* autopktest: Add e2fsprogs dependency to upstream test.
Some of the upstream tests require mkfs.ext4. (Closes: #887250)
* systemctl: Tell update-rc.d to skip creating any systemd symlinks.
When calling update-rc.d via systemd-sysv-install, tell it to skip
creating any systemd symlinks as we want to handle those directly in
systemctl. Older update-rc.d versions will ignore that request, but
that's ok. This means we don't need a versioned dependency against
init-system-helpers. (Closes: #743217)
* pam_systemd: Suppress LOG_DEBUG log messages if debugging is off
(Closes: #825949)
* Drop cgroup-don-t-trim-cgroup-trees-created-by-someone-el.patch.
The patch is no longer necessary as lxc.service now uses Delegate=yes.
* Remove obsolete Replaces from pre-jessie
[dgit import unpatched systemd 239-13]
--- /dev/null
--- /dev/null
++Enabling persistent logging in journald
++=======================================
++
++To enable persistent logging, create /var/log/journal:
++
++ mkdir -p /var/log/journal
++ systemd-tmpfiles --create --prefix /var/log/journal
++
++systemd will make the journal files owned by the "systemd-journal" group and
++add an ACL for read permissions for users in the "adm" group.
++To grant a user read access to the system journal, add them to one of the two
++groups.
++
++This will allow you to look at previous boot logs with e. g.
++"journalctl -b -1".
++
++If you enable persistent logging, consider uninstalling rsyslog or any other
++system-log-daemon, to avoid logging everything twice.
++
++Debugging boot/shutdown problems
++================================
++
++The "debug-shell" service starts a root shell on VT 9 which is available very
++early during boot and very late during shutdown. You can temporarily enable
++this when booting the system does not get sufficiently far to get a desktop or
++even the text console logins (getty), or when shutdown hangs eternally.
++
++For boot problems the recommended way is to append "systemd.debug-shell" to the
++kernel command line in the bootloader.
++For shutdown problems, run "systemctl start debug-shell" as root, then shut
++down.
++
++WARNING: Please avoid "systemctl enable debug-shell" as this will start the
++debug shell permanently which is a SECURITY HOLE as it allows unauthenticated
++and unrestricted root access to your computer if you forget to disable it!
++Please only enable it if you cannot pass "systemd.debug-shell" to the boot
++loader for some reason, and then immediately run "systemctl disable debug-shell"
++after booting.
++
++Once the boot/shutdown problem happened, switch to VT9 (Ctrl+Alt+F9). There you
++can use the usual systemctl or journalctl commands, or any other Linux shell
++command to list or kill processes. For example, run "systemctl list-jobs" to
++see what's currently being run, or "systemctl" to find units which are not in
++the expected state (e. g. "failed" for boot or still "active" during shutdown),
++and then get more detailed information with "systemctl status -l foo.service"
++to get a service "foo"'s status and recent logging.
++
++In situations where the debug shell is not available, you can generate a
++/shutdown-log.txt file instead:
++1. Boot with these kernel command line options:
++ systemd.log_level=debug systemd.log_target=kmsg log_buf_len=1M
++2. Save the following script as /lib/systemd/system-shutdown/debug.sh and make it executable:
++ #!/bin/sh
++ mount -o remount,rw /
++ dmesg > /shutdown-log.txt
++ mount -o remount,ro /
++3. Reboot
++
++Enable and use networkd
++=======================
++networkd is a small and lean service to configure network interfaces, designed
++mostly for server use cases in a world with hotplugged and virtualized
++networking. Its configuration is similar in spirit and abstraction level to
++ifupdown, but you don't need any extra packages to configure bridges, bonds,
++vlan etc. It is not very suitable for managing WLANs yet; NetworkManager is
++still much more appropriate for such Desktop use cases.
++
++networkd is not enabled by default; run
++
++ systemctl enable systemd-networkd
++
++if you want to use it. After that you need to create some *.network
++configuration files. In the simplest case you just want to run DHCP on all
++available Ethernet interfaces:
++
++--- /etc/systemd/network/all-eth.network ---
++[Match]
++Name=e*
++[Network]
++DHCP=yes
++
++This will match on both the kernel "ethN" as well as the predictable interface
++names "en*". Please see man systemd.network(5) for all available configuration
++options and examples.
++
++You need to make sure that interfaces handled by networkd are not handled by
++ifupdown (/etc/network/interfaces) and NetworkManager.
++
++Note that interfaces brought up/down will *not* run hooks in
++/etc/network/if-*.d/.
++
++It is recommended to use networkd together with systemd-resolved(8) to
++dynamically manage /etc/resolv.conf:
++
++ systemctl enable systemd-resolved
++ ln -sf /run/systemd/resolve/resolv.conf /etc/resolv.conf
++
++Debian's networkd has been modified to also work with the resolvconf package.
--- /dev/null
--- /dev/null
++Building from source
++--------------------
++Install “git-buildpackage” and run the following steps:
++
++ gbp clone git+ssh://git.debian.org/git/pkg-systemd/systemd.git
++ cd systemd
++ gbp buildpackage
++
++We recommend you use pbuilder to make sure you build in a clean environment:
++
++ gbp buildpackage --git-pbuilder
++
++Changelog
++---------
++The systemd package uses gbp dch for automatically generating
++debian/changelog entries from the corresponding git commits. This makes
++cherry-picking, merging, and rebasing much simpler.
++
++Thus, for any packaging change *don't* modify debian/changelog, just write a
++meaningful git commit log with proper bug references (such as "Closes: #12345"
++on the last line). For doing a release, run
++
++ gbp dch --auto
++
++then beautify the generated debian/changelog, then run the usual "dch -r" and
++"debcommit -ar --sign-tags".
++
++Patch handling
++--------------
++The systemd package uses gbp pq for maintaining patches with a git-like
++workflow in a "patch-queue/<branch>" local branch and then exporting them as
++quilt series. For working on patches you run
++
++ gbp pq import --force
++
++Then you are in the patch-queue branch and can git log, commit, cherry-pick
++upstream commits, rebase, etc. there. After you are done, run
++
++ gbp pq export
++
++which will put you back into master and update debian/patches/ (including
++series). You need to git add etc. new patches, possibly other
++packaging changes, and then git commit as usual.
++
++systemd uses gbp pq's "topic" branches for organizing patches; for simplicity
++(as this is the most common operation), upstream cherry-picks go into the
++"empty" topic (i. e. directly into debian/patches/), while Debian specific
++patches go into "Gbp-Pq: Topic debian" (i. e. debian/patches/debian/).
++
++Rebasing patches to a new upstream version
++------------------------------------------
++gbp pq's "rebase" command does not work very conveniently as it fails on merge
++conflicts. First, ensure you are in the master branch:
++
++ git checkout master # in case you aren't already
++
++Now, do one of
++
++ (1) To import a new upstream release into the existing master branch for unstable,
++do:
++
++ gbp pq import --force
++ gbp pq switch # switch back to master from patch-queue/master
++ gbp import-orig [...]
++ gbp pq switch # switch to patch-queue/master
++ git rebase master
++
++ (2) To import a new upstream release into a new branch for Debian experimental, do:
++
++ git branch experimental
++ git checkout experimental
++ editor debian/gbp.conf # set "debian-branch=experimental"
++ gbp import-orig [...]
++ git branch patch-queue/experimental patch-queue/master
++ git checkout patch-queue/experimental
++ git rebase experimental
++
++Now resolve all the conflicts, skip obsolete patches, etc. When you are done, run
++
++ gbp pq export
++
++Note that our debian/gbp.conf disables patch numbers.
++
++Cherry-picking upstream patches
++-------------------------------
++You can add the systemd upstream branch as an additional remote to the Debian
++packaging branch. Call it "github" or similar to avoid confusing it with the
++already existing "upstream" branch from git-buildpackage:
++
++ git remote add github https://github.com/systemd/systemd.git
++ git fetch github -n
++
++Now you can look at the upstream log and cherry-pick patches into the
++patch-queue branch:
++
++ gbp pq import --force
++ git log github/master
++ git cherry-pick 123DEADBEEF
++
++debian/git-cherry-pick is a nice tool to automate all that:
++
++ debian/git-cherry-pick 123DEADBEEF 987654 AFFE99
++ git checkout master # switch back from patch-queue branch
--- /dev/null
--- /dev/null
++systemd (239-13) unstable; urgency=medium
++
++ * autopktest: Add e2fsprogs dependency to upstream test.
++ Some of the upstream tests require mkfs.ext4. (Closes: #887250)
++ * systemctl: Tell update-rc.d to skip creating any systemd symlinks.
++ When calling update-rc.d via systemd-sysv-install, tell it to skip
++ creating any systemd symlinks as we want to handle those directly in
++ systemctl. Older update-rc.d versions will ignore that request, but
++ that's ok. This means we don't need a versioned dependency against
++ init-system-helpers. (Closes: #743217)
++ * pam_systemd: Suppress LOG_DEBUG log messages if debugging is off
++ (Closes: #825949)
++ * Drop cgroup-don-t-trim-cgroup-trees-created-by-someone-el.patch.
++ The patch is no longer necessary as lxc.service now uses Delegate=yes.
++ * Remove obsolete Replaces from pre-jessie
++
++ -- Michael Biebl <biebl@debian.org> Tue, 20 Nov 2018 19:44:39 +0100
++
++systemd (239-12) unstable; urgency=high
++
++ [ Martin Pitt ]
++ * Enable QEMU on more architectures in "upstream" autopkgtest.
++ Taken from the Ubuntu package, so apparently QEMU works well enough on
++ these architectures now.
++ * autopkgtest: Avoid test bed reset for boot-smoke.
++ Make "boot-smoke"'s dependencies a strict superset of "upstream"'s, so
++ that autopkgtest doesn't have to provide a new testbed.
++ * Fix wrong "nobody" group from sysusers.d.
++ Fix our make-sysusers-basic sysusers.d generator to special-case the
++ nobody group. "nobody" user and "nogroup" group both have the same ID
++ 65534, which is the only special case for Debian's static users/groups.
++ So specify the gid explicitly, to avoid systemd-sysusers creating a
++ dynamic system group for "nobody".
++ Also clean up the group on upgrades.
++ Thanks to Keh-Ming Luoh for the original patch! (Closes: #912525)
++
++ [ Michael Biebl ]
++ * autopkgtest: Use shutil.which() which is provided by Python 3
++ * Drop non-existing gnuefi=false build option.
++ This was mistakenly added when converting from autotools to meson.
++ * core: When deserializing state always use read_line(…, LONG_LINE_MAX, …)
++ Fixes a vulnerability in unit_deserialize which allows an attacker to
++ supply arbitrary state across systemd re-execution via NotifyAccess.
++ (CVE-2018-15686, Closes: #912005)
++ * meson: Use the host architecture compiler/linker for src/boot/efi.
++ Fixes cross build failure for arm64. (Closes: #905381)
++ * systemd: Do not pass .wants fragment path to manager_load_unit.
++ Fixes an issue with overridden units in /etc not being used due to a
++ .wants/ symlink pointing to /lib. (Closes: #907054)
++ * machined: When reading os-release file, join PID namespace too.
++ This ensures that we properly acquire the os-release file from containers.
++ (Closes: #911231)
++
++ -- Michael Biebl <biebl@debian.org> Sat, 17 Nov 2018 18:39:21 +0100
++
++systemd (239-11) unstable; urgency=high
++
++ [ Michael Biebl ]
++ * debian/tests/upstream: Clean up after each test run.
++ Otherwise the loopback images used by qemu are not properly released and
++ we might run out of disk space.
++ * dhcp6: Make sure we have enough space for the DHCP6 option header.
++ Fixes out-of-bounds heap write in systemd-networkd dhcpv6 option
++ handling.
++ (CVE-2018-15688, LP: #1795921, Closes: #912008)
++ * chown-recursive: Rework the recursive logic to use O_PATH.
++ Fixes a race condition in chown_one() which allows an attacker to cause
++ systemd to set arbitrary permissions on arbitrary files.
++ (CVE-2018-15687, LP: #1796692, Closes: #912007)
++
++ [ Martin Pitt ]
++ * debian/tests/boot-and-services: Use gdm instead of lightdm.
++ This seems to work more reliably, on Ubuntu CI's i386 instances lightdm
++ fails.
++
++ [ Manuel A. Fernandez Montecelo ]
++ * Run "meson test" instead of "ninja test"
++ Upstream developers of meson recommend to run it in this way, because
++ "ninja test" just calls "meson test", and by using meson directly and
++ using extra command line arguments it is possible to control aspects of
++ how the tests are run.
++ * Increase timeout for test in riscv64.
++ The buildds for the riscv64 arch used at the moment are slow, so increase
++ the timeouts for this arch by a factor of 10, for good measure.
++ (Closes: #906429)
++
++ -- Michael Biebl <biebl@debian.org> Sun, 28 Oct 2018 13:02:18 +0100
++
++systemd (239-10) unstable; urgency=medium
++
++ [ Michael Biebl ]
++ * meson: Rename -Ddebug to -Ddebug-extra.
++ Meson added -Doptimization and -Ddebug options, which obviously causes
++ a conflict with our -Ddebug options. Let's rename it.
++ (Closes: #909455)
++ * Add conflicts against consolekit.
++ Letting both ConsoleKit and logind manage dynamic device permissions
++ will only lead to inconsistent and unexpected results.
++
++ [ Felipe Sateler ]
++ * Link systemctl binary statically against libshared.
++ This reduces the Pre-Depends list considerably, and is more resilient
++ against borked installs.
++
++ -- Michael Biebl <biebl@debian.org> Tue, 25 Sep 2018 16:11:12 +0200
++
++systemd (239-9) unstable; urgency=medium
++
++ * autopkgtest: Remove needs-recommends runtime restriction.
++ This restriction has been deprecated and there are plans to remove it
++ altogether. The tests pass withouth needs-recommends, so it seems safe
++ to remove.
++ * test: Use installed catalogs when test-catalog is not located at build
++ dir.
++ This makes it possible to run test-catalog as installed test, so we no
++ longer need to mark it as EXFAIL in our root-unittests autopkgtest.
++ * test: Use "systemd-runtest.env" to set $SYSTEMD_TEST_DATA and
++ $SYSTEMD_CATALOG_DIR.
++ This avoids embedding ABS_{SRC,BUILD}_DIR into libsystemd-shared.so and
++ the test binaries and should make the build reproducible.
++ (Closes: #908365)
++
++ -- Michael Biebl <biebl@debian.org> Wed, 12 Sep 2018 19:07:38 +0200
++
++systemd (239-8) unstable; urgency=medium
++
++ [ Michael Biebl ]
++ * Clean up dbus-org.freedesktop.timesync1.service Alias on purge
++ (Closes: #904290)
++ * user-runtime-dir: Fix wrong SELinux context (Closes: #908026)
++ * core: Fix gid when DynamicUser=yes with static user (Closes: #904335)
++ * Remove udev control socket on shutdown under sysvinit.
++ The udev control socket is no longer removed automatically when the
++ daemon is stopped. As this can confuse other software, update the SysV
++ init script to remove the control socket manually and make sure the init
++ script is executed on shutdown (runlevel 0) and reboot (runlevel 6).
++ (Closes: #791944)
++ * Bump Standards-Version to 4.2.1
++
++ [ Martin Pitt ]
++ * timedated: Fix wrong PropertyChanged values and refcounting
++
++ -- Michael Biebl <biebl@debian.org> Fri, 07 Sep 2018 08:41:12 +0200
++
++systemd (239-7) unstable; urgency=medium
++
++ * autopkgtest: Add iputils-ping dependency to root-unittests.
++ The ping binary is required by test-bpf.
++ * autopkgtest: Add dbus-user-session and libpam-systemd dependency to
++ root-unittests.
++ Without a working D-Bus user session, a lot of the test-bus-* tests are
++ skipped.
++ * network/link: Fix logic error in matching devices by MAC (Closes: #904198)
++
++ -- Michael Biebl <biebl@debian.org> Sun, 22 Jul 2018 13:40:15 +0200
++
++systemd (239-6) unstable; urgency=medium
++
++ [ Martin Pitt ]
++ * autopkgtest: Install libnss-systemd.
++ Make sure that dynamic users can be resolved. This e. g. prevents a
++ startup failure for systemd-resolved.
++ * autopkgtest: Add missing python3 test dependency for udev test
++
++ [ Michael Biebl ]
++ * autopkgtest: Make AppArmor violator test work with merged-usr
++ * Make /dev/kvm accessible to local users and group kvm.
++ Re-add the uaccess tag to /dev/kvm to make it accessible to local
++ users. Access is also granted via group kvm, so create that in
++ udev.postinst. (Closes: #887852)
++ * Move a few man pages from systemd to systemd-journal-remote.
++ The systemd package shipped a few systemd-journal-remote and
++ systemd-journal-upload related man pages which really belong into the
++ systemd-journal-remote package. Move those man pages into the correct
++ package and add a Breaks/Replaces against systemd accordingly.
++ (Closes: #903557)
++ * autopkgtest: Drop no-longer needed workaround from upstream test
++ * Go back to statically allocate system users for timesyncd, networkd and
++ resolved.
++ There are currently too many open issues related to D-Bus and the usage
++ of DynamicUser. (Closes: #902971)
++ * Change python3-minimal dependency to python3.
++ While we strictly only need python3-minimal, the usage of
++ python3-minimal triggers a lintian error: depends-on-python-minimal
++ * test: Drop SKIP_INITRD for QEMU-based tests.
++ The Debian Linux kernel ships ext4 support as a module, so we require an
++ initrd to successfully start the QEMU images.
++ * debian/tests/localed-x11-keymap: Deal with absence of
++ /etc/default/keyboard more gracefully
++ * autopkgtest: Add various dependencies to make upstream test pass on Debian
++ - netcat-openbsd: Required by TEST-12-ISSUE-3171.
++ - busybox-static: Required by TEST-13-NSPAWN-SMOKE.
++ - plymouth: Required by TEST-15-DROPIN and TEST-22-TMPFILES.
++ * Drop seccomp system call filter for udev.
++ The seccomp based system call whitelist requires at least systemd 239 to
++ be the active init and during a dist-upgrade we can't guarantee that
++ systemd has been fully configured before udev is restarted.
++ The versioned systemd Breaks that was added to udev for #902185 didn't
++ really fix this issue, so revert that change again. (Closes: #903224)
++
++ -- Michael Biebl <biebl@debian.org> Thu, 19 Jul 2018 00:04:54 +0200
++
++systemd (239-5) unstable; urgency=medium
++
++ * Add inverse version restriction of the Breaks to the systemd-shim
++ alternative in libpam-systemd.
++ Otherwise apt will fail to find an installation path for libpam-systemd
++ in cases where libpam-systemd is an indirect dependency. (Closes: #902998)
++
++ -- Michael Biebl <biebl@debian.org> Thu, 05 Jul 2018 11:50:10 +0200
++
++systemd (239-4) unstable; urgency=medium
++
++ [ Michael Biebl ]
++ * Drop outdated section from README.Debian about switching back to SysV init
++ * sleep: Fix one more printf format of a fiemap field
++ * basic: Add missing comma in raw_clone assembly for sparc
++ * bus-util: Make log level lower in request_name_destroy_callback()
++ * tmpfiles: Specify access mode for /run/systemd/netif
++ * Add Breaks against python-dbusmock (<< 0.18) to systemd.
++ The logind and timedated tests in python-dbusmock were broken by the
++ latest systemd release and had to be adjusted to work with systemd 239.
++ See #902602
++ * Drop patches which try to support running systemd services without systemd
++ as pid 1.
++ No one is currently actively maintaining systemd-shim, which means that
++ e.g. running systemd-logind no longer works when systemd is not pid 1.
++ Thus drop our no longer working patches. Bump the Breaks against
++ systemd-shim accordingly.
++ See #895292, #901404, #901405
++
++ [ Martin Pitt ]
++ * test: fix networkd-test.py rate limiting and dynamic user
++
++ -- Michael Biebl <biebl@debian.org> Tue, 03 Jul 2018 23:36:28 +0200
++
++systemd (239-3) unstable; urgency=medium
++
++ * Revert "systemctl: when removing enablement or mask symlinks, cover both
++ /run and /etc"
++ We currently have packages in the archive which use
++ "systemctl --runtime unmask" and are broken by this change.
++ This is a intermediate step until it is clear whether upstream will
++ revert this commit or whether we will have to update affected packages
++ to deal with this changed behaviour.
++ See #902287 and https://github.com/systemd/systemd/issues/9393
++
++ -- Michael Biebl <biebl@debian.org> Wed, 27 Jun 2018 14:46:06 +0200
++
++systemd (239-2) unstable; urgency=medium
++
++ * sleep: Fix printf format of fiemap fields.
++ This should fix a FTBFS on ia64.
++ * timesync: Change type of drift_freq to int64_t.
++ This should fix a FTBFS on x32.
++ * Bump systemd Breaks to ensure it is upgraded in lockstep with udev.
++ The hardening features used by systemd-udevd.service require systemd 239
++ and udev will fail to start with older versions. (Closes: #902185)
++
++ -- Michael Biebl <biebl@debian.org> Wed, 27 Jun 2018 13:59:24 +0200
++
++systemd (239-1) unstable; urgency=medium
++
++ [ Michael Biebl ]
++ * New upstream version 239
++ * Drop alternative iptables-dev Build-Depends.
++ It is no longer needed as both Ubuntu and Debian now ship libiptc-dev in
++ their latest stable (LTS) release.
++ * Drop alternative btrfs-tools Recommends.
++ It is no longer needed as btrfs-progs is now available in both Debian
++ and Ubuntu and keeping the alternative around prevents the transitional
++ package from being autoremoved.
++ * Disable installation of RPM macros.
++ This avoids having to remove them manually later on.
++ * Drop cleanup rules for libtool .la files.
++ With the switch to Meson, libtool is no longer used.
++ * Drop fallback for older kernels when running the test suite.
++ We now assume that we have a kernel newer then 3.13.
++ * Stop cleaning up .busname units.
++ Those are gone upstream, so we no longer need to remove them manually.
++ * Update symbols file for libsystemd0
++ * Rebase patches
++ * Install new resolvectl tool.
++ Don't ship the /sbin/resolvconf compat symlink in the systemd package,
++ as this would cause a file conflict with the resolvconf and openresolv
++ package.
++ * Disable support for "Portable Services"
++ This is still an experimental feature.
++ * Disable pristine-tar in gbp.conf.
++ It is currently not possible to import the systemd v239 tarball using
++ pristine-tar due to #902115.
++ * Bump Build-Depends on meson to (>= 0.44)
++ * Stop setting the path for the kill binary, no longer necessary
++ * Stop creating systemd-network and systemd-resolve system user
++ systemd-networkd.service and systemd-resolved.service now use
++ DynamicUser=yes.
++
++ [ Dimitri John Ledkov ]
++ * Run all upstream tests, and then report all that failed.
++
++ -- Michael Biebl <biebl@debian.org> Sat, 23 Jun 2018 00:18:08 +0200
++
++systemd (238-5) unstable; urgency=medium
++
++ [ Evgeny Vereshchagin ]
++ * upstream autopkgtest: Copy journal subdirectories.
++ Otherwise logs are missing on failures.
++
++ [ Martin Pitt ]
++ * debian/tests/boot-and-services: Ignore cpi.service failure.
++ This is apparently a regression in Ubuntu 18.04, not in systemd, so
++ ignore it.
++
++ [ Michael Biebl ]
++ * sd-bus: Do not try to close already closed fd (Closes: #896781)
++ * Use dh_missing to act on uninstalled files.
++ The usage of dh_install --fail-missing has been deprecated.
++ * meson: Avoid warning about comparison of bool and string.
++ The result of this is undefined and will become a hard error in a future
++ Meson release.
++ * login: Respect --no-wall when cancelling a shutdown request
++ (Closes: #897938)
++ * Add dependencies of libsystemd-shared to Pre-Depends.
++ This is necessary so systemctl is functional at all times during a
++ dist-upgrade. (Closes: #897986)
++ * Drop dh_strip override, the dbgsym migration is done
++
++ [ Felipe Sateler ]
++ * Don't include libmount.h in a header file.
++ Kernel and glibc headers both use MS_* constants, but are not in sync, so
++ only one of them can be used at a time. Thus, only import them where
++ needed. Works around #898743.
++
++ -- Michael Biebl <biebl@debian.org> Sat, 26 May 2018 10:31:29 +0200
++
++systemd (238-4) unstable; urgency=medium
++
++ [ Michael Biebl ]
++ * udev/net-id: Fix check for address to keep interface names stable
++ * debian/copyright: Move global wildcard section to the top
++
++ [ Martin Pitt ]
++ * Fix daemon reload failures
++
++ [ Laurent Bigonville ]
++ * Fix /sys/fs/cgroup mount when using SELinux.
++ Since v236, all cgroups except /sys/fs/cgroup/systemd and
++ /sys/fs/cgroup/unified are not mounted when SELinux is enabled (even in
++ permissive mode). Disabling SELinux completely restores these cgroups.
++ This patch fixes that issue by no longer making the assumption that those
++ cgroups are mounted by initrd/dracut before systemd is started.
++
++ -- Michael Biebl <biebl@debian.org> Sun, 01 Apr 2018 13:02:57 +0200
++
++systemd (238-3) unstable; urgency=medium
++
++ [ Martin Pitt ]
++ * Enable systemd-sysusers unit and provide correct Debian static u/gids.
++ Add a helper script debian/extra/make-sysusers-basic which generates a
++ sysusers.d(5) file from Debian's static master passwd/group files.
++ systemd 238 now supports specifying different uid and gid and a
++ non-default login shell, so this is possible now. (Closes: #888126)
++ * udev README.Debian: Include initrd rebuild and some clarifications in
++ migration.
++ While initrd update is already being mentioned in the introductory
++ section, it is easy to miss when going through the migration steps, so
++ explicitly mention it again. Also add a warning about keeping a fallback
++ on misconfigurations, and the possibility to migrate one interface at a
++ time.
++ Thanks to Karl O. Pinc for the suggestions! (Closes: #881769)
++
++ [ Michael Biebl ]
++ * basic/macros: Rename noreturn into _noreturn_.
++ "noreturn" is reserved and can be used in other header files we include.
++ (Closes: #893426)
++ * units: Fix SuccessAction that belongs to [Unit] section not [Service]
++ section (Closes: #893282)
++
++ -- Michael Biebl <biebl@debian.org> Tue, 20 Mar 2018 23:22:57 +0100
++
++systemd (238-2) unstable; urgency=medium
++
++ [ Alf Gaida ]
++ * core: do not free stack-allocated strings.
++ Fixes a crash in systemd when the cpuacct cgroup controller is not
++ available. (Closes: #892360)
++
++ -- Michael Biebl <biebl@debian.org> Sat, 10 Mar 2018 01:12:47 +0100
++
++systemd (238-1) unstable; urgency=medium
++
++ [ Michael Biebl ]
++ * New upstream version 238
++ - Fixes systemd-tmpfiles to correctly handle symlinks present in
++ non-terminal path components. (CVE-2018-6954, Closes: #890779)
++ * Rebase patches
++ * Use compat symlinks as provided by upstream.
++ As the upstream build system now creates those symlinks for us, we no
++ longer have to create them manually.
++ * Update symbols file for libsystemd0
++ * test-cgroup-util: bail out when running under a buildd environment
++
++ [ Dimitri John Ledkov ]
++ * systemd-sysv-install: Fix name initialisation.
++ Only initialise NAME after --root optional argument has been parsed,
++ otherwise NAME is initialized to e.g. `enable`, instead of to the
++ `unit-name`, resulting in failures. (LP: #1752882)
++
++ -- Michael Biebl <biebl@debian.org> Wed, 07 Mar 2018 23:21:53 +0100
++
++systemd (237-4) unstable; urgency=medium
++
++ [ Gunnar Hjalmarsson ]
++ * Fix PO template creation.
++ Cherry-pick upstream patches to build a correct systemd.pot including
++ the polkit policy files even without policykit-1 being installed.
++ (LP: #1707898)
++
++ [ Michael Biebl ]
++ * Drop mask for fuse SysV init script.
++ The fuse package has removed its SysV init script a long time ago, so
++ the mask is no longer needed.
++ * Replace two Debian specific patches which cherry-picks from upstream
++ master
++
++ -- Michael Biebl <biebl@debian.org> Wed, 28 Feb 2018 19:18:34 +0100
++
++systemd (237-3) unstable; urgency=medium
++
++ [ Martin Pitt ]
++ * debian/tests/boot-smoke: More robust journal checking.
++ Also fail the test if calling journalctl fails, and avoid calling it
++ twice. See https://github.com/systemd/systemd/pull/8032
++ * Simplify PO template creation.
++ Use the existing upstream build system instead of a manual call to
++ `intltool-update` and `xgettext` to build systemd.pot. Remove the now
++ obsolete intltool build dependency, but still explicitly keep gettext.
++ (LP: #1707898)
++ * Make systemd-sysv-install robust against existing $ROOT.
++ Always initialize `$ROOT`, to avoid the script getting confused by an
++ existing outside env variable. Also fix the `--root` option to actually
++ work, the previous approach was conceptually broken due to how shell
++ quoting works. Make the work with `set -u`. (Closes: #890436)
++
++ [ Felipe Sateler ]
++ * Backport upstream patch fixing a wrong assert() call (Closes: #890423)
++
++ -- Michael Biebl <biebl@debian.org> Wed, 14 Feb 2018 23:07:17 +0100
++
++systemd (237-2) unstable; urgency=medium
++
++ * Drop debian/extra/rules/70-debian-uaccess.rules.
++ Up-to-date udev rules for U2F devices are shipped in libu2f-udev nowadays.
++ (Closes: #889665)
++ * service: relax PID file symlink chain checks a bit.
++ Let's read the PID file after all if there's a potentially unsafe symlink
++ chain in place. But if we do, then refuse taking the PID if its outside of
++ the cgroup. (Closes: #889144)
++
++ -- Michael Biebl <biebl@debian.org> Fri, 09 Feb 2018 23:35:31 +0100
++
++systemd (237-1) unstable; urgency=medium
++
++ * New upstream version 237
++ * Rebase patches
++ * Update symbols file for libsystemd0
++ * Update Vcs-* to point to https://salsa.debian.org
++ * Bump Standards-Version to 4.1.3
++ * Set Rules-Requires-Root to no
++
++ -- Michael Biebl <biebl@debian.org> Tue, 30 Jan 2018 01:55:24 +0100
++
++systemd (236-4) unstable; urgency=medium
++
++ [ Felipe Sateler ]
++ * Allow systemd-timesyncd to start when libnss-systemd is not installed.
++ Pick upstream patch requiring the existence of the systemd-timesync user
++ only when running as root, which is not the case for the system unit.
++ (Closes: #887343)
++
++ [ Nicolas Braud-Santoni ]
++ * debian/copyright: Refer to the CC0 license file (Closes: #882629)
++
++ [ Michael Biebl ]
++ * Add Build-Depends on python3-evdev <!nocheck>
++ This is used by hwdb/parse_hwdb.py to perform additional validation on
++ hwdb files.
++
++ -- Michael Biebl <biebl@debian.org> Sun, 28 Jan 2018 22:29:32 +0100
++
++systemd (236-3) unstable; urgency=medium
++
++ * Revert "core/execute: RuntimeDirectory= or friends requires mount
++ namespace"
++ This was making mounts from SSH sessions invisible to the system.
++ (Closes: #885325)
++
++ -- Michael Biebl <biebl@debian.org> Thu, 11 Jan 2018 16:46:04 +0100
++
++systemd (236-2) unstable; urgency=medium
++
++ * Downgrade priority of libudev1 to optional.
++ This makes it compliant with recent versions of debian-policy which
++ recommends to use priority optional for library packages.
++ * Clarify NEWS entry about removal of system users.
++ Mention in the recent NEWS entry that the associated system groups
++ should be removed as well. (Closes: #885061)
++ * cryptsetup-generator: Don't mistake NULL input as OOM.
++ Fixes systemd-cryptsetup-generator failing to run during boot.
++ (Closes: #885201)
++ * analyze: Use normal bus connection for "plot" verb.
++ Fixes "systemd-analyze plot" failing to run as root. (Closes: #884506)
++ * Stop re-enabling systemd services on every upgrade.
++ This was done so changes to the [Install] section would be applied on
++ upgrades. Forcefully re-enabling a service might overwrite local
++ modifications though and thus far, none of the affected services did
++ actually change its [Install] section. So remove this code from the
++ maintainer scripts as it was apparently doing more harm then good.
++ (Closes: #869354)
++
++ -- Michael Biebl <biebl@debian.org> Tue, 02 Jan 2018 00:35:14 +0100
++
++systemd (236-1) unstable; urgency=medium
++
++ [ Martin Pitt ]
++ * debian/tests/upstream: Only show ≥ warning in journal dumps.
++ Showing the entire debug log is too hard to scan visually, and most of
++ the time the warnings and errors are sufficient to explain a failure.
++ Put the journal files into the artifacts though, in case the debug
++ information is necessary.
++
++ [ Michael Biebl ]
++ * New upstream version 236
++ - nspawn: Adjust path to static resolv.conf to support split usr.
++ (Closes: #881310)
++ - networkd: Don't stop networkd if CONFIG_FIB_RULES=n in kernel.
++ (Closes: #881823)
++ - core: Fix segfault in compile_bind_mounts() when BindPaths= or
++ BindReadOnlyPaths= is set. (Closes: #883380)
++ - meson: Link NSS modules with -z nodelete to fix memory leak in
++ nss-systemd. (Closes: #883407)
++ - logind: Make sure we don't acces m->action_what if it's not initialized.
++ (Closes: #882270)
++ - systemctl: Ignore shutdown's "-t" argument. (Closes: #882245)
++ - core: Be more defensive if we can't determine per-connection socket
++ peer. (Closes: #879603)
++ - bpf-firewall: Actually invoke BPF_PROG_ATTACH to check whether
++ cgroup/bpf is available. (Closes: #878965)
++ * Rebase patches
++ * Update symbols file for libsystemd0
++ * Bump Standards-Version to 4.1.2
++ * Clean up old /var/lib/systemd/clock on upgrade.
++ The clock file used by systemd-timesyncd is now stored in
++ StateDirectory=systemd/timesync. (Closes: #883605)
++ * Stop creating systemd-timesync system user.
++ DynamicUser=yes has been enabled for systemd-timesyncd.service so
++ allocating a system user statically is no longer necessary.
++ * Document removal of systemd-{timesync,journal-gateway,journal-upload} user.
++ We no longer create those system users as the corresponding services now
++ use DynamicUser=yes. Removing those system users automatically is tricky,
++ as the relevant services might be running during upgrade. Add a NEWS
++ entry instead which documents this change.
++ * Revert "udev-rules: Permission changes for /dev/dri/renderD*"
++ This would introduce a new system group "render". As the name is rather
++ generic, this needs further discussion first, so revert this change for
++ now.
++
++ -- Michael Biebl <biebl@debian.org> Sun, 17 Dec 2017 21:45:51 +0100
++
++systemd (235-3) unstable; urgency=medium
++
++ [ Michael Biebl ]
++ * Switch from XC-Package-Type to Package-Type. As of dpkg-dev 1.15.7
++ Package-Type is recognized as an official field name.
++ * Install modprobe configuration file to /lib/modprobe.d.
++ Otherwise it is not read by kmod. (Closes: #879191)
++
++ [ Felipe Sateler ]
++ * Backport upstream (partial) fix for combined DynamicUser= + User=
++ UID was not allowed to be different to GID, which is normally the case in
++ debian, due to the group users being allocated the GID 100 without an
++ equivalent UID 100 being allocated.
++ * Backport upstream patches to fully make DynamicUser=yes + static,
++ pre-existing User= work.
++
++ [ Martin Pitt ]
++ * Add missing python3-minimal dependency to systemd-tests
++ * Drop long-obsolete systemd-bus-proxy system user
++ systemd-bus-proxy hasn't been shipped since before stretch and never
++ created any files. Thus clean up the obsolete system user on upgrades.
++ (Closes: #878182)
++ * Drop static systemd-journal-gateway system user
++ systemd-journal-gatewayd.service now uses DynamicUser=, so we don't need
++ to create this statically any more. Don't remove the user on upgrades
++ though, as there is likely still be a running process. (Closes: #878183)
++ * Use DynamicUser= for systemd-journal-upload.service.
++ * Add Recommends: libnss-systemd to systemd-sysv.
++ This is useful to actually be able to resolve dynamically created system
++ users with DynamicUser=true. This concept is going to be used much more
++ in future versions and (hopefully) third-party .services, so pulling it
++ into the default installation seems prudent now.
++ * resolved: Fix loop on packets with pseudo dns types.
++ (CVE-2017-15908, Closes: #880026, LP: #1725351)
++ * bpf-firewall: Properly handle kernels without BPF cgroup but with TRIE maps.
++ Fixes "Detaching egress BPF: Invalid argument" log spam. (Closes: #878965)
++ * Fix MemoryDenyWriteExecution= bypass with pkey_mprotect() (LP: #1725348)
++
++ -- Martin Pitt <mpitt@debian.org> Wed, 15 Nov 2017 09:34:00 +0100
++
++systemd (235-2) unstable; urgency=medium
++
++ * Revert "tests: when running a manager object in a test, migrate to private
++ cgroup subroot first"
++ This was causing test suite failures when running inside a chroot.
++
++ -- Michael Biebl <biebl@debian.org> Wed, 11 Oct 2017 00:46:07 +0200
++
++systemd (235-1) unstable; urgency=medium
++
++ [ Michael Biebl ]
++ * New upstream version 235
++ - cryptsetup-generator: use remote-cryptsetup.target when _netdev is
++ present (Closes: #852534)
++ - tmpfiles: change btmp mode 0600 → 0660 (Closes: #870638)
++ - networkd: For IPv6 addresses do not treat IFA_F_DEPRECATED as not ready
++ (Closes: #869995)
++ - exec-util,conf-files: skip non-executable files in execute_directories()
++ (Closes: #867902)
++ - man: update udevadm -y/--sysname-match documentation (Closes: #865081)
++ - tmpfiles: silently ignore any path that passes through autofs
++ (Closes: #805553)
++ - shared: end string with % if one was found at the end of a expandible
++ string (Closes: #865450)
++ * Refresh patches
++ * Bump Build-Depends on libmount-dev to (>= 2.30)
++ * Install new modprobe.d config file
++ * Bump Standards-Version to 4.1.1
++
++ [ Martin Pitt ]
++ * Merge logind-kill-off autopkgtest into logind test.
++ This was horribly inefficient as a separate test (from commit
++ 6bd0dab41e), as that cost two VM resets plus accompanying boots; and
++ this does not change any state thus does not require this kind of
++ isolation.
++
++ -- Michael Biebl <biebl@debian.org> Tue, 10 Oct 2017 18:29:28 +0200
++
++systemd (234-3) unstable; urgency=medium
++
++ [ Martin Pitt ]
++ * Various fixes for the upstream autopkgtest.
++
++ [ Felipe Sateler ]
++ * Add fdisk to the dependencies of the upstream autopkgtest.
++ The upstream autopkgtest uses sfdisk, which is now in the non-essential
++ fdisk package. (Closes: #872119)
++ * Disable nss-systemd on udeb builds
++ * Correctly disable resolved on udeb builds
++ * Help fix collisions in libsystemd-shared symbols by versioning them.
++ Backport upstream patch to version the symbols provided in the private
++ library, so that they cannot confuse unversioned pam modules or libraries
++ linked into them. (Closes: #873708)
++
++ [ Dimitri John Ledkov ]
++ * Cherrypick upstream networkd-test.py assertion/check fixes.
++ This resolves ADT test suite failures, when running tests under lxc/lxd
++ providers.
++ * Cherrypick arm* seccomp fixes.
++ This should resolve ADT test failures, on arm64, when running as root.
++ * Disable KillUserProcesses, yet again, with meson this time.
++ * initramfs-tools: trigger udevadm add actions with subsystems first.
++ This updates the initramfs-tools init-top udev script to trigger udevadm
++ actions with type specified. This mimics the systemd-udev-trigger.service.
++ Without type specified only devices are triggered, but triggering
++ subsystems may also be required and should happen before triggering the
++ devices. This is the case for example on s390x with zdev generated udev
++ rules. (LP: #1713536)
++
++ [ Michael Biebl ]
++ * (Re)add --quiet flag to addgroup calls.
++ This is now safe with adduser having been fixed to no longer suppress
++ fatal error messages if --quiet is used. (Closes: #837871)
++ * Switch back to default GCC (Closes: #873661)
++ * Drop systemd-timesyncd.service.d/disable-with-time-daemon.conf.
++ All major NTP implementations ship a native service file nowadays with a
++ Conflicts=systemd-timesyncd.service so this drop-in is no longer
++ necessary. (Closes: #873185)
++
++ -- Michael Biebl <biebl@debian.org> Mon, 04 Sep 2017 00:17:00 +0200
++
++systemd (234-2.3) unstable; urgency=high
++
++ * Non-maintainer upload.
++ * Also switch to g++-6 temporarily (needed for some tests):
++ - Add g++-6 to Build-Depends
++ - Export CXX = g++-6
++
++ -- Cyril Brulebois <kibi@debian.org> Thu, 24 Aug 2017 02:40:53 +0200
++
++systemd (234-2.2) unstable; urgency=high
++
++ * Non-maintainer upload.
++ * Switch to gcc-6 on all architectures, working around an FTBFS on mips64el,
++ apparently due to a gcc-7 bug (See: #871514):
++ - Add gcc-6 to Build-Depends in debian/control
++ - Export CC = gcc-6 in debian/rules
++
++ -- Cyril Brulebois <kibi@debian.org> Wed, 23 Aug 2017 22:53:09 +0000
++
++systemd (234-2.1) unstable; urgency=high
++
++ * Non-maintainer upload.
++ * Fix missing 60-input-id.rules in udev-udeb, which breaks the graphical
++ version of the Debian Installer, as no key presses or mouse events get
++ processed (Closes: #872598).
++
++ -- Cyril Brulebois <kibi@debian.org> Wed, 23 Aug 2017 20:41:33 +0200
++
++systemd (234-2) unstable; urgency=medium
++
++ [ Martin Pitt ]
++ * udev README.Debian: Fix name of example *.link file
++
++ [ Felipe Sateler ]
++ * test-condition: Don't assume that all non-root users are normal users.
++ Automated builders may run under a dedicated system user, and this test
++ would fail that.
++
++ [ Michael Biebl ]
++ * Revert "units: Tell login to preserve environment"
++ Environment=LANG= LANGUAGE= LC_CTYPE= ... as used in the getty units is
++ not unsetting the variables but instead sets it to an empty var. Passing
++ that environment to login messes up the system locale settings and
++ breaks programs like gpg-agent.
++ (Closes: #868695)
++
++ -- Michael Biebl <biebl@debian.org> Thu, 20 Jul 2017 15:13:42 +0200
++
++systemd (234-1) unstable; urgency=medium
++
++ [ Michael Biebl ]
++ * New upstream version 234
++ - tmpfiles: Create /var/log/lastlog if it does not exist.
++ (Closes: #866313)
++ - network: Bridge vlan without PVID. (Closes: #859941)
++ * Rebase patches
++ * Switch build system from autotools to meson.
++ Update the Build-Depends accordingly.
++ * Update fsckd patch for meson
++ * udev autopkgtest: no longer install test-udev binary manually.
++ This is now done by the upstream build system.
++ * Update symbols file for libsystemd0
++ * Update lintian override for systemd-tests.
++ Upstream now installs manual and unsafe tests in subdirectories of
++ /usr/lib/systemd/tests/, so ignore those as well.
++ * Bump Standards-Version to 4.0.0
++ * Change priority of libnss-* packages from extra to optional.
++ * Use UTF-8 locale when building the package.
++ Otherwise meson will be pretty unhappy when trying to process files with
++ unicode characters. Use C.UTF-8 as this locale is pretty much guaranteed
++ to be available everywhere.
++ * Mark test-timesync as manual.
++ The test tries to setup inotify watches for /run/systemd/netif/links
++ which fails in a buildd environment where systemd is not active.
++ * Do not link udev against libsystemd-shared.
++ We ship udev in a separate binary package, so can't use
++ libsystemd-shared, which is part of the systemd binary package.
++ * Avoid requiring a "kvm" system group.
++ This group is not universally available and as a result generates a
++ warning during boot. As kvm is only really useful if the qemu package is
++ installed and this package already takes care of setting up the proper
++ permissions for /dev/kvm, drop this rule from 50-udev-default.rules.
++
++ [ Martin Pitt ]
++ * udev README.Debian: Update transitional rules and mention *.link files.
++ - 01-mac-for-usb.link got replaced with 73-usb-net-by-mac.rules
++ - /etc/systemd/network/50-virtio-kernel-names.link is an upgrade
++ transition for VMs with virtio
++ - Describe *.link files as a simpler/less error prone (but also less
++ flexible) way of customizing interface names. (Closes: #868002)
++
++ -- Michael Biebl <biebl@debian.org> Thu, 13 Jul 2017 17:38:28 +0200
++
++systemd (233-10) unstable; urgency=medium
++
++ [ Martin Pitt ]
++ * Adjust var-lib-machines.mount target.
++ Upstream PR #6095 changed the location to
++ {remote-fs,machines}.target.wants, so just install all available ones.
++
++ [ Dimitri John Ledkov ]
++ * Fix out-of-bounds write in systemd-resolved.
++ CVE-2017-9445 (Closes: #866147, LP: #1695546)
++
++ [ Michael Biebl ]
++ * Be truly quiet in systemctl -q is-enabled (Closes: #866579)
++ * Improve RLIMIT_NOFILE handling.
++ Use /proc/sys/fs/nr_open to find the current limit of open files
++ compiled into the kernel instead of using a hard-coded value of 65536
++ for RLIMIT_NOFILE. (Closes: #865449)
++
++ [ Nicolas Braud-Santoni ]
++ * debian/extra/rules: Use updated U2F ruleset.
++ This ruleset comes from Yubico's libu2f-host. (Closes: #824532)
++
++ -- Michael Biebl <biebl@debian.org> Mon, 03 Jul 2017 18:51:58 +0200
++
++systemd (233-9) unstable; urgency=medium
++
++ * hwdb: Use path_join() to generate the hwdb_bin path.
++ This ensures /lib/udev/hwdb.bin gets the correct SELinux context. Having
++ double slashes in the path makes selabel_lookup_raw() return the wrong
++ context. (Closes: #851933)
++ * Drop no longer needed Breaks against usb-modeswitch
++ * Drop Breaks for packages shipping rcS init scripts.
++ This transition was completed in stretch.
++
++ -- Michael Biebl <biebl@debian.org> Mon, 19 Jun 2017 15:10:14 +0200
++
++systemd (233-8) experimental; urgency=medium
++
++ * Bump debhelper compatibility level to 10
++ * Drop versioned Build-Depends on dpkg-dev.
++ It's no longer necessary as even Jessie ships a new enough version.
++ * timesyncd: don't use compiled-in list if FallbackNTP has been configured
++ explicitly (Closes: #861769)
++ * resolved: fix null pointer p->question dereferencing.
++ This fixes a bug which allowed a remote DoS (daemon crash) via a crafted
++ DNS response with an empty question section.
++ Fixes: CVE-2017-9217 (Closes: #863277)
++
++ -- Michael Biebl <biebl@debian.org> Mon, 29 May 2017 14:12:08 +0200
++
++systemd (233-7) experimental; urgency=medium
++
++ [ Michael Biebl ]
++ * basic/journal-importer: Fix unaligned access in get_data_size()
++ (Closes: #862062)
++ * ima: Ensure policy exists before asking the kernel to load it
++ (Closes: #863111)
++ * Add Depends: procps to systemd.
++ It's required by /usr/lib/systemd/user/systemd-exit.service which calls
++ /bin/kill to stop the systemd --user instance. (Closes: #862292)
++ * service: Serialize information about currently executing command
++ (Closes: #861157)
++ * seccomp: Add clone syscall definitions for mips (Closes: #861171)
++
++ [ Dimitri John Ledkov ]
++ * ubuntu: disable dnssec on any ubuntu releases (LP: #1690605)
++
++ [ Felipe Sateler ]
++ * Specify nobody user and group.
++ Otherwise nss-systemd will translate to group 'nobody', which doesn't
++ exist on debian systems.
++
++ -- Michael Biebl <biebl@debian.org> Wed, 24 May 2017 12:26:18 +0200
++
++systemd (233-6) experimental; urgency=medium
++
++ [ Felipe Sateler ]
++ * Backport upstream PR #5531.
++ This delays opening the mdns and llmnr sockets until a network has enabled
++ them. This silences annoying messages when networkd receives such packets
++ without expecting them: Got mDNS UDP packet on unknown scope.
++
++ [ Martin Pitt ]
++ * resolved: Disable DNSSEC by default on stretch and zesty.
++ Both Debian stretch and Ubuntu zesty are close to releasing, switch to
++ DNSSEC=off by default for those. Users can still turn it back on with
++ DNSSEC=allow-downgrade (or even "yes").
++
++ [ Michael Biebl ]
++ * Add Conflicts against hal.
++ Since v183, udev no longer supports RUN+="socket:". This feature is
++ still used by hal, but now generates vast amounts of errors in the
++ journal. Thus force the removal of hal by adding a Conflicts to the udev
++ package. This is safe, as hal is long dead and no longer useful.
++ * Drop systemd-ui Suggests
++ systemd-ui is unmaintained upstream and not particularly useful anymore.
++ * journal: fix up syslog facility when forwarding native messages.
++ Native journal messages (_TRANSPORT=journal) typically don't have a
++ syslog facility attached to it. As a result when forwarding the
++ messages to syslog they ended up with facility 0 (LOG_KERN).
++ Apply syslog_fixup_facility() so we use LOG_USER instead.
++ (Closes: #837893)
++ * Split upstream tests into systemd-tests binary package (Closes: #859152)
++ * Get PACKAGE_VERSION from config.h.
++ This also works with meson and is not autotools specific.
++
++ [ Sjoerd Simons ]
++ * init-functions Only call daemon-reload when planning to redirect
++ systemctl daemon-reload is a quite a heavy operation, it will re-parse
++ all configuration and re-run all generators. This should only be done
++ when strictly needed. (Closes: #861158)
++
++ -- Michael Biebl <biebl@debian.org> Fri, 28 Apr 2017 21:47:14 +0200
++
++systemd (233-5) experimental; urgency=medium
++
++ * Do not throw a warning in emergency and rescue mode if plymouth is not
++ installed.
++ Ideally, plymouth should only be referenced via dependencies, not
++ ExecStartPre. This at least avoids the confusing error message on
++ minimal installations that do not carry plymouth.
++ * rules: Allow SPARC vdisk devices when identifying CD drives
++ (Closes: #858014)
++
++ -- Michael Biebl <biebl@debian.org> Tue, 21 Mar 2017 21:00:08 +0100
++
++systemd (233-4) experimental; urgency=medium
++
++ [ Martin Pitt ]
++ * udev autopkgtest: Drop obsolete sys.tar.xz fallback.
++ This was only necessary for supporting 232 as well.
++ * root-unittest: Drop obsolete FIXME comment.
++ * Add libpolkit-gobject-1-dev build dep for polkit version detection.
++ * Move systemd.link(5) to udev package.
++ .link files are being handled by udev, so it should ship the
++ corresponding manpage. Bump Breaks/Replaces accordingly. (Closes: #857270)
++
++ [ Michael Biebl ]
++ * Restart journald on upgrades (Closes: #851438)
++ * Avoid strict DM API versioning.
++ Compiling against the dm-ioctl.h header as provided by the Linux kernel
++ will embed the DM interface version number. Running an older kernel can
++ lead to errors on shutdown when trying to detach DM devices.
++ As a workaround, build against a local copy of dm-ioctl.h based on 3.13,
++ which is the minimum required version to support DM_DEFERRED_REMOVE.
++ (Closes: #856337)
++
++ -- Michael Biebl <biebl@debian.org> Thu, 16 Mar 2017 18:40:16 +0100
++
++systemd (233-3) experimental; urgency=medium
++
++ [ Michael Biebl ]
++ * Install D-Bus policy files in /usr
++ * Drop no longer needed maintainer scripts migration code and simplify
++ various version checks
++ * Fix location of installed tests
++ * Override package-name-doesnt-match-sonames lintian warning for libnss-*
++ * Don't ship any symlinks in /etc/systemd/system.
++ Those should be created dynamically via "systemctl enable".
++
++ [ Martin Pitt ]
++ * root-unittests autopkgtest: Skip test-udev.
++ It has its own autopkgtest and needs some special preparation. At some
++ point that should be merged into root-unittests, but let's quickfix this
++ to unbreak upstream CI.
++
++ -- Michael Biebl <biebl@debian.org> Fri, 03 Mar 2017 19:49:44 +0100
++
++systemd (233-2) experimental; urgency=medium
++
++ * test: skip instead of fail if crypto kmods are not available.
++ The Debian buildds have module loading disabled, thus AF_ALG sockets are
++ not available during build. Skip the tests that cover those (khash and
++ id128) instead of failing them in this case.
++ https://github.com/systemd/systemd/issues/5524
++
++ -- Martin Pitt <mpitt@debian.org> Fri, 03 Mar 2017 11:51:25 +0100
++
++systemd (233-1) experimental; urgency=medium
++
++ [ Martin Pitt ]
++ * New upstream release 233:
++ - udev: Remove /run/udev/control on stop to avoid sendsigs to kill
++ udevd. (Closes: #791944)
++ - nspawn: Handle container directory symlinks. (Closes: #805785)
++ - Fix mount units to not become "active" when NFS mounts time out.
++ (Closes: #835810)
++ - hwdb: Rework path/priority comparison when loading files from /etc/
++ vs. /lib. (Closes: #845442)
++ - machinectl: Fix "list" command when failing to determine OS version.
++ (Closes: #849316)
++ - Support tilegx architecture. (Closes: #856306)
++ - systemd-sleep(8): Point out inhibitor interface as better alternative
++ for suspend integration. (Closes: #758279)
++ - journalctl: Improve error message wording when specifying boot
++ offset with ephemeral journal. (Closes: #839291)
++ * Install new systemd-umount and /usr/lib/environment.d/
++ * Use "make install-tests" for shipped unit tests
++ * Switch back to gold linker on mips*
++ Bug #851736 got fixed now.
++ * debian/rules: Drop obsolete SETCAP path
++
++ [ Michael Biebl ]
++ * Drop upstart jobs for udev
++ * Drop /sbin/udevadm compat symlink from udev-udeb and initramfs
++ * Drop Breaks and Replaces from pre-jessie
++
++ -- Martin Pitt <mpitt@debian.org> Thu, 02 Mar 2017 17:10:09 +0100
++
++systemd (232-19) unstable; urgency=medium
++
++ [ Martin Pitt ]
++ * debian/README.source: Update patch and changelog handling to current
++ reality.
++ * root-unittests autopkgtest: Blacklist test-journal-importer.
++ This got added in a recent PR, but running this requires using "make
++ install-tests" which hasn't landed yet.
++ * fsckd: Fix format specifiers on 32 bit architectures.
++ * resolved: Fix NSEC proofs for missing TLDs (Closes: #855479)
++ * boot-and-services autopkgtest: Skip CgroupsTest on unified hierarchy.
++ * boot-smoke autopkgtest: Run in containers, too.
++ * logind autopkgtest: Adjust to work in containers.
++
++ [ Dimitri John Ledkov ]
++ * Fix resolved failing to follow CNAMES for DNS stub replies (LP: #1647031)
++ * Fix emitting change signals with a sessions property in logind
++ (LP: #1661568)
++
++ [ Michael Biebl ]
++ * If an automount unit is masked, don't react to activation anymore.
++ Otherwise we'll hit an assert sooner or later. (Closes: #856035)
++
++ [ Felipe Sateler ]
++ * resolved: add the new KSK to the built-in resolved trust anchor.
++ The old root key will be discarded in early 2018, so get this into
++ stretch.
++ * Backport some zsh completion fixes from upstream (Closes: #847203)
++
++ -- Martin Pitt <mpitt@debian.org> Thu, 02 Mar 2017 09:21:12 +0100
++
++systemd (232-18) unstable; urgency=medium
++
++ * udev autopkgtest: Adjust to script-based test /sys creation.
++ PR #5250 changes from the static sys.tar.xz to creating the test /sys
++ directory with a script. Get along with both cases until 233 gets
++ released and packaged.
++ * systemd-resolved.service.d/resolvconf.conf: Don't fail if resolvconf is
++ not installed. ReadWritePaths= fails by default if the referenced
++ directory does not exist. This happens if resolvconf is not installed, so
++ use '-' to ignore the absence. (Closes: #854814)
++ * Fix two more seccomp issues.
++ * Permit seeing process list of units whose unit files are missing.
++ * Fix systemctl --user enable/disable without $XDG_RUNTIME_DIR being set.
++ (Closes: #855050)
++
++ -- Martin Pitt <mpitt@debian.org> Mon, 13 Feb 2017 17:36:12 +0100
++
++systemd (232-17) unstable; urgency=medium
++
++ * Add libcap2-bin build dependency for tests. This will make
++ test_exec_capabilityboundingset() actually run. (Closes: #854394)
++ * Add iproute2 build dependency for tests. This will make
++ test_exec_privatenetwork() actually run; it skips if "ip" is not present.
++ (Closes: #854396)
++ * autopkgtest: Run all upstream unit tests as root.
++ Ship all upstream unit tests in libsystemd-dev, and run them all as root
++ in autopkgtest. (Closes: #854392) This also fixes the FTBFS on non-seccomp
++ architectures.
++ * systemd-resolved.service.d/resolvconf.conf: Allow writing to
++ /run/resolvconf. Upstream PR #5283 will introduce permission restrictions
++ for systemd-resolved.service, including the lockdown to writing
++ /run/systemd/. This will then cause the resolvconf call in our drop-in to
++ fail as that needs to write to /run/resolvconf/. Add this to
++ ReadWritePaths=. (This is a no-op with the current unrestricted unit).
++
++ -- Martin Pitt <mpitt@debian.org> Fri, 10 Feb 2017 11:52:46 +0100
++
++systemd (232-16) unstable; urgency=medium
++
++ [ Martin Pitt ]
++ * Add autopkgtest for test-seccomp
++ * udev: Fix by-id symlinks for devices whose IDs contain whitespace
++ (Closes: #851164, LP: #1647485)
++ * Add lintian overrides for binary-or-shlib-defines-rpath on shipped test
++ programs. This is apparently a new lintian warning on which uploads get
++ rejected. These are only test programs, not in $PATH, and they need to
++ link against systemd's internal library.
++
++ [ Michael Biebl ]
++ * Fix seccomp filtering. (Closes: #852811)
++ * Do not crash on daemon-reexec when /run is full (Closes: #850074)
++
++ -- Martin Pitt <mpitt@debian.org> Thu, 09 Feb 2017 16:22:43 +0100
++
++systemd (232-15) unstable; urgency=medium
++
++ * Add missing Build-Depends on tzdata.
++ It is required to successfully run the test suite. (Closes: #852883)
++ * Bump systemd Breaks to ensure it is upgraded in lockstep with udev.
++ The sandboxing features used by systemd-udevd.service require systemd
++ (>= 232-11). (Closes: #853078)
++ * Bump priority of libpam-systemd to standard.
++ This reflects the changes that have been made in the archive a while
++ ago. See #803184
++
++ -- Michael Biebl <biebl@debian.org> Wed, 01 Feb 2017 22:45:35 +0100
++
++systemd (232-14) unstable; urgency=medium
++
++ * Deal with NULL pointers more gracefully in unit_free() (Closes: #852202)
++ * Fix issues in journald during startup
++
++ -- Michael Biebl <biebl@debian.org> Mon, 23 Jan 2017 14:52:46 +0100
++
++systemd (232-13) unstable; urgency=medium
++
++ * Re-add versioned Conflicts/Replaces against upstart.
++ In Debian the upstart package was never split into upstart and
++ upstart-sysv, so we need to keep that for switching from upstart to
++ systemd-sysv. (Closes: #852156)
++ * Update Vcs-* according to the latest recommendation
++ * Update Homepage and the URLs in debian/copyright to use https
++
++ -- Michael Biebl <biebl@debian.org> Sun, 22 Jan 2017 08:19:28 +0100
++
++systemd (232-12) unstable; urgency=medium
++
++ * Fix build if seccomp support is disabled
++ * Enable seccomp support on ppc64
++
++ -- Michael Biebl <biebl@debian.org> Wed, 18 Jan 2017 19:43:51 +0100
++
++systemd (232-11) unstable; urgency=medium
++
++ [ Martin Pitt ]
++ * Fix RestrictAddressFamilies=
++ Backport upstream fix for setting up seccomp filters to fix
++ RestrictAddressFamilies= on non-amd64 architectures. Drop the hack from
++ debian/rules to remove this property from unit files.
++ See #843160
++ * Use local machine-id for running tests during package build.
++ Since "init" and thus "systemd" are not part of debootstrap any more,
++ some buildd chroots don't have an /etc/machine-id any more. Port the old
++ Add-env-variable-for-machine-ID-path.patch to the current code, use a
++ local machine-id again, and always make test suite failures fatal.
++ (Closes: #851445)
++
++ [ Michael Biebl ]
++ * gpt-auto-generator: support LUKS encrypted root partitions
++ (Closes: #851475)
++ * Switch to bfd linker on mips*
++ The gold linker is currently producing broken libraries on mips*
++ resulting in segfaults for users of libsystemd. Switch to bfd until
++ binutils has been fixed. (Closes: #851412)
++ * Revert "core: turn on specifier expansion for more unit file settings"
++ The expansion of the % character broke the fstab-generator and
++ specifying the tmpfs size as percentage of physical RAM resulted in the
++ size being set to 4k. (Closes: #851492)
++ * Drop obsolete Conflicts, Breaks and Replaces
++ * Require systemd-shim version which supports v232.
++ See #844785
++
++ [ Ondřej Nový ]
++ * Redirect try-restart in init-functions hook (Closes: #851688)
++
++ -- Michael Biebl <biebl@debian.org> Wed, 18 Jan 2017 12:38:54 +0100
++
++systemd (232-10) unstable; urgency=medium
++
++ * Add NULL sentinel to strjoin.
++ We haven't cherry-picked upstream commit 605405c6c which introduced a
++ strjoin macro that adds the NULL sentinel automatically so we need to do
++ it manually. (Closes: #851210)
++
++ -- Michael Biebl <biebl@debian.org> Fri, 13 Jan 2017 05:08:55 +0100
++
++systemd (232-9) unstable; urgency=medium
++
++ * Use --disable-wheel-group configure switch.
++ Instead of mangling the tmpfiles via sed to remove the wheel group, use
++ the configure switch which was added upstream in v230.
++ See https://github.com/systemd/systemd/issues/2492
++ * Update debian/copyright.
++ Bob Jenkins released the lookup3.[ch] files as public domain which means
++ there is no copyright holder.
++ * Drop fallback for older reportbug versions when attaching files
++ * debian/extra/init-functions.d/40-systemd: Stop checking for init env var.
++ This env variable is no longer set when systemd executes a service so
++ it's pointless to check for it.
++ * debian/extra/init-functions.d/40-systemd: Stop setting
++ _SYSTEMCTL_SKIP_REDIRECT=true.
++ It seems we don't actually need it to detect recursive loops (PPID is
++ sufficient) and by exporting it we leak _SYSTEMCTL_SKIP_REDIRECT into
++ the runtime environment of the service. (Closes: #802018)
++ * debian/extra/init-functions.d/40-systemd: Rename _SYSTEMCTL_SKIP_REDIRECT.
++ Rename _SYSTEMCTL_SKIP_REDIRECT to SYSTEMCTL_SKIP_REDIRECT to be more
++ consistent with other environment variables which are used internally by
++ systemd, like SYSTEMCTL_SKIP_SYSV.
++ * Various specifier resolution fixes.
++ Turn on specifier expansion for more unit file settings.
++ See https://github.com/systemd/systemd/pull/4835 (Closes: #781730)
++
++ -- Michael Biebl <biebl@debian.org> Thu, 12 Jan 2017 16:59:22 +0100
++
++systemd (232-8) unstable; urgency=medium
++
++ [ Martin Pitt ]
++ * Drop systemd dependency from libnss-myhostname again.
++ This NSS module is completely independent from systemd, unlike the other
++ three.
++ * Install 71-seat.rules into the initrd.
++ This helps plymouth to detect applicable devices. (Closes: #756109)
++ * networkd: Fix crash when setting routes.
++ * resolved: Drop removal of resolvconf entry on stop.
++ This leads to timeouts on shutdown via the resolvconf hooks and does not
++ actually help much -- /etc/resolv.conf would then just be empty instead of
++ having a nonexisting 127.0.0.53 nameserver, so manually stopping resolved
++ in a running system is broken either way. (LP: #1648068)
++ * Keep RestrictAddressFamilies on amd64.
++ This option and libseccomp currently work on amd64 at least, so let's make
++ sure it does not break there as well, and benefit from the additional
++ protection at least on this architecture.
++ * Explicitly set D-Bus policy dir.
++ This is about to change upstream in
++ https://github.com/systemd/systemd/pull/4892, but as explained in commit
++ 2edb1e16fb12f4 we need to keep the policies in /etc/ until stretch+1.
++
++ [ Michael Biebl ]
++ * doc: Clarify NoNewPrivileges in systemd.exec(5). (Closes: #756604)
++ * core: Rework logic to determine when we decide to add automatic deps for
++ mounts. This adds a concept of "extrinsic" mounts. If mounts are
++ extrinsic we consider them managed by something else and do not add
++ automatic ordering against umount.target, local-fs.target,
++ remote-fs.target. (Closes: #818978)
++ * rules: Add persistent links for nbd devices. (Closes: #837999)
++
++ -- Michael Biebl <biebl@debian.org> Sat, 17 Dec 2016 01:54:18 +0100
++
++systemd (232-7) unstable; urgency=medium
++
++ [ Michael Biebl ]
++ * Mark liblz4-tool build dependency as <!nocheck>
++ * udev: Try mount -n -o move first
++ initramfs-tools is not actually using util-linux mount (yet), so making
++ mount -n --move the first alternative would trigger an error message if
++ users have built their initramfs without busybox support.
++
++ [ Alexander Kurtz ]
++ * debian/extra/kernel-install.d/85-initrd.install: Remove an unnecessary
++ variable. (Closes: #845977)
++
++ [ Martin Pitt ]
++ * Drop systemd-networkd's "After=dbus.service" ordering, so that it can
++ start during early boot (for cloud-init.service). It will auto-connect to
++ D-Bus once it becomes available later, and transient (from DHCP) hostname
++ and timezone setting do not currently work anyway. (LP: #1636912)
++ * Run hwdb/parse_hwdb.py during package build.
++ * Package libnss-systemd
++ * Make libnss-* depend on the same systemd package version.
++
++ -- Martin Pitt <mpitt@debian.org> Wed, 30 Nov 2016 14:38:36 +0100
++
++systemd (232-6) unstable; urgency=medium
++
++ * Add policykit-1 test dependency for networkd-test.py.
++ * debian/rules: Don't destroy unit symlinks with sed -i.
++ Commit 21711e74 introduced a "sed -i" to remove RestrictAddressFamilies=
++ from units. This also caused unit symlinks to get turned into real files,
++ causing D-Bus activated services like timedated to fail ("two units with
++ the same D-Bus name").
++ * Fall back to "mount -o move" in udev initramfs script
++ klibc's mount does not understand --move, so for the time being we need to
++ support both variants. (Closes: #845161)
++ * debian/README.Debian: Document how to generate a shutdown log.
++ Thanks 積丹尼 Dan Jacobson. (Closes: #826297)
++
++ -- Martin Pitt <mpitt@debian.org> Mon, 21 Nov 2016 10:39:57 +0100
++
++systemd (232-5) unstable; urgency=medium
++
++ * Add missing liblz4-tool build dependency.
++ Fixes test-compress failure during package build.
++ * systemd: Ship /var/lib.
++ This will soon contain a polkit pkla file.
++
++ -- Martin Pitt <mpitt@debian.org> Sun, 20 Nov 2016 12:22:52 +0100
++
++systemd (232-4) unstable; urgency=medium
++
++ [ Martin Pitt ]
++ * debian/tests/unit-config: Query pkg-config for system unit dir.
++ This fixes confusion on merged-/usr systems where both /usr/lib/systemd and
++ /lib/systemd exist. It's actually useful to verify that systemd.pc says the
++ truth.
++ * debian/tests/upstream: Fix clobbering of merged-/usr symlinks
++ * debian/tests/systemd-fsckd: Create /etc/default/grub.d if necessary
++ * debian/rules: Drop check for linking to libs in /usr.
++ This was just an approximation, as booting without an initrd could still be
++ broken by library updates (e. g. #828991). With merged /usr now being the
++ default this is now completely moot.
++ * Move kernel-install initrd script to a later prefix.
++ 60- does not leave much room for scripts that want to run before initrd
++ building (which is usually one of the latest things to do), so bump to 85.
++ Thanks to Sjoerd Simons for the suggestion.
++ * Disable 99-default.link instead of the udev rule for disabling persistent
++ interface names.
++ Disabling 80-net-setup-link.rules will also cause ID_NET_DRIVER to not be
++ set any more, which breaks 80-container-ve.network and matching on driver
++ name in general. So disable the actual default link policy instead. Still
++ keep testing for 80-net-setup-link.rules in the upgrade fix and
++ 73-usb-net-by-mac.rules to keep the desired behaviour on systems which
++ already disabled ifnames via that udev rule.
++ See https://lists.freedesktop.org/archives/systemd-devel/2016-November/037805.html
++ * debian/tests/boot-and-services: Always run seccomp test
++ seccomp is now available on all architectures on which Debian and Ubuntu
++ run tests, so stop making this test silently skip if seccomp is disabled.
++ * Bump libseccomp build dependency as per configure.ac.
++ * Replace "Drop RestrictAddressFamilies=" patch with sed call.
++ With that it will also apply to upstream builds/CI, and it is structurally
++ simpler.
++ * Rebuild against libseccomp with fixed shlibs. (Closes: #844497)
++
++ [ Michael Biebl ]
++ * fstab-generator: add x-systemd.mount-timeout option. (Closes: #843989)
++ * build-sys: do not install ctrl-alt-del.target symlink twice.
++ (Closes: #844039)
++ * Enable lz4 support.
++ While the compression rate is not as good as XZ, it is much faster, so a
++ better default for the journal and especially systemd-coredump.
++ (Closes: #832010)
++
++ [ Felipe Sateler ]
++ * Enable machines.target by default. (Closes: #806787)
++
++ [ Evgeny Vereshchagin ]
++ * debian/tests/upstream: Print all journal files.
++ We don't print all journal files. This is misleading a bit:
++ https://github.com/systemd/systemd/pull/4331#issuecomment-252830790
++ https://github.com/systemd/systemd/pull/4395#discussion_r87948836
++
++ [ Luca Boccassi ]
++ * Use mount --move in initramfs-tools udev script.
++ Due to recent changes in busybox and initramfs-tools the mount
++ utility is no longer the one from busybox but from util-linux.
++ The latter does not support mount -o move.
++ The former supports both -o move and --move, so use it instead to be
++ compatible with both.
++ See this discussion for more details:
++ https://bugs.debian.org/823856 (Closes: #844775)
++
++ -- Michael Biebl <biebl@debian.org> Sun, 20 Nov 2016 03:34:58 +0100
++
++systemd (232-3) unstable; urgency=medium
++
++ [ Felipe Sateler ]
++ * Make systemd-delta less confused on merged-usr systems. (Closes: #843070)
++ * Fix wrong paths for /bin/mount when compiled on merged-usr system.
++ Then the build system finds /usr/bin/mount which won't exist on a
++ split-/usr system. Set the paths explicitly in debian/rules and drop
++ Use-different-default-paths-for-various-binaries.patch. (Closes: #843433)
++
++ [ Martin Pitt ]
++ * debian/tests/logind: Split out "pid in logind session" test
++ * debian/tests/logind: Adjust "in logind session" test for unified cgroup
++ hierarchy
++ * debian/tests/boot-and-services: Check common properties of CLI programs.
++ Verify that CLI programs have a sane behaviour and exit code when being
++ called with --help, --version, or an invalid option.
++ * nspawn: Fix exit code for --help and --version (Closes: #843544)
++ * core: Revert using the unified hierarchy for the systemd cgroup.
++ Too many things don't get along with it yet, like docker, LXC, or runc.
++ (Closes: #843509)
++
++ -- Martin Pitt <mpitt@debian.org> Wed, 09 Nov 2016 09:34:45 +0100
++
++systemd (232-2) unstable; urgency=medium
++
++ * Drop RestrictAddressFamilies from service files.
++ RestrictAddressFamilies= is broken on 32bit architectures and causes
++ various services to fail with a timeout, including
++ systemd-udevd.service.
++ While this might actually be a libseccomp issue, remove this option for
++ now until a proper solution is found. (Closes: #843160)
++
++ -- Michael Biebl <biebl@debian.org> Sat, 05 Nov 2016 22:43:27 +0100
++
++systemd (232-1) unstable; urgency=medium
++
++ [ Martin Pitt ]
++ * New upstream release 232:
++ - Fix "systemctl start" when ReadWriteDirectories is a symlink
++ (Closes: ##792187)
++ - Fix "journalctl --setup-keys" output (Closes: #839097)
++ - Run run sysctl service if /proc/sys/net is writable, for containers
++ (Closes: #840529)
++ - resolved: Add d.f.ip6.arpa to the DNSSEC default negative trust anchors
++ (Closes: #834453)
++ * debian/tests/logind: Copy the current on-disk unit instead of the
++ on-memory one.
++ * Build sd-boot on arm64. gnu-efi is available on arm64 now.
++ (Closes: #842617)
++ * Link test-seccomp against seccomp libs to fix FTBFS
++ * debian/rules: Remove nss-systemd (until we package it)
++ * Install new systemd-mount
++
++ [ Michael Biebl ]
++ * Install new journal-upload.conf man pages in systemd-journal-remote
++
++ -- Martin Pitt <mpitt@debian.org> Fri, 04 Nov 2016 07:18:10 +0200
++
++systemd (231-10) unstable; urgency=medium
++
++ [ Martin Pitt ]
++ * systemctl: Add --wait option to wait until started units terminate again.
++ * nss-resolve: return NOTFOUND instead of UNAVAIL on resolution errors.
++ This makes it possible to configure a fallback to "dns" without breaking
++ DNSSEC, with "resolve [!UNAVAIL=return] dns".
++ * libnss-resolve.postinst: Skip dns fallback if resolve is present.
++ Only fall back to "dns" if nss-resolve is not installed (for the
++ architecture of the calling program). Once it is, we never want to fall
++ back to "dns" as that breaks enforcing DNSSEC verification and also
++ pointlessly retries NXDOMAIN failures. (LP: #1624071)
++ * unit: sent change signal before removing the unit if necessary
++ (LP: #1632964)
++ * networkd: Fix assertion crash on adding VTI with IPv6 addresses
++ (LP: #1633274)
++ * debian/tests/upstream: Stop specifying initrd, it is autodetected now.
++ * debian/tests/upstream: Add gcc/libc-dev/make test dependencies,
++ so that the tests can build helper binaries.
++
++ [ Felipe Sateler ]
++ * Explicitly disable installing the upstream-provided PAM configuration.
++ * Register interest in the status of dracut and initramfs-tools in reportbug
++ template
++
++ [ Michael Biebl ]
++ * Stop creating systemd-update-utmp-runlevel.service symlinks manually
++
++ -- Martin Pitt <mpitt@debian.org> Wed, 26 Oct 2016 13:24:37 +0200
++
++systemd (231-9) unstable; urgency=medium
++
++ * pid1: process zero-length notification messages again.
++ Just remove the assertion, the "n" value was not used anyway. This fixes
++ a local DoS due to unprocessed/unclosed fds which got introduced by the
++ previous fix. (Closes: #839171) (LP: #1628687)
++ * pid1: Robustify manager_dispatch_notify_fd()
++ * test/networkd-test.py: Add missing writeConfig() helper function.
++
++ -- Martin Pitt <mpitt@debian.org> Thu, 29 Sep 2016 23:39:24 +0200
++
++systemd (231-8) unstable; urgency=medium
++
++ [ Martin Pitt ]
++ * Replace remaining systemctl --failed with --state=failed
++ "--failed" is deprecated in favor of --state.
++ * debian/shlibs.local.in: More precisely define version of internal shared
++ lib.
++ * debian/tests/upstream: Drop blacklisting
++ These tests now work fine without qemu.
++ * debian/tests/storage: Avoid rmmod scsi_debug (LP: #1626737)
++ * upstream build system: Install libudev, libsystemd, and nss modules to
++ ${rootlibdir}. Drop downstream workaround from debian/rules.
++ * Ubuntu: Disable resolved's DNSSEC for the final 16.10 release.
++ Resolved's DNSSEC support is still not mature enough, and upstream
++ recommends to disable it in stable distro releases still.
++ * Fix abort/DoS on zero-length notify message triggers (LP: #1628687)
++ * resolved: don't query domain-limited DNS servers for other domains
++ (LP: #1588230)
++
++ [ Antonio Ospite ]
++ * Update systemd-user pam config to require pam_limits.so.
++ (Closes: #838191)
++
++ -- Martin Pitt <mpitt@debian.org> Thu, 29 Sep 2016 13:40:21 +0200
++
++systemd (231-7) unstable; urgency=medium
++
++ [ Michael Biebl ]
++ * fsckd: Do not exit on idle timeout if there are still clients connected
++ (Closes: #788050, LP: #1547844)
++
++ [ Martin Pitt ]
++ * 73-usb-net-by-mac.rules: Split kernel command line import line.
++ Reportedly this makes the rule actually work on some platforms. Thanks Alp
++ Toker! (LP: #1593379)
++ * debian/tests/boot-smoke: Only run 5 iterations
++ * systemd.postinst: Drop obsolete setcap call for systemd-detect-virt.
++ Drop corresponding libcap2-bin dependency.
++ * debian/tests/systemd-fsckd: Robustify check for "unit was running"
++ (LP: #1624406)
++ * debian/extra/set-cpufreq: Use powersave with intel_pstate.
++ This is what we did on xenial, and apparently powersave is still actually
++ better than performance. Thanks to Doug Smythies for the measurements!
++ (LP: #1579278)
++ * Ubuntu: Move ondemand.service from static to runtime enablement.
++ This makes it easier to keep performance, by disabling ondemand.service.
++ Side issue in LP: #1579278
++ * Revert "networkd: remove route if carrier is lost"
++ This causes networkd to drop addresses from unmanaged interfaces in some
++ cases. (Closes: #837759)
++ * debian/tests/storage: Avoid stderr output of stopping systemd-cryptsetup@.service
++ * libnss-*.prerm: Remove possible [key=value] options from NSS modules as well.
++ (LP: #1625584)
++
++ -- Martin Pitt <mpitt@debian.org> Tue, 20 Sep 2016 15:03:06 +0200
++
++systemd (231-6) unstable; urgency=medium
++
++ [ Martin Pitt ]
++ * Add alternative iptables-dev build dependencies
++ libiptc-dev is very new and not yet present in stable Debian/Ubuntu releases.
++ Add it as a fallback build dependency for backports and upstream tests.
++ * Detect if seccomp is enabled but seccomp filtering is disabled
++ (Closes: #832713)
++ * resolved: recognize DNS names with more than one trailing dot as invalid
++ (LP: #1600000)
++ * debian/tests/smoke: Store udev db dump artifact on failure
++ * networkd: limit the number of routes to the kernel limit
++ * systemctl: consider service running only when it is in active or reloading state
++ * networkd: remove route if carrier is lost
++ * Add Ref()/Unref() bus calls for units
++
++ [ Felipe Sateler ]
++ * git-cherry-pick: always recreate the patch-queue branch.
++
++ [ Dimitri John Ledkov ]
++ * Use idiomatic variables from dpkg include.
++
++ -- Martin Pitt <mpitt@debian.org> Sun, 11 Sep 2016 15:00:55 +0200
++
++systemd (231-5) unstable; urgency=medium
++
++ [ Iain Lane ]
++ * Let graphical-session-pre.target be manually started (LP: #1615341)
++
++ [ Felipe Sateler ]
++ * Add basic version of git-cherry-pick
++ * Replace Revert-units-add-a-basic-SystemCallFilter-3471.patch with upstream
++ patch
++ * sysv-generator: better error reporting. (Closes: #830257)
++
++ [ Martin Pitt ]
++ * 73-usb-net-by-mac.rules: Test for disabling 80-net-setup-link.rules more
++ efficiently. Stop calling readlink at all and just test if
++ /etc/udev/rules.d/80-net-setup-link.rules exists -- a common way to
++ disable an udev rule is to just "touch" it in /etc/udev/rule.d/ (i. e.
++ empty file), and if the rule is customized we cannot really predict anyway
++ if the user wants MAC-based USB net names or not. (LP: #1615021)
++ * Ship kernel-install (Closes: #744301)
++ * Add debian/extra/kernel-install.d/60-initrd.install.
++ This kernel-install drop-in copies the initrd of the selected kernel to
++ the EFI partition.
++ * bootctl: Automatically detect ESP partition.
++ This makes bootctl work with Debian's /boot/efi/ mountpoint without having
++ to explicitly specify --path.
++ Patches cherry-picked from upstream master.
++ * systemd.NEWS: Point out that alternatively rcS scripts can be moved to
++ rc[2-5]. Thanks to Petter Reinholdtsen for the suggestion!
++
++ [ Michael Biebl ]
++ * Enable iptables support (Closes: #787480)
++ * Revert "logind: really handle *KeyIgnoreInhibited options in logind.conf"
++ The special 'key handling' inhibitors should always work regardless of
++ any *IgnoreInhibited settings – otherwise they're nearly useless.
++ Update man pages to clarify that *KeyIgnoreInhibited only apply to a
++ subset of locks (Closes: #834148)
++
++ -- Martin Pitt <mpitt@debian.org> Fri, 26 Aug 2016 10:58:07 +0200
++
++systemd (231-4) unstable; urgency=medium
++
++ * Revert "pid1: reconnect to the console before being re-executed"
++ This unbreaks consoles after "daemon-reexec". (Closes: #834367)
++
++ -- Martin Pitt <mpitt@debian.org> Thu, 18 Aug 2016 07:03:13 +0200
++
++systemd (231-3) unstable; urgency=medium
++
++ * resolved resolvconf integration: Run resolvconf without privilege
++ restrictions. On some architectures (at least ppc64el), running resolvconf
++ does not work with MemoryDenyWriteExecute=yes. (LP: #1609740)
++ * Revert unit usage of MemoryDenyWriteExecute=yes. This is implemented
++ through seccomp as well. (Closes: #832713)
++
++ -- Martin Pitt <mpitt@debian.org> Mon, 15 Aug 2016 09:58:09 +0200
++
++systemd (231-2) unstable; urgency=medium
++
++ [ Martin Pitt ]
++ * debian/rules: Fix UPSTREAM_VERSION for upstream master builds
++ * Limit "link against /usr" check to some critical binaries only and add
++ generators
++ * debian/rules: Put back cleanup of *.busname (Closes: #833487)
++ * debian/tests/localed-x11-keymap: Robustify cleanup
++ * debian/tests/localed-x11-keymap: Check that localed works without
++ /etc/default/keyboard. This reproduces #833849.
++ * Revert "units: add a basic SystemCallFilter (#3471)"
++ This causes fatal failures on kernels that don't have seccomp enabled.
++ This can be reactivated once
++ https://github.com/systemd/systemd/issues/3882 is fixed.
++ (Closes: #832713, #832893)
++
++ [ Simon McVittie ]
++ * localed: tolerate absence of /etc/default/keyboard.
++ The debian-specific patch to read Debian config files was not tolerating
++ the absence of /etc/default/keyboard. This causes systemd-localed to
++ fail to start on systems where that file isn't populated (like embedded
++ systems without keyboards). (Closes: #833849)
++
++ -- Martin Pitt <mpitt@debian.org> Sun, 14 Aug 2016 10:54:57 +0200
++
++systemd (231-1) unstable; urgency=low
++
++ [ Martin Pitt ]
++ * New upstream release 231:
++ - Fix "Failed to create directory /str/sys/fs/selinux: Read-only file
++ system" warning. (Closes: #830693)
++ * systemd.postinst: Remove systemd-networkd-resolvconf-update.path removal
++ leftover. (Closes: #830778)
++ * Drop support for rcS.d SysV init scripts.
++ These are prone to cause dependency loops, and almost all packages with
++ rcS scripts now ship a native systemd service.
++ * networkd: Handle router advertisements in userspace again.
++ Drop Revert-Revert-networkd-ndisc-revert-to-letting-the-k.patch.
++ Bug #814566/#815586 got fixed in 230, and #815884 and #815884 and #815793
++ are unreproducible and need more reporter feedback.
++ * debian/gbp.conf: Enable dch options "full" and "multimaint-merge"
++ * systemd-sysv: Add Conflicts: systemd-shim.
++ To avoid shim trying to claim the D-Bus interfaces.
++ * Add graphical-session.target user unit.
++ * Add graphical-session-pre.target user unit
++ * Add debian/extra/units-ubuntu/user@.service.d/timeout.conf.
++ This avoids long hangs during shutdown if user services fail/hang due to
++ X.org going away too early. This is mostly a workaround, so only install
++ for Ubuntu for now.
++ * Dynamically add upstream version to debian/shlibs.local
++ * Set Debian/Ubuntu downstream support URL in journal catalogs
++ (Closes: #769187)
++
++ [ Michael Biebl ]
++ * Restrict Conflicts: openrc to << 0.20.4-2.1.
++ Newer versions of openrc no longer ship conflicting implementations of
++ update-rc.d/invoke-rc.d.
++ * Add Depends: dbus to systemd-container.
++ This is required for systemd-machined and systemd-nspawn to work
++ properly. (Closes: #830575)
++ * Drop insserv.conf generator.
++ We no longer parse /etc/insserv.conf and /etc/insserv.conf.d/* and
++ augment services with that dependency information via runtime drop-in
++ files. Services which want to provide certain system facilities need to
++ pull in the corresponding targets themselves. Either directly in the
++ native service unit or by shipping a drop-in snippet for SysV init
++ scripts. (Closes: #825858)
++ * getty-static.service: Only start if we have a working VC subsystem.
++ Use ConditionPathExists=/dev/tty0, the same check as in getty@.service,
++ to determine whether we have a functional VC subsystem and we should
++ start any gettys. (Closes: #824779)
++ * Stop mentioning snapshot and restore in the package description.
++ Support for the .snapshot unit type has been removed upstream.
++ * Drop sigpwr-container-shutdown.service.
++ This is no longer necessary as lxc-stop has been fixed to use SIGRTMIN+3
++ to shut down systemd based LXC containers.
++ https://github.com/lxc/lxc/pull/1086
++ https://www.freedesktop.org/wiki/Software/systemd/ContainerInterface/
++
++ [ Felipe Sateler ]
++ * Add versioned breaks for packages shipping rcS init scripts
++
++ -- Martin Pitt <mpitt@debian.org> Tue, 26 Jul 2016 12:17:14 +0200
++
++systemd (230-7) unstable; urgency=medium
++
++ * Tell dh_shlibdeps to look in the systemd package for libraries. Otherwise
++ dpkg-shlibdeps fails to find libsystemd-shared as we no longer create a
++ shlibs file for it.
++ * Add Build-Depends-Package to libudev1.symbols and libsystemd0.symbols.
++ This ensures proper dependencies when a package has a Build-Depends on a
++ higher version of libudev-dev or libsystemd-dev then what it gets from the
++ used symbols.
++
++ -- Michael Biebl <biebl@debian.org> Fri, 08 Jul 2016 13:04:33 +0200
++
++systemd (230-6) unstable; urgency=medium
++
++ [ Martin Pitt ]
++ * debian/tests/boot-smoke: Stop running in containers again, too unreliable
++ on Ubuntu s390x right now.
++
++ [ Michael Biebl ]
++ * Bump Build-Depends on debhelper to (>= 9.20160114), required for
++ --dbgsym-migration support.
++ * Install test-udev binary into $libdir/udev/ not $libdir. Only libraries
++ should be installed directly into $libdir.
++ * Exclude libsystemd-shared from dh_makeshlibs.
++
++ [ Felipe Sateler ]
++ * Do not install libsystemd-shared.so symlink
++ * {machine,system}ctl: always pass &changes and &n_changes (Closes: #830144)
++
++ [ Michael Prokop ]
++ * debian/tests/logind: Ensure correct version of logind is running.
++
++ -- Michael Biebl <biebl@debian.org> Thu, 07 Jul 2016 15:22:16 +0200
++
++systemd (230-5) unstable; urgency=medium
++
++ [ Martin Pitt ]
++ * Sync test/networkd-test.py with current upstream master, and remove our
++ debian/tests/networkd copy. Directly run test/networkd-test.py in
++ autopkgtest.
++ * debian/extra/rules/73-usb-net-by-mac.rules: Disable when
++ /etc/udev/rules.d/80-net-setup-link.rules is a symlink to /dev/null, to be
++ consistent with the documented way to disable ifnames. (Closes: #824491,
++ LP: #1593379)
++ * debian/rules: Ignore libcap-ng.so in the "does anything link against /usr"
++ check, to work around libaudit1 recently gaining a new dependency against
++ that library (#828991). We have no influence on that ourselves. This fixes
++ the FTBFS in the meantime.
++
++ [ Felipe Sateler ]
++ * Convert common code into a private shared library. This saves about 9 MB
++ of installed size in the systemd package, and some more in systemd-*.
++
++ -- Martin Pitt <mpitt@debian.org> Fri, 01 Jul 2016 09:15:12 +0200
++
++systemd (230-4) unstable; urgency=medium
++
++ [ Martin Pitt ]
++ * tmp.mount: Add nosuid and nodev mount options. This restores compatibility
++ with the original SysV int RAMTMP defaults. (Closes: #826377)
++ * debian/tests/upstream: Some tests fail on platforms without QEMU at the
++ moment due to upstream PR#3587; blacklist these for now if QEMU is not
++ available.
++ * debian/rules: Don't run the "anything links against /usr" check for
++ upstream tests, as those run on Ubuntu 16.04 LTS which does not yet have
++ libidn moved to /lib.
++ * debian/tests/upstream: Clean up old journals before running a test, to
++ avoid printing a wrong one on failure.
++ * debian/tests/upstream: Do not run the QEMU tests on i386. Nested QEMU on
++ i386 causes testbed hangs on Ubuntu's cloud infrastructure, which is the
++ only place where these actually run.
++ * resolved: Fix SERVFAIL handling and introduce a new "Cache=" option to
++ disable local caching.
++ * resolved: Support IPv6 zone indices in resolv.conf. (LP: #1587489)
++ * resolved: Update resolv.conf when calling SetLinkDNS().
++ * debian/tests/storage: Sync and settle udev after luksFormat, to reduce the
++ chance of seeing some half-written signatures.
++ * debian/tests/networkd: Stop skipping the two DHCP6 tests, this regression
++ seems to have been fixed now.
++ * resolved: respond to local resolver requests on 127.0.0.53:53. This
++ provides compatibility with clients that don't use NSS but do DNS queries
++ directly, such as Chrome.
++ * resolved: Don't add route-only domains to /etc/resolv.conf.
++ * systemd-resolve: Add --flush-caches and --status commands.
++ * Add debian/extra/units/systemd-resolved.service.d/resolvconf.conf to tell
++ resolvconf about resolved's builtin DNS server on 127.0.0.53. With that,
++ DNS servers picked up via networkd are respected when using resolvconf,
++ and software like Chrome that does not do NSS (libnss-resolve) still gets
++ proper DNS resolution. Drop the brittle and ugly
++ systemd-networkd-resolvconf-update.{path,service} hack instead.
++ * debian/tests/boot-smoke: Run in containers as well.
++
++ [ Laurent Bigonville ]
++ * Build with IDN support. (Closes: #814528)
++
++ -- Martin Pitt <mpitt@debian.org> Wed, 29 Jun 2016 15:23:32 +0200
++
++systemd (230-3) unstable; urgency=medium
++
++ [ Martin Pitt ]
++ * debian/tests/boot-and-services: Adjust test_tmp_mount() for fixed
++ systemctl exit code for "unit not found" in upstream commit ca473d57.
++ * debian/tests/boot-and-services, test_no_failed(): Show journal of failed
++ units.
++ * debian/extra/init-functions.d/40-systemd: Adjust to changed systemctl
++ show behaviour in 231: now this fails for nonexisting units instead of
++ succeeding with "not-found". Make the code compatible to both for now.
++ * Fix networkd integration with resolvconf for domain-limited DNS servers,
++ so that these don't appear as global nameservers in resolv.conf. Thanks
++ Andy Whitcroft for the initial fix! Add corresponding test case to
++ debian/tests/networkd. (LP: #1587762)
++ * resolved: Fix comments in resolve.conf for search domain overflows.
++ (LP: #1588229)
++ * On Ubuntu, provide an "ondemand.service" that replaces
++ /etc/init.d/ondemand. The latter does not exist any more when
++ "initscripts" falls out of the default installation. (LP: #1584124) This
++ now does not do a fixed one-minute wait but uses "Type=idle" instead. This
++ also becomes a no-op when the CPU supports "intel_pstate" (≤ 5 years old),
++ as on these the ondemand/powersave schedulers are actually detrimental.
++ (LP: #1579278)
++ * debian/systemd-container.install: Drop *.busname installation, they are
++ going away upstream.
++ * debian/extra/init-functions.d/40-systemd: Do not call systemctl
++ daemon-reload if the script is called as user (like reportbug does). Also
++ make sure that daemon-reload will not invoke polkit.
++ * Install test-udeb from .libs, to avoid installing the automake shell
++ wrapper.
++ * Fix transaction restarting in resolved to avoid async processing of
++ free'd transactions.
++ (Closes: #817210, LP: #1587727, #1587740, #1587762, #1587740)
++ * Add "upstream" autopkgtest that runs the test/TEST* upstream integration
++ tests in QEMU and nspawn.
++ * Build systemd-sysusers binary, for using in rkt. Do not ship the
++ corresponding unit and sysusers.d/ files yet, as these need some
++ Debianization and an autopkgtest. (Closes: #823322)
++ * debian/tests/systemd-fsckd: Adjust was_running() to also work for version
++ 230.
++
++ [ Michael Biebl ]
++ * Add "systemctl daemon-reload" to lsb init-functions hook if the LoadState
++ of a service is "not-found". This will run systemd-sysv-generator, so SysV
++ init scripts that aren't installed by the package manager should be picked
++ up automatically. (Closes: #825913)
++ * automount: handle expire_tokens when the mount unit changes its state.
++ (Closes: #826512)
++ * debian/systemd.preinst: Correctly determine whether a service is enabled.
++ Testing for the return code alone is not sufficient as we need to
++ differentiate between "generated" and "enabled" services.
++ (Closes: #825981)
++
++ [ Felipe Sateler ]
++ * Drop configure option --disable-compat-libs. It no longer exists.
++ * Add policykit-1 to Suggests. It is used to allow unprivileged users to
++ execute certain commands. (Closes: #827756)
++
++ -- Martin Pitt <mpitt@debian.org> Tue, 21 Jun 2016 23:51:07 +0200
++
++systemd (230-2) unstable; urgency=medium
++
++ [ Martin Pitt ]
++ * Don't add a Breaks: against usb-modeswitch when building on Ubuntu; there
++ it does not use hotplug.functions and is a lower version.
++ * boot-and-services autopkgtest: Add missing xserver-xorg and
++ lightdm-greeter test dependencies, so that lightdm can start.
++ (See LP #1581106)
++ * Re-disable logind's KillUserProcesses option by default. (Closes: #825394)
++
++ [ Michael Biebl ]
++ * Drop --disable-silent-rules from debian/rules. This is now handled by dh
++ directly depending on whether the DH_QUIET environment variable is set.
++
++ -- Martin Pitt <mpitt@debian.org> Tue, 31 May 2016 12:02:14 +0200
++
++systemd (230-1) unstable; urgency=medium
++
++ [ Martin Pitt ]
++ * New upstream release 230.
++ - Fix rare assertion failure in hashmaps. (Closes: #816612)
++ - Fix leaking scope units. (Closes: #805477)
++ - Fix wrong socket ownership after daemon-reload. (LP: #1577001)
++ - udev: Fix touch screen detection. (LP: #1530384)
++ * Drop cmdline-upstart-boot autopkgtest. It was still needed up to Ubuntu
++ 16.04 LTS, but upstart-sysv is not supported any more in Debian and Ubuntu
++ now.
++ * udev: Drop hotplug.functions, now that the last remaining user of this got
++ fixed. Add appropriate versioned Breaks:.
++ * debian/extra/rules/70-debian-uaccess.rules: Add some more FIDO u2f devices
++ from different vendors. Thanks Atoyama Tokanawa.
++ * Remove "bootchart" autopkgtest, this upstream version does not ship
++ bootchart any more. It will be packaged separately.
++
++ [ Michael Biebl ]
++ * Drop obsolete --disable-bootchart configure switch from udeb build.
++ * Remove obsolete /etc/systemd/bootchart.conf conffile on upgrades.
++
++ -- Martin Pitt <mpitt@debian.org> Mon, 23 May 2016 09:42:51 +0200
++
++systemd (229-6) unstable; urgency=medium
++
++ * systemd-container: Prefer renamed "btrfs-progs" package name over
++ "btrfs-tools". (Closes: #822629)
++ * systemd-container: Recommend libnss-mymachines. (Closes: #822615)
++ * Drop systemd-dbg, in favor of debhelpers' automatic -dbgsym packages.
++ * Drop Add-targets-for-compatibility-with-Debian-insserv-sy.patch; we don't
++ need $x-display-manager any more as most/all DMs ship native services, and
++ $mail-transport-agent is not widely used (not even by our default MTA
++ exim4).
++ * Unify our two patches for Debian specific configuration files.
++ * Drop udev-re-enable-mount-propagation-for-udevd.patch, i. e. run udevd in
++ its own slave mount name space again. laptop-mode-tools 1.68 fixed the
++ original bug (#762018), thus add a Breaks: to earlier versions.
++ * Ship fbdev-blacklist.conf in /lib/modprobe.d/ instead of /etc/modprobe.d/;
++ remove the conffile on upgrades.
++ * Replace util-Add-hidden-suffixes-for-ucf.patch with patch that got
++ committed upstream.
++ * Replace Stop-syslog.socket-when-entering-emergency-mode.patch with patch
++ that got committed upstream.
++ * debian/udev.README.Debian: Adjust documentation of MAC based naming for
++ USB network cards to the udev rule, where this was moved to in 229-5.
++ * debian/extra/init-functions.d/40-systemd: Invoke status command with
++ --no-pager, to avoid blocking scripts that call an init.d script with
++ "status" with an unexpected pager process. (Closes: #765175, LP: #1576409)
++ * Add debian/extra/rules/70-debian-uaccess.rules: Make FIDO U2F dongles
++ accessible to the user session. This avoids having to install libu2f-host0
++ (which isn't discoverable at all) to make those devices work.
++ (LP: #1387908)
++ * libnss-resolve: Enable systemd-resolved.service on package installation,
++ as this package makes little sense without resolved.
++ * Add a DHCP exit hook for pushing received NTP servers into timesyncd.
++ (LP: #1578663)
++ * debian/udev.postinst: Fix migration check from the old persistent-net
++ generator to not apply to chroots. (Closes: #813141)
++ * Revert "enable TasksMax= for all services by default, and set it to 512".
++ Introducing a default limit on number of threads broke a lot of software
++ which regularly needs more, such as MySQL and RabbitMQ, or services that
++ spawn off an indefinite number of subtasks that are not in a scope, like
++ LXC or cron. 512 is way too much for most "simple" services, and it's way
++ too little for the ones mentioned above. Effective (and much stricter)
++ limits should instead be put into units individually.
++ (Closes: #823530, LP: #1578080)
++ * Split out udev rule to name USB network interfaces by MAC address into
++ 73-usb-net-by-mac.rules, so that it's easier to disable. (Closes: #824025)
++ * 73-usb-net-by-mac.rules: Disable when net.ifnames=0 is specified on the
++ kernel command line, to be consistent with disabling the *.link files.
++ * 73-special-net-names.rule: Name the IBM integrated management module
++ virtual USB network card "ibmimm". Thanks Marco d'Itri!
++
++ -- Martin Pitt <mpitt@debian.org> Thu, 12 May 2016 09:40:19 +0200
++
++systemd (229-5) unstable; urgency=medium
++
++ * debian/tests/unit-config: Call "daemon-reload" to clean up generated units
++ in between tests.
++ * debian/tests/unit-config: Check that enable/disable commands are
++ idempotent.
++ * debian/tests/unit-config: Detect if system units are in /usr/, so that the
++ test works on systems with merged /usr.
++ * debian/tests/unit-config: Use systemd-sysv-install instead of update-rc.d
++ directly, so that the test works under Fedora too.
++ * debian/tests/unit-config: Check disabling of a "systemctl link"ed unit,
++ and check "systemctl enable" on a unit with full path which is not in the
++ standard directories.
++ * Rename debian/extra/rules/73-idrac.rules to 73-special-net-names.rules, as
++ it is going to get rules for other devices. Also install it into the
++ initramfs.
++ * debian/extra/rules/73-special-net-names.rules: Add DEVPATH number based
++ naming schema for ibmveth devices. (LP: #1561096)
++ * Don't set SYSTEMD_READY=0 on DM_UDEV_DISABLE_OTHER_RULES_FLAG=1 devmapper
++ devices with "change" events, as this causes spurious unmounting with
++ multipath devices. (LP: #1565969)
++ * Fix bogus "No [Install] section" warning when enabling a unit with full
++ path. (LP: #1563590)
++ * debian/tests/cmdline-upstart-boot: In test_rsyslog(), check for messages
++ from dbus instead of NetworkManager. NM 1.2 does not seem to log to syslog
++ by default any more.
++ * Bump Standards-Version to 3.9.8 (no changes necessary).
++ * debian/tests/boot-smoke: Add some extra debugging if there are pending
++ jobs after 10s, to figure out why lightdm is sometimes "restarting".
++ (for LP #1571673)
++ * debian/tests/boot-smoke: Configure dummy X.org driver (like in the
++ boot-and-services test), to avoid lightdm randomly fail. (LP: #1571673)
++ * Move Debian specific patches into debian/patches/debian (which translates
++ to "Gbp-Pq: Topic debian" with pq). This keeps upstream vs. Debian
++ patches separated without the comments in debian/patches/series (which
++ always get removed by "pq export").
++ * Don't ship an empty /etc/X11/xinit/xinitrc.d/ directory, this isn't
++ supported in Debian. (Closes: #822198)
++ * udev: Mark nbd as inactive until connected. (Closes: #812485)
++ * On shutdown, unmount /tmp before disabling swap. (Closes: #788303)
++ * debian/systemd-coredump.postinst: Do daemon-reload before starting
++ systemd-coredump, as the unit file may have changed on upgrades.
++ (Closes: #820325)
++ * Set MAC based name for USB network interfaces only for universally
++ administered (i. e. stable) MACs, not for locally administered (i. e.
++ randomly generated) ones. Drop /lib/systemd/network/90-mac-for-usb.link
++ (as link files don't currently support globs for MACAddress=) and replace
++ with an udev rule in /lib/udev/rules.d/73-special-net-names.rules.
++ (Closes: #812575, LP: #1574483)
++
++ -- Martin Pitt <mpitt@debian.org> Mon, 25 Apr 2016 11:08:11 +0200
++
++systemd (229-4) unstable; urgency=medium
++
++ * Fix assertion crash when processing a (broken) device without a sysfs
++ path. (Closes: #819290, LP: #1560695)
++ * Fix crash when shutdown is issued from a non-tty. (LP: #1553040)
++ * networkd: Stay running while any non-loopback interface is up.
++ (Closes: #819414)
++ * Fix reading uint32 D-Bus properties on big-endian.
++ * Fix crash if an udev device has many tags or devlinks. (LP: #1564976)
++ * systemctl, loginctl, etc.: Don't start polkit agent when running as root.
++ (LP: #1565617)
++ * keymap: Add Add HP ZBook (LP: #1535219) and HP ProBook 440 G3.
++ * systemd.resource-control.5: Fix links to cgroup documentation on
++ kernel.org. (Closes: #819970)
++ * Install test-udev into libudev-dev, so that we have it available for
++ autopkgtests.
++ * Add "udev" autopkgtest for running the upstream test/udev-test.pl.
++
++ -- Martin Pitt <mpitt@debian.org> Thu, 07 Apr 2016 08:11:10 +0200
++
++systemd (229-3) unstable; urgency=medium
++
++ [ Martin Pitt ]
++ * debian/tests/timedated: Add tests for "timedatectl set-local-rtc".
++ * Be more tolerant in parsing /etc/adjtime.
++ * debian/systemd.postinst: Don't fail package installation if systemctl
++ daemon-reload trigger fails. This does not fix the root cause of the
++ reload failures, but at least causes fewer packages to be in a broken
++ state after upgrade, so that a reboot or apt-get -f install have a much
++ higher chance in succeeding. (For bugs like LP #1502097 or LP #1447654)
++ * debian/tests/networkd: Skip test_hogplug_dhcp_ip6 when running against
++ upstream as well.
++ * debian/tests/boot-and-services: Wait for units to stop with a "systemctl
++ is-active" loop instead of static sleeps.
++ * debian/tests/networkd: Skip DHCPv6 tests for downstream packages too. This
++ is an actual regression in networkd-229, to be investigated. But this
++ shouldn't hold up reverse dependencies.
++ * Fix assertion in add_random(). (LP: #1554861)
++ * debian/tests/boot-and-services: Don't assert on "Stopped Container c1"
++ message in NspawnTests.test_service(), this is sometimes not present. Just
++ check that the unit did not fail.
++ * Add "adduser" dependency to systemd-coredump, to quiesce lintian.
++ * Bump Standards-Version to 3.9.7 (no changes necessary).
++ * Fix timespec parsing by correctly initializing microseconds.
++ (Closes: #818698, LP: #1559038)
++ * networkd: Add fallback if FIONREAD is not supported. (Closes: #818488)
++ * Cherry-pick various fixes from upstream master.
++ - Fixes logout when changing the current target. (Closes: #805442)
++
++ [ Evgeny Vereshchagin ]
++ * debian/tests/boot-and-services: Search systemd-coredump's output by
++ SYSLOG_IDENTIFIER.
++ * Add missing "Recommends: btrfs-tools" to systemd-container.
++ * Add systemd-coredump postinst/prerm to start/stop systemd-coredump.socket
++ without a reboot. (Closes: #816767)
++
++ [ Felipe Sateler ]
++ * Set the paths of loadkeys and setfont via configure arguments, not a patch
++
++ -- Martin Pitt <mpitt@debian.org> Mon, 21 Mar 2016 14:11:44 +0100
++
++systemd (229-2) unstable; urgency=medium
++
++ * time-util: map ALARM clockids to non-ALARM clockids in now(), to work on
++ architectures which don't support CLOCK_BOOTTIME_ALARM. Fixes FTBFS on
++ many architectures.
++ * debian/systemd.postinst: Add missing newline to /etc/adjtime migration.
++ (See #699554)
++ * debian/systemd.postinst: Only try to enable tmp.mount if we actually
++ copied it to /etc. Don't try to enable a generated unit. (LP: #1545707)
++ * debian/tests/boot-and-services: Increase timeouts of test_bash_crash from
++ 5 to 10 seconds, and sync the journal after every iteration.
++ * debian/extra/checkout-upstream: Try again after one minute if git checkout
++ fails, to avoid failures from transient network errors.
++ * debian/tests/systemd-fsckd: Use grub.d/50-cloudimg-settings.cfg as a
++ template for generating our custom one instead of 90-autopkgtest.cfg. The
++ latter does not exist on non-x86 architectures and is not relevant for
++ this test.
++ * debian/tests/boot-and-services: Skip journal test for test_bash_crash when
++ running against upstream, as this currently fails most of the time. To be
++ investigated.
++ * debian/tests/networkd: Skip test_coldplug_dhcp_ip6 when running against
++ upstream, as this is brittle there. To be investigated.
++ * debian/tests/bootchart: Skip test if bootchart is not available or
++ testing in upstream mode. bootchart got removed from master and will be
++ moved to a separate repository.
++ * debian/tests/boot-and-services: Show verbose journal output on failure in
++ nspawn test, and sync journal before.
++ * Move systemd-coredump socket and service into systemd-coredump binary
++ package.
++ * Revert changing the default core dump ulimit and core_pattern. This
++ completely breaks core dumps without systemd-coredump. It's also
++ contradicting core(8). (Closes: #815020)
++ * Fix addresses for type "sit" tunnels. (Closes: #816132)
++ * networkd: Go back to letting the kernel handle IPv6 router advertisements,
++ as networkd's own currently has too many regressions. Thanks to Stefan
++ Lippers-Hollmann for investigating this! (Closes: #814566,
++ #814667, #815586, #815884, #815793)
++
++ -- Martin Pitt <mpitt@debian.org> Sun, 28 Feb 2016 22:16:12 +0100
++
++systemd (229-1) unstable; urgency=medium
++
++ * New upstream release 229.
++ - Fix systemctl behaviour in chroots. (Closes: #802780)
++ - Fix SELinux context of /run/user/$UID. (Closes: #775651)
++ - Add option to optionally turn of color output. (Closes: #783692)
++ - Don't git-ignore src/journal-remote/browse.html. (Closes: #805514)
++ - Do not warn about Wants depencencies on masked units. (LP: #1543282)
++ * debian/systemd.install: Ship the new systemd-resolve.
++ * libsystemd0.symbols: Add new symbols from this release.
++ * systemd-coredump.postinst: Create systemd-coredump system user.
++ * debian/tests/systemd-fsckd: Tame overly strict test for failed plymouth
++ unit, which is a race condition with plymouthd auto-stopping.
++ (LP: #1543144)
++ * Drop timedated-don-t-rely-on-usr-being-mounted-in-the-ini.patch.
++ initramfs-tools has mounted /usr since Jessie, and tzdata now creates
++ /etc/localtime as a symlink too (see #803144).
++ * Use-different-default-paths-for-various-binaries.patch: Drop path changes
++ for setcap (which is already a build dep and not used at all) and sulogin
++ (which is now in util-linux).
++ * Remove obsolete udev maintainer script checks:
++ - Drop check for kernel >= 2.6.32, which released in 2009.
++ - Drop restarting of some daemons due to the devtmpfs migration, which
++ happened before the above kernel even.
++ - Drop support for forcing upgrades on kernels known not to work via
++ /etc/udev/kernel-upgrade. Don't pretend that this would help, as users
++ could end up with a non-bootable system. Always fail early in preinst
++ when it's still possible to install a working kernel.
++ - Drop postinst test for "running in containers" -- it's actually possible
++ to run udev in containers if you mount /sys r/w and you know what you
++ are doing. Also, the init.d script and systemd service do that check
++ again.
++ - Keep the kernel feature and chroot checks, as these are still useful.
++ Simplify check_kernel_features() by eliminating some variables.
++ - Drop debconf templates. Two of them are obsolete, and having
++ CONFIG_SYSFS_DEPRECATED is now so implausible that this doesn't warrant
++ the overhead and translator efforts.
++ * Drop debian/tests/ifupdown-hotplug. The units moved into ifupdown, so the
++ test should go there too (see #814312).
++ * debian/tests/control: Reorder tests and add a comment which ones should
++ not be run for an upstream build.
++ * debian/tests/control: Rearrange tests and avoid removing test dependencies
++ to minimize testbed resets.
++ * Add debian/extra/checkout-upstream: Script to replace the current
++ source with a checkout of an upstream pull request, branch, or commit,
++ and remove debian/patches/. Call from debian/rules if $TEST_UPSTREAM is
++ set. This will be used for upstream CI.
++ * Enable seccomp support on powerpc, ppc64el, and s390x.
++
++ -- Martin Pitt <mpitt@debian.org> Thu, 11 Feb 2016 21:02:39 +0100
++
++systemd (228-6) unstable; urgency=medium
++
++ * Make-run-lock-tmpfs-an-API-fs.patch: Drop /run/lock from
++ tmpfiles.d/legacy.conf to avoid the latter clobbering the permissions of
++ /run/lock. Fixes fallout from cleanup in -5 that resulted /run/lock to
++ have 0755 permissions instead of 1777. (LP: #1541775)
++
++ -- Martin Pitt <mpitt@debian.org> Thu, 04 Feb 2016 11:46:54 +0100
++
++systemd (228-5) unstable; urgency=medium
++
++ [ Martin Pitt ]
++ * Drop systemd-vconsole-setup.service: It has never been installed/used in
++ Debian and is not necessary for Ubuntu any more.
++ * Drop halt-local.service. This has never been documented/used in Debian.
++ (LP: #1532553)
++ * debian/extra/initramfs-tools/scripts/init-bottom/udev: Prefer "nuke"
++ again, it comes from klibc-utils. But fall back to "rm" if it does not
++ exist.
++ * systemd-timesyncd.service.d/disable-with-time-daemon.conf: Also don't run
++ if /usr/sbin/VBoxService exists, as virtualbox-guest-utils already
++ provides time synchronization with the host. (Closes: #812522)
++ * Drop Michael Stapelberg from Uploaders:, he stopped maintenance long ago.
++ Thanks Michael for your great work in the past!
++ * Replace "sysv-rc" dependency with Conflicts: openrc, file-rc. The
++ rationale from #739679 still applies, but with the moving of
++ {invoke,update}-rc.d to init-system-helpers we don't actually need
++ anything from sysv-rc any more other than the assumption that SysV init
++ scripts are enabled in /etc/rc?.d/ for the SysV generator to work (and
++ file-rc and openrc don't do that).
++ * debian/tests/timedated: Verify /etc/localtime symlink. Skip verifying the
++ /etc/timezone file (which is Debian specific) if $TEST_UPSTREAM is set.
++ * debian/tests/localed-locale: Check /etc/locale.conf if $TEST_UPSTREAM is
++ set.
++ * debian/tests/localed-x11-keymap: Test /etc/X11/xorg.conf.d/00-keyboard.conf
++ if $TEST_UPSTREAM is set.
++ * debian/tests/boot-and-services: Check for reaching graphical.target
++ instead of default.target, as the latter is a session systemd state only.
++ * debian/tests/boot-and-services: Skip tests which are known to fail/not
++ applicable with testing upstream builds.
++ * Drop Fix-up-tmpfiles.d-permissions-properly.patch:
++ - /run/lock is already created differently by
++ Make-run-lock-tmpfs-an-API-fs.patch, and contradicts to that.
++ - /run/lock/lockdev/ isn't being used anywhere and got dropped
++ upstream; backport the patch (tmpfiles-drop-run-lock-lockdev.patch).
++ - Move dropping of "group:wheel" (which has never existed in Debian) into
++ debian/rules, to also catch occurrences in other parts of the file which
++ the static patch would overlook.
++ * Shorten persistent identifier for CCW network interfaces (on s390x only).
++ (LP: #1526808)
++ * debian/rules: If $TEST_UPSTREAM is set (when building/testing upstream
++ master instead of distro packages), don't fail on non-installed new files
++ or new library symbols.
++ * Add systemd-sysv conflict to upstart-sysv, and version the upstart
++ conflict. This works with both Debian's and Ubuntu's upstart packages.
++
++ [ Michael Biebl ]
++ * Drop support for the /etc/udev/disabled flag file. This was a workaround
++ for udev failing to install with debootstrap because it didn't use
++ invoke-rc.d and therefor was not compliant with policy-rc.d. See #520742
++ for further details. This is no longer the case, so supporting that file
++ only leads to confusion about its purpose.
++ * Retrigger cleanup of org.freedesktop.machine1.conf and
++ hwclock-save.service now that dpkg has been fixed to correctly pass the
++ old version to postinst on upgrade. (Closes: #802545)
++ * Only ship *.link files as part of the udev package. The *.network files
++ are solely used by systemd-networkd and should therefor be shipped by the
++ systemd package. (Closes: #808237)
++ * Cherry-pick a few fixes from upstream:
++ - Fix unaligned access in initialize_srand(). (Closes: #812928)
++ - Don't run kmod-static-nodes.service if module list is empty. This
++ requires kmod v23. (Closes: #810367)
++ - Fix typo in systemctl(1). (Closes: #807462)
++ - Fix systemd-nspawn --link-journal=host to not fail if the directory
++ already exists. (Closes: #808222)
++ - Fix a typo in logind-dbus.c. The polkit action is named
++ org.freedesktop.login1.power-off, not org.freedesktop.login1.poweroff.
++ - Don't log an EIO error in gpt-auto-generator if blkid finds something
++ which is not a partition table. (Closes: #765586)
++ - Apply ACLs to /var/log/journal and also set them explicitly for
++ system.journal.
++ * Only skip the filesystem check for /usr if the /run/initramfs/fsck-usr
++ flag file exists. Otherwise we break booting with dracut which uses
++ systemd inside the initramfs. (Closes: #810748)
++ * Update the instructions in README.Debian for creating /var/log/journal.
++ They are now in line with the documentation in the systemd-journald(8) man
++ page and ensure that ACLs and group permissions are properly set.
++ (Closes: #800947, #805617)
++ * Drop "systemctl daemon-reload" from lsb init-functions hook. This is no
++ longer necessary as invoke-rc.d and init-system-helpers take care of this
++ nowadays.
++
++ -- Martin Pitt <mpitt@debian.org> Wed, 03 Feb 2016 10:09:46 +0100
++
++systemd (228-4) unstable; urgency=medium
++
++ * debian/udev.README.Debian: Add alternative way of disabling ifnames.
++ (Closes: #809339)
++ * Put back /lib/udev/hotplug.functions, until the three remaining packages
++ that use it stop doing so. (Closes: #810114)
++ * debian/udev.README.Debian: Point out that any change to interface naming
++ rules requires an initrd update.
++
++ -- Martin Pitt <mpitt@debian.org> Mon, 11 Jan 2016 07:12:40 +0100
++
++systemd (228-3) unstable; urgency=medium
++
++ [ Martin Pitt ]
++ * debian/rules: Remove temporary debug output from test failures again. All
++ Debian buildd kernels are recent enough now, but add a check for kernels
++ older than 3.13 and ignore test failures for those.
++ * debian/tests/networkd: Factor out dnsmasq specific test "router" setup, so
++ that we can test against other implementations.
++ * debian/tests/networkd: Add router setup using an (isolated) networkd
++ process for configuring the veths and DHCP server.
++ * debian/tests/networkd: On failure, only show journal for current test.
++ * systemd-networkd-resolvconf-update.service: Wait for getting a name
++ server, not just for getting online.
++ * debian/tests/boot-and-services: Wait until bash crash stack trace is in
++ the journal before asserting on it. Also relax RE to work on non-x86
++ architectures.
++ * debian/tests/networkd: If /etc/resolv.conf already has three nameservers,
++ accept that too (as then the additional test one can't be added any more).
++ * Fix FTBFS on x32. Thanks Helmut Grohne! (Closes: #805910)
++ * debian/tests/networkd: For IPv6 tests, also wait for IPv4 address to
++ arrive; s-n-wait-online already exits after getting an IPv6 address, but
++ we verify both.
++ * debian/tests/boot-and-services: Don't check for "Requesting system
++ poweroff" log message in nspawn test, current upstream master does not
++ write that any more. Instead check for "Stopped Container c1".
++ * Add "storage" autopkgtest. Initially this covers some basic use cases with
++ LUKS cryptsetup devices.
++ * Add acl build dependency (for <!nocheck>). Current upstream master now
++ needs it for some test cases.
++ * debian/extra/initramfs-tools/scripts/init-bottom/udev: Use "rm -rf"
++ instead of "nuke". The latter does not exist any more in current
++ initramfs-tools.
++ * Ignore test failures during "make check" if /etc/machine-id is missing
++ (like in ancient local schroots). (Closes: #807884)
++ * debian/extra/rules/80-debian-compat.rules: Remember which device got the
++ "cdrw", "dvd", or "dvdrw" symlink to avoid changing links on device
++ events. (Closes: #774080). Drop the rule for the "cdrom" symlink as that
++ is already created in 60-cdrom_id.rules.
++ * Eliminate "hotplug.functions" udev helper and put the logging functions
++ directly into net.agent. This simplifies the migration of the latter to
++ ifupdown.
++ * Adjust manpages to keep /usr/lib/systemd/{user*,boot,ntp-units.d,modules*}
++ paths, only keep /lib/systemd/{system*,network}. (Closes: #808997)
++ * debian/udev.README.Debian: Fix typo and slight wording improvement.
++ (Closes: #809513)
++ * Drop net.agent, 80-networking.rules, and ifup@.service. These moved to
++ ifupdown 0.8.5 now. Add Breaks: to earlier versions.
++
++ [ Michael Biebl ]
++ * Bump Build-Depends on libdw-dev to (>= 0.158) as per configure.ac.
++ (Closes: #805631)
++ * Make sure all swap units are ordered before the swap target. This avoids
++ that swap devices are being stopped prematurely during shutdown.
++ (Closes: #805133)
++ * Drop unneeded /etc/X11/xinit/xinitrc.d/50-systemd-user.sh from the package
++ and clean up the conffile on upgrades. We have the dbus-user-session
++ package in Debian to properly enable the D-Bus user-session mode which
++ also takes care of updating the systemd --user environment.
++ (Closes: #795761)
++ * Stop testing for unknown arguments in udev maintainer scripts.
++ * Drop networking.service.d/systemd.conf. The ifupdown package now ships a
++ proper service file so this drop-in file is no longer necessary.
++
++ [ Andreas Henriksson ]
++ * Fix LSB init hook to not reload masked services. (Closes: #804882)
++
++ -- Martin Pitt <mpitt@debian.org> Sat, 02 Jan 2016 17:42:56 +0100
++
++systemd (228-2) unstable; urgency=medium
++
++ * Remove wrong endianness conversion in test-siphash24 to fix FTBFS on
++ big-endian machines.
++ * Bump libseccomp-dev build dependency to indicate required versions for
++ backporting to jessie. (Closes: #805497)
++
++ -- Martin Pitt <mpitt@debian.org> Thu, 19 Nov 2015 11:37:45 +0100
++
++systemd (228-1) unstable; urgency=medium
++
++ [ Martin Pitt ]
++ * New upstream release:
++ - Fix journald killing by watchdog. (Closes: #805042)
++ - Drop check for /etc/mtab. (Closes: #802025)
++ - Follow unit file symlinks in /usr, but not /etc when looking for
++ [Install] data, to avoid getting confused by Aliases. (Closes: #719695)
++ - journalctl: introduce short options for --since and --until.
++ (Closes: #801390)
++ - journald: Never accept fds from file systems with mandatory locking.
++ (LP: #1514141)
++ - Put nspawn containers in correct slice. (LP: #1455828)
++ * Cherry-pick some networkd fixes from trunk to fix regressions from 228.
++ * debian/rules: Configure with --as-needed to avoid unnecessary binary
++ dependencies.
++ * systemd-networkd-resolvconf-update.service: Increase StartLimitBurst, as
++ this might be legitimately called several times in quick succession. If
++ that part of the "networkd" autopkgtest fails, show the journal log for
++ that service for easier debugging.
++ * debian/tests/boot-and-services: Add test case for systemd-coredump.
++ * Add systemd-coredump postinst/prerm to enable/disable this without a
++ reboot.
++ * debian/tests/networkd: Check for systemd-networkd-wait-online in /usr as
++ well, for usage in other distros.
++ * debian/tests/logind: Skip suspend test if the kernel does not support
++ suspend.
++ * debian/tests/logind: Split tests into functions.
++ * debian/tests/boot-and-services: Ignore failures of console-setup.service,
++ to work around LP: #1516591.
++ * debian/tests/control: Restrict boot-smoke test to isolation-machine, it
++ does not currently work well in LXC.
++ * debian/tests/networkd: Add new test cases for "DHCP=all, IPv4 only,
++ disabling RA" (which should always be fast), "DHCP=all, IPv4 only" (which
++ will require a longer timeout due to waiting 12s for a potential IPv6 RA
++ reply), and "DHCP=ipv4" (with and without RA).
++ * debian/tests/networkd: Fix UnicodeDecodeError under 'C' locale.
++ * debian/tests/networkd: Show networkctl and journal output on failure.
++ * debian/tests/networkd: Fix bytes vs. string TypeError in the IPv6 polling.
++ (LP: #1516009)
++ * debian/tests/networkd: Show contents of test .network file on failure.
++ * debian/tests/networkd: Skip if networkd is already running (safer when
++ running on real systems), and add copyright header.
++ * Bump util-linux dependencies to >= 2.27.1 to ensure that the mount monitor
++ ignores /etc/mtab.
++
++ [ Felipe Sateler ]
++ * Enable elfutils support for getting stack traces for systemd-coredump.
++ * libnss-my{machines,hostname}.postrm: do not remove entries from
++ nsswitch.conf if there are packages from other architectures remaining.
++
++ [ Michael Biebl ]
++ * Drop systemd-setup-dgram-qlen.service. This has been made obsolete by
++ upstream commit 1985486 which bumps net.unix.max_dgram_qlen to 512 early
++ during boot.
++ * Various cleanups to the udev maintainer scripts:
++ - Remove unused tempdir() function.
++ - Properly stop udev daemon on remove.
++ - Stop killing udev daemon on failed upgrades and drop the corresponding
++ starts from preinst.
++ - Stop masking systemd-udevd.service and udev.service during upgrades. We
++ restart the udev daemon in postinst, so those masks seem unnecessary.
++
++ -- Martin Pitt <mpitt@debian.org> Wed, 18 Nov 2015 16:11:59 +0100
++
++systemd (227-3) unstable; urgency=medium
++
++ [ Martin Pitt ]
++ * debian/tests/logind: Add tests for scheduled shutdown with and without
++ wall message.
++ * Import upstream fix for not unmounting system mounts (#801361) and drop
++ our revert patch.
++ * debian/tests/boot-smoke: Apply check for failed unmounts only to user
++ systemd processes, i. e. not to pid 1.
++ * Drop Fix-usr-remount-failure-for-split-usr.patch. Jessie has a new enough
++ initramfs-tools already, and this was just an error message, not breaking
++ the boot.
++ * Drop debian-fixup.service in favor of using a tmpfiles.d clause, which is
++ faster.
++ * Drop Order-remote-fs.target-after-local-fs.target.patch. It's mostly
++ academic and only applies to the already known-broken situation that rcS
++ init.d scripts depend on $remote_fs.
++ * Replace reversion of sd_pid_notify_with_fds() msg_controllen fix with
++ proper upstream fix to never block on sending messages on NOTIFY_SOCKET
++ socket.
++ * Drop check for missing /etc/machine-id on "make check" failure; this isn't
++ happening on current buildds any more.
++ * Drop Disable-tests-which-fail-on-buildds.patch, to re-evaluate what still
++ fails and needs fixing. On failure, show kernel version and /etc/hosts
++ to be able to debug them better. The next upload will make the necessary
++ adjustments to fix package builds again.
++
++ [ Michael Biebl ]
++ * Drop dependency on udev from the systemd package. We don't need udev
++ within a container, so this allows us to trim down the footprint by not
++ installing the udev package. As the udev package has Priority: important,
++ it is still installed by default though.
++ * Include the status of the udev package when filing a bug report against
++ systemd, and vice versa.
++ * Use filter instead of findstring, since findstring also matches
++ substrings and we only want direct matches.
++ * systemd.bug-script: Fix typo. (Closes: #804512)
++ * Re-add bits which call SELinux in systemd-user pam service.
++ (Closes: #804565)
++
++ [ Felipe Sateler ]
++ * Add libnss-resolve package. (Closes: #798905)
++ * Add systemd-coredump package. This Conflicts/Replaces/Provides a new
++ "core-dump-handler" virtual package. (Closes: #744964)
++
++ -- Martin Pitt <mpitt@debian.org> Wed, 11 Nov 2015 15:04:26 +0100
++
++systemd (227-2) unstable; urgency=medium
++
++ * Revert "sd_pid_notify_with_fds: fix computing msg_controllen", it causes
++ connection errors from various services on boot. (Closes: #801354)
++ * debian/tests/boot-smoke: Check for failed unmounts. This reproduces
++ #801361 (but not in a minimal VM, just in a desktop one).
++ * Revert "core: add a "Requires=" dependency between units and the
++ slices they are located in". This causes user systemd instances to try and
++ unmount system mounts (and succeed if you login as root).
++ (Closes: #801361)
++
++ -- Martin Pitt <mpitt@debian.org> Fri, 09 Oct 2015 12:34:27 +0200
++
++systemd (227-1) unstable; urgency=medium
++
++ * New upstream release.
++ - Bump watchdog timeout for shipped units to 3 min. (Closes: #776460)
++ - gpt-auto-generator: Check fstab for /boot entries. (Closes: #797326)
++ - Fix group of RuntimeDirectory dirs. (Closes: #798391)
++ - Support %i (and other macros) in RuntimeDirectory. (Closes: #799324)
++ - Bump util-linux/libmount-dev dependencies to >= 2.27.
++ * debian/libsystemd0.symbols: Add new symbols for this release.
++ * debian/extra/initramfs-tools/hooks/udev: Copy all
++ /etc/udev/rules.d/*.rules rules which are not merely overriding the one in
++ /lib/, not just 70-persistent-net.rules. They might contain network names
++ or other bits which are relevant for the initramfs. (Closes: #795494)
++ * ifup@.service: Drop PartOf=network.target; we don't want to stop these
++ units during shutdown. Stopping networking.service already shuts down the
++ interfaces, but contains the safeguard for NFS or other network file
++ systems. Isolating emergency.target still keeps working as before as well,
++ as this also stops networking.service. (Closes: #761909, LP: #1492546)
++
++ -- Martin Pitt <mpitt@debian.org> Thu, 08 Oct 2015 11:34:35 +0200
++
++systemd (226-4) unstable; urgency=medium
++
++ * debian/tests/logind: Be more verbose on failures.
++ * Revert networkd calling if-{up,post-down}.d/ scripts. About half of the
++ existing hooks are not relevant or even actively detrimental when running
++ with networkd. For the relevant ones, a lot of them should be fixed in the
++ projects themselves (using IP_FREEBIND etc.). (Closes: #798625)
++ * Add systemd-networkd-resolvconf-update.{path,service} units to send DNS
++ server updates from networkd to resolvconf, if installed and enabled.
++ * Don't restart logind on upgrades any more. This kills X.org (#798097)
++ while logind doesn't save/restore its open fds (issue #1163), and also
++ gets confused about being idle in between (LP: #1473800)
++
++ -- Martin Pitt <mpitt@debian.org> Fri, 02 Oct 2015 13:44:28 +0200
++
++systemd (226-3) unstable; urgency=medium
++
++ [ Martin Pitt ]
++ * README.Debian: Fix "other" typo. Thanks Salvatore Bonaccorso.
++ (Closes: #798737)
++
++ [ Michael Biebl ]
++ * Stop building the compat library packages and drop them for good.
++ * Update debian/copyright.
++
++ -- Michael Biebl <biebl@debian.org> Sat, 19 Sep 2015 19:06:51 +0200
++
++systemd (226-2) unstable; urgency=medium
++
++ * debian/udev.init: Mount /dev file system with nosuid. (LP: #1450960)
++ * udev.postinst: udev 226 introduced predictable interface names for virtio.
++ Create /etc/systemd/network/50-virtio-kernel-names.link on upgrade to
++ disable this, to avoid changing e. g. "eth0" to "ens3" in QEMU instances
++ and similar environments. (Closes: #799034)
++
++ -- Martin Pitt <mpitt@debian.org> Tue, 15 Sep 2015 15:21:09 +0200
++
++systemd (226-1) unstable; urgency=medium
++
++ [ Martin Pitt ]
++ * New upstream release:
++ - Fix scheduled shutdown to not shut down immediately. (Closes: #797763)
++ - Fix description of CPE_NAME in os-release(5). (Closes: #797768)
++ * debian/libsystemd0.symbols: Add new symbols from this release.
++ * Enable libseccomp support for mips64, mips64el, and x32. (Closes: #797403)
++ * debian/tests/networkd: Add hotplug tests.
++ * Make networkd call if-up.d/ scripts when it brings up interfaces, to
++ become compatible with ifupdown and NetworkManager for packages shipping
++ hooks. (LP: #1492129)
++ - Add debian/extra/systemd-networkd-dispatcher.c: suid root wrapper for
++ calling if-up.d/ or if-post-down.d/ hook scripts. Install it as
++ root:systemd-networkd 4754 so that only networkd can run it.
++ - Add networkd-call-systemd-networkd-dispatcher-when-links.patch: Call the
++ above wrapper when links go up/down.
++ - debian/tests/networkd: Verify that if-up.d/ and if-post-down.d/ scripts
++ get run for a networkd managed interface.
++ - Note that if-pre-up.d/ and if-down.d/ scripts are *not* being called, as
++ they are often not applicable for networkd (if-pre-up.d) and unreliable
++ (if-down.d).
++ * Drop udev-finish. We needed this for the autogenerated CD and network
++ interface names, but both are gone now.
++ * Drop debian/udev.udev-fallback-graphics.upstart. The vesafb module has
++ been compiled into the kernel in both Debian and Ubuntu for a fair while,
++ this never had a systemd equivalent, and Debian never shipped the
++ accompanying rules for determining $PRIMARY_DEVICE_FOR_DISPLAY.
++ * debian/control: Remove some boilerplate from the long descriptions, to
++ more easily get to the point what a specific package actually does.
++ * debian/README.Debian: As systemd is the default init now, replace the
++ documentation how to switch to systemd with how to switch back
++ (temporarily or permanently) to SysV init. Also move that paragraph to the
++ bottom as it's now less important.
++ * debian/README.Debian: Add a hint why you may want to enable persistent
++ journal, and suggest to uninstall system-log-daemon to avoid duplicate
++ logging.
++ * debian/README.Debian: Add documentation about networkd integration.
++ * Rename 01-mac-for-usb.link to 90-mac-for-usb.link so that it becomes
++ easier to override.
++ * debian-fixup.service just has one purpose now (make /etc/mtab a symlink),
++ so drop the debian/extra/debian-fixup shell script and put the ln command
++ directly into debian-fixup.service. Update the description.
++ * debian/tests/networkd: Check that /etc/resolv.conf gets the DHCP's
++ nameserver in case it is a symlink (i. e. dynamically managed by
++ systemd-resolved or resolvconf).
++ * systemd-networkd-dispatcher: Also pass on the DNS server list to if-up.d/
++ as $IF_DNS_NAMESERVERS, so that resolvconf or similar programs work as
++ expected.
++ * Drop debian/systemd-journal-remote.postrm: Removing system users is
++ potentially dangerous (there might be a leftover process after purging).
++
++ [ Michael Biebl ]
++ * Drop libsystemd-login-dev. All reverse dependencies have been updated to
++ use libsystemd-dev directly.
++ * Update build instructions to use "gbp clone" instead of "gbp-clone" as all
++ gbp-* commands have been removed from git-buildpackage.
++
++ -- Martin Pitt <mpitt@debian.org> Thu, 10 Sep 2015 16:53:53 +0200
++
++systemd (225-1) unstable; urgency=medium
++
++ [ Martin Pitt ]
++ * New upstream release.
++ - Fixes FTBFS on alpha. (Closes: #792551)
++ - Fixes machined state tracking logic. (Closes: #788269)
++ * Add better fix for "systemctl link/enable" breakage with full paths.
++ (LP: #1480310)
++ * debian/rules: Add missing $(dh_options) in overridden debhelper targets.
++
++ [ Felipe Sateler ]
++ * Move conffile from systemd to systemd-container package (Closes: #797048)
++
++ [ Michael Biebl ]
++ * Drop unnecessary Conflicts/Replaces from systemd-journal-remote.
++ None of the files in this package were previously shipped by systemd.
++ * Create system users for systemd-journal-{gateway,remote,upload} when
++ installing the systemd-journal-remote package.
++ * Explicitly turn off the features we don't want in a stage1 build.
++ Otherwise ./configure might enable them automatically if the build
++ dependencies are installed and "dh_install --fail-missing" will then fail
++ due to uninstalled files.
++ * Enable GnuTLS support as systemd-journal-remote makes sense mostly with
++ encryption enabled.
++ * Rely on build profiles to determine which packages should be skipped
++ during build and no longer specify that manually.
++ * Drop our patch which removes rc-local-generator.
++ rc-local.service acts as an ordering barrier even if its condition is
++ false, because conditions are evaluated when the service is about to be
++ started, not when it is enqueued. We don't want this ordering barrier on
++ systems that don't need/use /etc/rc.local.
++
++ -- Michael Biebl <biebl@debian.org> Sun, 30 Aug 2015 21:18:59 +0200
++
++systemd (224-2) unstable; urgency=medium
++
++ [ Martin Pitt ]
++ * Skip systemd-fsckd autopkgtest if /run/initramfs/fsck-root exists, i. e.
++ the initramfs already ran fsck.
++ * Fix broken ACL in tmpfiles.d/systemd.conf. (Closes: #794645, LP: #1480552)
++ * Add debian/tests/unit-config: Test "systemctl link"; reproduces LP#1480310.
++ * Add a hack to unbreak "systemctl link". (LP: #1480310)
++ * debian/extra/rules-ubuntu/40-hyperv-hotadd.rules: Also apply to Xen, and
++ rename to 40-vm-hotadd.rules.
++ * Fix networkd crash. (Closes: #796358)
++ * debian/rules: Remove all files/empty dirs in systemd which are already
++ shipped by systemd-* or udev, instead of an explicit list.
++ * Bump "mount" dependency to >= 2.26, to ensure "swapon -o" availability.
++ (Closes: #796389)
++ * Install /lib/systemd/network/* into udev instead of systemd, as it's
++ really udev which is evaluating these.
++ * Split out "systemd-container" package with machined and nspawn and enable
++ importd. Add new libbz2-dev, zlib1g-dev, and libcurl-dev build deps.
++ (LP: #1448900)
++ * Move transitional libgcrypt11-dev build dep to libgcrypt20-dev.
++ * debian/rules: Limit check for libraries in /usr to systemd and udev
++ packages, as other packages like systemd-containers can (and do) link to
++ /usr.
++ * Build-depend on dpkg-dev (>= 1.17.14) and bump debhelper version for build
++ profiles support.
++ * Drop "display-managers" autopkgtest, obsolete with dropped
++ default-display-manager-generator.
++ * boot-and-services autopkgtest: Add systemd-container test dependency for
++ the nspawn tests.
++ * Don't enable audit support when building with "stage1" profile, to avoid
++ circular build dep.
++
++ [ Helmut Grohne ]
++ * Improve support for cross-building and bootstrapping.
++
++ [ Michael Biebl ]
++ * Drop default-display-manager-generator. All major desktops now use a
++ display manager which support the new scheme and setup the
++ /etc/systemd/system/display-manager.service symlink correctly.
++ * Add new binary package "systemd-journal-remote" with tools for
++ sending/receiving remote journal logs:
++ systemd-journal-{remote,upload,gatewayd}. (Closes: #742802, LP: #1480952)
++
++ -- Martin Pitt <mpitt@debian.org> Tue, 25 Aug 2015 12:40:35 +0200
++
++systemd (224-1) unstable; urgency=medium
++
++ * New upstream release.
++ * boot-and-services autopkgtest: Ignore thermald. Since 1.4.3-2 it starts by
++ default, but fails in most virtual envs.
++
++ -- Martin Pitt <mpitt@debian.org> Sat, 01 Aug 2015 13:38:57 +0200
++
++systemd (223-2) unstable; urgency=medium
++
++ * Don't enable gnu-efi on ARM. It FTBFSes and cannot really be tested now as
++ there is no available hardware.
++ * debian/extra/initramfs-tools/hooks/udev: Don't fail if
++ /etc/systemd/network/ does not exist. (Closes: #794050)
++
++ -- Martin Pitt <mpitt@debian.org> Thu, 30 Jul 2015 08:25:51 +0200
++
++systemd (223-1) unstable; urgency=medium
++
++ * New upstream release:
++ - Fix systemd-bootchart crash. (Closes: #792403)
++ - Trim list of files in /usr/share/doc/systemd/. (Closes: #791839)
++ - Fix "Invalid argument" failure with some journal files.
++ (Closes: #792090)
++ - tmpfiles: Don't recursively descend into journal directories in /var.
++ (Closes: #791897)
++ - Don't frequently wake up on disabled TimeoutIdleSec=, in particular in
++ automount timers. (LP: #1470845)
++ - tmpfiles: Don't delete lost+found/. (Closes: #788193)
++
++ [ Michael Biebl ]
++ * udev: Remove obsolete rm_conffile/mv_conffile functions from udev.preinst.
++ The udev package is using dpkg-maintscripts-helper now to remove obsolete
++ conffiles.
++ * systemd: Remove obsolete conffile clean up from pre-wheezy.
++ * udev-udeb: Remove scsi_wait_scan hack from the start-udev script as well.
++
++ [ Martin Pitt ]
++ * Enable GNU EFI support and add gnu-efi build dep. This enables/ships the
++ systemd EFI boot loader. (Closes: #787720, LP: #1472283)
++ * networkd autopkgtest: More robust/forceful killing of dnsmasq.
++ * ifup@.service: Drop "oneshot" to run ifup in the background during boot.
++ This avoids blocking network.target on boot with unavailable hotplug
++ interfaces in /etc/network/interfaces. (Closes: #790669, LP: #1425376)
++ * systemd.postinst: Avoid confusing error message about
++ /run/systemd/was-enabled not existing on reconfiguring.
++ * debian/extra/initramfs-tools/hooks/udev: Drop some redundant code.
++ * Fix networkd-wait-online -i to properly wait for the given interfaces
++ only.
++ * Drop debian/extra/base-installer.d/05udev: We use net.ifnames by default
++ now, thus we don't need to copy 70-persistent-*.rules any more.
++ * debian/extra/start-udev: Run d-i's udevd with "notice" log level, just
++ like we did in the initramfs in 219-10.
++ * Fix size explosion of networkd (post-223 patch from trunk).
++
++ [ Julian Wollrath ]
++ * Copy all .link interface naming definitions to initramfs. (Closes: #793374)
++
++ [ Felipe Sateler ]
++ * nss-my*.postinst: configure at the end of the hosts line, not before
++ files. (Closes: #789006)
++
++ -- Martin Pitt <mpitt@debian.org> Thu, 30 Jul 2015 00:02:26 +0200
++
++systemd (222-2) unstable; urgency=medium
++
++ [ Adam Conrad ]
++ * debian/udev-udeb.install: Install new bits for net.ifnames (LP: #1473542)
++ * debian/extra/initramfs-tools/hooks/udev: Do the same for initramfs-tools.
++
++ [ Martin Pitt ]
++ * emergency.service: Wait for plymouth to shut down. Fixes invisible
++ emergency shell with plymouth running endlessly. (LP: #1471258)
++ * Add "networkd" autopkgtest. Covers basic DHCP on IPv4 and IPv4+6 on a veth
++ device.
++
++ [ Michael Biebl ]
++ * Bump package priorities of systemd and systemd-sysv to important to match
++ what has been used in the Debian archive since Jessie.
++ * Drop scsi_wait_scan hack from the udev initramfs-tools script. This Linux
++ kernel module has been broken since 2.6.30 and as a result was removed in
++ 3.5. The Debian Jessie kernel no longer ships this module.
++ (Closes: #752775)
++ * Drop libsystemd-journald-dev and libsystemd-id128-dev. There are no
++ reverse dependencies left and we want to avoid new packages picking up
++ a build dependency on those obsolete transitional packages.
++
++ -- Michael Biebl <biebl@debian.org> Wed, 15 Jul 2015 23:51:15 +0200
++
++systemd (222-1) unstable; urgency=medium
++
++ [ Martin Pitt ]
++ * New upstream release:
++ - Fix reload killing BusName= units. (Closes: #746151)
++ - sysv-generator: detect invalid names and escape them. (Closes: #677075)
++ - Document removal of PIDFile on daemon shutdown. (Closes: #734006)
++ - Drop Revert-rules-fix-tests-for-removable-state.patch, the auto-suspend
++ rules now got dropped entirely.
++ * Add Revert-VT-reuse-patches.patch: Revert a couple of logind VT reuse
++ patches which alternately broke lightdm and gdm.
++ * debian/libsystemd0.symbols: Add new symbols from this release.
++ * Disable test-netlink during package build, fails on some buildds.
++ * udev.postinst: Don't call addgroup with --quiet, so that if the "input"
++ group already exists as a non-system group you get a sensible error
++ message. Some broken tutorials forget the --system option.
++ (Closes: #769948, LP: #1455956)
++ * systemd.postinst: Drop the --quiet from the addgroup calls as well, same
++ reason as above. (Closes: #762275)
++ * udev: Drop doc dir symlinking. It has caused too much trouble and only
++ marginally helps to avoid duplication. Such duplication should be dealt
++ with at the distro, not package level.
++ * debian/rules: Entirely ignore $LD_PRELOAD instead of just libfakeroot in
++ the link check, to also avoid libeatmydata. (Closes: #790546)
++ * boot-and-services, display-managers autopkgtests: Install and configure
++ dummy X.org driver, so that these work in headless machines/VMs.
++ * systemd-fsckd autopkgtest: Stop using/asserting on lightdm, just check
++ that default.target is active. lightdm is prone to fail in test
++ environments, and fiddling with it in two other autopkgtests is
++ sufficient.
++ * debian/watch: Adjust to new upstream release model of only providing the
++ github tag tarballs.
++ * Drop dsl-modem.agent. It hasn't been maintained/tested for many years, few
++ if any people actually use this, and this doesn't belong into udev.
++
++ [ Michael Biebl ]
++ * Stop building the Python 3 bindings. They were split into a separate
++ source package upstream and are now built from src:python-systemd. See
++ http://lists.freedesktop.org/archives/systemd-devel/2015-July/033443.html
++ * Remove obsolete --disable-chkconfig configure option.
++ * Move the man pages for libnss-myhostname, libnss-mymachines and udev.conf
++ from systemd into the correct package. Move the zsh completion file for
++ udevadm into the udev package as well. Add Breaks/Replaces accordingly.
++ (Closes: #790879)
++ * Drop rules which remove pre-generated files before build. The upstream
++ tarball no longer ships any pre-generated files so this is no longer
++ necessary.
++ * Fix cleanup rule for Python byte code files.
++
++ -- Michael Biebl <biebl@debian.org> Wed, 08 Jul 2015 18:56:07 +0200
++
++systemd (221-1) unstable; urgency=medium
++
++ * New upstream release 221:
++ - Fix persistent storage links for Xen devices. (LP: #1467151)
++ - Drop all backported patches and port the others to new upstream release.
++ - debian/rules: Drop workarounds for broken 220 tarball, 221 is fine.
++
++ [ Michael Biebl ]
++ * initramfs hook: Stop installing 55-dm.rules, 64-md-raid.rules,
++ 60-persistent-storage-lvm.rules and 60-persistent-storage-dm.rules.
++ The mdadm, lvm2 and dmsetup package provide their own udev hooks nowadays
++ to make sure their udev rules files are installed into the initramfs.
++ Having the copy rules at two places is confusing and makes debugging
++ harder.
++ * Make it possible to skip building udeb packages via
++ DEB_BUILD_OPTIONS="noudeb". This allows quicker builds for local testing
++ and is benefical for derivatives that don't use d-i.
++ * Install API documentation for libudev and libsystemd in their respective
++ packages. Both libraries use man pages now, so we need to be explicit
++ about what is installed where.
++
++ [ Martin Pitt ]
++ * ifupdown-hotplug autopkgtest: Different cloud/desktop environments have
++ different ways of including /etc/network/interfaces.d/, try to get along
++ wit either and skip the test if interfaces.d/ does not get included at
++ all.
++ * Drop obsolete gtk-doc-tools build dependency, gtkdocize autoreconfig, and
++ ./configure options.
++ * libudev-dev.install: Drop gtk-doc files, not built by upstream any more
++ and replaced with manpages.
++ * libsystemd0.symbols: Add new symbols for this release.
++ * debian/rules: Fix paths in manpages as we don't currently have a merged
++ /usr in Debian but have most systemd things in /lib. This replaces the
++ previous huge and maintenance-intense patch.
++ * Drop Accept-mountall-specific-fstab-options.patch. Replaced with
++ systemd.postinst migration code in Ubuntu.
++ * Revert overly aggressive USB autosuspend udev rules change which broke
++ various USB keyboards. (Closes: #789723)
++ * Have rc-local.service output also go to the console. /etc/rc.local often
++ contains status messages which users expect to see during boot.
++ (LP: #1468102)
++ * debian/rules: Install udev.NEWS into libudev1, to get along with Debian's
++ udev -> libudev1 doc dir symlinking. (Closes: #790042)
++
++ -- Martin Pitt <mpitt@debian.org> Sun, 28 Jun 2015 12:05:36 +0200
++
++systemd (220-7) unstable; urgency=medium
++
++ [ Michael Biebl ]
++ * Enable seccomp support on arm64 as well.
++ * Replace the remainder of Fix-paths-in-man-pages.patch with an upstream
++ provided patch.
++
++ [ Martin Pitt ]
++ * Switch to net.ifnames persistent network interfaces (on new
++ installations/for new hardware), and deprecate the old
++ 75-persistent-net-generator.rules. See the ML discussion for details:
++ https://lists.debian.org/debian-devel/2015/05/msg00170.html
++ https://lists.debian.org/debian-devel/2015/06/msg00018.html
++ - Drop Make-net.ifnames-opt-in-instead-of-opt-out.patch, to use
++ net.ifnames by default.
++ - Revert-udev-network-device-renaming-immediately-give.patch: Adjust
++ patch comment.
++ - Drop 75-persistent-net-generator.rules, write_net_rules helper and
++ rule_generator.functions.
++ - Adjust udev's README.Debian accordingly, and describe the migration.
++ This needs to happen manually as there is no robust way of doing this
++ automatically.
++ - Add udev NEWS file for announcing this change and pointing to udev's
++ README.
++ - udev.postinst: Drop write_interfaces_rules().
++ - udev.postinst: Disable net.ifnames on systems which did not support
++ 75-persistent-net-generator.rules (most importantly, virtualized guests)
++ to avoid changing network interface names on upgrade.
++ - LP: #1454254
++ * fsckd-daemon-for-inter-fsckd-communication.patch: Add fsckd.c to
++ POTFILES.in.
++ * ifupdown-hotplug autopkgtest: Fix config name in interfaces.d/, it must
++ not have a suffix in Debian. Also clean up the file after the test.
++ * net.agent: When running under systemd, run everything in the foreground.
++ This avoids killing the forked child in the middle of its operation under
++ systemd when the parent exits.
++ * Check during build that systemd and systemd-journald don't link against
++ anything in /usr, to prevent bugs like #771652 and #788913 in the future.
++ * Drop Skip-99-systemd.rules-when-not-running-systemd-as-in.patch. The rules
++ mostly just attach tags systemd specific properties which are harmless
++ under other init systems, and systemd-sysctl also works there.
++ * 80-networking.rules: Only call agents for add|remove, as they don't handle
++ other events.
++ * Restore udev watches on block device changes. (Closes: #789060,
++ LP: #1466081)
++
++ -- Martin Pitt <mpitt@debian.org> Wed, 17 Jun 2015 22:48:53 +0200
++
++systemd (220-6) unstable; urgency=medium
++
++ * Enable seccomp support on the architectures that provide libseccomp.
++ (Closes: #760299)
++ * boot-and-services autopkgtest: Add SeccompTest for the above.
++ * boot-and-services autopkgtest: Check that we don't get an unwanted
++ tmp.mount unless /etc/fstab explicitly specifies it.
++ * Bump libcap-dev build dep to the version that provides libcap2-udeb.
++ (Closes: #787542)
++ * Stop installing tmp.mount by default; there are still situations where it
++ becomes active through dependencies from other units, which is surprising,
++ hides existing data in /tmp during runtime, and it isn't safe to have a
++ tmpfs /tmp on every install scenario. (Closes: #783509)
++ - d/rules: Ship tmp.mount in /usr/share/systemd/ instead of
++ /lib/systemd/systemd.
++ - systemd.postinst: When tmp.mount already was enabled, install tmp.mount
++ into /etc and keep it enabled.
++ - systemd.postinst: When enabling tmp.mount because of RAMTMP=yes, copy it
++ from /usr/share.
++ - Drop Don-t-mount-tmp-as-tmpfs-by-default.patch and
++ PrivateTmp-shouldn-t-require-tmpfs.patch, not necessary any more.
++
++ -- Martin Pitt <mpitt@debian.org> Thu, 11 Jun 2015 09:25:49 +0200
++
++systemd (220-5) unstable; urgency=medium
++
++ * debian/README.source: Upstream repository moved to github, adjust
++ cherry-picking instructions accordingly.
++ * debian/control: Replace obsolete Python2 version header with
++ X-Python3-Version.
++ * dracut: Fix path to systemd-fsck. (Closes: #787553)
++ * Ignore test failures during build if /etc/machine-id is missing (which is
++ the case in a few buildd chroots still). (Closes: #787258)
++ * debian/udev.README.Debian: Move network interface hotplug documentation
++ into separate section. Point out that "lo" does not need to be configured
++ in ifupdown under systemd.
++ * debian/udev.README.Debian: Document net.ifnames, and how to write udev
++ rules for custom network names.
++ * Add debian/extra/01-mac-for-usb.link: Use MAC based names for network
++ interfaces which are (directly or indirectly) on USB. Path based names
++ are inadequate for dynamic buses like USB.
++ * Fix another escape parsing regression in Exec*= lines. (Closes: #787256)
++ * Disable EFI support for udeb build.
++ * Refine detection of touch screen devices.
++
++ -- Martin Pitt <mpitt@debian.org> Sun, 07 Jun 2015 16:52:33 +0200
++
++systemd (220-4) unstable; urgency=medium
++
++ [ Martin Pitt ]
++ * debian/extra/initramfs-tools/scripts/init-top/udev: Drop $ROOTDELAY wait.
++ This does not concern udev in particular, but is handled by
++ initramfs-tools itself (scripts/local). The intention of this parameter is
++ not to statically wait for the given time, but wait *up to* that time for
++ the root device to appear.
++ * Add debian/extra/units/rc-local.service.d/wait-online.conf: Make
++ rc-local.service wait for network-online.target (if it gets started). This
++ not specified by LSB, but has been behaving that way in Debian under SysV
++ init and upstart. (LP: #1451797)
++ * Fix parsing of escape characters in Exec*= lines. (Closes: #787256)
++ * Drop path_is_mount_point-handle-false-positive-on-some-fs.patch (it was
++ already not applied in 220-1). This needs to be re-thought and re-done
++ against the current code, and overlayfs in general. On overlayfs this
++ still reports false positives for files that changed in the upperdir, but
++ this does not break systemd-machine-id-commit any more.
++ * Add debian/extra/rules/80-debian-compat.rules, replacing three of our
++ patches. These are independent udev rules to change device permissions and
++ add CD/DVD symlinks for compatibility with earlier Debian releases.
++
++ [ Michael Biebl ]
++ * Bump Depends on util-linux to make sure we have a sulogin implementation
++ which properly cleans up its children when emergency.service is restarted.
++ (Closes: #784238)
++ * Stop using /sbin/udevd and drop the compat symlink.
++ * Remove any vestiges of /dev/.udev/. This directory has been replaced by
++ /run/udev/ since wheezy.
++ * Drop udev migration code from pre-wheezy.
++
++ -- Martin Pitt <mpitt@debian.org> Tue, 02 Jun 2015 08:16:36 +0200
++
++systemd (220-3) unstable; urgency=medium
++
++ * Fix ProtectSystem=yes to actually protect /usr, not /home.
++ (Closes: #787343)
++ * sd-device: fix device_get_properties_strv(). Fixes environment for
++ processes spawned by udev, in particular "allow-hoplug" ifupdown
++ interfaces via ifup@.service. (Closes: #787263)
++ * Ignore test failures on mipsel; the three failures are not reproducible on
++ the porter box (different kernel?). (See #787258)
++ * Add ifupdown-hotplug autopkgtest. Reproduces #787263.
++ * udev: Bring back persistent storage symlinks for bcache. Thanks David
++ Mohr! (Closes: #787367)
++ * sd-device: Fix invalid property strv pointers. This unbreaks the
++ environment of udev callouts.
++
++ -- Martin Pitt <mpitt@debian.org> Mon, 01 Jun 2015 12:58:20 +0200
++
++systemd (220-2) unstable; urgency=low
++
++ * 220-1 was meant to go to experimental, but was accidentally uploaded to
++ unstable. This was planned for next week anyway, just not on a Friday;
++ we don't revert, but keep an RC bug open for a few days to get broader
++ testing. Reupload 220-1 with its changelog actually pointing to unstable
++ and with all versions in the .changes.
++
++ -- Martin Pitt <mpitt@debian.org> Fri, 29 May 2015 18:54:09 +0200
++
++systemd (220-1) unstable; urgency=medium
++
++ [ Martin Pitt ]
++ * New upstream release:
++ - Ship sdio.ids and ids-update.pl in upstream tarball. (Closes: #780650)
++ - Drop non-working "journalctl /dev/sda" example from manpage
++ (Closes: #781604)
++ - man systemd.network: Explain UseDomains a bit more (not used by
++ default). (Closes: #766413)
++ - Ignore comments in /etc/hostname (LP: #1053048)
++ - Drop all backported patches and port the others to new upstream release.
++ * Cherry-pick patch to fix udevd --daemon assertion regression.
++ * Cherry-pick patch to fix udevd worker hang.
++ * systemd.install: systemd.pc moved back into /usr/share/pkgconfig/.
++ * libsystemd0.symbols: Add new symbols from this release.
++ * Drop debian/extra/60-keyboard.hwdb for now. Upstream has a newer version,
++ and it's not nearly as often updated any more as it used to be.
++ * debian/rules: Remove shipped audit_type-to-name.h and
++ keyboard-keys-from-name.gperf and regenerate them during build (bug in
++ upstream 220 tarball).
++ * autopkgtest: Ship/use mock fsck from debian/tests, as it's missing in the
++ 220 tarball.
++ * Add libnss-mymachines binary package. (Closes: #784858)
++ * Add libnss-myhostname binary package, taking over from the very old and
++ unmaintained standalone source package as per its maintainer's request.
++ (Closes: #760514)
++ * Drop buildsys-Don-t-default-to-gold-as-the-linker.patch and set LD in
++ debian/rules on sparc only. This can be dropped entirely once we build
++ GUdev from a separate source.
++ * bootchart autopkgtest: Skip test if /proc/schedstat does not exist, i. e.
++ the kernel is missing CONFIG_SCHEDSTAT. Bootchart requires this.
++ * systemd-fsckd autopkgtest: On Debian plymouth-start stays running, adjust
++ was_running() for that.
++ * systemd-fsckd autopkgtest: In test_systemd_fsck_with_plymouth_failure(),
++ fix plymouthd status check to work under both Debian and Ubuntu.
++ * Replace almost all of Fix-paths-in-man-pages.patch with upstreamed
++ patches. (The remainder is planned to get fixed upstream as well.)
++ * Remove our update-rc.d patches, replace them with upstream patches for
++ /lib/systemd/systemd-sysv-install abstraction, and provide one for
++ update-rc.d. Also implement "is-enabled" command by directly checking for
++ the presence of rcS or rc5 symlinks. (Closes: #760616)
++ * Fix path_is_mount_point for files (regression in 220).
++ * debian/control: Drop obsolete XS-Testsuite:, dpkg adds it automatically.
++ * Use Ubuntu's default NTP server for timesyncd when building on Ubuntu.
++
++ [ Michael Biebl ]
++ * Remove /var/run and /var/lock migration code from debian-fixup. The /run
++ migration was completed in wheezy so this is no longer necessary.
++ * Drop our versioned Depends on initscripts. This was initially added for
++ the /run migration and later to ensure we have a mountnfs hook which
++ doesn't cause a deadlock under systemd. The /run migration was completed
++ in wheezy and jessie ships a fixed mountnfs hook. In addition we now use
++ the ignore-dependencies job mode in our lsb init-functions hook, so it's
++ safe to drop this dependency.
++ * Stop building gudev packages. Upstream has moved the gudev code into a
++ separate repository which is now managed on gnome.org. The gudev packages
++ will be built from src:libgudev from now on. See also
++ http://lists.freedesktop.org/archives/systemd-devel/2015-May/032070.html
++
++ -- Martin Pitt <mpitt@debian.org> Fri, 29 May 2015 10:37:40 +0200
++
++systemd (219-10) experimental; urgency=medium
++
++ * Fix assertion crash with empty Exec*= paths. (LP: #1454173)
++ * Drop Avoid-reload-and-re-start-requests-during-early-boot.patch
++ and Avoid-reloading-services-when-shutting-down.patch: This was fixed more
++ robustly in invoke-rc.d and service now, see #777113.
++ * debian/tests/boot-smoke: Allow 10 seconds for systemd jobs to settle down.
++ * Fix "tentative" state of devices which are not in /dev (mostly in
++ containers), and avoid overzealous cleanup unmounting of mounts from them.
++ (LP: #1444402)
++ * debian/extra/udev-helpers/net.agent: Eliminate cat and most grep calls.
++ * Drop Set-default-polling-interval-on-removable-devices-as.patch; it's long
++ obsolete, CD ejection with the hardware button works properly without it.
++ * Re-enable-journal-forwarding-to-syslog.patch: Update patch description,
++ journal.conf.d/ exists now.
++ * journal: Gracefully handle failure to bind to audit socket, which is known
++ to fail in namespaces (containers) with current kernels. Also
++ conditionalize systemd-journald-audit.socket on CAP_AUDIT_READ.
++ (LP: #1457054)
++ * Put back *.agent scripts and use net.agent in Ubuntu. This fixes escaping
++ of unit names, reduces the delta, and will make it easier to get a common
++ solution for integrating ifup.d/ scripts with networkd.
++ * When booting with "quiet", run the initramfs' udevd with "notice" log
++ level. (LP: #1432171)
++ * Add sigpwr-container-shutdown.service: Power off when receiving SIGPWR in
++ a container. This makes lxc-stop work for systemd containers.
++ (LP: #1457321)
++ * write_net_rules: Escape '{' and '}' characters as well, to make this work
++ with busybox grep. Thanks Faidon Liambotis! (Closes: #765577)
++
++ -- Martin Pitt <mpitt@debian.org> Thu, 21 May 2015 09:43:52 +0200
++
++systemd (219-9) experimental; urgency=medium
++
++ * 75-persistent-net-generator.rules: Fix rules for ibmveth (it's a driver,
++ not a subsystem). (LP: #1437375)
++ * debian/tests/unit-config: Add tests for systemctl enable/disable on a
++ SysV-only unit. Reproduces LP #1447807.
++ * Fix systemctl enable for SysV scripts without a native unit. We must not
++ try and enable the nonexisting unit then. (LP: #1447807)
++ * Drop Add-env-variable-for-machine-ID-path.patch. systemd should always
++ be installed via the essential "init" in buildd schroots now.
++ * debian/README.source: Update git-buildpackage commands for the renames in
++ 0.6.24.
++ * Make apparmor run before networking, to ensure that profiles apply to
++ e. g. dhclient (LP: #1438249):
++ - Rename networking.service.d/network-pre.conf to systemd.conf, and add
++ After=apparmor.service.
++ - ifup@.service: Add After=apparmor.service.
++ - Add Breaks: on apparmor << 2.9.2-1, which dropped its dependency to
++ $remote_fs.
++ * Drop login-don-t-overmount-run-user-UID-on-upgrades.patch and
++ login-don-t-overmount-run-user-UID-on-upgrades.patch, these were only
++ needed for upgrades from wheezy to jessie.
++ * systemd.{pre,post}inst: Clean up obsolete (pre-wheezy/jessie) upgrade
++ fixes.
++ * systemd-fsckd autopkgtest: Stop assuming that
++ /etc/default/grub.d/90-autopkgtest.cfg exists.
++ * systemd-fsckd autopkgtest: Add missing plymouth test dependency.
++ * Drop core-mount-ensure-that-we-parse-proc-self-mountinfo.patch, and bump
++ util-linux dependency to the version which enables
++ --enable-libmount-force-mountinfo.
++
++ -- Martin Pitt <mpitt@debian.org> Wed, 13 May 2015 12:27:21 +0200
++
++systemd (219-8) experimental; urgency=medium
++
++ [ Michael Biebl ]
++ * Skip filesystem check if already done by the initramfs. (Closes: #782522)
++ * Drop hard-coded versioned dependency on libapparmor1. Bump the
++ Build-Depends on libapparmor-dev instead. This ensures a proper versioned
++ dependency via Build-Depends-Package.
++ * Revert "Make apparmor run before networking". This causes dependency
++ cycles while apparmor still depends on $remote_fs.
++ * Cleanup hwclock-save.service symlinks when upgrading from the jessie
++ version.
++
++ [ Martin Pitt ]
++ * cryptsetup: Implement offset and skip options. (Closes: #751707,
++ LP: #953875)
++ * logind autopkgtest: Add test for suspending on lid switch close.
++ This reproduces LP #1444166 (lid switch not working in the first few
++ minutes after boot).
++ * Reduce the initial suspend supression time from 3 minutes to 30 seconds,
++ and make it configurable. (LP: #1444166)
++ * Fix double free crash in "systemctl enable" when calling update-rc.d and
++ the latter fails. (Closes: #764613, LP: #1426588)
++ * hwdb: Fix wireless switch on Dell Latitude (LP: #1441849)
++ * Fix assertion crash when reading a service file with missing ' and
++ trailing space. (LP: #1447243)
++ * ifup@.service: Set IgnoreOnIsolate, so that "systemctl default" does not
++ shut down network interfaces. (Closes: #762953, LP: #1449380).
++ Add PartOf=network.target, so that stopping network.target also stops
++ network interfaces (so that isolating emergency.target and similar work as
++ before).
++ * Revert upstream commit 743970d which immediately SIGKILLs units during
++ shutdown. This leads to problems like bash not being able to write its
++ history, mosh not saving its state, and similar failed cleanup actions.
++ (Closes: #784720, LP: #1448259)
++ * Drop the reversion of "journald: allow restarting journald without losing
++ stream connections", and replace with proper upstream fix for
++ sd_pid_notify_with_fds(). (See Debian #778970, LP #1423811; LP: #1437896)
++
++ -- Martin Pitt <mpitt@debian.org> Wed, 29 Apr 2015 17:13:41 +0200
++
++systemd (219-7) experimental; urgency=medium
++
++ [ Martin Pitt ]
++ * Make systemd-sysv's dependency to systemd unversioned. The package just
++ contains 6 symlinks and thus isn't sensitive at all against version
++ mismatches. This avoids running into circular dependencies when testing
++ local debs.
++ * Revert "udev: Drop hwdb-update dependency" and replace with upstream patch
++ which moves it to systemd-udev-trigger.service.
++ * display-managers autopkgtest: Properly wait until all jobs are finished.
++ * display-managers autopkgtest: Reset failed units between tests, to avoid
++ running into restart limits and for better test isolation.
++ * Enable timesyncd in virtual machines. (Closes: #762343)
++
++ [ Adam Conrad ]
++ * debian/systemd.{triggers,postinst}: Trigger a systemctl daemon-reload
++ when init scripts are installed or removed (Closes: #766429)
++
++ [ Didier Roche ]
++ * Squash all fsckd patches in one (as fsckd and such will be removed
++ soon upstream), containing various fixes from upstream git and refactor
++ the connection flow to upstream's suggestion. Modify the man pages to match
++ those modifications as well. Amongst others, this suppresses "Couldn't
++ connect to plymouth" errors if plymouth is not running.
++ (Closes: #782265, LP: #1429171)
++ * Keep plymouth localized messages in a separate patch for easier updates in
++ the future and refresh to latest upstream.
++ * display-managers autopkgtest: Use ExecStart=sleep instead of the actual
++ lightdm binary, to avoid errors from lightdm startup. Drop the now
++ unnecessary "needs-recommends" to speed up the test.
++
++ -- Martin Pitt <mpitt@debian.org> Fri, 10 Apr 2015 11:08:33 +0200
++
++systemd (219-6) experimental; urgency=medium
++
++ [ Martin Pitt ]
++ * Import patches from v219-stable branch (up to 85a6fab).
++ * boot-and-services autopkgtest: Add missing python3 test dependency.
++ * Make apparmor run before networking, to ensure that profiles apply to
++ e. g. dhclient (LP: #1438249):
++ - Rename networking.service.d/network-pre.conf to systemd.conf, and add
++ After=apparmor.service.
++ - ifup@.service: Add After=apparmor.service.
++ * udev: Drop hwdb-update dependency, which got introduced by the above
++ v219-stable branch. This causes udev and plymouth to start too late and
++ isn't really needed in Debian yet as we don't support stateless systems
++ yet and handle hwdb.bin updates through dpkg triggers. (LP: #1439301)
++
++ [ Didier Roche ]
++ * Fix mount point detection on overlayfs and similar file systems without
++ name_to_handle_at() and st_dev support. (LP: #1411140)
++
++ [ Christian Seiler ]
++ * Make the journald to syslog forwarding more robust by increasing the
++ maximum datagram queue length from 10 to 512. (Closes: #762700)
++
++ [ Marco d'Itri ]
++ * Avoid writing duplicate entries in 70-persistent-net.rules by double
++ checking if the new udev rule has already been written for the given
++ interface. This happens if multiple add events are generated before the
++ write_net_rules script returns and udevd renames the interface.
++ (Closes: #765577)
++
++ -- Martin Pitt <mpitt@debian.org> Thu, 02 Apr 2015 09:14:48 +0200
++
++systemd (219-5) experimental; urgency=medium
++
++ [ Didier Roche ]
++ * Add "systemd-fsckd" autopkgtest. (LP: #1427312)
++ * cmdline-upstart-boot autopkgtest: Update to Ubuntu's upstart-sysv split
++ (test gets skipped on Debian while upstart-sysv does not yet exist there).
++ * Cherry-pick a couple of upstream commits for adding transient state,
++ fixing a race where mounts become available before the device being
++ available.
++ * Ensure PrivateTmp doesn't require tmpfs through tmp.mount, but rather adds
++ an After relationship. (Closes: #779902)
++
++ [ Martin Pitt ]
++ * journald: Suppress expected cases of "Failed to set file attributes"
++ errors. (LP: #1427899)
++ * Add systemd-sysv.postinst: Update grub on first installation, so that the
++ alternative init system boot entries get updated.
++ * debian/tests: Call /tmp/autopkgtest-reboot, to work with autopkgtest >=
++ 3.11.1.
++ * Check for correct architecture identifiers for SuperH. (Closes: #779710)
++ * Fix tmpfiles.d to only apply the first match again (regression in 219).
++ (LP: #1428540)
++ * /lib/lsb/init-functions.d/40-systemd: Don't ignore systemd unit
++ dependencies in "degraded" mode. (LP: #1429734)
++
++ [ Michael Biebl ]
++ * debian/udev.init: Recognize '!' flag with static device lists, to work
++ with kmod 20. (Closes: #780263)
++
++ [ Craig Magina ]
++ * rules-ubuntu/71-power-switch-proliant.rules: Add support for HP ProLiant
++ m400 Server Cartridge soft powerdown on Linux 3.16. (LP: #1428811)
++
++ [ Scott Wakeling ]
++ * Rework package description to be more accurate. (Closes: #740372)
++
++ -- Martin Pitt <mpitt@debian.org> Thu, 26 Mar 2015 16:31:04 +0100
++
++systemd (219-4) experimental; urgency=medium
++
++ * tmpfiles: Avoid creating duplicate ACL entries. Add postinst code to clean
++ them up on upgrade. (Closes: #778656)
++ * bootchart: Fix path to default init. (LP: #1423867)
++ * Add "bootchart" autopkgtest, to spot regressions like the above.
++ * autopkgtests: Factorize out "assert.sh" utility functions, and use them in
++ the tests for useful failure messages.
++ * Downgrade requirement for timedated, hostnamed, localed-locale, and
++ logind autopkgtests from machine to container isolation.
++ * boot-and-services and display-manager autopkgtest: Add systemd-sysv as
++ proper test dependency instead of apt-get installing it. This works now
++ also under Ubuntu 15.04.
++ * boot-and-services autopkgtest: Check cleanup of temporary files during
++ boot. Reproduces #779169.
++ * Clean up /tmp/ directory again. (Closes: #779169, LP: #1424992)
++
++ -- Martin Pitt <mpitt@debian.org> Fri, 27 Feb 2015 07:02:09 +0100
++
++systemd (219-3) experimental; urgency=medium
++
++ * sysv-generator: fix wrong "Overwriting existing symlink" warnings.
++ (Closes: #778700)
++ * Add systemd-fsckd multiplexer and feed its output to plymouth. This
++ provides an aggregate progress report of running file system checks and
++ also allows cancelling them with ^C, in both text mode and Plymouth.
++ (Closes: #775093, #758902; LP: #1316796)
++ * Revert "journald: allow restarting journald without losing stream
++ connections". This was a new feature in 219, but currently causes boot
++ failures due to logind and other services not starting up properly.
++ (Closes: #778970; LP: #1423811)
++ * Add "boot-smoke" autopkgtest: Test 20 successful reboots in a row, and
++ that there are no connection timeouts or stalled jobs. This reproduces the
++ above regression.
++ * debian/tests/localed-locale: Set up locale and keyboard default files on a
++ minimal unconfigured testbed.
++ * Add missing python3 test dependency to cmdline-upstart-boot and
++ display-managers autopkgtests.
++ * debian/tests/boot-and-services: Skip AppArmor test if AppArmor is not
++ enabled.
++ * debian/tests/boot-and-services: Reboot also if lightdm was just installed
++ but isn't running yet.
++
++ -- Martin Pitt <mpitt@debian.org> Mon, 23 Feb 2015 09:52:12 +0100
++
++systemd (219-2) experimental; urgency=medium
++
++ * Fix UTF-16 to UTF-8 conversion on big-endian machines. (Closes: #778654)
++ * Disable new new test-sigbus, it fails on some buildds due to too old
++ kernels. (part of #778654)
++ * debian/README.Debian, debian/systemd.postinst: Drop setfacl call for
++ /var/log/journal, this is now done automatically by tmpfiles.d/systemd.conf.
++ * Drop "acl" dependency, not necessary any more with the above.
++ * debian/tests/boot-and-services: Move to using /var/lib/machines/,
++ /var/lib/containers is deprecated.
++
++ -- Martin Pitt <mpitt@debian.org> Wed, 18 Feb 2015 15:29:42 +0100
++
++systemd (219-1) experimental; urgency=medium
++
++ [ Martin Pitt ]
++ * New upstream release:
++ - Fix spelling mistake in systemd.unit(5). (Closes: #773302)
++ - Fix timeouts with D-Bus, leading to SIGFPE. (Closes: #774012)
++ - Fix load/save of multiple rfkill states. (Closes: #759489)
++ - Non-persistent journal (/run/log/journal) is now readable by group adm.
++ (Closes: #771980)
++ - Read netdev user mount option to correctly order network mounts after
++ network.target. (Closes: #769186)
++ - Fix 60-keyboard.hwdb documentation and whitespace handling.
++ (Closes: #757367)
++ - Fix ThinkPad X1 Carbon 20BT trackpad buttons (LP: #1414930)
++ - Drop all backported patches and port the others to new upstream release.
++ * Bump libblkid-dev build dependency as per upstream configure.ac.
++ * debian/systemd.install: Add new language-fallback-map file.
++ * debian/udev.install: Add new systemd-hwdb tool.
++ * debian/libsystemd0.symbols: Add new symbols from this release.
++ * tmpfiles.d/systemd.conf: Drop "wheel" ACL (that group does not exist in
++ Debian) to make the ACL for "adm" actually work.
++ * debian/rules: Explicitly disable importd for now; it should still mature a
++ bit. Explicitly enable hwdb support.
++ * /lib/lsb/init-functions.d/40-systemd: Call systemctl is-system-running
++ with --quiet. (LP: #1421058)
++ * debian/systemd.postrm: Clean getty@tty1.service and remote-fs.target
++ enablement symlinks on purge. (Closes: #778499)
++ * Move all Debian specific units in the systemd package into
++ debian/extra/units/ and simplify debian/systemd.install.
++ * Enable timesyncd by default. Add a config drop-in to not start if ntp,
++ openntpd, or chrony is installed. (Closes: #755722)
++ * debian/systemd.links: Drop obsolete hwclockfirst.service mask link, this
++ was dropped in wheezy's util-linux already.
++ * debian/udev.postinst: Call systemd-hwdb instead of udevadm hwdb.
++
++ [ Michael Biebl ]
++ * Stop removing firstboot man pages. They are now installed conditionally.
++
++ -- Martin Pitt <mpitt@debian.org> Tue, 17 Feb 2015 15:51:38 +0100
++
++systemd (218-10) experimental; urgency=medium
++
++ * Pull latest keymaps from upstream git. (LP: #1334968, #1409721)
++ * rules: Fix by-path of mmc RPMB partitions and don't blkid them. Avoids
++ kernel buffer I/O errors and timeouts. (LP: #1333140)
++ * Clean up stale mounts when ejecting CD drives with the hardware eject
++ button. (LP: #1168742)
++ * Document systemctl --failed option. (Closes: #767267)
++ * Quiesce confusing and irrelevant "failed to reset devices.list" warning.
++ (LP: #1413193)
++ * When booting with systemd-bootchart, default to run systemd rather than
++ /sbin/init (which might not be systemd). (LP: #1417059)
++ * boot-and-services autopkgtest: Add CgroupsTest to check cgroup
++ creation/cleanup behaviour. This reproduces #777601 and verifies the fix
++ for it.
++
++ -- Martin Pitt <mpitt@debian.org> Fri, 13 Feb 2015 12:25:06 +0100
++
++systemd (218-9) experimental; urgency=medium
++
++ [ Martin Pitt ]
++ * debian/tests/logind: With dropped systemd-logind-launch we don't have a
++ visible /sys/fs/cgroup/systemd/ any more under cgmanager. So adjust the
++ test to check /proc/self/cgroup instead.
++ * Add unit-config autopkgtest to check systemd unit/sysv init enabling and
++ disabling via systemctl. This also reproduces #777613.
++ * systemctl: Always install/enable/disable native units, even if there is a
++ corresponding SysV script and we call update-rc.d; while the latter
++ handles WantedBy=, it does not handle Alias=. (Closes: #777613)
++ * cgroup: Don't trim cgroup trees created by someone else, just the ones
++ that systemd itself created. This avoids cleaning up empty cgroups from
++ e.g. LXC. (Closes: #777601)
++ * Don't parse /etc/mtab for current mounts, but /proc/self/mountinfo. If the
++ former is a file, it's most likely outdated on boot, leading to race
++ conditions and unmounts during boot. (LP: #1419623)
++
++ [ Michael Biebl ]
++ * Explicitly disable the features we don't want to build for those with
++ autodetection. This ensures reliable build results in dirty build
++ environments.
++ * Disable AppArmor support in the udeb build.
++ * core: Don't fail to run services in --user instances if $HOME is missing.
++ (Closes: #759320)
++
++ [ Didier Roche ]
++ * default-display-manager-generator: Avoid unnecessary /dev/null symlink and
++ warning if there is no display-manager.service unit.
++
++ -- Michael Biebl <biebl@debian.org> Thu, 12 Feb 2015 18:45:12 +0100
++
++systemd (218-8) experimental; urgency=medium
++
++ [ Martin Pitt ]
++ * boot-and-services autopkgtest: Ensure that there are no failed units,
++ except possibly systemd-modules-load.service (as that notoriously fails
++ with cruft in /etc/modules).
++ * Revert "input" system group creation in systemd.postinst from 218-7. It's
++ already done in udev.postinst.
++ * ifup@.service: Revert checking for existance of ifupdown config for that
++ interface, net.agent already does that.
++ * Drop Also-redirect-to-update-rc.d-when-not-using-.service.patch; not
++ necessary any more with the current version (mangle_names() already takes
++ care of this).
++ * Merge into Add-support-for-rcS.d-init-scripts-to-the-sysv-gener.patch:
++ - Do-not-order-rcS.d-services-after-local-fs.target-if.patch, as it
++ partially reverts the above, and is just fixing it.
++ - Map-rcS.d-init-script-dependencies-to-their-systemd-.patch as it's just
++ adding some missing functionality for the same purpose.
++ * Merge Run-update-rc.d-defaults-before-update-rc.d-enable-d.patch into
++ Make-systemctl-enable-disable-call-update-rc.d-for-s.patch as the former
++ is fixing the latter and is not an independent change.
++ * Drop Launch-logind-via-a-shell-wrapper.patch and systemd-logind-launch
++ wrapper. The only remaining thing that we need from it is to create
++ /run/systemd/, move that into the D-BUS service file directly.
++ * /lib/lsb/init-functions.d/40-systemd: Avoid deadlocks during bootup and
++ shutdown. DHCP/ifupdown and similar hooks which call "/etc/init.d/foo
++ reload" can easily cause deadlocks, since the synchronous wait plus
++ systemd's normal behaviour of transactionally processing all dependencies
++ first easily causes dependency loops. Thus during boot/shutdown operate
++ only on the unit and not on its dependencies, just like SysV behaves.
++ (Closes: #777115, LP: #1417010)
++ * Only start logind if dbus is installed. This fixes the noisy startup
++ failure in environments without dbus, such as LXC containers or servers.
++ (part of #772700)
++ * Add getty-static.service unit which starts getty@.service on tty 2 to 6 if
++ dbus is not installed, and hence logind cannot auto-start them on demand.
++ (Closes: #772700)
++
++ [ Michael Biebl ]
++ * Update insserv-generator and map $x-display-manager to
++ display-manager.service, following the recent change in sysv-generator.
++ This avoids creating references to a no longer existing
++ x-display-manager.target unit.
++
++ -- Martin Pitt <mpitt@debian.org> Mon, 09 Feb 2015 18:07:22 +0100
++
++systemd (218-7) experimental; urgency=medium
++
++ [ Martin Pitt ]
++ * Don't attempt to mount the same swap partition twice through different
++ device node aliases. (Closes: #772182, LP: #1399595)
++ * logind: handle closing sessions over daemon restarts. (Closes: #759515,
++ LP: #1415104)
++ * logind: Fix sd_eviocrevoke ioctl call, to make forced input device release
++ after log out actually work.
++ * debian/rules: Drop obsolete --disable-multi-seat-x and
++ --with-firmware-path configure options.
++ * debian/udev.README.Debian: Trim the parts which are obsolete, wrong, or
++ described in manpages. Only keep the Debian specific bits.
++ (Part of #776546)
++ * Actually install udev's README.Debian when building for Debian.
++ (Closes: #776546)
++ * Create system group "input" which was introduced in 215. (LP: #1414409)
++ * ifup@.service: Don't fail if the interface is not configured in
++ /etc/network/interfaces at all. (LP: #1414426)
++
++ [ Michael Biebl ]
++ * Update Vcs-Browser URL to use cgit and https.
++ * Map $x-display-manager LSB facility to display-manager.service instead of
++ making it a target. Using a target had the downside that multiple display
++ managers could hook into it at the same time which could lead to several
++ failed start attempts for the non-default display manager.
++
++ -- Martin Pitt <mpitt@debian.org> Sun, 01 Feb 2015 20:48:49 +0100
++
++systemd (218-6) experimental; urgency=medium
++
++ [ Martin Pitt ]
++ * initramfs hook: Install 61-persistent-storage-android.rules if it exists.
++ * Generate POT file during package build, for translators.
++ * Pull latest keymaps from upstream git.
++ * Order ifup@.service and networking.service after network-pre.target.
++ (Closes: #766938)
++ * Tone down "Network interface NamePolicy= disabled on kernel commandline,
++ ignoring" info message to debug, as we expect this while we disable
++ net.ifnames by default. (Closes: #762101, LP: #1411992)
++
++ [ Michael Biebl ]
++ * Ship bash-completion for udevadm. (Closes: #776166)
++ * Drop rc-local generator in favor of statically enabling rc-local.service,
++ and drop halt-local.service which is unnecessary on Debian.
++ (Closes: #776170)
++ * Drop the obsolete libsystemd-* libraries, there are no reverse
++ dependencies left.
++
++ -- Martin Pitt <mpitt@debian.org> Mon, 26 Jan 2015 15:45:45 +0100
++
++systemd (218-5) experimental; urgency=medium
++
++ * Drop logger.agent. It hasn't been called from any udev rule for a long
++ time, and looks obsolete.
++ * debian/rules: Configure with --disable-firstboot to replace some manual
++ file removals.
++ * debian/rules: Remove manual file installation, move them to
++ debian/*.install. Move all Debian specific installed files to
++ debian/extra/.
++ * Merge some changes from the Ubuntu package to reduce the delta; these only
++ apply when building on/for Ubuntu:
++ - Add 40-hyperv-hotadd.rules: Workaround for LP: #1233466.
++ - Add 61-persistent-storage-android.rules to create persistent symlinks
++ for partitions with PARTNAME. By Ricardo Salveti.
++ - Add 71-power-switch-proliant.rules for supporting the power switches of
++ ProLiant Server Cartridges. By Dann Frazier.
++ - Add 78-graphics-card.rules: Mark KMS capable graphics devices as
++ PRIMARY_DEVICE_FOR_DISPLAY so that we can wait for those in plymouth.
++ By Scott James Remnant.
++ - Don't install the Debian *.agent scripts. Instead, have Ubuntu's
++ 80-networking.rules directly pull in ifup@.service, which is much easier
++ and more efficient.
++ * Make EPERM/EACCESS when applying OOM adjustment for forked processes
++ non-fatal. This happens in user namespaces like unprivileged LXC
++ containers.
++ * Fix assertion failure due to /dev/urandom being unmounted when shutting
++ down unprivileged containers. Thanks Stéphane Graber.
++ * Enable EFI support. This mostly auto-mounts /sys/firmware/efi/efivars, but
++ also provides a generator for auto-detecting the root and the /boot/efi
++ partition if they aren't in /etc/fstab. (Closes: #773533)
++
++ -- Martin Pitt <mpitt@debian.org> Thu, 22 Jan 2015 16:13:46 +0100
++
++systemd (218-4) experimental; urgency=medium
++
++ [ Michael Biebl ]
++ * sysv-generator: handle Provides: for non-virtual facility names.
++ (Closes: #774335)
++ * Fix systemd-remount-fs.service to not fail on remounting /usr if /usr
++ isn't mounted yet. This happens with initramfs-tools < 0.118 which we
++ might not get into Jessie any more. (Closes: #742048)
++
++ [ Martin Pitt ]
++ * fstab-generator: Handle mountall's non-standard "nobootwait" and
++ "optional" options. ("bootwait" is already the systemd default behaviour,
++ and "showthrough" is irrelevant here, so both can be ignored).
++ * Add autopkgtest for one-time boot with upstart when systemd-sysv is
++ installed. This test only works under Ubuntu which has a split out
++ upstart-bin package, and will be skipped under Debian.
++ * debian/ifup@.service: Check if ifup succeeds by calling ifquery, to
++ work around ifup not failing on invalid interfaces (see #773539)
++ * debian/ifup@.service: Set proper service type (oneshot).
++ * sysv-generator: Handle .sh suffixes when translating Provides:.
++ (Closes: #775889)
++ * sysv-generator: Make real units overwrite symlinks generated by Provides:
++ from other units. Fixes failures due to presence of backup or old init.d
++ scripts. (Closes: #775404)
++ * Fix journal forwarding to syslog in containers without CAP_SYS_ADMIN.
++ (Closes: #775067)
++ * Re-enable AppArmor support, now that libapparmor1 moved to /lib. Add
++ versioned dependency as long as this is still only in experimental.
++ (Closes: #775331)
++ * Add some missing dpkg and ucf temp files to the "hidden file" filter, to
++ e. g. avoid creating units for them through the sysv-generator.
++ (Closes: #775903)
++ * Silence useless warning about /etc/localtime not being a symlink. This is
++ deliberate in Debian with /usr (possibly) being on a separate partition.
++ (LP: #1409594)
++
++ [ Christian Kastner ]
++ * Use common-session-noninteractive in systemd-user's PAM config, instead of
++ common-session. The latter can include PAM modules like libpam-mount which
++ expect to be called just once and/or interactively, which already happens
++ for login, ssh, or the display-manager. Add pam_systemd.so explicitly, as
++ it's not included in -noninteractive, but is always required (and
++ idempotent). There is no net change on systemd which don't use manually
++ installed PAM modules. (Closes: #739676)
++
++ [ Michael Biebl ]
++ * Make sure we run debian-fixup.service after /var has been mounted if /var
++ is on a separate partition. Otherwise we might end up creating the
++ /var/lock and /var/run symlink in the underlying root filesystem.
++ (Closes: #768644)
++
++ -- Martin Pitt <mpitt@debian.org> Wed, 21 Jan 2015 15:57:50 +0100
++
++systemd (218-3) experimental; urgency=medium
++
++ * build-logind autopkgtest: Re-enforce that sd_login_monitor_new() succeeds,
++ and restrict this test to isolation-container. (Reproduces LP #1400203)
++ * Bring back patch to make sd_login_monitor_new() work under other init
++ systems where /sys/fs/cgroup/systemd/machine does not exist.
++ (LP: #1400203)
++ * build-login autopkgtest: Build against libsystemd, not libsystemd-login
++ any more.
++ * Add debian/extra/systemd-vconsole-setup.service dependency shim for
++ the console-setup init script, to avoid breaking dependencies of
++ third-party packages. Install it for Ubuntu only for now, as in Debian
++ plymouth's unit got adjusted. (LP: #1392970, Debian #755194)
++ * Mark systemd{,-sysv} as M-A: foreign (thanks lintian).
++ * Quiesce maintainer-script-calls-systemctl lintian warning.
++ * Quiesce possibly-insecure-handling-of-tmp-files lintian warning, it's
++ wrong there (we are handling tmpfiles.d/ files which are not in a temp
++ dir).
++ * Use dh_installinit's --noscript instead of --no-start for the upstart
++ jobs without sysvinit scripts (thanks lintian).
++ * Put systemd.pc into arch specific pkgconfig dir, as it contains the arch
++ specific libdir value.
++ * Don't enable audit by default. It causes flooding of dmesg and syslog,
++ suppressing actually important messages. (Closes: #773528)
++ * Cherrypick various bug fixes in loopback device setup and netlink socket
++ communication. Fixes massive CPU usage due to tight retry loops in user
++ LXC containers.
++
++ -- Martin Pitt <mpitt@debian.org> Mon, 29 Dec 2014 14:55:35 +0100
++
++systemd (218-2) experimental; urgency=medium
++
++ * boot-and-services AppArmor autopkgtest: Stop checking the dmesg log; it is
++ racy as sometimes message bursts are suppressed.
++ * Fix crash in timedatectl with Etc/UTC.
++ * Prefer-etc-X11-default-display-manager-if-present.patch: Drop wrong
++ copy&paste'd comment, fix log strings. Thanks Adam D. Barratt.
++ * boot-and-services: Robustify Nspawn tests, and show systemd-nspawn output
++ on failure.
++ * Disable tests which fail on buildds, presumably due to too old kernels,
++ misconfigured /etc/hosts, and similar problems. Make failures of the test
++ suite fatal now.
++
++ -- Martin Pitt <mpitt@debian.org> Tue, 16 Dec 2014 08:24:38 +0100
++
++systemd (218-1) experimental; urgency=medium
++
++ * New upstream release. Drop all cherry-picked patches and port the Debian
++ specific ones.
++ - Create /etc/machine-id on boot if missing. (LP: #1387090)
++ * Add new libmount-dev build dependency.
++ * Configure with --enable-split-usr.
++ * Merge some permanent Ubuntu changes, using dpkg-vendor:
++ - Don't symlink udev doc directories.
++ - Add epoch to gudev packages; Ubuntu packaged the standalone gudev before
++ it got merged into udev.
++ - Add Apport hooks for udev and systemd.
++ * udev-fallback-graphics upstart job: Guard the modprobe with || true to
++ avoid a failure when vesafb is compiled in. (LP: #1367241)
++
++ -- Martin Pitt <mpitt@debian.org> Sun, 14 Dec 2014 13:58:39 +0100
++
++systemd (217-4) experimental; urgency=medium
++
++ [ Martin Pitt ]
++ * Reinstate a debian/extra/rules/50-firmware.rules which immediately tells
++ the kernel that userspace firmware loading failed. Otherwise it tries for a
++ minute to call the userspace helper (if CONFIG_FW_LOADER_USER_HELPER is
++ enabled) in vain, which causes long delays with devices which have a range
++ of possible firmware versions. (LP: #1398458)
++ * debian/systemd.postinst: Don't always restart journald, as this currently
++ can't be done without losing the current journal and breaking attached
++ processes. So only restart it from upgrades < 215-3 (where the socket
++ location got moved) as an one-time upgrade path from wheezy.
++ (Closes: #771122)
++ * Revert "Modify insserv generator to mask sysvinit-only display managers".
++ This is still under dispute, a bit risky, and might get a different
++ implementation. Also, nodm really needs to be fixed properly, working
++ around it is both too risky and also too hard to get right.
++
++ [ Didier Roche ]
++ * Add display managers autopkgtests.
++ * Reset display-manager symlink to match /e/X/d-d-m even if
++ display-manager.service was removed. Adapt the autopkgtests for it.
++ (LP: #1400680)
++
++ -- Martin Pitt <mpitt@debian.org> Thu, 11 Dec 2014 18:06:54 +0200
++
++systemd (217-3) experimental; urgency=medium
++
++ [ Martin Pitt ]
++ * systemd.bug-script: Really capture stderr of systemd-delta.
++ (Closes: #771498)
++ * boot-and-services autopkgtest: Give test apparmor job some time to
++ actually finish.
++
++ [ Didier Roche ]
++ * updated debian/patches/insserv.conf-generator.patch:
++ - if /etc/X11/default-display-manager doesn't match a systemd unit
++ (or doesn't exist), be less agressive about what to mask: we let
++ all sysvinit-only display-manager units enabled to fallback to previous
++ behavior and let them starting. (Closes: #771739)
++
++ -- Martin Pitt <mpitt@debian.org> Tue, 02 Dec 2014 16:53:36 +0100
++
++systemd (217-2) experimental; urgency=medium
++
++ * Re-enable journal forwarding to syslog, until Debian's sysloggers
++ can/do all read from the journal directly.
++ * Fix hostnamectl exit code on success.
++ * Fix "diff failed with error code 1" spew with systemd-delta.
++ (Closes: #771397)
++ * Re-enable systemd-resolved. This wasn't meant to break the entire
++ networkd, just disable the new NSS module. Remove that one manually
++ instead. (Closes: #771423, LP: #1397361)
++ * Import v217-stable patches (up to commit bfb4c47 from 2014-11-07).
++ * Disable AppArmor again. This first requires moving libapparmor to /lib
++ (see #771667). (Closes: #771652)
++ * systemd.bug-script: Capture stderr of systemd-{delta,analyze}.
++ (Closes: #771498)
++
++ -- Martin Pitt <mpitt@debian.org> Mon, 01 Dec 2014 15:09:09 +0100
++
++systemd (217-1) experimental; urgency=medium
++
++ [ Martin Pitt ]
++ * New upstream release. Drop all cherry-picked patches and port the Debian
++ specific ones.
++ * Disable systemd-resolved for now. It still needs to mature, and
++ integration into Debian should be discussed first.
++ * Bump util-linux dependency to >= 2.25 as per NEWS.
++ * Drop installation of 50-firmware.rules, not shipped upstream any more.
++ Firmware loading is now exclusively done by the kernel.
++ * Drop installation of readahead related services and code, readahead got
++ dropped in this version.
++ * Ship new networkctl CLI tool.
++ * debian/libsystemd0.symbols: Add new symbols from this release.
++ * debian/rules: Call dpkg-gensymbols with -c4 to immediately spot
++ changed/missing symbols during build.
++ * boot-and-services autopkgtest: Test AppArmor confined units (LP #1396270)
++ * Create new "systemd-journal-remote" system group, for
++ systemd-tmpfiles-setup.service.
++
++ [ Marc Deslauriers ]
++ * Build-depend on libapparmor-dev to enable AppArmor support. (LP: #1396270)
++
++ [ Didier Roche ]
++ * Handle display-manager transitions: (Closes: #748668)
++ - Add a generator to ensure /etc/X11/default-display-manager is controlling
++ which display-manager is started.
++ - Modify insserv generator to mask of sysvinit-only dms with insserv
++ $x-display-manager tag if they don't match
++ /etc/X11/default-display-manager. This avoids starting multiple dms at
++ boot.
++ * Cherry-pick Shared-add-readlink_value.patch as using that function in the
++ generator.
++
++ -- Martin Pitt <mpitt@debian.org> Fri, 28 Nov 2014 10:53:58 +0100
++
++systemd (215-18) unstable; urgency=medium
++
++ [ Michael Biebl ]
++ * manager: Pass correct errno to strerror(), have_ask_password contains
++ negative error values which have to be negated when being passed to
++ strerror().
++
++ [ Martin Pitt ]
++ * Revert upstream commit 743970d which immediately SIGKILLs units during
++ shutdown. This leads to problems like bash not being able to write its
++ history, mosh not saving its state, and similar failed cleanup actions.
++ (Closes: #784720, LP: #1448259)
++ * write_net_rules: Escape '{' and '}' characters as well, to make this work
++ with busybox grep. Thanks Faidon Liambotis! (Closes: #765577)
++
++ -- Martin Pitt <mpitt@debian.org> Thu, 21 May 2015 15:49:30 +0200
++
++systemd (215-17) unstable; urgency=high
++
++ * cryptsetup: Implement offset and skip options. (Closes: #751707,
++ LP: #953875)
++
++ -- Martin Pitt <mpitt@debian.org> Thu, 16 Apr 2015 10:26:46 -0500
++
++systemd (215-16) unstable; urgency=medium
++
++ [ Christian Seiler ]
++ * Don't run hwclock-save.service in containers. (Closes: #782377)
++
++ [ Michael Biebl ]
++ * Do not print anything while passwords are being queried. This should make
++ password prompts without plymouth more usable. (Closes: #765013)
++ * Skip filesystem check if already done by the initramfs. (Closes: #782522)
++
++ -- Michael Biebl <biebl@debian.org> Mon, 13 Apr 2015 19:42:32 +0200
++
++systemd (215-15) unstable; urgency=medium
++
++ [ Adam Conrad ]
++ * debian/systemd.{triggers,postinst}: Trigger a systemctl daemon-reload
++ when init scripts are installed or removed (Closes: #766429)
++
++ [ Martin Pitt ]
++ * Fix getty restart loop when PTS device is gone. (Closes: #780711)
++ * Run timesyncd in virtual machines. (Closes: #762343)
++ * Make logind work in environments without CAP_SYS_ADMIN (mostly
++ containers). Thanks Christian Seiler for the backporting!
++ (Closes: #778608)
++ * Check for correct signatures when setting properties. Fixes systemd
++ getting stuck on trying to set invalid property types. (Closes: #781602)
++
++ -- Martin Pitt <mpitt@debian.org> Thu, 09 Apr 2015 10:12:37 +0200
++
++systemd (215-14) unstable; urgency=medium
++
++ [ Michael Biebl ]
++ * Map $x-display-manager LSB facility to display-manager.service instead of
++ making it a target. Using a target had the downside that multiple display
++ managers could hook into it at the same time which could lead to several
++ failed start attempts for the non-default display manager.
++ * Update insserv-generator and map $x-display-manager to
++ display-manager.service, following the recent change in sysv-generator.
++ This avoids creating references to a no longer existing
++ x-display-manager.target unit.
++ * Cherry-pick upstream fix to increase the SendBuffer of /dev/log to 8M.
++
++ [ Martin Pitt ]
++ * scope: Make attachment of initial PIDs more robust. Fixes crash with
++ processes that get started by an init.d script with a different (aliased)
++ name when the cgroup becomes empty. (Closes: #781210)
++ * boot-and-services, display-managers autopkgtests: Add missing python3 test
++ dependency.
++ * Don't attempt to mount the same swap partition twice through different
++ device node aliases. (Closes: #772182, LP: #1399595)
++
++ [ Christian Seiler ]
++ * Make the journald to syslog forwarding more robust by increasing the
++ maximum datagram queue length from 10 to 512. (Closes: #762700)
++
++ [ Marco d'Itri ]
++ * Avoid writing duplicate entries in 70-persistent-net.rules by double
++ checking if the new udev rule has already been written for the given
++ interface. This happens if multiple add events are generated before the
++ write_net_rules script returns and udevd renames the interface.
++ (Closes: #765577)
++
++ -- Michael Biebl <biebl@debian.org> Mon, 30 Mar 2015 13:26:52 +0200
++
++systemd (215-13) unstable; urgency=medium
++
++ [ Martin Pitt ]
++ * Add hwclock-save.service to sync the system clock to the hardware clock on
++ shutdown, to provide monotonic time for reboots. (Note: this is a hack for
++ jessie; the next Debian release will enable timesyncd by default).
++ (Closes: #755722)
++ * Check for correct architecture identifiers for SuperH. (Closes: #779710)
++ * networkd: Fix stopping v4 dhcpclient when the carrier is lost. Thanks
++ Christos Trochalakis! (Closes: #779571)
++ * Fix segfault with units that depend on themselves. (Closes: #780675)
++ * tmpfiles-setup-dev: Call tmpfiles with --boot to allow unsafe device
++ creation. Fixes creation of static device nodes with kmod 20.
++ (Closes: #780263)
++
++ [ Christian Seiler ]
++ * core: Don't migrate PIDs for units that may contain subcgroups.
++ This stops messing up lxc/libvirt/other custom cgroup layouts after
++ daemon-reload. (Closes: #777164)
++ * sysv-generator: add support for /etc/insserv/overrides. (Closes: #759001)
++
++ [ Michael Biebl ]
++ * debian/udev.init: Recognize '!' flag with static device lists, to work
++ with kmod 20. (Closes: #780263)
++
++ [ Didier Roche ]
++ * Ensure PrivateTmp doesn't require tmpfs through tmp.mount, but rather adds
++ an After relationship. (Closes: #779902)
++
++ -- Martin Pitt <mpitt@debian.org> Thu, 26 Mar 2015 14:23:35 +0100
++
++systemd (215-12) unstable; urgency=medium
++
++ [ Martin Pitt ]
++ * debian/udev.README.Debian: Trim the parts which are obsolete, wrong, or
++ described in manpages. Only keep the Debian specific bits.
++ (Part of #776546)
++ * Actually install udev's README.Debian when building for Debian.
++ (Closes: #776546)
++ * Only start logind if dbus is installed. This fixes the noisy startup
++ failure in environments without dbus such as LXC containers or servers.
++ (part of #772700)
++ * Add getty-static.service unit which starts getty@.service on tty 2 to 6 if
++ dbus is not installed, and hence logind cannot auto-start them on demand.
++ (Closes: #772700)
++ * Add unit-config autopkgtest to check systemd unit/sysv init enabling and
++ disabling via systemctl. This avoids bugs like #777613 (did not affect
++ unstable).
++ * cgroup: Don't trim cgroup trees created by someone else, just the ones
++ that systemd itself created. This avoids cleaning up empty cgroups from
++ e.g. LXC. (Closes: #777601)
++ * boot-and-services autopkgtest: Add CgroupsTest to check cgroup
++ creation/cleanup behaviour. This reproduces #777601 and verifies the fix
++ for it.
++ * rules: Fix by-path of mmc RPMB partitions and don't blkid them. Avoids
++ kernel buffer I/O errors and timeouts. (LP: #1333140)
++ * Document systemctl --failed option. (Closes: #767267)
++
++ [ Michael Biebl ]
++ * core: Don't fail to run services in --user instances if $HOME is missing.
++ (Closes: #759320)
++
++ [ Didier Roche ]
++ * default-display-manager-generator: Avoid unnecessary /dev/null symlink and
++ warning if there is no display-manager.service unit.
++
++ -- Martin Pitt <mpitt@debian.org> Fri, 13 Feb 2015 12:08:31 +0100
++
++systemd (215-11) unstable; urgency=medium
++
++ [ Martin Pitt ]
++ * escape-beef-up-new-systemd-escape-tool.patch: Avoid creating a dangling
++ symlink, to work around regression in recent patch (see #776257).
++ * Order ifup@.service and networking.service after network-pre.target.
++ (Closes: #766938)
++ * Tone down "Network interface NamePolicy= disabled on kernel commandline,
++ ignoring" info message to debug, as we expect this while we disable
++ net.ifnames by default. (Closes: #762101, LP: #1411992)
++ * logind: handle closing sessions over daemon restarts. (Closes: #759515,
++ LP: #1415104)
++ * logind: Fix sd_eviocrevoke ioctl call, to make forced input device release
++ after log out actually work.
++ * debian/patches/series: Move upstreamed patches into the appropriate
++ section.
++
++ [ Michael Biebl ]
++ * Make sure we run debian-fixup.service after /var has been mounted if /var
++ is on a separate partition. Otherwise we might end up creating the
++ /var/lock and /var/run symlink in the underlying root filesystem.
++ (Closes: #768644)
++
++ -- Martin Pitt <mpitt@debian.org> Thu, 29 Jan 2015 09:01:54 +0100
++
++systemd (215-10) unstable; urgency=medium
++
++ [ Martin Pitt ]
++ * sysv-generator: Handle .sh suffixes when translating Provides:.
++ (Closes: #775889)
++ * sysv-generator: Make real units overwrite symlinks generated by Provides:
++ from other units. Fixes failures due to presence of backup or old init.d
++ scripts. (Closes: #775404)
++ * Fix journal forwarding to syslog in containers without CAP_SYS_ADMIN.
++ (Closes: #775067)
++
++ [ Christian Kastner ]
++ * Use common-session-noninteractive in systemd-user's PAM config, instead of
++ common-session. The latter can include PAM modules like libpam-mount which
++ expect to be called just once and/or interactively, which already happens
++ for login, ssh, or the display-manager. Add pam_systemd.so explicitly, as
++ it's not included in -noninteractive, but is always required (and
++ idempotent). There is no net change on systemd which don't use manually
++ installed PAM modules. (Closes: #739676)
++
++ -- Martin Pitt <mpitt@debian.org> Wed, 21 Jan 2015 13:18:05 +0100
++
++systemd (215-9) unstable; urgency=medium
++
++ [ Didier Roche ]
++ * Add display managers autopkgtests.
++ * Reset display-manager symlink to match /e/X/d-d-m even if
++ display-manager.service was removed. Adapt the autopkgtests for it.
++
++ [ Martin Pitt ]
++ * Prefer-etc-X11-default-display-manager-if-present.patch: Drop wrong
++ copy&paste'd comment, fix log strings. Thanks Adam D. Barratt.
++ * Log all members of cyclic dependencies (loops) even with quiet on the
++ kernel cmdline. (Closes: #770504)
++ * Don't auto-clean PrivateTmp dir in /var/tmp; in Debian we don't want to
++ clean /var/tmp/ automatically. (Closes: #773313)
++
++ [ Michael Biebl ]
++ * sysv-generator: handle Provides: for non-virtual facility names.
++ (Closes: #774335)
++ * Fix systemd-remount-fs.service to not fail on remounting /usr if /usr
++ isn't mounted yet. This happens with initramfs-tools < 0.118 which we
++ might not get into Jessie any more. (Closes: #742048)
++
++ -- Martin Pitt <mpitt@debian.org> Tue, 13 Jan 2015 11:24:43 +0100
++
++systemd (215-8) unstable; urgency=medium
++
++ [ Didier Roche ]
++ * Cherry-pick shared-add-readlink_value.patch, we will use that function in
++ the generator.
++ * Cherry-pick util-allow-strappenda-to-take-any-number-of-args.patch, we
++ will use that function in the generator.
++ * Handle multiple display managers which don't ship a systemd unit or the
++ corresponding postinst logic for updating display-manager.service: Add a
++ generator to ensure /etc/X11/default-display-manager is controlling which
++ display-manager is started. (Closes: #771287)
++
++ [ Sjoerd Simons ]
++ * d/p/core-Fix-bind-error-message.patch:
++ + Added. Fix error message on bind failure to print the full path
++ * d/p/core-Make-binding-notify-private-dbus-socket-more-ro.patch:
++ + Added. Be more robust when binding private unix sockets (Based on current
++ upstream logic) (Closes: #761306)
++
++ [ Martin Pitt ]
++ * Clean up ...journal~ files from unclean shutdowns. (Closes: #771707)
++ * debian/systemd.postinst: Don't always restart journald, as this currently
++ can't be done without losing the current journal and breaking attached
++ processes. So only restart it from upgrades < 215-3 (where the socket
++ location got moved) as an one-time upgrade path from wheezy.
++ (Closes: #771122)
++ * journalctl: Fix help text for --until. (Closes: #766598)
++ * Bump systemd's udev dependency to >= 208-8, so that on partial upgrades we
++ make sure that the udev package has appropriate Breaks:. In particular,
++ this avoids installing current udev with kmod << 14. (Closes: #771726)
++
++ [ Michael Biebl ]
++ * systemd.postinst: Move unit enablement after restarting systemd, so that
++ we don't fail to enable units with keywords that wheezy's systemd does not
++ understand yet. Fixes enabling getty units on wheezy upgrades with
++ systemd. (Closes: #771204)
++
++ -- Martin Pitt <mpitt@debian.org> Fri, 05 Dec 2014 10:01:24 +0100
++
++systemd (215-7) unstable; urgency=medium
++
++ [ Martin Pitt ]
++ * Add myself to Uploaders.
++ * Add boot-and-services autopkgtest: Check booting with systemd-sysv and
++ that the most crucial services behave as expected.
++ * logind autopkgtest: Fix stderr output in waiting loop for scsi_debug.
++ * Add nspawn test to boot-and-services autopkgtest.
++ * Make systemd-nspawn@.service work out of the box: (Closes: #770275)
++ - Pre-create /var/lib/container with a secure mode (0700) via tmpfiles.d.
++ - Add new try-{guest,host} modes for --link-journal to silently skip
++ setting up the guest journal if the host has no persistent journal.
++ - Extend boot-and-services autopkgtest to cover systemd-nspawn@.service.
++ * Cherry-pick upstream patch to fix SELinux unit access check (regression
++ in 215).
++ * sysv-generator: Avoid wrong dependencies for failing units. Thanks to
++ Michael Biebl for the patch! (Closes: #771118)
++ * Cherry-pick patches to recognize and respect the "discard" mount option
++ for swap devices. Thanks to Aurelien Jarno for finding and testing!
++ (Closes: #769734)
++
++ [ Jon Severinsson]
++ * Add /run/shm -> /dev/shm symlink in debian/tmpfiles.d/debian.conf. This
++ avoids breakage in Jessie for packages which still refer to /run/shm, and
++ while https://wiki.debian.org/ReleaseGoals/RunDirectory is still official.
++ (LP: #1320534, Closes: #674755).
++
++ -- Martin Pitt <mpitt@debian.org> Fri, 28 Nov 2014 06:43:15 +0100
++
++systemd (215-6) unstable; urgency=medium
++
++ [ Martin Pitt ]
++ * Cherry-pick upstream patch to fix udev crash in link_config_get().
++ * Cherry-pick upstream patch to fix tests in limited schroot environments.
++ * Add d/p/Add-env-variable-for-machine-ID-path.patch: Allow specifying an
++ alternate /etc/machine-id location. This is necessary for running tests
++ as long as it isn't in our base images (see Debian #745876)
++ * Run tests during package build. For the first round don't make them fatal
++ for now (that will happen once we see results from all the architectures).
++ * Drop our Check-for-kmod-binary.patch as the upstream patch
++ units-conditionalize-static-device-node-logic-on-CAP.patch supersedes it.
++ * Drop Use-comment-systemd.-syntax-in-systemd.mount-man-pag.patch, as
++ our util-linux is now recent enough. Bump dependency to >= 2.21.
++ * Adjust timedated and hostnamed autopkgtests to current upstream version.
++ * Replace our Debian hwdb.bin location patch with what got committed
++ upstream. Run hwdb update with the new --usr option to keep current
++ behaviour.
++ * debian/README.Debian: Document how to debug boot or shutdown problems with
++ the debug shell. (Closes: #766039)
++ * Skip-99-systemd.rules-when-not-running-systemd-as-in.patch: Call path_id
++ under all init systems, to get consistent ID_PATH attributes. This is
++ required so that tools like systemd-rfkill can be used with SysVinit or
++ upstart scripts, too. (LP: #1387282)
++ * Switch libpam-systemd dependencies to prefer systemd-shim over
++ systemd-sysv, to implement the CTTE decision #746578. This is a no-op on
++ systems which already have systemd-sysv installed, but will prevent
++ installing that on upgrades. (Closes: #769747)
++ * Remove Tollef from Uploaders: as per his request. Thanks Tollef for all
++ you work!
++ * net.agent: Properly close stdout/err FDs, to avoid long hangs during udev
++ settle. Thanks to Ben Hutchings! (Closes: #754987)
++ * Bump Standards-Version to 3.9.6 (no changes necessary).
++
++ [ Didier Roche ]
++ * debian/ifup@.service: add a ConditionPath on /run/network, to avoid
++ failing the unit if /etc/init.d/networking is disabled. (Closes: #769528)
++
++ -- Martin Pitt <mpitt@debian.org> Tue, 18 Nov 2014 12:37:22 +0100
++
++systemd (215-5) unstable; urgency=medium
++
++ [ Martin Pitt ]
++ * Unblacklist hyperv_fb again, it is needed for graphical support on Hyper-V
++ platforms. Thanks Andy Whitcroft! (LP: #1359933)
++ * Bump systemd-shim Depends/Breaks to 8-2 to ensure a lockstep upgrade.
++ (Closes: #761947)
++
++ [ Sjoerd Simons ]
++ * d/p/sd-bus-Accept-no-sender-as-the-destination-field.patch
++ + Fix compatibility between systemctl v215 and v208. Resolves issue when
++ reloads of services is requested before systemd is re-execed
++ (Closes: #762146)
++
++ [ Michael Biebl ]
++ * Don't overmount existing /run/user/<UID> directories with a per-user tmpfs
++ on upgrades. (Closes: #762041)
++ * Re-enable mount propagation for udevd. This avoids that broken software
++ like laptop-mode-tools, which runs mount from within udev rules, causes
++ the root file system to end up read-only. (Closes: #762018)
++
++ -- Michael Biebl <biebl@debian.org> Sat, 27 Sep 2014 17:49:47 +0200
++
++systemd (215-4) unstable; urgency=medium
++
++ * Upload to unstable.
++
++ -- Michael Biebl <biebl@debian.org> Mon, 15 Sep 2014 17:38:30 +0200
++
++systemd (215-3) experimental; urgency=medium
++
++ [ Ben Howard ]
++ * 75-persistent-net-generator.rules: Fix matches of HyperV. (LP: #1361272)
++
++ [ Martin Pitt ]
++ * 75-persistent-net-generator.rules: Add new MS Azure MAC prefix 00:25:ae.
++ (LP: #1367883)
++
++ [ Michael Biebl ]
++ * Update upstream v215-stable patch series.
++ * The /dev/log socket and /dev/initctl FIFO have been moved to /run and
++ replaced by symlinks. Create the symlinks manually on upgrades as well.
++ (Closes: #761340)
++ * Fix incorrect paths in man pages. (LP: #1357782, Closes: #717491)
++ * Make systemd recommend dbus so it is installed on upgrades. The dbus
++ system bus is required to run systemd-logind and the autovt feature relies
++ on logind. (Closes: #758111)
++ * Bump dependency on systemd-shim to (>= 7-2) to ensure we have a version
++ which supports systemd >= 209.
++ * Rework bug-script to be more upfront about what kind of data is gathered
++ and ask the user for permission before attaching the information to the
++ bug report. (Closes: #756248)
++
++ [ Sjoerd Simons ]
++ * d/p/buildsys-Don-t-default-to-gold-as-the-linker.patch
++ + Don't explicitly pick gold as the default linker. Fixes FTBFS on sparc
++ (Closes: #760879)
++
++ -- Sjoerd Simons <sjoerd@debian.org> Sun, 14 Sep 2014 20:14:49 +0200
++
++systemd (215-2) experimental; urgency=medium
++
++ * debian/patches/always-check-for-__BYTE_ORDER-__BIG_ENDIAN-when-chec.patch
++ + Added. Fix checking of system endianness. Fixes FTBFS on powerpc
++ * debian/patches/timesyncd-when-we-don-t-know-anything-about-the-netw.patch:
++ + Let timesyncd go online even if networkd isn't running (from upstream
++ git) (Closes: #760087)
++ * debian/rules: add systemd-update-utmp-runlevel.service to
++ {poweroff, rescue, multi-user, graphical, reboot}.target.wants to trigger
++ the runlevel target to be loaded
++
++ -- Sjoerd Simons <sjoerd@debian.org> Sun, 07 Sep 2014 23:46:02 +0200
++
++systemd (215-1) experimental; urgency=medium
++
++ * New upstream release.
++ * Import upstream v215-stable patch series.
++ * Rebase remaining Debian patches on top of v215-stable.
++ * Drop our Debian-specific run-user.mount unit as upstream now creates a
++ per-user tmpfs via logind.
++ * Don't rely on new mount from experimental for now and re-add the patch
++ which updates the documentation accordingly.
++ * Cherry-pick upstream fix to use correct versions for the new symbols that
++ were introduced in libudev.
++ * Update symbols files
++ - Add two new symbols for libudev1.
++ - Remove private symbol from libgudev-1.0-0. This symbol was never part of
++ the public API and not used anywhere so we don't need a soname bump.
++ * Cherry-pick upstream commit to not install busname units if kdbus support
++ is disabled.
++ * Make /run/lock tmpfs an API fs so it is available during early boot.
++ (Closes: #751392)
++ * Install new systemd-path and systemd-escape binaries.
++ * Cherry-pick upstream commit which fixes the references to the systemctl
++ man page. (Closes: #760613)
++ * Use the new systemd-escape utility to properly escape the network
++ interface name when starting an ifup@.service instance for hotplugged
++ network interfaces. Make sure a recent enough systemd version is installed
++ by bumping the versioned Breaks accordingly. (Closes: #747044)
++ * Order ifup@.service after networking.service so we don't need to setup the
++ runtime directory ourselves and we have a defined point during boot when
++ hotplugged network interfaces are started.
++ * Disable factory-reset feature and remove files associated with it. This
++ feature needs more integration work first before it can be enabled in
++ Debian.
++ * Cherry-pick upstream commit to fix ProtectSystem=full and make the
++ ProtectSystem= option consider /bin, /sbin, /lib and /lib64 (if it exists)
++ on Debian systems. (Closes: #759689)
++ * Use adduser in quiet mode when creating the system users/groups to avoid
++ warning messages about the missing home directories. Those are created
++ dynamically during runtime. (Closes: #759175)
++ * Set the gecos field when creating the system users.
++ * Add systemd-bus-proxy system user so systemd-bus-proxyd can properly drop
++ its privileges.
++ * Re-exec systemd and restart services at the end of postinst.
++ * Cherry-pick upstream commit for sd-journal to properly convert
++ object->size on big endian which fixes a crash in journalctl --list-boots.
++ (Closes: #758392)
++
++ -- Michael Biebl <biebl@debian.org> Sun, 07 Sep 2014 09:58:48 +0200
++
++systemd (214-1) experimental; urgency=medium
++
++ * New upstream release v214.
++ (Closes: #750793, #749268, #747939)
++
++ [ Jon Severinsson ]
++ * Import upstream v214-stable patch series.
++ - Rebase remaining Debian patches on top of v214-stable.
++ - Drop modifications to the now-removed built-in sysvinit support.
++ * Install the new combined libsystemd0 library, this library combines all
++ functionality of the various libsystemd-* libraries.
++ - Deprecate the old libsystemd-* libraries as they've been bundled into
++ libsystemd0. The old -dev files now just carry a transitional .pc file.
++ - Add new symbols file for libsystemd0.
++ * Update symbols file for libgudev-1.0-0.
++ * Remove pre-generated rules and unit files in debian/rules clean target.
++ * Add new systemd service users in systemd postinst (systemd-timesync,
++ systemd-network, systemd-resolve)
++ * Add new system group "input" used by udev rules in udev postinst.
++ * Try-restart networkd, resolved, and timesyncd after an upgrade.
++ * Do not force-enable default-on services on every upgrade.
++ * Add support for rcS.d init scripts to the sysv-generator.
++ - Do not order rcS.d services after local-fs.target if they do not
++ explicitly depend on $local_fs.
++ - Map rcS.d init script dependencies to their systemd equivalent.
++ - Special-case some dependencies for sysv init scripts for better
++ backwards compatibility. (Closes: #726027, #738965).
++ * Add systemd depends on new mount. (Closes: #754411)
++ * Update /run/initctl symlink target in debian/tmpfiles.d/debian.conf.
++ * Remove stored backlog state, rfkill state, random-seed and clock
++ information from /var/lib/systemd on systemd purge.
++
++ [ Sjoerd Simons ]
++ * debian/patches/shared-include-stdbool.h-in-mkdir.h.patch
++ + Added. Include stdbool before using bool in function prototypes. Fixes
++ build of the insserv generator
++ * Add python-lxml to build-depends for python-systemd
++ * Turn on parallel build support
++ * Install the new busctl binary and translations
++ * Explicitly disable microhttp so the package build doesn't fail if the
++ required dependencies for it happen to be installed.
++ * debian/control: Make udev break plymouth (<< 0.9.0-7) as older plymouths
++ assume udev implementation details that have changed slightly since v213
++ * debian/control: Remove b-d on librwap0-dev
++ * debian/control: Bump libkmod-dev b-d to >= 15
++ * debian/rules: Drop outdated --enable-tcpwrap
++ * debian/rules: Explicitly turn off rfkill, networkd, timesyncd and resolved
++ for the udeb build
++ * debian/rules: Use the debian ntp pool as default ntp servers
++ * debian/rules: explicitely configure the maximum system uid/gids instead of
++ relying on autodetection
++
++ -- Sjoerd Simons <sjoerd@debian.org> Sun, 24 Aug 2014 14:54:27 +0200
++
++systemd (208-8) unstable; urgency=medium
++
++ [ Martin Pitt ]
++ * Fix duplicate line in copyright. (Closes: #756899)
++ * Drop --disable-xattr configure option for udeb, does not exist any more.
++ * Add Turkish debconf translations. Thanks Mert Dirik! (Closes: #757498)
++ * Backport fix for lazy session-activation on non-seat0 seats.
++ (LP: #1355331)
++
++ [ Michael Biebl ]
++ * Use "kmod static-nodes --output=/proc/self/fd/1" in make_static_nodes() as
++ we can't rely on /dev/stdout to exist at this point during boot.
++ (Closes: #757830)
++ * Fix udev SysV init script and d-i start script to not write to
++ /sys/kernel/uevent_helper unconditionally to not fail on a kernel with
++ CONFIG_UEVENT_HELPER unset. (Closes: #756312)
++ * Add Breaks: kmod (<< 14) to udev to make sure we have a kmod version
++ supporting the static-nodes command.
++ * Add Breaks: systemd (<< 208) to udev to avoid partial upgrades. Newer udev
++ versions rely on kmod-static-nodes.service being provided by systemd.
++ (Closes: #757777)
++ * Updated upstream v208-stable patch series to 53b1b6c.
++ * Cherry-pick upstream fix to ignore temporary dpkg files. (Closes: #757302)
++ * Make emergency.service conflict with rescue.service.
++ Otherwise if rescue mode is selected during boot and the emergency mode
++ is triggered (e.g. via a broken fstab entry), we have two sulogin
++ processes fighting over the tty. (Closes: #757072)
++ * Stop syslog.socket when entering emergency mode as otherwise every log
++ message triggers the start of the syslog service and its dependencies
++ which conflicts with emergency.target. (Closes: #755581)
++
++ -- Michael Biebl <biebl@debian.org> Thu, 21 Aug 2014 00:14:21 +0200
++
++systemd (208-7) unstable; urgency=medium
++
++ [ Michael Biebl ]
++ * Mask remaining services provided by the initscripts package and document
++ in more detail why certain services have been masked. (Closes: #659264)
++ * Install zsh completions to the correct place. (Closes: #717540)
++
++ [ Jon Severinsson ]
++ * Cherry-pick upstream fix for journal file permissions. (Closes: #755062)
++ * Map some rcS.d init script dependencies to their systemd equivalent.
++ * Update Depends on initscripts to the version with a systemd-compatible
++ mountnfs ifup hook. (Closes: #746358)
++ * Add Breaks on lvm2 versions without native systemd support.
++ (Closes: #678438, #692120)
++ * Do not fail udev upgrades if the udev service is already runtime-masked
++ when the preinst script is run. (Closes: #755746)
++ * Add Pre-Depends on systemd to systemd-sysv, to avoid risking that the
++ sysv-compatible symlinks become dangling on a partial install.
++ * Ensure that systemctl is usable right after being unpacked, by adding the
++ required Pre-Depends to systemd and libsystemd-daemon0. (Closes: #753589)
++ * Add support for TuxOnIce hibernation. (Closes: #746463)
++
++ [ Martin Pitt ]
++ * Rename "api" autopkgtest to "build-login", and stop requiring that
++ sd_login_monitor_new() succeeds. It doesn't in many environments like
++ schroot or after upgrades from < 204, and the main point of the test is
++ to check that libsystemd-login-dev has correct contents and dependencies.
++ Drop "isolation-machine" requirement.
++ * Use glibc's xattr support instead of requiring libattr. Fixes FTBFS with
++ latest glibc and libattr. Cherrypicked from trunk. Drop libattr1-dev build
++ dependency. (Closes: #756097)
++ * Build python3-systemd for Python 3 bindings. Drop python-systemd; it does
++ not have any reverse dependencies, and we want to encourage moving to
++ Python 3. (LP: #1258089)
++ * Add simple autopkgtest for python3-systemd.
++ * Add dbus dependency to libpam-systemd. (Closes: #755968)
++ * Fix /dev/cdrom symlink to appear for all types of drives, not just for
++ pure CD-ROM ones. Also, fix the symlinks to stay after change events.
++ (LP: #1323777)
++ * 75-persistent-net-generator.rules: Adjust Ravello interfaces; they don't
++ violate the assignment schema, they should just not be persistent.
++ Thanks to Boris Figovsky. (Closes: #747475, LP: #1317776)
++ * Reinstate patches to make logind D-BUS activatable.
++ * Re-add systemd-shim alternative dependency to libpam-systemd. Version it
++ to ensure cgmanager support. (Closes: #754984, LP: #1343802)
++ * Convert udev-finish.upstart from a task to a job, to avoid hangs with
++ startpar. (Closes: #756631)
++ * Add debian/extra/60-keyboard.hwdb: Latest keymaps from upstream git.
++ This makes it trivial to backport keymap fixes to stable releases.
++ (Closes: #657809; LP: #1322770, #1339998)
++ * udev.init: Create static device nodes, as this moved out of udevd.
++ Thanks to Michael Biebl for the script! (Closes: #749021)
++
++ -- Martin Pitt <mpitt@debian.org> Wed, 06 Aug 2014 13:33:22 +0200
++
++systemd (208-6) unstable; urgency=medium
++
++ [ Jon Severinsson ]
++ * Add v208-stable patch series.
++ - Update Debian patches to apply on top of v208-stable.
++ - Move new manpages to libsystemd-*-dev as appropriate.
++
++ [ Michael Biebl ]
++ * Upload to unstable.
++
++ -- Michael Biebl <biebl@debian.org> Wed, 16 Jul 2014 00:44:15 +0200
++
++systemd (208-5) experimental; urgency=medium
++
++ * Merge changes from unstable branch.
++
++ -- Michael Biebl <biebl@debian.org> Sat, 28 Jun 2014 13:41:32 +0200
++
++systemd (208-4) experimental; urgency=medium
++
++ * Merge changes from unstable branch.
++ * Drop alternative dependency on systemd-shim in libpam-systemd. The
++ systemd-shim package no longer provides an environment to run
++ systemd-logind standalone. See #752939 for further details.
++
++ -- Michael Biebl <biebl@debian.org> Sat, 28 Jun 2014 01:22:11 +0200
++
++systemd (208-3) experimental; urgency=medium
++
++ * Merge changes from unstable branch.
++
++ -- Michael Biebl <biebl@debian.org> Wed, 25 Jun 2014 11:29:07 +0200
++
++systemd (208-2) experimental; urgency=medium
++
++ [ Sjoerd Simons ]
++ * Don't stop a running user manager from garbage collecting the users. Fixes
++ long shutdown times when using a systemd user session
++
++ [ Michael Stapelberg ]
++ * Fix bug-script: “systemctl dump” is now “systemd-analyze dump”
++ (Closes: #748311)
++
++ [ Michael Biebl ]
++ * Merge changes from unstable branch.
++ * Cherry-pick upstream fixes to make sd_session_get_vt() actually work.
++
++ -- Michael Biebl <biebl@debian.org> Tue, 24 Jun 2014 17:45:26 +0200
++
++systemd (208-1) experimental; urgency=medium
++
++ [ Michael Biebl ]
++ * New upstream release. (Closes: #729566)
++ * Update patches.
++ * Update symbols files for libsystemd-journal and libsystemd-login.
++ * Install new files and remove the ones we don't use.
++ * Install zsh completion files. (Closes: #717540)
++ * Create a compat symlink /etc/sysctl.d/99-sysctl.conf as systemd-sysctl no
++ longer reads /etc/sysctl.conf.
++ * Bump Build-Depends on kmod to (>= 14).
++ * Bump Build-Depends on libcryptsetup-dev to (>= 2:1.6.0) for tcrypt
++ support.
++ * Make kmod-static-nodes.service check for the kmod binary since we don't
++ want a hard dependency on kmod e.g. for container installations.
++ * Disable various features which aren't required for the udeb build.
++ * Move new sd_pid_get_slice and sd_session_get_vt man pages into
++ libsystemd-login-dev.
++ * Make no-patch-numbers the default for gbp-pq.
++ * Adjust systemd-user pam config file for Debian.
++ This pam config file is used by libpam-systemd/systemd-logind when
++ launching systemd user instances.
++ * Drop patches to make logind D-Bus activatable. The cgroup handling has
++ been reworked in v205 and logind no longer creates cgroup hierarchies on
++ its own. That means that the standalone logind is no longer functional
++ without support from systemd (or an equivalent cgroup manager).
++
++ [ Martin Pitt ]
++ * Explain patch management in debian/README.source.
++
++ -- Michael Biebl <biebl@debian.org> Mon, 28 Apr 2014 00:22:57 +0200
++
++systemd (204-14) unstable; urgency=medium
++
++ * Fix SIGABRT in insserv generator caused by incorrect usage of strcat().
++ (Closes: #752992)
++ * Mark -dev packages as Multi-Arch: same. (Closes: #720017)
++
++ -- Michael Biebl <biebl@debian.org> Sat, 28 Jun 2014 13:22:43 +0200
++
++systemd (204-13) unstable; urgency=medium
++
++ * Switch back to load the sg module via the kmod builtin. The problem was
++ not that the kmod builtin is faster then modprobe but rather the incorrect
++ usage of the "=" assignment operator. We need to use "+=" here, so the sg
++ module is loaded in addition to other scsi modules, which are loaded via
++ the modalias rule. Thanks to Tommaso Colombo for the analysis.
++ * Cherry-pick upstream fix which prevents systemd from entering an infinite
++ loop when trying to break an ordering cycle. (Closes: #752259)
++ * Update insserv generator to not create any drop-in files for services
++ where the corresponding SysV init script does not exist.
++ * Drop the check for /sys/kernel/uevent_helper from postinst and the SysV
++ init script and do not unconditionally overwrite it in the initramfs hook.
++ Since a long time now udev has been using the netlink interface to
++ communicate with the kernel and with Linux 3.16 it is possible to disable
++ CONFIG_UEVENT_HELPER completely. (Closes: #752742)
++
++ -- Michael Biebl <biebl@debian.org> Sat, 28 Jun 2014 00:01:16 +0200
++
++systemd (204-12) unstable; urgency=medium
++
++ [ Martin Pitt ]
++ * Change the sg loading rule (for Debian #657948) back to using modprobe.
++ kmod is too fast and then sg races with sd, causing the latter to not see
++ SCSI disks. (Closes: #752591, #752605)
++
++ [ Michael Biebl ]
++ * Update udev bug-script to attach instead of paste extra info if a new
++ enough reportbug version is available.
++
++ -- Michael Biebl <biebl@debian.org> Wed, 25 Jun 2014 10:55:12 +0200
++
++systemd (204-11) unstable; urgency=medium
++
++ [ Martin Pitt ]
++ * Explain patch management in debian/README.source. (Closes: #739113)
++ * Replace "Always probe cpu support drivers" patch with cherry-picked
++ upstream fix which is more general.
++ * Advertise hibernation only if there's enough free swap. Patches backported
++ from current upstream. (LP: #1313522)
++ * Fix typo in sg loading rule to make it actually work.
++
++ [ Michael Biebl ]
++ * Make no-patch-numbers the default for gbp-pq.
++ * Cherry-pick upstream fix to properly handle multiline syslog messages.
++ (Closes: #746351)
++ * Cherry-pick upstream fix for libudev which fixes a memleak in
++ parent_add_child().
++ * Drop "-b debian" from Vcs-Git since we use the master branch for
++ packaging now.
++ * Drop Conflicts: sysvinit (<< 2.88dsf-44~) from systemd-sysv since this
++ breaks dist-upgrades from wheezy when switching from sysvinit to
++ systemd-sysv as default init. While downgrading the Pre-Depends in
++ sysvinit would have been an alternative, dropping the Conflicts and only
++ keeping the Replaces was deemed the lesser evil. (Closes: #748355)
++ * Use Conflicts instead of Breaks against sysvinit-core. This avoids
++ /sbin/init going missing when switching from systemd-sysv to sysvinit.
++ While at it, add a Replaces: upstart. (Closes: #751589)
++ * Make the SysV compat tools try both /run/initctl and /dev/initctl. This
++ makes them usable under sysvinit as PID 1 without requiring any symlinks.
++ * Various ifupdown integration fixes
++ - Use DefaultDependencies=no in ifup@.service so the service can be
++ started as early as possible.
++ - Create the ifupdown runtime directory in ifup@.service as we can no
++ longer rely on the networking service to do that for us.
++ - Don't stop ifup@.service on shutdown but let the networking service take
++ care of stopping all hotplugged interfaces.
++ - Only start ifup@.service for interfaces configured as allow-hotplug.
++
++ [ Michael Stapelberg ]
++ * Clarify that “systemd” does not influence init whereas “systemd-sysv” does
++ (Closes: #747741)
++
++ [ Ansgar Burchardt ]
++ * Don't use "set +e; set +u" unconditionally in the lsb init-functions hook
++ as this might change the behaviour of existing SysV init scripts.
++ (Closes: #751472)
++
++ -- Michael Biebl <biebl@debian.org> Tue, 24 Jun 2014 17:03:43 +0200
++
++systemd (204-10) unstable; urgency=medium
++
++ * In the udeb's udev.startup, make sure that /dev/pts exists.
++ * systemd-logind-launch: Set the #files ulimit, for unprivileged LXC
++ containers.
++ * Drop udev.NEWS, it only applies to pre-squeeze.
++ * Remove /var/log/udev on purge.
++ * Always probe cpu support drivers. (LP #1207705)
++ * On Dell PowerEdge systems, the iDRAC7 and later support a USB Virtual NIC
++ for management. Name this interface "idrac" to avoid confusion with "real"
++ network interfaces.
++ * Drop numerical prefixes from patches, to avoid future diff noise when
++ removing, cherry-picking, and merging patches. From now on, always use
++ "gbp-pq export --no-patch-numbers" to update them.
++
++ -- Martin Pitt <mpitt@debian.org> Sun, 27 Apr 2014 11:53:52 +0200
++
++systemd (204-9) unstable; urgency=medium
++
++ * The "Flemish Beef and Beer Stew" release.
++
++ [ Steve Langasek ]
++ * Do proper refcounting of the PAM module package on prerm, so that we
++ don't drop the module from the PAM config when uninstalling a
++ foreign-arch package. Related to Ubuntu bug #1295521.
++
++ [ Martin Pitt ]
++ * debian/udev.udev-finish.upstart: Fix path to tmp-rules,
++ debian/extra/rule_generator.functions creates them in /run/udev/.
++ * rules: Remove the kernel-install bits; we don't want that in Debian and
++ thus it shouldn't appear in dh_install --list-missing output.
++ * Ship sd-shutdown.h in libsystemd-daemon-dev.
++ * Run dh_install with --fail-missing, to avoid forgetting files when we move
++ to new versions.
++ * Mount /dev/pts with the correct permissions in the udev, to avoid needing
++ pt_chown (not available on all architectures). Thanks Adam Conrad.
++ * Add new block of Windows Azure ethernet hardware address to
++ 75-persistent-net-generator.rules. (LP: #1274348, Closes: #739018)
++ * Drop our Debian specific 60-persistent-storage{,-tape}.rules and use the
++ upstream rules. They are compatible and do a superset of the
++ functionality. (Closes: #645466)
++ * Drop our Debian specific 80-drivers.rules and use the upstream rules with
++ a patch for the sg module (see #657948). These now stop calling modprobe
++ and use the kmod builtin, giving some nice boot speed improvement.
++ (Closes: #717404)
++ * Drop our Debian specific 50-udev-default.rules and 91-permissions.rules
++ and use the upstream rules with a patch for the remaining Debian specific
++ default device permissions. Many thanks to Marco d'Itri for researching
++ which Debian-specific rules are obsolete! Amongst other things, this now
++ also reads the hwdb info for USB devices (Closes: #717405) and gets rid of
++ some syntax errors (Closes: #706221)
++ * Set default polling interval on removable devices as well, for kernels
++ which have "block" built in instead of being a module. (Closes: #713877)
++ * Make sd_login_monitor_new() work for logind without systemd.
++ * Cherry-pick upstream fix for polkit permissions for rebooting with
++ multiple sessions.
++ * Kill /etc/udev/links.conf, create_static_nodes, and associated code. It's
++ obsolete with devtmpfs (which is required now), and doesn't run with
++ systemd or upstart anyway.
++ * Drop unnecessary udev.dirs.
++ * Add autopkgtests for smoke-testing logind, hostnamed, timedated, localed,
++ and a compile/link/run test against libsystemd-login-dev.
++
++ [ Marco d'Itri ]
++ * preinst: check for all the system calls required by modern releases
++ of udev. (Closes: #648325)
++ * Updated fbdev-blacklist.conf for recent kernels.
++ * Do not blacklist viafb because it is required on the OLPC XO-1.5.
++ (Closes: #705792)
++ * Remove write_cd_rules and the associated rules which create "persistent"
++ symlinks for CD/DVD devices and replace them with more rules in
++ 60-cdrom_id, which will create symlinks for one at random among the
++ devices installed. Since the common case is having a single device
++ then everything will work out just fine most of the times...
++ (Closes: #655924)
++ * Fix write_net_rules for systemd and sysvinit users by copying the
++ temporary rules from /run/udev/ to /etc/udev/. (Closes: #735563)
++ * Do not install sysctl.d/50-default.conf because the systemd package
++ should not change kernel policies, at least until it will become
++ the only supported init system.
++
++ [ Michael Stapelberg ]
++ * Add systemd-dbg package, thanks Daniel Schaal (Closes: #742724).
++ * Switch from gitpkg to git-buildpackage. Update README.source accordingly.
++ * Make libpam-systemd depend on systemd-sysv | systemd-shim. Packages that
++ need logind functionality should depend on libpam-systemd.
++
++ [ Michael Biebl ]
++ * Do not send potentially private fstab information without prior user
++ confirmation. (Closes: #743158)
++ * Add support for LSB facilities defined by insserv.
++ Parse /etc/insserv.conf.d content and /etc/insserv.conf and generate
++ systemd unit drop-in files to add corresponding dependencies. Also ship
++ targets for the Debian specific $x-display-manager and
++ $mail-transport-agent system facilities. (Closes: #690892)
++ * Do not accidentally re-enable /var/tmp cleaning when migrating the TMPTIME
++ setting from /etc/default/rcS. Fix up existing broken configurations.
++ (Closes: #738862)
++
++ -- Michael Biebl <biebl@debian.org> Sat, 26 Apr 2014 21:37:29 +0200
++
++systemd (204-8) unstable; urgency=low
++
++ [ Michael Stapelberg ]
++ * move manpages from systemd to libsystemd-*-dev as appropriate
++ (Closes: #738723)
++ * fix systemctl enable/disable/… error message “Failed to issue method call:
++ No such file or directory” (the previous upload did actually not contain
++ this fix due to a merge conflict) (Closes: #738843)
++ * add explicit “Depends: sysv-rc” so that initscript’s “Depends: sysv-rc |
++ file-rc” will not be satisfied with file-rc. We need the invoke-rc.d and
++ update-rc.d from sysv-rc, file-rc’s doesn’t have support for systemd.
++ (Closes: #739679)
++ * set capabilities cap_dac_override,cap_sys_ptrace=ep for
++ systemd-detect-virt, so that it works for unprivileged users.
++ (Closes: #739699)
++ * pam: Check $XDG_RUNTIME_DIR owner (Closes: #731300)
++ * Ignore chkconfig headers entirely, they are often broken in Debian
++ (Closes: #634472)
++
++ [ Michael Biebl ]
++ * do a one-time migration of RAMTMP= from /etc/default/rcS and
++ /etc/default/tmpfs, i.e. enable tmp.mount (Closes: #738687)
++ * Bump Standards-Version to 3.9.5.
++
++ -- Michael Biebl <biebl@debian.org> Wed, 19 Mar 2014 18:57:35 +0100
++
++systemd (204-7) unstable; urgency=low
++
++ * fix systemctl enable/disable/… error message “Failed to issue method call:
++ No such file or directory” (Closes: #734809)
++ * bug-script: attach instead of paste extra info with reportbug ≥ 6.5.0
++ (Closes: #722530)
++ * add stage1 bootstrap support to avoid Build-Depends cycles (Thanks Daniel
++ Schepler)
++ * cherry-pick:
++ order remote mounts from mountinfo before remote-fs.target (77009452cfd)
++ (Closes: #719945)
++ Fix CPUShares configuration option (ccd90a976dba) (Closes: #737156)
++ fix reference in systemd-inhibit(1) (07b4b9b) (Closes: #738316)
++
++ -- Michael Stapelberg <stapelberg@debian.org> Tue, 11 Feb 2014 23:34:42 +0100
++
++systemd (204-6) unstable; urgency=low
++
++ [ Michael Stapelberg ]
++ * Run update-rc.d defaults before update-rc.d <enable|disable>
++ (Closes: #722523)
++ * preinst: preserve var-{lock,run}.mount when upgrading from 44 to 204
++ (Closes: #723936)
++ * fstab-generator: don’t rely on /usr being mounted in the initrd
++ (Closes: #724797)
++ * systemctl: mangle names when avoiding dbus (Closes: #723855)
++ * allow group adm read access on /var/log/journal (Closes: #717386)
++ * add systemd-journal group (Thanks Guido Günther) (Closes: #724668)
++ * copy /etc/localtime instead of symlinking (Closes: #726256)
++ * don’t try to start autovt units when not running with systemd as pid 1
++ (Closes: #726466)
++ * Add breaks/replaces for the new sysvinit-core package (Thanks Alf Gaida)
++ (Closes: #733240)
++ * Add myself to uploaders
++
++ [ Tollef Fog Heen ]
++ * Make 99-systemd.rules check for /run/systemd/systemd instead of the
++ ill-named cgroups directory.
++
++ [ Martin Pitt ]
++ * debian/udev.upstart: Fix path to udevd, the /sbin/udevd compat symlink
++ should go away at some point.
++ * debian/udev-udeb.install: Add 64-btrfs.rules and 75-probe_mtd.rules, they
++ are potentially useful in a d-i environment.
++ * debian/shlibs.local: Drop libudev; this unnecessarily generates overly
++ strict dependencies, the libudev ABI is stable.
++ * debian/extra/rules/75-persistent-net-generator.rules: Add Ravello systems
++ (LP: #1099278)
++
++ -- Michael Stapelberg <stapelberg@debian.org> Tue, 31 Dec 2013 14:39:44 +0100
++
++systemd (204-5) unstable; urgency=high
++
++ * Cherry-pick 72fd713 from upstream which fixes insecure calling of polkit
++ by avoiding a race condition in scraping /proc (CVE-2013-4327).
++ Closes: #723713
++
++ -- Michael Biebl <biebl@debian.org> Mon, 23 Sep 2013 11:59:53 +0200
++
++systemd (204-4) unstable; urgency=low
++
++ * Add preinst check to abort udev upgrade if the currently running kernel
++ lacks devtmpfs support. Since udev 176, devtmpfs is mandatory as udev no
++ longer creates any device nodes itself. This only affects self-compiled
++ kernels which now need CONFIG_DEVTMPFS=y. Closes: #722580
++ * Fix SysV init script to correctly mount a devtmpfs instead of tmpfs. This
++ only affects users without an initramfs, which usually is responsible for
++ mounting the devtmpfs. Closes: #722604
++ * Drop pre-squeeze upgrade code from maintainer scripts and simplify the
++ various upgrade checks.
++ * Suppress errors about unknown hwdb builtin. udev 196 introduced a new
++ "hwdb" builtin which is not understood by the old udev daemon.
++ * Add missing udeb line to shlibs.local. This ensures that udev-udeb gets a
++ proper dependency on libudev1-udeb and not libudev1. Closes: #722939
++ * Remove udev-udeb dependency from libudev1-udeb to avoid a circular
++ dependency between the two packages. This dependency was copied over from
++ the old udev-gtk-udeb package and no longer makes any sense since
++ libudev1-udeb only contains a library nowadays.
++
++ -- Michael Biebl <biebl@debian.org> Wed, 18 Sep 2013 00:05:21 +0200
++
++systemd (204-3) unstable; urgency=low
++
++ [ Michael Biebl ]
++ * Upload to unstable.
++ * Use /bin/bash in debug-shell.service as Debian doesn't have /sbin/sushell.
++ * Only import net.ifaces cmdline property for network devices.
++ * Generate strict dependencies between the binary packages using a
++ shlibs.local file and add an explicit versioned dependency on
++ libsystemd-login0 to systemd to ensure packages are upgraded in sync.
++ Closes: #719444
++ * Drop obsolete Replaces: libudev0 from udev package.
++ * Use correct paths for various binaries, like /sbin/quotaon, which are
++ installed in / and not /usr in Debian. Closes: #721347
++ * Don't install kernel-install(8) man page since we don't install the
++ corresponding binary either. Closes: #722180
++ * Cherry-pick upstream fixes to make switching runlevels and starting
++ reboot via ctrl-alt-del more robust.
++ * Cherry-pick upstream fix to properly apply ACLs to Journal files.
++ Closes: #717863
++
++ [ Michael Stapelberg ]
++ * Make systemctl enable|disable call update-rc.d for SysV init scripts.
++ Closes: #709780
++ * Don't mount /tmp as tmpfs by default and make it possible to enable this
++ feature via "systemctl enable tmp.mount". Closes: #718906
++
++ [ Daniel Schaal ]
++ * Add bug-script to systemd and udev. Closes: #711245
++
++ [ Ondrej Balaz ]
++ * Recognize discard option in /etc/crypttab. Closes: #719167
++
++ -- Michael Biebl <biebl@debian.org> Thu, 12 Sep 2013 00:13:11 +0200
++
++systemd (204-2) experimental; urgency=low
++
++ [ Daniel Schaal ]
++ * Enable verbose build logs. Closes: #717465
++ * Add handling of Message Catalog files to provide additional information
++ for log entries. Closes: #717427
++ * Remove leftover symlink to debian-enable-units.service. Closes: #717349
++
++ [ Michael Stapelberg ]
++ * Install 50-firmware.rules in the initramfs and udeb. Closes: #717635
++
++ [ Michael Biebl ]
++ * Don't pass static start priorities to dh_installinit anymore.
++ * Switch the hwdb trigger to interest-noawait.
++ * Remove obsolete support for configurable udev root from initramfs.
++ * Bind ifup@.service to the network device. This ensures that ifdown is run
++ when the device is removed and the service is stopped.
++ Closes: #660861, #703033
++ * Bump Standards-Version to 3.9.4. No further changes.
++ * Add Breaks against consolekit (<< 0.4.6-1) for udev-acl. Closes: #717385
++ * Make all packages Priority: optional, with the exception of udev and
++ libudev1, which remain Priority: important, and systemd-sysv, which
++ remains Priority: extra due to the conflict with sysvinit.
++ Closes: #717365
++ * Restart systemd-logind.service on upgrades due to changes in the
++ CreateSession D-Bus API between v44 and v204. Closes: #717403
++
++ -- Michael Biebl <biebl@debian.org> Wed, 24 Jul 2013 23:47:59 +0200
++
++systemd (204-1) experimental; urgency=low
++
++ * New upstream release. Closes: #675175, #675177
++ - In v183 the udev sources have been merged into the systemd source tree.
++ As a result, the udev binary packages will now be built from the systemd
++ source package. To align the version numbers 139 releases were skipped.
++ - For a complete list of changes, please refer to the NEWS file.
++ * Add Marco to Uploaders.
++ * Drop Suggests on the various python packages from systemd. The
++ systemd-analyze tool has been reimplemented in C.
++ * Add binary packages as found in the udev 175-7.2 source package.
++ * Wrap dependencies for better readability.
++ * Drop hard-coded Depends on libglib2.0-0 from gir1.2-gudev-1.0.
++ * Drop old Conflicts, Replaces and Breaks, which are no longer necessary.
++ * Make libgudev-1.0-dev depend on gir1.2-gudev-1.0 as per GObject
++ introspection mini-policy. Closes: #691313
++ * The hwdb builtin has replaced pci-db and usb-db in udev. Drop the
++ Recommends on pciutils and usbutils accordingly.
++ * Drop our faketime hack. Upstream uses a custom xsl style sheet now to
++ generate the man pages which no longer embeds the build date.
++ * Add Depends on libpam-runtime (>= 1.0.1-6) to libpam-systemd as we are
++ using pam-auth-update.
++ * Explicitly set Section and Priority for the udev binary package.
++ * Update Build-Depends:
++ - Drop libudev-dev, no longer required.
++ - Add gtk-doc-tools and libglib2.0-doc for the API documentation in
++ libudev and libgudev.
++ - Add libgirepository1.0-dev and gobject-introspection for GObject
++ introspection support in libgudev.
++ - Add libgcrypt11-dev for encryption support in the journal.
++ - Add libblkid-dev for the blkid udev builtin.
++ * Use gir dh addon to ensure ${gir:Depends} is properly set.
++ * Rename libudev0 → libudev1 for the SONAME bump.
++ * Update symbols files. libudev now uses symbols versioning as the other
++ libsystemd libraries. The libgudev-1.0-0 symbols file has been copied from
++ the old udev package.
++ * Run gtkdocize on autoreconf.
++ * Enable python bindings for the systemd libraries and ship them in a new
++ package named python-systemd.
++ * Tighten Depends on libsystemd-id128-dev for libsystemd-journal-dev as per
++ libsystemd-journal.pc.
++ * Remove obsolete bash-completion scripts on upgrades. Nowadays they are
++ installed in /usr/share/bash-completion/completions.
++ * Rename conffiles for logind and journald.
++ * Rename udev-gtk-udeb → libudev1-udeb to better reflect its actual contents.
++ * Build two flavours: a regular build and one for the udev udebs with
++ reduced features/dependencies.
++ * Create a few compat symlinks for the udev package, most notably
++ /sbin/udevadm and /sbin/udevd.
++ * Remove the dpkg-triggered debian-enable-units script. This was a temporary
++ workaround for wheezy. Packages should use dh-systemd now to properly
++ integrate service files with systemd.
++ * Update debian/copyright using the machine-readable copyright format 1.0.
++ * Integrate changes from udev 175-7 and acknowledge the 175-7.1 and 175-7.2
++ non-maintainer uploads.
++ * Keep the old persistent network interface naming scheme for now and make
++ the new one opt-in via net.ifnames=1 on the kernel command line.
++ * Drop the obsolete udev-mtab SysV init script and properly clean up on
++ upgrades.
++ * Simplify the udev SysV init script and remove experimental and obsolete
++ features.
++ * Revert upstream commits which dropped support for distro specific
++ features and config files.
++ * Make logind, hostnamed, localed and timedated D-Bus activatable and
++ usable when systemd is not running.
++ * Store hwdb binary database in /lib/udev, not /etc/udev. Create the file on
++ install and upgrades.
++ * Provide a dpkg file trigger for hwdb, so the database is automatically
++ updated when packages install files into /lib/udev/hwdb.d.
++
++ -- Michael Biebl <biebl@debian.org> Fri, 19 Jul 2013 00:32:36 +0200
++
++systemd (44-12) unstable; urgency=low
++
++ * Cherry-pick e17187 from upstream to fix build failures with newer glibc
++ where the clock_* symbols have been moved from librt to libc.
++ Closes: #701364
++ * If the new init-system-helpers package is installed, make the
++ debian-enable-units script a no-op. The auto-enabler was meant as a
++ temporary workaround and will be removed once all packages use the new
++ helper.
++ * Update the checks which test if systemd is the active init. The
++ recommended check is [ -d /run/systemd/system ] as this will also work
++ with a standalone systemd-logind.
++ * Set Maintainer to pkg-systemd-maintainers@lists.alioth.debian.org. Add
++ Tollef and myself as Uploaders.
++ * Stop building the GUI bits. They have been split into a separate source
++ package called systemd-ui.
++
++ -- Michael Biebl <biebl@debian.org> Thu, 20 Jun 2013 01:32:16 +0200
++
++systemd (44-11) unstable; urgency=low
++
++ * Team upload.
++ * Run debian-enable-units.service after sysinit.target to ensure our tmp
++ files aren't nuked by systemd-tmpfiles.
++ * The mountoverflowtmp SysV init script no longer exists so remove that
++ from remount-rootfs.service to avoid an unnecessary diff to upstream.
++ * Do not fail on purge if /var/lib/systemd is empty and has been removed
++ by dpkg.
++
++ -- Michael Biebl <biebl@debian.org> Wed, 13 Mar 2013 08:03:06 +0100
++
++systemd (44-10) unstable; urgency=low
++
++ * Team upload.
++ * Using the return code of "systemctl is-enabled" to determine whether we
++ enable a service or not is unreliable since it also returns a non-zero
++ exit code for masked services. As we don't want to enable masked services,
++ grep for the string "disabled" instead.
++
++ -- Michael Biebl <biebl@debian.org> Fri, 15 Feb 2013 17:01:24 +0100
++
++systemd (44-9) unstable; urgency=low
++
++ * Team upload.
++ * Fix typo in systemd.socket man page. Closes: #700038
++ * Use color specification in "systemctl dot" which is actually
++ understood by dot. Closes: #643689
++ * Fix mounting of remote filesystems like NFS. Closes: #673309
++ * Use a file trigger to automatically enable service and socket units. A lot
++ of packages simply install systemd units but do not enable them. As a
++ result they will be inactive after the next boot. This is a workaround for
++ wheezy which will be removed again in jessie. Closes: #692150
++
++ -- Michael Biebl <biebl@debian.org> Fri, 15 Feb 2013 13:35:39 +0100
++
++systemd (44-8) unstable; urgency=low
++
++ * Team upload.
++ * Use comment=systemd.* syntax in systemd.mount man page. The
++ mount/util-linux version in wheezy is not recent enough to support the new
++ x-systemd* syntax. Closes: #697141
++ * Don't enable persistent storage of journal log files. The journal in v44
++ is not yet mature enough.
++
++ -- Michael Biebl <biebl@debian.org> Sat, 19 Jan 2013 20:05:05 +0100
++
++systemd (44-7) unstable; urgency=low
++
++ * Fix a regression in the init-functions hook wrt reload handling that was
++ introduced when dropping the X-Interactive hack. Closes: #696355
++
++ -- Michael Biebl <biebl@debian.org> Fri, 21 Dec 2012 00:00:12 +0100
++
++systemd (44-6) unstable; urgency=low
++
++ [ Michael Biebl ]
++ * No longer ship the /sys directory in the systemd package since it is
++ provided by base-files nowadays.
++ * Don't run udev rules if systemd is not active.
++ * Converting /var/run, /var/lock and /etc/mtab to symlinks is a one-time
++ migration so don't run the debian-fixup script on every boot.
++
++ [ Tollef Fog Heen ]
++ * Prevent the systemd package from being removed if it's the active init
++ system, since that doesn't work.
++
++ [ Michael Biebl ]
++ * Use a separate tmpfs for /run/lock (size 5M) and /run/user (size 100M).
++ Those directories are user-writable which could lead to DoS by filling up
++ /run. Closes: #635131
++
++ -- Michael Biebl <biebl@debian.org> Sun, 16 Dec 2012 21:58:37 +0100
++
++systemd (44-5) unstable; urgency=low
++
++ * Team upload.
++
++ [ Tollef Fog Heen ]
++ * disable killing on entering START_PRE, START, thanks to Michael
++ Stapelberg for patch. This avoids killing VMs run through libvirt
++ when restarting libvirtd. Closes: #688635.
++ * Avoid reloading services when shutting down, since that won't work and
++ makes no sense. Thanks to Michael Stapelberg for the patch.
++ Closes: #635777.
++ * Try to determine which init scripts support the reload action
++ heuristically. Closes: #686115, #650382.
++
++ [ Michael Biebl ]
++ * Update Vcs-* fields, the Git repository is hosted on alioth now. Set the
++ default branch to "debian".
++ * Avoid reload and (re)start requests during early boot which can lead to
++ deadlocks. Closes: #624599
++ * Make systemd-cgroup work even if not all cgroup mounts are available on
++ startup. Closes: #690916
++ * Fix typos in the systemd.path and systemd.unit man page. Closes: #668344
++ * Add watch file to track new upstream releases.
++
++ -- Michael Biebl <biebl@debian.org> Thu, 25 Oct 2012 21:41:23 +0200
++
++systemd (44-4) unstable; urgency=low
++
++ [ Michael Biebl ]
++ * Override timestamp for man page building, thereby avoiding skew
++ between architectures which caused problems for multi-arch.
++ Closes: #680011
++
++ [ Tollef Fog Heen ]
++ * Move diversion removal from postinst to preinst. Closes: #679728
++ * Prevent the journal from crashing when running out of disk space.
++ This is 499fb21 from upstream. Closes: #668047.
++ * Stop mounting a tmpfs on /media. Closes: #665943
++
++ -- Tollef Fog Heen <tfheen@debian.org> Sun, 01 Jul 2012 08:17:50 +0200
++
++systemd (44-3) unstable; urgency=low
++
++ [ Michael Biebl ]
++ * Bump to debhelper 9.
++ * Convert to Multi-Arch: same where possible. Closes: #676615
++
++ [ Tollef Fog Heen ]
++ * Cherry-pick d384c7 from upstream to stop journald from leaking
++ memory. Thanks to Andreas Henriksson for testing. Closes: #677701
++ * Ship lsb init script override/integration in /lib/lsb/init-functions.d
++ rather than diverting /lib/lsb/init-functions itself. Add appropriate
++ Breaks to ensure upgrades happen.
++
++ -- Tollef Fog Heen <tfheen@debian.org> Fri, 29 Jun 2012 22:34:16 +0200
++
++systemd (44-2) unstable; urgency=low
++
++ [ Michael Biebl ]
++ * Tighten the versions in the maintscript file
++ * Ship the /sys directory in the package
++ * Re-add workaround for non-interactive PAM sessions
++ * Mask checkroot-bootclean (Closes: #670591)
++ * Don't ignore errores in systemd-sysv postinst
++
++ [ Tollef Fog Heen ]
++ * Bring tmpfiles.d/tmp.conf in line with Debian defaults. Closes: #675422
++ * Make sure /run/sensigs.omit.d exists.
++ * Add python-dbus and python-cairo to Suggests, for systemd-analyze.
++ Closes: #672965
++
++ -- Tollef Fog Heen <tfheen@debian.org> Tue, 08 May 2012 18:04:22 +0200
++
++systemd (44-1) unstable; urgency=low
++
++ [ Tollef Fog Heen ]
++ * New upstream version.
++ - Backport 3492207: journal: PAGE_SIZE is not known on ppc and other
++ archs
++ - Backport 5a2a2a1: journal: react with immediate rotation to a couple
++ of more errors
++ - Backport 693ce21: util: never follow symlinks in rm_rf_children()
++ Fixes CVE-2012-1174, closes: #664364
++ * Drop output message from init-functions hook, it's pointless.
++ * Only rmdir /lib/init/rw if it exists.
++ * Explicitly order debian-fixup before sysinit.target to prevent a
++ possible race condition with the creation of sockets. Thanks to
++ Michael Biebl for debugging this.
++ * Always restart the initctl socket on upgrades, to mask sysvinit
++ removing it.
++
++ [ Michael Biebl ]
++ * Remove workaround for non-interactive sessions from pam config again.
++ * Create compat /dev/initctl symlink in case we are upgrading from a system
++ running a newer version of sysvinit (using /run/initctl) and sysvinit is
++ replaced with systemd-sysv during the upgrade. Closes: #663219
++ * Install new man pages.
++ * Build-Depend on valac (>= 0.12) instead of valac-0.12. Closes: #663323
++
++ -- Tollef Fog Heen <tfheen@debian.org> Tue, 03 Apr 2012 19:59:17 +0200
++
++systemd (43-1) experimental; urgency=low
++
++ [ Tollef Fog Heen ]
++ * Target upload at experimental due to libkmod dependency
++ * New upstream release
++ - Update bash-completion for new verbs and arguments. Closes: #650739
++ - Fixes local DoS (CVE-2012-1101). Closes: #662029
++ - No longer complains if the kernel lacks audit support. Closes: #642503
++ * Fix up git-to-source package conversion script which makes gitpkg
++ happier.
++ * Add libkmod-dev to build-depends
++ * Add symlink from /bin/systemd to /lib/systemd/systemd.
++ * Add --with-distro=debian to configure flags, due to no /etc/os-release
++ yet.
++ * Add new symbols for libsystemd-login0 to symbols file.
++ * Install a tmpfiles.d file for the /dev/initctl → /run/initctl
++ migration. Closes: #657979
++ * Disable coredump handling, it's not ready yet.
++ * If /run is a symlink, don't try to do the /var/run → /run migration.
++ Ditto for /var/lock → /run/lock. Closes: #647495
++
++ [ Michael Biebl ]
++ * Add Build-Depends on liblzma-dev for journal log compression.
++ * Add Build-Depends on libgee-dev, required to build systemadm.
++ * Bump Standards-Version to 3.9.2. No further changes.
++ * Add versioned Build-Depends on automake and autoconf to ensure we have
++ recent enough versions. Closes: #657284
++ * Add packages for libsystemd-journal and libsystemd-id128.
++ * Update symbols file for libsystemd-login.
++ * Update configure flags, use rootprefix instead of rootdir.
++ * Copy intltool files instead of symlinking them.
++ * Re-indent init-functions script.
++ * Remove workarounds for services using X-Interactive. The LSB X-Interactive
++ support turned out to be broken and has been removed upstream so we no
++ longer need any special handling for those type of services.
++ * Install new systemd-journalctl, systemd-cat and systemd-cgtop binaries.
++ * Install /var/lib/systemd directory.
++ * Install /var/log/journal directory where the journal files are stored
++ persistently.
++ * Setup systemd-journald to not read from /proc/kmsg (ImportKernel=no).
++ * Avoid error messages from systemctl in postinst if systemd is not running
++ by checking for /sys/fs/cgroup/systemd before executing systemctl.
++ Closes: #642749
++ * Stop installing lib-init-rw (auto)mount units and try to cleanup
++ /lib/init/rw in postinst. Bump dependency on initscripts accordingly.
++ Closes: #643699
++ * Disable pam_systemd for non-interactive sessions to work around an issue
++ with sudo.
++ * Use new dh_installdeb maintscript facility to handle obsolete conffiles.
++ Bump Build-Depends on debhelper accordingly.
++ * Rename bash completion file systemctl-bash-completion.sh →
++ systemd-bash-completion.sh.
++ * Update /sbin/init symlink. The systemd binary was moved to $pkglibdir.
++
++ -- Tollef Fog Heen <tfheen@debian.org> Tue, 07 Feb 2012 21:36:34 +0100
++
++systemd (37-1.1) unstable; urgency=low
++
++ * Non-maintainer upload with Tollef's consent.
++ * Remove --parallel to workaround a bug in automake 1.11.3 which doesn't
++ generate parallel-safe build rules. Closes: #661842
++ * Create a compat symlink /run/initctl → /dev/initctl to work with newer
++ versions of sysvinit. Closes: #657979
++
++ -- Michael Biebl <biebl@debian.org> Sat, 03 Mar 2012 17:42:10 +0100
++
++systemd (37-1) unstable; urgency=low
++
++ [ Tollef Fog Heen ]
++ * New upstream version
++ * Change the type of the debian-fixup service to oneshot.
++ Closes: #642961
++ * Add ConditionPathIsDirectory to lib-init-rw.automount and
++ lib-init-rw.mount so we only activate the unit if the directory
++ exists. Closes: #633059
++ * If a sysv service exists in both rcS and rcN.d runlevels, drop the
++ rcN.d ones to avoid loops. Closes: #637037
++ * Blacklist fuse init script, we do the same work already internally.
++ Closes: #643700
++ * Update README.Debian slightly for /run rather than /lib/init/rw
++
++ [ Josh Triplett ]
++ * Do a one-time migration of the $TMPTIME setting from /etc/default/rcS to
++ /etc/tmpfiles.d/tmp.conf. If /etc/default/rcS has a TMPTIME setting of
++ "infinite" or equivalent, migrate it to an /etc/tmpfiles.d/tmp.conf that
++ overrides the default /usr/lib/tmpfiles.d/tmp.conf and avoids clearing
++ /tmp. Closes: #643698
++
++ -- Tollef Fog Heen <tfheen@debian.org> Wed, 28 Sep 2011 20:04:13 +0200
++
++systemd (36-1) unstable; urgency=low
++
++ [ Tollef Fog Heen ]
++ * New upstream release. Closes: #634618
++ - Various man page fixes. Closes: #623521
++ * Add debian-fixup service that symlinks mtab to /proc/mounts and
++ migrates /var/run and /var/lock to symlinks to /run
++
++ [ Michael Biebl ]
++ * Build for libnotify 0.7.
++ * Bump Build-Depends on libudev to (>= 172).
++ * Add Build-Depends on libacl1-dev. Required for building systemd-logind
++ with ACL support.
++ * Split libsystemd-login and libsystemd-daemon into separate binary
++ packages.
++ * As autoreconf doesn't like intltool, override dh_autoreconf and call
++ intltoolize and autoreconf ourselves.
++ * Add Build-Depends on intltool.
++ * Do a one-time migration of the hwclock configuration. If UTC is set to
++ "no" in /etc/default/rcS, create /etc/adjtime and add the "LOCAL" setting.
++ * Remove /cgroup cleanup code from postinst.
++ * Add Build-Depends on gperf.
++
++ -- Tollef Fog Heen <tfheen@debian.org> Wed, 14 Sep 2011 08:25:17 +0200
++
++systemd (29-1) unstable; urgency=low
++
++ [ Tollef Fog Heen ]
++ * New upstream version, Closes: #630510
++ - Includes typo fixes in documentation. Closes: #623520
++ * Fall back to the init script reload function if a native .service file
++ doesn't know how to reload. Closes: #628186
++ * Add hard dependency on udev. Closes: #627921
++
++ [ Michael Biebl ]
++ * hwclock-load.service is no longer installed, so we don't need to remove it
++ anymore in debian/rules.
++ * Install /usr/lib directory for binfmt.d, modules-load.d, tmpfiles.d and
++ sysctl.d.
++ * Remove obsolete conffiles from /etc/tmpfiles.d on upgrades. Those files
++ are installed in /usr/lib/tmpfiles.d now.
++ * Depend on util-linux (>= 2.19.1-2) which provides whole-disk locking
++ support in fsck and remove our revert patch.
++ * Don't choke when systemd was compiled with a different CAP_LAST_CAP then
++ what it is run with. Patch cherry-picked from upstream Git.
++ Closes: #628081
++ * Enable dev-hugepages.automount and dev-mqueue.automount only when enabled
++ in kernel. Patch cherry-picked from upstream Git. Closes: #624522
++
++ -- Tollef Fog Heen <tfheen@debian.org> Wed, 08 Jun 2011 16:14:31 +0200
++
++systemd (25-2) experimental; urgency=low
++
++ * Handle downgrades more gracefully by removing diversion of
++ /lib/lsb/init-functions on downgrades to << 25-1.
++ * Cherry-pick a133bf10d09f788079b82f63faa7058a27ba310b from upstream,
++ avoids assert when dumping properties. Closes: #624094
++ * Remove "local" in non-function context in init-functions wrapper.
++
++ -- Tollef Fog Heen <tfheen@debian.org> Wed, 27 Apr 2011 22:20:04 +0200
++
++systemd (25-1) experimental; urgency=low
++
++ * New upstream release, target experimental due to initscripts
++ dependency.
++ - Fixes where to look for locale config. Closes: #619166
++ * Depend on initscripts >= 2.88dsf-13.4 for /run transition.
++ * Add Conflicts on klogd, since it doesn't work correctly with the
++ kmg→/dev/log bridge. Closes: #622555
++ * Add suggests on Python for systemd-analyze.
++ * Divert /lib/lsb/init-functions instead of (ab)using
++ /etc/lsb-base-logging.sh for diverting calls to /etc/init.d/*
++ * Remove obsolete conffile /etc/lsb-base-logging.sh. Closes: #619093
++ * Backport 3a90ae048233021833ae828c1fc6bf0eeab46197 from master:
++ mkdir /run/systemd/system when starting up
++
++ -- Tollef Fog Heen <tfheen@debian.org> Sun, 24 Apr 2011 09:02:04 +0200
++
++systemd (20-1) unstable; urgency=low
++
++ * New upstream version
++ * Install systemd-machine-id-setup
++ * Call systemd-machine-id-setup in postinst
++ * Cherry-pick b8a021c9e276adc9bed5ebfa39c3cab0077113c6 from upstream to
++ prevent dbus assert error.
++ * Enable TCP wrapper support. Closes: #618409
++ * Enable SELinux support. Closes: #618412
++ * Make getty start after Apache2 and OpenVPN (which are the only two
++ known users of X-Interactive: yes). Closes: #618419
++
++ -- Tollef Fog Heen <tfheen@debian.org> Fri, 11 Mar 2011 19:14:21 +0100
++
++systemd (19-1) experimental; urgency=low
++
++ * New upstream release
++ * Add systemd-tmpfiles to systemd package.
++ * Add ifup@.service for handling hotplugged interfaces from
++ udev. Closes: #610871
++ * Mask mtab.service and udev-mtab.service as they are pointless when
++ /etc/mtab is a symlink to /proc/mounts
++ * Add breaks on lvm2 (<< 2.02.84-1) since older versions have udev rules
++ that don't work well with systemd causing delays on bootup.
++
++ -- Tollef Fog Heen <tfheen@debian.org> Thu, 17 Feb 2011 07:36:22 +0100
++
++systemd (17-1) experimental; urgency=low
++
++ [ Tollef Fog Heen ]
++ * New upstream release
++ * Clarify ifupdown instructions in README.Debian somewhat.
++ Closes: #613320
++ * Silently skip masked services in lsb-base-logging.sh instead of
++ failing. Initial implementation by Michael Biebl. Closes: #612551
++ * Disable systemd-vconsole-setup.service for now.
++
++ [ Michael Biebl ]
++ * Bump build dependency on valac-0.10 to (>= 0.10.3).
++ * Improve regex in lsb-base-logging.sh for X-Interactive scripts.
++ Closes: #613325
++
++ -- Tollef Fog Heen <tfheen@debian.org> Wed, 16 Feb 2011 21:06:16 +0100
++
++systemd (16-1) experimental; urgency=low
++
++ [ Tollef Fog Heen ]
++ * New upstream release. Closes: #609611
++ * Get rid of now obsolete patches that are upstream.
++ * Use the built-in cryptsetup support in systemd, build-depend on
++ libcryptsetup-dev (>= 2:1.2.0-1) to get a libcryptsetup in /lib.
++ * Don't use systemctl redirect for init scripts with X-Interactive: true
++
++ [ Michael Biebl ]
++ * Update package description
++ * Use v8 debhelper syntax
++ * Make single-user mode work
++ * Run hwclock-save.service on shutdown
++ * Remove dependencies on legacy sysv mount scripts, as we use native
++ mounting.
++
++ -- Tollef Fog Heen <tfheen@debian.org> Sun, 16 Jan 2011 11:04:13 +0100
++
++systemd (15-1) UNRELEASED; urgency=low
++
++ [ Tollef Fog Heen ]
++ * New upstream version, thanks a lot to Michael Biebl for help with
++ preparing this version.
++ - This version handles cycle breaking better. Closes: #609225
++ * Add libaudit-dev to build-depends
++ * /usr/share/systemd/session has been renamed to /usr/share/systemd/user
++ upstream, adjust build system accordingly.
++ * Remove -s from getty serial console invocation.
++ * Add dependency on new util-linux to make sure /sbin/agetty exists
++ * Don't mount /var/lock with gid=lock (Debian has no such group).
++ * Document problem with ifupdown's /etc/network/run being a normal
++ directory.
++
++ [ Michael Biebl ]
++ * Revert upstream change which requires libnotify 0.7 (not yet available in
++ Debian).
++ * Use dh-autoreconf for updating the build system.
++ * Revert upstream commit which uses fsck -l (needs a newer version of
++ util-linux).
++ * Explicitly disable cryptsetup support to not accidentally pick up a
++ libcryptsetup dependency in a tainted build environment, as the library
++ is currently installed in /usr/lib.
++ * Remove autogenerated man pages and vala C sources, so they are rebuilt.
++ * Use native systemd mount support:
++ - Use MountAuto=yes and SwapAuto=yes (default) in system.conf
++ - Mask SysV init mount, check and cleanup scripts.
++ - Create an alias (symlink) for checkroot (→ remount-rootfs.service) as
++ synchronization point for SysV init scripts.
++ * Mask x11-common, rmnologin, hostname, bootmisc and bootlogd.
++ * Create an alias for procps (→ systemd-sysctl.service) and
++ urandom (→ systemd-random-seed-load.service).
++ * Create an alias for module-init-tools (→ systemd-modules-load.service) and
++ a symlink from /etc/modules-load.d/modules.conf → /etc/modules.
++ * Install lsb-base hook which redirects calls to SysV init scripts to
++ systemctl: /etc/init.d/<foo> <action> → systemctl <action> <foo.service>
++ * Install a (auto)mount unit to mount /lib/init/rw early during boot.
++
++ -- Tollef Fog Heen <tfheen@debian.org> Sat, 20 Nov 2010 09:28:01 +0100
++
++systemd (11-2) UNRELEASED; urgency=low
++
++ * Tighten depends from systemd-* on systemd to ensure they're upgraded
++ in lockstep. Thanks to Michael Biebl for the patch.
++ * Add missing #DEBHELPER# token to libpam-systemd
++ * Stop messing with runlevel5/multi-user.target symlink, this is handled
++ correctly upstream.
++ * Stop shipping /cgroup in the package.
++ * Remove tmpwatch services, Debian doesn't have or use tmpwatch.
++ * Make sure to enable GTK bits.
++ * Ship password agent
++ * Clean up cgroups properly on upgrades, thanks to Michael Biebl for the
++ patch. Closes: #599577
++
++ -- Tollef Fog Heen <tfheen@debian.org> Tue, 02 Nov 2010 21:47:10 +0100
++
++systemd (11-1) experimental; urgency=low
++
++ * New upstream version. Closes: #597284
++ * Add pam-auth-update calls to libpam-systemd's postinst and prerm
++ * Make systemd-sysv depend on systemd
++ * Now mounts the cgroup fs in /sys/fs/cgroup. Closes: #595966
++ * Add libnotify-dev to build-depends (needed for systemadm)
++
++ -- Tollef Fog Heen <tfheen@debian.org> Thu, 07 Oct 2010 22:01:19 +0200
++
++systemd (8-2) experimental; urgency=low
++
++ * Hardcode udev rules dir in configure call.
++ * Remove README.source as it's no longer accurate.
++
++ -- Tollef Fog Heen <tfheen@debian.org> Mon, 30 Aug 2010 21:10:26 +0200
++
++systemd (8-1) experimental; urgency=low
++
++ * New upstream release
++ * Only ship the top /cgroup
++ * Pass --with-rootdir= to configure, to make it think / is / rather
++ than //
++ * Add PAM module package
++ * Fix up dependencies in local-fs.target. Closes: #594420
++ * Move systemadm to its own package. Closes: #588451
++ * Update standards-version (no changes needed)
++ * Update README.Debian to explain how to use systemd.
++ * Add systemd-sysv package that provides /sbin/init and friends.
++
++ -- Tollef Fog Heen <tfheen@debian.org> Sat, 07 Aug 2010 07:31:38 +0200
++
++systemd (0~git+20100605+dfd8ee-1) experimental; urgency=low
++
++ * Initial release, upload to experimental. Closes: #580814
++
++ -- Tollef Fog Heen <tfheen@debian.org> Fri, 30 Apr 2010 21:02:25 +0200
--- /dev/null
--- /dev/null
++10
--- /dev/null
--- /dev/null
++Source: systemd
++Section: admin
++Priority: optional
++Maintainer: Debian systemd Maintainers <pkg-systemd-maintainers@lists.alioth.debian.org>
++Uploaders: Michael Biebl <biebl@debian.org>,
++ Marco d'Itri <md@linux.it>,
++ Sjoerd Simons <sjoerd@debian.org>,
++ Martin Pitt <mpitt@debian.org>
++Standards-Version: 4.2.1
++Rules-Requires-Root: no
++Vcs-Git: https://salsa.debian.org/systemd-team/systemd.git
++Vcs-Browser: https://salsa.debian.org/systemd-team/systemd
++Homepage: https://www.freedesktop.org/wiki/Software/systemd
++Build-Depends: debhelper (>= 10.4~),
++ pkg-config,
++ xsltproc,
++ docbook-xsl,
++ docbook-xml,
++ m4,
++ meson (>= 0.44),
++ gettext,
++ gperf,
++ gnu-efi [amd64 i386 arm64],
++ libcap-dev (>= 1:2.24-9~),
++ libpam0g-dev,
++ libapparmor-dev (>= 2.9.0-3+exp2) <!stage1>,
++ libidn11-dev <!stage1>,
++ libiptc-dev <!stage1>,
++ libaudit-dev <!stage1>,
++ libdbus-1-dev (>= 1.3.2) <!nocheck>,
++ libcryptsetup-dev (>= 2:1.6.0) <!stage1>,
++ libselinux1-dev (>= 2.1.9),
++ libacl1-dev,
++ liblzma-dev,
++ liblz4-dev (>= 0.0~r125),
++ liblz4-tool <!nocheck>,
++ libbz2-dev <!stage1>,
++ zlib1g-dev <!stage1> | libz-dev <!stage1>,
++ libcurl4-gnutls-dev <!stage1> | libcurl-dev <!stage1>,
++ libmicrohttpd-dev <!stage1>,
++ libgnutls28-dev <!stage1>,
++ libgcrypt20-dev,
++ libkmod-dev (>= 15),
++ libblkid-dev (>= 2.24),
++ libmount-dev (>= 2.30),
++ libseccomp-dev (>= 2.3.1) [amd64 arm64 armel armhf i386 mips mipsel mips64 mips64el x32 powerpc ppc64 ppc64el s390x],
++ libdw-dev (>= 0.158) <!stage1>,
++ libpolkit-gobject-1-dev <!stage1>,
++ linux-base <!nocheck>,
++ acl <!nocheck>,
++ python3:native,
++ python3-lxml:native,
++ python3-pyparsing <!nocheck>,
++ python3-evdev <!nocheck>,
++ tzdata <!nocheck>,
++ libcap2-bin <!nocheck>,
++ iproute2 <!nocheck>,
++
++Package: systemd
++Architecture: linux-any
++Multi-Arch: foreign
++Section: admin
++Priority: important
++Recommends: libpam-systemd,
++ dbus
++Suggests: systemd-container,
++ policykit-1
++Pre-Depends: ${shlibs:Pre-Depends},
++ ${misc:Pre-Depends}
++Depends: ${shlibs:Depends},
++ ${misc:Depends},
++ libsystemd0 (= ${binary:Version}),
++ util-linux (>= 2.27.1),
++ mount (>= 2.26),
++ adduser,
++ procps,
++Conflicts: consolekit,
++ libpam-ck-connector,
++Breaks: apparmor (<< 2.9.2-1),
++ systemd-shim (<< 10-4~),
++ ifupdown (<< 0.8.5~),
++ udev (<< 228-5),
++ laptop-mode-tools (<< 1.68~),
++ python-dbusmock (<< 0.18),
++ python3-dbusmock (<< 0.18),
++Replaces: udev (<< 228-5),
++Description: system and service manager
++ systemd is a system and service manager for Linux. It provides aggressive
++ parallelization capabilities, uses socket and D-Bus activation for starting
++ services, offers on-demand starting of daemons, keeps track of processes using
++ Linux control groups, maintains mount and automount points and implements an
++ elaborate transactional dependency-based service control logic.
++ .
++ systemd is compatible with SysV and LSB init scripts and can work as a
++ drop-in replacement for sysvinit.
++ .
++ Installing the systemd package will not switch your init system unless you
++ boot with init=/bin/systemd or install systemd-sysv in addition.
++
++Package: systemd-sysv
++Architecture: linux-any
++Multi-Arch: foreign
++Section: admin
++Priority: important
++Conflicts: sysvinit-core,
++ upstart (<< 1.13.2-0ubuntu10~),
++ upstart-sysv,
++ openrc (<< 0.20.4-2.1),
++ file-rc,
++ systemd-shim,
++Replaces: sysvinit-core,
++ upstart (<< 1.13.2-0ubuntu10~),
++ upstart-sysv,
++Pre-Depends: systemd
++Depends: ${shlibs:Depends},
++ ${misc:Depends}
++Recommends: libnss-systemd
++Description: system and service manager - SysV links
++ systemd is a system and service manager for Linux. It provides aggressive
++ parallelization capabilities, uses socket and D-Bus activation for starting
++ services, offers on-demand starting of daemons, keeps track of processes using
++ Linux control groups, maintains mount and automount points and implements an
++ elaborate transactional dependency-based service control logic.
++ .
++ systemd is compatible with SysV and LSB init scripts and can work as a
++ drop-in replacement for sysvinit.
++ .
++ This package provides the manual pages and links needed for systemd
++ to replace sysvinit. Installing systemd-sysv will overwrite /sbin/init with a
++ link to systemd.
++
++Package: systemd-container
++Build-Profiles: <!stage1>
++Architecture: linux-any
++Multi-Arch: foreign
++Section: admin
++Priority: optional
++Depends: ${shlibs:Depends},
++ ${misc:Depends},
++ systemd,
++ dbus
++Recommends: btrfs-progs,
++ libnss-mymachines,
++Breaks: systemd (<< 224-2)
++Replaces: systemd (<< 224-2)
++Description: systemd container/nspawn tools
++ This package provides systemd's tools for nspawn and container/VM management:
++ * systemd-nspawn
++ * systemd-machined and machinectl
++ * systemd-importd
++
++Package: systemd-journal-remote
++Build-Profiles: <!stage1>
++Architecture: linux-any
++Multi-Arch: foreign
++Section: admin
++Priority: optional
++Depends: ${shlibs:Depends},
++ ${misc:Depends},
++ systemd,
++ adduser
++Breaks: systemd (<< 239-6)
++Replaces: systemd (<< 239-6)
++Description: tools for sending and receiving remote journal logs
++ This package provides tools for sending and receiving remote journal logs:
++ * systemd-journal-remote
++ * systemd-journal-upload
++ * systemd-journal-gatewayd
++
++Package: systemd-coredump
++Build-Profiles: <!stage1>
++Architecture: linux-any
++Multi-Arch: foreign
++Section: admin
++Priority: optional
++Depends: ${shlibs:Depends},
++ ${misc:Depends},
++ adduser,
++ systemd
++Conflicts: core-dump-handler
++Replaces: core-dump-handler, systemd (<< 229-2)
++Provides: core-dump-handler
++Breaks: systemd (<< 229-2)
++Description: tools for storing and retrieving coredumps
++ This package provides systemd tools for storing and retrieving coredumps:
++ * systemd-coredump
++ * coredumpctl
++
++Package: systemd-tests
++Architecture: linux-any
++Section: admin
++Priority: optional
++Depends: ${shlibs:Depends},
++ ${misc:Depends},
++ systemd (= ${binary:Version}),
++ python3,
++Description: tests for systemd
++ This package contains the test binaries. Those binaries are primarily used
++ for autopkgtest and not meant to be installed on regular user systems.
++
++Package: libpam-systemd
++Architecture: linux-any
++Multi-Arch: same
++Section: admin
++Priority: standard
++Pre-Depends: ${misc:Pre-Depends}
++Depends: ${shlibs:Depends},
++ ${misc:Depends},
++ systemd (= ${binary:Version}),
++ libpam-runtime (>= 1.0.1-6),
++ dbus,
++ systemd-shim (>= 10-4~) | systemd-sysv
++Description: system and service manager - PAM module
++ This package contains the PAM module which registers user sessions in
++ the systemd control group hierarchy for logind.
++ .
++ If in doubt, do install this package.
++ .
++ Packages that depend on logind functionality need to depend on libpam-systemd.
++
++Package: libnss-myhostname
++Architecture: linux-any
++Multi-Arch: same
++Section: admin
++Priority: optional
++Pre-Depends: ${misc:Pre-Depends}
++Depends: ${shlibs:Depends},
++ ${misc:Depends},
++Breaks: systemd (<< 222-1)
++Replaces: systemd (<< 222-1)
++Description: nss module providing fallback resolution for the current hostname
++ This package contains a plugin for the Name Service Switch, providing host
++ name resolution for the locally configured system hostname as returned by
++ gethostname(2). It returns all locally configured public IP addresses or -- if
++ none are configured, the IPv4 address 127.0.1.1 (which is on the local
++ loopback) and the IPv6 address ::1 (which is the local host).
++ .
++ A lot of software relies on that the local host name is resolvable. This
++ package provides an alternative to the fragile and error-prone manual editing
++ of /etc/hosts.
++ .
++ Installing this package automatically adds myhostname to /etc/nsswitch.conf.
++
++Package: libnss-mymachines
++Architecture: linux-any
++Multi-Arch: same
++Section: admin
++Priority: optional
++Pre-Depends: ${misc:Pre-Depends}
++Depends: ${shlibs:Depends},
++ ${misc:Depends},
++ systemd-container (= ${binary:Version}),
++Breaks: systemd (<< 222-1)
++Replaces: systemd (<< 222-1)
++Description: nss module to resolve hostnames for local container instances
++ nss-mymachines is a plugin for the GNU Name Service Switch (NSS) functionality
++ of the GNU C Library (glibc) providing hostname resolution for local containers
++ that are registered with systemd-machined.service(8). The container names are
++ resolved to IP addresses of the specific container, ordered by their scope.
++ .
++ Installing this package automatically adds mymachines to /etc/nsswitch.conf.
++
++Package: libnss-resolve
++Architecture: linux-any
++Multi-Arch: same
++Section: admin
++Priority: optional
++Pre-Depends: ${misc:Pre-Depends}
++Depends: ${shlibs:Depends},
++ ${misc:Depends},
++ systemd (= ${binary:Version}),
++Breaks: systemd (<< 227-3)
++Replaces: systemd (<< 227-3)
++Description: nss module to resolve names via systemd-resolved
++ nss-resolve is a plugin for the GNU Name Service Switch (NSS) functionality
++ of the GNU C Library (glibc) providing DNS and LLMNR resolution to programs via
++ the systemd-resolved daemon (provided in the systemd package).
++ .
++ Installing this package automatically adds resolve to /etc/nsswitch.conf.
++
++Package: libnss-systemd
++Architecture: linux-any
++Multi-Arch: same
++Section: admin
++Priority: optional
++Pre-Depends: ${misc:Pre-Depends}
++Depends: ${shlibs:Depends},
++ ${misc:Depends},
++ systemd (= ${binary:Version}),
++Description: nss module providing dynamic user and group name resolution
++ nss-systemd is a plug-in module for the GNU Name Service Switch (NSS)
++ functionality of the GNU C Library (glibc), providing UNIX user and group name
++ resolution for dynamic users and groups allocated through the DynamicUser=
++ option in systemd unit files. See systemd.exec(5) for details on this
++ option.
++ .
++ Installing this package automatically adds the module to /etc/nsswitch.conf.
++
++Package: libsystemd0
++Architecture: linux-any
++Multi-Arch: same
++Section: libs
++Priority: optional
++Pre-Depends: ${shlibs:Depends},
++ ${misc:Pre-Depends}
++Depends: ${misc:Depends}
++Description: systemd utility library
++ The libsystemd0 library provides interfaces to various systemd components.
++
++Package: libsystemd-dev
++Architecture: linux-any
++Multi-Arch: same
++Section: libdevel
++Priority: optional
++Depends: ${shlibs:Depends},
++ ${misc:Depends},
++ libsystemd0 (= ${binary:Version})
++Description: systemd utility library - development files
++ The libsystemd0 library provides interfaces to various systemd components.
++ .
++ This package contains the development files.
++
++Package: udev
++Section: admin
++Priority: important
++Architecture: linux-any
++Multi-Arch: foreign
++Pre-Depends: ${misc:Pre-Depends}
++Depends: ${shlibs:Depends},
++ ${misc:Depends},
++ adduser,
++ libudev1 (= ${binary:Version}),
++ lsb-base (>= 3.0-6),
++ util-linux (>= 2.27.1),
++ s390-tools (>> 1.6.2) [s390],
++ procps
++Conflicts: hal
++Breaks: systemd (<< 233-4),
++ ifupdown (<< 0.8.5~),
++ ifplugd (<< 0.28-19.1~),
++ joystick (<< 1:1.4.9-1~),
++Replaces: systemd (<< 233-4)
++Description: /dev/ and hotplug management daemon
++ udev is a daemon which dynamically creates and removes device nodes from
++ /dev/, handles hotplug events and loads drivers at boot time.
++
++Package: libudev1
++Section: libs
++Priority: optional
++Architecture: linux-any
++Multi-Arch: same
++Pre-Depends: ${misc:Pre-Depends}
++Depends: ${shlibs:Depends},
++ ${misc:Depends}
++Description: libudev shared library
++ This library provides access to udev device information.
++
++Package: libudev-dev
++Section: libdevel
++Priority: optional
++Architecture: linux-any
++Multi-Arch: same
++Pre-Depends: ${misc:Pre-Depends}
++Depends: ${shlibs:Depends},
++ ${misc:Depends},
++ libudev1 (= ${binary:Version})
++Description: libudev development files
++ This package contains the files needed for developing applications that
++ use libudev.
++
++Package: udev-udeb
++Build-Profiles: <!noudeb>
++Package-Type: udeb
++Section: debian-installer
++Priority: optional
++Architecture: linux-any
++Depends: ${shlibs:Depends},
++ ${misc:Depends},
++ util-linux-udeb
++Description: /dev/ and hotplug management daemon
++ udev is a daemon which dynamically creates and removes device nodes from
++ /dev/, handles hotplug events and loads drivers at boot time.
++ .
++ This is a minimal version, only for use in the installation system.
++
++Package: libudev1-udeb
++Build-Profiles: <!noudeb>
++Package-Type: udeb
++Section: debian-installer
++Priority: optional
++Architecture: linux-any
++Depends: ${shlibs:Depends},
++ ${misc:Depends}
++Description: libudev shared library
++ This library provides access to udev device information.
++ .
++ This is a minimal version, only for use in the installation system.
--- /dev/null
--- /dev/null
++Format: https://www.debian.org/doc/packaging-manuals/copyright-format/1.0/
++Upstream-Name: systemd
++Upstream-Contact: systemd-devel@lists.freedesktop.org
++Source: https://www.freedesktop.org/wiki/Software/systemd/
++
++Files: *
++Copyright: 2008-2015 Kay Sievers <kay@vrfy.org>
++ 2010-2015 Lennart Poettering
++ 2012-2015 Zbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl>
++ 2013-2015 Tom Gundersen <teg@jklm.no>
++ 2013-2015 Daniel Mack
++ 2010-2015 Harald Hoyer
++ 2013-2015 David Herrmann
++ 2013, 2014 Thomas H.P. Andersen
++ 2013, 2014 Daniel Buch
++ 2014 Susant Sahani
++ 2009-2015 Intel Corporation
++ 2000, 2005 Red Hat, Inc.
++ 2009 Alan Jenkins <alan-jenkins@tuffmail.co.uk>
++ 2010 ProFUSION embedded systems
++ 2010 Maarten Lankhorst
++ 1995-2004 Miquel van Smoorenburg
++ 1999 Tom Tromey
++ 2011 Michal Schmidt
++ 2012 B. Poettering
++ 2012 Holger Hans Peter Freyther
++ 2012 Dan Walsh
++ 2012 Roberto Sassu
++ 2013 David Strauss
++ 2013 Marius Vollmer
++ 2013 Jan Janssen
++ 2013 Simon Peeters
++License: LGPL-2.1+
++
++Files: src/basic/siphash24.h
++ src/basic/siphash24.c
++Copyright: 2012 Jean-Philippe Aumasson <jeanphilippe.aumasson@gmail.com>
++ 2012 Daniel J. Bernstein <djb@cr.yp.to>
++License: CC0-1.0
++
++Files: src/basic/securebits.h
++Copyright: Linus Torvalds <torvalds@athlon.transmeta.com>
++License: GPL-2
++
++Files: src/basic/ioprio.h
++Copyright: Jens Axboe <axboe@suse.de>
++License: GPL-2
++
++Files: src/shared/linux/auto_dev-ioctl.h
++Copyright: 2008 Red Hat, Inc.
++ 2008 Ian Kent <raven@themaw.net>
++License: GPL-2+
++
++Files: src/basic/sparse-endian.h
++Copyright: 2012 Josh Triplett <josh@joshtriplett.org>
++License: Expat
++
++Files: src/journal/lookup3.c
++ src/journal/lookup3.h
++Copyright: none
++License: public-domain
++ You can use this free for any purpose. It's in the public domain. It has no
++ warranty.
++
++Files: src/udev/*
++Copyright: 2003-2012 Kay Sievers <kay@vrfy.org>
++ 2003-2004 Greg Kroah-Hartman <greg@kroah.com>
++ 2004 Chris Friesen <chris_friesen@sympatico.ca>
++ 2004, 2009, 2010 David Zeuthen <david@fubar.dk>
++ 2005, 2006 SUSE Linux Products GmbH
++ 2003 IBM Corp.
++ 2007 Hannes Reinecke <hare@suse.de>
++ 2009 Canonical Ltd.
++ 2009 Scott James Remnant <scott@netsplit.com>
++ 2009 Martin Pitt <martin.pitt@ubuntu.com>
++ 2009 Piter Punk <piterpunk@slackware.com>
++ 2009, 2010 Lennart Poettering
++ 2009 Filippo Argiolas <filippo.argiolas@gmail.com>
++ 2010 Maxim Levitsky
++ 2011 ProFUSION embedded systems
++ 2011 Karel Zak <kzak@redhat.com>
++ 2014 Zbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl>
++ 2014 David Herrmann <dh.herrmann@gmail.com>
++ 2014 Carlos Garnacho <carlosg@gnome.org>
++License: GPL-2+
++
++Files: src/udev/udev-ctrl.c
++ src/udev/udevadm-hwdb.c
++ src/udev/udev-builtin.c
++ src/udev/udev-builtin-net_id.c
++ src/udev/udev-builtin-net_setup_link.c
++ src/udev/udev-builtin-hwdb.c
++ src/udev/udev-builtin-btrfs.c
++ src/udev/udev-builtin-keyboard.c
++ src/udev/net/link-config.h
++ src/udev/net/link-config.c
++ src/udev/net/ethtool-util.c
++ src/udev/net/ethtool-util.h
++Copyright: 2007-2013 Kay Sievers <kay@vrfy.org>
++ 2013 Tom Gundersen <teg@jklm.no>
++License: LGPL-2.1+
++
++Files: src/udev/scsi_id/scsi.h
++Copyright: 2003 IBM Corp.
++License: GPL-2
++
++Files: debian/*
++Copyright: 2010-2013 Tollef Fog Heen <tfheen@debian.org>
++ 2013-2018 Michael Biebl <biebl@debian.org>
++ 2013 Michael Stapelberg <stapelberg@debian.org>
++License: LGPL-2.1+
++
++License: Expat
++ Permission is hereby granted, free of charge, to any person obtaining a copy
++ of this software and associated documentation files (the "Software"), to
++ deal in the Software without restriction, including without limitation the
++ rights to use, copy, modify, merge, publish, distribute, sublicense, and/or
++ sell copies of the Software, and to permit persons to whom the Software is
++ furnished to do so, subject to the following conditions:
++ .
++ The above copyright notice and this permission notice shall be included in
++ all copies or substantial portions of the Software.
++ .
++ THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
++ IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
++ FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
++ AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
++ LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
++ FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS
++ IN THE SOFTWARE.
++
++License: GPL-2
++ This program is free software; you can redistribute it and/or modify
++ it under the terms of the GNU General Public License as published by
++ the Free Software Foundation; version 2 of the License.
++ .
++ This program is distributed in the hope that it will be useful,
++ but WITHOUT ANY WARRANTY; without even the implied warranty of
++ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
++ GNU General Public License for more details.
++ .
++ You should have received a copy of the GNU General Public License
++ along with this program; if not, write to the Free Software Foundation, Inc.,
++ 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA.
++ .
++ On Debian and systems the full text of the GNU General Public
++ License version 2 can be found in the file
++ `/usr/share/common-licenses/GPL-2`
++
++License: GPL-2+
++ This program is free software; you can redistribute it and/or modify
++ it under the terms of the GNU General Public License as published by
++ the Free Software Foundation; either version 2, or (at your option)
++ any later version.
++ .
++ This program is distributed in the hope that it will be useful,
++ but WITHOUT ANY WARRANTY; without even the implied warranty of
++ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
++ GNU General Public License for more details.
++ .
++ You should have received a copy of the GNU General Public License along
++ with this program; if not, write to the Free Software Foundation,
++ Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
++ .
++ On Debian systems, the complete text of the GNU General Public License
++ version 2 can be found in ‘/usr/share/common-licenses/GPL-2’.
++
++License: LGPL-2.1+
++ This program is free software; you can redistribute it and/or modify
++ it under the terms of the GNU Lesser General Public License as published by
++ the Free Software Foundation; either version 2.1, or (at your option)
++ any later version.
++ .
++ This program is distributed in the hope that it will be useful,
++ but WITHOUT ANY WARRANTY; without even the implied warranty of
++ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
++ GNU Lesser General Public License for more details.
++ .
++ You should have received a copy of the GNU Lesser General Public License along
++ with this program; if not, write to the Free Software Foundation,
++ Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
++ .
++ On Debian systems, the complete text of the GNU Lesser General Public
++ License version 2.1 can be found in ‘/usr/share/common-licenses/LGPL-2.1’.
++
++License: CC0-1.0
++ To the extent possible under law, the author(s) have dedicated all copyright
++ and related and neighboring rights to this software to the public domain
++ worldwide. This software is distributed without any warranty.
++ .
++ You should have received a copy of the CC0 Public Domain Dedication along with
++ this software. If not, see <http://creativecommons.org/publicdomain/zero/1.0/>.
++ .
++ On Debian systems, the complete text of the CC0 1.0 Universal license can be
++ found in ‘/usr/share/common-licenses/CC0-1.0’.
--- /dev/null
--- /dev/null
++#!/bin/sh
++# Prepare systemd source package in current directory for testing an upstream
++# commit, branch, or PR, without Debian patches. This replaces everything
++# except the debian/ directory with an upstream checkout.
++# NEVER run this in your actual packaging work directory! This is only meant
++# for upstream CI.
++#
++# Author: Martin Pitt <martin.pitt@ubuntu.com>
++
++set -eu
++test -x debian/rules
++if [ -z "${TEST_UPSTREAM:-}" ]; then
++ echo "Not in upstream testing mode. Do *not* run this script unless you know what you are doing." >&2
++ exit 1
++fi
++if [ -n "${UPSTREAM_PULL_REQUEST:-}" ]; then
++ FETCH="git fetch -fu origin refs/pull/$UPSTREAM_PULL_REQUEST/head:pr"
++ CO='git checkout pr'
++ DESC="PR #$UPSTREAM_PULL_REQUEST"
++elif [ -n "${UPSTREAM_HEAD:-}" ]; then
++ FETCH=''
++ CO="git checkout $UPSTREAM_HEAD"
++ DESC="$UPSTREAM_HEAD"
++else
++ echo "WARNING: $0: Neither UPSTREAM_PULL_REQUEST nor UPSTREAM_HEAD set, ignoring" >&2
++ exit 0
++fi
++
++mkdir -p debian/tmp
++(cd debian/tmp
++ git clone https://github.com/systemd/systemd.git upstream || (rm -rf upstream; sleep 60; git clone https://github.com/systemd/systemd.git upstream)
++ cd upstream
++ $FETCH
++ $CO
++ git config user.email "invalid@example.com"
++ git config user.name "Merge dummy user"
++ git rebase master)
++UPSTREAM_VER=$(cd debian/tmp/upstream; git describe | sed 's/^v//')
++
++# clean out original upstream sources and patches
++find -mindepth 1 -maxdepth 1 -name debian -prune -o -print0 | xargs -0n1 rm -rf
++rm -rf debian/patches
++
++# replace with checkout
++mv debian/tmp/upstream/* .
++rm -rf debian/tmp
++
++# craft changelog
++cat << EOF > debian/changelog.new
++systemd (${UPSTREAM_VER}-0) UNRELEASED; urgency=low
++
++ * Automatic build from upstream $DESC
++
++ -- systemd test <pkg-systemd-maintainers@lists.alioth.debian.org> $(date -R)
++
++EOF
++cat debian/changelog >> debian/changelog.new
++mv debian/changelog.new debian/changelog
++
++# disable tests which are not for upstream
++sed -i '/# NOUPSTREAM/ q' debian/tests/control
--- /dev/null
--- /dev/null
++TIMESYNCD_CONF=/run/systemd/timesyncd.conf.d/01-dhclient.conf
++
++timesyncd_servers_setup_remove() {
++ if [ -e $TIMESYNCD_CONF ]; then
++ rm -f $TIMESYNCD_CONF
++ systemctl try-restart systemd-timesyncd.service || true
++ fi
++}
++
++timesyncd_servers_setup_add() {
++ if [ ! -d /run/systemd/system ]; then
++ return
++ fi
++
++ if [ -e $TIMESYNCD_CONF ] && [ "$new_ntp_servers" = "$old_ntp_servers" ]; then
++ return
++ fi
++
++ if [ -z "$new_ntp_servers" ]; then
++ timesyncd_servers_setup_remove
++ return
++ fi
++
++ mkdir -p $(dirname $TIMESYNCD_CONF)
++ cat <<EOF > ${TIMESYNCD_CONF}.new
++# NTP server entries received from DHCP server
++[Time]
++NTP=$new_ntp_servers
++EOF
++ mv ${TIMESYNCD_CONF}.new ${TIMESYNCD_CONF}
++ systemctl try-restart systemd-timesyncd.service || true
++}
++
++
++case $reason in
++ BOUND|RENEW|REBIND|REBOOT)
++ timesyncd_servers_setup_add
++ ;;
++ EXPIRE|FAIL|RELEASE|STOP)
++ timesyncd_servers_setup_remove
++ ;;
++esac
--- /dev/null
--- /dev/null
++# This file blacklists most old-style PCI framebuffer drivers.
++
++blacklist arkfb
++blacklist aty128fb
++blacklist atyfb
++blacklist radeonfb
++blacklist cirrusfb
++blacklist cyber2000fb
++blacklist kyrofb
++blacklist matroxfb_base
++blacklist mb862xxfb
++blacklist neofb
++blacklist pm2fb
++blacklist pm3fb
++blacklist s3fb
++blacklist savagefb
++blacklist sisfb
++blacklist tdfxfb
++blacklist tridentfb
++blacklist vt8623fb
--- /dev/null
--- /dev/null
++# -*-Shell-script-*-
++# /lib/lsb/init-functions
++
++_use_systemctl=0
++if [ -d /run/systemd/system ]; then
++
++ prog=${0##*/}
++ service="${prog%.sh}.service"
++
++ # Don't try to run masked services. systemctl <= 230 always succeeds here,
++ # but later systemctls fail on nonexisting units; be compatible with both
++ state=$(systemctl -p LoadState --value show $service 2>/dev/null) || state="not-found"
++ [ "$state" = "masked" ] && exit 0
++
++ # Redirect SysV init scripts when executed by the user
++ if [ $PPID -ne 1 ] && [ -z "${SYSTEMCTL_SKIP_REDIRECT:-}" ]; then
++ case $(readlink -f "$0") in
++ /etc/init.d/*)
++ # If the state is not-found, this might be a newly installed SysV init
++ # script where systemd-sysv-generator has not been run yet.
++ [ "$state" != "not-found" ] || [ "$(id -u)" != 0 ] || systemctl --no-ask-password daemon-reload
++
++ _use_systemctl=1
++ # Some services can't reload through the .service file,
++ # but can through the init script.
++ if [ "$(systemctl -p CanReload --value show $service 2>/dev/null)" = "no" ] && [ "${1:-}" = "reload" ]; then
++ _use_systemctl=0
++ fi
++ ;;
++ esac
++ fi
++fi
++
++systemctl_redirect () {
++ local s
++ local rc
++ local prog=${1##*/}
++ local command=$2
++
++ case "$command" in
++ start)
++ s="Starting $prog (via systemctl)"
++ ;;
++ stop)
++ s="Stopping $prog (via systemctl)"
++ ;;
++ reload|force-reload)
++ s="Reloading $prog configuration (via systemctl)"
++ ;;
++ try-restart)
++ s="Restarting $prog if running (via systemctl)"
++ ;;
++ restart)
++ s="Restarting $prog (via systemctl)"
++ ;;
++ esac
++
++ service="${prog%.sh}.service"
++
++ # avoid deadlocks during bootup and shutdown from units/hooks
++ # which call "invoke-rc.d service reload" and similar, since
++ # the synchronous wait plus systemd's normal behaviour of
++ # transactionally processing all dependencies first easily
++ # causes dependency loops
++ if ! OUT=$(systemctl is-system-running 2>/dev/null) && [ "$OUT" != "degraded" ]; then
++ sctl_args="--job-mode=ignore-dependencies"
++ fi
++
++ [ "$command" = status ] || log_daemon_msg "$s" "$service"
++ /bin/systemctl --no-pager $sctl_args $command "$service"
++ rc=$?
++ [ "$command" = status ] || log_end_msg $rc
++
++ return $rc
++}
++
++if [ "$_use_systemctl" = "1" ]; then
++ # Some init scripts use "set -e" and "set -u", we don't want that
++ # here
++ set +e
++ set +u
++
++ if [ "x$1" = xstart -o \
++ "x$1" = xstop -o \
++ "x$1" = xrestart -o \
++ "x$1" = xreload -o \
++ "x$1" = xforce-reload -o \
++ "x$1" = xtry-restart -o \
++ "x$1" = xstatus ] ; then
++
++ systemctl_redirect $0 $1
++ exit $?
++ fi
++fi
--- /dev/null
--- /dev/null
++#!/bin/sh -e
++
++PREREQS=""
++
++prereqs() { echo "$PREREQS"; }
++
++case "$1" in
++ prereqs)
++ prereqs
++ exit 0
++ ;;
++esac
++
++. /usr/share/initramfs-tools/hook-functions
++
++mkdir -p $DESTDIR/lib/systemd
++copy_exec /lib/systemd/systemd-udevd /lib/systemd
++copy_exec /bin/udevadm /bin
++
++mkdir -p $DESTDIR/etc/udev
++cp -p /etc/udev/udev.conf $DESTDIR/etc/udev/
++
++# copy .link files containing interface naming definitions
++mkdir -p $DESTDIR/lib/systemd/network/
++find /lib/systemd/network -name '*.link' -execdir cp -pt $DESTDIR/lib/systemd/network/ '{}' +
++if [ -d /etc/systemd/network ]; then
++ find /etc/systemd/network -name '*.link' -execdir cp -pt $DESTDIR/lib/systemd/network/ '{}' +
++fi
++
++mkdir -p $DESTDIR/lib/udev/rules.d/
++for rules in 50-firmware.rules 50-udev-default.rules 60-persistent-storage.rules \
++ 61-persistent-storage-android.rules 71-seat.rules 73-special-net-names.rules \
++ 73-usb-net-by-mac.rules 75-net-description.rules \
++ 80-net-setup-link.rules 80-drivers.rules; do
++ if [ -e /etc/udev/rules.d/$rules ]; then
++ cp -p /etc/udev/rules.d/$rules $DESTDIR/lib/udev/rules.d/
++ elif [ -e /lib/udev/rules.d/$rules ]; then
++ cp -p /lib/udev/rules.d/$rules $DESTDIR/lib/udev/rules.d/
++ fi
++done
++
++# now copy all custom udev rules which don't have an equivalent in /lib (e. g.
++# 70-persistent-net.rules or similar); They might contain network names or
++# other bits which are relevant for the initramfs.
++for rules in /etc/udev/rules.d/*.rules; do
++ if [ -e "$rules" ] && [ ! -e "/lib/${rules#/etc/}" ]; then
++ cp -p $rules $DESTDIR/lib/udev/rules.d/
++ fi
++done
++
++for program in ata_id scsi_id; do
++ copy_exec /lib/udev/$program /lib/udev
++done
++copy_exec /sbin/blkid /sbin
--- /dev/null
--- /dev/null
++#!/bin/sh -e
++
++PREREQS=""
++
++prereqs() { echo "$PREREQS"; }
++
++case "$1" in
++ prereqs)
++ prereqs
++ exit 0
++ ;;
++esac
++
++# Stop udevd, we'll miss a few events while we run init, but we catch up
++udevadm control --exit
++
++# move the /dev tmpfs to the rootfs; fall back to util-linux mount that does
++# not understand -o move
++mount -n -o move /dev ${rootmnt}/dev || mount -n --move /dev ${rootmnt}/dev
++
++# create a temporary symlink to the final /dev for other initramfs scripts
++if command -v nuke >/dev/null; then
++ nuke /dev
++else
++ rm -rf /dev
++fi
++ln -s ${rootmnt}/dev /dev
++
--- /dev/null
--- /dev/null
++#!/bin/sh -e
++
++PREREQS=""
++
++prereqs() { echo "$PREREQS"; }
++
++case "$1" in
++ prereqs)
++ prereqs
++ exit 0
++ ;;
++esac
++
++if [ -w /sys/kernel/uevent_helper ]; then
++ echo > /sys/kernel/uevent_helper
++fi
++
++if [ "$quiet" = "y" ]; then
++ log_level=notice
++else
++ log_level=info
++fi
++
++SYSTEMD_LOG_LEVEL=$log_level /lib/systemd/systemd-udevd --daemon --resolve-names=never
++
++udevadm trigger --type=subsystems --action=add
++udevadm trigger --type=devices --action=add
++udevadm settle || true
++
++# Leave udev running to process events that come in out-of-band (like USB
++# connections)
--- /dev/null
--- /dev/null
++#!/bin/sh
++set -eu
++# -*- mode: shell-script; indent-tabs-mode: nil; sh-basic-offset: 4; -*-
++# ex: ts=8 sw=4 sts=4 et filetype=sh
++
++COMMAND="$1"
++KERNEL_VERSION="$2"
++BOOT_DIR_ABS="$3"
++
++INITRD_SRC="/boot/initrd.img-$KERNEL_VERSION"
++INITRD_DEST="$BOOT_DIR_ABS/initrd"
++
++if [ "$COMMAND" = remove ]; then
++ rm -f "$INITRD_DEST"
++ exit 0
++fi
++
++if [ "$COMMAND" != add ]; then
++ echo "Invalid command $COMMAND" >&2
++ exit 1
++fi
++
++if [ -e "$INITRD_SRC" ];then
++ cp "$INITRD_SRC" "$INITRD_DEST"
++else
++ echo "$INITRD_SRC does not exist, not installing an initrd"
++fi
++
++exit 0
--- /dev/null
--- /dev/null
++#!/bin/sh
++# This script should be run before building the package every time a new
++# kernel is released.
++#
++# You should pass the name of the modules directory for a 486 flavour
++# kernel, as that has the most framebuffer modules.
++#
++# Also, obsolete modules should not be removed from the list until after
++# at least one stable release.
++
++set -e
++
++if [ $# = 0 ]; then
++ MODULES_DIR=/lib/modules/$(uname -r)
++else
++ MODULES_DIR="$1"
++fi
++
++BL='fbdev-blacklist.conf'
++
++if [ -e extra/$BL ]; then cd extra; fi
++
++{
++printf "# This file blacklists most old-style PCI framebuffer drivers.\n\n"
++
++find "$MODULES_DIR"/kernel/drivers/video -type f | sort | \
++while read file; do
++ name="$(basename $file .ko)"
++ case $name in
++ lxfb)
++ # This is needed for text consoles on OLPC XO-1, and it used to be
++ # built-in anyway.
++ ;;
++ viafb) ;; # Needed by OLPC XO-1.5
++ *)
++ /sbin/modinfo $file | grep -q '^alias: *pci:' \
++ && echo blacklist $name || true
++ ;;
++ esac
++done
++} > $BL.tmp
++
++if diff --unified=0 $BL $BL.tmp; then
++ rm $BL.tmp
++else
++ printf "\n\n\n$BL.tmp has changes!\n\n\n\n"
++fi
++
--- /dev/null
--- /dev/null
++#!/bin/sh
++# generate a sysusers.d(5) file from Debian's static master passwd/group files
++set -eu
++
++echo '# generated from /usr/share/base-passwd/{passwd,group}.master'
++
++# only take groups whose name+gid != the corresponding user in passwd.master
++export IFS=:
++while read name _ id _; do
++ if ! grep -q "^$name:\*:$id:$id:" /usr/share/base-passwd/passwd.master; then
++ printf "g %-10s %-5s -\n" $name $id
++ fi
++done < /usr/share/base-passwd/group.master
++
++echo
++
++# treat "nobody:nogroup" specially: same ID, but different name, so prevent creating a "nobody" group
++awk -F: '{ i = ($3 == $4 && $4 != 65534) ? $3 : $3":"$4; printf("u %-10s %-7s - %-20s %s\n", $1,i,$6,$7) }' < /usr/share/base-passwd/passwd.master
--- /dev/null
--- /dev/null
++Name: Register user sessions in the systemd control group hierarchy
++Default: yes
++Priority: 0
++Session-Interactive-Only: yes
++Session-Type: Additional
++Session:
++ optional pam_systemd.so
--- /dev/null
--- /dev/null
++# This file is part of systemd.
++#
++# Used by systemd --user instances.
++
++@include common-account
++
++session required pam_selinux.so close
++session required pam_selinux.so nottys open
++session required pam_loginuid.so
++session required pam_limits.so
++@include common-session-noninteractive
++session optional pam_systemd.so
--- /dev/null
--- /dev/null
++# On Hyper-V and Xen Virtual Machines we want to add memory and cpus as soon as they appear
++ATTR{[dmi/id]sys_vendor}=="Microsoft Corporation", ATTR{[dmi/id]product_name}=="Virtual Machine", GOTO="vm_hotadd_apply"
++ATTR{[dmi/id]sys_vendor}=="Xen", GOTO="vm_hotadd_apply"
++GOTO="vm_hotadd_end"
++
++LABEL="vm_hotadd_apply"
++
++# Memory hotadd request
++SUBSYSTEM=="memory", ACTION=="add", DEVPATH=="/devices/system/memory/memory[0-9]*", TEST=="state", ATTR{state}="online"
++
++# CPU hotadd request
++SUBSYSTEM=="cpu", ACTION=="add", DEVPATH=="/devices/system/cpu/cpu[0-9]*", TEST=="online", ATTR{online}="1"
++
++LABEL="vm_hotadd_end"
--- /dev/null
--- /dev/null
++# Android based kernel exports the uevent property PARTNAME, which can be
++# used to find out at run time the named partitions (e.g. boot) for the
++# device. This is specially useful for the Touch based images and flash-kernel,
++# to automatically update the kernel by writing at the correct partition
++# (independently of the hardware revision).
++ACTION!="remove", KERNEL=="mmcblk[0-9]p[0-9]", ENV{PARTNAME}=="?*", SYMLINK+="disk/by-partlabel/$env{PARTNAME}"
++
--- /dev/null
--- /dev/null
++ACTION!="remove", SUBSYSTEM=="input", KERNEL=="event*", SUBSYSTEMS=="platform", KERNELS=="gpio_keys.6|soc:gpio_keys", PROGRAM="/bin/cat /proc/device-tree/model", RESULT=="HP ProLiant m400 Server Cartridge", TAG+="power-switch"
++ACTION!="remove", SUBSYSTEM=="input", KERNEL=="event*", SUBSYSTEMS=="platform", KERNELS=="gpio_keys.12", ATTRS{keys}=="116", PROGRAM="/bin/cat /proc/device-tree/model", RESULT=="HP ProLiant m800 Server Cartridge", TAG+="power-switch"
--- /dev/null
--- /dev/null
++# do not edit this file, it will be overwritten on update
++
++ACTION!="add", GOTO="graphics_end"
++
++# Tag the drm device for KMS-supporting drivers as the primary device for
++# the display; for non-KMS drivers tag the framebuffer device instead.
++
++SUBSYSTEM!="drm", GOTO="drm_end"
++KERNEL!="card[0-9]*", GOTO="drm_end"
++ENV{DEVTYPE}!="drm_minor", GOTO="drm_end"
++
++DRIVERS=="i915", ENV{PRIMARY_DEVICE_FOR_DISPLAY}="1"
++DRIVERS=="radeon", ENV{PRIMARY_DEVICE_FOR_DISPLAY}="1"
++DRIVERS=="nouveau", ENV{PRIMARY_DEVICE_FOR_DISPLAY}="1"
++DRIVERS=="vmwgfx", ENV{PRIMARY_DEVICE_FOR_DISPLAY}="1"
++
++LABEL="drm_end"
++
++SUBSYSTEM!="graphics", GOTO="graphics_end"
++
++DRIVERS=="i915", GOTO="graphics_end"
++DRIVERS=="radeon", GOTO="graphics_end"
++DRIVERS=="nouveau", GOTO="graphics_end"
++DRIVERS=="efifb", GOTO="graphics_end"
++DRIVERS=="efi-framebuffer", GOTO="graphics_end"
++DRIVERS=="vesa-framebuffer", GOTO="graphics_end"
++
++KERNEL=="fb[0-9]*", ENV{PRIMARY_DEVICE_FOR_DISPLAY}="1"
++
++LABEL="graphics_end"
--- /dev/null
--- /dev/null
++# stub for immediately telling the kernel that userspace firmware loading
++# failed; necessary to avoid long timeouts with CONFIG_FW_LOADER_USER_HELPER=y
++SUBSYSTEM=="firmware", ACTION=="add", ATTR{loading}="-1"
--- /dev/null
--- /dev/null
++# On Dell PowerEdge systems, the iDRAC7 and later support a USB Virtual NIC
++# which terminates in the iDRAC. Help identify this with 'idrac'
++ACTION=="add", SUBSYSTEM=="net", SUBSYSTEMS=="usb", ATTRS{idVendor}=="413c", ATTRS{idProduct}=="a102", NAME="idrac"
++
++# On IBM systems the Integrated Management Module is reachable using a
++# # USB Virtual NIC.
++ACTION=="add", SUBSYSTEM=="net", SUBSYSTEMS=="usb", \
++ ATTRS{idVendor}=="04b3", ATTRS{idProduct}=="0325", NAME="ibmimm"
++
++# ibmveth devices' $DEVPATH number is tied to (virtual) hardware (slot id
++# selected in the HMC), thus this provides a reliable naming (e. g.
++# "/devices/vio/30000002/net/eth1"); we ignore the bus number, as
++# there should only ever be one bus, and then remove leading zeros
++ACTION=="add", SUBSYSTEM=="net", NAME=="", DRIVERS=="ibmveth", PROGRAM="/bin/sh -ec 'D=${DEVPATH#*/vio/}; D=${D%%%%/*}; D=${D#????}; D=${D#0}; D=${D#0}; D=${D#0}; D=${D#0}; echo ${D:-0}'", NAME="ibmveth$result"
--- /dev/null
--- /dev/null
++# Use MAC based names for network interfaces which are directly or indirectly
++# on USB and have an universally administered (stable) MAC address (second bit
++# is 0). Don't do this when ifnames is disabled via kernel command line or
++# customizing/disabling 99-default.link (or previously 80-net-setup-link.rules).
++
++IMPORT{cmdline}="net.ifnames"
++ENV{net.ifnames}=="0", GOTO="usb_net_by_mac_end"
++
++ACTION=="add", SUBSYSTEM=="net", SUBSYSTEMS=="usb", NAME=="", \
++ ATTR{address}=="?[014589cd]:*", \
++ TEST!="/etc/udev/rules.d/80-net-setup-link.rules", \
++ TEST!="/etc/systemd/network/99-default.link", \
++ IMPORT{builtin}="net_id", NAME="$env{ID_NET_NAME_MAC}"
++
++LABEL="usb_net_by_mac_end"
--- /dev/null
--- /dev/null
++# Debian specific udev rules for backwards compatibility
++
++# needed for old tape drivers, http://bugs.debian.org/657948
++SUBSYSTEM=="scsi", ENV{DEVTYPE}=="scsi_device", TEST!="[module/sg]", RUN{builtin}+="kmod load sg"
++
++# device permissions
++KERNEL=="mISDNtimer", GROUP="dialout"
++KERNEL=="mwave", GROUP="dialout"
++KERNEL=="nvram", GROUP="kmem", MODE="0640"
++KERNEL=="pktcdvd", GROUP="cdrom", MODE="0644"
++KERNEL=="lirc[0-9]*", GROUP="video"
++KERNEL=="legousbtower*", MODE="0666"
++KERNEL=="sonypi", MODE="0666"
++KERNEL=="mmtimer", MODE="0644"
++KERNEL=="sgi_*", MODE="0666"
++KERNEL=="z90crypt", MODE="0666"
++
++# These rules will create symlinks for CD/DVD drives, to help old
++# programs which are unable to automatically discover the devices.
++# The first detected device gets the symlink, but this is not stable across
++# reboots.
++ENV{ID_CDROM_CD_RW}=="?*", \
++ PROGRAM="/bin/sh -c 'ln -s %k /run/udev/link.cdrw 2>/dev/null; [ `readlink /run/udev/link.cdrw` = %k ]", \
++ SYMLINK+="cdrw", OPTIONS+="link_priority=-100"
++ENV{ID_CDROM_DVD}=="?*", \
++ PROGRAM="/bin/sh -c 'ln -s %k /run/udev/link.dvd 2>/dev/null; [ `readlink /run/udev/link.dvd` = %k ]", \
++ SYMLINK+="dvd", OPTIONS+="link_priority=-100"
++ENV{ID_CDROM_DVD_RW}=="?*", \
++ PROGRAM="/bin/sh -c 'ln -s %k /run/udev/link.dvdrw 2>/dev/null; [ `readlink /run/udev/link.dvdrw` = %k ]", \
++ SYMLINK+="dvdrw", OPTIONS+="link_priority=-100"
--- /dev/null
--- /dev/null
++#! /bin/sh
++# Set the CPU Frequency Scaling governor to "ondemand"/"powersave" where available
++set -eu
++
++FIRSTCPU=`cut -f1 -d- /sys/devices/system/cpu/online`
++AVAILABLE="/sys/devices/system/cpu/cpu$FIRSTCPU/cpufreq/scaling_available_governors"
++DOWN_FACTOR="/sys/devices/system/cpu/cpufreq/ondemand/sampling_down_factor"
++
++[ -f $AVAILABLE ] || exit 0
++
++read governors < $AVAILABLE
++case $governors in
++ *interactive*)
++ GOVERNOR="interactive"
++ break
++ ;;
++ *ondemand*)
++ GOVERNOR="ondemand"
++ case $(uname -m) in
++ ppc64*)
++ SAMPLING=100
++ ;;
++ esac
++ break
++ ;;
++ *powersave*)
++ GOVERNOR="powersave"
++ break
++ ;;
++ *)
++ exit 0
++ ;;
++esac
++
++[ -n "${GOVERNOR:-}" ] || exit 0
++
++echo "Setting $GOVERNOR scheduler for all CPUs"
++
++for CPUFREQ in /sys/devices/system/cpu/cpu*/cpufreq/scaling_governor
++do
++ [ -f $CPUFREQ ] || continue
++ echo -n $GOVERNOR > $CPUFREQ
++done
++if [ -n "${SAMPLING:-}" ] && [ -f $DOWN_FACTOR ]; then
++ echo -n $SAMPLING > $DOWN_FACTOR
++fi
--- /dev/null
--- /dev/null
++#!/bin/sh -e
++
++if [ -w /sys/kernel/uevent_helper ]; then
++ echo > /sys/kernel/uevent_helper
++fi
++
++if ! grep -E -q "^[^[:space:]]+ /dev devtmpfs" /proc/mounts; then
++ mount -n -o mode=0755 -t devtmpfs devtmpfs /dev
++fi
++
++SYSTEMD_LOG_LEVEL=notice /lib/systemd/systemd-udevd --daemon --resolve-names=never
++
++udevadm trigger --action=add
++
++mkdir -p /dev/pts
++mount -t devpts -o noexec,nosuid,gid=5,mode=0620 devpts /dev/pts
++
++udevadm settle || true
--- /dev/null
--- /dev/null
++#!/bin/sh
++# This script is called by "systemctl enable/disable" when the given unit is a
++# SysV init.d script. It needs to call the distribution's mechanism for
++# enabling/disabling those, such as chkconfig, update-rc.d, or similar. This
++# can optionally take a --root argument for enabling a SysV init script
++# in a chroot or similar.
++set -eu
++
++usage() {
++ echo "Usage: $0 [--root=path] enable|disable|is-enabled <sysv script name>" >&2
++ exit 1
++}
++
++ROOT=
++
++# parse options
++eval set -- "$(getopt -o r: --long root: -- "$@")"
++while true; do
++ case "$1" in
++ -r|--root)
++ ROOT="$2"
++ shift 2 ;;
++ --) shift ; break ;;
++ *) usage ;;
++ esac
++done
++
++NAME="${2:-}"
++
++run() {
++ if [ -n "$ROOT" ] && [ "$ROOT" != "/" ]; then
++ _SKIP_SYSTEMD_NATIVE=1 chroot "$ROOT" /usr/sbin/update-rc.d "$@"
++ else
++ _SKIP_SYSTEMD_NATIVE=1 /usr/sbin/update-rc.d "$@"
++ fi
++}
++
++[ -n "$NAME" ] || usage
++
++case "$1" in
++ enable)
++ # call the command to enable SysV init script $NAME here..
++ run "$NAME" defaults
++ run "$NAME" enable
++ ;;
++ disable)
++ run "$NAME" defaults
++ run "$NAME" disable
++ ;;
++ is-enabled)
++ # exit with 0 if $NAME is enabled, non-zero if it is disabled
++ ls "$ROOT"/etc/rc[S5].d/S??"$NAME" >/dev/null 2>&1
++ ;;
++ *)
++ usage ;;
++esac
--- /dev/null
--- /dev/null
++'''apport package hook for systemd
++
++(c) 2014 Canonical Ltd.
++Author: Martin Pitt <martin.pitt@ubuntu.com>
++'''
++
++import os.path
++import apport.hookutils
++
++def add_info(report):
++ apport.hookutils.attach_hardware(report)
++
++ report['SystemdDelta'] = apport.hookutils.command_output(['systemd-delta'])
++
++ if not os.path.exists('/run/systemd/system'):
++ return
++
++ # Add details about all failed units, if any
++ out = apport.hookutils.command_output(['systemctl', '--state=failed', '--full',
++ '--no-legend']).strip()
++ if out:
++ failed = ''
++ for line in out.splitlines():
++ unit = line.split()[0]
++ if failed:
++ failed += '------\n'
++ failed += apport.hookutils.command_output(['systemctl', 'status', '--full', unit])
++ report['SystemdFailedUnits'] = failed
++
--- /dev/null
--- /dev/null
++# This file is part of the debianisation of systemd.
++#
++# systemd is free software; you can redistribute it and/or modify it
++# under the terms of the GNU General Public License as published by
++# the Free Software Foundation; either version 2 of the License, or
++# (at your option) any later version.
++
++# See tmpfiles.d(5) for details
++
++# Type Path Mode UID GID Age Argument
++L /run/shm - - - - /dev/shm
++d /run/sendsigs.omit.d 0755 root root -
++
++L+ /etc/mtab - - - - ../proc/self/mounts
--- /dev/null
--- /dev/null
++'''apport package hook for udev
++
++(c) 2009 Canonical Ltd.
++Author: Martin Pitt <martin.pitt@ubuntu.com>
++'''
++
++import os
++import apport.hookutils
++
++def add_info(report):
++ apport.hookutils.attach_hardware(report)
++
++ user_rules = []
++ for f in os.listdir('/etc/udev/rules.d'):
++ if not f.startswith('70-persistent-') and f != 'README':
++ user_rules.append(f)
++
++ if user_rules:
++ report['CustomUdevRuleFiles'] = ' '.join(user_rules)
--- /dev/null
--- /dev/null
++[Unit]
++Description=Set the CPU Frequency Scaling governor
++ConditionVirtualization=no
++ConditionPathExists=/sys/devices/system/cpu/online
++# Don't run if we're going to start an Android LXC container on Ubuntu Touch
++ConditionPathExists=!/etc/init/lxc-android-config.conf
++
++[Service]
++Type=idle
++ExecStart=/lib/systemd/set-cpufreq
++
++[Install]
++WantedBy=multi-user.target
--- /dev/null
--- /dev/null
++# Avoid long hangs during shutdown if user services fail/hang due to X.org
++# going away too early
++[Service]
++TimeoutStopSec=5
--- /dev/null
--- /dev/null
++[Unit]
++Description=getty on tty2-tty6 if dbus and logind are not available
++ConditionPathExists=/dev/tty0
++ConditionPathExists=!/lib/systemd/system/dbus.service
++
++[Service]
++Type=oneshot
++ExecStart=/bin/systemctl --no-block start getty@tty2.service getty@tty3.service getty@tty4.service getty@tty5.service getty@tty6.service
++RemainAfterExit=true
++
--- /dev/null
--- /dev/null
++[Unit]
++# not specified by LSB, but has been behaving that way in Debian under SysV
++# init and upstart
++After=network-online.target
++
++# Often contains status messages which users expect to see on the console
++# during boot
++[Service]
++StandardOutput=journal+console
++StandardError=journal+console
--- /dev/null
--- /dev/null
++# tell resolvconf about resolved's builtin DNS server, so that DNS servers
++# picked up via networkd are respected when using resolvconf, and that software
++# like Chrome that does not do NSS (libnss-resolve) still gets proper DNS
++# resolution; do not remove the entry after stop though, as that leads to
++# timeouts on shutdown via the resolvconf hooks (see LP: #1648068)
++[Service]
++ExecStartPost=+/bin/sh -c '[ ! -e /run/resolvconf/enable-updates ] || echo "nameserver 127.0.0.53" | /sbin/resolvconf -a systemd-resolved'
++ReadWritePaths=-/run/resolvconf
--- /dev/null
--- /dev/null
++[DEFAULT]
++pristine-tar = False
++patch-numbers = False
++debian-branch = master
++
++[dch]
++full = True
++multimaint-merge = True
--- /dev/null
--- /dev/null
++#!/bin/bash
++
++set -e
++
++if [ -z "$*" ] ; then
++ echo "Usage: $0 [commit [commit ..]]"
++ exit 1
++fi
++
++
++curbranch=$(git rev-parse --abbrev-ref HEAD)
++
++# assert we got a branch
++[ -n "$curbranch" ]
++
++if [ $curbranch = HEAD ] ; then
++ echo "You are not currently on a branch, cannot cherry-pick"
++ exit 1
++fi
++
++case $curbranch in
++ patch-queue/*)
++ debbranch=${curbranch/patch-queue\/}
++ pqbranch=$curbranch
++ ;;
++ *)
++ debbranch=$curbranch
++ pqbranch=patch-queue/$curbranch
++ ;;
++esac
++
++commits=$(git rev-parse "$@")
++
++if git rev-parse $pqbranch &>/dev/null ; then
++ echo
++ echo "Will recreate patch-queue branch $pqbranch"
++ echo "It was pointing to" $(git rev-parse $pqbranch)
++ echo
++fi
++
++gbp pq import --force
++
++echo "Cherry-picking the following commits:"
++echo "$commits"
++
++picks=$(echo "$commits" | xargs echo exec git cherry-pick -x --no-edit --commit)
++
++# find the first debian commit
++firstdebian=$(git log -i --grep "topic.*debian" --pretty=%h --reverse $debbranch..$pqbranch | head -1)
++
++sedexpr="/$firstdebian/i$picks"
++
++GIT_EDITOR="sed -i -e '$sedexpr'" git rebase --interactive --no-autosquash $debbranch
++
++
--- /dev/null
--- /dev/null
++lib/*/libnss_myhostname*.so.*
++usr/share/man/man8/libnss_myhostname.so.2.8
++usr/share/man/man8/nss-myhostname.8
--- /dev/null
--- /dev/null
++# package is a NSS module, not a system library
++libnss-myhostname: package-name-doesnt-match-sonames
--- /dev/null
--- /dev/null
++#!/bin/sh
++set -e
++
++# This code was taken from libnss-myhostname
++
++# try to insert myhostname entries to the "hosts" line in /etc/nsswitch.conf to
++# automatically enable libnss-myhostname support; do not change the
++# configuration if the "hosts" line already references some myhostname lookups
++insert_nss_entry() {
++ echo "Checking NSS setup..."
++ # abort if /etc/nsswitch.conf does not exist
++ if ! [ -e /etc/nsswitch.conf ]; then
++ echo "Could not find /etc/nsswitch.conf."
++ return
++ fi
++ perl -i -pe '
++ sub insert {
++ my $line = shift;
++ # this also splits on tab
++ my @bits=split(" ", $line);
++ # do not break configuration if the "hosts" line already references
++ # myhostname
++ if (grep { $_ eq "myhostname"} @bits) {
++ return $line;
++ }
++ # add myhostname at the end
++ return $line . " myhostname";
++ }
++ s/^(hosts:\s+)(.*)/$1.insert($2)/e;
++ ' /etc/nsswitch.conf
++}
++
++if [ "$1" = configure ] && [ -z "$2" ]; then
++ echo "First installation detected..."
++ # first install: setup the recommended configuration (unless
++ # nsswitch.conf already contains myhostname entries)
++ insert_nss_entry
++fi
++
++#DEBHELPER#
--- /dev/null
--- /dev/null
++#!/bin/sh
++set -e
++
++remove_nss_entry() {
++ local file=$1
++ local pkg=$2
++ local module=$3
++ refcount=$(dpkg-query -f '${db:Status-Abbrev} ${binary:Package}\n' \
++ -W $pkg | grep '^i' | wc -l)
++ if [ "$refcount" -gt 0 ] ; then
++ # package is installed for other architectures still, do nothing
++ return
++ fi
++ echo "Checking NSS setup..."
++ # abort if file does not exist
++ if ! [ -e $file ]; then
++ echo "Could not find ${file}."
++ return
++ fi
++ # we must remove possible [foo=bar] options as well
++ sed -i -r "/hosts:/ s/[[:space:]]+$module\b([[:space:]]*\[[^]]*\])*//" $file
++}
++
++if [ "$1" = remove ]; then
++ remove_nss_entry /etc/nsswitch.conf libnss-myhostname myhostname
++fi
++
++#DEBHELPER#
--- /dev/null
--- /dev/null
++lib/*/libnss_mymachines*.so.*
++usr/share/man/man8/libnss_mymachines.so.2.8
++usr/share/man/man8/nss-mymachines.8
--- /dev/null
--- /dev/null
++# package is a NSS module, not a system library
++libnss-mymachines: package-name-doesnt-match-sonames
--- /dev/null
--- /dev/null
++#!/bin/sh
++set -e
++
++# This code was taken from libnss-myhostname
++
++# try to insert mymachines entries to the "hosts" line in /etc/nsswitch.conf to
++# automatically enable libnss-mymachines support; do not change the
++# configuration if the "hosts" line already references some mymachines lookups
++insert_nss_entry() {
++ echo "Checking NSS setup..."
++ # abort if /etc/nsswitch.conf does not exist
++ if ! [ -e /etc/nsswitch.conf ]; then
++ echo "Could not find /etc/nsswitch.conf."
++ return
++ fi
++ perl -i -pe '
++ sub insert {
++ my $line = shift;
++ # this also splits on tab
++ my @bits=split(" ", $line);
++ # do not break configuration if the "hosts" line already references
++ # mymachines
++ if (grep { $_ eq "mymachines"} @bits) {
++ return $line;
++ }
++ # add mymachines at the end
++ return $line . " mymachines";
++ }
++ s/^(hosts:\s+)(.*)/$1.insert($2)/e;
++ ' /etc/nsswitch.conf
++}
++
++if [ "$1" = configure ] && [ -z "$2" ]; then
++ echo "First installation detected..."
++ # first install: setup the recommended configuration (unless
++ # nsswitch.conf already contains mymachines entries)
++ insert_nss_entry
++fi
++
++#DEBHELPER#
--- /dev/null
--- /dev/null
++#!/bin/sh
++set -e
++
++remove_nss_entry() {
++ local file=$1
++ local pkg=$2
++ local module=$3
++ refcount=$(dpkg-query -f '${db:Status-Abbrev} ${binary:Package}\n' \
++ -W $pkg | grep '^i' | wc -l)
++ if [ "$refcount" -gt 0 ] ; then
++ # package is installed for other architectures still, do nothing
++ return
++ fi
++ echo "Checking NSS setup..."
++ # abort if file does not exist
++ if ! [ -e $file ]; then
++ echo "Could not find ${file}."
++ return
++ fi
++ # we must remove possible [foo=bar] options as well
++ sed -i -r "/hosts:/ s/[[:space:]]+$module\b([[:space:]]*\[[^]]*\])*//" $file
++}
++
++if [ "$1" = remove ]; then
++ remove_nss_entry /etc/nsswitch.conf libnss-mymachines mymachines
++fi
++
++#DEBHELPER#
--- /dev/null
--- /dev/null
++lib/*/libnss_resolve*.so.*
++usr/share/man/man8/libnss_resolve.so.2.8
++usr/share/man/man8/nss-resolve.8
--- /dev/null
--- /dev/null
++# package is a NSS module, not a system library
++libnss-resolve: package-name-doesnt-match-sonames
--- /dev/null
--- /dev/null
++#!/bin/sh
++set -e
++
++# This code was taken from libnss-myhostname
++
++# try to insert resolve entries to the "hosts" line in /etc/nsswitch.conf to
++# automatically enable libnss-resolve support; do not change the
++# configuration if the "hosts" line already references some resolve lookups
++insert_nss_entry() {
++ echo "Checking NSS setup..."
++ # abort if /etc/nsswitch.conf does not exist
++ if ! [ -e /etc/nsswitch.conf ]; then
++ echo "Could not find /etc/nsswitch.conf."
++ return
++ fi
++ perl -i -pe '
++ sub insert {
++ my $line = shift;
++ # this also splits on tab
++ my @bits=split(" ", $line);
++ # do not break configuration if the "hosts" line already references
++ # resolve
++ if (grep { $_ eq "resolve"} @bits) {
++ return $line;
++ }
++ # add resolve before dns
++ return join " ", map {
++ $_ eq "dns" ? ("resolve [!UNAVAIL=return]", "$_") : $_
++ } @bits;
++ }
++ s/^(hosts:\s+)(.*)/$1.insert($2)/e;
++ ' /etc/nsswitch.conf
++}
++
++if [ "$1" = configure ] && [ -z "$2" ]; then
++ echo "First installation detected..."
++ # first install: setup the recommended configuration (unless
++ # nsswitch.conf already contains resolve entries)
++ insert_nss_entry
++ # ... and enable resolved
++ systemctl enable systemd-resolved.service
++ if [ -d /run/systemd/system ]; then
++ deb-systemd-invoke start systemd-resolved.service || true
++ fi
++fi
++
++# Fix nsswitch action on upgrades
++if [ "$1" = configure ] && dpkg --compare-versions "$2" lt-nl "231-10"; then
++ if ! grep -q '^hosts:.*resolve[[:space:]]*\[' /etc/nsswitch.conf; then
++ echo "Adjusting 'resolv' entry in /etc/nsswitch.conf.."
++ sed -i '/^hosts:/ { s/resolve/& [!UNAVAIL=return]/}' /etc/nsswitch.conf
++ fi
++fi
++
++#DEBHELPER#
--- /dev/null
--- /dev/null
++#!/bin/sh
++set -e
++
++remove_nss_entry() {
++ local file=$1
++ local pkg=$2
++ local module=$3
++ refcount=$(dpkg-query -f '${db:Status-Abbrev} ${binary:Package}\n' \
++ -W $pkg | grep '^i' | wc -l)
++ if [ "$refcount" -gt 0 ] ; then
++ # package is installed for other architectures still, do nothing
++ return
++ fi
++ echo "Checking NSS setup..."
++ # abort if file does not exist
++ if ! [ -e $file ]; then
++ echo "Could not find ${file}."
++ return
++ fi
++ # we must remove possible [foo=bar] options as well
++ sed -i -r "/hosts:/ s/[[:space:]]+$module\b([[:space:]]*\[[^]]*\])*//" $file
++}
++
++if [ "$1" = remove ]; then
++ remove_nss_entry /etc/nsswitch.conf libnss-resolve resolve
++ systemctl disable systemd-resolved.service
++ if [ -d /run/systemd/system ]; then
++ deb-systemd-invoke stop systemd-resolved.service || true
++ fi
++fi
++
++#DEBHELPER#
--- /dev/null
--- /dev/null
++lib/*/libnss_systemd*.so.*
++usr/share/man/man8/libnss_systemd*
++usr/share/man/man8/nss-systemd*
--- /dev/null
--- /dev/null
++# package is a NSS module, not a system library
++libnss-systemd: package-name-doesnt-match-sonames
--- /dev/null
--- /dev/null
++#!/bin/sh
++set -e
++
++# try to insert the systemd entry to the "passwd" and "group" lines in
++# /etc/nsswitch.conf to automatically enable libnss-systemd support; do not
++# change the configuration if the lines already contain "systemd"
++insert_nss_entry() {
++ echo "Checking NSS setup..."
++ # abort if /etc/nsswitch.conf does not exist
++ if ! [ -e /etc/nsswitch.conf ]; then
++ echo "Could not find /etc/nsswitch.conf."
++ return
++ fi
++ perl -i -pe '
++ sub insert {
++ my $line = shift;
++ # this also splits on tab
++ my @bits=split(" ", $line);
++ # do not break configuration if the line already references
++ # systemd
++ if (grep { $_ eq "systemd"} @bits) {
++ return $line;
++ }
++ # add systemd at the end
++ return $line . " systemd";
++ }
++ s/^(passwd:\s+)(.*)/$1.insert($2)/e;
++ s/^(group:\s+)(.*)/$1.insert($2)/e;
++ ' /etc/nsswitch.conf
++}
++
++if [ "$1" = configure ] && [ -z "$2" ]; then
++ echo "First installation detected..."
++ # first install: setup the recommended configuration
++ insert_nss_entry
++fi
++
++#DEBHELPER#
--- /dev/null
--- /dev/null
++#!/bin/sh
++set -e
++
++remove_nss_entry() {
++ local file=$1
++ local pkg=$2
++ local module=$3
++ refcount=$(dpkg-query -f '${db:Status-Abbrev} ${binary:Package}\n' \
++ -W $pkg | grep '^i' | wc -l)
++ if [ "$refcount" -gt 0 ] ; then
++ # package is installed for other architectures still, do nothing
++ return
++ fi
++ echo "Checking NSS setup..."
++ # abort if file does not exist
++ if ! [ -e $file ]; then
++ echo "Could not find ${file}."
++ return
++ fi
++ # we must remove possible [foo=bar] options as well
++ sed -i -r "/(passwd|group):/ s/[[:space:]]+$module\b([[:space:]]*\[[^]]*\])*//" $file
++}
++
++if [ "$1" = remove ]; then
++ remove_nss_entry /etc/nsswitch.conf libnss-systemd systemd
++fi
++
++#DEBHELPER#
--- /dev/null
--- /dev/null
++lib/*/security/pam_systemd.so
++usr/share/man/man8/pam_systemd.8
++../../extra/pam-configs usr/share/
--- /dev/null
--- /dev/null
++#! /bin/sh
++
++set -e
++
++pam-auth-update --package
++
++#DEBHELPER#
--- /dev/null
--- /dev/null
++#! /bin/sh
++
++set -e
++
++# pam-auth-update --remove removes the named profile from the active config.
++# It arguably should be called during deconfigure as well, but deconfigure
++# can happen in some cases during a dist-upgrade and we don't want to
++# deconfigure all PAM modules in the middle of a dist-upgrade by accident.
++#
++# More importantly, with the current implementation, --remove also removes
++# all local preferences for the named config (such as whether it's enabled
++# or disabled), which we don't want to do on deconfigure.
++#
++# This may need to change later as pam-auth-update evolves.
++
++if [ "$1" = remove ] && [ "${DPKG_MAINTSCRIPT_PACKAGE_REFCOUNT:-1}" = 1 ]; then
++ pam-auth-update --package --remove systemd
++fi
++
++#DEBHELPER#
--- /dev/null
--- /dev/null
++lib/*/libsystemd.so
++usr/lib/*/pkgconfig/libsystemd.pc
++usr/include/systemd/
++usr/share/man/man3/sd*
++usr/share/man/man3/SD*
--- /dev/null
--- /dev/null
++lib/*/libsystemd.so.*
--- /dev/null
--- /dev/null
++libsystemd.so.0 libsystemd0 #MINVER#
++* Build-Depends-Package: libsystemd-dev
++ LIBSYSTEMD_209@LIBSYSTEMD_209 0
++ LIBSYSTEMD_211@LIBSYSTEMD_211 211
++ LIBSYSTEMD_213@LIBSYSTEMD_213 213
++ LIBSYSTEMD_214@LIBSYSTEMD_214 214
++ LIBSYSTEMD_216@LIBSYSTEMD_216 217
++ LIBSYSTEMD_217@LIBSYSTEMD_217 217
++ LIBSYSTEMD_219@LIBSYSTEMD_219 219
++ LIBSYSTEMD_220@LIBSYSTEMD_220 220
++ LIBSYSTEMD_221@LIBSYSTEMD_221 221
++ LIBSYSTEMD_222@LIBSYSTEMD_222 222
++ LIBSYSTEMD_226@LIBSYSTEMD_226 226
++ LIBSYSTEMD_227@LIBSYSTEMD_227 227
++ LIBSYSTEMD_229@LIBSYSTEMD_229 229
++ LIBSYSTEMD_230@LIBSYSTEMD_230 230
++ LIBSYSTEMD_231@LIBSYSTEMD_231 231
++ LIBSYSTEMD_232@LIBSYSTEMD_232 232
++ LIBSYSTEMD_233@LIBSYSTEMD_233 233
++ LIBSYSTEMD_234@LIBSYSTEMD_234 234
++ LIBSYSTEMD_236@LIBSYSTEMD_236 236
++ LIBSYSTEMD_237@LIBSYSTEMD_237 237
++ LIBSYSTEMD_238@LIBSYSTEMD_238 238
++ LIBSYSTEMD_239@LIBSYSTEMD_239 239
++ sd_booted@LIBSYSTEMD_209 0
++ sd_bus_add_fallback@LIBSYSTEMD_221 221
++ sd_bus_add_fallback_vtable@LIBSYSTEMD_221 221
++ sd_bus_add_filter@LIBSYSTEMD_221 221
++ sd_bus_add_match@LIBSYSTEMD_221 221
++ sd_bus_add_match_async@LIBSYSTEMD_237 237
++ sd_bus_add_node_enumerator@LIBSYSTEMD_221 221
++ sd_bus_add_object@LIBSYSTEMD_221 221
++ sd_bus_add_object_manager@LIBSYSTEMD_221 221
++ sd_bus_add_object_vtable@LIBSYSTEMD_221 221
++ sd_bus_attach_event@LIBSYSTEMD_221 221
++ sd_bus_call@LIBSYSTEMD_221 221
++ sd_bus_call_async@LIBSYSTEMD_221 221
++ sd_bus_call_method@LIBSYSTEMD_221 221
++ sd_bus_call_method_async@LIBSYSTEMD_221 221
++ sd_bus_can_send@LIBSYSTEMD_221 221
++ sd_bus_close@LIBSYSTEMD_221 221
++ sd_bus_creds_get_audit_login_uid@LIBSYSTEMD_221 221
++ sd_bus_creds_get_audit_session_id@LIBSYSTEMD_221 221
++ sd_bus_creds_get_augmented_mask@LIBSYSTEMD_221 221
++ sd_bus_creds_get_cgroup@LIBSYSTEMD_221 221
++ sd_bus_creds_get_cmdline@LIBSYSTEMD_221 221
++ sd_bus_creds_get_comm@LIBSYSTEMD_221 221
++ sd_bus_creds_get_description@LIBSYSTEMD_221 221
++ sd_bus_creds_get_egid@LIBSYSTEMD_221 221
++ sd_bus_creds_get_euid@LIBSYSTEMD_221 221
++ sd_bus_creds_get_exe@LIBSYSTEMD_221 221
++ sd_bus_creds_get_fsgid@LIBSYSTEMD_221 221
++ sd_bus_creds_get_fsuid@LIBSYSTEMD_221 221
++ sd_bus_creds_get_gid@LIBSYSTEMD_221 221
++ sd_bus_creds_get_mask@LIBSYSTEMD_221 221
++ sd_bus_creds_get_owner_uid@LIBSYSTEMD_221 221
++ sd_bus_creds_get_pid@LIBSYSTEMD_221 221
++ sd_bus_creds_get_ppid@LIBSYSTEMD_221 221
++ sd_bus_creds_get_selinux_context@LIBSYSTEMD_221 221
++ sd_bus_creds_get_session@LIBSYSTEMD_221 221
++ sd_bus_creds_get_sgid@LIBSYSTEMD_221 221
++ sd_bus_creds_get_slice@LIBSYSTEMD_221 221
++ sd_bus_creds_get_suid@LIBSYSTEMD_221 221
++ sd_bus_creds_get_supplementary_gids@LIBSYSTEMD_221 221
++ sd_bus_creds_get_tid@LIBSYSTEMD_221 221
++ sd_bus_creds_get_tid_comm@LIBSYSTEMD_221 221
++ sd_bus_creds_get_tty@LIBSYSTEMD_221 221
++ sd_bus_creds_get_uid@LIBSYSTEMD_221 221
++ sd_bus_creds_get_unique_name@LIBSYSTEMD_221 221
++ sd_bus_creds_get_unit@LIBSYSTEMD_221 221
++ sd_bus_creds_get_user_slice@LIBSYSTEMD_221 221
++ sd_bus_creds_get_user_unit@LIBSYSTEMD_221 221
++ sd_bus_creds_get_well_known_names@LIBSYSTEMD_221 221
++ sd_bus_creds_has_bounding_cap@LIBSYSTEMD_221 221
++ sd_bus_creds_has_effective_cap@LIBSYSTEMD_221 221
++ sd_bus_creds_has_inheritable_cap@LIBSYSTEMD_221 221
++ sd_bus_creds_has_permitted_cap@LIBSYSTEMD_221 221
++ sd_bus_creds_new_from_pid@LIBSYSTEMD_221 221
++ sd_bus_creds_ref@LIBSYSTEMD_221 221
++ sd_bus_creds_unref@LIBSYSTEMD_221 221
++ sd_bus_default@LIBSYSTEMD_221 221
++ sd_bus_default_flush_close@LIBSYSTEMD_227 227
++ sd_bus_default_system@LIBSYSTEMD_221 221
++ sd_bus_default_user@LIBSYSTEMD_221 221
++ sd_bus_detach_event@LIBSYSTEMD_221 221
++ sd_bus_emit_interfaces_added@LIBSYSTEMD_221 221
++ sd_bus_emit_interfaces_added_strv@LIBSYSTEMD_221 221
++ sd_bus_emit_interfaces_removed@LIBSYSTEMD_221 221
++ sd_bus_emit_interfaces_removed_strv@LIBSYSTEMD_221 221
++ sd_bus_emit_object_added@LIBSYSTEMD_222 222
++ sd_bus_emit_object_removed@LIBSYSTEMD_222 222
++ sd_bus_emit_properties_changed@LIBSYSTEMD_221 221
++ sd_bus_emit_properties_changed_strv@LIBSYSTEMD_221 221
++ sd_bus_emit_signal@LIBSYSTEMD_221 221
++ sd_bus_error_add_map@LIBSYSTEMD_221 221
++ sd_bus_error_copy@LIBSYSTEMD_221 221
++ sd_bus_error_free@LIBSYSTEMD_221 221
++ sd_bus_error_get_errno@LIBSYSTEMD_221 221
++ sd_bus_error_has_name@LIBSYSTEMD_221 221
++ sd_bus_error_is_set@LIBSYSTEMD_221 221
++ sd_bus_error_set@LIBSYSTEMD_221 221
++ sd_bus_error_set_const@LIBSYSTEMD_221 221
++ sd_bus_error_set_errno@LIBSYSTEMD_221 221
++ sd_bus_error_set_errnof@LIBSYSTEMD_221 221
++ sd_bus_error_set_errnofv@LIBSYSTEMD_221 221
++ sd_bus_error_setf@LIBSYSTEMD_221 221
++ sd_bus_flush@LIBSYSTEMD_221 221
++ sd_bus_flush_close_unref@LIBSYSTEMD_222 222
++ sd_bus_get_address@LIBSYSTEMD_221 221
++ sd_bus_get_allow_interactive_authorization@LIBSYSTEMD_221 221
++ sd_bus_get_bus_id@LIBSYSTEMD_221 221
++ sd_bus_get_connected_signal@LIBSYSTEMD_237 237
++ sd_bus_get_creds_mask@LIBSYSTEMD_221 221
++ sd_bus_get_current_handler@LIBSYSTEMD_221 221
++ sd_bus_get_current_message@LIBSYSTEMD_221 221
++ sd_bus_get_current_slot@LIBSYSTEMD_221 221
++ sd_bus_get_current_userdata@LIBSYSTEMD_221 221
++ sd_bus_get_description@LIBSYSTEMD_221 221
++ sd_bus_get_event@LIBSYSTEMD_221 221
++ sd_bus_get_events@LIBSYSTEMD_221 221
++ sd_bus_get_exit_on_disconnect@LIBSYSTEMD_232 232
++ sd_bus_get_fd@LIBSYSTEMD_221 221
++ sd_bus_get_n_queued_read@LIBSYSTEMD_238 238
++ sd_bus_get_n_queued_write@LIBSYSTEMD_238 238
++ sd_bus_get_name_creds@LIBSYSTEMD_221 221
++ sd_bus_get_name_machine_id@LIBSYSTEMD_221 221
++ sd_bus_get_owner_creds@LIBSYSTEMD_221 221
++ sd_bus_get_property@LIBSYSTEMD_221 221
++ sd_bus_get_property_string@LIBSYSTEMD_221 221
++ sd_bus_get_property_strv@LIBSYSTEMD_221 221
++ sd_bus_get_property_trivial@LIBSYSTEMD_221 221
++ sd_bus_get_scope@LIBSYSTEMD_221 221
++ sd_bus_get_sender@LIBSYSTEMD_237 237
++ sd_bus_get_tid@LIBSYSTEMD_221 221
++ sd_bus_get_timeout@LIBSYSTEMD_221 221
++ sd_bus_get_unique_name@LIBSYSTEMD_221 221
++ sd_bus_get_watch_bind@LIBSYSTEMD_237 237
++ sd_bus_is_anonymous@LIBSYSTEMD_221 221
++ sd_bus_is_bus_client@LIBSYSTEMD_221 221
++ sd_bus_is_monitor@LIBSYSTEMD_221 221
++ sd_bus_is_open@LIBSYSTEMD_221 221
++ sd_bus_is_ready@LIBSYSTEMD_237 237
++ sd_bus_is_server@LIBSYSTEMD_221 221
++ sd_bus_is_trusted@LIBSYSTEMD_221 221
++ sd_bus_list_names@LIBSYSTEMD_221 221
++ sd_bus_match_signal@LIBSYSTEMD_237 237
++ sd_bus_match_signal_async@LIBSYSTEMD_237 237
++ sd_bus_message_append@LIBSYSTEMD_221 221
++ sd_bus_message_append_array@LIBSYSTEMD_221 221
++ sd_bus_message_append_array_iovec@LIBSYSTEMD_221 221
++ sd_bus_message_append_array_memfd@LIBSYSTEMD_221 221
++ sd_bus_message_append_array_space@LIBSYSTEMD_221 221
++ sd_bus_message_append_basic@LIBSYSTEMD_221 221
++ sd_bus_message_append_string_iovec@LIBSYSTEMD_221 221
++ sd_bus_message_append_string_memfd@LIBSYSTEMD_221 221
++ sd_bus_message_append_string_space@LIBSYSTEMD_221 221
++ sd_bus_message_append_strv@LIBSYSTEMD_221 221
++ sd_bus_message_appendv@LIBSYSTEMD_234 234
++ sd_bus_message_at_end@LIBSYSTEMD_221 221
++ sd_bus_message_close_container@LIBSYSTEMD_221 221
++ sd_bus_message_copy@LIBSYSTEMD_221 221
++ sd_bus_message_enter_container@LIBSYSTEMD_221 221
++ sd_bus_message_exit_container@LIBSYSTEMD_221 221
++ sd_bus_message_get_allow_interactive_authorization@LIBSYSTEMD_221 221
++ sd_bus_message_get_auto_start@LIBSYSTEMD_221 221
++ sd_bus_message_get_bus@LIBSYSTEMD_221 221
++ sd_bus_message_get_cookie@LIBSYSTEMD_221 221
++ sd_bus_message_get_creds@LIBSYSTEMD_221 221
++ sd_bus_message_get_destination@LIBSYSTEMD_221 221
++ sd_bus_message_get_errno@LIBSYSTEMD_221 221
++ sd_bus_message_get_error@LIBSYSTEMD_221 221
++ sd_bus_message_get_expect_reply@LIBSYSTEMD_221 221
++ sd_bus_message_get_interface@LIBSYSTEMD_221 221
++ sd_bus_message_get_member@LIBSYSTEMD_221 221
++ sd_bus_message_get_monotonic_usec@LIBSYSTEMD_221 221
++ sd_bus_message_get_path@LIBSYSTEMD_221 221
++ sd_bus_message_get_priority@LIBSYSTEMD_221 221
++ sd_bus_message_get_realtime_usec@LIBSYSTEMD_221 221
++ sd_bus_message_get_reply_cookie@LIBSYSTEMD_221 221
++ sd_bus_message_get_sender@LIBSYSTEMD_221 221
++ sd_bus_message_get_seqnum@LIBSYSTEMD_221 221
++ sd_bus_message_get_signature@LIBSYSTEMD_221 221
++ sd_bus_message_get_type@LIBSYSTEMD_221 221
++ sd_bus_message_has_signature@LIBSYSTEMD_221 221
++ sd_bus_message_is_empty@LIBSYSTEMD_221 221
++ sd_bus_message_is_method_call@LIBSYSTEMD_221 221
++ sd_bus_message_is_method_error@LIBSYSTEMD_221 221
++ sd_bus_message_is_signal@LIBSYSTEMD_221 221
++ sd_bus_message_new@LIBSYSTEMD_236 236
++ sd_bus_message_new_method_call@LIBSYSTEMD_221 221
++ sd_bus_message_new_method_errno@LIBSYSTEMD_221 221
++ sd_bus_message_new_method_errnof@LIBSYSTEMD_221 221
++ sd_bus_message_new_method_error@LIBSYSTEMD_221 221
++ sd_bus_message_new_method_errorf@LIBSYSTEMD_221 221
++ sd_bus_message_new_method_return@LIBSYSTEMD_221 221
++ sd_bus_message_new_signal@LIBSYSTEMD_221 221
++ sd_bus_message_open_container@LIBSYSTEMD_221 221
++ sd_bus_message_peek_type@LIBSYSTEMD_221 221
++ sd_bus_message_read@LIBSYSTEMD_221 221
++ sd_bus_message_read_array@LIBSYSTEMD_221 221
++ sd_bus_message_read_basic@LIBSYSTEMD_221 221
++ sd_bus_message_read_strv@LIBSYSTEMD_221 221
++ sd_bus_message_ref@LIBSYSTEMD_221 221
++ sd_bus_message_rewind@LIBSYSTEMD_221 221
++ sd_bus_message_seal@LIBSYSTEMD_236 236
++ sd_bus_message_set_allow_interactive_authorization@LIBSYSTEMD_221 221
++ sd_bus_message_set_auto_start@LIBSYSTEMD_221 221
++ sd_bus_message_set_destination@LIBSYSTEMD_221 221
++ sd_bus_message_set_expect_reply@LIBSYSTEMD_221 221
++ sd_bus_message_set_priority@LIBSYSTEMD_221 221
++ sd_bus_message_set_sender@LIBSYSTEMD_237 237
++ sd_bus_message_skip@LIBSYSTEMD_221 221
++ sd_bus_message_unref@LIBSYSTEMD_221 221
++ sd_bus_message_verify_type@LIBSYSTEMD_221 221
++ sd_bus_negotiate_creds@LIBSYSTEMD_221 221
++ sd_bus_negotiate_fds@LIBSYSTEMD_221 221
++ sd_bus_negotiate_timestamp@LIBSYSTEMD_221 221
++ sd_bus_new@LIBSYSTEMD_221 221
++ sd_bus_open@LIBSYSTEMD_221 221
++ sd_bus_open_system@LIBSYSTEMD_221 221
++ sd_bus_open_system_machine@LIBSYSTEMD_221 221
++ sd_bus_open_system_remote@LIBSYSTEMD_221 221
++ sd_bus_open_system_with_description@LIBSYSTEMD_239 239
++ sd_bus_open_user@LIBSYSTEMD_221 221
++ sd_bus_open_user_with_description@LIBSYSTEMD_239 239
++ sd_bus_open_with_description@LIBSYSTEMD_239 239
++ sd_bus_path_decode@LIBSYSTEMD_221 221
++ sd_bus_path_decode_many@LIBSYSTEMD_227 227
++ sd_bus_path_encode@LIBSYSTEMD_221 221
++ sd_bus_path_encode_many@LIBSYSTEMD_227 227
++ sd_bus_process@LIBSYSTEMD_221 221
++ sd_bus_process_priority@LIBSYSTEMD_221 221
++ sd_bus_query_sender_creds@LIBSYSTEMD_221 221
++ sd_bus_query_sender_privilege@LIBSYSTEMD_221 221
++ sd_bus_ref@LIBSYSTEMD_221 221
++ sd_bus_release_name@LIBSYSTEMD_221 221
++ sd_bus_release_name_async@LIBSYSTEMD_237 237
++ sd_bus_reply_method_errno@LIBSYSTEMD_221 221
++ sd_bus_reply_method_errnof@LIBSYSTEMD_221 221
++ sd_bus_reply_method_error@LIBSYSTEMD_221 221
++ sd_bus_reply_method_errorf@LIBSYSTEMD_221 221
++ sd_bus_reply_method_return@LIBSYSTEMD_221 221
++ sd_bus_request_name@LIBSYSTEMD_221 221
++ sd_bus_request_name_async@LIBSYSTEMD_237 237
++ sd_bus_send@LIBSYSTEMD_221 221
++ sd_bus_send_to@LIBSYSTEMD_221 221
++ sd_bus_set_address@LIBSYSTEMD_221 221
++ sd_bus_set_allow_interactive_authorization@LIBSYSTEMD_221 221
++ sd_bus_set_anonymous@LIBSYSTEMD_221 221
++ sd_bus_set_bus_client@LIBSYSTEMD_221 221
++ sd_bus_set_connected_signal@LIBSYSTEMD_237 237
++ sd_bus_set_description@LIBSYSTEMD_221 221
++ sd_bus_set_exec@LIBSYSTEMD_221 221
++ sd_bus_set_exit_on_disconnect@LIBSYSTEMD_232 232
++ sd_bus_set_fd@LIBSYSTEMD_221 221
++ sd_bus_set_monitor@LIBSYSTEMD_221 221
++ sd_bus_set_property@LIBSYSTEMD_221 221
++ sd_bus_set_sender@LIBSYSTEMD_237 237
++ sd_bus_set_server@LIBSYSTEMD_221 221
++ sd_bus_set_trusted@LIBSYSTEMD_221 221
++ sd_bus_set_watch_bind@LIBSYSTEMD_237 237
++ sd_bus_slot_get_bus@LIBSYSTEMD_221 221
++ sd_bus_slot_get_current_handler@LIBSYSTEMD_221 221
++ sd_bus_slot_get_current_message@LIBSYSTEMD_221 221
++ sd_bus_slot_get_current_userdata@LIBSYSTEMD_221 221
++ sd_bus_slot_get_description@LIBSYSTEMD_221 221
++ sd_bus_slot_get_destroy_callback@LIBSYSTEMD_239 239
++ sd_bus_slot_get_floating@LIBSYSTEMD_239 239
++ sd_bus_slot_get_userdata@LIBSYSTEMD_221 221
++ sd_bus_slot_ref@LIBSYSTEMD_221 221
++ sd_bus_slot_set_description@LIBSYSTEMD_221 221
++ sd_bus_slot_set_destroy_callback@LIBSYSTEMD_239 239
++ sd_bus_slot_set_floating@LIBSYSTEMD_239 239
++ sd_bus_slot_set_userdata@LIBSYSTEMD_221 221
++ sd_bus_slot_unref@LIBSYSTEMD_221 221
++ sd_bus_start@LIBSYSTEMD_221 221
++ sd_bus_track_add_name@LIBSYSTEMD_221 221
++ sd_bus_track_add_sender@LIBSYSTEMD_221 221
++ sd_bus_track_contains@LIBSYSTEMD_221 221
++ sd_bus_track_count@LIBSYSTEMD_221 221
++ sd_bus_track_count_name@LIBSYSTEMD_232 232
++ sd_bus_track_count_sender@LIBSYSTEMD_232 232
++ sd_bus_track_first@LIBSYSTEMD_221 221
++ sd_bus_track_get_bus@LIBSYSTEMD_221 221
++ sd_bus_track_get_destroy_callback@LIBSYSTEMD_239 239
++ sd_bus_track_get_recursive@LIBSYSTEMD_232 232
++ sd_bus_track_get_userdata@LIBSYSTEMD_221 221
++ sd_bus_track_new@LIBSYSTEMD_221 221
++ sd_bus_track_next@LIBSYSTEMD_221 221
++ sd_bus_track_ref@LIBSYSTEMD_221 221
++ sd_bus_track_remove_name@LIBSYSTEMD_221 221
++ sd_bus_track_remove_sender@LIBSYSTEMD_221 221
++ sd_bus_track_set_destroy_callback@LIBSYSTEMD_239 239
++ sd_bus_track_set_recursive@LIBSYSTEMD_232 232
++ sd_bus_track_set_userdata@LIBSYSTEMD_221 221
++ sd_bus_track_unref@LIBSYSTEMD_221 221
++ sd_bus_try_close@LIBSYSTEMD_221 221
++ sd_bus_unref@LIBSYSTEMD_221 221
++ sd_bus_wait@LIBSYSTEMD_221 221
++ sd_event_add_child@LIBSYSTEMD_221 221
++ sd_event_add_defer@LIBSYSTEMD_221 221
++ sd_event_add_exit@LIBSYSTEMD_221 221
++ sd_event_add_inotify@LIBSYSTEMD_239 239
++ sd_event_add_io@LIBSYSTEMD_221 221
++ sd_event_add_post@LIBSYSTEMD_221 221
++ sd_event_add_signal@LIBSYSTEMD_221 221
++ sd_event_add_time@LIBSYSTEMD_221 221
++ sd_event_default@LIBSYSTEMD_221 221
++ sd_event_dispatch@LIBSYSTEMD_221 221
++ sd_event_exit@LIBSYSTEMD_221 221
++ sd_event_get_exit_code@LIBSYSTEMD_221 221
++ sd_event_get_fd@LIBSYSTEMD_221 221
++ sd_event_get_iteration@LIBSYSTEMD_231 231
++ sd_event_get_state@LIBSYSTEMD_221 221
++ sd_event_get_tid@LIBSYSTEMD_221 221
++ sd_event_get_watchdog@LIBSYSTEMD_221 221
++ sd_event_loop@LIBSYSTEMD_221 221
++ sd_event_new@LIBSYSTEMD_221 221
++ sd_event_now@LIBSYSTEMD_221 221
++ sd_event_prepare@LIBSYSTEMD_221 221
++ sd_event_ref@LIBSYSTEMD_221 221
++ sd_event_run@LIBSYSTEMD_221 221
++ sd_event_set_watchdog@LIBSYSTEMD_221 221
++ sd_event_source_get_child_pid@LIBSYSTEMD_221 221
++ sd_event_source_get_description@LIBSYSTEMD_221 221
++ sd_event_source_get_destroy_callback@LIBSYSTEMD_239 239
++ sd_event_source_get_enabled@LIBSYSTEMD_221 221
++ sd_event_source_get_event@LIBSYSTEMD_221 221
++ sd_event_source_get_inotify_mask@LIBSYSTEMD_239 239
++ sd_event_source_get_io_events@LIBSYSTEMD_221 221
++ sd_event_source_get_io_fd@LIBSYSTEMD_221 221
++ sd_event_source_get_io_fd_own@LIBSYSTEMD_237 237
++ sd_event_source_get_io_revents@LIBSYSTEMD_221 221
++ sd_event_source_get_pending@LIBSYSTEMD_221 221
++ sd_event_source_get_priority@LIBSYSTEMD_221 221
++ sd_event_source_get_signal@LIBSYSTEMD_221 221
++ sd_event_source_get_time@LIBSYSTEMD_221 221
++ sd_event_source_get_time_accuracy@LIBSYSTEMD_221 221
++ sd_event_source_get_time_clock@LIBSYSTEMD_221 221
++ sd_event_source_get_userdata@LIBSYSTEMD_221 221
++ sd_event_source_ref@LIBSYSTEMD_221 221
++ sd_event_source_set_description@LIBSYSTEMD_221 221
++ sd_event_source_set_destroy_callback@LIBSYSTEMD_239 239
++ sd_event_source_set_enabled@LIBSYSTEMD_221 221
++ sd_event_source_set_io_events@LIBSYSTEMD_221 221
++ sd_event_source_set_io_fd@LIBSYSTEMD_221 221
++ sd_event_source_set_io_fd_own@LIBSYSTEMD_237 237
++ sd_event_source_set_prepare@LIBSYSTEMD_221 221
++ sd_event_source_set_priority@LIBSYSTEMD_221 221
++ sd_event_source_set_time@LIBSYSTEMD_221 221
++ sd_event_source_set_time_accuracy@LIBSYSTEMD_221 221
++ sd_event_source_set_userdata@LIBSYSTEMD_221 221
++ sd_event_source_unref@LIBSYSTEMD_221 221
++ sd_event_unref@LIBSYSTEMD_221 221
++ sd_event_wait@LIBSYSTEMD_221 221
++ sd_get_machine_names@LIBSYSTEMD_209 0
++ sd_get_seats@LIBSYSTEMD_209 0
++ sd_get_sessions@LIBSYSTEMD_209 0
++ sd_get_uids@LIBSYSTEMD_209 0
++ sd_id128_from_string@LIBSYSTEMD_209 0
++ sd_id128_get_boot@LIBSYSTEMD_209 0
++ sd_id128_get_invocation@LIBSYSTEMD_232 232
++ sd_id128_get_machine@LIBSYSTEMD_209 0
++ sd_id128_get_machine_app_specific@LIBSYSTEMD_233 233
++ sd_id128_randomize@LIBSYSTEMD_209 0
++ sd_id128_to_string@LIBSYSTEMD_209 0
++ sd_is_fifo@LIBSYSTEMD_209 0
++ sd_is_mq@LIBSYSTEMD_209 0
++ sd_is_socket@LIBSYSTEMD_209 0
++ sd_is_socket_inet@LIBSYSTEMD_209 0
++ sd_is_socket_sockaddr@LIBSYSTEMD_233 233
++ sd_is_socket_unix@LIBSYSTEMD_209 0
++ sd_is_special@LIBSYSTEMD_209 0
++ sd_journal_add_conjunction@LIBSYSTEMD_209 0
++ sd_journal_add_disjunction@LIBSYSTEMD_209 0
++ sd_journal_add_match@LIBSYSTEMD_209 0
++ sd_journal_close@LIBSYSTEMD_209 0
++ sd_journal_enumerate_data@LIBSYSTEMD_209 0
++ sd_journal_enumerate_fields@LIBSYSTEMD_229 229
++ sd_journal_enumerate_unique@LIBSYSTEMD_209 0
++ sd_journal_flush_matches@LIBSYSTEMD_209 0
++ sd_journal_get_catalog@LIBSYSTEMD_209 0
++ sd_journal_get_catalog_for_message_id@LIBSYSTEMD_209 0
++ sd_journal_get_cursor@LIBSYSTEMD_209 0
++ sd_journal_get_cutoff_monotonic_usec@LIBSYSTEMD_209 0
++ sd_journal_get_cutoff_realtime_usec@LIBSYSTEMD_209 0
++ sd_journal_get_data@LIBSYSTEMD_209 0
++ sd_journal_get_data_threshold@LIBSYSTEMD_209 0
++ sd_journal_get_events@LIBSYSTEMD_209 0
++ sd_journal_get_fd@LIBSYSTEMD_209 0
++ sd_journal_get_monotonic_usec@LIBSYSTEMD_209 0
++ sd_journal_get_realtime_usec@LIBSYSTEMD_209 0
++ sd_journal_get_timeout@LIBSYSTEMD_209 0
++ sd_journal_get_usage@LIBSYSTEMD_209 0
++ sd_journal_has_persistent_files@LIBSYSTEMD_229 229
++ sd_journal_has_runtime_files@LIBSYSTEMD_229 229
++ sd_journal_next@LIBSYSTEMD_209 0
++ sd_journal_next_skip@LIBSYSTEMD_209 0
++ sd_journal_open@LIBSYSTEMD_209 0
++ sd_journal_open_container@LIBSYSTEMD_209 0
++ sd_journal_open_directory@LIBSYSTEMD_209 0
++ sd_journal_open_directory_fd@LIBSYSTEMD_230 230
++ sd_journal_open_files@LIBSYSTEMD_209 0
++ sd_journal_open_files_fd@LIBSYSTEMD_230 230
++ sd_journal_perror@LIBSYSTEMD_209 0
++ sd_journal_perror_with_location@LIBSYSTEMD_209 0
++ sd_journal_previous@LIBSYSTEMD_209 0
++ sd_journal_previous_skip@LIBSYSTEMD_209 0
++ sd_journal_print@LIBSYSTEMD_209 0
++ sd_journal_print_with_location@LIBSYSTEMD_209 0
++ sd_journal_printv@LIBSYSTEMD_209 0
++ sd_journal_printv_with_location@LIBSYSTEMD_209 0
++ sd_journal_process@LIBSYSTEMD_209 0
++ sd_journal_query_unique@LIBSYSTEMD_209 0
++ sd_journal_reliable_fd@LIBSYSTEMD_209 0
++ sd_journal_restart_data@LIBSYSTEMD_209 0
++ sd_journal_restart_fields@LIBSYSTEMD_229 229
++ sd_journal_restart_unique@LIBSYSTEMD_209 0
++ sd_journal_seek_cursor@LIBSYSTEMD_209 0
++ sd_journal_seek_head@LIBSYSTEMD_209 0
++ sd_journal_seek_monotonic_usec@LIBSYSTEMD_209 0
++ sd_journal_seek_realtime_usec@LIBSYSTEMD_209 0
++ sd_journal_seek_tail@LIBSYSTEMD_209 0
++ sd_journal_send@LIBSYSTEMD_209 0
++ sd_journal_send_with_location@LIBSYSTEMD_209 0
++ sd_journal_sendv@LIBSYSTEMD_209 0
++ sd_journal_sendv_with_location@LIBSYSTEMD_209 0
++ sd_journal_set_data_threshold@LIBSYSTEMD_209 0
++ sd_journal_stream_fd@LIBSYSTEMD_209 0
++ sd_journal_test_cursor@LIBSYSTEMD_209 0
++ sd_journal_wait@LIBSYSTEMD_209 0
++ sd_listen_fds@LIBSYSTEMD_209 0
++ sd_listen_fds_with_names@LIBSYSTEMD_227 227
++ sd_login_monitor_flush@LIBSYSTEMD_209 0
++ sd_login_monitor_get_events@LIBSYSTEMD_209 0
++ sd_login_monitor_get_fd@LIBSYSTEMD_209 0
++ sd_login_monitor_get_timeout@LIBSYSTEMD_209 0
++ sd_login_monitor_new@LIBSYSTEMD_209 0
++ sd_login_monitor_unref@LIBSYSTEMD_209 0
++ sd_machine_get_class@LIBSYSTEMD_211 211
++ sd_machine_get_ifindices@LIBSYSTEMD_216 217
++ sd_notify@LIBSYSTEMD_209 0
++ sd_notifyf@LIBSYSTEMD_209 0
++ sd_peer_get_cgroup@LIBSYSTEMD_226 226
++ sd_peer_get_machine_name@LIBSYSTEMD_211 211
++ sd_peer_get_owner_uid@LIBSYSTEMD_211 211
++ sd_peer_get_session@LIBSYSTEMD_211 211
++ sd_peer_get_slice@LIBSYSTEMD_211 211
++ sd_peer_get_unit@LIBSYSTEMD_211 211
++ sd_peer_get_user_slice@LIBSYSTEMD_220 220
++ sd_peer_get_user_unit@LIBSYSTEMD_211 211
++ sd_pid_get_cgroup@LIBSYSTEMD_226 226
++ sd_pid_get_machine_name@LIBSYSTEMD_209 0
++ sd_pid_get_owner_uid@LIBSYSTEMD_209 0
++ sd_pid_get_session@LIBSYSTEMD_209 0
++ sd_pid_get_slice@LIBSYSTEMD_209 0
++ sd_pid_get_unit@LIBSYSTEMD_209 0
++ sd_pid_get_user_slice@LIBSYSTEMD_220 220
++ sd_pid_get_user_unit@LIBSYSTEMD_209 0
++ sd_pid_notify@LIBSYSTEMD_214 214
++ sd_pid_notify_with_fds@LIBSYSTEMD_219 219
++ sd_pid_notifyf@LIBSYSTEMD_214 214
++ sd_seat_can_graphical@LIBSYSTEMD_209 0
++ sd_seat_can_multi_session@LIBSYSTEMD_209 0
++ sd_seat_can_tty@LIBSYSTEMD_209 0
++ sd_seat_get_active@LIBSYSTEMD_209 0
++ sd_seat_get_sessions@LIBSYSTEMD_209 0
++ sd_session_get_class@LIBSYSTEMD_209 0
++ sd_session_get_desktop@LIBSYSTEMD_217 217
++ sd_session_get_display@LIBSYSTEMD_209 0
++ sd_session_get_remote_host@LIBSYSTEMD_209 0
++ sd_session_get_remote_user@LIBSYSTEMD_209 0
++ sd_session_get_seat@LIBSYSTEMD_209 0
++ sd_session_get_service@LIBSYSTEMD_209 0
++ sd_session_get_state@LIBSYSTEMD_209 0
++ sd_session_get_tty@LIBSYSTEMD_209 0
++ sd_session_get_type@LIBSYSTEMD_209 0
++ sd_session_get_uid@LIBSYSTEMD_209 0
++ sd_session_get_vt@LIBSYSTEMD_209 0
++ sd_session_is_active@LIBSYSTEMD_209 0
++ sd_session_is_remote@LIBSYSTEMD_209 0
++ sd_uid_get_display@LIBSYSTEMD_213 213
++ sd_uid_get_seats@LIBSYSTEMD_209 0
++ sd_uid_get_sessions@LIBSYSTEMD_209 0
++ sd_uid_get_state@LIBSYSTEMD_209 0
++ sd_uid_is_on_seat@LIBSYSTEMD_209 0
++ sd_watchdog_enabled@LIBSYSTEMD_209 0
--- /dev/null
--- /dev/null
++lib/*/libudev.so
++usr/include/libudev.h
++usr/lib/*/pkgconfig/libudev.pc
++usr/share/man/man3/udev*
++usr/share/man/man3/libudev*
--- /dev/null
--- /dev/null
++symlink_to_dir /usr/share/doc/libudev-dev libudev1 221-2~
--- /dev/null
--- /dev/null
++lib/*/libudev.so.*
--- /dev/null
--- /dev/null
++lib/*/libudev.so.*
--- /dev/null
--- /dev/null
++libudev.so.1 libudev1 #MINVER#
++* Build-Depends-Package: libudev-dev
++ LIBUDEV_183@LIBUDEV_183 183
++ LIBUDEV_189@LIBUDEV_189 189
++ LIBUDEV_196@LIBUDEV_196 196
++ LIBUDEV_199@LIBUDEV_199 199
++ LIBUDEV_215@LIBUDEV_215 215
++ udev_device_get_action@LIBUDEV_183 183
++ udev_device_get_devlinks_list_entry@LIBUDEV_183 183
++ udev_device_get_devnode@LIBUDEV_183 183
++ udev_device_get_devnum@LIBUDEV_183 183
++ udev_device_get_devpath@LIBUDEV_183 183
++ udev_device_get_devtype@LIBUDEV_183 183
++ udev_device_get_driver@LIBUDEV_183 183
++ udev_device_get_is_initialized@LIBUDEV_183 183
++ udev_device_get_parent@LIBUDEV_183 183
++ udev_device_get_parent_with_subsystem_devtype@LIBUDEV_183 183
++ udev_device_get_properties_list_entry@LIBUDEV_183 183
++ udev_device_get_property_value@LIBUDEV_183 183
++ udev_device_get_seqnum@LIBUDEV_183 183
++ udev_device_get_subsystem@LIBUDEV_183 183
++ udev_device_get_sysattr_list_entry@LIBUDEV_183 183
++ udev_device_get_sysattr_value@LIBUDEV_183 183
++ udev_device_get_sysname@LIBUDEV_183 183
++ udev_device_get_sysnum@LIBUDEV_183 183
++ udev_device_get_syspath@LIBUDEV_183 183
++ udev_device_get_tags_list_entry@LIBUDEV_183 183
++ udev_device_get_udev@LIBUDEV_183 183
++ udev_device_get_usec_since_initialized@LIBUDEV_183 183
++ udev_device_has_tag@LIBUDEV_183 183
++ udev_device_new_from_device_id@LIBUDEV_189 189
++ udev_device_new_from_devnum@LIBUDEV_183 183
++ udev_device_new_from_environment@LIBUDEV_183 183
++ udev_device_new_from_subsystem_sysname@LIBUDEV_183 183
++ udev_device_new_from_syspath@LIBUDEV_183 183
++ udev_device_ref@LIBUDEV_183 183
++ udev_device_set_sysattr_value@LIBUDEV_199 199
++ udev_device_unref@LIBUDEV_183 183
++ udev_enumerate_add_match_is_initialized@LIBUDEV_183 183
++ udev_enumerate_add_match_parent@LIBUDEV_183 183
++ udev_enumerate_add_match_property@LIBUDEV_183 183
++ udev_enumerate_add_match_subsystem@LIBUDEV_183 183
++ udev_enumerate_add_match_sysattr@LIBUDEV_183 183
++ udev_enumerate_add_match_sysname@LIBUDEV_183 183
++ udev_enumerate_add_match_tag@LIBUDEV_183 183
++ udev_enumerate_add_nomatch_subsystem@LIBUDEV_183 183
++ udev_enumerate_add_nomatch_sysattr@LIBUDEV_183 183
++ udev_enumerate_add_syspath@LIBUDEV_183 183
++ udev_enumerate_get_list_entry@LIBUDEV_183 183
++ udev_enumerate_get_udev@LIBUDEV_183 183
++ udev_enumerate_new@LIBUDEV_183 183
++ udev_enumerate_ref@LIBUDEV_183 183
++ udev_enumerate_scan_devices@LIBUDEV_183 183
++ udev_enumerate_scan_subsystems@LIBUDEV_183 183
++ udev_enumerate_unref@LIBUDEV_183 183
++ udev_get_log_priority@LIBUDEV_183 183
++ udev_get_userdata@LIBUDEV_183 183
++ udev_hwdb_get_properties_list_entry@LIBUDEV_196 196
++ udev_hwdb_new@LIBUDEV_196 196
++ udev_hwdb_ref@LIBUDEV_196 196
++ udev_hwdb_unref@LIBUDEV_196 196
++ udev_list_entry_get_by_name@LIBUDEV_183 183
++ udev_list_entry_get_name@LIBUDEV_183 183
++ udev_list_entry_get_next@LIBUDEV_183 183
++ udev_list_entry_get_value@LIBUDEV_183 183
++ udev_monitor_enable_receiving@LIBUDEV_183 183
++ udev_monitor_filter_add_match_subsystem_devtype@LIBUDEV_183 183
++ udev_monitor_filter_add_match_tag@LIBUDEV_183 183
++ udev_monitor_filter_remove@LIBUDEV_183 183
++ udev_monitor_filter_update@LIBUDEV_183 183
++ udev_monitor_get_fd@LIBUDEV_183 183
++ udev_monitor_get_udev@LIBUDEV_183 183
++ udev_monitor_new_from_netlink@LIBUDEV_183 183
++ udev_monitor_receive_device@LIBUDEV_183 183
++ udev_monitor_ref@LIBUDEV_183 183
++ udev_monitor_set_receive_buffer_size@LIBUDEV_183 183
++ udev_monitor_unref@LIBUDEV_183 183
++ udev_new@LIBUDEV_183 183
++ udev_queue_flush@LIBUDEV_215 215
++ udev_queue_get_fd@LIBUDEV_215 215
++ udev_queue_get_kernel_seqnum@LIBUDEV_183 183
++ udev_queue_get_queue_is_empty@LIBUDEV_183 183
++ udev_queue_get_queued_list_entry@LIBUDEV_183 183
++ udev_queue_get_seqnum_is_finished@LIBUDEV_183 183
++ udev_queue_get_seqnum_sequence_is_finished@LIBUDEV_183 183
++ udev_queue_get_udev@LIBUDEV_183 183
++ udev_queue_get_udev_is_active@LIBUDEV_183 183
++ udev_queue_get_udev_seqnum@LIBUDEV_183 183
++ udev_queue_new@LIBUDEV_183 183
++ udev_queue_ref@LIBUDEV_183 183
++ udev_queue_unref@LIBUDEV_183 183
++ udev_ref@LIBUDEV_183 183
++ udev_set_log_fn@LIBUDEV_183 183
++ udev_set_log_priority@LIBUDEV_183 183
++ udev_set_userdata@LIBUDEV_183 183
++ udev_unref@LIBUDEV_183 183
++ udev_util_encode_string@LIBUDEV_183 183
--- /dev/null
--- /dev/null
++From: Michael Biebl <biebl@debian.org>
++Date: Fri, 13 Jul 2018 23:36:13 +0200
++Subject: Do not apply uaccess tag for /dev/kvm if mode is 0666
++
++(cherry picked from commit ace5e3111c0b8d8bfd84b32f2c689b0a4d92c061)
++---
++ meson.build | 4 ++-
++ src/login/70-uaccess.rules | 83 ------------------------------------------
++ src/login/70-uaccess.rules.m4 | 84 +++++++++++++++++++++++++++++++++++++++++++
++ src/login/meson.build | 13 ++++---
++ 4 files changed, 96 insertions(+), 88 deletions(-)
++ delete mode 100644 src/login/70-uaccess.rules
++ create mode 100644 src/login/70-uaccess.rules.m4
++
++diff --git a/meson.build b/meson.build
++index 04331dd..dd21f50 100644
++--- a/meson.build
+++++ b/meson.build
++@@ -741,7 +741,9 @@ substs.set('USERS_GID', users_gid)
++ conf.set10('ENABLE_ADM_GROUP', get_option('adm-group'))
++ conf.set10('ENABLE_WHEEL_GROUP', get_option('wheel-group'))
++
++-substs.set('DEV_KVM_MODE', get_option('dev-kvm-mode'))
+++dev_kvm_mode = get_option('dev-kvm-mode')
+++substs.set('DEV_KVM_MODE', dev_kvm_mode)
+++conf.set10('DEV_KVM_UACCESS', dev_kvm_mode != '0666')
++ substs.set('GROUP_RENDER_MODE', get_option('group-render-mode'))
++
++ kill_user_processes = get_option('default-kill-user-processes')
++diff --git a/src/login/70-uaccess.rules b/src/login/70-uaccess.rules
++deleted file mode 100644
++index 6feb957..0000000
++--- a/src/login/70-uaccess.rules
+++++ /dev/null
++@@ -1,83 +0,0 @@
++-# SPDX-License-Identifier: LGPL-2.1+
++-#
++-# This file is part of systemd.
++-#
++-# systemd is free software; you can redistribute it and/or modify it
++-# under the terms of the GNU Lesser General Public License as published by
++-# the Free Software Foundation; either version 2.1 of the License, or
++-# (at your option) any later version.
++-
++-ACTION=="remove", GOTO="uaccess_end"
++-ENV{MAJOR}=="", GOTO="uaccess_end"
++-
++-# PTP/MTP protocol devices, cameras, portable media players
++-SUBSYSTEM=="usb", ENV{ID_USB_INTERFACES}=="*:060101:*", TAG+="uaccess"
++-
++-# Digicams with proprietary protocol
++-ENV{ID_GPHOTO2}=="?*", TAG+="uaccess"
++-
++-# SCSI and USB scanners
++-ENV{libsane_matched}=="yes", TAG+="uaccess"
++-
++-# HPLIP devices (necessary for ink level check and HP tool maintenance)
++-ENV{ID_HPLIP}=="1", TAG+="uaccess"
++-
++-# optical drives
++-SUBSYSTEM=="block", ENV{ID_CDROM}=="1", TAG+="uaccess"
++-SUBSYSTEM=="scsi_generic", SUBSYSTEMS=="scsi", ATTRS{type}=="4|5", TAG+="uaccess"
++-
++-# Sound devices
++-SUBSYSTEM=="sound", TAG+="uaccess", \
++- OPTIONS+="static_node=snd/timer", OPTIONS+="static_node=snd/seq"
++-
++-# ffado is an userspace driver for firewire sound cards
++-SUBSYSTEM=="firewire", ENV{ID_FFADO}=="1", TAG+="uaccess"
++-
++-# Webcams, frame grabber, TV cards
++-SUBSYSTEM=="video4linux", TAG+="uaccess"
++-SUBSYSTEM=="dvb", TAG+="uaccess"
++-
++-# IIDC devices: industrial cameras and some webcams
++-SUBSYSTEM=="firewire", ATTR{units}=="*0x00a02d:0x00010*", TAG+="uaccess"
++-SUBSYSTEM=="firewire", ATTR{units}=="*0x00b09d:0x00010*", TAG+="uaccess"
++-# AV/C devices: camcorders, set-top boxes, TV sets, audio devices, and more
++-SUBSYSTEM=="firewire", ATTR{units}=="*0x00a02d:0x010001*", TAG+="uaccess"
++-SUBSYSTEM=="firewire", ATTR{units}=="*0x00a02d:0x014001*", TAG+="uaccess"
++-
++-# DRI video devices
++-SUBSYSTEM=="drm", KERNEL=="card*", TAG+="uaccess"
++-
++-# KVM
++-SUBSYSTEM=="misc", KERNEL=="kvm", TAG+="uaccess"
++-
++-# smart-card readers
++-ENV{ID_SMARTCARD_READER}=="?*", TAG+="uaccess"
++-
++-# (USB) authentication devices
++-ENV{ID_SECURITY_TOKEN}=="?*", TAG+="uaccess"
++-
++-# PDA devices
++-ENV{ID_PDA}=="?*", TAG+="uaccess"
++-
++-# Programmable remote control
++-ENV{ID_REMOTE_CONTROL}=="1", TAG+="uaccess"
++-
++-# joysticks
++-SUBSYSTEM=="input", ENV{ID_INPUT_JOYSTICK}=="?*", TAG+="uaccess"
++-
++-# color measurement devices
++-ENV{COLOR_MEASUREMENT_DEVICE}=="?*", TAG+="uaccess"
++-
++-# DDC/CI device, usually high-end monitors such as the DreamColor
++-ENV{DDC_DEVICE}=="?*", TAG+="uaccess"
++-
++-# media player raw devices (for user-mode drivers, Android SDK, etc.)
++-SUBSYSTEM=="usb", ENV{ID_MEDIA_PLAYER}=="?*", TAG+="uaccess"
++-
++-# software-defined radio communication devices
++-ENV{ID_SOFTWARE_RADIO}=="?*", TAG+="uaccess"
++-
++-# 3D printers, CNC machines, laser cutters, 3D scanners, etc.
++-ENV{ID_MAKER_TOOL}=="?*", TAG+="uaccess"
++-
++-LABEL="uaccess_end"
++diff --git a/src/login/70-uaccess.rules.m4 b/src/login/70-uaccess.rules.m4
++new file mode 100644
++index 0000000..d55e5bf
++--- /dev/null
+++++ b/src/login/70-uaccess.rules.m4
++@@ -0,0 +1,84 @@
+++# SPDX-License-Identifier: LGPL-2.1+
+++#
+++# This file is part of systemd.
+++#
+++# systemd is free software; you can redistribute it and/or modify it
+++# under the terms of the GNU Lesser General Public License as published by
+++# the Free Software Foundation; either version 2.1 of the License, or
+++# (at your option) any later version.
+++
+++ACTION=="remove", GOTO="uaccess_end"
+++ENV{MAJOR}=="", GOTO="uaccess_end"
+++
+++# PTP/MTP protocol devices, cameras, portable media players
+++SUBSYSTEM=="usb", ENV{ID_USB_INTERFACES}=="*:060101:*", TAG+="uaccess"
+++
+++# Digicams with proprietary protocol
+++ENV{ID_GPHOTO2}=="?*", TAG+="uaccess"
+++
+++# SCSI and USB scanners
+++ENV{libsane_matched}=="yes", TAG+="uaccess"
+++
+++# HPLIP devices (necessary for ink level check and HP tool maintenance)
+++ENV{ID_HPLIP}=="1", TAG+="uaccess"
+++
+++# optical drives
+++SUBSYSTEM=="block", ENV{ID_CDROM}=="1", TAG+="uaccess"
+++SUBSYSTEM=="scsi_generic", SUBSYSTEMS=="scsi", ATTRS{type}=="4|5", TAG+="uaccess"
+++
+++# Sound devices
+++SUBSYSTEM=="sound", TAG+="uaccess", \
+++ OPTIONS+="static_node=snd/timer", OPTIONS+="static_node=snd/seq"
+++
+++# ffado is an userspace driver for firewire sound cards
+++SUBSYSTEM=="firewire", ENV{ID_FFADO}=="1", TAG+="uaccess"
+++
+++# Webcams, frame grabber, TV cards
+++SUBSYSTEM=="video4linux", TAG+="uaccess"
+++SUBSYSTEM=="dvb", TAG+="uaccess"
+++
+++# IIDC devices: industrial cameras and some webcams
+++SUBSYSTEM=="firewire", ATTR{units}=="*0x00a02d:0x00010*", TAG+="uaccess"
+++SUBSYSTEM=="firewire", ATTR{units}=="*0x00b09d:0x00010*", TAG+="uaccess"
+++# AV/C devices: camcorders, set-top boxes, TV sets, audio devices, and more
+++SUBSYSTEM=="firewire", ATTR{units}=="*0x00a02d:0x010001*", TAG+="uaccess"
+++SUBSYSTEM=="firewire", ATTR{units}=="*0x00a02d:0x014001*", TAG+="uaccess"
+++
+++# DRI video devices
+++SUBSYSTEM=="drm", KERNEL=="card*", TAG+="uaccess"
+++m4_ifdef(`DEV_KVM_UACCESS',``
+++# KVM
+++SUBSYSTEM=="misc", KERNEL=="kvm", TAG+="uaccess"''
+++)m4_dnl
+++
+++# smart-card readers
+++ENV{ID_SMARTCARD_READER}=="?*", TAG+="uaccess"
+++
+++# (USB) authentication devices
+++ENV{ID_SECURITY_TOKEN}=="?*", TAG+="uaccess"
+++
+++# PDA devices
+++ENV{ID_PDA}=="?*", TAG+="uaccess"
+++
+++# Programmable remote control
+++ENV{ID_REMOTE_CONTROL}=="1", TAG+="uaccess"
+++
+++# joysticks
+++SUBSYSTEM=="input", ENV{ID_INPUT_JOYSTICK}=="?*", TAG+="uaccess"
+++
+++# color measurement devices
+++ENV{COLOR_MEASUREMENT_DEVICE}=="?*", TAG+="uaccess"
+++
+++# DDC/CI device, usually high-end monitors such as the DreamColor
+++ENV{DDC_DEVICE}=="?*", TAG+="uaccess"
+++
+++# media player raw devices (for user-mode drivers, Android SDK, etc.)
+++SUBSYSTEM=="usb", ENV{ID_MEDIA_PLAYER}=="?*", TAG+="uaccess"
+++
+++# software-defined radio communication devices
+++ENV{ID_SOFTWARE_RADIO}=="?*", TAG+="uaccess"
+++
+++# 3D printers, CNC machines, laser cutters, 3D scanners, etc.
+++ENV{ID_MAKER_TOOL}=="?*", TAG+="uaccess"
+++
+++LABEL="uaccess_end"
++diff --git a/src/login/meson.build b/src/login/meson.build
++index 4326a45..0e1ed18 100644
++--- a/src/login/meson.build
+++++ b/src/login/meson.build
++@@ -81,10 +81,6 @@ if conf.get('ENABLE_LOGIND') == 1
++
++ install_data('70-power-switch.rules', install_dir : udevrulesdir)
++
++- if conf.get('HAVE_ACL') == 1
++- install_data('70-uaccess.rules', install_dir : udevrulesdir)
++- endif
++-
++ seat_rules = configure_file(
++ input : '71-seat.rules.in',
++ output : '71-seat.rules',
++@@ -92,6 +88,15 @@ if conf.get('ENABLE_LOGIND') == 1
++ install_data(seat_rules,
++ install_dir : udevrulesdir)
++
+++ custom_target(
+++ '70-uaccess.rules',
+++ input : '70-uaccess.rules.m4',
+++ output: '70-uaccess.rules',
+++ command : [meson_apply_m4, config_h, '@INPUT@'],
+++ capture : true,
+++ install : conf.get('HAVE_ACL') == 1,
+++ install_dir : udevrulesdir)
+++
++ custom_target(
++ '73-seat-late.rules',
++ input : '73-seat-late.rules.m4',
--- /dev/null
--- /dev/null
++From: Michael Biebl <biebl@debian.org>
++Date: Tue, 10 Jul 2018 14:47:58 +0200
++Subject: Re-add uaccess tag for /dev/kvm
++
++If --dev-kvm-mode is set to something different then 0666, which we
++explicitly support, it makes sense to still apply the uaccess tag to
++/dev/kvm. For distros which opt to use the default 0666, this change is
++a nop.
++
++This partially reverts commit b8fd3d82205f632ce001fade74fed287e1564a1a.
++
++(cherry picked from commit fa53e24130af3a389573acb9585eadbf7192955f)
++---
++ src/login/70-uaccess.rules | 3 +++
++ 1 file changed, 3 insertions(+)
++
++diff --git a/src/login/70-uaccess.rules b/src/login/70-uaccess.rules
++index 3515d29..6feb957 100644
++--- a/src/login/70-uaccess.rules
+++++ b/src/login/70-uaccess.rules
++@@ -47,6 +47,9 @@ SUBSYSTEM=="firewire", ATTR{units}=="*0x00a02d:0x014001*", TAG+="uaccess"
++ # DRI video devices
++ SUBSYSTEM=="drm", KERNEL=="card*", TAG+="uaccess"
++
+++# KVM
+++SUBSYSTEM=="misc", KERNEL=="kvm", TAG+="uaccess"
+++
++ # smart-card readers
++ ENV{ID_SMARTCARD_READER}=="?*", TAG+="uaccess"
++
--- /dev/null
--- /dev/null
++From: Mike Gilbert <floppym@gentoo.org>
++Date: Wed, 27 Jun 2018 10:36:50 -0400
++Subject: basic: add missing comma in raw_clone assembly for sparc
++
++Fixes: 96f64eb5741b157f26a9089816fdd992e959792e
++Closes: https://github.com/systemd/systemd/issues/9444
++(cherry picked from commit 358248caa3eca525751694de7c34b16bb46d5a9c)
++---
++ src/basic/raw-clone.h | 2 +-
++ 1 file changed, 1 insertion(+), 1 deletion(-)
++
++diff --git a/src/basic/raw-clone.h b/src/basic/raw-clone.h
++index 1f134ba..b8857b0 100644
++--- a/src/basic/raw-clone.h
+++++ b/src/basic/raw-clone.h
++@@ -60,7 +60,7 @@ static inline pid_t raw_clone(unsigned long flags) {
++ "mov %%o0, %1" :
++ "=r"(in_child), "=r"(child_pid), "=r"(error) :
++ "i"(__NR_clone), "r"(flags) :
++- "%o1", "%o0", "%g1" "cc" );
+++ "%o1", "%o0", "%g1", "cc" );
++
++ if (error) {
++ errno = child_pid;
--- /dev/null
--- /dev/null
++From: Yu Watanabe <watanabe.yu+github@gmail.com>
++Date: Wed, 27 Jun 2018 21:20:55 +0900
++Subject: bus-util: make log level lower in request_name_destroy_callback()
++
++Fixes #9442.
++
++(cherry picked from commit 04e075b572b168a183cde29480dbb30d027d4fe7)
++---
++ src/shared/bus-util.c | 2 +-
++ 1 file changed, 1 insertion(+), 1 deletion(-)
++
++diff --git a/src/shared/bus-util.c b/src/shared/bus-util.c
++index a4f2deb..6211bc7 100644
++--- a/src/shared/bus-util.c
+++++ b/src/shared/bus-util.c
++@@ -1738,7 +1738,7 @@ static void request_name_destroy_callback(void *userdata) {
++ assert(data);
++ assert(data->n_ref > 0);
++
++- log_info("%s n_ref=%u", __func__, data->n_ref);
+++ log_debug("%s n_ref=%u", __func__, data->n_ref);
++
++ data->n_ref--;
++ if (data->n_ref == 0)
--- /dev/null
--- /dev/null
++From: Lennart Poettering <lennart@poettering.net>
++Date: Fri, 19 Oct 2018 11:42:11 +0200
++Subject: chown-recursive: TAKE_FD() is your friend
++
++(cherry picked from commit cd6b7d50c337b3676a3d5fc2188ff298dcbdb939)
++---
++ src/core/chown-recursive.c | 6 +-----
++ 1 file changed, 1 insertion(+), 5 deletions(-)
++
++diff --git a/src/core/chown-recursive.c b/src/core/chown-recursive.c
++index 447b771..7767301 100644
++--- a/src/core/chown-recursive.c
+++++ b/src/core/chown-recursive.c
++@@ -111,7 +111,6 @@ static int chown_recursive_internal(int fd, const struct stat *st, uid_t uid, gi
++ int path_chown_recursive(const char *path, uid_t uid, gid_t gid) {
++ _cleanup_close_ int fd = -1;
++ struct stat st;
++- int r;
++
++ fd = open(path, O_RDONLY|O_DIRECTORY|O_CLOEXEC|O_NOFOLLOW|O_NOATIME);
++ if (fd < 0)
++@@ -130,8 +129,5 @@ int path_chown_recursive(const char *path, uid_t uid, gid_t gid) {
++ (!gid_is_valid(gid) || st.st_gid == gid))
++ return 0;
++
++- r = chown_recursive_internal(fd, &st, uid, gid);
++- fd = -1; /* we donated the fd to the call, regardless if it succeeded or failed */
++-
++- return r;
+++ return chown_recursive_internal(TAKE_FD(fd), &st, uid, gid); /* we donate the fd to the call, regardless if it succeeded or failed */
++ }
--- /dev/null
--- /dev/null
++From: Lennart Poettering <lennart@poettering.net>
++Date: Fri, 19 Oct 2018 11:28:40 +0200
++Subject: chown-recursive: also drop ACLs when recursively chown()ing
++
++Let's better be safe than sorry and also drop ACLs.
++
++(cherry picked from commit f89bc84f3242449cbc308892c87573b131f121df)
++---
++ src/core/chown-recursive.c | 16 ++++++++++++----
++ 1 file changed, 12 insertions(+), 4 deletions(-)
++
++diff --git a/src/core/chown-recursive.c b/src/core/chown-recursive.c
++index 27c6448..447b771 100644
++--- a/src/core/chown-recursive.c
+++++ b/src/core/chown-recursive.c
++@@ -3,6 +3,7 @@
++ #include <fcntl.h>
++ #include <sys/stat.h>
++ #include <sys/types.h>
+++#include <sys/xattr.h>
++
++ #include "chown-recursive.h"
++ #include "dirent-util.h"
++@@ -14,6 +15,7 @@
++
++ static int chown_one(int fd, const struct stat *st, uid_t uid, gid_t gid) {
++ char procfs_path[STRLEN("/proc/self/fd/") + DECIMAL_STR_MAX(int) + 1];
+++ const char *n;
++
++ assert(fd >= 0);
++ assert(st);
++@@ -26,13 +28,19 @@ static int chown_one(int fd, const struct stat *st, uid_t uid, gid_t gid) {
++ * O_PATH. (Note: fchown() and fchmod() do not work with O_PATH, the kernel refuses that. */
++ xsprintf(procfs_path, "/proc/self/fd/%i", fd);
++
+++ /* Drop any ACL if there is one */
+++ FOREACH_STRING(n, "system.posix_acl_access", "system.posix_acl_default")
+++ if (removexattr(procfs_path, n) < 0)
+++ if (!IN_SET(errno, ENODATA, EOPNOTSUPP, ENOSYS, ENOTTY))
+++ return -errno;
+++
++ if (chown(procfs_path, uid, gid) < 0)
++ return -errno;
++
++- /* The linux kernel alters the mode in some cases of chown(). Let's undo this. We do this only for non-symlinks
++- * however. That's because for symlinks the access mode is ignored anyway and because on some kernels/file
++- * systems trying to change the access mode will succeed but has no effect while on others it actively
++- * fails. */
+++ /* The linux kernel alters the mode in some cases of chown(), as well when we change ACLs. Let's undo this. We
+++ * do this only for non-symlinks however. That's because for symlinks the access mode is ignored anyway and
+++ * because on some kernels/file systems trying to change the access mode will succeed but has no effect while
+++ * on others it actively fails. */
++ if (!S_ISLNK(st->st_mode))
++ if (chmod(procfs_path, st->st_mode & 07777) < 0)
++ return -errno;
--- /dev/null
--- /dev/null
++From: Lennart Poettering <lennart@poettering.net>
++Date: Fri, 19 Oct 2018 11:26:59 +0200
++Subject: chown-recursive: let's rework the recursive logic to use O_PATH
++
++That way we can pin a specific inode and analyze it and manipulate it
++without it being swapped out beneath our hands.
++
++Fixes a vulnerability originally found by Jann Horn from Google.
++
++CVE-2018-15687
++LP: #1796692
++https://bugzilla.redhat.com/show_bug.cgi?id=1639076
++
++(cherry picked from commit 5de6cce58b3e8b79239b6e83653459d91af6e57c)
++---
++ src/core/chown-recursive.c | 146 ++++++++++++++++++++++-----------------------
++ 1 file changed, 70 insertions(+), 76 deletions(-)
++
++diff --git a/src/core/chown-recursive.c b/src/core/chown-recursive.c
++index c479450..27c6448 100644
++--- a/src/core/chown-recursive.c
+++++ b/src/core/chown-recursive.c
++@@ -1,17 +1,19 @@
++ /* SPDX-License-Identifier: LGPL-2.1+ */
++
++-#include <sys/types.h>
++-#include <sys/stat.h>
++ #include <fcntl.h>
+++#include <sys/stat.h>
+++#include <sys/types.h>
++
++-#include "user-util.h"
++-#include "macro.h"
++-#include "fd-util.h"
++-#include "dirent-util.h"
++ #include "chown-recursive.h"
+++#include "dirent-util.h"
+++#include "fd-util.h"
+++#include "macro.h"
+++#include "stdio-util.h"
+++#include "strv.h"
+++#include "user-util.h"
++
++-static int chown_one(int fd, const char *name, const struct stat *st, uid_t uid, gid_t gid) {
++- int r;
+++static int chown_one(int fd, const struct stat *st, uid_t uid, gid_t gid) {
+++ char procfs_path[STRLEN("/proc/self/fd/") + DECIMAL_STR_MAX(int) + 1];
++
++ assert(fd >= 0);
++ assert(st);
++@@ -20,90 +22,82 @@ static int chown_one(int fd, const char *name, const struct stat *st, uid_t uid,
++ (!gid_is_valid(gid) || st->st_gid == gid))
++ return 0;
++
++- if (name)
++- r = fchownat(fd, name, uid, gid, AT_SYMLINK_NOFOLLOW);
++- else
++- r = fchown(fd, uid, gid);
++- if (r < 0)
++- return -errno;
+++ /* We change ownership through the /proc/self/fd/%i path, so that we have a stable reference that works with
+++ * O_PATH. (Note: fchown() and fchmod() do not work with O_PATH, the kernel refuses that. */
+++ xsprintf(procfs_path, "/proc/self/fd/%i", fd);
++
++- /* The linux kernel alters the mode in some cases of chown(). Let's undo this. */
++- if (name) {
++- if (!S_ISLNK(st->st_mode))
++- r = fchmodat(fd, name, st->st_mode, 0);
++- else /* There's currently no AT_SYMLINK_NOFOLLOW for fchmodat() */
++- r = 0;
++- } else
++- r = fchmod(fd, st->st_mode);
++- if (r < 0)
+++ if (chown(procfs_path, uid, gid) < 0)
++ return -errno;
++
+++ /* The linux kernel alters the mode in some cases of chown(). Let's undo this. We do this only for non-symlinks
+++ * however. That's because for symlinks the access mode is ignored anyway and because on some kernels/file
+++ * systems trying to change the access mode will succeed but has no effect while on others it actively
+++ * fails. */
+++ if (!S_ISLNK(st->st_mode))
+++ if (chmod(procfs_path, st->st_mode & 07777) < 0)
+++ return -errno;
+++
++ return 1;
++ }
++
++ static int chown_recursive_internal(int fd, const struct stat *st, uid_t uid, gid_t gid) {
+++ _cleanup_closedir_ DIR *d = NULL;
++ bool changed = false;
+++ struct dirent *de;
++ int r;
++
++ assert(fd >= 0);
++ assert(st);
++
++- if (S_ISDIR(st->st_mode)) {
++- _cleanup_closedir_ DIR *d = NULL;
++- struct dirent *de;
++-
++- d = fdopendir(fd);
++- if (!d) {
++- r = -errno;
++- goto finish;
++- }
++- fd = -1;
++-
++- FOREACH_DIRENT_ALL(de, d, r = -errno; goto finish) {
++- struct stat fst;
++-
++- if (dot_or_dot_dot(de->d_name))
++- continue;
++-
++- if (fstatat(dirfd(d), de->d_name, &fst, AT_SYMLINK_NOFOLLOW) < 0) {
++- r = -errno;
++- goto finish;
++- }
++-
++- if (S_ISDIR(fst.st_mode)) {
++- int subdir_fd;
++-
++- subdir_fd = openat(dirfd(d), de->d_name, O_RDONLY|O_NONBLOCK|O_DIRECTORY|O_CLOEXEC|O_NOFOLLOW|O_NOATIME);
++- if (subdir_fd < 0) {
++- r = -errno;
++- goto finish;
++- }
++-
++- r = chown_recursive_internal(subdir_fd, &fst, uid, gid);
++- if (r < 0)
++- goto finish;
++- if (r > 0)
++- changed = true;
++- } else {
++- r = chown_one(dirfd(d), de->d_name, &fst, uid, gid);
++- if (r < 0)
++- goto finish;
++- if (r > 0)
++- changed = true;
++- }
+++ d = fdopendir(fd);
+++ if (!d) {
+++ safe_close(fd);
+++ return -errno;
+++ }
+++
+++ FOREACH_DIRENT_ALL(de, d, return -errno) {
+++ _cleanup_close_ int path_fd = -1;
+++ struct stat fst;
+++
+++ if (dot_or_dot_dot(de->d_name))
+++ continue;
+++
+++ /* Let's pin the child inode we want to fix now with an O_PATH fd, so that it cannot be swapped out
+++ * while we manipulate it. */
+++ path_fd = openat(dirfd(d), de->d_name, O_PATH|O_CLOEXEC|O_NOFOLLOW);
+++ if (path_fd < 0)
+++ return -errno;
+++
+++ if (fstat(path_fd, &fst) < 0)
+++ return -errno;
+++
+++ if (S_ISDIR(fst.st_mode)) {
+++ int subdir_fd;
+++
+++ /* Convert it to a "real" (i.e. non-O_PATH) fd now */
+++ subdir_fd = fd_reopen(path_fd, O_RDONLY|O_CLOEXEC|O_NOATIME);
+++ if (subdir_fd < 0)
+++ return subdir_fd;
+++
+++ r = chown_recursive_internal(subdir_fd, &fst, uid, gid); /* takes possession of subdir_fd even on failure */
+++ if (r < 0)
+++ return r;
+++ if (r > 0)
+++ changed = true;
+++ } else {
+++ r = chown_one(path_fd, &fst, uid, gid);
+++ if (r < 0)
+++ return r;
+++ if (r > 0)
+++ changed = true;
++ }
+++ }
++
++- r = chown_one(dirfd(d), NULL, st, uid, gid);
++- } else
++- r = chown_one(fd, NULL, st, uid, gid);
+++ r = chown_one(dirfd(d), st, uid, gid);
++ if (r < 0)
++- goto finish;
+++ return r;
++
++- r = r > 0 || changed;
++-
++-finish:
++- safe_close(fd);
++- return r;
+++ return r > 0 || changed;
++ }
++
++ int path_chown_recursive(const char *path, uid_t uid, gid_t gid) {
++@@ -111,7 +105,7 @@ int path_chown_recursive(const char *path, uid_t uid, gid_t gid) {
++ struct stat st;
++ int r;
++
++- fd = open(path, O_RDONLY|O_NONBLOCK|O_DIRECTORY|O_CLOEXEC|O_NOFOLLOW|O_NOATIME);
+++ fd = open(path, O_RDONLY|O_DIRECTORY|O_CLOEXEC|O_NOFOLLOW|O_NOATIME);
++ if (fd < 0)
++ return -errno;
++
--- /dev/null
--- /dev/null
++From: Lennart Poettering <lennart@poettering.net>
++Date: Mon, 12 Nov 2018 23:37:13 +0100
++Subject: core: add namespace_fork() helper, that forks,
++ joins a set of namespaces and forks again
++
++This helper is useful to ensure pidns/userns joining is properly
++executed (as that requires a fork after the setns()). This is
++particularly important when it comes to /proc/self/ access or
++SCM_CREDENTIALS, but is generally the safer mode of operation.
++
++(cherry picked from commit 27096982798e4f4d1498f9ce75c317b8d3376125)
++---
++ src/basic/process-util.c | 54 ++++++++++++++++++++++++++++++++++++++++++++++++
++ src/basic/process-util.h | 2 ++
++ 2 files changed, 56 insertions(+)
++
++diff --git a/src/basic/process-util.c b/src/basic/process-util.c
++index 0a4f917..2e64a21 100644
++--- a/src/basic/process-util.c
+++++ b/src/basic/process-util.c
++@@ -1390,6 +1390,60 @@ int safe_fork_full(
++ return 0;
++ }
++
+++int namespace_fork(
+++ const char *outer_name,
+++ const char *inner_name,
+++ const int except_fds[],
+++ size_t n_except_fds,
+++ ForkFlags flags,
+++ int pidns_fd,
+++ int mntns_fd,
+++ int netns_fd,
+++ int userns_fd,
+++ int root_fd,
+++ pid_t *ret_pid) {
+++
+++ int r;
+++
+++ /* This is much like safe_fork(), but forks twice, and joins the specified namespaces in the middle
+++ * process. This ensures that we are fully a member of the destination namespace, with pidns an all, so that
+++ * /proc/self/fd works correctly. */
+++
+++ r = safe_fork_full(outer_name, except_fds, n_except_fds, (flags|FORK_DEATHSIG) & ~(FORK_REOPEN_LOG|FORK_NEW_MOUNTNS|FORK_MOUNTNS_SLAVE), ret_pid);
+++ if (r < 0)
+++ return r;
+++ if (r == 0) {
+++ pid_t pid;
+++
+++ /* Child */
+++
+++ r = namespace_enter(pidns_fd, mntns_fd, netns_fd, userns_fd, root_fd);
+++ if (r < 0) {
+++ log_full_errno(FLAGS_SET(flags, FORK_LOG) ? LOG_ERR : LOG_DEBUG, r, "Failed to join namespace: %m");
+++ _exit(EXIT_FAILURE);
+++ }
+++
+++ /* We mask a few flags here that either make no sense for the grandchild, or that we don't have to do again */
+++ r = safe_fork_full(inner_name, except_fds, n_except_fds, flags & ~(FORK_WAIT|FORK_RESET_SIGNALS|FORK_CLOSE_ALL_FDS|FORK_NULL_STDIO), &pid);
+++ if (r < 0)
+++ _exit(EXIT_FAILURE);
+++ if (r == 0) {
+++ /* Child */
+++ if (ret_pid)
+++ *ret_pid = pid;
+++ return 0;
+++ }
+++
+++ r = wait_for_terminate_and_check(inner_name, pid, FLAGS_SET(flags, FORK_LOG) ? WAIT_LOG : 0);
+++ if (r < 0)
+++ _exit(EXIT_FAILURE);
+++
+++ _exit(r);
+++ }
+++
+++ return 1;
+++}
+++
++ int fork_agent(const char *name, const int except[], size_t n_except, pid_t *ret_pid, const char *path, ...) {
++ bool stdout_is_tty, stderr_is_tty;
++ size_t n, i;
++diff --git a/src/basic/process-util.h b/src/basic/process-util.h
++index a5bb072..2cd96c0 100644
++--- a/src/basic/process-util.h
+++++ b/src/basic/process-util.h
++@@ -166,6 +166,8 @@ static inline int safe_fork(const char *name, ForkFlags flags, pid_t *ret_pid) {
++ return safe_fork_full(name, NULL, 0, flags, ret_pid);
++ }
++
+++int namespace_fork(const char *outer_name, const char *inner_name, const int except_fds[], size_t n_except_fds, ForkFlags flags, int pidns_fd, int mntns_fd, int netns_fd, int userns_fd, int root_fd, pid_t *ret_pid);
+++
++ int fork_agent(const char *name, const int except[], size_t n_except, pid_t *pid, const char *path, ...);
++
++ int set_oom_score_adjust(int value);
--- /dev/null
--- /dev/null
++From: Yu Watanabe <watanabe.yu+github@gmail.com>
++Date: Thu, 26 Jul 2018 11:42:54 +0900
++Subject: core: fix gid when DynamicUser=yes with static User=
++
++When DynamicUser=yes and static User= are set, and the user has
++different uid and gid, then as the storage socket for the dynamic
++user does not contains gid, we need to obtain gid.
++
++Follow-up for 9ec655cbbd7505ef465e0444da0622e46099ce42.
++
++Fixes #9702.
++
++(cherry picked from commit 25a1df7c652d180eb716412885c3ce3fcc1bbded)
++---
++ src/core/dynamic-user.c | 10 ++++++++++
++ 1 file changed, 10 insertions(+)
++
++diff --git a/src/core/dynamic-user.c b/src/core/dynamic-user.c
++index 7c5111d..f380db5 100644
++--- a/src/core/dynamic-user.c
+++++ b/src/core/dynamic-user.c
++@@ -525,6 +525,16 @@ static int dynamic_user_realize(
++ num = new_uid;
++ uid_lock_fd = new_uid_lock_fd;
++ }
+++ } else if (is_user && !uid_is_dynamic(num)) {
+++ struct passwd *p;
+++
+++ /* Statically allocated user may have different uid and gid. So, let's obtain the gid. */
+++ errno = 0;
+++ p = getpwuid(num);
+++ if (!p)
+++ return errno > 0 ? -errno : -ESRCH;
+++
+++ gid = p->pw_gid;
++ }
++
++ /* If the UID/GID was already allocated dynamically, push the data we popped out back in. If it was already
--- /dev/null
--- /dev/null
++From: Lennart Poettering <lennart@poettering.net>
++Date: Wed, 17 Oct 2018 18:36:24 +0200
++Subject: =?utf-8?q?core=3A_when_deserializing_state_always_use_read=5Fline?=
++ =?utf-8?q?=28=E2=80=A6=2C_LONG=5FLINE=5FMAX=2C_=E2=80=A6=29?=
++
++This should be much better than fgets(), as we can read substantially
++longer lines and overly long lines result in proper errors.
++
++Fixes a vulnerability discovered by Jann Horn at Google.
++
++CVE-2018-15686
++LP: #1796402
++https://bugzilla.redhat.com/show_bug.cgi?id=1639071
++
++(cherry picked from commit 8948b3415d762245ebf5e19d80b97d4d8cc208c1)
++(cherry picked from commit 1a05ff4948d778280ec155a9abe69d3360bfddd9)
++---
++ src/core/job.c | 19 +++++++++++--------
++ src/core/manager.c | 44 ++++++++++++++++++++------------------------
++ src/core/unit.c | 34 ++++++++++++++++++----------------
++ src/core/unit.h | 2 +-
++ 4 files changed, 50 insertions(+), 49 deletions(-)
++
++diff --git a/src/core/job.c b/src/core/job.c
++index 734756b..8552ffb 100644
++--- a/src/core/job.c
+++++ b/src/core/job.c
++@@ -10,6 +10,7 @@
++ #include "dbus-job.h"
++ #include "dbus.h"
++ #include "escape.h"
+++#include "fileio.h"
++ #include "job.h"
++ #include "log.h"
++ #include "macro.h"
++@@ -1091,24 +1092,26 @@ int job_serialize(Job *j, FILE *f) {
++ }
++
++ int job_deserialize(Job *j, FILE *f) {
+++ int r;
+++
++ assert(j);
++ assert(f);
++
++ for (;;) {
++- char line[LINE_MAX], *l, *v;
+++ _cleanup_free_ char *line = NULL;
+++ char *l, *v;
++ size_t k;
++
++- if (!fgets(line, sizeof(line), f)) {
++- if (feof(f))
++- return 0;
++- return -errno;
++- }
+++ r = read_line(f, LONG_LINE_MAX, &line);
+++ if (r < 0)
+++ return log_error_errno(r, "Failed to read serialization line: %m");
+++ if (r == 0)
+++ return 0;
++
++- char_array_0(line);
++ l = strstrip(line);
++
++ /* End marker */
++- if (l[0] == 0)
+++ if (isempty(l))
++ return 0;
++
++ k = strcspn(l, "=");
++diff --git a/src/core/manager.c b/src/core/manager.c
++index 930df4e..5438207 100644
++--- a/src/core/manager.c
+++++ b/src/core/manager.c
++@@ -3130,22 +3130,19 @@ int manager_deserialize(Manager *m, FILE *f, FDSet *fds) {
++ m->n_reloading++;
++
++ for (;;) {
++- char line[LINE_MAX];
+++ _cleanup_free_ char *line = NULL;
++ const char *val, *l;
++
++- if (!fgets(line, sizeof(line), f)) {
++- if (feof(f))
++- r = 0;
++- else
++- r = -errno;
++-
+++ r = read_line(f, LONG_LINE_MAX, &line);
+++ if (r < 0) {
+++ log_error_errno(r, "Failed to read serialization line: %m");
++ goto finish;
++ }
+++ if (r == 0)
+++ break;
++
++- char_array_0(line);
++ l = strstrip(line);
++-
++- if (l[0] == 0)
+++ if (isempty(l)) /* end marker */
++ break;
++
++ if ((val = startswith(l, "current-job-id="))) {
++@@ -3312,29 +3309,31 @@ int manager_deserialize(Manager *m, FILE *f, FDSet *fds) {
++ }
++
++ for (;;) {
++- Unit *u;
++- char name[UNIT_NAME_MAX+2];
+++ _cleanup_free_ char *line = NULL;
++ const char* unit_name;
+++ Unit *u;
++
++ /* Start marker */
++- if (!fgets(name, sizeof(name), f)) {
++- if (feof(f))
++- r = 0;
++- else
++- r = -errno;
++-
+++ r = read_line(f, LONG_LINE_MAX, &line);
+++ if (r < 0) {
+++ log_error_errno(r, "Failed to read serialization line: %m");
++ goto finish;
++ }
+++ if (r == 0)
+++ break;
++
++- char_array_0(name);
++- unit_name = strstrip(name);
+++ unit_name = strstrip(line);
++
++ r = manager_load_unit(m, unit_name, NULL, NULL, &u);
++ if (r < 0) {
++ log_notice_errno(r, "Failed to load unit \"%s\", skipping deserialization: %m", unit_name);
++ if (r == -ENOMEM)
++ goto finish;
++- unit_deserialize_skip(f);
+++
+++ r = unit_deserialize_skip(f);
+++ if (r < 0)
+++ goto finish;
+++
++ continue;
++ }
++
++@@ -3347,9 +3346,6 @@ int manager_deserialize(Manager *m, FILE *f, FDSet *fds) {
++ }
++
++ finish:
++- if (ferror(f))
++- r = -EIO;
++-
++ assert(m->n_reloading > 0);
++ m->n_reloading--;
++
++diff --git a/src/core/unit.c b/src/core/unit.c
++index 113205b..a3556cc 100644
++--- a/src/core/unit.c
+++++ b/src/core/unit.c
++@@ -3368,21 +3368,19 @@ int unit_deserialize(Unit *u, FILE *f, FDSet *fds) {
++ assert(fds);
++
++ for (;;) {
++- char line[LINE_MAX], *l, *v;
+++ _cleanup_free_ char *line = NULL;
++ CGroupIPAccountingMetric m;
+++ char *l, *v;
++ size_t k;
++
++- if (!fgets(line, sizeof(line), f)) {
++- if (feof(f))
++- return 0;
++- return -errno;
++- }
+++ r = read_line(f, LONG_LINE_MAX, &line);
+++ if (r < 0)
+++ return log_error_errno(r, "Failed to read serialization line: %m");
+++ if (r == 0) /* eof */
+++ break;
++
++- char_array_0(line);
++ l = strstrip(line);
++-
++- /* End marker */
++- if (isempty(l))
+++ if (isempty(l)) /* End marker */
++ break;
++
++ k = strcspn(l, "=");
++@@ -3657,23 +3655,27 @@ int unit_deserialize(Unit *u, FILE *f, FDSet *fds) {
++ return 0;
++ }
++
++-void unit_deserialize_skip(FILE *f) {
+++int unit_deserialize_skip(FILE *f) {
+++ int r;
++ assert(f);
++
++ /* Skip serialized data for this unit. We don't know what it is. */
++
++ for (;;) {
++- char line[LINE_MAX], *l;
+++ _cleanup_free_ char *line = NULL;
+++ char *l;
++
++- if (!fgets(line, sizeof line, f))
++- return;
+++ r = read_line(f, LONG_LINE_MAX, &line);
+++ if (r < 0)
+++ return log_error_errno(r, "Failed to read serialization line: %m");
+++ if (r == 0)
+++ return 0;
++
++- char_array_0(line);
++ l = strstrip(line);
++
++ /* End marker */
++ if (isempty(l))
++- return;
+++ return 1;
++ }
++ }
++
++diff --git a/src/core/unit.h b/src/core/unit.h
++index b3131eb..e1a60da 100644
++--- a/src/core/unit.h
+++++ b/src/core/unit.h
++@@ -679,7 +679,7 @@ bool unit_can_serialize(Unit *u) _pure_;
++
++ int unit_serialize(Unit *u, FILE *f, FDSet *fds, bool serialize_jobs);
++ int unit_deserialize(Unit *u, FILE *f, FDSet *fds);
++-void unit_deserialize_skip(FILE *f);
+++int unit_deserialize_skip(FILE *f);
++
++ int unit_serialize_item(Unit *u, FILE *f, const char *key, const char *value);
++ int unit_serialize_item_escaped(Unit *u, FILE *f, const char *key, const char *value);
--- /dev/null
--- /dev/null
++From: Martin Pitt <mpitt@debian.org>
++Date: Wed, 18 Jan 2017 11:21:35 +0100
++Subject: Add env variable for machine ID path
++
++During package build, in minimal chroots, or other systems which do not already
++have an /etc/machine-id we get six test failures. Introduce a
++$SYSTEMD_MACHINE_ID_PATH environment variable which can specify a location
++other than /etc/machine-id, so that the unit tests are independent from the
++environment.
++
++Also adjust test-fs-util to not assume that /etc/machine-id exists. Use
++/etc/issue instead which is from base-files.
++
++Closes: #851445
++
++Bug: https://bugs.freedesktop.org/show_bug.cgi?id=62344
++---
++ src/libsystemd/sd-id128/sd-id128.c | 2 +-
++ src/test/test-fs-util.c | 11 +++++++----
++ 2 files changed, 8 insertions(+), 5 deletions(-)
++
++diff --git a/src/libsystemd/sd-id128/sd-id128.c b/src/libsystemd/sd-id128/sd-id128.c
++index b712328..3f23758 100644
++--- a/src/libsystemd/sd-id128/sd-id128.c
+++++ b/src/libsystemd/sd-id128/sd-id128.c
++@@ -90,7 +90,7 @@ _public_ int sd_id128_get_machine(sd_id128_t *ret) {
++ assert_return(ret, -EINVAL);
++
++ if (sd_id128_is_null(saved_machine_id)) {
++- r = id128_read("/etc/machine-id", ID128_PLAIN, &saved_machine_id);
+++ r = id128_read(getenv("SYSTEMD_MACHINE_ID_PATH") ?: "/etc/machine-id", ID128_PLAIN, &saved_machine_id);
++ if (r < 0)
++ return r;
++
++diff --git a/src/test/test-fs-util.c b/src/test/test-fs-util.c
++index fc650b5..b319745 100644
++--- a/src/test/test-fs-util.c
+++++ b/src/test/test-fs-util.c
++@@ -174,7 +174,7 @@ static void test_chase_symlinks(void) {
++ assert_se(streq(result, "/test-chase.fsldajfl"));
++ result = mfree(result);
++
++- r = chase_symlinks("/etc/machine-id/foo", NULL, 0, &result);
+++ r = chase_symlinks("/etc/issue/foo", NULL, 0, &result);
++ assert_se(r == -ENOTDIR);
++ result = mfree(result);
++
++@@ -247,23 +247,26 @@ static void test_chase_symlinks(void) {
++ assert_se(chase_symlinks(q, NULL, CHASE_SAFE, NULL) >= 0);
++ }
++
++- p = strjoina(temp, "/machine-id-test");
++- assert_se(symlink("/usr/../etc/./machine-id", p) >= 0);
+++ p = strjoina(temp, "/issue-test");
+++ assert_se(symlink("/usr/../etc/./issue", p) >= 0);
++
++ pfd = chase_symlinks(p, NULL, CHASE_OPEN, NULL);
++ if (pfd != -ENOENT) {
++ _cleanup_close_ int fd = -1;
+++/*
++ sd_id128_t a, b;
+++*/
++
++ assert_se(pfd >= 0);
++
++ fd = fd_reopen(pfd, O_RDONLY|O_CLOEXEC);
++ assert_se(fd >= 0);
++ safe_close(pfd);
++-
+++/*
++ assert_se(id128_read_fd(fd, ID128_PLAIN, &a) >= 0);
++ assert_se(sd_id128_get_machine(&b) >= 0);
++ assert_se(sd_id128_equal(a, b));
+++*/
++ }
++
++ /* Test CHASE_ONE */
--- /dev/null
--- /dev/null
++From: Julien Muchembled <jm@jmuchemb.eu>
++Date: Tue, 29 Apr 2014 11:40:50 +0200
++Subject: Add support for TuxOnIce hibernation
++
++systemd does not support non-mainline kernel features so upstream rejected this
++patch.
++It is however required for systemd integration by tuxonice-userui package.
++
++Forwarded: http://lists.freedesktop.org/archives/systemd-devel/2014-April/018960.html
++---
++ src/shared/sleep-config.c | 6 ++++++
++ 1 file changed, 6 insertions(+)
++
++diff --git a/src/shared/sleep-config.c b/src/shared/sleep-config.c
++index 9e4ce18..80d9eb8 100644
++--- a/src/shared/sleep-config.c
+++++ b/src/shared/sleep-config.c
++@@ -229,6 +229,12 @@ static bool enough_swap_for_hibernation(void) {
++ if (getenv_bool("SYSTEMD_BYPASS_HIBERNATION_MEMORY_CHECK") > 0)
++ return true;
++
+++ /* TuxOnIce is an alternate implementation for hibernation.
+++ * It can be configured to compress the image to a file or an inactive
+++ * swap partition, so there's nothing more we can do here. */
+++ if (access("/sys/power/tuxonice", F_OK) == 0)
+++ return true;
+++
++ r = find_hibernate_location(NULL, NULL, &size, &used);
++ if (r < 0)
++ return false;
--- /dev/null
--- /dev/null
++From: Tollef Fog Heen <tfheen@err.no>
++Date: Tue, 5 Jun 2012 20:59:36 +0200
++Subject: Bring tmpfiles.d/tmp.conf in line with Debian defaults
++
++Closes: #675422
++---
++ tmpfiles.d/tmp.conf | 4 ++--
++ 1 file changed, 2 insertions(+), 2 deletions(-)
++
++diff --git a/tmpfiles.d/tmp.conf b/tmpfiles.d/tmp.conf
++index 22555a0..8fb117f 100644
++--- a/tmpfiles.d/tmp.conf
+++++ b/tmpfiles.d/tmp.conf
++@@ -8,8 +8,8 @@
++ # See tmpfiles.d(5) for details
++
++ # Clear tmp directories separately, to make them easier to override
++-q /tmp 1777 root root 10d
++-q /var/tmp 1777 root root 30d
+++D /tmp 1777 root root -
+++#q /var/tmp 1777 root root 30d
++
++ # Exclude namespace mountpoints created with PrivateTmp=yes
++ x /tmp/systemd-private-%b-*
--- /dev/null
--- /dev/null
++From: Martin Pitt <martin.pitt@ubuntu.com>
++Date: Sun, 28 Dec 2014 12:49:35 +0100
++Subject: Don't enable audit by default
++
++It causes flooding of dmesg and syslog, suppressing actually important
++messages.
++
++Don't enable it for now, until a better solution is found:
++http://lists.freedesktop.org/archives/systemd-devel/2014-December/026591.html
++
++Bug-Debian: https://bugs.debian.org/773528
++---
++ src/journal/journald-audit.c | 5 -----
++ 1 file changed, 5 deletions(-)
++
++diff --git a/src/journal/journald-audit.c b/src/journal/journald-audit.c
++index 8772668..c5f4d55 100644
++--- a/src/journal/journald-audit.c
+++++ b/src/journal/journald-audit.c
++@@ -536,10 +536,5 @@ int server_open_audit(Server *s) {
++ if (r < 0)
++ return log_error_errno(r, "Failed to add audit fd to event loop: %m");
++
++- /* We are listening now, try to enable audit */
++- r = enable_audit(s->audit_fd, true);
++- if (r < 0)
++- log_warning_errno(r, "Failed to issue audit enable call: %m");
++-
++ return 0;
++ }
--- /dev/null
--- /dev/null
++From: Michael Biebl <biebl@debian.org>
++Date: Wed, 18 Jul 2018 23:49:16 +0200
++Subject: Drop seccomp system call filter for udev
++
++The seccomp based system call whitelist requires at least systemd 239 to
++be the active init and during a dist-upgrade we can't guarantee that
++systemd has been fully configured before udev is restarted.
++
++This partially reverts upstream commit
++ee8f26180d01e3ddd4e5f20b03b81e5e737657ae.
++
++Once buster is released, this patch can be dropped.
++
++Closes: #903224
++---
++ units/systemd-udevd.service.in | 2 --
++ 1 file changed, 2 deletions(-)
++
++diff --git a/units/systemd-udevd.service.in b/units/systemd-udevd.service.in
++index 6a3814e..2b9fa69 100644
++--- a/units/systemd-udevd.service.in
+++++ b/units/systemd-udevd.service.in
++@@ -29,8 +29,6 @@ PrivateMounts=yes
++ MemoryDenyWriteExecute=yes
++ RestrictRealtime=yes
++ RestrictAddressFamilies=AF_UNIX AF_NETLINK AF_INET AF_INET6
++-SystemCallFilter=@system-service @module @raw-io
++-SystemCallErrorNumber=EPERM
++ SystemCallArchitectures=native
++ LockPersonality=yes
++ IPAddressDeny=any
--- /dev/null
--- /dev/null
++From: Iain Lane <iain@orangesquash.org.uk>
++Date: Mon, 22 Aug 2016 07:03:27 +0200
++Subject: Let graphical-session-pre.target be manually started
++
++This is needed until https://github.com/systemd/systemd/issues/3750 is fixed.
++
++Forwarded: not-needed
++Bug-Ubuntu: https://launchpad.net/bugs/1615341
++---
++ units/user/graphical-session-pre.target | 1 -
++ 1 file changed, 1 deletion(-)
++
++diff --git a/units/user/graphical-session-pre.target b/units/user/graphical-session-pre.target
++index 3adfc5a..c4e1001 100644
++--- a/units/user/graphical-session-pre.target
+++++ b/units/user/graphical-session-pre.target
++@@ -12,5 +12,4 @@ Description=Session services which should run early before the graphical session
++ Documentation=man:systemd.special(7)
++ Requires=basic.target
++ Before=graphical-session.target
++-RefuseManualStart=yes
++ StopWhenUnneeded=yes
--- /dev/null
--- /dev/null
++From: Michael Biebl <biebl@debian.org>
++Date: Fri, 5 Sep 2014 01:15:16 +0200
++Subject: Make /run/lock tmpfs an API fs
++
++The /run/lock directory is world-writable in Debian due to historic
++reasons. To avoid user processes filling up /run, we mount a separate
++tmpfs for /run/lock. As this directory needs to be available during
++early boot, we make it an API fs.
++
++Drop it from tmpfiles.d/legacy.conf to not clobber the permissions.
++
++Closes: #751392
++---
++ src/core/mount-setup.c | 2 ++
++ tmpfiles.d/legacy.conf | 1 -
++ 2 files changed, 2 insertions(+), 1 deletion(-)
++
++diff --git a/src/core/mount-setup.c b/src/core/mount-setup.c
++index 16880e6..908a83f 100644
++--- a/src/core/mount-setup.c
+++++ b/src/core/mount-setup.c
++@@ -81,6 +81,8 @@ static const MountPoint mount_table[] = {
++ #endif
++ { "tmpfs", "/run", "tmpfs", "mode=755", MS_NOSUID|MS_NODEV|MS_STRICTATIME,
++ NULL, MNT_FATAL|MNT_IN_CONTAINER },
+++ { "tmpfs", "/run/lock", "tmpfs", "mode=1777,size=5242880", MS_NOSUID|MS_NODEV|MS_NOEXEC,
+++ NULL, MNT_FATAL|MNT_IN_CONTAINER },
++ { "cgroup2", "/sys/fs/cgroup", "cgroup2", "nsdelegate", MS_NOSUID|MS_NOEXEC|MS_NODEV,
++ cg_is_unified_wanted, MNT_IN_CONTAINER|MNT_CHECK_WRITABLE },
++ { "cgroup2", "/sys/fs/cgroup", "cgroup2", NULL, MS_NOSUID|MS_NOEXEC|MS_NODEV,
++diff --git a/tmpfiles.d/legacy.conf b/tmpfiles.d/legacy.conf
++index 62e2ae0..ea5e735 100644
++--- a/tmpfiles.d/legacy.conf
+++++ b/tmpfiles.d/legacy.conf
++@@ -10,7 +10,6 @@
++ # These files are considered legacy and are unnecessary on legacy-free
++ # systems.
++
++-d /run/lock 0755 root root -
++ L /var/lock - - - - ../run/lock
++
++ # /run/lock/subsys is used for serializing SysV service execution, and
--- /dev/null
--- /dev/null
++From: Martin Pitt <martin.pitt@ubuntu.com>
++Date: Mon, 9 Feb 2015 10:53:43 +0100
++Subject: Only start logind if dbus is installed
++
++logind fails to start in environments without dbus, such as LXC containers or
++servers. Add a startup condition to avoid the very noisy startup failure.
++
++Part of #772700
++---
++ units/systemd-logind.service.in | 1 +
++ 1 file changed, 1 insertion(+)
++
++diff --git a/units/systemd-logind.service.in b/units/systemd-logind.service.in
++index 5e090bc..9703674 100644
++--- a/units/systemd-logind.service.in
+++++ b/units/systemd-logind.service.in
++@@ -14,6 +14,7 @@ Documentation=https://www.freedesktop.org/wiki/Software/systemd/logind
++ Documentation=https://www.freedesktop.org/wiki/Software/systemd/multiseat
++ Wants=user.slice
++ After=nss-user-lookup.target user.slice
+++ConditionPathExists=/lib/systemd/system/dbus.service
++
++ # Ask for the dbus socket.
++ Wants=dbus.socket
--- /dev/null
--- /dev/null
++From: Martin Pitt <martin.pitt@ubuntu.com>
++Date: Fri, 28 Nov 2014 14:43:25 +0100
++Subject: Re-enable journal forwarding to syslog
++
++Revert upstream commit 46b131574fdd7d77 for now, until Debian's sysloggers
++can/do all read from the journal directly. See
++
++ http://lists.freedesktop.org/archives/systemd-devel/2014-November/025550.html
++
++for details. Once we grow a journal.conf.d/ directory, sysloggers can be moved
++to pulling from the journal one by one and disable forwarding again in such a
++conf.d snippet.
++---
++ man/journald.conf.xml | 2 +-
++ src/journal/journald-server.c | 1 +
++ src/journal/journald.conf | 2 +-
++ 3 files changed, 3 insertions(+), 2 deletions(-)
++
++diff --git a/man/journald.conf.xml b/man/journald.conf.xml
++index ee8e8b7..889d3c9 100644
++--- a/man/journald.conf.xml
+++++ b/man/journald.conf.xml
++@@ -286,7 +286,7 @@
++ the system console, or sent as wall messages to all logged-in users. These
++ options take boolean arguments. If forwarding to syslog is enabled but nothing
++ reads messages from the socket, forwarding to syslog has no effect. By default,
++- only forwarding to wall is enabled. These settings may be overridden at boot time
+++ only forwarding to syslog and wall is enabled. These settings may be overridden at boot time
++ with the kernel command line options
++ <literal>systemd.journald.forward_to_syslog</literal>,
++ <literal>systemd.journald.forward_to_kmsg</literal>,
++diff --git a/src/journal/journald-server.c b/src/journal/journald-server.c
++index 4f1550e..f48059d 100644
++--- a/src/journal/journald-server.c
+++++ b/src/journal/journald-server.c
++@@ -1692,6 +1692,7 @@ int server_init(Server *s) {
++ s->rate_limit_interval = DEFAULT_RATE_LIMIT_INTERVAL;
++ s->rate_limit_burst = DEFAULT_RATE_LIMIT_BURST;
++
+++ s->forward_to_syslog = true;
++ s->forward_to_wall = true;
++
++ s->max_file_usec = DEFAULT_MAX_FILE_USEC;
++diff --git a/src/journal/journald.conf b/src/journal/journald.conf
++index 94d5c67..a397799 100644
++--- a/src/journal/journald.conf
+++++ b/src/journal/journald.conf
++@@ -29,7 +29,7 @@
++ #RuntimeMaxFiles=100
++ #MaxRetentionSec=
++ #MaxFileSec=1month
++-#ForwardToSyslog=no
+++#ForwardToSyslog=yes
++ #ForwardToKMsg=no
++ #ForwardToConsole=no
++ #ForwardToWall=yes
--- /dev/null
--- /dev/null
++From: Martin Pitt <martin.pitt@ubuntu.com>
++Date: Mon, 9 May 2016 21:24:38 +0200
++Subject: Revert "core: enable TasksMax= for all services by default,
++ and set it to 512"
++
++This reverts commit 9ded9cd14cc03c67291b10a5c42ce5094ba0912f.
++
++Introducing a default limit on number of threads broke a lot of software which
++regularly needs more, such as MySQL and RabbitMQ, or services that spawn off an
++indefinite number of subtasks that are not in a scope, like LXC or cron.
++
++15% is way too much for most "simple" services, and it's too little for others
++such as the ones mentioned above. There is also no particular rationale about
++any particular global limit, so even if we'd bump it higher we'd just make the
++limit even less useful while still breaking software.
++
++It is both much safer and also much more effective in terms of guarding against
++berserk programs/bugs/unintended fork bombs etc. to set limits in units
++individually. Once someone looks at one, this is then a great time to also flip
++on the other resource and privilege limitations that systemd offers.
++
++Bug: https://github.com/systemd/systemd/issues/3211
++Bug-Debian: https://bugs.debian.org/823530
++Bug-Ubuntu: https://launchpad.net/bugs/1578080
++---
++ man/systemd-system.conf.xml | 3 +--
++ src/core/system.conf.in | 2 +-
++ 2 files changed, 2 insertions(+), 3 deletions(-)
++
++diff --git a/man/systemd-system.conf.xml b/man/systemd-system.conf.xml
++index a914ef2..f0c17d5 100644
++--- a/man/systemd-system.conf.xml
+++++ b/man/systemd-system.conf.xml
++@@ -339,8 +339,7 @@
++ <listitem><para>Configure the default value for the per-unit <varname>TasksMax=</varname> setting. See
++ <citerefentry><refentrytitle>systemd.resource-control</refentrytitle><manvolnum>5</manvolnum></citerefentry>
++ for details. This setting applies to all unit types that support resource control settings, with the exception
++- of slice units. Defaults to 15%, which equals 4915 with the kernel's defaults on the host, but might be smaller
++- in OS containers.</para></listitem>
+++ of slice units.</para></listitem>
++ </varlistentry>
++
++ <varlistentry>
++diff --git a/src/core/system.conf.in b/src/core/system.conf.in
++index f0a59a7..901535e 100644
++--- a/src/core/system.conf.in
+++++ b/src/core/system.conf.in
++@@ -45,7 +45,7 @@
++ #DefaultBlockIOAccounting=no
++ #DefaultMemoryAccounting=@MEMORY_ACCOUNTING_DEFAULT@
++ #DefaultTasksAccounting=yes
++-#DefaultTasksMax=15%
+++#DefaultTasksMax=
++ #DefaultLimitCPU=
++ #DefaultLimitFSIZE=
++ #DefaultLimitDATA=
--- /dev/null
--- /dev/null
++From: Martin Pitt <martin.pitt@ubuntu.com>
++Date: Mon, 27 Apr 2015 15:29:13 +0200
++Subject: Revert "core: one step back again,
++ for nspawn we actually can't wait for cgroups running empty since systemd
++ will get exactly zero notifications about it"
++
++This reverts commit 743970d2ea6d08aa7c7bff8220f6b7702f2b1db7.
++
++Bug-Debian: https://bugs.debian.org/784720
++Bug-Ubuntu: https://launchpad.net/bugs/1448259
++Bug-Fedora: https://bugzilla.redhat.com/show_bug.cgi?id=1141137
++---
++ src/core/unit.c | 11 +----------
++ 1 file changed, 1 insertion(+), 10 deletions(-)
++
++diff --git a/src/core/unit.c b/src/core/unit.c
++index a3556cc..7e6b24d 100644
++--- a/src/core/unit.c
+++++ b/src/core/unit.c
++@@ -4579,16 +4579,7 @@ int unit_kill_context(
++
++ } else if (r > 0) {
++
++- /* FIXME: For now, on the legacy hierarchy, we will not wait for the cgroup members to die if
++- * we are running in a container or if this is a delegation unit, simply because cgroup
++- * notification is unreliable in these cases. It doesn't work at all in containers, and outside
++- * of containers it can be confused easily by left-over directories in the cgroup — which
++- * however should not exist in non-delegated units. On the unified hierarchy that's different,
++- * there we get proper events. Hence rely on them. */
++-
++- if (cg_unified_controller(SYSTEMD_CGROUP_CONTROLLER) > 0 ||
++- (detect_container() == 0 && !unit_cgroup_delegate(u)))
++- wait_for_exit = true;
+++ wait_for_exit = true;
++
++ if (send_sighup) {
++ set_free(pid_set);
--- /dev/null
--- /dev/null
++From: Martin Pitt <martin.pitt@ubuntu.com>
++Date: Sat, 27 Feb 2016 12:27:06 +0100
++Subject: Revert "core: set RLIMIT_CORE to unlimited by default"
++
++Partially revert commit 15a900327ab as this completely breaks core dumps
++without systemd-coredump. It's also contradicting core(8), and it's not
++systemd's place to redefine the kernel definitions of core files.
++
++Commit bdfd7b2c now honours the process' RLIMIT_CORE for systemd-coredump. This
++isn't what RLIMIT_CORE is supposed to do (it limits the size of the core
++*file*, but the kernel deliberately ignores it for piping), so set a static
++2^63 core size limit for systemd-coredump to go back to the previous behaviour
++(otherwise the change above would break systemd-coredump).
++
++Bug-Debian: https://bugs.debian.org/815020
++---
++ src/core/main.c | 2 --
++ sysctl.d/50-coredump.conf.in | 2 +-
++ 2 files changed, 1 insertion(+), 3 deletions(-)
++
++diff --git a/src/core/main.c b/src/core/main.c
++index 44dd834..b85f9b7 100644
++--- a/src/core/main.c
+++++ b/src/core/main.c
++@@ -2251,8 +2251,6 @@ int main(int argc, char *argv[]) {
++ kernel_timestamp = DUAL_TIMESTAMP_NULL;
++ }
++
++- initialize_coredump(skip_setup);
++-
++ r = fixup_environment();
++ if (r < 0) {
++ log_emergency_errno(r, "Failed to fix up PID 1 environment: %m");
++diff --git a/sysctl.d/50-coredump.conf.in b/sysctl.d/50-coredump.conf.in
++index ccd5c2c..53e74a1 100644
++--- a/sysctl.d/50-coredump.conf.in
+++++ b/sysctl.d/50-coredump.conf.in
++@@ -9,4 +9,4 @@
++ # and systemd-coredump(8) and core(5) for the explanation of the
++ # setting below.
++
++-kernel.core_pattern=|@rootlibexecdir@/systemd-coredump %P %u %g %s %t %c %h %e
+++kernel.core_pattern=|@rootlibexecdir@/systemd-coredump %P %u %g %s %t 9223372036854775808 %h %e
--- /dev/null
--- /dev/null
++From: Michael Biebl <biebl@debian.org>
++Date: Wed, 27 Jun 2018 14:31:42 +0200
++Subject: Revert "systemctl: when removing enablement or mask symlinks,
++ cover both /run and /etc"
++
++We currently have packages in the archive which use
++"systemctl --runtime unmask" and are broken by this change.
++This is a intermediate step until it is clear whether upstream will
++revert this commit or whether we will have to update affected packages
++to deal with this changed behaviour.
++
++See #902287 and https://github.com/systemd/systemd/issues/9393
++
++This reverts commit 4910b35078ad24dcbc63f372b2fee087640201d0.
++---
++ man/systemctl.xml | 22 +++----
++ src/shared/install.c | 162 +++++++++++++++++++++++++---------------------
++ src/systemctl/systemctl.c | 5 --
++ 3 files changed, 98 insertions(+), 91 deletions(-)
++
++diff --git a/man/systemctl.xml b/man/systemctl.xml
++index d95d372..abf3ea4 100644
++--- a/man/systemctl.xml
+++++ b/man/systemctl.xml
++@@ -557,19 +557,19 @@
++ <term><option>--runtime</option></term>
++
++ <listitem>
++- <para>When used with <command>set-property</command>, make changes only
++- temporarily, so that they are lost on the next reboot.</para>
++-
++- <para>Similarily, when used with <command>enable</command>, <command>mask</command>,
++- <command>edit</command> and related commands, make temporary changes, which are lost on
++- the next reboot. Changes are not made in subdirectories of <filename>/etc</filename>, but
++- in <filename>/run</filename>. The immediate effect is identical, however since the latter
+++ <para>When used with <command>enable</command>,
+++ <command>disable</command>, <command>edit</command>,
+++ (and related commands), make changes only temporarily, so
+++ that they are lost on the next reboot. This will have the
+++ effect that changes are not made in subdirectories of
+++ <filename>/etc</filename> but in <filename>/run</filename>,
+++ with identical immediate effects, however, since the latter
++ is lost on reboot, the changes are lost too.</para>
++
++- <para>Note: this option cannot be used with <command>disable</command>,
++- <command>unmask</command>, <command>preset</command>, or <command>preset-all</command>,
++- because those operations sometimes need to remove symlinks under <filename>/etc</filename>
++- to have the desired effect, which would cause a persistent change.</para>
+++ <para>Similarly, when used with
+++ <command>set-property</command>, make changes only
+++ temporarily, so that they are lost on the next
+++ reboot.</para>
++ </listitem>
++ </varlistentry>
++
++diff --git a/src/shared/install.c b/src/shared/install.c
++index 77ae812..e53f09f 100644
++--- a/src/shared/install.c
+++++ b/src/shared/install.c
++@@ -1911,6 +1911,7 @@ static int install_context_mark_for_removal(
++ InstallContext *c,
++ const LookupPaths *paths,
++ Set **remove_symlinks_to,
+++ const char *config_path,
++ UnitFileChange **changes,
++ size_t *n_changes) {
++
++@@ -1919,6 +1920,7 @@ static int install_context_mark_for_removal(
++
++ assert(c);
++ assert(paths);
+++ assert(config_path);
++
++ /* Marks all items for removal */
++
++@@ -2028,7 +2030,7 @@ int unit_file_unmask(
++ size_t n_todo = 0, n_allocated = 0;
++ const char *config_path;
++ char **i;
++- bool dry_run = !!(flags & UNIT_FILE_DRY_RUN);
+++ bool dry_run;
++ int r, q;
++
++ assert(scope >= 0);
++@@ -2038,71 +2040,73 @@ int unit_file_unmask(
++ if (r < 0)
++ return r;
++
+++ config_path = (flags & UNIT_FILE_RUNTIME) ? paths.runtime_config : paths.persistent_config;
+++ if (!config_path)
+++ return -ENXIO;
+++
+++ dry_run = !!(flags & UNIT_FILE_DRY_RUN);
+++
++ STRV_FOREACH(i, files) {
+++ _cleanup_free_ char *path = NULL;
+++
++ if (!unit_name_is_valid(*i, UNIT_NAME_ANY))
++ return -EINVAL;
++
++- FOREACH_STRING(config_path, paths.runtime_config, paths.persistent_config) {
++- _cleanup_free_ char *path = NULL;
++-
++- path = path_make_absolute(*i, config_path);
++- if (!path)
++- return -ENOMEM;
+++ path = path_make_absolute(*i, config_path);
+++ if (!path)
+++ return -ENOMEM;
++
++- r = null_or_empty_path(path);
++- if (r == -ENOENT)
++- continue;
++- if (r < 0)
++- return r;
++- if (r == 0)
++- continue;
+++ r = null_or_empty_path(path);
+++ if (r == -ENOENT)
+++ continue;
+++ if (r < 0)
+++ return r;
+++ if (r == 0)
+++ continue;
++
++- if (!GREEDY_REALLOC0(todo, n_allocated, n_todo + 2))
++- return -ENOMEM;
+++ if (!GREEDY_REALLOC0(todo, n_allocated, n_todo + 2))
+++ return -ENOMEM;
++
++- todo[n_todo] = strdup(*i);
++- if (!todo[n_todo])
++- return -ENOMEM;
+++ todo[n_todo] = strdup(*i);
+++ if (!todo[n_todo])
+++ return -ENOMEM;
++
++- n_todo++;
++- }
+++ n_todo++;
++ }
++
++ strv_uniq(todo);
++
++ r = 0;
++- FOREACH_STRING(config_path, paths.runtime_config, paths.persistent_config) {
++- STRV_FOREACH(i, todo) {
++- _cleanup_free_ char *path = NULL;
++- const char *rp;
++-
++- path = path_make_absolute(*i, config_path);
++- if (!path)
++- return -ENOMEM;
+++ STRV_FOREACH(i, todo) {
+++ _cleanup_free_ char *path = NULL;
+++ const char *rp;
++
++- if (!dry_run && unlink(path) < 0) {
++- if (errno != ENOENT) {
++- if (r >= 0)
++- r = -errno;
++- unit_file_changes_add(changes, n_changes, -errno, path, NULL);
++- }
+++ path = path_make_absolute(*i, config_path);
+++ if (!path)
+++ return -ENOMEM;
++
++- continue;
+++ if (!dry_run && unlink(path) < 0) {
+++ if (errno != ENOENT) {
+++ if (r >= 0)
+++ r = -errno;
+++ unit_file_changes_add(changes, n_changes, -errno, path, NULL);
++ }
++
++- unit_file_changes_add(changes, n_changes, UNIT_FILE_UNLINK, path, NULL);
++-
++- rp = skip_root(&paths, path);
++- q = mark_symlink_for_removal(&remove_symlinks_to, rp ?: path);
++- if (q < 0)
++- return q;
+++ continue;
++ }
++
++- q = remove_marked_symlinks(remove_symlinks_to, config_path, &paths, dry_run, changes, n_changes);
++- if (r >= 0)
++- r = q;
+++ unit_file_changes_add(changes, n_changes, UNIT_FILE_UNLINK, path, NULL);
+++
+++ rp = skip_root(&paths, path);
+++ q = mark_symlink_for_removal(&remove_symlinks_to, rp ?: path);
+++ if (q < 0)
+++ return q;
++ }
++
+++ q = remove_marked_symlinks(remove_symlinks_to, config_path, &paths, dry_run, changes, n_changes);
+++ if (r >= 0)
+++ r = q;
+++
++ return r;
++ }
++
++@@ -2494,7 +2498,6 @@ int unit_file_disable(
++ _cleanup_(lookup_paths_free) LookupPaths paths = {};
++ _cleanup_(install_context_done) InstallContext c = {};
++ _cleanup_set_free_free_ Set *remove_symlinks_to = NULL;
++- bool dry_run = !!(flags & UNIT_FILE_DRY_RUN);
++ const char *config_path;
++ char **i;
++ int r;
++@@ -2506,6 +2509,10 @@ int unit_file_disable(
++ if (r < 0)
++ return r;
++
+++ config_path = (flags & UNIT_FILE_RUNTIME) ? paths.runtime_config : paths.persistent_config;
+++ if (!config_path)
+++ return -ENXIO;
+++
++ STRV_FOREACH(i, files) {
++ if (!unit_name_is_valid(*i, UNIT_NAME_ANY))
++ return -EINVAL;
++@@ -2515,17 +2522,11 @@ int unit_file_disable(
++ return r;
++ }
++
++- r = install_context_mark_for_removal(scope, &c, &paths, &remove_symlinks_to, changes, n_changes);
+++ r = install_context_mark_for_removal(scope, &c, &paths, &remove_symlinks_to, config_path, changes, n_changes);
++ if (r < 0)
++ return r;
++
++- FOREACH_STRING(config_path, paths.runtime_config, paths.persistent_config) {
++- r = remove_marked_symlinks(remove_symlinks_to, config_path, &paths, dry_run, changes, n_changes);
++- if (r < 0)
++- return r;
++- }
++-
++- return 0;
+++ return remove_marked_symlinks(remove_symlinks_to, config_path, &paths, !!(flags & UNIT_FILE_DRY_RUN), changes, n_changes);
++ }
++
++ int unit_file_reenable(
++@@ -2909,45 +2910,45 @@ int unit_file_query_preset(UnitFileScope scope, const char *root_dir, const char
++
++ static int execute_preset(
++ UnitFileScope scope,
++- UnitFileFlags flags,
++ InstallContext *plus,
++ InstallContext *minus,
++ const LookupPaths *paths,
+++ const char *config_path,
++ char **files,
++ UnitFilePresetMode mode,
+++ bool force,
++ UnitFileChange **changes,
++ size_t *n_changes) {
++
++- const char *config_path;
++- bool force = !!(flags & UNIT_FILE_FORCE);
++- bool runtime = !!(flags & UNIT_FILE_RUNTIME);
++- int r = 0, q;
+++ int r;
++
++ assert(plus);
++ assert(minus);
++ assert(paths);
+++ assert(config_path);
++
++ if (mode != UNIT_FILE_PRESET_ENABLE_ONLY) {
++ _cleanup_set_free_free_ Set *remove_symlinks_to = NULL;
++
++- q = install_context_mark_for_removal(scope, minus, paths, &remove_symlinks_to, changes, n_changes);
++- if (q < 0)
++- return q;
+++ r = install_context_mark_for_removal(scope, minus, paths, &remove_symlinks_to, config_path, changes, n_changes);
+++ if (r < 0)
+++ return r;
++
++- FOREACH_STRING(config_path, paths->runtime_config, paths->persistent_config) {
++- q = remove_marked_symlinks(remove_symlinks_to, config_path, paths, false, changes, n_changes);
++- if (r == 0)
++- r = q;
++- }
++- }
+++ r = remove_marked_symlinks(remove_symlinks_to, config_path, paths, false, changes, n_changes);
+++ } else
+++ r = 0;
++
++ if (mode != UNIT_FILE_PRESET_DISABLE_ONLY) {
+++ int q;
+++
++ /* Returns number of symlinks that where supposed to be installed. */
++- q = install_context_apply(scope, plus, paths,
++- runtime ? paths->runtime_config : paths->persistent_config,
++- force, SEARCH_LOAD, changes, n_changes);
++- if (r == 0)
++- r = q;
+++ q = install_context_apply(scope, plus, paths, config_path, force, SEARCH_LOAD, changes, n_changes);
+++ if (r >= 0) {
+++ if (q < 0)
+++ r = q;
+++ else
+++ r += q;
+++ }
++ }
++
++ return r;
++@@ -3011,6 +3012,7 @@ int unit_file_preset(
++ _cleanup_(install_context_done) InstallContext plus = {}, minus = {};
++ _cleanup_(lookup_paths_free) LookupPaths paths = {};
++ _cleanup_(presets_freep) Presets presets = {};
+++ const char *config_path;
++ char **i;
++ int r;
++
++@@ -3022,6 +3024,10 @@ int unit_file_preset(
++ if (r < 0)
++ return r;
++
+++ config_path = (flags & UNIT_FILE_RUNTIME) ? paths.runtime_config : paths.persistent_config;
+++ if (!config_path)
+++ return -ENXIO;
+++
++ r = read_presets(scope, root_dir, &presets);
++ if (r < 0)
++ return r;
++@@ -3032,7 +3038,7 @@ int unit_file_preset(
++ return r;
++ }
++
++- return execute_preset(scope, flags, &plus, &minus, &paths, files, mode, changes, n_changes);
+++ return execute_preset(scope, &plus, &minus, &paths, config_path, files, mode, !!(flags & UNIT_FILE_FORCE), changes, n_changes);
++ }
++
++ int unit_file_preset_all(
++@@ -3046,6 +3052,7 @@ int unit_file_preset_all(
++ _cleanup_(install_context_done) InstallContext plus = {}, minus = {};
++ _cleanup_(lookup_paths_free) LookupPaths paths = {};
++ _cleanup_(presets_freep) Presets presets = {};
+++ const char *config_path = NULL;
++ char **i;
++ int r;
++
++@@ -3057,6 +3064,10 @@ int unit_file_preset_all(
++ if (r < 0)
++ return r;
++
+++ config_path = (flags & UNIT_FILE_RUNTIME) ? paths.runtime_config : paths.persistent_config;
+++ if (!config_path)
+++ return -ENXIO;
+++
++ r = read_presets(scope, root_dir, &presets);
++ if (r < 0)
++ return r;
++@@ -3074,6 +3085,7 @@ int unit_file_preset_all(
++ }
++
++ FOREACH_DIRENT(de, d, return -errno) {
+++
++ if (!unit_name_is_valid(de->d_name, UNIT_NAME_ANY))
++ continue;
++
++@@ -3097,7 +3109,7 @@ int unit_file_preset_all(
++ }
++ }
++
++- return execute_preset(scope, flags, &plus, &minus, &paths, NULL, mode, changes, n_changes);
+++ return execute_preset(scope, &plus, &minus, &paths, config_path, NULL, mode, !!(flags & UNIT_FILE_FORCE), changes, n_changes);
++ }
++
++ static void unit_file_list_free_one(UnitFileList *f) {
++diff --git a/src/systemctl/systemctl.c b/src/systemctl/systemctl.c
++index f072ad0..fc0baa8 100644
++--- a/src/systemctl/systemctl.c
+++++ b/src/systemctl/systemctl.c
++@@ -7683,11 +7683,6 @@ static int systemctl_parse_argv(int argc, char *argv[]) {
++ return -EINVAL;
++ }
++
++- if (arg_runtime && STRPTR_IN_SET(argv[optind], "disable", "unmask", "preset", "preset-all")) {
++- log_error("--runtime cannot be used with %s", argv[optind]);
++- return -EINVAL;
++- }
++-
++ return 1;
++ }
++
--- /dev/null
--- /dev/null
++From: Michael Biebl <biebl@debian.org>
++Date: Thu, 18 Jul 2013 01:04:07 +0200
++Subject: Revert "udev: network device renaming - immediately give up if the
++ target name isn't available"
++
++This reverts commit 97595710b77aa162ca5e20da57d0a1ed7355eaad.
++
++We need to keep supporting systems with 75-persistent-net-generator.rules
++generated names for a while after switching to net.ifnames. Re-apply this old
++hack to make the renaming less likely to fail.
++---
++ src/udev/udev-event.c | 41 ++++++++++++++++++++++++++++++++++++++---
++ 1 file changed, 38 insertions(+), 3 deletions(-)
++
++diff --git a/src/udev/udev-event.c b/src/udev/udev-event.c
++index fd8406d..14c1d26 100644
++--- a/src/udev/udev-event.c
+++++ b/src/udev/udev-event.c
++@@ -819,18 +819,53 @@ static int rename_netif(struct udev_event *event) {
++ char name[IFNAMSIZ];
++ const char *oldname;
++ int r;
+++ int loop;
++
++ oldname = udev_device_get_sysname(dev);
++
++ strscpy(name, IFNAMSIZ, event->name);
++
+++ r = rtnl_set_link_name(&event->rtnl, udev_device_get_ifindex(dev), name);
+++ if (r >= 0) {
+++ log_debug("renamed network interface %s to %s\n", oldname, name);
+++ goto out;
+++ }
+++
+++ /* keep trying if the destination interface name already exists */
+++ if (r != -EEXIST)
+++ goto out;
+++
+++ /* free our own name, another process may wait for us */
+++ snprintf(name, IFNAMSIZ, "rename%u", udev_device_get_ifindex(dev));
++ r = rtnl_set_link_name(&event->rtnl, udev_device_get_ifindex(dev), name);
++ if (r < 0)
++- return log_error_errno(r, "Error changing net interface name '%s' to '%s': %m", oldname, name);
+++ goto out;
++
++- log_debug("renamed network interface '%s' to '%s'", oldname, name);
+++ /* log temporary name */
+++ log_debug("renamed network interface %s to %s\n", oldname, name);
++
++- return 0;
+++ /* wait a maximum of 90 seconds for our target to become available */
+++ strscpy(name, IFNAMSIZ, event->name);
+++ loop = 90 * 20;
+++ while (loop--) {
+++ const struct timespec duration = { 0, 1000 * 1000 * 1000 / 20 };
+++
+++ nanosleep(&duration, NULL);
+++
+++ r = rtnl_set_link_name(&event->rtnl, udev_device_get_ifindex(dev), name);
+++ if (r >= 0) {
+++ log_debug("renamed network interface %s to %s\n", oldname, name);
+++ break;
+++ }
+++ if (r != -EEXIST)
+++ break;
+++ }
+++
+++out:
+++ if (r < 0)
+++ log_error("error changing net interface name '%s' to '%s': %s",
+++ oldname, name, strerror(-r));
+++ return r;
++ }
++
++ void udev_event_execute_rules(struct udev_event *event,
--- /dev/null
--- /dev/null
++From: Michael Biebl <biebl@debian.org>
++Date: Sun, 17 Dec 2017 00:31:20 +0100
++Subject: Revert "udev-rules: Permission changes for /dev/dri/renderD*"
++
++This would introduce a new system group "render". As the name is rather
++generic, this needs further discussion first, so revert this change for
++now.
++
++This reverts commit 4e15a7343cb389e97f3eb4f49699161862d8b8b2.
++---
++ meson.build | 2 --
++ meson_options.txt | 2 --
++ rules/50-udev-default.rules.in | 5 +----
++ src/login/70-uaccess.rules.m4 | 2 +-
++ 4 files changed, 2 insertions(+), 9 deletions(-)
++
++diff --git a/meson.build b/meson.build
++index 1d6144e..b16c9ca 100644
++--- a/meson.build
+++++ b/meson.build
++@@ -743,7 +743,6 @@ conf.set10('ENABLE_WHEEL_GROUP', get_option('wheel-group'))
++ dev_kvm_mode = get_option('dev-kvm-mode')
++ substs.set('DEV_KVM_MODE', dev_kvm_mode)
++ conf.set10('DEV_KVM_UACCESS', dev_kvm_mode != '0666')
++-substs.set('GROUP_RENDER_MODE', get_option('group-render-mode'))
++
++ kill_user_processes = get_option('default-kill-user-processes')
++ conf.set10('KILL_USER_PROCESSES', kill_user_processes)
++@@ -2884,7 +2883,6 @@ status = [
++ 'minimum container UID base: @0@'.format(container_uid_base_min),
++ 'maximum container UID base: @0@'.format(container_uid_base_max),
++ '/dev/kvm access mode: @0@'.format(get_option('dev-kvm-mode')),
++- 'render group access mode: @0@'.format(get_option('group-render-mode')),
++ 'certificate root directory: @0@'.format(get_option('certificate-root')),
++ 'support URL: @0@'.format(support_url),
++ 'nobody user name: @0@'.format(nobody_user),
++diff --git a/meson_options.txt b/meson_options.txt
++index 1b78cf0..712f300 100644
++--- a/meson_options.txt
+++++ b/meson_options.txt
++@@ -180,8 +180,6 @@ option('nobody-group', type : 'string',
++ value : 'nobody')
++ option('dev-kvm-mode', type : 'string', value : '0666',
++ description : '/dev/kvm access mode')
++-option('group-render-mode', type : 'string', value : '0666',
++- description : 'Access mode for devices owned by render group (e.g. /dev/dri/renderD*, /dev/kfd).')
++ option('default-kill-user-processes', type : 'boolean',
++ description : 'the default value for KillUserProcesses= setting')
++ option('gshadow', type : 'boolean',
++diff --git a/rules/50-udev-default.rules.in b/rules/50-udev-default.rules.in
++index 191f56f..63aa3db 100644
++--- a/rules/50-udev-default.rules.in
+++++ b/rules/50-udev-default.rules.in
++@@ -31,14 +31,11 @@ SUBSYSTEM=="input", KERNEL=="js[0-9]*", MODE="0664"
++
++ SUBSYSTEM=="video4linux", GROUP="video"
++ SUBSYSTEM=="graphics", GROUP="video"
++-SUBSYSTEM=="drm", KERNEL!="renderD*", GROUP="video"
+++SUBSYSTEM=="drm", GROUP="video"
++ SUBSYSTEM=="dvb", GROUP="video"
++ SUBSYSTEM=="media", GROUP="video"
++ SUBSYSTEM=="cec", GROUP="video"
++
++-SUBSYSTEM=="drm", KERNEL=="renderD*", GROUP="render", MODE="@GROUP_RENDER_MODE@"
++-SUBSYSTEM=="kfd", GROUP="render", MODE="@GROUP_RENDER_MODE@"
++-
++ SUBSYSTEM=="sound", GROUP="audio", \
++ OPTIONS+="static_node=snd/seq", OPTIONS+="static_node=snd/timer"
++
++diff --git a/src/login/70-uaccess.rules.m4 b/src/login/70-uaccess.rules.m4
++index d55e5bf..e46cacb 100644
++--- a/src/login/70-uaccess.rules.m4
+++++ b/src/login/70-uaccess.rules.m4
++@@ -45,7 +45,7 @@ SUBSYSTEM=="firewire", ATTR{units}=="*0x00a02d:0x010001*", TAG+="uaccess"
++ SUBSYSTEM=="firewire", ATTR{units}=="*0x00a02d:0x014001*", TAG+="uaccess"
++
++ # DRI video devices
++-SUBSYSTEM=="drm", KERNEL=="card*", TAG+="uaccess"
+++SUBSYSTEM=="drm", KERNEL=="card*|renderD*", TAG+="uaccess"
++ m4_ifdef(`DEV_KVM_UACCESS',``
++ # KVM
++ SUBSYSTEM=="misc", KERNEL=="kvm", TAG+="uaccess"''
--- /dev/null
--- /dev/null
++From: Nis Martensen <nis.martensen@web.de>
++Date: Tue, 19 Jan 2016 22:01:43 +0100
++Subject: Skip filesystem check if already done by the initramfs
++
++Newer versions of initramfs-tools already fsck and mount / and /usr in
++the initramfs. Skip the filesystem check in this case.
++
++Based on a previous patch by Michael Biebl <biebl@debian.org>.
++
++Closes: #782522
++Closes: #810748
++---
++ src/fstab-generator/fstab-generator.c | 11 ++++++++---
++ units/systemd-fsck-root.service.in | 1 +
++ 2 files changed, 9 insertions(+), 3 deletions(-)
++
++diff --git a/src/fstab-generator/fstab-generator.c b/src/fstab-generator/fstab-generator.c
++index 482229b..1a7281e 100644
++--- a/src/fstab-generator/fstab-generator.c
+++++ b/src/fstab-generator/fstab-generator.c
++@@ -300,6 +300,7 @@ static int add_mount(
++ *where_escaped = NULL;
++ _cleanup_fclose_ FILE *f = NULL;
++ int r;
+++ struct stat sb;
++
++ assert(what);
++ assert(where);
++@@ -377,9 +378,13 @@ static int add_mount(
++ }
++
++ if (passno != 0) {
++- r = generator_write_fsck_deps(f, dest, what, where, fstype);
++- if (r < 0)
++- return r;
+++ if (streq(where, "/usr") && stat("/run/initramfs/fsck-usr", &sb) == 0)
+++ ; /* skip /usr fsck if it has already been checked in the initramfs */
+++ else {
+++ r = generator_write_fsck_deps(f, dest, what, where, fstype);
+++ if (r < 0)
+++ return r;
+++ }
++ }
++
++ fprintf(f, "\n[Mount]\n");
++diff --git a/units/systemd-fsck-root.service.in b/units/systemd-fsck-root.service.in
++index 3cc60e5..172a952 100644
++--- a/units/systemd-fsck-root.service.in
+++++ b/units/systemd-fsck-root.service.in
++@@ -15,6 +15,7 @@ Wants=systemd-fsckd.socket
++ Before=local-fs.target shutdown.target
++ After=systemd-fsckd.socket
++ ConditionPathIsReadWrite=!/
+++ConditionPathExists=!/run/initramfs/fsck-root
++
++ [Service]
++ Type=oneshot
--- /dev/null
--- /dev/null
++From: Michael Biebl <biebl@debian.org>
++Date: Thu, 18 Jul 2013 20:11:02 +0200
++Subject: Use Debian specific config files
++
++Use /etc/default/locale instead of /etc/locale.conf for locale settings.
++
++Use /etc/default/keyboard instead of /etc/X11/xorg.conf.d/00-keyboard.conf for
++keyboard configuration.
++
++Read/write /etc/timezone if /etc/localtime does not exist.
++---
++ src/basic/time-util.c | 21 ++++-
++ src/core/locale-setup.c | 22 +++++
++ src/locale/keymap-util.c | 206 ++++++++++++++++++++++++-----------------------
++ src/timedate/timedated.c | 10 +++
++ 4 files changed, 156 insertions(+), 103 deletions(-)
++
++diff --git a/src/basic/time-util.c b/src/basic/time-util.c
++index fe201c3..fdcdbda 100644
++--- a/src/basic/time-util.c
+++++ b/src/basic/time-util.c
++@@ -1395,8 +1395,25 @@ int get_timezone(char **tz) {
++ int r;
++
++ r = readlink_malloc("/etc/localtime", &t);
++- if (r < 0)
++- return r; /* returns EINVAL if not a symlink */
+++ if (r < 0) {
+++ if (r != -EINVAL)
+++ return r; /* returns EINVAL if not a symlink */
+++
+++ r = read_one_line_file("/etc/timezone", &t);
+++ if (r < 0) {
+++ if (r != -ENOENT)
+++ log_warning_errno(r, "Failed to read /etc/timezone: %m");
+++ return -EINVAL;
+++ }
+++
+++ if (!timezone_is_valid(t, LOG_DEBUG))
+++ return -EINVAL;
+++ z = strdup(t);
+++ if (!z)
+++ return -ENOMEM;
+++ *tz = z;
+++ return 0;
+++ }
++
++ e = path_startswith(t, "/usr/share/zoneinfo/");
++ if (!e)
++diff --git a/src/core/locale-setup.c b/src/core/locale-setup.c
++index c14523f..b35b8e6 100644
++--- a/src/core/locale-setup.c
+++++ b/src/core/locale-setup.c
++@@ -64,6 +64,28 @@ int locale_setup(char ***environment) {
++ log_warning_errno(r, "Failed to read /etc/locale.conf: %m");
++ }
++
+++ if (r <= 0) {
+++ r = parse_env_file(NULL, "/etc/default/locale", NEWLINE,
+++ "LANG", &variables[VARIABLE_LANG],
+++ "LANGUAGE", &variables[VARIABLE_LANGUAGE],
+++ "LC_CTYPE", &variables[VARIABLE_LC_CTYPE],
+++ "LC_NUMERIC", &variables[VARIABLE_LC_NUMERIC],
+++ "LC_TIME", &variables[VARIABLE_LC_TIME],
+++ "LC_COLLATE", &variables[VARIABLE_LC_COLLATE],
+++ "LC_MONETARY", &variables[VARIABLE_LC_MONETARY],
+++ "LC_MESSAGES", &variables[VARIABLE_LC_MESSAGES],
+++ "LC_PAPER", &variables[VARIABLE_LC_PAPER],
+++ "LC_NAME", &variables[VARIABLE_LC_NAME],
+++ "LC_ADDRESS", &variables[VARIABLE_LC_ADDRESS],
+++ "LC_TELEPHONE", &variables[VARIABLE_LC_TELEPHONE],
+++ "LC_MEASUREMENT", &variables[VARIABLE_LC_MEASUREMENT],
+++ "LC_IDENTIFICATION", &variables[VARIABLE_LC_IDENTIFICATION],
+++ NULL);
+++
+++ if (r < 0 && r != -ENOENT)
+++ log_warning_errno(r, "Failed to read /etc/default/locale: %m");
+++ }
+++
++ add = NULL;
++ for (i = 0; i < _VARIABLE_LC_MAX; i++) {
++ char *s;
++diff --git a/src/locale/keymap-util.c b/src/locale/keymap-util.c
++index 598b931..0f1aed4 100644
++--- a/src/locale/keymap-util.c
+++++ b/src/locale/keymap-util.c
++@@ -85,6 +85,7 @@ void locale_simplify(char *locale[_VARIABLE_LC_MAX]) {
++ int locale_read_data(Context *c, sd_bus_message *m) {
++ struct stat st;
++ int r;
+++ const char *path = "/etc/locale.conf";
++
++ /* Do not try to re-read the file within single bus operation. */
++ if (m && m == c->locale_cache)
++@@ -93,7 +94,11 @@ int locale_read_data(Context *c, sd_bus_message *m) {
++ /* To suppress multiple call of stat(), store the message to cache here. */
++ c->locale_cache = m;
++
++- r = stat("/etc/locale.conf", &st);
+++ r = stat(path, &st);
+++ if (r < 0 && errno == ENOENT) {
+++ path = "/etc/default/locale";
+++ r = stat(path, &st);
+++ }
++ if (r < 0 && errno != ENOENT)
++ return -errno;
++
++@@ -108,7 +113,7 @@ int locale_read_data(Context *c, sd_bus_message *m) {
++ c->locale_mtime = t;
++ context_free_locale(c);
++
++- r = parse_env_file(NULL, "/etc/locale.conf", NEWLINE,
+++ r = parse_env_file(NULL, path, NEWLINE,
++ "LANG", &c->locale[VARIABLE_LANG],
++ "LANGUAGE", &c->locale[VARIABLE_LANGUAGE],
++ "LC_CTYPE", &c->locale[VARIABLE_LC_CTYPE],
++@@ -189,9 +194,6 @@ int vconsole_read_data(Context *c, sd_bus_message *m) {
++ }
++
++ int x11_read_data(Context *c, sd_bus_message *m) {
++- _cleanup_fclose_ FILE *f = NULL;
++- bool in_section = false;
++- char line[LINE_MAX];
++ struct stat st;
++ usec_t t;
++ int r;
++@@ -203,7 +205,7 @@ int x11_read_data(Context *c, sd_bus_message *m) {
++ /* To suppress multiple call of stat(), store the message to cache here. */
++ c->x11_cache = m;
++
++- if (stat("/etc/X11/xorg.conf.d/00-keyboard.conf", &st) < 0) {
+++ if (stat("/etc/default/keyboard", &st) < 0) {
++ if (errno != ENOENT)
++ return -errno;
++
++@@ -220,56 +222,15 @@ int x11_read_data(Context *c, sd_bus_message *m) {
++ c->x11_mtime = t;
++ context_free_x11(c);
++
++- f = fopen("/etc/X11/xorg.conf.d/00-keyboard.conf", "re");
++- if (!f)
++- return -errno;
++-
++- while (fgets(line, sizeof(line), f)) {
++- char *l;
++-
++- char_array_0(line);
++- l = strstrip(line);
++-
++- if (IN_SET(l[0], 0, '#'))
++- continue;
++-
++- if (in_section && first_word(l, "Option")) {
++- _cleanup_strv_free_ char **a = NULL;
++-
++- r = strv_split_extract(&a, l, WHITESPACE, EXTRACT_QUOTES);
++- if (r < 0)
++- return r;
++-
++- if (strv_length(a) == 3) {
++- char **p = NULL;
++-
++- if (streq(a[1], "XkbLayout"))
++- p = &c->x11_layout;
++- else if (streq(a[1], "XkbModel"))
++- p = &c->x11_model;
++- else if (streq(a[1], "XkbVariant"))
++- p = &c->x11_variant;
++- else if (streq(a[1], "XkbOptions"))
++- p = &c->x11_options;
++-
++- if (p) {
++- free_and_replace(*p, a[2]);
++- }
++- }
++-
++- } else if (!in_section && first_word(l, "Section")) {
++- _cleanup_strv_free_ char **a = NULL;
++-
++- r = strv_split_extract(&a, l, WHITESPACE, EXTRACT_QUOTES);
++- if (r < 0)
++- return -ENOMEM;
++-
++- if (strv_length(a) == 2 && streq(a[1], "InputClass"))
++- in_section = true;
+++ r = parse_env_file(NULL, "/etc/default/keyboard", NEWLINE,
+++ "XKBMODEL", &c->x11_model,
+++ "XKBLAYOUT", &c->x11_layout,
+++ "XKBVARIANT", &c->x11_variant,
+++ "XKBOPTIONS", &c->x11_options,
+++ NULL);
++
++- } else if (in_section && first_word(l, "EndSection"))
++- in_section = false;
++- }
+++ if (r < 0)
+++ return r;
++
++ return 0;
++ }
++@@ -278,9 +239,18 @@ int locale_write_data(Context *c, char ***settings) {
++ _cleanup_strv_free_ char **l = NULL;
++ struct stat st;
++ int r, p;
+++ const char *path = "/etc/locale.conf";
++
++ /* Set values will be returned as strv in *settings on success. */
++
+++ r = load_env_file(NULL, path, NULL, &l);
+++ if (r < 0 && r == -ENOENT) {
+++ path = "/etc/default/locale";
+++ r = load_env_file(NULL, path, NULL, &l);
+++ }
+++ if (r < 0 && r != -ENOENT)
+++ return r;
+++
++ for (p = 0; p < _VARIABLE_LC_MAX; p++) {
++ _cleanup_free_ char *t = NULL;
++ char **u;
++@@ -303,20 +273,20 @@ int locale_write_data(Context *c, char ***settings) {
++ }
++
++ if (strv_isempty(l)) {
++- if (unlink("/etc/locale.conf") < 0)
+++ if (unlink(path) < 0)
++ return errno == ENOENT ? 0 : -errno;
++
++ c->locale_mtime = USEC_INFINITY;
++ return 0;
++ }
++
++- r = write_env_file_label("/etc/locale.conf", l);
+++ r = write_env_file_label(path, l);
++ if (r < 0)
++ return r;
++
++ *settings = TAKE_PTR(l);
++
++- if (stat("/etc/locale.conf", &st) >= 0)
+++ if (stat(path, &st) >= 0)
++ c->locale_mtime = timespec_load(&st.st_mtim);
++
++ return 0;
++@@ -384,70 +354,104 @@ int vconsole_write_data(Context *c) {
++ }
++
++ int x11_write_data(Context *c) {
++- _cleanup_fclose_ FILE *f = NULL;
++- _cleanup_free_ char *temp_path = NULL;
++ struct stat st;
++ int r;
+++ char *t, **u, **l = NULL;
++
++- if (isempty(c->x11_layout) &&
++- isempty(c->x11_model) &&
++- isempty(c->x11_variant) &&
++- isempty(c->x11_options)) {
+++ r = load_env_file(NULL, "/etc/default/keyboard", NULL, &l);
+++ if (r < 0 && r != -ENOENT)
+++ return r;
++
++- if (unlink("/etc/X11/xorg.conf.d/00-keyboard.conf") < 0)
++- return errno == ENOENT ? 0 : -errno;
+++ /* This could perhaps be done more elegantly using an array
+++ * like we do for the locale, instead of struct
+++ */
+++ if (isempty(c->x11_layout)) {
+++ l = strv_env_unset(l, "XKBLAYOUT");
+++ } else {
+++ if (asprintf(&t, "XKBLAYOUT=%s", c->x11_layout) < 0) {
+++ strv_free(l);
+++ return -ENOMEM;
+++ }
++
++- c->vc_mtime = USEC_INFINITY;
++- return 0;
+++ u = strv_env_set(l, t);
+++ free(t);
+++ strv_free(l);
+++
+++ if (!u)
+++ return -ENOMEM;
+++
+++ l = u;
++ }
++
++- mkdir_p_label("/etc/X11/xorg.conf.d", 0755);
+++ if (isempty(c->x11_model)) {
+++ l = strv_env_unset(l, "XKBMODEL");
+++ } else {
+++ if (asprintf(&t, "XKBMODEL=%s", c->x11_model) < 0) {
+++ strv_free(l);
+++ return -ENOMEM;
+++ }
++
++- r = fopen_temporary("/etc/X11/xorg.conf.d/00-keyboard.conf", &f, &temp_path);
++- if (r < 0)
++- return r;
+++ u = strv_env_set(l, t);
+++ free(t);
+++ strv_free(l);
++
++- (void) __fsetlocking(f, FSETLOCKING_BYCALLER);
++- (void) fchmod(fileno(f), 0644);
+++ if (!u)
+++ return -ENOMEM;
++
++- fputs("# Written by systemd-localed(8), read by systemd-localed and Xorg. It's\n"
++- "# probably wise not to edit this file manually. Use localectl(1) to\n"
++- "# instruct systemd-localed to update it.\n"
++- "Section \"InputClass\"\n"
++- " Identifier \"system-keyboard\"\n"
++- " MatchIsKeyboard \"on\"\n", f);
+++ l = u;
+++ }
++
++- if (!isempty(c->x11_layout))
++- fprintf(f, " Option \"XkbLayout\" \"%s\"\n", c->x11_layout);
+++ if (isempty(c->x11_variant)) {
+++ l = strv_env_unset(l, "XKBVARIANT");
+++ } else {
+++ if (asprintf(&t, "XKBVARIANT=%s", c->x11_variant) < 0) {
+++ strv_free(l);
+++ return -ENOMEM;
+++ }
++
++- if (!isempty(c->x11_model))
++- fprintf(f, " Option \"XkbModel\" \"%s\"\n", c->x11_model);
+++ u = strv_env_set(l, t);
+++ free(t);
+++ strv_free(l);
++
++- if (!isempty(c->x11_variant))
++- fprintf(f, " Option \"XkbVariant\" \"%s\"\n", c->x11_variant);
+++ if (!u)
+++ return -ENOMEM;
+++
+++ l = u;
+++ }
++
++- if (!isempty(c->x11_options))
++- fprintf(f, " Option \"XkbOptions\" \"%s\"\n", c->x11_options);
+++ if (isempty(c->x11_options)) {
+++ l = strv_env_unset(l, "XKBOPTIONS");
+++ } else {
+++ if (asprintf(&t, "XKBOPTIONS=%s", c->x11_options) < 0) {
+++ strv_free(l);
+++ return -ENOMEM;
+++ }
++
++- fputs("EndSection\n", f);
+++ u = strv_env_set(l, t);
+++ free(t);
+++ strv_free(l);
++
++- r = fflush_sync_and_check(f);
++- if (r < 0)
++- goto fail;
+++ if (!u)
+++ return -ENOMEM;
++
++- if (rename(temp_path, "/etc/X11/xorg.conf.d/00-keyboard.conf") < 0) {
++- r = -errno;
++- goto fail;
+++ l = u;
++ }
++
++- if (stat("/etc/X11/xorg.conf.d/00-keyboard.conf", &st) >= 0)
++- c->x11_mtime = timespec_load(&st.st_mtim);
+++ if (strv_isempty(l)) {
+++ strv_free(l);
++
++- return 0;
+++ if (unlink("/etc/default/keyboard") < 0)
+++ return errno == ENOENT ? 0 : -errno;
+++
+++ c->vc_mtime = USEC_INFINITY;
+++ return 0;
+++ }
++
++-fail:
++- if (temp_path)
++- (void) unlink(temp_path);
+++ r = write_env_file("/etc/default/keyboard", l);
+++ strv_free(l);
+++
+++ if (r >= 0 && stat("/etc/default/keyboard", &st) >= 0)
+++ c->x11_mtime = timespec_load(&st.st_mtim);
++
++ return r;
++ }
++diff --git a/src/timedate/timedated.c b/src/timedate/timedated.c
++index 3b70939..cffaf07 100644
++--- a/src/timedate/timedated.c
+++++ b/src/timedate/timedated.c
++@@ -211,6 +211,7 @@ static int context_read_data(Context *c) {
++ static int context_write_data_timezone(Context *c) {
++ _cleanup_free_ char *p = NULL;
++ int r = 0;
+++ struct stat st;
++
++ assert(c);
++
++@@ -218,6 +219,9 @@ static int context_write_data_timezone(Context *c) {
++ if (unlink("/etc/localtime") < 0 && errno != ENOENT)
++ r = -errno;
++
+++ if (unlink("/etc/timezone") < 0 && errno != ENOENT)
+++ r = -errno;
+++
++ return r;
++ }
++
++@@ -229,6 +233,12 @@ static int context_write_data_timezone(Context *c) {
++ if (r < 0)
++ return r;
++
+++ if (stat("/etc/timezone", &st) == 0 && S_ISREG(st.st_mode)) {
+++ r = write_string_file("/etc/timezone", c->zone, WRITE_STRING_FILE_CREATE|WRITE_STRING_FILE_ATOMIC);
+++ if (r < 0)
+++ return r;
+++ }
+++
++ return 0;
++ }
++
--- /dev/null
--- /dev/null
++From: Didier Roche <didrocks@ubuntu.com>
++Date: Fri, 22 May 2015 13:04:38 +0200
++Subject: fsckd daemon for inter-fsckd communication
++
++Global logic:
++Add systemd-fsckd multiplexer which accepts multiple (via systemd-fsck's
++/run/systemd/fsck.progress socket) fsck instances to connect to it and sends
++progress report. systemd-fsckd then computes and writes to /dev/console the
++number of devices currently being checked and the minimum fsck progress.
++
++Plymouth and user interaction:
++Forward the progress to plymouth and support canellation of in progress fsck.
++Try to connect and send to plymouth (if running) some checked report progress,
++using direct plymouth protocole.
++
++Update message is the following:
++fsckd:<num_devices>:<progress>:<string>
++* num_devices corresponds to the current number of devices being checked (int)
++* progress corresponds to the current minimum percentage of all devices being
++ checked (float, from 0 to 100)
++* string is a translated message ready to be displayed by the plymouth theme
++ displaying the information above. It can be overridden by plymouth themes
++ supporting i18n.
++
++Grab in fsckd plymouth watch key Control+C, and propagate this cancel request
++to systemd-fsck which will terminate fsck.
++
++Send a message to signal to user what key we are grabbing for fsck cancel.
++
++Message is: fsckd-cancel-msg:<string>
++Where string is a translated string ready to be displayed by the plymouth theme
++indicating that Control+C can be used to cancel current checks. It can be
++overridden (matching only fsckd-cancel-msg prefix) for themes supporting i18n.
++
++Misc:
++systemd-fsckd stops on idle when no fsck is connected.
++Add man page explaining the plymouth theme protocol, usage of the daemon
++as well as the socket activation part. Adapt existing fsck man page.
++
++Note that fsckd had lived in the upstream tree for a while, but was removed.
++More information at
++http://lists.freedesktop.org/archives/systemd-devel/2015-April/030175.html
++-
++---
++ man/rules/meson.build | 1 +
++ man/systemd-fsckd.service.xml | 162 +++++++++
++ meson.build | 8 +
++ po/POTFILES.in | 1 +
++ src/fsckd/fsckd.c | 690 +++++++++++++++++++++++++++++++++++++
++ units/meson.build | 2 +
++ units/systemd-fsck-root.service.in | 2 +
++ units/systemd-fsck@.service.in | 3 +-
++ units/systemd-fsckd.service.in | 17 +
++ units/systemd-fsckd.socket | 15 +
++ 10 files changed, 900 insertions(+), 1 deletion(-)
++ create mode 100644 man/systemd-fsckd.service.xml
++ create mode 100644 src/fsckd/fsckd.c
++ create mode 100644 units/systemd-fsckd.service.in
++ create mode 100644 units/systemd-fsckd.socket
++
++diff --git a/man/rules/meson.build b/man/rules/meson.build
++index 9458a40..cbd947b 100644
++--- a/man/rules/meson.build
+++++ b/man/rules/meson.build
++@@ -566,6 +566,7 @@ manpages = [
++ '8',
++ ['systemd-fsck', 'systemd-fsck-root.service'],
++ ''],
+++ ['systemd-fsckd.service', '8', ['systemd-fsckd.socket', 'systemd-fsckd'], ''],
++ ['systemd-fstab-generator', '8', [], ''],
++ ['systemd-getty-generator', '8', [], ''],
++ ['systemd-gpt-auto-generator', '8', [], ''],
++diff --git a/man/systemd-fsckd.service.xml b/man/systemd-fsckd.service.xml
++new file mode 100644
++index 0000000..b7ad58d
++--- /dev/null
+++++ b/man/systemd-fsckd.service.xml
++@@ -0,0 +1,162 @@
+++<?xml version="1.0"?>
+++<!--*-nxml-*-->
+++<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.2//EN" "http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd">
+++<!--
+++ This file is part of systemd.
+++
+++ Copyright 2015 Canonical
+++
+++ systemd is free software; you can redistribute it and/or modify it
+++ under the terms of the GNU Lesser General Public License as published by
+++ the Free Software Foundation; either version 2.1 of the License, or
+++ (at your option) any later version.
+++
+++ systemd is distributed in the hope that it will be useful, but
+++ WITHOUT ANY WARRANTY; without even the implied warranty of
+++ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+++ Lesser General Public License for more details.
+++
+++ You should have received a copy of the GNU Lesser General Public License
+++ along with systemd; If not, see <http://www.gnu.org/licenses/>.
+++-->
+++<refentry id="systemd-fsckd.service" xmlns:xi="http://www.w3.org/2001/XInclude">
+++
+++ <refentryinfo>
+++ <title>systemd-fsckd.service</title>
+++ <productname>systemd</productname>
+++
+++ <authorgroup>
+++ <author>
+++ <contrib>Developer</contrib>
+++ <firstname>Didier</firstname>
+++ <surname>Roche</surname>
+++ <email>didrocks@ubuntu.com</email>
+++ </author>
+++ </authorgroup>
+++ </refentryinfo>
+++
+++ <refmeta>
+++ <refentrytitle>systemd-fsckd.service</refentrytitle>
+++ <manvolnum>8</manvolnum>
+++ </refmeta>
+++
+++ <refnamediv>
+++ <refname>systemd-fsckd.service</refname>
+++ <refname>systemd-fsckd.socket</refname>
+++ <refname>systemd-fsckd</refname>
+++ <refpurpose>File system check progress reporting</refpurpose>
+++ </refnamediv>
+++
+++ <refsynopsisdiv>
+++ <para><filename>systemd-fsckd.service</filename></para>
+++ <para><filename>systemd-fsckd.socket</filename></para>
+++ <para><filename>/usr/lib/systemd/systemd-fsckd</filename></para>
+++ </refsynopsisdiv>
+++
+++ <refsect1>
+++ <title>Description</title>
+++
+++ <para><filename>systemd-fsckd.service</filename> is a service responsible
+++ for receiving file system check progress, and communicating some
+++ consolidated data to console and plymouth (if running). It also handles
+++ possible check cancellations.</para>
+++
+++ <para><command>systemd-fsckd</command> receives messages about file
+++ system check progress from <command>fsck</command> through an
+++ UNIX domain socket. It can display the progress of the least advanced
+++ fsck as well as the total number of devices being checked in parallel
+++ to the console. It will also send progress messages to plymouth.
+++ Both the raw data and translated messages are sent, so compiled
+++ plymouth themes can use the raw data to display custom messages, and
+++ scripted themes, not supporting i18n, can display the translated
+++ versions.</para>
+++
+++ <para><command>systemd-fsckd</command> will instruct plymouth to grab
+++ Control+C keypresses. When the key is pressed, running checks will be
+++ terminated. It will also cancel any newly connected fsck instances for
+++ the lifetime of <filename>systemd-fsckd</filename>.</para>
+++ </refsect1>
+++
+++ <refsect1>
+++ <title>Protocol for communication with plymouth</title>
+++
+++ <para><filename>systemd-fsckd</filename> passes the
+++ following messages to the theme:</para>
+++
+++ <para>Progress update, sent as a plymouth update message:
+++ <literal>fsckd:<num_devices>:<progress>:<string></literal>
+++ <variablelist>
+++ <varlistentry>
+++ <term><literal><num_devices></literal></term>
+++ <listitem><para>the current number of devices
+++ being checked (int)</para></listitem>
+++ </varlistentry>
+++ <varlistentry>
+++ <term><literal><progress></literal></term>
+++ <listitem><para>the current minimum percentage of
+++ all devices being checking (float, from 0 to 100)</para></listitem>
+++ </varlistentry>
+++ <varlistentry>
+++ <term><literal><string></literal></term>
+++ <listitem><para>a translated message ready to be displayed
+++ by the plymouth theme displaying the data above. It can be overridden
+++ by themes supporting i18n.</para></listitem>
+++ </varlistentry>
+++ </variablelist>
+++ </para>
+++
+++ <para>Cancel message, sent as a traditional plymouth message:
+++ <literal>fsckd-cancel-msg:<string></literal>
+++ <variablelist>
+++ <varlistentry>
+++ <term><literal><strings></literal></term>
+++ <listitem><para>a translated string ready to be displayed
+++ by the plymouth theme indicating that Control+C can be used to cancel
+++ current checks. It can be overridden (matching only
+++ <literal>fsckd-cancel-msg</literal> prefix)
+++ by themes supporting i18n.</para></listitem>
+++ </varlistentry>
+++ </variablelist>
+++ </para>
+++ </refsect1>
+++
+++ <refsect1>
+++ <title>Options</title>
+++
+++ <para>The following options are understood:</para>
+++
+++ <variablelist>
+++ <xi:include href="standard-options.xml" xpointer="help" />
+++ <xi:include href="standard-options.xml" xpointer="version" />
+++ </variablelist>
+++
+++ </refsect1>
+++
+++ <refsect1>
+++ <title>Exit status</title>
+++
+++ <para>On success, 0 is returned, a non-zero failure
+++ code otherwise. Note that the daemon stays idle for
+++ a while to accept new <filename>fsck</filename>
+++ connections before exiting.</para>
+++ </refsect1>
+++
+++ <refsect1>
+++ <title>See Also</title>
+++ <para>
+++ <citerefentry><refentrytitle>systemd</refentrytitle><manvolnum>1</manvolnum></citerefentry>,
+++ <citerefentry><refentrytitle>systemd-fsck</refentrytitle><manvolnum>8</manvolnum></citerefentry>,
+++ <citerefentry project='man-pages'><refentrytitle>fsck</refentrytitle><manvolnum>8</manvolnum></citerefentry>,
+++ <citerefentry><refentrytitle>systemd-quotacheck.service</refentrytitle><manvolnum>8</manvolnum></citerefentry>,
+++ <citerefentry project='man-pages'><refentrytitle>fsck.btrfs</refentrytitle><manvolnum>8</manvolnum></citerefentry>,
+++ <citerefentry project='man-pages'><refentrytitle>fsck.cramfs</refentrytitle><manvolnum>8</manvolnum></citerefentry>,
+++ <citerefentry project='man-pages'><refentrytitle>fsck.ext4</refentrytitle><manvolnum>8</manvolnum></citerefentry>,
+++ <citerefentry project='man-pages'><refentrytitle>fsck.fat</refentrytitle><manvolnum>8</manvolnum></citerefentry>,
+++ <citerefentry project='man-pages'><refentrytitle>fsck.hfsplus</refentrytitle><manvolnum>8</manvolnum></citerefentry>,
+++ <citerefentry project='man-pages'><refentrytitle>fsck.minix</refentrytitle><manvolnum>8</manvolnum></citerefentry>,
+++ <citerefentry project='man-pages'><refentrytitle>fsck.ntfs</refentrytitle><manvolnum>8</manvolnum></citerefentry>,
+++ <citerefentry project='man-pages'><refentrytitle>fsck.xfs</refentrytitle><manvolnum>8</manvolnum></citerefentry>
+++ </para>
+++ </refsect1>
+++
+++</refentry>
++diff --git a/meson.build b/meson.build
++index 1d864e3..1d6144e 100644
++--- a/meson.build
+++++ b/meson.build
++@@ -2182,6 +2182,14 @@ executable('systemd-makefs',
++ install : true,
++ install_dir : rootlibexecdir)
++
+++executable('systemd-fsckd',
+++ 'src/fsckd/fsckd.c',
+++ include_directories : includes,
+++ link_with : [libshared],
+++ install_rpath : rootlibexecdir,
+++ install : true,
+++ install_dir : rootlibexecdir)
+++
++ executable('systemd-sleep',
++ 'src/sleep/sleep.c',
++ include_directories : includes,
++diff --git a/po/POTFILES.in b/po/POTFILES.in
++index 029261c..d709ddb 100644
++--- a/po/POTFILES.in
+++++ b/po/POTFILES.in
++@@ -8,3 +8,4 @@ src/portable/org.freedesktop.portable1.policy
++ src/resolve/org.freedesktop.resolve1.policy
++ src/timedate/org.freedesktop.timedate1.policy
++ src/core/dbus-unit.c
+++src/fsckd/fsckd.c
++diff --git a/src/fsckd/fsckd.c b/src/fsckd/fsckd.c
++new file mode 100644
++index 0000000..d48e53a
++--- /dev/null
+++++ b/src/fsckd/fsckd.c
++@@ -0,0 +1,690 @@
+++/*-*- Mode: C; c-basic-offset: 8; indent-tabs-mode: nil -*-*/
+++
+++/***
+++ This file is part of systemd.
+++
+++ Copyright 2015 Canonical
+++
+++ Author:
+++ Didier Roche <didrocks@ubuntu.com>
+++
+++ systemd is free software; you can redistribute it and/or modify it
+++ under the terms of the GNU Lesser General Public License as published by
+++ the Free Software Foundation; either version 2.1 of the License, or
+++ (at your option) any later version.
+++
+++ systemd is distributed in the hope that it will be useful, but
+++ WITHOUT ANY WARRANTY; without even the implied warranty of
+++ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+++ Lesser General Public License for more details.
+++
+++ You should have received a copy of the GNU Lesser General Public License
+++ along with systemd; If not, see <http://www.gnu.org/licenses/>.
+++***/
+++
+++#include <getopt.h>
+++#include <errno.h>
+++#include <libintl.h>
+++#include <math.h>
+++#include <stdbool.h>
+++#include <stdlib.h>
+++#include <stdio.h>
+++#include <sys/socket.h>
+++#include <sys/types.h>
+++#include <sys/un.h>
+++#include <unistd.h>
+++
+++#include "sd-daemon.h"
+++#include "build.h"
+++#include "def.h"
+++#include "sd-event.h"
+++#include "log.h"
+++#include "list.h"
+++#include "macro.h"
+++#include "socket-util.h"
+++#include "fd-util.h"
+++#include "string-util.h"
+++#include "io-util.h"
+++#include "util.h"
+++#include "alloc-util.h"
+++#include "locale-util.h"
+++
+++#define FSCKD_SOCKET_PATH "/run/systemd/fsck.progress"
+++#define IDLE_TIME_SECONDS 30
+++#define PLYMOUTH_REQUEST_KEY "K\2\2\3"
+++#define CLIENTS_MAX 128
+++
+++struct Manager;
+++
+++typedef struct Client {
+++ struct Manager *manager;
+++ char *device_name;
+++ /* device id refers to "fd <fd>" until it gets a name as "device_name" */
+++ char *device_id;
+++
+++ pid_t fsck_pid;
+++ FILE *fsck_f;
+++
+++ size_t cur;
+++ size_t max;
+++ int pass;
+++
+++ double percent;
+++
+++ bool cancelled;
+++ bool bad_input;
+++
+++ sd_event_source *event_source;
+++
+++ LIST_FIELDS(struct Client, clients);
+++} Client;
+++
+++typedef struct Manager {
+++ sd_event *event;
+++
+++ LIST_HEAD(Client, clients);
+++ unsigned n_clients;
+++
+++ size_t clear;
+++
+++ int connection_fd;
+++ sd_event_source *connection_event_source;
+++
+++ bool show_status_console;
+++
+++ double percent;
+++ int numdevices;
+++
+++ int plymouth_fd;
+++ sd_event_source *plymouth_event_source;
+++ bool plymouth_cancel_sent;
+++
+++ bool cancel_requested;
+++} Manager;
+++
+++static void client_free(Client *c);
+++static void manager_free(Manager *m);
+++
+++DEFINE_TRIVIAL_CLEANUP_FUNC(Client*, client_free);
+++DEFINE_TRIVIAL_CLEANUP_FUNC(Manager*, manager_free);
+++
+++static int manager_write_console(Manager *m, const char *message) {
+++ _cleanup_fclose_ FILE *console = NULL;
+++ int l;
+++ size_t j;
+++
+++ assert(m);
+++
+++ if (!m->show_status_console)
+++ return 0;
+++
+++ /* Reduce the SAK window by opening and closing console on every request */
+++ console = fopen("/dev/console", "we");
+++ if (!console)
+++ return -errno;
+++
+++ if (message) {
+++ fprintf(console, "\r%s\r%n", message, &l);
+++ if (m->clear < (size_t)l)
+++ m->clear = (size_t)l;
+++ } else {
+++ fputc('\r', console);
+++ for (j = 0; j < m->clear; j++)
+++ fputc(' ', console);
+++ fputc('\r', console);
+++ }
+++ fflush(console);
+++
+++ return 0;
+++}
+++
+++static double compute_percent(int pass, size_t cur, size_t max) {
+++ /* Values stolen from e2fsck */
+++
+++ static const double pass_table[] = {
+++ 0, 70, 90, 92, 95, 100
+++ };
+++
+++ if (pass <= 0)
+++ return 0.0;
+++
+++ if ((unsigned) pass >= ELEMENTSOF(pass_table) || max == 0)
+++ return 100.0;
+++
+++ return pass_table[pass-1] +
+++ (pass_table[pass] - pass_table[pass-1]) *
+++ (double) cur / max;
+++}
+++
+++static int client_request_cancel(Client *c) {
+++ assert(c);
+++
+++ if (c->cancelled)
+++ return 0;
+++
+++ log_info("Request to cancel fsck for %s from fsckd", c->device_id);
+++ if (kill(c->fsck_pid, SIGTERM) < 0) {
+++ /* ignore the error and consider that cancel was sent if fsck just exited */
+++ if (errno != ESRCH)
+++ return log_error_errno(errno, "Cannot send cancel to fsck for %s: %m", c->device_id);
+++ }
+++
+++ c->cancelled = true;
+++ return 1;
+++}
+++
+++static void client_free(Client *c) {
+++ assert(c);
+++
+++ if (c->manager) {
+++ LIST_REMOVE(clients, c->manager->clients, c);
+++ c->manager->n_clients--;
+++ }
+++
+++ sd_event_source_unref(c->event_source);
+++ fclose(c->fsck_f);
+++ if (c->device_name)
+++ free(c->device_name);
+++ if (c->device_id)
+++ free(c->device_id);
+++ free(c);
+++}
+++
+++static void manager_disconnect_plymouth(Manager *m) {
+++ assert(m);
+++
+++ m->plymouth_event_source = sd_event_source_unref(m->plymouth_event_source);
+++ m->plymouth_fd = safe_close(m->plymouth_fd);
+++ m->plymouth_cancel_sent = false;
+++}
+++
+++static int manager_plymouth_feedback_handler(sd_event_source *s, int fd, uint32_t revents, void *userdata) {
+++ Manager *m = userdata;
+++ Client *current;
+++ char buffer[6];
+++ ssize_t l;
+++
+++ assert(m);
+++
+++ l = read(m->plymouth_fd, buffer, sizeof(buffer));
+++ if (l < 0) {
+++ log_warning_errno(errno, "Got error while reading from plymouth: %m");
+++ manager_disconnect_plymouth(m);
+++ return -errno;
+++ }
+++ if (l == 0) {
+++ manager_disconnect_plymouth(m);
+++ return 0;
+++ }
+++
+++ if (l > 1 && buffer[0] == '\15')
+++ log_error("Message update to plymouth wasn't delivered successfully");
+++
+++ /* the only answer support type we requested is a key interruption */
+++ if (l > 2 && buffer[0] == '\2' && buffer[5] == '\3') {
+++ m->cancel_requested = true;
+++
+++ /* cancel all connected clients */
+++ LIST_FOREACH(clients, current, m->clients)
+++ client_request_cancel(current);
+++ }
+++
+++ return 0;
+++}
+++
+++static int manager_connect_plymouth(Manager *m) {
+++ union sockaddr_union sa = PLYMOUTH_SOCKET;
+++ int r;
+++
+++ if (!plymouth_running())
+++ return 0;
+++
+++ /* try to connect or reconnect if sending a message */
+++ if (m->plymouth_fd >= 0)
+++ return 1;
+++
+++ m->plymouth_fd = socket(AF_UNIX, SOCK_STREAM|SOCK_CLOEXEC, 0);
+++ if (m->plymouth_fd < 0)
+++ return log_warning_errno(errno, "Connection to plymouth socket failed: %m");
+++
+++ if (connect(m->plymouth_fd, &sa.sa, offsetof(struct sockaddr_un, sun_path) + 1 + strlen(sa.un.sun_path+1)) < 0) {
+++ r = log_warning_errno(errno, "Couldn't connect to plymouth: %m");
+++ goto fail;
+++ }
+++
+++ r = sd_event_add_io(m->event, &m->plymouth_event_source, m->plymouth_fd, EPOLLIN, manager_plymouth_feedback_handler, m);
+++ if (r < 0) {
+++ log_warning_errno(r, "Can't listen to plymouth socket: %m");
+++ goto fail;
+++ }
+++
+++ return 1;
+++
+++fail:
+++ manager_disconnect_plymouth(m);
+++ return r;
+++}
+++
+++static int plymouth_send_message(int plymouth_fd, const char *message, bool update) {
+++ _cleanup_free_ char *packet = NULL;
+++ int n;
+++ char mode = 'M';
+++
+++ if (update)
+++ mode = 'U';
+++
+++ if (asprintf(&packet, "%c\002%c%s%n", mode, (int) (strlen(message) + 1), message, &n) < 0)
+++ return log_oom();
+++
+++ return loop_write(plymouth_fd, packet, n + 1, true);
+++}
+++
+++static int manager_send_plymouth_message(Manager *m, const char *message) {
+++ const char *plymouth_cancel_message = NULL, *l10n_cancel_message = NULL;
+++ int r;
+++
+++ r = manager_connect_plymouth(m);
+++ if (r < 0)
+++ return r;
+++ /* 0 means that plymouth isn't running, do not send any message yet */
+++ else if (r == 0)
+++ return 0;
+++
+++ if (!m->plymouth_cancel_sent) {
+++
+++ /* Indicate to plymouth that we listen to Ctrl+C */
+++ r = loop_write(m->plymouth_fd, PLYMOUTH_REQUEST_KEY, sizeof(PLYMOUTH_REQUEST_KEY), true);
+++ if (r < 0)
+++ return log_warning_errno(r, "Can't send to plymouth cancel key: %m");
+++
+++ m->plymouth_cancel_sent = true;
+++
+++ l10n_cancel_message = _("Press Ctrl+C to cancel all filesystem checks in progress");
+++ plymouth_cancel_message = strjoina("fsckd-cancel-msg:", l10n_cancel_message);
+++
+++ r = plymouth_send_message(m->plymouth_fd, plymouth_cancel_message, false);
+++ if (r < 0)
+++ log_warning_errno(r, "Can't send filesystem cancel message to plymouth: %m");
+++
+++ } else if (m->numdevices == 0) {
+++
+++ m->plymouth_cancel_sent = false;
+++
+++ r = plymouth_send_message(m->plymouth_fd, "", false);
+++ if (r < 0)
+++ log_warning_errno(r, "Can't clear plymouth filesystem cancel message: %m");
+++ }
+++
+++ r = plymouth_send_message(m->plymouth_fd, message, true);
+++ if (r < 0)
+++ return log_warning_errno(r, "Couldn't send \"%s\" to plymouth: %m", message);
+++
+++ return 0;
+++}
+++
+++static int manager_update_global_progress(Manager *m) {
+++ Client *current = NULL;
+++ _cleanup_free_ char *console_message = NULL;
+++ _cleanup_free_ char *fsck_message = NULL;
+++ int current_numdevices = 0, r;
+++ double current_percent = 100;
+++
+++ /* get the overall percentage */
+++ LIST_FOREACH(clients, current, m->clients) {
+++ current_numdevices++;
+++
+++ /* right now, we only keep the minimum % of all fsckd processes. We could in the future trying to be
+++ linear, but max changes and corresponds to the pass. We have all the informations into fsckd
+++ already if we can treat that in a smarter way. */
+++ current_percent = MIN(current_percent, current->percent);
+++ }
+++
+++ /* update if there is anything user-visible to update */
+++ if (fabs(current_percent - m->percent) > 0.001 || current_numdevices != m->numdevices) {
+++ m->numdevices = current_numdevices;
+++ m->percent = current_percent;
+++
+++ if (asprintf(&console_message,
+++ ngettext("Checking in progress on %d disk (%3.1f%% complete)",
+++ "Checking in progress on %d disks (%3.1f%% complete)", m->numdevices),
+++ m->numdevices, m->percent) < 0)
+++ return -ENOMEM;
+++
+++ if (asprintf(&fsck_message, "fsckd:%d:%3.1f:%s", m->numdevices, m->percent, console_message) < 0)
+++ return -ENOMEM;
+++
+++ r = manager_write_console(m, console_message);
+++ if (r < 0)
+++ return r;
+++
+++ /* try to connect to plymouth and send message */
+++ r = manager_send_plymouth_message(m, fsck_message);
+++ if (r < 0)
+++ return r;
+++ }
+++ return 0;
+++}
+++
+++static int client_progress_handler(sd_event_source *s, int fd, uint32_t revents, void *userdata) {
+++ Client *client = userdata;
+++ char line[LINE_MAX];
+++ Manager *m;
+++
+++ assert(client);
+++ m = client->manager;
+++
+++ /* check first if we need to cancel this client */
+++ if (m->cancel_requested)
+++ client_request_cancel(client);
+++
+++ while (fgets(line, sizeof(line), client->fsck_f) != NULL) {
+++ int pass;
+++ size_t cur, max;
+++ _cleanup_free_ char *device = NULL, *old_device_id = NULL;
+++
+++ if (sscanf(line, "%i %zu %zu %ms", &pass, &cur, &max, &device) == 4) {
+++ if (!client->device_name) {
+++ client->device_name = strdup(device);
+++ if (!client->device_name) {
+++ log_oom();
+++ continue;
+++ }
+++ old_device_id = client->device_id;
+++ client->device_id = strdup(device);
+++ if (!client->device_id) {
+++ log_oom();
+++ client->device_id = old_device_id;
+++ old_device_id = NULL;
+++ continue;
+++ }
+++ }
+++ client->pass = pass;
+++ client->cur = cur;
+++ client->max = max;
+++ client->bad_input = false;
+++ client->percent = compute_percent(client->pass, client->cur, client->max);
+++ log_debug("Getting progress for %s (%zu, %zu, %d) : %3.1f%%", client->device_id,
+++ client->cur, client->max, client->pass, client->percent);
+++ } else {
+++ if (errno == ENOMEM) {
+++ log_oom();
+++ continue;
+++ }
+++
+++ /* if previous input was already garbage, kick it off from progress report */
+++ if (client->bad_input) {
+++ log_warning("Closing connection on incorrect input of fsck connection for %s", client->device_id);
+++ client_free(client);
+++ manager_update_global_progress(m);
+++ return 0;
+++ }
+++ client->bad_input = true;
+++ }
+++
+++ }
+++
+++ if (feof(client->fsck_f)) {
+++ log_debug("Fsck client %s disconnected", client->device_id);
+++ client_free(client);
+++ }
+++
+++ manager_update_global_progress(m);
+++ return 0;
+++}
+++
+++static int manager_new_connection_handler(sd_event_source *s, int fd, uint32_t revents, void *userdata) {
+++ _cleanup_(client_freep) Client *c = NULL;
+++ _cleanup_close_ int new_fsck_fd = -1;
+++ _cleanup_fclose_ FILE *new_fsck_f = NULL;
+++ struct ucred ucred = {};
+++ Manager *m = userdata;
+++ int r;
+++
+++ assert(m);
+++
+++ /* Initialize and list new clients */
+++ new_fsck_fd = accept4(m->connection_fd, NULL, NULL, SOCK_CLOEXEC|SOCK_NONBLOCK);
+++ if (new_fsck_fd < 0) {
+++ log_error_errno(errno, "Couldn't accept a new connection: %m");
+++ return 0;
+++ }
+++
+++ if (m->n_clients >= CLIENTS_MAX) {
+++ log_error("Too many clients, refusing connection.");
+++ return 0;
+++ }
+++
+++
+++ new_fsck_f = fdopen(new_fsck_fd, "r");
+++ if (!new_fsck_f) {
+++ log_error_errno(errno, "Couldn't fdopen new connection for fd %d: %m", new_fsck_fd);
+++ return 0;
+++ }
+++ new_fsck_fd = -1;
+++
+++ r = getpeercred(fileno(new_fsck_f), &ucred);
+++ if (r < 0) {
+++ log_error_errno(r, "Couldn't get credentials for fsck: %m");
+++ return 0;
+++ }
+++
+++ c = new0(Client, 1);
+++ if (!c) {
+++ log_oom();
+++ return 0;
+++ }
+++
+++ c->fsck_pid = ucred.pid;
+++ c->fsck_f = new_fsck_f;
+++ new_fsck_f = NULL;
+++
+++ if (asprintf(&(c->device_id), "fd %d", fileno(c->fsck_f)) < 0) {
+++ log_oom();
+++ return 0;
+++ }
+++
+++ r = sd_event_add_io(m->event, &c->event_source, fileno(c->fsck_f), EPOLLIN, client_progress_handler, c);
+++ if (r < 0) {
+++ log_oom();
+++ return 0;
+++ }
+++
+++ LIST_PREPEND(clients, m->clients, c);
+++ m->n_clients++;
+++ c->manager = m;
+++
+++ log_debug("New fsck client connected: %s", c->device_id);
+++
+++ /* only request the client to cancel now in case the request is dropped by the client (chance to recancel) */
+++ if (m->cancel_requested)
+++ client_request_cancel(c);
+++
+++ c = NULL;
+++ return 0;
+++}
+++
+++static void manager_free(Manager *m) {
+++ if (!m)
+++ return;
+++
+++ /* clear last line */
+++ manager_write_console(m, NULL);
+++
+++ sd_event_source_unref(m->connection_event_source);
+++ safe_close(m->connection_fd);
+++
+++ while (m->clients)
+++ client_free(m->clients);
+++
+++ manager_disconnect_plymouth(m);
+++
+++ sd_event_unref(m->event);
+++
+++ free(m);
+++}
+++
+++static int manager_new(Manager **ret, int fd) {
+++ _cleanup_(manager_freep) Manager *m = NULL;
+++ int r;
+++
+++ assert(ret);
+++
+++ m = new0(Manager, 1);
+++ if (!m)
+++ return -ENOMEM;
+++
+++ m->plymouth_fd = -1;
+++ m->connection_fd = fd;
+++ m->percent = 100;
+++
+++ r = sd_event_default(&m->event);
+++ if (r < 0)
+++ return r;
+++
+++ if (access("/run/systemd/show-status", F_OK) >= 0)
+++ m->show_status_console = true;
+++
+++ r = sd_event_add_io(m->event, &m->connection_event_source, fd, EPOLLIN, manager_new_connection_handler, m);
+++ if (r < 0)
+++ return r;
+++
+++ *ret = m;
+++ m = NULL;
+++
+++ return 0;
+++}
+++
+++static int run_event_loop_with_timeout(Manager *m, usec_t timeout) {
+++ int r, code;
+++ sd_event *e = m->event;
+++
+++ assert(e);
+++
+++ for (;;) {
+++ r = sd_event_get_state(e);
+++ if (r < 0)
+++ return r;
+++ if (r == SD_EVENT_FINISHED)
+++ break;
+++
+++ r = sd_event_run(e, timeout);
+++ if (r < 0)
+++ return r;
+++
+++ /* Exit if we reached the idle timeout and no more clients are
+++ connected. If there is still an fsck process running but
+++ simply slow to send us progress updates, exiting would mean
+++ that this fsck process receives SIGPIPE resulting in an
+++ aborted file system check. */
+++ if (r == 0 && m->n_clients == 0) {
+++ sd_event_exit(e, 0);
+++ break;
+++ }
+++ }
+++
+++ r = sd_event_get_exit_code(e, &code);
+++ if (r < 0)
+++ return r;
+++
+++ return code;
+++}
+++
+++static void help(void) {
+++ printf("%s [OPTIONS...]\n\n"
+++ "Capture fsck progress and forward one stream to plymouth\n\n"
+++ " -h --help Show this help\n"
+++ " --version Show package version\n",
+++ program_invocation_short_name);
+++}
+++
+++static int parse_argv(int argc, char *argv[]) {
+++
+++ enum {
+++ ARG_VERSION = 0x100,
+++ ARG_ROOT,
+++ };
+++
+++ static const struct option options[] = {
+++ { "help", no_argument, NULL, 'h' },
+++ { "version", no_argument, NULL, ARG_VERSION },
+++ {}
+++ };
+++
+++ int c;
+++
+++ assert(argc >= 0);
+++ assert(argv);
+++
+++ while ((c = getopt_long(argc, argv, "hv", options, NULL)) >= 0)
+++ switch (c) {
+++
+++ case 'h':
+++ help();
+++ return 0;
+++
+++ case ARG_VERSION:
+++ puts(PACKAGE_STRING);
+++ puts(SYSTEMD_FEATURES);
+++ return 0;
+++
+++ case '?':
+++ return -EINVAL;
+++
+++ default:
+++ assert_not_reached("Unhandled option");
+++ }
+++
+++ if (optind < argc) {
+++ log_error("Extraneous arguments");
+++ return -EINVAL;
+++ }
+++
+++ return 1;
+++}
+++
+++int main(int argc, char *argv[]) {
+++ _cleanup_(manager_freep) Manager *m = NULL;
+++ int fd = -1;
+++ int r, n;
+++
+++ log_set_target(LOG_TARGET_AUTO);
+++ log_parse_environment();
+++ log_open();
+++ init_gettext();
+++
+++ r = parse_argv(argc, argv);
+++ if (r <= 0)
+++ goto finish;
+++
+++ n = sd_listen_fds(0);
+++ if (n > 1) {
+++ log_error("Too many file descriptors received.");
+++ r = -EINVAL;
+++ goto finish;
+++ } else if (n == 1)
+++ fd = SD_LISTEN_FDS_START + 0;
+++ else {
+++ fd = make_socket_fd(LOG_DEBUG, FSCKD_SOCKET_PATH, SOCK_STREAM, SOCK_CLOEXEC);
+++ if (fd < 0) {
+++ r = log_error_errno(fd, "Couldn't create listening socket fd on %s: %m", FSCKD_SOCKET_PATH);
+++ goto finish;
+++ }
+++ }
+++
+++ r = manager_new(&m, fd);
+++ if (r < 0) {
+++ log_error_errno(r, "Failed to allocate manager: %m");
+++ goto finish;
+++ }
+++
+++ r = run_event_loop_with_timeout(m, IDLE_TIME_SECONDS * USEC_PER_SEC);
+++ if (r < 0) {
+++ log_error_errno(r, "Failed to run event loop: %m");
+++ goto finish;
+++ }
+++
+++ sd_event_get_exit_code(m->event, &r);
+++
+++finish:
+++ return r < 0 ? EXIT_FAILURE : EXIT_SUCCESS;
+++}
++diff --git a/units/meson.build b/units/meson.build
++index e4ac6ce..5c13ec6 100644
++--- a/units/meson.build
+++++ b/units/meson.build
++@@ -85,6 +85,7 @@ units = [
++ 'multi-user.target.wants/'],
++ ['systemd-coredump.socket', 'ENABLE_COREDUMP',
++ 'sockets.target.wants/'],
+++ ['systemd-fsckd.socket', ''],
++ ['systemd-initctl.socket', '',
++ 'sockets.target.wants/'],
++ ['systemd-journal-gatewayd.socket', 'ENABLE_REMOTE HAVE_MICROHTTPD'],
++@@ -138,6 +139,7 @@ in_units = [
++ 'sysinit.target.wants/'],
++ ['systemd-fsck-root.service', ''],
++ ['systemd-fsck@.service', ''],
+++ ['systemd-fsckd.service', ''],
++ ['systemd-halt.service', ''],
++ ['systemd-hibernate-resume@.service', 'ENABLE_HIBERNATE'],
++ ['systemd-hibernate.service', 'ENABLE_HIBERNATE'],
++diff --git a/units/systemd-fsck-root.service.in b/units/systemd-fsck-root.service.in
++index 25aca19..3cc60e5 100644
++--- a/units/systemd-fsck-root.service.in
+++++ b/units/systemd-fsck-root.service.in
++@@ -11,7 +11,9 @@
++ Description=File System Check on Root Device
++ Documentation=man:systemd-fsck-root.service(8)
++ DefaultDependencies=no
+++Wants=systemd-fsckd.socket
++ Before=local-fs.target shutdown.target
+++After=systemd-fsckd.socket
++ ConditionPathIsReadWrite=!/
++
++ [Service]
++diff --git a/units/systemd-fsck@.service.in b/units/systemd-fsck@.service.in
++index 078edcc..b254476 100644
++--- a/units/systemd-fsck@.service.in
+++++ b/units/systemd-fsck@.service.in
++@@ -12,7 +12,8 @@ Description=File System Check on %f
++ Documentation=man:systemd-fsck@.service(8)
++ DefaultDependencies=no
++ BindsTo=%i.device
++-After=%i.device systemd-fsck-root.service local-fs-pre.target
+++Wants=systemd-fsckd.socket
+++After=%i.device systemd-fsck-root.service local-fs-pre.target systemd-fsckd.socket
++ Before=systemd-quotacheck.service shutdown.target
++
++ [Service]
++diff --git a/units/systemd-fsckd.service.in b/units/systemd-fsckd.service.in
++new file mode 100644
++index 0000000..9c7ed51
++--- /dev/null
+++++ b/units/systemd-fsckd.service.in
++@@ -0,0 +1,17 @@
+++# This file is part of systemd.
+++#
+++# systemd is free software; you can redistribute it and/or modify it
+++# under the terms of the GNU Lesser General Public License as published by
+++# the Free Software Foundation; either version 2.1 of the License, or
+++# (at your option) any later version.
+++
+++[Unit]
+++Description=File System Check Daemon to report status
+++Documentation=man:systemd-fsckd.service(8)
+++DefaultDependencies=no
+++Requires=systemd-fsckd.socket
+++Before=shutdown.target
+++
+++[Service]
+++ExecStart=@rootlibexecdir@/systemd-fsckd
+++StandardOutput=journal+console
++diff --git a/units/systemd-fsckd.socket b/units/systemd-fsckd.socket
++new file mode 100644
++index 0000000..61fec97
++--- /dev/null
+++++ b/units/systemd-fsckd.socket
++@@ -0,0 +1,15 @@
+++# This file is part of systemd.
+++#
+++# systemd is free software; you can redistribute it and/or modify it
+++# under the terms of the GNU Lesser General Public License as published by
+++# the Free Software Foundation; either version 2.1 of the License, or
+++# (at your option) any later version.
+++
+++[Unit]
+++Description=fsck to fsckd communication Socket
+++Documentation=man:systemd-fsckd.service(8) man:systemd-fsck@.service(8) man:systemd-fsck-root.service(8)
+++DefaultDependencies=no
+++
+++[Socket]
+++ListenStream=/run/systemd/fsck.progress
+++SocketMode=0600
--- /dev/null
--- /dev/null
++From: Lennart Poettering <lennart@poettering.net>
++Date: Fri, 19 Oct 2018 12:12:33 +0200
++Subject: dhcp6: make sure we have enough space for the DHCP6 option header
++
++Fixes a vulnerability originally discovered by Felix Wilhelm from
++Google.
++
++CVE-2018-15688
++LP: #1795921
++https://bugzilla.redhat.com/show_bug.cgi?id=1639067
++
++(cherry picked from commit 4dac5eaba4e419b29c97da38a8b1f82336c2c892)
++---
++ src/libsystemd-network/dhcp6-option.c | 2 +-
++ 1 file changed, 1 insertion(+), 1 deletion(-)
++
++diff --git a/src/libsystemd-network/dhcp6-option.c b/src/libsystemd-network/dhcp6-option.c
++index 18196b1..0979497 100644
++--- a/src/libsystemd-network/dhcp6-option.c
+++++ b/src/libsystemd-network/dhcp6-option.c
++@@ -103,7 +103,7 @@ int dhcp6_option_append_ia(uint8_t **buf, size_t *buflen, DHCP6IA *ia) {
++ return -EINVAL;
++ }
++
++- if (*buflen < len)
+++ if (*buflen < offsetof(DHCP6Option, data) + len)
++ return -ENOBUFS;
++
++ ia_hdr = *buf;
--- /dev/null
--- /dev/null
++From: Lennart Poettering <lennart@poettering.net>
++Date: Mon, 12 Nov 2018 23:40:09 +0100
++Subject: machined: when reading os-release file, join PID namespace too
++
++This is required for /proc/self/fd/xyz to work, but that's what we need
++to convert the O_PATH fd returned by chase_symlinks() back to a regular
++file fd. Hence, let's do the joining of the namespaces fully and
++correctly, by doing fork()+setns()+fork() with the PID and fs
++namespaces.
++
++This makes use of the new namespace_fork() helper we just added.
++
++Fixes: #10549
++(cherry picked from commit 2bb21fc9288100e12f3dc1a0ede1e8487f7f5223)
++---
++ src/machine/machine-dbus.c | 14 ++++++--------
++ 1 file changed, 6 insertions(+), 8 deletions(-)
++
++diff --git a/src/machine/machine-dbus.c b/src/machine/machine-dbus.c
++index 7f41465..9035e50 100644
++--- a/src/machine/machine-dbus.c
+++++ b/src/machine/machine-dbus.c
++@@ -333,19 +333,21 @@ int bus_machine_method_get_os_release(sd_bus_message *message, void *userdata, s
++ break;
++
++ case MACHINE_CONTAINER: {
++- _cleanup_close_ int mntns_fd = -1, root_fd = -1;
+++ _cleanup_close_ int mntns_fd = -1, root_fd = -1, pidns_fd = -1;
++ _cleanup_close_pair_ int pair[2] = { -1, -1 };
++ _cleanup_fclose_ FILE *f = NULL;
++ pid_t child;
++
++- r = namespace_open(m->leader, NULL, &mntns_fd, NULL, NULL, &root_fd);
+++ r = namespace_open(m->leader, &pidns_fd, &mntns_fd, NULL, NULL, &root_fd);
++ if (r < 0)
++ return r;
++
++ if (socketpair(AF_UNIX, SOCK_SEQPACKET, 0, pair) < 0)
++ return -errno;
++
++- r = safe_fork("(sd-osrel)", FORK_RESET_SIGNALS|FORK_DEATHSIG, &child);
+++ r = namespace_fork("(sd-osrelns)", "(sd-osrel)", NULL, 0, FORK_RESET_SIGNALS|FORK_DEATHSIG,
+++ pidns_fd, mntns_fd, -1, -1, root_fd,
+++ &child);
++ if (r < 0)
++ return sd_bus_error_set_errnof(error, r, "Failed to fork(): %m");
++ if (r == 0) {
++@@ -353,10 +355,6 @@ int bus_machine_method_get_os_release(sd_bus_message *message, void *userdata, s
++
++ pair[0] = safe_close(pair[0]);
++
++- r = namespace_enter(-1, mntns_fd, -1, -1, root_fd);
++- if (r < 0)
++- _exit(EXIT_FAILURE);
++-
++ r = open_os_release(NULL, NULL, &fd);
++ if (r == -ENOENT)
++ _exit(EXIT_NOT_FOUND);
++@@ -382,7 +380,7 @@ int bus_machine_method_get_os_release(sd_bus_message *message, void *userdata, s
++ if (r < 0)
++ return r;
++
++- r = wait_for_terminate_and_check("(sd-osrel)", child, 0);
+++ r = wait_for_terminate_and_check("(sd-osrelns)", child, 0);
++ if (r < 0)
++ return sd_bus_error_set_errnof(error, r, "Failed to wait for child: %m");
++ if (r == EXIT_NOT_FOUND)
--- /dev/null
--- /dev/null
++From: Mike Gilbert <floppym@gentoo.org>
++Date: Sun, 30 Sep 2018 16:18:43 -0400
++Subject: meson: avoid calling the shell to resolve efi_libdir
++
++(cherry picked from commit 5f723125aece111f1990f9ff6d3572fb2509ad19)
++---
++ src/boot/efi/meson.build | 9 ++++++---
++ 1 file changed, 6 insertions(+), 3 deletions(-)
++
++diff --git a/src/boot/efi/meson.build b/src/boot/efi/meson.build
++index 04ca02f..77b311b 100644
++--- a/src/boot/efi/meson.build
+++++ b/src/boot/efi/meson.build
++@@ -57,10 +57,13 @@ if conf.get('ENABLE_EFI') == 1 and get_option('gnu-efi') != 'false'
++
++ efi_libdir = get_option('efi-libdir')
++ if efi_libdir == ''
++- cmd = 'cd /usr/lib/$(@0@ -print-multi-os-directory) && pwd'.format(' '.join(efi_cc))
++- ret = run_command('sh', '-c', cmd)
+++ ret = run_command(efi_cc + ['-print-multi-os-directory'])
++ if ret.returncode() == 0
++- efi_libdir = ret.stdout().strip()
+++ path = join_paths('/usr/lib', ret.stdout().strip())
+++ ret = run_command('realpath', '-e', path)
+++ if ret.returncode() == 0
+++ efi_libdir = ret.stdout().strip()
+++ endif
++ endif
++ endif
++
--- /dev/null
--- /dev/null
++From: =?utf-8?q?Zbigniew_J=C4=99drzejewski-Szmek?= <zbyszek@in.waw.pl>
++Date: Sun, 19 Aug 2018 19:11:30 +0200
++Subject: meson: rename -Ddebug to -Ddebug-extra
++
++Meson added -Doptimization and -Ddebug options, which obviously causes
++a conflict with our -Ddebug options. Let's rename it.
++
++Fixes #9883.
++
++(cherry picked from commit 8f6b442a78d0b485f044742ad90b2e8271b4e68e)
++---
++ meson.build | 2 +-
++ meson_options.txt | 2 +-
++ 2 files changed, 2 insertions(+), 2 deletions(-)
++
++diff --git a/meson.build b/meson.build
++index 88a470a..1d864e3 100644
++--- a/meson.build
+++++ b/meson.build
++@@ -765,7 +765,7 @@ substs.set('DEBUGTTY', get_option('debug-tty'))
++
++ enable_debug_hashmap = false
++ enable_debug_mmap_cache = false
++-foreach name : get_option('debug')
+++foreach name : get_option('debug-extra')
++ if name == 'hashmap'
++ enable_debug_hashmap = true
++ elif name == 'mmap-cache'
++diff --git a/meson_options.txt b/meson_options.txt
++index 16c1f2b..dc7951b 100644
++--- a/meson_options.txt
+++++ b/meson_options.txt
++@@ -46,7 +46,7 @@ option('debug-shell', type : 'string', value : '/bin/sh',
++ description : 'path to debug shell binary')
++ option('debug-tty', type : 'string', value : '/dev/tty9',
++ description : 'specify the tty device for debug shell')
++-option('debug', type : 'array', choices : ['hashmap', 'mmap-cache'], value : [],
+++option('debug-extra', type : 'array', choices : ['hashmap', 'mmap-cache'], value : [],
++ description : 'enable extra debugging')
++ option('memory-accounting-default', type : 'boolean',
++ description : 'enable MemoryAccounting= by default')
--- /dev/null
--- /dev/null
++From: Mike Gilbert <floppym@gentoo.org>
++Date: Sun, 30 Sep 2018 15:41:41 -0400
++Subject: meson: use an array option for efi-cc
++
++Fixes: https://github.com/systemd/systemd/issues/10211
++(cherry picked from commit 595343fb4c99c2679d347ef7c19debfbfed6342e)
++---
++ meson_options.txt | 2 +-
++ src/boot/efi/meson.build | 10 +++++-----
++ 2 files changed, 6 insertions(+), 6 deletions(-)
++
++diff --git a/meson_options.txt b/meson_options.txt
++index 8f9cfd9..1b78cf0 100644
++--- a/meson_options.txt
+++++ b/meson_options.txt
++@@ -278,7 +278,7 @@ option('dbus', type : 'combo', choices : ['auto', 'true', 'false'],
++
++ option('gnu-efi', type : 'combo', choices : ['auto', 'true', 'false'],
++ description : 'gnu-efi support for sd-boot')
++-option('efi-cc', type : 'string',
+++option('efi-cc', type : 'array',
++ description : 'the compiler to use for EFI modules')
++ option('efi-ld', type : 'string',
++ description : 'the linker to use for EFI modules')
++diff --git a/src/boot/efi/meson.build b/src/boot/efi/meson.build
++index db47bb7..04ca02f 100644
++--- a/src/boot/efi/meson.build
+++++ b/src/boot/efi/meson.build
++@@ -34,8 +34,8 @@ stub_sources = '''
++
++ if conf.get('ENABLE_EFI') == 1 and get_option('gnu-efi') != 'false'
++ efi_cc = get_option('efi-cc')
++- if efi_cc == ''
++- efi_cc = ' '.join(cc.cmd_array())
+++ if efi_cc.length() == 0
+++ efi_cc = cc.cmd_array()
++ endif
++ efi_ld = get_option('efi-ld')
++ if efi_ld == ''
++@@ -57,7 +57,7 @@ if conf.get('ENABLE_EFI') == 1 and get_option('gnu-efi') != 'false'
++
++ efi_libdir = get_option('efi-libdir')
++ if efi_libdir == ''
++- cmd = 'cd /usr/lib/$(@0@ -print-multi-os-directory) && pwd'.format(efi_cc)
+++ cmd = 'cd /usr/lib/$(@0@ -print-multi-os-directory) && pwd'.format(' '.join(efi_cc))
++ ret = run_command('sh', '-c', cmd)
++ if ret.returncode() == 0
++ efi_libdir = ret.stdout().strip()
++@@ -153,7 +153,7 @@ if have_gnu_efi
++ o_file = custom_target(file + '.o',
++ input : file,
++ output : file + '.o',
++- command : [efi_cc, '-c', '@INPUT@', '-o', '@OUTPUT@']
+++ command : efi_cc + ['-c', '@INPUT@', '-o', '@OUTPUT@']
++ + compile_args,
++ depend_files : efi_headers)
++ if (common_sources + systemd_boot_sources).contains(file)
++@@ -164,7 +164,7 @@ if have_gnu_efi
++ endif
++ endforeach
++
++- libgcc_file_name = run_command(efi_cc, '-print-libgcc-file-name').stdout().strip()
+++ libgcc_file_name = run_command(efi_cc + ['-print-libgcc-file-name']).stdout().strip()
++ systemd_boot_efi_name = 'systemd-boot@0@.efi'.format(EFI_MACHINE_TYPE_NAME)
++ stub_efi_name = 'linux@0@.efi.stub'.format(EFI_MACHINE_TYPE_NAME)
++ no_undefined_symbols = find_program('no-undefined-symbols.sh')
--- /dev/null
--- /dev/null
++From: Helmut Grohne <helmut@subdivi.de>
++Date: Thu, 27 Sep 2018 17:17:37 +0200
++Subject: meson: use the host architecture compiler/linker for src/boot/efi
++
++cross building systemd to arm64 presently fails, because the build
++system uses plain gcc and plain ld (build architecture compiler and
++linker respectively) for building src/boot/efi. These values come from
++the efi-cc and efi-ld options respectively. It rather should be using
++host tools here.
++
++Fixes: b710072da441 ("add support for building efi modules")
++(cherry picked from commit df7cacae696ae3c1d13d2f9a4db24815e07e29a1)
++---
++ meson_options.txt | 4 ++--
++ src/boot/efi/meson.build | 6 ++++++
++ 2 files changed, 8 insertions(+), 2 deletions(-)
++
++diff --git a/meson_options.txt b/meson_options.txt
++index dc7951b..8f9cfd9 100644
++--- a/meson_options.txt
+++++ b/meson_options.txt
++@@ -278,9 +278,9 @@ option('dbus', type : 'combo', choices : ['auto', 'true', 'false'],
++
++ option('gnu-efi', type : 'combo', choices : ['auto', 'true', 'false'],
++ description : 'gnu-efi support for sd-boot')
++-option('efi-cc', type : 'string', value : 'gcc',
+++option('efi-cc', type : 'string',
++ description : 'the compiler to use for EFI modules')
++-option('efi-ld', type : 'string', value : 'ld',
+++option('efi-ld', type : 'string',
++ description : 'the linker to use for EFI modules')
++ option('efi-libdir', type : 'string',
++ description : 'path to the EFI lib directory')
++diff --git a/src/boot/efi/meson.build b/src/boot/efi/meson.build
++index 8ec1fa7..db47bb7 100644
++--- a/src/boot/efi/meson.build
+++++ b/src/boot/efi/meson.build
++@@ -34,7 +34,13 @@ stub_sources = '''
++
++ if conf.get('ENABLE_EFI') == 1 and get_option('gnu-efi') != 'false'
++ efi_cc = get_option('efi-cc')
+++ if efi_cc == ''
+++ efi_cc = ' '.join(cc.cmd_array())
+++ endif
++ efi_ld = get_option('efi-ld')
+++ if efi_ld == ''
+++ efi_ld = find_program('ld', required: true)
+++ endif
++ efi_incdir = get_option('efi-includedir')
++
++ gnu_efi_path_arch = ''
--- /dev/null
--- /dev/null
++From: Dave Reisner <dreisner@archlinux.org>
++Date: Sat, 7 Jul 2018 05:39:01 -0400
++Subject: network/link: Fix logic error in matching devices by MAC
++
++Prior to this commit, a .link file with a [Match] section containing
++MACAddress= would match any device without a MAC. This restores the
++matching logic prior to e90d037.
++
++(cherry picked from commit 25ea58d37385af27301b7ad25e985eb15f421614)
++---
++ src/libsystemd-network/network-internal.c | 2 +-
++ 1 file changed, 1 insertion(+), 1 deletion(-)
++
++diff --git a/src/libsystemd-network/network-internal.c b/src/libsystemd-network/network-internal.c
++index 0849b44..9d16d6c 100644
++--- a/src/libsystemd-network/network-internal.c
+++++ b/src/libsystemd-network/network-internal.c
++@@ -124,7 +124,7 @@ bool net_match_config(Set *match_mac,
++ if (match_arch && condition_test(match_arch) <= 0)
++ return false;
++
++- if (match_mac && dev_mac && !set_contains(match_mac, dev_mac))
+++ if (match_mac && (!dev_mac || !set_contains(match_mac, dev_mac)))
++ return false;
++
++ if (!net_condition_test_strv(match_paths, dev_path))
--- /dev/null
--- /dev/null
++From: Lennart Poettering <lennart@poettering.net>
++Date: Mon, 19 Nov 2018 11:39:45 +0100
++Subject: pam_systemd: suppress LOG_DEBUG log messages if debugging is off
++
++In the PAM module we need to suppress LOG_DEBUG messages manually, if
++debug logging is not on, as PAM won't do this for us. We did this
++correctly for most log messages already, but two were missing. Let's fix
++those too.
++
++Fixes: #10822
++(cherry picked from commit 2675747f3cdd6f1e6236bbb2f79abfa53fb307f1)
++---
++ src/login/pam_systemd.c | 6 ++++--
++ 1 file changed, 4 insertions(+), 2 deletions(-)
++
++diff --git a/src/login/pam_systemd.c b/src/login/pam_systemd.c
++index 1fbf6ba..ebd3525 100644
++--- a/src/login/pam_systemd.c
+++++ b/src/login/pam_systemd.c
++@@ -417,7 +417,8 @@ _public_ PAM_EXTERN int pam_sm_open_session(
++ }
++
++ if (seat && !streq(seat, "seat0") && vtnr != 0) {
++- pam_syslog(handle, LOG_DEBUG, "Ignoring vtnr %"PRIu32" for %s which is not seat0", vtnr, seat);
+++ if (debug)
+++ pam_syslog(handle, LOG_DEBUG, "Ignoring vtnr %"PRIu32" for %s which is not seat0", vtnr, seat);
++ vtnr = 0;
++ }
++
++@@ -518,7 +519,8 @@ _public_ PAM_EXTERN int pam_sm_open_session(
++ r = sd_bus_call(bus, m, 0, &error, &reply);
++ if (r < 0) {
++ if (sd_bus_error_has_name(&error, BUS_ERROR_SESSION_BUSY)) {
++- pam_syslog(handle, LOG_DEBUG, "Cannot create session: %s", bus_error_message(&error, r));
+++ if (debug)
+++ pam_syslog(handle, LOG_DEBUG, "Cannot create session: %s", bus_error_message(&error, r));
++ return PAM_SUCCESS;
++ } else {
++ pam_syslog(handle, LOG_ERR, "Failed to create session: %s", bus_error_message(&error, r));
--- /dev/null
--- /dev/null
++From: Lennart Poettering <lennart@poettering.net>
++Date: Mon, 12 Nov 2018 23:39:01 +0100
++Subject: sd-bus: port over to namespace_fork()
++
++This is pretty similar code, let's replace it with the generic
++namespace_fork() implementation.
++
++(cherry picked from commit 0a885dd055d30200021f7de188e2228c4d824518)
++---
++ src/libsystemd/sd-bus/bus-container.c | 42 ++++++++---------------------------
++ 1 file changed, 9 insertions(+), 33 deletions(-)
++
++diff --git a/src/libsystemd/sd-bus/bus-container.c b/src/libsystemd/sd-bus/bus-container.c
++index f50274a..362f599 100644
++--- a/src/libsystemd/sd-bus/bus-container.c
+++++ b/src/libsystemd/sd-bus/bus-container.c
++@@ -47,51 +47,27 @@ int bus_container_connect_socket(sd_bus *b) {
++ if (socketpair(AF_UNIX, SOCK_SEQPACKET, 0, pair) < 0)
++ return -errno;
++
++- r = safe_fork("(sd-buscntr)", FORK_RESET_SIGNALS|FORK_DEATHSIG, &child);
+++ r = namespace_fork("(sd-buscntrns)", "(sd-buscntr)", NULL, 0, FORK_RESET_SIGNALS|FORK_DEATHSIG,
+++ pidnsfd, mntnsfd, -1, usernsfd, rootfd, &child);
++ if (r < 0)
++ return r;
++ if (r == 0) {
++- pid_t grandchild;
++-
++ pair[0] = safe_close(pair[0]);
++
++- r = namespace_enter(pidnsfd, mntnsfd, -1, usernsfd, rootfd);
++- if (r < 0)
++- _exit(EXIT_FAILURE);
++-
++- /* We just changed PID namespace, however it will only
++- * take effect on the children we now fork. Hence,
++- * let's fork another time, and connect from this
++- * grandchild, so that SO_PEERCRED of our connection
++- * comes from a process from within the container, and
++- * not outside of it */
++-
++- r = safe_fork("(sd-buscntr2)", FORK_RESET_SIGNALS|FORK_DEATHSIG, &grandchild);
++- if (r < 0)
+++ r = connect(b->input_fd, &b->sockaddr.sa, b->sockaddr_size);
+++ if (r < 0) {
+++ /* Try to send error up */
+++ error_buf = errno;
+++ (void) write(pair[1], &error_buf, sizeof(error_buf));
++ _exit(EXIT_FAILURE);
++- if (r == 0) {
++-
++- r = connect(b->input_fd, &b->sockaddr.sa, b->sockaddr_size);
++- if (r < 0) {
++- /* Try to send error up */
++- error_buf = errno;
++- (void) write(pair[1], &error_buf, sizeof(error_buf));
++- _exit(EXIT_FAILURE);
++- }
++-
++- _exit(EXIT_SUCCESS);
++ }
++
++- r = wait_for_terminate_and_check("(sd-buscntr2)", grandchild, 0);
++- if (r < 0)
++- _exit(EXIT_FAILURE);
++-
++- _exit(r);
+++ _exit(EXIT_SUCCESS);
++ }
++
++ pair[1] = safe_close(pair[1]);
++
++- r = wait_for_terminate_and_check("(sd-buscntr)", child, 0);
+++ r = wait_for_terminate_and_check("(sd-buscntrns)", child, 0);
++ if (r < 0)
++ return r;
++ if (r != EXIT_SUCCESS)
--- /dev/null
--- /dev/null
++sleep-fix-printf-format-of-fiemap-fields.patch
++timesync-changes-type-of-drift_freq-to-int64_t.patch
++sleep-fix-one-more-printf-format-of-a-fiemap-field.patch
++basic-add-missing-comma-in-raw_clone-assembly-for-sparc.patch
++bus-util-make-log-level-lower-in-request_name_destroy_cal.patch
++tmpfiles-specify-access-mode-for-run-systemd-netif.patch
++test-fix-networkd-test.py-rate-limiting-and-dynamic-user.patch
++sysusers-tmpfiles-re-create-systemd-network-systemd-resol.patch
++test-Drop-SKIP_INITRD-for-QEMU-based-tests.patch
++network-link-Fix-logic-error-in-matching-devices-by-MAC.patch
++Re-add-uaccess-tag-for-dev-kvm.patch
++Do-not-apply-uaccess-tag-for-dev-kvm-if-mode-is-0666.patch
++timedate-increment-reference-count-of-sd_bus_message.patch
++timedate-defer-the-property-changed-signal-until-job-of-s.patch
++user-runtime-dir-fix-selinux-regression.patch
++core-fix-gid-when-DynamicUser-yes-with-static-User.patch
++test-introduce-test_is_running_from_builddir.patch
++test-make-test-catalog-relocatable.patch
++test-remove-support-for-suffix-in-get_testdata_dir.patch
++test-use-builddir-systemd-runtest.env-to-set-SYSTEMD_TEST.patch
++test-use-builddir-systemd-runtest.env-for-SYSTEMD_CATALOG.patch
++meson-rename-Ddebug-to-Ddebug-extra.patch
++dhcp6-make-sure-we-have-enough-space-for-the-DHCP6-option.patch
++chown-recursive-let-s-rework-the-recursive-logic-to-use-O.patch
++chown-recursive-also-drop-ACLs-when-recursively-chown-ing.patch
++chown-recursive-TAKE_FD-is-your-friend.patch
++core-when-deserializing-state-always-use-read_line-LONG_L.patch
++meson-use-the-host-architecture-compiler-linker-for-src-b.patch
++meson-use-an-array-option-for-efi-cc.patch
++meson-avoid-calling-the-shell-to-resolve-efi_libdir.patch
++systemd-do-not-pass-.wants-fragment-path-to-manager_load_.patch
++core-add-namespace_fork-helper-that-forks-joins-a-set-of-.patch
++sd-bus-port-over-to-namespace_fork.patch
++machined-when-reading-os-release-file-join-PID-namespace-.patch
++tree-wide-port-over-other-candidates-for-namespace_fork.patch
++pam_systemd-suppress-LOG_DEBUG-log-messages-if-debugging-.patch
++debian/Use-Debian-specific-config-files.patch
++debian/Bring-tmpfiles.d-tmp.conf-in-line-with-Debian-defaul.patch
++debian/Make-run-lock-tmpfs-an-API-fs.patch
++debian/Revert-udev-network-device-renaming-immediately-give.patch
++debian/Add-support-for-TuxOnIce-hibernation.patch
++debian/Re-enable-journal-forwarding-to-syslog.patch
++debian/Don-t-enable-audit-by-default.patch
++debian/Only-start-logind-if-dbus-is-installed.patch
++debian/fsckd-daemon-for-inter-fsckd-communication.patch
++debian/Skip-filesystem-check-if-already-done-by-the-initram.patch
++debian/Revert-core-one-step-back-again-for-nspawn-we-actual.patch
++debian/Revert-core-set-RLIMIT_CORE-to-unlimited-by-default.patch
++debian/Revert-core-enable-TasksMax-for-all-services-by-default-a.patch
++debian/Let-graphical-session-pre.target-be-manually-started.patch
++debian/Add-env-variable-for-machine-ID-path.patch
++debian/Revert-udev-rules-Permission-changes-for-dev-dri-renderD.patch
++debian/Revert-systemctl-when-removing-enablement-or-mask-symlink.patch
++debian/Drop-seccomp-system-call-filter-for-udev.patch
--- /dev/null
--- /dev/null
++From: Filipe Brandenburger <filbranden@google.com>
++Date: Wed, 27 Jun 2018 09:19:33 -0700
++Subject: sleep: fix one more printf format of a fiemap field
++
++Use PRIu64 constant to get the format right on LP-64 architectures,
++cast to (uint64_t) to solve incompatibility of __u64.
++
++This was missed in ad4bc3352285f467f4ffa03c3171b19fa0a8758d, so fix it
++with this follow up.
++
++(cherry picked from commit d7af62d52cd3b58c5fe7d410e907e01fed71c02e)
++---
++ src/test/test-sleep.c | 4 ++--
++ 1 file changed, 2 insertions(+), 2 deletions(-)
++
++diff --git a/src/test/test-sleep.c b/src/test/test-sleep.c
++index acfcf6a..a8ad302 100644
++--- a/src/test/test-sleep.c
+++++ b/src/test/test-sleep.c
++@@ -39,8 +39,8 @@ static int test_fiemap(const char *path) {
++ log_info("\t number of mapped extents: %" PRIu32, fiemap->fm_mapped_extents);
++ log_info("\t extent count: %" PRIu32, fiemap->fm_extent_count);
++ if (fiemap->fm_extent_count > 0)
++- log_info("\t first extent location: %llu",
++- fiemap->fm_extents[0].fe_physical / page_size());
+++ log_info("\t first extent location: %" PRIu64,
+++ (uint64_t) (fiemap->fm_extents[0].fe_physical / page_size()));
++
++ return 0;
++ }
--- /dev/null
--- /dev/null
++From: Filipe Brandenburger <filbranden@google.com>
++Date: Tue, 26 Jun 2018 09:43:49 -0700
++Subject: sleep: fix printf format of fiemap fields
++
++Use PRIu64 and PRIu32 constants to also get the format right on LP-64
++architectures.
++
++For the 64-bit fields, we need a cast to (uint64_t), since __u64 is
++defined as a `long long unsigned` and PRIu64 expects a `long unsigned`.
++In practice, both are the same, so the cast should be OK.
++
++(cherry picked from commit ad4bc3352285f467f4ffa03c3171b19fa0a8758d)
++---
++ src/test/test-sleep.c | 11 ++++++-----
++ 1 file changed, 6 insertions(+), 5 deletions(-)
++
++diff --git a/src/test/test-sleep.c b/src/test/test-sleep.c
++index 5286442..acfcf6a 100644
++--- a/src/test/test-sleep.c
+++++ b/src/test/test-sleep.c
++@@ -1,5 +1,6 @@
++ /* SPDX-License-Identifier: LGPL-2.1+ */
++
+++#include <inttypes.h>
++ #include <linux/fiemap.h>
++ #include <stdio.h>
++
++@@ -32,11 +33,11 @@ static int test_fiemap(const char *path) {
++ if (r < 0)
++ return log_error_errno(r, "Unable to read extent map for '%s': %m", path);
++ log_info("extent map information for %s:", path);
++- log_info("\t start: %llu", fiemap->fm_start);
++- log_info("\t length: %llu", fiemap->fm_length);
++- log_info("\t flags: %u", fiemap->fm_flags);
++- log_info("\t number of mapped extents: %u", fiemap->fm_mapped_extents);
++- log_info("\t extent count: %u", fiemap->fm_extent_count);
+++ log_info("\t start: %" PRIu64, (uint64_t) fiemap->fm_start);
+++ log_info("\t length: %" PRIu64, (uint64_t) fiemap->fm_length);
+++ log_info("\t flags: %" PRIu32, fiemap->fm_flags);
+++ log_info("\t number of mapped extents: %" PRIu32, fiemap->fm_mapped_extents);
+++ log_info("\t extent count: %" PRIu32, fiemap->fm_extent_count);
++ if (fiemap->fm_extent_count > 0)
++ log_info("\t first extent location: %llu",
++ fiemap->fm_extents[0].fe_physical / page_size());
--- /dev/null
--- /dev/null
++From: =?utf-8?q?Zbigniew_J=C4=99drzejewski-Szmek?= <zbyszek@in.waw.pl>
++Date: Sat, 15 Sep 2018 19:43:58 +0200
++Subject: systemd: do not pass .wants fragment path to manager_load_unit
++
++When loading units, sometimes we'd first encounter a unit from .wants or
++.requires directory. A typical case would be when multi-user.target.wants/
++contains a symlink to some unit. We would prepare to load this unit using
++/etc/systemd/system/multi-user.target.wants/foo.service as the fragment
++path. This is always wrong. Instead, let's use NULL as the path and let
++manager_load_unit() figure out the path on its own.
++
++Fixes #9921.
++
++ path=0x5625ed9b01a0 "/usr/lib/systemd/system/local-fs.target.wants/systemd-remount-fs.service", e=0x0,
++ _ret=0x7ffe64645000) at ../src/core/manager.c:1887
++ name=0x5625ed9b01ce "systemd-remount-fs.service",
++ path=0x5625ed9b01a0 "/usr/lib/systemd/system/local-fs.target.wants/systemd-remount-fs.service", e=0x0,
++ _ret=0x7ffe64645000) at ../src/core/manager.c:1961
++ name=0x5625ed9b01ce "systemd-remount-fs.service",
++ path=0x5625ed9b01a0 "/usr/lib/systemd/system/local-fs.target.wants/systemd-remount-fs.service",
++ add_reference=true, mask=UNIT_DEPENDENCY_FILE) at ../src/core/unit.c:2946
++ dir_suffix=0x5625ebb179ed ".wants") at ../src/core/load-dropin.c:95
++ path=0x0, e=0x0, _ret=0x7ffe646452c0) at ../src/core/manager.c:1965
++ name=0x5625ebb186f8 "local-fs.target", path=0x0, add_reference=true,
++ mask=UNIT_DEPENDENCY_MOUNTINFO_IMPLICIT) at ../src/core/unit.c:2946
++ where=0x5625ed9b3cc0 "/tmp", options=0x5625ed947110 "rw,nosuid,nodev,seclabel",
++ fstype=0x5625ed95be90 "tmpfs", flags=0x7ffe64645395) at ../src/core/mount.c:1439
++ where=0x5625ed9b3cc0 "/tmp", options=0x5625ed947110 "rw,nosuid,nodev,seclabel",
++ fstype=0x5625ed95be90 "tmpfs", set_flags=false) at ../src/core/mount.c:1567
++ at ../src/core/mount.c:1635
++ ret_retval=0x7ffe64645660, ret_shutdown_verb=0x7ffe646456c0, ret_fds=0x7ffe646456d8,
++ ret_switch_root_dir=0x7ffe646456b0, ret_switch_root_init=0x7ffe646456b8,
++ ret_error_message=0x7ffe646456c8) at ../src/core/main.c:1669
++
++(cherry picked from commit 0c062fd3eb3988822ffcf1f87c45f7c168fe92ef)
++---
++ src/core/load-dropin.c | 2 +-
++ 1 file changed, 1 insertion(+), 1 deletion(-)
++
++diff --git a/src/core/load-dropin.c b/src/core/load-dropin.c
++index 4b422cc..83b3b7d 100644
++--- a/src/core/load-dropin.c
+++++ b/src/core/load-dropin.c
++@@ -92,7 +92,7 @@ static int process_deps(Unit *u, UnitDependency dependency, const char *dir_suff
++ log_unit_warning(u, "%s dependency dropin %s target %s has different name",
++ unit_dependency_to_string(dependency), *p, target);
++
++- r = unit_add_dependency_by_name(u, dependency, entry, *p, true, UNIT_DEPENDENCY_FILE);
+++ r = unit_add_dependency_by_name(u, dependency, entry, NULL, true, UNIT_DEPENDENCY_FILE);
++ if (r < 0)
++ log_unit_warning_errno(u, r, "Cannot add %s dependency on %s, ignoring: %m",
++ unit_dependency_to_string(dependency), entry);
--- /dev/null
--- /dev/null
++From: Yu Watanabe <watanabe.yu+github@gmail.com>
++Date: Sun, 15 Jul 2018 22:31:37 +0900
++Subject: sysusers,tmpfiles: re-create systemd-network,
++ systemd-resolve and systemd-timesync
++
++This partially reverts d4e9e574ea0b5d23598a317e68399584d229568b,
++0187368cadea183e18c6d575a9d6b7f491a402af, and
++4240cb02fda90ba11dfc0114201e42691132c6a9.
++The services systemd-networkd, systemd-resolved, and systemd-timesyncd
++enable DynamicUsers= and have bus interfaces. Unfortunately, these
++has many problems now. Let us create the relevant users, at least,
++tentatively.
++
++Fixes #9503.
++
++(cherry picked from commit 5b5d82615011b9827466b7cd5756da35627a1608)
++---
++ sysusers.d/systemd.conf.m4 | 9 +++++++++
++ tmpfiles.d/systemd.conf.m4 | 6 +++---
++ 2 files changed, 12 insertions(+), 3 deletions(-)
++
++diff --git a/sysusers.d/systemd.conf.m4 b/sysusers.d/systemd.conf.m4
++index 2315b56..ef5a3cb 100644
++--- a/sysusers.d/systemd.conf.m4
+++++ b/sysusers.d/systemd.conf.m4
++@@ -6,6 +6,15 @@
++ # (at your option) any later version.
++
++ g systemd-journal - -
+++m4_ifdef(`ENABLE_NETWORKD',
+++u systemd-network - "systemd Network Management"
+++)m4_dnl
+++m4_ifdef(`ENABLE_RESOLVE',
+++u systemd-resolve - "systemd Resolver"
+++)m4_dnl
+++m4_ifdef(`ENABLE_TIMESYNCD',
+++u systemd-timesync - "systemd Time Synchronization"
+++)m4_dnl
++ m4_ifdef(`ENABLE_COREDUMP',
++ u systemd-coredump - "systemd Core Dumper"
++ )m4_dnl
++diff --git a/tmpfiles.d/systemd.conf.m4 b/tmpfiles.d/systemd.conf.m4
++index 120e42a..d39c9cb 100644
++--- a/tmpfiles.d/systemd.conf.m4
+++++ b/tmpfiles.d/systemd.conf.m4
++@@ -17,9 +17,9 @@ d /run/systemd/users 0755 root root -
++ d /run/systemd/machines 0755 root root -
++ d /run/systemd/shutdown 0755 root root -
++ m4_ifdef(`ENABLE_NETWORKD',
++-d /run/systemd/netif 0755 - - -
++-d /run/systemd/netif/links 0755 - - -
++-d /run/systemd/netif/leases 0755 - - -
+++d /run/systemd/netif 0755 systemd-network systemd-network -
+++d /run/systemd/netif/links 0755 systemd-network systemd-network -
+++d /run/systemd/netif/leases 0755 systemd-network systemd-network -
++ )m4_dnl
++
++ d /run/log 0755 root root -
--- /dev/null
--- /dev/null
++From: Michael Biebl <biebl@debian.org>
++Date: Mon, 16 Jul 2018 11:27:44 +0200
++Subject: test: Drop SKIP_INITRD for QEMU-based tests
++
++Not all distros support booting without an initrd. E.g. the Debian
++kernel builds ext4 as a module and so relies on an initrd to
++successfully start the QEMU-based images.
++
++(cherry picked from commit c2d4da002095fe6f86f89a508a81e48fb6d3196f)
++---
++ test/TEST-08-ISSUE-2730/test.sh | 1 -
++ test/TEST-09-ISSUE-2691/test.sh | 1 -
++ test/TEST-10-ISSUE-2467/test.sh | 1 -
++ test/TEST-11-ISSUE-3166/test.sh | 1 -
++ test/TEST-13-NSPAWN-SMOKE/test.sh | 2 +-
++ test/TEST-14-MACHINE-ID/test.sh | 2 +-
++ 6 files changed, 2 insertions(+), 6 deletions(-)
++
++diff --git a/test/TEST-08-ISSUE-2730/test.sh b/test/TEST-08-ISSUE-2730/test.sh
++index 68159c3..90bf133 100755
++--- a/test/TEST-08-ISSUE-2730/test.sh
+++++ b/test/TEST-08-ISSUE-2730/test.sh
++@@ -6,7 +6,6 @@ TEST_DESCRIPTION="https://github.com/systemd/systemd/issues/2730"
++ TEST_NO_NSPAWN=1
++
++ . $TEST_BASE_DIR/test-functions
++-SKIP_INITRD=yes
++ QEMU_TIMEOUT=180
++ FSTYPE=ext4
++
++diff --git a/test/TEST-09-ISSUE-2691/test.sh b/test/TEST-09-ISSUE-2691/test.sh
++index 4c3e949..9b5990b 100755
++--- a/test/TEST-09-ISSUE-2691/test.sh
+++++ b/test/TEST-09-ISSUE-2691/test.sh
++@@ -6,7 +6,6 @@ TEST_DESCRIPTION="https://github.com/systemd/systemd/issues/2691"
++ TEST_NO_NSPAWN=1
++
++ . $TEST_BASE_DIR/test-functions
++-SKIP_INITRD=yes
++ QEMU_TIMEOUT=90
++
++ test_setup() {
++diff --git a/test/TEST-10-ISSUE-2467/test.sh b/test/TEST-10-ISSUE-2467/test.sh
++index 2f95e90..e61f5ac 100755
++--- a/test/TEST-10-ISSUE-2467/test.sh
+++++ b/test/TEST-10-ISSUE-2467/test.sh
++@@ -5,7 +5,6 @@ set -e
++ TEST_DESCRIPTION="https://github.com/systemd/systemd/issues/2467"
++
++ . $TEST_BASE_DIR/test-functions
++-SKIP_INITRD=yes
++
++ test_setup() {
++ create_empty_image
++diff --git a/test/TEST-11-ISSUE-3166/test.sh b/test/TEST-11-ISSUE-3166/test.sh
++index 4602bdf..8aae4d5 100755
++--- a/test/TEST-11-ISSUE-3166/test.sh
+++++ b/test/TEST-11-ISSUE-3166/test.sh
++@@ -6,7 +6,6 @@ TEST_DESCRIPTION="https://github.com/systemd/systemd/issues/3166"
++ TEST_NO_NSPAWN=1
++
++ . $TEST_BASE_DIR/test-functions
++-SKIP_INITRD=yes
++
++ test_setup() {
++ create_empty_image
++diff --git a/test/TEST-13-NSPAWN-SMOKE/test.sh b/test/TEST-13-NSPAWN-SMOKE/test.sh
++index 6a0cb42..f485a92 100755
++--- a/test/TEST-13-NSPAWN-SMOKE/test.sh
+++++ b/test/TEST-13-NSPAWN-SMOKE/test.sh
++@@ -4,7 +4,7 @@
++ set -e
++ TEST_DESCRIPTION="systemd-nspawn smoke test"
++ TEST_NO_NSPAWN=1
++-SKIP_INITRD=yes
+++
++ . $TEST_BASE_DIR/test-functions
++
++ test_setup() {
++diff --git a/test/TEST-14-MACHINE-ID/test.sh b/test/TEST-14-MACHINE-ID/test.sh
++index 7342645..62003b9 100755
++--- a/test/TEST-14-MACHINE-ID/test.sh
+++++ b/test/TEST-14-MACHINE-ID/test.sh
++@@ -4,7 +4,7 @@
++ set -e
++ TEST_DESCRIPTION="/etc/machine-id testing"
++ TEST_NO_NSPAWN=1
++-SKIP_INITRD=yes
+++
++ . $TEST_BASE_DIR/test-functions
++
++ test_setup() {
--- /dev/null
--- /dev/null
++From: Martin Pitt <martin@piware.de>
++Date: Mon, 2 Jul 2018 22:26:31 +0200
++Subject: test: fix networkd-test.py rate limiting and dynamic user
++
++ - Reset systemd-networkd.service before each test run, to avoid running
++ into restart limits.
++ - Our networkd-test-router.service unit needs to run as root and thus
++ can't use `User=`; but networkd still insists on the
++ `systemd-network` system user to exist, so create it.
++
++(cherry picked from commit c44c1b8ab5274c7cdb93d9a80c79bcddb503c235)
++---
++ test/networkd-test.py | 8 ++++++++
++ 1 file changed, 8 insertions(+)
++
++diff --git a/test/networkd-test.py b/test/networkd-test.py
++index 387cdb6..de16ac1 100755
++--- a/test/networkd-test.py
+++++ b/test/networkd-test.py
++@@ -54,6 +54,11 @@ def setUpModule():
++ # Ensure the unit directory exists so tests can dump files into it.
++ os.makedirs(NETWORK_UNITDIR, exist_ok=True)
++
+++ # create static systemd-network user for networkd-test-router.service (it
+++ # needs to do some stuff as root and can't start as user; but networkd
+++ # still insists on the user)
+++ subprocess.check_call(['adduser', '--system', '--no-create-home', 'systemd-network'])
+++
++
++ class NetworkdTestingUtilities:
++ """Provide a set of utility functions to facilitate networkd tests.
++@@ -172,6 +177,7 @@ Name=mybridge
++ DNS=192.168.250.1
++ Address=192.168.250.33/24
++ Gateway=192.168.250.1''')
+++ subprocess.check_call(['systemctl', 'reset-failed', 'systemd-networkd'])
++ subprocess.check_call(['systemctl', 'start', 'systemd-networkd'])
++
++ def tearDown(self):
++@@ -257,6 +263,8 @@ class ClientTestBase(NetworkdTestingUtilities):
++ self.assertTrue(out.startswith('-- cursor:'))
++ self.journal_cursor = out.split()[-1]
++
+++ subprocess.check_call(['systemctl', 'reset-failed', 'systemd-networkd'])
+++
++ def tearDown(self):
++ self.shutdown_iface()
++ subprocess.call(['systemctl', 'stop', 'systemd-networkd'])
--- /dev/null
--- /dev/null
++From: Yu Watanabe <watanabe.yu+github@gmail.com>
++Date: Tue, 11 Sep 2018 09:17:22 +0900
++Subject: test: introduce test_is_running_from_builddir()
++
++(cherry picked from commit 8cb10a4f4dabc508a04f76ea55f23ef517881b61)
++---
++ src/shared/tests.c | 23 ++++++++++++++++++++---
++ src/shared/tests.h | 1 +
++ 2 files changed, 21 insertions(+), 3 deletions(-)
++
++diff --git a/src/shared/tests.c b/src/shared/tests.c
++index 6b3df0a..c3704c7 100644
++--- a/src/shared/tests.c
+++++ b/src/shared/tests.c
++@@ -19,6 +19,24 @@ char* setup_fake_runtime_dir(void) {
++ return p;
++ }
++
+++bool test_is_running_from_builddir(char **exedir) {
+++ _cleanup_free_ char *s = NULL;
+++ bool r;
+++
+++ /* Check if we're running from the builddir. Optionally, this returns
+++ * the path to the directory where the binary is located. */
+++
+++ assert_se(readlink_and_make_absolute("/proc/self/exe", &s) >= 0);
+++ r = path_startswith(s, ABS_BUILD_DIR);
+++
+++ if (exedir) {
+++ dirname(s);
+++ *exedir = TAKE_PTR(s);
+++ }
+++
+++ return r;
+++}
+++
++ const char* get_testdata_dir(const char *suffix) {
++ const char *env;
++ /* convenience: caller does not need to free result */
++@@ -35,14 +53,13 @@ const char* get_testdata_dir(const char *suffix) {
++ strncpy(testdir, env, sizeof(testdir) - 1);
++ } else {
++ _cleanup_free_ char *exedir = NULL;
++- assert_se(readlink_and_make_absolute("/proc/self/exe", &exedir) >= 0);
++
++ /* Check if we're running from the builddir. If so, use the compiled in path. */
++- if (path_startswith(exedir, ABS_BUILD_DIR))
+++ if (test_is_running_from_builddir(&exedir))
++ assert_se(snprintf(testdir, sizeof(testdir), "%s/test", ABS_SRC_DIR) > 0);
++ else
++ /* Try relative path, according to the install-test layout */
++- assert_se(snprintf(testdir, sizeof(testdir), "%s/testdata", dirname(exedir)) > 0);
+++ assert_se(snprintf(testdir, sizeof(testdir), "%s/testdata", exedir) > 0);
++
++ /* test this without the suffix, as it may contain a glob */
++ if (access(testdir, F_OK) < 0) {
++diff --git a/src/shared/tests.h b/src/shared/tests.h
++index b88135e..c9fa11f 100644
++--- a/src/shared/tests.h
+++++ b/src/shared/tests.h
++@@ -2,4 +2,5 @@
++ #pragma once
++
++ char* setup_fake_runtime_dir(void);
+++bool test_is_running_from_builddir(char **exedir);
++ const char* get_testdata_dir(const char *suffix);
--- /dev/null
--- /dev/null
++From: Yu Watanabe <watanabe.yu+github@gmail.com>
++Date: Tue, 11 Sep 2018 09:18:33 +0900
++Subject: test: make test-catalog relocatable
++
++Fixes #10045.
++
++(cherry picked from commit d9b6baa69968132d33e4ad8627c7fe0bd527c859)
++---
++ catalog/meson.build | 1 -
++ src/journal/test-catalog.c | 27 +++++++++++++++++++--------
++ src/test/meson.build | 2 +-
++ 3 files changed, 20 insertions(+), 10 deletions(-)
++
++diff --git a/catalog/meson.build b/catalog/meson.build
++index 1b13150..3db8e39 100644
++--- a/catalog/meson.build
+++++ b/catalog/meson.build
++@@ -17,7 +17,6 @@ in_files = '''
++
++ support_url = get_option('support-url')
++ support_sed = 's~%SUPPORT_URL%~@0@~'.format(support_url)
++-build_catalog_dir = meson.current_build_dir()
++
++ foreach file : in_files
++ custom_target(
++diff --git a/src/journal/test-catalog.c b/src/journal/test-catalog.c
++index 8eae993..0c4da29 100644
++--- a/src/journal/test-catalog.c
+++++ b/src/journal/test-catalog.c
++@@ -14,14 +14,13 @@
++ #include "fileio.h"
++ #include "log.h"
++ #include "macro.h"
+++#include "path-util.h"
++ #include "string-util.h"
+++#include "strv.h"
+++#include "tests.h"
++ #include "util.h"
++
++-static const char *catalog_dirs[] = {
++- CATALOG_DIR,
++- NULL,
++-};
++-
+++static char** catalog_dirs = NULL;
++ static const char *no_catalog_dirs[] = {
++ "/bin/hopefully/with/no/catalog",
++ NULL
++@@ -167,8 +166,8 @@ static void test_catalog_update(const char *database) {
++ assert_se(r == 0);
++
++ /* Make sure that we at least have some files loaded or the
++- catalog_list below will fail. */
++- r = catalog_update(database, NULL, catalog_dirs);
+++ * catalog_list below will fail. */
+++ r = catalog_update(database, NULL, (const char * const *) catalog_dirs);
++ assert_se(r == 0);
++ }
++
++@@ -202,14 +201,26 @@ static void test_catalog_file_lang(void) {
++
++ int main(int argc, char *argv[]) {
++ _cleanup_(unlink_tempfilep) char database[] = "/tmp/test-catalog.XXXXXX";
++- _cleanup_free_ char *text = NULL;
+++ _cleanup_free_ char *text = NULL, *catalog_dir = NULL;
++ int r;
++
++ setlocale(LC_ALL, "de_DE.UTF-8");
++
+++ log_set_max_level(LOG_DEBUG);
++ log_parse_environment();
++ log_open();
++
+++ /* If test-catalog is located at the build directory, then use catalogs in that.
+++ * If it is not, e.g. installed by systemd-tests package, then use installed catalogs. */
+++ if (test_is_running_from_builddir(NULL)) {
+++ assert_se(catalog_dir = path_join(NULL, ABS_BUILD_DIR, "catalog"));
+++ catalog_dirs = STRV_MAKE(catalog_dir);
+++ } else
+++ catalog_dirs = STRV_MAKE(CATALOG_DIR);
+++
+++ assert_se(access(catalog_dirs[0], F_OK) >= 0);
+++ log_notice("Using catalog directory '%s'", catalog_dirs[0]);
+++
++ test_catalog_file_lang();
++
++ test_catalog_import_invalid();
++diff --git a/src/test/meson.build b/src/test/meson.build
++index 7da7e3a..1ef7ac6 100644
++--- a/src/test/meson.build
+++++ b/src/test/meson.build
++@@ -757,7 +757,7 @@ tests += [
++ [threads,
++ libxz,
++ liblz4],
++- '', '', '-DCATALOG_DIR="@0@"'.format(build_catalog_dir)],
+++ '', '', '-DCATALOG_DIR="@0@"'.format(catalogdir)],
++
++ [['src/journal/test-compress.c'],
++ [libjournal_core,
--- /dev/null
--- /dev/null
++From: Filipe Brandenburger <filbranden@google.com>
++Date: Tue, 11 Sep 2018 23:15:09 -0700
++Subject: test: remove support for suffix in get_testdata_dir()
++
++Instead, use path_join() in callers wherever needed.
++
++(cherry picked from commit 55890a40c3ec0c061c04d1395a38c26313132d12)
++---
++ src/resolve/test-dns-packet.c | 5 ++++-
++ src/shared/tests.c | 4 +---
++ src/shared/tests.h | 2 +-
++ src/test/test-bpf.c | 2 +-
++ src/test/test-cgroup-mask.c | 2 +-
++ src/test/test-engine.c | 2 +-
++ src/test/test-execute.c | 4 +++-
++ src/test/test-journal-importer.c | 10 ++++++++--
++ src/test/test-path.c | 5 ++++-
++ src/test/test-sched-prio.c | 2 +-
++ src/test/test-umount.c | 18 ++++++++++++++----
++ src/test/test-watch-pid.c | 2 +-
++ 12 files changed, 40 insertions(+), 18 deletions(-)
++
++diff --git a/src/resolve/test-dns-packet.c b/src/resolve/test-dns-packet.c
++index 905f000..0dac05e 100644
++--- a/src/resolve/test-dns-packet.c
+++++ b/src/resolve/test-dns-packet.c
++@@ -12,6 +12,7 @@
++ #include "macro.h"
++ #include "resolved-dns-packet.h"
++ #include "resolved-dns-rr.h"
+++#include "path-util.h"
++ #include "string-util.h"
++ #include "strv.h"
++ #include "tests.h"
++@@ -92,6 +93,7 @@ static void test_packet_from_file(const char* filename, bool canonical) {
++
++ int main(int argc, char **argv) {
++ int i, N;
+++ _cleanup_free_ char *pkts_glob = NULL;
++ _cleanup_globfree_ glob_t g = {};
++ char **fnames;
++
++@@ -101,7 +103,8 @@ int main(int argc, char **argv) {
++ N = argc - 1;
++ fnames = argv + 1;
++ } else {
++- assert_se(glob(get_testdata_dir("/test-resolve/*.pkts"), GLOB_NOSORT, NULL, &g) == 0);
+++ pkts_glob = path_join(NULL, get_testdata_dir(), "test-resolve/*.pkts");
+++ assert_se(glob(pkts_glob, GLOB_NOSORT, NULL, &g) == 0);
++ N = g.gl_pathc;
++ fnames = g.gl_pathv;
++ }
++diff --git a/src/shared/tests.c b/src/shared/tests.c
++index c3704c7..a002260 100644
++--- a/src/shared/tests.c
+++++ b/src/shared/tests.c
++@@ -37,7 +37,7 @@ bool test_is_running_from_builddir(char **exedir) {
++ return r;
++ }
++
++-const char* get_testdata_dir(const char *suffix) {
+++const char* get_testdata_dir(void) {
++ const char *env;
++ /* convenience: caller does not need to free result */
++ static char testdir[PATH_MAX];
++@@ -61,13 +61,11 @@ const char* get_testdata_dir(const char *suffix) {
++ /* Try relative path, according to the install-test layout */
++ assert_se(snprintf(testdir, sizeof(testdir), "%s/testdata", exedir) > 0);
++
++- /* test this without the suffix, as it may contain a glob */
++ if (access(testdir, F_OK) < 0) {
++ fputs("ERROR: Cannot find testdata directory, set $SYSTEMD_TEST_DATA\n", stderr);
++ exit(EXIT_FAILURE);
++ }
++ }
++
++- strncpy(testdir + strlen(testdir), suffix, sizeof(testdir) - strlen(testdir) - 1);
++ return testdir;
++ }
++diff --git a/src/shared/tests.h b/src/shared/tests.h
++index c9fa11f..da4155e 100644
++--- a/src/shared/tests.h
+++++ b/src/shared/tests.h
++@@ -3,4 +3,4 @@
++
++ char* setup_fake_runtime_dir(void);
++ bool test_is_running_from_builddir(char **exedir);
++-const char* get_testdata_dir(const char *suffix);
+++const char* get_testdata_dir(void);
++diff --git a/src/test/test-bpf.c b/src/test/test-bpf.c
++index 4d89bd4..6f4a22a 100644
++--- a/src/test/test-bpf.c
+++++ b/src/test/test-bpf.c
++@@ -38,7 +38,7 @@ int main(int argc, char *argv[]) {
++ return EXIT_TEST_SKIP;
++ }
++
++- assert_se(set_unit_path(get_testdata_dir("")) >= 0);
+++ assert_se(set_unit_path(get_testdata_dir()) >= 0);
++ assert_se(runtime_dir = setup_fake_runtime_dir());
++
++ r = bpf_program_new(BPF_PROG_TYPE_CGROUP_SKB, &p);
++diff --git a/src/test/test-cgroup-mask.c b/src/test/test-cgroup-mask.c
++index d65959e..48d58f6 100644
++--- a/src/test/test-cgroup-mask.c
+++++ b/src/test/test-cgroup-mask.c
++@@ -26,7 +26,7 @@ static int test_cgroup_mask(void) {
++ }
++
++ /* Prepare the manager. */
++- assert_se(set_unit_path(get_testdata_dir("")) >= 0);
+++ assert_se(set_unit_path(get_testdata_dir()) >= 0);
++ assert_se(runtime_dir = setup_fake_runtime_dir());
++ r = manager_new(UNIT_FILE_USER, MANAGER_TEST_RUN_BASIC, &m);
++ if (IN_SET(r, -EPERM, -EACCES)) {
++diff --git a/src/test/test-engine.c b/src/test/test-engine.c
++index d072a15..0f3e244 100644
++--- a/src/test/test-engine.c
+++++ b/src/test/test-engine.c
++@@ -29,7 +29,7 @@ int main(int argc, char *argv[]) {
++ }
++
++ /* prepare the test */
++- assert_se(set_unit_path(get_testdata_dir("")) >= 0);
+++ assert_se(set_unit_path(get_testdata_dir()) >= 0);
++ assert_se(runtime_dir = setup_fake_runtime_dir());
++ r = manager_new(UNIT_FILE_USER, MANAGER_TEST_RUN_BASIC, &m);
++ if (MANAGER_SKIP_TEST(r)) {
++diff --git a/src/test/test-execute.c b/src/test/test-execute.c
++index fa8efdd..1b308a8 100644
++--- a/src/test/test-execute.c
+++++ b/src/test/test-execute.c
++@@ -648,6 +648,7 @@ static int run_tests(UnitFileScope scope, const test_function_t *tests) {
++
++ int main(int argc, char *argv[]) {
++ _cleanup_(rm_rf_physical_and_freep) char *runtime_dir = NULL;
+++ _cleanup_free_ char *test_execute_path = NULL;
++ static const test_function_t user_tests[] = {
++ test_exec_basic,
++ test_exec_ambientcapabilities,
++@@ -711,7 +712,8 @@ int main(int argc, char *argv[]) {
++ }
++
++ assert_se(runtime_dir = setup_fake_runtime_dir());
++- assert_se(set_unit_path(get_testdata_dir("/test-execute")) >= 0);
+++ test_execute_path = path_join(NULL, get_testdata_dir(), "test-execute");
+++ assert_se(set_unit_path(test_execute_path) >= 0);
++
++ /* Unset VAR1, VAR2 and VAR3 which are used in the PassEnvironment test
++ * cases, otherwise (and if they are present in the environment),
++diff --git a/src/test/test-journal-importer.c b/src/test/test-journal-importer.c
++index 56bf6a1..8f09d5a 100644
++--- a/src/test/test-journal-importer.c
+++++ b/src/test/test-journal-importer.c
++@@ -4,8 +4,10 @@
++ #include <sys/stat.h>
++ #include <fcntl.h>
++
+++#include "alloc-util.h"
++ #include "log.h"
++ #include "journal-importer.h"
+++#include "path-util.h"
++ #include "string-util.h"
++ #include "tests.h"
++
++@@ -20,9 +22,11 @@ static void assert_iovec_entry(const struct iovec *iovec, const char* content) {
++
++ static void test_basic_parsing(void) {
++ _cleanup_(journal_importer_cleanup) JournalImporter imp = {};
+++ _cleanup_free_ char *journal_data_path = NULL;
++ int r;
++
++- imp.fd = open(get_testdata_dir("/journal-data/journal-1.txt"), O_RDONLY|O_CLOEXEC);
+++ journal_data_path = path_join(NULL, get_testdata_dir(), "journal-data/journal-1.txt");
+++ imp.fd = open(journal_data_path, O_RDONLY|O_CLOEXEC);
++ assert_se(imp.fd >= 0);
++
++ do
++@@ -49,9 +53,11 @@ static void test_basic_parsing(void) {
++
++ static void test_bad_input(void) {
++ _cleanup_(journal_importer_cleanup) JournalImporter imp = {};
+++ _cleanup_free_ char *journal_data_path = NULL;
++ int r;
++
++- imp.fd = open(get_testdata_dir("/journal-data/journal-2.txt"), O_RDONLY|O_CLOEXEC);
+++ journal_data_path = path_join(NULL, get_testdata_dir(), "journal-data/journal-2.txt");
+++ imp.fd = open(journal_data_path, O_RDONLY|O_CLOEXEC);
++ assert_se(imp.fd >= 0);
++
++ do
++diff --git a/src/test/test-path.c b/src/test/test-path.c
++index 209eb2e..5e78a56 100644
++--- a/src/test/test-path.c
+++++ b/src/test/test-path.c
++@@ -12,6 +12,7 @@
++ #include "macro.h"
++ #include "manager.h"
++ #include "mkdir.h"
+++#include "path-util.h"
++ #include "rm-rf.h"
++ #include "string-util.h"
++ #include "strv.h"
++@@ -247,6 +248,7 @@ int main(int argc, char *argv[]) {
++ };
++
++ _cleanup_(rm_rf_physical_and_freep) char *runtime_dir = NULL;
+++ _cleanup_free_ char *test_path = NULL;
++ const test_function_t *test = NULL;
++ Manager *m = NULL;
++
++@@ -255,7 +257,8 @@ int main(int argc, char *argv[]) {
++ log_parse_environment();
++ log_open();
++
++- assert_se(set_unit_path(get_testdata_dir("/test-path")) >= 0);
+++ test_path = path_join(NULL, get_testdata_dir(), "test-path");
+++ assert_se(set_unit_path(test_path) >= 0);
++ assert_se(runtime_dir = setup_fake_runtime_dir());
++
++ for (test = tests; test && *test; test++) {
++diff --git a/src/test/test-sched-prio.c b/src/test/test-sched-prio.c
++index c986284..60012e4 100644
++--- a/src/test/test-sched-prio.c
+++++ b/src/test/test-sched-prio.c
++@@ -26,7 +26,7 @@ int main(int argc, char *argv[]) {
++ }
++
++ /* prepare the test */
++- assert_se(set_unit_path(get_testdata_dir("")) >= 0);
+++ assert_se(set_unit_path(get_testdata_dir()) >= 0);
++ assert_se(runtime_dir = setup_fake_runtime_dir());
++ r = manager_new(UNIT_FILE_USER, MANAGER_TEST_RUN_BASIC, &m);
++ if (MANAGER_SKIP_TEST(r)) {
++diff --git a/src/test/test-umount.c b/src/test/test-umount.c
++index 770d1a7..c068f7a 100644
++--- a/src/test/test-umount.c
+++++ b/src/test/test-umount.c
++@@ -1,6 +1,8 @@
++ /* SPDX-License-Identifier: LGPL-2.1+ */
++
+++#include "alloc-util.h"
++ #include "log.h"
+++#include "path-util.h"
++ #include "string-util.h"
++ #include "tests.h"
++ #include "umount.h"
++@@ -8,10 +10,14 @@
++
++ static void test_mount_points_list(const char *fname) {
++ _cleanup_(mount_points_list_free) LIST_HEAD(MountPoint, mp_list_head);
+++ _cleanup_free_ char *testdata_fname = NULL;
++ MountPoint *m;
++
++ log_info("/* %s(\"%s\") */", __func__, fname ?: "/proc/self/mountinfo");
++
+++ if (fname)
+++ fname = testdata_fname = path_join(NULL, get_testdata_dir(), fname);
+++
++ LIST_HEAD_INIT(mp_list_head);
++ assert_se(mount_points_list_get(fname, &mp_list_head) >= 0);
++
++@@ -26,10 +32,14 @@ static void test_mount_points_list(const char *fname) {
++
++ static void test_swap_list(const char *fname) {
++ _cleanup_(mount_points_list_free) LIST_HEAD(MountPoint, mp_list_head);
+++ _cleanup_free_ char *testdata_fname = NULL;
++ MountPoint *m;
++
++ log_info("/* %s(\"%s\") */", __func__, fname ?: "/proc/swaps");
++
+++ if (fname)
+++ fname = testdata_fname = path_join(NULL, get_testdata_dir(), fname);
+++
++ LIST_HEAD_INIT(mp_list_head);
++ assert_se(swap_list_get(fname, &mp_list_head) >= 0);
++
++@@ -48,10 +58,10 @@ int main(int argc, char **argv) {
++ log_open();
++
++ test_mount_points_list(NULL);
++- test_mount_points_list(get_testdata_dir("/test-umount/empty.mountinfo"));
++- test_mount_points_list(get_testdata_dir("/test-umount/garbled.mountinfo"));
++- test_mount_points_list(get_testdata_dir("/test-umount/rhbug-1554943.mountinfo"));
+++ test_mount_points_list("/test-umount/empty.mountinfo");
+++ test_mount_points_list("/test-umount/garbled.mountinfo");
+++ test_mount_points_list("/test-umount/rhbug-1554943.mountinfo");
++
++ test_swap_list(NULL);
++- test_swap_list(get_testdata_dir("/test-umount/example.swaps"));
+++ test_swap_list("/test-umount/example.swaps");
++ }
++diff --git a/src/test/test-watch-pid.c b/src/test/test-watch-pid.c
++index cb43b35..4e349ab 100644
++--- a/src/test/test-watch-pid.c
+++++ b/src/test/test-watch-pid.c
++@@ -28,7 +28,7 @@ int main(int argc, char *argv[]) {
++ return EXIT_TEST_SKIP;
++ }
++
++- assert_se(set_unit_path(get_testdata_dir("")) >= 0);
+++ assert_se(set_unit_path(get_testdata_dir()) >= 0);
++ assert_se(runtime_dir = setup_fake_runtime_dir());
++
++ assert_se(manager_new(UNIT_FILE_USER, true, &m) >= 0);
--- /dev/null
--- /dev/null
++From: Filipe Brandenburger <filbranden@google.com>
++Date: Wed, 12 Sep 2018 00:23:40 -0700
++Subject: test: use ${builddir}/systemd-runtest.env for $SYSTEMD_CATALOG_DIR
++
++This makes it so that tests no longer need to know the absolute paths to the
++source and build dirs, instead using the systemd-runtest.env file to get these
++paths when running from the build tree.
++
++Confirmed that test-catalog works on `ninja test`, when called standalone and
++also when the environment file is not present, in which case it will use the
++installed location under /usr/lib/systemd/catalog.
++
++The location can now also be overridden for this test by setting the
++$SYSTEMD_CATALOG_DIR environment variable.
++
++(cherry picked from commit 49cdae63d168b2fe0e19f9f090b90d79de3c39bb)
++---
++ meson.build | 4 ++--
++ src/journal/test-catalog.c | 6 +-----
++ src/shared/tests.c | 22 ++++++++++++++++------
++ src/shared/tests.h | 2 +-
++ src/test/meson.build | 3 +--
++ 5 files changed, 21 insertions(+), 16 deletions(-)
++
++diff --git a/meson.build b/meson.build
++index 7547c69..88a470a 100644
++--- a/meson.build
+++++ b/meson.build
++@@ -207,6 +207,7 @@ conf.set_quoted('SYSTEM_SLEEP_PATH', systemsleepdir)
++ conf.set_quoted('SYSTEMD_KBD_MODEL_MAP', join_paths(pkgdatadir, 'kbd-model-map'))
++ conf.set_quoted('SYSTEMD_LANGUAGE_FALLBACK_MAP', join_paths(pkgdatadir, 'language-fallback-map'))
++ conf.set_quoted('SYSTEMD_TEST_DATA', join_paths(testsdir, 'testdata'))
+++conf.set_quoted('SYSTEMD_CATALOG_DIR', catalogdir)
++ conf.set_quoted('UDEVLIBEXECDIR', udevlibexecdir)
++ conf.set_quoted('POLKIT_AGENT_BINARY_PATH', join_paths(bindir, 'pkttyagent'))
++ conf.set_quoted('LIBDIR', libdir)
++@@ -222,8 +223,6 @@ conf.set_quoted('DOCUMENT_ROOT', join_paths(pkgdata
++ conf.set('MEMORY_ACCOUNTING_DEFAULT', memory_accounting_default ? 'true' : 'false')
++ conf.set_quoted('MEMORY_ACCOUNTING_DEFAULT_YES_NO', memory_accounting_default ? 'yes' : 'no')
++
++-conf.set_quoted('ABS_BUILD_DIR', meson.build_root())
++-
++ substs.set('prefix', prefixdir)
++ substs.set('exec_prefix', prefixdir)
++ substs.set('libdir', libdir)
++@@ -2551,6 +2550,7 @@ custom_target(
++ output : 'systemd-runtest.env',
++ command : ['sh', '-c', '{ ' +
++ 'echo SYSTEMD_TEST_DATA=@0@; '.format(join_paths(meson.current_source_dir(), 'test')) +
+++ 'echo SYSTEMD_CATALOG_DIR=@0@; '.format(join_paths(meson.current_build_dir(), 'catalog')) +
++ '} >@OUTPUT@'],
++ build_by_default : true)
++
++diff --git a/src/journal/test-catalog.c b/src/journal/test-catalog.c
++index 0c4da29..d9ee557 100644
++--- a/src/journal/test-catalog.c
+++++ b/src/journal/test-catalog.c
++@@ -212,11 +212,7 @@ int main(int argc, char *argv[]) {
++
++ /* If test-catalog is located at the build directory, then use catalogs in that.
++ * If it is not, e.g. installed by systemd-tests package, then use installed catalogs. */
++- if (test_is_running_from_builddir(NULL)) {
++- assert_se(catalog_dir = path_join(NULL, ABS_BUILD_DIR, "catalog"));
++- catalog_dirs = STRV_MAKE(catalog_dir);
++- } else
++- catalog_dirs = STRV_MAKE(CATALOG_DIR);
+++ catalog_dirs = STRV_MAKE(get_catalog_dir());
++
++ assert_se(access(catalog_dirs[0], F_OK) >= 0);
++ log_notice("Using catalog directory '%s'", catalog_dirs[0]);
++diff --git a/src/shared/tests.c b/src/shared/tests.c
++index ac11f51..94f4629 100644
++--- a/src/shared/tests.c
+++++ b/src/shared/tests.c
++@@ -44,12 +44,6 @@ static void load_testdata_env(void) {
++ setenv(*k, *v, 0);
++ }
++
++-bool test_is_running_from_builddir(char **exedir) {
++- load_testdata_env();
++-
++- return !!getenv("SYSTEMD_TEST_DATA");
++-}
++-
++ const char* get_testdata_dir(void) {
++ const char *env;
++
++@@ -66,3 +60,19 @@ const char* get_testdata_dir(void) {
++
++ return env;
++ }
+++
+++const char* get_catalog_dir(void) {
+++ const char *env;
+++
+++ load_testdata_env();
+++
+++ /* if the env var is set, use that */
+++ env = getenv("SYSTEMD_CATALOG_DIR");
+++ if (!env)
+++ env = SYSTEMD_CATALOG_DIR;
+++ if (access(env, F_OK) < 0) {
+++ fprintf(stderr, "ERROR: $SYSTEMD_CATALOG_DIR directory [%s] does not exist\n", env);
+++ exit(EXIT_FAILURE);
+++ }
+++ return env;
+++}
++diff --git a/src/shared/tests.h b/src/shared/tests.h
++index da4155e..0d5e6a8 100644
++--- a/src/shared/tests.h
+++++ b/src/shared/tests.h
++@@ -2,5 +2,5 @@
++ #pragma once
++
++ char* setup_fake_runtime_dir(void);
++-bool test_is_running_from_builddir(char **exedir);
++ const char* get_testdata_dir(void);
+++const char* get_catalog_dir(void);
++diff --git a/src/test/meson.build b/src/test/meson.build
++index 1ef7ac6..6fea916 100644
++--- a/src/test/meson.build
+++++ b/src/test/meson.build
++@@ -756,8 +756,7 @@ tests += [
++ libshared],
++ [threads,
++ libxz,
++- liblz4],
++- '', '', '-DCATALOG_DIR="@0@"'.format(catalogdir)],
+++ liblz4]],
++
++ [['src/journal/test-compress.c'],
++ [libjournal_core,
--- /dev/null
--- /dev/null
++From: Filipe Brandenburger <filbranden@google.com>
++Date: Tue, 11 Sep 2018 23:55:02 -0700
++Subject: test: use ${builddir}/systemd-runtest.env to set $SYSTEMD_TEST_DATA
++
++This simplifies get_testdata_dir() to simply checking for an environment
++variable, with an additional function to locate a systemd-runtest.env file in
++the same directory as the test binary and reading environment variable
++assignments from that file if it exists.
++
++This makes it possible to:
++- Run `ninja test` from the build dir and have it use ${srcdir}/test for
++ test unit definitions.
++- Run a test directly, such as `build/test-execute` and have it locate
++ them correctly.
++- Run installed tests (from systemd-tests package) and locate the test
++ units in the installed location (/usr/lib/systemd/tests/testdata), in
++ which case the absence of the systemd-runtest.env file will have
++ get_testdata_dir() use the installed location hardcoded into the
++ binaries.
++
++Explicit setting of $SYSTEMD_TEST_DATA still overrides the contents of
++systemd-runtest.env.
++
++(cherry picked from commit e2d413707fc68ed033a83e10a055ca638a1e1e18)
++---
++ meson.build | 10 +++++++-
++ src/shared/tests.c | 67 ++++++++++++++++++++++++++----------------------------
++ 2 files changed, 41 insertions(+), 36 deletions(-)
++
++diff --git a/meson.build b/meson.build
++index dd21f50..7547c69 100644
++--- a/meson.build
+++++ b/meson.build
++@@ -206,6 +206,7 @@ conf.set_quoted('SYSTEM_SHUTDOWN_PATH', systemshutdowndir)
++ conf.set_quoted('SYSTEM_SLEEP_PATH', systemsleepdir)
++ conf.set_quoted('SYSTEMD_KBD_MODEL_MAP', join_paths(pkgdatadir, 'kbd-model-map'))
++ conf.set_quoted('SYSTEMD_LANGUAGE_FALLBACK_MAP', join_paths(pkgdatadir, 'language-fallback-map'))
+++conf.set_quoted('SYSTEMD_TEST_DATA', join_paths(testsdir, 'testdata'))
++ conf.set_quoted('UDEVLIBEXECDIR', udevlibexecdir)
++ conf.set_quoted('POLKIT_AGENT_BINARY_PATH', join_paths(bindir, 'pkttyagent'))
++ conf.set_quoted('LIBDIR', libdir)
++@@ -222,7 +223,6 @@ conf.set('MEMORY_ACCOUNTING_DEFAULT', memory_accounting_
++ conf.set_quoted('MEMORY_ACCOUNTING_DEFAULT_YES_NO', memory_accounting_default ? 'yes' : 'no')
++
++ conf.set_quoted('ABS_BUILD_DIR', meson.build_root())
++-conf.set_quoted('ABS_SRC_DIR', meson.source_root())
++
++ substs.set('prefix', prefixdir)
++ substs.set('exec_prefix', prefixdir)
++@@ -2546,6 +2546,14 @@ executable('systemd-sulogin-shell',
++
++ ############################################################
++
+++custom_target(
+++ 'systemd-runtest.env',
+++ output : 'systemd-runtest.env',
+++ command : ['sh', '-c', '{ ' +
+++ 'echo SYSTEMD_TEST_DATA=@0@; '.format(join_paths(meson.current_source_dir(), 'test')) +
+++ '} >@OUTPUT@'],
+++ build_by_default : true)
+++
++ foreach tuple : tests
++ sources = tuple[0]
++ link_with = tuple[1].length() > 0 ? tuple[1] : [libshared]
++diff --git a/src/shared/tests.c b/src/shared/tests.c
++index a002260..ac11f51 100644
++--- a/src/shared/tests.c
+++++ b/src/shared/tests.c
++@@ -6,8 +6,11 @@
++ #include <stdlib.h>
++ #include <util.h>
++
++-#include "tests.h"
+++#include "alloc-util.h"
+++#include "fileio.h"
++ #include "path-util.h"
+++#include "strv.h"
+++#include "tests.h"
++
++ char* setup_fake_runtime_dir(void) {
++ char t[] = "/tmp/fake-xdg-runtime-XXXXXX", *p;
++@@ -19,53 +22,47 @@ char* setup_fake_runtime_dir(void) {
++ return p;
++ }
++
++-bool test_is_running_from_builddir(char **exedir) {
+++static void load_testdata_env(void) {
+++ static bool called = false;
++ _cleanup_free_ char *s = NULL;
++- bool r;
+++ _cleanup_free_ char *envpath = NULL;
+++ _cleanup_strv_free_ char **pairs = NULL;
+++ char **k, **v;
++
++- /* Check if we're running from the builddir. Optionally, this returns
++- * the path to the directory where the binary is located. */
+++ if (called)
+++ return;
+++ called = true;
++
++ assert_se(readlink_and_make_absolute("/proc/self/exe", &s) >= 0);
++- r = path_startswith(s, ABS_BUILD_DIR);
+++ dirname(s);
++
++- if (exedir) {
++- dirname(s);
++- *exedir = TAKE_PTR(s);
++- }
+++ envpath = path_join(NULL, s, "systemd-runtest.env");
+++ if (load_env_file_pairs(NULL, envpath, NULL, &pairs) < 0)
+++ return;
++
++- return r;
+++ STRV_FOREACH_PAIR(k, v, pairs)
+++ setenv(*k, *v, 0);
+++}
+++
+++bool test_is_running_from_builddir(char **exedir) {
+++ load_testdata_env();
+++
+++ return !!getenv("SYSTEMD_TEST_DATA");
++ }
++
++ const char* get_testdata_dir(void) {
++ const char *env;
++- /* convenience: caller does not need to free result */
++- static char testdir[PATH_MAX];
+++
+++ load_testdata_env();
++
++ /* if the env var is set, use that */
++ env = getenv("SYSTEMD_TEST_DATA");
++- testdir[sizeof(testdir) - 1] = '\0';
++- if (env) {
++- if (access(env, F_OK) < 0) {
++- fputs("ERROR: $SYSTEMD_TEST_DATA directory does not exist\n", stderr);
++- exit(EXIT_FAILURE);
++- }
++- strncpy(testdir, env, sizeof(testdir) - 1);
++- } else {
++- _cleanup_free_ char *exedir = NULL;
++-
++- /* Check if we're running from the builddir. If so, use the compiled in path. */
++- if (test_is_running_from_builddir(&exedir))
++- assert_se(snprintf(testdir, sizeof(testdir), "%s/test", ABS_SRC_DIR) > 0);
++- else
++- /* Try relative path, according to the install-test layout */
++- assert_se(snprintf(testdir, sizeof(testdir), "%s/testdata", exedir) > 0);
++-
++- if (access(testdir, F_OK) < 0) {
++- fputs("ERROR: Cannot find testdata directory, set $SYSTEMD_TEST_DATA\n", stderr);
++- exit(EXIT_FAILURE);
++- }
+++ if (!env)
+++ env = SYSTEMD_TEST_DATA;
+++ if (access(env, F_OK) < 0) {
+++ fprintf(stderr, "ERROR: $SYSTEMD_TEST_DATA directory [%s] does not exist\n", env);
+++ exit(EXIT_FAILURE);
++ }
++
++- return testdir;
+++ return env;
++ }
--- /dev/null
--- /dev/null
++From: Yu Watanabe <watanabe.yu+github@gmail.com>
++Date: Sun, 22 Jul 2018 23:10:02 +0900
++Subject: timedate: defer the property changed signal until job of
++ starting/stopping NTP service is finished
++
++Before this, the property changed signal is emitted immediately after
++StartUnit/StopUnit method is called. So, the running state of the NTP
++client service may not updated.
++This makes the timing of emitting property changed signal is deferred
++until job of starting/stopping NTP client service is completed.
++
++Fixes #9672.
++
++(cherry picked from commit 3af0a96c0fcc623bd16649fc3640396a657cf9ef)
++---
++ src/timedate/timedated.c | 78 ++++++++++++++++++++++++++++++++++++++++--------
++ 1 file changed, 65 insertions(+), 13 deletions(-)
++
++diff --git a/src/timedate/timedated.c b/src/timedate/timedated.c
++index a66ea22..3b70939 100644
++--- a/src/timedate/timedated.c
+++++ b/src/timedate/timedated.c
++@@ -45,6 +45,9 @@ typedef struct Context {
++ Hashmap *polkit_registry;
++ sd_bus_message *cache;
++
+++ sd_bus_slot *slot_job_removed;
+++ char *path_ntp_unit;
+++
++ LIST_HEAD(UnitStatusInfo, units);
++ } Context;
++
++@@ -73,6 +76,9 @@ static void context_free(Context *c) {
++ bus_verify_polkit_async_registry_free(c->polkit_registry);
++ sd_bus_message_unref(c->cache);
++
+++ sd_bus_slot_unref(c->slot_job_removed);
+++ free(c->path_ntp_unit);
+++
++ while ((p = c->units)) {
++ LIST_REMOVE(units, c->units, p);
++ unit_status_info_free(p);
++@@ -344,17 +350,55 @@ static int context_update_ntp_status(Context *c, sd_bus *bus, sd_bus_message *m)
++ return 0;
++ }
++
++-static int unit_start_or_stop(UnitStatusInfo *u, sd_bus *bus, sd_bus_error *error, bool start) {
+++static int match_job_removed(sd_bus_message *m, void *userdata, sd_bus_error *error) {
+++ const char *path;
+++ Context *c = userdata;
+++ int r;
+++
+++ assert(c);
+++ assert(m);
+++
+++ r = sd_bus_message_read(m, "uoss", NULL, &path, NULL, NULL);
+++ if (r < 0) {
+++ bus_log_parse_error(r);
+++ return 0;
+++ }
+++
+++ if (!streq_ptr(path, c->path_ntp_unit))
+++ return 0;
+++
+++ (void) sd_bus_emit_properties_changed(sd_bus_message_get_bus(m), "/org/freedesktop/timedate1", "org.freedesktop.timedate1", "NTP", NULL);
+++
+++ c->slot_job_removed = sd_bus_slot_unref(c->slot_job_removed);
+++ c->path_ntp_unit = mfree(c->path_ntp_unit);
+++
+++ return 0;
+++}
+++
+++static int unit_start_or_stop(Context *c, UnitStatusInfo *u, sd_bus *bus, sd_bus_error *error, bool start) {
+++ _cleanup_(sd_bus_message_unrefp) sd_bus_message *reply = NULL;
+++ _cleanup_(sd_bus_slot_unrefp) sd_bus_slot *slot = NULL;
+++ const char *path;
++ int r;
++
+++ assert(c);
++ assert(u);
++ assert(bus);
++ assert(error);
++
++- /* Call context_update_ntp_status() to update UnitStatusInfo before calling this. */
+++ /* This method may be called frequently. Forget the previous job if it has not completed yet. */
+++ c->slot_job_removed = sd_bus_slot_unref(c->slot_job_removed);
++
++- if (streq(u->active_state, "active") == start)
++- return 0;
+++ r = sd_bus_match_signal_async(
+++ bus,
+++ &slot,
+++ "org.freedesktop.systemd1",
+++ "/org/freedesktop/systemd1",
+++ "org.freedesktop.systemd1.Manager",
+++ "JobRemoved",
+++ match_job_removed, NULL, c);
+++ if (r < 0)
+++ return r;
++
++ r = sd_bus_call_method(
++ bus,
++@@ -363,13 +407,22 @@ static int unit_start_or_stop(UnitStatusInfo *u, sd_bus *bus, sd_bus_error *erro
++ "org.freedesktop.systemd1.Manager",
++ start ? "StartUnit" : "StopUnit",
++ error,
++- NULL,
+++ &reply,
++ "ss",
++ u->name,
++ "replace");
++ if (r < 0)
++ return r;
++
+++ r = sd_bus_message_read(reply, "o", &path);
+++ if (r < 0)
+++ return bus_log_parse_error(r);
+++
+++ r = free_and_strdup(&c->path_ntp_unit, path);
+++ if (r < 0)
+++ return log_oom();
+++
+++ c->slot_job_removed = TAKE_PTR(slot);
++ return 0;
++ }
++
++@@ -421,8 +474,9 @@ static int unit_enable_or_disable(UnitStatusInfo *u, sd_bus *bus, sd_bus_error *
++ error,
++ NULL,
++ NULL);
++- if (r < 0)
++- return r;
+++ if (r < 0)
+++ return r;
+++
++ return 0;
++ }
++
++@@ -812,7 +866,7 @@ static int method_set_ntp(sd_bus_message *m, void *userdata, sd_bus_error *error
++ if (q < 0)
++ r = q;
++
++- q = unit_start_or_stop(u, bus, error, enable);
+++ q = unit_start_or_stop(c, u, bus, error, enable);
++ if (q < 0)
++ r = q;
++ }
++@@ -826,17 +880,17 @@ static int method_set_ntp(sd_bus_message *m, void *userdata, sd_bus_error *error
++ if (r < 0)
++ continue;
++
++- r = unit_start_or_stop(u, bus, error, enable);
+++ r = unit_start_or_stop(c, u, bus, error, enable);
++ break;
++ }
++
++- else if (context_ntp_service_is_active(c) <= 0)
+++ else
++ LIST_FOREACH(units, u, c->units) {
++ if (!streq(u->load_state, "loaded") ||
++ !streq(u->unit_file_state, "enabled"))
++ continue;
++
++- r = unit_start_or_stop(u, bus, error, enable);
+++ r = unit_start_or_stop(c, u, bus, error, enable);
++ break;
++ }
++
++@@ -845,8 +899,6 @@ static int method_set_ntp(sd_bus_message *m, void *userdata, sd_bus_error *error
++
++ log_info("Set NTP to %sd", enable_disable(enable));
++
++- (void) sd_bus_emit_properties_changed(bus, "/org/freedesktop/timedate1", "org.freedesktop.timedate1", "NTP", NULL);
++-
++ return sd_bus_reply_method_return(m, NULL);
++ }
++
--- /dev/null
--- /dev/null
++From: Yu Watanabe <watanabe.yu+github@gmail.com>
++Date: Sat, 21 Jul 2018 23:07:53 +0900
++Subject: timedate: increment reference count of sd_bus_message
++
++The commit 5d280742b645a69a19e7f9131adc0c95f5c7fa07 introduces a
++barrier to suppress calling context_update_ntp_status() multiple times.
++However, it just stores the address of sd_bus_message object. So,
++when an address is reused on the subsequent message, then the status
++of NTP clients are not updated.
++
++This makes the stored message object is referenced by the context
++object. So, the subsequent message is on cirtainly different address.
++
++(cherry picked from commit 2770af85ac04fd14af2f6bcdf4d3967ed6f2e36f)
++---
++ src/timedate/timedated.c | 14 +++++++++-----
++ 1 file changed, 9 insertions(+), 5 deletions(-)
++
++diff --git a/src/timedate/timedated.c b/src/timedate/timedated.c
++index 82eb213..a66ea22 100644
++--- a/src/timedate/timedated.c
+++++ b/src/timedate/timedated.c
++@@ -43,6 +43,7 @@ typedef struct Context {
++ char *zone;
++ bool local_rtc;
++ Hashmap *polkit_registry;
+++ sd_bus_message *cache;
++
++ LIST_HEAD(UnitStatusInfo, units);
++ } Context;
++@@ -70,6 +71,7 @@ static void context_free(Context *c) {
++
++ free(c->zone);
++ bus_verify_polkit_async_registry_free(c->polkit_registry);
+++ sd_bus_message_unref(c->cache);
++
++ while ((p = c->units)) {
++ LIST_REMOVE(units, c->units, p);
++@@ -301,18 +303,20 @@ static int context_update_ntp_status(Context *c, sd_bus *bus, sd_bus_message *m)
++ { "UnitFileState", "s", NULL, offsetof(UnitStatusInfo, unit_file_state) },
++ {}
++ };
++- static sd_bus_message *_m = NULL;
++ UnitStatusInfo *u;
++ int r;
++
++ assert(c);
++ assert(bus);
++
++- /* Suppress multiple call of context_update_ntp_status() within single DBus transaction. */
++- if (m && m == _m)
++- return 0;
+++ /* Suppress calling context_update_ntp_status() multiple times within single DBus transaction. */
+++ if (m) {
+++ if (m == c->cache)
+++ return 0;
++
++- _m = m;
+++ sd_bus_message_unref(c->cache);
+++ c->cache = sd_bus_message_ref(m);
+++ }
++
++ LIST_FOREACH(units, u, c->units) {
++ _cleanup_(sd_bus_error_free) sd_bus_error error = SD_BUS_ERROR_NULL;
--- /dev/null
--- /dev/null
++From: Yu Watanabe <watanabe.yu+github@gmail.com>
++Date: Sat, 23 Jun 2018 09:41:55 +0900
++Subject: timesync: changes type of drift_freq to int64_t
++
++drift_freq is used for storing timex.freq, and is a 64bit integer.
++To support x32 ABI, this changes the type of drift_freq to int64_t.
++
++Fixes #9387.
++
++(cherry picked from commit 75ca1621db4647a4d62d7873cd6715e28fe0f9fa)
++---
++ src/timesync/timesyncd-manager.c | 2 +-
++ src/timesync/timesyncd-manager.h | 2 +-
++ 2 files changed, 2 insertions(+), 2 deletions(-)
++
++diff --git a/src/timesync/timesyncd-manager.c b/src/timesync/timesyncd-manager.c
++index 2b731af..404a2b1 100644
++--- a/src/timesync/timesyncd-manager.c
+++++ b/src/timesync/timesyncd-manager.c
++@@ -604,7 +604,7 @@ static int manager_receive_response(sd_event_source *source, int fd, uint32_t re
++ m->dest_time = *recv_time;
++ m->spike = spike;
++
++- log_debug("interval/delta/delay/jitter/drift " USEC_FMT "s/%+.3fs/%.3fs/%.3fs/%+"PRI_TIMEX"ppm%s",
+++ log_debug("interval/delta/delay/jitter/drift " USEC_FMT "s/%+.3fs/%.3fs/%.3fs/%+"PRIi64"ppm%s",
++ m->poll_interval_usec / USEC_PER_SEC, offset, delay, m->samples_jitter, m->drift_freq / 65536,
++ spike ? " (ignored)" : "");
++
++diff --git a/src/timesync/timesyncd-manager.h b/src/timesync/timesyncd-manager.h
++index d8d97cc..1834741 100644
++--- a/src/timesync/timesyncd-manager.h
+++++ b/src/timesync/timesyncd-manager.h
++@@ -79,7 +79,7 @@ struct Manager {
++ /* last change */
++ bool jumped;
++ bool sync;
++- long drift_freq;
+++ int64_t drift_freq;
++
++ /* watch for time changes */
++ sd_event_source *event_clock_watch;
--- /dev/null
--- /dev/null
++From: Yu Watanabe <watanabe.yu+github@gmail.com>
++Date: Mon, 25 Jun 2018 14:56:49 +0900
++Subject: tmpfiles: specify access mode for /run/systemd/netif
++
++This partially reverts 2af767729489f6baa98a2641b2007acab44ed353.
++As the directories are certainly readable and not-writable by
++non-privileged users.
++
++(cherry picked from commit 400d8461381c5748a97fccb8a022a20f40063a7d)
++---
++ tmpfiles.d/systemd.conf.m4 | 6 +++---
++ 1 file changed, 3 insertions(+), 3 deletions(-)
++
++diff --git a/tmpfiles.d/systemd.conf.m4 b/tmpfiles.d/systemd.conf.m4
++index 0992f74..120e42a 100644
++--- a/tmpfiles.d/systemd.conf.m4
+++++ b/tmpfiles.d/systemd.conf.m4
++@@ -17,9 +17,9 @@ d /run/systemd/users 0755 root root -
++ d /run/systemd/machines 0755 root root -
++ d /run/systemd/shutdown 0755 root root -
++ m4_ifdef(`ENABLE_NETWORKD',
++-d /run/systemd/netif - - - -
++-d /run/systemd/netif/links - - - -
++-d /run/systemd/netif/leases - - - -
+++d /run/systemd/netif 0755 - - -
+++d /run/systemd/netif/links 0755 - - -
+++d /run/systemd/netif/leases 0755 - - -
++ )m4_dnl
++
++ d /run/log 0755 root root -
--- /dev/null
--- /dev/null
++From: Lennart Poettering <lennart@poettering.net>
++Date: Mon, 12 Nov 2018 23:42:24 +0100
++Subject: tree-wide: port over other candidates for namespace_fork()
++
++Let's always use the same, correct, way to join a namespace.
++
++(cherry picked from commit 1edcb6a91ce459aed9abdf63b2724745a7cf8f45)
++---
++ src/basic/terminal-util.c | 18 ++++++------------
++ src/machine/machine-dbus.c | 18 ++++++------------
++ src/shared/logs-show.c | 9 +++------
++ 3 files changed, 15 insertions(+), 30 deletions(-)
++
++diff --git a/src/basic/terminal-util.c b/src/basic/terminal-util.c
++index f4af0e6..6218e83 100644
++--- a/src/basic/terminal-util.c
+++++ b/src/basic/terminal-util.c
++@@ -1094,7 +1094,8 @@ int openpt_in_namespace(pid_t pid, int flags) {
++ if (socketpair(AF_UNIX, SOCK_DGRAM, 0, pair) < 0)
++ return -errno;
++
++- r = safe_fork("(sd-openpt)", FORK_RESET_SIGNALS|FORK_DEATHSIG, &child);
+++ r = namespace_fork("(sd-openptns)", "(sd-openpt)", NULL, 0, FORK_RESET_SIGNALS|FORK_DEATHSIG,
+++ pidnsfd, mntnsfd, -1, usernsfd, rootfd, &child);
++ if (r < 0)
++ return r;
++ if (r == 0) {
++@@ -1102,10 +1103,6 @@ int openpt_in_namespace(pid_t pid, int flags) {
++
++ pair[0] = safe_close(pair[0]);
++
++- r = namespace_enter(pidnsfd, mntnsfd, -1, usernsfd, rootfd);
++- if (r < 0)
++- _exit(EXIT_FAILURE);
++-
++ master = posix_openpt(flags|O_NOCTTY|O_CLOEXEC);
++ if (master < 0)
++ _exit(EXIT_FAILURE);
++@@ -1121,7 +1118,7 @@ int openpt_in_namespace(pid_t pid, int flags) {
++
++ pair[1] = safe_close(pair[1]);
++
++- r = wait_for_terminate_and_check("(sd-openpt)", child, 0);
+++ r = wait_for_terminate_and_check("(sd-openptns)", child, 0);
++ if (r < 0)
++ return r;
++ if (r != EXIT_SUCCESS)
++@@ -1143,7 +1140,8 @@ int open_terminal_in_namespace(pid_t pid, const char *name, int mode) {
++ if (socketpair(AF_UNIX, SOCK_DGRAM, 0, pair) < 0)
++ return -errno;
++
++- r = safe_fork("(sd-terminal)", FORK_RESET_SIGNALS|FORK_DEATHSIG, &child);
+++ r = namespace_fork("(sd-terminalns)", "(sd-terminal)", NULL, 0, FORK_RESET_SIGNALS|FORK_DEATHSIG,
+++ pidnsfd, mntnsfd, -1, usernsfd, rootfd, &child);
++ if (r < 0)
++ return r;
++ if (r == 0) {
++@@ -1151,10 +1149,6 @@ int open_terminal_in_namespace(pid_t pid, const char *name, int mode) {
++
++ pair[0] = safe_close(pair[0]);
++
++- r = namespace_enter(pidnsfd, mntnsfd, -1, usernsfd, rootfd);
++- if (r < 0)
++- _exit(EXIT_FAILURE);
++-
++ master = open_terminal(name, mode|O_NOCTTY|O_CLOEXEC);
++ if (master < 0)
++ _exit(EXIT_FAILURE);
++@@ -1167,7 +1161,7 @@ int open_terminal_in_namespace(pid_t pid, const char *name, int mode) {
++
++ pair[1] = safe_close(pair[1]);
++
++- r = wait_for_terminate_and_check("(sd-terminal)", child, 0);
+++ r = wait_for_terminate_and_check("(sd-terminalns)", child, 0);
++ if (r < 0)
++ return r;
++ if (r != EXIT_SUCCESS)
++diff --git a/src/machine/machine-dbus.c b/src/machine/machine-dbus.c
++index 9035e50..74f96e4 100644
++--- a/src/machine/machine-dbus.c
+++++ b/src/machine/machine-dbus.c
++@@ -207,7 +207,8 @@ int bus_machine_method_get_addresses(sd_bus_message *message, void *userdata, sd
++ if (socketpair(AF_UNIX, SOCK_SEQPACKET, 0, pair) < 0)
++ return -errno;
++
++- r = safe_fork("(sd-addr)", FORK_RESET_SIGNALS|FORK_DEATHSIG, &child);
+++ r = namespace_fork("(sd-addrns)", "(sd-addr)", NULL, 0, FORK_RESET_SIGNALS|FORK_DEATHSIG,
+++ -1, -1, netns_fd, -1, -1, &child);
++ if (r < 0)
++ return sd_bus_error_set_errnof(error, r, "Failed to fork(): %m");
++ if (r == 0) {
++@@ -217,10 +218,6 @@ int bus_machine_method_get_addresses(sd_bus_message *message, void *userdata, sd
++
++ pair[0] = safe_close(pair[0]);
++
++- r = namespace_enter(-1, -1, netns_fd, -1, -1);
++- if (r < 0)
++- _exit(EXIT_FAILURE);
++-
++ n = local_addresses(NULL, 0, AF_UNSPEC, &addresses);
++ if (n < 0)
++ _exit(EXIT_FAILURE);
++@@ -294,7 +291,7 @@ int bus_machine_method_get_addresses(sd_bus_message *message, void *userdata, sd
++ return r;
++ }
++
++- r = wait_for_terminate_and_check("(sd-addr)", child, 0);
+++ r = wait_for_terminate_and_check("(sd-addrns)", child, 0);
++ if (r < 0)
++ return sd_bus_error_set_errnof(error, r, "Failed to wait for child: %m");
++ if (r != EXIT_SUCCESS)
++@@ -1239,7 +1236,8 @@ int bus_machine_method_open_root_directory(sd_bus_message *message, void *userda
++ if (socketpair(AF_UNIX, SOCK_DGRAM, 0, pair) < 0)
++ return -errno;
++
++- r = safe_fork("(sd-openroot)", FORK_RESET_SIGNALS|FORK_DEATHSIG, &child);
+++ r = namespace_fork("(sd-openrootns)", "(sd-openroot)", NULL, 0, FORK_RESET_SIGNALS|FORK_DEATHSIG,
+++ -1, mntns_fd, -1, -1, root_fd, &child);
++ if (r < 0)
++ return sd_bus_error_set_errnof(error, r, "Failed to fork(): %m");
++ if (r == 0) {
++@@ -1247,10 +1245,6 @@ int bus_machine_method_open_root_directory(sd_bus_message *message, void *userda
++
++ pair[0] = safe_close(pair[0]);
++
++- r = namespace_enter(-1, mntns_fd, -1, -1, root_fd);
++- if (r < 0)
++- _exit(EXIT_FAILURE);
++-
++ dfd = open("/", O_RDONLY|O_CLOEXEC|O_DIRECTORY);
++ if (dfd < 0)
++ _exit(EXIT_FAILURE);
++@@ -1265,7 +1259,7 @@ int bus_machine_method_open_root_directory(sd_bus_message *message, void *userda
++
++ pair[1] = safe_close(pair[1]);
++
++- r = wait_for_terminate_and_check("(sd-openroot)", child, 0);
+++ r = wait_for_terminate_and_check("(sd-openrootns)", child, 0);
++ if (r < 0)
++ return sd_bus_error_set_errnof(error, r, "Failed to wait for child: %m");
++ if (r != EXIT_SUCCESS)
++diff --git a/src/shared/logs-show.c b/src/shared/logs-show.c
++index 33afbe2..ffde7d3 100644
++--- a/src/shared/logs-show.c
+++++ b/src/shared/logs-show.c
++@@ -1321,7 +1321,8 @@ static int get_boot_id_for_machine(const char *machine, sd_id128_t *boot_id) {
++ if (socketpair(AF_UNIX, SOCK_DGRAM, 0, pair) < 0)
++ return -errno;
++
++- r = safe_fork("(sd-bootid)", FORK_RESET_SIGNALS|FORK_DEATHSIG, &child);
+++ r = namespace_fork("(sd-bootidns)", "(sd-bootid)", NULL, 0, FORK_RESET_SIGNALS|FORK_DEATHSIG,
+++ pidnsfd, mntnsfd, -1, -1, rootfd, &child);
++ if (r < 0)
++ return r;
++ if (r == 0) {
++@@ -1329,10 +1330,6 @@ static int get_boot_id_for_machine(const char *machine, sd_id128_t *boot_id) {
++
++ pair[0] = safe_close(pair[0]);
++
++- r = namespace_enter(pidnsfd, mntnsfd, -1, -1, rootfd);
++- if (r < 0)
++- _exit(EXIT_FAILURE);
++-
++ fd = open("/proc/sys/kernel/random/boot_id", O_RDONLY|O_CLOEXEC|O_NOCTTY);
++ if (fd < 0)
++ _exit(EXIT_FAILURE);
++@@ -1351,7 +1348,7 @@ static int get_boot_id_for_machine(const char *machine, sd_id128_t *boot_id) {
++
++ pair[1] = safe_close(pair[1]);
++
++- r = wait_for_terminate_and_check("(sd-bootid)", child, 0);
+++ r = wait_for_terminate_and_check("(sd-bootidns)", child, 0);
++ if (r < 0)
++ return r;
++ if (r != EXIT_SUCCESS)
--- /dev/null
--- /dev/null
++From: Alan Jenkins <alan.christopher.jenkins@gmail.com>
++Date: Mon, 3 Sep 2018 11:10:24 +0100
++Subject: user-runtime-dir: fix selinux regression
++
++Fix #9993. When this code was split out to user-runtime-dir, it forgot to
++include the call to mac_selinux_init(). So mkdir_label() stopped working.
++
++Fixes: a9f0f5e50104 ("logind: split %t directory creation to a helper
++unit")
++
++(cherry picked from commit 81375d802672f34205bef9f301c58854af5fc568)
++---
++ src/login/user-runtime-dir.c | 7 +++++++
++ 1 file changed, 7 insertions(+)
++
++diff --git a/src/login/user-runtime-dir.c b/src/login/user-runtime-dir.c
++index 1bb26c9..790de0e 100644
++--- a/src/login/user-runtime-dir.c
+++++ b/src/login/user-runtime-dir.c
++@@ -10,6 +10,7 @@
++ #include "mount-util.h"
++ #include "path-util.h"
++ #include "rm-rf.h"
+++#include "selinux-util.h"
++ #include "smack-util.h"
++ #include "stdio-util.h"
++ #include "string-util.h"
++@@ -144,6 +145,12 @@ int main(int argc, char *argv[]) {
++ return EXIT_FAILURE;
++ }
++
+++ r = mac_selinux_init();
+++ if (r < 0) {
+++ log_error_errno(r, "Could not initialize labelling: %m\n");
+++ return EXIT_FAILURE;
+++ }
+++
++ umask(0022);
++
++ user = argv[2];
--- /dev/null
--- /dev/null
++#! /usr/bin/make -f
++
++#export DH_VERBOSE = 1
++#export DEB_BUILD_OPTIONS = nostrip
++
++export LC_ALL = C.UTF-8
++
++include /usr/share/dpkg/default.mk
++
++ifeq ($(DEB_VENDOR),Ubuntu)
++ DEFAULT_NTP_SERVERS = ntp.ubuntu.com
++ SUPPORT_URL = http://www.ubuntu.com/support
++ CONFFLAGS_DISTRO = -Ddns-servers=''
++else
++ DEFAULT_NTP_SERVERS = 0.debian.pool.ntp.org 1.debian.pool.ntp.org 2.debian.pool.ntp.org 3.debian.pool.ntp.org
++ SUPPORT_URL = https://www.debian.org/support
++ CONFFLAGS_DISTRO =
++endif
++
++ifneq (, $(filter $(DEB_BUILD_ARCH), riscv64))
++ TEST_TIMEOUT_MULTIPLIER = "-t 10"
++endif
++
++# fail on missing files and symbols changes on distro builds, but not if we
++# build/test upstream master
++ifeq ($(TEST_UPSTREAM),)
++ DH_MISSING = --fail-missing
++ GENSYMBOLS_LEVEL = 4
++else
++ DH_MISSING = --list-missing
++ GENSYMBOLS_LEVEL = 1
++endif
++
++ifneq (, $(filter noudeb, $(DEB_BUILD_OPTIONS)))
++export DEB_BUILD_PROFILES += noudeb
++endif
++
++CONFFLAGS = \
++ -Db_lto=true \
++ -Drootlibdir=/lib/$(DEB_HOST_MULTIARCH) \
++ -Dsplit-usr=true \
++ -Dquotaon-path=/sbin/quotaon \
++ -Dquotacheck-path=/sbin/quotacheck \
++ -Dkmod-path=/bin/kmod \
++ -Dkexec-path=/sbin/kexec \
++ -Dsulogin-path=/sbin/sulogin \
++ -Dmount-path=/bin/mount \
++ -Dumount-path=/bin/umount \
++ -Dloadkeys-path=/bin/loadkeys \
++ -Dsetfont-path=/bin/setfont \
++ -Dtelinit-path=/lib/sysvinit/telinit \
++ -Dsysvinit-path=/etc/init.d \
++ -Dsysvrcnd-path=/etc \
++ -Ddebug-shell=/bin/bash \
++ -Dzshcompletiondir=/usr/share/zsh/vendor-completions \
++ -Ddbuspolicydir=/usr/share/dbus-1/system.d/ \
++ -Dsupport-url=$(SUPPORT_URL) \
++ -Ddefault-kill-user-processes=false \
++ -Dpamconfdir=no \
++ -Drpmmacrosdir=no \
++ -Dqrencode=false \
++ -Dvconsole=false \
++ -Dfirstboot=false \
++ -Dxkbcommon=false \
++ -Dportabled=false \
++ -Dwheel-group=false \
++ -Dntp-servers="$(DEFAULT_NTP_SERVERS)" \
++ -Dlink-udev-shared=false \
++ -Dsystem-uid-max=999 \
++ -Dsystem-gid-max=999 \
++ -Dnobody-user=nobody \
++ -Dnobody-group=nogroup \
++ -Ddev-kvm-mode=0660
++
++# resolved's DNSSEC support is still not mature enough, don't enable it by
++# default on stable Debian or any Ubuntu releases
++CONFFLAGS += $(shell grep -qE 'stretch|ubuntu' /etc/os-release && echo -Ddefault-dnssec=no)
++
++CONFFLAGS_deb = \
++ -Dselinux=true \
++ -Dhwdb=true \
++ -Dsysusers=true \
++ -Dinstall-tests=true \
++ -Defi=true \
++ -Dnss-systemd=true \
++ -Dresolve=true \
++ -Dlink-systemctl-shared=false
++
++ifeq (, $(filter stage1, $(DEB_BUILD_PROFILES)))
++CONFFLAGS_deb += \
++ -Daudit=true \
++ -Dlibcryptsetup=true \
++ -Dcoredump=true \
++ -Delfutils=true \
++ -Dapparmor=true \
++ -Dlibidn=true \
++ -Dlibiptc=true \
++ -Dlibcurl=true \
++ -Dimportd=true \
++ -Dmicrohttpd=true \
++ -Dgnutls=true
++else
++CONFFLAGS_deb += \
++ -Daudit=false \
++ -Dlibcryptsetup=false \
++ -Dcoredump=false \
++ -Delfutils=false \
++ -Dapparmor=false \
++ -Dlibidn=false \
++ -Dlibiptc=false \
++ -Dlibcurl=false \
++ -Dimportd=false \
++ -Dmicrohttpd=false \
++ -Dgnutls=false
++endif
++
++CONFFLAGS_udeb = \
++ -Dlibcryptsetup=false \
++ -Dcoredump=false \
++ -Delfutils=false \
++ -Dpam=false \
++ -Daudit=false \
++ -Dselinux=false\
++ -Dapparmor=false \
++ -Dlibidn=false \
++ -Dlibiptc=false \
++ -Dsmack=false \
++ -Dima=false \
++ -Dbinfmt=false \
++ -Dquotacheck=false \
++ -Dtmpfiles=false \
++ -Drandomseed=false \
++ -Dbacklight=false \
++ -Dlogind=false \
++ -Dmachined=false \
++ -Dlibcurl=false \
++ -Dimportd=false \
++ -Dmicrohttpd=false \
++ -Dgnutls=false \
++ -Dhostnamed=false \
++ -Dtimedated=false \
++ -Dnetworkd=false \
++ -Dtimesyncd=false \
++ -Dlocaled=false \
++ -Dmyhostname=false \
++ -Dnss-systemd=false \
++ -Dresolve=false \
++ -Dpolkit=false \
++ -Dacl=false \
++ -Dgcrypt=false \
++ -Drfkill=false \
++ -Dhwdb=false \
++ -Dman=false \
++ -Defi=false \
++ -Dseccomp=false \
++ -Dsysusers=false
++
++override_dh_auto_configure:
++ dh_auto_configure --builddirectory=build-deb \
++ -- $(CONFFLAGS) $(CONFFLAGS_DISTRO) $(CONFFLAGS_deb)
++ifeq (, $(filter noudeb, $(DEB_BUILD_PROFILES)))
++ dh_auto_configure --builddirectory=build-udeb \
++ -- $(CONFFLAGS) $(CONFFLAGS_DISTRO) $(CONFFLAGS_udeb)
++endif
++
++override_dh_auto_build:
++ dh_auto_build --builddirectory=build-deb
++ifeq (, $(filter noudeb, $(DEB_BUILD_PROFILES)))
++ dh_auto_build --builddirectory=build-udeb
++endif
++ # generate POT file for translators
++ ninja -C build-deb/ systemd-pot
++
++override_dh_auto_install:
++ dh_auto_install --builddirectory=build-deb \
++ --destdir=debian/install/deb
++ifeq (, $(filter noudeb, $(DEB_BUILD_PROFILES)))
++ dh_auto_install --builddirectory=build-udeb \
++ --destdir=debian/install/udeb
++endif
++ # fix paths in manpages; manually check the remaining /usr occurrences
++ # occasionally, with filtering out paths which are known to be in /usr:
++ # grep -r /usr debian/install/deb/usr/share/man/|egrep -v '/usr/local|os.*release|factory|zoneinfo|tmpfiles|kernel|foo|machines|sysctl|dbus|include|binfmt'
++ find debian/install/deb/usr/share/man/ -type f | xargs sed -ri 's_/usr(/lib/systemd/system|/lib/systemd/network|/lib/udev|/lib[^/]|/lib/[^a-z])_\1_g'
++
++override_dh_auto_clean:
++ifneq (, $(TEST_UPSTREAM))
++ debian/extra/checkout-upstream
++endif
++ dh_auto_clean --builddirectory=build-deb
++ifeq (, $(filter noudeb, $(DEB_BUILD_PROFILES)))
++ dh_auto_clean --builddirectory=build-udeb
++endif
++ rm -rf debian/install/ debian/shlibs.local
++ # remove Python byte code files
++ rm -rf tools/__pycache__/
++ rm -f po/systemd.pot
++
++override_dh_install:
++ # remove unnecessary / unused files
++ rm -f debian/install/*/usr/share/doc/systemd/LICENSE.*
++ rm -f debian/install/*/var/log/README
++ rm -f debian/install/*/etc/init.d/README
++ rm -f debian/install/*/usr/lib/sysctl.d/50-default.conf
++ rm -f debian/install/*/etc/X11/xinit/xinitrc.d/50-systemd-user.sh
++ rmdir -p --ignore-fail-on-non-empty debian/install/*/etc/X11/xinit/xinitrc.d/
++ rm -f debian/install/*/lib/systemd/system/halt-local.service
++ # remove files related to factory-reset feature
++ find debian/install/ \( -name 'systemd-update-done*' -o \
++ -name systemd-journal-catalog-update.service -o \
++ -name systemd-udev-hwdb-update.service -o \
++ -name ldconfig.service -o \
++ -name etc.conf \) -delete
++ rm -rf debian/install/*/usr/share/factory/
++ # remove symlinks enabling default-on services
++ rm -rf debian/install/*/etc/systemd/system/*.target.wants/
++ # remove aliases
++ find debian/install/*/etc/systemd/system/ -type l -delete
++ # replace upstream sysusers.d/basic.conf with proper users for Debian
++ debian/extra/make-sysusers-basic > debian/install/deb/usr/lib/sysusers.d/basic.conf
++ # remove resolvconf compat symlink
++ rm -f debian/install/*/sbin/resolvconf
++ifeq (, $(filter noudeb, $(DEB_BUILD_PROFILES)))
++ dh_install -pudev-udeb -plibudev1-udeb --sourcedir=debian/install/udeb
++endif
++
++ dh_install --remaining-packages --sourcedir=debian/install/deb
++
++ # we don't want /tmp to be a tmpfs by default
++ mv debian/systemd/lib/systemd/system/tmp.mount debian/systemd/usr/share/systemd/
++ printf '\n[Install]\nWantedBy=local-fs.target\n' >> debian/systemd/usr/share/systemd/tmp.mount
++ rm debian/systemd/lib/systemd/system/local-fs.target.wants/tmp.mount
++
++ # files shipped by cryptsetup
++ifeq (, $(filter stage1, $(DEB_BUILD_PROFILES)))
++ rm debian/systemd/usr/share/man/man5/crypttab.5
++endif
++
++ # files shipped by systemd
++ rm debian/udev/lib/udev/rules.d/70-uaccess.rules
++ rm debian/udev/lib/udev/rules.d/73-seat-late.rules
++ rm debian/udev/lib/udev/rules.d/71-seat.rules
++ rm debian/udev/lib/udev/rules.d/99-systemd.rules
++
++ # remove duplicate files shipped by systemd-*/udev
++ echo "Removing duplicate files in systemd package:"
++ set -e; for pkg in $(shell dh_listpackages -Nudev-udeb -Nlibudev1-udeb -Nsystemd); do \
++ echo "... from $$pkg..."; \
++ (cd debian/$$pkg; find -type f -o -type l) | (cd debian/systemd; xargs rm -f --verbose); \
++ (cd debian/$$pkg; find -mindepth 1 -type d) | (cd debian/systemd; xargs rmdir --ignore-fail-on-non-empty --verbose || true); \
++ done
++
++ # Ubuntu specific files
++ifeq ($(DEB_VENDOR),Ubuntu)
++ install -D --mode=644 debian/extra/udev.py debian/udev/usr/share/apport/package-hooks/udev.py
++ install -D --mode=644 debian/extra/systemd.py debian/systemd/usr/share/apport/package-hooks/systemd.py
++ install --mode=644 debian/extra/rules-ubuntu/*.rules debian/udev/lib/udev/rules.d/
++ cp -a debian/extra/units-ubuntu/* debian/systemd/lib/systemd/system/
++ install --mode=755 debian/extra/set-cpufreq debian/systemd/lib/systemd/
++endif
++
++override_dh_missing:
++ dh_missing --sourcedir debian/install/deb $(DH_MISSING)
++
++override_dh_installinit:
++ dh_installinit --no-start
++
++PROJECT_VERSION ?= $(shell awk '/PACKAGE_VERSION/ {print $$3}' build-deb/config.h | tr -d \")
++
++# The SysV compat tools (which are symlinks to systemctl) are
++# quasi-essential, so add their dependencies to Pre-Depends
++# https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=753589
++override_dh_shlibdeps:
++ dh_shlibdeps -psystemd -- -dPre-Depends \
++ -edebian/systemd/bin/systemctl \
++ -dDepends
++ dh_shlibdeps --remaining-packages -Lsystemd
++
++override_dh_makeshlibs:
++ sed 's/SHARED_LIB_VERSION/$(PROJECT_VERSION)/' debian/shlibs.local.in > debian/shlibs.local
++ dh_makeshlibs -plibudev1 --add-udeb=libudev1-udeb -- -c$(GENSYMBOLS_LEVEL)
++ dh_makeshlibs -psystemd -Xlibsystemd-shared -- -c$(GENSYMBOLS_LEVEL)
++ dh_makeshlibs --remaining-packages -- -c$(GENSYMBOLS_LEVEL)
++
++override_dh_auto_test:
++ifeq (, $(filter nocheck, $(DEB_BUILD_OPTIONS)))
++ echo "01234567890123456789012345678901" > build-deb/machine-id
++ # some tests hang under fakeroot, so disable fakeroot
++ env -u LD_PRELOAD SYSTEMD_MACHINE_ID_PATH=$(CURDIR)/build-deb/machine-id meson test -C build-deb $(TEST_TIMEOUT_MULTIPLIER) || ( \
++ cat build-deb/meson-logs/testlog.txt; \
++ exit 1)
++endif
++
++%:
++ dh $@ --without autoreconf,systemd --buildsystem=meson
--- /dev/null
--- /dev/null
++udeb: libudev 1 libudev1-udeb
++libsystemd 0 libsystemd0 (= ${binary:Version})
++libsystemd-shared SHARED_LIB_VERSION systemd (= ${binary:Version})
--- /dev/null
--- /dev/null
++3.0 (quilt)
--- /dev/null
--- /dev/null
++bin/machinectl
++lib/systemd/import-pubring.gpg
++lib/systemd/systemd-machined
++lib/systemd/systemd-export
++lib/systemd/systemd-import*
++lib/systemd/systemd-pull
++lib/systemd/system/systemd-nspawn@.service
++lib/systemd/system/systemd-importd.service
++lib/systemd/system/systemd-machined.service
++lib/systemd/system/var-lib-machines.mount
++lib/systemd/system/machines.target
++lib/systemd/system/*.target.wants/var-lib-machines.mount
++lib/systemd/system/dbus-org.freedesktop.import1.service
++lib/systemd/system/dbus-org.freedesktop.machine1.service
++usr/bin/systemd-nspawn
++usr/lib/tmpfiles.d/systemd-nspawn.conf
++usr/share/dbus-1/system.d/org.freedesktop.import1.conf
++usr/share/dbus-1/system.d/org.freedesktop.machine1.conf
++usr/share/dbus-1/system-services/org.freedesktop.import1.service
++usr/share/dbus-1/system-services/org.freedesktop.machine1.service
++usr/share/man/man*/*nspawn*
++usr/share/man/man*/machinectl*
++usr/share/man/man*/systemd-machined*
++usr/share/polkit-1/actions/org.freedesktop.import1.policy
++usr/share/polkit-1/actions/org.freedesktop.machine1.policy
++usr/share/zsh/vendor-completions/_systemd-nspawn
++usr/share/zsh/vendor-completions/_sd_machines
++usr/share/zsh/vendor-completions/_machinectl
++usr/share/bash-completion/completions/machinectl
++usr/share/bash-completion/completions/systemd-nspawn
--- /dev/null
--- /dev/null
++rm_conffile /etc/dbus-1/system.d/org.freedesktop.import1.conf 233-3~
++rm_conffile /etc/dbus-1/system.d/org.freedesktop.machine1.conf 233-3~
--- /dev/null
--- /dev/null
++#!/bin/sh
++
++set -e
++
++# Enable machines.target by default on new installs and upgrades
++if dpkg --compare-versions "$2" lt "232-4~"; then
++ systemctl enable machines.target || true
++fi
++
++#DEBHELPER#
--- /dev/null
--- /dev/null
++#!/bin/sh
++
++set -e
++
++case "$1" in
++ purge)
++ # clean up after manually enabled units in postinst
++ rm -f /etc/systemd/system/multi-user.target.wants/machines.target
++ ;;
++esac
++
++#DEBHELPER#
--- /dev/null
--- /dev/null
++usr/bin/coredumpctl
++lib/systemd/systemd-coredump
++lib/systemd/system/systemd-coredump*
++lib/systemd/system/*/systemd-coredump*
++usr/share/man/man1/coredumpctl*
++usr/share/man/man5/coredump.conf*
++usr/share/man/man8/systemd-coredump*
++usr/share/bash-completion/completions/coredumpctl
++usr/share/zsh/vendor-completions/_coredumpctl
++usr/lib/sysctl.d/50-coredump.conf
++etc/systemd/coredump.conf
--- /dev/null
--- /dev/null
++#!/bin/sh
++set -e
++
++if [ "$1" = configure ]; then
++ adduser --quiet --system --group --no-create-home --home /run/systemd \
++ --gecos "systemd core dump processing" systemd-coredump
++
++ # enable systemd-coredump right after package installation
++ if [ -d /run/systemd/system ]; then
++ systemctl daemon-reload && systemctl start systemd-coredump.socket || true
++ fi
++ /lib/systemd/systemd-sysctl /usr/lib/sysctl.d/50-coredump.conf || true
++fi
++
++#DEBHELPER#
--- /dev/null
--- /dev/null
++#!/bin/sh
++set -e
++
++if [ "$1" = remove ]; then
++ # disable systemd-coredump on removal
++ if [ -w /proc/sys/kernel/core_pattern ] && grep -q '^|.*systemd-coredump' /proc/sys/kernel/core_pattern; then
++ echo core > /proc/sys/kernel/core_pattern
++ fi
++ if [ -d /run/systemd/system ]; then
++ systemctl stop systemd-coredump.socket || true
++ fi
++fi
++
++#DEBHELPER#
--- /dev/null
--- /dev/null
++# systemd-journal-upload
++etc/systemd/journal-upload.conf
++lib/systemd/systemd-journal-upload
++lib/systemd/system/systemd-journal-upload.service
++usr/share/man/man5/journal-upload.conf.d.5
++usr/share/man/man5/journal-upload.conf.5
++usr/share/man/man8/systemd-journal-upload.8
++usr/share/man/man8/systemd-journal-upload.service.8
++
++# systemd-journal-remote
++etc/systemd/journal-remote.conf
++lib/systemd/systemd-journal-remote
++lib/systemd/system/systemd-journal-remote.service
++lib/systemd/system/systemd-journal-remote.socket
++usr/lib/sysusers.d/systemd-remote.conf
++usr/share/man/man5/journal-remote.conf.d.5
++usr/share/man/man5/journal-remote.conf.5
++usr/share/man/man8/systemd-journal-remote.service.8
++usr/share/man/man8/systemd-journal-remote.socket.8
++usr/share/man/man8/systemd-journal-remote.8
++
++# systemd-journal-gatewayd
++lib/systemd/systemd-journal-gatewayd
++lib/systemd/system/systemd-journal-gatewayd.service
++lib/systemd/system/systemd-journal-gatewayd.socket
++usr/share/systemd/gatewayd/
++usr/share/man/man8/systemd-journal-gatewayd.service.8
++usr/share/man/man8/systemd-journal-gatewayd.socket.8
++usr/share/man/man8/systemd-journal-gatewayd.8
--- /dev/null
--- /dev/null
++#!/bin/sh
++
++set -e
++
++adduser --quiet --system \
++ --home /run/systemd --no-create-home \
++ --gecos "systemd Journal Remote" \
++ --group systemd-journal-remote
++
++#DEBHELPER#
--- /dev/null
--- /dev/null
++usr/share/man/man1/init.1
++usr/share/man/man8/telinit.8
++usr/share/man/man8/runlevel.8
++usr/share/man/man8/shutdown.8
++usr/share/man/man8/poweroff.8
++usr/share/man/man8/reboot.8
++usr/share/man/man8/halt.8
++sbin/init
++sbin/telinit
++sbin/runlevel
++sbin/shutdown
++sbin/poweroff
++sbin/reboot
++sbin/halt
--- /dev/null
--- /dev/null
++#!/bin/sh
++set -e
++
++# update grub on first install, so that the alternative init system boot
++# entries get updated
++if [ "$1" = configure ] && [ -z "$2" ] && [ -e /boot/grub/grub.cfg ] && which update-grub >/dev/null 2>&1; then
++ update-grub || true
++fi
++
++#DEBHELPER#
--- /dev/null
--- /dev/null
++usr/lib/systemd/tests
--- /dev/null
--- /dev/null
++# test programs only, need to link against internal library
++systemd-tests: binary-or-shlib-defines-rpath usr/lib/systemd/tests/*
--- /dev/null
--- /dev/null
++systemd (236-1) unstable; urgency=medium
++
++ DynamicUser=yes has been enabled for systemd-journal-upload.service and
++ systemd-journal-gatewayd.service.
++ This means we no longer need to statically allocate a systemd-journal-upload
++ and systemd-journal-gateway user and you can now safely remove those system
++ users along with their associated groups.
++
++ -- Michael Biebl <biebl@debian.org> Sun, 17 Dec 2017 21:17:32 +0100
++
++systemd (231-1) unstable; urgency=low
++
++ This version drops support for running /etc/rcS.d SysV init scripts.
++ These are prone to cause dependency loops, and almost all Debian packages
++ with rcS scripts now ship a native systemd service. If you have custom or
++ third-party rcS scripts you need to convert them or change them to run
++ in rc2.d/ - rc5.d/; see this page for details:
++ <https://wiki.debian.org/Teams/pkg-systemd/rcSMigration>.
++
++ -- Martin Pitt <mpitt@debian.org> Thu, 14 Jul 2016 12:54:34 +0200
++
++systemd (224-2) unstable; urgency=medium
++
++ This version splits out systemd-nspawn, systemd-machined, and machinectl
++ into the new "systemd-container" package. That now also enables
++ systemd-importd.
++
++ -- Martin Pitt <mpitt@debian.org> Sat, 22 Aug 2015 15:58:43 +0200
--- /dev/null
--- /dev/null
++package-status: udev dracut initramfs-tools
--- /dev/null
--- /dev/null
++#!/bin/bash
++
++cat <<EOF
++
++Providing additional information can help diagnose problems with systemd.
++Specifically, this would include:
++- fstab configuration (copy of /etc/fstab).
++- local modifications of unit files (output of systemd-delta).
++- state of running services and units (output of systemd-analyze dump).
++- enabled/disabled state of installed services.
++If this information is not relevant for your bug report or you have privacy
++concerns, please choose no.
++
++EOF
++
++yesno "Do you want to provide additional information [Y|n]? " yep
++[ "$REPLY" = yep ] || exit 0
++
++# We don’t clean up this directory because there is no way to know when
++# reportbug finished running, and reportbug needs the files around.
++# Given that those are just a couple of kilobytes in size and people
++# generally don’t file a lot of bugs, I don’t think it’s a big deal.
++DIR=$(mktemp -d)
++
++echo "-- BEGIN ATTACHMENTS --" >&3
++
++# remove highlighting escape codes from systemd-delta output
++systemd-delta --no-pager 2>&1 |sed "s%\x1b[^m]*m%%g" >$DIR/systemd-delta.txt
++echo "$DIR/systemd-delta.txt" >&3
++
++if [ -d /run/systemd/system ]; then
++ systemd-analyze --no-pager dump >$DIR/systemd-analyze-dump.txt 2>&1
++ echo "$DIR/systemd-analyze-dump.txt" >&3
++fi
++
++if [ -d /var/lib/systemd/deb-systemd-helper-enabled ]; then
++ head -n100 $(find /var/lib/systemd/deb-systemd-helper-enabled -type f | tr '\n' ' ') >$DIR/dsh-enabled.txt
++ echo "$DIR/dsh-enabled.txt" >&3
++fi
++
++echo "/etc/fstab" >&3
++
++echo "-- END ATTACHMENTS --" >&3
--- /dev/null
--- /dev/null
++var/lib/systemd
--- /dev/null
--- /dev/null
++etc/
++bin/systemctl
++bin/journalctl
++bin/loginctl
++bin/machinectl
++bin/networkctl
++bin/systemd-notify
++bin/systemd-tty-ask-password-agent
++bin/systemd-ask-password
++bin/systemd-machine-id-setup
++bin/systemd-tmpfiles
++bin/systemd-inhibit
++bin/systemd-escape
++bin/systemd-sysusers
++lib/modprobe.d/
++lib/systemd/
++lib/udev/rules.d/70-uaccess.rules
++lib/udev/rules.d/73-seat-late.rules
++lib/udev/rules.d/71-seat.rules
++lib/udev/rules.d/99-systemd.rules
++usr/bin/systemd-cgls
++usr/bin/systemd-cgtop
++usr/bin/systemd-nspawn
++usr/bin/systemd-stdio-bridge
++usr/bin/systemd-analyze
++usr/bin/systemd-cat
++usr/bin/systemd-detect-virt
++usr/bin/systemd-delta
++usr/bin/systemd-run
++usr/bin/systemd-path
++usr/bin/systemd-socket-activate
++usr/bin/systemd-mount
++usr/bin/systemd-umount
++usr/bin/kernel-install
++usr/bin/bootctl
++usr/bin/busctl
++usr/bin/timedatectl
++usr/bin/localectl
++usr/bin/hostnamectl
++usr/bin/resolvectl
++usr/bin/systemd-resolve
++usr/share/man/man1/
++usr/share/man/man5/
++usr/share/man/man7/
++usr/share/man/man8/
++usr/share/bash-completion/
++usr/share/zsh/vendor-completions/
++usr/share/dbus-1/
++usr/share/doc/
++usr/share/pkgconfig/systemd.pc
++usr/share/polkit-1/
++usr/share/systemd/kbd-model-map
++usr/share/systemd/language-fallback-map
++usr/lib/binfmt.d/
++usr/lib/environment.d/
++usr/lib/modules-load.d/
++usr/lib/sysctl.d/
++usr/lib/sysusers.d/basic.conf
++usr/lib/sysusers.d/systemd.conf
++usr/lib/systemd/
++usr/lib/tmpfiles.d/
++usr/lib/kernel
++usr/share/locale/
++var/lib
++../../extra/init-functions.d lib/lsb/
++../../extra/tmpfiles.d/*.conf usr/lib/tmpfiles.d/
++../../extra/systemd-sysv-install lib/systemd/
++../../extra/units/* lib/systemd/system/
++../../extra/dhclient-exit-hooks.d/ etc/dhcp/
++../../extra/kernel-install.d/* usr/lib/kernel/install.d
++../../extra/pam.d etc/
--- /dev/null
--- /dev/null
++# These are all services which have native implementations
++# So we mask them by linking against /dev/null or create an alias
++/lib/systemd/system/systemd-random-seed.service /lib/systemd/system/urandom.service
++/lib/systemd/system/systemd-sysctl.service /lib/systemd/system/procps.service
++
++/lib/systemd/system/rc-local.service /lib/systemd/system/rc.local.service
++
++/lib/systemd/system/systemd-modules-load.service /lib/systemd/system/module-init-tools.service
++/lib/systemd/system/systemd-modules-load.service /lib/systemd/system/kmod.service
++/etc/modules /etc/modules-load.d/modules.conf
++
++# X server and ICE socket directories are created by /usr/lib/tmpfiles.d/x11.conf
++/dev/null /lib/systemd/system/x11-common.service
++
++# systemd sets the hostname internally during early boot
++/dev/null /lib/systemd/system/hostname.service
++
++# /run/nologin is handled by systemd-user-sessions.service
++/dev/null /lib/systemd/system/rmnologin.service
++/dev/null /lib/systemd/system/bootmisc.service
++
++# Although bootlogd is disabled by default (via /etc/default/bootlogd)
++# by masking them we avoid spawning a shell uselessly thrice during boot.
++# Besides, bootlogd doesn't look particularly useful in a systemd world.
++/dev/null /lib/systemd/system/bootlogd.service
++/dev/null /lib/systemd/system/stop-bootlogd-single.service
++/dev/null /lib/systemd/system/stop-bootlogd.service
++
++# systemd sets the hwclock internally
++# http://cgit.freedesktop.org/systemd/systemd/commit/?id=7948c4dfbea73ac21250b588089039aa17a90386
++/dev/null /lib/systemd/system/hwclock.service
++
++# We use native mount support so mask those services
++# TODO: check if any SysV init scripts depend on those facilities
++/dev/null /lib/systemd/system/mountkernfs.service
++/dev/null /lib/systemd/system/mountdevsubfs.service
++/dev/null /lib/systemd/system/mountall.service
++/dev/null /lib/systemd/system/mountall-bootclean.service
++/dev/null /lib/systemd/system/mountnfs.service
++/dev/null /lib/systemd/system/mountnfs-bootclean.service
++/dev/null /lib/systemd/system/umountfs.service
++/dev/null /lib/systemd/system/umountnfs.service
++/dev/null /lib/systemd/system/umountroot.service
++/dev/null /lib/systemd/system/checkfs.service
++/dev/null /lib/systemd/system/checkroot.service
++/dev/null /lib/systemd/system/checkroot-bootclean.service
++
++# We use the built-in cryptsetup support
++/dev/null /lib/systemd/system/cryptdisks.service
++/dev/null /lib/systemd/system/cryptdisks-early.service
++
++# Single user mode is implemented natively, don't use legacy SysV init scripts
++# to avoid spawning sulogin twice.
++/dev/null /lib/systemd/system/single.service
++/dev/null /lib/systemd/system/killprocs.service
++
++# Those services are useless under systemd. Mask them so they can't
++# be run manually by accident.
++/dev/null /lib/systemd/system/sendsigs.service
++/dev/null /lib/systemd/system/halt.service
++/dev/null /lib/systemd/system/reboot.service
++/dev/null /lib/systemd/system/rc.service
++/dev/null /lib/systemd/system/rcS.service
++
++# The motd SysV init script is no longer required to create the dynamic part of
++# /etc/motd to display the uname information as pam_exec is used for that now.
++# An explicit Breaks against older versions of login, which still use
++# /run/motd.dynamic, is not necessary, as pam_motd will silently ignore it if
++# that file is missing and simply display nothing.
++# https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=735521
++/dev/null /lib/systemd/system/motd.service
++
++# We have the journal to handle kernel messages from early boot
++/dev/null /lib/systemd/system/bootlogs.service
++
++# Enable Debian specific units
++/lib/systemd/system/getty-static.service /lib/systemd/system/getty.target.wants/getty-static.service
++
++# Compat symlink
++/lib/systemd/systemd /bin/systemd
++
++# Create a compat symlink as systemd-sysctl no longer reads /etc/sysctl.conf
++/etc/sysctl.conf /etc/sysctl.d/99-sysctl.conf
--- /dev/null
--- /dev/null
++systemd: maintainer-script-calls-systemctl
++systemd: possibly-insecure-handling-of-tmp-files-in-maintainer-script
--- /dev/null
--- /dev/null
++rm_conffile /etc/X11/xinit/xinitrc.d/50-systemd-user.sh 228-3~
++rm_conffile /etc/systemd/bootchart.conf 230-1~
++rm_conffile /etc/dbus-1/system.d/org.freedesktop.hostname1.conf 233-3~
++rm_conffile /etc/dbus-1/system.d/org.freedesktop.locale1.conf 233-3~
++rm_conffile /etc/dbus-1/system.d/org.freedesktop.login1.conf 233-3~
++rm_conffile /etc/dbus-1/system.d/org.freedesktop.machine1.conf 228-5~
++rm_conffile /etc/dbus-1/system.d/org.freedesktop.network1.conf 233-3~
++rm_conffile /etc/dbus-1/system.d/org.freedesktop.resolve1.conf 233-3~
++rm_conffile /etc/dbus-1/system.d/org.freedesktop.systemd1.conf 233-3~
++rm_conffile /etc/dbus-1/system.d/org.freedesktop.timedate1.conf 233-3~
--- /dev/null
--- /dev/null
++#! /bin/sh
++
++set -e
++
++_systemctl() {
++ if [ -d /run/systemd/system ]; then
++ systemctl "$@"
++ fi
++}
++
++_update_catalog() {
++ journalctl --update-catalog || true
++}
++
++# Update Message Catalogs database and reload in response to dpkg triggers
++if [ "$1" = "triggered" ]; then
++ shift
++ for trigger in "$@"; do
++ case $trigger in
++ /usr/lib/systemd/catalog)
++ _update_catalog
++ ;;
++ /etc/init.d)
++ _systemctl daemon-reload || true
++ ;;
++ esac
++ done
++ exit 0
++fi
++
++# Enable getty and remote-fs.target by default on new installs
++if [ -z "$2" ]; then
++ systemctl enable getty@tty1.service || true
++ systemctl enable remote-fs.target || true
++fi
++
++# Enable timesyncd by default on new installs installs and upgrades
++if dpkg --compare-versions "$2" lt "218-11~"; then
++ systemctl enable systemd-timesyncd.service || true
++fi
++
++# Enable ondemand by default on new installs installs and upgrades
++if [ -e /lib/systemd/system/ondemand.service ] && dpkg --compare-versions "$2" lt "231-7~"; then
++ systemctl enable ondemand.service || true
++fi
++
++# Do a one-time migration of the local time setting
++if [ -z "$2" ]; then
++ if [ -f /etc/default/rcS ]; then
++ . /etc/default/rcS
++ fi
++ if [ "$UTC" = "no" ] && [ ! -e /etc/adjtime ]; then
++ printf "0.0 0 0.0\n0\nLOCAL\n" > /etc/adjtime
++ fi
++fi
++
++# Do a one-time migration of the TMPTIME setting
++if [ -z "$2" ]; then
++ if [ -f /etc/default/rcS ]; then
++ . /etc/default/rcS
++ fi
++ if [ ! -e /etc/tmpfiles.d/tmp.conf ]; then
++ case "$TMPTIME" in
++ -*|infinite|infinity)
++ cat > /etc/tmpfiles.d/tmp.conf <<EOF
++# Avoid clearing /tmp by shipping an empty /etc/tmpfiles.d/tmp.conf file
++# which overrides /usr/lib/tmpfiles.d/tmp.conf.
++# This file was automatically created because of local modifications in
++# /etc/default/rcS where TMPTIME was set to infinite.
++EOF
++ ;;
++ esac
++ fi
++fi
++
++# Do a one-time migration of the RAMTMP setting
++if [ -z "$2" ]; then
++ if [ -f /etc/default/rcS ]; then
++ . /etc/default/rcS
++ fi
++ if [ -f /etc/default/tmpfs ]; then
++ . /etc/default/tmpfs
++ fi
++ if [ "$RAMTMP" = "yes" ]; then
++ # systemctl enable will work even when systemd is not the active PID 1.
++ if [ ! -e /etc/systemd/system/tmp.mount ]; then
++ cp /usr/share/systemd/tmp.mount /etc/systemd/system/tmp.mount
++ systemctl enable tmp.mount || true
++ fi
++ fi
++fi
++
++# Create /etc/machine-id
++systemd-machine-id-setup
++
++# Setup system users and groups
++addgroup --quiet --system systemd-journal
++
++# We need to stop running services before we call adduser
++RESTART=""
++if dpkg --compare-versions "$2" lt-nl "239-6"; then
++ for s in systemd-networkd systemd-timesyncd systemd-resolved ; do
++ if _systemctl -q is-active $s; then
++ _systemctl stop $s
++ RESTART="$s $RESTART"
++ fi
++ done
++fi
++
++adduser --quiet --system --group --no-create-home --home /run/systemd \
++ --gecos "systemd Time Synchronization" systemd-timesync
++adduser --quiet --system --group --no-create-home --home /run/systemd \
++ --gecos "systemd Network Management" systemd-network
++adduser --quiet --system --group --no-create-home --home /run/systemd \
++ --gecos "systemd Resolver" systemd-resolve
++
++# Initial update of the Message Catalogs database
++_update_catalog
++
++if [ -n "$2" ]; then
++ _systemctl daemon-reexec || true
++ # don't restart logind; this can be done again once this gets implemented:
++ # https://github.com/systemd/systemd/issues/1163
++ _systemctl try-restart systemd-networkd.service || true
++ _systemctl try-restart systemd-resolved.service || true
++ _systemctl try-restart systemd-timesyncd.service || true
++ _systemctl try-restart systemd-journald.service || true
++fi
++
++# Restart services which we stopped earlier
++# This needs to run after daemon-rexec
++if dpkg --compare-versions "$2" lt-nl "239-6"; then
++ for s in $RESTART ; do
++ _systemctl start $s
++ done
++fi
++
++# Cleanup hwclock-save.service, which was shipped in jessie.
++if dpkg --compare-versions "$2" lt-nl "228-5~"; then
++ for t in reboot halt poweroff ; do
++ rm -f /etc/systemd/system/${t}.target.wants/hwclock-save.service
++ rmdir --ignore-fail-on-non-empty /etc/systemd/system/${t}.target.wants 2> /dev/null || true
++ done
++fi
++
++if dpkg --compare-versions "$2" lt-nl "235-3~"; then
++ # systemd-bus-proxyd got dropped before stretch, and never created any file
++ deluser --system systemd-bus-proxy || true
++fi
++
++if dpkg --compare-versions "$2" lt-nl "236-1~"; then
++ # Clean up old /var/lib/systemd/clock on upgrade.
++ # The clock file used by systemd-timesyncd is now stored in
++ # StateDirectory=systemd/timesync.
++ rm -f /var/lib/systemd/clock
++fi
++
++if dpkg --compare-versions "$2" lt-nl "239-12~"; then
++ # clean up bogus "nobody" group from #912525; ensure that it's a system group
++ if getent group nobody >/dev/null; then
++ delgroup --system nobody || true
++ fi
++fi
++
++#DEBHELPER#
--- /dev/null
--- /dev/null
++#!/bin/sh
++
++set -e
++
++case "$1" in
++ purge)
++ # clean up after manually enabled units in postinst
++ rm -f /etc/systemd/system/getty.target.wants/getty@tty1.service
++ rm -f /etc/systemd/system/multi-user.target.wants/remote-fs.target
++ rm -f /etc/systemd/system/sysinit.target.wants/systemd-timesyncd.service
++ rm -f /etc/systemd/system/dbus-org.freedesktop.timesync1.service
++ rmdir --ignore-fail-on-non-empty /etc/systemd/system/getty.target.wants 2> /dev/null || true
++ rmdir --ignore-fail-on-non-empty /etc/systemd/system/multi-user.target.wants 2> /dev/null || true
++ rmdir --ignore-fail-on-non-empty /etc/systemd/system/sysinit.target.wants 2> /dev/null || true
++
++ rm -f /var/lib/systemd/catalog/database
++ rmdir --ignore-fail-on-non-empty /var/lib/systemd/catalog 2> /dev/null || true
++
++ rm -rf /var/lib/systemd/backlight/
++ rm -rf /var/lib/systemd/rfkill/
++
++ rm -f /var/lib/systemd/clock
++ rm -f /var/lib/systemd/random-seed
++ ;;
++esac
++
++#DEBHELPER#
--- /dev/null
--- /dev/null
++#! /bin/sh
++
++set -e
++
++#
++# Prevent systemd from being removed if it's the active init. That
++# will not work.
++#
++
++if [ "$1" = "remove" ] && [ -d /run/systemd/system ]; then
++ echo "systemd is the active init system, please switch to another before removing systemd."
++ exit 1
++fi
++
++#DEBHELPER#
--- /dev/null
--- /dev/null
++interest-noawait /usr/lib/systemd/catalog
++interest-noawait /etc/init.d
--- /dev/null
--- /dev/null
++# utility functions for shell tests
++
++assert_true() {
++ if ! $1; then
++ echo "FAIL: command '$1' failed with exit code $?" >&2
++ exit 1
++ fi
++}
++
++
++assert_eq() {
++ if [ "$1" != "$2" ]; then
++ echo "FAIL: expected: '$2' actual: '$1'" >&2
++ exit 1
++ fi
++}
++
++assert_in() {
++ if ! echo "$2" | grep -q "$1"; then
++ echo "FAIL: '$1' not found in:" >&2
++ echo "$2" >&2
++ exit 1
++ fi
++}
++
--- /dev/null
--- /dev/null
++#!/usr/bin/python3
++# autopkgtest check: Boot with systemd and check critical desktop services
++# (C) 2014 Canonical Ltd.
++# Author: Martin Pitt <martin.pitt@ubuntu.com>
++
++import sys
++import os
++import unittest
++import subprocess
++import tempfile
++import shutil
++import time
++import re
++from glob import glob
++
++
++def wait_unit_stop(unit, timeout=10):
++ '''Wait until given unit is not running any more
++
++ Raise RuntimeError on timeout.
++ '''
++ for i in range(timeout):
++ if subprocess.call(['systemctl', 'is-active', '--quiet', unit]) != 0:
++ return
++ time.sleep(1)
++
++ raise RuntimeError('Timed out waiting for %s to stop' % unit)
++
++
++class ServicesTest(unittest.TestCase):
++ '''Check that expected services are running'''
++
++ def test_0_init(self):
++ '''Verify that init is systemd'''
++
++ self.assertIn('systemd', os.readlink('/proc/1/exe'))
++
++ def test_no_failed(self):
++ '''No failed units'''
++
++ out = subprocess.check_output(['systemctl', '--state=failed', '--no-legend'],
++ universal_newlines=True)
++ failed = out.splitlines()
++ # ignore /etc/modules failure as stuff that we put there by default
++ # often fails
++ failed = [f for f in failed if 'systemd-modules-load' not in f]
++ # apparmor fails if not enabled in the kernel
++ if not os.path.exists('/sys/kernel/security/apparmor'):
++ failed = [f for f in failed if 'apparmor.service' not in f]
++ # ignore thermald as it doesn't start in most virtual envs
++ failed = [f for f in failed if 'thermald' not in f]
++ # console-setup.service fails on devices without keyboard (LP: #1516591)
++ failed = [f for f in failed if 'console-setup' not in f]
++ # cpi.service fails on s390x
++ failed = [f for f in failed if 'cpi.service' not in f]
++ if failed:
++ for f in failed:
++ f = f.split()[0]
++ print('-------- journal for failed service %s -----------' % f)
++ sys.stdout.flush()
++ subprocess.call(['journalctl', '-b', '-u', f])
++ self.assertEqual(failed, [])
++
++ @unittest.skipUnless(shutil.which('gdm3') is not None, 'gdm3 not found')
++ def test_gdm3(self):
++ subprocess.check_call(['pgrep', '-af', 'gdm-.*-session'])
++ self.active_unit('gdm')
++
++ def test_dbus(self):
++ out = subprocess.check_output(
++ ['dbus-send', '--print-reply', '--system',
++ '--dest=org.freedesktop.DBus', '/', 'org.freedesktop.DBus.GetId'])
++ self.assertIn(b'string "', out)
++ self.active_unit('dbus')
++
++ def test_network_manager(self):
++ # 0.9.10 changed the command name
++ _help = subprocess.check_output(['nmcli', '--help'],
++ stderr=subprocess.STDOUT)
++ if b' g[eneral]' in _help:
++ out = subprocess.check_output(['nmcli', 'general'])
++ else:
++ out = subprocess.check_output(['nmcli', 'nm'])
++ self.assertIn(b'enabled', out)
++ self.active_unit('network-manager')
++
++ def test_cron(self):
++ out = subprocess.check_output(['ps', 'u', '-C', 'cron'])
++ self.assertIn(b'root', out)
++ self.active_unit('cron')
++
++ def test_logind(self):
++ out = subprocess.check_output(['loginctl'])
++ self.assertNotEqual(b'', out)
++ self.active_unit('systemd-logind')
++
++ @unittest.skipIf('TEST_UPSTREAM' in os.environ,
++ 'Forwarding to rsyslog is a Debian patch')
++ def test_rsyslog(self):
++ out = subprocess.check_output(['ps', 'u', '-C', 'rsyslogd'])
++ self.assertIn(b'bin/rsyslogd', out)
++ self.active_unit('rsyslog')
++ with open('/var/log/syslog') as f:
++ log = f.read()
++ # has kernel messages
++ self.assertRegex(log, 'kernel:.*[cC]ommand line:')
++ # has init messages
++ self.assertRegex(log, 'systemd.*Reached target Graphical Interface')
++ # has other services
++ self.assertRegex(log, 'NetworkManager.*:')
++
++ def test_udev(self):
++ out = subprocess.check_output(['udevadm', 'info', '--export-db'])
++ self.assertIn(b'\nP: /devices/', out)
++ self.active_unit('systemd-udevd')
++
++ def test_tmp_mount(self):
++ # check if we want to mount /tmp in fstab
++ want_tmp_mount = False
++ with open('/etc/fstab') as f:
++ for l in f:
++ try:
++ if not l.startswith('#') and l.split()[1] in ('/tmp', '/tmp/'):
++ want_tmp_mount = True
++ break
++ except IndexError:
++ pass
++
++ # ensure that we actually do/don't have a /tmp mount
++ (status, status_out) = subprocess.getstatusoutput('systemctl status tmp.mount')
++ findmnt = subprocess.call(['findmnt', '-n', '/tmp'], stdout=subprocess.PIPE)
++ if want_tmp_mount:
++ self.assertEqual(status, 0, status_out)
++ self.assertEqual(findmnt, 0)
++ else:
++ # 4 is correct (since upstream commit ca473d57), accept 3 for systemd <= 230
++ self.assertIn(status, [3, 4], status_out)
++ self.assertNotEqual(findmnt, 0)
++
++ @unittest.skipIf('TEST_UPSTREAM' in os.environ,
++ 'Debian specific configuration, N/A for upstream')
++ def test_tmp_cleanup(self):
++ # systemd-tmpfiles-clean.timer only runs 15 mins after boot, shortcut
++ # it
++ self.assertEqual(subprocess.call(
++ ['systemctl', 'status', 'systemd-tmpfiles-clean.timer'],
++ stdout=subprocess.PIPE), 0)
++ subprocess.check_call(['systemctl', 'start', 'systemd-tmpfiles-clean'])
++ # all files in /tmp/ should get cleaned up on boot
++ self.assertFalse(os.path.exists('/tmp/oldfile.test'))
++ self.assertFalse(os.path.exists('/tmp/newfile.test'))
++ # files in /var/tmp/ older than 30d should get cleaned up
++ # XXX FIXME: /var/tmp/ cleanup was disabled in #675422
++ # self.assertFalse(os.path.exists('/var/tmp/oldfile.test'))
++ self.assertTrue(os.path.exists('/var/tmp/newfile.test'))
++
++ # next run should leave the recent ones
++ os.close(os.open('/tmp/newfile.test',
++ os.O_CREAT | os.O_EXCL | os.O_WRONLY))
++ subprocess.check_call(['systemctl', 'start', 'systemd-tmpfiles-clean'])
++ wait_unit_stop('systemd-tmpfiles-clean')
++ self.assertTrue(os.path.exists('/tmp/newfile.test'))
++
++ # Helper methods
++
++ def active_unit(self, unit):
++ '''Check that given unit is active'''
++
++ out = subprocess.check_output(['systemctl', 'status', unit])
++ self.assertIn(b'active (running)', out)
++
++
++class JournalTest(unittest.TestCase):
++ '''Check journal functionality'''
++
++ def test_no_options(self):
++ out = subprocess.check_output(['journalctl'])
++ # has kernel messages
++ self.assertRegex(out, b'kernel:.*[cC]ommand line:')
++ # has init messages
++ self.assertRegex(out, b'systemd.*Reached target Graphical Interface')
++ # has other services
++ self.assertRegex(out, b'NetworkManager.*:.*starting')
++
++ def test_log_for_service(self):
++ out = subprocess.check_output(
++ ['journalctl', '_SYSTEMD_UNIT=NetworkManager.service'])
++ self.assertRegex(out, b'NetworkManager.*:.*starting')
++ self.assertNotIn(b'kernel:', out)
++ self.assertNotIn(b'systemd:', out)
++
++
++class NspawnTest(unittest.TestCase):
++ '''Check nspawn'''
++
++ @classmethod
++ def setUpClass(kls):
++ '''Build a bootable busybox mini-container'''
++
++ kls.td_c_busybox = tempfile.TemporaryDirectory(prefix='c_busybox.')
++ kls.c_busybox = kls.td_c_busybox.name
++ for d in ['etc/init.d', 'bin', 'sbin']:
++ os.makedirs(os.path.join(kls.c_busybox, d))
++ shutil.copy('/bin/busybox', os.path.join(kls.c_busybox, 'bin'))
++ shutil.copy('/etc/os-release', os.path.join(kls.c_busybox, 'etc'))
++ os.symlink('busybox', os.path.join(kls.c_busybox, 'bin', 'sh'))
++ os.symlink('../bin/busybox', os.path.join(kls.c_busybox, 'sbin/init'))
++ with open(os.path.join(kls.c_busybox, 'etc/init.d/rcS'), 'w') as f:
++ f.write('''#!/bin/sh
++echo fake container started
++ps aux
++poweroff\n''')
++ os.fchmod(f.fileno(), 0o755)
++ subprocess.check_call(['systemd-machine-id-setup', '--root',
++ kls.c_busybox], stderr=subprocess.PIPE)
++
++ def setUp(self):
++ self.workdir = tempfile.TemporaryDirectory()
++
++ def test_boot(self):
++ cont = os.path.join(self.workdir.name, 'c1')
++ shutil.copytree(self.c_busybox, cont, symlinks=True)
++ os.sync()
++ nspawn = subprocess.Popen(['systemd-nspawn', '-D', cont, '-b'],
++ stdout=subprocess.PIPE, stderr=subprocess.STDOUT)
++ out = nspawn.communicate(timeout=60)[0]
++ self.assertIn(b'Spawning container c1', out)
++ self.assertIn(b'fake container started', out)
++ self.assertRegex(out, b'\n\s+1\s+0\s+init[\r\n]')
++ self.assertRegex(out, b'\n\s+2+\s+0\s.*rcS[\r\n]')
++ self.assertRegex(out, b'Container c1.*shut down')
++ self.assertEqual(nspawn.returncode, 0)
++
++ def test_service(self):
++ self.assertTrue(os.path.isdir('/var/lib/machines'))
++ cont = '/var/lib/machines/c1'
++ shutil.copytree(self.c_busybox, cont, symlinks=True)
++ self.addCleanup(shutil.rmtree, cont)
++ os.sync()
++ subprocess.check_call(['systemctl', 'start', 'systemd-nspawn@c1'])
++ wait_unit_stop('systemd-nspawn@c1')
++
++ subprocess.call(['journalctl', '--sync'])
++ systemctl = subprocess.Popen(
++ ['systemctl', 'status', '-overbose', '-l', 'systemd-nspawn@c1'],
++ stdout=subprocess.PIPE)
++ out = systemctl.communicate()[0].decode('UTF-8', 'replace')
++ self.assertEqual(systemctl.returncode, 3, out)
++ self.assertNotIn('failed', out)
++
++
++@unittest.skipUnless(os.path.exists('/sys/kernel/security/apparmor'),
++ 'AppArmor not enabled')
++class AppArmorTest(unittest.TestCase):
++ def test_profile(self):
++ '''AppArmor confined unit'''
++
++ # create AppArmor profile
++ aa_profile = tempfile.NamedTemporaryFile(prefix='aa_violator.')
++ aa_profile.write(b'''#include <tunables/global>
++
++profile "violator-test" {
++ #include <abstractions/base>
++
++ /{usr/,}bin/** rix,
++ /etc/machine-id r,
++}
++''')
++ aa_profile.flush()
++ subprocess.check_call(['apparmor_parser', '-r', '-v', aa_profile.name])
++
++ # create confined unit
++ with open('/run/systemd/system/violator.service', 'w') as f:
++ f.write('''[Unit]
++Description=AppArmor test
++
++[Service]
++ExecStart=/bin/sh -euc 'echo CP1; cat /etc/machine-id; echo CP2; if cat /etc/passwd; then exit 1; fi; echo CP3'
++AppArmorProfile=violator-test
++''')
++ self.addCleanup(os.unlink, '/run/systemd/system/violator.service')
++
++ # launch
++ subprocess.check_call(['systemctl', 'daemon-reload'])
++ subprocess.check_call(['systemctl', 'start', 'violator.service'])
++ wait_unit_stop('violator.service')
++
++ # check status
++ st = subprocess.Popen(['systemctl', 'status', '-l',
++ 'violator.service'], stdout=subprocess.PIPE,
++ universal_newlines=True)
++ out = st.communicate()[0]
++ # unit should be stopped
++ self.assertEqual(st.returncode, 3)
++
++ self.assertIn('inactive', out)
++ self.assertIn('CP1', out)
++ self.assertIn('CP2', out)
++ self.assertIn('CP3', out)
++ with open('/etc/machine-id') as f:
++ self.assertIn(f.read().strip(), out)
++ self.assertNotIn('root:x', out, 'unit can read /etc/passwd')
++
++
++@unittest.skipIf(os.path.exists('/sys/fs/cgroup/cgroup.controllers'),
++ 'test needs to be reworked on unified cgroup hierarchy')
++class CgroupsTest(unittest.TestCase):
++ '''Check cgroup setup'''
++
++ @classmethod
++ def setUpClass(kls):
++ kls.controllers = []
++ for controller in glob('/sys/fs/cgroup/*'):
++ if not os.path.islink(controller):
++ kls.controllers.append(controller)
++
++ def setUp(self):
++ self.service = 'testsrv.service'
++ self.service_file = '/run/systemd/system/' + self.service
++
++ def tearDown(self):
++ subprocess.call(['systemctl', 'stop', self.service],
++ stderr=subprocess.PIPE)
++ try:
++ os.unlink(self.service_file)
++ except OSError:
++ pass
++ subprocess.check_call(['systemctl', 'daemon-reload'])
++
++ def create_service(self, extra_service=''):
++ '''Create test service unit'''
++
++ with open(self.service_file, 'w') as f:
++ f.write('''[Unit]
++Description=test service
++[Service]
++ExecStart=/bin/sleep 500
++%s
++''' % extra_service)
++ subprocess.check_call(['systemctl', 'daemon-reload'])
++
++ def assertNoControllers(self):
++ '''Assert that no cgroup controllers exist for test service'''
++
++ cs = glob('/sys/fs/cgroup/*/system.slice/%s' % self.service)
++ self.assertEqual(cs, [])
++
++ def assertController(self, name):
++ '''Assert that cgroup controller exists for test service'''
++
++ c = '/sys/fs/cgroup/%s/system.slice/%s' % (name, self.service)
++ self.assertTrue(os.path.isdir(c))
++
++ def assertNoController(self, name):
++ '''Assert that cgroup controller does not exist for test service'''
++
++ c = '/sys/fs/cgroup/%s/system.slice/%s' % (name, self.service)
++ self.assertFalse(os.path.isdir(c))
++
++ def test_simple(self):
++ '''simple service'''
++
++ self.create_service()
++ self.assertNoControllers()
++ subprocess.check_call(['systemctl', 'start', self.service])
++ self.assertController('systemd')
++ subprocess.check_call(['systemctl', 'stop', self.service])
++ self.assertNoControllers()
++
++ def test_cpushares(self):
++ '''service with CPUShares'''
++
++ self.create_service('CPUShares=1000')
++ self.assertNoControllers()
++ subprocess.check_call(['systemctl', 'start', self.service])
++ self.assertController('systemd')
++ self.assertController('cpu,cpuacct')
++ subprocess.check_call(['systemctl', 'stop', self.service])
++ self.assertNoControllers()
++
++ @unittest.skipIf('TEST_UPSTREAM' in os.environ,
++ 'fix not applied upstream')
++ def test_custom_cgroup_cleanup(self):
++ '''cgroup cleanup does not touch manually created cgroups'''
++
++ # reproduces https://bugs.debian.org/777601
++ self.create_service()
++ os.mkdir('/sys/fs/cgroup/blkio/aux')
++ os.mkdir('/sys/fs/cgroup/perf_event/aux')
++ self.addCleanup(os.rmdir, '/sys/fs/cgroup/blkio/aux')
++ self.addCleanup(os.rmdir, '/sys/fs/cgroup/perf_event/aux')
++ subprocess.check_call(['systemctl', 'start', self.service])
++ self.assertController('systemd')
++ self.assertTrue(os.path.exists('/sys/fs/cgroup/blkio/aux'))
++ self.assertTrue(os.path.exists('/sys/fs/cgroup/perf_event/aux'))
++
++ subprocess.check_call(['systemctl', 'daemon-reload'])
++ time.sleep(1)
++ subprocess.check_call(['systemctl', 'restart', self.service])
++ time.sleep(1)
++ self.assertTrue(os.path.exists('/sys/fs/cgroup/blkio/aux'))
++ self.assertTrue(os.path.exists('/sys/fs/cgroup/perf_event/aux'))
++
++ subprocess.check_call(['systemctl', 'stop', self.service])
++ self.assertNoControllers()
++ self.assertTrue(os.path.exists('/sys/fs/cgroup/blkio/aux'))
++ self.assertTrue(os.path.exists('/sys/fs/cgroup/perf_event/aux'))
++
++
++class SeccompTest(unittest.TestCase):
++ '''Check seccomp syscall filtering'''
++
++ def test_failing(self):
++ with open('/run/systemd/system/scfail.service', 'w') as f:
++ f.write('''[Unit]
++Description=seccomp test
++[Service]
++ExecStart=/bin/cat /etc/machine-id
++SystemCallFilter=access
++''')
++ self.addCleanup(os.unlink, '/run/systemd/system/scfail.service')
++
++ # launch
++ subprocess.check_call(['systemctl', 'daemon-reload'])
++ subprocess.check_call(['systemctl', 'start', 'scfail.service'])
++ wait_unit_stop('scfail.service')
++
++ # check status
++ st = subprocess.Popen(['systemctl', 'status', '-l',
++ 'scfail.service'], stdout=subprocess.PIPE)
++ out = st.communicate()[0]
++ # unit should be stopped
++ self.assertEqual(st.returncode, 3)
++
++ subprocess.check_call(['systemctl', 'reset-failed', 'scfail.service'])
++
++ self.assertIn(b'failed', out)
++ self.assertIn(b'code=killed, signal=SYS', out)
++ with open('/etc/machine-id') as f:
++ self.assertNotIn(f.read().strip().encode('ASCII'), out)
++
++
++class CoredumpTest(unittest.TestCase):
++ '''Check systemd-coredump'''
++
++ def test_bash_crash(self):
++ subprocess.call("ulimit -c unlimited; bash -c 'kill -SEGV $$'", shell=True,
++ cwd='/tmp', stderr=subprocess.DEVNULL)
++
++ # with systemd-coredump installed we should get the core dumps in
++ # systemd's dir
++ for timeout in range(50):
++ cores = glob('/var/lib/systemd/coredump/core.bash.*')
++ if cores:
++ break
++ time.sleep(1)
++ self.assertNotEqual(cores, [])
++ self.assertEqual(glob('/tmp/core*'), [])
++
++ # we should also get a message and stack trace in journal
++ for timeout in range(10):
++ subprocess.call(['journalctl', '--sync'])
++ journal = subprocess.check_output(['journalctl', '-t', 'systemd-coredump'])
++ if re.search(b'Process.*bash.*dumped core', journal) and \
++ re.search(b'#[0-9] .*bash', journal):
++ break
++ time.sleep(1)
++ self.assertRegex(journal, b'Process.*bash.*dumped core')
++ self.assertIn(b'Stack trace', journal)
++ self.assertRegex(journal, b'#[0-9] .*bash')
++
++
++class CLITest(unittest.TestCase):
++ def setUp(self):
++ self.programs = []
++ for line in subprocess.check_output(['dpkg', '-L', 'systemd', 'systemd-container', 'systemd-coredump', 'udev'],
++ universal_newlines=True).splitlines():
++ if '/bin/' in line:
++ self.programs.append(line.strip())
++
++ def test_help(self):
++ '--help works and succeeds'''
++
++ for program in self.programs:
++ p = subprocess.Popen([program, '--help'], stdout=subprocess.PIPE, stderr=subprocess.PIPE, universal_newlines=True)
++ (out, err) = p.communicate()
++ try:
++ self.assertEqual(err, '')
++ self.assertEqual(p.returncode, 0)
++ self.assertIn(os.path.basename(program), out)
++ self.assertTrue('--help' in out or 'Usage' in out, out)
++ except AssertionError:
++ print('Failed program: %s' % program)
++ raise
++
++ def test_version(self):
++ '--version works and succeeds'''
++
++ version = subprocess.check_output(['pkg-config', '--modversion', 'systemd'],
++ universal_newlines=True).strip()
++
++ for program in self.programs:
++ # known to not respond to --version
++ if os.path.basename(program) in ['kernel-install', 'systemd-ask-password', 'systemd-stdio-bridge']:
++ continue
++ p = subprocess.Popen([program, '--version'], stdout=subprocess.PIPE, stderr=subprocess.PIPE, universal_newlines=True)
++ (out, err) = p.communicate()
++ try:
++ self.assertEqual(err, '')
++ self.assertEqual(p.returncode, 0)
++ self.assertIn(version, out)
++ except AssertionError:
++ print('Failed program: %s' % program)
++ raise
++
++ def test_invalid_option(self):
++ '''Calling with invalid option fails'''
++
++ for program in self.programs:
++ p = subprocess.Popen([program, '--invalid-option'], stdout=subprocess.PIPE, stderr=subprocess.PIPE, universal_newlines=True)
++ (out, err) = p.communicate()
++ try:
++ # kernel-install is an unique snowflake
++ if not program.endswith('/kernel-install'):
++ self.assertIn('--invalid-option', err)
++ self.assertNotEqual(p.returncode, 0)
++ except AssertionError:
++ print('Failed program: %s' % program)
++ raise
++
++
++def pre_boot_setup():
++ '''Test setup before rebooting testbed'''
++
++ # create a few temporary files to ensure that they get cleaned up on boot
++ os.close(os.open('/tmp/newfile.test',
++ os.O_CREAT | os.O_EXCL | os.O_WRONLY))
++ os.close(os.open('/var/tmp/newfile.test',
++ os.O_CREAT | os.O_EXCL | os.O_WRONLY))
++ # we can't use utime() here, as systemd looks for ctime
++ cur_time = time.clock_gettime(time.CLOCK_REALTIME)
++ time.clock_settime(time.CLOCK_REALTIME, cur_time - 2 * 30 * 86400)
++ try:
++ os.close(os.open('/tmp/oldfile.test',
++ os.O_CREAT | os.O_EXCL | os.O_WRONLY))
++ os.close(os.open('/var/tmp/oldfile.test',
++ os.O_CREAT | os.O_EXCL | os.O_WRONLY))
++ finally:
++ time.clock_settime(time.CLOCK_REALTIME, cur_time)
++
++ # allow X to start even on headless machines
++ os.makedirs('/etc/X11/xorg.conf.d/', exist_ok=True)
++ with open('/etc/X11/xorg.conf.d/dummy.conf', 'w') as f:
++ f.write('''Section "Device"
++ Identifier "test"
++ Driver "dummy"
++EndSection''')
++
++
++if __name__ == '__main__':
++ if not os.getenv('ADT_REBOOT_MARK'):
++ pre_boot_setup()
++ print('Rebooting...')
++ subprocess.check_call(['/tmp/autopkgtest-reboot', 'boot1'])
++
++ unittest.main(testRunner=unittest.TextTestRunner(stream=sys.stdout,
++ verbosity=2))
--- /dev/null
--- /dev/null
++#!/bin/sh
++# test 20 successful reboots in a row
++# Author: Martin Pitt <martin.pitt@ubuntu.com>
++# For bisecting/testing you can replace individual binaries in /lib/systemd
++# with --copy /host/path/systemd-foo:/tmp/systemd-replace/systemd-foo
++set -e
++
++. `dirname $0`/assert.sh
++
++if [ -z "$ADT_REBOOT_MARK" ]; then
++ # enable persistent journal
++ mkdir -p /var/log/journal
++ # allow X to start even on headless machines
++ mkdir -p /etc/X11/xorg.conf.d/
++ cat << EOF > /etc/X11/xorg.conf.d/dummy.conf
++Section "Device"
++ Identifier "test"
++ Driver "dummy"
++EndSection
++EOF
++
++
++ ADT_REBOOT_MARK=0
++ if [ -d /tmp/systemd-replace/ ]; then
++ for f in /tmp/systemd-replace/*; do
++ echo "Installing $f..."
++ rm -f /lib/systemd/$(basename $f)
++ cp $f /lib/systemd/
++ done
++ fi
++else
++ echo "checking for failed unmounts for user systemd"
++ JOURNAL=$(journalctl)
++ if echo "$JOURNAL" | grep -E "systemd\[([2-9]|[1-9][0-9]+)\].*Failed unmounting"; then
++ exit 1
++ fi
++ echo "checking for connection timeouts"
++ if echo "$JOURNAL" | grep "Connection timed out"; then
++ exit 1
++ fi
++
++ echo "checking that polkitd runs"
++ pidof polkitd
++
++ echo "checking that there are no running jobs"
++ TIMEOUT=10
++ while [ $TIMEOUT -ge 0 ]; do
++ running="$(systemctl --no-pager --no-legend list-jobs || true)"
++ [ -n "$running" ] || break
++ TIMEOUT=$((TIMEOUT - 1))
++ done
++ if [ -n "$running" ]; then
++ echo "running jobs after remaining timeout $TIMEOUT: $running"
++ journalctl --sync
++ journalctl -ab > $ADT_ARTIFACTS/journal.txt
++ udevadm info --export-db > $ADT_ARTIFACTS/udevdb.txt
++ exit 1
++ fi
++fi
++
++if [ "$ADT_REBOOT_MARK" -ge 5 ]; then
++ exit 0
++fi
++
++echo "reboot #$ADT_REBOOT_MARK"
++/tmp/autopkgtest-reboot $(($ADT_REBOOT_MARK + 1))
--- /dev/null
--- /dev/null
++#!/bin/sh
++# autopkgtest check: Test build against libsystemd-login-dev
++# (C) 2014 Canonical Ltd.
++# Author: Martin Pitt <martin.pitt@ubuntu.com>
++
++set -e
++
++WORKDIR=$(mktemp -d)
++trap "rm -rf $WORKDIR" 0 INT QUIT ABRT PIPE TERM
++cd $WORKDIR
++cat <<EOF > loginmonitor.c
++#include <assert.h>
++#include <stdio.h>
++#include <systemd/sd-login.h>
++
++int main(int argc, char **argv)
++{
++ sd_login_monitor* mon = NULL;
++ int res;
++
++ res = sd_login_monitor_new(NULL, &mon);
++ if (res < 0) {
++ fprintf(stderr, "sd_login_monitor_new failed with value %i\n", res);
++ return 1;
++ }
++
++ assert(sd_login_monitor_get_fd(mon) > 0);
++ sd_login_monitor_unref(mon);
++
++ return 0;
++}
++EOF
++
++gcc -Wall -Werror -o loginmonitor loginmonitor.c `pkg-config --cflags --libs libsystemd`
++echo "build: OK"
++[ -x loginmonitor ]
++./loginmonitor
++echo "run: OK"
--- /dev/null
--- /dev/null
++Tests: timedated, hostnamed, localed-locale, localed-x11-keymap
++Depends: systemd,
++ libpam-systemd,
++ libnss-systemd,
++ acl,
++ locales,
++Restrictions: needs-root, isolation-container
++
++Tests: logind
++Depends: systemd,
++ libpam-systemd,
++ libnss-systemd,
++ acl,
++ locales,
++ evemu-tools,
++Restrictions: needs-root, isolation-container
++
++Tests: unit-config
++Depends: systemd,
++ libpam-systemd,
++ libnss-systemd,
++ acl,
++ locales,
++ evemu-tools,
++ python3,
++ pkg-config,
++Restrictions: needs-root, allow-stderr
++
++Tests: storage
++Depends: systemd,
++ libpam-systemd,
++ libnss-systemd,
++ acl,
++ locales,
++ evemu-tools,
++ python3,
++ pkg-config,
++ cryptsetup-bin,
++Restrictions: needs-root, isolation-machine
++
++Tests: networkd-test.py
++Tests-Directory: test
++Depends: systemd,
++ libpam-systemd,
++ libnss-systemd,
++ acl,
++ locales,
++ evemu-tools,
++ python3,
++ pkg-config,
++ cryptsetup-bin,
++ systemd-sysv,
++ policykit-1,
++ dnsmasq-base
++Restrictions: needs-root, isolation-container
++
++Tests: build-login
++Depends: systemd,
++ libpam-systemd,
++ libnss-systemd,
++ acl,
++ locales,
++ evemu-tools,
++ python3,
++ pkg-config,
++ cryptsetup-bin,
++ systemd-sysv,
++ policykit-1,
++ dnsmasq-base,
++ build-essential,
++ libsystemd-dev,
++Restrictions: isolation-container
++
++Tests: boot-and-services
++Depends: systemd-sysv,
++ systemd-container,
++ systemd-coredump,
++ libpam-systemd,
++ xserver-xorg-video-dummy,
++ xserver-xorg,
++ gdm3 [!s390x],
++ cron,
++ network-manager,
++ busybox-static,
++ apparmor,
++ pkg-config,
++ python3
++Restrictions: needs-root, isolation-machine, breaks-testbed
++
++Tests: udev
++Depends: systemd-tests,
++ python3,
++ tree,
++ perl,
++ xz-utils,
++Restrictions: needs-root, allow-stderr, isolation-machine
++
++Tests: root-unittests
++Depends: systemd-tests,
++ libpam-systemd,
++ tree,
++ perl,
++ xz-utils,
++ libcap2-bin,
++ iproute2,
++ liblz4-tool,
++ acl,
++ iputils-ping,
++ dbus-user-session,
++Restrictions: needs-root, allow-stderr, isolation-container
++
++Tests: upstream
++Depends: libsystemd-dev,
++ tree,
++ perl,
++ xz-utils,
++ libcap2-bin,
++ iproute2,
++ liblz4-tool,
++ acl,
++ kbd,
++ cryptsetup-bin,
++ net-tools,
++ isc-dhcp-client,
++ iputils-ping,
++ strace,
++ qemu-system-x86 [amd64 i386],
++ qemu-system-arm [arm64 armhf],
++ qemu-system-s390x [s390x],
++ less,
++ pkg-config,
++ gcc,
++ libc6-dev | libc-dev,
++ make,
++ quota,
++ systemd-journal-remote,
++ systemd-container,
++ systemd-coredump,
++ fdisk | util-linux (<< 2.29.2-3~),
++ netcat-openbsd,
++ busybox-static,
++ plymouth,
++ e2fsprogs,
++Restrictions: needs-root, allow-stderr, isolation-machine
++
++Tests: boot-smoke
++Depends: libsystemd-dev,
++ tree,
++ perl,
++ xz-utils,
++ libcap2-bin,
++ iproute2,
++ liblz4-tool,
++ acl,
++ kbd,
++ cryptsetup-bin,
++ net-tools,
++ isc-dhcp-client,
++ iputils-ping,
++ strace,
++ qemu-system-x86 [amd64 i386],
++ qemu-system-arm [arm64 armhf],
++ qemu-system-s390x [s390x],
++ less,
++ pkg-config,
++ gcc,
++ libc6-dev | libc-dev,
++ make,
++ quota,
++ systemd-journal-remote,
++ systemd-container,
++ systemd-coredump,
++ systemd-sysv,
++ fdisk | util-linux (<< 2.29.2-3~),
++ netcat-openbsd,
++ busybox-static,
++ plymouth,
++ network-manager,
++ policykit-1,
++ gdm3 [!s390x],
++ xserver-xorg-video-dummy,
++Restrictions: needs-root, isolation-container, allow-stderr, breaks-testbed
++
++# NOUPSTREAM: Do not run these tests for upstream builds
++
++Tests: systemd-fsckd
++Depends: systemd-sysv,
++ python3,
++ plymouth
++Restrictions: needs-root, isolation-machine, breaks-testbed
--- /dev/null
--- /dev/null
++#!/bin/bash
++fd=0
++
++OPTIND=1
++while getopts "C:aTlM" opt; do
++ case "$opt" in
++ C)
++ fd=$OPTARG
++ ;;
++ \?);;
++ esac
++done
++
++shift "$((OPTIND-1))"
++device=$1
++
++echo "Running fake fsck on $device"
++
++declare -a maxpass=(30 5 2 30 60)
++
++for pass in {1..5}; do
++ maxprogress=${maxpass[$((pass-1))]}
++ for (( current=0; current<=${maxprogress}; current++)); do
++ echo "$pass $current $maxprogress $device">&$fd
++ sleep 0.1
++ done
++done
--- /dev/null
--- /dev/null
++#!/bin/sh
++set -e
++
++. `dirname $0`/assert.sh
++
++ORIG_HOST=`cat /etc/hostname`
++echo "original hostname: $ORIG_HOST"
++
++# should activate daemon and work
++STATUS="`hostnamectl`"
++assert_in "Static hostname: $ORIG_HOST" "$STATUS"
++assert_in "Kernel:.* `uname -r`" "$STATUS"
++
++# change hostname
++assert_eq "`hostnamectl set-hostname testhost 2>&1`" ""
++assert_eq "`cat /etc/hostname`" "testhost"
++assert_in "Static hostname: testhost" "`hostnamectl`"
++
++# reset to original
++assert_eq "`hostnamectl set-hostname $ORIG_HOST 2>&1`" ""
++assert_eq "`cat /etc/hostname`" "$ORIG_HOST"
++assert_in "Static hostname: $ORIG_HOST" "`hostnamectl`"
--- /dev/null
--- /dev/null
++# EVEMU 1.2
++# Input device name: "Lid Switch"
++# Input device ID: bus 0x19 vendor 0000 product 0x05 version 0000
++# Supported events:
++# Event type 0 (EV_SYN)
++# Event code 0 (SYN_REPORT)
++# Event code 5 (FF_STATUS_MAX)
++# Event type 5 (EV_SW)
++# Event code 0 (SW_LID)
++# Properties:
++N: Fake Lid Switch
++I: 0019 0000 0005 0000
++P: 00 00 00 00 00 00 00 00
++B: 00 21 00 00 00 00 00 00 00
++B: 01 00 00 00 00 00 00 00 00
++B: 01 00 00 00 00 00 00 00 00
++B: 01 00 00 00 00 00 00 00 00
++B: 01 00 00 00 00 00 00 00 00
++B: 01 00 00 00 00 00 00 00 00
++B: 01 00 00 00 00 00 00 00 00
++B: 01 00 00 00 00 00 00 00 00
++B: 01 00 00 00 00 00 00 00 00
++B: 01 00 00 00 00 00 00 00 00
++B: 01 00 00 00 00 00 00 00 00
++B: 01 00 00 00 00 00 00 00 00
++B: 01 00 00 00 00 00 00 00 00
++B: 02 00 00 00 00 00 00 00 00
++B: 03 00 00 00 00 00 00 00 00
++B: 04 00 00 00 00 00 00 00 00
++B: 05 01 00 00 00 00 00 00 00
++B: 11 00 00 00 00 00 00 00 00
++B: 12 00 00 00 00 00 00 00 00
++B: 15 00 00 00 00 00 00 00 00
++B: 15 00 00 00 00 00 00 00 00
--- /dev/null
--- /dev/null
++#!/bin/sh
++set -e
++
++. `dirname $0`/assert.sh
++
++if [ -n "$TEST_UPSTREAM" ]; then
++ LOCALE_CONF=/etc/locale.conf
++else
++ LOCALE_CONF=/etc/default/locale
++fi
++
++if ! ORIG_LOC=`grep -v '^#' $LOCALE_CONF 2>/dev/null`; then
++ # set up for a minimal unconfigured system
++ if [ -e /etc/locale.gen ]; then
++ echo "en_US.UTF-8 UTF-8" >> /etc/locale.gen
++ fi
++ locale-gen en_US.UTF-8
++ ORIG_LOC='LANG="en_US.UTF-8"'
++ echo "$ORIG_LOC" > $LOCALE_CONF
++fi
++
++if ! [ -e /etc/default/keyboard ]; then
++ /bin/echo -e 'XKBMODEL=us\nXKBLAYOUT=pc105' > /etc/default/keyboard
++fi
++
++# should activate daemon and work
++assert_in "System Locale:" "`localectl --no-pager`"
++
++# change locale
++assert_eq "`localectl --no-pager set-locale LANG=C LC_CTYPE=en_US.UTF-8 2>&1`" ""
++sync
++assert_eq "`cat $LOCALE_CONF`" "LANG=C
++LC_CTYPE=en_US.UTF-8"
++
++! [ -f /etc/locale.conf ]
++
++STATUS=`localectl`
++assert_in "System Locale: LANG=C" "$STATUS"
++assert_in "LC_CTYPE=en_US.UTF-8" "$STATUS"
++
++# reset locale to original
++echo "$ORIG_LOC" > $LOCALE_CONF
--- /dev/null
--- /dev/null
++#!/bin/sh
++set -e
++
++. `dirname $0`/assert.sh
++
++if [ -f /etc/default/keyboard ]; then
++ ORIG_KBD=`cat /etc/default/keyboard`
++else
++ ORIG_KBD=""
++fi
++
++cleanup() {
++ # reset locale to original
++ if [ -n "ORIG_KBD" ]; then
++ echo "$ORIG_KBD" > /etc/default/keyboard
++ else
++ rm -f /etc/default/keyboard
++ fi
++ rm -f /etc/X11/xorg.conf.d/00-keyboard.conf
++}
++trap cleanup EXIT INT QUIT PIPE
++
++# should activate daemon and work
++STATUS=`localectl`
++assert_in "X11 Layout:" "`localectl --no-pager`"
++
++# change layout
++assert_eq "`localectl --no-pager set-x11-keymap et pc101 2>&1`" ""
++sync
++
++if [ -n "$TEST_UPSTREAM" ]; then
++ # Upstream writes xorg.conf.d file
++ assert_in 'Option "XkbLayout" "et' "`cat /etc/X11/xorg.conf.d/00-keyboard.conf`"
++ assert_in 'Option "XkbModel" "pc101"' "`cat /etc/X11/xorg.conf.d/00-keyboard.conf`"
++else
++ # Debian console-setup config file
++ assert_in 'XKBLAYOUT="\?et"\?' "`cat /etc/default/keyboard`"
++ assert_in 'XKBMODEL="\?pc101"\?' "`cat /etc/default/keyboard`"
++
++ ! [ -f /etc/X11/xorg.conf.d/00-keyboard.conf ]
++fi
++
++STATUS=`localectl --no-pager`
++assert_in "X11 Layout: et" "$STATUS"
++assert_in "X11 Model: pc101" "$STATUS"
++
++# gets along without config file
++if [ -z "$TEST_UPSTREAM" ]; then
++ rm /etc/default/keyboard
++ systemctl stop systemd-localed
++ assert_in "X11 Layout: n/a" "`localectl --no-pager`"
++fi
--- /dev/null
--- /dev/null
++#!/bin/sh
++set -e
++
++test_started() {
++ # ensure the *old* logind from before the upgrade isn't running
++ echo " * try-restarting systemd-logind"
++ systemctl try-restart systemd-logind
++
++ echo " * daemon is started"
++ # should start at boot, not with D-BUS activation
++ LOGINDPID=$(pidof systemd-logind)
++
++ # loginctl should succeed
++ echo " * loginctl succeeds"
++ LOGINCTL_OUT=`loginctl`
++}
++
++test_properties() {
++ # Default KillUserProcesses should be off for debian/ubuntu builds
++ r=$(busctl get-property org.freedesktop.login1 /org/freedesktop/login1 org.freedesktop.login1.Manager KillUserProcesses)
++ [ "$r" = "b false" ]
++}
++
++# args: <timeout>
++wait_suspend() {
++ timeout=$1
++ while [ $timeout -gt 0 ] && [ ! -e /run/suspend.flag ]; do
++ sleep 1
++ timeout=$((timeout - 1))
++ [ $(($timeout % 5)) -ne 0 ] || echo " waiting for suspend, ${timeout}s remaining..."
++ done
++ if [ ! -e /run/suspend.flag ]; then
++ echo "closing lid did not cause suspend" >&2
++ exit 1
++ fi
++ rm /run/suspend.flag
++ echo " * closing lid caused suspend"
++}
++
++test_suspend_on_lid() {
++ if systemd-detect-virt --quiet --container; then
++ echo " * Skipping suspend test in container"
++ return
++ fi
++ if ! grep -q mem /sys/power/state; then
++ echo " * suspend not supported on this testbed, skipping"
++ return
++ fi
++
++ # cleanup handler
++ trap 'rm -f /run/udev/rules.d/70-logindtest-*.rules; udevadm control --reload;
++ kill $KILL_PID;
++ rm /run/systemd/system/systemd-suspend.service;
++ if [ -d /sys/module/scsi_debug ]; then rmmod scsi_debug 2>/dev/null || (sleep 2; rmmod scsi_debug ) || true; fi' \
++ EXIT INT QUIT TERM PIPE
++
++ # watch what's going on
++ journalctl -f -u systemd-logind.service &
++ KILL_PID="$KILL_PID $!"
++
++ # create fake suspend
++ UNIT=$(systemctl show -pFragmentPath --value systemd-suspend.service)
++ sed '/^ExecStart=/ s_=.*$_=/bin/touch /run/suspend.flag_' $UNIT > /run/systemd/system/systemd-suspend.service
++ sync
++ systemctl daemon-reload
++
++ # create fake lid switch
++ mkdir -p /run/udev/rules.d
++ echo 'SUBSYSTEM=="input", KERNEL=="event*", ATTRS{name}=="Fake Lid Switch", TAG+="power-switch"' \
++ > /run/udev/rules.d/70-logindtest-lid.rules
++ sync
++ udevadm control --reload
++ evemu-device $(dirname $0)/lidswitch.evemu &
++ KILL_PID="$KILL_PID $!"
++ while [ -z "$O" ]; do
++ sleep 0.1
++ O=$(grep -l '^Fake Lid Switch' /sys/class/input/*/device/name)
++ done
++ O=${O%/device/name}
++ LID_DEV=/dev/${O#/sys/class/}
++
++ # close lid
++ evemu-event $LID_DEV --sync --type 5 --code 0 --value 1
++ # need to wait for 30s suspend inhibition after boot
++ wait_suspend 31
++ # open lid again
++ evemu-event $LID_DEV --sync --type 5 --code 0 --value 0
++
++ echo " * waiting for 30s inhibition time between suspends"
++ sleep 30
++
++ # now closing lid should cause instant suspend
++ evemu-event $LID_DEV --sync --type 5 --code 0 --value 1
++ wait_suspend 2
++ evemu-event $LID_DEV --sync --type 5 --code 0 --value 0
++
++ P=$(pidof systemd-logind)
++ [ "$P" = "$LOGINDPID" ] || { echo "logind crashed" >&2; exit 1; }
++}
++
++test_shutdown() {
++ echo " * scheduled shutdown with wall message"
++ shutdown 2>&1
++ sleep 5
++ shutdown -c || true
++ # logind should still be running
++ P=$(pidof systemd-logind)
++ [ "$P" = "$LOGINDPID" ] || { echo "logind crashed" >&2; exit 1; }
++
++ echo " * scheduled shutdown without wall message"
++ shutdown --no-wall 2>&1
++ sleep 5
++ shutdown -c --no-wall || true
++ P=$(pidof systemd-logind)
++ [ "$P" = "$LOGINDPID" ] || { echo "logind crashed" >&2; exit 1; }
++}
++
++test_in_logind_session() {
++ echo " * XDG_SESSION_ID=$XDG_SESSION_ID"
++ # cgroup v1: "1:name=systemd:/user.slice/..."; unified hierarchy: "0::/user.slice"
++ if grep -E '(name=systemd|^0:):.*session.*scope' /proc/self/cgroup; then
++ echo " * process is in session cgroup"
++ else
++ echo "FAIL: process is not in session cgroup"
++ echo "/proc/self/cgroup:"
++ cat /proc/self/cgroup
++ loginctl
++ loginctl show-session "$XDG_SESSION_ID"
++ exit 1
++ fi
++}
++
++test_acl() {
++ # ACL tests
++ if ! echo "$LOGINCTL_OUT" | grep -q "seat0"; then
++ echo " * Skipping ACL tests, as there is no seat"
++ return
++ fi
++ if systemd-detect-virt --quiet --container; then
++ echo " * Skipping ACL tests in container"
++ return
++ fi
++
++ # determine user
++ USER=`echo "$OUT" | grep seat0 | awk '{print $3}'`
++ echo "seat user: $USER"
++
++ # scsi_debug should not be loaded yet
++ ! test -d /sys/bus/pseudo/drivers/scsi_debug/adapter*/host*/target*/*:*/block
++
++ # we use scsi_debug to create new devices which we can put ACLs on
++ # tell udev about the tagging, so that logind can pick it up
++ cat <<EOF > /run/udev/rules.d/70-logindtest-scsi_debug-user.rules
++SUBSYSTEM=="block", ATTRS{model}=="scsi_debug*", TAG+="uaccess"
++EOF
++ sync
++ udevadm control --reload
++
++ echo " * coldplug: logind started with existing device"
++ killall systemd-logind
++ modprobe scsi_debug
++ while ! dev=/dev/`ls /sys/bus/pseudo/drivers/scsi_debug/adapter*/host*/target*/*:*/block 2>/dev/null`; do sleep 0.1; done
++ test -b $dev
++ echo "got block device $dev"
++ udevadm settle
++ # trigger logind
++ loginctl > /dev/null
++ sleep 1
++ if getfacl -p $dev | grep -q "user:$USER:rw-"; then
++ echo "$dev has ACL for user $USER"
++ else
++ echo "$dev has no ACL for user $USER:" >&2
++ getfacl -p $dev >&2
++ exit 1
++ fi
++
++ rmmod scsi_debug
++
++ echo " * hotplug: new device appears while logind is running"
++ modprobe scsi_debug
++ while ! dev=/dev/`ls /sys/bus/pseudo/drivers/scsi_debug/adapter*/host*/target*/*:*/block`; do sleep 0.1; done
++ test -b $dev
++ echo "got block device $dev"
++ udevadm settle
++ sleep 1
++ if getfacl -p $dev | grep -q "user:$USER:rw-"; then
++ echo "$dev has ACL for user $USER"
++ else
++ echo "$dev has no ACL for user $USER:" >&2
++ getfacl -p $dev >&2
++ exit 1
++ fi
++}
++
++#
++# main
++#
++
++test_started
++test_properties
++test_in_logind_session
++test_suspend_on_lid
++test_shutdown
++test_acl
--- /dev/null
--- /dev/null
++#!/bin/sh
++# loop until we can kill the process given in arg
++
++while :
++do
++ /usr/bin/pkill -x $*
++ [ $? -eq 0 ] && break
++ sleep 1
++done
--- /dev/null
--- /dev/null
++#!/bin/sh
++set -eu
++
++EXFAIL=""
++
++res=0
++for t in /usr/lib/systemd/tests/test-*; do
++ tname=$(basename $t)
++ # test-udev needs special prep and has its own test
++ [ "$tname" != test-udev ] || continue
++ echo "====== $tname ======="
++ # exit code 77 means "skip"
++ rc=0
++ $t || rc=$?
++ if [ "$rc" = 0 ]; then
++ echo "PASS: $tname"
++ elif [ "$rc" = 77 ]; then
++ echo "SKIP: $tname"
++ elif [ "${EXFAIL%$tname*}" != "$EXFAIL" ]; then
++ echo "EXFAIL: $tname"
++ else
++ echo "FAIL: $tname (code: $rc)"
++ res=$rc
++ fi
++done
++exit $res
--- /dev/null
--- /dev/null
++#!/usr/bin/env python3
++# systemd integration test: Handling of storage devices
++# (C) 2015 Canonical Ltd.
++# Author: Martin Pitt <martin.pitt@ubuntu.com>
++
++import os
++import sys
++import unittest
++import subprocess
++import time
++import random
++from glob import glob
++
++
++@unittest.skipIf(os.path.isdir('/sys/module/scsi_debug'),
++ 'The scsi_debug module is already loaded')
++class FakeDriveTestBase(unittest.TestCase):
++ @classmethod
++ def setUpClass(klass):
++ # create a fake SCSI hard drive
++ subprocess.check_call(['modprobe', 'scsi_debug'])
++ # wait until drive got created
++ sys_dirs = []
++ while not sys_dirs:
++ sys_dirs = glob('/sys/bus/pseudo/drivers/scsi_debug/adapter*/host*/target*/*:*/block')
++ time.sleep(0.1)
++ assert len(sys_dirs) == 1
++ devs = os.listdir(sys_dirs[0])
++ assert len(devs) == 1
++ klass.device = '/dev/' + devs[0]
++
++ def tearDown(self):
++ # clear drive
++ with open(self.device, 'wb') as f:
++ block = b'0' * 1048576
++ try:
++ while True:
++ f.write(block)
++ except OSError:
++ pass
++ subprocess.check_call(['udevadm', 'settle'])
++ subprocess.check_call(['systemctl', 'daemon-reload'])
++
++
++class CryptsetupTest(FakeDriveTestBase):
++ def setUp(self):
++ self.plaintext_name = 'testcrypt1'
++ self.plaintext_dev = '/dev/mapper/' + self.plaintext_name
++ if os.path.exists(self.plaintext_dev):
++ self.fail('%s exists already' % self.plaintext_dev)
++
++ super().setUp()
++
++ if os.path.exists('/etc/crypttab'):
++ os.rename('/etc/crypttab', '/etc/crypttab.systemdtest')
++ self.password = 'pwd%i' % random.randint(1000, 10000)
++ self.password_agent = None
++
++ def tearDown(self):
++ if self.password_agent:
++ os.kill(self.password_agent, 9)
++ os.waitpid(self.password_agent, 0)
++ self.password_agent = None
++ subprocess.call(['umount', self.plaintext_dev], stderr=subprocess.DEVNULL)
++ subprocess.call(['systemctl', 'stop', 'systemd-cryptsetup@%s.service' % self.plaintext_name],
++ stderr=subprocess.STDOUT)
++ if os.path.exists('/etc/crypttab'):
++ os.unlink('/etc/crypttab')
++ if os.path.exists('/etc/crypttab.systemdtest'):
++ os.rename('/etc/crypttab.systemdtest', '/etc/crypttab')
++
++ super().tearDown()
++
++ def format_luks(self):
++ '''Format test device with LUKS'''
++
++ p = subprocess.Popen(['cryptsetup', '--batch-mode', 'luksFormat', self.device, '-'],
++ stdin=subprocess.PIPE)
++ p.communicate(self.password.encode())
++ self.assertEqual(p.returncode, 0)
++ os.sync()
++ subprocess.check_call(['udevadm', 'settle'])
++
++ def start_password_agent(self):
++ '''Run password agent to answer passphrase request for crypt device'''
++
++ pid = os.fork()
++ if pid > 0:
++ self.password_agent = pid
++ return
++
++ # wait for incoming request
++ found = False
++ while not found:
++ for ask in glob('/run/systemd/ask-password/ask.*'):
++ with open(ask) as f:
++ contents = f.read()
++ if 'disk scsi_debug' in contents and self.plaintext_name in contents:
++ found = True
++ break
++ if not found:
++ time.sleep(0.5)
++
++ # parse Socket=
++ for line in contents.splitlines():
++ if line.startswith('Socket='):
++ socket = line.split('=', 1)[1]
++ break
++
++ # send reply
++ p = subprocess.Popen(['/lib/systemd/systemd-reply-password', '1', socket],
++ stdin=subprocess.PIPE)
++ p.communicate(self.password.encode())
++ assert p.returncode == 0
++
++ os._exit(0)
++
++ def apply(self, target):
++ '''Tell systemd to generate and run the cryptsetup units'''
++
++ subprocess.check_call(['systemctl', 'daemon-reload'])
++
++ self.start_password_agent()
++ subprocess.check_call(['systemctl', 'restart', target])
++ for timeout in range(50):
++ if os.path.exists(self.plaintext_dev):
++ break
++ time.sleep(0.1)
++ else:
++ self.fail('timed out for %s to appear' % self.plaintext_dev)
++
++ def test_luks_by_devname(self):
++ '''LUKS device by plain device name, empty'''
++
++ self.format_luks()
++ with open('/etc/crypttab', 'w') as f:
++ f.write('%s %s none luks\n' % (self.plaintext_name, self.device))
++ self.apply('cryptsetup.target')
++
++ # should not be mounted
++ with open('/proc/mounts') as f:
++ self.assertNotIn(self.plaintext_name, f.read())
++
++ # device should not have anything on it
++ p = subprocess.Popen(['blkid', self.plaintext_dev], stdout=subprocess.PIPE)
++ out = p.communicate()[0]
++ self.assertEqual(out, b'')
++ self.assertNotEqual(p.returncode, 0)
++
++ def test_luks_by_uuid(self):
++ '''LUKS device by UUID, empty'''
++
++ self.format_luks()
++ uuid = subprocess.check_output(['blkid', '-ovalue', '-sUUID', self.device],
++ universal_newlines=True).strip()
++ with open('/etc/crypttab', 'w') as f:
++ f.write('%s UUID=%s none luks\n' % (self.plaintext_name, uuid))
++ self.apply('cryptsetup.target')
++
++ # should not be mounted
++ with open('/proc/mounts') as f:
++ self.assertNotIn(self.plaintext_name, f.read())
++
++ # device should not have anything on it
++ p = subprocess.Popen(['blkid', self.plaintext_dev], stdout=subprocess.PIPE)
++ out = p.communicate()[0]
++ self.assertEqual(out, b'')
++ self.assertNotEqual(p.returncode, 0)
++
++ def test_luks_swap(self):
++ '''LUKS device with "swap" option'''
++
++ self.format_luks()
++ with open('/etc/crypttab', 'w') as f:
++ f.write('%s %s none luks,swap\n' % (self.plaintext_name, self.device))
++ self.apply('cryptsetup.target')
++
++ # should not be mounted
++ with open('/proc/mounts') as f:
++ self.assertNotIn(self.plaintext_name, f.read())
++
++ # device should be formatted with swap
++ out = subprocess.check_output(['blkid', '-ovalue', '-sTYPE', self.plaintext_dev])
++ self.assertEqual(out, b'swap\n')
++
++ def test_luks_tmp(self):
++ '''LUKS device with "tmp" option'''
++
++ self.format_luks()
++ with open('/etc/crypttab', 'w') as f:
++ f.write('%s %s none luks,tmp\n' % (self.plaintext_name, self.device))
++ self.apply('cryptsetup.target')
++
++ # should not be mounted
++ with open('/proc/mounts') as f:
++ self.assertNotIn(self.plaintext_name, f.read())
++
++ # device should be formatted with ext2
++ out = subprocess.check_output(['blkid', '-ovalue', '-sTYPE', self.plaintext_dev])
++ self.assertEqual(out, b'ext2\n')
++
++ def test_luks_fstab(self):
++ '''LUKS device in /etc/fstab'''
++
++ self.format_luks()
++ with open('/etc/crypttab', 'w') as f:
++ f.write('%s %s none luks,tmp\n' % (self.plaintext_name, self.device))
++
++ mountpoint = '/run/crypt1.systemdtest'
++ os.mkdir(mountpoint)
++ self.addCleanup(os.rmdir, mountpoint)
++ os.rename('/etc/fstab', '/etc/fstab.systemdtest')
++ self.addCleanup(os.rename, '/etc/fstab.systemdtest', '/etc/fstab')
++ with open('/etc/fstab', 'a') as f:
++ with open('/etc/fstab.systemdtest') as forig:
++ f.write(forig.read())
++ f.write('%s %s ext2 defaults 0 0\n' % (self.plaintext_dev, mountpoint))
++
++ # this should now be a requirement of local-fs.target
++ self.apply('local-fs.target')
++
++ # should be mounted
++ found = False
++ with open('/proc/mounts') as f:
++ for line in f:
++ fields = line.split()
++ if fields[0] == self.plaintext_dev:
++ self.assertEqual(fields[1], mountpoint)
++ self.assertEqual(fields[2], 'ext2')
++ found = True
++ break
++ if not found:
++ self.fail('%s is not mounted' % self.plaintext_dev)
++
++
++if __name__ == '__main__':
++ unittest.main(testRunner=unittest.TextTestRunner(stream=sys.stdout,
++ verbosity=2))
--- /dev/null
--- /dev/null
++#!/usr/bin/python3
++# autopkgtest check: Ensure that systemd-fsckd can report progress and cancel
++# (C) 2015 Canonical Ltd.
++# Author: Didier Roche <didrocks@ubuntu.com>
++
++from contextlib import suppress
++import inspect
++import fileinput
++import os
++import subprocess
++import shutil
++import stat
++import sys
++import unittest
++from time import sleep, time
++
++GRUB_AUTOPKGTEST_CONFIG_PATH = "/etc/default/grub.d/50-cloudimg-settings.cfg"
++TEST_AUTOPKGTEST_CONFIG_PATH = "/etc/default/grub.d/99-fsckdtest.cfg"
++
++SYSTEMD_ETC_SYSTEM_UNIT_DIR = "/etc/systemd/system/"
++SYSTEMD_PROCESS_KILLER_PATH = os.path.join(SYSTEMD_ETC_SYSTEM_UNIT_DIR, "process-killer.service")
++
++SYSTEMD_FSCK_ROOT_PATH = "/lib/systemd/system/systemd-fsck-root.service"
++SYSTEMD_FSCK_ROOT_ENABLE_PATH = os.path.join(SYSTEMD_ETC_SYSTEM_UNIT_DIR, 'local-fs.target.wants/systemd-fsck-root.service')
++
++SYSTEM_FSCK_PATH = '/sbin/fsck'
++PROCESS_KILLER_PATH = '/sbin/process-killer'
++SAVED_FSCK_PATH = "{}.real".format(SYSTEM_FSCK_PATH)
++
++FSCKD_TIMEOUT = 30
++
++
++class FsckdTest(unittest.TestCase):
++ '''Check that we run, report and can cancel fsck'''
++
++ def __init__(self, test_name, after_reboot, return_code):
++ super().__init__(test_name)
++ self._test_name = test_name
++ self._after_reboot = after_reboot
++ self._return_code = return_code
++
++ def setUp(self):
++ super().setUp()
++ # ensure we have our root fsck enabled by default (it detects it runs in a vm and doesn't pull the target)
++ # note that it can already exists in case of a reboot (as there was no tearDown as we wanted)
++ os.makedirs(os.path.dirname(SYSTEMD_FSCK_ROOT_ENABLE_PATH), exist_ok=True)
++ with suppress(FileExistsError):
++ os.symlink(SYSTEMD_FSCK_ROOT_PATH, SYSTEMD_FSCK_ROOT_ENABLE_PATH)
++ enable_plymouth()
++
++ # note that the saved real fsck can still exists in case of a reboot (as there was no tearDown as we wanted)
++ if not os.path.isfile(SAVED_FSCK_PATH):
++ os.rename(SYSTEM_FSCK_PATH, SAVED_FSCK_PATH)
++
++ # install mock fsck and killer
++ self.install_bin(os.path.join(os.path.dirname(os.path.realpath(__file__)), 'fsck'),
++ SYSTEM_FSCK_PATH)
++ self.install_bin(os.path.join(os.path.dirname(os.path.realpath(__file__)), 'process-killer'),
++ PROCESS_KILLER_PATH)
++
++ self.files_to_clean = [SYSTEMD_FSCK_ROOT_ENABLE_PATH, SYSTEM_FSCK_PATH, SYSTEMD_PROCESS_KILLER_PATH, PROCESS_KILLER_PATH]
++
++ def tearDown(self):
++ # tearDown is only called once the test really ended (not while rebooting during tests)
++ for f in self.files_to_clean:
++ with suppress(FileNotFoundError):
++ os.remove(f)
++ os.rename(SAVED_FSCK_PATH, SYSTEM_FSCK_PATH)
++ super().tearDown()
++
++ def test_fsckd_run(self):
++ '''Ensure we can reboot after a fsck was processed'''
++ if not self._after_reboot:
++ self.reboot()
++ else:
++ self.assertFsckdStop()
++ self.assertFsckProceeded()
++ self.assertSystemRunning()
++
++ def test_fsckd_run_without_plymouth(self):
++ '''Ensure we can reboot without plymouth after a fsck was processed'''
++ if not self._after_reboot:
++ enable_plymouth(enable=False)
++ self.reboot()
++ else:
++ self.assertFsckdStop()
++ self.assertFsckProceeded(with_plymouth=False)
++ self.assertSystemRunning()
++
++ def test_fsck_with_failure(self):
++ '''Ensure that a failing fsck doesn't prevent fsckd to stop'''
++ if not self._after_reboot:
++ self.install_process_killer_unit('fsck')
++ self.reboot()
++ else:
++ self.assertFsckdStop()
++ self.assertWasRunning('process-killer')
++ self.assertFalse(self.is_failed_unit('process-killer'))
++ self.assertFsckProceeded()
++ self.assertSystemRunning()
++
++ def test_systemd_fsck_with_failure(self):
++ '''Ensure that a failing systemd-fsck doesn't prevent fsckd to stop'''
++ if not self._after_reboot:
++ self.install_process_killer_unit('systemd-fsck', kill=True)
++ self.reboot()
++ else:
++ self.assertFsckdStop()
++ self.assertProcessKilled()
++ self.assertTrue(self.is_failed_unit('systemd-fsck-root'))
++ self.assertWasRunning('systemd-fsckd')
++ self.assertWasRunning('plymouth-start')
++ self.assertSystemRunning()
++
++ def test_systemd_fsckd_with_failure(self):
++ '''Ensure that a failing systemd-fsckd doesn't prevent system to boot'''
++ if not self._after_reboot:
++ self.install_process_killer_unit('systemd-fsckd', kill=True)
++ self.reboot()
++ else:
++ self.assertFsckdStop()
++ self.assertProcessKilled()
++ self.assertFalse(self.is_failed_unit('systemd-fsck-root'))
++ self.assertTrue(self.is_failed_unit('systemd-fsckd'))
++ self.assertWasRunning('plymouth-start')
++ self.assertSystemRunning()
++
++ def test_systemd_fsck_with_plymouth_failure(self):
++ '''Ensure that a failing plymouth doesn't prevent fsckd to reconnect/exit'''
++ if not self._after_reboot:
++ self.install_process_killer_unit('plymouthd', kill=True)
++ self.reboot()
++ else:
++ self.assertFsckdStop()
++ self.assertWasRunning('process-killer')
++ self.assertFsckProceeded()
++ self.assertFalse(self.is_active_unit('plymouth-start'))
++ self.assertSystemRunning()
++
++ def install_bin(self, source, dest):
++ '''install mock fsck'''
++ shutil.copy2(source, dest)
++ st = os.stat(dest)
++ os.chmod(dest, st.st_mode | stat.S_IEXEC)
++
++ def is_active_unit(self, unit):
++ '''Check that given unit is active'''
++
++ return subprocess.call(['systemctl', 'status', unit],
++ stdout=subprocess.PIPE) == 0
++
++ def is_failed_unit(self, unit):
++ '''Check that given unit failed'''
++
++ p = subprocess.Popen(['systemctl', 'is-active', unit], stdout=subprocess.PIPE)
++ out, err = p.communicate()
++ if b'failed' in out:
++ return True
++ return False
++
++ def assertWasRunning(self, unit, expect_running=True):
++ '''Assert that a given unit has been running'''
++ p = subprocess.Popen(['systemctl', 'status', '--no-pager', unit],
++ stdout=subprocess.PIPE, universal_newlines=True)
++ out = p.communicate()[0].strip()
++ if expect_running:
++ self.assertRegex(out, 'Active:.*since')
++ else:
++ self.assertNotRegex(out, 'Active:.*since')
++ self.assertIn(p.returncode, (0, 3))
++
++ def assertFsckdStop(self):
++ '''Ensure systemd-fsckd stops, which indicates no more fsck activity'''
++ timeout = time() + FSCKD_TIMEOUT
++ while time() < timeout:
++ if not self.is_active_unit('systemd-fsckd'):
++ return
++ sleep(1)
++ raise Exception("systemd-fsckd still active after {}s".format(FSCKD_TIMEOUT))
++
++ def assertFsckProceeded(self, with_plymouth=True):
++ '''Assert we executed most of the fsck-related services successfully'''
++ self.assertWasRunning('systemd-fsckd')
++ self.assertFalse(self.is_failed_unit('systemd-fsckd'))
++ self.assertTrue(self.is_active_unit('systemd-fsck-root')) # remains active after exit
++ if with_plymouth:
++ self.assertWasRunning('plymouth-start')
++ else:
++ self.assertWasRunning('plymouth-start', expect_running=False)
++
++ def assertSystemRunning(self):
++ '''Assert that the system is running'''
++
++ self.assertTrue(self.is_active_unit('default.target'))
++
++ def assertProcessKilled(self):
++ '''Assert the targeted process was killed successfully'''
++ self.assertWasRunning('process-killer')
++ self.assertFalse(self.is_failed_unit('process-killer'))
++
++ def reboot(self):
++ '''Reboot the system with the current test marker'''
++ subprocess.check_call(['/tmp/autopkgtest-reboot', "{}:{}".format(self._test_name, self._return_code)])
++
++ def install_process_killer_unit(self, process_name, kill=False):
++ '''Create a systemd unit which will kill process_name'''
++ with open(SYSTEMD_PROCESS_KILLER_PATH, 'w') as f:
++ f.write('''[Unit]
++DefaultDependencies=no
++
++[Service]
++Type=simple
++ExecStart=/usr/bin/timeout 10 {} {}
++
++[Install]
++WantedBy=systemd-fsck-root.service'''.format(PROCESS_KILLER_PATH,
++ '--signal SIGKILL {}'.format(process_name) if kill else process_name))
++ subprocess.check_call(['systemctl', 'daemon-reload'])
++ subprocess.check_call(['systemctl', 'enable', 'process-killer'], stderr=subprocess.DEVNULL)
++
++
++def enable_plymouth(enable=True):
++ '''ensure plymouth is enabled in grub config (doesn't reboot)'''
++ plymouth_enabled = 'splash' in open('/boot/grub/grub.cfg').read()
++ if enable and not plymouth_enabled:
++ if os.path.exists(GRUB_AUTOPKGTEST_CONFIG_PATH):
++ shutil.copy2(GRUB_AUTOPKGTEST_CONFIG_PATH, TEST_AUTOPKGTEST_CONFIG_PATH)
++ for line in fileinput.input([TEST_AUTOPKGTEST_CONFIG_PATH], inplace=True):
++ if line.startswith("GRUB_CMDLINE_LINUX_DEFAULT"):
++ print(line[:line.rfind('"')] + ' splash quiet"\n')
++ else:
++ os.makedirs(os.path.dirname(TEST_AUTOPKGTEST_CONFIG_PATH), exist_ok=True)
++ with open(TEST_AUTOPKGTEST_CONFIG_PATH, 'w') as f:
++ f.write('GRUB_CMDLINE_LINUX_DEFAULT="console=ttyS0 splash quiet"\n')
++ elif not enable and plymouth_enabled:
++ with suppress(FileNotFoundError):
++ os.remove(TEST_AUTOPKGTEST_CONFIG_PATH)
++ subprocess.check_call(['update-grub'], stderr=subprocess.DEVNULL)
++
++
++def boot_with_systemd_distro():
++ '''Reboot with systemd as init and distro setup for grub'''
++ enable_plymouth()
++ subprocess.check_call(['/tmp/autopkgtest-reboot', 'systemd-started'])
++
++
++def getAllTests(unitTestClass):
++ '''get all test names in predictable sorted order from unitTestClass'''
++ return sorted([test[0] for test in inspect.getmembers(unitTestClass, predicate=inspect.isfunction)
++ if test[0].startswith('test_')])
++
++
++# ADT_REBOOT_MARK contains the test name to pursue after reboot
++# (to check results and states after reboot, mostly).
++# we append the previous global return code (0 or 1) to it.
++# Example: ADT_REBOOT_MARK=test_foo:0
++if __name__ == '__main__':
++ if os.path.exists('/run/initramfs/fsck-root'):
++ print('SKIP: root file system is being checked by initramfs already')
++ sys.exit(0)
++
++ all_tests = getAllTests(FsckdTest)
++ reboot_marker = os.getenv('ADT_REBOOT_MARK')
++
++ current_test_after_reboot = ""
++ if not reboot_marker:
++ boot_with_systemd_distro()
++
++ # first test
++ if reboot_marker == "systemd-started":
++ current_test = all_tests[0]
++ return_code = 0
++ else:
++ (current_test_after_reboot, return_code) = reboot_marker.split(':')
++ current_test = current_test_after_reboot
++ return_code = int(return_code)
++
++ # loop on remaining tests to run
++ try:
++ remaining_tests = all_tests[all_tests.index(current_test):]
++ except ValueError:
++ print("Invalid value for ADT_REBOOT_MARK, {} is not a valid test name".format(reboot_marker))
++ sys.exit(2)
++
++ # run all remaining tests
++ for test_name in remaining_tests:
++ after_reboot = False
++ # if this tests needed a reboot (and it has been performed), executes second part of it
++ if test_name == current_test_after_reboot:
++ after_reboot = True
++ suite = unittest.TestSuite()
++ suite.addTest(FsckdTest(test_name, after_reboot, return_code))
++ result = unittest.TextTestRunner(stream=sys.stdout, verbosity=2).run(suite)
++ if len(result.failures) != 0 or len(result.errors) != 0:
++ return_code = 1
++
++ sys.exit(return_code)
--- /dev/null
--- /dev/null
++#!/bin/sh
++set -e
++
++. `dirname $0`/assert.sh
++
++ORIG_TZ=`grep -v '^#' /etc/timezone`
++echo "original tz: $ORIG_TZ"
++
++echo 'timedatectl works'
++assert_in "Local time:" "`timedatectl --no-pager`"
++
++echo 'change timezone'
++assert_eq "`timedatectl --no-pager set-timezone Europe/Moscow 2>&1`" ""
++assert_eq "`readlink /etc/localtime | sed 's#^.*zoneinfo/##'`" "Europe/Moscow"
++[ -n "$TEST_UPSTREAM" ] || assert_eq "`cat /etc/timezone`" "Europe/Moscow"
++assert_in "Time.*zone: Europe/Moscow (MSK, +" "`timedatectl --no-pager`"
++
++echo 'reset timezone to original'
++assert_eq "`timedatectl --no-pager set-timezone $ORIG_TZ 2>&1`" ""
++assert_eq "`readlink /etc/localtime | sed 's#^.*zoneinfo/##'`" "$ORIG_TZ"
++[ -n "$TEST_UPSTREAM" ] || assert_eq "`cat /etc/timezone`" "$ORIG_TZ"
++
++# test setting UTC vs. LOCAL in /etc/adjtime
++if [ -e /etc/adjtime ]; then
++ ORIG_ADJTIME=`cat /etc/adjtime`
++ trap "echo '$ORIG_ADJTIME' > /etc/adjtime" EXIT INT QUIT PIPE
++else
++ trap "rm -f /etc/adjtime" EXIT INT QUIT PIPE
++fi
++
++echo 'no adjtime file'
++rm -f /etc/adjtime
++timedatectl set-local-rtc 0
++assert_true '[ ! -e /etc/adjtime ]'
++timedatectl set-local-rtc 1
++assert_eq "`cat /etc/adjtime`" "0.0 0 0
++0
++LOCAL"
++timedatectl set-local-rtc 0
++assert_true '[ ! -e /etc/adjtime ]'
++
++echo 'UTC set in adjtime file'
++printf '0.0 0 0\n0\nUTC\n' > /etc/adjtime
++timedatectl set-local-rtc 0
++assert_eq "`cat /etc/adjtime`" "0.0 0 0
++0
++UTC"
++timedatectl set-local-rtc 1
++assert_eq "`cat /etc/adjtime`" "0.0 0 0
++0
++LOCAL"
++
++echo 'non-zero values in adjtime file'
++printf '0.1 123 0\n0\nLOCAL\n' > /etc/adjtime
++timedatectl set-local-rtc 0
++assert_eq "`cat /etc/adjtime`" "0.1 123 0
++0
++UTC"
++timedatectl set-local-rtc 1
++assert_eq "`cat /etc/adjtime`" "0.1 123 0
++0
++LOCAL"
++
++echo 'fourth line adjtime file'
++printf '0.0 0 0\n0\nLOCAL\nsomethingelse\n' > /etc/adjtime
++timedatectl set-local-rtc 0
++assert_eq "`cat /etc/adjtime`" "0.0 0 0
++0
++UTC
++somethingelse"
++timedatectl set-local-rtc 1
++assert_eq "`cat /etc/adjtime`" "0.0 0 0
++0
++LOCAL
++somethingelse"
++
++echo 'no final newline in adjtime file'
++printf '0.0 0 0\n0\nUTC' > /etc/adjtime
++timedatectl set-local-rtc 0
++assert_true '[ ! -e /etc/adjtime ]'
++printf '0.0 0 0\n0\nUTC' > /etc/adjtime
++timedatectl set-local-rtc 1
++assert_eq "`cat /etc/adjtime`" "0.0 0 0
++0
++LOCAL"
++
++echo 'only one line in adjtime file'
++printf '0.0 0 0\n' > /etc/adjtime
++timedatectl set-local-rtc 0
++assert_true '[ ! -e /etc/adjtime ]'
++printf '0.0 0 0\n' > /etc/adjtime
++timedatectl set-local-rtc 1
++assert_eq "`cat /etc/adjtime`" "0.0 0 0
++0
++LOCAL"
++
++echo 'only one line in adjtime file, no final newline'
++printf '0.0 0 0' > /etc/adjtime
++timedatectl set-local-rtc 0
++assert_true '[ ! -e /etc/adjtime ]'
++printf '0.0 0 0' > /etc/adjtime
++timedatectl set-local-rtc 1
++assert_eq "`cat /etc/adjtime`" "0.0 0 0
++0
++LOCAL"
++
++echo 'only two lines in adjtime file'
++printf '0.0 0 0\n0\n' > /etc/adjtime
++timedatectl set-local-rtc 0
++assert_true '[ ! -e /etc/adjtime ]'
++printf '0.0 0 0\n0\n' > /etc/adjtime
++timedatectl set-local-rtc 1
++assert_eq "`cat /etc/adjtime`" "0.0 0 0
++0
++LOCAL"
++
++
++echo 'only two lines in adjtime file, no final newline'
++printf '0.0 0 0\n0' > /etc/adjtime
++timedatectl set-local-rtc 0
++assert_true '[ ! -e /etc/adjtime ]'
++printf '0.0 0 0\n0' > /etc/adjtime
++timedatectl set-local-rtc 1
++assert_eq "`cat /etc/adjtime`" "0.0 0 0
++0
++LOCAL"
++
++echo 'unknown value in 3rd line of adjtime file'
++printf '0.0 0 0\n0\nFOO\n' > /etc/adjtime
++timedatectl set-local-rtc 0
++assert_true '[ ! -e /etc/adjtime ]'
++printf '0.0 0 0\n0\nFOO\n' > /etc/adjtime
++timedatectl set-local-rtc 1
++assert_eq "`cat /etc/adjtime`" "0.0 0 0
++0
++LOCAL"
--- /dev/null
--- /dev/null
++#!/bin/sh
++# autopkgtest check: Run upstream udev test script
++# (C) 2016 Canonical Ltd.
++# Author: Martin Pitt <martin.pitt@ubuntu.com>
++set -euC
++
++TEST_DIR=${ADTTMP:=$(mktemp -d)}
++mkdir -p $TEST_DIR/test
++test/sys-script.py $TEST_DIR/test
++cp test/udev-test.pl $TEST_DIR
++cp /usr/lib/systemd/tests/manual/test-udev $TEST_DIR
++cd $TEST_DIR
++./udev-test.pl
--- /dev/null
--- /dev/null
++#!/usr/bin/python3
++# autopkgtest check: enable/disable/configure units
++# (C) 2015 Canonical Ltd.
++# Author: Martin Pitt <martin.pitt@ubuntu.com>
++
++import unittest
++import subprocess
++import os
++import sys
++import tempfile
++from glob import glob
++
++system_unit_dir = subprocess.check_output(
++ ['pkg-config', '--variable=systemdsystemunitdir', 'systemd'],
++ universal_newlines=True).strip()
++systemd_sysv_install = os.path.join(os.path.dirname(system_unit_dir),
++ 'systemd-sysv-install')
++
++
++class EnableTests(unittest.TestCase):
++ def tearDown(self):
++ # remove all traces from our test unit
++ f = glob(system_unit_dir + '/test_enable*.service')
++ f += glob(system_unit_dir + '/*/test_enable*.service')
++ f += glob('/etc/systemd/system/test_enable*.service')
++ f += glob('/etc/systemd/system/*/test_enable*.service')
++ f += glob('/etc/init.d/test_enable*')
++ f += glob('/etc/rc?.d/???test_enable*')
++ [os.unlink(i) for i in f]
++ subprocess.check_call(['systemctl', 'daemon-reload'])
++
++ def create_unit(self, suffix='', enable=False):
++ '''Create a test unit'''
++
++ unit = os.path.join(system_unit_dir,
++ 'test_enable%s.service' % suffix)
++ with open(unit, 'w') as f:
++ f.write('''[Unit]
++Description=Testsuite unit %s
++[Service]
++ExecStart=/bin/echo hello
++[Install]
++WantedBy=multi-user.target
++''' % suffix)
++
++ if enable:
++ os.symlink(unit, '/etc/systemd/system/multi-user.target.wants/' +
++ os.path.basename(unit))
++
++ return unit
++
++ def create_sysv(self, suffix='', enable=False):
++ '''Create a test SysV script'''
++
++ script = '/etc/init.d/test_enable%s' % suffix
++ with open(script, 'w') as f:
++ f.write('''/bin/sh
++### BEGIN INIT INFO
++# Provides: test_enable%s
++# Required-Start: $remote_fs $syslog
++# Required-Stop: $remote_fs $syslog
++# Default-Start: 2 3 4 5
++# Default-Stop: 0 1 6
++# Short-Description: Testsuite script%s
++### END INIT INFO
++
++echo hello
++''' % (suffix, suffix))
++ os.chmod(script, 0o755)
++
++ if enable:
++ subprocess.check_call(
++ [systemd_sysv_install, 'enable', os.path.basename(script)])
++
++ def assertEnabled(self, enabled, unit='test_enable.service'):
++ '''assert that given unit has expected state'''
++
++ systemctl = subprocess.Popen(['systemctl', 'is-enabled', unit],
++ stdout=subprocess.PIPE,
++ universal_newlines=True)
++ out = systemctl.communicate()[0].strip()
++ if enabled:
++ self.assertEqual(systemctl.returncode, 0)
++ self.assertEqual(out, 'enabled')
++ else:
++ self.assertEqual(systemctl.returncode, 1)
++ self.assertEqual(out, 'disabled')
++
++ def test_unit_enable(self):
++ '''no sysv: enable unit'''
++
++ self.create_unit()
++ self.assertEnabled(False)
++ # also works without .service suffix
++ self.assertEnabled(False, unit='test_enable')
++
++ subprocess.check_call(['systemctl', 'enable', 'test_enable'])
++
++ self.assertEnabled(True)
++ # also works without .service suffix
++ self.assertEnabled(True, unit='test_enable')
++
++ l = '/etc/systemd/system/multi-user.target.wants/test_enable.service'
++ self.assertTrue(os.path.islink(l))
++ self.assertEqual(os.readlink(l),
++ system_unit_dir + '/test_enable.service')
++
++ # enable should be idempotent
++ subprocess.check_call(['systemctl', 'enable', 'test_enable.service'])
++ self.assertEnabled(True)
++
++ def test_unit_disable(self):
++ '''no sysv: disable unit'''
++
++ self.create_unit(enable=True)
++ self.assertEnabled(True)
++ # also works without .service suffix
++ self.assertEnabled(True, unit='test_enable')
++
++ subprocess.check_call(['systemctl', 'disable', 'test_enable'])
++
++ self.assertEnabled(False)
++ # also works without .service suffix
++ self.assertEnabled(False, unit='test_enable')
++
++ l = '/etc/systemd/system/multi-user.target.wants/test_enable.service'
++ self.assertFalse(os.path.islink(l))
++
++ # disable should be idempotent
++ subprocess.check_call(['systemctl', 'disable', 'test_enable.service'])
++ self.assertEnabled(False)
++
++ def test_unit_sysv_enable(self):
++ '''with sysv: enable unit'''
++
++ self.create_unit()
++ self.create_sysv()
++ self.assertEnabled(False)
++ # also works without .service suffix
++ self.assertEnabled(False, unit='test_enable')
++
++ subprocess.check_call(['systemctl', 'enable', 'test_enable'])
++
++ self.assertEnabled(True)
++ # also works without .service suffix
++ self.assertEnabled(True, unit='test_enable')
++
++ l = '/etc/systemd/system/multi-user.target.wants/test_enable.service'
++ self.assertTrue(os.path.islink(l))
++ self.assertEqual(os.readlink(l),
++ system_unit_dir + '/test_enable.service')
++
++ # enabled the sysv script
++ l = glob('/etc/rc2.d/S??test_enable')
++ self.assertEqual(len(l), 1, 'expect one symlink in %s' % repr(l))
++ self.assertEqual(os.readlink(l[0]), '../init.d/test_enable')
++
++ # enable should be idempotent
++ subprocess.check_call(['systemctl', 'enable', 'test_enable.service'])
++ self.assertEnabled(True)
++
++ def test_unit_sysv_disable(self):
++ '''with sysv: disable unit'''
++
++ self.create_unit(enable=True)
++ self.create_sysv(enable=True)
++ self.assertEnabled(True)
++ # also works without .service suffix
++ self.assertEnabled(True, unit='test_enable')
++
++ subprocess.check_call(['systemctl', 'disable', 'test_enable'])
++
++ self.assertEnabled(False)
++ # also works without .service suffix
++ self.assertEnabled(False, unit='test_enable')
++
++ l = '/etc/systemd/system/multi-user.target.wants/test_enable.service'
++ self.assertFalse(os.path.islink(l))
++
++ # disabled the sysv script
++ l = glob('/etc/rc2.d/S??test_enable')
++ self.assertEqual(l, [])
++
++ # disable should be idempotent
++ subprocess.check_call(['systemctl', 'enable', 'test_enable.service'])
++ self.assertEnabled(True)
++
++ def test_unit_alias_enable(self):
++ '''no sysv: enable unit with an alias'''
++
++ u = self.create_unit()
++ with open(u, 'a') as f:
++ f.write('Alias=test_enablea.service\n')
++
++ self.assertEnabled(False)
++
++ subprocess.check_call(['systemctl', 'enable', 'test_enable'])
++
++ self.assertEnabled(True)
++
++ # enablement symlink
++ l = '/etc/systemd/system/multi-user.target.wants/test_enable.service'
++ self.assertTrue(os.path.islink(l))
++ self.assertEqual(os.readlink(l),
++ system_unit_dir + '/test_enable.service')
++
++ # alias symlink
++ l = '/etc/systemd/system/test_enablea.service'
++ self.assertTrue(os.path.islink(l))
++ self.assertEqual(os.readlink(l),
++ system_unit_dir + '/test_enable.service')
++
++ def test_unit_alias_disable(self):
++ '''no sysv: disable unit with an alias'''
++
++ u = self.create_unit()
++ with open(u, 'a') as f:
++ f.write('Alias=test_enablea.service\n')
++ os.symlink(system_unit_dir + '/test_enable.service',
++ '/etc/systemd/system/test_enablea.service')
++
++ subprocess.check_call(['systemctl', 'disable', 'test_enable'])
++
++ self.assertEnabled(False)
++
++ # enablement symlink
++ l = '/etc/systemd/system/multi-user.target.wants/test_enable.service'
++ self.assertFalse(os.path.islink(l))
++
++ # alias symlink
++ l = '/etc/systemd/system/test_enablea.service'
++ self.assertFalse(os.path.islink(l))
++
++ def test_unit_sysv_alias_enable(self):
++ '''with sysv: enable unit with an alias'''
++
++ u = self.create_unit()
++ with open(u, 'a') as f:
++ f.write('Alias=test_enablea.service\n')
++ self.create_sysv()
++
++ self.assertEnabled(False)
++
++ subprocess.check_call(['systemctl', 'enable', 'test_enable'])
++
++ # enablement symlink
++ l = '/etc/systemd/system/multi-user.target.wants/test_enable.service'
++ self.assertTrue(os.path.islink(l))
++ self.assertEqual(os.readlink(l),
++ system_unit_dir + '/test_enable.service')
++
++ # alias symlink
++ l = '/etc/systemd/system/test_enablea.service'
++ self.assertTrue(os.path.islink(l))
++ self.assertEqual(os.readlink(l),
++ system_unit_dir + '/test_enable.service')
++
++ # enabled the sysv script
++ l = glob('/etc/rc2.d/S??test_enable')
++ self.assertEqual(len(l), 1, 'expect one symlink in %s' % repr(l))
++ self.assertEqual(os.readlink(l[0]), '../init.d/test_enable')
++
++ self.assertEnabled(True)
++
++ def test_unit_sysv_alias_disable(self):
++ '''with sysv: disable unit with an alias'''
++
++ u = self.create_unit(enable=True)
++ with open(u, 'a') as f:
++ f.write('Alias=test_enablea.service\n')
++ os.symlink(system_unit_dir + '/test_enable.service',
++ '/etc/systemd/system/test_enablea.service')
++ self.create_sysv(enable=True)
++
++ subprocess.check_call(['systemctl', 'disable', 'test_enable'])
++
++ # enablement symlink
++ l = '/etc/systemd/system/multi-user.target.wants/test_enable.service'
++ self.assertFalse(os.path.islink(l))
++
++ # alias symlink
++ l = '/etc/systemd/system/test_enablea.service'
++ self.assertFalse(os.path.islink(l))
++
++ # disabled the sysv script
++ l = glob('/etc/rc2.d/S??test_enable')
++ self.assertEqual(l, [])
++
++ self.assertEnabled(False)
++
++ def test_sysv_enable(self):
++ '''only sysv: enable'''
++
++ self.create_sysv()
++ subprocess.check_call(['systemctl', 'enable', 'test_enable'])
++
++ # enabled the sysv script
++ l = glob('/etc/rc2.d/S??test_enable')
++ self.assertEqual(len(l), 1, 'expect one symlink in %s' % repr(l))
++ self.assertEqual(os.readlink(l[0]), '../init.d/test_enable')
++
++ # enable should be idempotent
++ subprocess.check_call(['systemctl', 'enable', 'test_enable'])
++ self.assertEnabled(True)
++
++ def test_sysv_disable(self):
++ '''only sysv: disable'''
++
++ self.create_sysv(enable=True)
++ subprocess.check_call(['systemctl', 'disable', 'test_enable'])
++
++ # disabled the sysv script
++ l = glob('/etc/rc2.d/S??test_enable')
++ self.assertEqual(l, [])
++
++ # disable should be idempotent
++ subprocess.check_call(['systemctl', 'disable', 'test_enable'])
++ self.assertEnabled(False)
++
++ def test_unit_link(self):
++ '''systemctl link'''
++
++ with tempfile.NamedTemporaryFile(suffix='.service') as f:
++ f.write(b'[Unit]\n')
++ f.flush()
++ subprocess.check_call(['systemctl', 'link', f.name])
++
++ unit = os.path.basename(f.name)
++ l = os.path.join('/etc/systemd/system', unit)
++ self.assertEqual(os.readlink(l), f.name)
++
++ # disable it again
++ subprocess.check_call(['systemctl', 'disable', unit])
++ # this should also remove the unit symlink
++ self.assertFalse(os.path.islink(l))
++
++ def test_unit_enable_full_path(self):
++ '''systemctl enable a unit in a non-default path'''
++
++ with tempfile.NamedTemporaryFile(suffix='.service') as f:
++ f.write(b'''[Unit]
++Description=test
++[Service]
++ExecStart=/bin/true
++[Install]
++WantedBy=multi-user.target''')
++ f.flush()
++ unit = os.path.basename(f.name)
++
++ # now enable it
++ subprocess.check_call(['systemctl', 'enable', f.name])
++ self.assertEnabled(True, unit=unit)
++ l = os.path.join('/etc/systemd/system', unit)
++ self.assertEqual(os.readlink(l), f.name)
++ enable_l = '/etc/systemd/system/multi-user.target.wants/' + unit
++ self.assertEqual(os.readlink(enable_l), f.name)
++
++ # disable it again
++ subprocess.check_call(['systemctl', 'disable', unit])
++ # self.assertEnabled(False) does not work as now systemd does not
++ # know about the unit at all any more
++ self.assertFalse(os.path.islink(enable_l))
++ # this should also remove the unit symlink
++ self.assertFalse(os.path.islink(l))
++
++
++if __name__ == '__main__':
++ unittest.main(testRunner=unittest.TextTestRunner(stream=sys.stdout,
++ verbosity=2))
--- /dev/null
--- /dev/null
++#!/bin/sh
++# run upstream system integration tests
++# Author: Martin Pitt <martin.pitt@ubuntu.com>
++set -e
++
++# even after installing policycoreutils this fails with
++# "Failed to install /usr/libexec/selinux/hll/pp"
++BLACKLIST="TEST-06-SELINUX"
++
++# quiesce Makefile.guess; not really relevant as systemd/nspawn run from
++# installed packages
++export BUILD_DIR=.
++
++# modify the image build scripts to install systemd from the debs instead of
++# from a "make/ninja install" as we don't have a built tree here. Also call
++# systemd-nspawn from the system.
++sed -i '/DESTDIR.* install/ s%^.*$% for p in `grep ^Package: '`pwd`'/debian/control | cut -f2 -d\\ |grep -Ev -- "-(udeb|dev)"`; do (cd /tmp; apt-get download $p \&\& dpkg-deb --fsys-tarfile ${p}[._]*deb | tar -C $initdir --dereference -x); done%; s_[^" ]*/systemd-nspawn_systemd-nspawn_g; s/\(_ninja_bin=\).*/\1dummy-ninja/' test/test-functions
++
++# adjust path
++sed -i 's_/usr/libexec/selinux/hll/pp_/usr/lib/selinux/hll/pp_' test/TEST-06-SELINUX/test.sh
++
++FAILED=""
++
++for t in test/TEST*; do
++ echo "$BLACKLIST" | grep -q "$(basename $t)" && continue
++ echo "========== `basename $t` =========="
++ rm -rf /var/tmp/systemd-test.*
++ if ! make -C $t setup run clean; then
++ for j in /var/tmp/systemd-test.*/journal/*; do
++ [ -e "$j" ] || continue
++ # keep the entire journal in artifacts, in case one needs the debug messages
++ cp -r "$j" "$AUTOPKGTEST_ARTIFACTS/$(basename $t)-$(basename $j)"
++ echo "---- $j ----"
++ journalctl --priority=warning --directory=$j
++ done
++ FAILED="$FAILED $t"
++ fi
++ echo
++done
++
++if [ -n "$FAILED" ]; then
++ echo FAILED TESTS: "$FAILED"
++ exit 1
++fi
--- /dev/null
--- /dev/null
++/etc/udev/rules.d/
--- /dev/null
--- /dev/null
++lib/systemd/network/99-default.link
++lib/systemd/systemd-udevd
++bin/udevadm
++lib/udev/ata_id
++lib/udev/scsi_id
++lib/udev/cdrom_id
++lib/udev/rules.d/50-udev-default.rules
++lib/udev/rules.d/60-cdrom_id.rules
++lib/udev/rules.d/60-input-id.rules
++lib/udev/rules.d/60-persistent-input.rules
++lib/udev/rules.d/60-persistent-storage.rules
++lib/udev/rules.d/64-btrfs.rules
++lib/udev/rules.d/75-net-description.rules
++lib/udev/rules.d/75-probe_mtd.rules
++lib/udev/rules.d/80-drivers.rules
++lib/udev/rules.d/80-net-setup-link.rules
++../../extra/rules/50-firmware.rules lib/udev/rules.d/
++../../extra/rules/73-special-net-names.rules lib/udev/rules.d/
++../../extra/rules/73-usb-net-by-mac.rules lib/udev/rules.d/
++../../extra/start-udev lib/debian-installer/
--- /dev/null
--- /dev/null
++systemd (220-7) unstable; urgency=medium
++
++ The mechanism for providing stable network interface names changed.
++ Previously they were kept in /etc/udev/rules.d/70-persistent-net.rules
++ which mapped device MAC addresses to the (arbitrary) name they got when
++ they first appeared (i. e. mostly at the time of installation). As this
++ had several problems and is not supported any more, this is deprecated in
++ favor of the "net.ifnames" mechanism. With this most of your network
++ interfaces will get location-based names. If you have ifupdown, firewall,
++ or other configuration that relies on the old names, you need to update
++ these by Debian 10/Ubuntu 18.04 LTS, and then remove
++ /etc/udev/rules.d/70-persistent-net.rules. Please see
++ /usr/share/doc/udev/README.Debian.gz for details about this.
++
++ -- Martin Pitt <mpitt@debian.org> Mon, 15 Jun 2015 15:30:29 +0200
--- /dev/null
--- /dev/null
++This documents udev integration Debian specifics. Please see man udev(7) and
++its referenced manpages for general documentation.
++
++Network interface naming
++~~~~~~~~~~~~~~~~~~~~~~~~
++Since version 197 udev has a builtin persistent name generator which checks
++firmware/BIOS provided index numbers or slot names (similar to biosdevname),
++falls back to slot names (PCI numbers, etc., in the spirit of
++/dev/disks/by-path/), and then optionally falls back to MAC address, and
++generates names based on these properties. This provides "location oriented"
++names for PCI cards such as "enp0s1" for ethernet, or wlp1s0" for a WIFI card
++so that replacing a broken network card does not change the name (as long
++as the new card is fitted into the bus in the old card's slot.) As location
++based naming does not work well for USB devices, these use a MAC based naming
++schema (see /lib/udev/rules.d/73-usb-net-by-mac.rules).
++
++This has been enabled by default since udev 220-7, which affects new
++installations/hardware. Existing installations/hardware which already got
++covered by the old 75-persistent-net-generator.rules may keep their existing
++interface names until the release of Debian 10 / Ubuntu 18.04 LTS; see
++below.
++
++You can disable these stable names and go back to the kernel-provided ones
++(which don't have a stable order) in one of two ways:
++
++ - Put "net.ifnames=0" into the kernel command line (e. g. in
++ /etc/default/grub's GRUB_CMDLINE_LINUX_DEFAULT, then run "update-grub").
++
++ - Disable the default *.link rules with
++ "ln -s /dev/null /etc/systemd/network/99-default.link"
++ and rebuild the initrd with "update-initramfs -u".
++
++See this page for more information:
++http://www.freedesktop.org/wiki/Software/systemd/PredictableNetworkInterfaceNames/
++
++Legacy persistent network interface naming
++~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
++Debian releases up to 8 ("Jessie") and Ubuntu up to 15.04 had an udev rule
++/lib/udev/rules.d/75-persistent-net-generator.rules which fixed the name of a
++network interface that it got when its MAC address first appeared in a
++dynamically created /etc/udev/rules.d/70-persistent-net.rules file.
++
++This had inherent race conditions (which sometimes caused collisions and
++interface names like "rename1"), required having to write state into /etc
++(which isn't possible for read-only root), and did not work in virtualized
++environments.
++
++This old schema is deprecated in Debian 9 ("Stretch"), and will not
++be supported any more in Debian 10.
++
++Migration to the current network interface naming scheme
++~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
++Interface names must be be manually migrated to the new naming scheme before
++upgrading to Debian 10 / Ubuntu 18.04 LTS. If you rely on the old names in
++custom ifupdown stanzas, firewall scripts, or other networking configuration,
++these will eventually need to be updated to the new names.
++
++WARNING: This process may render your machine inaccessible through ssh. Be sure
++to have physical or serial console access to the machine or a way to revert to
++your existing configuration.
++
++First, determine all relevant network interface names: those in
++/etc/udev/rules.d/70-persistent-net.rules, or if that does not exist (in
++the case of virtual machines), in "ip link" or /sys/class/net/.
++
++Then for every interface name use a command like
++
++ grep -r eth0 /etc
++
++to find out where it is being used.
++
++Then on "real hardware" machines, rename the file to
++70-persistent-net.rules.old; alternately, if you have multiple interfaces,
++instead of renaming you may wish to comment out specific lines to convert a
++single interface at a time.
++
++On VMs remove the files /etc/systemd/network/99-default.link and
++/etc/systemd/network/50-virtio-kernel-names.link (the latter only exists on VMs
++that use virtio network devices).
++
++Rebuild the initrd with
++
++ update-initramfs -u
++
++and reboot. Then your system should have a new network interface name (or
++names). Adjust configuration files as discovered with the grep above, and test
++your system.
++
++Repeat for each network interface name, as necessary.
++
++Custom net interface naming
++~~~~~~~~~~~~~~~~~~~~~~~~~~~
++In some cases it is convenient to define your own specific names for network
++interfaces. These can be customized in two different ways:
++
++ * You can create your own names via *.link files (see systemd.link(5)) based
++ on hardware properties. For example, /etc/systemd/network/10-dmz.link:
++
++ ------------ snip ------------
++ [Match]
++ MACAddress=11:22:aa:bb:cc:33
++
++ [Link]
++ Name=eth-dmz
++ ------------ snip ------------
++
++ * If you need attributes that link files don't expose, or you need more
++ powerful pattern matching, you can create udev rules (see udev(7))
++ like /etc/udev/rules.d/76-netnames.rules:
++
++ ------------ snip ------------
++ # identify by vendor/model ID
++ SUBSYSTEM=="net", ACTION=="add", ENV{ID_VENDOR_ID}=="0x8086", \
++ ENV{ID_MODEL_ID}=="0x1502", NAME="eth-intel-gb"
++
++ # USB device by path
++ # get ID_PATH if not present yet
++ ENV{ID_PATH}=="", IMPORT{builtin}="path_id"
++ SUBSYSTEM=="net", ACTION=="add", ENV{ID_PATH}=="*-usb-0:3:1*", NAME="eth-blue-hub"
++ ------------ snip ----------
++
++ The name of the rules file needs to have a prefix smaller than "80" so that
++ it runs before /lib/udev/rules.d/80-net-setup-link.rules, and should have a
++ prefix bigger than "75" so that it runs after 75-net-description.rules and
++ thus you can use matches on ID_VENDOR and similar properties.
++
++ * Unless you disabled net.ifnames, you can change the policy
++ (kernel/bios/path/MAC based naming) in an /etc/systemd/network/*.link file,
++ for individual devices or entire device classes. See man systemd.link(5) for
++ details about this. /lib/systemd/network/99-default.link is the default
++ policy. Note that /lib/udev/rules.d/73-usb-net-by-mac.rules uses MAC based
++ names for USB devices.
++
++Any of the above changes require an initrd update with "update-initramfs -u" to
++get effective.
++
++Using udev with LDAP or NIS
++~~~~~~~~~~~~~~~~~~~~~~~~~~~
++If the rules files reference usernames or groups not present in the
++/etc/{passwd,group} files and the system is configured to use a
++network-based database like LDAP or NIS then udev may fail at boot time
++because users and groups are looked up well before the network has been
++initialized.
++A possible solution is to configure /etc/nsswitch.conf like this:
++
++ passwd: files ldap [UNAVAIL=return]
++ group: files ldap [UNAVAIL=return]
++
++The nsswitch.conf syntax is documented in the glibc manual.
--- /dev/null
--- /dev/null
++package-status: systemd
--- /dev/null
--- /dev/null
++#!/bin/sh
++
++# We don’t clean up this directory because there is no way to know when
++# reportbug finished running, and reportbug needs the files around.
++# Given that those are just a couple of kilobytes in size and people
++# generally don’t file a lot of bugs, I don’t think it’s a big deal.
++DIR=$(mktemp -d)
++
++echo "-- BEGIN ATTACHMENTS --" >&3
++
++udevadm info --export-db >$DIR/udev-database.txt
++echo "$DIR/udev-database.txt" >&3
++
++echo "-- END ATTACHMENTS --" >&3
--- /dev/null
--- /dev/null
++#!/bin/sh -e
++### BEGIN INIT INFO
++# Provides: udev
++# Required-Start: mountkernfs
++# Required-Stop: umountroot
++# Default-Start: S
++# Default-Stop: 0 6
++# Short-Description: Start systemd-udevd, populate /dev and load drivers.
++### END INIT INFO
++
++PATH="/sbin:/bin"
++NAME="systemd-udevd"
++DAEMON="/lib/systemd/systemd-udevd"
++DESC="hotplug events dispatcher"
++PIDFILE="/run/udev.pid"
++CTRLFILE="/run/udev/control"
++OMITDIR="/run/sendsigs.omit.d"
++
++# we need to unmount /dev/pts/ and remount it later over the devtmpfs
++unmount_devpts() {
++ if mountpoint -q /dev/pts/; then
++ umount -n -l /dev/pts/
++ fi
++
++ if mountpoint -q /dev/shm/; then
++ umount -n -l /dev/shm/
++ fi
++}
++
++# mount a devtmpfs over /dev, if somebody did not already do it
++mount_devtmpfs() {
++ if grep -E -q "^[^[:space:]]+ /dev devtmpfs" /proc/mounts; then
++ mount -n -o remount,nosuid,size=$tmpfs_size,mode=0755 -t devtmpfs devtmpfs /dev
++ return
++ fi
++
++ if ! mount -n -o nosuid,size=$tmpfs_size,mode=0755 -t devtmpfs devtmpfs /dev; then
++ log_failure_msg "udev requires devtmpfs support, not started"
++ log_end_msg 1
++ fi
++
++ return 0
++}
++
++create_dev_makedev() {
++ if [ -e /sbin/MAKEDEV ]; then
++ ln -sf /sbin/MAKEDEV /dev/MAKEDEV
++ else
++ ln -sf /bin/true /dev/MAKEDEV
++ fi
++}
++
++# shell version of /usr/bin/tty
++my_tty() {
++ [ -x /bin/readlink ] || return 0
++ [ -e /proc/self/fd/0 ] || return 0
++ readlink --silent /proc/self/fd/0 || true
++}
++
++warn_if_interactive() {
++ if [ "$RUNLEVEL" = "S" -a "$PREVLEVEL" = "N" ]; then
++ return
++ fi
++
++ TTY=$(my_tty)
++ if [ -z "$TTY" -o "$TTY" = "/dev/console" -o "$TTY" = "/dev/null" ]; then
++ return
++ fi
++
++ printf "\n\n\nIt has been detected that the command\n\n\t$0 $*\n\n"
++ printf "has been run from an interactive shell.\n"
++ printf "It will probably not do what you expect, so this script will wait\n"
++ printf "60 seconds before continuing. Press ^C to stop it.\n"
++ printf "RUNNING THIS COMMAND IS HIGHLY DISCOURAGED!\n\n\n\n"
++ sleep 60
++}
++
++make_static_nodes() {
++ [ -e /lib/modules/$(uname -r)/modules.devname ] || return 0
++ [ -x /bin/kmod ] || return 0
++
++ /bin/kmod static-nodes --format=tmpfiles --output=/proc/self/fd/1 | \
++ while read type name mode uid gid age arg; do
++ [ -e $name ] && continue
++ case "$type" in
++ c|b|c!|b!) mknod -m $mode $name $type $(echo $arg | sed 's/:/ /') ;;
++ d|d!) mkdir $name ;;
++ *) echo "unparseable line ($type $name $mode $uid $gid $age $arg)" >&2 ;;
++ esac
++
++ if [ -x /sbin/restorecon ]; then
++ /sbin/restorecon $name
++ fi
++ done
++}
++
++
++##############################################################################
++
++
++[ -x $DAEMON ] || exit 0
++
++# defaults
++tmpfs_size="10M"
++
++if [ -e /etc/udev/udev.conf ]; then
++ . /etc/udev/udev.conf
++fi
++
++. /lib/lsb/init-functions
++
++if [ ! -e /proc/filesystems ]; then
++ log_failure_msg "udev requires a mounted procfs, not started"
++ log_end_msg 1
++fi
++
++if ! grep -q '[[:space:]]devtmpfs$' /proc/filesystems; then
++ log_failure_msg "udev requires devtmpfs support, not started"
++ log_end_msg 1
++fi
++
++if [ ! -d /sys/class/ ]; then
++ log_failure_msg "udev requires a mounted sysfs, not started"
++ log_end_msg 1
++fi
++
++if ! ps --no-headers --format args ax | egrep -q '^\['; then
++ log_warning_msg "udev does not support containers, not started"
++ exit 0
++fi
++
++if [ -d /sys/class/mem/null -a ! -L /sys/class/mem/null ] || \
++ [ -e /sys/block -a ! -e /sys/class/block ]; then
++ log_warning_msg "CONFIG_SYSFS_DEPRECATED must not be selected"
++ log_warning_msg "Booting will continue in 30 seconds but many things will be broken"
++ sleep 30
++fi
++
++# When modifying this script, do not forget that between the time that the
++# new /dev has been mounted and udevadm trigger has been run there will be
++# no /dev/null. This also means that you cannot use the "&" shell command.
++
++case "$1" in
++ start)
++ if [ ! -e "/run/udev/" ]; then
++ warn_if_interactive
++ fi
++
++ if [ -w /sys/kernel/uevent_helper ]; then
++ echo > /sys/kernel/uevent_helper
++ fi
++
++ if ! mountpoint -q /dev/; then
++ unmount_devpts
++ mount_devtmpfs
++ [ -d /proc/1 ] || mount -n /proc
++ fi
++
++ make_static_nodes
++
++ # clean up parts of the database created by the initramfs udev
++ udevadm info --cleanup-db
++
++ # set the SELinux context for devices created in the initramfs
++ [ -x /sbin/restorecon ] && /sbin/restorecon -R /dev
++
++ log_daemon_msg "Starting $DESC" "$NAME"
++ if start-stop-daemon --start --name $NAME --user root --quiet \
++ --pidfile $PIDFILE --exec $DAEMON --background --make-pidfile; then
++ # prevents udevd to be killed by sendsigs (see #791944)
++ mkdir -p $OMITDIR
++ ln -sf $PIDFILE $OMITDIR/$NAME
++ log_end_msg $?
++ else
++ log_warning_msg $?
++ log_warning_msg "Waiting 15 seconds and trying to continue anyway"
++ sleep 15
++ fi
++
++ log_action_begin_msg "Synthesizing the initial hotplug events"
++ if udevadm trigger --action=add; then
++ log_action_end_msg $?
++ else
++ log_action_end_msg $?
++ fi
++
++ create_dev_makedev
++
++ # wait for the systemd-udevd childs to finish
++ log_action_begin_msg "Waiting for /dev to be fully populated"
++ if udevadm settle; then
++ log_action_end_msg 0
++ else
++ log_action_end_msg 0 'timeout'
++ fi
++ ;;
++
++ stop)
++ log_daemon_msg "Stopping $DESC" "$NAME"
++ if start-stop-daemon --stop --name $NAME --user root --quiet \
++ --pidfile $PIDFILE --remove-pidfile --oknodo --retry 5; then
++ # prevents cryptsetup/dmsetup hangs (see #791944)
++ rm -f $CTRLFILE
++ log_end_msg $?
++ else
++ log_end_msg $?
++ fi
++ ;;
++
++ restart)
++ log_daemon_msg "Stopping $DESC" "$NAME"
++ if start-stop-daemon --stop --name $NAME --user root --quiet \
++ --pidfile $PIDFILE --remove-pidfile --oknodo --retry 5; then
++ # prevents cryptsetup/dmsetup hangs (see #791944)
++ rm -f $CTRLFILE
++ log_end_msg $?
++ else
++ log_end_msg $? || true
++ fi
++
++ log_daemon_msg "Starting $DESC" "$NAME"
++ if start-stop-daemon --start --name $NAME --user root --quiet \
++ --pidfile $PIDFILE --exec $DAEMON --background --make-pidfile; then
++ # prevents udevd to be killed by sendsigs (see #791944)
++ mkdir -p $OMITDIR
++ ln -sf $PIDFILE $OMITDIR/$NAME
++ log_end_msg $?
++ else
++ log_end_msg $?
++ fi
++ ;;
++
++ reload|force-reload)
++ udevadm control --reload-rules
++ ;;
++
++ status)
++ status_of_proc $DAEMON $NAME && exit 0 || exit $?
++ ;;
++
++ *)
++ echo "Usage: /etc/init.d/udev {start|stop|restart|reload|force-reload|status}" >&2
++ exit 1
++ ;;
++esac
++
++exit 0
++
--- /dev/null
--- /dev/null
++etc/udev/
++lib/udev/*
++lib/systemd/network/*.link
++lib/systemd/system/systemd-udev*
++lib/systemd/system/systemd-hwdb*
++lib/systemd/system/*.target.wants/systemd-udev*
++lib/systemd/system/*.target.wants/*hwdb*
++lib/systemd/systemd-udevd
++bin/udevadm
++bin/systemd-hwdb
++usr/share/man/man5/udev.conf.5
++usr/share/man/man5/systemd.link.5
++usr/share/man/man7/hwdb.7
++usr/share/man/man7/udev.7
++usr/share/man/man8/systemd-hwdb*
++usr/share/man/man8/systemd-udevd*
++usr/share/man/man8/udevadm.8
++usr/share/bash-completion/completions/udevadm
++usr/share/zsh/vendor-completions/_udevadm
++usr/share/pkgconfig/udev.pc
++../../extra/initramfs-tools usr/share/
++../../extra/rules/*.rules lib/udev/rules.d/
++#../../extra/*.hwdb lib/udev/hwdb.d/
++../../extra/fbdev-blacklist.conf lib/modprobe.d/
--- /dev/null
--- /dev/null
++/lib/systemd/system/systemd-udevd.service /lib/systemd/system/udev.service
++/bin/udevadm /sbin/udevadm
--- /dev/null
--- /dev/null
++rm_conffile /etc/init.d/udev-finish 226-1~
++rm_conffile /etc/init/udev-finish.conf 226-1~
++rm_conffile /etc/init/udev-fallback-graphics.conf 226-1~
++symlink_to_dir /usr/share/doc/udev libudev1 221-2~
++rm_conffile /etc/modprobe.d/fbdev-blacklist.conf 229-6~
++rm_conffile /etc/init/udev.conf 233-1~
++rm_conffile /etc/init/udevmonitor.conf 233-1~
++rm_conffile /etc/init/udevtrigger.conf 233-1~
--- /dev/null
--- /dev/null
++#!/bin/sh -e
++
++chrooted() {
++ if [ "$(stat -c %d/%i /)" = "$(stat -Lc %d/%i /proc/1/root 2>/dev/null)" ];
++ then
++ # the devicenumber/inode pair of / is the same as that of /sbin/init's
++ # root, so we're *not* in a chroot and hence return false.
++ return 1
++ fi
++ echo "A chroot environment has been detected, udev not started."
++ return 0
++}
++
++in_debootstrap() {
++ # debootstrap --second-stage may be run in an emulator instead of a chroot,
++ # we need to check for this special case because start-stop-daemon would
++ # not be available. (#520742)
++ if [ -d /debootstrap/ ]; then
++ echo "Being installed by debootstrap, udev not started."
++ return 0
++ fi
++ return 1
++}
++
++can_start_udevd() {
++ if [ ! -d /sys/class/ ]; then
++ echo "udev requires a mounted sysfs, not started."
++ return 1
++ fi
++ return 0
++}
++
++enable_udev() {
++ can_start_udevd || return 0
++ invoke-rc.d udev start
++}
++
++update_initramfs() {
++ [ -x /usr/sbin/update-initramfs -a -e /etc/initramfs-tools/initramfs.conf ] \
++ || return 0
++ update-initramfs -u
++}
++
++upgrade_fixes() {
++ if dpkg --compare-versions "$2" lt "226-1"; then
++ update-rc.d udev-finish remove
++ fi
++
++ # we enabled net.ifnames in 220-7 by default; don't change iface names in
++ # virtualized envs (where 75-persistent-net-generator.rules didn't work)
++ if dpkg --compare-versions "$2" lt-nl "220-7~" &&
++ [ ! -e /etc/udev/rules.d/70-persistent-net.rules ] &&
++ [ ! -e /etc/udev/rules.d/80-net-setup-link.rules ] &&
++ [ ! -e /etc/systemd/network/99-default.link ] &&
++ [ ! -L /etc/systemd/network/99-default.link ] &&
++ ! grep -q net.ifnames /proc/cmdline && ! chrooted; then
++ mkdir -p /etc/systemd/network
++ cat <<EOF > /etc/systemd/network/99-default.link
++# This machine is most likely a virtualized guest, where the old persistent
++# network interface mechanism (75-persistent-net-generator.rules) did not work.
++# This file disables /lib/systemd/network/99-default.link to avoid
++# changing network interface names on upgrade. Please read
++# /usr/share/doc/udev/README.Debian.gz about how to migrate to the currently
++# supported mechanism.
++EOF
++ fi
++
++ # 226 introduced predictable interface names for virtio
++ # (https://github.com/systemd/systemd/pull/1119); disable for upgrades
++ if dpkg --compare-versions "$2" lt-nl "226-2~" &&
++ [ ! -e /etc/systemd/network/50-virtio-kernel-names.link ] &&
++ ls -d /sys/bus/virtio/drivers/virtio_net/virt* >/dev/null 2>&1; then
++ echo "virtio network devices detected, disabling predictable interface names in /etc/systemd/network/50-virtio-kernel-names.link"
++ mkdir -p /etc/systemd/network/
++ cat <<EOF > /etc/systemd/network/50-virtio-kernel-names.link
++# udev 226 introduced predictable interface names for virtio;
++# disable this for upgrades. You can remove this file if you update your
++# network configuration to move to the ens* names instead.
++# See /usr/share/doc/udev/README.Debian.gz for details about predictable
++# network interface names.
++[Match]
++Driver=virtio_net
++
++[Link]
++NamePolicy=onboard kernel
++EOF
++ fi
++
++ # new Default-Stop (see #791944)
++ if dpkg --compare-versions "$2" lt-nl "239-8"; then
++ update-rc.d -f udev remove
++ fi
++}
++
++update_hwdb() {
++ systemd-hwdb --usr update || true
++}
++
++case "$1" in
++ configure)
++ # update/create hwdb before we (re)start udev
++ update_hwdb
++
++ # Add new system group used by udev rules
++ addgroup --quiet --system input
++
++ # Make /dev/kvm accessible to kvm group
++ addgroup --quiet --system kvm
++
++ if [ -z "$2" ]; then # first install
++ if ! chrooted && ! in_debootstrap; then
++ enable_udev
++ fi
++ else # upgrades
++ upgrade_fixes "$@"
++ if ! chrooted; then
++ if can_start_udevd; then
++ if [ -d /run/systemd/system ] ; then
++ systemctl daemon-reload || true
++ fi
++ invoke-rc.d udev restart
++ fi
++ fi
++ fi
++
++ update_initramfs
++ ;;
++
++ triggered)
++ update_hwdb
++ exit 0
++ ;;
++esac
++
++#DEBHELPER#
++
--- /dev/null
--- /dev/null
++#!/bin/sh -e
++
++case "$1" in
++ purge)
++ rm -f /etc/udev/rules.d/70-persistent-*.rules
++ rmdir --ignore-fail-on-non-empty /etc/udev/rules.d/ 2> /dev/null || true
++ rm -f /lib/udev/hwdb.bin
++ rm -f /var/log/udev
++ ;;
++esac
++
++#DEBHELPER#
--- /dev/null
--- /dev/null
++#!/bin/sh -e
++
++# adapted from postinst
++chrooted() {
++ if [ "$(stat -c %d/%i /)" = "$(stat -Lc %d/%i /proc/1/root 2>/dev/null)" ];
++ then
++ return 1
++ fi
++ return 0
++}
++
++check_kernel_features() {
++ # skip the check if udev is not already active
++ [ -d /run/udev/ ] || return 0
++
++ if [ -e /proc/kallsyms ]; then
++
++ local needed_symbols='inotify_init signalfd accept4 open_by_handle_at timerfd_create epoll_create'
++ for symbol in $needed_symbols; do
++ if ! egrep -q "^[a-fA-F0-9]+ T \.?sys_${symbol}$" /proc/kallsyms; then
++ cat <<END
++Since release 198, udev requires support for the following features in
++the running kernel:
++
++- inotify(2) (CONFIG_INOTIFY_USER)
++- signalfd(2) (CONFIG_SIGNALFD)
++- accept4(2)
++- open_by_handle_at(2) (CONFIG_FHANDLE)
++- timerfd_create(2) (CONFIG_TIMERFD)
++- epoll_create(2) (CONFIG_EPOLL)
++END
++ exit 1
++ fi
++ done
++
++ fi
++
++ if ! grep -q '[[:space:]]devtmpfs$' /proc/filesystems; then
++ cat <<END
++Since release 176, udev requires support for the following features in
++the running kernel:
++
++- devtmpfs (CONFIG_DEVTMPFS)
++END
++ exit 1
++ fi
++
++ if [ -d /sys/class/mem/null -a ! -L /sys/class/mem/null ] ||
++ [ -e /sys/block -a ! -e /sys/class/block ]; then
++ cat <<END
++The currently running kernel has the CONFIG_SYSFS_DEPRECATED option
++enabled, which is incompatible with udev.
++END
++ exit 1
++ fi
++}
++
++check_version() {
++ # $2 is non-empty when installing from the "config-files" state
++ [ -n "$2" ] || return 0
++
++ if dpkg --compare-versions $2 lt 204-4; then
++ # these must be checked first to allow aborting before changing anything
++ if chrooted; then
++ echo 'Running in a chroot, skipping the kernel versions checks!'
++ else
++ check_kernel_features
++ # suppress errors when the new rules files contain options not supported by
++ # the old daemon
++ udevadm control --log-priority=0 || true
++ fi
++ fi # 204-4
++}
++
++case "$1" in
++ install|upgrade|abort-upgrade)
++ check_version "$@"
++ ;;
++esac
++
++#DEBHELPER#
--- /dev/null
--- /dev/null
++#!/bin/sh -e
++
++# adapted from postinst
++chrooted() {
++ if [ "$(stat -c %d/%i /)" = "$(stat -Lc %d/%i /proc/1/root 2>/dev/null)" ];
++ then
++ return 1
++ fi
++ return 0
++}
++
++kill_udevd() {
++ if [ -d /run/systemd/system ]; then
++ systemctl stop systemd-udevd-control.socket systemd-udevd-kernel.socket
++ systemctl stop systemd-udevd.service
++ else
++ invoke-rc.d udev stop
++ fi
++}
++
++case "$1" in
++ remove)
++ if ! chrooted; then
++ kill_udevd
++ fi
++ ;;
++esac
++
++#DEBHELPER#
++
--- /dev/null
--- /dev/null
++interest-noawait /lib/udev/hwdb.d
--- /dev/null
--- /dev/null
++version=3
++opts=filenamemangle=s/.+\/v?(\d\S*)\.tar\.gz/systemd-$1\.tar\.gz/ \
++ https://github.com/systemd/systemd/tags .*/v?(\d\S*)\.tar\.gz
projects / systemd.git / commitdiff