ self.create_sysv(enable=True)
++ self.assertEnabled(True)
++ # also works without .service suffix
++ self.assertEnabled(True, unit='test_enable')
++
++ subprocess.check_call(['systemctl', 'disable', 'test_enable'])
++
++ self.assertEnabled(False)
++ # also works without .service suffix
++ self.assertEnabled(False, unit='test_enable')
++
++ l = '/etc/systemd/system/multi-user.target.wants/test_enable.service'
++ self.assertFalse(os.path.islink(l))
++
++ # disabled the sysv script
++ l = glob('/etc/rc2.d/S??test_enable')
++ self.assertEqual(l, [])
++
++ # disable should be idempotent
++ subprocess.check_call(['systemctl', 'enable', 'test_enable.service'])
++ self.assertEnabled(True)
++
++ def test_unit_alias_enable(self):
++ '''no sysv: enable unit with an alias'''
++
++ u = self.create_unit()
++ with open(u, 'a') as f:
++ f.write('Alias=test_enablea.service\n')
++
++ self.assertEnabled(False)
++
++ subprocess.check_call(['systemctl', 'enable', 'test_enable'])
++
++ self.assertEnabled(True)
++
++ # enablement symlink
++ l = '/etc/systemd/system/multi-user.target.wants/test_enable.service'
++ self.assertTrue(os.path.islink(l))
++ self.assertEqual(os.readlink(l),
++ system_unit_dir + '/test_enable.service')
++
++ # alias symlink
++ l = '/etc/systemd/system/test_enablea.service'
++ self.assertTrue(os.path.islink(l))
++ self.assertEqual(os.readlink(l),
++ system_unit_dir + '/test_enable.service')
++
++ def test_unit_alias_disable(self):
++ '''no sysv: disable unit with an alias'''
++
++ u = self.create_unit()
++ with open(u, 'a') as f:
++ f.write('Alias=test_enablea.service\n')
++ os.symlink(system_unit_dir + '/test_enable.service',
++ '/etc/systemd/system/test_enablea.service')
++
++ subprocess.check_call(['systemctl', 'disable', 'test_enable'])
++
++ self.assertEnabled(False)
++
++ # enablement symlink
++ l = '/etc/systemd/system/multi-user.target.wants/test_enable.service'
++ self.assertFalse(os.path.islink(l))
++
++ # alias symlink
++ l = '/etc/systemd/system/test_enablea.service'
++ self.assertFalse(os.path.islink(l))
++
++ def test_unit_sysv_alias_enable(self):
++ '''with sysv: enable unit with an alias'''
++
++ u = self.create_unit()
++ with open(u, 'a') as f:
++ f.write('Alias=test_enablea.service\n')
++ self.create_sysv()
++
++ self.assertEnabled(False)
++
++ subprocess.check_call(['systemctl', 'enable', 'test_enable'])
++
++ # enablement symlink
++ l = '/etc/systemd/system/multi-user.target.wants/test_enable.service'
++ self.assertTrue(os.path.islink(l))
++ self.assertEqual(os.readlink(l),
++ system_unit_dir + '/test_enable.service')
++
++ # alias symlink
++ l = '/etc/systemd/system/test_enablea.service'
++ self.assertTrue(os.path.islink(l))
++ self.assertEqual(os.readlink(l),
++ system_unit_dir + '/test_enable.service')
++
++ # enabled the sysv script
++ l = glob('/etc/rc2.d/S??test_enable')
++ self.assertEqual(len(l), 1, 'expect one symlink in %s' % repr(l))
++ self.assertEqual(os.readlink(l[0]), '../init.d/test_enable')
++
++ self.assertEnabled(True)
++
++ def test_unit_sysv_alias_disable(self):
++ '''with sysv: disable unit with an alias'''
++
++ u = self.create_unit(enable=True)
++ with open(u, 'a') as f:
++ f.write('Alias=test_enablea.service\n')
++ os.symlink(system_unit_dir + '/test_enable.service',
++ '/etc/systemd/system/test_enablea.service')
++ self.create_sysv(enable=True)
++
++ subprocess.check_call(['systemctl', 'disable', 'test_enable'])
++
++ # enablement symlink
++ l = '/etc/systemd/system/multi-user.target.wants/test_enable.service'
++ self.assertFalse(os.path.islink(l))
++
++ # alias symlink
++ l = '/etc/systemd/system/test_enablea.service'
++ self.assertFalse(os.path.islink(l))
++
++ # disabled the sysv script
++ l = glob('/etc/rc2.d/S??test_enable')
++ self.assertEqual(l, [])
++
++ self.assertEnabled(False)
++
++ def test_sysv_enable(self):
++ '''only sysv: enable'''
++
++ self.create_sysv()
++ subprocess.check_call(['systemctl', 'enable', 'test_enable'])
++
++ # enabled the sysv script
++ l = glob('/etc/rc2.d/S??test_enable')
++ self.assertEqual(len(l), 1, 'expect one symlink in %s' % repr(l))
++ self.assertEqual(os.readlink(l[0]), '../init.d/test_enable')
++
++ # enable should be idempotent
++ subprocess.check_call(['systemctl', 'enable', 'test_enable'])
++ self.assertEnabled(True)
++
++ def test_sysv_disable(self):
++ '''only sysv: disable'''
++
++ self.create_sysv(enable=True)
++ subprocess.check_call(['systemctl', 'disable', 'test_enable'])
++
++ # disabled the sysv script
++ l = glob('/etc/rc2.d/S??test_enable')
++ self.assertEqual(l, [])
++
++ # disable should be idempotent
++ subprocess.check_call(['systemctl', 'disable', 'test_enable'])
++ self.assertEnabled(False)
++
++ def test_unit_link(self):
++ '''systemctl link'''
++
++ with tempfile.NamedTemporaryFile(suffix='.service') as f:
++ f.write(b'[Unit]\n')
++ f.flush()
++ subprocess.check_call(['systemctl', 'link', f.name])
++
++ unit = os.path.basename(f.name)
++ l = os.path.join('/etc/systemd/system', unit)
++ self.assertEqual(os.readlink(l), f.name)
++
++ # disable it again
++ subprocess.check_call(['systemctl', 'disable', unit])
++ # this should also remove the unit symlink
++ self.assertFalse(os.path.islink(l))
++
++ def test_unit_enable_full_path(self):
++ '''systemctl enable a unit in a non-default path'''
++
++ with tempfile.NamedTemporaryFile(suffix='.service') as f:
++ f.write(b'''[Unit]
++Description=test
++[Service]
++ExecStart=/bin/true
++[Install]
++WantedBy=multi-user.target''')
++ f.flush()
++ unit = os.path.basename(f.name)
++
++ # now enable it
++ subprocess.check_call(['systemctl', 'enable', f.name])
++ self.assertEnabled(True, unit=unit)
++ l = os.path.join('/etc/systemd/system', unit)
++ self.assertEqual(os.readlink(l), f.name)
++ enable_l = '/etc/systemd/system/multi-user.target.wants/' + unit
++ self.assertEqual(os.readlink(enable_l), f.name)
++
++ # disable it again
++ subprocess.check_call(['systemctl', 'disable', unit])
++ # self.assertEnabled(False) does not work as now systemd does not
++ # know about the unit at all any more
++ self.assertFalse(os.path.islink(enable_l))
++ # this should also remove the unit symlink
++ self.assertFalse(os.path.islink(l))
++
++
++if __name__ == '__main__':
++ unittest.main(testRunner=unittest.TextTestRunner(stream=sys.stdout,
++ verbosity=2))
--- /dev/null
--- /dev/null
++#!/bin/sh
++# run upstream system integration tests
++# Author: Martin Pitt <martin.pitt@ubuntu.com>
++set -e
++
++DPKGARCH=$(dpkg --print-architecture)
++
++# quiesce Makefile.guess; not really relevant as systemd/nspawn run from
++# installed packages
++export BUILD_DIR=.
++
++# modify the image build scripts to install systemd from the debs instead of
++# from a "make/ninja install" as we don't have a built tree here. Also call
++# systemd-nspawn from the system.
++sed -i '/DESTDIR.* install/ s%^.*$% for p in `grep ^Package: '`pwd`'/debian/control | cut -f2 -d\\ |grep -Ev -- "-(udeb|dev)"`; do (cd /tmp; apt-get download $p \&\& dpkg-deb --fsys-tarfile ${p}[._]*deb | tar -C $initdir --dereference -x); done%; s_[^" ]*/systemd-nspawn_systemd-nspawn_g; s/\(_ninja_bin=\).*/\1dummy-ninja/' test/test-functions
++
++# adjust path
++sed -i 's_/usr/libexec/selinux/hll/pp_/usr/lib/selinux/hll/pp_' test/TEST-06-SELINUX/test.sh
++
++FAILED=""
++
++# Because this test is used both by upstream and by Debian, we use different blacklist filenames.
++# For more details see https://salsa.debian.org/systemd-team/systemd/merge_requests/52
++if [ -n "$TEST_UPSTREAM" ]; then
++ BLACKLIST="blacklist-ubuntu-ci"
++else
++ BLACKLIST="blacklist-upstream-ci"
++fi
++
++for t in test/TEST*; do
++ testname=$(basename $t)
++ if [ -f "$t/$BLACKLIST" ]; then
++ echo "========== BLACKLISTED: $testname =========="
++ continue
++ elif [ -f "$t/$BLACKLIST-$DPKGARCH" ]; then
++ echo "========== BLACKLISTED (for arch $DPKGARCH): $testname =========="
++ continue
++ fi
++ echo "========== START: $testname =========="
++ rm -rf /var/tmp/systemd-test.*
++ if ! make -C $t clean setup run; then
++ for j in /var/tmp/systemd-test.*/journal/*; do
++ [ -e "$j" ] || continue
++ # keep the entire journal in artifacts, in case one needs the debug messages
++ cp -r "$j" "$AUTOPKGTEST_ARTIFACTS/${testname}-$(basename $j)"
++ echo "---- $j ----"
++ journalctl --priority=warning --directory=$j
++ done
++ FAILED="$FAILED $testname"
++ fi
++ echo
++ # always cleanup each test run
++ make -C $t clean-again
++ echo "========== END: $testname =========="
++done
++
++if [ -n "$FAILED" ]; then
++ echo FAILED TESTS: "$FAILED"
++ exit 1
++fi
--- /dev/null
--- /dev/null
++/etc/udev/rules.d/
--- /dev/null
--- /dev/null
++lib/systemd/network/99-default.link
++lib/systemd/systemd-udevd
++bin/udevadm
++lib/udev/ata_id
++lib/udev/scsi_id
++lib/udev/cdrom_id
++lib/udev/rules.d/50-udev-default.rules
++lib/udev/rules.d/60-cdrom_id.rules
++lib/udev/rules.d/60-input-id.rules
++lib/udev/rules.d/60-persistent-input.rules
++lib/udev/rules.d/60-persistent-storage.rules
++lib/udev/rules.d/64-btrfs.rules
++lib/udev/rules.d/75-net-description.rules
++lib/udev/rules.d/75-probe_mtd.rules
++lib/udev/rules.d/80-drivers.rules
++lib/udev/rules.d/80-net-setup-link.rules
++../../extra/rules/50-firmware.rules lib/udev/rules.d/
++../../extra/rules/73-special-net-names.rules lib/udev/rules.d/
++../../extra/rules/73-usb-net-by-mac.rules lib/udev/rules.d/
++../../extra/start-udev lib/debian-installer/
--- /dev/null
--- /dev/null
++systemd (241-4) unstable; urgency=medium
++
++ DRM render nodes (/dev/dri/renderD*) are now owned by group "render"
++ (previously group "video"). Dynamic ACLs via the "uaccess" udev tag are still
++ applied, so in the common case things should just continue to work.
++ If you rely on static permissions to access those devices, you need to update
++ group memberships accordingly to use group "render" now.
++
++ -- Michael Biebl <biebl@debian.org> Fri, 17 May 2019 19:15:32 +0200
++
++systemd (220-7) unstable; urgency=medium
++
++ The mechanism for providing stable network interface names changed.
++ Previously they were kept in /etc/udev/rules.d/70-persistent-net.rules
++ which mapped device MAC addresses to the (arbitrary) name they got when
++ they first appeared (i. e. mostly at the time of installation). As this
++ had several problems and is not supported any more, this is deprecated in
++ favor of the "net.ifnames" mechanism. With this most of your network
++ interfaces will get location-based names. If you have ifupdown, firewall,
++ or other configuration that relies on the old names, you need to update
++ these by Debian 10/Ubuntu 18.04 LTS, and then remove
++ /etc/udev/rules.d/70-persistent-net.rules. Please see
++ /usr/share/doc/udev/README.Debian.gz for details about this.
++
++ -- Martin Pitt <mpitt@debian.org> Mon, 15 Jun 2015 15:30:29 +0200
--- /dev/null
--- /dev/null
++This documents udev integration Debian specifics. Please see man udev(7) and
++its referenced manpages for general documentation.
++
++Network interface naming
++~~~~~~~~~~~~~~~~~~~~~~~~
++Since version 197 udev has a builtin persistent name generator which checks
++firmware/BIOS provided index numbers or slot names (similar to biosdevname),
++falls back to slot names (PCI numbers, etc., in the spirit of
++/dev/disks/by-path/), and then optionally falls back to MAC address, and
++generates names based on these properties. This provides "location oriented"
++names for PCI cards such as "enp0s1" for ethernet, or wlp1s0" for a WIFI card
++so that replacing a broken network card does not change the name (as long
++as the new card is fitted into the bus in the old card's slot.) As location
++based naming does not work well for USB devices, these use a MAC based naming
++schema (see /lib/udev/rules.d/73-usb-net-by-mac.rules).
++
++This has been enabled by default since udev 220-7, which affects new
++installations/hardware. Existing installations/hardware which already got
++covered by the old 75-persistent-net-generator.rules may keep their existing
++interface names until the release of Debian 10 / Ubuntu 18.04 LTS; see
++below.
++
++You can disable these stable names and go back to the kernel-provided ones
++(which don't have a stable order) in one of two ways:
++
++ - Put "net.ifnames=0" into the kernel command line (e. g. in
++ /etc/default/grub's GRUB_CMDLINE_LINUX_DEFAULT, then run "update-grub").
++
++ - Disable the default *.link rules with
++ "ln -s /dev/null /etc/systemd/network/99-default.link"
++ and rebuild the initrd with "update-initramfs -u".
++
++See this page for more information:
++http://www.freedesktop.org/wiki/Software/systemd/PredictableNetworkInterfaceNames/
++
++Legacy persistent network interface naming
++~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
++Debian releases up to 8 ("Jessie") and Ubuntu up to 15.04 had an udev rule
++/lib/udev/rules.d/75-persistent-net-generator.rules which fixed the name of a
++network interface that it got when its MAC address first appeared in a
++dynamically created /etc/udev/rules.d/70-persistent-net.rules file.
++
++This had inherent race conditions (which sometimes caused collisions and
++interface names like "rename1"), required having to write state into /etc
++(which isn't possible for read-only root), and did not work in virtualized
++environments.
++
++This old schema is deprecated in Debian 9 ("Stretch"), and will not
++be supported any more in Debian 10.
++
++Migration to the current network interface naming scheme
++~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
++Interface names must be be manually migrated to the new naming scheme before
++upgrading to Debian 10 / Ubuntu 18.04 LTS. If you rely on the old names in
++custom ifupdown stanzas, firewall scripts, or other networking configuration,
++these will eventually need to be updated to the new names.
++
++WARNING: This process may render your machine inaccessible through ssh. Be sure
++to have physical or serial console access to the machine or a way to revert to
++your existing configuration.
++
++First, determine all relevant network interface names: those in
++/etc/udev/rules.d/70-persistent-net.rules, or if that does not exist (in
++the case of virtual machines), in "ip link" or /sys/class/net/.
++
++Then for every interface name use a command like
++
++ grep -r eth0 /etc
++
++to find out where it is being used.
++
++Then on "real hardware" machines, rename the file to
++70-persistent-net.rules.old; alternately, if you have multiple interfaces,
++instead of renaming you may wish to comment out specific lines to convert a
++single interface at a time.
++
++On VMs remove the files /etc/systemd/network/99-default.link and
++/etc/systemd/network/50-virtio-kernel-names.link (the latter only exists on VMs
++that use virtio network devices).
++
++Rebuild the initrd with
++
++ update-initramfs -u
++
++and reboot. Then your system should have a new network interface name (or
++names). Adjust configuration files as discovered with the grep above, and test
++your system.
++
++Repeat for each network interface name, as necessary.
++
++Custom net interface naming
++~~~~~~~~~~~~~~~~~~~~~~~~~~~
++In some cases it is convenient to define your own specific names for network
++interfaces. These can be customized in two different ways:
++
++ * You can create your own names via *.link files (see systemd.link(5)) based
++ on hardware properties. For example, /etc/systemd/network/10-dmz.link:
++
++ ------------ snip ------------
++ [Match]
++ MACAddress=11:22:aa:bb:cc:33
++
++ [Link]
++ Name=eth-dmz
++ ------------ snip ------------
++
++ * If you need attributes that link files don't expose, or you need more
++ powerful pattern matching, you can create udev rules (see udev(7))
++ like /etc/udev/rules.d/76-netnames.rules:
++
++ ------------ snip ------------
++ # identify by vendor/model ID
++ SUBSYSTEM=="net", ACTION=="add", ENV{ID_VENDOR_ID}=="0x8086", \
++ ENV{ID_MODEL_ID}=="0x1502", NAME="eth-intel-gb"
++
++ # USB device by path
++ # get ID_PATH if not present yet
++ ENV{ID_PATH}=="", IMPORT{builtin}="path_id"
++ SUBSYSTEM=="net", ACTION=="add", ENV{ID_PATH}=="*-usb-0:3:1*", NAME="eth-blue-hub"
++ ------------ snip ----------
++
++ The name of the rules file needs to have a prefix smaller than "80" so that
++ it runs before /lib/udev/rules.d/80-net-setup-link.rules, and should have a
++ prefix bigger than "75" so that it runs after 75-net-description.rules and
++ thus you can use matches on ID_VENDOR and similar properties.
++
++ * Unless you disabled net.ifnames, you can change the policy
++ (kernel/bios/path/MAC based naming) in an /etc/systemd/network/*.link file,
++ for individual devices or entire device classes. See man systemd.link(5) for
++ details about this. /lib/systemd/network/99-default.link is the default
++ policy. Note that /lib/udev/rules.d/73-usb-net-by-mac.rules uses MAC based
++ names for USB devices.
++
++Any of the above changes require an initrd update with "update-initramfs -u" to
++get effective.
++
++Using udev with LDAP or NIS
++~~~~~~~~~~~~~~~~~~~~~~~~~~~
++If the rules files reference usernames or groups not present in the
++/etc/{passwd,group} files and the system is configured to use a
++network-based database like LDAP or NIS then udev may fail at boot time
++because users and groups are looked up well before the network has been
++initialized.
++A possible solution is to configure /etc/nsswitch.conf like this:
++
++ passwd: files ldap [UNAVAIL=return]
++ group: files ldap [UNAVAIL=return]
++
++The nsswitch.conf syntax is documented in the glibc manual.
--- /dev/null
--- /dev/null
++package-status: systemd
--- /dev/null
--- /dev/null
++#!/bin/sh
++
++# We don’t clean up this directory because there is no way to know when
++# reportbug finished running, and reportbug needs the files around.
++# Given that those are just a couple of kilobytes in size and people
++# generally don’t file a lot of bugs, I don’t think it’s a big deal.
++DIR=$(mktemp -d)
++
++echo "-- BEGIN ATTACHMENTS --" >&3
++
++udevadm info --export-db >$DIR/udev-database.txt
++echo "$DIR/udev-database.txt" >&3
++
++echo "-- END ATTACHMENTS --" >&3
--- /dev/null
--- /dev/null
++#!/bin/sh -e
++### BEGIN INIT INFO
++# Provides: udev
++# Required-Start: mountkernfs
++# Required-Stop: umountroot
++# Default-Start: S
++# Default-Stop: 0 6
++# Short-Description: Start systemd-udevd, populate /dev and load drivers.
++### END INIT INFO
++
++PATH="/sbin:/bin"
++NAME="systemd-udevd"
++DAEMON="/lib/systemd/systemd-udevd"
++DESC="hotplug events dispatcher"
++PIDFILE="/run/udev.pid"
++CTRLFILE="/run/udev/control"
++OMITDIR="/run/sendsigs.omit.d"
++
++# we need to unmount /dev/pts/ and remount it later over the devtmpfs
++unmount_devpts() {
++ if mountpoint -q /dev/pts/; then
++ umount -n -l /dev/pts/
++ fi
++
++ if mountpoint -q /dev/shm/; then
++ umount -n -l /dev/shm/
++ fi
++}
++
++# mount a devtmpfs over /dev, if somebody did not already do it
++mount_devtmpfs() {
++ if grep -E -q "^[^[:space:]]+ /dev devtmpfs" /proc/mounts; then
++ mount -n -o remount,nosuid,size=$tmpfs_size,mode=0755 -t devtmpfs devtmpfs /dev
++ return
++ fi
++
++ if ! mount -n -o nosuid,size=$tmpfs_size,mode=0755 -t devtmpfs devtmpfs /dev; then
++ log_failure_msg "udev requires devtmpfs support, not started"
++ log_end_msg 1
++ fi
++
++ return 0
++}
++
++create_dev_makedev() {
++ if [ -e /sbin/MAKEDEV ]; then
++ ln -sf /sbin/MAKEDEV /dev/MAKEDEV
++ else
++ ln -sf /bin/true /dev/MAKEDEV
++ fi
++}
++
++# shell version of /usr/bin/tty
++my_tty() {
++ [ -x /bin/readlink ] || return 0
++ [ -e /proc/self/fd/0 ] || return 0
++ readlink --silent /proc/self/fd/0 || true
++}
++
++warn_if_interactive() {
++ if [ "$RUNLEVEL" = "S" -a "$PREVLEVEL" = "N" ]; then
++ return
++ fi
++
++ TTY=$(my_tty)
++ if [ -z "$TTY" -o "$TTY" = "/dev/console" -o "$TTY" = "/dev/null" ]; then
++ return
++ fi
++
++ printf "\n\n\nIt has been detected that the command\n\n\t$0 $*\n\n"
++ printf "has been run from an interactive shell.\n"
++ printf "It will probably not do what you expect, so this script will wait\n"
++ printf "60 seconds before continuing. Press ^C to stop it.\n"
++ printf "RUNNING THIS COMMAND IS HIGHLY DISCOURAGED!\n\n\n\n"
++ sleep 60
++}
++
++make_static_nodes() {
++ [ -e /lib/modules/$(uname -r)/modules.devname ] || return 0
++ [ -x /bin/kmod ] || return 0
++
++ /bin/kmod static-nodes --format=tmpfiles --output=/proc/self/fd/1 | \
++ while read type name mode uid gid age arg; do
++ [ -e $name ] && continue
++ case "$type" in
++ c|b|c!|b!) mknod -m $mode $name $type $(echo $arg | sed 's/:/ /') ;;
++ d|d!) mkdir $name ;;
++ *) echo "unparseable line ($type $name $mode $uid $gid $age $arg)" >&2 ;;
++ esac
++
++ if [ -x /sbin/restorecon ]; then
++ /sbin/restorecon $name
++ fi
++ done
++}
++
++
++##############################################################################
++
++
++[ -x $DAEMON ] || exit 0
++
++# defaults
++tmpfs_size="10M"
++
++if [ -e /etc/udev/udev.conf ]; then
++ . /etc/udev/udev.conf
++fi
++
++. /lib/lsb/init-functions
++
++if [ ! -e /proc/filesystems ]; then
++ log_failure_msg "udev requires a mounted procfs, not started"
++ log_end_msg 1
++fi
++
++if ! grep -q '[[:space:]]devtmpfs$' /proc/filesystems; then
++ log_failure_msg "udev requires devtmpfs support, not started"
++ log_end_msg 1
++fi
++
++if [ ! -d /sys/class/ ]; then
++ log_failure_msg "udev requires a mounted sysfs, not started"
++ log_end_msg 1
++fi
++
++if [ ! -w /sys ]; then
++ log_warning_msg "udev does not support containers, not started"
++ exit 0
++fi
++
++if [ -d /sys/class/mem/null -a ! -L /sys/class/mem/null ] || \
++ [ -e /sys/block -a ! -e /sys/class/block ]; then
++ log_warning_msg "CONFIG_SYSFS_DEPRECATED must not be selected"
++ log_warning_msg "Booting will continue in 30 seconds but many things will be broken"
++ sleep 30
++fi
++
++# When modifying this script, do not forget that between the time that the
++# new /dev has been mounted and udevadm trigger has been run there will be
++# no /dev/null. This also means that you cannot use the "&" shell command.
++
++case "$1" in
++ start)
++ if [ ! -e "/run/udev/" ]; then
++ warn_if_interactive
++ fi
++
++ if [ -w /sys/kernel/uevent_helper ]; then
++ echo > /sys/kernel/uevent_helper
++ fi
++
++ if ! mountpoint -q /dev/; then
++ unmount_devpts
++ mount_devtmpfs
++ [ -d /proc/1 ] || mount -n /proc
++ fi
++
++ make_static_nodes
++
++ # clean up parts of the database created by the initramfs udev
++ udevadm info --cleanup-db
++
++ # set the SELinux context for devices created in the initramfs
++ [ -x /sbin/restorecon ] && /sbin/restorecon -R /dev
++
++ log_daemon_msg "Starting $DESC" "$NAME"
++ if start-stop-daemon --start --name $NAME --user root --quiet \
++ --pidfile $PIDFILE --exec $DAEMON --background --make-pidfile \
++ --notify-await; then
++ # prevents udevd to be killed by sendsigs (see #791944)
++ mkdir -p $OMITDIR
++ ln -sf $PIDFILE $OMITDIR/$NAME
++ log_end_msg $?
++ else
++ log_warning_msg $?
++ log_warning_msg "Waiting 15 seconds and trying to continue anyway"
++ sleep 15
++ fi
++
++ log_action_begin_msg "Synthesizing the initial hotplug events (subsystems)"
++ if udevadm trigger --type=subsystems --action=add; then
++ log_action_end_msg $?
++ else
++ log_action_end_msg $?
++ fi
++ log_action_begin_msg "Synthesizing the initial hotplug events (devices)"
++ if udevadm trigger --type=devices --action=add; then
++ log_action_end_msg $?
++ else
++ log_action_end_msg $?
++ fi
++
++ create_dev_makedev
++
++ # wait for the systemd-udevd childs to finish
++ log_action_begin_msg "Waiting for /dev to be fully populated"
++ if udevadm settle; then
++ log_action_end_msg 0
++ else
++ log_action_end_msg 0 'timeout'
++ fi
++ ;;
++
++ stop)
++ log_daemon_msg "Stopping $DESC" "$NAME"
++ if start-stop-daemon --stop --name $NAME --user root --quiet \
++ --pidfile $PIDFILE --remove-pidfile --oknodo --retry 5; then
++ # prevents cryptsetup/dmsetup hangs (see #791944)
++ rm -f $CTRLFILE
++ log_end_msg $?
++ else
++ log_end_msg $?
++ fi
++ ;;
++
++ restart)
++ log_daemon_msg "Stopping $DESC" "$NAME"
++ if start-stop-daemon --stop --name $NAME --user root --quiet \
++ --pidfile $PIDFILE --remove-pidfile --oknodo --retry 5; then
++ # prevents cryptsetup/dmsetup hangs (see #791944)
++ rm -f $CTRLFILE
++ log_end_msg $?
++ else
++ log_end_msg $? || true
++ fi
++
++ log_daemon_msg "Starting $DESC" "$NAME"
++ if start-stop-daemon --start --name $NAME --user root --quiet \
++ --pidfile $PIDFILE --exec $DAEMON --background --make-pidfile \
++ --notify-await; then
++ # prevents udevd to be killed by sendsigs (see #791944)
++ mkdir -p $OMITDIR
++ ln -sf $PIDFILE $OMITDIR/$NAME
++ log_end_msg $?
++ else
++ log_end_msg $?
++ fi
++ ;;
++
++ reload|force-reload)
++ udevadm control --reload-rules
++ ;;
++
++ status)
++ status_of_proc $DAEMON $NAME && exit 0 || exit $?
++ ;;
++
++ *)
++ echo "Usage: /etc/init.d/udev {start|stop|restart|reload|force-reload|status}" >&2
++ exit 1
++ ;;
++esac
++
++exit 0
++
--- /dev/null
--- /dev/null
++etc/udev/
++lib/udev/*
++lib/systemd/network/*.link
++lib/systemd/system/systemd-udev*
++lib/systemd/system/systemd-hwdb*
++lib/systemd/system/*.target.wants/systemd-udev*
++lib/systemd/system/*.target.wants/*hwdb*
++lib/systemd/systemd-udevd
++bin/udevadm
++bin/systemd-hwdb
++usr/lib/tmpfiles.d/static-nodes-permissions.conf
++usr/share/man/man5/udev.conf.5
++usr/share/man/man5/systemd.link.5
++usr/share/man/man7/hwdb.7
++usr/share/man/man7/udev.7
++usr/share/man/man8/systemd-hwdb*
++usr/share/man/man8/systemd-udevd*
++usr/share/man/man8/udevadm.8
++usr/share/bash-completion/completions/udevadm
++usr/share/zsh/vendor-completions/_udevadm
++usr/share/pkgconfig/udev.pc
++../../extra/initramfs-tools usr/share/
++../../extra/rules/*.rules lib/udev/rules.d/
++#../../extra/*.hwdb lib/udev/hwdb.d/
++../../extra/fbdev-blacklist.conf lib/modprobe.d/
--- /dev/null
--- /dev/null
++/lib/systemd/system/systemd-udevd.service /lib/systemd/system/udev.service
--- /dev/null
--- /dev/null
++rm_conffile /etc/init/udev.conf 233-1~
++rm_conffile /etc/init/udevmonitor.conf 233-1~
++rm_conffile /etc/init/udevtrigger.conf 233-1~
--- /dev/null
--- /dev/null
++#!/bin/sh -e
++
++chrooted() {
++ if [ "$(stat -c %d/%i /)" = "$(stat -Lc %d/%i /proc/1/root 2>/dev/null)" ];
++ then
++ # the devicenumber/inode pair of / is the same as that of /sbin/init's
++ # root, so we're *not* in a chroot and hence return false.
++ return 1
++ fi
++ echo "A chroot environment has been detected, udev not started."
++ return 0
++}
++
++in_debootstrap() {
++ # debootstrap --second-stage may be run in an emulator instead of a chroot,
++ # we need to check for this special case because start-stop-daemon would
++ # not be available. (#520742)
++ if [ -d /debootstrap/ ]; then
++ echo "Being installed by debootstrap, udev not started."
++ return 0
++ fi
++ return 1
++}
++
++can_start_udevd() {
++ if [ ! -d /sys/class/ ]; then
++ echo "udev requires a mounted sysfs, not started."
++ return 1
++ fi
++ return 0
++}
++
++enable_udev() {
++ can_start_udevd || return 0
++ invoke-rc.d udev start
++}
++
++update_initramfs() {
++ [ -x /usr/sbin/update-initramfs -a -e /etc/initramfs-tools/initramfs.conf ] \
++ || return 0
++ update-initramfs -u
++}
++
++upgrade_fixes() {
++ # new Default-Stop (see #791944)
++ if dpkg --compare-versions "$2" lt-nl "239-8"; then
++ update-rc.d -f udev remove
++ fi
++}
++
++update_hwdb() {
++ systemd-hwdb --usr update || true
++}
++
++case "$1" in
++ configure)
++ # update/create hwdb before we (re)start udev
++ update_hwdb
++
++ # Add new system group used by udev rules
++ addgroup --quiet --system input
++
++ # Make /dev/kvm accessible to kvm group
++ addgroup --quiet --system kvm
++
++ # Make /dev/dri/renderD* accessible to render group
++ addgroup --quiet --system render
++
++ if [ -z "$2" ]; then # first install
++ if ! chrooted && ! in_debootstrap; then
++ enable_udev
++ fi
++ else # upgrades
++ upgrade_fixes "$@"
++ if ! chrooted; then
++ if can_start_udevd; then
++ if [ -d /run/systemd/system ] ; then
++ systemctl daemon-reload || true
++ fi
++ invoke-rc.d udev restart
++ fi
++ fi
++ fi
++
++ update_initramfs
++ ;;
++
++ triggered)
++ update_hwdb
++ exit 0
++ ;;
++esac
++
++#DEBHELPER#
++
--- /dev/null
--- /dev/null
++#!/bin/sh -e
++
++case "$1" in
++ purge)
++ rm -f /etc/udev/rules.d/70-persistent-*.rules
++ rmdir --ignore-fail-on-non-empty /etc/udev/rules.d/ 2> /dev/null || true
++ rm -f /lib/udev/hwdb.bin
++ rm -f /var/log/udev
++ ;;
++esac
++
++#DEBHELPER#
--- /dev/null
--- /dev/null
++#!/bin/sh -e
++
++# adapted from postinst
++chrooted() {
++ if [ "$(stat -c %d/%i /)" = "$(stat -Lc %d/%i /proc/1/root 2>/dev/null)" ];
++ then
++ return 1
++ fi
++ return 0
++}
++
++check_kernel_features() {
++ # skip the check if udev is not already active
++ [ -d /run/udev/ ] || return 0
++
++ if [ -e /proc/kallsyms ]; then
++
++ local needed_symbols='inotify_init signalfd accept4 open_by_handle_at timerfd_create epoll_create'
++ for symbol in $needed_symbols; do
++ if ! egrep -q "^[a-fA-F0-9]+ T \.?sys_${symbol}$" /proc/kallsyms; then
++ cat <<END
++Since release 198, udev requires support for the following features in
++the running kernel:
++
++- inotify(2) (CONFIG_INOTIFY_USER)
++- signalfd(2) (CONFIG_SIGNALFD)
++- accept4(2)
++- open_by_handle_at(2) (CONFIG_FHANDLE)
++- timerfd_create(2) (CONFIG_TIMERFD)
++- epoll_create(2) (CONFIG_EPOLL)
++END
++ exit 1
++ fi
++ done
++
++ fi
++
++ if ! grep -q '[[:space:]]devtmpfs$' /proc/filesystems; then
++ cat <<END
++Since release 176, udev requires support for the following features in
++the running kernel:
++
++- devtmpfs (CONFIG_DEVTMPFS)
++END
++ exit 1
++ fi
++
++ if [ -d /sys/class/mem/null -a ! -L /sys/class/mem/null ] ||
++ [ -e /sys/block -a ! -e /sys/class/block ]; then
++ cat <<END
++The currently running kernel has the CONFIG_SYSFS_DEPRECATED option
++enabled, which is incompatible with udev.
++END
++ exit 1
++ fi
++}
++
++check_version() {
++ # $2 is non-empty when installing from the "config-files" state
++ [ -n "$2" ] || return 0
++
++ if dpkg --compare-versions $2 lt 204-4; then
++ # these must be checked first to allow aborting before changing anything
++ if chrooted; then
++ echo 'Running in a chroot, skipping the kernel versions checks!'
++ else
++ check_kernel_features
++ # suppress errors when the new rules files contain options not supported by
++ # the old daemon
++ udevadm control --log-priority=0 || true
++ fi
++ fi # 204-4
++}
++
++case "$1" in
++ install|upgrade|abort-upgrade)
++ check_version "$@"
++ ;;
++esac
++
++#DEBHELPER#
--- /dev/null
--- /dev/null
++#!/bin/sh -e
++
++# adapted from postinst
++chrooted() {
++ if [ "$(stat -c %d/%i /)" = "$(stat -Lc %d/%i /proc/1/root 2>/dev/null)" ];
++ then
++ return 1
++ fi
++ return 0
++}
++
++kill_udevd() {
++ if [ -d /run/systemd/system ]; then
++ systemctl stop systemd-udevd-control.socket systemd-udevd-kernel.socket
++ systemctl stop systemd-udevd.service
++ else
++ invoke-rc.d udev stop
++ fi
++}
++
++case "$1" in
++ remove)
++ if ! chrooted; then
++ kill_udevd
++ fi
++ ;;
++esac
++
++#DEBHELPER#
++
--- /dev/null
--- /dev/null
++interest-noawait /lib/udev/hwdb.d
--- /dev/null
--- /dev/null
++version=3
++opts=uversionmangle=s/-rc/~rc/,filenamemangle=s/.+\/v?(\d\S*)\.tar\.gz/systemd-$1\.tar\.gz/ \
++ https://github.com/systemd/systemd/tags .*/v?(\d\S*)\.tar\.gz
projects / systemd.git / commitdiff