From 070bb2bb524b6f8fea06ac512475e29f94b92c03 Mon Sep 17 00:00:00 2001 From: Peter Michael Green Date: Thu, 20 Sep 2018 21:22:45 +0100 Subject: [PATCH] Import systemd_239-9+rpi1.debian.tar.xz [dgit import tarball systemd 239-9+rpi1 systemd_239-9+rpi1.debian.tar.xz] --- README.Debian | 98 + README.source | 103 + changelog | 5244 +++++++++++++++++ compat | 1 + control | 398 ++ copyright | 195 + extra/checkout-upstream | 61 + extra/dhclient-exit-hooks.d/timesyncd | 42 + extra/fbdev-blacklist.conf | 20 + extra/init-functions.d/40-systemd | 94 + extra/initramfs-tools/hooks/udev | 54 + .../initramfs-tools/scripts/init-bottom/udev | 28 + extra/initramfs-tools/scripts/init-top/udev | 31 + extra/kernel-install.d/85-initrd.install | 29 + extra/make-fbdev-blacklist | 48 + extra/make-sysusers-basic | 17 + extra/pam-configs/systemd | 7 + extra/pam.d/systemd-user | 12 + extra/rules-ubuntu/40-vm-hotadd.rules | 14 + .../61-persistent-storage-android.rules | 7 + .../71-power-switch-proliant.rules | 2 + extra/rules-ubuntu/78-graphics-card.rules | 30 + extra/rules/50-firmware.rules | 3 + extra/rules/73-special-net-names.rules | 14 + extra/rules/73-usb-net-by-mac.rules | 15 + extra/rules/80-debian-compat.rules | 30 + extra/set-cpufreq | 46 + extra/start-udev | 18 + extra/systemd-sysv-install | 56 + extra/systemd.py | 29 + extra/tmpfiles.d/debian.conf | 14 + extra/udev.py | 19 + extra/units-ubuntu/ondemand.service | 13 + .../units-ubuntu/user@.service.d/timeout.conf | 4 + extra/units/getty-static.service | 10 + extra/units/rc-local.service.d/debian.conf | 10 + .../resolvconf.conf | 8 + gbp.conf | 8 + git-cherry-pick | 55 + libnss-myhostname.install | 3 + libnss-myhostname.lintian-overrides | 2 + libnss-myhostname.postinst | 40 + libnss-myhostname.postrm | 28 + libnss-mymachines.install | 3 + libnss-mymachines.lintian-overrides | 2 + libnss-mymachines.postinst | 40 + libnss-mymachines.postrm | 28 + libnss-resolve.install | 3 + libnss-resolve.lintian-overrides | 2 + libnss-resolve.postinst | 55 + libnss-resolve.postrm | 32 + libnss-systemd.install | 3 + libnss-systemd.lintian-overrides | 2 + libnss-systemd.postinst | 38 + libnss-systemd.postrm | 28 + libpam-systemd.install | 3 + libpam-systemd.postinst | 7 + libpam-systemd.prerm | 20 + libsystemd-dev.install | 5 + libsystemd0.install | 1 + libsystemd0.symbols | 487 ++ libudev-dev.install | 5 + libudev-dev.maintscript | 1 + libudev1-udeb.install | 1 + libudev1.install | 1 + libudev1.symbols | 97 + ...cess-tag-for-dev-kvm-if-mode-is-0666.patch | 239 + patches/Re-add-uaccess-tag-for-dev-kvm.patch | 30 + ...omma-in-raw_clone-assembly-for-sparc.patch | 24 + ...el-lower-in-request_name_destroy_cal.patch | 24 + ...hen-DynamicUser-yes-with-static-User.patch | 38 + ...Add-env-variable-for-machine-ID-path.patch | 77 + ...Add-support-for-TuxOnIce-hibernation.patch | 30 + ...-tmp.conf-in-line-with-Debian-defaul.patch | 24 + .../Don-t-enable-audit-by-default.patch | 30 + ...-seccomp-system-call-filter-for-udev.patch | 31 + ...ssion-pre.target-be-manually-started.patch | 22 + .../Make-run-lock-tmpfs-an-API-fs.patch | 42 + ...ly-start-logind-if-dbus-is-installed.patch | 24 + ...-enable-journal-forwarding-to-syslog.patch | 56 + ...sksMax-for-all-services-by-default-a.patch | 56 + ...step-back-again-for-nspawn-we-actual.patch | 37 + ...-RLIMIT_CORE-to-unlimited-by-default.patch | 43 + ...-removing-enablement-or-mask-symlink.patch | 386 ++ ...ork-device-renaming-immediately-give.patch | 75 + ...rmission-changes-for-dev-dri-renderD.patch | 82 + ...check-if-already-done-by-the-initram.patch | 57 + .../Use-Debian-specific-config-files.patch | 426 ++ ...m-cgroup-trees-created-by-someone-el.patch | 41 + ...daemon-for-inter-fsckd-communication.patch | 1056 ++++ ...gic-error-in-matching-devices-by-MAC.patch | 26 + patches/series | 40 + ...more-printf-format-of-a-fiemap-field.patch | 30 + ...p-fix-printf-format-of-fiemap-fields.patch | 44 + ...create-systemd-network-systemd-resol.patch | 58 + ...rop-SKIP_INITRD-for-QEMU-based-tests.patch | 92 + ...st.py-rate-limiting-and-dynamic-user.patch | 48 + ...roduce-test_is_running_from_builddir.patch | 66 + .../test-make-test-catalog-relocatable.patch | 100 + ...pport-for-suffix-in-get_testdata_dir.patch | 305 + ...temd-runtest.env-for-SYSTEMD_CATALOG.patch | 132 + ...temd-runtest.env-to-set-SYSTEMD_TEST.patch | 163 + ...operty-changed-signal-until-job-of-s.patch | 177 + ...nt-reference-count-of-sd_bus_message.patch | 64 + ...hanges-type-of-drift_freq-to-int64_t.patch | 41 + ...fy-access-mode-for-run-systemd-netif.patch | 30 + ...r-runtime-dir-fix-selinux-regression.patch | 40 + rules | 292 + shlibs.local.in | 3 + source/format | 1 + systemd-container.install | 30 + systemd-container.maintscript | 2 + systemd-container.postinst | 10 + systemd-container.postrm | 12 + systemd-coredump.install | 11 + systemd-coredump.postinst | 15 + systemd-coredump.prerm | 14 + systemd-journal-remote.install | 29 + systemd-journal-remote.postinst | 10 + systemd-sysv.install | 14 + systemd-sysv.postinst | 10 + systemd-tests.install | 1 + systemd-tests.lintian-overrides | 2 + systemd.NEWS | 28 + systemd.bug-control | 1 + systemd.bug-script | 43 + systemd.dirs | 1 + systemd.install | 71 + systemd.links | 83 + systemd.lintian-overrides | 2 + systemd.maintscript | 10 + systemd.postinst | 158 + systemd.postrm | 27 + systemd.prerm | 15 + systemd.triggers | 2 + tests/assert.sh | 25 + tests/boot-and-services | 569 ++ tests/boot-smoke | 66 + tests/build-login | 38 + tests/control | 180 + tests/fsck | 27 + tests/hostnamed | 22 + tests/lidswitch.evemu | 34 + tests/localed-locale | 42 + tests/localed-x11-keymap | 52 + tests/logind | 204 + tests/process-killer | 9 + tests/root-unittests | 26 + tests/storage | 238 + tests/systemd-fsckd | 297 + tests/timedated | 136 + tests/udev | 13 + tests/unit-config | 369 ++ tests/upstream | 44 + udev-udeb.dirs | 1 + udev-udeb.install | 20 + udev.NEWS | 15 + udev.README.Debian | 149 + udev.bug-control | 1 + udev.bug-script | 14 + udev.init | 248 + udev.install | 24 + udev.links | 2 + udev.maintscript | 8 + udev.postinst | 136 + udev.postrm | 12 + udev.preinst | 81 + udev.prerm | 30 + udev.triggers | 1 + watch | 3 + 170 files changed, 16263 insertions(+) create mode 100644 README.Debian create mode 100644 README.source create mode 100644 changelog create mode 100644 compat create mode 100644 control create mode 100644 copyright create mode 100755 extra/checkout-upstream create mode 100644 extra/dhclient-exit-hooks.d/timesyncd create mode 100644 extra/fbdev-blacklist.conf create mode 100644 extra/init-functions.d/40-systemd create mode 100755 extra/initramfs-tools/hooks/udev create mode 100755 extra/initramfs-tools/scripts/init-bottom/udev create mode 100755 extra/initramfs-tools/scripts/init-top/udev create mode 100755 extra/kernel-install.d/85-initrd.install create mode 100644 extra/make-fbdev-blacklist create mode 100755 extra/make-sysusers-basic create mode 100644 extra/pam-configs/systemd create mode 100644 extra/pam.d/systemd-user create mode 100644 extra/rules-ubuntu/40-vm-hotadd.rules create mode 100644 extra/rules-ubuntu/61-persistent-storage-android.rules create mode 100644 extra/rules-ubuntu/71-power-switch-proliant.rules create mode 100644 extra/rules-ubuntu/78-graphics-card.rules create mode 100644 extra/rules/50-firmware.rules create mode 100644 extra/rules/73-special-net-names.rules create mode 100644 extra/rules/73-usb-net-by-mac.rules create mode 100644 extra/rules/80-debian-compat.rules create mode 100755 extra/set-cpufreq create mode 100755 extra/start-udev create mode 100755 extra/systemd-sysv-install create mode 100644 extra/systemd.py create mode 100644 extra/tmpfiles.d/debian.conf create mode 100644 extra/udev.py create mode 100644 extra/units-ubuntu/ondemand.service create mode 100644 extra/units-ubuntu/user@.service.d/timeout.conf create mode 100644 extra/units/getty-static.service create mode 100644 extra/units/rc-local.service.d/debian.conf create mode 100644 extra/units/systemd-resolved.service.d/resolvconf.conf create mode 100644 gbp.conf create mode 100755 git-cherry-pick create mode 100644 libnss-myhostname.install create mode 100644 libnss-myhostname.lintian-overrides create mode 100644 libnss-myhostname.postinst create mode 100644 libnss-myhostname.postrm create mode 100644 libnss-mymachines.install create mode 100644 libnss-mymachines.lintian-overrides create mode 100644 libnss-mymachines.postinst create mode 100644 libnss-mymachines.postrm create mode 100644 libnss-resolve.install create mode 100644 libnss-resolve.lintian-overrides create mode 100644 libnss-resolve.postinst create mode 100644 libnss-resolve.postrm create mode 100644 libnss-systemd.install create mode 100644 libnss-systemd.lintian-overrides create mode 100644 libnss-systemd.postinst create mode 100644 libnss-systemd.postrm create mode 100644 libpam-systemd.install create mode 100644 libpam-systemd.postinst create mode 100644 libpam-systemd.prerm create mode 100644 libsystemd-dev.install create mode 100644 libsystemd0.install create mode 100644 libsystemd0.symbols create mode 100644 libudev-dev.install create mode 100644 libudev-dev.maintscript create mode 100644 libudev1-udeb.install create mode 100644 libudev1.install create mode 100644 libudev1.symbols create mode 100644 patches/Do-not-apply-uaccess-tag-for-dev-kvm-if-mode-is-0666.patch create mode 100644 patches/Re-add-uaccess-tag-for-dev-kvm.patch create mode 100644 patches/basic-add-missing-comma-in-raw_clone-assembly-for-sparc.patch create mode 100644 patches/bus-util-make-log-level-lower-in-request_name_destroy_cal.patch create mode 100644 patches/core-fix-gid-when-DynamicUser-yes-with-static-User.patch create mode 100644 patches/debian/Add-env-variable-for-machine-ID-path.patch create mode 100644 patches/debian/Add-support-for-TuxOnIce-hibernation.patch create mode 100644 patches/debian/Bring-tmpfiles.d-tmp.conf-in-line-with-Debian-defaul.patch create mode 100644 patches/debian/Don-t-enable-audit-by-default.patch create mode 100644 patches/debian/Drop-seccomp-system-call-filter-for-udev.patch create mode 100644 patches/debian/Let-graphical-session-pre.target-be-manually-started.patch create mode 100644 patches/debian/Make-run-lock-tmpfs-an-API-fs.patch create mode 100644 patches/debian/Only-start-logind-if-dbus-is-installed.patch create mode 100644 patches/debian/Re-enable-journal-forwarding-to-syslog.patch create mode 100644 patches/debian/Revert-core-enable-TasksMax-for-all-services-by-default-a.patch create mode 100644 patches/debian/Revert-core-one-step-back-again-for-nspawn-we-actual.patch create mode 100644 patches/debian/Revert-core-set-RLIMIT_CORE-to-unlimited-by-default.patch create mode 100644 patches/debian/Revert-systemctl-when-removing-enablement-or-mask-symlink.patch create mode 100644 patches/debian/Revert-udev-network-device-renaming-immediately-give.patch create mode 100644 patches/debian/Revert-udev-rules-Permission-changes-for-dev-dri-renderD.patch create mode 100644 patches/debian/Skip-filesystem-check-if-already-done-by-the-initram.patch create mode 100644 patches/debian/Use-Debian-specific-config-files.patch create mode 100644 patches/debian/cgroup-don-t-trim-cgroup-trees-created-by-someone-el.patch create mode 100644 patches/debian/fsckd-daemon-for-inter-fsckd-communication.patch create mode 100644 patches/network-link-Fix-logic-error-in-matching-devices-by-MAC.patch create mode 100644 patches/series create mode 100644 patches/sleep-fix-one-more-printf-format-of-a-fiemap-field.patch create mode 100644 patches/sleep-fix-printf-format-of-fiemap-fields.patch create mode 100644 patches/sysusers-tmpfiles-re-create-systemd-network-systemd-resol.patch create mode 100644 patches/test-Drop-SKIP_INITRD-for-QEMU-based-tests.patch create mode 100644 patches/test-fix-networkd-test.py-rate-limiting-and-dynamic-user.patch create mode 100644 patches/test-introduce-test_is_running_from_builddir.patch create mode 100644 patches/test-make-test-catalog-relocatable.patch create mode 100644 patches/test-remove-support-for-suffix-in-get_testdata_dir.patch create mode 100644 patches/test-use-builddir-systemd-runtest.env-for-SYSTEMD_CATALOG.patch create mode 100644 patches/test-use-builddir-systemd-runtest.env-to-set-SYSTEMD_TEST.patch create mode 100644 patches/timedate-defer-the-property-changed-signal-until-job-of-s.patch create mode 100644 patches/timedate-increment-reference-count-of-sd_bus_message.patch create mode 100644 patches/timesync-changes-type-of-drift_freq-to-int64_t.patch create mode 100644 patches/tmpfiles-specify-access-mode-for-run-systemd-netif.patch create mode 100644 patches/user-runtime-dir-fix-selinux-regression.patch create mode 100755 rules create mode 100644 shlibs.local.in create mode 100644 source/format create mode 100644 systemd-container.install create mode 100644 systemd-container.maintscript create mode 100644 systemd-container.postinst create mode 100644 systemd-container.postrm create mode 100644 systemd-coredump.install create mode 100644 systemd-coredump.postinst create mode 100644 systemd-coredump.prerm create mode 100644 systemd-journal-remote.install create mode 100644 systemd-journal-remote.postinst create mode 100644 systemd-sysv.install create mode 100644 systemd-sysv.postinst create mode 100644 systemd-tests.install create mode 100644 systemd-tests.lintian-overrides create mode 100644 systemd.NEWS create mode 100644 systemd.bug-control create mode 100644 systemd.bug-script create mode 100644 systemd.dirs create mode 100644 systemd.install create mode 100644 systemd.links create mode 100644 systemd.lintian-overrides create mode 100644 systemd.maintscript create mode 100644 systemd.postinst create mode 100644 systemd.postrm create mode 100644 systemd.prerm create mode 100644 systemd.triggers create mode 100644 tests/assert.sh create mode 100755 tests/boot-and-services create mode 100755 tests/boot-smoke create mode 100755 tests/build-login create mode 100644 tests/control create mode 100755 tests/fsck create mode 100755 tests/hostnamed create mode 100644 tests/lidswitch.evemu create mode 100755 tests/localed-locale create mode 100755 tests/localed-x11-keymap create mode 100755 tests/logind create mode 100755 tests/process-killer create mode 100644 tests/root-unittests create mode 100755 tests/storage create mode 100755 tests/systemd-fsckd create mode 100755 tests/timedated create mode 100755 tests/udev create mode 100755 tests/unit-config create mode 100755 tests/upstream create mode 100644 udev-udeb.dirs create mode 100644 udev-udeb.install create mode 100644 udev.NEWS create mode 100644 udev.README.Debian create mode 100644 udev.bug-control create mode 100644 udev.bug-script create mode 100644 udev.init create mode 100644 udev.install create mode 100644 udev.links create mode 100644 udev.maintscript create mode 100644 udev.postinst create mode 100644 udev.postrm create mode 100644 udev.preinst create mode 100644 udev.prerm create mode 100644 udev.triggers create mode 100644 watch diff --git a/README.Debian b/README.Debian new file mode 100644 index 00000000..e6dd9bc2 --- /dev/null +++ b/README.Debian @@ -0,0 +1,98 @@ +Enabling persistent logging in journald +======================================= + +To enable persistent logging, create /var/log/journal: + + mkdir -p /var/log/journal + systemd-tmpfiles --create --prefix /var/log/journal + +systemd will make the journal files owned by the "systemd-journal" group and +add an ACL for read permissions for users in the "adm" group. +To grant a user read access to the system journal, add them to one of the two +groups. + +This will allow you to look at previous boot logs with e. g. +"journalctl -b -1". + +If you enable persistent logging, consider uninstalling rsyslog or any other +system-log-daemon, to avoid logging everything twice. + +Debugging boot/shutdown problems +================================ + +The "debug-shell" service starts a root shell on VT 9 which is available very +early during boot and very late during shutdown. You can temporarily enable +this when booting the system does not get sufficiently far to get a desktop or +even the text console logins (getty), or when shutdown hangs eternally. + +For boot problems the recommended way is to append "systemd.debug-shell" to the +kernel command line in the bootloader. +For shutdown problems, run "systemctl start debug-shell" as root, then shut +down. + +WARNING: Please avoid "systemctl enable debug-shell" as this will start the +debug shell permanently which is a SECURITY HOLE as it allows unauthenticated +and unrestricted root access to your computer if you forget to disable it! +Please only enable it if you cannot pass "systemd.debug-shell" to the boot +loader for some reason, and then immediately run "systemctl disable debug-shell" +after booting. + +Once the boot/shutdown problem happened, switch to VT9 (Ctrl+Alt+F9). There you +can use the usual systemctl or journalctl commands, or any other Linux shell +command to list or kill processes. For example, run "systemctl list-jobs" to +see what's currently being run, or "systemctl" to find units which are not in +the expected state (e. g. "failed" for boot or still "active" during shutdown), +and then get more detailed information with "systemctl status -l foo.service" +to get a service "foo"'s status and recent logging. + +In situations where the debug shell is not available, you can generate a +/shutdown-log.txt file instead: +1. Boot with these kernel command line options: + systemd.log_level=debug systemd.log_target=kmsg log_buf_len=1M +2. Save the following script as /lib/systemd/system-shutdown/debug.sh and make it executable: + #!/bin/sh + mount -o remount,rw / + dmesg > /shutdown-log.txt + mount -o remount,ro / +3. Reboot + +Enable and use networkd +======================= +networkd is a small and lean service to configure network interfaces, designed +mostly for server use cases in a world with hotplugged and virtualized +networking. Its configuration is similar in spirit and abstraction level to +ifupdown, but you don't need any extra packages to configure bridges, bonds, +vlan etc. It is not very suitable for managing WLANs yet; NetworkManager is +still much more appropriate for such Desktop use cases. + +networkd is not enabled by default; run + + systemctl enable systemd-networkd + +if you want to use it. After that you need to create some *.network +configuration files. In the simplest case you just want to run DHCP on all +available Ethernet interfaces: + +--- /etc/systemd/network/all-eth.network --- +[Match] +Name=e* +[Network] +DHCP=yes + +This will match on both the kernel "ethN" as well as the predictable interface +names "en*". Please see man systemd.network(5) for all available configuration +options and examples. + +You need to make sure that interfaces handled by networkd are not handled by +ifupdown (/etc/network/interfaces) and NetworkManager. + +Note that interfaces brought up/down will *not* run hooks in +/etc/network/if-*.d/. + +It is recommended to use networkd together with systemd-resolved(8) to +dynamically manage /etc/resolv.conf: + + systemctl enable systemd-resolved + ln -sf /run/systemd/resolve/resolv.conf /etc/resolv.conf + +Debian's networkd has been modified to also work with the resolvconf package. diff --git a/README.source b/README.source new file mode 100644 index 00000000..e3ba8cf4 --- /dev/null +++ b/README.source @@ -0,0 +1,103 @@ +Building from source +-------------------- +Install “git-buildpackage” and run the following steps: + + gbp clone git+ssh://git.debian.org/git/pkg-systemd/systemd.git + cd systemd + gbp buildpackage + +We recommend you use pbuilder to make sure you build in a clean environment: + + gbp buildpackage --git-pbuilder + +Changelog +--------- +The systemd package uses gbp dch for automatically generating +debian/changelog entries from the corresponding git commits. This makes +cherry-picking, merging, and rebasing much simpler. + +Thus, for any packaging change *don't* modify debian/changelog, just write a +meaningful git commit log with proper bug references (such as "Closes: #12345" +on the last line). For doing a release, run + + gbp dch --auto + +then beautify the generated debian/changelog, then run the usual "dch -r" and +"debcommit -ar --sign-tags". + +Patch handling +-------------- +The systemd package uses gbp pq for maintaining patches with a git-like +workflow in a "patch-queue/" local branch and then exporting them as +quilt series. For working on patches you run + + gbp pq import --force + +Then you are in the patch-queue branch and can git log, commit, cherry-pick +upstream commits, rebase, etc. there. After you are done, run + + gbp pq export + +which will put you back into master and update debian/patches/ (including +series). You need to git add etc. new patches, possibly other +packaging changes, and then git commit as usual. + +systemd uses gbp pq's "topic" branches for organizing patches; for simplicity +(as this is the most common operation), upstream cherry-picks go into the +"empty" topic (i. e. directly into debian/patches/), while Debian specific +patches go into "Gbp-Pq: Topic debian" (i. e. debian/patches/debian/). + +Rebasing patches to a new upstream version +------------------------------------------ +gbp pq's "rebase" command does not work very conveniently as it fails on merge +conflicts. First, ensure you are in the master branch: + + git checkout master # in case you aren't already + +Now, do one of + + (1) To import a new upstream release into the existing master branch for unstable, +do: + + gbp pq import --force + gbp pq switch # switch back to master from patch-queue/master + gbp import-orig [...] + gbp pq switch # switch to patch-queue/master + git rebase master + + (2) To import a new upstream release into a new branch for Debian experimental, do: + + git branch experimental + git checkout experimental + editor debian/gbp.conf # set "debian-branch=experimental" + gbp import-orig [...] + git branch patch-queue/experimental patch-queue/master + git checkout patch-queue/experimental + git rebase experimental + +Now resolve all the conflicts, skip obsolete patches, etc. When you are done, run + + gbp pq export + +Note that our debian/gbp.conf disables patch numbers. + +Cherry-picking upstream patches +------------------------------- +You can add the systemd upstream branch as an additional remote to the Debian +packaging branch. Call it "github" or similar to avoid confusing it with the +already existing "upstream" branch from git-buildpackage: + + git remote add github https://github.com/systemd/systemd.git + git fetch github -n + +Now you can look at the upstream log and cherry-pick patches into the +patch-queue branch: + + gbp pq import --force + git log github/master + git cherry-pick 123DEADBEEF + +debian/git-cherry-pick is a nice tool to automate all that: + + debian/git-cherry-pick 123DEADBEEF 987654 AFFE99 + git checkout master # switch back from patch-queue branch diff --git a/changelog b/changelog new file mode 100644 index 00000000..a902245d --- /dev/null +++ b/changelog @@ -0,0 +1,5244 @@ +systemd (239-9+rpi1) buster-staging; urgency=medium + + * Disable testsuite, it fails on some of our buildboxes (probablly because of + old kernels). + * Add breaks on raspi-copies-and-fills, it doesn't seem to get on with + this version of systemd/udev. + + -- Peter Michael Green Thu, 20 Sep 2018 20:22:45 +0000 + +systemd (239-9) unstable; urgency=medium + + * autopkgtest: Remove needs-recommends runtime restriction. + This restriction has been deprecated and there are plans to remove it + altogether. The tests pass withouth needs-recommends, so it seems safe + to remove. + * test: Use installed catalogs when test-catalog is not located at build + dir. + This makes it possible to run test-catalog as installed test, so we no + longer need to mark it as EXFAIL in our root-unittests autopkgtest. + * test: Use "systemd-runtest.env" to set $SYSTEMD_TEST_DATA and + $SYSTEMD_CATALOG_DIR. + This avoids embedding ABS_{SRC,BUILD}_DIR into libsystemd-shared.so and + the test binaries and should make the build reproducible. + (Closes: #908365) + + -- Michael Biebl Wed, 12 Sep 2018 19:07:38 +0200 + +systemd (239-8) unstable; urgency=medium + + [ Michael Biebl ] + * Clean up dbus-org.freedesktop.timesync1.service Alias on purge + (Closes: #904290) + * user-runtime-dir: Fix wrong SELinux context (Closes: #908026) + * core: Fix gid when DynamicUser=yes with static user (Closes: #904335) + * Remove udev control socket on shutdown under sysvinit. + The udev control socket is no longer removed automatically when the + daemon is stopped. As this can confuse other software, update the SysV + init script to remove the control socket manually and make sure the init + script is executed on shutdown (runlevel 0) and reboot (runlevel 6). + (Closes: #791944) + * Bump Standards-Version to 4.2.1 + + [ Martin Pitt ] + * timedated: Fix wrong PropertyChanged values and refcounting + + -- Michael Biebl Fri, 07 Sep 2018 08:41:12 +0200 + +systemd (239-7) unstable; urgency=medium + + * autopkgtest: Add iputils-ping dependency to root-unittests. + The ping binary is required by test-bpf. + * autopkgtest: Add dbus-user-session and libpam-systemd dependency to + root-unittests. + Without a working D-Bus user session, a lot of the test-bus-* tests are + skipped. + * network/link: Fix logic error in matching devices by MAC (Closes: #904198) + + -- Michael Biebl Sun, 22 Jul 2018 13:40:15 +0200 + +systemd (239-6) unstable; urgency=medium + + [ Martin Pitt ] + * autopkgtest: Install libnss-systemd. + Make sure that dynamic users can be resolved. This e. g. prevents a + startup failure for systemd-resolved. + * autopkgtest: Add missing python3 test dependency for udev test + + [ Michael Biebl ] + * autopkgtest: Make AppArmor violator test work with merged-usr + * Make /dev/kvm accessible to local users and group kvm. + Re-add the uaccess tag to /dev/kvm to make it accessible to local + users. Access is also granted via group kvm, so create that in + udev.postinst. (Closes: #887852) + * Move a few man pages from systemd to systemd-journal-remote. + The systemd package shipped a few systemd-journal-remote and + systemd-journal-upload related man pages which really belong into the + systemd-journal-remote package. Move those man pages into the correct + package and add a Breaks/Replaces against systemd accordingly. + (Closes: #903557) + * autopkgtest: Drop no-longer needed workaround from upstream test + * Go back to statically allocate system users for timesyncd, networkd and + resolved. + There are currently too many open issues related to D-Bus and the usage + of DynamicUser. (Closes: #902971) + * Change python3-minimal dependency to python3. + While we strictly only need python3-minimal, the usage of + python3-minimal triggers a lintian error: depends-on-python-minimal + * test: Drop SKIP_INITRD for QEMU-based tests. + The Debian Linux kernel ships ext4 support as a module, so we require an + initrd to successfully start the QEMU images. + * debian/tests/localed-x11-keymap: Deal with absence of + /etc/default/keyboard more gracefully + * autopkgtest: Add various dependencies to make upstream test pass on Debian + - netcat-openbsd: Required by TEST-12-ISSUE-3171. + - busybox-static: Required by TEST-13-NSPAWN-SMOKE. + - plymouth: Required by TEST-15-DROPIN and TEST-22-TMPFILES. + * Drop seccomp system call filter for udev. + The seccomp based system call whitelist requires at least systemd 239 to + be the active init and during a dist-upgrade we can't guarantee that + systemd has been fully configured before udev is restarted. + The versioned systemd Breaks that was added to udev for #902185 didn't + really fix this issue, so revert that change again. (Closes: #903224) + + -- Michael Biebl Thu, 19 Jul 2018 00:04:54 +0200 + +systemd (239-5) unstable; urgency=medium + + * Add inverse version restriction of the Breaks to the systemd-shim + alternative in libpam-systemd. + Otherwise apt will fail to find an installation path for libpam-systemd + in cases where libpam-systemd is an indirect dependency. (Closes: #902998) + + -- Michael Biebl Thu, 05 Jul 2018 11:50:10 +0200 + +systemd (239-4) unstable; urgency=medium + + [ Michael Biebl ] + * Drop outdated section from README.Debian about switching back to SysV init + * sleep: Fix one more printf format of a fiemap field + * basic: Add missing comma in raw_clone assembly for sparc + * bus-util: Make log level lower in request_name_destroy_callback() + * tmpfiles: Specify access mode for /run/systemd/netif + * Add Breaks against python-dbusmock (<< 0.18) to systemd. + The logind and timedated tests in python-dbusmock were broken by the + latest systemd release and had to be adjusted to work with systemd 239. + See #902602 + * Drop patches which try to support running systemd services without systemd + as pid 1. + No one is currently actively maintaining systemd-shim, which means that + e.g. running systemd-logind no longer works when systemd is not pid 1. + Thus drop our no longer working patches. Bump the Breaks against + systemd-shim accordingly. + See #895292, #901404, #901405 + + [ Martin Pitt ] + * test: fix networkd-test.py rate limiting and dynamic user + + -- Michael Biebl Tue, 03 Jul 2018 23:36:28 +0200 + +systemd (239-3) unstable; urgency=medium + + * Revert "systemctl: when removing enablement or mask symlinks, cover both + /run and /etc" + We currently have packages in the archive which use + "systemctl --runtime unmask" and are broken by this change. + This is a intermediate step until it is clear whether upstream will + revert this commit or whether we will have to update affected packages + to deal with this changed behaviour. + See #902287 and https://github.com/systemd/systemd/issues/9393 + + -- Michael Biebl Wed, 27 Jun 2018 14:46:06 +0200 + +systemd (239-2) unstable; urgency=medium + + * sleep: Fix printf format of fiemap fields. + This should fix a FTBFS on ia64. + * timesync: Change type of drift_freq to int64_t. + This should fix a FTBFS on x32. + * Bump systemd Breaks to ensure it is upgraded in lockstep with udev. + The hardening features used by systemd-udevd.service require systemd 239 + and udev will fail to start with older versions. (Closes: #902185) + + -- Michael Biebl Wed, 27 Jun 2018 13:59:24 +0200 + +systemd (239-1) unstable; urgency=medium + + [ Michael Biebl ] + * New upstream version 239 + * Drop alternative iptables-dev Build-Depends. + It is no longer needed as both Ubuntu and Debian now ship libiptc-dev in + their latest stable (LTS) release. + * Drop alternative btrfs-tools Recommends. + It is no longer needed as btrfs-progs is now available in both Debian + and Ubuntu and keeping the alternative around prevents the transitional + package from being autoremoved. + * Disable installation of RPM macros. + This avoids having to remove them manually later on. + * Drop cleanup rules for libtool .la files. + With the switch to Meson, libtool is no longer used. + * Drop fallback for older kernels when running the test suite. + We now assume that we have a kernel newer then 3.13. + * Stop cleaning up .busname units. + Those are gone upstream, so we no longer need to remove them manually. + * Update symbols file for libsystemd0 + * Rebase patches + * Install new resolvectl tool. + Don't ship the /sbin/resolvconf compat symlink in the systemd package, + as this would cause a file conflict with the resolvconf and openresolv + package. + * Disable support for "Portable Services" + This is still an experimental feature. + * Disable pristine-tar in gbp.conf. + It is currently not possible to import the systemd v239 tarball using + pristine-tar due to #902115. + * Bump Build-Depends on meson to (>= 0.44) + * Stop setting the path for the kill binary, no longer necessary + * Stop creating systemd-network and systemd-resolve system user + systemd-networkd.service and systemd-resolved.service now use + DynamicUser=yes. + + [ Dimitri John Ledkov ] + * Run all upstream tests, and then report all that failed. + + -- Michael Biebl Sat, 23 Jun 2018 00:18:08 +0200 + +systemd (238-5) unstable; urgency=medium + + [ Evgeny Vereshchagin ] + * upstream autopkgtest: Copy journal subdirectories. + Otherwise logs are missing on failures. + + [ Martin Pitt ] + * debian/tests/boot-and-services: Ignore cpi.service failure. + This is apparently a regression in Ubuntu 18.04, not in systemd, so + ignore it. + + [ Michael Biebl ] + * sd-bus: Do not try to close already closed fd (Closes: #896781) + * Use dh_missing to act on uninstalled files. + The usage of dh_install --fail-missing has been deprecated. + * meson: Avoid warning about comparison of bool and string. + The result of this is undefined and will become a hard error in a future + Meson release. + * login: Respect --no-wall when cancelling a shutdown request + (Closes: #897938) + * Add dependencies of libsystemd-shared to Pre-Depends. + This is necessary so systemctl is functional at all times during a + dist-upgrade. (Closes: #897986) + * Drop dh_strip override, the dbgsym migration is done + + [ Felipe Sateler ] + * Don't include libmount.h in a header file. + Kernel and glibc headers both use MS_* constants, but are not in sync, so + only one of them can be used at a time. Thus, only import them where + needed. Works around #898743. + + -- Michael Biebl Sat, 26 May 2018 10:31:29 +0200 + +systemd (238-4) unstable; urgency=medium + + [ Michael Biebl ] + * udev/net-id: Fix check for address to keep interface names stable + * debian/copyright: Move global wildcard section to the top + + [ Martin Pitt ] + * Fix daemon reload failures + + [ Laurent Bigonville ] + * Fix /sys/fs/cgroup mount when using SELinux. + Since v236, all cgroups except /sys/fs/cgroup/systemd and + /sys/fs/cgroup/unified are not mounted when SELinux is enabled (even in + permissive mode). Disabling SELinux completely restores these cgroups. + This patch fixes that issue by no longer making the assumption that those + cgroups are mounted by initrd/dracut before systemd is started. + + -- Michael Biebl Sun, 01 Apr 2018 13:02:57 +0200 + +systemd (238-3) unstable; urgency=medium + + [ Martin Pitt ] + * Enable systemd-sysusers unit and provide correct Debian static u/gids. + Add a helper script debian/extra/make-sysusers-basic which generates a + sysusers.d(5) file from Debian's static master passwd/group files. + systemd 238 now supports specifying different uid and gid and a + non-default login shell, so this is possible now. (Closes: #888126) + * udev README.Debian: Include initrd rebuild and some clarifications in + migration. + While initrd update is already being mentioned in the introductory + section, it is easy to miss when going through the migration steps, so + explicitly mention it again. Also add a warning about keeping a fallback + on misconfigurations, and the possibility to migrate one interface at a + time. + Thanks to Karl O. Pinc for the suggestions! (Closes: #881769) + + [ Michael Biebl ] + * basic/macros: Rename noreturn into _noreturn_. + "noreturn" is reserved and can be used in other header files we include. + (Closes: #893426) + * units: Fix SuccessAction that belongs to [Unit] section not [Service] + section (Closes: #893282) + + -- Michael Biebl Tue, 20 Mar 2018 23:22:57 +0100 + +systemd (238-2) unstable; urgency=medium + + [ Alf Gaida ] + * core: do not free stack-allocated strings. + Fixes a crash in systemd when the cpuacct cgroup controller is not + available. (Closes: #892360) + + -- Michael Biebl Sat, 10 Mar 2018 01:12:47 +0100 + +systemd (238-1) unstable; urgency=medium + + [ Michael Biebl ] + * New upstream version 238 + - Fixes systemd-tmpfiles to correctly handle symlinks present in + non-terminal path components. (CVE-2018-6954, Closes: #890779) + * Rebase patches + * Use compat symlinks as provided by upstream. + As the upstream build system now creates those symlinks for us, we no + longer have to create them manually. + * Update symbols file for libsystemd0 + * test-cgroup-util: bail out when running under a buildd environment + + [ Dimitri John Ledkov ] + * systemd-sysv-install: Fix name initialisation. + Only initialise NAME after --root optional argument has been parsed, + otherwise NAME is initialized to e.g. `enable`, instead of to the + `unit-name`, resulting in failures. (LP: #1752882) + + -- Michael Biebl Wed, 07 Mar 2018 23:21:53 +0100 + +systemd (237-4) unstable; urgency=medium + + [ Gunnar Hjalmarsson ] + * Fix PO template creation. + Cherry-pick upstream patches to build a correct systemd.pot including + the polkit policy files even without policykit-1 being installed. + (LP: #1707898) + + [ Michael Biebl ] + * Drop mask for fuse SysV init script. + The fuse package has removed its SysV init script a long time ago, so + the mask is no longer needed. + * Replace two Debian specific patches which cherry-picks from upstream + master + + -- Michael Biebl Wed, 28 Feb 2018 19:18:34 +0100 + +systemd (237-3) unstable; urgency=medium + + [ Martin Pitt ] + * debian/tests/boot-smoke: More robust journal checking. + Also fail the test if calling journalctl fails, and avoid calling it + twice. See https://github.com/systemd/systemd/pull/8032 + * Simplify PO template creation. + Use the existing upstream build system instead of a manual call to + `intltool-update` and `xgettext` to build systemd.pot. Remove the now + obsolete intltool build dependency, but still explicitly keep gettext. + (LP: #1707898) + * Make systemd-sysv-install robust against existing $ROOT. + Always initialize `$ROOT`, to avoid the script getting confused by an + existing outside env variable. Also fix the `--root` option to actually + work, the previous approach was conceptually broken due to how shell + quoting works. Make the work with `set -u`. (Closes: #890436) + + [ Felipe Sateler ] + * Backport upstream patch fixing a wrong assert() call (Closes: #890423) + + -- Michael Biebl Wed, 14 Feb 2018 23:07:17 +0100 + +systemd (237-2) unstable; urgency=medium + + * Drop debian/extra/rules/70-debian-uaccess.rules. + Up-to-date udev rules for U2F devices are shipped in libu2f-udev nowadays. + (Closes: #889665) + * service: relax PID file symlink chain checks a bit. + Let's read the PID file after all if there's a potentially unsafe symlink + chain in place. But if we do, then refuse taking the PID if its outside of + the cgroup. (Closes: #889144) + + -- Michael Biebl Fri, 09 Feb 2018 23:35:31 +0100 + +systemd (237-1) unstable; urgency=medium + + * New upstream version 237 + * Rebase patches + * Update symbols file for libsystemd0 + * Update Vcs-* to point to https://salsa.debian.org + * Bump Standards-Version to 4.1.3 + * Set Rules-Requires-Root to no + + -- Michael Biebl Tue, 30 Jan 2018 01:55:24 +0100 + +systemd (236-4) unstable; urgency=medium + + [ Felipe Sateler ] + * Allow systemd-timesyncd to start when libnss-systemd is not installed. + Pick upstream patch requiring the existence of the systemd-timesync user + only when running as root, which is not the case for the system unit. + (Closes: #887343) + + [ Nicolas Braud-Santoni ] + * debian/copyright: Refer to the CC0 license file (Closes: #882629) + + [ Michael Biebl ] + * Add Build-Depends on python3-evdev + This is used by hwdb/parse_hwdb.py to perform additional validation on + hwdb files. + + -- Michael Biebl Sun, 28 Jan 2018 22:29:32 +0100 + +systemd (236-3) unstable; urgency=medium + + * Revert "core/execute: RuntimeDirectory= or friends requires mount + namespace" + This was making mounts from SSH sessions invisible to the system. + (Closes: #885325) + + -- Michael Biebl Thu, 11 Jan 2018 16:46:04 +0100 + +systemd (236-2) unstable; urgency=medium + + * Downgrade priority of libudev1 to optional. + This makes it compliant with recent versions of debian-policy which + recommends to use priority optional for library packages. + * Clarify NEWS entry about removal of system users. + Mention in the recent NEWS entry that the associated system groups + should be removed as well. (Closes: #885061) + * cryptsetup-generator: Don't mistake NULL input as OOM. + Fixes systemd-cryptsetup-generator failing to run during boot. + (Closes: #885201) + * analyze: Use normal bus connection for "plot" verb. + Fixes "systemd-analyze plot" failing to run as root. (Closes: #884506) + * Stop re-enabling systemd services on every upgrade. + This was done so changes to the [Install] section would be applied on + upgrades. Forcefully re-enabling a service might overwrite local + modifications though and thus far, none of the affected services did + actually change its [Install] section. So remove this code from the + maintainer scripts as it was apparently doing more harm then good. + (Closes: #869354) + + -- Michael Biebl Tue, 02 Jan 2018 00:35:14 +0100 + +systemd (236-1) unstable; urgency=medium + + [ Martin Pitt ] + * debian/tests/upstream: Only show ≥ warning in journal dumps. + Showing the entire debug log is too hard to scan visually, and most of + the time the warnings and errors are sufficient to explain a failure. + Put the journal files into the artifacts though, in case the debug + information is necessary. + + [ Michael Biebl ] + * New upstream version 236 + - nspawn: Adjust path to static resolv.conf to support split usr. + (Closes: #881310) + - networkd: Don't stop networkd if CONFIG_FIB_RULES=n in kernel. + (Closes: #881823) + - core: Fix segfault in compile_bind_mounts() when BindPaths= or + BindReadOnlyPaths= is set. (Closes: #883380) + - meson: Link NSS modules with -z nodelete to fix memory leak in + nss-systemd. (Closes: #883407) + - logind: Make sure we don't acces m->action_what if it's not initialized. + (Closes: #882270) + - systemctl: Ignore shutdown's "-t" argument. (Closes: #882245) + - core: Be more defensive if we can't determine per-connection socket + peer. (Closes: #879603) + - bpf-firewall: Actually invoke BPF_PROG_ATTACH to check whether + cgroup/bpf is available. (Closes: #878965) + * Rebase patches + * Update symbols file for libsystemd0 + * Bump Standards-Version to 4.1.2 + * Clean up old /var/lib/systemd/clock on upgrade. + The clock file used by systemd-timesyncd is now stored in + StateDirectory=systemd/timesync. (Closes: #883605) + * Stop creating systemd-timesync system user. + DynamicUser=yes has been enabled for systemd-timesyncd.service so + allocating a system user statically is no longer necessary. + * Document removal of systemd-{timesync,journal-gateway,journal-upload} user. + We no longer create those system users as the corresponding services now + use DynamicUser=yes. Removing those system users automatically is tricky, + as the relevant services might be running during upgrade. Add a NEWS + entry instead which documents this change. + * Revert "udev-rules: Permission changes for /dev/dri/renderD*" + This would introduce a new system group "render". As the name is rather + generic, this needs further discussion first, so revert this change for + now. + + -- Michael Biebl Sun, 17 Dec 2017 21:45:51 +0100 + +systemd (235-3) unstable; urgency=medium + + [ Michael Biebl ] + * Switch from XC-Package-Type to Package-Type. As of dpkg-dev 1.15.7 + Package-Type is recognized as an official field name. + * Install modprobe configuration file to /lib/modprobe.d. + Otherwise it is not read by kmod. (Closes: #879191) + + [ Felipe Sateler ] + * Backport upstream (partial) fix for combined DynamicUser= + User= + UID was not allowed to be different to GID, which is normally the case in + debian, due to the group users being allocated the GID 100 without an + equivalent UID 100 being allocated. + * Backport upstream patches to fully make DynamicUser=yes + static, + pre-existing User= work. + + [ Martin Pitt ] + * Add missing python3-minimal dependency to systemd-tests + * Drop long-obsolete systemd-bus-proxy system user + systemd-bus-proxy hasn't been shipped since before stretch and never + created any files. Thus clean up the obsolete system user on upgrades. + (Closes: #878182) + * Drop static systemd-journal-gateway system user + systemd-journal-gatewayd.service now uses DynamicUser=, so we don't need + to create this statically any more. Don't remove the user on upgrades + though, as there is likely still be a running process. (Closes: #878183) + * Use DynamicUser= for systemd-journal-upload.service. + * Add Recommends: libnss-systemd to systemd-sysv. + This is useful to actually be able to resolve dynamically created system + users with DynamicUser=true. This concept is going to be used much more + in future versions and (hopefully) third-party .services, so pulling it + into the default installation seems prudent now. + * resolved: Fix loop on packets with pseudo dns types. + (CVE-2017-15908, Closes: #880026, LP: #1725351) + * bpf-firewall: Properly handle kernels without BPF cgroup but with TRIE maps. + Fixes "Detaching egress BPF: Invalid argument" log spam. (Closes: #878965) + * Fix MemoryDenyWriteExecution= bypass with pkey_mprotect() (LP: #1725348) + + -- Martin Pitt Wed, 15 Nov 2017 09:34:00 +0100 + +systemd (235-2) unstable; urgency=medium + + * Revert "tests: when running a manager object in a test, migrate to private + cgroup subroot first" + This was causing test suite failures when running inside a chroot. + + -- Michael Biebl Wed, 11 Oct 2017 00:46:07 +0200 + +systemd (235-1) unstable; urgency=medium + + [ Michael Biebl ] + * New upstream version 235 + - cryptsetup-generator: use remote-cryptsetup.target when _netdev is + present (Closes: #852534) + - tmpfiles: change btmp mode 0600 → 0660 (Closes: #870638) + - networkd: For IPv6 addresses do not treat IFA_F_DEPRECATED as not ready + (Closes: #869995) + - exec-util,conf-files: skip non-executable files in execute_directories() + (Closes: #867902) + - man: update udevadm -y/--sysname-match documentation (Closes: #865081) + - tmpfiles: silently ignore any path that passes through autofs + (Closes: #805553) + - shared: end string with % if one was found at the end of a expandible + string (Closes: #865450) + * Refresh patches + * Bump Build-Depends on libmount-dev to (>= 2.30) + * Install new modprobe.d config file + * Bump Standards-Version to 4.1.1 + + [ Martin Pitt ] + * Merge logind-kill-off autopkgtest into logind test. + This was horribly inefficient as a separate test (from commit + 6bd0dab41e), as that cost two VM resets plus accompanying boots; and + this does not change any state thus does not require this kind of + isolation. + + -- Michael Biebl Tue, 10 Oct 2017 18:29:28 +0200 + +systemd (234-3) unstable; urgency=medium + + [ Martin Pitt ] + * Various fixes for the upstream autopkgtest. + + [ Felipe Sateler ] + * Add fdisk to the dependencies of the upstream autopkgtest. + The upstream autopkgtest uses sfdisk, which is now in the non-essential + fdisk package. (Closes: #872119) + * Disable nss-systemd on udeb builds + * Correctly disable resolved on udeb builds + * Help fix collisions in libsystemd-shared symbols by versioning them. + Backport upstream patch to version the symbols provided in the private + library, so that they cannot confuse unversioned pam modules or libraries + linked into them. (Closes: #873708) + + [ Dimitri John Ledkov ] + * Cherrypick upstream networkd-test.py assertion/check fixes. + This resolves ADT test suite failures, when running tests under lxc/lxd + providers. + * Cherrypick arm* seccomp fixes. + This should resolve ADT test failures, on arm64, when running as root. + * Disable KillUserProcesses, yet again, with meson this time. + * initramfs-tools: trigger udevadm add actions with subsystems first. + This updates the initramfs-tools init-top udev script to trigger udevadm + actions with type specified. This mimics the systemd-udev-trigger.service. + Without type specified only devices are triggered, but triggering + subsystems may also be required and should happen before triggering the + devices. This is the case for example on s390x with zdev generated udev + rules. (LP: #1713536) + + [ Michael Biebl ] + * (Re)add --quiet flag to addgroup calls. + This is now safe with adduser having been fixed to no longer suppress + fatal error messages if --quiet is used. (Closes: #837871) + * Switch back to default GCC (Closes: #873661) + * Drop systemd-timesyncd.service.d/disable-with-time-daemon.conf. + All major NTP implementations ship a native service file nowadays with a + Conflicts=systemd-timesyncd.service so this drop-in is no longer + necessary. (Closes: #873185) + + -- Michael Biebl Mon, 04 Sep 2017 00:17:00 +0200 + +systemd (234-2.3) unstable; urgency=high + + * Non-maintainer upload. + * Also switch to g++-6 temporarily (needed for some tests): + - Add g++-6 to Build-Depends + - Export CXX = g++-6 + + -- Cyril Brulebois Thu, 24 Aug 2017 02:40:53 +0200 + +systemd (234-2.2) unstable; urgency=high + + * Non-maintainer upload. + * Switch to gcc-6 on all architectures, working around an FTBFS on mips64el, + apparently due to a gcc-7 bug (See: #871514): + - Add gcc-6 to Build-Depends in debian/control + - Export CC = gcc-6 in debian/rules + + -- Cyril Brulebois Wed, 23 Aug 2017 22:53:09 +0000 + +systemd (234-2.1) unstable; urgency=high + + * Non-maintainer upload. + * Fix missing 60-input-id.rules in udev-udeb, which breaks the graphical + version of the Debian Installer, as no key presses or mouse events get + processed (Closes: #872598). + + -- Cyril Brulebois Wed, 23 Aug 2017 20:41:33 +0200 + +systemd (234-2) unstable; urgency=medium + + [ Martin Pitt ] + * udev README.Debian: Fix name of example *.link file + + [ Felipe Sateler ] + * test-condition: Don't assume that all non-root users are normal users. + Automated builders may run under a dedicated system user, and this test + would fail that. + + [ Michael Biebl ] + * Revert "units: Tell login to preserve environment" + Environment=LANG= LANGUAGE= LC_CTYPE= ... as used in the getty units is + not unsetting the variables but instead sets it to an empty var. Passing + that environment to login messes up the system locale settings and + breaks programs like gpg-agent. + (Closes: #868695) + + -- Michael Biebl Thu, 20 Jul 2017 15:13:42 +0200 + +systemd (234-1) unstable; urgency=medium + + [ Michael Biebl ] + * New upstream version 234 + - tmpfiles: Create /var/log/lastlog if it does not exist. + (Closes: #866313) + - network: Bridge vlan without PVID. (Closes: #859941) + * Rebase patches + * Switch build system from autotools to meson. + Update the Build-Depends accordingly. + * Update fsckd patch for meson + * udev autopkgtest: no longer install test-udev binary manually. + This is now done by the upstream build system. + * Update symbols file for libsystemd0 + * Update lintian override for systemd-tests. + Upstream now installs manual and unsafe tests in subdirectories of + /usr/lib/systemd/tests/, so ignore those as well. + * Bump Standards-Version to 4.0.0 + * Change priority of libnss-* packages from extra to optional. + * Use UTF-8 locale when building the package. + Otherwise meson will be pretty unhappy when trying to process files with + unicode characters. Use C.UTF-8 as this locale is pretty much guaranteed + to be available everywhere. + * Mark test-timesync as manual. + The test tries to setup inotify watches for /run/systemd/netif/links + which fails in a buildd environment where systemd is not active. + * Do not link udev against libsystemd-shared. + We ship udev in a separate binary package, so can't use + libsystemd-shared, which is part of the systemd binary package. + * Avoid requiring a "kvm" system group. + This group is not universally available and as a result generates a + warning during boot. As kvm is only really useful if the qemu package is + installed and this package already takes care of setting up the proper + permissions for /dev/kvm, drop this rule from 50-udev-default.rules. + + [ Martin Pitt ] + * udev README.Debian: Update transitional rules and mention *.link files. + - 01-mac-for-usb.link got replaced with 73-usb-net-by-mac.rules + - /etc/systemd/network/50-virtio-kernel-names.link is an upgrade + transition for VMs with virtio + - Describe *.link files as a simpler/less error prone (but also less + flexible) way of customizing interface names. (Closes: #868002) + + -- Michael Biebl Thu, 13 Jul 2017 17:38:28 +0200 + +systemd (233-10) unstable; urgency=medium + + [ Martin Pitt ] + * Adjust var-lib-machines.mount target. + Upstream PR #6095 changed the location to + {remote-fs,machines}.target.wants, so just install all available ones. + + [ Dimitri John Ledkov ] + * Fix out-of-bounds write in systemd-resolved. + CVE-2017-9445 (Closes: #866147, LP: #1695546) + + [ Michael Biebl ] + * Be truly quiet in systemctl -q is-enabled (Closes: #866579) + * Improve RLIMIT_NOFILE handling. + Use /proc/sys/fs/nr_open to find the current limit of open files + compiled into the kernel instead of using a hard-coded value of 65536 + for RLIMIT_NOFILE. (Closes: #865449) + + [ Nicolas Braud-Santoni ] + * debian/extra/rules: Use updated U2F ruleset. + This ruleset comes from Yubico's libu2f-host. (Closes: #824532) + + -- Michael Biebl Mon, 03 Jul 2017 18:51:58 +0200 + +systemd (233-9) unstable; urgency=medium + + * hwdb: Use path_join() to generate the hwdb_bin path. + This ensures /lib/udev/hwdb.bin gets the correct SELinux context. Having + double slashes in the path makes selabel_lookup_raw() return the wrong + context. (Closes: #851933) + * Drop no longer needed Breaks against usb-modeswitch + * Drop Breaks for packages shipping rcS init scripts. + This transition was completed in stretch. + + -- Michael Biebl Mon, 19 Jun 2017 15:10:14 +0200 + +systemd (233-8) experimental; urgency=medium + + * Bump debhelper compatibility level to 10 + * Drop versioned Build-Depends on dpkg-dev. + It's no longer necessary as even Jessie ships a new enough version. + * timesyncd: don't use compiled-in list if FallbackNTP has been configured + explicitly (Closes: #861769) + * resolved: fix null pointer p->question dereferencing. + This fixes a bug which allowed a remote DoS (daemon crash) via a crafted + DNS response with an empty question section. + Fixes: CVE-2017-9217 (Closes: #863277) + + -- Michael Biebl Mon, 29 May 2017 14:12:08 +0200 + +systemd (233-7) experimental; urgency=medium + + [ Michael Biebl ] + * basic/journal-importer: Fix unaligned access in get_data_size() + (Closes: #862062) + * ima: Ensure policy exists before asking the kernel to load it + (Closes: #863111) + * Add Depends: procps to systemd. + It's required by /usr/lib/systemd/user/systemd-exit.service which calls + /bin/kill to stop the systemd --user instance. (Closes: #862292) + * service: Serialize information about currently executing command + (Closes: #861157) + * seccomp: Add clone syscall definitions for mips (Closes: #861171) + + [ Dimitri John Ledkov ] + * ubuntu: disable dnssec on any ubuntu releases (LP: #1690605) + + [ Felipe Sateler ] + * Specify nobody user and group. + Otherwise nss-systemd will translate to group 'nobody', which doesn't + exist on debian systems. + + -- Michael Biebl Wed, 24 May 2017 12:26:18 +0200 + +systemd (233-6) experimental; urgency=medium + + [ Felipe Sateler ] + * Backport upstream PR #5531. + This delays opening the mdns and llmnr sockets until a network has enabled + them. This silences annoying messages when networkd receives such packets + without expecting them: Got mDNS UDP packet on unknown scope. + + [ Martin Pitt ] + * resolved: Disable DNSSEC by default on stretch and zesty. + Both Debian stretch and Ubuntu zesty are close to releasing, switch to + DNSSEC=off by default for those. Users can still turn it back on with + DNSSEC=allow-downgrade (or even "yes"). + + [ Michael Biebl ] + * Add Conflicts against hal. + Since v183, udev no longer supports RUN+="socket:". This feature is + still used by hal, but now generates vast amounts of errors in the + journal. Thus force the removal of hal by adding a Conflicts to the udev + package. This is safe, as hal is long dead and no longer useful. + * Drop systemd-ui Suggests + systemd-ui is unmaintained upstream and not particularly useful anymore. + * journal: fix up syslog facility when forwarding native messages. + Native journal messages (_TRANSPORT=journal) typically don't have a + syslog facility attached to it. As a result when forwarding the + messages to syslog they ended up with facility 0 (LOG_KERN). + Apply syslog_fixup_facility() so we use LOG_USER instead. + (Closes: #837893) + * Split upstream tests into systemd-tests binary package (Closes: #859152) + * Get PACKAGE_VERSION from config.h. + This also works with meson and is not autotools specific. + + [ Sjoerd Simons ] + * init-functions Only call daemon-reload when planning to redirect + systemctl daemon-reload is a quite a heavy operation, it will re-parse + all configuration and re-run all generators. This should only be done + when strictly needed. (Closes: #861158) + + -- Michael Biebl Fri, 28 Apr 2017 21:47:14 +0200 + +systemd (233-5) experimental; urgency=medium + + * Do not throw a warning in emergency and rescue mode if plymouth is not + installed. + Ideally, plymouth should only be referenced via dependencies, not + ExecStartPre. This at least avoids the confusing error message on + minimal installations that do not carry plymouth. + * rules: Allow SPARC vdisk devices when identifying CD drives + (Closes: #858014) + + -- Michael Biebl Tue, 21 Mar 2017 21:00:08 +0100 + +systemd (233-4) experimental; urgency=medium + + [ Martin Pitt ] + * udev autopkgtest: Drop obsolete sys.tar.xz fallback. + This was only necessary for supporting 232 as well. + * root-unittest: Drop obsolete FIXME comment. + * Add libpolkit-gobject-1-dev build dep for polkit version detection. + * Move systemd.link(5) to udev package. + .link files are being handled by udev, so it should ship the + corresponding manpage. Bump Breaks/Replaces accordingly. (Closes: #857270) + + [ Michael Biebl ] + * Restart journald on upgrades (Closes: #851438) + * Avoid strict DM API versioning. + Compiling against the dm-ioctl.h header as provided by the Linux kernel + will embed the DM interface version number. Running an older kernel can + lead to errors on shutdown when trying to detach DM devices. + As a workaround, build against a local copy of dm-ioctl.h based on 3.13, + which is the minimum required version to support DM_DEFERRED_REMOVE. + (Closes: #856337) + + -- Michael Biebl Thu, 16 Mar 2017 18:40:16 +0100 + +systemd (233-3) experimental; urgency=medium + + [ Michael Biebl ] + * Install D-Bus policy files in /usr + * Drop no longer needed maintainer scripts migration code and simplify + various version checks + * Fix location of installed tests + * Override package-name-doesnt-match-sonames lintian warning for libnss-* + * Don't ship any symlinks in /etc/systemd/system. + Those should be created dynamically via "systemctl enable". + + [ Martin Pitt ] + * root-unittests autopkgtest: Skip test-udev. + It has its own autopkgtest and needs some special preparation. At some + point that should be merged into root-unittests, but let's quickfix this + to unbreak upstream CI. + + -- Michael Biebl Fri, 03 Mar 2017 19:49:44 +0100 + +systemd (233-2) experimental; urgency=medium + + * test: skip instead of fail if crypto kmods are not available. + The Debian buildds have module loading disabled, thus AF_ALG sockets are + not available during build. Skip the tests that cover those (khash and + id128) instead of failing them in this case. + https://github.com/systemd/systemd/issues/5524 + + -- Martin Pitt Fri, 03 Mar 2017 11:51:25 +0100 + +systemd (233-1) experimental; urgency=medium + + [ Martin Pitt ] + * New upstream release 233: + - udev: Remove /run/udev/control on stop to avoid sendsigs to kill + udevd. (Closes: #791944) + - nspawn: Handle container directory symlinks. (Closes: #805785) + - Fix mount units to not become "active" when NFS mounts time out. + (Closes: #835810) + - hwdb: Rework path/priority comparison when loading files from /etc/ + vs. /lib. (Closes: #845442) + - machinectl: Fix "list" command when failing to determine OS version. + (Closes: #849316) + - Support tilegx architecture. (Closes: #856306) + - systemd-sleep(8): Point out inhibitor interface as better alternative + for suspend integration. (Closes: #758279) + - journalctl: Improve error message wording when specifying boot + offset with ephemeral journal. (Closes: #839291) + * Install new systemd-umount and /usr/lib/environment.d/ + * Use "make install-tests" for shipped unit tests + * Switch back to gold linker on mips* + Bug #851736 got fixed now. + * debian/rules: Drop obsolete SETCAP path + + [ Michael Biebl ] + * Drop upstart jobs for udev + * Drop /sbin/udevadm compat symlink from udev-udeb and initramfs + * Drop Breaks and Replaces from pre-jessie + + -- Martin Pitt Thu, 02 Mar 2017 17:10:09 +0100 + +systemd (232-19) unstable; urgency=medium + + [ Martin Pitt ] + * debian/README.source: Update patch and changelog handling to current + reality. + * root-unittests autopkgtest: Blacklist test-journal-importer. + This got added in a recent PR, but running this requires using "make + install-tests" which hasn't landed yet. + * fsckd: Fix format specifiers on 32 bit architectures. + * resolved: Fix NSEC proofs for missing TLDs (Closes: #855479) + * boot-and-services autopkgtest: Skip CgroupsTest on unified hierarchy. + * boot-smoke autopkgtest: Run in containers, too. + * logind autopkgtest: Adjust to work in containers. + + [ Dimitri John Ledkov ] + * Fix resolved failing to follow CNAMES for DNS stub replies (LP: #1647031) + * Fix emitting change signals with a sessions property in logind + (LP: #1661568) + + [ Michael Biebl ] + * If an automount unit is masked, don't react to activation anymore. + Otherwise we'll hit an assert sooner or later. (Closes: #856035) + + [ Felipe Sateler ] + * resolved: add the new KSK to the built-in resolved trust anchor. + The old root key will be discarded in early 2018, so get this into + stretch. + * Backport some zsh completion fixes from upstream (Closes: #847203) + + -- Martin Pitt Thu, 02 Mar 2017 09:21:12 +0100 + +systemd (232-18) unstable; urgency=medium + + * udev autopkgtest: Adjust to script-based test /sys creation. + PR #5250 changes from the static sys.tar.xz to creating the test /sys + directory with a script. Get along with both cases until 233 gets + released and packaged. + * systemd-resolved.service.d/resolvconf.conf: Don't fail if resolvconf is + not installed. ReadWritePaths= fails by default if the referenced + directory does not exist. This happens if resolvconf is not installed, so + use '-' to ignore the absence. (Closes: #854814) + * Fix two more seccomp issues. + * Permit seeing process list of units whose unit files are missing. + * Fix systemctl --user enable/disable without $XDG_RUNTIME_DIR being set. + (Closes: #855050) + + -- Martin Pitt Mon, 13 Feb 2017 17:36:12 +0100 + +systemd (232-17) unstable; urgency=medium + + * Add libcap2-bin build dependency for tests. This will make + test_exec_capabilityboundingset() actually run. (Closes: #854394) + * Add iproute2 build dependency for tests. This will make + test_exec_privatenetwork() actually run; it skips if "ip" is not present. + (Closes: #854396) + * autopkgtest: Run all upstream unit tests as root. + Ship all upstream unit tests in libsystemd-dev, and run them all as root + in autopkgtest. (Closes: #854392) This also fixes the FTBFS on non-seccomp + architectures. + * systemd-resolved.service.d/resolvconf.conf: Allow writing to + /run/resolvconf. Upstream PR #5283 will introduce permission restrictions + for systemd-resolved.service, including the lockdown to writing + /run/systemd/. This will then cause the resolvconf call in our drop-in to + fail as that needs to write to /run/resolvconf/. Add this to + ReadWritePaths=. (This is a no-op with the current unrestricted unit). + + -- Martin Pitt Fri, 10 Feb 2017 11:52:46 +0100 + +systemd (232-16) unstable; urgency=medium + + [ Martin Pitt ] + * Add autopkgtest for test-seccomp + * udev: Fix by-id symlinks for devices whose IDs contain whitespace + (Closes: #851164, LP: #1647485) + * Add lintian overrides for binary-or-shlib-defines-rpath on shipped test + programs. This is apparently a new lintian warning on which uploads get + rejected. These are only test programs, not in $PATH, and they need to + link against systemd's internal library. + + [ Michael Biebl ] + * Fix seccomp filtering. (Closes: #852811) + * Do not crash on daemon-reexec when /run is full (Closes: #850074) + + -- Martin Pitt Thu, 09 Feb 2017 16:22:43 +0100 + +systemd (232-15) unstable; urgency=medium + + * Add missing Build-Depends on tzdata. + It is required to successfully run the test suite. (Closes: #852883) + * Bump systemd Breaks to ensure it is upgraded in lockstep with udev. + The sandboxing features used by systemd-udevd.service require systemd + (>= 232-11). (Closes: #853078) + * Bump priority of libpam-systemd to standard. + This reflects the changes that have been made in the archive a while + ago. See #803184 + + -- Michael Biebl Wed, 01 Feb 2017 22:45:35 +0100 + +systemd (232-14) unstable; urgency=medium + + * Deal with NULL pointers more gracefully in unit_free() (Closes: #852202) + * Fix issues in journald during startup + + -- Michael Biebl Mon, 23 Jan 2017 14:52:46 +0100 + +systemd (232-13) unstable; urgency=medium + + * Re-add versioned Conflicts/Replaces against upstart. + In Debian the upstart package was never split into upstart and + upstart-sysv, so we need to keep that for switching from upstart to + systemd-sysv. (Closes: #852156) + * Update Vcs-* according to the latest recommendation + * Update Homepage and the URLs in debian/copyright to use https + + -- Michael Biebl Sun, 22 Jan 2017 08:19:28 +0100 + +systemd (232-12) unstable; urgency=medium + + * Fix build if seccomp support is disabled + * Enable seccomp support on ppc64 + + -- Michael Biebl Wed, 18 Jan 2017 19:43:51 +0100 + +systemd (232-11) unstable; urgency=medium + + [ Martin Pitt ] + * Fix RestrictAddressFamilies= + Backport upstream fix for setting up seccomp filters to fix + RestrictAddressFamilies= on non-amd64 architectures. Drop the hack from + debian/rules to remove this property from unit files. + See #843160 + * Use local machine-id for running tests during package build. + Since "init" and thus "systemd" are not part of debootstrap any more, + some buildd chroots don't have an /etc/machine-id any more. Port the old + Add-env-variable-for-machine-ID-path.patch to the current code, use a + local machine-id again, and always make test suite failures fatal. + (Closes: #851445) + + [ Michael Biebl ] + * gpt-auto-generator: support LUKS encrypted root partitions + (Closes: #851475) + * Switch to bfd linker on mips* + The gold linker is currently producing broken libraries on mips* + resulting in segfaults for users of libsystemd. Switch to bfd until + binutils has been fixed. (Closes: #851412) + * Revert "core: turn on specifier expansion for more unit file settings" + The expansion of the % character broke the fstab-generator and + specifying the tmpfs size as percentage of physical RAM resulted in the + size being set to 4k. (Closes: #851492) + * Drop obsolete Conflicts, Breaks and Replaces + * Require systemd-shim version which supports v232. + See #844785 + + [ Ondřej Nový ] + * Redirect try-restart in init-functions hook (Closes: #851688) + + -- Michael Biebl Wed, 18 Jan 2017 12:38:54 +0100 + +systemd (232-10) unstable; urgency=medium + + * Add NULL sentinel to strjoin. + We haven't cherry-picked upstream commit 605405c6c which introduced a + strjoin macro that adds the NULL sentinel automatically so we need to do + it manually. (Closes: #851210) + + -- Michael Biebl Fri, 13 Jan 2017 05:08:55 +0100 + +systemd (232-9) unstable; urgency=medium + + * Use --disable-wheel-group configure switch. + Instead of mangling the tmpfiles via sed to remove the wheel group, use + the configure switch which was added upstream in v230. + See https://github.com/systemd/systemd/issues/2492 + * Update debian/copyright. + Bob Jenkins released the lookup3.[ch] files as public domain which means + there is no copyright holder. + * Drop fallback for older reportbug versions when attaching files + * debian/extra/init-functions.d/40-systemd: Stop checking for init env var. + This env variable is no longer set when systemd executes a service so + it's pointless to check for it. + * debian/extra/init-functions.d/40-systemd: Stop setting + _SYSTEMCTL_SKIP_REDIRECT=true. + It seems we don't actually need it to detect recursive loops (PPID is + sufficient) and by exporting it we leak _SYSTEMCTL_SKIP_REDIRECT into + the runtime environment of the service. (Closes: #802018) + * debian/extra/init-functions.d/40-systemd: Rename _SYSTEMCTL_SKIP_REDIRECT. + Rename _SYSTEMCTL_SKIP_REDIRECT to SYSTEMCTL_SKIP_REDIRECT to be more + consistent with other environment variables which are used internally by + systemd, like SYSTEMCTL_SKIP_SYSV. + * Various specifier resolution fixes. + Turn on specifier expansion for more unit file settings. + See https://github.com/systemd/systemd/pull/4835 (Closes: #781730) + + -- Michael Biebl Thu, 12 Jan 2017 16:59:22 +0100 + +systemd (232-8) unstable; urgency=medium + + [ Martin Pitt ] + * Drop systemd dependency from libnss-myhostname again. + This NSS module is completely independent from systemd, unlike the other + three. + * Install 71-seat.rules into the initrd. + This helps plymouth to detect applicable devices. (Closes: #756109) + * networkd: Fix crash when setting routes. + * resolved: Drop removal of resolvconf entry on stop. + This leads to timeouts on shutdown via the resolvconf hooks and does not + actually help much -- /etc/resolv.conf would then just be empty instead of + having a nonexisting 127.0.0.53 nameserver, so manually stopping resolved + in a running system is broken either way. (LP: #1648068) + * Keep RestrictAddressFamilies on amd64. + This option and libseccomp currently work on amd64 at least, so let's make + sure it does not break there as well, and benefit from the additional + protection at least on this architecture. + * Explicitly set D-Bus policy dir. + This is about to change upstream in + https://github.com/systemd/systemd/pull/4892, but as explained in commit + 2edb1e16fb12f4 we need to keep the policies in /etc/ until stretch+1. + + [ Michael Biebl ] + * doc: Clarify NoNewPrivileges in systemd.exec(5). (Closes: #756604) + * core: Rework logic to determine when we decide to add automatic deps for + mounts. This adds a concept of "extrinsic" mounts. If mounts are + extrinsic we consider them managed by something else and do not add + automatic ordering against umount.target, local-fs.target, + remote-fs.target. (Closes: #818978) + * rules: Add persistent links for nbd devices. (Closes: #837999) + + -- Michael Biebl Sat, 17 Dec 2016 01:54:18 +0100 + +systemd (232-7) unstable; urgency=medium + + [ Michael Biebl ] + * Mark liblz4-tool build dependency as + * udev: Try mount -n -o move first + initramfs-tools is not actually using util-linux mount (yet), so making + mount -n --move the first alternative would trigger an error message if + users have built their initramfs without busybox support. + + [ Alexander Kurtz ] + * debian/extra/kernel-install.d/85-initrd.install: Remove an unnecessary + variable. (Closes: #845977) + + [ Martin Pitt ] + * Drop systemd-networkd's "After=dbus.service" ordering, so that it can + start during early boot (for cloud-init.service). It will auto-connect to + D-Bus once it becomes available later, and transient (from DHCP) hostname + and timezone setting do not currently work anyway. (LP: #1636912) + * Run hwdb/parse_hwdb.py during package build. + * Package libnss-systemd + * Make libnss-* depend on the same systemd package version. + + -- Martin Pitt Wed, 30 Nov 2016 14:38:36 +0100 + +systemd (232-6) unstable; urgency=medium + + * Add policykit-1 test dependency for networkd-test.py. + * debian/rules: Don't destroy unit symlinks with sed -i. + Commit 21711e74 introduced a "sed -i" to remove RestrictAddressFamilies= + from units. This also caused unit symlinks to get turned into real files, + causing D-Bus activated services like timedated to fail ("two units with + the same D-Bus name"). + * Fall back to "mount -o move" in udev initramfs script + klibc's mount does not understand --move, so for the time being we need to + support both variants. (Closes: #845161) + * debian/README.Debian: Document how to generate a shutdown log. + Thanks 積丹尼 Dan Jacobson. (Closes: #826297) + + -- Martin Pitt Mon, 21 Nov 2016 10:39:57 +0100 + +systemd (232-5) unstable; urgency=medium + + * Add missing liblz4-tool build dependency. + Fixes test-compress failure during package build. + * systemd: Ship /var/lib. + This will soon contain a polkit pkla file. + + -- Martin Pitt Sun, 20 Nov 2016 12:22:52 +0100 + +systemd (232-4) unstable; urgency=medium + + [ Martin Pitt ] + * debian/tests/unit-config: Query pkg-config for system unit dir. + This fixes confusion on merged-/usr systems where both /usr/lib/systemd and + /lib/systemd exist. It's actually useful to verify that systemd.pc says the + truth. + * debian/tests/upstream: Fix clobbering of merged-/usr symlinks + * debian/tests/systemd-fsckd: Create /etc/default/grub.d if necessary + * debian/rules: Drop check for linking to libs in /usr. + This was just an approximation, as booting without an initrd could still be + broken by library updates (e. g. #828991). With merged /usr now being the + default this is now completely moot. + * Move kernel-install initrd script to a later prefix. + 60- does not leave much room for scripts that want to run before initrd + building (which is usually one of the latest things to do), so bump to 85. + Thanks to Sjoerd Simons for the suggestion. + * Disable 99-default.link instead of the udev rule for disabling persistent + interface names. + Disabling 80-net-setup-link.rules will also cause ID_NET_DRIVER to not be + set any more, which breaks 80-container-ve.network and matching on driver + name in general. So disable the actual default link policy instead. Still + keep testing for 80-net-setup-link.rules in the upgrade fix and + 73-usb-net-by-mac.rules to keep the desired behaviour on systems which + already disabled ifnames via that udev rule. + See https://lists.freedesktop.org/archives/systemd-devel/2016-November/037805.html + * debian/tests/boot-and-services: Always run seccomp test + seccomp is now available on all architectures on which Debian and Ubuntu + run tests, so stop making this test silently skip if seccomp is disabled. + * Bump libseccomp build dependency as per configure.ac. + * Replace "Drop RestrictAddressFamilies=" patch with sed call. + With that it will also apply to upstream builds/CI, and it is structurally + simpler. + * Rebuild against libseccomp with fixed shlibs. (Closes: #844497) + + [ Michael Biebl ] + * fstab-generator: add x-systemd.mount-timeout option. (Closes: #843989) + * build-sys: do not install ctrl-alt-del.target symlink twice. + (Closes: #844039) + * Enable lz4 support. + While the compression rate is not as good as XZ, it is much faster, so a + better default for the journal and especially systemd-coredump. + (Closes: #832010) + + [ Felipe Sateler ] + * Enable machines.target by default. (Closes: #806787) + + [ Evgeny Vereshchagin ] + * debian/tests/upstream: Print all journal files. + We don't print all journal files. This is misleading a bit: + https://github.com/systemd/systemd/pull/4331#issuecomment-252830790 + https://github.com/systemd/systemd/pull/4395#discussion_r87948836 + + [ Luca Boccassi ] + * Use mount --move in initramfs-tools udev script. + Due to recent changes in busybox and initramfs-tools the mount + utility is no longer the one from busybox but from util-linux. + The latter does not support mount -o move. + The former supports both -o move and --move, so use it instead to be + compatible with both. + See this discussion for more details: + https://bugs.debian.org/823856 (Closes: #844775) + + -- Michael Biebl Sun, 20 Nov 2016 03:34:58 +0100 + +systemd (232-3) unstable; urgency=medium + + [ Felipe Sateler ] + * Make systemd-delta less confused on merged-usr systems. (Closes: #843070) + * Fix wrong paths for /bin/mount when compiled on merged-usr system. + Then the build system finds /usr/bin/mount which won't exist on a + split-/usr system. Set the paths explicitly in debian/rules and drop + Use-different-default-paths-for-various-binaries.patch. (Closes: #843433) + + [ Martin Pitt ] + * debian/tests/logind: Split out "pid in logind session" test + * debian/tests/logind: Adjust "in logind session" test for unified cgroup + hierarchy + * debian/tests/boot-and-services: Check common properties of CLI programs. + Verify that CLI programs have a sane behaviour and exit code when being + called with --help, --version, or an invalid option. + * nspawn: Fix exit code for --help and --version (Closes: #843544) + * core: Revert using the unified hierarchy for the systemd cgroup. + Too many things don't get along with it yet, like docker, LXC, or runc. + (Closes: #843509) + + -- Martin Pitt Wed, 09 Nov 2016 09:34:45 +0100 + +systemd (232-2) unstable; urgency=medium + + * Drop RestrictAddressFamilies from service files. + RestrictAddressFamilies= is broken on 32bit architectures and causes + various services to fail with a timeout, including + systemd-udevd.service. + While this might actually be a libseccomp issue, remove this option for + now until a proper solution is found. (Closes: #843160) + + -- Michael Biebl Sat, 05 Nov 2016 22:43:27 +0100 + +systemd (232-1) unstable; urgency=medium + + [ Martin Pitt ] + * New upstream release 232: + - Fix "systemctl start" when ReadWriteDirectories is a symlink + (Closes: ##792187) + - Fix "journalctl --setup-keys" output (Closes: #839097) + - Run run sysctl service if /proc/sys/net is writable, for containers + (Closes: #840529) + - resolved: Add d.f.ip6.arpa to the DNSSEC default negative trust anchors + (Closes: #834453) + * debian/tests/logind: Copy the current on-disk unit instead of the + on-memory one. + * Build sd-boot on arm64. gnu-efi is available on arm64 now. + (Closes: #842617) + * Link test-seccomp against seccomp libs to fix FTBFS + * debian/rules: Remove nss-systemd (until we package it) + * Install new systemd-mount + + [ Michael Biebl ] + * Install new journal-upload.conf man pages in systemd-journal-remote + + -- Martin Pitt Fri, 04 Nov 2016 07:18:10 +0200 + +systemd (231-10) unstable; urgency=medium + + [ Martin Pitt ] + * systemctl: Add --wait option to wait until started units terminate again. + * nss-resolve: return NOTFOUND instead of UNAVAIL on resolution errors. + This makes it possible to configure a fallback to "dns" without breaking + DNSSEC, with "resolve [!UNAVAIL=return] dns". + * libnss-resolve.postinst: Skip dns fallback if resolve is present. + Only fall back to "dns" if nss-resolve is not installed (for the + architecture of the calling program). Once it is, we never want to fall + back to "dns" as that breaks enforcing DNSSEC verification and also + pointlessly retries NXDOMAIN failures. (LP: #1624071) + * unit: sent change signal before removing the unit if necessary + (LP: #1632964) + * networkd: Fix assertion crash on adding VTI with IPv6 addresses + (LP: #1633274) + * debian/tests/upstream: Stop specifying initrd, it is autodetected now. + * debian/tests/upstream: Add gcc/libc-dev/make test dependencies, + so that the tests can build helper binaries. + + [ Felipe Sateler ] + * Explicitly disable installing the upstream-provided PAM configuration. + * Register interest in the status of dracut and initramfs-tools in reportbug + template + + [ Michael Biebl ] + * Stop creating systemd-update-utmp-runlevel.service symlinks manually + + -- Martin Pitt Wed, 26 Oct 2016 13:24:37 +0200 + +systemd (231-9) unstable; urgency=medium + + * pid1: process zero-length notification messages again. + Just remove the assertion, the "n" value was not used anyway. This fixes + a local DoS due to unprocessed/unclosed fds which got introduced by the + previous fix. (Closes: #839171) (LP: #1628687) + * pid1: Robustify manager_dispatch_notify_fd() + * test/networkd-test.py: Add missing writeConfig() helper function. + + -- Martin Pitt Thu, 29 Sep 2016 23:39:24 +0200 + +systemd (231-8) unstable; urgency=medium + + [ Martin Pitt ] + * Replace remaining systemctl --failed with --state=failed + "--failed" is deprecated in favor of --state. + * debian/shlibs.local.in: More precisely define version of internal shared + lib. + * debian/tests/upstream: Drop blacklisting + These tests now work fine without qemu. + * debian/tests/storage: Avoid rmmod scsi_debug (LP: #1626737) + * upstream build system: Install libudev, libsystemd, and nss modules to + ${rootlibdir}. Drop downstream workaround from debian/rules. + * Ubuntu: Disable resolved's DNSSEC for the final 16.10 release. + Resolved's DNSSEC support is still not mature enough, and upstream + recommends to disable it in stable distro releases still. + * Fix abort/DoS on zero-length notify message triggers (LP: #1628687) + * resolved: don't query domain-limited DNS servers for other domains + (LP: #1588230) + + [ Antonio Ospite ] + * Update systemd-user pam config to require pam_limits.so. + (Closes: #838191) + + -- Martin Pitt Thu, 29 Sep 2016 13:40:21 +0200 + +systemd (231-7) unstable; urgency=medium + + [ Michael Biebl ] + * fsckd: Do not exit on idle timeout if there are still clients connected + (Closes: #788050, LP: #1547844) + + [ Martin Pitt ] + * 73-usb-net-by-mac.rules: Split kernel command line import line. + Reportedly this makes the rule actually work on some platforms. Thanks Alp + Toker! (LP: #1593379) + * debian/tests/boot-smoke: Only run 5 iterations + * systemd.postinst: Drop obsolete setcap call for systemd-detect-virt. + Drop corresponding libcap2-bin dependency. + * debian/tests/systemd-fsckd: Robustify check for "unit was running" + (LP: #1624406) + * debian/extra/set-cpufreq: Use powersave with intel_pstate. + This is what we did on xenial, and apparently powersave is still actually + better than performance. Thanks to Doug Smythies for the measurements! + (LP: #1579278) + * Ubuntu: Move ondemand.service from static to runtime enablement. + This makes it easier to keep performance, by disabling ondemand.service. + Side issue in LP: #1579278 + * Revert "networkd: remove route if carrier is lost" + This causes networkd to drop addresses from unmanaged interfaces in some + cases. (Closes: #837759) + * debian/tests/storage: Avoid stderr output of stopping systemd-cryptsetup@.service + * libnss-*.prerm: Remove possible [key=value] options from NSS modules as well. + (LP: #1625584) + + -- Martin Pitt Tue, 20 Sep 2016 15:03:06 +0200 + +systemd (231-6) unstable; urgency=medium + + [ Martin Pitt ] + * Add alternative iptables-dev build dependencies + libiptc-dev is very new and not yet present in stable Debian/Ubuntu releases. + Add it as a fallback build dependency for backports and upstream tests. + * Detect if seccomp is enabled but seccomp filtering is disabled + (Closes: #832713) + * resolved: recognize DNS names with more than one trailing dot as invalid + (LP: #1600000) + * debian/tests/smoke: Store udev db dump artifact on failure + * networkd: limit the number of routes to the kernel limit + * systemctl: consider service running only when it is in active or reloading state + * networkd: remove route if carrier is lost + * Add Ref()/Unref() bus calls for units + + [ Felipe Sateler ] + * git-cherry-pick: always recreate the patch-queue branch. + + [ Dimitri John Ledkov ] + * Use idiomatic variables from dpkg include. + + -- Martin Pitt Sun, 11 Sep 2016 15:00:55 +0200 + +systemd (231-5) unstable; urgency=medium + + [ Iain Lane ] + * Let graphical-session-pre.target be manually started (LP: #1615341) + + [ Felipe Sateler ] + * Add basic version of git-cherry-pick + * Replace Revert-units-add-a-basic-SystemCallFilter-3471.patch with upstream + patch + * sysv-generator: better error reporting. (Closes: #830257) + + [ Martin Pitt ] + * 73-usb-net-by-mac.rules: Test for disabling 80-net-setup-link.rules more + efficiently. Stop calling readlink at all and just test if + /etc/udev/rules.d/80-net-setup-link.rules exists -- a common way to + disable an udev rule is to just "touch" it in /etc/udev/rule.d/ (i. e. + empty file), and if the rule is customized we cannot really predict anyway + if the user wants MAC-based USB net names or not. (LP: #1615021) + * Ship kernel-install (Closes: #744301) + * Add debian/extra/kernel-install.d/60-initrd.install. + This kernel-install drop-in copies the initrd of the selected kernel to + the EFI partition. + * bootctl: Automatically detect ESP partition. + This makes bootctl work with Debian's /boot/efi/ mountpoint without having + to explicitly specify --path. + Patches cherry-picked from upstream master. + * systemd.NEWS: Point out that alternatively rcS scripts can be moved to + rc[2-5]. Thanks to Petter Reinholdtsen for the suggestion! + + [ Michael Biebl ] + * Enable iptables support (Closes: #787480) + * Revert "logind: really handle *KeyIgnoreInhibited options in logind.conf" + The special 'key handling' inhibitors should always work regardless of + any *IgnoreInhibited settings – otherwise they're nearly useless. + Update man pages to clarify that *KeyIgnoreInhibited only apply to a + subset of locks (Closes: #834148) + + -- Martin Pitt Fri, 26 Aug 2016 10:58:07 +0200 + +systemd (231-4) unstable; urgency=medium + + * Revert "pid1: reconnect to the console before being re-executed" + This unbreaks consoles after "daemon-reexec". (Closes: #834367) + + -- Martin Pitt Thu, 18 Aug 2016 07:03:13 +0200 + +systemd (231-3) unstable; urgency=medium + + * resolved resolvconf integration: Run resolvconf without privilege + restrictions. On some architectures (at least ppc64el), running resolvconf + does not work with MemoryDenyWriteExecute=yes. (LP: #1609740) + * Revert unit usage of MemoryDenyWriteExecute=yes. This is implemented + through seccomp as well. (Closes: #832713) + + -- Martin Pitt Mon, 15 Aug 2016 09:58:09 +0200 + +systemd (231-2) unstable; urgency=medium + + [ Martin Pitt ] + * debian/rules: Fix UPSTREAM_VERSION for upstream master builds + * Limit "link against /usr" check to some critical binaries only and add + generators + * debian/rules: Put back cleanup of *.busname (Closes: #833487) + * debian/tests/localed-x11-keymap: Robustify cleanup + * debian/tests/localed-x11-keymap: Check that localed works without + /etc/default/keyboard. This reproduces #833849. + * Revert "units: add a basic SystemCallFilter (#3471)" + This causes fatal failures on kernels that don't have seccomp enabled. + This can be reactivated once + https://github.com/systemd/systemd/issues/3882 is fixed. + (Closes: #832713, #832893) + + [ Simon McVittie ] + * localed: tolerate absence of /etc/default/keyboard. + The debian-specific patch to read Debian config files was not tolerating + the absence of /etc/default/keyboard. This causes systemd-localed to + fail to start on systems where that file isn't populated (like embedded + systems without keyboards). (Closes: #833849) + + -- Martin Pitt Sun, 14 Aug 2016 10:54:57 +0200 + +systemd (231-1) unstable; urgency=low + + [ Martin Pitt ] + * New upstream release 231: + - Fix "Failed to create directory /str/sys/fs/selinux: Read-only file + system" warning. (Closes: #830693) + * systemd.postinst: Remove systemd-networkd-resolvconf-update.path removal + leftover. (Closes: #830778) + * Drop support for rcS.d SysV init scripts. + These are prone to cause dependency loops, and almost all packages with + rcS scripts now ship a native systemd service. + * networkd: Handle router advertisements in userspace again. + Drop Revert-Revert-networkd-ndisc-revert-to-letting-the-k.patch. + Bug #814566/#815586 got fixed in 230, and #815884 and #815884 and #815793 + are unreproducible and need more reporter feedback. + * debian/gbp.conf: Enable dch options "full" and "multimaint-merge" + * systemd-sysv: Add Conflicts: systemd-shim. + To avoid shim trying to claim the D-Bus interfaces. + * Add graphical-session.target user unit. + * Add graphical-session-pre.target user unit + * Add debian/extra/units-ubuntu/user@.service.d/timeout.conf. + This avoids long hangs during shutdown if user services fail/hang due to + X.org going away too early. This is mostly a workaround, so only install + for Ubuntu for now. + * Dynamically add upstream version to debian/shlibs.local + * Set Debian/Ubuntu downstream support URL in journal catalogs + (Closes: #769187) + + [ Michael Biebl ] + * Restrict Conflicts: openrc to << 0.20.4-2.1. + Newer versions of openrc no longer ship conflicting implementations of + update-rc.d/invoke-rc.d. + * Add Depends: dbus to systemd-container. + This is required for systemd-machined and systemd-nspawn to work + properly. (Closes: #830575) + * Drop insserv.conf generator. + We no longer parse /etc/insserv.conf and /etc/insserv.conf.d/* and + augment services with that dependency information via runtime drop-in + files. Services which want to provide certain system facilities need to + pull in the corresponding targets themselves. Either directly in the + native service unit or by shipping a drop-in snippet for SysV init + scripts. (Closes: #825858) + * getty-static.service: Only start if we have a working VC subsystem. + Use ConditionPathExists=/dev/tty0, the same check as in getty@.service, + to determine whether we have a functional VC subsystem and we should + start any gettys. (Closes: #824779) + * Stop mentioning snapshot and restore in the package description. + Support for the .snapshot unit type has been removed upstream. + * Drop sigpwr-container-shutdown.service. + This is no longer necessary as lxc-stop has been fixed to use SIGRTMIN+3 + to shut down systemd based LXC containers. + https://github.com/lxc/lxc/pull/1086 + https://www.freedesktop.org/wiki/Software/systemd/ContainerInterface/ + + [ Felipe Sateler ] + * Add versioned breaks for packages shipping rcS init scripts + + -- Martin Pitt Tue, 26 Jul 2016 12:17:14 +0200 + +systemd (230-7) unstable; urgency=medium + + * Tell dh_shlibdeps to look in the systemd package for libraries. Otherwise + dpkg-shlibdeps fails to find libsystemd-shared as we no longer create a + shlibs file for it. + * Add Build-Depends-Package to libudev1.symbols and libsystemd0.symbols. + This ensures proper dependencies when a package has a Build-Depends on a + higher version of libudev-dev or libsystemd-dev then what it gets from the + used symbols. + + -- Michael Biebl Fri, 08 Jul 2016 13:04:33 +0200 + +systemd (230-6) unstable; urgency=medium + + [ Martin Pitt ] + * debian/tests/boot-smoke: Stop running in containers again, too unreliable + on Ubuntu s390x right now. + + [ Michael Biebl ] + * Bump Build-Depends on debhelper to (>= 9.20160114), required for + --dbgsym-migration support. + * Install test-udev binary into $libdir/udev/ not $libdir. Only libraries + should be installed directly into $libdir. + * Exclude libsystemd-shared from dh_makeshlibs. + + [ Felipe Sateler ] + * Do not install libsystemd-shared.so symlink + * {machine,system}ctl: always pass &changes and &n_changes (Closes: #830144) + + [ Michael Prokop ] + * debian/tests/logind: Ensure correct version of logind is running. + + -- Michael Biebl Thu, 07 Jul 2016 15:22:16 +0200 + +systemd (230-5) unstable; urgency=medium + + [ Martin Pitt ] + * Sync test/networkd-test.py with current upstream master, and remove our + debian/tests/networkd copy. Directly run test/networkd-test.py in + autopkgtest. + * debian/extra/rules/73-usb-net-by-mac.rules: Disable when + /etc/udev/rules.d/80-net-setup-link.rules is a symlink to /dev/null, to be + consistent with the documented way to disable ifnames. (Closes: #824491, + LP: #1593379) + * debian/rules: Ignore libcap-ng.so in the "does anything link against /usr" + check, to work around libaudit1 recently gaining a new dependency against + that library (#828991). We have no influence on that ourselves. This fixes + the FTBFS in the meantime. + + [ Felipe Sateler ] + * Convert common code into a private shared library. This saves about 9 MB + of installed size in the systemd package, and some more in systemd-*. + + -- Martin Pitt Fri, 01 Jul 2016 09:15:12 +0200 + +systemd (230-4) unstable; urgency=medium + + [ Martin Pitt ] + * tmp.mount: Add nosuid and nodev mount options. This restores compatibility + with the original SysV int RAMTMP defaults. (Closes: #826377) + * debian/tests/upstream: Some tests fail on platforms without QEMU at the + moment due to upstream PR#3587; blacklist these for now if QEMU is not + available. + * debian/rules: Don't run the "anything links against /usr" check for + upstream tests, as those run on Ubuntu 16.04 LTS which does not yet have + libidn moved to /lib. + * debian/tests/upstream: Clean up old journals before running a test, to + avoid printing a wrong one on failure. + * debian/tests/upstream: Do not run the QEMU tests on i386. Nested QEMU on + i386 causes testbed hangs on Ubuntu's cloud infrastructure, which is the + only place where these actually run. + * resolved: Fix SERVFAIL handling and introduce a new "Cache=" option to + disable local caching. + * resolved: Support IPv6 zone indices in resolv.conf. (LP: #1587489) + * resolved: Update resolv.conf when calling SetLinkDNS(). + * debian/tests/storage: Sync and settle udev after luksFormat, to reduce the + chance of seeing some half-written signatures. + * debian/tests/networkd: Stop skipping the two DHCP6 tests, this regression + seems to have been fixed now. + * resolved: respond to local resolver requests on 127.0.0.53:53. This + provides compatibility with clients that don't use NSS but do DNS queries + directly, such as Chrome. + * resolved: Don't add route-only domains to /etc/resolv.conf. + * systemd-resolve: Add --flush-caches and --status commands. + * Add debian/extra/units/systemd-resolved.service.d/resolvconf.conf to tell + resolvconf about resolved's builtin DNS server on 127.0.0.53. With that, + DNS servers picked up via networkd are respected when using resolvconf, + and software like Chrome that does not do NSS (libnss-resolve) still gets + proper DNS resolution. Drop the brittle and ugly + systemd-networkd-resolvconf-update.{path,service} hack instead. + * debian/tests/boot-smoke: Run in containers as well. + + [ Laurent Bigonville ] + * Build with IDN support. (Closes: #814528) + + -- Martin Pitt Wed, 29 Jun 2016 15:23:32 +0200 + +systemd (230-3) unstable; urgency=medium + + [ Martin Pitt ] + * debian/tests/boot-and-services: Adjust test_tmp_mount() for fixed + systemctl exit code for "unit not found" in upstream commit ca473d57. + * debian/tests/boot-and-services, test_no_failed(): Show journal of failed + units. + * debian/extra/init-functions.d/40-systemd: Adjust to changed systemctl + show behaviour in 231: now this fails for nonexisting units instead of + succeeding with "not-found". Make the code compatible to both for now. + * Fix networkd integration with resolvconf for domain-limited DNS servers, + so that these don't appear as global nameservers in resolv.conf. Thanks + Andy Whitcroft for the initial fix! Add corresponding test case to + debian/tests/networkd. (LP: #1587762) + * resolved: Fix comments in resolve.conf for search domain overflows. + (LP: #1588229) + * On Ubuntu, provide an "ondemand.service" that replaces + /etc/init.d/ondemand. The latter does not exist any more when + "initscripts" falls out of the default installation. (LP: #1584124) This + now does not do a fixed one-minute wait but uses "Type=idle" instead. This + also becomes a no-op when the CPU supports "intel_pstate" (≤ 5 years old), + as on these the ondemand/powersave schedulers are actually detrimental. + (LP: #1579278) + * debian/systemd-container.install: Drop *.busname installation, they are + going away upstream. + * debian/extra/init-functions.d/40-systemd: Do not call systemctl + daemon-reload if the script is called as user (like reportbug does). Also + make sure that daemon-reload will not invoke polkit. + * Install test-udeb from .libs, to avoid installing the automake shell + wrapper. + * Fix transaction restarting in resolved to avoid async processing of + free'd transactions. + (Closes: #817210, LP: #1587727, #1587740, #1587762, #1587740) + * Add "upstream" autopkgtest that runs the test/TEST* upstream integration + tests in QEMU and nspawn. + * Build systemd-sysusers binary, for using in rkt. Do not ship the + corresponding unit and sysusers.d/ files yet, as these need some + Debianization and an autopkgtest. (Closes: #823322) + * debian/tests/systemd-fsckd: Adjust was_running() to also work for version + 230. + + [ Michael Biebl ] + * Add "systemctl daemon-reload" to lsb init-functions hook if the LoadState + of a service is "not-found". This will run systemd-sysv-generator, so SysV + init scripts that aren't installed by the package manager should be picked + up automatically. (Closes: #825913) + * automount: handle expire_tokens when the mount unit changes its state. + (Closes: #826512) + * debian/systemd.preinst: Correctly determine whether a service is enabled. + Testing for the return code alone is not sufficient as we need to + differentiate between "generated" and "enabled" services. + (Closes: #825981) + + [ Felipe Sateler ] + * Drop configure option --disable-compat-libs. It no longer exists. + * Add policykit-1 to Suggests. It is used to allow unprivileged users to + execute certain commands. (Closes: #827756) + + -- Martin Pitt Tue, 21 Jun 2016 23:51:07 +0200 + +systemd (230-2) unstable; urgency=medium + + [ Martin Pitt ] + * Don't add a Breaks: against usb-modeswitch when building on Ubuntu; there + it does not use hotplug.functions and is a lower version. + * boot-and-services autopkgtest: Add missing xserver-xorg and + lightdm-greeter test dependencies, so that lightdm can start. + (See LP #1581106) + * Re-disable logind's KillUserProcesses option by default. (Closes: #825394) + + [ Michael Biebl ] + * Drop --disable-silent-rules from debian/rules. This is now handled by dh + directly depending on whether the DH_QUIET environment variable is set. + + -- Martin Pitt Tue, 31 May 2016 12:02:14 +0200 + +systemd (230-1) unstable; urgency=medium + + [ Martin Pitt ] + * New upstream release 230. + - Fix rare assertion failure in hashmaps. (Closes: #816612) + - Fix leaking scope units. (Closes: #805477) + - Fix wrong socket ownership after daemon-reload. (LP: #1577001) + - udev: Fix touch screen detection. (LP: #1530384) + * Drop cmdline-upstart-boot autopkgtest. It was still needed up to Ubuntu + 16.04 LTS, but upstart-sysv is not supported any more in Debian and Ubuntu + now. + * udev: Drop hotplug.functions, now that the last remaining user of this got + fixed. Add appropriate versioned Breaks:. + * debian/extra/rules/70-debian-uaccess.rules: Add some more FIDO u2f devices + from different vendors. Thanks Atoyama Tokanawa. + * Remove "bootchart" autopkgtest, this upstream version does not ship + bootchart any more. It will be packaged separately. + + [ Michael Biebl ] + * Drop obsolete --disable-bootchart configure switch from udeb build. + * Remove obsolete /etc/systemd/bootchart.conf conffile on upgrades. + + -- Martin Pitt Mon, 23 May 2016 09:42:51 +0200 + +systemd (229-6) unstable; urgency=medium + + * systemd-container: Prefer renamed "btrfs-progs" package name over + "btrfs-tools". (Closes: #822629) + * systemd-container: Recommend libnss-mymachines. (Closes: #822615) + * Drop systemd-dbg, in favor of debhelpers' automatic -dbgsym packages. + * Drop Add-targets-for-compatibility-with-Debian-insserv-sy.patch; we don't + need $x-display-manager any more as most/all DMs ship native services, and + $mail-transport-agent is not widely used (not even by our default MTA + exim4). + * Unify our two patches for Debian specific configuration files. + * Drop udev-re-enable-mount-propagation-for-udevd.patch, i. e. run udevd in + its own slave mount name space again. laptop-mode-tools 1.68 fixed the + original bug (#762018), thus add a Breaks: to earlier versions. + * Ship fbdev-blacklist.conf in /lib/modprobe.d/ instead of /etc/modprobe.d/; + remove the conffile on upgrades. + * Replace util-Add-hidden-suffixes-for-ucf.patch with patch that got + committed upstream. + * Replace Stop-syslog.socket-when-entering-emergency-mode.patch with patch + that got committed upstream. + * debian/udev.README.Debian: Adjust documentation of MAC based naming for + USB network cards to the udev rule, where this was moved to in 229-5. + * debian/extra/init-functions.d/40-systemd: Invoke status command with + --no-pager, to avoid blocking scripts that call an init.d script with + "status" with an unexpected pager process. (Closes: #765175, LP: #1576409) + * Add debian/extra/rules/70-debian-uaccess.rules: Make FIDO U2F dongles + accessible to the user session. This avoids having to install libu2f-host0 + (which isn't discoverable at all) to make those devices work. + (LP: #1387908) + * libnss-resolve: Enable systemd-resolved.service on package installation, + as this package makes little sense without resolved. + * Add a DHCP exit hook for pushing received NTP servers into timesyncd. + (LP: #1578663) + * debian/udev.postinst: Fix migration check from the old persistent-net + generator to not apply to chroots. (Closes: #813141) + * Revert "enable TasksMax= for all services by default, and set it to 512". + Introducing a default limit on number of threads broke a lot of software + which regularly needs more, such as MySQL and RabbitMQ, or services that + spawn off an indefinite number of subtasks that are not in a scope, like + LXC or cron. 512 is way too much for most "simple" services, and it's way + too little for the ones mentioned above. Effective (and much stricter) + limits should instead be put into units individually. + (Closes: #823530, LP: #1578080) + * Split out udev rule to name USB network interfaces by MAC address into + 73-usb-net-by-mac.rules, so that it's easier to disable. (Closes: #824025) + * 73-usb-net-by-mac.rules: Disable when net.ifnames=0 is specified on the + kernel command line, to be consistent with disabling the *.link files. + * 73-special-net-names.rule: Name the IBM integrated management module + virtual USB network card "ibmimm". Thanks Marco d'Itri! + + -- Martin Pitt Thu, 12 May 2016 09:40:19 +0200 + +systemd (229-5) unstable; urgency=medium + + * debian/tests/unit-config: Call "daemon-reload" to clean up generated units + in between tests. + * debian/tests/unit-config: Check that enable/disable commands are + idempotent. + * debian/tests/unit-config: Detect if system units are in /usr/, so that the + test works on systems with merged /usr. + * debian/tests/unit-config: Use systemd-sysv-install instead of update-rc.d + directly, so that the test works under Fedora too. + * debian/tests/unit-config: Check disabling of a "systemctl link"ed unit, + and check "systemctl enable" on a unit with full path which is not in the + standard directories. + * Rename debian/extra/rules/73-idrac.rules to 73-special-net-names.rules, as + it is going to get rules for other devices. Also install it into the + initramfs. + * debian/extra/rules/73-special-net-names.rules: Add DEVPATH number based + naming schema for ibmveth devices. (LP: #1561096) + * Don't set SYSTEMD_READY=0 on DM_UDEV_DISABLE_OTHER_RULES_FLAG=1 devmapper + devices with "change" events, as this causes spurious unmounting with + multipath devices. (LP: #1565969) + * Fix bogus "No [Install] section" warning when enabling a unit with full + path. (LP: #1563590) + * debian/tests/cmdline-upstart-boot: In test_rsyslog(), check for messages + from dbus instead of NetworkManager. NM 1.2 does not seem to log to syslog + by default any more. + * Bump Standards-Version to 3.9.8 (no changes necessary). + * debian/tests/boot-smoke: Add some extra debugging if there are pending + jobs after 10s, to figure out why lightdm is sometimes "restarting". + (for LP #1571673) + * debian/tests/boot-smoke: Configure dummy X.org driver (like in the + boot-and-services test), to avoid lightdm randomly fail. (LP: #1571673) + * Move Debian specific patches into debian/patches/debian (which translates + to "Gbp-Pq: Topic debian" with pq). This keeps upstream vs. Debian + patches separated without the comments in debian/patches/series (which + always get removed by "pq export"). + * Don't ship an empty /etc/X11/xinit/xinitrc.d/ directory, this isn't + supported in Debian. (Closes: #822198) + * udev: Mark nbd as inactive until connected. (Closes: #812485) + * On shutdown, unmount /tmp before disabling swap. (Closes: #788303) + * debian/systemd-coredump.postinst: Do daemon-reload before starting + systemd-coredump, as the unit file may have changed on upgrades. + (Closes: #820325) + * Set MAC based name for USB network interfaces only for universally + administered (i. e. stable) MACs, not for locally administered (i. e. + randomly generated) ones. Drop /lib/systemd/network/90-mac-for-usb.link + (as link files don't currently support globs for MACAddress=) and replace + with an udev rule in /lib/udev/rules.d/73-special-net-names.rules. + (Closes: #812575, LP: #1574483) + + -- Martin Pitt Mon, 25 Apr 2016 11:08:11 +0200 + +systemd (229-4) unstable; urgency=medium + + * Fix assertion crash when processing a (broken) device without a sysfs + path. (Closes: #819290, LP: #1560695) + * Fix crash when shutdown is issued from a non-tty. (LP: #1553040) + * networkd: Stay running while any non-loopback interface is up. + (Closes: #819414) + * Fix reading uint32 D-Bus properties on big-endian. + * Fix crash if an udev device has many tags or devlinks. (LP: #1564976) + * systemctl, loginctl, etc.: Don't start polkit agent when running as root. + (LP: #1565617) + * keymap: Add Add HP ZBook (LP: #1535219) and HP ProBook 440 G3. + * systemd.resource-control.5: Fix links to cgroup documentation on + kernel.org. (Closes: #819970) + * Install test-udev into libudev-dev, so that we have it available for + autopkgtests. + * Add "udev" autopkgtest for running the upstream test/udev-test.pl. + + -- Martin Pitt Thu, 07 Apr 2016 08:11:10 +0200 + +systemd (229-3) unstable; urgency=medium + + [ Martin Pitt ] + * debian/tests/timedated: Add tests for "timedatectl set-local-rtc". + * Be more tolerant in parsing /etc/adjtime. + * debian/systemd.postinst: Don't fail package installation if systemctl + daemon-reload trigger fails. This does not fix the root cause of the + reload failures, but at least causes fewer packages to be in a broken + state after upgrade, so that a reboot or apt-get -f install have a much + higher chance in succeeding. (For bugs like LP #1502097 or LP #1447654) + * debian/tests/networkd: Skip test_hogplug_dhcp_ip6 when running against + upstream as well. + * debian/tests/boot-and-services: Wait for units to stop with a "systemctl + is-active" loop instead of static sleeps. + * debian/tests/networkd: Skip DHCPv6 tests for downstream packages too. This + is an actual regression in networkd-229, to be investigated. But this + shouldn't hold up reverse dependencies. + * Fix assertion in add_random(). (LP: #1554861) + * debian/tests/boot-and-services: Don't assert on "Stopped Container c1" + message in NspawnTests.test_service(), this is sometimes not present. Just + check that the unit did not fail. + * Add "adduser" dependency to systemd-coredump, to quiesce lintian. + * Bump Standards-Version to 3.9.7 (no changes necessary). + * Fix timespec parsing by correctly initializing microseconds. + (Closes: #818698, LP: #1559038) + * networkd: Add fallback if FIONREAD is not supported. (Closes: #818488) + * Cherry-pick various fixes from upstream master. + - Fixes logout when changing the current target. (Closes: #805442) + + [ Evgeny Vereshchagin ] + * debian/tests/boot-and-services: Search systemd-coredump's output by + SYSLOG_IDENTIFIER. + * Add missing "Recommends: btrfs-tools" to systemd-container. + * Add systemd-coredump postinst/prerm to start/stop systemd-coredump.socket + without a reboot. (Closes: #816767) + + [ Felipe Sateler ] + * Set the paths of loadkeys and setfont via configure arguments, not a patch + + -- Martin Pitt Mon, 21 Mar 2016 14:11:44 +0100 + +systemd (229-2) unstable; urgency=medium + + * time-util: map ALARM clockids to non-ALARM clockids in now(), to work on + architectures which don't support CLOCK_BOOTTIME_ALARM. Fixes FTBFS on + many architectures. + * debian/systemd.postinst: Add missing newline to /etc/adjtime migration. + (See #699554) + * debian/systemd.postinst: Only try to enable tmp.mount if we actually + copied it to /etc. Don't try to enable a generated unit. (LP: #1545707) + * debian/tests/boot-and-services: Increase timeouts of test_bash_crash from + 5 to 10 seconds, and sync the journal after every iteration. + * debian/extra/checkout-upstream: Try again after one minute if git checkout + fails, to avoid failures from transient network errors. + * debian/tests/systemd-fsckd: Use grub.d/50-cloudimg-settings.cfg as a + template for generating our custom one instead of 90-autopkgtest.cfg. The + latter does not exist on non-x86 architectures and is not relevant for + this test. + * debian/tests/boot-and-services: Skip journal test for test_bash_crash when + running against upstream, as this currently fails most of the time. To be + investigated. + * debian/tests/networkd: Skip test_coldplug_dhcp_ip6 when running against + upstream, as this is brittle there. To be investigated. + * debian/tests/bootchart: Skip test if bootchart is not available or + testing in upstream mode. bootchart got removed from master and will be + moved to a separate repository. + * debian/tests/boot-and-services: Show verbose journal output on failure in + nspawn test, and sync journal before. + * Move systemd-coredump socket and service into systemd-coredump binary + package. + * Revert changing the default core dump ulimit and core_pattern. This + completely breaks core dumps without systemd-coredump. It's also + contradicting core(8). (Closes: #815020) + * Fix addresses for type "sit" tunnels. (Closes: #816132) + * networkd: Go back to letting the kernel handle IPv6 router advertisements, + as networkd's own currently has too many regressions. Thanks to Stefan + Lippers-Hollmann for investigating this! (Closes: #814566, + #814667, #815586, #815884, #815793) + + -- Martin Pitt Sun, 28 Feb 2016 22:16:12 +0100 + +systemd (229-1) unstable; urgency=medium + + * New upstream release 229. + - Fix systemctl behaviour in chroots. (Closes: #802780) + - Fix SELinux context of /run/user/$UID. (Closes: #775651) + - Add option to optionally turn of color output. (Closes: #783692) + - Don't git-ignore src/journal-remote/browse.html. (Closes: #805514) + - Do not warn about Wants depencencies on masked units. (LP: #1543282) + * debian/systemd.install: Ship the new systemd-resolve. + * libsystemd0.symbols: Add new symbols from this release. + * systemd-coredump.postinst: Create systemd-coredump system user. + * debian/tests/systemd-fsckd: Tame overly strict test for failed plymouth + unit, which is a race condition with plymouthd auto-stopping. + (LP: #1543144) + * Drop timedated-don-t-rely-on-usr-being-mounted-in-the-ini.patch. + initramfs-tools has mounted /usr since Jessie, and tzdata now creates + /etc/localtime as a symlink too (see #803144). + * Use-different-default-paths-for-various-binaries.patch: Drop path changes + for setcap (which is already a build dep and not used at all) and sulogin + (which is now in util-linux). + * Remove obsolete udev maintainer script checks: + - Drop check for kernel >= 2.6.32, which released in 2009. + - Drop restarting of some daemons due to the devtmpfs migration, which + happened before the above kernel even. + - Drop support for forcing upgrades on kernels known not to work via + /etc/udev/kernel-upgrade. Don't pretend that this would help, as users + could end up with a non-bootable system. Always fail early in preinst + when it's still possible to install a working kernel. + - Drop postinst test for "running in containers" -- it's actually possible + to run udev in containers if you mount /sys r/w and you know what you + are doing. Also, the init.d script and systemd service do that check + again. + - Keep the kernel feature and chroot checks, as these are still useful. + Simplify check_kernel_features() by eliminating some variables. + - Drop debconf templates. Two of them are obsolete, and having + CONFIG_SYSFS_DEPRECATED is now so implausible that this doesn't warrant + the overhead and translator efforts. + * Drop debian/tests/ifupdown-hotplug. The units moved into ifupdown, so the + test should go there too (see #814312). + * debian/tests/control: Reorder tests and add a comment which ones should + not be run for an upstream build. + * debian/tests/control: Rearrange tests and avoid removing test dependencies + to minimize testbed resets. + * Add debian/extra/checkout-upstream: Script to replace the current + source with a checkout of an upstream pull request, branch, or commit, + and remove debian/patches/. Call from debian/rules if $TEST_UPSTREAM is + set. This will be used for upstream CI. + * Enable seccomp support on powerpc, ppc64el, and s390x. + + -- Martin Pitt Thu, 11 Feb 2016 21:02:39 +0100 + +systemd (228-6) unstable; urgency=medium + + * Make-run-lock-tmpfs-an-API-fs.patch: Drop /run/lock from + tmpfiles.d/legacy.conf to avoid the latter clobbering the permissions of + /run/lock. Fixes fallout from cleanup in -5 that resulted /run/lock to + have 0755 permissions instead of 1777. (LP: #1541775) + + -- Martin Pitt Thu, 04 Feb 2016 11:46:54 +0100 + +systemd (228-5) unstable; urgency=medium + + [ Martin Pitt ] + * Drop systemd-vconsole-setup.service: It has never been installed/used in + Debian and is not necessary for Ubuntu any more. + * Drop halt-local.service. This has never been documented/used in Debian. + (LP: #1532553) + * debian/extra/initramfs-tools/scripts/init-bottom/udev: Prefer "nuke" + again, it comes from klibc-utils. But fall back to "rm" if it does not + exist. + * systemd-timesyncd.service.d/disable-with-time-daemon.conf: Also don't run + if /usr/sbin/VBoxService exists, as virtualbox-guest-utils already + provides time synchronization with the host. (Closes: #812522) + * Drop Michael Stapelberg from Uploaders:, he stopped maintenance long ago. + Thanks Michael for your great work in the past! + * Replace "sysv-rc" dependency with Conflicts: openrc, file-rc. The + rationale from #739679 still applies, but with the moving of + {invoke,update}-rc.d to init-system-helpers we don't actually need + anything from sysv-rc any more other than the assumption that SysV init + scripts are enabled in /etc/rc?.d/ for the SysV generator to work (and + file-rc and openrc don't do that). + * debian/tests/timedated: Verify /etc/localtime symlink. Skip verifying the + /etc/timezone file (which is Debian specific) if $TEST_UPSTREAM is set. + * debian/tests/localed-locale: Check /etc/locale.conf if $TEST_UPSTREAM is + set. + * debian/tests/localed-x11-keymap: Test /etc/X11/xorg.conf.d/00-keyboard.conf + if $TEST_UPSTREAM is set. + * debian/tests/boot-and-services: Check for reaching graphical.target + instead of default.target, as the latter is a session systemd state only. + * debian/tests/boot-and-services: Skip tests which are known to fail/not + applicable with testing upstream builds. + * Drop Fix-up-tmpfiles.d-permissions-properly.patch: + - /run/lock is already created differently by + Make-run-lock-tmpfs-an-API-fs.patch, and contradicts to that. + - /run/lock/lockdev/ isn't being used anywhere and got dropped + upstream; backport the patch (tmpfiles-drop-run-lock-lockdev.patch). + - Move dropping of "group:wheel" (which has never existed in Debian) into + debian/rules, to also catch occurrences in other parts of the file which + the static patch would overlook. + * Shorten persistent identifier for CCW network interfaces (on s390x only). + (LP: #1526808) + * debian/rules: If $TEST_UPSTREAM is set (when building/testing upstream + master instead of distro packages), don't fail on non-installed new files + or new library symbols. + * Add systemd-sysv conflict to upstart-sysv, and version the upstart + conflict. This works with both Debian's and Ubuntu's upstart packages. + + [ Michael Biebl ] + * Drop support for the /etc/udev/disabled flag file. This was a workaround + for udev failing to install with debootstrap because it didn't use + invoke-rc.d and therefor was not compliant with policy-rc.d. See #520742 + for further details. This is no longer the case, so supporting that file + only leads to confusion about its purpose. + * Retrigger cleanup of org.freedesktop.machine1.conf and + hwclock-save.service now that dpkg has been fixed to correctly pass the + old version to postinst on upgrade. (Closes: #802545) + * Only ship *.link files as part of the udev package. The *.network files + are solely used by systemd-networkd and should therefor be shipped by the + systemd package. (Closes: #808237) + * Cherry-pick a few fixes from upstream: + - Fix unaligned access in initialize_srand(). (Closes: #812928) + - Don't run kmod-static-nodes.service if module list is empty. This + requires kmod v23. (Closes: #810367) + - Fix typo in systemctl(1). (Closes: #807462) + - Fix systemd-nspawn --link-journal=host to not fail if the directory + already exists. (Closes: #808222) + - Fix a typo in logind-dbus.c. The polkit action is named + org.freedesktop.login1.power-off, not org.freedesktop.login1.poweroff. + - Don't log an EIO error in gpt-auto-generator if blkid finds something + which is not a partition table. (Closes: #765586) + - Apply ACLs to /var/log/journal and also set them explicitly for + system.journal. + * Only skip the filesystem check for /usr if the /run/initramfs/fsck-usr + flag file exists. Otherwise we break booting with dracut which uses + systemd inside the initramfs. (Closes: #810748) + * Update the instructions in README.Debian for creating /var/log/journal. + They are now in line with the documentation in the systemd-journald(8) man + page and ensure that ACLs and group permissions are properly set. + (Closes: #800947, #805617) + * Drop "systemctl daemon-reload" from lsb init-functions hook. This is no + longer necessary as invoke-rc.d and init-system-helpers take care of this + nowadays. + + -- Martin Pitt Wed, 03 Feb 2016 10:09:46 +0100 + +systemd (228-4) unstable; urgency=medium + + * debian/udev.README.Debian: Add alternative way of disabling ifnames. + (Closes: #809339) + * Put back /lib/udev/hotplug.functions, until the three remaining packages + that use it stop doing so. (Closes: #810114) + * debian/udev.README.Debian: Point out that any change to interface naming + rules requires an initrd update. + + -- Martin Pitt Mon, 11 Jan 2016 07:12:40 +0100 + +systemd (228-3) unstable; urgency=medium + + [ Martin Pitt ] + * debian/rules: Remove temporary debug output from test failures again. All + Debian buildd kernels are recent enough now, but add a check for kernels + older than 3.13 and ignore test failures for those. + * debian/tests/networkd: Factor out dnsmasq specific test "router" setup, so + that we can test against other implementations. + * debian/tests/networkd: Add router setup using an (isolated) networkd + process for configuring the veths and DHCP server. + * debian/tests/networkd: On failure, only show journal for current test. + * systemd-networkd-resolvconf-update.service: Wait for getting a name + server, not just for getting online. + * debian/tests/boot-and-services: Wait until bash crash stack trace is in + the journal before asserting on it. Also relax RE to work on non-x86 + architectures. + * debian/tests/networkd: If /etc/resolv.conf already has three nameservers, + accept that too (as then the additional test one can't be added any more). + * Fix FTBFS on x32. Thanks Helmut Grohne! (Closes: #805910) + * debian/tests/networkd: For IPv6 tests, also wait for IPv4 address to + arrive; s-n-wait-online already exits after getting an IPv6 address, but + we verify both. + * debian/tests/boot-and-services: Don't check for "Requesting system + poweroff" log message in nspawn test, current upstream master does not + write that any more. Instead check for "Stopped Container c1". + * Add "storage" autopkgtest. Initially this covers some basic use cases with + LUKS cryptsetup devices. + * Add acl build dependency (for ). Current upstream master now + needs it for some test cases. + * debian/extra/initramfs-tools/scripts/init-bottom/udev: Use "rm -rf" + instead of "nuke". The latter does not exist any more in current + initramfs-tools. + * Ignore test failures during "make check" if /etc/machine-id is missing + (like in ancient local schroots). (Closes: #807884) + * debian/extra/rules/80-debian-compat.rules: Remember which device got the + "cdrw", "dvd", or "dvdrw" symlink to avoid changing links on device + events. (Closes: #774080). Drop the rule for the "cdrom" symlink as that + is already created in 60-cdrom_id.rules. + * Eliminate "hotplug.functions" udev helper and put the logging functions + directly into net.agent. This simplifies the migration of the latter to + ifupdown. + * Adjust manpages to keep /usr/lib/systemd/{user*,boot,ntp-units.d,modules*} + paths, only keep /lib/systemd/{system*,network}. (Closes: #808997) + * debian/udev.README.Debian: Fix typo and slight wording improvement. + (Closes: #809513) + * Drop net.agent, 80-networking.rules, and ifup@.service. These moved to + ifupdown 0.8.5 now. Add Breaks: to earlier versions. + + [ Michael Biebl ] + * Bump Build-Depends on libdw-dev to (>= 0.158) as per configure.ac. + (Closes: #805631) + * Make sure all swap units are ordered before the swap target. This avoids + that swap devices are being stopped prematurely during shutdown. + (Closes: #805133) + * Drop unneeded /etc/X11/xinit/xinitrc.d/50-systemd-user.sh from the package + and clean up the conffile on upgrades. We have the dbus-user-session + package in Debian to properly enable the D-Bus user-session mode which + also takes care of updating the systemd --user environment. + (Closes: #795761) + * Stop testing for unknown arguments in udev maintainer scripts. + * Drop networking.service.d/systemd.conf. The ifupdown package now ships a + proper service file so this drop-in file is no longer necessary. + + [ Andreas Henriksson ] + * Fix LSB init hook to not reload masked services. (Closes: #804882) + + -- Martin Pitt Sat, 02 Jan 2016 17:42:56 +0100 + +systemd (228-2) unstable; urgency=medium + + * Remove wrong endianness conversion in test-siphash24 to fix FTBFS on + big-endian machines. + * Bump libseccomp-dev build dependency to indicate required versions for + backporting to jessie. (Closes: #805497) + + -- Martin Pitt Thu, 19 Nov 2015 11:37:45 +0100 + +systemd (228-1) unstable; urgency=medium + + [ Martin Pitt ] + * New upstream release: + - Fix journald killing by watchdog. (Closes: #805042) + - Drop check for /etc/mtab. (Closes: #802025) + - Follow unit file symlinks in /usr, but not /etc when looking for + [Install] data, to avoid getting confused by Aliases. (Closes: #719695) + - journalctl: introduce short options for --since and --until. + (Closes: #801390) + - journald: Never accept fds from file systems with mandatory locking. + (LP: #1514141) + - Put nspawn containers in correct slice. (LP: #1455828) + * Cherry-pick some networkd fixes from trunk to fix regressions from 228. + * debian/rules: Configure with --as-needed to avoid unnecessary binary + dependencies. + * systemd-networkd-resolvconf-update.service: Increase StartLimitBurst, as + this might be legitimately called several times in quick succession. If + that part of the "networkd" autopkgtest fails, show the journal log for + that service for easier debugging. + * debian/tests/boot-and-services: Add test case for systemd-coredump. + * Add systemd-coredump postinst/prerm to enable/disable this without a + reboot. + * debian/tests/networkd: Check for systemd-networkd-wait-online in /usr as + well, for usage in other distros. + * debian/tests/logind: Skip suspend test if the kernel does not support + suspend. + * debian/tests/logind: Split tests into functions. + * debian/tests/boot-and-services: Ignore failures of console-setup.service, + to work around LP: #1516591. + * debian/tests/control: Restrict boot-smoke test to isolation-machine, it + does not currently work well in LXC. + * debian/tests/networkd: Add new test cases for "DHCP=all, IPv4 only, + disabling RA" (which should always be fast), "DHCP=all, IPv4 only" (which + will require a longer timeout due to waiting 12s for a potential IPv6 RA + reply), and "DHCP=ipv4" (with and without RA). + * debian/tests/networkd: Fix UnicodeDecodeError under 'C' locale. + * debian/tests/networkd: Show networkctl and journal output on failure. + * debian/tests/networkd: Fix bytes vs. string TypeError in the IPv6 polling. + (LP: #1516009) + * debian/tests/networkd: Show contents of test .network file on failure. + * debian/tests/networkd: Skip if networkd is already running (safer when + running on real systems), and add copyright header. + * Bump util-linux dependencies to >= 2.27.1 to ensure that the mount monitor + ignores /etc/mtab. + + [ Felipe Sateler ] + * Enable elfutils support for getting stack traces for systemd-coredump. + * libnss-my{machines,hostname}.postrm: do not remove entries from + nsswitch.conf if there are packages from other architectures remaining. + + [ Michael Biebl ] + * Drop systemd-setup-dgram-qlen.service. This has been made obsolete by + upstream commit 1985486 which bumps net.unix.max_dgram_qlen to 512 early + during boot. + * Various cleanups to the udev maintainer scripts: + - Remove unused tempdir() function. + - Properly stop udev daemon on remove. + - Stop killing udev daemon on failed upgrades and drop the corresponding + starts from preinst. + - Stop masking systemd-udevd.service and udev.service during upgrades. We + restart the udev daemon in postinst, so those masks seem unnecessary. + + -- Martin Pitt Wed, 18 Nov 2015 16:11:59 +0100 + +systemd (227-3) unstable; urgency=medium + + [ Martin Pitt ] + * debian/tests/logind: Add tests for scheduled shutdown with and without + wall message. + * Import upstream fix for not unmounting system mounts (#801361) and drop + our revert patch. + * debian/tests/boot-smoke: Apply check for failed unmounts only to user + systemd processes, i. e. not to pid 1. + * Drop Fix-usr-remount-failure-for-split-usr.patch. Jessie has a new enough + initramfs-tools already, and this was just an error message, not breaking + the boot. + * Drop debian-fixup.service in favor of using a tmpfiles.d clause, which is + faster. + * Drop Order-remote-fs.target-after-local-fs.target.patch. It's mostly + academic and only applies to the already known-broken situation that rcS + init.d scripts depend on $remote_fs. + * Replace reversion of sd_pid_notify_with_fds() msg_controllen fix with + proper upstream fix to never block on sending messages on NOTIFY_SOCKET + socket. + * Drop check for missing /etc/machine-id on "make check" failure; this isn't + happening on current buildds any more. + * Drop Disable-tests-which-fail-on-buildds.patch, to re-evaluate what still + fails and needs fixing. On failure, show kernel version and /etc/hosts + to be able to debug them better. The next upload will make the necessary + adjustments to fix package builds again. + + [ Michael Biebl ] + * Drop dependency on udev from the systemd package. We don't need udev + within a container, so this allows us to trim down the footprint by not + installing the udev package. As the udev package has Priority: important, + it is still installed by default though. + * Include the status of the udev package when filing a bug report against + systemd, and vice versa. + * Use filter instead of findstring, since findstring also matches + substrings and we only want direct matches. + * systemd.bug-script: Fix typo. (Closes: #804512) + * Re-add bits which call SELinux in systemd-user pam service. + (Closes: #804565) + + [ Felipe Sateler ] + * Add libnss-resolve package. (Closes: #798905) + * Add systemd-coredump package. This Conflicts/Replaces/Provides a new + "core-dump-handler" virtual package. (Closes: #744964) + + -- Martin Pitt Wed, 11 Nov 2015 15:04:26 +0100 + +systemd (227-2) unstable; urgency=medium + + * Revert "sd_pid_notify_with_fds: fix computing msg_controllen", it causes + connection errors from various services on boot. (Closes: #801354) + * debian/tests/boot-smoke: Check for failed unmounts. This reproduces + #801361 (but not in a minimal VM, just in a desktop one). + * Revert "core: add a "Requires=" dependency between units and the + slices they are located in". This causes user systemd instances to try and + unmount system mounts (and succeed if you login as root). + (Closes: #801361) + + -- Martin Pitt Fri, 09 Oct 2015 12:34:27 +0200 + +systemd (227-1) unstable; urgency=medium + + * New upstream release. + - Bump watchdog timeout for shipped units to 3 min. (Closes: #776460) + - gpt-auto-generator: Check fstab for /boot entries. (Closes: #797326) + - Fix group of RuntimeDirectory dirs. (Closes: #798391) + - Support %i (and other macros) in RuntimeDirectory. (Closes: #799324) + - Bump util-linux/libmount-dev dependencies to >= 2.27. + * debian/libsystemd0.symbols: Add new symbols for this release. + * debian/extra/initramfs-tools/hooks/udev: Copy all + /etc/udev/rules.d/*.rules rules which are not merely overriding the one in + /lib/, not just 70-persistent-net.rules. They might contain network names + or other bits which are relevant for the initramfs. (Closes: #795494) + * ifup@.service: Drop PartOf=network.target; we don't want to stop these + units during shutdown. Stopping networking.service already shuts down the + interfaces, but contains the safeguard for NFS or other network file + systems. Isolating emergency.target still keeps working as before as well, + as this also stops networking.service. (Closes: #761909, LP: #1492546) + + -- Martin Pitt Thu, 08 Oct 2015 11:34:35 +0200 + +systemd (226-4) unstable; urgency=medium + + * debian/tests/logind: Be more verbose on failures. + * Revert networkd calling if-{up,post-down}.d/ scripts. About half of the + existing hooks are not relevant or even actively detrimental when running + with networkd. For the relevant ones, a lot of them should be fixed in the + projects themselves (using IP_FREEBIND etc.). (Closes: #798625) + * Add systemd-networkd-resolvconf-update.{path,service} units to send DNS + server updates from networkd to resolvconf, if installed and enabled. + * Don't restart logind on upgrades any more. This kills X.org (#798097) + while logind doesn't save/restore its open fds (issue #1163), and also + gets confused about being idle in between (LP: #1473800) + + -- Martin Pitt Fri, 02 Oct 2015 13:44:28 +0200 + +systemd (226-3) unstable; urgency=medium + + [ Martin Pitt ] + * README.Debian: Fix "other" typo. Thanks Salvatore Bonaccorso. + (Closes: #798737) + + [ Michael Biebl ] + * Stop building the compat library packages and drop them for good. + * Update debian/copyright. + + -- Michael Biebl Sat, 19 Sep 2015 19:06:51 +0200 + +systemd (226-2) unstable; urgency=medium + + * debian/udev.init: Mount /dev file system with nosuid. (LP: #1450960) + * udev.postinst: udev 226 introduced predictable interface names for virtio. + Create /etc/systemd/network/50-virtio-kernel-names.link on upgrade to + disable this, to avoid changing e. g. "eth0" to "ens3" in QEMU instances + and similar environments. (Closes: #799034) + + -- Martin Pitt Tue, 15 Sep 2015 15:21:09 +0200 + +systemd (226-1) unstable; urgency=medium + + [ Martin Pitt ] + * New upstream release: + - Fix scheduled shutdown to not shut down immediately. (Closes: #797763) + - Fix description of CPE_NAME in os-release(5). (Closes: #797768) + * debian/libsystemd0.symbols: Add new symbols from this release. + * Enable libseccomp support for mips64, mips64el, and x32. (Closes: #797403) + * debian/tests/networkd: Add hotplug tests. + * Make networkd call if-up.d/ scripts when it brings up interfaces, to + become compatible with ifupdown and NetworkManager for packages shipping + hooks. (LP: #1492129) + - Add debian/extra/systemd-networkd-dispatcher.c: suid root wrapper for + calling if-up.d/ or if-post-down.d/ hook scripts. Install it as + root:systemd-networkd 4754 so that only networkd can run it. + - Add networkd-call-systemd-networkd-dispatcher-when-links.patch: Call the + above wrapper when links go up/down. + - debian/tests/networkd: Verify that if-up.d/ and if-post-down.d/ scripts + get run for a networkd managed interface. + - Note that if-pre-up.d/ and if-down.d/ scripts are *not* being called, as + they are often not applicable for networkd (if-pre-up.d) and unreliable + (if-down.d). + * Drop udev-finish. We needed this for the autogenerated CD and network + interface names, but both are gone now. + * Drop debian/udev.udev-fallback-graphics.upstart. The vesafb module has + been compiled into the kernel in both Debian and Ubuntu for a fair while, + this never had a systemd equivalent, and Debian never shipped the + accompanying rules for determining $PRIMARY_DEVICE_FOR_DISPLAY. + * debian/control: Remove some boilerplate from the long descriptions, to + more easily get to the point what a specific package actually does. + * debian/README.Debian: As systemd is the default init now, replace the + documentation how to switch to systemd with how to switch back + (temporarily or permanently) to SysV init. Also move that paragraph to the + bottom as it's now less important. + * debian/README.Debian: Add a hint why you may want to enable persistent + journal, and suggest to uninstall system-log-daemon to avoid duplicate + logging. + * debian/README.Debian: Add documentation about networkd integration. + * Rename 01-mac-for-usb.link to 90-mac-for-usb.link so that it becomes + easier to override. + * debian-fixup.service just has one purpose now (make /etc/mtab a symlink), + so drop the debian/extra/debian-fixup shell script and put the ln command + directly into debian-fixup.service. Update the description. + * debian/tests/networkd: Check that /etc/resolv.conf gets the DHCP's + nameserver in case it is a symlink (i. e. dynamically managed by + systemd-resolved or resolvconf). + * systemd-networkd-dispatcher: Also pass on the DNS server list to if-up.d/ + as $IF_DNS_NAMESERVERS, so that resolvconf or similar programs work as + expected. + * Drop debian/systemd-journal-remote.postrm: Removing system users is + potentially dangerous (there might be a leftover process after purging). + + [ Michael Biebl ] + * Drop libsystemd-login-dev. All reverse dependencies have been updated to + use libsystemd-dev directly. + * Update build instructions to use "gbp clone" instead of "gbp-clone" as all + gbp-* commands have been removed from git-buildpackage. + + -- Martin Pitt Thu, 10 Sep 2015 16:53:53 +0200 + +systemd (225-1) unstable; urgency=medium + + [ Martin Pitt ] + * New upstream release. + - Fixes FTBFS on alpha. (Closes: #792551) + - Fixes machined state tracking logic. (Closes: #788269) + * Add better fix for "systemctl link/enable" breakage with full paths. + (LP: #1480310) + * debian/rules: Add missing $(dh_options) in overridden debhelper targets. + + [ Felipe Sateler ] + * Move conffile from systemd to systemd-container package (Closes: #797048) + + [ Michael Biebl ] + * Drop unnecessary Conflicts/Replaces from systemd-journal-remote. + None of the files in this package were previously shipped by systemd. + * Create system users for systemd-journal-{gateway,remote,upload} when + installing the systemd-journal-remote package. + * Explicitly turn off the features we don't want in a stage1 build. + Otherwise ./configure might enable them automatically if the build + dependencies are installed and "dh_install --fail-missing" will then fail + due to uninstalled files. + * Enable GnuTLS support as systemd-journal-remote makes sense mostly with + encryption enabled. + * Rely on build profiles to determine which packages should be skipped + during build and no longer specify that manually. + * Drop our patch which removes rc-local-generator. + rc-local.service acts as an ordering barrier even if its condition is + false, because conditions are evaluated when the service is about to be + started, not when it is enqueued. We don't want this ordering barrier on + systems that don't need/use /etc/rc.local. + + -- Michael Biebl Sun, 30 Aug 2015 21:18:59 +0200 + +systemd (224-2) unstable; urgency=medium + + [ Martin Pitt ] + * Skip systemd-fsckd autopkgtest if /run/initramfs/fsck-root exists, i. e. + the initramfs already ran fsck. + * Fix broken ACL in tmpfiles.d/systemd.conf. (Closes: #794645, LP: #1480552) + * Add debian/tests/unit-config: Test "systemctl link"; reproduces LP#1480310. + * Add a hack to unbreak "systemctl link". (LP: #1480310) + * debian/extra/rules-ubuntu/40-hyperv-hotadd.rules: Also apply to Xen, and + rename to 40-vm-hotadd.rules. + * Fix networkd crash. (Closes: #796358) + * debian/rules: Remove all files/empty dirs in systemd which are already + shipped by systemd-* or udev, instead of an explicit list. + * Bump "mount" dependency to >= 2.26, to ensure "swapon -o" availability. + (Closes: #796389) + * Install /lib/systemd/network/* into udev instead of systemd, as it's + really udev which is evaluating these. + * Split out "systemd-container" package with machined and nspawn and enable + importd. Add new libbz2-dev, zlib1g-dev, and libcurl-dev build deps. + (LP: #1448900) + * Move transitional libgcrypt11-dev build dep to libgcrypt20-dev. + * debian/rules: Limit check for libraries in /usr to systemd and udev + packages, as other packages like systemd-containers can (and do) link to + /usr. + * Build-depend on dpkg-dev (>= 1.17.14) and bump debhelper version for build + profiles support. + * Drop "display-managers" autopkgtest, obsolete with dropped + default-display-manager-generator. + * boot-and-services autopkgtest: Add systemd-container test dependency for + the nspawn tests. + * Don't enable audit support when building with "stage1" profile, to avoid + circular build dep. + + [ Helmut Grohne ] + * Improve support for cross-building and bootstrapping. + + [ Michael Biebl ] + * Drop default-display-manager-generator. All major desktops now use a + display manager which support the new scheme and setup the + /etc/systemd/system/display-manager.service symlink correctly. + * Add new binary package "systemd-journal-remote" with tools for + sending/receiving remote journal logs: + systemd-journal-{remote,upload,gatewayd}. (Closes: #742802, LP: #1480952) + + -- Martin Pitt Tue, 25 Aug 2015 12:40:35 +0200 + +systemd (224-1) unstable; urgency=medium + + * New upstream release. + * boot-and-services autopkgtest: Ignore thermald. Since 1.4.3-2 it starts by + default, but fails in most virtual envs. + + -- Martin Pitt Sat, 01 Aug 2015 13:38:57 +0200 + +systemd (223-2) unstable; urgency=medium + + * Don't enable gnu-efi on ARM. It FTBFSes and cannot really be tested now as + there is no available hardware. + * debian/extra/initramfs-tools/hooks/udev: Don't fail if + /etc/systemd/network/ does not exist. (Closes: #794050) + + -- Martin Pitt Thu, 30 Jul 2015 08:25:51 +0200 + +systemd (223-1) unstable; urgency=medium + + * New upstream release: + - Fix systemd-bootchart crash. (Closes: #792403) + - Trim list of files in /usr/share/doc/systemd/. (Closes: #791839) + - Fix "Invalid argument" failure with some journal files. + (Closes: #792090) + - tmpfiles: Don't recursively descend into journal directories in /var. + (Closes: #791897) + - Don't frequently wake up on disabled TimeoutIdleSec=, in particular in + automount timers. (LP: #1470845) + - tmpfiles: Don't delete lost+found/. (Closes: #788193) + + [ Michael Biebl ] + * udev: Remove obsolete rm_conffile/mv_conffile functions from udev.preinst. + The udev package is using dpkg-maintscripts-helper now to remove obsolete + conffiles. + * systemd: Remove obsolete conffile clean up from pre-wheezy. + * udev-udeb: Remove scsi_wait_scan hack from the start-udev script as well. + + [ Martin Pitt ] + * Enable GNU EFI support and add gnu-efi build dep. This enables/ships the + systemd EFI boot loader. (Closes: #787720, LP: #1472283) + * networkd autopkgtest: More robust/forceful killing of dnsmasq. + * ifup@.service: Drop "oneshot" to run ifup in the background during boot. + This avoids blocking network.target on boot with unavailable hotplug + interfaces in /etc/network/interfaces. (Closes: #790669, LP: #1425376) + * systemd.postinst: Avoid confusing error message about + /run/systemd/was-enabled not existing on reconfiguring. + * debian/extra/initramfs-tools/hooks/udev: Drop some redundant code. + * Fix networkd-wait-online -i to properly wait for the given interfaces + only. + * Drop debian/extra/base-installer.d/05udev: We use net.ifnames by default + now, thus we don't need to copy 70-persistent-*.rules any more. + * debian/extra/start-udev: Run d-i's udevd with "notice" log level, just + like we did in the initramfs in 219-10. + * Fix size explosion of networkd (post-223 patch from trunk). + + [ Julian Wollrath ] + * Copy all .link interface naming definitions to initramfs. (Closes: #793374) + + [ Felipe Sateler ] + * nss-my*.postinst: configure at the end of the hosts line, not before + files. (Closes: #789006) + + -- Martin Pitt Thu, 30 Jul 2015 00:02:26 +0200 + +systemd (222-2) unstable; urgency=medium + + [ Adam Conrad ] + * debian/udev-udeb.install: Install new bits for net.ifnames (LP: #1473542) + * debian/extra/initramfs-tools/hooks/udev: Do the same for initramfs-tools. + + [ Martin Pitt ] + * emergency.service: Wait for plymouth to shut down. Fixes invisible + emergency shell with plymouth running endlessly. (LP: #1471258) + * Add "networkd" autopkgtest. Covers basic DHCP on IPv4 and IPv4+6 on a veth + device. + + [ Michael Biebl ] + * Bump package priorities of systemd and systemd-sysv to important to match + what has been used in the Debian archive since Jessie. + * Drop scsi_wait_scan hack from the udev initramfs-tools script. This Linux + kernel module has been broken since 2.6.30 and as a result was removed in + 3.5. The Debian Jessie kernel no longer ships this module. + (Closes: #752775) + * Drop libsystemd-journald-dev and libsystemd-id128-dev. There are no + reverse dependencies left and we want to avoid new packages picking up + a build dependency on those obsolete transitional packages. + + -- Michael Biebl Wed, 15 Jul 2015 23:51:15 +0200 + +systemd (222-1) unstable; urgency=medium + + [ Martin Pitt ] + * New upstream release: + - Fix reload killing BusName= units. (Closes: #746151) + - sysv-generator: detect invalid names and escape them. (Closes: #677075) + - Document removal of PIDFile on daemon shutdown. (Closes: #734006) + - Drop Revert-rules-fix-tests-for-removable-state.patch, the auto-suspend + rules now got dropped entirely. + * Add Revert-VT-reuse-patches.patch: Revert a couple of logind VT reuse + patches which alternately broke lightdm and gdm. + * debian/libsystemd0.symbols: Add new symbols from this release. + * Disable test-netlink during package build, fails on some buildds. + * udev.postinst: Don't call addgroup with --quiet, so that if the "input" + group already exists as a non-system group you get a sensible error + message. Some broken tutorials forget the --system option. + (Closes: #769948, LP: #1455956) + * systemd.postinst: Drop the --quiet from the addgroup calls as well, same + reason as above. (Closes: #762275) + * udev: Drop doc dir symlinking. It has caused too much trouble and only + marginally helps to avoid duplication. Such duplication should be dealt + with at the distro, not package level. + * debian/rules: Entirely ignore $LD_PRELOAD instead of just libfakeroot in + the link check, to also avoid libeatmydata. (Closes: #790546) + * boot-and-services, display-managers autopkgtests: Install and configure + dummy X.org driver, so that these work in headless machines/VMs. + * systemd-fsckd autopkgtest: Stop using/asserting on lightdm, just check + that default.target is active. lightdm is prone to fail in test + environments, and fiddling with it in two other autopkgtests is + sufficient. + * debian/watch: Adjust to new upstream release model of only providing the + github tag tarballs. + * Drop dsl-modem.agent. It hasn't been maintained/tested for many years, few + if any people actually use this, and this doesn't belong into udev. + + [ Michael Biebl ] + * Stop building the Python 3 bindings. They were split into a separate + source package upstream and are now built from src:python-systemd. See + http://lists.freedesktop.org/archives/systemd-devel/2015-July/033443.html + * Remove obsolete --disable-chkconfig configure option. + * Move the man pages for libnss-myhostname, libnss-mymachines and udev.conf + from systemd into the correct package. Move the zsh completion file for + udevadm into the udev package as well. Add Breaks/Replaces accordingly. + (Closes: #790879) + * Drop rules which remove pre-generated files before build. The upstream + tarball no longer ships any pre-generated files so this is no longer + necessary. + * Fix cleanup rule for Python byte code files. + + -- Michael Biebl Wed, 08 Jul 2015 18:56:07 +0200 + +systemd (221-1) unstable; urgency=medium + + * New upstream release 221: + - Fix persistent storage links for Xen devices. (LP: #1467151) + - Drop all backported patches and port the others to new upstream release. + - debian/rules: Drop workarounds for broken 220 tarball, 221 is fine. + + [ Michael Biebl ] + * initramfs hook: Stop installing 55-dm.rules, 64-md-raid.rules, + 60-persistent-storage-lvm.rules and 60-persistent-storage-dm.rules. + The mdadm, lvm2 and dmsetup package provide their own udev hooks nowadays + to make sure their udev rules files are installed into the initramfs. + Having the copy rules at two places is confusing and makes debugging + harder. + * Make it possible to skip building udeb packages via + DEB_BUILD_OPTIONS="noudeb". This allows quicker builds for local testing + and is benefical for derivatives that don't use d-i. + * Install API documentation for libudev and libsystemd in their respective + packages. Both libraries use man pages now, so we need to be explicit + about what is installed where. + + [ Martin Pitt ] + * ifupdown-hotplug autopkgtest: Different cloud/desktop environments have + different ways of including /etc/network/interfaces.d/, try to get along + wit either and skip the test if interfaces.d/ does not get included at + all. + * Drop obsolete gtk-doc-tools build dependency, gtkdocize autoreconfig, and + ./configure options. + * libudev-dev.install: Drop gtk-doc files, not built by upstream any more + and replaced with manpages. + * libsystemd0.symbols: Add new symbols for this release. + * debian/rules: Fix paths in manpages as we don't currently have a merged + /usr in Debian but have most systemd things in /lib. This replaces the + previous huge and maintenance-intense patch. + * Drop Accept-mountall-specific-fstab-options.patch. Replaced with + systemd.postinst migration code in Ubuntu. + * Revert overly aggressive USB autosuspend udev rules change which broke + various USB keyboards. (Closes: #789723) + * Have rc-local.service output also go to the console. /etc/rc.local often + contains status messages which users expect to see during boot. + (LP: #1468102) + * debian/rules: Install udev.NEWS into libudev1, to get along with Debian's + udev -> libudev1 doc dir symlinking. (Closes: #790042) + + -- Martin Pitt Sun, 28 Jun 2015 12:05:36 +0200 + +systemd (220-7) unstable; urgency=medium + + [ Michael Biebl ] + * Enable seccomp support on arm64 as well. + * Replace the remainder of Fix-paths-in-man-pages.patch with an upstream + provided patch. + + [ Martin Pitt ] + * Switch to net.ifnames persistent network interfaces (on new + installations/for new hardware), and deprecate the old + 75-persistent-net-generator.rules. See the ML discussion for details: + https://lists.debian.org/debian-devel/2015/05/msg00170.html + https://lists.debian.org/debian-devel/2015/06/msg00018.html + - Drop Make-net.ifnames-opt-in-instead-of-opt-out.patch, to use + net.ifnames by default. + - Revert-udev-network-device-renaming-immediately-give.patch: Adjust + patch comment. + - Drop 75-persistent-net-generator.rules, write_net_rules helper and + rule_generator.functions. + - Adjust udev's README.Debian accordingly, and describe the migration. + This needs to happen manually as there is no robust way of doing this + automatically. + - Add udev NEWS file for announcing this change and pointing to udev's + README. + - udev.postinst: Drop write_interfaces_rules(). + - udev.postinst: Disable net.ifnames on systems which did not support + 75-persistent-net-generator.rules (most importantly, virtualized guests) + to avoid changing network interface names on upgrade. + - LP: #1454254 + * fsckd-daemon-for-inter-fsckd-communication.patch: Add fsckd.c to + POTFILES.in. + * ifupdown-hotplug autopkgtest: Fix config name in interfaces.d/, it must + not have a suffix in Debian. Also clean up the file after the test. + * net.agent: When running under systemd, run everything in the foreground. + This avoids killing the forked child in the middle of its operation under + systemd when the parent exits. + * Check during build that systemd and systemd-journald don't link against + anything in /usr, to prevent bugs like #771652 and #788913 in the future. + * Drop Skip-99-systemd.rules-when-not-running-systemd-as-in.patch. The rules + mostly just attach tags systemd specific properties which are harmless + under other init systems, and systemd-sysctl also works there. + * 80-networking.rules: Only call agents for add|remove, as they don't handle + other events. + * Restore udev watches on block device changes. (Closes: #789060, + LP: #1466081) + + -- Martin Pitt Wed, 17 Jun 2015 22:48:53 +0200 + +systemd (220-6) unstable; urgency=medium + + * Enable seccomp support on the architectures that provide libseccomp. + (Closes: #760299) + * boot-and-services autopkgtest: Add SeccompTest for the above. + * boot-and-services autopkgtest: Check that we don't get an unwanted + tmp.mount unless /etc/fstab explicitly specifies it. + * Bump libcap-dev build dep to the version that provides libcap2-udeb. + (Closes: #787542) + * Stop installing tmp.mount by default; there are still situations where it + becomes active through dependencies from other units, which is surprising, + hides existing data in /tmp during runtime, and it isn't safe to have a + tmpfs /tmp on every install scenario. (Closes: #783509) + - d/rules: Ship tmp.mount in /usr/share/systemd/ instead of + /lib/systemd/systemd. + - systemd.postinst: When tmp.mount already was enabled, install tmp.mount + into /etc and keep it enabled. + - systemd.postinst: When enabling tmp.mount because of RAMTMP=yes, copy it + from /usr/share. + - Drop Don-t-mount-tmp-as-tmpfs-by-default.patch and + PrivateTmp-shouldn-t-require-tmpfs.patch, not necessary any more. + + -- Martin Pitt Thu, 11 Jun 2015 09:25:49 +0200 + +systemd (220-5) unstable; urgency=medium + + * debian/README.source: Upstream repository moved to github, adjust + cherry-picking instructions accordingly. + * debian/control: Replace obsolete Python2 version header with + X-Python3-Version. + * dracut: Fix path to systemd-fsck. (Closes: #787553) + * Ignore test failures during build if /etc/machine-id is missing (which is + the case in a few buildd chroots still). (Closes: #787258) + * debian/udev.README.Debian: Move network interface hotplug documentation + into separate section. Point out that "lo" does not need to be configured + in ifupdown under systemd. + * debian/udev.README.Debian: Document net.ifnames, and how to write udev + rules for custom network names. + * Add debian/extra/01-mac-for-usb.link: Use MAC based names for network + interfaces which are (directly or indirectly) on USB. Path based names + are inadequate for dynamic buses like USB. + * Fix another escape parsing regression in Exec*= lines. (Closes: #787256) + * Disable EFI support for udeb build. + * Refine detection of touch screen devices. + + -- Martin Pitt Sun, 07 Jun 2015 16:52:33 +0200 + +systemd (220-4) unstable; urgency=medium + + [ Martin Pitt ] + * debian/extra/initramfs-tools/scripts/init-top/udev: Drop $ROOTDELAY wait. + This does not concern udev in particular, but is handled by + initramfs-tools itself (scripts/local). The intention of this parameter is + not to statically wait for the given time, but wait *up to* that time for + the root device to appear. + * Add debian/extra/units/rc-local.service.d/wait-online.conf: Make + rc-local.service wait for network-online.target (if it gets started). This + not specified by LSB, but has been behaving that way in Debian under SysV + init and upstart. (LP: #1451797) + * Fix parsing of escape characters in Exec*= lines. (Closes: #787256) + * Drop path_is_mount_point-handle-false-positive-on-some-fs.patch (it was + already not applied in 220-1). This needs to be re-thought and re-done + against the current code, and overlayfs in general. On overlayfs this + still reports false positives for files that changed in the upperdir, but + this does not break systemd-machine-id-commit any more. + * Add debian/extra/rules/80-debian-compat.rules, replacing three of our + patches. These are independent udev rules to change device permissions and + add CD/DVD symlinks for compatibility with earlier Debian releases. + + [ Michael Biebl ] + * Bump Depends on util-linux to make sure we have a sulogin implementation + which properly cleans up its children when emergency.service is restarted. + (Closes: #784238) + * Stop using /sbin/udevd and drop the compat symlink. + * Remove any vestiges of /dev/.udev/. This directory has been replaced by + /run/udev/ since wheezy. + * Drop udev migration code from pre-wheezy. + + -- Martin Pitt Tue, 02 Jun 2015 08:16:36 +0200 + +systemd (220-3) unstable; urgency=medium + + * Fix ProtectSystem=yes to actually protect /usr, not /home. + (Closes: #787343) + * sd-device: fix device_get_properties_strv(). Fixes environment for + processes spawned by udev, in particular "allow-hoplug" ifupdown + interfaces via ifup@.service. (Closes: #787263) + * Ignore test failures on mipsel; the three failures are not reproducible on + the porter box (different kernel?). (See #787258) + * Add ifupdown-hotplug autopkgtest. Reproduces #787263. + * udev: Bring back persistent storage symlinks for bcache. Thanks David + Mohr! (Closes: #787367) + * sd-device: Fix invalid property strv pointers. This unbreaks the + environment of udev callouts. + + -- Martin Pitt Mon, 01 Jun 2015 12:58:20 +0200 + +systemd (220-2) unstable; urgency=low + + * 220-1 was meant to go to experimental, but was accidentally uploaded to + unstable. This was planned for next week anyway, just not on a Friday; + we don't revert, but keep an RC bug open for a few days to get broader + testing. Reupload 220-1 with its changelog actually pointing to unstable + and with all versions in the .changes. + + -- Martin Pitt Fri, 29 May 2015 18:54:09 +0200 + +systemd (220-1) unstable; urgency=medium + + [ Martin Pitt ] + * New upstream release: + - Ship sdio.ids and ids-update.pl in upstream tarball. (Closes: #780650) + - Drop non-working "journalctl /dev/sda" example from manpage + (Closes: #781604) + - man systemd.network: Explain UseDomains a bit more (not used by + default). (Closes: #766413) + - Ignore comments in /etc/hostname (LP: #1053048) + - Drop all backported patches and port the others to new upstream release. + * Cherry-pick patch to fix udevd --daemon assertion regression. + * Cherry-pick patch to fix udevd worker hang. + * systemd.install: systemd.pc moved back into /usr/share/pkgconfig/. + * libsystemd0.symbols: Add new symbols from this release. + * Drop debian/extra/60-keyboard.hwdb for now. Upstream has a newer version, + and it's not nearly as often updated any more as it used to be. + * debian/rules: Remove shipped audit_type-to-name.h and + keyboard-keys-from-name.gperf and regenerate them during build (bug in + upstream 220 tarball). + * autopkgtest: Ship/use mock fsck from debian/tests, as it's missing in the + 220 tarball. + * Add libnss-mymachines binary package. (Closes: #784858) + * Add libnss-myhostname binary package, taking over from the very old and + unmaintained standalone source package as per its maintainer's request. + (Closes: #760514) + * Drop buildsys-Don-t-default-to-gold-as-the-linker.patch and set LD in + debian/rules on sparc only. This can be dropped entirely once we build + GUdev from a separate source. + * bootchart autopkgtest: Skip test if /proc/schedstat does not exist, i. e. + the kernel is missing CONFIG_SCHEDSTAT. Bootchart requires this. + * systemd-fsckd autopkgtest: On Debian plymouth-start stays running, adjust + was_running() for that. + * systemd-fsckd autopkgtest: In test_systemd_fsck_with_plymouth_failure(), + fix plymouthd status check to work under both Debian and Ubuntu. + * Replace almost all of Fix-paths-in-man-pages.patch with upstreamed + patches. (The remainder is planned to get fixed upstream as well.) + * Remove our update-rc.d patches, replace them with upstream patches for + /lib/systemd/systemd-sysv-install abstraction, and provide one for + update-rc.d. Also implement "is-enabled" command by directly checking for + the presence of rcS or rc5 symlinks. (Closes: #760616) + * Fix path_is_mount_point for files (regression in 220). + * debian/control: Drop obsolete XS-Testsuite:, dpkg adds it automatically. + * Use Ubuntu's default NTP server for timesyncd when building on Ubuntu. + + [ Michael Biebl ] + * Remove /var/run and /var/lock migration code from debian-fixup. The /run + migration was completed in wheezy so this is no longer necessary. + * Drop our versioned Depends on initscripts. This was initially added for + the /run migration and later to ensure we have a mountnfs hook which + doesn't cause a deadlock under systemd. The /run migration was completed + in wheezy and jessie ships a fixed mountnfs hook. In addition we now use + the ignore-dependencies job mode in our lsb init-functions hook, so it's + safe to drop this dependency. + * Stop building gudev packages. Upstream has moved the gudev code into a + separate repository which is now managed on gnome.org. The gudev packages + will be built from src:libgudev from now on. See also + http://lists.freedesktop.org/archives/systemd-devel/2015-May/032070.html + + -- Martin Pitt Fri, 29 May 2015 10:37:40 +0200 + +systemd (219-10) experimental; urgency=medium + + * Fix assertion crash with empty Exec*= paths. (LP: #1454173) + * Drop Avoid-reload-and-re-start-requests-during-early-boot.patch + and Avoid-reloading-services-when-shutting-down.patch: This was fixed more + robustly in invoke-rc.d and service now, see #777113. + * debian/tests/boot-smoke: Allow 10 seconds for systemd jobs to settle down. + * Fix "tentative" state of devices which are not in /dev (mostly in + containers), and avoid overzealous cleanup unmounting of mounts from them. + (LP: #1444402) + * debian/extra/udev-helpers/net.agent: Eliminate cat and most grep calls. + * Drop Set-default-polling-interval-on-removable-devices-as.patch; it's long + obsolete, CD ejection with the hardware button works properly without it. + * Re-enable-journal-forwarding-to-syslog.patch: Update patch description, + journal.conf.d/ exists now. + * journal: Gracefully handle failure to bind to audit socket, which is known + to fail in namespaces (containers) with current kernels. Also + conditionalize systemd-journald-audit.socket on CAP_AUDIT_READ. + (LP: #1457054) + * Put back *.agent scripts and use net.agent in Ubuntu. This fixes escaping + of unit names, reduces the delta, and will make it easier to get a common + solution for integrating ifup.d/ scripts with networkd. + * When booting with "quiet", run the initramfs' udevd with "notice" log + level. (LP: #1432171) + * Add sigpwr-container-shutdown.service: Power off when receiving SIGPWR in + a container. This makes lxc-stop work for systemd containers. + (LP: #1457321) + * write_net_rules: Escape '{' and '}' characters as well, to make this work + with busybox grep. Thanks Faidon Liambotis! (Closes: #765577) + + -- Martin Pitt Thu, 21 May 2015 09:43:52 +0200 + +systemd (219-9) experimental; urgency=medium + + * 75-persistent-net-generator.rules: Fix rules for ibmveth (it's a driver, + not a subsystem). (LP: #1437375) + * debian/tests/unit-config: Add tests for systemctl enable/disable on a + SysV-only unit. Reproduces LP #1447807. + * Fix systemctl enable for SysV scripts without a native unit. We must not + try and enable the nonexisting unit then. (LP: #1447807) + * Drop Add-env-variable-for-machine-ID-path.patch. systemd should always + be installed via the essential "init" in buildd schroots now. + * debian/README.source: Update git-buildpackage commands for the renames in + 0.6.24. + * Make apparmor run before networking, to ensure that profiles apply to + e. g. dhclient (LP: #1438249): + - Rename networking.service.d/network-pre.conf to systemd.conf, and add + After=apparmor.service. + - ifup@.service: Add After=apparmor.service. + - Add Breaks: on apparmor << 2.9.2-1, which dropped its dependency to + $remote_fs. + * Drop login-don-t-overmount-run-user-UID-on-upgrades.patch and + login-don-t-overmount-run-user-UID-on-upgrades.patch, these were only + needed for upgrades from wheezy to jessie. + * systemd.{pre,post}inst: Clean up obsolete (pre-wheezy/jessie) upgrade + fixes. + * systemd-fsckd autopkgtest: Stop assuming that + /etc/default/grub.d/90-autopkgtest.cfg exists. + * systemd-fsckd autopkgtest: Add missing plymouth test dependency. + * Drop core-mount-ensure-that-we-parse-proc-self-mountinfo.patch, and bump + util-linux dependency to the version which enables + --enable-libmount-force-mountinfo. + + -- Martin Pitt Wed, 13 May 2015 12:27:21 +0200 + +systemd (219-8) experimental; urgency=medium + + [ Michael Biebl ] + * Skip filesystem check if already done by the initramfs. (Closes: #782522) + * Drop hard-coded versioned dependency on libapparmor1. Bump the + Build-Depends on libapparmor-dev instead. This ensures a proper versioned + dependency via Build-Depends-Package. + * Revert "Make apparmor run before networking". This causes dependency + cycles while apparmor still depends on $remote_fs. + * Cleanup hwclock-save.service symlinks when upgrading from the jessie + version. + + [ Martin Pitt ] + * cryptsetup: Implement offset and skip options. (Closes: #751707, + LP: #953875) + * logind autopkgtest: Add test for suspending on lid switch close. + This reproduces LP #1444166 (lid switch not working in the first few + minutes after boot). + * Reduce the initial suspend supression time from 3 minutes to 30 seconds, + and make it configurable. (LP: #1444166) + * Fix double free crash in "systemctl enable" when calling update-rc.d and + the latter fails. (Closes: #764613, LP: #1426588) + * hwdb: Fix wireless switch on Dell Latitude (LP: #1441849) + * Fix assertion crash when reading a service file with missing ' and + trailing space. (LP: #1447243) + * ifup@.service: Set IgnoreOnIsolate, so that "systemctl default" does not + shut down network interfaces. (Closes: #762953, LP: #1449380). + Add PartOf=network.target, so that stopping network.target also stops + network interfaces (so that isolating emergency.target and similar work as + before). + * Revert upstream commit 743970d which immediately SIGKILLs units during + shutdown. This leads to problems like bash not being able to write its + history, mosh not saving its state, and similar failed cleanup actions. + (Closes: #784720, LP: #1448259) + * Drop the reversion of "journald: allow restarting journald without losing + stream connections", and replace with proper upstream fix for + sd_pid_notify_with_fds(). (See Debian #778970, LP #1423811; LP: #1437896) + + -- Martin Pitt Wed, 29 Apr 2015 17:13:41 +0200 + +systemd (219-7) experimental; urgency=medium + + [ Martin Pitt ] + * Make systemd-sysv's dependency to systemd unversioned. The package just + contains 6 symlinks and thus isn't sensitive at all against version + mismatches. This avoids running into circular dependencies when testing + local debs. + * Revert "udev: Drop hwdb-update dependency" and replace with upstream patch + which moves it to systemd-udev-trigger.service. + * display-managers autopkgtest: Properly wait until all jobs are finished. + * display-managers autopkgtest: Reset failed units between tests, to avoid + running into restart limits and for better test isolation. + * Enable timesyncd in virtual machines. (Closes: #762343) + + [ Adam Conrad ] + * debian/systemd.{triggers,postinst}: Trigger a systemctl daemon-reload + when init scripts are installed or removed (Closes: #766429) + + [ Didier Roche ] + * Squash all fsckd patches in one (as fsckd and such will be removed + soon upstream), containing various fixes from upstream git and refactor + the connection flow to upstream's suggestion. Modify the man pages to match + those modifications as well. Amongst others, this suppresses "Couldn't + connect to plymouth" errors if plymouth is not running. + (Closes: #782265, LP: #1429171) + * Keep plymouth localized messages in a separate patch for easier updates in + the future and refresh to latest upstream. + * display-managers autopkgtest: Use ExecStart=sleep instead of the actual + lightdm binary, to avoid errors from lightdm startup. Drop the now + unnecessary "needs-recommends" to speed up the test. + + -- Martin Pitt Fri, 10 Apr 2015 11:08:33 +0200 + +systemd (219-6) experimental; urgency=medium + + [ Martin Pitt ] + * Import patches from v219-stable branch (up to 85a6fab). + * boot-and-services autopkgtest: Add missing python3 test dependency. + * Make apparmor run before networking, to ensure that profiles apply to + e. g. dhclient (LP: #1438249): + - Rename networking.service.d/network-pre.conf to systemd.conf, and add + After=apparmor.service. + - ifup@.service: Add After=apparmor.service. + * udev: Drop hwdb-update dependency, which got introduced by the above + v219-stable branch. This causes udev and plymouth to start too late and + isn't really needed in Debian yet as we don't support stateless systems + yet and handle hwdb.bin updates through dpkg triggers. (LP: #1439301) + + [ Didier Roche ] + * Fix mount point detection on overlayfs and similar file systems without + name_to_handle_at() and st_dev support. (LP: #1411140) + + [ Christian Seiler ] + * Make the journald to syslog forwarding more robust by increasing the + maximum datagram queue length from 10 to 512. (Closes: #762700) + + [ Marco d'Itri ] + * Avoid writing duplicate entries in 70-persistent-net.rules by double + checking if the new udev rule has already been written for the given + interface. This happens if multiple add events are generated before the + write_net_rules script returns and udevd renames the interface. + (Closes: #765577) + + -- Martin Pitt Thu, 02 Apr 2015 09:14:48 +0200 + +systemd (219-5) experimental; urgency=medium + + [ Didier Roche ] + * Add "systemd-fsckd" autopkgtest. (LP: #1427312) + * cmdline-upstart-boot autopkgtest: Update to Ubuntu's upstart-sysv split + (test gets skipped on Debian while upstart-sysv does not yet exist there). + * Cherry-pick a couple of upstream commits for adding transient state, + fixing a race where mounts become available before the device being + available. + * Ensure PrivateTmp doesn't require tmpfs through tmp.mount, but rather adds + an After relationship. (Closes: #779902) + + [ Martin Pitt ] + * journald: Suppress expected cases of "Failed to set file attributes" + errors. (LP: #1427899) + * Add systemd-sysv.postinst: Update grub on first installation, so that the + alternative init system boot entries get updated. + * debian/tests: Call /tmp/autopkgtest-reboot, to work with autopkgtest >= + 3.11.1. + * Check for correct architecture identifiers for SuperH. (Closes: #779710) + * Fix tmpfiles.d to only apply the first match again (regression in 219). + (LP: #1428540) + * /lib/lsb/init-functions.d/40-systemd: Don't ignore systemd unit + dependencies in "degraded" mode. (LP: #1429734) + + [ Michael Biebl ] + * debian/udev.init: Recognize '!' flag with static device lists, to work + with kmod 20. (Closes: #780263) + + [ Craig Magina ] + * rules-ubuntu/71-power-switch-proliant.rules: Add support for HP ProLiant + m400 Server Cartridge soft powerdown on Linux 3.16. (LP: #1428811) + + [ Scott Wakeling ] + * Rework package description to be more accurate. (Closes: #740372) + + -- Martin Pitt Thu, 26 Mar 2015 16:31:04 +0100 + +systemd (219-4) experimental; urgency=medium + + * tmpfiles: Avoid creating duplicate ACL entries. Add postinst code to clean + them up on upgrade. (Closes: #778656) + * bootchart: Fix path to default init. (LP: #1423867) + * Add "bootchart" autopkgtest, to spot regressions like the above. + * autopkgtests: Factorize out "assert.sh" utility functions, and use them in + the tests for useful failure messages. + * Downgrade requirement for timedated, hostnamed, localed-locale, and + logind autopkgtests from machine to container isolation. + * boot-and-services and display-manager autopkgtest: Add systemd-sysv as + proper test dependency instead of apt-get installing it. This works now + also under Ubuntu 15.04. + * boot-and-services autopkgtest: Check cleanup of temporary files during + boot. Reproduces #779169. + * Clean up /tmp/ directory again. (Closes: #779169, LP: #1424992) + + -- Martin Pitt Fri, 27 Feb 2015 07:02:09 +0100 + +systemd (219-3) experimental; urgency=medium + + * sysv-generator: fix wrong "Overwriting existing symlink" warnings. + (Closes: #778700) + * Add systemd-fsckd multiplexer and feed its output to plymouth. This + provides an aggregate progress report of running file system checks and + also allows cancelling them with ^C, in both text mode and Plymouth. + (Closes: #775093, #758902; LP: #1316796) + * Revert "journald: allow restarting journald without losing stream + connections". This was a new feature in 219, but currently causes boot + failures due to logind and other services not starting up properly. + (Closes: #778970; LP: #1423811) + * Add "boot-smoke" autopkgtest: Test 20 successful reboots in a row, and + that there are no connection timeouts or stalled jobs. This reproduces the + above regression. + * debian/tests/localed-locale: Set up locale and keyboard default files on a + minimal unconfigured testbed. + * Add missing python3 test dependency to cmdline-upstart-boot and + display-managers autopkgtests. + * debian/tests/boot-and-services: Skip AppArmor test if AppArmor is not + enabled. + * debian/tests/boot-and-services: Reboot also if lightdm was just installed + but isn't running yet. + + -- Martin Pitt Mon, 23 Feb 2015 09:52:12 +0100 + +systemd (219-2) experimental; urgency=medium + + * Fix UTF-16 to UTF-8 conversion on big-endian machines. (Closes: #778654) + * Disable new new test-sigbus, it fails on some buildds due to too old + kernels. (part of #778654) + * debian/README.Debian, debian/systemd.postinst: Drop setfacl call for + /var/log/journal, this is now done automatically by tmpfiles.d/systemd.conf. + * Drop "acl" dependency, not necessary any more with the above. + * debian/tests/boot-and-services: Move to using /var/lib/machines/, + /var/lib/containers is deprecated. + + -- Martin Pitt Wed, 18 Feb 2015 15:29:42 +0100 + +systemd (219-1) experimental; urgency=medium + + [ Martin Pitt ] + * New upstream release: + - Fix spelling mistake in systemd.unit(5). (Closes: #773302) + - Fix timeouts with D-Bus, leading to SIGFPE. (Closes: #774012) + - Fix load/save of multiple rfkill states. (Closes: #759489) + - Non-persistent journal (/run/log/journal) is now readable by group adm. + (Closes: #771980) + - Read netdev user mount option to correctly order network mounts after + network.target. (Closes: #769186) + - Fix 60-keyboard.hwdb documentation and whitespace handling. + (Closes: #757367) + - Fix ThinkPad X1 Carbon 20BT trackpad buttons (LP: #1414930) + - Drop all backported patches and port the others to new upstream release. + * Bump libblkid-dev build dependency as per upstream configure.ac. + * debian/systemd.install: Add new language-fallback-map file. + * debian/udev.install: Add new systemd-hwdb tool. + * debian/libsystemd0.symbols: Add new symbols from this release. + * tmpfiles.d/systemd.conf: Drop "wheel" ACL (that group does not exist in + Debian) to make the ACL for "adm" actually work. + * debian/rules: Explicitly disable importd for now; it should still mature a + bit. Explicitly enable hwdb support. + * /lib/lsb/init-functions.d/40-systemd: Call systemctl is-system-running + with --quiet. (LP: #1421058) + * debian/systemd.postrm: Clean getty@tty1.service and remote-fs.target + enablement symlinks on purge. (Closes: #778499) + * Move all Debian specific units in the systemd package into + debian/extra/units/ and simplify debian/systemd.install. + * Enable timesyncd by default. Add a config drop-in to not start if ntp, + openntpd, or chrony is installed. (Closes: #755722) + * debian/systemd.links: Drop obsolete hwclockfirst.service mask link, this + was dropped in wheezy's util-linux already. + * debian/udev.postinst: Call systemd-hwdb instead of udevadm hwdb. + + [ Michael Biebl ] + * Stop removing firstboot man pages. They are now installed conditionally. + + -- Martin Pitt Tue, 17 Feb 2015 15:51:38 +0100 + +systemd (218-10) experimental; urgency=medium + + * Pull latest keymaps from upstream git. (LP: #1334968, #1409721) + * rules: Fix by-path of mmc RPMB partitions and don't blkid them. Avoids + kernel buffer I/O errors and timeouts. (LP: #1333140) + * Clean up stale mounts when ejecting CD drives with the hardware eject + button. (LP: #1168742) + * Document systemctl --failed option. (Closes: #767267) + * Quiesce confusing and irrelevant "failed to reset devices.list" warning. + (LP: #1413193) + * When booting with systemd-bootchart, default to run systemd rather than + /sbin/init (which might not be systemd). (LP: #1417059) + * boot-and-services autopkgtest: Add CgroupsTest to check cgroup + creation/cleanup behaviour. This reproduces #777601 and verifies the fix + for it. + + -- Martin Pitt Fri, 13 Feb 2015 12:25:06 +0100 + +systemd (218-9) experimental; urgency=medium + + [ Martin Pitt ] + * debian/tests/logind: With dropped systemd-logind-launch we don't have a + visible /sys/fs/cgroup/systemd/ any more under cgmanager. So adjust the + test to check /proc/self/cgroup instead. + * Add unit-config autopkgtest to check systemd unit/sysv init enabling and + disabling via systemctl. This also reproduces #777613. + * systemctl: Always install/enable/disable native units, even if there is a + corresponding SysV script and we call update-rc.d; while the latter + handles WantedBy=, it does not handle Alias=. (Closes: #777613) + * cgroup: Don't trim cgroup trees created by someone else, just the ones + that systemd itself created. This avoids cleaning up empty cgroups from + e.g. LXC. (Closes: #777601) + * Don't parse /etc/mtab for current mounts, but /proc/self/mountinfo. If the + former is a file, it's most likely outdated on boot, leading to race + conditions and unmounts during boot. (LP: #1419623) + + [ Michael Biebl ] + * Explicitly disable the features we don't want to build for those with + autodetection. This ensures reliable build results in dirty build + environments. + * Disable AppArmor support in the udeb build. + * core: Don't fail to run services in --user instances if $HOME is missing. + (Closes: #759320) + + [ Didier Roche ] + * default-display-manager-generator: Avoid unnecessary /dev/null symlink and + warning if there is no display-manager.service unit. + + -- Michael Biebl Thu, 12 Feb 2015 18:45:12 +0100 + +systemd (218-8) experimental; urgency=medium + + [ Martin Pitt ] + * boot-and-services autopkgtest: Ensure that there are no failed units, + except possibly systemd-modules-load.service (as that notoriously fails + with cruft in /etc/modules). + * Revert "input" system group creation in systemd.postinst from 218-7. It's + already done in udev.postinst. + * ifup@.service: Revert checking for existance of ifupdown config for that + interface, net.agent already does that. + * Drop Also-redirect-to-update-rc.d-when-not-using-.service.patch; not + necessary any more with the current version (mangle_names() already takes + care of this). + * Merge into Add-support-for-rcS.d-init-scripts-to-the-sysv-gener.patch: + - Do-not-order-rcS.d-services-after-local-fs.target-if.patch, as it + partially reverts the above, and is just fixing it. + - Map-rcS.d-init-script-dependencies-to-their-systemd-.patch as it's just + adding some missing functionality for the same purpose. + * Merge Run-update-rc.d-defaults-before-update-rc.d-enable-d.patch into + Make-systemctl-enable-disable-call-update-rc.d-for-s.patch as the former + is fixing the latter and is not an independent change. + * Drop Launch-logind-via-a-shell-wrapper.patch and systemd-logind-launch + wrapper. The only remaining thing that we need from it is to create + /run/systemd/, move that into the D-BUS service file directly. + * /lib/lsb/init-functions.d/40-systemd: Avoid deadlocks during bootup and + shutdown. DHCP/ifupdown and similar hooks which call "/etc/init.d/foo + reload" can easily cause deadlocks, since the synchronous wait plus + systemd's normal behaviour of transactionally processing all dependencies + first easily causes dependency loops. Thus during boot/shutdown operate + only on the unit and not on its dependencies, just like SysV behaves. + (Closes: #777115, LP: #1417010) + * Only start logind if dbus is installed. This fixes the noisy startup + failure in environments without dbus, such as LXC containers or servers. + (part of #772700) + * Add getty-static.service unit which starts getty@.service on tty 2 to 6 if + dbus is not installed, and hence logind cannot auto-start them on demand. + (Closes: #772700) + + [ Michael Biebl ] + * Update insserv-generator and map $x-display-manager to + display-manager.service, following the recent change in sysv-generator. + This avoids creating references to a no longer existing + x-display-manager.target unit. + + -- Martin Pitt Mon, 09 Feb 2015 18:07:22 +0100 + +systemd (218-7) experimental; urgency=medium + + [ Martin Pitt ] + * Don't attempt to mount the same swap partition twice through different + device node aliases. (Closes: #772182, LP: #1399595) + * logind: handle closing sessions over daemon restarts. (Closes: #759515, + LP: #1415104) + * logind: Fix sd_eviocrevoke ioctl call, to make forced input device release + after log out actually work. + * debian/rules: Drop obsolete --disable-multi-seat-x and + --with-firmware-path configure options. + * debian/udev.README.Debian: Trim the parts which are obsolete, wrong, or + described in manpages. Only keep the Debian specific bits. + (Part of #776546) + * Actually install udev's README.Debian when building for Debian. + (Closes: #776546) + * Create system group "input" which was introduced in 215. (LP: #1414409) + * ifup@.service: Don't fail if the interface is not configured in + /etc/network/interfaces at all. (LP: #1414426) + + [ Michael Biebl ] + * Update Vcs-Browser URL to use cgit and https. + * Map $x-display-manager LSB facility to display-manager.service instead of + making it a target. Using a target had the downside that multiple display + managers could hook into it at the same time which could lead to several + failed start attempts for the non-default display manager. + + -- Martin Pitt Sun, 01 Feb 2015 20:48:49 +0100 + +systemd (218-6) experimental; urgency=medium + + [ Martin Pitt ] + * initramfs hook: Install 61-persistent-storage-android.rules if it exists. + * Generate POT file during package build, for translators. + * Pull latest keymaps from upstream git. + * Order ifup@.service and networking.service after network-pre.target. + (Closes: #766938) + * Tone down "Network interface NamePolicy= disabled on kernel commandline, + ignoring" info message to debug, as we expect this while we disable + net.ifnames by default. (Closes: #762101, LP: #1411992) + + [ Michael Biebl ] + * Ship bash-completion for udevadm. (Closes: #776166) + * Drop rc-local generator in favor of statically enabling rc-local.service, + and drop halt-local.service which is unnecessary on Debian. + (Closes: #776170) + * Drop the obsolete libsystemd-* libraries, there are no reverse + dependencies left. + + -- Martin Pitt Mon, 26 Jan 2015 15:45:45 +0100 + +systemd (218-5) experimental; urgency=medium + + * Drop logger.agent. It hasn't been called from any udev rule for a long + time, and looks obsolete. + * debian/rules: Configure with --disable-firstboot to replace some manual + file removals. + * debian/rules: Remove manual file installation, move them to + debian/*.install. Move all Debian specific installed files to + debian/extra/. + * Merge some changes from the Ubuntu package to reduce the delta; these only + apply when building on/for Ubuntu: + - Add 40-hyperv-hotadd.rules: Workaround for LP: #1233466. + - Add 61-persistent-storage-android.rules to create persistent symlinks + for partitions with PARTNAME. By Ricardo Salveti. + - Add 71-power-switch-proliant.rules for supporting the power switches of + ProLiant Server Cartridges. By Dann Frazier. + - Add 78-graphics-card.rules: Mark KMS capable graphics devices as + PRIMARY_DEVICE_FOR_DISPLAY so that we can wait for those in plymouth. + By Scott James Remnant. + - Don't install the Debian *.agent scripts. Instead, have Ubuntu's + 80-networking.rules directly pull in ifup@.service, which is much easier + and more efficient. + * Make EPERM/EACCESS when applying OOM adjustment for forked processes + non-fatal. This happens in user namespaces like unprivileged LXC + containers. + * Fix assertion failure due to /dev/urandom being unmounted when shutting + down unprivileged containers. Thanks Stéphane Graber. + * Enable EFI support. This mostly auto-mounts /sys/firmware/efi/efivars, but + also provides a generator for auto-detecting the root and the /boot/efi + partition if they aren't in /etc/fstab. (Closes: #773533) + + -- Martin Pitt Thu, 22 Jan 2015 16:13:46 +0100 + +systemd (218-4) experimental; urgency=medium + + [ Michael Biebl ] + * sysv-generator: handle Provides: for non-virtual facility names. + (Closes: #774335) + * Fix systemd-remount-fs.service to not fail on remounting /usr if /usr + isn't mounted yet. This happens with initramfs-tools < 0.118 which we + might not get into Jessie any more. (Closes: #742048) + + [ Martin Pitt ] + * fstab-generator: Handle mountall's non-standard "nobootwait" and + "optional" options. ("bootwait" is already the systemd default behaviour, + and "showthrough" is irrelevant here, so both can be ignored). + * Add autopkgtest for one-time boot with upstart when systemd-sysv is + installed. This test only works under Ubuntu which has a split out + upstart-bin package, and will be skipped under Debian. + * debian/ifup@.service: Check if ifup succeeds by calling ifquery, to + work around ifup not failing on invalid interfaces (see #773539) + * debian/ifup@.service: Set proper service type (oneshot). + * sysv-generator: Handle .sh suffixes when translating Provides:. + (Closes: #775889) + * sysv-generator: Make real units overwrite symlinks generated by Provides: + from other units. Fixes failures due to presence of backup or old init.d + scripts. (Closes: #775404) + * Fix journal forwarding to syslog in containers without CAP_SYS_ADMIN. + (Closes: #775067) + * Re-enable AppArmor support, now that libapparmor1 moved to /lib. Add + versioned dependency as long as this is still only in experimental. + (Closes: #775331) + * Add some missing dpkg and ucf temp files to the "hidden file" filter, to + e. g. avoid creating units for them through the sysv-generator. + (Closes: #775903) + * Silence useless warning about /etc/localtime not being a symlink. This is + deliberate in Debian with /usr (possibly) being on a separate partition. + (LP: #1409594) + + [ Christian Kastner ] + * Use common-session-noninteractive in systemd-user's PAM config, instead of + common-session. The latter can include PAM modules like libpam-mount which + expect to be called just once and/or interactively, which already happens + for login, ssh, or the display-manager. Add pam_systemd.so explicitly, as + it's not included in -noninteractive, but is always required (and + idempotent). There is no net change on systemd which don't use manually + installed PAM modules. (Closes: #739676) + + [ Michael Biebl ] + * Make sure we run debian-fixup.service after /var has been mounted if /var + is on a separate partition. Otherwise we might end up creating the + /var/lock and /var/run symlink in the underlying root filesystem. + (Closes: #768644) + + -- Martin Pitt Wed, 21 Jan 2015 15:57:50 +0100 + +systemd (218-3) experimental; urgency=medium + + * build-logind autopkgtest: Re-enforce that sd_login_monitor_new() succeeds, + and restrict this test to isolation-container. (Reproduces LP #1400203) + * Bring back patch to make sd_login_monitor_new() work under other init + systems where /sys/fs/cgroup/systemd/machine does not exist. + (LP: #1400203) + * build-login autopkgtest: Build against libsystemd, not libsystemd-login + any more. + * Add debian/extra/systemd-vconsole-setup.service dependency shim for + the console-setup init script, to avoid breaking dependencies of + third-party packages. Install it for Ubuntu only for now, as in Debian + plymouth's unit got adjusted. (LP: #1392970, Debian #755194) + * Mark systemd{,-sysv} as M-A: foreign (thanks lintian). + * Quiesce maintainer-script-calls-systemctl lintian warning. + * Quiesce possibly-insecure-handling-of-tmp-files lintian warning, it's + wrong there (we are handling tmpfiles.d/ files which are not in a temp + dir). + * Use dh_installinit's --noscript instead of --no-start for the upstart + jobs without sysvinit scripts (thanks lintian). + * Put systemd.pc into arch specific pkgconfig dir, as it contains the arch + specific libdir value. + * Don't enable audit by default. It causes flooding of dmesg and syslog, + suppressing actually important messages. (Closes: #773528) + * Cherrypick various bug fixes in loopback device setup and netlink socket + communication. Fixes massive CPU usage due to tight retry loops in user + LXC containers. + + -- Martin Pitt Mon, 29 Dec 2014 14:55:35 +0100 + +systemd (218-2) experimental; urgency=medium + + * boot-and-services AppArmor autopkgtest: Stop checking the dmesg log; it is + racy as sometimes message bursts are suppressed. + * Fix crash in timedatectl with Etc/UTC. + * Prefer-etc-X11-default-display-manager-if-present.patch: Drop wrong + copy&paste'd comment, fix log strings. Thanks Adam D. Barratt. + * boot-and-services: Robustify Nspawn tests, and show systemd-nspawn output + on failure. + * Disable tests which fail on buildds, presumably due to too old kernels, + misconfigured /etc/hosts, and similar problems. Make failures of the test + suite fatal now. + + -- Martin Pitt Tue, 16 Dec 2014 08:24:38 +0100 + +systemd (218-1) experimental; urgency=medium + + * New upstream release. Drop all cherry-picked patches and port the Debian + specific ones. + - Create /etc/machine-id on boot if missing. (LP: #1387090) + * Add new libmount-dev build dependency. + * Configure with --enable-split-usr. + * Merge some permanent Ubuntu changes, using dpkg-vendor: + - Don't symlink udev doc directories. + - Add epoch to gudev packages; Ubuntu packaged the standalone gudev before + it got merged into udev. + - Add Apport hooks for udev and systemd. + * udev-fallback-graphics upstart job: Guard the modprobe with || true to + avoid a failure when vesafb is compiled in. (LP: #1367241) + + -- Martin Pitt Sun, 14 Dec 2014 13:58:39 +0100 + +systemd (217-4) experimental; urgency=medium + + [ Martin Pitt ] + * Reinstate a debian/extra/rules/50-firmware.rules which immediately tells + the kernel that userspace firmware loading failed. Otherwise it tries for a + minute to call the userspace helper (if CONFIG_FW_LOADER_USER_HELPER is + enabled) in vain, which causes long delays with devices which have a range + of possible firmware versions. (LP: #1398458) + * debian/systemd.postinst: Don't always restart journald, as this currently + can't be done without losing the current journal and breaking attached + processes. So only restart it from upgrades < 215-3 (where the socket + location got moved) as an one-time upgrade path from wheezy. + (Closes: #771122) + * Revert "Modify insserv generator to mask sysvinit-only display managers". + This is still under dispute, a bit risky, and might get a different + implementation. Also, nodm really needs to be fixed properly, working + around it is both too risky and also too hard to get right. + + [ Didier Roche ] + * Add display managers autopkgtests. + * Reset display-manager symlink to match /e/X/d-d-m even if + display-manager.service was removed. Adapt the autopkgtests for it. + (LP: #1400680) + + -- Martin Pitt Thu, 11 Dec 2014 18:06:54 +0200 + +systemd (217-3) experimental; urgency=medium + + [ Martin Pitt ] + * systemd.bug-script: Really capture stderr of systemd-delta. + (Closes: #771498) + * boot-and-services autopkgtest: Give test apparmor job some time to + actually finish. + + [ Didier Roche ] + * updated debian/patches/insserv.conf-generator.patch: + - if /etc/X11/default-display-manager doesn't match a systemd unit + (or doesn't exist), be less agressive about what to mask: we let + all sysvinit-only display-manager units enabled to fallback to previous + behavior and let them starting. (Closes: #771739) + + -- Martin Pitt Tue, 02 Dec 2014 16:53:36 +0100 + +systemd (217-2) experimental; urgency=medium + + * Re-enable journal forwarding to syslog, until Debian's sysloggers + can/do all read from the journal directly. + * Fix hostnamectl exit code on success. + * Fix "diff failed with error code 1" spew with systemd-delta. + (Closes: #771397) + * Re-enable systemd-resolved. This wasn't meant to break the entire + networkd, just disable the new NSS module. Remove that one manually + instead. (Closes: #771423, LP: #1397361) + * Import v217-stable patches (up to commit bfb4c47 from 2014-11-07). + * Disable AppArmor again. This first requires moving libapparmor to /lib + (see #771667). (Closes: #771652) + * systemd.bug-script: Capture stderr of systemd-{delta,analyze}. + (Closes: #771498) + + -- Martin Pitt Mon, 01 Dec 2014 15:09:09 +0100 + +systemd (217-1) experimental; urgency=medium + + [ Martin Pitt ] + * New upstream release. Drop all cherry-picked patches and port the Debian + specific ones. + * Disable systemd-resolved for now. It still needs to mature, and + integration into Debian should be discussed first. + * Bump util-linux dependency to >= 2.25 as per NEWS. + * Drop installation of 50-firmware.rules, not shipped upstream any more. + Firmware loading is now exclusively done by the kernel. + * Drop installation of readahead related services and code, readahead got + dropped in this version. + * Ship new networkctl CLI tool. + * debian/libsystemd0.symbols: Add new symbols from this release. + * debian/rules: Call dpkg-gensymbols with -c4 to immediately spot + changed/missing symbols during build. + * boot-and-services autopkgtest: Test AppArmor confined units (LP #1396270) + * Create new "systemd-journal-remote" system group, for + systemd-tmpfiles-setup.service. + + [ Marc Deslauriers ] + * Build-depend on libapparmor-dev to enable AppArmor support. (LP: #1396270) + + [ Didier Roche ] + * Handle display-manager transitions: (Closes: #748668) + - Add a generator to ensure /etc/X11/default-display-manager is controlling + which display-manager is started. + - Modify insserv generator to mask of sysvinit-only dms with insserv + $x-display-manager tag if they don't match + /etc/X11/default-display-manager. This avoids starting multiple dms at + boot. + * Cherry-pick Shared-add-readlink_value.patch as using that function in the + generator. + + -- Martin Pitt Fri, 28 Nov 2014 10:53:58 +0100 + +systemd (215-18) unstable; urgency=medium + + [ Michael Biebl ] + * manager: Pass correct errno to strerror(), have_ask_password contains + negative error values which have to be negated when being passed to + strerror(). + + [ Martin Pitt ] + * Revert upstream commit 743970d which immediately SIGKILLs units during + shutdown. This leads to problems like bash not being able to write its + history, mosh not saving its state, and similar failed cleanup actions. + (Closes: #784720, LP: #1448259) + * write_net_rules: Escape '{' and '}' characters as well, to make this work + with busybox grep. Thanks Faidon Liambotis! (Closes: #765577) + + -- Martin Pitt Thu, 21 May 2015 15:49:30 +0200 + +systemd (215-17) unstable; urgency=high + + * cryptsetup: Implement offset and skip options. (Closes: #751707, + LP: #953875) + + -- Martin Pitt Thu, 16 Apr 2015 10:26:46 -0500 + +systemd (215-16) unstable; urgency=medium + + [ Christian Seiler ] + * Don't run hwclock-save.service in containers. (Closes: #782377) + + [ Michael Biebl ] + * Do not print anything while passwords are being queried. This should make + password prompts without plymouth more usable. (Closes: #765013) + * Skip filesystem check if already done by the initramfs. (Closes: #782522) + + -- Michael Biebl Mon, 13 Apr 2015 19:42:32 +0200 + +systemd (215-15) unstable; urgency=medium + + [ Adam Conrad ] + * debian/systemd.{triggers,postinst}: Trigger a systemctl daemon-reload + when init scripts are installed or removed (Closes: #766429) + + [ Martin Pitt ] + * Fix getty restart loop when PTS device is gone. (Closes: #780711) + * Run timesyncd in virtual machines. (Closes: #762343) + * Make logind work in environments without CAP_SYS_ADMIN (mostly + containers). Thanks Christian Seiler for the backporting! + (Closes: #778608) + * Check for correct signatures when setting properties. Fixes systemd + getting stuck on trying to set invalid property types. (Closes: #781602) + + -- Martin Pitt Thu, 09 Apr 2015 10:12:37 +0200 + +systemd (215-14) unstable; urgency=medium + + [ Michael Biebl ] + * Map $x-display-manager LSB facility to display-manager.service instead of + making it a target. Using a target had the downside that multiple display + managers could hook into it at the same time which could lead to several + failed start attempts for the non-default display manager. + * Update insserv-generator and map $x-display-manager to + display-manager.service, following the recent change in sysv-generator. + This avoids creating references to a no longer existing + x-display-manager.target unit. + * Cherry-pick upstream fix to increase the SendBuffer of /dev/log to 8M. + + [ Martin Pitt ] + * scope: Make attachment of initial PIDs more robust. Fixes crash with + processes that get started by an init.d script with a different (aliased) + name when the cgroup becomes empty. (Closes: #781210) + * boot-and-services, display-managers autopkgtests: Add missing python3 test + dependency. + * Don't attempt to mount the same swap partition twice through different + device node aliases. (Closes: #772182, LP: #1399595) + + [ Christian Seiler ] + * Make the journald to syslog forwarding more robust by increasing the + maximum datagram queue length from 10 to 512. (Closes: #762700) + + [ Marco d'Itri ] + * Avoid writing duplicate entries in 70-persistent-net.rules by double + checking if the new udev rule has already been written for the given + interface. This happens if multiple add events are generated before the + write_net_rules script returns and udevd renames the interface. + (Closes: #765577) + + -- Michael Biebl Mon, 30 Mar 2015 13:26:52 +0200 + +systemd (215-13) unstable; urgency=medium + + [ Martin Pitt ] + * Add hwclock-save.service to sync the system clock to the hardware clock on + shutdown, to provide monotonic time for reboots. (Note: this is a hack for + jessie; the next Debian release will enable timesyncd by default). + (Closes: #755722) + * Check for correct architecture identifiers for SuperH. (Closes: #779710) + * networkd: Fix stopping v4 dhcpclient when the carrier is lost. Thanks + Christos Trochalakis! (Closes: #779571) + * Fix segfault with units that depend on themselves. (Closes: #780675) + * tmpfiles-setup-dev: Call tmpfiles with --boot to allow unsafe device + creation. Fixes creation of static device nodes with kmod 20. + (Closes: #780263) + + [ Christian Seiler ] + * core: Don't migrate PIDs for units that may contain subcgroups. + This stops messing up lxc/libvirt/other custom cgroup layouts after + daemon-reload. (Closes: #777164) + * sysv-generator: add support for /etc/insserv/overrides. (Closes: #759001) + + [ Michael Biebl ] + * debian/udev.init: Recognize '!' flag with static device lists, to work + with kmod 20. (Closes: #780263) + + [ Didier Roche ] + * Ensure PrivateTmp doesn't require tmpfs through tmp.mount, but rather adds + an After relationship. (Closes: #779902) + + -- Martin Pitt Thu, 26 Mar 2015 14:23:35 +0100 + +systemd (215-12) unstable; urgency=medium + + [ Martin Pitt ] + * debian/udev.README.Debian: Trim the parts which are obsolete, wrong, or + described in manpages. Only keep the Debian specific bits. + (Part of #776546) + * Actually install udev's README.Debian when building for Debian. + (Closes: #776546) + * Only start logind if dbus is installed. This fixes the noisy startup + failure in environments without dbus such as LXC containers or servers. + (part of #772700) + * Add getty-static.service unit which starts getty@.service on tty 2 to 6 if + dbus is not installed, and hence logind cannot auto-start them on demand. + (Closes: #772700) + * Add unit-config autopkgtest to check systemd unit/sysv init enabling and + disabling via systemctl. This avoids bugs like #777613 (did not affect + unstable). + * cgroup: Don't trim cgroup trees created by someone else, just the ones + that systemd itself created. This avoids cleaning up empty cgroups from + e.g. LXC. (Closes: #777601) + * boot-and-services autopkgtest: Add CgroupsTest to check cgroup + creation/cleanup behaviour. This reproduces #777601 and verifies the fix + for it. + * rules: Fix by-path of mmc RPMB partitions and don't blkid them. Avoids + kernel buffer I/O errors and timeouts. (LP: #1333140) + * Document systemctl --failed option. (Closes: #767267) + + [ Michael Biebl ] + * core: Don't fail to run services in --user instances if $HOME is missing. + (Closes: #759320) + + [ Didier Roche ] + * default-display-manager-generator: Avoid unnecessary /dev/null symlink and + warning if there is no display-manager.service unit. + + -- Martin Pitt Fri, 13 Feb 2015 12:08:31 +0100 + +systemd (215-11) unstable; urgency=medium + + [ Martin Pitt ] + * escape-beef-up-new-systemd-escape-tool.patch: Avoid creating a dangling + symlink, to work around regression in recent patch (see #776257). + * Order ifup@.service and networking.service after network-pre.target. + (Closes: #766938) + * Tone down "Network interface NamePolicy= disabled on kernel commandline, + ignoring" info message to debug, as we expect this while we disable + net.ifnames by default. (Closes: #762101, LP: #1411992) + * logind: handle closing sessions over daemon restarts. (Closes: #759515, + LP: #1415104) + * logind: Fix sd_eviocrevoke ioctl call, to make forced input device release + after log out actually work. + * debian/patches/series: Move upstreamed patches into the appropriate + section. + + [ Michael Biebl ] + * Make sure we run debian-fixup.service after /var has been mounted if /var + is on a separate partition. Otherwise we might end up creating the + /var/lock and /var/run symlink in the underlying root filesystem. + (Closes: #768644) + + -- Martin Pitt Thu, 29 Jan 2015 09:01:54 +0100 + +systemd (215-10) unstable; urgency=medium + + [ Martin Pitt ] + * sysv-generator: Handle .sh suffixes when translating Provides:. + (Closes: #775889) + * sysv-generator: Make real units overwrite symlinks generated by Provides: + from other units. Fixes failures due to presence of backup or old init.d + scripts. (Closes: #775404) + * Fix journal forwarding to syslog in containers without CAP_SYS_ADMIN. + (Closes: #775067) + + [ Christian Kastner ] + * Use common-session-noninteractive in systemd-user's PAM config, instead of + common-session. The latter can include PAM modules like libpam-mount which + expect to be called just once and/or interactively, which already happens + for login, ssh, or the display-manager. Add pam_systemd.so explicitly, as + it's not included in -noninteractive, but is always required (and + idempotent). There is no net change on systemd which don't use manually + installed PAM modules. (Closes: #739676) + + -- Martin Pitt Wed, 21 Jan 2015 13:18:05 +0100 + +systemd (215-9) unstable; urgency=medium + + [ Didier Roche ] + * Add display managers autopkgtests. + * Reset display-manager symlink to match /e/X/d-d-m even if + display-manager.service was removed. Adapt the autopkgtests for it. + + [ Martin Pitt ] + * Prefer-etc-X11-default-display-manager-if-present.patch: Drop wrong + copy&paste'd comment, fix log strings. Thanks Adam D. Barratt. + * Log all members of cyclic dependencies (loops) even with quiet on the + kernel cmdline. (Closes: #770504) + * Don't auto-clean PrivateTmp dir in /var/tmp; in Debian we don't want to + clean /var/tmp/ automatically. (Closes: #773313) + + [ Michael Biebl ] + * sysv-generator: handle Provides: for non-virtual facility names. + (Closes: #774335) + * Fix systemd-remount-fs.service to not fail on remounting /usr if /usr + isn't mounted yet. This happens with initramfs-tools < 0.118 which we + might not get into Jessie any more. (Closes: #742048) + + -- Martin Pitt Tue, 13 Jan 2015 11:24:43 +0100 + +systemd (215-8) unstable; urgency=medium + + [ Didier Roche ] + * Cherry-pick shared-add-readlink_value.patch, we will use that function in + the generator. + * Cherry-pick util-allow-strappenda-to-take-any-number-of-args.patch, we + will use that function in the generator. + * Handle multiple display managers which don't ship a systemd unit or the + corresponding postinst logic for updating display-manager.service: Add a + generator to ensure /etc/X11/default-display-manager is controlling which + display-manager is started. (Closes: #771287) + + [ Sjoerd Simons ] + * d/p/core-Fix-bind-error-message.patch: + + Added. Fix error message on bind failure to print the full path + * d/p/core-Make-binding-notify-private-dbus-socket-more-ro.patch: + + Added. Be more robust when binding private unix sockets (Based on current + upstream logic) (Closes: #761306) + + [ Martin Pitt ] + * Clean up ...journal~ files from unclean shutdowns. (Closes: #771707) + * debian/systemd.postinst: Don't always restart journald, as this currently + can't be done without losing the current journal and breaking attached + processes. So only restart it from upgrades < 215-3 (where the socket + location got moved) as an one-time upgrade path from wheezy. + (Closes: #771122) + * journalctl: Fix help text for --until. (Closes: #766598) + * Bump systemd's udev dependency to >= 208-8, so that on partial upgrades we + make sure that the udev package has appropriate Breaks:. In particular, + this avoids installing current udev with kmod << 14. (Closes: #771726) + + [ Michael Biebl ] + * systemd.postinst: Move unit enablement after restarting systemd, so that + we don't fail to enable units with keywords that wheezy's systemd does not + understand yet. Fixes enabling getty units on wheezy upgrades with + systemd. (Closes: #771204) + + -- Martin Pitt Fri, 05 Dec 2014 10:01:24 +0100 + +systemd (215-7) unstable; urgency=medium + + [ Martin Pitt ] + * Add myself to Uploaders. + * Add boot-and-services autopkgtest: Check booting with systemd-sysv and + that the most crucial services behave as expected. + * logind autopkgtest: Fix stderr output in waiting loop for scsi_debug. + * Add nspawn test to boot-and-services autopkgtest. + * Make systemd-nspawn@.service work out of the box: (Closes: #770275) + - Pre-create /var/lib/container with a secure mode (0700) via tmpfiles.d. + - Add new try-{guest,host} modes for --link-journal to silently skip + setting up the guest journal if the host has no persistent journal. + - Extend boot-and-services autopkgtest to cover systemd-nspawn@.service. + * Cherry-pick upstream patch to fix SELinux unit access check (regression + in 215). + * sysv-generator: Avoid wrong dependencies for failing units. Thanks to + Michael Biebl for the patch! (Closes: #771118) + * Cherry-pick patches to recognize and respect the "discard" mount option + for swap devices. Thanks to Aurelien Jarno for finding and testing! + (Closes: #769734) + + [ Jon Severinsson] + * Add /run/shm -> /dev/shm symlink in debian/tmpfiles.d/debian.conf. This + avoids breakage in Jessie for packages which still refer to /run/shm, and + while https://wiki.debian.org/ReleaseGoals/RunDirectory is still official. + (LP: #1320534, Closes: #674755). + + -- Martin Pitt Fri, 28 Nov 2014 06:43:15 +0100 + +systemd (215-6) unstable; urgency=medium + + [ Martin Pitt ] + * Cherry-pick upstream patch to fix udev crash in link_config_get(). + * Cherry-pick upstream patch to fix tests in limited schroot environments. + * Add d/p/Add-env-variable-for-machine-ID-path.patch: Allow specifying an + alternate /etc/machine-id location. This is necessary for running tests + as long as it isn't in our base images (see Debian #745876) + * Run tests during package build. For the first round don't make them fatal + for now (that will happen once we see results from all the architectures). + * Drop our Check-for-kmod-binary.patch as the upstream patch + units-conditionalize-static-device-node-logic-on-CAP.patch supersedes it. + * Drop Use-comment-systemd.-syntax-in-systemd.mount-man-pag.patch, as + our util-linux is now recent enough. Bump dependency to >= 2.21. + * Adjust timedated and hostnamed autopkgtests to current upstream version. + * Replace our Debian hwdb.bin location patch with what got committed + upstream. Run hwdb update with the new --usr option to keep current + behaviour. + * debian/README.Debian: Document how to debug boot or shutdown problems with + the debug shell. (Closes: #766039) + * Skip-99-systemd.rules-when-not-running-systemd-as-in.patch: Call path_id + under all init systems, to get consistent ID_PATH attributes. This is + required so that tools like systemd-rfkill can be used with SysVinit or + upstart scripts, too. (LP: #1387282) + * Switch libpam-systemd dependencies to prefer systemd-shim over + systemd-sysv, to implement the CTTE decision #746578. This is a no-op on + systems which already have systemd-sysv installed, but will prevent + installing that on upgrades. (Closes: #769747) + * Remove Tollef from Uploaders: as per his request. Thanks Tollef for all + you work! + * net.agent: Properly close stdout/err FDs, to avoid long hangs during udev + settle. Thanks to Ben Hutchings! (Closes: #754987) + * Bump Standards-Version to 3.9.6 (no changes necessary). + + [ Didier Roche ] + * debian/ifup@.service: add a ConditionPath on /run/network, to avoid + failing the unit if /etc/init.d/networking is disabled. (Closes: #769528) + + -- Martin Pitt Tue, 18 Nov 2014 12:37:22 +0100 + +systemd (215-5) unstable; urgency=medium + + [ Martin Pitt ] + * Unblacklist hyperv_fb again, it is needed for graphical support on Hyper-V + platforms. Thanks Andy Whitcroft! (LP: #1359933) + * Bump systemd-shim Depends/Breaks to 8-2 to ensure a lockstep upgrade. + (Closes: #761947) + + [ Sjoerd Simons ] + * d/p/sd-bus-Accept-no-sender-as-the-destination-field.patch + + Fix compatibility between systemctl v215 and v208. Resolves issue when + reloads of services is requested before systemd is re-execed + (Closes: #762146) + + [ Michael Biebl ] + * Don't overmount existing /run/user/ directories with a per-user tmpfs + on upgrades. (Closes: #762041) + * Re-enable mount propagation for udevd. This avoids that broken software + like laptop-mode-tools, which runs mount from within udev rules, causes + the root file system to end up read-only. (Closes: #762018) + + -- Michael Biebl Sat, 27 Sep 2014 17:49:47 +0200 + +systemd (215-4) unstable; urgency=medium + + * Upload to unstable. + + -- Michael Biebl Mon, 15 Sep 2014 17:38:30 +0200 + +systemd (215-3) experimental; urgency=medium + + [ Ben Howard ] + * 75-persistent-net-generator.rules: Fix matches of HyperV. (LP: #1361272) + + [ Martin Pitt ] + * 75-persistent-net-generator.rules: Add new MS Azure MAC prefix 00:25:ae. + (LP: #1367883) + + [ Michael Biebl ] + * Update upstream v215-stable patch series. + * The /dev/log socket and /dev/initctl FIFO have been moved to /run and + replaced by symlinks. Create the symlinks manually on upgrades as well. + (Closes: #761340) + * Fix incorrect paths in man pages. (LP: #1357782, Closes: #717491) + * Make systemd recommend dbus so it is installed on upgrades. The dbus + system bus is required to run systemd-logind and the autovt feature relies + on logind. (Closes: #758111) + * Bump dependency on systemd-shim to (>= 7-2) to ensure we have a version + which supports systemd >= 209. + * Rework bug-script to be more upfront about what kind of data is gathered + and ask the user for permission before attaching the information to the + bug report. (Closes: #756248) + + [ Sjoerd Simons ] + * d/p/buildsys-Don-t-default-to-gold-as-the-linker.patch + + Don't explicitly pick gold as the default linker. Fixes FTBFS on sparc + (Closes: #760879) + + -- Sjoerd Simons Sun, 14 Sep 2014 20:14:49 +0200 + +systemd (215-2) experimental; urgency=medium + + * debian/patches/always-check-for-__BYTE_ORDER-__BIG_ENDIAN-when-chec.patch + + Added. Fix checking of system endianness. Fixes FTBFS on powerpc + * debian/patches/timesyncd-when-we-don-t-know-anything-about-the-netw.patch: + + Let timesyncd go online even if networkd isn't running (from upstream + git) (Closes: #760087) + * debian/rules: add systemd-update-utmp-runlevel.service to + {poweroff, rescue, multi-user, graphical, reboot}.target.wants to trigger + the runlevel target to be loaded + + -- Sjoerd Simons Sun, 07 Sep 2014 23:46:02 +0200 + +systemd (215-1) experimental; urgency=medium + + * New upstream release. + * Import upstream v215-stable patch series. + * Rebase remaining Debian patches on top of v215-stable. + * Drop our Debian-specific run-user.mount unit as upstream now creates a + per-user tmpfs via logind. + * Don't rely on new mount from experimental for now and re-add the patch + which updates the documentation accordingly. + * Cherry-pick upstream fix to use correct versions for the new symbols that + were introduced in libudev. + * Update symbols files + - Add two new symbols for libudev1. + - Remove private symbol from libgudev-1.0-0. This symbol was never part of + the public API and not used anywhere so we don't need a soname bump. + * Cherry-pick upstream commit to not install busname units if kdbus support + is disabled. + * Make /run/lock tmpfs an API fs so it is available during early boot. + (Closes: #751392) + * Install new systemd-path and systemd-escape binaries. + * Cherry-pick upstream commit which fixes the references to the systemctl + man page. (Closes: #760613) + * Use the new systemd-escape utility to properly escape the network + interface name when starting an ifup@.service instance for hotplugged + network interfaces. Make sure a recent enough systemd version is installed + by bumping the versioned Breaks accordingly. (Closes: #747044) + * Order ifup@.service after networking.service so we don't need to setup the + runtime directory ourselves and we have a defined point during boot when + hotplugged network interfaces are started. + * Disable factory-reset feature and remove files associated with it. This + feature needs more integration work first before it can be enabled in + Debian. + * Cherry-pick upstream commit to fix ProtectSystem=full and make the + ProtectSystem= option consider /bin, /sbin, /lib and /lib64 (if it exists) + on Debian systems. (Closes: #759689) + * Use adduser in quiet mode when creating the system users/groups to avoid + warning messages about the missing home directories. Those are created + dynamically during runtime. (Closes: #759175) + * Set the gecos field when creating the system users. + * Add systemd-bus-proxy system user so systemd-bus-proxyd can properly drop + its privileges. + * Re-exec systemd and restart services at the end of postinst. + * Cherry-pick upstream commit for sd-journal to properly convert + object->size on big endian which fixes a crash in journalctl --list-boots. + (Closes: #758392) + + -- Michael Biebl Sun, 07 Sep 2014 09:58:48 +0200 + +systemd (214-1) experimental; urgency=medium + + * New upstream release v214. + (Closes: #750793, #749268, #747939) + + [ Jon Severinsson ] + * Import upstream v214-stable patch series. + - Rebase remaining Debian patches on top of v214-stable. + - Drop modifications to the now-removed built-in sysvinit support. + * Install the new combined libsystemd0 library, this library combines all + functionality of the various libsystemd-* libraries. + - Deprecate the old libsystemd-* libraries as they've been bundled into + libsystemd0. The old -dev files now just carry a transitional .pc file. + - Add new symbols file for libsystemd0. + * Update symbols file for libgudev-1.0-0. + * Remove pre-generated rules and unit files in debian/rules clean target. + * Add new systemd service users in systemd postinst (systemd-timesync, + systemd-network, systemd-resolve) + * Add new system group "input" used by udev rules in udev postinst. + * Try-restart networkd, resolved, and timesyncd after an upgrade. + * Do not force-enable default-on services on every upgrade. + * Add support for rcS.d init scripts to the sysv-generator. + - Do not order rcS.d services after local-fs.target if they do not + explicitly depend on $local_fs. + - Map rcS.d init script dependencies to their systemd equivalent. + - Special-case some dependencies for sysv init scripts for better + backwards compatibility. (Closes: #726027, #738965). + * Add systemd depends on new mount. (Closes: #754411) + * Update /run/initctl symlink target in debian/tmpfiles.d/debian.conf. + * Remove stored backlog state, rfkill state, random-seed and clock + information from /var/lib/systemd on systemd purge. + + [ Sjoerd Simons ] + * debian/patches/shared-include-stdbool.h-in-mkdir.h.patch + + Added. Include stdbool before using bool in function prototypes. Fixes + build of the insserv generator + * Add python-lxml to build-depends for python-systemd + * Turn on parallel build support + * Install the new busctl binary and translations + * Explicitly disable microhttp so the package build doesn't fail if the + required dependencies for it happen to be installed. + * debian/control: Make udev break plymouth (<< 0.9.0-7) as older plymouths + assume udev implementation details that have changed slightly since v213 + * debian/control: Remove b-d on librwap0-dev + * debian/control: Bump libkmod-dev b-d to >= 15 + * debian/rules: Drop outdated --enable-tcpwrap + * debian/rules: Explicitly turn off rfkill, networkd, timesyncd and resolved + for the udeb build + * debian/rules: Use the debian ntp pool as default ntp servers + * debian/rules: explicitely configure the maximum system uid/gids instead of + relying on autodetection + + -- Sjoerd Simons Sun, 24 Aug 2014 14:54:27 +0200 + +systemd (208-8) unstable; urgency=medium + + [ Martin Pitt ] + * Fix duplicate line in copyright. (Closes: #756899) + * Drop --disable-xattr configure option for udeb, does not exist any more. + * Add Turkish debconf translations. Thanks Mert Dirik! (Closes: #757498) + * Backport fix for lazy session-activation on non-seat0 seats. + (LP: #1355331) + + [ Michael Biebl ] + * Use "kmod static-nodes --output=/proc/self/fd/1" in make_static_nodes() as + we can't rely on /dev/stdout to exist at this point during boot. + (Closes: #757830) + * Fix udev SysV init script and d-i start script to not write to + /sys/kernel/uevent_helper unconditionally to not fail on a kernel with + CONFIG_UEVENT_HELPER unset. (Closes: #756312) + * Add Breaks: kmod (<< 14) to udev to make sure we have a kmod version + supporting the static-nodes command. + * Add Breaks: systemd (<< 208) to udev to avoid partial upgrades. Newer udev + versions rely on kmod-static-nodes.service being provided by systemd. + (Closes: #757777) + * Updated upstream v208-stable patch series to 53b1b6c. + * Cherry-pick upstream fix to ignore temporary dpkg files. (Closes: #757302) + * Make emergency.service conflict with rescue.service. + Otherwise if rescue mode is selected during boot and the emergency mode + is triggered (e.g. via a broken fstab entry), we have two sulogin + processes fighting over the tty. (Closes: #757072) + * Stop syslog.socket when entering emergency mode as otherwise every log + message triggers the start of the syslog service and its dependencies + which conflicts with emergency.target. (Closes: #755581) + + -- Michael Biebl Thu, 21 Aug 2014 00:14:21 +0200 + +systemd (208-7) unstable; urgency=medium + + [ Michael Biebl ] + * Mask remaining services provided by the initscripts package and document + in more detail why certain services have been masked. (Closes: #659264) + * Install zsh completions to the correct place. (Closes: #717540) + + [ Jon Severinsson ] + * Cherry-pick upstream fix for journal file permissions. (Closes: #755062) + * Map some rcS.d init script dependencies to their systemd equivalent. + * Update Depends on initscripts to the version with a systemd-compatible + mountnfs ifup hook. (Closes: #746358) + * Add Breaks on lvm2 versions without native systemd support. + (Closes: #678438, #692120) + * Do not fail udev upgrades if the udev service is already runtime-masked + when the preinst script is run. (Closes: #755746) + * Add Pre-Depends on systemd to systemd-sysv, to avoid risking that the + sysv-compatible symlinks become dangling on a partial install. + * Ensure that systemctl is usable right after being unpacked, by adding the + required Pre-Depends to systemd and libsystemd-daemon0. (Closes: #753589) + * Add support for TuxOnIce hibernation. (Closes: #746463) + + [ Martin Pitt ] + * Rename "api" autopkgtest to "build-login", and stop requiring that + sd_login_monitor_new() succeeds. It doesn't in many environments like + schroot or after upgrades from < 204, and the main point of the test is + to check that libsystemd-login-dev has correct contents and dependencies. + Drop "isolation-machine" requirement. + * Use glibc's xattr support instead of requiring libattr. Fixes FTBFS with + latest glibc and libattr. Cherrypicked from trunk. Drop libattr1-dev build + dependency. (Closes: #756097) + * Build python3-systemd for Python 3 bindings. Drop python-systemd; it does + not have any reverse dependencies, and we want to encourage moving to + Python 3. (LP: #1258089) + * Add simple autopkgtest for python3-systemd. + * Add dbus dependency to libpam-systemd. (Closes: #755968) + * Fix /dev/cdrom symlink to appear for all types of drives, not just for + pure CD-ROM ones. Also, fix the symlinks to stay after change events. + (LP: #1323777) + * 75-persistent-net-generator.rules: Adjust Ravello interfaces; they don't + violate the assignment schema, they should just not be persistent. + Thanks to Boris Figovsky. (Closes: #747475, LP: #1317776) + * Reinstate patches to make logind D-BUS activatable. + * Re-add systemd-shim alternative dependency to libpam-systemd. Version it + to ensure cgmanager support. (Closes: #754984, LP: #1343802) + * Convert udev-finish.upstart from a task to a job, to avoid hangs with + startpar. (Closes: #756631) + * Add debian/extra/60-keyboard.hwdb: Latest keymaps from upstream git. + This makes it trivial to backport keymap fixes to stable releases. + (Closes: #657809; LP: #1322770, #1339998) + * udev.init: Create static device nodes, as this moved out of udevd. + Thanks to Michael Biebl for the script! (Closes: #749021) + + -- Martin Pitt Wed, 06 Aug 2014 13:33:22 +0200 + +systemd (208-6) unstable; urgency=medium + + [ Jon Severinsson ] + * Add v208-stable patch series. + - Update Debian patches to apply on top of v208-stable. + - Move new manpages to libsystemd-*-dev as appropriate. + + [ Michael Biebl ] + * Upload to unstable. + + -- Michael Biebl Wed, 16 Jul 2014 00:44:15 +0200 + +systemd (208-5) experimental; urgency=medium + + * Merge changes from unstable branch. + + -- Michael Biebl Sat, 28 Jun 2014 13:41:32 +0200 + +systemd (208-4) experimental; urgency=medium + + * Merge changes from unstable branch. + * Drop alternative dependency on systemd-shim in libpam-systemd. The + systemd-shim package no longer provides an environment to run + systemd-logind standalone. See #752939 for further details. + + -- Michael Biebl Sat, 28 Jun 2014 01:22:11 +0200 + +systemd (208-3) experimental; urgency=medium + + * Merge changes from unstable branch. + + -- Michael Biebl Wed, 25 Jun 2014 11:29:07 +0200 + +systemd (208-2) experimental; urgency=medium + + [ Sjoerd Simons ] + * Don't stop a running user manager from garbage collecting the users. Fixes + long shutdown times when using a systemd user session + + [ Michael Stapelberg ] + * Fix bug-script: “systemctl dump” is now “systemd-analyze dump” + (Closes: #748311) + + [ Michael Biebl ] + * Merge changes from unstable branch. + * Cherry-pick upstream fixes to make sd_session_get_vt() actually work. + + -- Michael Biebl Tue, 24 Jun 2014 17:45:26 +0200 + +systemd (208-1) experimental; urgency=medium + + [ Michael Biebl ] + * New upstream release. (Closes: #729566) + * Update patches. + * Update symbols files for libsystemd-journal and libsystemd-login. + * Install new files and remove the ones we don't use. + * Install zsh completion files. (Closes: #717540) + * Create a compat symlink /etc/sysctl.d/99-sysctl.conf as systemd-sysctl no + longer reads /etc/sysctl.conf. + * Bump Build-Depends on kmod to (>= 14). + * Bump Build-Depends on libcryptsetup-dev to (>= 2:1.6.0) for tcrypt + support. + * Make kmod-static-nodes.service check for the kmod binary since we don't + want a hard dependency on kmod e.g. for container installations. + * Disable various features which aren't required for the udeb build. + * Move new sd_pid_get_slice and sd_session_get_vt man pages into + libsystemd-login-dev. + * Make no-patch-numbers the default for gbp-pq. + * Adjust systemd-user pam config file for Debian. + This pam config file is used by libpam-systemd/systemd-logind when + launching systemd user instances. + * Drop patches to make logind D-Bus activatable. The cgroup handling has + been reworked in v205 and logind no longer creates cgroup hierarchies on + its own. That means that the standalone logind is no longer functional + without support from systemd (or an equivalent cgroup manager). + + [ Martin Pitt ] + * Explain patch management in debian/README.source. + + -- Michael Biebl Mon, 28 Apr 2014 00:22:57 +0200 + +systemd (204-14) unstable; urgency=medium + + * Fix SIGABRT in insserv generator caused by incorrect usage of strcat(). + (Closes: #752992) + * Mark -dev packages as Multi-Arch: same. (Closes: #720017) + + -- Michael Biebl Sat, 28 Jun 2014 13:22:43 +0200 + +systemd (204-13) unstable; urgency=medium + + * Switch back to load the sg module via the kmod builtin. The problem was + not that the kmod builtin is faster then modprobe but rather the incorrect + usage of the "=" assignment operator. We need to use "+=" here, so the sg + module is loaded in addition to other scsi modules, which are loaded via + the modalias rule. Thanks to Tommaso Colombo for the analysis. + * Cherry-pick upstream fix which prevents systemd from entering an infinite + loop when trying to break an ordering cycle. (Closes: #752259) + * Update insserv generator to not create any drop-in files for services + where the corresponding SysV init script does not exist. + * Drop the check for /sys/kernel/uevent_helper from postinst and the SysV + init script and do not unconditionally overwrite it in the initramfs hook. + Since a long time now udev has been using the netlink interface to + communicate with the kernel and with Linux 3.16 it is possible to disable + CONFIG_UEVENT_HELPER completely. (Closes: #752742) + + -- Michael Biebl Sat, 28 Jun 2014 00:01:16 +0200 + +systemd (204-12) unstable; urgency=medium + + [ Martin Pitt ] + * Change the sg loading rule (for Debian #657948) back to using modprobe. + kmod is too fast and then sg races with sd, causing the latter to not see + SCSI disks. (Closes: #752591, #752605) + + [ Michael Biebl ] + * Update udev bug-script to attach instead of paste extra info if a new + enough reportbug version is available. + + -- Michael Biebl Wed, 25 Jun 2014 10:55:12 +0200 + +systemd (204-11) unstable; urgency=medium + + [ Martin Pitt ] + * Explain patch management in debian/README.source. (Closes: #739113) + * Replace "Always probe cpu support drivers" patch with cherry-picked + upstream fix which is more general. + * Advertise hibernation only if there's enough free swap. Patches backported + from current upstream. (LP: #1313522) + * Fix typo in sg loading rule to make it actually work. + + [ Michael Biebl ] + * Make no-patch-numbers the default for gbp-pq. + * Cherry-pick upstream fix to properly handle multiline syslog messages. + (Closes: #746351) + * Cherry-pick upstream fix for libudev which fixes a memleak in + parent_add_child(). + * Drop "-b debian" from Vcs-Git since we use the master branch for + packaging now. + * Drop Conflicts: sysvinit (<< 2.88dsf-44~) from systemd-sysv since this + breaks dist-upgrades from wheezy when switching from sysvinit to + systemd-sysv as default init. While downgrading the Pre-Depends in + sysvinit would have been an alternative, dropping the Conflicts and only + keeping the Replaces was deemed the lesser evil. (Closes: #748355) + * Use Conflicts instead of Breaks against sysvinit-core. This avoids + /sbin/init going missing when switching from systemd-sysv to sysvinit. + While at it, add a Replaces: upstart. (Closes: #751589) + * Make the SysV compat tools try both /run/initctl and /dev/initctl. This + makes them usable under sysvinit as PID 1 without requiring any symlinks. + * Various ifupdown integration fixes + - Use DefaultDependencies=no in ifup@.service so the service can be + started as early as possible. + - Create the ifupdown runtime directory in ifup@.service as we can no + longer rely on the networking service to do that for us. + - Don't stop ifup@.service on shutdown but let the networking service take + care of stopping all hotplugged interfaces. + - Only start ifup@.service for interfaces configured as allow-hotplug. + + [ Michael Stapelberg ] + * Clarify that “systemd” does not influence init whereas “systemd-sysv” does + (Closes: #747741) + + [ Ansgar Burchardt ] + * Don't use "set +e; set +u" unconditionally in the lsb init-functions hook + as this might change the behaviour of existing SysV init scripts. + (Closes: #751472) + + -- Michael Biebl Tue, 24 Jun 2014 17:03:43 +0200 + +systemd (204-10) unstable; urgency=medium + + * In the udeb's udev.startup, make sure that /dev/pts exists. + * systemd-logind-launch: Set the #files ulimit, for unprivileged LXC + containers. + * Drop udev.NEWS, it only applies to pre-squeeze. + * Remove /var/log/udev on purge. + * Always probe cpu support drivers. (LP #1207705) + * On Dell PowerEdge systems, the iDRAC7 and later support a USB Virtual NIC + for management. Name this interface "idrac" to avoid confusion with "real" + network interfaces. + * Drop numerical prefixes from patches, to avoid future diff noise when + removing, cherry-picking, and merging patches. From now on, always use + "gbp-pq export --no-patch-numbers" to update them. + + -- Martin Pitt Sun, 27 Apr 2014 11:53:52 +0200 + +systemd (204-9) unstable; urgency=medium + + * The "Flemish Beef and Beer Stew" release. + + [ Steve Langasek ] + * Do proper refcounting of the PAM module package on prerm, so that we + don't drop the module from the PAM config when uninstalling a + foreign-arch package. Related to Ubuntu bug #1295521. + + [ Martin Pitt ] + * debian/udev.udev-finish.upstart: Fix path to tmp-rules, + debian/extra/rule_generator.functions creates them in /run/udev/. + * rules: Remove the kernel-install bits; we don't want that in Debian and + thus it shouldn't appear in dh_install --list-missing output. + * Ship sd-shutdown.h in libsystemd-daemon-dev. + * Run dh_install with --fail-missing, to avoid forgetting files when we move + to new versions. + * Mount /dev/pts with the correct permissions in the udev, to avoid needing + pt_chown (not available on all architectures). Thanks Adam Conrad. + * Add new block of Windows Azure ethernet hardware address to + 75-persistent-net-generator.rules. (LP: #1274348, Closes: #739018) + * Drop our Debian specific 60-persistent-storage{,-tape}.rules and use the + upstream rules. They are compatible and do a superset of the + functionality. (Closes: #645466) + * Drop our Debian specific 80-drivers.rules and use the upstream rules with + a patch for the sg module (see #657948). These now stop calling modprobe + and use the kmod builtin, giving some nice boot speed improvement. + (Closes: #717404) + * Drop our Debian specific 50-udev-default.rules and 91-permissions.rules + and use the upstream rules with a patch for the remaining Debian specific + default device permissions. Many thanks to Marco d'Itri for researching + which Debian-specific rules are obsolete! Amongst other things, this now + also reads the hwdb info for USB devices (Closes: #717405) and gets rid of + some syntax errors (Closes: #706221) + * Set default polling interval on removable devices as well, for kernels + which have "block" built in instead of being a module. (Closes: #713877) + * Make sd_login_monitor_new() work for logind without systemd. + * Cherry-pick upstream fix for polkit permissions for rebooting with + multiple sessions. + * Kill /etc/udev/links.conf, create_static_nodes, and associated code. It's + obsolete with devtmpfs (which is required now), and doesn't run with + systemd or upstart anyway. + * Drop unnecessary udev.dirs. + * Add autopkgtests for smoke-testing logind, hostnamed, timedated, localed, + and a compile/link/run test against libsystemd-login-dev. + + [ Marco d'Itri ] + * preinst: check for all the system calls required by modern releases + of udev. (Closes: #648325) + * Updated fbdev-blacklist.conf for recent kernels. + * Do not blacklist viafb because it is required on the OLPC XO-1.5. + (Closes: #705792) + * Remove write_cd_rules and the associated rules which create "persistent" + symlinks for CD/DVD devices and replace them with more rules in + 60-cdrom_id, which will create symlinks for one at random among the + devices installed. Since the common case is having a single device + then everything will work out just fine most of the times... + (Closes: #655924) + * Fix write_net_rules for systemd and sysvinit users by copying the + temporary rules from /run/udev/ to /etc/udev/. (Closes: #735563) + * Do not install sysctl.d/50-default.conf because the systemd package + should not change kernel policies, at least until it will become + the only supported init system. + + [ Michael Stapelberg ] + * Add systemd-dbg package, thanks Daniel Schaal (Closes: #742724). + * Switch from gitpkg to git-buildpackage. Update README.source accordingly. + * Make libpam-systemd depend on systemd-sysv | systemd-shim. Packages that + need logind functionality should depend on libpam-systemd. + + [ Michael Biebl ] + * Do not send potentially private fstab information without prior user + confirmation. (Closes: #743158) + * Add support for LSB facilities defined by insserv. + Parse /etc/insserv.conf.d content and /etc/insserv.conf and generate + systemd unit drop-in files to add corresponding dependencies. Also ship + targets for the Debian specific $x-display-manager and + $mail-transport-agent system facilities. (Closes: #690892) + * Do not accidentally re-enable /var/tmp cleaning when migrating the TMPTIME + setting from /etc/default/rcS. Fix up existing broken configurations. + (Closes: #738862) + + -- Michael Biebl Sat, 26 Apr 2014 21:37:29 +0200 + +systemd (204-8) unstable; urgency=low + + [ Michael Stapelberg ] + * move manpages from systemd to libsystemd-*-dev as appropriate + (Closes: #738723) + * fix systemctl enable/disable/… error message “Failed to issue method call: + No such file or directory” (the previous upload did actually not contain + this fix due to a merge conflict) (Closes: #738843) + * add explicit “Depends: sysv-rc” so that initscript’s “Depends: sysv-rc | + file-rc” will not be satisfied with file-rc. We need the invoke-rc.d and + update-rc.d from sysv-rc, file-rc’s doesn’t have support for systemd. + (Closes: #739679) + * set capabilities cap_dac_override,cap_sys_ptrace=ep for + systemd-detect-virt, so that it works for unprivileged users. + (Closes: #739699) + * pam: Check $XDG_RUNTIME_DIR owner (Closes: #731300) + * Ignore chkconfig headers entirely, they are often broken in Debian + (Closes: #634472) + + [ Michael Biebl ] + * do a one-time migration of RAMTMP= from /etc/default/rcS and + /etc/default/tmpfs, i.e. enable tmp.mount (Closes: #738687) + * Bump Standards-Version to 3.9.5. + + -- Michael Biebl Wed, 19 Mar 2014 18:57:35 +0100 + +systemd (204-7) unstable; urgency=low + + * fix systemctl enable/disable/… error message “Failed to issue method call: + No such file or directory” (Closes: #734809) + * bug-script: attach instead of paste extra info with reportbug ≥ 6.5.0 + (Closes: #722530) + * add stage1 bootstrap support to avoid Build-Depends cycles (Thanks Daniel + Schepler) + * cherry-pick: + order remote mounts from mountinfo before remote-fs.target (77009452cfd) + (Closes: #719945) + Fix CPUShares configuration option (ccd90a976dba) (Closes: #737156) + fix reference in systemd-inhibit(1) (07b4b9b) (Closes: #738316) + + -- Michael Stapelberg Tue, 11 Feb 2014 23:34:42 +0100 + +systemd (204-6) unstable; urgency=low + + [ Michael Stapelberg ] + * Run update-rc.d defaults before update-rc.d + (Closes: #722523) + * preinst: preserve var-{lock,run}.mount when upgrading from 44 to 204 + (Closes: #723936) + * fstab-generator: don’t rely on /usr being mounted in the initrd + (Closes: #724797) + * systemctl: mangle names when avoiding dbus (Closes: #723855) + * allow group adm read access on /var/log/journal (Closes: #717386) + * add systemd-journal group (Thanks Guido Günther) (Closes: #724668) + * copy /etc/localtime instead of symlinking (Closes: #726256) + * don’t try to start autovt units when not running with systemd as pid 1 + (Closes: #726466) + * Add breaks/replaces for the new sysvinit-core package (Thanks Alf Gaida) + (Closes: #733240) + * Add myself to uploaders + + [ Tollef Fog Heen ] + * Make 99-systemd.rules check for /run/systemd/systemd instead of the + ill-named cgroups directory. + + [ Martin Pitt ] + * debian/udev.upstart: Fix path to udevd, the /sbin/udevd compat symlink + should go away at some point. + * debian/udev-udeb.install: Add 64-btrfs.rules and 75-probe_mtd.rules, they + are potentially useful in a d-i environment. + * debian/shlibs.local: Drop libudev; this unnecessarily generates overly + strict dependencies, the libudev ABI is stable. + * debian/extra/rules/75-persistent-net-generator.rules: Add Ravello systems + (LP: #1099278) + + -- Michael Stapelberg Tue, 31 Dec 2013 14:39:44 +0100 + +systemd (204-5) unstable; urgency=high + + * Cherry-pick 72fd713 from upstream which fixes insecure calling of polkit + by avoiding a race condition in scraping /proc (CVE-2013-4327). + Closes: #723713 + + -- Michael Biebl Mon, 23 Sep 2013 11:59:53 +0200 + +systemd (204-4) unstable; urgency=low + + * Add preinst check to abort udev upgrade if the currently running kernel + lacks devtmpfs support. Since udev 176, devtmpfs is mandatory as udev no + longer creates any device nodes itself. This only affects self-compiled + kernels which now need CONFIG_DEVTMPFS=y. Closes: #722580 + * Fix SysV init script to correctly mount a devtmpfs instead of tmpfs. This + only affects users without an initramfs, which usually is responsible for + mounting the devtmpfs. Closes: #722604 + * Drop pre-squeeze upgrade code from maintainer scripts and simplify the + various upgrade checks. + * Suppress errors about unknown hwdb builtin. udev 196 introduced a new + "hwdb" builtin which is not understood by the old udev daemon. + * Add missing udeb line to shlibs.local. This ensures that udev-udeb gets a + proper dependency on libudev1-udeb and not libudev1. Closes: #722939 + * Remove udev-udeb dependency from libudev1-udeb to avoid a circular + dependency between the two packages. This dependency was copied over from + the old udev-gtk-udeb package and no longer makes any sense since + libudev1-udeb only contains a library nowadays. + + -- Michael Biebl Wed, 18 Sep 2013 00:05:21 +0200 + +systemd (204-3) unstable; urgency=low + + [ Michael Biebl ] + * Upload to unstable. + * Use /bin/bash in debug-shell.service as Debian doesn't have /sbin/sushell. + * Only import net.ifaces cmdline property for network devices. + * Generate strict dependencies between the binary packages using a + shlibs.local file and add an explicit versioned dependency on + libsystemd-login0 to systemd to ensure packages are upgraded in sync. + Closes: #719444 + * Drop obsolete Replaces: libudev0 from udev package. + * Use correct paths for various binaries, like /sbin/quotaon, which are + installed in / and not /usr in Debian. Closes: #721347 + * Don't install kernel-install(8) man page since we don't install the + corresponding binary either. Closes: #722180 + * Cherry-pick upstream fixes to make switching runlevels and starting + reboot via ctrl-alt-del more robust. + * Cherry-pick upstream fix to properly apply ACLs to Journal files. + Closes: #717863 + + [ Michael Stapelberg ] + * Make systemctl enable|disable call update-rc.d for SysV init scripts. + Closes: #709780 + * Don't mount /tmp as tmpfs by default and make it possible to enable this + feature via "systemctl enable tmp.mount". Closes: #718906 + + [ Daniel Schaal ] + * Add bug-script to systemd and udev. Closes: #711245 + + [ Ondrej Balaz ] + * Recognize discard option in /etc/crypttab. Closes: #719167 + + -- Michael Biebl Thu, 12 Sep 2013 00:13:11 +0200 + +systemd (204-2) experimental; urgency=low + + [ Daniel Schaal ] + * Enable verbose build logs. Closes: #717465 + * Add handling of Message Catalog files to provide additional information + for log entries. Closes: #717427 + * Remove leftover symlink to debian-enable-units.service. Closes: #717349 + + [ Michael Stapelberg ] + * Install 50-firmware.rules in the initramfs and udeb. Closes: #717635 + + [ Michael Biebl ] + * Don't pass static start priorities to dh_installinit anymore. + * Switch the hwdb trigger to interest-noawait. + * Remove obsolete support for configurable udev root from initramfs. + * Bind ifup@.service to the network device. This ensures that ifdown is run + when the device is removed and the service is stopped. + Closes: #660861, #703033 + * Bump Standards-Version to 3.9.4. No further changes. + * Add Breaks against consolekit (<< 0.4.6-1) for udev-acl. Closes: #717385 + * Make all packages Priority: optional, with the exception of udev and + libudev1, which remain Priority: important, and systemd-sysv, which + remains Priority: extra due to the conflict with sysvinit. + Closes: #717365 + * Restart systemd-logind.service on upgrades due to changes in the + CreateSession D-Bus API between v44 and v204. Closes: #717403 + + -- Michael Biebl Wed, 24 Jul 2013 23:47:59 +0200 + +systemd (204-1) experimental; urgency=low + + * New upstream release. Closes: #675175, #675177 + - In v183 the udev sources have been merged into the systemd source tree. + As a result, the udev binary packages will now be built from the systemd + source package. To align the version numbers 139 releases were skipped. + - For a complete list of changes, please refer to the NEWS file. + * Add Marco to Uploaders. + * Drop Suggests on the various python packages from systemd. The + systemd-analyze tool has been reimplemented in C. + * Add binary packages as found in the udev 175-7.2 source package. + * Wrap dependencies for better readability. + * Drop hard-coded Depends on libglib2.0-0 from gir1.2-gudev-1.0. + * Drop old Conflicts, Replaces and Breaks, which are no longer necessary. + * Make libgudev-1.0-dev depend on gir1.2-gudev-1.0 as per GObject + introspection mini-policy. Closes: #691313 + * The hwdb builtin has replaced pci-db and usb-db in udev. Drop the + Recommends on pciutils and usbutils accordingly. + * Drop our faketime hack. Upstream uses a custom xsl style sheet now to + generate the man pages which no longer embeds the build date. + * Add Depends on libpam-runtime (>= 1.0.1-6) to libpam-systemd as we are + using pam-auth-update. + * Explicitly set Section and Priority for the udev binary package. + * Update Build-Depends: + - Drop libudev-dev, no longer required. + - Add gtk-doc-tools and libglib2.0-doc for the API documentation in + libudev and libgudev. + - Add libgirepository1.0-dev and gobject-introspection for GObject + introspection support in libgudev. + - Add libgcrypt11-dev for encryption support in the journal. + - Add libblkid-dev for the blkid udev builtin. + * Use gir dh addon to ensure ${gir:Depends} is properly set. + * Rename libudev0 → libudev1 for the SONAME bump. + * Update symbols files. libudev now uses symbols versioning as the other + libsystemd libraries. The libgudev-1.0-0 symbols file has been copied from + the old udev package. + * Run gtkdocize on autoreconf. + * Enable python bindings for the systemd libraries and ship them in a new + package named python-systemd. + * Tighten Depends on libsystemd-id128-dev for libsystemd-journal-dev as per + libsystemd-journal.pc. + * Remove obsolete bash-completion scripts on upgrades. Nowadays they are + installed in /usr/share/bash-completion/completions. + * Rename conffiles for logind and journald. + * Rename udev-gtk-udeb → libudev1-udeb to better reflect its actual contents. + * Build two flavours: a regular build and one for the udev udebs with + reduced features/dependencies. + * Create a few compat symlinks for the udev package, most notably + /sbin/udevadm and /sbin/udevd. + * Remove the dpkg-triggered debian-enable-units script. This was a temporary + workaround for wheezy. Packages should use dh-systemd now to properly + integrate service files with systemd. + * Update debian/copyright using the machine-readable copyright format 1.0. + * Integrate changes from udev 175-7 and acknowledge the 175-7.1 and 175-7.2 + non-maintainer uploads. + * Keep the old persistent network interface naming scheme for now and make + the new one opt-in via net.ifnames=1 on the kernel command line. + * Drop the obsolete udev-mtab SysV init script and properly clean up on + upgrades. + * Simplify the udev SysV init script and remove experimental and obsolete + features. + * Revert upstream commits which dropped support for distro specific + features and config files. + * Make logind, hostnamed, localed and timedated D-Bus activatable and + usable when systemd is not running. + * Store hwdb binary database in /lib/udev, not /etc/udev. Create the file on + install and upgrades. + * Provide a dpkg file trigger for hwdb, so the database is automatically + updated when packages install files into /lib/udev/hwdb.d. + + -- Michael Biebl Fri, 19 Jul 2013 00:32:36 +0200 + +systemd (44-12) unstable; urgency=low + + * Cherry-pick e17187 from upstream to fix build failures with newer glibc + where the clock_* symbols have been moved from librt to libc. + Closes: #701364 + * If the new init-system-helpers package is installed, make the + debian-enable-units script a no-op. The auto-enabler was meant as a + temporary workaround and will be removed once all packages use the new + helper. + * Update the checks which test if systemd is the active init. The + recommended check is [ -d /run/systemd/system ] as this will also work + with a standalone systemd-logind. + * Set Maintainer to pkg-systemd-maintainers@lists.alioth.debian.org. Add + Tollef and myself as Uploaders. + * Stop building the GUI bits. They have been split into a separate source + package called systemd-ui. + + -- Michael Biebl Thu, 20 Jun 2013 01:32:16 +0200 + +systemd (44-11) unstable; urgency=low + + * Team upload. + * Run debian-enable-units.service after sysinit.target to ensure our tmp + files aren't nuked by systemd-tmpfiles. + * The mountoverflowtmp SysV init script no longer exists so remove that + from remount-rootfs.service to avoid an unnecessary diff to upstream. + * Do not fail on purge if /var/lib/systemd is empty and has been removed + by dpkg. + + -- Michael Biebl Wed, 13 Mar 2013 08:03:06 +0100 + +systemd (44-10) unstable; urgency=low + + * Team upload. + * Using the return code of "systemctl is-enabled" to determine whether we + enable a service or not is unreliable since it also returns a non-zero + exit code for masked services. As we don't want to enable masked services, + grep for the string "disabled" instead. + + -- Michael Biebl Fri, 15 Feb 2013 17:01:24 +0100 + +systemd (44-9) unstable; urgency=low + + * Team upload. + * Fix typo in systemd.socket man page. Closes: #700038 + * Use color specification in "systemctl dot" which is actually + understood by dot. Closes: #643689 + * Fix mounting of remote filesystems like NFS. Closes: #673309 + * Use a file trigger to automatically enable service and socket units. A lot + of packages simply install systemd units but do not enable them. As a + result they will be inactive after the next boot. This is a workaround for + wheezy which will be removed again in jessie. Closes: #692150 + + -- Michael Biebl Fri, 15 Feb 2013 13:35:39 +0100 + +systemd (44-8) unstable; urgency=low + + * Team upload. + * Use comment=systemd.* syntax in systemd.mount man page. The + mount/util-linux version in wheezy is not recent enough to support the new + x-systemd* syntax. Closes: #697141 + * Don't enable persistent storage of journal log files. The journal in v44 + is not yet mature enough. + + -- Michael Biebl Sat, 19 Jan 2013 20:05:05 +0100 + +systemd (44-7) unstable; urgency=low + + * Fix a regression in the init-functions hook wrt reload handling that was + introduced when dropping the X-Interactive hack. Closes: #696355 + + -- Michael Biebl Fri, 21 Dec 2012 00:00:12 +0100 + +systemd (44-6) unstable; urgency=low + + [ Michael Biebl ] + * No longer ship the /sys directory in the systemd package since it is + provided by base-files nowadays. + * Don't run udev rules if systemd is not active. + * Converting /var/run, /var/lock and /etc/mtab to symlinks is a one-time + migration so don't run the debian-fixup script on every boot. + + [ Tollef Fog Heen ] + * Prevent the systemd package from being removed if it's the active init + system, since that doesn't work. + + [ Michael Biebl ] + * Use a separate tmpfs for /run/lock (size 5M) and /run/user (size 100M). + Those directories are user-writable which could lead to DoS by filling up + /run. Closes: #635131 + + -- Michael Biebl Sun, 16 Dec 2012 21:58:37 +0100 + +systemd (44-5) unstable; urgency=low + + * Team upload. + + [ Tollef Fog Heen ] + * disable killing on entering START_PRE, START, thanks to Michael + Stapelberg for patch. This avoids killing VMs run through libvirt + when restarting libvirtd. Closes: #688635. + * Avoid reloading services when shutting down, since that won't work and + makes no sense. Thanks to Michael Stapelberg for the patch. + Closes: #635777. + * Try to determine which init scripts support the reload action + heuristically. Closes: #686115, #650382. + + [ Michael Biebl ] + * Update Vcs-* fields, the Git repository is hosted on alioth now. Set the + default branch to "debian". + * Avoid reload and (re)start requests during early boot which can lead to + deadlocks. Closes: #624599 + * Make systemd-cgroup work even if not all cgroup mounts are available on + startup. Closes: #690916 + * Fix typos in the systemd.path and systemd.unit man page. Closes: #668344 + * Add watch file to track new upstream releases. + + -- Michael Biebl Thu, 25 Oct 2012 21:41:23 +0200 + +systemd (44-4) unstable; urgency=low + + [ Michael Biebl ] + * Override timestamp for man page building, thereby avoiding skew + between architectures which caused problems for multi-arch. + Closes: #680011 + + [ Tollef Fog Heen ] + * Move diversion removal from postinst to preinst. Closes: #679728 + * Prevent the journal from crashing when running out of disk space. + This is 499fb21 from upstream. Closes: #668047. + * Stop mounting a tmpfs on /media. Closes: #665943 + + -- Tollef Fog Heen Sun, 01 Jul 2012 08:17:50 +0200 + +systemd (44-3) unstable; urgency=low + + [ Michael Biebl ] + * Bump to debhelper 9. + * Convert to Multi-Arch: same where possible. Closes: #676615 + + [ Tollef Fog Heen ] + * Cherry-pick d384c7 from upstream to stop journald from leaking + memory. Thanks to Andreas Henriksson for testing. Closes: #677701 + * Ship lsb init script override/integration in /lib/lsb/init-functions.d + rather than diverting /lib/lsb/init-functions itself. Add appropriate + Breaks to ensure upgrades happen. + + -- Tollef Fog Heen Fri, 29 Jun 2012 22:34:16 +0200 + +systemd (44-2) unstable; urgency=low + + [ Michael Biebl ] + * Tighten the versions in the maintscript file + * Ship the /sys directory in the package + * Re-add workaround for non-interactive PAM sessions + * Mask checkroot-bootclean (Closes: #670591) + * Don't ignore errores in systemd-sysv postinst + + [ Tollef Fog Heen ] + * Bring tmpfiles.d/tmp.conf in line with Debian defaults. Closes: #675422 + * Make sure /run/sensigs.omit.d exists. + * Add python-dbus and python-cairo to Suggests, for systemd-analyze. + Closes: #672965 + + -- Tollef Fog Heen Tue, 08 May 2012 18:04:22 +0200 + +systemd (44-1) unstable; urgency=low + + [ Tollef Fog Heen ] + * New upstream version. + - Backport 3492207: journal: PAGE_SIZE is not known on ppc and other + archs + - Backport 5a2a2a1: journal: react with immediate rotation to a couple + of more errors + - Backport 693ce21: util: never follow symlinks in rm_rf_children() + Fixes CVE-2012-1174, closes: #664364 + * Drop output message from init-functions hook, it's pointless. + * Only rmdir /lib/init/rw if it exists. + * Explicitly order debian-fixup before sysinit.target to prevent a + possible race condition with the creation of sockets. Thanks to + Michael Biebl for debugging this. + * Always restart the initctl socket on upgrades, to mask sysvinit + removing it. + + [ Michael Biebl ] + * Remove workaround for non-interactive sessions from pam config again. + * Create compat /dev/initctl symlink in case we are upgrading from a system + running a newer version of sysvinit (using /run/initctl) and sysvinit is + replaced with systemd-sysv during the upgrade. Closes: #663219 + * Install new man pages. + * Build-Depend on valac (>= 0.12) instead of valac-0.12. Closes: #663323 + + -- Tollef Fog Heen Tue, 03 Apr 2012 19:59:17 +0200 + +systemd (43-1) experimental; urgency=low + + [ Tollef Fog Heen ] + * Target upload at experimental due to libkmod dependency + * New upstream release + - Update bash-completion for new verbs and arguments. Closes: #650739 + - Fixes local DoS (CVE-2012-1101). Closes: #662029 + - No longer complains if the kernel lacks audit support. Closes: #642503 + * Fix up git-to-source package conversion script which makes gitpkg + happier. + * Add libkmod-dev to build-depends + * Add symlink from /bin/systemd to /lib/systemd/systemd. + * Add --with-distro=debian to configure flags, due to no /etc/os-release + yet. + * Add new symbols for libsystemd-login0 to symbols file. + * Install a tmpfiles.d file for the /dev/initctl → /run/initctl + migration. Closes: #657979 + * Disable coredump handling, it's not ready yet. + * If /run is a symlink, don't try to do the /var/run → /run migration. + Ditto for /var/lock → /run/lock. Closes: #647495 + + [ Michael Biebl ] + * Add Build-Depends on liblzma-dev for journal log compression. + * Add Build-Depends on libgee-dev, required to build systemadm. + * Bump Standards-Version to 3.9.2. No further changes. + * Add versioned Build-Depends on automake and autoconf to ensure we have + recent enough versions. Closes: #657284 + * Add packages for libsystemd-journal and libsystemd-id128. + * Update symbols file for libsystemd-login. + * Update configure flags, use rootprefix instead of rootdir. + * Copy intltool files instead of symlinking them. + * Re-indent init-functions script. + * Remove workarounds for services using X-Interactive. The LSB X-Interactive + support turned out to be broken and has been removed upstream so we no + longer need any special handling for those type of services. + * Install new systemd-journalctl, systemd-cat and systemd-cgtop binaries. + * Install /var/lib/systemd directory. + * Install /var/log/journal directory where the journal files are stored + persistently. + * Setup systemd-journald to not read from /proc/kmsg (ImportKernel=no). + * Avoid error messages from systemctl in postinst if systemd is not running + by checking for /sys/fs/cgroup/systemd before executing systemctl. + Closes: #642749 + * Stop installing lib-init-rw (auto)mount units and try to cleanup + /lib/init/rw in postinst. Bump dependency on initscripts accordingly. + Closes: #643699 + * Disable pam_systemd for non-interactive sessions to work around an issue + with sudo. + * Use new dh_installdeb maintscript facility to handle obsolete conffiles. + Bump Build-Depends on debhelper accordingly. + * Rename bash completion file systemctl-bash-completion.sh → + systemd-bash-completion.sh. + * Update /sbin/init symlink. The systemd binary was moved to $pkglibdir. + + -- Tollef Fog Heen Tue, 07 Feb 2012 21:36:34 +0100 + +systemd (37-1.1) unstable; urgency=low + + * Non-maintainer upload with Tollef's consent. + * Remove --parallel to workaround a bug in automake 1.11.3 which doesn't + generate parallel-safe build rules. Closes: #661842 + * Create a compat symlink /run/initctl → /dev/initctl to work with newer + versions of sysvinit. Closes: #657979 + + -- Michael Biebl Sat, 03 Mar 2012 17:42:10 +0100 + +systemd (37-1) unstable; urgency=low + + [ Tollef Fog Heen ] + * New upstream version + * Change the type of the debian-fixup service to oneshot. + Closes: #642961 + * Add ConditionPathIsDirectory to lib-init-rw.automount and + lib-init-rw.mount so we only activate the unit if the directory + exists. Closes: #633059 + * If a sysv service exists in both rcS and rcN.d runlevels, drop the + rcN.d ones to avoid loops. Closes: #637037 + * Blacklist fuse init script, we do the same work already internally. + Closes: #643700 + * Update README.Debian slightly for /run rather than /lib/init/rw + + [ Josh Triplett ] + * Do a one-time migration of the $TMPTIME setting from /etc/default/rcS to + /etc/tmpfiles.d/tmp.conf. If /etc/default/rcS has a TMPTIME setting of + "infinite" or equivalent, migrate it to an /etc/tmpfiles.d/tmp.conf that + overrides the default /usr/lib/tmpfiles.d/tmp.conf and avoids clearing + /tmp. Closes: #643698 + + -- Tollef Fog Heen Wed, 28 Sep 2011 20:04:13 +0200 + +systemd (36-1) unstable; urgency=low + + [ Tollef Fog Heen ] + * New upstream release. Closes: #634618 + - Various man page fixes. Closes: #623521 + * Add debian-fixup service that symlinks mtab to /proc/mounts and + migrates /var/run and /var/lock to symlinks to /run + + [ Michael Biebl ] + * Build for libnotify 0.7. + * Bump Build-Depends on libudev to (>= 172). + * Add Build-Depends on libacl1-dev. Required for building systemd-logind + with ACL support. + * Split libsystemd-login and libsystemd-daemon into separate binary + packages. + * As autoreconf doesn't like intltool, override dh_autoreconf and call + intltoolize and autoreconf ourselves. + * Add Build-Depends on intltool. + * Do a one-time migration of the hwclock configuration. If UTC is set to + "no" in /etc/default/rcS, create /etc/adjtime and add the "LOCAL" setting. + * Remove /cgroup cleanup code from postinst. + * Add Build-Depends on gperf. + + -- Tollef Fog Heen Wed, 14 Sep 2011 08:25:17 +0200 + +systemd (29-1) unstable; urgency=low + + [ Tollef Fog Heen ] + * New upstream version, Closes: #630510 + - Includes typo fixes in documentation. Closes: #623520 + * Fall back to the init script reload function if a native .service file + doesn't know how to reload. Closes: #628186 + * Add hard dependency on udev. Closes: #627921 + + [ Michael Biebl ] + * hwclock-load.service is no longer installed, so we don't need to remove it + anymore in debian/rules. + * Install /usr/lib directory for binfmt.d, modules-load.d, tmpfiles.d and + sysctl.d. + * Remove obsolete conffiles from /etc/tmpfiles.d on upgrades. Those files + are installed in /usr/lib/tmpfiles.d now. + * Depend on util-linux (>= 2.19.1-2) which provides whole-disk locking + support in fsck and remove our revert patch. + * Don't choke when systemd was compiled with a different CAP_LAST_CAP then + what it is run with. Patch cherry-picked from upstream Git. + Closes: #628081 + * Enable dev-hugepages.automount and dev-mqueue.automount only when enabled + in kernel. Patch cherry-picked from upstream Git. Closes: #624522 + + -- Tollef Fog Heen Wed, 08 Jun 2011 16:14:31 +0200 + +systemd (25-2) experimental; urgency=low + + * Handle downgrades more gracefully by removing diversion of + /lib/lsb/init-functions on downgrades to << 25-1. + * Cherry-pick a133bf10d09f788079b82f63faa7058a27ba310b from upstream, + avoids assert when dumping properties. Closes: #624094 + * Remove "local" in non-function context in init-functions wrapper. + + -- Tollef Fog Heen Wed, 27 Apr 2011 22:20:04 +0200 + +systemd (25-1) experimental; urgency=low + + * New upstream release, target experimental due to initscripts + dependency. + - Fixes where to look for locale config. Closes: #619166 + * Depend on initscripts >= 2.88dsf-13.4 for /run transition. + * Add Conflicts on klogd, since it doesn't work correctly with the + kmg→/dev/log bridge. Closes: #622555 + * Add suggests on Python for systemd-analyze. + * Divert /lib/lsb/init-functions instead of (ab)using + /etc/lsb-base-logging.sh for diverting calls to /etc/init.d/* + * Remove obsolete conffile /etc/lsb-base-logging.sh. Closes: #619093 + * Backport 3a90ae048233021833ae828c1fc6bf0eeab46197 from master: + mkdir /run/systemd/system when starting up + + -- Tollef Fog Heen Sun, 24 Apr 2011 09:02:04 +0200 + +systemd (20-1) unstable; urgency=low + + * New upstream version + * Install systemd-machine-id-setup + * Call systemd-machine-id-setup in postinst + * Cherry-pick b8a021c9e276adc9bed5ebfa39c3cab0077113c6 from upstream to + prevent dbus assert error. + * Enable TCP wrapper support. Closes: #618409 + * Enable SELinux support. Closes: #618412 + * Make getty start after Apache2 and OpenVPN (which are the only two + known users of X-Interactive: yes). Closes: #618419 + + -- Tollef Fog Heen Fri, 11 Mar 2011 19:14:21 +0100 + +systemd (19-1) experimental; urgency=low + + * New upstream release + * Add systemd-tmpfiles to systemd package. + * Add ifup@.service for handling hotplugged interfaces from + udev. Closes: #610871 + * Mask mtab.service and udev-mtab.service as they are pointless when + /etc/mtab is a symlink to /proc/mounts + * Add breaks on lvm2 (<< 2.02.84-1) since older versions have udev rules + that don't work well with systemd causing delays on bootup. + + -- Tollef Fog Heen Thu, 17 Feb 2011 07:36:22 +0100 + +systemd (17-1) experimental; urgency=low + + [ Tollef Fog Heen ] + * New upstream release + * Clarify ifupdown instructions in README.Debian somewhat. + Closes: #613320 + * Silently skip masked services in lsb-base-logging.sh instead of + failing. Initial implementation by Michael Biebl. Closes: #612551 + * Disable systemd-vconsole-setup.service for now. + + [ Michael Biebl ] + * Bump build dependency on valac-0.10 to (>= 0.10.3). + * Improve regex in lsb-base-logging.sh for X-Interactive scripts. + Closes: #613325 + + -- Tollef Fog Heen Wed, 16 Feb 2011 21:06:16 +0100 + +systemd (16-1) experimental; urgency=low + + [ Tollef Fog Heen ] + * New upstream release. Closes: #609611 + * Get rid of now obsolete patches that are upstream. + * Use the built-in cryptsetup support in systemd, build-depend on + libcryptsetup-dev (>= 2:1.2.0-1) to get a libcryptsetup in /lib. + * Don't use systemctl redirect for init scripts with X-Interactive: true + + [ Michael Biebl ] + * Update package description + * Use v8 debhelper syntax + * Make single-user mode work + * Run hwclock-save.service on shutdown + * Remove dependencies on legacy sysv mount scripts, as we use native + mounting. + + -- Tollef Fog Heen Sun, 16 Jan 2011 11:04:13 +0100 + +systemd (15-1) UNRELEASED; urgency=low + + [ Tollef Fog Heen ] + * New upstream version, thanks a lot to Michael Biebl for help with + preparing this version. + - This version handles cycle breaking better. Closes: #609225 + * Add libaudit-dev to build-depends + * /usr/share/systemd/session has been renamed to /usr/share/systemd/user + upstream, adjust build system accordingly. + * Remove -s from getty serial console invocation. + * Add dependency on new util-linux to make sure /sbin/agetty exists + * Don't mount /var/lock with gid=lock (Debian has no such group). + * Document problem with ifupdown's /etc/network/run being a normal + directory. + + [ Michael Biebl ] + * Revert upstream change which requires libnotify 0.7 (not yet available in + Debian). + * Use dh-autoreconf for updating the build system. + * Revert upstream commit which uses fsck -l (needs a newer version of + util-linux). + * Explicitly disable cryptsetup support to not accidentally pick up a + libcryptsetup dependency in a tainted build environment, as the library + is currently installed in /usr/lib. + * Remove autogenerated man pages and vala C sources, so they are rebuilt. + * Use native systemd mount support: + - Use MountAuto=yes and SwapAuto=yes (default) in system.conf + - Mask SysV init mount, check and cleanup scripts. + - Create an alias (symlink) for checkroot (→ remount-rootfs.service) as + synchronization point for SysV init scripts. + * Mask x11-common, rmnologin, hostname, bootmisc and bootlogd. + * Create an alias for procps (→ systemd-sysctl.service) and + urandom (→ systemd-random-seed-load.service). + * Create an alias for module-init-tools (→ systemd-modules-load.service) and + a symlink from /etc/modules-load.d/modules.conf → /etc/modules. + * Install lsb-base hook which redirects calls to SysV init scripts to + systemctl: /etc/init.d/ → systemctl + * Install a (auto)mount unit to mount /lib/init/rw early during boot. + + -- Tollef Fog Heen Sat, 20 Nov 2010 09:28:01 +0100 + +systemd (11-2) UNRELEASED; urgency=low + + * Tighten depends from systemd-* on systemd to ensure they're upgraded + in lockstep. Thanks to Michael Biebl for the patch. + * Add missing #DEBHELPER# token to libpam-systemd + * Stop messing with runlevel5/multi-user.target symlink, this is handled + correctly upstream. + * Stop shipping /cgroup in the package. + * Remove tmpwatch services, Debian doesn't have or use tmpwatch. + * Make sure to enable GTK bits. + * Ship password agent + * Clean up cgroups properly on upgrades, thanks to Michael Biebl for the + patch. Closes: #599577 + + -- Tollef Fog Heen Tue, 02 Nov 2010 21:47:10 +0100 + +systemd (11-1) experimental; urgency=low + + * New upstream version. Closes: #597284 + * Add pam-auth-update calls to libpam-systemd's postinst and prerm + * Make systemd-sysv depend on systemd + * Now mounts the cgroup fs in /sys/fs/cgroup. Closes: #595966 + * Add libnotify-dev to build-depends (needed for systemadm) + + -- Tollef Fog Heen Thu, 07 Oct 2010 22:01:19 +0200 + +systemd (8-2) experimental; urgency=low + + * Hardcode udev rules dir in configure call. + * Remove README.source as it's no longer accurate. + + -- Tollef Fog Heen Mon, 30 Aug 2010 21:10:26 +0200 + +systemd (8-1) experimental; urgency=low + + * New upstream release + * Only ship the top /cgroup + * Pass --with-rootdir= to configure, to make it think / is / rather + than // + * Add PAM module package + * Fix up dependencies in local-fs.target. Closes: #594420 + * Move systemadm to its own package. Closes: #588451 + * Update standards-version (no changes needed) + * Update README.Debian to explain how to use systemd. + * Add systemd-sysv package that provides /sbin/init and friends. + + -- Tollef Fog Heen Sat, 07 Aug 2010 07:31:38 +0200 + +systemd (0~git+20100605+dfd8ee-1) experimental; urgency=low + + * Initial release, upload to experimental. Closes: #580814 + + -- Tollef Fog Heen Fri, 30 Apr 2010 21:02:25 +0200 diff --git a/compat b/compat new file mode 100644 index 00000000..f599e28b --- /dev/null +++ b/compat @@ -0,0 +1 @@ +10 diff --git a/control b/control new file mode 100644 index 00000000..f0b3fb28 --- /dev/null +++ b/control @@ -0,0 +1,398 @@ +Source: systemd +Section: admin +Priority: optional +Maintainer: Debian systemd Maintainers +Uploaders: Michael Biebl , + Marco d'Itri , + Sjoerd Simons , + Martin Pitt +Standards-Version: 4.2.1 +Rules-Requires-Root: no +Vcs-Git: https://salsa.debian.org/systemd-team/systemd.git +Vcs-Browser: https://salsa.debian.org/systemd-team/systemd +Homepage: https://www.freedesktop.org/wiki/Software/systemd +Build-Depends: debhelper (>= 10.4~), + pkg-config, + xsltproc, + docbook-xsl, + docbook-xml, + m4, + meson (>= 0.44), + gettext, + gperf, + gnu-efi [amd64 i386 arm64], + libcap-dev (>= 1:2.24-9~), + libpam0g-dev, + libapparmor-dev (>= 2.9.0-3+exp2) , + libidn11-dev , + libiptc-dev , + libaudit-dev , + libdbus-1-dev (>= 1.3.2) , + libcryptsetup-dev (>= 2:1.6.0) , + libselinux1-dev (>= 2.1.9), + libacl1-dev, + liblzma-dev, + liblz4-dev (>= 0.0~r125), + liblz4-tool , + libbz2-dev , + zlib1g-dev | libz-dev , + libcurl4-gnutls-dev | libcurl-dev , + libmicrohttpd-dev , + libgnutls28-dev , + libgcrypt20-dev, + libkmod-dev (>= 15), + libblkid-dev (>= 2.24), + libmount-dev (>= 2.30), + libseccomp-dev (>= 2.3.1) [amd64 arm64 armel armhf i386 mips mipsel mips64 mips64el x32 powerpc ppc64 ppc64el s390x], + libdw-dev (>= 0.158) , + libpolkit-gobject-1-dev , + linux-base , + acl , + python3:native, + python3-lxml:native, + python3-pyparsing , + python3-evdev , + tzdata , + libcap2-bin , + iproute2 , + +Package: systemd +Architecture: linux-any +Multi-Arch: foreign +Section: admin +Priority: important +Recommends: libpam-systemd, + dbus +Suggests: systemd-container, + policykit-1 +Pre-Depends: ${shlibs:Pre-Depends}, + ${misc:Pre-Depends} +Depends: ${shlibs:Depends}, + ${misc:Depends}, + libsystemd0 (= ${binary:Version}), + util-linux (>= 2.27.1), + mount (>= 2.26), + adduser, + procps, +Breaks: apparmor (<< 2.9.2-1), + systemd-shim (<< 10-4~), + ifupdown (<< 0.8.5~), + udev (<< 228-5), + laptop-mode-tools (<< 1.68~), + python-dbusmock (<< 0.18), + python3-dbusmock (<< 0.18), + raspi-copies-and-fills (<< 0.7) +Replaces: udev (<< 228-5), +Description: system and service manager + systemd is a system and service manager for Linux. It provides aggressive + parallelization capabilities, uses socket and D-Bus activation for starting + services, offers on-demand starting of daemons, keeps track of processes using + Linux control groups, maintains mount and automount points and implements an + elaborate transactional dependency-based service control logic. + . + systemd is compatible with SysV and LSB init scripts and can work as a + drop-in replacement for sysvinit. + . + Installing the systemd package will not switch your init system unless you + boot with init=/bin/systemd or install systemd-sysv in addition. + +Package: systemd-sysv +Architecture: linux-any +Multi-Arch: foreign +Section: admin +Priority: important +Conflicts: sysvinit-core, + upstart (<< 1.13.2-0ubuntu10~), + upstart-sysv, + openrc (<< 0.20.4-2.1), + file-rc, + systemd-shim, +Replaces: sysvinit (<< 2.88dsf-44~), + sysvinit-core, + upstart (<< 1.13.2-0ubuntu10~), + upstart-sysv, +Pre-Depends: systemd +Depends: ${shlibs:Depends}, + ${misc:Depends} +Recommends: libnss-systemd +Description: system and service manager - SysV links + systemd is a system and service manager for Linux. It provides aggressive + parallelization capabilities, uses socket and D-Bus activation for starting + services, offers on-demand starting of daemons, keeps track of processes using + Linux control groups, maintains mount and automount points and implements an + elaborate transactional dependency-based service control logic. + . + systemd is compatible with SysV and LSB init scripts and can work as a + drop-in replacement for sysvinit. + . + This package provides the manual pages and links needed for systemd + to replace sysvinit. Installing systemd-sysv will overwrite /sbin/init with a + link to systemd. + +Package: systemd-container +Build-Profiles: +Architecture: linux-any +Multi-Arch: foreign +Section: admin +Priority: optional +Depends: ${shlibs:Depends}, + ${misc:Depends}, + systemd, + dbus +Recommends: btrfs-progs, + libnss-mymachines, +Breaks: systemd (<< 224-2) +Replaces: systemd (<< 224-2) +Description: systemd container/nspawn tools + This package provides systemd's tools for nspawn and container/VM management: + * systemd-nspawn + * systemd-machined and machinectl + * systemd-importd + +Package: systemd-journal-remote +Build-Profiles: +Architecture: linux-any +Multi-Arch: foreign +Section: admin +Priority: optional +Depends: ${shlibs:Depends}, + ${misc:Depends}, + systemd, + adduser +Breaks: systemd (<< 239-6) +Replaces: systemd (<< 239-6) +Description: tools for sending and receiving remote journal logs + This package provides tools for sending and receiving remote journal logs: + * systemd-journal-remote + * systemd-journal-upload + * systemd-journal-gatewayd + +Package: systemd-coredump +Build-Profiles: +Architecture: linux-any +Multi-Arch: foreign +Section: admin +Priority: optional +Depends: ${shlibs:Depends}, + ${misc:Depends}, + adduser, + systemd +Conflicts: core-dump-handler +Replaces: core-dump-handler, systemd (<< 229-2) +Provides: core-dump-handler +Breaks: systemd (<< 229-2) +Description: tools for storing and retrieving coredumps + This package provides systemd tools for storing and retrieving coredumps: + * systemd-coredump + * coredumpctl + +Package: systemd-tests +Architecture: linux-any +Section: admin +Priority: optional +Depends: ${shlibs:Depends}, + ${misc:Depends}, + systemd (= ${binary:Version}), + python3, +Description: tests for systemd + This package contains the test binaries. Those binaries are primarily used + for autopkgtest and not meant to be installed on regular user systems. + +Package: libpam-systemd +Architecture: linux-any +Multi-Arch: same +Section: admin +Priority: standard +Pre-Depends: ${misc:Pre-Depends} +Depends: ${shlibs:Depends}, + ${misc:Depends}, + systemd (= ${binary:Version}), + libpam-runtime (>= 1.0.1-6), + dbus, + systemd-shim (>= 10-4~) | systemd-sysv +Description: system and service manager - PAM module + This package contains the PAM module which registers user sessions in + the systemd control group hierarchy for logind. + . + If in doubt, do install this package. + . + Packages that depend on logind functionality need to depend on libpam-systemd. + +Package: libnss-myhostname +Architecture: linux-any +Multi-Arch: same +Section: admin +Priority: optional +Pre-Depends: ${misc:Pre-Depends} +Depends: ${shlibs:Depends}, + ${misc:Depends}, +Breaks: systemd (<< 222-1) +Replaces: systemd (<< 222-1) +Description: nss module providing fallback resolution for the current hostname + This package contains a plugin for the Name Service Switch, providing host + name resolution for the locally configured system hostname as returned by + gethostname(2). It returns all locally configured public IP addresses or -- if + none are configured, the IPv4 address 127.0.1.1 (which is on the local + loopback) and the IPv6 address ::1 (which is the local host). + . + A lot of software relies on that the local host name is resolvable. This + package provides an alternative to the fragile and error-prone manual editing + of /etc/hosts. + . + Installing this package automatically adds myhostname to /etc/nsswitch.conf. + +Package: libnss-mymachines +Architecture: linux-any +Multi-Arch: same +Section: admin +Priority: optional +Pre-Depends: ${misc:Pre-Depends} +Depends: ${shlibs:Depends}, + ${misc:Depends}, + systemd-container (= ${binary:Version}), +Breaks: systemd (<< 222-1) +Replaces: systemd (<< 222-1) +Description: nss module to resolve hostnames for local container instances + nss-mymachines is a plugin for the GNU Name Service Switch (NSS) functionality + of the GNU C Library (glibc) providing hostname resolution for local containers + that are registered with systemd-machined.service(8). The container names are + resolved to IP addresses of the specific container, ordered by their scope. + . + Installing this package automatically adds mymachines to /etc/nsswitch.conf. + +Package: libnss-resolve +Architecture: linux-any +Multi-Arch: same +Section: admin +Priority: optional +Pre-Depends: ${misc:Pre-Depends} +Depends: ${shlibs:Depends}, + ${misc:Depends}, + systemd (= ${binary:Version}), +Breaks: systemd (<< 227-3) +Replaces: systemd (<< 227-3) +Description: nss module to resolve names via systemd-resolved + nss-resolve is a plugin for the GNU Name Service Switch (NSS) functionality + of the GNU C Library (glibc) providing DNS and LLMNR resolution to programs via + the systemd-resolved daemon (provided in the systemd package). + . + Installing this package automatically adds resolve to /etc/nsswitch.conf. + +Package: libnss-systemd +Architecture: linux-any +Multi-Arch: same +Section: admin +Priority: optional +Pre-Depends: ${misc:Pre-Depends} +Depends: ${shlibs:Depends}, + ${misc:Depends}, + systemd (= ${binary:Version}), +Description: nss module providing dynamic user and group name resolution + nss-systemd is a plug-in module for the GNU Name Service Switch (NSS) + functionality of the GNU C Library (glibc), providing UNIX user and group name + resolution for dynamic users and groups allocated through the DynamicUser= + option in systemd unit files. See systemd.exec(5) for details on this + option. + . + Installing this package automatically adds the module to /etc/nsswitch.conf. + +Package: libsystemd0 +Architecture: linux-any +Multi-Arch: same +Section: libs +Priority: optional +Pre-Depends: ${shlibs:Depends}, + ${misc:Pre-Depends} +Depends: ${misc:Depends} +Description: systemd utility library + The libsystemd0 library provides interfaces to various systemd components. + +Package: libsystemd-dev +Architecture: linux-any +Multi-Arch: same +Section: libdevel +Priority: optional +Depends: ${shlibs:Depends}, + ${misc:Depends}, + libsystemd0 (= ${binary:Version}) +Description: systemd utility library - development files + The libsystemd0 library provides interfaces to various systemd components. + . + This package contains the development files. + +Package: udev +Section: admin +Priority: important +Architecture: linux-any +Multi-Arch: foreign +Pre-Depends: ${misc:Pre-Depends} +Depends: ${shlibs:Depends}, + ${misc:Depends}, + adduser, + libudev1 (= ${binary:Version}), + lsb-base (>= 3.0-6), + util-linux (>= 2.27.1), + s390-tools (>> 1.6.2) [s390], + procps +Conflicts: hal +Breaks: systemd (<< 233-4), + ifupdown (<< 0.8.5~), + ifplugd (<< 0.28-19.1~), + joystick (<< 1:1.4.9-1~), + raspi-copies-and-fills (<< 0.7) +Replaces: systemd (<< 233-4) +Description: /dev/ and hotplug management daemon + udev is a daemon which dynamically creates and removes device nodes from + /dev/, handles hotplug events and loads drivers at boot time. + +Package: libudev1 +Section: libs +Priority: optional +Architecture: linux-any +Multi-Arch: same +Pre-Depends: ${misc:Pre-Depends} +Depends: ${shlibs:Depends}, + ${misc:Depends} +Description: libudev shared library + This library provides access to udev device information. + +Package: libudev-dev +Section: libdevel +Priority: optional +Architecture: linux-any +Multi-Arch: same +Pre-Depends: ${misc:Pre-Depends} +Depends: ${shlibs:Depends}, + ${misc:Depends}, + libudev1 (= ${binary:Version}) +Description: libudev development files + This package contains the files needed for developing applications that + use libudev. + +Package: udev-udeb +Build-Profiles: +Package-Type: udeb +Section: debian-installer +Priority: optional +Architecture: linux-any +Depends: ${shlibs:Depends}, + ${misc:Depends}, + util-linux-udeb +Description: /dev/ and hotplug management daemon + udev is a daemon which dynamically creates and removes device nodes from + /dev/, handles hotplug events and loads drivers at boot time. + . + This is a minimal version, only for use in the installation system. + +Package: libudev1-udeb +Build-Profiles: +Package-Type: udeb +Section: debian-installer +Priority: optional +Architecture: linux-any +Depends: ${shlibs:Depends}, + ${misc:Depends} +Description: libudev shared library + This library provides access to udev device information. + . + This is a minimal version, only for use in the installation system. diff --git a/copyright b/copyright new file mode 100644 index 00000000..1f66c205 --- /dev/null +++ b/copyright @@ -0,0 +1,195 @@ +Format: https://www.debian.org/doc/packaging-manuals/copyright-format/1.0/ +Upstream-Name: systemd +Upstream-Contact: systemd-devel@lists.freedesktop.org +Source: https://www.freedesktop.org/wiki/Software/systemd/ + +Files: * +Copyright: 2008-2015 Kay Sievers + 2010-2015 Lennart Poettering + 2012-2015 Zbigniew Jędrzejewski-Szmek + 2013-2015 Tom Gundersen + 2013-2015 Daniel Mack + 2010-2015 Harald Hoyer + 2013-2015 David Herrmann + 2013, 2014 Thomas H.P. Andersen + 2013, 2014 Daniel Buch + 2014 Susant Sahani + 2009-2015 Intel Corporation + 2000, 2005 Red Hat, Inc. + 2009 Alan Jenkins + 2010 ProFUSION embedded systems + 2010 Maarten Lankhorst + 1995-2004 Miquel van Smoorenburg + 1999 Tom Tromey + 2011 Michal Schmidt + 2012 B. Poettering + 2012 Holger Hans Peter Freyther + 2012 Dan Walsh + 2012 Roberto Sassu + 2013 David Strauss + 2013 Marius Vollmer + 2013 Jan Janssen + 2013 Simon Peeters +License: LGPL-2.1+ + +Files: src/basic/siphash24.h + src/basic/siphash24.c +Copyright: 2012 Jean-Philippe Aumasson + 2012 Daniel J. Bernstein +License: CC0-1.0 + +Files: src/basic/securebits.h +Copyright: Linus Torvalds +License: GPL-2 + +Files: src/basic/ioprio.h +Copyright: Jens Axboe +License: GPL-2 + +Files: src/shared/linux/auto_dev-ioctl.h +Copyright: 2008 Red Hat, Inc. + 2008 Ian Kent +License: GPL-2+ + +Files: src/basic/sparse-endian.h +Copyright: 2012 Josh Triplett +License: Expat + +Files: src/journal/lookup3.c + src/journal/lookup3.h +Copyright: none +License: public-domain + You can use this free for any purpose. It's in the public domain. It has no + warranty. + +Files: src/udev/* +Copyright: 2003-2012 Kay Sievers + 2003-2004 Greg Kroah-Hartman + 2004 Chris Friesen + 2004, 2009, 2010 David Zeuthen + 2005, 2006 SUSE Linux Products GmbH + 2003 IBM Corp. + 2007 Hannes Reinecke + 2009 Canonical Ltd. + 2009 Scott James Remnant + 2009 Martin Pitt + 2009 Piter Punk + 2009, 2010 Lennart Poettering + 2009 Filippo Argiolas + 2010 Maxim Levitsky + 2011 ProFUSION embedded systems + 2011 Karel Zak + 2014 Zbigniew Jędrzejewski-Szmek + 2014 David Herrmann + 2014 Carlos Garnacho +License: GPL-2+ + +Files: src/udev/udev-ctrl.c + src/udev/udevadm-hwdb.c + src/udev/udev-builtin.c + src/udev/udev-builtin-net_id.c + src/udev/udev-builtin-net_setup_link.c + src/udev/udev-builtin-hwdb.c + src/udev/udev-builtin-btrfs.c + src/udev/udev-builtin-keyboard.c + src/udev/net/link-config.h + src/udev/net/link-config.c + src/udev/net/ethtool-util.c + src/udev/net/ethtool-util.h +Copyright: 2007-2013 Kay Sievers + 2013 Tom Gundersen +License: LGPL-2.1+ + +Files: src/udev/scsi_id/scsi.h +Copyright: 2003 IBM Corp. +License: GPL-2 + +Files: debian/* +Copyright: 2010-2013 Tollef Fog Heen + 2013-2018 Michael Biebl + 2013 Michael Stapelberg +License: LGPL-2.1+ + +License: Expat + Permission is hereby granted, free of charge, to any person obtaining a copy + of this software and associated documentation files (the "Software"), to + deal in the Software without restriction, including without limitation the + rights to use, copy, modify, merge, publish, distribute, sublicense, and/or + sell copies of the Software, and to permit persons to whom the Software is + furnished to do so, subject to the following conditions: + . + The above copyright notice and this permission notice shall be included in + all copies or substantial portions of the Software. + . + THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR + IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, + FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE + AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER + LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING + FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS + IN THE SOFTWARE. + +License: GPL-2 + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; version 2 of the License. + . + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + . + You should have received a copy of the GNU General Public License + along with this program; if not, write to the Free Software Foundation, Inc., + 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA. + . + On Debian and systems the full text of the GNU General Public + License version 2 can be found in the file + `/usr/share/common-licenses/GPL-2` + +License: GPL-2+ + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 2, or (at your option) + any later version. + . + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + . + You should have received a copy of the GNU General Public License along + with this program; if not, write to the Free Software Foundation, + Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. + . + On Debian systems, the complete text of the GNU General Public License + version 2 can be found in ‘/usr/share/common-licenses/GPL-2’. + +License: LGPL-2.1+ + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU Lesser General Public License as published by + the Free Software Foundation; either version 2.1, or (at your option) + any later version. + . + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU Lesser General Public License for more details. + . + You should have received a copy of the GNU Lesser General Public License along + with this program; if not, write to the Free Software Foundation, + Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. + . + On Debian systems, the complete text of the GNU Lesser General Public + License version 2.1 can be found in ‘/usr/share/common-licenses/LGPL-2.1’. + +License: CC0-1.0 + To the extent possible under law, the author(s) have dedicated all copyright + and related and neighboring rights to this software to the public domain + worldwide. This software is distributed without any warranty. + . + You should have received a copy of the CC0 Public Domain Dedication along with + this software. If not, see . + . + On Debian systems, the complete text of the CC0 1.0 Universal license can be + found in ‘/usr/share/common-licenses/CC0-1.0’. diff --git a/extra/checkout-upstream b/extra/checkout-upstream new file mode 100755 index 00000000..561082ea --- /dev/null +++ b/extra/checkout-upstream @@ -0,0 +1,61 @@ +#!/bin/sh +# Prepare systemd source package in current directory for testing an upstream +# commit, branch, or PR, without Debian patches. This replaces everything +# except the debian/ directory with an upstream checkout. +# NEVER run this in your actual packaging work directory! This is only meant +# for upstream CI. +# +# Author: Martin Pitt + +set -eu +test -x debian/rules +if [ -z "${TEST_UPSTREAM:-}" ]; then + echo "Not in upstream testing mode. Do *not* run this script unless you know what you are doing." >&2 + exit 1 +fi +if [ -n "${UPSTREAM_PULL_REQUEST:-}" ]; then + FETCH="git fetch -fu origin refs/pull/$UPSTREAM_PULL_REQUEST/head:pr" + CO='git checkout pr' + DESC="PR #$UPSTREAM_PULL_REQUEST" +elif [ -n "${UPSTREAM_HEAD:-}" ]; then + FETCH='' + CO="git checkout $UPSTREAM_HEAD" + DESC="$UPSTREAM_HEAD" +else + echo "WARNING: $0: Neither UPSTREAM_PULL_REQUEST nor UPSTREAM_HEAD set, ignoring" >&2 + exit 0 +fi + +mkdir -p debian/tmp +(cd debian/tmp + git clone https://github.com/systemd/systemd.git upstream || (rm -rf upstream; sleep 60; git clone https://github.com/systemd/systemd.git upstream) + cd upstream + $FETCH + $CO + git config user.email "invalid@example.com" + git config user.name "Merge dummy user" + git rebase master) +UPSTREAM_VER=$(cd debian/tmp/upstream; git describe | sed 's/^v//') + +# clean out original upstream sources and patches +find -mindepth 1 -maxdepth 1 -name debian -prune -o -print0 | xargs -0n1 rm -rf +rm -rf debian/patches + +# replace with checkout +mv debian/tmp/upstream/* . +rm -rf debian/tmp + +# craft changelog +cat << EOF > debian/changelog.new +systemd (${UPSTREAM_VER}-0) UNRELEASED; urgency=low + + * Automatic build from upstream $DESC + + -- systemd test $(date -R) + +EOF +cat debian/changelog >> debian/changelog.new +mv debian/changelog.new debian/changelog + +# disable tests which are not for upstream +sed -i '/# NOUPSTREAM/ q' debian/tests/control diff --git a/extra/dhclient-exit-hooks.d/timesyncd b/extra/dhclient-exit-hooks.d/timesyncd new file mode 100644 index 00000000..3cde9929 --- /dev/null +++ b/extra/dhclient-exit-hooks.d/timesyncd @@ -0,0 +1,42 @@ +TIMESYNCD_CONF=/run/systemd/timesyncd.conf.d/01-dhclient.conf + +timesyncd_servers_setup_remove() { + if [ -e $TIMESYNCD_CONF ]; then + rm -f $TIMESYNCD_CONF + systemctl try-restart systemd-timesyncd.service || true + fi +} + +timesyncd_servers_setup_add() { + if [ ! -d /run/systemd/system ]; then + return + fi + + if [ -e $TIMESYNCD_CONF ] && [ "$new_ntp_servers" = "$old_ntp_servers" ]; then + return + fi + + if [ -z "$new_ntp_servers" ]; then + timesyncd_servers_setup_remove + return + fi + + mkdir -p $(dirname $TIMESYNCD_CONF) + cat < ${TIMESYNCD_CONF}.new +# NTP server entries received from DHCP server +[Time] +NTP=$new_ntp_servers +EOF + mv ${TIMESYNCD_CONF}.new ${TIMESYNCD_CONF} + systemctl try-restart systemd-timesyncd.service || true +} + + +case $reason in + BOUND|RENEW|REBIND|REBOOT) + timesyncd_servers_setup_add + ;; + EXPIRE|FAIL|RELEASE|STOP) + timesyncd_servers_setup_remove + ;; +esac diff --git a/extra/fbdev-blacklist.conf b/extra/fbdev-blacklist.conf new file mode 100644 index 00000000..00a91706 --- /dev/null +++ b/extra/fbdev-blacklist.conf @@ -0,0 +1,20 @@ +# This file blacklists most old-style PCI framebuffer drivers. + +blacklist arkfb +blacklist aty128fb +blacklist atyfb +blacklist radeonfb +blacklist cirrusfb +blacklist cyber2000fb +blacklist kyrofb +blacklist matroxfb_base +blacklist mb862xxfb +blacklist neofb +blacklist pm2fb +blacklist pm3fb +blacklist s3fb +blacklist savagefb +blacklist sisfb +blacklist tdfxfb +blacklist tridentfb +blacklist vt8623fb diff --git a/extra/init-functions.d/40-systemd b/extra/init-functions.d/40-systemd new file mode 100644 index 00000000..94ae696c --- /dev/null +++ b/extra/init-functions.d/40-systemd @@ -0,0 +1,94 @@ +# -*-Shell-script-*- +# /lib/lsb/init-functions + +_use_systemctl=0 +if [ -d /run/systemd/system ]; then + + prog=${0##*/} + service="${prog%.sh}.service" + + # Don't try to run masked services. systemctl <= 230 always succeeds here, + # but later systemctls fail on nonexisting units; be compatible with both + state=$(systemctl -p LoadState --value show $service 2>/dev/null) || state="not-found" + [ "$state" = "masked" ] && exit 0 + + # Redirect SysV init scripts when executed by the user + if [ $PPID -ne 1 ] && [ -z "${SYSTEMCTL_SKIP_REDIRECT:-}" ]; then + case $(readlink -f "$0") in + /etc/init.d/*) + # If the state is not-found, this might be a newly installed SysV init + # script where systemd-sysv-generator has not been run yet. + [ "$state" != "not-found" ] || [ "$(id -u)" != 0 ] || systemctl --no-ask-password daemon-reload + + _use_systemctl=1 + # Some services can't reload through the .service file, + # but can through the init script. + if [ "$(systemctl -p CanReload --value show $service 2>/dev/null)" = "no" ] && [ "${1:-}" = "reload" ]; then + _use_systemctl=0 + fi + ;; + esac + fi +fi + +systemctl_redirect () { + local s + local rc + local prog=${1##*/} + local command=$2 + + case "$command" in + start) + s="Starting $prog (via systemctl)" + ;; + stop) + s="Stopping $prog (via systemctl)" + ;; + reload|force-reload) + s="Reloading $prog configuration (via systemctl)" + ;; + try-restart) + s="Restarting $prog if running (via systemctl)" + ;; + restart) + s="Restarting $prog (via systemctl)" + ;; + esac + + service="${prog%.sh}.service" + + # avoid deadlocks during bootup and shutdown from units/hooks + # which call "invoke-rc.d service reload" and similar, since + # the synchronous wait plus systemd's normal behaviour of + # transactionally processing all dependencies first easily + # causes dependency loops + if ! OUT=$(systemctl is-system-running 2>/dev/null) && [ "$OUT" != "degraded" ]; then + sctl_args="--job-mode=ignore-dependencies" + fi + + [ "$command" = status ] || log_daemon_msg "$s" "$service" + /bin/systemctl --no-pager $sctl_args $command "$service" + rc=$? + [ "$command" = status ] || log_end_msg $rc + + return $rc +} + +if [ "$_use_systemctl" = "1" ]; then + # Some init scripts use "set -e" and "set -u", we don't want that + # here + set +e + set +u + + if [ "x$1" = xstart -o \ + "x$1" = xstop -o \ + "x$1" = xrestart -o \ + "x$1" = xreload -o \ + "x$1" = xforce-reload -o \ + "x$1" = xtry-restart -o \ + "x$1" = xstatus ] ; then + + systemctl_redirect $0 $1 + exit $? + fi +fi diff --git a/extra/initramfs-tools/hooks/udev b/extra/initramfs-tools/hooks/udev new file mode 100755 index 00000000..58aab9c1 --- /dev/null +++ b/extra/initramfs-tools/hooks/udev @@ -0,0 +1,54 @@ +#!/bin/sh -e + +PREREQS="" + +prereqs() { echo "$PREREQS"; } + +case "$1" in + prereqs) + prereqs + exit 0 + ;; +esac + +. /usr/share/initramfs-tools/hook-functions + +mkdir -p $DESTDIR/lib/systemd +copy_exec /lib/systemd/systemd-udevd /lib/systemd +copy_exec /bin/udevadm /bin + +mkdir -p $DESTDIR/etc/udev +cp -p /etc/udev/udev.conf $DESTDIR/etc/udev/ + +# copy .link files containing interface naming definitions +mkdir -p $DESTDIR/lib/systemd/network/ +find /lib/systemd/network -name '*.link' -execdir cp -pt $DESTDIR/lib/systemd/network/ '{}' + +if [ -d /etc/systemd/network ]; then + find /etc/systemd/network -name '*.link' -execdir cp -pt $DESTDIR/lib/systemd/network/ '{}' + +fi + +mkdir -p $DESTDIR/lib/udev/rules.d/ +for rules in 50-firmware.rules 50-udev-default.rules 60-persistent-storage.rules \ + 61-persistent-storage-android.rules 71-seat.rules 73-special-net-names.rules \ + 73-usb-net-by-mac.rules 75-net-description.rules \ + 80-net-setup-link.rules 80-drivers.rules; do + if [ -e /etc/udev/rules.d/$rules ]; then + cp -p /etc/udev/rules.d/$rules $DESTDIR/lib/udev/rules.d/ + elif [ -e /lib/udev/rules.d/$rules ]; then + cp -p /lib/udev/rules.d/$rules $DESTDIR/lib/udev/rules.d/ + fi +done + +# now copy all custom udev rules which don't have an equivalent in /lib (e. g. +# 70-persistent-net.rules or similar); They might contain network names or +# other bits which are relevant for the initramfs. +for rules in /etc/udev/rules.d/*.rules; do + if [ -e "$rules" ] && [ ! -e "/lib/${rules#/etc/}" ]; then + cp -p $rules $DESTDIR/lib/udev/rules.d/ + fi +done + +for program in ata_id scsi_id; do + copy_exec /lib/udev/$program /lib/udev +done +copy_exec /sbin/blkid /sbin diff --git a/extra/initramfs-tools/scripts/init-bottom/udev b/extra/initramfs-tools/scripts/init-bottom/udev new file mode 100755 index 00000000..5bd7f761 --- /dev/null +++ b/extra/initramfs-tools/scripts/init-bottom/udev @@ -0,0 +1,28 @@ +#!/bin/sh -e + +PREREQS="" + +prereqs() { echo "$PREREQS"; } + +case "$1" in + prereqs) + prereqs + exit 0 + ;; +esac + +# Stop udevd, we'll miss a few events while we run init, but we catch up +udevadm control --exit + +# move the /dev tmpfs to the rootfs; fall back to util-linux mount that does +# not understand -o move +mount -n -o move /dev ${rootmnt}/dev || mount -n --move /dev ${rootmnt}/dev + +# create a temporary symlink to the final /dev for other initramfs scripts +if command -v nuke >/dev/null; then + nuke /dev +else + rm -rf /dev +fi +ln -s ${rootmnt}/dev /dev + diff --git a/extra/initramfs-tools/scripts/init-top/udev b/extra/initramfs-tools/scripts/init-top/udev new file mode 100755 index 00000000..870189af --- /dev/null +++ b/extra/initramfs-tools/scripts/init-top/udev @@ -0,0 +1,31 @@ +#!/bin/sh -e + +PREREQS="" + +prereqs() { echo "$PREREQS"; } + +case "$1" in + prereqs) + prereqs + exit 0 + ;; +esac + +if [ -w /sys/kernel/uevent_helper ]; then + echo > /sys/kernel/uevent_helper +fi + +if [ "$quiet" = "y" ]; then + log_level=notice +else + log_level=info +fi + +SYSTEMD_LOG_LEVEL=$log_level /lib/systemd/systemd-udevd --daemon --resolve-names=never + +udevadm trigger --type=subsystems --action=add +udevadm trigger --type=devices --action=add +udevadm settle || true + +# Leave udev running to process events that come in out-of-band (like USB +# connections) diff --git a/extra/kernel-install.d/85-initrd.install b/extra/kernel-install.d/85-initrd.install new file mode 100755 index 00000000..ee6974d2 --- /dev/null +++ b/extra/kernel-install.d/85-initrd.install @@ -0,0 +1,29 @@ +#!/bin/sh +set -eu +# -*- mode: shell-script; indent-tabs-mode: nil; sh-basic-offset: 4; -*- +# ex: ts=8 sw=4 sts=4 et filetype=sh + +COMMAND="$1" +KERNEL_VERSION="$2" +BOOT_DIR_ABS="$3" + +INITRD_SRC="/boot/initrd.img-$KERNEL_VERSION" +INITRD_DEST="$BOOT_DIR_ABS/initrd" + +if [ "$COMMAND" = remove ]; then + rm -f "$INITRD_DEST" + exit 0 +fi + +if [ "$COMMAND" != add ]; then + echo "Invalid command $COMMAND" >&2 + exit 1 +fi + +if [ -e "$INITRD_SRC" ];then + cp "$INITRD_SRC" "$INITRD_DEST" +else + echo "$INITRD_SRC does not exist, not installing an initrd" +fi + +exit 0 diff --git a/extra/make-fbdev-blacklist b/extra/make-fbdev-blacklist new file mode 100644 index 00000000..826e2d55 --- /dev/null +++ b/extra/make-fbdev-blacklist @@ -0,0 +1,48 @@ +#!/bin/sh +# This script should be run before building the package every time a new +# kernel is released. +# +# You should pass the name of the modules directory for a 486 flavour +# kernel, as that has the most framebuffer modules. +# +# Also, obsolete modules should not be removed from the list until after +# at least one stable release. + +set -e + +if [ $# = 0 ]; then + MODULES_DIR=/lib/modules/$(uname -r) +else + MODULES_DIR="$1" +fi + +BL='fbdev-blacklist.conf' + +if [ -e extra/$BL ]; then cd extra; fi + +{ +printf "# This file blacklists most old-style PCI framebuffer drivers.\n\n" + +find "$MODULES_DIR"/kernel/drivers/video -type f | sort | \ +while read file; do + name="$(basename $file .ko)" + case $name in + lxfb) + # This is needed for text consoles on OLPC XO-1, and it used to be + # built-in anyway. + ;; + viafb) ;; # Needed by OLPC XO-1.5 + *) + /sbin/modinfo $file | grep -q '^alias: *pci:' \ + && echo blacklist $name || true + ;; + esac +done +} > $BL.tmp + +if diff --unified=0 $BL $BL.tmp; then + rm $BL.tmp +else + printf "\n\n\n$BL.tmp has changes!\n\n\n\n" +fi + diff --git a/extra/make-sysusers-basic b/extra/make-sysusers-basic new file mode 100755 index 00000000..0aaa65cc --- /dev/null +++ b/extra/make-sysusers-basic @@ -0,0 +1,17 @@ +#!/bin/sh +# generate a sysusers.d(5) file from Debian's static master passwd/group files +set -eu + +echo '# generated from /usr/share/base-passwd/{passwd,group}.master' + +# only take groups whose name+gid != the corresponding user in passwd.master +export IFS=: +while read name _ id _; do + if ! grep -q "^$name:\*:$id:$id:" /usr/share/base-passwd/passwd.master; then + printf "g %-10s %-5s -\n" $name $id + fi +done < /usr/share/base-passwd/group.master + +echo + +awk -F: '{ i = ($3 == $4) ? $3 : $3":"$4; printf("u %-10s %-7s - %-20s %s\n", $1,i,$6,$7) }' < /usr/share/base-passwd/passwd.master diff --git a/extra/pam-configs/systemd b/extra/pam-configs/systemd new file mode 100644 index 00000000..5b56996a --- /dev/null +++ b/extra/pam-configs/systemd @@ -0,0 +1,7 @@ +Name: Register user sessions in the systemd control group hierarchy +Default: yes +Priority: 0 +Session-Interactive-Only: yes +Session-Type: Additional +Session: + optional pam_systemd.so diff --git a/extra/pam.d/systemd-user b/extra/pam.d/systemd-user new file mode 100644 index 00000000..45b2e5e8 --- /dev/null +++ b/extra/pam.d/systemd-user @@ -0,0 +1,12 @@ +# This file is part of systemd. +# +# Used by systemd --user instances. + +@include common-account + +session required pam_selinux.so close +session required pam_selinux.so nottys open +session required pam_loginuid.so +session required pam_limits.so +@include common-session-noninteractive +session optional pam_systemd.so diff --git a/extra/rules-ubuntu/40-vm-hotadd.rules b/extra/rules-ubuntu/40-vm-hotadd.rules new file mode 100644 index 00000000..62a5a62b --- /dev/null +++ b/extra/rules-ubuntu/40-vm-hotadd.rules @@ -0,0 +1,14 @@ +# On Hyper-V and Xen Virtual Machines we want to add memory and cpus as soon as they appear +ATTR{[dmi/id]sys_vendor}=="Microsoft Corporation", ATTR{[dmi/id]product_name}=="Virtual Machine", GOTO="vm_hotadd_apply" +ATTR{[dmi/id]sys_vendor}=="Xen", GOTO="vm_hotadd_apply" +GOTO="vm_hotadd_end" + +LABEL="vm_hotadd_apply" + +# Memory hotadd request +SUBSYSTEM=="memory", ACTION=="add", DEVPATH=="/devices/system/memory/memory[0-9]*", TEST=="state", ATTR{state}="online" + +# CPU hotadd request +SUBSYSTEM=="cpu", ACTION=="add", DEVPATH=="/devices/system/cpu/cpu[0-9]*", TEST=="online", ATTR{online}="1" + +LABEL="vm_hotadd_end" diff --git a/extra/rules-ubuntu/61-persistent-storage-android.rules b/extra/rules-ubuntu/61-persistent-storage-android.rules new file mode 100644 index 00000000..6f4ac42d --- /dev/null +++ b/extra/rules-ubuntu/61-persistent-storage-android.rules @@ -0,0 +1,7 @@ +# Android based kernel exports the uevent property PARTNAME, which can be +# used to find out at run time the named partitions (e.g. boot) for the +# device. This is specially useful for the Touch based images and flash-kernel, +# to automatically update the kernel by writing at the correct partition +# (independently of the hardware revision). +ACTION!="remove", KERNEL=="mmcblk[0-9]p[0-9]", ENV{PARTNAME}=="?*", SYMLINK+="disk/by-partlabel/$env{PARTNAME}" + diff --git a/extra/rules-ubuntu/71-power-switch-proliant.rules b/extra/rules-ubuntu/71-power-switch-proliant.rules new file mode 100644 index 00000000..022baebf --- /dev/null +++ b/extra/rules-ubuntu/71-power-switch-proliant.rules @@ -0,0 +1,2 @@ +ACTION!="remove", SUBSYSTEM=="input", KERNEL=="event*", SUBSYSTEMS=="platform", KERNELS=="gpio_keys.6|soc:gpio_keys", PROGRAM="/bin/cat /proc/device-tree/model", RESULT=="HP ProLiant m400 Server Cartridge", TAG+="power-switch" +ACTION!="remove", SUBSYSTEM=="input", KERNEL=="event*", SUBSYSTEMS=="platform", KERNELS=="gpio_keys.12", ATTRS{keys}=="116", PROGRAM="/bin/cat /proc/device-tree/model", RESULT=="HP ProLiant m800 Server Cartridge", TAG+="power-switch" diff --git a/extra/rules-ubuntu/78-graphics-card.rules b/extra/rules-ubuntu/78-graphics-card.rules new file mode 100644 index 00000000..b3b906cd --- /dev/null +++ b/extra/rules-ubuntu/78-graphics-card.rules @@ -0,0 +1,30 @@ +# do not edit this file, it will be overwritten on update + +ACTION!="add", GOTO="graphics_end" + +# Tag the drm device for KMS-supporting drivers as the primary device for +# the display; for non-KMS drivers tag the framebuffer device instead. + +SUBSYSTEM!="drm", GOTO="drm_end" +KERNEL!="card[0-9]*", GOTO="drm_end" +ENV{DEVTYPE}!="drm_minor", GOTO="drm_end" + +DRIVERS=="i915", ENV{PRIMARY_DEVICE_FOR_DISPLAY}="1" +DRIVERS=="radeon", ENV{PRIMARY_DEVICE_FOR_DISPLAY}="1" +DRIVERS=="nouveau", ENV{PRIMARY_DEVICE_FOR_DISPLAY}="1" +DRIVERS=="vmwgfx", ENV{PRIMARY_DEVICE_FOR_DISPLAY}="1" + +LABEL="drm_end" + +SUBSYSTEM!="graphics", GOTO="graphics_end" + +DRIVERS=="i915", GOTO="graphics_end" +DRIVERS=="radeon", GOTO="graphics_end" +DRIVERS=="nouveau", GOTO="graphics_end" +DRIVERS=="efifb", GOTO="graphics_end" +DRIVERS=="efi-framebuffer", GOTO="graphics_end" +DRIVERS=="vesa-framebuffer", GOTO="graphics_end" + +KERNEL=="fb[0-9]*", ENV{PRIMARY_DEVICE_FOR_DISPLAY}="1" + +LABEL="graphics_end" diff --git a/extra/rules/50-firmware.rules b/extra/rules/50-firmware.rules new file mode 100644 index 00000000..f7a08ce9 --- /dev/null +++ b/extra/rules/50-firmware.rules @@ -0,0 +1,3 @@ +# stub for immediately telling the kernel that userspace firmware loading +# failed; necessary to avoid long timeouts with CONFIG_FW_LOADER_USER_HELPER=y +SUBSYSTEM=="firmware", ACTION=="add", ATTR{loading}="-1" diff --git a/extra/rules/73-special-net-names.rules b/extra/rules/73-special-net-names.rules new file mode 100644 index 00000000..5e470a34 --- /dev/null +++ b/extra/rules/73-special-net-names.rules @@ -0,0 +1,14 @@ +# On Dell PowerEdge systems, the iDRAC7 and later support a USB Virtual NIC +# which terminates in the iDRAC. Help identify this with 'idrac' +ACTION=="add", SUBSYSTEM=="net", SUBSYSTEMS=="usb", ATTRS{idVendor}=="413c", ATTRS{idProduct}=="a102", NAME="idrac" + +# On IBM systems the Integrated Management Module is reachable using a +# # USB Virtual NIC. +ACTION=="add", SUBSYSTEM=="net", SUBSYSTEMS=="usb", \ + ATTRS{idVendor}=="04b3", ATTRS{idProduct}=="0325", NAME="ibmimm" + +# ibmveth devices' $DEVPATH number is tied to (virtual) hardware (slot id +# selected in the HMC), thus this provides a reliable naming (e. g. +# "/devices/vio/30000002/net/eth1"); we ignore the bus number, as +# there should only ever be one bus, and then remove leading zeros +ACTION=="add", SUBSYSTEM=="net", NAME=="", DRIVERS=="ibmveth", PROGRAM="/bin/sh -ec 'D=${DEVPATH#*/vio/}; D=${D%%%%/*}; D=${D#????}; D=${D#0}; D=${D#0}; D=${D#0}; D=${D#0}; echo ${D:-0}'", NAME="ibmveth$result" diff --git a/extra/rules/73-usb-net-by-mac.rules b/extra/rules/73-usb-net-by-mac.rules new file mode 100644 index 00000000..8969f591 --- /dev/null +++ b/extra/rules/73-usb-net-by-mac.rules @@ -0,0 +1,15 @@ +# Use MAC based names for network interfaces which are directly or indirectly +# on USB and have an universally administered (stable) MAC address (second bit +# is 0). Don't do this when ifnames is disabled via kernel command line or +# customizing/disabling 99-default.link (or previously 80-net-setup-link.rules). + +IMPORT{cmdline}="net.ifnames" +ENV{net.ifnames}=="0", GOTO="usb_net_by_mac_end" + +ACTION=="add", SUBSYSTEM=="net", SUBSYSTEMS=="usb", NAME=="", \ + ATTR{address}=="?[014589cd]:*", \ + TEST!="/etc/udev/rules.d/80-net-setup-link.rules", \ + TEST!="/etc/systemd/network/99-default.link", \ + IMPORT{builtin}="net_id", NAME="$env{ID_NET_NAME_MAC}" + +LABEL="usb_net_by_mac_end" diff --git a/extra/rules/80-debian-compat.rules b/extra/rules/80-debian-compat.rules new file mode 100644 index 00000000..fb8477ff --- /dev/null +++ b/extra/rules/80-debian-compat.rules @@ -0,0 +1,30 @@ +# Debian specific udev rules for backwards compatibility + +# needed for old tape drivers, http://bugs.debian.org/657948 +SUBSYSTEM=="scsi", ENV{DEVTYPE}=="scsi_device", TEST!="[module/sg]", RUN{builtin}+="kmod load sg" + +# device permissions +KERNEL=="mISDNtimer", GROUP="dialout" +KERNEL=="mwave", GROUP="dialout" +KERNEL=="nvram", GROUP="kmem", MODE="0640" +KERNEL=="pktcdvd", GROUP="cdrom", MODE="0644" +KERNEL=="lirc[0-9]*", GROUP="video" +KERNEL=="legousbtower*", MODE="0666" +KERNEL=="sonypi", MODE="0666" +KERNEL=="mmtimer", MODE="0644" +KERNEL=="sgi_*", MODE="0666" +KERNEL=="z90crypt", MODE="0666" + +# These rules will create symlinks for CD/DVD drives, to help old +# programs which are unable to automatically discover the devices. +# The first detected device gets the symlink, but this is not stable across +# reboots. +ENV{ID_CDROM_CD_RW}=="?*", \ + PROGRAM="/bin/sh -c 'ln -s %k /run/udev/link.cdrw 2>/dev/null; [ `readlink /run/udev/link.cdrw` = %k ]", \ + SYMLINK+="cdrw", OPTIONS+="link_priority=-100" +ENV{ID_CDROM_DVD}=="?*", \ + PROGRAM="/bin/sh -c 'ln -s %k /run/udev/link.dvd 2>/dev/null; [ `readlink /run/udev/link.dvd` = %k ]", \ + SYMLINK+="dvd", OPTIONS+="link_priority=-100" +ENV{ID_CDROM_DVD_RW}=="?*", \ + PROGRAM="/bin/sh -c 'ln -s %k /run/udev/link.dvdrw 2>/dev/null; [ `readlink /run/udev/link.dvdrw` = %k ]", \ + SYMLINK+="dvdrw", OPTIONS+="link_priority=-100" diff --git a/extra/set-cpufreq b/extra/set-cpufreq new file mode 100755 index 00000000..4ffe126d --- /dev/null +++ b/extra/set-cpufreq @@ -0,0 +1,46 @@ +#! /bin/sh +# Set the CPU Frequency Scaling governor to "ondemand"/"powersave" where available +set -eu + +FIRSTCPU=`cut -f1 -d- /sys/devices/system/cpu/online` +AVAILABLE="/sys/devices/system/cpu/cpu$FIRSTCPU/cpufreq/scaling_available_governors" +DOWN_FACTOR="/sys/devices/system/cpu/cpufreq/ondemand/sampling_down_factor" + +[ -f $AVAILABLE ] || exit 0 + +read governors < $AVAILABLE +case $governors in + *interactive*) + GOVERNOR="interactive" + break + ;; + *ondemand*) + GOVERNOR="ondemand" + case $(uname -m) in + ppc64*) + SAMPLING=100 + ;; + esac + break + ;; + *powersave*) + GOVERNOR="powersave" + break + ;; + *) + exit 0 + ;; +esac + +[ -n "${GOVERNOR:-}" ] || exit 0 + +echo "Setting $GOVERNOR scheduler for all CPUs" + +for CPUFREQ in /sys/devices/system/cpu/cpu*/cpufreq/scaling_governor +do + [ -f $CPUFREQ ] || continue + echo -n $GOVERNOR > $CPUFREQ +done +if [ -n "${SAMPLING:-}" ] && [ -f $DOWN_FACTOR ]; then + echo -n $SAMPLING > $DOWN_FACTOR +fi diff --git a/extra/start-udev b/extra/start-udev new file mode 100755 index 00000000..60489258 --- /dev/null +++ b/extra/start-udev @@ -0,0 +1,18 @@ +#!/bin/sh -e + +if [ -w /sys/kernel/uevent_helper ]; then + echo > /sys/kernel/uevent_helper +fi + +if ! grep -E -q "^[^[:space:]]+ /dev devtmpfs" /proc/mounts; then + mount -n -o mode=0755 -t devtmpfs devtmpfs /dev +fi + +SYSTEMD_LOG_LEVEL=notice /lib/systemd/systemd-udevd --daemon --resolve-names=never + +udevadm trigger --action=add + +mkdir -p /dev/pts +mount -t devpts -o noexec,nosuid,gid=5,mode=0620 devpts /dev/pts + +udevadm settle || true diff --git a/extra/systemd-sysv-install b/extra/systemd-sysv-install new file mode 100755 index 00000000..c69d7a37 --- /dev/null +++ b/extra/systemd-sysv-install @@ -0,0 +1,56 @@ +#!/bin/sh +# This script is called by "systemctl enable/disable" when the given unit is a +# SysV init.d script. It needs to call the distribution's mechanism for +# enabling/disabling those, such as chkconfig, update-rc.d, or similar. This +# can optionally take a --root argument for enabling a SysV init script +# in a chroot or similar. +set -eu + +usage() { + echo "Usage: $0 [--root=path] enable|disable|is-enabled " >&2 + exit 1 +} + +ROOT= + +# parse options +eval set -- "$(getopt -o r: --long root: -- "$@")" +while true; do + case "$1" in + -r|--root) + ROOT="$2" + shift 2 ;; + --) shift ; break ;; + *) usage ;; + esac +done + +NAME="${2:-}" + +run() { + if [ -n "$ROOT" ] && [ "$ROOT" != "/" ]; then + chroot "$ROOT" /usr/sbin/update-rc.d "$@" + else + /usr/sbin/update-rc.d "$@" + fi +} + +[ -n "$NAME" ] || usage + +case "$1" in + enable) + # call the command to enable SysV init script $NAME here.. + run "$NAME" defaults + run "$NAME" enable + ;; + disable) + run "$NAME" defaults + run "$NAME" disable + ;; + is-enabled) + # exit with 0 if $NAME is enabled, non-zero if it is disabled + ls "$ROOT"/etc/rc[S5].d/S??"$NAME" >/dev/null 2>&1 + ;; + *) + usage ;; +esac diff --git a/extra/systemd.py b/extra/systemd.py new file mode 100644 index 00000000..108e896e --- /dev/null +++ b/extra/systemd.py @@ -0,0 +1,29 @@ +'''apport package hook for systemd + +(c) 2014 Canonical Ltd. +Author: Martin Pitt +''' + +import os.path +import apport.hookutils + +def add_info(report): + apport.hookutils.attach_hardware(report) + + report['SystemdDelta'] = apport.hookutils.command_output(['systemd-delta']) + + if not os.path.exists('/run/systemd/system'): + return + + # Add details about all failed units, if any + out = apport.hookutils.command_output(['systemctl', '--state=failed', '--full', + '--no-legend']).strip() + if out: + failed = '' + for line in out.splitlines(): + unit = line.split()[0] + if failed: + failed += '------\n' + failed += apport.hookutils.command_output(['systemctl', 'status', '--full', unit]) + report['SystemdFailedUnits'] = failed + diff --git a/extra/tmpfiles.d/debian.conf b/extra/tmpfiles.d/debian.conf new file mode 100644 index 00000000..90610844 --- /dev/null +++ b/extra/tmpfiles.d/debian.conf @@ -0,0 +1,14 @@ +# This file is part of the debianisation of systemd. +# +# systemd is free software; you can redistribute it and/or modify it +# under the terms of the GNU General Public License as published by +# the Free Software Foundation; either version 2 of the License, or +# (at your option) any later version. + +# See tmpfiles.d(5) for details + +# Type Path Mode UID GID Age Argument +L /run/shm - - - - /dev/shm +d /run/sendsigs.omit.d 0755 root root - + +L+ /etc/mtab - - - - ../proc/self/mounts diff --git a/extra/udev.py b/extra/udev.py new file mode 100644 index 00000000..d8bc76f7 --- /dev/null +++ b/extra/udev.py @@ -0,0 +1,19 @@ +'''apport package hook for udev + +(c) 2009 Canonical Ltd. +Author: Martin Pitt +''' + +import os +import apport.hookutils + +def add_info(report): + apport.hookutils.attach_hardware(report) + + user_rules = [] + for f in os.listdir('/etc/udev/rules.d'): + if not f.startswith('70-persistent-') and f != 'README': + user_rules.append(f) + + if user_rules: + report['CustomUdevRuleFiles'] = ' '.join(user_rules) diff --git a/extra/units-ubuntu/ondemand.service b/extra/units-ubuntu/ondemand.service new file mode 100644 index 00000000..7edf8408 --- /dev/null +++ b/extra/units-ubuntu/ondemand.service @@ -0,0 +1,13 @@ +[Unit] +Description=Set the CPU Frequency Scaling governor +ConditionVirtualization=no +ConditionPathExists=/sys/devices/system/cpu/online +# Don't run if we're going to start an Android LXC container on Ubuntu Touch +ConditionPathExists=!/etc/init/lxc-android-config.conf + +[Service] +Type=idle +ExecStart=/lib/systemd/set-cpufreq + +[Install] +WantedBy=multi-user.target diff --git a/extra/units-ubuntu/user@.service.d/timeout.conf b/extra/units-ubuntu/user@.service.d/timeout.conf new file mode 100644 index 00000000..213eb651 --- /dev/null +++ b/extra/units-ubuntu/user@.service.d/timeout.conf @@ -0,0 +1,4 @@ +# Avoid long hangs during shutdown if user services fail/hang due to X.org +# going away too early +[Service] +TimeoutStopSec=5 diff --git a/extra/units/getty-static.service b/extra/units/getty-static.service new file mode 100644 index 00000000..0a1203f0 --- /dev/null +++ b/extra/units/getty-static.service @@ -0,0 +1,10 @@ +[Unit] +Description=getty on tty2-tty6 if dbus and logind are not available +ConditionPathExists=/dev/tty0 +ConditionPathExists=!/lib/systemd/system/dbus.service + +[Service] +Type=oneshot +ExecStart=/bin/systemctl --no-block start getty@tty2.service getty@tty3.service getty@tty4.service getty@tty5.service getty@tty6.service +RemainAfterExit=true + diff --git a/extra/units/rc-local.service.d/debian.conf b/extra/units/rc-local.service.d/debian.conf new file mode 100644 index 00000000..ec77220a --- /dev/null +++ b/extra/units/rc-local.service.d/debian.conf @@ -0,0 +1,10 @@ +[Unit] +# not specified by LSB, but has been behaving that way in Debian under SysV +# init and upstart +After=network-online.target + +# Often contains status messages which users expect to see on the console +# during boot +[Service] +StandardOutput=journal+console +StandardError=journal+console diff --git a/extra/units/systemd-resolved.service.d/resolvconf.conf b/extra/units/systemd-resolved.service.d/resolvconf.conf new file mode 100644 index 00000000..98a7017d --- /dev/null +++ b/extra/units/systemd-resolved.service.d/resolvconf.conf @@ -0,0 +1,8 @@ +# tell resolvconf about resolved's builtin DNS server, so that DNS servers +# picked up via networkd are respected when using resolvconf, and that software +# like Chrome that does not do NSS (libnss-resolve) still gets proper DNS +# resolution; do not remove the entry after stop though, as that leads to +# timeouts on shutdown via the resolvconf hooks (see LP: #1648068) +[Service] +ExecStartPost=+/bin/sh -c '[ ! -e /run/resolvconf/enable-updates ] || echo "nameserver 127.0.0.53" | /sbin/resolvconf -a systemd-resolved' +ReadWritePaths=-/run/resolvconf diff --git a/gbp.conf b/gbp.conf new file mode 100644 index 00000000..d2c6eb7d --- /dev/null +++ b/gbp.conf @@ -0,0 +1,8 @@ +[DEFAULT] +pristine-tar = False +patch-numbers = False +debian-branch = master + +[dch] +full = True +multimaint-merge = True diff --git a/git-cherry-pick b/git-cherry-pick new file mode 100755 index 00000000..bb39ce8c --- /dev/null +++ b/git-cherry-pick @@ -0,0 +1,55 @@ +#!/bin/bash + +set -e + +if [ -z "$*" ] ; then + echo "Usage: $0 [commit [commit ..]]" + exit 1 +fi + + +curbranch=$(git rev-parse --abbrev-ref HEAD) + +# assert we got a branch +[ -n "$curbranch" ] + +if [ $curbranch = HEAD ] ; then + echo "You are not currently on a branch, cannot cherry-pick" + exit 1 +fi + +case $curbranch in + patch-queue/*) + debbranch=${curbranch/patch-queue\/} + pqbranch=$curbranch + ;; + *) + debbranch=$curbranch + pqbranch=patch-queue/$curbranch + ;; +esac + +commits=$(git rev-parse "$@") + +if git rev-parse $pqbranch &>/dev/null ; then + echo + echo "Will recreate patch-queue branch $pqbranch" + echo "It was pointing to" $(git rev-parse $pqbranch) + echo +fi + +gbp pq import --force + +echo "Cherry-picking the following commits:" +echo "$commits" + +picks=$(echo "$commits" | xargs echo exec git cherry-pick -x --no-edit --commit) + +# find the first debian commit +firstdebian=$(git log -i --grep "topic.*debian" --pretty=%h --reverse $debbranch..$pqbranch | head -1) + +sedexpr="/$firstdebian/i$picks" + +GIT_EDITOR="sed -i -e '$sedexpr'" git rebase --interactive --no-autosquash $debbranch + + diff --git a/libnss-myhostname.install b/libnss-myhostname.install new file mode 100644 index 00000000..3db91045 --- /dev/null +++ b/libnss-myhostname.install @@ -0,0 +1,3 @@ +lib/*/libnss_myhostname*.so.* +usr/share/man/man8/libnss_myhostname.so.2.8 +usr/share/man/man8/nss-myhostname.8 diff --git a/libnss-myhostname.lintian-overrides b/libnss-myhostname.lintian-overrides new file mode 100644 index 00000000..ff4d266a --- /dev/null +++ b/libnss-myhostname.lintian-overrides @@ -0,0 +1,2 @@ +# package is a NSS module, not a system library +libnss-myhostname: package-name-doesnt-match-sonames diff --git a/libnss-myhostname.postinst b/libnss-myhostname.postinst new file mode 100644 index 00000000..9fec7a35 --- /dev/null +++ b/libnss-myhostname.postinst @@ -0,0 +1,40 @@ +#!/bin/sh +set -e + +# This code was taken from libnss-myhostname + +# try to insert myhostname entries to the "hosts" line in /etc/nsswitch.conf to +# automatically enable libnss-myhostname support; do not change the +# configuration if the "hosts" line already references some myhostname lookups +insert_nss_entry() { + echo "Checking NSS setup..." + # abort if /etc/nsswitch.conf does not exist + if ! [ -e /etc/nsswitch.conf ]; then + echo "Could not find /etc/nsswitch.conf." + return + fi + perl -i -pe ' + sub insert { + my $line = shift; + # this also splits on tab + my @bits=split(" ", $line); + # do not break configuration if the "hosts" line already references + # myhostname + if (grep { $_ eq "myhostname"} @bits) { + return $line; + } + # add myhostname at the end + return $line . " myhostname"; + } + s/^(hosts:\s+)(.*)/$1.insert($2)/e; + ' /etc/nsswitch.conf +} + +if [ "$1" = configure ] && [ -z "$2" ]; then + echo "First installation detected..." + # first install: setup the recommended configuration (unless + # nsswitch.conf already contains myhostname entries) + insert_nss_entry +fi + +#DEBHELPER# diff --git a/libnss-myhostname.postrm b/libnss-myhostname.postrm new file mode 100644 index 00000000..0a6d0f2e --- /dev/null +++ b/libnss-myhostname.postrm @@ -0,0 +1,28 @@ +#!/bin/sh +set -e + +remove_nss_entry() { + local file=$1 + local pkg=$2 + local module=$3 + refcount=$(dpkg-query -f '${db:Status-Abbrev} ${binary:Package}\n' \ + -W $pkg | grep '^i' | wc -l) + if [ "$refcount" -gt 0 ] ; then + # package is installed for other architectures still, do nothing + return + fi + echo "Checking NSS setup..." + # abort if file does not exist + if ! [ -e $file ]; then + echo "Could not find ${file}." + return + fi + # we must remove possible [foo=bar] options as well + sed -i -r "/hosts:/ s/[[:space:]]+$module\b([[:space:]]*\[[^]]*\])*//" $file +} + +if [ "$1" = remove ]; then + remove_nss_entry /etc/nsswitch.conf libnss-myhostname myhostname +fi + +#DEBHELPER# diff --git a/libnss-mymachines.install b/libnss-mymachines.install new file mode 100644 index 00000000..55301149 --- /dev/null +++ b/libnss-mymachines.install @@ -0,0 +1,3 @@ +lib/*/libnss_mymachines*.so.* +usr/share/man/man8/libnss_mymachines.so.2.8 +usr/share/man/man8/nss-mymachines.8 diff --git a/libnss-mymachines.lintian-overrides b/libnss-mymachines.lintian-overrides new file mode 100644 index 00000000..c9661e8b --- /dev/null +++ b/libnss-mymachines.lintian-overrides @@ -0,0 +1,2 @@ +# package is a NSS module, not a system library +libnss-mymachines: package-name-doesnt-match-sonames diff --git a/libnss-mymachines.postinst b/libnss-mymachines.postinst new file mode 100644 index 00000000..f4b3f5ca --- /dev/null +++ b/libnss-mymachines.postinst @@ -0,0 +1,40 @@ +#!/bin/sh +set -e + +# This code was taken from libnss-myhostname + +# try to insert mymachines entries to the "hosts" line in /etc/nsswitch.conf to +# automatically enable libnss-mymachines support; do not change the +# configuration if the "hosts" line already references some mymachines lookups +insert_nss_entry() { + echo "Checking NSS setup..." + # abort if /etc/nsswitch.conf does not exist + if ! [ -e /etc/nsswitch.conf ]; then + echo "Could not find /etc/nsswitch.conf." + return + fi + perl -i -pe ' + sub insert { + my $line = shift; + # this also splits on tab + my @bits=split(" ", $line); + # do not break configuration if the "hosts" line already references + # mymachines + if (grep { $_ eq "mymachines"} @bits) { + return $line; + } + # add mymachines at the end + return $line . " mymachines"; + } + s/^(hosts:\s+)(.*)/$1.insert($2)/e; + ' /etc/nsswitch.conf +} + +if [ "$1" = configure ] && [ -z "$2" ]; then + echo "First installation detected..." + # first install: setup the recommended configuration (unless + # nsswitch.conf already contains mymachines entries) + insert_nss_entry +fi + +#DEBHELPER# diff --git a/libnss-mymachines.postrm b/libnss-mymachines.postrm new file mode 100644 index 00000000..1318f218 --- /dev/null +++ b/libnss-mymachines.postrm @@ -0,0 +1,28 @@ +#!/bin/sh +set -e + +remove_nss_entry() { + local file=$1 + local pkg=$2 + local module=$3 + refcount=$(dpkg-query -f '${db:Status-Abbrev} ${binary:Package}\n' \ + -W $pkg | grep '^i' | wc -l) + if [ "$refcount" -gt 0 ] ; then + # package is installed for other architectures still, do nothing + return + fi + echo "Checking NSS setup..." + # abort if file does not exist + if ! [ -e $file ]; then + echo "Could not find ${file}." + return + fi + # we must remove possible [foo=bar] options as well + sed -i -r "/hosts:/ s/[[:space:]]+$module\b([[:space:]]*\[[^]]*\])*//" $file +} + +if [ "$1" = remove ]; then + remove_nss_entry /etc/nsswitch.conf libnss-mymachines mymachines +fi + +#DEBHELPER# diff --git a/libnss-resolve.install b/libnss-resolve.install new file mode 100644 index 00000000..3ecf8344 --- /dev/null +++ b/libnss-resolve.install @@ -0,0 +1,3 @@ +lib/*/libnss_resolve*.so.* +usr/share/man/man8/libnss_resolve.so.2.8 +usr/share/man/man8/nss-resolve.8 diff --git a/libnss-resolve.lintian-overrides b/libnss-resolve.lintian-overrides new file mode 100644 index 00000000..dfd9ec41 --- /dev/null +++ b/libnss-resolve.lintian-overrides @@ -0,0 +1,2 @@ +# package is a NSS module, not a system library +libnss-resolve: package-name-doesnt-match-sonames diff --git a/libnss-resolve.postinst b/libnss-resolve.postinst new file mode 100644 index 00000000..21b19c86 --- /dev/null +++ b/libnss-resolve.postinst @@ -0,0 +1,55 @@ +#!/bin/sh +set -e + +# This code was taken from libnss-myhostname + +# try to insert resolve entries to the "hosts" line in /etc/nsswitch.conf to +# automatically enable libnss-resolve support; do not change the +# configuration if the "hosts" line already references some resolve lookups +insert_nss_entry() { + echo "Checking NSS setup..." + # abort if /etc/nsswitch.conf does not exist + if ! [ -e /etc/nsswitch.conf ]; then + echo "Could not find /etc/nsswitch.conf." + return + fi + perl -i -pe ' + sub insert { + my $line = shift; + # this also splits on tab + my @bits=split(" ", $line); + # do not break configuration if the "hosts" line already references + # resolve + if (grep { $_ eq "resolve"} @bits) { + return $line; + } + # add resolve before dns + return join " ", map { + $_ eq "dns" ? ("resolve [!UNAVAIL=return]", "$_") : $_ + } @bits; + } + s/^(hosts:\s+)(.*)/$1.insert($2)/e; + ' /etc/nsswitch.conf +} + +if [ "$1" = configure ] && [ -z "$2" ]; then + echo "First installation detected..." + # first install: setup the recommended configuration (unless + # nsswitch.conf already contains resolve entries) + insert_nss_entry + # ... and enable resolved + systemctl enable systemd-resolved.service + if [ -d /run/systemd/system ]; then + deb-systemd-invoke start systemd-resolved.service || true + fi +fi + +# Fix nsswitch action on upgrades +if [ "$1" = configure ] && dpkg --compare-versions "$2" lt-nl "231-10"; then + if ! grep -q '^hosts:.*resolve[[:space:]]*\[' /etc/nsswitch.conf; then + echo "Adjusting 'resolv' entry in /etc/nsswitch.conf.." + sed -i '/^hosts:/ { s/resolve/& [!UNAVAIL=return]/}' /etc/nsswitch.conf + fi +fi + +#DEBHELPER# diff --git a/libnss-resolve.postrm b/libnss-resolve.postrm new file mode 100644 index 00000000..6f0f787f --- /dev/null +++ b/libnss-resolve.postrm @@ -0,0 +1,32 @@ +#!/bin/sh +set -e + +remove_nss_entry() { + local file=$1 + local pkg=$2 + local module=$3 + refcount=$(dpkg-query -f '${db:Status-Abbrev} ${binary:Package}\n' \ + -W $pkg | grep '^i' | wc -l) + if [ "$refcount" -gt 0 ] ; then + # package is installed for other architectures still, do nothing + return + fi + echo "Checking NSS setup..." + # abort if file does not exist + if ! [ -e $file ]; then + echo "Could not find ${file}." + return + fi + # we must remove possible [foo=bar] options as well + sed -i -r "/hosts:/ s/[[:space:]]+$module\b([[:space:]]*\[[^]]*\])*//" $file +} + +if [ "$1" = remove ]; then + remove_nss_entry /etc/nsswitch.conf libnss-resolve resolve + systemctl disable systemd-resolved.service + if [ -d /run/systemd/system ]; then + deb-systemd-invoke stop systemd-resolved.service || true + fi +fi + +#DEBHELPER# diff --git a/libnss-systemd.install b/libnss-systemd.install new file mode 100644 index 00000000..ade3da44 --- /dev/null +++ b/libnss-systemd.install @@ -0,0 +1,3 @@ +lib/*/libnss_systemd*.so.* +usr/share/man/man8/libnss_systemd* +usr/share/man/man8/nss-systemd* diff --git a/libnss-systemd.lintian-overrides b/libnss-systemd.lintian-overrides new file mode 100644 index 00000000..8e9c4cb9 --- /dev/null +++ b/libnss-systemd.lintian-overrides @@ -0,0 +1,2 @@ +# package is a NSS module, not a system library +libnss-systemd: package-name-doesnt-match-sonames diff --git a/libnss-systemd.postinst b/libnss-systemd.postinst new file mode 100644 index 00000000..1dc3c4f2 --- /dev/null +++ b/libnss-systemd.postinst @@ -0,0 +1,38 @@ +#!/bin/sh +set -e + +# try to insert the systemd entry to the "passwd" and "group" lines in +# /etc/nsswitch.conf to automatically enable libnss-systemd support; do not +# change the configuration if the lines already contain "systemd" +insert_nss_entry() { + echo "Checking NSS setup..." + # abort if /etc/nsswitch.conf does not exist + if ! [ -e /etc/nsswitch.conf ]; then + echo "Could not find /etc/nsswitch.conf." + return + fi + perl -i -pe ' + sub insert { + my $line = shift; + # this also splits on tab + my @bits=split(" ", $line); + # do not break configuration if the line already references + # systemd + if (grep { $_ eq "systemd"} @bits) { + return $line; + } + # add systemd at the end + return $line . " systemd"; + } + s/^(passwd:\s+)(.*)/$1.insert($2)/e; + s/^(group:\s+)(.*)/$1.insert($2)/e; + ' /etc/nsswitch.conf +} + +if [ "$1" = configure ] && [ -z "$2" ]; then + echo "First installation detected..." + # first install: setup the recommended configuration + insert_nss_entry +fi + +#DEBHELPER# diff --git a/libnss-systemd.postrm b/libnss-systemd.postrm new file mode 100644 index 00000000..744cc359 --- /dev/null +++ b/libnss-systemd.postrm @@ -0,0 +1,28 @@ +#!/bin/sh +set -e + +remove_nss_entry() { + local file=$1 + local pkg=$2 + local module=$3 + refcount=$(dpkg-query -f '${db:Status-Abbrev} ${binary:Package}\n' \ + -W $pkg | grep '^i' | wc -l) + if [ "$refcount" -gt 0 ] ; then + # package is installed for other architectures still, do nothing + return + fi + echo "Checking NSS setup..." + # abort if file does not exist + if ! [ -e $file ]; then + echo "Could not find ${file}." + return + fi + # we must remove possible [foo=bar] options as well + sed -i -r "/(passwd|group):/ s/[[:space:]]+$module\b([[:space:]]*\[[^]]*\])*//" $file +} + +if [ "$1" = remove ]; then + remove_nss_entry /etc/nsswitch.conf libnss-systemd systemd +fi + +#DEBHELPER# diff --git a/libpam-systemd.install b/libpam-systemd.install new file mode 100644 index 00000000..df749da9 --- /dev/null +++ b/libpam-systemd.install @@ -0,0 +1,3 @@ +lib/*/security/pam_systemd.so +usr/share/man/man8/pam_systemd.8 +../../extra/pam-configs usr/share/ diff --git a/libpam-systemd.postinst b/libpam-systemd.postinst new file mode 100644 index 00000000..c6177d8c --- /dev/null +++ b/libpam-systemd.postinst @@ -0,0 +1,7 @@ +#! /bin/sh + +set -e + +pam-auth-update --package + +#DEBHELPER# diff --git a/libpam-systemd.prerm b/libpam-systemd.prerm new file mode 100644 index 00000000..f51c1088 --- /dev/null +++ b/libpam-systemd.prerm @@ -0,0 +1,20 @@ +#! /bin/sh + +set -e + +# pam-auth-update --remove removes the named profile from the active config. +# It arguably should be called during deconfigure as well, but deconfigure +# can happen in some cases during a dist-upgrade and we don't want to +# deconfigure all PAM modules in the middle of a dist-upgrade by accident. +# +# More importantly, with the current implementation, --remove also removes +# all local preferences for the named config (such as whether it's enabled +# or disabled), which we don't want to do on deconfigure. +# +# This may need to change later as pam-auth-update evolves. + +if [ "$1" = remove ] && [ "${DPKG_MAINTSCRIPT_PACKAGE_REFCOUNT:-1}" = 1 ]; then + pam-auth-update --package --remove systemd +fi + +#DEBHELPER# diff --git a/libsystemd-dev.install b/libsystemd-dev.install new file mode 100644 index 00000000..1ca8036e --- /dev/null +++ b/libsystemd-dev.install @@ -0,0 +1,5 @@ +lib/*/libsystemd.so +usr/lib/*/pkgconfig/libsystemd.pc +usr/include/systemd/ +usr/share/man/man3/sd* +usr/share/man/man3/SD* diff --git a/libsystemd0.install b/libsystemd0.install new file mode 100644 index 00000000..9cd022d6 --- /dev/null +++ b/libsystemd0.install @@ -0,0 +1 @@ +lib/*/libsystemd.so.* diff --git a/libsystemd0.symbols b/libsystemd0.symbols new file mode 100644 index 00000000..8bb698c6 --- /dev/null +++ b/libsystemd0.symbols @@ -0,0 +1,487 @@ +libsystemd.so.0 libsystemd0 #MINVER# +* Build-Depends-Package: libsystemd-dev + LIBSYSTEMD_209@LIBSYSTEMD_209 0 + LIBSYSTEMD_211@LIBSYSTEMD_211 211 + LIBSYSTEMD_213@LIBSYSTEMD_213 213 + LIBSYSTEMD_214@LIBSYSTEMD_214 214 + LIBSYSTEMD_216@LIBSYSTEMD_216 217 + LIBSYSTEMD_217@LIBSYSTEMD_217 217 + LIBSYSTEMD_219@LIBSYSTEMD_219 219 + LIBSYSTEMD_220@LIBSYSTEMD_220 220 + LIBSYSTEMD_221@LIBSYSTEMD_221 221 + LIBSYSTEMD_222@LIBSYSTEMD_222 222 + LIBSYSTEMD_226@LIBSYSTEMD_226 226 + LIBSYSTEMD_227@LIBSYSTEMD_227 227 + LIBSYSTEMD_229@LIBSYSTEMD_229 229 + LIBSYSTEMD_230@LIBSYSTEMD_230 230 + LIBSYSTEMD_231@LIBSYSTEMD_231 231 + LIBSYSTEMD_232@LIBSYSTEMD_232 232 + LIBSYSTEMD_233@LIBSYSTEMD_233 233 + LIBSYSTEMD_234@LIBSYSTEMD_234 234 + LIBSYSTEMD_236@LIBSYSTEMD_236 236 + LIBSYSTEMD_237@LIBSYSTEMD_237 237 + LIBSYSTEMD_238@LIBSYSTEMD_238 238 + LIBSYSTEMD_239@LIBSYSTEMD_239 239 + sd_booted@LIBSYSTEMD_209 0 + sd_bus_add_fallback@LIBSYSTEMD_221 221 + sd_bus_add_fallback_vtable@LIBSYSTEMD_221 221 + sd_bus_add_filter@LIBSYSTEMD_221 221 + sd_bus_add_match@LIBSYSTEMD_221 221 + sd_bus_add_match_async@LIBSYSTEMD_237 237 + sd_bus_add_node_enumerator@LIBSYSTEMD_221 221 + sd_bus_add_object@LIBSYSTEMD_221 221 + sd_bus_add_object_manager@LIBSYSTEMD_221 221 + sd_bus_add_object_vtable@LIBSYSTEMD_221 221 + sd_bus_attach_event@LIBSYSTEMD_221 221 + sd_bus_call@LIBSYSTEMD_221 221 + sd_bus_call_async@LIBSYSTEMD_221 221 + sd_bus_call_method@LIBSYSTEMD_221 221 + sd_bus_call_method_async@LIBSYSTEMD_221 221 + sd_bus_can_send@LIBSYSTEMD_221 221 + sd_bus_close@LIBSYSTEMD_221 221 + sd_bus_creds_get_audit_login_uid@LIBSYSTEMD_221 221 + sd_bus_creds_get_audit_session_id@LIBSYSTEMD_221 221 + sd_bus_creds_get_augmented_mask@LIBSYSTEMD_221 221 + sd_bus_creds_get_cgroup@LIBSYSTEMD_221 221 + sd_bus_creds_get_cmdline@LIBSYSTEMD_221 221 + sd_bus_creds_get_comm@LIBSYSTEMD_221 221 + sd_bus_creds_get_description@LIBSYSTEMD_221 221 + sd_bus_creds_get_egid@LIBSYSTEMD_221 221 + sd_bus_creds_get_euid@LIBSYSTEMD_221 221 + sd_bus_creds_get_exe@LIBSYSTEMD_221 221 + sd_bus_creds_get_fsgid@LIBSYSTEMD_221 221 + sd_bus_creds_get_fsuid@LIBSYSTEMD_221 221 + sd_bus_creds_get_gid@LIBSYSTEMD_221 221 + sd_bus_creds_get_mask@LIBSYSTEMD_221 221 + sd_bus_creds_get_owner_uid@LIBSYSTEMD_221 221 + sd_bus_creds_get_pid@LIBSYSTEMD_221 221 + sd_bus_creds_get_ppid@LIBSYSTEMD_221 221 + sd_bus_creds_get_selinux_context@LIBSYSTEMD_221 221 + sd_bus_creds_get_session@LIBSYSTEMD_221 221 + sd_bus_creds_get_sgid@LIBSYSTEMD_221 221 + sd_bus_creds_get_slice@LIBSYSTEMD_221 221 + sd_bus_creds_get_suid@LIBSYSTEMD_221 221 + sd_bus_creds_get_supplementary_gids@LIBSYSTEMD_221 221 + sd_bus_creds_get_tid@LIBSYSTEMD_221 221 + sd_bus_creds_get_tid_comm@LIBSYSTEMD_221 221 + sd_bus_creds_get_tty@LIBSYSTEMD_221 221 + sd_bus_creds_get_uid@LIBSYSTEMD_221 221 + sd_bus_creds_get_unique_name@LIBSYSTEMD_221 221 + sd_bus_creds_get_unit@LIBSYSTEMD_221 221 + sd_bus_creds_get_user_slice@LIBSYSTEMD_221 221 + sd_bus_creds_get_user_unit@LIBSYSTEMD_221 221 + sd_bus_creds_get_well_known_names@LIBSYSTEMD_221 221 + sd_bus_creds_has_bounding_cap@LIBSYSTEMD_221 221 + sd_bus_creds_has_effective_cap@LIBSYSTEMD_221 221 + sd_bus_creds_has_inheritable_cap@LIBSYSTEMD_221 221 + sd_bus_creds_has_permitted_cap@LIBSYSTEMD_221 221 + sd_bus_creds_new_from_pid@LIBSYSTEMD_221 221 + sd_bus_creds_ref@LIBSYSTEMD_221 221 + sd_bus_creds_unref@LIBSYSTEMD_221 221 + sd_bus_default@LIBSYSTEMD_221 221 + sd_bus_default_flush_close@LIBSYSTEMD_227 227 + sd_bus_default_system@LIBSYSTEMD_221 221 + sd_bus_default_user@LIBSYSTEMD_221 221 + sd_bus_detach_event@LIBSYSTEMD_221 221 + sd_bus_emit_interfaces_added@LIBSYSTEMD_221 221 + sd_bus_emit_interfaces_added_strv@LIBSYSTEMD_221 221 + sd_bus_emit_interfaces_removed@LIBSYSTEMD_221 221 + sd_bus_emit_interfaces_removed_strv@LIBSYSTEMD_221 221 + sd_bus_emit_object_added@LIBSYSTEMD_222 222 + sd_bus_emit_object_removed@LIBSYSTEMD_222 222 + sd_bus_emit_properties_changed@LIBSYSTEMD_221 221 + sd_bus_emit_properties_changed_strv@LIBSYSTEMD_221 221 + sd_bus_emit_signal@LIBSYSTEMD_221 221 + sd_bus_error_add_map@LIBSYSTEMD_221 221 + sd_bus_error_copy@LIBSYSTEMD_221 221 + sd_bus_error_free@LIBSYSTEMD_221 221 + sd_bus_error_get_errno@LIBSYSTEMD_221 221 + sd_bus_error_has_name@LIBSYSTEMD_221 221 + sd_bus_error_is_set@LIBSYSTEMD_221 221 + sd_bus_error_set@LIBSYSTEMD_221 221 + sd_bus_error_set_const@LIBSYSTEMD_221 221 + sd_bus_error_set_errno@LIBSYSTEMD_221 221 + sd_bus_error_set_errnof@LIBSYSTEMD_221 221 + sd_bus_error_set_errnofv@LIBSYSTEMD_221 221 + sd_bus_error_setf@LIBSYSTEMD_221 221 + sd_bus_flush@LIBSYSTEMD_221 221 + sd_bus_flush_close_unref@LIBSYSTEMD_222 222 + sd_bus_get_address@LIBSYSTEMD_221 221 + sd_bus_get_allow_interactive_authorization@LIBSYSTEMD_221 221 + sd_bus_get_bus_id@LIBSYSTEMD_221 221 + sd_bus_get_connected_signal@LIBSYSTEMD_237 237 + sd_bus_get_creds_mask@LIBSYSTEMD_221 221 + sd_bus_get_current_handler@LIBSYSTEMD_221 221 + sd_bus_get_current_message@LIBSYSTEMD_221 221 + sd_bus_get_current_slot@LIBSYSTEMD_221 221 + sd_bus_get_current_userdata@LIBSYSTEMD_221 221 + sd_bus_get_description@LIBSYSTEMD_221 221 + sd_bus_get_event@LIBSYSTEMD_221 221 + sd_bus_get_events@LIBSYSTEMD_221 221 + sd_bus_get_exit_on_disconnect@LIBSYSTEMD_232 232 + sd_bus_get_fd@LIBSYSTEMD_221 221 + sd_bus_get_n_queued_read@LIBSYSTEMD_238 238 + sd_bus_get_n_queued_write@LIBSYSTEMD_238 238 + sd_bus_get_name_creds@LIBSYSTEMD_221 221 + sd_bus_get_name_machine_id@LIBSYSTEMD_221 221 + sd_bus_get_owner_creds@LIBSYSTEMD_221 221 + sd_bus_get_property@LIBSYSTEMD_221 221 + sd_bus_get_property_string@LIBSYSTEMD_221 221 + sd_bus_get_property_strv@LIBSYSTEMD_221 221 + sd_bus_get_property_trivial@LIBSYSTEMD_221 221 + sd_bus_get_scope@LIBSYSTEMD_221 221 + sd_bus_get_sender@LIBSYSTEMD_237 237 + sd_bus_get_tid@LIBSYSTEMD_221 221 + sd_bus_get_timeout@LIBSYSTEMD_221 221 + sd_bus_get_unique_name@LIBSYSTEMD_221 221 + sd_bus_get_watch_bind@LIBSYSTEMD_237 237 + sd_bus_is_anonymous@LIBSYSTEMD_221 221 + sd_bus_is_bus_client@LIBSYSTEMD_221 221 + sd_bus_is_monitor@LIBSYSTEMD_221 221 + sd_bus_is_open@LIBSYSTEMD_221 221 + sd_bus_is_ready@LIBSYSTEMD_237 237 + sd_bus_is_server@LIBSYSTEMD_221 221 + sd_bus_is_trusted@LIBSYSTEMD_221 221 + sd_bus_list_names@LIBSYSTEMD_221 221 + sd_bus_match_signal@LIBSYSTEMD_237 237 + sd_bus_match_signal_async@LIBSYSTEMD_237 237 + sd_bus_message_append@LIBSYSTEMD_221 221 + sd_bus_message_append_array@LIBSYSTEMD_221 221 + sd_bus_message_append_array_iovec@LIBSYSTEMD_221 221 + sd_bus_message_append_array_memfd@LIBSYSTEMD_221 221 + sd_bus_message_append_array_space@LIBSYSTEMD_221 221 + sd_bus_message_append_basic@LIBSYSTEMD_221 221 + sd_bus_message_append_string_iovec@LIBSYSTEMD_221 221 + sd_bus_message_append_string_memfd@LIBSYSTEMD_221 221 + sd_bus_message_append_string_space@LIBSYSTEMD_221 221 + sd_bus_message_append_strv@LIBSYSTEMD_221 221 + sd_bus_message_appendv@LIBSYSTEMD_234 234 + sd_bus_message_at_end@LIBSYSTEMD_221 221 + sd_bus_message_close_container@LIBSYSTEMD_221 221 + sd_bus_message_copy@LIBSYSTEMD_221 221 + sd_bus_message_enter_container@LIBSYSTEMD_221 221 + sd_bus_message_exit_container@LIBSYSTEMD_221 221 + sd_bus_message_get_allow_interactive_authorization@LIBSYSTEMD_221 221 + sd_bus_message_get_auto_start@LIBSYSTEMD_221 221 + sd_bus_message_get_bus@LIBSYSTEMD_221 221 + sd_bus_message_get_cookie@LIBSYSTEMD_221 221 + sd_bus_message_get_creds@LIBSYSTEMD_221 221 + sd_bus_message_get_destination@LIBSYSTEMD_221 221 + sd_bus_message_get_errno@LIBSYSTEMD_221 221 + sd_bus_message_get_error@LIBSYSTEMD_221 221 + sd_bus_message_get_expect_reply@LIBSYSTEMD_221 221 + sd_bus_message_get_interface@LIBSYSTEMD_221 221 + sd_bus_message_get_member@LIBSYSTEMD_221 221 + sd_bus_message_get_monotonic_usec@LIBSYSTEMD_221 221 + sd_bus_message_get_path@LIBSYSTEMD_221 221 + sd_bus_message_get_priority@LIBSYSTEMD_221 221 + sd_bus_message_get_realtime_usec@LIBSYSTEMD_221 221 + sd_bus_message_get_reply_cookie@LIBSYSTEMD_221 221 + sd_bus_message_get_sender@LIBSYSTEMD_221 221 + sd_bus_message_get_seqnum@LIBSYSTEMD_221 221 + sd_bus_message_get_signature@LIBSYSTEMD_221 221 + sd_bus_message_get_type@LIBSYSTEMD_221 221 + sd_bus_message_has_signature@LIBSYSTEMD_221 221 + sd_bus_message_is_empty@LIBSYSTEMD_221 221 + sd_bus_message_is_method_call@LIBSYSTEMD_221 221 + sd_bus_message_is_method_error@LIBSYSTEMD_221 221 + sd_bus_message_is_signal@LIBSYSTEMD_221 221 + sd_bus_message_new@LIBSYSTEMD_236 236 + sd_bus_message_new_method_call@LIBSYSTEMD_221 221 + sd_bus_message_new_method_errno@LIBSYSTEMD_221 221 + sd_bus_message_new_method_errnof@LIBSYSTEMD_221 221 + sd_bus_message_new_method_error@LIBSYSTEMD_221 221 + sd_bus_message_new_method_errorf@LIBSYSTEMD_221 221 + sd_bus_message_new_method_return@LIBSYSTEMD_221 221 + sd_bus_message_new_signal@LIBSYSTEMD_221 221 + sd_bus_message_open_container@LIBSYSTEMD_221 221 + sd_bus_message_peek_type@LIBSYSTEMD_221 221 + sd_bus_message_read@LIBSYSTEMD_221 221 + sd_bus_message_read_array@LIBSYSTEMD_221 221 + sd_bus_message_read_basic@LIBSYSTEMD_221 221 + sd_bus_message_read_strv@LIBSYSTEMD_221 221 + sd_bus_message_ref@LIBSYSTEMD_221 221 + sd_bus_message_rewind@LIBSYSTEMD_221 221 + sd_bus_message_seal@LIBSYSTEMD_236 236 + sd_bus_message_set_allow_interactive_authorization@LIBSYSTEMD_221 221 + sd_bus_message_set_auto_start@LIBSYSTEMD_221 221 + sd_bus_message_set_destination@LIBSYSTEMD_221 221 + sd_bus_message_set_expect_reply@LIBSYSTEMD_221 221 + sd_bus_message_set_priority@LIBSYSTEMD_221 221 + sd_bus_message_set_sender@LIBSYSTEMD_237 237 + sd_bus_message_skip@LIBSYSTEMD_221 221 + sd_bus_message_unref@LIBSYSTEMD_221 221 + sd_bus_message_verify_type@LIBSYSTEMD_221 221 + sd_bus_negotiate_creds@LIBSYSTEMD_221 221 + sd_bus_negotiate_fds@LIBSYSTEMD_221 221 + sd_bus_negotiate_timestamp@LIBSYSTEMD_221 221 + sd_bus_new@LIBSYSTEMD_221 221 + sd_bus_open@LIBSYSTEMD_221 221 + sd_bus_open_system@LIBSYSTEMD_221 221 + sd_bus_open_system_machine@LIBSYSTEMD_221 221 + sd_bus_open_system_remote@LIBSYSTEMD_221 221 + sd_bus_open_system_with_description@LIBSYSTEMD_239 239 + sd_bus_open_user@LIBSYSTEMD_221 221 + sd_bus_open_user_with_description@LIBSYSTEMD_239 239 + sd_bus_open_with_description@LIBSYSTEMD_239 239 + sd_bus_path_decode@LIBSYSTEMD_221 221 + sd_bus_path_decode_many@LIBSYSTEMD_227 227 + sd_bus_path_encode@LIBSYSTEMD_221 221 + sd_bus_path_encode_many@LIBSYSTEMD_227 227 + sd_bus_process@LIBSYSTEMD_221 221 + sd_bus_process_priority@LIBSYSTEMD_221 221 + sd_bus_query_sender_creds@LIBSYSTEMD_221 221 + sd_bus_query_sender_privilege@LIBSYSTEMD_221 221 + sd_bus_ref@LIBSYSTEMD_221 221 + sd_bus_release_name@LIBSYSTEMD_221 221 + sd_bus_release_name_async@LIBSYSTEMD_237 237 + sd_bus_reply_method_errno@LIBSYSTEMD_221 221 + sd_bus_reply_method_errnof@LIBSYSTEMD_221 221 + sd_bus_reply_method_error@LIBSYSTEMD_221 221 + sd_bus_reply_method_errorf@LIBSYSTEMD_221 221 + sd_bus_reply_method_return@LIBSYSTEMD_221 221 + sd_bus_request_name@LIBSYSTEMD_221 221 + sd_bus_request_name_async@LIBSYSTEMD_237 237 + sd_bus_send@LIBSYSTEMD_221 221 + sd_bus_send_to@LIBSYSTEMD_221 221 + sd_bus_set_address@LIBSYSTEMD_221 221 + sd_bus_set_allow_interactive_authorization@LIBSYSTEMD_221 221 + sd_bus_set_anonymous@LIBSYSTEMD_221 221 + sd_bus_set_bus_client@LIBSYSTEMD_221 221 + sd_bus_set_connected_signal@LIBSYSTEMD_237 237 + sd_bus_set_description@LIBSYSTEMD_221 221 + sd_bus_set_exec@LIBSYSTEMD_221 221 + sd_bus_set_exit_on_disconnect@LIBSYSTEMD_232 232 + sd_bus_set_fd@LIBSYSTEMD_221 221 + sd_bus_set_monitor@LIBSYSTEMD_221 221 + sd_bus_set_property@LIBSYSTEMD_221 221 + sd_bus_set_sender@LIBSYSTEMD_237 237 + sd_bus_set_server@LIBSYSTEMD_221 221 + sd_bus_set_trusted@LIBSYSTEMD_221 221 + sd_bus_set_watch_bind@LIBSYSTEMD_237 237 + sd_bus_slot_get_bus@LIBSYSTEMD_221 221 + sd_bus_slot_get_current_handler@LIBSYSTEMD_221 221 + sd_bus_slot_get_current_message@LIBSYSTEMD_221 221 + sd_bus_slot_get_current_userdata@LIBSYSTEMD_221 221 + sd_bus_slot_get_description@LIBSYSTEMD_221 221 + sd_bus_slot_get_destroy_callback@LIBSYSTEMD_239 239 + sd_bus_slot_get_floating@LIBSYSTEMD_239 239 + sd_bus_slot_get_userdata@LIBSYSTEMD_221 221 + sd_bus_slot_ref@LIBSYSTEMD_221 221 + sd_bus_slot_set_description@LIBSYSTEMD_221 221 + sd_bus_slot_set_destroy_callback@LIBSYSTEMD_239 239 + sd_bus_slot_set_floating@LIBSYSTEMD_239 239 + sd_bus_slot_set_userdata@LIBSYSTEMD_221 221 + sd_bus_slot_unref@LIBSYSTEMD_221 221 + sd_bus_start@LIBSYSTEMD_221 221 + sd_bus_track_add_name@LIBSYSTEMD_221 221 + sd_bus_track_add_sender@LIBSYSTEMD_221 221 + sd_bus_track_contains@LIBSYSTEMD_221 221 + sd_bus_track_count@LIBSYSTEMD_221 221 + sd_bus_track_count_name@LIBSYSTEMD_232 232 + sd_bus_track_count_sender@LIBSYSTEMD_232 232 + sd_bus_track_first@LIBSYSTEMD_221 221 + sd_bus_track_get_bus@LIBSYSTEMD_221 221 + sd_bus_track_get_destroy_callback@LIBSYSTEMD_239 239 + sd_bus_track_get_recursive@LIBSYSTEMD_232 232 + sd_bus_track_get_userdata@LIBSYSTEMD_221 221 + sd_bus_track_new@LIBSYSTEMD_221 221 + sd_bus_track_next@LIBSYSTEMD_221 221 + sd_bus_track_ref@LIBSYSTEMD_221 221 + sd_bus_track_remove_name@LIBSYSTEMD_221 221 + sd_bus_track_remove_sender@LIBSYSTEMD_221 221 + sd_bus_track_set_destroy_callback@LIBSYSTEMD_239 239 + sd_bus_track_set_recursive@LIBSYSTEMD_232 232 + sd_bus_track_set_userdata@LIBSYSTEMD_221 221 + sd_bus_track_unref@LIBSYSTEMD_221 221 + sd_bus_try_close@LIBSYSTEMD_221 221 + sd_bus_unref@LIBSYSTEMD_221 221 + sd_bus_wait@LIBSYSTEMD_221 221 + sd_event_add_child@LIBSYSTEMD_221 221 + sd_event_add_defer@LIBSYSTEMD_221 221 + sd_event_add_exit@LIBSYSTEMD_221 221 + sd_event_add_inotify@LIBSYSTEMD_239 239 + sd_event_add_io@LIBSYSTEMD_221 221 + sd_event_add_post@LIBSYSTEMD_221 221 + sd_event_add_signal@LIBSYSTEMD_221 221 + sd_event_add_time@LIBSYSTEMD_221 221 + sd_event_default@LIBSYSTEMD_221 221 + sd_event_dispatch@LIBSYSTEMD_221 221 + sd_event_exit@LIBSYSTEMD_221 221 + sd_event_get_exit_code@LIBSYSTEMD_221 221 + sd_event_get_fd@LIBSYSTEMD_221 221 + sd_event_get_iteration@LIBSYSTEMD_231 231 + sd_event_get_state@LIBSYSTEMD_221 221 + sd_event_get_tid@LIBSYSTEMD_221 221 + sd_event_get_watchdog@LIBSYSTEMD_221 221 + sd_event_loop@LIBSYSTEMD_221 221 + sd_event_new@LIBSYSTEMD_221 221 + sd_event_now@LIBSYSTEMD_221 221 + sd_event_prepare@LIBSYSTEMD_221 221 + sd_event_ref@LIBSYSTEMD_221 221 + sd_event_run@LIBSYSTEMD_221 221 + sd_event_set_watchdog@LIBSYSTEMD_221 221 + sd_event_source_get_child_pid@LIBSYSTEMD_221 221 + sd_event_source_get_description@LIBSYSTEMD_221 221 + sd_event_source_get_destroy_callback@LIBSYSTEMD_239 239 + sd_event_source_get_enabled@LIBSYSTEMD_221 221 + sd_event_source_get_event@LIBSYSTEMD_221 221 + sd_event_source_get_inotify_mask@LIBSYSTEMD_239 239 + sd_event_source_get_io_events@LIBSYSTEMD_221 221 + sd_event_source_get_io_fd@LIBSYSTEMD_221 221 + sd_event_source_get_io_fd_own@LIBSYSTEMD_237 237 + sd_event_source_get_io_revents@LIBSYSTEMD_221 221 + sd_event_source_get_pending@LIBSYSTEMD_221 221 + sd_event_source_get_priority@LIBSYSTEMD_221 221 + sd_event_source_get_signal@LIBSYSTEMD_221 221 + sd_event_source_get_time@LIBSYSTEMD_221 221 + sd_event_source_get_time_accuracy@LIBSYSTEMD_221 221 + sd_event_source_get_time_clock@LIBSYSTEMD_221 221 + sd_event_source_get_userdata@LIBSYSTEMD_221 221 + sd_event_source_ref@LIBSYSTEMD_221 221 + sd_event_source_set_description@LIBSYSTEMD_221 221 + sd_event_source_set_destroy_callback@LIBSYSTEMD_239 239 + sd_event_source_set_enabled@LIBSYSTEMD_221 221 + sd_event_source_set_io_events@LIBSYSTEMD_221 221 + sd_event_source_set_io_fd@LIBSYSTEMD_221 221 + sd_event_source_set_io_fd_own@LIBSYSTEMD_237 237 + sd_event_source_set_prepare@LIBSYSTEMD_221 221 + sd_event_source_set_priority@LIBSYSTEMD_221 221 + sd_event_source_set_time@LIBSYSTEMD_221 221 + sd_event_source_set_time_accuracy@LIBSYSTEMD_221 221 + sd_event_source_set_userdata@LIBSYSTEMD_221 221 + sd_event_source_unref@LIBSYSTEMD_221 221 + sd_event_unref@LIBSYSTEMD_221 221 + sd_event_wait@LIBSYSTEMD_221 221 + sd_get_machine_names@LIBSYSTEMD_209 0 + sd_get_seats@LIBSYSTEMD_209 0 + sd_get_sessions@LIBSYSTEMD_209 0 + sd_get_uids@LIBSYSTEMD_209 0 + sd_id128_from_string@LIBSYSTEMD_209 0 + sd_id128_get_boot@LIBSYSTEMD_209 0 + sd_id128_get_invocation@LIBSYSTEMD_232 232 + sd_id128_get_machine@LIBSYSTEMD_209 0 + sd_id128_get_machine_app_specific@LIBSYSTEMD_233 233 + sd_id128_randomize@LIBSYSTEMD_209 0 + sd_id128_to_string@LIBSYSTEMD_209 0 + sd_is_fifo@LIBSYSTEMD_209 0 + sd_is_mq@LIBSYSTEMD_209 0 + sd_is_socket@LIBSYSTEMD_209 0 + sd_is_socket_inet@LIBSYSTEMD_209 0 + sd_is_socket_sockaddr@LIBSYSTEMD_233 233 + sd_is_socket_unix@LIBSYSTEMD_209 0 + sd_is_special@LIBSYSTEMD_209 0 + sd_journal_add_conjunction@LIBSYSTEMD_209 0 + sd_journal_add_disjunction@LIBSYSTEMD_209 0 + sd_journal_add_match@LIBSYSTEMD_209 0 + sd_journal_close@LIBSYSTEMD_209 0 + sd_journal_enumerate_data@LIBSYSTEMD_209 0 + sd_journal_enumerate_fields@LIBSYSTEMD_229 229 + sd_journal_enumerate_unique@LIBSYSTEMD_209 0 + sd_journal_flush_matches@LIBSYSTEMD_209 0 + sd_journal_get_catalog@LIBSYSTEMD_209 0 + sd_journal_get_catalog_for_message_id@LIBSYSTEMD_209 0 + sd_journal_get_cursor@LIBSYSTEMD_209 0 + sd_journal_get_cutoff_monotonic_usec@LIBSYSTEMD_209 0 + sd_journal_get_cutoff_realtime_usec@LIBSYSTEMD_209 0 + sd_journal_get_data@LIBSYSTEMD_209 0 + sd_journal_get_data_threshold@LIBSYSTEMD_209 0 + sd_journal_get_events@LIBSYSTEMD_209 0 + sd_journal_get_fd@LIBSYSTEMD_209 0 + sd_journal_get_monotonic_usec@LIBSYSTEMD_209 0 + sd_journal_get_realtime_usec@LIBSYSTEMD_209 0 + sd_journal_get_timeout@LIBSYSTEMD_209 0 + sd_journal_get_usage@LIBSYSTEMD_209 0 + sd_journal_has_persistent_files@LIBSYSTEMD_229 229 + sd_journal_has_runtime_files@LIBSYSTEMD_229 229 + sd_journal_next@LIBSYSTEMD_209 0 + sd_journal_next_skip@LIBSYSTEMD_209 0 + sd_journal_open@LIBSYSTEMD_209 0 + sd_journal_open_container@LIBSYSTEMD_209 0 + sd_journal_open_directory@LIBSYSTEMD_209 0 + sd_journal_open_directory_fd@LIBSYSTEMD_230 230 + sd_journal_open_files@LIBSYSTEMD_209 0 + sd_journal_open_files_fd@LIBSYSTEMD_230 230 + sd_journal_perror@LIBSYSTEMD_209 0 + sd_journal_perror_with_location@LIBSYSTEMD_209 0 + sd_journal_previous@LIBSYSTEMD_209 0 + sd_journal_previous_skip@LIBSYSTEMD_209 0 + sd_journal_print@LIBSYSTEMD_209 0 + sd_journal_print_with_location@LIBSYSTEMD_209 0 + sd_journal_printv@LIBSYSTEMD_209 0 + sd_journal_printv_with_location@LIBSYSTEMD_209 0 + sd_journal_process@LIBSYSTEMD_209 0 + sd_journal_query_unique@LIBSYSTEMD_209 0 + sd_journal_reliable_fd@LIBSYSTEMD_209 0 + sd_journal_restart_data@LIBSYSTEMD_209 0 + sd_journal_restart_fields@LIBSYSTEMD_229 229 + sd_journal_restart_unique@LIBSYSTEMD_209 0 + sd_journal_seek_cursor@LIBSYSTEMD_209 0 + sd_journal_seek_head@LIBSYSTEMD_209 0 + sd_journal_seek_monotonic_usec@LIBSYSTEMD_209 0 + sd_journal_seek_realtime_usec@LIBSYSTEMD_209 0 + sd_journal_seek_tail@LIBSYSTEMD_209 0 + sd_journal_send@LIBSYSTEMD_209 0 + sd_journal_send_with_location@LIBSYSTEMD_209 0 + sd_journal_sendv@LIBSYSTEMD_209 0 + sd_journal_sendv_with_location@LIBSYSTEMD_209 0 + sd_journal_set_data_threshold@LIBSYSTEMD_209 0 + sd_journal_stream_fd@LIBSYSTEMD_209 0 + sd_journal_test_cursor@LIBSYSTEMD_209 0 + sd_journal_wait@LIBSYSTEMD_209 0 + sd_listen_fds@LIBSYSTEMD_209 0 + sd_listen_fds_with_names@LIBSYSTEMD_227 227 + sd_login_monitor_flush@LIBSYSTEMD_209 0 + sd_login_monitor_get_events@LIBSYSTEMD_209 0 + sd_login_monitor_get_fd@LIBSYSTEMD_209 0 + sd_login_monitor_get_timeout@LIBSYSTEMD_209 0 + sd_login_monitor_new@LIBSYSTEMD_209 0 + sd_login_monitor_unref@LIBSYSTEMD_209 0 + sd_machine_get_class@LIBSYSTEMD_211 211 + sd_machine_get_ifindices@LIBSYSTEMD_216 217 + sd_notify@LIBSYSTEMD_209 0 + sd_notifyf@LIBSYSTEMD_209 0 + sd_peer_get_cgroup@LIBSYSTEMD_226 226 + sd_peer_get_machine_name@LIBSYSTEMD_211 211 + sd_peer_get_owner_uid@LIBSYSTEMD_211 211 + sd_peer_get_session@LIBSYSTEMD_211 211 + sd_peer_get_slice@LIBSYSTEMD_211 211 + sd_peer_get_unit@LIBSYSTEMD_211 211 + sd_peer_get_user_slice@LIBSYSTEMD_220 220 + sd_peer_get_user_unit@LIBSYSTEMD_211 211 + sd_pid_get_cgroup@LIBSYSTEMD_226 226 + sd_pid_get_machine_name@LIBSYSTEMD_209 0 + sd_pid_get_owner_uid@LIBSYSTEMD_209 0 + sd_pid_get_session@LIBSYSTEMD_209 0 + sd_pid_get_slice@LIBSYSTEMD_209 0 + sd_pid_get_unit@LIBSYSTEMD_209 0 + sd_pid_get_user_slice@LIBSYSTEMD_220 220 + sd_pid_get_user_unit@LIBSYSTEMD_209 0 + sd_pid_notify@LIBSYSTEMD_214 214 + sd_pid_notify_with_fds@LIBSYSTEMD_219 219 + sd_pid_notifyf@LIBSYSTEMD_214 214 + sd_seat_can_graphical@LIBSYSTEMD_209 0 + sd_seat_can_multi_session@LIBSYSTEMD_209 0 + sd_seat_can_tty@LIBSYSTEMD_209 0 + sd_seat_get_active@LIBSYSTEMD_209 0 + sd_seat_get_sessions@LIBSYSTEMD_209 0 + sd_session_get_class@LIBSYSTEMD_209 0 + sd_session_get_desktop@LIBSYSTEMD_217 217 + sd_session_get_display@LIBSYSTEMD_209 0 + sd_session_get_remote_host@LIBSYSTEMD_209 0 + sd_session_get_remote_user@LIBSYSTEMD_209 0 + sd_session_get_seat@LIBSYSTEMD_209 0 + sd_session_get_service@LIBSYSTEMD_209 0 + sd_session_get_state@LIBSYSTEMD_209 0 + sd_session_get_tty@LIBSYSTEMD_209 0 + sd_session_get_type@LIBSYSTEMD_209 0 + sd_session_get_uid@LIBSYSTEMD_209 0 + sd_session_get_vt@LIBSYSTEMD_209 0 + sd_session_is_active@LIBSYSTEMD_209 0 + sd_session_is_remote@LIBSYSTEMD_209 0 + sd_uid_get_display@LIBSYSTEMD_213 213 + sd_uid_get_seats@LIBSYSTEMD_209 0 + sd_uid_get_sessions@LIBSYSTEMD_209 0 + sd_uid_get_state@LIBSYSTEMD_209 0 + sd_uid_is_on_seat@LIBSYSTEMD_209 0 + sd_watchdog_enabled@LIBSYSTEMD_209 0 diff --git a/libudev-dev.install b/libudev-dev.install new file mode 100644 index 00000000..4ce781e6 --- /dev/null +++ b/libudev-dev.install @@ -0,0 +1,5 @@ +lib/*/libudev.so +usr/include/libudev.h +usr/lib/*/pkgconfig/libudev.pc +usr/share/man/man3/udev* +usr/share/man/man3/libudev* diff --git a/libudev-dev.maintscript b/libudev-dev.maintscript new file mode 100644 index 00000000..b2a4042c --- /dev/null +++ b/libudev-dev.maintscript @@ -0,0 +1 @@ +symlink_to_dir /usr/share/doc/libudev-dev libudev1 221-2~ diff --git a/libudev1-udeb.install b/libudev1-udeb.install new file mode 100644 index 00000000..cead438b --- /dev/null +++ b/libudev1-udeb.install @@ -0,0 +1 @@ +lib/*/libudev.so.* diff --git a/libudev1.install b/libudev1.install new file mode 100644 index 00000000..cead438b --- /dev/null +++ b/libudev1.install @@ -0,0 +1 @@ +lib/*/libudev.so.* diff --git a/libudev1.symbols b/libudev1.symbols new file mode 100644 index 00000000..b1978935 --- /dev/null +++ b/libudev1.symbols @@ -0,0 +1,97 @@ +libudev.so.1 libudev1 #MINVER# +* Build-Depends-Package: libudev-dev + LIBUDEV_183@LIBUDEV_183 183 + LIBUDEV_189@LIBUDEV_189 189 + LIBUDEV_196@LIBUDEV_196 196 + LIBUDEV_199@LIBUDEV_199 199 + LIBUDEV_215@LIBUDEV_215 215 + udev_device_get_action@LIBUDEV_183 183 + udev_device_get_devlinks_list_entry@LIBUDEV_183 183 + udev_device_get_devnode@LIBUDEV_183 183 + udev_device_get_devnum@LIBUDEV_183 183 + udev_device_get_devpath@LIBUDEV_183 183 + udev_device_get_devtype@LIBUDEV_183 183 + udev_device_get_driver@LIBUDEV_183 183 + udev_device_get_is_initialized@LIBUDEV_183 183 + udev_device_get_parent@LIBUDEV_183 183 + udev_device_get_parent_with_subsystem_devtype@LIBUDEV_183 183 + udev_device_get_properties_list_entry@LIBUDEV_183 183 + udev_device_get_property_value@LIBUDEV_183 183 + udev_device_get_seqnum@LIBUDEV_183 183 + udev_device_get_subsystem@LIBUDEV_183 183 + udev_device_get_sysattr_list_entry@LIBUDEV_183 183 + udev_device_get_sysattr_value@LIBUDEV_183 183 + udev_device_get_sysname@LIBUDEV_183 183 + udev_device_get_sysnum@LIBUDEV_183 183 + udev_device_get_syspath@LIBUDEV_183 183 + udev_device_get_tags_list_entry@LIBUDEV_183 183 + udev_device_get_udev@LIBUDEV_183 183 + udev_device_get_usec_since_initialized@LIBUDEV_183 183 + udev_device_has_tag@LIBUDEV_183 183 + udev_device_new_from_device_id@LIBUDEV_189 189 + udev_device_new_from_devnum@LIBUDEV_183 183 + udev_device_new_from_environment@LIBUDEV_183 183 + udev_device_new_from_subsystem_sysname@LIBUDEV_183 183 + udev_device_new_from_syspath@LIBUDEV_183 183 + udev_device_ref@LIBUDEV_183 183 + udev_device_set_sysattr_value@LIBUDEV_199 199 + udev_device_unref@LIBUDEV_183 183 + udev_enumerate_add_match_is_initialized@LIBUDEV_183 183 + udev_enumerate_add_match_parent@LIBUDEV_183 183 + udev_enumerate_add_match_property@LIBUDEV_183 183 + udev_enumerate_add_match_subsystem@LIBUDEV_183 183 + udev_enumerate_add_match_sysattr@LIBUDEV_183 183 + udev_enumerate_add_match_sysname@LIBUDEV_183 183 + udev_enumerate_add_match_tag@LIBUDEV_183 183 + udev_enumerate_add_nomatch_subsystem@LIBUDEV_183 183 + udev_enumerate_add_nomatch_sysattr@LIBUDEV_183 183 + udev_enumerate_add_syspath@LIBUDEV_183 183 + udev_enumerate_get_list_entry@LIBUDEV_183 183 + udev_enumerate_get_udev@LIBUDEV_183 183 + udev_enumerate_new@LIBUDEV_183 183 + udev_enumerate_ref@LIBUDEV_183 183 + udev_enumerate_scan_devices@LIBUDEV_183 183 + udev_enumerate_scan_subsystems@LIBUDEV_183 183 + udev_enumerate_unref@LIBUDEV_183 183 + udev_get_log_priority@LIBUDEV_183 183 + udev_get_userdata@LIBUDEV_183 183 + udev_hwdb_get_properties_list_entry@LIBUDEV_196 196 + udev_hwdb_new@LIBUDEV_196 196 + udev_hwdb_ref@LIBUDEV_196 196 + udev_hwdb_unref@LIBUDEV_196 196 + udev_list_entry_get_by_name@LIBUDEV_183 183 + udev_list_entry_get_name@LIBUDEV_183 183 + udev_list_entry_get_next@LIBUDEV_183 183 + udev_list_entry_get_value@LIBUDEV_183 183 + udev_monitor_enable_receiving@LIBUDEV_183 183 + udev_monitor_filter_add_match_subsystem_devtype@LIBUDEV_183 183 + udev_monitor_filter_add_match_tag@LIBUDEV_183 183 + udev_monitor_filter_remove@LIBUDEV_183 183 + udev_monitor_filter_update@LIBUDEV_183 183 + udev_monitor_get_fd@LIBUDEV_183 183 + udev_monitor_get_udev@LIBUDEV_183 183 + udev_monitor_new_from_netlink@LIBUDEV_183 183 + udev_monitor_receive_device@LIBUDEV_183 183 + udev_monitor_ref@LIBUDEV_183 183 + udev_monitor_set_receive_buffer_size@LIBUDEV_183 183 + udev_monitor_unref@LIBUDEV_183 183 + udev_new@LIBUDEV_183 183 + udev_queue_flush@LIBUDEV_215 215 + udev_queue_get_fd@LIBUDEV_215 215 + udev_queue_get_kernel_seqnum@LIBUDEV_183 183 + udev_queue_get_queue_is_empty@LIBUDEV_183 183 + udev_queue_get_queued_list_entry@LIBUDEV_183 183 + udev_queue_get_seqnum_is_finished@LIBUDEV_183 183 + udev_queue_get_seqnum_sequence_is_finished@LIBUDEV_183 183 + udev_queue_get_udev@LIBUDEV_183 183 + udev_queue_get_udev_is_active@LIBUDEV_183 183 + udev_queue_get_udev_seqnum@LIBUDEV_183 183 + udev_queue_new@LIBUDEV_183 183 + udev_queue_ref@LIBUDEV_183 183 + udev_queue_unref@LIBUDEV_183 183 + udev_ref@LIBUDEV_183 183 + udev_set_log_fn@LIBUDEV_183 183 + udev_set_log_priority@LIBUDEV_183 183 + udev_set_userdata@LIBUDEV_183 183 + udev_unref@LIBUDEV_183 183 + udev_util_encode_string@LIBUDEV_183 183 diff --git a/patches/Do-not-apply-uaccess-tag-for-dev-kvm-if-mode-is-0666.patch b/patches/Do-not-apply-uaccess-tag-for-dev-kvm-if-mode-is-0666.patch new file mode 100644 index 00000000..ea231272 --- /dev/null +++ b/patches/Do-not-apply-uaccess-tag-for-dev-kvm-if-mode-is-0666.patch @@ -0,0 +1,239 @@ +From: Michael Biebl +Date: Fri, 13 Jul 2018 23:36:13 +0200 +Subject: Do not apply uaccess tag for /dev/kvm if mode is 0666 + +(cherry picked from commit ace5e3111c0b8d8bfd84b32f2c689b0a4d92c061) +--- + meson.build | 4 ++- + src/login/70-uaccess.rules | 83 ------------------------------------------ + src/login/70-uaccess.rules.m4 | 84 +++++++++++++++++++++++++++++++++++++++++++ + src/login/meson.build | 13 ++++--- + 4 files changed, 96 insertions(+), 88 deletions(-) + delete mode 100644 src/login/70-uaccess.rules + create mode 100644 src/login/70-uaccess.rules.m4 + +diff --git a/meson.build b/meson.build +index 04331dd..dd21f50 100644 +--- a/meson.build ++++ b/meson.build +@@ -741,7 +741,9 @@ substs.set('USERS_GID', users_gid) + conf.set10('ENABLE_ADM_GROUP', get_option('adm-group')) + conf.set10('ENABLE_WHEEL_GROUP', get_option('wheel-group')) + +-substs.set('DEV_KVM_MODE', get_option('dev-kvm-mode')) ++dev_kvm_mode = get_option('dev-kvm-mode') ++substs.set('DEV_KVM_MODE', dev_kvm_mode) ++conf.set10('DEV_KVM_UACCESS', dev_kvm_mode != '0666') + substs.set('GROUP_RENDER_MODE', get_option('group-render-mode')) + + kill_user_processes = get_option('default-kill-user-processes') +diff --git a/src/login/70-uaccess.rules b/src/login/70-uaccess.rules +deleted file mode 100644 +index 6feb957..0000000 +--- a/src/login/70-uaccess.rules ++++ /dev/null +@@ -1,83 +0,0 @@ +-# SPDX-License-Identifier: LGPL-2.1+ +-# +-# This file is part of systemd. +-# +-# systemd is free software; you can redistribute it and/or modify it +-# under the terms of the GNU Lesser General Public License as published by +-# the Free Software Foundation; either version 2.1 of the License, or +-# (at your option) any later version. +- +-ACTION=="remove", GOTO="uaccess_end" +-ENV{MAJOR}=="", GOTO="uaccess_end" +- +-# PTP/MTP protocol devices, cameras, portable media players +-SUBSYSTEM=="usb", ENV{ID_USB_INTERFACES}=="*:060101:*", TAG+="uaccess" +- +-# Digicams with proprietary protocol +-ENV{ID_GPHOTO2}=="?*", TAG+="uaccess" +- +-# SCSI and USB scanners +-ENV{libsane_matched}=="yes", TAG+="uaccess" +- +-# HPLIP devices (necessary for ink level check and HP tool maintenance) +-ENV{ID_HPLIP}=="1", TAG+="uaccess" +- +-# optical drives +-SUBSYSTEM=="block", ENV{ID_CDROM}=="1", TAG+="uaccess" +-SUBSYSTEM=="scsi_generic", SUBSYSTEMS=="scsi", ATTRS{type}=="4|5", TAG+="uaccess" +- +-# Sound devices +-SUBSYSTEM=="sound", TAG+="uaccess", \ +- OPTIONS+="static_node=snd/timer", OPTIONS+="static_node=snd/seq" +- +-# ffado is an userspace driver for firewire sound cards +-SUBSYSTEM=="firewire", ENV{ID_FFADO}=="1", TAG+="uaccess" +- +-# Webcams, frame grabber, TV cards +-SUBSYSTEM=="video4linux", TAG+="uaccess" +-SUBSYSTEM=="dvb", TAG+="uaccess" +- +-# IIDC devices: industrial cameras and some webcams +-SUBSYSTEM=="firewire", ATTR{units}=="*0x00a02d:0x00010*", TAG+="uaccess" +-SUBSYSTEM=="firewire", ATTR{units}=="*0x00b09d:0x00010*", TAG+="uaccess" +-# AV/C devices: camcorders, set-top boxes, TV sets, audio devices, and more +-SUBSYSTEM=="firewire", ATTR{units}=="*0x00a02d:0x010001*", TAG+="uaccess" +-SUBSYSTEM=="firewire", ATTR{units}=="*0x00a02d:0x014001*", TAG+="uaccess" +- +-# DRI video devices +-SUBSYSTEM=="drm", KERNEL=="card*", TAG+="uaccess" +- +-# KVM +-SUBSYSTEM=="misc", KERNEL=="kvm", TAG+="uaccess" +- +-# smart-card readers +-ENV{ID_SMARTCARD_READER}=="?*", TAG+="uaccess" +- +-# (USB) authentication devices +-ENV{ID_SECURITY_TOKEN}=="?*", TAG+="uaccess" +- +-# PDA devices +-ENV{ID_PDA}=="?*", TAG+="uaccess" +- +-# Programmable remote control +-ENV{ID_REMOTE_CONTROL}=="1", TAG+="uaccess" +- +-# joysticks +-SUBSYSTEM=="input", ENV{ID_INPUT_JOYSTICK}=="?*", TAG+="uaccess" +- +-# color measurement devices +-ENV{COLOR_MEASUREMENT_DEVICE}=="?*", TAG+="uaccess" +- +-# DDC/CI device, usually high-end monitors such as the DreamColor +-ENV{DDC_DEVICE}=="?*", TAG+="uaccess" +- +-# media player raw devices (for user-mode drivers, Android SDK, etc.) +-SUBSYSTEM=="usb", ENV{ID_MEDIA_PLAYER}=="?*", TAG+="uaccess" +- +-# software-defined radio communication devices +-ENV{ID_SOFTWARE_RADIO}=="?*", TAG+="uaccess" +- +-# 3D printers, CNC machines, laser cutters, 3D scanners, etc. +-ENV{ID_MAKER_TOOL}=="?*", TAG+="uaccess" +- +-LABEL="uaccess_end" +diff --git a/src/login/70-uaccess.rules.m4 b/src/login/70-uaccess.rules.m4 +new file mode 100644 +index 0000000..d55e5bf +--- /dev/null ++++ b/src/login/70-uaccess.rules.m4 +@@ -0,0 +1,84 @@ ++# SPDX-License-Identifier: LGPL-2.1+ ++# ++# This file is part of systemd. ++# ++# systemd is free software; you can redistribute it and/or modify it ++# under the terms of the GNU Lesser General Public License as published by ++# the Free Software Foundation; either version 2.1 of the License, or ++# (at your option) any later version. ++ ++ACTION=="remove", GOTO="uaccess_end" ++ENV{MAJOR}=="", GOTO="uaccess_end" ++ ++# PTP/MTP protocol devices, cameras, portable media players ++SUBSYSTEM=="usb", ENV{ID_USB_INTERFACES}=="*:060101:*", TAG+="uaccess" ++ ++# Digicams with proprietary protocol ++ENV{ID_GPHOTO2}=="?*", TAG+="uaccess" ++ ++# SCSI and USB scanners ++ENV{libsane_matched}=="yes", TAG+="uaccess" ++ ++# HPLIP devices (necessary for ink level check and HP tool maintenance) ++ENV{ID_HPLIP}=="1", TAG+="uaccess" ++ ++# optical drives ++SUBSYSTEM=="block", ENV{ID_CDROM}=="1", TAG+="uaccess" ++SUBSYSTEM=="scsi_generic", SUBSYSTEMS=="scsi", ATTRS{type}=="4|5", TAG+="uaccess" ++ ++# Sound devices ++SUBSYSTEM=="sound", TAG+="uaccess", \ ++ OPTIONS+="static_node=snd/timer", OPTIONS+="static_node=snd/seq" ++ ++# ffado is an userspace driver for firewire sound cards ++SUBSYSTEM=="firewire", ENV{ID_FFADO}=="1", TAG+="uaccess" ++ ++# Webcams, frame grabber, TV cards ++SUBSYSTEM=="video4linux", TAG+="uaccess" ++SUBSYSTEM=="dvb", TAG+="uaccess" ++ ++# IIDC devices: industrial cameras and some webcams ++SUBSYSTEM=="firewire", ATTR{units}=="*0x00a02d:0x00010*", TAG+="uaccess" ++SUBSYSTEM=="firewire", ATTR{units}=="*0x00b09d:0x00010*", TAG+="uaccess" ++# AV/C devices: camcorders, set-top boxes, TV sets, audio devices, and more ++SUBSYSTEM=="firewire", ATTR{units}=="*0x00a02d:0x010001*", TAG+="uaccess" ++SUBSYSTEM=="firewire", ATTR{units}=="*0x00a02d:0x014001*", TAG+="uaccess" ++ ++# DRI video devices ++SUBSYSTEM=="drm", KERNEL=="card*", TAG+="uaccess" ++m4_ifdef(`DEV_KVM_UACCESS',`` ++# KVM ++SUBSYSTEM=="misc", KERNEL=="kvm", TAG+="uaccess"'' ++)m4_dnl ++ ++# smart-card readers ++ENV{ID_SMARTCARD_READER}=="?*", TAG+="uaccess" ++ ++# (USB) authentication devices ++ENV{ID_SECURITY_TOKEN}=="?*", TAG+="uaccess" ++ ++# PDA devices ++ENV{ID_PDA}=="?*", TAG+="uaccess" ++ ++# Programmable remote control ++ENV{ID_REMOTE_CONTROL}=="1", TAG+="uaccess" ++ ++# joysticks ++SUBSYSTEM=="input", ENV{ID_INPUT_JOYSTICK}=="?*", TAG+="uaccess" ++ ++# color measurement devices ++ENV{COLOR_MEASUREMENT_DEVICE}=="?*", TAG+="uaccess" ++ ++# DDC/CI device, usually high-end monitors such as the DreamColor ++ENV{DDC_DEVICE}=="?*", TAG+="uaccess" ++ ++# media player raw devices (for user-mode drivers, Android SDK, etc.) ++SUBSYSTEM=="usb", ENV{ID_MEDIA_PLAYER}=="?*", TAG+="uaccess" ++ ++# software-defined radio communication devices ++ENV{ID_SOFTWARE_RADIO}=="?*", TAG+="uaccess" ++ ++# 3D printers, CNC machines, laser cutters, 3D scanners, etc. ++ENV{ID_MAKER_TOOL}=="?*", TAG+="uaccess" ++ ++LABEL="uaccess_end" +diff --git a/src/login/meson.build b/src/login/meson.build +index 4326a45..0e1ed18 100644 +--- a/src/login/meson.build ++++ b/src/login/meson.build +@@ -81,10 +81,6 @@ if conf.get('ENABLE_LOGIND') == 1 + + install_data('70-power-switch.rules', install_dir : udevrulesdir) + +- if conf.get('HAVE_ACL') == 1 +- install_data('70-uaccess.rules', install_dir : udevrulesdir) +- endif +- + seat_rules = configure_file( + input : '71-seat.rules.in', + output : '71-seat.rules', +@@ -92,6 +88,15 @@ if conf.get('ENABLE_LOGIND') == 1 + install_data(seat_rules, + install_dir : udevrulesdir) + ++ custom_target( ++ '70-uaccess.rules', ++ input : '70-uaccess.rules.m4', ++ output: '70-uaccess.rules', ++ command : [meson_apply_m4, config_h, '@INPUT@'], ++ capture : true, ++ install : conf.get('HAVE_ACL') == 1, ++ install_dir : udevrulesdir) ++ + custom_target( + '73-seat-late.rules', + input : '73-seat-late.rules.m4', diff --git a/patches/Re-add-uaccess-tag-for-dev-kvm.patch b/patches/Re-add-uaccess-tag-for-dev-kvm.patch new file mode 100644 index 00000000..be7116e2 --- /dev/null +++ b/patches/Re-add-uaccess-tag-for-dev-kvm.patch @@ -0,0 +1,30 @@ +From: Michael Biebl +Date: Tue, 10 Jul 2018 14:47:58 +0200 +Subject: Re-add uaccess tag for /dev/kvm + +If --dev-kvm-mode is set to something different then 0666, which we +explicitly support, it makes sense to still apply the uaccess tag to +/dev/kvm. For distros which opt to use the default 0666, this change is +a nop. + +This partially reverts commit b8fd3d82205f632ce001fade74fed287e1564a1a. + +(cherry picked from commit fa53e24130af3a389573acb9585eadbf7192955f) +--- + src/login/70-uaccess.rules | 3 +++ + 1 file changed, 3 insertions(+) + +diff --git a/src/login/70-uaccess.rules b/src/login/70-uaccess.rules +index 3515d29..6feb957 100644 +--- a/src/login/70-uaccess.rules ++++ b/src/login/70-uaccess.rules +@@ -47,6 +47,9 @@ SUBSYSTEM=="firewire", ATTR{units}=="*0x00a02d:0x014001*", TAG+="uaccess" + # DRI video devices + SUBSYSTEM=="drm", KERNEL=="card*", TAG+="uaccess" + ++# KVM ++SUBSYSTEM=="misc", KERNEL=="kvm", TAG+="uaccess" ++ + # smart-card readers + ENV{ID_SMARTCARD_READER}=="?*", TAG+="uaccess" + diff --git a/patches/basic-add-missing-comma-in-raw_clone-assembly-for-sparc.patch b/patches/basic-add-missing-comma-in-raw_clone-assembly-for-sparc.patch new file mode 100644 index 00000000..3c984d96 --- /dev/null +++ b/patches/basic-add-missing-comma-in-raw_clone-assembly-for-sparc.patch @@ -0,0 +1,24 @@ +From: Mike Gilbert +Date: Wed, 27 Jun 2018 10:36:50 -0400 +Subject: basic: add missing comma in raw_clone assembly for sparc + +Fixes: 96f64eb5741b157f26a9089816fdd992e959792e +Closes: https://github.com/systemd/systemd/issues/9444 +(cherry picked from commit 358248caa3eca525751694de7c34b16bb46d5a9c) +--- + src/basic/raw-clone.h | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/src/basic/raw-clone.h b/src/basic/raw-clone.h +index 1f134ba..b8857b0 100644 +--- a/src/basic/raw-clone.h ++++ b/src/basic/raw-clone.h +@@ -60,7 +60,7 @@ static inline pid_t raw_clone(unsigned long flags) { + "mov %%o0, %1" : + "=r"(in_child), "=r"(child_pid), "=r"(error) : + "i"(__NR_clone), "r"(flags) : +- "%o1", "%o0", "%g1" "cc" ); ++ "%o1", "%o0", "%g1", "cc" ); + + if (error) { + errno = child_pid; diff --git a/patches/bus-util-make-log-level-lower-in-request_name_destroy_cal.patch b/patches/bus-util-make-log-level-lower-in-request_name_destroy_cal.patch new file mode 100644 index 00000000..de56f09d --- /dev/null +++ b/patches/bus-util-make-log-level-lower-in-request_name_destroy_cal.patch @@ -0,0 +1,24 @@ +From: Yu Watanabe +Date: Wed, 27 Jun 2018 21:20:55 +0900 +Subject: bus-util: make log level lower in request_name_destroy_callback() + +Fixes #9442. + +(cherry picked from commit 04e075b572b168a183cde29480dbb30d027d4fe7) +--- + src/shared/bus-util.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/src/shared/bus-util.c b/src/shared/bus-util.c +index a4f2deb..6211bc7 100644 +--- a/src/shared/bus-util.c ++++ b/src/shared/bus-util.c +@@ -1738,7 +1738,7 @@ static void request_name_destroy_callback(void *userdata) { + assert(data); + assert(data->n_ref > 0); + +- log_info("%s n_ref=%u", __func__, data->n_ref); ++ log_debug("%s n_ref=%u", __func__, data->n_ref); + + data->n_ref--; + if (data->n_ref == 0) diff --git a/patches/core-fix-gid-when-DynamicUser-yes-with-static-User.patch b/patches/core-fix-gid-when-DynamicUser-yes-with-static-User.patch new file mode 100644 index 00000000..57dcacfb --- /dev/null +++ b/patches/core-fix-gid-when-DynamicUser-yes-with-static-User.patch @@ -0,0 +1,38 @@ +From: Yu Watanabe +Date: Thu, 26 Jul 2018 11:42:54 +0900 +Subject: core: fix gid when DynamicUser=yes with static User= + +When DynamicUser=yes and static User= are set, and the user has +different uid and gid, then as the storage socket for the dynamic +user does not contains gid, we need to obtain gid. + +Follow-up for 9ec655cbbd7505ef465e0444da0622e46099ce42. + +Fixes #9702. + +(cherry picked from commit 25a1df7c652d180eb716412885c3ce3fcc1bbded) +--- + src/core/dynamic-user.c | 10 ++++++++++ + 1 file changed, 10 insertions(+) + +diff --git a/src/core/dynamic-user.c b/src/core/dynamic-user.c +index 7c5111d..f380db5 100644 +--- a/src/core/dynamic-user.c ++++ b/src/core/dynamic-user.c +@@ -525,6 +525,16 @@ static int dynamic_user_realize( + num = new_uid; + uid_lock_fd = new_uid_lock_fd; + } ++ } else if (is_user && !uid_is_dynamic(num)) { ++ struct passwd *p; ++ ++ /* Statically allocated user may have different uid and gid. So, let's obtain the gid. */ ++ errno = 0; ++ p = getpwuid(num); ++ if (!p) ++ return errno > 0 ? -errno : -ESRCH; ++ ++ gid = p->pw_gid; + } + + /* If the UID/GID was already allocated dynamically, push the data we popped out back in. If it was already diff --git a/patches/debian/Add-env-variable-for-machine-ID-path.patch b/patches/debian/Add-env-variable-for-machine-ID-path.patch new file mode 100644 index 00000000..cf7aabfc --- /dev/null +++ b/patches/debian/Add-env-variable-for-machine-ID-path.patch @@ -0,0 +1,77 @@ +From: Martin Pitt +Date: Wed, 18 Jan 2017 11:21:35 +0100 +Subject: Add env variable for machine ID path + +During package build, in minimal chroots, or other systems which do not already +have an /etc/machine-id we get six test failures. Introduce a +$SYSTEMD_MACHINE_ID_PATH environment variable which can specify a location +other than /etc/machine-id, so that the unit tests are independent from the +environment. + +Also adjust test-fs-util to not assume that /etc/machine-id exists. Use +/etc/issue instead which is from base-files. + +Closes: #851445 + +Bug: https://bugs.freedesktop.org/show_bug.cgi?id=62344 +--- + src/libsystemd/sd-id128/sd-id128.c | 2 +- + src/test/test-fs-util.c | 11 +++++++---- + 2 files changed, 8 insertions(+), 5 deletions(-) + +diff --git a/src/libsystemd/sd-id128/sd-id128.c b/src/libsystemd/sd-id128/sd-id128.c +index b712328..3f23758 100644 +--- a/src/libsystemd/sd-id128/sd-id128.c ++++ b/src/libsystemd/sd-id128/sd-id128.c +@@ -90,7 +90,7 @@ _public_ int sd_id128_get_machine(sd_id128_t *ret) { + assert_return(ret, -EINVAL); + + if (sd_id128_is_null(saved_machine_id)) { +- r = id128_read("/etc/machine-id", ID128_PLAIN, &saved_machine_id); ++ r = id128_read(getenv("SYSTEMD_MACHINE_ID_PATH") ?: "/etc/machine-id", ID128_PLAIN, &saved_machine_id); + if (r < 0) + return r; + +diff --git a/src/test/test-fs-util.c b/src/test/test-fs-util.c +index fc650b5..b319745 100644 +--- a/src/test/test-fs-util.c ++++ b/src/test/test-fs-util.c +@@ -174,7 +174,7 @@ static void test_chase_symlinks(void) { + assert_se(streq(result, "/test-chase.fsldajfl")); + result = mfree(result); + +- r = chase_symlinks("/etc/machine-id/foo", NULL, 0, &result); ++ r = chase_symlinks("/etc/issue/foo", NULL, 0, &result); + assert_se(r == -ENOTDIR); + result = mfree(result); + +@@ -247,23 +247,26 @@ static void test_chase_symlinks(void) { + assert_se(chase_symlinks(q, NULL, CHASE_SAFE, NULL) >= 0); + } + +- p = strjoina(temp, "/machine-id-test"); +- assert_se(symlink("/usr/../etc/./machine-id", p) >= 0); ++ p = strjoina(temp, "/issue-test"); ++ assert_se(symlink("/usr/../etc/./issue", p) >= 0); + + pfd = chase_symlinks(p, NULL, CHASE_OPEN, NULL); + if (pfd != -ENOENT) { + _cleanup_close_ int fd = -1; ++/* + sd_id128_t a, b; ++*/ + + assert_se(pfd >= 0); + + fd = fd_reopen(pfd, O_RDONLY|O_CLOEXEC); + assert_se(fd >= 0); + safe_close(pfd); +- ++/* + assert_se(id128_read_fd(fd, ID128_PLAIN, &a) >= 0); + assert_se(sd_id128_get_machine(&b) >= 0); + assert_se(sd_id128_equal(a, b)); ++*/ + } + + /* Test CHASE_ONE */ diff --git a/patches/debian/Add-support-for-TuxOnIce-hibernation.patch b/patches/debian/Add-support-for-TuxOnIce-hibernation.patch new file mode 100644 index 00000000..23537de3 --- /dev/null +++ b/patches/debian/Add-support-for-TuxOnIce-hibernation.patch @@ -0,0 +1,30 @@ +From: Julien Muchembled +Date: Tue, 29 Apr 2014 11:40:50 +0200 +Subject: Add support for TuxOnIce hibernation + +systemd does not support non-mainline kernel features so upstream rejected this +patch. +It is however required for systemd integration by tuxonice-userui package. + +Forwarded: http://lists.freedesktop.org/archives/systemd-devel/2014-April/018960.html +--- + src/shared/sleep-config.c | 6 ++++++ + 1 file changed, 6 insertions(+) + +diff --git a/src/shared/sleep-config.c b/src/shared/sleep-config.c +index 9e4ce18..80d9eb8 100644 +--- a/src/shared/sleep-config.c ++++ b/src/shared/sleep-config.c +@@ -229,6 +229,12 @@ static bool enough_swap_for_hibernation(void) { + if (getenv_bool("SYSTEMD_BYPASS_HIBERNATION_MEMORY_CHECK") > 0) + return true; + ++ /* TuxOnIce is an alternate implementation for hibernation. ++ * It can be configured to compress the image to a file or an inactive ++ * swap partition, so there's nothing more we can do here. */ ++ if (access("/sys/power/tuxonice", F_OK) == 0) ++ return true; ++ + r = find_hibernate_location(NULL, NULL, &size, &used); + if (r < 0) + return false; diff --git a/patches/debian/Bring-tmpfiles.d-tmp.conf-in-line-with-Debian-defaul.patch b/patches/debian/Bring-tmpfiles.d-tmp.conf-in-line-with-Debian-defaul.patch new file mode 100644 index 00000000..085bafd1 --- /dev/null +++ b/patches/debian/Bring-tmpfiles.d-tmp.conf-in-line-with-Debian-defaul.patch @@ -0,0 +1,24 @@ +From: Tollef Fog Heen +Date: Tue, 5 Jun 2012 20:59:36 +0200 +Subject: Bring tmpfiles.d/tmp.conf in line with Debian defaults + +Closes: #675422 +--- + tmpfiles.d/tmp.conf | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) + +diff --git a/tmpfiles.d/tmp.conf b/tmpfiles.d/tmp.conf +index 22555a0..8fb117f 100644 +--- a/tmpfiles.d/tmp.conf ++++ b/tmpfiles.d/tmp.conf +@@ -8,8 +8,8 @@ + # See tmpfiles.d(5) for details + + # Clear tmp directories separately, to make them easier to override +-q /tmp 1777 root root 10d +-q /var/tmp 1777 root root 30d ++D /tmp 1777 root root - ++#q /var/tmp 1777 root root 30d + + # Exclude namespace mountpoints created with PrivateTmp=yes + x /tmp/systemd-private-%b-* diff --git a/patches/debian/Don-t-enable-audit-by-default.patch b/patches/debian/Don-t-enable-audit-by-default.patch new file mode 100644 index 00000000..a5484722 --- /dev/null +++ b/patches/debian/Don-t-enable-audit-by-default.patch @@ -0,0 +1,30 @@ +From: Martin Pitt +Date: Sun, 28 Dec 2014 12:49:35 +0100 +Subject: Don't enable audit by default + +It causes flooding of dmesg and syslog, suppressing actually important +messages. + +Don't enable it for now, until a better solution is found: +http://lists.freedesktop.org/archives/systemd-devel/2014-December/026591.html + +Bug-Debian: https://bugs.debian.org/773528 +--- + src/journal/journald-audit.c | 5 ----- + 1 file changed, 5 deletions(-) + +diff --git a/src/journal/journald-audit.c b/src/journal/journald-audit.c +index 8772668..c5f4d55 100644 +--- a/src/journal/journald-audit.c ++++ b/src/journal/journald-audit.c +@@ -536,10 +536,5 @@ int server_open_audit(Server *s) { + if (r < 0) + return log_error_errno(r, "Failed to add audit fd to event loop: %m"); + +- /* We are listening now, try to enable audit */ +- r = enable_audit(s->audit_fd, true); +- if (r < 0) +- log_warning_errno(r, "Failed to issue audit enable call: %m"); +- + return 0; + } diff --git a/patches/debian/Drop-seccomp-system-call-filter-for-udev.patch b/patches/debian/Drop-seccomp-system-call-filter-for-udev.patch new file mode 100644 index 00000000..3ac8c831 --- /dev/null +++ b/patches/debian/Drop-seccomp-system-call-filter-for-udev.patch @@ -0,0 +1,31 @@ +From: Michael Biebl +Date: Wed, 18 Jul 2018 23:49:16 +0200 +Subject: Drop seccomp system call filter for udev + +The seccomp based system call whitelist requires at least systemd 239 to +be the active init and during a dist-upgrade we can't guarantee that +systemd has been fully configured before udev is restarted. + +This partially reverts upstream commit +ee8f26180d01e3ddd4e5f20b03b81e5e737657ae. + +Once buster is released, this patch can be dropped. + +Closes: #903224 +--- + units/systemd-udevd.service.in | 2 -- + 1 file changed, 2 deletions(-) + +diff --git a/units/systemd-udevd.service.in b/units/systemd-udevd.service.in +index 6a3814e..2b9fa69 100644 +--- a/units/systemd-udevd.service.in ++++ b/units/systemd-udevd.service.in +@@ -29,8 +29,6 @@ PrivateMounts=yes + MemoryDenyWriteExecute=yes + RestrictRealtime=yes + RestrictAddressFamilies=AF_UNIX AF_NETLINK AF_INET AF_INET6 +-SystemCallFilter=@system-service @module @raw-io +-SystemCallErrorNumber=EPERM + SystemCallArchitectures=native + LockPersonality=yes + IPAddressDeny=any diff --git a/patches/debian/Let-graphical-session-pre.target-be-manually-started.patch b/patches/debian/Let-graphical-session-pre.target-be-manually-started.patch new file mode 100644 index 00000000..d48d61c4 --- /dev/null +++ b/patches/debian/Let-graphical-session-pre.target-be-manually-started.patch @@ -0,0 +1,22 @@ +From: Iain Lane +Date: Mon, 22 Aug 2016 07:03:27 +0200 +Subject: Let graphical-session-pre.target be manually started + +This is needed until https://github.com/systemd/systemd/issues/3750 is fixed. + +Forwarded: not-needed +Bug-Ubuntu: https://launchpad.net/bugs/1615341 +--- + units/user/graphical-session-pre.target | 1 - + 1 file changed, 1 deletion(-) + +diff --git a/units/user/graphical-session-pre.target b/units/user/graphical-session-pre.target +index 3adfc5a..c4e1001 100644 +--- a/units/user/graphical-session-pre.target ++++ b/units/user/graphical-session-pre.target +@@ -12,5 +12,4 @@ Description=Session services which should run early before the graphical session + Documentation=man:systemd.special(7) + Requires=basic.target + Before=graphical-session.target +-RefuseManualStart=yes + StopWhenUnneeded=yes diff --git a/patches/debian/Make-run-lock-tmpfs-an-API-fs.patch b/patches/debian/Make-run-lock-tmpfs-an-API-fs.patch new file mode 100644 index 00000000..1d60f8c3 --- /dev/null +++ b/patches/debian/Make-run-lock-tmpfs-an-API-fs.patch @@ -0,0 +1,42 @@ +From: Michael Biebl +Date: Fri, 5 Sep 2014 01:15:16 +0200 +Subject: Make /run/lock tmpfs an API fs + +The /run/lock directory is world-writable in Debian due to historic +reasons. To avoid user processes filling up /run, we mount a separate +tmpfs for /run/lock. As this directory needs to be available during +early boot, we make it an API fs. + +Drop it from tmpfiles.d/legacy.conf to not clobber the permissions. + +Closes: #751392 +--- + src/core/mount-setup.c | 2 ++ + tmpfiles.d/legacy.conf | 1 - + 2 files changed, 2 insertions(+), 1 deletion(-) + +diff --git a/src/core/mount-setup.c b/src/core/mount-setup.c +index 16880e6..908a83f 100644 +--- a/src/core/mount-setup.c ++++ b/src/core/mount-setup.c +@@ -81,6 +81,8 @@ static const MountPoint mount_table[] = { + #endif + { "tmpfs", "/run", "tmpfs", "mode=755", MS_NOSUID|MS_NODEV|MS_STRICTATIME, + NULL, MNT_FATAL|MNT_IN_CONTAINER }, ++ { "tmpfs", "/run/lock", "tmpfs", "mode=1777,size=5242880", MS_NOSUID|MS_NODEV|MS_NOEXEC, ++ NULL, MNT_FATAL|MNT_IN_CONTAINER }, + { "cgroup2", "/sys/fs/cgroup", "cgroup2", "nsdelegate", MS_NOSUID|MS_NOEXEC|MS_NODEV, + cg_is_unified_wanted, MNT_IN_CONTAINER|MNT_CHECK_WRITABLE }, + { "cgroup2", "/sys/fs/cgroup", "cgroup2", NULL, MS_NOSUID|MS_NOEXEC|MS_NODEV, +diff --git a/tmpfiles.d/legacy.conf b/tmpfiles.d/legacy.conf +index 62e2ae0..ea5e735 100644 +--- a/tmpfiles.d/legacy.conf ++++ b/tmpfiles.d/legacy.conf +@@ -10,7 +10,6 @@ + # These files are considered legacy and are unnecessary on legacy-free + # systems. + +-d /run/lock 0755 root root - + L /var/lock - - - - ../run/lock + + # /run/lock/subsys is used for serializing SysV service execution, and diff --git a/patches/debian/Only-start-logind-if-dbus-is-installed.patch b/patches/debian/Only-start-logind-if-dbus-is-installed.patch new file mode 100644 index 00000000..c6e0f9b3 --- /dev/null +++ b/patches/debian/Only-start-logind-if-dbus-is-installed.patch @@ -0,0 +1,24 @@ +From: Martin Pitt +Date: Mon, 9 Feb 2015 10:53:43 +0100 +Subject: Only start logind if dbus is installed + +logind fails to start in environments without dbus, such as LXC containers or +servers. Add a startup condition to avoid the very noisy startup failure. + +Part of #772700 +--- + units/systemd-logind.service.in | 1 + + 1 file changed, 1 insertion(+) + +diff --git a/units/systemd-logind.service.in b/units/systemd-logind.service.in +index 5e090bc..9703674 100644 +--- a/units/systemd-logind.service.in ++++ b/units/systemd-logind.service.in +@@ -14,6 +14,7 @@ Documentation=https://www.freedesktop.org/wiki/Software/systemd/logind + Documentation=https://www.freedesktop.org/wiki/Software/systemd/multiseat + Wants=user.slice + After=nss-user-lookup.target user.slice ++ConditionPathExists=/lib/systemd/system/dbus.service + + # Ask for the dbus socket. + Wants=dbus.socket diff --git a/patches/debian/Re-enable-journal-forwarding-to-syslog.patch b/patches/debian/Re-enable-journal-forwarding-to-syslog.patch new file mode 100644 index 00000000..946d8ece --- /dev/null +++ b/patches/debian/Re-enable-journal-forwarding-to-syslog.patch @@ -0,0 +1,56 @@ +From: Martin Pitt +Date: Fri, 28 Nov 2014 14:43:25 +0100 +Subject: Re-enable journal forwarding to syslog + +Revert upstream commit 46b131574fdd7d77 for now, until Debian's sysloggers +can/do all read from the journal directly. See + + http://lists.freedesktop.org/archives/systemd-devel/2014-November/025550.html + +for details. Once we grow a journal.conf.d/ directory, sysloggers can be moved +to pulling from the journal one by one and disable forwarding again in such a +conf.d snippet. +--- + man/journald.conf.xml | 2 +- + src/journal/journald-server.c | 1 + + src/journal/journald.conf | 2 +- + 3 files changed, 3 insertions(+), 2 deletions(-) + +diff --git a/man/journald.conf.xml b/man/journald.conf.xml +index ee8e8b7..889d3c9 100644 +--- a/man/journald.conf.xml ++++ b/man/journald.conf.xml +@@ -286,7 +286,7 @@ + the system console, or sent as wall messages to all logged-in users. These + options take boolean arguments. If forwarding to syslog is enabled but nothing + reads messages from the socket, forwarding to syslog has no effect. By default, +- only forwarding to wall is enabled. These settings may be overridden at boot time ++ only forwarding to syslog and wall is enabled. These settings may be overridden at boot time + with the kernel command line options + systemd.journald.forward_to_syslog, + systemd.journald.forward_to_kmsg, +diff --git a/src/journal/journald-server.c b/src/journal/journald-server.c +index 4f1550e..f48059d 100644 +--- a/src/journal/journald-server.c ++++ b/src/journal/journald-server.c +@@ -1692,6 +1692,7 @@ int server_init(Server *s) { + s->rate_limit_interval = DEFAULT_RATE_LIMIT_INTERVAL; + s->rate_limit_burst = DEFAULT_RATE_LIMIT_BURST; + ++ s->forward_to_syslog = true; + s->forward_to_wall = true; + + s->max_file_usec = DEFAULT_MAX_FILE_USEC; +diff --git a/src/journal/journald.conf b/src/journal/journald.conf +index 94d5c67..a397799 100644 +--- a/src/journal/journald.conf ++++ b/src/journal/journald.conf +@@ -29,7 +29,7 @@ + #RuntimeMaxFiles=100 + #MaxRetentionSec= + #MaxFileSec=1month +-#ForwardToSyslog=no ++#ForwardToSyslog=yes + #ForwardToKMsg=no + #ForwardToConsole=no + #ForwardToWall=yes diff --git a/patches/debian/Revert-core-enable-TasksMax-for-all-services-by-default-a.patch b/patches/debian/Revert-core-enable-TasksMax-for-all-services-by-default-a.patch new file mode 100644 index 00000000..30690276 --- /dev/null +++ b/patches/debian/Revert-core-enable-TasksMax-for-all-services-by-default-a.patch @@ -0,0 +1,56 @@ +From: Martin Pitt +Date: Mon, 9 May 2016 21:24:38 +0200 +Subject: Revert "core: enable TasksMax= for all services by default, + and set it to 512" + +This reverts commit 9ded9cd14cc03c67291b10a5c42ce5094ba0912f. + +Introducing a default limit on number of threads broke a lot of software which +regularly needs more, such as MySQL and RabbitMQ, or services that spawn off an +indefinite number of subtasks that are not in a scope, like LXC or cron. + +15% is way too much for most "simple" services, and it's too little for others +such as the ones mentioned above. There is also no particular rationale about +any particular global limit, so even if we'd bump it higher we'd just make the +limit even less useful while still breaking software. + +It is both much safer and also much more effective in terms of guarding against +berserk programs/bugs/unintended fork bombs etc. to set limits in units +individually. Once someone looks at one, this is then a great time to also flip +on the other resource and privilege limitations that systemd offers. + +Bug: https://github.com/systemd/systemd/issues/3211 +Bug-Debian: https://bugs.debian.org/823530 +Bug-Ubuntu: https://launchpad.net/bugs/1578080 +--- + man/systemd-system.conf.xml | 3 +-- + src/core/system.conf.in | 2 +- + 2 files changed, 2 insertions(+), 3 deletions(-) + +diff --git a/man/systemd-system.conf.xml b/man/systemd-system.conf.xml +index a914ef2..f0c17d5 100644 +--- a/man/systemd-system.conf.xml ++++ b/man/systemd-system.conf.xml +@@ -339,8 +339,7 @@ + Configure the default value for the per-unit TasksMax= setting. See + systemd.resource-control5 + for details. This setting applies to all unit types that support resource control settings, with the exception +- of slice units. Defaults to 15%, which equals 4915 with the kernel's defaults on the host, but might be smaller +- in OS containers. ++ of slice units. + + + +diff --git a/src/core/system.conf.in b/src/core/system.conf.in +index f0a59a7..901535e 100644 +--- a/src/core/system.conf.in ++++ b/src/core/system.conf.in +@@ -45,7 +45,7 @@ + #DefaultBlockIOAccounting=no + #DefaultMemoryAccounting=@MEMORY_ACCOUNTING_DEFAULT@ + #DefaultTasksAccounting=yes +-#DefaultTasksMax=15% ++#DefaultTasksMax= + #DefaultLimitCPU= + #DefaultLimitFSIZE= + #DefaultLimitDATA= diff --git a/patches/debian/Revert-core-one-step-back-again-for-nspawn-we-actual.patch b/patches/debian/Revert-core-one-step-back-again-for-nspawn-we-actual.patch new file mode 100644 index 00000000..64304c3a --- /dev/null +++ b/patches/debian/Revert-core-one-step-back-again-for-nspawn-we-actual.patch @@ -0,0 +1,37 @@ +From: Martin Pitt +Date: Mon, 27 Apr 2015 15:29:13 +0200 +Subject: Revert "core: one step back again, + for nspawn we actually can't wait for cgroups running empty since systemd + will get exactly zero notifications about it" + +This reverts commit 743970d2ea6d08aa7c7bff8220f6b7702f2b1db7. + +Bug-Debian: https://bugs.debian.org/784720 +Bug-Ubuntu: https://launchpad.net/bugs/1448259 +Bug-Fedora: https://bugzilla.redhat.com/show_bug.cgi?id=1141137 +--- + src/core/unit.c | 11 +---------- + 1 file changed, 1 insertion(+), 10 deletions(-) + +diff --git a/src/core/unit.c b/src/core/unit.c +index 113205b..7fb080e 100644 +--- a/src/core/unit.c ++++ b/src/core/unit.c +@@ -4577,16 +4577,7 @@ int unit_kill_context( + + } else if (r > 0) { + +- /* FIXME: For now, on the legacy hierarchy, we will not wait for the cgroup members to die if +- * we are running in a container or if this is a delegation unit, simply because cgroup +- * notification is unreliable in these cases. It doesn't work at all in containers, and outside +- * of containers it can be confused easily by left-over directories in the cgroup — which +- * however should not exist in non-delegated units. On the unified hierarchy that's different, +- * there we get proper events. Hence rely on them. */ +- +- if (cg_unified_controller(SYSTEMD_CGROUP_CONTROLLER) > 0 || +- (detect_container() == 0 && !unit_cgroup_delegate(u))) +- wait_for_exit = true; ++ wait_for_exit = true; + + if (send_sighup) { + set_free(pid_set); diff --git a/patches/debian/Revert-core-set-RLIMIT_CORE-to-unlimited-by-default.patch b/patches/debian/Revert-core-set-RLIMIT_CORE-to-unlimited-by-default.patch new file mode 100644 index 00000000..5c587ae0 --- /dev/null +++ b/patches/debian/Revert-core-set-RLIMIT_CORE-to-unlimited-by-default.patch @@ -0,0 +1,43 @@ +From: Martin Pitt +Date: Sat, 27 Feb 2016 12:27:06 +0100 +Subject: Revert "core: set RLIMIT_CORE to unlimited by default" + +Partially revert commit 15a900327ab as this completely breaks core dumps +without systemd-coredump. It's also contradicting core(8), and it's not +systemd's place to redefine the kernel definitions of core files. + +Commit bdfd7b2c now honours the process' RLIMIT_CORE for systemd-coredump. This +isn't what RLIMIT_CORE is supposed to do (it limits the size of the core +*file*, but the kernel deliberately ignores it for piping), so set a static +2^63 core size limit for systemd-coredump to go back to the previous behaviour +(otherwise the change above would break systemd-coredump). + +Bug-Debian: https://bugs.debian.org/815020 +--- + src/core/main.c | 2 -- + sysctl.d/50-coredump.conf.in | 2 +- + 2 files changed, 1 insertion(+), 3 deletions(-) + +diff --git a/src/core/main.c b/src/core/main.c +index 44dd834..b85f9b7 100644 +--- a/src/core/main.c ++++ b/src/core/main.c +@@ -2251,8 +2251,6 @@ int main(int argc, char *argv[]) { + kernel_timestamp = DUAL_TIMESTAMP_NULL; + } + +- initialize_coredump(skip_setup); +- + r = fixup_environment(); + if (r < 0) { + log_emergency_errno(r, "Failed to fix up PID 1 environment: %m"); +diff --git a/sysctl.d/50-coredump.conf.in b/sysctl.d/50-coredump.conf.in +index ccd5c2c..53e74a1 100644 +--- a/sysctl.d/50-coredump.conf.in ++++ b/sysctl.d/50-coredump.conf.in +@@ -9,4 +9,4 @@ + # and systemd-coredump(8) and core(5) for the explanation of the + # setting below. + +-kernel.core_pattern=|@rootlibexecdir@/systemd-coredump %P %u %g %s %t %c %h %e ++kernel.core_pattern=|@rootlibexecdir@/systemd-coredump %P %u %g %s %t 9223372036854775808 %h %e diff --git a/patches/debian/Revert-systemctl-when-removing-enablement-or-mask-symlink.patch b/patches/debian/Revert-systemctl-when-removing-enablement-or-mask-symlink.patch new file mode 100644 index 00000000..8f3e4f64 --- /dev/null +++ b/patches/debian/Revert-systemctl-when-removing-enablement-or-mask-symlink.patch @@ -0,0 +1,386 @@ +From: Michael Biebl +Date: Wed, 27 Jun 2018 14:31:42 +0200 +Subject: Revert "systemctl: when removing enablement or mask symlinks, + cover both /run and /etc" + +We currently have packages in the archive which use +"systemctl --runtime unmask" and are broken by this change. +This is a intermediate step until it is clear whether upstream will +revert this commit or whether we will have to update affected packages +to deal with this changed behaviour. + +See #902287 and https://github.com/systemd/systemd/issues/9393 + +This reverts commit 4910b35078ad24dcbc63f372b2fee087640201d0. +--- + man/systemctl.xml | 22 +++---- + src/shared/install.c | 162 +++++++++++++++++++++++++--------------------- + src/systemctl/systemctl.c | 5 -- + 3 files changed, 98 insertions(+), 91 deletions(-) + +diff --git a/man/systemctl.xml b/man/systemctl.xml +index d95d372..abf3ea4 100644 +--- a/man/systemctl.xml ++++ b/man/systemctl.xml +@@ -557,19 +557,19 @@ + + + +- When used with set-property, make changes only +- temporarily, so that they are lost on the next reboot. +- +- Similarily, when used with enable, mask, +- edit and related commands, make temporary changes, which are lost on +- the next reboot. Changes are not made in subdirectories of /etc, but +- in /run. The immediate effect is identical, however since the latter ++ When used with enable, ++ disable, edit, ++ (and related commands), make changes only temporarily, so ++ that they are lost on the next reboot. This will have the ++ effect that changes are not made in subdirectories of ++ /etc but in /run, ++ with identical immediate effects, however, since the latter + is lost on reboot, the changes are lost too. + +- Note: this option cannot be used with disable, +- unmask, preset, or preset-all, +- because those operations sometimes need to remove symlinks under /etc +- to have the desired effect, which would cause a persistent change. ++ Similarly, when used with ++ set-property, make changes only ++ temporarily, so that they are lost on the next ++ reboot. + + + +diff --git a/src/shared/install.c b/src/shared/install.c +index 77ae812..e53f09f 100644 +--- a/src/shared/install.c ++++ b/src/shared/install.c +@@ -1911,6 +1911,7 @@ static int install_context_mark_for_removal( + InstallContext *c, + const LookupPaths *paths, + Set **remove_symlinks_to, ++ const char *config_path, + UnitFileChange **changes, + size_t *n_changes) { + +@@ -1919,6 +1920,7 @@ static int install_context_mark_for_removal( + + assert(c); + assert(paths); ++ assert(config_path); + + /* Marks all items for removal */ + +@@ -2028,7 +2030,7 @@ int unit_file_unmask( + size_t n_todo = 0, n_allocated = 0; + const char *config_path; + char **i; +- bool dry_run = !!(flags & UNIT_FILE_DRY_RUN); ++ bool dry_run; + int r, q; + + assert(scope >= 0); +@@ -2038,71 +2040,73 @@ int unit_file_unmask( + if (r < 0) + return r; + ++ config_path = (flags & UNIT_FILE_RUNTIME) ? paths.runtime_config : paths.persistent_config; ++ if (!config_path) ++ return -ENXIO; ++ ++ dry_run = !!(flags & UNIT_FILE_DRY_RUN); ++ + STRV_FOREACH(i, files) { ++ _cleanup_free_ char *path = NULL; ++ + if (!unit_name_is_valid(*i, UNIT_NAME_ANY)) + return -EINVAL; + +- FOREACH_STRING(config_path, paths.runtime_config, paths.persistent_config) { +- _cleanup_free_ char *path = NULL; +- +- path = path_make_absolute(*i, config_path); +- if (!path) +- return -ENOMEM; ++ path = path_make_absolute(*i, config_path); ++ if (!path) ++ return -ENOMEM; + +- r = null_or_empty_path(path); +- if (r == -ENOENT) +- continue; +- if (r < 0) +- return r; +- if (r == 0) +- continue; ++ r = null_or_empty_path(path); ++ if (r == -ENOENT) ++ continue; ++ if (r < 0) ++ return r; ++ if (r == 0) ++ continue; + +- if (!GREEDY_REALLOC0(todo, n_allocated, n_todo + 2)) +- return -ENOMEM; ++ if (!GREEDY_REALLOC0(todo, n_allocated, n_todo + 2)) ++ return -ENOMEM; + +- todo[n_todo] = strdup(*i); +- if (!todo[n_todo]) +- return -ENOMEM; ++ todo[n_todo] = strdup(*i); ++ if (!todo[n_todo]) ++ return -ENOMEM; + +- n_todo++; +- } ++ n_todo++; + } + + strv_uniq(todo); + + r = 0; +- FOREACH_STRING(config_path, paths.runtime_config, paths.persistent_config) { +- STRV_FOREACH(i, todo) { +- _cleanup_free_ char *path = NULL; +- const char *rp; +- +- path = path_make_absolute(*i, config_path); +- if (!path) +- return -ENOMEM; ++ STRV_FOREACH(i, todo) { ++ _cleanup_free_ char *path = NULL; ++ const char *rp; + +- if (!dry_run && unlink(path) < 0) { +- if (errno != ENOENT) { +- if (r >= 0) +- r = -errno; +- unit_file_changes_add(changes, n_changes, -errno, path, NULL); +- } ++ path = path_make_absolute(*i, config_path); ++ if (!path) ++ return -ENOMEM; + +- continue; ++ if (!dry_run && unlink(path) < 0) { ++ if (errno != ENOENT) { ++ if (r >= 0) ++ r = -errno; ++ unit_file_changes_add(changes, n_changes, -errno, path, NULL); + } + +- unit_file_changes_add(changes, n_changes, UNIT_FILE_UNLINK, path, NULL); +- +- rp = skip_root(&paths, path); +- q = mark_symlink_for_removal(&remove_symlinks_to, rp ?: path); +- if (q < 0) +- return q; ++ continue; + } + +- q = remove_marked_symlinks(remove_symlinks_to, config_path, &paths, dry_run, changes, n_changes); +- if (r >= 0) +- r = q; ++ unit_file_changes_add(changes, n_changes, UNIT_FILE_UNLINK, path, NULL); ++ ++ rp = skip_root(&paths, path); ++ q = mark_symlink_for_removal(&remove_symlinks_to, rp ?: path); ++ if (q < 0) ++ return q; + } + ++ q = remove_marked_symlinks(remove_symlinks_to, config_path, &paths, dry_run, changes, n_changes); ++ if (r >= 0) ++ r = q; ++ + return r; + } + +@@ -2494,7 +2498,6 @@ int unit_file_disable( + _cleanup_(lookup_paths_free) LookupPaths paths = {}; + _cleanup_(install_context_done) InstallContext c = {}; + _cleanup_set_free_free_ Set *remove_symlinks_to = NULL; +- bool dry_run = !!(flags & UNIT_FILE_DRY_RUN); + const char *config_path; + char **i; + int r; +@@ -2506,6 +2509,10 @@ int unit_file_disable( + if (r < 0) + return r; + ++ config_path = (flags & UNIT_FILE_RUNTIME) ? paths.runtime_config : paths.persistent_config; ++ if (!config_path) ++ return -ENXIO; ++ + STRV_FOREACH(i, files) { + if (!unit_name_is_valid(*i, UNIT_NAME_ANY)) + return -EINVAL; +@@ -2515,17 +2522,11 @@ int unit_file_disable( + return r; + } + +- r = install_context_mark_for_removal(scope, &c, &paths, &remove_symlinks_to, changes, n_changes); ++ r = install_context_mark_for_removal(scope, &c, &paths, &remove_symlinks_to, config_path, changes, n_changes); + if (r < 0) + return r; + +- FOREACH_STRING(config_path, paths.runtime_config, paths.persistent_config) { +- r = remove_marked_symlinks(remove_symlinks_to, config_path, &paths, dry_run, changes, n_changes); +- if (r < 0) +- return r; +- } +- +- return 0; ++ return remove_marked_symlinks(remove_symlinks_to, config_path, &paths, !!(flags & UNIT_FILE_DRY_RUN), changes, n_changes); + } + + int unit_file_reenable( +@@ -2909,45 +2910,45 @@ int unit_file_query_preset(UnitFileScope scope, const char *root_dir, const char + + static int execute_preset( + UnitFileScope scope, +- UnitFileFlags flags, + InstallContext *plus, + InstallContext *minus, + const LookupPaths *paths, ++ const char *config_path, + char **files, + UnitFilePresetMode mode, ++ bool force, + UnitFileChange **changes, + size_t *n_changes) { + +- const char *config_path; +- bool force = !!(flags & UNIT_FILE_FORCE); +- bool runtime = !!(flags & UNIT_FILE_RUNTIME); +- int r = 0, q; ++ int r; + + assert(plus); + assert(minus); + assert(paths); ++ assert(config_path); + + if (mode != UNIT_FILE_PRESET_ENABLE_ONLY) { + _cleanup_set_free_free_ Set *remove_symlinks_to = NULL; + +- q = install_context_mark_for_removal(scope, minus, paths, &remove_symlinks_to, changes, n_changes); +- if (q < 0) +- return q; ++ r = install_context_mark_for_removal(scope, minus, paths, &remove_symlinks_to, config_path, changes, n_changes); ++ if (r < 0) ++ return r; + +- FOREACH_STRING(config_path, paths->runtime_config, paths->persistent_config) { +- q = remove_marked_symlinks(remove_symlinks_to, config_path, paths, false, changes, n_changes); +- if (r == 0) +- r = q; +- } +- } ++ r = remove_marked_symlinks(remove_symlinks_to, config_path, paths, false, changes, n_changes); ++ } else ++ r = 0; + + if (mode != UNIT_FILE_PRESET_DISABLE_ONLY) { ++ int q; ++ + /* Returns number of symlinks that where supposed to be installed. */ +- q = install_context_apply(scope, plus, paths, +- runtime ? paths->runtime_config : paths->persistent_config, +- force, SEARCH_LOAD, changes, n_changes); +- if (r == 0) +- r = q; ++ q = install_context_apply(scope, plus, paths, config_path, force, SEARCH_LOAD, changes, n_changes); ++ if (r >= 0) { ++ if (q < 0) ++ r = q; ++ else ++ r += q; ++ } + } + + return r; +@@ -3011,6 +3012,7 @@ int unit_file_preset( + _cleanup_(install_context_done) InstallContext plus = {}, minus = {}; + _cleanup_(lookup_paths_free) LookupPaths paths = {}; + _cleanup_(presets_freep) Presets presets = {}; ++ const char *config_path; + char **i; + int r; + +@@ -3022,6 +3024,10 @@ int unit_file_preset( + if (r < 0) + return r; + ++ config_path = (flags & UNIT_FILE_RUNTIME) ? paths.runtime_config : paths.persistent_config; ++ if (!config_path) ++ return -ENXIO; ++ + r = read_presets(scope, root_dir, &presets); + if (r < 0) + return r; +@@ -3032,7 +3038,7 @@ int unit_file_preset( + return r; + } + +- return execute_preset(scope, flags, &plus, &minus, &paths, files, mode, changes, n_changes); ++ return execute_preset(scope, &plus, &minus, &paths, config_path, files, mode, !!(flags & UNIT_FILE_FORCE), changes, n_changes); + } + + int unit_file_preset_all( +@@ -3046,6 +3052,7 @@ int unit_file_preset_all( + _cleanup_(install_context_done) InstallContext plus = {}, minus = {}; + _cleanup_(lookup_paths_free) LookupPaths paths = {}; + _cleanup_(presets_freep) Presets presets = {}; ++ const char *config_path = NULL; + char **i; + int r; + +@@ -3057,6 +3064,10 @@ int unit_file_preset_all( + if (r < 0) + return r; + ++ config_path = (flags & UNIT_FILE_RUNTIME) ? paths.runtime_config : paths.persistent_config; ++ if (!config_path) ++ return -ENXIO; ++ + r = read_presets(scope, root_dir, &presets); + if (r < 0) + return r; +@@ -3074,6 +3085,7 @@ int unit_file_preset_all( + } + + FOREACH_DIRENT(de, d, return -errno) { ++ + if (!unit_name_is_valid(de->d_name, UNIT_NAME_ANY)) + continue; + +@@ -3097,7 +3109,7 @@ int unit_file_preset_all( + } + } + +- return execute_preset(scope, flags, &plus, &minus, &paths, NULL, mode, changes, n_changes); ++ return execute_preset(scope, &plus, &minus, &paths, config_path, NULL, mode, !!(flags & UNIT_FILE_FORCE), changes, n_changes); + } + + static void unit_file_list_free_one(UnitFileList *f) { +diff --git a/src/systemctl/systemctl.c b/src/systemctl/systemctl.c +index f072ad0..fc0baa8 100644 +--- a/src/systemctl/systemctl.c ++++ b/src/systemctl/systemctl.c +@@ -7683,11 +7683,6 @@ static int systemctl_parse_argv(int argc, char *argv[]) { + return -EINVAL; + } + +- if (arg_runtime && STRPTR_IN_SET(argv[optind], "disable", "unmask", "preset", "preset-all")) { +- log_error("--runtime cannot be used with %s", argv[optind]); +- return -EINVAL; +- } +- + return 1; + } + diff --git a/patches/debian/Revert-udev-network-device-renaming-immediately-give.patch b/patches/debian/Revert-udev-network-device-renaming-immediately-give.patch new file mode 100644 index 00000000..fe90a3ff --- /dev/null +++ b/patches/debian/Revert-udev-network-device-renaming-immediately-give.patch @@ -0,0 +1,75 @@ +From: Michael Biebl +Date: Thu, 18 Jul 2013 01:04:07 +0200 +Subject: Revert "udev: network device renaming - immediately give up if the + target name isn't available" + +This reverts commit 97595710b77aa162ca5e20da57d0a1ed7355eaad. + +We need to keep supporting systems with 75-persistent-net-generator.rules +generated names for a while after switching to net.ifnames. Re-apply this old +hack to make the renaming less likely to fail. +--- + src/udev/udev-event.c | 41 ++++++++++++++++++++++++++++++++++++++--- + 1 file changed, 38 insertions(+), 3 deletions(-) + +diff --git a/src/udev/udev-event.c b/src/udev/udev-event.c +index fd8406d..14c1d26 100644 +--- a/src/udev/udev-event.c ++++ b/src/udev/udev-event.c +@@ -819,18 +819,53 @@ static int rename_netif(struct udev_event *event) { + char name[IFNAMSIZ]; + const char *oldname; + int r; ++ int loop; + + oldname = udev_device_get_sysname(dev); + + strscpy(name, IFNAMSIZ, event->name); + ++ r = rtnl_set_link_name(&event->rtnl, udev_device_get_ifindex(dev), name); ++ if (r >= 0) { ++ log_debug("renamed network interface %s to %s\n", oldname, name); ++ goto out; ++ } ++ ++ /* keep trying if the destination interface name already exists */ ++ if (r != -EEXIST) ++ goto out; ++ ++ /* free our own name, another process may wait for us */ ++ snprintf(name, IFNAMSIZ, "rename%u", udev_device_get_ifindex(dev)); + r = rtnl_set_link_name(&event->rtnl, udev_device_get_ifindex(dev), name); + if (r < 0) +- return log_error_errno(r, "Error changing net interface name '%s' to '%s': %m", oldname, name); ++ goto out; + +- log_debug("renamed network interface '%s' to '%s'", oldname, name); ++ /* log temporary name */ ++ log_debug("renamed network interface %s to %s\n", oldname, name); + +- return 0; ++ /* wait a maximum of 90 seconds for our target to become available */ ++ strscpy(name, IFNAMSIZ, event->name); ++ loop = 90 * 20; ++ while (loop--) { ++ const struct timespec duration = { 0, 1000 * 1000 * 1000 / 20 }; ++ ++ nanosleep(&duration, NULL); ++ ++ r = rtnl_set_link_name(&event->rtnl, udev_device_get_ifindex(dev), name); ++ if (r >= 0) { ++ log_debug("renamed network interface %s to %s\n", oldname, name); ++ break; ++ } ++ if (r != -EEXIST) ++ break; ++ } ++ ++out: ++ if (r < 0) ++ log_error("error changing net interface name '%s' to '%s': %s", ++ oldname, name, strerror(-r)); ++ return r; + } + + void udev_event_execute_rules(struct udev_event *event, diff --git a/patches/debian/Revert-udev-rules-Permission-changes-for-dev-dri-renderD.patch b/patches/debian/Revert-udev-rules-Permission-changes-for-dev-dri-renderD.patch new file mode 100644 index 00000000..ac5cd0de --- /dev/null +++ b/patches/debian/Revert-udev-rules-Permission-changes-for-dev-dri-renderD.patch @@ -0,0 +1,82 @@ +From: Michael Biebl +Date: Sun, 17 Dec 2017 00:31:20 +0100 +Subject: Revert "udev-rules: Permission changes for /dev/dri/renderD*" + +This would introduce a new system group "render". As the name is rather +generic, this needs further discussion first, so revert this change for +now. + +This reverts commit 4e15a7343cb389e97f3eb4f49699161862d8b8b2. +--- + meson.build | 2 -- + meson_options.txt | 2 -- + rules/50-udev-default.rules.in | 5 +---- + src/login/70-uaccess.rules.m4 | 2 +- + 4 files changed, 2 insertions(+), 9 deletions(-) + +diff --git a/meson.build b/meson.build +index f9baed4..98661eb 100644 +--- a/meson.build ++++ b/meson.build +@@ -743,7 +743,6 @@ conf.set10('ENABLE_WHEEL_GROUP', get_option('wheel-group')) + dev_kvm_mode = get_option('dev-kvm-mode') + substs.set('DEV_KVM_MODE', dev_kvm_mode) + conf.set10('DEV_KVM_UACCESS', dev_kvm_mode != '0666') +-substs.set('GROUP_RENDER_MODE', get_option('group-render-mode')) + + kill_user_processes = get_option('default-kill-user-processes') + conf.set10('KILL_USER_PROCESSES', kill_user_processes) +@@ -2884,7 +2883,6 @@ status = [ + 'minimum container UID base: @0@'.format(container_uid_base_min), + 'maximum container UID base: @0@'.format(container_uid_base_max), + '/dev/kvm access mode: @0@'.format(get_option('dev-kvm-mode')), +- 'render group access mode: @0@'.format(get_option('group-render-mode')), + 'certificate root directory: @0@'.format(get_option('certificate-root')), + 'support URL: @0@'.format(support_url), + 'nobody user name: @0@'.format(nobody_user), +diff --git a/meson_options.txt b/meson_options.txt +index 16c1f2b..45c6320 100644 +--- a/meson_options.txt ++++ b/meson_options.txt +@@ -180,8 +180,6 @@ option('nobody-group', type : 'string', + value : 'nobody') + option('dev-kvm-mode', type : 'string', value : '0666', + description : '/dev/kvm access mode') +-option('group-render-mode', type : 'string', value : '0666', +- description : 'Access mode for devices owned by render group (e.g. /dev/dri/renderD*, /dev/kfd).') + option('default-kill-user-processes', type : 'boolean', + description : 'the default value for KillUserProcesses= setting') + option('gshadow', type : 'boolean', +diff --git a/rules/50-udev-default.rules.in b/rules/50-udev-default.rules.in +index 191f56f..63aa3db 100644 +--- a/rules/50-udev-default.rules.in ++++ b/rules/50-udev-default.rules.in +@@ -31,14 +31,11 @@ SUBSYSTEM=="input", KERNEL=="js[0-9]*", MODE="0664" + + SUBSYSTEM=="video4linux", GROUP="video" + SUBSYSTEM=="graphics", GROUP="video" +-SUBSYSTEM=="drm", KERNEL!="renderD*", GROUP="video" ++SUBSYSTEM=="drm", GROUP="video" + SUBSYSTEM=="dvb", GROUP="video" + SUBSYSTEM=="media", GROUP="video" + SUBSYSTEM=="cec", GROUP="video" + +-SUBSYSTEM=="drm", KERNEL=="renderD*", GROUP="render", MODE="@GROUP_RENDER_MODE@" +-SUBSYSTEM=="kfd", GROUP="render", MODE="@GROUP_RENDER_MODE@" +- + SUBSYSTEM=="sound", GROUP="audio", \ + OPTIONS+="static_node=snd/seq", OPTIONS+="static_node=snd/timer" + +diff --git a/src/login/70-uaccess.rules.m4 b/src/login/70-uaccess.rules.m4 +index d55e5bf..e46cacb 100644 +--- a/src/login/70-uaccess.rules.m4 ++++ b/src/login/70-uaccess.rules.m4 +@@ -45,7 +45,7 @@ SUBSYSTEM=="firewire", ATTR{units}=="*0x00a02d:0x010001*", TAG+="uaccess" + SUBSYSTEM=="firewire", ATTR{units}=="*0x00a02d:0x014001*", TAG+="uaccess" + + # DRI video devices +-SUBSYSTEM=="drm", KERNEL=="card*", TAG+="uaccess" ++SUBSYSTEM=="drm", KERNEL=="card*|renderD*", TAG+="uaccess" + m4_ifdef(`DEV_KVM_UACCESS',`` + # KVM + SUBSYSTEM=="misc", KERNEL=="kvm", TAG+="uaccess"'' diff --git a/patches/debian/Skip-filesystem-check-if-already-done-by-the-initram.patch b/patches/debian/Skip-filesystem-check-if-already-done-by-the-initram.patch new file mode 100644 index 00000000..3b8e8bea --- /dev/null +++ b/patches/debian/Skip-filesystem-check-if-already-done-by-the-initram.patch @@ -0,0 +1,57 @@ +From: Nis Martensen +Date: Tue, 19 Jan 2016 22:01:43 +0100 +Subject: Skip filesystem check if already done by the initramfs + +Newer versions of initramfs-tools already fsck and mount / and /usr in +the initramfs. Skip the filesystem check in this case. + +Based on a previous patch by Michael Biebl . + +Closes: #782522 +Closes: #810748 +--- + src/fstab-generator/fstab-generator.c | 11 ++++++++--- + units/systemd-fsck-root.service.in | 1 + + 2 files changed, 9 insertions(+), 3 deletions(-) + +diff --git a/src/fstab-generator/fstab-generator.c b/src/fstab-generator/fstab-generator.c +index 482229b..1a7281e 100644 +--- a/src/fstab-generator/fstab-generator.c ++++ b/src/fstab-generator/fstab-generator.c +@@ -300,6 +300,7 @@ static int add_mount( + *where_escaped = NULL; + _cleanup_fclose_ FILE *f = NULL; + int r; ++ struct stat sb; + + assert(what); + assert(where); +@@ -377,9 +378,13 @@ static int add_mount( + } + + if (passno != 0) { +- r = generator_write_fsck_deps(f, dest, what, where, fstype); +- if (r < 0) +- return r; ++ if (streq(where, "/usr") && stat("/run/initramfs/fsck-usr", &sb) == 0) ++ ; /* skip /usr fsck if it has already been checked in the initramfs */ ++ else { ++ r = generator_write_fsck_deps(f, dest, what, where, fstype); ++ if (r < 0) ++ return r; ++ } + } + + fprintf(f, "\n[Mount]\n"); +diff --git a/units/systemd-fsck-root.service.in b/units/systemd-fsck-root.service.in +index 3cc60e5..172a952 100644 +--- a/units/systemd-fsck-root.service.in ++++ b/units/systemd-fsck-root.service.in +@@ -15,6 +15,7 @@ Wants=systemd-fsckd.socket + Before=local-fs.target shutdown.target + After=systemd-fsckd.socket + ConditionPathIsReadWrite=!/ ++ConditionPathExists=!/run/initramfs/fsck-root + + [Service] + Type=oneshot diff --git a/patches/debian/Use-Debian-specific-config-files.patch b/patches/debian/Use-Debian-specific-config-files.patch new file mode 100644 index 00000000..0df6557c --- /dev/null +++ b/patches/debian/Use-Debian-specific-config-files.patch @@ -0,0 +1,426 @@ +From: Michael Biebl +Date: Thu, 18 Jul 2013 20:11:02 +0200 +Subject: Use Debian specific config files + +Use /etc/default/locale instead of /etc/locale.conf for locale settings. + +Use /etc/default/keyboard instead of /etc/X11/xorg.conf.d/00-keyboard.conf for +keyboard configuration. + +Read/write /etc/timezone if /etc/localtime does not exist. +--- + src/basic/time-util.c | 21 ++++- + src/core/locale-setup.c | 22 +++++ + src/locale/keymap-util.c | 206 ++++++++++++++++++++++++----------------------- + src/timedate/timedated.c | 10 +++ + 4 files changed, 156 insertions(+), 103 deletions(-) + +diff --git a/src/basic/time-util.c b/src/basic/time-util.c +index fe201c3..fdcdbda 100644 +--- a/src/basic/time-util.c ++++ b/src/basic/time-util.c +@@ -1395,8 +1395,25 @@ int get_timezone(char **tz) { + int r; + + r = readlink_malloc("/etc/localtime", &t); +- if (r < 0) +- return r; /* returns EINVAL if not a symlink */ ++ if (r < 0) { ++ if (r != -EINVAL) ++ return r; /* returns EINVAL if not a symlink */ ++ ++ r = read_one_line_file("/etc/timezone", &t); ++ if (r < 0) { ++ if (r != -ENOENT) ++ log_warning_errno(r, "Failed to read /etc/timezone: %m"); ++ return -EINVAL; ++ } ++ ++ if (!timezone_is_valid(t, LOG_DEBUG)) ++ return -EINVAL; ++ z = strdup(t); ++ if (!z) ++ return -ENOMEM; ++ *tz = z; ++ return 0; ++ } + + e = path_startswith(t, "/usr/share/zoneinfo/"); + if (!e) +diff --git a/src/core/locale-setup.c b/src/core/locale-setup.c +index c14523f..b35b8e6 100644 +--- a/src/core/locale-setup.c ++++ b/src/core/locale-setup.c +@@ -64,6 +64,28 @@ int locale_setup(char ***environment) { + log_warning_errno(r, "Failed to read /etc/locale.conf: %m"); + } + ++ if (r <= 0) { ++ r = parse_env_file(NULL, "/etc/default/locale", NEWLINE, ++ "LANG", &variables[VARIABLE_LANG], ++ "LANGUAGE", &variables[VARIABLE_LANGUAGE], ++ "LC_CTYPE", &variables[VARIABLE_LC_CTYPE], ++ "LC_NUMERIC", &variables[VARIABLE_LC_NUMERIC], ++ "LC_TIME", &variables[VARIABLE_LC_TIME], ++ "LC_COLLATE", &variables[VARIABLE_LC_COLLATE], ++ "LC_MONETARY", &variables[VARIABLE_LC_MONETARY], ++ "LC_MESSAGES", &variables[VARIABLE_LC_MESSAGES], ++ "LC_PAPER", &variables[VARIABLE_LC_PAPER], ++ "LC_NAME", &variables[VARIABLE_LC_NAME], ++ "LC_ADDRESS", &variables[VARIABLE_LC_ADDRESS], ++ "LC_TELEPHONE", &variables[VARIABLE_LC_TELEPHONE], ++ "LC_MEASUREMENT", &variables[VARIABLE_LC_MEASUREMENT], ++ "LC_IDENTIFICATION", &variables[VARIABLE_LC_IDENTIFICATION], ++ NULL); ++ ++ if (r < 0 && r != -ENOENT) ++ log_warning_errno(r, "Failed to read /etc/default/locale: %m"); ++ } ++ + add = NULL; + for (i = 0; i < _VARIABLE_LC_MAX; i++) { + char *s; +diff --git a/src/locale/keymap-util.c b/src/locale/keymap-util.c +index 598b931..0f1aed4 100644 +--- a/src/locale/keymap-util.c ++++ b/src/locale/keymap-util.c +@@ -85,6 +85,7 @@ void locale_simplify(char *locale[_VARIABLE_LC_MAX]) { + int locale_read_data(Context *c, sd_bus_message *m) { + struct stat st; + int r; ++ const char *path = "/etc/locale.conf"; + + /* Do not try to re-read the file within single bus operation. */ + if (m && m == c->locale_cache) +@@ -93,7 +94,11 @@ int locale_read_data(Context *c, sd_bus_message *m) { + /* To suppress multiple call of stat(), store the message to cache here. */ + c->locale_cache = m; + +- r = stat("/etc/locale.conf", &st); ++ r = stat(path, &st); ++ if (r < 0 && errno == ENOENT) { ++ path = "/etc/default/locale"; ++ r = stat(path, &st); ++ } + if (r < 0 && errno != ENOENT) + return -errno; + +@@ -108,7 +113,7 @@ int locale_read_data(Context *c, sd_bus_message *m) { + c->locale_mtime = t; + context_free_locale(c); + +- r = parse_env_file(NULL, "/etc/locale.conf", NEWLINE, ++ r = parse_env_file(NULL, path, NEWLINE, + "LANG", &c->locale[VARIABLE_LANG], + "LANGUAGE", &c->locale[VARIABLE_LANGUAGE], + "LC_CTYPE", &c->locale[VARIABLE_LC_CTYPE], +@@ -189,9 +194,6 @@ int vconsole_read_data(Context *c, sd_bus_message *m) { + } + + int x11_read_data(Context *c, sd_bus_message *m) { +- _cleanup_fclose_ FILE *f = NULL; +- bool in_section = false; +- char line[LINE_MAX]; + struct stat st; + usec_t t; + int r; +@@ -203,7 +205,7 @@ int x11_read_data(Context *c, sd_bus_message *m) { + /* To suppress multiple call of stat(), store the message to cache here. */ + c->x11_cache = m; + +- if (stat("/etc/X11/xorg.conf.d/00-keyboard.conf", &st) < 0) { ++ if (stat("/etc/default/keyboard", &st) < 0) { + if (errno != ENOENT) + return -errno; + +@@ -220,56 +222,15 @@ int x11_read_data(Context *c, sd_bus_message *m) { + c->x11_mtime = t; + context_free_x11(c); + +- f = fopen("/etc/X11/xorg.conf.d/00-keyboard.conf", "re"); +- if (!f) +- return -errno; +- +- while (fgets(line, sizeof(line), f)) { +- char *l; +- +- char_array_0(line); +- l = strstrip(line); +- +- if (IN_SET(l[0], 0, '#')) +- continue; +- +- if (in_section && first_word(l, "Option")) { +- _cleanup_strv_free_ char **a = NULL; +- +- r = strv_split_extract(&a, l, WHITESPACE, EXTRACT_QUOTES); +- if (r < 0) +- return r; +- +- if (strv_length(a) == 3) { +- char **p = NULL; +- +- if (streq(a[1], "XkbLayout")) +- p = &c->x11_layout; +- else if (streq(a[1], "XkbModel")) +- p = &c->x11_model; +- else if (streq(a[1], "XkbVariant")) +- p = &c->x11_variant; +- else if (streq(a[1], "XkbOptions")) +- p = &c->x11_options; +- +- if (p) { +- free_and_replace(*p, a[2]); +- } +- } +- +- } else if (!in_section && first_word(l, "Section")) { +- _cleanup_strv_free_ char **a = NULL; +- +- r = strv_split_extract(&a, l, WHITESPACE, EXTRACT_QUOTES); +- if (r < 0) +- return -ENOMEM; +- +- if (strv_length(a) == 2 && streq(a[1], "InputClass")) +- in_section = true; ++ r = parse_env_file(NULL, "/etc/default/keyboard", NEWLINE, ++ "XKBMODEL", &c->x11_model, ++ "XKBLAYOUT", &c->x11_layout, ++ "XKBVARIANT", &c->x11_variant, ++ "XKBOPTIONS", &c->x11_options, ++ NULL); + +- } else if (in_section && first_word(l, "EndSection")) +- in_section = false; +- } ++ if (r < 0) ++ return r; + + return 0; + } +@@ -278,9 +239,18 @@ int locale_write_data(Context *c, char ***settings) { + _cleanup_strv_free_ char **l = NULL; + struct stat st; + int r, p; ++ const char *path = "/etc/locale.conf"; + + /* Set values will be returned as strv in *settings on success. */ + ++ r = load_env_file(NULL, path, NULL, &l); ++ if (r < 0 && r == -ENOENT) { ++ path = "/etc/default/locale"; ++ r = load_env_file(NULL, path, NULL, &l); ++ } ++ if (r < 0 && r != -ENOENT) ++ return r; ++ + for (p = 0; p < _VARIABLE_LC_MAX; p++) { + _cleanup_free_ char *t = NULL; + char **u; +@@ -303,20 +273,20 @@ int locale_write_data(Context *c, char ***settings) { + } + + if (strv_isempty(l)) { +- if (unlink("/etc/locale.conf") < 0) ++ if (unlink(path) < 0) + return errno == ENOENT ? 0 : -errno; + + c->locale_mtime = USEC_INFINITY; + return 0; + } + +- r = write_env_file_label("/etc/locale.conf", l); ++ r = write_env_file_label(path, l); + if (r < 0) + return r; + + *settings = TAKE_PTR(l); + +- if (stat("/etc/locale.conf", &st) >= 0) ++ if (stat(path, &st) >= 0) + c->locale_mtime = timespec_load(&st.st_mtim); + + return 0; +@@ -384,70 +354,104 @@ int vconsole_write_data(Context *c) { + } + + int x11_write_data(Context *c) { +- _cleanup_fclose_ FILE *f = NULL; +- _cleanup_free_ char *temp_path = NULL; + struct stat st; + int r; ++ char *t, **u, **l = NULL; + +- if (isempty(c->x11_layout) && +- isempty(c->x11_model) && +- isempty(c->x11_variant) && +- isempty(c->x11_options)) { ++ r = load_env_file(NULL, "/etc/default/keyboard", NULL, &l); ++ if (r < 0 && r != -ENOENT) ++ return r; + +- if (unlink("/etc/X11/xorg.conf.d/00-keyboard.conf") < 0) +- return errno == ENOENT ? 0 : -errno; ++ /* This could perhaps be done more elegantly using an array ++ * like we do for the locale, instead of struct ++ */ ++ if (isempty(c->x11_layout)) { ++ l = strv_env_unset(l, "XKBLAYOUT"); ++ } else { ++ if (asprintf(&t, "XKBLAYOUT=%s", c->x11_layout) < 0) { ++ strv_free(l); ++ return -ENOMEM; ++ } + +- c->vc_mtime = USEC_INFINITY; +- return 0; ++ u = strv_env_set(l, t); ++ free(t); ++ strv_free(l); ++ ++ if (!u) ++ return -ENOMEM; ++ ++ l = u; + } + +- mkdir_p_label("/etc/X11/xorg.conf.d", 0755); ++ if (isempty(c->x11_model)) { ++ l = strv_env_unset(l, "XKBMODEL"); ++ } else { ++ if (asprintf(&t, "XKBMODEL=%s", c->x11_model) < 0) { ++ strv_free(l); ++ return -ENOMEM; ++ } + +- r = fopen_temporary("/etc/X11/xorg.conf.d/00-keyboard.conf", &f, &temp_path); +- if (r < 0) +- return r; ++ u = strv_env_set(l, t); ++ free(t); ++ strv_free(l); + +- (void) __fsetlocking(f, FSETLOCKING_BYCALLER); +- (void) fchmod(fileno(f), 0644); ++ if (!u) ++ return -ENOMEM; + +- fputs("# Written by systemd-localed(8), read by systemd-localed and Xorg. It's\n" +- "# probably wise not to edit this file manually. Use localectl(1) to\n" +- "# instruct systemd-localed to update it.\n" +- "Section \"InputClass\"\n" +- " Identifier \"system-keyboard\"\n" +- " MatchIsKeyboard \"on\"\n", f); ++ l = u; ++ } + +- if (!isempty(c->x11_layout)) +- fprintf(f, " Option \"XkbLayout\" \"%s\"\n", c->x11_layout); ++ if (isempty(c->x11_variant)) { ++ l = strv_env_unset(l, "XKBVARIANT"); ++ } else { ++ if (asprintf(&t, "XKBVARIANT=%s", c->x11_variant) < 0) { ++ strv_free(l); ++ return -ENOMEM; ++ } + +- if (!isempty(c->x11_model)) +- fprintf(f, " Option \"XkbModel\" \"%s\"\n", c->x11_model); ++ u = strv_env_set(l, t); ++ free(t); ++ strv_free(l); + +- if (!isempty(c->x11_variant)) +- fprintf(f, " Option \"XkbVariant\" \"%s\"\n", c->x11_variant); ++ if (!u) ++ return -ENOMEM; ++ ++ l = u; ++ } + +- if (!isempty(c->x11_options)) +- fprintf(f, " Option \"XkbOptions\" \"%s\"\n", c->x11_options); ++ if (isempty(c->x11_options)) { ++ l = strv_env_unset(l, "XKBOPTIONS"); ++ } else { ++ if (asprintf(&t, "XKBOPTIONS=%s", c->x11_options) < 0) { ++ strv_free(l); ++ return -ENOMEM; ++ } + +- fputs("EndSection\n", f); ++ u = strv_env_set(l, t); ++ free(t); ++ strv_free(l); + +- r = fflush_sync_and_check(f); +- if (r < 0) +- goto fail; ++ if (!u) ++ return -ENOMEM; + +- if (rename(temp_path, "/etc/X11/xorg.conf.d/00-keyboard.conf") < 0) { +- r = -errno; +- goto fail; ++ l = u; + } + +- if (stat("/etc/X11/xorg.conf.d/00-keyboard.conf", &st) >= 0) +- c->x11_mtime = timespec_load(&st.st_mtim); ++ if (strv_isempty(l)) { ++ strv_free(l); + +- return 0; ++ if (unlink("/etc/default/keyboard") < 0) ++ return errno == ENOENT ? 0 : -errno; ++ ++ c->vc_mtime = USEC_INFINITY; ++ return 0; ++ } + +-fail: +- if (temp_path) +- (void) unlink(temp_path); ++ r = write_env_file("/etc/default/keyboard", l); ++ strv_free(l); ++ ++ if (r >= 0 && stat("/etc/default/keyboard", &st) >= 0) ++ c->x11_mtime = timespec_load(&st.st_mtim); + + return r; + } +diff --git a/src/timedate/timedated.c b/src/timedate/timedated.c +index 3b70939..cffaf07 100644 +--- a/src/timedate/timedated.c ++++ b/src/timedate/timedated.c +@@ -211,6 +211,7 @@ static int context_read_data(Context *c) { + static int context_write_data_timezone(Context *c) { + _cleanup_free_ char *p = NULL; + int r = 0; ++ struct stat st; + + assert(c); + +@@ -218,6 +219,9 @@ static int context_write_data_timezone(Context *c) { + if (unlink("/etc/localtime") < 0 && errno != ENOENT) + r = -errno; + ++ if (unlink("/etc/timezone") < 0 && errno != ENOENT) ++ r = -errno; ++ + return r; + } + +@@ -229,6 +233,12 @@ static int context_write_data_timezone(Context *c) { + if (r < 0) + return r; + ++ if (stat("/etc/timezone", &st) == 0 && S_ISREG(st.st_mode)) { ++ r = write_string_file("/etc/timezone", c->zone, WRITE_STRING_FILE_CREATE|WRITE_STRING_FILE_ATOMIC); ++ if (r < 0) ++ return r; ++ } ++ + return 0; + } + diff --git a/patches/debian/cgroup-don-t-trim-cgroup-trees-created-by-someone-el.patch b/patches/debian/cgroup-don-t-trim-cgroup-trees-created-by-someone-el.patch new file mode 100644 index 00000000..f9aa9761 --- /dev/null +++ b/patches/debian/cgroup-don-t-trim-cgroup-trees-created-by-someone-el.patch @@ -0,0 +1,41 @@ +From: Michal Sekletar +Date: Fri, 19 Sep 2014 17:14:10 +0200 +Subject: cgroup: don't trim cgroup trees created by someone else + +In cases when there is a cgroup tree in a controller hierarchy which was +not created by us, but it looks like it was (i.e. cgroup path is the +same as the one in systemd's named hierarchy) we shouldn't delete it. + +Origin: http://lists.freedesktop.org/archives/systemd-devel/2014-September/023276.html +Bug-Debian: https://bugs.debian.org/777601 +--- + src/basic/cgroup-util.c | 2 -- + src/core/cgroup.c | 2 +- + 2 files changed, 1 insertion(+), 3 deletions(-) + +diff --git a/src/basic/cgroup-util.c b/src/basic/cgroup-util.c +index 038ece4..1d20bb5 100644 +--- a/src/basic/cgroup-util.c ++++ b/src/basic/cgroup-util.c +@@ -2135,8 +2135,6 @@ int cg_create_everywhere(CGroupMask supported, CGroupMask mask, const char *path + + if (mask & bit) + (void) cg_create(n, path); +- else if (supported & bit) +- (void) cg_trim(n, path, true); + } + + return created; +diff --git a/src/core/cgroup.c b/src/core/cgroup.c +index bb02436..1b695c6 100644 +--- a/src/core/cgroup.c ++++ b/src/core/cgroup.c +@@ -1858,7 +1858,7 @@ void unit_prune_cgroup(Unit *u) { + + is_root_slice = unit_has_name(u, SPECIAL_ROOT_SLICE); + +- r = cg_trim_everywhere(u->manager->cgroup_supported, u->cgroup_path, !is_root_slice); ++ r = cg_trim_everywhere(u->cgroup_realized_mask, u->cgroup_path, !is_root_slice); + if (r < 0) { + log_unit_debug_errno(u, r, "Failed to destroy cgroup %s, ignoring: %m", u->cgroup_path); + return; diff --git a/patches/debian/fsckd-daemon-for-inter-fsckd-communication.patch b/patches/debian/fsckd-daemon-for-inter-fsckd-communication.patch new file mode 100644 index 00000000..e1755abb --- /dev/null +++ b/patches/debian/fsckd-daemon-for-inter-fsckd-communication.patch @@ -0,0 +1,1056 @@ +From: Didier Roche +Date: Fri, 22 May 2015 13:04:38 +0200 +Subject: fsckd daemon for inter-fsckd communication + +Global logic: +Add systemd-fsckd multiplexer which accepts multiple (via systemd-fsck's +/run/systemd/fsck.progress socket) fsck instances to connect to it and sends +progress report. systemd-fsckd then computes and writes to /dev/console the +number of devices currently being checked and the minimum fsck progress. + +Plymouth and user interaction: +Forward the progress to plymouth and support canellation of in progress fsck. +Try to connect and send to plymouth (if running) some checked report progress, +using direct plymouth protocole. + +Update message is the following: +fsckd::: +* num_devices corresponds to the current number of devices being checked (int) +* progress corresponds to the current minimum percentage of all devices being + checked (float, from 0 to 100) +* string is a translated message ready to be displayed by the plymouth theme + displaying the information above. It can be overridden by plymouth themes + supporting i18n. + +Grab in fsckd plymouth watch key Control+C, and propagate this cancel request +to systemd-fsck which will terminate fsck. + +Send a message to signal to user what key we are grabbing for fsck cancel. + +Message is: fsckd-cancel-msg: +Where string is a translated string ready to be displayed by the plymouth theme +indicating that Control+C can be used to cancel current checks. It can be +overridden (matching only fsckd-cancel-msg prefix) for themes supporting i18n. + +Misc: +systemd-fsckd stops on idle when no fsck is connected. +Add man page explaining the plymouth theme protocol, usage of the daemon +as well as the socket activation part. Adapt existing fsck man page. + +Note that fsckd had lived in the upstream tree for a while, but was removed. +More information at +http://lists.freedesktop.org/archives/systemd-devel/2015-April/030175.html +- +--- + man/rules/meson.build | 1 + + man/systemd-fsckd.service.xml | 162 +++++++++ + meson.build | 8 + + po/POTFILES.in | 1 + + src/fsckd/fsckd.c | 690 +++++++++++++++++++++++++++++++++++++ + units/meson.build | 2 + + units/systemd-fsck-root.service.in | 2 + + units/systemd-fsck@.service.in | 3 +- + units/systemd-fsckd.service.in | 17 + + units/systemd-fsckd.socket | 15 + + 10 files changed, 900 insertions(+), 1 deletion(-) + create mode 100644 man/systemd-fsckd.service.xml + create mode 100644 src/fsckd/fsckd.c + create mode 100644 units/systemd-fsckd.service.in + create mode 100644 units/systemd-fsckd.socket + +diff --git a/man/rules/meson.build b/man/rules/meson.build +index 9458a40..cbd947b 100644 +--- a/man/rules/meson.build ++++ b/man/rules/meson.build +@@ -566,6 +566,7 @@ manpages = [ + '8', + ['systemd-fsck', 'systemd-fsck-root.service'], + ''], ++ ['systemd-fsckd.service', '8', ['systemd-fsckd.socket', 'systemd-fsckd'], ''], + ['systemd-fstab-generator', '8', [], ''], + ['systemd-getty-generator', '8', [], ''], + ['systemd-gpt-auto-generator', '8', [], ''], +diff --git a/man/systemd-fsckd.service.xml b/man/systemd-fsckd.service.xml +new file mode 100644 +index 0000000..b7ad58d +--- /dev/null ++++ b/man/systemd-fsckd.service.xml +@@ -0,0 +1,162 @@ ++ ++ ++ ++ ++ ++ ++ ++ systemd-fsckd.service ++ systemd ++ ++ ++ ++ Developer ++ Didier ++ Roche ++ didrocks@ubuntu.com ++ ++ ++ ++ ++ ++ systemd-fsckd.service ++ 8 ++ ++ ++ ++ systemd-fsckd.service ++ systemd-fsckd.socket ++ systemd-fsckd ++ File system check progress reporting ++ ++ ++ ++ systemd-fsckd.service ++ systemd-fsckd.socket ++ /usr/lib/systemd/systemd-fsckd ++ ++ ++ ++ Description ++ ++ systemd-fsckd.service is a service responsible ++ for receiving file system check progress, and communicating some ++ consolidated data to console and plymouth (if running). It also handles ++ possible check cancellations. ++ ++ systemd-fsckd receives messages about file ++ system check progress from fsck through an ++ UNIX domain socket. It can display the progress of the least advanced ++ fsck as well as the total number of devices being checked in parallel ++ to the console. It will also send progress messages to plymouth. ++ Both the raw data and translated messages are sent, so compiled ++ plymouth themes can use the raw data to display custom messages, and ++ scripted themes, not supporting i18n, can display the translated ++ versions. ++ ++ systemd-fsckd will instruct plymouth to grab ++ Control+C keypresses. When the key is pressed, running checks will be ++ terminated. It will also cancel any newly connected fsck instances for ++ the lifetime of systemd-fsckd. ++ ++ ++ ++ Protocol for communication with plymouth ++ ++ systemd-fsckd passes the ++ following messages to the theme: ++ ++ Progress update, sent as a plymouth update message: ++ fsckd:<num_devices>:<progress>:<string> ++ ++ ++ <num_devices> ++ the current number of devices ++ being checked (int) ++ ++ ++ <progress> ++ the current minimum percentage of ++ all devices being checking (float, from 0 to 100) ++ ++ ++ <string> ++ a translated message ready to be displayed ++ by the plymouth theme displaying the data above. It can be overridden ++ by themes supporting i18n. ++ ++ ++ ++ ++ Cancel message, sent as a traditional plymouth message: ++ fsckd-cancel-msg:<string> ++ ++ ++ <strings> ++ a translated string ready to be displayed ++ by the plymouth theme indicating that Control+C can be used to cancel ++ current checks. It can be overridden (matching only ++ fsckd-cancel-msg prefix) ++ by themes supporting i18n. ++ ++ ++ ++ ++ ++ ++ Options ++ ++ The following options are understood: ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ Exit status ++ ++ On success, 0 is returned, a non-zero failure ++ code otherwise. Note that the daemon stays idle for ++ a while to accept new fsck ++ connections before exiting. ++ ++ ++ ++ See Also ++ ++ systemd1, ++ systemd-fsck8, ++ fsck8, ++ systemd-quotacheck.service8, ++ fsck.btrfs8, ++ fsck.cramfs8, ++ fsck.ext48, ++ fsck.fat8, ++ fsck.hfsplus8, ++ fsck.minix8, ++ fsck.ntfs8, ++ fsck.xfs8 ++ ++ ++ ++ +diff --git a/meson.build b/meson.build +index 88a470a..f9baed4 100644 +--- a/meson.build ++++ b/meson.build +@@ -2182,6 +2182,14 @@ executable('systemd-makefs', + install : true, + install_dir : rootlibexecdir) + ++executable('systemd-fsckd', ++ 'src/fsckd/fsckd.c', ++ include_directories : includes, ++ link_with : [libshared], ++ install_rpath : rootlibexecdir, ++ install : true, ++ install_dir : rootlibexecdir) ++ + executable('systemd-sleep', + 'src/sleep/sleep.c', + include_directories : includes, +diff --git a/po/POTFILES.in b/po/POTFILES.in +index 029261c..d709ddb 100644 +--- a/po/POTFILES.in ++++ b/po/POTFILES.in +@@ -8,3 +8,4 @@ src/portable/org.freedesktop.portable1.policy + src/resolve/org.freedesktop.resolve1.policy + src/timedate/org.freedesktop.timedate1.policy + src/core/dbus-unit.c ++src/fsckd/fsckd.c +diff --git a/src/fsckd/fsckd.c b/src/fsckd/fsckd.c +new file mode 100644 +index 0000000..d48e53a +--- /dev/null ++++ b/src/fsckd/fsckd.c +@@ -0,0 +1,690 @@ ++/*-*- Mode: C; c-basic-offset: 8; indent-tabs-mode: nil -*-*/ ++ ++/*** ++ This file is part of systemd. ++ ++ Copyright 2015 Canonical ++ ++ Author: ++ Didier Roche ++ ++ systemd is free software; you can redistribute it and/or modify it ++ under the terms of the GNU Lesser General Public License as published by ++ the Free Software Foundation; either version 2.1 of the License, or ++ (at your option) any later version. ++ ++ systemd is distributed in the hope that it will be useful, but ++ WITHOUT ANY WARRANTY; without even the implied warranty of ++ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU ++ Lesser General Public License for more details. ++ ++ You should have received a copy of the GNU Lesser General Public License ++ along with systemd; If not, see . ++***/ ++ ++#include ++#include ++#include ++#include ++#include ++#include ++#include ++#include ++#include ++#include ++#include ++ ++#include "sd-daemon.h" ++#include "build.h" ++#include "def.h" ++#include "sd-event.h" ++#include "log.h" ++#include "list.h" ++#include "macro.h" ++#include "socket-util.h" ++#include "fd-util.h" ++#include "string-util.h" ++#include "io-util.h" ++#include "util.h" ++#include "alloc-util.h" ++#include "locale-util.h" ++ ++#define FSCKD_SOCKET_PATH "/run/systemd/fsck.progress" ++#define IDLE_TIME_SECONDS 30 ++#define PLYMOUTH_REQUEST_KEY "K\2\2\3" ++#define CLIENTS_MAX 128 ++ ++struct Manager; ++ ++typedef struct Client { ++ struct Manager *manager; ++ char *device_name; ++ /* device id refers to "fd " until it gets a name as "device_name" */ ++ char *device_id; ++ ++ pid_t fsck_pid; ++ FILE *fsck_f; ++ ++ size_t cur; ++ size_t max; ++ int pass; ++ ++ double percent; ++ ++ bool cancelled; ++ bool bad_input; ++ ++ sd_event_source *event_source; ++ ++ LIST_FIELDS(struct Client, clients); ++} Client; ++ ++typedef struct Manager { ++ sd_event *event; ++ ++ LIST_HEAD(Client, clients); ++ unsigned n_clients; ++ ++ size_t clear; ++ ++ int connection_fd; ++ sd_event_source *connection_event_source; ++ ++ bool show_status_console; ++ ++ double percent; ++ int numdevices; ++ ++ int plymouth_fd; ++ sd_event_source *plymouth_event_source; ++ bool plymouth_cancel_sent; ++ ++ bool cancel_requested; ++} Manager; ++ ++static void client_free(Client *c); ++static void manager_free(Manager *m); ++ ++DEFINE_TRIVIAL_CLEANUP_FUNC(Client*, client_free); ++DEFINE_TRIVIAL_CLEANUP_FUNC(Manager*, manager_free); ++ ++static int manager_write_console(Manager *m, const char *message) { ++ _cleanup_fclose_ FILE *console = NULL; ++ int l; ++ size_t j; ++ ++ assert(m); ++ ++ if (!m->show_status_console) ++ return 0; ++ ++ /* Reduce the SAK window by opening and closing console on every request */ ++ console = fopen("/dev/console", "we"); ++ if (!console) ++ return -errno; ++ ++ if (message) { ++ fprintf(console, "\r%s\r%n", message, &l); ++ if (m->clear < (size_t)l) ++ m->clear = (size_t)l; ++ } else { ++ fputc('\r', console); ++ for (j = 0; j < m->clear; j++) ++ fputc(' ', console); ++ fputc('\r', console); ++ } ++ fflush(console); ++ ++ return 0; ++} ++ ++static double compute_percent(int pass, size_t cur, size_t max) { ++ /* Values stolen from e2fsck */ ++ ++ static const double pass_table[] = { ++ 0, 70, 90, 92, 95, 100 ++ }; ++ ++ if (pass <= 0) ++ return 0.0; ++ ++ if ((unsigned) pass >= ELEMENTSOF(pass_table) || max == 0) ++ return 100.0; ++ ++ return pass_table[pass-1] + ++ (pass_table[pass] - pass_table[pass-1]) * ++ (double) cur / max; ++} ++ ++static int client_request_cancel(Client *c) { ++ assert(c); ++ ++ if (c->cancelled) ++ return 0; ++ ++ log_info("Request to cancel fsck for %s from fsckd", c->device_id); ++ if (kill(c->fsck_pid, SIGTERM) < 0) { ++ /* ignore the error and consider that cancel was sent if fsck just exited */ ++ if (errno != ESRCH) ++ return log_error_errno(errno, "Cannot send cancel to fsck for %s: %m", c->device_id); ++ } ++ ++ c->cancelled = true; ++ return 1; ++} ++ ++static void client_free(Client *c) { ++ assert(c); ++ ++ if (c->manager) { ++ LIST_REMOVE(clients, c->manager->clients, c); ++ c->manager->n_clients--; ++ } ++ ++ sd_event_source_unref(c->event_source); ++ fclose(c->fsck_f); ++ if (c->device_name) ++ free(c->device_name); ++ if (c->device_id) ++ free(c->device_id); ++ free(c); ++} ++ ++static void manager_disconnect_plymouth(Manager *m) { ++ assert(m); ++ ++ m->plymouth_event_source = sd_event_source_unref(m->plymouth_event_source); ++ m->plymouth_fd = safe_close(m->plymouth_fd); ++ m->plymouth_cancel_sent = false; ++} ++ ++static int manager_plymouth_feedback_handler(sd_event_source *s, int fd, uint32_t revents, void *userdata) { ++ Manager *m = userdata; ++ Client *current; ++ char buffer[6]; ++ ssize_t l; ++ ++ assert(m); ++ ++ l = read(m->plymouth_fd, buffer, sizeof(buffer)); ++ if (l < 0) { ++ log_warning_errno(errno, "Got error while reading from plymouth: %m"); ++ manager_disconnect_plymouth(m); ++ return -errno; ++ } ++ if (l == 0) { ++ manager_disconnect_plymouth(m); ++ return 0; ++ } ++ ++ if (l > 1 && buffer[0] == '\15') ++ log_error("Message update to plymouth wasn't delivered successfully"); ++ ++ /* the only answer support type we requested is a key interruption */ ++ if (l > 2 && buffer[0] == '\2' && buffer[5] == '\3') { ++ m->cancel_requested = true; ++ ++ /* cancel all connected clients */ ++ LIST_FOREACH(clients, current, m->clients) ++ client_request_cancel(current); ++ } ++ ++ return 0; ++} ++ ++static int manager_connect_plymouth(Manager *m) { ++ union sockaddr_union sa = PLYMOUTH_SOCKET; ++ int r; ++ ++ if (!plymouth_running()) ++ return 0; ++ ++ /* try to connect or reconnect if sending a message */ ++ if (m->plymouth_fd >= 0) ++ return 1; ++ ++ m->plymouth_fd = socket(AF_UNIX, SOCK_STREAM|SOCK_CLOEXEC, 0); ++ if (m->plymouth_fd < 0) ++ return log_warning_errno(errno, "Connection to plymouth socket failed: %m"); ++ ++ if (connect(m->plymouth_fd, &sa.sa, offsetof(struct sockaddr_un, sun_path) + 1 + strlen(sa.un.sun_path+1)) < 0) { ++ r = log_warning_errno(errno, "Couldn't connect to plymouth: %m"); ++ goto fail; ++ } ++ ++ r = sd_event_add_io(m->event, &m->plymouth_event_source, m->plymouth_fd, EPOLLIN, manager_plymouth_feedback_handler, m); ++ if (r < 0) { ++ log_warning_errno(r, "Can't listen to plymouth socket: %m"); ++ goto fail; ++ } ++ ++ return 1; ++ ++fail: ++ manager_disconnect_plymouth(m); ++ return r; ++} ++ ++static int plymouth_send_message(int plymouth_fd, const char *message, bool update) { ++ _cleanup_free_ char *packet = NULL; ++ int n; ++ char mode = 'M'; ++ ++ if (update) ++ mode = 'U'; ++ ++ if (asprintf(&packet, "%c\002%c%s%n", mode, (int) (strlen(message) + 1), message, &n) < 0) ++ return log_oom(); ++ ++ return loop_write(plymouth_fd, packet, n + 1, true); ++} ++ ++static int manager_send_plymouth_message(Manager *m, const char *message) { ++ const char *plymouth_cancel_message = NULL, *l10n_cancel_message = NULL; ++ int r; ++ ++ r = manager_connect_plymouth(m); ++ if (r < 0) ++ return r; ++ /* 0 means that plymouth isn't running, do not send any message yet */ ++ else if (r == 0) ++ return 0; ++ ++ if (!m->plymouth_cancel_sent) { ++ ++ /* Indicate to plymouth that we listen to Ctrl+C */ ++ r = loop_write(m->plymouth_fd, PLYMOUTH_REQUEST_KEY, sizeof(PLYMOUTH_REQUEST_KEY), true); ++ if (r < 0) ++ return log_warning_errno(r, "Can't send to plymouth cancel key: %m"); ++ ++ m->plymouth_cancel_sent = true; ++ ++ l10n_cancel_message = _("Press Ctrl+C to cancel all filesystem checks in progress"); ++ plymouth_cancel_message = strjoina("fsckd-cancel-msg:", l10n_cancel_message); ++ ++ r = plymouth_send_message(m->plymouth_fd, plymouth_cancel_message, false); ++ if (r < 0) ++ log_warning_errno(r, "Can't send filesystem cancel message to plymouth: %m"); ++ ++ } else if (m->numdevices == 0) { ++ ++ m->plymouth_cancel_sent = false; ++ ++ r = plymouth_send_message(m->plymouth_fd, "", false); ++ if (r < 0) ++ log_warning_errno(r, "Can't clear plymouth filesystem cancel message: %m"); ++ } ++ ++ r = plymouth_send_message(m->plymouth_fd, message, true); ++ if (r < 0) ++ return log_warning_errno(r, "Couldn't send \"%s\" to plymouth: %m", message); ++ ++ return 0; ++} ++ ++static int manager_update_global_progress(Manager *m) { ++ Client *current = NULL; ++ _cleanup_free_ char *console_message = NULL; ++ _cleanup_free_ char *fsck_message = NULL; ++ int current_numdevices = 0, r; ++ double current_percent = 100; ++ ++ /* get the overall percentage */ ++ LIST_FOREACH(clients, current, m->clients) { ++ current_numdevices++; ++ ++ /* right now, we only keep the minimum % of all fsckd processes. We could in the future trying to be ++ linear, but max changes and corresponds to the pass. We have all the informations into fsckd ++ already if we can treat that in a smarter way. */ ++ current_percent = MIN(current_percent, current->percent); ++ } ++ ++ /* update if there is anything user-visible to update */ ++ if (fabs(current_percent - m->percent) > 0.001 || current_numdevices != m->numdevices) { ++ m->numdevices = current_numdevices; ++ m->percent = current_percent; ++ ++ if (asprintf(&console_message, ++ ngettext("Checking in progress on %d disk (%3.1f%% complete)", ++ "Checking in progress on %d disks (%3.1f%% complete)", m->numdevices), ++ m->numdevices, m->percent) < 0) ++ return -ENOMEM; ++ ++ if (asprintf(&fsck_message, "fsckd:%d:%3.1f:%s", m->numdevices, m->percent, console_message) < 0) ++ return -ENOMEM; ++ ++ r = manager_write_console(m, console_message); ++ if (r < 0) ++ return r; ++ ++ /* try to connect to plymouth and send message */ ++ r = manager_send_plymouth_message(m, fsck_message); ++ if (r < 0) ++ return r; ++ } ++ return 0; ++} ++ ++static int client_progress_handler(sd_event_source *s, int fd, uint32_t revents, void *userdata) { ++ Client *client = userdata; ++ char line[LINE_MAX]; ++ Manager *m; ++ ++ assert(client); ++ m = client->manager; ++ ++ /* check first if we need to cancel this client */ ++ if (m->cancel_requested) ++ client_request_cancel(client); ++ ++ while (fgets(line, sizeof(line), client->fsck_f) != NULL) { ++ int pass; ++ size_t cur, max; ++ _cleanup_free_ char *device = NULL, *old_device_id = NULL; ++ ++ if (sscanf(line, "%i %zu %zu %ms", &pass, &cur, &max, &device) == 4) { ++ if (!client->device_name) { ++ client->device_name = strdup(device); ++ if (!client->device_name) { ++ log_oom(); ++ continue; ++ } ++ old_device_id = client->device_id; ++ client->device_id = strdup(device); ++ if (!client->device_id) { ++ log_oom(); ++ client->device_id = old_device_id; ++ old_device_id = NULL; ++ continue; ++ } ++ } ++ client->pass = pass; ++ client->cur = cur; ++ client->max = max; ++ client->bad_input = false; ++ client->percent = compute_percent(client->pass, client->cur, client->max); ++ log_debug("Getting progress for %s (%zu, %zu, %d) : %3.1f%%", client->device_id, ++ client->cur, client->max, client->pass, client->percent); ++ } else { ++ if (errno == ENOMEM) { ++ log_oom(); ++ continue; ++ } ++ ++ /* if previous input was already garbage, kick it off from progress report */ ++ if (client->bad_input) { ++ log_warning("Closing connection on incorrect input of fsck connection for %s", client->device_id); ++ client_free(client); ++ manager_update_global_progress(m); ++ return 0; ++ } ++ client->bad_input = true; ++ } ++ ++ } ++ ++ if (feof(client->fsck_f)) { ++ log_debug("Fsck client %s disconnected", client->device_id); ++ client_free(client); ++ } ++ ++ manager_update_global_progress(m); ++ return 0; ++} ++ ++static int manager_new_connection_handler(sd_event_source *s, int fd, uint32_t revents, void *userdata) { ++ _cleanup_(client_freep) Client *c = NULL; ++ _cleanup_close_ int new_fsck_fd = -1; ++ _cleanup_fclose_ FILE *new_fsck_f = NULL; ++ struct ucred ucred = {}; ++ Manager *m = userdata; ++ int r; ++ ++ assert(m); ++ ++ /* Initialize and list new clients */ ++ new_fsck_fd = accept4(m->connection_fd, NULL, NULL, SOCK_CLOEXEC|SOCK_NONBLOCK); ++ if (new_fsck_fd < 0) { ++ log_error_errno(errno, "Couldn't accept a new connection: %m"); ++ return 0; ++ } ++ ++ if (m->n_clients >= CLIENTS_MAX) { ++ log_error("Too many clients, refusing connection."); ++ return 0; ++ } ++ ++ ++ new_fsck_f = fdopen(new_fsck_fd, "r"); ++ if (!new_fsck_f) { ++ log_error_errno(errno, "Couldn't fdopen new connection for fd %d: %m", new_fsck_fd); ++ return 0; ++ } ++ new_fsck_fd = -1; ++ ++ r = getpeercred(fileno(new_fsck_f), &ucred); ++ if (r < 0) { ++ log_error_errno(r, "Couldn't get credentials for fsck: %m"); ++ return 0; ++ } ++ ++ c = new0(Client, 1); ++ if (!c) { ++ log_oom(); ++ return 0; ++ } ++ ++ c->fsck_pid = ucred.pid; ++ c->fsck_f = new_fsck_f; ++ new_fsck_f = NULL; ++ ++ if (asprintf(&(c->device_id), "fd %d", fileno(c->fsck_f)) < 0) { ++ log_oom(); ++ return 0; ++ } ++ ++ r = sd_event_add_io(m->event, &c->event_source, fileno(c->fsck_f), EPOLLIN, client_progress_handler, c); ++ if (r < 0) { ++ log_oom(); ++ return 0; ++ } ++ ++ LIST_PREPEND(clients, m->clients, c); ++ m->n_clients++; ++ c->manager = m; ++ ++ log_debug("New fsck client connected: %s", c->device_id); ++ ++ /* only request the client to cancel now in case the request is dropped by the client (chance to recancel) */ ++ if (m->cancel_requested) ++ client_request_cancel(c); ++ ++ c = NULL; ++ return 0; ++} ++ ++static void manager_free(Manager *m) { ++ if (!m) ++ return; ++ ++ /* clear last line */ ++ manager_write_console(m, NULL); ++ ++ sd_event_source_unref(m->connection_event_source); ++ safe_close(m->connection_fd); ++ ++ while (m->clients) ++ client_free(m->clients); ++ ++ manager_disconnect_plymouth(m); ++ ++ sd_event_unref(m->event); ++ ++ free(m); ++} ++ ++static int manager_new(Manager **ret, int fd) { ++ _cleanup_(manager_freep) Manager *m = NULL; ++ int r; ++ ++ assert(ret); ++ ++ m = new0(Manager, 1); ++ if (!m) ++ return -ENOMEM; ++ ++ m->plymouth_fd = -1; ++ m->connection_fd = fd; ++ m->percent = 100; ++ ++ r = sd_event_default(&m->event); ++ if (r < 0) ++ return r; ++ ++ if (access("/run/systemd/show-status", F_OK) >= 0) ++ m->show_status_console = true; ++ ++ r = sd_event_add_io(m->event, &m->connection_event_source, fd, EPOLLIN, manager_new_connection_handler, m); ++ if (r < 0) ++ return r; ++ ++ *ret = m; ++ m = NULL; ++ ++ return 0; ++} ++ ++static int run_event_loop_with_timeout(Manager *m, usec_t timeout) { ++ int r, code; ++ sd_event *e = m->event; ++ ++ assert(e); ++ ++ for (;;) { ++ r = sd_event_get_state(e); ++ if (r < 0) ++ return r; ++ if (r == SD_EVENT_FINISHED) ++ break; ++ ++ r = sd_event_run(e, timeout); ++ if (r < 0) ++ return r; ++ ++ /* Exit if we reached the idle timeout and no more clients are ++ connected. If there is still an fsck process running but ++ simply slow to send us progress updates, exiting would mean ++ that this fsck process receives SIGPIPE resulting in an ++ aborted file system check. */ ++ if (r == 0 && m->n_clients == 0) { ++ sd_event_exit(e, 0); ++ break; ++ } ++ } ++ ++ r = sd_event_get_exit_code(e, &code); ++ if (r < 0) ++ return r; ++ ++ return code; ++} ++ ++static void help(void) { ++ printf("%s [OPTIONS...]\n\n" ++ "Capture fsck progress and forward one stream to plymouth\n\n" ++ " -h --help Show this help\n" ++ " --version Show package version\n", ++ program_invocation_short_name); ++} ++ ++static int parse_argv(int argc, char *argv[]) { ++ ++ enum { ++ ARG_VERSION = 0x100, ++ ARG_ROOT, ++ }; ++ ++ static const struct option options[] = { ++ { "help", no_argument, NULL, 'h' }, ++ { "version", no_argument, NULL, ARG_VERSION }, ++ {} ++ }; ++ ++ int c; ++ ++ assert(argc >= 0); ++ assert(argv); ++ ++ while ((c = getopt_long(argc, argv, "hv", options, NULL)) >= 0) ++ switch (c) { ++ ++ case 'h': ++ help(); ++ return 0; ++ ++ case ARG_VERSION: ++ puts(PACKAGE_STRING); ++ puts(SYSTEMD_FEATURES); ++ return 0; ++ ++ case '?': ++ return -EINVAL; ++ ++ default: ++ assert_not_reached("Unhandled option"); ++ } ++ ++ if (optind < argc) { ++ log_error("Extraneous arguments"); ++ return -EINVAL; ++ } ++ ++ return 1; ++} ++ ++int main(int argc, char *argv[]) { ++ _cleanup_(manager_freep) Manager *m = NULL; ++ int fd = -1; ++ int r, n; ++ ++ log_set_target(LOG_TARGET_AUTO); ++ log_parse_environment(); ++ log_open(); ++ init_gettext(); ++ ++ r = parse_argv(argc, argv); ++ if (r <= 0) ++ goto finish; ++ ++ n = sd_listen_fds(0); ++ if (n > 1) { ++ log_error("Too many file descriptors received."); ++ r = -EINVAL; ++ goto finish; ++ } else if (n == 1) ++ fd = SD_LISTEN_FDS_START + 0; ++ else { ++ fd = make_socket_fd(LOG_DEBUG, FSCKD_SOCKET_PATH, SOCK_STREAM, SOCK_CLOEXEC); ++ if (fd < 0) { ++ r = log_error_errno(fd, "Couldn't create listening socket fd on %s: %m", FSCKD_SOCKET_PATH); ++ goto finish; ++ } ++ } ++ ++ r = manager_new(&m, fd); ++ if (r < 0) { ++ log_error_errno(r, "Failed to allocate manager: %m"); ++ goto finish; ++ } ++ ++ r = run_event_loop_with_timeout(m, IDLE_TIME_SECONDS * USEC_PER_SEC); ++ if (r < 0) { ++ log_error_errno(r, "Failed to run event loop: %m"); ++ goto finish; ++ } ++ ++ sd_event_get_exit_code(m->event, &r); ++ ++finish: ++ return r < 0 ? EXIT_FAILURE : EXIT_SUCCESS; ++} +diff --git a/units/meson.build b/units/meson.build +index e4ac6ce..5c13ec6 100644 +--- a/units/meson.build ++++ b/units/meson.build +@@ -85,6 +85,7 @@ units = [ + 'multi-user.target.wants/'], + ['systemd-coredump.socket', 'ENABLE_COREDUMP', + 'sockets.target.wants/'], ++ ['systemd-fsckd.socket', ''], + ['systemd-initctl.socket', '', + 'sockets.target.wants/'], + ['systemd-journal-gatewayd.socket', 'ENABLE_REMOTE HAVE_MICROHTTPD'], +@@ -138,6 +139,7 @@ in_units = [ + 'sysinit.target.wants/'], + ['systemd-fsck-root.service', ''], + ['systemd-fsck@.service', ''], ++ ['systemd-fsckd.service', ''], + ['systemd-halt.service', ''], + ['systemd-hibernate-resume@.service', 'ENABLE_HIBERNATE'], + ['systemd-hibernate.service', 'ENABLE_HIBERNATE'], +diff --git a/units/systemd-fsck-root.service.in b/units/systemd-fsck-root.service.in +index 25aca19..3cc60e5 100644 +--- a/units/systemd-fsck-root.service.in ++++ b/units/systemd-fsck-root.service.in +@@ -11,7 +11,9 @@ + Description=File System Check on Root Device + Documentation=man:systemd-fsck-root.service(8) + DefaultDependencies=no ++Wants=systemd-fsckd.socket + Before=local-fs.target shutdown.target ++After=systemd-fsckd.socket + ConditionPathIsReadWrite=!/ + + [Service] +diff --git a/units/systemd-fsck@.service.in b/units/systemd-fsck@.service.in +index 078edcc..b254476 100644 +--- a/units/systemd-fsck@.service.in ++++ b/units/systemd-fsck@.service.in +@@ -12,7 +12,8 @@ Description=File System Check on %f + Documentation=man:systemd-fsck@.service(8) + DefaultDependencies=no + BindsTo=%i.device +-After=%i.device systemd-fsck-root.service local-fs-pre.target ++Wants=systemd-fsckd.socket ++After=%i.device systemd-fsck-root.service local-fs-pre.target systemd-fsckd.socket + Before=systemd-quotacheck.service shutdown.target + + [Service] +diff --git a/units/systemd-fsckd.service.in b/units/systemd-fsckd.service.in +new file mode 100644 +index 0000000..9c7ed51 +--- /dev/null ++++ b/units/systemd-fsckd.service.in +@@ -0,0 +1,17 @@ ++# This file is part of systemd. ++# ++# systemd is free software; you can redistribute it and/or modify it ++# under the terms of the GNU Lesser General Public License as published by ++# the Free Software Foundation; either version 2.1 of the License, or ++# (at your option) any later version. ++ ++[Unit] ++Description=File System Check Daemon to report status ++Documentation=man:systemd-fsckd.service(8) ++DefaultDependencies=no ++Requires=systemd-fsckd.socket ++Before=shutdown.target ++ ++[Service] ++ExecStart=@rootlibexecdir@/systemd-fsckd ++StandardOutput=journal+console +diff --git a/units/systemd-fsckd.socket b/units/systemd-fsckd.socket +new file mode 100644 +index 0000000..61fec97 +--- /dev/null ++++ b/units/systemd-fsckd.socket +@@ -0,0 +1,15 @@ ++# This file is part of systemd. ++# ++# systemd is free software; you can redistribute it and/or modify it ++# under the terms of the GNU Lesser General Public License as published by ++# the Free Software Foundation; either version 2.1 of the License, or ++# (at your option) any later version. ++ ++[Unit] ++Description=fsck to fsckd communication Socket ++Documentation=man:systemd-fsckd.service(8) man:systemd-fsck@.service(8) man:systemd-fsck-root.service(8) ++DefaultDependencies=no ++ ++[Socket] ++ListenStream=/run/systemd/fsck.progress ++SocketMode=0600 diff --git a/patches/network-link-Fix-logic-error-in-matching-devices-by-MAC.patch b/patches/network-link-Fix-logic-error-in-matching-devices-by-MAC.patch new file mode 100644 index 00000000..5cfd82f0 --- /dev/null +++ b/patches/network-link-Fix-logic-error-in-matching-devices-by-MAC.patch @@ -0,0 +1,26 @@ +From: Dave Reisner +Date: Sat, 7 Jul 2018 05:39:01 -0400 +Subject: network/link: Fix logic error in matching devices by MAC + +Prior to this commit, a .link file with a [Match] section containing +MACAddress= would match any device without a MAC. This restores the +matching logic prior to e90d037. + +(cherry picked from commit 25ea58d37385af27301b7ad25e985eb15f421614) +--- + src/libsystemd-network/network-internal.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/src/libsystemd-network/network-internal.c b/src/libsystemd-network/network-internal.c +index 0849b44..9d16d6c 100644 +--- a/src/libsystemd-network/network-internal.c ++++ b/src/libsystemd-network/network-internal.c +@@ -124,7 +124,7 @@ bool net_match_config(Set *match_mac, + if (match_arch && condition_test(match_arch) <= 0) + return false; + +- if (match_mac && dev_mac && !set_contains(match_mac, dev_mac)) ++ if (match_mac && (!dev_mac || !set_contains(match_mac, dev_mac))) + return false; + + if (!net_condition_test_strv(match_paths, dev_path)) diff --git a/patches/series b/patches/series new file mode 100644 index 00000000..10e3a7c4 --- /dev/null +++ b/patches/series @@ -0,0 +1,40 @@ +sleep-fix-printf-format-of-fiemap-fields.patch +timesync-changes-type-of-drift_freq-to-int64_t.patch +sleep-fix-one-more-printf-format-of-a-fiemap-field.patch +basic-add-missing-comma-in-raw_clone-assembly-for-sparc.patch +bus-util-make-log-level-lower-in-request_name_destroy_cal.patch +tmpfiles-specify-access-mode-for-run-systemd-netif.patch +test-fix-networkd-test.py-rate-limiting-and-dynamic-user.patch +sysusers-tmpfiles-re-create-systemd-network-systemd-resol.patch +test-Drop-SKIP_INITRD-for-QEMU-based-tests.patch +network-link-Fix-logic-error-in-matching-devices-by-MAC.patch +Re-add-uaccess-tag-for-dev-kvm.patch +Do-not-apply-uaccess-tag-for-dev-kvm-if-mode-is-0666.patch +timedate-increment-reference-count-of-sd_bus_message.patch +timedate-defer-the-property-changed-signal-until-job-of-s.patch +user-runtime-dir-fix-selinux-regression.patch +core-fix-gid-when-DynamicUser-yes-with-static-User.patch +test-introduce-test_is_running_from_builddir.patch +test-make-test-catalog-relocatable.patch +test-remove-support-for-suffix-in-get_testdata_dir.patch +test-use-builddir-systemd-runtest.env-to-set-SYSTEMD_TEST.patch +test-use-builddir-systemd-runtest.env-for-SYSTEMD_CATALOG.patch +debian/Use-Debian-specific-config-files.patch +debian/Bring-tmpfiles.d-tmp.conf-in-line-with-Debian-defaul.patch +debian/Make-run-lock-tmpfs-an-API-fs.patch +debian/Revert-udev-network-device-renaming-immediately-give.patch +debian/Add-support-for-TuxOnIce-hibernation.patch +debian/Re-enable-journal-forwarding-to-syslog.patch +debian/Don-t-enable-audit-by-default.patch +debian/Only-start-logind-if-dbus-is-installed.patch +debian/cgroup-don-t-trim-cgroup-trees-created-by-someone-el.patch +debian/fsckd-daemon-for-inter-fsckd-communication.patch +debian/Skip-filesystem-check-if-already-done-by-the-initram.patch +debian/Revert-core-one-step-back-again-for-nspawn-we-actual.patch +debian/Revert-core-set-RLIMIT_CORE-to-unlimited-by-default.patch +debian/Revert-core-enable-TasksMax-for-all-services-by-default-a.patch +debian/Let-graphical-session-pre.target-be-manually-started.patch +debian/Add-env-variable-for-machine-ID-path.patch +debian/Revert-udev-rules-Permission-changes-for-dev-dri-renderD.patch +debian/Revert-systemctl-when-removing-enablement-or-mask-symlink.patch +debian/Drop-seccomp-system-call-filter-for-udev.patch diff --git a/patches/sleep-fix-one-more-printf-format-of-a-fiemap-field.patch b/patches/sleep-fix-one-more-printf-format-of-a-fiemap-field.patch new file mode 100644 index 00000000..77d7a2f6 --- /dev/null +++ b/patches/sleep-fix-one-more-printf-format-of-a-fiemap-field.patch @@ -0,0 +1,30 @@ +From: Filipe Brandenburger +Date: Wed, 27 Jun 2018 09:19:33 -0700 +Subject: sleep: fix one more printf format of a fiemap field + +Use PRIu64 constant to get the format right on LP-64 architectures, +cast to (uint64_t) to solve incompatibility of __u64. + +This was missed in ad4bc3352285f467f4ffa03c3171b19fa0a8758d, so fix it +with this follow up. + +(cherry picked from commit d7af62d52cd3b58c5fe7d410e907e01fed71c02e) +--- + src/test/test-sleep.c | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) + +diff --git a/src/test/test-sleep.c b/src/test/test-sleep.c +index acfcf6a..a8ad302 100644 +--- a/src/test/test-sleep.c ++++ b/src/test/test-sleep.c +@@ -39,8 +39,8 @@ static int test_fiemap(const char *path) { + log_info("\t number of mapped extents: %" PRIu32, fiemap->fm_mapped_extents); + log_info("\t extent count: %" PRIu32, fiemap->fm_extent_count); + if (fiemap->fm_extent_count > 0) +- log_info("\t first extent location: %llu", +- fiemap->fm_extents[0].fe_physical / page_size()); ++ log_info("\t first extent location: %" PRIu64, ++ (uint64_t) (fiemap->fm_extents[0].fe_physical / page_size())); + + return 0; + } diff --git a/patches/sleep-fix-printf-format-of-fiemap-fields.patch b/patches/sleep-fix-printf-format-of-fiemap-fields.patch new file mode 100644 index 00000000..907b0c4b --- /dev/null +++ b/patches/sleep-fix-printf-format-of-fiemap-fields.patch @@ -0,0 +1,44 @@ +From: Filipe Brandenburger +Date: Tue, 26 Jun 2018 09:43:49 -0700 +Subject: sleep: fix printf format of fiemap fields + +Use PRIu64 and PRIu32 constants to also get the format right on LP-64 +architectures. + +For the 64-bit fields, we need a cast to (uint64_t), since __u64 is +defined as a `long long unsigned` and PRIu64 expects a `long unsigned`. +In practice, both are the same, so the cast should be OK. + +(cherry picked from commit ad4bc3352285f467f4ffa03c3171b19fa0a8758d) +--- + src/test/test-sleep.c | 11 ++++++----- + 1 file changed, 6 insertions(+), 5 deletions(-) + +diff --git a/src/test/test-sleep.c b/src/test/test-sleep.c +index 5286442..acfcf6a 100644 +--- a/src/test/test-sleep.c ++++ b/src/test/test-sleep.c +@@ -1,5 +1,6 @@ + /* SPDX-License-Identifier: LGPL-2.1+ */ + ++#include + #include + #include + +@@ -32,11 +33,11 @@ static int test_fiemap(const char *path) { + if (r < 0) + return log_error_errno(r, "Unable to read extent map for '%s': %m", path); + log_info("extent map information for %s:", path); +- log_info("\t start: %llu", fiemap->fm_start); +- log_info("\t length: %llu", fiemap->fm_length); +- log_info("\t flags: %u", fiemap->fm_flags); +- log_info("\t number of mapped extents: %u", fiemap->fm_mapped_extents); +- log_info("\t extent count: %u", fiemap->fm_extent_count); ++ log_info("\t start: %" PRIu64, (uint64_t) fiemap->fm_start); ++ log_info("\t length: %" PRIu64, (uint64_t) fiemap->fm_length); ++ log_info("\t flags: %" PRIu32, fiemap->fm_flags); ++ log_info("\t number of mapped extents: %" PRIu32, fiemap->fm_mapped_extents); ++ log_info("\t extent count: %" PRIu32, fiemap->fm_extent_count); + if (fiemap->fm_extent_count > 0) + log_info("\t first extent location: %llu", + fiemap->fm_extents[0].fe_physical / page_size()); diff --git a/patches/sysusers-tmpfiles-re-create-systemd-network-systemd-resol.patch b/patches/sysusers-tmpfiles-re-create-systemd-network-systemd-resol.patch new file mode 100644 index 00000000..fd86cf9b --- /dev/null +++ b/patches/sysusers-tmpfiles-re-create-systemd-network-systemd-resol.patch @@ -0,0 +1,58 @@ +From: Yu Watanabe +Date: Sun, 15 Jul 2018 22:31:37 +0900 +Subject: sysusers,tmpfiles: re-create systemd-network, + systemd-resolve and systemd-timesync + +This partially reverts d4e9e574ea0b5d23598a317e68399584d229568b, +0187368cadea183e18c6d575a9d6b7f491a402af, and +4240cb02fda90ba11dfc0114201e42691132c6a9. +The services systemd-networkd, systemd-resolved, and systemd-timesyncd +enable DynamicUsers= and have bus interfaces. Unfortunately, these +has many problems now. Let us create the relevant users, at least, +tentatively. + +Fixes #9503. + +(cherry picked from commit 5b5d82615011b9827466b7cd5756da35627a1608) +--- + sysusers.d/systemd.conf.m4 | 9 +++++++++ + tmpfiles.d/systemd.conf.m4 | 6 +++--- + 2 files changed, 12 insertions(+), 3 deletions(-) + +diff --git a/sysusers.d/systemd.conf.m4 b/sysusers.d/systemd.conf.m4 +index 2315b56..ef5a3cb 100644 +--- a/sysusers.d/systemd.conf.m4 ++++ b/sysusers.d/systemd.conf.m4 +@@ -6,6 +6,15 @@ + # (at your option) any later version. + + g systemd-journal - - ++m4_ifdef(`ENABLE_NETWORKD', ++u systemd-network - "systemd Network Management" ++)m4_dnl ++m4_ifdef(`ENABLE_RESOLVE', ++u systemd-resolve - "systemd Resolver" ++)m4_dnl ++m4_ifdef(`ENABLE_TIMESYNCD', ++u systemd-timesync - "systemd Time Synchronization" ++)m4_dnl + m4_ifdef(`ENABLE_COREDUMP', + u systemd-coredump - "systemd Core Dumper" + )m4_dnl +diff --git a/tmpfiles.d/systemd.conf.m4 b/tmpfiles.d/systemd.conf.m4 +index 120e42a..d39c9cb 100644 +--- a/tmpfiles.d/systemd.conf.m4 ++++ b/tmpfiles.d/systemd.conf.m4 +@@ -17,9 +17,9 @@ d /run/systemd/users 0755 root root - + d /run/systemd/machines 0755 root root - + d /run/systemd/shutdown 0755 root root - + m4_ifdef(`ENABLE_NETWORKD', +-d /run/systemd/netif 0755 - - - +-d /run/systemd/netif/links 0755 - - - +-d /run/systemd/netif/leases 0755 - - - ++d /run/systemd/netif 0755 systemd-network systemd-network - ++d /run/systemd/netif/links 0755 systemd-network systemd-network - ++d /run/systemd/netif/leases 0755 systemd-network systemd-network - + )m4_dnl + + d /run/log 0755 root root - diff --git a/patches/test-Drop-SKIP_INITRD-for-QEMU-based-tests.patch b/patches/test-Drop-SKIP_INITRD-for-QEMU-based-tests.patch new file mode 100644 index 00000000..89a810de --- /dev/null +++ b/patches/test-Drop-SKIP_INITRD-for-QEMU-based-tests.patch @@ -0,0 +1,92 @@ +From: Michael Biebl +Date: Mon, 16 Jul 2018 11:27:44 +0200 +Subject: test: Drop SKIP_INITRD for QEMU-based tests + +Not all distros support booting without an initrd. E.g. the Debian +kernel builds ext4 as a module and so relies on an initrd to +successfully start the QEMU-based images. + +(cherry picked from commit c2d4da002095fe6f86f89a508a81e48fb6d3196f) +--- + test/TEST-08-ISSUE-2730/test.sh | 1 - + test/TEST-09-ISSUE-2691/test.sh | 1 - + test/TEST-10-ISSUE-2467/test.sh | 1 - + test/TEST-11-ISSUE-3166/test.sh | 1 - + test/TEST-13-NSPAWN-SMOKE/test.sh | 2 +- + test/TEST-14-MACHINE-ID/test.sh | 2 +- + 6 files changed, 2 insertions(+), 6 deletions(-) + +diff --git a/test/TEST-08-ISSUE-2730/test.sh b/test/TEST-08-ISSUE-2730/test.sh +index 68159c3..90bf133 100755 +--- a/test/TEST-08-ISSUE-2730/test.sh ++++ b/test/TEST-08-ISSUE-2730/test.sh +@@ -6,7 +6,6 @@ TEST_DESCRIPTION="https://github.com/systemd/systemd/issues/2730" + TEST_NO_NSPAWN=1 + + . $TEST_BASE_DIR/test-functions +-SKIP_INITRD=yes + QEMU_TIMEOUT=180 + FSTYPE=ext4 + +diff --git a/test/TEST-09-ISSUE-2691/test.sh b/test/TEST-09-ISSUE-2691/test.sh +index 4c3e949..9b5990b 100755 +--- a/test/TEST-09-ISSUE-2691/test.sh ++++ b/test/TEST-09-ISSUE-2691/test.sh +@@ -6,7 +6,6 @@ TEST_DESCRIPTION="https://github.com/systemd/systemd/issues/2691" + TEST_NO_NSPAWN=1 + + . $TEST_BASE_DIR/test-functions +-SKIP_INITRD=yes + QEMU_TIMEOUT=90 + + test_setup() { +diff --git a/test/TEST-10-ISSUE-2467/test.sh b/test/TEST-10-ISSUE-2467/test.sh +index 2f95e90..e61f5ac 100755 +--- a/test/TEST-10-ISSUE-2467/test.sh ++++ b/test/TEST-10-ISSUE-2467/test.sh +@@ -5,7 +5,6 @@ set -e + TEST_DESCRIPTION="https://github.com/systemd/systemd/issues/2467" + + . $TEST_BASE_DIR/test-functions +-SKIP_INITRD=yes + + test_setup() { + create_empty_image +diff --git a/test/TEST-11-ISSUE-3166/test.sh b/test/TEST-11-ISSUE-3166/test.sh +index 4602bdf..8aae4d5 100755 +--- a/test/TEST-11-ISSUE-3166/test.sh ++++ b/test/TEST-11-ISSUE-3166/test.sh +@@ -6,7 +6,6 @@ TEST_DESCRIPTION="https://github.com/systemd/systemd/issues/3166" + TEST_NO_NSPAWN=1 + + . $TEST_BASE_DIR/test-functions +-SKIP_INITRD=yes + + test_setup() { + create_empty_image +diff --git a/test/TEST-13-NSPAWN-SMOKE/test.sh b/test/TEST-13-NSPAWN-SMOKE/test.sh +index 6a0cb42..f485a92 100755 +--- a/test/TEST-13-NSPAWN-SMOKE/test.sh ++++ b/test/TEST-13-NSPAWN-SMOKE/test.sh +@@ -4,7 +4,7 @@ + set -e + TEST_DESCRIPTION="systemd-nspawn smoke test" + TEST_NO_NSPAWN=1 +-SKIP_INITRD=yes ++ + . $TEST_BASE_DIR/test-functions + + test_setup() { +diff --git a/test/TEST-14-MACHINE-ID/test.sh b/test/TEST-14-MACHINE-ID/test.sh +index 7342645..62003b9 100755 +--- a/test/TEST-14-MACHINE-ID/test.sh ++++ b/test/TEST-14-MACHINE-ID/test.sh +@@ -4,7 +4,7 @@ + set -e + TEST_DESCRIPTION="/etc/machine-id testing" + TEST_NO_NSPAWN=1 +-SKIP_INITRD=yes ++ + . $TEST_BASE_DIR/test-functions + + test_setup() { diff --git a/patches/test-fix-networkd-test.py-rate-limiting-and-dynamic-user.patch b/patches/test-fix-networkd-test.py-rate-limiting-and-dynamic-user.patch new file mode 100644 index 00000000..c57f3d11 --- /dev/null +++ b/patches/test-fix-networkd-test.py-rate-limiting-and-dynamic-user.patch @@ -0,0 +1,48 @@ +From: Martin Pitt +Date: Mon, 2 Jul 2018 22:26:31 +0200 +Subject: test: fix networkd-test.py rate limiting and dynamic user + + - Reset systemd-networkd.service before each test run, to avoid running + into restart limits. + - Our networkd-test-router.service unit needs to run as root and thus + can't use `User=`; but networkd still insists on the + `systemd-network` system user to exist, so create it. + +(cherry picked from commit c44c1b8ab5274c7cdb93d9a80c79bcddb503c235) +--- + test/networkd-test.py | 8 ++++++++ + 1 file changed, 8 insertions(+) + +diff --git a/test/networkd-test.py b/test/networkd-test.py +index 387cdb6..de16ac1 100755 +--- a/test/networkd-test.py ++++ b/test/networkd-test.py +@@ -54,6 +54,11 @@ def setUpModule(): + # Ensure the unit directory exists so tests can dump files into it. + os.makedirs(NETWORK_UNITDIR, exist_ok=True) + ++ # create static systemd-network user for networkd-test-router.service (it ++ # needs to do some stuff as root and can't start as user; but networkd ++ # still insists on the user) ++ subprocess.check_call(['adduser', '--system', '--no-create-home', 'systemd-network']) ++ + + class NetworkdTestingUtilities: + """Provide a set of utility functions to facilitate networkd tests. +@@ -172,6 +177,7 @@ Name=mybridge + DNS=192.168.250.1 + Address=192.168.250.33/24 + Gateway=192.168.250.1''') ++ subprocess.check_call(['systemctl', 'reset-failed', 'systemd-networkd']) + subprocess.check_call(['systemctl', 'start', 'systemd-networkd']) + + def tearDown(self): +@@ -257,6 +263,8 @@ class ClientTestBase(NetworkdTestingUtilities): + self.assertTrue(out.startswith('-- cursor:')) + self.journal_cursor = out.split()[-1] + ++ subprocess.check_call(['systemctl', 'reset-failed', 'systemd-networkd']) ++ + def tearDown(self): + self.shutdown_iface() + subprocess.call(['systemctl', 'stop', 'systemd-networkd']) diff --git a/patches/test-introduce-test_is_running_from_builddir.patch b/patches/test-introduce-test_is_running_from_builddir.patch new file mode 100644 index 00000000..14e09cd6 --- /dev/null +++ b/patches/test-introduce-test_is_running_from_builddir.patch @@ -0,0 +1,66 @@ +From: Yu Watanabe +Date: Tue, 11 Sep 2018 09:17:22 +0900 +Subject: test: introduce test_is_running_from_builddir() + +(cherry picked from commit 8cb10a4f4dabc508a04f76ea55f23ef517881b61) +--- + src/shared/tests.c | 23 ++++++++++++++++++++--- + src/shared/tests.h | 1 + + 2 files changed, 21 insertions(+), 3 deletions(-) + +diff --git a/src/shared/tests.c b/src/shared/tests.c +index 6b3df0a..c3704c7 100644 +--- a/src/shared/tests.c ++++ b/src/shared/tests.c +@@ -19,6 +19,24 @@ char* setup_fake_runtime_dir(void) { + return p; + } + ++bool test_is_running_from_builddir(char **exedir) { ++ _cleanup_free_ char *s = NULL; ++ bool r; ++ ++ /* Check if we're running from the builddir. Optionally, this returns ++ * the path to the directory where the binary is located. */ ++ ++ assert_se(readlink_and_make_absolute("/proc/self/exe", &s) >= 0); ++ r = path_startswith(s, ABS_BUILD_DIR); ++ ++ if (exedir) { ++ dirname(s); ++ *exedir = TAKE_PTR(s); ++ } ++ ++ return r; ++} ++ + const char* get_testdata_dir(const char *suffix) { + const char *env; + /* convenience: caller does not need to free result */ +@@ -35,14 +53,13 @@ const char* get_testdata_dir(const char *suffix) { + strncpy(testdir, env, sizeof(testdir) - 1); + } else { + _cleanup_free_ char *exedir = NULL; +- assert_se(readlink_and_make_absolute("/proc/self/exe", &exedir) >= 0); + + /* Check if we're running from the builddir. If so, use the compiled in path. */ +- if (path_startswith(exedir, ABS_BUILD_DIR)) ++ if (test_is_running_from_builddir(&exedir)) + assert_se(snprintf(testdir, sizeof(testdir), "%s/test", ABS_SRC_DIR) > 0); + else + /* Try relative path, according to the install-test layout */ +- assert_se(snprintf(testdir, sizeof(testdir), "%s/testdata", dirname(exedir)) > 0); ++ assert_se(snprintf(testdir, sizeof(testdir), "%s/testdata", exedir) > 0); + + /* test this without the suffix, as it may contain a glob */ + if (access(testdir, F_OK) < 0) { +diff --git a/src/shared/tests.h b/src/shared/tests.h +index b88135e..c9fa11f 100644 +--- a/src/shared/tests.h ++++ b/src/shared/tests.h +@@ -2,4 +2,5 @@ + #pragma once + + char* setup_fake_runtime_dir(void); ++bool test_is_running_from_builddir(char **exedir); + const char* get_testdata_dir(const char *suffix); diff --git a/patches/test-make-test-catalog-relocatable.patch b/patches/test-make-test-catalog-relocatable.patch new file mode 100644 index 00000000..58c46273 --- /dev/null +++ b/patches/test-make-test-catalog-relocatable.patch @@ -0,0 +1,100 @@ +From: Yu Watanabe +Date: Tue, 11 Sep 2018 09:18:33 +0900 +Subject: test: make test-catalog relocatable + +Fixes #10045. + +(cherry picked from commit d9b6baa69968132d33e4ad8627c7fe0bd527c859) +--- + catalog/meson.build | 1 - + src/journal/test-catalog.c | 27 +++++++++++++++++++-------- + src/test/meson.build | 2 +- + 3 files changed, 20 insertions(+), 10 deletions(-) + +diff --git a/catalog/meson.build b/catalog/meson.build +index 1b13150..3db8e39 100644 +--- a/catalog/meson.build ++++ b/catalog/meson.build +@@ -17,7 +17,6 @@ in_files = ''' + + support_url = get_option('support-url') + support_sed = 's~%SUPPORT_URL%~@0@~'.format(support_url) +-build_catalog_dir = meson.current_build_dir() + + foreach file : in_files + custom_target( +diff --git a/src/journal/test-catalog.c b/src/journal/test-catalog.c +index 8eae993..0c4da29 100644 +--- a/src/journal/test-catalog.c ++++ b/src/journal/test-catalog.c +@@ -14,14 +14,13 @@ + #include "fileio.h" + #include "log.h" + #include "macro.h" ++#include "path-util.h" + #include "string-util.h" ++#include "strv.h" ++#include "tests.h" + #include "util.h" + +-static const char *catalog_dirs[] = { +- CATALOG_DIR, +- NULL, +-}; +- ++static char** catalog_dirs = NULL; + static const char *no_catalog_dirs[] = { + "/bin/hopefully/with/no/catalog", + NULL +@@ -167,8 +166,8 @@ static void test_catalog_update(const char *database) { + assert_se(r == 0); + + /* Make sure that we at least have some files loaded or the +- catalog_list below will fail. */ +- r = catalog_update(database, NULL, catalog_dirs); ++ * catalog_list below will fail. */ ++ r = catalog_update(database, NULL, (const char * const *) catalog_dirs); + assert_se(r == 0); + } + +@@ -202,14 +201,26 @@ static void test_catalog_file_lang(void) { + + int main(int argc, char *argv[]) { + _cleanup_(unlink_tempfilep) char database[] = "/tmp/test-catalog.XXXXXX"; +- _cleanup_free_ char *text = NULL; ++ _cleanup_free_ char *text = NULL, *catalog_dir = NULL; + int r; + + setlocale(LC_ALL, "de_DE.UTF-8"); + ++ log_set_max_level(LOG_DEBUG); + log_parse_environment(); + log_open(); + ++ /* If test-catalog is located at the build directory, then use catalogs in that. ++ * If it is not, e.g. installed by systemd-tests package, then use installed catalogs. */ ++ if (test_is_running_from_builddir(NULL)) { ++ assert_se(catalog_dir = path_join(NULL, ABS_BUILD_DIR, "catalog")); ++ catalog_dirs = STRV_MAKE(catalog_dir); ++ } else ++ catalog_dirs = STRV_MAKE(CATALOG_DIR); ++ ++ assert_se(access(catalog_dirs[0], F_OK) >= 0); ++ log_notice("Using catalog directory '%s'", catalog_dirs[0]); ++ + test_catalog_file_lang(); + + test_catalog_import_invalid(); +diff --git a/src/test/meson.build b/src/test/meson.build +index 7da7e3a..1ef7ac6 100644 +--- a/src/test/meson.build ++++ b/src/test/meson.build +@@ -757,7 +757,7 @@ tests += [ + [threads, + libxz, + liblz4], +- '', '', '-DCATALOG_DIR="@0@"'.format(build_catalog_dir)], ++ '', '', '-DCATALOG_DIR="@0@"'.format(catalogdir)], + + [['src/journal/test-compress.c'], + [libjournal_core, diff --git a/patches/test-remove-support-for-suffix-in-get_testdata_dir.patch b/patches/test-remove-support-for-suffix-in-get_testdata_dir.patch new file mode 100644 index 00000000..6359c3bb --- /dev/null +++ b/patches/test-remove-support-for-suffix-in-get_testdata_dir.patch @@ -0,0 +1,305 @@ +From: Filipe Brandenburger +Date: Tue, 11 Sep 2018 23:15:09 -0700 +Subject: test: remove support for suffix in get_testdata_dir() + +Instead, use path_join() in callers wherever needed. + +(cherry picked from commit 55890a40c3ec0c061c04d1395a38c26313132d12) +--- + src/resolve/test-dns-packet.c | 5 ++++- + src/shared/tests.c | 4 +--- + src/shared/tests.h | 2 +- + src/test/test-bpf.c | 2 +- + src/test/test-cgroup-mask.c | 2 +- + src/test/test-engine.c | 2 +- + src/test/test-execute.c | 4 +++- + src/test/test-journal-importer.c | 10 ++++++++-- + src/test/test-path.c | 5 ++++- + src/test/test-sched-prio.c | 2 +- + src/test/test-umount.c | 18 ++++++++++++++---- + src/test/test-watch-pid.c | 2 +- + 12 files changed, 40 insertions(+), 18 deletions(-) + +diff --git a/src/resolve/test-dns-packet.c b/src/resolve/test-dns-packet.c +index 905f000..0dac05e 100644 +--- a/src/resolve/test-dns-packet.c ++++ b/src/resolve/test-dns-packet.c +@@ -12,6 +12,7 @@ + #include "macro.h" + #include "resolved-dns-packet.h" + #include "resolved-dns-rr.h" ++#include "path-util.h" + #include "string-util.h" + #include "strv.h" + #include "tests.h" +@@ -92,6 +93,7 @@ static void test_packet_from_file(const char* filename, bool canonical) { + + int main(int argc, char **argv) { + int i, N; ++ _cleanup_free_ char *pkts_glob = NULL; + _cleanup_globfree_ glob_t g = {}; + char **fnames; + +@@ -101,7 +103,8 @@ int main(int argc, char **argv) { + N = argc - 1; + fnames = argv + 1; + } else { +- assert_se(glob(get_testdata_dir("/test-resolve/*.pkts"), GLOB_NOSORT, NULL, &g) == 0); ++ pkts_glob = path_join(NULL, get_testdata_dir(), "test-resolve/*.pkts"); ++ assert_se(glob(pkts_glob, GLOB_NOSORT, NULL, &g) == 0); + N = g.gl_pathc; + fnames = g.gl_pathv; + } +diff --git a/src/shared/tests.c b/src/shared/tests.c +index c3704c7..a002260 100644 +--- a/src/shared/tests.c ++++ b/src/shared/tests.c +@@ -37,7 +37,7 @@ bool test_is_running_from_builddir(char **exedir) { + return r; + } + +-const char* get_testdata_dir(const char *suffix) { ++const char* get_testdata_dir(void) { + const char *env; + /* convenience: caller does not need to free result */ + static char testdir[PATH_MAX]; +@@ -61,13 +61,11 @@ const char* get_testdata_dir(const char *suffix) { + /* Try relative path, according to the install-test layout */ + assert_se(snprintf(testdir, sizeof(testdir), "%s/testdata", exedir) > 0); + +- /* test this without the suffix, as it may contain a glob */ + if (access(testdir, F_OK) < 0) { + fputs("ERROR: Cannot find testdata directory, set $SYSTEMD_TEST_DATA\n", stderr); + exit(EXIT_FAILURE); + } + } + +- strncpy(testdir + strlen(testdir), suffix, sizeof(testdir) - strlen(testdir) - 1); + return testdir; + } +diff --git a/src/shared/tests.h b/src/shared/tests.h +index c9fa11f..da4155e 100644 +--- a/src/shared/tests.h ++++ b/src/shared/tests.h +@@ -3,4 +3,4 @@ + + char* setup_fake_runtime_dir(void); + bool test_is_running_from_builddir(char **exedir); +-const char* get_testdata_dir(const char *suffix); ++const char* get_testdata_dir(void); +diff --git a/src/test/test-bpf.c b/src/test/test-bpf.c +index 4d89bd4..6f4a22a 100644 +--- a/src/test/test-bpf.c ++++ b/src/test/test-bpf.c +@@ -38,7 +38,7 @@ int main(int argc, char *argv[]) { + return EXIT_TEST_SKIP; + } + +- assert_se(set_unit_path(get_testdata_dir("")) >= 0); ++ assert_se(set_unit_path(get_testdata_dir()) >= 0); + assert_se(runtime_dir = setup_fake_runtime_dir()); + + r = bpf_program_new(BPF_PROG_TYPE_CGROUP_SKB, &p); +diff --git a/src/test/test-cgroup-mask.c b/src/test/test-cgroup-mask.c +index d65959e..48d58f6 100644 +--- a/src/test/test-cgroup-mask.c ++++ b/src/test/test-cgroup-mask.c +@@ -26,7 +26,7 @@ static int test_cgroup_mask(void) { + } + + /* Prepare the manager. */ +- assert_se(set_unit_path(get_testdata_dir("")) >= 0); ++ assert_se(set_unit_path(get_testdata_dir()) >= 0); + assert_se(runtime_dir = setup_fake_runtime_dir()); + r = manager_new(UNIT_FILE_USER, MANAGER_TEST_RUN_BASIC, &m); + if (IN_SET(r, -EPERM, -EACCES)) { +diff --git a/src/test/test-engine.c b/src/test/test-engine.c +index d072a15..0f3e244 100644 +--- a/src/test/test-engine.c ++++ b/src/test/test-engine.c +@@ -29,7 +29,7 @@ int main(int argc, char *argv[]) { + } + + /* prepare the test */ +- assert_se(set_unit_path(get_testdata_dir("")) >= 0); ++ assert_se(set_unit_path(get_testdata_dir()) >= 0); + assert_se(runtime_dir = setup_fake_runtime_dir()); + r = manager_new(UNIT_FILE_USER, MANAGER_TEST_RUN_BASIC, &m); + if (MANAGER_SKIP_TEST(r)) { +diff --git a/src/test/test-execute.c b/src/test/test-execute.c +index fa8efdd..1b308a8 100644 +--- a/src/test/test-execute.c ++++ b/src/test/test-execute.c +@@ -648,6 +648,7 @@ static int run_tests(UnitFileScope scope, const test_function_t *tests) { + + int main(int argc, char *argv[]) { + _cleanup_(rm_rf_physical_and_freep) char *runtime_dir = NULL; ++ _cleanup_free_ char *test_execute_path = NULL; + static const test_function_t user_tests[] = { + test_exec_basic, + test_exec_ambientcapabilities, +@@ -711,7 +712,8 @@ int main(int argc, char *argv[]) { + } + + assert_se(runtime_dir = setup_fake_runtime_dir()); +- assert_se(set_unit_path(get_testdata_dir("/test-execute")) >= 0); ++ test_execute_path = path_join(NULL, get_testdata_dir(), "test-execute"); ++ assert_se(set_unit_path(test_execute_path) >= 0); + + /* Unset VAR1, VAR2 and VAR3 which are used in the PassEnvironment test + * cases, otherwise (and if they are present in the environment), +diff --git a/src/test/test-journal-importer.c b/src/test/test-journal-importer.c +index 56bf6a1..8f09d5a 100644 +--- a/src/test/test-journal-importer.c ++++ b/src/test/test-journal-importer.c +@@ -4,8 +4,10 @@ + #include + #include + ++#include "alloc-util.h" + #include "log.h" + #include "journal-importer.h" ++#include "path-util.h" + #include "string-util.h" + #include "tests.h" + +@@ -20,9 +22,11 @@ static void assert_iovec_entry(const struct iovec *iovec, const char* content) { + + static void test_basic_parsing(void) { + _cleanup_(journal_importer_cleanup) JournalImporter imp = {}; ++ _cleanup_free_ char *journal_data_path = NULL; + int r; + +- imp.fd = open(get_testdata_dir("/journal-data/journal-1.txt"), O_RDONLY|O_CLOEXEC); ++ journal_data_path = path_join(NULL, get_testdata_dir(), "journal-data/journal-1.txt"); ++ imp.fd = open(journal_data_path, O_RDONLY|O_CLOEXEC); + assert_se(imp.fd >= 0); + + do +@@ -49,9 +53,11 @@ static void test_basic_parsing(void) { + + static void test_bad_input(void) { + _cleanup_(journal_importer_cleanup) JournalImporter imp = {}; ++ _cleanup_free_ char *journal_data_path = NULL; + int r; + +- imp.fd = open(get_testdata_dir("/journal-data/journal-2.txt"), O_RDONLY|O_CLOEXEC); ++ journal_data_path = path_join(NULL, get_testdata_dir(), "journal-data/journal-2.txt"); ++ imp.fd = open(journal_data_path, O_RDONLY|O_CLOEXEC); + assert_se(imp.fd >= 0); + + do +diff --git a/src/test/test-path.c b/src/test/test-path.c +index 209eb2e..5e78a56 100644 +--- a/src/test/test-path.c ++++ b/src/test/test-path.c +@@ -12,6 +12,7 @@ + #include "macro.h" + #include "manager.h" + #include "mkdir.h" ++#include "path-util.h" + #include "rm-rf.h" + #include "string-util.h" + #include "strv.h" +@@ -247,6 +248,7 @@ int main(int argc, char *argv[]) { + }; + + _cleanup_(rm_rf_physical_and_freep) char *runtime_dir = NULL; ++ _cleanup_free_ char *test_path = NULL; + const test_function_t *test = NULL; + Manager *m = NULL; + +@@ -255,7 +257,8 @@ int main(int argc, char *argv[]) { + log_parse_environment(); + log_open(); + +- assert_se(set_unit_path(get_testdata_dir("/test-path")) >= 0); ++ test_path = path_join(NULL, get_testdata_dir(), "test-path"); ++ assert_se(set_unit_path(test_path) >= 0); + assert_se(runtime_dir = setup_fake_runtime_dir()); + + for (test = tests; test && *test; test++) { +diff --git a/src/test/test-sched-prio.c b/src/test/test-sched-prio.c +index c986284..60012e4 100644 +--- a/src/test/test-sched-prio.c ++++ b/src/test/test-sched-prio.c +@@ -26,7 +26,7 @@ int main(int argc, char *argv[]) { + } + + /* prepare the test */ +- assert_se(set_unit_path(get_testdata_dir("")) >= 0); ++ assert_se(set_unit_path(get_testdata_dir()) >= 0); + assert_se(runtime_dir = setup_fake_runtime_dir()); + r = manager_new(UNIT_FILE_USER, MANAGER_TEST_RUN_BASIC, &m); + if (MANAGER_SKIP_TEST(r)) { +diff --git a/src/test/test-umount.c b/src/test/test-umount.c +index 770d1a7..c068f7a 100644 +--- a/src/test/test-umount.c ++++ b/src/test/test-umount.c +@@ -1,6 +1,8 @@ + /* SPDX-License-Identifier: LGPL-2.1+ */ + ++#include "alloc-util.h" + #include "log.h" ++#include "path-util.h" + #include "string-util.h" + #include "tests.h" + #include "umount.h" +@@ -8,10 +10,14 @@ + + static void test_mount_points_list(const char *fname) { + _cleanup_(mount_points_list_free) LIST_HEAD(MountPoint, mp_list_head); ++ _cleanup_free_ char *testdata_fname = NULL; + MountPoint *m; + + log_info("/* %s(\"%s\") */", __func__, fname ?: "/proc/self/mountinfo"); + ++ if (fname) ++ fname = testdata_fname = path_join(NULL, get_testdata_dir(), fname); ++ + LIST_HEAD_INIT(mp_list_head); + assert_se(mount_points_list_get(fname, &mp_list_head) >= 0); + +@@ -26,10 +32,14 @@ static void test_mount_points_list(const char *fname) { + + static void test_swap_list(const char *fname) { + _cleanup_(mount_points_list_free) LIST_HEAD(MountPoint, mp_list_head); ++ _cleanup_free_ char *testdata_fname = NULL; + MountPoint *m; + + log_info("/* %s(\"%s\") */", __func__, fname ?: "/proc/swaps"); + ++ if (fname) ++ fname = testdata_fname = path_join(NULL, get_testdata_dir(), fname); ++ + LIST_HEAD_INIT(mp_list_head); + assert_se(swap_list_get(fname, &mp_list_head) >= 0); + +@@ -48,10 +58,10 @@ int main(int argc, char **argv) { + log_open(); + + test_mount_points_list(NULL); +- test_mount_points_list(get_testdata_dir("/test-umount/empty.mountinfo")); +- test_mount_points_list(get_testdata_dir("/test-umount/garbled.mountinfo")); +- test_mount_points_list(get_testdata_dir("/test-umount/rhbug-1554943.mountinfo")); ++ test_mount_points_list("/test-umount/empty.mountinfo"); ++ test_mount_points_list("/test-umount/garbled.mountinfo"); ++ test_mount_points_list("/test-umount/rhbug-1554943.mountinfo"); + + test_swap_list(NULL); +- test_swap_list(get_testdata_dir("/test-umount/example.swaps")); ++ test_swap_list("/test-umount/example.swaps"); + } +diff --git a/src/test/test-watch-pid.c b/src/test/test-watch-pid.c +index cb43b35..4e349ab 100644 +--- a/src/test/test-watch-pid.c ++++ b/src/test/test-watch-pid.c +@@ -28,7 +28,7 @@ int main(int argc, char *argv[]) { + return EXIT_TEST_SKIP; + } + +- assert_se(set_unit_path(get_testdata_dir("")) >= 0); ++ assert_se(set_unit_path(get_testdata_dir()) >= 0); + assert_se(runtime_dir = setup_fake_runtime_dir()); + + assert_se(manager_new(UNIT_FILE_USER, true, &m) >= 0); diff --git a/patches/test-use-builddir-systemd-runtest.env-for-SYSTEMD_CATALOG.patch b/patches/test-use-builddir-systemd-runtest.env-for-SYSTEMD_CATALOG.patch new file mode 100644 index 00000000..25bca59b --- /dev/null +++ b/patches/test-use-builddir-systemd-runtest.env-for-SYSTEMD_CATALOG.patch @@ -0,0 +1,132 @@ +From: Filipe Brandenburger +Date: Wed, 12 Sep 2018 00:23:40 -0700 +Subject: test: use ${builddir}/systemd-runtest.env for $SYSTEMD_CATALOG_DIR + +This makes it so that tests no longer need to know the absolute paths to the +source and build dirs, instead using the systemd-runtest.env file to get these +paths when running from the build tree. + +Confirmed that test-catalog works on `ninja test`, when called standalone and +also when the environment file is not present, in which case it will use the +installed location under /usr/lib/systemd/catalog. + +The location can now also be overridden for this test by setting the +$SYSTEMD_CATALOG_DIR environment variable. + +(cherry picked from commit 49cdae63d168b2fe0e19f9f090b90d79de3c39bb) +--- + meson.build | 4 ++-- + src/journal/test-catalog.c | 6 +----- + src/shared/tests.c | 22 ++++++++++++++++------ + src/shared/tests.h | 2 +- + src/test/meson.build | 3 +-- + 5 files changed, 21 insertions(+), 16 deletions(-) + +diff --git a/meson.build b/meson.build +index 7547c69..88a470a 100644 +--- a/meson.build ++++ b/meson.build +@@ -207,6 +207,7 @@ conf.set_quoted('SYSTEM_SLEEP_PATH', systemsleepdir) + conf.set_quoted('SYSTEMD_KBD_MODEL_MAP', join_paths(pkgdatadir, 'kbd-model-map')) + conf.set_quoted('SYSTEMD_LANGUAGE_FALLBACK_MAP', join_paths(pkgdatadir, 'language-fallback-map')) + conf.set_quoted('SYSTEMD_TEST_DATA', join_paths(testsdir, 'testdata')) ++conf.set_quoted('SYSTEMD_CATALOG_DIR', catalogdir) + conf.set_quoted('UDEVLIBEXECDIR', udevlibexecdir) + conf.set_quoted('POLKIT_AGENT_BINARY_PATH', join_paths(bindir, 'pkttyagent')) + conf.set_quoted('LIBDIR', libdir) +@@ -222,8 +223,6 @@ conf.set_quoted('DOCUMENT_ROOT', join_paths(pkgdata + conf.set('MEMORY_ACCOUNTING_DEFAULT', memory_accounting_default ? 'true' : 'false') + conf.set_quoted('MEMORY_ACCOUNTING_DEFAULT_YES_NO', memory_accounting_default ? 'yes' : 'no') + +-conf.set_quoted('ABS_BUILD_DIR', meson.build_root()) +- + substs.set('prefix', prefixdir) + substs.set('exec_prefix', prefixdir) + substs.set('libdir', libdir) +@@ -2551,6 +2550,7 @@ custom_target( + output : 'systemd-runtest.env', + command : ['sh', '-c', '{ ' + + 'echo SYSTEMD_TEST_DATA=@0@; '.format(join_paths(meson.current_source_dir(), 'test')) + ++ 'echo SYSTEMD_CATALOG_DIR=@0@; '.format(join_paths(meson.current_build_dir(), 'catalog')) + + '} >@OUTPUT@'], + build_by_default : true) + +diff --git a/src/journal/test-catalog.c b/src/journal/test-catalog.c +index 0c4da29..d9ee557 100644 +--- a/src/journal/test-catalog.c ++++ b/src/journal/test-catalog.c +@@ -212,11 +212,7 @@ int main(int argc, char *argv[]) { + + /* If test-catalog is located at the build directory, then use catalogs in that. + * If it is not, e.g. installed by systemd-tests package, then use installed catalogs. */ +- if (test_is_running_from_builddir(NULL)) { +- assert_se(catalog_dir = path_join(NULL, ABS_BUILD_DIR, "catalog")); +- catalog_dirs = STRV_MAKE(catalog_dir); +- } else +- catalog_dirs = STRV_MAKE(CATALOG_DIR); ++ catalog_dirs = STRV_MAKE(get_catalog_dir()); + + assert_se(access(catalog_dirs[0], F_OK) >= 0); + log_notice("Using catalog directory '%s'", catalog_dirs[0]); +diff --git a/src/shared/tests.c b/src/shared/tests.c +index ac11f51..94f4629 100644 +--- a/src/shared/tests.c ++++ b/src/shared/tests.c +@@ -44,12 +44,6 @@ static void load_testdata_env(void) { + setenv(*k, *v, 0); + } + +-bool test_is_running_from_builddir(char **exedir) { +- load_testdata_env(); +- +- return !!getenv("SYSTEMD_TEST_DATA"); +-} +- + const char* get_testdata_dir(void) { + const char *env; + +@@ -66,3 +60,19 @@ const char* get_testdata_dir(void) { + + return env; + } ++ ++const char* get_catalog_dir(void) { ++ const char *env; ++ ++ load_testdata_env(); ++ ++ /* if the env var is set, use that */ ++ env = getenv("SYSTEMD_CATALOG_DIR"); ++ if (!env) ++ env = SYSTEMD_CATALOG_DIR; ++ if (access(env, F_OK) < 0) { ++ fprintf(stderr, "ERROR: $SYSTEMD_CATALOG_DIR directory [%s] does not exist\n", env); ++ exit(EXIT_FAILURE); ++ } ++ return env; ++} +diff --git a/src/shared/tests.h b/src/shared/tests.h +index da4155e..0d5e6a8 100644 +--- a/src/shared/tests.h ++++ b/src/shared/tests.h +@@ -2,5 +2,5 @@ + #pragma once + + char* setup_fake_runtime_dir(void); +-bool test_is_running_from_builddir(char **exedir); + const char* get_testdata_dir(void); ++const char* get_catalog_dir(void); +diff --git a/src/test/meson.build b/src/test/meson.build +index 1ef7ac6..6fea916 100644 +--- a/src/test/meson.build ++++ b/src/test/meson.build +@@ -756,8 +756,7 @@ tests += [ + libshared], + [threads, + libxz, +- liblz4], +- '', '', '-DCATALOG_DIR="@0@"'.format(catalogdir)], ++ liblz4]], + + [['src/journal/test-compress.c'], + [libjournal_core, diff --git a/patches/test-use-builddir-systemd-runtest.env-to-set-SYSTEMD_TEST.patch b/patches/test-use-builddir-systemd-runtest.env-to-set-SYSTEMD_TEST.patch new file mode 100644 index 00000000..f6c4ce68 --- /dev/null +++ b/patches/test-use-builddir-systemd-runtest.env-to-set-SYSTEMD_TEST.patch @@ -0,0 +1,163 @@ +From: Filipe Brandenburger +Date: Tue, 11 Sep 2018 23:55:02 -0700 +Subject: test: use ${builddir}/systemd-runtest.env to set $SYSTEMD_TEST_DATA + +This simplifies get_testdata_dir() to simply checking for an environment +variable, with an additional function to locate a systemd-runtest.env file in +the same directory as the test binary and reading environment variable +assignments from that file if it exists. + +This makes it possible to: +- Run `ninja test` from the build dir and have it use ${srcdir}/test for + test unit definitions. +- Run a test directly, such as `build/test-execute` and have it locate + them correctly. +- Run installed tests (from systemd-tests package) and locate the test + units in the installed location (/usr/lib/systemd/tests/testdata), in + which case the absence of the systemd-runtest.env file will have + get_testdata_dir() use the installed location hardcoded into the + binaries. + +Explicit setting of $SYSTEMD_TEST_DATA still overrides the contents of +systemd-runtest.env. + +(cherry picked from commit e2d413707fc68ed033a83e10a055ca638a1e1e18) +--- + meson.build | 10 +++++++- + src/shared/tests.c | 67 ++++++++++++++++++++++++++---------------------------- + 2 files changed, 41 insertions(+), 36 deletions(-) + +diff --git a/meson.build b/meson.build +index dd21f50..7547c69 100644 +--- a/meson.build ++++ b/meson.build +@@ -206,6 +206,7 @@ conf.set_quoted('SYSTEM_SHUTDOWN_PATH', systemshutdowndir) + conf.set_quoted('SYSTEM_SLEEP_PATH', systemsleepdir) + conf.set_quoted('SYSTEMD_KBD_MODEL_MAP', join_paths(pkgdatadir, 'kbd-model-map')) + conf.set_quoted('SYSTEMD_LANGUAGE_FALLBACK_MAP', join_paths(pkgdatadir, 'language-fallback-map')) ++conf.set_quoted('SYSTEMD_TEST_DATA', join_paths(testsdir, 'testdata')) + conf.set_quoted('UDEVLIBEXECDIR', udevlibexecdir) + conf.set_quoted('POLKIT_AGENT_BINARY_PATH', join_paths(bindir, 'pkttyagent')) + conf.set_quoted('LIBDIR', libdir) +@@ -222,7 +223,6 @@ conf.set('MEMORY_ACCOUNTING_DEFAULT', memory_accounting_ + conf.set_quoted('MEMORY_ACCOUNTING_DEFAULT_YES_NO', memory_accounting_default ? 'yes' : 'no') + + conf.set_quoted('ABS_BUILD_DIR', meson.build_root()) +-conf.set_quoted('ABS_SRC_DIR', meson.source_root()) + + substs.set('prefix', prefixdir) + substs.set('exec_prefix', prefixdir) +@@ -2546,6 +2546,14 @@ executable('systemd-sulogin-shell', + + ############################################################ + ++custom_target( ++ 'systemd-runtest.env', ++ output : 'systemd-runtest.env', ++ command : ['sh', '-c', '{ ' + ++ 'echo SYSTEMD_TEST_DATA=@0@; '.format(join_paths(meson.current_source_dir(), 'test')) + ++ '} >@OUTPUT@'], ++ build_by_default : true) ++ + foreach tuple : tests + sources = tuple[0] + link_with = tuple[1].length() > 0 ? tuple[1] : [libshared] +diff --git a/src/shared/tests.c b/src/shared/tests.c +index a002260..ac11f51 100644 +--- a/src/shared/tests.c ++++ b/src/shared/tests.c +@@ -6,8 +6,11 @@ + #include + #include + +-#include "tests.h" ++#include "alloc-util.h" ++#include "fileio.h" + #include "path-util.h" ++#include "strv.h" ++#include "tests.h" + + char* setup_fake_runtime_dir(void) { + char t[] = "/tmp/fake-xdg-runtime-XXXXXX", *p; +@@ -19,53 +22,47 @@ char* setup_fake_runtime_dir(void) { + return p; + } + +-bool test_is_running_from_builddir(char **exedir) { ++static void load_testdata_env(void) { ++ static bool called = false; + _cleanup_free_ char *s = NULL; +- bool r; ++ _cleanup_free_ char *envpath = NULL; ++ _cleanup_strv_free_ char **pairs = NULL; ++ char **k, **v; + +- /* Check if we're running from the builddir. Optionally, this returns +- * the path to the directory where the binary is located. */ ++ if (called) ++ return; ++ called = true; + + assert_se(readlink_and_make_absolute("/proc/self/exe", &s) >= 0); +- r = path_startswith(s, ABS_BUILD_DIR); ++ dirname(s); + +- if (exedir) { +- dirname(s); +- *exedir = TAKE_PTR(s); +- } ++ envpath = path_join(NULL, s, "systemd-runtest.env"); ++ if (load_env_file_pairs(NULL, envpath, NULL, &pairs) < 0) ++ return; + +- return r; ++ STRV_FOREACH_PAIR(k, v, pairs) ++ setenv(*k, *v, 0); ++} ++ ++bool test_is_running_from_builddir(char **exedir) { ++ load_testdata_env(); ++ ++ return !!getenv("SYSTEMD_TEST_DATA"); + } + + const char* get_testdata_dir(void) { + const char *env; +- /* convenience: caller does not need to free result */ +- static char testdir[PATH_MAX]; ++ ++ load_testdata_env(); + + /* if the env var is set, use that */ + env = getenv("SYSTEMD_TEST_DATA"); +- testdir[sizeof(testdir) - 1] = '\0'; +- if (env) { +- if (access(env, F_OK) < 0) { +- fputs("ERROR: $SYSTEMD_TEST_DATA directory does not exist\n", stderr); +- exit(EXIT_FAILURE); +- } +- strncpy(testdir, env, sizeof(testdir) - 1); +- } else { +- _cleanup_free_ char *exedir = NULL; +- +- /* Check if we're running from the builddir. If so, use the compiled in path. */ +- if (test_is_running_from_builddir(&exedir)) +- assert_se(snprintf(testdir, sizeof(testdir), "%s/test", ABS_SRC_DIR) > 0); +- else +- /* Try relative path, according to the install-test layout */ +- assert_se(snprintf(testdir, sizeof(testdir), "%s/testdata", exedir) > 0); +- +- if (access(testdir, F_OK) < 0) { +- fputs("ERROR: Cannot find testdata directory, set $SYSTEMD_TEST_DATA\n", stderr); +- exit(EXIT_FAILURE); +- } ++ if (!env) ++ env = SYSTEMD_TEST_DATA; ++ if (access(env, F_OK) < 0) { ++ fprintf(stderr, "ERROR: $SYSTEMD_TEST_DATA directory [%s] does not exist\n", env); ++ exit(EXIT_FAILURE); + } + +- return testdir; ++ return env; + } diff --git a/patches/timedate-defer-the-property-changed-signal-until-job-of-s.patch b/patches/timedate-defer-the-property-changed-signal-until-job-of-s.patch new file mode 100644 index 00000000..02f66dd8 --- /dev/null +++ b/patches/timedate-defer-the-property-changed-signal-until-job-of-s.patch @@ -0,0 +1,177 @@ +From: Yu Watanabe +Date: Sun, 22 Jul 2018 23:10:02 +0900 +Subject: timedate: defer the property changed signal until job of + starting/stopping NTP service is finished + +Before this, the property changed signal is emitted immediately after +StartUnit/StopUnit method is called. So, the running state of the NTP +client service may not updated. +This makes the timing of emitting property changed signal is deferred +until job of starting/stopping NTP client service is completed. + +Fixes #9672. + +(cherry picked from commit 3af0a96c0fcc623bd16649fc3640396a657cf9ef) +--- + src/timedate/timedated.c | 78 ++++++++++++++++++++++++++++++++++++++++-------- + 1 file changed, 65 insertions(+), 13 deletions(-) + +diff --git a/src/timedate/timedated.c b/src/timedate/timedated.c +index a66ea22..3b70939 100644 +--- a/src/timedate/timedated.c ++++ b/src/timedate/timedated.c +@@ -45,6 +45,9 @@ typedef struct Context { + Hashmap *polkit_registry; + sd_bus_message *cache; + ++ sd_bus_slot *slot_job_removed; ++ char *path_ntp_unit; ++ + LIST_HEAD(UnitStatusInfo, units); + } Context; + +@@ -73,6 +76,9 @@ static void context_free(Context *c) { + bus_verify_polkit_async_registry_free(c->polkit_registry); + sd_bus_message_unref(c->cache); + ++ sd_bus_slot_unref(c->slot_job_removed); ++ free(c->path_ntp_unit); ++ + while ((p = c->units)) { + LIST_REMOVE(units, c->units, p); + unit_status_info_free(p); +@@ -344,17 +350,55 @@ static int context_update_ntp_status(Context *c, sd_bus *bus, sd_bus_message *m) + return 0; + } + +-static int unit_start_or_stop(UnitStatusInfo *u, sd_bus *bus, sd_bus_error *error, bool start) { ++static int match_job_removed(sd_bus_message *m, void *userdata, sd_bus_error *error) { ++ const char *path; ++ Context *c = userdata; ++ int r; ++ ++ assert(c); ++ assert(m); ++ ++ r = sd_bus_message_read(m, "uoss", NULL, &path, NULL, NULL); ++ if (r < 0) { ++ bus_log_parse_error(r); ++ return 0; ++ } ++ ++ if (!streq_ptr(path, c->path_ntp_unit)) ++ return 0; ++ ++ (void) sd_bus_emit_properties_changed(sd_bus_message_get_bus(m), "/org/freedesktop/timedate1", "org.freedesktop.timedate1", "NTP", NULL); ++ ++ c->slot_job_removed = sd_bus_slot_unref(c->slot_job_removed); ++ c->path_ntp_unit = mfree(c->path_ntp_unit); ++ ++ return 0; ++} ++ ++static int unit_start_or_stop(Context *c, UnitStatusInfo *u, sd_bus *bus, sd_bus_error *error, bool start) { ++ _cleanup_(sd_bus_message_unrefp) sd_bus_message *reply = NULL; ++ _cleanup_(sd_bus_slot_unrefp) sd_bus_slot *slot = NULL; ++ const char *path; + int r; + ++ assert(c); + assert(u); + assert(bus); + assert(error); + +- /* Call context_update_ntp_status() to update UnitStatusInfo before calling this. */ ++ /* This method may be called frequently. Forget the previous job if it has not completed yet. */ ++ c->slot_job_removed = sd_bus_slot_unref(c->slot_job_removed); + +- if (streq(u->active_state, "active") == start) +- return 0; ++ r = sd_bus_match_signal_async( ++ bus, ++ &slot, ++ "org.freedesktop.systemd1", ++ "/org/freedesktop/systemd1", ++ "org.freedesktop.systemd1.Manager", ++ "JobRemoved", ++ match_job_removed, NULL, c); ++ if (r < 0) ++ return r; + + r = sd_bus_call_method( + bus, +@@ -363,13 +407,22 @@ static int unit_start_or_stop(UnitStatusInfo *u, sd_bus *bus, sd_bus_error *erro + "org.freedesktop.systemd1.Manager", + start ? "StartUnit" : "StopUnit", + error, +- NULL, ++ &reply, + "ss", + u->name, + "replace"); + if (r < 0) + return r; + ++ r = sd_bus_message_read(reply, "o", &path); ++ if (r < 0) ++ return bus_log_parse_error(r); ++ ++ r = free_and_strdup(&c->path_ntp_unit, path); ++ if (r < 0) ++ return log_oom(); ++ ++ c->slot_job_removed = TAKE_PTR(slot); + return 0; + } + +@@ -421,8 +474,9 @@ static int unit_enable_or_disable(UnitStatusInfo *u, sd_bus *bus, sd_bus_error * + error, + NULL, + NULL); +- if (r < 0) +- return r; ++ if (r < 0) ++ return r; ++ + return 0; + } + +@@ -812,7 +866,7 @@ static int method_set_ntp(sd_bus_message *m, void *userdata, sd_bus_error *error + if (q < 0) + r = q; + +- q = unit_start_or_stop(u, bus, error, enable); ++ q = unit_start_or_stop(c, u, bus, error, enable); + if (q < 0) + r = q; + } +@@ -826,17 +880,17 @@ static int method_set_ntp(sd_bus_message *m, void *userdata, sd_bus_error *error + if (r < 0) + continue; + +- r = unit_start_or_stop(u, bus, error, enable); ++ r = unit_start_or_stop(c, u, bus, error, enable); + break; + } + +- else if (context_ntp_service_is_active(c) <= 0) ++ else + LIST_FOREACH(units, u, c->units) { + if (!streq(u->load_state, "loaded") || + !streq(u->unit_file_state, "enabled")) + continue; + +- r = unit_start_or_stop(u, bus, error, enable); ++ r = unit_start_or_stop(c, u, bus, error, enable); + break; + } + +@@ -845,8 +899,6 @@ static int method_set_ntp(sd_bus_message *m, void *userdata, sd_bus_error *error + + log_info("Set NTP to %sd", enable_disable(enable)); + +- (void) sd_bus_emit_properties_changed(bus, "/org/freedesktop/timedate1", "org.freedesktop.timedate1", "NTP", NULL); +- + return sd_bus_reply_method_return(m, NULL); + } + diff --git a/patches/timedate-increment-reference-count-of-sd_bus_message.patch b/patches/timedate-increment-reference-count-of-sd_bus_message.patch new file mode 100644 index 00000000..a989bf06 --- /dev/null +++ b/patches/timedate-increment-reference-count-of-sd_bus_message.patch @@ -0,0 +1,64 @@ +From: Yu Watanabe +Date: Sat, 21 Jul 2018 23:07:53 +0900 +Subject: timedate: increment reference count of sd_bus_message + +The commit 5d280742b645a69a19e7f9131adc0c95f5c7fa07 introduces a +barrier to suppress calling context_update_ntp_status() multiple times. +However, it just stores the address of sd_bus_message object. So, +when an address is reused on the subsequent message, then the status +of NTP clients are not updated. + +This makes the stored message object is referenced by the context +object. So, the subsequent message is on cirtainly different address. + +(cherry picked from commit 2770af85ac04fd14af2f6bcdf4d3967ed6f2e36f) +--- + src/timedate/timedated.c | 14 +++++++++----- + 1 file changed, 9 insertions(+), 5 deletions(-) + +diff --git a/src/timedate/timedated.c b/src/timedate/timedated.c +index 82eb213..a66ea22 100644 +--- a/src/timedate/timedated.c ++++ b/src/timedate/timedated.c +@@ -43,6 +43,7 @@ typedef struct Context { + char *zone; + bool local_rtc; + Hashmap *polkit_registry; ++ sd_bus_message *cache; + + LIST_HEAD(UnitStatusInfo, units); + } Context; +@@ -70,6 +71,7 @@ static void context_free(Context *c) { + + free(c->zone); + bus_verify_polkit_async_registry_free(c->polkit_registry); ++ sd_bus_message_unref(c->cache); + + while ((p = c->units)) { + LIST_REMOVE(units, c->units, p); +@@ -301,18 +303,20 @@ static int context_update_ntp_status(Context *c, sd_bus *bus, sd_bus_message *m) + { "UnitFileState", "s", NULL, offsetof(UnitStatusInfo, unit_file_state) }, + {} + }; +- static sd_bus_message *_m = NULL; + UnitStatusInfo *u; + int r; + + assert(c); + assert(bus); + +- /* Suppress multiple call of context_update_ntp_status() within single DBus transaction. */ +- if (m && m == _m) +- return 0; ++ /* Suppress calling context_update_ntp_status() multiple times within single DBus transaction. */ ++ if (m) { ++ if (m == c->cache) ++ return 0; + +- _m = m; ++ sd_bus_message_unref(c->cache); ++ c->cache = sd_bus_message_ref(m); ++ } + + LIST_FOREACH(units, u, c->units) { + _cleanup_(sd_bus_error_free) sd_bus_error error = SD_BUS_ERROR_NULL; diff --git a/patches/timesync-changes-type-of-drift_freq-to-int64_t.patch b/patches/timesync-changes-type-of-drift_freq-to-int64_t.patch new file mode 100644 index 00000000..a45c57b0 --- /dev/null +++ b/patches/timesync-changes-type-of-drift_freq-to-int64_t.patch @@ -0,0 +1,41 @@ +From: Yu Watanabe +Date: Sat, 23 Jun 2018 09:41:55 +0900 +Subject: timesync: changes type of drift_freq to int64_t + +drift_freq is used for storing timex.freq, and is a 64bit integer. +To support x32 ABI, this changes the type of drift_freq to int64_t. + +Fixes #9387. + +(cherry picked from commit 75ca1621db4647a4d62d7873cd6715e28fe0f9fa) +--- + src/timesync/timesyncd-manager.c | 2 +- + src/timesync/timesyncd-manager.h | 2 +- + 2 files changed, 2 insertions(+), 2 deletions(-) + +diff --git a/src/timesync/timesyncd-manager.c b/src/timesync/timesyncd-manager.c +index 2b731af..404a2b1 100644 +--- a/src/timesync/timesyncd-manager.c ++++ b/src/timesync/timesyncd-manager.c +@@ -604,7 +604,7 @@ static int manager_receive_response(sd_event_source *source, int fd, uint32_t re + m->dest_time = *recv_time; + m->spike = spike; + +- log_debug("interval/delta/delay/jitter/drift " USEC_FMT "s/%+.3fs/%.3fs/%.3fs/%+"PRI_TIMEX"ppm%s", ++ log_debug("interval/delta/delay/jitter/drift " USEC_FMT "s/%+.3fs/%.3fs/%.3fs/%+"PRIi64"ppm%s", + m->poll_interval_usec / USEC_PER_SEC, offset, delay, m->samples_jitter, m->drift_freq / 65536, + spike ? " (ignored)" : ""); + +diff --git a/src/timesync/timesyncd-manager.h b/src/timesync/timesyncd-manager.h +index d8d97cc..1834741 100644 +--- a/src/timesync/timesyncd-manager.h ++++ b/src/timesync/timesyncd-manager.h +@@ -79,7 +79,7 @@ struct Manager { + /* last change */ + bool jumped; + bool sync; +- long drift_freq; ++ int64_t drift_freq; + + /* watch for time changes */ + sd_event_source *event_clock_watch; diff --git a/patches/tmpfiles-specify-access-mode-for-run-systemd-netif.patch b/patches/tmpfiles-specify-access-mode-for-run-systemd-netif.patch new file mode 100644 index 00000000..d566f126 --- /dev/null +++ b/patches/tmpfiles-specify-access-mode-for-run-systemd-netif.patch @@ -0,0 +1,30 @@ +From: Yu Watanabe +Date: Mon, 25 Jun 2018 14:56:49 +0900 +Subject: tmpfiles: specify access mode for /run/systemd/netif + +This partially reverts 2af767729489f6baa98a2641b2007acab44ed353. +As the directories are certainly readable and not-writable by +non-privileged users. + +(cherry picked from commit 400d8461381c5748a97fccb8a022a20f40063a7d) +--- + tmpfiles.d/systemd.conf.m4 | 6 +++--- + 1 file changed, 3 insertions(+), 3 deletions(-) + +diff --git a/tmpfiles.d/systemd.conf.m4 b/tmpfiles.d/systemd.conf.m4 +index 0992f74..120e42a 100644 +--- a/tmpfiles.d/systemd.conf.m4 ++++ b/tmpfiles.d/systemd.conf.m4 +@@ -17,9 +17,9 @@ d /run/systemd/users 0755 root root - + d /run/systemd/machines 0755 root root - + d /run/systemd/shutdown 0755 root root - + m4_ifdef(`ENABLE_NETWORKD', +-d /run/systemd/netif - - - - +-d /run/systemd/netif/links - - - - +-d /run/systemd/netif/leases - - - - ++d /run/systemd/netif 0755 - - - ++d /run/systemd/netif/links 0755 - - - ++d /run/systemd/netif/leases 0755 - - - + )m4_dnl + + d /run/log 0755 root root - diff --git a/patches/user-runtime-dir-fix-selinux-regression.patch b/patches/user-runtime-dir-fix-selinux-regression.patch new file mode 100644 index 00000000..411f37a9 --- /dev/null +++ b/patches/user-runtime-dir-fix-selinux-regression.patch @@ -0,0 +1,40 @@ +From: Alan Jenkins +Date: Mon, 3 Sep 2018 11:10:24 +0100 +Subject: user-runtime-dir: fix selinux regression + +Fix #9993. When this code was split out to user-runtime-dir, it forgot to +include the call to mac_selinux_init(). So mkdir_label() stopped working. + +Fixes: a9f0f5e50104 ("logind: split %t directory creation to a helper +unit") + +(cherry picked from commit 81375d802672f34205bef9f301c58854af5fc568) +--- + src/login/user-runtime-dir.c | 7 +++++++ + 1 file changed, 7 insertions(+) + +diff --git a/src/login/user-runtime-dir.c b/src/login/user-runtime-dir.c +index 1bb26c9..790de0e 100644 +--- a/src/login/user-runtime-dir.c ++++ b/src/login/user-runtime-dir.c +@@ -10,6 +10,7 @@ + #include "mount-util.h" + #include "path-util.h" + #include "rm-rf.h" ++#include "selinux-util.h" + #include "smack-util.h" + #include "stdio-util.h" + #include "string-util.h" +@@ -144,6 +145,12 @@ int main(int argc, char *argv[]) { + return EXIT_FAILURE; + } + ++ r = mac_selinux_init(); ++ if (r < 0) { ++ log_error_errno(r, "Could not initialize labelling: %m\n"); ++ return EXIT_FAILURE; ++ } ++ + umask(0022); + + user = argv[2]; diff --git a/rules b/rules new file mode 100755 index 00000000..09645c35 --- /dev/null +++ b/rules @@ -0,0 +1,292 @@ +#! /usr/bin/make -f + +#export DH_VERBOSE = 1 +#export DEB_BUILD_OPTIONS = nostrip + +export LC_ALL = C.UTF-8 + +include /usr/share/dpkg/default.mk + +ifeq ($(DEB_VENDOR),Ubuntu) + DEFAULT_NTP_SERVERS = ntp.ubuntu.com + SUPPORT_URL = http://www.ubuntu.com/support + CONFFLAGS_DISTRO = -Ddns-servers='' +else + DEFAULT_NTP_SERVERS = 0.debian.pool.ntp.org 1.debian.pool.ntp.org 2.debian.pool.ntp.org 3.debian.pool.ntp.org + SUPPORT_URL = https://www.debian.org/support + CONFFLAGS_DISTRO = +endif + +# fail on missing files and symbols changes on distro builds, but not if we +# build/test upstream master +ifeq ($(TEST_UPSTREAM),) + DH_MISSING = --fail-missing + GENSYMBOLS_LEVEL = 4 +else + DH_MISSING = --list-missing + GENSYMBOLS_LEVEL = 1 +endif + +ifneq (, $(filter noudeb, $(DEB_BUILD_OPTIONS))) +export DEB_BUILD_PROFILES += noudeb +endif + +CONFFLAGS = \ + -Db_lto=true \ + -Drootlibdir=/lib/$(DEB_HOST_MULTIARCH) \ + -Dsplit-usr=true \ + -Dquotaon-path=/sbin/quotaon \ + -Dquotacheck-path=/sbin/quotacheck \ + -Dkmod-path=/bin/kmod \ + -Dkexec-path=/sbin/kexec \ + -Dsulogin-path=/sbin/sulogin \ + -Dmount-path=/bin/mount \ + -Dumount-path=/bin/umount \ + -Dloadkeys-path=/bin/loadkeys \ + -Dsetfont-path=/bin/setfont \ + -Dtelinit-path=/lib/sysvinit/telinit \ + -Dsysvinit-path=/etc/init.d \ + -Dsysvrcnd-path=/etc \ + -Ddebug-shell=/bin/bash \ + -Dzshcompletiondir=/usr/share/zsh/vendor-completions \ + -Ddbuspolicydir=/usr/share/dbus-1/system.d/ \ + -Dsupport-url=$(SUPPORT_URL) \ + -Ddefault-kill-user-processes=false \ + -Dpamconfdir=no \ + -Drpmmacrosdir=no \ + -Dqrencode=false \ + -Dvconsole=false \ + -Dfirstboot=false \ + -Dxkbcommon=false \ + -Dportabled=false \ + -Dwheel-group=false \ + -Dntp-servers="$(DEFAULT_NTP_SERVERS)" \ + -Dlink-udev-shared=false \ + -Dsystem-uid-max=999 \ + -Dsystem-gid-max=999 \ + -Dnobody-user=nobody \ + -Dnobody-group=nogroup \ + -Ddev-kvm-mode=0660 + +# resolved's DNSSEC support is still not mature enough, don't enable it by +# default on stable Debian or any Ubuntu releases +CONFFLAGS += $(shell grep -qE 'stretch|ubuntu' /etc/os-release && echo -Ddefault-dnssec=no) + +CONFFLAGS_deb = \ + -Dselinux=true \ + -Dhwdb=true \ + -Dsysusers=true \ + -Dinstall-tests=true \ + -Defi=true \ + -Dnss-systemd=true \ + -Dresolve=true + +ifeq (, $(filter stage1, $(DEB_BUILD_PROFILES))) +CONFFLAGS_deb += \ + -Daudit=true \ + -Dlibcryptsetup=true \ + -Dcoredump=true \ + -Delfutils=true \ + -Dapparmor=true \ + -Dlibidn=true \ + -Dlibiptc=true \ + -Dlibcurl=true \ + -Dimportd=true \ + -Dmicrohttpd=true \ + -Dgnutls=true +else +CONFFLAGS_deb += \ + -Daudit=false \ + -Dlibcryptsetup=false \ + -Dcoredump=false \ + -Delfutils=false \ + -Dapparmor=false \ + -Dlibidn=false \ + -Dlibiptc=false \ + -Dlibcurl=false \ + -Dimportd=false \ + -Dmicrohttpd=false \ + -Dgnutls=false +endif + +CONFFLAGS_udeb = \ + -Dlibcryptsetup=false \ + -Dcoredump=false \ + -Delfutils=false \ + -Dpam=false \ + -Daudit=false \ + -Dselinux=false\ + -Dapparmor=false \ + -Dlibidn=false \ + -Dlibiptc=false \ + -Dsmack=false \ + -Dima=false \ + -Dbinfmt=false \ + -Dquotacheck=false \ + -Dtmpfiles=false \ + -Drandomseed=false \ + -Dbacklight=false \ + -Dlogind=false \ + -Dmachined=false \ + -Dlibcurl=false \ + -Dimportd=false \ + -Dmicrohttpd=false \ + -Dgnutls=false \ + -Dhostnamed=false \ + -Dtimedated=false \ + -Dnetworkd=false \ + -Dtimesyncd=false \ + -Dlocaled=false \ + -Dmyhostname=false \ + -Dnss-systemd=false \ + -Dresolve=false \ + -Dpolkit=false \ + -Dacl=false \ + -Dgcrypt=false \ + -Drfkill=false \ + -Dhwdb=false \ + -Dman=false \ + -Defi=false \ + -Dgnuefi=false \ + -Dseccomp=false \ + -Dsysusers=false + +override_dh_auto_configure: + dh_auto_configure --builddirectory=build-deb \ + -- $(CONFFLAGS) $(CONFFLAGS_DISTRO) $(CONFFLAGS_deb) +ifeq (, $(filter noudeb, $(DEB_BUILD_PROFILES))) + dh_auto_configure --builddirectory=build-udeb \ + -- $(CONFFLAGS) $(CONFFLAGS_DISTRO) $(CONFFLAGS_udeb) +endif + +override_dh_auto_build: + dh_auto_build --builddirectory=build-deb +ifeq (, $(filter noudeb, $(DEB_BUILD_PROFILES))) + dh_auto_build --builddirectory=build-udeb +endif + # generate POT file for translators + ninja -C build-deb/ systemd-pot + +override_dh_auto_install: + dh_auto_install --builddirectory=build-deb \ + --destdir=debian/install/deb +ifeq (, $(filter noudeb, $(DEB_BUILD_PROFILES))) + dh_auto_install --builddirectory=build-udeb \ + --destdir=debian/install/udeb +endif + # fix paths in manpages; manually check the remaining /usr occurrences + # occasionally, with filtering out paths which are known to be in /usr: + # grep -r /usr debian/install/deb/usr/share/man/|egrep -v '/usr/local|os.*release|factory|zoneinfo|tmpfiles|kernel|foo|machines|sysctl|dbus|include|binfmt' + find debian/install/deb/usr/share/man/ -type f | xargs sed -ri 's_/usr(/lib/systemd/system|/lib/systemd/network|/lib/udev|/lib[^/]|/lib/[^a-z])_\1_g' + +override_dh_auto_clean: +ifneq (, $(TEST_UPSTREAM)) + debian/extra/checkout-upstream +endif + dh_auto_clean --builddirectory=build-deb +ifeq (, $(filter noudeb, $(DEB_BUILD_PROFILES))) + dh_auto_clean --builddirectory=build-udeb +endif + rm -rf debian/install/ debian/shlibs.local + # remove Python byte code files + rm -rf tools/__pycache__/ + rm -f po/systemd.pot + +override_dh_install: + # remove unnecessary / unused files + rm -f debian/install/*/usr/share/doc/systemd/LICENSE.* + rm -f debian/install/*/var/log/README + rm -f debian/install/*/etc/init.d/README + rm -f debian/install/*/usr/lib/sysctl.d/50-default.conf + rm -f debian/install/*/etc/X11/xinit/xinitrc.d/50-systemd-user.sh + rmdir -p --ignore-fail-on-non-empty debian/install/*/etc/X11/xinit/xinitrc.d/ + rm -f debian/install/*/lib/systemd/system/halt-local.service + # remove files related to factory-reset feature + find debian/install/ \( -name 'systemd-update-done*' -o \ + -name systemd-journal-catalog-update.service -o \ + -name systemd-udev-hwdb-update.service -o \ + -name ldconfig.service -o \ + -name etc.conf \) -delete + rm -rf debian/install/*/usr/share/factory/ + # remove symlinks enabling default-on services + rm -rf debian/install/*/etc/systemd/system/*.target.wants/ + # remove aliases + find debian/install/*/etc/systemd/system/ -type l -delete + # replace upstream sysusers.d/basic.conf with proper users for Debian + debian/extra/make-sysusers-basic > debian/install/deb/usr/lib/sysusers.d/basic.conf + # remove resolvconf compat symlink + rm -f debian/install/*/sbin/resolvconf +ifeq (, $(filter noudeb, $(DEB_BUILD_PROFILES))) + dh_install -pudev-udeb -plibudev1-udeb --sourcedir=debian/install/udeb +endif + + dh_install --remaining-packages --sourcedir=debian/install/deb + + # we don't want /tmp to be a tmpfs by default + mv debian/systemd/lib/systemd/system/tmp.mount debian/systemd/usr/share/systemd/ + printf '\n[Install]\nWantedBy=local-fs.target\n' >> debian/systemd/usr/share/systemd/tmp.mount + rm debian/systemd/lib/systemd/system/local-fs.target.wants/tmp.mount + + # files shipped by cryptsetup +ifeq (, $(filter stage1, $(DEB_BUILD_PROFILES))) + rm debian/systemd/usr/share/man/man5/crypttab.5 +endif + + # files shipped by systemd + rm debian/udev/lib/udev/rules.d/70-uaccess.rules + rm debian/udev/lib/udev/rules.d/73-seat-late.rules + rm debian/udev/lib/udev/rules.d/71-seat.rules + rm debian/udev/lib/udev/rules.d/99-systemd.rules + + # remove duplicate files shipped by systemd-*/udev + echo "Removing duplicate files in systemd package:" + set -e; for pkg in $(shell dh_listpackages -Nudev-udeb -Nlibudev1-udeb -Nsystemd); do \ + echo "... from $$pkg..."; \ + (cd debian/$$pkg; find -type f -o -type l) | (cd debian/systemd; xargs rm -f --verbose); \ + (cd debian/$$pkg; find -mindepth 1 -type d) | (cd debian/systemd; xargs rmdir --ignore-fail-on-non-empty --verbose || true); \ + done + + # Ubuntu specific files +ifeq ($(DEB_VENDOR),Ubuntu) + install -D --mode=644 debian/extra/udev.py debian/udev/usr/share/apport/package-hooks/udev.py + install -D --mode=644 debian/extra/systemd.py debian/systemd/usr/share/apport/package-hooks/systemd.py + install --mode=644 debian/extra/rules-ubuntu/*.rules debian/udev/lib/udev/rules.d/ + cp -a debian/extra/units-ubuntu/* debian/systemd/lib/systemd/system/ + install --mode=755 debian/extra/set-cpufreq debian/systemd/lib/systemd/ +endif + +override_dh_missing: + dh_missing --sourcedir debian/install/deb $(DH_MISSING) + +override_dh_installinit: + dh_installinit --no-start + +PROJECT_VERSION ?= $(shell awk '/PACKAGE_VERSION/ {print $$3}' build-deb/config.h | tr -d \") + +# The SysV compat tools (which are symlinks to systemctl) are +# quasi-essential, so add their dependencies to Pre-Depends +# https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=753589 +override_dh_shlibdeps: + dh_shlibdeps -psystemd -- -dPre-Depends \ + -edebian/systemd/bin/systemctl \ + -edebian/systemd/lib/systemd/libsystemd-shared-$(PROJECT_VERSION).so \ + -dDepends + dh_shlibdeps --remaining-packages -Lsystemd + +override_dh_makeshlibs: + sed 's/SHARED_LIB_VERSION/$(PROJECT_VERSION)/' debian/shlibs.local.in > debian/shlibs.local + dh_makeshlibs -plibudev1 --add-udeb=libudev1-udeb -- -c$(GENSYMBOLS_LEVEL) + dh_makeshlibs -psystemd -Xlibsystemd-shared -- -c$(GENSYMBOLS_LEVEL) + dh_makeshlibs --remaining-packages -- -c$(GENSYMBOLS_LEVEL) + +override_dh_auto_test: +ifeq (testsuitedisabled, $(filter nocheck, $(DEB_BUILD_OPTIONS))) + echo "01234567890123456789012345678901" > build-deb/machine-id + # some tests hang under fakeroot, so disable fakeroot + env -u LD_PRELOAD SYSTEMD_MACHINE_ID_PATH=$(CURDIR)/build-deb/machine-id ninja -C build-deb test || ( \ + cat build-deb/meson-logs/testlog.txt; \ + exit 1) +endif + +%: + dh $@ --without autoreconf,systemd --buildsystem=meson diff --git a/shlibs.local.in b/shlibs.local.in new file mode 100644 index 00000000..432b7268 --- /dev/null +++ b/shlibs.local.in @@ -0,0 +1,3 @@ +udeb: libudev 1 libudev1-udeb +libsystemd 0 libsystemd0 (= ${binary:Version}) +libsystemd-shared SHARED_LIB_VERSION systemd (= ${binary:Version}) diff --git a/source/format b/source/format new file mode 100644 index 00000000..163aaf8d --- /dev/null +++ b/source/format @@ -0,0 +1 @@ +3.0 (quilt) diff --git a/systemd-container.install b/systemd-container.install new file mode 100644 index 00000000..4d805b38 --- /dev/null +++ b/systemd-container.install @@ -0,0 +1,30 @@ +bin/machinectl +lib/systemd/import-pubring.gpg +lib/systemd/systemd-machined +lib/systemd/systemd-export +lib/systemd/systemd-import* +lib/systemd/systemd-pull +lib/systemd/system/systemd-nspawn@.service +lib/systemd/system/systemd-importd.service +lib/systemd/system/systemd-machined.service +lib/systemd/system/var-lib-machines.mount +lib/systemd/system/machines.target +lib/systemd/system/*.target.wants/var-lib-machines.mount +lib/systemd/system/dbus-org.freedesktop.import1.service +lib/systemd/system/dbus-org.freedesktop.machine1.service +usr/bin/systemd-nspawn +usr/lib/tmpfiles.d/systemd-nspawn.conf +usr/share/dbus-1/system.d/org.freedesktop.import1.conf +usr/share/dbus-1/system.d/org.freedesktop.machine1.conf +usr/share/dbus-1/system-services/org.freedesktop.import1.service +usr/share/dbus-1/system-services/org.freedesktop.machine1.service +usr/share/man/man*/*nspawn* +usr/share/man/man*/machinectl* +usr/share/man/man*/systemd-machined* +usr/share/polkit-1/actions/org.freedesktop.import1.policy +usr/share/polkit-1/actions/org.freedesktop.machine1.policy +usr/share/zsh/vendor-completions/_systemd-nspawn +usr/share/zsh/vendor-completions/_sd_machines +usr/share/zsh/vendor-completions/_machinectl +usr/share/bash-completion/completions/machinectl +usr/share/bash-completion/completions/systemd-nspawn diff --git a/systemd-container.maintscript b/systemd-container.maintscript new file mode 100644 index 00000000..470978c0 --- /dev/null +++ b/systemd-container.maintscript @@ -0,0 +1,2 @@ +rm_conffile /etc/dbus-1/system.d/org.freedesktop.import1.conf 233-3~ +rm_conffile /etc/dbus-1/system.d/org.freedesktop.machine1.conf 233-3~ diff --git a/systemd-container.postinst b/systemd-container.postinst new file mode 100644 index 00000000..a65319bf --- /dev/null +++ b/systemd-container.postinst @@ -0,0 +1,10 @@ +#!/bin/sh + +set -e + +# Enable machines.target by default on new installs and upgrades +if dpkg --compare-versions "$2" lt "232-4~"; then + systemctl enable machines.target || true +fi + +#DEBHELPER# diff --git a/systemd-container.postrm b/systemd-container.postrm new file mode 100644 index 00000000..2140680f --- /dev/null +++ b/systemd-container.postrm @@ -0,0 +1,12 @@ +#!/bin/sh + +set -e + +case "$1" in + purge) + # clean up after manually enabled units in postinst + rm -f /etc/systemd/system/multi-user.target.wants/machines.target + ;; +esac + +#DEBHELPER# diff --git a/systemd-coredump.install b/systemd-coredump.install new file mode 100644 index 00000000..3efcecba --- /dev/null +++ b/systemd-coredump.install @@ -0,0 +1,11 @@ +usr/bin/coredumpctl +lib/systemd/systemd-coredump +lib/systemd/system/systemd-coredump* +lib/systemd/system/*/systemd-coredump* +usr/share/man/man1/coredumpctl* +usr/share/man/man5/coredump.conf* +usr/share/man/man8/systemd-coredump* +usr/share/bash-completion/completions/coredumpctl +usr/share/zsh/vendor-completions/_coredumpctl +usr/lib/sysctl.d/50-coredump.conf +etc/systemd/coredump.conf diff --git a/systemd-coredump.postinst b/systemd-coredump.postinst new file mode 100644 index 00000000..49e755e0 --- /dev/null +++ b/systemd-coredump.postinst @@ -0,0 +1,15 @@ +#!/bin/sh +set -e + +if [ "$1" = configure ]; then + adduser --quiet --system --group --no-create-home --home /run/systemd \ + --gecos "systemd core dump processing" systemd-coredump + + # enable systemd-coredump right after package installation + if [ -d /run/systemd/system ]; then + systemctl daemon-reload && systemctl start systemd-coredump.socket || true + fi + /lib/systemd/systemd-sysctl /usr/lib/sysctl.d/50-coredump.conf || true +fi + +#DEBHELPER# diff --git a/systemd-coredump.prerm b/systemd-coredump.prerm new file mode 100644 index 00000000..89cf954e --- /dev/null +++ b/systemd-coredump.prerm @@ -0,0 +1,14 @@ +#!/bin/sh +set -e + +if [ "$1" = remove ]; then + # disable systemd-coredump on removal + if [ -w /proc/sys/kernel/core_pattern ] && grep -q '^|.*systemd-coredump' /proc/sys/kernel/core_pattern; then + echo core > /proc/sys/kernel/core_pattern + fi + if [ -d /run/systemd/system ]; then + systemctl stop systemd-coredump.socket || true + fi +fi + +#DEBHELPER# diff --git a/systemd-journal-remote.install b/systemd-journal-remote.install new file mode 100644 index 00000000..188628b4 --- /dev/null +++ b/systemd-journal-remote.install @@ -0,0 +1,29 @@ +# systemd-journal-upload +etc/systemd/journal-upload.conf +lib/systemd/systemd-journal-upload +lib/systemd/system/systemd-journal-upload.service +usr/share/man/man5/journal-upload.conf.d.5 +usr/share/man/man5/journal-upload.conf.5 +usr/share/man/man8/systemd-journal-upload.8 +usr/share/man/man8/systemd-journal-upload.service.8 + +# systemd-journal-remote +etc/systemd/journal-remote.conf +lib/systemd/systemd-journal-remote +lib/systemd/system/systemd-journal-remote.service +lib/systemd/system/systemd-journal-remote.socket +usr/lib/sysusers.d/systemd-remote.conf +usr/share/man/man5/journal-remote.conf.d.5 +usr/share/man/man5/journal-remote.conf.5 +usr/share/man/man8/systemd-journal-remote.service.8 +usr/share/man/man8/systemd-journal-remote.socket.8 +usr/share/man/man8/systemd-journal-remote.8 + +# systemd-journal-gatewayd +lib/systemd/systemd-journal-gatewayd +lib/systemd/system/systemd-journal-gatewayd.service +lib/systemd/system/systemd-journal-gatewayd.socket +usr/share/systemd/gatewayd/ +usr/share/man/man8/systemd-journal-gatewayd.service.8 +usr/share/man/man8/systemd-journal-gatewayd.socket.8 +usr/share/man/man8/systemd-journal-gatewayd.8 diff --git a/systemd-journal-remote.postinst b/systemd-journal-remote.postinst new file mode 100644 index 00000000..8ef91ada --- /dev/null +++ b/systemd-journal-remote.postinst @@ -0,0 +1,10 @@ +#!/bin/sh + +set -e + +adduser --quiet --system \ + --home /run/systemd --no-create-home \ + --gecos "systemd Journal Remote" \ + --group systemd-journal-remote + +#DEBHELPER# diff --git a/systemd-sysv.install b/systemd-sysv.install new file mode 100644 index 00000000..9c104a9d --- /dev/null +++ b/systemd-sysv.install @@ -0,0 +1,14 @@ +usr/share/man/man1/init.1 +usr/share/man/man8/telinit.8 +usr/share/man/man8/runlevel.8 +usr/share/man/man8/shutdown.8 +usr/share/man/man8/poweroff.8 +usr/share/man/man8/reboot.8 +usr/share/man/man8/halt.8 +sbin/init +sbin/telinit +sbin/runlevel +sbin/shutdown +sbin/poweroff +sbin/reboot +sbin/halt diff --git a/systemd-sysv.postinst b/systemd-sysv.postinst new file mode 100644 index 00000000..e2fd036e --- /dev/null +++ b/systemd-sysv.postinst @@ -0,0 +1,10 @@ +#!/bin/sh +set -e + +# update grub on first install, so that the alternative init system boot +# entries get updated +if [ "$1" = configure ] && [ -z "$2" ] && [ -e /boot/grub/grub.cfg ] && which update-grub >/dev/null 2>&1; then + update-grub || true +fi + +#DEBHELPER# diff --git a/systemd-tests.install b/systemd-tests.install new file mode 100644 index 00000000..28b745c2 --- /dev/null +++ b/systemd-tests.install @@ -0,0 +1 @@ +usr/lib/systemd/tests diff --git a/systemd-tests.lintian-overrides b/systemd-tests.lintian-overrides new file mode 100644 index 00000000..9784f462 --- /dev/null +++ b/systemd-tests.lintian-overrides @@ -0,0 +1,2 @@ +# test programs only, need to link against internal library +systemd-tests: binary-or-shlib-defines-rpath usr/lib/systemd/tests/* diff --git a/systemd.NEWS b/systemd.NEWS new file mode 100644 index 00000000..3f90a348 --- /dev/null +++ b/systemd.NEWS @@ -0,0 +1,28 @@ +systemd (236-1) unstable; urgency=medium + + DynamicUser=yes has been enabled for systemd-journal-upload.service and + systemd-journal-gatewayd.service. + This means we no longer need to statically allocate a systemd-journal-upload + and systemd-journal-gateway user and you can now safely remove those system + users along with their associated groups. + + -- Michael Biebl Sun, 17 Dec 2017 21:17:32 +0100 + +systemd (231-1) unstable; urgency=low + + This version drops support for running /etc/rcS.d SysV init scripts. + These are prone to cause dependency loops, and almost all Debian packages + with rcS scripts now ship a native systemd service. If you have custom or + third-party rcS scripts you need to convert them or change them to run + in rc2.d/ - rc5.d/; see this page for details: + . + + -- Martin Pitt Thu, 14 Jul 2016 12:54:34 +0200 + +systemd (224-2) unstable; urgency=medium + + This version splits out systemd-nspawn, systemd-machined, and machinectl + into the new "systemd-container" package. That now also enables + systemd-importd. + + -- Martin Pitt Sat, 22 Aug 2015 15:58:43 +0200 diff --git a/systemd.bug-control b/systemd.bug-control new file mode 100644 index 00000000..03c8d6b5 --- /dev/null +++ b/systemd.bug-control @@ -0,0 +1 @@ +package-status: udev dracut initramfs-tools diff --git a/systemd.bug-script b/systemd.bug-script new file mode 100644 index 00000000..b1099e7c --- /dev/null +++ b/systemd.bug-script @@ -0,0 +1,43 @@ +#!/bin/bash + +cat <&3 + +# remove highlighting escape codes from systemd-delta output +systemd-delta --no-pager 2>&1 |sed "s%\x1b[^m]*m%%g" >$DIR/systemd-delta.txt +echo "$DIR/systemd-delta.txt" >&3 + +if [ -d /run/systemd/system ]; then + systemd-analyze --no-pager dump >$DIR/systemd-analyze-dump.txt 2>&1 + echo "$DIR/systemd-analyze-dump.txt" >&3 +fi + +if [ -d /var/lib/systemd/deb-systemd-helper-enabled ]; then + head -n100 $(find /var/lib/systemd/deb-systemd-helper-enabled -type f | tr '\n' ' ') >$DIR/dsh-enabled.txt + echo "$DIR/dsh-enabled.txt" >&3 +fi + +echo "/etc/fstab" >&3 + +echo "-- END ATTACHMENTS --" >&3 diff --git a/systemd.dirs b/systemd.dirs new file mode 100644 index 00000000..fac35d6c --- /dev/null +++ b/systemd.dirs @@ -0,0 +1 @@ +var/lib/systemd diff --git a/systemd.install b/systemd.install new file mode 100644 index 00000000..4867a472 --- /dev/null +++ b/systemd.install @@ -0,0 +1,71 @@ +etc/ +bin/systemctl +bin/journalctl +bin/loginctl +bin/machinectl +bin/networkctl +bin/systemd-notify +bin/systemd-tty-ask-password-agent +bin/systemd-ask-password +bin/systemd-machine-id-setup +bin/systemd-tmpfiles +bin/systemd-inhibit +bin/systemd-escape +bin/systemd-sysusers +lib/modprobe.d/ +lib/systemd/ +lib/udev/rules.d/70-uaccess.rules +lib/udev/rules.d/73-seat-late.rules +lib/udev/rules.d/71-seat.rules +lib/udev/rules.d/99-systemd.rules +usr/bin/systemd-cgls +usr/bin/systemd-cgtop +usr/bin/systemd-nspawn +usr/bin/systemd-stdio-bridge +usr/bin/systemd-analyze +usr/bin/systemd-cat +usr/bin/systemd-detect-virt +usr/bin/systemd-delta +usr/bin/systemd-run +usr/bin/systemd-path +usr/bin/systemd-socket-activate +usr/bin/systemd-mount +usr/bin/systemd-umount +usr/bin/kernel-install +usr/bin/bootctl +usr/bin/busctl +usr/bin/timedatectl +usr/bin/localectl +usr/bin/hostnamectl +usr/bin/resolvectl +usr/bin/systemd-resolve +usr/share/man/man1/ +usr/share/man/man5/ +usr/share/man/man7/ +usr/share/man/man8/ +usr/share/bash-completion/ +usr/share/zsh/vendor-completions/ +usr/share/dbus-1/ +usr/share/doc/ +usr/share/pkgconfig/systemd.pc +usr/share/polkit-1/ +usr/share/systemd/kbd-model-map +usr/share/systemd/language-fallback-map +usr/lib/binfmt.d/ +usr/lib/environment.d/ +usr/lib/modules-load.d/ +usr/lib/sysctl.d/ +usr/lib/sysusers.d/basic.conf +usr/lib/sysusers.d/systemd.conf +usr/lib/systemd/ +usr/lib/tmpfiles.d/ +usr/lib/kernel +usr/share/locale/ +var/lib +../../extra/init-functions.d lib/lsb/ +../../extra/tmpfiles.d/*.conf usr/lib/tmpfiles.d/ +../../extra/systemd-sysv-install lib/systemd/ +../../extra/units/* lib/systemd/system/ +../../extra/dhclient-exit-hooks.d/ etc/dhcp/ +../../extra/kernel-install.d/* usr/lib/kernel/install.d +../../extra/pam.d etc/ diff --git a/systemd.links b/systemd.links new file mode 100644 index 00000000..11b6fe0c --- /dev/null +++ b/systemd.links @@ -0,0 +1,83 @@ +# These are all services which have native implementations +# So we mask them by linking against /dev/null or create an alias +/lib/systemd/system/systemd-random-seed.service /lib/systemd/system/urandom.service +/lib/systemd/system/systemd-sysctl.service /lib/systemd/system/procps.service + +/lib/systemd/system/rc-local.service /lib/systemd/system/rc.local.service + +/lib/systemd/system/systemd-modules-load.service /lib/systemd/system/module-init-tools.service +/lib/systemd/system/systemd-modules-load.service /lib/systemd/system/kmod.service +/etc/modules /etc/modules-load.d/modules.conf + +# X server and ICE socket directories are created by /usr/lib/tmpfiles.d/x11.conf +/dev/null /lib/systemd/system/x11-common.service + +# systemd sets the hostname internally during early boot +/dev/null /lib/systemd/system/hostname.service + +# /run/nologin is handled by systemd-user-sessions.service +/dev/null /lib/systemd/system/rmnologin.service +/dev/null /lib/systemd/system/bootmisc.service + +# Although bootlogd is disabled by default (via /etc/default/bootlogd) +# by masking them we avoid spawning a shell uselessly thrice during boot. +# Besides, bootlogd doesn't look particularly useful in a systemd world. +/dev/null /lib/systemd/system/bootlogd.service +/dev/null /lib/systemd/system/stop-bootlogd-single.service +/dev/null /lib/systemd/system/stop-bootlogd.service + +# systemd sets the hwclock internally +# http://cgit.freedesktop.org/systemd/systemd/commit/?id=7948c4dfbea73ac21250b588089039aa17a90386 +/dev/null /lib/systemd/system/hwclock.service + +# We use native mount support so mask those services +# TODO: check if any SysV init scripts depend on those facilities +/dev/null /lib/systemd/system/mountkernfs.service +/dev/null /lib/systemd/system/mountdevsubfs.service +/dev/null /lib/systemd/system/mountall.service +/dev/null /lib/systemd/system/mountall-bootclean.service +/dev/null /lib/systemd/system/mountnfs.service +/dev/null /lib/systemd/system/mountnfs-bootclean.service +/dev/null /lib/systemd/system/umountfs.service +/dev/null /lib/systemd/system/umountnfs.service +/dev/null /lib/systemd/system/umountroot.service +/dev/null /lib/systemd/system/checkfs.service +/dev/null /lib/systemd/system/checkroot.service +/dev/null /lib/systemd/system/checkroot-bootclean.service + +# We use the built-in cryptsetup support +/dev/null /lib/systemd/system/cryptdisks.service +/dev/null /lib/systemd/system/cryptdisks-early.service + +# Single user mode is implemented natively, don't use legacy SysV init scripts +# to avoid spawning sulogin twice. +/dev/null /lib/systemd/system/single.service +/dev/null /lib/systemd/system/killprocs.service + +# Those services are useless under systemd. Mask them so they can't +# be run manually by accident. +/dev/null /lib/systemd/system/sendsigs.service +/dev/null /lib/systemd/system/halt.service +/dev/null /lib/systemd/system/reboot.service +/dev/null /lib/systemd/system/rc.service +/dev/null /lib/systemd/system/rcS.service + +# The motd SysV init script is no longer required to create the dynamic part of +# /etc/motd to display the uname information as pam_exec is used for that now. +# An explicit Breaks against older versions of login, which still use +# /run/motd.dynamic, is not necessary, as pam_motd will silently ignore it if +# that file is missing and simply display nothing. +# https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=735521 +/dev/null /lib/systemd/system/motd.service + +# We have the journal to handle kernel messages from early boot +/dev/null /lib/systemd/system/bootlogs.service + +# Enable Debian specific units +/lib/systemd/system/getty-static.service /lib/systemd/system/getty.target.wants/getty-static.service + +# Compat symlink +/lib/systemd/systemd /bin/systemd + +# Create a compat symlink as systemd-sysctl no longer reads /etc/sysctl.conf +/etc/sysctl.conf /etc/sysctl.d/99-sysctl.conf diff --git a/systemd.lintian-overrides b/systemd.lintian-overrides new file mode 100644 index 00000000..f47d5b78 --- /dev/null +++ b/systemd.lintian-overrides @@ -0,0 +1,2 @@ +systemd: maintainer-script-calls-systemctl +systemd: possibly-insecure-handling-of-tmp-files-in-maintainer-script diff --git a/systemd.maintscript b/systemd.maintscript new file mode 100644 index 00000000..ee8c1810 --- /dev/null +++ b/systemd.maintscript @@ -0,0 +1,10 @@ +rm_conffile /etc/X11/xinit/xinitrc.d/50-systemd-user.sh 228-3~ +rm_conffile /etc/systemd/bootchart.conf 230-1~ +rm_conffile /etc/dbus-1/system.d/org.freedesktop.hostname1.conf 233-3~ +rm_conffile /etc/dbus-1/system.d/org.freedesktop.locale1.conf 233-3~ +rm_conffile /etc/dbus-1/system.d/org.freedesktop.login1.conf 233-3~ +rm_conffile /etc/dbus-1/system.d/org.freedesktop.machine1.conf 228-5~ +rm_conffile /etc/dbus-1/system.d/org.freedesktop.network1.conf 233-3~ +rm_conffile /etc/dbus-1/system.d/org.freedesktop.resolve1.conf 233-3~ +rm_conffile /etc/dbus-1/system.d/org.freedesktop.systemd1.conf 233-3~ +rm_conffile /etc/dbus-1/system.d/org.freedesktop.timedate1.conf 233-3~ diff --git a/systemd.postinst b/systemd.postinst new file mode 100644 index 00000000..21210baa --- /dev/null +++ b/systemd.postinst @@ -0,0 +1,158 @@ +#! /bin/sh + +set -e + +_systemctl() { + if [ -d /run/systemd/system ]; then + systemctl "$@" + fi +} + +_update_catalog() { + journalctl --update-catalog || true +} + +# Update Message Catalogs database and reload in response to dpkg triggers +if [ "$1" = "triggered" ]; then + shift + for trigger in "$@"; do + case $trigger in + /usr/lib/systemd/catalog) + _update_catalog + ;; + /etc/init.d) + _systemctl daemon-reload || true + ;; + esac + done + exit 0 +fi + +# Enable getty and remote-fs.target by default on new installs +if [ -z "$2" ]; then + systemctl enable getty@tty1.service || true + systemctl enable remote-fs.target || true +fi + +# Enable timesyncd by default on new installs installs and upgrades +if dpkg --compare-versions "$2" lt "218-11~"; then + systemctl enable systemd-timesyncd.service || true +fi + +# Enable ondemand by default on new installs installs and upgrades +if [ -e /lib/systemd/system/ondemand.service ] && dpkg --compare-versions "$2" lt "231-7~"; then + systemctl enable ondemand.service || true +fi + +# Do a one-time migration of the local time setting +if [ -z "$2" ]; then + if [ -f /etc/default/rcS ]; then + . /etc/default/rcS + fi + if [ "$UTC" = "no" ] && [ ! -e /etc/adjtime ]; then + printf "0.0 0 0.0\n0\nLOCAL\n" > /etc/adjtime + fi +fi + +# Do a one-time migration of the TMPTIME setting +if [ -z "$2" ]; then + if [ -f /etc/default/rcS ]; then + . /etc/default/rcS + fi + if [ ! -e /etc/tmpfiles.d/tmp.conf ]; then + case "$TMPTIME" in + -*|infinite|infinity) + cat > /etc/tmpfiles.d/tmp.conf < /dev/null || true + done +fi + +if dpkg --compare-versions "$2" lt-nl "235-3~"; then + # systemd-bus-proxyd got dropped before stretch, and never created any file + deluser --system systemd-bus-proxy || true +fi + +if dpkg --compare-versions "$2" lt-nl "236-1~"; then + # Clean up old /var/lib/systemd/clock on upgrade. + # The clock file used by systemd-timesyncd is now stored in + # StateDirectory=systemd/timesync. + rm -f /var/lib/systemd/clock +fi + +#DEBHELPER# diff --git a/systemd.postrm b/systemd.postrm new file mode 100644 index 00000000..94d77b4d --- /dev/null +++ b/systemd.postrm @@ -0,0 +1,27 @@ +#!/bin/sh + +set -e + +case "$1" in + purge) + # clean up after manually enabled units in postinst + rm -f /etc/systemd/system/getty.target.wants/getty@tty1.service + rm -f /etc/systemd/system/multi-user.target.wants/remote-fs.target + rm -f /etc/systemd/system/sysinit.target.wants/systemd-timesyncd.service + rm -f /etc/systemd/system/dbus-org.freedesktop.timesync1.service + rmdir --ignore-fail-on-non-empty /etc/systemd/system/getty.target.wants 2> /dev/null || true + rmdir --ignore-fail-on-non-empty /etc/systemd/system/multi-user.target.wants 2> /dev/null || true + rmdir --ignore-fail-on-non-empty /etc/systemd/system/sysinit.target.wants 2> /dev/null || true + + rm -f /var/lib/systemd/catalog/database + rmdir --ignore-fail-on-non-empty /var/lib/systemd/catalog 2> /dev/null || true + + rm -rf /var/lib/systemd/backlight/ + rm -rf /var/lib/systemd/rfkill/ + + rm -f /var/lib/systemd/clock + rm -f /var/lib/systemd/random-seed + ;; +esac + +#DEBHELPER# diff --git a/systemd.prerm b/systemd.prerm new file mode 100644 index 00000000..aedbf58e --- /dev/null +++ b/systemd.prerm @@ -0,0 +1,15 @@ +#! /bin/sh + +set -e + +# +# Prevent systemd from being removed if it's the active init. That +# will not work. +# + +if [ "$1" = "remove" ] && [ -d /run/systemd/system ]; then + echo "systemd is the active init system, please switch to another before removing systemd." + exit 1 +fi + +#DEBHELPER# diff --git a/systemd.triggers b/systemd.triggers new file mode 100644 index 00000000..299a3f90 --- /dev/null +++ b/systemd.triggers @@ -0,0 +1,2 @@ +interest-noawait /usr/lib/systemd/catalog +interest-noawait /etc/init.d diff --git a/tests/assert.sh b/tests/assert.sh new file mode 100644 index 00000000..eccc3382 --- /dev/null +++ b/tests/assert.sh @@ -0,0 +1,25 @@ +# utility functions for shell tests + +assert_true() { + if ! $1; then + echo "FAIL: command '$1' failed with exit code $?" >&2 + exit 1 + fi +} + + +assert_eq() { + if [ "$1" != "$2" ]; then + echo "FAIL: expected: '$2' actual: '$1'" >&2 + exit 1 + fi +} + +assert_in() { + if ! echo "$2" | grep -q "$1"; then + echo "FAIL: '$1' not found in:" >&2 + echo "$2" >&2 + exit 1 + fi +} + diff --git a/tests/boot-and-services b/tests/boot-and-services new file mode 100755 index 00000000..94a2f61d --- /dev/null +++ b/tests/boot-and-services @@ -0,0 +1,569 @@ +#!/usr/bin/python3 +# autopkgtest check: Boot with systemd and check critical desktop services +# (C) 2014 Canonical Ltd. +# Author: Martin Pitt + +import sys +import os +import unittest +import subprocess +import tempfile +import shutil +import time +import re +from glob import glob + + +def wait_unit_stop(unit, timeout=10): + '''Wait until given unit is not running any more + + Raise RuntimeError on timeout. + ''' + for i in range(timeout): + if subprocess.call(['systemctl', 'is-active', '--quiet', unit]) != 0: + return + time.sleep(1) + + raise RuntimeError('Timed out waiting for %s to stop' % unit) + + +class ServicesTest(unittest.TestCase): + '''Check that expected services are running''' + + def test_0_init(self): + '''Verify that init is systemd''' + + self.assertIn('systemd', os.readlink('/proc/1/exe')) + + def test_no_failed(self): + '''No failed units''' + + out = subprocess.check_output(['systemctl', '--state=failed', '--no-legend'], + universal_newlines=True) + failed = out.splitlines() + # ignore /etc/modules failure as stuff that we put there by default + # often fails + failed = [f for f in failed if 'systemd-modules-load' not in f] + # apparmor fails if not enabled in the kernel + if not os.path.exists('/sys/kernel/security/apparmor'): + failed = [f for f in failed if 'apparmor.service' not in f] + # ignore thermald as it doesn't start in most virtual envs + failed = [f for f in failed if 'thermald' not in f] + # console-setup.service fails on devices without keyboard (LP: #1516591) + failed = [f for f in failed if 'console-setup' not in f] + # cpi.service fails on s390x + failed = [f for f in failed if 'cpi.service' not in f] + if failed: + for f in failed: + f = f.split()[0] + print('-------- journal for failed service %s -----------' % f) + sys.stdout.flush() + subprocess.call(['journalctl', '-b', '-u', f]) + self.assertEqual(failed, []) + + def test_lightdm(self): + out = subprocess.check_output(['ps', 'u', '-C', 'lightdm']) + self.assertIn(b'lightdm --session', out) + out = subprocess.check_output(['ps', 'u', '-C', 'Xorg']) + self.assertIn(b':0', out) + self.active_unit('lightdm') + + def test_dbus(self): + out = subprocess.check_output( + ['dbus-send', '--print-reply', '--system', + '--dest=org.freedesktop.DBus', '/', 'org.freedesktop.DBus.GetId']) + self.assertIn(b'string "', out) + self.active_unit('dbus') + + def test_network_manager(self): + # 0.9.10 changed the command name + _help = subprocess.check_output(['nmcli', '--help'], + stderr=subprocess.STDOUT) + if b' g[eneral]' in _help: + out = subprocess.check_output(['nmcli', 'general']) + else: + out = subprocess.check_output(['nmcli', 'nm']) + self.assertIn(b'enabled', out) + self.active_unit('network-manager') + + def test_cron(self): + out = subprocess.check_output(['ps', 'u', '-C', 'cron']) + self.assertIn(b'root', out) + self.active_unit('cron') + + def test_logind(self): + out = subprocess.check_output(['loginctl']) + self.assertNotEqual(b'', out) + self.active_unit('systemd-logind') + + @unittest.skipIf('TEST_UPSTREAM' in os.environ, + 'Forwarding to rsyslog is a Debian patch') + def test_rsyslog(self): + out = subprocess.check_output(['ps', 'u', '-C', 'rsyslogd']) + self.assertIn(b'bin/rsyslogd', out) + self.active_unit('rsyslog') + with open('/var/log/syslog') as f: + log = f.read() + # has kernel messages + self.assertRegex(log, 'kernel:.*[cC]ommand line:') + # has init messages + self.assertRegex(log, 'systemd.*Reached target Graphical Interface') + # has other services + self.assertRegex(log, 'NetworkManager.*:') + + def test_udev(self): + out = subprocess.check_output(['udevadm', 'info', '--export-db']) + self.assertIn(b'\nP: /devices/', out) + self.active_unit('systemd-udevd') + + def test_tmp_mount(self): + # check if we want to mount /tmp in fstab + want_tmp_mount = False + with open('/etc/fstab') as f: + for l in f: + try: + if not l.startswith('#') and l.split()[1] in ('/tmp', '/tmp/'): + want_tmp_mount = True + break + except IndexError: + pass + + # ensure that we actually do/don't have a /tmp mount + (status, status_out) = subprocess.getstatusoutput('systemctl status tmp.mount') + findmnt = subprocess.call(['findmnt', '-n', '/tmp'], stdout=subprocess.PIPE) + if want_tmp_mount: + self.assertEqual(status, 0, status_out) + self.assertEqual(findmnt, 0) + else: + # 4 is correct (since upstream commit ca473d57), accept 3 for systemd <= 230 + self.assertIn(status, [3, 4], status_out) + self.assertNotEqual(findmnt, 0) + + @unittest.skipIf('TEST_UPSTREAM' in os.environ, + 'Debian specific configuration, N/A for upstream') + def test_tmp_cleanup(self): + # systemd-tmpfiles-clean.timer only runs 15 mins after boot, shortcut + # it + self.assertEqual(subprocess.call( + ['systemctl', 'status', 'systemd-tmpfiles-clean.timer'], + stdout=subprocess.PIPE), 0) + subprocess.check_call(['systemctl', 'start', 'systemd-tmpfiles-clean']) + # all files in /tmp/ should get cleaned up on boot + self.assertFalse(os.path.exists('/tmp/oldfile.test')) + self.assertFalse(os.path.exists('/tmp/newfile.test')) + # files in /var/tmp/ older than 30d should get cleaned up + # XXX FIXME: /var/tmp/ cleanup was disabled in #675422 + # self.assertFalse(os.path.exists('/var/tmp/oldfile.test')) + self.assertTrue(os.path.exists('/var/tmp/newfile.test')) + + # next run should leave the recent ones + os.close(os.open('/tmp/newfile.test', + os.O_CREAT | os.O_EXCL | os.O_WRONLY)) + subprocess.check_call(['systemctl', 'start', 'systemd-tmpfiles-clean']) + wait_unit_stop('systemd-tmpfiles-clean') + self.assertTrue(os.path.exists('/tmp/newfile.test')) + + # Helper methods + + def active_unit(self, unit): + '''Check that given unit is active''' + + out = subprocess.check_output(['systemctl', 'status', unit]) + self.assertIn(b'active (running)', out) + + +class JournalTest(unittest.TestCase): + '''Check journal functionality''' + + def test_no_options(self): + out = subprocess.check_output(['journalctl']) + # has kernel messages + self.assertRegex(out, b'kernel:.*[cC]ommand line:') + # has init messages + self.assertRegex(out, b'systemd.*Reached target Graphical Interface') + # has other services + self.assertRegex(out, b'NetworkManager.*:.*starting') + + def test_log_for_service(self): + out = subprocess.check_output( + ['journalctl', '_SYSTEMD_UNIT=NetworkManager.service']) + self.assertRegex(out, b'NetworkManager.*:.*starting') + self.assertNotIn(b'kernel:', out) + self.assertNotIn(b'systemd:', out) + + +class NspawnTest(unittest.TestCase): + '''Check nspawn''' + + @classmethod + def setUpClass(kls): + '''Build a bootable busybox mini-container''' + + kls.td_c_busybox = tempfile.TemporaryDirectory(prefix='c_busybox.') + kls.c_busybox = kls.td_c_busybox.name + for d in ['etc/init.d', 'bin', 'sbin']: + os.makedirs(os.path.join(kls.c_busybox, d)) + shutil.copy('/bin/busybox', os.path.join(kls.c_busybox, 'bin')) + shutil.copy('/etc/os-release', os.path.join(kls.c_busybox, 'etc')) + os.symlink('busybox', os.path.join(kls.c_busybox, 'bin', 'sh')) + os.symlink('../bin/busybox', os.path.join(kls.c_busybox, 'sbin/init')) + with open(os.path.join(kls.c_busybox, 'etc/init.d/rcS'), 'w') as f: + f.write('''#!/bin/sh +echo fake container started +ps aux +poweroff\n''') + os.fchmod(f.fileno(), 0o755) + subprocess.check_call(['systemd-machine-id-setup', '--root', + kls.c_busybox], stderr=subprocess.PIPE) + + def setUp(self): + self.workdir = tempfile.TemporaryDirectory() + + def test_boot(self): + cont = os.path.join(self.workdir.name, 'c1') + shutil.copytree(self.c_busybox, cont, symlinks=True) + os.sync() + nspawn = subprocess.Popen(['systemd-nspawn', '-D', cont, '-b'], + stdout=subprocess.PIPE, stderr=subprocess.STDOUT) + out = nspawn.communicate(timeout=60)[0] + self.assertIn(b'Spawning container c1', out) + self.assertIn(b'fake container started', out) + self.assertRegex(out, b'\n\s+1\s+0\s+init[\r\n]') + self.assertRegex(out, b'\n\s+2+\s+0\s.*rcS[\r\n]') + self.assertRegex(out, b'Container c1.*shut down') + self.assertEqual(nspawn.returncode, 0) + + def test_service(self): + self.assertTrue(os.path.isdir('/var/lib/machines')) + cont = '/var/lib/machines/c1' + shutil.copytree(self.c_busybox, cont, symlinks=True) + self.addCleanup(shutil.rmtree, cont) + os.sync() + subprocess.check_call(['systemctl', 'start', 'systemd-nspawn@c1']) + wait_unit_stop('systemd-nspawn@c1') + + subprocess.call(['journalctl', '--sync']) + systemctl = subprocess.Popen( + ['systemctl', 'status', '-overbose', '-l', 'systemd-nspawn@c1'], + stdout=subprocess.PIPE) + out = systemctl.communicate()[0].decode('UTF-8', 'replace') + self.assertEqual(systemctl.returncode, 3, out) + self.assertNotIn('failed', out) + + +@unittest.skipUnless(os.path.exists('/sys/kernel/security/apparmor'), + 'AppArmor not enabled') +class AppArmorTest(unittest.TestCase): + def test_profile(self): + '''AppArmor confined unit''' + + # create AppArmor profile + aa_profile = tempfile.NamedTemporaryFile(prefix='aa_violator.') + aa_profile.write(b'''#include + +profile "violator-test" { + #include + + /{usr/,}bin/** rix, + /etc/machine-id r, +} +''') + aa_profile.flush() + subprocess.check_call(['apparmor_parser', '-r', '-v', aa_profile.name]) + + # create confined unit + with open('/run/systemd/system/violator.service', 'w') as f: + f.write('''[Unit] +Description=AppArmor test + +[Service] +ExecStart=/bin/sh -euc 'echo CP1; cat /etc/machine-id; echo CP2; if cat /etc/passwd; then exit 1; fi; echo CP3' +AppArmorProfile=violator-test +''') + self.addCleanup(os.unlink, '/run/systemd/system/violator.service') + + # launch + subprocess.check_call(['systemctl', 'daemon-reload']) + subprocess.check_call(['systemctl', 'start', 'violator.service']) + wait_unit_stop('violator.service') + + # check status + st = subprocess.Popen(['systemctl', 'status', '-l', + 'violator.service'], stdout=subprocess.PIPE, + universal_newlines=True) + out = st.communicate()[0] + # unit should be stopped + self.assertEqual(st.returncode, 3) + + self.assertIn('inactive', out) + self.assertIn('CP1', out) + self.assertIn('CP2', out) + self.assertIn('CP3', out) + with open('/etc/machine-id') as f: + self.assertIn(f.read().strip(), out) + self.assertNotIn('root:x', out, 'unit can read /etc/passwd') + + +@unittest.skipIf(os.path.exists('/sys/fs/cgroup/cgroup.controllers'), + 'test needs to be reworked on unified cgroup hierarchy') +class CgroupsTest(unittest.TestCase): + '''Check cgroup setup''' + + @classmethod + def setUpClass(kls): + kls.controllers = [] + for controller in glob('/sys/fs/cgroup/*'): + if not os.path.islink(controller): + kls.controllers.append(controller) + + def setUp(self): + self.service = 'testsrv.service' + self.service_file = '/run/systemd/system/' + self.service + + def tearDown(self): + subprocess.call(['systemctl', 'stop', self.service], + stderr=subprocess.PIPE) + try: + os.unlink(self.service_file) + except OSError: + pass + subprocess.check_call(['systemctl', 'daemon-reload']) + + def create_service(self, extra_service=''): + '''Create test service unit''' + + with open(self.service_file, 'w') as f: + f.write('''[Unit] +Description=test service +[Service] +ExecStart=/bin/sleep 500 +%s +''' % extra_service) + subprocess.check_call(['systemctl', 'daemon-reload']) + + def assertNoControllers(self): + '''Assert that no cgroup controllers exist for test service''' + + cs = glob('/sys/fs/cgroup/*/system.slice/%s' % self.service) + self.assertEqual(cs, []) + + def assertController(self, name): + '''Assert that cgroup controller exists for test service''' + + c = '/sys/fs/cgroup/%s/system.slice/%s' % (name, self.service) + self.assertTrue(os.path.isdir(c)) + + def assertNoController(self, name): + '''Assert that cgroup controller does not exist for test service''' + + c = '/sys/fs/cgroup/%s/system.slice/%s' % (name, self.service) + self.assertFalse(os.path.isdir(c)) + + def test_simple(self): + '''simple service''' + + self.create_service() + self.assertNoControllers() + subprocess.check_call(['systemctl', 'start', self.service]) + self.assertController('systemd') + subprocess.check_call(['systemctl', 'stop', self.service]) + self.assertNoControllers() + + def test_cpushares(self): + '''service with CPUShares''' + + self.create_service('CPUShares=1000') + self.assertNoControllers() + subprocess.check_call(['systemctl', 'start', self.service]) + self.assertController('systemd') + self.assertController('cpu,cpuacct') + subprocess.check_call(['systemctl', 'stop', self.service]) + self.assertNoControllers() + + @unittest.skipIf('TEST_UPSTREAM' in os.environ, + 'fix not applied upstream') + def test_custom_cgroup_cleanup(self): + '''cgroup cleanup does not touch manually created cgroups''' + + # reproduces https://bugs.debian.org/777601 + self.create_service() + os.mkdir('/sys/fs/cgroup/blkio/aux') + os.mkdir('/sys/fs/cgroup/perf_event/aux') + self.addCleanup(os.rmdir, '/sys/fs/cgroup/blkio/aux') + self.addCleanup(os.rmdir, '/sys/fs/cgroup/perf_event/aux') + subprocess.check_call(['systemctl', 'start', self.service]) + self.assertController('systemd') + self.assertTrue(os.path.exists('/sys/fs/cgroup/blkio/aux')) + self.assertTrue(os.path.exists('/sys/fs/cgroup/perf_event/aux')) + + subprocess.check_call(['systemctl', 'daemon-reload']) + time.sleep(1) + subprocess.check_call(['systemctl', 'restart', self.service]) + time.sleep(1) + self.assertTrue(os.path.exists('/sys/fs/cgroup/blkio/aux')) + self.assertTrue(os.path.exists('/sys/fs/cgroup/perf_event/aux')) + + subprocess.check_call(['systemctl', 'stop', self.service]) + self.assertNoControllers() + self.assertTrue(os.path.exists('/sys/fs/cgroup/blkio/aux')) + self.assertTrue(os.path.exists('/sys/fs/cgroup/perf_event/aux')) + + +class SeccompTest(unittest.TestCase): + '''Check seccomp syscall filtering''' + + def test_failing(self): + with open('/run/systemd/system/scfail.service', 'w') as f: + f.write('''[Unit] +Description=seccomp test +[Service] +ExecStart=/bin/cat /etc/machine-id +SystemCallFilter=access +''') + self.addCleanup(os.unlink, '/run/systemd/system/scfail.service') + + # launch + subprocess.check_call(['systemctl', 'daemon-reload']) + subprocess.check_call(['systemctl', 'start', 'scfail.service']) + wait_unit_stop('scfail.service') + + # check status + st = subprocess.Popen(['systemctl', 'status', '-l', + 'scfail.service'], stdout=subprocess.PIPE) + out = st.communicate()[0] + # unit should be stopped + self.assertEqual(st.returncode, 3) + + subprocess.check_call(['systemctl', 'reset-failed', 'scfail.service']) + + self.assertIn(b'failed', out) + self.assertIn(b'code=killed, signal=SYS', out) + with open('/etc/machine-id') as f: + self.assertNotIn(f.read().strip().encode('ASCII'), out) + + +class CoredumpTest(unittest.TestCase): + '''Check systemd-coredump''' + + def test_bash_crash(self): + subprocess.call("ulimit -c unlimited; bash -c 'kill -SEGV $$'", shell=True, + cwd='/tmp', stderr=subprocess.DEVNULL) + + # with systemd-coredump installed we should get the core dumps in + # systemd's dir + for timeout in range(50): + cores = glob('/var/lib/systemd/coredump/core.bash.*') + if cores: + break + time.sleep(1) + self.assertNotEqual(cores, []) + self.assertEqual(glob('/tmp/core*'), []) + + # we should also get a message and stack trace in journal + for timeout in range(10): + subprocess.call(['journalctl', '--sync']) + journal = subprocess.check_output(['journalctl', '-t', 'systemd-coredump']) + if re.search(b'Process.*bash.*dumped core', journal) and \ + re.search(b'#[0-9] .*bash', journal): + break + time.sleep(1) + self.assertRegex(journal, b'Process.*bash.*dumped core') + self.assertIn(b'Stack trace', journal) + self.assertRegex(journal, b'#[0-9] .*bash') + + +class CLITest(unittest.TestCase): + def setUp(self): + self.programs = [] + for line in subprocess.check_output(['dpkg', '-L', 'systemd', 'systemd-container', 'systemd-coredump', 'udev'], + universal_newlines=True).splitlines(): + if '/bin/' in line: + self.programs.append(line.strip()) + + def test_help(self): + '--help works and succeeds''' + + for program in self.programs: + p = subprocess.Popen([program, '--help'], stdout=subprocess.PIPE, stderr=subprocess.PIPE, universal_newlines=True) + (out, err) = p.communicate() + try: + self.assertEqual(err, '') + self.assertEqual(p.returncode, 0) + self.assertIn(os.path.basename(program), out) + self.assertTrue('--help' in out or 'Usage' in out, out) + except AssertionError: + print('Failed program: %s' % program) + raise + + def test_version(self): + '--version works and succeeds''' + + version = subprocess.check_output(['pkg-config', '--modversion', 'systemd'], + universal_newlines=True).strip() + + for program in self.programs: + # known to not respond to --version + if os.path.basename(program) in ['kernel-install', 'systemd-ask-password', 'systemd-stdio-bridge']: + continue + p = subprocess.Popen([program, '--version'], stdout=subprocess.PIPE, stderr=subprocess.PIPE, universal_newlines=True) + (out, err) = p.communicate() + try: + self.assertEqual(err, '') + self.assertEqual(p.returncode, 0) + self.assertIn(version, out) + except AssertionError: + print('Failed program: %s' % program) + raise + + def test_invalid_option(self): + '''Calling with invalid option fails''' + + for program in self.programs: + p = subprocess.Popen([program, '--invalid-option'], stdout=subprocess.PIPE, stderr=subprocess.PIPE, universal_newlines=True) + (out, err) = p.communicate() + try: + # kernel-install is an unique snowflake + if not program.endswith('/kernel-install'): + self.assertIn('--invalid-option', err) + self.assertNotEqual(p.returncode, 0) + except AssertionError: + print('Failed program: %s' % program) + raise + + +def pre_boot_setup(): + '''Test setup before rebooting testbed''' + + # create a few temporary files to ensure that they get cleaned up on boot + os.close(os.open('/tmp/newfile.test', + os.O_CREAT | os.O_EXCL | os.O_WRONLY)) + os.close(os.open('/var/tmp/newfile.test', + os.O_CREAT | os.O_EXCL | os.O_WRONLY)) + # we can't use utime() here, as systemd looks for ctime + cur_time = time.clock_gettime(time.CLOCK_REALTIME) + time.clock_settime(time.CLOCK_REALTIME, cur_time - 2 * 30 * 86400) + try: + os.close(os.open('/tmp/oldfile.test', + os.O_CREAT | os.O_EXCL | os.O_WRONLY)) + os.close(os.open('/var/tmp/oldfile.test', + os.O_CREAT | os.O_EXCL | os.O_WRONLY)) + finally: + time.clock_settime(time.CLOCK_REALTIME, cur_time) + + # allow X to start even on headless machines + os.makedirs('/etc/X11/xorg.conf.d/', exist_ok=True) + with open('/etc/X11/xorg.conf.d/dummy.conf', 'w') as f: + f.write('''Section "Device" + Identifier "test" + Driver "dummy" +EndSection''') + + +if __name__ == '__main__': + if not os.getenv('ADT_REBOOT_MARK'): + pre_boot_setup() + print('Rebooting...') + subprocess.check_call(['/tmp/autopkgtest-reboot', 'boot1']) + + unittest.main(testRunner=unittest.TextTestRunner(stream=sys.stdout, + verbosity=2)) diff --git a/tests/boot-smoke b/tests/boot-smoke new file mode 100755 index 00000000..ca1fd375 --- /dev/null +++ b/tests/boot-smoke @@ -0,0 +1,66 @@ +#!/bin/sh +# test 20 successful reboots in a row +# Author: Martin Pitt +# For bisecting/testing you can replace individual binaries in /lib/systemd +# with --copy /host/path/systemd-foo:/tmp/systemd-replace/systemd-foo +set -e + +. `dirname $0`/assert.sh + +if [ -z "$ADT_REBOOT_MARK" ]; then + # enable persistent journal + mkdir -p /var/log/journal + # allow X to start even on headless machines + mkdir -p /etc/X11/xorg.conf.d/ + cat << EOF > /etc/X11/xorg.conf.d/dummy.conf +Section "Device" + Identifier "test" + Driver "dummy" +EndSection +EOF + + + ADT_REBOOT_MARK=0 + if [ -d /tmp/systemd-replace/ ]; then + for f in /tmp/systemd-replace/*; do + echo "Installing $f..." + rm -f /lib/systemd/$(basename $f) + cp $f /lib/systemd/ + done + fi +else + echo "checking for failed unmounts for user systemd" + JOURNAL=$(journalctl) + if echo "$JOURNAL" | grep -E "systemd\[([2-9]|[1-9][0-9]+)\].*Failed unmounting"; then + exit 1 + fi + echo "checking for connection timeouts" + if echo "$JOURNAL" | grep "Connection timed out"; then + exit 1 + fi + + echo "checking that polkitd runs" + pidof polkitd + + echo "checking that there are no running jobs" + TIMEOUT=10 + while [ $TIMEOUT -ge 0 ]; do + running="$(systemctl --no-pager --no-legend list-jobs || true)" + [ -n "$running" ] || break + TIMEOUT=$((TIMEOUT - 1)) + done + if [ -n "$running" ]; then + echo "running jobs after remaining timeout $TIMEOUT: $running" + journalctl --sync + journalctl -ab > $ADT_ARTIFACTS/journal.txt + udevadm info --export-db > $ADT_ARTIFACTS/udevdb.txt + exit 1 + fi +fi + +if [ "$ADT_REBOOT_MARK" -ge 5 ]; then + exit 0 +fi + +echo "reboot #$ADT_REBOOT_MARK" +/tmp/autopkgtest-reboot $(($ADT_REBOOT_MARK + 1)) diff --git a/tests/build-login b/tests/build-login new file mode 100755 index 00000000..def83b18 --- /dev/null +++ b/tests/build-login @@ -0,0 +1,38 @@ +#!/bin/sh +# autopkgtest check: Test build against libsystemd-login-dev +# (C) 2014 Canonical Ltd. +# Author: Martin Pitt + +set -e + +WORKDIR=$(mktemp -d) +trap "rm -rf $WORKDIR" 0 INT QUIT ABRT PIPE TERM +cd $WORKDIR +cat < loginmonitor.c +#include +#include +#include + +int main(int argc, char **argv) +{ + sd_login_monitor* mon = NULL; + int res; + + res = sd_login_monitor_new(NULL, &mon); + if (res < 0) { + fprintf(stderr, "sd_login_monitor_new failed with value %i\n", res); + return 1; + } + + assert(sd_login_monitor_get_fd(mon) > 0); + sd_login_monitor_unref(mon); + + return 0; +} +EOF + +gcc -Wall -Werror -o loginmonitor loginmonitor.c `pkg-config --cflags --libs libsystemd` +echo "build: OK" +[ -x loginmonitor ] +./loginmonitor +echo "run: OK" diff --git a/tests/control b/tests/control new file mode 100644 index 00000000..066cd60d --- /dev/null +++ b/tests/control @@ -0,0 +1,180 @@ +Tests: timedated, hostnamed, localed-locale, localed-x11-keymap +Depends: systemd, + libpam-systemd, + libnss-systemd, + acl, + locales, +Restrictions: needs-root, isolation-container + +Tests: logind +Depends: systemd, + libpam-systemd, + libnss-systemd, + acl, + locales, + evemu-tools, +Restrictions: needs-root, isolation-container + +Tests: unit-config +Depends: systemd, + libpam-systemd, + libnss-systemd, + acl, + locales, + evemu-tools, + python3, + pkg-config, +Restrictions: needs-root, allow-stderr + +Tests: storage +Depends: systemd, + libpam-systemd, + libnss-systemd, + acl, + locales, + evemu-tools, + python3, + pkg-config, + cryptsetup-bin, +Restrictions: needs-root, isolation-machine + +Tests: networkd-test.py +Tests-Directory: test +Depends: systemd, + libpam-systemd, + libnss-systemd, + acl, + locales, + evemu-tools, + python3, + pkg-config, + cryptsetup-bin, + systemd-sysv, + policykit-1, + dnsmasq-base +Restrictions: needs-root, isolation-container + +Tests: build-login +Depends: systemd, + libpam-systemd, + libnss-systemd, + acl, + locales, + evemu-tools, + python3, + pkg-config, + cryptsetup-bin, + systemd-sysv, + policykit-1, + dnsmasq-base, + build-essential, + libsystemd-dev, +Restrictions: isolation-container + +Tests: boot-and-services +Depends: systemd-sysv, + systemd-container, + systemd-coredump, + libpam-systemd, + xserver-xorg-video-dummy, + xserver-xorg, + lightdm, + lightdm-gtk-greeter | lightdm-greeter, + cron, + network-manager, + busybox-static, + apparmor, + pkg-config, + python3 +Restrictions: needs-root, isolation-machine, breaks-testbed + +Tests: udev +Depends: systemd-tests, + python3, + tree, + perl, + xz-utils, +Restrictions: needs-root, allow-stderr, isolation-machine + +Tests: root-unittests +Depends: systemd-tests, + libpam-systemd, + tree, + perl, + xz-utils, + libcap2-bin, + iproute2, + liblz4-tool, + acl, + iputils-ping, + dbus-user-session, +Restrictions: needs-root, allow-stderr, isolation-container + +Tests: upstream +Depends: libsystemd-dev, + tree, + perl, + xz-utils, + libcap2-bin, + iproute2, + liblz4-tool, + acl, + kbd, + cryptsetup-bin, + net-tools, + isc-dhcp-client, + iputils-ping, + strace, + qemu-system-x86 [amd64], + less, + pkg-config, + gcc, + libc6-dev | libc-dev, + make, + quota, + systemd-journal-remote, + systemd-container, + systemd-coredump, + fdisk | util-linux (<< 2.29.2-3~), + netcat-openbsd, + busybox-static, + plymouth, +Restrictions: needs-root, allow-stderr, isolation-machine + +Tests: boot-smoke +Depends: libsystemd-dev, + tree, + perl, + xz-utils, + libcap2-bin, + iproute2, + liblz4-tool, + acl, + kbd, + cryptsetup-bin, + net-tools, + isc-dhcp-client, + iputils-ping, + strace, + qemu-system-x86 [amd64], + less, + pkg-config, + gcc, + libc6-dev | libc-dev, + make, + systemd-journal-remote, + systemd-container, + systemd-sysv, + network-manager, + policykit-1, + lightdm, + xserver-xorg-video-dummy, +Restrictions: needs-root, isolation-container, allow-stderr, breaks-testbed + +# NOUPSTREAM: Do not run these tests for upstream builds + +Tests: systemd-fsckd +Depends: systemd-sysv, + python3, + plymouth +Restrictions: needs-root, isolation-machine, breaks-testbed diff --git a/tests/fsck b/tests/fsck new file mode 100755 index 00000000..77b50d72 --- /dev/null +++ b/tests/fsck @@ -0,0 +1,27 @@ +#!/bin/bash +fd=0 + +OPTIND=1 +while getopts "C:aTlM" opt; do + case "$opt" in + C) + fd=$OPTARG + ;; + \?);; + esac +done + +shift "$((OPTIND-1))" +device=$1 + +echo "Running fake fsck on $device" + +declare -a maxpass=(30 5 2 30 60) + +for pass in {1..5}; do + maxprogress=${maxpass[$((pass-1))]} + for (( current=0; current<=${maxprogress}; current++)); do + echo "$pass $current $maxprogress $device">&$fd + sleep 0.1 + done +done diff --git a/tests/hostnamed b/tests/hostnamed new file mode 100755 index 00000000..1b228691 --- /dev/null +++ b/tests/hostnamed @@ -0,0 +1,22 @@ +#!/bin/sh +set -e + +. `dirname $0`/assert.sh + +ORIG_HOST=`cat /etc/hostname` +echo "original hostname: $ORIG_HOST" + +# should activate daemon and work +STATUS="`hostnamectl`" +assert_in "Static hostname: $ORIG_HOST" "$STATUS" +assert_in "Kernel:.* `uname -r`" "$STATUS" + +# change hostname +assert_eq "`hostnamectl set-hostname testhost 2>&1`" "" +assert_eq "`cat /etc/hostname`" "testhost" +assert_in "Static hostname: testhost" "`hostnamectl`" + +# reset to original +assert_eq "`hostnamectl set-hostname $ORIG_HOST 2>&1`" "" +assert_eq "`cat /etc/hostname`" "$ORIG_HOST" +assert_in "Static hostname: $ORIG_HOST" "`hostnamectl`" diff --git a/tests/lidswitch.evemu b/tests/lidswitch.evemu new file mode 100644 index 00000000..de1d5904 --- /dev/null +++ b/tests/lidswitch.evemu @@ -0,0 +1,34 @@ +# EVEMU 1.2 +# Input device name: "Lid Switch" +# Input device ID: bus 0x19 vendor 0000 product 0x05 version 0000 +# Supported events: +# Event type 0 (EV_SYN) +# Event code 0 (SYN_REPORT) +# Event code 5 (FF_STATUS_MAX) +# Event type 5 (EV_SW) +# Event code 0 (SW_LID) +# Properties: +N: Fake Lid Switch +I: 0019 0000 0005 0000 +P: 00 00 00 00 00 00 00 00 +B: 00 21 00 00 00 00 00 00 00 +B: 01 00 00 00 00 00 00 00 00 +B: 01 00 00 00 00 00 00 00 00 +B: 01 00 00 00 00 00 00 00 00 +B: 01 00 00 00 00 00 00 00 00 +B: 01 00 00 00 00 00 00 00 00 +B: 01 00 00 00 00 00 00 00 00 +B: 01 00 00 00 00 00 00 00 00 +B: 01 00 00 00 00 00 00 00 00 +B: 01 00 00 00 00 00 00 00 00 +B: 01 00 00 00 00 00 00 00 00 +B: 01 00 00 00 00 00 00 00 00 +B: 01 00 00 00 00 00 00 00 00 +B: 02 00 00 00 00 00 00 00 00 +B: 03 00 00 00 00 00 00 00 00 +B: 04 00 00 00 00 00 00 00 00 +B: 05 01 00 00 00 00 00 00 00 +B: 11 00 00 00 00 00 00 00 00 +B: 12 00 00 00 00 00 00 00 00 +B: 15 00 00 00 00 00 00 00 00 +B: 15 00 00 00 00 00 00 00 00 diff --git a/tests/localed-locale b/tests/localed-locale new file mode 100755 index 00000000..468258d1 --- /dev/null +++ b/tests/localed-locale @@ -0,0 +1,42 @@ +#!/bin/sh +set -e + +. `dirname $0`/assert.sh + +if [ -n "$TEST_UPSTREAM" ]; then + LOCALE_CONF=/etc/locale.conf +else + LOCALE_CONF=/etc/default/locale +fi + +if ! ORIG_LOC=`grep -v '^#' $LOCALE_CONF 2>/dev/null`; then + # set up for a minimal unconfigured system + if [ -e /etc/locale.gen ]; then + echo "en_US.UTF-8 UTF-8" >> /etc/locale.gen + fi + locale-gen en_US.UTF-8 + ORIG_LOC='LANG="en_US.UTF-8"' + echo "$ORIG_LOC" > $LOCALE_CONF +fi + +if ! [ -e /etc/default/keyboard ]; then + /bin/echo -e 'XKBMODEL=us\nXKBLAYOUT=pc105' > /etc/default/keyboard +fi + +# should activate daemon and work +assert_in "System Locale:" "`localectl --no-pager`" + +# change locale +assert_eq "`localectl --no-pager set-locale LANG=C LC_CTYPE=en_US.UTF-8 2>&1`" "" +sync +assert_eq "`cat $LOCALE_CONF`" "LANG=C +LC_CTYPE=en_US.UTF-8" + +! [ -f /etc/locale.conf ] + +STATUS=`localectl` +assert_in "System Locale: LANG=C" "$STATUS" +assert_in "LC_CTYPE=en_US.UTF-8" "$STATUS" + +# reset locale to original +echo "$ORIG_LOC" > $LOCALE_CONF diff --git a/tests/localed-x11-keymap b/tests/localed-x11-keymap new file mode 100755 index 00000000..34f48080 --- /dev/null +++ b/tests/localed-x11-keymap @@ -0,0 +1,52 @@ +#!/bin/sh +set -e + +. `dirname $0`/assert.sh + +if [ -f /etc/default/keyboard ]; then + ORIG_KBD=`cat /etc/default/keyboard` +else + ORIG_KBD="" +fi + +cleanup() { + # reset locale to original + if [ -n "ORIG_KBD" ]; then + echo "$ORIG_KBD" > /etc/default/keyboard + else + rm -f /etc/default/keyboard + fi + rm -f /etc/X11/xorg.conf.d/00-keyboard.conf +} +trap cleanup EXIT INT QUIT PIPE + +# should activate daemon and work +STATUS=`localectl` +assert_in "X11 Layout:" "`localectl --no-pager`" + +# change layout +assert_eq "`localectl --no-pager set-x11-keymap et pc101 2>&1`" "" +sync + +if [ -n "$TEST_UPSTREAM" ]; then + # Upstream writes xorg.conf.d file + assert_in 'Option "XkbLayout" "et' "`cat /etc/X11/xorg.conf.d/00-keyboard.conf`" + assert_in 'Option "XkbModel" "pc101"' "`cat /etc/X11/xorg.conf.d/00-keyboard.conf`" +else + # Debian console-setup config file + assert_in 'XKBLAYOUT="\?et"\?' "`cat /etc/default/keyboard`" + assert_in 'XKBMODEL="\?pc101"\?' "`cat /etc/default/keyboard`" + + ! [ -f /etc/X11/xorg.conf.d/00-keyboard.conf ] +fi + +STATUS=`localectl --no-pager` +assert_in "X11 Layout: et" "$STATUS" +assert_in "X11 Model: pc101" "$STATUS" + +# gets along without config file +if [ -z "$TEST_UPSTREAM" ]; then + rm /etc/default/keyboard + systemctl stop systemd-localed + assert_in "X11 Layout: n/a" "`localectl --no-pager`" +fi diff --git a/tests/logind b/tests/logind new file mode 100755 index 00000000..07a658bd --- /dev/null +++ b/tests/logind @@ -0,0 +1,204 @@ +#!/bin/sh +set -e + +test_started() { + # ensure the *old* logind from before the upgrade isn't running + echo " * try-restarting systemd-logind" + systemctl try-restart systemd-logind + + echo " * daemon is started" + # should start at boot, not with D-BUS activation + LOGINDPID=$(pidof systemd-logind) + + # loginctl should succeed + echo " * loginctl succeeds" + LOGINCTL_OUT=`loginctl` +} + +test_properties() { + # Default KillUserProcesses should be off for debian/ubuntu builds + r=$(busctl get-property org.freedesktop.login1 /org/freedesktop/login1 org.freedesktop.login1.Manager KillUserProcesses) + [ "$r" = "b false" ] +} + +# args: +wait_suspend() { + timeout=$1 + while [ $timeout -gt 0 ] && [ ! -e /run/suspend.flag ]; do + sleep 1 + timeout=$((timeout - 1)) + [ $(($timeout % 5)) -ne 0 ] || echo " waiting for suspend, ${timeout}s remaining..." + done + if [ ! -e /run/suspend.flag ]; then + echo "closing lid did not cause suspend" >&2 + exit 1 + fi + rm /run/suspend.flag + echo " * closing lid caused suspend" +} + +test_suspend_on_lid() { + if systemd-detect-virt --quiet --container; then + echo " * Skipping suspend test in container" + return + fi + if ! grep -q mem /sys/power/state; then + echo " * suspend not supported on this testbed, skipping" + return + fi + + # cleanup handler + trap 'rm -f /run/udev/rules.d/70-logindtest-*.rules; udevadm control --reload; + kill $KILL_PID; + rm /run/systemd/system/systemd-suspend.service; + if [ -d /sys/module/scsi_debug ]; then rmmod scsi_debug 2>/dev/null || (sleep 2; rmmod scsi_debug ) || true; fi' \ + EXIT INT QUIT TERM PIPE + + # watch what's going on + journalctl -f -u systemd-logind.service & + KILL_PID="$KILL_PID $!" + + # create fake suspend + UNIT=$(systemctl show -pFragmentPath --value systemd-suspend.service) + sed '/^ExecStart=/ s_=.*$_=/bin/touch /run/suspend.flag_' $UNIT > /run/systemd/system/systemd-suspend.service + sync + systemctl daemon-reload + + # create fake lid switch + mkdir -p /run/udev/rules.d + echo 'SUBSYSTEM=="input", KERNEL=="event*", ATTRS{name}=="Fake Lid Switch", TAG+="power-switch"' \ + > /run/udev/rules.d/70-logindtest-lid.rules + sync + udevadm control --reload + evemu-device $(dirname $0)/lidswitch.evemu & + KILL_PID="$KILL_PID $!" + while [ -z "$O" ]; do + sleep 0.1 + O=$(grep -l '^Fake Lid Switch' /sys/class/input/*/device/name) + done + O=${O%/device/name} + LID_DEV=/dev/${O#/sys/class/} + + # close lid + evemu-event $LID_DEV --sync --type 5 --code 0 --value 1 + # need to wait for 30s suspend inhibition after boot + wait_suspend 31 + # open lid again + evemu-event $LID_DEV --sync --type 5 --code 0 --value 0 + + echo " * waiting for 30s inhibition time between suspends" + sleep 30 + + # now closing lid should cause instant suspend + evemu-event $LID_DEV --sync --type 5 --code 0 --value 1 + wait_suspend 2 + evemu-event $LID_DEV --sync --type 5 --code 0 --value 0 + + P=$(pidof systemd-logind) + [ "$P" = "$LOGINDPID" ] || { echo "logind crashed" >&2; exit 1; } +} + +test_shutdown() { + echo " * scheduled shutdown with wall message" + shutdown 2>&1 + sleep 5 + shutdown -c || true + # logind should still be running + P=$(pidof systemd-logind) + [ "$P" = "$LOGINDPID" ] || { echo "logind crashed" >&2; exit 1; } + + echo " * scheduled shutdown without wall message" + shutdown --no-wall 2>&1 + sleep 5 + shutdown -c --no-wall || true + P=$(pidof systemd-logind) + [ "$P" = "$LOGINDPID" ] || { echo "logind crashed" >&2; exit 1; } +} + +test_in_logind_session() { + echo " * XDG_SESSION_ID=$XDG_SESSION_ID" + # cgroup v1: "1:name=systemd:/user.slice/..."; unified hierarchy: "0::/user.slice" + if grep -E '(name=systemd|^0:):.*session.*scope' /proc/self/cgroup; then + echo " * process is in session cgroup" + else + echo "FAIL: process is not in session cgroup" + echo "/proc/self/cgroup:" + cat /proc/self/cgroup + loginctl + loginctl show-session "$XDG_SESSION_ID" + exit 1 + fi +} + +test_acl() { + # ACL tests + if ! echo "$LOGINCTL_OUT" | grep -q "seat0"; then + echo " * Skipping ACL tests, as there is no seat" + return + fi + if systemd-detect-virt --quiet --container; then + echo " * Skipping ACL tests in container" + return + fi + + # determine user + USER=`echo "$OUT" | grep seat0 | awk '{print $3}'` + echo "seat user: $USER" + + # scsi_debug should not be loaded yet + ! test -d /sys/bus/pseudo/drivers/scsi_debug/adapter*/host*/target*/*:*/block + + # we use scsi_debug to create new devices which we can put ACLs on + # tell udev about the tagging, so that logind can pick it up + cat < /run/udev/rules.d/70-logindtest-scsi_debug-user.rules +SUBSYSTEM=="block", ATTRS{model}=="scsi_debug*", TAG+="uaccess" +EOF + sync + udevadm control --reload + + echo " * coldplug: logind started with existing device" + killall systemd-logind + modprobe scsi_debug + while ! dev=/dev/`ls /sys/bus/pseudo/drivers/scsi_debug/adapter*/host*/target*/*:*/block 2>/dev/null`; do sleep 0.1; done + test -b $dev + echo "got block device $dev" + udevadm settle + # trigger logind + loginctl > /dev/null + sleep 1 + if getfacl -p $dev | grep -q "user:$USER:rw-"; then + echo "$dev has ACL for user $USER" + else + echo "$dev has no ACL for user $USER:" >&2 + getfacl -p $dev >&2 + exit 1 + fi + + rmmod scsi_debug + + echo " * hotplug: new device appears while logind is running" + modprobe scsi_debug + while ! dev=/dev/`ls /sys/bus/pseudo/drivers/scsi_debug/adapter*/host*/target*/*:*/block`; do sleep 0.1; done + test -b $dev + echo "got block device $dev" + udevadm settle + sleep 1 + if getfacl -p $dev | grep -q "user:$USER:rw-"; then + echo "$dev has ACL for user $USER" + else + echo "$dev has no ACL for user $USER:" >&2 + getfacl -p $dev >&2 + exit 1 + fi +} + +# +# main +# + +test_started +test_properties +test_in_logind_session +test_suspend_on_lid +test_shutdown +test_acl diff --git a/tests/process-killer b/tests/process-killer new file mode 100755 index 00000000..6ca10b8d --- /dev/null +++ b/tests/process-killer @@ -0,0 +1,9 @@ +#!/bin/sh +# loop until we can kill the process given in arg + +while : +do + /usr/bin/pkill -x $* + [ $? -eq 0 ] && break + sleep 1 +done diff --git a/tests/root-unittests b/tests/root-unittests new file mode 100644 index 00000000..96416e28 --- /dev/null +++ b/tests/root-unittests @@ -0,0 +1,26 @@ +#!/bin/sh +set -eu + +EXFAIL="" + +res=0 +for t in /usr/lib/systemd/tests/test-*; do + tname=$(basename $t) + # test-udev needs special prep and has its own test + [ "$tname" != test-udev ] || continue + echo "====== $tname =======" + # exit code 77 means "skip" + rc=0 + $t || rc=$? + if [ "$rc" = 0 ]; then + echo "PASS: $tname" + elif [ "$rc" = 77 ]; then + echo "SKIP: $tname" + elif [ "${EXFAIL%$tname*}" != "$EXFAIL" ]; then + echo "EXFAIL: $tname" + else + echo "FAIL: $tname (code: $rc)" + res=$rc + fi +done +exit $res diff --git a/tests/storage b/tests/storage new file mode 100755 index 00000000..d3861a7d --- /dev/null +++ b/tests/storage @@ -0,0 +1,238 @@ +#!/usr/bin/env python3 +# systemd integration test: Handling of storage devices +# (C) 2015 Canonical Ltd. +# Author: Martin Pitt + +import os +import sys +import unittest +import subprocess +import time +import random +from glob import glob + + +@unittest.skipIf(os.path.isdir('/sys/module/scsi_debug'), + 'The scsi_debug module is already loaded') +class FakeDriveTestBase(unittest.TestCase): + @classmethod + def setUpClass(klass): + # create a fake SCSI hard drive + subprocess.check_call(['modprobe', 'scsi_debug']) + # wait until drive got created + sys_dirs = [] + while not sys_dirs: + sys_dirs = glob('/sys/bus/pseudo/drivers/scsi_debug/adapter*/host*/target*/*:*/block') + time.sleep(0.1) + assert len(sys_dirs) == 1 + devs = os.listdir(sys_dirs[0]) + assert len(devs) == 1 + klass.device = '/dev/' + devs[0] + + def tearDown(self): + # clear drive + with open(self.device, 'wb') as f: + block = b'0' * 1048576 + try: + while True: + f.write(block) + except OSError: + pass + subprocess.check_call(['udevadm', 'settle']) + subprocess.check_call(['systemctl', 'daemon-reload']) + + +class CryptsetupTest(FakeDriveTestBase): + def setUp(self): + self.plaintext_name = 'testcrypt1' + self.plaintext_dev = '/dev/mapper/' + self.plaintext_name + if os.path.exists(self.plaintext_dev): + self.fail('%s exists already' % self.plaintext_dev) + + super().setUp() + + if os.path.exists('/etc/crypttab'): + os.rename('/etc/crypttab', '/etc/crypttab.systemdtest') + self.password = 'pwd%i' % random.randint(1000, 10000) + self.password_agent = None + + def tearDown(self): + if self.password_agent: + os.kill(self.password_agent, 9) + os.waitpid(self.password_agent, 0) + self.password_agent = None + subprocess.call(['umount', self.plaintext_dev], stderr=subprocess.DEVNULL) + subprocess.call(['systemctl', 'stop', 'systemd-cryptsetup@%s.service' % self.plaintext_name], + stderr=subprocess.STDOUT) + if os.path.exists('/etc/crypttab'): + os.unlink('/etc/crypttab') + if os.path.exists('/etc/crypttab.systemdtest'): + os.rename('/etc/crypttab.systemdtest', '/etc/crypttab') + + super().tearDown() + + def format_luks(self): + '''Format test device with LUKS''' + + p = subprocess.Popen(['cryptsetup', '--batch-mode', 'luksFormat', self.device, '-'], + stdin=subprocess.PIPE) + p.communicate(self.password.encode()) + self.assertEqual(p.returncode, 0) + os.sync() + subprocess.check_call(['udevadm', 'settle']) + + def start_password_agent(self): + '''Run password agent to answer passphrase request for crypt device''' + + pid = os.fork() + if pid > 0: + self.password_agent = pid + return + + # wait for incoming request + found = False + while not found: + for ask in glob('/run/systemd/ask-password/ask.*'): + with open(ask) as f: + contents = f.read() + if 'disk scsi_debug' in contents and self.plaintext_name in contents: + found = True + break + if not found: + time.sleep(0.5) + + # parse Socket= + for line in contents.splitlines(): + if line.startswith('Socket='): + socket = line.split('=', 1)[1] + break + + # send reply + p = subprocess.Popen(['/lib/systemd/systemd-reply-password', '1', socket], + stdin=subprocess.PIPE) + p.communicate(self.password.encode()) + assert p.returncode == 0 + + os._exit(0) + + def apply(self, target): + '''Tell systemd to generate and run the cryptsetup units''' + + subprocess.check_call(['systemctl', 'daemon-reload']) + + self.start_password_agent() + subprocess.check_call(['systemctl', 'restart', target]) + for timeout in range(50): + if os.path.exists(self.plaintext_dev): + break + time.sleep(0.1) + else: + self.fail('timed out for %s to appear' % self.plaintext_dev) + + def test_luks_by_devname(self): + '''LUKS device by plain device name, empty''' + + self.format_luks() + with open('/etc/crypttab', 'w') as f: + f.write('%s %s none luks\n' % (self.plaintext_name, self.device)) + self.apply('cryptsetup.target') + + # should not be mounted + with open('/proc/mounts') as f: + self.assertNotIn(self.plaintext_name, f.read()) + + # device should not have anything on it + p = subprocess.Popen(['blkid', self.plaintext_dev], stdout=subprocess.PIPE) + out = p.communicate()[0] + self.assertEqual(out, b'') + self.assertNotEqual(p.returncode, 0) + + def test_luks_by_uuid(self): + '''LUKS device by UUID, empty''' + + self.format_luks() + uuid = subprocess.check_output(['blkid', '-ovalue', '-sUUID', self.device], + universal_newlines=True).strip() + with open('/etc/crypttab', 'w') as f: + f.write('%s UUID=%s none luks\n' % (self.plaintext_name, uuid)) + self.apply('cryptsetup.target') + + # should not be mounted + with open('/proc/mounts') as f: + self.assertNotIn(self.plaintext_name, f.read()) + + # device should not have anything on it + p = subprocess.Popen(['blkid', self.plaintext_dev], stdout=subprocess.PIPE) + out = p.communicate()[0] + self.assertEqual(out, b'') + self.assertNotEqual(p.returncode, 0) + + def test_luks_swap(self): + '''LUKS device with "swap" option''' + + self.format_luks() + with open('/etc/crypttab', 'w') as f: + f.write('%s %s none luks,swap\n' % (self.plaintext_name, self.device)) + self.apply('cryptsetup.target') + + # should not be mounted + with open('/proc/mounts') as f: + self.assertNotIn(self.plaintext_name, f.read()) + + # device should be formatted with swap + out = subprocess.check_output(['blkid', '-ovalue', '-sTYPE', self.plaintext_dev]) + self.assertEqual(out, b'swap\n') + + def test_luks_tmp(self): + '''LUKS device with "tmp" option''' + + self.format_luks() + with open('/etc/crypttab', 'w') as f: + f.write('%s %s none luks,tmp\n' % (self.plaintext_name, self.device)) + self.apply('cryptsetup.target') + + # should not be mounted + with open('/proc/mounts') as f: + self.assertNotIn(self.plaintext_name, f.read()) + + # device should be formatted with ext2 + out = subprocess.check_output(['blkid', '-ovalue', '-sTYPE', self.plaintext_dev]) + self.assertEqual(out, b'ext2\n') + + def test_luks_fstab(self): + '''LUKS device in /etc/fstab''' + + self.format_luks() + with open('/etc/crypttab', 'w') as f: + f.write('%s %s none luks,tmp\n' % (self.plaintext_name, self.device)) + + mountpoint = '/run/crypt1.systemdtest' + os.mkdir(mountpoint) + self.addCleanup(os.rmdir, mountpoint) + os.rename('/etc/fstab', '/etc/fstab.systemdtest') + self.addCleanup(os.rename, '/etc/fstab.systemdtest', '/etc/fstab') + with open('/etc/fstab', 'a') as f: + with open('/etc/fstab.systemdtest') as forig: + f.write(forig.read()) + f.write('%s %s ext2 defaults 0 0\n' % (self.plaintext_dev, mountpoint)) + + # this should now be a requirement of local-fs.target + self.apply('local-fs.target') + + # should be mounted + found = False + with open('/proc/mounts') as f: + for line in f: + fields = line.split() + if fields[0] == self.plaintext_dev: + self.assertEqual(fields[1], mountpoint) + self.assertEqual(fields[2], 'ext2') + found = True + break + if not found: + self.fail('%s is not mounted' % self.plaintext_dev) + + +if __name__ == '__main__': + unittest.main(testRunner=unittest.TextTestRunner(stream=sys.stdout, + verbosity=2)) diff --git a/tests/systemd-fsckd b/tests/systemd-fsckd new file mode 100755 index 00000000..b71a8dc2 --- /dev/null +++ b/tests/systemd-fsckd @@ -0,0 +1,297 @@ +#!/usr/bin/python3 +# autopkgtest check: Ensure that systemd-fsckd can report progress and cancel +# (C) 2015 Canonical Ltd. +# Author: Didier Roche + +from contextlib import suppress +import inspect +import fileinput +import os +import subprocess +import shutil +import stat +import sys +import unittest +from time import sleep, time + +GRUB_AUTOPKGTEST_CONFIG_PATH = "/etc/default/grub.d/50-cloudimg-settings.cfg" +TEST_AUTOPKGTEST_CONFIG_PATH = "/etc/default/grub.d/99-fsckdtest.cfg" + +SYSTEMD_ETC_SYSTEM_UNIT_DIR = "/etc/systemd/system/" +SYSTEMD_PROCESS_KILLER_PATH = os.path.join(SYSTEMD_ETC_SYSTEM_UNIT_DIR, "process-killer.service") + +SYSTEMD_FSCK_ROOT_PATH = "/lib/systemd/system/systemd-fsck-root.service" +SYSTEMD_FSCK_ROOT_ENABLE_PATH = os.path.join(SYSTEMD_ETC_SYSTEM_UNIT_DIR, 'local-fs.target.wants/systemd-fsck-root.service') + +SYSTEM_FSCK_PATH = '/sbin/fsck' +PROCESS_KILLER_PATH = '/sbin/process-killer' +SAVED_FSCK_PATH = "{}.real".format(SYSTEM_FSCK_PATH) + +FSCKD_TIMEOUT = 30 + + +class FsckdTest(unittest.TestCase): + '''Check that we run, report and can cancel fsck''' + + def __init__(self, test_name, after_reboot, return_code): + super().__init__(test_name) + self._test_name = test_name + self._after_reboot = after_reboot + self._return_code = return_code + + def setUp(self): + super().setUp() + # ensure we have our root fsck enabled by default (it detects it runs in a vm and doesn't pull the target) + # note that it can already exists in case of a reboot (as there was no tearDown as we wanted) + os.makedirs(os.path.dirname(SYSTEMD_FSCK_ROOT_ENABLE_PATH), exist_ok=True) + with suppress(FileExistsError): + os.symlink(SYSTEMD_FSCK_ROOT_PATH, SYSTEMD_FSCK_ROOT_ENABLE_PATH) + enable_plymouth() + + # note that the saved real fsck can still exists in case of a reboot (as there was no tearDown as we wanted) + if not os.path.isfile(SAVED_FSCK_PATH): + os.rename(SYSTEM_FSCK_PATH, SAVED_FSCK_PATH) + + # install mock fsck and killer + self.install_bin(os.path.join(os.path.dirname(os.path.realpath(__file__)), 'fsck'), + SYSTEM_FSCK_PATH) + self.install_bin(os.path.join(os.path.dirname(os.path.realpath(__file__)), 'process-killer'), + PROCESS_KILLER_PATH) + + self.files_to_clean = [SYSTEMD_FSCK_ROOT_ENABLE_PATH, SYSTEM_FSCK_PATH, SYSTEMD_PROCESS_KILLER_PATH, PROCESS_KILLER_PATH] + + def tearDown(self): + # tearDown is only called once the test really ended (not while rebooting during tests) + for f in self.files_to_clean: + with suppress(FileNotFoundError): + os.remove(f) + os.rename(SAVED_FSCK_PATH, SYSTEM_FSCK_PATH) + super().tearDown() + + def test_fsckd_run(self): + '''Ensure we can reboot after a fsck was processed''' + if not self._after_reboot: + self.reboot() + else: + self.assertFsckdStop() + self.assertFsckProceeded() + self.assertSystemRunning() + + def test_fsckd_run_without_plymouth(self): + '''Ensure we can reboot without plymouth after a fsck was processed''' + if not self._after_reboot: + enable_plymouth(enable=False) + self.reboot() + else: + self.assertFsckdStop() + self.assertFsckProceeded(with_plymouth=False) + self.assertSystemRunning() + + def test_fsck_with_failure(self): + '''Ensure that a failing fsck doesn't prevent fsckd to stop''' + if not self._after_reboot: + self.install_process_killer_unit('fsck') + self.reboot() + else: + self.assertFsckdStop() + self.assertWasRunning('process-killer') + self.assertFalse(self.is_failed_unit('process-killer')) + self.assertFsckProceeded() + self.assertSystemRunning() + + def test_systemd_fsck_with_failure(self): + '''Ensure that a failing systemd-fsck doesn't prevent fsckd to stop''' + if not self._after_reboot: + self.install_process_killer_unit('systemd-fsck', kill=True) + self.reboot() + else: + self.assertFsckdStop() + self.assertProcessKilled() + self.assertTrue(self.is_failed_unit('systemd-fsck-root')) + self.assertWasRunning('systemd-fsckd') + self.assertWasRunning('plymouth-start') + self.assertSystemRunning() + + def test_systemd_fsckd_with_failure(self): + '''Ensure that a failing systemd-fsckd doesn't prevent system to boot''' + if not self._after_reboot: + self.install_process_killer_unit('systemd-fsckd', kill=True) + self.reboot() + else: + self.assertFsckdStop() + self.assertProcessKilled() + self.assertFalse(self.is_failed_unit('systemd-fsck-root')) + self.assertTrue(self.is_failed_unit('systemd-fsckd')) + self.assertWasRunning('plymouth-start') + self.assertSystemRunning() + + def test_systemd_fsck_with_plymouth_failure(self): + '''Ensure that a failing plymouth doesn't prevent fsckd to reconnect/exit''' + if not self._after_reboot: + self.install_process_killer_unit('plymouthd', kill=True) + self.reboot() + else: + self.assertFsckdStop() + self.assertWasRunning('process-killer') + self.assertFsckProceeded() + self.assertFalse(self.is_active_unit('plymouth-start')) + self.assertSystemRunning() + + def install_bin(self, source, dest): + '''install mock fsck''' + shutil.copy2(source, dest) + st = os.stat(dest) + os.chmod(dest, st.st_mode | stat.S_IEXEC) + + def is_active_unit(self, unit): + '''Check that given unit is active''' + + return subprocess.call(['systemctl', 'status', unit], + stdout=subprocess.PIPE) == 0 + + def is_failed_unit(self, unit): + '''Check that given unit failed''' + + p = subprocess.Popen(['systemctl', 'is-active', unit], stdout=subprocess.PIPE) + out, err = p.communicate() + if b'failed' in out: + return True + return False + + def assertWasRunning(self, unit, expect_running=True): + '''Assert that a given unit has been running''' + p = subprocess.Popen(['systemctl', 'status', '--no-pager', unit], + stdout=subprocess.PIPE, universal_newlines=True) + out = p.communicate()[0].strip() + if expect_running: + self.assertRegex(out, 'Active:.*since') + else: + self.assertNotRegex(out, 'Active:.*since') + self.assertIn(p.returncode, (0, 3)) + + def assertFsckdStop(self): + '''Ensure systemd-fsckd stops, which indicates no more fsck activity''' + timeout = time() + FSCKD_TIMEOUT + while time() < timeout: + if not self.is_active_unit('systemd-fsckd'): + return + sleep(1) + raise Exception("systemd-fsckd still active after {}s".format(FSCKD_TIMEOUT)) + + def assertFsckProceeded(self, with_plymouth=True): + '''Assert we executed most of the fsck-related services successfully''' + self.assertWasRunning('systemd-fsckd') + self.assertFalse(self.is_failed_unit('systemd-fsckd')) + self.assertTrue(self.is_active_unit('systemd-fsck-root')) # remains active after exit + if with_plymouth: + self.assertWasRunning('plymouth-start') + else: + self.assertWasRunning('plymouth-start', expect_running=False) + + def assertSystemRunning(self): + '''Assert that the system is running''' + + self.assertTrue(self.is_active_unit('default.target')) + + def assertProcessKilled(self): + '''Assert the targeted process was killed successfully''' + self.assertWasRunning('process-killer') + self.assertFalse(self.is_failed_unit('process-killer')) + + def reboot(self): + '''Reboot the system with the current test marker''' + subprocess.check_call(['/tmp/autopkgtest-reboot', "{}:{}".format(self._test_name, self._return_code)]) + + def install_process_killer_unit(self, process_name, kill=False): + '''Create a systemd unit which will kill process_name''' + with open(SYSTEMD_PROCESS_KILLER_PATH, 'w') as f: + f.write('''[Unit] +DefaultDependencies=no + +[Service] +Type=simple +ExecStart=/usr/bin/timeout 10 {} {} + +[Install] +WantedBy=systemd-fsck-root.service'''.format(PROCESS_KILLER_PATH, + '--signal SIGKILL {}'.format(process_name) if kill else process_name)) + subprocess.check_call(['systemctl', 'daemon-reload']) + subprocess.check_call(['systemctl', 'enable', 'process-killer'], stderr=subprocess.DEVNULL) + + +def enable_plymouth(enable=True): + '''ensure plymouth is enabled in grub config (doesn't reboot)''' + plymouth_enabled = 'splash' in open('/boot/grub/grub.cfg').read() + if enable and not plymouth_enabled: + if os.path.exists(GRUB_AUTOPKGTEST_CONFIG_PATH): + shutil.copy2(GRUB_AUTOPKGTEST_CONFIG_PATH, TEST_AUTOPKGTEST_CONFIG_PATH) + for line in fileinput.input([TEST_AUTOPKGTEST_CONFIG_PATH], inplace=True): + if line.startswith("GRUB_CMDLINE_LINUX_DEFAULT"): + print(line[:line.rfind('"')] + ' splash quiet"\n') + else: + os.makedirs(os.path.dirname(TEST_AUTOPKGTEST_CONFIG_PATH), exist_ok=True) + with open(TEST_AUTOPKGTEST_CONFIG_PATH, 'w') as f: + f.write('GRUB_CMDLINE_LINUX_DEFAULT="console=ttyS0 splash quiet"\n') + elif not enable and plymouth_enabled: + with suppress(FileNotFoundError): + os.remove(TEST_AUTOPKGTEST_CONFIG_PATH) + subprocess.check_call(['update-grub'], stderr=subprocess.DEVNULL) + + +def boot_with_systemd_distro(): + '''Reboot with systemd as init and distro setup for grub''' + enable_plymouth() + subprocess.check_call(['/tmp/autopkgtest-reboot', 'systemd-started']) + + +def getAllTests(unitTestClass): + '''get all test names in predictable sorted order from unitTestClass''' + return sorted([test[0] for test in inspect.getmembers(unitTestClass, predicate=inspect.isfunction) + if test[0].startswith('test_')]) + + +# ADT_REBOOT_MARK contains the test name to pursue after reboot +# (to check results and states after reboot, mostly). +# we append the previous global return code (0 or 1) to it. +# Example: ADT_REBOOT_MARK=test_foo:0 +if __name__ == '__main__': + if os.path.exists('/run/initramfs/fsck-root'): + print('SKIP: root file system is being checked by initramfs already') + sys.exit(0) + + all_tests = getAllTests(FsckdTest) + reboot_marker = os.getenv('ADT_REBOOT_MARK') + + current_test_after_reboot = "" + if not reboot_marker: + boot_with_systemd_distro() + + # first test + if reboot_marker == "systemd-started": + current_test = all_tests[0] + return_code = 0 + else: + (current_test_after_reboot, return_code) = reboot_marker.split(':') + current_test = current_test_after_reboot + return_code = int(return_code) + + # loop on remaining tests to run + try: + remaining_tests = all_tests[all_tests.index(current_test):] + except ValueError: + print("Invalid value for ADT_REBOOT_MARK, {} is not a valid test name".format(reboot_marker)) + sys.exit(2) + + # run all remaining tests + for test_name in remaining_tests: + after_reboot = False + # if this tests needed a reboot (and it has been performed), executes second part of it + if test_name == current_test_after_reboot: + after_reboot = True + suite = unittest.TestSuite() + suite.addTest(FsckdTest(test_name, after_reboot, return_code)) + result = unittest.TextTestRunner(stream=sys.stdout, verbosity=2).run(suite) + if len(result.failures) != 0 or len(result.errors) != 0: + return_code = 1 + + sys.exit(return_code) diff --git a/tests/timedated b/tests/timedated new file mode 100755 index 00000000..52df8cfc --- /dev/null +++ b/tests/timedated @@ -0,0 +1,136 @@ +#!/bin/sh +set -e + +. `dirname $0`/assert.sh + +ORIG_TZ=`grep -v '^#' /etc/timezone` +echo "original tz: $ORIG_TZ" + +echo 'timedatectl works' +assert_in "Local time:" "`timedatectl --no-pager`" + +echo 'change timezone' +assert_eq "`timedatectl --no-pager set-timezone Europe/Moscow 2>&1`" "" +assert_eq "`readlink /etc/localtime | sed 's#^.*zoneinfo/##'`" "Europe/Moscow" +[ -n "$TEST_UPSTREAM" ] || assert_eq "`cat /etc/timezone`" "Europe/Moscow" +assert_in "Time.*zone: Europe/Moscow (MSK, +" "`timedatectl --no-pager`" + +echo 'reset timezone to original' +assert_eq "`timedatectl --no-pager set-timezone $ORIG_TZ 2>&1`" "" +assert_eq "`readlink /etc/localtime | sed 's#^.*zoneinfo/##'`" "$ORIG_TZ" +[ -n "$TEST_UPSTREAM" ] || assert_eq "`cat /etc/timezone`" "$ORIG_TZ" + +# test setting UTC vs. LOCAL in /etc/adjtime +if [ -e /etc/adjtime ]; then + ORIG_ADJTIME=`cat /etc/adjtime` + trap "echo '$ORIG_ADJTIME' > /etc/adjtime" EXIT INT QUIT PIPE +else + trap "rm -f /etc/adjtime" EXIT INT QUIT PIPE +fi + +echo 'no adjtime file' +rm -f /etc/adjtime +timedatectl set-local-rtc 0 +assert_true '[ ! -e /etc/adjtime ]' +timedatectl set-local-rtc 1 +assert_eq "`cat /etc/adjtime`" "0.0 0 0 +0 +LOCAL" +timedatectl set-local-rtc 0 +assert_true '[ ! -e /etc/adjtime ]' + +echo 'UTC set in adjtime file' +printf '0.0 0 0\n0\nUTC\n' > /etc/adjtime +timedatectl set-local-rtc 0 +assert_eq "`cat /etc/adjtime`" "0.0 0 0 +0 +UTC" +timedatectl set-local-rtc 1 +assert_eq "`cat /etc/adjtime`" "0.0 0 0 +0 +LOCAL" + +echo 'non-zero values in adjtime file' +printf '0.1 123 0\n0\nLOCAL\n' > /etc/adjtime +timedatectl set-local-rtc 0 +assert_eq "`cat /etc/adjtime`" "0.1 123 0 +0 +UTC" +timedatectl set-local-rtc 1 +assert_eq "`cat /etc/adjtime`" "0.1 123 0 +0 +LOCAL" + +echo 'fourth line adjtime file' +printf '0.0 0 0\n0\nLOCAL\nsomethingelse\n' > /etc/adjtime +timedatectl set-local-rtc 0 +assert_eq "`cat /etc/adjtime`" "0.0 0 0 +0 +UTC +somethingelse" +timedatectl set-local-rtc 1 +assert_eq "`cat /etc/adjtime`" "0.0 0 0 +0 +LOCAL +somethingelse" + +echo 'no final newline in adjtime file' +printf '0.0 0 0\n0\nUTC' > /etc/adjtime +timedatectl set-local-rtc 0 +assert_true '[ ! -e /etc/adjtime ]' +printf '0.0 0 0\n0\nUTC' > /etc/adjtime +timedatectl set-local-rtc 1 +assert_eq "`cat /etc/adjtime`" "0.0 0 0 +0 +LOCAL" + +echo 'only one line in adjtime file' +printf '0.0 0 0\n' > /etc/adjtime +timedatectl set-local-rtc 0 +assert_true '[ ! -e /etc/adjtime ]' +printf '0.0 0 0\n' > /etc/adjtime +timedatectl set-local-rtc 1 +assert_eq "`cat /etc/adjtime`" "0.0 0 0 +0 +LOCAL" + +echo 'only one line in adjtime file, no final newline' +printf '0.0 0 0' > /etc/adjtime +timedatectl set-local-rtc 0 +assert_true '[ ! -e /etc/adjtime ]' +printf '0.0 0 0' > /etc/adjtime +timedatectl set-local-rtc 1 +assert_eq "`cat /etc/adjtime`" "0.0 0 0 +0 +LOCAL" + +echo 'only two lines in adjtime file' +printf '0.0 0 0\n0\n' > /etc/adjtime +timedatectl set-local-rtc 0 +assert_true '[ ! -e /etc/adjtime ]' +printf '0.0 0 0\n0\n' > /etc/adjtime +timedatectl set-local-rtc 1 +assert_eq "`cat /etc/adjtime`" "0.0 0 0 +0 +LOCAL" + + +echo 'only two lines in adjtime file, no final newline' +printf '0.0 0 0\n0' > /etc/adjtime +timedatectl set-local-rtc 0 +assert_true '[ ! -e /etc/adjtime ]' +printf '0.0 0 0\n0' > /etc/adjtime +timedatectl set-local-rtc 1 +assert_eq "`cat /etc/adjtime`" "0.0 0 0 +0 +LOCAL" + +echo 'unknown value in 3rd line of adjtime file' +printf '0.0 0 0\n0\nFOO\n' > /etc/adjtime +timedatectl set-local-rtc 0 +assert_true '[ ! -e /etc/adjtime ]' +printf '0.0 0 0\n0\nFOO\n' > /etc/adjtime +timedatectl set-local-rtc 1 +assert_eq "`cat /etc/adjtime`" "0.0 0 0 +0 +LOCAL" diff --git a/tests/udev b/tests/udev new file mode 100755 index 00000000..9ef53849 --- /dev/null +++ b/tests/udev @@ -0,0 +1,13 @@ +#!/bin/sh +# autopkgtest check: Run upstream udev test script +# (C) 2016 Canonical Ltd. +# Author: Martin Pitt +set -euC + +TEST_DIR=${ADTTMP:=$(mktemp -d)} +mkdir -p $TEST_DIR/test +test/sys-script.py $TEST_DIR/test +cp test/udev-test.pl $TEST_DIR +cp /usr/lib/systemd/tests/manual/test-udev $TEST_DIR +cd $TEST_DIR +./udev-test.pl diff --git a/tests/unit-config b/tests/unit-config new file mode 100755 index 00000000..1cfa4d43 --- /dev/null +++ b/tests/unit-config @@ -0,0 +1,369 @@ +#!/usr/bin/python3 +# autopkgtest check: enable/disable/configure units +# (C) 2015 Canonical Ltd. +# Author: Martin Pitt + +import unittest +import subprocess +import os +import sys +import tempfile +from glob import glob + +system_unit_dir = subprocess.check_output( + ['pkg-config', '--variable=systemdsystemunitdir', 'systemd'], + universal_newlines=True).strip() +systemd_sysv_install = os.path.join(os.path.dirname(system_unit_dir), + 'systemd-sysv-install') + + +class EnableTests(unittest.TestCase): + def tearDown(self): + # remove all traces from our test unit + f = glob(system_unit_dir + '/test_enable*.service') + f += glob(system_unit_dir + '/*/test_enable*.service') + f += glob('/etc/systemd/system/test_enable*.service') + f += glob('/etc/systemd/system/*/test_enable*.service') + f += glob('/etc/init.d/test_enable*') + f += glob('/etc/rc?.d/???test_enable*') + [os.unlink(i) for i in f] + subprocess.check_call(['systemctl', 'daemon-reload']) + + def create_unit(self, suffix='', enable=False): + '''Create a test unit''' + + unit = os.path.join(system_unit_dir, + 'test_enable%s.service' % suffix) + with open(unit, 'w') as f: + f.write('''[Unit] +Description=Testsuite unit %s +[Service] +ExecStart=/bin/echo hello +[Install] +WantedBy=multi-user.target +''' % suffix) + + if enable: + os.symlink(unit, '/etc/systemd/system/multi-user.target.wants/' + + os.path.basename(unit)) + + return unit + + def create_sysv(self, suffix='', enable=False): + '''Create a test SysV script''' + + script = '/etc/init.d/test_enable%s' % suffix + with open(script, 'w') as f: + f.write('''/bin/sh +### BEGIN INIT INFO +# Provides: test_enable%s +# Required-Start: $remote_fs $syslog +# Required-Stop: $remote_fs $syslog +# Default-Start: 2 3 4 5 +# Default-Stop: 0 1 6 +# Short-Description: Testsuite script%s +### END INIT INFO + +echo hello +''' % (suffix, suffix)) + os.chmod(script, 0o755) + + if enable: + subprocess.check_call( + [systemd_sysv_install, 'enable', os.path.basename(script)]) + + def assertEnabled(self, enabled, unit='test_enable.service'): + '''assert that given unit has expected state''' + + systemctl = subprocess.Popen(['systemctl', 'is-enabled', unit], + stdout=subprocess.PIPE, + universal_newlines=True) + out = systemctl.communicate()[0].strip() + if enabled: + self.assertEqual(systemctl.returncode, 0) + self.assertEqual(out, 'enabled') + else: + self.assertEqual(systemctl.returncode, 1) + self.assertEqual(out, 'disabled') + + def test_unit_enable(self): + '''no sysv: enable unit''' + + self.create_unit() + self.assertEnabled(False) + # also works without .service suffix + self.assertEnabled(False, unit='test_enable') + + subprocess.check_call(['systemctl', 'enable', 'test_enable']) + + self.assertEnabled(True) + # also works without .service suffix + self.assertEnabled(True, unit='test_enable') + + l = '/etc/systemd/system/multi-user.target.wants/test_enable.service' + self.assertTrue(os.path.islink(l)) + self.assertEqual(os.readlink(l), + system_unit_dir + '/test_enable.service') + + # enable should be idempotent + subprocess.check_call(['systemctl', 'enable', 'test_enable.service']) + self.assertEnabled(True) + + def test_unit_disable(self): + '''no sysv: disable unit''' + + self.create_unit(enable=True) + self.assertEnabled(True) + # also works without .service suffix + self.assertEnabled(True, unit='test_enable') + + subprocess.check_call(['systemctl', 'disable', 'test_enable']) + + self.assertEnabled(False) + # also works without .service suffix + self.assertEnabled(False, unit='test_enable') + + l = '/etc/systemd/system/multi-user.target.wants/test_enable.service' + self.assertFalse(os.path.islink(l)) + + # disable should be idempotent + subprocess.check_call(['systemctl', 'disable', 'test_enable.service']) + self.assertEnabled(False) + + def test_unit_sysv_enable(self): + '''with sysv: enable unit''' + + self.create_unit() + self.create_sysv() + self.assertEnabled(False) + # also works without .service suffix + self.assertEnabled(False, unit='test_enable') + + subprocess.check_call(['systemctl', 'enable', 'test_enable']) + + self.assertEnabled(True) + # also works without .service suffix + self.assertEnabled(True, unit='test_enable') + + l = '/etc/systemd/system/multi-user.target.wants/test_enable.service' + self.assertTrue(os.path.islink(l)) + self.assertEqual(os.readlink(l), + system_unit_dir + '/test_enable.service') + + # enabled the sysv script + l = glob('/etc/rc2.d/S??test_enable') + self.assertEqual(len(l), 1, 'expect one symlink in %s' % repr(l)) + self.assertEqual(os.readlink(l[0]), '../init.d/test_enable') + + # enable should be idempotent + subprocess.check_call(['systemctl', 'enable', 'test_enable.service']) + self.assertEnabled(True) + + def test_unit_sysv_disable(self): + '''with sysv: disable unit''' + + self.create_unit(enable=True) + self.create_sysv(enable=True) + self.assertEnabled(True) + # also works without .service suffix + self.assertEnabled(True, unit='test_enable') + + subprocess.check_call(['systemctl', 'disable', 'test_enable']) + + self.assertEnabled(False) + # also works without .service suffix + self.assertEnabled(False, unit='test_enable') + + l = '/etc/systemd/system/multi-user.target.wants/test_enable.service' + self.assertFalse(os.path.islink(l)) + + # disabled the sysv script + l = glob('/etc/rc2.d/S??test_enable') + self.assertEqual(l, []) + + # disable should be idempotent + subprocess.check_call(['systemctl', 'enable', 'test_enable.service']) + self.assertEnabled(True) + + def test_unit_alias_enable(self): + '''no sysv: enable unit with an alias''' + + u = self.create_unit() + with open(u, 'a') as f: + f.write('Alias=test_enablea.service\n') + + self.assertEnabled(False) + + subprocess.check_call(['systemctl', 'enable', 'test_enable']) + + self.assertEnabled(True) + + # enablement symlink + l = '/etc/systemd/system/multi-user.target.wants/test_enable.service' + self.assertTrue(os.path.islink(l)) + self.assertEqual(os.readlink(l), + system_unit_dir + '/test_enable.service') + + # alias symlink + l = '/etc/systemd/system/test_enablea.service' + self.assertTrue(os.path.islink(l)) + self.assertEqual(os.readlink(l), + system_unit_dir + '/test_enable.service') + + def test_unit_alias_disable(self): + '''no sysv: disable unit with an alias''' + + u = self.create_unit() + with open(u, 'a') as f: + f.write('Alias=test_enablea.service\n') + os.symlink(system_unit_dir + '/test_enable.service', + '/etc/systemd/system/test_enablea.service') + + subprocess.check_call(['systemctl', 'disable', 'test_enable']) + + self.assertEnabled(False) + + # enablement symlink + l = '/etc/systemd/system/multi-user.target.wants/test_enable.service' + self.assertFalse(os.path.islink(l)) + + # alias symlink + l = '/etc/systemd/system/test_enablea.service' + self.assertFalse(os.path.islink(l)) + + def test_unit_sysv_alias_enable(self): + '''with sysv: enable unit with an alias''' + + u = self.create_unit() + with open(u, 'a') as f: + f.write('Alias=test_enablea.service\n') + self.create_sysv() + + self.assertEnabled(False) + + subprocess.check_call(['systemctl', 'enable', 'test_enable']) + + # enablement symlink + l = '/etc/systemd/system/multi-user.target.wants/test_enable.service' + self.assertTrue(os.path.islink(l)) + self.assertEqual(os.readlink(l), + system_unit_dir + '/test_enable.service') + + # alias symlink + l = '/etc/systemd/system/test_enablea.service' + self.assertTrue(os.path.islink(l)) + self.assertEqual(os.readlink(l), + system_unit_dir + '/test_enable.service') + + # enabled the sysv script + l = glob('/etc/rc2.d/S??test_enable') + self.assertEqual(len(l), 1, 'expect one symlink in %s' % repr(l)) + self.assertEqual(os.readlink(l[0]), '../init.d/test_enable') + + self.assertEnabled(True) + + def test_unit_sysv_alias_disable(self): + '''with sysv: disable unit with an alias''' + + u = self.create_unit(enable=True) + with open(u, 'a') as f: + f.write('Alias=test_enablea.service\n') + os.symlink(system_unit_dir + '/test_enable.service', + '/etc/systemd/system/test_enablea.service') + self.create_sysv(enable=True) + + subprocess.check_call(['systemctl', 'disable', 'test_enable']) + + # enablement symlink + l = '/etc/systemd/system/multi-user.target.wants/test_enable.service' + self.assertFalse(os.path.islink(l)) + + # alias symlink + l = '/etc/systemd/system/test_enablea.service' + self.assertFalse(os.path.islink(l)) + + # disabled the sysv script + l = glob('/etc/rc2.d/S??test_enable') + self.assertEqual(l, []) + + self.assertEnabled(False) + + def test_sysv_enable(self): + '''only sysv: enable''' + + self.create_sysv() + subprocess.check_call(['systemctl', 'enable', 'test_enable']) + + # enabled the sysv script + l = glob('/etc/rc2.d/S??test_enable') + self.assertEqual(len(l), 1, 'expect one symlink in %s' % repr(l)) + self.assertEqual(os.readlink(l[0]), '../init.d/test_enable') + + # enable should be idempotent + subprocess.check_call(['systemctl', 'enable', 'test_enable']) + self.assertEnabled(True) + + def test_sysv_disable(self): + '''only sysv: disable''' + + self.create_sysv(enable=True) + subprocess.check_call(['systemctl', 'disable', 'test_enable']) + + # disabled the sysv script + l = glob('/etc/rc2.d/S??test_enable') + self.assertEqual(l, []) + + # disable should be idempotent + subprocess.check_call(['systemctl', 'disable', 'test_enable']) + self.assertEnabled(False) + + def test_unit_link(self): + '''systemctl link''' + + with tempfile.NamedTemporaryFile(suffix='.service') as f: + f.write(b'[Unit]\n') + f.flush() + subprocess.check_call(['systemctl', 'link', f.name]) + + unit = os.path.basename(f.name) + l = os.path.join('/etc/systemd/system', unit) + self.assertEqual(os.readlink(l), f.name) + + # disable it again + subprocess.check_call(['systemctl', 'disable', unit]) + # this should also remove the unit symlink + self.assertFalse(os.path.islink(l)) + + def test_unit_enable_full_path(self): + '''systemctl enable a unit in a non-default path''' + + with tempfile.NamedTemporaryFile(suffix='.service') as f: + f.write(b'''[Unit] +Description=test +[Service] +ExecStart=/bin/true +[Install] +WantedBy=multi-user.target''') + f.flush() + unit = os.path.basename(f.name) + + # now enable it + subprocess.check_call(['systemctl', 'enable', f.name]) + self.assertEnabled(True, unit=unit) + l = os.path.join('/etc/systemd/system', unit) + self.assertEqual(os.readlink(l), f.name) + enable_l = '/etc/systemd/system/multi-user.target.wants/' + unit + self.assertEqual(os.readlink(enable_l), f.name) + + # disable it again + subprocess.check_call(['systemctl', 'disable', unit]) + # self.assertEnabled(False) does not work as now systemd does not + # know about the unit at all any more + self.assertFalse(os.path.islink(enable_l)) + # this should also remove the unit symlink + self.assertFalse(os.path.islink(l)) + + +if __name__ == '__main__': + unittest.main(testRunner=unittest.TextTestRunner(stream=sys.stdout, + verbosity=2)) diff --git a/tests/upstream b/tests/upstream new file mode 100755 index 00000000..20966566 --- /dev/null +++ b/tests/upstream @@ -0,0 +1,44 @@ +#!/bin/sh +# run upstream system integration tests +# Author: Martin Pitt +set -e + +# even after installing policycoreutils this fails with +# "Failed to install /usr/libexec/selinux/hll/pp" +BLACKLIST="TEST-06-SELINUX" + +# quiesce Makefile.guess; not really relevant as systemd/nspawn run from +# installed packages +export BUILD_DIR=. + +# modify the image build scripts to install systemd from the debs instead of +# from a "make/ninja install" as we don't have a built tree here. Also call +# systemd-nspawn from the system. +sed -i '/DESTDIR.* install/ s%^.*$% for p in `grep ^Package: '`pwd`'/debian/control | cut -f2 -d\\ |grep -Ev -- "-(udeb|dev)"`; do (cd /tmp; apt-get download $p \&\& dpkg-deb --fsys-tarfile ${p}[._]*deb | tar -C $initdir --dereference -x); done%; s_[^" ]*/systemd-nspawn_systemd-nspawn_g; s/\(_ninja_bin=\).*/\1dummy-ninja/' test/test-functions + +# adjust path +sed -i 's_/usr/libexec/selinux/hll/pp_/usr/lib/selinux/hll/pp_' test/TEST-06-SELINUX/test.sh + +FAILED="" + +for t in test/TEST*; do + echo "$BLACKLIST" | grep -q "$(basename $t)" && continue + echo "========== `basename $t` ==========" + rm -rf /var/tmp/systemd-test.* + if ! make -C $t clean setup run; then + for j in /var/tmp/systemd-test.*/journal/*; do + [ -e "$j" ] || continue + # keep the entire journal in artifacts, in case one needs the debug messages + cp -r "$j" "$AUTOPKGTEST_ARTIFACTS/$(basename $t)-$(basename $j)" + echo "---- $j ----" + journalctl --priority=warning --directory=$j + done + FAILED="$FAILED $t" + fi + echo +done + +if [ -n "$FAILED" ]; then + echo FAILED TESTS: "$FAILED" + exit 1 +fi diff --git a/udev-udeb.dirs b/udev-udeb.dirs new file mode 100644 index 00000000..eeba23d8 --- /dev/null +++ b/udev-udeb.dirs @@ -0,0 +1 @@ +/etc/udev/rules.d/ diff --git a/udev-udeb.install b/udev-udeb.install new file mode 100644 index 00000000..0e9ff407 --- /dev/null +++ b/udev-udeb.install @@ -0,0 +1,20 @@ +lib/systemd/network/99-default.link +lib/systemd/systemd-udevd +bin/udevadm +lib/udev/ata_id +lib/udev/scsi_id +lib/udev/cdrom_id +lib/udev/rules.d/50-udev-default.rules +lib/udev/rules.d/60-cdrom_id.rules +lib/udev/rules.d/60-input-id.rules +lib/udev/rules.d/60-persistent-input.rules +lib/udev/rules.d/60-persistent-storage.rules +lib/udev/rules.d/64-btrfs.rules +lib/udev/rules.d/75-net-description.rules +lib/udev/rules.d/75-probe_mtd.rules +lib/udev/rules.d/80-drivers.rules +lib/udev/rules.d/80-net-setup-link.rules +../../extra/rules/50-firmware.rules lib/udev/rules.d/ +../../extra/rules/73-special-net-names.rules lib/udev/rules.d/ +../../extra/rules/73-usb-net-by-mac.rules lib/udev/rules.d/ +../../extra/start-udev lib/debian-installer/ diff --git a/udev.NEWS b/udev.NEWS new file mode 100644 index 00000000..abca3dde --- /dev/null +++ b/udev.NEWS @@ -0,0 +1,15 @@ +systemd (220-7) unstable; urgency=medium + + The mechanism for providing stable network interface names changed. + Previously they were kept in /etc/udev/rules.d/70-persistent-net.rules + which mapped device MAC addresses to the (arbitrary) name they got when + they first appeared (i. e. mostly at the time of installation). As this + had several problems and is not supported any more, this is deprecated in + favor of the "net.ifnames" mechanism. With this most of your network + interfaces will get location-based names. If you have ifupdown, firewall, + or other configuration that relies on the old names, you need to update + these by Debian 10/Ubuntu 18.04 LTS, and then remove + /etc/udev/rules.d/70-persistent-net.rules. Please see + /usr/share/doc/udev/README.Debian.gz for details about this. + + -- Martin Pitt Mon, 15 Jun 2015 15:30:29 +0200 diff --git a/udev.README.Debian b/udev.README.Debian new file mode 100644 index 00000000..b008fe19 --- /dev/null +++ b/udev.README.Debian @@ -0,0 +1,149 @@ +This documents udev integration Debian specifics. Please see man udev(7) and +its referenced manpages for general documentation. + +Network interface naming +~~~~~~~~~~~~~~~~~~~~~~~~ +Since version 197 udev has a builtin persistent name generator which checks +firmware/BIOS provided index numbers or slot names (similar to biosdevname), +falls back to slot names (PCI numbers, etc., in the spirit of +/dev/disks/by-path/), and then optionally falls back to MAC address, and +generates names based on these properties. This provides "location oriented" +names for PCI cards such as "enp0s1" for ethernet, or wlp1s0" for a WIFI card +so that replacing a broken network card does not change the name (as long +as the new card is fitted into the bus in the old card's slot.) As location +based naming does not work well for USB devices, these use a MAC based naming +schema (see /lib/udev/rules.d/73-usb-net-by-mac.rules). + +This has been enabled by default since udev 220-7, which affects new +installations/hardware. Existing installations/hardware which already got +covered by the old 75-persistent-net-generator.rules may keep their existing +interface names until the release of Debian 10 / Ubuntu 18.04 LTS; see +below. + +You can disable these stable names and go back to the kernel-provided ones +(which don't have a stable order) in one of two ways: + + - Put "net.ifnames=0" into the kernel command line (e. g. in + /etc/default/grub's GRUB_CMDLINE_LINUX_DEFAULT, then run "update-grub"). + + - Disable the default *.link rules with + "ln -s /dev/null /etc/systemd/network/99-default.link" + and rebuild the initrd with "update-initramfs -u". + +See this page for more information: +http://www.freedesktop.org/wiki/Software/systemd/PredictableNetworkInterfaceNames/ + +Legacy persistent network interface naming +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +Debian releases up to 8 ("Jessie") and Ubuntu up to 15.04 had an udev rule +/lib/udev/rules.d/75-persistent-net-generator.rules which fixed the name of a +network interface that it got when its MAC address first appeared in a +dynamically created /etc/udev/rules.d/70-persistent-net.rules file. + +This had inherent race conditions (which sometimes caused collisions and +interface names like "rename1"), required having to write state into /etc +(which isn't possible for read-only root), and did not work in virtualized +environments. + +This old schema is deprecated in Debian 9 ("Stretch"), and will not +be supported any more in Debian 10. + +Migration to the current network interface naming scheme +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +Interface names must be be manually migrated to the new naming scheme before +upgrading to Debian 10 / Ubuntu 18.04 LTS. If you rely on the old names in +custom ifupdown stanzas, firewall scripts, or other networking configuration, +these will eventually need to be updated to the new names. + +WARNING: This process may render your machine inaccessible through ssh. Be sure +to have physical or serial console access to the machine or a way to revert to +your existing configuration. + +First, determine all relevant network interface names: those in +/etc/udev/rules.d/70-persistent-net.rules, or if that does not exist (in +the case of virtual machines), in "ip link" or /sys/class/net/. + +Then for every interface name use a command like + + grep -r eth0 /etc + +to find out where it is being used. + +Then on "real hardware" machines, rename the file to +70-persistent-net.rules.old; alternately, if you have multiple interfaces, +instead of renaming you may wish to comment out specific lines to convert a +single interface at a time. + +On VMs remove the files /etc/systemd/network/99-default.link and +/etc/systemd/network/50-virtio-kernel-names.link (the latter only exists on VMs +that use virtio network devices). + +Rebuild the initrd with + + update-initramfs -u + +and reboot. Then your system should have a new network interface name (or +names). Adjust configuration files as discovered with the grep above, and test +your system. + +Repeat for each network interface name, as necessary. + +Custom net interface naming +~~~~~~~~~~~~~~~~~~~~~~~~~~~ +In some cases it is convenient to define your own specific names for network +interfaces. These can be customized in two different ways: + + * You can create your own names via *.link files (see systemd.link(5)) based + on hardware properties. For example, /etc/systemd/network/10-dmz.link: + + ------------ snip ------------ + [Match] + MACAddress=11:22:aa:bb:cc:33 + + [Link] + Name=eth-dmz + ------------ snip ------------ + + * If you need attributes that link files don't expose, or you need more + powerful pattern matching, you can create udev rules (see udev(7)) + like /etc/udev/rules.d/76-netnames.rules: + + ------------ snip ------------ + # identify by vendor/model ID + SUBSYSTEM=="net", ACTION=="add", ENV{ID_VENDOR_ID}=="0x8086", \ + ENV{ID_MODEL_ID}=="0x1502", NAME="eth-intel-gb" + + # USB device by path + # get ID_PATH if not present yet + ENV{ID_PATH}=="", IMPORT{builtin}="path_id" + SUBSYSTEM=="net", ACTION=="add", ENV{ID_PATH}=="*-usb-0:3:1*", NAME="eth-blue-hub" + ------------ snip ---------- + + The name of the rules file needs to have a prefix smaller than "80" so that + it runs before /lib/udev/rules.d/80-net-setup-link.rules, and should have a + prefix bigger than "75" so that it runs after 75-net-description.rules and + thus you can use matches on ID_VENDOR and similar properties. + + * Unless you disabled net.ifnames, you can change the policy + (kernel/bios/path/MAC based naming) in an /etc/systemd/network/*.link file, + for individual devices or entire device classes. See man systemd.link(5) for + details about this. /lib/systemd/network/99-default.link is the default + policy. Note that /lib/udev/rules.d/73-usb-net-by-mac.rules uses MAC based + names for USB devices. + +Any of the above changes require an initrd update with "update-initramfs -u" to +get effective. + +Using udev with LDAP or NIS +~~~~~~~~~~~~~~~~~~~~~~~~~~~ +If the rules files reference usernames or groups not present in the +/etc/{passwd,group} files and the system is configured to use a +network-based database like LDAP or NIS then udev may fail at boot time +because users and groups are looked up well before the network has been +initialized. +A possible solution is to configure /etc/nsswitch.conf like this: + + passwd: files ldap [UNAVAIL=return] + group: files ldap [UNAVAIL=return] + +The nsswitch.conf syntax is documented in the glibc manual. diff --git a/udev.bug-control b/udev.bug-control new file mode 100644 index 00000000..3134261d --- /dev/null +++ b/udev.bug-control @@ -0,0 +1 @@ +package-status: systemd diff --git a/udev.bug-script b/udev.bug-script new file mode 100644 index 00000000..97f56f15 --- /dev/null +++ b/udev.bug-script @@ -0,0 +1,14 @@ +#!/bin/sh + +# We don’t clean up this directory because there is no way to know when +# reportbug finished running, and reportbug needs the files around. +# Given that those are just a couple of kilobytes in size and people +# generally don’t file a lot of bugs, I don’t think it’s a big deal. +DIR=$(mktemp -d) + +echo "-- BEGIN ATTACHMENTS --" >&3 + +udevadm info --export-db >$DIR/udev-database.txt +echo "$DIR/udev-database.txt" >&3 + +echo "-- END ATTACHMENTS --" >&3 diff --git a/udev.init b/udev.init new file mode 100644 index 00000000..9c394bbb --- /dev/null +++ b/udev.init @@ -0,0 +1,248 @@ +#!/bin/sh -e +### BEGIN INIT INFO +# Provides: udev +# Required-Start: mountkernfs +# Required-Stop: umountroot +# Default-Start: S +# Default-Stop: 0 6 +# Short-Description: Start systemd-udevd, populate /dev and load drivers. +### END INIT INFO + +PATH="/sbin:/bin" +NAME="systemd-udevd" +DAEMON="/lib/systemd/systemd-udevd" +DESC="hotplug events dispatcher" +PIDFILE="/run/udev.pid" +CTRLFILE="/run/udev/control" +OMITDIR="/run/sendsigs.omit.d" + +# we need to unmount /dev/pts/ and remount it later over the devtmpfs +unmount_devpts() { + if mountpoint -q /dev/pts/; then + umount -n -l /dev/pts/ + fi + + if mountpoint -q /dev/shm/; then + umount -n -l /dev/shm/ + fi +} + +# mount a devtmpfs over /dev, if somebody did not already do it +mount_devtmpfs() { + if grep -E -q "^[^[:space:]]+ /dev devtmpfs" /proc/mounts; then + mount -n -o remount,nosuid,size=$tmpfs_size,mode=0755 -t devtmpfs devtmpfs /dev + return + fi + + if ! mount -n -o nosuid,size=$tmpfs_size,mode=0755 -t devtmpfs devtmpfs /dev; then + log_failure_msg "udev requires devtmpfs support, not started" + log_end_msg 1 + fi + + return 0 +} + +create_dev_makedev() { + if [ -e /sbin/MAKEDEV ]; then + ln -sf /sbin/MAKEDEV /dev/MAKEDEV + else + ln -sf /bin/true /dev/MAKEDEV + fi +} + +# shell version of /usr/bin/tty +my_tty() { + [ -x /bin/readlink ] || return 0 + [ -e /proc/self/fd/0 ] || return 0 + readlink --silent /proc/self/fd/0 || true +} + +warn_if_interactive() { + if [ "$RUNLEVEL" = "S" -a "$PREVLEVEL" = "N" ]; then + return + fi + + TTY=$(my_tty) + if [ -z "$TTY" -o "$TTY" = "/dev/console" -o "$TTY" = "/dev/null" ]; then + return + fi + + printf "\n\n\nIt has been detected that the command\n\n\t$0 $*\n\n" + printf "has been run from an interactive shell.\n" + printf "It will probably not do what you expect, so this script will wait\n" + printf "60 seconds before continuing. Press ^C to stop it.\n" + printf "RUNNING THIS COMMAND IS HIGHLY DISCOURAGED!\n\n\n\n" + sleep 60 +} + +make_static_nodes() { + [ -e /lib/modules/$(uname -r)/modules.devname ] || return 0 + [ -x /bin/kmod ] || return 0 + + /bin/kmod static-nodes --format=tmpfiles --output=/proc/self/fd/1 | \ + while read type name mode uid gid age arg; do + [ -e $name ] && continue + case "$type" in + c|b|c!|b!) mknod -m $mode $name $type $(echo $arg | sed 's/:/ /') ;; + d|d!) mkdir $name ;; + *) echo "unparseable line ($type $name $mode $uid $gid $age $arg)" >&2 ;; + esac + + if [ -x /sbin/restorecon ]; then + /sbin/restorecon $name + fi + done +} + + +############################################################################## + + +[ -x $DAEMON ] || exit 0 + +# defaults +tmpfs_size="10M" + +if [ -e /etc/udev/udev.conf ]; then + . /etc/udev/udev.conf +fi + +. /lib/lsb/init-functions + +if [ ! -e /proc/filesystems ]; then + log_failure_msg "udev requires a mounted procfs, not started" + log_end_msg 1 +fi + +if ! grep -q '[[:space:]]devtmpfs$' /proc/filesystems; then + log_failure_msg "udev requires devtmpfs support, not started" + log_end_msg 1 +fi + +if [ ! -d /sys/class/ ]; then + log_failure_msg "udev requires a mounted sysfs, not started" + log_end_msg 1 +fi + +if ! ps --no-headers --format args ax | egrep -q '^\['; then + log_warning_msg "udev does not support containers, not started" + exit 0 +fi + +if [ -d /sys/class/mem/null -a ! -L /sys/class/mem/null ] || \ + [ -e /sys/block -a ! -e /sys/class/block ]; then + log_warning_msg "CONFIG_SYSFS_DEPRECATED must not be selected" + log_warning_msg "Booting will continue in 30 seconds but many things will be broken" + sleep 30 +fi + +# When modifying this script, do not forget that between the time that the +# new /dev has been mounted and udevadm trigger has been run there will be +# no /dev/null. This also means that you cannot use the "&" shell command. + +case "$1" in + start) + if [ ! -e "/run/udev/" ]; then + warn_if_interactive + fi + + if [ -w /sys/kernel/uevent_helper ]; then + echo > /sys/kernel/uevent_helper + fi + + if ! mountpoint -q /dev/; then + unmount_devpts + mount_devtmpfs + [ -d /proc/1 ] || mount -n /proc + fi + + make_static_nodes + + # clean up parts of the database created by the initramfs udev + udevadm info --cleanup-db + + # set the SELinux context for devices created in the initramfs + [ -x /sbin/restorecon ] && /sbin/restorecon -R /dev + + log_daemon_msg "Starting $DESC" "$NAME" + if start-stop-daemon --start --name $NAME --user root --quiet \ + --pidfile $PIDFILE --exec $DAEMON --background --make-pidfile; then + # prevents udevd to be killed by sendsigs (see #791944) + mkdir -p $OMITDIR + ln -sf $PIDFILE $OMITDIR/$NAME + log_end_msg $? + else + log_warning_msg $? + log_warning_msg "Waiting 15 seconds and trying to continue anyway" + sleep 15 + fi + + log_action_begin_msg "Synthesizing the initial hotplug events" + if udevadm trigger --action=add; then + log_action_end_msg $? + else + log_action_end_msg $? + fi + + create_dev_makedev + + # wait for the systemd-udevd childs to finish + log_action_begin_msg "Waiting for /dev to be fully populated" + if udevadm settle; then + log_action_end_msg 0 + else + log_action_end_msg 0 'timeout' + fi + ;; + + stop) + log_daemon_msg "Stopping $DESC" "$NAME" + if start-stop-daemon --stop --name $NAME --user root --quiet \ + --pidfile $PIDFILE --remove-pidfile --oknodo --retry 5; then + # prevents cryptsetup/dmsetup hangs (see #791944) + rm -f $CTRLFILE + log_end_msg $? + else + log_end_msg $? + fi + ;; + + restart) + log_daemon_msg "Stopping $DESC" "$NAME" + if start-stop-daemon --stop --name $NAME --user root --quiet \ + --pidfile $PIDFILE --remove-pidfile --oknodo --retry 5; then + # prevents cryptsetup/dmsetup hangs (see #791944) + rm -f $CTRLFILE + log_end_msg $? + else + log_end_msg $? || true + fi + + log_daemon_msg "Starting $DESC" "$NAME" + if start-stop-daemon --start --name $NAME --user root --quiet \ + --pidfile $PIDFILE --exec $DAEMON --background --make-pidfile; then + # prevents udevd to be killed by sendsigs (see #791944) + mkdir -p $OMITDIR + ln -sf $PIDFILE $OMITDIR/$NAME + log_end_msg $? + else + log_end_msg $? + fi + ;; + + reload|force-reload) + udevadm control --reload-rules + ;; + + status) + status_of_proc $DAEMON $NAME && exit 0 || exit $? + ;; + + *) + echo "Usage: /etc/init.d/udev {start|stop|restart|reload|force-reload|status}" >&2 + exit 1 + ;; +esac + +exit 0 + diff --git a/udev.install b/udev.install new file mode 100644 index 00000000..b0ab649f --- /dev/null +++ b/udev.install @@ -0,0 +1,24 @@ +etc/udev/ +lib/udev/* +lib/systemd/network/*.link +lib/systemd/system/systemd-udev* +lib/systemd/system/systemd-hwdb* +lib/systemd/system/*.target.wants/systemd-udev* +lib/systemd/system/*.target.wants/*hwdb* +lib/systemd/systemd-udevd +bin/udevadm +bin/systemd-hwdb +usr/share/man/man5/udev.conf.5 +usr/share/man/man5/systemd.link.5 +usr/share/man/man7/hwdb.7 +usr/share/man/man7/udev.7 +usr/share/man/man8/systemd-hwdb* +usr/share/man/man8/systemd-udevd* +usr/share/man/man8/udevadm.8 +usr/share/bash-completion/completions/udevadm +usr/share/zsh/vendor-completions/_udevadm +usr/share/pkgconfig/udev.pc +../../extra/initramfs-tools usr/share/ +../../extra/rules/*.rules lib/udev/rules.d/ +#../../extra/*.hwdb lib/udev/hwdb.d/ +../../extra/fbdev-blacklist.conf lib/modprobe.d/ diff --git a/udev.links b/udev.links new file mode 100644 index 00000000..d0ac5ee4 --- /dev/null +++ b/udev.links @@ -0,0 +1,2 @@ +/lib/systemd/system/systemd-udevd.service /lib/systemd/system/udev.service +/bin/udevadm /sbin/udevadm diff --git a/udev.maintscript b/udev.maintscript new file mode 100644 index 00000000..da7cfb6f --- /dev/null +++ b/udev.maintscript @@ -0,0 +1,8 @@ +rm_conffile /etc/init.d/udev-finish 226-1~ +rm_conffile /etc/init/udev-finish.conf 226-1~ +rm_conffile /etc/init/udev-fallback-graphics.conf 226-1~ +symlink_to_dir /usr/share/doc/udev libudev1 221-2~ +rm_conffile /etc/modprobe.d/fbdev-blacklist.conf 229-6~ +rm_conffile /etc/init/udev.conf 233-1~ +rm_conffile /etc/init/udevmonitor.conf 233-1~ +rm_conffile /etc/init/udevtrigger.conf 233-1~ diff --git a/udev.postinst b/udev.postinst new file mode 100644 index 00000000..d18a8de7 --- /dev/null +++ b/udev.postinst @@ -0,0 +1,136 @@ +#!/bin/sh -e + +chrooted() { + if [ "$(stat -c %d/%i /)" = "$(stat -Lc %d/%i /proc/1/root 2>/dev/null)" ]; + then + # the devicenumber/inode pair of / is the same as that of /sbin/init's + # root, so we're *not* in a chroot and hence return false. + return 1 + fi + echo "A chroot environment has been detected, udev not started." + return 0 +} + +in_debootstrap() { + # debootstrap --second-stage may be run in an emulator instead of a chroot, + # we need to check for this special case because start-stop-daemon would + # not be available. (#520742) + if [ -d /debootstrap/ ]; then + echo "Being installed by debootstrap, udev not started." + return 0 + fi + return 1 +} + +can_start_udevd() { + if [ ! -d /sys/class/ ]; then + echo "udev requires a mounted sysfs, not started." + return 1 + fi + return 0 +} + +enable_udev() { + can_start_udevd || return 0 + invoke-rc.d udev start +} + +update_initramfs() { + [ -x /usr/sbin/update-initramfs -a -e /etc/initramfs-tools/initramfs.conf ] \ + || return 0 + update-initramfs -u +} + +upgrade_fixes() { + if dpkg --compare-versions "$2" lt "226-1"; then + update-rc.d udev-finish remove + fi + + # we enabled net.ifnames in 220-7 by default; don't change iface names in + # virtualized envs (where 75-persistent-net-generator.rules didn't work) + if dpkg --compare-versions "$2" lt-nl "220-7~" && + [ ! -e /etc/udev/rules.d/70-persistent-net.rules ] && + [ ! -e /etc/udev/rules.d/80-net-setup-link.rules ] && + [ ! -e /etc/systemd/network/99-default.link ] && + [ ! -L /etc/systemd/network/99-default.link ] && + ! grep -q net.ifnames /proc/cmdline && ! chrooted; then + mkdir -p /etc/systemd/network + cat < /etc/systemd/network/99-default.link +# This machine is most likely a virtualized guest, where the old persistent +# network interface mechanism (75-persistent-net-generator.rules) did not work. +# This file disables /lib/systemd/network/99-default.link to avoid +# changing network interface names on upgrade. Please read +# /usr/share/doc/udev/README.Debian.gz about how to migrate to the currently +# supported mechanism. +EOF + fi + + # 226 introduced predictable interface names for virtio + # (https://github.com/systemd/systemd/pull/1119); disable for upgrades + if dpkg --compare-versions "$2" lt-nl "226-2~" && + [ ! -e /etc/systemd/network/50-virtio-kernel-names.link ] && + ls -d /sys/bus/virtio/drivers/virtio_net/virt* >/dev/null 2>&1; then + echo "virtio network devices detected, disabling predictable interface names in /etc/systemd/network/50-virtio-kernel-names.link" + mkdir -p /etc/systemd/network/ + cat < /etc/systemd/network/50-virtio-kernel-names.link +# udev 226 introduced predictable interface names for virtio; +# disable this for upgrades. You can remove this file if you update your +# network configuration to move to the ens* names instead. +# See /usr/share/doc/udev/README.Debian.gz for details about predictable +# network interface names. +[Match] +Driver=virtio_net + +[Link] +NamePolicy=onboard kernel +EOF + fi + + # new Default-Stop (see #791944) + if dpkg --compare-versions "$2" lt-nl "239-8"; then + update-rc.d -f udev remove + fi +} + +update_hwdb() { + systemd-hwdb --usr update || true +} + +case "$1" in + configure) + # update/create hwdb before we (re)start udev + update_hwdb + + # Add new system group used by udev rules + addgroup --quiet --system input + + # Make /dev/kvm accessible to kvm group + addgroup --quiet --system kvm + + if [ -z "$2" ]; then # first install + if ! chrooted && ! in_debootstrap; then + enable_udev + fi + else # upgrades + upgrade_fixes "$@" + if ! chrooted; then + if can_start_udevd; then + if [ -d /run/systemd/system ] ; then + systemctl daemon-reload || true + fi + invoke-rc.d udev restart + fi + fi + fi + + update_initramfs + ;; + + triggered) + update_hwdb + exit 0 + ;; +esac + +#DEBHELPER# + diff --git a/udev.postrm b/udev.postrm new file mode 100644 index 00000000..8658f764 --- /dev/null +++ b/udev.postrm @@ -0,0 +1,12 @@ +#!/bin/sh -e + +case "$1" in + purge) + rm -f /etc/udev/rules.d/70-persistent-*.rules + rmdir --ignore-fail-on-non-empty /etc/udev/rules.d/ 2> /dev/null || true + rm -f /lib/udev/hwdb.bin + rm -f /var/log/udev + ;; +esac + +#DEBHELPER# diff --git a/udev.preinst b/udev.preinst new file mode 100644 index 00000000..b24d9da1 --- /dev/null +++ b/udev.preinst @@ -0,0 +1,81 @@ +#!/bin/sh -e + +# adapted from postinst +chrooted() { + if [ "$(stat -c %d/%i /)" = "$(stat -Lc %d/%i /proc/1/root 2>/dev/null)" ]; + then + return 1 + fi + return 0 +} + +check_kernel_features() { + # skip the check if udev is not already active + [ -d /run/udev/ ] || return 0 + + if [ -e /proc/kallsyms ]; then + + local needed_symbols='inotify_init signalfd accept4 open_by_handle_at timerfd_create epoll_create' + for symbol in $needed_symbols; do + if ! egrep -q "^[a-fA-F0-9]+ T \.?sys_${symbol}$" /proc/kallsyms; then + cat <